從pipcapfile中的TCP頭部獲取ByteArray

Question

我想單獨解析TCP包，而不使用PCAPLib自己的數據結構。出於這個原因，我需要獲取TCP頭的字節陣列。

from pcapfile import savefile 

capfile = open('delta_capture.pcap') 
sf = savefile.load_savefile(capfile) 

for packet in sf.packets: 
    print packet.timestamp 
    print packet.packet 
    print packet.header # Returns a library object, I need the bytearray instead, as I want to use my own data structure and parse. 

capfile.close() 

我試圖調試和inspectiong對象結構，但不能看到其中實際字節存儲在TCP報頭的任何對象。

爲變量「包」調試結果截圖：

它甚至有可能在這個圖書館這樣做呢？

Answer 1

A bytearray的頭不能直接訪問。標題中的各個字段都被解析，並且整個數據包都可用：

for packet in sf.packets: 
    print(packet.timestamp) 
    print(packet.packet) 

    # show header fields 
    print(packet.header.contents.magic)   # file magic number 
    print(packet.header.contents.major)   # major version number 
    print(packet.header.contents.minor)   # minor version number 
    print(packet.header.contents.tz_off)   # timezone offset 
    print(packet.header.contents.ts_acc)   # timestamp accuracy 
    print(packet.header.contents.snaplen)  # snapshot length 
    print(packet.header.contents.ll_type)  # link layer header type 
    print(packet.header.contents.byteorder)  # byte order specifier 
    print(packet.header.contents.ns_resolution) # nanosecond resolution 

    # show entire packet 
    print(packet.raw())