I'm parsing a large text file for correct TCP connections, and one of the things I need to do is check if the server and host IP addresses (There are 30 different hosts) have sent each other an SYN packet.
List of hosts:
HostList1 = ['150.100.12.130','150.100.12.131','150.100.12.132','150.100.12.133','150.100.12.134','150.100.12.135','150.100.12.136','150.100.12.137','150.100.12.138','150.100.12.139']
Example lines from text(There are thousands of line):
2.000724 IP (tos 0x0, ttl 63, id 0, offset 0, flags [none], proto: TCP (6), length: 40, bad cksum 0 (->4280)!) 150.100.12.134.49153 > 150.100.0.2.57300: S, cksum 0x0000 (incorrect (-> 0xd6bb), 0:0(0) win 65535
2.000724 IP (tos 0x0, ttl 64, id 17, offset 0, flags [none], proto: TCP (6), length: 40, bad cksum 0 (->416f)!) 150.100.0.2.57300 > 150.100.12.134.49153: S, cksum 0x0000 (incorrect (-> 0xd6aa), 0:0(0) ack 1 win 65535
My current code, the server address is 150.100.0.2:
with open("serverLanTraceWithErrors.txt" , "r") as ParseFile1:
for line in ParseFile1:
if 'TCP' in line: #Check if TCP proto is in the line
Split1 = line.split(",") #Split each line by a comma for future splits
Split2 = Split1[7].split(">") #Split1[7] contains the two IP addresses, host and server and the direction of the packet
Split3 = Split1[1].split(" ") #Split3[3] will show the # hops
for item in HostList1:
if 'S' in line: #check if SYN flag is in the line
if item in Split2[1] and '150.100.0.2' in Split2[2] and '63' in Split3[3]:
print("SYN packet from host computer: %s to server completed with right # of hops %s" %(item, Split3[3]))
elif item in Split2[2] and '150.100.0.2' in Split2[1] and '64' in Split3[3] and 'ack' in Split1[9]:
print("SYN packet from server to host computer: %s completed with right # of hops %s" %(item, Split3[3]))
elif: item hasn't been found sending or receving SYN flag...
print("SYN pack from wherever to wherever not completed...")
Ideally there should be two situations where an SYN flag is found between the server and a host. host to server and server back to host. My problem is I can't find a way to make the last elif statement work, I need a way to say that if only one of the two top statements ever occurred which IP address it occurred with. Because for host 150.100.12.139, it only ever sends a packet to the host, the host never replies back with one and I the code to be able to point that out. My knowledge of python is very limited so ive been sitting here stumped for a while.
You said "Ideally there should be two situations where an SYN flag is found between the server and a host" so I'm guessing the last
elifcondition was to check if either of the above conditions worked or not. I suggest instead of the lastelifstatement trying usingelseas shown below.Let me know if it helped you.
EDIT 1: After looking into comments I suggest you the following