I tried to read the Pcap file using the Python and Pcap file located on my local desk, it will read the file and print the data print(pcap_file.summary()) while I use this method in the script, But when I try to filter the SMTP layer in the pcap file it will not work I used the lib(scapy) and IDE is (Pchram), and I tried lib (dkpt) also but it will not working I use to see the pcap file in my local desk software called Wireshark when opening the file and parsing the file in Wireshark some bunch of SMTP have different src and dist port number my task looking complicate.
note: I do know why it did not print the data that expected
[ below I will give the code ]
from dpkt.ip import *
from scapy.all import *
def print_tcp_smtp_info(packet):
if packet.haslayer(TCP) and packet.haslayer('SMTP'):
destination_ip = packet[IP].dst
destination_port = packet[TCP].dport
print(f"Destination IP: {destination_ip}, Destination Port: {destination_port}")
# Read the pcap file
pkts = rdpcap('/home/xyz/Desktop/tcpdump_cloud3.pcap')
#print(pkts.summary())
# Filter and print destination IP and port for packets with TCP and SMTP layers
for pkt in pkts:
print_tcp_smtp_info(pkt)
print(pkts.summary())