diff options
| -rw-r--r-- | contrib/nDPIsrvd.py | 27 | ||||
| -rwxr-xr-x | examples/py-flow-info/flow-info.py | 10 | ||||
| -rwxr-xr-x | examples/py-flow-undetected-to-pcap/flow-undetected-to-pcap.py | 2 | ||||
| -rwxr-xr-x | examples/py-risky-flow-to-pcap/risky-flow-to-pcap.py | 2 |
4 files changed, 31 insertions, 10 deletions
diff --git a/contrib/nDPIsrvd.py b/contrib/nDPIsrvd.py index 517b5e9f3..3214952b5 100644 --- a/contrib/nDPIsrvd.py +++ b/contrib/nDPIsrvd.py @@ -129,14 +129,14 @@ class PcapPacket: def JsonParseBytes(json_bytes): return json.loads(json_bytes.decode('ascii', errors='replace'), strict=False) -def validateEventName(json_dict): +def validateFlowEventName(json_dict): if type(json_dict) is not dict: raise RuntimeError('Argument is not a dictionary!') - event_str = None + event_str = 'Unknown' if 'flow_event_name' in json_dict: - event = j['flow_event_name'].lower() + event = json_dict['flow_event_name'].lower() if event == 'new': event_str = 'New flow' elif event == 'end': @@ -152,6 +152,25 @@ def validateEventName(json_dict): elif event == 'not-detected': event_str = 'Not detected' else: - return None + raise RuntimeError('Unknown flow event name: `{}\'.'.format(event)) + + return event_str + +def validatePacketEventName(json_dict): + if type(json_dict) is not dict: + raise RuntimeError('Argument is not a dictionary!') + + event_str = 'Unknown' + + if 'packet_event_name' in json_dict: + event = json_dict['packet_event_name'].lower() + if event == 'invalid': + event_str = 'Invalid' + elif event == 'packet': + event_str = 'Packet' + elif event == 'packet-flow': + event_str = 'Packet Flow' + else: + raise RuntimeError('Unknown packet event name: `{}\'.'.format(event)) return event_str diff --git a/examples/py-flow-info/flow-info.py b/examples/py-flow-info/flow-info.py index 638c76581..61f25429d 100755 --- a/examples/py-flow-info/flow-info.py +++ b/examples/py-flow-info/flow-info.py @@ -11,10 +11,12 @@ from nDPIsrvd import nDPIsrvdSocket, TermColor def parse_json_str(json_str): j = nDPIsrvd.JsonParseBytes(json_str[0]) - - event_str = validateEventName(j) - if event_str is None: - raise RuntimeError('unknown flow event name: {}'.format(event)) + event_str = nDPIsrvd.validateFlowEventName(j) + if event_str is 'Unknown': + if nDPIsrvd.validatePacketEventName(j) is 'Unknown': + raise RuntimeError('Missing flow_event_name in the JSON string.') + else: + return ndpi_proto_categ = '' ndpi_frisk = '' diff --git a/examples/py-flow-undetected-to-pcap/flow-undetected-to-pcap.py b/examples/py-flow-undetected-to-pcap/flow-undetected-to-pcap.py index 8a4c2fe93..26eac3ff5 100755 --- a/examples/py-flow-undetected-to-pcap/flow-undetected-to-pcap.py +++ b/examples/py-flow-undetected-to-pcap/flow-undetected-to-pcap.py @@ -30,7 +30,7 @@ def parse_json_str(json_str): return elif event == 'end' or event == 'idle': del FLOWS[flow_id] - elif event == 'detected': + elif event == 'detected' or event == 'detection-update': FLOWS[flow_id].detected() elif event == 'guessed' or event == 'not-detected': if event == 'guessed': diff --git a/examples/py-risky-flow-to-pcap/risky-flow-to-pcap.py b/examples/py-risky-flow-to-pcap/risky-flow-to-pcap.py index 65b543ca6..5636b25d5 100755 --- a/examples/py-risky-flow-to-pcap/risky-flow-to-pcap.py +++ b/examples/py-risky-flow-to-pcap/risky-flow-to-pcap.py @@ -30,7 +30,7 @@ def parse_json_str(json_str): return elif event == 'end' or event == 'idle': del FLOWS[flow_id] - elif event == 'detected' or event == 'guessed' or event == 'not-detected': + elif event == 'detected' or event == 'detection-update' or event == 'guessed' or event == 'not-detected': if 'ndpi' in j and 'flow_risk' in j['ndpi']: print('Risky flow with id {}, PCAP dump returned: {}'.format(flow_id, FLOWS[flow_id].fin('risky'))) |