Wait I will give you more details
See that line
it's the main loop
and here is The None we receive when there is no packets
we use this cycles to clean cache and stuff
or other high speed appliance
you will have such behavior
it's active polling
Clearly
See this article
It explain clearly why we use active polling
you can add usleep(1)
if you want
but that will results in more drops
@Lyonid_gitlab You must upgrade to version 6.1.1 where we implemented this feature for live capture.
- performance_report=N will print every N seconds performance metrics (https://github.com/nfstream/nfstream/blob/master/assets/PERFORMANCE_REPORT.md).
- To limit drops, you must set n_meters to 0 (default value). Note that processes will consume CPU only when packets are there (No busy-wait anymore, so fixed your previous issue).
- NFStream now supports AF_PACKETv3 + FANOUT on Linux machines.
- Before considering more powerful hardware, make sure to test with Pypy3 instead of CPython as it is faster.
It's Say Like This :
Process Process-2:
Traceback (most recent call last):
File "/usr/lib/python3.6/multiprocessing/process.py", line 258, in _bootstrap
self.run()
File "/usr/lib/python3.6/multiprocessing/process.py", line 93, in run
self._target(self._args, *self._kwargs)
File "/usr/local/lib/python3.6/dist-packages/nfstream/meter.py", line 185, in meter_workflow
set_affinity(root_idx+1)
File "/usr/local/lib/python3.6/dist-packages/nfstream/utils.py", line 103, in set_affinity
psutil.Process().cpu_affinity(list(temp[mask]))
IndexError: list index out of range
I Have Tried Pcap From NFStream and got same error
hello i'm investigating the use of nfstream for some analysis of multicast data. I will need to be able to extract the sequence number out of each multicast packet (i know how to decode sequence number, given a byte buffer), but could someone point me in the direction of how i might write the "plugin" for this? I think it will be a plugin to the NDPI side of things. thank you very much! :-)
oops, rtfm gjvc https://hub.gke2.mybinder.org/user/aouinizied-nfstream-tutorials-gxx0u37t/notebooks/demo_notebook.ipynb has a small example
feel free to open a PR with your plugin (once done) if you think it is possible to share it with the community.
the bytes buffer starting from IP header is available on the NFPAcket that NFStream will pass to your Plugin
you can prototype in a fast way as a Plugin for NFstream, once you are sure everything is working as you want
you can pass it to nDPI side
and it will be automatically integrated in NFStream
second option is interesting if you care about performances
but as you will run it with PyPy and your Plugin is pure Python, I think it's too early to think about that
Hi! Do you have any idea why this is happening?
All other attributes work fine. But from documentation flow object should have src_mac attribute