Class: PStream

Inherits:

Object

• Object
• PStream

Defined in:

lib/pstream.rb

Defined Under Namespace

Classes: Error, Stream

Instance Attribute Summary

• #tcp_streams ⇒ Object

  Returns the value of attribute tcp_streams.

• #udp_streams ⇒ Object

  Returns the value of attribute udp_streams.

Instance Method Summary

• #ciphers ⇒ Object
• #initialize(pcap) ⇒ PStream constructor

  A new instance of PStream.

• #summary ⇒ Object
• #to_s ⇒ Object

Constructor Details

#initialize(pcap) ⇒ PStream

Returns a new instance of PStream.

# File 'lib/pstream.rb', line 40

def initialize(pcap)
    if (ScoobyDoo.where_are_you("tshark").nil?)
        raise PStream::Error::TsharkNotFound.new
    end

    @pcap = Pathname.new(pcap).expand_path

    if (!@pcap.exist?)
        raise PStream::Error::PcapNotFound.new(@pcap)
    elsif (!@pcap.readable?)
        raise PStream::Error::PcapNotReadable.new(@pcap)
    end

    @tcp_streams = get_streams("tcp")
    @udp_streams = get_streams("udp")
end

Instance Attribute Details

#tcp_streams ⇒ Object

Returns the value of attribute tcp_streams.

# File 'lib/pstream.rb', line 5

def tcp_streams
  @tcp_streams
end

#udp_streams ⇒ Object

Returns the value of attribute udp_streams.

# File 'lib/pstream.rb', line 6

def udp_streams
  @udp_streams
end

Instance Method Details

#ciphers ⇒ Object

# File 'lib/pstream.rb', line 8

def ciphers
    # List ciphers during ssl handshake
    out = %x(
        tshark -r #{@pcap} -Y ssl.handshake.ciphersuite -V | \
             \grep -E "Internet Protocol|Hostname:|Cipher Suite"
    )
    return out
end

#summary ⇒ Object

# File 'lib/pstream.rb', line 57

def summary
    ret = Array.new

    # List TCP streams
    ret.push("TCP Streams:")
    count = 0
    @tcp_streams.each do |stream|
        ret.push("#{count} | #{stream.desc} | #{stream.frames}")
        count += 1
    end
    ret.push("")

    # List UDP streams
    ret.push("UDP Streams:")
    count = 0
    @udp_streams.each do |stream|
        ret.push("#{count} | #{stream.desc} | #{stream.frames}")
        count += 1
    end
    ret.push("")

    # List ciphers that were actually selected
    ret.push("Ciphers in use:")
    f = "ssl.handshake.ciphersuite && ssl.handshake.type == 2"
    out = %x(
        tshark -r #{@pcap} -Y "#{f}" -V | \
            \grep -E "Cipher Suite:" | \
            sed -r "s|^ +Cipher Suite: ||g" | sort -u
    )
    ret.concat(out.split("\n"))

    return ret.join("\n")
end

#to_s ⇒ Object

# File 'lib/pstream.rb', line 91

def to_s
    return summary
end