Created
December 2, 2020 16:18
-
-
Save johnbumgarner/9594e36a31bf1e220838160c37bfc7d4 to your computer and use it in GitHub Desktop.
This function is designed to extract specific IPv6 elements from a PCAP packet.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # use with pyshark | |
| def extract_ipv6_information(packet): | |
| """ | |
| This function is designed to extract specific IPv6 elements from a PCAP packet. | |
| :param packet: PCAP packet | |
| :return: | |
| """ | |
| try: | |
| if 'IPV6' in str(packet.layers): | |
| source_address = packet.ipv6.src | |
| destination_address = packet.ipv6.dst | |
| next_header_info = regex.findall(r'(Next Header:)\s(\w.+)\s(\W\d{0,3}\W)', str(packet.layers[1])) | |
| if 'ICMPV6' in str(packet.layers): | |
| icmpv6_type = regex.search(r'(Type:)\s(\w.+)\s(\W\d{0,3}\W)', str(packet.layers[2])) | |
| elif 'TCP' in str(packet.layers): | |
| protocol = packet.transport_layer | |
| source_port = packet[packet.transport_layer].srcport | |
| destination_port = packet[packet.transport_layer].dstport | |
| elif 'UDP' in str(packet.layers): | |
| protocol = packet.transport_layer | |
| source_port = packet[packet.transport_layer].srcport | |
| destination_port = packet[packet.transport_layer].dstport | |
| except AttributeError as e: | |
| # ignore packets that do not contain an IPV6 layer | |
| pass |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment