在sccapy中查找.pcap文件中的udp和tcp數據包的數量

Question

大家好，我試圖找到一些方法來檢查當我用scapy嗅探.pcap文件時有多少tcp和udp數據包。如果你能向我解釋某種方式來做到這一點，我會很高興。

from scapy.all import * 
import time 

def main(): 

path = raw_input("Enter path: ") # .pcap file 
packs = rdpcap(path) 
option = 0 
while (option != 4): 

    print "Options: soon " 
    option = input("Enter your option: ") 
    i = 0 
    count = 0 
    if(option == 1): 
     print "Number of packets: " 
     pack_len = len(packs) 
     print pack_len 
     print "Sniff tome: " 
     print time.strftime("%Y-%m-%d %H:%M:%S", time.gmtime(packs[0].time)) 
     print time.strftime("%Y-%m-%d %H:%M:%S", time.gmtime(packs[pack_len-1].time)) 

    elif(option == 2): 
     pass # HERE I NEED TO CHECK HOW MANY TCP AND UDP PACKETS I HAVE 

    elif(option == 3): 
     path = raw_input("Enter new path: ") 
     packs = rdpcap(path) 

if __name__ == "__main__": 
    main() 

Answer 1

您可以使用「在」命令，例如（約亂碼對不起，這是已故這裏）：

for i in range(0, len(packs)) 
      pkt = packs[1] 
      if (TCP in pkt): 
        countTCP+= 1 
      elif (UDP in pkt): 
        countUDP+= 1 

希望我正確地理解你的問題......讓我們知道，如果有效。祝你好運！