traffic-taffy 0.9.4__tar.gz → 0.9.5__tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (59) hide show
  1. {traffic_taffy-0.9.4 → traffic_taffy-0.9.5}/PKG-INFO +1 -1
  2. traffic_taffy-0.9.5/traffic_taffy/__init__.py +1 -0
  3. {traffic_taffy-0.9.4 → traffic_taffy-0.9.5}/traffic_taffy/dissector_engine/dpkt.py +33 -4
  4. traffic_taffy-0.9.4/traffic_taffy/__init__.py +0 -1
  5. {traffic_taffy-0.9.4 → traffic_taffy-0.9.5}/.gitignore +0 -0
  6. {traffic_taffy-0.9.4 → traffic_taffy-0.9.5}/LICENSE.txt +0 -0
  7. {traffic_taffy-0.9.4 → traffic_taffy-0.9.5}/README.md +0 -0
  8. {traffic_taffy-0.9.4 → traffic_taffy-0.9.5}/pyproject.toml +0 -0
  9. {traffic_taffy-0.9.4 → traffic_taffy-0.9.5}/traffic_taffy/algorithms/__init__.py +0 -0
  10. {traffic_taffy-0.9.4 → traffic_taffy-0.9.5}/traffic_taffy/algorithms/comparecorrelation.py +0 -0
  11. {traffic_taffy-0.9.4 → traffic_taffy-0.9.5}/traffic_taffy/algorithms/comparecorrelationchanges.py +0 -0
  12. {traffic_taffy-0.9.4 → traffic_taffy-0.9.5}/traffic_taffy/algorithms/compareseries.py +0 -0
  13. {traffic_taffy-0.9.4 → traffic_taffy-0.9.5}/traffic_taffy/algorithms/compareslices.py +0 -0
  14. {traffic_taffy-0.9.4 → traffic_taffy-0.9.5}/traffic_taffy/algorithms/statistical.py +0 -0
  15. {traffic_taffy-0.9.4 → traffic_taffy-0.9.5}/traffic_taffy/compare.py +0 -0
  16. {traffic_taffy-0.9.4 → traffic_taffy-0.9.5}/traffic_taffy/comparison.py +0 -0
  17. {traffic_taffy-0.9.4 → traffic_taffy-0.9.5}/traffic_taffy/config.py +0 -0
  18. {traffic_taffy-0.9.4 → traffic_taffy-0.9.5}/traffic_taffy/dissection.py +0 -0
  19. {traffic_taffy-0.9.4 → traffic_taffy-0.9.5}/traffic_taffy/dissectmany.py +0 -0
  20. {traffic_taffy-0.9.4 → traffic_taffy-0.9.5}/traffic_taffy/dissector.py +0 -0
  21. {traffic_taffy-0.9.4 → traffic_taffy-0.9.5}/traffic_taffy/dissector_engine/__init__.py +0 -0
  22. {traffic_taffy-0.9.4 → traffic_taffy-0.9.5}/traffic_taffy/dissector_engine/dnstap.py +0 -0
  23. {traffic_taffy-0.9.4 → traffic_taffy-0.9.5}/traffic_taffy/dissector_engine/scapy.py +0 -0
  24. {traffic_taffy-0.9.4 → traffic_taffy-0.9.5}/traffic_taffy/graph.py +0 -0
  25. {traffic_taffy-0.9.4 → traffic_taffy-0.9.5}/traffic_taffy/graphdata.py +0 -0
  26. {traffic_taffy-0.9.4 → traffic_taffy-0.9.5}/traffic_taffy/hooks/__init__.py +0 -0
  27. {traffic_taffy-0.9.4 → traffic_taffy-0.9.5}/traffic_taffy/hooks/ip2asn.py +0 -0
  28. {traffic_taffy-0.9.4 → traffic_taffy-0.9.5}/traffic_taffy/hooks/labels.py +0 -0
  29. {traffic_taffy-0.9.4 → traffic_taffy-0.9.5}/traffic_taffy/hooks/psl.py +0 -0
  30. {traffic_taffy-0.9.4 → traffic_taffy-0.9.5}/traffic_taffy/iana/tables.msgpak +0 -0
  31. {traffic_taffy-0.9.4 → traffic_taffy-0.9.5}/traffic_taffy/output/__init__.py +0 -0
  32. {traffic_taffy-0.9.4 → traffic_taffy-0.9.5}/traffic_taffy/output/console.py +0 -0
  33. {traffic_taffy-0.9.4 → traffic_taffy-0.9.5}/traffic_taffy/output/fsdb.py +0 -0
  34. {traffic_taffy-0.9.4 → traffic_taffy-0.9.5}/traffic_taffy/output/memory.py +0 -0
