traffic-taffy 0.9.7__py3-none-any.whl → 0.9.9__py3-none-any.whl

traffic_taffy/__init__.py

@@ -1 +1 @@
-__VERSION__ = "0.9.7"
+__VERSION__ = "0.9.9"

traffic_taffy/hooks/blag.py

@@ -1,14 +1,20 @@
 """Traffic-Taffy plugin to look up addresses in the BLAG blocklist."""
+from pathlib import Path
 from blagbl import BlagBL
+import blagbl
 import ipaddress
+from logging import error
 
 from traffic_taffy.hooks import register_hook
 from traffic_taffy.dissector import POST_DISSECT_HOOK, INIT_HOOK
 from traffic_taffy.dissection import Dissection
+from traffic_taffy.taffy_config import taffy_default, TaffyConfig
 
 blag = None
 blag_ips = None
 
+taffy_default("modules.blag.database", str(blagbl.DEFAULT_STORE.joinpath("blag.zip")))
+
 
 @register_hook(INIT_HOOK)
 def init_blag(**kwargs):
@@ -17,7 +23,14 @@ def init_blag(**kwargs):
     global blag_ips
 
     if blag is None:
-        blag = BlagBL()
+        config = TaffyConfig()
+        blag_db_path = config.get_dotnest("modules.blag.database")
+
+        if blag_db_path and not Path(blag_db_path).exists():
+            error(f"The ip2asn plugin requires a blag.zip file in {blag_db_path}")
+            error("Please run blagbl --fetch to download it")
+
+        blag = BlagBL(database=blag_db_path)
         blag.parse_blag_contents()
         blag_ips = blag.ips
 

traffic_taffy/hooks/ip2asn.py

@@ -9,7 +9,7 @@ from traffic_taffy.taffy_config import taffy_default, TaffyConfig
 
 i2a = None
 
-taffy_default("modules.ip2asn.database", ip2asn.DEFAULT_IP2ASN_FILE)
+taffy_default("modules.ip2asn.database", str(ip2asn.DEFAULT_IP2ASN_FILE))
 
 
 @register_hook(INIT_HOOK)
@@ -21,8 +21,8 @@ def init_ip2asn(**kwargs):
         db_path = config.get_dotnest("modules.ip2asn.database")
 
         if db_path and not Path(db_path).exists():
-            error("The ip2asn plugin requires a ip2asn-combined.tsv in this directory")
-            error("Please download it from https://iptoasn.com/")
+            error(f"The ip2asn plugin requires a ip2asn-combined.tsv file in {db_path}")
+            error("Please run ip2asn --fetch to download it")
 
         info(f"loading {db_path}")
         i2a = ip2asn.IP2ASN(db_path)

traffic_taffy/output/console.py

@@ -65,6 +65,7 @@ class Console(Output):
     def output_record(self, key: str, subkey: Any, data: Dict[str, Any]) -> None:
         """Print a report to the console."""
 
+        marker = " "
         style = ""
         endstyle = ""
         if getattr(data, "delta_percentage", None):
@@ -73,12 +74,16 @@ class Console(Output):
             # apply some styling depending on range
             if delta_percentage < -Console.BOLD_LIMIT:
                 style = "[bold red]"
+                marker = "v"
             elif delta_percentage < Console.POSITIVE:
                 style = "[red]"
+                marker = "v"
             elif delta_percentage > Console.BOLD_LIMIT:
                 style = "[bold green]"
+                marker = "^"
             elif delta_percentage > Console.POSITIVE:
                 style = "[green]"
+                marker = "^"
             endstyle = style.replace("[", "[/")
 
         # construct the output line with styling
@@ -92,6 +97,7 @@ class Console(Output):
             style=style,
             endstyle=endstyle,
             subkey=subkey,
+            marker=marker,
             **field_values,
         )
 

traffic_taffy/reports/compareslicesreport.py

@@ -34,7 +34,7 @@ class CompareSlicesReport(Report):
     @property
     def header_string(self) -> str:
         """Header string."""
-        line = "  {style}{subkey:<50}{endstyle}"
+        line = "  {style}  {subkey:<50}{endstyle}"
         line += " {left_count:>8} {right_count:>8} {delta_absolute:>8}"
         line += " {left_percentage:>7} {right_percentage:>7}  {delta_percentage:>7}"
 
@@ -43,7 +43,7 @@ class CompareSlicesReport(Report):
     @property
     def format_string(self) -> str:
         """Formatting string for each printed line."""
-        line = "  {style}{subkey:<50}{endstyle}"
+        line = "  {style}{marker} {subkey:<50}{endstyle}"
         line += " {left_count:>8} {right_count:>8} {delta_absolute:>8}"
         line += " {left_percentage:>7.2f} {right_percentage:>7.2f}  {delta_percentage:>7.2f}"
 

traffic_taffy/reports/correlationchangereport.py

@@ -28,7 +28,7 @@ class CorrelationChangeReport(Report):
     @property
     def header_string(self) -> str:
         """Formatting string for each printed line."""
-        line = "  {style}{subkey:<50}{endstyle}"
+        line = "  {style}  {subkey:<50}{endstyle}"
         line += " {timestamp:>10}"
         line += " {left_correlation:>17}"
         line += " {right_correlation:>17}"
@@ -39,7 +39,7 @@ class CorrelationChangeReport(Report):
     @property
     def format_string(self) -> str:
         """Formatting string for each printed line."""
-        line = "  {style}{subkey:<50}{endstyle}"
+        line = "  {style}{marker} {subkey:<50}{endstyle}"
         line += " {timestamp:>10}"
         line += " {left_correlation:>17.2f}"
         line += " {right_correlation:>17.2f}"

traffic_taffy/reports/correlationreport.py

@@ -22,7 +22,7 @@ class CorrelationReport(Report):
     @property
     def header_string(self) -> str:
         """Formatting string for each printed line."""
-        line = "  {style}{subkey:<50}{endstyle}"
+        line = "  {style}  {subkey:<50}{endstyle}"
         line += " {correlation:>11}"
 
         return line
@@ -30,7 +30,7 @@ class CorrelationReport(Report):
     @property
     def format_string(self) -> str:
         """Formatting string for each printed line."""
-        line = "  {style}{subkey:<50}{endstyle}"
+        line = "  {style}{marker} {subkey:<50}{endstyle}"
         line += " {correlation:>11.2f}"
 
         return line

traffic_taffy/tools/config.py

@@ -32,6 +32,11 @@ try:
 except ModuleNotFoundError:
     logging.debug("psl module not loadable")
 
+try:
+    from traffic_taffy.hooks.blag import ip_blagbl_lookup as ip_blagbl_lookup
+except ModuleNotFoundError:
+    logging.debug("blag module not loadable")
+
 
 def taffy_config_parse_args() -> Namespace:
     """Parse the command line arguments."""

{traffic_taffy-0.9.7.dist-info → traffic_taffy-0.9.9.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: traffic-taffy
-Version: 0.9.7
+Version: 0.9.9
 Summary: A tool for doing differential analysis of pcap files
 Project-URL: Homepage, https://traffic-taffy.github.io/
 Author-email: Wes Hardaker <opensource@hardakers.net>

