def trace(self, pkt): assert isinstance(pkt[0], Ether) and \ isinstance(pkt[1], IP) and \ isinstance(pkt[2], TCP) src = pkt[1].src dst = pkt[1].dst sport = pkt[2].sport dport = pkt[2].dport try: payload = str(pkt[3]) except IndexError: payload = '' seq = SerialNumber(pkt[2].seq, 32) flags = pkt[2].flags flow = self.flows.get((src, sport, dst, dport), None) if not flow: flow = self.flows.get((dst, dport, src, sport), None) try: if flow: state_machine[flow.state](self, flow, payload, src, sport, dst, dport, flags, seq) else: state_machine[CS_INIT](self, flow, payload, src, sport, dst, dport, flags, seq) except KeyError as e: self.logger.debug( 'State not found in the state machine: state={} flags={} existing={}' .format(flow.state if flow else CS_INIT, flags, flow != None))
def test_increment_by_too_much(self): n = SerialNumber(100, 8) with self.assertRaises(InvalidSerialNumberOperationError): n + 129 with self.assertRaises(InvalidSerialNumberOperationError): 129 + n
def test_comparison(self): n0 = SerialNumber(0, 8) n1 = SerialNumber(1, 8) n44 = SerialNumber(44, 8) n100 = SerialNumber(100, 8) n200 = SerialNumber(200, 8) n255 = SerialNumber(255, 8) self.assertTrue(n1 > n0) self.assertTrue(n0 < n1) self.assertFalse(n1 < n0) self.assertFalse(n0 > n1) self.assertTrue(n44 > n0) self.assertTrue(n0 < n44) self.assertFalse(n44 < n0) self.assertFalse(n0 > n44) self.assertTrue(n100 > n0) self.assertTrue(n0 < n100) self.assertFalse(n100 < n0) self.assertFalse(n0 > n100) self.assertTrue(n100 > n44) self.assertTrue(n44 < n100) self.assertFalse(n100 < n44) self.assertFalse(n44 > n100) self.assertTrue(n200 > n100) self.assertTrue(n100 < n200) self.assertFalse(n200 < n100) self.assertFalse(n100 > n200) self.assertTrue(n255 > n200) self.assertTrue(n200 < n255) self.assertFalse(n255 < n200) self.assertFalse(n200 > n255) self.assertTrue(n0 > n255) self.assertTrue(n255 < n0) self.assertFalse(n0 < n255) self.assertFalse(n255 > n0) self.assertTrue(n100 > n255) self.assertTrue(n255 < n100) self.assertFalse(n100 < n255) self.assertFalse(n255 > n100) self.assertTrue(n0 > n200) self.assertTrue(n200 < n0) self.assertFalse(n0 < n200) self.assertFalse(n200 > n0) self.assertTrue(n44 > n200) self.assertTrue(n200 < n44) self.assertFalse(n44 < n200) self.assertFalse(n200 > n44)
def test_increment_by_one_without_wrap(self): n = SerialNumber(100, 8) self.assertEqual(n + 1, 101) self.assertEqual(1 + n, 101)
def test_equality_with_different_serial_bits(self): n = SerialNumber(1000, 16) m = SerialNumber(1000, 24) self.assertTrue(n != m) self.assertFalse(n == m)
def test_equality_with_same_serial_bits(self): n = SerialNumber(1000, 16) m = SerialNumber(1000, 16) self.assertEqual(n, m) self.assertNotEqual(n, m)
def test_increment_by_some_with_wrap(self): n = SerialNumber(250, 8) self.assertEqual(n + 20, 14) self.assertEqual(20 + n, 14)
def test_increment_by_some_without_wrap(self): n = SerialNumber(100, 8) self.assertEqual(n + 50, 150) self.assertEqual(50 + n, 150)
def test_increment_by_one_with_wrap(self): n = SerialNumber(255, 8) self.assertEqual(n + 1, 0) self.assertEqual(1 + n, 0)
def trace(self, pkt): assert isinstance(pkt[0], Ether) and \ isinstance(pkt[1], IP) and \ isinstance(pkt[2], UDP) payload = str(pkt[3]) if len(payload) < 20: self.logger.debug( 'Payload smaller than 20 bytes. Not a UTP packet.') return version = ord(payload[0]) & 0x0f if version != 1: self.logger.debug('Invalid version. Not a UTP packet.') return type = (ord(payload[0]) & 0xf0) >> 4 if type > 4: self.logger.debug('Invalid type. Not a UTP packet.') return extension = ord(payload[1]) ext_len = 0 while extension != 0: if len(payload) < 20 + ext_len + 1: self.logger.debug('Invalid packet length. Not a UTP packet.') return extension = ord(payload[20 + ext_len]) length = ord(payload[20 + ext_len + 1]) ext_len += 2 + length connid = (ord(payload[2]) << 8) | \ (ord(payload[3]) << 0) src = pkt[1].src dst = pkt[1].dst sport = pkt[2].sport dport = pkt[2].dport seq = (ord(payload[16]) << 8) | \ (ord(payload[17]) << 0) seq = SerialNumber(seq, 16) flow = self.flows.get( (src, sport, dst, dport, connid if type == ST_SYN else connid - 1), None) if not flow: flow = self.flows.get((dst, dport, src, sport, connid), None) if flow: s, t, e = flow.state, type, True else: s, t, e = CS_INIT, type, False action = state_machine.get((s, t, e), None) if action: action(self, flow, payload[20 + ext_len:], src, sport, dst, dport, connid, seq) else: self.logger.debug( 'State not found in the state machine: state={} type={} existing={}' .format(s, t, e))