示例#1
0
    def __init__(self, filename, my_mac=None, cap_filter=r'ip proto \tcp'):
        self.myreader = RawCapReader(filename, cap_filter) # inheritance is slower
        #self.my_ip = IPTool.ip2num(my_ip)
        self.flows_map={}
        self.pcap_array=[]
        self.packet_number=0

        if my_mac is not None:
            self.my_mac = [int(i, 16) for i in my_mac.split(":")]
        else:
            self.my_mac = None

        
        #bytes = struct.unpack('!H', hdr[0:2])
        #if bytes == 4:
        #my_ip = packet.myip

        for p in self.myreader:
            if p is not None:
                hdr, data = p
               # assert(len(data)>0)
                packet = FastTCPDecoder(self.myreader.datalink, data, my_mac=self.my_mac)

                if packet.is_tcp:
                    sec,  usec = hdr.getts()
                    p = packet
                    conn = Flow((p.ip_src, p.tcp_sport), (p.ip_dst, p.tcp_dport))
                    sent_packets, rcvd_packets, rcvd_acks = self.flows_map.get(conn, [{}, {}, {}])
                    #if p.ip_src == self.my_ip: #pacchetto inviato
                    if p.sent_by_us==1: #pacchetto inviato
                        self.pcap_array.append((sec, usec, 1, data))
                        self.packet_number+=1
                        tmp = sent_packets.get(p.tcp_seq, [None, {}])
                        if(tmp[0])==None:
                            tmp[0]=p.ip_id
                        tmp[1][p.ip_id]=self.packet_number-1
                        sent_packets[p.tcp_seq]=tmp
                    #elif p.ip_dst == self.my_ip: # paccketto ricevuto
                    elif p.sent_by_us==0: # paccketto ricevuto
                        self.pcap_array.append((sec, usec, 0, data))
                        self.packet_number+=1
                        tmp = rcvd_packets.get(p.tcp_seq, [None, {}])
                        if(tmp[0])==None:
                            tmp[0]=p.ip_id
                        tmp[1][p.ip_id]=self.packet_number-1
                        rcvd_packets[p.tcp_seq]=tmp
                        
                        tmp = rcvd_acks.get(p.tcp_ack, [None, {}])
                        if(tmp[0])==None:
                            tmp[0]=p.ip_id
                        tmp[1][p.ip_id]=self.packet_number-1
                        rcvd_acks[p.tcp_ack]=tmp
                    else:
                        print i, IPTool.num2ip(p.ip_src), IPTool.num2ip(p.ip_dst), p.tcp_sport, p.tcp_dport
                        assert(False)
                    self.flows_map[conn]=[sent_packets, rcvd_packets, rcvd_acks]
            else:
                print "None"
                assert(0)
示例#2
0
 def __str__(self):
     #return "%s:%d <-> %s:%d" % ( socket.inet_ntop(socket.AF_INET, self.p1[0]), self.p1[1],socket.inet_ntop(socket.AF_INET, self.p2[0]), self.p2[1])  
     #return "%s:%d <-> %s:%d" % ( socket.inet_ntoa(struct.pack('!L',self.p1[0])), self.p1[1],socket.inet_ntoa(struct.pack('!L',self.p2[0])), self.p2[1])  
     return "%s:%d <-> %s:%d" % ( IPTool.num2ip(self.p1[0]), self.p1[1], IPTool.num2ip(self.p2[0]), self.p2[1])