{traffic_taffy-0.9.7.dist-info → traffic_taffy-0.9.9.dist-info}/RECORD

@@ -1,4 +1,4 @@
-traffic_taffy/__init__.py,sha256=KrTiNpk5yqhV4Br8BI-UzCx2ZR98WVKivhHFc_1856k,22
+traffic_taffy/__init__.py,sha256=YzFL7CfEcDRyEbnlof00gym6eTq-mBSIojBAQGrorTU,22
 traffic_taffy/compare.py,sha256=g9rU6oa_2Wy0nUJ7K6TI8JTctyGCRvYEUakDBf7blOY,8644
 traffic_taffy/comparison.py,sha256=KJxOp4UqhfRkF4LI1PMDRIefeyTm2w5sbdr7VUTS4KM,1451
 traffic_taffy/config.py,sha256=DgTu2kA1Ec4Hbwl_44kTsdyJYvxAabgJk9a7aOH2XXU,4444
@@ -7,7 +7,6 @@ traffic_taffy/dissectmany.py,sha256=SWFXFyERNCi0j7hiMDEeJJdPYDpa0SOlSj1V8AqpXUA,
 traffic_taffy/dissector.py,sha256=9QwGMGugHzVE8GWRpsfPXfSj02Sm2i_ZNU0Ah9AZ7BI,15654
 traffic_taffy/graph.py,sha256=EfkxH5D9PNlDpvftkh9GyUusV05EV537QGB7JOMeW4w,4730
 traffic_taffy/graphdata.py,sha256=r_QNXO3FzC7Vx4123SdCliAh7j2NCQ4Lb5uoOJnlt2M,3376
-traffic_taffy/report.py,sha256=Yzb27hUWcWL-RxWpSQmRyM8NyWxQGT0l0jUCGHoYDSY,224
 traffic_taffy/taffy_config.py,sha256=AmdQbWAhoiV7aTNSpV1exJfd5eA0a3sYTIjikHkMPwY,1124
 traffic_taffy/algorithms/__init__.py,sha256=A7xI2ctotBT7WgG-6ItilXE_FIWF9QWc6UjdfGyThKw,737
 traffic_taffy/algorithms/comparecorrelation.py,sha256=gakZJotZNOVj96y4_-vtt_ka8pZLBVERf44Yixtq_yE,5875
@@ -20,23 +19,22 @@ traffic_taffy/dissector_engine/dnstap.py,sha256=rBzVlB0D3YVhHOsr17cbnCIZU13g20sr
 traffic_taffy/dissector_engine/dpkt.py,sha256=q7cJz6WWpe9xUcEbAY_yn_cma_4loXuS3QKIVln6FHQ,12788
 traffic_taffy/dissector_engine/scapy.py,sha256=S3yrUmSeDjt3oE1I07L3iLFLF8Df8XAZg535FY_eu90,5004
 traffic_taffy/hooks/__init__.py,sha256=Bvhl6RnyBqQkWuCU6TS0O_ZHe4qCQsC4HE8FELigWPw,661
-traffic_taffy/hooks/blag.py,sha256=KWFhDYbH8sRcUsujCSdlycE0pYkX5ymyRRbHxi20z3U,1626
-traffic_taffy/hooks/ip2asn.py,sha256=G7zo2lFRLK-fbbzGMMcsaxIIh9ME6BoM0E6cJDaeE18,2233
+traffic_taffy/hooks/blag.py,sha256=NgXcJ0uRFMUk-YkBeAdixNKFuzZ5iZJhh9rxuLb5zrI,2172
+traffic_taffy/hooks/ip2asn.py,sha256=wTOevUytyogehV20JU-UdJ0vRhzgm7te1KVIuuKCvH0,2235
 traffic_taffy/hooks/labels.py,sha256=5jHXq3-kxDQj9PRYgak-gDzE8dvSUiCEq9mBs9nE014,1933
 traffic_taffy/hooks/psl.py,sha256=A3maHS9FOholOEv1LuX0xSO3u34GyqeYl9_EtJG1pMY,2119
 traffic_taffy/iana/tables.msgpak,sha256=d-R5Xw9yG9t4RqGJRrpE6cjH4YfaxQBwQiBhNjKZbwI,172825
 traffic_taffy/output/__init__.py,sha256=qqlAUA99fxWlHEns-ji7A2RrcA8RA-AKXK7n2D737c8,3312
-traffic_taffy/output/console.py,sha256=QizlMIRbUKm7S57SojBiTAOB4KM9DCcj8EKiH1roO6U,3031
+traffic_taffy/output/console.py,sha256=x68iZYCq3jCn86AsnP339CnDJVLVojfmOOwSbJtaQjk,3195
 traffic_taffy/output/fsdb.py,sha256=0z2zDydfnqOVM8Mj6pTJf4n4pGPupWykuYPgdgjJRN8,1859
 traffic_taffy/output/memory.py,sha256=86tgJ-jMt3UVX31eP6U02YbbYRoqbYhhR4kXJQmYzO4,1870
 traffic_taffy/reports/__init__.py,sha256=lMDS7q35aIdDrJ7G8ot4Q_6t9nYllr0C9510FL43rZY,113
-traffic_taffy/reports/compareslicesreport.py,sha256=Clrif58TPBTwP4BNxh9PcHkyASbUUscrOWtSgLrItN4,2754
-traffic_taffy/reports/correlationchangereport.py,sha256=W8tKWMk5Ss45Ho3wh_mAcK2Jj2fpL7vnNyun2C_lRgw,1575
-traffic_taffy/reports/correlationreport.py,sha256=9PdL_53mxfO619PFSoeRsTEm63L1J_u-B4sVvlH8xaU,1109
+traffic_taffy/reports/compareslicesreport.py,sha256=zLGlW158orhWuneav2_t2pJrEmIIskQEPsbIJMJesX8,2765
+traffic_taffy/reports/correlationchangereport.py,sha256=GazkJe0dx7F0TiGl9G6_l3zHHkglYpA2PfpibvEdalE,1586
+traffic_taffy/reports/correlationreport.py,sha256=QwwFzf1XKsPYQ-m5sHnLeCne0IMcHGamzsOEJBzL32c,1120
