From 840c4b0505e6929afef467e72ec81d709b4a22f6 Mon Sep 17 00:00:00 2001 From: Gilbert Ramirez Date: Fri, 29 Oct 2004 15:09:00 +0000 Subject: Add netscreen2dump.py, to convert netscreen packet-trace hex dumps to hex dumps that can be read by text2pcap. svn path=/trunk/; revision=12435 --- tools/netscreen2dump.py | 132 ++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 132 insertions(+) create mode 100755 tools/netscreen2dump.py (limited to 'tools/netscreen2dump.py') diff --git a/tools/netscreen2dump.py b/tools/netscreen2dump.py new file mode 100755 index 0000000000..85f67f3d89 --- /dev/null +++ b/tools/netscreen2dump.py @@ -0,0 +1,132 @@ +#!/usr/bin/env python +""" +Converts netscreen snoop hex-dumps to a hex-dump that text2pcap can read. + +Copyright (c) 2004 by Gilbert Ramirez + +This program is free software; you can redistribute it and/or +modify it under the terms of the GNU General Public License +as published by the Free Software Foundation; either version 2 +of the License, or (at your option) any later version. + +This program is distributed in the hope that it will be useful, +but WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +GNU General Public License for more details. + +You should have received a copy of the GNU General Public License +along with this program; if not, write to the Free Software +Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. +""" + +import sys +import re +import os +import stat +import time + +class OutputFile: + TIMER_MAX = 99999.9 + + def __init__(self, name, base_time): + try: + self.fh = open(name, "w") + except IOError, err: + sys.exit(err) + + self.base_time = base_time + self.prev_timestamp = 0.0 + + def PrintPacket(self, timestamp, datalines): + # What do to with the timestamp? I need more data about what + # the netscreen timestamp is, then I can generate one for the text file. +# print "TS:", timestamp.group("time") + try: + timestamp = float(timestamp.group("time")) + except ValueError: + sys.exit("Unable to convert '%s' to floating point." % \ + (timestamp,)) + + # Did we wrap around the timeer max? + if timestamp < self.prev_timestamp: + self.base_time += self.TIMER_MAX + + self.prev_timestamp = timestamp + + packet_timestamp = self.base_time + timestamp + + # Determine the time string to print + gmtime = time.gmtime(packet_timestamp) + subsecs = packet_timestamp - int(packet_timestamp) + assert subsecs <= 0 + subsecs = int(subsecs * 10) + + print >> self.fh, "%s.%d" % (time.strftime("%Y-%m-%d %H:%M:%S", gmtime), \ + subsecs) + + # Print the packet data + offset = 0 + for lineno, hexgroup in datalines: + hexline = hexgroup.group("hex") + hexpairs = hexline.split() + print >> self.fh, "%08x %s" % (offset, hexline) + offset += len(hexpairs) + + # Blank line + print >> self.fh + +re_timestamp = re.compile(r"^(?P