Sizes of LRU caches are now configurable

0 as size value disable the cache. The diffs in unit tests are due to the fact that some lookups are performed before the first insert: before this change these lookups weren't counted because the cache was not yet initialized, now they are.
2026-05-06 03:45:32 +00:00 · 2022-09-22 17:42:46 +02:00 · 2022-09-22 17:42:46 +02:00 · 1f345b311f
commit 1f345b311f
parent 83de3e4716
133 changed files with 345 additions and 232 deletions
--- a/src/include/ndpi_api.h
+++ b/src/include/ndpi_api.h
@ -1005,6 +1005,13 @@ extern "C" {
 			       lru_cache_type cache_type,
 			       struct ndpi_lru_cache_stats *stats);

+  int ndpi_get_lru_cache_size(struct ndpi_detection_module_struct *ndpi_struct,
+			      lru_cache_type cache_type,
+			      u_int32_t *num_entries);
+  int ndpi_set_lru_cache_size(struct ndpi_detection_module_struct *ndpi_struct,
+			      lru_cache_type cache_type,
+			      u_int32_t num_entries);
+
  int ndpi_set_opportunistic_tls(struct ndpi_detection_module_struct *ndpi_struct,
 				 u_int16_t proto, int value);
  int ndpi_get_opportunistic_tls(struct ndpi_detection_module_struct *ndpi_struct,
--- a/src/include/ndpi_typedefs.h
+++ b/src/include/ndpi_typedefs.h
@ -1190,29 +1190,36 @@ struct ndpi_detection_module_struct {

  u_int8_t ip_version_limit;

-  /* NDPI_PROTOCOL_OOKLA */
-  struct ndpi_lru_cache *ookla_cache;
-
  /* NDPI_PROTOCOL_TINC */
  struct cache *tinc_cache;

+  /* NDPI_PROTOCOL_OOKLA */
+  struct ndpi_lru_cache *ookla_cache;
+  u_int32_t ookla_cache_num_entries;
+
  /* NDPI_PROTOCOL_BITTORRENT */
  struct ndpi_lru_cache *bittorrent_cache;
+  u_int32_t bittorrent_cache_num_entries;

  /* NDPI_PROTOCOL_ZOOM */
  struct ndpi_lru_cache *zoom_cache;
+  u_int32_t zoom_cache_num_entries;

  /* NDPI_PROTOCOL_STUN and subprotocols */
  struct ndpi_lru_cache *stun_cache;
+  u_int32_t stun_cache_num_entries;

  /* NDPI_PROTOCOL_TLS and subprotocols */
  struct ndpi_lru_cache *tls_cert_cache;
+  u_int32_t tls_cert_cache_num_entries;
  
  /* NDPI_PROTOCOL_MINING and subprotocols */
  struct ndpi_lru_cache *mining_cache;
+  u_int32_t mining_cache_num_entries;

  /* NDPI_PROTOCOL_MSTEAMS */
  struct ndpi_lru_cache *msteams_cache;
+  u_int32_t msteams_cache_num_entries;

  /* *** If you add a new LRU cache, please update lru_cache_type above! *** */

--- a/src/lib/ndpi_main.c
+++ b/src/lib/ndpi_main.c
@ -2779,6 +2779,14 @@ struct ndpi_detection_module_struct *ndpi_init_detection_module(ndpi_init_prefs
    return(NULL);
  }

+  ndpi_str->ookla_cache_num_entries = 1024;
+  ndpi_str->bittorrent_cache_num_entries = 32768;
+  ndpi_str->zoom_cache_num_entries = 512;
+  ndpi_str->stun_cache_num_entries = 1024;
+  ndpi_str->tls_cert_cache_num_entries = 1024;
+  ndpi_str->mining_cache_num_entries = 1024;
+  ndpi_str->msteams_cache_num_entries = 1024;
+
  ndpi_str->opportunistic_tls_smtp_enabled = 1;
  ndpi_str->opportunistic_tls_imap_enabled = 1;
  ndpi_str->opportunistic_tls_pop_enabled = 1;
@ -2851,6 +2859,56 @@ void ndpi_finalize_initialization(struct ndpi_detection_module_struct *ndpi_str)

  ndpi_add_domain_risk_exceptions(ndpi_str);

