def run(self): surgeon = None if not self.options[ 'modinfo']: #No point in doing surgery if it's modinfo # Figure out where we're reading packets from if not self.options['interface']: if not self.options['filename']: if not self.options['filelist']: self.send_finished_msg( { 'status': 'error', 'errors': 'No input Specified' }, True) return else: surgeon = Surgeon(self.options['filelist']) self.options['filename'] = surgeon.create_fifo() surgeon.operate() else: if not os.path.exists(self.options['filename']): self.send_finished_msg( { 'status': 'error', 'errors': "Unable to find file '%s'" % self.options['filename'] }, True) return if self.options['aslist']: #input file is a listing of files to process surgeon = Surgeon([self.options['filename']], self.options['longrun']) self.options['filename'] = surgeon.create_fifo() #TODO operate right away or later? surgeon.operate(True) #Send options to Process 2 and tell it to setup self.kill_lock.acquire() try: self.tonids.put(['init', self.options]) except AttributeError: #usually means tonids is None #possibly being killed? pass except Exception, e: raise ChopLibException(e)
def run(self): surgeon = None if not self.options['modinfo']: #No point in doing surgery if it's modinfo # Figure out where we're reading packets from if not self.options['interface']: if not self.options['filename']: if not self.options['filelist']: self.send_finished_msg({'status':'error','errors': 'No input Specified'}, True) return else: surgeon = Surgeon(self.options['filelist']) self.options['filename'] = surgeon.create_fifo() surgeon.operate() else: if not os.path.exists(self.options['filename']): self.send_finished_msg({'status':'error','errors':"Unable to find file '%s'" % self.options['filename']}, True) return if self.options['aslist']: #input file is a listing of files to process surgeon = Surgeon([self.options['filename']], self.options['longrun']) self.options['filename'] = surgeon.create_fifo() #TODO operate right away or later? surgeon.operate(True) #Send options to Process 2 and tell it to setup self.kill_lock.acquire() try: self.tonids.put(['init', self.options]) except AttributeError: #usually means tonids is None #possibly being killed? pass except Exception, e: raise ChopLibException(e)
class ChopLib(Thread): daemon = True def __init__(self): Thread.__init__(self, name='ChopLib') global DEFAULT_MODULE_DIRECTORY global DEFAULT_EXTLIB_DIRECTORY pyversion = sys.version_info pyversion = float(str(pyversion[0]) + "." + str(pyversion[1])) if pyversion < 2.6: raise ChopLibException("Minimum Python Version 2.6 Required") global Queue global Process from multiprocessing import Process, Queue from Queue import Empty Queue.Empty = Empty #I'd prefer to keep this scoped to Queue self.options = { 'mod_dir': [DEFAULT_MODULE_DIRECTORY], 'ext_dir': [DEFAULT_EXTLIB_DIRECTORY], 'base_dir': None, 'filename': '', 'filelist': None, 'bpf': None, 'aslist': False, 'longrun': False, 'interface': '', 'modinfo': False, 'modtree': False, 'GMT': False, 'savefiles': False, #Should ChopShop handle the saving of files? 'text': False, 'pyobjout': False, 'jsonout': False, 'modules': '' } self.stopped = False #Setup Interaction Queues self.tocaller = Queue() #output directly to caller self.fromnids = Queue() #input queue from nids process self.tonids = Queue() #output queue to nids process #Start up Process 2 (Nids Process) self.nidsp = Process(target=self.__nids_core_runner_, args=(self.tonids, self.fromnids, self.tocaller)) self.nidsp.daemon = True self.nidsp.start() self.chop = None self.surgeon = None self.kill_lock = Lock() @property def mod_dir(self): """Directory to load modules from.""" return self.options['mod_dir'] @mod_dir.setter def mod_dir(self, v): if isinstance(v, str): self.options['mod_dir'] = [v] else: self.options['mod_dir'] = v @property def ext_dir(self): """Directory to load external libraries from.""" return self.options['ext_dir'] @ext_dir.setter def ext_dir(self, v): if isinstance(v, str): self.options['ext_dir'] = [v] else: self.options['ext_dir'] = v @property def base_dir(self): """Base directory to load modules and external libraries.""" return self.options['base_dir'] @base_dir.setter def base_dir(self, v): if isinstance(v, str): self.options['base_dir'] = [v] else: self.options['base_dir'] = v @property def filename(self): """input