def testFilter_withFields_IP(self): func = filter_from_str('ip.src == 127.0.0.1') self.assertTrue(func(self.ether_ip_tcp)) self.assertTrue(func(self.ether_ip_udp)) self.assertFalse(func(self.ether_arp)) func = filter_from_str('ip.dst == 1.2.3.4') self.assertFalse(func(self.ether_ip_tcp)) self.assertFalse(func(self.ether_ip_udp)) self.assertFalse(func(self.ether_arp))
def testFilter_withFields_TCP_flags(self): func = filter_from_str('tcp.syn == True') self.assertTrue(func(self.ether_ip_tcp)) self.assertFalse(func(self.ether_ip_udp)) self.assertFalse(func(self.ether_arp)) func = filter_from_str('tcp.ack == True') self.assertFalse(func(self.ether_ip_tcp)) self.assertFalse(func(self.ether_ip_udp)) self.assertFalse(func(self.ether_arp))
def testFilter_withFields_TCP_ports(self): func = filter_from_str('tcp.src_port == 1337') self.assertTrue(func(self.ether_ip_tcp)) self.assertFalse(func(self.ether_ip_udp)) self.assertFalse(func(self.ether_arp)) func = filter_from_str('tcp.src_port == 1448') self.assertFalse(func(self.ether_ip_tcp)) self.assertFalse(func(self.ether_ip_udp)) self.assertFalse(func(self.ether_arp))
def main(): parser = get_parser() args = parser.parse_args() args.verbosity = min(args.verbosity, 2) args.ifaces = list() if args.ifaces is None else args.ifaces path = args.dump_file verbosity_to_visitor = [ ZeroVerbosityVisitor(), FirstVerbosityVisitor(), SecondVerbosityVisitor() ] try: filter_func = filter_from_str(args.filter) except ValueError as e: print(e) return try: if path is not None: dump_writer = PcapWriter(path, args.max_size) else: dump_writer = EmptyWriter() out_writer = FormattedWriter( verbosity_to_visitor[args.verbosity], args.time ) try: receiver = SocketReceiver(*args.ifaces) except OSError as e: print(f'Error: {e}') return 0 except FileNotFoundError: print(f'File {args.dump_file} is not found or could not be created') return except PermissionError: print( f'Permission error. ' f'You need to use root privileges to run the program' ) return except ValueError as e: print(e) return sniffer = Sniffer(dump_writer, out_writer, receiver, filter_func) sniffer.start_sniffing()
def testFilter_withProto_Ether(self): func = filter_from_str('proto == IP') self.assertTrue(func(self.ether_ip_tcp)) self.assertTrue(func(self.ether_ip_udp)) self.assertFalse(func(self.ether_arp))
def testFilter_ReturnsTrueWithoutArgs(self): func = filter_from_str() self.assertTrue(func(self.ether_ip_tcp)) self.assertTrue(func(self.ether_ip_udp)) self.assertTrue(func(self.ether_arp))