How can i obtain ip.src in human readable form?

scap1784 / dpkt

Automatically exported from code.google.com/p/dpkt

Other

0 stars 0 forks source link

How can i obtain ip.src in human readable form? #7

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago

What steps will reproduce the problem?
Following code:
import pcap, dpkt

def pr(hdr,data):
    print(`dpkt.ip.IP(data[14:])['src']`)

pc = pcap.pcap(None,1500,False)
pc.setfilter('udp')

##pc = pcap.pcap()
##pc.setfilter('udp')
pc.dispatch(10,pr)

shows mystery 'R\xb3A\x1e'
how to decode this?

Original issue reported on code.google.com by Dodin.Ro...@gmail.com on 21 Apr 2008 at 1:43

GoogleCodeExporter commented 9 years ago

there's a dpkt.hexdump() that is pretty good in that it will basically show you 
a
sniffer view.  Otherwise it helps to open the packet in a sniffer like
wireshark/tcpdump/snoop/old ethereal that can decode the packet for you  and 
tell you
what each byte means (cause that's what you're dealing with sometimes).  Or 
I've seen
some other code that makes its own pcap handler that does something with
packets...maybe try that? Also it appears that the dpkt lib uses .unpack() to 
parse
packets out.  Try data = IP.unpack(), get data into UDP(), then UDP.unpack()?

Original comment by don.mi...@gmail.com on 23 Apr 2008 at 11:44

Added labels: ****
Removed labels: ****

GoogleCodeExporter commented 9 years ago

i still cant access to IP source address, can you show me  a little code 
snippet?

all source w/o comments-damn

Original comment by Dodin.Ro...@gmail.com on 24 Apr 2008 at 7:43

Added labels: ****
Removed labels: ****

GoogleCodeExporter commented 9 years ago

Dodin,

You can simply use socket's ntoa function:

print socket.inet_ntoa(ip.src)

Or if you're already using dnet as well:

print dnet.ip_ntoa(ip.src)

Regards,
Jon Oberheide

Original comment by jon.ober...@gmail.com on 24 Apr 2008 at 8:01

Changed state: WontFix
Added labels: ****
Removed labels: ****

GoogleCodeExporter commented 9 years ago

ok, thanx

Original comment by Dodin.Ro...@gmail.com on 25 Apr 2008 at 8:21

Added labels: ****
Removed labels: ****

GoogleCodeExporter commented 9 years ago

ok, thanx

Original comment by Dodin.Ro...@gmail.com on 25 Apr 2008 at 8:22

Added labels: ****
Removed labels: ****

GoogleCodeExporter commented 9 years ago

Dodin,

I like being able to read the IP addresses in human readable form too.
fHere is a patch to ip.py to print the "src" and "dst" fields in human 
readable form.  Nom if you have a packet instance you can just do
repr(packet) to display the packet with human readable ip src/dst fields.

Have a nice day, 

# Aaron

Original comment by alrho...@gmail.com on 3 Oct 2009 at 2:39

Added labels: ****
Removed labels: ****

Attachments:

ip_py.diff

GoogleCodeExporter commented 9 years ago

use socket inetb notation
src=socket.inet_nota(ip.src)
 thats all

u ll get a ans

Original comment by aravindm...@gmail.com on 21 Jul 2014 at 9:51

Added labels: ****
Removed labels: ****