def __init__(self): super(httpDecode, self).__init__() self.tf = self.options['time_convert_fn'] self.statemgr = None self.id = flowIdentify() self.served_log = {} self.requested_log = {} for hp in self.options['honeypots']: self.served_log[hp] = {} self.requested_log[hp] = {}
def __init__(self): super(ftpDecode, self).__init__() self.tf = self.options['time_convert_fn'] self.statemgr = None # for some reason the data samples I'm using # often have UUUUUUPORT, compensate for that in the RE # It turns out these are being stuck in the stream due to duplicate ACKS self.activeRE = re.compile("^U*PORT", re.M) self.passiveRE = re.compile("PASV") self.portIPRE = re.compile("(\d+,){5}\d+") self.userRE = re.compile("USER\s(.*)") self.passRE = re.compile("PASS\s(.*)") # response code 227 is PASV # response code 229 is EPASV self._227re = re.compile("^227|^229", re.M) self.id = flowIdentify()