System Entrypoint¶
- File location:
Bundled implementation:
source/client/python/__main__.pyCluster implementation:
cluster/core/source/python/__main__.py
This file wraps the whole system and make the python folder callable
as a module where the __main__.py will be considered as the entrypoint.
- __main__.PCAP_MGC = (b'\xa1\xb2\x3c\x4d', b'\xa1\xb2\xc3\xd4', b'\x4d\x3c\xb2\xa1', b'\xd4\xc3\xb2\xa1', b'\x0a\x0d\x0d\x0a')¶
A tuple of magic numbers for PCAP files:
a1 b2 3c 4d # PCAP files in big endian with nanosecond timestamp a1 b2 c3 d4 # PCAP files in big endian 4d 3c b2 a1 # PCAP files in little endian with nanosecond timestamp d4 c3 b2 a1 # PCAP files in little endian 0a 0d 0d 0a # PCAPng files
- __main__.parse_args(argv: List[str])¶
Parse command line arguments (path to PCAP files) and fetch valid PCAP files.
Note
If a directory is provided, it will be recursively listed with
listdir().
- __main__.check_history()¶
Check processed PCAP files.
Note
Processed PCAP files will be recorded at
const.FILE.- Returns:
List of processed PCAP files.
- Return type:
List[str]
- __main__.main_with_args()¶
Run the BroAPT system with command line arguments.
Note
The process will exit once all PCAP files fetched from the paths given by the command line arguments are processed.
- Returns:
Exit code.
- Return type:
- __main__.main_with_no_args()¶
Run the BroAPT system without command line arguments.
Note
The process will run and check for new PCAP files from
const.PCAP_PATHindefinitely.
- __main__.main()¶
Run the BroAPT-App framework under the context of
remote.remote_proc().- Returns:
Exit code.
- Return type:
See also
