def _get_tshark_process(self, packet_count=None, stdin=None):
"""
Returns a new tshark process with previously-set parameters.
"""
xml_type = 'psml' if self.only_summaries else 'pdml'
parameters = [
get_tshark_path(self.tshark_path), '-l', '-n', '-T', xml_type
] + self.get_parameters(packet_count=packet_count)
self.log.debug('Creating TShark subprocess with parameters: ' +
' '.join(parameters))
# Ignore stderr output unless in debug mode (sent to console)
output = None if self.debug else open(os.devnull, "w")
tshark_process = yield From(
asyncio.create_subprocess_exec(*parameters,
stdout=subprocess.PIPE,
stderr=output,
stdin=stdin))
self.log.debug('TShark subprocess created')
if tshark_process.returncode is not None and tshark_process.returncode != 0:
raise TSharkCrashException(
'TShark seems to have crashed. Try updating it. (command ran: "%s")'
% ' '.join(parameters))
self.running_processes.add(tshark_process)
raise Return(tshark_process)
def _get_tshark_process(self, packet_count=None, extra_params=[]):
"""
Gets a new tshark process with the previously-set paramaters.
"""
parameters = [get_tshark_path(), '-T', 'pdml'] + self.get_parameters(packet_count=packet_count) + extra_params
return subprocess.Popen(parameters,
stdout=subprocess.PIPE, stderr=subprocess.PIPE)
def _get_tshark_process(self, packet_count=None, stdin=None):
"""
Returns a new tshark process with previously-set parameters.
"""
if self.use_json:
output_type = 'json'
if not tshark_supports_json(self.tshark_path):
raise TSharkVersionException(
"JSON only supported on Wireshark >= 2.2.0")
else:
output_type = 'psml' if self.only_summaries else 'pdml'
parameters = [get_tshark_path(self.tshark_path), '-l', '-n', '-T', output_type] + \
self.get_parameters(packet_count=packet_count)
# Drop privileges if requested
if os.getenv("TSHARK_USER") is not None:
parameters = ['sudo', '-u', os.getenv("TSHARK_USER")] + parameters
self._log.debug('Creating TShark subprocess with parameters: ' +
' '.join(parameters))
# Ignore stderr output unless in debug mode (sent to console)
output = None if self.debug else open(os.devnull, "w")
tshark_process = yield From(
asyncio.create_subprocess_exec(*parameters,
stdout=subprocess.PIPE,
stderr=output,
stdin=stdin))
self._log.debug('TShark subprocess created')
if tshark_process.returncode is not None and tshark_process.returncode != 0:
raise TSharkCrashException(
'TShark seems to have crashed. Try updating it. (command ran: "%s")'
% ' '.join(parameters))
self.running_processes.add(tshark_process)
raise Return(tshark_process)
def _get_tshark_process(self, packet_count=None, extra_params=[]):
"""
Gets a new tshark process with the previously-set paramaters.
"""
parameters = [get_tshark_path(), '-2', '-l', '-T', 'pdml'] + self.get_parameters(packet_count=packet_count) + extra_params
proc = subprocess.Popen(parameters,stdout=subprocess.PIPE)
if proc.poll() is not None:
raise TSharkCrashException('TShark seems to have crashed. Try updating it. (command ran: "%s")' % ' '.join(parameters))
return proc
def _get_tshark_process(self, packet_count=None, extra_params=[]):
"""
Gets a new tshark process with the previously-set paramaters.
"""
parameters = [get_tshark_path(), '-T', 'pdml'] + self.get_parameters(
packet_count=packet_count) + extra_params
return subprocess.Popen(parameters,
stdout=subprocess.PIPE,
stderr=subprocess.PIPE)
def _set_tshark_process(self, packet_count=None, extra_params=[]):
"""
Sets the internal tshark to a new tshark process with the previously-set paramaters.
"""
xml_type = 'psml' if self.only_summaries else 'pdml'
parameters = [get_tshark_path(), '-T', xml_type] + self.get_parameters(packet_count=packet_count) + extra_params
# Re-direct TShark's stderr to the null device
self.tshark_stderr = open(os.devnull, "wb")
# Start the TShark subprocess
self.tshark_process = subprocess.Popen(parameters,
stdout=subprocess.PIPE,
stderr=self.tshark_stderr)
retcode = self.tshark_process.poll()
if retcode is not None and retcode != 0:
raise TSharkCrashException('TShark seems to have crashed. Try updating it. (command ran: "%s")' % ' '.join(parameters))
def packets_from_file(self, cap_or_xml):
"""
Gets an xml file data and returns the raw xml and a list of packets.
:return tuple of (raw_xml_file, packets)
"""
beginning = cap_or_xml.read(5)
if beginning == '<?xml':
# It's an xml file.
return self._packets_from_fd(cap_or_xml, previous_data=beginning, wait_for_more_data=False)
else:
# We assume it's a PCAP file and use tshark to get the XML.
p = subprocess.Popen([get_tshark_path(),
'-T', 'pdml',
'-r', cap_or_xml.name],
stdout=subprocess.PIPE,
stderr=subprocess.PIPE)
return self._packets_from_fd(p.stdout, previous_data=beginning, wait_for_more_data=False)
def _get_tshark_process(self, packet_count=None, stdin=None):
"""
Returns a new tshark process with previously-set parameters.
"""
xml_type = 'psml' if self.only_summaries else 'pdml'
parameters = [get_tshark_path(self.tshark_path), '-l', '-n', '-T', xml_type] + self.get_parameters(packet_count=packet_count)
self.log.debug('Creating TShark subprocess with parameters: ' + ' '.join(parameters))
tshark_process = yield From(asyncio.create_subprocess_exec(*parameters,
stdout=subprocess.PIPE,
stderr=open(os.devnull, "w"),
stdin=stdin))
self.log.debug('TShark subprocess created')
if tshark_process.returncode is not None and tshark_process.returncode != 0:
raise TSharkCrashException(
'TShark seems to have crashed. Try updating it. (command ran: "%s")' % ' '.join(parameters))
self.running_processes.add(tshark_process)
raise Return(tshark_process)
def _set_tshark_process(self, packet_count=None, encryption=None,
extra_params=[]):
"""
Sets the internal tshark to a new tshark process with the
previously-set paramaters.
"""
if self.encryption:
extra_params += ['-o', 'wlan.enable_decryption:TRUE']
for enc in self.encryption:
extra_params += ['-o', 'uat:80211_keys:"{}","{}"'.format(*enc)]
xml_type = 'psml' if self.only_summaries else 'pdml'
parameters = [get_tshark_path(), '-T', xml_type] +\
self.get_parameters(packet_count=packet_count) +\
extra_params
# Re-direct TShark's stderr to the null device
self.tshark_stderr = open(os.devnull, "wb")
# Start the TShark subprocess
self.tshark_process = subprocess.Popen(parameters,
stdout=subprocess.PIPE,
stderr=self.tshark_stderr)
retcode = self.tshark_process.poll()
if retcode is not None and retcode != 0:
raise TSharkCrashException('TShark seems to have crashed. Try '+\
'updating it. (command ran: "%s")' % ' '.join(parameters))
def test_get_tshark_path(mock_exists):
mock_exists.return_value = True
actual = get_tshark_path("/some/path/tshark")
expected = "/some/path/tshark"
assert actual == expected
def test_get_tshark_path(mock_exists):
mock_exists.return_value = True
actual = get_tshark_path("/some/path/tshark")
expected = "/some/path/tshark"
assert actual == expected
