Verified Commit 5a08434f authored by Martin Petráček's avatar Martin Petráček
Browse files

monitor: delete incomplete flows after restart

monitor should get complete information about bypassed flows from
suricata_conntrack script before its exit - so they are complete.
What remains are connections that were just opened - we don't know much about
them, they just make output more confusing.
parent 05d8eb9d
......@@ -248,8 +248,9 @@ def main():
con = sqlite3.connect('/var/lib/pakon.db')
c = con.cursor()
# flow_ids are only unique (and meaningful) during one run of this script
# flows with flow_id are incomplete, delete them
try:
c.execute('UPDATE traffic SET flow_id = NULL, duration = 0, bytes_send = 0, bytes_received = 0 WHERE flow_id IS NOT NULL')
c.execute('DELETE FROM traffic WHERE flow_id IS NOT NULL')
con.commit()
except:
logging.debug('Error cleaning flow_id')
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment