def __makeflow(self):
while True:
if haveIPAddrGen:
srcip = str(ipaddr.IPv4Address(ipaddrgen.generate_addressv4(self.ipsrcgen)))
dstip = str(ipaddr.IPv4Address(ipaddrgen.generate_addressv4(self.ipdstgen)))
else:
# srcip = str(ipaddr.IPAddress(int(self.srcnet) + random.randint(0,self.srcnet.numhosts-1)))
# dstip = str(ipaddr.IPAddress(int(self.dstnet) + random.randint(0,self.dstnet.numhosts-1)))
srcip = str(ipaddr.IPAddress(int(self.srcnet) + random.randint(0, 2)))
dstip = str(ipaddr.IPAddress(int(self.dstnet) + random.randint(0, 2)))
ipproto = next(self.ipproto)
#print ipproto
sport = next(self.srcports)
#print sport
dport = next(self.dstports)
#print dport
fsize = int(next(self.flowsizerv))
#print fsize
flet = Flowlet(FlowIdent(srcip, dstip, ipproto, sport, dport), bytes=fsize)
#print flet
flet.iptos = next(self.iptosrv)
if flet.key not in self.activeflows:
break
return flet
def __makeflow(self):
while True:
if haveIPAddrGen:
srcip = str(
ipaddr.IPv4Address(
ipaddrgen.generate_addressv4(self.ipsrcgen)))
dstip = str(
ipaddr.IPv4Address(
ipaddrgen.generate_addressv4(self.ipdstgen)))
else:
srcip = str(
ipaddr.IPAddress(
int(self.srcnet) +
random.randint(0, self.srcnet.numhosts - 1)))
dstip = str(
ipaddr.IPAddress(
int(self.dstnet) +
random.randint(0, self.dstnet.numhosts - 1)))
ipproto = next(self.ipproto)
sport = next(self.srcports)
dport = next(self.dstports)
fsize = int(next(self.flowsizerv))
# print 'fsize ', fsize
flet = Flowlet(FiveTuple(srcip, dstip, ipproto, sport, dport),
bytes=fsize)
flet.iptos = next(self.iptosrv)
if flet.key not in self.activeflows:
break
return flet
def __makeflow(self):
if haveIPAddrGen:
srcip = str(ipaddr.IPv4Address(ipaddrgen.generate_addressv4(self.ipsrcgen)))
dstip = str(ipaddr.IPv4Address(ipaddrgen.generate_addressv4(self.ipdstgen)))
else:
srcip = str(ipaddr.IPAddress(int(self.ipsrc) + random.randint(0,self.ipsrc.numhosts-1)))
dstip = str(ipaddr.IPAddress(int(self.ipdst) + random.randint(0,self.ipdst.numhosts-1)))
ipproto = self.ipproto
sport = dport = 0
if ipproto == socket.IPPROTO_ICMP:
# std way that netflow encodes icmp type/code:
# type in high-order byte of dport,
# code in low-order byte
t = next(self.icmptype)
c = next(self.icmpcode)
dport = t << 8 | c
# print 'icmp t,c,dport',hex(t),hex(c),hex(dport)
else:
if self.sport:
sport = next(self.sport)
if self.dport:
dport = next(self.dport)
flet = Flowlet(FiveTuple(srcip, dstip, ipproto, sport, dport))
flet.iptos = next(self.iptos)
if flet.ipproto == socket.IPPROTO_TCP:
flet.ackflow = not self.autoack
tcpflags = next(self.tcpflags)
flaglist = tcpflags.split('|')
xtcpflags = 0x0
for f in flaglist:
if f == 'FIN':
xtcpflags |= 0x01
elif f == 'SYN':
xtcpflags |= 0x02
elif f == 'RST':
xtcpflags |= 0x04
elif f == 'PUSH' or f == 'PSH':
xtcpflags |= 0x08
elif f == 'ACK':
xtcpflags |= 0x10
elif f == 'URG':
xtcpflags |= 0x20
elif f == 'ECE':
xtcpflags |= 0x40
elif f == 'CWR':
xtcpflags |= 0x80
else:
raise InvalidFlowConfiguration('Invalid TCP flags mnemonic ' + f)
flet.tcpflags = xtcpflags
return flet
#
# Simple recipe for using the code. Example uses the ipaddr
# module, but that isn't a requirement (just makes things
# nicer).
#
import ipaddr
import ipaddrgen
net = ipaddr.IPv4Network('127.0.0.0/8')
print int(net),net.prefixlen
t = ipaddrgen.initialize_trie(int(net), net.prefixlen, 0.61)
for i in xrange(10000):
a = ipaddr.IPv4Address(ipaddrgen.generate_addressv4(t))
print a
n = ipaddrgen.count_nodes(t)
print "nodes",n
ipaddrgen.release_trie(t)
def __makeflow(self):
if haveIPAddrGen:
srcip = str(
ipaddr.IPv4Address(ipaddrgen.generate_addressv4(
self.ipsrcgen)))
dstip = str(
ipaddr.IPv4Address(ipaddrgen.generate_addressv4(
self.ipdstgen)))
else:
srcip = str(
ipaddr.IPAddress(
int(self.ipsrc) +
random.randint(0, self.ipsrc.numhosts - 1)))
dstip = str(
ipaddr.IPAddress(
int(self.ipdst) +
random.randint(0, self.ipdst.numhosts - 1)))
ipproto = self.ipproto
sport = dport = 0
if ipproto == socket.IPPROTO_ICMP:
# std way that netflow encodes icmp type/code:
# type in high-order byte of dport,
# code in low-order byte
t = next(self.icmptype)
c = next(self.icmpcode)
dport = t << 8 | c
# print 'icmp t,c,dport',hex(t),hex(c),hex(dport)
else:
if self.sport:
sport = next(self.sport)
if self.dport:
dport = next(self.dport)
flet = Flowlet(FiveTuple(srcip, dstip, ipproto, sport, dport))
flet.iptos = next(self.iptos)
if flet.ipproto == socket.IPPROTO_TCP:
flet.ackflow = not self.autoack
tcpflags = next(self.tcpflags)
flaglist = tcpflags.split('|')
xtcpflags = 0x0
for f in flaglist:
if f == 'FIN':
xtcpflags |= 0x01
elif f == 'SYN':
xtcpflags |= 0x02
elif f == 'RST':
xtcpflags |= 0x04
elif f == 'PUSH' or f == 'PSH':
xtcpflags |= 0x08
elif f == 'ACK':
xtcpflags |= 0x10
elif f == 'URG':
xtcpflags |= 0x20
elif f == 'ECE':
xtcpflags |= 0x40
elif f == 'CWR':
xtcpflags |= 0x80
else:
raise InvalidFlowConfiguration(
'Invalid TCP flags mnemonic ' + f)
flet.tcpflags = xtcpflags
return flet
#
# Simple recipe for using the code. Example uses the ipaddr
# module, but that isn't a requirement (just makes things
# nicer).
#
import ipaddr
import ipaddrgen
net = ipaddr.IPv4Network('127.0.0.0/8')
print int(net), net.prefixlen
t = ipaddrgen.initialize_trie(int(net), net.prefixlen, 0.61)
for i in xrange(10000):
a = ipaddr.IPv4Address(ipaddrgen.generate_addressv4(t))
print a
n = ipaddrgen.count_nodes(t)
print "nodes", n
ipaddrgen.release_trie(t)