Example 6 with IPPacket
use of com.att.aro.core.packetreader.pojo.IPPacket in project VideoOptimzer by attdevsupport.
the class TraceDataReaderImpl method updatePacket.
private void updatePacket(Packet packet) {
if (packet instanceof TCPPacket) {
TCPPacket ipPacket = (TCPPacket) packet;
for (PacketInfo info : allPackets) {
Packet curPacket = (Packet) info.getPacket();
if (curPacket instanceof TCPPacket) {
TCPPacket tcpPacket = (TCPPacket) curPacket;
if (ipPacket.getDestinationIPAddress().equals(tcpPacket.getDestinationIPAddress()) && ipPacket.getSourceIPAddress().equals(tcpPacket.getSourceIPAddress()) && ipPacket.getSequenceNumber() == tcpPacket.getSequenceNumber() && ipPacket.getAckNumber() == tcpPacket.getAckNumber() && packet.getData().length > 66) {
byte[] data = Arrays.copyOfRange(packet.getData(), 66, packet.getData().length);
tcpPacket.setDecrypted(true);
curPacket.setData(data);
}
}
}
}
}
Also used :
TCPPacket(com.att.aro.core.packetreader.pojo.TCPPacket)
Packet(com.att.aro.core.packetreader.pojo.Packet)
IPPacket(com.att.aro.core.packetreader.pojo.IPPacket)
UDPPacket(com.att.aro.core.packetreader.pojo.UDPPacket)
TCPPacket(com.att.aro.core.packetreader.pojo.TCPPacket)
PacketInfo(com.att.aro.core.packetanalysis.pojo.PacketInfo)
Example 7 with IPPacket
use of com.att.aro.core.packetreader.pojo.IPPacket in project VideoOptimzer by attdevsupport.
the class TraceDataReaderImpl method readPcapTraceFile.
private AbstractTraceResult readPcapTraceFile(String filepath, Double startTime, Double duration, AbstractTraceResult dresult) throws IOException {
if (!filereader.fileExist(filepath)) {
if (LOGGER != null) {
LOGGER.error("No packet file found at: " + filepath);
}
return null;
}
AbstractTraceResult result = dresult;
if (this.packetreader == null) {
// this.packetreader = new PacketReaderImpl();
throw new NullPointerException("this.packetreader is null");
}
this.packetreader.readPacket(filepath, this);
double pcapTime0 = 0;
double traceDuration = 0;
// Determine application name associated with each packet
if (!allPackets.isEmpty()) {
pcapTime0 = startTime != null ? startTime.doubleValue() : allPackets.get(0).getPacket().getTimeStamp();
traceDuration = duration != null ? duration.doubleValue() : allPackets.get(allPackets.size() - 1).getPacket().getTimeStamp() - pcapTime0;
List<Integer> appIds = result.getAppIds();
if (appIds == null) {
appIds = Collections.emptyList();
result.setAppIds(appIds);
}
// Determine if timezone difference needs to be accounted for
int tzDiff = 0;
int captureOffset = result.getCaptureOffset();
if (captureOffset != -1) {
int localOffset = Calendar.getInstance().getTimeZone().getRawOffset() / 1000;
int collectorOffset = captureOffset * 60 * -1;
tzDiff = collectorOffset - localOffset;
}
result.setPcapTimeOffset(pcapTime0 - tzDiff);
int packetIdx = 0;
List<String> appInfos = result.getAppInfos();
Set<String> allAppNames = result.getAllAppNames();
Map<String, Set<InetAddress>> appIps = result.getAppIps();
for (Iterator<PacketInfo> iter = allPackets.iterator(); iter.hasNext(); ) {
PacketInfo packetInfo = iter.next();
// Filter out non-IP packets
if (!(packetInfo.getPacket() instanceof IPPacket)) {
iter.remove();
continue;
}
IPPacket ipPacket = (IPPacket) packetInfo.getPacket();
PacketDirection packetDirection = determinePacketDirection(packetInfo, ipPacket.getSourceIPAddress(), ipPacket.getDestinationIPAddress());
if (packetDirection.equals(PacketDirection.UNKNOWN) && (ipPacket instanceof TCPPacket || ipPacket instanceof UDPPacket)) {
unknownPackets.add(packetInfo);
