Bonjour à tous,
Je suis actuellement en train de faire un petit outil de parsing de fichiers xml, pdml plus précisement mais c'est pareil. Cet outil me servira à traduire des exports de captures de traffic wireshark dans le but de faire une expertise par la suite. Je me suis donc collé depuis 3 jours à simpleXML pour récupérer les données dont j'ai besoin dans mon xml dont voici la structure :
Code :
- <?xml version="1.0"?>
- <pdml version="0" creator="wireshark/1.0.5">
- <packet>
- <proto name="geninfo" pos="0" showname="General information" size="73">
- <field name="num" pos="0" show="492" showname="Number" value="1ec" size="73"/>
- <field name="len" pos="0" show="73" showname="Packet Length" value="49" size="73"/>
- <field name="caplen" pos="0" show="73" showname="Captured Length" value="49" size="73"/>
- <field name="timestamp" pos="0" show="Mar 26, 2010 12:00:01.813697000" showname="Captured Time" value="1269601201.813697000" size="73"/>
- </proto>
- <proto name="frame" showname="Frame 492 (73 bytes on wire, 73 bytes captured)" size="73" pos="0">
- <field name="frame.time" showname="Arrival Time: Mar 26, 2010 12:00:01.813697000" size="0" pos="0" show="Mar 26, 2010 12:00:01.813697000"/>
- <field name="frame.time_delta" showname="Time delta from previous captured frame: 0.010582000 seconds" size="0" pos="0" show="0.010582000"/>
- <field name="frame.time_delta_displayed" showname="Time delta from previous displayed frame: 1.167821000 seconds" size="0" pos="0" show="1.167821000"/>
- <field name="frame.time_relative" showname="Time since reference or first frame: 1.167821000 seconds" size="0" pos="0" show="1.167821000"/>
- <field name="frame.number" showname="Frame Number: 492" size="0" pos="0" show="492"/>
- <field name="frame.pkt_len" showname="Packet Length: 73 bytes" hide="yes" size="0" pos="0" show="73"/>
- <field name="frame.len" showname="Frame Length: 73 bytes" size="0" pos="0" show="73"/>
- <field name="frame.cap_len" showname="Capture Length: 73 bytes" size="0" pos="0" show="73"/>
- <field name="frame.marked" showname="Frame is marked: False" size="0" pos="0" show="0"/>
- <field name="frame.protocols" showname="Protocols in frame: eth:ip:tcp:x11" size="0" pos="0" show="eth:ip:tcp:x11"/>
- <field name="frame.coloring_rule.name" showname="Coloring Rule Name: TCP" size="0" pos="0" show="TCP"/>
- <field name="frame.coloring_rule.string" showname="Coloring Rule String: tcp" size="0" pos="0" show="tcp"/>
- </proto>
- <proto name="eth" showname="Ethernet II, Src: Broadcom_2d:5b:91 (00:10:18:2d:5b:91), Dst: All-HSRP-routers_02 (00:00:0c:07:ac:02)" size="14" pos="0">
- <field name="eth.dst" showname="Destination: All-HSRP-routers_02 (00:00:0c:07:ac:02)" size="6" pos="0" show="00:00:0c:07:ac:02" value="00000c07ac02">
- <field name="eth.addr" showname="Address: All-HSRP-routers_02 (00:00:0c:07:ac:02)" size="6" pos="0" show="00:00:0c:07:ac:02" value="00000c07ac02"/>
- <field name="eth.ig" showname=".... ...0 .... .... .... .... = IG bit: Individual address (unicast)" size="3" pos="0" show="0" value="0" unmaskedvalue="00000c"/>
- <field name="eth.lg" showname=".... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)" size="3" pos="0" show="0" value="0" unmaskedvalue="00000c"/>
- </field>
- <field name="eth.src" showname="Source: Broadcom_2d:5b:91 (00:10:18:2d:5b:91)" size="6" pos="6" show="00:10:18:2d:5b:91" value="0010182d5b91">
- <field name="eth.addr" showname="Address: Broadcom_2d:5b:91 (00:10:18:2d:5b:91)" size="6" pos="6" show="00:10:18:2d:5b:91" value="0010182d5b91"/>
- <field name="eth.ig" showname=".... ...0 .... .... .... .... = IG bit: Individual address (unicast)" size="3" pos="6" show="0" value="0" unmaskedvalue="001018"/>
- <field name="eth.lg" showname=".... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)" size="3" pos="6" show="0" value="0" unmaskedvalue="001018"/>
- </field>
- <field name="eth.type" showname="Type: IP (0x0800)" size="2" pos="12" show="0x0800" value="0800"/>
- </proto>
- <proto name="ip" showname="Internet Protocol, Src: x.x.x.121 (x.x.x.121), Dst: x.x.x.146 (x.x.x.146)" size="20" pos="14">
- <field name="ip.version" showname="Version: 4" size="1" pos="14" show="4" value="45"/>
