mirror of
https://github.com/optim-enterprises-bv/nDPId-2.git
synced 2025-11-01 18:57:52 +00:00
Fixed some pyhton issues with static class members.
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
This commit is contained in:
Toni Uhlig
14
dependencies/nDPIsrvd.py
vendored
14
dependencies/nDPIsrvd.py
vendored
@@ -79,14 +79,12 @@ class ThreadData:
|
|||||||
pass
|
pass
|
||||||
|
|
||||||
class Instance:
|
class Instance:
|
||||||
alias = ''
|
|
||||||
source = ''
|
|
||||||
flows = dict()
|
|
||||||
thread_data = dict()
|
|
||||||
|
|
||||||
def __init__(self, alias, source):
|
def __init__(self, alias, source):
|
||||||
self.alias = str(alias)
|
self.alias = str(alias)
|
||||||
self.source = str(source)
|
self.source = str(source)
|
||||||
|
self.flows = dict()
|
||||||
|
self.thread_data = dict()
|
||||||
|
|
||||||
def __str__(self):
|
def __str__(self):
|
||||||
return '<%s.%s object at %s with alias %s, source %s>' % (
|
return '<%s.%s object at %s with alias %s, source %s>' % (
|
||||||
@@ -130,15 +128,13 @@ class Instance:
|
|||||||
self.setMostRecentFlowTime(thread_id, max(json_dict['thread_ts_msec'], mrtf))
|
self.setMostRecentFlowTime(thread_id, max(json_dict['thread_ts_msec'], mrtf))
|
||||||
|
|
||||||
class Flow:
|
class Flow:
|
||||||
flow_id = -1
|
|
||||||
thread_id = -1
|
|
||||||
flow_last_seen = -1
|
|
||||||
flow_idle_time = -1
|
|
||||||
cleanup_reason = -1
|
|
||||||
|
|
||||||
def __init__(self, flow_id, thread_id):
|
def __init__(self, flow_id, thread_id):
|
||||||
self.flow_id = flow_id
|
self.flow_id = flow_id
|
||||||
self.thread_id = thread_id
|
self.thread_id = thread_id
|
||||||
|
self.flow_last_seen = -1
|
||||||
|
self.flow_idle_time = -1
|
||||||
|
self.cleanup_reason = -1
|
||||||
|
|
||||||
def __str__(self):
|
def __str__(self):
|
||||||
return '<%s.%s object at %s with flow id %d>' % (
|
return '<%s.%s object at %s with flow id %d>' % (
|
||||||
|
|||||||
@@ -19,40 +19,40 @@ FLOW_RISK_LOW = 1
|
|||||||
def nDPIsrvd_worker_onFlowCleanup(instance, current_flow, global_user_data):
|
def nDPIsrvd_worker_onFlowCleanup(instance, current_flow, global_user_data):
|
||||||
_, shared_flow_dict = global_user_data
|
_, shared_flow_dict = global_user_data
|
||||||
|
|
||||||
flow_id = current_flow.flow_id
|
flow_key = current_flow.flow_key
|
||||||
|
|
||||||
shared_flow_dict['current-flows'] -= 1
|
shared_flow_dict['current-flows'] -= 1
|
||||||
|
|
||||||
if flow_id not in shared_flow_dict:
|
if flow_key not in shared_flow_dict:
|
||||||
return True
|
return True
|
||||||
|
|
||||||
shared_flow_dict['total-l4-bytes'] += shared_flow_dict[flow_id]['total-l4-bytes']
|
shared_flow_dict['total-l4-bytes'] += shared_flow_dict[flow_key]['total-l4-bytes']
|
||||||
|
|
||||||
if shared_flow_dict[flow_id]['is_detected'] is True:
|
if shared_flow_dict[flow_key]['is_detected'] is True:
|
||||||
shared_flow_dict['current-detected-flows'] -= 1
|
shared_flow_dict['current-detected-flows'] -= 1
|
||||||
|
|
||||||
if shared_flow_dict[flow_id]['is_guessed'] is True:
|
if shared_flow_dict[flow_key]['is_guessed'] is True:
|
||||||
shared_flow_dict['current-guessed-flows'] -= 1
|
shared_flow_dict['current-guessed-flows'] -= 1
|
||||||
|
|
||||||
if shared_flow_dict[flow_id]['is_not_detected'] is True:
|
if shared_flow_dict[flow_key]['is_not_detected'] is True:
|
||||||
shared_flow_dict['current-not-detected-flows'] -= 1
|
shared_flow_dict['current-not-detected-flows'] -= 1
|
||||||
|
|
||||||
if shared_flow_dict[flow_id]['is_midstream'] is True:
|
if shared_flow_dict[flow_key]['is_midstream'] is True:
|
||||||
shared_flow_dict['current-midstream-flows'] -= 1
|
shared_flow_dict['current-midstream-flows'] -= 1
|
||||||
|
|
||||||
if shared_flow_dict[flow_id]['is_risky'] > 0:
|
if shared_flow_dict[flow_key]['is_risky'] > 0:
|
||||||
shared_flow_dict['current-risky-flows'] -= 1
|
shared_flow_dict['current-risky-flows'] -= 1
|
||||||
|
|
||||||
if shared_flow_dict[flow_id]['is_risky'] == FLOW_RISK_LOW:
|
if shared_flow_dict[flow_key]['is_risky'] == FLOW_RISK_LOW:
|
||||||
shared_flow_dict['current-risky-flows-low'] -= 1
|
shared_flow_dict['current-risky-flows-low'] -= 1
|
||||||
elif shared_flow_dict[flow_id]['is_risky'] == FLOW_RISK_MEDIUM:
|
elif shared_flow_dict[flow_key]['is_risky'] == FLOW_RISK_MEDIUM:
|
||||||
shared_flow_dict['current-risky-flows-medium'] -= 1
|
shared_flow_dict['current-risky-flows-medium'] -= 1
|
||||||
elif shared_flow_dict[flow_id]['is_risky'] == FLOW_RISK_HIGH:
|
elif shared_flow_dict[flow_key]['is_risky'] == FLOW_RISK_HIGH:
|
||||||
shared_flow_dict['current-risky-flows-high'] -= 1
|
shared_flow_dict['current-risky-flows-high'] -= 1
|
||||||
elif shared_flow_dict[flow_id]['is_risky'] == FLOW_RISK_SEVERE:
|
elif shared_flow_dict[flow_key]['is_risky'] == FLOW_RISK_SEVERE:
|
||||||
shared_flow_dict['current-risky-flows-severe'] -= 1
|
shared_flow_dict['current-risky-flows-severe'] -= 1
|
||||||
|
|
||||||
del shared_flow_dict[current_flow.flow_id]
|
del shared_flow_dict[current_flow.flow_key]
|
||||||
|
|
||||||
return True
|
return True
|
||||||
|
|
||||||
@@ -76,42 +76,53 @@ def nDPIsrvd_worker_onJsonLineRecvd(json_dict, instance, current_flow, global_us
|
|||||||
if 'flow_id' not in json_dict:
|
if 'flow_id' not in json_dict:
|
||||||
return True
|
return True
|
||||||
else:
|
else:
|
||||||
if current_flow.flow_id != json_dict['flow_id']:
|
flow_key = json_dict['alias'] + '-' + json_dict['source'] + '-' + str(json_dict['flow_id'])
|
||||||
return False
|
|
||||||
flow_id = current_flow.flow_id
|
|
||||||
|
|
||||||
if flow_id not in shared_flow_dict:
|
if flow_key not in shared_flow_dict:
|
||||||
shared_flow_dict[flow_id] = mgr.dict()
|
current_flow.flow_key = flow_key
|
||||||
shared_flow_dict[flow_id]['is_detected'] = False
|
shared_flow_dict[flow_key] = mgr.dict()
|
||||||
shared_flow_dict[flow_id]['is_guessed'] = False
|
shared_flow_dict[flow_key]['is_detected'] = False
|
||||||
shared_flow_dict[flow_id]['is_not_detected'] = False
|
shared_flow_dict[flow_key]['is_guessed'] = False
|
||||||
shared_flow_dict[flow_id]['is_midstream'] = False
|
shared_flow_dict[flow_key]['is_not_detected'] = False
|
||||||
shared_flow_dict[flow_id]['is_risky'] = 0
|
shared_flow_dict[flow_key]['is_midstream'] = False
|
||||||
shared_flow_dict[flow_id]['total-l4-bytes'] = 0
|
shared_flow_dict[flow_key]['is_risky'] = 0
|
||||||
|
shared_flow_dict[flow_key]['total-l4-bytes'] = 0
|
||||||
|
|
||||||
shared_flow_dict[flow_id]['json'] = mgr.dict()
|
shared_flow_dict[flow_key]['json'] = mgr.dict()
|
||||||
|
|
||||||
shared_flow_dict['total-flows'] += 1
|
shared_flow_dict['total-flows'] += 1
|
||||||
shared_flow_dict['current-flows'] += 1
|
shared_flow_dict['current-flows'] += 1
|
||||||
|
|
||||||
|
if current_flow.flow_key != flow_key:
|
||||||
|
return False
|
||||||
|
|
||||||
if 'flow_tot_l4_payload_len' in json_dict:
|
if 'flow_tot_l4_payload_len' in json_dict:
|
||||||
shared_flow_dict[flow_id]['total-l4-bytes'] = json_dict['flow_tot_l4_payload_len']
|
shared_flow_dict[flow_key]['total-l4-bytes'] = json_dict['flow_tot_l4_payload_len']
|
||||||
|
|
||||||
if 'midstream' in json_dict and json_dict['midstream'] != 0:
|
if 'midstream' in json_dict and json_dict['midstream'] != 0:
|
||||||
if shared_flow_dict[flow_id]['is_midstream'] is False:
|
if shared_flow_dict[flow_key]['is_midstream'] is False:
|
||||||
shared_flow_dict['total-midstream-flows'] += 1
|
shared_flow_dict['total-midstream-flows'] += 1
|
||||||
shared_flow_dict['current-midstream-flows'] += 1
|
shared_flow_dict['current-midstream-flows'] += 1
|
||||||
shared_flow_dict[flow_id]['is_midstream'] = True
|
shared_flow_dict[flow_key]['is_midstream'] = True
|
||||||
|
|
||||||
if 'ndpi' in json_dict:
|
if 'ndpi' in json_dict:
|
||||||
# XXX: Will make use of that JSON string in Plotly. Soon..
|
shared_flow_dict[flow_key]['json']['ndpi'] = json_dict['ndpi']
|
||||||
shared_flow_dict[flow_id]['json']['ndpi'] = json_dict['ndpi']
|
|
||||||
|
|
||||||
if 'flow_risk' in json_dict['ndpi'] and shared_flow_dict[flow_id]['is_risky'] == 0:
|
if 'flow_risk' in json_dict['ndpi']:
|
||||||
shared_flow_dict['total-risky-flows'] += 1
|
if shared_flow_dict[flow_key]['is_risky'] == 0:
|
||||||
shared_flow_dict['current-risky-flows'] += 1
|
shared_flow_dict['total-risky-flows'] += 1
|
||||||
|
shared_flow_dict['current-risky-flows'] += 1
|
||||||
|
|
||||||
|
severity = shared_flow_dict[flow_key]['is_risky']
|
||||||
|
if severity == FLOW_RISK_LOW:
|
||||||
|
shared_flow_dict['current-risky-flows-low'] -= 1
|
||||||
|
elif severity == FLOW_RISK_MEDIUM:
|
||||||
|
shared_flow_dict['current-risky-flows-medium'] -= 1
|
||||||
|
elif severity == FLOW_RISK_HIGH:
|
||||||
|
shared_flow_dict['current-risky-flows-high'] -= 1
|
||||||
|
elif severity == FLOW_RISK_SEVERE:
|
||||||
|
shared_flow_dict['current-risky-flows-severe'] -= 1
|
||||||
|
|
||||||
severity = shared_flow_dict[flow_id]['is_risky']
|
|
||||||
for key in json_dict['ndpi']['flow_risk']:
|
for key in json_dict['ndpi']['flow_risk']:
|
||||||
if json_dict['ndpi']['flow_risk'][key]['severity'] == 'Low':
|
if json_dict['ndpi']['flow_risk'][key]['severity'] == 'Low':
|
||||||
severity = max(severity, FLOW_RISK_LOW)
|
severity = max(severity, FLOW_RISK_LOW)
|
||||||
@@ -124,15 +135,15 @@ def nDPIsrvd_worker_onJsonLineRecvd(json_dict, instance, current_flow, global_us
|
|||||||
else:
|
else:
|
||||||
raise RuntimeError('Invalid flow risk severity: {}'.format(
|
raise RuntimeError('Invalid flow risk severity: {}'.format(
|
||||||
json_dict['ndpi']['flow_risk'][key]['severity']))
|
json_dict['ndpi']['flow_risk'][key]['severity']))
|
||||||
shared_flow_dict[flow_id]['is_risky'] = severity
|
|
||||||
|
|
||||||
if shared_flow_dict[flow_id]['is_risky'] == FLOW_RISK_LOW:
|
shared_flow_dict[flow_key]['is_risky'] = severity
|
||||||
|
if severity == FLOW_RISK_LOW:
|
||||||
shared_flow_dict['current-risky-flows-low'] += 1
|
shared_flow_dict['current-risky-flows-low'] += 1
|
||||||
elif shared_flow_dict[flow_id]['is_risky'] == FLOW_RISK_MEDIUM:
|
elif severity == FLOW_RISK_MEDIUM:
|
||||||
shared_flow_dict['current-risky-flows-medium'] += 1
|
shared_flow_dict['current-risky-flows-medium'] += 1
|
||||||
elif shared_flow_dict[flow_id]['is_risky'] == FLOW_RISK_HIGH:
|
elif severity == FLOW_RISK_HIGH:
|
||||||
shared_flow_dict['current-risky-flows-high'] += 1
|
shared_flow_dict['current-risky-flows-high'] += 1
|
||||||
elif shared_flow_dict[flow_id]['is_risky'] == FLOW_RISK_SEVERE:
|
elif severity == FLOW_RISK_SEVERE:
|
||||||
shared_flow_dict['current-risky-flows-severe'] += 1
|
shared_flow_dict['current-risky-flows-severe'] += 1
|
||||||
|
|
||||||
if 'flow_event_name' not in json_dict:
|
if 'flow_event_name' not in json_dict:
|
||||||
@@ -140,10 +151,10 @@ def nDPIsrvd_worker_onJsonLineRecvd(json_dict, instance, current_flow, global_us
|
|||||||
|
|
||||||
if json_dict['flow_state'] == 'finished' and \
|
if json_dict['flow_state'] == 'finished' and \
|
||||||
json_dict['ndpi']['proto'] != 'Unknown' and \
|
json_dict['ndpi']['proto'] != 'Unknown' and \
|
||||||
shared_flow_dict[flow_id]['is_detected'] is False:
|
shared_flow_dict[flow_key]['is_detected'] is False:
|
||||||
shared_flow_dict['total-detected-flows'] += 1
|
shared_flow_dict['total-detected-flows'] += 1
|
||||||
shared_flow_dict['current-detected-flows'] += 1
|
shared_flow_dict['current-detected-flows'] += 1
|
||||||
shared_flow_dict[flow_id]['is_detected'] = True
|
shared_flow_dict[flow_key]['is_detected'] = True
|
||||||
|
|
||||||
if json_dict['flow_event_name'] == 'new':
|
if json_dict['flow_event_name'] == 'new':
|
||||||
|
|
||||||
@@ -165,19 +176,19 @@ def nDPIsrvd_worker_onJsonLineRecvd(json_dict, instance, current_flow, global_us
|
|||||||
|
|
||||||
shared_flow_dict['total-flow-guessed-events'] += 1
|
shared_flow_dict['total-flow-guessed-events'] += 1
|
||||||
|
|
||||||
if shared_flow_dict[flow_id]['is_guessed'] is False:
|
if shared_flow_dict[flow_key]['is_guessed'] is False:
|
||||||
shared_flow_dict['total-guessed-flows'] += 1
|
shared_flow_dict['total-guessed-flows'] += 1
|
||||||
shared_flow_dict['current-guessed-flows'] += 1
|
shared_flow_dict['current-guessed-flows'] += 1
|
||||||
shared_flow_dict[flow_id]['is_guessed'] = True
|
shared_flow_dict[flow_key]['is_guessed'] = True
|
||||||
|
|
||||||
elif json_dict['flow_event_name'] == 'not-detected':
|
elif json_dict['flow_event_name'] == 'not-detected':
|
||||||
|
|
||||||
shared_flow_dict['total-flow-not-detected-events'] += 1
|
shared_flow_dict['total-flow-not-detected-events'] += 1
|
||||||
|
|
||||||
if shared_flow_dict[flow_id]['is_not_detected'] is False:
|
if shared_flow_dict[flow_key]['is_not_detected'] is False:
|
||||||
shared_flow_dict['total-not-detected-flows'] += 1
|
shared_flow_dict['total-not-detected-flows'] += 1
|
||||||
shared_flow_dict['current-not-detected-flows'] += 1
|
shared_flow_dict['current-not-detected-flows'] += 1
|
||||||
shared_flow_dict[flow_id]['is_not_detected'] = True
|
shared_flow_dict[flow_key]['is_not_detected'] = True
|
||||||
|
|
||||||
elif json_dict['flow_event_name'] == 'detected' or \
|
elif json_dict['flow_event_name'] == 'detected' or \
|
||||||
json_dict['flow_event_name'] == 'detection-update':
|
json_dict['flow_event_name'] == 'detection-update':
|
||||||
@@ -187,15 +198,15 @@ def nDPIsrvd_worker_onJsonLineRecvd(json_dict, instance, current_flow, global_us
|
|||||||
else:
|
else:
|
||||||
shared_flow_dict['total-flow-detected-events'] += 1
|
shared_flow_dict['total-flow-detected-events'] += 1
|
||||||
|
|
||||||
if shared_flow_dict[flow_id]['is_detected'] is False:
|
if shared_flow_dict[flow_key]['is_detected'] is False:
|
||||||
shared_flow_dict['total-detected-flows'] += 1
|
shared_flow_dict['total-detected-flows'] += 1
|
||||||
shared_flow_dict['current-detected-flows'] += 1
|
shared_flow_dict['current-detected-flows'] += 1
|
||||||
shared_flow_dict[flow_id]['is_detected'] = True
|
shared_flow_dict[flow_key]['is_detected'] = True
|
||||||
|
|
||||||
if shared_flow_dict[flow_id]['is_guessed'] is True:
|
if shared_flow_dict[flow_key]['is_guessed'] is True:
|
||||||
shared_flow_dict['total-guessed-flows'] -= 1
|
shared_flow_dict['total-guessed-flows'] -= 1
|
||||||
shared_flow_dict['current-guessed-flows'] -= 1
|
shared_flow_dict['current-guessed-flows'] -= 1
|
||||||
shared_flow_dict[flow_id]['is_guessed'] = False
|
shared_flow_dict[flow_key]['is_guessed'] = False
|
||||||
|
|
||||||
return True
|
return True
|
||||||
|
|
||||||
|
|||||||
@@ -29,23 +29,22 @@ def set_attr_if_not_set(some_object, attr_name, value):
|
|||||||
setattr(some_object, attr_name, value)
|
setattr(some_object, attr_name, value)
|
||||||
|
|
||||||
class Stats:
|
class Stats:
|
||||||
last_status_length = 0
|
|
||||||
avg_xfer_json_bytes = 0.0
|
|
||||||
expired_tot_l4_payload_len = 0
|
|
||||||
expired_avg_l4_payload_len = 0
|
|
||||||
total_flows = 0
|
|
||||||
risky_flows = 0
|
|
||||||
midstream_flows = 0
|
|
||||||
guessed_flows = 0
|
|
||||||
not_detected_flows = 0
|
|
||||||
start_time = 0.0
|
|
||||||
current_time = 0.0
|
|
||||||
json_lines = 0
|
|
||||||
spinner_state = 0
|
|
||||||
|
|
||||||
def __init__(self, nDPIsrvd_sock):
|
def __init__(self, nDPIsrvd_sock):
|
||||||
self.start_time = time.time()
|
self.start_time = time.time()
|
||||||
self.nsock = nDPIsrvd_sock
|
self.nsock = nDPIsrvd_sock
|
||||||
|
self.last_status_length = 0
|
||||||
|
self.avg_xfer_json_bytes = 0.0
|
||||||
|
self.expired_tot_l4_payload_len = 0
|
||||||
|
self.expired_avg_l4_payload_len = 0
|
||||||
|
self.total_flows = 0
|
||||||
|
self.risky_flows = 0
|
||||||
|
self.midstream_flows = 0
|
||||||
|
self.guessed_flows = 0
|
||||||
|
self.not_detected_flows = 0
|
||||||
|
self.current_time = 0.0
|
||||||
|
self.json_lines = 0
|
||||||
|
self.spinner_state = 0
|
||||||
|
|
||||||
def updateSpinner(self):
|
def updateSpinner(self):
|
||||||
if self.current_time + 0.25 <= time.time():
|
if self.current_time + 0.25 <= time.time():
|
||||||
|
|||||||
@@ -10,9 +10,11 @@ import nDPIsrvd
|
|||||||
from nDPIsrvd import nDPIsrvdSocket, TermColor
|
from nDPIsrvd import nDPIsrvdSocket, TermColor
|
||||||
|
|
||||||
class Stats:
|
class Stats:
|
||||||
lines_processed = 0
|
|
||||||
print_dot_every = 10
|
def __init__(self):
|
||||||
print_nmb_every = print_dot_every * 5
|
self.lines_processed = 0
|
||||||
|
self.print_dot_every = 10
|
||||||
|
self.print_nmb_every = self.print_dot_every * 5
|
||||||
|
|
||||||
def onJsonLineRecvd(json_dict, instance, current_flow, global_user_data):
|
def onJsonLineRecvd(json_dict, instance, current_flow, global_user_data):
|
||||||
validation_done = nDPIsrvd.validateAgainstSchema(json_dict)
|
validation_done = nDPIsrvd.validateAgainstSchema(json_dict)
|
||||||
|
|||||||
@@ -10,15 +10,14 @@ import nDPIsrvd
|
|||||||
from nDPIsrvd import nDPIsrvdSocket, TermColor
|
from nDPIsrvd import nDPIsrvdSocket, TermColor
|
||||||
|
|
||||||
class Stats:
|
class Stats:
|
||||||
event_counter = dict()
|
|
||||||
|
|
||||||
lines_processed = 0
|
|
||||||
print_dot_every = 10
|
|
||||||
print_nmb_every = print_dot_every * 5
|
|
||||||
|
|
||||||
def __init__(self, nDPIsrvd_sock):
|
def __init__(self, nDPIsrvd_sock):
|
||||||
self.resetEventCounter()
|
|
||||||
self.nsock = nDPIsrvd_sock
|
self.nsock = nDPIsrvd_sock
|
||||||
|
self.event_counter = dict()
|
||||||
|
self.resetEventCounter()
|
||||||
|
self.lines_processed = 0
|
||||||
|
self.print_dot_every = 10
|
||||||
|
self.print_nmb_every = self.print_dot_every * 5
|
||||||
|
|
||||||
def resetEventCounter(self):
|
def resetEventCounter(self):
|
||||||
keys = ['init','reconnect','shutdown','status', \
|
keys = ['init','reconnect','shutdown','status', \
|
||||||
|
|||||||
Reference in New Issue
Block a user