Skip to content

Commit

Permalink
bumped version number and updated changelog
Browse files Browse the repository at this point in the history
  • Loading branch information
cedricbonhomme committed Jan 27, 2022
1 parent 0a5eec8 commit 129ba9e
Show file tree
Hide file tree
Showing 10 changed files with 93 additions and 57 deletions.
21 changes: 21 additions & 0 deletions .editorconfig
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
root = true

[*]
indent_style = space
indent_size = 4
insert_final_newline = true
trim_trailing_whitespace = true
end_of_line = lf
charset = utf-8
max_line_length = 88

[*.{yml,yaml,json,js,css,html}]
indent_size = 2

[*.{md,rst}]
trim_trailing_whitespace = false

# tabs 2 spaces for makefiles
[Makefile]
indent_style = tab
indent_size = 2
11 changes: 7 additions & 4 deletions .gitignore
Original file line number Diff line number Diff line change
@@ -1,20 +1,23 @@
# use glob syntax
syntax: glob

__pycache__/
*.py[cod]
*.sqlite[3]
.idea
*.elc
*.pyc
*~


IP_Link.egg-info/
*.egg-info/
dist/


# Temporary files (vim backups)
*.swp
*~

docs/_build/
ip-link/captures/
ip-link/data/
captures/
data/
data/
7 changes: 6 additions & 1 deletion NEWS.md
Original file line number Diff line number Diff line change
@@ -1,5 +1,11 @@
## Release History


### 0.4.1 (2022-01-27)

- various bugfixes.


### 0.4.0 (2022-01-21)

- major update of project dependencies and settings.
Expand All @@ -22,4 +28,3 @@
### 0.1.0 (2010-03-18)

- First official release of IP-Link.

29 changes: 18 additions & 11 deletions README.md
Original file line number Diff line number Diff line change
@@ -1,17 +1,16 @@
IP-Link
=======
# IP-Link

Presentation
------------
## Presentation

The goal of [IP-Link](https://git.sr.ht/~cedric/ip-link)
is to see the relationships between different IP from network traffic capture,
thus quickly for a given address with the IP that communicates the most.
IP-Link offers several visualization methods.


Installation
------------
## Installation

Python >= 3.8.

```bash
$ sudo apt install libpcap0.8
Expand All @@ -21,18 +20,26 @@ $ poetry install
$ poetry shell
```

Python >= 3.8.
## Quick example

```bash
$ mkdir captures data
$ sudo tcpdump -p -i enp5s0 -s 0 -w captures/snif.pcap
$ ip-link/pcap_to_object.py -i captures/snif.pcap -o data/dic.pyobj
$ ip-link/object_to_graphviz.py -i ./data/dic.pyobj
$ dot -Tpng -o ./data/graphviz.png ./data/ip.dot
$ xdg-open ./data/graphviz.png &
```



Tutorial and examples
---------------------
## Tutorial and examples

The site of IP-Link provides a complete
[tutorial](https://ip-link.readthedocs.io/en/latest/tutorial.html).


License
-------
## License

This software is licensed under
[GNU General Public License version 3](https://www.gnu.org/licenses/gpl-3.0.html).
Expand Down
22 changes: 11 additions & 11 deletions docs/bezier.rst
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ Currently, it is in alpha mode : scripts have only been tested on few files, the
But some results are interesting.


You will have to use the scrips located in the folder: **./source/bezier**.
You will have to use the scrips located in the folder: **./ip-link/bezier**.

SQLite DB Generation
~~~~~~~~~~~~~~~~~~~~
Expand Down Expand Up @@ -51,18 +51,18 @@ A basic one

.. code-block:: bash
cedric@debian:~/IP-Link/source/bezier$ ./pcap_to_sqlite.py -i ../capture.cap -o db.sqlite
cedric@debian:~/IP-Link/ip-link/bezier$ ./pcap_to_sqlite.py -i ../capture.cap -o db.sqlite
Creating table.
Reading pcap and inserting values in the table...
{17: 780, 6: 40356, 1: 555}
cedric@debian:~/IP-Link/source/bezier$ ./sqlite_to_object.py -i db.sqlite -o db.object
cedric@debian:~/IP-Link/ip-link/bezier$ ./sqlite_to_object.py -i db.sqlite -o db.object
DB connect
Query sent to the base :
SELECT ip_src, ip_dst, port_src, port_dst FROM ip_link
Serialization...
cedric@debian:~/IP-Link/source/bezier$ ./object_to_image.py -i db.object -o image.png
cedric@debian:~/IP-Link/ip-link/bezier$ ./object_to_image.py -i db.object -o image.png
Loading objet...
Generate Communication stats...
Number of communication: 41691
Expand All @@ -80,13 +80,13 @@ Between 2 IPs

.. code-block:: bash
cedric@debian:~/IP-Link/source/bezier$ ./sqlite_to_object.py -i db.sqlite -o db.object -r ip -p 192.168.1.2:62.231.97.142
cedric@debian:~/IP-Link/ip-link/bezier$ ./sqlite_to_object.py -i db.sqlite -o db.object -r ip -p 192.168.1.2:62.231.97.142
DB connect
Query sent to the base :
SELECT ip_src, ip_dst, port_src, port_dst FROM ip_link WHERE (ip_src = "192.168.1.2" AND ip_dst = "62.231.97.142") OR (ip_src = "62.231.97.142" AND ip_dst = "192.168.1.2")
Serialization...
cedric@debian:~/IP-Link/source/bezier$ ./object_to_image.py -i db.object -o image2.png
cedric@debian:~/IP-Link/ip-link/bezier$ ./object_to_image.py -i db.object -o image2.png
Loading objet...
Generate Communication stats...
Number of communication: 5100
Expand All @@ -104,13 +104,13 @@ With number limitation

.. code-block:: bash
cedric@debian:~/IP-Link/source/bezier$ ./sqlite_to_object.py -i db.sqlite -o db.object -r number -p 1000
cedric@debian:~/IP-Link/ip-link/bezier$ ./sqlite_to_object.py -i db.sqlite -o db.object -r number -p 1000
DB connect
Query sent to the base :
SELECT ip_src, ip_dst, port_src, port_dst FROM ip_link LIMIT 10000
Serialization...
cedric@debian:~/IP-Link/source/bezier$ ./object_to_image.py -i db.object -o image3.png
cedric@debian:~/IP-Link/ip-link/bezier$ ./object_to_image.py -i db.object -o image3.png
Loading objet...
Generate Communication stats...
Number of communication: 10000
Expand All @@ -128,18 +128,18 @@ A Ports-Scan

.. code-block:: bash
cedric@debian:~/IP-Link/source/bezier$ ./pcap_to_sqlite.py -i test.cap -o dbtest.sqlite
cedric@debian:~/IP-Link/ip-link/bezier$ ./pcap_to_sqlite.py -i test.cap -o dbtest.sqlite
Creating table.
Reading pcap and inserting values in the table...
{1: 3, 6: 855, 17: 2}
cedric@debian:~/IP-Link/source/bezier$ ./sqlite_to_object.py -i dbtest.sqlite -o dbtest.object -r all
cedric@debian:~/IP-Link/ip-link/bezier$ ./sqlite_to_object.py -i dbtest.sqlite -o dbtest.object -r all
DB connect
Query sent to the base :
SELECT ip_src, ip_dst, port_src, port_dst FROM ip_link
Serialization...
cedric@debian:~/IP-Link/source/bezier$ ./object_to_image.py -i dbtest.object -o test.png
cedric@debian:~/IP-Link/ip-link/bezier$ ./object_to_image.py -i dbtest.object -o test.png
Loading objet...
Generate Communication stats...
Number of communication: 857
Expand Down
8 changes: 4 additions & 4 deletions docs/index.rst
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ Welcome to IP-Link's documentation!
.. image:: _static/images/logo.png
