EyeSpy: C:/work/RevealedSystems/EyeSpy-RS/eyespy/src/objects/storage/sqlite3Impl.py Source File

00001 # Copyright (C) 2008-2009  Mark Hanegraaff
00002 #
00003 # This program is free software: you can redistribute it and/or modify
00004 # it under the terms of the GNU General Public License as published by
00005 # the Free Software Foundation, either version 3 of the License, or
00006 # (at your option) any later version.
00007 #
00008 # This program is distributed in the hope that it will be useful,
00009 # but WITHOUT ANY WARRANTY; without even the implied warranty of
00010 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
00011 # GNU General Public License for more details.
00012 #
00013 # You should have received a copy of the GNU General Public License
00014 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
00015 
00016 from objects.logic.common.exception import exception
00017 from pysqlite2 import dbapi2 as sqlite
00018 from objects.storage.storageInterface import storageInterface
00019 from objects.logic.common.logger import logger
00020 import time
00021 import shutil
00022 from objects.logic.common.globalStrings import globalStrings
00023 
00024 import base64
00025 import os
00026 
00027 
00028 
00029 ## The sqlite3Impl class is the implementation of the storageInterface using SQLLite. 
00030 # SQLLite is a public domain SQL database available from (www.sqlite.org) 
00031 class sqlite3Impl(storageInterface):
00032     
00033     def __init__(self, storageFile):
00034         
00035         # error call back function, should take 1 string parameter
00036         # representing the actual error
00037         self.errorCallBackFunc = None        
00038         
00039         self.cur  = None
00040         self.conn = None
00041         
00042         self.recID = 0
00043         
00044         self.storageFile = storageFile
00045         self.successful = False
00046         
00047             
00048             
00049     ## Creates the SQLite storage file. Note that an empty database file (named capture.tpl) must be created ahead of time. 
00050     # The capture file is created using the following SQLite statement:
00051     #
00052     # BEGIN TRANSACTION;
00053     # CREATE TABLE raw_packets (timestamp NUMERIC, appRawData BLOB, inetRawData BLOB, xportRawData BLOB, recID INTEGER PRIMARY KEY, dstPort NUMERIC, inetProtocol NUMERIC, srcPort NUMERIC, xportProtocol NUMERIC, dstIP TEXT, srcIP TEXT);
00054     # CREATE INDEX dstIPIdx ON raw_packets(dstIP ASC);
00055     # CREATE INDEX dstPortIdx ON raw_packets(dstPort ASC);
00056     # CREATE INDEX srcIPIdx ON raw_packets(srcIP ASC);
00057     # CREATE INDEX srcPortIdx ON raw_packets(srcPort ASC);
00058     # COMMIT;
00059     def createStorage(self):
00060         
00061         self.deleteStorage()
00062         
00063         try:
00064             # copy the template file into the actual storage file
00065             shutil.copyfile(globalStrings.traceStorageTemplate, self.storageFile)
00066                         
00067         except Exception, ex:
00068             strErr = "Could not create trace storage file.\nThere was an error creating physical storage file %s:\n %s" % (self.storageFile, str(ex))
00069             logger.log(__name__ + ": " + strErr)
00070             raise Exception, strErr
00071            
00072         self.successful = True
00073     
00074     def deleteStorage(self):
00075         try:
00076             os.remove(self.storageFile)
00077         except Exception, ex:
00078             logger.log(__name__ + ": Warning -- Could not delete storage file: " + str(ex))
00079         
00080         
00081         
00082     ## Opens the storage file    
00083     def open(self): 
00084         try:
00085             self.conn = sqlite.connect(self.storageFile)
00086             self.cur =  self.conn.cursor()
00087         except Exception, ex:
00088             logger.log(__name__ + ": Could not open sqlite database")
00089             logger.log(ex)
00090             
00091             raise ex                
00092         
00093         
00094         
00095     ## Closes the storage file
00096     def close(self): 
00097         try:
00098             if self.cur is not None:
00099                 self.cur.close()
00100             
00101             if self.conn is not None:
00102                 self.conn.close()
00103         except Exception, ex:
00104             logger.log(__name__ + ": Could not close sqlite database")
00105             logger.log(ex)
00106              
00107             raise ex
00108 
00109         
00110         
00111     ## Saves a single decodedPacketDict Object to the database. 
00112     # @param decodedPacketDict Dictionary
00113     def store(self, decodedPacketDict):
00114         
00115         if self.successful == False:
00116             logger.log(__name__ + ": Cannot insert data into the storage database, because there was an error during its creation")
00117             return
00118         
00119         # this needs to be removed once the network decoding has been completed
00120         if decodedPacketDict == None:
00121             return
00122     
00123         # a restriction of SQLite is that all operations must be done in the same thread.
