def process(self,data,metadata=None):
""" Pre-process the data for all other network scanners """
try:
## We may only scan network related filesystems like
## pcapfs.
link_type = self.fd.link_type
except:
return
## We try to get previously set proto_tree. We store it in
## a metadata structure so that scanners that follow us
## can reuse it. This ensure we do not un-necessarily
## dissect each packet.
self.packet_id = self.fd.tell()-1
self.packet_offset = self.fd.packet_offset
metadata['mime'] = "text/packet"
try:
self.proto_tree = metadata['proto_tree'][self.packet_id]
except KeyError,e:
## Now dissect it.
self.proto_tree = dissect.dissector(data, link_type,
self.packet_id, self.packet_offset)
## Store it for the future
metadata['proto_tree']={ self.packet_id: self.proto_tree }
def process(self, data, metadata=None):
""" Pre-process the data for all other network scanners """
try:
## We may only scan network related filesystems like
## pcapfs.
link_type = self.fd.link_type
except:
return
## We try to get previously set proto_tree. We store it in
## a metadata structure so that scanners that follow us
## can reuse it. This ensure we do not un-necessarily
## dissect each packet.
self.packet_id = self.fd.tell() - 1
self.packet_offset = self.fd.packet_offset
metadata['mime'] = "text/packet"
try:
self.proto_tree = metadata['proto_tree'][self.packet_id]
except KeyError, e:
## Now dissect it.
self.proto_tree = dissect.dissector(data, link_type,
self.packet_id,
self.packet_offset)
## Store it for the future
metadata['proto_tree'] = {self.packet_id: self.proto_tree}
import DB
import _dissect
import dissect
filename = "/var/tmp/demo/stdcapture_0.2.pcap"
fd = open(filename)
dbh = DB.DBO("demo")
dbh.execute("select * from pcap where id=8")
row = dbh.fetch()
fd.seek(row['offset'])
data = fd.read(row['length'])
root = dissect.dissector(data, row['link_type'], 1)
print "%r" % root["tcp.seq"]
## Now we try to print the tree recursively
def print_leaf(name, node):
try:
fields = _dissect.list_fields(node)
print "Node %s" % name
for field in fields:
print field
print_leaf("%s.%s" % (_dissect.get_name(node), field),
_dissect.get_field(node, field))
except:
print "%s = %r" % (name, node)
import DB
import _dissect
import dissect
filename = "/var/tmp/demo/stdcapture_0.2.pcap"
fd=open(filename)
dbh = DB.DBO("demo")
dbh.execute("select * from pcap where id=8")
row = dbh.fetch()
fd.seek(row['offset'])
data = fd.read(row['length'])
root=dissect.dissector(data, row['link_type'],1)
print "%r" % root["tcp.seq"]
## Now we try to print the tree recursively
def print_leaf(name,node):
try:
fields = _dissect.list_fields(node)
print "Node %s" % name
for field in fields:
print field
print_leaf("%s.%s" % (_dissect.get_name(node),field),
_dissect.get_field(node, field))
except:
print "%s = %r" % (name,node)
