vrr/nfstream
2
0
Fork 0
mirror of https://github.com/nfstream/nfstream.git synced 2026-05-20 01:01:34 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Minor improvements.

Browse source
This commit is contained in:
aouinizied 2020-10-21 02:17:14 +02:00
parent b6b084c12e
commit 4d875593e2
3 changed files with 22 additions and 11 deletions
Download patch file Download diff file Expand all files Collapse all files

24
README.md
View file

@ -129,7 +129,7 @@ my_streamer = NFStreamer(source="facebook.pcap", # or network interface
bpf_filter=None,
promiscuous_mode=True,
snapshot_length=1536,
idle_timeout=15,
idle_timeout=120,
active_timeout=1800,
accounting_mode=0,
udps=None,
@ -149,10 +149,12 @@ for flow in my_streamer:
NFlow(id=0,
expiration_id=0,
src_ip='192.168.43.18',
src_ip_is_private=1,
src_mac='30:52:cb:6c:9c:1b',
src_oui='30:52:cb',
src_port=52066,
dst_ip='66.220.156.68',
dst_ip_is_private=0,
dst_mac='98:0c:82:d3:3c:7c',
dst_oui='98:0c:82',
dst_port=443,
protocol=6,
ip_version=4,
@ -203,10 +205,12 @@ for flow in my_streamer:
NFlow(id=0,
expiration_id=0,
src_ip='192.168.43.18',
src_ip_is_private=1,
src_mac='30:52:cb:6c:9c:1b',
src_oui='30:52:cb',
src_port=52066,
dst_ip='66.220.156.68',
dst_ip_is_private=0,
dst_mac='98:0c:82:d3:3c:7c',
dst_oui='98:0c:82',
dst_port=443,
protocol=6,
ip_version=4,
@ -298,10 +302,12 @@ for flow in my_streamer:
NFlow(id=0,
expiration_id=0,
src_ip='192.168.43.18',
src_ip_is_private=1,
src_mac='30:52:cb:6c:9c:1b',
src_oui='30:52:cb',
src_port=52066,
dst_ip='66.220.156.68',
dst_ip_is_private=0,
dst_mac='98:0c:82:d3:3c:7c',
dst_oui='98:0c:82',
dst_port=443,
protocol=6,
ip_version=4,
@ -334,7 +340,7 @@ NFStream natively supports Pandas as export interface.
```python
# See documentation for more details.
# https://www.nfstream.org/docs/api#pandas-dataframe-conversion
my_dataframe = NFStreamer(source='facebook.pcap').to_pandas(ip_anonymization=False)
my_dataframe = NFStreamer(source='facebook.pcap').to_pandas(columns_to_anonymize=[])
my_dataframe.head(5)
```
@ -347,7 +353,7 @@ NFStream natively supports CSV file format as export interface.
# https://www.nfstream.org/docs/api#csv-file-conversion
flows_count = NFStreamer(source='facebook.pcap').to_csv(path=None,
flows_per_file=0,
ip_anonymization=False)
olumns_to_anonymize=[])
```
### Extending NFStream

4
nfstream/streamer.py
View file

@ -40,8 +40,8 @@ class NFStreamer(object):
bpf_filter=None,
promiscuous_mode=True,
snapshot_length=1536,
idle_timeout=60,
active_timeout=300,
idle_timeout=120, # https://www.kernel.org/doc/Documentation/networking/nf_conntrack-sysctl.txt
active_timeout=1800,
accounting_mode=0,
udps=None,
n_dissections=20,

5
tests.py
View file

@ -279,8 +279,12 @@ class TestMethods(unittest.TestCase):
self.assertEqual(flow.id, 0)
self.assertEqual(flow.expiration_id, 0)
self.assertEqual(flow.src_ip, '172.31.3.224')
self.assertEqual(flow.src_mac, '80:c6:ca:00:9e:9f')
self.assertEqual(flow.src_oui, '80:c6:ca')
self.assertEqual(flow.src_port, 42835)
self.assertEqual(flow.dst_ip, '216.58.212.100')
self.assertEqual(flow.dst_mac, '00:0e:8e:4d:b4:a8')
self.assertEqual(flow.dst_oui, '00:0e:8e')
self.assertEqual(flow.dst_port, 443)
self.assertEqual(flow.protocol, 6)
self.assertEqual(flow.ip_version, 4)
@ -472,6 +476,7 @@ class TestMethods(unittest.TestCase):
n_meters=int(os.getenv('MAX_NFMETERS', 0)),
udps=MDNS()
).to_pandas().sort_values(by=['src_ip']).reset_index(drop=True)
print(mdns_df["udps.mdns_ptr"][0])
self.assertEqual(mdns_df["udps.mdns_ptr"][0], "['skynet.local', "
"'skynet [00:1a:ef:17:c3:05]._workstation._tcp.local', "
"'recombinator_mpd._mpd._tcp.local', '_mpd._tcp.local', "