def process(self,data,metadata=None): """ Pre-process the data for all other network scanners """ try: ## We may only scan network related filesystems like ## pcapfs. link_type = self.fd.link_type except: return ## We try to get previously set proto_tree. We store it in ## a metadata structure so that scanners that follow us ## can reuse it. This ensure we do not un-necessarily ## dissect each packet. self.packet_id = self.fd.tell()-1 self.packet_offset = self.fd.packet_offset metadata['mime'] = "text/packet" try: self.proto_tree = metadata['proto_tree'][self.packet_id] except KeyError,e: ## Now dissect it. self.proto_tree = dissect.dissector(data, link_type, self.packet_id, self.packet_offset) ## Store it for the future metadata['proto_tree']={ self.packet_id: self.proto_tree }
def process(self, data, metadata=None): """ Pre-process the data for all other network scanners """ try: ## We may only scan network related filesystems like ## pcapfs. link_type = self.fd.link_type except: return ## We try to get previously set proto_tree. We store it in ## a metadata structure so that scanners that follow us ## can reuse it. This ensure we do not un-necessarily ## dissect each packet. self.packet_id = self.fd.tell() - 1 self.packet_offset = self.fd.packet_offset metadata['mime'] = "text/packet" try: self.proto_tree = metadata['proto_tree'][self.packet_id] except KeyError, e: ## Now dissect it. self.proto_tree = dissect.dissector(data, link_type, self.packet_id, self.packet_offset) ## Store it for the future metadata['proto_tree'] = {self.packet_id: self.proto_tree}
import DB import _dissect import dissect filename = "/var/tmp/demo/stdcapture_0.2.pcap" fd = open(filename) dbh = DB.DBO("demo") dbh.execute("select * from pcap where id=8") row = dbh.fetch() fd.seek(row['offset']) data = fd.read(row['length']) root = dissect.dissector(data, row['link_type'], 1) print "%r" % root["tcp.seq"] ## Now we try to print the tree recursively def print_leaf(name, node): try: fields = _dissect.list_fields(node) print "Node %s" % name for field in fields: print field print_leaf("%s.%s" % (_dissect.get_name(node), field), _dissect.get_field(node, field)) except: print "%s = %r" % (name, node)
import DB import _dissect import dissect filename = "/var/tmp/demo/stdcapture_0.2.pcap" fd=open(filename) dbh = DB.DBO("demo") dbh.execute("select * from pcap where id=8") row = dbh.fetch() fd.seek(row['offset']) data = fd.read(row['length']) root=dissect.dissector(data, row['link_type'],1) print "%r" % root["tcp.seq"] ## Now we try to print the tree recursively def print_leaf(name,node): try: fields = _dissect.list_fields(node) print "Node %s" % name for field in fields: print field print_leaf("%s.%s" % (_dissect.get_name(node),field), _dissect.get_field(node, field)) except: print "%s = %r" % (name,node)