diff options
| author | Toni Uhlig <matzeton@googlemail.com> | 2022-03-08 14:17:24 +0100 |
|---|---|---|
| committer | Toni Uhlig <matzeton@googlemail.com> | 2022-03-08 14:17:24 +0100 |
| commit | 6f1f9e65ea86bba7c944b183e7d413a14f71852d (patch) | |
| tree | 625bc8a843d049d786c65362e843039d556064fc /examples | |
| parent | d0985a5732f495c0cdecfdd12dc50d781ef51b24 (diff) | |
Fixed some pyhton issues with static class members.
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
Diffstat (limited to 'examples')
| -rwxr-xr-x | examples/py-flow-dashboard/flow-dash.py | 111 | ||||
| -rwxr-xr-x | examples/py-flow-info/flow-info.py | 25 | ||||
| -rwxr-xr-x | examples/py-schema-validation/py-schema-validation.py | 8 | ||||
| -rwxr-xr-x | examples/py-semantic-validation/py-semantic-validation.py | 11 |
4 files changed, 83 insertions, 72 deletions
diff --git a/examples/py-flow-dashboard/flow-dash.py b/examples/py-flow-dashboard/flow-dash.py index d6eb54bdf..624824f60 100755 --- a/examples/py-flow-dashboard/flow-dash.py +++ b/examples/py-flow-dashboard/flow-dash.py @@ -19,40 +19,40 @@ FLOW_RISK_LOW = 1 def nDPIsrvd_worker_onFlowCleanup(instance, current_flow, global_user_data): _, shared_flow_dict = global_user_data - flow_id = current_flow.flow_id + flow_key = current_flow.flow_key shared_flow_dict['current-flows'] -= 1 - if flow_id not in shared_flow_dict: + if flow_key not in shared_flow_dict: return True - shared_flow_dict['total-l4-bytes'] += shared_flow_dict[flow_id]['total-l4-bytes'] + shared_flow_dict['total-l4-bytes'] += shared_flow_dict[flow_key]['total-l4-bytes'] - if shared_flow_dict[flow_id]['is_detected'] is True: + if shared_flow_dict[flow_key]['is_detected'] is True: shared_flow_dict['current-detected-flows'] -= 1 - if shared_flow_dict[flow_id]['is_guessed'] is True: + if shared_flow_dict[flow_key]['is_guessed'] is True: shared_flow_dict['current-guessed-flows'] -= 1 - if shared_flow_dict[flow_id]['is_not_detected'] is True: + if shared_flow_dict[flow_key]['is_not_detected'] is True: shared_flow_dict['current-not-detected-flows'] -= 1 - if shared_flow_dict[flow_id]['is_midstream'] is True: + if shared_flow_dict[flow_key]['is_midstream'] is True: shared_flow_dict['current-midstream-flows'] -= 1 - if shared_flow_dict[flow_id]['is_risky'] > 0: + if shared_flow_dict[flow_key]['is_risky'] > 0: shared_flow_dict['current-risky-flows'] -= 1 - if shared_flow_dict[flow_id]['is_risky'] == FLOW_RISK_LOW: + if shared_flow_dict[flow_key]['is_risky'] == FLOW_RISK_LOW: shared_flow_dict['current-risky-flows-low'] -= 1 - elif shared_flow_dict[flow_id]['is_risky'] == FLOW_RISK_MEDIUM: + elif shared_flow_dict[flow_key]['is_risky'] == FLOW_RISK_MEDIUM: shared_flow_dict['current-risky-flows-medium'] -= 1 - elif shared_flow_dict[flow_id]['is_risky'] == FLOW_RISK_HIGH: + elif shared_flow_dict[flow_key]['is_risky'] == FLOW_RISK_HIGH: shared_flow_dict['current-risky-flows-high'] -= 1 - elif shared_flow_dict[flow_id]['is_risky'] == FLOW_RISK_SEVERE: + elif shared_flow_dict[flow_key]['is_risky'] == FLOW_RISK_SEVERE: shared_flow_dict['current-risky-flows-severe'] -= 1 - del shared_flow_dict[current_flow.flow_id] + del shared_flow_dict[current_flow.flow_key] return True @@ -76,42 +76,53 @@ def nDPIsrvd_worker_onJsonLineRecvd(json_dict, instance, current_flow, global_us if 'flow_id' not in json_dict: return True else: - if current_flow.flow_id != json_dict['flow_id']: - return False - flow_id = current_flow.flow_id + flow_key = json_dict['alias'] + '-' + json_dict['source'] + '-' + str(json_dict['flow_id']) - if flow_id not in shared_flow_dict: - shared_flow_dict[flow_id] = mgr.dict() - shared_flow_dict[flow_id]['is_detected'] = False - shared_flow_dict[flow_id]['is_guessed'] = False - shared_flow_dict[flow_id]['is_not_detected'] = False - shared_flow_dict[flow_id]['is_midstream'] = False - shared_flow_dict[flow_id]['is_risky'] = 0 - shared_flow_dict[flow_id]['total-l4-bytes'] = 0 + if flow_key not in shared_flow_dict: + current_flow.flow_key = flow_key + shared_flow_dict[flow_key] = mgr.dict() + shared_flow_dict[flow_key]['is_detected'] = False + shared_flow_dict[flow_key]['is_guessed'] = False + shared_flow_dict[flow_key]['is_not_detected'] = False + shared_flow_dict[flow_key]['is_midstream'] = False + shared_flow_dict[flow_key]['is_risky'] = 0 + shared_flow_dict[flow_key]['total-l4-bytes'] = 0 - shared_flow_dict[flow_id]['json'] = mgr.dict() + shared_flow_dict[flow_key]['json'] = mgr.dict() shared_flow_dict['total-flows'] += 1 shared_flow_dict['current-flows'] += 1 + if current_flow.flow_key != flow_key: + return False + if 'flow_tot_l4_payload_len' in json_dict: - shared_flow_dict[flow_id]['total-l4-bytes'] = json_dict['flow_tot_l4_payload_len'] + shared_flow_dict[flow_key]['total-l4-bytes'] = json_dict['flow_tot_l4_payload_len'] if 'midstream' in json_dict and json_dict['midstream'] != 0: - if shared_flow_dict[flow_id]['is_midstream'] is False: + if shared_flow_dict[flow_key]['is_midstream'] is False: shared_flow_dict['total-midstream-flows'] += 1 shared_flow_dict['current-midstream-flows'] += 1 - shared_flow_dict[flow_id]['is_midstream'] = True + shared_flow_dict[flow_key]['is_midstream'] = True if 'ndpi' in json_dict: - # XXX: Will make use of that JSON string in Plotly. Soon.. - shared_flow_dict[flow_id]['json']['ndpi'] = json_dict['ndpi'] - - if 'flow_risk' in json_dict['ndpi'] and shared_flow_dict[flow_id]['is_risky'] == 0: - shared_flow_dict['total-risky-flows'] += 1 - shared_flow_dict['current-risky-flows'] += 1 + shared_flow_dict[flow_key]['json']['ndpi'] = json_dict['ndpi'] + + if 'flow_risk' in json_dict['ndpi']: + if shared_flow_dict[flow_key]['is_risky'] == 0: + shared_flow_dict['total-risky-flows'] += 1 + shared_flow_dict['current-risky-flows'] += 1 + + severity = shared_flow_dict[flow_key]['is_risky'] + if severity == FLOW_RISK_LOW: + shared_flow_dict['current-risky-flows-low'] -= 1 + elif severity == FLOW_RISK_MEDIUM: + shared_flow_dict['current-risky-flows-medium'] -= 1 + elif severity == FLOW_RISK_HIGH: + shared_flow_dict['current-risky-flows-high'] -= 1 + elif severity == FLOW_RISK_SEVERE: + shared_flow_dict['current-risky-flows-severe'] -= 1 - severity = shared_flow_dict[flow_id]['is_risky'] for key in json_dict['ndpi']['flow_risk']: if json_dict['ndpi']['flow_risk'][key]['severity'] == 'Low': severity = max(severity, FLOW_RISK_LOW) @@ -124,15 +135,15 @@ def nDPIsrvd_worker_onJsonLineRecvd(json_dict, instance, current_flow, global_us else: raise RuntimeError('Invalid flow risk severity: {}'.format( json_dict['ndpi']['flow_risk'][key]['severity'])) - shared_flow_dict[flow_id]['is_risky'] = severity - if shared_flow_dict[flow_id]['is_risky'] == FLOW_RISK_LOW: + shared_flow_dict[flow_key]['is_risky'] = severity + if severity == FLOW_RISK_LOW: shared_flow_dict['current-risky-flows-low'] += 1 - elif shared_flow_dict[flow_id]['is_risky'] == FLOW_RISK_MEDIUM: + elif severity == FLOW_RISK_MEDIUM: shared_flow_dict['current-risky-flows-medium'] += 1 - elif shared_flow_dict[flow_id]['is_risky'] == FLOW_RISK_HIGH: + elif severity == FLOW_RISK_HIGH: shared_flow_dict['current-risky-flows-high'] += 1 - elif shared_flow_dict[flow_id]['is_risky'] == FLOW_RISK_SEVERE: + elif severity == FLOW_RISK_SEVERE: shared_flow_dict['current-risky-flows-severe'] += 1 if 'flow_event_name' not in json_dict: @@ -140,10 +151,10 @@ def nDPIsrvd_worker_onJsonLineRecvd(json_dict, instance, current_flow, global_us if json_dict['flow_state'] == 'finished' and \ json_dict['ndpi']['proto'] != 'Unknown' and \ - shared_flow_dict[flow_id]['is_detected'] is False: + shared_flow_dict[flow_key]['is_detected'] is False: shared_flow_dict['total-detected-flows'] += 1 shared_flow_dict['current-detected-flows'] += 1 - shared_flow_dict[flow_id]['is_detected'] = True + shared_flow_dict[flow_key]['is_detected'] = True if json_dict['flow_event_name'] == 'new': @@ -165,19 +176,19 @@ def nDPIsrvd_worker_onJsonLineRecvd(json_dict, instance, current_flow, global_us shared_flow_dict['total-flow-guessed-events'] += 1 - if shared_flow_dict[flow_id]['is_guessed'] is False: + if shared_flow_dict[flow_key]['is_guessed'] is False: shared_flow_dict['total-guessed-flows'] += 1 shared_flow_dict['current-guessed-flows'] += 1 - shared_flow_dict[flow_id]['is_guessed'] = True + shared_flow_dict[flow_key]['is_guessed'] = True elif json_dict['flow_event_name'] == 'not-detected': shared_flow_dict['total-flow-not-detected-events'] += 1 - if shared_flow_dict[flow_id]['is_not_detected'] is False: + if shared_flow_dict[flow_key]['is_not_detected'] is False: shared_flow_dict['total-not-detected-flows'] += 1 shared_flow_dict['current-not-detected-flows'] += 1 - shared_flow_dict[flow_id]['is_not_detected'] = True + shared_flow_dict[flow_key]['is_not_detected'] = True elif json_dict['flow_event_name'] == 'detected' or \ json_dict['flow_event_name'] == 'detection-update': @@ -187,15 +198,15 @@ def nDPIsrvd_worker_onJsonLineRecvd(json_dict, instance, current_flow, global_us else: shared_flow_dict['total-flow-detected-events'] += 1 - if shared_flow_dict[flow_id]['is_detected'] is False: + if shared_flow_dict[flow_key]['is_detected'] is False: shared_flow_dict['total-detected-flows'] += 1 shared_flow_dict['current-detected-flows'] += 1 - shared_flow_dict[flow_id]['is_detected'] = True + shared_flow_dict[flow_key]['is_detected'] = True - if shared_flow_dict[flow_id]['is_guessed'] is True: + if shared_flow_dict[flow_key]['is_guessed'] is True: shared_flow_dict['total-guessed-flows'] -= 1 shared_flow_dict['current-guessed-flows'] -= 1 - shared_flow_dict[flow_id]['is_guessed'] = False + shared_flow_dict[flow_key]['is_guessed'] = False return True diff --git a/examples/py-flow-info/flow-info.py b/examples/py-flow-info/flow-info.py index 7df843ccb..96767e2cd 100755 --- a/examples/py-flow-info/flow-info.py +++ b/examples/py-flow-info/flow-info.py @@ -29,23 +29,22 @@ def set_attr_if_not_set(some_object, attr_name, value): setattr(some_object, attr_name, value) class Stats: - last_status_length = 0 - avg_xfer_json_bytes = 0.0 - expired_tot_l4_payload_len = 0 - expired_avg_l4_payload_len = 0 - total_flows = 0 - risky_flows = 0 - midstream_flows = 0 - guessed_flows = 0 - not_detected_flows = 0 - start_time = 0.0 - current_time = 0.0 - json_lines = 0 - spinner_state = 0 def __init__(self, nDPIsrvd_sock): self.start_time = time.time() self.nsock = nDPIsrvd_sock + self.last_status_length = 0 + self.avg_xfer_json_bytes = 0.0 + self.expired_tot_l4_payload_len = 0 + self.expired_avg_l4_payload_len = 0 + self.total_flows = 0 + self.risky_flows = 0 + self.midstream_flows = 0 + self.guessed_flows = 0 + self.not_detected_flows = 0 + self.current_time = 0.0 + self.json_lines = 0 + self.spinner_state = 0 def updateSpinner(self): if self.current_time + 0.25 <= time.time(): diff --git a/examples/py-schema-validation/py-schema-validation.py b/examples/py-schema-validation/py-schema-validation.py index 590ace92e..4a1856895 100755 --- a/examples/py-schema-validation/py-schema-validation.py +++ b/examples/py-schema-validation/py-schema-validation.py @@ -10,9 +10,11 @@ import nDPIsrvd from nDPIsrvd import nDPIsrvdSocket, TermColor class Stats: - lines_processed = 0 - print_dot_every = 10 - print_nmb_every = print_dot_every * 5 + + def __init__(self): + self.lines_processed = 0 + self.print_dot_every = 10 + self.print_nmb_every = self.print_dot_every * 5 def onJsonLineRecvd(json_dict, instance, current_flow, global_user_data): validation_done = nDPIsrvd.validateAgainstSchema(json_dict) diff --git a/examples/py-semantic-validation/py-semantic-validation.py b/examples/py-semantic-validation/py-semantic-validation.py index bce0355de..65bf133c1 100755 --- a/examples/py-semantic-validation/py-semantic-validation.py +++ b/examples/py-semantic-validation/py-semantic-validation.py @@ -10,15 +10,14 @@ import nDPIsrvd from nDPIsrvd import nDPIsrvdSocket, TermColor class Stats: - event_counter = dict() - - lines_processed = 0 - print_dot_every = 10 - print_nmb_every = print_dot_every * 5 def __init__(self, nDPIsrvd_sock): - self.resetEventCounter() self.nsock = nDPIsrvd_sock + self.event_counter = dict() + self.resetEventCounter() + self.lines_processed = 0 + self.print_dot_every = 10 + self.print_nmb_every = self.print_dot_every * 5 def resetEventCounter(self): keys = ['init','reconnect','shutdown','status', \ |