def start(self):
"""
Start capturing network traffic for the specified machine
(interface)
"""
from lophi.sensors.network import NetworkCapture
# Setup a queue to communicate with the process
self.command_queue = multiprocessing.Queue()
# Initialize our Volatility wrapper
self.analysis_engine = NetworkCapture(self.machine,
command_queue=self.command_queue,
output_queue=self.output_queue)
if self.analysis_engine is None:
logger.error("Analysis could not be started.")
return
# Spawn a new proccess
self.analysis_engine.start()
class NetworkCaptureEngine(AnalysisEngine):
def __init__(self,machine, output_queue):
"""
Initialize our network capture engine
"""
self.machine = machine
self.output_queue = output_queue
AnalysisEngine.__init__(self)
def start(self):
"""
Start capturing network traffic for the specified machine
(interface)
"""
from lophi.sensors.network import NetworkCapture
# Setup a queue to communicate with the process
self.command_queue = multiprocessing.Queue()
# Initialize our Volatility wrapper
self.analysis_engine = NetworkCapture(self.machine,
command_queue=self.command_queue,
output_queue=self.output_queue)
if self.analysis_engine is None:
logger.error("Analysis could not be started.")
return
# Spawn a new proccess
self.analysis_engine.start()
def stop(self):
"""
Stop any network analysis nicely
"""
logger.debug("Stopping network analysis.")
self.analysis_engine.stop()
# terminate the analysis (It could be blocking)
# self.analysis_engine.terminate()
# Join process to wait for closure
self.analysis_engine.join(5)
self.analysis_engine = None
self.command_queue.close()
class NetworkCaptureEngine(AnalysisEngine):
def __init__(self, machine, output_queue):
"""
Initialize our network capture engine
"""
self.machine = machine
self.output_queue = output_queue
AnalysisEngine.__init__(self)
def start(self):
"""
Start capturing network traffic for the specified machine
(interface)
"""
from lophi.sensors.network import NetworkCapture
# Setup a queue to communicate with the process
self.command_queue = multiprocessing.Queue()
# Initialize our Volatility wrapper
self.analysis_engine = NetworkCapture(self.machine,
command_queue=self.command_queue,
output_queue=self.output_queue)
if self.analysis_engine is None:
logger.error("Analysis could not be started.")
return
# Spawn a new proccess
self.analysis_engine.start()
def stop(self):
"""
Stop any network analysis nicely
"""
logger.debug("Stopping network analysis.")
self.analysis_engine.stop()
# terminate the analysis (It could be blocking)
# self.analysis_engine.terminate()
# Join process to wait for closure
self.analysis_engine.join(5)
self.analysis_engine = None
self.command_queue.close()
def start(self):
"""
Start capturing network traffic for the specified machine
(interface)
"""
from lophi.sensors.network import NetworkCapture
# Setup a queue to communicate with the process
self.command_queue = multiprocessing.Queue()
# Initialize our Volatility wrapper
self.analysis_engine = NetworkCapture(self.machine,
command_queue=self.command_queue,
output_queue=self.output_queue)
if self.analysis_engine is None:
logger.error("Analysis could not be started.")
return
# Spawn a new proccess
self.analysis_engine.start()
