From aaba72658cabdcbacd69c9fb26d9ad13e54ec6a1 Mon Sep 17 00:00:00 2001 From: JOLIMAITRE Matthieu Date: Fri, 21 Jun 2024 03:42:56 +0200 Subject: [PATCH] dm secu --- securite/dm/pcap_analyzer/src/main.rs | 29 ++++++++++++++++++--------- securite/dm/rapport.md | 20 ++++++++++++++---- 2 files changed, 36 insertions(+), 13 deletions(-) diff --git a/securite/dm/pcap_analyzer/src/main.rs b/securite/dm/pcap_analyzer/src/main.rs index cdc69aa..e20c22e 100644 --- a/securite/dm/pcap_analyzer/src/main.rs +++ b/securite/dm/pcap_analyzer/src/main.rs @@ -1,4 +1,4 @@ -use std::{error::Error, path::PathBuf}; +use std::{collections::HashMap, error::Error, ops::AddAssign, path::PathBuf}; use clap::{Parser, Subcommand}; use etherparse::{NetSlice, SlicedPacket}; @@ -23,6 +23,8 @@ fn main() -> Result<(), Box> { let mut errs = 0; let mut first_timestamp = None; let mut last_timestamp = None; + let mut protocols = HashMap::new(); + while let Ok(packet) = pcap.next_packet() { total += 1; @@ -36,22 +38,31 @@ fn main() -> Result<(), Box> { continue; }; - if let Some(NetSlice::Ipv4(_)) = packet.net { + if let Some(NetSlice::Ipv4(ipv4)) = packet.net { + let protocol = ipv4.header().protocol(); + protocols.entry(protocol).or_insert(0).add_assign(1); total_ipv4 += 1; } } - println!("Count: {total: >20}"); - println!("Count IPv4: {total_ipv4: >20}"); + println!("Count: {total: >14}"); + println!("Count IPv4: {total_ipv4: >14}"); let non_ipv4 = total - total_ipv4; - println!("non-IPv4 count: {non_ipv4: >20}"); + println!("non-IPv4 count: {non_ipv4: >14}"); let first_timestamp = first_timestamp.map(tv_to_sec).unwrap_or_default(); - println!("First timestamp: {first_timestamp: >20.2}"); + println!("First timestamp: {first_timestamp: >14.2}"); let last_timestamp = last_timestamp.map(tv_to_sec).unwrap_or_default(); - println!("Last timestamp: {last_timestamp: >20.2}"); + println!("Last timestamp: {last_timestamp: >14.2}"); let avg_packet = (last_timestamp - first_timestamp) / total as f64; - println!("Avg packet rate: {avg_packet: >20.4}"); - println!("Errors: {errs: >20}"); + println!("Avg packet rate: {avg_packet: >14.4}"); + println!("Errors: {errs: >14}"); + + let mut protocols: Vec<_> = protocols.into_iter().collect(); + protocols.sort_by_key(|(_, count)| *count); + println!("Main Protocols:"); + for (num, count) in protocols.into_iter().take(5) { + println!("- {num:?} {count: >14}"); + } } } diff --git a/securite/dm/rapport.md b/securite/dm/rapport.md index 343e633..2989c29 100644 --- a/securite/dm/rapport.md +++ b/securite/dm/rapport.md @@ -163,13 +163,25 @@ Le PcapNg introduit les fonctionnalités suivantes : ```sh pcap_analyzer ./trace2.pcap stats -# Count: 30611000 -# Count IPv4: 28893393 -# non-IPv4 count: 1717607 +# Count: 30611000 +# Count IPv4: 28893393 +# non-IPv4 count: 1717607 +# First timestamp: 1474265898.92 +# Last timestamp: 1474309098.10 +# Avg packet rate: 0.0014 +# Errors: 1717607 ``` La trace contient 28 893 393 paquets IPv4. #### How many non-IPv4 packets does the trace contain (as non-IPv4 count:)? -La trace contient 1 717 607 paquets non-IPv4. \ No newline at end of file +La trace contient 1 717 607 paquets non-IPv4. + +#### What is the timestamp of the first packet in the trace, including at least two decimal places. (as First timestamp:)? + +Le timestamp du premier paquet de la trace est 1 474 265 898.92 secondes. + +#### What is the average packet rate (in packets per second to two decimal places) of the trace (as Avg packet rate:)? + +Le taux de paquets de la trace est 0.0014 paquet par seconde.