Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
parser.add_argument("-i", "--interface", help="chose interface", action="store", dest='interface')
parser.add_argument("-r", "--ring", help="activate ring buffer", action="store_true",
default=False)
args = parser.parse_args()
# live ring capture
if args.ring:
logger.info("Starting Live Ring Capture on " + args.interface)
cap = pyshark.LiveRingCapture(interface=args.interface, only_summaries=True, ring_file_size=4096,
num_ring_files=50, ring_file_name='./db/pcap/pci.pcapng')
packet_analysis_live(cap)
# live capture
elif args.interface:
logger.info("Starting Live Capture on " + args.interface)
cap = pyshark.LiveCapture(interface=args.interface, only_summaries=True)
packet_analysis_live(cap)
# pcap
elif args.filepath:
logger.info("Starting pcap analysis on " + args.filepath)
cap = pyshark.FileCapture(input_file=args.filepath, only_summaries=True)
packet_analysis(cap)
else:
parser.print_help()
sys.exit()
global ssnets
ssnets=IPSet(snets)
if args.udpport is not None:
cfilter='udp portrange '+args.udpport
elif args.tcpport is not None:
cfilter='tcp portrange '+args.tcpport
else:
cfilter='ip'
cint=args.interface
global start
start = utils.current_time()
print('Filter: %s on %s'%(cfilter,cint))
try:
capture = pyshark.LiveCapture(interface=cint,bpf_filter=cfilter)
capture.apply_on_packets(pkt_callback)
print(inter_interval_down)
print(inter_interval_up)
except KeyboardInterrupt:
sys.exit(0)
def ifaceSniffer():
global sniffError
global stoppingIface
global monitor_iface
global sniffStarted
if not stoppingIface:
try:
capture = pyshark.LiveCapture(interface=monitor_iface)
sniffStarted = True
capture.apply_on_packets(ifaceCounter)
except:
sniffError = True
sys.exit()
else:
sys.exit()
sys.exit()
CLIENT_NETS_SET = IPSet(client_networks)
net_interface = args.interface
print('TCP filter active on {} applied to the following '
'networks: {}'.format(net_interface, CLIENT_NETS_SET))
MINING_THRESHOLD = args.miningthreshold if args.miningthreshold is not None \
else MINING_THRESHOLD
TRAFFIC_STATS = \
np.zeros((SRC_IP_ALLOCATE, TCP_PORT_ALLOCATE, WINDOW_DELTA, N_FEATURES))
try:
capture = pyshark.LiveCapture(interface=net_interface, bpf_filter='tcp')
capture.apply_on_packets(pkt_callback)
except KeyboardInterrupt:
print('\n{} packets captured! Done!\n'.format(N_PACKETS))
exit()
sys.exit()
global ssnets
ssnets=IPSet(snets)
if args.udpport is not None:
cfilter='udp portrange '+args.udpport
elif args.tcpport is not None:
cfilter='tcp portrange '+args.tcpport
else:
cfilter='ip'
cint=args.interface
print('Filter: %s on %s'%(cfilter,cint))
try:
capture = pyshark.LiveCapture(interface=cint,bpf_filter=cfilter)
capture.apply_on_packets(pkt_callback)
print(inter_interval_down)
print(inter_interval_up)
except KeyboardInterrupt:
global npkts
global npkts_up
global npkts_down
global len_up
global len_down
global t0
keys = []
values = []
file_ = open('stats', 'w')
#file_.write('npkts:'+str(npkts)+'\n')
#file_.write('npkts_down:'+ str(npkts_down)+'\n')
try:
for packet in cap:
pp.process(packet)
cap.close()
cap.eventloop.stop()
except Exception as e:
print('Error: {}'.format(e))
pass
# Capture live network traffic
elif args.interface:
if args.write_pcap:
DISPLAY_FILTER = None
# TODO: Use a Ring Buffer (LiveRingCapture), when the issue is fixed:
# https://github.com/KimiNewt/pyshark/issues/299
cap = pyshark.LiveCapture(
interface=args.interface,
decode_as=args.decode_as,
display_filter=DISPLAY_FILTER,
bpf_filter=args.bpf_filter,
output_file=args.write_pcap)
try:
cap.apply_on_packets(pp.process)
except (KeyboardInterrupt, SystemExit):
print("Exiting..\nBYE o/\n")
def listen_on_interface(interface, timeout=60):
"""
:param interface: The name of the interface on which to capture traffic
:return: generator containing live packets
"""
start = time.time()
capture = pyshark.LiveCapture(interface=interface)
for item in capture.sniff_continuously():
if timeout and time.time() - start > timeout:
break
yield item
def sniffprobes(iface):
wireless_filter = '''
(wlan.fc.type_subtype == 4)
'''
#(wlan.fc.type == 2)
#(wlan.fc.type_subtype == 0 or wlan.fc.type_subtype == 1)
#mac_re = re.compile('[0-9A-F][0-9A-F]:[0-9A-F][0-9A-F]:[0-9A-F][0-9A-F]',re.IGNORECASE)
while conf.running:
try:
capture = pyshark.LiveCapture(interface=iface,display_filter=wireless_filter)
debug(0,'Starting capture on interface %s' % iface)
for packet in capture.sniff_continuously():
try:
signal = packet['radiotap'].dbm_antsignal
bssid = packet['wlan'].da
pktmac = packet['wlan'].ta
ssid = packet['wlan_mgt'].ssid
except:
continue
if ssid == 'SSID: ' or ssid == '' or ssid == ' ':
ssid = '[ANY]'
lastseen = time.time()
def main():
#Start prometheus exporter.
start_http_server(12301)
#Setup of pyshark
capture = pyshark.LiveCapture(interface='eth0', display_filter='http', bpf_filter='host ' + os.environ['NETM_IP'] + ' and not port 12301')#, display_filter='http')
capture.set_debug()
capture
for packet in capture.sniff_continuously():
if 'http' in packet:
process_http(packet.http)