def testNormalize(self): data1 = '00000000000000E\x00\x01P\xf5\xa8@\x00\x00\x06\x00\x00E\x0c\x87\xa5\x18\x15&:\xcc\x8b*\xbd\xea%#qkv{?P\x18\x00\xb7\x0cC\x00\x00GET /announce?info_hash=hd%88%05%AC%A0%22%C6%C62Iy%19%8C%F77%D5%3D%ED7&peer_id=M3-4-2--ffb01e7ef976&port=6881&key=5d6cb5a9&uploaded=0&downloaded=0&left=111081290&compact=1&event=started HTTP/1.1\r\nHost: 24.21.38.58:10941\r\nUser-Agent: Python-urllib/2.5\r\nConnection: close\r\nAccept-Encoding: gzip\r\n\r\n' data2 = '00000000000000E\x00\x01P\xf5\xa8@\x00\x00\x06\x00\x00E\x0c\x87\xa5\x18\x15&:\xcc\x8b*\xbd\xea%#qkv{?P\x18\x00\xb7H\x84\x00\x00GET /announce?info_hash=hd%88%05%AC%A0%22%C6%C62Iy%19%8C%F77%D5%3D%ED7&peer_id=M3-4-2--ffb01e7ef976&port=6881&key=5d6cb5a9&uploaded=0&downloaded=0&left=111081290&compact=1&event=started HTTP/1.1\r\nHost: 24.21.38.58:10941\r\nUser-Agent: Python-urllib/2.5\r\nConnection: close\r\nAccept-Encoding: gzip\r\n\r\n' packet1 = Packet.Packet(12345, data1) packet2 = Packet.Packet(12345, data2) hash1, hash2 = packet1.get_hash(), packet2.get_hash() assert hash1 == hash2, "tcp checksum not ignored" data1 = '00000000000000E\x00\x00(\x04C\x00\x00\x00\x06\x00\x00\x18\x15&:E\x0c\x87\xa51$\x90\xf5\x00\x00\x00\x00\xd0mm\xecP\x14\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00' data2 = '00000000000000E\x00\x00(\x04C\x00\x00\x00\x06\x00\x00\x18\x15&:E\x0c\x87\xa51$\x90\xf5\x00\x00\x00\x00\xd0mm\xecP\x14\x00\x00\x00\x00\x00\x00' packet1 = Packet.Packet(12345, data1) packet2 = Packet.Packet(12345, data2) hash1, hash2 = packet1.get_hash(), packet2.get_hash() assert hash1 == hash2, "ethernet trailer not ignored"
def testHash(self): """ test hash algorithm """ packet = Packet.Packet(12345, self.tpkt) good_hash = '\xc9\xf7\x00\x24\x07\xf1\x1c\x95\xda\xf6\x3e\x74\x54\xe4\xe7\x62\x77\xad\x31\x52' hash = packet.get_hash() #print ''.join([ "\\x%x" % (ord(i)) for i in hash ]) assert hash == good_hash, 'bad sha-1 hash' assert packet.hash == good_hash, 'expecting hash to be cached'
def testFlowInfoUDP(self): packet = Packet.Packet(3614242, self.upkt) assert packet.proto == '\x11', 'bad proto' assert packet.source_ip == 'abcd', 'bad source ip' assert packet.source_port == 'ij', 'bad source port' assert packet.dest_ip == 'efgh', 'bad dest ip' assert packet.dest_port == 'kl', 'bad dest port' assert packet._flow_id == 'abcdijefghkl\x11', 'bad flow id' assert packet.flow_id() == packet._flow_id, 'accessor bad'
def testFlowInfoTCP(self): """ test extracting the flow info from ip/tcp/udp headers """ packet = Packet.Packet(23956356, self.tpkt) assert packet.proto == '\x06', 'bad proto' assert packet.source_ip == 'abcd', 'bad source ip' assert packet.source_port == 'ij', 'bad source port' assert packet.dest_ip == 'efgh', 'bad dest ip' assert packet.dest_port == 'kl', 'bad dest port' assert packet._flow_id == 'abcdijefghkl\x06', 'bad flow id' assert packet.flow_id() == packet._flow_id, 'accessor bad'
def testClean(self): # test removing a stale flow self.flow_manager.handle_packet(self.packet) self.flow_manager.handle_packet(self.packet2) assert len(self.flow_manager.flows) == 2, 'should have two flows' assert self.flow_manager.flows.has_key(self.packet.flow_id()) fm_flow = self.flow_manager.flows[self.packet.flow_id()] fm_flow.time_last_active = 0 assert self.flow_manager.flows.has_key(self.packet2.flow_id()) fm_flow = self.flow_manager.flows[self.packet2.flow_id()] fm_flow.time_last_active = Flow.Flow.timeout - 1 self.flow_manager.clean(1 + Flow.Flow.timeout) assert len(self.flow_manager.flows) == 1, 'should have one flow' assert not self.flow_manager.flows.has_key( self.packet.flow_id()), 'should have removed flow' assert self.flow_manager.flows.has_key( self.packet2.flow_id()), 'should still have other flow' # test removing stale packets from a flow packet3 = Packet.Packet(0, self.data) packet4 = Packet.Packet(Flow.Flow.timeout, self.data) for