You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
What steps will reproduce the problem?
First off, if you run this code from the tutorial with the added print
statement.
#!/usr/bin/env python
import dpkt
f = open('test.pcap')
pcap = dpkt.pcap.Reader(f)
for ts, buf in pcap:
eth = dpkt.ethernet.Ethernet(buf)
ip = eth.data
tcp = ip.data
if tcp.dport == 80 and len(tcp.data) > 0:
http = dpkt.http.Request(tcp.data)
print http.uri
print ts
f.close()
You will see a number similar to this
1234567890.12
Where is the microsecond resolution?
What is the expected output? What do you see instead?
1234567890.123456789 would be the expected output (like wireshark when it opens
the same file)
What version of the product are you using? On what operating system?
Version 1.7
Linux Fedora Core 11
Please provide any additional information below.
In addition to this I would like to modify the code so it works with the nano
extensions to pcap, which gives the time format 3 extra digits after the 0 for
the time stamp. Any suggestions on where to start to parse this data
differently ??
Original issue reported on code.google.com by stuart.j...@gmail.com on 30 Aug 2010 at 4:59
I am assuming that you are doing something like this:
for ts, buf in pcap:
print ts
And then you observe the timestamp to be "1408173480.93" instead
of "1408173480.936543", as shown in wireshark. This is because the print
function in python limits float to two decimal places.
Example:
>>> x = 1258494066.119061
>>> x
1258494066.119061
>>> print x
1258494066.12
If you really need to print the full value, use format:
>>> "{0:.6f}".format(x)
'1258494066.119061'
If you have a nanosecond capture file, the place you will need to make the
change is in the __iter__() function of the pcap.py module. Instead of dividing
hdr.tv_usec by 1000000.0, you will need to divide it by 1000000000.0
Original comment by kbandla@in2void.com on 25 Dec 2014 at 7:00
Original issue reported on code.google.com by
stuart.j...@gmail.com
on 30 Aug 2010 at 4:59The text was updated successfully, but these errors were encountered: