health check and double print
This commit is contained in:
whaffman
parent
dd37f802d8
commit
2735b2ef15
@ -14,7 +14,7 @@ services:
|
|||||||
interval: 5s
|
interval: 5s
|
||||||
timeout: 3s
|
timeout: 3s
|
||||||
retries: 3
|
retries: 3
|
||||||
start_period: 10s
|
start_period: 3s
|
||||||
|
|
||||||
|
|
||||||
ftp-client:
|
ftp-client:
|
||||||
@ -40,7 +40,7 @@ services:
|
|||||||
interval: 5s
|
interval: 5s
|
||||||
timeout: 3s
|
timeout: 3s
|
||||||
retries: 3
|
retries: 3
|
||||||
start_period: 10s
|
start_period: 3s
|
||||||
|
|
||||||
inquisitor:
|
inquisitor:
|
||||||
container_name: inquisitor
|
container_name: inquisitor
|
||||||
|
|||||||
@ -39,7 +39,7 @@ def ftp_packet_callback(packet):
|
|||||||
This function would handle FTP packets, if needed.
|
This function would handle FTP packets, if needed.
|
||||||
"""
|
"""
|
||||||
if packet.haslayer('IP') and packet.haslayer('TCP'):
|
if packet.haslayer('IP') and packet.haslayer('TCP'):
|
||||||
if packet['TCP'].dport == 21 or packet['TCP'].sport == 21:
|
if packet['TCP'].dport == 21:
|
||||||
if b"RETR" in bytes(packet['TCP'].payload):
|
if b"RETR" in bytes(packet['TCP'].payload):
|
||||||
# Extract filename from FTP RETR command
|
# Extract filename from FTP RETR command
|
||||||
payload = bytes(packet['TCP'].payload).decode(errors='ignore')
|
payload = bytes(packet['TCP'].payload).decode(errors='ignore')
|
||||||
@ -48,8 +48,7 @@ def ftp_packet_callback(packet):
|
|||||||
idx = parts.index("RETR")
|
idx = parts.index("RETR")
|
||||||
if idx + 1 < len(parts):
|
if idx + 1 < len(parts):
|
||||||
filename = parts[idx + 1]
|
filename = parts[idx + 1]
|
||||||
src_ip = packet['IP'].src
|
print(f"\033[92mFTP file download detected: {filename} \033[0m")
|
||||||
print(f"\033[92mFTP file download detected: {filename} from {src_ip}\033[0m")
|
|
||||||
|
|
||||||
def start_sniffing(interface=conf.iface):
|
def start_sniffing(interface=conf.iface):
|
||||||
"""
|
"""
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user