Example 6 with UDPPacket
use of com.att.aro.core.packetreader.pojo.UDPPacket in project VideoOptimzer by attdevsupport.
the class PacketAnalyzerImpl method filterPackets.
/**
* Runs the filtering process on the specified packets/PacketInfos.
*
* @return packets/PacketInfos filtered
*/
public List<PacketInfo> filterPackets(AnalysisFilter filter, List<PacketInfo> packetsInfo) {
// create new packets according to the filter setting
List<PacketInfo> filteredPackets = new ArrayList<PacketInfo>();
TimeRange timeRange = filter.getTimeRange();
int packetIdx = 0;
// Ff you select the check box, you want to include it.
// All of of the skip-flags are false at first.
boolean ipv4Skip = !filter.isIpv4Sel();
boolean ipv6Skip = !filter.isIpv6Sel();
boolean tcpSkip = !filter.isTcpSel();
boolean udpSkip = !filter.isUdpSel();
boolean dnsSkip = !filter.isDnsSelection();
for (PacketInfo packetInfo : packetsInfo) {
if (packetInfo.getRemoteIPAddress() != null) {
if (ipv4Skip && packetInfo.getRemoteIPAddress() instanceof Inet4Address) {
continue;
}
if (ipv6Skip && packetInfo.getRemoteIPAddress() instanceof Inet6Address) {
continue;
}
} else {
IPPacket ipPacket = (IPPacket) packetInfo.getPacket();
if (ipPacket != null) {
if (ipv4Skip && ipPacket.getIPVersion() == 4) {
continue;
}
if (ipv6Skip && ipPacket.getIPVersion() == 6) {
continue;
}
}
}
if (tcpSkip && packetInfo.getPacket() instanceof TCPPacket) {
continue;
}
if (udpSkip && packetInfo.getPacket() instanceof UDPPacket) {
UDPPacket udpPacket = (UDPPacket) packetInfo.getPacket();
if (!(DNS_PORT == udpPacket.getDestinationPort() || DNS_PORT == udpPacket.getSourcePort())) {
continue;
}
}
if (dnsSkip && packetInfo.getPacket() instanceof UDPPacket) {
UDPPacket udpPacket = (UDPPacket) packetInfo.getPacket();
if (DNS_PORT == udpPacket.getDestinationPort() || DNS_PORT == udpPacket.getSourcePort()) {
continue;
}
}
// Check time range
double timestamp = packetInfo.getTimeStamp();
if (timeRange != null && (timeRange.getBeginTime() > timestamp || timeRange.getEndTime() < timestamp)) {
// Not in time range
continue;
}
// Check to see if application is selected
if (filter.getPacketColor(packetInfo) == null) {
// App unknown by filter
continue;
}
packetInfo.setPacketId(++packetIdx);
filteredPackets.add(packetInfo);
}
return filteredPackets;
}
Also used :
TimeRange(com.att.aro.core.packetanalysis.pojo.TimeRange)
Inet4Address(java.net.Inet4Address)
TCPPacket(com.att.aro.core.packetreader.pojo.TCPPacket)
ArrayList(java.util.ArrayList)
PacketInfo(com.att.aro.core.packetanalysis.pojo.PacketInfo)
Inet6Address(java.net.Inet6Address)
UDPPacket(com.att.aro.core.packetreader.pojo.UDPPacket)
IPPacket(com.att.aro.core.packetreader.pojo.IPPacket)
Example 7 with UDPPacket
use of com.att.aro.core.packetreader.pojo.UDPPacket in project VideoOptimzer by attdevsupport.
the class SessionManagerImpl method analyzeRequestResponsesForQUICUDPSession.
/**
* Estimate RequestResponseObjects for Secure Sessions
* @param session
* @return
*/
private ArrayList<HttpRequestResponseInfo> analyzeRequestResponsesForQUICUDPSession(Session session) {
ArrayList<HttpRequestResponseInfo> results = new ArrayList<>();
boolean flag = false;
UDPPacket udpPacket = null;
HttpRequestResponseInfo rrInfo = null;
HttpRequestResponseInfo downlinkRRInfo = null;
for (PacketInfo packetInfo : session.getAllPackets()) {
udpPacket = (UDPPacket) packetInfo.getPacket();
if (packetInfo.getDir() == PacketDirection.UPLINK) {
if (udpPacket.getPacketLength() >= AVG_QUIC_UDP_PACKET_SIZE && !flag) {
rrInfo = generateRequestResponseObjectsForSSLOrUDPSessions(session.getRemoteHostName(), packetInfo.getDir(), packetInfo, false);
results.add(rrInfo);
flag = true;
}
updateRequestResponseObject(rrInfo, packetInfo);
}
if (packetInfo.getDir() == PacketDirection.DOWNLINK) {
if (flag) {
downlinkRRInfo = generateRequestResponseObjectsForSSLOrUDPSessions(session.getRemoteHostName(), packetInfo.getDir(), packetInfo, false);
results.add(downlinkRRInfo);
flag = false;
}
updateRequestResponseObject(downlinkRRInfo, packetInfo);
}
}
if (results.isEmpty() && !session.getUplinkPacketsSortedBySequenceNumbers().isEmpty() && !session.getDownlinkPacketsSortedBySequenceNumbers().isEmpty()) {
PacketInfo packetInfo = identifyCorrectTransmissionStream(session.getUplinkPacketsSortedBySequenceNumbers().firstEntry().getValue(), session.getAckNumbers(), session, PacketDirection.UPLINK);
rrInfo = generateRequestResponseObjectsForSSLOrUDPSessions(session.getRemoteHostName(), PacketDirection.UPLINK, packetInfo, false);
packetInfo = identifyCorrectTransmissionStream(session.getUplinkPacketsSortedBySequenceNumbers().lastEntry().getValue(), session.getAckNumbers(), session, PacketDirection.UPLINK);
rrInfo.setLastDataPacket(packetInfo);
rrInfo.setExtractable(false);
results.add(rrInfo);
packetInfo = identifyCorrectTransmissionStream(session.getDownlinkPacketsSortedBySequenceNumbers().firstEntry().getValue(), session.getAckNumbers(), session, PacketDirection.DOWNLINK);
downlinkRRInfo = generateRequestResponseObjectsForSSLOrUDPSessions(session.getRemoteHostName(), PacketDirection.DOWNLINK, packetInfo, false);
packetInfo = identifyCorrectTransmissionStream(session.getDownlinkPacketsSortedBySequenceNumbers().lastEntry().getValue(), session.getAckNumbers(), session, PacketDirection.DOWNLINK);
downlinkRRInfo.setLastDataPacket(packetInfo);
downlinkRRInfo.setExtractable(false);
results.add(downlinkRRInfo);
}
return results;
}
Also used :
HttpRequestResponseInfo(com.att.aro.core.packetanalysis.pojo.HttpRequestResponseInfo)
ArrayList(java.util.ArrayList)
PacketInfo(com.att.aro.core.packetanalysis.pojo.PacketInfo)
UDPPacket(com.att.aro.core.packetreader.pojo.UDPPacket)
Example 8 with UDPPacket
use of com.att.aro.core.packetreader.pojo.UDPPacket in project VideoOptimzer by attdevsupport.
the class TimeRangeAnalysis method performTimeRangeAnalysis.
/**
* Performs a TimeRangeAnalysis on the trace data.
* @param analysisData Packet analyzer result object
*/
private void performTimeRangeAnalysis(PacketAnalyzerResult analysisData) {
if (analysisData != null) {
List<RrcStateRange> rrcCollection = analysisData.getStatemachine().getStaterangelist();
List<PacketInfo> packets = analysisData.getTraceresult().getAllpackets();
if (controller != null) {
PacketAnalyzerImpl packetAnalyzerImpl = (PacketAnalyzerImpl) (controller.getAROService().getAnalyzer());
packets = packetAnalyzerImpl.filterPackets(analysisData.getFilter(), packets);
}
Profile profile = analysisData.getProfile();
int packetNum = packets.size();
for (int i = 0; i < packetNum; i++) {
PacketInfo packetInfo = packets.get(i);
if ((!ipv4Present || !ipv6Present) && packetInfo.getPacket() instanceof IPPacket) {
IPPacket p = (IPPacket) packetInfo.getPacket();
if (p.getIPVersion() == 4) {
ipv4Present = true;
} else if (p.getIPVersion() == 6) {
ipv6Present = true;
}
}
if (!tcpPresent && packetInfo.getPacket() instanceof TCPPacket) {
tcpPresent = true;
} else if ((!udpPresent || !dnsPresent) && packetInfo.getPacket() instanceof UDPPacket) {
UDPPacket p = (UDPPacket) packetInfo.getPacket();
udpPresent = true;
if (p.isDNSPacket()) {
dnsPresent = true;
}
}
if (packetInfo.getTimeStamp() >= startTime && packetInfo.getTimeStamp() <= endTime) {
payloadLen += packetInfo.getPayloadLen();
totalBytes += packetInfo.getLen();
if (packetInfo.getDir().equals(PacketDirection.UPLINK)) {
uplinkBytes += packetInfo.getLen();
} else if (packetInfo.getDir().equals(PacketDirection.DOWNLINK)) {
downlinkBytes += packetInfo.getLen();
}
}
}
int collectionSize = rrcCollection.size();
for (int i = 0; i < collectionSize; i++) {
double beginTime;
double endTime;
RrcStateRange rrc = rrcCollection.get(i);
if (rrc.getEndTime() < this.startTime) {
continue;
}
if (rrc.getBeginTime() > this.endTime) {
continue;
}
if (rrc.getBeginTime() >= this.startTime) {
beginTime = rrc.getBeginTime();
} else {
beginTime = this.startTime;
}
if (rrc.getEndTime() <= this.endTime) {
endTime = rrc.getEndTime();
} else {
endTime = this.endTime;
}
RRCState rrcState = rrc.getState();
rrcEnergy += updateEnergy(analysisData, profile, beginTime, endTime, rrcState);
activeTime += updateActiveTime(profile, beginTime, endTime, rrcState);
}
}
}
Also used :
RRCState(com.att.aro.core.packetanalysis.pojo.RRCState)
TCPPacket(com.att.aro.core.packetreader.pojo.TCPPacket)
RrcStateRange(com.att.aro.core.packetanalysis.pojo.RrcStateRange)
PacketInfo(com.att.aro.core.packetanalysis.pojo.PacketInfo)
UDPPacket(com.att.aro.core.packetreader.pojo.UDPPacket)
Profile(com.att.aro.core.configuration.pojo.Profile)
IPPacket(com.att.aro.core.packetreader.pojo.IPPacket)
Example 9 with UDPPacket
use of com.att.aro.core.packetreader.pojo.UDPPacket in project VideoOptimzer by attdevsupport.
the class TraceDataReaderImpl method determinePacketDirection.
/**
* Attempts to determine packet direction based upon source and destination IP
* addresses
*/
private PacketDirection determinePacketDirection(PacketInfo packetInfo, InetAddress source, InetAddress dest) {
Packet packet = packetInfo.getPacket();
if (packet instanceof TCPPacket) {
int sourcePort = ((TCPPacket) packet).getSourcePort();
int destinationPort = ((TCPPacket) packet).getDestinationPort();
if (packetInfo.getTcpFlagString().equals("S")) {
this.localIPAddresses.add(source.getHostAddress());
this.remoteIPAddresses.add(dest.getHostAddress());
this.localPortNumbers.add(sourcePort);
this.remotePortNumbers.add(destinationPort);
}
if (this.localPortNumbers.contains(sourcePort) || this.remotePortNumbers.contains(destinationPort)) {
return PacketDirection.UPLINK;
} else if (this.remotePortNumbers.contains(sourcePort) || this.localPortNumbers.contains(destinationPort)) {
return PacketDirection.DOWNLINK;
} else {
return PacketDirection.UNKNOWN;
}
} else if (packet instanceof UDPPacket) {
int sourcePort = ((UDPPacket) packet).getSourcePort();
int destinationPort = ((UDPPacket) packet).getDestinationPort();
if (this.localPortNumbers.contains(sourcePort) || this.remotePortNumbers.contains(destinationPort)) {
return PacketDirection.UPLINK;
} else if (this.remotePortNumbers.contains(sourcePort) || this.localPortNumbers.contains(destinationPort)) {
return PacketDirection.DOWNLINK;
} else {
if (this.localIPAddresses.contains(source.getHostAddress()) || this.remoteIPAddresses.contains(dest.getHostAddress())) {
return PacketDirection.UPLINK;
} else if (this.remoteIPAddresses.contains(source.getHostAddress()) || this.localIPAddresses.contains(dest.getHostAddress())) {
return PacketDirection.DOWNLINK;
} else {
return PacketDirection.UNKNOWN;
}
}
} else {
return PacketDirection.UNKNOWN;
}
}
Also used :
TCPPacket(com.att.aro.core.packetreader.pojo.TCPPacket)
Packet(com.att.aro.core.packetreader.pojo.Packet)
IPPacket(com.att.aro.core.packetreader.pojo.IPPacket)
UDPPacket(com.att.aro.core.packetreader.pojo.UDPPacket)
TCPPacket(com.att.aro.core.packetreader.pojo.TCPPacket)
UDPPacket(com.att.aro.core.packetreader.pojo.UDPPacket)
Example 10 with UDPPacket
use of com.att.aro.core.packetreader.pojo.UDPPacket in project VideoOptimzer by attdevsupport.
the class TraceDataReaderImpl method readPcapTraceFile.
private AbstractTraceResult readPcapTraceFile(String filepath, Double startTime, Double duration, AbstractTraceResult dresult) throws IOException {
if (!filereader.fileExist(filepath)) {
if (LOGGER != null) {
LOGGER.error("No packet file found at: " + filepath);
}
return null;
}
AbstractTraceResult result = dresult;
if (this.packetreader == null) {
// this.packetreader = new PacketReaderImpl();
throw new NullPointerException("this.packetreader is null");
}
this.packetreader.readPacket(filepath, this);
double pcapTime0 = 0;
double traceDuration = 0;
// Determine application name associated with each packet
if (!allPackets.isEmpty()) {
pcapTime0 = startTime != null ? startTime.doubleValue() : allPackets.get(0).getPacket().getTimeStamp();
traceDuration = duration != null ? duration.doubleValue() : allPackets.get(allPackets.size() - 1).getPacket().getTimeStamp() - pcapTime0;
List<Integer> appIds = result.getAppIds();
if (appIds == null) {
appIds = Collections.emptyList();
result.setAppIds(appIds);
}
// Determine if timezone difference needs to be accounted for
int tzDiff = 0;
int captureOffset = result.getCaptureOffset();
if (captureOffset != -1) {
int localOffset = Calendar.getInstance().getTimeZone().getRawOffset() / 1000;
int collectorOffset = captureOffset * 60 * -1;
tzDiff = collectorOffset - localOffset;
}
result.setPcapTimeOffset(pcapTime0 - tzDiff);
int packetIdx = 0;
List<String> appInfos = result.getAppInfos();
Set<String> allAppNames = result.getAllAppNames();
Map<String, Set<InetAddress>> appIps = result.getAppIps();
for (Iterator<PacketInfo> iter = allPackets.iterator(); iter.hasNext(); ) {
PacketInfo packetInfo = iter.next();
// Filter out non-IP packets
if (!(packetInfo.getPacket() instanceof IPPacket)) {
iter.remove();
continue;
}
IPPacket ipPacket = (IPPacket) packetInfo.getPacket();
PacketDirection packetDirection = determinePacketDirection(packetInfo, ipPacket.getSourceIPAddress(), ipPacket.getDestinationIPAddress());
if (packetDirection.equals(PacketDirection.UNKNOWN) && (ipPacket instanceof TCPPacket || ipPacket instanceof UDPPacket)) {
unknownPackets.add(packetInfo);
}
packetInfo.setDir(packetDirection);
packetInfo.setTimestamp(ipPacket.getTimeStamp() - pcapTime0 - tzDiff);
// Associate application ID with the packet
String appName = getAppNameForPacket(packetIdx, appIds, appInfos);
packetInfo.setAppName(appName);
allAppNames.add(appName);
// Group IPs by app
Set<InetAddress> ips = appIps.get(appName);
if (ips == null) {
ips = new HashSet<InetAddress>();
appIps.put(appName, ips);
}
ips.add(packetInfo.getRemoteIPAddress());
// Set packet ID to match Wireshark ID
packetInfo.setPacketId(++packetIdx);
}
if (!unknownPackets.isEmpty()) {
for (Iterator<PacketInfo> iterator = unknownPackets.iterator(); iterator.hasNext(); ) {
PacketInfo packetInfo = iterator.next();
IPPacket ipPacket = (IPPacket) packetInfo.getPacket();
PacketDirection packetDirection = determinePacketDirection(packetInfo, ipPacket.getSourceIPAddress(), ipPacket.getDestinationIPAddress());
iterator.remove();
if (packetDirection.equals(PacketDirection.UNKNOWN)) {
