In [1]:
from scapy.utils import RawPcapReader
from scapy.layers.l2 import Ether
from scapy.layers.inet import IP, TCP


In [2]:
def process_pcap(file_name):
    print('Opening {}...'.format(file_name))

    count = 0
    interesting_packet_count = 0

    interesting_packets = []
    for (pkt_data, pkt_metadata,) in RawPcapReader(file_name):
        count += 1

        ether_pkt = Ether(pkt_data)
        if 'type' not in ether_pkt.fields:
            # LLC frames will have 'len' instead of 'type'.
            # We disregard those
            continue

        if ether_pkt.type != 0x0800:
            # disregard non-IPv4 packets
            continue
        ip_pkt = ether_pkt[IP]

        interesting_packet_count += 1
        interesting_packets.append(ether_pkt)

    print('{} contains {} packets ({} interesting)'.
          format(file_name, count, interesting_packet_count))

    return interesting_packets


In [3]:
packets = process_pcap("./data/encoder/pcap/custom_pings3.pcapng")

Opening ./data/encoder/pcap/custom_pings3.pcapng...
./data/encoder/pcap/custom_pings3.pcapng contains 2261 packets (2261 interesting)


In [5]:
packets[0].show()

###[ Ethernet ]### 
  dst       = 70:db:98:81:93:40
  src       = 84:a9:38:6a:7f:0d
  type      = IPv4
###[ IP ]### 
     version   = 4
     ihl       = 5
     tos       = 0x0
     len       = 84
     id        = 38219
     flags     = DF
     frag      = 0
     ttl       = 64
     proto     = icmp
     chksum    = 0x477c
     src       = 130.231.202.234
     dst       = 8.8.8.8
     \options   \
###[ ICMP ]### 
        type      = echo-request
        code      = 0
        chksum    = 0xb93
        id        = 0x2
        seq       = 0x1
        unused    = ''
###[ Raw ]### 
           load      = '\\xb5H\\x87c\x00\x00\x00\x00\\xee\\xea\x02\x00\x00\x00\x00\x00\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f !"#$%&\'()*+,-./01234567'

