bool CPythonNode::data(QString gate_name, const CConstDataPointer &data) { Q_UNUSED(gate_name); if(data->getType() == "table") { // Get the table data structured received. QSharedPointer<const CTableData> p_table = data.staticCast<const CTableData>(); // Create a table data structure to forward. QSharedPointer<CTableData> result_table = QSharedPointer<CTableData>( static_cast<CTableData *>(createData("table"))); QString script_name = getConfig().getParameter("input_script")->value.toString(); // Start a new python context independant of any other. PythonQtObjectPtr module = PythonQt::self()->createUniqueModule(); // Evaluate the user-supplied python script. module.evalFile(script_name); // Call the 'main' function of the user script with the received table // ... and a table that will contatin the results as arguments. QVariant result = module.call("main", QVariantList() << QVariant::fromValue(p_table.data()) << QVariant::fromValue(result_table.data())); if(result.toBool()) { commit("out", result_table); } return true; } else if(data->getType() == "tcpstreams") { // The TCP Streams data structure. QSharedPointer<const CTcpStreamsData> p_flows = data.staticCast<const CTcpStreamsData>(); // Create a table data structure to forward. QSharedPointer<CTableData> result_table = QSharedPointer<CTableData>( static_cast<CTableData *>(createData("table"))); QString script_name = getConfig().getParameter("input_script")->value.toString(); // Start a new python context independant of any other. PythonQtObjectPtr module = PythonQt::self()->createUniqueModule(); // Evaluate the user-supplied python script. module.evalFile(script_name); // Call the 'main' function of the user script with the received table // ... and a table that will contatin the results as arguments. QVariant result = module.call("main", QVariantList() << QVariant::fromValue(p_flows.data()) << QVariant::fromValue(result_table.data())); // If the python script returned true, commit the results' table. if(result.toBool()) { commit("out", result_table); } return true; } return false; }
bool CFileNode::data(QString gate_name, const CConstDataPointer &data) { // No input gates. Q_UNUSED(gate_name); if(data->getType() == "message") { auto pmsg = data.staticCast<const CMessageData>(); QString msg = pmsg->getMessage(); if(msg == "start") { // Create and read the file. QSharedPointer<CFileData> file_data = QSharedPointer<CFileData>( static_cast<CFileData *>(createData("file"))); QVariant filename = getConfig().getParameter("input_file")->value; QVariant binary = getConfig().getParameter("binary")->value; if(!file_data.isNull() && file_data->readFile(filename.toString(), binary.toBool())) { commit("out", file_data); } else { commitError("out", "Could not read file."); } return true; } } return false; }
bool CTcpStreamExtractorNode::data(QString gate_name, const CConstDataPointer &data) { // No need to track gates. Q_UNUSED(gate_name); QString info; if(data->getType() == "tcpdump") { auto tcp_dump = data.staticCast<const CTcpDumpData>(); // User parameters. QHostAddress addr_from; QHostAddress addr_to; quint32 ip_from = 0; quint32 ip_to = 0; quint16 port_from = 0; quint16 port_to = 0; bool dest_filter = getConfig().getParameter("dest_filter")->value.toBool(); if(dest_filter) { // Get the destination IP to ranges to filter. QString dest_filter_from = getConfig(). getParameter("dest_ip_filter_from")->value.toString(); QString dest_filter_to = getConfig(). getParameter("dest_ip_filter_to")->value.toString(); addr_from = dest_filter_from; addr_to = dest_filter_to; ip_from = addr_from.toIPv4Address(); ip_to = addr_to.toIPv4Address(); // Get the destination port range to filter. port_from = getConfig(). getParameter("dest_port_filter_from")->value.toUInt(); port_to = getConfig(). getParameter("dest_port_filter_to")->value.toUInt(); } qint32 packet_count = tcp_dump->availablePackets(); for(qint32 i = 0; i < packet_count; ++i) { QSharedPointer<const CTcpDumpPacket> packet = tcp_dump->getPacket(i); if(dest_filter) { if(packet->dest() < ip_from || packet->dest() >= ip_to || packet->dest_port() < port_from || packet->dest_port() > port_to) { // Skip this package as it's outside the filter range. continue; } } m_tcp_streams->addTcpPacket(packet); } <<<<<<< HEAD
bool CTcpDumpNode::data(QString gate_name, const CConstDataPointer &data) { // No need to track gates. Q_UNUSED(gate_name); if(data->getType() == "file") { QSharedPointer<const CFileData> file = data.staticCast<const CFileData>(); QSharedPointer<CTcpDumpData> tcpdump = QSharedPointer<CTcpDumpData>( static_cast<CTcpDumpData *>(createData("tcpdump"))); setProgress(0); tcpdump->setNodeReporter(this); tcpdump->parse(file->getBytes()); <<<<<<< HEAD
void CNode::processData(QString gate_name, const CConstDataPointer &data) { // Can we process this message now or should we keep it in a queue for later // ... processing? if(isProcessing()) { qDebug() << "The node" << m_config.getName() << "is queuing the data type" << data->getType(); // Store the name of the gate and the data it is sending in the queue. QPair<QString, CConstDataPointer> gate_and_data; gate_and_data.first = gate_name; gate_and_data.second = data; m_processing_queue.enqueue(gate_and_data); } else { // Set the node as processing something. setProcessing(true); // Setup and start the task in another thread. startGateTask(gate_name, data); } }
bool CMawiLabelsNode::data(QString gate_name, const CConstDataPointer &data) { Q_UNUSED(gate_name); // Process input files. if(data->getType() == "file") { // The file to read. auto p_file = data.staticCast<const CFileData>(); // The table to output the anomalies. QSharedPointer<CTableData> table_data = createTable(); // Place the anomaly labels of the XML file into a table. if(parseMawiXml(p_file->getBytes(), table_data)) { // Pass the table of anomalies forward. commit("out", table_data); } else { commitError("out", "MAWI labels could not be parsed correctly."); } return true; } return false; }