0
ValueError:以下代碼的tcpdump頭錯誤無效。由於pcap使用dpkt進行解析時使用mergecap生成的tcpdump頭無效
import dpkt
f = open('a.pcap')
pcap = dpkt.pcap.Reader(f)
for (src, sport, dst, dport, data) in udp_iterator(pc):
if dport == 53:
dns = dpkt.dns.DNS(data)
if dns.opcode != dpkt.dns.DNS_QUERY:
print "A DNS packet was sent to the nameserver, but the opcode was %d instead of DNS_QUERY (this is a software error)" % dns.opcode
if dns.qr != dpkt.dns.DNS_Q:
print "A DNS packet was sent to the name server, but dns.qr is not 0 and should be. It is %d" % dns.qr
print "DNS Query was: ", dns.qd[0].name
print "ID is: ", dns.id
print "Hello Dns query is ", dns.qr
print "Hello Query Type is ", dns.qd[0].type , type_table[dns.qd[0].type]
print "Hello DNS Query was: ", dns.qd
幫助將不勝感激。使用mergecap產生 的PCAP,然後將其用dpkt解析但誤差下面顯示:
File "/usr/local/lib/python2.7/dist-packages/dpkt/pcap.py",
in __init__
raise ValueError('invalid tcpdump header')
ValueError: invalid tcpdump header