traffic-taffy 0.9.2__tar.gz → 0.9.4__tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (59) hide show
  1. {traffic_taffy-0.9.2 → traffic_taffy-0.9.4}/PKG-INFO +7 -1
  2. {traffic_taffy-0.9.2 → traffic_taffy-0.9.4}/README.md +6 -0
  3. traffic_taffy-0.9.4/traffic_taffy/__init__.py +1 -0
  4. {traffic_taffy-0.9.2 → traffic_taffy-0.9.4}/traffic_taffy/algorithms/statistical.py +6 -3
  5. {traffic_taffy-0.9.2 → traffic_taffy-0.9.4}/traffic_taffy/dissector_engine/dpkt.py +29 -9
  6. traffic_taffy-0.9.4/traffic_taffy/report.py +12 -0
  7. traffic_taffy-0.9.4/traffic_taffy/tests/test_dpkt_engine.py +15 -0
  8. {traffic_taffy-0.9.2 → traffic_taffy-0.9.4}/traffic_taffy/tools/config.py +39 -39
  9. traffic_taffy-0.9.2/traffic_taffy/__init__.py +0 -1
  10. {traffic_taffy-0.9.2 → traffic_taffy-0.9.4}/.gitignore +0 -0
  11. {traffic_taffy-0.9.2 → traffic_taffy-0.9.4}/LICENSE.txt +0 -0
  12. {traffic_taffy-0.9.2 → traffic_taffy-0.9.4}/pyproject.toml +0 -0
  13. {traffic_taffy-0.9.2 → traffic_taffy-0.9.4}/traffic_taffy/algorithms/__init__.py +0 -0
  14. {traffic_taffy-0.9.2 → traffic_taffy-0.9.4}/traffic_taffy/algorithms/comparecorrelation.py +0 -0
  15. {traffic_taffy-0.9.2 → traffic_taffy-0.9.4}/traffic_taffy/algorithms/comparecorrelationchanges.py +0 -0
  16. {traffic_taffy-0.9.2 → traffic_taffy-0.9.4}/traffic_taffy/algorithms/compareseries.py +0 -0
  17. {traffic_taffy-0.9.2 → traffic_taffy-0.9.4}/traffic_taffy/algorithms/compareslices.py +0 -0
  18. {traffic_taffy-0.9.2 → traffic_taffy-0.9.4}/traffic_taffy/compare.py +0 -0
  19. {traffic_taffy-0.9.2 → traffic_taffy-0.9.4}/traffic_taffy/comparison.py +0 -0
  20. {traffic_taffy-0.9.2 → traffic_taffy-0.9.4}/traffic_taffy/config.py +0 -0
  21. {traffic_taffy-0.9.2 → traffic_taffy-0.9.4}/traffic_taffy/dissection.py +0 -0
  22. {traffic_taffy-0.9.2 → traffic_taffy-0.9.4}/traffic_taffy/dissectmany.py +0 -0
  23. {traffic_taffy-0.9.2 → traffic_taffy-0.9.4}/traffic_taffy/dissector.py +0 -0
  24. {traffic_taffy-0.9.2 → traffic_taffy-0.9.4}/traffic_taffy/dissector_engine/__init__.py +0 -0
  25. {traffic_taffy-0.9.2 → traffic_taffy-0.9.4}/traffic_taffy/dissector_engine/dnstap.py +0 -0
  26. {traffic_taffy-0.9.2 → traffic_taffy-0.9.4}/traffic_taffy/dissector_engine/scapy.py +0 -0
  27. {traffic_taffy-0.9.2 → traffic_taffy-0.9.4}/traffic_taffy/graph.py +0 -0
  28. {traffic_taffy-0.9.2 → traffic_taffy-0.9.4}/traffic_taffy/graphdata.py +0 -0
  29. {traffic_taffy-0.9.2 → traffic_taffy-0.9.4}/traffic_taffy/hooks/__init__.py +0 -0
  30. {traffic_taffy-0.9.2 → traffic_taffy-0.9.4}/traffic_taffy/hooks/ip2asn.py +0 -0
  31. {traffic_taffy-0.9.2 → traffic_taffy-0.9.4}/traffic_taffy/hooks/labels.py +0 -0
  32. {traffic_taffy-0.9.2 → traffic_taffy-0.9.4}/traffic_taffy/hooks/psl.py +0 -0
  33. {traffic_taffy-0.9.2 → traffic_taffy-0.9.4}/traffic_taffy/iana/tables.msgpak +0 -0
