def main():
global GLOBAL_SCONF
global START
signal.signal(signal.SIGINT, handlerKeyboardInterupt)
sconf = SnifflesConfig(sys.argv[1:])
GLOBAL_SCONF = sconf
start = datetime.datetime.now()
START = start
print("")
print("!^!Sniffles v" + getVersion() +
" -- Traffic Generation for NIDS evaluation.")
print("Started at: ", start)
print(str(sconf))
mystats = start_generation(sconf)
print("Generated Streams: ", mystats[0])
print("Generated Packets: ", mystats[1])
tduration = mystats[2] - sconf.getFirstTimestamp()
if tduration < 0:
tduration = 0
print("Traffic Duration in seconds (rounded down): ", tduration)
end = datetime.datetime.now()
print("Generation finished at: ", end)
duration = end - start
print("Generation Time: ", duration)
sys.exit(0)
def test_traffic_stream_split(self):
myrpkt = RulePkt("to server", "/abcdefghij/", 0, 1, -1, False, False,
2)
mytsrule = TrafficStreamRule('tcp', '1.1.1', '2.2.2', '[100:200]',
'[10,20,30,40,50]', -1, 4, False)
mytsrule.addPktRule(myrpkt)
myConfig = SnifflesConfig()
myConfig.setFullMatch(True)
myts = rtgen.TrafficStream(mytsrule, myConfig)
mypkt = myts.getNextPacket()
self.assertEqual(mypkt.transport_hdr.get_flags(), rtgen.ACK)
self.assertEqual(mypkt.get_content().get_size(), 5)
self.assertEqual(mypkt.get_content().get_data(), b'abcde')
mypkt = myts.getNextPacket()
self.assertEqual(mypkt.transport_hdr.get_flags(), rtgen.ACK)
self.assertNotEqual(mypkt.get_content().get_data(), b'abcde')
self.assertEqual(mypkt.get_content().get_data(), b'fghij')
self.assertEqual(mypkt.get_content().get_size(), 5)
mypkt = myts.getNextPacket()
self.assertEqual(mypkt, None)
def main():
global GLOBAL_SCONF
global START
signal.signal(signal.SIGINT, handlerKeyboardInterupt)
sconf = SnifflesConfig(sys.argv[1:])
GLOBAL_SCONF = sconf
start = datetime.datetime.now()
START = start
print("")
print("!^!Sniffles v" + getVersion() +
" -- Traffic Generation for NIDS evaluation.")
print("Started at: ", start)
print(str(sconf))
mystats = start_generation(sconf)
print("Generated Streams: ", mystats[0])
print("Generated Packets: ", mystats[1])
tduration = mystats[2] - sconf.getFirstTimestamp()
if tduration < 0:
tduration = 0
print("Traffic Duration in seconds (rounded down): ", tduration)
end = datetime.datetime.now()
print("Generation finished at: ", end)
duration = end - start
print("Generation Time: ", duration)
sys.exit(0)
def test_tcp_stream(self):
myrpkt = RulePkt("to server", "/my tcp1/", 0, 3)
mytsrule = TrafficStreamRule('tcp', '1.2.3.4', '9.8.7.5', '9000',
'101', -1, 4, False, True, True)
mytsrule.addPktRule(myrpkt)
myConfig = SnifflesConfig()
myConfig.setPktLength(100)
myConfig.setIPV6Percent(0)
myConfig.setFullMatch(True)
myts = TrafficStream(mytsrule, myConfig)
mypkt = myts.getNextPacket()
myseq = mypkt.transport_hdr.get_seq_num()
self.assertEqual(mypkt.transport_hdr.get_flags(), SYN)
mypkt = myts.getNextPacket()
self.assertEqual(mypkt.transport_hdr.get_flags(), SYN + ACK)
for i in range(0, 3):
mypkt = myts.getNextPacket()
self.assertEqual(mypkt.transport_hdr.get_seq_num(),
myseq + (i * 100) + 1)
self.assertEqual(mypkt.get_src_ip(), '1.2.3.4')
self.assertEqual(mypkt.get_dst_ip(), '9.8.7.5')
mypkt = myts.getNextPacket()
