From d274a06176156b6eb8b1523375f94cbe5ecbbab7 Mon Sep 17 00:00:00 2001 From: Toni Uhlig Date: Fri, 24 Nov 2023 10:41:26 +0100 Subject: flow-info.py: Do not print any information if a flow is "empty" meaning no L4 payload seen so far. * added JsonDecodeError to provide more information if builtin JSON decoder fails Signed-off-by: Toni Uhlig --- examples/py-flow-info/flow-info.py | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'examples/py-flow-info/flow-info.py') diff --git a/examples/py-flow-info/flow-info.py b/examples/py-flow-info/flow-info.py index f905231e4..99eadb9ac 100755 --- a/examples/py-flow-info/flow-info.py +++ b/examples/py-flow-info/flow-info.py @@ -498,6 +498,11 @@ def onJsonLineRecvd(json_dict, instance, current_flow, global_user_data): if args.print_hostname is True: line_suffix += '[{}]'.format(json_dict['ndpi']['hostname']) + if args.skip_empty is True: + if json_dict['flow_src_tot_l4_payload_len'] == 0 or json_dict['flow_dst_tot_l4_payload_len'] == 0: + stats.printStatus() + return True + if args.print_bytes is True: src_color = '' dst_color = '' @@ -566,6 +571,8 @@ if __name__ == '__main__': help='Print received/transmitted source/dest bytes for every flow.') argparser.add_argument('--print-packets', action='store_true', default=False, help='Print received/transmitted source/dest packets for every flow.') + argparser.add_argument('--skip-empty', action='store_true', default=False, + help='Do not print flows that did not carry any layer7 payload.') argparser.add_argument('--guessed', action='store_true', default=False, help='Print only guessed flow events.') argparser.add_argument('--not-detected', action='store_true', default=False, help='Print only undetected flow events.') argparser.add_argument('--detected', action='store_true', default=False, help='Print only detected flow events.') -- cgit v1.2.3