From 33e60649e0482256cf97361eb34680885c2d5b83 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E6=B1=AA=E5=89=8D?= <1104239712@qq.com>
Date: Sun, 9 Feb 2025 15:52:02 +0800
Subject: [PATCH] reatimemonitor

---
 caputre/ADFA-LD+Syscall+List.txt              | 886 ++++++++++++++++++
 .../__pycache__/capturetask.cpython-311.pyc   | Bin 0 -> 20079 bytes
 .../__pycache__/demoscapture.cpython-311.pyc  | Bin 0 -> 8305 bytes
 .../__pycache__/messagejobs.cpython-311.pyc   | Bin 0 -> 5219 bytes
 caputre/__pycache__/safemap.cpython-311.pyc   | Bin 0 -> 7835 bytes
 caputre/capturetask.py                        | 375 ++++++++
 caputre/demoscapture.py                       | 162 ++++
 caputre/ebpfdemos.py                          | 224 +++++
 caputre/jobentrance.py                        |   4 +
 caputre/messagejobs.py                        |  92 ++
 caputre/safemap.py                            | 201 ++++
 11 files changed, 1944 insertions(+)
 create mode 100644 caputre/ADFA-LD+Syscall+List.txt
 create mode 100644 caputre/__pycache__/capturetask.cpython-311.pyc
 create mode 100644 caputre/__pycache__/demoscapture.cpython-311.pyc
 create mode 100644 caputre/__pycache__/messagejobs.cpython-311.pyc
 create mode 100644 caputre/__pycache__/safemap.cpython-311.pyc
 create mode 100644 caputre/capturetask.py
 create mode 100644 caputre/demoscapture.py
 create mode 100644 caputre/ebpfdemos.py
 create mode 100644 caputre/jobentrance.py
 create mode 100644 caputre/messagejobs.py
 create mode 100644 caputre/safemap.py

diff --git a/caputre/ADFA-LD+Syscall+List.txt b/caputre/ADFA-LD+Syscall+List.txt
new file mode 100644
index 0000000..b969770
--- /dev/null
+++ b/caputre/ADFA-LD+Syscall+List.txt
@@ -0,0 +1,886 @@
+#if !defined(_ASM_GENERIC_UNISTD_H) || defined(__SYSCALL)
+#define _ASM_GENERIC_UNISTD_H
+
+#include <asm/bitsperlong.h>
+
+/*
+ * This file contains the system call numbers, based on the
+ * layout of the x86-64 architecture, which embeds the
+ * pointer to the syscall in the table.
+ *
+ * As a basic principle, no duplication of functionality
+ * should be added, e.g. we don't use lseek when llseek
+ * is present. New architectures should use this file
+ * and implement the less feature-full calls in user space.
+ */
+
+#ifndef __SYSCALL
+#define __SYSCALL(x, y)
+#endif
+
+#if __BITS_PER_LONG == 32 || defined(__SYSCALL_COMPAT)
+#define __SC_3264(_nr, _32, _64) __SYSCALL(_nr, _32)
+#else
+#define __SC_3264(_nr, _32, _64) __SYSCALL(_nr, _64)
+#endif
+
+#define __NR_io_setup 0
+__SYSCALL(__NR_io_setup, sys_io_setup)
+#define __NR_io_destroy 1
+__SYSCALL(__NR_io_destroy, sys_io_destroy)
+#define __NR_io_submit 2
+__SYSCALL(__NR_io_submit, sys_io_submit)
+#define __NR_io_cancel 3
+__SYSCALL(__NR_io_cancel, sys_io_cancel)
+#define __NR_io_getevents 4
+__SYSCALL(__NR_io_getevents, sys_io_getevents)
+
+/* fs/xattr.c */
+#define __NR_setxattr 5
+__SYSCALL(__NR_setxattr, sys_setxattr)
+#define __NR_lsetxattr 6
+__SYSCALL(__NR_lsetxattr, sys_lsetxattr)
+#define __NR_fsetxattr 7
+__SYSCALL(__NR_fsetxattr, sys_fsetxattr)
+#define __NR_getxattr 8
+__SYSCALL(__NR_getxattr, sys_getxattr)
+#define __NR_lgetxattr 9
+__SYSCALL(__NR_lgetxattr, sys_lgetxattr)
+#define __NR_fgetxattr 10
+__SYSCALL(__NR_fgetxattr, sys_fgetxattr)
+#define __NR_listxattr 11
+__SYSCALL(__NR_listxattr, sys_listxattr)
+#define __NR_llistxattr 12
+__SYSCALL(__NR_llistxattr, sys_llistxattr)
+#define __NR_flistxattr 13
+__SYSCALL(__NR_flistxattr, sys_flistxattr)
+#define __NR_removexattr 14
+__SYSCALL(__NR_removexattr, sys_removexattr)
+#define __NR_lremovexattr 15
+__SYSCALL(__NR_lremovexattr, sys_lremovexattr)
+#define __NR_fremovexattr 16
+__SYSCALL(__NR_fremovexattr, sys_fremovexattr)
+
+/* fs/dcache.c */
+#define __NR_getcwd 17
+__SYSCALL(__NR_getcwd, sys_getcwd)
+
+/* fs/cookies.c */
+#define __NR_lookup_dcookie 18
+__SYSCALL(__NR_lookup_dcookie, sys_lookup_dcookie)
+
+/* fs/eventfd.c */
+#define __NR_eventfd2 19
+__SYSCALL(__NR_eventfd2, sys_eventfd2)
+
+/* fs/eventpoll.c */
+#define __NR_epoll_create1 20
+__SYSCALL(__NR_epoll_create1, sys_epoll_create1)
+#define __NR_epoll_ctl 21
+__SYSCALL(__NR_epoll_ctl, sys_epoll_ctl)
+#define __NR_epoll_pwait 22
+__SYSCALL(__NR_epoll_pwait, sys_epoll_pwait)
+
+/* fs/fcntl.c */
+#define __NR_dup 23
+__SYSCALL(__NR_dup, sys_dup)
+#define __NR_dup3 24
+__SYSCALL(__NR_dup3, sys_dup3)
+#define __NR3264_fcntl 25
+__SC_3264(__NR3264_fcntl, sys_fcntl64, sys_fcntl)
+
+/* fs/inotify_user.c */
+#define __NR_inotify_init1 26
+__SYSCALL(__NR_inotify_init1, sys_inotify_init1)
+#define __NR_inotify_add_watch 27
+__SYSCALL(__NR_inotify_add_watch, sys_inotify_add_watch)
+#define __NR_inotify_rm_watch 28
+__SYSCALL(__NR_inotify_rm_watch, sys_inotify_rm_watch)
+
+/* fs/ioctl.c */
+#define __NR_ioctl 29
+__SYSCALL(__NR_ioctl, sys_ioctl)
+
+/* fs/ioprio.c */
+#define __NR_ioprio_set 30
+__SYSCALL(__NR_ioprio_set, sys_ioprio_set)
+#define __NR_ioprio_get 31
+__SYSCALL(__NR_ioprio_get, sys_ioprio_get)
+
+/* fs/locks.c */
+#define __NR_flock 32
+__SYSCALL(__NR_flock, sys_flock)
+
+/* fs/namei.c */
+#define __NR_mknodat 33
+__SYSCALL(__NR_mknodat, sys_mknodat)
+#define __NR_mkdirat 34
+__SYSCALL(__NR_mkdirat, sys_mkdirat)
+#define __NR_unlinkat 35
+__SYSCALL(__NR_unlinkat, sys_unlinkat)
+#define __NR_symlinkat 36
+__SYSCALL(__NR_symlinkat, sys_symlinkat)
+#define __NR_linkat 37
+__SYSCALL(__NR_linkat, sys_linkat)
+#define __NR_renameat 38
+__SYSCALL(__NR_renameat, sys_renameat)
+
+/* fs/namespace.c */
+#define __NR_umount2 39
+__SYSCALL(__NR_umount2, sys_umount)
+#define __NR_mount 40
+__SYSCALL(__NR_mount, sys_mount)
+#define __NR_pivot_root 41
+__SYSCALL(__NR_pivot_root, sys_pivot_root)
+
+/* fs/nfsctl.c */
+#define __NR_nfsservctl 42
+__SYSCALL(__NR_nfsservctl, sys_nfsservctl)
+
+/* fs/open.c */
+#define __NR3264_statfs 43
+__SC_3264(__NR3264_statfs, sys_statfs64, sys_statfs)
+#define __NR3264_fstatfs 44
+__SC_3264(__NR3264_fstatfs, sys_fstatfs64, sys_fstatfs)
+#define __NR3264_truncate 45
+__SC_3264(__NR3264_truncate, sys_truncate64, sys_truncate)
+#define __NR3264_ftruncate 46
+__SC_3264(__NR3264_ftruncate, sys_ftruncate64, sys_ftruncate)
+
+#define __NR_fallocate 47
+__SYSCALL(__NR_fallocate, sys_fallocate)
+#define __NR_faccessat 48
+__SYSCALL(__NR_faccessat, sys_faccessat)
+#define __NR_chdir 49
+__SYSCALL(__NR_chdir, sys_chdir)
+#define __NR_fchdir 50
+__SYSCALL(__NR_fchdir, sys_fchdir)
+#define __NR_chroot 51
+__SYSCALL(__NR_chroot, sys_chroot)
+#define __NR_fchmod 52
+__SYSCALL(__NR_fchmod, sys_fchmod)
+#define __NR_fchmodat 53
+__SYSCALL(__NR_fchmodat, sys_fchmodat)
+#define __NR_fchownat 54
+__SYSCALL(__NR_fchownat, sys_fchownat)
+#define __NR_fchown 55
+__SYSCALL(__NR_fchown, sys_fchown)
+#define __NR_openat 56
+__SYSCALL(__NR_openat, sys_openat)
+#define __NR_close 57
+__SYSCALL(__NR_close, sys_close)
+#define __NR_vhangup 58
+__SYSCALL(__NR_vhangup, sys_vhangup)
+
+/* fs/pipe.c */
+#define __NR_pipe2 59
+__SYSCALL(__NR_pipe2, sys_pipe2)
+
+/* fs/quota.c */
+#define __NR_quotactl 60
+__SYSCALL(__NR_quotactl, sys_quotactl)
+
+/* fs/readdir.c */
+#define __NR_getdents64 61
+__SYSCALL(__NR_getdents64, sys_getdents64)
+
+/* fs/read_write.c */
+#define __NR3264_lseek 62
+__SC_3264(__NR3264_lseek, sys_llseek, sys_lseek)
+#define __NR_read 63
+__SYSCALL(__NR_read, sys_read)
+#define __NR_write 64
+__SYSCALL(__NR_write, sys_write)
+#define __NR_readv 65
+__SYSCALL(__NR_readv, sys_readv)
+#define __NR_writev 66
+__SYSCALL(__NR_writev, sys_writev)
+#define __NR_pread64 67
+__SYSCALL(__NR_pread64, sys_pread64)
+#define __NR_pwrite64 68
+__SYSCALL(__NR_pwrite64, sys_pwrite64)
+#define __NR_preadv 69
+__SYSCALL(__NR_preadv, sys_preadv)
+#define __NR_pwritev 70
+__SYSCALL(__NR_pwritev, sys_pwritev)
+
+/* fs/sendfile.c */
+#define __NR3264_sendfile 71
+__SC_3264(__NR3264_sendfile, sys_sendfile64, sys_sendfile)
+
+/* fs/select.c */
+#define __NR_pselect6 72
+__SYSCALL(__NR_pselect6, sys_pselect6)
+#define __NR_ppoll 73
+__SYSCALL(__NR_ppoll, sys_ppoll)
+
+/* fs/signalfd.c */
+#define __NR_signalfd4 74
+__SYSCALL(__NR_signalfd4, sys_signalfd4)
+
+/* fs/splice.c */
+#define __NR_vmsplice 75
+__SYSCALL(__NR_vmsplice, sys_vmsplice)
+#define __NR_splice 76
+__SYSCALL(__NR_splice, sys_splice)
+#define __NR_tee 77
+__SYSCALL(__NR_tee, sys_tee)
+
+/* fs/stat.c */
+#define __NR_readlinkat 78
+__SYSCALL(__NR_readlinkat, sys_readlinkat)
+#define __NR3264_fstatat 79
+__SC_3264(__NR3264_fstatat, sys_fstatat64, sys_newfstatat)
+#define __NR3264_fstat 80
+__SC_3264(__NR3264_fstat, sys_fstat64, sys_newfstat)
+
+/* fs/sync.c */
+#define __NR_sync 81
+__SYSCALL(__NR_sync, sys_sync)
+#define __NR_fsync 82
+__SYSCALL(__NR_fsync, sys_fsync)
+#define __NR_fdatasync 83
+__SYSCALL(__NR_fdatasync, sys_fdatasync)
+#ifdef __ARCH_WANT_SYNC_FILE_RANGE2
+#define __NR_sync_file_range2 84
+__SYSCALL(__NR_sync_file_range2, sys_sync_file_range2)
+#else
+#define __NR_sync_file_range 84
+__SYSCALL(__NR_sync_file_range, sys_sync_file_range)
+#endif
+
+/* fs/timerfd.c */
+#define __NR_timerfd_create 85
+__SYSCALL(__NR_timerfd_create, sys_timerfd_create)
+#define __NR_timerfd_settime 86
+__SYSCALL(__NR_timerfd_settime, sys_timerfd_settime)
+#define __NR_timerfd_gettime 87
+__SYSCALL(__NR_timerfd_gettime, sys_timerfd_gettime)
+
+/* fs/utimes.c */
+#define __NR_utimensat 88
+__SYSCALL(__NR_utimensat, sys_utimensat)
+
+/* kernel/acct.c */
+#define __NR_acct 89
+__SYSCALL(__NR_acct, sys_acct)
+
+/* kernel/capability.c */
+#define __NR_capget 90
+__SYSCALL(__NR_capget, sys_capget)
+#define __NR_capset 91
+__SYSCALL(__NR_capset, sys_capset)
+
+/* kernel/exec_domain.c */
+#define __NR_personality 92
+__SYSCALL(__NR_personality, sys_personality)
+
+/* kernel/exit.c */
+#define __NR_exit 93
+__SYSCALL(__NR_exit, sys_exit)
+#define __NR_exit_group 94
+__SYSCALL(__NR_exit_group, sys_exit_group)
+#define __NR_waitid 95
+__SYSCALL(__NR_waitid, sys_waitid)
+
+/* kernel/fork.c */
+#define __NR_set_tid_address 96
+__SYSCALL(__NR_set_tid_address, sys_set_tid_address)
+#define __NR_unshare 97
+__SYSCALL(__NR_unshare, sys_unshare)
+
+/* kernel/futex.c */
+#define __NR_futex 98
+__SYSCALL(__NR_futex, sys_futex)
+#define __NR_set_robust_list 99
+__SYSCALL(__NR_set_robust_list, sys_set_robust_list)
+#define __NR_get_robust_list 100
+__SYSCALL(__NR_get_robust_list, sys_get_robust_list)
+
+/* kernel/hrtimer.c */
+#define __NR_nanosleep 101
+__SYSCALL(__NR_nanosleep, sys_nanosleep)
+
+/* kernel/itimer.c */
+#define __NR_getitimer 102
+__SYSCALL(__NR_getitimer, sys_getitimer)
+#define __NR_setitimer 103
+__SYSCALL(__NR_setitimer, sys_setitimer)
+
+/* kernel/kexec.c */
+#define __NR_kexec_load 104
+__SYSCALL(__NR_kexec_load, sys_kexec_load)
+
+/* kernel/module.c */
+#define __NR_init_module 105
+__SYSCALL(__NR_init_module, sys_init_module)
+#define __NR_delete_module 106
+__SYSCALL(__NR_delete_module, sys_delete_module)
+
+/* kernel/posix-timers.c */
+#define __NR_timer_create 107
+__SYSCALL(__NR_timer_create, sys_timer_create)
+#define __NR_timer_gettime 108
+__SYSCALL(__NR_timer_gettime, sys_timer_gettime)
+#define __NR_timer_getoverrun 109
+__SYSCALL(__NR_timer_getoverrun, sys_timer_getoverrun)
+#define __NR_timer_settime 110
+__SYSCALL(__NR_timer_settime, sys_timer_settime)
+#define __NR_timer_delete 111
+__SYSCALL(__NR_timer_delete, sys_timer_delete)
+#define __NR_clock_settime 112
+__SYSCALL(__NR_clock_settime, sys_clock_settime)
+#define __NR_clock_gettime 113
+__SYSCALL(__NR_clock_gettime, sys_clock_gettime)
+#define __NR_clock_getres 114
+__SYSCALL(__NR_clock_getres, sys_clock_getres)
+#define __NR_clock_nanosleep 115
+__SYSCALL(__NR_clock_nanosleep, sys_clock_nanosleep)
+
+/* kernel/printk.c */
+#define __NR_syslog 116
+__SYSCALL(__NR_syslog, sys_syslog)
+
+/* kernel/ptrace.c */
+#define __NR_ptrace 117
+__SYSCALL(__NR_ptrace, sys_ptrace)
+
+/* kernel/sched.c */
+#define __NR_sched_setparam 118
+__SYSCALL(__NR_sched_setparam, sys_sched_setparam)
+#define __NR_sched_setscheduler 119
+__SYSCALL(__NR_sched_setscheduler, sys_sched_setscheduler)
+#define __NR_sched_getscheduler 120
+__SYSCALL(__NR_sched_getscheduler, sys_sched_getscheduler)
+#define __NR_sched_getparam 121
+__SYSCALL(__NR_sched_getparam, sys_sched_getparam)
+#define __NR_sched_setaffinity 122
+__SYSCALL(__NR_sched_setaffinity, sys_sched_setaffinity)
+#define __NR_sched_getaffinity 123
+__SYSCALL(__NR_sched_getaffinity, sys_sched_getaffinity)
+#define __NR_sched_yield 124
+__SYSCALL(__NR_sched_yield, sys_sched_yield)
+#define __NR_sched_get_priority_max 125
+__SYSCALL(__NR_sched_get_priority_max, sys_sched_get_priority_max)
+#define __NR_sched_get_priority_min 126
+__SYSCALL(__NR_sched_get_priority_min, sys_sched_get_priority_min)
+#define __NR_sched_rr_get_interval 127
+__SYSCALL(__NR_sched_rr_get_interval, sys_sched_rr_get_interval)
+
+/* kernel/signal.c */
+#define __NR_restart_syscall 128
+__SYSCALL(__NR_restart_syscall, sys_restart_syscall)
+#define __NR_kill 129
+__SYSCALL(__NR_kill, sys_kill)
+#define __NR_tkill 130
+__SYSCALL(__NR_tkill, sys_tkill)
+#define __NR_tgkill 131
+__SYSCALL(__NR_tgkill, sys_tgkill)
+#define __NR_sigaltstack 132
+__SYSCALL(__NR_sigaltstack, sys_sigaltstack)
+#define __NR_rt_sigsuspend 133
+__SYSCALL(__NR_rt_sigsuspend, sys_rt_sigsuspend) /* __ARCH_WANT_SYS_RT_SIGSUSPEND */
+#define __NR_rt_sigaction 134
+__SYSCALL(__NR_rt_sigaction, sys_rt_sigaction) /* __ARCH_WANT_SYS_RT_SIGACTION */
+#define __NR_rt_sigprocmask 135
+__SYSCALL(__NR_rt_sigprocmask, sys_rt_sigprocmask)
+#define __NR_rt_sigpending 136
+__SYSCALL(__NR_rt_sigpending, sys_rt_sigpending)
+#define __NR_rt_sigtimedwait 137
+__SYSCALL(__NR_rt_sigtimedwait, sys_rt_sigtimedwait)
+#define __NR_rt_sigqueueinfo 138
+__SYSCALL(__NR_rt_sigqueueinfo, sys_rt_sigqueueinfo)
+#define __NR_rt_sigreturn 139
+__SYSCALL(__NR_rt_sigreturn, sys_rt_sigreturn) /* sys_rt_sigreturn_wrapper, */
+
+/* kernel/sys.c */
+#define __NR_setpriority 140
+__SYSCALL(__NR_setpriority, sys_setpriority)
+#define __NR_getpriority 141
+__SYSCALL(__NR_getpriority, sys_getpriority)
+#define __NR_reboot 142
+__SYSCALL(__NR_reboot, sys_reboot)
+#define __NR_setregid 143
+__SYSCALL(__NR_setregid, sys_setregid)
+#define __NR_setgid 144
+__SYSCALL(__NR_setgid, sys_setgid)
+#define __NR_setreuid 145
+__SYSCALL(__NR_setreuid, sys_setreuid)
+#define __NR_setuid 146
+__SYSCALL(__NR_setuid, sys_setuid)
+#define __NR_setresuid 147
+__SYSCALL(__NR_setresuid, sys_setresuid)
+#define __NR_getresuid 148
+__SYSCALL(__NR_getresuid, sys_getresuid)
+#define __NR_setresgid 149
+__SYSCALL(__NR_setresgid, sys_setresgid)
+#define __NR_getresgid 150
+__SYSCALL(__NR_getresgid, sys_getresgid)
+#define __NR_setfsuid 151
+__SYSCALL(__NR_setfsuid, sys_setfsuid)
+#define __NR_setfsgid 152
+__SYSCALL(__NR_setfsgid, sys_setfsgid)
+#define __NR_times 153
+__SYSCALL(__NR_times, sys_times)
+#define __NR_setpgid 154
+__SYSCALL(__NR_setpgid, sys_setpgid)
+#define __NR_getpgid 155
+__SYSCALL(__NR_getpgid, sys_getpgid)
+#define __NR_getsid 156
+__SYSCALL(__NR_getsid, sys_getsid)
+#define __NR_setsid 157
+__SYSCALL(__NR_setsid, sys_setsid)
+#define __NR_getgroups 158
+__SYSCALL(__NR_getgroups, sys_getgroups)
+#define __NR_setgroups 159
+__SYSCALL(__NR_setgroups, sys_setgroups)
+#define __NR_uname 160
+__SYSCALL(__NR_uname, sys_newuname)
+#define __NR_sethostname 161
+__SYSCALL(__NR_sethostname, sys_sethostname)
+#define __NR_setdomainname 162
+__SYSCALL(__NR_setdomainname, sys_setdomainname)
+#define __NR_getrlimit 163
+__SYSCALL(__NR_getrlimit, sys_getrlimit)
+#define __NR_setrlimit 164
+__SYSCALL(__NR_setrlimit, sys_setrlimit)
+#define __NR_getrusage 165
+__SYSCALL(__NR_getrusage, sys_getrusage)
+#define __NR_umask 166
+__SYSCALL(__NR_umask, sys_umask)
+#define __NR_prctl 167
+__SYSCALL(__NR_prctl, sys_prctl)
+#define __NR_getcpu 168
+__SYSCALL(__NR_getcpu, sys_getcpu)
+
+/* kernel/time.c */
+#define __NR_gettimeofday 169
+__SYSCALL(__NR_gettimeofday, sys_gettimeofday)
+#define __NR_settimeofday 170
+__SYSCALL(__NR_settimeofday, sys_settimeofday)
+#define __NR_adjtimex 171
+__SYSCALL(__NR_adjtimex, sys_adjtimex)
+
+/* kernel/timer.c */
+#define __NR_getpid 172
+__SYSCALL(__NR_getpid, sys_getpid)
+#define __NR_getppid 173
+__SYSCALL(__NR_getppid, sys_getppid)
+#define __NR_getuid 174
+__SYSCALL(__NR_getuid, sys_getuid)
+#define __NR_geteuid 175
+__SYSCALL(__NR_geteuid, sys_geteuid)
+#define __NR_getgid 176
+__SYSCALL(__NR_getgid, sys_getgid)
+#define __NR_getegid 177
+__SYSCALL(__NR_getegid, sys_getegid)
+#define __NR_gettid 178
+__SYSCALL(__NR_gettid, sys_gettid)
+#define __NR_sysinfo 179
+__SYSCALL(__NR_sysinfo, sys_sysinfo)
+
+/* ipc/mqueue.c */
+#define __NR_mq_open 180
+__SYSCALL(__NR_mq_open, sys_mq_open)
+#define __NR_mq_unlink 181
+__SYSCALL(__NR_mq_unlink, sys_mq_unlink)
+#define __NR_mq_timedsend 182
+__SYSCALL(__NR_mq_timedsend, sys_mq_timedsend)
+#define __NR_mq_timedreceive 183
+__SYSCALL(__NR_mq_timedreceive, sys_mq_timedreceive)
+#define __NR_mq_notify 184
+__SYSCALL(__NR_mq_notify, sys_mq_notify)
+#define __NR_mq_getsetattr 185
+__SYSCALL(__NR_mq_getsetattr, sys_mq_getsetattr)
+
+/* ipc/msg.c */
+#define __NR_msgget 186
+__SYSCALL(__NR_msgget, sys_msgget)
+#define __NR_msgctl 187
+__SYSCALL(__NR_msgctl, sys_msgctl)
+#define __NR_msgrcv 188
+__SYSCALL(__NR_msgrcv, sys_msgrcv)
+#define __NR_msgsnd 189
+__SYSCALL(__NR_msgsnd, sys_msgsnd)
+
+/* ipc/sem.c */
+#define __NR_semget 190
+__SYSCALL(__NR_semget, sys_semget)
+#define __NR_semctl 191
+__SYSCALL(__NR_semctl, sys_semctl)
+#define __NR_semtimedop 192
+__SYSCALL(__NR_semtimedop, sys_semtimedop)
+#define __NR_semop 193
+__SYSCALL(__NR_semop, sys_semop)
+
+/* ipc/shm.c */
+#define __NR_shmget 194
+__SYSCALL(__NR_shmget, sys_shmget)
+#define __NR_shmctl 195
+__SYSCALL(__NR_shmctl, sys_shmctl)
+#define __NR_shmat 196
+__SYSCALL(__NR_shmat, sys_shmat)
+#define __NR_shmdt 197
+__SYSCALL(__NR_shmdt, sys_shmdt)
+
+/* net/socket.c */
+#define __NR_socket 198
+__SYSCALL(__NR_socket, sys_socket)
+#define __NR_socketpair 199
+__SYSCALL(__NR_socketpair, sys_socketpair)
+#define __NR_bind 200
+__SYSCALL(__NR_bind, sys_bind)
+#define __NR_listen 201
+__SYSCALL(__NR_listen, sys_listen)
+#define __NR_accept 202
+__SYSCALL(__NR_accept, sys_accept)
+#define __NR_connect 203
+__SYSCALL(__NR_connect, sys_connect)
+#define __NR_getsockname 204
+__SYSCALL(__NR_getsockname, sys_getsockname)
+#define __NR_getpeername 205
+__SYSCALL(__NR_getpeername, sys_getpeername)
+#define __NR_sendto 206
+__SYSCALL(__NR_sendto, sys_sendto)
+#define __NR_recvfrom 207
+__SYSCALL(__NR_recvfrom, sys_recvfrom)
+#define __NR_setsockopt 208
+__SYSCALL(__NR_setsockopt, sys_setsockopt)
+#define __NR_getsockopt 209
+__SYSCALL(__NR_getsockopt, sys_getsockopt)
+#define __NR_shutdown 210
+__SYSCALL(__NR_shutdown, sys_shutdown)
+#define __NR_sendmsg 211
+__SYSCALL(__NR_sendmsg, sys_sendmsg)
+#define __NR_recvmsg 212
+__SYSCALL(__NR_recvmsg, sys_recvmsg)
+
+/* mm/filemap.c */
+#define __NR_readahead 213
+__SYSCALL(__NR_readahead, sys_readahead)
+
+/* mm/nommu.c, also with MMU */
+#define __NR_brk 214
+__SYSCALL(__NR_brk, sys_brk)
+#define __NR_munmap 215
+__SYSCALL(__NR_munmap, sys_munmap)
+#define __NR_mremap 216
+__SYSCALL(__NR_mremap, sys_mremap)
+
+/* security/keys/keyctl.c */
+#define __NR_add_key 217
+__SYSCALL(__NR_add_key, sys_add_key)
+#define __NR_request_key 218
+__SYSCALL(__NR_request_key, sys_request_key)
+#define __NR_keyctl 219
+__SYSCALL(__NR_keyctl, sys_keyctl)
+
+/* arch/example/kernel/sys_example.c */
+#define __NR_clone 220
+__SYSCALL(__NR_clone, sys_clone)	/* .long sys_clone_wrapper */
+#define __NR_execve 221
+__SYSCALL(__NR_execve, sys_execve)	/* .long sys_execve_wrapper */
+
+#define __NR3264_mmap 222
+__SC_3264(__NR3264_mmap, sys_mmap2, sys_mmap)
+/* mm/fadvise.c */
+#define __NR3264_fadvise64 223
+__SYSCALL(__NR3264_fadvise64, sys_fadvise64_64)
+
+/* mm/, CONFIG_MMU only */
+#ifndef __ARCH_NOMMU
+#define __NR_swapon 224
+__SYSCALL(__NR_swapon, sys_swapon)
+#define __NR_swapoff 225
+__SYSCALL(__NR_swapoff, sys_swapoff)
+#define __NR_mprotect 226
+__SYSCALL(__NR_mprotect, sys_mprotect)
+#define __NR_msync 227
+__SYSCALL(__NR_msync, sys_msync)
+#define __NR_mlock 228
+__SYSCALL(__NR_mlock, sys_mlock)
+#define __NR_munlock 229
+__SYSCALL(__NR_munlock, sys_munlock)
+#define __NR_mlockall 230
+__SYSCALL(__NR_mlockall, sys_mlockall)
+#define __NR_munlockall 231
+__SYSCALL(__NR_munlockall, sys_munlockall)
+#define __NR_mincore 232
+__SYSCALL(__NR_mincore, sys_mincore)
+#define __NR_madvise 233
+__SYSCALL(__NR_madvise, sys_madvise)
+#define __NR_remap_file_pages 234
+__SYSCALL(__NR_remap_file_pages, sys_remap_file_pages)
+#define __NR_mbind 235
+__SYSCALL(__NR_mbind, sys_mbind)
+#define __NR_get_mempolicy 236
+__SYSCALL(__NR_get_mempolicy, sys_get_mempolicy)
+#define __NR_set_mempolicy 237
+__SYSCALL(__NR_set_mempolicy, sys_set_mempolicy)
+#define __NR_migrate_pages 238
+__SYSCALL(__NR_migrate_pages, sys_migrate_pages)
+#define __NR_move_pages 239
+__SYSCALL(__NR_move_pages, sys_move_pages)
+#endif
+
+#define __NR_rt_tgsigqueueinfo 240
+__SYSCALL(__NR_rt_tgsigqueueinfo, sys_rt_tgsigqueueinfo)
+#define __NR_perf_event_open 241
+__SYSCALL(__NR_perf_event_open, sys_perf_event_open)
+#define __NR_accept4 242
+__SYSCALL(__NR_accept4, sys_accept4)
+#define __NR_recvmmsg 243
+__SYSCALL(__NR_recvmmsg, sys_recvmmsg)
+
+/*
+ * Architectures may provide up to 16 syscalls of their own
+ * starting with this value.
+ */
+#define __NR_arch_specific_syscall 244
+
+#define __NR_wait4 260
+__SYSCALL(__NR_wait4, sys_wait4)
+#define __NR_prlimit64 261
+__SYSCALL(__NR_prlimit64, sys_prlimit64)
+#define __NR_fanotify_init 262
+__SYSCALL(__NR_fanotify_init, sys_fanotify_init)
+#define __NR_fanotify_mark 263
+__SYSCALL(__NR_fanotify_mark, sys_fanotify_mark)
+
+#undef __NR_syscalls
+#define __NR_syscalls 264
+
+/*
+ * All syscalls below here should go away really,
+ * these are provided for both review and as a porting
+ * help for the C library version.
+*
+ * Last chance: are any of these important enough to
+ * enable by default?
+ */
+#ifdef __ARCH_WANT_SYSCALL_NO_AT
+#define __NR_open 1024
+__SYSCALL(__NR_open, sys_open)
+#define __NR_link 1025
+__SYSCALL(__NR_link, sys_link)
+#define __NR_unlink 1026
+__SYSCALL(__NR_unlink, sys_unlink)
+#define __NR_mknod 1027
+__SYSCALL(__NR_mknod, sys_mknod)
+#define __NR_chmod 1028
+__SYSCALL(__NR_chmod, sys_chmod)
+#define __NR_chown 1029
+__SYSCALL(__NR_chown, sys_chown)
+#define __NR_mkdir 1030
+__SYSCALL(__NR_mkdir, sys_mkdir)
+#define __NR_rmdir 1031
+__SYSCALL(__NR_rmdir, sys_rmdir)
+#define __NR_lchown 1032
+__SYSCALL(__NR_lchown, sys_lchown)
+#define __NR_access 1033
+__SYSCALL(__NR_access, sys_access)
+#define __NR_rename 1034
+__SYSCALL(__NR_rename, sys_rename)
+#define __NR_readlink 1035
+__SYSCALL(__NR_readlink, sys_readlink)
+#define __NR_symlink 1036
+__SYSCALL(__NR_symlink, sys_symlink)
+#define __NR_utimes 1037
+__SYSCALL(__NR_utimes, sys_utimes)
+#define __NR3264_stat 1038
+__SC_3264(__NR3264_stat, sys_stat64, sys_newstat)
+#define __NR3264_lstat 1039
+__SC_3264(__NR3264_lstat, sys_lstat64, sys_newlstat)
+
+#undef __NR_syscalls
+#define __NR_syscalls (__NR3264_lstat+1)
+#endif /* __ARCH_WANT_SYSCALL_NO_AT */
+
+#ifdef __ARCH_WANT_SYSCALL_NO_FLAGS
+#define __NR_pipe 1040
+__SYSCALL(__NR_pipe, sys_pipe)
+#define __NR_dup2 1041
+__SYSCALL(__NR_dup2, sys_dup2)
+#define __NR_epoll_create 1042
+__SYSCALL(__NR_epoll_create, sys_epoll_create)
+#define __NR_inotify_init 1043
+__SYSCALL(__NR_inotify_init, sys_inotify_init)
+#define __NR_eventfd 1044
+__SYSCALL(__NR_eventfd, sys_eventfd)
+#define __NR_signalfd 1045
+__SYSCALL(__NR_signalfd, sys_signalfd)
+
+#undef __NR_syscalls
+#define __NR_syscalls (__NR_signalfd+1)
+#endif /* __ARCH_WANT_SYSCALL_NO_FLAGS */
+
+#if (__BITS_PER_LONG == 32 || defined(__SYSCALL_COMPAT)) && \
+     defined(__ARCH_WANT_SYSCALL_OFF_T)
+#define __NR_sendfile 1046
+__SYSCALL(__NR_sendfile, sys_sendfile)
+#define __NR_ftruncate 1047
+__SYSCALL(__NR_ftruncate, sys_ftruncate)
+#define __NR_truncate 1048
+__SYSCALL(__NR_truncate, sys_truncate)
+#define __NR_stat 1049
+__SYSCALL(__NR_stat, sys_newstat)
+#define __NR_lstat 1050
+__SYSCALL(__NR_lstat, sys_newlstat)
+#define __NR_fstat 1051
+__SYSCALL(__NR_fstat, sys_newfstat)
+#define __NR_fcntl 1052
+__SYSCALL(__NR_fcntl, sys_fcntl)
+#define __NR_fadvise64 1053
+#define __ARCH_WANT_SYS_FADVISE64
+__SYSCALL(__NR_fadvise64, sys_fadvise64)
+#define __NR_newfstatat 1054
+#define __ARCH_WANT_SYS_NEWFSTATAT
+__SYSCALL(__NR_newfstatat, sys_newfstatat)
+#define __NR_fstatfs 1055
+__SYSCALL(__NR_fstatfs, sys_fstatfs)
+#define __NR_statfs 1056
+__SYSCALL(__NR_statfs, sys_statfs)
+#define __NR_lseek 1057
+__SYSCALL(__NR_lseek, sys_lseek)
+#define __NR_mmap 1058
+__SYSCALL(__NR_mmap, sys_mmap)
+
+#undef __NR_syscalls
+#define __NR_syscalls (__NR_mmap+1)
+#endif /* 32 bit off_t syscalls */
+
+#ifdef __ARCH_WANT_SYSCALL_DEPRECATED
+#define __NR_alarm 1059
+#define __ARCH_WANT_SYS_ALARM
+__SYSCALL(__NR_alarm, sys_alarm)
+#define __NR_getpgrp 1060
+#define __ARCH_WANT_SYS_GETPGRP
+__SYSCALL(__NR_getpgrp, sys_getpgrp)
+#define __NR_pause 1061
+#define __ARCH_WANT_SYS_PAUSE
+__SYSCALL(__NR_pause, sys_pause)
+#define __NR_time 1062
+#define __ARCH_WANT_SYS_TIME
+#define __ARCH_WANT_COMPAT_SYS_TIME
+__SYSCALL(__NR_time, sys_time)
+#define __NR_utime 1063
+#define __ARCH_WANT_SYS_UTIME
+__SYSCALL(__NR_utime, sys_utime)
+
+#define __NR_creat 1064
+__SYSCALL(__NR_creat, sys_creat)
+#define __NR_getdents 1065
+#define __ARCH_WANT_SYS_GETDENTS
+__SYSCALL(__NR_getdents, sys_getdents)
+#define __NR_futimesat 1066
+__SYSCALL(__NR_futimesat, sys_futimesat)
+#define __NR_select 1067
+#define __ARCH_WANT_SYS_SELECT
+__SYSCALL(__NR_select, sys_select)
+#define __NR_poll 1068
+__SYSCALL(__NR_poll, sys_poll)
+#define __NR_epoll_wait 1069
+__SYSCALL(__NR_epoll_wait, sys_epoll_wait)
+#define __NR_ustat 1070
+__SYSCALL(__NR_ustat, sys_ustat)
+#define __NR_vfork 1071
+__SYSCALL(__NR_vfork, sys_vfork)
+#define __NR_oldwait4 1072
+__SYSCALL(__NR_oldwait4, sys_wait4)
+#define __NR_recv 1073
+__SYSCALL(__NR_recv, sys_recv)
+#define __NR_send 1074
+__SYSCALL(__NR_send, sys_send)
+#define __NR_bdflush 1075
+__SYSCALL(__NR_bdflush, sys_bdflush)
+#define __NR_umount 1076
+__SYSCALL(__NR_umount, sys_oldumount)
+#define __ARCH_WANT_SYS_OLDUMOUNT
+#define __NR_uselib 1077
+__SYSCALL(__NR_uselib, sys_uselib)
+#define __NR__sysctl 1078
+__SYSCALL(__NR__sysctl, sys_sysctl)
+
+#define __NR_fork 1079
+#ifdef CONFIG_MMU
+__SYSCALL(__NR_fork, sys_fork)
+#else
+__SYSCALL(__NR_fork, sys_ni_syscall)
+#endif /* CONFIG_MMU */
+
+#undef __NR_syscalls
+#define __NR_syscalls (__NR_fork+1)
+
+#endif /* __ARCH_WANT_SYSCALL_DEPRECATED */
+
+/*
+ * 32 bit systems traditionally used different
+ * syscalls for off_t and loff_t arguments, while
+ * 64 bit systems only need the off_t version.
+ * For new 32 bit platforms, there is no need to
+ * implement the old 32 bit off_t syscalls, so
+ * they take different names.
+ * Here we map the numbers so that both versions
+ * use the same syscall table layout.
+ */
+#if __BITS_PER_LONG == 64 && !defined(__SYSCALL_COMPAT)
+#define __NR_fcntl __NR3264_fcntl
+#define __NR_statfs __NR3264_statfs
+#define __NR_fstatfs __NR3264_fstatfs
+#define __NR_truncate __NR3264_truncate
+#define __NR_ftruncate __NR3264_ftruncate
+#define __NR_lseek __NR3264_lseek
+#define __NR_sendfile __NR3264_sendfile
+#define __NR_newfstatat __NR3264_fstatat
+#define __NR_fstat __NR3264_fstat
+#define __NR_mmap __NR3264_mmap
+#define __NR_fadvise64 __NR3264_fadvise64
+#ifdef __NR3264_stat
+#define __NR_stat __NR3264_stat
+#define __NR_lstat __NR3264_lstat
+#endif
+#else
+#define __NR_fcntl64 __NR3264_fcntl
+#define __NR_statfs64 __NR3264_statfs
+#define __NR_fstatfs64 __NR3264_fstatfs
+#define __NR_truncate64 __NR3264_truncate
+#define __NR_ftruncate64 __NR3264_ftruncate
+#define __NR_llseek __NR3264_lseek
+#define __NR_sendfile64 __NR3264_sendfile
+#define __NR_fstatat64 __NR3264_fstatat
+#define __NR_fstat64 __NR3264_fstat
+#define __NR_mmap2 __NR3264_mmap
+#define __NR_fadvise64_64 __NR3264_fadvise64
+#ifdef __NR3264_stat
+#define __NR_stat64 __NR3264_stat
+#define __NR_lstat64 __NR3264_lstat
+#endif
+#endif
+
+#ifdef __KERNEL__
+
+/*
+ * These are required system calls, we should
+ * invert the logic eventually and let them
+ * be selected by default.
+ */
+#if __BITS_PER_LONG == 32
+#define __ARCH_WANT_STAT64
+#define __ARCH_WANT_SYS_LLSEEK
+#endif
+#define __ARCH_WANT_SYS_RT_SIGACTION
+#define __ARCH_WANT_SYS_RT_SIGSUSPEND
+#define __ARCH_WANT_COMPAT_SYS_RT_SIGSUSPEND
+
+/*
+ * "Conditional" syscalls
+ *
+ * What we want is __attribute__((weak,alias("sys_ni_syscall"))),
+ * but it doesn't work on all toolchains, so we just do it by hand
+ */
+#ifndef cond_syscall
+#define cond_syscall(x) asm(".weak\t" #x "\n\t.set\t" #x ",sys_ni_syscall")
+#endif
+
+#endif /* __KERNEL__ */
+#endif /* _ASM_GENERIC_UNISTD_H */
diff --git a/caputre/__pycache__/capturetask.cpython-311.pyc b/caputre/__pycache__/capturetask.cpython-311.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..798deef3751d9768ee40140dbc6315739e931acb
GIT binary patch
literal 20079
zcmZ3^%ge>Uz`*c#S62ENO9qC=APx+(KpCGc7#SF*Go&!2Fy=5sF@kBPDCQJ~6s8=O
zT-GR7MvxqH4qFI_X3SxaVh5|?h~fa#oKc)$nk$Mcg&~DGha0SpIfo~Nfr%lNBa0Vm
z4}`}D<1J%gU|0>~Ff3zaU|7uv<3{l_F{CnP3BdTN%vpjkb_z=s0|UBxp%m6c;S|P1
zk#vScQ6`2|F;vr|#8cQ>7@{On*jpH)BvUwA7^0+7I9nK^q*J(B7@}lSxLX*aWK(!r
z7^37-cv~2v<Wu-s7@`zX_*)pF6jKCR7^0L?1X~!Qlv9LS7@|~Cgj*P*R8ts(88k&+
zf*j_j$#_dBB%>%bF(n{BKgYEqHMz7Tzetnu7NgcnkhemTLCRp5m4ShQnSp`f^8s+s
zGclBa)Iepk;Or7u6frO`WP#L!RiFkHsz+-XN<e0V)iE$+!S$n<4_8rx7K|l4P>rAf
zW@2Di%>?78FlK|<MS3OtFfj&(6eeUHSsXB#1)MMzGL7oeWhmw|GNdyEGo&-rGS)EE
zGSx5@+1D^G04H5!6F}@5rYvp{4Z>M)_Y!3zN)lsaKrsoPNI|x5uty0+c#=gAFGhwM
zP!eGFd-?zW|Nm9uu0=)pMG9$|c`2EB=?W>SWtqvT#a0TM{I{5rOK!0T_<Q<=xCY%~
zDM(H%xWx$~<1^FZOKx$4v?S)_q@<P=-(pRwEJ{tg#g<xBlvJ8_i?yIAGq2<pYguAW
zY3ePul+@(>l+;^ni3J6zc`3IzlJoOQQu9iRZ?WVh=BD0a$xE#OnOBsW3N=rY`4&5r
zd5azDq+84&n?MOlK|$e{fs0j4N>*ZCdVWArepYI7NlZy%PIgIVS!zsjVnJz15tuG1
zElMp(EY8*|sJz9KlUZC64>hbvnt_2ql!1Yv_z(jFLj%JNK8@a_o~*edbL1}aX<Xsc
zxX7n<g-@%&{VqHA6?XBtOmjFEh+mY@ydt5w*6bp?(G_;14M~^SEiSNI+~wfCz^A@e
zY>muyO`A)aHWxMRu4vj_<gmZOVSj<c{szBb2j>Gmfd=;*T!IbGH@J8|Ffg$y+~DBv
z=j-B|P&}pPinzvgas5l;`WM9wuZSC7<S@FzVRV7R=mwu)PtFxS`3~j}tPI?IU~OMH
z7+5*4u!u|uzsMqcg+=xPi|h?<p$5Otpp=yi&w~sM450i13arl$7(fLjCqoUx0+1pM
zTmsG`5Mk6@TBK3KfGjHsQ3T4@a6Jn^cEH79j1<N-OsHnnGJ;ZFo~ANG2|UL!FsLvT
z$<#8H!1D$JLke>Z(`<&hXu260A{kN`YMJVo@;D%LIb%6P1#=`rIb#Y-FoPzm-z~Px
z^t}9{)Rm0jRG42>TqOZX+TgSZO4|jAl{xu|DOL)%*z)pI5=#;_*=})UBo^l+R;Cu+
zVh&0yzr_MlP$bB}z;KJxwIVsSpd>RtuLx9nXfoeoD@aVvPA$2`4mIc&V`?$T`w9vQ
zMN%LwykM*1q0&W~3=9mapfuJ8PGcXKSXuRMa0~X^ciGQ1zQ`?qg<Jju0~4q84KbOy
z!BeuYh^bu{)4e37yCLF&nC?X}yDMUL9qu=Tr8@jRurhH<|M<$rz$5yBfss`YL4Z@A
z&I-W`d^#8SbS`q}Ug6NafPsGe`0?WdGb5|sj~_oCa0_=>6iYBLFf=(bI<hhxWaV<y
zW<JO-<fz7cP>t15n>iUCy9^8rpfm;Y<YzW;I!a*(W?0GSw~|4V=@x5oQL<+ND0>%|
zcor0cbiqPGC^<j3ptK}4zPKc@B(u0AGr71(pMilv4-_2i;NZBy!qMPTB*VbKfRb)O
zr9ardCt&+H$w{}))J?YwKyHF1Z8)96jGDrWSyEVP7|R%nSW;MP7}J=78S(^_8A_1q
z0~LlMW>8AbV}Yk#wqOQLcE2Jy1_p*Ac?JdsP4-*N?ye!XSOWZmLvFEnxH`JrVh#um
zxy9z<>f;*XdW+pZAjH$(FZdQ~fMbZWM-{6_NJxNw$Vw(Rzm;r7N+5HTL4*p35CkPk
zuHur!qLSkB%#w^EP-<MsRHO!yR0l-`a-8vH7RP6lloZ56l6jF00|SF0NKrR9zCJLq
zvGQUhUuI5K{K=PJ>^i^VC4R*VN^uwY<FD|?e_&wbRlSg$bs?|xLNW;55SN}2KB4x4
zfXa^_cezDCX`2^8+~DBpU;(9FUU1qK>#!~s0;gRWM+Jt13S5r5%m;NC9d((pr=mOL
zry~1-NJT~9R77OzVGU-`WJ69pY`0iKgF%&bfMam*EtVkHkf2*E!6E)Zw^)2UK?y1_
z)H5Wc$O07qmLS3!6u-!cfH$)^J`IruTo@P_z-sELlLmq=@&{kx4+f_JGUHvsQHJ55
z440!O^Fa+pM@<~@o&j#7a*|Ve=n;;0Sj)0l45wO983ryZU}}q)Qka5qy9cROL@if}
zY->>JOr%;ERL6tuSO6-V!7OAVg?SANs#%~~cmb&RMOFr8r?8@`gt!)5g26j9;QAVS
z3HDNqfq@|eQI1uy1P6QQx@mHPi=<o3A<hA}Sc?nti%M>>rhup-)KaR*3X~c_#ZwVD
zxuGY?;^GWgvE;?Tz~Bl>wp*b|k_&6GB=dk@bZT->^%Z`F1x}av)h_U>tx(%4yhi(q
zmi3OJOInT>v>b1UOHU}lQl!ZcSEMaayU4G3g<lhtnq|Od5mA5%beI-{qOi%4%}I&j
zAeW=4lM=%rB`zm@=0kdnPWm{~^DgqsF`A}la0)?6yIATt=3oX*7QdI`pcLY!$qG&p
zMed;Z_5cx{AOaNgD;dERQ!%K;0c}tTWERJlq~_$MmcU})kAZ<97!>=N(AdXbDG?p}
zM8+7T%3*WlW;n>r<tV{?P@K_G0!LIOksnn|px!w+NRgTxSb~%(m_d`-FT_og8629o
zm>q)xz?FNEFDPt~LJ(A*Cl<l$^gsp%hFFjiP%dg<_`t-1CG#+HO56|@pJ4KVnUPcC
z$5TR8GAKoZ`m{|_@(lC2beLB&>Y#=UsBi)mho57ZL0u8#ZasSEG=_<Rp_Z|hsfMwL
zErl_KsfH;N+>|N-=?5273=CNHFxRrwFc-0<FsHE8ut4>|i$_d7phj9I1E`uUK`IW>
zO)g?dVS}iuVZh!9L~h=p6`-Ce>@_IOKTxiRcp(cEB48#?6>wMKQ~}R)I90$0G*UR`
zuz>uE(-$IO$AAemU#O>W)-aSH$s_p!-fhFF0+cMkrlxSsVZ!SIQ2z<65`C1cD71#5
z1W6Xje)teak#h<+VO3e6ZXDQ-1xQsISO83*4)qXWo*-Bo0|P?}4*}nSTH{c~XyMC}
z!b>29fg0<$^zuRUrtm{(O@UHStM1w2hG$#5pLH#LHm&{n#@$cnb-&-!^K|F77yG9?
zojvc#j@>VoHA2LnPU?Bu+y7$Sx)<x0J!@{g#RBS0+~R@u0>HiHTg+}D0k^mzZ9=F>
zaInWMwh(Z+Tok~-z_60#7F$Mnd~s1Sm`*7!xy4!l=CT&VgLo{S&b|RFnQn1rCg&E!
zmsA#{LYd%kA!Zl9;FV0bxC%>Ciz?&6LqbqCNF}(cxWydm5^#$>G%q_ZzdTP<1l&0(
z0<}(yKqXlbs9FFQg<$vGV$CQAIfgZ(9Bg|5h{IBlQe09L2kH{BfXuzc0<ydaR9fF+
zDonY>S_rZk()VXA1gQYqT$Bdtma&4Xrd#aLE>ckl$QU+ATe&C<RG@+i8wC)63<U@#
zXQU=)Lu)OtkBf>K7#Ki?6<=fo4LN;fW02KeVRli*=!%TdMHa~h_l}qw?0le}kJ$}=
z(HVRzcrJ*WUf?&qz+w88jX_#t1=~d_{VP)X7g@v`+&a8(u!DO^#y9vyCe$v-z943F
zfgdz%^p%Z)Lv%veMRu7h>@pzJBta^YIw~)4NPy%dX0Tmkm%qX;50aC)!7n~TsH5fr
zhx7+F1`fXV`lkA+#TVJ7udqvhU|?hAy1_33Zw#p;u|%ckI!}qdBC2`=&icT~D$ezR
z0YV6XSe#rR1Ym}iz#PN^GF0@2r2JBrIWkuywGgZitjrQz9~dA6$N*+et`9sg1K_S=
zW#zlUEjU%V$GXSv0|N^u-wk1j8*(a3gXd(=$-5$FbY0H!lAPs5IqNHO*2v-?Sed2y
zJ}^KC5fF=)4~y}PtVjWdB~Vc0A8?CINb0b?z#@S;k^vf>1yx(0S-3&f9w$QyG#i7c
z6!5e}3R4P0CPNBy3UdtuVgwyjiOt~#jVdnywSz&*QE&;o`oJhGwQ3lUWswR?c!Q#b
zF@+V>wa2Lvl#;>r)i9>8K~&;!2fTR4a7RT7dktd>2ShjWcsr7d5LFyw3MXEbh^me;
zg$t?@DGZRzL{xd)Rjdr4QF#U&w!_C|QXndsYnW=7L6bB!j43=&JCOW`WCx<!V@%-%
zshq%=x1ojsM;L(y+Q6ZS5k>(id`Mx0qz=h0Y+;05B?V!W!e7f$!&C#FqJsH;0%M*V
zPCp@4$7t1AK#Bm8pODlc`3YWa<E&!g6*W#3@CqEK3Pj~BIEST%F+~UzQ+aoA`U!Ux
z?VBQu<R>I`NPZHAMlnMTLkV^j@FrA>$Q&k^dvNAKjC7pBU&~s<RKtp#Li0*-`bG=p
z9*k5Mog#|l8zgl|z7d1zE^?`1C?TLG3)Ha#YgmAkGQk310;5?)$UL}1Qp6A;RbmP@
z3{0Rm)4`nvwp#WYHn`6iQ-t8gFf0H~_JDOF6E*CpX_t|q1k`wfDnYlShA~APl!8h?
z!xK2v)N<5tq)23g%6x_*$rQ;2pkZC8S_D<Yfog9JV~P~W<UH0CX&AePaRF#F7@-Nu
zLLa3;u2G=&N|iW36*Dj}EKo$S5v&?UR2P6|1XDN=;g!M;oi`0D0S&Z3HKxdbY7T^|
z*$gSNINiyKYQt=X6gg0BLZogk4Bhg`KAp{wqA-^mRSkw8_^|pxaY*?=80rTzlz31A
zl^%$YOi@O#XEUUzpvkJD$YO>gMlJy5A%vb3QLJuIL$gI4p<^~fiUyjjCW<WSZV<rg
z1}!vOv{7u)L6g-*ktNOztOz|t9H{BHm<co!RstHvg5?iA9QmCw1<4#@a}4TAgB09m
zvmxAw(`>Z-glcvT<1%IjhSlIw3*;5h!kJ(OWrh;a=p0CZ0X*(2Tg!=(3iWF^an93n
z)^UPDCxxMwvyKxnQ>$s<cZ&-&?-~G}M=eTcU|^_X_S1LN<i5q8kzZUApILB=Efdmn
z1ks?*8(VTlW`1&NQ4VOB5Hx3XOQ4`Aza&37KPNsVwIne!r}&njTX{;nM`~h9YEisT
zYF>It#w}im9q~C3E@w$*ZfbE!Vs61L?()pMl>GAe;>@blqH>U_6(9l>lVD43aTFIN
z$AiYGZ*im)mw;I>L9OSaYLL1*5CQ7Oy#%$mz}?NFNRSw)W(IdJi{e3CP`|PWw0@?j
z2E+vw#8phywMAerFjPqfrKXqWBo--zI0q;|+-jxZR+OKs@Qcx^ibWwLU!jUaLBk`z
zxWr1~7o#RZL#PXyhAJUY?;37MNM%8)ZBYUP149*?f^&XKs%=psh{NsT7pxEn>S9|d
z6s3Sf*c2dYQ$ZXN#~_5c;Tib~8HvRTMWC_5Dt3E?kkp(Ug`yacLe}b9tLoY+G3exa
zVo`BsUb+Hg&d^FhQ}q@{PJVJ?4k#{JK%oxqmfvFX47kM%>V`9edg0)}2Bohe(CF_i
z=FE(oTkN2ek)Kw4iwzP%;Ep#Wd^12H2paG$$^x;nK?JBH500;*To4x=+<72YK8OId
z{)!4fEKsle7F%gSN@7XsE#{omJn*#qEw;4$qTIxiTg>UHCAWAWu8%J)O)X8m#SB_L
z0&0TZ;wmUD0mn^p33zl>lM6BozztOoa`7#J%!2p~NZNxYHo=l)4588#bRi+|SO}_4
zn8D!D2T+2##R{^jxJUyu!~p8DfJPV~7&6Yl2a-=MiO)#POUX$sDw@N<z%U!6n429m
z$nb$Bo{?4OD;tA^!VNJg5E50qAtHN2T>6HB(hWtm8#0PFB<1Hw-;k33AkG8ozVnE4
zb#Q->Vc-!0uTwC($Srq;TMo2N!T5%X)>@+_UQ7Hsyk~G+<WWTDe_(^@g0F7S;uN}}
zq~75@gY6=Z{0%jowZTiWuc(=Kc+cRv$fJxYAg{VKX-?Igx($pM<qa?J$lOp+TUxw?
z`-+0`hQx~s<`;NmZ|K`!a0<StAKc-6K|=c?kIoHE{jJPvq_1dNcX-d>y~v|>kw@(T
zuW)~SSNz=Ii@b_gcojb|C{pYWMQnCo<k7*fN)p+s2T}@4h39Brk<z|_U`fg^Wu7B_
zMN$(q^Z{Xg;AGY3`@q1e&j<3B)<que3q0B%_!#&^!2Sri$g6aPSLp+T0LX9+Xm~!5
zRbJ{cC+3Q*-VHeG11mGgAZCO?A2=8k)X+jzQRxDY95^IHF6xJXtOSMR1uVW{16c@<
zK**F@Pu&Lw7G9wTN*Zg0muN51yP{-vUCH*6lI=w$`zuQJH;}|XureD9ePCcV7Mj3)
zK}PSQfc{r522HCSY8N#euV^@4<WTM4z96c4Lr$}UdxG0V4(S^l!WTr;u5hSd=g_;v
zp?5*w{vwCN6%L0B91eHYwN{udtX@*x!9BtMB8SRdewi6z7x`7L@T+vN-ryFPpwVUD
zVgEo?b9wZl=nbM5Rn4!cf>IjiMINOKJW3CgRXe<AfH)7h#XxC$hQ&p0l`GsTOEWHU
z>s{d1yUQ(pom=`6xAY9}i`*JlxHT?tYdqi<n^1OzTW$gCC2rLV+^TnZ1V1n^2p2G|
z$ljrGMb8<+fshBXkLMrCzYvyi(Jk?cTOvddLS9HOx=>twCA|j1g_90U-b~*a7#x`V
znLa_N4-5<eOi@f9LA+?DFAxf@UbukiD+5C+Q!W#-5QP1afq}OWq=UB*B+FaKbYoaJ
zUhNV%CZHi7%e0{Sg0brrb+-f6SJZ<+UXKNNS2&jGLUh`N^vWyIRUa4_Y8c%?K@r2~
z0hNR({K~)(#1w@h1d#v*UK~gVZyZRLHx3bas+YLcFL0|v?T=tuz<oi-?uvr_0iG)g
zz98KZARWRHOcz2EE+iIT2`%}+z);5M1Trm*(HSZUQTUaC!Ivo%MF=7RvOf}}gEtZ+
z%NvQ?{uR;}Ox>?&dYllyq8SL$4IwW?rCvy@xDr+Qfq|hKVt+IR_VY{4u(-mn0vch>
zU|iw7gX4;hBZPB<N1(&yDUaBM^67Px>K0^g(72*zy~BII|1SR%UKee`uh@iN6py$f
z9&tll4y>YjgT)nfn;p^n<9EfMh`MMSam6;`qIl#L@yH9&X&;#xc{3QlFn~zVOnL?*
zG6|c0)B%lFLkRGaH?0MQ7x=U;@M&G-(7wW<eE}PSt$Ne>@#9A^s6X8ltR5=Ca9P_?
zJ5++<ssvZ4J@Zv1p-?O4t5&R`_NbGVppiFFoA~n{@N_Qnq-6?Y4Z~~(%r%Of3@J>B
zjL55SQO9>c<GL*jYgm`DFfgnJwJ5=@Yj}Gb)Sd*3fZN*&wTvisvVrUbjjGOOn2WZm
z1GJ_rg`t+QjuG1GW~^gGYISq?Rmlf~)_{T9X~~HNphd9?`FRSNc_pbuX^F|HRth0*
zD66MH^T(hOt<Ruo@98Mx);tWs3`N?YDG|n7>_w${d6{|XpatU<NYnPeIBaqfbCXgM
z?Wz=^_CY5?iuG*3jl*I)J(v<^Mh1prP|K!);c8Ukg|Ng12Jle2Cd)0>OpxntF&7l&
z-C`{+$uCO1#a&#IUl5;`nNyNlR3!~*f<mkSd9DE5uP6q2?iZ7lf+j0?<z~@*&}0p3
zab9Lx8n}G~Y0EL);)I6)q<sY%Y=<pi<cFA=3UheTN(Kgof1rld6b4Yk>M0B71upXy
zo)@^xFL0S(WU;uyVsU}R0yLp+cSA_5gZ(ZC?*z}Kb~{8b_#}c5N76-(q$?ar7hnjs
z*3Ax-vLOUGW!tRqyufF3fzM`#AcVfiVS9zc_5wBpOW}5)6b>3;oFZ+=u#wAAnt8XV
zqZso+F;+)u)MO1BSOh0)H4ez6L<(aqBPY&fN$86lYnf`8ikT)b=N+kGS^!EW&;*O1
zQqU47_F-|<LBU!^lv#L;;i(dktD#n8Ax}@Ru3<y%%+@m3FymMZ#l8$>DSZkDbWmYk
z34B1BfnfnsCWKlD+E#$F>!UanMF-ME1TG!5EHw<+7yG0543rDNM%18(A$-aKEDa^l
zLmJh8j0_W)^4^nXZwhA$R|<Cu&m6R+tqaJte?8H$!3&LzP~?=5!iVms6xKu@68*%F
zym}x-U=G^Sa<cvAOtjwwp?>ow(d9xZ!pLqf0j-sW#l6TJ>ZB3Iyt_pE12z;GTmq_0
zp)Nto$*d&$Q4HCKHLNM(R7!h{d4)v#O9B!<6Bvu6aO#mnO^LN^HEg&;p^TwuJ4!m1
zs$s*{U;w4&641yHG%OMO#ZW_a0jM5^szFdG(x`4?WT;_F<V#^n<UuhLRFQ)<m4F5j
zz$^v^<g}E=n8LJ126Yf{0cdXwR4sx+brmD1*5E|QB3Rf<wG`PDIh5FDOQBLK&Z{Od
z)ybzQq$pCSB*?QR*={9j**$@|=Pr0ljSeF0!CPwBQBt3B4Li2f2i{V{UdImJQo~-y
zj%YH1nvu#3uuTe@Dt<-Hpv9Y+3<3-cRjj2YX}T6}nvA#Dic5+zlS^)~B_@Nm$=u>f
zOD##xh|dG<=Hdg5je*C`O8oNkQg5-Q<`$GxR*CrKLx&2B6%xx5GjkG?a#A&!iz-1)
zG&ay?k<#K@?76AM#fj;uw^%@}y(+2TlKg@KMEgzw+BDPC(*rjP3yL+FAO<jH78Gp&
znZyg)VOEr%12GWX0Mujws{zXwZ2>7_gX{$ZZw0#r(*Y5Kx(KYU2sEpCix;$kA~^%P
zf2?R5Xe3lLxID8YIRoUfl6>gSIV*)CPy=Np^DVZL#3In(B1>XXdhso`l*H8B{5-fl
z5aVufK<LzzTRc!Fr-HWQRq=V|l_ln6ra(=Fd5{$%%MV=#rI4JTo12)I0^7s~9s~qA
zCpjlGHLt`<K~ww|OHpca8FW<>D8357ZQ@%jS;hHzw^%{jor;Slf(A+_fr#~>fMG9A
z%}Ytl$+^XvQkq*(e2XnL54=<g)Q&D{1F7IIPR&V8E=f&+g$HPc^%iGI252v7W?uR&
zR@buBypmfi<%yXkx7Z+iOu<cPP>dxOL5EX0Zt+4~8eg2B4BA=6mQ<RSmRfX+1(bSj
zu|vIgiyM@rpe=Doba3URmc#4@6>G(yb{k||6xM?01&2mzJj8~gD+~+_9H732KMSb+
z{(;4UmG_3Aa0lB5CPU5)#v8&4*M(It39BwhxhSlCMOeGT<%Y00s3$6RQ$X~FsO0qM
zNzn_$FN$hj5!Jjds((pT|Dvej6;Z<ux4S%o6Vy6=dwe^5?}|xH$yy+`f%Srz*+nt4
zD`I9H?hp9I`m4LDXIMans#fq^;y1a#Z}L=J`MS8~C2`G*;@VflwLdVh3Pv*BRnohz
zWOPZ%=%SLz6(y4i-Zw-PuZw72646|%vPNq|^hGVlD_V}%wLC6qd7Kcxs1<lcEAXO7
z&=rxO3nD=mMS?!CF^DQ5G+b~9xDb>4fq|ib(G4`LVCD`bKQb_Adw_-;v^_xMPuk$&
zCvAU_YyeX@X!J=t0xTT?VvB-DCPcv_6QYq&ksE>%)1@a#&xp7vsCGqAZH3w;L4yl|
z26qKSFNhgk6fnLbV0=Nq_=c4H1oj&OveyMvFA1nFO<9t)!~Lwq1;daFh9MW#La(TW
zURR5`q!x1_HszvP>J_!rivnp^1kx@Dq=7;m%?gc6f<_kvjZlocA+NVX^Q^^PdA$$J
zjG_h~7#KwjJ~A_@8-8J6Qa5~VXue5o2m40(E%F~(nFO5}zc7Hv4`A{mnEb%TAS8+6
z6TM4<78e99o=U0B)SIJ+<ovrL5>vcZ=pU815EgquKJJ2i+(nW2D<bjNMba*bq+LkQ
zyC{->MI`?tGoxT3Xh1`-5Hyq_SjhO10VMJO%{%&+1T8NLT0W3fnIAnXdWFPAS)(hm
zMiaPh2+J;&Stz$e?t-xX1!4WWB9a%R>^5j!kg~fVWp`1;{)&kG1rhrja>^6j?~2Gy
z@xLgddPPL_x`@^#5v>)57e#chi0EDr(Y>K&Fv0(ZoDx{o6%m!S{zvUEIE7q@O}rqI
zbWtSfib&FRk&H_s85c#eu83q^5XriMoY-zC8|}!t8W3?qS@#1oqon=^21ZH!kIYQk
z245JMv<;pcm~CR)P`;6W3;#z}CQ(OF$cj2LeqaExp(F=9G2WGsnZvar?}B^y1?7kf
z$`KbOBCkk9UYAI?B$03-G2@~{<`s#|kIams*`RO}%?5=Vg5+Qjl!GK7NDSy*a1Oa3
zA9_JP^rA@E6_K#(BC(f5VlTv{UKB~YA_5vv5(Ez@34(``1Tz>vCNhHZ_>Ui7(-@&!
zD0M--ZU_PHb!)F+yuhb@flvD)ht3raoeLNU*45SpZKY&m;N<OK`O(1wfyD-(9clgw
z{>lvJl^6r~7|ttm1#mK-*A)t2VLorq8o<YJfrT}IllcNCGl<Q{6d=G1nj3^y+n_oF
z+%2C4-nW#(n8J|5P|Lu?P{RP4@`9*CUL#n;kOdm9085~Cff;KUaqP-P>-vD!OkiKu
zj^6EOWI)-Yi`MmEWZ-0|VZ`3;Mr|^JSL!g;GNYKrR>O>~c~U~KTV8|VpAvXumw_RR
z3miBM3=Adk^-K&5HB4!YDXeSQ(VDwREB#=)7#L99&dAVHtjXb51PXRdrYd#=JuuAV
zS7%^&35vfe70_I6acWUnYLNnHvw13La11mU1)5A&u(Y(a)YH=osgiU|25l@(O;JeB
z&&x{%x1AKyKvTa(J3#|$ytmk()gim1TfC>AYsf9`V1H-t_~4KrS4ZDlEJ>MpDYw`l
zHb81~wnVUzx7Z<-U2zep!%%b*RHL5(5unPi=q$)^mZIyR3Y-n%%%XE34ohN6N>MRr
zKoV4gLgp2@Ky#Q-MW7wzuAr*(D0t}W28&>WF9<&1mFfuViJf6K$8Lq$6>Zy#ymnW3
z?Hb%}uyD0|H+f$WP`t>ZbcIFf0*ewz$hXONg5pIMkt-}B7g$8@f(FnGF0vS2VKKbG
zVh9>Ii)Oqbr!qfxR_@IFIr$ekq&s*glz=m*!3vcNd<GZz3@&mQUg0pjz+re7x_!R(
zB8Tb~4%G`Bs&_dAuW(2#<=qf_!Nlc6$OVp|iyT2$ID)QoL|o#CxX2N8g(K<$N7M&S
z7S?D+@CYMH1_X`bfHPnd#vT>K!d&E|Ex=pcQI3Pap6SpN5pv%MRj!tyhM`yxC2OFK
z!$5|LQB+`L#S+l6V`v&iU&Q9Z5Gx7Jf{dt}?rRulGo-MBH{N5|*dxWsPy(6_hniU;
z2xWlwJ+PtnKv8+1vA7g=&}2OWL$PoTGjirccUd+l12Gh#`W|he9K`o|3d$(^QB)X;
zgwcv8w8dwT;qhR2f2M|^h8eMFCXpK@Jh_ky3#`Qw(x@j=$^dl|paFwyLK<TV;~H+X
z!UmMiplT5mYFc1qKpy-@vPTM`gF5zbGH{~W1uu3{U9<ox4Itc*!h;&;j0`>M$_yn6
z2o)*}MWSf&!;7vbg)dPsk^$7~g!ei5{X#UEia@&_i$D`FRf2x79#*kJT7GF>ie8nF
zBdh}n?Ijgk6@lDbB^3<rohT$i#TAk&6*BWuQY)+!z@>K;Kdg6^oROcIoT`WDZe`{b
zl$PjK2|`Rrh4sIz6u?C@xNBF%!v*V*>gnmZX$m2gv!Id^T+V_!m5{QTGc~U?H?;`7
z`~-X`3fPXKeo)EF6$UyW1w4&WbOKaRgJv0SvFGOJWtQX@6`cYJodzis^iHiz%1<mx
z@dQoU6qOc~z&f>{gm;TEvj~);Z?Qo<gjSZb<R)h36}@6$U<d@2;*Vk5Pgwb`u!zj{
zT2XR=#pEK3$rTop>nv86SgbCx*j!<;xxixcm5qU4x-+jQufhEWw-D$65`J)btay<_
z=?aI^1rDVf9DE&Y;JFaFi!Ab2SmZCT$ln!`p5cB`Nac!<3aF7K3nn_*Iv6{Q?{e@?
z5bVh9$eoZ3A}?~tT;Y(p07f6!*jf4S3W`h(y&!FVQPkp!sKrG=%PWGG9c(wa1t&Om
zS#?;=5L;@zpnRdt5}Qks`WGbi@A3#<5K_L#qjH5u<pPh&4IZHmw-2lgQU*UjM`ehC
z9gHBrPM5pLA%BHK{sM<Q*y$Z?A6S`K`9W<u4hC_#8EI4U8~njllm6WN3tajaxb!cw
z7+hg7xWHoYm5l)sV*Xq0FBpO97?z-mEJ0UTg08bfTw;m1$P#shCF%l8)Lj-{P{6vc
zwZEWcb0Fjbi`PXKuPZEG*I5ECu>?T0Twn<Tod+WEfr*h*?JkdKkN-s;*(*G<*LjpK
z@hB}YyvU<^g-7)Qk1A*rrrM9E+%h1KNFa#29K0R*7dhmvaL8TYkh>uy-oXxmAP-4^
z=7T_cY7cQZvN-cI9OjpF)?q%Z&FHMdeAHaSO`hSHytJDg^D$dSH#=rcwOee-pe0Ae
zMWAl<E%uzuq=Mwcf+A20>XuM)eqM5EQBi7MiC$VMX!5YQ2vmaI;w(;1EU45=%*lb|
z08qoC=rAa?vga13gXZFHu@@(%rRF9U+~P?|&CLg?2kF1Xo1R(%TJM)s3EFaXiyO)X
zaUkOhBFROmiQv;iiZb)k<DsJh0s+pB0r9RuK~AA=@xh)^u0^1-3Y-xjx#up(a@Ii5
zDy|~%a0X~t0=(V}eE0~~O=F-PvEZ#)kf}jX1_X~46oK<HDAN>yM%TbCh9Xeu`-{US
zH$SB`C)KX#JM?^%;?0Z<3?G;o85tii2w#Aq8w_F>VCV*e;RRH5gF*ZP4BcQ5xBx>p
z7<e1N@CE~S0~p?5;A;TG8w{csVCV*e)CCy2!7blmc7<F1f`ZWkwkrxo7ZpsdD41O2
zHod}a+Q9LFje$$CL+A>p!UB;iie@_mFDhDH<g~uRY2CnfgNv_${f3ZO1OE*!o(A?C
z{30Eto#j2{4Ll!Mco~I1Fu(}~c1Dp83~)k-k&*KQ1Ds&vU=;tr04GG?EU=ge52N4*
z1~?(Z0ph|55jGGPP6(MWN`7E~6IqOjjEp)T7?4OeW_Ct9kXxXHh!rF62L?D%#mLPV
U&G>-<iIh-bl=#4aNq{3207-*r9{>OV

literal 0
HcmV?d00001

diff --git a/caputre/__pycache__/demoscapture.cpython-311.pyc b/caputre/__pycache__/demoscapture.cpython-311.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..32c4b1491070317d35957b9f7930721e12b43cd9
GIT binary patch
literal 8305
zcmZ3^%ge>Uz`&rKG%fvx5(C3y5C?{tpp4H33=9m@8B!Qh7;_kM8KW2(L2RZRrVxe{
z<|yVAmKKI6mK4?&hA7q)wibpcwiNbY22GBaAnlrrx48V=f=h~06LV9GG#PI(YTaT<
zEy*xQW&}w?F~|+f3=9mPg*ZVraWd2}WI?4E7-|`77_#81Ynf^ovS2P_sAaBU$O7pE
ztFC3KVXR@QVqjpXWvyYZVF9z)YM4_Pvspk2iiAoyK{N!{u+%VDaWgP1V`N}h4L3iJ
zF@>>~y@nO8hqZ>Sh83g^EW=U5h$O>Y!w8q*tYJcuVX0w)%W$Fih8xBGJScwSMez+^
z2{**0AhL!bg(-!388ZXJYJ`9J(NwTts1V3xNMWsE$YKMT0m73RQ`l-4ve-dv5T4AK
z!d}CW#Q|c2@MOjm4rKREW=!EkcH?Bm6p(-5F)*1i1>_^Rn<g`+@SwSh7u{8p8B@^x
z#*amf0Gc_1SkwrisS(DaMg&cbC>AwhXllf<sF6TZBZ)<g6q*`oENWzs!yBGvglZVF
z;HeW?1t=Y*$X2m3Fo06vWX2RZWLXsbpnL?1L{R>L$0)k~OokMBG*>EMait=f8YL`h
zl+o0vU{RxrrbZ2m8g(=^8d%h5qN&lsqDC7{jSdzyx@c<ju&B{TQ)7TdjUk#EBP?o+
z(bSk=QDcgx#te%Zb2K#;Skzdesj<SM#u`nH4Hh-FXlm@RsIkYH0>P;dM4+gU1*Jg{
zhNR%7jF}864k#+%B{XtbgQ5b>j1<Qj_Q{MXPBk2p8B?5VI43ivxYTe>W=wHKbH5uF
z_q(I1@xY?S6HSd57B${zYJ9M$@kLYPheeG)nwkJCY68*J1YuDVjHV_8i<(e0HDOrP
zgrlj6z@jFyhI=w&N>mNcWX7e8HM})^H4Its`l^N@iwBenK)8k>ix)(La1BEiABYCw
z8ip)>5DmgL3|Rso8iZ4#=Wr}#tQ9O#2Js-cMldC2fe?g^N}`zpuh*6_F)*x#*HU<N
z!|g?`B~f*w*#XzFjFo|5H7m?Lj0`n`!3@d_C2BAc1_l*|BH3D@5>13iN^FhLY=*f^
zsI3l0hDe5#xLTn)p_I5_D65>YoS}j_lA)YYGrrV|fq{WbK|w*`$?iS{KewFxa)qbs
zcfQ!T@LB(ar~T8OckX=Fu>9%HZ7=puc{+REvjuye?&*KpGwu1TmS<BpJnLQebnWz~
ztven!G=U8%0tL)1iQ=MUqm<&3_{_Y_lKAq>yp;U%_~Oi})GB5_eaBl8Da9p5#YM@O
z(gH52#U+_}i6xo&c?tpfMI}|-!TF^{$*B;I5ZHMxr9}`08o9-qRe~Y;C5br-ZsjQo
z0g1`ksU^i#Vh|yx#N_Pq#3F>aG(_AdH7~s+Lm@v6MH7ak6OxId2;&u?+I<r%Zt=nV
znVVP<Ur=0yO<86hlCsP^kTNkWrllt4-QtHEmzoGxD1oUkxFjVdwd|H4OldKg4>DC0
z;b0Uu!U7xSMl8xeZiFj?x)F;qup8m(U~a@z2y-J$DZ-6B;0Sc8EJ-caFV1|y%)n5^
z2Nr@xoqll@B#u2DLlk^d6Y~^6aePZEDKjOrC^Z?BEE03#bHP?;CYHqK7FUUY^@G$y
ztcB>1LDd0s0aTA5T#s*J1w?}+ss?aiVXDrAItX1gD9qrh%Tp9U&Ota|1QuB+4i^SR
zE=VD=yTxEi(OfJ5Qw(>oFia(~QxVEwE=4Fqb|WaxKvpBU5f)jfZiFdBaU)DAx*K7N
z5pIO3L~$cr8QhI<Wk_!11^GB2*h9fBCo#SF7Tg~N#ToGh(2ULtG73oz%p4RoAag>4
z+|kV`ElNi<2T2Xg927Mma}dcCVl~7a`o*_+Q}WC6;!6wS!9~+8;l#4kqQvx6s14w<
z@0LhnS$ce0c}je7YI<&JUI~(D5}Ih05X2^UMh0a)QM4oq&IQF)f~ZP^OHyu$qpF0(
zQ*jlao2MT*AQYVQOY=%@p{3(AQ20aqRK*t@iBD;9WggUX#Z`Pk!6A4|Eh;WSD22rq
zb_XCw9G|1JHy%?Hld}<~!r~6QsmRgD=N#^e$JFHVB7~`~&iIt3Cc~n)xJo#<G${>K
zbs{B_DnVpHaG9scflvufy3nwOs{{#xRaOZ&78K-UCPOMZzr@_sDiLH6=fslK^!%dA
zTO0vJ`6c<u`8icwo&gGBsYS(^`FT~G&|1?opo$N<O7#q=Vy&*Vs;;dPcP%Q)FH$Hd
z%1=%$F3!wLR{*)+O2JQ46j2XB^VuzaScZTJ@WKk8Bv4U)ix(yj;j$Lxm*%D1Voy&k
zNh~QTy2Sx%3KZlQmE7V0)%su-TFOg-*6H!N#kYh}Q!m6!w8Rf{h(IDDnBwyib5n0g
zB8wzLg9#$VQ2-6ATU?n1@nw*(y2S=^Q)a;}Hjpbb3vLM%l$JoUlw)3EWlnMBEw;4$
zqTIxiTYQcsB}JJ@r6sB0z`Mm-P?VWhqA7ff1r&C-1WQ0I5pWKNIS(oX%HA*`euOHB
z&!7SzH4p(_hzghnZU`4FSER_mz)++FB0z1}A{7P(hFikLki>^-GqNC9FG3y2Dwyel
zFm)h7h&nM?t1TYPk59`l0yU#<iKB@pLEBfi_#oj^lA02ql30>>i!rrWn1O)-)Tl(m
zzYJZhVp6ga^V0JJit@8klS^Vs5_7UkGRsn9k`oI`ONvrsQc`pCi<1)zN=l1T^$IF)
z@jy(E&jST=Q78iggA4-$L$M4y149GD2aY60R*@Sr3Rh$dE^tU97*cXqq;xv?Z@_2?
