0
我使用python來枚舉dot1x交換中的信息,但我在解析以太網協議時遇到了問題。我知道以太網類型字段是兩個字節,並且dot1x使用「888e」。我已經確認「888e」正在通過Wireshark傳遞,但是我得到了下面的輸出。爲什麼顯示「36488」而不是「888e」?使用python來確定以太網頭中的dot1x協議類型
Destination MAC : 01:80:c2:00:00:03 Source MAC : c2:04:17:9c:f1:03 Protocol : 36488
Destination MAC : 01:80:c2:00:00:03 Source MAC : 08:00:27:83:5b:8b Protocol : 36488
Destination MAC : 01:80:c2:00:00:03 Source MAC : c2:04:17:9c:f1:03 Protocol : 36488
Destination MAC : 01:80:c2:00:00:03 Source MAC : 08:00:27:83:5b:8b Protocol : 36488
Destination MAC : 01:80:c2:00:00:03 Source MAC : c2:04:17:9c:f1:03 Protocol : 36488
我的代碼:
import socket, sys
from struct import *
#Convert a string of 6 characters of ethernet address into a dash separated hex string
def eth_addr (a) :
b = "%.2x:%.2x:%.2x:%.2x:%.2x:%.2x" % (ord(a[0]) , ord(a[1]) , ord(a[2]), ord(a[3]), ord(a[4]) , ord(a[5]))
return b
#create a AF_PACKET type raw socket (thats basically packet level)
#define ETH_P_ALL 0x0003 /* Every packet (be careful!!!) */
try:
s = socket.socket(socket.AF_PACKET , socket.SOCK_RAW , socket.ntohs(0x0003))
except socket.error , msg:
print 'Socket could not be created. Error Code : ' + str(msg[0]) + ' Message ' + msg[1]
sys.exit()
# receive a packet
while True:
packet = s.recvfrom(65565)
#packet string from tuple
packet = packet[0]
#parse ethernet header
eth_length = 14
eth_header = packet[:eth_length]
eth = unpack('!6s6sH' , eth_header)
eth_protocol = socket.ntohs(eth[2])
print 'Destination MAC : ' + eth_addr(packet[0:6]) + ' Source MAC : ' + eth_addr(packet[6:12]) + ' Protocol : ' + str(eth_protocol)
不敢相信我錯過了。謝謝。我用「eth_protocol = hex(eth [2])」代替行「eth_protocol = socket.ntohs(eth [2])」。 – doby
@doby很高興幫助,如果這個答案解決了您的問題,請點擊答案旁邊的複選標記將其標記爲已接受。請參閱:[如何接受答案的工作?](http://meta.stackexchange.com/questions/5234/how-does-accepting-an-answer-work) – sk11
我在我的程序中使用相同的行:s = socket.socket(socket.AF_PACKET,socket.SOCK_RAW,socket.ntohs(0x0003))並獲取錯誤.. _sock = _realsocket(family,type,proto) socket.error:[Errno 1] Operation not permitted ..我應該用什麼來代替這些參數? –