-
Notifications
You must be signed in to change notification settings - Fork 2
/
flow2ports.py
executable file
·78 lines (68 loc) · 2.89 KB
/
flow2ports.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
#!/usr/bin/python
############################################################################
# flow2ports.py #
# v0.1 #
# #
# Copyright (C) 2011 by Boyan Tabakov #
# #
# This program is free software; you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
# the Free Software Foundation; either version 2 of the License, or #
# (at your option) any later version. #
# #
# This program is distributed in the hope that it will be useful, #
# but WITHOUT ANY WARRANTY; without even the implied warranty of #
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
# GNU General Public License for more details. #
# #
# You should have received a copy of the GNU General Public License #
# along with this program; if not, write to the #
# Free Software Foundation, Inc., #
# 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. #
############################################################################
import sys, re
debug = 0
output_packets = True
p2p = False
tcp_udp = True
if len(sys.argv) == 2 and 'a' in sys.argv[1]:
tcp_udp = False
if len(sys.argv) == 2 and 't' in sys.argv[1]:
p2p = True
def dbg(*args):
global debug
if not debug:
return
for a in args:
print >> sys.stderr, a,
print >> sys.stderr
ports = {}
for line in sys.stdin:
if line == '\n':
continue
l = re.split('\t', line[:-1])
proto = int(l[2])
if tcp_udp and proto != 6 and proto != 17:
# check only TCP and UDP protocols
continue
sport = int(l[4])
dport = int(l[5])
flows = int(l[8])
bytes = int(l[7])
packets = int(l[6])
if p2p and (sport < 1024 or dport < 1024):
continue
for port in [sport, dport]:
if port < 1 or port > 65535:
continue
if ports.has_key(port):
t = ports[port]
ports[port] = (t[0] + bytes, t[1] + flows, t[2] + packets)
else:
ports[port] = (bytes, flows, packets)
for p, t in ports.items():
if output_packets:
print str(p) + '\t' + str(t[0]) + '\t' + str(t[1]) + '\t' + str(t[2])
else:
print str(p) + '\t' + str(t[0]) + '\t' + str(t[1])