--- /dev/null
+package edu.uci.iotproject.analysis;
+
+import edu.uci.iotproject.Conversation;
+import edu.uci.iotproject.util.PcapPacketUtils;
+import org.pcap4j.core.PcapPacket;
+import org.pcap4j.packet.IpV4Packet;
+import org.pcap4j.packet.TcpPacket;
+
+import java.util.ArrayList;
+import java.util.List;
+
+/**
+ * TODO add class documentation.
+ *
+ * @author Janus Varmarken
+ */
+public class TcpConversationUtils {
+
+ public static List<PcapPacketPair> extractPacketPairs(Conversation conv) {
+ List<PcapPacket> packets = conv.getPackets();
+ List<PcapPacketPair> pairs = new ArrayList<>();
+ int i = 0;
+ while (i < packets.size()) {
+ PcapPacket p1 = packets.get(i);
+ String p1SrcIp = p1.get(IpV4Packet.class).getHeader().getSrcAddr().getHostAddress();
+ int p1SrcPort = p1.get(TcpPacket.class).getHeader().getSrcPort().valueAsInt();
+ if (i+1 < packets.size()) {
+ PcapPacket p2 = packets.get(i+1);
+ if (PcapPacketUtils.isSource(p2, p1SrcIp, p1SrcPort)) {
+ // Two packets in a row going in the same direction -> create one item pair for p1
+ pairs.add(new PcapPacketPair(p1, null));
+ // Advance one packet as the following two packets may form a valid two-item pair.
+ i++;
+ } else {
+ // The two packets form a response-reply pair, create two-item pair.
+ pairs.add(new PcapPacketPair(p1, p2));
+ // Advance two packets as we have already processed the packet at index i+1 in order to create the pair.
+ i += 2;
+ }
+ } else {
+ // Last packet of conversation => one item pair
+ pairs.add(new PcapPacketPair(p1, null));
+ // Advance i to ensure termination.
+ i++;
+ }
+ }
+ return pairs;
+ // TODO: what if there is long time between response and reply packet? Should we add a threshold and exclude those cases?
+ }
+
+}
projects / pingpong.git / blobdiff