Path: csiph.com!v102.xanadu-bbs.net!xanadu-bbs.net!feeder.erje.net!us.feeder.erje.net!newsfeed.straub-nv.de!newsreader4.netcologne.de!news.netcologne.de!newsfeed.freenet.ag!news2.euro.net!newsgate.cistron.nl!newsgate.news.xs4all.nl!post.news.xs4all.nl!not-for-mail Return-Path: X-Original-To: python-list@python.org Delivered-To: python-list@mail.python.org X-Spam-Status: OK 0.028 X-Spam-Evidence: '*H*': 0.94; '*S*': 0.00; 'output': 0.04; 'subject:file': 0.07; 'python': 0.09; 'https': 0.09; 'pairs': 0.16; 'to:name:python-list@python.org': 0.20; 'http': 0.22; 'parse': 0.22; 'help.': 0.22; 'kevin': 0.23; 'script': 0.24; 'message-id:@mail.gmail.com': 0.27; 'run': 0.28; 'file': 0.32; 'extract': 0.33; 'to:addr:python-list': 0.33; 'received:google.com': 0.34; 'thanks': 0.34; 'received:209.85': 0.35; 'there': 0.35; 'but': 0.36; 'why': 0.37; 'received:209': 0.37; 'some': 0.38; 'instead': 0.39; 'to:addr:python.org': 0.39; 'your': 0.60; 'traffic': 0.61; 'hoping': 0.72; 'illustrated': 0.84 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:x-received:date:message-id:subject:from:to :content-type; bh=sW+SnrVBTdoiT/jzPqL3uwpgh03fPFoH+z8MudYNFWY=; b=vZpyaAAplX951Ic6y+5pEyMeGlhv7eI7Ou4FDmBKzgcOdN41mRQ5N44r6ByfWeucoo 0gaB1oHFu0D9jmucALr+I2hagLaphVTLz42f1kK92uiW8mEUtB5sPpvaWaAg50yM0cpm 8iAabBX+DZsZnIlqQYPM8PL/76sn/w/rNETNw+JsFgnusDJkY62BEssxJHTyEB3lOJGV a23YrETrjf0AYD0LVRk5leErzht+1mBXpA0g5tA5Z8Se78ME2r//gi+1qeEmlF+22sxn R/ObfF8E+PmFI2mUXiANGmQnOD+qHk+UmmFdgSXaN8RzRtraAcctgBWTDUu/cG2qRtIN dz0w== MIME-Version: 1.0 X-Received: by 10.152.125.237 with SMTP id mt13mr23269676lab.45.1358904720322; Tue, 22 Jan 2013 17:32:00 -0800 (PST) Date: Tue, 22 Jan 2013 20:32:00 -0500 Subject: Parse a Wireshark pcap file From: Kevin Holleran To: "python-list@python.org" Content-Type: multipart/alternative; boundary=f46d04426ccc23718b04d3eaa9a3 X-BeenThere: python-list@python.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: General discussion list for the Python programming language List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Newsgroups: comp.lang.python Message-ID: Lines: 26 NNTP-Posting-Host: 2001:888:2000:d::a6 X-Trace: 1358904722 news.xs4all.nl 6978 [2001:888:2000:d::a6]:57503 X-Complaints-To: abuse@xs4all.nl Xref: csiph.com comp.lang.python:37393 --f46d04426ccc23718b04d3eaa9a3 Content-Type: text/plain; charset=ISO-8859-1 Is there a way to parse out a wireshark pcap file and extract key value pairs from the data? I am illustrated a sniff of some traffic and why it needs utilize HTTPS instead of HTTP but I was hoping to run the pcap through a python script and just output some interesting key value pairs.... Thanks for your help. Kevin --f46d04426ccc23718b04d3eaa9a3 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable
Is there a way to parse out a wireshark pcap file and extr= act key value pairs from the data? =A0I am illustrated a sniff of some traf= fic and why it needs utilize HTTPS instead of HTTP but I was hoping to run = the pcap through a python script and just output some interesting key value= pairs....=A0

Thanks for your help.

Kevin
--f46d04426ccc23718b04d3eaa9a3--