def __init__(self, fname, fid=None, signer=None, create_if_notexisting=False): self.fname = fname self.fid = fid self.signer = signer self.cine = create_if_notexisting self.seq = 0 self.pcap = pcap.PCAP(fname) self.hprev = None try: self.pcap.open('r') # find highest seq number: w = self.pcap.read_backwards(True) e = event.EVENT() e.from_wire(w) if fid != None and e.fid != fid: print("feed ID mismatch:", e.fid, "instead of", fid) self.pcap.close() self.pcap = None return self.fid, self.seq = e.fid, e.seq self.hprev = event.get_hash(e.metabits) self.pcap.close() except Exception as e: if not self.cine: self.pcap = None print(f"error opening file {fname}") else: self.pcap.open('w') self.pcap.close()
def __init__(self, fn, digestmod='sha256'): self.pcap = pcap.PCAP(fn) self.pcap.open('r') self.digestmod = digestmod
def __init__(self, fn): self.pcap = pcap.PCAP(fn) self.pcap.open('r')
# Checking root privileges if not utils.is_root(): print("You need root privileges to run this application!") exit(-1) # Checking debug flag status (-d or --debug) debug = utils.is_debug() # Indispensable objects instantiation log = mylog.Log(log_file) shield = my_analysis.Shield(regex_list, service_type, log) handling = packet_handling.PacketHandling(log, shield, debug, dropping_policy) # Optional objects instantiation: comment them to disable statistics = stats.Stats(log, handling) pcap_exporter = pcap.PCAP(log, handling, pcap_file) log.uplog("Starting ips-cc") # Retrieving iptables list and determining the policy of each rule iptables_list = utils.list_iptables() shield.set_rules(iptables_list, queue_number) if debug: log.uplog("Debug mode detected, printing iptables -L -n") log.uplog(iptables_list) # NetfilterQueue object instantiation and binding nfqueue = NetfilterQueue() nfqueue.bind(queue_number, handling.handle_packet)