python:how to use DPKT remove duplicate data from pcap files -


i want stitch http persistent connection body pcap files,but contains some
duplicates body data,how remove these data?

my codes part1part2

the following codes:

from mydpkt import request mydpkt import reader, ethernet  rh_log = open('e:\\rh.pcap','rb') rh_file = reader(rh_log) # p.setfilter('tcp port 80') expect_request_switch = false expect_respone_switch = false body_lenth = 0 keep_alive_index = 0 body_persistent = '' body_all = [] index = 0 index, (ptime, pdata) in enumerate(rh_file).__iter__():     p = ethernet(pdata)     ip = p.data     if ip.__class__.__name__ == 'ip':         dst_ip = '%d.%d.%d.%d' % tuple(map(ord, list(ip.dst)))         src_ip = '%d.%d.%d.%d' % tuple(map(ord, list(ip.src)))         tcp = ip.data         # dport = tcp.dport         if tcp.__class__.__name__ == 'tcp' , len(tcp.data) > 1:             dport = tcp.dport             sport = tcp.sport             received_string = str(tcp.data)             if expect_request_switch , expect_respone_switch , 'http/1.1 200 ok' in received_string:        expect_request_switch = expect_respone_switch = false             if expect_request_switch:                 if 'http/1.1 100 continue' in tcp.data:                     keep_alive_index = index                     expect_respone_switch = true                 if (index >= (keep_alive_index + 1)) , expect_respone_switch , dport == 80:                     body_persistent += received_string                     body_persistent_lenth = len(body_persistent)                     body_all.append(body_persistent)                     expect_request_switch = false                     expect_respone_switch = false

body_persistent = ''

            if dport == 80 , expect_respone_switch false:


Comments

Post a Comment

Popular posts from this blog

python - Selenium remoteWebDriver (& SauceLabs) Firefox moseMoveTo action exception -

while performing simple hover test on firefox through selenium (3.4.0) python bindings (3.4.3) using of available os in saucelabs (except linux, latest available firefox version old), performing following actionchain: hover = actionchains(driver) hover.move_to_element(elm_men_menu).perform() it throws following error: taceback: file [...] in testhover hover.perform() file "/usr/local/lib/python2.7/dist-packages/selenium/webdriver/common/action_chains.py", line 80, in perform action() file "/usr/local/lib/python2.7/dist-packages/selenium/webdriver/common/action_chains.py", line 290, in <lambda> command.move_to, {'element': to_element.id})) file "/usr/local/lib/python2.7/dist-packages/selenium/webdriver/remote/webdriver.py", line 256, in execute self.error_handler.check_response(response) file "/usr/local/lib/python2.7/...
Read more

html - How to custom Bootstrap grid height? -

why bootstrap grid has height 591.067 ? did height came ? .main-post { padding: 20px; background-color: #fff; border: 1px solid #d8d8d8; margin-bottom: 100px; } .main-post .post-categories { margin-bottom: 10px } .main-post h3 { margin: 0 0 10px; color: #777; letter-spacing: -1px; font-weight: bold } .main-post .post-author, .main-post .post-date, .main-post .post-comments { font-size: 12px } .main-post img { display: block; margin: 10px 0; } .main-post .post-summary { line-height: 1.7; color: #888 } .main-post { color: #999 } <div class="col-sm-6"> <div class="main-post"> <h3 class="post-title"> <a href="#"> post title </a> </...
Read more

transpose - Maple isnt executing function but prints function term -

im using maple im in worksheetmode tried using maple input , 2d input , want transpose matrix a: := `<|>`(`<,>`(1, .5, -2), `<,>`(.5, 9/4+b, 5+3*b), `<,>`(-2, 5+3*b, 18+9*b+4*a)); b:= transpose(a); when exectute sheet dont translated values, there same input. matrix looks same input matrix plus function term. you can see picture in following link: why arent functions executed? meanwhile b:=a^+ doing right way , transposed matrix. other functions return function body instead needed values... if using 2d input mode (the default) space you've got between transpose , bracketed (b) interpreted multiplcation. rid of such space. also, either load package @ start of document like, with(linearalgebra): before calling transpose command package, or call it's full name like, linearalgebra:-transpose(b);
Read more