implemented regex parser to stdout
This commit is contained in:
parent
2f3d08b21d
commit
8e553bee9e
141
src/main.rs
141
src/main.rs
|
|
@ -1,13 +1,13 @@
|
|||
extern crate tokio_postgres;
|
||||
extern crate serde_json;
|
||||
extern crate tokio;
|
||||
extern crate tokio_postgres;
|
||||
use rayon::prelude::*;
|
||||
use serde::ser::{Serialize, Serializer, SerializeStruct};
|
||||
use std::fs::File;
|
||||
use serde::ser::{Serialize, SerializeStruct, Serializer};
|
||||
use serde_json::json;
|
||||
use std::fs::File;
|
||||
mod parser;
|
||||
use tokio_postgres::types::ToSql;
|
||||
use tokio_postgres::{NoTls, Error};
|
||||
use tokio_postgres::{Error, NoTls};
|
||||
|
||||
impl Serialize for parser::QryData {
|
||||
fn serialize<S>(&self, serializer: S) -> Result<S::Ok, S::Error>
|
||||
|
|
@ -28,7 +28,7 @@ impl Serialize for parser::QryData {
|
|||
}
|
||||
}
|
||||
|
||||
fn serialize_packets ( v: Vec<parser::QryData> ) -> Vec<serde_json::Value> {
|
||||
fn serialize_packets(v: Vec<parser::QryData>) -> Vec<serde_json::Value> {
|
||||
// let mut packets_serialized: Vec<_> = Vec::new();
|
||||
|
||||
// for packet in v.iter() {
|
||||
|
|
@ -36,23 +36,24 @@ fn serialize_packets ( v: Vec<parser::QryData> ) -> Vec<serde_json::Value> {
|
|||
// }
|
||||
|
||||
/* rayon parallelized */
|
||||
let packets_serialized = v.par_iter().map( |x| json!(x) ).collect();
|
||||
let packets_serialized = v.par_iter().map(|x| json!(x)).collect();
|
||||
|
||||
packets_serialized
|
||||
}
|
||||
|
||||
fn query_string ( insert_max: &usize ) -> String {
|
||||
fn query_string(insert_max: &usize) -> String {
|
||||
let mut insert_template: String = "INSERT INTO json_dump (packet) Values ".to_owned();
|
||||
|
||||
for insert in 0..insert_max-1 { insert_template.push_str( &(format!("(${}), ", insert+1)) );}
|
||||
insert_template.push_str( &(format!("(${})", insert_max)) );
|
||||
for insert in 0..insert_max - 1 {
|
||||
insert_template.push_str(&(format!("(${}), ", insert + 1)));
|
||||
}
|
||||
insert_template.push_str(&(format!("(${})", insert_max)));
|
||||
|
||||
insert_template
|
||||
}
|
||||
|
||||
#[tokio::main(core_threads = 4)] // By default, tokio_postgres uses the tokio crate as its runtime.
|
||||
async fn main() -> Result<(), Error> {
|
||||
|
||||
/* Init values from file */
|
||||
let file = File::open("parser.json").expect("file should open read only");
|
||||
|
||||
|
|
@ -60,17 +61,27 @@ async fn main() -> Result<(), Error> {
|
|||
let filter = json.get("filter").unwrap().as_str().unwrap();
|
||||
let insert_max = json.get("insert_max").unwrap().as_u64().unwrap() as usize;
|
||||
let pcap_file = json.get("pcap_file").unwrap().as_str().unwrap();
|
||||
let host = ["host=", json.get("database_host").unwrap().as_str().unwrap()].join("");
|
||||
let user = ["user=", json.get("database_user").unwrap().as_str().unwrap()].join("");
|
||||
let password = ["password=", json.get("database_password").unwrap().as_str().unwrap()].join("");
|
||||
let host = [
|
||||
"host=",
|
||||
json.get("database_host").unwrap().as_str().unwrap(),
|
||||
]
|
||||
.join("");
|
||||
let user = [
|
||||
"user=",
|
||||
json.get("database_user").unwrap().as_str().unwrap(),
|
||||
]
|
||||
.join("");
|
||||
let password = [
|
||||
"password=",
|
||||
json.get("database_password").unwrap().as_str().unwrap(),
