Ari-Roda · September 17, 2018 08:16
diff --git a/scapy b/scapy
 from scapy.all import *    #import scapy module to python
 from sklearn.externals import joblib
 import pandas as pd

 thisdict =	{ 1:"icmp",3:"ggp",6: "tcp", 11:"nvp", 12:"pup", 17: "udp", 28:"irtp",39: "tp++", 41:"ipv6" , 42:"sdrp",46:"rsvp", 47: "gre", 53: "swipe" ,55:"mobile" , 56: "tlsp", 57: "skip" , 59:"ipv6-no", 77: "sun-nd", 87: "tcf" ,89: "ospf", 103: "pim", 105:"scps",129:"iplt", 132: "sctp",
              133:"fc", 82:"secure-vmtp", 94:"ipip", 108:"ipcomp", 85:"nsfnet-igp", 100:"gmtp", 25:"leaf-1", 98:"encap", 95:"micp", 84:"ttp",86:"dgp", 32:"merit-inp", 10: "bbn-rcc", 109:"snp", 15:"xnet",
              44:"ipv6-frag", 79:"wb-expak", 69:"sat-mon", 7:"cbt", 107:"a/n", 23:"trunk-1", 70:"visa", 27:"rdp", 18:"mux", 104:"aris", 20:"hmp", 75:"pvp", 64:"sat-expak", 121:"smp", 22:"xns-idp", 30:"netblt",
              126:"crtp", 16:"chaos", 131:"pipe", 31:"mfe-nsp", 40:"il", 110:"compaq-peer", 92:"mtp", 120:"uti", 90:"sprite-rpc", 24:"trunk-2", 74:"wsn", 37:"ddp", 76:"br-sat-mon",80:"iso-ip", 8:"egp",
              36:"xtp", 45:"idrp", 14:"emcon", 101:"ifmp", 123:"ptp", 67:"ippc",83:"vines", 34:"3pc", 117:"iatp", 26:"leaf-2", 9:"igp", 62:"cftp", 54:"narp", 111:"ipx-n-ip", 93:"ax.25", 78:"wb-mon", 21:"prm",
              88:"eigrp", 66:"rvd", 52:"nlsp", 13:"argus", 72:"cpnx", 65:"kryptolan", 127:"crudp", 118:"stp", 38:"idpr-cmtp", 49:"bna", 113:"pgm", 116:"ddx", 115:"l2tp", 81:"vmtp", 119:"srp", 97:"etherip",
              124:"isis", 91:"larp", 35:"idpr", 60:"ipv6-opts", 29:"iso-tp4", 122:"sm", 73:"cphb", 125:"fire", 43:"ipv6-route", 130:"sps", 112:"vrrp", 102:"pnni", 71:"ipcv", 2:"igmp", 50:"esp",
              128:"sccopmce", 4:"ipnip"}

 services = {53: "dns", 80: "http", 20: "ftp-data", 21: "ftp-data", 25: "smtp", 20: "ftp", 22: "ssh", 110: "pop3", 67: "dhcp", 68: "dhcp", 443: "ssl", 161: "snmp", 1812: "radius", 1645: "radius", 194: "irc", 69: "ftp-data"}

 host_ip = "192.168.1.1"

 def get_protocol(proto):
    for key, value in thisdict.items():
        if key == proto:
            pckt_proto = value
            return pckt_proto

 def get_service(sport):
    for key, value in services.items():
        if key == sport:
            pckt_srvc = value
            return pckt_srvc

 def codeit(df):

    obj_df = df.select_dtypes(include=['object']).copy()
    obj_df = obj_df.astype('category')

    #obj_df values before doing cat.codes

    obj_df["srcip"] = obj_df["srcip"].cat.codes
    obj_df["sport"] = obj_df["sport"].cat.codes
    obj_df["dstip"] = obj_df["dstip"].cat.codes
    obj_df["dsport"] = obj_df["dsport"].cat.codes
    obj_df["proto"] = obj_df["proto"].cat.codes
    obj_df["service"] = obj_df["service"].cat.codes

    print (obj_df) # obj_df dataframe has all zeros after doing cat.codes

    x_features = obj_df[["srcip", "sport", "dstip", "dsport", "proto", "service"]]
    return x_features

 def sniffPackets(packet):  # custom custom packet sniffer action method
    entry_dict = {}
    if packet.haslayer(IP):
        if packet[IP].src != host_ip:
            pckt_src = packet[IP].src
            pckt_sport = packet[IP].sport
            pckt_dst = packet[IP].dst
            pckt_dport = packet[IP].dport
            pckt_proto = get_protocol(packet[IP].proto)
            pckt_srv = get_service(packet[IP].sport)

            df = pd.DataFrame({'srcip':[pckt_src],'sport':[pckt_sport], 'dstip':[pckt_dst], 'dsport':[pckt_dport], 'proto':[pckt_proto], 'service':[pckt_srv]})

            df["sport"] = df["sport"].astype(object)
            df["dsport"] = df["dsport"].astype(object)

            codeit(df)


 def main():
    sniff(filter="ip",iface="Intel(R) Ethernet Connection (2) I218-V",prn=sniffPackets)

