Parse doom.py

From Cmsc734_08
Jump to: navigation, search
#!/usr/bin/python

# use me by going: tcpdump -nr dump.pcap | ./parse_doom.py

import sys

for line in sys.stdin:

		out = []
		arr = line.split(" ")

		current = None # the time of the current packet
		last = None # the time of the last packet

		try:
			current = float(arr[0].split(":")[-1])
			
			if last is not None:
				time.sleep(current - last)

			out.append(".".join(arr[2].split('.')[0:-1])) # source ip
			out.append(".".join(arr[4].split('.')[0:-1])) # destination ip
			out.append((arr[4].split('.')[-1])[0:-1]) # destination port

			print " ".join(out)
			last = current

		except:
			# an error occurred parsing this line
			sys.stderr.write( line )