File: alert_broadcast_non_udp_traffic.lua

package info (click to toggle)

ntopng 5.2.1%2Bdfsg1-2

links: PTS, VCS
area: main
in suites: sid
size: 121,832 kB
sloc: javascript: 143,431; cpp: 71,175; ansic: 11,108; sh: 4,687; makefile: 911; python: 587; sql: 512; pascal: 234; perl: 118; ruby: 52; exp: 4

file content (63 lines) | stat: -rw-r--r-- 1,506 bytes

--
-- (C) 2019-22 - ntop.org
--

-- ##############################################


local flow_alert_keys = require "flow_alert_keys"

-- Import the classes library.
local classes = require "classes"
-- Make sure to import the Superclass!
local alert = require "alert"

-- ##############################################

local alert_broadcast_non_udp_traffic = classes.class(alert)

-- ##############################################

alert_broadcast_non_udp_traffic.meta = {
   alert_key = flow_alert_keys.flow_alert_broadcast_non_udp_traffic,
   i18n_title = "flow_checks_config.broadcast_non_udp_traffic_title",
   icon = "fas fa-fw fa-exclamation",

   has_attacker = true,

   -- Default values
   default = {
      -- Fitlters to be applied on the alert, e.g., cli_port=23
      filters = {},
   }
}

-- ##############################################

function alert_broadcast_non_udp_traffic:init(cli_mac)
   -- Call the parent constructor
   self.super:init()

   self.alert_type_params = {
      cli_mac = cli_mac
   }
end

-- #######################################################

function alert_broadcast_non_udp_traffic.format(ifid, alert, alert_type_params)
   local data = {
      ip = alert.cli_ip or "~",
      mac = "~"
   }

   if alert_type_params.cli_mac then
      data["mac"] = alert_type_params["cli_mac"]
   end

   return i18n("flow_details.broadcast_non_udp_traffic", data)
end

-- #######################################################

return alert_broadcast_non_udp_traffic