haykuro/pcap_to_json.py

## pcap_to_json.py
import logging
logging.getLogger("scapy.runtime").setLevel(logging.ERROR)
from scapy.all import  *
from json import dumps
from sys import argv

if len(argv) < 2:
  print 'Usage:\n\t%s <your.pcap>' % (argv[0])
  exit(0)

packet_data = rdpcap(argv[1])

formatted_objs = []

for packet in packet_data:
  packet_obj = {}
  if Raw in packet:
    packet_obj['load'] = packet[Raw].load
  if IP in packet:
    packet_obj['source_addr'] = packet[IP].src
    packet_obj['dest_addr'] = packet[IP].dst
  if TCP in packet:
    packet_obj['source_port'] = packet[TCP].sport
    packet_obj['dest_port'] = packet[TCP].dport
  formatted_objs.append(packet_obj)

print dumps(formatted_objs)
	import logging
	logging.getLogger("scapy.runtime").setLevel(logging.ERROR)
	from scapy.all import *
	from json import dumps
	from sys import argv

	if len(argv) < 2:
	print 'Usage:\n\t%s <your.pcap>' % (argv[0])
	exit(0)

	packet_data = rdpcap(argv[1])

	formatted_objs = []

	for packet in packet_data:
	packet_obj = {}
	if Raw in packet:
	packet_obj['load'] = packet[Raw].load
	if IP in packet:
	packet_obj['source_addr'] = packet[IP].src
	packet_obj['dest_addr'] = packet[IP].dst
	if TCP in packet:
	packet_obj['source_port'] = packet[TCP].sport
	packet_obj['dest_port'] = packet[TCP].dport
	formatted_objs.append(packet_obj)

	print dumps(formatted_objs)