flow-undetected-to-pcap.py: apply 'guessed' or 'undetected' to the filepath

Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
author: Toni Uhlig <matzeton@googlemail.com> 2020-08-14 14:17:53 +0200
committer: Toni Uhlig <matzeton@googlemail.com> 2020-08-14 14:17:53 +0200
commit: 0ce3965d1fcd27bcbffe0f7d9cf556c8ead83463 (patch)
tree: f76d51e43829ccaf88c7efc8a316c14a591642f0 /examples
parent: d8a3693cd0a7b39ac2b617907038197912f77b53 (diff)
1 files changed, 7 insertions, 5 deletions
diff --git a/examples/py-flow-undetected-to-pcap/flow-undetected-to-pcap.py b/examples/py-flow-undetected-to-pcap/flow-undetected-to-pcap.py
index e97b66cf1..9af862144 100755
--- a/examples/py-flow-undetected-to-pcap/flow-undetected-to-pcap.py
+++ b/examples/py-flow-undetected-to-pcap/flow-undetected-to-pcap.py
@@ -67,7 +67,7 @@ class Flow:
     def detected(self):
         self.was_detected = True
 
-    def fin(self):
+    def fin(self, filename_suffix):
         if self.was_dumped is True:
             return
         if self.was_detected is True:
@@ -75,9 +75,11 @@ class Flow:
 
         if self.pktdump is None:
             if self.flow_id == -1:
-                self.pktdump = scapy.all.PcapWriter('packet-undetected.pcap', append=True, sync=True)
+                self.pktdump = scapy.all.PcapWriter('packet-{}.pcap'.format(filename_suffix),
+                                                    append=True, sync=True)
             else:
-                self.pktdump = scapy.all.PcapWriter('flow-undetected-{}.pcap'.format(self.flow_id), append=False, sync=True)
+                self.pktdump = scapy.all.PcapWriter('flow-{}-{}.pcap'.format(filename_suffix, self.flow_id),
+                                                    append=False, sync=True)
 
         for packet in self.packets:
             self.pktdump.write(scapy.all.Raw(packet))
@@ -113,16 +115,16 @@ def parse_json_str(json_str):
                 print('End flow with id {}.'.format(flow_id))
             elif event == 'idle':
                 print('Idle flow with id {}.'.format(flow_id))
-            FLOWS[flow_id].fin()
             del FLOWS[flow_id]
         elif event == 'detected':
             FLOWS[flow_id].detected()
         elif event == 'guessed' or event == 'not-detected':
             if event == 'guessed':
                 print('Guessed flow with id {}.'.format(flow_id))
+                FLOWS[flow_id].fin('guessed')
             else:
                 print('Not-detected flow with id {}.'.format(flow_id))
-            FLOWS[flow_id].fin()
+                FLOWS[flow_id].fin('undetected')
         else:
             raise RuntimeError('unknown flow event name: {}'.format(event))
author	Toni Uhlig <matzeton@googlemail.com>	2020-08-14 14:17:53 +0200
committer	Toni Uhlig <matzeton@googlemail.com>	2020-08-14 14:17:53 +0200
commit	0ce3965d1fcd27bcbffe0f7d9cf556c8ead83463 (patch)
tree	f76d51e43829ccaf88c7efc8a316c14a591642f0 /examples
parent	d8a3693cd0a7b39ac2b617907038197912f77b53 (diff)