Class: Dorothy::Doro_NAM
- Inherits:
-
Object
- Object
- Dorothy::Doro_NAM
- Defined in:
- lib/dorothy2/NAM.rb
Overview
Dorothy module-class for controlling the network sniffers i.e. tcpdump instances
Instance Method Summary collapse
-
#initialize(namdata) ⇒ Doro_NAM
constructor
Create a dotothy user in the NSM machine, and add this line to the sudoers : dorothy ALL = NOPASSWD: /usr/sbin/tcpdump, /bin/kill.
- #start_sniffer(vmaddress, interface, name, pcaphome) ⇒ Object
- #stop_sniffer(pid) ⇒ Object
Constructor Details
#initialize(namdata) ⇒ Doro_NAM
Create a dotothy user in the NSM machine, and add this line to the sudoers :
dorothy ALL = NOPASSWD: /usr/sbin/tcpdump, /bin/kill
14 15 16 17 18 19 |
# File 'lib/dorothy2/NAM.rb', line 14 def initialize(namdata) @server = namdata[:host] @user= namdata[:user] @pass= namdata[:pass] @port = namdata[:port] end |
Instance Method Details
#start_sniffer(vmaddress, interface, name, pcaphome) ⇒ Object
21 22 23 24 25 26 27 28 29 |
# File 'lib/dorothy2/NAM.rb', line 21 def start_sniffer(vmaddress, interface, name, pcaphome) Net::SSH.start(@server, @user, :password => @pass, :port =>@port) do |@ssh| # @ssh.exec "nohup sudo tcpdump -i eth0 -s 1514 -w ~/pcaps/#{name}.pcap host #{vmaddress} > blah.log 2>&1 & " @ssh.exec "nohup sudo tcpdump -i #{interface} -s 1514 -w #{pcaphome}/#{name}.pcap host #{vmaddress} > log.tmp 2>&1 & " t = @ssh.exec!"ps aux |grep #{vmaddress}|grep -v grep|grep -v bash" pid = t.split(" ")[1] return pid.to_i end end |
#stop_sniffer(pid) ⇒ Object
31 32 33 34 35 36 |
# File 'lib/dorothy2/NAM.rb', line 31 def stop_sniffer(pid) Net::SSH.start(@server, @user, :password => @pass, :port =>@port) do |ssh| ssh.exec "sudo kill -2 #{pid}" #LOGGER.info "[NAM]".yellow + "Tcpdump instance #{pid} stopped" end end |