本文介绍了在 Scapy 中为每个数据包指定时间戳?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

限时删除!!

使用 Scapy,当我创建数据包并将其写入 pcap 文件,它将数据包的时间戳设置为当前时间.

这是我目前的用法.1335494712.991895 是我创建数据包的时间:

>>>a = Ether()/IP(src='1.1.1.1',dst='2.2.2.2')/TCP(sport=1337,dport=31337)>>>wrpcap('single-tcp-packet.pcap', a)# tcpdump -tt -r single-tcp-packet.pcap从文件 single-tcp-packet.pcap 中读取,链接类型 EN10MB(以太网)1335494712.991895 IP 1.1.1.1.menandmice-dns >arenes-651-1-107-2.w2-2.abo.wanadoo.fr.31337: Flags [S], seq 0, win 8192, length 0

如何为每个数据包指定自己的时间戳?

我已经看到文档中提到的用于设置 TCP 时间戳的时间戳,但它似乎与实际的 pcap 时间戳没有区别.

解决方案

啊!找到了.

简单地说:

>>>a.时间 = 1234567890>>>wrpcap('single-tcp-packet.pcap', a)# tcpdump -tt -r single-tcp-packet.pcap从文件 single-tcp-packet.pcap 中读取,链接类型 EN10MB(以太网)1234567890.000000 IP 1.1.1.1.menandmice-dns >arenes-651-1-107-2.w2-2.abo.wanadoo.fr.31337: Flags [S], seq 0, win 8192, length 0

With Scapy, when I create a packet and write it to a pcap file, it sets the timestamp of the packet to the current time.

This is my current usage. 1335494712.991895 being the time I created the packet:

>>> a = Ether()/IP(src='1.1.1.1',dst='2.2.2.2')/TCP(sport=1337,dport=31337)
>>> wrpcap('single-tcp-packet.pcap', a)

# tcpdump -tt -r single-tcp-packet.pcap
reading from file single-tcp-packet.pcap, link-type EN10MB (Ethernet)
1335494712.991895 IP 1.1.1.1.menandmice-dns > arennes-651-1-107-2.w2-2.abo.wanadoo.fr.31337: Flags [S], seq 0, win 8192, length 0

How can I specify my own timestamp per packet?

I have seen timestamp mentioned in the docs for setting the TCP timestamp, but it doesn't seem to make a difference to the actual pcap timestamp.

解决方案

Ah! Found it.

Simply:

>>> a.time = 1234567890
>>> wrpcap('single-tcp-packet.pcap', a)

# tcpdump -tt -r single-tcp-packet.pcap
reading from file single-tcp-packet.pcap, link-type EN10MB (Ethernet)
1234567890.000000 IP 1.1.1.1.menandmice-dns > arennes-651-1-107-2.w2-2.abo.wanadoo.fr.31337: Flags [S], seq 0, win 8192, length 0

这篇关于在 Scapy 中为每个数据包指定时间戳?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

1403页,肝出来的..

09-08 16:05