Observer

class pathspider.observer.Observer(lturi, new_flow_chain=[], ip4_chain=[], ip6_chain=[], icmp4_chain=[], icmp6_chain=[], tcp_chain=[], udp_chain=[], l4_chain=[], idle_timeout=30, expiry_timeout=5)[source]

Wraps a packet source identified by a libtrace URI, parses packets to divide them into flows, passing these packets and flows onto a function chain to allow data to be associated with each flow.

__init__(lturi, new_flow_chain=[], ip4_chain=[], ip6_chain=[], icmp4_chain=[], icmp6_chain=[], tcp_chain=[], udp_chain=[], l4_chain=[], idle_timeout=30, expiry_timeout=5)[source]

Create an Observer.

Parameters:
  • new_flow_chain (array(function)) – Array of functions to initialise new flows.
  • ip4_chain (array(function)) – Array of functions to pass IPv4 headers to.
  • ip6_chain (array(function)) – Array of functions to pass IPv6 headers to.
  • icmp4_chain (array(function)) – Array of functions to pass IPv4 headers containing ICMPv4 headers to.
  • icmp6_chain (array(function)) – Array of functions to pass IPv6 headers containing ICMPv6 headers to.
  • tcp_chain (array(function)) – Array of functions to pass TCP headers to.
  • tcp_chain – Array of functions to pass TCP headers to.
  • udp_chain (array(function)) – Array of functions to pass UDP headers to.
  • l4_chain (array(function)) – Array of functions to pass other layer 4 headers to.
See also:

Observer Documentation
flush()[source]
run_flow_enqueuer(flowqueue, irqueue=None)[source]
class pathspider.observer.PacketClockTimer(time, fn)
fn

Alias for field number 1

time

Alias for field number 0

pathspider.observer.basic_count(rec, ip, rev)[source]

Packet function that counts packets and octets per flow

pathspider.observer.basic_flow(rec, ip)[source]

New flow function that sets up basic flow information

pathspider.observer.extract_ports(ip)[source]
pathspider.observer.simple_observer(lturi)[source]