Have a look at the blocks documentation to see what they do also, theĮxamples directory contains some example scripts using the library. How do I use it?īasic usage is as simple as: from pcapng import FileScanner with open ( '/tmp/mycapture.pcap', 'rb' ) as fp : scanner = FileScanner ( fp ) for block in scanner : pass # do something with the block.
(Maybe I’ll give a try porting the thing to Cython to speed it up, butĪnyways, pure-Python libraries are always useful, eg. and I need to get things done, and CPU time is not that expensive :)
Yes, I guess it would be much slower than something written in C, To parse the old (much simpler) format, but nothing for the new one.Īnd, they usually completely lack any form of documentation. In general, it appears there are (quite a bunch of!) Python modules I couldn’t find other nice tools nor Python bindings to a library I need to decently extract some information from a bunch of pcap-ngįiles, but apparently tcpdump has some problems reading those files, The official page on the Python Package Index is: Why this library? Install from pypi: pip install python-pcapng PyPI status If you prefer the more comfortable, page-wide, default sphinx theme,Ī documentation mirror is hosted on GitHub pages: If you prefer the RTD theme, or want documentation for any version Of dumpcap & similar tools (wireshark, winpcap, …).
Python library to parse the pcap-ng format used by newer versions
0 kommentar(er)
