param tshark_path: Path of the tshark binary.param encryption_type: Standard of encryption used in captured traffic (mustīe either 'WEP', 'WPA-PWD', or 'WPA-PWK'.param decryption_key: Key used to encrypt and decrypt captured traffic.param disable_protocol: Disable detection of a protocol (tshark > version 2).param only_summaries: Only produce packet summaries, much faster but includes.param display_filter: A display (wireshark) filter to apply on the cap.Packet capture file (PCAP, PCAP-NG.) or a TShark xml. param input_file: Either a path or a file-like object containing either a.Used to conserve memory when reading large caps. param keep_packets: Whether to keep packets after reading them via next().Total Length: 684 Identification: 0x254f ( 9551)įlags: 0x00 Fragment offset: 0 Time to live: 1 Protocol: UDP ( 17) Version: 4 Header Length: 20 bytes Differentiated Services Field: 0x00 ( DSCP 0x00: Default ECN: 0x00: Not - ECT ( Not ECN - Capable Transport)) FileCapture( '/tmp/mycapture.cap')ĭestination: BLANKED Source: BLANKED Type: IP ( 0x0800) Simply run the following to install the latest from pypi
This package allows parsing from a capture file or a live capture, using all wireshark dissectors you have installed. There are quite a few python packet parsing modules, this one is different because it doesn't actually parse any packets, it simply uses tshark's (wireshark command-line utility) ability to export XMLs to use its parsing. Feel free to mail me at dorgreen1 at gmail. Any pull-requests will be reviewed and if any one is interested and is suitable, I will be happy to include them in the project. Looking for contributors - for various reasons I have a hard time finding time to maintain and enhance the package at the moment.
0 kommentar(er)
