Comments (2)
amm3
commented on June 4, 2024
The followstream decoder itself isn't involved in stream reassembly and/or connection tracking. These functions are handled in lib/dshell.py (the core dshell library).
That said, my guess is that your scenario is explained by an incomplete capture. Dshell by default only processes TCP streams wherein it can track the TCP handshake (SYN-SYNACK-ACK). If your capture contains "mid-stream" packets, those would basically be ignored.
To change this behavior use the "ignore_handshake" decoder option. This is option is somewhat global but is attached to the decoder itself, so you have to invoke it with the encoder prefix. Therefore in followstream, you would add the command-line option: --followstream_ignore_handshake
from dshell.
dek443
commented on June 4, 2024
The Python 2 version of Dshell is now deprecated and frozen as Release v2.4.10. We are closing all Pull Requests and Issues associated with that version, as Dshell development has shifted to the current version for Python 3. Thank you for your support.
from dshell.
Related Issues (20)
- Captureing network traffic and MaxMind GeoLite databases HOT 12
- Deprecation warning running decode HOT 1
- VLAN Wrapper Not Applied to Pcapy Reader HOT 2
- Multiprocessing AttributeError bug
- No results running live capture's plugins on interfaces HOT 7
- Blob handling HOT 4
- module 'distutils.sysconfig' has no attribute '_init_posix' HOT 1
- When I run the capture in interface mode (i.e. -i) I dont get output untill i CTRL+C HOT 3
- Bug in large-flows.py decoder HOT 2
- How to compile and run on MAC OSX HOT 5
- Fedora 21 runtime error HOT 2
- Rip-http decoder crashing
- Dshell Install Error in Arch Linux HOT 2
- https://github.com/kbandla/dpkt HOT 2
- Gentoo PRE-ALPHA Ebuild HOT 3
- setup.py, Python Distutils HOT 4
- strip layers for pppoe and other layer HOT 5
- Why the software history was not kept? HOT 3
- Error in decoders nbns and reseserverips HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from dshell.