traffic-taffy 0.9.1__tar.gz → 0.9.3__tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (57) hide show
  1. {traffic_taffy-0.9.1 → traffic_taffy-0.9.3}/PKG-INFO +7 -1
  2. {traffic_taffy-0.9.1 → traffic_taffy-0.9.3}/README.md +6 -0
  3. traffic_taffy-0.9.3/traffic_taffy/__init__.py +1 -0
  4. {traffic_taffy-0.9.1 → traffic_taffy-0.9.3}/traffic_taffy/algorithms/statistical.py +4 -1
  5. {traffic_taffy-0.9.1 → traffic_taffy-0.9.3}/traffic_taffy/dissector.py +2 -0
  6. {traffic_taffy-0.9.1 → traffic_taffy-0.9.3}/traffic_taffy/hooks/ip2asn.py +8 -3
  7. {traffic_taffy-0.9.1 → traffic_taffy-0.9.3}/traffic_taffy/hooks/labels.py +2 -0
  8. {traffic_taffy-0.9.1 → traffic_taffy-0.9.3}/traffic_taffy/hooks/psl.py +8 -3
  9. {traffic_taffy-0.9.1 → traffic_taffy-0.9.3}/traffic_taffy/tools/config.py +39 -39
  10. traffic_taffy-0.9.1/traffic_taffy/__init__.py +0 -1
  11. {traffic_taffy-0.9.1 → traffic_taffy-0.9.3}/.gitignore +0 -0
  12. {traffic_taffy-0.9.1 → traffic_taffy-0.9.3}/LICENSE.txt +0 -0
  13. {traffic_taffy-0.9.1 → traffic_taffy-0.9.3}/pyproject.toml +0 -0
  14. {traffic_taffy-0.9.1 → traffic_taffy-0.9.3}/traffic_taffy/algorithms/__init__.py +0 -0
  15. {traffic_taffy-0.9.1 → traffic_taffy-0.9.3}/traffic_taffy/algorithms/comparecorrelation.py +0 -0
  16. {traffic_taffy-0.9.1 → traffic_taffy-0.9.3}/traffic_taffy/algorithms/comparecorrelationchanges.py +0 -0
  17. {traffic_taffy-0.9.1 → traffic_taffy-0.9.3}/traffic_taffy/algorithms/compareseries.py +0 -0
  18. {traffic_taffy-0.9.1 → traffic_taffy-0.9.3}/traffic_taffy/algorithms/compareslices.py +0 -0
  19. {traffic_taffy-0.9.1 → traffic_taffy-0.9.3}/traffic_taffy/compare.py +0 -0
  20. {traffic_taffy-0.9.1 → traffic_taffy-0.9.3}/traffic_taffy/comparison.py +0 -0
  21. {traffic_taffy-0.9.1 → traffic_taffy-0.9.3}/traffic_taffy/config.py +0 -0
  22. {traffic_taffy-0.9.1 → traffic_taffy-0.9.3}/traffic_taffy/dissection.py +0 -0
  23. {traffic_taffy-0.9.1 → traffic_taffy-0.9.3}/traffic_taffy/dissectmany.py +0 -0
  24. {traffic_taffy-0.9.1 → traffic_taffy-0.9.3}/traffic_taffy/dissector_engine/__init__.py +0 -0
  25. {traffic_taffy-0.9.1 → traffic_taffy-0.9.3}/traffic_taffy/dissector_engine/dnstap.py +0 -0
  26. {traffic_taffy-0.9.1 → traffic_taffy-0.9.3}/traffic_taffy/dissector_engine/dpkt.py +0 -0
  27. {traffic_taffy-0.9.1 → traffic_taffy-0.9.3}/traffic_taffy/dissector_engine/scapy.py +0 -0
  28. {traffic_taffy-0.9.1 → traffic_taffy-0.9.3}/traffic_taffy/graph.py +0 -0
  29. {traffic_taffy-0.9.1 → traffic_taffy-0.9.3}/traffic_taffy/graphdata.py +0 -0
  30. {traffic_taffy-0.9.1 → traffic_taffy-0.9.3}/traffic_taffy/hooks/__init__.py +0 -0
  31. {traffic_taffy-0.9.1 → traffic_taffy-0.9.3}/traffic_taffy/iana/tables.msgpak +0 -0
  32. {traffic_taffy-0.9.1 → traffic_taffy-0.9.3}/traffic_taffy/output/__init__.py +0 -0