  34. {traffic_taffy-0.9.2 → traffic_taffy-0.9.4}/traffic_taffy/output/__init__.py +0 -0
  35. {traffic_taffy-0.9.2 → traffic_taffy-0.9.4}/traffic_taffy/output/console.py +0 -0
  36. {traffic_taffy-0.9.2 → traffic_taffy-0.9.4}/traffic_taffy/output/fsdb.py +0 -0
  37. {traffic_taffy-0.9.2 → traffic_taffy-0.9.4}/traffic_taffy/output/memory.py +0 -0
  38. {traffic_taffy-0.9.2 → traffic_taffy-0.9.4}/traffic_taffy/reports/__init__.py +0 -0
  39. {traffic_taffy-0.9.2 → traffic_taffy-0.9.4}/traffic_taffy/reports/compareslicesreport.py +0 -0
  40. {traffic_taffy-0.9.2 → traffic_taffy-0.9.4}/traffic_taffy/reports/correlationchangereport.py +0 -0
  41. {traffic_taffy-0.9.2 → traffic_taffy-0.9.4}/traffic_taffy/reports/correlationreport.py +0 -0
  42. {traffic_taffy-0.9.2 → traffic_taffy-0.9.4}/traffic_taffy/taffy_config.py +0 -0
  43. {traffic_taffy-0.9.2 → traffic_taffy-0.9.4}/traffic_taffy/tests/test_compare_results.py +0 -0
  44. {traffic_taffy-0.9.2 → traffic_taffy-0.9.4}/traffic_taffy/tests/test_config.py +0 -0
  45. {traffic_taffy-0.9.2 → traffic_taffy-0.9.4}/traffic_taffy/tests/test_dict_merge.py +0 -0
  46. {traffic_taffy-0.9.2 → traffic_taffy-0.9.4}/traffic_taffy/tests/test_global_config.py +0 -0
  47. {traffic_taffy-0.9.2 → traffic_taffy-0.9.4}/traffic_taffy/tests/test_hooks.py +0 -0
  48. {traffic_taffy-0.9.2 → traffic_taffy-0.9.4}/traffic_taffy/tests/test_normalize.py +0 -0
  49. {traffic_taffy-0.9.2 → traffic_taffy-0.9.4}/traffic_taffy/tests/test_pcap_dissector.py +0 -0
  50. {traffic_taffy-0.9.2 → traffic_taffy-0.9.4}/traffic_taffy/tests/test_pcap_splitter.py +0 -0
  51. {traffic_taffy-0.9.2 → traffic_taffy-0.9.4}/traffic_taffy/tests/test_splitter.py +0 -0
  52. {traffic_taffy-0.9.2 → traffic_taffy-0.9.4}/traffic_taffy/tests/test_value_printing.py +0 -0
  53. {traffic_taffy-0.9.2 → traffic_taffy-0.9.4}/traffic_taffy/tools/__init__.py +0 -0
  54. {traffic_taffy-0.9.2 → traffic_taffy-0.9.4}/traffic_taffy/tools/cache_info.py +0 -0
  55. {traffic_taffy-0.9.2 → traffic_taffy-0.9.4}/traffic_taffy/tools/compare.py +0 -0
  56. {traffic_taffy-0.9.2 → traffic_taffy-0.9.4}/traffic_taffy/tools/dissect.py +0 -0
  57. {traffic_taffy-0.9.2 → traffic_taffy-0.9.4}/traffic_taffy/tools/explore.py +0 -0
  58. {traffic_taffy-0.9.2 → traffic_taffy-0.9.4}/traffic_taffy/tools/export.py +0 -0
  59. {traffic_taffy-0.9.2 → traffic_taffy-0.9.4}/traffic_taffy/tools/graph.py +0 -0
{traffic_taffy-0.9.2 → traffic_taffy-0.9.4}/PKG-INFO RENAMED
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.1
2
2
  Name: traffic-taffy
3
- Version: 0.9.2
3
+ Version: 0.9.4
4
4
  Summary: A tool for doing differential analysis of pcap files
5
5
  Project-URL: Homepage, https://traffic-taffy.github.io/
6
6
  Author-email: Wes Hardaker <opensource@hardakers.net>
@@ -56,6 +56,12 @@ might be coming that will cause merge conflicts.
56
56
 
57
57
  # Copyright and License
58
58
 
59
+ Traffic-taffy was created by [Wes Hardaker], a computer scientist at
60
+ [USC/ISI], with support from the Comcast Innovation Fund.
61
+
62
+ [Wes Hardaker]: https://ant.isi.edu/~hardaker/
63
+ [USC/ISI]: https://www.isi.edu/
64
+
59
65
  This project is copyrighted by the University of Southern California,
60
66
  Information Sciences institute. It is released under the Apache 2.0
61
67
  license.
{traffic_taffy-0.9.2 → traffic_taffy-0.9.4}/README.md RENAMED
@@ -28,6 +28,12 @@ might be coming that will cause merge conflicts.
28
28
 
29
29
  # Copyright and License
30
30
 
31
+ Traffic-taffy was created by [Wes Hardaker], a computer scientist at
32
+ [USC/ISI], with support from the Comcast Innovation Fund.
33
+
34
+ [Wes Hardaker]: https://ant.isi.edu/~hardaker/
35
+ [USC/ISI]: https://www.isi.edu/
36
+
31
37
  This project is copyrighted by the University of Southern California,
32
38
  Information Sciences institute. It is released under the Apache 2.0
33
39
  license.
traffic_taffy-0.9.4/traffic_taffy/__init__.py ADDED
@@ -0,0 +1 @@
1
+ __VERSION__ = "0.9.4"
{traffic_taffy-0.9.2 → traffic_taffy-0.9.4}/traffic_taffy/algorithms/statistical.py RENAMED
@@ -64,7 +64,10 @@ class ComparisonStatistical(ComparisonSlicesAlgorithm):
64
64
  left_count = 0
65
65
  right_count = right_side[key][subkey]
66
66
  left_percentage = 0.0
67
- right_percentage = right_side[key][subkey] / right_side_total
67
+ if right_side_total == 0:
68
+ right_percentage = 1.0
69
+ else:
70
+ right_percentage = right_side[key][subkey] / right_side_total
68
71
  new_right_count += 1 # this value wasn't in the left
69
72
 
70
73
  report[key][subkey] = CompareSlicesReport(
@@ -78,12 +81,12 @@ class ComparisonStatistical(ComparisonSlicesAlgorithm):
78
81
  )
79
82
 
80
83
  if right_side_total == 0:
81
- right_percent = 100
84
+ right_percent = 1.0
82
85
  else:
83
86
  right_percent = new_right_count / right_side_total
84
87
 
85
88
  if left_side_total == 0:
86
- left_percent = 100
89
+ left_percent = 1.0
87
90
  else:
88
91
  left_percent = new_left_count / left_side_total
89
92
 
{traffic_taffy-0.9.2 → traffic_taffy-0.9.4}/traffic_taffy/dissector_engine/dpkt.py RENAMED
@@ -2,7 +2,7 @@
2
2
 
3
3
  from __future__ import annotations
4
4
 
5
- from logging import debug
5
+ from logging import debug, error
6
6
  from traffic_taffy.dissector_engine import DissectionEngine
7
7
  from traffic_taffy.dissection import Dissection, PCAPDissectorLevel
8
8
  from pcap_parallel import PCAPParallel
@@ -20,6 +20,7 @@ class DissectionEngineDpkt(DissectionEngine):
20
20
  def __init__(self, *args: list, **kwargs: dict):
21
21
  """Create a dissection engine for quickly parsing and counting packets."""
22
22
  super().__init__(*args, **kwargs)
23
+ self.data_link_type = None
23
24
 
24
25
  def load_data(self) -> None:
25
26
  """Load the specified PCAP into memory."""
@@ -29,6 +30,9 @@ class DissectionEngineDpkt(DissectionEngine):
29
30
  else:
30
31
  # it's an open handle already
31
32
  pcap = dpkt.pcap.Reader(self.pcap_file)
33
+
34
+ self.data_link_type = pcap.datalink()
35
+
32
36
  if self.pcap_filter:
33
37
  pcap.setfilter(self.pcap_filter)
34
38
  pcap.dispatch(self.maximum_count, self.callback)
@@ -144,14 +148,30 @@ class DissectionEngineDpkt(DissectionEngine):
144
148
  level = level.value
145
149
 
146
150
  if level >= PCAPDissectorLevel.THROUGH_IP.value:
147
- eth = dpkt.ethernet.Ethernet(packet)
148
- # these names are designed to match scapy names
149
- self.incr("Ethernet_dst", eth.dst)
150
- self.incr("Ethernet_src", eth.src)
151
- self.incr("Ethernet_type", eth.type)
152
-
153
- if isinstance(eth.data, dpkt.ip.IP):
154
- ip = eth.data
151
+ if self.data_link_type == 1:
152
+ # Ethernet based encapsulation
153
+ eth = dpkt.ethernet.Ethernet(packet)
154
+ # these names are designed to match scapy names
155
+ self.incr("Ethernet_dst", eth.dst)
156
+ self.incr("Ethernet_src", eth.src)
157
+ self.incr("Ethernet_type", eth.type)
158
+ data = eth.data
159
+ elif self.data_link_type == 101:
160
+ # Raw IP encapsulation
161
+ if packet[0] == 0x45:
162
+ data = dpkt.ip.IP(packet)
163
+ elif packet[0] == 0x60:
164
+ data = dpkt.ip6.IP6(packet)
165
+ else:
166
+ error("Unknown IP version in data")
167
+ raise ValueError("unknown IP version")
168
+ else:
169
+ error(f"unknown link type: {self.data_link_type}")
170
+ raise ValueError("unknown link type")
171
+
172
+ # TODO(hardaker): add ip6.IP6 support
173
+ if isinstance(data, dpkt.ip.IP):
174
+ ip = data
155
175
  udp = None
156
176
  tcp = None
157
177
 
traffic_taffy-0.9.4/traffic_taffy/report.py ADDED
@@ -0,0 +1,12 @@
1
+ from dataclasses import dataclass
2
+
3
+
4
+ @dataclass
5
+ class Report:
6
+ delta_percentage: float
7
+ delta_absolute: int
8
+ total: int
9
+ left_count: int
10
+ right_count: int
11
+ left_percentage: float
12
+ right_percentage: float
traffic_taffy-0.9.4/traffic_taffy/tests/test_dpkt_engine.py ADDED
@@ -0,0 +1,15 @@
1
+ import os
2
+ from traffic_taffy.dissection import PCAPDissectorLevel
3
+ from traffic_taffy.dissector_engine.dpkt import DissectionEngineDpkt
4
+
5
+ def test_dpkt_engine():
6
+ test_pcap = "dns.pcap"
7
+ test_pcap = "port53-2023-30-31_20.pcap"
8
+ test_pcap = "airplane-wireless.pcap"
9
+ if not os.path.exists(test_pcap):
10
+ return
11
+
12
+ engine = DissectionEngineDpkt(test_pcap,
13
+ dissector_level = PCAPDissectorLevel.COMMON_LAYERS)
14
+ dissection = engine.load()
15
+
{traffic_taffy-0.9.2 → traffic_taffy-0.9.4}/traffic_taffy/tools/config.py RENAMED
@@ -33,48 +33,48 @@ except ModuleNotFoundError:
33
33
  logging.debug("psl module not loadable")
34
34
 
