Implement cli completely

This commit is contained in:
Jan Philipp Timme 2016-12-14 16:26:55 +01:00
parent 63a96e6ae6
commit f6d958533c
Signed by untrusted user: JPT
GPG Key ID: 5F2C85EC6F3754B7
1 changed files with 39 additions and 5 deletions

View File

@ -16,7 +16,9 @@ import org.apache.commons.cli.ParseException;
import com.tinkerpop.blueprints.impls.orient.OrientGraphNoTx; import com.tinkerpop.blueprints.impls.orient.OrientGraphNoTx;
import de.hsh.inform.orientdb_project.model.EthernetFrameModel; import de.hsh.inform.orientdb_project.model.EthernetFrameModel;
import de.hsh.inform.orientdb_project.model.HostModel;
import de.hsh.inform.orientdb_project.model.Model; import de.hsh.inform.orientdb_project.model.Model;
import de.hsh.inform.orientdb_project.model.TcpConnectionModel;
import de.hsh.inform.orientdb_project.orientdb.OrientDbHelperService; import de.hsh.inform.orientdb_project.orientdb.OrientDbHelperService;
import de.hsh.inform.orientdb_project.repository.EthernetFrameRepository; import de.hsh.inform.orientdb_project.repository.EthernetFrameRepository;
import de.hsh.inform.orientdb_project.repository.HostRepository; import de.hsh.inform.orientdb_project.repository.HostRepository;
@ -43,14 +45,14 @@ public class CommandLineInterface {
this.hostRepository = new HostRepository(this.ogf); this.hostRepository = new HostRepository(this.ogf);
this.ethernetFrameRepository = new EthernetFrameRepository(this.odhs.getDatabaseDocument()); this.ethernetFrameRepository = new EthernetFrameRepository(this.odhs.getDatabaseDocument());
options.addOption("e", "ethernetFramesByBytes", false, "Find ethernet frames that contain a given byte sequence."); options.addOption("e", "ethernetFramesByBytes", false, "Find ethernet frames that contain a given byte sequence. <bytes> - Try FF FF FF FF FF FF");
options.addOption("htoipp", "hostsByIpAndPort", false, "Find hosts that have tcp connections to a given ip address and port."); options.addOption("htoipp", "hostsByIpAndPort", false, "Find hosts that have tcp connections to a given ip address and port. (<ip> <port>) - Try 197.218.177.69 25");
options.addOption("htoex", "hostsByConnToExternalHosts", false, "Find hosts that have tcp connections to external hosts."); options.addOption("htoex", "hostsByConnToExternalHosts", false, "Find hosts that have tcp connections to external hosts.");
options.addOption("hinw", "hostsWithIncomingOnWellKnownPorts", false, "Find hosts that have incoming tcp connections on well known ports."); options.addOption("hinw", "hostsWithIncomingOnWellKnownPorts", false, "Find hosts that have incoming tcp connections on well known ports.");
options.addOption("ta", "tcpConnectionActiveAt", false, "Find tcp connections that were active at a given timestamp."); options.addOption("ta", "tcpConnectionActiveAt", false, "Find tcp connections that were active at a given timestamp. <timestamp> Try 901714389");
options.addOption("tbpm", "tcpConnectionBytesPerMinuteBetween", false, "Get datavolume (bytes per minute) between two given ip addresses."); options.addOption("tbpm", "tcpConnectionBytesPerMinuteBetween", false, "Get datavolume (bytes per minute) between two given ip addresses. <ipA> <ipB> - Try 172.16.114.207 206.251.19.72");
options.addOption("h", "help", false, "show help."); options.addOption("h", "help", false, "show help.");
options.addOption("q", "quit", false, "quit the program."); options.addOption("q", "quit", false, "quit the program.");
@ -80,8 +82,40 @@ public class CommandLineInterface {
} }
if(cmd.hasOption("htoipp")) { if(cmd.hasOption("htoipp")) {
String ipAddress = cmd.getArgs()[0];
int port = Integer.valueOf(cmd.getArgs()[1]);
List<HostModel> result = this.hostRepository.findByConnectionsTo(ipAddress, port);
System.out.println("Hosts that had connections to " + ipAddress + " " + port + ":");
this.printResults(result);
} }
if(cmd.hasOption("htoex")) {
List<HostModel> result = this.hostRepository.findAllByConnectionsToOutsideHosts();
System.out.println("Hosts that had connections to external hosts:");
this.printResults(result);
}
if(cmd.hasOption("hinw")) {
List<HostModel> result = this.hostRepository.findAllByIncomingConnectionOnWellKnownPort();
System.out.println("Hosts that had incoming connections on well known ports:");
this.printResults(result);
}
if(cmd.hasOption("ta")) {
long ts = Long.valueOf(cmd.getArgs()[0]);
System.out.println("Tcp connections active at given timestamp " + ts + ":");
List<TcpConnectionModel> result = this.tcpConnectionRepository.findByActiveWhen(ts);
this.printResults(result);
}
if(cmd.hasOption("tbpm")) {
String ipA = cmd.getArgs()[0];
String ipB = cmd.getArgs()[1];
System.out.println("Bytes per minute between " + ipA + " and " + ipB + ": ");
long bytesPerMinute = this.tcpConnectionRepository.getTotalDataVolumePerMinuteBetweenHosts(ipA, ipB);
System.out.println(bytesPerMinute + " bytes per minute");
}
} catch (ParseException e) { } catch (ParseException e) {
//log.log(Level.SEVERE, "Failed to parse comand line properties", e); //log.log(Level.SEVERE, "Failed to parse comand line properties", e);
log.log(Level.SEVERE, "I did not understand that. Sorry."); log.log(Level.SEVERE, "I did not understand that. Sorry.");