diff options
| author | Toni Uhlig <matzeton@googlemail.com> | 2020-09-26 00:48:24 +0200 |
|---|---|---|
| committer | Toni Uhlig <matzeton@googlemail.com> | 2020-09-26 00:49:34 +0200 |
| commit | 84712686a77d39f955673f75d33ca0291ed0c6e6 (patch) | |
| tree | bb6093faee6d14d38c6fe7493081bcee66bd8038 /contrib | |
| parent | adce2272dc75d91b0dd3a9a5c502de99d828eca2 (diff) | |
Centralized EventName validation and moved code parts.
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
Diffstat (limited to 'contrib')
| -rw-r--r-- | contrib/nDPIsrvd.py | 27 |
1 files changed, 27 insertions, 0 deletions
diff --git a/contrib/nDPIsrvd.py b/contrib/nDPIsrvd.py index 8e91eab04..517b5e9f3 100644 --- a/contrib/nDPIsrvd.py +++ b/contrib/nDPIsrvd.py @@ -128,3 +128,30 @@ class PcapPacket: def JsonParseBytes(json_bytes): return json.loads(json_bytes.decode('ascii', errors='replace'), strict=False) + +def validateEventName(json_dict): + if type(json_dict) is not dict: + raise RuntimeError('Argument is not a dictionary!') + + event_str = None + + if 'flow_event_name' in json_dict: + event = j['flow_event_name'].lower() + if event == 'new': + event_str = 'New flow' + elif event == 'end': + event_str = 'End flow' + elif event == 'idle': + event_str = 'Idle flow' + elif event == 'detected': + event_str = 'Detected' + elif event == 'detection-update': + event_str = 'Update' + elif event == 'guessed': + event_str = 'Guessed' + elif event == 'not-detected': + event_str = 'Not detected' + else: + return None + + return event_str |