python-libtrace (plt) is a Python module that allows you to work with packet trace data using WAND's libtrace library,

It's intended to provide a clean, simple, Python-like way of working with libtrace, rather than a simple translation of the libtrace calls from C into Python. For example, for the protocol header decodes, I have generally used the field names from the RFCs, rather than libtrace's names.

python-libtrace provides a class inheritance hierarchy that can simplify programs that work on encapsulated packets. See the Hierarchy page for details.

For libtrace documentation, see the libtrace pages at WAND (above). To help you get started with python-libtrace, I've provided a collection of examples; you can get their source code from the Examples page.

Documentation Index

IPprefix Methods for handling IP addresses and prefixes

IP IPv4 header fields

IPv6 IPv6 header fields

TCP TCP header fields

UDP UDP header fields

ICMP ICMP (v4) packet fields

ICMP6 ICMPv6 packet fields

Internet Classes for accessing IPv4 or IPv6 data from Internet-protocol layer 3 objects

Layers Methods to decode packets in layers, and to return Data objects for
headers (useful for looking at anything other than the 'header' decodes above)

New Objects Methods for creating new objects from parts of existing ones (e.g. for working on encapsulated IPv6 packets), or from strings

Packet Methods for working with Packets

Trace Routines for working with Traces

Filter Routines for creating and using BPF filters

OutputTrace Routines for writing trace files

natkit Network Analysis Toolkit: additional routines for trace analysis

pldns Python ldns: ldns library routines for analysing DNS records

Examples Example python-libtrace programs

Tests Test suite for python-libtrace

Please send bug reports or suggestions for new features to

Nevil Brownlee
Mon, 6 Jan 14 (NZDT)