denji/colorfilters.txt

## colorfilters.txt
@T-Small Window Sizes (<1320)@tcp.window_size < 1320 && tcp.window_size > 0@[65535,42405,0][0,0,0]
@T-Large Time Delay (>2 seconds)@frame.time_delta_displayed > 2.0@[65535,42405,0][0,0,0]
@T-DNS Error Responses@!dns.flags.rcode == 0 && dns.flags.response == 1@[42662,29041,4112][0,0,0]
@T-HTTP Error Response (>399)@http.response.code > 399@[65535,42405,0][0,0,0]
!@N-Window Update@expert.message == "Window update"@[0,25700,0][65535,65535,65535]
@I-SYN Packet@tcp.flags.syn == 1@[51657,2313,2313][65535,65535,65535]
@N-TCP Header > 20@tcp.hdr_len > 20@[0,25700,0][65535,65535,65535]
	@T-Small Window Sizes (<1320)@tcp.window_size < 1320 && tcp.window_size > 0@[65535,42405,0][0,0,0]
	@T-Large Time Delay (>2 seconds)@frame.time_delta_displayed > 2.0@[65535,42405,0][0,0,0]
	@T-DNS Error Responses@!dns.flags.rcode == 0 && dns.flags.response == 1@[42662,29041,4112][0,0,0]
	@T-HTTP Error Response (>399)@http.response.code > 399@[65535,42405,0][0,0,0]
	!@N-Window Update@expert.message == "Window update"@[0,25700,0][65535,65535,65535]
	@I-SYN Packet@tcp.flags.syn == 1@[51657,2313,2313][65535,65535,65535]
	@N-TCP Header > 20@tcp.hdr_len > 20@[0,25700,0][65535,65535,65535]