+  if(ndpi_str->ookla_cache_num_entries > 0) {
+    ndpi_str->ookla_cache = ndpi_lru_cache_init(ndpi_str->ookla_cache_num_entries);
+    if(!ndpi_str->ookla_cache) {
+      NDPI_LOG_ERR(ndpi_str, "Error allocating lru cache (num_entries %u)\n",
+                   ndpi_str->ookla_cache_num_entries);
+    }
+  }
+  if(ndpi_str->bittorrent_cache_num_entries > 0) {
+    ndpi_str->bittorrent_cache = ndpi_lru_cache_init(ndpi_str->bittorrent_cache_num_entries);
+    if(!ndpi_str->bittorrent_cache) {
+      NDPI_LOG_ERR(ndpi_str, "Error allocating lru cache (num_entries %u)\n",
+                   ndpi_str->bittorrent_cache_num_entries);
+    }
+  }
+  if(ndpi_str->zoom_cache_num_entries > 0) {
+    ndpi_str->zoom_cache = ndpi_lru_cache_init(ndpi_str->zoom_cache_num_entries);
+    if(!ndpi_str->zoom_cache) {
+      NDPI_LOG_ERR(ndpi_str, "Error allocating lru cache (num_entries %u)\n",
+                   ndpi_str->zoom_cache_num_entries);
+    }
+  }
+  if(ndpi_str->stun_cache_num_entries > 0) {
+    ndpi_str->stun_cache = ndpi_lru_cache_init(ndpi_str->stun_cache_num_entries);
+    if(!ndpi_str->stun_cache) {
+      NDPI_LOG_ERR(ndpi_str, "Error allocating lru cache (num_entries %u)\n",
+                   ndpi_str->stun_cache_num_entries);
+    }
+  }
+  if(ndpi_str->tls_cert_cache_num_entries > 0) {
+    ndpi_str->tls_cert_cache = ndpi_lru_cache_init(ndpi_str->tls_cert_cache_num_entries);
+    if(!ndpi_str->tls_cert_cache) {
+      NDPI_LOG_ERR(ndpi_str, "Error allocating lru cache (num_entries %u)\n",
+                   ndpi_str->tls_cert_cache_num_entries);
+    }
+  }
+  if(ndpi_str->mining_cache_num_entries > 0) {
+    ndpi_str->mining_cache = ndpi_lru_cache_init(ndpi_str->mining_cache_num_entries);
+    if(!ndpi_str->mining_cache) {
+      NDPI_LOG_ERR(ndpi_str, "Error allocating lru cache (num_entries %u)\n",
+                   ndpi_str->mining_cache_num_entries);
+    }
+  }
+  if(ndpi_str->msteams_cache_num_entries > 0) {
+    ndpi_str->msteams_cache = ndpi_lru_cache_init(ndpi_str->msteams_cache_num_entries);
+    if(!ndpi_str->msteams_cache) {
+      NDPI_LOG_ERR(ndpi_str, "Error allocating lru cache (num_entries %u)\n",
+                   ndpi_str->msteams_cache_num_entries);
+    }
+  }
+
  if(ndpi_str->ac_automa_finalized) return;

  ndpi_automa * const automa[] = { &ndpi_str->host_automa,
@ -5625,9 +5683,6 @@ static void ndpi_reconcile_protocols(struct ndpi_detection_module_struct *ndpi_s
    if(flow->is_ipv6 == 0 && flow->l4_proto == IPPROTO_TCP) {
      // printf("====>> NDPI_PROTOCOL_MSTEAMS\n");

-      if(ndpi_str->msteams_cache == NULL)
-	ndpi_str->msteams_cache = ndpi_lru_cache_init(1024);
-
      if(ndpi_str->msteams_cache)
 	ndpi_lru_add_to_cache(ndpi_str->msteams_cache,
 			      ntohl(flow->c_address.v4),
@ -5769,9 +5824,6 @@ static u_int8_t ndpi_search_into_zoom_cache(struct ndpi_detection_module_struct

 static void ndpi_add_connection_as_zoom(struct ndpi_detection_module_struct *ndpi_struct,
 					u_int32_t daddr /* Network byte order */) {
-  if(ndpi_struct->zoom_cache == NULL)
-    ndpi_struct->zoom_cache = ndpi_lru_cache_init(512);
-
  if(ndpi_struct->zoom_cache)
    ndpi_lru_add_to_cache(ndpi_struct->zoom_cache, daddr, NDPI_PROTOCOL_ZOOM);
 }
@ -8291,6 +8343,68 @@ int ndpi_get_lru_cache_stats(struct ndpi_detection_module_struct *ndpi_struct,
  }
 }

+int ndpi_set_lru_cache_size(struct ndpi_detection_module_struct *ndpi_struct,
+			    lru_cache_type cache_type,
+			    u_int32_t num_entries)
+{
+  switch(cache_type) {
+  case NDPI_LRUCACHE_OOKLA:
+    ndpi_struct->ookla_cache_num_entries = num_entries;
+    return 0;
+  case NDPI_LRUCACHE_BITTORRENT:
+    ndpi_struct->bittorrent_cache_num_entries = num_entries;
+    return 0;
+  case NDPI_LRUCACHE_ZOOM:
+    ndpi_struct->zoom_cache_num_entries = num_entries;
+    return 0;
+  case NDPI_LRUCACHE_STUN:
+    ndpi_struct->stun_cache_num_entries = num_entries;
+    return 0;
+  case NDPI_LRUCACHE_TLS_CERT:
+    ndpi_struct->tls_cert_cache_num_entries = num_entries;
+    return 0;
+  case NDPI_LRUCACHE_MINING:
+    ndpi_struct->mining_cache_num_entries = num_entries;
+    return 0;
+  case NDPI_LRUCACHE_MSTEAMS:
+    ndpi_struct->msteams_cache_num_entries = num_entries;
+    return 0;
+  default:
+    return -1;
+  }
+}
+
+int ndpi_get_lru_cache_size(struct ndpi_detection_module_struct *ndpi_struct,
+			    lru_cache_type cache_type,
+			    u_int32_t *num_entries)
+{
+  switch(cache_type) {
+  case NDPI_LRUCACHE_OOKLA:
+    *num_entries = ndpi_struct->ookla_cache_num_entries;
+    return 0;
+  case NDPI_LRUCACHE_BITTORRENT:
+    *num_entries = ndpi_struct->bittorrent_cache_num_entries;
+    return 0;
+  case NDPI_LRUCACHE_ZOOM:
+    *num_entries = ndpi_struct->zoom_cache_num_entries;
+    return 0;
+  case NDPI_LRUCACHE_STUN:
+    *num_entries = ndpi_struct->stun_cache_num_entries;
+    return 0;
+  case NDPI_LRUCACHE_TLS_CERT:
+    *num_entries = ndpi_struct->tls_cert_cache_num_entries;
+    return 0;
+  case NDPI_LRUCACHE_MINING:
+    *num_entries = ndpi_struct->mining_cache_num_entries;
+    return 0;
+  case NDPI_LRUCACHE_MSTEAMS:
+    *num_entries = ndpi_struct->msteams_cache_num_entries;
+    return 0;
+  default:
+    return -1;
+  }
+}
+
 /* ******************************************************************** */

 /*
--- a/src/lib/protocols/bittorrent.c
+++ b/src/lib/protocols/bittorrent.c
@ -118,9 +118,6 @@ static void ndpi_add_connection_as_bittorrent(struct ndpi_detection_module_struc
    flow->extra_packets_func = search_bittorrent_again;
  }
  
-  if(ndpi_struct->bittorrent_cache == NULL)
-    ndpi_struct->bittorrent_cache = ndpi_lru_cache_init(32768);
-
  if(ndpi_struct->bittorrent_cache && packet->iph) {
    u_int32_t key1, key2, i;

--- a/src/lib/protocols/hangout.c
+++ b/src/lib/protocols/hangout.c
@ -98,8 +98,6 @@ void ndpi_search_hangout(struct ndpi_detection_module_struct *ndpi_struct,
      NDPI_LOG_INFO(ndpi_struct, "found Hangout\n");

