This is a simple command line application that lets a user obtain information about packets filtered according to any of the TCP header flags. Built with Python (v3.6.9), this can useful tool for network traffic analysis, if used in tandem with other network analysis tools.
The application takes a network traffic file of the .pcap file type as input
The application provides the user with a file named flag_data.txt as output. It contains the following data for every packet in the traffic file containing the requested header flag:
- Source Port : Source port of the packet
- Destination Port : Destination port of the packet
- Source IP Address : Source IP address of the packet
- Destination IP Address : Destination IP address of the packet
- Flags Present : A space separated list of flags present on that particular packet
The following are the files involved in the entire application.
- sample_capture.pcap : Packet capture file from any network
- flag_data.txt : Packet information about the filtered TCP packets
- Clone the repository from here using the following command
git clone https://github.com/Parthiv-M/tcp-flag-filter
- Have Python installed on your system, at least version >= 3.6
- Install the external modules required from the
requirements.txtfile with the following command
pip install -r requirements.txt
Run the command line application with the following commands
python3 tcp_searcher.py
This should get you started with analysing TCP packets based on header flag bits
Parthiv Menon and Dhyan Gandhi worked on this project as part of the Mini-Project for Computer Networking.