pypcapkit 1.3.3.post1__cp313-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- pcapkit/__init__.py +126 -0
- pcapkit/__main__.py +138 -0
- pcapkit/all.py +136 -0
- pcapkit/const/__init__.py +81 -0
- pcapkit/const/arp/__init__.py +25 -0
- pcapkit/const/arp/hardware.py +181 -0
- pcapkit/const/arp/operation.py +131 -0
- pcapkit/const/ftp/__init__.py +25 -0
- pcapkit/const/ftp/command.py +309 -0
- pcapkit/const/ftp/return_code.py +304 -0
- pcapkit/const/hip/__init__.py +94 -0
- pcapkit/const/hip/certificate.py +77 -0
- pcapkit/const/hip/cipher.py +65 -0
- pcapkit/const/hip/di.py +59 -0
- pcapkit/const/hip/ecdsa_curve.py +59 -0
- pcapkit/const/hip/ecdsa_low_curve.py +56 -0
- pcapkit/const/hip/eddsa_curve.py +65 -0
- pcapkit/const/hip/esp_transform_suite.py +98 -0
- pcapkit/const/hip/group.py +86 -0
- pcapkit/const/hip/hi_algorithm.py +86 -0
- pcapkit/const/hip/hit_suite.py +68 -0
- pcapkit/const/hip/nat_traversal.py +62 -0
- pcapkit/const/hip/notify_message.py +200 -0
- pcapkit/const/hip/packet.py +89 -0
- pcapkit/const/hip/parameter.py +377 -0
- pcapkit/const/hip/registration.py +68 -0
- pcapkit/const/hip/registration_failure.py +84 -0
- pcapkit/const/hip/suite.py +71 -0
- pcapkit/const/hip/transport.py +59 -0
- pcapkit/const/http/__init__.py +39 -0
- pcapkit/const/http/error_code.py +95 -0
- pcapkit/const/http/frame.py +95 -0
- pcapkit/const/http/method.py +184 -0
- pcapkit/const/http/setting.py +96 -0
- pcapkit/const/http/status_code.py +294 -0
- pcapkit/const/ipv4/__init__.py +57 -0
- pcapkit/const/ipv4/classification_level.py +64 -0
- pcapkit/const/ipv4/option_class.py +55 -0
- pcapkit/const/ipv4/option_number.py +137 -0
- pcapkit/const/ipv4/protection_authority.py +63 -0
- pcapkit/const/ipv4/qs_function.py +51 -0
- pcapkit/const/ipv4/router_alert.py +251 -0
- pcapkit/const/ipv4/tos_del.py +51 -0
- pcapkit/const/ipv4/tos_ecn.py +55 -0
- pcapkit/const/ipv4/tos_pre.py +63 -0
- pcapkit/const/ipv4/tos_rel.py +51 -0
- pcapkit/const/ipv4/tos_thr.py +51 -0
- pcapkit/const/ipv4/ts_flag.py +53 -0
- pcapkit/const/ipv6/__init__.py +53 -0
- pcapkit/const/ipv6/extension_header.py +66 -0
- pcapkit/const/ipv6/option.py +137 -0
- pcapkit/const/ipv6/option_action.py +55 -0
- pcapkit/const/ipv6/qs_function.py +51 -0
- pcapkit/const/ipv6/router_alert.py +266 -0
- pcapkit/const/ipv6/routing.py +80 -0
- pcapkit/const/ipv6/seed_id.py +55 -0
- pcapkit/const/ipv6/smf_dpd_mode.py +51 -0
- pcapkit/const/ipv6/tagger_id.py +62 -0
- pcapkit/const/ipx/__init__.py +27 -0
- pcapkit/const/ipx/packet.py +72 -0
- pcapkit/const/ipx/socket.py +104 -0
- pcapkit/const/l2tp/__init__.py +21 -0
- pcapkit/const/l2tp/type.py +51 -0
- pcapkit/const/mh/__init__.py +204 -0
- pcapkit/const/mh/access_type.py +92 -0
- pcapkit/const/mh/ack_status_code.py +71 -0
- pcapkit/const/mh/ani_suboption.py +74 -0
- pcapkit/const/mh/auth_subtype.py +53 -0
- pcapkit/const/mh/binding_ack_flag.py +66 -0
- pcapkit/const/mh/binding_error.py +51 -0
- pcapkit/const/mh/binding_revocation.py +59 -0
- pcapkit/const/mh/binding_update_flag.py +81 -0
- pcapkit/const/mh/cga_extension.py +66 -0
- pcapkit/const/mh/cga_sec.py +57 -0
- pcapkit/const/mh/cga_type.py +68 -0
- pcapkit/const/mh/dhcp_support_mode.py +53 -0
- pcapkit/const/mh/dns_status_code.py +65 -0
- pcapkit/const/mh/dsmip6_tls_packet.py +62 -0
- pcapkit/const/mh/dsmipv6_home_address.py +74 -0
- pcapkit/const/mh/enumerating_algorithm.py +56 -0
- pcapkit/const/mh/fb_ack_status.py +62 -0
- pcapkit/const/mh/fb_action.py +71 -0
- pcapkit/const/mh/fb_indication_trigger.py +65 -0
- pcapkit/const/mh/fb_type.py +59 -0
- pcapkit/const/mh/flow_id_status.py +77 -0
- pcapkit/const/mh/flow_id_suboption.py +71 -0
- pcapkit/const/mh/handoff_type.py +71 -0
- pcapkit/const/mh/handover_ack_flag.py +54 -0
- pcapkit/const/mh/handover_ack_status.py +92 -0
- pcapkit/const/mh/handover_initiate_flag.py +57 -0
- pcapkit/const/mh/handover_initiate_status.py +62 -0
- pcapkit/const/mh/home_address_reply.py +71 -0
- pcapkit/const/mh/lla_code.py +63 -0
- pcapkit/const/mh/lma_mag_suboption.py +59 -0
- pcapkit/const/mh/mn_group_id.py +59 -0
- pcapkit/const/mh/mn_id_subtype.py +77 -0
- pcapkit/const/mh/operator_id.py +63 -0
- pcapkit/const/mh/option.py +260 -0
- pcapkit/const/mh/packet.py +119 -0
- pcapkit/const/mh/qos_attribute.py +89 -0
- pcapkit/const/mh/revocation_status_code.py +83 -0
- pcapkit/const/mh/revocation_trigger.py +86 -0
- pcapkit/const/mh/status_code.py +232 -0
- pcapkit/const/mh/traffic_selector.py +62 -0
- pcapkit/const/mh/upa_status.py +71 -0
- pcapkit/const/mh/upn_reason.py +80 -0
- pcapkit/const/ospf/__init__.py +27 -0
- pcapkit/const/ospf/authentication.py +65 -0
- pcapkit/const/ospf/packet.py +71 -0
- pcapkit/const/pcapng/__init__.py +51 -0
- pcapkit/const/pcapng/block_type.py +152 -0
- pcapkit/const/pcapng/filter_type.py +48 -0
- pcapkit/const/pcapng/hash_algorithm.py +59 -0
- pcapkit/const/pcapng/option_type.py +233 -0
- pcapkit/const/pcapng/record_type.py +57 -0
- pcapkit/const/pcapng/secrets_type.py +56 -0
- pcapkit/const/pcapng/verdict_type.py +53 -0
- pcapkit/const/reg/__init__.py +34 -0
- pcapkit/const/reg/apptype.py +32702 -0
- pcapkit/const/reg/ethertype.py +714 -0
- pcapkit/const/reg/linktype.py +902 -0
- pcapkit/const/reg/transtype.py +523 -0
- pcapkit/const/tcp/__init__.py +35 -0
- pcapkit/const/tcp/checksum.py +55 -0
- pcapkit/const/tcp/flags.py +73 -0
- pcapkit/const/tcp/mp_tcp_option.py +80 -0
- pcapkit/const/tcp/option.py +198 -0
- pcapkit/const/vlan/__init__.py +23 -0
- pcapkit/const/vlan/priority_level.py +71 -0
- pcapkit/corekit/__init__.py +59 -0
- pcapkit/corekit/fields/__init__.py +45 -0
- pcapkit/corekit/fields/collections.py +282 -0
