Beispiel #1
0
Datei: ecu.py Projekt: vtky/scapy
 def on_packet_received(self, pkt):
     if not pkt:
         return
     if isinstance(pkt, list):
         for p in pkt:
             EcuSession.on_packet_received(self, p)
         return
     self.ecu.update(pkt)
     DefaultSession.on_packet_received(self, pkt)
    def on_packet_received(self, pkt):
        """Hook to the Sessions API: entry point of the dissection.
        This will defragment IP if necessary, then process to
        TCP reassembly.
        """

        # Now see if we need to return a complete session
        if self.callback is not None:
            pkt_list = self.toPacketList()
            sessions = pkt_list.sessions(self.sess_function)
            for k, sess in sessions.items():
                packet_times = [packet.time for packet in sess]
                if k == "Other" or "Ethernet" in k or "ARP" in k:
                    # print('Got one!')
                    continue
                if len(packet_times) < 2:
                    continue
                if pkt.time - min(packet_times) >= self.flow_timeout:
                    self.callback(sess)
                    continue

        # First, defragment IP if necessary
        pkt = self._ip_process_packet(pkt)
        # Now handle TCP reassembly
        pkt = self._process_packet(pkt)

        if not pkt:
            return

        DefaultSession.on_packet_received(self, pkt)

        if self.callback is not None:
            if TCP in pkt:
                if pkt[TCP].flags.F or pkt[TCP].flags.R:
                    pkt_list = self.toPacketList()
                    sessions = pkt_list.sessions(self.sess_function)
                    sess_pkts, = [
                        plist for plist in sessions.values() if pkt in plist
                    ]
                    self.callback(sess_pkts)
                return
Beispiel #3
0
 def on_packet_received(self, pkt):
     # type: (Optional[Packet]) -> None
     if not pkt:
         return
     self.ecu.update(pkt)
     DefaultSession.on_packet_received(self, pkt)
Beispiel #4
0
 def on_packet_received(self, pkt):
     # First, defragment IP if necessary
     pkt = self._ip_process_packet(pkt)
     # Now handle NetflowV9 defragmentation
     pkt = self._process_packet(pkt)
     DefaultSession.on_packet_received(self, pkt)