def stat(self, proto, count):
'''
Statistical API call. Sends the 1 minute count of packets for a given
protocol to the backend database.
:param proto: Protocol name
:param count: Packet count
:type proto: str
:type count: int
:return: None
'''
if self.host in ['localhost', '127.0.0.1']:
s = self.Session()
s.add(Stat(proto, self.username, count))
s.commit()
s.close()
log.debug('DATABASE: Added Stat %s:%s:%s' % (proto, count, self.username))
else:
self.call('/post/stat', {
'proto': proto,
'count': count,
'username': self.username
})
def stat(self, proto, count):
'''
Statistical API call. Sends the 1 minute count of packets for a given
protocol to the backend database.
:param proto: Protocol name
:param count: Packet count
:type proto: str
:type count: int
:return: None
'''
if self.host in ['localhost', '127.0.0.1']:
s = self.Session()
s.add(Stat(proto, self.username, count))
s.commit()
s.close()
log.debug('DATABASE: Added Stat %s:%s:%s' % (proto, count, self.username))
else:
self.call('/post/stat', {
'proto': proto,
'count': count,
'username': self.username
})
def account(self, username, password, info, proto, parser):
'''
Account API call. This function handles adding accounts into the
database.
:param username: Account Username
:param password: Account Password
:param info: General Information Field
:param proto: Discovered Protocol
:param parser: Parser/Agent to discovere account
:type username: str
:type password: str
:type info: str
:type proto: str
:type parser: str
:return: None
'''
# If the anonymization bit is set, then we need to hide the password.
# We will still display the first 3 characters, however will asterisk
# the rest of the password past that point.
if self.anonymize:
if len(password) >= 3:
password = '******' % (password[:3], '*' * (len(password) - 3))
if self.host in ['localhost', '127.0.0.1']:
s = self.Session()
if s.query(Account).filter_by(username=bleach.clean(username))\
.filter_by(password=bleach.clean(password))\
.filter_by(info=bleach.clean(info)).count() < 1 and password != '':
s.add(Account(bleach.clean(username),
bleach.clean(password),
bleach.clean(info),
bleach.clean(proto),
bleach.clean(parser)
)
)
s.commit()
log.debug('DATABASE: Added Account: %s:%s:%s:%s:%s' %\
(username, password, info, proto, parser))
else:
self.call('/post/account', {
'username': username,
'password': password,
'info': info,
'proto': proto,
'parser': parser,
})
def call(self, url, data, files={}):
"""
This is the core function that calls the API. all API calls route
through here.
:param url: URL of Call
:param data: Data to be sent with call
:type url: str
:type data: dictionary, str
:return: urllib2 Response Object
"""
ssl = {True: "https://", False: "http://"}
location = "%s%s:%s%s" % (ssl[self.ssl], self.host, self.port, url)
log.debug("CLIENT: %s" % location)
return self.opener.post(location, data=data, files=files)
def run(self):
'''
Process startup.
'''
s = Session()
while int(time.time()) < self.delay:
log.debug('%s: Parser Waiting til %s currently %s. sleeping 1s.' %(
self.name, self.delay, int(time.time())))
time.sleep(1)
self.command = setting('%s_command' % self.name).value\
.replace('{IF}', setting('listen_interface').value)
self.api = DoflerClient(
host=setting('server_host').value,
port=setting('server_port').intvalue,
username=setting('server_username').value,
password=setting('server_password').value,
ssl=setting('server_ssl').boolvalue,
anon=setting('server_anonymize').boolvalue)
s.close()
self.realtime_process()
def call(self, url, data, files={}):
'''
This is the core function that calls the API. all API calls route
through here.
:param url: URL of Call
:param data: Data to be sent with call
:type url: str
:type data: dictionary, str
:return: urllib2 Response Object
'''
ssl = {
True: 'https://',
False: 'http://'
}
location = '%s%s:%s%s' % (ssl[self.ssl], self.host, self.port, url)
log.debug('CLIENT: %s' % location)
return self.opener.post(location, data=data, files=files)
def stat(self, proto, count):
"""
Statistical API call. Sends the 1 minute count of packets for a given
protocol to the backend database.
