-
Notifications
You must be signed in to change notification settings - Fork 0
/
pyshark_livecap.py
38 lines (33 loc) · 1.32 KB
/
pyshark_livecap.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
import pyshark
import time
import trollius
import logging
logging.basicConfig()
# define interface
networkInterface = "eth0"
cap = pyshark.LiveCapture(interface=networkInterface)
cap = pyshark.LiveCapture(output_file="pyshark.pcap")
#cap = pyshark.LiveCapture(output_file="pyshark.pcap", include_raw=True, use_json=True)
#cap = pyshark.LiveCapture(interface=networkInterface, bpf_filter='tcp port 80')
print("\n\nCapturing on eth0...\n")
for packet in cap.sniff_continuously(packet_count=5):
#print(packet)
# adjusted output
try:
# get timestamp
localtime = time.asctime(time.localtime(time.time()))
# get packet content
# pdata = packet.data.data # packet data
protocol = packet.transport_layer # protocol type
src_addr = packet.ip.src # source address
src_port = packet[protocol].srcport # source port
dst_addr = packet.ip.dst # destination address
dst_port = packet[protocol].dstport # destination port
# output packet info
print ("%s IP %s:%s <-> %s:%s (%s)" % (localtime, src_addr, src_port, dst_addr, dst_port, protocol))
except AttributeError as e:
# ignore packets other than TCP, UDP and IPv4
pass
print (" ")
cap.clear()
cap.close()