如何计算每分钟的 ARP 回复数据包? [英] How to count ARP reply packet per minute?
问题描述
我正在使用 GNS3 设置本地拓扑.所以我在使用 HUB,所以场景是.网络中有5台计算机(计算机A,B,C,D,E)并且计算机 A 必须计算网络中的 ARP 回复数据包.例如计算机 A 可以检测到计算机 B 向计算机 C 发送 ARP 回复数据包 1/分钟.让我们假设计算机 A 是一台分析仪主机.
i'm setting up a local topology using GNS3. So there im using HUB, so the scenario is. There is 5 computer in network(computer A,B,C,D,E) And computer A have to count ARP reply packet in the network. for example computer A can detect computer B send ARP reply packet to computer C 1/minute. Let's assume computer A is a analyzer host.
- 计算机 B 有一个 Ip:192.168.1.2
- 计算机 C 有一个 Ip:192.168.1.3
- 计算机 D 的 Ip:192.168.1.4
- 计算机 E 有一个 Ip:192.168.1.5
我在字典phyton中使用列表代码是.
And i use list in dictionary phyton the code is.
from scapy.all import *
reply=[]
reply.append({"src": " ", "dst" :" ","count": 0}]
def count_reply(paket):
for itung in reply:
if itung['src']==paket['src'] and itung['dst']==paket['dst']:
itung['count']+=1
break
elif itung['src'] != paket['src'] and itung['dst'] != paket['dst']:
reply.append(paket)
paket['count']=1
def klasifikasi(pkt):
# arp request
if pkt[ARP].op == 2:
returnpaket = {'src':pkt[ARP].psrc,'dst':pkt[ARP].pdst}
return count_reply(returnpaket)
sniff(prn=klasifikasi, filter="arp", store=0)
print(reply)
我尝试从计算机 C 向计算机 B 发送 arp 回复泛洪.发送的 ARP 回复数据包是 7 个数据包.我预计输出是reply=[{'count':0, 'src':" ", 'dst':" "}, {'count':7, 'src':192.168.1.3, 'dst':192.168.1.2} 但实际输出是
And i tried to send arp reply flooding from computer C to Computer B. The ARP reply packet that sent is 7 packet. i expected the ouput is
reply=[{'count':0, 'src':" ", 'dst':" "}, {'count':7, 'src':192.168.1.3, 'dst':192.168.1.2} But the actual output is
我正在使用我昨天在这里询问的解决方案来跟踪代码 如何删除列表中的重复项?我该如何解决?请帮助我这是我的家庭作业.谢谢.
I am following the code by using the solution that i asked yesterday here How to remove duplicate item in List? How can i solve it? Please help me this is for my homework. Thank you.
推荐答案
结果中有多个条目的原因是,您的回复列表中已经有一个项目 ({"src": " ", "dst":" ","count": 0}),这会导致您的代码始终触发循环中的elif"部分(函数 count_reply).
The reason for the multiple entries in your result is, that you already have an item in your reply list ({"src": " ", "dst" :" ","count": 0}), which causes your code to always trigger the "elif" part in your loop (function count_reply).
在决定创建新条目或更新现有条目之前,您应该检查回复列表中的每一项.
You should check every item in your reply list before making a decision on creating a new entry or updating an existing entry.
例如:
def count_reply(paket):
if len(reply)==0:
paket['count'] = 1
reply.append(paket)
found = True
else:
found = False
for itung in reply:
if itung['src']==paket['src'] and itung['dst']==paket['dst']:
itung['count']+=1
found = True
break
if not found:
reply.append(paket)
paket['count']=1
这篇关于如何计算每分钟的 ARP 回复数据包?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
