def on_packet_received(self, packet):
count = 0
direction = PacketDirection.FORWARD
if self.output_mode != 'flow':
if TLS not in packet:
return
if TLSApplicationData not in packet:
return
if len(packet[TLSApplicationData]) < 40:
# PING frame (len = 34) or other useless frames
return
self.packets_count += 1
# Creates a key variable to check
packet_flow_key = get_packet_flow_key(packet, direction)
flow = self.flows.get((packet_flow_key, count))
# If there is no forward flow with a count of 0
if flow is None:
# There might be one of it in reverse
direction = PacketDirection.REVERSE
packet_flow_key = get_packet_flow_key(packet, direction)
flow = self.flows.get((packet_flow_key, count))
if flow is None:
# If no flow exists create a new flow
direction = PacketDirection.FORWARD
flow = Flow(packet, direction)
packet_flow_key = get_packet_flow_key(packet, direction)
self.flows[(packet_flow_key, count)] = flow
elif (packet.time - flow.latest_timestamp) > EXPIRED_UPDATE:
# If the packet exists in the flow but the packet is sent
# after too much of a delay than it is a part of a new flow.
expired = EXPIRED_UPDATE
while (packet.time - flow.latest_timestamp) > expired:
count += 1
expired += EXPIRED_UPDATE
flow = self.flows.get((packet_flow_key, count))
if flow is None:
flow = Flow(packet, direction)
self.flows[(packet_flow_key, count)] = flow
break
elif (packet.time - flow.latest_timestamp) > EXPIRED_UPDATE:
expired = EXPIRED_UPDATE
while (packet.time - flow.latest_timestamp) > expired:
count += 1
expired += EXPIRED_UPDATE
flow = self.flows.get((packet_flow_key, count))
if flow is None:
flow = Flow(packet, direction)
self.flows[(packet_flow_key, count)] = flow
break
flow.add_packet(packet, direction)
if self.packets_count % 10000 == 0 or (flow.duration > 120
and self.output_mode == 'flow'):
print('Packet count: {}'.format(self.packets_count))
self.garbage_collect(packet.time)
