Added default value for missing keys, by using 'int', dict returns 0 if the...

Added default value for missing keys, by using 'int', dict returns 0 if the key does not exist, and added more tests

Added default value for missing keys, by using 'int', dict returns 0 if the...
7afcf828 · Daniel Yang · 02f22fc3 · 7afcf828 · 7afcf828
Commit 7afcf828 authored 4 months ago by Daniel Yang
--- a/code/src/packet_capturing.py
+++ b/code/src/packet_capturing.py
@@ -6,7 +6,7 @@ import time

 reserved_ips = ["192.168.1.4", "192.168.1.1", "192.168.1.7", "172.16.0.3"]

-syn_counts = defaultdict()
+syn_counts = defaultdict(int)
 syn_counts_last_checked = time.time()

 arp_table = defaultdict()
@@ -98,9 +98,17 @@ def packet_handler(packet):
 		port_check(packet)
 	destination_check(packet)
 	malformed_check(packet)
-	syn_flood_detection(packet)
+	syn_flood_detection(packet) # Should be under the 'if TCP in packet' clause?
 	arp_spoofing(packet)

+# Allows unit testing of the dict
+def get_dict():
+	return syn_counts
+
+def dict_clear():
+	global syn_counts
+	syn_counts = defaultdict(int)
+
 def main():
 	print("Starting packet capture...")
 	sniff(prn=packet_handler, store=False)

--- a/code/test/test_packet_capturing.py
+++ b/code/test/test_packet_capturing.py
 import unittest
+
 from scapy.layers.inet import IP, TCP
 from unittest.mock import patch
-from scapy.layers.l2 import Ether, ARP
-from scapy.packet import Raw
+from scapy.layers.l2 import Ether

-from src.packet_capturing import packet_handler
+from src.packet_capturing import packet_handler, get_dict, dict_clear


 class TestPacketCapturing(unittest.TestCase):
+
+    def setUp(self):
+        dict_clear()
+
    def test_baseCase(self):
        # Create a dummy packet
        packet = IP(src = "100.84.6.141", dst = "192.168.1.1") / TCP(dport = 80, sport = 12345, flags = "S")
        # Show detailed information about the package
-        print(packet.show())
+        # print(packet.show())

        # Mockito checks if print was called
        with patch('builtins.print') as mock_print:
            packet_handler(packet)
-            mock_print.assert_called_with("Packet captured: 100.84.6.141 -> 192.168.1.1")
+            mock_print.assert_any_call("Packet captured: 100.84.6.141 -> 192.168.1.1")
+
+        self.assertEqual({'100.84.6.141' : 1}, get_dict() , "Expected packet's IP in the dict")

    def test_ip_spoofing(self):
+        # Starts with 169.254, it's a suspicious packet
        packet = IP(src = "169.254.6.141", dst = "192.168.1.1")

        with patch('builtins.print') as mock_print:
            packet_handler(packet)
-            mock_print.assert_called_with("Possible IP spoofing using private networks detected.")
+            mock_print.assert_any_call("Possible IP spoofing using private networks detected.")
+
+        # Has no TCP flags, therefore dict must be empty
+        self.assertEqual({}, get_dict(), "Expected empty dict")

    def test_syn_fin(self):
+        # Has S and F flags, which is also known as SYN-FIN, which is a malicious packet signature
+        # Ether addresses are placeholders
        packet = IP(src = "100.84.6.141", dst = "192.168.1.1") / TCP(dport = 80, flags = "SF") / Ether(src="00:11:22:33:44:55", dst="ff:ff:ff:ff:ff:ff")

        with patch('builtins.print') as mock_print:
            packet_handler(packet)
            mock_print.assert_any_call("Malicious packet detected: SYN-FIN combination.")

+        self.assertEqual({}, get_dict(), "Expected empty dict")
+
    def test_null_packet(self):
        packet = IP(src = "100.84.6.141", dst = "192.168.1.1") / TCP(dport = 80, flags = 0) / Ether(src="00:11:22:33:44:55", dst="ff:ff:ff:ff:ff:ff")

@@ -40,6 +54,8 @@ class TestPacketCapturing(unittest.TestCase):
            packet_handler(packet)
            mock_print.assert_any_call("Malicious null packet found.")

+        self.assertEqual(get_dict(), {}, "Expected empty dict")
+
    def test_port_dest_check(self):
        packet = IP(src="100.84.6.141", dst="192.168.1.1") / TCP(dport = 0, sport = 200, flags="F") / Ether(src="00:11:22:33:44:55", dst="ff:ff:ff:ff:ff:ff")

@@ -47,6 +63,8 @@ class TestPacketCapturing(unittest.TestCase):
            packet_handler(packet)
            mock_print.assert_any_call("Illegal packet with source or destination port 0.")

+        self.assertEqual(get_dict(), {}, "Expected empty dict")
+
    def test_port_src_check(self):
        packet = IP(src="100.84.6.141", dst="192.168.1.1") / TCP(dport=80, sport=0, flags="F") / Ether(src="00:11:22:33:44:55", dst="ff:ff:ff:ff:ff:ff")

@@ -54,5 +72,7 @@ class TestPacketCapturing(unittest.TestCase):
            packet_handler(packet)
            mock_print.assert_any_call("Illegal packet with source or destination port 0.")

+        self.assertEqual(get_dict(), {}, "Expected empty dict")
+
 if __name__ == '__main__':
    unittest.main()