epita/notes-ing2
1
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

dm secu

Browse source
This commit is contained in:
JOLIMAITRE Matthieu 2024-06-21 03:28:58 +02:00
parent e5959fe81f
commit b4499d3702
4 changed files with 43 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

1
securite/dm/pcap_analyzer/Cargo.lock generated
View file

@ -215,6 +215,7 @@ version = "0.1.0"
dependencies = [
"clap",
"etherparse",
"libc",
"pcap",
]

1
securite/dm/pcap_analyzer/Cargo.toml
View file

@ -6,4 +6,5 @@ edition = "2021"
[dependencies]
clap = { version = "4.5.7", features = ["derive"] }
etherparse = "0.15.0"
libc = "0.2"
pcap = "2.0.0"

27
securite/dm/pcap_analyzer/src/main.rs
View file

@ -21,9 +21,16 @@ fn main() -> Result<(), Box<dyn Error>> {
let mut total = 0;
let mut total_ipv4 = 0;
let mut errs = 0;
let mut first_timestamp = None;
let mut last_timestamp = None;
while let Ok(packet) = pcap.next_packet() {
total += 1;
last_timestamp = Some(packet.header.ts);
if first_timestamp.is_none() {
first_timestamp = last_timestamp;
}
let Ok(packet) = SlicedPacket::from_ethernet(packet.data) else {
errs += 1;
continue;
@ -33,9 +40,17 @@ fn main() -> Result<(), Box<dyn Error>> {
total_ipv4 += 1;
}
}
println!("Count: {total: >9}");
println!("Count IPv4: {total_ipv4: >9}");
println!("Errors: {errs: >9}");
println!("Count: {total: >20}");
println!("Count IPv4: {total_ipv4: >20}");
let non_ipv4 = total - total_ipv4;
println!("non-IPv4 count: {non_ipv4: >20}");
let first_timestamp = first_timestamp.map(tv_to_sec).unwrap_or_default();
println!("First timestamp: {first_timestamp: >20.2}");
let last_timestamp = last_timestamp.map(tv_to_sec).unwrap_or_default();
println!("Last timestamp: {last_timestamp: >20.2}");
let avg_packet = (last_timestamp - first_timestamp) / total as f64;
println!("Avg packet rate: {avg_packet: >20.2}");
println!("Errors: {errs: >20}");
}
}
@ -55,3 +70,9 @@ enum Cmd {
Links,
Stats,
}
fn tv_to_sec(tv: libc::timeval) -> f64 {
let usec_per_sec = 1_000_000;
let usecs = tv.tv_usec + (tv.tv_sec * usec_per_sec);
usecs as f64 / usec_per_sec as f64
}