def __init__(self, fname, fid=None, signer=None,
create_if_notexisting=False):
self.fname = fname
self.fid = fid
self.signer = signer
self.cine = create_if_notexisting
self.seq = 0
self.pcap = pcap.PCAP(fname)
self.hprev = None
try:
self.pcap.open('r')
# find highest seq number:
w = self.pcap.read_backwards(True)
e = event.EVENT()
e.from_wire(w)
if fid != None and e.fid != fid:
print("feed ID mismatch:", e.fid, "instead of", fid)
self.pcap.close()
self.pcap = None
return
self.fid, self.seq = e.fid, e.seq
self.hprev = event.get_hash(e.metabits)
self.pcap.close()
except Exception as e:
if not self.cine:
self.pcap = None
print(f"error opening file {fname}")
else:
self.pcap.open('w')
self.pcap.close()
def __init__(self, fn, digestmod='sha256'):
self.pcap = pcap.PCAP(fn)
self.pcap.open('r')
self.digestmod = digestmod
def __init__(self, fn):
self.pcap = pcap.PCAP(fn)
self.pcap.open('r')
# Checking root privileges
if not utils.is_root():
print("You need root privileges to run this application!")
exit(-1)
# Checking debug flag status (-d or --debug)
debug = utils.is_debug()
# Indispensable objects instantiation
log = mylog.Log(log_file)
shield = my_analysis.Shield(regex_list, service_type, log)
handling = packet_handling.PacketHandling(log, shield, debug, dropping_policy)
# Optional objects instantiation: comment them to disable
statistics = stats.Stats(log, handling)
pcap_exporter = pcap.PCAP(log, handling, pcap_file)
log.uplog("Starting ips-cc")
# Retrieving iptables list and determining the policy of each rule
iptables_list = utils.list_iptables()
shield.set_rules(iptables_list, queue_number)
if debug:
log.uplog("Debug mode detected, printing iptables -L -n")
log.uplog(iptables_list)
# NetfilterQueue object instantiation and binding
nfqueue = NetfilterQueue()
nfqueue.bind(queue_number, handling.handle_packet)
