Flushing and Closing connections - see #3

Author: gallypette

d4-tlsf.go

@@ -47,8 +47,12 @@ var outCerts = flag.String("w", "", "Folder to write certificates into")
 var outJSON = flag.String("j", "", "Folder to write certificates into, stdin if not set")
 var jobQ chan d4tls.TLSSession
 
-const closeTimeout time.Duration = time.Hour * 24 // Closing inactive: TODO: from CLI
-const timeout time.Duration = time.Minute * 5     // Pending bytes: TODO: from CLI
+// flushing
+var flushEvery = flag.Int("flush", 5000, "Flush every N packets")
+var dtf, _ = time.ParseDuration("5m")
+var dtc, _ = time.ParseDuration("48h")
+var flushTf = flag.Duration("flushtf", dtf, "Flush older than t")
+var flushTc = flag.Duration("flushtc", dtc, "Close older that t")
 
 var assemblerOptions = reassembly.AssemblerOptions{
 	MaxBufferedPagesPerConnection: 16,
@@ -227,11 +231,9 @@ func (t *tcpStream) ReassembledSG(sg reassembly.ScatterGather, ac reassembly.Ass
 						}
 					}
 
-					// If the handshake is considered finished and we have not yet outputted it we ship it to output.
 					if t.tlsSession.HandshakeComplete() && !t.queued {
 						t.queueSession()
 					}
-
 				}
 			}
 		}
@@ -373,9 +375,11 @@ func main() {
 					}
 					assembler.AssembleWithContext(packet.NetworkLayer().NetworkFlow(), tcp, &c)
 				}
-				//ref := packet.Metadata().CaptureInfo.Timestamp
-				//flushed, closed := assembler.FlushWithOptions(reassembly.FlushOptions{T: ref.Add(time.Minute * 30), TC: ref.Add(time.Minute * 5)})
-				//Debug("Forced flush: %d flushed, %d closed (%s)", flushed, closed, ref)
+				if count%*flushEvery == 0{
+					ref := packet.Metadata().CaptureInfo.Timestamp
+					flushed, closed := assembler.FlushWithOptions(reassembly.FlushOptions{T: ref.Add(-*flushTf), TC: ref.Add(-*flushTc)})
+					Debug("Forced flush: %d flushed, %d closed (%s)", flushed, closed, ref)
+				}
 			}
 		}