The corresponding physical location of the IP address simply parses the city

#!/usr/bin/python #-*-coding:utf-8-* import dpkt Import socket import Pygeoip import optparse gi = Pygeoip.
    GeoIP (' GeoLiteCity.dat ') # Query database-related urban information and output Def Printrecord (TGT): rec = gi.record_by_name (TGT) city = rec[' Cities '] # The original code for region = rec[' Region_name '], has been discarded ' region_name ' region = rec[' Region_code '] country = rec[' country_name ' ] longs = rec[' longitude '] lat = rec[' latitude '] print ' [*] Target: ' + TGT + ' geo-located. ' print ' [+] ' +str (city) + ', ' +str (region) + ', ' +str (country) print ' [+] Latitude: ' +str (LAT) + ', Longitude: ' + str ( Longs def printpcap (pcap): # traverse the array for [timestamp, packet] records for (TS, buf) in Pcap:try: # Get Ethernet Section Sub-Data ETH = Dpkt.ethernet.Ethernet (buf) # Get IP layer Data IP = eth.data # to store in Inet_n The IP address in Toa is converted to a string src = Socket.inet_ntoa (ip.src) DST = Socket.inet_ntoa (IP.DST) print
         ' [+] src: ' + src + '--> DST: ' + DST   print ' [+] SRC: ' + retgeostr (src) + '--> DST: ' + retgeostr (DST) Except:pass # returns the physical bit corresponding to the specified IP address Set def retgeostr (IP): Try:rec = Gi.record_by_name (IP) city = rec[' city '] country = rec[' countr
        Y_code3 '] If City!= ': geoloc = city + ', ' + country Else:geoloc = Country return geoloc except Exception, E:return ' unregistered ' def Main (): parser = Optparse. Optionparser (' [*] Usage:./geoprint.py-f <file> ') parser.add_option (' F ', dest= ' fileName ', type= ' string ', help= ' Specify target filename ' (options,args) = Parser.parse_args () filename = options.filename if filename = No
        Ne:print Parser.usage exit (0) else:f = open (fileName) Pcap = Dpkt.pcap.Reader (f)
 Printpcap (pcap) if __name__ = = ' __main__ ': Main ()