From e67088c0ff9e26c7458a08bba114e4003d8657de Mon Sep 17 00:00:00 2001 From: Jarry Shaw Date: Thu, 4 May 2023 11:27:11 +0800 Subject: [PATCH] added pcapng samples --- .gitignore | 2 + sample/dhcp.pcapng | Bin 0 -> 1508 bytes sample/pcapng.txt | 303 ++++++++++++++++++++++++++++++++++++++++++++ test/test_pcapng.py | 2 +- 4 files changed, 306 insertions(+), 1 deletion(-) create mode 100644 sample/dhcp.pcapng create mode 100644 sample/pcapng.txt diff --git a/.gitignore b/.gitignore index e17ba7a72..92ec05dd6 100644 --- a/.gitignore +++ b/.gitignore @@ -7,6 +7,8 @@ sample/* !sample/out.plist !sample/out.txt !sample/in.pcap +!sample/dhcp.pcapng +!sample/pcapng.txt src !requirements.txt diff --git a/sample/dhcp.pcapng b/sample/dhcp.pcapng new file mode 100644 index 0000000000000000000000000000000000000000..530c64cee167ccbef4fe4f3d89f23e6dbe45040d GIT binary patch literal 1508 zcmd<$<>iuLU|{gI(UxKa(*L0VBnILuKGDx zj7_b8d=Q2h!@%9d_{WKZ!IgngXN4I9!!JScZjfq_EQ1S!GowVLJR>8>99vnCI0gXg z#}FN|0?AFm$)=2qw(N|MkTGHbdBvQCk(o^k7{E{f3R6&+R3L?|Nw=|S7?2Ob5WNf> zC2K#<28XQ&iz@>|gCGOLffWplK+MJ9%;3UkqGZg37PcTckQ%T>!!m4{7+FAR%L*8< z>>SoWlE=>&Nb(7ov4A{|2xMqjBU7O8Mo-goW}Dzk)8^nb-32lQk*4SGg{EmaWYgj7 zVHxhsNNF0B${@jwNZHuZ^tCxA_|mi+wlsbJHZ)Dc!xm)Q@D5v6T&Wq7)(NI*0H?ct A?f?J) literal 0 HcmV?d00001 diff --git a/sample/pcapng.txt b/sample/pcapng.txt new file mode 100644 index 000000000..4a10338f7 --- /dev/null +++ b/sample/pcapng.txt @@ -0,0 +1,303 @@ +Section Header 1 + |-- type + | |--> BlockType::Section_Header_Block + | [168627466] + |-- length -> 28 + |-- byteorder -> little + |-- version + | |-- type -> VersionInfo + | |-- value + | |--> 1 + | |--> 0 + |-- section_length -> 18446744073709551615 + |-- options -> NIL + +Interface Description 1 + |-- type + | |--> BlockType::Interface_Description_Block + | [1] + |-- length -> 32 + |-- linktype -> LinkType::ETHERNET [1] + |-- snaplen -> 65535 + |-- options + |-- OptionType::if_tsresol [9_if_tsresol] + | |--> -- + | |-- type + | | |-- enum -> OptionType::if_tsresol [9_if_tsresol] + | | |-- opt_name -> if_tsresol + | | |-- opt_value -> 9 + | |-- length -> 1 + | |-- resolution -> 1000000 + |-- OptionType::opt_endofopt [0_opt_endofopt] + |--> -- + |-- type + | |-- enum + | | |--> OptionType::opt_endofopt + | | [0_opt_endofopt] + | |-- opt_name -> opt_endofopt + | |-- opt_value -> 0 + |-- length -> 0 + +Frame 1 + |-- type -> BlockType::Enhanced_Packet_Block [6] + |-- length -> 348 + |-- section_number -> 1 + |-- number -> 1 + |-- interface_id -> 0 + |-- timestamp -> 2004-12-06T03:16:24.317453+08:00 + |-- timestamp_epoch -> 1102302984.317453 + |-- captured_len -> 314 + |-- original_len -> 314 + |-- options -> NIL + |-- ethernet + | |-- dst -> ff:ff:ff:ff:ff:ff + | |-- src -> 00:0b:82:01:fc:42 + | |-- type + | | |--> EtherType::Internet_Protocol_version_4 + | | [2048] + | |-- ipv4 + | |-- version -> 4 + | |-- hdr_len -> 20 + | |-- tos + | | |-- pre -> ToSPrecedence::Routine [0] + | | |-- del -> ToSDelay::NORMAL [0] + | | |-- thr -> ToSThroughput::NORMAL [0] + | | |-- rel -> ToSReliability::NORMAL [0] + | | |-- ecn -> ToSECN::Not_ECT [0] + | |-- len -> 300 + | |-- id -> 43062 + | |-- flags + | | |-- df -> False + | | |-- mf -> False + | |-- offset -> 0 + | |-- ttl -> 250.0 + | |-- protocol -> TransType::UDP [17] + | |-- checksum -> 17 8b + | |-- src -> 0.0.0.0 + | |-- dst -> 255.255.255.255 + | |-- udp + | |-- srcport -> 68 + | |-- dstport -> 67 + | |-- len -> 280 + | |-- checksum -> 59 1f + | |-- raw + | |-- protocol -> NIL + | |-- packet + | | |--> 01 01 06 00 00 00 3d 1d 00 00 00 00 00 00 00 00 + | | 00 00 00 00 00 00 00 00 00 00 00 00 00 0b 82 01 + | | fc 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 + | | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 + | | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 + | | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 + | | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 + | | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 + | | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 + | | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 + | | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 + | | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 + | | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 + | | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 + | | 00 00 00 00 00 00 00 00 00 00 00 00 63 82 53 63 + | | 35 01 01 3d 07 01 00 0b 82 01 fc 42 32 04 00 00 + | | 00 00 37 04 01 03 06 2a ff 00 00 00 00 00 00 00 + | |-- error -> NIL + |-- protocols -> Ethernet:IPv4:UDP:Raw + +Frame 2 + |-- type -> BlockType::Enhanced_Packet_Block [6] + |-- length -> 376 + |-- section_number -> 1 + |-- number -> 2 + |-- interface_id -> 0 + |-- timestamp -> 2004-12-06T03:16:24.317748+08:00 + |-- timestamp_epoch -> 1102302984.317748 + |-- captured_len -> 342 + |-- original_len -> 342 + |-- options -> NIL + |-- ethernet + | |-- dst -> 00:0b:82:01:fc:42 + | |-- src -> 00:08:74:ad:f1:9b + | |-- type + | | |--> EtherType::Internet_Protocol_version_4 + | | [2048] + | |-- ipv4 + | |-- version -> 4 + | |-- hdr_len -> 20 + | |-- tos + | | |-- pre -> ToSPrecedence::Routine [0] + | | |-- del -> ToSDelay::NORMAL [0] + | | |-- thr -> ToSThroughput::NORMAL [0] + | | |-- rel -> ToSReliability::NORMAL [0] + | | |-- ecn -> ToSECN::Not_ECT [0] + | |-- len -> 328 + | |-- id -> 1093 + | |-- flags + | | |-- df -> False + | | |-- mf -> False + | |-- offset -> 0 + | |-- ttl -> 128.0 + | |-- protocol -> TransType::UDP [17] + | |-- checksum -> 00 00 + | |-- src -> 192.168.0.1 + | |-- dst -> 192.168.0.10 + | |-- udp + | |-- srcport -> 67 + | |-- dstport -> 68 + | |-- len -> 308 + | |-- checksum -> 22 33 + | |-- raw + | |-- protocol -> NIL + | |-- packet + | | |--> 02 01 06 00 00 00 3d 1d 00 00 00 00 00 00 00 00 + | | c0 a8 00 0a c0 a8 00 01 00 00 00 00 00 0b 82 01 + | | fc 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 + | | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 + | | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 + | | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 + | | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 + | | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 + | | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 + | | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 + | | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 + | | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 + | | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 + | | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 + | | 00 00 00 00 00 00 00 00 00 00 00 00 63 82 53 63 + | | 35 01 02 01 04 ff ff ff 00 3a 04 00 00 07 08 3b + | | 04 00 00 0c 4e 33 04 00 00 0e 10 36 04 c0 a8 00 + | | 01 ff 00 00 00 00 00 00 00 00 00 00 00 00 00 00 + | | 00 00 00 00 00 00 00 00 00 00 00 00 + | |-- error -> NIL + |-- protocols -> Ethernet:IPv4:UDP:Raw + +Frame 3 + |-- type -> BlockType::Enhanced_Packet_Block [6] + |-- length -> 348 + |-- section_number -> 1 + |-- number -> 3 + |-- interface_id -> 0 + |-- timestamp -> 2004-12-06T03:16:24.387484+08:00 + |-- timestamp_epoch -> 1102302984.387484 + |-- captured_len -> 314 + |-- original_len -> 314 + |-- options -> NIL + |-- ethernet + | |-- dst -> ff:ff:ff:ff:ff:ff + | |-- src -> 00:0b:82:01:fc:42 + | |-- type + | | |--> EtherType::Internet_Protocol_version_4 + | | [2048] + | |-- ipv4 + | |-- version -> 4 + | |-- hdr_len -> 20 + | |-- tos + | | |-- pre -> ToSPrecedence::Routine [0] + | | |-- del -> ToSDelay::NORMAL [0] + | | |-- thr -> ToSThroughput::NORMAL [0] + | | |-- rel -> ToSReliability::NORMAL [0] + | | |-- ecn -> ToSECN::Not_ECT [0] + | |-- len -> 300 + | |-- id -> 43063 + | |-- flags + | | |-- df -> False + | | |-- mf -> False + | |-- offset -> 0 + | |-- ttl -> 250.0 + | |-- protocol -> TransType::UDP [17] + | |-- checksum -> 17 8a + | |-- src -> 0.0.0.0 + | |-- dst -> 255.255.255.255 + | |-- udp + | |-- srcport -> 68 + | |-- dstport -> 67 + | |-- len -> 280 + | |-- checksum -> 9f bd + | |-- raw + | |-- protocol -> NIL + | |-- packet + | | |--> 01 01 06 00 00 00 3d 1e 00 00 00 00 00 00 00 00 + | | 00 00 00 00 00 00 00 00 00 00 00 00 00 0b 82 01 + | | fc 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 + | | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 + | | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 + | | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 + | | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 + | | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 + | | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 + | | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 + | | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 + | | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 + | | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 + | | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 + | | 00 00 00 00 00 00 00 00 00 00 00 00 63 82 53 63 + | | 35 01 03 3d 07 01 00 0b 82 01 fc 42 32 04 c0 a8 + | | 00 0a 36 04 c0 a8 00 01 37 04 01 03 06 2a ff 00 + | |-- error -> NIL + |-- protocols -> Ethernet:IPv4:UDP:Raw + +Frame 4 + |-- type -> BlockType::Enhanced_Packet_Block [6] + |-- length -> 376 + |-- section_number -> 1 + |-- number -> 4 + |-- interface_id -> 0 + |-- timestamp -> 2004-12-06T03:16:24.387798+08:00 + |-- timestamp_epoch -> 1102302984.387798 + |-- captured_len -> 342 + |-- original_len -> 342 + |-- options -> NIL + |-- ethernet + | |-- dst -> 00:0b:82:01:fc:42 + | |-- src -> 00:08:74:ad:f1:9b + | |-- type + | | |--> EtherType::Internet_Protocol_version_4 + | | [2048] + | |-- ipv4 + | |-- version -> 4 + | |-- hdr_len -> 20 + | |-- tos + | | |-- pre -> ToSPrecedence::Routine [0] + | | |-- del -> ToSDelay::NORMAL [0] + | | |-- thr -> ToSThroughput::NORMAL [0] + | | |-- rel -> ToSReliability::NORMAL [0] + | | |-- ecn -> ToSECN::Not_ECT [0] + | |-- len -> 328 + | |-- id -> 1094 + | |-- flags + | | |-- df -> False + | | |-- mf -> False + | |-- offset -> 0 + | |-- ttl -> 128.0 + | |-- protocol -> TransType::UDP [17] + | |-- checksum -> 00 00 + | |-- src -> 192.168.0.1 + | |-- dst -> 192.168.0.10 + | |-- udp + | |-- srcport -> 67 + | |-- dstport -> 68 + | |-- len -> 308 + | |-- checksum -> df db + | |-- raw + | |-- protocol -> NIL + | |-- packet + | | |--> 02 01 06 00 00 00 3d 1e 00 00 00 00 00 00 00 00 + | | c0 a8 00 0a 00 00 00 00 00 00 00 00 00 0b 82 01 + | | fc 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 + | | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 + | | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 + | | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 + | | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 + | | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 + | | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 + | | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 + | | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 + | | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 + | | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 + | | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 + | | 00 00 00 00 00 00 00 00 00 00 00 00 63 82 53 63 + | | 35 01 05 3a 04 00 00 07 08 3b 04 00 00 0c 4e 33 + | | 04 00 00 0e 10 36 04 c0 a8 00 01 01 04 ff ff ff + | | 00 ff 00 00 00 00 00 00 00 00 00 00 00 00 00 00 + | | 00 00 00 00 00 00 00 00 00 00 00 00 + | |-- error -> NIL + |-- protocols -> Ethernet:IPv4:UDP:Raw diff --git a/test/test_pcapng.py b/test/test_pcapng.py index 6bc8308d9..fc8c5cb67 100644 --- a/test/test_pcapng.py +++ b/test/test_pcapng.py @@ -2,5 +2,5 @@ import pcapkit -plist = pcapkit.extract(fin='../sample/test.pcapng', +plist = pcapkit.extract(fin='../sample/dhcp.pcapng', fout='../sample/pcapng.txt', format='tree', verbose=True)