From e3411f7f989530b2ed1317ac2557f52418db627a Mon Sep 17 00:00:00 2001
From: ChillerDragon <ChillerDragon@gmail.com>
Date: Sun, 9 Apr 2023 17:02:35 +0200
Subject: [PATCH] Add pcap printer example

---
 examples/print_pcap_files/README.md           | 79 +++++++++++++++++++
 examples/print_pcap_files/print_pcap_files.py | 28 +++++++
 2 files changed, 107 insertions(+)
 create mode 100644 examples/print_pcap_files/README.md
 create mode 100755 examples/print_pcap_files/print_pcap_files.py

diff --git a/examples/print_pcap_files/README.md b/examples/print_pcap_files/README.md
new file mode 100644
index 0000000..c3f6bf9
--- /dev/null
+++ b/examples/print_pcap_files/README.md
@@ -0,0 +1,79 @@
+# print_pcap_files.py
+
+This example reads a network capture file generated by
+``tcpdump`` and prints out all teeworlds message names
+
+## Setup
+
+You need ``tcpdump`` installed or a .pcap file with teeworlds traffic.
+And the python library ``dpkt``
+
+You can record traffic like this if you have a teeworlds server running on your machine.
+
+```
+tcpdump -i lo -w teeworlds.pcap "port 8303"
+```
+
+Then you also need the python libs
+
+```
+pip install twnet_parser
+pip install dpkt
+```
+
+And then you can run the example like this:
+
+```
+$ ./print_pcap_files.py teeworlds.pcap
+token
+token
+connect
+accept
+info
+map_change
+ready
+sv_motd, sv_server_settings, con_ready
+token
+token
+cl_start_info
+sv_vote_clear_options, sv_tune_params, sv_ready_to_enter
+enter_game
+server_info
+sv_weapon_pickup, sv_client_info, snap_single
+snap_single
+snap_single
+input
+input_timing, snap_empty
+input
+input_timing, snap_empty
+input
+input_timing, snap_empty
+input
+input_timing, snap_empty
+snap_empty
+input
+input_timing, snap_empty
+input
+input_timing, snap_empty
+input
+input_timing, snap_empty
+input
+input_timing, snap_empty
+input
+input_timing, snap_empty
+input
+input_timing, snap_empty
+input
+input_timing, snap_empty
+snap_empty
+input
+input_timing, snap_empty
+input
+input_timing, snap_empty
+input
+input_timing, snap_empty
+input
+input_timing, snap_empty
+input
+close
+```
\ No newline at end of file
diff --git a/examples/print_pcap_files/print_pcap_files.py b/examples/print_pcap_files/print_pcap_files.py
new file mode 100755
index 0000000..b37af45
--- /dev/null
+++ b/examples/print_pcap_files/print_pcap_files.py
@@ -0,0 +1,28 @@
+#!/usr/bin/env python
+
+import sys
+
+import dpkt
+import twnet_parser.packet
+
+def print_tw_packets(pcap):
+    for _ts, buf in pcap:
+        eth = dpkt.ethernet.Ethernet(buf)
+        ip = eth.data
+        if not isinstance(ip.data, dpkt.udp.UDP):
+            continue
+        udp_payload = ip.data.data
+        try:
+            packet = twnet_parser.packet.parse7(udp_payload)
+        except:
+            continue
+        names = [msg.message_name for msg in packet.messages]
+        print(', '.join(names))
+
+if len(sys.argv) < 2:
+    print(f'usage: {sys.argv[0]} <pcap file>')
+    exit(1)
+
+with open(sys.argv[1], 'rb') as f:
+    pcap = dpkt.pcap.Reader(f)
+    print_tw_packets(pcap)