CLI.py 5.2 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131
  1. #! /usr/bin/env python3
  2. import argparse
  3. import sys
  4. from ID2TLib.Controller import Controller
  5. class LoadFromFile(argparse.Action):
  6. """
  7. Parses the parameter file given by application param -c/--config.
  8. """
  9. def __call__(self, parser, namespace, values, option_string=None):
  10. with values as f:
  11. parser.parse_args(f.read().split(), namespace)
  12. class CLI(object):
  13. def __init__(self):
  14. """
  15. Creates a new CLI object used to handle
  16. """
  17. # Reference to PcapFile object
  18. self.args = None
  19. self.attack_config = None
  20. def process_arguments(self):
  21. """
  22. Loads the application controller, the PCAP file statistics and if present, processes the given attacks. Evaluates
  23. given queries.
  24. """
  25. # Create ID2T Controller
  26. controller = Controller(self.args.input)
  27. # Load PCAP statistics
  28. controller.load_pcap_statistics(self.args.export, self.args.recalculate, self.args.statistics)
  29. # Process attack(s) with given attack params
  30. if self.args.attack is not None:
  31. # If attack is present, load attack with params
  32. controller.process_attacks(self.args.attack)
  33. # Parameter -q without arguments was given -> go into query loop
  34. if self.args.query == [None]:
  35. controller.enter_query_mode()
  36. # Parameter -q with arguments was given -> process query
  37. elif self.args.query is not None:
  38. controller.process_db_queries(self.args.query, True)
  39. def parse_arguments(self, args):
  40. """
  41. Defines the allowed application arguments and invokes the evaluation of the arguments.
  42. :param args: The application arguments
  43. """
  44. # Create parser for arguments
  45. parser = argparse.ArgumentParser(description="Intrusion Detection Dataset Toolkit (ID2T) - A toolkit for "
  46. "injection of synthetically created attacks into PCAP datasets.",
  47. prog="id2t")
  48. # Define required arguments
  49. # requiredNamed = parser.add_argument_group('required named arguments')
  50. # requiredNamed.add_argument('-i', '--input', metavar="FILEPATH", help='path to the input pcap file',
  51. # required=True)
  52. # Define optional arguments
  53. parser.add_argument('-i', '--input', metavar="FILEPATH", help='path to the input pcap file', required=False)
  54. parser.add_argument('-c', '--config', metavar='FILEPATH', help='file containing parameters used as input.',
  55. action=LoadFromFile, type=open)
  56. parser.add_argument('-e', '--export',
  57. help='stores the statistics as a textfile with ending .stat into the dataset directory',
  58. action='store_true', default=False)
  59. parser.add_argument('-a', '--attack', metavar="ATTACKNAME", action='append',
  60. help='injects a new attack into the given dataset.', nargs='+')
  61. parser.add_argument('-g', '--gui', help='enables the Graphical User Interface (GUI) mode.', action='store_true',
  62. default=False)
  63. parser.add_argument('-r', '--recalculate',
  64. help='forces to recalculate the statistics in case of an already existing statistics database.',
  65. action='store_true', default=False)
  66. parser.add_argument('-s', '--statistics', help='print general file statistics to stdout.', action='store_true',
  67. default=False)
  68. parser.add_argument('-q', '--query', metavar="QUERY",
  69. action='append', nargs='?',
  70. help='queries the statistics database. If no query is provided, the application enters into query mode.')
  71. # Parse arguments
  72. self.args = parser.parse_args(args)
  73. # Either PCAP filepath or GUI mode must be enabled
  74. if not self.args.input and not self.args.gui:
  75. parser.error("Parameter -i/--input required. See available options with -h/--help ")
  76. # GUI mode enabled
  77. if self.args.gui:
  78. raise NotImplementedError("Feature not implemented yet.")
  79. # gui = GUI.GUI()
  80. pass
  81. # CLI mode enabled
  82. else:
  83. self.process_arguments()
  84. def main(args):
  85. """
  86. Creates a new CLI object and invokes the arguments parsing.
  87. :param args: The provided arguments
  88. """
  89. cli = CLI()
  90. # Check arguments
  91. cli.parse_arguments(args)
  92. # Uncomment to enable calling by terminal
  93. if __name__ == '__main__':
  94. main(sys.argv[1:])
  95. # if __name__ == '__main__':
  96. # FILE = ['-i', '/mnt/hgfs/datasets/95M.pcap']
  97. #
  98. # ATTACK = ['-a', 'PortscanAttack', 'ip.src=most_used(ipAddress)', 'mac.dst=05:AB:47:B5:19:11',
  99. # 'inject.at-timestamp=1980733342', 'attack.note=First portscan Attack']
  100. # ATTACK2 = ['-a', 'PortscanAttack', 'ip.dst=193.133.122.23, ip.src=192.124.34.12', 'inject.after-pkt=34']
  101. #
  102. # STATS_RECALC = ['-r']
  103. # STATS_PRINT = ['-s']
  104. #
  105. # QUERY_MODE_LOOP = ['-q']
  106. # QUERY_DB = ['-q', 'most_used(ttlValue)']
  107. #
  108. # main(FILE + QUERY_DB)
  109. # main(['-c', '/home/pjattke/Thesis/development/code/config'])