Search in sources :

Example 1 with FixedPcapFilter

use of org.apache.metron.pcap.filter.fixed.FixedPcapFilter in project metron by apache.

the class FixedPcapFilterTest method testMissingSrcPort.

@Test
public void testMissingSrcPort() throws Exception {
    Configuration config = new Configuration();
    final HashMap<String, String> fields = new HashMap<String, String>() {

        {
            put(Constants.Fields.SRC_ADDR.getName(), "src_ip");
            put(Constants.Fields.DST_ADDR.getName(), "dst_ip");
            put(Constants.Fields.DST_PORT.getName(), "1");
            put(Constants.Fields.INCLUDES_REVERSE_TRAFFIC.getName(), "false");
        }
    };
    new FixedPcapFilter.Configurator().addToConfig(fields, config);
    {
        FixedPcapFilter filter = new FixedPcapFilter() {

            @Override
            protected HashMap<String, Object> packetToFields(PacketInfo pi) {
                return new HashMap<String, Object>() {

                    {
                        put(Constants.Fields.SRC_ADDR.getName(), "src_ip");
                        put(Constants.Fields.SRC_PORT.getName(), 0);
                        put(Constants.Fields.DST_ADDR.getName(), "dst_ip");
                        put(Constants.Fields.DST_PORT.getName(), 1);
                    }
                };
            }
        };
        filter.configure(config);
        Assert.assertTrue(filter.test(null));
    }
    new FixedPcapFilter.Configurator().addToConfig(fields, config);
    {
        FixedPcapFilter filter = new FixedPcapFilter() {

            @Override
            protected HashMap<String, Object> packetToFields(PacketInfo pi) {
                return new HashMap<String, Object>() {

                    {
                        put(Constants.Fields.SRC_ADDR.getName(), "src_ip");
                        put(Constants.Fields.SRC_PORT.getName(), 100);
                        put(Constants.Fields.DST_ADDR.getName(), "dst_ip");
                        put(Constants.Fields.DST_PORT.getName(), 1);
                    }
                };
            }
        };
        filter.configure(config);
        Assert.assertTrue(filter.test(null));
    }
}
Also used : Configuration(org.apache.hadoop.conf.Configuration) HashMap(java.util.HashMap) FixedPcapFilter(org.apache.metron.pcap.filter.fixed.FixedPcapFilter) Test(org.junit.Test)

Example 2 with FixedPcapFilter

use of org.apache.metron.pcap.filter.fixed.FixedPcapFilter in project metron by apache.

the class FixedPcapFilterTest method testReverseTraffic.

@Test
public void testReverseTraffic() throws Exception {
    Configuration config = new Configuration();
    final Map<String, String> fields = new HashMap<String, String>() {

        {
            put(Constants.Fields.SRC_ADDR.getName(), "src_ip");
            put(Constants.Fields.SRC_PORT.getName(), "0");
            put(Constants.Fields.DST_ADDR.getName(), "dst_ip");
            put(Constants.Fields.DST_PORT.getName(), "1");
            put(Constants.Fields.INCLUDES_REVERSE_TRAFFIC.getName(), "true");
        }
    };
    new FixedPcapFilter.Configurator().addToConfig(fields, config);
    {
        FixedPcapFilter filter = new FixedPcapFilter() {

            @Override
            protected Map<String, Object> packetToFields(PacketInfo pi) {
                return new HashMap<String, Object>() {

                    {
                        put(Constants.Fields.SRC_ADDR.getName(), "src_ip");
                        put(Constants.Fields.SRC_PORT.getName(), 0);
                        put(Constants.Fields.DST_ADDR.getName(), "dst_ip");
                        put(Constants.Fields.DST_PORT.getName(), 1);
                    }
                };
            }
        };
        filter.configure(config);
        Assert.assertTrue(filter.test(null));
    }
    new FixedPcapFilter.Configurator().addToConfig(fields, config);
    {
        FixedPcapFilter filter = new FixedPcapFilter() {

            @Override
            protected Map<String, Object> packetToFields(PacketInfo pi) {
                return new HashMap<String, Object>() {

                    {
                        put(Constants.Fields.SRC_ADDR.getName(), "dst_ip");
                        put(Constants.Fields.SRC_PORT.getName(), 1);
                        put(Constants.Fields.DST_ADDR.getName(), "src_ip");
                        put(Constants.Fields.DST_PORT.getName(), 0);
                    }
                };
            }
        };
        filter.configure(config);
        Assert.assertTrue(filter.test(null));
    }
    new FixedPcapFilter.Configurator().addToConfig(fields, config);
    {
        FixedPcapFilter filter = new FixedPcapFilter() {

            @Override
            protected Map<String, Object> packetToFields(PacketInfo pi) {
                return new HashMap<String, Object>() {

                    {
                        put(Constants.Fields.SRC_ADDR.getName(), "dst_ip");
                        put(Constants.Fields.SRC_PORT.getName(), 0);
                        put(Constants.Fields.DST_ADDR.getName(), "src_ip");
                        put(Constants.Fields.DST_PORT.getName(), 1);
                    }
                };
            }
        };
        filter.configure(config);
        Assert.assertFalse(filter.test(null));
    }
}
Also used : Configuration(org.apache.hadoop.conf.Configuration) HashMap(java.util.HashMap) Map(java.util.Map) HashMap(java.util.HashMap) FixedPcapFilter(org.apache.metron.pcap.filter.fixed.FixedPcapFilter) Test(org.junit.Test)

Example 3 with FixedPcapFilter

use of org.apache.metron.pcap.filter.fixed.FixedPcapFilter in project metron by apache.

the class FixedPcapFilterTest method testMissingDstAddr.

@Test
public void testMissingDstAddr() throws Exception {
    Configuration config = new Configuration();
    final HashMap<String, String> fields = new HashMap<String, String>() {

        {
            put(Constants.Fields.SRC_ADDR.getName(), "src_ip");
            put(Constants.Fields.SRC_PORT.getName(), "0");
            put(Constants.Fields.DST_PORT.getName(), "1");
            put(Constants.Fields.INCLUDES_REVERSE_TRAFFIC.getName(), "false");
        }
    };
    new FixedPcapFilter.Configurator().addToConfig(fields, config);
    {
        FixedPcapFilter filter = new FixedPcapFilter() {

            @Override
            protected HashMap<String, Object> packetToFields(PacketInfo pi) {
                return new HashMap<String, Object>() {

                    {
                        put(Constants.Fields.SRC_ADDR.getName(), "src_ip");
                        put(Constants.Fields.SRC_PORT.getName(), 0);
                        put(Constants.Fields.DST_ADDR.getName(), "dst_ip");
                        put(Constants.Fields.DST_PORT.getName(), 1);
                    }
                };
            }
        };
        filter.configure(config);
        Assert.assertTrue(filter.test(null));
    }
    new FixedPcapFilter.Configurator().addToConfig(fields, config);
    {
        FixedPcapFilter filter = new FixedPcapFilter() {

            @Override
            protected HashMap<String, Object> packetToFields(PacketInfo pi) {
                return new HashMap<String, Object>() {

                    {
                        put(Constants.Fields.SRC_ADDR.getName(), "src_ip1");
                        put(Constants.Fields.SRC_PORT.getName(), 0);
                        put(Constants.Fields.DST_ADDR.getName(), "dst_ip");
                        put(Constants.Fields.DST_PORT.getName(), 1);
                    }
                };
            }
        };
        filter.configure(config);
        Assert.assertFalse(filter.test(null));
    }
}
Also used : Configuration(org.apache.hadoop.conf.Configuration) HashMap(java.util.HashMap) FixedPcapFilter(org.apache.metron.pcap.filter.fixed.FixedPcapFilter) Test(org.junit.Test)

Example 4 with FixedPcapFilter

use of org.apache.metron.pcap.filter.fixed.FixedPcapFilter in project metron by apache.

the class FixedPcapFilterTest method testMissingSrcAddr.

