def collecting_traffic(name): print(str(name) + ' Thread starts') shell = Shell() net_data = NetworkData() ip = net_data.get_host_ip() net = ipaddress.ip_network(ip, strict=False) shell.execute("echo \"1996\" | sudo -S tcpdump -i any -v -G 60 net " + str(net) + " -w data-%S.pcap")
class Handler(FileSystemEventHandler): def __init__(self, queue): self.queue = queue self.shell = Shell() def on_any_event(self, event): if event.is_directory: return None elif event.event_type == 'created': # Event is created, you can process it now print("Watchdog received created event - % s." % event.src_path) if ('data' in str(event.src_path)): self.queue.put(str(event.src_path)[2:]) print(self.queue.qsize()) if (self.queue.qsize() > 1): file = self.queue.get() csv_file_name = socket.gethostname( ) + 'traffic' + file[5:-5] + '.csv' self.shell.execute("echo \"abcd\" | sudo -S tshark -r " + file + "-T fields -E separator=, -E " "quote=d -e _ws.col.No. -e " "_ws.col.Time -e _ws.col.Source -e " "tcp.srcport -e _ws.col.Destination " "-e tcp.dstport -e _ws.col.Protocol " "-e _ws.col.Length -e _ws.col.Info " "> " + csv_file_name) try: var_password = "******" var_command = "scp -o StrictHostKeychecking=no " + csv_file_name + " [email protected]:/root/GateWay/Profiles" var_child = pexpect.spawn(var_command) i = var_child.expect(["password:"******"Got the key or connection timeout") pass except Exception as e: print("Oops Something went wrong buddy") print(e)
class Handler(FileSystemEventHandler): def __init__(self, queue, dfQueue): self.df_queue = dfQueue self.queue = queue self.shell = Shell() def on_any_event(self, event): if event.is_directory: return None elif event.event_type == 'created': # Event is created, you can process it now print("Watchdog received created event - % s." % event.src_path) if('data' in str(event.src_path)): self.queue.put(str(event.src_path)[2:]) print(self.queue.qsize()) if(self.queue.qsize() > 1): file = self.queue.get() csv_file_name = 'traffic'+file[5:-5]+'.csv' self.shell.execute("echo \"1996\" | sudo -S tshark -r " + file + " -T fields -E separator=, -E quote=d -e _ws.col.No. -e _ws.col.Time -e _ws.col.Source -e _ws.col.SourcePort -e _ws.col.Destination -e _ws.col.DestinationPort -e _ws.col.Protocol -e _ws.col.Length -e _ws.col.Info > " + csv_file_name) packets = [] csv_file = open(csv_file_name, mode='r') csv_reader = csv.DictReader(csv_file, fieldnames=['no','time', 'src_ip', 'src_port', 'dst_ip', 'dst_port', 'protocol', 'length', 'info']) for row in csv_reader: packet = { 'time' : row['time'], 'src_ip' : {True : row['src_ip'], False: '0.0.0.0' } [row['src_ip'] != ''], 'src_port' : {True : row['src_port'], False: '0' } [row['src_port'] != ''], 'dst_ip' : {True : row['dst_ip'], False: '0.0.0.0' } [row['dst_ip'] != ''], 'dst_port' : {True : row['dst_port'], False: '0' } [row['dst_port'] != ''], 'protocol' : row['protocol'], 'length' : int(row['length']), 'info' : row['info'], 'dir' : 'NA' } packets.append(packet) csv_file.close() os.remove(csv_file_name) df = pd.DataFrame(packets) self.df_queue.put(df)
def collecting_traffic(name): print(str(name) + ' Thread starts') shell = Shell() shell.execute("echo \"abcd\" | sudo -S rm *.csv") shell.execute("echo \"abcd\" | sudo -S rm *.pcap") shell.execute("echo \"abcd\" | sudo -S stop my") shell.execute( "echo \"abcd\" | sudo -S tcpdump -i any -v -G 20 not arp and not src 10.3.0.24 and not src 127.0.0.1 and not " "dst 10.3.0.24 and not dst 127.0.0.1 -w data-%S.pcap")
def allowed_traffic_generate(name): print(str(name) + ' Thread starts') shell = Shell() while True: shell.execute("echo \"abcd\" | sudo -S curl http://172.24.4.159:8080") time.sleep(1)