Merge pull request #398 from kYroL01/dev

added GoogleDrive detection

src/include/ndpi_protocol_ids.h

@@ -159,71 +159,71 @@
 #define NDPI_PROTOCOL_TWITTER 	 120
 #define NDPI_PROTOCOL_DROPBOX 	 121
 #define NDPI_PROTOCOL_GMAIL 	 122
-#define NDPI_PROTOCOL_GOOGLE_MAPS 	   123
+#define NDPI_PROTOCOL_GOOGLE_MAPS 	 123
 #define NDPI_PROTOCOL_YOUTUBE 	 124
 #define NDPI_PROTOCOL_SKYPE 	 125
 #define NDPI_PROTOCOL_GOOGLE 	 126
 #define NDPI_PROTOCOL_DCERPC 	 127
 #define NDPI_PROTOCOL_NETFLOW 	 128
 #define NDPI_PROTOCOL_SFLOW 	 129
-#define NDPI_PROTOCOL_HTTP_CONNECT 	   130
-#define NDPI_PROTOCOL_HTTP_PROXY 	   131
-#define NDPI_PROTOCOL_CITRIX 	 132
-#define NDPI_PROTOCOL_NETFLIX 	 133
-#define NDPI_PROTOCOL_LASTFM 	 134
-#define NDPI_PROTOCOL_WAZE 	 135
+#define NDPI_PROTOCOL_HTTP_CONNECT 	 130
+#define NDPI_PROTOCOL_HTTP_PROXY 	 131
+#define NDPI_PROTOCOL_CITRIX 	         132
+#define NDPI_PROTOCOL_NETFLIX 	         133
+#define NDPI_PROTOCOL_LASTFM 	         134
+#define NDPI_PROTOCOL_WAZE 	         135
 #define NDPI_PROTOCOL_SKYFILE_PREPAID 	 136
 #define NDPI_PROTOCOL_SKYFILE_RUDICS 	 137
 #define NDPI_PROTOCOL_SKYFILE_POSTPAID 	 138
 #define NDPI_PROTOCOL_CITRIX_ONLINE 	 139
-#define NDPI_PROTOCOL_APPLE 	 140
-#define NDPI_PROTOCOL_WEBEX 	 141
-#define NDPI_PROTOCOL_WHATSAPP 	 142
+#define NDPI_PROTOCOL_APPLE 	         140
+#define NDPI_PROTOCOL_WEBEX 	         141
+#define NDPI_PROTOCOL_WHATSAPP 	         142
 #define NDPI_PROTOCOL_APPLE_ICLOUD 	 143
-#define NDPI_PROTOCOL_VIBER 	 144
+#define NDPI_PROTOCOL_VIBER 	         144
 #define NDPI_PROTOCOL_APPLE_ITUNES 	 145
-#define NDPI_PROTOCOL_RADIUS 	 146
+#define NDPI_PROTOCOL_RADIUS 	         146
 #define NDPI_PROTOCOL_WINDOWS_UPDATE 	 147
 #define NDPI_PROTOCOL_TEAMVIEWER 	 148 /* xplico.org */
-#define NDPI_PROTOCOL_TUENTI 	 149
+#define NDPI_PROTOCOL_TUENTI 	         149
 #define NDPI_PROTOCOL_LOTUS_NOTES 	 150
-#define NDPI_PROTOCOL_SAP 	 151
-#define NDPI_PROTOCOL_GTP 	 152
-#define NDPI_PROTOCOL_UPNP 	 153
-#define NDPI_PROTOCOL_LLMNR 	 154
+#define NDPI_PROTOCOL_SAP 	         151
+#define NDPI_PROTOCOL_GTP 	         152
+#define NDPI_PROTOCOL_UPNP 	         153
+#define NDPI_PROTOCOL_LLMNR 	         154
 #define NDPI_PROTOCOL_REMOTE_SCAN 	 155
-#define NDPI_PROTOCOL_SPOTIFY 	 156
-#define NDPI_CONTENT_WEBM 	 157
-#define NDPI_PROTOCOL_H323 	 158 /* Remy Mudingay <mudingay@ill.fr> */
-#define NDPI_PROTOCOL_OPENVPN 	 159 /* Remy Mudingay <mudingay@ill.fr> */
-#define NDPI_PROTOCOL_NOE 	 160 /* Remy Mudingay <mudingay@ill.fr> */
-#define NDPI_PROTOCOL_CISCOVPN 	 161 /* Remy Mudingay <mudingay@ill.fr> */
+#define NDPI_PROTOCOL_SPOTIFY 	         156
+#define NDPI_CONTENT_WEBM 	         157
+#define NDPI_PROTOCOL_H323 	         158 /* Remy Mudingay <mudingay@ill.fr> */
+#define NDPI_PROTOCOL_OPENVPN 	         159 /* Remy Mudingay <mudingay@ill.fr> */
+#define NDPI_PROTOCOL_NOE 	         160 /* Remy Mudingay <mudingay@ill.fr> */
+#define NDPI_PROTOCOL_CISCOVPN 	         161 /* Remy Mudingay <mudingay@ill.fr> */
 #define NDPI_PROTOCOL_TEAMSPEAK 	 162 /* Remy Mudingay <mudingay@ill.fr> */
-#define NDPI_PROTOCOL_TOR 	 163 /* Remy Mudingay <mudingay@ill.fr> */
-#define NDPI_PROTOCOL_SKINNY 	 164 /* Remy Mudingay <mudingay@ill.fr> */
-#define NDPI_PROTOCOL_RTCP 	 165 /* Remy Mudingay <mudingay@ill.fr> */