00124         
00125         try:
00126             netHeader   = sqlite.Binary(decodedPacketDict['networkHeader'])
00127             xportHeader = sqlite.Binary(decodedPacketDict['transportHeader'])
00128             
00129             netHeader     = base64.encodestring(netHeader)
00130             xportHeader   = base64.encodestring(xportHeader)
00131             
00132             if decodedPacketDict['payload'] != None:
00133                 payload       = base64.encodestring(decodedPacketDict['payload'])
00134             else:
00135                 payload = None
00136             
00137             
00138             vals = (self.recID, time.time(), decodedPacketDict['sourceIP'],
00139                         decodedPacketDict['destIP'], decodedPacketDict['sourcePort'],
00140                         decodedPacketDict['destPort'], 
00141                         decodedPacketDict['netProtocol'], decodedPacketDict['transportProtocol'],
00142                         netHeader, xportHeader, payload)
00143             
00144             self.cur.execute("""insert into raw_packets
00145                                 (recID, 
00146                                  timestamp, 
00147                                  srcIP, 
00148                                  dstIP, 
00149                                  srcPort, 
00150                                  dstPort, 
00151                                  inetProtocol, 
00152                                  xportProtocol, 
00153                                  inetRawData, 
00154                                  xportRawData, 
00155                                  appRawData)
00156                       values (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)""", vals)
00157                                 
00158             self.recID += 1
00159         except Exception, ex:
00160                logger.log(__name__ + ": There was an error storing packet to database")
00161                logger.log(ex)
00162   
00163     
00164     
00165     ## Performs a Commit.
00166     def commit(self):
00167         try:
00168             self.conn.commit()
00169         except Exception, ex:
00170                logger.log(__name__ + ": There was an error committing data")
00171                logger.log(ex)   
00172                raise ex     
00173     
00174     ## Deleted all data from the database file.
00175     def clear(self):         
00176         try:
00177             self.open()
00178             self.cur.execute("""delete from raw_packets""")
00179             
00180             # Save (commit) the changes
00181             self.conn.commit()
00182             self.recID = 0
00183             
00184             self.close()
00185         except Exception, ex:
00186                logger.log(__name__ + ": Could not clear packet database")
00187                logger.log(ex)
00188                raise ex   
00189     
00190     
00191     ## Returns the size of the database file in KB     
00192     def getStorageSizeBytes(self):
00193         
00194         try:
00195             statInfo = os.stat(globalStrings.traceStoragePath)
00196             fileSze = statInfo.st_size  
00197             return fileSze
00198         except Exception, ex:
00199             logger.log(__name__ + ": There was an error figuring out storage file size")
00200             logger.log(ex)
00201             return 0
00202         else:
00203             return fileSze
00204     
00205     
00206     
00207     ## Returns a RecordEet given the supplied parameters
00208     # @param dstIP Destination IP Address String
00209     # @param srcPort Source Port Integer
00210     # @param  dstPort Destination Port Integer
00211     def query(self, dstIP, srcPort, dstPort):
00212         
00213         try:
00214             
00215             self.resultSet = []
00216             
00217             vals = (dstIP, dstIP, srcPort, srcPort, dstPort, dstPort)
00218             
00219             query = """select timestamp,
00220                                        srcIP,
00221                                        dstIP,
00222                                        srcPort,
00223                                        dstPort,
00224                                        inetProtocol,
00225                                        xportProtocol,
00226                                        inetRawData, xportRawData, appRawData 
00227                                 from raw_packets
00228                                 where (srcIP = ? or dstIP = ?)
00229                                   and ( (srcPort = ? or srcPort = 0) or (dstPort = ? or dstPort = 0))
00230                                   and ( (srcPort = ? or srcPort = 0) or (dstPort = ? or dstPort = 0))
00231                                 order by recID asc"""
00232                                 
00233             print query, vals
00234             
00235             self.cur.execute(query, vals)
00236             
00237             map(self.__decodeAndAppend, self.cur)
00238             
00239             return self.resultSet
00240         
00241         except Exception, ex:
00242                logger.log(__name__ + ": Could not query database")
00243                logger.log(ex)
00244                
00245                raise ex
00246     
00247     
00248     ## Since all data is stored in Base64 format, this function will perform the appropriate decoding
00249     # @param row Tuple representing a single row of data.
00250     def __decodeAndAppend(self, row):
00251         
00252         ts, srcip, dstip, srcprt, dstprt, inetp, xportp, netHdr, xptHdr, payload = row
00253         
00254         netHdr  = base64.decodestring(netHdr)
00255         xptHdr  = base64.decodestring(xptHdr)
00256         
00257         if payload != None:
00258             payload = base64.decodestring(payload)
00259         
00260         self.resultSet.append((ts, srcip, dstip, srcprt, dstprt, inetp, xportp, netHdr, xptHdr, payload))
00261         
00262         
00263                                  
00264         
00265