WIP: Add a tcpdump pcap write action

[lakshmi-kannan]

tcpdump

(virtualenv)vagrant@st2dev /m/s/s/stackstorm-networking_utils ❯❯❯ st2 execution get 5a0cc030d9d7ed1271c71fc1
id: 5a0cc030d9d7ed1271c71fc1
status: succeeded (121s elapsed)
parameters:
  file: /home/stanley/test.pcap
  hosts: localhost
  interface: eth0
result:
  localhost:
    failed: false
    return_code: 0
    stderr: ''
    stdout: "tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 262144 bytes\r\n619 packets captured\r\n621 packets received by filter\r\n0 packets dropped by kernel"
    succeeded: true
(virtualenv)vagrant@st2dev /m/s/s/stackstorm-networking_utils ❯❯❯

tshark

(virtualenv)vagrant@st2dev /m/s/s/stackstorm-networking_utils ❯❯❯ st2 execution get 5a0ccef0d9d7ed2593f8315f
id: 5a0ccef0d9d7ed2593f8315f
status: succeeded (121s elapsed)
parameters:
  file: /tmp/shark_1.pcap
  hosts: localhost
  interface: eth0
result:
  localhost:
    failed: false
    return_code: 0
    stderr: ''
    stdout: "tshark: Lua: Error during loading:\r\n [string \"/usr/share/wireshark/init.lua\"]:46: dofile has been disabled due to running Wireshark as superuser. See http://wiki.wireshark.org/CaptureSetup/CapturePrivileges for help in running Wireshark as an unprivileged user.\r\nRunning as user \"root\" and group \"root\". This could be dangerous.\r\nCapturing on 'eth0'\r\n\r1 \r2 \r3 \r4 \r5 \r6 \r7 \r8 \r12 \r14 \r16 \r18 \r20 \r22 \r24 \r25 \r29 \r36 \r40 \r42 \r48 \r50 \r51 \r52 \r54 \r55 \r56 \r57 \r58 \r60 \r61 \r62 \r63 \r64 \r65 \r66 \r67 \r68 \r69 \r70 \r71 \r72 \r73 \r74 \r75 \r76 \r77 \r78 \r79 \r92 \r94 \r96 \r98 \r100 \r102 \r104 \r105 \r112 \r113 \r127 \r140 \r151 \r160 \r166 \r171 \r180 \r197 \r199 \r200 \r238 \r260 \r264 \r273 \r281 \r287 \r299 \r305 \r315 \r319 \r324 \r326 \r334 \r348 \r360 \r409 \r410 \r411 \r417 \r430 \r436 \r437 \r448 \r464 \r470 \r471 \r476 \r491 \r538 \r541 \r544 \r545 \r549 \r555 \r557 \r606 \r607 \r608 \r609 \r610 \r611 \r612 \r613 \r619 \r621 \r622 \r623 \r626 \r627 \r628 \r630 \r641 \r642 \r643 \r644 \r645 \r646 "
    succeeded: true
(virtualenv)vagrant@st2dev /m/s/s/stackstorm-networking_utils ❯❯

[Mierdin]

Random thought - would be cool if you could write a Python action to do this, and then transform the resulting data into something usable in stackstorm i.e. JSON. Probably not full payloads, but maybe headers? Just a thought.

[lakshmi-kannan]

@Mierdin Yes, I could. I am doing this in the scope of this demo work for which I just need a pcap file on disk which will then be shipped to JIRA as an attachment. I was about to ask if this is good enough to live here or should I put this in a different repo (demo repo). I don't mind writing the python action but it's an overkill for what I am trying to do.

[CLAassistant]

Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.

---

Lakshmi Kannan seems not to be a GitHub user. You need a GitHub account to be able to sign the CLA. If you have already a GitHub account, please add the email address used for this commit to your account.
_{You have signed the CLA already but the status is still pending? Let us recheck it.}