从套接字接收 Python 中提取以太网、IP 标头、TCP 和有效负载 [英] Extract Ethernet, IP header, TCP and payload from socket recv Python
问题描述
如何在 Python 中从 socket.recv 中提取提取以太网、IP 标头、TCP 和有效负载现在我可以使用 socket.recvfrom() 获取上述信息:
How can I extract Extract Ethernet, IP header, TCP and payload from socket.recv in Python Right now I can obtain information above using socket.recvfrom():
packet = s.recvfrom(NETWORK_MAX_SIZE)
packet = packet[0]
#parse ethernet header
eth_length = 14
eth_header = packet[:eth_length]
eth = unpack('!6s6sH' , eth_header)
eth_protocol = socket.ntohs(eth[2])
t = iph_length + eth_length
tcp_header = packet[t:t+20]
#now unpack them :)
tcph = unpack('!HHLLBBHHH' , tcp_header)
source_port = tcph[0]
dest_port = tcph[1]
sequence = tcph[2]
acknowledgement = tcph[3]
doff_reserved = tcph[4]
tcph_length = doff_reserved >> 4
h_size = eth_length + iph_length + tcph_length * 4
data_size = len(packet) - h_size
#get data from the packet
data = packet[h_size:]
参考:http://www.binarytides.com/python-packet-sniffer-code-linux/
当我通过碎片化的 TCP 数据包使用相同的功能并调用 socket.recv() 时,我在解包 tcpheader 时遇到错误.
When I use same function by a fragmented TCP packet and call socket.recv() I get errors when unpacking tcpheader.
谢谢
推荐答案
谢谢 我认识到 socket.recv() 返回类型 str 和 socket.recvfrom()返回一个元组类型,因此对于 socket.recv() 我省略了 packet = packet[0].我将更新代码以处理可变的 TCP 标头.
Thanks I recognized that socket.recv() returns a type str and socket.recvfrom() returns a tuple type, hence for socket.recv() I omitted packet = packet[0]. I will update code to handle TCP header to be variable.
这篇关于从套接字接收 Python 中提取以太网、IP 标头、TCP 和有效负载的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!