add ssh ignore option

2023-12-20 14:51:18 -05:00 · 2023-12-20 14:51:18 -05:00 · 9dfadb8eaa
commit 9dfadb8eaa
parent ee0180e618
1 changed files with 10 additions and 1 deletions
--- a/scripts/ifpi
+++ b/scripts/ifpi
@ -60,7 +60,7 @@ def classify_traffic(
            for pattern in patterns:
                if pattern.match(str(hostname)):
                    return service
-                
+
    # Fallbacks in case we can't figure anything else out
    if packet_proto == "TCP" and destination_port == 443:
        return f"HTTPS ({hostname})"
@ -82,6 +82,11 @@ def main() -> int:
        help="Subnet(s) to consider local",
        action="append",
    )
+    ap.add_argument(
+        "--ignore-ssh",
+        help="Ignore SSH traffic",
+        action="store_true",
+    )
    ap.add_argument(
        "-v", "--verbose", help="Enable verbose logging", action="store_true"
    )
@ -153,6 +158,10 @@ def main() -> int:
        classification = classify_traffic(
            destination, int(destination_port), metadata.lstrip().split(" ")[0]
        )
+        
+        # Handle ignoring SSH traffic
+        if args.ignore_ssh and classification == "SSH":
+            continue

        print(f"{source}\t{classification}")