def create_tcp_flows(self, link_len):
local_flow = []
trace_index = 0
# parse the data into list of flow of packets
for i in range(len(self.data)):
new_packet = self.init_tcp_pkt()
new_packet["ts"] = dp.packet_time(self.data, i)
new_packet["src_ip"] = dp.src_ip(self.data, i, link_len)
new_packet["dst_ip"] = dp.dst_ip(self.data, i, link_len)
new_packet["src_port"] = dp.src_port(self.data, i, link_len)
new_packet["dst_port"] = dp.dst_port(self.data, i, link_len)
new_packet["flags"]["urg"] = dp.tcp_flag_bit(self.data, i, link_len, 5)
new_packet["flags"]["ack"] = dp.tcp_flag_bit(self.data, i, link_len, 4)
new_packet["flags"]["psh"] = dp.tcp_flag_bit(self.data, i, link_len, 3)
new_packet["flags"]["rst"] = dp.tcp_flag_bit(self.data, i, link_len, 2)
new_packet["flags"]["syn"] = dp.tcp_flag_bit(self.data, i, link_len, 1)
new_packet["flags"]["fin"] = dp.tcp_flag_bit(self.data, i, link_len, 0)
new_packet["ack_num"] = dp.ack_num(self.data, i, link_len)
new_packet["seq_num"] = dp.sequence_num(self.data, i, link_len)
new_packet["win_size"] = dp.window_size_server(self.data, i, link_len) # size match
new_packet["seg_len"] = dp.tcp_seg_size(self.data, i, link_len)
new_packet["hashed_payload"] = util.md5_hash(dp.udp_payload(self.data, i, link_len))
new_packet["trace_index"] = trace_index
# check new flow
if new_packet["flags"]["syn"] and not new_packet["flags"]["ack"] and local_flow:
self.packets.append(local_flow)
local_flow = [new_packet]
trace_index += 1
else:
local_flow.append(new_packet)
if local_flow:
self.packets.append(local_flow)
def create_ip_trace(self, link_len):
self.ip_trace = []
for i in range(len(self.data)):
new_ip = self.init_ip_pkt()
# Notice that we store the converted Timestamp for debugging purpose
new_ip["ts"] = util.convert_ts_in_human(dp.packet_time(self.data, i), year=True)
new_ip["src_ip"] = dp.src_ip(self.data, i, link_len)
new_ip["dst_ip"] = dp.dst_ip(self.data, i, link_len)
new_ip["ip_header_len"] = dp.get_ip_header_len(self.data, i, link_len)
new_ip["ip_len"] = dp.get_ip_len(self.data, i, link_len)
new_ip["ip_raw_header"] = dp.raw_ip_header(self.data, i, link_len)
new_ip["tlp_type"] = dp.protocol_type(self.data, i, link_len)
if new_ip["tlp_type"] == const.TCP_ID:
new_ip["tlp_raw_header"] = dp.get_raw_tcp_header(self.data, i, link_len)
elif new_ip["tlp_type"] == const.UDP_ID:
new_ip["tlp_raw_header"] = dp.get_raw_udp_header(self.data, i, link_len)
self.ip_trace.append(new_ip)
def create_tcp_flows(self, link_len):
local_flow = []
trace_index = 0
# parse the data into list of flow of packets
for i in range(len(self.data)):
new_packet = self.init_tcp_pkt()
new_packet["ts"] = dp.packet_time(self.data, i)
new_packet["src_ip"] = dp.src_ip(self.data, i, link_len)
new_packet["dst_ip"] = dp.dst_ip(self.data, i, link_len)
new_packet["src_port"] = dp.src_port(self.data, i, link_len)
new_packet["dst_port"] = dp.dst_port(self.data, i, link_len)
new_packet["flags"]["urg"] = dp.tcp_flag_bit(
self.data, i, link_len, 5)
new_packet["flags"]["ack"] = dp.tcp_flag_bit(
self.data, i, link_len, 4)
new_packet["flags"]["psh"] = dp.tcp_flag_bit(
self.data, i, link_len, 3)
new_packet["flags"]["rst"] = dp.tcp_flag_bit(
self.data, i, link_len, 2)
new_packet["flags"]["syn"] = dp.tcp_flag_bit(
self.data, i, link_len, 1)
new_packet["flags"]["fin"] = dp.tcp_flag_bit(
self.data, i, link_len, 0)
