Example Programs
Some simple programs that demonstrate how to use python-libtrace.
Notes
Source Code
Python source code for all these example programs is supplied in the
distribution's doc/examples directory, together with a few example
trace files that they read.
Click on the links below to reach the sources.
Python support code for the example programs
plt_testing.py
A collection of handy functions used in these example
programs for things like opening trace files and
displaying the contents of python-libtrace objects.
Programs that read and display trace files
IP.py,
ip6.py,
udp.py,
tcp.py,
icmp.py,
icmp6.py.
Demonstrate libtrace's protocol header decodes.
plt-test.py.
Demonstrates packet-level attributes, e.g. ethertype and times.
layers.py
Demonstrates decoding of packets as a series of
protocol layers,
and looking at the data in each layer.
arp-anon.py
Reads a trace file, changes 'source' and 'target' IP addresses
in ARP records.
Demonstrates using class set
methods to change
fields within a Packet
Programs that decapsulate parts of a packet
encap-pkt.py,
encap-pkt.py.
Creates new objects from various parts of IPv4/IPv6 packets,
and compares those with their original forms.
Programs that write trace files
copy-first-n.py
Copies the first n records from one trace to another
arp-anon.py
Reads a trace file, changes 'source' and 'target' IP addresses
in ARP records.
Demonstrates using class set
methods to change
fields within a Packet
sw-filter.py
Looks through a trace for UDP records with source or destination port
53, i.e. DNS records. Displays their UDP and UDP payload data.
bpf-filter.py
Same as sw-filter.py, but uses a bpf filter 'udp port 53'.
Also demonstrates how to get and print libtrace errors.
change-filter.py
Same as bpf-filter.py, but demonstrates how to
catch plt_exc_libtrace
exceptions, and how to change a Trace's bpf filter part-way through
the trace.
Also demonstrates working with the payload from UDP and TCP packets.
Nevil Brownlee
Thu, 15 Mar 14 (PDT)