Last active
May 16, 2017 20:08
-
-
Save Elektordi/50fd7083d1d466b84a1a9b01af8f5991 to your computer and use it in GitHub Desktop.
Convert raw atm pcap files (from GNS3) to sun atm (for Wireshark)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| import sys | |
| import struct | |
| from scapy.all import * | |
| inputfile = '' | |
| outputfile = '' | |
| if len(sys.argv) < 3: | |
| print 'Usage: ./rawatm2sunatm.py <inputfile> <outputfile>' | |
| sys.exit(2) | |
| inputfile = sys.argv[1] | |
| outputfile = sys.argv[2] | |
| conf.l2types.register(100, Raw) # Wrong LLC in file, importing as raw | |
| pcap = rdpcap(inputfile) | |
| pcap2 = PacketList() | |
| buff = '' | |
| for p in pcap: | |
| data = p.fields['load'] | |
| h1,h2,h3,h4 = struct.unpack('!BBBB', data[:4]) # 5th byte is error control | |
| vpi = (h1<<4) + (h2>>4) | |
| vci = ((h2&0xF)<<12) + (h3<<4) + (h4>>4) | |
| pt = (h4&0xF)>>1 | |
| if pt&4: # AAL5 Management | |
| flag = 0 | |
| data = data[5:] | |
| else: # AAL5 User | |
| flag = 2 # LLC | |
| buff += data[5:] | |
| if not pt&1: | |
| continue | |
| data = buff | |
| buff = '' | |
| head = struct.pack("!BBH", flag, vpi, vci) # flag(1b), vpi(1b), vci(2b) | |
| data = head + data | |
| pcap2.append(Raw(data)) | |
| wrpcap(outputfile, pcap2, linktype=123) # 123 = SUNATM | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment