Module: PcapTools::Loader
- Defined in:
- lib/pcap_tools/loader.rb
Defined Under Namespace
Classes: MyParser
Class Method Summary collapse
Class Method Details
.load_file(f, options = {}, &block) ⇒ Object
103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 |
# File 'lib/pcap_tools/loader.rb', line 103 def self.load_file f, = {}, &block if [:pdml] f = File.open(f, 'rb') Ox.sax_parse(MyParser.new(, block), f) f.close else tshark_executable = [:tshark] || "tshark" accepted_protocols = ["geninfo", "tcp", "ip", "eth", "sll", "frame", "null", "ethertype"] accepted_protocols += [:accepted_protocols] if [:accepted_protocols] profile_name = "pcap_tools" profile_dir = "#{ENV['HOME']}/.wireshark/profiles/#{profile_name}" status = POpen4::popen4("#{tshark_executable} -v") do |stdout, stderr, stdin, pid| end raise "#{tshark_executable} not found" unless status unless File.exist? "#{profile_dir}/disabled_protos" status = POpen4::popen4("#{tshark_executable} -G protocols") do |stdout, stderr, stdin, pid| list = stdout.read.split("\n").map { |x| x.split(" ").last }.reject { |x| accepted_protocols.include? x } FileUtils.mkdir_p profile_dir File.open("#{profile_dir}/disabled_protos", "w") { |io| io.write(list.join("\n") + "\n") } end raise "#{tshark_executable} execution error when listing protocols" unless status.exitstatus == 0 end status = POpen4::popen4("#{tshark_executable} -n -C #{profile_name} -T pdml -r #{f}") do |stdout, stderr, stdin, pid| Ox.sax_parse(MyParser.new(, block), stdout) $stderr.puts stderr.read end raise "#{tshark_executable} execution error with file #{f}" unless status.exitstatus == 0 end end |