syspy 0.0.17 → 0.0.18
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/bin/syspy +2 -0
- data/lib/syspy.rb +2 -0
- data/lib/tds_package_stream.rb +26 -23
- metadata +52 -30
data/bin/syspy
CHANGED
data/lib/syspy.rb
CHANGED
data/lib/tds_package_stream.rb
CHANGED
@@ -17,23 +17,33 @@ module Syspy
|
|
17
17
|
|
18
18
|
def each_package()
|
19
19
|
Thread.abort_on_exception = true
|
20
|
-
@tcpdump_thread = Thread.new(){
|
21
|
-
IO.popen("tcpdump -
|
22
|
-
|
23
|
-
|
24
|
-
|
25
|
-
|
26
|
-
|
27
|
-
|
28
|
-
|
29
|
-
|
30
|
-
|
31
|
-
|
32
|
-
|
20
|
+
@tcpdump_thread = Thread.new(){
|
21
|
+
IO.popen("tcpdump -B 2048 -q -x -i #{@interface} tcp and dst #{@dst} and dst port #{@dst_port} 2>/dev/null"){|io|
|
22
|
+
buffer = StringIO.new()
|
23
|
+
io.each_line(){|line|
|
24
|
+
if(line.match(/^\d{1,2}:\d{1,2}:\d{1,2}.+$/))
|
25
|
+
puts line
|
26
|
+
unless(buffer.string.empty?)
|
27
|
+
data_io = StringIO.new(buffer.string)
|
28
|
+
tcp_length = read_ip_header(data_io)
|
29
|
+
Log.debug "Got IP package: #{tcp_length}"
|
30
|
+
content_length = read_tcp_header(data_io,tcp_length)
|
31
|
+
Log.debug "Got TCP package: #{content_length}"
|
32
|
+
if(content_length > 0)
|
33
|
+
content = data_io.read(content_length)
|
34
|
+
@out.write(content)
|
35
|
+
@out.flush
|
36
|
+
end
|
37
|
+
buffer = StringIO.new()
|
38
|
+
end
|
39
|
+
else
|
40
|
+
token = line.squeeze(" ").split(" ")[1..-1].join("")
|
41
|
+
0.upto((token.size / 2) - 1){|i|
|
42
|
+
char = token[i*2,2].to_i(16)
|
43
|
+
buffer.putc(char)
|
44
|
+
}
|
33
45
|
end
|
34
|
-
|
35
|
-
Log.debug "Network package done"
|
36
|
-
}
|
46
|
+
}
|
37
47
|
}
|
38
48
|
}
|
39
49
|
|
@@ -80,13 +90,6 @@ module Syspy
|
|
80
90
|
end
|
81
91
|
|
82
92
|
def read_ip_header(io)
|
83
|
-
count = 0
|
84
|
-
loop(){
|
85
|
-
network_type = Bytes.uint16be(io)
|
86
|
-
break if network_type == 0x800 and count >= 14
|
87
|
-
count += 1
|
88
|
-
}
|
89
|
-
|
90
93
|
# read IP version and header length
|
91
94
|
ver_len = Bytes.uint(io)
|
92
95
|
version = ver_len >> 4
|
metadata
CHANGED
@@ -1,34 +1,46 @@
|
|
1
|
-
--- !ruby/object:Gem::Specification
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
2
|
name: syspy
|
3
|
-
version: !ruby/object:Gem::Version
|
4
|
-
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
hash: 59
|
5
5
|
prerelease:
|
6
|
+
segments:
|
7
|
+
- 0
|
8
|
+
- 0
|
9
|
+
- 18
|
10
|
+
version: 0.0.18
|
6
11
|
platform: ruby
|
7
|
-
authors:
|
12
|
+
authors:
|
8
13
|
- Matthias Balmer
|
9
14
|
autorequire:
|
10
15
|
bindir: bin
|
11
16
|
cert_chain: []
|
12
|
-
|
13
|
-
|
14
|
-
|
17
|
+
|
18
|
+
date: 2013-02-14 00:00:00 +01:00
|
19
|
+
default_executable:
|
20
|
+
dependencies:
|
21
|
+
- !ruby/object:Gem::Dependency
|
15
22
|
name: bindata
|
16
|
-
|
23
|
+
prerelease: false
|
24
|
+
requirement: &id001 !ruby/object:Gem::Requirement
|
17
25
|
none: false
|
18
|
-
requirements:
|
19
|
-
- -
|
20
|
-
- !ruby/object:Gem::Version
|
21
|
-
|
26
|
+
requirements:
|
27
|
+
- - ">="
|
28
|
+
- !ruby/object:Gem::Version
|
29
|
+
hash: 3
|
30
|
+
segments:
|
31
|
+
- 0
|
32
|
+
version: "0"
|
22
33
|
type: :runtime
|
23
|
-
|
24
|
-
version_requirements: *12454940
|
34
|
+
version_requirements: *id001
|
25
35
|
description:
|
26
36
|
email: matthias.balmer@sysinf.ch
|
27
|
-
executables:
|
37
|
+
executables:
|
28
38
|
- syspy
|
29
39
|
extensions: []
|
40
|
+
|
30
41
|
extra_rdoc_files: []
|
31
|
-
|
42
|
+
|
43
|
+
files:
|
32
44
|
- lib/bytes.rb
|
33
45
|
- lib/tds_types.rb
|
34
46
|
- lib/tds_tokens.rb
|
@@ -41,29 +53,39 @@ files:
|
|
41
53
|
- lib/syspy.rb
|
42
54
|
- lib/tds_package.rb
|
43
55
|
- bin/syspy
|
56
|
+
has_rdoc: true
|
44
57
|
homepage:
|
45
58
|
licenses: []
|
46
|
-
|
47
|
-
|
59
|
+
|
60
|
+
post_install_message: To use syspy as standalone application run "sudo syspy <interface> <destination_ip> <destination_port>"
|
48
61
|
rdoc_options: []
|
49
|
-
|
62
|
+
|
63
|
+
require_paths:
|
50
64
|
- lib
|
51
|
-
required_ruby_version: !ruby/object:Gem::Requirement
|
65
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
52
66
|
none: false
|
53
|
-
requirements:
|
54
|
-
- -
|
55
|
-
- !ruby/object:Gem::Version
|
56
|
-
|
57
|
-
|
67
|
+
requirements:
|
68
|
+
- - ">="
|
69
|
+
- !ruby/object:Gem::Version
|
70
|
+
hash: 3
|
71
|
+
segments:
|
72
|
+
- 0
|
73
|
+
version: "0"
|
74
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
58
75
|
none: false
|
59
|
-
requirements:
|
60
|
-
- -
|
61
|
-
- !ruby/object:Gem::Version
|
62
|
-
|
76
|
+
requirements:
|
77
|
+
- - ">="
|
78
|
+
- !ruby/object:Gem::Version
|
79
|
+
hash: 3
|
80
|
+
segments:
|
81
|
+
- 0
|
82
|
+
version: "0"
|
63
83
|
requirements: []
|
84
|
+
|
64
85
|
rubyforge_project:
|
65
|
-
rubygems_version: 1.
|
86
|
+
rubygems_version: 1.4.2
|
66
87
|
signing_key:
|
67
88
|
specification_version: 3
|
68
89
|
summary: Observe TDS packages directly from a network interface
|
69
90
|
test_files: []
|
91
|
+
|