如何将捕获的数据包存储在Excel工作表中?
我的项目是关于捕获在客户端的混杂模式的数据包,并在服务器端处理它(在tcp,udp,icmp之间的区别是使用C的代码)。
输出存储在一个txt文件截至目前,但我想将这些数据包保存在一个Excel工作表(在Ubuntu 13.04是LibreOffice Calc)。
我不知道是否有可能做到这一点? 任何人都可以帮助我,如果可能的话,还有如何做到这一点?
edited part 这是我在服务器端处理数据包的方式
FILE *logfile; int infile; struct sockaddr_in source,dest; int tcp=0,udp=0,icmp=0,others=0,igmp=0,total=0,i,j; int main() { int saddr_size,data_size; struct sockaddr saddr; unsigned char *buffer3 = (unsigned char *) malloc(1024); char *fname = "/home/shishira/Desktop/packet_capture/task_agent_processed.txt"; infile=open("info_agent_report.txt",O_RDONLY); if(infile==-1) { perror("cannot open info_agent_report file\n"); return(1); } logfile=fopen("task_agent_processed.txt","w"); if(logfile==NULL) { printf("Unable to create task_agent_processed file."); } printf("\n Starting..\n"); saddr_size = sizeof saddr; do { data_size=read(infile,buffer3,1024); ProcessPacket(buffer3 , data_size); } while(data_size>0); fclose(logfile); close(infile); printf("\n"); printf(" Finished\n\n"); printf("-------------------\n\n"); return 0; } void ProcessPacket(unsigned char* buffer, int size) { //Get the IP Header part of this packet , excluding the ethernet header struct iphdr *iph = (struct iphdr*)(buffer + sizeof(struct ethhdr)); ++total; switch (iph->protocol) //Check the Protocol and do accordingly... { case 1: //ICMP Protocol ++icmp; print_icmp_packet( buffer , size); break; case 2: //IGMP Protocol ++igmp; break; case 6: //TCP Protocol ++tcp; print_tcp_packet(buffer , size); break; case 17: //UDP Protocol ++udp; print_udp_packet(buffer , size); break; default: //Some Other Protocol like ARP etc. ++others; break; } printf(" TCP : %d UDP : %d ICMP : %d Others : %d Total : %d\r", tcp , udp , icmp , others , total); } void print_udp_packet(unsigned char *Buffer , int Size) { unsigned short iphdrlen; struct iphdr *iph = (struct iphdr *)(Buffer + sizeof(struct ethhdr)); iphdrlen = iph->ihl*4; struct udphdr *udph = (struct udphdr*)(Buffer + iphdrlen + sizeof(struct ethhdr)); int header_size = sizeof(struct ethhdr) + iphdrlen + sizeof udph; fprintf(logfile , "\n\n***********************UDP Packet*************************\n"); print_ip_header(Buffer,Size); fprintf(logfile , "\nUDP Header\n"); fprintf(logfile , " |-Source Port : %d\n" , ntohs(udph->source)); fprintf(logfile , " |-Destination Port : %d\n" , ntohs(udph->dest)); fprintf(logfile , " |-UDP Length : %d\n" , ntohs(udph->len)); fprintf(logfile , " |-UDP Checksum : %d\n" , ntohs(udph->check)); fprintf(logfile , "\n"); fprintf(logfile , "IP Header\n"); PrintData(Buffer , iphdrlen); fprintf(logfile , "UDP Header\n"); PrintData(Buffer+iphdrlen , sizeof udph); fprintf(logfile , "Data Payload\n"); //Move the pointer ahead and reduce the size of string PrintData(Buffer + header_size , Size - header_size); fprintf(logfile , "\n###########################################################"); } } }
我刚才在这里包含了udp包。 这里在fprintf语句中,我正在使用打印filehandler为“logfile”的文件中的所有数据包。 我得到的输出是这样看的
This Report is from the Task agent whose IP is 127.0.0.1 ***********************UDP Packet************************* Ethernet Header |-Destination Address : 01-00-5E-00-00-02 |-Source Address : 00-00-0C-07-AC-3B |-Protocol : 8 IP Header |-IP Version : 4 |-IP Header Length : 5 DWORDS or 20 Bytes |-Type Of Service : 192 |-IP Total Length : 48 Bytes(Size of Packet) |-Identification : 0 |-TTL : 1 |-Protocol : 17 |-Checksum : 61927 |-Source IP : 172.16.59.3 |-Destination IP : 224.0.0.2 UDP Header |-Source Port : 1985 |-Destination Port : 1985 |-UDP Length : 28 |-UDP Checksum : 42701 IP Header 01 00 5E 00 00 02 00 00 0C 07 AC 3B 08 00 45 C0 ..^........;..E. 00 30 00 00 .0.. UDP Header 00 00 01 11 F1 E7 AC 10 ........ Data Payload 00 00 10 03 0A 6E 3B 00 63 69 73 63 6F 00 00 00 .....n;.cisco... AC 10 3B 01 00 00 00 00 00 00 00 00 00 00 00 00 ..;............. 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 ...... ###########################################################
我的问题是,而不是写入使用的文本文件
logfile=fopen("task_agent_processed.txt","w");
我可以直接写入一个CSV文件或任何其他格式,自动显示在电子表格中的字段?
如果要将数据存储在可使用Excel或Libre Office打开的文件中,最好的方法是使用CSV文件(请参阅此处 )。 这是一个txt文件,但具有特殊的格式。
请注意Libre Office在读取CSV文件时非常灵活,但是如果您想通过双击(而不是导入选项)方便地在Excel中打开文件,则应该使用分号(不是逗号)作为分隔符。
以.xls或.odt格式书写需要更多的工作。 您将需要一个库,请参阅此主题了解更多信息。