def testNormalize(self):
data1 = '00000000000000E\x00\x01P\xf5\xa8@\x00\x00\x06\x00\x00E\x0c\x87\xa5\x18\x15&:\xcc\x8b*\xbd\xea%#qkv{?P\x18\x00\xb7\x0cC\x00\x00GET /announce?info_hash=hd%88%05%AC%A0%22%C6%C62Iy%19%8C%F77%D5%3D%ED7&peer_id=M3-4-2--ffb01e7ef976&port=6881&key=5d6cb5a9&uploaded=0&downloaded=0&left=111081290&compact=1&event=started HTTP/1.1\r\nHost: 24.21.38.58:10941\r\nUser-Agent: Python-urllib/2.5\r\nConnection: close\r\nAccept-Encoding: gzip\r\n\r\n'
data2 = '00000000000000E\x00\x01P\xf5\xa8@\x00\x00\x06\x00\x00E\x0c\x87\xa5\x18\x15&:\xcc\x8b*\xbd\xea%#qkv{?P\x18\x00\xb7H\x84\x00\x00GET /announce?info_hash=hd%88%05%AC%A0%22%C6%C62Iy%19%8C%F77%D5%3D%ED7&peer_id=M3-4-2--ffb01e7ef976&port=6881&key=5d6cb5a9&uploaded=0&downloaded=0&left=111081290&compact=1&event=started HTTP/1.1\r\nHost: 24.21.38.58:10941\r\nUser-Agent: Python-urllib/2.5\r\nConnection: close\r\nAccept-Encoding: gzip\r\n\r\n'
packet1 = Packet.Packet(12345, data1)
packet2 = Packet.Packet(12345, data2)
hash1, hash2 = packet1.get_hash(), packet2.get_hash()
assert hash1 == hash2, "tcp checksum not ignored"
data1 = '00000000000000E\x00\x00(\x04C\x00\x00\x00\x06\x00\x00\x18\x15&:E\x0c\x87\xa51$\x90\xf5\x00\x00\x00\x00\xd0mm\xecP\x14\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'
data2 = '00000000000000E\x00\x00(\x04C\x00\x00\x00\x06\x00\x00\x18\x15&:E\x0c\x87\xa51$\x90\xf5\x00\x00\x00\x00\xd0mm\xecP\x14\x00\x00\x00\x00\x00\x00'
packet1 = Packet.Packet(12345, data1)
packet2 = Packet.Packet(12345, data2)
hash1, hash2 = packet1.get_hash(), packet2.get_hash()
assert hash1 == hash2, "ethernet trailer not ignored"
def testHash(self):
""" test hash algorithm """
packet = Packet.Packet(12345, self.tpkt)
good_hash = '\xc9\xf7\x00\x24\x07\xf1\x1c\x95\xda\xf6\x3e\x74\x54\xe4\xe7\x62\x77\xad\x31\x52'
hash = packet.get_hash()
#print ''.join([ "\\x%x" % (ord(i)) for i in hash ])
assert hash == good_hash, 'bad sha-1 hash'
assert packet.hash == good_hash, 'expecting hash to be cached'
def testFlowInfoUDP(self):
packet = Packet.Packet(3614242, self.upkt)
assert packet.proto == '\x11', 'bad proto'
assert packet.source_ip == 'abcd', 'bad source ip'
assert packet.source_port == 'ij', 'bad source port'
assert packet.dest_ip == 'efgh', 'bad dest ip'
assert packet.dest_port == 'kl', 'bad dest port'
assert packet._flow_id == 'abcdijefghkl\x11', 'bad flow id'
assert packet.flow_id() == packet._flow_id, 'accessor bad'
def testFlowInfoTCP(self):
""" test extracting the flow info from ip/tcp/udp headers """
packet = Packet.Packet(23956356, self.tpkt)
assert packet.proto == '\x06', 'bad proto'
assert packet.source_ip == 'abcd', 'bad source ip'
assert packet.source_port == 'ij', 'bad source port'
assert packet.dest_ip == 'efgh', 'bad dest ip'
assert packet.dest_port == 'kl', 'bad dest port'
assert packet._flow_id == 'abcdijefghkl\x06', 'bad flow id'
assert packet.flow_id() == packet._flow_id, 'accessor bad'
def testClean(self):
# test removing a stale flow
self.flow_manager.handle_packet(self.packet)
self.flow_manager.handle_packet(self.packet2)
assert len(self.flow_manager.flows) == 2, 'should have two flows'
assert self.flow_manager.flows.has_key(self.packet.flow_id())
fm_flow = self.flow_manager.flows[self.packet.flow_id()]
fm_flow.time_last_active = 0
assert self.flow_manager.flows.has_key(self.packet2.flow_id())
fm_flow = self.flow_manager.flows[self.packet2.flow_id()]
fm_flow.time_last_active = Flow.Flow.timeout - 1
self.flow_manager.clean(1 + Flow.Flow.timeout)
assert len(self.flow_manager.flows) == 1, 'should have one flow'
assert not self.flow_manager.flows.has_key(
self.packet.flow_id()), 'should have removed flow'
assert self.flow_manager.flows.has_key(
self.packet2.flow_id()), 'should still have other flow'
# test removing stale packets from a flow
packet3 = Packet.Packet(0, self.data)
packet4 = Packet.Packet(Flow.Flow.timeout, self.data)
