加载中…
个人资料
麦兜搞IT
麦兜搞IT
  • 博客等级:
  • 博客积分:0
  • 博客访问:1,533,161
  • 关注人气:531
  • 获赠金笔:0支
  • 赠出金笔:0支
  • 荣誉徽章:
相关博文
推荐博文
谁看过这篇博文
加载中…
正文 字体大小:

python读取pcap文件(续5)

(2010-03-28 10:48:28)
标签:

python

tcp

协议

it

分类: Python

   这次分析的是TCP协议,也是目前分析的最后一个协议,传输层以上的协议由于太过复杂,想暂且搁下,待以后有时间再说。

   python读取pcap文件(续5)
  

     

class TCP(Protocol):

 

       def __init__(self,datastr=None):

              self.src_port = None

              self.dst_port = None

              self.seq_num = None

              self.ack_num = None

              self.head_len = None

              self.flags = None

              self.win_size = None

              self.chksum = None

              self.options = None

              self.datastr = datastr

       def decode(self):

              self.src_port = self.str_to_hex(self.datastr[0:2])

              self.dst_port = self.str_to_hex(self.datastr[2:4])

              self.seq_num = self.str_to_hex(self.datastr[4:8])

              self.ack_num = self.str_to_hex(self.datastr[8:12])

              self.head_len = self.str_to_hex(self.datastr[12])

              self.flags = self.str_to_hex(self.datastr[13])

              self.win_size = self.str_to_hex(self.datastr[14:16])

              self.chksum = self.str_to_hex(self.datastr[16:18])

              source_port_num = int(self.src_port,16)

              dst_port_num = int(self.dst_port,16)

              if port_number.TCP_port.has_key(source_port_num):

                     src_port_dis = "Source port: %s (%s)"%(port_number.TCP_port[source_port_num],source_port_num)

              else:

                     src_port_dis = "Source port: %s (%s)"%(source_port_num,self.src_port)

              if port_number.TCP_port.has_key(dst_port_num):

                     dst_port_dis = "Destination port: %s (%s)"%(port_number.TCP_port[dst_port_num],dst_port_num)

              else:

                     dst_port_dis = "Destination port: %s (%s)"%(dst_port_num,self.dst_port)

              TCP_dis = "Transmission Control Protocol, Src port: %s,Dst port: %s"%(src_port_dis[13:],dst_port_dis[18:])

              seq_num_dis = "Sequence number: %s (%s)"%(int(self.seq_num,16),self.seq_num)

              ack_num_dis = "Acknowledgement number: %s (%s)"%(int(self.ack_num,16),self.ack_num)

              head_len_dis = "Header length: %s bytes"%int(self.head_len,16)

              # flags information

              set_info = {1:'Set',

                                   0:'Not set'}

              flags_int = int(self.flags,16)

              flags_dis = ["Flags: %s"%self.flags]

              if 128&flags_int==0:

                     flags_bit1=0

              else:

                     flags_bit1 = 1

              if 64&flags_int==0:

                     flags_bit2=0

              else:

                     flags_bit2 = 1

              if 32&flags_int==0:

                     flags_bit3 = 0

              else:

                     flags_bit3 = 1

             

              if 16&flags_int==0:

                     flags_bit4 = 0

              else:

                     flags_bit4 = 1

              if 8&flags_int==0:

                     flags_bit5 = 0

              else:

                     flags_bit5 = 1

              if 4&flags_int==0:

                     flags_bit6 = 0

              else:

                     flags_bit6 = 1

              if 2&flags_int==0:

                     flags_bit7 = 0

              else:

                     flags_bit7 = 1

              if 1&flags_int==0:

                     flags_bit8 = 0

              else:

                     flags_bit8 = 1

              flags_dis.append('%s... .... = Congestion Window Reduced(CWR): %s'%(flags_bit1,set_info[flags_bit1]))

              flags_dis.append(".%s.. .... = ECN-Echo: %s"%(flags_bit2,set_info[flags_bit2]))

              flags_dis.append("..%s. .... = Urgent: %s"%(flags_bit3,set_info[flags_bit3]))

              flags_dis.append("...%s .... = Acknowledgement: %s"%(flags_bit4,set_info[flags_bit4]))

              flags_dis.append(".... %s... = Push: %s"%(flags_bit5,set_info[flags_bit5]))

              flags_dis.append(".... .%s.. = Reset: %s"%(flags_bit6,set_info[flags_bit6]))

              flags_dis.append(".... ..%s. = Syn: %s"%(flags_bit7,set_info[flags_bit7]))

              flags_dis.append(".... ...%s = Fin: %s"%(flags_bit8,set_info[flags_bit8]))

              # window size

              winsize_dis = "Window size: %s (%s)"%(int(self.win_size,16),self.win_size)

              #check sum

              chksum_dis = "Checksum: %s"%self.chksum

              self.head_len = int(self.head_len,16)/4

              if self.head_len==20:

                     return [TCP_dis,src_port_dis,dst_port_dis,seq_num_dis,ack_num_dis,

                                   head_len_dis,flags_dis,winsize_dis,chksum_dis]

              else:

                     option_len = self.head_len-20

                     options_dis = ['Options :(%s bytes)'%option_len]

                     options_dis.append(self.str_to_hex(self.datastr[20:28]))

                     return [TCP_dis,src_port_dis,dst_port_dis,seq_num_dis,ack_num_dis,

                                   head_len_dis,flags_dis,winsize_dis,chksum_dis,options_dis]




我的更多文章:

0

阅读 评论 收藏 转载 喜欢 打印举报/Report
  • 评论加载中,请稍候...
发评论

    发评论

    以上网友发言只代表其个人观点,不代表新浪网的观点或立场。

      

    新浪BLOG意见反馈留言板 电话:4000520066 提示音后按1键(按当地市话标准计费) 欢迎批评指正

    新浪简介 | About Sina | 广告服务 | 联系我们 | 招聘信息 | 网站律师 | SINA English | 会员注册 | 产品答疑

    新浪公司 版权所有