self.assertEqual(mypkt.transport_hdr.get_flags(), FIN + ACK)
mypkt = myts.getNextPacket()
self.assertEqual(mypkt.transport_hdr.get_flags(), ACK)
mypkt = myts.getNextPacket()
self.assertEqual(mypkt.transport_hdr.get_flags(), FIN + ACK)
mypkt = myts.getNextPacket()
self.assertEqual(mypkt.transport_hdr.get_flags(), ACK)
def test_traffic_stream_ooo(self):
myrpkt = RulePkt("to server", "/abcdef/i", 0, 5, 100, True, True)
mytsrule = TrafficStreamRule('tcp', '1.1.1', '2.2.2', '[100:200]',
'[10,20,30,40,50]', -1, 4, False, True,
False, True)
mytsrule.addPktRule(myrpkt)
myConfig = SnifflesConfig()
myConfig.setPktLength(100)
myConfig.setTCPACK(True)
myConfig.setTCPHandshake(True)
myts = rtgen.TrafficStream(mytsrule, myConfig)
mypkt = myts.getNextPacket()
myseq = mypkt.transport_hdr.get_seq_num()
self.assertEqual(mypkt.transport_hdr.get_flags(), rtgen.SYN)
mypkt = myts.getNextPacket()
self.assertEqual(mypkt.transport_hdr.get_flags(),
(rtgen.SYN + rtgen.ACK))
while myts.hasPackets():
mypkt = myts.getNextPacket()
if mypkt.get_content() is None or \
mypkt.get_content().get_size() == 0:
self.assertIn(mypkt.transport_hdr.get_ack_num(), [
myseq + 1, myseq + 101, myseq + 201, myseq + 301,
myseq + 401, myseq + 501
])
else:
self.assertEqual(mypkt.get_content().get_size(), 100)
def test_udp_stream_frags_and_ooo(self):
myrpkt = RulePkt("to server", "/my udp3/", 3, 5, 250)
mytsrule = TrafficStreamRule('udp', '1.2.3.6', '9.8.7.6', '9005',
'105', -1, 4, False, False, False, True,
75)
mytsrule.addPktRule(myrpkt)
myConfig = SnifflesConfig()
myConfig.setPktLength(250)
myConfig.setIPV6Percent(0)
myConfig.setFullMatch(True)
myts = TrafficStream(mytsrule, myConfig)
mycount = 0
myfragid = 0
mylastoff = -1
ooo = False
while myts.hasPackets():
mypkt = myts.getNextPacket()
if mypkt.network_hdr.get_frag_id() != myfragid:
myfragid = mypkt.network_hdr.get_frag_id()
if mylastoff > -1:
if abs((mypkt.network_hdr.get_frag_offset() & 0xFF) -
mylastoff) > 11:
ooo = True
mylastoff = (mypkt.network_hdr.get_frag_offset() & 0xFF)
self.assertIn(mypkt.get_size(), [116, 122])
self.assertEqual(mypkt.get_src_ip(), '1.2.3.6')
self.assertEqual(mypkt.get_dst_ip(), '9.8.7.6')
self.assertIn(mypkt.network_hdr.get_frag_offset(),
[8192, 8203, 22])
mycount += 1
self.assertEqual(mycount, 15)
self.assertEqual(ooo, True)
def test_ttl_expiry_scenario5(self):
"""
5)ttl_expiry = 9 and fragment is 3
create three good packet with random ttl value
malicious packet with ttl value is 9
the totall is 5 packet
"""
myrpkt = RulePkt("to server", "/abcdefghik/", 3, 1, ttl_expiry=9)
mytsrule = TrafficStreamRule('tcp', '1.2.3.4', '9.8.7.5', '9000',
'101', -1, 4, False, False, False)
mytsrule.addPktRule(myrpkt)
myConfig = SnifflesConfig()
myConfig.setPktLength(140)
myConfig.setIPV6Percent(0)
myConfig.setFullMatch(True)
myts = TrafficStream(mytsrule, myConfig)
mycount = 0
while myts.hasPackets():
mypkt = myts.getNextPacket()
if mycount % 2 != 0:
self.assertEqual(mypkt.get_ttl(), 9)
mycount += 1
self.assertEqual(mycount, 5)
def test_ttl_expiry_scenario3(self):
"""
ttl = 110 and ttl_expiry = 6 and fragment is 2
create two good packet with ttl value is 110
and malicious packet with ttl value is 6
