def send_single_UDP(dpkt_request, port, copy_ip, copy_port):
method = dpkt_request.method
if (cmp(method, "GET") == 0 or cmp(method, "POST") == 0):
data = wapper_data(dpkt_request, port)
capture_log.log_info("send data %s" % str(data))
addr = (copy_ip, copy_port)
sock = socket(AF_INET, SOCK_DGRAM) # UDP
sock.connect(addr)
sock.send(str(data))
else:
capture_log.log_error("error method %s" % method)
pass
def filter(dpkt_request):
flag = True
uri = dpkt_request.uri
host = None
http_headers = dpkt_request.headers
if (http_headers.has_key('host')):
host = http_headers['host']
if not filter_uri(uri):
flag = False
capture_log.log_error("not match uri %s" % uri)
if host:
if not filter_host(host):
flag = False
capture_log.log_error("not match host %s" % host)
return flag
def send_groupcast_UDP(dpkt_request,
port,
copy_port,
local_ip,
group='224.1.1.1',
ttl=255):
method = dpkt_request.method
if (cmp(method, "GET") == 0 or cmp(method, "POST") == 0):
data = wapper_data(dpkt_request, copy_port)
sock = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP)
sock.bind((local_ip, port))
# Set Time-to-live (optional)
ttl_bin = struct.pack('@i', ttl)
sock.setsockopt(IPPROTO_IP, IP_MULTICAST_TTL, ttl_bin)
status = sock.setsockopt(IPPROTO_IP, IP_ADD_MEMBERSHIP,
inet_aton(group) + inet_aton(local_ip))
sock.sendto(data, (group, port))
else:
capture_log.log_error("error method %s" % method)
pass
def main_pcap(p_time, p_data, local_ip, port, copy_ip, copy_port, exclude_ips):
p = dpkt.ethernet.Ethernet(p_data)
if p.data.__class__.__name__ == 'IP':
ip_data = p.data
src_ip = '%d.%d.%d.%d' % tuple(map(ord, list(ip_data.src)))
if (cmp(src_ip, local_ip) != 0 and exclude_ip(src_ip, exclude_ips)):
if p.data.data.__class__.__name__ == 'TCP':
tcp_data = p.data.data
if tcp_data.dport == port:
if tcp_data.data:
try:
dpkt_request = dpkt.http.Request(tcp_data.data)
# src send packet not capture
capture_send.send_single_UDP(
dpkt_request, port, copy_ip, copy_port)
except Exception, e:
error_str = "Capture src_ip %s:local_ip %s:exception: %s" % (
src_ip, local_ip, e)
capture_log.log_error(error_str)
pass
def start():
if (len(sys.argv) < 4):
capture_nc = capture_config.getConfig("config", 'nc')
if (not capture_nc):
print "error not have network card info"
capture_log.log_error("error not have network card info")
sys.exit(1)
capture_port = capture_config.getConfig("config", 'capture_port')
if (not capture_port):
print "error not have capture port info"
capture_log.log_error("error not have capture port info")
sys.exit(1)
copy_ip = capture_config.getConfig("config", 'copy_ip')
if (not copy_ip):
print "error not have copyserver ip info"
capture_log.log_error("error not have copyserver ip info")
sys.exit(1)
print "Start capture port: %s network card: %s copy ip: %s" % (
capture_port, capture_nc, copy_ip)
capture_log.log_info(
"Start capture port: %s network card: %s copy ip: %s" %
(capture_port, capture_nc, copy_ip))
copy_port = capture_config.getConfig("config", 'copy_port')
if (copy_port):
capture.capture(capture_nc, int(capture_port), copy_ip,
int(copy_port))
else:
capture.capture(capture_nc, int(capture_port), copy_ip)
else:
capture_nc = sys.argv[1]
capture_port = int(sys.argv[2])
copy_ip = sys.argv[3]
print "Start capture port: %s network card: %s copy ip: %s" % (
capture_port, capture_nc, copy_ip)
if (len(sys.argv) == 5):
copy_port = sys.argv[4]
capture.capture(capture_nc, capture_port, copy_ip, copy_port)
else:
capture.capture(capture_nc, capture_port, copy_ip)
