diff options
| author | Luca <deri@ntop.org> | 2017-06-20 23:16:59 -0400 |
|---|---|---|
| committer | Luca <deri@ntop.org> | 2017-06-20 23:16:59 -0400 |
| commit | 8395bdac97f1b2dfa81f8f0bf36febba7ee66d11 (patch) | |
| tree | 9e005ffb8d7ada0cc59ce5fb767bd0412bc31da8 /wireshark | |
| parent | e2119896db85f1caa22ca8ba7c8be46a246e5ce4 (diff) | |
Implemented RPC latency
Diffstat (limited to 'wireshark')
| -rw-r--r-- | wireshark/ndpi.lua | 33 |
1 files changed, 33 insertions, 0 deletions
diff --git a/wireshark/ndpi.lua b/wireshark/ndpi.lua index 6724ebfcf..ad1f5fe0e 100644 --- a/wireshark/ndpi.lua +++ b/wireshark/ndpi.lua @@ -51,6 +51,8 @@ local f_tcp_flags = Field.new('tcp.flags') local f_tcp_retrans = Field.new('tcp.analysis.retransmission') local f_tcp_ooo = Field.new('tcp.analysis.out_of_order') local f_tcp_lost_segment = Field.new('tcp.analysis.lost_segment') -- packet drop ? +local f_rpc_xid = Field.new('rpc.xid') +local f_rpc_msgtyp = Field.new('rpc.msgtyp') local ndpi_protos = {} local ndpi_flows = {} @@ -92,6 +94,8 @@ local max_appl_RRT = {} local first_payload_ts = {} local first_payload_id = {} +local rpc_ts = {} + local num_pkts = 0 local last_processed_packet_number = 0 local max_latency_discard = 5000 -- 5 sec @@ -321,6 +325,9 @@ function ndpi_proto.init() max_appl_RRT = {} first_payload_ts = {} first_payload_id = {} + + -- RPC + rpc_ts = {} end function slen(str) @@ -540,6 +547,31 @@ end -- ############################################### +function rpc_dissector(tvb, pinfo, tree) + local _rpc_xid = f_rpc_xid() + local _rpc_msgtyp = f_rpc_msgtyp() + + if((_rpc_xid ~= nil) and (_rpc_msgtyp ~= nil)) then + local xid = getval(_rpc_xid) + local msgtyp = getval(_rpc_msgtyp) + + if(msgtyp == "0") then + rpc_ts[xid] = pinfo.abs_ts + else + if(rpc_ts[xid] ~= nil) then + local appl_latency = abstime_diff(pinfo.abs_ts, rpc_ts[xid]) * 1000 + + if((appl_latency > 0) and (appl_latency < max_appl_lat_discard)) then + local ntop_subtree = tree:add(ntop_proto, tvb(), "ntop") + ntop_subtree:add(ntop_fds.appl_latency_rtt, appl_latency) + end + end + end + end +end + +-- ############################################### + function tcp_dissector(tvb, pinfo, tree) local _tcp_retrans = f_tcp_retrans() local _tcp_ooo = f_tcp_ooo() @@ -812,6 +844,7 @@ function ndpi_proto.dissector(tvb, pinfo, tree) vlan_dissector(tvb, pinfo, tree) ssl_dissector(tvb, pinfo, tree) dns_dissector(tvb, pinfo, tree) + rpc_dissector(tvb, pinfo, tree) end register_postdissector(ndpi_proto) |