-#define NDPI_PROTOCOL_RSYNC 	 166 /* Remy Mudingay <mudingay@ill.fr> */
-#define NDPI_PROTOCOL_ORACLE 	 167 /* Remy Mudingay <mudingay@ill.fr> */
-#define NDPI_PROTOCOL_CORBA 	 168 /* Remy Mudingay <mudingay@ill.fr> */
+#define NDPI_PROTOCOL_TOR 	         163 /* Remy Mudingay <mudingay@ill.fr> */
+#define NDPI_PROTOCOL_SKINNY 	         164 /* Remy Mudingay <mudingay@ill.fr> */
+#define NDPI_PROTOCOL_RTCP 	         165 /* Remy Mudingay <mudingay@ill.fr> */
+#define NDPI_PROTOCOL_RSYNC 	         166 /* Remy Mudingay <mudingay@ill.fr> */
+#define NDPI_PROTOCOL_ORACLE 	         167 /* Remy Mudingay <mudingay@ill.fr> */
+#define NDPI_PROTOCOL_CORBA 	         168 /* Remy Mudingay <mudingay@ill.fr> */
 #define NDPI_PROTOCOL_UBUNTUONE 	 169 /* Remy Mudingay <mudingay@ill.fr> */
 #define NDPI_PROTOCOL_WHOIS_DAS 	 170
-#define NDPI_PROTOCOL_COLLECTD 	 171
-#define NDPI_PROTOCOL_SOCKS 	 172 /* Tomasz Bujlow <tomasz@skatnet.dk> */
-#define NDPI_PROTOCOL_MS_LYNC 	 173
-#define NDPI_PROTOCOL_RTMP 	 174 /* Tomasz Bujlow <tomasz@skatnet.dk> */
-#define NDPI_PROTOCOL_FTP_DATA 	 175 /* Tomasz Bujlow <tomasz@skatnet.dk> */
+#define NDPI_PROTOCOL_COLLECTD 	         171
+#define NDPI_PROTOCOL_SOCKS 	         172 /* Tomasz Bujlow <tomasz@skatnet.dk> */
+#define NDPI_PROTOCOL_MS_LYNC 	         173
+#define NDPI_PROTOCOL_RTMP 	         174 /* Tomasz Bujlow <tomasz@skatnet.dk> */
+#define NDPI_PROTOCOL_FTP_DATA 	         175 /* Tomasz Bujlow <tomasz@skatnet.dk> */
 #define NDPI_PROTOCOL_WIKIPEDIA 	 176 /* Tomasz Bujlow <tomasz@skatnet.dk> */
-#define NDPI_PROTOCOL_ZMQ 	 177
-#define NDPI_PROTOCOL_AMAZON 	 178 /* Tomasz Bujlow <tomasz@skatnet.dk> */
-#define NDPI_PROTOCOL_EBAY 	 179 /* Tomasz Bujlow <tomasz@skatnet.dk> */
-#define NDPI_PROTOCOL_CNN 	 180 /* Tomasz Bujlow <tomasz@skatnet.dk> */
-#define NDPI_PROTOCOL_MEGACO 	 181 /* Gianluca Costa <g.costa@xplico.org> */
-#define NDPI_PROTOCOL_REDIS 	 182
-#define NDPI_PROTOCOL_PANDO 	 183 /* Tomasz Bujlow <tomasz@skatnet.dk> */
-#define NDPI_PROTOCOL_VHUA 	 184
-#define NDPI_PROTOCOL_TELEGRAM 	 185 /* Gianluca Costa <g.costa@xplico.org> */
-#define NDPI_PROTOCOL_VEVO 	 186
-#define NDPI_PROTOCOL_PANDORA 	 187
+#define NDPI_PROTOCOL_ZMQ 	         177
+#define NDPI_PROTOCOL_AMAZON 	         178 /* Tomasz Bujlow <tomasz@skatnet.dk> */
+#define NDPI_PROTOCOL_EBAY 	         179 /* Tomasz Bujlow <tomasz@skatnet.dk> */
+#define NDPI_PROTOCOL_CNN 	         180 /* Tomasz Bujlow <tomasz@skatnet.dk> */
+#define NDPI_PROTOCOL_MEGACO 	         181 /* Gianluca Costa <g.costa@xplico.org> */
+#define NDPI_PROTOCOL_REDIS 	         182
+#define NDPI_PROTOCOL_PANDO 	         183 /* Tomasz Bujlow <tomasz@skatnet.dk> */
+#define NDPI_PROTOCOL_VHUA 	         184
+#define NDPI_PROTOCOL_TELEGRAM 	         185 /* Gianluca Costa <g.costa@xplico.org> */
+#define NDPI_PROTOCOL_VEVO 	         186
+#define NDPI_PROTOCOL_PANDORA 	         187
 #define NDPI_PROTOCOL_QUIC 	         188 /* Andrea Buscarinu <andrea.buscarinu@gmail.com> - Michele Campus <michelecampus5@gmail.com> */
 #define NDPI_PROTOCOL_WHATSAPP_VOICE 	 189
 #define NDPI_PROTOCOL_EAQ 	         190
@@ -256,8 +256,7 @@
 #define NDPI_PROTOCOL_HOTSPOT_SHIELD 	 215
 #define NDPI_PROTOCOL_HEP 	         216 /* sipcapture.org QXIP BV */
 
