python network packet analyising using dpkt

Question

I'm trying to analyze a SCTP *.pcap file captured by tcpdump using dpkt library in python.

I'm able to get SCTP common header, chunk header. After the chunk header, I'm getting a chunk.data which can't be parsed using the library. (i went through the source code).

However I need only the 1st 4 bytes of that chunk.data. The type of the chunk.data is string. So I thought, if I can get 1st 4 characters, I can get the 1st 4 bytes (since size of a character is 1 byte). After that I need to convert those 4 bytes to host byte order using socket.ntohl(). But 1st I need to convert the 4 character string to an unsigned integer to be given as input to the socket.ntohl() function which I don't know how to do.

I tried taking the ascii code.

data=chunk.data
x=data[:4]
i= ntohl(int(''.join(str(ord(c)) for c in x)))

It's showing an error:

i= ntohl(int(''.join(str(ord(c)) for c in x)))
OverflowError: long int too large to convert

I tried by taking x="efgh". But the ascii value will not generate a 4 byte unsigned integer. (101102103104 > 4294967295) So I think ascii value is not the correct one to use here.

Can anyone tell me what to do?

Answer 1

Thanks to @BSH for this answer.

I added

from struct import unpack

and for my required output, this works fine for me.

i=ntohl(unpack('<I',chunk.data[:4])[0])

struct.unpack is used for interpreting string as packed binary data.