python - Pyshark - 从 IPV6 确定协议

我不确定这是否是您问题的正确答案。如果不是，请告诉我，我会修改我的答案。

capture = pyshark.FileCapture(pcap_file)
for packet in capture:
    if hasattr(packet, 'ipv6') and hasattr(packet, 'tcp'):

       source_address = packet.ipv6.src
       source_port = packet[packet.transport_layer].srcport
       print(f'TCP packet -- Source Address: {source_address} -- Source Port: {source_port}')

       destination_address = packet.ipv6.dst
       destination_port = packet[packet.transport_layer].dstport
       print(f'TCP packet -- Destination Address: {destination_address } -- Destination Port: {destination_port }')

    elif hasattr(packet, 'ipv6') and hasattr(packet, 'udp'):
    
       source_address = packet.ipv6.src
       source_port = packet[packet.transport_layer].srcport
       print(f'UDP packet -- Source Address: {source_address} -- Source Port: {source_port}')

       destination_address = packet.ipv6.dst
       destination_port = packet[packet.transport_layer].dstport
       print(f'UDP packet -- Destination Address: {destination_address} -- Destination Port: {destination_port}')

更新：

对于我的回复延迟，我深表歉意。这是一个更新的答案，希望能解决 Ron Maupin 提出的问题。

capture = pyshark.FileCapture(pcap_file)
for packet in capture:
    if "IPV6" in str(packet.layers):
       next_header_info = regex.findall(r'(Next Header:)\s(\w.+)\s(\W\d{0,3}\W)', str(packet.layers[1]))
       print(next_header_info)
       # Output 
       [('Next Header:', 'ICMPv6', '(58)')]
       [('Next Header:', 'ICMPv6', '(58)')]
       [('Next Header:', 'ICMPv6', '(58)')]
       [('Next Header:', 'IPv6 Hop-by-Hop Option', '(0)'), ('Next Header:', 'ICMPv6', '(58)')]
       [('Next Header:', 'ICMPv6', '(58)')]
       [('Next Header:', 'UDP', '(17)')]
       ...truncated