I'm parsing a PCAP file and I need to extract TCP flags (SYN, ACK, PSH, URG, ...).
I'm using the packet['TCP'].flags
value to obtain all the flags at once.
pkts = PcapReader(infile)
for p in pkts:
F = bin(p['TCP'].flags)
print F, bin(F), p.summary()
# manual flags extraction from F
Is there a way to obtain a single TCP flag without manually extract it from packet['TCP'].flags
value?
Normally, the usual way to handle FLAGS is with a bitmap and bitwise operators. If your
Packet
class doesn't have specific method to test for flags, the best thing you can do IMHO is to:And test them like this:
Sadly, python doesn't have a
switch
statement to make this more elegant but it doesn't really matter much.Hope this helps!