yaro/wifi_test
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Add Cisco client count parsing and update return values in analyze_pcap

Browse source
This commit is contained in:
Yaro Kasear 2025-04-16 11:00:46 -05:00
parent 78a6b225fc
commit ccbe5b92a1
1 changed files with 31 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

35
enrich.py
View file

@ -301,6 +301,7 @@ def analyze_pcap(pcapng_path, start_ts, end_ts, ap_bssid, ap_channel):
ssid_signals = defaultdict(list) ssid_signals = defaultdict(list)
ssid_to_bssids = defaultdict(set) ssid_to_bssids = defaultdict(set)
bssid_to_ssid = {} bssid_to_ssid = {}
cisco_reported_clients = []
try: try:
# Filter packets manually by timestamp # Filter packets manually by timestamp
@ -350,6 +351,27 @@ def analyze_pcap(pcapng_path, start_ts, end_ts, ap_bssid, ap_channel):
print(f"[DEBUG] Error parsing SSID: {e}") print(f"[DEBUG] Error parsing SSID: {e}")
continue continue
try:
mgt = packet.get_multiple_layers('wlan.mgt')[0]
if hasattr(mgt, 'get_field'):
tags = mgt.get_field('tag')
if not tags:
print("[DEBUG] wlan.mgt present, but no tags parsed.")
if tags and isinstance(tags, list):
for tag in tags:
if tag.get('wlan.tag.number') == '133':
try:
num_clients = int(tag.get('wlan.cisco.ccx1.clients'))
except (TypeError, ValueError):
num_clients = 0
cisco_reported_clients.append(num_clients)
break
except Exception as e:
print(f"[DEBUG] Could not parse Cisco client count: {e}")
cisco_reported_clients = None
bssid = getattr(wlan, 'bssid', '').lower() bssid = getattr(wlan, 'bssid', '').lower()
# For debugging purposes, print the SSID and BSSID # For debugging purposes, print the SSID and BSSID
@ -375,11 +397,13 @@ def analyze_pcap(pcapng_path, start_ts, end_ts, ap_bssid, ap_channel):
aps_on_channel = get_aps_on_channel(filtered_packets, ap_channel) aps_on_channel = get_aps_on_channel(filtered_packets, ap_channel)
avg_ap_signal, max_ap_signal = calculate_signal_strength_stats(filtered_packets, ap_channel) avg_ap_signal, max_ap_signal = calculate_signal_strength_stats(filtered_packets, ap_channel)
unlinked_devices = get_unlinked_devices(filtered_packets, ap_channel) unlinked_devices = get_unlinked_devices(filtered_packets, ap_channel)
cisco_avg_reported_clients = mean(cisco_reported_clients) if cisco_reported_clients else 0
cisco_max_reported_clients = max(cisco_reported_clients) if cisco_reported_clients else 0
finally: finally:
cap.close() cap.close()
return clients_on_ap, clients_on_channel, aps_on_channel, avg_ap_signal, max_ap_signal, unlinked_devices return clients_on_ap, clients_on_channel, aps_on_channel, avg_ap_signal, max_ap_signal, unlinked_devices, cisco_avg_reported_clients, cisco_max_reported_clients
def main(): def main():
args = parse_args() args = parse_args()
@ -407,7 +431,8 @@ def main():
reader = csv.DictReader(infile) reader = csv.DictReader(infile)
fieldnames = reader.fieldnames + [ fieldnames = reader.fieldnames + [
'ClientsOnAP', 'ClientsOnChannel', 'APsOnChannel', 'ClientsOnAP', 'ClientsOnChannel', 'APsOnChannel',
'AvgAPSignal', 'StrongestAPSignal', 'UnlinkedDevices' 'AvgAPSignal', 'StrongestAPSignal', 'UnlinkedDevices',
'CiscoAvgReportedClients', 'CiscoMaxReportedClients'
] ]
writer = csv.DictWriter(outfile, fieldnames=fieldnames) writer = csv.DictWriter(outfile, fieldnames=fieldnames)
writer.writeheader() writer.writeheader()
@ -422,7 +447,7 @@ def main():
writer.writerow(row) writer.writerow(row)
continue continue
clients_ap, clients_chan, aps_chan, avg_signal, strongest_signal, unlinked = analyze_pcap(args.pcapng, tstart, tend, ap_bssid, ap_channel) clients_ap, clients_chan, aps_chan, avg_signal, strongest_signal, unlinked, cisco_avg_reported_clients, cisco_max_reported_clients = analyze_pcap(args.pcapng, tstart, tend, ap_bssid, ap_channel)
row.update({ row.update({
'ClientsOnAP': clients_ap, 'ClientsOnAP': clients_ap,
@ -430,7 +455,9 @@ def main():
'APsOnChannel': aps_chan, 'APsOnChannel': aps_chan,
'AvgAPSignal': avg_signal, 'AvgAPSignal': avg_signal,
'StrongestAPSignal': strongest_signal, 'StrongestAPSignal': strongest_signal,
'UnlinkedDevices': unlinked 'UnlinkedDevices': unlinked,
'CiscoReportedClients': cisco_avg_reported_clients,
'CiscoMaxReportedClients': cisco_max_reported_clients
}) })
writer.writerow(row) writer.writerow(row)