def parse(self, forward_fd, reverse_fd, scanners):
while True:
request = { 'url':'/unknown_request_%s' % forward_fd.inode_id,
'method': 'GET' }
response = {}
parse = False
request_body = response_body = None
## First parse both request and response
## Get the current timestamp of the request
packet = NetworkScanner.dissect_packet(forward_fd)
if self.read_request(request, forward_fd):
try:
request['timestamp'] = packet.ts_sec
except AttributeError:
request['timestamp'] = 0
parse = True
request_body = self.skip_body(request, forward_fd)
request_body.dirty = 0
packet = NetworkScanner.dissect_packet(reverse_fd)
if self.read_response(response, reverse_fd):
try:
response['timestamp'] = packet.ts_sec
except AttributeError:
response['timestamp'] = 0
parse = True
response_body = self.skip_body(response, reverse_fd)
## We hang all the parameters on the response object
## (i.e. file attachment, post parameters, cookies)
if response_body and request_body:
self.process_cookies(request, response_body)
self.process_post_body(request, request_body, response_body)
if request_body.size > 0:
request_body.close()
if response_body and response_body.size > 0:
## Store information about the object in the http table:
url = request.get('url','/')
## We try to store the url in a normalized form so we
## can find it regardless of the various permutations
## it can go though
response_body.insert_to_table("http",
dict(method = request.get('method'),
url = url,
status = response.get('HTTP_code'),
content_type = response.get('content-type'),
useragent = request.get('user-agent'),
host = request.get('host'),
tld = make_tld(request.get('host',''))
)
)
response_body.close()
Scanner.scan_inode_distributed(forward_fd.case, response_body.inode_id,
scanners, self.cookie)
if not parse: break
def parse(self, forward_fd, reverse_fd, scanners):
while True:
request = {
'url': '/unknown_request_%s' % forward_fd.inode_id,
'method': 'GET'
}
response = {}
parse = False
request_body = response_body = None
## First parse both request and response
## Get the current timestamp of the request
packet = NetworkScanner.dissect_packet(forward_fd)
if self.read_request(request, forward_fd):
try:
request['timestamp'] = packet.ts_sec
except AttributeError:
request['timestamp'] = 0
parse = True
request_body = self.skip_body(request, forward_fd)
request_body.dirty = 0
packet = NetworkScanner.dissect_packet(reverse_fd)
if self.read_response(response, reverse_fd):
try:
response['timestamp'] = packet.ts_sec
except AttributeError:
response['timestamp'] = 0
parse = True
response_body = self.skip_body(response, reverse_fd)
## We hang all the parameters on the response object
## (i.e. file attachment, post parameters, cookies)
if response_body and request_body:
self.process_cookies(request, response_body)
self.process_post_body(request, request_body, response_body)
if request_body.size > 0:
request_body.close()
if response_body and response_body.size > 0:
## Store information about the object in the http table:
url = request.get('url', '/')
## We try to store the url in a normalized form so we
## can find it regardless of the various permutations
## it can go though
response_body.insert_to_table(
"http",
dict(method=request.get('method'),
url=url,
status=response.get('HTTP_code'),
content_type=response.get('content-type'),
useragent=request.get('user-agent'),
host=request.get('host'),
tld=make_tld(request.get('host', ''))))
response_body.close()
Scanner.scan_inode_distributed(forward_fd.case,
response_body.inode_id,
scanners, self.cookie)
if not parse: break
