FlowAnalyzer 0.2.8__py3-none-any.whl → 0.2.9__py3-none-any.whl

FlowAnalyzer/FlowAnalyzer.py

@@ -81,9 +81,15 @@ class FlowAnalyzer:
         for packet in data:
             packet = packet["_source"]["layers"]
             time_epoch = float(packet["frame.time_epoch"][0]) if packet.get("frame.time_epoch") else None
-            full_request = (
-                packet["tcp.reassembled.data"][0] if packet.get("tcp.reassembled.data") else packet["tcp.payload"][0]
-            )
+
+            if packet.get("tcp.reassembled.data"):
+                full_request = packet["tcp.reassembled.data"][0]
+            elif packet.get("tcp.payload"):
+                full_request = packet["tcp.payload"][0]
+            else:
+                # exported_pdu.exported_pdu
+                full_request = packet["exported_pdu.exported_pdu"][0]
+            
             frame_num = int(packet["frame.number"][0]) if packet.get("frame.number") else None
             request_in = int(packet["http.request_in"][0]) if packet.get("http.request_in") else frame_num
             full_uri = (
@@ -140,7 +146,7 @@ class FlowAnalyzer:
         # sourcery skip: replace-interpolation-with-fstring, use-fstring-for-formatting
         # tshark -r {} -Y "{}" -T json -e http.request_number -e http.response_number -e http.request_in -e tcp.reassembled.data -e frame.number -e tcp.payload -e frame.time_epoch -e http.request.full_uri > output.json
         command = (
-            'tshark -r {} -Y "{}" -T json '
+            'tshark -r {} -Y "(tcp.reassembled_in) or ({})" -T json '
             '-e http.request_number '
             '-e http.response_number '
             '-e http.request_in '
@@ -148,6 +154,7 @@ class FlowAnalyzer:
             '-e frame.number '
             '-e tcp.payload '
             '-e frame.time_epoch '
+            '-e exported_pdu.exported_pdu '
             '-e http.request.full_uri '
             '> output.json'.format(
                 fileName, display_filter

{FlowAnalyzer-0.2.8.dist-info → FlowAnalyzer-0.2.9.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: FlowAnalyzer
-Version: 0.2.8
+Version: 0.2.9
 Summary: FlowAnalyzer是一个流量分析器，用于解析和处理tshark导出的JSON数据文件
 Home-page: https://github.com/Byxs20/FlowAnalyzer
 Author: Byxs20
@@ -33,6 +33,8 @@ pip3 install FlowAnalyzer -i https://pypi.org/simple
 
 # Usage
 
+请务必添加 `tshark.exe` 到环境变量，否则找不到会出错！
+
 ```
 $ git clone https://github.com/Byxs20/FlowAnalyzer.git
 $ cd ./FlowAnalyzer/

FlowAnalyzer-0.2.9.dist-info/RECORD

@@ -0,0 +1,8 @@
+FlowAnalyzer/FlowAnalyzer.py,sha256=DjZFYHsI84E_wFJ3aoXttsBgRhLg1i7WP1jfKw46Z3E,10350
+FlowAnalyzer/__init__.py,sha256=vfiHONPTrvjUU3MwhjFOEo3sWfzlhkA6gOLn_4UJ7sg,70
+FlowAnalyzer/logging_config.py,sha256=e-73IByM1TuE2G1isOBvtIcr9XztWqPkGN-VsNEFbvY,671
+FlowAnalyzer-0.2.9.dist-info/LICENSE,sha256=ybAV0ECduYBZCpjkHyNALVWRRmT_eM0BDgqUszhwEFU,1080
+FlowAnalyzer-0.2.9.dist-info/METADATA,sha256=GfmORi_8E-2jABeKp1L1qk53fUZ8_99SASa9RLKokpg,10302
+FlowAnalyzer-0.2.9.dist-info/WHEEL,sha256=pkctZYzUS4AYVn6dJ-7367OJZivF2e8RA9b_ZBjif18,92
+FlowAnalyzer-0.2.9.dist-info/top_level.txt,sha256=2MtvAF6dEe_eHipw_6G5pFLb2uOCbGnlH0bC4iBtm5A,13
+FlowAnalyzer-0.2.9.dist-info/RECORD,,

FlowAnalyzer-0.2.8.dist-info/RECORD

@@ -1,8 +0,0 @@
-FlowAnalyzer/FlowAnalyzer.py,sha256=vpKwZ-OMtKSQBsQKiAtc9MX4laQHfMNxB99bLVmWxVI,10072
-FlowAnalyzer/__init__.py,sha256=vfiHONPTrvjUU3MwhjFOEo3sWfzlhkA6gOLn_4UJ7sg,70
-FlowAnalyzer/logging_config.py,sha256=e-73IByM1TuE2G1isOBvtIcr9XztWqPkGN-VsNEFbvY,671
-FlowAnalyzer-0.2.8.dist-info/LICENSE,sha256=ybAV0ECduYBZCpjkHyNALVWRRmT_eM0BDgqUszhwEFU,1080
-FlowAnalyzer-0.2.8.dist-info/METADATA,sha256=duuhrPGvfKYJronaPUiRXRhhrD_cZ4538FpINGTHcFg,10224
-FlowAnalyzer-0.2.8.dist-info/WHEEL,sha256=pkctZYzUS4AYVn6dJ-7367OJZivF2e8RA9b_ZBjif18,92
-FlowAnalyzer-0.2.8.dist-info/top_level.txt,sha256=2MtvAF6dEe_eHipw_6G5pFLb2uOCbGnlH0bC4iBtm5A,13
-FlowAnalyzer-0.2.8.dist-info/RECORD,,