#!/usr/bin/env python
# coding: utf-8
import os
import sys
def mktree(path, prefix = '', width = 4, followlinks = True):
if prefix == '':
if os.path.isdir(path):
print '%s/' % path
else:
print path
entries = os.listdir(path)
amount = len(entries)
dirs = []
files = []
for name in entries:
fullname = os.path.join(path, name)
if os.path.isdir(fullname):
dirs.append(name)
else:
files.append(name)
dirs.sort()
files.sort()
seq = 0
for name in dirs:
if seq < amount - 1:
leadchar = '|'
next_prefix = '%s|%s' % (prefix, ' ' * width)
else:
leadchar = '\\'
next_prefix = '%s %s' % (prefix, ' ' * width)
print '%s%s%s%s/' % (prefix, leadchar, '-' * width, name)
mktree(os.path.join(path, name), next_prefix, width = width)
seq += 1
for name in files:
if seq < amount -1:
leadchar = '|'
else:
leadchar = '\\'
print '%s%s%s%s' % (prefix, leadchar, '-' * width, name)
seq += 1
if __name__ == '__main__':
if len(sys.argv) == 1:
path = os.getcwd()
else:
path = sys.argv[1]
mktree(path, followlinks = False)
Thursday, December 29, 2016
Wednesday, December 21, 2016
Tshark filter GTP packet by user IP and port
Tshark doesn't have built-in support for GTP but we can use offset to capture it.
Here is the example:
tshark -i p1p2 -f "((ip[48:4]==0x0AE0262E) or (ip[52:4]==0x0AE0262E)) and ip[58:2]==0x50" -w a.cap
Following offsets are for reference:
48:4 source IP
52:4 dest IP
56:2 src port
58:2 dst port
I got this from this link:
https://ask.wireshark.org/questions/31649/capture-filters-with-gtp-encapsulated-udp-packets
Here is the example:
tshark -i p1p2 -f "((ip[48:4]==0x0AE0262E) or (ip[52:4]==0x0AE0262E)) and ip[58:2]==0x50" -w a.cap
Following offsets are for reference:
48:4 source IP
52:4 dest IP
56:2 src port
58:2 dst port
I got this from this link:
https://ask.wireshark.org/questions/31649/capture-filters-with-gtp-encapsulated-udp-packets
Subscribe to:
Posts (Atom)