| Name | pcap-summary JSON |
| Version |
1.0.0
JSON |
| download |
| home_page | |
| Summary | Scapy wrapper for summarizing PCAP flows |
| upload_time | 2022-12-10 14:49:23 |
| maintainer | |
| docs_url | None |
| author | |
| requires_python | >=3.7 |
| license | |
| keywords |
scapy
pcap
summary
|
| VCS |
|
| bugtrack_url |
|
| requirements |
No requirements were recorded.
|
| Travis-CI |
No Travis.
|
| coveralls test coverage |
No coveralls.
|
[](https://github.com/craigarms/pcap_summary/actions/workflows/python-package.yml)
# Pcap_summary
This is a wrapper script for Scapy that will parse a pcap file and output a summary of the packets in the file.
It will also output a summary of the protocols used in the pcap file.
## Usage
### Summarizing a pcap file:
pcap_summary <pcap file>
Example:
pcap_summary http.pcap
Output:
```
Proto Src Dst Flags Flow Size FCount RCount
------- ------------------ ----------------- ------- ----------- -------- --------
UDP 24.6.173.220:53867 75.75.75.75:53 -- 142 1 1
UDP 24.6.173.220:54997 75.75.75.75:53 -- 368 2 2
TCP 24.6.173.220:42379 174.137.42.75:80 SAPFR 14175 7 11
TCP 24.6.173.220:42380 174.137.42.75:80 SAP 7251 7 8
UDP 24.6.173.220:49643 75.75.75.75:53 -- 276 1 1
UDP 24.6.173.220:59261 75.75.75.75:53 -- 297 1 1
[...]
```
TCP flags are decoded as follows and added to the flow summary:
S = SYN
A = ACK
F = FIN
R = RST
P = PSH
U = URG
E = ECE
C = CWR
The flow size is the total size of the flow in bytes incremented via the IP length field.
The FCount is the number of packets for a given source and destination socket pair in one direction
The RCount is the number of packets for the given pair in the opposite direction.
### Summarizing a pcap file and filtering:
pcap_summary <pcap file> <search>
Example:
pcap_summary http.pcap 174.137.42.75
Output:
```
Proto Src Dst Flags Flow Size FCount RCount
------- ------------------ ---------------- ------- ----------- -------- --------
TCP 24.6.173.220:42379 174.137.42.75:80 SAPFR 14175 7 11
TCP 24.6.173.220:42380 174.137.42.75:80 SAP 7251 7 8
TCP 24.6.173.220:42381 174.137.42.75:80 SAP 8126 5 7
TCP 24.6.173.220:42383 174.137.42.75:80 SAP 452 2 1
TCP 24.6.173.220:42384 174.137.42.75:80 SA 144 2 1
```
The search is performed by looking if the given string is present in the list formed by the flow.
## Installation
Available on Pypi:
pip install pcap_summary
Raw data
{
"_id": null,
"home_page": "",
"name": "pcap-summary",
"maintainer": "",
"docs_url": null,
"requires_python": ">=3.7",
"maintainer_email": "",
"keywords": "scapy,pcap,summary",
"author": "",
"author_email": "Craig ARMSTRONG <cag@izec.fr>",
"download_url": "https://files.pythonhosted.org/packages/f6/85/fbbf1514db7c9ce3e5c7fd0ecc2f443bbe750a43886bbdd6c0def8964888/pcap_summary-1.0.0.tar.gz",
"platform": null,
