Specify timestamp on each packet in Scapy?
With Scapy, when I create a packet and write it to a pcap file, it sets the timestamp of the packet to the current time.
This is my current usage. 1335494712.991895 being the time I created the packet:
>>> a = Ether()/IP(src='1.1.1.1',dst='2.2.2.2')/TCP(sport=1337,dport=31337)
>>> wrpcap('single-tcp-packet.pcap', a)
# tcpdump -tt -r single-tcp-packet.pcap
reading from file single-tcp-packet.pcap, link-type EN10MB (Ethernet)
1335494712.991895 IP 1.1.1.1.menandmice-dns > arennes-651-1-107-2.w2-2.abo.wanadoo.fr.31337: Flags [S], seq 0, win 8192, length 0
How can I specify my own timestamp per packet?
I have seen timestamp mentioned in the docs for setting the TCP timestamp, but it doesn't seem to make a difference to the actual pcap timestamp.
Answer
Ah! Found it.
Simply:
>>> a.time = 1234567890
>>> wrpcap('single-tcp-packet.pcap', a)
# tcpdump -tt -r single-tcp-packet.pcap
reading from file single-tcp-packet.pcap, link-type EN10MB (Ethernet)
1234567890.000000 IP 1.1.1.1.menandmice-dns > arennes-651-1-107-2.w2-2.abo.wanadoo.fr.31337: Flags [S], seq 0, win 8192, length 0