-
Notifications
You must be signed in to change notification settings - Fork 280
Research and Decisions (The Why?)
Srinivas P G edited this page Jul 1, 2019
·
8 revisions
IronMan: How did you solve the icing problem?
This page is dedicated to the research for different problems and the decision made which has been boiled down to code.
(This page will have iterative updates...)
* This was a bit of a challenge, so I initially routed all the packet to a hardcoded "defaultGateway" node
* Considering attack scenarios for a security tool, this cannot be done in a clean way
* Also, sometimes in valid scenario we dont see packets unicast to the gateway
* Internal LAN routes need to be supported
* Currently at Master, internal LAN works with traffic exiting the LAN routed to defaultGateway
* Recent changes at develop address this issue, a gateway identification is added ( hybrid routing of l2 and l3 was one solution )
* Initially routing was more focused on L3
* To support L2, recent changes have been made
* Following a hybrid route view method
* Pyshark
- Blocked by no Py2 support
- Similar problem: https://github.com/KimiNewt/pyshark/issues/303
* Scapy
* Pcapy
* libpcap
* Splitcap
* Pypcap
* dpkt
* PacketQ
* packetPig
* Primary concern is to reduce loops (iteration of each packet)
- scapy: possibility to fork and avoid one O(n) iteration
- Problem: Improve graph resolution to make things legible
- Tkinter with CefPython with some html/js magic - progress at cef branch (interactive_cef_work) + PyVis
- PyQt5 User Interface with VisPy or PyVis
If you have any better solution to any of the problems below, feel free to raise an issue/pull request.