 traffic_taffy/tests/test_compare_results.py,sha256=iLcS9wvEqxgKszIspLtD2Zw8Qk5JxOCurQwWYzhtOkM,2318
 traffic_taffy/tests/test_config.py,sha256=UCqSJXVwpFFchcIbyFzLqjVF-wgEV755KlQ7thommro,4284
 traffic_taffy/tests/test_dict_merge.py,sha256=t3rZSQQ0AlBxRKfLborx9SxYN53cCAQQzZ2w-__WT2Y,1429
-traffic_taffy/tests/test_dpkt_engine.py,sha256=512Wfq7D1qVkfhGwf1u2QSgZooWqZQWV9L4OhpAr4AE,489
 traffic_taffy/tests/test_global_config.py,sha256=kjr1wy1cXWagVLb0OnQYH0vz2htxLs944Xo42lNsir4,597
 traffic_taffy/tests/test_hooks.py,sha256=amjEbtMwOZZCg_RCJ0wQR7aOqNfwz3IG3WY-9CwjSF4,1260
 traffic_taffy/tests/test_normalize.py,sha256=sKHyiV8YXcKKcWqsbZP94nu_g5oEMJzzj6umeHxwa64,2638
@@ -47,13 +45,13 @@ traffic_taffy/tests/test_value_printing.py,sha256=rhmCUqnh1Lk1TTZvZi7ksvUWm4XDB4
 traffic_taffy/tools/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 traffic_taffy/tools/cache_info.py,sha256=ZanO6jDlTdfJ7w0N_7BkLyJj4NyZGShaH7SrUulbIoE,2085
 traffic_taffy/tools/compare.py,sha256=oT5fIqfPeY6nGI9vSVAoKDsAVzzqfXJDzyOw2BhPfSI,3509
-traffic_taffy/tools/config.py,sha256=RwJYyfI1yiAKbMzU5mcPTguBiH-hGRy5vk_YvAAjPuM,2343
+traffic_taffy/tools/config.py,sha256=lW9KKlWedGsVpq6c2KyC4TzbowYmGHWyEY3WqfGnhVI,2501
 traffic_taffy/tools/dissect.py,sha256=kGG0K2d9-OwrAhEU97id2m29PvhYaXZYIw1nLi1aVsE,3346
 traffic_taffy/tools/explore.py,sha256=gUcOfAgangJJI1si1gLPUoWRUKmWUAXSP0oTD2JJygw,24149
 traffic_taffy/tools/export.py,sha256=9zBBGhZK95b4ZiLJ8XK30GPsaBjgR84Sk1HoPIxRpTI,2844
 traffic_taffy/tools/graph.py,sha256=KiKDY9R8JLT5-JouANoi_1WGcdFMhXsLnYlhPsFRWpM,2316
-traffic_taffy-0.9.7.dist-info/METADATA,sha256=JBugfulFVW9XOxNcx9vjDPyVIkWN4F8AAvT5qTewBBk,2311
-traffic_taffy-0.9.7.dist-info/WHEEL,sha256=qtCwoSJWgHk21S1Kb4ihdzI2rlJ1ZKaIurTj_ngOhyQ,87
-traffic_taffy-0.9.7.dist-info/entry_points.txt,sha256=F0lqjvw94nQ3hY4eerN7faT9aKhhGUHbqBhuEr9q1r8,361
-traffic_taffy-0.9.7.dist-info/licenses/LICENSE.txt,sha256=eFp2vwcZFJW55SUQRoEfXio3K9XdwvsaI_WHntR7I2M,11338
-traffic_taffy-0.9.7.dist-info/RECORD,,
+traffic_taffy-0.9.9.dist-info/METADATA,sha256=c287QYMbyfRv0cjIKLnaoyTowxqr6mVa_sd4q9MUW5w,2311
+traffic_taffy-0.9.9.dist-info/WHEEL,sha256=qtCwoSJWgHk21S1Kb4ihdzI2rlJ1ZKaIurTj_ngOhyQ,87
+traffic_taffy-0.9.9.dist-info/entry_points.txt,sha256=F0lqjvw94nQ3hY4eerN7faT9aKhhGUHbqBhuEr9q1r8,361
+traffic_taffy-0.9.9.dist-info/licenses/LICENSE.txt,sha256=eFp2vwcZFJW55SUQRoEfXio3K9XdwvsaI_WHntR7I2M,11338
+traffic_taffy-0.9.9.dist-info/RECORD,,

traffic_taffy/report.py

@@ -1,12 +0,0 @@
-from dataclasses import dataclass
-
-
-@dataclass
-class Report:
-    delta_percentage: float
-    delta_absolute: int
-    total: int
-    left_count: int
-    right_count: int
-    left_percentage: float
-    right_percentage: float

traffic_taffy/tests/test_dpkt_engine.py

@@ -1,15 +0,0 @@
-import os
-from traffic_taffy.dissection import PCAPDissectorLevel
-from traffic_taffy.dissector_engine.dpkt import DissectionEngineDpkt
-
-def test_dpkt_engine():
-    test_pcap = "dns.pcap"
-    test_pcap = "port53-2023-30-31_20.pcap"
-    test_pcap = "airplane-wireless.pcap"
-    if not os.path.exists(test_pcap):
-        return
-
-    engine = DissectionEngineDpkt(test_pcap,
-                                  dissector_level = PCAPDissectorLevel.COMMON_LAYERS)
-    dissection = engine.load()
-