}
packetInfo.setDir(packetDirection);
packetInfo.setTimestamp(ipPacket.getTimeStamp() - pcapTime0 - tzDiff);
// Associate application ID with the packet
String appName = getAppNameForPacket(packetIdx, appIds, appInfos);
packetInfo.setAppName(appName);
allAppNames.add(appName);
// Group IPs by app
Set<InetAddress> ips = appIps.get(appName);
if (ips == null) {
ips = new HashSet<InetAddress>();
appIps.put(appName, ips);
}
ips.add(packetInfo.getRemoteIPAddress());
// Set packet ID to match Wireshark ID
packetInfo.setPacketId(++packetIdx);
}
if (!unknownPackets.isEmpty()) {
for (Iterator<PacketInfo> iterator = unknownPackets.iterator(); iterator.hasNext(); ) {
PacketInfo packetInfo = iterator.next();
IPPacket ipPacket = (IPPacket) packetInfo.getPacket();
PacketDirection packetDirection = determinePacketDirection(packetInfo, ipPacket.getSourceIPAddress(), ipPacket.getDestinationIPAddress());
iterator.remove();
if (packetDirection.equals(PacketDirection.UNKNOWN)) {
packetDirection = PacketDirection.UPLINK;
Packet packet = packetInfo.getPacket();
if (packet instanceof TCPPacket) {
int sourcePort = ((TCPPacket) packet).getSourcePort();
int destinationPort = ((TCPPacket) packet).getDestinationPort();
this.localIPAddresses.add(ipPacket.getSourceIPAddress().getHostAddress());
this.remoteIPAddresses.add(ipPacket.getDestinationIPAddress().getHostAddress());
this.localPortNumbers.add(sourcePort);
this.remotePortNumbers.add(destinationPort);
} else if (packet instanceof UDPPacket) {
int sourcePort = ((UDPPacket) packet).getSourcePort();
int destinationPort = ((UDPPacket) packet).getDestinationPort();
this.localIPAddresses.add(ipPacket.getSourceIPAddress().getHostAddress());
this.remoteIPAddresses.add(ipPacket.getDestinationIPAddress().getHostAddress());
this.localPortNumbers.add(sourcePort);
this.remotePortNumbers.add(destinationPort);
}
}
packetInfo.setDir(packetDirection);
}
}
if (!unknownPackets.isEmpty()) {
LOGGER.error("Packets with no direction identified.");
}
Collections.sort(allPackets);
} else {
pcapTime0 = startTime != null ? startTime.doubleValue() : filereader.getLastModified(filepath) / 1000.0;
traceDuration = duration != null ? duration.doubleValue() : 0.0;
}
Date traceDateTime = new Date((long) (pcapTime0 * 1000));
result.setPcapTime0(pcapTime0);
result.setTraceDuration(traceDuration);
result.setTraceDateTime(traceDateTime);
return result;
}
Also used :
TCPPacket(com.att.aro.core.packetreader.pojo.TCPPacket)
Packet(com.att.aro.core.packetreader.pojo.Packet)
IPPacket(com.att.aro.core.packetreader.pojo.IPPacket)
UDPPacket(com.att.aro.core.packetreader.pojo.UDPPacket)
Set(java.util.Set)
HashSet(java.util.HashSet)
PacketDirection(com.att.aro.core.packetreader.pojo.PacketDirection)
UDPPacket(com.att.aro.core.packetreader.pojo.UDPPacket)
Date(java.util.Date)
AbstractTraceResult(com.att.aro.core.packetanalysis.pojo.AbstractTraceResult)
TCPPacket(com.att.aro.core.packetreader.pojo.TCPPacket)
PacketInfo(com.att.aro.core.packetanalysis.pojo.PacketInfo)
InetAddress(java.net.InetAddress)
IPPacket(com.att.aro.core.packetreader.pojo.IPPacket)
Example 8 with IPPacket
use of com.att.aro.core.packetreader.pojo.IPPacket in project VideoOptimzer by attdevsupport.
the class PacketServiceImpl method createPacket.
/**
* Returns a new instance of the Packet class, using the specified
* parameters to initialize the class members.
*
* @param network
* The datalink to the network.
* @param seconds
* The number of seconds for the packet.
* @param microSeconds
* The number of microseconds for the packet.
* @param len
* The length of the data portion of the packet (in bytes).
* @param datalinkHdrLen
* The length of the header portion of the packet (in bytes).
* @param data
* An array of bytes that is the data portion of the packet.
*
* @return The newly created packet.
*/
@Override
public Packet createPacket(short network, long seconds, long microSeconds, int len, int datalinkHdrLen, byte[] data) {
Packet packet = null;
// Minimum IP header length is 20 bytes
ByteBuffer bytes = ByteBuffer.wrap(data);
if (network == IPV6 && data.length >= datalinkHdrLen + 40) {
// Determine IPV6 protocol
Pair pair = new Pair(data[datalinkHdrLen + 6], 0);
calculateLengthOfExtensionHeaders(data, datalinkHdrLen + 40, pair);
// Create IPPacket
switch(pair.protocol) {
case // TCP
6:
packet = new TCPPacket(seconds, microSeconds, len, datalinkHdrLen, pair.protocol, pair.extensionHeadersLength, data);
break;
case // UDP
17:
packet = createUDPPacket(seconds, microSeconds, len, datalinkHdrLen, pair.protocol, pair.extensionHeadersLength, data);
break;
default:
packet = new IPPacket(seconds, microSeconds, len, datalinkHdrLen, pair.protocol, pair.extensionHeadersLength, data);
break;
}
} else if (network == IPV4 && data.length >= datalinkHdrLen + 20) {
byte iphlen = (byte) ((bytes.get(datalinkHdrLen) & 0x0f) << 2);
if (data.length < datalinkHdrLen + iphlen) {
// Truncated packet
packet = new Packet(seconds, microSeconds, len, datalinkHdrLen, data);
} else {
// Determine IP protocol
byte protocol = bytes.get(datalinkHdrLen + 9);
switch(protocol) {
case // TCP
6:
if (data.length >= datalinkHdrLen + iphlen + 20) {
packet = new TCPPacket(seconds, microSeconds, len, datalinkHdrLen, null, null, data);
} else {
packet = new Packet(seconds, microSeconds, len, datalinkHdrLen, data);
}
break;
case // UDP
17:
if (data.length >= datalinkHdrLen + iphlen + 6) {
packet = createUDPPacket(seconds, microSeconds, len, datalinkHdrLen, null, null, data);
} else {
packet = new Packet(seconds, microSeconds, len, datalinkHdrLen, data);
}
break;
default:
packet = new IPPacket(seconds, microSeconds, len, datalinkHdrLen, null, null, data);
}
}
} else {
packet = new Packet(seconds, microSeconds, len, datalinkHdrLen, data);
}
return packet;
}
Also used :
UDPPacket(com.att.aro.core.packetreader.pojo.UDPPacket)
TCPPacket(com.att.aro.core.packetreader.pojo.TCPPacket)
Packet(com.att.aro.core.packetreader.pojo.Packet)
IPPacket(com.att.aro.core.packetreader.pojo.IPPacket)
TCPPacket(com.att.aro.core.packetreader.pojo.TCPPacket)
ByteBuffer(java.nio.ByteBuffer)
IPPacket(com.att.aro.core.packetreader.pojo.IPPacket)
Example 9 with IPPacket
use of com.att.aro.core.packetreader.pojo.IPPacket in project VideoOptimzer by attdevsupport.
the class PacketReaderLibraryImpl method translatePcap4jPacket.
/**
* Translate Pcap4j packet to VO packet
* @param pcap4jPacket
* @return
*/
private com.att.aro.core.packetreader.pojo.Packet translatePcap4jPacket(long timestampInSeconds, long timestampInMicroSeconds, Packet pcap4jPacket) {
TcpPacket pcap4jTcpPacket;
UdpPacket pcap4jUdpPacket;
if (pcap4jPacket.contains(IcmpV4CommonPacket.class) || pcap4jPacket.contains(IcmpV6CommonPacket.class)) {
return new IPPacket(timestampInSeconds, timestampInMicroSeconds, pcap4jPacket);
} else if ((pcap4jTcpPacket = pcap4jPacket.get(TcpPacket.class)) != null) {
return new TCPPacket(timestampInSeconds, timestampInMicroSeconds, pcap4jPacket, pcap4jTcpPacket);
} else if ((pcap4jUdpPacket = pcap4jPacket.get(UdpPacket.class)) != null) {
return new UDPPacket(timestampInSeconds, timestampInMicroSeconds, pcap4jPacket, pcap4jUdpPacket);
} else {
return new IPPacket(timestampInSeconds, timestampInMicroSeconds, pcap4jPacket);
}
}
Also used :
TcpPacket(org.pcap4j.packet.TcpPacket)
IcmpV4CommonPacket(org.pcap4j.packet.IcmpV4CommonPacket)
IcmpV6CommonPacket(org.pcap4j.packet.IcmpV6CommonPacket)
TCPPacket(com.att.aro.core.packetreader.pojo.TCPPacket)
UdpPacket(org.pcap4j.packet.UdpPacket)
UDPPacket(com.att.aro.core.packetreader.pojo.UDPPacket)
IPPacket(com.att.aro.core.packetreader.pojo.IPPacket)
Example 10 with IPPacket
use of com.att.aro.core.packetreader.pojo.IPPacket in project VideoOptimzer by attdevsupport.
the class PacketAnalyzerImpl method getStatistic.
@Override
public Statistic getStatistic(List<PacketInfo> packetInfos) {
Statistic stat = new Statistic();
Set<String> appNames = new HashSet<String>();
if (!packetInfos.isEmpty() && packetInfos.size() > 0) {
long totalHTTPSBytes = 0;
long totalBytes = 0;
long totalTCPBytes = 0;
long totalPayloadBytes = 0;
long totalTCPPayloadBytes = 0;
int totalTCPPackets = 0;
double minTCPPacketTimestamp = Double.MAX_VALUE;
double maxTCPPacketTimestamp = Double.MIN_VALUE;
List<IPPacketSummary> ipPacketSummary = new ArrayList<>();
List<ApplicationPacketSummary> applicationPacketSummary = new ArrayList<>();
Map<Integer, Integer> packetSizeToCountMap = new HashMap<>();
Map<String, PacketCounter> appPackets = new HashMap<>();
Map<InetAddress, PacketCounter> ipPackets = new HashMap<>();
for (PacketInfo packetInfo : packetInfos) {
if (packetInfo != null) {
totalBytes += packetInfo.getLen();
totalPayloadBytes += packetInfo.getPacket().getPayloadLen();
PacketCounter pCounter;
if (packetInfo.getPacket() instanceof TCPPacket) {
++totalTCPPackets;
minTCPPacketTimestamp = Math.min(minTCPPacketTimestamp, packetInfo.getTimeStamp());
maxTCPPacketTimestamp = Math.max(maxTCPPacketTimestamp, packetInfo.getTimeStamp());
TCPPacket tcp = (TCPPacket) packetInfo.getPacket();
totalTCPBytes += tcp.getPacketLength();
totalTCPPayloadBytes += tcp.getPayloadLen();
if (tcp.isSsl() || tcp.getDestinationPort() == 443 || tcp.getSourcePort() == 443) {
totalHTTPSBytes += tcp.getPayloadLen();
}
}
if (packetInfo.getPacket() instanceof IPPacket) {
// Count packets by packet size
Integer packetSize = packetInfo.getPacket().getPayloadLen();
Integer iValue = packetSizeToCountMap.get(packetSize);
if (iValue == null) {
iValue = 1;
} else {
iValue++;
}
packetSizeToCountMap.put(packetSize, iValue);
// Get IP address summary
InetAddress ipAddress = packetInfo.getRemoteIPAddress();
pCounter = ipPackets.get(ipAddress);
if (pCounter == null) {
pCounter = new PacketCounter();
ipPackets.put(ipAddress, pCounter);
}
pCounter.add(packetInfo);
}
String appName = packetInfo.getAppName();
appNames.add(appName);
pCounter = appPackets.get(appName);
if (pCounter == null) {
pCounter = new PacketCounter();
appPackets.put(appName, pCounter);
}
pCounter.add(packetInfo);
}
}
for (Map.Entry<InetAddress, PacketCounter> ipPacketMap : ipPackets.entrySet()) {
ipPacketSummary.add(new IPPacketSummary(ipPacketMap.getKey(), ipPacketMap.getValue().getPacketCount(), ipPacketMap.getValue().getTotalBytes(), ipPacketMap.getValue().getTotalPayloadBytes()));
}
for (Map.Entry<String, PacketCounter> appPacketMap : appPackets.entrySet()) {
applicationPacketSummary.add(new ApplicationPacketSummary(appPacketMap.getKey(), appPacketMap.getValue().getPacketCount(), appPacketMap.getValue().getTotalBytes(), appPacketMap.getValue().getTotalPayloadBytes()));
}
double packetsDuration = packetInfos.get(packetInfos.size() - 1).getTimeStamp() - packetInfos.get(0).getTimeStamp();
double tcpPacketDuration = (maxTCPPacketTimestamp > minTCPPacketTimestamp) ? (maxTCPPacketTimestamp - minTCPPacketTimestamp) : 0.0d;
double avgKbps = packetsDuration != 0 ? totalBytes * 8.0 / 1000.0 / packetsDuration : 0.0d;
double avgTCPKbps = tcpPacketDuration != 0 ? totalTCPBytes * 8.0 / 1000.0 / tcpPacketDuration : 0.0d;
stat.setApplicationPacketSummary(applicationPacketSummary);
stat.setAverageKbps(avgKbps);
stat.setAverageTCPKbps(avgTCPKbps);
stat.setIpPacketSummary(ipPacketSummary);
stat.setPacketDuration(packetsDuration);
stat.setTcpPacketDuration(tcpPacketDuration);
stat.setTotalByte(totalBytes);
stat.setTotalPayloadBytes(totalPayloadBytes);
stat.setTotalTCPBytes(totalTCPBytes);
stat.setTotalTCPPayloadBytes(totalTCPPayloadBytes);
stat.setTotalHTTPSByte(totalHTTPSBytes);
stat.setTotalPackets(packetInfos.size());
stat.setTotalTCPPackets(totalTCPPackets);
stat.setPacketSizeToCountMap(packetSizeToCountMap);
}
stat.setAppName(appNames);
return stat;
}
Also used :
HashMap(java.util.HashMap)
ArrayList(java.util.ArrayList)
PacketCounter(com.att.aro.core.packetanalysis.pojo.PacketCounter)
Statistic(com.att.aro.core.packetanalysis.pojo.Statistic)
IPPacketSummary(com.att.aro.core.packetanalysis.pojo.IPPacketSummary)
HashSet(java.util.HashSet)
TCPPacket(com.att.aro.core.packetreader.pojo.TCPPacket)
PacketInfo(com.att.aro.core.packetanalysis.pojo.PacketInfo)
ApplicationPacketSummary(com.att.aro.core.packetanalysis.pojo.ApplicationPacketSummary)
InetAddress(java.net.InetAddress)
Map(java.util.Map)
SortedMap(java.util.SortedMap)
HashMap(java.util.HashMap)
TreeMap(java.util.TreeMap)
IPPacket(com.att.aro.core.packetreader.pojo.IPPacket)
Aggregations
IPPacket (com.att.aro.core.packetreader.pojo.IPPacket)14
PacketInfo (com.att.aro.core.packetanalysis.pojo.PacketInfo)9
TCPPacket (com.att.aro.core.packetreader.pojo.TCPPacket)9
UDPPacket (com.att.aro.core.packetreader.pojo.UDPPacket)8
InetAddress (java.net.InetAddress)8
ArrayList (java.util.ArrayList)6
Date (java.util.Date)6
BaseTest (com.att.aro.core.BaseTest)5
HashSet (java.util.HashSet)5
Test (org.junit.Test)5
Packet (com.att.aro.core.packetreader.pojo.Packet)4
UnknownHostException (java.net.UnknownHostException)4
IPacketListener (com.att.aro.core.packetreader.IPacketListener)3
NetworkTypeObject (com.att.aro.core.peripheral.pojo.NetworkTypeObject)3
HashMap (java.util.HashMap)3
InvocationOnMock (org.mockito.invocation.InvocationOnMock)3
ScheduledAlarmInfo (com.att.aro.core.packetanalysis.pojo.ScheduledAlarmInfo)2
Session (com.att.aro.core.packetanalysis.pojo.Session)2
TraceDirectoryResult (com.att.aro.core.packetanalysis.pojo.TraceDirectoryResult)2
DomainNameSystem (com.att.aro.core.packetreader.pojo.DomainNameSystem)2
