Basic Chain

This module contains the BasicChain flow analysis chain which can be used by PATHspider’s Observer for recording source and destination addresses and packet/octet counts.

class pathspider.chains.basic.BasicChain[source]

This flow analysis chain records details from the TCP/IP headers.

Field Name Type Meaning
dip str Layer 3 (IPv4/IPv6) source address
sp int Layer 4 (TCP/UDP) source port
dp int Layer 4 (TCP/UDP) destination port
pkt_fwd int A count of the number of packets seen in the forward direction
pkt_rev int A count of the number of packets seen in the reverse direction
oct_fwd int A count of the number of octets seen in the forward direction
oct_rev int A count of the number of octets seen in the reverse direction
new_flow(rec, ip)[source]

New flow function that sets up basic flow information