"description": "[](https://github.com/craigarms/pcap_summary/actions/workflows/python-package.yml)\r\n\r\n# Pcap_summary\r\n\r\nThis is a wrapper script for Scapy that will parse a pcap file and output a summary of the packets in the file. \r\nIt will also output a summary of the protocols used in the pcap file.\r\n\r\n## Usage\r\n\r\n### Summarizing a pcap file:\r\n\r\n pcap_summary <pcap file>\r\n\r\nExample:\r\n \r\n pcap_summary http.pcap\r\n\r\nOutput:\r\n```\r\nProto Src Dst Flags Flow Size FCount RCount\r\n------- ------------------ ----------------- ------- ----------- -------- --------\r\nUDP 24.6.173.220:53867 75.75.75.75:53 -- 142 1 1\r\nUDP 24.6.173.220:54997 75.75.75.75:53 -- 368 2 2\r\nTCP 24.6.173.220:42379 174.137.42.75:80 SAPFR 14175 7 11\r\nTCP 24.6.173.220:42380 174.137.42.75:80 SAP 7251 7 8\r\nUDP 24.6.173.220:49643 75.75.75.75:53 -- 276 1 1\r\nUDP 24.6.173.220:59261 75.75.75.75:53 -- 297 1 1\r\n[...]\r\n```\r\n\r\nTCP flags are decoded as follows and added to the flow summary:\r\n\r\n S = SYN\r\n A = ACK\r\n F = FIN\r\n R = RST\r\n P = PSH\r\n U = URG\r\n E = ECE\r\n C = CWR\r\n\r\nThe flow size is the total size of the flow in bytes incremented via the IP length field.\r\n\r\nThe FCount is the number of packets for a given source and destination socket pair in one direction \r\nThe RCount is the number of packets for the given pair in the opposite direction.\r\n\r\n\r\n### Summarizing a pcap file and filtering:\r\n \r\n pcap_summary <pcap file> <search>\r\n\r\nExample:\r\n \r\n pcap_summary http.pcap 174.137.42.75\r\n\r\nOutput:\r\n```\r\nProto Src Dst Flags Flow Size FCount RCount\r\n------- ------------------ ---------------- ------- ----------- -------- --------\r\nTCP 24.6.173.220:42379 174.137.42.75:80 SAPFR 14175 7 11\r\nTCP 24.6.173.220:42380 174.137.42.75:80 SAP 7251 7 8\r\nTCP 24.6.173.220:42381 174.137.42.75:80 SAP 8126 5 7\r\nTCP 24.6.173.220:42383 174.137.42.75:80 SAP 452 2 1\r\nTCP 24.6.173.220:42384 174.137.42.75:80 SA 144 2 1\r\n```\r\n\r\nThe search is performed by looking if the given string is present in the list formed by the flow.\r\n\r\n## Installation\r\n\r\nAvailable on Pypi:\r\n\r\n pip install pcap_summary\r\n",
"bugtrack_url": null,
"license": "",
"summary": "Scapy wrapper for summarizing PCAP flows",
"version": "1.0.0",
"split_keywords": [
"scapy",
"pcap",
"summary"
],
"urls": [
{
"comment_text": "",
"digests": {
"md5": "d74555bdb57874b4a3166f60ce98e4fe",
"sha256": "00f1603cd750388fbbe7e89dd79ffc470800d7d9ca3a07e8933e6aef18293209"
},
"downloads": -1,
"filename": "pcap_summary-1.0.0-py3-none-any.whl",
"has_sig": false,
"md5_digest": "d74555bdb57874b4a3166f60ce98e4fe",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": ">=3.7",
"size": 3836,
"upload_time": "2022-12-10T14:49:21",
"upload_time_iso_8601": "2022-12-10T14:49:21.250964Z",
"url": "https://files.pythonhosted.org/packages/58/6e/0f18dfbed5aa2ab55bff566b82ff9f069dcfdb44b96efef96e470eb65dc4/pcap_summary-1.0.0-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"md5": "ffbdc8b0a868a1c553cfde2690eb04ad",
"sha256": "01f3799985dabf5904ae13d1892c107fbc3176f5cc3a8f466fcc75a77391089a"
},
"downloads": -1,
"filename": "pcap_summary-1.0.0.tar.gz",
"has_sig": false,
"md5_digest": "ffbdc8b0a868a1c553cfde2690eb04ad",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.7",
"size": 3247,
"upload_time": "2022-12-10T14:49:23",
"upload_time_iso_8601": "2022-12-10T14:49:23.271738Z",
"url": "https://files.pythonhosted.org/packages/f6/85/fbbf1514db7c9ce3e5c7fd0ecc2f443bbe750a43886bbdd6c0def8964888/pcap_summary-1.0.0.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2022-12-10 14:49:23",
"github": false,
"gitlab": false,
"bitbucket": false,
"lcname": "pcap-summary"
}