|
||||
]
|
||||
.join("");
|
||||
let connection = [host, user, password].join(" ");
|
||||
let device = json.get("parse_device").unwrap().as_str().unwrap();
|
||||
let is_device = json.get("from_device").unwrap().as_bool().unwrap();
|
||||
|
||||
|
||||
/* db connection */
|
||||
let (client, connection) =
|
||||
tokio_postgres::connect(&connection, NoTls).await?;
|
||||
let (client, connection) = tokio_postgres::connect(&connection, NoTls).await?;
|
||||
|
||||
tokio::spawn(async move {
|
||||
if let Err(e) = connection.await {
|
||||
|
|
@ -78,71 +89,90 @@ async fn main() -> Result<(), Error> {
|
|||
}
|
||||
});
|
||||
|
||||
client.execute("DROP TABLE IF EXISTS json_dump", &[]).await?;
|
||||
client.execute("CREATE TABLE json_dump ( ID serial NOT NULL PRIMARY KEY, packet json NOT NULL)", &[]).await?;
|
||||
client
|
||||
.execute("DROP TABLE IF EXISTS json_dump", &[])
|
||||
.await?;
|
||||
client
|
||||
.execute(
|
||||
"CREATE TABLE json_dump ( ID serial NOT NULL PRIMARY KEY, packet json NOT NULL)",
|
||||
&[],
|
||||
)
|
||||
.await?;
|
||||
|
||||
/* device or file input */
|
||||
if false == is_device {
|
||||
|
||||
let v: Vec<parser::QryData> = parser::parse(&pcap_file, &filter );
|
||||
let packets_serialized = serialize_packets( v );
|
||||
let v: Vec<parser::QryData> = parser::parse(&pcap_file, &filter);
|
||||
let packets_serialized = serialize_packets(v);
|
||||
|
||||
/* Query */
|
||||
//let insert_max = 60;
|
||||
let chunk_count = packets_serialized.len()/insert_max;
|
||||
let chunk_count = packets_serialized.len() / insert_max;
|
||||
let remainder: usize = packets_serialized.len() % insert_max;
|
||||
let chunker = &packets_serialized.len() < &insert_max;
|
||||
match chunker {
|
||||
true => {
|
||||
let insert_str = query_string( &packets_serialized.len() );
|
||||
let statement_false = client.prepare( &insert_str ).await?;
|
||||
client.query_raw(&statement_false, packets_serialized.iter().map(|p| p as &dyn ToSql)).await?;
|
||||
},
|
||||
|
||||
false => {
|
||||
|
||||
let insert_str = query_string( &insert_max );
|
||||
let statement = client.prepare( &insert_str ).await?;
|
||||
|
||||
|
||||
for _i in 0..chunk_count {
|
||||
let (_input, _)= packets_serialized.split_at(insert_max);
|
||||
client.query_raw(&statement, _input.to_vec().iter().map(|p| p as &dyn ToSql)).await?;
|
||||
let insert_str = query_string(&packets_serialized.len());
|
||||
let statement_false = client.prepare(&insert_str).await?;
|
||||
client
|
||||
.query_raw(
|
||||
&statement_false,
|
||||
packets_serialized.iter().map(|p| p as &dyn ToSql),
|
||||
)
|
||||
.await?;
|
||||
}
|
||||
|
||||
println!("Packets, total:{:?}",packets_serialized.len());
|
||||
false => {
|
||||
let insert_str = query_string(&insert_max);
|
||||
let statement = client.prepare(&insert_str).await?;
|
||||
|
||||
for _i in 0..chunk_count {
|
||||
let (_input, _) = packets_serialized.split_at(insert_max);
|
||||
client
|
||||
.query_raw(&statement, _input.to_vec().iter().map(|p| p as &dyn ToSql))
|
||||
.await?;
|
||||
}
|
||||
|
||||
println!("Packets, total:{:?}", packets_serialized.len());
|
||||
println!("Chunks, total:{}", chunk_count);
|
||||
println!("Chunks, remainder{}", remainder);
|
||||
|
||||
if remainder > 0 {
|
||||
let rem_str = query_string( &remainder );
|
||||
let rem_str = query_string(&remainder);
|
||||
let statement_remainder = client.prepare(&rem_str).await?;
|
||||
let (_garbage, _input) =packets_serialized.split_at(packets_serialized.len()-remainder);
|
||||
client.query_raw(&statement_remainder, _input.to_vec().iter().map(|p| p as &dyn ToSql),).await?;
|
||||
}
|
||||
|
||||
let (_garbage, _input) =
|
||||
packets_serialized.split_at(packets_serialized.len() - remainder);
|
||||
client
|
||||
.query_raw(
|
||||
&statement_remainder,
|
||||
_input.to_vec().iter().map(|p| p as &dyn ToSql),
|
||||
)
|
||||
.await?;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
} else {
|
||||
let insert_str = query_string(&insert_max);
|
||||
let statement = client.prepare(&insert_str).await?;
|
||||
loop {
|
||||
let v: Vec<parser::QryData> = parser::parse_device(&device, &filter, &insert_max);
|
||||
let packets_serialized = serialize_packets( v );
|
||||
client.query_raw(&statement, packets_serialized.iter().map(|p| p as &dyn ToSql),).await?;
|
||||
let packets_serialized = serialize_packets(v);
|
||||
client
|
||||
.query_raw(
|
||||
&statement,
|
||||
packets_serialized.iter().map(|p| p as &dyn ToSql),
|
||||
)
|
||||
.await?;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
Ok(())
|
||||
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn test_insert_json () {
|
||||
use serde_json::json;
|
||||
let mut client = Client::connect("host=localhost user=postgres password=password", NoTls).unwrap();
|
||||
fn test_insert_json() {
|
||||
use serde_json::json;
|
||||
let mut client =
|
||||
Client::connect("host=localhost user=postgres password=password", NoTls).unwrap();
|
||||
let john = json!({
|
||||
"name": "John Doe",
|
||||
"age": 43,
|
||||
|
|
@ -153,9 +183,12 @@ use serde_json::json;
|
|||
"empty": []
|
||||
});
|
||||
|
||||
client.execute("DROP TABLE IF EXISTS json_dump", &[]).unwrap();
|
||||
client.execute("CREATE TABLE json_dump ( ID serial NOT NULL PRIMARY KEY, data json NOT NULL)", &[]);
|
||||
client
|
||||
.execute("DROP TABLE IF EXISTS json_dump", &[])
|
||||
.unwrap();
|
||||
client.execute(
|
||||
"CREATE TABLE json_dump ( ID serial NOT NULL PRIMARY KEY, data json NOT NULL)",
|
||||
&[],
|
||||
);
|
||||
client.query("INSERT INTO json_dump ( data ) VALUES ($1)", &[&john]);
|
||||
}
|
||||
|
||||
|
||||
|
|
|
|||
120
src/parser.rs
120
src/parser.rs
|
|
@ -1,31 +1,30 @@
|
|||
extern crate byteorder;
|
||||
extern crate bitfield;
|
||||
extern crate byteorder;
|
||||
extern crate eui48;
|
||||
mod packet_handler;
|
||||
use pcap::Capture;
|
||||
use eui48::MacAddress;
|
||||
use pcap::Capture;
|
||||
//use std::net::{IpAddr, Ipv4Addr, Ipv6Addr};
|
||||
use std::str;
|
||||
|
||||
use regex::bytes::Regex;
|
||||
use regex::bytes::Match;
|
||||
|
||||
/* protocol ids, LittleEndian */
|
||||
const ETH_P_IPV6: usize = 0xDD86;
|
||||
const ETH_P_IP: usize = 0x08;
|
||||
const TCP: usize = 0x06;
|
||||
|
||||
|
||||
fn build_ether () -> packet_handler::EtherHeader {
|
||||
fn build_ether() -> packet_handler::EtherHeader {
|
||||
packet_handler::EtherHeader {
|
||||
ether_dhost: (MacAddress::new([0;6])).to_hex_string(),
|
||||
ether_shost: (MacAddress::new([0;6])).to_hex_string(),
|
||||
ether_dhost: (MacAddress::new([0; 6])).to_hex_string(),
|
||||
ether_shost: (MacAddress::new([0; 6])).to_hex_string(),
|
||||
