1from operator import itemgetter
2from datetime import datetime, timezone
3from typing import Any
4
5from pcapng_utils import __version__
6from .types import ParsedTrafficProtocol
7from .wrapper import TsharkOutput
8
9
[docs]
10class NetworkTrafficDump:
11 """
12 The NetworkTrafficDump class is designed to handle and process network traffic data.
13
14 Attributes:
15 creation_metadata (dict): Some metadata of input file to export in HAR creator comment
16 traffic (list[dict]): A list of dictionaries containing traffic data.
17 parsed_traffic (dict[class, instance]): Mapping of parsed traffic per protocol class
18 (e.g. Http1Traffic, Http2Traffic)
19 """
20
21 def __init__(self, tshark_output: TsharkOutput):
22 self.traffic = tshark_output.list_layers
23 self.creation_metadata = {
24 "creation_datetime": datetime.now(timezone.utc).isoformat(),
25 **tshark_output.metadata,
26 }
27 self.parsed_traffic: dict[
28 type[ParsedTrafficProtocol], ParsedTrafficProtocol
29 ] = {}
30
[docs]
31 def parse_traffic(self) -> None:
32 """
33 Parse the HTTP1 and HTTP2 network traffic.
34 """
35 from .protocols import PROTOCOLS
36
37 for protocol_class in PROTOCOLS:
38 self.parsed_traffic[protocol_class] = protocol_class(self.traffic)
39
[docs]
40 def to_har(self) -> dict[str, Any]:
41 """
42 Convert the network traffic data to HTTP Archive (HAR) format.
43
44 :return: the network traffic data in HAR format
45 """
46 entries = []
47 for parsed_traffic in self.parsed_traffic.values():
48 entries.extend(parsed_traffic.get_har_entries())
49 entries = sorted(entries, key=itemgetter("_timestamp"))
50 return {
51 "log": {
52 "version": "1.2",
53 "creator": {
54 "name": "PiRogue PCAPNG -> HAR",
55 "version": __version__,
56 "_metadata": self.creation_metadata,
57 },
58 "pages": [],
59 "entries": entries,
60 }
61 }