patronus_fati 0.9.9 → 0.9.10

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: cfe40f71ac82eb47cbb8a953fa885212bc8905ef
-  data.tar.gz: 47a75e71fead220c90807cc0966923330b861835
+  metadata.gz: 30a45534df56bbc7541ead1896e279e351011bfd
+  data.tar.gz: 22a7548d50463aa2fe9ee287d9940ebfb8171073
 SHA512:
-  metadata.gz: 0a9c38d270b38d5c9c675599cf69fd734fa3b351b988d6938ac3456f62d7988c2a41bebe722d5f4e46959a6929cbf6b0a286a90e041583fe4c6b3f54b2454375
-  data.tar.gz: 4bcee46b696f3fe36ad67eca24e41e3842b38fc975b7d74c636525901d327b312418474da78be81e51fe1b647d35f1470037cef00abcf78cf160722bddb24226
+  metadata.gz: c740113e2d63eec12a1c6657218b879a68476357db7511606c86d8ba69f2e70a7dd42f0d460d922f87785a914fd4b8c6177656c333ae9be9ecbcfe3d63677cba
+  data.tar.gz: 292ef8ca17abbda49f2aec6a8948713a272aba5e4490bbacc3239da2f750c4bf2423f9b119f6df4914a5e4fb88476f651af46dd93651f8deb75fc228c50ab87a

data/lib/patronus_fati/message_processor/client.rb

@@ -5,32 +5,38 @@ module PatronusFati::MessageProcessor::Client
     # We don't care about objects that would have expired already...
     return if obj[:lasttime] < PatronusFati::DataModels::Client.current_expiration_threshold
 
-    # These potentially represent wired assets leaking through the WiFi and
-    # devices not following the 802.11 spec.
-    return if %w( unknown from_ds ).include?(obj[:type]) || obj[:mac].nil?
+    unless obj[:bssid].nil? || obj[:bssid].empty? || obj[:bssid] == obj[:mac]
+      return unless (ap = PatronusFati::DataModels::AccessPoint.first(bssid: obj[:bssid]))
+      ap.seen!
+    end
 
     # Some messages from kismet come in corrupted with partial MACs. We care
     # not for them, just drop the bad data.
     return unless obj[:mac].match(/^([0-9a-f]{2}[:-]){5}[0-9a-f]{2}$/)
 
     client_info = client_data(obj.attributes)
-    client = PatronusFati::DataModels::Client.first_or_create({bssid: obj[:mac]}, client_info)
-    client.update(client_info)
+
+    # These potentially represent wired assets leaking through the WiFi and
+    # devices not following the 802.11 spec.
+    if %w( unknown from_ds ).include?(obj[:type]) || obj[:mac].nil?
+      client = PatronusFati::DataModels::Client.first({bssid: obj[:mac]})
+    else
+      client = PatronusFati::DataModels::Client.first_or_create({bssid: obj[:mac]}, client_info)
+    end
+    client.update(client_info) if client
 
     # Don't deal in associations that are outside of our connection expiration
     # time...
     return if obj[:lasttime] < PatronusFati::DataModels::Connection.current_expiration_threshold
 
     # Handle the associations
-    unless obj[:bssid].nil? || obj[:bssid].empty? || obj[:bssid] == obj[:mac]
-      return unless (ap = PatronusFati::DataModels::AccessPoint.first(bssid: obj[:bssid]))
-      ap.seen!
-
+    if ap && client
       if (conn = PatronusFati::DataModels::Connection.connected.first(client: client, access_point: ap))
         conn.seen!
       else
         average =  (obj[:datapackets] == 0 ? 0 : obj[:datasize] / obj[:datapackets])
 
+        # Create a connection only if it meets our thresholding logic below
         return unless !(obj[:gatewayip].nil? || obj[:ip].nil?) ||
           (average >= 156 && obj[:datapackets] > 10) ||
           (average >= 110 && obj[:datapackets] > 50)

data/lib/patronus_fati/version.rb

@@ -1,3 +1,3 @@
 module PatronusFati
-  VERSION = '0.9.9'
+  VERSION = '0.9.10'
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: patronus_fati
 version: !ruby/object:Gem::Version
-  version: 0.9.9
+  version: 0.9.10
 platform: ruby
 authors:
 - Sam Stelfox
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2016-02-01 00:00:00.000000000 Z
+date: 2016-02-03 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: dm-constraints
@@ -374,7 +374,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.4.3
+rubygems_version: 2.4.8
 signing_key: 
 specification_version: 4
 summary: A ruby implementation of the Kismet client protocol.