ether_type: 0,
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
// TODO: wrap packet_handler types inside Option<T>
|
||||
#[derive(Debug, Clone)]
|
||||
pub struct QryData{
|
||||
pub struct QryData {
|
||||
pub id: i32,
|
||||
pub time: f64,
|
||||
pub data: Option<Vec<u8>>,
|
||||
|
|
@ -35,7 +34,18 @@ pub struct QryData{
|
|||
pub tcp_header: Option<packet_handler::TcpHeader>,
|
||||
}
|
||||
|
||||
pub fn parse (parse_file: &str, filter_str: &str) -> Vec<QryData> {
|
||||
fn flag_carnage( re: &Regex, payload: &[u8]) -> Option<String> {
|
||||
//let _payload: [u8] = payload.copy_from_slice(&payload);
|
||||
for mat in re.find_iter(payload){
|
||||
//println!("{:?}", mat.as_bytes().to_owned().as_string());
|
||||
println!("{:?}", std::str::from_utf8(mat.as_bytes()));
|
||||
}
|
||||
|
||||
Some("test".to_owned())
|
||||
}
|
||||
|
||||
|
||||
pub fn parse(parse_file: &str, filter_str: &str) -> Vec<QryData> {
|
||||
let ether_init = build_ether();
|
||||
|
||||
let mut me = QryData {
|
||||
|
|
@ -46,42 +56,60 @@ pub fn parse (parse_file: &str, filter_str: &str) -> Vec<QryData> {
|
|||
ipv4_header: None::<packet_handler::IpV4Header>,
|
||||
ipv6_header: None::<packet_handler::IpV6Header>,
|
||||
tcp_header: None::<packet_handler::TcpHeader>,
|
||||
|
||||
};
|
||||
let mut v: Vec<QryData> = Vec::new();
|
||||
|
||||
let mut cap = Capture::from_file(parse_file).unwrap();
|
||||
Capture::filter(&mut cap, &filter_str).unwrap();
|
||||
|
||||
let re = Regex::new(r"(?:http|https):[[::punct::]]?").unwrap();
|
||||
while let Ok(packet) = cap.next() {
|
||||
me.time = (packet.header.ts.tv_usec as f64 / 1000000.0) + packet.header.ts.tv_sec as f64;
|
||||
me.data = Some(packet.data.to_vec());
|
||||
me.ether_header = packet_handler::ethernet_handler( packet.data );
|
||||
flag_carnage( &re, packet.data);
|
||||
me.ether_header = packet_handler::ethernet_handler(packet.data);
|
||||
if ETH_P_IP == me.ether_header.ether_type as usize {
|
||||
me.ipv6_header = None::<packet_handler::IpV6Header>;
|
||||
me.ipv4_header = Some(packet_handler::ip_handler( packet.data )).unwrap();
|
||||
me.ipv4_header = Some(packet_handler::ip_handler(packet.data)).unwrap();
|
||||
if TCP == me.ipv4_header.unwrap().ip_protocol as usize {
|
||||
me.tcp_header = Some(packet_handler::tcp_handler( me.ipv4_header.unwrap().ip_ihl, packet.data )).unwrap();
|
||||
me.data= packet_handler::payload_handler( me.ipv4_header.unwrap().ip_ihl, me.tcp_header.unwrap().data_offset, packet.data);
|
||||
me.tcp_header = Some(packet_handler::tcp_handler(
|
||||
me.ipv4_header.unwrap().ip_ihl,
|
||||
packet.data,
|
||||
))
|
||||
.unwrap();
|
||||
me.data = packet_handler::payload_handler(
|
||||
me.ipv4_header.unwrap().ip_ihl,
|
||||
me.tcp_header.unwrap().data_offset,
|
||||
packet.data,
|
||||
);
|
||||
}
|
||||
|
||||
}
|
||||
if ETH_P_IPV6 == me.ether_header.ether_type as usize {
|
||||
me.ipv4_header = None::<packet_handler::IpV4Header>;
|
||||
me.ipv6_header = Some(packet_handler::ipv6_handler( packet.data )).unwrap();
|
||||
if TCP == me.ipv6_header.unwrap().next_header as usize{
|
||||
me.tcp_header = Some(packet_handler::tcp_handler( 10, packet.data )).unwrap();
|
||||
me.data = packet_handler::payload_handler( 10, me.tcp_header.unwrap().data_offset, packet.data);
|
||||
