traffic-taffy 0.3.6__py3-none-any.whl → 0.4.1__py3-none-any.whl

traffic_taffy/output/fsdb.py

@@ -0,0 +1,50 @@
+import sys
+import pyfsdb
+
+from traffic_taffy.output import Output
+from traffic_taffy.dissection import Dissection
+
+
+class Fsdb(Output):
+    def __init__(self, *args, **kwargs):
+        super().__init__(*args, **kwargs)
+        self.console = None
+        self.have_done_header = False
+        self.in_report = None
+
+        self.fsdb = pyfsdb.Fsdb(out_file_handle=sys.stdout)
+        self.fsdb.out_column_names = [
+            "report",
+            "Key",
+            "subkey",
+            "left",
+            "right",
+            "delta",
+            "left_fraction",
+            "right_fraction",
+            "delta_fraction",
+        ]
+        self.fsdb.converters = [str, str, str, int, int, int, float, float, float]
+
+    def output_start(self, report):
+        "Prints the header about columns being displayed"
+        # This should match the spacing in print_contents()
+        self.in_report = report.title
+
+    def output_record(self, key, subkey, data) -> None:
+        "prints a report to the console"
+
+        subkey = Dissection.make_printable(key, subkey)
+        self.fsdb.append(
+            [
+                self.in_report,
+                key,
+                subkey,
+                data["left_count"],
+                data["right_count"],
+                data["delta_absolute"],
+                data["left_percentage"],
+                data["right_percentage"],
+                data["delta_percentage"],
+            ]
+        )

traffic_taffy/output/memory.py

@@ -0,0 +1,51 @@
+from collections import defaultdict
+
+from traffic_taffy.output import Output
+from traffic_taffy.dissection import Dissection
+
+
+class Memory(Output):
+    def __init__(self, *args, **kwargs):
+        super().__init__(*args, **kwargs)
+        self.console = None
+        self.have_done_header = False
+        self.title = kwargs.get("title", "")
+        self.memory = None
+
+    @property
+    def title(self):
+        return self._title
+
+    @title.setter
+    def title(self, new_title):
+        self._title = new_title
+
+    @property
+    def memory(self):
+        return self._memory
+
+    @memory.setter
+    def memory(self, new_memory):
+        self._memory = new_memory
+
+    def output_start(self, report):
+        "Prints the header about columns being displayed"
+        # This should match the spacing in print_contents()
+        self.title = report.title
+        self.memory = defaultdict(list)
+
+    def output_record(self, key, subkey, data) -> None:
+        "prints a report to the console"
+
+        subkey = Dissection.make_printable(key, subkey)
+        self.memory[key].append(
+            {
+                "subkey": subkey,
+                "left_count": data["left_count"],
+                "right_count": data["right_count"],
+                "delta_absolute": data["delta_absolute"],
+                "left_percentage": data["left_percentage"],
+                "right_percentage": data["right_percentage"],
+                "delta_percentage": data["delta_percentage"],
+            }
+        )

traffic_taffy/pcap_splitter.py

@@ -3,11 +3,10 @@
 import io
 import os
 import multiprocessing
-from traffic_taffy.dissector import PCAPDissector
 from typing import List
 import dpkt
 from concurrent.futures import ProcessPoolExecutor, Future
-from logging import debug, info
+from logging import debug
 
 
 class PCAPSplitter:
@@ -27,7 +26,6 @@ class PCAPSplitter:
         self.split_size: int = split_size
         self.maximum_count: int = maximum_count
         self.pcap_filter: str | None = pcap_filter
-        self.maximum_cores = maximum_cores
 
         self.header: bytes = None
         self.buffer: bytes = None
@@ -40,46 +38,29 @@ class PCAPSplitter:
         if not os.path.exists(self.pcap_file):
             raise ValueError(f"failed to find pcap file '{self.pcap_file}'")
 
-    def set_split_size(self):
-        "Attempt to calculate a reasonable split size"
-        if self.split_size:
-            info(f"split size already set to {self.split_size}")
-            return self.split_size
+        if not self.split_size:
+            cores = multiprocessing.cpu_count()
+            if maximum_cores and cores > maximum_cores:
+                cores = maximum_cores
 
