class TGeneratorTestCase(unittest.TestCase):
def setUp(self):
self.tgen = TGenerator('tests/test.pcap')
def test_dissect_fields(self):
scapy_pkt = Ether(bytearray.fromhex(pkt))
offset = len(scapy_pkt[Ether]) - len(scapy_pkt[IP])
diss_fields = self.tgen._dissect_fields(scapy_pkt[IP], offset)
length = eval(diss_fields['len'])
chksum = eval(diss_fields['chksum'])
dst = eval(diss_fields['dst'])
self.assertEqual(length, slice(16, 18))
self.assertEqual(chksum, slice(24, 26))
self.assertEqual(dst, slice(30, 34))
def capture(userfilter="",
pcapname=".tmp.pcap",
func=None,
count=0,
time=None,
offline=None):
"""This function is a wrapper function above the sniff scapy function. The
result is a list of templates. The specification on filtering options can
be found at: https://goo.gl/kVAmHQ
Parameters
----------
userfilter : :obj:`str`
Filters to capture packets.
pcapname : :obj:`str`
Path where the pcap will be written.
func : :obj:`function`
Function to be called when a packet arrive, the packet will be passed
as parameter.
count : int
Number of packets to capture.
time : int
Stop sniffing after a given time.
Returns
-------
:obj:`TList`
List of templates
"""
if func:
plist = sniff(filter=userfilter,
prn=func,
count=count,
timeout=time,
offline=offline)
else:
plist = sniff(filter=userfilter,
count=count,
timeout=time,
offline=offline)
# Save the list of packages to disk for later readin with pyshark
if len(plist) > 0:
wrpcap(join(POLYM_PATH, pcapname), plist)
tgen = TGenerator(join(POLYM_PATH, pcapname), scapy_pkts=plist)
# Returns a list of templates
return TList(tgen, len(plist), namesgen(plist))
return None
def pkt_to_template(pkt):
"""Generate a template from a Scapy packet.
Parameters
----------
pkt : :obj:`ScapyPkt`
Packet generated by scapy.
Returns
-------
:obj:`Template`
Template that represents the packet.
"""
wrpcap('.tmp.pcap', pkt)
tgen = TGenerator('.tmp.pcap', scapy_pkts=pkt)
return next(tgen)
def readpcap(pcapfile, userfilter=None):
"""This function is a wrapper function above the generate function from
`TGenerator` class. The result is a `TList` object.
Parameters
----------
pcapfile : :obj:`str`
Path to a pcap file.
Returns
-------
:obj: `TList`
List of templates.
"""
tgen = TGenerator(pcapfile, userfilter=userfilter)
return TList(tgen, pcap_path=pcapfile)
def readpcap(pcapfile):
"""This function is a wrapper function above the generate function from
TGenerator class. The result is a TemplatesList object.
Parameters
----------
pcapfile : :obj:`str`
Path to a pcap file.
Returns
-------
:obj: `TList`
List of templates.
"""
plist = rdpcap(pcapfile)
tgen = TGenerator(pcapfile, scapy_pkts=plist)
return TList(tgen, len(plist), namesgen(plist))
def capture(userfilter=None,
pcapname=".tmp.pcap",
func=None,
count=0,
time=None,
iface=None):
"""This function is a wrapper function above the sniff scapy function. The
result is a list of templates.
Parameters
----------
userfilter : :obj:`str`
Filters to capture packets in Wireshark format.
pcapname : :obj:`str`
Path where the pcap will be written.
func : :obj:`function`
Function to be called when a packet arrive, the packet will be passed
as parameter.
count : int
Number of packets to capture.
time : int
Stop sniffing after a given time.
iface : :obj:`str`
Interface for capturing network packets
Returns
-------
:obj:`TList`
List of templates
"""
if func:
plist = sniff(prn=func, count=count, timeout=time, iface=iface)
else:
plist = sniff(count=count, timeout=time, iface=iface)
# Save the list of packets to disk for later reading with Pyshark
if len(plist) > 0:
pcap_path = join(POLYM_PATH, pcapname)
wrpcap(pcap_path, plist)
tgen = TGenerator(pcap_path, userfilter)
# Returns a list of `Template` objects
tlist = TList(tgen, pcap_path)
return tlist
return None
def setUp(self):
self.tgen = TGenerator('tests/test.pcap')