the totall is 3 packet
"""
myrpkt = RulePkt("to server", "/my tcp2/", 2, 1, ttl=110, ttl_expiry=6)
mytsrule = TrafficStreamRule('tcp', '1.2.3.4', '9.8.7.5', '9000',
'101', -1, 4, False, False, False)
mytsrule.addPktRule(myrpkt)
myConfig = SnifflesConfig()
myConfig.setPktLength(140)
myConfig.setIPV6Percent(0)
myConfig.setFullMatch(True)
myts = TrafficStream(mytsrule, myConfig)
mycount = 0
while myts.hasPackets():
mypkt = myts.getNextPacket()
if mycount % 2 == 0:
self.assertEqual(mypkt.get_ttl(), 110)
else:
self.assertEqual(mypkt.get_ttl(), 6)
mycount += 1
self.assertEqual(mycount, 3)
def test_tcp_stream_frag(self):
myrpkt = RulePkt("to server", "/my tcp2/", 4, 3)
mytsrule = TrafficStreamRule('tcp', '1.2.3.4', '9.8.7.5', '9000',
'101', -1, 4, False, True, True)
mytsrule.addPktRule(myrpkt)
myConfig = SnifflesConfig()
myConfig.setPktLength(140)
myConfig.setIPV6Percent(0)
myts = TrafficStream(mytsrule, myConfig)
mypkt = myts.getNextPacket()
self.assertEqual(mypkt.transport_hdr.get_flags(), SYN)
mypkt = myts.getNextPacket()
self.assertEqual(mypkt.transport_hdr.get_flags(), SYN + ACK)
for _ in range(0, 12):
mypkt = myts.getNextPacket()
self.assertNotEqual(mypkt.network_hdr.get_frag_id(), 0)
self.assertIn(mypkt.network_hdr.get_frag_offset(),
[8192, 8197, 8202, 8207, 15])
mypkt = myts.getNextPacket()
self.assertEqual(mypkt.transport_hdr.get_flags(), FIN + ACK)
mypkt = myts.getNextPacket()
self.assertEqual(mypkt.transport_hdr.get_flags(), ACK)
mypkt = myts.getNextPacket()
self.assertEqual(mypkt.transport_hdr.get_flags(), FIN + ACK)
mypkt = myts.getNextPacket()
self.assertEqual(mypkt.transport_hdr.get_flags(), ACK)
def test_snort_rule_w_pkt_p_stream_set(self):
myparser = SnortRuleParser()
myparser.parseRule(r'alert tcp $EXTERNAL_NET any -> '
r'$HOME_NET $rtgen.HTTP_PORTS (msg:"test1-1";'
r' flow:to_server,established; content:'
r'"work.Method.denyExecution"; nocase; '
r'http_uri; content:"u0023"; nocase; http_uri;'
r' sid:1;')
sconf = SnifflesConfig()
sconf.setPktsPerStream(7)
self.assertEqual(7, sconf.getPktsPerStream())
myrule = myparser.getRules()[0]
myts = myrule.getTS()
self.assertEqual(1, len(myts))
self.assertTrue(myts[0].testTypeRule('Standard'))
self.assertFalse(myts[0].testTypeRule('Background'))
self.assertFalse(myts[0].testTypeRule('ScanAttack'))
mycon = rtgen.Conversation(myrule, sconf)
self.assertEqual(1, mycon.getNumberOfStreams())
count = 0
while mycon.getNextPacket():
count += 1
self.assertEqual(7, count)
def test_tcp_stream_frag_ooo(self):
myrpkt = RulePkt("to server", "/my tcp2/", 4, 3, 140, False, True)
mytsrule = TrafficStreamRule('tcp', '1.2.3.4', '9.8.7.5', '9000',
'101', -1, 4, False, True, True)
mytsrule.addPktRule(myrpkt)
myConfig = SnifflesConfig()
myConfig.setPktLength(140)
myConfig.setIPV6Percent(0)
myConfig.setFullMatch(True)
myts = TrafficStream(mytsrule, myConfig)
mypkt = myts.getNextPacket()
self.assertEqual(mypkt.transport_hdr.get_flags(), SYN)
mypkt = myts.getNextPacket()
self.assertEqual(mypkt.transport_hdr.get_flags(), SYN + ACK)
myfragid = 0
mylastoff = -1
ooo = False
for _ in range(0, 12):
mypkt = myts.getNextPacket()
self.assertNotEqual(mypkt.network_hdr.get_frag_id(), 0)
self.assertIn(mypkt.network_hdr.get_frag_offset(),
