diff options
| author | Toni Uhlig <matzeton@googlemail.com> | 2022-10-24 21:22:01 +0200 |
|---|---|---|
| committer | Toni Uhlig <matzeton@googlemail.com> | 2022-10-30 22:13:07 +0100 |
| commit | 805aef5de8b127e58ceae2e6f5c946dba7af569d (patch) | |
| tree | 689ad520dfb68e318d79d0f92f878d1277092636 | |
| parent | 2d14509f047ded824c1141b2355c5b9daba30c1e (diff) | |
Increased network buffer size to 33792 bytes.
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
| -rw-r--r-- | config.h | 2 | ||||
| -rw-r--r-- | dependencies/nDPIsrvd.py | 12 | ||||
| -rw-r--r-- | examples/README.md | 7 | ||||
| -rw-r--r-- | nDPId-test.c | 2 |
4 files changed, 13 insertions, 10 deletions
@@ -11,7 +11,7 @@ * NOTE: Buffer size needs to keep in sync with other implementations * e.g. dependencies/nDPIsrvd.py */ -#define NETWORK_BUFFER_MAX_SIZE 32768u /* 8192 + 8192 + 8192 + 8192 */ +#define NETWORK_BUFFER_MAX_SIZE 33792u /* 8192 + 8192 + 8192 + 8192 + 1024 */ #define NETWORK_BUFFER_LENGTH_DIGITS 5u #define NETWORK_BUFFER_LENGTH_DIGITS_STR "5" diff --git a/dependencies/nDPIsrvd.py b/dependencies/nDPIsrvd.py index aa395bf06..cfb8fa44e 100644 --- a/dependencies/nDPIsrvd.py +++ b/dependencies/nDPIsrvd.py @@ -21,7 +21,7 @@ DEFAULT_PORT = 7000 DEFAULT_UNIX = '/tmp/ndpid-distributor.sock' NETWORK_BUFFER_MIN_SIZE = 6 # NETWORK_BUFFER_LENGTH_DIGITS + 1 -NETWORK_BUFFER_MAX_SIZE = 32768 # Please keep this value in sync with the one in config.h +NETWORK_BUFFER_MAX_SIZE = 33792 # Please keep this value in sync with the one in config.h PKT_TYPE_ETH_IP4 = 0x0800 PKT_TYPE_ETH_IP6 = 0x86DD @@ -417,7 +417,13 @@ class nDPIsrvdSocket: index = 0 for received_line in self.lines: - json_dict = json.loads(received_line[0].decode('ascii', errors='replace'), strict=True) + try: + json_dict = json.loads(received_line[0].decode('ascii', errors='replace'), strict=True) + except json.decoder.JSONDecodeError as err: + sys.stderr.write('\nFATAL: JSON decode failed at line "{}"\n'.format(received_line[0].decode('ascii', errors='replace'))) + sys.stderr.write('\n{}\n'.format(str(err))) + retval = False + instance = self.flow_mgr.getInstance(json_dict) if instance is None: retval = False @@ -474,7 +480,7 @@ def validateAddress(args): address = None if args.host is None: - address_tcpip = (DEFAULT_HOST, DEFAULT_PORT) + address_tcpip = (DEFAULT_HOST, args.port) else: address_tcpip = (args.host, args.port) tcp_addr_set = True diff --git a/examples/README.md b/examples/README.md index 71b7b8204..eb00539d9 100644 --- a/examples/README.md +++ b/examples/README.md @@ -37,15 +37,12 @@ Prints prettyfied information about flow events. Use sklearn together with CSVs created with **c-analysed** to train and predict DPI detections. -Try it with: `./examples/py-machine-learning/sklearn-ml.py --csv ./ndpi-analysed.csv --proto-class tls.youtube --proto-class tls.github --proto-class tls.spotify --proto-class tls.facebook --proto-class tls.instagram --proto-class tls.doh_dot --proto-class quic --proto-class icmp` +Try it with: `./examples/py-machine-learning/sklearn_random_forest.py --csv ./ndpi-analysed.csv --proto-class tls.youtube --proto-class tls.github --proto-class tls.spotify --proto-class tls.facebook --proto-class tls.instagram --proto-class tls.doh_dot --proto-class quic --proto-class icmp` This way you should get 9 different classification classes. You may notice that some classes e.g. TLS protocol classifications may have a higher false-negative rate. - Unfortunately, I can not provide any datasets due to some privacy concerns. -But you can use a [pre-trained model](https://drive.google.com/file/d/1KEwbP-Gx7KJr54wNoa63I56VI4USCAPL/view?usp=sharing) with `--load-model` using python-joblib. -Please send me your CSV files to improve the model. I will treat those files confidential. -They'll only be used for the training process and purged afterwards. +But you can use a [pre-trained model](https://drive.google.com/file/d/1KEwbP-Gx7KJr54wNoa63I56VI4USCAPL/view?usp=sharing) with `--load-model` and the aformentioned parameters. ## py-flow-dashboard diff --git a/nDPId-test.c b/nDPId-test.c index 31c3ebca6..5819d710a 100644 --- a/nDPId-test.c +++ b/nDPId-test.c @@ -1227,7 +1227,7 @@ int main(int argc, char ** argv) if (THREADS_RETURNED_ERROR() != 0) { char const * which_thread = "Unknown"; - int thread_errno; + int thread_errno = 0; if (nDPId_return.thread_return_value.val != 0) { |