Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
if USE_UJSON:
pkt_dict = ujson.loads(json_pkt)
else:
pkt_dict = json.loads(json_pkt.decode('utf-8'))
# We use the frame dict here and not the object access because it's faster.
frame_dict = pkt_dict['_source']['layers'].pop('frame')
layers = []
for layer in frame_dict['frame.protocols'].split(':'):
layer_dict = pkt_dict['_source']['layers'].pop(layer, None)
if layer_dict is not None:
layers.append(JsonLayer(layer, layer_dict))
# Add all leftovers
for name, layer in pkt_dict['_source']['layers'].items():
layers.append(JsonLayer(name, layer))
return Packet(layers=layers, frame_info=JsonLayer('frame', frame_dict),
number=int(frame_dict.get('frame.number', 0)),
length=int(frame_dict['frame.len']),
sniff_time=frame_dict['frame.time'],
interface_captured=frame_dict.get('frame.interface_id'))
if deduplicate_fields:
# NOTE: We can use ujson here for ~25% speed-up, however since we can't use hooks in ujson
# we lose the ability to view duplicates. This might still be a good option later on.
pkt_dict = json.loads(json_pkt.decode('utf-8'), object_pairs_hook=duplicate_object_hook)
else:
if USE_UJSON:
pkt_dict = ujson.loads(json_pkt)
else:
pkt_dict = json.loads(json_pkt.decode('utf-8'))
# We use the frame dict here and not the object access because it's faster.
frame_dict = pkt_dict['_source']['layers'].pop('frame')
layers = []
for layer in frame_dict['frame.protocols'].split(':'):
layer_dict = pkt_dict['_source']['layers'].pop(layer, None)
if layer_dict is not None:
layers.append(JsonLayer(layer, layer_dict))
# Add all leftovers
for name, layer in pkt_dict['_source']['layers'].items():
layers.append(JsonLayer(name, layer))
return Packet(layers=layers, frame_info=JsonLayer('frame', frame_dict),
number=int(frame_dict.get('frame.number', 0)),
length=int(frame_dict['frame.len']),
sniff_time=frame_dict['frame.time'],
interface_captured=frame_dict.get('frame.interface_id'))
pkt_dict = json.loads(json_pkt.decode('utf-8'), object_pairs_hook=duplicate_object_hook)
else:
if USE_UJSON:
pkt_dict = ujson.loads(json_pkt)
else:
pkt_dict = json.loads(json_pkt.decode('utf-8'))
# We use the frame dict here and not the object access because it's faster.
frame_dict = pkt_dict['_source']['layers'].pop('frame')
layers = []
for layer in frame_dict['frame.protocols'].split(':'):
layer_dict = pkt_dict['_source']['layers'].pop(layer, None)
if layer_dict is not None:
layers.append(JsonLayer(layer, layer_dict))
# Add all leftovers
for name, layer in pkt_dict['_source']['layers'].items():
layers.append(JsonLayer(name, layer))
return Packet(layers=layers, frame_info=JsonLayer('frame', frame_dict),
number=int(frame_dict.get('frame.number', 0)),
length=int(frame_dict['frame.len']),
sniff_time=frame_dict['frame.time'],
interface_captured=frame_dict.get('frame.interface_id'))
def get_queries(cls, dns_layer):
from pyshark.packet.layer import JsonLayer
queries = dns_layer.get_field("Queries", as_dict=True)
# The key is currently the description
for query_desc in queries:
queries[query_desc]["description"] = query_desc
return [JsonLayer("QUERY", query, full_name="dns") for query in queries.values()]