me.ipv6_header = Some(packet_handler::ipv6_handler(packet.data)).unwrap();
|
||||
if TCP == me.ipv6_header.unwrap().next_header as usize {
|
||||
me.tcp_header = Some(packet_handler::tcp_handler(10, packet.data)).unwrap();
|
||||
me.data = packet_handler::payload_handler(
|
||||
10,
|
||||
me.tcp_header.unwrap().data_offset,
|
||||
packet.data,
|
||||
);
|
||||
}
|
||||
}
|
||||
|
||||
v.push(QryData{id:0, time:me.time, data: me.data, ether_header:me.ether_header, ipv4_header: me.ipv4_header, ipv6_header: me.ipv6_header, tcp_header: me.tcp_header});
|
||||
|
||||
v.push(QryData {
|
||||
id: 0,
|
||||
time: me.time,
|
||||
data: me.data,
|
||||
ether_header: me.ether_header,
|
||||
ipv4_header: me.ipv4_header,
|
||||
ipv6_header: me.ipv6_header,
|
||||
tcp_header: me.tcp_header,
|
||||
});
|
||||
}
|
||||
v
|
||||
}
|
||||
|
||||
pub fn parse_device (parse_device: &str, filter_str: &str, insert_max: &usize) -> Vec<QryData> {
|
||||
pub fn parse_device(parse_device: &str, filter_str: &str, insert_max: &usize) -> Vec<QryData> {
|
||||
let ether_init = build_ether();
|
||||
|
||||
let mut me = QryData {
|
||||
|
|
@ -97,30 +125,49 @@ pub fn parse_device (parse_device: &str, filter_str: &str, insert_max: &usize) -
|
|||
let mut cap = Capture::from_device(parse_device).unwrap().open().unwrap();
|
||||
Capture::filter(&mut cap, &filter_str).unwrap();
|
||||
|
||||
'parse: while let Ok(packet) = cap.next(){
|
||||
let re = Regex::new(r"(?:http|https):[[::punct::]]").unwrap();
|
||||
'parse: while let Ok(packet) = cap.next() {
|
||||
me.time = (packet.header.ts.tv_usec as f64 / 1000000.0) + packet.header.ts.tv_sec as f64;
|
||||
me.data = Some(packet.data.to_vec());
|
||||
me.ether_header = packet_handler::ethernet_handler( packet.data );
|
||||
me.ether_header = packet_handler::ethernet_handler(packet.data);
|
||||
if ETH_P_IP == me.ether_header.ether_type as usize {
|
||||
me.ipv6_header = None::<packet_handler::IpV6Header>;
|
||||
me.ipv4_header = Some(packet_handler::ip_handler( packet.data )).unwrap();
|
||||
if TCP == me.ipv4_header.unwrap().ip_protocol as usize{
|
||||
me.tcp_header = Some(packet_handler::tcp_handler( me.ipv4_header.unwrap().ip_ihl, packet.data )).unwrap();
|
||||
me.data= packet_handler::payload_handler( me.ipv4_header.unwrap().ip_ihl, me.tcp_header.unwrap().data_offset, packet.data);
|
||||
me.ipv4_header = Some(packet_handler::ip_handler(packet.data)).unwrap();
|
||||
if TCP == me.ipv4_header.unwrap().ip_protocol as usize {
|
||||
me.tcp_header = Some(packet_handler::tcp_handler(
|
||||
me.ipv4_header.unwrap().ip_ihl,
|
||||
packet.data,
|
||||
))
|
||||
.unwrap();
|
||||
me.data = packet_handler::payload_handler(
|
||||
me.ipv4_header.unwrap().ip_ihl,
|
||||
me.tcp_header.unwrap().data_offset,
|
||||
packet.data,
|
||||
);
|
||||
}
|
||||
|
||||
}
|
||||
if ETH_P_IPV6 == me.ether_header.ether_type as usize {
|
||||
me.ipv4_header = None::<packet_handler::IpV4Header>;
|
||||
me.ipv6_header = Some(packet_handler::ipv6_handler( packet.data)).unwrap();
|
||||
me.ipv6_header = Some(packet_handler::ipv6_handler(packet.data)).unwrap();
|
||||
if TCP == me.ipv6_header.unwrap().next_header as usize {
|
||||
me.tcp_header = Some(packet_handler::tcp_handler( 10, packet.data )).unwrap();
|
||||
me.data = packet_handler::payload_handler( 10, me.tcp_header.unwrap().data_offset, packet.data);
|