- pcapkit/corekit/fields/field.py +269 -0
- pcapkit/corekit/fields/ipaddress.py +274 -0
- pcapkit/corekit/fields/misc.py +722 -0
- pcapkit/corekit/fields/numbers.py +375 -0
- pcapkit/corekit/fields/strings.py +245 -0
- pcapkit/corekit/infoclass.py +394 -0
- pcapkit/corekit/io.py +506 -0
- pcapkit/corekit/module.py +39 -0
- pcapkit/corekit/multidict.py +626 -0
- pcapkit/corekit/protochain.py +263 -0
- pcapkit/corekit/version.py +33 -0
- pcapkit/dumpkit/__init__.py +15 -0
- pcapkit/dumpkit/common.py +199 -0
- pcapkit/dumpkit/null.py +77 -0
- pcapkit/dumpkit/pcap.py +144 -0
- pcapkit/foundation/__init__.py +45 -0
- pcapkit/foundation/engines/__init__.py +36 -0
- pcapkit/foundation/engines/dpkt.py +230 -0
- pcapkit/foundation/engines/engine.py +194 -0
- pcapkit/foundation/engines/pcap.py +188 -0
- pcapkit/foundation/engines/pcapng.py +310 -0
- pcapkit/foundation/engines/pyshark.py +166 -0
- pcapkit/foundation/engines/scapy.py +161 -0
- pcapkit/foundation/extraction.py +915 -0
- pcapkit/foundation/reassembly/__init__.py +49 -0
- pcapkit/foundation/reassembly/data/__init__.py +48 -0
- pcapkit/foundation/reassembly/data/ip.py +117 -0
- pcapkit/foundation/reassembly/data/tcp.py +145 -0
- pcapkit/foundation/reassembly/ip.py +192 -0
- pcapkit/foundation/reassembly/ipv4.py +50 -0
- pcapkit/foundation/reassembly/ipv6.py +50 -0
- pcapkit/foundation/reassembly/reassembly.py +389 -0
- pcapkit/foundation/reassembly/tcp.py +249 -0
- pcapkit/foundation/registry/__init__.py +41 -0
- pcapkit/foundation/registry/foundation.py +327 -0
- pcapkit/foundation/registry/protocols.py +885 -0
- pcapkit/foundation/traceflow/__init__.py +44 -0
- pcapkit/foundation/traceflow/data/__init__.py +30 -0
- pcapkit/foundation/traceflow/data/tcp.py +105 -0
- pcapkit/foundation/traceflow/tcp.py +159 -0
- pcapkit/foundation/traceflow/traceflow.py +390 -0
- pcapkit/interface/__init__.py +22 -0
- pcapkit/interface/core.py +185 -0
- pcapkit/interface/misc.py +120 -0
- pcapkit/protocols/__init__.py +85 -0
- pcapkit/protocols/application/NotImplemented/bgp.py +0 -0
- pcapkit/protocols/application/NotImplemented/dhcp.py +0 -0
- pcapkit/protocols/application/NotImplemented/dhcpv6.py +0 -0
- pcapkit/protocols/application/NotImplemented/dns.py +0 -0
- pcapkit/protocols/application/NotImplemented/imap.py +0 -0
- pcapkit/protocols/application/NotImplemented/ldap.py +0 -0
- pcapkit/protocols/application/NotImplemented/mqtt.py +0 -0
- pcapkit/protocols/application/NotImplemented/nntp.py +0 -0
- pcapkit/protocols/application/NotImplemented/ntp.py +0 -0
- pcapkit/protocols/application/NotImplemented/onc_rpc.py +0 -0
- pcapkit/protocols/application/NotImplemented/pop.py +0 -0
- pcapkit/protocols/application/NotImplemented/rip.py +0 -0
- pcapkit/protocols/application/NotImplemented/rtp.py +0 -0
- pcapkit/protocols/application/NotImplemented/sip.py +0 -0
- pcapkit/protocols/application/NotImplemented/smtp.py +0 -0
- pcapkit/protocols/application/NotImplemented/snmp.py +0 -0
- pcapkit/protocols/application/NotImplemented/ssh.py +0 -0
- pcapkit/protocols/application/NotImplemented/telnet.py +0 -0
- pcapkit/protocols/application/NotImplemented/tls.py +0 -0
- pcapkit/protocols/application/NotImplemented/xmpp.py +0 -0
- pcapkit/protocols/application/__init__.py +34 -0
- pcapkit/protocols/application/application.py +114 -0
- pcapkit/protocols/application/ftp.py +206 -0
- pcapkit/protocols/application/http.py +176 -0
- pcapkit/protocols/application/httpv1.py +320 -0
- pcapkit/protocols/application/httpv2.py +1255 -0
- pcapkit/protocols/data/__init__.py +192 -0
- pcapkit/protocols/data/application/__init__.py +57 -0
- pcapkit/protocols/data/application/ftp.py +59 -0
- pcapkit/protocols/data/application/httpv1.py +79 -0
- pcapkit/protocols/data/application/httpv2.py +293 -0
- pcapkit/protocols/data/data.py +25 -0
- pcapkit/protocols/data/internet/__init__.py +298 -0
- pcapkit/protocols/data/internet/ah.py +31 -0
- pcapkit/protocols/data/internet/hip.py +804 -0
- pcapkit/protocols/data/internet/hopopt.py +351 -0
- pcapkit/protocols/data/internet/ipv4.py +369 -0
- pcapkit/protocols/data/internet/ipv6.py +67 -0
- pcapkit/protocols/data/internet/ipv6_frag.py +29 -0
- pcapkit/protocols/data/internet/ipv6_opts.py +368 -0
- pcapkit/protocols/data/internet/ipv6_route.py +86 -0
- pcapkit/protocols/data/internet/ipx.py +56 -0
- pcapkit/protocols/data/internet/mh.py +509 -0
- pcapkit/protocols/data/link/__init__.py +33 -0
- pcapkit/protocols/data/link/arp.py +74 -0
- pcapkit/protocols/data/link/ethernet.py +28 -0
- pcapkit/protocols/data/link/l2tp.py +63 -0
- pcapkit/protocols/data/link/ospf.py +58 -0
- pcapkit/protocols/data/link/vlan.py +42 -0
- pcapkit/protocols/data/misc/__init__.py +109 -0
- pcapkit/protocols/data/misc/null.py +18 -0
- pcapkit/protocols/data/misc/pcap/__init__.py +18 -0
- pcapkit/protocols/data/misc/pcap/frame.py +56 -0
- pcapkit/protocols/data/misc/pcap/header.py +53 -0
- pcapkit/protocols/data/misc/pcapng.py +925 -0
- pcapkit/protocols/data/misc/raw.py +25 -0
- pcapkit/protocols/data/protocol.py +32 -0
- pcapkit/protocols/data/transport/__init__.py +71 -0
- pcapkit/protocols/data/transport/tcp.py +555 -0
- pcapkit/protocols/data/transport/udp.py +29 -0
- pcapkit/protocols/internet/NotImplemented/ecn.py +0 -0
- pcapkit/protocols/internet/NotImplemented/esp.py +97 -0
- pcapkit/protocols/internet/NotImplemented/icmp.py +0 -0
- pcapkit/protocols/internet/NotImplemented/icmpv6.py +0 -0
- pcapkit/protocols/internet/NotImplemented/igmp.py +0 -0
- pcapkit/protocols/internet/NotImplemented/shim6.py +0 -0
- pcapkit/protocols/internet/__init__.py +43 -0
- pcapkit/protocols/internet/ah.py +275 -0
- pcapkit/protocols/internet/hip.py +4727 -0
- pcapkit/protocols/internet/hopopt.py +1879 -0
- pcapkit/protocols/internet/internet.py +240 -0
- pcapkit/protocols/internet/ip.py +51 -0
- pcapkit/protocols/internet/ipsec.py +50 -0
- pcapkit/protocols/internet/ipv4.py +1782 -0
- pcapkit/protocols/internet/ipv6.py +361 -0
- pcapkit/protocols/internet/ipv6_frag.py +258 -0
- pcapkit/protocols/internet/ipv6_opts.py +1890 -0
- pcapkit/protocols/internet/ipv6_route.py +710 -0
- pcapkit/protocols/internet/ipx.py +230 -0
- pcapkit/protocols/internet/mh.py +2764 -0
- pcapkit/protocols/link/NotImplemented/dsl.py +0 -0
- pcapkit/protocols/link/NotImplemented/eapol.py +1 -0
- pcapkit/protocols/link/NotImplemented/fddi.py +0 -0
- pcapkit/protocols/link/NotImplemented/isdn.py +0 -0
- pcapkit/protocols/link/NotImplemented/ndp.py +0 -0
- pcapkit/protocols/link/NotImplemented/ppp.py +0 -0
- pcapkit/protocols/link/__init__.py +35 -0
- pcapkit/protocols/link/arp.py +421 -0
- pcapkit/protocols/link/ethernet.py +248 -0
- pcapkit/protocols/link/l2tp.py +267 -0
- pcapkit/protocols/link/link.py +140 -0
- pcapkit/protocols/link/ospf.py +342 -0
- pcapkit/protocols/link/rarp.py +82 -0
- pcapkit/protocols/link/vlan.py +225 -0
- pcapkit/protocols/misc/__init__.py +37 -0
- pcapkit/protocols/misc/null.py +129 -0
- pcapkit/protocols/misc/pcap/__init__.py +17 -0
- pcapkit/protocols/misc/pcap/frame.py +478 -0
- pcapkit/protocols/misc/pcap/header.py +358 -0
- pcapkit/protocols/misc/pcapng.py +5520 -0
- pcapkit/protocols/misc/raw.py +180 -0
- pcapkit/protocols/protocol.py +1216 -0
- pcapkit/protocols/schema/__init__.py +140 -0
- pcapkit/protocols/schema/application/__init__.py +40 -0
- pcapkit/protocols/schema/application/ftp.py +21 -0
- pcapkit/protocols/schema/application/httpv1.py +21 -0
- pcapkit/protocols/schema/application/httpv2.py +384 -0
- pcapkit/protocols/schema/internet/__init__.py +294 -0
- pcapkit/protocols/schema/internet/ah.py +40 -0
- pcapkit/protocols/schema/internet/hip.py +1184 -0
- pcapkit/protocols/schema/internet/hopopt.py +679 -0
- pcapkit/protocols/schema/internet/ipv4.py +576 -0
- pcapkit/protocols/schema/internet/ipv6.py +63 -0
- pcapkit/protocols/schema/internet/ipv6_frag.py +48 -0
- pcapkit/protocols/schema/internet/ipv6_opts.py +680 -0
- pcapkit/protocols/schema/internet/ipv6_route.py +198 -0
- pcapkit/protocols/schema/internet/ipx.py +40 -0
- pcapkit/protocols/schema/internet/mh.py +718 -0
- pcapkit/protocols/schema/link/__init__.py +19 -0
- pcapkit/protocols/schema/link/arp.py +39 -0
- pcapkit/protocols/schema/link/ethernet.py +51 -0
- pcapkit/protocols/schema/link/l2tp.py +88 -0
- pcapkit/protocols/schema/link/ospf.py +90 -0
- pcapkit/protocols/schema/link/vlan.py +69 -0
- pcapkit/protocols/schema/misc/__init__.py +108 -0
- pcapkit/protocols/schema/misc/null.py +18 -0
- pcapkit/protocols/schema/misc/pcap/__init__.py +10 -0
- pcapkit/protocols/schema/misc/pcap/frame.py +51 -0
- pcapkit/protocols/schema/misc/pcap/header.py +63 -0
- pcapkit/protocols/schema/misc/pcapng.py +1689 -0
- pcapkit/protocols/schema/misc/raw.py +24 -0
- pcapkit/protocols/schema/schema.py +809 -0
- pcapkit/protocols/schema/transport/__init__.py +69 -0
- pcapkit/protocols/schema/transport/tcp.py +928 -0
- pcapkit/protocols/schema/transport/udp.py +90 -0
- pcapkit/protocols/transport/NotImplemented/dccp.py +0 -0
- pcapkit/protocols/transport/NotImplemented/rsvp.py +0 -0
- pcapkit/protocols/transport/NotImplemented/sctp.py +0 -0
- pcapkit/protocols/transport/__init__.py +27 -0
- pcapkit/protocols/transport/tcp.py +3025 -0
- pcapkit/protocols/transport/transport.py +158 -0
- pcapkit/protocols/transport/udp.py +214 -0
- pcapkit/py.typed +0 -0
- pcapkit/toolkit/__init__.py +57 -0
- pcapkit/toolkit/dpkt.py +306 -0
- pcapkit/toolkit/pcap.py +212 -0
- pcapkit/toolkit/pcapng.py +251 -0
- pcapkit/toolkit/pyshark.py +99 -0
- pcapkit/toolkit/scapy.py +297 -0
- pcapkit/utilities/__init__.py +20 -0
- pcapkit/utilities/compat.py +196 -0
- pcapkit/utilities/decorators.py +192 -0
- pcapkit/utilities/exceptions.py +365 -0
- pcapkit/utilities/logging.py +55 -0
- pcapkit/utilities/warnings.py +185 -0
- pcapkit/vendor/__init__.py +105 -0
- pcapkit/vendor/__main__.py +92 -0
- pcapkit/vendor/arp/__init__.py +27 -0
- pcapkit/vendor/arp/hardware.py +29 -0
- pcapkit/vendor/arp/operation.py +29 -0
- pcapkit/vendor/default.py +474 -0
- pcapkit/vendor/ftp/__init__.py +27 -0
- pcapkit/vendor/ftp/command.py +244 -0
- pcapkit/vendor/ftp/return_code.py +256 -0
- pcapkit/vendor/hip/__init__.py +94 -0
- pcapkit/vendor/hip/certificate.py +29 -0
- pcapkit/vendor/hip/cipher.py +29 -0
- pcapkit/vendor/hip/di.py +29 -0
- pcapkit/vendor/hip/ecdsa_curve.py +29 -0
- pcapkit/vendor/hip/ecdsa_low_curve.py +29 -0
- pcapkit/vendor/hip/eddsa_curve.py +85 -0
- pcapkit/vendor/hip/esp_transform_suite.py +29 -0
- pcapkit/vendor/hip/group.py +87 -0
- pcapkit/vendor/hip/hi_algorithm.py +29 -0
- pcapkit/vendor/hip/hit_suite.py +29 -0
- pcapkit/vendor/hip/nat_traversal.py +29 -0
- pcapkit/vendor/hip/notify_message.py +29 -0
- pcapkit/vendor/hip/packet.py +88 -0
- pcapkit/vendor/hip/parameter.py +88 -0
- pcapkit/vendor/hip/registration.py +29 -0
- pcapkit/vendor/hip/registration_failure.py +29 -0
- pcapkit/vendor/hip/suite.py +29 -0
- pcapkit/vendor/hip/transport.py +29 -0
- pcapkit/vendor/http/__init__.py +39 -0
- pcapkit/vendor/http/error_code.py +95 -0
- pcapkit/vendor/http/frame.py +91 -0
- pcapkit/vendor/http/method.py +167 -0
- pcapkit/vendor/http/setting.py +93 -0
- pcapkit/vendor/http/status_code.py +185 -0
- pcapkit/vendor/ipv4/__init__.py +57 -0
- pcapkit/vendor/ipv4/classification_level.py +91 -0
- pcapkit/vendor/ipv4/option_class.py +80 -0
- pcapkit/vendor/ipv4/option_number.py +105 -0
- pcapkit/vendor/ipv4/protection_authority.py +84 -0
- pcapkit/vendor/ipv4/qs_function.py +78 -0
- pcapkit/vendor/ipv4/router_alert.py +93 -0
- pcapkit/vendor/ipv4/tos_del.py +78 -0
- pcapkit/vendor/ipv4/tos_ecn.py +95 -0
- pcapkit/vendor/ipv4/tos_pre.py +84 -0
- pcapkit/vendor/ipv4/tos_rel.py +78 -0
- pcapkit/vendor/ipv4/tos_thr.py +77 -0
- pcapkit/vendor/ipv4/ts_flag.py +79 -0
- pcapkit/vendor/ipv6/__init__.py +53 -0
- pcapkit/vendor/ipv6/extension_header.py +171 -0
- pcapkit/vendor/ipv6/option.py +104 -0
- pcapkit/vendor/ipv6/option_action.py +90 -0
- pcapkit/vendor/ipv6/qs_function.py +78 -0
- pcapkit/vendor/ipv6/router_alert.py +93 -0
- pcapkit/vendor/ipv6/routing.py +87 -0
- pcapkit/vendor/ipv6/seed_id.py +81 -0
- pcapkit/vendor/ipv6/smf_dpd_mode.py +78 -0
- pcapkit/vendor/ipv6/tagger_id.py +81 -0
- pcapkit/vendor/ipx/__init__.py +37 -0
- pcapkit/vendor/ipx/packet.py +123 -0
- pcapkit/vendor/ipx/socket.py +125 -0
- pcapkit/vendor/l2tp/__init__.py +21 -0
- pcapkit/vendor/l2tp/type.py +78 -0
- pcapkit/vendor/mh/__init__.py +204 -0
- pcapkit/vendor/mh/access_type.py +87 -0
- pcapkit/vendor/mh/ack_status_code.py +88 -0
- pcapkit/vendor/mh/ani_suboption.py +88 -0
- pcapkit/vendor/mh/auth_subtype.py +83 -0
- pcapkit/vendor/mh/binding_ack_flag.py +148 -0
- pcapkit/vendor/mh/binding_error.py +78 -0
- pcapkit/vendor/mh/binding_revocation.py +87 -0
- pcapkit/vendor/mh/binding_update_flag.py +147 -0
- pcapkit/vendor/mh/cga_extension.py +91 -0
- pcapkit/vendor/mh/cga_sec.py +91 -0
- pcapkit/vendor/mh/cga_type.py +74 -0
- pcapkit/vendor/mh/dhcp_support_mode.py +77 -0
- pcapkit/vendor/mh/dns_status_code.py +87 -0
- pcapkit/vendor/mh/dsmip6_tls_packet.py +87 -0
- pcapkit/vendor/mh/dsmipv6_home_address.py +87 -0
- pcapkit/vendor/mh/enumerating_algorithm.py +82 -0
- pcapkit/vendor/mh/fb_ack_status.py +87 -0
- pcapkit/vendor/mh/fb_action.py +88 -0
- pcapkit/vendor/mh/fb_indication_trigger.py +87 -0
- pcapkit/vendor/mh/fb_type.py +88 -0
- pcapkit/vendor/mh/flow_id_status.py +87 -0
- pcapkit/vendor/mh/flow_id_suboption.py +87 -0
- pcapkit/vendor/mh/handoff_type.py +87 -0
- pcapkit/vendor/mh/handover_ack_flag.py +143 -0
- pcapkit/vendor/mh/handover_ack_status.py +87 -0
- pcapkit/vendor/mh/handover_initiate_flag.py +143 -0
- pcapkit/vendor/mh/handover_initiate_status.py +87 -0
- pcapkit/vendor/mh/home_address_reply.py +87 -0
- pcapkit/vendor/mh/lla_code.py +97 -0
- pcapkit/vendor/mh/lma_mag_suboption.py +88 -0
- pcapkit/vendor/mh/mn_group_id.py +87 -0
- pcapkit/vendor/mh/mn_id_subtype.py +87 -0
- pcapkit/vendor/mh/operator_id.py +87 -0
- pcapkit/vendor/mh/option.py +83 -0
- pcapkit/vendor/mh/packet.py +82 -0
- pcapkit/vendor/mh/qos_attribute.py +87 -0
- pcapkit/vendor/mh/revocation_status_code.py +87 -0
- pcapkit/vendor/mh/revocation_trigger.py +87 -0
- pcapkit/vendor/mh/status_code.py +91 -0
- pcapkit/vendor/mh/traffic_selector.py +87 -0
- pcapkit/vendor/mh/upa_status.py +87 -0
- pcapkit/vendor/mh/upn_reason.py +87 -0
- pcapkit/vendor/ospf/__init__.py +27 -0
- pcapkit/vendor/ospf/authentication.py +29 -0
- pcapkit/vendor/ospf/packet.py +29 -0
- pcapkit/vendor/pcapng/__init__.py +51 -0
- pcapkit/vendor/pcapng/block_type.py +94 -0
- pcapkit/vendor/pcapng/filter_type.py +77 -0
- pcapkit/vendor/pcapng/hash_algorithm.py +82 -0
- pcapkit/vendor/pcapng/option_type.py +287 -0
- pcapkit/vendor/pcapng/record_type.py +81 -0
- pcapkit/vendor/pcapng/secrets_type.py +81 -0
- pcapkit/vendor/pcapng/verdict_type.py +79 -0
- pcapkit/vendor/reg/__init__.py +34 -0
- pcapkit/vendor/reg/apptype.py +338 -0
- pcapkit/vendor/reg/ethertype.py +121 -0
- pcapkit/vendor/reg/linktype.py +110 -0
- pcapkit/vendor/reg/transtype.py +111 -0
- pcapkit/vendor/tcp/__init__.py +35 -0
- pcapkit/vendor/tcp/checksum.py +80 -0
- pcapkit/vendor/tcp/flags.py +149 -0
- pcapkit/vendor/tcp/mp_tcp_option.py +90 -0
- pcapkit/vendor/tcp/option.py +103 -0
- pcapkit/vendor/vlan/__init__.py +23 -0
- pcapkit/vendor/vlan/priority_level.py +97 -0
- pypcapkit-1.3.3.post1.dist-info/LICENSE +29 -0
- pypcapkit-1.3.3.post1.dist-info/METADATA +236 -0
- pypcapkit-1.3.3.post1.dist-info/RECORD +466 -0
- pypcapkit-1.3.3.post1.dist-info/WHEEL +5 -0
- pypcapkit-1.3.3.post1.dist-info/entry_points.txt +3 -0
- pypcapkit-1.3.3.post1.dist-info/top_level.txt +1 -0
pcapkit/dumpkit/pcap.py
ADDED
|
@@ -0,0 +1,144 @@
|
|
|
1
|
+
# -*- coding: utf-8 -*-
|
|
2
|
+
"""PCAP Dumper
|
|
3
|
+
=================
|
|
4
|
+
|
|
5
|
+
.. module:: pcapkit.dumper.pcap
|
|
6
|
+
|
|
7
|
+
:mod:`pcapkit.dumpkit.pcap` is the dumper for :mod:`pcapkit` implementation,
|
|
8
|
+
specifically for PCAP format, which is alike those described in
|
|
9
|
+
:mod:`dictdumper`.
|
|
10
|
+
|
|
11
|
+
"""
|
|
12
|
+
import sys
|
|
13
|
+
from typing import TYPE_CHECKING
|
|
14
|
+
|
|
15
|
+
from pcapkit.dumpkit.common import DumperBase as Dumper
|
|
16
|
+
from pcapkit.protocols.data.misc.pcap.header import Header as Data_Header
|
|
17
|
+
from pcapkit.protocols.misc.pcap.frame import Frame
|
|
18
|
+
from pcapkit.protocols.misc.pcap.header import Header
|
|
19
|
+
|
|
20
|
+
if TYPE_CHECKING:
|
|
21
|
+
from enum import IntEnum as StdlibIntEnum
|
|
22
|
+
from typing import IO, Any, Optional
|
|
23
|
+
|
|
24
|
+
from aenum import IntEnum as AenumIntEnum
|
|
25
|
+
from typing_extensions import Literal
|
|
26
|
+
|
|
27
|
+
from pcapkit.const.reg.linktype import LinkType as Enum_LinkType
|
|
28
|
+
from pcapkit.protocols.data.misc.pcap.frame import Frame as Data_Frame
|
|
29
|
+
|
|
30
|
+
__all__ = [
|
|
31
|
+
'PCAPIO',
|
|
32
|
+
]
|
|
33
|
+
|
|
34
|
+
|
|
35
|
+
class PCAPIO(Dumper):
|
|
36
|
+
"""PCAP file dumper.