  35. {traffic_taffy-0.9.4 → traffic_taffy-0.9.5}/traffic_taffy/report.py +0 -0
  36. {traffic_taffy-0.9.4 → traffic_taffy-0.9.5}/traffic_taffy/reports/__init__.py +0 -0
  37. {traffic_taffy-0.9.4 → traffic_taffy-0.9.5}/traffic_taffy/reports/compareslicesreport.py +0 -0
  38. {traffic_taffy-0.9.4 → traffic_taffy-0.9.5}/traffic_taffy/reports/correlationchangereport.py +0 -0
  39. {traffic_taffy-0.9.4 → traffic_taffy-0.9.5}/traffic_taffy/reports/correlationreport.py +0 -0
  40. {traffic_taffy-0.9.4 → traffic_taffy-0.9.5}/traffic_taffy/taffy_config.py +0 -0
  41. {traffic_taffy-0.9.4 → traffic_taffy-0.9.5}/traffic_taffy/tests/test_compare_results.py +0 -0
  42. {traffic_taffy-0.9.4 → traffic_taffy-0.9.5}/traffic_taffy/tests/test_config.py +0 -0
  43. {traffic_taffy-0.9.4 → traffic_taffy-0.9.5}/traffic_taffy/tests/test_dict_merge.py +0 -0
  44. {traffic_taffy-0.9.4 → traffic_taffy-0.9.5}/traffic_taffy/tests/test_dpkt_engine.py +0 -0
  45. {traffic_taffy-0.9.4 → traffic_taffy-0.9.5}/traffic_taffy/tests/test_global_config.py +0 -0
  46. {traffic_taffy-0.9.4 → traffic_taffy-0.9.5}/traffic_taffy/tests/test_hooks.py +0 -0
  47. {traffic_taffy-0.9.4 → traffic_taffy-0.9.5}/traffic_taffy/tests/test_normalize.py +0 -0
  48. {traffic_taffy-0.9.4 → traffic_taffy-0.9.5}/traffic_taffy/tests/test_pcap_dissector.py +0 -0
  49. {traffic_taffy-0.9.4 → traffic_taffy-0.9.5}/traffic_taffy/tests/test_pcap_splitter.py +0 -0
  50. {traffic_taffy-0.9.4 → traffic_taffy-0.9.5}/traffic_taffy/tests/test_splitter.py +0 -0
  51. {traffic_taffy-0.9.4 → traffic_taffy-0.9.5}/traffic_taffy/tests/test_value_printing.py +0 -0
  52. {traffic_taffy-0.9.4 → traffic_taffy-0.9.5}/traffic_taffy/tools/__init__.py +0 -0
  53. {traffic_taffy-0.9.4 → traffic_taffy-0.9.5}/traffic_taffy/tools/cache_info.py +0 -0
  54. {traffic_taffy-0.9.4 → traffic_taffy-0.9.5}/traffic_taffy/tools/compare.py +0 -0
  55. {traffic_taffy-0.9.4 → traffic_taffy-0.9.5}/traffic_taffy/tools/config.py +0 -0
  56. {traffic_taffy-0.9.4 → traffic_taffy-0.9.5}/traffic_taffy/tools/dissect.py +0 -0
  57. {traffic_taffy-0.9.4 → traffic_taffy-0.9.5}/traffic_taffy/tools/explore.py +0 -0
  58. {traffic_taffy-0.9.4 → traffic_taffy-0.9.5}/traffic_taffy/tools/export.py +0 -0
  59. {traffic_taffy-0.9.4 → traffic_taffy-0.9.5}/traffic_taffy/tools/graph.py +0 -0
{traffic_taffy-0.9.4 → traffic_taffy-0.9.5}/PKG-INFO RENAMED
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.1
2
2
  Name: traffic-taffy
3
- Version: 0.9.4
3
+ Version: 0.9.5
4
4
  Summary: A tool for doing differential analysis of pcap files
5
5
  Project-URL: Homepage, https://traffic-taffy.github.io/
6
6
  Author-email: Wes Hardaker <opensource@hardakers.net>
traffic_taffy-0.9.5/traffic_taffy/__init__.py ADDED
@@ -0,0 +1 @@
1
+ __VERSION__ = "0.9.5"
{traffic_taffy-0.9.4 → traffic_taffy-0.9.5}/traffic_taffy/dissector_engine/dpkt.py RENAMED
@@ -8,6 +8,7 @@ from traffic_taffy.dissection import Dissection, PCAPDissectorLevel
8
8
  from pcap_parallel import PCAPParallel
9
9
 
10
10
  import dpkt
11
+ import socket
11
12
 
12
13
 
13
14
  class DissectionEngineDpkt(DissectionEngine):
@@ -170,6 +171,10 @@ class DissectionEngineDpkt(DissectionEngine):
170
171
  raise ValueError("unknown link type")
171
172
 
172
173
  # TODO(hardaker): add ip6.IP6 support
174
+ next_layer = None
175
+ udp = None
176
+ tcp = None
177
+
173
178
  if isinstance(data, dpkt.ip.IP):
174
179
  ip = data
175
180
  udp = None
@@ -197,8 +202,32 @@ class DissectionEngineDpkt(DissectionEngine):
197
202
  self.incr(prefix + "version", ip.v)
198
203
  self.incr(prefix + "ttl", ip.ttl)
199
204
 
200
- if isinstance(ip.data, dpkt.udp.UDP):
201
- udp = ip.data
205
+ next_layer = ip.data
206
+
207
+ elif isinstance(data, dpkt.ip6.IP6):
208
+ ip6 = data
209
+
210
+ ipver = "IPv6"
211
+ prefix = f"Ethernet_{ipver}_"
212
+
213
+ # TODO(hardaker): make sure all these match scapy
214
+ socket.inet_ntop(
215
+ socket.AF_INET6,
216
+ b"\x20\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01",
217
+ )
218
+
219
+ self.incr(prefix + "dst", socket.inet_ntop(socket.AF_INET6, ip6.dst))
220
+ self.incr(prefix + "src", socket.inet_ntop(socket.AF_INET6, ip6.src))
221
+ self.incr(prefix + "fl", ip6.flow)
222
+ self.incr(prefix + "hlim", ip6.hlim)
223
+ self.incr(prefix + "nh", ip6.nxt)
224
+ self.incr(prefix + "plen", ip6.plen)
225
+ self.incr(prefix + "tc", ip6.fc)
226
+ next_layer = ip6.data
227
+
228
+ if next_layer:
229
+ if isinstance(next_layer, dpkt.udp.UDP):
230
+ udp = next_layer
202
231
  self.incr(prefix + "UDP_sport", udp.sport)
203
232
  self.incr(prefix + "UDP_dport", udp.dport)
204
233
  self.incr(prefix + "UDP_len", udp.ulen)
@@ -206,8 +235,8 @@ class DissectionEngineDpkt(DissectionEngine):
206
235
 
207
236
  # TODO(hardaker): handle DNS and others for level 3
208
237
 
209
- elif isinstance(ip.data, dpkt.tcp.TCP):
210
- tcp = ip.data
238
+ elif isinstance(next_layer, dpkt.tcp.TCP):
239
+ tcp = next_layer
211
240
  self.incr(prefix + "TCP_sport", tcp.sport)
212
241
  self.incr(prefix + "TCP_dport", tcp.dport)
213
242
  self.incr(prefix + "TCP_seq", tcp.seq)
traffic_taffy-0.9.4/traffic_taffy/__init__.py DELETED
@@ -1 +0,0 @@
1
- __VERSION__ = "0.9.4"
{traffic_taffy-0.9.4 → traffic_taffy-0.9.5}/.gitignore RENAMED
File without changes
{traffic_taffy-0.9.4 → traffic_taffy-0.9.5}/LICENSE.txt RENAMED
File without changes
{traffic_taffy-0.9.4 → traffic_taffy-0.9.5}/README.md RENAMED
File without changes