soe_network_parser_lib/modules/
pcap_extraction.rs1use super::pcap_struct::*;
2use super::utils::*;
3use std::fs;
4
5pub struct ExtractedPacket {
6 pub sender: String,
7 pub data: Vec<u8>,
8}
9
10pub fn extract_raw_data_from_pcap(
11 contents: String,
12 output_directory: &String,
13 server_port: &str,
14 max_packets: usize,
15 extract_raw_data: bool,
16 analysis_only: bool,
17) -> Vec<ExtractedPacket> {
18 let packets: Vec<Packet> = serde_json::from_str(&contents).unwrap();
20 let mut extracted_packets: Vec<ExtractedPacket> = Vec::new();
21 for packet in packets {
22 if packet.source.layers.udp.is_some() {
23 let udp = packet.source.layers.udp.unwrap();
24 if udp.udp_srcport == server_port || udp.udp_dstport == server_port {
25 if packet.source.layers.data.is_some() {
26 let payload = packet.source.layers.data.unwrap().data_data;
27 let buff = convert_payload_to_buff(payload);
28 let sender;
29 if udp.udp_srcport == server_port {
30 sender = "server"
31 } else {
32 sender = "client"
33 }
34 extracted_packets.push(ExtractedPacket {
35 sender: sender.to_owned(),
36 data: buff,
37 });
38 }
39 }
40 }
41 if max_packets > 0 && extracted_packets.len() >= max_packets {
42 break;
43 }
44 }
45
46 println!("{} packets extracted", extracted_packets.len());
48 if !analysis_only {
50 create_if_doesnt_exist(output_directory);
51 if extract_raw_data {
52 let mut index: u32 = 0;
53 for extracted_packet in &extracted_packets {
54 index += 1;
55 let mut file_name: String = output_directory.to_owned();
56 file_name.push_str(&index.to_string());
57 file_name.push_str("-");
58 file_name.push_str(&extracted_packet.sender);
59 file_name.push_str(".bin");
60 fs::write(file_name, &extracted_packet.data).expect("Unable to write to file");
61 }
62 }
63 }
64 return extracted_packets;
65}