|
|
37
|
+
|
|
38
|
+
Args:
|
|
39
|
+
fname: output file name
|
|
40
|
+
protocol: data link type
|
|
41
|
+
byteorder: header byte order
|
|
42
|
+
nanosecond: nanosecond-resolution file flag
|
|
43
|
+
**kwargs: arbitrary keyword arguments
|
|
44
|
+
|
|
45
|
+
"""
|
|
46
|
+
if TYPE_CHECKING:
|
|
47
|
+
#: PCAP file global header.
|
|
48
|
+
_ghdr: 'Data_Header'
|
|
49
|
+
|
|
50
|
+
##########################################################################
|
|
51
|
+
# Properties.
|
|
52
|
+
##########################################################################
|
|
53
|
+
|
|
54
|
+
@property
|
|
55
|
+
def kind(self) -> 'Literal["pcap"]':
|
|
56
|
+
"""File format of current dumper."""
|
|
57
|
+
return 'pcap'
|
|
58
|
+
|
|
59
|
+
##########################################################################
|
|
60
|
+
# Data models.
|
|
61
|
+
##########################################################################
|
|
62
|
+
|
|
63
|
+
def __init__(self, fname: 'str', *, protocol: 'Enum_LinkType | StdlibIntEnum | AenumIntEnum | str | int',
|
|
64
|
+
byteorder: 'Literal["big", "little"]' = sys.byteorder,
|
|
65
|
+
nanosecond: 'bool' = False, **kwargs: 'Any') -> 'None': # pylint: disable=arguments-differ
|
|
66
|
+
"""Initialise dumper.
|
|
67
|
+
|
|
68
|
+
Args:
|
|
69
|
+
fname: output file name
|
|
70
|
+
protocol: data link type
|
|
71
|
+
byteorder: header byte order
|
|
72
|
+
nanosecond: nanosecond-resolution file flag
|
|
73
|
+
**kwargs: arbitrary keyword arguments
|
|
74
|
+
|
|
75
|
+
"""
|
|
76
|
+
#: int: Frame counter.
|
|
77
|
+
self._fnum = 1
|
|
78
|
+
#: bool: Nanosecond-resolution file flag.
|
|
79
|
+
self._nsec = nanosecond
|
|
80
|
+
#: Enum_LinkType | StdlibIntEnum | AenumIntEnum | str | int: Data link type.
|
|
81
|
+
self._link = protocol
|
|
82
|
+
|
|
83
|
+
super().__init__(fname, protocol=protocol, byteorder=byteorder, nanosecond=nanosecond, **kwargs)
|
|
84
|
+
|
|
85
|
+
def __call__(self, value: 'Data_Frame', name: 'Optional[str]' = None) -> 'PCAPIO':
|
|
86
|
+
"""Dump a new frame.
|
|
87
|
+
|
|
88
|
+
Args:
|
|
89
|
+
value: content to be dumped
|
|
90
|
+
name: name of current content block
|
|
91
|
+
|
|
92
|
+
Returns:
|
|
93
|
+
The dumper class itself (to support chain calling).
|
|
94
|
+
|
|
95
|
+
"""
|
|
96
|
+
with open(self._file, 'ab') as file:
|
|
97
|
+
self._append_value(value, file, name or '')
|
|
98
|
+
return self
|
|
99
|
+
|
|
100
|
+
##########################################################################
|
|
101
|
+
# Utilities.
|
|
102
|
+
##########################################################################
|
|
103
|
+
|
|
104
|
+
def _dump_header(self, *, protocol: 'Enum_LinkType | StdlibIntEnum | AenumIntEnum | str | int', # pylint: disable=arguments-differ
|
|
105
|
+
byteorder: 'Literal["big", "little"]' = sys.byteorder, nanosecond: 'bool' = False,
|
|
106
|
+
**kwargs: 'Any') -> 'None': # pylint: disable=unused-argument
|
|
107
|
+
"""Initially dump file heads and tails.
|
|
108
|
+
|
|
109
|
+
Args:
|
|
110
|
+
protocol: data link type
|
|
111
|
+
byteorder: header byte order
|
|
112
|
+
nanosecond: nanosecond-resolution file flag
|
|
113
|
+
**kwargs: arbitrary keyword arguments
|
|
114
|
+
|
|
115
|
+
"""
|
|
116
|
+
header = Header(
|
|
117
|
+
network=protocol,
|
|
118
|
+
byteorder=byteorder,
|
|
119
|
+
nanosecond=nanosecond,
|
|
120
|
+
)
|
|
121
|
+
packet = header.data
|
|
122
|
+
with open(self._file, 'wb') as file:
|
|
123
|
+
file.write(packet)
|
|
124
|
+
self._ghdr = header.info
|
|
125
|
+
|
|
126
|
+
def _append_value(self, value: 'Data_Frame', file: 'IO[bytes]', name: 'str') -> 'None': # pylint: disable=unused-argument
|
|
127
|
+
"""Call this function to write contents.
|
|
128
|
+
|
|
129
|
+
Args:
|
|
130
|
+
value: content to be dumped
|
|
131
|
+
file: output file
|
|
132
|
+
name: name of current content block
|
|
133
|
+
|
|
134
|
+
"""
|
|
135
|
+
packet = Frame(
|
|
136
|
+
nanosecond=self._nsec,
|
|
137
|
+
num=self._fnum,
|
|
138
|
+
proto=self._link,
|
|
139
|
+
packet=value.packet,
|
|
140
|
+
header=self._ghdr,
|
|
141
|
+
**value.frame_info,
|
|
142
|
+
).data
|
|
143
|
+
file.write(packet)
|
|
144
|
+
self._fnum += 1
|
|
@@ -0,0 +1,45 @@
|
|
|
1
|
+
# -*- coding: utf-8 -*-
|
|
2
|
+
# pylint: disable=unused-import, unused-wildcard-import
|
|
3
|
+
"""Library Foundation
|
|
4
|
+
========================
|
|
5
|
+
|
|
6
|
+
.. module:: pcapkit.foundation
|
|
7
|
+
|
|
8
|
+
:mod:`pcapkit.foundation` is a collection of foundations for
|
|
9
|
+
:mod:`pcapkit`, including PCAP file extraction tool
|
|
10
|
+
:class:`~pcapkit.foundation.extraction.Extrator`, flow tracing
|
|
11
|
+
:mod:`~pcapkit.foundation.tractflow`, registry management
|
|
12
|
+
APIs for :mod:`pcapkit`, and TCP/IP reassembly implementations.
|
|
13
|
+
|
|
14
|
+
"""
|
|
15
|
+
from pcapkit.foundation.extraction import Extractor
|
|
16
|
+
from pcapkit.foundation.reassembly import *
|
|
17
|
+
from pcapkit.foundation.registry import *
|
|
18
|
+
from pcapkit.foundation.traceflow import *
|
|
19
|
+
|
|
20
|
+
__all__ = [
|
|
21
|
+
'Extractor',
|
|
22
|
+
|
|
23
|
+
'IPv4_Reassembly', 'IPv6_Reassembly', 'TCP_Reassembly',
|
|
24
|
+
|
|
25
|
+
'TCP_TraceFlow',
|
|
26
|
+
|
|
27
|
+
'register_protocol',
|
|
28
|
+
'register_linktype',
|
|
29
|
+
'register_pcap', 'register_pcapng',
|
|
30
|
+
'register_ethertype',
|
|
31
|
+
'register_transtype',
|
|
32
|
+
'register_ipv4_option', 'register_hip_parameter', 'register_hopopt_option',
|
|
33
|
+
'register_ipv6_opts_option', 'register_ipv6_route_routing',
|
|
34
|
+
'register_mh_message', 'register_mh_option', 'register_mh_extension',
|
|
35
|
+
'register_apptype',
|
|
36
|
+
'register_tcp', 'register_udp',
|
|
37
|
+
'register_tcp_option', 'register_tcp_mp_option',
|
|
38
|
+
'register_http_frame',
|
|
39
|
+
'register_pcapng_block', 'register_pcapng_option', 'register_pcapng_secrets',
|
|
40
|
+
'register_pcapng_record',
|
|
41
|
+
|
|
42
|
+
'register_extractor_engine',
|
|
43
|
+
'register_dumper',
|
|
44
|
+
'register_extractor_dumper', 'register_traceflow_dumper',
|
|
45
|
+
]
|
|
@@ -0,0 +1,36 @@
|
|
|
1
|
+
# -*- coding: utf-8 -*-
|
|
2
|
+
"""Engine Support
|
|
3
|
+
====================
|
|
4
|
+
|
|
5
|
+
.. module:: pcapkit.foundation.engines
|
|
6
|
+
|
|
7
|
+
:mod:`pcapkit.foundation.engines` is a collection of engines
|
|
8
|
+
support for :mod:`pcapkit`, including but not limited to the
|
|
9
|
+
built-in PCAP and `PCAP-NG`_ file support, :mod:`Scapy <scapy>`,
|
|
10
|
+
:mod:`PyShark <pyshark>`, :mod:`DPKT <dpkt>` 3rd party engine
|
|
11
|
+
support.
