def _draw(self, png, layer):
try:
os.remove(png)
except OSError:
pass
packets = ScapySource.load(['test.pcap'])
g = GraphManager(packets, layer=layer)
g.draw(filename=png)
self.assertTrue(os.path.exists(png))
def _draw(self, png, layer):
try:
os.remove(png)
except OSError:
pass
packets = ScapySource.load(['test.pcap'])
g = GraphManager(packets, layer=layer)
g.draw(filename=png)
self.assertTrue(os.path.exists(png))
def test_graphviz(self):
packets = ScapySource.load(['test.pcap'])
g = GraphManager(packets, layer=3)
self.assertIsNotNone(g.get_graphviz_format())
def test_retrieve_geoip(self):
packets = ScapySource.load(['test.pcap'])
g = GraphManager(packets, layer=4)
node = g.graph.nodes()[0]
g._retrieve_node_info(node)
self.assertIn('country', g.data[node])
def test_get_frequent_ips_out(self):
packets = ScapySource.load(['test.pcap'])
g = GraphManager(packets, layer=3)
ips = g.get_out_degree(print_stdout=True)
self.assertIsNotNone(ips)
def test_build_graph_layer4(self):
packets = ScapySource.load(['test.pcap'])
g = GraphManager(packets, layer=4)
self.assertEqual(36, g.graph.number_of_edges())
help='print frequent source nodes to stdout')
args = parser.parse_args()
if args.pcaps:
packets = ScapySource.load(args.pcaps)
#if args.exclude:
# packet_ls = exclude_ips(packet_lists=packet_ls, ips=args.exclude)
if args.layer2:
layer = 2
elif args.layer3:
layer = 3
elif args.layer4:
layer = 4
else:
layer = 3
g = GraphManager(packets, layer=layer)
if args.out:
g.draw(filename=args.out)
if args.frequent_in:
g.get_in_degree()
if args.frequent_out:
g.get_out_degree()
if args.graphviz:
g.get_graphviz_format(args.graphviz)
parser.add_argument('-fo', '--frequent-out', action='store_true', help='print frequent source nodes to stdout')
args = parser.parse_args()
if args.pcaps:
packets = ScapySource.load(args.pcaps)
#if args.exclude:
# packet_ls = exclude_ips(packet_lists=packet_ls, ips=args.exclude)
if args.layer2:
layer = 2
elif args.layer3:
layer = 3
elif args.layer4:
layer = 4
else:
layer = 3
g = GraphManager(packets, layer=layer)
if args.out:
g.draw(filename=args.out)
if args.frequent_in:
g.get_in_degree()
if args.frequent_out:
g.get_out_degree()
if args.graphviz:
g.get_graphviz_format(args.graphviz)
packets = pin
if args.whitelist: # packets are returned from ScapySource.load as a list so cannot use pcap.filter(lambda...)
wl = [llook[x] for x in args.whitelist]
packets = [x for x in pin if sum([x.haslayer(y) for y in wl]) > 0 and x != None]
elif args.blacklist:
bl = [llook[x] for x in args.blacklist]
packets = [x for x in pin if sum([x.haslayer(y) for y in bl]) == 0 and x != None]
if args.DEBUG and (args.blacklist or args.whitelist):
print('### Read', len(pin), 'packets. After applying supplied filters,',len(packets),'are left. wl=',wl,'bl=',bl)
layer = 3
if args.layer2:
layer = 2
elif args.layer4:
layer = 4
args.nmax = int(args.nmax)
g = GraphManager(packets, layer=layer, args=args)
nn = len(g.graph.nodes())
if nn > args.nmax:
print('Asked to draw %d nodes with --nmax set to %d. Will also do useful protocols separately' % (nn,args.nmax))
for kind in llook.keys():
subset = [x for x in packets if x.haslayer(kind) and x != None]
if len(subset) > 2:
sg = GraphManager(subset,layer=layer, args=args)
nn = len(sg.graph.nodes())
if nn > 2:
ofn = '%s_%d_%s' % (kind,nn,args.out)
sg.draw(filename = ofn)
print('drew %s %d nodes' % (ofn,nn))
if args.out:
g.draw(filename=args.out)
def test_retrieve_geoip4(self):
packets = ScapySource.load(['test.pcap'])
g = GraphManager(packets, layer=4, args=args)
node = list(g.data.keys())[0]
g._retrieve_node_info(node)
self.assertIn('country', g.data[node])
def test_graphviz(self):
packets = ScapySource.load(['test.pcap'])
g = GraphManager(packets, layer=3)
self.assertIsNotNone(g.get_graphviz_format())
def test_retrieve_geoip(self):
packets = ScapySource.load(['test.pcap'])
g = GraphManager(packets, layer=4)
node = g.graph.nodes()[0]
g._retrieve_node_info(node)
self.assertIn('country', g.data[node])
def test_get_frequent_ips_out(self):
packets = ScapySource.load(['test.pcap'])
g = GraphManager(packets, layer=3)
ips = g.get_out_degree(print_stdout=True)
self.assertIsNotNone(ips)