-        cores = multiprocessing.cpu_count()
-        if self.maximum_cores and cores > self.maximum_cores:
-            cores = self.maximum_cores
-
-        if self.maximum_count and self.maximum_count > 0:
-            # not ideal math, but better than nothing
-            self.split_size = int(self.maximum_count / cores)
-        else:
-            if isinstance(self.our_data, io.BufferedReader):
-                # raw uncompressed file
-                divide_size = 1200
+            if self.maximum_count:
+                # not ideal math, but better than nothing
+                self.split_size = int(self.maximum_count / cores)
             else:
-                # likely a compressed file
-                divide_size = 5000
-
-            # even worse math and assumes generally large packets
-            stats = os.stat(self.pcap_file)
-            file_size = stats.st_size
-            self.split_size = int(file_size / divide_size / cores)
-            debug(
-                f"split info: {file_size=}, {divide_size=}, {cores=}, {self.split_size=}"
-            )
+                # even worse math and assumes generally large packets
+                stats = os.stat(self.pcap_file)
+                file_size = stats.st_size
+                self.split_size = int(file_size / 1200 / cores)
 
-        # even 1000 is kinda silly to split, but is better than nothing
-        self.split_size = max(self.split_size, 1000)
-        debug(f"setting PCAPSplitter split size to {self.split_size} for {cores} cores")
+            # even 1000 is kinda silly to split, but is better than nothing
+            self.split_size = min(self.split_size, 1000)
+            debug(f"setting PCAPSplitter split size to {self.split_size} for {cores}")
 
     def split(self) -> List[io.BytesIO] | List[Future]:
         "Does the actual reading and splitting"
         # open one for the dpkt reader and one for us independently
-        self.our_data = PCAPDissector.open_maybe_compressed(self.pcap_file)
-        self.dpkt_data = PCAPDissector.open_maybe_compressed(self.pcap_file)
-
-        self.set_split_size()
+        self.our_data = open(self.pcap_file, "rb")
+        self.dpkt_data = open(self.pcap_file, "rb")
 
         # read the first 24 bytes which is the pcap header
         self.header = self.our_data.read(24)

traffic_taffy/tools/cache_info.py

@@ -0,0 +1,65 @@
+"""Loads the cached data for a file to display the results about it"""
+
+from argparse import ArgumentParser, ArgumentDefaultsHelpFormatter
+from rich import print
+import logging
+import msgpack
+
+
+def parse_args():
+    "Parse the command line arguments."
+    parser = ArgumentParser(
+        formatter_class=ArgumentDefaultsHelpFormatter,
+        description=__doc__,
+        epilog="Exmaple Usage: ",
+    )
+
+    parser.add_argument(
+        "--log-level",
+        "--ll",
+        default="info",
+        help="Define the logging verbosity level (debug, info, warning, error, fotal, critical).",
+    )
+
+    parser.add_argument(
+        "cache_file",
+        type=str,
+        nargs="+",
+        help="The cache file (or pcap file) to load and display information about",
+    )
+
+    args = parser.parse_args()
+    log_level = args.log_level.upper()
+    logging.basicConfig(level=log_level, format="%(levelname)-10s:\t%(message)s")
+    return args
+
+
+def main():
+    args = parse_args()
+
+    for cache_file in args.cache_file:
+        print(f"===== {cache_file} ======")
+        contents = msgpack.load(open(cache_file, "rb"), strict_map_key=False)
+
+        # play the major keys
+        for key in contents.keys():
+            if key != "dissection" and key != "parameters":
+                print(f"{key:<20} {contents[key]}")
+
+        # then the minors
+        print("parameters:")
+        for key in contents["parameters"]:
+            print(f"    {key:<16} {contents['parameters'][key]}")
+
+        print("data info:")
+        timestamps = list(contents["dissection"].keys())
+        print(f"    timestamps:      {len(timestamps)}")
+        if len(timestamps) > 1:
+            print(f"    first:           {timestamps[1]}")  # skips 0 = global
+            print(f"    last:            {timestamps[-1]}")
+        else:
+            print("                     (only the entire summary timestamp)")
+
+
+if __name__ == "__main__":
+    main()