pcap file.""" return self.options['filename'] @filename.setter def filename(self, v): self.options['filename'] = v @property def filelist(self): """list of files to process""" return self.options['filelist'] @filelist.setter def filelist(self, v): self.options['filelist'] = v @property def aslist(self): """Treat filename as a file containing a list of files.""" return self.options['aslist'] @aslist.setter def aslist(self, v): self.options['aslist'] = v @property def longrun(self): """Read from filename forever even if there's no more pcap data.""" return self.options['longrun'] @longrun.setter def longrun(self, v): self.options['longrun'] = v @property def interface(self): """interface to listen on.""" return self.options['interface'] @interface.setter def interface(self, v): self.options['interface'] = v @property def modinfo(self): """print information about module(s) and exit.""" return self.options['modinfo'] @modinfo.setter def modinfo(self, v): self.options['modinfo'] = v @property def modtree(self): """print information about module tree and exit.""" return self.options['modtree'] @modtree.setter def modtree(self, v): self.options['modtree'] = v @property def GMT(self): """timestamps in GMT (tsprnt and tsprettyprnt only).""" return self.options['GMT'] @GMT.setter def GMT(self, v): self.options['GMT'] = v @property def savefiles(self): """Handle the saving of files. """ return self.options['savefiles'] @savefiles.setter def savefiles(self, v): self.options['savefiles'] = v @property def text(self): """Handle text/printable output. """ return self.options['text'] @text.setter def text(self, v): self.options['text'] = v @property def pyobjout(self): """Handle raw python objects""" return self.options['pyobjout'] @pyobjout.setter def pyobjout(self, v): self.options['pyobjout'] = v @property def jsonout(self): """Handle JSON Data (chop.json).""" return self.options['jsonout'] @jsonout.setter def jsonout(self, v): self.options['jsonout'] = v @property def modules(self): """String of Modules to execute""" return self.options['modules'] @modules.setter def modules(self, v): self.options['modules'] = v @property def bpf(self): """BPF string to pass to Nids""" return self.options['bpf'] @bpf.setter def bpf(self, v): self.options['bpf'] = v def get_message_queue(self): return self.tocaller def get_stop_fn(self): return self.stop def version(self): global VERSION return VERSION def abort(self): self.tonids.put(['abort']) self.surgeon.abort() def stop(self): self.stopped = True if self.surgeon: self.surgeon.stop() def setup_local_chop(self, name="ChopShop", pid=-1): #This allows Process 1 to access Chops, note that it has #a hardcoded id of -1 since otherwise it might overlap #with the other chops, only use a custom id if you know #what you're doing chophelper = ChopHelper(self.tocaller, self.options) self.chop = chophelper.setup_module(name, pid) def send_finished_msg(self, data={}, stop_seq=False): message = { 'type': 'ctrl', 'data': { 'msg': 'finished', 'status': 'ok' #default to ok } } for key, val in data.iteritems(): message['data'][key] = val self.kill_lock.acquire() try: self.tocaller.put(message) if stop_seq: self.tonids.put(['stop']) self.nidsp.join() except AttributeError: pass finally: self.kill_lock.release() def run(self): if not self.options['modinfo'] and not self.options[ 'modtree']: #No point in doing surgery if it's modinfo or modtree # Figure out where we're reading packets from if not self.options['interface']: if not self.options['filename']: if not self.options['filelist']: self.send_finished_msg( { 'status': 'error', 'errors': 'No input Specified' }, True) return else: self.surgeon = Surgeon(self.options['filelist']) self.options['filename'] = self.surgeon.create_fifo() self.surgeon.operate() else: if not os.path.exists(self.options['filename']): self.send_finished_msg( { 'status': 'error', 'errors': "Unable to find file '%s'" % self.options['filename'] }, True) return if self.options['aslist']: #input file is a listing of files to process self.surgeon = Surgeon([self.options['filename']], self.options['longrun']) self.options['filename'] = self.surgeon.create_fifo() #TODO operate right away or later? self.surgeon.operate(True) #Send options to Process 2 and tell it to setup self.kill_lock.acquire() try: self.tonids.put(['init', self.options]) except AttributeError: #usually means tonids is None #possibly being killed? pass except Exception, e: raise ChopLibException(e) finally:
def run(self): surgeon = None if not self.options['modinfo']: #No point in doing surgery if it's modinfo # Figure out where we're reading packets from if not self.options['interface']: if not self.options['filename']: if not self.options['filelist']: self.send_finished_msg({'status':'error','errors': 'No input Specified'}, True) return else: surgeon = Surgeon(self.options['filelist']) self.options['filename'] = surgeon.create_fifo() surgeon.operate() else: if not os.path.exists(self.options['filename']): self.send_finished_msg({'status':'error','errors':"Unable to find file '%s'" % self.options['filename']}, True) return if self.options['aslist']: #input file is a listing of files to process surgeon = Surgeon([self.options['filename']], self.options['longrun']) self.options['filename'] = surgeon.create_fifo() #TODO operate right away or later? surgeon.operate(True) #Send options to Process 2 and tell it to setup self.tonids.put(['init', self.options]) #Wait for a reponse resp = self.fromnids.get() if resp != 'ok': self.send_finished_msg({'status':'error','errors':resp}, True) return if self.options['modinfo']: self.tonids.put(['mod_info']) resp = self.fromnids.get() #really just to make sure the functions finish #Process 2 will quit after doing its job #Inform caller that the process is done self.send_finished_msg() #Surgeon should not be invoked so only need #to cleanup nidsp self.nidsp.join() return else: self.tonids.put(['cont']) #Processing loop while True: try: data = self.fromnids.get(True, .1) except Queue.Empty, e: if not self.nidsp.is_alive(): break if self.stopped: self.nidsp.terminate() continue if data[0] == "stop": #Send the message to caller that we need to stop message = { 'type' : 'ctrl', 'data' : {'msg' : 'stop'} } self.tocaller.put(message) self.nidsp.join(1) #Force Terminate if nids process is non-compliant if self.nidsp.is_alive(): self.nidsp.terminate() break time.sleep(.1)
class ChopLib(Thread): daemon = True def __init__(self): Thread.__init__(self, name = 'ChopLib') global DEFAULT_MODULE_DIRECTORY global DEFAULT_EXTLIB_DIRECTORY pyversion = sys.version_info pyversion = float(str(pyversion[0]) + "." + str(pyversion[1])) if pyversion < 2.6: raise ChopLibException("Minimum Python Version 2.6 Required") global Queue global Process from multiprocessing import Process, Queue from Queue import Empty Queue.Empty = Empty #I'd prefer to keep this scoped to Queue self.options = { 'mod_dir': [DEFAULT_MODULE_DIRECTORY], 'ext_dir': [DEFAULT_EXTLIB_DIRECTORY], 'base_dir': None, 'filename': '', 'filelist': None, 'bpf': None, 'aslist': False, 'longrun': False, 'interface': '', 'modinfo': False, 'modtree': False, 'GMT': False, 'savefiles': False, #Should ChopShop handle the saving of files? 'text': False, 'pyobjout': False, 'jsonout': False, 'modules': '' } self.stopped = False #Setup Interaction Queues self.tocaller = Queue() #output directly to caller self.fromnids = Queue() #input queue from nids process self.tonids = Queue() #output queue to nids process #Start up Process 2 (Nids Process) self.nidsp = Process(target=self.__nids_core_runner_, args=(self.tonids, self.fromnids, self.tocaller)) self.nidsp.daemon = True self.nidsp.start() self.chop = None self.surgeon = None self.kill_lock = Lock() @property def mod_dir(self): """Directory to load modules from.""" return self.options['mod_dir'] @mod_dir.setter def mod_dir(self, v): if isinstance(v, basestring): self.options['mod_dir'] = [v] else: self.options['mod_dir'] = v @property def ext_dir(self): """Directory to load external libraries from.""" return self.options['ext_dir'] @ext_dir.setter def ext_dir(self, v): if isinstance(v, basestring): self.options['ext_dir'] = [v] else: self.options['ext_dir'] = v @property def base_dir(self): """Base directory to load modules and external libraries.""" return self.options['base_dir'] @base_dir.setter def base_dir(self, v): if isinstance(v, basestring): self.options['base_dir'] = [v] else: self.options['base_dir'] = v @property def filename(self): """input pcap file.""" return self.options['filename'] @filename.setter def filename(self, v): self.options['filename'] = v @property def filelist(self): """list