aboutsummaryrefslogtreecommitdiff
path: root/example/ndpiReader.c
diff options
context:
space:
mode:
Diffstat (limited to 'example/ndpiReader.c')
-rw-r--r--example/ndpiReader.c98
1 files changed, 35 insertions, 63 deletions
diff --git a/example/ndpiReader.c b/example/ndpiReader.c
index 89f5714a8..6c3dfeee8 100644
--- a/example/ndpiReader.c
+++ b/example/ndpiReader.c
@@ -81,7 +81,8 @@ static json_object *jArray_topStats;
static u_int8_t live_capture = 0;
static u_int8_t undetected_flows_deleted = 0;
/** User preferences **/
-static u_int8_t enable_protocol_guess = 1, verbose = 0, json_flag = 0;
+u_int8_t enable_protocol_guess = 1;
+static u_int8_t verbose = 0, json_flag = 0;
int nDPI_LogLevel = 0;
char *_debug_protocols = NULL;
static u_int8_t stats_flag = 0, bpf_filter_flag = 0;
@@ -93,11 +94,11 @@ static u_int16_t decode_tunnels = 0;
static u_int16_t num_loops = 1;
static u_int8_t shutdown_app = 0, quiet_mode = 0;
static u_int8_t num_threads = 1;
-static struct timeval begin, end;
+static struct timeval startup_time, begin, end;
#ifdef linux
static int core_affinity[MAX_NUM_READER_THREADS];
#endif
-static struct timeval pcap_start, pcap_end;
+static struct timeval pcap_start = { 0, 0}, pcap_end = { 0, 0 };
/** Detection parameters **/
static time_t capture_for = 0;
static time_t capture_until = 0;
@@ -906,26 +907,6 @@ static void node_print_known_proto_walker(const void *node,
/* ********************************** */
/**
- * @brief Guess Undetected Protocol
- */
-static u_int16_t node_guess_undetected_protocol(u_int16_t thread_id, struct ndpi_flow_info *flow) {
-
- flow->detected_protocol = ndpi_guess_undetected_protocol(ndpi_thread_info[thread_id].workflow->ndpi_struct,
- flow->protocol,
- ntohl(flow->src_ip),
- ntohs(flow->src_port),
- ntohl(flow->dst_ip),
- ntohs(flow->dst_port));
- // printf("Guess state: %u\n", flow->detected_protocol);
- if(flow->detected_protocol.app_protocol != NDPI_PROTOCOL_UNKNOWN)
- ndpi_thread_info[thread_id].workflow->stats.guessed_flow_protocols++;
-
- return(flow->detected_protocol.app_protocol);
-}
-
-/* ********************************** */
-
-/**
* @brief Proto Guess Walker
*/
static void node_proto_guess_walker(const void *node, ndpi_VISIT which, int depth, void *user_data) {
@@ -934,13 +915,7 @@ static void node_proto_guess_walker(const void *node, ndpi_VISIT which, int dept
if((which == ndpi_preorder) || (which == ndpi_leaf)) { /* Avoid walking the same node multiple times */
if((!flow->detection_completed) && flow->ndpi_flow)
- flow->detected_protocol = ndpi_detection_giveup(ndpi_thread_info[0].workflow->ndpi_struct, flow->ndpi_flow);
-
- if(enable_protocol_guess) {
- if(flow->detected_protocol.app_protocol == NDPI_PROTOCOL_UNKNOWN) {
- node_guess_undetected_protocol(thread_id, flow);
- }
- }
+ flow->detected_protocol = ndpi_detection_giveup(ndpi_thread_info[0].workflow->ndpi_struct, flow->ndpi_flow, enable_protocol_guess);
process_ndpi_collected_info(ndpi_thread_info[thread_id].workflow, flow);
@@ -1415,23 +1390,12 @@ static void node_idle_scan_walker(const void *node, ndpi_VISIT which, int depth,
/**
- * @brief On Protocol Discover - call node_guess_undetected_protocol() for protocol
+ * @brief On Protocol Discover - demo callback
*/
static void on_protocol_discovered(struct ndpi_workflow * workflow,
struct ndpi_flow_info * flow,
void * udata) {
- const u_int16_t thread_id = (uintptr_t) udata;
-
- if(verbose > 1) {
- if(enable_protocol_guess) {
- if(flow->detected_protocol.app_protocol == NDPI_PROTOCOL_UNKNOWN) {
- flow->detected_protocol.app_protocol = node_guess_undetected_protocol(thread_id, flow),
- flow->detected_protocol.master_protocol = NDPI_PROTOCOL_UNKNOWN;
- }
- }
-
- // printFlow(thread_id, flow);
- }
+ ;
}
#if 0
@@ -1926,7 +1890,7 @@ void printPortStats(struct port_stats *stats) {
/**
* @brief Print result
*/
-static void printResults(u_int64_t tot_usec) {
+static void printResults(u_int64_t processing_time_usec, u_int64_t setup_time_usec) {
u_int32_t i;
u_int64_t total_flow_bytes = 0;
u_int32_t avg_pkt_size = 0;
@@ -1989,7 +1953,9 @@ static void printResults(u_int64_t tot_usec) {
printf("\tFlow Memory (per flow): %-13s\n", formatBytes(sizeof(struct ndpi_flow_struct), buf, sizeof(buf)));
printf("\tActual Memory: %-13s\n", formatBytes(current_ndpi_memory, buf, sizeof(buf)));
printf("\tPeak Memory: %-13s\n", formatBytes(max_ndpi_memory, buf, sizeof(buf)));
-
+ printf("\tSetup Time: %lu msec\n", (unsigned long)(setup_time_usec/1000));
+ printf("\tPacket Processing Time: %lu msec\n", (unsigned long)(processing_time_usec/1000));
+
if(!json_flag) {
printf("\nTraffic statistics:\n");
printf("\tEthernet bytes: %-13llu (includes ethernet CRC/IFC/trailer)\n",
@@ -2020,13 +1986,15 @@ static void printResults(u_int64_t tot_usec) {
printf("\tPacket Len 1024-1500: %-13lu\n", (unsigned long)cumulative_stats.packet_len[4]);
printf("\tPacket Len > 1500: %-13lu\n", (unsigned long)cumulative_stats.packet_len[5]);
- if(tot_usec > 0) {
+ if(processing_time_usec > 0) {
char buf[32], buf1[32], when[64];
- float t = (float)(cumulative_stats.ip_packet_count*1000000)/(float)tot_usec;
- float b = (float)(cumulative_stats.total_wire_bytes * 8 *1000000)/(float)tot_usec;
+ float t = (float)(cumulative_stats.ip_packet_count*1000000)/(float)processing_time_usec;
+ float b = (float)(cumulative_stats.total_wire_bytes * 8 *1000000)/(float)processing_time_usec;
float traffic_duration;
- if(live_capture) traffic_duration = tot_usec;
+
+ if(live_capture) traffic_duration = processing_time_usec;
else traffic_duration = (pcap_end.tv_sec*1000000 + pcap_end.tv_usec) - (pcap_start.tv_sec*1000000 + pcap_start.tv_usec);
+
printf("\tnDPI throughput: %s pps / %s/sec\n", formatPackets(t, buf), formatTraffic(b, 1, buf1));
t = (float)(cumulative_stats.ip_packet_count*1000000)/(float)traffic_duration;
b = (float)(cumulative_stats.total_wire_bytes * 8 *1000000)/(float)traffic_duration;
@@ -2036,7 +2004,7 @@ static void printResults(u_int64_t tot_usec) {
strftime(when, sizeof(when), "%d/%b/%Y %H:%M:%S", localtime(&pcap_end.tv_sec));
printf("\tAnalysis end: %s\n", when);
printf("\tTraffic throughput: %s pps / %s/sec\n", formatPackets(t, buf), formatTraffic(b, 1, buf1));
- printf("\tTraffic duration: %.3f sec\n", traffic_duration/1000000);
+ printf("\tTraffic duration: %.3f sec\n", traffic_duration/1000000);
}
if(enable_protocol_guess)
@@ -2432,7 +2400,7 @@ static pcap_t * openPcapFileOrDevice(u_int16_t thread_id, const u_char * pcap_fi
/**
* @brief Check pcap packet
*/
-static void pcap_process_packet(u_char *args,
+static void ndpi_process_packet(u_char *args,
const struct pcap_pkthdr *header,
const u_char *packet) {
struct ndpi_proto p;
@@ -2525,12 +2493,13 @@ static void pcap_process_packet(u_char *args,
if((pcap_end.tv_sec-pcap_start.tv_sec) > pcap_analysis_duration) {
int i;
- u_int64_t tot_usec;
+ u_int64_t processing_time_usec, setup_time_usec;
gettimeofday(&end, NULL);
- tot_usec = end.tv_sec*1000000 + end.tv_usec - (begin.tv_sec*1000000 + begin.tv_usec);
-
- printResults(tot_usec);
+ processing_time_usec = end.tv_sec*1000000 + end.tv_usec - (begin.tv_sec*1000000 + begin.tv_usec);
+ setup_time_usec = begin.tv_sec*1000000 + begin.tv_usec - (startup_time.tv_sec*1000000 + startup_time.tv_usec);
+
+ printResults(processing_time_usec, setup_time_usec);
for(i=0; i<ndpi_thread_info[thread_id].workflow->prefs.num_roots; i++) {
ndpi_tdestroy(ndpi_thread_info[thread_id].workflow->ndpi_flows_root[i], ndpi_flow_info_freer);
@@ -2553,7 +2522,7 @@ static void pcap_process_packet(u_char *args,
*/
static void runPcapLoop(u_int16_t thread_id) {
if((!shutdown_app) && (ndpi_thread_info[thread_id].workflow->pcap_handle != NULL))
- pcap_loop(ndpi_thread_info[thread_id].workflow->pcap_handle, -1, &pcap_process_packet, (u_char*)&thread_id);
+ pcap_loop(ndpi_thread_info[thread_id].workflow->pcap_handle, -1, &ndpi_process_packet, (u_char*)&thread_id);
}
/**
@@ -2601,7 +2570,7 @@ void * processing_thread(void *_thread_id) {
h.len = h.caplen = len;
gettimeofday(&h.ts, NULL);
- pcap_process_packet((u_char*)&thread_id, &h, (const u_char *)data);
+ ndpi_process_packet((u_char*)&thread_id, &h, (const u_char *)data);
rte_pktmbuf_free(bufs[i]);
}
}
@@ -2629,7 +2598,7 @@ pcap_loop:
*/
void test_lib() {
struct timeval end;
- u_int64_t tot_usec;
+ u_int64_t processing_time_usec, setup_time_usec;
long thread_id;
#ifdef HAVE_JSON_C
@@ -2681,10 +2650,11 @@ void test_lib() {
}
gettimeofday(&end, NULL);
- tot_usec = end.tv_sec*1000000 + end.tv_usec - (begin.tv_sec*1000000 + begin.tv_usec);
+ processing_time_usec = end.tv_sec*1000000 + end.tv_usec - (begin.tv_sec*1000000 + begin.tv_usec);
+ setup_time_usec = begin.tv_sec*1000000 + begin.tv_usec - (startup_time.tv_sec*1000000 + startup_time.tv_usec);
/* Printing cumulative results */
- printResults(tot_usec);
+ printResults(processing_time_usec, setup_time_usec);
if(stats_flag) {
#ifdef HAVE_JSON_C
@@ -2703,7 +2673,7 @@ void test_lib() {
void automataUnitTest() {
void *automa;
- assert(automa = ndpi_init_automa());
+ assert((automa = ndpi_init_automa()));
assert(ndpi_add_string_to_automa(automa, "hello") == 0);
assert(ndpi_add_string_to_automa(automa, "world") == 0);
ndpi_finalize_automa(automa);
@@ -3297,8 +3267,8 @@ int orginal_main(int argc, char **argv) {
#else
int main(int argc, char **argv) {
#endif
- int i;
-
+ int i;
+
if(ndpi_get_api_version() != NDPI_API_VERSION) {
printf("nDPI Library version mismatch: please make sure this code and the nDPI library are in sync\n");
return(-1);
@@ -3306,7 +3276,9 @@ int orginal_main(int argc, char **argv) {
automataUnitTest();
+ gettimeofday(&startup_time, NULL);
ndpi_info_mod = ndpi_init_detection_module();
+
if(ndpi_info_mod == NULL) return -1;
memset(ndpi_thread_info, 0, sizeof(ndpi_thread_info));
Powered by cgit, Themed by Ted Yin.