Add switch to extract_packets.py to extract only the layer payload

This allows, for example, to extract from a CoAP capture the payload of inet.UDP to obtain the CoAP messages. Tested with: ``` wget https://gitlab.com/wireshark/wireshark/-/wikis/uploads/__moin_import__/attachments/SampleCaptures/coap-cbor.pcap extract_packets.py --payload inet.UDP coap-cbor.pcap samples/ rflx validate -v samples/ specs/coap.rflx CoAP::CoAP_Message ``` Ref. None
AdaCore · Oct 28, 2024 · a603ffa · a603ffa
1 parent e2905c5
commit a603ffa
Showing 1 changed file with 9 additions and 0 deletions.
diff --git a/tools/extract_packets.py b/tools/extract_packets.py
@@ -53,6 +53,13 @@ def main(argv: Sequence[str]) -> bool | str:
         version=" ".join(available_layers),
         help="show list of all available Scapy layers",
     )
+    arg_parser.add_argument(
+        "-p",
+        "--payload",
+        required=False,
+        action="store_true",
+        help="extract payload of the layer instead of the whole layer",
+    )
     arg_parser.add_argument(
         "layer",
         metavar="LAYER",
@@ -88,6 +95,8 @@ def main(argv: Sequence[str]) -> bool | str:
     for i, pkt in enumerate(pkts):
         if pkt.haslayer(layer):
             p = pkt.getlayer(layer)
+            if args.payload:
+                p = p.payload
             prefix = args.pcap.stem.replace(" ", "_")
             number = str(i).zfill(ceil(log(len(pkts)) / log(10)))
             filename = args.output / f"{prefix}_{number}.raw"