of files to process""" return self.options['filelist'] @filelist.setter def filelist(self, v): self.options['filelist'] = v @property def aslist(self): """Treat filename as a file containing a list of files.""" return self.options['aslist'] @aslist.setter def aslist(self, v): self.options['aslist'] = v @property def longrun(self): """Read from filename forever even if there's no more pcap data.""" return self.options['longrun'] @longrun.setter def longrun(self, v): self.options['longrun'] = v @property def interface(self): """interface to listen on.""" return self.options['interface'] @interface.setter def interface(self, v): self.options['interface'] = v @property def modinfo(self): """print information about module(s) and exit.""" return self.options['modinfo'] @modinfo.setter def modinfo(self, v): self.options['modinfo'] = v @property def modtree(self): """print information about module tree and exit.""" return self.options['modtree'] @modtree.setter def modtree(self, v): self.options['modtree'] = v @property def GMT(self): """timestamps in GMT (tsprnt and tsprettyprnt only).""" return self.options['GMT'] @GMT.setter def GMT(self, v): self.options['GMT'] = v @property def savefiles(self): """Handle the saving of files. """ return self.options['savefiles'] @savefiles.setter def savefiles(self, v): self.options['savefiles'] = v @property def text(self): """Handle text/printable output. """ return self.options['text'] @text.setter def text(self, v): self.options['text'] = v @property def pyobjout(self): """Handle raw python objects""" return self.options['pyobjout'] @pyobjout.setter def pyobjout(self, v): self.options['pyobjout'] = v @property def jsonout(self): """Handle JSON Data (chop.json).""" return self.options['jsonout'] @jsonout.setter def jsonout(self, v): self.options['jsonout'] = v @property def modules(self): """String of Modules to execute""" return self.options['modules'] @modules.setter def modules(self, v): self.options['modules'] = v @property def bpf(self): """BPF string to pass to Nids""" return self.options['bpf'] @bpf.setter def bpf(self, v): self.options['bpf'] = v def get_message_queue(self): return self.tocaller def get_stop_fn(self): return self.stop def version(self): global VERSION return VERSION def abort(self): self.tonids.put(['abort']) self.surgeon.abort() def stop(self): self.stopped = True if self.surgeon: self.surgeon.stop() def setup_local_chop(self, name = "ChopShop", pid = -1): #This allows Process 1 to access Chops, note that it has #a hardcoded id of -1 since otherwise it might overlap #with the other chops, only use a custom id if you know #what you're doing chophelper = ChopHelper(self.tocaller, self.options) self.chop = chophelper.setup_module(name, pid) def send_finished_msg(self, data = {}, stop_seq = False): message = { 'type' : 'ctrl', 'data' : {'msg' : 'finished', 'status': 'ok' #default to ok } } for key,val in data.iteritems(): message['data'][key] = val self.kill_lock.acquire() try: self.tocaller.put(message) if stop_seq: self.tonids.put(['stop']) self.nidsp.join() except AttributeError: pass finally: self.kill_lock.release() def run(self): if not self.options['modinfo'] and not self.options['modtree']: #No point in doing surgery if it's modinfo or modtree # Figure out where we're reading packets from if not self.options['interface']: if not self.options['filename']: if not self.options['filelist']: self.send_finished_msg({'status':'error','errors': 'No input Specified'}, True) return else: self.surgeon = Surgeon(self.options['filelist']) self.options['filename'] = self.surgeon.create_fifo() self.surgeon.operate() else: if not os.path.exists(self.options['filename']): self.send_finished_msg({'status':'error','errors':"Unable to find file '%s'" % self.options['filename']}, True) return if self.options['aslist']: #input file is a listing of files to process self.surgeon = Surgeon([self.options['filename']], self.options['longrun']) self.options['filename'] = self.surgeon.create_fifo() #TODO operate right away or later? self.surgeon.operate(True) #Send options to Process 2 and tell it to setup self.kill_lock.acquire() try: self.tonids.put(['init', self.options]) except AttributeError: #usually means tonids is None #possibly being killed? pass except Exception, e: raise ChopLibException(e) finally: