thm 0.1.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (34) hide show
  1. checksums.yaml +7 -0
  2. data/README.1ST +38 -0
  3. data/README.md +59 -0
  4. data/bin/thm-consumer +89 -0
  5. data/bin/thm-pcap +67 -0
  6. data/bin/thm-producer +102 -0
  7. data/bin/thm-session +319 -0
  8. data/bin/thm-useradmin +75 -0
  9. data/config.rb +30 -0
  10. data/datalayerlight.rb +143 -0
  11. data/js/JSXTransformer.js +15919 -0
  12. data/js/chartkick.js +829 -0
  13. data/js/files/authenticate.jsx +30 -0
  14. data/js/jquery.min.js +5 -0
  15. data/js/marked.min.js +6 -0
  16. data/js/react.js +19602 -0
  17. data/lib/thm.rb +49 -0
  18. data/lib/thm/consumer.rb +228 -0
  19. data/lib/thm/dataservices.rb +73 -0
  20. data/lib/thm/localmachine.rb +170 -0
  21. data/lib/thm/producer.rb +198 -0
  22. data/lib/thm/version.rb +14 -0
  23. data/service_definitions.csv +6366 -0
  24. data/sql/geoipdata-monetdb.sql +111 -0
  25. data/sql/threatmonitor-monetdb.sql +174 -0
  26. data/sql/threatmonitor-mysql.sql +156 -0
  27. data/stylesheets/screen.css +150 -0
  28. data/thm-authentication.rb +65 -0
  29. data/thm-authorization.rb +173 -0
  30. data/thm-privileges.rb +97 -0
  31. data/views/authenticate.slim +18 -0
  32. data/views/dashboard.erb +69 -0
  33. data/views/logout.slim +10 -0
  34. metadata +237 -0
data/lib/thm.rb ADDED
@@ -0,0 +1,49 @@
1
+ ########################################################################
2
+ #
3
+ # Author: Brian Hood
4
+ #
5
+ # Description: Threatmonitor Producer
6
+ #
7
+ # Producer / Consumer controller module
8
+ #
9
+ ########################################################################
10
+
11
+ require 'rubygems'
12
+ require 'amqp'
13
+ require 'bunny'
14
+ require 'eventmachine'
15
+ require 'guid'
16
+ require 'yaml'
17
+ require 'pcaplet'
18
+ require 'pcaprub' # For Live capture / write
19
+ #require '../datalayerlight.rb'
20
+ require File.expand_path(File.join(
21
+ File.dirname(__FILE__),
22
+ "../datalayerlight.rb"))
23
+ include Pcap
24
+
25
+ # TODO
26
+ #
27
+ # Create def's for that packet SQL / Refactor to provent code duplication
28
+ # Create def's for Hash table YAML same idea as above.
29
+
30
+ module Tools
31
+
32
+ class << self
33
+
34
+ def guid
35
+ guid = Guid.new # Generate GUID
36
+ end
37
+
38
+ end
39
+
40
+ end
41
+
42
+ # Load Datasources
43
+ require "#{File.dirname(__FILE__)}/thm/dataservices.rb"
44
+ require "#{File.dirname(__FILE__)}/thm/producer.rb"
45
+ require "#{File.dirname(__FILE__)}/thm/consumer.rb"
46
+ require "#{File.dirname(__FILE__)}/thm/localmachine.rb"
47
+ require "#{File.dirname(__FILE__)}/thm/version.rb"
48
+
49
+
data/lib/thm/consumer.rb ADDED
@@ -0,0 +1,228 @@
1
+
2
+ trap("INT") {
3
+
4
+ if EM.reactor_running? == true
5
+ puts "Exiting Reactor thread ..."
6
+ EventMachine.stop
7
+ end
8
+ exit
9
+ }
10
+
11
+ module Thm
12
+
13
+ # Bulk load from queue YAML into Database
14
+
15
+ class Consumer < DataServices
16
+
17
+ def from_mq_to_db
18
+ # TODO: Test this.
19
+ # Process ippacket queue first.
20
+ n = 0
21
+ # Using AMQP Gem here as Bunny never exits the thread so i can't move on to TCP / UDP probably migrate all to this gem.
22
+ banner = "\e[1;34mStage 1: Load IP Packet data \e[0m\ \n"
23
+ banner << "\e[1;34m=================================\e[0m\ \n"
24
+ puts banner
25
+ EM.run do
26
+ connection = AMQP.connect(:host => "#{@mqhost}", :user => "#{@mquser}", :pass => "#{@mqpass}", :vhost => "#{@mqvhost}")
27
+ puts "Connected to AMQP broker. Running #{AMQP::VERSION}"
28
+ channel = AMQP::Channel.new(connection)
29
+ puts "Queue: #{@queueprefix}_ippacket"
30
+ queue = channel.queue("#{@queueprefix}_ippacket")
31
+ exchange = channel.direct("")
32
+ t = 0
33
+ queue.bind("#{@queueprefix}_ippacket").subscribe do |metadata, body|
34
+ #puts "MSGID: [#{n}] Received #{body}"
35
+ ipdata = YAML.load(body).to_a
36
+ ipdatadim = ipdata[0][1]
37
+ ip_packet = "INSERT INTO #{@tblname_ippacket} "
38
+ ip_packet << "(guid, recv_date, ip_df, ip_dst, ip_hlen, ip_id, ip_len, ip_mf, ip_off, ip_proto, ip_src, ip_sum, ip_tos, ip_ttl, ip_ver) "
39
+ ip_packet << "VALUES ("
40
+ ip_packet << "'#{ipdatadim["guid"]}',"
41
+ ip_packet << "'#{ipdatadim["recv_date"]}',"
42
+ ip_df = ipdatadim["ip_df"].to_s # Due to TrueClass issues will have a look later
43
+ if ip_df == "true"
44
+ ip_packet << "'Y',"
45
+ else
46
+ ip_packet << "'N',"
47
+ end
48
+ ip_packet << "'#{ipdatadim["ip_dst"]}',"
49
+ ip_packet << "'#{ipdatadim["ip_hlen"]}',"
50
+ ip_packet << "'#{ipdatadim["ip_id"]}',"
51
+ ip_packet << "'#{ipdatadim["ip_len"]}',"
52
+ ip_mf = ipdatadim["ip_mf"].to_s
53
+ if ip_mf == "true"
54
+ ip_packet << "'Y',"
55
+ else
56
+ ip_packet << "'N',"
57
+ end
58
+ ip_packet << "'#{ipdatadim["ip_off"]}',"
59
+ ip_packet << "'#{ipdatadim["ip_proto"]}',"
60
+ ip_packet << "'#{ipdatadim["ip_src"]}',"
61
+ ip_packet << "'#{ipdatadim["ip_sum"]}',"
62
+ ip_packet << "'#{ipdatadim["ip_tos"]}',"
63
+ ip_packet << "'#{ipdatadim["ip_ttl"]}',"
64
+ ip_packet << "'#{ipdatadim["ip_ver"]}');"
65
+ if t == 50
66
+ puts "\e[1;32m\ MSGID:\e[0m\ [#{n}] \e[1;32m\Generated SQL:\e[0m\ #{ip_packet}"
67
+ t = 0
68
+ end
69
+ t = t + 1 unless t == 50
70
+ res = @conn.query("#{ip_packet}")
71
+ @conn.save
72
+ n = n + 1
73
+ connection.close { EventMachine.stop }
74
+ end
75
+ end
76
+ ipcount = n
77
+ @conn.release
78
+ @conn.commit
79
+
80
+ # TCP Packet
81
+ n = 0
82
+ banner = "\e[1;34mStage 2: Load TCP Packet data \e[0m\ \n"
83
+ banner << "\e[1;34m=================================\e[0m\ \n"
84
+ puts banner
85
+ EM.run do
86
+ connection = AMQP.connect(:host => "#{@mqhost}", :user => "#{@mquser}", :pass => "#{@mqpass}", :vhost => "#{@mqvhost}")
87
+ puts "Connected to AMQP broker. Running #{AMQP::VERSION}"
88
+ channel = AMQP::Channel.new(connection)
89
+ puts "Queue: #{@queueprefix}_tcppacket"
90
+ queue = channel.queue("#{@queueprefix}_tcppacket")
91
+ exchange = channel.direct("")
92
+ t = 0
93
+ queue.bind("#{@queueprefix}_tcppacket").subscribe do |metadata, body|
94
+ #puts "MSGID: [#{n}] Received #{body}"
95
+ tcpdata = YAML.load(body).to_a
96
+ tcpdatadim = tcpdata[0][1]
97
+ tcp_packet = "INSERT INTO #{@tblname_tcppacket} "
98
+ tcp_packet << "(guid, recv_date, tcp_data_len, tcp_dport, tcp_ack, tcp_fin, tcp_syn, tcp_rst, tcp_psh, tcp_urg, tcp_off, tcp_hlen, tcp_seq, tcp_sum, tcp_sport, tcp_urp, "
99
+ tcp_packet << "tcp_win) "
100
+ tcp_packet << "VALUES ("
101
+ tcp_packet << "'#{tcpdatadim["guid"]}',"
102
+ tcp_packet << "'#{tcpdatadim["recv_date"]}', "
103
+ tcp_packet << "#{tcpdatadim["tcp_data_len"]},"
104
+ tcp_packet << "#{tcpdatadim["tcp_dport"]},"
105
+ tcp_ack = tcpdatadim["tcp_ack"].to_s
106
+ if tcp_ack == "true"
107
+ tcp_packet << "'Y',"
108
+ else
109
+ tcp_packet << "'N',"
110
+ end
111
+ tcp_fin = tcpdatadim["tcp_fin"].to_s
112
+ if tcp_fin == "true"
113
+ tcp_packet << "'Y',"
114
+ else
115
+ tcp_packet << "'N',"
116
+ end
117
+ tcp_syn = tcpdatadim["tcp_syn"].to_s
118
+ if tcp_syn == "true"
119
+ tcp_packet << "'Y',"
120
+ else
121
+ tcp_packet << "'N',"
122
+ end
123
+ tcp_rst = tcpdatadim["tcp_rst"].to_s
124
+ if tcp_rst == "true"
125
+ tcp_packet << "'Y',"
126
+ else
127
+ tcp_packet << "'N',"
128
+ end
129
+ tcp_psh = tcpdatadim["tcp_psh"].to_s
130
+ if tcp_psh == "true"
131
+ tcp_packet << "'Y',"
132
+ else
133
+ tcp_packet << "'N',"
134
+ end
135
+ tcp_urg = tcpdatadim["tcp_urg"].to_s
136
+ if tcp_urg == "true"
137
+ tcp_packet << "'Y',"
138
+ else
139
+ tcp_packet << "'N',"
140
+ end
141
+ tcp_packet << "#{tcpdatadim["tcp_off"]}, #{tcpdatadim["tcp_hlen"]}, #{tcpdatadim["tcp_seq"]}, #{tcpdatadim["tcp_sum"]}, #{tcpdatadim["tcp_sport"]}, #{tcpdatadim["tcp_urp"]}, #{tcpdatadim["tcp_win"]});"
142
+ if t == 50
143
+ puts "\e[1;32m\ MSGID:\e[0m\ [#{n}] \e[1;32m\Generated SQL:\e[0m\ #{tcp_packet}"
144
+ t = 0
145
+ end
146
+ t = t + 1 unless t == 50
147
+ res = @conn.query("#{tcp_packet}")
148
+ @conn.save
149
+ n = n + 1
150
+ connection.close { EventMachine.stop }
151
+ end
152
+ end
153
+ tcpcount = n
154
+ @conn.release
155
+ @conn.commit
156
+
157
+ # UDP Packet
158
+ n = 0
159
+ banner = "\e[1;34mStage 2: Load UDP Packet data \e[0m\ \n"
160
+ banner << "\e[1;34m=================================\e[0m\ \n"
161
+ puts banner
162
+ EM.run do
163
+ connection = AMQP.connect(:host => "#{@mqhost}", :user => "#{@mquser}", :pass => "#{@mqpass}", :vhost => "#{@mqvhost}")
164
+ puts "Connected to AMQP broker. Running #{AMQP::VERSION}"
165
+ channel = AMQP::Channel.new(connection)
166
+ puts "Queue: #{@queueprefix}_udppacket"
167
+ queue = channel.queue("#{@queueprefix}_udppacket")
168
+ exchange = channel.direct("")
169
+ t = 0
170
+ queue.bind("#{@queueprefix}_udppacket").subscribe do |metadata, body|
171
+ #puts "MSGID: [#{n}] Received #{body}"
172
+ udpdata = YAML.load(body).to_a
173
+ udpdatadim = udpdata[0][1]
174
+ udp_packet = "INSERT INTO #{@tblname_udppacket} "
175
+ udp_packet << "(guid,"
176
+ udp_packet << "recv_date,"
177
+ udp_packet << "udp_dport,"
178
+ udp_packet << "udp_len,"
179
+ udp_packet << "udp_sum,"
180
+ udp_packet << "udp_sport) "
181
+ udp_packet << "VALUES ("
182
+ udp_packet << "'#{udpdatadim["guid"]}',"
183
+ udp_packet << "'#{udpdatadim["recv_date"]}',"
184
+ udp_packet << "'#{udpdatadim["udp_dport"]}',"
185
+ udp_packet << "'#{udpdatadim["udp_len"]}',"
186
+ udp_packet << "'#{udpdatadim["udp_sum"]}',"
187
+ udp_packet << "'#{udpdatadim["udp_sport"]}');"
188
+ if t == 50
189
+ puts "\e[1;32m\ MSGID:\e[0m\ [#{n}] \e[1;32m\Generated SQL:\e[0m\ #{udp_packet}"
190
+ t = 0
191
+ end
192
+ t = t + 1 unless t == 50
193
+ res = @conn.query("#{udp_packet}")
194
+ @conn.save
195
+ n = n + 1
196
+ connection.close { EventMachine.stop }
197
+ end
198
+ end
199
+ udpcount = n
200
+ @conn.release
201
+ @conn.commit
202
+ totals = "\e[1;31m=======================================================================\e[0m\ \n"
203
+ totals << "\e[1;31mPackets Total | IP: #{ipcount} | TCP: #{tcpcount} | UDP: #{udpcount}\e[0m\ \n"
204
+ totals << "\e[1;31m======================================================================\e[0m\ \n"
205
+ puts totals
206
+
207
+ end
208
+
209
+ def infinite
210
+ puts "\e[1;31mStarting Consumer in infinite mode"
211
+ puts "\e[1;31m==================================\n"
212
+ puts "NOTE: Only should be used for live captures\n"
213
+ loop {
214
+ from_mq_to_db
215
+ }
216
+ end
217
+
218
+ def passes(passes)
219
+ puts "\e[1;31mStarting Consumer for #{passes} passes"
220
+ puts "\e[1;31m======================================="
221
+ passes.times {
222
+ from_mq_to_db
223
+ }
224
+ end
225
+
226
+ end
227
+
228
+ end
data/lib/thm/dataservices.rb ADDED
@@ -0,0 +1,73 @@
1
+ module Thm
2
+
3
+ class DataServices
4
+
5
+ # This class provides all the core functionality to the lower level DatalayerLight
6
+ #
7
+ # Example variables
8
+ #
9
+ # obj = Thm::Producer.new
10
+ # obj.mqhost = "127.0.0.1"
11
+ # obj.mquser = "test"
12
+ # obj.mqpass = "setone"
13
+ # obj.mqconnect
14
+ # obj.dbconnect
15
+
16
+ attr_accessor :datastore, :mqhost, :mquser, :mqpass, :mqvhost, :dbhost, :dbuser, :dbpass, :dbname, :queueprefix, :tblname_ippacket, :tblname_tcppacket, :tblname_udppacket
17
+
18
+ def initialize
19
+ @datastore = "monetdb"
20
+ @mqhost = "127.0.0.1"
21
+ @mquser = "traffic"
22
+ @mqpass = "dk3rbi9l"
23
+ @mqvhost = "/"
24
+ @dbhost = "127.0.0.1"
25
+ @dbuser = "threatmonitor"
26
+ @dbpass = "dk3rbi9l"
27
+ @dbname = "threatmonitor"
28
+ @queueprefix = "cactus" # Queue names will be come prefixed with cactus_ippacket etc ..
29
+ # Implement tblname for table freedom
30
+ @tblname_ippacket = "ippacket"
31
+ @tblname_tcppacket = "tcppacket"
32
+ @tblname_udppacket = "udppacket"
33
+ @mqconn = Bunny.new(:hostname => "#{@mqhost}", :user => "#{@mquser}", :pass => "#{@mqpass}", :vhost => "#{@mqvhost}")
34
+ end
35
+
36
+ def mqconnect
37
+ @mqconn.start
38
+ @ch = @mqconn.create_channel
39
+ end
40
+
41
+ def mqclose
42
+ @conn.close
43
+ end
44
+
45
+ def dbconnect
46
+ if @datastore == "mysql"
47
+ @conn = DatalayerLight::MySQLDrv.new
48
+ puts "Using MySQL Datasource"
49
+ elsif @datastore == "monetdb"
50
+ @conn = DatalayerLight::MonetDBDrv.new
51
+ puts "Using MonetDB Datasource"
52
+ end
53
+ @conn.hostname = @dbhost
54
+ @conn.username = @dbuser
55
+ @conn.password = @dbpass
56
+ @conn.dbname = @dbname
57
+ @conn.autocommit = false
58
+ begin
59
+ @conn.connect
60
+ rescue Errno::ECONNREFUSED
61
+ puts "Database not running!"
62
+ puts "Bye!"
63
+ exit
64
+ end
65
+ end
66
+
67
+ def query(sql)
68
+ res = @conn.query("#{sql}")
69
+ end
70
+
71
+ end
72
+
73
+ end
data/lib/thm/localmachine.rb ADDED
@@ -0,0 +1,170 @@
1
+
2
+ module Thm
3
+
4
+ # Process data from / to local files.
5
+
6
+ class Localmachine < DataServices
7
+
8
+ # We have to use a different Gem here called pcaprub that supports live interface / dumping mode.
9
+
10
+ def from_pcap_to_disk(interface, dumpfile)
11
+ puts "Capturing Live data... "
12
+ begin
13
+ capture = PCAPRUB::Pcap.open_live("#{interface}", 65535, true, 0)
14
+ puts "Writing to file ..."
15
+ puts "Press CTRL+C to exit ..."
16
+ dumper = capture.dump_open("#{dumpfile}")
17
+ capture_packets = 100
18
+ capture.each {|pkt|
19
+ capture.dump(pkt.length, pkt.length, pkt)
20
+ }
21
+ capture.dump_close
22
+ rescue
23
+ puts "Make sure the interface name is correct and you have enough disk space"
24
+ exit
25
+ end
26
+ end
27
+
28
+ # We can inject packets into an interface DANGEROUS !!!
29
+
30
+ def from_pcap_to_interface_injection(interface, inputdumpfile)
31
+ # NOTES
32
+ # Src / Dst rewriting ip_src, ip_dst
33
+ end
34
+
35
+ # From Pcap file to Datastore
36
+
37
+ def from_pcap_db(pcapfile)
38
+ t, n, s, v, x, z = 0, 0, 0, 0, 0, 0
39
+ ipcount, tcpcount, udpcount = 0, 0, 0
40
+ inp = Pcap::Capture.open_offline(pcapfile)
41
+ inp.each_packet do |pkt|
42
+ guid = Tools::guid # IP / TCP / UDP relationship
43
+ dtime = Time.now
44
+ # IP Packet
45
+ if pkt.ip?
46
+ ip_packet = "INSERT INTO #{@tblname_ippacket} "
47
+ ip_packet << "(guid, recv_date, ip_df, ip_dst, ip_hlen, ip_id, ip_len, ip_mf, ip_off, ip_proto, ip_src, ip_sum, ip_tos, ip_ttl, ip_ver) "
48
+ ip_packet << "VALUES ("
49
+ ip_packet << "'#{guid}',"
50
+ ip_packet << "'#{dtime}',"
51
+ if pkt.ip_df? == true
52
+ ip_packet << "'Y',"
53
+ else
54
+ ip_packet << "'N',"
55
+ end
56
+ ip_packet << "'#{pkt.ip_dst}',"
57
+ ip_packet << "'#{pkt.ip_hlen}',"
58
+ ip_packet << "'#{pkt.ip_id}',"
59
+ ip_packet << "'#{pkt.ip_len}',"
60
+ if pkt.ip_mf? == true
61
+ ip_packet << "'Y',"
62
+ else
63
+ ip_packet << "'N',"
64
+ end
65
+ ip_packet << "'#{pkt.ip_off}',"
66
+ ip_packet << "'#{pkt.ip_proto}',"
67
+ ip_packet << "'#{pkt.ip_src}',"
68
+ ip_packet << "'#{pkt.ip_sum}',"
69
+ ip_packet << "'#{pkt.ip_tos}',"
70
+ ip_packet << "'#{pkt.ip_ttl}',"
71
+ ip_packet << "'#{pkt.ip_ver}');"
72
+ if t == 50
73
+ puts "\e[1;32m\ MSGID:\e[0m\ [#{n}] \e[1;32m\Generated SQL:\e[0m\ #{ip_packet}"
74
+ t = 0
75
+ end
76
+ t = t + 1 unless t == 50
77
+ res = @conn.query("#{ip_packet}")
78
+ @conn.save
79
+ n = n + 1
80
+ end
81
+ # TCP Packet
82
+ if pkt.tcp?
83
+ tcp_packet = "INSERT INTO #{@tblname_tcppacket} "
84
+ tcp_packet << "(guid, recv_date, tcp_data_len, tcp_dport, tcp_ack, tcp_fin, tcp_syn, tcp_rst, tcp_psh, tcp_urg, tcp_off, tcp_hlen, tcp_seq, tcp_sum, tcp_sport, tcp_urp, "
85
+ tcp_packet << "tcp_win) "
86
+ tcp_packet << "VALUES ("
87
+ tcp_packet << "'#{guid}',"
88
+ tcp_packet << "'#{dtime}', "
89
+ tcp_packet << "#{pkt.tcp_data_len},"
90
+ tcp_packet << "#{pkt.tcp_dport},"
91
+ if pkt.tcp_ack? == true
92
+ tcp_packet << "'Y',"
93
+ else
94
+ tcp_packet << "'N',"
95
+ end
96
+ if pkt.tcp_fin? == true
97
+ tcp_packet << "'Y',"
98
+ else
99
+ tcp_packet << "'N',"
100
+ end
101
+ if pkt.tcp_syn? == true
102
+ tcp_packet << "'Y',"
103
+ else
104
+ tcp_packet << "'N',"
105
+ end
106
+ if pkt.tcp_rst? == true
107
+ tcp_packet << "'Y',"
108
+ else
109
+ tcp_packet << "'N',"
110
+ end
111
+ if pkt.tcp_psh? == true
112
+ tcp_packet << "'Y',"
113
+ else
114
+ tcp_packet << "'N',"
115
+ end
116
+ if pkt.tcp_urg? == true
117
+ tcp_packet << "'Y',"
118
+ else
119
+ tcp_packet << "'N',"
120
+ end
121
+ tcp_packet << "#{pkt.tcp_off}, #{pkt.tcp_hlen}, #{pkt.tcp_seq}, #{pkt.tcp_sum}, #{pkt.tcp_sport}, #{pkt.tcp_urp}, #{pkt.tcp_win});"
122
+ if s == 50
123
+ puts "\e[1;32m\ MSGID:\e[0m\ [#{v}] \e[1;32m\Generated SQL:\e[0m\ #{tcp_packet}"
124
+ s = 0
125
+ end
126
+ s = s + 1 unless s == 50
127
+ res = @conn.query("#{tcp_packet}")
128
+ @conn.save
129
+ v = v + 1
130
+ end
131
+ # UDP Packet
132
+ if pkt.udp?
133
+ udp_packet = "INSERT INTO #{@tblname_udppacket} "
134
+ udp_packet << "(guid,"
135
+ udp_packet << "recv_date,"
136
+ udp_packet << "udp_dport,"
137
+ udp_packet << "udp_len,"
138
+ udp_packet << "udp_sum,"
139
+ udp_packet << "udp_sport) "
140
+ udp_packet << "VALUES ("
141
+ udp_packet << "'#{guid}',"
142
+ udp_packet << "'#{dtime}',"
143
+ udp_packet << "'#{pkt.udp_dport}',"
144
+ udp_packet << "'#{pkt.udp_len}',"
145
+ udp_packet << "'#{pkt.udp_sum}',"
146
+ udp_packet << "'#{pkt.udp_sport}');"
147
+ if x == 50
148
+ puts "\e[1;32m\ MSGID:\e[0m\ [#{z}] \e[1;32m\Generated SQL:\e[0m\ #{udp_packet}"
149
+ x = 0
150
+ end
151
+ x = x + 1 unless x == 50
152
+ res = @conn.query("#{udp_packet}")
153
+ @conn.save
154
+ z = z + 1
155
+ end
156
+ ipcount = n
157
+ tcpcount = v
158
+ udpcount = z
159
+ end
160
+ @conn.release
161
+ @conn.commit
162
+ totals = "\e[1;31m=======================================================================\e[0m\ \n"
163
+ totals << "\e[1;31mPackets Total | IP: #{ipcount} | TCP: #{tcpcount} | UDP: #{udpcount}\e[0m\ \n"
164
+ totals << "\e[1;31m======================================================================\e[0m\ \n"
165
+ puts totals
166
+ end
167
+
168
+ end
169
+
170
+ end