CLI.py 4.5 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117
  1. #! /usr/bin/python3
  2. import argparse
  3. import sys
  4. from ID2TLib.Controller import Controller
  5. class LoadFromFile(argparse.Action):
  6. """
  7. Parses the parameter file given by application param -c/--config.
  8. """
  9. def __call__(self, parser, namespace, values, option_string=None):
  10. with values as f:
  11. parser.parse_args(f.read().split(), namespace)
  12. class CLI(object):
  13. def __init__(self):
  14. """
  15. Creates a new CLI object used to handle
  16. """
  17. # Reference to PcapFile object
  18. self.args = None
  19. self.attack_config = None
  20. def process_arguments(self):
  21. """
  22. Loads the application controller, the PCAP file statistics and if present, processes the given attacks. Evaluates
  23. given queries.
  24. """
  25. # Create ID2T Controller
  26. controller = Controller(self.args.input)
  27. # Load PCAP statistics
  28. controller.load_pcap_statistics(self.args.export, self.args.recalculate, self.args.statistics)
  29. # Process attack(s) with given attack params
  30. if self.args.attack is not None:
  31. # If attack is present, load attack with params
  32. controller.process_attacks(self.args.attack)
  33. # Parameter -q without arguments was given -> go into query loop
  34. if self.args.query == [None]:
  35. controller.enter_query_mode()
  36. # Parameter -q with arguments was given -> process query
  37. elif self.args.query is not None:
  38. controller.process_db_queries(self.args.query, True)
  39. def parse_arguments(self, args):
  40. """
  41. Defines the allowed application arguments and invokes the evaluation of the arguments.
  42. :param args: The application arguments
  43. """
  44. # Create parser for arguments
  45. parser = argparse.ArgumentParser(description="Intrusion Detection Dataset Toolkit (ID2T) - A toolkit for "
  46. "injection of synthetically created attacks into PCAP datasets.")
  47. # Define required arguments
  48. requiredNamed = parser.add_argument_group('required named arguments')
  49. requiredNamed.add_argument('-i', '--input', metavar="FILEPATH", help='path to the input pcap file', required=True)
  50. # Define optional arguments
  51. parser.add_argument('-c', '--config', metavar='FILEPATH', help='file containing parameters used as input.',
  52. action=LoadFromFile, type=open)
  53. parser.add_argument('-e', '--export',
  54. help='stores the statistics as a textfile with ending .stat into the dataset directory',
  55. action='store_true', default=False)
  56. parser.add_argument('-a', '--attack', metavar="ATTACKNAME", action='append',
  57. help='injects a new attack into the given dataset.', nargs='+')
  58. parser.add_argument('-r', '--recalculate',
  59. help='forces to recalculate the statistics in case of an already existing statistics database.',
  60. action='store_true', default=False)
  61. parser.add_argument('-s', '--statistics', help='print general file statistics to stdout.', action='store_true',
  62. default=False)
  63. parser.add_argument('-q', '--query', metavar="QUERY",
  64. action='append', nargs='?',
  65. help='queries the statistics database. If no query is provided, the application enters into query mode.')
  66. # Parse arguments
  67. self.args = parser.parse_args(args)
  68. self.process_arguments()
  69. def main(args):
  70. """
  71. Creates a new CLI object and invokes the arguments parsing.
  72. :param args: The provided arguments
  73. """
  74. cli = CLI()
  75. # Check arguments
  76. cli.parse_arguments(args)
  77. # Uncomment to enable calling by terminal
  78. if __name__ == '__main__':
  79. main(sys.argv[1:])
  80. # if __name__ == '__main__':
  81. # FILE = ['-i', '/mnt/hgfs/datasets/95M.pcap']
  82. # FILE2 = ['-i', '/mnt/hgfs/datasets/95M_20161103-185151.pcap']
  83. #
  84. #
  85. # ATTACK = ['-a', 'PortscanAttack', 'ip.src=10.2.2.4', 'mac.dst=05:AB:47:B5:19:11',
  86. # 'inject.at-timestamp=1449038705.316721', 'attack.note=Portscan2']
  87. # ATTACK2 = ['-a', 'PortscanAttack', 'ip.dst=193.133.122.23, ip.src=192.124.34.12', 'inject.after-pkt=34']
  88. #
  89. # STATS_RECALC = ['-r']
  90. # STATS_PRINT = ['-s']
  91. #
  92. # QUERY_MODE_LOOP = ['-q']
  93. # QUERY_DB = ['-q', 'most_used(ttlValue)']
  94. #
  95. # main(FILE2 + ATTACK)
  96. # main(['-c', '/home/pjattke/Thesis/development/code/config'])