vrr/nDPI
2
0
Fork 0
mirror of https://github.com/vel21ripn/nDPI.git synced 2026-04-29 07:29:39 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 6

Changed output for the sharkfest lua scripts

Browse source
This commit is contained in:
Matteo Biscosi 2021-06-11 11:00:06 +02:00
parent 6704649a75
commit a01a2b7443
4 changed files with 180 additions and 19 deletions
Download patch file Download diff file Expand all files Collapse all files

12
wireshark/sharkfest_scripts/dns_request_reply_ratio.lua
View file

@ -20,7 +20,7 @@ end
--############################################
local function processResponse(dns_table, req_or_rep, src, dst)
local key = src .. "->" .. dst
local key = src .. " -> " .. dst
-- Create the table entry if needed
if not dns_table[key] then
@ -114,13 +114,13 @@ local function dnsReqRepRatio()
end
if #dangerous_flows > 0 then
tw:append("------------- DETECTED DNS REQUEST/REPLY RATIO -------------\n")
tw:append("------------- TOT SUSPICIOUS FLOWS DETECTED: " .. #dangerous_flows .. " -------------\n")
tw:append("------------- DETECTED DNS REQUEST/REPLY RATIO -------------\n"\n)
tw:append("TOT SUSPICIOUS FLOWS DETECTED:\t" .. #dangerous_flows .. " -------------\n")
else
tw:append("------------- DNS REQUEST/REPLY RATIO SEEMS FINE -------------\n")
tw:append("------------- DNS REQUEST/REPLY RATIO SEEMS FINE -------------\n\n")
end
tw:append("------------- TOTAL DNS FLOWS DETECTED: " .. #dangerous_flows + #ok_flows .. " -------------\n\n")
tw:append("TOTAL DNS FLOWS DETECTED:\t\t" .. #dangerous_flows + #ok_flows .. " -------------\n\n")
for _, data in pairs(dangerous_flows) do
local flow = data["flow"]
@ -128,7 +128,7 @@ local function dnsReqRepRatio()
local replies = data["replies"]
local ratio = data["ratio"]
tw:append(flow .. ":\n\tRatio: " .. (ratio) .. "\n\tRequests: " .. requests .. "\n\tReplies: " .. replies .. "\n\n");
tw:append(flow .. ":\n\tRatio:\t\t" .. (ratio) .. "\n\tRequests:\t\t" .. requests .. "\n\tReplies:\t\t" .. replies .. "\n\n");
end
end