-/* 217 is free */
-#define NDPI_PROTOCOL_FREE_217           217
+#define NDPI_PROTOCOL_GOOGLE_DRIVE       217
 
 #define NDPI_PROTOCOL_OCS 	         218
 #define NDPI_PROTOCOL_OFFICE_365 	 219

src/lib/ndpi_content_match.c.inc

@@ -7990,11 +7990,16 @@ ndpi_protocol_match host_match[] = {
   { "facebook.com",			"Facebook",		NDPI_PROTOCOL_FACEBOOK, NDPI_PROTOCOL_CATEGORY_SOCIAL_NETWORK, NDPI_PROTOCOL_FUN },
   { "fbstatic-a.akamaihd.net",		"Facebook",		NDPI_PROTOCOL_FACEBOOK, NDPI_PROTOCOL_CATEGORY_SOCIAL_NETWORK, NDPI_PROTOCOL_FUN },
   { ".fbcdn.net",			"Facebook",		NDPI_PROTOCOL_FACEBOOK, NDPI_PROTOCOL_CATEGORY_SOCIAL_NETWORK, NDPI_PROTOCOL_FUN },
-  { "fbcdn-",				"Facebook",		NDPI_PROTOCOL_FACEBOOK, NDPI_PROTOCOL_CATEGORY_SOCIAL_NETWORK, NDPI_PROTOCOL_FUN },      /* fbcdn-video-a-akamaihd.net */
+  { "fbcdn-",				"Facebook",		NDPI_PROTOCOL_FACEBOOK, NDPI_PROTOCOL_CATEGORY_SOCIAL_NETWORK, NDPI_PROTOCOL_FUN },
   { ".facebook.net",			"Facebook",		NDPI_PROTOCOL_FACEBOOK, NDPI_PROTOCOL_CATEGORY_SOCIAL_NETWORK, NDPI_PROTOCOL_FUN },
 