:align: right

The goal of `IP-Link <https://gitlab.com/cedric/ip-link>`_ is to show the
The goal of `IP-Link <https://sr.ht/~cedric/ip-link>`_ is to show the
relationships between different IP addresses from network traffic capture,
thus quickly determining for a given address the IP address with which it
communicates the most.
Expand All @@ -21,10 +21,10 @@ Installation
.. code-block:: bash
$ sudo apt install libpcap0.8
$ git clone https://gitlab.com/cedric/ip-link.git
$ git clone https://git.sr.ht/~cedric/ip-link
$ cd ip-link/
$ pipenv install
$ pipenv shell
$ poetry install
$ poetry shell
How it works
Expand Down
44 changes: 22 additions & 22 deletions docs/tutorial.rst
Original file line number Diff line number Diff line change
Expand Up @@ -17,12 +17,12 @@ GraphViz
.. code-block:: bash
# create an object from the capture
cedric@debian:~/IP-Link/source$ ./pcap_to_object.py -i ~/captures/capture.pcap -o ~/data/dic.pyobj
cedric@debian:~/IP-Link/ip-link$ ./pcap_to_object.py -i ~/captures/capture.pcap -o ~/data/dic.pyobj
Reading pcap file...
Serialization...
# create the GraphViz graph
cedric@debian:~/IP-Link/source$ ./object_to_graphviz.py -i ~/data/dic.pyobj
cedric@debian:~/IP-Link/ip-link$ ./object_to_graphviz.py -i ~/data/dic.pyobj
Loading dictionary...
Creating GraphViz DOT file...
Writting file.
Expand Down Expand Up @@ -71,11 +71,11 @@ Generation of the input matrix for Circos

.. code-block:: bash
cedric@debian:~/ip-link/source$ ./pcap_to_object.py -i ~/captures/capture.pcap -o ~/data/capture.pyObj
cedric@debian:~/ip-link/ip-link$ ./pcap_to_object.py -i ~/captures/capture.pcap -o ~/data/capture.pyObj
Reading pcap file...
Serialization...
cedric@debian:~/ip-link/source$ ./object_to_circos.py -i ~/data/capture.pyObj -o ~/data/capture.circos
cedric@debian:~/ip-link/ip-link$ ./object_to_circos.py -i ~/data/capture.pyObj -o ~/data/capture.circos
Loading objet...
Searching IP that are source and destination...
Circos matrix generation...
Expand Down Expand Up @@ -114,19 +114,19 @@ Scatter plot with ploticus

.. code-block:: bash
cedric@debian:~/IP-Link/source$ ./pcap_to_object.py -i ~/captures/capture.cap
cedric@debian:~/IP-Link/ip-link$ ./pcap_to_object.py -i ~/captures/capture.cap
Reading pcap file...
Serialization...
cedric@debian:~/IP-Link/source$ ./sqlite_to_object.py -r tts -p 1231950347:1231950547
cedric@debian:~/IP-Link/ip-link$ ./sqlite_to_object.py -r tts -p 1231950347:1231950547
DB connect
Query sent to the base :
SELECT ip_src, ip_dst FROM ip_link WHERE tts >= 1231950347 AND tts <= 1231950547
Creating object...
Reading query result...
Serialization...
cedric@debian:~/IP-Link/source$ ./object_to_scatterplot.py
cedric@debian:~/IP-Link/ip-link$ ./object_to_scatterplot.py
Loading dictionary...
Creating categories file
Creating ploticus data file
Expand All @@ -146,9 +146,9 @@ Picviz

.. code-block:: bash
cedric@debian:~/IP-Link/source$ ./pcap_to_sqlite.py -i ~/captures/capture.cap -o ~/data/ip.sql
cedric@debian:~/IP-Link/ip-link$ ./pcap_to_sqlite.py -i ~/captures/capture.cap -o ~/data/ip.sql
cedric@debian:~/IP-Link/source$ ./sqlite_to_picviz.py -i ~/data/ip.sql -r time -p 2009-1-16-00-03-00:2009-1-16-00-05-00
cedric@debian:~/IP-Link/ip-link$ ./sqlite_to_picviz.py -i ~/data/ip.sql -r time -p 2009-1-16-00-03-00:2009-1-16-00-05-00
DB connect
Query sent to the base :
SELECT tts, ip_src, ip_dst FROM ip_link WHERE tts >= 1232060580.0 AND tts <= 1232060700.0
