stanislavmykhailenko/NG_2024_PacketAnalyzer
Archived
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Implement protocol-related data output

Browse source
This commit is contained in:
Stanislav Mykhailenko 2024-09-06 12:21:24 +03:00
parent 6edccb90ca
commit 8ea5985e70
Signed by: stanislavmykhailenko
GPG key ID: 1E95E66A9C9D6A36
2 changed files with 108 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

103
packetmanager.cpp
View file

@ -111,6 +111,33 @@ QString PacketManager::getProtocolTypeAsString(pcpp::ProtocolType protocolType)
} }
} }
QString PacketManager::printHttpMethod(pcpp::HttpRequestLayer::HttpMethod httpMethod)
{
switch (httpMethod)
{
case pcpp::HttpRequestLayer::HttpGET:
return "GET";
case pcpp::HttpRequestLayer::HttpPOST:
return "POST";
case pcpp::HttpRequestLayer::HttpHEAD:
return "HEAD";
case pcpp::HttpRequestLayer::HttpPUT:
return "PUT";
case pcpp::HttpRequestLayer::HttpDELETE:
return "DELETE";
case pcpp::HttpRequestLayer::HttpCONNECT:
return "CONNECT";
case pcpp::HttpRequestLayer::HttpOPTIONS:
return "OPTIONS";
case pcpp::HttpRequestLayer::HttpTRACE:
return "TRACE";
case pcpp::HttpRequestLayer::HttpPATCH:
return "PATCH";
default:
return "Other";
}
}
QStringList PacketManager::getPacketSourceAndDestination(pcpp::Packet* packet) QStringList PacketManager::getPacketSourceAndDestination(pcpp::Packet* packet)
{ {
QString sourceIP = "Unknown"; QString sourceIP = "Unknown";
@ -140,5 +167,79 @@ QStringList PacketManager::getPacketSourceAndDestination(pcpp::Packet* packet)
QString PacketManager::getPacketData(pcpp::RawPacket *rawPacket) QString PacketManager::getPacketData(pcpp::RawPacket *rawPacket)
{ {
return QString::fromStdString(pcpp::byteArrayToHexString(rawPacket->getRawData(), rawPacket->getRawDataLen())); pcpp::Packet parsedPacket(rawPacket);
QString packetData = "";
QStringList sourceAndDestination = getPacketSourceAndDestination(&parsedPacket);
QString protocol = "Unknown";
for (pcpp::Layer* curLayer = parsedPacket.getFirstLayer(); curLayer != NULL; curLayer = curLayer->getNextLayer())
{
protocol = PacketManager::getProtocolTypeAsString(curLayer->getProtocol());
}
packetData.append("Protocol: " + protocol + '\n');
packetData.append("Source: " + sourceAndDestination[0] + '\n'
+ "Destination: " + sourceAndDestination[1] + '\n');
pcpp::EthLayer* ethernetLayer = parsedPacket.getLayerOfType<pcpp::EthLayer>();
if (ethernetLayer)
{
packetData.append("Source MAC address: " + QString::fromStdString(ethernetLayer->getSourceMac().toString()) + '\n'
+ "Destination MAC address: " + QString::fromStdString(ethernetLayer->getDestMac().toString()) + '\n'
+ "Ether type = 0x" + QString::number(pcpp::netToHost16(ethernetLayer->getEthHeader()->etherType), 16) + '\n');
}
pcpp::IPv4Layer* ipLayer = parsedPacket.getLayerOfType<pcpp::IPv4Layer>();
if (ipLayer)
{
packetData.append("Source IP address: " + QString::fromStdString(ipLayer->getSrcIPAddress().toString()) + '\n'
+ "Destination IP address: " + QString::fromStdString(ipLayer->getDstIPAddress().toString() + '\n')
+ "IP ID = 0x" + QString::number(pcpp::netToHost16(ipLayer->getIPv4Header()->ipId), 16) + '\n'
+ "TTL: " + QString::number(ipLayer->getIPv4Header()->timeToLive) + '\n');
}
pcpp::TcpLayer* tcpLayer = parsedPacket.getLayerOfType<pcpp::TcpLayer>();
if (tcpLayer)
{
packetData.append("Source TCP port: " + QString::number(tcpLayer->getSrcPort()) + '\n'
+ "Destination TCP port: " + QString::number(tcpLayer->getDstPort()) + '\n'
+ "Window size: " + QString::number(pcpp::netToHost16(tcpLayer->getTcpHeader()->windowSize), 16) + '\n'
+ "TCP flags: " + getTcpFlags(tcpLayer) + '\n');
}
pcpp::HttpRequestLayer* httpRequestLayer = parsedPacket.getLayerOfType<pcpp::HttpRequestLayer>();
if (httpRequestLayer)
{
packetData.append("HTTP method: " + printHttpMethod(httpRequestLayer->getFirstLine()->getMethod()) + '\n'
+ "HTTP URI: " + QString::fromStdString(httpRequestLayer->getFirstLine()->getUri()) + '\n');
}
packetData.append("Raw bytes: " + QString::fromStdString(pcpp::byteArrayToHexString(rawPacket->getRawData(), rawPacket->getRawDataLen())));
return packetData;
}
QString PacketManager::getTcpFlags(pcpp::TcpLayer *tcpLayer)
{
QString result = "";
if (tcpLayer->getTcpHeader()->synFlag == 1)
result += "SYN ";
if (tcpLayer->getTcpHeader()->ackFlag == 1)
result += "ACK ";
if (tcpLayer->getTcpHeader()->pshFlag == 1)
result += "PSH ";
if (tcpLayer->getTcpHeader()->cwrFlag == 1)
result += "CWR ";
if (tcpLayer->getTcpHeader()->urgFlag == 1)
result += "URG ";
if (tcpLayer->getTcpHeader()->eceFlag == 1)
result += "ECE ";
if (tcpLayer->getTcpHeader()->rstFlag == 1)
result += "RST ";
if (tcpLayer->getTcpHeader()->finFlag == 1)
result += "FIN ";
return result;
} }

6
packetmanager.h
View file

@ -3,9 +3,13 @@
#include <QObject> #include <QObject>
#include <GeneralUtils.h> #include <GeneralUtils.h>
#include <EthLayer.h>
#include <IPv4Layer.h> #include <IPv4Layer.h>
#include <IPv6Layer.h> #include <IPv6Layer.h>
#include <TcpLayer.h>
#include <HttpLayer.h>
#include <Packet.h> #include <Packet.h>
#include <SystemUtils.h>
class PacketManager : public QObject class PacketManager : public QObject
{ {
@ -13,8 +17,10 @@ class PacketManager : public QObject
public: public:
explicit PacketManager(QObject *parent = nullptr); explicit PacketManager(QObject *parent = nullptr);
static QString getProtocolTypeAsString(pcpp::ProtocolType); static QString getProtocolTypeAsString(pcpp::ProtocolType);
static QString printHttpMethod(pcpp::HttpRequestLayer::HttpMethod);
static QStringList getPacketSourceAndDestination(pcpp::Packet*); static QStringList getPacketSourceAndDestination(pcpp::Packet*);
static QString getPacketData(pcpp::RawPacket*); static QString getPacketData(pcpp::RawPacket*);
static QString getTcpFlags(pcpp::TcpLayer*);
signals: signals:
}; };