parallel coordinates per pcap page is added

oguzy · Aug 5, 2012 · 7902c60 · 7902c60
1 parent ce61014
commit 7902c60
Show file tree

Hide file tree

Showing 7 changed files with 857 additions and 4 deletions.
diff --git a/openwitness/pcap/urls.py b/openwitness/pcap/urls.py
@@ -8,6 +8,7 @@
     url(r'^summary/$', view=summary, name='summary_pcap'),
     url(r'^summary/(?P<hash_value>\w+)/$', view=file_pcap_summary, name='file_pcap_summary'),
     url(r'^(?P<flow_pcap_md5>\w+)/visualize/(?P<protocol>\w+)/(?P<type>\w+)/$', view=visualize, name='visualize_app_layer'),
+    url(r'^(?P<flow_pcap_md5>\w+)/visualize/$', view=create_parallel_coordinates, name='parallel_coordinates'),
     url(r'^flow/(?P<flow_id>\w+)/$', view=flow_details, name='flow_details'),
     url(r'^get_pcap_url/(?P<id>\w+)/$', view=get_pcap_url, name='get_pcap_url'),
     url(r'^info/(?P<packet_ident>\w+)/$', view=get_packet_info, name='packet_info'),

diff --git a/openwitness/pcap/views.py b/openwitness/pcap/views.py
@@ -6,7 +6,7 @@
 import os
 import datetime
 import cgi
-#import random
+import random
 from django.http import Http404, HttpResponse
 from django.utils import simplejson as json
 from django.shortcuts import render_to_response
@@ -941,4 +941,48 @@ def file_pcap_summary(request, hash_value):
 
     except Exception, ex:
         log.message(ex)
-        raise Http404
+        raise Http404
+
+def create_parallel_coordinates(request, flow_pcap_md5):
+    parent_flow = Flow.objects.get(hash_value=flow_pcap_md5)
+    flows = FlowDetails.objects.filter(parent_hash_value=flow_pcap_md5)
+    # name group source_port destination_port protocol
+    # 192.168.1.1:80-192.168.1.2:81,http,80,81
+    result = []
+    color_label = dict()
+    for flow in flows:
+        src_id = ":".join([flow.src_ip, str(flow.sport)])
+        dst_id = ":".join([flow.dst_ip, str(flow.dport)])
+        id = "-".join([src_id, dst_id])
+        value = ",".join([id, flow.protocol, str(flow.sport), str(flow.dport)])
+        result.append(value)
+
+        #create the colors
+        if not color_label.has_key(flow.protocol):
+            color_value = [random.randrange(255), random.randrange(255), random.randrange(255)]
+            color_label[flow.protocol] = color_value
+
+    color_dict = json.dumps(color_label)
+    csv_dir = os.path.join(settings.PROJECT_ROOT, "csv_files")
+    csv_file = tempfile.NamedTemporaryFile(mode="w", dir=csv_dir, delete=False)
+    csv_file.write("\"name\",\"group\",\"src_port\",\"dst_port\"")
+    csv_file.write("\n")
+
+    file_name = os.path.basename(csv_file.name)
+    content = "\n".join(result)
+    csv_file.write(content)
+    csv_file.close()
+    context = dict()
+    context['flow'] = parent_flow
+    context['hash_value'] = flow_pcap_md5
+    context['csv_file_url'] = os.path.join(settings.ALTERNATE_BASE_URL, "csv_media", file_name)
+    context['pcap_operation'] = "parallel_coordinates"
+    context['colors'] = color_dict
+
+    return render_to_response("pcap/file_parallel_coordinates.html",
+            context_instance=RequestContext(request, context))
+
+
+
+
+