diff options
| author | Toni Uhlig <matzeton@googlemail.com> | 2020-08-19 19:54:49 +0200 |
|---|---|---|
| committer | Toni Uhlig <matzeton@googlemail.com> | 2020-08-19 19:54:49 +0200 |
| commit | 5830beb70fe0c132f0d45933c450183b870d88ad (patch) | |
| tree | c0cdb7fe1b3d5d6172744196c9b28d185113d3ac /examples | |
| parent | 4c9e099d0fc5b78b241c3f848a0409655d51fff4 (diff) | |
nDPIsrvd.py: improved PCAP writing for guessed/undetected flows (ignore empty UDP/TCP packets)
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
Diffstat (limited to 'examples')
| -rwxr-xr-x | examples/py-flow-undetected-to-pcap/flow-undetected-to-pcap.py | 16 |
1 files changed, 4 insertions, 12 deletions
diff --git a/examples/py-flow-undetected-to-pcap/flow-undetected-to-pcap.py b/examples/py-flow-undetected-to-pcap/flow-undetected-to-pcap.py index 1a87314ad..8a4c2fe93 100755 --- a/examples/py-flow-undetected-to-pcap/flow-undetected-to-pcap.py +++ b/examples/py-flow-undetected-to-pcap/flow-undetected-to-pcap.py @@ -25,26 +25,18 @@ def parse_json_str(json_str): return if event == 'new': - print('New flow with id {}.'.format(flow_id)) FLOWS[flow_id] = PcapPacket(flow_id) elif flow_id not in FLOWS: - print('Ignore flow event with id {} as we did not get any flow-new event.'.format(flow_id)) return elif event == 'end' or event == 'idle': - if event == 'end': - print('End flow with id {}.'.format(flow_id)) - elif event == 'idle': - print('Idle flow with id {}.'.format(flow_id)) del FLOWS[flow_id] elif event == 'detected': FLOWS[flow_id].detected() elif event == 'guessed' or event == 'not-detected': if event == 'guessed': - print('Guessed flow with id {}.'.format(flow_id)) - FLOWS[flow_id].fin('guessed') + print('Guessed flow with id {}, PCAP dump returned: {}'.format(flow_id, FLOWS[flow_id].fin('guessed'))) else: - print('Not-detected flow with id {}.'.format(flow_id)) - FLOWS[flow_id].fin('undetected') + print('Not-detected flow with id {}: PCAP dump returned {}'.format(flow_id, FLOWS[flow_id].fin('undetected'))) else: raise RuntimeError('unknown flow event name: {}'.format(event)) @@ -59,12 +51,12 @@ def parse_json_str(json_str): if flow_id not in FLOWS: return - FLOWS[flow_id].addPacket(buffer_decoded) + FLOWS[flow_id].addPacket(buffer_decoded, j['pkt_type'], j['pkt_ipoffset']) if j['packet_event_name'] == 'packet': flow = PcapPacket() - flow.addPacket(buffer_decoded) + flow.addPacket(buffer_decoded, j['pkt_type'], j['pkt_ipoffset']) if __name__ == '__main__': |