:param proto: Protocol name
:param count: Packet count
:type proto: str
:type count: int
:return: None
"""
if self.host in ["localhost", "127.0.0.1"]:
s = self.Session()
s.add(Stat(proto, self.username, count))
s.commit()
s.close()
log.debug("DATABASE: Added Stat %s:%s:%s" % (proto, count, self.username))
else:
self.call("/post/stat", {"proto": proto, "count": count, "username": self.username})
def image(self, filename):
'''
Image API Call. Uploads the image into the database.
:param fobj: File-like object with the image contents
:param filename: Filename or extension of the file.
:type fobj: fileobject
:type filename: str
:return: None
'''
if os.path.exists(filename):
if self.host in ['localhost', '127.0.0.1']:
with open(filename, 'rb') as imagefile:
data = imagefile.read()
md5 = md5hash(data)
s = self.Session()
if s.query(Image).filter_by(md5sum=md5).count() > 0:
image = s.query(Image).filter_by(md5sum=md5).one()
image.timestamp = int(time.time())
image.count += 1
s.merge(image)
log.debug('DATABASE: Updated Image %s' % image.md5sum)
else:
ftype = filename.split('.')[-1]
image = Image(int(time.time()), ftype, data, md5)
s.add(image)
log.debug('DATABASE: Added Image %s' % image.md5sum)
s.commit()
s.close()
else:
try:
self.call('/post/image', {'filetype': filename.split('.')[-1]},
{'file': open(filename, 'rb')})
except:
log.error('API: Upload Failed. %s=%skb' % (filename,
os.path.getsize(filename) / 1024))
else:
log.error('API: %s doesnt exist' % filename)
def account(self, username, password, info, proto, parser):
"""
Account API call. This function handles adding accounts into the
database.
:param username: Account Username
:param password: Account Password
:param info: General Information Field
:param proto: Discovered Protocol
:param parser: Parser/Agent to discovere account
:type username: str
:type password: str
:type info: str
:type proto: str
:type parser: str
:return: None
"""
# If the anonymization bit is set, then we need to hide the password.
# We will still display the first 3 characters, however will replace
# the rest of the password with a random number of asterisks.
if self.anonymize:
if len(password) >= 3:
password = "******" % (password[:3], "*" * (randint(2, 8)))
if self.host in ["localhost", "127.0.0.1"]:
s = self.Session()
# Check if the account already exists
# Tip: don't check for the password (if anonymized)
try:
account = s.query(Account).filter_by(username=username, proto=proto, info=info).one()
except:
s.add(Account(username, password, info, proto, parser))
s.commit()
log.debug("DATABASE: Added Account: %s:%s:%s:%s:%s" % (username, password, info, proto, parser))
else:
self.call(
"/post/account",
{"username": username, "password": password, "info": info, "proto": proto, "parser": parser},
)
def image(self, filename):
'''
Image API Call. Uploads the image into the database.
:param fobj: File-like object with the image contents
:param filename: Filename or extension of the file.
:type fobj: fileobject
:type filename: str
:return: None
'''
if os.path.exists(filename):
if self.host in ['localhost', '127.0.0.1']:
with open(filename, 'rb') as imagefile:
data = imagefile.read()
md5 = md5hash(data)
s = self.Session()
if s.query(Image).filter_by(md5sum=md5).count() > 0:
image = s.query(Image).filter_by(md5sum=md5).one()
image.timestamp = int(time.time())
image.count += 1
s.merge(image)
log.debug('DATABASE: Updated Image %s' % image.md5sum)
else:
ftype = filename.split('.')[-1]
image = Image(int(time.time()), ftype, data, md5)
s.add(image)
log.debug('DATABASE: Added Image %s' % image.md5sum)
s.commit()
s.close()
else:
try:
self.call('/post/image', {'filetype': filename.split('.')[-1]},
{'file': open(filename, 'rb')})
except:
log.error('API: Upload Failed. %s=%skb' % (filename,
os.path.getsize(filename) / 1024))
else:
log.error('API: %s doesnt exist' % filename)
