def GET(self): expert = cached.get_stat_cache('expertinfo') if None == expert: FILTER, FREQUENCY, GROUP, PROTOCOL, SUMMARY = range(5) expert = {'Errors': [], 'Warns': [], 'Notes': [], 'Chats': []} cached.set_stat_cache('expertinfo', expert) base_args = ['tshark', '-q', '-r', cached.get_curr_fname_path(), '-z'] p = sp.Popen(gen_statistics_args(base_args, 'expert', cached.dfilter), stdin=sp.PIPE, stdout=sp.PIPE, close_fds=True) currinfo = None line = p.stdout.readline() while line: line = p.stdout.readline() if '\n' == line or '====' in line or 'Frequency' in line: continue fields = line.strip().split(None, 4) if 0 == len(fields): continue if not fields[0].isdigit() and expert.has_key(fields[0]): currinfo = expert[fields[0]] continue record = {} record['Filter'] = fields[FILTER] record['Frequency'] = fields[FREQUENCY] record['Group'] = fields[GROUP] record['Protocol'] = fields[PROTOCOL] record['Summary'] = fields[SUMMARY] currinfo.append(record) p.stdout.close() p.stdin.close() web.header('Access-Control-Allow-Origin', '*') return json.dumps(expert)
def GET(self): out_json = cached.get_stat_cache('ip_hosts') if None == out_json: out_json = [] cached.set_stat_cache('ip_hosts', out_json) base_args = [ 'tshark', '-q', '-r', cached.get_curr_fname_path(), '-z', 'ip_hosts,tree' ] field_names = [ 'Topic / Item', 'Count', 'Rate (ms)', 'Percent', 'Burst rate', 'Burst start' ] p = sp.Popen(base_args, stdin=sp.PIPE, stdout=sp.PIPE, close_fds=True) line = p.stdout.readline() while line: line = p.stdout.readline().replace('IP Addresses', 'IP Addresses') fields = line.split() if len(fields) != len(field_names): continue out_json.append(dict(zip(field_names, fields))) p.stdout.close() p.stdin.close() web.header('Access-Control-Allow-Origin', '*') return json.dumps(out_json)
def GET(self): out_json = cached.get_stat_cache('io_phs') if None == out_json: base_args = ['tshark', '-q', '-r', cached.get_curr_fname_path(), '-z', 'io,phs'] p = sp.Popen(base_args, stdin=sp.PIPE, stdout=sp.PIPE, close_fds=True) out_json = p.stdout.read() cached.set_stat_cache('io_phs', out_json) p.stdout.close() p.stdin.close() web.header('Access-Control-Allow-Origin', '*') return out_json
def GET(self): outconv = cached.get_stat_cache('conv') if None == outconv: outconv = [] cached.set_stat_cache('conv', outconv) NAME, VALUE = SOCK_ADDR, SOCK_PORT = range(2) SRCINFO, CONVSTR, DSTINFO, PACKETS_DST2SRC, BYTES_DST2SRC, PACKETS_SRC2DST, BYTES_SRC2DST, PACKETS, BYTES, REL_START, DURATION = range( 11) base_args = [ 'tshark', '-q', '-nn', '-r', cached.get_curr_fname_path(), '-z' ] p = sp.Popen(gen_statistics_args(base_args, 'conv,tcp', cached.dfilter), stdin=sp.PIPE, stdout=sp.PIPE, close_fds=True) line = p.stdout.readline() while line: line = p.stdout.readline() if '<->' not in line: continue fields = line.split() srcsock = fields[SRCINFO].split(':') dstsock = fields[DSTINFO].split(':') conv = {} conv['Address SRC'] = srcsock[SOCK_ADDR] conv['Port SRC'] = srcsock[SOCK_PORT] conv['Address DST'] = dstsock[SOCK_ADDR] conv['Port DST'] = dstsock[SOCK_PORT] conv['Total Packets'] = fields[PACKETS] conv['Total Bytes'] = fields[BYTES] conv['Packets SRC -> DST'] = fields[PACKETS_SRC2DST] conv['Bytes SRC -> DST'] = fields[BYTES_SRC2DST] conv['Packets DST -> SRC'] = fields[PACKETS_DST2SRC] conv['Bytes DST -> SRC'] = fields[BYTES_DST2SRC] conv['Rel Start'] = fields[REL_START] conv['Duration'] = fields[DURATION] conv['Filter-IP'] = '(ip.addr eq %s and ip.addr eq %s)' % ( srcsock[SOCK_ADDR], dstsock[SOCK_ADDR]) conv['Filter-TCP'] = '(ip.addr eq %s and ip.addr eq %s) and (tcp.port eq %s and tcp.port eq %s)' % \ (srcsock[SOCK_ADDR], dstsock[SOCK_ADDR], srcsock[SOCK_PORT], dstsock[SOCK_PORT]) conv['Filter-TCP-Stream'] = '%s:%s,%s:%s' % ( srcsock[SOCK_ADDR], srcsock[SOCK_PORT], dstsock[SOCK_ADDR], dstsock[SOCK_PORT]) outconv.append(conv) p.stdout.close() p.stdin.close() print len(outconv) web.header('Access-Control-Allow-Origin', '*') return json.dumps(outconv)
def GET(self): capinfo = cached.get_stat_cache('capinfo') if None == capinfo: capinfo = {} cached.set_stat_cache('capinfo', capinfo) NAME, VALUE = SOCK_ADDR, SOCK_PORT = range(2) p = sp.Popen(['/usr/local/bin/capinfos', cached.get_curr_fname_path()], stdin=sp.PIPE, stdout=sp.PIPE, close_fds=True) line = p.stdout.readline() while line: fields = line.split(':', 1) capinfo[fields[NAME]] = fields[VALUE].strip() line = p.stdout.readline() p.stdout.close() p.stdin.close() web.header('Access-Control-Allow-Origin', '*') return json.dumps(capinfo)
def GET(self): out_json = cached.get_stat_cache('io_phs') if None == out_json: base_args = [ 'tshark', '-q', '-r', cached.get_curr_fname_path(), '-z', 'io,phs' ] p = sp.Popen(base_args, stdin=sp.PIPE, stdout=sp.PIPE, close_fds=True) out_json = p.stdout.read() cached.set_stat_cache('io_phs', out_json) p.stdout.close() p.stdin.close() web.header('Access-Control-Allow-Origin', '*') return out_json
def GET(self): out_json = cached.get_stat_cache('ip_hosts') if None == out_json: out_json = [] cached.set_stat_cache('ip_hosts', out_json) base_args = ['tshark', '-q', '-r', cached.get_curr_fname_path(), '-z', 'ip_hosts,tree'] field_names = ['Topic / Item', 'Count', 'Rate (ms)', 'Percent', 'Burst rate', 'Burst start'] p = sp.Popen(base_args, stdin=sp.PIPE, stdout=sp.PIPE, close_fds=True) line = p.stdout.readline() while line: line = p.stdout.readline().replace('IP Addresses', 'IP Addresses') fields = line.split() if len(fields) != len(field_names): continue out_json.append(dict(zip(field_names, fields))) p.stdout.close() p.stdin.close() web.header('Access-Control-Allow-Origin', '*') return json.dumps(out_json)
