def applyTmpFilter(filePath, filterContent, caseName):
currentFilter = helper.getFilter(caseName, helper.getDBNameFromPath(filePath), type = 'file')
filteredFileName = applyFilterOnFile(filePath, filterContent, caseName, True)
if not os.path.isfile(CASES_DIR + caseName + TMP_DIR + filteredFileName):
return None
summFilter = currentFilter + ' && ' + filterContent if currentFilter != 'None' else filterContent
conn = sqlite3.connect(DATABASE)
conn.execute('pragma foreign_keys=ON')
# crete new fitler in db
conn.execute("INSERT INTO FILTERS VALUES(null, ?, \'\', \'\')",(summFilter,))
q = conn.execute('SELECT max(ID) FROM FILTERS')
filterID = q.fetchone()[0]
q = conn.execute("SELECT ID FROM CASES WHERE CASES.NAME = ?",(caseName,))
IDs = q.fetchone()
caseID = IDs[0]
if SQLHelper.getFileID(helper.getDBNameFromPath(CASES_DIR + caseName + TMP_DIR + filteredFileName), caseName) is not None:
conn.commit()
conn.close()
helper.updateFile(CASES_DIR + caseName + TMP_DIR + filteredFileName, caseName, filterID)
else:
sourceFile = helper.getDBNameFromPath(filePath)
fileSize = os.path.getsize(CASES_DIR + caseName + TMP_DIR + filteredFileName)
dateTimes = helper.getDateTimeFromFile(CASES_DIR + caseName + TMP_DIR + filteredFileName)
conn.execute("INSERT INTO FILES VALUES (null, ?, ?, ?, ?, ?, ?, ?, ?, ?)", ("tmp/"+filteredFileName, "tmp", caseID, filterID, fileSize, dateTimes[0], dateTimes[1], sourceFile,'description',))
#conn.execute("INSERT INTO FILES VALUES (null,\'"+"tmp/"+filteredFileName+"\',\'tmp\',"+str(caseID)+","+str(filterID)+","+str(fileSize)+",\'"+dateTimes[0]+"\',\'"+ dateTimes[1]+"\',\'"+sourceFile+"\')")
conn.commit()
conn.close()
return filteredFileName
def applyTimeFilterOnFile(filePath, caseName, start = '', end = '', override = False):
syslog.syslog("PCAP APP: applyTimeFilterOnFile: "+filePath+" started: "+str(datetime.datetime.now()))
if start == '' and end == '':
return None
tmpF = tempfile.NamedTemporaryFile(delete=True)
outputFileName = os.path.basename(tmpF.name + '.pcap')
outputFilePath = CASES_DIR + caseName + TMP_DIR + outputFileName
subprocess.call(['editcap','-A', start, '-B',end, filePath,outputFilePath])
if not os.path.isfile(outputFilePath):
return None
if override:
os.rename(outputFilePath, filePath)
outputFilePath = filePath
outputFileName = helper.getDBNameFromPath(filePath)
conn = sqlite3.connect(DATABASE)
conn.execute('pragma foreign_keys=ON')
# crete new fitler in db
q = conn.execute("SELECT ID FROM CASES WHERE CASES.NAME = ?", (caseName,))
IDs = q.fetchone()
caseID = IDs[0]
if SQLHelper.getFileID(helper.getDBNameFromPath(outputFilePath), caseName) is not None:
conn.commit()
conn.close()
helper.updateFile(outputFilePath, caseName, 'null')
else:
sourceFile = helper.getDBNameFromPath(filePath)
fileSize = os.path.getsize(outputFilePath)
dateTimes = helper.getDateTimeFromFile(outputFilePath)
conn.execute("INSERT INTO FILES VALUES (null, ?, ?, ?, null, ?, ?, ?, ?, ?)", ("tmp/"+outputFileName, "tmp", caseID, fileSize, dateTimes[0], dateTimes[1], sourceFile,'description',))
# conn.execute("INSERT INTO FILES VALUES (null,\'"+"tmp/"+outputFileName+"\',\'tmp\',"+str(caseID)+",null,"+str(fileSize)+",\'"+dateTimes[0]+"\',\'"+ dateTimes[1]+"\',\'"+sourceFile+"\')")
conn.commit()
conn.close()
syslog.syslog("PCAP APP: applyTimeFilterOnFile: "+filePath+" ended: "+str(datetime.datetime.now()))
return outputFilePath