packetDirection = PacketDirection.UPLINK;
Packet packet = packetInfo.getPacket();
if (packet instanceof TCPPacket) {
int sourcePort = ((TCPPacket) packet).getSourcePort();
int destinationPort = ((TCPPacket) packet).getDestinationPort();
this.localIPAddresses.add(ipPacket.getSourceIPAddress().getHostAddress());
this.remoteIPAddresses.add(ipPacket.getDestinationIPAddress().getHostAddress());
this.localPortNumbers.add(sourcePort);
this.remotePortNumbers.add(destinationPort);
} else if (packet instanceof UDPPacket) {
int sourcePort = ((UDPPacket) packet).getSourcePort();
int destinationPort = ((UDPPacket) packet).getDestinationPort();
this.localIPAddresses.add(ipPacket.getSourceIPAddress().getHostAddress());
this.remoteIPAddresses.add(ipPacket.getDestinationIPAddress().getHostAddress());
this.localPortNumbers.add(sourcePort);
this.remotePortNumbers.add(destinationPort);
}
}
packetInfo.setDir(packetDirection);
}
}
if (!unknownPackets.isEmpty()) {
LOGGER.error("Packets with no direction identified.");
}
Collections.sort(allPackets);
} else {
pcapTime0 = startTime != null ? startTime.doubleValue() : filereader.getLastModified(filepath) / 1000.0;
traceDuration = duration != null ? duration.doubleValue() : 0.0;
}
Date traceDateTime = new Date((long) (pcapTime0 * 1000));
result.setPcapTime0(pcapTime0);
result.setTraceDuration(traceDuration);
result.setTraceDateTime(traceDateTime);
return result;
}
Also used :
TCPPacket(com.att.aro.core.packetreader.pojo.TCPPacket)
Packet(com.att.aro.core.packetreader.pojo.Packet)
IPPacket(com.att.aro.core.packetreader.pojo.IPPacket)
UDPPacket(com.att.aro.core.packetreader.pojo.UDPPacket)
Set(java.util.Set)
HashSet(java.util.HashSet)
PacketDirection(com.att.aro.core.packetreader.pojo.PacketDirection)
UDPPacket(com.att.aro.core.packetreader.pojo.UDPPacket)
Date(java.util.Date)
AbstractTraceResult(com.att.aro.core.packetanalysis.pojo.AbstractTraceResult)
TCPPacket(com.att.aro.core.packetreader.pojo.TCPPacket)
PacketInfo(com.att.aro.core.packetanalysis.pojo.PacketInfo)
InetAddress(java.net.InetAddress)
IPPacket(com.att.aro.core.packetreader.pojo.IPPacket)
Aggregations
UDPPacket (com.att.aro.core.packetreader.pojo.UDPPacket)19
TCPPacket (com.att.aro.core.packetreader.pojo.TCPPacket)16
PacketInfo (com.att.aro.core.packetanalysis.pojo.PacketInfo)12
DomainNameSystem (com.att.aro.core.packetreader.pojo.DomainNameSystem)10
ArrayList (java.util.ArrayList)10
BaseTest (com.att.aro.core.BaseTest)9
InetAddress (java.net.InetAddress)9
Test (org.junit.Test)9
HashSet (java.util.HashSet)8
IPPacket (com.att.aro.core.packetreader.pojo.IPPacket)7
Session (com.att.aro.core.packetanalysis.pojo.Session)6
RrcStateRange (com.att.aro.core.packetanalysis.pojo.RrcStateRange)5
BurstCollectionAnalysisData (com.att.aro.core.packetanalysis.pojo.BurstCollectionAnalysisData)4
Packet (com.att.aro.core.packetreader.pojo.Packet)4
CpuActivity (com.att.aro.core.peripheral.pojo.CpuActivity)4
HashMap (java.util.HashMap)4
UserEvent (com.att.aro.core.peripheral.pojo.UserEvent)3
Inet4Address (java.net.Inet4Address)3
Date (java.util.Date)3
Profile (com.att.aro.core.configuration.pojo.Profile)2