  33. {traffic_taffy-0.9.1 → traffic_taffy-0.9.3}/traffic_taffy/output/console.py +0 -0
  34. {traffic_taffy-0.9.1 → traffic_taffy-0.9.3}/traffic_taffy/output/fsdb.py +0 -0
  35. {traffic_taffy-0.9.1 → traffic_taffy-0.9.3}/traffic_taffy/output/memory.py +0 -0
  36. {traffic_taffy-0.9.1 → traffic_taffy-0.9.3}/traffic_taffy/reports/__init__.py +0 -0
  37. {traffic_taffy-0.9.1 → traffic_taffy-0.9.3}/traffic_taffy/reports/compareslicesreport.py +0 -0
  38. {traffic_taffy-0.9.1 → traffic_taffy-0.9.3}/traffic_taffy/reports/correlationchangereport.py +0 -0
  39. {traffic_taffy-0.9.1 → traffic_taffy-0.9.3}/traffic_taffy/reports/correlationreport.py +0 -0
  40. {traffic_taffy-0.9.1 → traffic_taffy-0.9.3}/traffic_taffy/taffy_config.py +0 -0
  41. {traffic_taffy-0.9.1 → traffic_taffy-0.9.3}/traffic_taffy/tests/test_compare_results.py +0 -0
  42. {traffic_taffy-0.9.1 → traffic_taffy-0.9.3}/traffic_taffy/tests/test_config.py +0 -0
  43. {traffic_taffy-0.9.1 → traffic_taffy-0.9.3}/traffic_taffy/tests/test_dict_merge.py +0 -0
  44. {traffic_taffy-0.9.1 → traffic_taffy-0.9.3}/traffic_taffy/tests/test_global_config.py +0 -0
  45. {traffic_taffy-0.9.1 → traffic_taffy-0.9.3}/traffic_taffy/tests/test_hooks.py +0 -0
  46. {traffic_taffy-0.9.1 → traffic_taffy-0.9.3}/traffic_taffy/tests/test_normalize.py +0 -0
  47. {traffic_taffy-0.9.1 → traffic_taffy-0.9.3}/traffic_taffy/tests/test_pcap_dissector.py +0 -0
  48. {traffic_taffy-0.9.1 → traffic_taffy-0.9.3}/traffic_taffy/tests/test_pcap_splitter.py +0 -0
  49. {traffic_taffy-0.9.1 → traffic_taffy-0.9.3}/traffic_taffy/tests/test_splitter.py +0 -0
  50. {traffic_taffy-0.9.1 → traffic_taffy-0.9.3}/traffic_taffy/tests/test_value_printing.py +0 -0
  51. {traffic_taffy-0.9.1 → traffic_taffy-0.9.3}/traffic_taffy/tools/__init__.py +0 -0
  52. {traffic_taffy-0.9.1 → traffic_taffy-0.9.3}/traffic_taffy/tools/cache_info.py +0 -0
  53. {traffic_taffy-0.9.1 → traffic_taffy-0.9.3}/traffic_taffy/tools/compare.py +0 -0
  54. {traffic_taffy-0.9.1 → traffic_taffy-0.9.3}/traffic_taffy/tools/dissect.py +0 -0
  55. {traffic_taffy-0.9.1 → traffic_taffy-0.9.3}/traffic_taffy/tools/explore.py +0 -0
  56. {traffic_taffy-0.9.1 → traffic_taffy-0.9.3}/traffic_taffy/tools/export.py +0 -0
  57. {traffic_taffy-0.9.1 → traffic_taffy-0.9.3}/traffic_taffy/tools/graph.py +0 -0
{traffic_taffy-0.9.1 → traffic_taffy-0.9.3}/PKG-INFO RENAMED
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.1
2
2
  Name: traffic-taffy
3
- Version: 0.9.1
3
+ Version: 0.9.3
4
4
  Summary: A tool for doing differential analysis of pcap files
5
5
  Project-URL: Homepage, https://traffic-taffy.github.io/
6
6
  Author-email: Wes Hardaker <opensource@hardakers.net>
@@ -56,6 +56,12 @@ might be coming that will cause merge conflicts.
56
56
 
57
57
  # Copyright and License
58
58
 
59
+ Traffic-taffy was created by [Wes Hardaker], a computer scientist at
60
+ [USC/ISI], with support from the Comcast Innovation Fund.
61
+
62
+ [Wes Hardaker]: https://ant.isi.edu/~hardaker/
63
+ [USC/ISI]: https://www.isi.edu/
64
+
59
65
  This project is copyrighted by the University of Southern California,
60
66
  Information Sciences institute. It is released under the Apache 2.0
61
67
  license.
{traffic_taffy-0.9.1 → traffic_taffy-0.9.3}/README.md RENAMED
@@ -28,6 +28,12 @@ might be coming that will cause merge conflicts.
28
28
 
29
29
  # Copyright and License
30
30
 
31
+ Traffic-taffy was created by [Wes Hardaker], a computer scientist at
32
+ [USC/ISI], with support from the Comcast Innovation Fund.
33
+
34
+ [Wes Hardaker]: https://ant.isi.edu/~hardaker/
35
+ [USC/ISI]: https://www.isi.edu/
36
+
31
37
  This project is copyrighted by the University of Southern California,
32
38
  Information Sciences institute. It is released under the Apache 2.0
33
39
  license.
traffic_taffy-0.9.3/traffic_taffy/__init__.py ADDED
@@ -0,0 +1 @@
1
+ __VERSION__ = "0.9.3"
{traffic_taffy-0.9.1 → traffic_taffy-0.9.3}/traffic_taffy/algorithms/statistical.py RENAMED
@@ -64,7 +64,10 @@ class ComparisonStatistical(ComparisonSlicesAlgorithm):
64
64
  left_count = 0
65
65
  right_count = right_side[key][subkey]
66
66
  left_percentage = 0.0
67
- right_percentage = right_side[key][subkey] / right_side_total
67
+ if right_side_total == 0:
68
+ right_percentage = 100
69
+ else:
70
+ right_percentage = right_side[key][subkey] / right_side_total
68
71
  new_right_count += 1 # this value wasn't in the left
69
72
 
70
73
  report[key][subkey] = CompareSlicesReport(
{traffic_taffy-0.9.1 → traffic_taffy-0.9.3}/traffic_taffy/dissector.py RENAMED
@@ -47,6 +47,7 @@ class TTL_CFG:
47
47
 
48
48
 
49
49
  POST_DISSECT_HOOK: str = "post_dissect"
50
+ INIT_HOOK: str = "init_hooks"
50
51
 
51
52
 
52
53
  def dissector_default(name: str, value: Any) -> None:
@@ -455,6 +456,7 @@ def dissector_handle_arguments(args) -> None:
455
456
  """Handle checking and loading arguments."""
456
457
  check_dissector_level(args.dissection_level)
457
458
  dissector_load_extra_modules(args.modules)
459
+ call_hooks(INIT_HOOK)
458
460
 
459
461
 
460
462
  def dissector_load_extra_modules(modules: List[str]) -> None:
{traffic_taffy-0.9.1 → traffic_taffy-0.9.3}/traffic_taffy/hooks/ip2asn.py RENAMED
@@ -3,7 +3,7 @@ from logging import error, info, debug
3
3
  import ip2asn
4
4
 
5
5
  from traffic_taffy.hooks import register_hook
6
- from traffic_taffy.dissector import POST_DISSECT_HOOK
6
+ from traffic_taffy.dissector import POST_DISSECT_HOOK, INIT_HOOK
7
7
  from traffic_taffy.dissection import Dissection
8
8
  from traffic_taffy.taffy_config import taffy_default, TaffyConfig
9
9
 
@@ -12,8 +12,8 @@ i2a = None
12
12
  taffy_default("modules.ip2asn.database", "ip2asn-combined.tsv")
13
13
 
14
14
 
15
- @register_hook(POST_DISSECT_HOOK)
16
- def ip_to_asn(dissection: Dissection, **kwargs):
15
+ @register_hook(INIT_HOOK)
16
+ def init_ip2asn(**kwargs):
17
17
  global i2a
18
18
 
19
19
  if i2a is None:
@@ -28,6 +28,11 @@ def ip_to_asn(dissection: Dissection, **kwargs):
28
28
  i2a = ip2asn.IP2ASN(db_path)
29
29
  info(" ... loaded")
30
30
 
31
+
32
+ @register_hook(POST_DISSECT_HOOK)
33
+ def ip_to_asn(dissection: Dissection, **kwargs):
34
+ init_ip2asn()
35
+
31
36
  timestamps = dissection.data.keys()
32
37
 
33
38
  for timestamp in timestamps:
{traffic_taffy-0.9.1 → traffic_taffy-0.9.3}/traffic_taffy/hooks/labels.py RENAMED
@@ -30,6 +30,8 @@ def split_dns_names(dissection: Dissection, **kwargs):
30
30
  parts = value.split(".")
31
31
  if parts[-1] == "":
32
32
  parts = parts[:-1] # drop the empty end "." split
33
+ if len(parts) == 0:
34
+ continue
33
35
  dissection.data[timestamp][key + "_tld"][parts[-1]] += count
34
36
  if len(parts) > 1:
35
37
  dissection.data[timestamp][key + "_sld"][parts[-2]] += count
{traffic_taffy-0.9.1 → traffic_taffy-0.9.3}/traffic_taffy/hooks/psl.py RENAMED
@@ -2,7 +2,7 @@ from logging import info
2
2
  import dnssplitter
3
3
 
