Is it possible to parse QUIC traffic using Scapy in Python. If so, then how?

Question

I have a .pcap file with all QUIC traffic captured through Wireshark. I am wondering how to parse the QUIC traffic.

Simeon · Answer 1 · 2021-01-14T05:37:59.393

I'm assuming your QUIC traffic is a .pcap file. I don't recommend Scapy. To parse the traffic, you can use the python library called "pyshark" which is simply a wrapper of Wireshark. The code you're looking for would then look something like this:

import pyshark

pcap_data = pyshark.FileCapture('QUIC_TRAFFIC.pcap')

for packet in pcap_data:
    print(f'Index: {packet.number}')
    print(f'Timestamp: {packet.sniff_time}')
    print(f'Bytes: {packet.length}')
    print(f'Layers: {packet.layers}')

    for layer in packet:
        if layer.layer_name == 'quic':
            ...

Packet documentation of each parameter:
https://www.kite.com/python/docs/pyshark.packet.packet.Packet

Layer documentation of each parameter:
https://www.kite.com/python/docs/pyshark.packet.layer.Layer

Wireshark list of parameters:
https://www.wireshark.org/docs/dfref/q/quic.html https://github.com/wireshark/wireshark/blob/master/epan/dissectors/packet-quic.c

This is my first answer on StackOverflow, if it helped, please give a vote! :)

Is it possible to parse QUIC traffic using Scapy in Python. If so, then how?

1 Answers1