def annoate_doc(self, doc):
date = None
if doc.has_key('state') == False:
doc['state'] = 0
#TODO test if already annoated
d = ""
#Extract timestamp
if doc.has_key('timestamp'):
(date,time) = doc['timestamp'].split(' ')
date=date.replace('-','')
srcasn = 0
if self.cache.has_key(doc['ipsrc']):
srcid = self.cache[doc['ipsrc']]
else:
self.cacheid = self.cacheid + 1
(srcasn,d) = ipasn.asn(doc['ipsrc'] , date)
(aid, ip) = self.get_asn(doc["ipsrc"], date)
if ip is not None:
doc['a_'+str(potiron.TYPE_ASN_DICT)+'+_ipsrc'] = aid
(aid, ip) = self.get_asn(doc["ipdst"], date)
if aid is not None:
doc['a_'+str(potiron.TYPE_ASN_DICT)+'_ipdst'] = aid
doc["state"] = doc["state"] | potiron.STATE_ASN_AN
return doc
def annoate_doc(self, doc):
date = None
if 'state' not in doc:
doc['state'] = 0
# TODO test if already annoated
d = ""
# Extract timestamp
if 'timestamp' in doc:
date, time = doc['timestamp'].split(' ')
date = date.replace('-', '')
srcasn = 0
if doc['ipsrc'] in self.cache:
# FIXME: srcid isn't used
srcid = self.cache[doc['ipsrc']]
else:
self.cacheid = self.cacheid + 1
srcasn, d = ipasn.asn(doc['ipsrc'], date)
aid, ip = self.get_asn(doc["ipsrc"], date)
if ip is not None:
doc['a_{}_ipsrc'.format(potiron.TYPE_ASN_DICT)] = aid
aid, ip = self.get_asn(doc["ipdst"], date)
if aid is not None:
doc['a_{}_ipdst'.format(potiron.TYPE_ASN_DICT)] = aid
doc["state"] = doc["state"] | potiron.STATE_ASN_AN
return doc
def annoate_doc(self, doc):
date = None
if 'state' not in doc:
doc['state'] = 0
# TODO test if already annoated
d = ""
# Extract timestamp
if 'timestamp' in doc:
date, time = doc['timestamp'].split(' ')
date = date.replace('-', '')
srcasn = 0
if doc['ipsrc'] in self.cache:
# FIXME: srcid isn't used
srcid = self.cache[doc['ipsrc']]
else:
self.cacheid = self.cacheid + 1
srcasn, d = ipasn.asn(doc['ipsrc'], date)
aid, ip = self.get_asn(doc["ipsrc"], date)
if ip is not None:
doc['a_{}_ipsrc'.format(potiron.TYPE_ASN_DICT)] = aid
aid, ip = self.get_asn(doc["ipdst"], date)
if aid is not None:
doc['a_{}_ipdst'.format(potiron.TYPE_ASN_DICT)] = aid
doc["state"] = doc["state"] | potiron.STATE_ASN_AN
return doc
def annoate_doc(self, doc):
date = None
if doc.has_key('state') == False:
doc['state'] = 0
#TODO test if already annoated
d = ""
#Extract timestamp
if doc.has_key('timestamp'):
(date, time) = doc['timestamp'].split(' ')
date = date.replace('-', '')
srcasn = 0
if self.cache.has_key(doc['ipsrc']):
srcid = self.cache[doc['ipsrc']]
else:
self.cacheid = self.cacheid + 1
(srcasn, d) = ipasn.asn(doc['ipsrc'], date)
(aid, ip) = self.get_asn(doc["ipsrc"], date)
if ip is not None:
doc['a_' + str(potiron.TYPE_ASN_DICT) + '+_ipsrc'] = aid
(aid, ip) = self.get_asn(doc["ipdst"], date)
if aid is not None:
doc['a_' + str(potiron.TYPE_ASN_DICT) + '_ipdst'] = aid
doc["state"] = doc["state"] | potiron.STATE_ASN_AN
return doc
def get_asn(self, ipaddress,date):
if self.cache.has_key(ipaddress):
return self.cache[ipaddress]
(asn,returndate) = ipasn.asn(ipaddress , date)
#FIXME Cache is common between all annotations
self.cacheid = self.cacheid + 1
self.cache[ipaddress] = (self.cacheid,asn)
self.cache['type'] = potiron.TYPE_ASN_DICT
if returndate != date:
#FIXME Not tested
potiron.errormsg("Date mismatch between ASN database and encountered timestamp in packet capture. IP="+ipaddress+". Date="+date+" "+"Return date= "+returndate)
return (self.cacheid, asn)
def get_asn(self, ipaddress, date):
if ipaddress in self.cache:
return self.cache[ipaddress]
asn, returndate = ipasn.asn(ipaddress, date)
# FIXME Cache is common between all annotations
self.cacheid = self.cacheid + 1
self.cache[ipaddress] = (self.cacheid, asn)
self.cache['type'] = potiron.TYPE_ASN_DICT
if returndate != date:
# FIXME Not tested
potiron.errormsg("Date mismatch between ASN database and encountered timestamp in packet capture. IP={}. Date={} Return date= {}".format(ipaddress, date, returndate))
return (self.cacheid, asn)
def get_asn(self, ipaddress, date):
if ipaddress in self.cache:
return self.cache[ipaddress]
asn, returndate = ipasn.asn(ipaddress, date)
# FIXME Cache is common between all annotations
self.cacheid = self.cacheid + 1
self.cache[ipaddress] = (self.cacheid, asn)
self.cache['type'] = potiron.TYPE_ASN_DICT
if returndate != date:
# FIXME Not tested
potiron.errormsg("Date mismatch between ASN database and encountered timestamp in packet capture. IP={}. Date={} Return date= {}".format(ipaddress, date, returndate))
return (self.cacheid, asn)
def get_asn(self, ipaddress, date):
if self.cache.has_key(ipaddress):
return self.cache[ipaddress]
(asn, returndate) = ipasn.asn(ipaddress, date)
#FIXME Cache is common between all annotations
self.cacheid = self.cacheid + 1
self.cache[ipaddress] = (self.cacheid, asn)
self.cache['type'] = potiron.TYPE_ASN_DICT
if returndate != date:
#FIXME Not tested
potiron.errormsg(
"Date mismatch between ASN database and encountered timestamp in packet capture. IP="
+ ipaddress + ". Date=" + date + " " + "Return date= " +
returndate)
return (self.cacheid, asn)
def asn(request):
ip = request.get('ip')
if ip is None:
return json.dumps({})
return json.dumps(ipasn.asn(ip, request.get('announce_date')))
def asn(request):
ip = request.get('ip')
if ip is None:
return json.dumps({})
return json.dumps(ipasn.asn(ip, request.get('announce_date')))