Expand All @@ -168,11 +168,11 @@ RealTime Graph 3D

.. code-block:: bash
cedric@debian:~/IP-Link/source$ ./pcap_to_object.py -i ~/captures/capture.pcap
cedric@debian:~/IP-Link/ip-link$ ./pcap_to_object.py -i ~/captures/capture.pcap
Reading pcap file...
Serialization...
cedric@debian:~/IP-Link/source$ ./object_to_rtgraph.py
cedric@debian:~/IP-Link/ip-link$ ./object_to_rtgraph.py
Result

Expand All @@ -186,17 +186,17 @@ MooWheel

.. code-block:: bash
cedric@debian:~/IP-Link/source$ ./pcap_to_sqlite.py -i ~/captures/capture.cap
cedric@debian:~/IP-Link/ip-link$ ./pcap_to_sqlite.py -i ~/captures/capture.cap
cedric@debian:~/IP-Link/source$ ./sqlite_to_object.py
cedric@debian:~/IP-Link/ip-link$ ./sqlite_to_object.py
DB connect
Query sent to the base :
SELECT ip_src, ip_dst FROM ip_link
Creating object...
Reading query result...
Serialization...
cedric@debian:~/IP-Link/source$ ./object_to_moowheel.py
cedric@debian:~/IP-Link/ip-link$ ./object_to_moowheel.py
Loading dictionary...
Creating MooWheel file...
Writting file.
Expand All @@ -211,15 +211,15 @@ If you want to see better, you can make a filter this way :

.. code-block:: bash
cedric@debian:~/IP-Link/source$ ./sqlite_to_object.py -r ip_src -p 212.110.251.3
cedric@debian:~/IP-Link/ip-link$ ./sqlite_to_object.py -r ip_src -p 212.110.251.3
DB connect
Query sent to the base :
SELECT ip_src, ip_dst FROM ip_link WHERE ip_src = "212.110.251.3"
Creating object...
Reading query result...
Serialization...
cedric@debian:~/IP-Link/source$ ./object_to_moowheel.py -q
cedric@debian:~/IP-Link/ip-link$ ./object_to_moowheel.py -q
Now, 82.0.72.48, 86.0.48.47, 125.211.214.144, 123.129.255.167 and 91.121.165.159 are missing. These IP are never contacted by 212.110.251.3.

Expand All @@ -231,14 +231,14 @@ Histogram

.. code-block:: bash
cedric@debian:~/IP-Link/source$ ./pcap_to_object.py -i ~/captures/capture.cap
cedric@debian:~/IP-Link/ip-link$ ./pcap_to_object.py -i ~/captures/capture.cap
Reading pcap file...
Serialization...
cedric@debian:~/IP-Link/source$ ./object_to_csv.py
cedric@debian:~/IP-Link/ip-link$ ./object_to_csv.py
Loading dictionary...
Writting CSV file...
cedric@debian:~/IP-Link/source$ ./csv_to_histogram.py -s 192.168.1.2
cedric@debian:~/IP-Link/ip-link$ ./csv_to_histogram.py -s 192.168.1.2
Result

Expand All @@ -253,17 +253,17 @@ Filter by date

.. code-block:: bash
cedric@debian:~/IP-Link/source$ ./sqlite_to_object.py -i ~/data/ip.sql -r time -p 2009-1-15-22-00-00:2009-1-16-02-00-00
cedric@debian:~/IP-Link/ip-link$ ./sqlite_to_object.py -i ~/data/ip.sql -r time -p 2009-1-15-22-00-00:2009-1-16-02-00-00
DB connect
Request sent to the base :
SELECT ip_src, ip_dst FROM ip_link WHERE tts >= 1232053200.0 AND tts <= 1232067600.0
Creating object...
Reading the result of the query...
Serialization...
cedric@debian:~/IP-Link/source$ ./object_to_graphviz.py -q
cedric@debian:~/IP-Link/ip-link$ ./object_to_graphviz.py -q
cedric@debian:~/IP-Link/source$ dot -Tpng data/ip.dot -o pic.png
cedric@debian:~/IP-Link/ip-link$ dot -Tpng data/ip.dot -o pic.png
Result

Expand Down
2 changes: 1 addition & 1 deletion ip-link/D3js/index.html
Original file line number Diff line number Diff line change
Expand Up @@ -192,6 +192,6 @@ <h1>Adjacency matrix</h1>

</script>
<p>Built with <a href="http://d3js.org/">d3.js</a> and
<a href="hhttps://gitlab.com/cedric/ip-link">IP-Link</a>.
<a href="https://sr.ht/~cedric/ip-link">IP-Link</a>.
</body>
</html>
Loading

0 comments on commit 129ba9e

Please sign in to comment.