本文介绍了在 Scapy 中为每个数据包指定时间戳?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
使用 Scapy,当我创建数据包并将其写入 pcap 文件,它将数据包的时间戳设置为当前时间.
这是我目前的用法.1335494712.991895 是我创建数据包的时间:
如何为每个数据包指定自己的时间戳?
我已经看到文档中提到的用于设置 TCP 时间戳的时间戳,但它似乎与实际的 pcap 时间戳没有区别.
解决方案
啊!找到了.
简单地说:
>>>a.时间 = 1234567890>>>wrpcap('single-tcp-packet.pcap', a)# tcpdump -tt -r single-tcp-packet.pcap从文件 single-tcp-packet.pcap 中读取,链接类型 EN10MB(以太网)1234567890.000000 IP 1.1.1.1.menandmice-dns >arenes-651-1-107-2.w2-2.abo.wanadoo.fr.31337: Flags [S], seq 0, win 8192, length 0With Scapy, when I create a packet and write it to a pcap file, it sets the timestamp of the packet to the current time.
This is my current usage. 1335494712.991895 being the time I created the packet:
>>> a = Ether()/IP(src='1.1.1.1',dst='2.2.2.2')/TCP(sport=1337,dport=31337)
>>> wrpcap('single-tcp-packet.pcap', a)
# tcpdump -tt -r single-tcp-packet.pcap
reading from file single-tcp-packet.pcap, link-type EN10MB (Ethernet)
1335494712.991895 IP 1.1.1.1.menandmice-dns > arennes-651-1-107-2.w2-2.abo.wanadoo.fr.31337: Flags [S], seq 0, win 8192, length 0
How can I specify my own timestamp per packet?
I have seen timestamp mentioned in the docs for setting the TCP timestamp, but it doesn't seem to make a difference to the actual pcap timestamp.
解决方案
Ah! Found it.
Simply:
>>> a.time = 1234567890
>>> wrpcap('single-tcp-packet.pcap', a)
# tcpdump -tt -r single-tcp-packet.pcap
reading from file single-tcp-packet.pcap, link-type EN10MB (Ethernet)
1234567890.000000 IP 1.1.1.1.menandmice-dns > arennes-651-1-107-2.w2-2.abo.wanadoo.fr.31337: Flags [S], seq 0, win 8192, length 0
这篇关于在 Scapy 中为每个数据包指定时间戳?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!