      /* Hangout is over STUN hence the LRU cache is shared */
-      if(ndpi_struct->stun_cache == NULL)
-	ndpi_struct->stun_cache = ndpi_lru_cache_init(1024);

      if(ndpi_struct->stun_cache && packet->iph) {
 	u_int32_t key = get_stun_lru_key(flow, !matched_src);
--- a/src/lib/protocols/http.c
+++ b/src/lib/protocols/http.c
@ -1171,9 +1171,6 @@ static void ndpi_check_http_tcp(struct ndpi_detection_module_struct *ndpi_struct
      ookla_found:
        ndpi_int_http_add_connection(ndpi_struct, flow, NDPI_PROTOCOL_OOKLA, NDPI_PROTOCOL_CATEGORY_WEB);

-	if(ndpi_struct->ookla_cache == NULL)
-	  ndpi_struct->ookla_cache = ndpi_lru_cache_init(1024);
-
 	if(ndpi_struct->ookla_cache != NULL) {
 	  if(packet->iph != NULL) {
 	    if(packet->tcp->source == htons(8080))
--- a/src/lib/protocols/mining.c
+++ b/src/lib/protocols/mining.c
@ -28,8 +28,6 @@

 static void cacheMiningHostTwins(struct ndpi_detection_module_struct *ndpi_struct,
 				 u_int32_t host_keys /* network byte order */) {
-  if(ndpi_struct->mining_cache == NULL) ndpi_struct->mining_cache = ndpi_lru_cache_init(1024);
-  
  if(ndpi_struct->mining_cache)
    ndpi_lru_add_to_cache(ndpi_struct->mining_cache, host_keys, NDPI_PROTOCOL_MINING);
 }
--- a/src/lib/protocols/ookla.c
+++ b/src/lib/protocols/ookla.c
@ -56,9 +56,6 @@ void ndpi_search_ookla(struct ndpi_detection_module_struct* ndpi_struct, struct
 	 && (packet->payload[2] == 0x0A)) {	
 	ndpi_set_detected_protocol(ndpi_struct, flow, NDPI_PROTOCOL_OOKLA, NDPI_PROTOCOL_UNKNOWN, NDPI_CONFIDENCE_DPI);
 	
-	if(ndpi_struct->ookla_cache == NULL)
-	  ndpi_struct->ookla_cache = ndpi_lru_cache_init(1024);
-	
 	if(ndpi_struct->ookla_cache != NULL) {
 	  /* In order to avoid creating an IPv6 LRU we hash the IPv6 address */
 	  h = ndpi_quick_hash((unsigned char *)&packet->iphv6->ip6_dst, sizeof(packet->iphv6->ip6_dst));
--- a/src/lib/protocols/stun.c
+++ b/src/lib/protocols/stun.c
@ -58,9 +58,6 @@ static void ndpi_int_stun_add_connection(struct ndpi_detection_module_struct *nd
      app_proto = NDPI_PROTOCOL_FACEBOOK_VOIP;
  }

-  if(ndpi_struct->stun_cache == NULL)
-    ndpi_struct->stun_cache = ndpi_lru_cache_init(1024);
-
  if(ndpi_struct->stun_cache
     && packet->iph
     && (app_proto != NDPI_PROTOCOL_UNKNOWN)
--- a/src/lib/protocols/tls.c
+++ b/src/lib/protocols/tls.c
@ -695,9 +695,6 @@ static void processCertificateElements(struct ndpi_detection_module_struct *ndpi
 	flow->category = ndpi_get_proto_category(ndpi_struct, ret);
 	ndpi_check_subprotocol_risk(ndpi_struct, flow, proto_id);

-	if(ndpi_struct->tls_cert_cache == NULL)
-	  ndpi_struct->tls_cert_cache = ndpi_lru_cache_init(1024);
-
 	if(ndpi_struct->tls_cert_cache && packet->iph && packet->tcp) {
 	  u_int32_t key = packet->iph->saddr + packet->tcp->source; /* Server */