FlowAnalyzer 0.2.8__tar.gz → 0.2.9__tar.gz

{FlowAnalyzer-0.2.8 → FlowAnalyzer-0.2.9}/FlowAnalyzer/FlowAnalyzer.py

@@ -81,9 +81,15 @@ class FlowAnalyzer:
         for packet in data:
             packet = packet["_source"]["layers"]
             time_epoch = float(packet["frame.time_epoch"][0]) if packet.get("frame.time_epoch") else None
-            full_request = (
-                packet["tcp.reassembled.data"][0] if packet.get("tcp.reassembled.data") else packet["tcp.payload"][0]
-            )
+
+            if packet.get("tcp.reassembled.data"):
+                full_request = packet["tcp.reassembled.data"][0]
+            elif packet.get("tcp.payload"):
+                full_request = packet["tcp.payload"][0]
+            else:
+                # exported_pdu.exported_pdu
+                full_request = packet["exported_pdu.exported_pdu"][0]
+            
             frame_num = int(packet["frame.number"][0]) if packet.get("frame.number") else None
             request_in = int(packet["http.request_in"][0]) if packet.get("http.request_in") else frame_num
             full_uri = (
@@ -140,7 +146,7 @@ class FlowAnalyzer:
         # sourcery skip: replace-interpolation-with-fstring, use-fstring-for-formatting
         # tshark -r {} -Y "{}" -T json -e http.request_number -e http.response_number -e http.request_in -e tcp.reassembled.data -e frame.number -e tcp.payload -e frame.time_epoch -e http.request.full_uri > output.json
         command = (
-            'tshark -r {} -Y "{}" -T json '
+            'tshark -r {} -Y "(tcp.reassembled_in) or ({})" -T json '
             '-e http.request_number '
             '-e http.response_number '
             '-e http.request_in '
@@ -148,6 +154,7 @@ class FlowAnalyzer:
             '-e frame.number '
             '-e tcp.payload '
             '-e frame.time_epoch '
+            '-e exported_pdu.exported_pdu '
             '-e http.request.full_uri '
             '> output.json'.format(
                 fileName, display_filter

{FlowAnalyzer-0.2.8 → FlowAnalyzer-0.2.9}/FlowAnalyzer.egg-info/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: FlowAnalyzer
-Version: 0.2.8
+Version: 0.2.9
 Summary: FlowAnalyzer是一个流量分析器，用于解析和处理tshark导出的JSON数据文件
 Home-page: https://github.com/Byxs20/FlowAnalyzer
 Author: Byxs20
@@ -22,6 +22,8 @@ Description: # FlowAnalyzer
         
         # Usage
         
+        请务必添加 `tshark.exe` 到环境变量，否则找不到会出错！
+        
         ```
         $ git clone https://github.com/Byxs20/FlowAnalyzer.git
         $ cd ./FlowAnalyzer/

{FlowAnalyzer-0.2.8 → FlowAnalyzer-0.2.9}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: FlowAnalyzer
-Version: 0.2.8
+Version: 0.2.9
 Summary: FlowAnalyzer是一个流量分析器，用于解析和处理tshark导出的JSON数据文件
 Home-page: https://github.com/Byxs20/FlowAnalyzer
 Author: Byxs20
@@ -22,6 +22,8 @@ Description: # FlowAnalyzer
         
         # Usage
         
+        请务必添加 `tshark.exe` 到环境变量，否则找不到会出错！
+        
         ```
         $ git clone https://github.com/Byxs20/FlowAnalyzer.git
         $ cd ./FlowAnalyzer/

{FlowAnalyzer-0.2.8 → FlowAnalyzer-0.2.9}/README.md

@@ -14,6 +14,8 @@ pip3 install FlowAnalyzer -i https://pypi.org/simple
 
 # Usage
 
+请务必添加 `tshark.exe` 到环境变量，否则找不到会出错！
+
 ```
 $ git clone https://github.com/Byxs20/FlowAnalyzer.git
 $ cd ./FlowAnalyzer/

{FlowAnalyzer-0.2.8 → FlowAnalyzer-0.2.9}/setup.py

@@ -7,7 +7,7 @@ with open(os.path.join(os.path.dirname(__file__), "README.md"), encoding="utf-8"
 
 setup(
     name="FlowAnalyzer",
-    version="0.2.8",
+    version="0.2.9",
     description="FlowAnalyzer是一个流量分析器，用于解析和处理tshark导出的JSON数据文件",
     author="Byxs20",
     author_email="97766819@qq.com",