feat: nDPI traffic category per conversation#56
Merged
NotYuSheng merged 5 commits intomainfrom Mar 28, 2026
Merged
Conversation
- V6 migration: add category VARCHAR(50) to conversations - NdpiService: parse [cat: Name/ID] from ndpiReader -v 2 output - Propagate category through ConversationEntity, ConversationResponse, ConversationDetailResponse - AnalysisSummaryResponse: add CategoryStat inner class and categoryDistribution field (aggregated packet/byte counts per category, sorted by packet count descending) - AnalysisService: persist category, build categoryDistribution in getAnalysisSummary, propagate in getConversations/getConversationDetail/ getSecurityAlerts - Frontend: CategoryStat type, categoryDistribution in AnalysisSummary, category field in Conversation type - CategoryBreakdownChart component (pie + table, mirrors ProtocolBreakdown) rendered in AnalysisOverview alongside protocol chart - Category column in ConversationList table (shown only when data present) Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review
This pull request introduces traffic category extraction and visualization, updating the backend to parse categories from nDPI output, store them in the database, and aggregate statistics for the analysis summary. The frontend is enhanced with a new category breakdown chart and a category column in the conversation list. Key feedback includes refactoring the aggregation logic in AnalysisService to replace magic indices with a more readable structure, centralizing the COLORS array and formatBytes utility in the frontend to reduce duplication, and applying dynamic coloring to category badges for better visual distinction.
The backend changed detectedApplications from List<String> to
List<DetectedApplication>, but containers built from older code still
return plain strings. Coerce string items to {name, packetCount:0, bytes:0}
in the service layer so the UI never crashes accessing .packetCount.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- StoryService: add ## Traffic Category Breakdown section to LLM prompt (aggregated packet counts per nDPI category, sorted alphabetically) - StoryService: inline [CAT: Name] label per conversation line alongside existing [app] and [RISKS: ...] labels - StoryPage: replace generic subtitle with bullet list explaining how stories are generated and their limitations Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- AnalysisService: replace long[] with named CategoryAggregate class and use Comparator.comparingLong().reversed() for sort - CategoryBreakdownChart: use getAppColor() instead of local COLORS array; import formatBytes from @/utils/formatters instead of local definition - ConversationList: style category badges with getAppColor() matching app badge pattern Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Closes #42
Summary
category VARCHAR(50)column toconversations[cat: Name/ID]field fromndpiReader -v 2output (e.g.Download,Web,VoIP) in the same single pass that extracts app names and risk flagsConversationEntity,ConversationResponse,ConversationDetailResponseall exposecategory;AnalysisSummaryResponsegains aCategoryStatinner class and acategoryDistributionlist (packet count, bytes, percentage per category, sorted by packet count)CategoryStattype andcategoryDistributionfield onAnalysisSummary;Conversationgains optionalcategory; newCategoryBreakdownChart(pie + table) rendered in the Overview tab alongside the existing protocol chart;ConversationListtable shows a Category column when any category data is presentTest plan
categoryis stored per conversation in the DBftp.pcapsample should showDownloadcategory for FTP flows andWebfor the HTTP flow🤖 Generated with Claude Code