for i in range(0, PacketBatch.batch_size):
self.flow_manager.handle_packet(packet3)
self.flow_manager.handle_packet(packet4)
assert self.flow_manager.flows.has_key(
packet3.flow_id()), 'should have flow'
fm_flow = self.flow_manager.flows[packet3.flow_id()]
assert fm_flow.queue._length == 2, 'should have two batches'
self.flow_manager.clean(PacketQueue.time_to_keep_packets)
assert self.flow_manager.flows.has_key(
packet3.flow_id()), 'should have flow'
assert fm_flow.queue._length == 2, 'should have two batches still'
self.flow_manager.clean(1 + PacketQueue.time_to_keep_packets)
assert self.flow_manager.flows.has_key(
packet3.flow_id()), 'should have flow'
assert fm_flow.queue._length == 1, 'should have one batch now'
assert fm_flow.queue._queue[
0].size == 1, 'should have one packet in batch'
assert fm_flow.queue._queue[0].packets[
0] == packet4, 'packet4 should remain'
def testInitNoHash(self):
""" test initializing without passing in a hash """
packet = Packet.Packet(12345, self.tpkt)
assert packet.timestamp == 12345, 'bad timestamp'
assert packet.hash == None, 'hash should be None by default'
assert packet.data[1] == '\x00', 'tos not zeroed'
assert packet.data[8] == '\x00', 'tos not zeroed'
assert packet.data[10] == '\x00', 'ip checksum not zeroed'
assert packet.data[11] == '\x00', 'ip checksum not zeroed'
assert packet.data == self.zeroed_data, 'data incorrect'
assert packet.size == len(self.tpkt)-Packet.MAC_header_length, 'bad size'
assert packet.proto == '\x06', 'bad proto'
assert packet.source_ip == 'abcd', 'bad source ip'
assert packet.source_port == 'ij', 'bad source port'
assert packet.dest_ip == 'efgh', 'bad dest ip'
assert packet.dest_port == 'kl', 'bad dest port'
assert packet._flow_id == 'abcdijefghkl\x06', 'bad flow id'
assert packet.flow_id() == packet._flow_id, 'accessor bad'
def testInitHash(self):
""" test initializing with a hash """
good_hash = "01234567890123456789"
packet = Packet.Packet(54321, self.tpkt, good_hash)
assert packet.timestamp == 54321, 'bad timestamp'
assert packet.hash == good_hash, 'hash should be None by default'
assert packet.data[1] == '\x00', 'tos not zeroed'
assert packet.data[8] == '\x00', 'tos not zeroed'
assert packet.data[10] == '\x00', 'checksum not zeroed'
assert packet.data[11] == '\x00', 'checksum not zeroed'
assert packet.data == self.zeroed_data, 'data incorrect'
hash = packet.get_hash()
assert hash == good_hash, 'hash got modified'
assert packet.size == len(self.tpkt)-Packet.MAC_header_length, 'bad size'
assert packet.proto == '\x06', 'bad proto'
assert packet.source_ip == 'abcd', 'bad source ip'
assert packet.source_port == 'ij', 'bad source port'
assert packet.dest_ip == 'efgh', 'bad dest ip'
assert packet.dest_port == 'kl', 'bad dest port'
assert packet._flow_id == 'abcdijefghkl\x06', 'bad flow id'
assert packet.flow_id() == packet._flow_id, 'accessor bad'
self.pcap_datalink = 1
class FakeLink:
def __init__(self):
self.firewalled = "firewalled" in sys.argv[3:]
self.public_ip = sys.argv[3]
class FakeAlice:
def __init__(self):
self.config = FakeConfig()
self.link = FakeLink()
self.fm = FakeFM()
class FakeFM():
def __init__(self):
self.ip_ids = {}
raw_packet = file(sys.argv[1], "r")
data = raw_packet.read()
raw_packet.close()
p = Packet.Packet(0, data, FakeAlice())
print "IPID is", hexlify(p.ip_id)
p.peer_firewalled = "peer_firewalled" in sys.argv[3:]
hash = p.get_hash()
print "hash: ", hexlify(hash)
def setUp(self):
self.data = "0123456789012345678901234567890123456789"
self.data2 = "abcdefghijklmnopqrstuvwxyz"
self.packet = Packet.Packet(12345, self.data)
self.packet2 = Packet.Packet(12346, self.data2)
self.flow_manager = FlowManager.FlowManager('my-ip', False)
def setUp(self):
self.packets = []
for i in range(0,PacketBatch.batch_size):
data = ''.join([ `i` for j in range(1,41) ])
self.packets.append(Packet.Packet(i, data))