From 4d3d1c98d66055d4a82a7fd737f4739f4de76bfd Mon Sep 17 00:00:00 2001 From: gurkenhabicht Date: Thu, 21 May 2020 17:27:30 +0200 Subject: [PATCH] regex parser result is now a field in QryData, and stored in the db as a result --- src/main.rs | 1 + src/parser.rs | 23 +++++++++++++++-------- 2 files changed, 16 insertions(+), 8 deletions(-) diff --git a/src/main.rs b/src/main.rs index 78fc34c..e3bb813 100644 --- a/src/main.rs +++ b/src/main.rs @@ -24,6 +24,7 @@ impl Serialize for parser::QryData { state.serialize_field("ipv6_header", &self.ipv6_header)?; state.serialize_field("tcp_header", &self.tcp_header)?; state.serialize_field("data", &self.data)?; + state.serialize_field("reg_res", &self.reg_res)?; state.end() } } diff --git a/src/parser.rs b/src/parser.rs index ad8827e..366d412 100644 --- a/src/parser.rs +++ b/src/parser.rs @@ -4,7 +4,6 @@ extern crate eui48; mod packet_handler; use eui48::MacAddress; use pcap::Capture; -//use std::net::{IpAddr, Ipv4Addr, Ipv6Addr}; use regex::bytes::Match; use regex::bytes::Regex; use std::str; @@ -22,7 +21,6 @@ fn build_ether() -> packet_handler::EtherHeader { } } -// TODO: wrap packet_handler types inside Option #[derive(Debug, Clone)] pub struct QryData { pub id: i32, @@ -32,14 +30,19 @@ pub struct QryData { pub ipv4_header: Option, pub ipv6_header: Option, pub tcp_header: Option, + pub reg_res: Option, } fn flag_carnage(re: &Regex, payload: &[u8]) -> Option { - for mat in re.find_iter(payload) { - println!("{:?}", std::str::from_utf8(mat.as_bytes())); + let mut flags: String = String::new() ; + for mat in re.find_iter(payload) { + // println!("{:?}", std::str::from_utf8(mat.as_bytes()).unwrap()); + flags.push_str( std::str::from_utf8(mat.as_bytes()).unwrap() ); + } + match 0 < flags.len() { + false => None, + true => Some(flags) } - - Some("test".to_owned()) } pub fn parse(parse_file: &str, filter_str: &str) -> Vec { @@ -53,6 +56,7 @@ pub fn parse(parse_file: &str, filter_str: &str) -> Vec { ipv4_header: None::, ipv6_header: None::, tcp_header: None::, + reg_res: None::, }; let mut v: Vec = Vec::new(); @@ -62,7 +66,7 @@ pub fn parse(parse_file: &str, filter_str: &str) -> Vec { while let Ok(packet) = cap.next() { me.time = (packet.header.ts.tv_usec as f64 / 1000000.0) + packet.header.ts.tv_sec as f64; me.data = Some(packet.data.to_vec()); - flag_carnage(&re, packet.data); + me.reg_res = flag_carnage(&re, packet.data); me.ether_header = packet_handler::ethernet_handler(packet.data); match me.ether_header.ether_type as usize { ETH_P_IP => { @@ -104,6 +108,7 @@ pub fn parse(parse_file: &str, filter_str: &str) -> Vec { ipv4_header: me.ipv4_header, ipv6_header: me.ipv6_header, tcp_header: me.tcp_header, + reg_res: me.reg_res, }); } v @@ -120,6 +125,7 @@ pub fn parse_device(parse_device: &str, filter_str: &str, insert_max: &usize) -> ipv4_header: None::, ipv6_header: None::, tcp_header: None::, + reg_res: None::, }; let mut v: Vec = Vec::new(); let mut cap = Capture::from_device(parse_device).unwrap().open().unwrap(); @@ -129,7 +135,7 @@ pub fn parse_device(parse_device: &str, filter_str: &str, insert_max: &usize) -> 'parse: while let Ok(packet) = cap.next() { me.time = (packet.header.ts.tv_usec as f64 / 1000000.0) + packet.header.ts.tv_sec as f64; me.data = Some(packet.data.to_vec()); - flag_carnage(&re, packet.data); + me.reg_res = flag_carnage(&re, packet.data); me.ether_header = packet_handler::ethernet_handler(packet.data); match me.ether_header.ether_type as usize { ETH_P_IP => { @@ -171,6 +177,7 @@ pub fn parse_device(parse_device: &str, filter_str: &str, insert_max: &usize) -> ipv4_header: me.ipv4_header, ipv6_header: me.ipv6_header, tcp_header: me.tcp_header, + reg_res: me.reg_res, }); if &v.len() >= insert_max {