StackOverflow2013

Note that there are some explanatory texts on larger screens.

plurals

PO
primarykey
Id
8843436
data
AcceptedAnswerId
0
AnswerCount
0
ClosedDate
CommentCount
2
CommunityOwnedDate
CreationDate
2012-01-12T22:41:00.953
FavoriteCount
0
LastActivityDate
2014-07-20T11:28:59.310
LastEditDate
2014-07-20T11:28:59.310
LastEditorUserId
1009037
OwnerUserId
1009037
ParentId
8726881
PostTypeId
2
Score
23
ViewCount
0
LastEditorDisplayName
text
Body
<p>check this example</p> <pre><code>from scapy.all import * from scapy.utils import rdpcap pkts=rdpcap("FileName.pcap") # could be used like this rdpcap("filename",500) fetches first 500 pkts for pkt in pkts: pkt[Ether].src= new_src_mac # i.e new_src_mac="00:11:22:33:44:55" pkt[Ether].dst= new_dst_mac pkt[IP].src= new_src_ip # i.e new_src_ip="255.255.255.255" pkt[IP].dst= new_dst_ip sendp(pkt) #sending packet at layer 2 </code></pre> <p>comments:</p> <ul> <li>use rdpcap,wrpcap scapy methods to read and write from pcap formatted file</li> <li>you can use <code>sniff(offline="filename")</code> to read packets and you may use prn parameter like this <code>sniff(offline="filename",prn=My_Function)</code> in this case My_Functions will be applied to every pkt sniffed</li> <li>the correct way to write your new ip or mac is to consider it as a string ex: <code>ip="1.1.1.1"</code> and so on as illustrated above.</li> <li>in example: sendp method included in for loop which is slower than making other loop to send packets</li> <li>performance tip: in python using for loops is too slow use <a href="http://docs.python.org/library/functions.html#map">map</a> instead if you would like a speed like a for loop in C ,<a href="http://wiki.python.org/moin/PythonSpeed/PerformanceTips#Loops">Ref</a></li> <li>the rdpcap as used above reads the file at once, if the memory available while reading say 1.5 Gb and you are reading a 2,3,.. Gb file it will fail.</li> <li>if the performance issue is critical for you may use <a href="http://www.winpcap.org/docs/docs_412/html/group__wpcap__tut.html">winpcap</a> but you have to write more complex code in C;doing the same task using python/scapy is pretty easy an simple but it is not faster than c</li> <li>it depends which one to use on the level of performance needed </li> <li>if my guess is right you are sending a video stream packets in this case i would use a winpcap if i am sending an 1 mega pixel video or scapy in other cases(lower size per frame)</li> <li>in case of using C/winpcap you will get a great performance in reading pcaps and change the data and resend but you have to be aware of the same problem (large files) you have to create a buffer with a proper size to use it for reading sending the packets in a quite performance</li> <li>if the packet size is constant(which is rare in most cases, i guess) you may have an advantage get the most of your available memory </li> <li>if you want to use python/scapy for the whole "project/program" you may create the high performance functions in C/Wincap and compile as dll then you can import this dll to your python program and you can use it inside a python program. This way you get benefits of wonderful easy python/Scapy and you only write a specific functions in c so you can get your job done faster and your code to be focused and maintainable </li> </ul>
Tags
Title
singulars
PostAcceptedAnswerId
1. This table or related slice is empty.
PostParentId
1. POSending packets from pcap with changed src/dst in scapy
  singulars
  PostTypePostTypeId
  PTQuestion
PostTypePostTypeId
1. PTAnswer
UserLastEditorUserId
1. USAbdurahman
UserOwnerUserId
1. USAbdurahman
plurals
PostLinksPostIdRelatedPostId
1. This table or related slice is empty.
PostLinksRelatedPostIdPostId
1. This table or related slice is empty.
PostsAcceptedAnswerId
1. This table or related slice is empty.
PostsParentIdCreationDate
1. This table or related slice is empty.
VotesPostIdCreationDate
1. VO
  singulars
  PostPostId
  PO
  UserUserId
  This table or related slice is empty.
  VoteTypeVoteTypeId
  VTUpMod
2. VO
  singulars
  PostPostId
  PO
  UserUserId
  This table or related slice is empty.
  VoteTypeVoteTypeId
  VTUpMod
3. VO
  singulars
  PostPostId
  PO
  UserUserId
  This table or related slice is empty.
  VoteTypeVoteTypeId
  VTUpMod
CommentsPostId
1. COThanks for tips, Abdurahman, especially those regarding performance issues! Scapy is a nice tool, but may not be suited for heavy traffic simulation (at least "out of the box").
  singulars
  PostPostId
  PO
  UserUserId
  USJason Bart

Querying!

Guidance

A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.