该怎么做才能在mac或ip中更新之前不显示重复条目。我只想在收到提到的字段时打印
capture = pyshark.LiveCapture(interface='wlo2', bpf_filter='udp port 68')
capture.sniff_continuously(packet_count=16)
fields = {}
for packet in capture:
fields['mac'] = packet.dhcp.hw_mac_addr
try:
fields['vendor'] = packet.dhcp.option_vendor_class_id
fields['h_name'] = packet.dhcp.option_hostname
fields['ip'] = packet.dhcp.option_requested_ip_address
fields['sub_mask'] = packet.dhcp.option_subnet_mask
fields['server_ip'] = packet.dhcp.option_dhcp_server_id
fields['domain_name'] = packet.option.dhcp.option_domain_name
fields['dns'] = packet.dhcp.option_domain_name_server
except AttributeError:
pass
try:
print(packet.sniff_time, fields['mac'], fields['ip'], fields['h_name'], fields['vendor'])
except KeyError:
print('key not found')```
```key not found
2021-12-02 11:08:19.485258 34:1c:f0:6a:c9:00 192.168.1.5 M2006C3MII-Redmi9 android-dhcp-10
2021-12-02 11:25:19.461249 e0:13:b5:8f:xx:xx 192.168.1.5 vivo-1807 dhcpcd-8.1.0
2021-12-02 11:25:19.769917 e0:13:b5:8f:xx:xx 192.168.1.6 vivo-1807 dhcpcd-8.1.0
2021-12-02 11:26:44.359756 e0:13:b5:8f:xx:xx 192.168.1.6 vivo-1807 dhcpcd-8.1.0
您需要自己对数据包进行重复数据消除,即通过将过去的数据包ip/mac组合存储在一组中
fields = {}
already_seen_mac_ips = set() # set of (mac, ip) tuples
for packet in capture:
fields['mac'] = packet.dhcp.hw_mac_addr
try:
fields['vendor'] = packet.dhcp.option_vendor_class_id
fields['h_name'] = packet.dhcp.option_hostname
fields['ip'] = packet.dhcp.option_requested_ip_address
fields['sub_mask'] = packet.dhcp.option_subnet_mask
fields['server_ip'] = packet.dhcp.option_dhcp_server_id
fields['domain_name'] = packet.option.dhcp.option_domain_name
fields['dns'] = packet.dhcp.option_domain_name_server
except AttributeError:
pass
try:
mac_ip = (fields['mac'], fields['ip'])
if mac_ip not in already_seen_mac_ips:
print(packet.sniff_time, fields['mac'], fields['ip'], fields['h_name'], fields['vendor'])
already_seen_mac_ips.add(mac_ip)
except KeyError:
print('key not found')```