kbandla · April 22, 2016 11:06
diff --git a/flowcsv.py b/flowcsv.py
 import dpkt
 from dpkt.ip import IP
 from dpkt.ethernet import Ethernet
 from dpkt.arp import ARP
 from pprint import pprint
 import socket
 import sys
 import csv
 from Tkinter import *
 import tkMessageBox
 import Tkinter
 from tkFileDialog   import askopenfile

 def mac_addr(mac_string):
    return ':'.join('%02x' % ord(b) for b in mac_string)
 def ip_to_str(address):
    return socket.inet_ntoa(address)

 class Flow(object):
    '''
    Code from Honeysnap
    https://github.com/honeynet
    '''
    def __init__(self):
        self.src = None
        self.dst = None
        self.sport = None
        self.dport = None

    def __eq__(self, other):
        return self.sport==other.sport and self.dport==other.dport and self.src==other.src and self.dst==other.dst

    def __ne__(self, other):
        return self.sport!=other.sport or self.dport!=other.dport or self.src!=other.src or self.dst!=other.dst

    def __repr__(self):
        return "%s,%s,%s,%s,%s,%s,%d"  % (self.src, self.dst, self.sport, self.dport, ip.p, ip.tos, ts)

    def isSrcSport(self, src, sport):
        if self.src == src and self.sport == sport:
            return True
        else:
            return False

 flows = {}
 f = askopenfile('rb')
 pcap = dpkt.pcap.Reader(f)
 csvfile = open(f.name+'.csv','w')
 c = csv.writer(csvfile)
 headers = ["Source", "Destination", "SrcPort", "DestPort", "Protocol", "TOS", "Timestamp", "Packets"]
 c.writerow(headers)

 for ts, buf in pcap:
  eth = dpkt.ethernet.Ethernet(buf)
  if eth.type != dpkt.ethernet.ETH_TYPE_IP:
    continue

  ip = eth.data
  if ip.p == 6 or ip.p == 17:
      tcp = ip.data
      tos = ip.tos
      flow = Flow()
      flow.src = ip_to_str(ip.src)
      flow.dst = ip_to_str(ip.dst)
      flow.sport= tcp.sport
      flow.dport = tcp.dport
      key = repr(flow)
      if not flows.has_key(key):
          flows[key] = 0
      flows[key] += 1

 for flow, numpkts in flows.items():
    data  = '%s,%s'%(flow,numpkts)
    c.writerow(data.split(','))

 print 'Wrote to %s'%f.name+'.csv'
	import dpkt
	from dpkt.ip import IP
	from dpkt.ethernet import Ethernet
	from dpkt.arp import ARP
	from pprint import pprint
	import socket
	import sys
	import csv
	from Tkinter import *
	import tkMessageBox
	import Tkinter
	from tkFileDialog import askopenfile

	def mac_addr(mac_string):
	return ':'.join('%02x' % ord(b) for b in mac_string)
	def ip_to_str(address):
	return socket.inet_ntoa(address)

	class Flow(object):
	'''
	Code from Honeysnap
	https://github.com/honeynet
	'''
	def __init__(self):
	self.src = None
	self.dst = None
	self.sport = None
	self.dport = None

	def __eq__(self, other):
	return self.sport==other.sport and self.dport==other.dport and self.src==other.src and self.dst==other.dst

	def __ne__(self, other):
	return self.sport!=other.sport or self.dport!=other.dport or self.src!=other.src or self.dst!=other.dst

	def __repr__(self):
	return "%s,%s,%s,%s,%s,%s,%d" % (self.src, self.dst, self.sport, self.dport, ip.p, ip.tos, ts)

	def isSrcSport(self, src, sport):
	if self.src == src and self.sport == sport:
	return True
	else:
	return False

	flows = {}
	f = askopenfile('rb')
	pcap = dpkt.pcap.Reader(f)
	csvfile = open(f.name+'.csv','w')
	c = csv.writer(csvfile)
	headers = ["Source", "Destination", "SrcPort", "DestPort", "Protocol", "TOS", "Timestamp", "Packets"]
	c.writerow(headers)

	for ts, buf in pcap:
	eth = dpkt.ethernet.Ethernet(buf)
	if eth.type != dpkt.ethernet.ETH_TYPE_IP:
	continue

	ip = eth.data
	if ip.p == 6 or ip.p == 17:
	tcp = ip.data
	tos = ip.tos
	flow = Flow()
	flow.src = ip_to_str(ip.src)
	flow.dst = ip_to_str(ip.dst)
	flow.sport= tcp.sport
	flow.dport = tcp.dport
	key = repr(flow)
	if not flows.has_key(key):
	flows[key] = 0
	flows[key] += 1

	for flow, numpkts in flows.items():
	data = '%s,%s'%(flow,numpkts)
	c.writerow(data.split(','))

	print 'Wrote to %s'%f.name+'.csv'