||||
me.tcp_header = Some(packet_handler::tcp_handler(10, packet.data)).unwrap();
|
||||
me.data = packet_handler::payload_handler(
|
||||
10,
|
||||
me.tcp_header.unwrap().data_offset,
|
||||
packet.data,
|
||||
);
|
||||
}
|
||||
}
|
||||
|
||||
v.push(QryData{id:0, time:me.time, data: me.data, ether_header:me.ether_header, ipv4_header: me.ipv4_header, ipv6_header: me.ipv6_header, tcp_header: me.tcp_header});
|
||||
|
||||
v.push(QryData {
|
||||
id: 0,
|
||||
time: me.time,
|
||||
data: me.data,
|
||||
ether_header: me.ether_header,
|
||||
ipv4_header: me.ipv4_header,
|
||||
ipv6_header: me.ipv6_header,
|
||||
tcp_header: me.tcp_header,
|
||||
});
|
||||
|
||||
if &v.len() >= insert_max {
|
||||
break 'parse;
|
||||
|
|
@ -128,4 +175,3 @@ pub fn parse_device (parse_device: &str, filter_str: &str, insert_max: &usize) -
|
|||
}
|
||||
v
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -1,29 +1,28 @@
|
|||
extern crate eui48;
|
||||
extern crate byteorder;
|
||||
extern crate bitfield;
|
||||
extern crate byteorder;
|
||||
extern crate eui48;
|
||||
extern crate serde;
|
||||
use byteorder::{ByteOrder, BigEndian, LittleEndian};
|
||||
use eui48::{MacAddress, Eui48};
|
||||
use bitfield::bitfield;
|
||||
use byteorder::{BigEndian, ByteOrder, LittleEndian};
|
||||
use eui48::{Eui48, MacAddress};
|
||||
use serde::{Deserialize, Serialize};
|
||||
use std::net::{IpAddr, Ipv4Addr, Ipv6Addr};
|
||||
use bitfield::{bitfield};
|
||||
use serde::{Serialize, Deserialize};
|
||||
|
||||
/* ethernet */
|
||||
const ETH_ALEN: usize = 6;
|
||||
const ETH_TLEN: usize = 2;
|
||||
const ETHER_HDRLEN: usize = 14;
|
||||
|
||||
|
||||
#[derive(Debug, Clone)]
|
||||
pub struct EtherHeader {
|
||||
// pub ether_dhost: MacAddress,
|
||||
// pub ether_shost: MacAddress,
|
||||
// pub ether_dhost: MacAddress,
|
||||
// pub ether_shost: MacAddress,
|
||||
pub ether_dhost: String,
|
||||
pub ether_shost: String,
|
||||
pub ether_type: i32,
|
||||
}
|
||||
|
||||
pub fn ethernet_handler ( packet_data: &[u8] ) -> EtherHeader {
|
||||
pub fn ethernet_handler(packet_data: &[u8]) -> EtherHeader {
|
||||
let mut _ether_dhost: [u8; ETH_ALEN] = [0; ETH_ALEN];
|
||||
let mut _ether_shost: [u8; ETH_ALEN] = [0; ETH_ALEN];
|
||||
let mut _ether_type: u16 = 0;
|
||||
|
|
@ -31,8 +30,8 @@ pub fn ethernet_handler ( packet_data: &[u8] ) -> EtherHeader {
|
|||
_ether_dhost.clone_from_slice(&packet_data[0..ETH_ALEN]);
|
||||
|
||||
//println!("{:?}", (&(_ether_dhost).to_owned()));
|
||||
_ether_shost.clone_from_slice(&packet_data[ETH_ALEN..ETH_ALEN*2]);
|
||||
_ether_type = LittleEndian::read_u16(&packet_data[ETH_ALEN*2..(ETH_ALEN*2)+ETH_TLEN]);
|
||||
_ether_shost.clone_from_slice(&packet_data[ETH_ALEN..ETH_ALEN * 2]);
|
||||
_ether_type = LittleEndian::read_u16(&packet_data[ETH_ALEN * 2..(ETH_ALEN * 2) + ETH_TLEN]);
|
||||
|
||||
EtherHeader {
|
||||
ether_dhost: (MacAddress::new(_ether_dhost as Eui48).to_hex_string()),
|
||||
|
|
@ -42,7 +41,7 @@ pub fn ethernet_handler ( packet_data: &[u8] ) -> EtherHeader {
|
|||
}
|
||||
|
||||
/* ip */
|
||||
#[derive(Debug,Copy, Clone, Serialize, Deserialize)]
|
||||
#[derive(Debug, Copy, Clone, Serialize, Deserialize)]
|
||||
pub struct IpV4Header {
|
||||
pub ip_version: u32,
|
||||
pub ip_ihl: u32,
|
||||
|
|
@ -58,7 +57,6 @@ pub struct IpV4Header {
|
|||
