Jun-26-2020, 08:27 PM
(This post was last modified: Jun-26-2020, 08:34 PM by Gribouillis.)
This looks horribly complicated. I may be wrong, but it seems to me that you simply want to sort the packets by their sequence number and then group consecutive packets having the same sequence numbers. Finally, remove the groups with only one packet. This is a common operation and it can be performed by combining the functions
Tell us if this works any better
sorted() and itertools.groupby()Tell us if this works any better
from itertools import groupby
def tcp_seq(p):
return p['TCP'].seq
def groups_by_seq(s):
x = sorted((p for p in s if p.haslayer('TCP')), key=tcp_seq)
y = [(k, list(g)) for k, g in groupby(x, key=tcp_seq)]
return [(seq, group) for seq, group in y if len(group) > 1]
def duplication_pkt_count(s, s_ip, c_ip):
sCount = 0
cCount = 0
for seq, group in groups_by_seq(s):
for p in group:
if p.haslayer(IP):
if (p[IP].src == s_ip):
sCount += 1
if (p[IP].src == c_ip):
cCount += 1
return (sCount, cCount)