#!

/usr/bin/tclsh
package require md5
set tcpdump [exec which tcpdump]
set text2pcap [exec which text2pcap]
#====================================
#====================================
if {([lindex $argv 0] == "-i") && ([lindex $argv 2] == "-o") && ($argc >= 4) } {
set input_file [lindex $argv 1]
set output_file [lindex $argv 3]
if {([lindex $argv 4] == "-k") && ([lindex $argv 5] != "")} {
set key [lindex $argv 5]
} else {
set key ""
}
} else {
puts "Usage:\n\
\t$argv0 -i input-file -o output-file -k key\n\
\t\tinput-file: File in which the ip addresses needs to be masked
\n\
\t\toutput-file: File to which the masked content should be copie
d to\n\
\t\tkey: User defined addition key to give true irreversible mask
ing (This is an optional field)"
exit
}
#puts [exec clear]
puts "---------------------------------------------------\n\
IP address masking tool v2.0
\tIP address masking started\n\
\t\tInput file name: $input_file\n\
\t\tOutput file name: $output_file"
#====================================
#====================================
proc hash {ipaddress key} {
set hashipaddress1 [split $ipaddress "."]
foreach i { 0 1 } { lappend hashipaddress [lindex $hashipaddress1 $i] }
set hashipaddress [join $hashipaddress "."]
set hashed [md5::md5 -hex "$hashipaddress$key"]
foreach i "1 2 3" { set octet($i) 0}
set octet_count 0
set hash_split [split $hashed ""]
for {set i 0} { $i <= 29 } { incr i } {
if { ($i % 10) == 0 } { incr octet_count }
scan [lindex $hash_split $i] %c asciivalue
set octet($octet_count) [expr $octet($octet_count) + $asciivalue]
if { ($octet_count == 1) && ($octet($octet_count) >= 224) } {
while {$octet($octet_count) >= 224} {set octet($octet_count) [exp
r $octet($octet_count) >> 1]}
} else {
while {$octet($octet_count) >= 255} { set octet($octet_count) [ex
pr $octet($octet_count) >> 1]}
}
}
set octet(3) [lindex [split $ipaddress "."] 2]
set octet(4) [lindex [split $ipaddress "."] 3]
set fileID [open "[lindex $::argv 1]-map.txt" "a+"]

puts $fileID "$ipaddress ---> $octet(1).$octet(2).$octet(3).$octet(4)"

close $fileID
return "$octet(1).$octet(2).$octet(3).$octet(4)"
}
proc modifyIP {intmpLine ip1 ip2 key} {
set ip1oct [split $ip1 "."]
set ip2oct [split $ip2 "."]
set ip1hex ""
set ip2hex ""
foreach oct $ip1oct {
append ip1hex "[format %02x $oct] "
}
foreach oct $ip2oct {
append ip2hex "[format %02x $oct] "
}
#
set hashedIP1 [hash $ip1hex $key]
#
set hashedIP2 [hash $ip2hex $key]
#puts "$hashedIP1 - $hashedIP2"
set hashedIP1 "01 02 03 04 "
set hashedIP2 "05 06 07 08 "
set temp [regsub $ip1hex $intmpLine "$hashedIP1 "]
regsub $ip2hex $temp "$hashedIP2 " outtmpLine
unset temp
return $outtmpLine
}

catch {
eval exec "$tcpdump -r [lindex $argv 1] -xx > [lindex $argv 1].hex"
}
set hexFileId [open "[lindex $argv 1].hex" r]
set hexFileContent [read $hexFileId]
close $hexFileId
puts "$hexFileContent\n\n\n"
set hexOutFileId [open "[lindex $argv 1].out" w]
set tmpLine ""
set tmpLineOut "X"
foreach line [split $hexFileContent "\n"] {
set line [string trim $line]
if {$line == ""} {continue}
if {![regexp \x $line]} {
if {$tmpLine != ""} {
set tmpLineOut [modifyIP $tmpLine [lindex [split $srcDst
IpAddr " "] 0] [lindex [split $srcDstIpAddr " "] 1] $key]
puts $hexOutFileId "$timestamp 0000 $tmpLineOut"
set tmpLine ""
set tmpLineOut ""
}
set timestamp [lindex [split $line " "] 0]
set srcDstIpAddr [regexp -all -inline {(?:\d+\.){3}\d+} $line]
} else {
set line [join [lrange $line 1 end] ""]

foreach {s1 s2} [split $line ""] {

lappend tmpLine $s1$s2
}
}
}
set tmpLineOut [modifyIP $tmpLine [lindex [split $srcDstIpAddr " "] 0] [lindex [
split $srcDstIpAddr " "] 1] $key]
puts "$timestamp 0000 $tmpLineOut"
puts $hexOutFileId "$timestamp 0000 $tmpLineOut"
close $hexOutFileId
catch {
eval exec "$text2pcap -t %H:%M:%S. [lindex $argv 1].out [lindex $argv 3]
"
}
eval exec "rm [lindex $argv 1].out [lindex $argv 1].hex"