Merge branch 'devel'

ovizart/api/serializer.py

@@ -21,6 +21,8 @@ def to_json(self, data, options=None):
             if flow['protocol'] == "http":
                 # get the start and end time for this flow
                 start, end = self.get_start_end(flow)
+                if not start:
+                    continue
                 type, description = self.get_http_info(flow)
                 tmp = dict()
                 tmp['flow_id'] = flow['id']
@@ -36,6 +38,8 @@ def to_json(self, data, options=None):
 
             if flow['protocol'] == "dns":
                 start, end = self.get_start_end(flow)
+                if not start:
+                    continue
                 type, description = self.get_dns_info(flow)
                 tmp = dict()
                 tmp['flow_id'] = flow['id']
@@ -51,6 +55,8 @@ def to_json(self, data, options=None):
 
             if flow['protocol'] == "smtp":
                 start, end = self.get_start_end(flow)
+                if not start:
+                    continue
                 type, description = self.get_smtp_info(flow)
                 tmp = dict()
                 tmp['flow_id'] = flow['id']
@@ -66,6 +72,8 @@ def to_json(self, data, options=None):
 
             if flow['protocol'] == "unknown":
                 start, end = self.get_start_end(flow)
+                if not start:
+                    continue
                 type, description = "unknown", ""
                 tmp = dict()
                 tmp['flow_id'] = flow['id']
@@ -95,7 +103,10 @@ def from_json(self, content):
     # TODO: for udp, packet details are not saved
     def get_start_end(self, flow):
         packets = PacketDetails.objects.filter(src_ip=flow['src_ip'], sport=flow['sport'], dst_ip=flow['dst_ip'], dport=flow['dport']).order_by('timestamp')
-        return packets[0].timestamp, packets[len(packets)-1].timestamp
+        if packets:
+            return packets[0].timestamp, packets[len(packets)-1].timestamp
+        else:
+            return False, False
 
 
     def get_http_info(self, flow):

ovizart/modules/traffic/parser/udp/dns/handler.py

@@ -39,15 +39,22 @@ def get_flow_ips(self, **args):
         for ts, buf in p_read_handler.get_reader():
             udp = udp_handler.read_udp(ts, buf)
             if udp:
-                self.flow_li.append([udp_handler.src_ip, udp_handler.sport, udp_handler.dst_ip, udp_handler.dport, udp_handler.timestamp])
-                dns = dpkt.dns.DNS(udp.data)
+                try:
+                    dns = dpkt.dns.DNS(udp.data)
+                    self.flow_li.append([udp_handler.src_ip, udp_handler.sport, udp_handler.dst_ip, udp_handler.dport, udp_handler.timestamp])
+                except IndexError:
+                    continue  #dpkt is not properly handling
                 self.dns_li.append(dns)
         return self.flow_li
 
     def save_request_response(self, **args):
         index = 0
         for msg in self.dns_li:
             if msg.rcode == dpkt.dns.DNS_RCODE_NOERR:
+                try:
+                    msg.qd[0].type
+                except:
+                    continue
                 if msg.qd[0].type in REQUEST_FLAGS.keys():
                     detail = self.flow_li[index]
                     flow_detail = FlowDetails.objects.get(src_ip=detail[0], sport=int(detail[1]), dst_ip=detail[2], dport=int(detail[3]), protocol="dns", timestamp = detail[4])