Module: PcapTools::Loader

Defined in:
lib/pcap_tools/loader.rb

Defined Under Namespace

Classes: MyParser

Class Method Summary collapse

Class Method Details

.load_file(f, options = {}, &block) ⇒ Object 



95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
 
# File 'lib/pcap_tools/loader.rb', line 95

def self.load_file f, options = {}, &block
  tshark_executable = options[:tshark] || "tshark"
  accepted_protocols = ["geninfo", "tcp", "ip", "eth", "sll", "frame"]
  accepted_protocols += options[:accepted_protocols] if options[:accepted_protocols]
  profile_name = "pcap_tools"
  profile_dir = "#{ENV['HOME']}/.wireshark/profiles/#{profile_name}"
  unless File.exist? "#{profile_dir}/disabled_protos"
    status = POpen4::popen4("#{tshark_executable} -G protocols") do |stdout, stderr, stdin, pid|
      list = stdout.read.split("\n").map { |x| x.split(" ").last }.reject { |x| accepted_protocols.include? x }
      FileUtils.mkdir_p profile_dir
      File.open("#{profile_dir}/disabled_protos", "w") { |io| io.write(list.join("\n") + "\n") }
    end
    raise "Tshark execution error when listing protocols" unless status.exitstatus == 0
  end
  status = POpen4::popen4("#{tshark_executable} -n -C #{profile_name} -T pdml -r #{f}") do |stdout, stderr, stdin, pid|
    Ox.sax_parse(MyParser.new(block), stdout)
    $stderr.puts stderr.read
  end
  raise "Tshark execution error with file #{f}" unless status.exitstatus == 0
end