nDPId consumer implementation

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for mrx8 from gravatar.com mrx8

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: European Union Public Licence 1.2 (EUPL 1.2) (GNU GENERAL PUBLIC LICENSE Version 3, 29 June 2007 Copyright (C) 2007 Free Software Foundation, Inc...)
  • Author: Stefan Machmeier
  • Requires: Python >=3.6
Classifiers
Report project as malware

Project description

heiFIP Logo

nDPId Docker Image for deep packet inspection. As described in nDPId, we split the image into producer and consumer image for a more generic purpose. For the producer, the image starts the UNIX and UDP socket and nDPId respectively. Via environment variables, users can adapt the nDPId daemon and nDPIsrvd. As by now, we support all current nDPId parameters.

Live Notebook live notebook
Latest Release latest release
Supported Versions python3 pypy3
Project License License
Continuous Integration Linux WorkFlows Docker WorkFlows

Getting Started

Install using PyPi:

pip install heiDPI

Use the CLI for quick usage:

> heiDPI -h
usage: heiDPI [-h] [--host HOST | --unix UNIX] [--port PORT] [--write WRITE] [--config CONFIG] [--show-daemon-events SHOW_DAEMON_EVENTS] [--show-packet-events SHOW_PACKET_EVENTS] [--show-error-events SHOW_ERROR_EVENTS] [--show-flow-events SHOW_FLOW_EVENTS]

heiDPI Python Interface

options:
  -h, --help            show this help message and exit
  --host HOST           nDPIsrvd host IP (default: None)
  --unix UNIX           nDPIsrvd unix socket path (default: None)
  --port PORT           nDPIsrvd TCP port (default: 7000)
  --write WRITE         heiDPI write path for logs (default: /var/log)
  --config CONFIG       heiDPI write path for logs (default: /home/smachmeier/projects/emcl/heiDPI/config.yml)
  --show-daemon-events SHOW_DAEMON_EVENTS
                        heiDPI shows daemon events (default: 0)
  --show-packet-events SHOW_PACKET_EVENTS
                        heiDPI shows packet events (default: 0)
  --show-error-events SHOW_ERROR_EVENTS
                        heiDPI shows error events (default: 0)
  --show-flow-events SHOW_FLOW_EVENTS
                        heiDPI shows flow events (default: 0)

Prerequisities

In order to run this container you'll need docker installed.

Usage

Pull images:

docker pull stefan96/heidpi-producer:main
docker pull stefan96/heidpi-consumer:main

Run producer and consumer separately from each other using UDP socket:

docker run -p 127.0.0.1:7000:7000 --net host stefan96/heidpi-producer:main
docker run -e HOST=127.0.0.1 --net host stefan96/heidpi-consumer:main

or use the docker-compose.yml:

docker-compose up

Additionally, you use a UNIX socket:

docker run -v ${PWD}/heidpi-data:/tmp/ --net host stefan96/heidpi-producer:main
docker run -v ${PWD}/heidpi-data:/tmp/ -v ${PWD}/heidpi-logs:/var/log -e UNIX=/tmp/nDPIsrvd-daemon-distributor.sock --net host stefan96/heidpi-consumer:main

Environment Variables

Consumer

Variable Type Default
UNIX string
HOST string
PORT int 7000
JSON_PATH string /var/log/nDPIdsrvd.json
SHOW_ERROR_EVENTS int 0
SHOW_DAEMON_EVENTS int 0
SHOW_PACKET_EVENTS int 0
SHOW_FLOW_EVENTS int 1
MAX_BUFFERED_LINES int 1024

Config file

You can change the default configuration by mounting a config file /usr/src/app/config.yml:

flow_event:
  ignore_fields: []
  flow_event_name:
    - update
    - end
    - idle
    - detected
  filename: flow_event
  threads: 25

License

This project is licensed under the GPL-3.0 license - see the LICENSE.md file for details.

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for mrx8 from gravatar.com mrx8

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: European Union Public Licence 1.2 (EUPL 1.2) (GNU GENERAL PUBLIC LICENSE Version 3, 29 June 2007 Copyright (C) 2007 Free Software Foundation, Inc...)
  • Author: Stefan Machmeier
  • Requires: Python >=3.6
Classifiers

Release history Release notifications | RSS feed

This version

1.3.0

1.2.0

0.0.1

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

heidpi-1.3.0.tar.gz (191.2 kB view details)

Uploaded Source

Built Distribution

heidpi-1.3.0-py3-none-any.whl (39.7 kB view details)

Uploaded Python 3

File details

Details for the file heidpi-1.3.0.tar.gz.

File metadata

  • Download URL: heidpi-1.3.0.tar.gz
  • Upload date:
  • Size: 191.2 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/4.0.2 CPython/3.9.18

File hashes

Hashes for heidpi-1.3.0.tar.gz
Algorithm Hash digest
SHA256 2ea20b32464cfeb762a6334ae7fe76bb49d1bbf72337fa4ca846138691b7608b
MD5 1190fcaea84886521137115fedd9b78a
BLAKE2b-256 cc4e064f166cf6f0d478a574efe5999d520cad1147aba88c5ae57ed1072fa76d

See more details on using hashes here.

File details

Details for the file heidpi-1.3.0-py3-none-any.whl.

File metadata

  • Download URL: heidpi-1.3.0-py3-none-any.whl
  • Upload date:
  • Size: 39.7 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/4.0.2 CPython/3.9.18

File hashes

Hashes for heidpi-1.3.0-py3-none-any.whl
Algorithm Hash digest
SHA256 d199a69f3cf0e432c6ec61b899fcaa7a4be154442b1db9885a6442e290b953cc
MD5 b1cecace95f27a2fe8db32f5ee9195f3
BLAKE2b-256 d577128c33ac26beb24327d4a0893b31e1e69927d48f8ec763ed168dc1caac36

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page