gered/pso_gc_tools
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

add nicer packet timestamp display in logging output

Browse source
This commit is contained in:
Gered 2021-11-25 17:08:51 -05:00
parent fa3b26285b
commit a8866064a5
2 changed files with 12 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
decrypt_packets/Cargo.toml
View file

@ -13,6 +13,7 @@ pcap = "0.8.1"
etherparse = "0.9.0" etherparse = "0.9.0"
libc = "0.2.94" libc = "0.2.94"
pretty-hex = "0.2.1" pretty-hex = "0.2.1"
chrono = "0.4.19"
[dependencies.psoutils] [dependencies.psoutils]
path = "../psoutils" path = "../psoutils"

21
decrypt_packets/src/pcap.rs
View file

@ -6,6 +6,7 @@ use std::net::{IpAddr, SocketAddr};
use std::path::Path; use std::path::Path;
use anyhow::{anyhow, Context, Result}; use anyhow::{anyhow, Context, Result};
use chrono::{DateTime, TimeZone, Utc};
use etherparse::{IpHeader, PacketHeaders}; use etherparse::{IpHeader, PacketHeaders};
use pcap::{Capture, Offline}; use pcap::{Capture, Offline};
use pretty_hex::*; use pretty_hex::*;
@ -15,6 +16,10 @@ use psoutils::encryption::{Crypter, GCCrypter};
use psoutils::packets::init::InitEncryptionPacket; use psoutils::packets::init::InitEncryptionPacket;
use psoutils::packets::{GenericPacket, PacketHeader}; use psoutils::packets::{GenericPacket, PacketHeader};
fn timeval_to_dt(ts: &::libc::timeval) -> DateTime<Utc> {
Utc.timestamp(ts.tv_sec, ts.tv_usec as u32 * 1000)
}
#[derive(Error, Debug)] #[derive(Error, Debug)]
enum TcpDataPacketError { enum TcpDataPacketError {
#[error("No IpHeader in packet")] #[error("No IpHeader in packet")]
@ -324,19 +329,15 @@ pub fn analyze(path: &Path) -> Result<()> {
while let Ok(raw_packet) = cap.next() { while let Ok(raw_packet) = cap.next() {
if let Ok(decoded_packet) = PacketHeaders::from_ethernet_slice(raw_packet.data) { if let Ok(decoded_packet) = PacketHeaders::from_ethernet_slice(raw_packet.data) {
if let Ok(our_packet) = TcpDataPacket::try_from(decoded_packet) { if let Ok(our_packet) = TcpDataPacket::try_from(decoded_packet) {
println!( let dt = timeval_to_dt(&raw_packet.header.ts);
">>>> packet at ts: {}.{} - {:?}\n",
raw_packet.header.ts.tv_sec, raw_packet.header.ts.tv_usec, our_packet println!("<<<<< {} >>>>> - {:?}\n", dt, our_packet);
);
let peer_address = our_packet.source; let peer_address = our_packet.source;
session.process_packet(our_packet).with_context(|| { session
format!( .process_packet(our_packet)
"Session failed to process packet at ts: {}.{}", .context("Session failed to process packet")?;
raw_packet.header.ts.tv_sec, raw_packet.header.ts.tv_usec
)
})?;
if let Some(peer) = session.get_peer(peer_address) { if let Some(peer) = session.get_peer(peer_address) {
while let Some(pso_packet) = peer.next() { while let Some(pso_packet) = peer.next() {