极客观点
研发管理
HarmonyOS
如何从网络数据包中提取出应用层协议?
我希望通过协议名来过滤rtp/rtsp协议,但是无论是tshark和tcpdump似乎很难达到我的目的,我的代码如下:
def producer(q):
try:
tcpdump_process = subprocess.Popen(
["tcpdump", "-i", str(wangkaname), "-U", "-s", "65535", "-w", "-"],
stdout=subprocess.PIPE,
stderr=subprocess.PIPE,
)
try:
pcap_header = tcpdump_process.stdout.read(24)
if pcap_header[:4] == b"\xa1\xb2\xc3\xd4": # big-endian
typeI = "!I"
typeH = "!H"
elif pcap_header[:4] == b"\xd4\xc3\xb2\xa1": # little-endian
typeI = "I"
typeH = "H"
else:
raise ValueError("Unknown pcap file format")
reader = PacketReader("../dataset/realdiswangka.csv")
while True:
try:
packet_header = tcpdump_process.stdout.read(16)
if not packet_header:
if tcpdump_process.poll() is not None:
break
continue
timeHigh = struct.unpack(typeI, packet_header[0:4])[0]
timeLow = struct.unpack(typeI, packet_header[4:8])[0]
timeStamp = 1000000 * timeHigh + timeLow
ts_sec, ts_usec, incl_len, orig_len = struct.unpack(
typeI + typeI + typeI + typeI, packet_header
)
packet_data = tcpdump_process.stdout.read(incl_len)
basicPacket = reader.get_ipv4_info(packet_data, timeStamp)
if basicPacket:
q.put(basicPacket)
except Exception as e:
print(f"发生了未知的错误: {e}")
except Exception as e:
print(f"发生了未知的错误: {e}")
finally:
tcpdump_process.terminate()
tcpdump_process.wait()
except Exception as e:
print(f"发生了未知的错误: {e}")现在我希望在获取到数据包basicPacket后,是否可以从数据包中获取应用层协议? 有没有什么办法?
python