def process_file(args, pcap_filename, print_data):
# Read in the schema xml as a dictionary and construct the various schema objects
mdp_schema = SBESchema()
mdp_schema.parse(args.schema)
msg_factory = SBEMessageFactory(mdp_schema)
mdp_parser = SBEParser(msg_factory)
secdef = None
if args.secdef:
secdef = mdp.secdef.SecDef()
secdef.load(args.secdef)
skip_fields = set(args.skip_fields.split(','))
with gzip.open(pcap_filename,
'rb') if pcap_filename.endswith('.gz') else open(
pcap_filename, 'rb') as pcap:
pcap_reader = dpkt.pcap.Reader(pcap)
packet_number = 0
for ts, packet in pcap_reader:
packet_number += 1
ethernet = dpkt.ethernet.Ethernet(packet)
if ethernet.type == dpkt.ethernet.ETH_TYPE_IP:
ip = ethernet.data
if ip.p == dpkt.ip.IP_PROTO_UDP:
udp = ip.data
try:
parse_mdp3_packet(mdp_parser, ts, udp.data,
skip_fields, print_data, args.pretty,
secdef)
except Exception as e:
print('Error parsing packet #{} - {}'.format(
packet_number, e))
def get_secdef(secdef_file):
if secdef_file is None:
return None
print("Parsing Secdef...")
secdef = mdp.secdef.SecDef()
secdef.load(secdef_file)
print("Done")
return secdef
def main(argv=None):
args = process_command_line()
# Read in the schema xml as a dictionary and construct the various schema objects
mdp_schema = MDPSchema()
mdp_schema.parse(args.schema)
msg_factory = MDPMessageFactory(mdp_schema)
mdp_parser = SBEParser(msg_factory)
secdef = None
if args.secdef:
secdef = mdp.secdef.SecDef()
secdef.load(args.secdef)
skip_fields = set(args.skip_fields.split(','))
process_file(args.pcapfile, mdp_parser, secdef, args.pretty, args.print_data, skip_fields)
return 0 # success
