class HttpConn:
"""all data having same source/dest ip/port in one http connection."""
STATUS_BEGIN = 0
STATUS_RUNNING = 1
STATUS_CLOSED = 2
STATUS_ERROR = -1
def __init__(self, tcp_pac, outputfile):
self.source_ip = tcp_pac.source
self.source_port = tcp_pac.source_port
self.dest_ip = tcp_pac.dest
self.dest_port = tcp_pac.dest_port
self.status = HttpConn.STATUS_BEGIN
self.out = outputfile
# start parser thread
self.http_parser = HttpParser((self.source_ip, self.source_port),
(self.dest_ip, self.dest_port), parse_config)
self.append(tcp_pac)
def append(self, tcp_pac):
if len(tcp_pac.body) == 0:
return
if self.status == HttpConn.STATUS_ERROR or self.status == HttpConn.STATUS_CLOSED:
# not http conn or conn already closed.
return
if self.status == HttpConn.STATUS_BEGIN:
if tcp_pac.body:
if textutils.ishttprequest(tcp_pac.body):
self.status = HttpConn.STATUS_RUNNING
if tcp_pac.pac_type == -1:
# end of connection
if self.status == HttpConn.STATUS_RUNNING:
self.status = HttpConn.STATUS_CLOSED
else:
self.status = HttpConn.STATUS_ERROR
if tcp_pac.source == self.source_ip:
httptype = HttpType.REQUEST
else:
httptype = HttpType.RESPONSE
if tcp_pac.body:
self.http_parser.send((httptype, tcp_pac.body))
def finish(self):
result = self.http_parser.finish()
self.out.write(result)
self.out.flush()
class TcpConnection(object):
def __init__(self, packet):
"""
:type packet: TcpPack
"""
self.up_stream = Stream()
self.down_stream = Stream()
self.client_key = packet.source_key()
self.is_http = None
self.processor = HttpPrinter((packet.source, packet.source_port),
(packet.dest, packet.dest_port))
self.http_parser = HttpParser(self.processor, packet.micro_second)
self.on_packet(packet)
def on_packet(self, packet):
"""
:type packet: TcpPack
"""
if self.is_http is None and packet.body:
self.is_http = is_request(packet.body)
if self.is_http == False:
return
if packet.source_key() == self.client_key:
send_stream = self.up_stream
confirm_stream = self.down_stream
pac_type = HttpType.RESPONSE
else:
send_stream = self.down_stream
confirm_stream = self.up_stream
pac_type = HttpType.REQUEST
if len(packet.body) > 0:
send_stream.append_packet(packet)
if packet.syn:
pass
if packet.ack:
packets = confirm_stream.retrieve_packet(packet.ack_seq)
if packets:
for packet in packets:
self.http_parser.send(pac_type, packet.body, packet.micro_second)
if packet.fin:
send_stream.status = 1
def closed(self):
return self.up_stream.status == 1 and self.down_stream.status == 1
def finish(self):
self.http_parser.finish()