pub ip_header_checksum: u32,
|
||||
pub ip_source_address: IpAddr,
|
||||
pub ip_destination_address: IpAddr,
|
||||
|
||||
}
|
||||
|
||||
bitfield! {
|
||||
|
|
@ -91,7 +89,7 @@ impl<T: AsRef<[u8]> + AsMut<[u8]>> BitfieldIpV4Header<T> {
|
|||
}
|
||||
}
|
||||
|
||||
pub fn ip_handler ( packet_data: &[u8] ) -> Option<IpV4Header> {
|
||||
pub fn ip_handler(packet_data: &[u8]) -> Option<IpV4Header> {
|
||||
let (_head, tail) = packet_data.split_at(ETHER_HDRLEN);
|
||||
let (raw_hdr, _) = tail.split_at(20);
|
||||
let mut _tail: [u8; 20] = [0; 20];
|
||||
|
|
@ -130,19 +128,17 @@ pub struct IpV6Header {
|
|||
pub destination_address: IpAddr,
|
||||
}
|
||||
|
||||
pub fn ipv6_handler ( packet_data: &[u8] ) -> Option<IpV6Header> {
|
||||
pub fn ipv6_handler(packet_data: &[u8]) -> Option<IpV6Header> {
|
||||
let (_head, tail) = packet_data.split_at(ETHER_HDRLEN);
|
||||
let (raw_hdr, _) = tail.split_at(40);
|
||||
let mut _tail: [u8; 40] = [0; 40];
|
||||
_tail.copy_from_slice(raw_hdr);
|
||||
//let mut rdr = Cursor::new(_tail);
|
||||
|
||||
|
||||
|
||||
Some(IpV6Header {
|
||||
version: (&raw_hdr[0] & 0xf0) >> 4,
|
||||
traffic_class: ((&raw_hdr[0] & 0x0f) >> 4)| ((&raw_hdr[1] & 0xf0 <<4)) ,
|
||||
flow_label: BigEndian::read_u32( &[0x00 ,(&_tail[1] &0x0f) , _tail[2] , _tail[3]]),
|
||||
traffic_class: ((&raw_hdr[0] & 0x0f) >> 4) | (&raw_hdr[1] & 0xf0 << 4),
|
||||
flow_label: BigEndian::read_u32(&[0x00, (&_tail[1] & 0x0f), _tail[2], _tail[3]]),
|
||||
payload_length: BigEndian::read_u16(&[_tail[4], _tail[5]]),
|
||||
next_header: _tail[6],
|
||||
hop_limit: _tail[7],
|
||||
|
|
@ -199,7 +195,7 @@ pub fn ipv6_handler( packet_data: &[u8] ) -> IpV6Header {
|
|||
*/
|
||||
|
||||
/* tcp */
|
||||
#[derive(Debug,Copy,Clone, Serialize, Deserialize)]
|
||||
#[derive(Debug, Copy, Clone, Serialize, Deserialize)]
|
||||
pub struct TcpHeader {
|
||||
pub source_port: u32,
|
||||
pub destination_port: u32,
|
||||
|
|
@ -221,7 +217,6 @@ pub struct TcpHeader {
|
|||
pub urgent_pointer: u32,
|
||||
}
|
||||
|
||||
|
||||
bitfield! {
|
||||
struct BitfieldTcpHeader ( MSB0 [u8] );
|
||||
u32;
|
||||
|
|
@ -245,8 +240,8 @@ bitfield! {
|
|||
get_urgent_pointer, _: 159,144;
|
||||
}
|
||||
|
||||
pub fn tcp_handler ( ip_hlen: u32, packet_data: &[u8] ) -> Option<TcpHeader> {
|
||||
let (_head, tail) = packet_data.split_at(ETHER_HDRLEN+ip_hlen as usize * 4);
|
||||
pub fn tcp_handler(ip_hlen: u32, packet_data: &[u8]) -> Option<TcpHeader> {
|
||||
let (_head, tail) = packet_data.split_at(ETHER_HDRLEN + ip_hlen as usize * 4);
|
||||
let (raw_hdr, _) = tail.split_at(20);
|
||||
let mut _tail: [u8; 20] = [0; 20];
|
||||
_tail.copy_from_slice(raw_hdr);
|
||||
|
|
@ -272,8 +267,6 @@ pub fn tcp_handler ( ip_hlen: u32, packet_data: &[u8] ) -> Option<TcpHeader> {
|
|||
checksum: tcp_header.get_checksum(),
|
||||
urgent_pointer: tcp_header.get_urgent_pointer(),
|
||||
})
|
||||
|
||||
|
||||
}
|
||||
|
||||
/* arp */
|
||||
|
|
@ -289,10 +282,10 @@ pub struct ArpHeader {
|
|||
pub tha: String,
|
||||
pub tpa: IpAddr,
|
||||
}
|
||||
// u8, get_source_address, _: 103, 96, 4;
|
||||
// u32, into Ipv4Addr, get_destination_address, _: 159, 128;
|
||||
// u8, get_source_address, _: 103, 96, 4;
|
||||
// u32, into Ipv4Addr, get_destination_address, _: 159, 128;
|
||||
|
||||
bitfield!{
|
||||
bitfield! {
|
