print "Usage: python", sys.argv[0], "<input_file> <output_file> <device_name> <mac_address>"
return
# Parse the file for the specified MAC address
- timestamplist_incoming = parse_json(sys.argv[1], sys.argv[4])
+ timestamplist_incoming = parse_json(sys.argv[1], sys.argv[4], True)
+ timestamplist_outgoing = parse_json(sys.argv[1], sys.argv[4], False)
# Write statistics into file
print "====================================================================="
print "==> Analyzing incoming traffic ..."
save_to_file(sys.argv[3] + INCOMING_APPENDIX, timestamplist_incoming, sys.argv[2] + INCOMING_APPENDIX + FILE_APPENDIX)
print "====================================================================="
- #print "==> Analyzing outgoing traffic ..."
- #save_to_file(sys.argv[3] + OUTGOING_APPENDIX, timestamplist_outgoing, sys.argv[2] + OUTGOING_APPENDIX + FILE_APPENDIX)
- #print "====================================================================="
+ print "==> Analyzing outgoing traffic ..."
+ save_to_file(sys.argv[3] + OUTGOING_APPENDIX, timestamplist_outgoing, sys.argv[2] + OUTGOING_APPENDIX + FILE_APPENDIX)
+ print "====================================================================="
# Convert JSON file containing DNS traffic to a map in which a hostname points to its set of associated IPs.
-def parse_json(filepath, macaddress):
+def parse_json(filepath, macaddress, incomingoutgoing):
""" Show summary of statistics of PCAP file
Args:
filepath: path of the read file
src = eth.get(JSON_KEY_ETH_SRC, None)
dst = eth.get(JSON_KEY_ETH_DST, None)
# Get and count the traffic for the specified MAC address
- if dst == macaddress:
- # Check if timestamp already exists in the map
- # If yes, then just increment the frequency value...
- print str(timestamp) + " - src:" + str(src) + " - dest:" + str(dst)
- curr = timestamp
- if prev is not None:
- inter_arrival_time = curr - prev
- timestamplist.append(inter_arrival_time)
- prev = curr
+ if incomingoutgoing:
+ if dst == macaddress:
+ # Check if timestamp already exists in the map
+ # If yes, then just increment the frequency value...
+ print str(timestamp) + " - src:" + str(src) + " - dest:" + str(dst)
+ curr = timestamp
+ if prev is not None:
+ inter_arrival_time = curr - prev
+ timestamplist.append(inter_arrival_time)
+ prev = curr
+ else:
+ if src == macaddress:
+ # Check if timestamp already exists in the map
+ # If yes, then just increment the frequency value...
+ print str(timestamp) + " - src:" + str(src) + " - dest:" + str(dst)
+ curr = timestamp
+ if prev is not None:
+ inter_arrival_time = curr - prev
+ timestamplist.append(inter_arrival_time)
+ prev = curr
return timestamplist