i in range(0, PacketBatch.batch_size): self.flow_manager.handle_packet(packet3) self.flow_manager.handle_packet(packet4) assert self.flow_manager.flows.has_key( packet3.flow_id()), 'should have flow' fm_flow = self.flow_manager.flows[packet3.flow_id()] assert fm_flow.queue._length == 2, 'should have two batches' self.flow_manager.clean(PacketQueue.time_to_keep_packets) assert self.flow_manager.flows.has_key( packet3.flow_id()), 'should have flow' assert fm_flow.queue._length == 2, 'should have two batches still' self.flow_manager.clean(1 + PacketQueue.time_to_keep_packets) assert self.flow_manager.flows.has_key( packet3.flow_id()), 'should have flow' assert fm_flow.queue._length == 1, 'should have one batch now' assert fm_flow.queue._queue[ 0].size == 1, 'should have one packet in batch' assert fm_flow.queue._queue[0].packets[ 0] == packet4, 'packet4 should remain'
def testInitNoHash(self): """ test initializing without passing in a hash """ packet = Packet.Packet(12345, self.tpkt) assert packet.timestamp == 12345, 'bad timestamp' assert packet.hash == None, 'hash should be None by default' assert packet.data[1] == '\x00', 'tos not zeroed' assert packet.data[8] == '\x00', 'tos not zeroed' assert packet.data[10] == '\x00', 'ip checksum not zeroed' assert packet.data[11] == '\x00', 'ip checksum not zeroed' assert packet.data == self.zeroed_data, 'data incorrect' assert packet.size == len(self.tpkt)-Packet.MAC_header_length, 'bad size' assert packet.proto == '\x06', 'bad proto' assert packet.source_ip == 'abcd', 'bad source ip' assert packet.source_port == 'ij', 'bad source port' assert packet.dest_ip == 'efgh', 'bad dest ip' assert packet.dest_port == 'kl', 'bad dest port' assert packet._flow_id == 'abcdijefghkl\x06', 'bad flow id' assert packet.flow_id() == packet._flow_id, 'accessor bad'
def testInitHash(self): """ test initializing with a hash """ good_hash = "01234567890123456789" packet = Packet.Packet(54321, self.tpkt, good_hash) assert packet.timestamp == 54321, 'bad timestamp' assert packet.hash == good_hash, 'hash should be None by default' assert packet.data[1] == '\x00', 'tos not zeroed' assert packet.data[8] == '\x00', 'tos not zeroed' assert packet.data[10] == '\x00', 'checksum not zeroed' assert packet.data[11] == '\x00', 'checksum not zeroed' assert packet.data == self.zeroed_data, 'data incorrect' hash = packet.get_hash() assert hash == good_hash, 'hash got modified' assert packet.size == len(self.tpkt)-Packet.MAC_header_length, 'bad size' assert packet.proto == '\x06', 'bad proto' assert packet.source_ip == 'abcd', 'bad source ip' assert packet.source_port == 'ij', 'bad source port' assert packet.dest_ip == 'efgh', 'bad dest ip' assert packet.dest_port == 'kl', 'bad dest port' assert packet._flow_id == 'abcdijefghkl\x06', 'bad flow id' assert packet.flow_id() == packet._flow_id, 'accessor bad'
self.pcap_datalink = 1 class FakeLink: def __init__(self): self.firewalled = "firewalled" in sys.argv[3:] self.public_ip = sys.argv[3] class FakeAlice: def __init__(self): self.config = FakeConfig() self.link = FakeLink() self.fm = FakeFM() class FakeFM(): def __init__(self): self.ip_ids = {} raw_packet = file(sys.argv[1], "r") data = raw_packet.read() raw_packet.close() p = Packet.Packet(0, data, FakeAlice()) print "IPID is", hexlify(p.ip_id) p.peer_firewalled = "peer_firewalled" in sys.argv[3:] hash = p.get_hash() print "hash: ", hexlify(hash)
def setUp(self): self.data = "0123456789012345678901234567890123456789" self.data2 = "abcdefghijklmnopqrstuvwxyz" self.packet = Packet.Packet(12345, self.data) self.packet2 = Packet.Packet(12346, self.data2) self.flow_manager = FlowManager.FlowManager('my-ip', False)
def setUp(self): self.packets = [] for i in range(0,PacketBatch.batch_size): data = ''.join([ `i` for j in range(1,41) ]) self.packets.append(Packet.Packet(i, data))