Adding upstream version 4.22.0.upstream/4.22.0

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>

1 files changed, 128 insertions, 0 deletions

diff --git a/upstream/archlinux/man7/traffic_learner.7 b/upstream/archlinux/man7/traffic_learner.7
new file mode 100644
index 00000000..1f63604c
--- /dev/null
+++ b/upstream/archlinux/man7/traffic_learner.7
@@ -0,0 +1,128 @@
+'\" t
+.\"     Title: traffic_learner
+.\"    Author: [see the "AUTHOR" section]
+.\" Generator: DocBook XSL Stylesheets vsnapshot <http://docbook.sf.net/>
+.\"      Date: 02/19/2024
+.\"    Manual: User Commands
+.\"    Source: Samba 4.19.5
+.\"  Language: English
+.\"
+.TH "TRAFFIC_LEARNER" "7" "02/19/2024" "Samba 4\&.19\&.5" "User Commands"
+.\" -----------------------------------------------------------------
+.\" * Define some portability stuff
+.\" -----------------------------------------------------------------
+.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+.\" http://bugs.debian.org/507673
+.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html
+.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+.ie \n(.g .ds Aq \(aq
+.el       .ds Aq '
+.\" -----------------------------------------------------------------
+.\" * set default formatting
+.\" -----------------------------------------------------------------
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.\" -----------------------------------------------------------------
+.\" * MAIN CONTENT STARTS HERE *
+.\" -----------------------------------------------------------------
+.SH "NAME"
+traffic_learner \- Samba tool to assist with traffic generation\&.
+.SH "SYNOPSIS"
+.HP \w'\ 'u
+traffic_learner {\-o\ OUTPUT_FILE\ \&.\&.\&.} [\-h] [\-\-dns\-mode\ {inline|count}] [SUMMARY_FILE] [SUMMARY_FILE\ \&.\&.\&.]
+.SH "DESCRIPTION"
+.PP
+This tool is part of the
+\fBsamba\fR(7)
+suite\&.
+.PP
+This tool assists with generation of Samba traffic\&. It takes a traffic\-summary file (produced by
+traffic_summary\&.pl) as input and produces a traffic\-model file that can be used by
+traffic_replay
+for traffic generation\&.
+.PP
+The model file summarizes the types of traffic (\*(Aqconversations\*(Aq between a host and a Samba DC) that occur on a network\&. The model file describes the traffic in a way that allows it to be scaled so that either more (or fewer) packets get sent, and the packets can be sent at a faster (or slower) rate than that seen in the network\&.
+.SH "OPTIONS"
+.PP
+\-h|\-\-help
+.RS 4
+Print a summary of command line options\&.
+.RE
+.PP
+SUMMARY_FILE
+.RS 4
+File containing a network traffic\-summary\&. The traffic\-summary file should be generated by
+traffic_summary\&.pl
+from a packet capture of actual network traffic\&. More than one file can be specified, in which case the traffic will be combined into a single traffic\-model\&. If no SUMMARY_FILE is specified, this tool will read the traffic\-summary from STDIN, i\&.e\&. you can pipe the output from traffic_summary\&.pl directly to this tool\&.
+.RE
+.PP
+\-o|\-\-out OUTPUT_FILE
+.RS 4
+The traffic\-model that is produced will be written to this file\&. The OUTPUT_FILE can then be passed to
+traffic_replay
+to generate (and manipulate) Samba network traffic\&.
+.RE
+.PP
+\-\-dns\-mode [inline|count]
+.RS 4
+How DNS traffic should be handled by the model\&.
+.RE
+.SH "EXAMPLES"
+.PP
+To take a traffic\-summary file and produce a traffic\-model file, use:
+.PP
+traffic_learner traffic\-summary\&.txt \-o traffic\-model\&.txt
+.PP
+To generate a traffic\-model from a packet capture, you can pipe the traffic summary to STDIN using:
+.PP
+tshark \-r capture\&.pcapng \-T pdml | traffic_summary\&.pl | traffic_learner \-o traffic\-model\&.txt
+.SH "OUTPUT FILE FORMAT"
+.PP
+The output model file describes a Markov model estimating the probability of a packet occurring given the last two packets\&.
+.PP
+The count of each continuation after a pair of successive packets is stored, and the ratios of these counts is used to calculate probabilities for the next packet\&.
+.PP
+The model is stored in JSON format, and also contains information about the packet rate and DNS traffic rate\&.
+.SS "Example ngram listing"
+.PP
+The following listing shows a contrived example of a single ngram entry\&.
+.sp
+.if n \{\
+.RS 4
+.\}
+.nf
+          "ngrams": {
+             "ldap:0\etdcerpc:11": {
+                 "lsarpc:77": 1,
+                 "ldap:2": 370,
+                 "ldap:3": 62,
+                 "wait:3": 2,
+                 "\-": 1
+             }, [\&.\&.\&.]
+          }
+        
+.fi
+.if n \{\
+.RE
+.\}
+.PP
+This counts the observed continuations after an ldap packet with opcode 0 (a bind) followed by a dcerpc packet with opcode 11 (also a bind)\&. The most common next packet is "ldap:2" which is an unbind, so this is the most likely packet type to be selected in replay\&. At the other extreme, lsarpc opcode 77 (lookup names) has been seen only once, and it is unlikely but possible that this will be selected in replay\&.
+.PP
+There are two special packet types here\&. "wait:3" refers to a temporary pause in the conversation, where the "3" pseudo\-opcode indicates the length of the wait on an exponential scale\&. That is, a "wait:4" pause would be about 2\&.7 times longer that a "wait:3", which in turn would be similarly longer than a "wait:2"\&.
+.PP
+The other special packet is "\-", which represents the limit of the conversation\&. In the example, this indicates that one observed conversation ended after this particular ngram\&. This special opcode is also used at the beginning of conversations, which are indicated by the ngram "\-\et\-"\&.
+.SH "VERSION"
+.PP
+This man page is complete for version 4\&.19\&.5 of the Samba suite\&.
+.SH "SEE ALSO"
+.PP
+\fBtraffic_replay\fR(7)\&.
+.SH "AUTHOR"
+.PP
+The original Samba software and related utilities were created by Andrew Tridgell\&. Samba is now developed by the Samba Team as an Open Source project similar to the way the Linux kernel is developed\&.
+.PP
+The traffic_learner tool was developed by the Samba team at Catalyst IT Ltd\&.
+.PP
+The traffic_learner manpage was written by Tim Beale\&.