traffic-taffy 0.9.2__py3-none-any.whl → 0.9.4__py3-none-any.whl

traffic_taffy/__init__.py

@@ -1 +1 @@
-__VERSION__ = "0.9.2"
+__VERSION__ = "0.9.4"

traffic_taffy/algorithms/statistical.py

@@ -64,7 +64,10 @@ class ComparisonStatistical(ComparisonSlicesAlgorithm):
                     left_count = 0
                     right_count = right_side[key][subkey]
                     left_percentage = 0.0
-                    right_percentage = right_side[key][subkey] / right_side_total
+                    if right_side_total == 0:
+                        right_percentage = 1.0
+                    else:
+                        right_percentage = right_side[key][subkey] / right_side_total
                     new_right_count += 1  # this value wasn't in the left
 
                     report[key][subkey] = CompareSlicesReport(
@@ -78,12 +81,12 @@ class ComparisonStatistical(ComparisonSlicesAlgorithm):
                     )
 
             if right_side_total == 0:
-                right_percent = 100
+                right_percent = 1.0
             else:
                 right_percent = new_right_count / right_side_total
 
             if left_side_total == 0:
-                left_percent = 100
+                left_percent = 1.0
             else:
                 left_percent = new_left_count / left_side_total
 

traffic_taffy/dissector_engine/dpkt.py

@@ -2,7 +2,7 @@
 
 from __future__ import annotations
 
-from logging import debug
+from logging import debug, error
 from traffic_taffy.dissector_engine import DissectionEngine
 from traffic_taffy.dissection import Dissection, PCAPDissectorLevel
 from pcap_parallel import PCAPParallel
@@ -20,6 +20,7 @@ class DissectionEngineDpkt(DissectionEngine):
     def __init__(self, *args: list, **kwargs: dict):
         """Create a dissection engine for quickly parsing and counting packets."""
         super().__init__(*args, **kwargs)
+        self.data_link_type = None
 
     def load_data(self) -> None:
         """Load the specified PCAP into memory."""
@@ -29,6 +30,9 @@ class DissectionEngineDpkt(DissectionEngine):
         else:
             # it's an open handle already
             pcap = dpkt.pcap.Reader(self.pcap_file)
+
+        self.data_link_type = pcap.datalink()
+
         if self.pcap_filter:
             pcap.setfilter(self.pcap_filter)
         pcap.dispatch(self.maximum_count, self.callback)
@@ -144,14 +148,30 @@ class DissectionEngineDpkt(DissectionEngine):
             level = level.value
 
         if level >= PCAPDissectorLevel.THROUGH_IP.value:
-            eth = dpkt.ethernet.Ethernet(packet)
-            # these names are designed to match scapy names
-            self.incr("Ethernet_dst", eth.dst)
-            self.incr("Ethernet_src", eth.src)
-            self.incr("Ethernet_type", eth.type)
-
-            if isinstance(eth.data, dpkt.ip.IP):
-                ip = eth.data
+            if self.data_link_type == 1:
+                # Ethernet based encapsulation
+                eth = dpkt.ethernet.Ethernet(packet)
+                # these names are designed to match scapy names
+                self.incr("Ethernet_dst", eth.dst)
+                self.incr("Ethernet_src", eth.src)
+                self.incr("Ethernet_type", eth.type)
+                data = eth.data
+            elif self.data_link_type == 101:
+                # Raw IP encapsulation
+                if packet[0] == 0x45:
+                    data = dpkt.ip.IP(packet)
+                elif packet[0] == 0x60:
+                    data = dpkt.ip6.IP6(packet)
+                else:
+                    error("Unknown IP version in data")
+                    raise ValueError("unknown IP version")
+            else:
+                error(f"unknown link type: {self.data_link_type}")
+                raise ValueError("unknown link type")
+
+            # TODO(hardaker): add ip6.IP6 support
+            if isinstance(data, dpkt.ip.IP):
+                ip = data
                 udp = None
                 tcp = None
 

traffic_taffy/report.py

@@ -0,0 +1,12 @@
+from dataclasses import dataclass
+
+
+@dataclass
+class Report:
+    delta_percentage: float
+    delta_absolute: int
+    total: int
+    left_count: int
+    right_count: int
+    left_percentage: float
+    right_percentage: float

traffic_taffy/tests/test_dpkt_engine.py

@@ -0,0 +1,15 @@
+import os
+from traffic_taffy.dissection import PCAPDissectorLevel
+from traffic_taffy.dissector_engine.dpkt import DissectionEngineDpkt
+
+def test_dpkt_engine():
+    test_pcap = "dns.pcap"
+    test_pcap = "port53-2023-30-31_20.pcap"
+    test_pcap = "airplane-wireless.pcap"
+    if not os.path.exists(test_pcap):
+        return
+
+    engine = DissectionEngineDpkt(test_pcap,
+                                  dissector_level = PCAPDissectorLevel.COMMON_LAYERS)
+    dissection = engine.load()
+

traffic_taffy/tools/config.py

@@ -33,48 +33,48 @@ except ModuleNotFoundError:
     logging.debug("psl module not loadable")
 
 
+def taffy_config_parse_args() -> Namespace:
+    """Parse the command line arguments."""
+
+    config: TaffyConfig = TaffyConfig()
+    config.config_option_names = ["-y", "--config"]
+    config[TT_CFG.LOG_LEVEL] = "info"
+
+    config.read_configfile_from_arguments(sys.argv)
+
+    parser = ArgumentParser(
+        formatter_class=RichHelpFormatter,
+        description=__doc__,
+        epilog="Example Usage: taffy-config > defaults.yml",
+    )
+
+    parser.add_argument(
+        "-y",
+        "--config",
+        default=None,
+        type=str,
+        help="Configuration file (YAML) to load.",
+    )
+
+    parser.add_argument(
+        "--log-level",
+        "--ll",
+        default="info",
+        help="Define the logging verbosity level (debug, info, warning, error, fotal, critical).",
+    )
+
+    args = parser.parse_args()
+    log_level = args.log_level.upper()
+    logging.basicConfig(level=log_level, format="%(levelname)-10s:\t%(message)s")
+
+    config.load_namespace(args)
+    return config
+
+
 def main() -> None:
     """Dissect a pcap file and report contents."""
 
-    def parse_args() -> Namespace:
-        """Parse the command line arguments."""
-
-        config: TaffyConfig = TaffyConfig()
-        config.config_option_names = ["-y", "--config"]
-        config[TT_CFG.LOG_LEVEL] = "info"
-
-        config.read_configfile_from_arguments(sys.argv)
-
-        parser = ArgumentParser(
-            formatter_class=RichHelpFormatter,
-            description=__doc__,
-            epilog="Example Usage: taffy-config > defaults.yml",
-        )
-
-        parser.add_argument(
-            "-y",
-            "--config",
-            default=None,
-            type=str,
-            help="Configuration file (YAML) to load.",
-        )
-
-        parser.add_argument(
-            "--log-level",
-            "--ll",
-            default="info",
-            help="Define the logging verbosity level (debug, info, warning, error, fotal, critical).",
-        )
-
-        args = parser.parse_args()
-        log_level = args.log_level.upper()
-        logging.basicConfig(level=log_level, format="%(levelname)-10s:\t%(message)s")
-
-        config.load_namespace(args)
-        return config
-
-    config = parse_args()
-    config.as_namespace()
+    config = taffy_config_parse_args()
 
     print(yaml.dump(dict(config)))
 

{traffic_taffy-0.9.2.dist-info → traffic_taffy-0.9.4.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: traffic-taffy
-Version: 0.9.2
+Version: 0.9.4
 Summary: A tool for doing differential analysis of pcap files
 Project-URL: Homepage, https://traffic-taffy.github.io/
 Author-email: Wes Hardaker <opensource@hardakers.net>
@@ -56,6 +56,12 @@ might be coming that will cause merge conflicts.
 
 # Copyright and License
 
+Traffic-taffy was created by [Wes Hardaker], a computer scientist at
+[USC/ISI], with support from the Comcast Innovation Fund.
+
+[Wes Hardaker]: https://ant.isi.edu/~hardaker/
+[USC/ISI]: https://www.isi.edu/
+
 This project is copyrighted by the University of Southern California,
 Information Sciences institute.  It is released under the Apache 2.0
 license.

{traffic_taffy-0.9.2.dist-info → traffic_taffy-0.9.4.dist-info}/RECORD

@@ -1,4 +1,4 @@
-traffic_taffy/__init__.py,sha256=1KsKNL77AsTjXoMZPzDd66uHdLLgciSCDd2DVXbD7tA,22
+traffic_taffy/__init__.py,sha256=UI1Y766LRTQsBQeHgwpMOn6l2U43AJiA2KPxg4vVPO0,22
 traffic_taffy/compare.py,sha256=g9rU6oa_2Wy0nUJ7K6TI8JTctyGCRvYEUakDBf7blOY,8644
 traffic_taffy/comparison.py,sha256=KJxOp4UqhfRkF4LI1PMDRIefeyTm2w5sbdr7VUTS4KM,1451
 traffic_taffy/config.py,sha256=DgTu2kA1Ec4Hbwl_44kTsdyJYvxAabgJk9a7aOH2XXU,4444
@@ -7,16 +7,17 @@ traffic_taffy/dissectmany.py,sha256=SWFXFyERNCi0j7hiMDEeJJdPYDpa0SOlSj1V8AqpXUA,
 traffic_taffy/dissector.py,sha256=M5MHVPwfeMHa6s4TG8ZiiNjk7qaht65wdqm0nmRHdQ8,15682
 traffic_taffy/graph.py,sha256=EfkxH5D9PNlDpvftkh9GyUusV05EV537QGB7JOMeW4w,4730
 traffic_taffy/graphdata.py,sha256=r_QNXO3FzC7Vx4123SdCliAh7j2NCQ4Lb5uoOJnlt2M,3376
+traffic_taffy/report.py,sha256=Yzb27hUWcWL-RxWpSQmRyM8NyWxQGT0l0jUCGHoYDSY,224
 traffic_taffy/taffy_config.py,sha256=AmdQbWAhoiV7aTNSpV1exJfd5eA0a3sYTIjikHkMPwY,1124
 traffic_taffy/algorithms/__init__.py,sha256=A7xI2ctotBT7WgG-6ItilXE_FIWF9QWc6UjdfGyThKw,737
 traffic_taffy/algorithms/comparecorrelation.py,sha256=gakZJotZNOVj96y4_-vtt_ka8pZLBVERf44Yixtq_yE,5875
 traffic_taffy/algorithms/comparecorrelationchanges.py,sha256=-ztWKpNN5lm_6e7hTSZytwzuK1RpMpfe1ksQgsb0_tk,7646
 traffic_taffy/algorithms/compareseries.py,sha256=cVonTV6TnMZAaHlGqZ6shn0aDQTTHzK-tPvUAk3OkuQ,4165
 traffic_taffy/algorithms/compareslices.py,sha256=aIDhISKi-m8uD65pBd3A2naoxYD9zeay6y7mAk4hXdg,4336
-traffic_taffy/algorithms/statistical.py,sha256=McP8fdg4P2zRHm57Gq7xKLukrvh7ITZNlj4lhv51IPE,4158
+traffic_taffy/algorithms/statistical.py,sha256=0Hr62ZUZlFCNPUh6yVBRFjNho42cTGeX_GHtbq1sbak,4281
 traffic_taffy/dissector_engine/__init__.py,sha256=Hu-UQtz7yhivmQLUP5b8tFQLEhy2bfvrRV3Q4aZp6vg,2202
 traffic_taffy/dissector_engine/dnstap.py,sha256=rBzVlB0D3YVhHOsr17cbnCIZU13g20srgR4sE7ZfNUE,4810
-traffic_taffy/dissector_engine/dpkt.py,sha256=YgFceo_6cy1VN-ODIijSsOfH3w8OzHPbpUS463is3YI,10949
+traffic_taffy/dissector_engine/dpkt.py,sha256=9JSyKBe2Ec0GItdmwo5mpzekg4Ua5NdpLnllhiV33Jg,11753
 traffic_taffy/dissector_engine/scapy.py,sha256=WrZUfV_viR2Tro0kM3QKUkufIcM3RyYaZ3ncA1yZsaU,4897
 traffic_taffy/hooks/__init__.py,sha256=Bvhl6RnyBqQkWuCU6TS0O_ZHe4qCQsC4HE8FELigWPw,661
 traffic_taffy/hooks/ip2asn.py,sha256=7UA52L6jej0RYBptzP9izO0yXMcqH7wcp2ocDRUN5dg,2216
@@ -34,6 +35,7 @@ traffic_taffy/reports/correlationreport.py,sha256=9PdL_53mxfO619PFSoeRsTEm63L1J_
