我怎么能通过使用python的特定协议过滤pcap文件? [英] How can I filter a pcap file by specific protocol using python?
问题描述
我有一些pcap文件,我想按协议过滤,即如果我想通过HTTP协议进行过滤,除了HTTP数据包以外的任何内容都将保留在pcap文件中。
有一个名为 openDPI 的工具,它是完美的我所需要的,但没有包装的Python语言。
有谁知道任何python模块,可以做我所需要的?
谢谢
编辑1:
HTTP过滤只是一个例子,我想过滤的协议有很多。
编辑2:
我试过Scapy,但我不知道如何正确过滤。该过滤器只接受Berkeley数据包过滤器表达式,即,我不能应用msn或HTTP或来自上层的另一个特定过滤器。任何人都可以帮助我吗?
也许这可以帮助 Scapy ?
I have some pcap files and I want to filter by protocol, i.e., if I want to filter by HTTP protocol, anything but HTTP packets will remain in the pcap file.
There is a tool called openDPI, and it's perfect for what I need, but there is no wrapper for python language.
Does anyone knows any python modules that can do what I need?
Thanks
Edit 1:
HTTP filtering was just an example, there is a lot of protocols that I want to filter.
Edit 2:
I tried Scapy, but I don't figure how to filter correctly. The filter only accepts Berkeley Packet Filter expression, i.e., I can't apply a msn, or HTTP, or another specific filter from upper layer. Can anyone help me?
maybe this can help Scapy?
这篇关于我怎么能通过使用python的特定协议过滤pcap文件?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!