boB Rudis
3 years ago
11 changed files with 282 additions and 8 deletions
@ -0,0 +1,59 @@ |
|||
#' Convert an entire PCAP file to JSON |
|||
#' |
|||
#' @param pcap path to PCAP file ([path.expand()] will be called on this value) |
|||
#' @param json path (including filename) to the location where you want the JSON |
|||
#' file stored ([path.expand()] will be called on this value) |
|||
#' @param protos character vector of protocols to include. (default is all) |
|||
#' @param include_child_nodes if `protos` is specified, this logical parameter |
|||
#' (default `FALSE`) controls whether child nodes are included. |
|||
#' @return (expanded) path to `json` (invisibly) |
|||
#' @export |
|||
#' @examples |
|||
#' tryCatch( |
|||
#' pcap_to_json(system.file("pcap", "http.pcap", package = "tsharrk"), tempfile()), |
|||
#' error = function(e) message("No tshark") |
|||
#' ) |
|||
pcap_to_json <- function(pcap, json, protos = c(), include_child_nodes = FALSE) { |
|||
|
|||
pcap <- path.expand(pcap[1]) |
|||
|
|||
if (!file.exists(pcap)) { |
|||
stop(sprintf("Cannont locate %s", pcap), call.=FALSE) |
|||
} |
|||
|
|||
json <- path.expand(json[1]) |
|||
if (!dir.exists(dirname(json))) { |
|||
stop(sprintf("Directory %s does not exist", dirname(json)), call.=FALSE) |
|||
} |
|||
|
|||
errf <- tempfile() |
|||
on.exit(unlink(errf)) |
|||
|
|||
protos <- unique(trimws(tolower(as.character(protos)))) |
|||
|
|||
if (length(protos)) { |
|||
j <- if (include_child_nodes) "-J" else "-j" |
|||
protos <- c(j, sprintf("'%s'", paste0(protos, collapse = " "))) |
|||
} |
|||
|
|||
args <- c("-T", "json", protos, "-r", pcap) |
|||
|
|||
# cat(find_tshark(), args, "\n", sep=" ") |
|||
|
|||
system2( |
|||
command = find_tshark(), |
|||
args = args, |
|||
stderr = errf, |
|||
stdout = json |
|||
) -> res |
|||
|
|||
if (res != 0) { |
|||
stop( |
|||
sprintf("Error creating JSON from PCAP. See %s for more information.", errf), |
|||
call.=FALSE |
|||
) |
|||
} |
|||
|
|||
invisible(json) |
|||
|
|||
} |
@ -0,0 +1,50 @@ |
|||
#' Read in a JSON file created with [pcap_to_json()] |
|||
#' |
|||
#' @param json path to JSON output from [pcap_to_json()]. [path.expand()] will be |
|||
#' called on this value. |
|||
#' @return `list` classed as `tshark_json` for better `print`ing. |
|||
#' @export |
|||
ts_read_json <- function(json) { |
|||
|
|||
json <- path.expand(json[1]) |
|||
if (!file.exists(json)) { |
|||
stop(sprintf("Cannont locate %s", json), call.=FALSE) |
|||
} |
|||
|
|||
RcppSimdJson::fload( |
|||
json = json, |
|||
empty_array = list(), |
|||
empty_object = list(), |
|||
single_null = list() |
|||
) -> res |
|||
|
|||
class(res) <- c("tshark_json", "list") |
|||
|
|||
invisible(res) |
|||
|
|||
} |
|||
|
|||
#' @rdname ts_read_json |
|||
#' @export |
|||
print.tshark_json <- function(x, ...) { |
|||
|
|||
info <- sprintf("Capture: %s", x$`_index`[1]) |
|||
cat(info, "\n", strrep("─", nchar(info)), "\n", sep="") |
|||
|
|||
lapply(x$`_source`, function(.x) names(.x$layers)) %>% |
|||
sapply(paste0, collapse = " ── ") -> frames |
|||
|
|||
cat( |
|||
paste( |
|||
sprintf("%s.", stri_pad_left( |
|||
str = 1:length(frames), |
|||
width = nchar(as.character(length(frames))), |
