nfstream
diff --git a/‎docs/api.md
Lines changed: 15 additions & 3 deletions b/‎docs/api.md
Lines changed: 15 additions & 3 deletions
diff --git a/‎docs/index.md
Lines changed: 15 additions & 0 deletions b/‎docs/index.md
Lines changed: 15 additions & 0 deletions
diff --git a/‎index.html
Lines changed: 3 additions & 2 deletions b/‎index.html
Lines changed: 3 additions & 2 deletions
diff --git a/‎resources/logo_nmap.png
39.8 KB b/‎resources/logo_nmap.png
39.8 KB
diff --git a/‎resources/platforms.png
-7.21 KB b/‎resources/platforms.png
-7.21 KB
@@ -33,7 +33,7 @@ until flow expiration is triggered (active timeout, inactive timeout).
 
 ```python
 from nfstream import NFStreamer
-my_streamer = NFStreamer(source="facebook.pcap",
+my_streamer = NFStreamer(source="facebook.pcap", # or network interface
                          decode_tunnels=True,
                          bpf_filter=None,
                          promiscuous_mode=True,
@@ -46,7 +46,10 @@ my_streamer = NFStreamer(source="facebook.pcap",
                          statistical_analysis=False,
                          splt_analysis=0,
                          n_meters=0,
-                         performance_report=0)
+                         max_nflows=0,
+                         performance_report=0,
+                         system_visibility_mode=0,
+                         system_visibility_poll_ms=100)
 ```
 
 ### NFStreamer attributes
@@ -63,8 +66,11 @@ my_streamer = NFStreamer(source="facebook.pcap",
 | `n_dissections` | `[default=20]` | Number of per flow packets to dissect for L7 visibility feature. When set to 0, L7 visibility feature is disabled. |
 | `statistical_analysis` | `[default=False]` | Enable/Disable post-mortem flow statistical analysis.  |
 | `splt_analysis` | `[default=0]` | Specify the sequence of first packets length for early statistical analysis. When set to 0, splt_analysis is disabled. |
+| `max_nflows` | `[default=0]` | Specify the number of maximum flows to capture before returning. Unset when equal to 0. |
 | `n_meters` | `[default=0]` | Specify the number of parallel metering processes. When set to 0, NFStreamer will automatically scale metering according to available physical cores on the running host. |
 | `performance_report` | `[default=0]` | [**Performance report**](https://github.com/nfstream/nfstream/blob/master/assets/PERFORMANCE_REPORT.md) interval in seconds. Disabled when set to 0. Ignored for offline capture. |
+| `system_visibility_mode` | `[default=0]` |  Enable system process mapping by probing the host machine. |
+| `system_visibility_poll_ms` | `[default=100]` |  Set the polling interval in milliseconds for system process mapping feature (0 is the maximum achievable rate). |
 
 ### NFStreamer methods
 
@@ -87,12 +93,13 @@ my_dataframe.head()
 #### CSV file conversion
 
 ```python
-total_flows_count = my_streamer.to_csv(path=None, columns_to_anonymize=[], flows_per_file=0)
+total_flows_count = my_streamer.to_csv(path=None, columns_to_anonymize=[], flows_per_file=0, rotate_files=0)
 ```
 
 | `path` | `[default=None]` | Specify output path of csv resulting file. When Set to None, NFStream uses source as path and add a '.csv' extension to it. |
 | `flows_per_file` | `[default=0]` | Specify maximum flows per generated file. Each generated file name will be appended by the chunk index. This limit is disabled when set to 0. |
 | `columns_to_anonymize` | `[default=[]]` | List of columns names to anonymize. Anonymization is based on a random secret key generation at each start of NFStreamer. The generated key is used to anonymize configured values using blake2b algorithm. |
+| `rotate_files` | `[default=0]` |  Number of rotating files to limit disk storage usage. Example: NFstream started with flows per file `1000` and rotate_files `5` will force NFStreamer to overwrite file 0 when it reached 5000 flows. 
 
