TechQA.

parsing a wireshark file, parsing the payload and storing specific packets in the wireshark format

83 views Asked by At

I am parsing a large wireshark packets using pyshark similar to:

import pyshark
import struct
import binascii
cap = pyshark.FileCapture('C:/1-work/wire/capture_11_9_23.pcapng',use_json=True)

I am parsing the udp payload and want to select specific packets and save them in a new wireshark compatible file preserving the "time" information and being able to look at the packets in wireshark.

I tried to write packets in file using

f.write(cap[0].get_raw_packet())

with

cap =pyshark.FileCapture(filein,display_filter='eth',use_json=True, include_raw=True)

but the file is not wireshark compatible. I think it is the raw packet and it is not wireshark compatible.

python wireshark-dissector pyshark
Original Q&A
0

There are 0 answers

Related Questions in PYTHON

Related Questions in WIRESHARK-DISSECTOR

Related Questions in PYSHARK

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions