Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update netflowlabeler.py #patch #20

Merged
merged 9 commits into from
May 19, 2023
Merged

Update netflowlabeler.py #patch #20

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
9 commits
Select commit Hold shift + click to select a range
94bb9c6
Update netflowlabeler.py #patch
verovaleros May 19, 2023
f715c51
Merge branch 'main' into feat_update-author-text
verovaleros May 19, 2023
368077c
Merge branch 'main' into feat_update-author-text
verovaleros May 19, 2023
1c6d420
Comment deprecated code
verovaleros May 19, 2023
dec7cec
#patch 33:8: F401 imported but unused
verovaleros May 19, 2023
193ad09
#patch 1381:5: F841 Local variable is assigned to but never used
verovaleros May 19, 2023
ea816e5
#patch line to log
verovaleros May 19, 2023
0be72ff
#patch line to long
verovaleros May 19, 2023
2c204a1
#patch 27:8: F401 -- imported but unused
verovaleros May 19, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
22 changes: 16 additions & 6 deletions netflowlabeler.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,8 +18,8 @@
#
# Authors:
# Sebastian Garcia, sebastian.garcia@agents.fel.cvut.cz, eldraco@gmail.com
# Veronica Valeros, vero.valeros@gmail.com
# Stratosphere Laboratory, Czech Technical University in Prague
# Veronica Valeros, valerver@fel.cvut.cz, vero.valeros@gmail.com
# Stratosphere Laboratory, AIC, FEL, Czech Technical University in Prague

# Description
# A tool to add labels in netflow files based on a configuration.
Expand All @@ -30,7 +30,6 @@
configuration file.
"""
import sys
import re
import json
import argparse
import ipaddress
Expand Down Expand Up @@ -159,7 +158,10 @@ def getLabel(self, column_values):
# Normal condition, no negation

# Is the column a number?
# if ('bytes' in condColumn) or ('packets' in condColumn) or ('srcport' in condColumn) or ('dstport' in condColumn) or ('sbytes' in condColumn) or ('dbyets' in condColumn) or ('spkts' in condColumn) or ('dpkts' in condColumn) or ('ip_orig_bytes' in condColumn) or ('ip_resp_bytes' in condColumn):
# if ('bytes' in condColumn) or ('packets' in condColumn) or ('srcport' in condColumn) or
# ('dstport' in condColumn) or ('sbytes' in condColumn) or ('dbyets' in condColumn) or
# ('spkts' in condColumn) or ('dpkts' in condColumn) or ('ip_orig_bytes' in condColumn) or
# ('ip_resp_bytes' in condColumn):
column_num_keywords = ['bytes', 'packets', 'srcport', 'dstport',
'sbytes', 'dbytes', 'spkts', 'dpkts',
'ip_orig_bytes', 'ip_resp_bytes']
Expand Down Expand Up @@ -356,6 +358,8 @@ def process_nfdump(f, headers, labelmachine):
DEPRECATED!! NEEDS UPDATE COMPLETELY
Process and label an nfdump file
"""
pass
"""
# Just to monitor how many lines we read
amount_lines_processed = 0

Expand Down Expand Up @@ -538,7 +542,10 @@ def process_nfdump(f, headers, labelmachine):
print('Please implement this protocol!')
print(line)
sys.exit(-1)
elif protocol == 'IPNIP' or protocol == 'RSVP' or protocol == 'GRE' or protocol == 'UDT' or protocol == 'ARP' or protocol == 'ICMP' or protocol == 'PIM' or protocol == 'ESP' or protocol == 'UNAS' or protocol == 'IGMP' or 'IPX' in protocol or 'RARP' in protocol or 'LLC' in protocol or 'IPV6' in protocol:
elif protocol == 'IPNIP' or protocol == 'RSVP' or protocol == 'GRE' or protocol == 'UDT' or /
protocol == 'ARP' or protocol == 'ICMP' or protocol == 'PIM' or protocol == 'ESP' or /
protocol == 'UNAS' or protocol == 'IGMP' or 'IPX' in protocol or 'RARP' in protocol /
or 'LLC' in protocol or 'IPV6' in protocol:
srcip = temp = columnValues[4]
# Store the value in the dict
dict = netflowArray[4]
Expand Down Expand Up @@ -632,6 +639,7 @@ def process_nfdump(f, headers, labelmachine):

# Close the outputfile
outputfile.close()
"""


def define_columns(headerline, filetype):
Expand Down Expand Up @@ -979,6 +987,8 @@ def process_argus(column_idx, output_file, labelmachine, filetype):
Process an Argus file
"""
try:
pass
"""
print(column_idx)
return 0

Expand Down Expand Up @@ -1254,6 +1264,7 @@ def process_argus(column_idx, output_file, labelmachine, filetype):

line = f.readline()
amount_lines_processed += 1
"""
except Exception as inst:
exception_line = sys.exc_info()[2].tb_lineno
print(f'\tProblem in process_argus() line {exception_line}', 0, 1)
Expand Down Expand Up @@ -1372,7 +1383,6 @@ def load_conditions(labelmachine):
Input: labelmachine is a labeler object
Output: modified labelmachine object. No return instruction.
"""
conditionsList = []
try:
conf = open(args.configFile)

Expand Down
1 change: 0 additions & 1 deletion zeek-files-labeler.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,6 @@
# Description
# A tool to add labels in netflow files based on a configuration. Flow file include Zeek, Argus, and NFdump. Both in CSV and TSV

import getopt
import sys
import json
import argparse
Expand Down