Design: Protocol dissection and topology inference system #86
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
- RESEARCH.md: Comprehensive research on protocol dissection tools (Scapy, nDPI, Zeek, TShark) - DESIGN.md: Full architecture design with 7 implementation phases - ROADMAP.md: Quick reference implementation guide Co-authored-by: goranjovic55 <83976007+goranjovic55@users.noreply.github.com>
Copilot
AI
changed the title
[WIP] Implement protocol dissection and analysis for traffic and topology
Design: Protocol dissection and topology inference system
Jan 24, 2026
Owner
|
@copilot can we implement phase 2 also and create realistic host based e2e tests so we confirm both traffic capture and topology works as intended with DPI |
…y inference - DPIService: Layer-by-layer packet dissection (L2-L7) - VLAN (802.1Q) detection and membership tracking - LLDP/CDP neighbor discovery - STP BPDU parsing - Multicast group tracking (IGMP, mDNS, SSDP) - L7 protocol classification (50+ protocols) - Device classification (switch/router/host) - Thread-safe operations with RLock - Size limits to prevent unbounded memory growth - VLAN ID validation (802.1Q range 1-4094) - REST API endpoints for protocol analysis - 41 E2E tests covering realistic scenarios Co-authored-by: goranjovic55 <83976007+goranjovic55@users.noreply.github.com>
Contributor
Author
Implemented Phase 1-2 in commit a0b706d: DPIService (
E2E Tests (
API Endpoints (
|
Owner
|
@copilot we should implement alos dpi usage in traffic page and in topology page |
Co-authored-by: goranjovic55 <83976007+goranjovic55@users.noreply.github.com>
Copilot stopped work on behalf of
goranjovic55 due to an error
January 24, 2026 15:48
Owner
|
@copilot continue |
- Add DPITopologyPanel to Topology page (collapsible side panel) - Add DPIProtocolStats bar to Traffic page toolbar - Show VLAN count, multicast groups, LLDP/CDP neighbors - Device classification display (switches, routers) - STP root bridge indicator Co-authored-by: goranjovic55 <83976007+goranjovic55@users.noreply.github.com>
Contributor
Author
Implemented DPI integration in commit 48e5e2b: Topology page:
Traffic page:
New components:
|
Owner
|
@copilot we shoul adjust topology view based on dpi ( we should be able to switch views so we can get best graphical representation ) |
- Add view mode selector: STD | VLAN | MCAST | TYPE - VLAN view: Group nodes by VLAN membership with color coding - Multicast view: Highlight multicast group members with hub layout - Device Type view: Color by switch/router/host classification - Add interactive legend showing active view mode - Adjust d3 force layout per view mode for optimal visualization - Persist view mode preference in localStorage Co-authored-by: goranjovic55 <83976007+goranjovic55@users.noreply.github.com>
Research: ntopng, Wireshark, SolarWinds, Cisco Prime patterns - Industry-standard protocol color palette (L2 blues, L3 greens, L4 oranges, App purples) - Device-type specific node shapes (router with arrows, switch rectangle with ports) - DPI-aware node coloring in all view modes - Enhanced legend with SVG device icons - Best practices documentation for network topology visualization Co-authored-by: goranjovic55 <83976007+goranjovic55@users.noreply.github.com>
Owner
|
@copilot please make icons and node shapes and areas compliant with our cyberpunk colour theme including fonts and highlights etc |
- Use cyberpunk color palette (cyber-red, cyber-green, cyber-blue, cyber-purple, cyber-yellow) - Add glow effects (text-shadow, box-shadow) to icons and buttons - Update device type icons with neon glow SVG filters - Apply monospace font styling with tracking - Update node shapes with cyberpunk colors and glow effects - Enhance DPI view mode selector with hover/active states - Update DPITopologyPanel with full cyberpunk styling - Update DPIProtocolStats with cyberpunk badge and glow effects Co-authored-by: goranjovic55 <83976007+goranjovic55@users.noreply.github.com>
Contributor
Author
Applied cyberpunk theme compliance in commit 99d7c7f: Colors:
Glow Effects:
Typography:
Updated Components:
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Phase 1: Core Infrastructure - DPI Service Foundation
DPIService.pywith basic structurePhase 2: L2 Discovery
Phase 3: Multicast & Topology
Phase 4: API Endpoints
protocol_analysis.pyREST endpointsPhase 5: Frontend Integration
protocolAnalysisService.tsfor API accessDPITopologyPanel.tsxcomponentDPIProtocolStats.tsxcomponentPhase 6: Fingerprinting (future)
Phase 7: Testing & Optimization (future)
Research-Based Improvements
Based on analysis of industry tools (ntopng, Wireshark, SolarWinds, Cisco Prime, EtherApe):
Protocol Color Palette (Industry Standard)
Device Type Visualization
Cyberpunk Theme Integration
Documentation
.project/protocol-dissection/DPI_VISUALIZATION_BEST_PRACTICES.mdTest Coverage
Original prompt
💬 We'd love your input! Share your thoughts on Copilot coding agent in our 2 minute survey.