def taste(tcp): ((src, sport), (dst, dport)) = tcp.addr if tcp.module_data["isodate"]: timestamp = packet_isodate(tcp.timestamp) else: timestamp = packet_timedate(tcp.timestamp) tcp.module_data["streams"][str(tcp.addr)] = { "type": "stream", "data": { "comm_order": [], "start_time": timestamp, "end_time": timestamp, "src": src, "sport": sport, "dst": dst, "dport": dport, "client_data_transfer": 0, "server_data_transfer": 0, "total_packets": 0, }, } if "start_time" not in tcp.module_data["pcap_summary"]["data"]: tcp.module_data["pcap_summary"]["data"]["start_time"] = timestamp tcp.module_data["pcap_summary"]["data"]["total_streams"] += 1 return True
def taste(tcp): ((src, sport), (dst, dport)) = tcp.addr if tcp.module_data['isodate']: timestamp = packet_isodate(tcp.timestamp) else: timestamp = packet_timedate(tcp.timestamp) tcp.module_data['streams'][str(tcp.addr)] = { 'type': 'stream', 'data': { 'comm_order': [], 'start_time': timestamp, 'end_time': timestamp, 'src': src, 'sport': sport, 'dst': dst, 'dport': dport, 'client_data_transfer': 0, 'server_data_transfer': 0, 'total_packets': 0 } } if 'start_time' not in tcp.module_data['pcap_summary']['data']: tcp.module_data['pcap_summary']['data']['start_time'] = timestamp tcp.module_data['pcap_summary']['data']['total_streams'] += 1 return True
def handleStream(tcp): key = str(tcp.addr) ((src, sport), (dst, dport)) = parse_addr(tcp) if tcp.module_data["isodate"]: timestamp = packet_isodate(tcp.timestamp) else: timestamp = packet_timedate(tcp.timestamp) ps = tcp.module_data["pcap_summary"]["data"] cs = tcp.module_data["streams"][key]["data"] if tcp.server.count_new > 0: comm = { "data_to": "S", "data_len": tcp.server.count_new, "entropy": entropy(tcp.server.data[: tcp.server.count_new]), } cs["comm_order"].append(comm) cs["server_data_transfer"] += tcp.server.count_new ps["total_data_transfer"] += tcp.server.count_new tcp.discard(tcp.server.count_new) else: comm = { "data_to": "C", "data_len": tcp.client.count_new, "entropy": entropy(tcp.client.data[: tcp.client.count_new]), } cs["comm_order"].append(comm) cs["client_data_transfer"] += tcp.client.count_new ps["total_data_transfer"] += tcp.client.count_new tcp.discard(tcp.client.count_new) cs["end_time"] = timestamp cs["total_packets"] += 1 ps["total_packets"] += 1 ps["end_time"] = timestamp return
def handleStream(tcp): key = str(tcp.addr) ((src, sport), (dst, dport)) = parse_addr(tcp) if tcp.module_data['isodate']: timestamp = packet_isodate(tcp.timestamp) else: timestamp = packet_timedate(tcp.timestamp) ps = tcp.module_data['pcap_summary']['data'] cs = tcp.module_data['streams'][key]['data'] if tcp.server.count_new > 0: comm = { 'data_to': 'S', 'data_len': tcp.server.count_new, 'entropy': entropy(tcp.server.data[:tcp.server.count_new]) } cs['comm_order'].append(comm) cs['server_data_transfer'] += tcp.server.count_new ps['total_data_transfer'] += tcp.server.count_new tcp.discard(tcp.server.count_new) else: comm = { 'data_to': 'C', 'data_len': tcp.client.count_new, 'entropy': entropy(tcp.client.data[:tcp.client.count_new]) } cs['comm_order'].append(comm) cs['client_data_transfer'] += tcp.client.count_new ps['total_data_transfer'] += tcp.client.count_new tcp.discard(tcp.client.count_new) cs['end_time'] = timestamp cs['total_packets'] += 1 ps['total_packets'] += 1 ps['end_time'] = timestamp return