|
|
12
|
+
|
|
13
|
+
.. todo::
|
|
14
|
+
|
|
15
|
+
Implement support for `PCAP-NG`_ file format.
|
|
16
|
+
|
|
17
|
+
.. _PCAPNG: https://wiki.wireshark.org/Development/PcapNg
|
|
18
|
+
|
|
19
|
+
"""
|
|
20
|
+
# Base class
|
|
21
|
+
from pcapkit.foundation.engines.engine import Engine
|
|
22
|
+
|
|
23
|
+
# Built-in engines
|
|
24
|
+
from pcapkit.foundation.engines.pcap import PCAP
|
|
25
|
+
from pcapkit.foundation.engines.pcapng import PCAPNG
|
|
26
|
+
|
|
27
|
+
# 3rd party engines
|
|
28
|
+
from pcapkit.foundation.engines.scapy import Scapy
|
|
29
|
+
from pcapkit.foundation.engines.dpkt import DPKT
|
|
30
|
+
from pcapkit.foundation.engines.pyshark import PyShark
|
|
31
|
+
|
|
32
|
+
__all__ = [
|
|
33
|
+
'PCAP', 'PCAPNG',
|
|
34
|
+
|
|
35
|
+
'Scapy', 'DPKT', 'PyShark',
|
|
36
|
+
]
|
|
@@ -0,0 +1,230 @@
|
|
|
1
|
+
# -*- coding: utf-8 -*-
|
|
2
|
+
"""DPKT Support
|
|
3
|
+
==================
|
|
4
|
+
|
|
5
|
+
.. module:: pcapkit.foundation.engines.dpkt
|
|
6
|
+
|
|
7
|
+
This module contains the implementation for `DPKT`_ engine
|
|
8
|
+
support, as is used by :class:`pcapkit.foundation.extraction.Extractor`.
|
|
9
|
+
|
|
10
|
+
.. _DPKT: https://dpkt.readthedocs.io
|
|
11
|
+
|
|
12
|
+
"""
|
|
13
|
+
from typing import TYPE_CHECKING, cast
|
|
14
|
+
|
|
15
|
+
from pcapkit.const.reg.linktype import LinkType as Enum_LinkType
|
|
16
|
+
from pcapkit.foundation.engines.engine import EngineBase as Engine
|
|
17
|
+
from pcapkit.utilities.exceptions import FormatError, stacklevel
|
|
18
|
+
from pcapkit.utilities.warnings import AttributeWarning, DPKTWarning, warn
|
|
19
|
+
|
|
20
|
+
__all__ = ['DPKT']
|
|
21
|
+
|
|
22
|
+
if TYPE_CHECKING:
|
|
23
|
+
from typing import Optional, Type, Union
|
|
24
|
+
|
|
25
|
+
from dpkt.dpkt import Packet as DPKTPacket
|
|
26
|
+
from dpkt.pcap import Reader as PCAPReader
|
|
27
|
+
from dpkt.pcapng import Reader as PCAPNGReader
|
|
28
|
+
|
|
29
|
+
from pcapkit.foundation.extraction import Extractor
|
|
30
|
+
|
|
31
|
+
Reader = Union[PCAPReader, PCAPNGReader]
|
|
32
|
+
|
|
33
|
+
|
|
34
|
+
class DPKT(Engine['DPKTPacket']):
|
|
35
|
+
"""DPKT engine support.
|
|
36
|
+
|
|
37
|
+
Args:
|
|
38
|
+
extractor: :class:`~pcapkit.foundation.extraction.Extractor` instance.
|
|
39
|
+
|
|
40
|
+
"""
|
|
41
|
+
if TYPE_CHECKING:
|
|
42
|
+
import dpkt
|
|
43
|
+
|
|
44
|
+
#: Engine extraction package.
|
|
45
|
+
_expkg: 'dpkt'
|
|
46
|
+
#: Engine extraction temporary storage.
|
|
47
|
+
_extmp: 'Reader'
|
|
48
|
+
|
|
49
|
+
##########################################################################
|
|
50
|
+
# Defaults.
|
|
51
|
+
##########################################################################
|
|
52
|
+
|
|
53
|
+
#: Engine name.
|
|
54
|
+
__engine_name__ = 'DPKT'
|
|
55
|
+
|
|
56
|
+
#: Engine module name.
|
|
57
|
+
__engine_module__ = 'dpkt'
|
|
58
|
+
|
|
59
|
+
##########################################################################
|
|
60
|
+
# Data models.
|
|
61
|
+
##########################################################################
|
|
62
|
+
|
|
63
|
+
def __init__(self, extractor: 'Extractor') -> 'None':
|
|
64
|
+
import dpkt # isort:skip
|
|
65
|
+
|
|
66
|
+
self._expkg = dpkt
|
|
67
|
+
self._extmp = cast('Reader', None)
|
|
68
|
+
|
|
69
|
+
super().__init__(extractor)
|
|
70
|
+
|
|
71
|
+
##########################################################################
|
|
72
|
+
# Methods.
|
|
73
|
+
##########################################################################
|
|
74
|
+
|
|
75
|
+
def run(self) -> 'None':
|
|
76
|
+
"""Call :class:`dpkt.pcap.Reader` to extract PCAP files.
|
|
77
|
+
|
|
78
|
+
This method assigns :attr:`self._expkg <DPKT._expkg>`
|
|
79
|
+
as :mod:`dpkt` and :attr:`self._extmp <DPKT._extmp>`
|
|
80
|
+
as an iterator from :class:`dpkt.pcap.Reader`.
|
|
81
|
+
|
|
82
|
+
Warns:
|
|
83
|
+
AttributeWarning: If :attr:`self.extractor._exlyr <pcapkit.foundation.extraction.Extractor._exlyr>`
|
|
84
|
+
and/or :attr:`self.extractor._exptl <pcapkit.foundation.extraction.Extractor._exptl>`
|
|
85
|
+
is provided as the DPKT engine currently does not support such operations.
|
|
86
|
+
|
|
87
|
+
Raises:
|
|
88
|
+
FormatError: If the file format is not supported, i.e., not a PCAP
|
|
89
|
+
and/or PCAP-NG file.
