Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Calculate independent FMSs for each symbol message (fixes #15) #19

Closed
wants to merge 41 commits into from
Closed

Calculate independent FMSs for each symbol message (fixes #15) #19

wants to merge 41 commits into from

Conversation

techge
Copy link
Contributor

@techge techge commented Aug 10, 2021
edited
Loading

symbolListFMS did only calculate FMS for one message, instead of all
message of a symbol. Now it is create a DissectorMatcher object for each
message of the symbol and thus creates a FMS list of all message of
a symbol.

As far as I can see, the TODO is already mentioning the problem I ran into: the code as it is does only add one message, not all. I cleaned it up. I think it is working as intended now. Or am I missing anything here? Works for me so far :) and for netzob_fms.py and nemesys_fms.py as far as I can see...

Would fix #15

skleber and others added 30 commits September 19, 2018 16:59
@skleber
add sample PCAPS, licence, and readme
139b6d7
@skleber
Sources of PCAPs
9e3878f
@skleber
type hints for ParsedMessage constructor
bab5f43
@skleber
fix class attributes
2536a24
@skleber
project metadata and hidden pcaps
c2602d3
@skleber
pc md
8f0b7c4
@skleber
parsing workaround for broken IRC message delimiter dissection
5153a04
@skleber
remove unused 3D plotting (spares the module dependency)
0ff3de2
@skleber
clean up private data for release
735236f
@skleber
parsing workaround for broken IRC message delimiter dissection; remov…
8eb68c9 
…e unused code
@skleber
improve introduction in README, add requirements
f1e2742
@skleber
add layer parameter to all scripts
197e34d
@skleber
add some first and basic doctests
f7222f3
@skleber
changed dependency on Netzob from version in official repo to my fixes
ff4a5f0
@skleber
improve introduction in README, add requirements
6d9000a
@skleber
improve introduction in README, add requirements, some first and basi…
19b4241 
…c doctests, and add layer parameter to all scripts
@skleber
changed dependency on Netzob from version in official repo to my fixes
d14cefe
@skleber
fix repository in README
168bd84
@skleber
compatibility to tshark 2.6.3 json output
4bf65f1
@skleber
README update: compatibility
3e1f0c2
@skleber
compatibility to tshark 2.6.3 JSON output
cc87d74
@skleber
initate NEMETYL development
2965cdd
@skleber
massive code cleanup, refactor AbstractSegment and its type hints to …
7573bd1 
…allow for simpler subtype checks
@skleber
finish NEMETYL development, INFOCOM2020 paper release
5e52cfa
@skleber
Merge branch 'release' into github_master
91360c9 
* release:
  finish NEMETYL development, INFOCOM2020 paper release
  massive code cleanup, refactor AbstractSegment and its type hints to allow for simpler subtype checks
  initate NEMETYL development
  README update: compatibility
  compatibility to tshark 2.6.3 json output
@skleber
refactor to new top-level package nemere; major enhancements and cleanup
679a2ea
@techge
Handle filename collision gracefully
1f8cb27
@techge
Actually use the --interactive flag
315c988
@techge
Add Dockerfile (vs-uulm#3)
fa665a7 
* pin versions

* sort requirements.txt

* Remove netzob, install manually instead

* Add Dockerfile

* rename workdir to nemere

* Pin netzob commit

* Install pylstar manually

pylstar is a dependency of netzob, but pip refuses to install it.
Therefore, we are just installing it manually befor installing netzob.
@skleber
Merge pull request vs-uulm#4 from techge/minor-fixes
966a669 
WIP: Minor fixes
skleber and others added 11 commits June 29, 2021 00:09
@skleber
Squashed commit of the following:
a0128d3 
    fix failing doctests
    remove namespace cluttering imports in nemere/__init__.py
    add some debug output per logger
    handle smb's NT IOCTL Data
    fix performance in getting tshark-version-compatible ParsingConstants
    fix typos
    fix parallel dissimilarity calculation
    fix minor doctest issues
    small fixes in main scripts
    add details in comments
@skleber
Squashed commit of the following:
ee51fad 
   fix failing doctests
   remove namespace cluttering imports in nemere/__init__.py
   add some debug output per logger
   handle smb's NT IOCTL Data
   fix performance in getting tshark-version-compatible ParsingConstants
   fix typos
   fix parallel dissimilarity calculation
   fix minor doctest issues
   small fixes in main scripts
   add details in comments
@skleber
Merge branch 'release' into github_master
c03cafd 
* release:
  Squashed commit of the following:
@techge
_getElementByName always returns a list now
387f4a1
@techge
Fix typo and add help info
092ecf8
@techge
Improve tshark integration into Docker container
48918ba
@techge
Add newer netaddr version
70007e0 
This shall overrided the version used by netzob which is deprecated and
results in python warnings because of old code.
@skleber
Merge pull request vs-uulm#9 from techge/message-parser
5887545 
_getElementByName always returns a list now
@skleber
Merge pull request vs-uulm#11 from techge/typos-and-docu
52541b2 
Typos and docu
@skleber
Squashed commit of the following:
4087944 
    simplify if-cascade in ParsedMessage._parseJSON
    add test cases for messageParser/ParsedMessage._getElementByName
    fix doctests to be called by nosetests
    added dns field for type lookup (by Mathias Wagner)
@techge
calculate independent FMSs for each symbol message
59645e3 
symbolListFMS did only calculate FMS for one message, instead of all
message of a symbol. Now it is create a DissectorMatcher object for each
message of the symbol and thus creates a FMS list of all message of
a symbol.
@skleber
Copy link
Contributor

skleber commented Jun 24, 2022

You (accidently) removed the WatchdogTimeout try-catch block that prevents a (almost) indefinite runtime for Symbols that Netzob essentially fails in parsing. Granted, this watchdog is a crude workaround, but still necessary in my eyes. Could you readd this in your PR?

skleber
skleber requested changes Jun 24, 2022
View reviewed changes
Copy link
Contributor

@skleber skleber left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

see my comment for the PR

@skleber
Copy link
Contributor

skleber commented Jan 21, 2024

Having a second look, it noticed, its not that easy, unfortunately.
Continue the discussion in the Issue #15.

@skleber skleber closed this Jan 21, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@skleber skleber skleber requested changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

FMS calculation only done for one message in a symbol
2 participants
@techge @skleber