4
4
  from traffic_taffy.hooks import register_hook
5
- from traffic_taffy.dissector import POST_DISSECT_HOOK
5
+ from traffic_taffy.dissector import POST_DISSECT_HOOK, INIT_HOOK
6
6
  from traffic_taffy.dissection import Dissection
7
7
  from traffic_taffy.taffy_config import taffy_default, TaffyConfig
8
8
 
@@ -11,8 +11,8 @@ splitter = None
11
11
  taffy_default("modules.psl.database", "__internal__")
12
12
 
13
13
 
14
- @register_hook(POST_DISSECT_HOOK)
15
- def split_dns_names(dissection: Dissection, **kwargs):
14
+ @register_hook(INIT_HOOK)
15
+ def init_splitter(**kwargs):
16
16
  global splitter
17
17
 
18
18
  if not splitter:
@@ -28,6 +28,11 @@ def split_dns_names(dissection: Dissection, **kwargs):
28
28
  info(f"loading PSL from {path}")
29
29
  splitter.load_psl_file(path)
30
30
 
31
+
32
+ @register_hook(POST_DISSECT_HOOK)
33
+ def split_dns_names(dissection: Dissection, **kwargs):
34
+ init_splitter()
35
+
31
36
  timestamps = dissection.data.keys()
32
37
 
33
38
  for timestamp in timestamps:
{traffic_taffy-0.9.1 → traffic_taffy-0.9.3}/traffic_taffy/tools/config.py RENAMED
@@ -33,48 +33,48 @@ except ModuleNotFoundError:
33
33
  logging.debug("psl module not loadable")
34
34
 
35
35
 
36
+ def taffy_config_parse_args() -> Namespace:
37
+ """Parse the command line arguments."""
38
+
39
+ config: TaffyConfig = TaffyConfig()
40
+ config.config_option_names = ["-y", "--config"]
41
+ config[TT_CFG.LOG_LEVEL] = "info"
42
+
43
+ config.read_configfile_from_arguments(sys.argv)
44
+
45
+ parser = ArgumentParser(
46
+ formatter_class=RichHelpFormatter,
47
+ description=__doc__,
48
+ epilog="Example Usage: taffy-config > defaults.yml",
49
+ )
50
+
51
+ parser.add_argument(
52
+ "-y",
53
+ "--config",
54
+ default=None,
55
+ type=str,
56
+ help="Configuration file (YAML) to load.",
57
+ )
58
+
59
+ parser.add_argument(
60
+ "--log-level",
61
+ "--ll",
62
+ default="info",
63
+ help="Define the logging verbosity level (debug, info, warning, error, fotal, critical).",
64
+ )
65
+
66
+ args = parser.parse_args()
67
+ log_level = args.log_level.upper()
68
+ logging.basicConfig(level=log_level, format="%(levelname)-10s:\t%(message)s")
69
+
70
+ config.load_namespace(args)
71
+ return config
72
+
73
+
36
74
  def main() -> None:
37
75
  """Dissect a pcap file and report contents."""
38
76
 
39
- def parse_args() -> Namespace:
40
- """Parse the command line arguments."""
41
-
42
- config: TaffyConfig = TaffyConfig()
43
- config.config_option_names = ["-y", "--config"]
44
- config[TT_CFG.LOG_LEVEL] = "info"
45
-
46
- config.read_configfile_from_arguments(sys.argv)
47
-
48
- parser = ArgumentParser(
49
- formatter_class=RichHelpFormatter,
50
- description=__doc__,
51
- epilog="Example Usage: taffy-config > defaults.yml",
52
- )
53
-
54
- parser.add_argument(
55
- "-y",
56
- "--config",
57
- default=None,
58
- type=str,
59
- help="Configuration file (YAML) to load.",
60
- )
61
-
62
- parser.add_argument(
63
- "--log-level",
64
- "--ll",
65
- default="info",
66
- help="Define the logging verbosity level (debug, info, warning, error, fotal, critical).",
67
- )
68
-
69
- args = parser.parse_args()
70
- log_level = args.log_level.upper()
71
- logging.basicConfig(level=log_level, format="%(levelname)-10s:\t%(message)s")
72
-
73
- config.load_namespace(args)
74
- return config
75
-
76
- config = parse_args()
77
- config.as_namespace()
77
+ config = taffy_config_parse_args()
78
78
 
79
79
  print(yaml.dump(dict(config)))
80
80
 
traffic_taffy-0.9.1/traffic_taffy/__init__.py DELETED
@@ -1 +0,0 @@
1
- __VERSION__ = "0.9.1"
{traffic_taffy-0.9.1 → traffic_taffy-0.9.3}/.gitignore RENAMED
File without changes
{traffic_taffy-0.9.1 → traffic_taffy-0.9.3}/LICENSE.txt RENAMED
File without changes