def start(self): """ Start capturing network traffic for the specified machine (interface) """ from lophi.sensors.network import NetworkCapture # Setup a queue to communicate with the process self.command_queue = multiprocessing.Queue() # Initialize our Volatility wrapper self.analysis_engine = NetworkCapture(self.machine, command_queue=self.command_queue, output_queue=self.output_queue) if self.analysis_engine is None: logger.error("Analysis could not be started.") return # Spawn a new proccess self.analysis_engine.start()
class NetworkCaptureEngine(AnalysisEngine): def __init__(self,machine, output_queue): """ Initialize our network capture engine """ self.machine = machine self.output_queue = output_queue AnalysisEngine.__init__(self) def start(self): """ Start capturing network traffic for the specified machine (interface) """ from lophi.sensors.network import NetworkCapture # Setup a queue to communicate with the process self.command_queue = multiprocessing.Queue() # Initialize our Volatility wrapper self.analysis_engine = NetworkCapture(self.machine, command_queue=self.command_queue, output_queue=self.output_queue) if self.analysis_engine is None: logger.error("Analysis could not be started.") return # Spawn a new proccess self.analysis_engine.start() def stop(self): """ Stop any network analysis nicely """ logger.debug("Stopping network analysis.") self.analysis_engine.stop() # terminate the analysis (It could be blocking) # self.analysis_engine.terminate() # Join process to wait for closure self.analysis_engine.join(5) self.analysis_engine = None self.command_queue.close()
class NetworkCaptureEngine(AnalysisEngine): def __init__(self, machine, output_queue): """ Initialize our network capture engine """ self.machine = machine self.output_queue = output_queue AnalysisEngine.__init__(self) def start(self): """ Start capturing network traffic for the specified machine (interface) """ from lophi.sensors.network import NetworkCapture # Setup a queue to communicate with the process self.command_queue = multiprocessing.Queue() # Initialize our Volatility wrapper self.analysis_engine = NetworkCapture(self.machine, command_queue=self.command_queue, output_queue=self.output_queue) if self.analysis_engine is None: logger.error("Analysis could not be started.") return # Spawn a new proccess self.analysis_engine.start() def stop(self): """ Stop any network analysis nicely """ logger.debug("Stopping network analysis.") self.analysis_engine.stop() # terminate the analysis (It could be blocking) # self.analysis_engine.terminate() # Join process to wait for closure self.analysis_engine.join(5) self.analysis_engine = None self.command_queue.close()