Apr-02-2020, 10:02 PM
I developed this code to extract all protocols (transport and application) from a pcap file:
load_layer('http') load_layer('tls') load_contrib("modbus") def find_proto(s): def expand(x): yield x.name while x.payload: x = x.payload yield x.name if s[0]: proto = list(expand(s[0])) sProto = ["HTTP", "DNS", "ModbusADU", "TLS", "TCP", "UDP", "FTP-DATA", "Raw"] for p in sProto: if p in proto: return p return "Unknown"Here I limited the extract to "HTTP", "DNS", "ModbusADU", "TLS", "TCP", "UDP", "FTP-DATA", "Raw" but if I want to extract all the protocol like in wireshark