Examples with UDPPacket io.pkts.packet.UDPPacket used on opensource projects

Example 1 with UDPPacket

use of io.pkts.packet.UDPPacket in project graylog2-server by Graylog2.

the class NetFlowV5ParserTest method pcap_netgraph_NetFlowV5.

@Test
public void pcap_netgraph_NetFlowV5() throws Exception {
    final List<NetFlowV5Record> allRecords = new ArrayList<>();
    try (InputStream inputStream = Resources.getResource("netflow-data/netgraph-netflow5.pcap").openStream()) {
        final Pcap pcap = Pcap.openStream(inputStream);
        pcap.loop(packet -> {
            if (packet.hasProtocol(Protocol.UDP)) {
                final UDPPacket udp = (UDPPacket) packet.getPacket(Protocol.UDP);
                final ByteBuf byteBuf = Unpooled.wrappedBuffer(udp.getPayload().getArray());
                final NetFlowV5Packet netFlowV5Packet = NetFlowV5Parser.parsePacket(byteBuf);
                assertThat(netFlowV5Packet).isNotNull();
                allRecords.addAll(netFlowV5Packet.records());
            }
            return true;
        });
    }
    assertThat(allRecords).hasSize(120);
}

Example 2 with UDPPacket

use of io.pkts.packet.UDPPacket in project graylog2-server by Graylog2.

the class NetflowV9CodecAggregatorTest method decodePcapStream.

private Collection<Message> decodePcapStream(String resourceName) throws IOException {
    final List<Message> allMessages = Lists.newArrayList();
    try (InputStream inputStream = Resources.getResource(resourceName).openStream()) {
        final Pcap pcap = Pcap.openStream(inputStream);
        pcap.loop(packet -> {
            if (packet.hasProtocol(Protocol.UDP)) {
                final UDPPacket udp = (UDPPacket) packet.getPacket(Protocol.UDP);
                final InetSocketAddress source = new InetSocketAddress(udp.getParentPacket().getSourceIP(), udp.getSourcePort());
                final CodecAggregator.Result result = codecAggregator.addChunk(Unpooled.copiedBuffer(udp.getPayload().getArray()), source);
                if (result.isValid() && result.getMessage() != null) {
                    final Collection<Message> c = codec.decodeMessages(convertToRawMessage(result, source));
                    if (c != null) {
                        allMessages.addAll(c);
                    }
                }
            }
            return true;
        });
    }
    return allMessages;
}

Example 3 with UDPPacket

use of io.pkts.packet.UDPPacket in project graylog2-server by Graylog2.

the class NetFlowV5ParserTest method pcap_pmacctd_NetFlowV5.

@Test
public void pcap_pmacctd_NetFlowV5() throws Exception {
    final List<NetFlowV5Record> allRecords = new ArrayList<>();
    try (InputStream inputStream = Resources.getResource("netflow-data/pmacctd-netflow5.pcap").openStream()) {
        final Pcap pcap = Pcap.openStream(inputStream);
        pcap.loop(packet -> {
            if (packet.hasProtocol(Protocol.UDP)) {
                final UDPPacket udp = (UDPPacket) packet.getPacket(Protocol.UDP);
                final ByteBuf byteBuf = Unpooled.wrappedBuffer(udp.getPayload().getArray());
                final NetFlowV5Packet netFlowV5Packet = NetFlowV5Parser.parsePacket(byteBuf);
                assertThat(netFlowV5Packet).isNotNull();
                allRecords.addAll(netFlowV5Packet.records());
            }
            return true;
        });
    }
    assertThat(allRecords).hasSize(42);
}

Example 4 with UDPPacket

use of io.pkts.packet.UDPPacket in project graylog2-server by Graylog2.

the class NetFlowV5ParserTest method pcap_softflowd_NetFlowV5.

@Test
public void pcap_softflowd_NetFlowV5() throws Exception {
    final List<NetFlowV5Record> allRecords = new ArrayList<>();
    try (InputStream inputStream = Resources.getResource("netflow-data/netflow5.pcap").openStream()) {
        final Pcap pcap = Pcap.openStream(inputStream);
        pcap.loop(packet -> {
            if (packet.hasProtocol(Protocol.UDP)) {
                final UDPPacket udp = (UDPPacket) packet.getPacket(Protocol.UDP);
                final ByteBuf byteBuf = Unpooled.wrappedBuffer(udp.getPayload().getArray());
                final NetFlowV5Packet netFlowV5Packet = NetFlowV5Parser.parsePacket(byteBuf);
                assertThat(netFlowV5Packet).isNotNull();
                allRecords.addAll(netFlowV5Packet.records());
            }
            return true;
        });
    }
    assertThat(allRecords).hasSize(4);
}

Example 5 with UDPPacket

use of io.pkts.packet.UDPPacket in project graylog2-server by Graylog2.

the class NetflowV9CodecAggregatorTest method parseNetflowPcapStream.

private Collection<NetFlowV9Packet> parseNetflowPcapStream(String resourceName) throws IOException {
    final List<NetFlowV9Packet> allPackets = Lists.newArrayList();
    try (InputStream inputStream = Resources.getResource(resourceName).openStream()) {
        final Pcap pcap = Pcap.openStream(inputStream);
        pcap.loop(packet -> {
            if (packet.hasProtocol(Protocol.UDP)) {
                final UDPPacket udp = (UDPPacket) packet.getPacket(Protocol.UDP);
                final InetSocketAddress source = new InetSocketAddress(udp.getParentPacket().getSourceIP(), udp.getSourcePort());
                final CodecAggregator.Result result = codecAggregator.addChunk(Unpooled.copiedBuffer(udp.getPayload().getArray()), source);
                if (result.isValid() && result.getMessage() != null) {
                    final ByteBuf buffer = result.getMessage();
                    // must read the marker byte off the buffer first.
                    buffer.readByte();
                    allPackets.addAll(codec.decodeV9Packets(buffer));
                }
            }
            return true;
        });
    }
    return allPackets;
}