Various additions...

dpi

@@ -13,7 +13,7 @@ logging.basicConfig(filename="/tmp/dpi.log",
                     filemode='a',
                     format='%(asctime)s,%(msecs)d %(name)s %(levelname)s %(message)s',
                     datefmt='%Y-%m-%d %H:%M:%S',
-                    level=logging.INFO)
+                    level=logging.WARNING)
 
 log=logging.getLogger("NexDPI")
 
@@ -59,7 +59,13 @@ templconf = """
         "timeout": "3600",
         "knowstarts":"TLS"
      }
-  }
+  },
+
+  "Ignore": [
+     ["DHCPv6", "Network"],
+     ["DHCP", "Network"]
+  ]
+
 }
 """
 
@@ -76,11 +82,23 @@ except:
 
 Cats = R['Cats']
 Apps = R['Apps']
+Ignore = list(R['Ignore'])
+
+if 'Log' in R.keys():
+   if R['Log'] == 'DEBUG':
+      log.setLevel(logging.DEBUG)
+   elif R['Log'] == "INFO":
+      log.setLevel(logging.INFO)
+   elif R['Log'] == "WARNING":
+      log.setLevel(logging.WARNING)
+   elif R['Log'] == "ERROR":
+      log.setLevel(logging.ERROR)
 
 
 def reloadconf(signum, frame):
    global Cats
    global Apps
+   global Ignore
 
    try:
       fconf = open("/etc/nexdpi/dpirules.json", "r")
@@ -88,7 +106,18 @@ def reloadconf(signum, frame):
       fconf.close()
       Cats = R['Cats']
       Apps = R['Apps']
-      log.info("Rules file reloaded")
+      Ignore = list(R['Ignore'])
+      if 'Log' in R.keys():
+         if R['Log'] == 'DEBUG':
+            log.setLevel(logging.DEBUG)
+         elif R['Log'] == "INFO":
+            log.setLevel(logging.INFO)
+         elif R['Log'] == "WARNING":
+            log.setLevel(logging.WARNING)
+         elif R['Log'] == "ERROR":
+            log.setLevel(logging.ERROR)
+
+      log.warning("Rules file reloaded")
    except:
       log.error("Error loading rules file.")
 
@@ -96,9 +125,6 @@ def reloadconf(signum, frame):
 
 signal.signal(signal.SIGHUP, reloadconf)
 
-Cats = R['Cats']
-Apps = R['Apps']
-
 UnknownMatch=[]
 
 
@@ -148,11 +174,9 @@ NFlow(id=5,
 class NexDPI():
 
    fullname=False
-   isknown=False
-
 
    def main(self):
-      log.info("NexDPI started")
+      log.warning("NexDPI started")
       for flow in online_streamer:
 
          managed=False
@@ -163,7 +187,11 @@ class NexDPI():
          sername = aname.split(".")[-1:][0]
          ipv=flow.ip_version
 
-         log.info("RECEIVED: "+cname+" "+aname+" "+sername)
+         log.debug("RECEIVED: "+cname+" "+aname+" "+sername)
+
+         if [aname, cname] in list(Ignore):
+            log.debug("IGNORED: "+self.fullname)
+            continue
 
          if sername in list(Apps.keys()):
             appd=Apps[sername]
@@ -183,7 +211,6 @@ class NexDPI():
                ipset_list = Cats[cname]['ipset']+"6"
             else:
                ipset_list = Cats[cname]['ipset']
-            log.debug("CHECKCATEGORY: "+str(tuple(Cats[cname]['nostart'])))
             if not aname.startswith(tuple(Cats[cname]['nostart'])) and not sername in list(Cats[cname]['noapps']):
                managed=True
                sh("ipset add "+ipset_list+" "+triplet+" timeout "+Cats[cname]['timeout']+" --exist > /dev/null 2>&1")
@@ -191,10 +218,20 @@ class NexDPI():
                if sername in list(Cats[cname]['knownapps']):
                   continue 
 
-
-         # this will 
          if self.fullname and not self.fullname in UnknownMatch:
-            log.warning("UNKNOWN: "+self.fullname)
+            log.warning("UNKNOWN("+str(managed)+"): "+self.fullname)
+            f = open("/tmp/dpi.unknown", "a")
+            f2 = open("/tmp/dpi.ignore.unknown", "a")
+            f.write(aname+" "+cname+"\n")
+            f2.write("    [\""+aname+"\",\""+cname+"\"],\n")
+            f.close()
+            f2.close()
+            if managed:
+               log.warning("MANAGED_UNKNOWN: "+self.fullname)
+               f = open("/tmp/dpi.managed.unknown", "a")
+               f.write(aname+" "+cname+"\n")
+               f.close()
+
             UnknownMatch.append(self.fullname)
 
          #time.sleep(0.1)