2004-10-29 15:09:00 +00:00
|
|
|
#!/usr/bin/env python
|
|
|
|
"""
|
|
|
|
Converts netscreen snoop hex-dumps to a hex-dump that text2pcap can read.
|
|
|
|
|
|
|
|
Copyright (c) 2004 by Gilbert Ramirez <gram@alumni.rice.edu>
|
|
|
|
|
2018-03-08 10:18:49 +00:00
|
|
|
SPDX-License-Identifier: GPL-2.0-or-later
|
2004-10-29 15:09:00 +00:00
|
|
|
"""
|
|
|
|
|
|
|
|
import sys
|
|
|
|
import re
|
|
|
|
import os
|
|
|
|
import stat
|
|
|
|
import time
|
|
|
|
|
Fix issues discovered by common python linters
Fix some issues discovered by common python linters including:
* switch `None` comparisons to use `is` rather than `==`. Identity !=
equality, and I've spent 40+ hours before tracking down a subtle bug
caused by exactly this issue. Note that this may introduce a problem if
one of the scripts is depending on this behavior, in which case the
comparison should be changed to `True`/`False` rather than `None`.
* Use `except Exception:` as bare `except:` statements have been
discouraged for years. Ideally for some of these we'd examine if there
were specific exceptions that should be caught, but for now I simply
caught all. Again, this could introduce very subtle behavioral changes
under Python 2, but IIUC, that was all fixed in Python 3, so safe to
move to `except Exception:`.
* Use more idiomatic `if not x in y`--> `if x not in y`
* Use more idiomatic 2 blank lines. I only did this at the beginning,
until I realized how overwhelming this was going to be to apply, then I
stopped.
* Add a TODO where an undefined function name is called, so will fail
whenever that code is run.
* Add more idiomatic spacing around `:`. This is also only partially
cleaned up, as I gave up when I saw how `asn2wrs.py` was clearly
infatuated with the construct.
* Various other small cleanups, removed some trailing whitespace and
improper indentation that wasn't a multiple of 4, etc.
There is still _much_ to do, but I haven't been heavily involved with
this project before, so thought this was a sufficient amount to put up
and see what the feedback is.
Linters that I have enabled which highlighted some of these issues
include:
* `pylint`
* `flake8`
* `pycodestyle`
2020-09-21 05:44:41 +00:00
|
|
|
|
2004-10-29 15:09:00 +00:00
|
|
|
class OutputFile:
|
|
|
|
TIMER_MAX = 99999.9
|
|
|
|
|
|
|
|
def __init__(self, name, base_time):
|
|
|
|
try:
|
|
|
|
self.fh = open(name, "w")
|
|
|
|
except IOError, err:
|
|
|
|
sys.exit(err)
|
|
|
|
|
|
|
|
self.base_time = base_time
|
|
|
|
self.prev_timestamp = 0.0
|
|
|
|
|
|
|
|
def PrintPacket(self, timestamp, datalines):
|
|
|
|
# What do to with the timestamp? I need more data about what
|
|
|
|
# the netscreen timestamp is, then I can generate one for the text file.
|
Fix issues discovered by common python linters
Fix some issues discovered by common python linters including:
* switch `None` comparisons to use `is` rather than `==`. Identity !=
equality, and I've spent 40+ hours before tracking down a subtle bug
caused by exactly this issue. Note that this may introduce a problem if
one of the scripts is depending on this behavior, in which case the
comparison should be changed to `True`/`False` rather than `None`.
* Use `except Exception:` as bare `except:` statements have been
discouraged for years. Ideally for some of these we'd examine if there
were specific exceptions that should be caught, but for now I simply
caught all. Again, this could introduce very subtle behavioral changes
under Python 2, but IIUC, that was all fixed in Python 3, so safe to
move to `except Exception:`.
* Use more idiomatic `if not x in y`--> `if x not in y`
* Use more idiomatic 2 blank lines. I only did this at the beginning,
until I realized how overwhelming this was going to be to apply, then I
stopped.
* Add a TODO where an undefined function name is called, so will fail
whenever that code is run.
* Add more idiomatic spacing around `:`. This is also only partially
cleaned up, as I gave up when I saw how `asn2wrs.py` was clearly
infatuated with the construct.
* Various other small cleanups, removed some trailing whitespace and
improper indentation that wasn't a multiple of 4, etc.
There is still _much_ to do, but I haven't been heavily involved with
this project before, so thought this was a sufficient amount to put up
and see what the feedback is.
Linters that I have enabled which highlighted some of these issues
include:
* `pylint`
* `flake8`
* `pycodestyle`
2020-09-21 05:44:41 +00:00
|
|
|
# print("TS:", timestamp.group("time"))
|
2004-10-29 15:09:00 +00:00
|
|
|
try:
|
|
|
|
timestamp = float(timestamp.group("time"))
|
|
|
|
except ValueError:
|
Fix issues discovered by common python linters
Fix some issues discovered by common python linters including:
* switch `None` comparisons to use `is` rather than `==`. Identity !=
equality, and I've spent 40+ hours before tracking down a subtle bug
caused by exactly this issue. Note that this may introduce a problem if
one of the scripts is depending on this behavior, in which case the
comparison should be changed to `True`/`False` rather than `None`.
* Use `except Exception:` as bare `except:` statements have been
discouraged for years. Ideally for some of these we'd examine if there
were specific exceptions that should be caught, but for now I simply
caught all. Again, this could introduce very subtle behavioral changes
under Python 2, but IIUC, that was all fixed in Python 3, so safe to
move to `except Exception:`.
* Use more idiomatic `if not x in y`--> `if x not in y`
* Use more idiomatic 2 blank lines. I only did this at the beginning,
until I realized how overwhelming this was going to be to apply, then I
stopped.
* Add a TODO where an undefined function name is called, so will fail
whenever that code is run.
* Add more idiomatic spacing around `:`. This is also only partially
cleaned up, as I gave up when I saw how `asn2wrs.py` was clearly
infatuated with the construct.
* Various other small cleanups, removed some trailing whitespace and
improper indentation that wasn't a multiple of 4, etc.
There is still _much_ to do, but I haven't been heavily involved with
this project before, so thought this was a sufficient amount to put up
and see what the feedback is.
Linters that I have enabled which highlighted some of these issues
include:
* `pylint`
* `flake8`
* `pycodestyle`
2020-09-21 05:44:41 +00:00
|
|
|
sys.exit("Unable to convert '%s' to floating point." %
|
2004-10-29 15:09:00 +00:00
|
|
|
(timestamp,))
|
|
|
|
|
|
|
|
# Did we wrap around the timeer max?
|
|
|
|
if timestamp < self.prev_timestamp:
|
|
|
|
self.base_time += self.TIMER_MAX
|
|
|
|
|
|
|
|
self.prev_timestamp = timestamp
|
|
|
|
|
|
|
|
packet_timestamp = self.base_time + timestamp
|
|
|
|
|
|
|
|
# Determine the time string to print
|
|
|
|
gmtime = time.gmtime(packet_timestamp)
|
|
|
|
subsecs = packet_timestamp - int(packet_timestamp)
|
|
|
|
assert subsecs <= 0
|
|
|
|
subsecs = int(subsecs * 10)
|
|
|
|
|
|
|
|
print >> self.fh, "%s.%d" % (time.strftime("%Y-%m-%d %H:%M:%S", gmtime), \
|
|
|
|
subsecs)
|
|
|
|
|
|
|
|
# Print the packet data
|
|
|
|
offset = 0
|
|
|
|
for lineno, hexgroup in datalines:
|
|
|
|
hexline = hexgroup.group("hex")
|
|
|
|
hexpairs = hexline.split()
|
|
|
|
print >> self.fh, "%08x %s" % (offset, hexline)
|
|
|
|
offset += len(hexpairs)
|
|
|
|
|
|
|
|
# Blank line
|
|
|
|
print >> self.fh
|
|
|
|
|
Fix issues discovered by common python linters
Fix some issues discovered by common python linters including:
* switch `None` comparisons to use `is` rather than `==`. Identity !=
equality, and I've spent 40+ hours before tracking down a subtle bug
caused by exactly this issue. Note that this may introduce a problem if
one of the scripts is depending on this behavior, in which case the
comparison should be changed to `True`/`False` rather than `None`.
* Use `except Exception:` as bare `except:` statements have been
discouraged for years. Ideally for some of these we'd examine if there
were specific exceptions that should be caught, but for now I simply
caught all. Again, this could introduce very subtle behavioral changes
under Python 2, but IIUC, that was all fixed in Python 3, so safe to
move to `except Exception:`.
* Use more idiomatic `if not x in y`--> `if x not in y`
* Use more idiomatic 2 blank lines. I only did this at the beginning,
until I realized how overwhelming this was going to be to apply, then I
stopped.
* Add a TODO where an undefined function name is called, so will fail
whenever that code is run.
* Add more idiomatic spacing around `:`. This is also only partially
cleaned up, as I gave up when I saw how `asn2wrs.py` was clearly
infatuated with the construct.