traffic_taffy/tools/compare.py

@@ -0,0 +1,110 @@
+"""Takes a set of pcap files to compare and creates a report"""
+
+from argparse import ArgumentParser, ArgumentDefaultsHelpFormatter
+import logging
+from traffic_taffy.output.console import Console
+from traffic_taffy.output.fsdb import Fsdb
+
+from traffic_taffy.compare import compare_add_parseargs, get_comparison_args
+from traffic_taffy.dissector import (
+    dissector_add_parseargs,
+    limitor_add_parseargs,
+    check_dissector_level,
+)
+from traffic_taffy.compare import PcapCompare
+
+
+def parse_args():
+    "Parse the command line arguments."
+    parser = ArgumentParser(
+        formatter_class=ArgumentDefaultsHelpFormatter,
+        description=__doc__,
+        epilog="Exmaple Usage: ",
+    )
+
+    output_options = parser.add_argument_group("Output format")
+    output_options.add_argument(
+        "-f",
+        "--fsdb",
+        action="store_true",
+        help="Print results in an FSDB formatted output",
+    )
+
+    limitor_parser = limitor_add_parseargs(parser)
+    compare_add_parseargs(limitor_parser, False)
+    dissector_add_parseargs(parser)
+
+    debugging_group = parser.add_argument_group("Debugging options")
+
+    debugging_group.add_argument(
+        "--log-level",
+        "--ll",
+        default="info",
+        help="Define the logging verbosity level (debug, info, warning, error, ...).",
+    )
+
+    parser.add_argument("pcap_files", type=str, nargs="*", help="PCAP files to analyze")
+
+    args = parser.parse_args()
+    log_level = args.log_level.upper()
+    logging.basicConfig(level=log_level, format="%(levelname)-10s:\t%(message)s")
+
+    check_dissector_level(args.dissection_level)
+
+    return args
+
+
+def main():
+    args = parse_args()
+
+    # setup output options
+    printing_arguments = get_comparison_args(args)
+
+    # get our files to compare (maybe just one)
+    left = args.pcap_files.pop(0)
+    right = None
+    more_than_one = False
+
+    if len(args.pcap_files) > 0:
+        right = args.pcap_files.pop(0)
+        more_than_one = True
+
+    while left:
+        files = [left]
+        if right:
+            files.append(right)
+
+        pc = PcapCompare(
+            files,
+            cache_results=args.cache_pcap_results,
+            cache_file_suffix=args.cache_file_suffix,
+            maximum_count=printing_arguments["maximum_count"],
+            dissection_level=args.dissection_level,
+            between_times=args.between_times,
+            bin_size=args.bin_size,
+            ignore_list=args.ignore_list,
+        )
+
+        # compare the pcaps
+        reports = pc.compare()
+
+        if args.fsdb:
+            output = Fsdb(None, printing_arguments)
+        else:
+            output = Console(None, printing_arguments)
+
+        for report in reports:
+            # output results to the console
+            output.output(report)
+
+        left = right
+        right = None
+        if len(args.pcap_files) > 0:
+            right = args.pcap_files.pop(0)
+
+        if left and not right and more_than_one:
+            left = None
+
+
+if __name__ == "__main__":
+    main()

traffic_taffy/tools/dissect.py

@@ -0,0 +1,77 @@
+from traffic_taffy.dissector import (
+    PCAPDissector,
+    dissector_add_parseargs,
+    limitor_add_parseargs,
+    check_dissector_level,
+)
+
+
+def main():
+    from argparse import ArgumentParser, ArgumentDefaultsHelpFormatter
+    import logging
+
+    def parse_args():
+        "Parse the command line arguments."
+        parser = ArgumentParser(
+            formatter_class=ArgumentDefaultsHelpFormatter,
+            description=__doc__,
+            epilog="Exmaple Usage: ",
+        )
+
+        parser.add_argument(
+            "--log-level",
+            "--ll",
+            default="info",
+            help="Define the logging verbosity level (debug, info, warning, error, fotal, critical).",
+        )
+
+        parser.add_argument(
+            "-f",
+            "--fsdb",
+            action="store_true",
+            help="Print results in an FSDB formatted output",
+        )
+
+        dissector_add_parseargs(parser)
+        limitor_add_parseargs(parser)
+
+        parser.add_argument("input_file", type=str, help="input pcap file")
+
+        args = parser.parse_args()
+        log_level = args.log_level.upper()
+        logging.basicConfig(level=log_level, format="%(levelname)-10s:\t%(message)s")
+        return args
+
+    args = parse_args()
+
+    check_dissector_level(args.dissection_level)
+
+    pd = PCAPDissector(
+        args.input_file,
+        bin_size=args.bin_size,
+        dissector_level=args.dissection_level,
+        maximum_count=args.packet_count,
+        cache_results=args.cache_pcap_results,
+        cache_file_suffix=args.cache_file_suffix,
+        ignore_list=args.ignore_list,
+    )
+    pd.load(force=args.force)
+
+    if args.fsdb:
+        pd.print_to_fsdb(
+            timestamps=[0],
+            match_string=args.match_string,
+            match_value=args.match_value,
+            minimum_count=args.minimum_count,
+        )
+    else:
+        pd.print(
+            timestamps=[0],
+            match_string=args.match_string,
+            match_value=args.match_value,
+            minimum_count=args.minimum_count,
+        )
+
+
+if __name__ == "__main__":
+    main()