Menu
I have a problem.
How can I get response time difference between GET and HTTP/1.0 200 OK (i mean time latency of web-server) with using of dpkt library and ts for each hostname from pcap file?
My preliminary code:
#!/usr/bin/env python
import dpkt
f = open('mycapture.cap')
pcap = dpkt.pcap.Reader(f)
for ts, buf in pcap:
eth = dpkt.ethernet.Ethernet(buf)
ip = eth.data
tcp = ip.data
if tcp.dport == 80 and len(tcp.data) > 0:
http = dpkt.http.Request(tcp.data)
print ts, http.headers['host']
f.close()
But it's still output timestamps only GET requests.
It's gonna looks like:
tcpdump -i eth0 -w pcapfile; python (command).py pcapfile
google.com 0.488183
facebook.com 0.045466
quora.com 0.032777
598
It seems that you managed to get the first packet of request, now you need to get the first packet of the response... something like:
if tcp.sport == 80 and len(tcp.data) > 0:
# Here you can save the timestamp of the response and calculate the difference
Good luck
61
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