def applyTimeFilterOnFile(filePath,
caseName,
start='',
end='',
override=False):
syslog.syslog("PCAP APP: applyTimeFilterOnFile: " + filePath +
" started: " + str(datetime.datetime.now()))
if start == '' and end == '':
return None
tmpF = tempfile.NamedTemporaryFile(delete=True)
outputFileName = os.path.basename(tmpF.name + '.pcap')
outputFilePath = CASES_DIR + caseName + TMP_DIR + outputFileName
subprocess.call(
['editcap', '-A', start, '-B', end, filePath, outputFilePath])
if not os.path.isfile(outputFilePath):
return None
if override:
os.rename(outputFilePath, filePath)
outputFilePath = filePath
outputFileName = helper.getDBNameFromPath(filePath)
conn = sqlite3.connect(DATABASE)
conn.execute('pragma foreign_keys=ON')
# crete new fitler in db
q = conn.execute("SELECT ID FROM CASES WHERE CASES.NAME = ?", (caseName, ))
IDs = q.fetchone()
caseID = IDs[0]
if SQLHelper.getFileID(helper.getDBNameFromPath(outputFilePath),
caseName) is not None:
conn.commit()
conn.close()
helper.updateFile(outputFilePath, caseName, 'null')
else:
sourceFile = helper.getDBNameFromPath(filePath)
fileSize = os.path.getsize(outputFilePath)
dateTimes = helper.getDateTimeFromFile(outputFilePath)
conn.execute(
"INSERT INTO FILES VALUES (null, ?, ?, ?, null, ?, ?, ?, ?, ?)", (
"tmp/" + outputFileName,
"tmp",
caseID,
fileSize,
dateTimes[0],
dateTimes[1],
sourceFile,
'description',
))
# conn.execute("INSERT INTO FILES VALUES (null,\'"+"tmp/"+outputFileName+"\',\'tmp\',"+str(caseID)+",null,"+str(fileSize)+",\'"+dateTimes[0]+"\',\'"+ dateTimes[1]+"\',\'"+sourceFile+"\')")
conn.commit()
conn.close()
syslog.syslog("PCAP APP: applyTimeFilterOnFile: " + filePath +
" ended: " + str(datetime.datetime.now()))
return outputFilePath
def applyTmpFilter(filePath, filterContent, caseName):
currentFilter = helper.getFilter(caseName,
helper.getDBNameFromPath(filePath),
type='file')
filteredFileName = applyFilterOnFile(filePath, filterContent, caseName,
True)
if not os.path.isfile(CASES_DIR + caseName + TMP_DIR + filteredFileName):
return None
summFilter = currentFilter + ' && ' + filterContent if currentFilter != 'None' else filterContent
conn = sqlite3.connect(DATABASE)
conn.execute('pragma foreign_keys=ON')
# crete new fitler in db
conn.execute("INSERT INTO FILTERS VALUES(null, ?, \'\', \'\')",
(summFilter, ))
q = conn.execute('SELECT max(ID) FROM FILTERS')
filterID = q.fetchone()[0]
q = conn.execute("SELECT ID FROM CASES WHERE CASES.NAME = ?", (caseName, ))
IDs = q.fetchone()
caseID = IDs[0]
if SQLHelper.getFileID(
helper.getDBNameFromPath(CASES_DIR + caseName + TMP_DIR +
filteredFileName), caseName) is not None:
conn.commit()
conn.close()
helper.updateFile(CASES_DIR + caseName + TMP_DIR + filteredFileName,
caseName, filterID)
else:
sourceFile = helper.getDBNameFromPath(filePath)
fileSize = os.path.getsize(CASES_DIR + caseName + TMP_DIR +
filteredFileName)
dateTimes = helper.getDateTimeFromFile(CASES_DIR + caseName + TMP_DIR +
filteredFileName)
conn.execute(
"INSERT INTO FILES VALUES (null, ?, ?, ?, ?, ?, ?, ?, ?, ?)", (
"tmp/" + filteredFileName,
"tmp",
caseID,
filterID,
fileSize,
dateTimes[0],
dateTimes[1],
sourceFile,
'description',
))
#conn.execute("INSERT INTO FILES VALUES (null,\'"+"tmp/"+filteredFileName+"\',\'tmp\',"+str(caseID)+","+str(filterID)+","+str(fileSize)+",\'"+dateTimes[0]+"\',\'"+ dateTimes[1]+"\',\'"+sourceFile+"\')")
conn.commit()
conn.close()
return filteredFileName