||||
struct BitfieldArpHeader ( MSB0 [u8] );
|
||||
impl Debug;
|
||||
u32;
|
||||
|
|
@ -308,7 +301,7 @@ bitfield!{
|
|||
}
|
||||
|
||||
impl<T: AsRef<[u8]> + AsMut<[u8]>> BitfieldArpHeader<T> {
|
||||
fn get_spa_as_ip_addr(&self) -> Ipv4Addr{
|
||||
fn get_spa_as_ip_addr(&self) -> Ipv4Addr {
|
||||
let mut src = [0; 4];
|
||||
for (i, src) in src.iter_mut().enumerate() {
|
||||
*src = self.get_spa(i);
|
||||
|
|
@ -317,19 +310,19 @@ impl<T: AsRef<[u8]> + AsMut<[u8]>> BitfieldArpHeader<T> {
|
|||
}
|
||||
}
|
||||
|
||||
pub fn arp_handler ( packet_data: &[u8] ) -> Option<ArpHeader> {
|
||||
pub fn arp_handler(packet_data: &[u8]) -> Option<ArpHeader> {
|
||||
let (_head, tail) = packet_data.split_at(ETHER_HDRLEN);
|
||||
let (raw_hdr, _) = tail.split_at(28);
|
||||
let mut _tail: [u8; 28] = [0; 28];
|
||||
_tail.copy_from_slice(raw_hdr);
|
||||
|
||||
let arp_header = BitfieldArpHeader(_tail);
|
||||
let _sha: [u8;6] = [0;6]; let _tha: [u8;6] = [0;6];
|
||||
let _sha: [u8; 6] = [0; 6];
|
||||
let _tha: [u8; 6] = [0; 6];
|
||||
_tail[8..13].copy_from_slice(&_sha);
|
||||
_tail[18..23].copy_from_slice(&_tha);
|
||||
|
||||
|
||||
Some(ArpHeader{
|
||||
Some(ArpHeader {
|
||||
htype: arp_header.get_htype(),
|
||||
ptype: arp_header.get_ptype(),
|
||||
hlen: arp_header.get_hlen().into(),
|
||||
|
|
@ -352,13 +345,13 @@ pub struct UdpHeader {
|
|||
pub checksum: u16,
|
||||
}
|
||||
|
||||
pub fn udp_handler ( ip_hlen: u32, packet_data: &[u8] ) -> Option<UdpHeader> {
|
||||
let (_head, tail) = packet_data.split_at(ETHER_HDRLEN + ip_hlen as usize * 4 );
|
||||
pub fn udp_handler(ip_hlen: u32, packet_data: &[u8]) -> Option<UdpHeader> {
|
||||
let (_head, tail) = packet_data.split_at(ETHER_HDRLEN + ip_hlen as usize * 4);
|
||||
let (raw_hdr, _) = tail.split_at(8);
|
||||
let mut _tail: [u8; 8] = [0;8];
|
||||
let mut _tail: [u8; 8] = [0; 8];
|
||||
_tail.copy_from_slice(raw_hdr);
|
||||
|
||||
Some(UdpHeader{
|
||||
Some(UdpHeader {
|
||||
source_port: BigEndian::read_u16(&_tail[0..2]),
|
||||
destination_port: BigEndian::read_u16(&_tail[2..4]),
|
||||
length: BigEndian::read_u16(&_tail[4..6]),
|
||||
|
|
@ -367,7 +360,8 @@ pub fn udp_handler ( ip_hlen: u32, packet_data: &[u8] ) -> Option<UdpHeader> {
|
|||
}
|
||||
|
||||
/* payload */
|
||||
pub fn payload_handler ( ip_hlen: u32, data_offset: u32, packet_data : &[u8] ) -> Option<Vec<u8>> {
|
||||
let (_head, tail)= packet_data.split_at(ETHER_HDRLEN+ip_hlen as usize * 4+data_offset as usize * 4);
|
||||
pub fn payload_handler(ip_hlen: u32, data_offset: u32, packet_data: &[u8]) -> Option<Vec<u8>> {
|
||||
let (_head, tail) =
|
||||
packet_data.split_at(ETHER_HDRLEN + ip_hlen as usize * 4 + data_offset as usize * 4);
|
||||
Some(tail.to_vec())
|
||||
}
|
||||
|
|
|
|||
|
|
@ -0,0 +1,22 @@
|
|||
//extern crate rayon;
|
||||
//extern crate regex;
|
||||
//use regex::Regex;
|
||||
//
|
||||
//struct Regex {
|
||||
// string: &'static str,
|
||||
// regex: ::regex::bytes::Regex,
|
||||
//}
|
||||
//
|
||||
//impl Regex {
|
||||
// fn new (string: &'static str) ->Regex {
|
||||
// Regex{
|
||||
// string: string,
|
||||
// regex: ::regex::bytes::Regex::new(string).unwrap(),
|
||||
// }
|
||||
// }
|
||||
//
|
||||
//}
|
||||
//
|
||||
//
|
||||
//
|
||||
//pub fn parse_regex ( reg_str: &str,
|
||||
Loading…
Reference in New Issue