PyShark Tools

pcapkit.toolkit.pyshark contains all you need for pcapkit handy usage with PyShark engine. All reforming functions returns with a flag to indicate if usable for its caller.

pcapkit.toolkit.pyshark.packet2dict(packet)[source]

Convert PyShark packet into dict.

Parameters

packet (pyshark.packet.packet.Packet) – Scapy packet.

Returns

A dict mapping of packet data.

Return type

Dict[str, Any]

pcapkit.toolkit.pyshark.tcp_traceflow(packet)[source]

Trace packet flow for TCP.

Parameters

packet (pyshark.packet.packet.Packet) – Scapy packet.

Returns

A tuple of data for TCP reassembly.

  • If the packet can be used for TCP flow tracing. A packet can be reassembled if it contains TCP layer.

  • If the packet can be reassembled, then the dict mapping of data for TCP flow tracing (trace.packet) will be returned; otherwise, returns None.

Return type

Tuple[bool, Dict[str, Any]]

See also

TraceFlow