Exemplo n.º 1
0
    async def _get_tshark_process(self, packet_count=None, stdin=None):
        """
        Returns a new tshark process with previously-set parameters.
        """
        if self.use_json:
            output_type = 'json'
            if not self._tshark_version:
                self._tshark_version = get_tshark_version(self.tshark_path)
            if not tshark_supports_json(self._tshark_version):
                raise TSharkVersionException(
                    "JSON only supported on Wireshark >= 2.2.0")
        else:
            output_type = 'psml' if self._only_summaries else 'pdml'
        parameters = [self._get_tshark_path(), '-l', '-n', '-T', output_type] + \
            self.get_parameters(packet_count=packet_count)

        self._log.debug('Creating TShark subprocess with parameters: ' +
                        ' '.join(parameters))
        self._log.debug('Executable: %s' % parameters[0])
        tshark_process = await asyncio.create_subprocess_exec(
            *parameters,
            stdout=subprocess.PIPE,
            stderr=self._stderr_output(),
            stdin=stdin)
        self._created_new_process(parameters, tshark_process)
        return tshark_process
Exemplo n.º 2
0
    def _get_tshark_process(self, packet_count=None, stdin=None):
        """
        Returns a new tshark process with previously-set parameters.
        """
        if self.use_json:
            output_type = 'json'
            if not tshark_supports_json(self.tshark_path):
                raise TSharkVersionException(
                    "JSON only supported on Wireshark >= 2.2.0")
        else:
            output_type = 'psml' if self.only_summaries else 'pdml'
        parameters = [get_tshark_path(self.tshark_path), '-l', '-n', '-T', output_type] + \
                     self.get_parameters(packet_count=packet_count)

        self._log.debug('Creating TShark subprocess with parameters: ' +
                        ' '.join(parameters))

        # Ignore stderr output unless in debug mode (sent to console)
        output = None if self.debug else open(os.devnull, "w")
        tshark_process = yield From(
            asyncio.create_subprocess_exec(*parameters,
                                           stdout=subprocess.PIPE,
                                           stderr=output,
                                           stdin=stdin))
        self._log.debug('TShark subprocess created')

        if tshark_process.returncode is not None and tshark_process.returncode != 0:
            raise TSharkCrashException(
                'TShark seems to have crashed. Try updating it. (command ran: "%s")'
                % ' '.join(parameters))
        self.running_processes.add(tshark_process)
        raise Return(tshark_process)
Exemplo n.º 3
0
    async def _get_tshark_process(self, packet_count=None, stdin=None):
        """Returns a new tshark process with previously-set parameters."""
        output_parameters = []
        if self.use_json:
            output_type = "json"
            if not tshark_supports_json(self._get_tshark_version()):
                raise TSharkVersionException(
                    "JSON only supported on Wireshark >= 2.2.0")
            if tshark_supports_duplicate_keys(self._get_tshark_version()):
                output_parameters.append("--no-duplicate-keys")
                self._json_has_duplicate_keys = False
        else:
            output_type = "psml" if self._only_summaries else "pdml"
        parameters = [self._get_tshark_path(), "-l", "-n", "-T", output_type] + \
            self.get_parameters(packet_count=packet_count) + output_parameters

        self._log.debug("Creating TShark subprocess with parameters: " +
                        " ".join(parameters))
        self._log.debug("Executable: %s" % parameters[0])
        tshark_process = await asyncio.create_subprocess_exec(
            *parameters,
            stdout=subprocess.PIPE,
            stderr=self._stderr_output(),
            stdin=stdin)
        self._created_new_process(parameters, tshark_process)
        return tshark_process
Exemplo n.º 4
0
def get_tshark_version(tshark_path=None):
    parameters = [get_process_path(tshark_path), "-v"]
    with open(os.devnull, "w") as null:
        version_output = subprocess.check_output(parameters,
                                                 stderr=null).decode("ascii")

    version_line = version_output.splitlines()[0]
    pattern = '.*\s(\d+\.\d+\.\d+).*'  # match " #.#.#" version pattern
    m = re.match(pattern, version_line)
    if not m:
        raise TSharkVersionException(
            "Unable to parse TShark version from: {}".format(version_line))
    version_string = m.groups()[0]  # Use first match found

    return LooseVersion(version_string)