遞增PCAP時間戳值

Question

Scapy有capability修改每個數據包的時間戳，因此我想知道爲什麼可能是通過指定一個起始值來修改PCAP中多個數據包的時間戳的最佳方法。我可以修改數據包，但尚未成功增加微秒值。

例如想修改數據包的時間戳，其中包含一個PCAP：

1360806997.231777 IP 192.168.1.100.50496 > 192.168.1.200.http: S 4211078664:4211078664(0) win 14600 <mss 1460,sackOK,timestamp 199086437 0,nop,wscale 3> 
1360806997.231808 IP 192.168.1.200.http > 192.168.1.100.50496: S 256066681:256066681(0) ack 4211078665 win 14480 <mss 1460,sackOK,timestamp 199086195 199086437,nop,wscale 3> 
1360806997.232034 IP 192.168.1.100.50496 > 192.168.1.200.http: . ack 1 win 1825 <nop,nop,timestamp 199086437 199086195> 
1360806997.232043 IP 192.168.1.100.50496 > 192.168.1.200.http: P 1:19(18) ack 1 win 1825 <nop,nop,timestamp 199086437 199086195> 
1360806997.232063 IP 192.168.1.200.http > 192.168.1.100.50496: . ack 19 win 1810 <nop,nop,timestamp 199086195 199086437> 

以下幾點：

1234567890.000000 IP 192.168.1.100.50496 > 192.168.1.200.http: S 4211078664:4211078664(0) win 14600 <mss 1460,sackOK,timestamp 199086437 0,nop,wscale 3> 
1234567890.000001 IP 192.168.1.200.http > 192.168.1.100.50496: S 256066681:256066681(0) ack 4211078665 win 14480 <mss 1460,sackOK,timestamp 199086195 199086437,nop,wscale 3> 
1234567890.000002 IP 192.168.1.100.50496 > 192.168.1.200.http: . ack 1 win 1825 <nop,nop,timestamp 199086437 199086195> 
1234567890.000003 IP 192.168.1.100.50496 > 192.168.1.200.http: P 1:19(18) ack 1 win 1825 <nop,nop,timestamp 199086437 199086195> 
1234567890.000004 IP 192.168.1.200.http > 192.168.1.100.50496: . ack 19 win 1810 <nop,nop,timestamp 199086195 199086437> 

Answer 1

這似乎工作：

def process_packets(): 
    pkts = rdpcap(infile) 
    cooked=[] 
    timestamp = 1234567890.000000 
    for p in pkts: 
     p.time = timestamp 
     timestamp += 0.000001 
     pmod=p 
     cooked.append(pmod) 
    wrpcap("dump.pcap", cooked) 

代碼將每個數據包的新時間值寫入指定秒的新PCAP並遞增微秒值。如果有更優雅的方法，請讓我知道。