Slice a pcap file into pieces and process in parallel
Project description
Install
python setup.py install
Usage
The below is an example to slice a pcap file into 10 files.
slicecap -r source.pcap -n 10 -- "cat - > dest-{SLICE_ID}.pcap"
The -r or --infile option specifies input pcap file to slice. Stdin is not acceptable because slicecap will change file handle pointer using the seek() method.
The -n or --number option specifies the total number of sliced pcap files. This default value is 2.
The -g or --maxgap option specifies the maximum time difference (in seconds) used to compare packet timestamps to find the pcap pkthdr boundary. The default value is 3600.
After the -- option, you can specify a subprocess to process the sliced pcap data. In the above example, the sliced data will just redirected into files. In the subprocess definition, you can use the following keywords that are replaced dynamically when executed. Since the replacement will be done by the Python text formatting function, you can specify formatting rules using the standard Python text formatter syntax.
OFFSET: The file offset value in bytes.
SIZE: The size of the sliced pcap data.
SLICE_ID: The ID number (begins from 0) of the sliced file.
Bug Reports
Please submit bug reports or patches through the GitHub interface.
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
File details
Details for the file slicecap-0.1.1.tar.gz.
File metadata
- Download URL: slicecap-0.1.1.tar.gz
- Upload date:
- Size: 5.7 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 13a82e5e51135b4bd9ac644d7effbbf0a0056ef0a33b82a69425b4494f15fe18 |
|
| MD5 | 4c69fa75c1f57554858e1bc0f8ac5def |
|
| BLAKE2b-256 | a89d79ff48f6038fe60c251d8d6525cb40b0e82bd0438ecbba1a303c3110c50c |