[8192, 8197, 8202, 8207, 15])
if mypkt.network_hdr.get_frag_id() != myfragid:
myfragid = mypkt.network_hdr.get_frag_id()
if mylastoff > -1:
if abs((mypkt.network_hdr.get_frag_offset() & 0xFF) -
mylastoff) > 5:
ooo = True
else:
mylastoff = (mypkt.network_hdr.get_frag_offset() & 0xFF)
self.assertEqual(ooo, True)
mypkt = myts.getNextPacket()
self.assertEqual(mypkt.transport_hdr.get_flags(), FIN + ACK)
mypkt = myts.getNextPacket()
self.assertEqual(mypkt.transport_hdr.get_flags(), ACK)
mypkt = myts.getNextPacket()
self.assertEqual(mypkt.transport_hdr.get_flags(), FIN + ACK)
mypkt = myts.getNextPacket()
self.assertEqual(mypkt.transport_hdr.get_flags(), ACK)
def test_split(self):
myrpkt = RulePkt("to server", "/my split message/", 0, 1, -1, False,
False, 2)
mytsrule = TrafficStreamRule('tcp', '1.2.3.6', '9.8.7.6', '9005',
'105')
mytsrule.addPktRule(myrpkt)
myConfig = SnifflesConfig()
myConfig.setPktLength(-1)
myConfig.setIPV6Percent(0)
myConfig.setFullMatch(True)
myts = TrafficStream(mytsrule, myConfig)
mycount = 0
while myts.hasPackets():
mypkt = myts.getNextPacket()
self.assertEqual(mypkt.get_size(), 62)
mycount += 1
self.assertEqual(mycount, 2)
def test_udp_stream(self):
myrpkt = RulePkt("to server", "/my udp1/", 0, 3)
mytsrule = TrafficStreamRule('udp', '1.2.3.6', '9.8.7.6', '9005',
'105')
mytsrule.addPktRule(myrpkt)
myConfig = SnifflesConfig()
myConfig.setPktLength(25)
myConfig.setIPV6Percent(0)
myConfig.setFullMatch(True)
myts = TrafficStream(mytsrule, myConfig)
mycount = 0
while myts.hasPackets():
mypkt = myts.getNextPacket()
self.assertEqual(mypkt.get_size(), 67)
self.assertEqual(mypkt.get_src_ip(), '1.2.3.6')
self.assertEqual(mypkt.get_dst_ip(), '9.8.7.6')
mycount += 1
self.assertEqual(mycount, 3)
def test_traffic_stream_split_too_large(self):
myrpkt = RulePkt("to server", "/12345/", 0, 1, -1, False, False, 200)
mytsrule = TrafficStreamRule('tcp', '1.1.1', '2.2.2', '[100:200]',
'[10,20,30,40,50]', -1, 4, False)
mytsrule.addPktRule(myrpkt)
myConfig = SnifflesConfig()
myts = rtgen.TrafficStream(mytsrule, myConfig)
for i in range(0, 5):
mypkt = myts.getNextPacket()
self.assertEqual(mypkt.transport_hdr.get_flags(), rtgen.ACK)
self.assertEqual(mypkt.get_content().get_size(), 1)
if i < 4:
self.assertIn(mypkt.get_content().get_data(),
[b'1', b'2', b'3', b'4', b'5'])
mypkt = myts.getNextPacket()
self.assertEqual(mypkt, None)
def test_udp_stream_frags(self):
myrpkt = RulePkt("to server", "/my udp2/", 3, 2)
mytsrule = TrafficStreamRule('udp', '1.2.3.6', '9.8.7.6', '9005',
'105')
mytsrule.addPktRule(myrpkt)
myConfig = SnifflesConfig()
myConfig.setPktLength(250)
myConfig.setIPV6Percent(0)
myConfig.setFullMatch(True)
myts = TrafficStream(mytsrule, myConfig)
mycount = 0
while myts.hasPackets():
mypkt = myts.getNextPacket()
self.assertIn(mypkt.get_size(), [116, 122])
self.assertEqual(mypkt.get_src_ip(), '1.2.3.6')
self.assertEqual(mypkt.get_dst_ip(), '9.8.7.6')
self.assertIn(mypkt.network_hdr.get_frag_offset(),
[8192, 8203, 22])
mycount += 1
self.assertEqual(mycount, 6)
def test_ttl_expiry_scenario1(self):
"""
1)tll = 110, no fragment
one packet should have ttl is 110
"""
myrpkt = RulePkt("to server", "/my tcp2/", 0, 1, ttl=110)
mytsrule = TrafficStreamRule('tcp', '1.2.3.4', '9.8.7.5', '9000',
'101', -1, 4, False, False, False)
mytsrule.addPktRule(myrpkt)
myConfig = SnifflesConfig()
myConfig.setPktLength(140)
myConfig.setIPV6Percent(0)
myConfig.setFullMatch(True)
myts = TrafficStream(mytsrule, myConfig)
mycount = 0
while myts.hasPackets():
mypkt = myts.getNextPacket()
self.assertEqual(mypkt.get_ttl(), 110)
mycount += 1
self.assertEqual(mycount, 1)
def test_ttl_expiry_scenario4(self):
"""
4)ttl = 147 and ttl_expiry = 0 and fragment is 2
create two packet with ttl value is 147
since ttl_expiry is 0
"""
myrpkt = RulePkt("to server", "/my tcp2/", 2, 1, ttl=147, ttl_expiry=0)
mytsrule = TrafficStreamRule('tcp', '1.2.3.4', '9.8.7.5', '9000',
'101', -1, 4, False, False, False)
mytsrule.addPktRule(myrpkt)
myConfig = SnifflesConfig()
myConfig.setPktLength(140)
myConfig.setIPV6Percent(0)
myConfig.setFullMatch(True)
myts = TrafficStream(mytsrule, myConfig)
mycount = 0
while myts.hasPackets():
mypkt = myts.getNextPacket()
self.assertEqual(mypkt.get_ttl(), 147)
mycount += 1
self.assertEqual(mycount, 2)
def test_traffic_stream_frags(self):
myrpkt = RulePkt("to client", "/abcdef/i", 3, 2, 500, True, True)
mytsrule = TrafficStreamRule('tcp', '1.1.1', '2.2.2', '[100:200]',
'[10,20,30,40,50]', -1, 4, False, True,
True)
mytsrule.addPktRule(myrpkt)
myConfig = SnifflesConfig()
myConfig.setPktLength(500)
myConfig.setIPV6Percent(0)
myConfig.setTCPACK(True)
myConfig.setTCPHandshake(True)
myConfig.setTCPTeardown(True)
myConfig.setFullMatch(True)
myts = rtgen.TrafficStream(mytsrule, myConfig)
mypkt = myts.getNextPacket()
myseq = mypkt.transport_hdr.get_seq_num()
self.assertEqual(mypkt.transport_hdr.get_flags(), rtgen.SYN)
mypkt = myts.getNextPacket()
self.assertEqual(mypkt.transport_hdr.get_flags(),
(rtgen.SYN + rtgen.ACK))
mypkt = myts.getNextPacket()
self.assertEqual(mypkt.transport_hdr.get_flags(), rtgen.ACK)
self.assertEqual(mypkt.transport_hdr.get_seq_num(), myseq + 1)
mypkt = myts.getNextPacket()
self.assertNotEqual(mypkt.network_hdr.get_frag_id(), 0)
self.assertIn(mypkt.network_hdr.get_frag_offset(), [8192, 8213, 42])
self.assertIn(mypkt.get_size(), [202, 218])
mypkt = myts.getNextPacket()
self.assertIn(mypkt.get_size(), [202, 218])
self.assertIn(mypkt.network_hdr.get_frag_offset(), [8192, 8213, 42])
mypkt = myts.getNextPacket()
self.assertIn(mypkt.network_hdr.get_frag_offset(), [8192, 8213, 42])
self.assertIn(mypkt.get_size(), [202, 218])
mypkt = myts.getNextPacket()
self.assertEqual(mypkt.get_size(), 54)
self.assertEqual(mypkt.transport_hdr.get_flags(), rtgen.ACK)
mypkt = myts.getNextPacket()
self.assertNotEqual(mypkt.network_hdr.get_frag_id(), 0)
self.assertIn(mypkt.network_hdr.get_frag_offset(), [8192, 8213, 42])
self.assertIn(mypkt.get_size(), [202, 218])
mypkt = myts.getNextPacket()
self.assertIn(mypkt.get_size(), [202, 218])
self.assertIn(mypkt.network_hdr.get_frag_offset(), [8192, 8213, 42])
mypkt = myts.getNextPacket()
self.assertIn(mypkt.network_hdr.get_frag_offset(), [8192, 8213, 42])
self.assertIn(mypkt.get_size(), [202, 218])
mypkt = myts.getNextPacket()
self.assertEqual(mypkt.get_size(), 54)
self.assertEqual(mypkt.transport_hdr.get_flags(), rtgen.ACK)
