Merge pull request #470 from anarkiwi/parselabels

Incremental parsing of labels from pcap names.
faucetsdn · Nov 22, 2019 · 787e03b · 787e03b
2 parents 72d8b7a + 517f056
commit 787e03b
Show file tree

Hide file tree

Showing 2 changed files with 37 additions and 0 deletions.
diff --git a/networkml/algorithms/base.py b/networkml/algorithms/base.py
@@ -99,6 +99,29 @@ def parse_pcap_name(base_pcap):
             pcap_key = base_pcap.split('.')[0]
         return (pcap_key, pcap_labels)
 
+    @staticmethod
+    def parse_pcap_labels(pcap_labels_str):
+        pcap_labels = {
+            'ip_lowest_port': None,
+            'ip_proto': None,
+            'ip_version': None,
+            'ip_app': None,
+        }
+        pcap_label_res = {
+            'ip_lowest_port': re.compile(r'.*port-(\d+).*'),
+            'ip_proto': re.compile(r'.+\-(arp|icmp|icmp6|udp|tcp)\-.+'),
+            'ip_app': re.compile(r'.+\-(bootp|dns|esp|ftp|http|ssl|ntp)\-.+'),
+        }
+        for field, label_re in pcap_label_res.items():
+            match = label_re.match(pcap_labels_str)
+            if match:
+                pcap_labels[field] = match.group(1)
+        if 'ipv6' in pcap_labels_str:
+            pcap_labels['ip_version'] = 6
+        elif pcap_labels['ip_proto'] is not None:
+            pcap_labels['ip_version'] = 4
+        return pcap_labels
+
     def publish_message(self, message, close=False):
         if self.common.use_rabbit:
             uid = os.getenv('id', 'None')

diff --git a/tests/test_basealgorithm.py b/tests/test_basealgorithm.py
@@ -20,6 +20,20 @@ def test_parse_pcap_name():
         None, None)
 
 
+def test_parse_pcap_labels():
+    instance = BaseAlgorithm()
+    for label_str, result in (
+         ('ip-8-8-8-8-192-168-254-254-8-8-8-8-ssl-ip-frame-wsshort-eth-tcp-port-443',
+             {'ip_lowest_port': '443', 'ip_proto': 'tcp', 'ip_version': 4, 'ip_app': 'ssl'}),
+         ('ip-17-253-110-125-17-253-110-125-192-168-3-2-wsshort-udp-ip-ntp-frame-eth-port-123',
+             {'ip_lowest_port': '123', 'ip_proto': 'udp', 'ip_version': 4, 'ip_app': 'ntp'})):
+        assert instance.parse_pcap_labels(label_str) == result
+
+def test_has_avx():
+    instance = BaseAlgorithm()
+    assert isinstance(instance.has_avx(), bool)
+
+
 def test_basealgorithm():
     instance = BaseAlgorithm()