def annoate_doc(self, doc): date = None if doc.has_key('state') == False: doc['state'] = 0 #TODO test if already annoated d = "" #Extract timestamp if doc.has_key('timestamp'): (date,time) = doc['timestamp'].split(' ') date=date.replace('-','') srcasn = 0 if self.cache.has_key(doc['ipsrc']): srcid = self.cache[doc['ipsrc']] else: self.cacheid = self.cacheid + 1 (srcasn,d) = ipasn.asn(doc['ipsrc'] , date) (aid, ip) = self.get_asn(doc["ipsrc"], date) if ip is not None: doc['a_'+str(potiron.TYPE_ASN_DICT)+'+_ipsrc'] = aid (aid, ip) = self.get_asn(doc["ipdst"], date) if aid is not None: doc['a_'+str(potiron.TYPE_ASN_DICT)+'_ipdst'] = aid doc["state"] = doc["state"] | potiron.STATE_ASN_AN return doc
def annoate_doc(self, doc): date = None if 'state' not in doc: doc['state'] = 0 # TODO test if already annoated d = "" # Extract timestamp if 'timestamp' in doc: date, time = doc['timestamp'].split(' ') date = date.replace('-', '') srcasn = 0 if doc['ipsrc'] in self.cache: # FIXME: srcid isn't used srcid = self.cache[doc['ipsrc']] else: self.cacheid = self.cacheid + 1 srcasn, d = ipasn.asn(doc['ipsrc'], date) aid, ip = self.get_asn(doc["ipsrc"], date) if ip is not None: doc['a_{}_ipsrc'.format(potiron.TYPE_ASN_DICT)] = aid aid, ip = self.get_asn(doc["ipdst"], date) if aid is not None: doc['a_{}_ipdst'.format(potiron.TYPE_ASN_DICT)] = aid doc["state"] = doc["state"] | potiron.STATE_ASN_AN return doc
def annoate_doc(self, doc): date = None if doc.has_key('state') == False: doc['state'] = 0 #TODO test if already annoated d = "" #Extract timestamp if doc.has_key('timestamp'): (date, time) = doc['timestamp'].split(' ') date = date.replace('-', '') srcasn = 0 if self.cache.has_key(doc['ipsrc']): srcid = self.cache[doc['ipsrc']] else: self.cacheid = self.cacheid + 1 (srcasn, d) = ipasn.asn(doc['ipsrc'], date) (aid, ip) = self.get_asn(doc["ipsrc"], date) if ip is not None: doc['a_' + str(potiron.TYPE_ASN_DICT) + '+_ipsrc'] = aid (aid, ip) = self.get_asn(doc["ipdst"], date) if aid is not None: doc['a_' + str(potiron.TYPE_ASN_DICT) + '_ipdst'] = aid doc["state"] = doc["state"] | potiron.STATE_ASN_AN return doc
def get_asn(self, ipaddress,date): if self.cache.has_key(ipaddress): return self.cache[ipaddress] (asn,returndate) = ipasn.asn(ipaddress , date) #FIXME Cache is common between all annotations self.cacheid = self.cacheid + 1 self.cache[ipaddress] = (self.cacheid,asn) self.cache['type'] = potiron.TYPE_ASN_DICT if returndate != date: #FIXME Not tested potiron.errormsg("Date mismatch between ASN database and encountered timestamp in packet capture. IP="+ipaddress+". Date="+date+" "+"Return date= "+returndate) return (self.cacheid, asn)
def get_asn(self, ipaddress, date): if ipaddress in self.cache: return self.cache[ipaddress] asn, returndate = ipasn.asn(ipaddress, date) # FIXME Cache is common between all annotations self.cacheid = self.cacheid + 1 self.cache[ipaddress] = (self.cacheid, asn) self.cache['type'] = potiron.TYPE_ASN_DICT if returndate != date: # FIXME Not tested potiron.errormsg("Date mismatch between ASN database and encountered timestamp in packet capture. IP={}. Date={} Return date= {}".format(ipaddress, date, returndate)) return (self.cacheid, asn)
def get_asn(self, ipaddress, date): if self.cache.has_key(ipaddress): return self.cache[ipaddress] (asn, returndate) = ipasn.asn(ipaddress, date) #FIXME Cache is common between all annotations self.cacheid = self.cacheid + 1 self.cache[ipaddress] = (self.cacheid, asn) self.cache['type'] = potiron.TYPE_ASN_DICT if returndate != date: #FIXME Not tested potiron.errormsg( "Date mismatch between ASN database and encountered timestamp in packet capture. IP=" + ipaddress + ". Date=" + date + " " + "Return date= " + returndate) return (self.cacheid, asn)
def asn(request): ip = request.get('ip') if ip is None: return json.dumps({}) return json.dumps(ipasn.asn(ip, request.get('announce_date')))