FlowAnalyzer 0.3.3__py3-none-any.whl → 0.3.5__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -2,16 +2,14 @@ import contextlib
2
2
  import gzip
3
3
  import hashlib
4
4
  import json
5
- import logging
6
5
  import os
7
6
  import shutil
8
7
  import subprocess
9
8
  from typing import Dict, Iterable, NamedTuple, Optional, Tuple
10
9
  from urllib import parse
11
10
 
12
- from .logging_config import configure_logger
13
-
14
- logger = configure_logger("FlowAnalyzer", logging.INFO)
11
+ from .logging_config import logger
12
+ from .Path import get_default_tshark_path
15
13
 
16
14
 
17
15
  class Request(NamedTuple):
@@ -79,10 +77,6 @@ class FlowAnalyzer:
79
77
  Tuple[int, int, float, str, str]
80
78
  frame_num, request_in, time_epoch, full_uri, full_request
81
79
  """
82
- # frame_num = int(packet["frame.number"][0]) if packet.get("frame.number") else None
83
- # time_epoch = float(packet["frame.time_epoch"][0]) if packet.get("frame.time_epoch") else None
84
- # full_uri = parse.unquote(packet["http.request.full_uri"][0]) if packet.get("http.request.full_uri") else None
85
-
86
80
  frame_num = int(packet["frame.number"][0])
87
81
  request_in = int(packet["http.request_in"][0]) if packet.get("http.request_in") else frame_num
88
82
  full_uri = parse.unquote(packet["http.request.full_uri"][0]) if packet.get("http.request.full_uri") else ""
@@ -160,16 +154,19 @@ class FlowAnalyzer:
160
154
  return hashlib.md5(f.read() + display_filter.encode()).hexdigest()
161
155
 
162
156
  @staticmethod
163
- def extract_json_file(fileName: str, display_filter: str, tshark_workDir: str) -> None:
157
+ def extract_json_file(fileName: str, display_filter: str, tshark_workDir: str, tshark_path: str) -> None:
164
158
  # sourcery skip: replace-interpolation-with-fstring, use-fstring-for-formatting
165
- # tshark -r {} -Y "{}" -T json -e http.request_number -e http.response_number -e http.request_in -e tcp.reassembled.data -e frame.number -e tcp.payload -e frame.time_epoch -e http.request.full_uri > output.json
166
-
167
159
  command = [
168
- "tshark", "-r", fileName,
160
+ tshark_path,
161
+ "-r", fileName,
169
162
  "-Y", f"(tcp.reassembled_in) or ({display_filter})",
170
163
  "-T", "json",
171
- "-e", "http.request_number", "-e", "http.response_number", "-e", "http.request_in",
172
- "-e", "tcp.reassembled.data", "-e", "frame.number", "-e", "tcp.payload",
164
+ "-e", "http.request_number",
165
+ "-e", "http.response_number",
166
+ "-e", "http.request_in",
167
+ "-e", "tcp.reassembled.data",
168
+ "-e", "frame.number",
169
+ "-e", "tcp.payload",
173
170
  "-e", "frame.time_epoch",
174
171
  "-e", "exported_pdu.exported_pdu",
175
172
  "-e", "http.request.full_uri",
@@ -193,7 +190,7 @@ class FlowAnalyzer:
193
190
  json.dump(data, f, indent=2)
194
191
 
195
192
  @staticmethod
196
- def get_json_data(filePath: str, display_filter: str) -> str:
193
+ def get_json_data(filePath: str, display_filter: str, tshark_path: Optional[str] = None) -> str:
197
194
  # sourcery skip: replace-interpolation-with-fstring
198
195
  """获取JSON数据并保存至文件,保存目录是当前工作目录,也就是您运行脚本所在目录
199
196
 
@@ -214,7 +211,7 @@ class FlowAnalyzer:
214
211
 
215
212
  MD5Sum = FlowAnalyzer.get_hash(filePath, display_filter)
216
213
  workDir = os.getcwd()
217
- tshark_workDir = os.path.dirname(filePath)
214
+ tshark_workDir = os.path.dirname(os.path.abspath(filePath))
218
215
  tshark_jsonPath = os.path.join(tshark_workDir, "output.json")
219
216
  jsonWordPath = os.path.join(workDir, "output.json")
220
217
  fileName = os.path.basename(filePath)
@@ -225,11 +222,35 @@ class FlowAnalyzer:
225
222
  if data[0].get("MD5Sum") == MD5Sum:
226
223
  logger.debug("匹配HASH校验无误,自动返回Json文件路径!")
227
224
  return jsonWordPath
228
-
229
- FlowAnalyzer.extract_json_file(fileName, display_filter, tshark_workDir)
225
+
226
+ tshark_path = FlowAnalyzer.get_tshark_path(tshark_path)
227
+ FlowAnalyzer.extract_json_file(fileName, display_filter, tshark_workDir, tshark_path)
230
228
  FlowAnalyzer.move_and_addMD5Sum(tshark_jsonPath, jsonWordPath, MD5Sum)
231
229
  return jsonWordPath
232
230
 
