Python3 scapy/kamene 极慢
Python3 scapy/kamene extremely slow
我试图使用 Pcap.net 进行一些 PCAP 文件分析,这花了大约五秒钟来遍历 1GB pcap 文件中的所有可用数据包。
我现在正尝试在 Python3 上使用 Scapy,无论出于何种原因,它被称为 Kamene,但它确实需要永远解析文件,并且 CPU activity 命中100%,所以我显然做错了什么。这是代码:
from kamene.all import *
packetCount = 0
with PcapReader("C:\Testing\pcap\maccdc2012_00000.pcap") as reader:
for packet in reader:
packetCount += 1
print(packetCount)
当 运行 时,我得到:
WARNING: No route found for IPv6 destination :: (no default route?).
This affects only IPv6
<UNIVERSAL><class 'kamene.asn1.asn1.ASN1_Class_metaclass'>
那条 UNIVERSAL 消息被一遍又一遍地重复,运行 五分钟后,我放弃了。有谁知道发生了什么事?我是不是傻了?
我已经在 Ubuntu 和 Visual Studio 的 Windows 上试过了(都是虚拟化的)
首先,我没有使用 Scapy :/
来自 https://scapy.net
An independent fork of Scapy was created from v2.2.0 in 2015, aimed at
supporting only Python3 (scapy3k). The fork diverged, did not follow
evolutions and fixes, and has had its own life without contributions
back to Scapy. Unfortunately, it has been packaged as python3-scapy in
some distributions, and as scapy-python3 on PyPI leading to confusion
amongst users. It should not be the case anymore soon. Scapy supports
Python3 in addition to Python2 since 2.4.0. Scapy v2.4.0 should be
favored as the official Scapy code base. The fork has been renamed as
kamene.
卸载 kamene,pip install scapy 或 pip3 install scapy(或从 github 获取)可能会有帮助。
完成后,您将找到有关如何从 2.4.4 开始加速 Scapy 的提示in the Performance section of the doc
话虽如此,Scapy 并不是为支持大量数据而设计的(而是旨在易于实现)。无论如何,处理 1GB 可能需要一些时间:/(此外,Python 在数据包解析等问题上比其他语言 (C) 慢。您可能永远无法与 Python 中的 Wireshark 速度相媲美)
我试图使用 Pcap.net 进行一些 PCAP 文件分析,这花了大约五秒钟来遍历 1GB pcap 文件中的所有可用数据包。
我现在正尝试在 Python3 上使用 Scapy,无论出于何种原因,它被称为 Kamene,但它确实需要永远解析文件,并且 CPU activity 命中100%,所以我显然做错了什么。这是代码:
from kamene.all import *
packetCount = 0
with PcapReader("C:\Testing\pcap\maccdc2012_00000.pcap") as reader:
for packet in reader:
packetCount += 1
print(packetCount)
当 运行 时,我得到:
WARNING: No route found for IPv6 destination :: (no default route?).
This affects only IPv6
<UNIVERSAL><class 'kamene.asn1.asn1.ASN1_Class_metaclass'>
那条 UNIVERSAL 消息被一遍又一遍地重复,运行 五分钟后,我放弃了。有谁知道发生了什么事?我是不是傻了?
我已经在 Ubuntu 和 Visual Studio 的 Windows 上试过了(都是虚拟化的)
首先,我没有使用 Scapy :/ 来自 https://scapy.net
An independent fork of Scapy was created from v2.2.0 in 2015, aimed at supporting only Python3 (scapy3k). The fork diverged, did not follow evolutions and fixes, and has had its own life without contributions back to Scapy. Unfortunately, it has been packaged as python3-scapy in some distributions, and as scapy-python3 on PyPI leading to confusion amongst users. It should not be the case anymore soon. Scapy supports Python3 in addition to Python2 since 2.4.0. Scapy v2.4.0 should be favored as the official Scapy code base. The fork has been renamed as kamene.
卸载 kamene,pip install scapy 或 pip3 install scapy(或从 github 获取)可能会有帮助。
完成后,您将找到有关如何从 2.4.4 开始加速 Scapy 的提示in the Performance section of the doc
话虽如此,Scapy 并不是为支持大量数据而设计的(而是旨在易于实现)。无论如何,处理 1GB 可能需要一些时间:/(此外,Python 在数据包解析等问题上比其他语言 (C) 慢。您可能永远无法与 Python 中的 Wireshark 速度相媲美)