From 11206b4a71e9d65c745b004c94ecaccab13741a9 Mon Sep 17 00:00:00 2001
From: lns <matzeton@googlemail.com>
Date: Mon, 8 Aug 2022 15:50:48 +0200
Subject: Use correct ACK number if midstream TCP traffic.

 * README update to reflect newly added `-b' option

Signed-off-by: lns <matzeton@googlemail.com>
---
 TCPSplit.py | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

(limited to 'TCPSplit.py')

diff --git a/TCPSplit.py b/TCPSplit.py
index 8267e74..e16504c 100755
--- a/TCPSplit.py
+++ b/TCPSplit.py
@@ -39,14 +39,16 @@ class TCPSplitStream(object):
                             ', expected ' + str(TCPStream.TCPStream))
         self.stream = tcp_stream
         self.ordered_pkts = self.stream.get_order_pkts()
+        if len(self.ordered_pkts) == 0:
+            raise TCPSplitStreamException('No TCP packets found.')
         self.ip2dst = scapy.all.IP(src = self.stream.src, dst = self.stream.dst)
         self.ip2src = scapy.all.IP(src = self.stream.dst, dst = self.stream.src)
-        if self.stream.tcp_state.syn_seen is True:
+        if self.stream.tcp_state.syn_seen is True and len(self.ordered_pkts) >= 2:
             self.seq = self.ordered_pkts[0][scapy.all.TCP].seq # TCP-SYN
             self.ack = self.ordered_pkts[1][scapy.all.TCP].seq # TCP-SYN-ACK
         else:
             self.seq = self.ordered_pkts[0][scapy.all.TCP].seq
-            self.ack = self.ordered_pkts[1][scapy.all.TCP].ack
+            self.ack = self.ordered_pkts[0][scapy.all.TCP].ack
 
     def __generate_handshake(self):
         if self.stream.tcp_state.syn_seen is False:
-- 
cgit v1.2.3