RubyGems - syspy - Versions diffs - 0.0.19 → 0.0.20 - Mend

syspy 0.0.19 → 0.0.20

Files changed (4) hide show

data/bin/syspy CHANGED Viewed

@@ -44,7 +44,7 @@ module Syspy
             index += 1
           }
         end
-        Log.info("Replaced parameters: #{index}\n\n#{replaced_statement.gsub("\n","\r\n").squeeze(" ")}\n------------------------------------------------------")
+        Log.info("Replaced parameters: #{index}\n\n#{replaced_statement.gsub("\r\n","\n").gsub("\n"," ").gsub("\t"," ").squeeze(" ").strip}\n------------------------------------------------------")
       end
     }
 end

data/lib/tcpflow ADDED Viewed

Binary file

data/lib/tds_package_stream.rb CHANGED Viewed

@@ -7,6 +7,9 @@ require "tds_tokens"
 module Syspy
   class TdsPackageStream
+    HEADER_LENGTH = 45
+    HEADER_REGEXP = /\d{3}\.\d{3}\.\d{3}\.\d{3}\.\d{5}-\d{3}\.\d{3}\.\d{3}\.\d{3}\.\d{5}: /
     def initialize(interface,dst,dst_port)
       @interface = interface
@@ -18,32 +21,21 @@ module Syspy
     def each_package()
       Thread.abort_on_exception = true
       @tcpdump_thread = Thread.new(){
-        IO.popen("tcpdump -y EN10MB -B 2048 -q -x -i #{@interface} tcp and dst #{@dst} and dst port #{@dst_port} 2>/dev/null"){|io|
-          buffer = StringIO.new()
-          io.each_line(){|line|
-            if(line.match(/^\d{1,2}:\d{1,2}:\d{1,2}.+$/))
-              unless(buffer.string.empty?)
-                data_io = StringIO.new(buffer.string)
-                tcp_length = read_ip_header(data_io)
-                Log.debug "Got IP package: #{tcp_length}"
-                content_length = read_tcp_header(data_io,tcp_length)
-                Log.debug "Got TCP package: #{content_length}"
-                if(content_length > 0)
-                  content = data_io.read(content_length)
-                  @out.write(content)
-                  @out.flush
-                end
-                buffer = StringIO.new()
-              end
-            else
-              token = line.squeeze(" ").split(" ")[1..-1].join("")
-              0.upto((token.size / 2) - 1){|i|
-                char = token[i*2,2].to_i(16)
-                buffer.putc(char)
-              }
+        IO.popen("#{File.dirname(__FILE__)}/tcpflow -c -B -i #{@interface} tcp and dst #{@dst} and dst port #{@dst_port} 2>/dev/null"){|io|
+          content = ""
+          loop(){
+            content << io.read(1)
+            if(content.match(HEADER_REGEXP))
+              payload = content[0..(-2 - HEADER_LENGTH)]
+              @out.write(payload)
+              @out.flush
+              content = ""
             end
-          }
-        }
+            Log.debug "Network package done"
+          }
+        }
       }
       content = ""
@@ -86,39 +78,6 @@ module Syspy
         return package
       end
       nil
-    end
-    def read_ip_header(io)
-      # read IP version and header length
-      ver_len = Bytes.uint(io)
-      version = ver_len >> 4
-      raise "Invalid IP version: #{version}" unless version == 4 || version == 6
-      header_length = (ver_len & 0x0F) * 4
-      # skip TOS
-      Bytes.uint(io)
-      # get package length
-      content_length = Bytes.uint16be(io)
-      # consume remaining IP header
-      io.read(header_length - 4)
-      content_length - header_length
-    end
-    def read_tcp_header(io, ip_package_size)
-      # skip first 12
-      io.read(12)
-      # get header length
-      tcp_offset = (Bytes.uint(io) >> 4) * 4
-      # consume remaining tcp header
-      io.read(tcp_offset - 13)
-      ip_package_size - tcp_offset
-    end
+    end
   end
 end

metadata CHANGED Viewed

@@ -1,46 +1,35 @@
---- !ruby/object:Gem::Specification
+--- !ruby/object:Gem::Specification
 name: syspy
-version: !ruby/object:Gem::Version
-  hash: 57
+version: !ruby/object:Gem::Version
+  version: 0.0.20
   prerelease:
-  segments:
-  - 0
-  - 0
-  - 19
-  version: 0.0.19
 platform: ruby
-authors:
+authors:
 - Matthias Balmer
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2013-02-14 00:00:00 +01:00
-default_executable:
-dependencies:
-- !ruby/object:Gem::Dependency
+date: 2013-02-14 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
   name: bindata
-  prerelease: false
-  requirement: &id001 !ruby/object:Gem::Requirement
+  requirement: &20472460 !ruby/object:Gem::Requirement
     none: false
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        hash: 3
-        segments:
-        - 0
-        version: "0"
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
   type: :runtime
-  version_requirements: *id001
+  prerelease: false
+  version_requirements: *20472460
 description:
 email: matthias.balmer@sysinf.ch
-executables:
+executables:
 - syspy
 extensions: []
 extra_rdoc_files: []
-files:
+files:
+- lib/tcpflow
 - lib/bytes.rb
 - lib/tds_types.rb
 - lib/tds_tokens.rb
@@ -53,39 +42,29 @@ files:
 - lib/syspy.rb
 - lib/tds_package.rb
 - bin/syspy
-has_rdoc: true
 homepage:
 licenses: []
-post_install_message: To use syspy as standalone application run "sudo syspy <interface> <destination_ip> <destination_port>"
+post_install_message: To use syspy as standalone application run "sudo syspy <interface>
+  <destination_ip> <destination_port>"
 rdoc_options: []
-require_paths:
+require_paths:
 - lib
-required_ruby_version: !ruby/object:Gem::Requirement
+required_ruby_version: !ruby/object:Gem::Requirement
   none: false
-  requirements:
-  - - ">="
-    - !ruby/object:Gem::Version
-      hash: 3
-      segments:
-      - 0
-      version: "0"
-required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
   none: false
-  requirements:
-  - - ">="
-    - !ruby/object:Gem::Version
-      hash: 3
-      segments:
-      - 0
-      version: "0"
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
 requirements: []
 rubyforge_project:
-rubygems_version: 1.4.2
+rubygems_version: 1.8.11
 signing_key:
 specification_version: 3
 summary: Observe TDS packages directly from a network interface
 test_files: []