* Various other small cleanups, removed some trailing whitespace and
improper indentation that wasn't a multiple of 4, etc.
There is still _much_ to do, but I haven't been heavily involved with
this project before, so thought this was a sufficient amount to put up
and see what the feedback is.
Linters that I have enabled which highlighted some of these issues
include:
* `pylint`
* `flake8`
* `pycodestyle`
2020-09-21 05:44:41 +00:00
|
|
|
|
2006-09-22 18:51:25 +00:00
|
|
|
# Find a timestamp line
|
2008-02-19 16:55:19 +00:00
|
|
|
re_timestamp = re.compile(r"^(?P<time>\d+\.\d): [\w/]+\((?P<io>.)\)(:| len=)")
|
2006-09-22 18:51:25 +00:00
|
|
|
|
|
|
|
# Find a hex dump line
|
2004-10-29 15:09:00 +00:00
|
|
|
re_hex_line = re.compile(r"(?P<hex>([0-9a-f]{2} ){1,16})\s+(?P<ascii>.){1,16}")
|
|
|
|
|
Fix issues discovered by common python linters
Fix some issues discovered by common python linters including:
* switch `None` comparisons to use `is` rather than `==`. Identity !=
equality, and I've spent 40+ hours before tracking down a subtle bug
caused by exactly this issue. Note that this may introduce a problem if
one of the scripts is depending on this behavior, in which case the
comparison should be changed to `True`/`False` rather than `None`.
* Use `except Exception:` as bare `except:` statements have been
discouraged for years. Ideally for some of these we'd examine if there
were specific exceptions that should be caught, but for now I simply
caught all. Again, this could introduce very subtle behavioral changes
under Python 2, but IIUC, that was all fixed in Python 3, so safe to
move to `except Exception:`.
* Use more idiomatic `if not x in y`--> `if x not in y`
* Use more idiomatic 2 blank lines. I only did this at the beginning,
until I realized how overwhelming this was going to be to apply, then I
stopped.
* Add a TODO where an undefined function name is called, so will fail
whenever that code is run.
* Add more idiomatic spacing around `:`. This is also only partially
cleaned up, as I gave up when I saw how `asn2wrs.py` was clearly
infatuated with the construct.
* Various other small cleanups, removed some trailing whitespace and
improper indentation that wasn't a multiple of 4, etc.
There is still _much_ to do, but I haven't been heavily involved with
this project before, so thought this was a sufficient amount to put up
and see what the feedback is.
Linters that I have enabled which highlighted some of these issues
include:
* `pylint`
* `flake8`
* `pycodestyle`
2020-09-21 05:44:41 +00:00
|
|
|
|
2004-10-29 15:09:00 +00:00
|
|
|
def run(input_filename, output_filename):
|
|
|
|
try:
|
|
|
|
ifh = open(input_filename, "r")
|
|
|
|
except IOError, err:
|
|
|
|
sys.exit(err)
|
|
|
|
|
2006-09-22 18:51:25 +00:00
|
|
|
# Get the file's creation time.
|
2004-10-29 15:09:00 +00:00
|
|
|
try:
|
|
|
|
ctime = os.stat(input_filename)[stat.ST_CTIME]
|
|
|
|
except OSError, err:
|
|
|
|
sys.exit(err)
|
|
|
|
|
|
|
|
output_file = OutputFile(output_filename, ctime)
|
|
|
|
|
|
|
|
timestamp = None
|
|
|
|
datalines = []
|
|
|
|
lineno = 0
|
|
|
|
|
|
|
|
for line in ifh.xreadlines():
|
|
|
|
lineno += 1
|
2006-09-22 18:51:25 +00:00
|
|
|
# If we have no timestamp yet, look for one
|
2004-10-29 15:09:00 +00:00
|
|
|
if not timestamp:
|
|
|
|
m = re_timestamp.search(line)
|
|
|
|
if m:
|
|
|
|
timestamp = m
|
|
|
|
|
2006-09-22 18:51:25 +00:00
|
|
|
# Otherwise, look for hex dump lines
|
2004-10-29 15:09:00 +00:00
|
|
|
else:
|
|
|
|
m = re_hex_line.search(line)
|
|
|
|
if m:
|
|
|
|
datalines.append((lineno, m))
|
|
|
|
else:
|
2006-09-22 18:51:25 +00:00
|
|
|
# If we have been gathering hex dump lines,
|
|
|
|
# and this line is not a hex dump line, then the hex dump
|
|
|
|
# has finished, and so has the packet. So print the packet
|
|
|
|
# and reset our variables so we can look for the next packet.
|
2004-10-29 15:09:00 +00:00
|
|
|
if datalines:
|
|
|
|
output_file.PrintPacket(timestamp, datalines)
|
|
|
|
timestamp = None
|
|
|
|
datalines = []
|
|
|
|
|
2006-09-22 18:51:25 +00:00
|
|
|
# At the end of the file we may still have hex dump data in memory.
|
|
|
|
# If so, print the packet
|
2004-10-29 15:09:00 +00:00
|
|
|
if datalines:
|
|
|
|
output_file.PrintPacket(timestamp, datalines)
|
|
|
|
timestamp = None
|
|
|
|
datalines = []
|
|
|
|
|
|
|
|
|
|
|
|
def usage():
|
|
|
|
print >> sys.stderr, "Usage: netscreen2dump.py netscreen-dump-file new-dump-file"
|
|
|
|
sys.exit(1)
|
|
|
|
|
Fix issues discovered by common python linters
Fix some issues discovered by common python linters including:
* switch `None` comparisons to use `is` rather than `==`. Identity !=
equality, and I've spent 40+ hours before tracking down a subtle bug
caused by exactly this issue. Note that this may introduce a problem if
one of the scripts is depending on this behavior, in which case the
comparison should be changed to `True`/`False` rather than `None`.
* Use `except Exception:` as bare `except:` statements have been
discouraged for years. Ideally for some of these we'd examine if there
were specific exceptions that should be caught, but for now I simply
caught all. Again, this could introduce very subtle behavioral changes
under Python 2, but IIUC, that was all fixed in Python 3, so safe to
move to `except Exception:`.
* Use more idiomatic `if not x in y`--> `if x not in y`
* Use more idiomatic 2 blank lines. I only did this at the beginning,
until I realized how overwhelming this was going to be to apply, then I
stopped.
* Add a TODO where an undefined function name is called, so will fail
whenever that code is run.
* Add more idiomatic spacing around `:`. This is also only partially
cleaned up, as I gave up when I saw how `asn2wrs.py` was clearly
infatuated with the construct.
* Various other small cleanups, removed some trailing whitespace and
improper indentation that wasn't a multiple of 4, etc.
There is still _much_ to do, but I haven't been heavily involved with
this project before, so thought this was a sufficient amount to put up
and see what the feedback is.
Linters that I have enabled which highlighted some of these issues
include:
* `pylint`
* `flake8`
* `pycodestyle`
2020-09-21 05:44:41 +00:00
|
|
|
|
2004-10-29 15:09:00 +00:00
|
|
|
def main():
|
|
|
|
if len(sys.argv) != 3:
|
|
|
|
usage()
|
|
|
|
|
|
|
|
run(sys.argv[1], sys.argv[2])
|
|
|
|
|
Fix issues discovered by common python linters
Fix some issues discovered by common python linters including:
* switch `None` comparisons to use `is` rather than `==`. Identity !=
equality, and I've spent 40+ hours before tracking down a subtle bug
caused by exactly this issue. Note that this may introduce a problem if
one of the scripts is depending on this behavior, in which case the
comparison should be changed to `True`/`False` rather than `None`.
* Use `except Exception:` as bare `except:` statements have been
discouraged for years. Ideally for some of these we'd examine if there
were specific exceptions that should be caught, but for now I simply
caught all. Again, this could introduce very subtle behavioral changes
under Python 2, but IIUC, that was all fixed in Python 3, so safe to
move to `except Exception:`.
* Use more idiomatic `if not x in y`--> `if x not in y`
* Use more idiomatic 2 blank lines. I only did this at the beginning,
until I realized how overwhelming this was going to be to apply, then I
stopped.
* Add a TODO where an undefined function name is called, so will fail
whenever that code is run.
* Add more idiomatic spacing around `:`. This is also only partially
cleaned up, as I gave up when I saw how `asn2wrs.py` was clearly
infatuated with the construct.
* Various other small cleanups, removed some trailing whitespace and
improper indentation that wasn't a multiple of 4, etc.
There is still _much_ to do, but I haven't been heavily involved with
this project before, so thought this was a sufficient amount to put up
and see what the feedback is.
Linters that I have enabled which highlighted some of these issues
include:
* `pylint`
* `flake8`
* `pycodestyle`
2020-09-21 05:44:41 +00:00
|
|
|
|
2004-10-29 15:09:00 +00:00
|
|
|
if __name__ == "__main__":
|
|
|
|
main()
|