scottk/nDPId
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/nDPId.git synced 2025-11-01 02:37:48 +00:00
Code Issues Packages Projects Releases Wiki Activity

flow-info.py: Do not print any information if a flow is "empty" meaning no L4 payload seen so far.

Browse Source 
* added JsonDecodeError to provide more information if builtin JSON decoder fails

Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
This commit is contained in:
Toni Uhlig
2023-11-24 10:41:26 +01:00
parent a5dcc17396
commit d274a06176
2 changed files with 17 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
dependencies/nDPIsrvd.py vendored
View File

@@ -295,6 +295,7 @@ class nDPIsrvdException(Exception):
INVALID_LINE_RECEIVED = 4 INVALID_LINE_RECEIVED = 4
CALLBACK_RETURNED_FALSE = 5 CALLBACK_RETURNED_FALSE = 5
SOCKET_TIMEOUT = 6 SOCKET_TIMEOUT = 6
JSON_DECODE_ERROR = 7
def __init__(self, etype): def __init__(self, etype):
self.etype = etype self.etype = etype
@@ -341,6 +342,14 @@ class SocketTimeout(nDPIsrvdException):
def __str__(self): def __str__(self):
return 'Socket timeout.' return 'Socket timeout.'
class JsonDecodeError(nDPIsrvdException):
def __init__(self, json_exception, failed_line):
super().__init__(nDPIsrvdException.JSON_DECODE_ERROR)
self.json_exception = json_exception
self.failed_line = failed_line
def __str__(self):
return '{}: {}'.format(self.json_exception, self.failed_line)
class JsonFilter(): class JsonFilter():
def __init__(self, filter_string): def __init__(self, filter_string):
self.filter_string = filter_string self.filter_string = filter_string
@@ -456,7 +465,7 @@ class nDPIsrvdSocket:
json_dict = dict() json_dict = dict()
self.failed_lines += [received_line] self.failed_lines += [received_line]
self.lines = self.lines[1:] self.lines = self.lines[1:]
raise(e) raise JsonDecodeError(e, received_line)
instance = self.flow_mgr.getInstance(json_dict) instance = self.flow_mgr.getInstance(json_dict)
if instance is None: if instance is None:

7
examples/py-flow-info/flow-info.py
View File

@@ -498,6 +498,11 @@ def onJsonLineRecvd(json_dict, instance, current_flow, global_user_data):
if args.print_hostname is True: if args.print_hostname is True:
line_suffix += '[{}]'.format(json_dict['ndpi']['hostname']) line_suffix += '[{}]'.format(json_dict['ndpi']['hostname'])
if args.skip_empty is True:
if json_dict['flow_src_tot_l4_payload_len'] == 0 or json_dict['flow_dst_tot_l4_payload_len'] == 0:
stats.printStatus()
return True
if args.print_bytes is True: if args.print_bytes is True:
src_color = '' src_color = ''
dst_color = '' dst_color = ''
@@ -566,6 +571,8 @@ if __name__ == '__main__':
help='Print received/transmitted source/dest bytes for every flow.') help='Print received/transmitted source/dest bytes for every flow.')
argparser.add_argument('--print-packets', action='store_true', default=False, argparser.add_argument('--print-packets', action='store_true', default=False,
help='Print received/transmitted source/dest packets for every flow.') help='Print received/transmitted source/dest packets for every flow.')
argparser.add_argument('--skip-empty', action='store_true', default=False,
help='Do not print flows that did not carry any layer7 payload.')
argparser.add_argument('--guessed', action='store_true', default=False, help='Print only guessed flow events.') argparser.add_argument('--guessed', action='store_true', default=False, help='Print only guessed flow events.')
argparser.add_argument('--not-detected', action='store_true', default=False, help='Print only undetected flow events.') argparser.add_argument('--not-detected', action='store_true', default=False, help='Print only undetected flow events.')
argparser.add_argument('--detected', action='store_true', default=False, help='Print only detected flow events.') argparser.add_argument('--detected', action='store_true', default=False, help='Print only detected flow events.')