|
|
90
|
+
|
|
91
|
+
"""
|
|
92
|
+
from pcapkit.foundation.engines.pcap import PCAP
|
|
93
|
+
from pcapkit.foundation.engines.pcapng import PCAPNG
|
|
94
|
+
|
|
95
|
+
ext = self._extractor
|
|
96
|
+
dpkt = self._expkg
|
|
97
|
+
|
|
98
|
+
if ext._exlyr != 'none' or ext._exptl != 'null':
|
|
99
|
+
warn("'Extractor(engine=dpkt)' does not support protocol and layer threshold; "
|
|
100
|
+
f"'layer={ext._exlyr}' and 'protocol={ext._exptl}' ignored",
|
|
101
|
+
AttributeWarning, stacklevel=stacklevel())
|
|
102
|
+
|
|
103
|
+
# setup verbose handler
|
|
104
|
+
if ext._flag_v:
|
|
105
|
+
from pcapkit.toolkit.dpkt import packet2chain # isort:skip
|
|
106
|
+
ext._vfunc = lambda e, f: print(
|
|
107
|
+
f'Frame {e._frnum:>3d}: {packet2chain(f)}' # pylint: disable=protected-access
|
|
108
|
+
) # pylint: disable=logging-fstring-interpolation
|
|
109
|
+
|
|
110
|
+
if ext.magic_number in PCAP.MAGIC_NUMBER:
|
|
111
|
+
reader = dpkt.pcap.Reader(ext._ifile)
|
|
112
|
+
elif ext.magic_number in PCAPNG.MAGIC_NUMBER:
|
|
113
|
+
reader = dpkt.pcapng.Reader(ext._ifile)
|
|
114
|
+
else:
|
|
115
|
+
raise FormatError(f'unsupported file format: {ext.magic_number!r}')
|
|
116
|
+
|
|
117
|
+
# extract & analyse file
|
|
118
|
+
self._extmp = reader
|
|
119
|
+
|
|
120
|
+
def read_frame(self) -> 'DPKTPacket':
|
|
121
|
+
"""Read frames with DPKT engine.
|
|
122
|
+
|
|
123
|
+
Returns:
|
|
124
|
+
Parsed frame instance.
|
|
125
|
+
|
|
126
|
+
See Also:
|
|
127
|
+
Please refer to :meth:`PCAP.read_frame <pcapkit.foundation.engines.pcap.PCAP.read_frame>`
|
|
128
|
+
for more operational information.
|
|
129
|
+
|
|
130
|
+
"""
|
|
131
|
+
from pcapkit.toolkit.dpkt import (ipv4_reassembly, ipv6_reassembly, packet2dict,
|
|
132
|
+
tcp_reassembly, tcp_traceflow)
|
|
133
|
+
ext = self._extractor
|
|
134
|
+
|
|
135
|
+
reader = self._extmp
|
|
136
|
+
linktype = Enum_LinkType.get(reader.datalink())
|
|
137
|
+
|
|
138
|
+
# fetch DPKT packet
|
|
139
|
+
timestamp, pkt = cast('tuple[float, bytes]', next(reader))
|
|
140
|
+
protocol = self._get_protocol(linktype)
|
|
141
|
+
packet = protocol(pkt) # type: DPKTPacket
|
|
142
|
+
|
|
143
|
+
# verbose output
|
|
144
|
+
ext._frnum += 1
|
|
145
|
+
ext._vfunc(ext, packet)
|
|
146
|
+
|
|
147
|
+
# write plist
|
|
148
|
+
frnum = f'Frame {ext._frnum}'
|
|
149
|
+
if not ext._flag_q:
|
|
150
|
+
info = packet2dict(packet, timestamp, data_link=linktype)
|
|
151
|
+
if ext._flag_f:
|
|
152
|
+
ofile = ext._ofile(f'{ext._ofnm}/{frnum}.{ext._fext}')
|
|
153
|
+
ofile(info, name=frnum)
|
|
154
|
+
else:
|
|
155
|
+
ext._ofile(info, name=frnum)
|
|
156
|
+
ofile = ext._ofile
|
|
157
|
+
ext._offmt = ofile.kind
|
|
158
|
+
|
|
159
|
+
# record fragments
|
|
160
|
+
if ext._flag_r:
|
|
161
|
+
if ext._ipv4:
|
|
162
|
+
data_ipv4 = ipv4_reassembly(packet, count=ext._frnum)
|
|
163
|
+
if data_ipv4 is not None:
|
|
164
|
+
ext._reasm.ipv4(data_ipv4)
|
|
165
|
+
if ext._ipv6:
|
|
166
|
+
data_ipv6 = ipv6_reassembly(packet, count=ext._frnum)
|
|
167
|
+
if data_ipv6 is not None:
|
|
168
|
+
ext._reasm.ipv6(data_ipv6)
|
|
169
|
+
if ext._tcp:
|
|
170
|
+
data_tcp = tcp_reassembly(packet, count=ext._frnum)
|
|
171
|
+
if data_tcp is not None:
|
|
172
|
+
ext._reasm.tcp(data_tcp)
|
|
173
|
+
|
|
174
|
+
# trace flows
|
|
175
|
+
if ext._flag_t:
|
|
176
|
+
if ext._tcp:
|
|
177
|
+
data_tf_tcp = tcp_traceflow(packet, timestamp, data_link=linktype, count=ext._frnum)
|
|
178
|
+
if data_tf_tcp is not None:
|
|
179
|
+
ext._trace.tcp(data_tf_tcp)
|
|
180
|
+
|
|
181
|
+
# record frames
|
|
182
|
+
if ext._flag_d:
|
|
183
|
+
# setattr(packet, 'packet2dict', packet2dict)
|
|
184
|
+
# setattr(packet, 'packet2chain', packet2chain)
|
|
185
|
+
ext._frame.append(packet)
|
|
186
|
+
|
|
187
|
+
# return frame record
|
|
188
|
+
return packet
|
|
189
|
+
|
|
190
|
+
##########################################################################
|
|
191
|
+
# Utilities.
|
|
192
|
+
##########################################################################
|
|
193
|
+
|
|
194
|
+
def _get_protocol(self, linktype: 'Optional[Enum_LinkType]' = None) -> 'Type[DPKTPacket]':
|
|
195
|
+
"""Returns the protocol for parsing the current packet.
|
|
196
|
+
|
|
197
|
+
Args:
|
|
198
|
+
linktype: Link type code.
|
|
199
|
+
|
|
200
|
+
"""
|
|
201
|
+
dpkt = self._expkg
|
|
202
|
+
reader = self._extmp
|
|
203
|
+
|
|
204
|
+
if linktype is None:
|
|
205
|
+
linktype = Enum_LinkType.get(reader.datalink())
|
|
206
|
+
|
|
207
|
+
if linktype == Enum_LinkType.ETHERNET:
|
|
208
|
+
pkg = dpkt.ethernet.Ethernet
|
|
209
|
+
elif linktype.value == Enum_LinkType.IPV4:
|
|
210
|
+
pkg = dpkt.ip.IP
|
|
211
|
+
elif linktype.value == Enum_LinkType.IPV6:
|
|
212
|
+
pkg = dpkt.ip6.IP6
|
|
213
|
+
else:
|
|
214
|
+
warn('unrecognised link layer protocol; all analysis functions ignored',
|
|
215
|
+
DPKTWarning, stacklevel=stacklevel())
|
|
216
|
+
|
|
217
|
+
class RawPacket(dpkt.dpkt.Packet): # type: ignore[name-defined]
|
|
218
|
+
"""Raw packet."""
|
|
219
|
+
|
|
220
|
+
def __len__(ext) -> 'int':
|
|
221
|
+
return len(ext.data)
|
|
222
|
+
|
|
223
|
+
def __bytes__(ext) -> 'bytes':
|
|
224
|
+
return ext.data
|
|
225
|
+
|
|
226
|
+
def unpack(ext, buf: 'bytes') -> 'None':
|
|
227
|
+
ext.data = buf
|
|
228
|
+
|
|
229
|
+
pkg = RawPacket
|
|
230
|
+
return pkg
|
|
@@ -0,0 +1,194 @@
|
|
|
1
|
+
# -*- coding: utf-8 -*-
|
|
2
|
+
"""Base Class
|
|
3
|
+
================
|
|
4
|
+
|
|
5
|
+
.. module:: pcapkit.foundation.engines.engine
|
|
6
|
+
|
|
7
|
+
This is the abstract base class implementation for
|
|
8
|
+
all engine support functionality.
|
|
9
|
+
|
|
10
|
+
"""
|
|
11
|
+
import abc
|
|
12
|
+
from typing import TYPE_CHECKING, Generic, TypeVar, cast
|
|
13
|
+
|
|
14
|
+
__all__ = ['Engine']
|
|
15
|
+
|
|
16
|
+
if TYPE_CHECKING:
|
|
17
|
+
from typing import Any, Optional
|
|
18
|
+
|
|
19
|
+
from pcapkit.foundation.extraction import Extractor
|
|
20
|
+
|
|
21
|
+
_T = TypeVar('_T')
|
|
22
|
+
|
|
23
|
+
|
|
24
|
+
class EngineMeta(abc.ABCMeta, Generic[_T]):
|
|
25
|
+
"""Meta class to add dynamic support to :class:`EngineBase`.
