vrr/nDPI
2
0
Fork 0
mirror of https://github.com/vel21ripn/nDPI.git synced 2026-05-03 01:10:17 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 5
3936 commits 9 branches 12 tags 263 MiB
Commit graph

792 commits

Author SHA1 Message Date
Luca Deri
e5e69d0f7a Added the ability to detect when a known protocol is using a non-standard port 
Added check to spot executables exchanged via HTTP
 2020-05-10 21:25:38 +02:00
Luca Deri
4a09b4efa0 Added TLS issuerDN and subjectDN 2020-05-07 18:44:51 +02:00
Luca Deri
84f66b4d6b Introduced custom protocols with IP and (optional) port support 
Example

- Single IP address
  ip:213.75.170.11@CustomProtocol

- IP address with CIDR
  ip:213.75.170.11/32@CustomProtocol

- IP address with CIDR and port
  ip:213.75.170.11/32:443@CustomProtocol

Please note that there are some restrictions on the port
usage. They have been listed in example/protos.txt
 2020-05-06 12:51:44 +02:00
Luca Deri
427002d14f Reworked protocol handling chnging it is u_int16_t 2020-05-06 00:31:40 +02:00
Luca Deri
0bf809f8e5
Merge pull request #884 from lnslbrty/dev 
Added missing ndpiReader dependency for the install target
 2020-04-27 23:27:26 +02:00
Nardi Ivan
097127c31d Fix heap-overflow error in CAPWAP detunneling code 2020-04-24 10:42:52 +02:00
Nardi Ivan
c2ebbb15ad Fix "division by zero" runtime error 2020-04-23 14:24:49 +02:00
Nardi Ivan
f965983c23 Add basic support for some ip-in-ip tunnels 
Add support for 4in4, 6in6 and 4in6 encapsulations
Add support for ipv6 traffic in gtp tunnels, too

