GUI

2025-07-25 21:45:07 -04:00
parent f75c757b12
commit d77dd386f3
19 changed files with 2131 additions and 38 deletions
--- a/README.md
+++ b/README.md
@@ -1,37 +1,59 @@
 # StreamLens - Ethernet Traffic Analyzer

-Advanced TUI-based network traffic analyzer for pcap files and live streams with specialized protocol dissection for aviation and industrial networks. Features sigma-based outlier identification and real-time statistical analysis.
+Advanced network traffic analyzer for pcap files and live streams with specialized protocol dissection for aviation and industrial networks. Features sigma-based outlier identification, real-time statistical analysis, and both TUI and modern GUI interfaces with interactive signal visualization.

 ## Quick Start

 ```bash
-# Install dependencies
-pip install scapy numpy
+# Install dependencies  
+pip install scapy numpy matplotlib
+
+# For GUI mode (optional but recommended):
+pip install PySide6
+
+# For macOS users - install tkinter support for TUI visualization:
+brew install python-tk@3.13
+
+# Launch modern GUI with interactive plots
+python streamlens.py --gui --pcap file.pcap
+
+# GUI mode only (then open file via File menu)
+python streamlens.py --gui

 # Analyze pcap file with TUI (flows sorted by largest sigma outliers)
-python ethernet_analyzer_modular.py --pcap file.pcap
+python streamlens.py --pcap file.pcap

 # Live capture with real-time statistics
-python ethernet_analyzer_modular.py --live --interface eth0
+python streamlens.py --live --interface eth0

 # Console output with outlier reporting  
-python ethernet_analyzer_modular.py --pcap file.pcap --no-tui
+python streamlens.py --pcap file.pcap --no-tui

 # Generate comprehensive outlier report
-python ethernet_analyzer_modular.py --pcap file.pcap --report
+python streamlens.py --pcap file.pcap --report

 # Get pcap file information
-python ethernet_analyzer_modular.py --pcap file.pcap --info
+python streamlens.py --pcap file.pcap --info

 # Adjust outlier threshold (default: 3.0 sigma)
-python ethernet_analyzer_modular.py --pcap file.pcap --outlier-threshold 2.0
+python streamlens.py --pcap file.pcap --outlier-threshold 2.0

 # With BPF filter for live capture
-python ethernet_analyzer_modular.py --live --filter "port 319 or port 320"
+python streamlens.py --live --filter "port 319 or port 320"
 ```

 ## Features

+### 🖥️ Modern GUI Interface (New!)
+- **Professional Qt Interface**: Cross-platform GUI built with PySide6
+- **Interactive Flow List**: Sortable table showing flows with sigma deviations, protocols, and frame types
+- **Automatic Plot Rendering**: Click any flow to instantly view signal plots (no button needed)
+- **Embedded Matplotlib Plots**: Interactive signal visualization with zoom, pan, and navigation toolbar
+- **Background PCAP Loading**: Progress bar with non-blocking file processing
+- **File Management**: Open PCAP files via dialog or command line
+- **Smart Status Feedback**: Color-coded status messages for different flow types and states
+- **Threading Safety**: Proper Qt threading eliminates segmentation faults
+
 ### Enhanced TUI Interface
 - **Three-Panel Layout**: Flows list (top-left), flow details (top-right), timing visualization (bottom)
 - **Sigma-Based Flow Sorting**: Flows automatically sorted by largest outlier sigma deviation
@@ -54,6 +76,16 @@ python ethernet_analyzer_modular.py --live --filter "port 319 or port 320"
 - **PTP (IEEE 1588-2019)**: Precision Time Protocol message parsing with sync, delay, and announce messages  
 - **IENA (Airbus)**: Industrial Ethernet Network Architecture with P/D/N/M/Q message types

+### 📊 Chapter 10 Signal Visualization
+- **Interactive GUI Plots**: Select any flow to automatically view embedded matplotlib plots
+- **TUI Signal Plots**: Press `v` in the TUI to generate signal files (threading-safe)
+- **Signal Consolidation**: Automatically combines multiple packets from the same channel into continuous signals
+- **TMATS Integration**: Automatically extracts channel metadata from TMATS frames for proper signal scaling
+- **Multi-channel Support**: Displays multiple channels with proper engineering units and scaling
+- **Threading Safety**: GUI uses proper Qt integration, TUI saves plots to files to avoid segfaults
+- **Both Modes**: Works for both PCAP analysis and live capture
+- **Matplotlib Features**: Full zoom, pan, save, and navigation capabilities
+
 ### Protocol Detection & Fallbacks
 - Automatic protocol identification based on port numbers and packet structure
 - Fallback to common protocols: HTTP, HTTPS, SSH, DNS, DHCP, NTP, SNMP, IGMP, ICMP
@@ -66,11 +98,11 @@ python ethernet_analyzer_modular.py --live --filter "port 319 or port 320"
 # Clone or download the project
 cd streamlens

-# Install dependencies
-pip install scapy numpy
+# Install dependencies  
+pip install scapy numpy matplotlib PySide6

 # Run the analyzer
-python ethernet_analyzer_modular.py --help
+python streamlens.py --help
 ```

 ## Key Features Highlights
@@ -87,9 +119,25 @@ Adjust outlier detection sensitivity with `--outlier-threshold` (default: 3.0σ)
 ### 📈 Comprehensive Reporting
 Generate detailed outlier reports with `--report` flag showing frame-by-frame sigma deviations and timing analysis.

+## GUI Usage
+
+### Main Interface
+- **Left Panel**: File information and flow list sorted by sigma deviation
+- **Right Panel**: Interactive matplotlib plot area with navigation toolbar
+- **Status Bar**: Loading progress and operation feedback
+
+### Workflow
+1. **Launch GUI**: `python streamlens.py --gui`
+2. **Open PCAP**: File → Open PCAP... or use command line `--pcap` flag
+3. **Select Flow**: Click on any flow in the table to automatically view signal plots
+4. **Interact**: Use matplotlib toolbar to zoom, pan, save plots
+5. **Navigate**: Click different flows to instantly see their signal visualizations
+
 ## TUI Controls

 - **↑↓**: Navigate between flows in main view
+- **v**: Visualize Chapter 10 signals for selected flow (saves plot files)
+- **t**: Toggle timeline panel on/off
 - **d**: Switch to frame dissection view  
 - **m** or **ESC**: Return to main view
 - **q**: Quit application
@@ -108,7 +156,7 @@ The bottom panel displays a visual timeline of the selected flow's timing behavi

 ```
 streamlens/
-├── ethernet_analyzer_modular.py     # Main entry point
+├── streamlens.py                    # Main entry point
 ├── analyzer/                        # Core analysis package
 │   ├── main.py                     # CLI argument handling and main logic
 │   ├── analysis/                   # Analysis engine
@@ -124,6 +172,9 @@ streamlens/
 │   │   ├── ptp.py                 # IEEE 1588 Precision Time Protocol
 │   │   ├── iena.py                # Airbus IENA protocol
 │   │   └── standard.py            # Standard protocol detection
+│   ├── gui/                        # Modern GUI Interface (NEW!)
+│   │   ├── __init__.py            # GUI package initialization
+│   │   └── main_window.py         # PySide6 main window with matplotlib integration
 │   ├── tui/                        # Text User Interface
 │   │   ├── interface.py           # Main TUI controller
 │   │   ├── navigation.py          # Navigation handling
@@ -133,6 +184,7 @@ streamlens/
 │   │       └── timeline.py        # Timeline visualization panel
 │   └── utils/                      # Utility modules
 │       ├── pcap_loader.py         # PCAP file handling
-│       └── live_capture.py        # Live network capture
+│       ├── live_capture.py        # Live network capture
+│       └── signal_visualizer.py   # Chapter 10 signal visualization (thread-safe)
 └── *.pcapng                        # Sample capture files
 ```