I have a couple of pcap files that I've created with vmnet-sniffer and with tcpdump. The files are from packets being sent in and out of a virtual machine. I'm reading the pcap files in with scapy and trying to find the inter arrival times between packets, but I can't get any resolutions higher than microseconds. Is there anyway for scapy to give better/more precise information?
My code:
a = rdpcap("test.pcap")
for A in a:
print A.header
>>> a = rdpcap('/tmp/tmp.pcap')
>>> for A in a:
... print('%.6f' % A.time)
...
1429659651.461177
1429659651.461444
1429659651.461520
1429659651.461972
1429659651.462230
1429659651.465091
1429659651.465319
1429659651.465838
1429659651.466115
1429659651.466379
6 decimal places was arbitrary in the above example. The precision is much higher (with the pcap file generated on my machine at least):
>>> for A in a:
... print('%.30f' % A.time)
...
1429659651.461177110671997070312500000000
1429659651.461443901062011718750000000000
1429659651.461519956588745117187500000000
1429659651.461971998214721679687500000000
1429659651.462229967117309570312500000000
1429659651.465090990066528320312500000000
1429659651.465318918228149414062500000000
1429659651.465837955474853515625000000000
1429659651.466114997863769531250000000000
1429659651.466378927230834960937500000000