   { ".speedtest.net",			"Ookla",		NDPI_PROTOCOL_OOKLA, NDPI_PROTOCOL_CATEGORY_NETWORK_TOOL, NDPI_PROTOCOL_ACCEPTABLE },
 
+  { "drive-thirdparty.",		"GoogleDrive",		NDPI_PROTOCOL_GOOGLE_DRIVE, NDPI_PROTOCOL_CATEGORY_NETWORK_TOOL, NDPI_PROTOCOL_SAFE },
+  { "docs.",				"GoogleDrive",		NDPI_PROTOCOL_GOOGLE_DRIVE, NDPI_PROTOCOL_CATEGORY_NETWORK_TOOL, NDPI_PROTOCOL_SAFE },
+  { ".docs.",				"GoogleDrive",		NDPI_PROTOCOL_GOOGLE_DRIVE, NDPI_PROTOCOL_CATEGORY_NETWORK_TOOL, NDPI_PROTOCOL_SAFE },
+  { "drive.",				"GoogleDrive",		NDPI_PROTOCOL_GOOGLE_DRIVE, NDPI_PROTOCOL_CATEGORY_NETWORK_TOOL, NDPI_PROTOCOL_SAFE },
+
   { "google.",				"Google",		NDPI_PROTOCOL_GOOGLE, NDPI_PROTOCOL_CATEGORY_WEB, NDPI_PROTOCOL_ACCEPTABLE },
   { ".google.",				"Google",		NDPI_PROTOCOL_GOOGLE, NDPI_PROTOCOL_CATEGORY_WEB, NDPI_PROTOCOL_ACCEPTABLE },
   { ".gstatic.com",			"Google",		NDPI_PROTOCOL_GOOGLE, NDPI_PROTOCOL_CATEGORY_WEB, NDPI_PROTOCOL_ACCEPTABLE },
@@ -8013,8 +8018,8 @@ ndpi_protocol_match host_match[] = {
   { "maps.google.",			"GoogleMaps",		NDPI_PROTOCOL_GOOGLE_MAPS, NDPI_PROTOCOL_CATEGORY_WEB, NDPI_PROTOCOL_ACCEPTABLE },
   { "maps.gstatic.com",			"GoogleMaps",		NDPI_PROTOCOL_GOOGLE_MAPS, NDPI_PROTOCOL_CATEGORY_WEB, NDPI_PROTOCOL_ACCEPTABLE },
 
-  { ".gmail.",				"GMail",		NDPI_PROTOCOL_GMAIL, NDPI_PROTOCOL_CATEGORY_UNSPECIFIED, NDPI_PROTOCOL_SAFE },
-  { "mail.google.",			"GMail",		NDPI_PROTOCOL_GMAIL, NDPI_PROTOCOL_CATEGORY_UNSPECIFIED, NDPI_PROTOCOL_SAFE },
+  { ".gmail.",				"GMail",		NDPI_PROTOCOL_GMAIL, NDPI_PROTOCOL_CATEGORY_WEB, NDPI_PROTOCOL_SAFE },
+  { "mail.google.",			"GMail",		NDPI_PROTOCOL_GMAIL, NDPI_PROTOCOL_CATEGORY_WEB, NDPI_PROTOCOL_SAFE },
 
   { "mail.outlook.com",                 "Hotmail",              NDPI_PROTOCOL_HOTMAIL, NDPI_PROTOCOL_CATEGORY_UNSPECIFIED, NDPI_PROTOCOL_SAFE },
 

src/lib/ndpi_main.c

@@ -1628,7 +1628,6 @@ static void ndpi_init_protocol_defaults(struct ndpi_detection_module_struct *ndp
 			    ndpi_build_default_ports(ports_b, 655, 0, 0, 0, 0) /* UDP */);
     
 /* To be removed as soon as we define new protocols */
-    ndpi_init_placeholder_proto(ndpi_mod, ports_a, ports_b, no_master, NDPI_PROTOCOL_FREE_217);
     ndpi_init_placeholder_proto(ndpi_mod, ports_a, ports_b, no_master, NDPI_PROTOCOL_FREE_224);
 
     /* calling function for host and content matched protocols */