wltrace.common module

Common interfaces.

class wltrace.common.GenericHeader(fh, *args, **kwargs)[source]

Bases: object

Base class for general header structure.

This can be a file header, section header (peek-tagged), per-packet header (pcap).

Parameters:fh (file object) – the file handle, which internal pointer points to the start of the header.
FIELDS = None

A list of string representing name of each field in the header, in the order they appear in the PACK_PATTERN format.

It is important that the order of the filed names correspond strictly with the order they appear in the header format. If the header has dummy fields, such as padding bytes, you will have to also name them, although you can use the same name for multiple dummy fields.

PACK_PATTERN = None

struct format string used to decode the header bytes.

unpack(fmt)[source]
class wltrace.common.PhyInfo(*args, **kwargs)[source]

Bases: object

Packet PHY layer information.

PHY information is usually provided in the format of physical layer header, such as Radiotap. PHY information includes:

  • signal (int): received RSSI in dBm.
  • noise (int): noise level in dBm.
  • freq_mhz (int): channel central frequency (MHz)
  • has_fcs (bool)
  • fcs_error (bool): True if this packet fails the FCS check.
  • epoch_ts (float): POSIX timestamp of the first bit of this packet
  • end_epoc_ts (float): POSIX timestamp of the last bit of this packet
  • rate (float): packet modulation rate (Mbps)
  • mcs (int): MCS index (http://mcsindex.com/)
  • len (int): packet original length in bytes, including 4 FCS bytes.
  • caplen (int): actually stored bytes, probably smaller than len.
  • mactime (int): MAC layer TSF counter.
  • ampdu_ref (int): AMPDU reference number.
  • last_frame (bool): True if this packet was the last packet in the AMPDU.
class wltrace.common.WlTrace(path, *args, **kwargs)[source]

Bases: object

Base class that represents a (wireless) packet trace.

A packet trace is nothing but a sequence of packets. Therefore, the main interface of this object is to yield packet in order. In fact, the object itself is an iterator, which means the packets can only be accessed once in sequence. This is suffice for most purpose, and also reduces memory consumption. Users can always store the packets outside this object if needed.

Parameters:path (str) – the path of the packet trace file.

Example

This is how WlTrace is supposed to be used:

cap = WlTrace('path/to/packet/trace.pcap')
for pkt in cap:
  print pkt.counter
next()[source]

Iteration function.

Note that it is possible to yield dangling ack packets as well, so user can detect if the sniffer missed the previous packet.

peek()[source]

Get the current packet without consuming it.