Browse files

Merge branch 'devel'

  • Loading branch information...
2 parents 7152928 + 9efb9f6 commit d76c882abc3245c114cac68b3b24fec81148a864 @oguzy committed Aug 14, 2012
Showing with 21 additions and 3 deletions.
  1. +12 −1 ovizart/api/serializer.py
  2. +9 −2 ovizart/modules/traffic/parser/udp/dns/handler.py
View
13 ovizart/api/serializer.py
@@ -21,6 +21,8 @@ def to_json(self, data, options=None):
if flow['protocol'] == "http":
# get the start and end time for this flow
start, end = self.get_start_end(flow)
+ if not start:
+ continue
type, description = self.get_http_info(flow)
tmp = dict()
tmp['flow_id'] = flow['id']
@@ -36,6 +38,8 @@ def to_json(self, data, options=None):
if flow['protocol'] == "dns":
start, end = self.get_start_end(flow)
+ if not start:
+ continue
type, description = self.get_dns_info(flow)
tmp = dict()
tmp['flow_id'] = flow['id']
@@ -51,6 +55,8 @@ def to_json(self, data, options=None):
if flow['protocol'] == "smtp":
start, end = self.get_start_end(flow)
+ if not start:
+ continue
type, description = self.get_smtp_info(flow)
tmp = dict()
tmp['flow_id'] = flow['id']
@@ -66,6 +72,8 @@ def to_json(self, data, options=None):
if flow['protocol'] == "unknown":
start, end = self.get_start_end(flow)
+ if not start:
+ continue
type, description = "unknown", ""
tmp = dict()
tmp['flow_id'] = flow['id']
@@ -95,7 +103,10 @@ def from_json(self, content):
# TODO: for udp, packet details are not saved
def get_start_end(self, flow):
packets = PacketDetails.objects.filter(src_ip=flow['src_ip'], sport=flow['sport'], dst_ip=flow['dst_ip'], dport=flow['dport']).order_by('timestamp')
- return packets[0].timestamp, packets[len(packets)-1].timestamp
+ if packets:
+ return packets[0].timestamp, packets[len(packets)-1].timestamp
+ else:
+ return False, False
def get_http_info(self, flow):
View
11 ovizart/modules/traffic/parser/udp/dns/handler.py
@@ -39,15 +39,22 @@ def get_flow_ips(self, **args):
for ts, buf in p_read_handler.get_reader():
udp = udp_handler.read_udp(ts, buf)
if udp:
- self.flow_li.append([udp_handler.src_ip, udp_handler.sport, udp_handler.dst_ip, udp_handler.dport, udp_handler.timestamp])
- dns = dpkt.dns.DNS(udp.data)
+ try:
+ dns = dpkt.dns.DNS(udp.data)
+ self.flow_li.append([udp_handler.src_ip, udp_handler.sport, udp_handler.dst_ip, udp_handler.dport, udp_handler.timestamp])
+ except IndexError:
+ continue #dpkt is not properly handling
self.dns_li.append(dns)
return self.flow_li
def save_request_response(self, **args):
index = 0
for msg in self.dns_li:
if msg.rcode == dpkt.dns.DNS_RCODE_NOERR:
+ try:
+ msg.qd[0].type
+ except:
+ continue
if msg.qd[0].type in REQUEST_FLAGS.keys():
detail = self.flow_li[index]
flow_detail = FlowDetails.objects.get(src_ip=detail[0], sport=int(detail[1]), dst_ip=detail[2], dport=int(detail[3]), protocol="dns", timestamp = detail[4])

0 comments on commit d76c882

Please sign in to comment.