 traffic_taffy/tests/test_compare_results.py,sha256=iLcS9wvEqxgKszIspLtD2Zw8Qk5JxOCurQwWYzhtOkM,2318
 traffic_taffy/tests/test_config.py,sha256=UCqSJXVwpFFchcIbyFzLqjVF-wgEV755KlQ7thommro,4284
 traffic_taffy/tests/test_dict_merge.py,sha256=t3rZSQQ0AlBxRKfLborx9SxYN53cCAQQzZ2w-__WT2Y,1429
+traffic_taffy/tests/test_dpkt_engine.py,sha256=512Wfq7D1qVkfhGwf1u2QSgZooWqZQWV9L4OhpAr4AE,489
 traffic_taffy/tests/test_global_config.py,sha256=kjr1wy1cXWagVLb0OnQYH0vz2htxLs944Xo42lNsir4,597
 traffic_taffy/tests/test_hooks.py,sha256=amjEbtMwOZZCg_RCJ0wQR7aOqNfwz3IG3WY-9CwjSF4,1260
 traffic_taffy/tests/test_normalize.py,sha256=sKHyiV8YXcKKcWqsbZP94nu_g5oEMJzzj6umeHxwa64,2638
@@ -44,13 +46,13 @@ traffic_taffy/tests/test_value_printing.py,sha256=rhmCUqnh1Lk1TTZvZi7ksvUWm4XDB4
 traffic_taffy/tools/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 traffic_taffy/tools/cache_info.py,sha256=ZanO6jDlTdfJ7w0N_7BkLyJj4NyZGShaH7SrUulbIoE,2085
 traffic_taffy/tools/compare.py,sha256=oT5fIqfPeY6nGI9vSVAoKDsAVzzqfXJDzyOw2BhPfSI,3509
-traffic_taffy/tools/config.py,sha256=XVsKA0E429K2HCyjuPuHwS1iPBkscQxa82Zu53Wmpqw,2458
+traffic_taffy/tools/config.py,sha256=RwJYyfI1yiAKbMzU5mcPTguBiH-hGRy5vk_YvAAjPuM,2343
 traffic_taffy/tools/dissect.py,sha256=B-7e7aqEOWtJ-0P2Y-mzmrzoDqVrDCJ2JzGR45QtuuQ,3073
 traffic_taffy/tools/explore.py,sha256=gUcOfAgangJJI1si1gLPUoWRUKmWUAXSP0oTD2JJygw,24149
 traffic_taffy/tools/export.py,sha256=9zBBGhZK95b4ZiLJ8XK30GPsaBjgR84Sk1HoPIxRpTI,2844
 traffic_taffy/tools/graph.py,sha256=KiKDY9R8JLT5-JouANoi_1WGcdFMhXsLnYlhPsFRWpM,2316
-traffic_taffy-0.9.2.dist-info/METADATA,sha256=p-aA8KfVaH33VDn3JwkRnzf_oHtmvcZ630nS5G184so,2033
-traffic_taffy-0.9.2.dist-info/WHEEL,sha256=TJPnKdtrSue7xZ_AVGkp9YXcvDrobsjBds1du3Nx6dc,87
-traffic_taffy-0.9.2.dist-info/entry_points.txt,sha256=F0lqjvw94nQ3hY4eerN7faT9aKhhGUHbqBhuEr9q1r8,361
-traffic_taffy-0.9.2.dist-info/licenses/LICENSE.txt,sha256=hiV1DJgDQeSM1r7P-ez5oxily11S5nsCedU0jKzKKzo,11338
-traffic_taffy-0.9.2.dist-info/RECORD,,
+traffic_taffy-0.9.4.dist-info/METADATA,sha256=JTazabFuUmC4sejWSCl5ib4E5A_iVEO8z7WuRnWGhHc,2241
+traffic_taffy-0.9.4.dist-info/WHEEL,sha256=TJPnKdtrSue7xZ_AVGkp9YXcvDrobsjBds1du3Nx6dc,87
+traffic_taffy-0.9.4.dist-info/entry_points.txt,sha256=F0lqjvw94nQ3hY4eerN7faT9aKhhGUHbqBhuEr9q1r8,361
+traffic_taffy-0.9.4.dist-info/licenses/LICENSE.txt,sha256=hiV1DJgDQeSM1r7P-ez5oxily11S5nsCedU0jKzKKzo,11338
+traffic_taffy-0.9.4.dist-info/RECORD,,