def handlePacket(self, pkt):
self.pkts.append(pkt)
elts = []
edges = []
new_elts, new_edges = self.checkIP(pkt)
if new_elts:
elts += new_elts
if new_edges:
edges += new_edges
new_elts, new_edges = self.checkDNS(pkt)
if new_elts:
elts += new_elts
if new_edges:
edges += new_edges
# do flow analysis here, if necessary
if TCP in pkt or UDP in pkt:
Flow.pkt_handler(pkt, self.flows)
self.send_flow_statistics(self.flows[Flow.flowid(pkt)])
# end flow analysis
self.send_nodes(elts, edges)
def handlePacket(self, pkt): self.pkts.append(pkt) elts = [] edges = [] new_elts, new_edges = self.checkIP(pkt) if new_elts: elts += new_elts if new_edges: edges += new_edges new_elts, new_edges = self.checkDNS(pkt) if new_elts: elts += new_elts if new_edges: edges += new_edges # do flow analysis here, if necessary if TCP in pkt or UDP in pkt: Flow.pkt_handler(pkt, self.flows) flow = self.flows[Flow.flowid(pkt)] self.send_flow_statistics(flow) new_elts, new_edges = self.checkHTTP(flow) if new_elts: elts += new_elts if new_edges: edges += new_edges # end flow analysis self.send_nodes(elts, edges)
def handlePacket(self, pkt): IP_layer = IP if IP in pkt else IPv6 # add IPv6 support another night... if IP_layer == IPv6: return self.pkts.append(pkt) elts = [] edges = [] new_elts, new_edges = self.checkIP(pkt) if new_elts: elts += new_elts if new_edges: edges += new_edges new_elts, new_edges = self.checkDNS(pkt) if new_elts: elts += new_elts if new_edges: edges += new_edges # do flow analysis here, if necessary if TCP in pkt or UDP in pkt: Flow.pkt_handler(pkt, self.flows) flow = self.flows[Flow.flowid(pkt)] self.send_flow_statistics(flow) new_elts, new_edges = self.checkHTTP(flow) if new_elts: elts += new_elts if new_edges: edges += new_edges # end flow analysis if elts != [] or edges != []: self.send_nodes(elts, edges) if self.pcap: time.sleep(0.1)
