我有一个cap文件,我想用python读取和处理它,我使用了Scapy库,但当试图用rdpcap函数读取它时,它引发了一个异常
CAP文件
完整堆栈:
Scapy_Exception Traceback (most recent call last)
<ipython-input-3-544e8f19828d> in <module>()
1 file = '.....'
----> 2 packets = rdpcap(file)
1 frames
/usr/local/lib/python3.7/dist-packages/scapy/utils.py in rdpcap(filename, count)
1115 # One day we should simplify this mess and use a much simpler
1116 # layout that will actually be supported and properly dissected.
-> 1117 with PcapReader(filename) as fdesc: # type: ignore
1118 return fdesc.read_all(count=count)
1119
/usr/local/lib/python3.7/dist-packages/scapy/utils.py in __call__(cls, filename)
1170 pass
1171
-> 1172 raise Scapy_Exception("Not a supported capture file")
1173
1174 @staticmethod
Scapy_Exception: Not a supported capture file
注意:我已经设法在Wireshark中打开了cap文件并将其导出到CSV,但我想知道是否有办法解决这个问题,因为我有很多文件,直接使用python打开它们会非常方便。
第1版:更新了cap文件链接。
我可以用scapy:打开这样的cap文件
from scapy.all import rdpcap, IP
for p in rdpcap('capfile.cap'):
print(p[IP].src)