def testFilter_withFields_IP(self):
func = filter_from_str('ip.src == 127.0.0.1')
self.assertTrue(func(self.ether_ip_tcp))
self.assertTrue(func(self.ether_ip_udp))
self.assertFalse(func(self.ether_arp))
func = filter_from_str('ip.dst == 1.2.3.4')
self.assertFalse(func(self.ether_ip_tcp))
self.assertFalse(func(self.ether_ip_udp))
self.assertFalse(func(self.ether_arp))
def testFilter_withFields_TCP_flags(self):
func = filter_from_str('tcp.syn == True')
self.assertTrue(func(self.ether_ip_tcp))
self.assertFalse(func(self.ether_ip_udp))
self.assertFalse(func(self.ether_arp))
func = filter_from_str('tcp.ack == True')
self.assertFalse(func(self.ether_ip_tcp))
self.assertFalse(func(self.ether_ip_udp))
self.assertFalse(func(self.ether_arp))
def testFilter_withFields_TCP_ports(self):
func = filter_from_str('tcp.src_port == 1337')
self.assertTrue(func(self.ether_ip_tcp))
self.assertFalse(func(self.ether_ip_udp))
self.assertFalse(func(self.ether_arp))
func = filter_from_str('tcp.src_port == 1448')
self.assertFalse(func(self.ether_ip_tcp))
self.assertFalse(func(self.ether_ip_udp))
self.assertFalse(func(self.ether_arp))
def main():
parser = get_parser()
args = parser.parse_args()
args.verbosity = min(args.verbosity, 2)
args.ifaces = list() if args.ifaces is None else args.ifaces
path = args.dump_file
verbosity_to_visitor = [
ZeroVerbosityVisitor(),
FirstVerbosityVisitor(),
SecondVerbosityVisitor()
]
try:
filter_func = filter_from_str(args.filter)
except ValueError as e:
print(e)
return
try:
if path is not None:
dump_writer = PcapWriter(path, args.max_size)
else:
dump_writer = EmptyWriter()
out_writer = FormattedWriter(
verbosity_to_visitor[args.verbosity],
args.time
)
try:
receiver = SocketReceiver(*args.ifaces)
except OSError as e:
print(f'Error: {e}')
return 0
except FileNotFoundError:
print(f'File {args.dump_file} is not found or could not be created')
return
except PermissionError:
print(
f'Permission error. '
f'You need to use root privileges to run the program'
)
return
except ValueError as e:
print(e)
return
sniffer = Sniffer(dump_writer, out_writer, receiver, filter_func)
sniffer.start_sniffing()
def testFilter_withProto_Ether(self):
func = filter_from_str('proto == IP')
self.assertTrue(func(self.ether_ip_tcp))
self.assertTrue(func(self.ether_ip_udp))
self.assertFalse(func(self.ether_arp))
def testFilter_ReturnsTrueWithoutArgs(self):
func = filter_from_str()
self.assertTrue(func(self.ether_ip_tcp))
self.assertTrue(func(self.ether_ip_udp))
self.assertTrue(func(self.ether_arp))