To allow gtp unit test, gtp detunneling flag has been globally enabled
in the test suite
 2020-04-23 10:55:33 +02:00
Toni Uhlig
8d8e61b256
Added missing ndpiReader dependency for the install target 
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
 2020-04-22 21:51:57 +02:00
Luca Deri
019b51bb17
Merge pull request #879 from IvanNardi/warnings 
Fix some compilation warnings
 2020-04-21 19:23:57 +02:00
Philippe Antoine
1b73f7372e Gets right protocol after IPv6 header 2020-04-21 15:34:53 +02:00
Nardi Ivan
b1a6c6b895 Fix some compilation warnings 2020-04-20 16:53:39 +02:00
Luca Deri
25cd2a23a6 Compilation fixes 2020-04-20 15:08:51 +02:00
Philippe Antoine
c2b2692e65 Seeting right flow protocol after IP6 extensions 
Finally fixing https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20727
 2020-04-18 14:39:57 +02:00
Philippe Antoine
da0889d3ba Adds bound check before calling ndpi_handle_ipv6_extension_headers 2020-04-17 22:21:03 +02:00
Luca Deri
a766de7b94
Merge pull request #876 from a-czyrny/dev 
additional csv semicolon fix
 2020-04-17 10:34:41 +02:00
Luca Deri
711ba99eaa Added detection of Microsoft Teams 2020-04-16 15:23:07 +02:00
Alexander Czyrny
32d25bfdaf additional csv semicolon fix 
Created function correct_csv_data_field to pevent duplicated code. Additionally used for _flow->ndpi_flow->protos.stun_ssl.ssl.alpn_ and _flow->ndpi_flow->protos.stun_ssl.ssl.tls_supported_versions_ to guarantee a valid csv output (commas replaced by semicolon) .
 2020-04-16 14:12:48 +02:00
Luca Deri
f4c24663fc
Merge pull request #874 from catenacyber/fuzz6fix 
Fuzz6fix
 2020-04-15 18:05:16 +02:00
Philippe Antoine
cf47ba234a Use ndpi_handle_ipv6_extension_headers in reader_util 2020-04-15 16:19:57 +02:00
Philippe Antoine
c1baf1516d Adds bound check for TZSP 2020-04-15 15:50:58 +02:00
Alexander Czyrny
32ab88a26e
Fix for missing line breaks in CSV file 
If "-v" is used as an argument, the line breaks are missing in the csv file ("-C"), because the argument "-J" is assumed. Moving the condition for the CSV file handler out of the scope of the "enable_joy_stats" condition removes this dependency and the CSV file is formatted correctly.
 2020-04-15 10:12:37 +02:00
Nardi Ivan
e84563f971 ndpiReader: fix memory leak in idle sessions purging 2020-04-08 15:15:34 +02:00
Nardi Ivan
a60854bae6 Fix some debug messages 2020-04-08 15:15:34 +02:00
Luca Deri
db8497778d Fixes #853 and adds a self check for duplicates 2020-04-07 19:17:37 +02:00
Philippe Antoine
e9195589d2 Checks enough data for UDP header 2020-03-19 16:44:53 +01:00
Luca Deri
34ad06fef5 Compilation fix 2020-02-28 16:03:27 +01:00
Philippe Antoine
5fc9d41eb0 Run ndpi_detection_process_packet only with payload 
Real problem is decapsulation of all ipv6 headers
 2020-02-26 17:05:08 +01:00
Philippe Antoine
83fdfe24d0 Fix read overflow before UDP header 2020-02-26 16:16:29 +01:00
Philippe Antoine
3eb9907dd7 Fix various buffer over reads 2020-02-18 11:50:22 +01:00
Luca Deri
fdf8dd724f Minor fix 2020-02-17 22:15:36 +01:00
Philippe Antoine
bf7dcd63c3 Checks length for next ip header 2020-02-14 14:18:31 +01:00
Philippe Antoine
b287dccecf Checks l4 size against l3 size 2020-02-14 14:02:19 +01:00
emanuele-f
cb34c6b233 Add fpic in the reader 2020-02-14 12:06:55 +01:00
emanuele-f
fd94270507 Remove decimals in test results for IAT, packet lengths and goodput ratio 2020-02-14 11:42:20 +01:00
Luca Deri
83bbb4cb69 Compliation warning fixes 2020-02-08 11:24:40 +01:00
Luca Deri
33d761a55a
Merge pull request #838 from catenacyber/fix2 
Adds missing checks
 2020-02-08 11:20:54 +01:00
Luca Deri
5cad39f0e8 Added export of TLS supported version in TLS header 2020-02-07 23:26:03 +01:00
Luca Deri
3be263aafc Added TLS ALPN support 2020-02-07 21:54:04 +01:00
Luca Deri
fa26c62b0c Fix for IPv6 address format across the various platforms/distributions 2020-02-04 22:50:08 +01:00
Luca Deri
2701cc9491 Warnign fix 2020-02-04 22:34:08 +01:00
Luca Deri
88fc9232ff Code improvements 2020-02-04 22:31:02 +01:00
Luca Deri
0703ab5ac5 Improved DNS response decoding 
The first decoded address is now reported by ndpiReader
 2020-02-04 22:16:54 +01:00
Philippe Antoine
418ea234ae Adds missing checks 
Found by fuzzing
 2020-02-03 22:38:31 +01:00
Luca Deri
5b11c2ffc5
Merge pull request #836 from MrTiz9/dev 
nDPI now detects RCE injections in HTTP requests
 2020-02-02 16:19:26 +01:00
MrTiz9
b3138d5e3e Merge branch 'dev' of https://github.com/ntop/nDPI into dev-unstable 2020-02-01 13:47:42 +01:00
Philippe Antoine
0bf2ca56a8 Uses ip_size in get_ndpi_flow_info6 2020-01-31 15:37:36 +01:00
Philippe Antoine
b97360d931 Fix infinite loop in ndpi_workflow_process_packet 2020-01-31 15:26:34 +01:00
Luca Deri
c68ea3067b Added libpcre lib if present 2020-01-30 22:24:24 +01:00
MrTiz9
daa1171593 nDPI now detect RCE in HTTP GET requests 2020-01-24 17:16:18 +01:00