 ## NFlow
 
@@ -203,6 +210,11 @@ In the following we detail each implemented feature.
 | `splt_ps` | `list`  | List of N (splt_analysis=N) first flow packet sizes (depends on accounting_mode, -1 when there is no packet).|
 | `splt_piat_ms` | `list`  | List of N (splt_analysis=N) first flow packet inter arrival times (always 0 for first packet, -1 when there is no packet).|
 
+#### System Visibility Features (system_visibility_mode=1)
+
+| `process_name` | `str`  | Name of the host process that generated the flow.|
+| `process_pid` | `int`  | PID of the host process that generated the flow .|
+
 ## NFPlugin
 
 ### NFPlugin prototype
 
@@ -27,6 +27,8 @@ across experiments.
 * **Encrypted layer-7 visibility:** NFStream deep packet inspection is based on [**nDPI**][ndpi]. 
 It allows NFStream to perform [**reliable**][reliable] encrypted applications identification and metadata 
 fingerprinting (e.g. TLS, SSH, DHCP, HTTP).
+* **System visibility:** NFStream probes the monitored system's kernel to obtain information on open Internet sockets 
+and collects guaranteed ground-truth (process name, PID, etc.) at the application level.
 * **Statistical features extraction:** NFStream provides state of the art of flow-based statistical feature extraction. 
 It includes both post-mortem statistical features (e.g. min, mean, stddev and max of packet size and inter arrival time) 
 and early flow features (e.g. sequence of first n packets sizes, inter arrival times and
@@ -64,6 +66,17 @@ sudo apt-get install libusb-1.0-0-dev libdbus-glib-1-dev libbluetooth-dev libnl-
 brew install autoconf automake libtool pkg-config gettext json-c
 ```
 
+### Windows Prerequisites
+
+On Windows, NFStream build system is based MSYS2. Please follow [**msys2 installation guide**][msys2] before moving to 
+the next steps.
+
+```bash
+pacman -S git unzip mingw-w64-x86_64-toolchain automake1.16 automake-wrapper autoconf libtool make mingw-w64-x86_64-json-c mingw-w64-x86_64-crt-git
+```
+
+Note that you will also need to have npcap installed according to [**these instructions**][npcap].
+
 ### Build NFStream
 
 ```bash
@@ -79,3 +92,5 @@ python3 -m pip install .
 [reliable]: http://people.ac.upc.edu/pbarlet/papers/ground-truth.pam2014.pdf
 [pypy]: https://www.pypy.org/
 [cffi]: https://cffi.readthedocs.io/en/latest/index.html
+[msys2]: https://www.msys2.org/
+[npcap]: https://npcap.com/guide/npcap-users-guide.html
@@ -105,7 +105,7 @@ <h2>Machine learning oriented</h2>
     <div class="lp-center lp-section-container">
       <div class="lp-col  lp-col-left">
         <h2>Multiplatform support</h2>
-        <p>NFStream is currently supported on major Linux distributions, MacOS and ARM (64bits) based platforms.
+        <p>NFStream is currently supported on major Linux distributions, MacOS and Windows.
             You can install pre-built wheels for each platform using pip or build it from source.
         </p>
         <a href="{{ site.baseurl }}/docs/#installation-guide" class="btn btn-blue fs-5 mb-3 mb-md-5">View Installation Guide</a>
@@ -141,12 +141,13 @@ <h3>Supporting Organizations</h3>
           <img src="{{ site.baseurl }}{{ site.logo_sah }}" width="{{ site.logo_width }}" height="57">
           <img src="{{ site.baseurl }}{{ site.logo_tuke }}" width="{{ site.logo_width }}" height="57">
           <img src="{{ site.baseurl }}{{ site.logo_ntop }}" width="{{ site.logo_width }}" height="57">
+          <img src="{{ site.baseurl }}{{ site.logo_nmap }}" width="{{ site.logo_width }}" height="57">
         </ul>
       </div>
     </div>
     <div class="lp-footer-section lp-footer-copyright">
       <img src="{{ site.baseurl }}{{ site.logo_source }}" width="{{ site.logo_width }}" height="57" >
-      <p>Copyright © 2021 NFStream Developers</p>
+      <p>Copyright © 2022 NFStream Developers</p>
     </div>
   </footer>
 </div>