I have some software that can emulate things like BER and delays on the network. I need a way to test the BER module of the software to make sure it actually works correctly. My solution is to create a program that sends out raw Ethernet frames with the type field set to an unused type. Inside the Ethernet frame is just random bits. For each frame sent out I need to log the frame to a pcap
file. On the other side of the network link will be a receiving application that simply writes every packet it sees to its own pcap
log. After the test is done running the two pcap logs will be compared to get the BER.
I'm using the python module Scapy
and so far its done everything that I need. I can send out raw Ethernet frames with random data and see them in Wireshark. However, I don't know how to get the wrpcap()
method to append to the pcap file, instead of overwriting. I know I can write a list of packets to wrpcap
, but this application needs to be able to run for an indefinite amount of time and I don't want to have to wait until the application quits to write all of packets sent to the hard drive. As that would be a lot to store in memory, and if something happened I would have to start the test all over from scratch.
My question is: How do I append to a pcap
file using scapy
instead of overwriting the pcap
file? Is it even possible? If not then what module can do what I need?
While looking for something with Scapy
's capabilities I ran into dpkt
, but I didn't find a lot of documentation for it. Can dpkt
do what I'm asking and if so where can I get some good documentation for it?
append
parameter: scapy utils @ github. Note that you need to populate pkt variable withpkt=rdpcap(pcap_file)
, for example. – Breastbeating