z%?moV7bR>vcyEZQuHe5YX5PX5fsetJF@*6#SokHE@Cz>Cb6IEPZ{WWuXMa(`;fjRA
z1qp`>v2h)|H|%{*6kf6qxL_YJqk2W`MR}_W@>UnZ!Y^=0-|&dM5EFaJBldzv>;nD^
zM$Q)%oG&OiUr0{5z#)TI@`0Sv6*(i25g@ngf!vNE@|BH2NppqB1%1yGrWX|huP6py
z;E=nkq`5-nf`Qiw*NaL)SCoP-aL9jPv6tey!6UbTWeM*GW_u~F2RxE9ROaY@V6~Ux
z`oPA(tGGbriju<zb`Y0?fmdOH$Q4D?51b$_7Xz>Af|M(2Rv)-QTpk8qtraF$v~54|
zg1CHeE<cDXz`(1rG<-$K1!Ly}p%+!Xuc&%|5ClmGVUZ99Nr*7;sxD1mk#fPr^+4%G
zHQy_0z8^$E5@HOz>TB6Iuv{<$c}^qnibmiEagc-r7NaCV5>i+sq(KrgSnQAmNyuTb
zLmnidz`!egAtB{TLfr=j1}7$GrcVqEiHy!nA0X5Wmn$+R8%nO2hhCHky$}&|Q6}bs
zOw0!c22Un0rVolB6O<TuWiO;;d|_Znh3Io*atE1`%IFR<1w_qAxguw=!{mx}<VCs2
z3o!{7<q|H)C469D@MZF2`k)Llg#kpUFz_laRR_hX&xzEFN+DO2LO!U1B-9vqm6y7&
zaJgU<a3LuCqDsUSm52}OAQ=q?UWKLNpp*eh28uyf6oWo!f+V!CNN9s3bQt)cmbjf@
zy{P1OMal1jE=WR;fmdm%`3jQ@hM;&*4!oiq_(2~eVZgvEzm$Ci%LP49Tq}5AQSkm?
z2$C?uB4G@YFo9bRifcvRD~i4!OhFQ6SnMzdNmwxOLH*%!AoZf6&lN?V50)SaD=c<c
zgCuMicxC2>F9^Ay?QlT#qO8XiS&t94APGAx680bo2SzM1j*K8FCu~yAU@13{)D0)M
zD^3X)l2a}@rCe}I`M}H|r*uWu@P>rU6$!H)A{QlWKQc4Q*?(YQl(WB)mHojJtQ8!o
zV8V+WLwv!8_<^*}@crNq<^?b^@G4zUGW`$;<_0k`@G4(WHvbR|=7zwyp<r$pBRoO5
zpAfyM<bOrU|3f%fDuNLnMII+qFDeFHQ4IJH36_dtWZ;#Zo4z3Bf(}TRoc|R${}0h%
zsTgchv0$k<Y*O)HsRV3NiD0QDY*NW!sT6EdsbHxzY*Oi9sSIpVnP90baL_56eaHrL
zb3h?*LDA?#E|?3BraVRl74sX4MmH2xt|*w^P|>)e;&ekoW)ANSDY-fNHzZ}}NZ*iC
znv?yZ7NG~Ev4iic0}}(M<P5nL?Cbef@ogyCQhmVWi0wsiX?8<WVZPifIk5HxAxmOE
zGBZk<d|_aeGPz-5vBmoU%MtF6tW2D~j9(Z)<Oc}J!5|=afkXDkU2e$_3{0#d2;wdW
z?*%^X6^s}7v@h^!U*yoa!l844L+1v+a7PIY{`m3Z#|Ks>R*@e+eiTbEFfcR)$^^<Y
zT$JYuVq?CjDHO!We2I}Yh>aO#jtn$|1Da*|ybL@WR|220VqmC2o5QMQtYIv&uVGw(
zqy{kp1=7D7&UImkm5gCxV5nuPWiEk_Wic?+FwJI2VXR@E%`lf4eXOcS3Rz_e##mMg
zb1(x4YqFH;z{ahfbxwZTy8(G%3ObAh8J~iUOjR*iDO8zo*^&&n{4|-t&5m2FnI);Y
z#YHX*3=EnqMXsP$SP-ZI#+;p6d5g6yF{d=O7&ILSYV;I^fMmGAEktP3C5nN8p&8V4
zDPsUNUA}TKh$$^lxhSfBMO3}P?*_Z*2L@(VwHs0z*QN9>N$FjbGPojT@PUDmQx!~f
zdUZHY5WUMII3f6gkn#l~<r%IJ`XZ0Y6&{rfU<6JjDi=9auW+bdfT0iU%&cl)!#{&!
z2PN`385kJAkza=q`6-Mw4A=$~OF-&D1~GsVND32Z`Y?qhg*Am~4cjty28Pw}p;AzC
zabbuRtYt!u)*6gx?GZ|02xib^_p34tE=epZ0d+@;QWJA@OEPm)!5tHY-2A-ElKdi&
zOn#n1W?o5ZQCebhs+B@W=Kuc;3@<?wR4?T~F~fd~tr$FJc#AJ3H90>eHNK=YFE2Hx
z_?AFHQGRY_adK&XX>ojReoE>s{^GpEg5r$)lK33(px`Z@%#@tec#yUEr6src5|cqq
zQ#fCwxFoS8v$!NPIWZ?bF)uNvvN*F?lNp>Mia?=K1d3x#=3AU_2j1c+hE7p~6HGBk
zm4bo-BzdqyeN~jfz`)Q4N*a0Kq;Z#p^8%OWj?4>Oo)@@0FS2-DVez`a;&qo_@&>=e
z4RPrklCn1>WN(Oy-w>C)A*=X-pF@D{BLjy3+ZPbg;PF9-K~VAo10$;xnCM`+%OO0$
z<sygV6%NS@VDy0*CRr5Cz`)?A$$pC?FAd^UuupEW7bm8r<|Y>0;`H<jaSd{Fban;j
z0<ags4qnLs)(iH^FAkgB{FKt1RJ)>F1_lOD@lc$~z`*c<nURt4g8>7h!UYC-WORc;
q^a2b$;1O=%{J@mP$SCrG0g3cu=3rF&zyK%2co?NVFklj3X8-^;P#Z!3

literal 0
HcmV?d00001

diff --git a/caputre/__pycache__/messagejobs.cpython-311.pyc b/caputre/__pycache__/messagejobs.cpython-311.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..f28f5d769c83b2ccfd186e19fda63282f809793c
GIT binary patch
literal 5219
zcmZ3^%ge>Uz`)S6aeDeoZU%<OAPx+(KpCI+FfcGoXGmd4Va#EO0?|x4jJZrvOpG8l
za}IMZOB4&3&6vX)#R^u(7R3gp*`wG~7*berIC43oI2jpISfjX7*jgB(xS1GIxtB38
zFsz1J!oU#4lfvG@5XH;H;Lec3(ZZ0zxr~W{VKoy>K@?vKR|`WFe+qXCLzDm$Ln<$t
zenBRNR6aB@p%lho22GxqAVd5#8E^4=C#Gd51{CF|lqRPZX)@jt3dtx+O-u>M&(CqK
zNKGy+$p?wD29~ClrdA0V8X4-D80#4tnCMxWT3H%c8YP2Ff?+lW1_ovZ28PczjGz$W
zWGG>TNii^F!I>p+76U^TTm_0K+?S|+Hf5+~s9{(DvIEHs2s4Fo86yM3YPflfAeFE<
zgD8QLs9}=ABncH~V5ntGVFp1|TNxShxRn_U8H!oTnJSng8Oj+M86p`N85kLA7=sy<
z8A`xu24aW`Ly>GPQwcAG2O?8gYM5p-%w<A%T_i&ab1hRHQwnP^lvU1H&HyoAldV*r
zfq{WbK|w*`Mf<9!T`OMnZGYN7?djghPdj^`?AZNm&aUUPS`<736rRr6@N{kiSfwUY
z6}yEV7`_Z(U|=W$g`!`TqH9r6evv|2YDscNW?s5NPJVJ?4oGWaN=i{`aj})cE%wm7
z?7aN)JWcjnY{mJ>*{LPB*d5*CJ^frmZgB<sJA22wxCc4<-eOPA&&x|qF1f{>o>~G@
zn3tHFdW+MwB0067Br`wn7HdIKW?qRV^DV~WTO44E;xh|wF{T!SqD(<S;g^AnRZL1&
zVqSWFKv8~HYH~?TNn%cRNoHAUOmbpDX-QFPOm1p%abkLER(?{kUP0w8p7hj`c$iT|
zA`A=+JPZsB#rGH(7#bKpaB#3nKIIkeiJfaU$8N3J6>Xb~ytY?(Z9gzDacUh9yuriU
z@7d)!A^#$e+7%wP3p{E!#3iQJPO6<)Kc#*_;T3Vs4v!D4Oq^O^^<d&7Naq(20p{W)
ze*E}>RgR58K%#^H$6aob4-8DKk_h512k!+w(+!Fj_)IVGnO@{DyTW01fy3+uzeGnR
z4E_L_%F4tl`QyirVk-s)h9*r%6Nc3Wj_S+@rFk4p7!InlIBK&W)Mf^;^%y~HeHIYg
zgv&{q`JkPUlNj?MF;*vOW|W-C3d@-d;Ia!fXO@7{2`H&DFfgPrwlJ(=LQVgmJO@ta
zNV!Rcp-7^Zv4kC}4WyH~h7nsjZ(>Mcsb#EVL`vPPr3$dr{j#<9`QCL3;9^MO`IPxj
zb}fI=&<ak@$?&WUb-XaBXaObc>8J$@TwM(VY9?EN<S`_Nq7@Xu44O=SRjj2YX}T7g
z%(qywia`lEr8Kvo_!e7gUUGg)swU$t#<F6NJqkr2SN!6z$w|yjN=dY<Qc2FwOUq0z
zElQ0qfEJ^AHsIu1Y^MiPr3y;1GT;=uv}8%u2E~Q7OKPvHTVGPQ-r;^x-Q|k9O9R7a
zkP|hTZV4vk=a&?h6eSkK7pE4Lr4|+65-3Z|DNO}&GZS+%t5S=qlpvWJW;rNdL&6Z|
z2rC6YO_m~1w!0<h<nJF691`Rh5FhLs6y_QfT*L<|9{3p;7&Mt~alo_`34xpm3Nr<W
zH*X2S%tv^xNRfeoK@Oxa1?(SC4&=KltZ-LO|Awr~1zDF5tjr=@9~qcMxW0gh4vr5T
zC^>=;lp`PnI7gUmFucHLc7f0AB8T}E4)Y5f<~KNaVfla$ln(?z`9MONVK$d7^HO08
z<{hlIsHq#|WKiIJwgIQ^RE8+V6ox3K6vim#6s9N^CWchjEKuD9Qp12+`bV*+u%@uI
zFh+5tFa<McvfUC!RDi*mdFeT+CHZ-!^04Ikv~|VPjSbIt?SH<a``N|?PkX06+1CwD
zt$r^-c`O;`6p&RQD?t(Pc?#HBHAq!pv2_hn)n^K-N|0qmOF)K!%wS+(s9{`#mSSrd
z;-PX3pe6@H3Il3}#ZzG+*#b`YnvA!&a}z7#%kzt}Q;Ui<nQw8%XXX``B<3Zj-eLun
zyV*scY_G|5i#a)`xJV5Y^B_;ck_dZzd|qmKe0-HOmVncPN}7UnEdr;P8~j2&wI3Lm
zIRhAP2#QPrm5;muj2{@7cmo)3h)YeW{lLH|7{GW}#q5Cf1r`5`D*jhg{3ke1@%_LG
zQUXy3AwPmOeF2jY5&R^mY{jLRjX^-Tr}hGeOfjf->6f)&-oawSzMs*CU6Zj$1(Z=Z
zZ*j!OgX+8Z_*-1@@wxdar8%kb@wa&5;|og@bD%Qp@$o77$?@?;>I@7Fw>V3{t*Oks
z^jj=G`N`Qu8lZfq#lXO@lA#Dx9)L@eB4v;$h|mLtlLt7Q8W<q(0}~S~2Pn&Md|+b`
z6m9Ul!6Vh-+2ePSN9GETOoQtO7FJf-4-7a6h$SGSlR+sFmTEx7Hi-ZE69WT7JL7Z)
zPEcbBCW}IMGS)DyVMI+|wahil3qYkIib@ctgE5UUg{g%DwH#(-sA0xl7K7C@W2#SK
z16Mep90W3!fq_AVp-7>YrGyj81ywjKos6>?QdnzPW;4uXLANoIA%(4$rH%z;5`=|R
z0kM~YN@Q@peY&UV+1jN~`zO9^XnZzx!?WIXPdhe1>LakcCgUwuaOsOu9dR%)Fn}t8
z&!EVf%7|Jar7(gW#)O>3XEUTQ*Dz#(at_!Bvl-^Hp*lI3L6gO=ia$6tuSB6FAL0T9
zjVb|61zkIZfW)GbOi&BUN}-BNN5MZWtvI#BN<ovk2vmsQ;w*s4-(t%L%Yn-E+|-i9
zl*E$6TdXDd1)0gkAj=gRAW2S|fq|h)zBn~6CB7s-J{!~vz^t}hK*<r5cYic6tPQ=v
zlQJXq0#C{Xo|Fv{S4`a@%nQNMSAvru?2pWhdTESb7(iqLB!Q!Z8Ynu!p$1ClxI+yy
zI)fQBnf<CH-4Zi%Qd2;o19CWshSYf)Rm_@J3Yv`Iz|ds6#hMCg@fKNtoKLc+-9WlP
zIUeL`(HlILD_Ae^SYF_<+@K1fKQc3FS$|<*)Ut;9u}U1xVW2<<x$YMes1|0u#R78f
zEuO@bl=$StoSdY@<m_AAAYN)w5r~6S9kUjJnnqx!-(mrobBislw4}5s6;e5ass)7v
z1z6$B3o;lUfkloC3=DQ4=U-!BVE6%Q9ka8V-4K+VE;~tfM(GNd39=Uj4X+3qcCg*x
z;JeNteThT*0|TRM8Y3q8k%5sj9Tb(E=^$CobjAlDEmD^_q&_e(%2=ZjAmuh+7#KNi
zKA;jmo`TxJjI3rK7+?gr);C$fdV$a60-wnSK?r@3!}JP==>=>E+!$bHWHkdd1|%35
z7@8f~9eEfI@^CqtF&`8Ybu?r?Xvpel#+(eQsleHbfq?;(*uZ7nIdJWZ+!ZYWi9^*P
zI-sZxgA~RpRtB{8WGzb#OAS*B6R4R{f@D_>QwlR!3{<W{%}rqeHHTAJ!JR*h(y4}d
z0g`^G76t~Cu4D~E4Py<{G8P7g)o`_p450E%lfCpQyhXC1?P>4SXLA=Scm@0WDL{&_
zXFZ+Irf+*Weap**yPodqf7U<Y$*v`+<(gGNVo_qQ0<7(41ubv_plw)%r|agynl@0S
z;6lVo;rZ-!&la>pl|R|B`{kk;;DQpW3e<Xz2PIr9g%`^jA>}HltBT}0WaW?wGQJ=`
zKgUV|t#t)fm-&JjT#;txrWThZ<`&#yPtM6NP01{%5`wrD)bs_}2g-0o)(i{`ewu8z
zm^1TAZn2bP=BD1_@bPzc^ojQj0GAH8*osS&ax+W7c|{XBw{gN<ev2E)RYlIA3<b`2
zpx!vR^t>ej4Yqh_U$r<szbGZOC^e<Xn}LDB2c#n(T#J7dVh|LW>N3T1qW2W<1u7Rs
z)Gi9BUlCAm@Vp_b*5KKZeUU}#uB2jvXGi8m7KytooENx^XOv#xGQPlNyaL3zz-4@q
z#pDW$$psdZ2Q2*8S;Q`}h)u0skg<VvL*+#l$15z37hnin*=q_Hf$GRxtl%;o(g6T9
z<C9B^ic<4R^dO~4F}P7zBo1nLfC{`K&~U>o)<V!QPZ7woMe-miP;a})9mE2)`XTKU
zP$2{MCZweD0?8VJ2zYzu7l#d`b!1oM&%nR{YA6(g$PdhnjEpxJcpJd*0fYPnRCI&E
z@B%8j!NA=BhDZ#73k*<ngF*ZPD*C|2AgXzRLGS|;52NG<1~?(dz$4LN(`naZ*TC_C
zjfasBBnKrFco=0tTy)|i0}rF@7Z3rFRp4ec`@jGvWcV1J7(Xx|k#Y<?au>K|FLKLY
a;g)aUxWT7*flu)wpYjzxWr!!h@dE&Dtph^<

literal 0
HcmV?d00001

diff --git a/caputre/__pycache__/safemap.cpython-311.pyc b/caputre/__pycache__/safemap.cpython-311.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..308a8241445f9b4d6a69bff86fc059d08149d139
GIT binary patch
literal 7835
zcmZ3^%ge>Uz`*dRVtV==2?mD8APx+(KpCG47#J9)Go&!2Fy=5sfoP^2#t;T326u)O
z<`#w&mSs!~46B)-su`k~m>5!-mN76etcD3OBr;<YOJQwch+;`$Yhj3DO<`|gh+<3O
z0F#Wt44RxTLAw1k8E-LaC4-nS%m`(CRs%aLl_82Tg&~S5g|USpiaCV|Y$P+-NEWbR
zticSLY`1trGKx|YQ-TxIQhgH(l3|8`%mTTbnSp`fvkTb3OokeUc#t?4mw;rzECz-w
zkV-Hc)ps=v@o-fs48aU58T~X_ZZYR37Tn@20b84ymwt=ICqFs+7E4Zka<(SpEtcZc
zoU~$)GZcR5xLC!cWF_XM=LZz!XQd{W#FQlFWS3-?rN$&D7L=A0rN$H|rlsa47U&gJ
z-r|Ul&&<m#iI1-mL-CUyOdJ$%#WD;G3=Ir7ghe}8dN}Ti$WHOQD57#jM5TkJhqHsT
zgYz@UAIWfMGcYi)F)%QI_@AS|!BE4H1yTaWrVNY>HB2=OSs?d<MQRvr7#KiFfgyzf
zHToGDKtZ6)V8~F+QqEMt9LZ45$jA`Mz{miRDPm_}U|7ji#Ld9KP{hH&z@W)o#KXYA
zaEm!Rwel8gSz=CUYB9(i3JMBEykLof(vm7cRKFIKmVopYS3<nWE7%kHfq{`z2~6CO
zQS5N(@t6?Y>HC2hCJ2`K2vYL}M1Z;Yi61|H;8#!#a(4%}0`meE753$fD(uPd1cDr%
zRoKH5DKr-#>jQ@`h^S#qM+@6zrWA0Pqlb7f1A*|?WJZMdE#~ypl9f#0Kra$vU|=W)
z*$xftA~6OA2K2yAPb~rYw73y9ur)xTqj5u6e2T?%n@Khcm=`!*6jr|?tPTovh$L7A
zm;i;m1}NmwCBU)>0vhPJRY3w>+JJcjiwXO7MiU%?9!4<GYZz_8fk{>ZE)oPKUvae1
zyTw+NnwwviS|x&-S|OqWAl2olVJHXkx!er_ktrNAgeUNVLJlGX76%2I94OF`#K02R
z2x!RRRtgC@PC4dzEK2N48I{=mG}%F=NnT=ZYJB`HuK4)e{FKrh5Su4HzOXbg2O?9%
z2lA^3hybOIB1upNW+>tZ34k(a5i5uVB0$-;H~{R!1_lWHz{JF=`hfvXa4@kdfw)kD
zgNaoG#Dx+ZOssMsE;<3R3}gjLkp(JBKz4qXU;@`rj0-^d1_ReH)G(rEnOf!)TxuC>
z&@x>uO9?20KuyJwRhgGDGBB)$7mu~9HLS%_MCfC|qE8P+AIN`DyAf0ka}85EV+~UZ
z6DTqu;;6h7<~hu$eufmkHLNKt2tBoIHEat&^##NTB(jDH)n%Xx0NJ)$_7YGD4%Jb^
zn!<`OwT2zlW{@nXx+npq7K9EqygJxGI%?QJ?gg=k3KLdTdm%p7WcT~UT3xGCU3-f+
zATc>RwIn_#H7~s+LzDRydjVLW_!d`gW*$`d7FTX!1(aQ+2uj*YAVL{bRk7b<OUp0H
zO)R;^nUYwNSe%<!Pz)|Ii$K}q7F%LLL26#gE#}<JJW%~#p~-QJwYVtRv)~q6N@{Tl
zh=$k*E_iQo7p0b^78R$)gQ`BZqSWHjoRVAI5Ebz`nZ+fy_>xPDic<4nPA&#jdJ0eg
zsU5irN=v}rN-ilfU|?X70F^TGjG)^80heIEUYFhs(FJT5xzw+4sW&*^5R#m(H%V`S
z*b32$Li$&P^c%dtvN7<9_s4d{&M>~nD}RMozQOGVx8Mf`Mpm7>f>P6EC&|vJz9^`D
zMNqqg?E@PFkI)AOepcnD9D@D4UAz;LZ%D{ZsJJ1eut5Hblp&1%z|JDW^?`v!hU+5(
z3n%v%5b*(x;A0S%oe_COOud8q28Zx<4yj8VQZvjhawuKlP`bdObVE{p0sj?AgATsC
z@=6QLR_I(&Hs2w4QQqT<yhjIHN6keJ8JrR~q*OcDIw~)6NZy4x6UpQYVDrI6N;0TO
zfu=|XcxiHknSr5Qa5@8?GJ**;rPZ?HRLg`>_OPL(Wu&qN<`4#k8dlWYSIb_*UMxq1
zJ~k}+m_QA(6sB5^6sB6v8uk=sM82!#s$oYd54b^X@*4IOHiQ}%2GrJWEl&w3q@a$i
z;X$>rgcB;kz`%emSH;c1&?ShhyF)OIF@?Q_qlO3F7Sc?u<wbXMtZOY_4POce!XLH#
zHGC<Y2!0K7HaP5yglhOwxRAtIpyF&b95wt^ybKJr96cIndSPk=(e%R1WUb+Z>gDWl
ztKq0&NZ|&RVl|vK3@JQd7FP{J3NM(&UBi&V2V!*!)-a^-gIG1ZH4G^NAQo~d3vPu$
zgEvL6hM@#hF+=&wSQr>q!%K2T28{5~0*8kX!k;O^P=Ctcv_qtZ51$=9+MEn1X%bXA
zLEVF((9<#_F?!I_F{C6{W+(x*SD{9$Fcfju3PdubFw_dv34qf$m{rbL&H(9lXo~t3
z$%D#nP&^mGOL3IWA1KI#L7hK2aDy?Op@t!rtCq2bF@*sUR1=wcxPuuq8H*G^rpbb8
z0;XF`dIm+>pu!epI<)!xi^~R7Y$xaE7T8s(z)I#4$GpVKoZ?D7o1FaQ#GGO~J%lPR
zkO?3Y8yGH#`a#eJwFzl6;;)G5Lbw-1{lJA4xH3X<Jg9A8405~%0|UcUMsEg2hUp*=
z@PItf$yCJ!>Y`O~FffEMOlM?d=;2KP^{km*f?VuZ1hQ3=xd>#yEjCD%cuOcZH8C$9
zRs(^nNoZ%R0bJeu;<QOm%}cE)D6*?k#^XPjA|H_V>=_sse!O6K!O+0)fq_Yp4NTn7
zH|-F+Af$4UQ)PwVMGmbG%rF_SG#UX8fLnrY<tgzVsfj76Me#mh$K7JfEQl{IN(R#@
z#U)iBB?=HF3J@h#f==Zr=t91kc?#fKvjncnH?aauNXR!e5nY)WiY|q)#G=f^yyVnd
zJjEqNsfoGqCHV!J$+uWaDhpC?v3P`p1l;1vC@Cp`h--2csen?DDu@8JrEf78m*(DL
z&PmO?B~eh6pHiBf8lRh5T%4GmS{$EWl#*JMnsSQ+DpPce8#0;@Uyz@l18#=j;_yzb
zbS)~%FVYmc#g?B08ayb{1evY{?m2@(h6U8}0Jk@abU-q?AQ{25@|5@tNJv7XUN8w$
z2-GS<Nes6HL5(9+AwCpt@h!13XrQ2`BXDN9C0vqUl9+>LHDhX#1t_6_ayPVbgP<J1
z3GbEwdTJ{QVqjn}1!>D?Vqo~uz(84ZhnZCvqq%c~Uli2S628GB)ZzAljX_fC0*mMk
z3CRmAq9C69jG8MFI$$9=81n-ggP1?#1yR2pZU-!{*!W%$^}8tQcSY2%!SAl5%#65;
zk~&u;b=DSdu)C=5bVc9kqNLLW7O}gs3TO!)%)Mdh4$c-ILAmA&i1^6BB**pzL_Fo-
z?(n<FA$^5I`XeiooXiClsSjKX!jdy2uLvoBU|?f41rr@?H{?_<s9Ic+v%J6|{eW9=
zg2okY=^4eBxRow&D=jEnk#R-ce22*;b^8nI_BVKBFDRN^<T1IxBYS~I_6D!;1dl7c
zvI|5m@v2_nRb8RBLE?&*)sEy#T8<aA9FbN3xS?R!;C6vq?jnmkVWy%nNUi)u7KIzC
z)*z<xMHZE(EHZN=7UXRR+v|Oi#p4Q##|0LT8$uFL|1h!oGlF`C{)`=LH+Y05nDzM0
zaJ$5#bb&|dE|1F6h!r_I%#Lbb<ng=0<9C6_@5cuw7FOQ79D>(5Brb7C%n-iFA$x^G
z_5z12LQMK1hw2p$)eA86<1V)_sM*VlAZ~E*bg;nS4^R)AnUR(E$B!Syprm?C#KfJ8
z;W!tUyFBx8DOPuRW|a0MsA>U~(4XZ<?VaLoO=9*=2c$Jw!;ZZloWg`YWL3*i!%+-w
zf!1)Kv^+Uem}|LGm}|LfIB}ST);CUJg|=5>YdDeHr|@>1at&t+JEGFAfwj@ZaoWI<
zg4Rc_<;v4TGaY7%5}N6-mYx_1rgPVD)i9-Sg4%U8+%-%oTp$*x<+73++EM}cH$l~N
zksYX*W)5)<D6$5X+8~v;xXUy1Qu52=i!-ZIZ;5&4WtPN;XXeExRhFa{$EW2Nl_wUZ
z+!99<PfASA21%@BMyq^Q^4wx8E=rEiEV#uEsw2P*NF7pK<N>nO6GVVgI-=$%(gV4R
zCoQw6xCC0h-x2_iN0(>j!QCJT7lGLh9(+O+>d^MmE$P&XlA^@q67Z0AW@1h}k`Id#
z85kHcKn1)LN_SRlf%ru(%`04*i0-WT3bl(uhF63Pad&5lDc^-9r)y2pni08z>7tPK
z6(Q{g?;G4=pwfW<1_vLw_bVblqi~8{gU<&x22eF10<R1>M6R=oUt$-Z!FG{d{tCPN
z0@F+E8W-3#Zg7jw;JCuAxFGlvx5fo-jTJFFG_L46A1Jw`>wQ7j`+>anb$R_u^7<Qi
zcNAWfcf2C+c!5Xe0*}lMUdb66S9p~dlw9J~zQC)!foDg=6$7^u%9jj$FBtefP|&%q
zU~oynV1w)d#)}G0R}`Es@W_5(W6-p0aKFH#a*;*#hNcyWsd|w`?E)Bq+fbt=)MyC>
z?LaZ4V3vP4OQ@m{P+1TOB0%#)*t0V@$AXDIP_{KAA=^IX73;?wgCdw|9|%d{&9V=K
z<scdMfw;s47HD>Tz%D!pGV22k3sC;VomDm2i#S1rEjP4Bkd>cQ3>j+&_a8umec(1Q
zIKaWZIdBdKH<y2L*gyvJ?TS(u7#KhU)5S{}7#Kb<Gcq#XU=X+fLpK;CFTl_TCVob_
z4-A;ZN08VT5CM@@VBnVM(CyUk(Qn{<z$4k=+v(rq-@y5SO^Q+Z0|T6}GGgTYzyK%G
V7?l~VKQO=vA4XXaACmxk0|3w^jcNb@

literal 0
HcmV?d00001

diff --git a/caputre/capturetask.py b/caputre/capturetask.py
new file mode 100644
index 0000000..e12bdfb
--- /dev/null
+++ b/caputre/capturetask.py
@@ -0,0 +1,375 @@
+# -*- coding: utf-8 -*-
+import ctypes as ct
+import libpcap as pcap
+from concurrent.futures import ThreadPoolExecutor
+from scapy.all import *
+import threading
+import socket
+import json
+import msgpack  # 使用 msgpack 替代 JSON
+from safemap import *
+from demoscapture import *
+local_ip = socket.gethostbyname(socket.gethostname())
+
+# 初始化错误缓冲区
+errbuf = ct.create_string_buffer(pcap.PCAP_ERRBUF_SIZE + 1)
+running = True
+selected_device = None
+clients = []
+packet_queue = Queue()  # 全局队列,用于存储捕获的数据包
+# 获取所有网络设备
+def list_devices():
+    alldevs = ct.POINTER(pcap.pcap_if_t)()
+    if pcap.findalldevs(ct.byref(alldevs), errbuf) == -1:
+        print("Error finding devices: ", errbuf.value.decode())
+        return []
+
+    devices = []
+    dev = alldevs
+    while dev:
+        devices.append(dev.contents.name.decode())
+        dev = dev.contents.next
+
+    pcap.freealldevs(alldevs)
+    return devices
+
+# 打印并返回 Payload
+def print_payload(packet):
+    try:
+        if packet.haslayer(Raw):
+            payload = packet[Raw].load.decode(errors='ignore')
+            return payload
+    except Exception as e:
+        print(f"Error printing payload: {e}")
+    return "nodata"
+
+def compute_statistics(srcIp,destIp):
+    pass
+# 判断是否为 HTTP 报文
+def is_http_packet(packet):
+    try:
+        if packet.haslayer(Raw):
+            payload = packet[Raw].load.decode(errors='ignore')
+            if payload.startswith(('GET', 'POST', 'HEAD', 'PUT', 'DELETE', 'OPTIONS', 'PATCH')) or 'HTTP/' in payload:
+                return True, payload
+    except Exception:
+        pass
+    return False, None
+# 判断是否为 FTP 报文
+def is_ftp_packet(packet):
+    try:
+        if packet.haslayer(Raw):
+            payload = packet[Raw].load.decode(errors='ignore')
+            if payload.startswith(('USER', 'PASS', 'RETR', 'STOR', 'LIST', 'QUIT')):
+                return True, payload
+    except Exception:
+        pass
+    return False, None
+# 判断是否为 SSH 报文
+def is_ssh_packet(packet):
+    try:
+        if packet.haslayer(TCP):
+            # SSH 默认端口为 22
+            if packet[TCP].sport == 22 or packet[TCP].dport == 22:
+                return True
+        if packet.haslayer(Raw):
+            payload = packet[Raw].load.decode(errors='ignore')
+            if payload.startswith('SSH-'):
+                return True
+    except Exception:
+        pass
+    return False
+# 判断是否为 Telnet 报文
+def is_telnet_packet(packet):
+    try:
+        if packet.haslayer(TCP):
+            # Telnet 默认端口为 23
+            if packet[TCP].sport == 23 or packet[TCP].dport == 23:
+                return True
+    except Exception:
+        pass
+    return False
+# 判断是否为 ARP 报文
+def is_arp_packet(packet):
+    try:
+        if packet.haslayer(ARP):
+            return True
+    except Exception:
+        pass
+    return False
+
+# 检查报文类型
+def check_packet_type(packet):
+    """检测报文类型,并返回主要类型和协议详情"""
+    # HTTP 检测
+    is_http, http_payload = is_http_packet(packet)
+    if is_http:
+        return "HTTP", {"http_payload": http_payload}
+
+    # FTP 检测
+    is_ftp, ftp_payload = is_ftp_packet(packet)
+    if is_ftp:
+        return "FTP", {"ftp_payload": ftp_payload}
+
+    # SSH 检测
+    if is_ssh_packet(packet):
+        return "SSH", {}
+
+    # Telnet 检测
+    if is_telnet_packet(packet):
+        return "Telnet", {}
+
+    # ARP 检测
+    if packet.haslayer(ARP):
+        return "ARP", {
+            "hw_src": packet[ARP].hwsrc,
+            "hw_dst": packet[ARP].hwdst,
+            "p_src": packet[ARP].psrc,
+            "p_dst": packet[ARP].pdst,
+        }
+
+    # ICMP 检测
+    if packet.haslayer(ICMP):
+        return "ICMP", {
+            "icmp_type": packet[ICMP].type,
+            "icmp_code": packet[ICMP].code,
+        }
+
+    # DNS 检测
+    if packet.haslayer(DNS):
+        if packet[DNS].qd:
+            return "DNS", {
+                "query_name": packet[DNS].qd.qname.decode(),
+                "query_type": packet[DNS].qd.qtype,
+            }
+
+    # 普通 TCP 检测
+    if packet.haslayer(TCP):
+        return "TCP", {}
+
+    # 普通 UDP 检测
+    if packet.haslayer(UDP):
+        return "UDP", {}
+
+    return "Unknown", {}
+def packet_handler(packet):
+    global clients
+    try:
+        # 获取当前主机的 IP 地址
+        packet_data = {
+            "host_ip": local_ip,  # 添加主机 IP 地址
+            "ip_src": None,
+            "ip_dst": None,
+            "chioce":"dataPacket",
+            "type": "Unknown",
+            "payload": None,
+            "protocol_details": {},
+            "Fwd_Header_Length": "N/A",
+            "Packet_length":"N/A",
+            "timestamp": packet.time,
+            "window_size":"N/A"
+        }
+        # 获取 IP 层信息
+        if packet.haslayer(IP):
+            packet_data["ip_src"] = packet[IP].src
+            packet_data["ip_dst"] = packet[IP].dst
+
+        # 获取 TCP 信息
+        if packet.haslayer(TCP):
+            packet_data["type"] = "TCP"
+            packet_data["src_port"] = packet[TCP].sport
+            packet_data["dst_port"] = packet[TCP].dport
+            ip_header_length = packet[IP].ihl * 4  # IP 头部长度(字节)
+            tcp_header_length = packet[TCP].dataofs * 4  # TCP 头部长度(字节)
+            packet_data["Fwd_Header_Length"] = ip_header_length + tcp_header_length
+            packet_data["window_size"] = packet[TCP].window  # 提取 TCP 窗口大小字段
+        # 获取 UDP 信息
+        elif packet.haslayer(UDP):
+            packet_data["type"] = "UDP"
+            packet_data["src_port"] = packet[UDP].sport
+            packet_data["dst_port"] = packet[UDP].dport
+            ip_header_length = packet[IP].ihl * 4  # IP 头部长度(字节)
+            udp_header_length = 8  # UDP 头部长度固定为 8 字节
+            packet_data["Fwd_Header_Length"] = ip_header_length + udp_header_length
+        # 获取 ARP 信息
+        elif packet.haslayer(ARP):
+            packet_data["type"] = "ARP"
+            packet_data["protocol_details"] = {
+                "hw_src": packet[ARP].hwsrc,
+                "hw_dst": packet[ARP].hwdst,
+                "p_src": packet[ARP].psrc,
+                "p_dst": packet[ARP].pdst,
+            }
+        # 获取 ICMP 信息
+        elif packet.haslayer(ICMP):
+            packet_data["type"] = "ICMP"
+            packet_data["protocol_details"] = {
+                "icmp_type": packet[ICMP].type,
+                "icmp_code": packet[ICMP].code
+            }
+            ip_header_length = packet[IP].ihl * 4  # IP 头部长度(字节)
+            icmp_header_length = 8  # ICMP 通常固定为 8 字节(视 ICMP 类型而定)
+            packet_data["Fwd_Header_Length"] = ip_header_length + icmp_header_length
+        # 获取 DNS 信息
+        elif packet.haslayer(DNS):
+            packet_data["type"] = "DNS"
+            if packet[DNS].qd:
+                packet_data["protocol_details"] = {
+                    "query_name": packet[DNS].qd.qname.decode(),
+                    "query_type": packet[DNS].qd.qtype
+                }
+        # 检查其他协议类型
+        packet_type, protocol_details = check_packet_type(packet)
+        packet_data["type"] = packet_type
+        packet_data["protocol_details"].update(protocol_details)
+        packet_data["Packet_length"] = len(packet)
+        packs= print_payload(packet)
+        if packs!="nodata":
+            # 获取 Raw Payload
+            packet_data["payload"] = '{}'.format(packs)
+        else:
+            packet_data["payload"]=""
+        # 将数据发送给所有连接的客户端
+        if packet_data.get("ip_src")!=local_ip:
+           packet_queue.put(packet_data)
+        # 在控制台打印信息
+        if packet_data["type"]=="TCP":
+            print(f"Regular TCP Packet: From {packet_data['ip_src']}:{packet_data.get('src_port')} To {packet_data['ip_dst']}:{packet_data.get('dst_port')} (Host: {local_ip})")
+        if packet_data["type"]=="UDP":
+            print(f"Regular UDP Packet: From {packet_data['ip_src']}:{packet_data.get('src_port')} To {packet_data['ip_dst']}:{packet_data.get('dst_port')} (Host: {local_ip})")
+        if packet_data["type"] == "ICMP":
+            print(f"ICMP Packet: Type={packet_data['protocol_details']['icmp_type']} Code={packet_data['protocol_details']['icmp_code']} (Host: {local_ip})")
+        if packet_data["type"] == "DNS":
+            print(f"DNS Query: {packet_data['protocol_details']['query_name']} Type={packet_data['protocol_details']['query_type']} (Host: {local_ip})")
+        if packet_data["type"] == "ARP":
+            print(f"ARP Packet: Who has {packet_data['protocol_details']['p_dst']}? Tell {packet_data['protocol_details']['p_src']} (Host: {local_ip})")
+        if not packet_data["ip_src"] or not packet_data["ip_dst"]:
+            pass
+        else:
+            putPackect('{}:{}'.format(packet_data["ip_src"],packet_data.get('src_port')),
+                       '{}:{}'.format( packet_data["ip_dst"],packet_data.get('dst_port')), packet_data)
+    except Exception as e:
+        print(f"Error parsing packet: {e}")
+# 捕获网络流量
+def capture_packets(interface):
+    global running
+    print(f"Starting capture on interface: {interface}")
+    try:
+        running = True  # 启动捕获
+        sniff(iface=interface, prn=packet_handler, store=False, stop_filter=lambda x: not running)
+    except Exception as e:
+        print(f"Error capturing packets on {interface}: {e}")
+# 切换设备时停止捕获
+# 处理客户端连接
+def handle_client(client_socket):
+    global running, selected_device
+    try:
+        buffer = ""  # 初始化一个空字符串缓冲区
+        while True:
+            data = client_socket.recv(4096)  # 接收数据
+            if not data:
+                break  # 如果数据为空,退出
+            buffer = data.decode("utf-8").strip()  # 解码并去掉多余的空白字符
+            print(buffer)
+            command = json.loads(buffer, strict=False)
+            # 处理客户端的命令
+            if command.get("action") == "fetch_next":
+                # 从队列中取出一条数据并发送
+                if not packet_queue.empty():
+                    next_packet = packet_queue.get()  # 从队列中获取数据包
+                    client_socket.sendall(json.dumps(next_packet).encode("utf-8"))  # 发送数据包
+                else:
+                    # 队列为空时通知客户端
+                    client_socket.sendall(json.dumps({"chioce": "dataPacketNone", "status": "empty","message": "No packets available"}).encode("utf-8"))
+            elif command.get("action") == "stop":
+                print("Stopping packet capture...")
+                running = False
+                client_socket.sendall(json.dumps({"chioce": "stops", "ip": local_ip}).encode("utf-8"))
+                break
+            elif command.get("action") == "status":
+                client_socket.sendall(json.dumps(
+                    {"chioce": "controlstatus", "status": "running", "ip": local_ip,
+                     "device": selected_device}).encode("utf-8"))
+            elif command.get("action") == "list_devices":
+                # 返回可用设备列表
+                devices = list_devices()
+                client_socket.sendall(
+                    json.dumps({"chioce": "controldevice", "ip": local_ip, "devices": devices}).encode("utf-8"))
+            elif command.get("action") == "switch_device":
+                # 切换捕获设备
+                new_device = command.get("device")
+                if new_device in list_devices():
+                    print(f"Switching to device: {new_device}")
+                    running = False
+                    threading.Event().wait(1)  # 简单延迟,确保当前线程完全停止
+                    selected_device = new_device
+                    running = True
+                    threading.Thread(target=capture_packets, args=(selected_device,), daemon=True).start()
+                    client_socket.sendall(json.dumps(
+                        {"chioce": "controlswitch", "status": "switched", "ip": local_ip,
+                         "device": new_device}).encode("utf-8"))
+                else:
+                    client_socket.sendall(
+                        json.dumps({"chioce": "controlerror", "error": "Invalid device"}).encode("utf-8"))
+            else:
+                # 如果命令未知,则返回错误信息
+                client_socket.sendall(
+                    json.dumps({"chioce": "controlerror", "error": "Unknown command"}).encode("utf-8"))
+
+    except Exception as e:
+        print(f"Error handling client: {e}")
+    finally:
+        pass
+
+
+def tcp_server():
+    import socket
+    global clients
+    server = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
+    server.bind(("0.0.0.0", 9999))
+    server.listen(5)
+    print("TCP server listening on port 9999...")
+    while True:
+        client_socket, addr = server.accept()
+        print(f"Accepted connection from {addr}")
+        clients.append(client_socket)
+        threading.Thread(target=handle_client, args=(client_socket,), daemon=True).start()
+def main():
+    global running, selected_device
+    # 启动 TCP 服务器线程
+    threading.Thread(target=tcp_server, daemon=True).start()
+
+    # 列出所有网络设备
+    devices = list_devices()
+    if not devices:
+        print("No devices found.")
+        return
+
+    print("Available devices:")
+    for i, dev in enumerate(devices):
+        print(f"{i}: {dev}")
+
+    # 选择初始设备
+    try:
+        choice = int(input("Select a device by index: "))
+        if choice < 0 or choice >= len(devices):
+            print("Invalid choice.")
+            return
+    except ValueError:
+        print("Invalid input.")
+        return
+
+    selected_device = devices[choice]
+    print(f"Selected device: {selected_device}")
+
+    # 开始捕获流量
+    threading.Thread(target=capture_packets, args=(selected_device,), daemon=True).start()
+    threading.Thread(target=monitor, args=(selected_device,), daemon=True).start()
+    try:
+        while True:
+            threading.Event().wait(1)  # 每秒钟等待,避免高 CPU 占用
+    except KeyboardInterrupt:
+        print("\nStopping...")
+        running = False
+# if __name__ == "__main__":
+#     main()
diff --git a/caputre/demoscapture.py b/caputre/demoscapture.py
new file mode 100644
index 0000000..73d1ab3
--- /dev/null
+++ b/caputre/demoscapture.py
@@ -0,0 +1,162 @@
+# -*- coding: utf-8 -*-
+
+
+# 配置网络接口
+  # 请根据您的系统更换网卡接口
+# Destination Port	 Flow Duration	 Total Fwd Packets
+# Total Backward Packets	Total Length of Fwd Packets	 Total Length of Bwd Packets
+# Fwd Packet Length Max	 Fwd Packet Length Min	 Fwd Packet Length Mean	 Fwd Packet Length Std
+# Bwd Packet Length Max	 Bwd Packet Length Min	 Bwd Packet Length Mean	 Bwd Packet Length Std
+# Flow Bytes/s	 Flow Packets/s	 Flow IAT Mean	 Flow IAT Std	 Flow IAT Max	 Flow IAT Min	Fwd IAT Total
+# Fwd IAT Mean	 Fwd IAT Std	 Fwd IAT Max	 Fwd IAT Min	Bwd IAT Total	 Bwd IAT Mean	 Bwd IAT Std
+# Bwd IAT Max	 Bwd IAT Min	Fwd PSH Flags	 Bwd PSH Flags	 Fwd URG Flags	 Bwd URG Flags	 Fwd Header Length
+# Bwd Header Length	Fwd Packets/s	 Bwd Packets/s	 Min Packet Length	 Max Packet Length
+# Packet Length Mean	 Packet Length Std	 Packet Length Variance	FIN Flag Count	 SYN Flag Count
+# RST Flag Count	 PSH Flag Count	 ACK Flag Count	 URG Flag Count	 CWE Flag Count	 ECE Flag Count
+# Down/Up Ratio	 Average Packet Size	 Avg Fwd Segment Size	 Avg Bwd Segment Size
+# Fwd Header Length	Fwd Avg Bytes/Bulk	 Fwd Avg Packets/Bulk	 Fwd Avg Bulk Rate
+# Bwd Avg Bytes/Bulk	 Bwd Avg Packets/Bulk	Bwd Avg Bulk Rate	Subflow Fwd Packets
+# Subflow Fwd Bytes	 Subflow Bwd Packets	 Subflow Bwd Bytes	Init_Win_bytes_forward
+# Init_Win_bytes_backward	 act_data_pkt_fwd	 min_seg_size_forward
+# Active Mean	 Active Std	 Active Max	 Active Min	Idle Mean	 Idle Std	 Idle Max	 Idle Min
+
+
+from nfstream import NFStreamer
+from safemap import *
+# 配置网络接口
+INTERFACE = r"eth0"  # 请根据您的系统更换网卡接口
+def format_nflow(flow):
+    """
+    从 NFlow 对象提取特性并返回格式化的数据字典。
+    """
+    try:
+        total_fwd_packets = flow.src2dst_packets
+        total_bwd_packets = flow.dst2src_packets
+        total_fwd_bytes = flow.src2dst_bytes
+        total_bwd_bytes = flow.dst2src_bytes
+        total_packets = total_fwd_packets + total_bwd_packets
+        total_bytes = total_fwd_bytes + total_bwd_bytes
+
+        # 假设有计算 forward bulk 的辅助属性
+        # num_forward_bulks = flow.src2dst_bulk_count  # 前向块数量
+        # total_bulk_duration = flow.src2dst_bulk_duration_ms / 1000.0
+
+        # 计算字段
+        down_up_ratio = round(total_bwd_bytes / total_fwd_bytes) if total_fwd_bytes > 0 else 0
+        average_packet_size = (total_bytes / total_packets) if total_packets > 0 else 0
+        avg_fwd_segment_size = (total_fwd_bytes / total_fwd_packets) if total_fwd_packets > 0 else 0
+        avg_bwd_segment_size = (total_bwd_bytes / total_bwd_packets) if total_bwd_packets > 0 else 0
+
+        subflow_fwd_packets = flow.src2dst_packets
+        subflow_fwd_bytes = flow.src2dst_bytes
+        subflow_bwd_packets = flow.dst2src_packets
+        subflow_bwd_bytes = flow.dst2src_bytes
+
+        # TCP 初始化窗口大小
+        init_win_bytes_forward = getattr(flow, "src2dst_init_window_size", "N/A")
+        init_win_bytes_backward = getattr(flow, "dst2src_init_window_size", "N/A")
+
+        formatted_data = {
+            "Destination Port": flow.dst_port,
+            "Source Port":flow.src_port,
+            "Flow Duration (ms)": flow.bidirectional_duration_ms,
+            "Total Fwd Packets": flow.src2dst_packets,
+            "Total Backward Packets": flow.dst2src_packets,
+            "Total Length of Fwd Packets": flow.src2dst_bytes,
+            "Total Length of Bwd Packets": flow.dst2src_bytes,
+            "Fwd Packet Length Max": getattr(flow, "src2dst_max_ps", "N/A"),
+            "Fwd Packet Length Min": getattr(flow, "src2dst_min_ps", "N/A"),
+            "Fwd Packet Length Mean": getattr(flow, "src2dst_mean_ps", "N/A"),
+            "Fwd Packet Length Stddev": getattr(flow, "src2dst_stddev_ps", "N/A"),
+            "Bwd Packet Length Max": getattr(flow, "dst2src_max_ps", "N/A"),
+            "Bwd Packet Length Min": getattr(flow, "dst2src_min_ps", "N/A"),
+            "Bwd Packet Length Mean": getattr(flow, "dst2src_mean_ps", "N/A"),
+            "Bwd Packet Length Stddev": getattr(flow, "dst2src_stddev_ps", "N/A"),
+            "Flow Bytes/s": flow.bidirectional_bytes / flow.bidirectional_duration_ms * 1000 if flow.bidirectional_duration_ms > 0 else 0,
+            "Flow Packets/s": flow.bidirectional_packets / flow.bidirectional_duration_ms * 1000 if flow.bidirectional_duration_ms > 0 else 0,
+            "Flow IAT Mean (ms)": getattr(flow, "bidirectional_mean_piat_ms", "N/A"),
+            "Flow IAT Stddev (ms)": getattr(flow, "bidirectional_stddev_piat_ms", "N/A"),
+            "Flow IAT Max (ms)": getattr(flow, "bidirectional_max_piat_ms", "N/A"),
+            "Flow IAT Min (ms)": getattr(flow, "bidirectional_min_piat_ms", "N/A"),
+             "Fwd IAT Mean (ms)": getattr(flow, "src2dst_mean_piat_ms", "N/A"),
+            "Fwd IAT Stddev (ms)": getattr(flow, "src2dst_stddev_piat_ms", "N/A"),
+            "Fwd IAT Max (ms)": getattr(flow, "src2dst_max_piat_ms", "N/A"),
+            "Fwd IAT Min (ms)": getattr(flow, "src2dst_min_piat_ms", "N/A"),
+            "Bwd IAT Mean (ms)": getattr(flow, "dst2src_mean_piat_ms", "N/A"),
+            "Bwd IAT Stddev (ms)": getattr(flow, "dst2src_stddev_piat_ms", "N/A"),
+             "Bwd IAT Max (ms)": getattr(flow, "dst2src_max_piat_ms", "N/A"),
+            "Bwd IAT Min (ms)": getattr(flow, "dst2src_min_piat_ms", "N/A"),
+            "Fwd PSH Flags": getattr(flow, "src2dst_psh_packets", "N/A"),
+            "Bwd PSH Flags": getattr(flow, "dst2src_psh_packets", "N/A"),
+            "Fwd URG Flags": getattr(flow, "src2dst_urg_packets", "N/A"),
+            "Bwd URG Flags": getattr(flow, "dst2src_urg_packets", "N/A"),
+
+            "Fwd Packets/s": flow.src2dst_packets / (
+                        flow.bidirectional_duration_ms / 1000) if flow.bidirectional_duration_ms > 0 else 0,
+            "Bwd Packets/s": flow.dst2src_packets / (
+                        flow.bidirectional_duration_ms / 1000) if flow.bidirectional_duration_ms > 0 else 0,
+            'down_up_ratio':down_up_ratio,
+            'average_packet_size':average_packet_size,
+            'avg_fwd_segment_size':avg_fwd_segment_size,
+            'avg_bwd_segment_size':avg_bwd_segment_size,
+            "Packet Length Mean": getattr(flow, "bidirectional_mean_ps", "N/A"),
+            "Packet Length Std": getattr(flow, "bidirectional_stddev_ps", "N/A"),
+            "FIN Flag Count": getattr(flow, "bidirectional_fin_packets", "N/A"),
+            "SYN Flag Count": getattr(flow, "bidirectional_syn_packets", "N/A"),
+            "RST Flag Count": getattr(flow, "bidirectional_rst_packets", "N/A"),
+            "PSH Flag Count": getattr(flow, "bidirectional_psh_packets", "N/A"),
+            "ACK Flag Count": getattr(flow, "bidirectional_ack_packets", "N/A"),
+            "URG Flag Count": getattr(flow, "bidirectional_urg_packets", "N/A"),
+            "CWE Flag Count": getattr(flow, "bidirectional_cwr_packets", "N/A"),
+            "ECE Flag Count": getattr(flow, "bidirectional_ece_packets", "N/A"),
+            "Subflow Fwd Packets": subflow_fwd_packets,
+            "Subflow Fwd Bytes": subflow_fwd_bytes,
+            "Subflow Bwd Packets": subflow_bwd_packets,
+            "Subflow Bwd Bytes": subflow_bwd_bytes,
+            "Application Name": flow.application_name,
+            "Application Category": flow.application_category_name,
+            "Protocol": flow.protocol,
+            "IP Version": flow.ip_version,
+            "Source IP": flow.src_ip,
+            "Destination IP": flow.dst_ip,
+        }
+        putPacketAnaylsy(formatted_data,"{}:{}".format(flow.src_ip,flow.src_port),
+                         "{}:{}".format(
+                         flow.dst_ip,flow.dst_port),flow.src_ip,flow.dst_ip)
+
+        return formatted_data
+    except AttributeError as e:
+        print(f"Error processing flow: {e}")
+        return None
+def print_nflow(flow):
+    """
+    打印格式化的 NFlow 数据。
+    """
+    formatted_data = format_nflow(flow)
+    if formatted_data:
+        for key, value in formatted_data.items():
+            print(f"{key}: {value}")
+        print("\n" + "=" * 50 + "\n")
+
+# 使用 NFStreamer 实时监控
+def monitor(interface):
+    print(f"Starting real-time flow monitoring on interface: {interface}")
+    streamer = NFStreamer(
+        source=interface,
+        decode_tunnels=True,
+        promiscuous_mode=True,
+        snapshot_length=65535,
+        idle_timeout=10,  # 等待 10 秒无新数据时输出流
+        active_timeout=30,  # 最长 30 秒就强制输出流
+        statistical_analysis=True  # 启用统计分析以生成额外字段
+    )
+    for flow in streamer:
+        print_nflow(flow)
+
+#
+# if __name__ == "__main__":
+#     monitor(interface=INTERFACE)  # 替换为您的网卡接口
+
+
+
+
diff --git a/caputre/ebpfdemos.py b/caputre/ebpfdemos.py
new file mode 100644
index 0000000..847c3ec
--- /dev/null
+++ b/caputre/ebpfdemos.py
@@ -0,0 +1,224 @@
+import re
+import subprocess
+import time
+from collections import defaultdict
+from concurrent.futures import ThreadPoolExecutor
+from messagejobs import *
+def parse_adfa_ld_file(file_path):
+    """
+    解析 ADFA-LD 的 syscall 列表文件,并提取 syscall 定义。
+    :param file_path: 包含 ADFA-LD syscall 定义的文件路径
+    :return: 一个字典,key 是 syscall 名称,value 是对应的序号
+    """
+    syscall_mapping = {}
+
+    # 打开并读取文件内容
+    with open(file_path, "r") as file:
+        lines = file.readlines()
+
+    # 匹配 `#define __NR_` 和 `__SYSCALL` 的正则表达式
+    define_pattern = re.compile(r"#define\s+(__NR_\w+)\s+(\d+)")
+    syscall_pattern = re.compile(r"__SYSCALL\s*\(\s*(\S+)\s*,\s*(\w+)\s*\)")
+
+    # 遍历文件行,查找匹配
+    for line in lines:
+        define_match = define_pattern.match(line)
+        syscall_match = syscall_pattern.match(line)
+
+        # 如果匹配到 `#define` 定义
+        if define_match:
+            syscall_name = define_match.group(1)  # `__NR_xxx`
+            syscall_num = int(define_match.group(2))  # syscall 序号
+            syscall_mapping[syscall_name] = syscall_num
+
+        # 如果匹配到 `__SYSCALL` 定义
+        elif syscall_match:
+            syscall_nr = syscall_match.group(1)  # `__NR_xxx`
+            syscall_func = syscall_match.group(2)  # `sys_xxx`
+            # 创建 syscall -> label 映射
+            if syscall_nr in syscall_mapping:
+                syscall_mapping[syscall_func] = syscall_mapping[syscall_nr]
+
+    return syscall_mapping
+
+
+def map_bpftrace_syscalls_to_adfa(bpf_syscalls, adfa_mapping):
+    """
+    将 bpftrace 抓取到的 syscall 名称映射到 ADFA-LD 的 syscall 序号,基于后缀匹配。
+    :param bpf_syscalls: 从 bpftrace 抓取到的 syscall 名称列表
+    :param adfa_mapping: ADFA-LD 中的 syscall -> 序号映射表
+    :return: 一个列表,包含 bpftrace 的 syscall 对应的序号(未匹配的不添加到结果中)
+    """
+    syscall_to_sequence = []
+
+    for syscall in bpf_syscalls:
+        # 提取 syscall 名称中的后缀部分
+        # 例如 'sys_enter_epoll_wait' -> 'epoll_wait'
+        match = re.search(r"sys_enter_(\w+)$", syscall)
+        if match:
+            syscall_suffix = match.group(1)
+        else:
+            syscall_suffix = syscall  # 如果提取失败,使用原始名称
+
+        # Debug: 检查提取后的后缀
+        # print(f"Original: {syscall}, Suffix: {syscall_suffix}")
+
+        # 直接匹配 adfa_mapping 中的 key 的后缀部分
+        matched = False
+        for key in adfa_mapping.keys():
+            if key.endswith(syscall_suffix):  # 如果 key 的后缀匹配
+                syscall_to_sequence.append(adfa_mapping[key])
+                matched = True
+                break
+
+        # 如果匹配到了编号大于 1000 的 syscall,进行拆分匹配
+        if matched and syscall_to_sequence and syscall_to_sequence[-1] > 1000:
+            # 弹出之前错误的匹配
+            syscall_to_sequence.pop()
+            # 将后缀拆分为多个部分,例如 'epoll_wait' -> ['epoll', 'wait']
+            syscall_parts = syscall_suffix.split("_")
+
+            # 遍历 adfa_mapping 的所有 key,尝试匹配所有部分
+            for key in adfa_mapping.keys():
+                # 如果所有拆分的部分都在 key 中,认为匹配成功
+                if all(part in key for part in syscall_parts):
+                   if adfa_mapping[key]<1000:
+                        syscall_to_sequence.append(adfa_mapping[key])
+                   matched = True
+                   break
+        # 如果没有匹配,则跳过这个 syscall,不添加到结果中
+        if not matched:
+            continue
+
+    return syscall_to_sequence
+
+
+def process_syscall_sequences(syscall_data, adfa_mapping):
+    """
+    处理抓取到的所有进程的 syscall 数据,将 syscall 名称映射为 ADFA-LD 的 label。
+    :param syscall_data: 包含每个进程 syscall 数据的字典
+    :param adfa_mapping: ADFA-LD 中的 syscall -> 序号映射表
+    :return: 映射后的进程 syscall 序列
+    """
+    labeled_sequences = {}
+
+    for pid, data in syscall_data.items():
+        comm = data["comm"]
+        syscalls = data["syscalls"]
+
+        # 将 syscalls 映射为 label
+        labeled_syscalls = map_bpftrace_syscalls_to_adfa(syscalls, adfa_mapping)
+
+        labeled_sequences[pid] = {
+            "comm": comm,
+            "labeled_syscalls": labeled_syscalls
+        }
+
+    return labeled_sequences
+
+# bpftrace 命令
+BPFTRACE_CMD = [
+    "sudo", "bpftrace", "-e",
+    'tracepoint:syscalls:sys_enter_* /comm != "bpftrace" && comm != "sudo"/ { printf("Syscall: %s PID: %d COMM: %s\\n", probe, pid, comm); }'
+]
+
+# 滑动窗口参数
+WINDOW_SIZE = 10  # 窗口大小(秒)
+STEP_SIZE = 5  # 滑动步长(秒)
+
+
+def monitor_syscalls(adfa_mapping):
+    # 启动 bpftrace 进程
+    with subprocess.Popen(BPFTRACE_CMD, stdout=subprocess.PIPE, stderr=subprocess.PIPE, text=True) as proc:
+        syscall_data = defaultdict(
+            lambda: {"comm": "", "syscalls": []})  # 数据结构: {pid: {"comm": process_name, "syscalls": [syscall1, ...]}}
+        window_start_time = time.time()  # 当前窗口的起始时间
+
+        # 使用线程池进行非阻塞解析
+        with ThreadPoolExecutor(max_workers=4) as executor:
+            try:
+                while True:
+                    # 读取 bpftrace 输出
+                    line = proc.stdout.readline()
+                    if not line:
+                        break
+
+                    # 示例输出: Syscall: tracepoint:syscalls:sys_enter_write PID: 1234 COMM: bash
+                    if line.startswith("Syscall:"):
+                        parts = line.split()
+                        if len(parts) >= 6:
+                            syscall_name = parts[1].replace("tracepoint:syscalls:", "")  # 提取系统调用名称
+                            pid = int(parts[3])  # 提取进程号
+                            comm = parts[5]  # 提取进程名
+
+                            # 更新对应进程的调用序列和名称
+                            syscall_data[pid]["comm"] = comm
+                            syscall_data[pid]["syscalls"].append(syscall_name)
+
+                    # 判断是否需要滑动窗口
+                    current_time = time.time()
+                    if current_time - window_start_time >= STEP_SIZE:
+                        print(f"\n--- Syscall Sequences ({time.strftime('%Y-%m-%d %H:%M:%S')}) ---")
+                        # 深拷贝当前 syscall 数据
+                        syscall_data_snapshot = syscall_data.copy()
+
+                        # 提交解析任务到线程池
+                        future = executor.submit(process_syscall_sequences, syscall_data_snapshot, adfa_mapping)
+
+                        # 打印原始 syscall 数据
+                        for pid, data in syscall_data.items():
+                            comm = data["comm"]
+                            syscalls = data["syscalls"]
+                            print(f"PID: {pid}, COMM: {comm}")
+
+                        # 处理解析结果
+                        labeled_sequences = future.result()
+                        for pid, data in labeled_sequences.items():
+                            message = {
+                                "pid": int(pid),
+                                "comm": data["comm"],
+                                "syscall": data["labeled_syscalls"]
+                            }
+                            try:
+                                produce_messages_ordered(producer, "syscall_topic", message, thread_pool)
+                                print(f"✅ [Kafka Sent] {message}")  # 发送成功日志
+                            except Exception as e:
+                                print(f"❌ [Kafka Error] 发送失败: {e}, 消息: {message}")
+                        # 滑动窗口
+                        syscall_data.clear()  # 清空当前窗口数据
+                        window_start_time = current_time  # 更新窗口起始时间
+
+            except KeyboardInterrupt:
+                print("\nMonitoring stopped by user.")
+            finally:
+                # 终止 bpftrace 进程
+                proc.terminate()
+
+
+if __name__ == "__main__":
+
+    adfa_ld_file_path = "ADFA-LD+Syscall+List.txt"
+
+    # 解析 ADFA-LD 文件,生成 syscall -> label 映射
+    adfa_mapping = parse_adfa_ld_file(adfa_ld_file_path)
+    # print("ADFA-LD Syscall Mapping:", adfa_mapping)
+    #
+    # # 示例 bpftrace 抓取的 syscall 数据
+    # syscall_data = {
+    #     1234: {"comm": "python3", "syscalls": [
+    #         'sys_enter_epoll_wait', 'sys_enter_clock_nanosleep', 'sys_enter_clock_nanosleep',
+    #         'sys_enter_epoll_wait', 'sys_enter_close'
+    #     ]},
+    #     5678: {"comm": "bash", "syscalls": [
+    #         'sys_enter_read', 'sys_enter_futex', 'sys_enter_futex', 'sys_enter_read'
+    #     ]}
+    # }
+    # # 映射 bpftrace 的 syscall 到 ADFA-LD 的 label
+    # labeled_sequences = process_syscall_sequences(syscall_data, adfa_mapping)
+    # # 打印映射结果
+    # for pid, data in labeled_sequences.items():
+    #     comm = data["comm"]
+    #     labeled_syscalls = data["labeled_syscalls"]
+    #     print(f"PID: {pid}, COMM: {comm}, Labeled Syscalls: {labeled_syscalls}")
+
+    monitor_syscalls(adfa_mapping)
diff --git a/caputre/jobentrance.py b/caputre/jobentrance.py
new file mode 100644
index 0000000..fadbab1
--- /dev/null
+++ b/caputre/jobentrance.py
@@ -0,0 +1,4 @@
+from capturetask import *
+
+if __name__ == '__main__':
+    main()
\ No newline at end of file
diff --git a/caputre/messagejobs.py b/caputre/messagejobs.py
new file mode 100644
index 0000000..1ef9d2a
--- /dev/null
+++ b/caputre/messagejobs.py
@@ -0,0 +1,92 @@
+import socket
+
+from kafka import KafkaProducer
+from concurrent.futures import ThreadPoolExecutor
+import json
+import time
+import threading
+from queue import Queue
+
+# 配置 Kafka 参数
+BOOTSTRAP_SERVERS = "121.43.104.95:9092"  # 替换为你的 Kafka Broker 地址
+def get_local_ip():
+    """
+    自动获取当前主机的 IP 地址
+    """
+    try:
+        # 创建一个 UDP socket 并连接到公共地址,获取主机的本地 IP
+        with socket.socket(socket.AF_INET, socket.SOCK_DGRAM) as s:
+            s.connect(("8.8.8.8", 80))  # 使用 Google 公共 DNS 地址
+            local_ip = s.getsockname()[0]
+        return local_ip
+    except Exception as e:
+        print(f"Error fetching local IP address: {e}")
+        return "Unknown"
+
+# 当前主机 IP
+LOCAL_IP = get_local_ip()
+
+# 配置 Kafka Producer
+def configure_producer():
+    """
+    配置 Kafka 生产者
+    """
+    try:
+        producer = KafkaProducer(
+            bootstrap_servers=BOOTSTRAP_SERVERS,
+            value_serializer=lambda v: json.dumps(v).encode('utf-8'),  # 将数据序列化为 JSON 格式
+        )
+        return producer
+    except Exception as e:
+        print(f"Error configuring Kafka producer: {e}")
+        raise
+
+
+# 线程池单例
+class ThreadPoolSingleton:
+    """
+    全局线程池单例
+    """
+    _instance = None
+    _lock = threading.Lock()
+
+    def __new__(cls, max_workers=5):
+        if not cls._instance:
+            with cls._lock:
+                if not cls._instance:
+                    cls._instance = ThreadPoolExecutor(max_workers=max_workers)
+        return cls._instance
+
+
+# 异步发送数据到 Kafka
+def send_to_kafka(producer, topic, data):
+    """
+    异步发送数据到 Kafka
+    """
+    try:
+        future = producer.send(topic, value=data)
+        future.add_callback(lambda metadata: print(
+            f"Sent to Kafka ({topic}) -> Partition: {metadata.partition}, Offset: {metadata.offset}"))
+        future.add_errback(lambda error: print(
+            f"Failed to send to Kafka ({topic}): {error}"))
+    except Exception as e:
+        print(f"Failed to send data to {topic}: {e}")
+
+# 顺序发送器:将消息加入线程池并按时间顺序发送
+def produce_messages_ordered(producer, topic, json_data, thread_pool):
+    """
+    将单条 JSON 数据按时间顺序提交到 Kafka
+    :param producer: Kafka Producer 实例
+    :param topic: 目标 Kafka 主题
+    :param json_data: 要发送的 JSON 数据
+    :param thread_pool: 全局线程池
+    """
+    # 动态生成一个时间戳作为排序的 key
+    timestamp = int(time.time() * 1000)
+    json_data["timestamp"] = timestamp  # 添加时间戳到消息中
+    json_data["cloudip"]=LOCAL_IP
+    # print(f"Producing data to {topic}: {json_data}")
+    # 将发送任务提交到线程池
+    thread_pool.submit(send_to_kafka, producer, topic, json_data)
+producer = configure_producer()
+thread_pool = ThreadPoolSingleton()  # 创建线程池单例
\ No newline at end of file
diff --git a/caputre/safemap.py b/caputre/safemap.py
new file mode 100644
index 0000000..fac841e
--- /dev/null
+++ b/caputre/safemap.py
@@ -0,0 +1,201 @@
+import re
+import threading
+from messagejobs import *
+
+def string_words_spliting(str_input):
+    """
+    将字符串中的特殊字符替换为空格,并去除多余空格
+    """
+    str_cleaned = re.sub(r'[?&=(){}<>/\\."\'@;~,:*]', ' ', str_input)
+    return ' '.join(str_cleaned.split())  # 去除多余空格
+
+
+def parse_http_packet(packet):
+    """
+    解析 HTTP 数据,并转换成格式化字符串
+    """
+    http_data = []
+    # 提取 `protocol_details["http_payload"]`
+    if "protocol_details" in packet and "http_payload" in packet["protocol_details"]:
+        http_data.extend(packet["protocol_details"]["http_payload"].split("\r\n"))  # 按 HTTP 换行符拆分
+
+    # 移除空行,并对每一行进行字符串清理
+    http_data = [string_words_spliting(line) for line in http_data if line.strip()]
+
+
+
+    return http_data
+class ThreadSafeMap:
+    def __init__(self):
+        self.map = {}
+        self.lock = threading.Lock()
+
+    def put(self, key, value):
+        with self.lock:
+            self.map[key] = value
+
+    def get(self, key):
+        with self.lock:
+            return self.map.get(key,[])
+
+    def remove(self, key):
+        with self.lock:
+            del self.map[key]
+datasmaps = ThreadSafeMap()
+
+
+
+
+def putPackect(srcIp, destIp, packet):
+    global datasmaps
+    key = "{},{}".format(srcIp, destIp)
+    reverse_key = "{},{}".format(destIp, srcIp)
+
+    # 尝试获取正向或反向的 key 对应的列表
+    result = datasmaps.get(key)
+    if not result:
+        result = datasmaps.get(reverse_key)
+
+    # 如果列表为空,初始化新的 key 和列表,并保存 Min 和 Max Packet Length
+    if not result:
+        # 初始化 Min 和 Max Packet Length
+        datasmaps.put(key, {
+            "packets": [packet],
+            "min_length": packet["Packet_length"],  # 当前数据包长度作为初始最小长度
+            "max_length": packet["Packet_length"]   # 当前数据包长度作为初始最大长度
+        })
+    else:
+        # 更新 Min 和 Max Packet Length
+        packet_list = result["packets"]
+        packet_list.append(packet)
+        current_length = packet["Packet_length"]
+        result["min_length"] = min(result["min_length"], current_length)
+        result["max_length"] = max(result["max_length"], current_length)
+        result["packets"]=packet_list
+        datasmaps.put(key, result)  # 更新数据
+
+
+def putPacketAnaylsy(object,srcIp, destIp,src,dest):
+    global datasmaps
+    key = "{},{}".format(srcIp, destIp)
+    reverse_key = "{},{}".format(destIp, srcIp)
+
+    # 尝试获取正向或反向的 key 对应的数据
+    result = datasmaps.get(key)
+    if not result:
+        result = datasmaps.get(reverse_key)
+        if not result:
+            return  # 没有找到对应的流
+
+    # 初始化前向和后向头部长度
+    fwd_header_length = 0
+    bwd_header_length = 0
+
+    # 获取 Min 和 Max Packet Length
+    min_packet_length = result["min_length"]
+    max_packet_length = result["max_length"]
+
+    # 计算所有数据包长度的均值和方差
+    packet_lengths = [packet["Packet_length"] for packet in result["packets"]]
+    mean_packet_length = sum(packet_lengths) / len(packet_lengths)
+    variance_packet_length = sum(
+        (length - mean_packet_length) ** 2 for length in packet_lengths
+    ) / len(packet_lengths)
+
+    # 遍历所有数据包,计算头部长度
+    for packet in result["packets"]:
+        total_header_length = packet["Fwd_Header_Length"]
+        # 判断方向
+        if packet["ip_src"] == src and packet["ip_dst"] == dest:
+            fwd_header_length += total_header_length
+        elif packet["ip_src"] == dest and packet["ip_dst"] == src:
+            bwd_header_length += total_header_length
+    object["Fwd Header Length"]=fwd_header_length
+    object["Bwd Header Length"]=bwd_header_length
+    object["Min Packet Length"]=min_packet_length
+    object["Max Packet Length"]=max_packet_length
+    object["Mean Packet Length"]=mean_packet_length
+    object["Packet Length Variance"]=variance_packet_length
+    # 从 map 中移除对应的键
+    produce_messages_ordered(producer,"stream_topic",object,thread_pool)
+    for packet in result["packets"]:
+        if  packet["type"]=="HTTP":
+            print(f"enter this the http packet {packet}")
+            newpacket=parse_http_packet(packet)
+            print(f"after clean {newpacket}")
+            packet["payload"]=newpacket
+            packet["protocol_details"]["http_payload"]=newpacket
+            produce_messages_ordered(producer,"http_topic",packet,thread_pool)
+    try:
+        datasmaps.remove(key)
+        datasmaps.remove(reverse_key)
+    except KeyError as e:
+        pass
+def extract_initial_window_size(src_ip, dest_ip, objects, src, dest):
+    global datasmaps
+    key = "{},{}".format(src_ip, dest_ip)
+    reverse_key = "{},{}".format(dest_ip, src_ip)
+
+    # 尝试获取正向或反向的 key 对应的数据
+    result = datasmaps.get(key)
+    if not result:
+        result = datasmaps.get(reverse_key)
+        if not result:
+            return  # 没有找到对应的流
+
+    # 确保 result["packets"] 有数据
+    packet_list = result.get("packets", [])
+    if not packet_list:
+        return  # 没有数据包
+
+    # 提取第一个数据包
+    first_packet = packet_list[0]
+
+    # 初始化窗口大小
+    init_win_forward = 0
+    init_win_backward = 0
+
+    # 确保第一个包包含 TCP 信息
+    if first_packet.get("type") == "TCP":
+        if first_packet["ip_src"] == src and first_packet["ip_dst"] == dest:
+            # 前向窗口大小
+            init_win_forward = first_packet.get("window_size", 0)
+        elif first_packet["ip_src"] == dest and first_packet["ip_dst"] == src:
+            # 后向窗口大小
+            init_win_backward = first_packet.get("window_size", 0)
+
+    # 更新对象
+    objects["Init_Win_bytes_forward"] = init_win_forward
+    objects["Init_Win_bytes_backward"] = init_win_backward
+
+
+def extract_initial_window_size(src_ip, dest_ip, objects, src, dest):
+    global datasmaps
+    key = "{},{}".format(src_ip, dest_ip)
+    reverse_key = "{},{}".format(dest_ip, src_ip)
+    # 尝试获取正向或反向的 key 对应的数据
+    result = datasmaps.get(key)
+    if not result:
+        result = datasmaps.get(reverse_key)
+        if not result:
+            return  # 没有找到对应的流
+    # 确保 result["packets"] 有数据
+    packet_list = result.get("packets", [])
+    if not packet_list:
+        return  # 没有数据包
+    # 提取第一个数据包
+    first_packet = packet_list[0]
+    # 初始化窗口大小
+    init_win_forward = 0
+    init_win_backward = 0
+    # 确保第一个包包含 TCP 信息
+    if first_packet.get("type") == "TCP":
+        if first_packet["ip_src"] == src and first_packet["ip_dst"] == dest:
+            # 前向窗口大小
+            init_win_forward = first_packet.get("window_size", 0)
+        elif first_packet["ip_src"] == dest and first_packet["ip_dst"] == src:
+            # 后向窗口大小
+            init_win_backward = first_packet.get("window_size", 0)
+    # 更新对象
+    objects["Init_Win_bytes_forward"] = init_win_forward
+    objects["Init_Win_bytes_backward"] = init_win_backward
-- 
GitLab