- <field name="ip.hdr_len" showname="Header length: 20 bytes" size="1" pos="14" show="20" value="45"/>
- <field name="ip.dsfield" showname="Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)" size="1" pos="15" show="0" value="00">
- <field name="ip.dsfield.dscp" showname="0000 00.. = Differentiated Services Codepoint: Default (0x00)" size="1" pos="15" show="0x00" value="0" unmaskedvalue="00"/>
- <field name="ip.dsfield.ect" showname=".... ..0. = ECN-Capable Transport (ECT): 0" size="1" pos="15" show="0" value="0" unmaskedvalue="00"/>
- <field name="ip.dsfield.ce" showname=".... ...0 = ECN-CE: 0" size="1" pos="15" show="0" value="0" unmaskedvalue="00"/>
- </field>
- <field name="ip.len" showname="Total Length: 59" size="2" pos="16" show="59" value="003b"/>
- <field name="ip.id" showname="Identification: 0x1682 (5762)" size="2" pos="18" show="0x1682" value="1682"/>
- <field name="ip.flags" showname="Flags: 0x04 (Don't Fragment)" size="1" pos="20" show="0x04" value="40">
- <field name="ip.flags.rb" showname="0... = Reserved bit: Not set" size="1" pos="20" show="0" value="0" unmaskedvalue="40"/>
- <field name="ip.flags.df" showname=".1.. = Don't fragment: Set" size="1" pos="20" show="1" value="1" unmaskedvalue="40"/>
- <field name="ip.flags.mf" showname="..0. = More fragments: Not set" size="1" pos="20" show="0" value="0" unmaskedvalue="40"/>
- </field>
- <field name="ip.frag_offset" showname="Fragment offset: 0" size="2" pos="20" show="0" value="4000"/>
- <field name="ip.ttl" showname="Time to live: 64" size="1" pos="22" show="64" value="40"/>
- <field name="ip.proto" showname="Protocol: TCP (0x06)" size="1" pos="23" show="0x06" value="06"/>
- <field name="ip.checksum" showname="Header checksum: 0x885d [correct]" size="2" pos="24" show="0x885d" value="885d">
- <field name="ip.checksum_good" showname="Good: True" size="2" pos="24" show="1" value="885d"/>
- <field name="ip.checksum_bad" showname="Bad : False" size="2" pos="24" show="0" value="885d"/>
- </field>
- <field name="ip.src" showname="Source: x.x.x.121 (x.x.x.121)" size="4" pos="26" show="x.x.x.121" value="a3692a79"/>
- <field name="ip.addr" showname="Source or Destination Address: x.x.x.121 (x.x.x.121)" hide="yes" size="4" pos="26" show="x.x.x.121" value="a3692a79"/>
- <field name="ip.src_host" showname="Source Host: x.x.x.121" hide="yes" size="4" pos="26" show="x.x.x.121" value="a3692a79"/>
- <field name="ip.host" showname="Source or Destination Host: x.x.x.121" hide="yes" size="4" pos="26" show="x.x.x.121" value="a3692a79"/>
- <field name="ip.dst" showname="Destination: x.x.x.146 (x.x.x.146)" size="4" pos="30" show="x.x.x.146" value="a3692a92"/>
- <field name="ip.addr" showname="Source or Destination Address: x.x.x.146 (x.x.x.146)" hide="yes" size="4" pos="30" show="x.x.x.146" value="a3692a92"/>
- <field name="ip.dst_host" showname="Destination Host: x.x.x.146" hide="yes" size="4" pos="30" show="x.x.x.146" value="a3692a92"/>
- <field name="ip.host" showname="Source or Destination Host: x.x.x.146" hide="yes" size="4" pos="30" show="x.x.x.146" value="a3692a92"/>
- </proto>
- <proto name="tcp" showname="Transmission Control Protocol, Src Port: 46616 (46616), Dst Port: 6002 (6002), Seq: 1, Ack: 1, Len: 7" size="32" pos="34">
- <field name="tcp.srcport" showname="Source port: 46616 (46616)" size="2" pos="34" show="46616" value="b618"/>
- <field name="tcp.dstport" showname="Destination port: 6002 (6002)" size="2" pos="36" show="6002" value="1772"/>
- <field name="tcp.port" showname="Source or Destination Port: 46616" hide="yes" size="2" pos="34" show="46616" value="b618"/>
- <field name="tcp.port" showname="Source or Destination Port: 6002" hide="yes" size="2" pos="36" show="6002" value="1772"/>
- <field name="tcp.len" showname="TCP Segment Len: 7" hide="yes" size="4" pos="34" show="7" value="b6181772"/>
- <field name="tcp.seq" showname="Sequence number: 1 (relative sequence number)" size="4" pos="38" show="1" value="651de7e0"/>
- <field name="tcp.nxtseq" showname="Next sequence number: 8 (relative sequence number)" size="0" pos="34" show="8"/>
- <field name="tcp.ack" showname="Acknowledgement number: 1 (relative ack number)" size="4" pos="42" show="1" value="d910fc54"/>