|||
pad = " " |
|||
)), |
|||
frames, sep = " " |
|||
), |
|||
sep = "\n" |
|||
) |
|||
|
|||
} |
|||
|
@ -0,0 +1,14 @@ |
|||
#' Pipe operator |
|||
#' |
|||
#' See \code{magrittr::\link[magrittr:pipe]{\%>\%}} for details. |
|||
#' |
|||
#' @name %>% |
|||
#' @rdname pipe |
|||
#' @keywords internal |
|||
#' @export |
|||
#' @importFrom magrittr %>% |
|||
#' @usage lhs \%>\% rhs |
|||
#' @param lhs A value or the magrittr placeholder. |
|||
#' @param rhs A function call using the magrittr semantics. |
|||
#' @return The result of calling `rhs(lhs)`. |
|||
NULL |
@ -0,0 +1,31 @@ |
|||
% Generated by roxygen2: do not edit by hand |
|||
% Please edit documentation in R/pcap-to-json.R |
|||
\name{pcap_to_json} |
|||
\alias{pcap_to_json} |
|||
\title{Convert an entire PCAP file to JSON} |
|||
\usage{ |
|||
pcap_to_json(pcap, json, protos = c(), include_child_nodes = FALSE) |
|||
} |
|||
\arguments{ |
|||
\item{pcap}{path to PCAP file (\code{\link[=path.expand]{path.expand()}} will be called on this value)} |
|||
|
|||
\item{json}{path (including filename) to the location where you want the JSON |
|||
file stored (\code{\link[=path.expand]{path.expand()}} will be called on this value)} |
|||
|
|||
\item{protos}{character vector of protocols to include. (default is all)} |
|||
|
|||
\item{include_child_nodes}{if \code{protos} is specified, this logical parameter |
|||
(default \code{FALSE}) controls whether child nodes are included.} |
|||
} |
|||
\value{ |
|||
(expanded) path to \code{json} (invisibly) |
|||
} |
|||
\description{ |
|||
Convert an entire PCAP file to JSON |
|||
} |
|||
\examples{ |
|||
tryCatch( |
|||
pcap_to_json(system.file("pcap", "http.pcap", package = "tsharrk"), tempfile()), |
|||
error = function(e) message("No tshark") |
|||
) |
|||
} |
@ -0,0 +1,20 @@ |
|||
% Generated by roxygen2: do not edit by hand |
|||
% Please edit documentation in R/utils-pipe.R |
|||
\name{\%>\%} |
|||
\alias{\%>\%} |
|||
\title{Pipe operator} |
|||
\usage{ |
|||
lhs \%>\% rhs |
|||
} |
|||
\arguments{ |
|||
\item{lhs}{A value or the magrittr placeholder.} |
|||
|
|||
\item{rhs}{A function call using the magrittr semantics.} |
|||
} |
|||
\value{ |
|||
The result of calling \code{rhs(lhs)}. |
|||
} |
|||
\description{ |
|||
See \code{magrittr::\link[magrittr:pipe]{\%>\%}} for details. |
|||
} |
|||
\keyword{internal} |
@ -0,0 +1,21 @@ |
|||
% Generated by roxygen2: do not edit by hand |
|||
% Please edit documentation in R/read-json.R |
|||
\name{ts_read_json} |
|||
\alias{ts_read_json} |
|||
\alias{print.tshark_json} |
|||
\title{Read in a JSON file created with \code{\link[=pcap_to_json]{pcap_to_json()}}} |
|||
\usage{ |
|||
ts_read_json(json) |
|||
|
|||
\method{print}{tshark_json}(x, ...) |
|||
} |
|||
\arguments{ |
|||
\item{json}{path to JSON output from \code{\link[=pcap_to_json]{pcap_to_json()}}. \code{\link[=path.expand]{path.expand()}} will be |
|||
called on this value.} |
|||
} |
|||
\value{ |
|||
\code{list} classed as \code{tshark_json} for better \code{print}ing. |
|||
} |
|||
\description{ |
|||
Read in a JSON file created with \code{\link[=pcap_to_json]{pcap_to_json()}} |
|||
} |
Loading…
Reference in new issue