#!/usr/bin/env python

# 1430, Mon 19 Jan 15 (NZDT)
# p13_dns_response_lengths.py:  Make DNS response size distributions

import plt, pldns

import numpy as np  # Operations on arrays
# https://oneau.wordpress.com/2011/02/28/simple-statistics-with-scipy

import scipy as sp  # Science/mathematics/engineering functions
# http://wiki.scipy.org/Tentative_NumPy_Tutorial
from scipy import stats

import matplotlib as mpl
# http://matplotlib.org/api/pyplot_summary.html
from matplotlib import pyplot as mplot

wirelens = []  # On-the-wire lengths (empty list)

fn = "pcapfile:1kp-dns-anon.pcap.gz"  # Data file name
t = plt.trace(fn);  t.start()

n = 0
for pkt in t:
    n += 1  # Wireshark uses 1-org packet numbers
#    if n == 200:
#        break  # # Terminate the loop

    udp = pkt.udp
    if not udp:
        continue  # Not UDP

    ldns_obj = pldns.ldns(udp.payload)
    if not ldns_obj.is_response:  # Only look at Responsess
        continue

    wirelens.append(pkt.wire_len) 
    
t.close()

wla = np.array(wirelens)  # Make numpy array from list

#  Print stats for wla using numpy and scipy functions
print "len=%d, min=%d, median=%.2f, mean = %.2f, max=%.2f" % (
    len(wla), wla.min(), sp.median(wla), wla.mean(), wla.max())

mplot.title("DNS response record size distribution")
mplot.xlabel("Response size")
mplot.ylabel("Packets seen")

binwidth = 5
bins = range(0, max(wla)+2, binwidth)

mplot.hist(wla, bins=bins, align="left", histtype="step", color="blue")
mplot.xlim(xmin=0)

#mplot.show()  # Use with interactive plotting ???

mplot.savefig("p12.svg")  # png, pdf, ps, eps or svg