def _get_tshark_process(self, packet_count=None, stdin=None): """ Returns a new tshark process with previously-set parameters. """ xml_type = 'psml' if self.only_summaries else 'pdml' parameters = [ get_tshark_path(self.tshark_path), '-l', '-n', '-T', xml_type ] + self.get_parameters(packet_count=packet_count) self.log.debug('Creating TShark subprocess with parameters: ' + ' '.join(parameters)) # Ignore stderr output unless in debug mode (sent to console) output = None if self.debug else open(os.devnull, "w") tshark_process = yield From( asyncio.create_subprocess_exec(*parameters, stdout=subprocess.PIPE, stderr=output, stdin=stdin)) self.log.debug('TShark subprocess created') if tshark_process.returncode is not None and tshark_process.returncode != 0: raise TSharkCrashException( 'TShark seems to have crashed. Try updating it. (command ran: "%s")' % ' '.join(parameters)) self.running_processes.add(tshark_process) raise Return(tshark_process)
def _get_tshark_process(self, packet_count=None, extra_params=[]): """ Gets a new tshark process with the previously-set paramaters. """ parameters = [get_tshark_path(), '-T', 'pdml'] + self.get_parameters(packet_count=packet_count) + extra_params return subprocess.Popen(parameters, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
def _get_tshark_process(self, packet_count=None, stdin=None): """ Returns a new tshark process with previously-set parameters. """ if self.use_json: output_type = 'json' if not tshark_supports_json(self.tshark_path): raise TSharkVersionException( "JSON only supported on Wireshark >= 2.2.0") else: output_type = 'psml' if self.only_summaries else 'pdml' parameters = [get_tshark_path(self.tshark_path), '-l', '-n', '-T', output_type] + \ self.get_parameters(packet_count=packet_count) # Drop privileges if requested if os.getenv("TSHARK_USER") is not None: parameters = ['sudo', '-u', os.getenv("TSHARK_USER")] + parameters self._log.debug('Creating TShark subprocess with parameters: ' + ' '.join(parameters)) # Ignore stderr output unless in debug mode (sent to console) output = None if self.debug else open(os.devnull, "w") tshark_process = yield From( asyncio.create_subprocess_exec(*parameters, stdout=subprocess.PIPE, stderr=output, stdin=stdin)) self._log.debug('TShark subprocess created') if tshark_process.returncode is not None and tshark_process.returncode != 0: raise TSharkCrashException( 'TShark seems to have crashed. Try updating it. (command ran: "%s")' % ' '.join(parameters)) self.running_processes.add(tshark_process) raise Return(tshark_process)
def _get_tshark_process(self, packet_count=None, extra_params=[]): """ Gets a new tshark process with the previously-set paramaters. """ parameters = [get_tshark_path(), '-2', '-l', '-T', 'pdml'] + self.get_parameters(packet_count=packet_count) + extra_params proc = subprocess.Popen(parameters,stdout=subprocess.PIPE) if proc.poll() is not None: raise TSharkCrashException('TShark seems to have crashed. Try updating it. (command ran: "%s")' % ' '.join(parameters)) return proc
def _get_tshark_process(self, packet_count=None, extra_params=[]): """ Gets a new tshark process with the previously-set paramaters. """ parameters = [get_tshark_path(), '-T', 'pdml'] + self.get_parameters( packet_count=packet_count) + extra_params return subprocess.Popen(parameters, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
def _set_tshark_process(self, packet_count=None, extra_params=[]): """ Sets the internal tshark to a new tshark process with the previously-set paramaters. """ xml_type = 'psml' if self.only_summaries else 'pdml' parameters = [get_tshark_path(), '-T', xml_type] + self.get_parameters(packet_count=packet_count) + extra_params # Re-direct TShark's stderr to the null device self.tshark_stderr = open(os.devnull, "wb") # Start the TShark subprocess self.tshark_process = subprocess.Popen(parameters, stdout=subprocess.PIPE, stderr=self.tshark_stderr) retcode = self.tshark_process.poll() if retcode is not None and retcode != 0: raise TSharkCrashException('TShark seems to have crashed. Try updating it. (command ran: "%s")' % ' '.join(parameters))
def packets_from_file(self, cap_or_xml): """ Gets an xml file data and returns the raw xml and a list of packets. :return tuple of (raw_xml_file, packets) """ beginning = cap_or_xml.read(5) if beginning == '<?xml': # It's an xml file. return self._packets_from_fd(cap_or_xml, previous_data=beginning, wait_for_more_data=False) else: # We assume it's a PCAP file and use tshark to get the XML. p = subprocess.Popen([get_tshark_path(), '-T', 'pdml', '-r', cap_or_xml.name], stdout=subprocess.PIPE, stderr=subprocess.PIPE) return self._packets_from_fd(p.stdout, previous_data=beginning, wait_for_more_data=False)
def _get_tshark_process(self, packet_count=None, stdin=None): """ Returns a new tshark process with previously-set parameters. """ xml_type = 'psml' if self.only_summaries else 'pdml' parameters = [get_tshark_path(self.tshark_path), '-l', '-n', '-T', xml_type] + self.get_parameters(packet_count=packet_count) self.log.debug('Creating TShark subprocess with parameters: ' + ' '.join(parameters)) tshark_process = yield From(asyncio.create_subprocess_exec(*parameters, stdout=subprocess.PIPE, stderr=open(os.devnull, "w"), stdin=stdin)) self.log.debug('TShark subprocess created') if tshark_process.returncode is not None and tshark_process.returncode != 0: raise TSharkCrashException( 'TShark seems to have crashed. Try updating it. (command ran: "%s")' % ' '.join(parameters)) self.running_processes.add(tshark_process) raise Return(tshark_process)
def _set_tshark_process(self, packet_count=None, encryption=None, extra_params=[]): """ Sets the internal tshark to a new tshark process with the previously-set paramaters. """ if self.encryption: extra_params += ['-o', 'wlan.enable_decryption:TRUE'] for enc in self.encryption: extra_params += ['-o', 'uat:80211_keys:"{}","{}"'.format(*enc)] xml_type = 'psml' if self.only_summaries else 'pdml' parameters = [get_tshark_path(), '-T', xml_type] +\ self.get_parameters(packet_count=packet_count) +\ extra_params # Re-direct TShark's stderr to the null device self.tshark_stderr = open(os.devnull, "wb") # Start the TShark subprocess self.tshark_process = subprocess.Popen(parameters, stdout=subprocess.PIPE, stderr=self.tshark_stderr) retcode = self.tshark_process.poll() if retcode is not None and retcode != 0: raise TSharkCrashException('TShark seems to have crashed. Try '+\ 'updating it. (command ran: "%s")' % ' '.join(parameters))
def test_get_tshark_path(mock_exists): mock_exists.return_value = True actual = get_tshark_path("/some/path/tshark") expected = "/some/path/tshark" assert actual == expected