231
+ @staticmethod
232
+ def get_tshark_path(tshark_path: Optional[str]) -> str:
233
+ default_tshark_path = get_default_tshark_path()
234
+ if not os.path.exists(default_tshark_path):
235
+ logger.debug("没有检测到tshark存在, 请查看并检查tshark_path")
236
+
237
+ if tshark_path is None:
238
+ logger.debug("您没有传入tshark_path, 请传入tshark_path")
239
+ elif not os.path.exists(tshark_path):
240
+ logger.debug("传入的tshark_path不存在, 请查看并检查tshark_path")
241
+
242
+ use_tshark_path = None
243
+ if os.path.exists(default_tshark_path):
244
+ use_tshark_path = default_tshark_path
245
+
246
+ if tshark_path is not None and os.path.exists(tshark_path):
247
+ use_tshark_path = tshark_path
248
+
249
+ if use_tshark_path is None:
250
+ logger.critical("您没有配置 tshark_path 并且没有在参数中传入 tshark_path")
251
+ exit(-1)
252
+ return use_tshark_path
253
+
233
254
  def Split_HTTP_headers(self, file_data: bytes) -> Tuple[bytes, bytes]:
234
255
  # sourcery skip: use-named-expression
235
256
  headerEnd = file_data.find(b"\r\n\r\n")
FlowAnalyzer/Path.py ADDED
@@ -0,0 +1,5 @@
1
+ # windows
2
+ tshark_path = r"C:\Program Files\Wireshark\tshark.exe"
3
+
4
+ def get_default_tshark_path() -> str:
5
+ return tshark_path
@@ -15,6 +15,8 @@ def configure_logger(logger_name, level=logging.DEBUG) -> logging.Logger:
15
15
  console_handler.setFormatter(formatter)
16
16
  return logger
17
17
 
18
+ logger = configure_logger("FlowAnalyzer", logging.INFO)
19
+
18
20
  if __name__ == '__main__':
19
21
  logger = configure_logger("FlowAnalyzer")
20
22
  logger.info("This is a test!")
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.1
2
2
  Name: FlowAnalyzer
3
- Version: 0.3.3
3
+ Version: 0.3.5
4
4
  Summary: FlowAnalyzer是一个流量分析器,用于解析和处理tshark导出的JSON数据文件
5
5
  Home-page: https://github.com/Byxs20/FlowAnalyzer
6
6
  Author: Byxs20
@@ -0,0 +1,9 @@
1
+ FlowAnalyzer/FlowAnalyzer.py,sha256=O5DAdxJl62gQeDWvrfXcUrwx0Y921w6z44XvSNO-el4,11889
2
+ FlowAnalyzer/Path.py,sha256=E5VvucTftp8VTQUffFzFWHotQEYtZL-j7IQPOaleiug,130
3
+ FlowAnalyzer/__init__.py,sha256=vfiHONPTrvjUU3MwhjFOEo3sWfzlhkA6gOLn_4UJ7sg,70
4
+ FlowAnalyzer/logging_config.py,sha256=-RntNJhrBiW7ToXIP1WJjZ4Yf9jmZQ1PTX_er3tDxhw,730
5
+ FlowAnalyzer-0.3.5.dist-info/LICENSE,sha256=ybAV0ECduYBZCpjkHyNALVWRRmT_eM0BDgqUszhwEFU,1080
6
+ FlowAnalyzer-0.3.5.dist-info/METADATA,sha256=KIwesNmg_yN7DRPWbv49jw2DaYRJIZW_BeL0BoQoTwA,10288
7
+ FlowAnalyzer-0.3.5.dist-info/WHEEL,sha256=R0nc6qTxuoLk7ShA2_Y-UWkN8ZdfDBG2B6Eqpz2WXbs,91
8
+ FlowAnalyzer-0.3.5.dist-info/top_level.txt,sha256=2MtvAF6dEe_eHipw_6G5pFLb2uOCbGnlH0bC4iBtm5A,13
9
+ FlowAnalyzer-0.3.5.dist-info/RECORD,,
@@ -1,8 +0,0 @@
1
- FlowAnalyzer/FlowAnalyzer.py,sha256=LpTPzcikRpeTOfNumMM8Kd08Jh8nQkC6jOx27EsD-yk,11285
2
- FlowAnalyzer/__init__.py,sha256=vfiHONPTrvjUU3MwhjFOEo3sWfzlhkA6gOLn_4UJ7sg,70
3
- FlowAnalyzer/logging_config.py,sha256=e-73IByM1TuE2G1isOBvtIcr9XztWqPkGN-VsNEFbvY,671
4
- FlowAnalyzer-0.3.3.dist-info/LICENSE,sha256=ybAV0ECduYBZCpjkHyNALVWRRmT_eM0BDgqUszhwEFU,1080
5
- FlowAnalyzer-0.3.3.dist-info/METADATA,sha256=9HR-TIXj1i7kLgpfpQ7blxf55pOoOp-n5_je_nNb_vk,10288
6
- FlowAnalyzer-0.3.3.dist-info/WHEEL,sha256=R0nc6qTxuoLk7ShA2_Y-UWkN8ZdfDBG2B6Eqpz2WXbs,91
7
- FlowAnalyzer-0.3.3.dist-info/top_level.txt,sha256=2MtvAF6dEe_eHipw_6G5pFLb2uOCbGnlH0bC4iBtm5A,13
8
- FlowAnalyzer-0.3.3.dist-info/RECORD,,