-
Notifications
You must be signed in to change notification settings - Fork 214
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
TypeError #7
Comments
You'll have a problem by sniffing with an empty filter: Malcom generates traffic to send node information to the browser in real time. If localhost (or at least the IP which is loading the webpage) is not excluded from the traffic, then you'll get an infinite loop (traffic detected, send info to websocket. Info to websocket is detected as traffic sent, send info to websocket). That being said, the bug seems to come from somewhere else. What kind of traffic are you generating? |
Hi Thomas! Thanks for the answer. Well, I was sniffing my normal traffic, that means I browse some web pages, cheers On Tue, Dec 10, 2013 at 1:14 PM, Thomas Chopitea
|
The reason I asked for network traffic is that I tried to reproduce the bug limiting traffic to everything except my browser's IP, did a couple of curl's from Malcom's command line and couldn't reproduce the issue. If you can get your hands on a pcap that would reproduce the issue, that would be great :) In my vision, the traffic originating from Malcom's VM as well as the one originating from the browser that visits it should be segregated as much as possible from the other analysis in the network (so as to not pollute the graph). |
Hi Thomas! And these are the results: Git version is 2nd: I start a new sniffing session with name "test" and no filter. (I After less than 10 packets the malcom gives me the same error: [DEBUG] - Received: {u'session_name': u'test', u'cmd': u'sniffupdate'} BUT!!! If you try to sniff your own traffic like that, don't you have this issue? cheersss! On Tue, Dec 10, 2013 at 1:38 PM, Thomas Chopitea
|
I've tried reproducing the bug, to no avail. |
In dev (311b1e5)
I should say that I modify the file Malcom/networking/netsniffer.py and changed the line
self.filter = "ip and not host 127.0.0.1 and not host %s %s" % (remote_addr, filter_ifaces)
for
self.filter = ""
So I can sniff my own traffic.
[MODEL] - (updated hostname ip1a-lb3-prd.iad.github.com)
[MODEL] - (updated hostname 1.0.0.127.in-addr.arpa)
[DEBUG] - Caught DNS question: 1.0.0.127.in-addr.arpa
[DEBUG] - [+] DNS replies caught (1 answers)
[DEBUG] - No relevant records in reply
[DEBUG] - [+] DNS replies caught (1 answers)
[DEBUG] - No relevant records in reply
Exception in thread Thread-2:
Traceback (most recent call last):
File "/usr/lib/python2.7/threading.py", line 810, in __bootstrap_inner
self.run()
File "/usr/lib/python2.7/threading.py", line 763, in run
self.__target(_self.__args, *_self.__kwargs)
File "/home/user/dir/aplics/malcom/Malcom/networking/netsniffer.py", line 90, in run
self.pkts += self.sniff(stopper=self.stop_sniffing, filter=self.filter, prn=self.handlePacket, stopperTimeout=1)
File "/home/user/dir/aplics/malcom/Malcom/networking/netsniffer.py", line 513, in sniff
r = prn(p)
File "/home/user/dir/aplics/malcom/Malcom/networking/netsniffer.py", line 382, in handlePacket
new_elts, new_edges = self.checkHTTP(flow)
File "/home/user/dir/aplics/malcom/Malcom/networking/netsniffer.py", line 323, in checkHTTP
if url['value'] not in self.nodes_values:
TypeError: list indices must be integers, not str
The text was updated successfully, but these errors were encountered: