Bugfix: packet parser
* Corrected the acquisition of GRE header length
* Check whether the total length of IP is less than the length of IP header
This commit is contained in:
luwenpeng
@@ -18,26 +18,38 @@ function preprocess_tshark_ouput() {
|
||||
output_file=$2
|
||||
cp ${input_file} ${output_file}
|
||||
kv_array=(
|
||||
":data" ""
|
||||
":tcp:pptp" ":tcp"
|
||||
":tcp-text-lines" ":tcp"
|
||||
":icmp:ip:udp" ":icmp"
|
||||
":icmpv6:ipv6:udp" ":icmpv6"
|
||||
":ieee8021ad" ":vlan"
|
||||
":x509sat" ""
|
||||
":x509ce" ""
|
||||
":pkix1implicit" ""
|
||||
":pkix1explicit" ""
|
||||
":data-text-lines" ""
|
||||
":http-text-lines" ""
|
||||
":websocket" ""
|
||||
":ssl" ""
|
||||
":ftp-data" ""
|
||||
":x11" ""
|
||||
":ntp" ""
|
||||
":rip" ""
|
||||
":isakmp" ""
|
||||
":esp" ""
|
||||
":udpencap" ""
|
||||
":sip:sdp" ""
|
||||
":sip" ""
|
||||
":sdp" ""
|
||||
":rtcp" ""
|
||||
":rtp" ""
|
||||
":ssh" ""
|
||||
":dns" ""
|
||||
":ssl" ""
|
||||
":gquic" ""
|
||||
":http-text-lines" ""
|
||||
":http" ""
|
||||
":http:data-text-lines" ""
|
||||
":http:data" ""
|
||||
":msmms" ""
|
||||
":bfd" ""
|
||||
":ftp-data-text-lines" ""
|
||||
":ftp" ""
|
||||
":ssdp" ""
|
||||
":mdns" ""
|
||||
":radius" ""
|
||||
@@ -48,21 +60,23 @@ function preprocess_tshark_ouput() {
|
||||
":oicq" ""
|
||||
":json" ""
|
||||
":media" ""
|
||||
":x11" ""
|
||||
":telnet" ""
|
||||
":nbss:smb" ""
|
||||
":nbdgm:smb:browser" ""
|
||||
":smb2" ""
|
||||
":nbss" ""
|
||||
":memcache" ""
|
||||
":rtspi" ""
|
||||
":rdt" ""
|
||||
":rtsp" ""
|
||||
":nbns" ""
|
||||
":nbdgm:smb:browser" ""
|
||||
":lcp" ""
|
||||
":chap" ""
|
||||
":ipcp" ""
|
||||
":comp_data" ""
|
||||
":ccp" ""
|
||||
":snmp" ""
|
||||
":socks:http:data" ""
|
||||
":socks:http" ""
|
||||
":socks" ""
|
||||
":bgp" ""
|
||||
":eigrp" ""
|
||||
@@ -72,27 +86,40 @@ function preprocess_tshark_ouput() {
|
||||
":vssmonitoring" ""
|
||||
":mndp" ""
|
||||
":websocket-text-lines" ""
|
||||
":websocket" ""
|
||||
":image-jfif" ""
|
||||
":png" ""
|
||||
":pkix1implicit" ""
|
||||
":x509sat" ""
|
||||
":x509ce" ""
|
||||
":pkix1explicit" ""
|
||||
":llmnr" ""
|
||||
":pkcs-1" ""
|
||||
":bitcoin:bitcoin" ""
|
||||
":bitcoin" ""
|
||||
":image-gif" ""
|
||||
":dhcpv6" ""
|
||||
":tcp:pptp" ":tcp"
|
||||
":ieee8021ad" ":vlan"
|
||||
":tcp-text-lines" ":tcp"
|
||||
":arp" ""
|
||||
":ccsrl" ""
|
||||
":h245" ""
|
||||
":srp" ""
|
||||
":amr" ""
|
||||
":mp4v-es" ""
|
||||
":ajp13" ""
|
||||
":ocsp" ""
|
||||
":irc" ""
|
||||
":http" ""
|
||||
":ftp" ""
|
||||
":data" ""
|
||||
":sctp:m3ua" ""
|
||||
":sctp" ""
|
||||
":teredo:ipv6:udp" ""
|
||||
":teredo:ipv6:tcp" ""
|
||||
":teredo:ipv6:icmpv6" ""
|
||||
":teredo:ipv6:gre:ip:udp" ""
|
||||
":igmp" ""
|
||||
":icmp:ip:tcp" ":icmp"
|
||||
":pwethheuristic:pwethnocw" ""
|
||||
)
|
||||
for ((i = 0; i < ${#kv_array[@]}; i += 2)); do
|
||||
key=${kv_array[i]}
|
||||
val=${kv_array[i + 1]}
|
||||
sed "s/$key/$val/g" ${output_file} >${output_file}.tmp
|
||||
mv ${output_file}.tmp ${output_file}
|
||||
sed -i "s/$key/$val/g" ${output_file}
|
||||
done
|
||||
}
|
||||
|
||||
@@ -107,8 +134,7 @@ function preprocess_parser_ouput() {
|
||||
for ((i = 0; i < ${#kv_array[@]}; i += 2)); do
|
||||
key=${kv_array[i]}
|
||||
val=${kv_array[i + 1]}
|
||||
sed "s/$key/$val/g" ${output_file} >${output_file}.tmp
|
||||
mv ${output_file}.tmp ${output_file}
|
||||
sed -i "s/$key/$val/g" ${output_file}
|
||||
done
|
||||
}
|
||||
|
||||
@@ -149,7 +175,10 @@ for pcap in "${pcap_files[@]}"; do
|
||||
fi
|
||||
done
|
||||
|
||||
printf "\033[32m\nTotal: ${total_count}, Passed: ${pass_count}, Failed: ${err_count}\033[0m\n"
|
||||
printf "\033[33m Total : ${total_count} \033[0m\n"
|
||||
printf "\033[32m Passed : ${pass_count} \033[0m\n"
|
||||
printf "\033[31m Failed : ${err_count} \033[0m\n"
|
||||
|
||||
if [ "$err_count" -ne 0 ]; then
|
||||
printf "\033[31mFailed pcap files are saved in ${err_pcap_dir}\033[0m\n"
|
||||
printf "\n\033[31m failed pcap: ${err_pcap_dir} \033[0m\n"
|
||||
fi
|
||||
|
||||
Reference in New Issue
Block a user