 if __name__ == '__main__':
    loaded_model = joblib.load("nettraffic_modelp2.sav")
    main()
	from scapy.all import * #import scapy module to python
	from sklearn.externals import joblib
	import pandas as pd

	thisdict = { 1:"icmp",3:"ggp",6: "tcp", 11:"nvp", 12:"pup", 17: "udp", 28:"irtp",39: "tp++", 41:"ipv6" , 42:"sdrp",46:"rsvp", 47: "gre", 53: "swipe" ,55:"mobile" , 56: "tlsp", 57: "skip" , 59:"ipv6-no", 77: "sun-nd", 87: "tcf" ,89: "ospf", 103: "pim", 105:"scps",129:"iplt", 132: "sctp",
	133:"fc", 82:"secure-vmtp", 94:"ipip", 108:"ipcomp", 85:"nsfnet-igp", 100:"gmtp", 25:"leaf-1", 98:"encap", 95:"micp", 84:"ttp",86:"dgp", 32:"merit-inp", 10: "bbn-rcc", 109:"snp", 15:"xnet",
	44:"ipv6-frag", 79:"wb-expak", 69:"sat-mon", 7:"cbt", 107:"a/n", 23:"trunk-1", 70:"visa", 27:"rdp", 18:"mux", 104:"aris", 20:"hmp", 75:"pvp", 64:"sat-expak", 121:"smp", 22:"xns-idp", 30:"netblt",
	126:"crtp", 16:"chaos", 131:"pipe", 31:"mfe-nsp", 40:"il", 110:"compaq-peer", 92:"mtp", 120:"uti", 90:"sprite-rpc", 24:"trunk-2", 74:"wsn", 37:"ddp", 76:"br-sat-mon",80:"iso-ip", 8:"egp",
	36:"xtp", 45:"idrp", 14:"emcon", 101:"ifmp", 123:"ptp", 67:"ippc",83:"vines", 34:"3pc", 117:"iatp", 26:"leaf-2", 9:"igp", 62:"cftp", 54:"narp", 111:"ipx-n-ip", 93:"ax.25", 78:"wb-mon", 21:"prm",
	88:"eigrp", 66:"rvd", 52:"nlsp", 13:"argus", 72:"cpnx", 65:"kryptolan", 127:"crudp", 118:"stp", 38:"idpr-cmtp", 49:"bna", 113:"pgm", 116:"ddx", 115:"l2tp", 81:"vmtp", 119:"srp", 97:"etherip",
	124:"isis", 91:"larp", 35:"idpr", 60:"ipv6-opts", 29:"iso-tp4", 122:"sm", 73:"cphb", 125:"fire", 43:"ipv6-route", 130:"sps", 112:"vrrp", 102:"pnni", 71:"ipcv", 2:"igmp", 50:"esp",
	128:"sccopmce", 4:"ipnip"}

	services = {53: "dns", 80: "http", 20: "ftp-data", 21: "ftp-data", 25: "smtp", 20: "ftp", 22: "ssh", 110: "pop3", 67: "dhcp", 68: "dhcp", 443: "ssl", 161: "snmp", 1812: "radius", 1645: "radius", 194: "irc", 69: "ftp-data"}

	host_ip = "192.168.1.1"

	def get_protocol(proto):
	for key, value in thisdict.items():
	if key == proto:
	pckt_proto = value
	return pckt_proto

	def get_service(sport):
	for key, value in services.items():
	if key == sport:
	pckt_srvc = value
	return pckt_srvc

	def codeit(df):

	obj_df = df.select_dtypes(include=['object']).copy()
	obj_df = obj_df.astype('category')

	#obj_df values before doing cat.codes

	obj_df["srcip"] = obj_df["srcip"].cat.codes
	obj_df["sport"] = obj_df["sport"].cat.codes
	obj_df["dstip"] = obj_df["dstip"].cat.codes
	obj_df["dsport"] = obj_df["dsport"].cat.codes
	obj_df["proto"] = obj_df["proto"].cat.codes
	obj_df["service"] = obj_df["service"].cat.codes

	print (obj_df) # obj_df dataframe has all zeros after doing cat.codes

	x_features = obj_df[["srcip", "sport", "dstip", "dsport", "proto", "service"]]
	return x_features

	def sniffPackets(packet): # custom custom packet sniffer action method
	entry_dict = {}
	if packet.haslayer(IP):
	if packet[IP].src != host_ip:
	pckt_src = packet[IP].src
	pckt_sport = packet[IP].sport
	pckt_dst = packet[IP].dst
	pckt_dport = packet[IP].dport
	pckt_proto = get_protocol(packet[IP].proto)
	pckt_srv = get_service(packet[IP].sport)

	df = pd.DataFrame({'srcip':[pckt_src],'sport':[pckt_sport], 'dstip':[pckt_dst], 'dsport':[pckt_dport], 'proto':[pckt_proto], 'service':[pckt_srv]})

	df["sport"] = df["sport"].astype(object)
	df["dsport"] = df["dsport"].astype(object)

	codeit(df)


	def main():
	sniff(filter="ip",iface="Intel(R) Ethernet Connection (2) I218-V",prn=sniffPackets)

	if __name__ == '__main__':
	loaded_model = joblib.load("nettraffic_modelp2.sav")
	main()