'How to process packet captures with Python's dpkt module

I am trying to write a python program to parse packet capture using dpkt module. I have used it on packet captures that had Ethernet and tcpdump captures and it worked fine. However, my current packet capture is raw packet capture that directly has IP header and subsequent protocols and it seems like dpkt is not able to understand these captures. Picture of capture file is attached. enter image description here

The code I had was 

f = open(ipfile, 'rb')

pcap = dpkt.pcap.Reader(f)

for ts,buf in pcap:
    eth = dpkt.ethernet.Ethernet(buf) //Also tried with eth = dpkt.sll.SLL(buf), but no luck.
    ip = eth.data
    tcp = ip.data

Any ideas on how to parse such captures?

Thanks !!

pythondpkt


Solution 1:[1]

I had the same issue with CAIDA pcap. Try

ip = dpkt.ethernet.Ethernet(buf)

Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source
Solution 1 General Grievance

Related Questions

Selenium-Python: How do I make my WebDriverWait a few seconds before reloading a page?

Selenium-Python: How do I make my WebDriverWait a few seconds before reloading a page?

pip issue installing almost any library

pip issue installing almost any library

pip issue installing almost any library

Selenium-Python: How do I make my WebDriverWait a few seconds before reloading a page?

Selenium-Python: How do I make my WebDriverWait a few seconds before reloading a page?

A simple SMTP server (in Python)

How to specify which pytorch to import, if I have two different versions installed?

How to specify which pytorch to import, if I have two different versions installed?

A simple SMTP server (in Python)

Python: get all months in range?

Python: get all months in range?

Python: get all months in range?

How to specify which pytorch to import, if I have two different versions installed?