'''
Created on 2014-4-27
@author: 23683
'''
import unittest
from xml.etree.ElementTree import XML
from tcp.PDMLParser import PDMLParser
class PDMLParserTest(unittest.TestCase):
'''
classdocs
'''
def setUp(self):
self.parser = PDMLParser()
def test_do_parse(self):
result = self.parser.read().do_parse()
print(result)
def test_extract_element(self):
proto_section = '''
<proto name="geninfo" pos="0" showname="General information" size="60">
<field name="num" pos="0" show="31" showname="Number" value="1f" size="60"/>
<field name="len" pos="0" show="60" showname="Frame Length" value="3c" size="60"/>
<field name="caplen" pos="0" show="60" showname="Captured Length" value="3c" size="60"/>
<field name="timestamp" pos="0" show="Apr 16, 2014 21:49:01.365504000 中国标准时间" showname="Captured Time" value="1397656141.365504000" size="60"/>
</proto>
'''
proto = XML(proto_section)
result = self.parser.extract_element(proto, {'num':'pos', 'timestamp':'value', 'noexist':'xx', 'len':'noexist'})
#print(result)
self.assertDictEqual(result, {'num':'0', 'timestamp':'1397656141.365504000', 'noexist':'', 'len':''}, result)
def test_tcp_info(self):
tcp_section = '''
<proto name="tcp" showname="Transmission Control Protocol, Src Port: 80 (80), Dst Port: 59203 (59203), Seq: 450, Ack: 763, Len: 0" size="20" pos="34">
<field name="tcp.srcport" showname="Source Port: 80 (80)" size="2" pos="34" show="80" value="0050"/>
<field name="tcp.dstport" showname="Destination Port: 59203 (59203)" size="2" pos="36" show="59203" value="e743"/>
<field name="tcp.port" showname="Source or Destination Port: 80" hide="yes" size="2" pos="34" show="80" value="0050"/>
<field name="tcp.port" showname="Source or Destination Port: 59203" hide="yes" size="2" pos="36" show="59203" value="e743"/>
<field name="tcp.stream" showname="Stream index: 4" size="0" pos="34" show="4"/>
<field name="tcp.len" showname="TCP Segment Len: 0" size="1" pos="46" show="0" value="50"/>
<field name="tcp.seq" showname="Sequence number: 450 (relative sequence number)" size="4" pos="38" show="450" value="397d7743"/>
<field name="tcp.ack" showname="Acknowledgment number: 763 (relative ack number)" size="4" pos="42" show="763" value="3b0ac7b7"/>
<field name="tcp.hdr_len" showname="Header Length: 20 bytes" size="1" pos="46" show="20" value="50"/>
<field name="tcp.flags" showname=".... 0000 0001 0000 = Flags: 0x010 (ACK)" size="2" pos="46" show="0x0010" value="10" unmaskedvalue="5010">
<field name="tcp.flags.res" showname="000. .... .... = Reserved: Not set" size="1" pos="46" show="0" value="0" unmaskedvalue="50"/>
<field name="tcp.flags.ns" showname="...0 .... .... = Nonce: Not set" size="1" pos="46" show="0" value="0" unmaskedvalue="50"/>
<field name="tcp.flags.cwr" showname=".... 0... .... = Congestion Window Reduced (CWR): Not set" size="1" pos="47" show="0" value="0" unmaskedvalue="10"/>
<field name="tcp.flags.ecn" showname=".... .0.. .... = ECN-Echo: Not set" size="1" pos="47" show="0" value="0" unmaskedvalue="10"/>
<field name="tcp.flags.urg" showname=".... ..0. .... = Urgent: Not set" size="1" pos="47" show="0" value="0" unmaskedvalue="10"/>
<field name="tcp.flags.ack" showname=".... ...1 .... = Acknowledgment: Set" size="1" pos="47" show="1" value="1" unmaskedvalue="10"/>
<field name="tcp.flags.push" showname=".... .... 0... = Push: Not set" size="1" pos="47" show="0" value="0" unmaskedvalue="10"/>
<field name="tcp.flags.reset" showname=".... .... .0.. = Reset: Not set" size="1" pos="47" show="0" value="0" unmaskedvalue="10"/>
<field name="tcp.flags.syn" showname=".... .... ..0. = Syn: Not set" size="1" pos="47" show="0" value="0" unmaskedvalue="10"/>
<field name="tcp.flags.fin" showname=".... .... ...0 = Fin: Not set" size="1" pos="47" show="0" value="0" unmaskedvalue="10"/>
</field>
<field name="tcp.window_size_value" showname="Window size value: 163" size="2" pos="48" show="163" value="00a3"/>
<field name="tcp.window_size" showname="Calculated window size: 163" size="2" pos="48" show="163" value="00a3"/>
<field name="tcp.window_size_scalefactor" showname="Window size scaling factor: -1 (unknown)" size="2" pos="48" show="-1" value="00a3"/>
<field name="tcp.checksum" showname="Checksum: 0xb613 [validation disabled]" size="2" pos="50" show="0xb613" value="b613">
<field name="tcp.checksum_good" showname="Good Checksum: False" size="2" pos="50" show="0" value="b613"/>
<field name="tcp.checksum_bad" showname="Bad Checksum: False" size="2" pos="50" show="0" value="b613"/>
</field>
<field name="tcp.urgent_pointer" showname="Urgent pointer: 0" size="2" pos="52" show="0" value="0000"/>
<field name="tcp.analysis" showname="SEQ/ACK analysis" size="0" pos="34" show="" value="">
<field name="tcp.analysis.acks_frame" showname="This is an ACK to the segment in frame: 30" size="0" pos="34" show="30"/>
<field name="tcp.analysis.ack_rtt" showname="The RTT to ACK the segment was: 0.033323000 seconds" size="0" pos="34" show="0.033323000"/>
</field>
</proto>
'''
tcp_proto = XML(tcp_section)
result = self.parser.tcp_info(tcp_proto)
expect = {'tcp.seq': '450', 'tcp.srcport': '80', 'tcp.nxtseq': '', 'tcp.ack': '763', 'tcp.dstport': '59203', 'tcp.flags': '0x0010'}
self.assertDictEqual(result, expect, result)
def test_ip_info(self):
ip_section = '''
<proto name="ip" showname="Internet Protocol Version 4, Src: 180.149.132.99 (180.149.132.99), Dst: 192.168.100.102 (192.168.100.102)" size="20" pos="14">
<field name="ip.version" showname="Version: 4" size="1" pos="14" show="4" value="45"/>
<field name="ip.hdr_len" showname="Header Length: 20 bytes" size="1" pos="14" show="20" value="45"/>
<field name="ip.dsfield" showname="Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00: Not-ECT (Not ECN-Capable Transport))" size="1" pos="15" show="0" value="00">
<field name="ip.dsfield.dscp" showname="0000 00.. = Differentiated Services Codepoint: Default (0x00)" size="1" pos="15" show="0x00" value="0" unmaskedvalue="00"/>
<field name="ip.dsfield.ecn" showname=".... ..00 = Explicit Congestion Notification: Not-ECT (Not ECN-Capable Transport) (0x00)" size="1" pos="15" show="0x00" value="0" unmaskedvalue="00"/>
</field>
<field name="ip.len" showname="Total Length: 40" size="2" pos="16" show="40" value="0028"/>
<field name="ip.id" showname="Identification: 0x45fa (17914)" size="2" pos="18" show="0x45fa" value="45fa"/>
<field name="ip.flags" showname="Flags: 0x02 (Don't Fragment)" size="1" pos="20" show="0x02" value="40">
<field name="ip.flags.rb" showname="0... .... = Reserved bit: Not set" size="1" pos="20" show="0" value="40"/>
<field name="ip.flags.df" showname=".1.. .... = Don't fragment: Set" size="1" pos="20" show="1" value="40"/>
<field name="ip.flags.mf" showname="..0. .... = More fragments: Not set" size="1" pos="20" show="0" value="40"/>
</field>
<field name="ip.frag_o
没有合适的资源?快使用搜索试试~ 我知道了~
温馨提示
wireshark自带的follow tcp stream提取出的stream 数据没有时间戳等其他信息,在分析数据的延时和丢包问题时就有些力不从心了。这里简单用python实现了一个简单follow tcp stream功能,同时保留了tcp信息。
资源推荐
资源详情
资源评论
收起资源包目录
TCPParser.rar (17个子文件)
TCPParser
.pydevproject 431B
tcp
.gitignore 13B
._PDMLParser.py3258138073824387452.tmp 6KB
TCPParserTest.py 3KB
PDMLParserTest.py 14KB
__init__.py 0B
TCPFrame.py 2KB
._PDMLParser.py4594915663318073934.tmp 6KB
PDMLParser.py 5KB
._PDMLParser.py2410884988135934317.tmp 6KB
TCPProtocolAnalizer.py 749B
TCPParser.py 7KB
pdml.xml 113KB
._PDMLParser.py1239257355183174924.tmp 6KB
RTTParser.py 2KB
RTTParserTest.py 1KB
.project 380B
共 17 条
- 1
sunshyran
- 粉丝: 113
- 资源: 19
上传资源 快速赚钱
- 我的内容管理 展开
- 我的资源 快来上传第一个资源
- 我的收益 登录查看自己的收益
- 我的积分 登录查看自己的积分
- 我的C币 登录后查看C币余额
- 我的收藏
- 我的下载
- 下载帮助
安全验证
文档复制为VIP权益,开通VIP直接复制
信息提交成功
- 1
- 2
- 3
前往页