Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

https://github.com/intake/intake-pcap


https://github.com/intake/intake-pcap

Last synced: 9 months ago
JSON representation

Awesome Lists containing this project

README 

          
# Intake PCAP Plugin



[![Build Status](https://travis-ci.org/ContinuumIO/intake-pcap.svg?branch=master)](https://travis-ci.org/ContinuumIO/intake-pcap)

[![Documentation Status](https://readthedocs.org/projects/intake-pcap/badge/?version=latest)](http://intake-pcap.readthedocs.io/en/latest/?badge=latest)



This plugin is for the [Intake data loader library](http://intake.readthedocs.io/en/latest/).



### Installation



While `requirements.txt` contains the package dependencies, we currently need to

install a mixture of conda and pip packages. The install instructions are:



```

conda install -c intake intake

conda install libpcap

pip install pcapy

python setup.py develop

```



### Examples



To bootstrap a sample PCAP file, run the following given your local network

interface (macOS is `en0`, Linux is `eth0`) and a sample size of packets:



```

sudo python examples/dump-live.py examples/local.pcap en0 100

```



NOTE: If you output to `examples/local.pcap`, the provided catalog,

`sample.yml`, will be able to read this.



To read a live stream, run the following with an optional protocol filter

(valid values are `tcp`, `udp`, `icmp`, and `igmp`):



```

sudo python examples/read-live.py INTERFACE [PROTOCOL]

```



To read a local PCAP file, run the following with an optional protocol filter

(valid values are `tcp`, `udp`, `icmp`, and `igmp`):



```

sudo python examples/read-pcap.py PATH [PROTOCOL]

```



To read a catalog source, run the following with a valid name (`local` reads

PCAP file, `raw_live` reads Ethernet packets from default macOS network,

`udp_live` reads UDP packets from default macOS network):



```

sudo python examples/read-source.py examples/sample.yml NAME

```