Introduce a helper script to analyze tcpdumps

1) # tcpdump -i tap10 -vvv -w tcpdump.pcap to save capture in a tmp file 2) # python analyze_pcap.py tcpdump.pcap to see on-liner logs 3) # python analyze_pcap.py tcpdump.pcap -n 14 to see a packet's details Signed-off-by: Dimitris Aragiorgis <dimara@grnet.gr>

Introduce a helper script to analyze tcpdumps
1) # tcpdump -i tap10 -vvv -w tcpdump.pcap to save capture in a tmp file 2) # python analyze_pcap.py tcpdump.pcap to see on-liner logs 3) # python analyze_pcap.py tcpdump.pcap -n 14 to see a packet's details Signed-off-by: Dimitris Aragiorgis <dimara@grnet.gr>
0f4a61eb · Dimitris Aragiorgis · 06e6d9bc · 0f4a61eb
Commit 0f4a61eb authored Jan 17, 2014 by Dimitris Aragiorgis
Hide whitespace changes
Inline Side-by-side

Showing with 44 additions and 0 deletions

analyze_pcap.py analyze_pcap.py +44 -0

No files found.
--- a/analyze_pcap.py
+++ b/analyze_pcap.py
+#!/usr/bin/env python
+from scapy.all import *
+import argparse
+import sys
+
+def parse_options():
+    parser = argparse.ArgumentParser()
+
+    parser.add_argument("-n", dest="num",
+                        default=None, type=int,
+                        help="Packet number to show. Show all if not given.")
+
+    parser.add_argument("pcapfile", type=str,
+                        help="Pcap file generated with tcpdump -w")
+ 
+
+    return parser.parse_args()
+
+def main():
+    opts = parse_options()
+    try:
+        paks = rdpcap(opts.pcapfile)
+    except IOError:
+        print "File does not exists"
+        return 1
+    except:
+        print "Not a pcap file"
+        return 1
+
+    if opts.num is not None:
+        try:
+            p = paks[opts.num]
+            p.show()
+            return 0
+        except IndexError:
+            print "Packet number exceeds total packets captured (%d)!" % len(paks)
+            return 1
+
+    paks.show()
+    return 0
+
+
+if __name__ == "__main__":
+    sys.exit(main())