def _get_info_icmpv6(packets): protocol_info = {} fields = ["src_oui_resolved"] protocol_info["manufacturer"] = db.get_protocol_layer_field_unique( packets, "eth", fields) fields = ["src"] protocol_info["ip"] = db.get_protocol_layer_field_unique( packets, "ipv6", fields) return protocol_info
def _get_info_arp(packets): protocol_info = {} # eth src_oui_resolved # arp isprobe # arp src_proto_ipv4 fields = ["src_oui_resolved"] protocol_info["manufacturer"] = db.get_protocol_layer_field_unique( packets, "eth", fields) fields = ["src_proto_ipv4"] protocol_info["ip"] = db.get_protocol_layer_field_unique( packets, "arp", fields) return protocol_info
def _get_info_igmp(packets): protocol_info = {} fields = ["src_oui_resolved"] protocol_info["manufacturer"] = db.get_protocol_layer_field_unique( packets, "eth", fields) fields = ["src"] protocol_info["ip"] = db.get_protocol_layer_field_unique( packets, "ip", fields) # TTL sempre vale 1 return protocol_info
def _get_info_bjnp(packets): protocol_info = {} fields = ["src_oui_resolved"] protocol_info["manufacturer"] = db.get_protocol_layer_field_unique( packets, "eth", fields) fields = ["src"] protocol_info["ip"] = db.get_protocol_layer_field_unique( packets, "ip", fields) fields = ["dstport"] protocol_info["port"] = db.get_protocol_layer_field_unique( packets, "udp", fields) return protocol_info
def _get_info_basicxid(packets): protocol_info = {} fields = ["src_oui_resolved"] protocol_info["manufacturer"] = db.get_protocol_layer_field_unique( packets, "eth", fields) return protocol_info
def _get_info_mdns(packets): protocol_info = {} fields = ["src_oui_resolved"] protocol_info["manufacturer"] = db.get_protocol_layer_field_unique( packets, "eth", fields) fields = ["src"] protocol_info["ip"] = db.get_protocol_layer_field_unique( packets, "ip", fields) fields = ["src"] protocol_info["ipv6"] = db.get_protocol_layer_field_unique( packets, "ipv6", fields) fields = ["ttl"] protocol_info["ttl"] = db.get_protocol_layer_field_unique( packets, "ip", fields) fields = ["dstport"] protocol_info["port"] = db.get_protocol_layer_field_unique( packets, "udp", fields) fields = ["dns_qry_name"] protocol_info["queries"] = db.get_protocol_layer_field_unique( packets, "mdns", fields) fields = ["dns_resp_name"] protocol_info["responses"] = db.get_protocol_layer_field_unique( packets, "mdns", fields) fields = ["dns_srv_target"] protocol_info["srv_target"] = db.get_protocol_layer_field_unique( packets, "mdns", fields) fields = ["dns_srv_port"] protocol_info["srv_port"] = db.get_protocol_layer_field_unique( packets, "mdns", fields) fields = ["dns_ptr_domain_name"] protocol_info["domain"] = db.get_protocol_layer_field_unique( packets, "mdns", fields) return protocol_info
def _get_info_llmnr(packets): protocol_info = {} fields = ["src_oui_resolved"] protocol_info["manufacturer"] = db.get_protocol_layer_field_unique( packets, "eth", fields) fields = ["src"] protocol_info["ip"] = db.get_protocol_layer_field_unique( packets, "ipv6", fields) fields = ["dstport"] protocol_info["port"] = db.get_protocol_layer_field_unique( packets, "udp", fields) fields = ["dns_qry_name"] protocol_info["queries"] = db.get_protocol_layer_field_unique( packets, "llmnr", fields) return protocol_info
def _get_info_dhcpv6(packets): protocol_info = {} fields = ["src_oui_resolved"] protocol_info["manufacturer"] = db.get_protocol_layer_field_unique( packets, "eth", fields) fields = ["srcport"] protocol_info["port"] = db.get_protocol_layer_field_unique( packets, "udp", fields) fields = ["client_fqdn"] protocol_info["hostname"] = db.get_protocol_layer_field_unique( packets, "dhcpv6", fields) fields = ["vendorclass_data"] protocol_info["vendor_class"] = db.get_protocol_layer_field_unique( packets, "dhcpv6", fields) return protocol_info
def _get_info_dhcp(packets): protocol_info = {} fields = ["src_oui_resolved"] protocol_info["manufacturer"] = db.get_protocol_layer_field_unique( packets, "eth", fields) fields = ["ttl"] protocol_info["ttl"] = db.get_protocol_layer_field_unique( packets, "ip", fields) fields = ["srcport"] protocol_info["port"] = db.get_protocol_layer_field_unique( packets, "udp", fields) fields = ["option_hostname"] protocol_info["hostname"] = db.get_protocol_layer_field_unique( packets, "dhcp", fields) fields = ["option_vendor_class_id"] protocol_info["vendor_class"] = db.get_protocol_layer_field_unique( packets, "dhcp", fields) return protocol_info
def _get_info_browser(packets): protocol_info = {} fields = ["src_oui_resolved"] protocol_info["manufacturer"] = db.get_protocol_layer_field_unique( packets, "eth", fields) fields = ["src"] protocol_info["ip"] = db.get_protocol_layer_field_unique( packets, "ip", fields) fields = ["ttl"] protocol_info["ttl"] = db.get_protocol_layer_field_unique( packets, "ip", fields) fields = ["windows_version"] protocol_info["windows_version"] = db.get_protocol_layer_field_unique( packets, "browser", fields) fields = ["server_type"] protocol_info["device_type"] = db.get_protocol_layer_field_unique( packets, "browser", fields) fields = ["dstport"] protocol_info["port"] = db.get_protocol_layer_field_unique( packets, "udp", fields) fields = ["source_name"] protocol_info["hostname"] = db.get_protocol_layer_field_unique( packets, "nbdgm", fields) fields = ["destination_name"] protocol_info["workgroup"] = db.get_protocol_layer_field_unique( packets, "nbdgm", fields) fields = ["comment"] protocol_info["extra"] = db.get_protocol_layer_field_unique( packets, "browser", fields) return protocol_info