def GET(self): outconv = cached.get_stat_cache('conv') if None == outconv: outconv = [] cached.set_stat_cache('conv', outconv) NAME, VALUE = SOCK_ADDR, SOCK_PORT = range(2) SRCINFO, CONVSTR, DSTINFO, PACKETS_DST2SRC, BYTES_DST2SRC, PACKETS_SRC2DST, BYTES_SRC2DST, PACKETS, BYTES, REL_START, DURATION = range(11) base_args = ['tshark', '-q', '-nn', '-r', cached.get_curr_fname_path(), '-z'] p = sp.Popen(gen_statistics_args(base_args, 'conv,tcp', cached.dfilter), stdin=sp.PIPE, stdout=sp.PIPE, close_fds=True) line = p.stdout.readline() while line: line = p.stdout.readline() if '<->' not in line: continue fields = line.split() srcsock = fields[SRCINFO].split(':') dstsock = fields[DSTINFO].split(':') conv = {} conv['Address SRC'] = srcsock[SOCK_ADDR] conv['Port SRC'] = srcsock[SOCK_PORT] conv['Address DST'] = dstsock[SOCK_ADDR] conv['Port DST'] = dstsock[SOCK_PORT] conv['Total Packets'] = fields[PACKETS] conv['Total Bytes'] = fields[BYTES] conv['Packets SRC -> DST'] = fields[PACKETS_SRC2DST] conv['Bytes SRC -> DST'] = fields[BYTES_SRC2DST] conv['Packets DST -> SRC'] = fields[PACKETS_DST2SRC] conv['Bytes DST -> SRC'] = fields[BYTES_DST2SRC] conv['Rel Start'] = fields[REL_START] conv['Duration'] = fields[DURATION] conv['Filter-IP'] = '(ip.addr eq %s and ip.addr eq %s)' % (srcsock[SOCK_ADDR], dstsock[SOCK_ADDR]) conv['Filter-TCP'] = '(ip.addr eq %s and ip.addr eq %s) and (tcp.port eq %s and tcp.port eq %s)' % \ (srcsock[SOCK_ADDR], dstsock[SOCK_ADDR], srcsock[SOCK_PORT], dstsock[SOCK_PORT]) conv['Filter-TCP-Stream'] = '%s:%s,%s:%s' % (srcsock[SOCK_ADDR], srcsock[SOCK_PORT], dstsock[SOCK_ADDR], dstsock[SOCK_PORT]) outconv.append(conv) p.stdout.close() p.stdin.close() print len(outconv) web.header('Access-Control-Allow-Origin', '*') return json.dumps(outconv)
def GET(self): capinfo = cached.get_stat_cache('capinfo') if None == capinfo: capinfo = {} cached.set_stat_cache('capinfo', capinfo) NAME, VALUE = SOCK_ADDR, SOCK_PORT = range(2) p = sp.Popen( ['/usr/local/bin/capinfos', cached.get_curr_fname_path()], stdin=sp.PIPE, stdout=sp.PIPE, close_fds=True) line = p.stdout.readline() while line: fields = line.split(':', 1) capinfo[fields[NAME]] = fields[VALUE].strip() line = p.stdout.readline() p.stdout.close() p.stdin.close() web.header('Access-Control-Allow-Origin', '*') return json.dumps(capinfo)
def GET(self): expert = cached.get_stat_cache('expertinfo') if None == expert: FILTER, FREQUENCY, GROUP, PROTOCOL, SUMMARY = range(5) expert = {'Errors': [], 'Warns': [], 'Notes': [], 'Chats': []} cached.set_stat_cache('expertinfo', expert) base_args = [ 'tshark', '-q', '-r', cached.get_curr_fname_path(), '-z' ] p = sp.Popen(gen_statistics_args(base_args, 'expert', cached.dfilter), stdin=sp.PIPE, stdout=sp.PIPE, close_fds=True) currinfo = None line = p.stdout.readline() while line: line = p.stdout.readline() if '\n' == line or '====' in line or 'Frequency' in line: continue fields = line.strip().split(None, 4) if 0 == len(fields): continue if not fields[0].isdigit() and expert.has_key(fields[0]): currinfo = expert[fields[0]] continue record = {} record['Filter'] = fields[FILTER] record['Frequency'] = fields[FREQUENCY] record['Group'] = fields[GROUP] record['Protocol'] = fields[PROTOCOL] record['Summary'] = fields[SUMMARY] currinfo.append(record) p.stdout.close() p.stdin.close() web.header('Access-Control-Allow-Origin', '*') return json.dumps(expert)