Commit 0f4a61eb authored by Dimitris Aragiorgis's avatar Dimitris Aragiorgis
Browse files

Introduce a helper script to analyze tcpdumps

1) # tcpdump -i tap10 -vvv -w tcpdump.pcap to save capture in a tmp file
2) # python tcpdump.pcap to see on-liner logs
3) # python tcpdump.pcap -n 14 to see a packet's details
Signed-off-by: default avatarDimitris Aragiorgis <>
parent 06e6d9bc
#!/usr/bin/env python
from scapy.all import *
import argparse
import sys
def parse_options():
parser = argparse.ArgumentParser()
parser.add_argument("-n", dest="num",
default=None, type=int,
help="Packet number to show. Show all if not given.")
parser.add_argument("pcapfile", type=str,
help="Pcap file generated with tcpdump -w")
return parser.parse_args()
def main():
opts = parse_options()
paks = rdpcap(opts.pcapfile)
except IOError:
print "File does not exists"
return 1
print "Not a pcap file"
return 1
if opts.num is not None:
p = paks[opts.num]
return 0
except IndexError:
print "Packet number exceeds total packets captured (%d)!" % len(paks)
return 1
return 0
if __name__ == "__main__":
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment