mirror of
https://github.com/vel21ripn/nDPI.git
synced 2026-04-28 23:19:42 +00:00
117 lines
2.2 KiB
Lua
117 lines
2.2 KiB
Lua
#!/usr/bin/env lua
|
|
|
|
--
|
|
-- (C) 2021 - ntop.org
|
|
--
|
|
|
|
local json = require "dkjson"
|
|
|
|
tshark = {}
|
|
tshark.__index = tshark
|
|
|
|
-- ###############################################################
|
|
|
|
-- Print contents of `tbl`, with indentation.
|
|
-- You can call it as tprint(mytable)
|
|
-- The other two parameters should not be set
|
|
function tprint(s, l, i)
|
|
l = (l) or 1000; i = i or "";-- default item limit, indent string
|
|
if (l<1) then io.write("ERROR: Item limit reached.\n"); return l-1 end;
|
|
local ts = type(s);
|
|
if (ts ~= "table") then io.write(i..' '..ts..' '..tostring(s)..'\n'); return l-1 end
|
|
io.write(i..' '..ts..'\n');
|
|
for k,v in pairs(s) do
|
|
local indent = ""
|
|
|
|
if(i ~= "") then
|
|
indent = i .. "."
|
|
end
|
|
indent = indent .. tostring(k)
|
|
|
|
l = tprint(v, l, indent);
|
|
if (l < 0) then break end
|
|
end
|
|
|
|
return l
|
|
end
|
|
|
|
-- ###############################################################
|
|
|
|
local function file_exists(name)
|
|
local f = io.open(name, "r")
|
|
|
|
if(f ~= nil) then
|
|
io.close(f)
|
|
return true
|
|
else
|
|
return false
|
|
end
|
|
end
|
|
|
|
-- ###############################################################
|
|
|
|
--
|
|
-- Creates a tshark class instance
|
|
--
|
|
|
|
function tshark:open(pcap_file_or_dev, filter)
|
|
local ret = {}
|
|
|
|
setmetatable(ret, tshark) -- Open the class
|
|
|
|
cmd = "tshark -n -T ek -l "
|
|
|
|
if(file_exists(pcap_file_or_dev)) then
|
|
cmd = cmd .. "-r "..pcap_file_or_dev
|
|
|
|
if(filter ~= nil) then
|
|
cmd = cmd .. " -2 -R \"" .. filter .."\""
|
|
end
|
|
|
|
else
|
|
cmd = cmd .. "-i "..pcap_file_or_dev
|
|
|
|
if(filter ~= nil) then
|
|
cmd = cmd .. " -f \"" .. filter .."\""
|
|
end
|
|
end
|
|
|
|
ret.pipe = io.popen(cmd)
|
|
|
|
return ret
|
|
end
|
|
|
|
-- ###############################################################
|
|
|
|
--
|
|
-- Terminates the tshark class
|
|
--
|
|
|
|
function tshark:close()
|
|
if(self.pipe ~= nil) then
|
|
self.pipe:close()
|
|
end
|
|
end
|
|
|
|
-- ###############################################################
|
|
|
|
--
|
|
-- Read a single packet
|
|
--
|
|
|
|
function tshark:read()
|
|
local l = self.pipe:read()
|
|
local j
|
|
|
|
if(l == nil) then return(nil) end
|
|
|
|
j = json.decode(l)
|
|
|
|
if(j.layers ~= nil) then
|
|
return(j.layers)
|
|
else
|
|
return(self:read())
|
|
end
|
|
end
|
|
|
|
return tshark
|