void CTcpDumpNode::configure(CNodeConfig &config)
{
config.setDescription("Parse the contents received into TCP Packets.");
// Add inputs and outputs
config.addInput("in", "file");
config.addOutput("out", "tcpdump");
}
void CTcpStreamFeaturesNode::configure(CNodeConfig &config)
{
// Add parameters
config.addInt("timezone", "GMT time", "The timezone value.", 0);
config.addBool("split_dest_ip", "Split Destination IP",
"Split each octet of the destination IP address as different features.",
false);
config.addUInt("dest_ip_split_number", "Destination IP Features",
"The number of octets to use as attributes, starting from the "
"least significant to the most significant [1-4]", 4);
config.addBool("split_src_ip", "Split Source IP",
"Split each octet of the source IP address as different attributes.",
false);
config.addUInt("src_ip_split_number", "Source IP Features",
"The number of octets to use as attributes, starting from the "
"least significant to the most significant [1-4]", 4);
config.addUInt("word_count", "Words to Extract",
"The number of words to extract from the data stream as they appear.",
8);
config.addUInt("word_length", "Maximum Length of a Word",
"The number of characters a word can be matched to.", 16);
// Add the gates.
config.addInput("in", "tcpstreams");
config.addOutput("out", "table");
}
void CTcpStreamExtractorNode::configure(CNodeConfig &config)
{
config.setDescription("Extract streams from TCP packets.");
// Add parameters
config.addUInt("payload_size", "TCP Stream Data Size",
"The maximum number of bytes that will be stored for "
"the contents of a TCP stream.",
102400);
config.addBool("dest_filter", "Should destination IPs be filtered?",
"Filter specifiying if IP addresses are filtered "
"for analysis.", false);
config.addString("dest_ip_filter_from", "Starting Valid Destination IP Address",
"The first IP value which will be considered "
"for the analysis.");
config.addString("dest_ip_filter_to", "End Valid Destination IP Address",
"The last IP value which will be taken into account.");
config.addUInt("dest_port_filter_from", "Starting Valid Destination Port",
"Packages that target a destination port above this "
"parameter are accepted.",0);
config.addUInt("dest_port_filter_to", "Last Valid Destination Port",
"Packages targeting a destination port below this "
"parameter are accepted", 1024);
// Add the gates.
config.addInput("in", "tcpdump");
config.addOutput("out", "tcpstreams");
}
void CFileNode::configure(CNodeConfig &config)
{
// Add parameters
config.addFilename("input_file", "Input File",
"Path of the file to read from disk.");
config.addBool("binary", "Binary format",
"Parse the file contents as binary data.", true);
config.setCategory("Input");
// Add inputs and outputs
config.addOutput("out", "file");
}
void CMawiLabelsNode::configure(CNodeConfig &config)
{
// Set a Description of this node.
config.setDescription("Parse a file as an XML of labeled anomalies "
"from the MAWI dataset.");
// Add parameters
//config.addFilename("input_file", "XML File", "XML file containing the anomalies.");
// Add the gates.
config.addInput("in", "file");
config.addOutput("out", "table");
}
void CPythonNode::configure(CNodeConfig &config)
{
config.setDescription("Run Python scripts as nodes.");
config.setCategory("Script");
// Add parameters
config.addFilename("input_script", "Python Script", "Python script to execute.");
// Add the gates.
config.addInput("in_table", "table");
config.addInput("in_flow", "tcpstreams");
config.addOutput("out", "table");
}
bool CNodeMesh::addNode(QVariantMap &node_json)
{
CLogInfo log;
CNodeConfig conf;
bool ok;
QString node_name;
QString node_class;
QString node_desc("");
QString node_category("");
QVariant v;
v = node_json["name"];
if(v.isValid()) {
node_name = v.toString();
}
v = node_json["class"];
if(v.isValid()) {
node_class = v.toString();
}
// Optional in the json file.
v = node_json["description"];
if(v.isValid()) {
node_desc = v.toString();
}
//Get the category
v = node_json["category"];
if(v.isValid()) {
node_category = v.toString();
}
// Verify that this Node was defined properly.
if(node_name.isEmpty() || node_class.isEmpty()) {
log.setMsg("The JSON Node definition did not include class or name.");
log.setSrc(CLogInfo::ESource::framework);
log.setStatus(CLogInfo::EStatus::warning);
log.setTime(QDateTime::currentDateTime());
log.print();
return false;
}
// Verify that a Node with the same name does not exist already in the map.
if(m_nodes.contains(node_name)) {
log.setMsg(
QString("A node with the name '%1' has already been added to the mesh.")
.arg(node_name));
log.setSrc(CLogInfo::ESource::framework);
log.setStatus(CLogInfo::EStatus::warning);
log.setTime(QDateTime::currentDateTime());
log.print();
return false;
}
// Verify that the requested node class is available.
ok = CNodeFactory::instance().nodeAvailable(node_class);
if(!ok) {
log.setMsg(
QString("Cannot create the node '%1'. The node class '%2' does not exist.")
.arg(node_class));
log.setName("Anise");
log.setSrc(CLogInfo::ESource::framework);
log.setStatus(CLogInfo::EStatus::error);
log.setTime(QDateTime::currentDateTime());
log.print();
return false;
}
// Get the configuration template of the requested node.
ok = CNodeFactory::instance().configTemplate(
node_class, conf);
if(!ok) {
// The template for the desired Node class was not found.
log.setMsg(
QString("The node class '%1' failed to set its config template.")
.arg(node_name));
log.setName("Anise");
log.setSrc(CLogInfo::ESource::framework);
log.setStatus(CLogInfo::EStatus::warning);
log.setTime(QDateTime::currentDateTime());
log.print();
return false;
}
// Set the node name.
conf.setName(node_name);
// Add a description if it was supplied.
if(!node_desc.isEmpty()) {
conf.setDescription(node_desc);
}
// Add a category if it was supplied.
if(!node_category.isEmpty()) {
conf.setCategory(node_category);
}
// Set the node Parameters.
for(QVariant p : node_json["params"].toList()) {
QVariantMap param = p.toMap();
for(QVariant key : param.keys()) {
ok = conf.setParameter(key.toString(), param.value(key.toString()));
if(!ok) {
log.setMsg(QString("Failed to set the parameter '%1' in Node '%2'.")
.arg(key.toString(), node_name));
log.setSrc(CLogInfo::ESource::framework);
log.setStatus(CLogInfo::EStatus::error);
log.setTime(QDateTime::currentDateTime());
log.print();
return false;
}
}
}
// Create the node we've been asked for.
CNode *node = CNodeFactory::instance().createNode(node_class, conf);
if(node == nullptr) {
log.setMsg("Could not create Node " + node_class + " .");
log.setSrc(CLogInfo::ESource::framework);
log.setStatus(CLogInfo::EStatus::warning);
log.setTime(QDateTime::currentDateTime());
log.print();
return false;
}
m_nodes.insert(node_name, QSharedPointer<CNode>(node));
// Keep track of the processing status of the node.
QObject::connect(node, SIGNAL(processing(bool)),
this, SLOT(onNodeProcessing(bool)));
return true;
}