You may or may not be familiar with the concept of packet capture, in which a network analyst collects data on the packets being transmitted across a network, so that they can analyze this dataset for interesting or alarming features.
Download this tarball to a lab08 directory and untar it with the command
tar xzf pcaps.tgzYou should see a few text files inside the folder for this lab that contain simulated network packet capture sessions.
File format:
Each file starts with an integer giving the number of connections logged in that file.
Each connection observed is given a unique numerical ID, a time in seconds after the capture began that the connection began, the IP of the source, the IP of the destination, the type of protocol used, and the size, in bytes, of the communication. These values, in that order, correspond to the columns in the file.
This is a sorting lab. Review and use the selection sort code from the class notes.
Write a program called part1_large.cpp which asks the user for the filename of a packet capture file like the ones given to you, and then prints out the sizes of the ten largest connections in the file, in bytes, starting with the largest.
~$ ./large
What file? pcap.txt
49997
49986
49985
49980
49977
49973
49970
49968
49965
49959You should do this by creating an array of all of the connection sizes (last column of each row), and then sorting it, largest to smallest, before printing out the first ten elements of the now-sorted array.
Then write a program called part1_small.cpp which prints out the sizes of the ten smallest connections in the file, starting with the smallest.
You must use selection sort as we have implemented it in class, with
a before function. part1_large.cpp and part1_small.cpp should differ by only one character!
~/bin/submit -c=IC210 -p=lab08 part*.cpp
Write a program called part2.cpp that prompts the user for a file, reads in this file to make an array of the protocols (strings), then repeatedly asks the user whether they want to (Q)uit or (S)earch. If the user inputs 'Q', the program terminates. If the user inputs 'S', the program asks the user for a protocol, and then outputs the index and the value in the array of the first occurence of the protocol (the match should be case insensitive), or it outputs the size of the array and the message "Protocol not found" if the protocol cannot be found in the file.
~$ ./p2
What file? pcap.txt
(Q)uit or (S)earch? S
Protocol? SSH
Index 2 protocol SSH
(Q)uit or (S)earch? S
Protocol? udp
Index 9 protocol UDP
(Q)uit or (S)earch? S
Protocol? TCP-IP
Array size 9999 Protocol not found
(Q)uit or (S)earch? Q
~/bin/submit -c=IC210 -p=lab08 part*.cpp
Write a program called part3.cpp that prompts the user for a file, reads in this file, and outputs the number of distinct protocols observed in the PCAP session. To do this, make an array of the protocols (strings), sort them, and then iterate through, counting the number of different ones seen (see how the fact that they’re sorted is helpful?).
~$./p3
What file? smallPcap.txt
10(Hint: you will want to write a loop where you compare each protocol in the list to the next or previous protocol in the list. Be careful about index-out-of-bounds errors!)
~/bin/submit -c=IC210 -p=lab08 part*.cpp