- <field name="tcp.hdr_len" showname="Header length: 32 bytes" size="1" pos="46" show="32" value="80"/>
- <field name="tcp.flags" showname="Flags: 0x18 (PSH, ACK)" size="1" pos="47" show="0x18" value="18">
- <field name="tcp.flags.cwr" showname="0... .... = Congestion Window Reduced (CWR): Not set" size="1" pos="47" show="0" value="0" unmaskedvalue="18"/>
- <field name="tcp.flags.ecn" showname=".0.. .... = ECN-Echo: Not set" size="1" pos="47" show="0" value="0" unmaskedvalue="18"/>
- <field name="tcp.flags.urg" showname="..0. .... = Urgent: Not set" size="1" pos="47" show="0" value="0" unmaskedvalue="18"/>
- <field name="tcp.flags.ack" showname="...1 .... = Acknowledgment: Set" size="1" pos="47" show="1" value="1" unmaskedvalue="18"/>
- <field name="tcp.flags.push" showname=".... 1... = Push: Set" size="1" pos="47" show="1" value="1" unmaskedvalue="18"/>
- <field name="tcp.flags.reset" showname=".... .0.. = Reset: Not set" size="1" pos="47" show="0" value="0" unmaskedvalue="18"/>
- <field name="tcp.flags.syn" showname=".... ..0. = Syn: Not set" size="1" pos="47" show="0" value="0" unmaskedvalue="18"/>
- <field name="tcp.flags.fin" showname=".... ...0 = Fin: Not set" size="1" pos="47" show="0" value="0" unmaskedvalue="18"/>
- </field>
- <field name="tcp.window_size" showname="Window size: 46" size="2" pos="48" show="46" value="002e"/>
- <field name="tcp.checksum" showname="Checksum: 0x12db [correct]" size="2" pos="50" show="0x12db" value="12db">
- <field name="tcp.checksum_good" showname="Good Checksum: True" size="2" pos="50" show="1" value="12db"/>
- <field name="tcp.checksum_bad" showname="Bad Checksum: False" size="2" pos="50" show="0" value="12db"/>
- </field>
- <field name="tcp.options" showname="Options: (12 bytes)" size="12" pos="54" show="01:01:08:0a:72:f5:17:1d:08:13:af:24" value="0101080a72f5171d0813af24">
- <field name="" show="NOP" size="1" pos="54" value="01"/>
- <field name="" show="NOP" size="1" pos="55" value="01"/>
- <field name="tcp.options.time_stamp" showname="TCP Time Stamp Option: True" hide="yes" size="10" pos="56" show="1" value="080a72f5171d0813af24"/>
- <field name="" show="Timestamps: TSval 1928664861, TSecr 135507748" size="10" pos="56" value="080a72f5171d0813af24"/>
- </field>
- <field name="" show="TCP segment data (7 bytes)" size="7" pos="66" value="1b8013045b0a0d"/> </proto>
- </packet>
- <packet>
- ...
- </packet>
- ...
- </pdml>
|
Je souhaiterai pour chaque <packet> récupérer plusieurs informations et les mettre en ligne dans un tableau.
J'ai donc deja fait ça :
Code :
- <?php
- $xml = simplexml_load_file("fichier.pdml" )
- foreach ($xml -> packet as $packet )
- {
- echo "<tr>";
- echo "<td>".$packet->proto[0]->field[0]->attributes()->show."</td>"; //Numéro de trame
- echo "<td>".$packet->proto[3]->field[10]->attributes()->show."</td>"; //adresse ip source
- echo "<td>".$packet->proto[3]->field[14]->attributes()->show."</td>"; //adresse ip destination
- echo "<td>".$packet->proto[4]->field[0]->attributes()->show."</td>"; // port source
- echo "<td>".$packet->proto[4]->field[1]->attributes()->show."</td>"; // port destination
- // --> requete pour récupérer la valeur de 'value' de l'élément <field ... pos="66"...value="ce que je veux">
- echo "</tr>";
- }
- ?>
|
Mon problème c'est : comment récupérer la valeur de l'attribut 'value' de l'élément <field ... pos="66"...value="ce que je veux"...> dans ma boucle foreach
Je ne peux pas fixer le chemin d'accès en dure ( $packet->proto[x]->field[y]->attributes()->value) comme pour les autres valeurs récupéré car cet élément-ci n'est pas forcément présent dans chaque <packet> ou alors il bouge (position field[13] ou [14], je dois donc réaliser une requete xpath?
j'ai essayé d'introduire une requete xpath dans mon foreach mais ça ne fonctionne pas, ou alors si ça fonctionne ça me liste tous les 'value' de l'élément selectionné présent dans tout le fichier.
Enfin voila, beaucoup de questions pour un naz du php commemoi. S'il vous plait merci de m'éclairer je bloque depuis 3 jours et j'en peux plus !!
Merci infiniment.
Message édité par Pierre2Toulouse le 14-04-2010 à 13:42:07