def test_traffic_stream_rand(self):
myts = rtgen.TrafficStream()
self.assertEqual(myts.hasPackets(), True)
myp = myts.getNextPacket()
self.assertNotEqual(myp.get_size(), 0)
myConfig = SnifflesConfig()
myConfig.setPktLength(100)
myConfig.setPktsPerStream(5)
myts = rtgen.TrafficStream(None, myConfig)
mycount = 0
while myts.hasPackets():
mypkt = myts.getNextPacket()
if mypkt.get_proto() == 'tcp':
self.assertEqual(mypkt.get_size(), 154)
elif mypkt.get_proto() == 'udp':
self.assertEqual(mypkt.get_size(), 142)
elif mypkt.get_proto() == 'icmp':
self.assertEqual(mypkt.get_size(), 142)
mycount += 1
self.assertEqual(mycount, 5)
myConfig = SnifflesConfig()
myConfig.setPktLength(200)
myConfig.setPktsPerStream(1)
myConfig.setTCPACK(True)
myConfig.setTCPHandshake(True)
myConfig.setTCPTeardown(True)
myts = rtgen.TrafficStream(None, myConfig)
mypkt = myts.getNextPacket()
while mypkt.get_proto() != 'tcp':
myts = rtgen.TrafficStream(None, myConfig)
mypkt = myts.getNextPacket()
myseq = mypkt.transport_hdr.get_seq_num()
self.assertEqual(mypkt.transport_hdr.get_flags(), rtgen.SYN)
mypkt = myts.getNextPacket()
self.assertEqual(mypkt.transport_hdr.get_flags(),
(rtgen.SYN + rtgen.ACK))
myack = mypkt.transport_hdr.get_seq_num()
mypkt = myts.getNextPacket()
self.assertEqual(mypkt.transport_hdr.get_flags(), rtgen.ACK)
self.assertEqual(mypkt.transport_hdr.get_seq_num(), myseq + 1)
self.assertEqual(mypkt.transport_hdr.get_ack_num(), myack + 1)
self.assertEqual(mypkt.get_size(), 254)
mypkt = myts.getNextPacket()
self.assertEqual(mypkt.transport_hdr.get_ack_num(), (myseq + 201))
self.assertEqual(mypkt.get_size(), 54)
self.assertEqual(mypkt.get_content().get_size(), 0)
mypkt = myts.getNextPacket()
self.assertEqual(mypkt.transport_hdr.get_flags(),
rtgen.FIN + rtgen.ACK)
mypkt = myts.getNextPacket()
self.assertEqual(mypkt.transport_hdr.get_flags(), rtgen.ACK)
mypkt = myts.getNextPacket()
self.assertEqual(mypkt.transport_hdr.get_flags(),
rtgen.FIN + rtgen.ACK)
mypkt = myts.getNextPacket()
self.assertEqual(mypkt.transport_hdr.get_flags(), rtgen.ACK)
def test_udp_stream_frags_loss(self):
myrpkt = RulePkt("to server", RuleContent("pcre", "/my udp4/"), 3, 2,
250)
mytsrule = TrafficStreamRule('udp', '1.2.3.6', '9.8.7.6', '9005',
'105', -1, 4, False, False, False, False,
0, 99)
mytsrule.addPktRule(myrpkt)
myConfig = SnifflesConfig()
myConfig.setPktLength(250)
myConfig.setIPV6Percent(0)
myConfig.setFullMatch(True)
myts = TrafficStream(mytsrule, myConfig)
mycount = 0
while myts.hasPackets():
mypkt = myts.getNextPacket()
if mypkt is None:
mycount += 1
self.assertTrue(mycount > 0) # Should be at least one lost fragement.
myrpkt2 = RulePkt("to server", RuleContent("pcre", "/my udp4/"), 3, 2,
250)
mytsrule2 = TrafficStreamRule('udp', '1.2.3.6', '9.8.7.6', '9005',
'105', -1, 4, False, False, False, False,
0, 0)
mytsrule2.addPktRule(myrpkt2)
myConfig2 = SnifflesConfig()
myConfig2.setPktLength(250)
myConfig2.setIPV6Percent(0)
myConfig2.setFullMatch(True)
myts2 = TrafficStream(mytsrule2, myConfig2)
mycount = 0
while myts2.hasPackets():
mypkt = myts2.getNextPacket()
if mypkt is not None:
mycount += 1
self.assertEqual(mycount, 6) # should be no lost fragments.