35
35
 
36
+ def taffy_config_parse_args() -> Namespace:
37
+ """Parse the command line arguments."""
38
+
39
+ config: TaffyConfig = TaffyConfig()
40
+ config.config_option_names = ["-y", "--config"]
41
+ config[TT_CFG.LOG_LEVEL] = "info"
42
+
43
+ config.read_configfile_from_arguments(sys.argv)
44
+
45
+ parser = ArgumentParser(
46
+ formatter_class=RichHelpFormatter,
47
+ description=__doc__,
48
+ epilog="Example Usage: taffy-config > defaults.yml",
49
+ )
50
+
51
+ parser.add_argument(
52
+ "-y",
53
+ "--config",
54
+ default=None,
55
+ type=str,
56
+ help="Configuration file (YAML) to load.",
57
+ )
58
+
59
+ parser.add_argument(
60
+ "--log-level",
61
+ "--ll",
62
+ default="info",
63
+ help="Define the logging verbosity level (debug, info, warning, error, fotal, critical).",
64
+ )
65
+
66
+ args = parser.parse_args()
67
+ log_level = args.log_level.upper()
68
+ logging.basicConfig(level=log_level, format="%(levelname)-10s:\t%(message)s")
69
+
70
+ config.load_namespace(args)
71
+ return config
72
+
73
+
36
74
  def main() -> None:
37
75
  """Dissect a pcap file and report contents."""
38
76
 
39
- def parse_args() -> Namespace:
40
- """Parse the command line arguments."""
41
-
42
- config: TaffyConfig = TaffyConfig()
43
- config.config_option_names = ["-y", "--config"]
44
- config[TT_CFG.LOG_LEVEL] = "info"
45
-
46
- config.read_configfile_from_arguments(sys.argv)
47
-
48
- parser = ArgumentParser(
49
- formatter_class=RichHelpFormatter,
50
- description=__doc__,
51
- epilog="Example Usage: taffy-config > defaults.yml",
52
- )
53
-
54
- parser.add_argument(
55
- "-y",
56
- "--config",
57
- default=None,
58
- type=str,
59
- help="Configuration file (YAML) to load.",
60
- )
61
-
62
- parser.add_argument(
63
- "--log-level",
64
- "--ll",
65
- default="info",
66
- help="Define the logging verbosity level (debug, info, warning, error, fotal, critical).",
67
- )
68
-
69
- args = parser.parse_args()
70
- log_level = args.log_level.upper()
71
- logging.basicConfig(level=log_level, format="%(levelname)-10s:\t%(message)s")
72
-
73
- config.load_namespace(args)
74
- return config
75
-
76
- config = parse_args()
77
- config.as_namespace()
77
+ config = taffy_config_parse_args()
78
78
 
79
79
  print(yaml.dump(dict(config)))
80
80
 
traffic_taffy-0.9.2/traffic_taffy/__init__.py DELETED
@@ -1 +0,0 @@
1
- __VERSION__ = "0.9.2"
{traffic_taffy-0.9.2 → traffic_taffy-0.9.4}/.gitignore RENAMED
File without changes
{traffic_taffy-0.9.2 → traffic_taffy-0.9.4}/LICENSE.txt RENAMED
File without changes