new_packet["ack_num"] = dp.ack_num(self.data, i, link_len)
new_packet["seq_num"] = dp.sequence_num(self.data, i, link_len)
new_packet["win_size"] = dp.window_size_server(
self.data, i, link_len) # size match
new_packet["seg_len"] = dp.tcp_seg_size(self.data, i, link_len)
new_packet["hashed_payload"] = util.md5_hash(
dp.udp_payload(self.data, i, link_len))
new_packet["trace_index"] = trace_index
# check new flow
if new_packet["flags"][
"syn"] and not new_packet["flags"]["ack"] and local_flow:
self.packets.append(local_flow)
local_flow = [new_packet]
trace_index += 1
else:
local_flow.append(new_packet)
if local_flow:
self.packets.append(local_flow)
def create_udp_trace(self, link_len):
self.udp_trace = []
for i in range(len(self.data)):
new_datagram = self.init_udp_pkt()
new_datagram["ts"] = dp.packet_time(self.data, i)
# identical to TCP
new_datagram["src_ip"] = dp.src_ip(self.data, i, link_len)
new_datagram["dst_ip"] = dp.dst_ip(self.data, i, link_len)
new_datagram["src_port"] = dp.src_port(self.data, i, link_len)
new_datagram["dst_port"] = dp.dst_port(self.data, i, link_len)
new_datagram["seg_size"] = dp.udp_seg_size(self.data, i, link_len)
new_datagram["hashed_payload"] = util.md5_hash(dp.udp_payload(self.data, i, link_len))
new_datagram["seq_num"] = dp.udp_seq_num(self.data, i, link_len)
"""
payload = dp.udp_payload(self.data, i, link_len)
print "Payload with length %d:" % len(payload)
print payload
print "Hashed Result %s" % new_datagram["hashed_payload"]
print "@" * 50
"""
self.udp_trace.append(new_datagram)
def create_ip_trace(self, link_len):
self.ip_trace = []
for i in range(len(self.data)):
new_ip = self.init_ip_pkt()
# Notice that we store the converted Timestamp for debugging purpose
new_ip["ts"] = util.convert_ts_in_human(dp.packet_time(
self.data, i),
year=True)
new_ip["src_ip"] = dp.src_ip(self.data, i, link_len)
new_ip["dst_ip"] = dp.dst_ip(self.data, i, link_len)
new_ip["ip_header_len"] = dp.get_ip_header_len(
self.data, i, link_len)
new_ip["ip_len"] = dp.get_ip_len(self.data, i, link_len)
new_ip["ip_raw_header"] = dp.raw_ip_header(self.data, i, link_len)
new_ip["tlp_type"] = dp.protocol_type(self.data, i, link_len)
if new_ip["tlp_type"] == const.TCP_ID:
new_ip["tlp_raw_header"] = dp.get_raw_tcp_header(
self.data, i, link_len)
elif new_ip["tlp_type"] == const.UDP_ID:
new_ip["tlp_raw_header"] = dp.get_raw_udp_header(
self.data, i, link_len)
self.ip_trace.append(new_ip)
def create_udp_trace(self, link_len):
self.udp_trace = []
for i in range(len(self.data)):
new_datagram = self.init_udp_pkt()
new_datagram["ts"] = dp.packet_time(self.data, i)
# identical to TCP
new_datagram["src_ip"] = dp.src_ip(self.data, i, link_len)
new_datagram["dst_ip"] = dp.dst_ip(self.data, i, link_len)
new_datagram["src_port"] = dp.src_port(self.data, i, link_len)
new_datagram["dst_port"] = dp.dst_port(self.data, i, link_len)
new_datagram["seg_size"] = dp.udp_seg_size(self.data, i, link_len)
new_datagram["hashed_payload"] = util.md5_hash(
dp.udp_payload(self.data, i, link_len))
new_datagram["seq_num"] = dp.udp_seq_num(self.data, i, link_len)
"""
payload = dp.udp_payload(self.data, i, link_len)
print "Payload with length %d:" % len(payload)
print payload
print "Hashed Result %s" % new_datagram["hashed_payload"]
print "@" * 50
"""
self.udp_trace.append(new_datagram)