@Test
public void testMissingSrcAddr() throws Exception {
    Configuration config = new Configuration();
    final HashMap<String, String> fields = new HashMap<String, String>() {

        {
            put(Constants.Fields.SRC_PORT.getName(), "0");
            put(Constants.Fields.DST_ADDR.getName(), "dst_ip");
            put(Constants.Fields.DST_PORT.getName(), "1");
            put(Constants.Fields.INCLUDES_REVERSE_TRAFFIC.getName(), "false");
        }
    };
    new FixedPcapFilter.Configurator().addToConfig(fields, config);
    {
        FixedPcapFilter filter = new FixedPcapFilter() {

            @Override
            protected HashMap<String, Object> packetToFields(PacketInfo pi) {
                return new HashMap<String, Object>() {

                    {
                        put(Constants.Fields.SRC_ADDR.getName(), "src_ip");
                        put(Constants.Fields.SRC_PORT.getName(), 0);
                        put(Constants.Fields.DST_ADDR.getName(), "dst_ip");
                        put(Constants.Fields.DST_PORT.getName(), 1);
                    }
                };
            }
        };
        filter.configure(config);
        Assert.assertTrue(filter.test(null));
    }
}
Also used : Configuration(org.apache.hadoop.conf.Configuration) HashMap(java.util.HashMap) FixedPcapFilter(org.apache.metron.pcap.filter.fixed.FixedPcapFilter) Test(org.junit.Test)

Example 5 with FixedPcapFilter

use of org.apache.metron.pcap.filter.fixed.FixedPcapFilter in project metron by apache.

the class FixedPcapFilterTest method testMissingDstPort.

@Test
public void testMissingDstPort() throws Exception {
    Configuration config = new Configuration();
    final HashMap<String, String> fields = new HashMap<String, String>() {

        {
            put(Constants.Fields.SRC_ADDR.getName(), "src_ip");
            put(Constants.Fields.SRC_PORT.getName(), "0");
            put(Constants.Fields.DST_ADDR.getName(), "dst_ip");
            put(Constants.Fields.INCLUDES_REVERSE_TRAFFIC.getName(), "false");
        }
    };
    new FixedPcapFilter.Configurator().addToConfig(fields, config);
    {
        FixedPcapFilter filter = new FixedPcapFilter() {

            @Override
            protected HashMap<String, Object> packetToFields(PacketInfo pi) {
                return new HashMap<String, Object>() {

                    {
                        put(Constants.Fields.SRC_ADDR.getName(), "src_ip");
                        put(Constants.Fields.SRC_PORT.getName(), 0);
                        put(Constants.Fields.DST_ADDR.getName(), "dst_ip");
                        put(Constants.Fields.DST_PORT.getName(), 1);
                    }
                };
            }
        };
        filter.configure(config);
        Assert.assertTrue(filter.test(null));
    }
    new FixedPcapFilter.Configurator().addToConfig(fields, config);
    {
        FixedPcapFilter filter = new FixedPcapFilter() {

            @Override
            protected HashMap<String, Object> packetToFields(PacketInfo pi) {
                return new HashMap<String, Object>() {

                    {
                        put(Constants.Fields.SRC_ADDR.getName(), "src_ip");
                        put(Constants.Fields.SRC_PORT.getName(), 0);
                        put(Constants.Fields.DST_ADDR.getName(), "dst_ip");
                        put(Constants.Fields.DST_PORT.getName(), 100);
                    }
                };
            }
        };
        filter.configure(config);
        Assert.assertTrue(filter.test(null));
    }
    new FixedPcapFilter.Configurator().addToConfig(fields, config);
    {
        FixedPcapFilter filter = new FixedPcapFilter() {

            @Override
            protected HashMap<String, Object> packetToFields(PacketInfo pi) {
                return new HashMap<String, Object>() {

                    {
                        put(Constants.Fields.SRC_ADDR.getName(), "src_ip");
                        put(Constants.Fields.SRC_PORT.getName(), 100);
                        put(Constants.Fields.DST_ADDR.getName(), "dst_ip");
                        put(Constants.Fields.DST_PORT.getName(), 100);
                    }
                };
            }
        };
        filter.configure(config);
        Assert.assertFalse(filter.test(null));
    }
}
Also used : Configuration(org.apache.hadoop.conf.Configuration) HashMap(java.util.HashMap) FixedPcapFilter(org.apache.metron.pcap.filter.fixed.FixedPcapFilter) Test(org.junit.Test)

Aggregations

HashMap (java.util.HashMap)6 Configuration (org.apache.hadoop.conf.Configuration)6 FixedPcapFilter (org.apache.metron.pcap.filter.fixed.FixedPcapFilter)6 Test (org.junit.Test)6 Map (java.util.Map)2