tcpdump Wireshark ,抓报分析脚本

import dpkt,os,sysos.chdir(sys.path[0])f = open('12.cap','rb')pcap = dpkt.pcap.Reader(f)for ts, buf in pcap:    eth = dpkt.ethernet.Ethernet(buf)    ip = eth.data    tcp = ip.data    try:        if tcp.dport==80 and len(tcp.data)>0:            http=dpkt.http.Request(tcp.data)            if http.method=='POST':                print http.headers['host']+http.uri+'\n'+http.body,#,http.headers['user-agent']                print '\n\n'    except:passf.close()