def add(self, pkt): ''' called for every packet coming in, instead of iterating through a list ''' # make sure packet is in time order if len(self.packets): # if we have received packets before... if self.packets[-1].ts > pkt.ts: # if this one is out of order... # error out raise ValueError("packet added to TCPFlow out of " "chronological order") self.packets.append(pkt) # look out for handshake # add it to the appropriate direction, if we've found or given up on # finding handshake if self.handshake is not None: self.merge_pkt(pkt) else: # if handshake is None, we're still looking for a handshake if len(self.packets) > 13: # or something like that # give up self.handshake = False self.socket = self.packets[0].socket self.flush_packets() # merge all stored packets # check last three packets elif tcp.detect_handshake(self.packets[-3:]): # function handles packets < 3 case self.handshake = tuple(self.packets[-3:]) self.socket = self.handshake[0].socket self.flush_packets()
def add(self, pkt): ''' called for every packet coming in, instead of iterating through a list ''' # make sure packet is in time order if len(self.packets): # if we have received packets before... if self.packets[-1].ts > pkt.ts: # if this one is out of order... # error out #raise ValueError("packet added to TCPFlow out of chronological order") # BLAZE: Try to just ignore this error return self.packets.append(pkt) # look out for handshake # add it to the appropriate direction, if we've found or given up on # finding handshake if self.handshake is not None: self.merge_pkt(pkt) else: # if handshake is None, we're still looking for a handshake if len(self.packets) > 13: # or something like that # give up logging.warning("TCP handshake detection failed.") self.handshake = False self.socket = self.packets[0].socket self.flush_packets() # merge all stored packets # check last three packets elif tcp.detect_handshake(self.packets[-3:]): # function handles packets < 3 case self.handshake = tuple(self.packets[-3:]) self.socket = self.handshake[0].socket self.flush_packets()
def add(self, pkt): ''' called for every packet coming in, instead of iterating through a list ''' # make sure packet is in time order if len(self.packets): # if we have received packets before... if self.packets[-1].ts > pkt.ts: # if this one is out of order... # error out if len(self.packets[-1].data) == 0 or len(pkt.data) == 0: if self.print_log_out_of_order: logging.info( "Non-data packet may be out of chronological order." ) self.print_log_out_of_order = False elif (self.packets[-1].data == pkt.data and self.packets[-1].seq == pkt.seq and self.packets[-1].ack == pkt.ack): logging.info("Retransmission ignored.") else: logging.info( "packet added to TCPFlow out of chronological order %f > %f" % (self.packets[-1].ts, pkt.ts)) #raise ValueError( # "packet added to TCPFlow out of chronological order %f > %f" % # (self.packets[-1].ts , pkt.ts)) self.packets.append(pkt) # look out for handshake # add it to the appropriate direction, if we've found or given up on # finding handshake if self.handshake is not None: self.merge_pkt(pkt) else: # if handshake is None, we're still looking for a handshake if len(self.packets) > 13: # or something like that # give up logging.warning("TCP handshake detection failed.") self.handshake = False self.socket = self.packets[0].socket self.flush_packets() # merge all stored packets # check last three packets elif tcp.detect_handshake(self.packets[-3:]): # function handles packets < 3 case self.handshake = tuple(self.packets[-3:]) self.socket = self.handshake[0].socket self.flush_packets()
def add(self, pkt): ''' called for every packet coming in, instead of iterating through a list ''' # make sure packet is in time order if len(self.packets): # if we have received packets before... if self.packets[-1].ts > pkt.ts: # if this one is out of order... # error out if len(self.packets[-1].data) == 0 or len(pkt.data) == 0 : if self.print_log_out_of_order: logging.info("Non-data packet may be out of chronological order.") self.print_log_out_of_order = False elif (self.packets[-1].data == pkt.data and self.packets[-1].seq == pkt.seq and self.packets[-1].ack == pkt.ack): logging.info("Retransmission ignored.") else: logging.info( "packet added to TCPFlow out of chronological order %f > %f" % (self.packets[-1].ts , pkt.ts)) #raise ValueError( # "packet added to TCPFlow out of chronological order %f > %f" % # (self.packets[-1].ts , pkt.ts)) self.packets.append(pkt) # look out for handshake # add it to the appropriate direction, if we've found or given up on # finding handshake if self.handshake is not None: self.merge_pkt(pkt) else: # if handshake is None, we're still looking for a handshake if len(self.packets) > 13: # or something like that # give up logging.warning("TCP handshake detection failed.") self.handshake = False self.socket = self.packets[0].socket self.flush_packets() # merge all stored packets # check last three packets elif tcp.detect_handshake(self.packets[-3:]): # function handles packets < 3 case self.handshake = tuple(self.packets[-3:]) self.socket = self.handshake[0].socket self.flush_packets()