Pure Python package for reading and parsing libpcap savefiles.
Project description
pypcapfile is a pure Python library for handling libpcap savefiles.
The core functionality is implemented in pcapfile.savefile:
>>> from pcapfile import savefile >>> sf = savefile.load_savefile('test.pcap') [+] attempting to load test.pcap [+] found valid header [+] loaded 11 packets [+] finished loading savefile. >>> print sf big-endian capture file version 2.4 snapshot length: 65535 linklayer type: LINKTYPE_ETHERNET number of packets: 11 >>>
You can a look at the packets in sf.packets: >>> pkt = sf.packets[0] >>> p.raw() <binary data snipped> >>> p.timestamp 1343676707L >>>
This is still in a pre-release state.
Future planned improvements: * Packet parsing (i.e. IP(pkt) or TCP(pkt) * improved Sphinx-based documentation
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
pypcapfile-0.4.3.tar.gz
(3.5 kB
view hashes)