|
|
26
|
+
|
|
27
|
+
This meta class is used to generate necessary attributes for the
|
|
28
|
+
:class:`EngineBase` class. It can be useful to reduce unnecessary
|
|
29
|
+
registry calls and simplify the customisation process.
|
|
30
|
+
|
|
31
|
+
"""
|
|
32
|
+
if TYPE_CHECKING:
|
|
33
|
+
#: Engine name.
|
|
34
|
+
__engine_name__: 'str'
|
|
35
|
+
#: Engine module name.
|
|
36
|
+
__engine_module__: 'str'
|
|
37
|
+
|
|
38
|
+
@property
|
|
39
|
+
def name(cls) -> 'str':
|
|
40
|
+
"""Engine name."""
|
|
41
|
+
if hasattr(cls, '__engine_name__'):
|
|
42
|
+
return cls.__engine_name__
|
|
43
|
+
return cls.__name__
|
|
44
|
+
|
|
45
|
+
@property
|
|
46
|
+
def module(cls) -> 'str':
|
|
47
|
+
"""Engine module name."""
|
|
48
|
+
if hasattr(cls, '__engine_module__'):
|
|
49
|
+
return cls.__engine_module__
|
|
50
|
+
return cls.__module__
|
|
51
|
+
|
|
52
|
+
|
|
53
|
+
class EngineBase(Generic[_T], metaclass=EngineMeta):
|
|
54
|
+
"""Base class for engine support.
|
|
55
|
+
|
|
56
|
+
Args:
|
|
57
|
+
extractor: :class:`~pcapkit.foundation.extraction.Extractor` instance.
|
|
58
|
+
|
|
59
|
+
Note:
|
|
60
|
+
This class is for internal use only. For customisation, please use
|
|
61
|
+
:class:`Engine` instead.
|
|
62
|
+
|
|
63
|
+
"""
|
|
64
|
+
if TYPE_CHECKING:
|
|
65
|
+
#: Engine name.
|
|
66
|
+
__engine_name__: 'str'
|
|
67
|
+
#: Engine module name.
|
|
68
|
+
__engine_module__: 'str'
|
|
69
|
+
|
|
70
|
+
##########################################################################
|
|
71
|
+
# Properties.
|
|
72
|
+
##########################################################################
|
|
73
|
+
|
|
74
|
+
@property
|
|
75
|
+
def name(self) -> 'str':
|
|
76
|
+
"""Engine name.
|
|
77
|
+
|
|
78
|
+
Note:
|
|
79
|
+
This property is not available as a class
|
|
80
|
+
attribute.
|
|
81
|
+
|
|
82
|
+
"""
|
|
83
|
+
if hasattr(self, '__engine_name__'):
|
|
84
|
+
return self.__engine_name__
|
|
85
|
+
return type(self).name # type: ignore[return-value]
|
|
86
|
+
|
|
87
|
+
@property
|
|
88
|
+
def module(self) -> 'str':
|
|
89
|
+
"""Engine module name.
|
|
90
|
+
|
|
91
|
+
Note:
|
|
92
|
+
This property is not available as a class
|
|
93
|
+
attribute.
|
|
94
|
+
|
|
95
|
+
"""
|
|
96
|
+
if hasattr(self, '__engine_module__'):
|
|
97
|
+
return self.__engine_module__
|
|
98
|
+
return type(self).module # type: ignore[return-value]
|
|
99
|
+
|
|
100
|
+
@property
|
|
101
|
+
def extractor(self) -> 'Extractor':
|
|
102
|
+
"""Extractor instance."""
|
|
103
|
+
return self._extractor
|
|
104
|
+
|
|
105
|
+
##########################################################################
|
|
106
|
+
# Data models.
|
|
107
|
+
##########################################################################
|
|
108
|
+
|
|
109
|
+
def __init__(self, extractor: 'Extractor') -> 'None':
|
|
110
|
+
self._extractor = extractor
|
|
111
|
+
|
|
112
|
+
def __call__(self) -> 'None':
|
|
113
|
+
"""Start extraction.
|
|
114
|
+
|
|
115
|
+
This method will directly call :meth:`run` to start the
|
|
116
|
+
extraction process.
|
|
117
|
+
|
|
118
|
+
"""
|
|
119
|
+
self.run()
|
|
120
|
+
|
|
121
|
+
##########################################################################
|
|
122
|
+
# Methods.
|
|
123
|
+
##########################################################################
|
|
124
|
+
|
|
125
|
+
@abc.abstractmethod
|
|
126
|
+
def run(self) -> 'None':
|
|
127
|
+
"""Start extraction.
|
|
128
|
+
|
|
129
|
+
This method is the entry point for file extraction. It is to be used
|
|
130
|
+
for preparing the extraction process, such as parsing the file header
|
|
131
|
+
and setting up the extraction engines.
|
|
132
|
+
|
|
133
|
+
"""
|
|
134
|
+
|
|
135
|
+
@abc.abstractmethod
|
|
136
|
+
def read_frame(self) -> '_T':
|
|
137
|
+
"""Read frame.
|
|
138
|
+
|
|
139
|
+
This method is to be used for reading a frame from the file. It is to
|
|
140
|
+
read a frame from the file using the prepared engine instance and
|
|
141
|
+
return the parsed frame.
|
|
142
|
+
|
|
143
|
+
"""
|
|
144
|
+
|
|
145
|
+
def close(self) -> 'None':
|
|
146
|
+
"""Close engine.
|
|
147
|
+
|
|
148
|
+
This method is to be used for closing the engine instance. It is to
|
|
149
|
+
close the engine instance after the extraction process is finished.
|
|
150
|
+
|
|
151
|
+
"""
|
|
152
|
+
|
|
153
|
+
|
|
154
|
+
class Engine(EngineBase[_T], Generic[_T]):
|
|
155
|
+
"""Base class for engine support.
|
|
156
|
+
|
|
157
|
+
Example:
|
|
158
|
+
|
|
159
|
+
Use keyword argument ``name`` to specify the engine name at
|
|
160
|
+
class definition:
|
|
161
|
+
|
|
162
|
+
.. code-block:: python
|
|
163
|
+
|
|
164
|
+
class MyEngine(Engine, name='my_engine'):
|
|
165
|
+
...
|
|
166
|
+
|
|
167
|
+
Args:
|
|
168
|
+
extractor: :class:`~pcapkit.foundation.extraction.Extractor` instance.
|
|
169
|
+
|
|
170
|
+
"""
|
|
171
|
+
|
|
172
|
+
def __init_subclass__(cls, /, name: 'Optional[str]' = None, *args: 'Any', **kwargs: 'Any') -> 'None':
|
|
173
|
+
"""Initialise subclass.
|
|
174
|
+
|
|
175
|
+
This method is to be used for registering the engine class to
|
|
176
|
+
:class:`~pcapkit.foundation.extraction.Extractor` class.
|
|
177
|
+
|
|
178
|
+
Args:
|
|
179
|
+
name: Engine name, default to class name.
|
|
180
|
+
*args: Arbitrary positional arguments.
|
|
181
|
+
**kwargs: Arbitrary keyword arguments.
|
|
182
|
+
|
|
183
|
+
See Also:
|
|
184
|
+
For more details, please refer to
|
|
185
|
+
:meth:`pcapkit.foundation.extraction.Extractor.register_engine`.
|
|
186
|
+
|
|
187
|
+
"""
|
|
188
|
+
if name is None:
|
|
189
|
+
name = cast('str', cls.name)
|
|
190
|
+
|
|
191
|
+
from pcapkit.foundation.extraction import Extractor
|
|
192
|
+
Extractor.register_engine(name.lower(), cls)
|
|
193
|
+
|
|
194
|
+
return super().__init_subclass__()
|