With HTTPReplay and DPKT installed: [modules.processing.network] ERROR: Both Python HTTPReplay and Python DPKT are not installed, no PCAP analysis possible.

[jhg]

With HTTPReplay and DPKT installed:

[modules.processing.network] ERROR: Both Python HTTPReplay and Python DPKT are not installed, no PCAP analysis possible.

Versions:

dpkt==1.8.6.2
HTTPReplay==0.1.6

[jekil]

I tried with the same library versions you are using and i am unable to reproduce the bug.

Could you please paste the output of the following commands from the same shell you are using to launch cuckoo?

$ python
Python 2.7.10 (default, Oct 23 2015, 18:05:06) 
[GCC 4.2.1 Compatible Apple LLVM 7.0.0 (clang-700.0.59.5)] on darwin
Type "help", "copyright", "credits" or "license" for more information.
>>> import dpkt
>>> import httpreplay
>>> import httpreplay.cut
>>> 

[jhg]

Of course:

[jhg@JHG-Laptop]$ python
Python 2.7.5 (default, Nov 20 2015, 02:00:19) 
[GCC 4.8.5 20150623 (Red Hat 4.8.5-4)] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> import dpkt
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "/usr/lib/python2.7/site-packages/dpkt/__init__.py", line 12, in <module>
    import aoe
  File "/usr/lib/python2.7/site-packages/dpkt/aoe.py", line 6, in <module>
    from decorators import deprecated
  File "/usr/lib/python2.7/site-packages/dpkt/decorators.py", line 4, in <module>
    from test import pystone
ImportError: cannot import name pystone
>>> import httpreplay
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "/usr/lib/python2.7/site-packages/httpreplay/__init__.py", line 5, in <module>
    from .cobweb import HttpProtocol, SmtpProtocol
  File "/usr/lib/python2.7/site-packages/httpreplay/cobweb.py", line 5, in <module>
    import dpkt
  File "/usr/lib/python2.7/site-packages/dpkt/__init__.py", line 12, in <module>
    import aoe
  File "/usr/lib/python2.7/site-packages/dpkt/aoe.py", line 6, in <module>
    from decorators import deprecated
  File "/usr/lib/python2.7/site-packages/dpkt/decorators.py", line 4, in <module>
    from test import pystone
ImportError: cannot import name pystone
>>> import httpreplay.cut
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "/usr/lib/python2.7/site-packages/httpreplay/__init__.py", line 5, in <module>
    from .cobweb import HttpProtocol, SmtpProtocol
  File "/usr/lib/python2.7/site-packages/httpreplay/cobweb.py", line 5, in <module>
    import dpkt
  File "/usr/lib/python2.7/site-packages/dpkt/__init__.py", line 12, in <module>
    import aoe
  File "/usr/lib/python2.7/site-packages/dpkt/aoe.py", line 6, in <module>
    from decorators import deprecated
  File "/usr/lib/python2.7/site-packages/dpkt/decorators.py", line 4, in <module>
    from test import pystone
ImportError: cannot import name pystone
>>> exit()
[jhg@JHG-Laptop]$ pip freeze | grep -i -e dpkt -e httpreplay
dpkt==1.8.6.2
HTTPReplay==0.1.6
[jhg@JHG-Laptop]$ sudo pip install pystone
Collecting pystone
  Could not find a version that satisfies the requirement pystone (from versions: )
No matching distribution found for pystone

Also, I'm using CentOS. Maybe CentOS has bugs that not has in other distros https://github.com/cuckoosandbox/cuckoo/issues/769

[jekil]

Ok so the error message is legit.

Despite you have installed the libraries they are not properly installed and not working, so cuckoo is warning you about that. As you can see you got the error ImportError: cannot import name pystone which means both librearies aren't working because you are missing another library.

The point is not about CentOS having bugs or cuckoo not working in CentOS, it is about Cuckoo documentation describes cuckoo requirements, for quick start it uses as example a debian/ubuntu os; if you want to use another os you are free, but you should understand how your os work and how to respect cuckoo requirements. In this issue the requirement is "having dpkt and httpreply", you are supposed to know how to install them in centos. If they don't works, it's not a cuckoo issue, as you can see trying to import them from console.

How to solve? I am not a Centos guru, but it seems you are missing pystone library, i am sure you can google that and get tons of solutions.

I am going to close this issue soon because it's not a bug.

[jbremer]

Instructions to resolve this issue are documented here. https://github.com/cuckoosandbox/cuckoo/issues/722#issuecomment-182247896