boB Rudis
3 years ago
11 changed files with 282 additions and 8 deletions
@ -0,0 +1,59 @@ |
|||||
|
#' Convert an entire PCAP file to JSON |
||||
|
#' |
||||
|
#' @param pcap path to PCAP file ([path.expand()] will be called on this value) |
||||
|
#' @param json path (including filename) to the location where you want the JSON |
||||
|
#' file stored ([path.expand()] will be called on this value) |
||||
|
#' @param protos character vector of protocols to include. (default is all) |
||||
|
#' @param include_child_nodes if `protos` is specified, this logical parameter |
||||
|
#' (default `FALSE`) controls whether child nodes are included. |
||||
|
#' @return (expanded) path to `json` (invisibly) |
||||
|
#' @export |
||||
|
#' @examples |
||||
|
#' tryCatch( |
||||
|
#' pcap_to_json(system.file("pcap", "http.pcap", package = "tsharrk"), tempfile()), |
||||
|
#' error = function(e) message("No tshark") |
||||
|
#' ) |
||||
|
pcap_to_json <- function(pcap, json, protos = c(), include_child_nodes = FALSE) { |
||||
|
|
||||
|
pcap <- path.expand(pcap[1]) |
||||
|
|
||||
|
if (!file.exists(pcap)) { |
||||
|
stop(sprintf("Cannont locate %s", pcap), call.=FALSE) |
||||
|
} |
||||
|
|
||||
|
json <- path.expand(json[1]) |
||||
|
if (!dir.exists(dirname(json))) { |
||||
|
stop(sprintf("Directory %s does not exist", dirname(json)), call.=FALSE) |
||||
|
} |
||||
|
|
||||
|
errf <- tempfile() |
||||
|
on.exit(unlink(errf)) |
||||
|
|
||||
|
protos <- unique(trimws(tolower(as.character(protos)))) |
||||
|
|
||||
|
if (length(protos)) { |
||||
|
j <- if (include_child_nodes) "-J" else "-j" |
||||
|
protos <- c(j, sprintf("'%s'", paste0(protos, collapse = " "))) |
||||
|
} |
||||
|
|
||||
|
args <- c("-T", "json", protos, "-r", pcap) |
||||
|
|
||||
|
# cat(find_tshark(), args, "\n", sep=" ") |
||||
|
|
||||
|
system2( |
||||
|
command = find_tshark(), |
||||
|
args = args, |
||||
|
stderr = errf, |
||||
|
stdout = json |
||||
|
) -> res |
||||
|
|
||||
|
if (res != 0) { |
||||
|
stop( |
||||
|
sprintf("Error creating JSON from PCAP. See %s for more information.", errf), |
||||
|
call.=FALSE |
||||
|
) |
||||
|
} |
||||
|
|
||||
|
invisible(json) |
||||
|
|
||||
|
} |
@ -0,0 +1,50 @@ |
|||||
|
#' Read in a JSON file created with [pcap_to_json()] |
||||
|
#' |
||||
|
#' @param json path to JSON output from [pcap_to_json()]. [path.expand()] will be |
||||
|
#' called on this value. |
||||
|
#' @return `list` classed as `tshark_json` for better `print`ing. |
||||
|
#' @export |
||||
|
ts_read_json <- function(json) { |
||||
|
|
||||
|
json <- path.expand(json[1]) |
||||
|
if (!file.exists(json)) { |
||||
|
stop(sprintf("Cannont locate %s", json), call.=FALSE) |
||||
|
} |
||||
|
|
||||
|
RcppSimdJson::fload( |
||||
|
json = json, |
||||
|
empty_array = list(), |
||||
|
empty_object = list(), |
||||
|
single_null = list() |
||||
|
) -> res |
||||
|
|
||||
|
class(res) <- c("tshark_json", "list") |
||||
|
|
||||
|
invisible(res) |
||||
|
|
||||
|
} |
||||
|
|
||||
|
#' @rdname ts_read_json |
||||
|
#' @export |
||||
|
print.tshark_json <- function(x, ...) { |
||||
|
|
||||
|
info <- sprintf("Capture: %s", x$`_index`[1]) |
||||
|
cat(info, "\n", strrep("─", nchar(info)), "\n", sep="") |
||||
|
|
||||
|
lapply(x$`_source`, function(.x) names(.x$layers)) %>% |
||||
|
sapply(paste0, collapse = " ── ") -> frames |
||||
|
|
||||
|
cat( |
||||
|
paste( |
||||
|
sprintf("%s.", stri_pad_left( |
||||
|
str = 1:length(frames), |
||||
|
width = nchar(as.character(length(frames))), |
||||
|
pad = " " |
||||
|
)), |
||||
|
frames, sep = " " |
||||
|
), |
||||
|
sep = "\n" |
||||
|
) |
||||
|
|
||||
|
} |
||||
|
|
@ -0,0 +1,14 @@ |
|||||
|
#' Pipe operator |
||||
|
#' |
||||
|
#' See \code{magrittr::\link[magrittr:pipe]{\%>\%}} for details. |
||||
|
#' |
||||
|
#' @name %>% |
||||
|
#' @rdname pipe |
||||
|
#' @keywords internal |
||||
|
#' @export |
||||
|
#' @importFrom magrittr %>% |
||||
|
#' @usage lhs \%>\% rhs |
||||
|
#' @param lhs A value or the magrittr placeholder. |
||||
|
#' @param rhs A function call using the magrittr semantics. |
||||
|
#' @return The result of calling `rhs(lhs)`. |
||||
|
NULL |
@ -0,0 +1,31 @@ |
|||||
|
% Generated by roxygen2: do not edit by hand |
||||
|
% Please edit documentation in R/pcap-to-json.R |
||||
|
\name{pcap_to_json} |
||||
|
\alias{pcap_to_json} |
||||
|
\title{Convert an entire PCAP file to JSON} |
||||
|
\usage{ |
||||
|
pcap_to_json(pcap, json, protos = c(), include_child_nodes = FALSE) |
||||
|
} |
||||
|
\arguments{ |
||||
|
\item{pcap}{path to PCAP file (\code{\link[=path.expand]{path.expand()}} will be called on this value)} |
||||
|
|
||||
|
\item{json}{path (including filename) to the location where you want the JSON |
||||
|
file stored (\code{\link[=path.expand]{path.expand()}} will be called on this value)} |
||||
|
|
||||
|
\item{protos}{character vector of protocols to include. (default is all)} |
||||
|
|
||||
|
\item{include_child_nodes}{if \code{protos} is specified, this logical parameter |
||||
|
(default \code{FALSE}) controls whether child nodes are included.} |
||||
|
} |
||||
|
\value{ |
||||
|
(expanded) path to \code{json} (invisibly) |
||||
|
} |
||||
|
\description{ |
||||
|
Convert an entire PCAP file to JSON |
||||
|
} |
||||
|
\examples{ |
||||
|
tryCatch( |
||||
|
pcap_to_json(system.file("pcap", "http.pcap", package = "tsharrk"), tempfile()), |
||||
|
error = function(e) message("No tshark") |
||||
|
) |
||||
|
} |
@ -0,0 +1,20 @@ |
|||||
|
% Generated by roxygen2: do not edit by hand |
||||
|
% Please edit documentation in R/utils-pipe.R |
||||
|
\name{\%>\%} |
||||
|
\alias{\%>\%} |
||||
|
\title{Pipe operator} |
||||
|
\usage{ |
||||
|
lhs \%>\% rhs |
||||
|
} |
||||
|
\arguments{ |
||||
|
\item{lhs}{A value or the magrittr placeholder.} |
||||
|
|
||||
|
\item{rhs}{A function call using the magrittr semantics.} |
||||
|
} |
||||
|
\value{ |
||||
|
The result of calling \code{rhs(lhs)}. |
||||
|
} |
||||
|
\description{ |
||||
|
See \code{magrittr::\link[magrittr:pipe]{\%>\%}} for details. |
||||
|
} |
||||
|
\keyword{internal} |
@ -0,0 +1,21 @@ |
|||||
|
% Generated by roxygen2: do not edit by hand |
||||
|
% Please edit documentation in R/read-json.R |
||||
|
\name{ts_read_json} |
||||
|
\alias{ts_read_json} |
||||
|
\alias{print.tshark_json} |
||||
|
\title{Read in a JSON file created with \code{\link[=pcap_to_json]{pcap_to_json()}}} |
||||
|
\usage{ |
||||
|
ts_read_json(json) |
||||
|
|
||||
|
\method{print}{tshark_json}(x, ...) |
||||
|
} |
||||
|
\arguments{ |
||||
|
\item{json}{path to JSON output from \code{\link[=pcap_to_json]{pcap_to_json()}}. \code{\link[=path.expand]{path.expand()}} will be |
||||
|
called on this value.} |
||||
|
} |
||||
|
\value{ |
||||
|
\code{list} classed as \code{tshark_json} for better \code{print}ing. |
||||
|
} |
||||
|
\description{ |
||||
|
Read in a JSON file created with \code{\link[=pcap_to_json]{pcap_to_json()}} |
||||
|
} |
Loading…
Reference in new issue