Ivan Nardi
65e31b0ea3
FPC: small improvements ( #2512 )
...
Add printing of fpc_dns statistics and add a general cconfiguration option.
Rework the code to be more generic and ready to handle other logics.
2024-07-22 17:42:23 +02:00
Ivan Nardi
456f0fd427
Improve detection of Cloudflare WARP traffic ( #2491 )
...
See: #2484
2024-07-04 08:59:04 +02:00
Ivan Nardi
843e487270
Add infrastructure for explicit support of Fist Packet Classification ( #2488 )
...
Let's start with some basic helpers and with FPC based on flow addresses.
See: #2322
2024-07-03 18:02:07 +02:00
Toni
8fd649ab1e
Add Ripe Atlas probe protocol. ( #2473 )
...
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
2024-06-17 11:00:38 +02:00
Nardi Ivan
526cf6f291
Zoom: remove "stun_zoom" LRU cache
...
Since 070a0908b
2024-06-17 10:19:55 +02:00
Toni
80171dbcf3
Add ZUG consensus protocol dissector. ( #2458 )
...
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
2024-05-28 20:29:48 +02:00
Luca
44a290286b
More NDPI_PROBING_ATTEMPT changes
2024-05-22 18:04:33 +02:00
Ivan Nardi
0109014f2c
Follow-up of 2093ac5bf ( #2451 )
2024-05-21 12:47:25 +02:00
Luca Deri
2093ac5bf6
Minor dissector optimizations
2024-05-20 12:17:04 +02:00
Vladimir Gavrilov
3d1da00d8d
Add Call of Duty Mobile support ( #2438 )
2024-05-15 12:46:02 +02:00
Ivan Nardi
0110623b4e
H323: improve detection and avoid false positives ( #2432 )
2024-05-11 23:39:54 +02:00
Vladimir Gavrilov
2d33431948
Add Ethernet Global Data support ( #2437 )
2024-05-11 16:49:16 +02:00
Ivan Nardi
95fe21015d
Remove "zoom" cache ( #2420 )
...
This cache was added in b6b4967aa63f349319
2024-05-06 12:51:45 +02:00
Ivan Nardi
b7d77972bc
Remove workaround for TCP flows with multiple SYNs ( #2421 )
...
Deciding when a session starts and ends is responsability of the
applicationi (via its flow manager)i, not of the library.
BTW, the removed code is incomplete at beast
2024-05-06 10:20:40 +02:00
Ivan Nardi
266af02752
Merge RTP and RTCP logic ( #2416 )
...
Avoid code duplication between these two protocols.
We remove support for RTCP over TCP; it is quite rare to find this kind
of traffic and, more important, we have never had support for RTP
over TCP: we should try to add both detecion as follow-up.
Fix a message log in the LINE code
2024-05-06 10:19:46 +02:00
Ivan Nardi
a6fd981fcf
eDonkey: improve/update classification ( #2410 )
...
eDonkey is definitely not as used as >10 years ago, but it seems it is
still active.
While having a basic TCP support seems easy, identification over UDP doesn't
work and it is hard to do it rightly (packets might be only 2 bytes long):
remove it.
Credits to V.G <v.gavrilov@securitycode.ru>
2024-05-04 19:11:31 +02:00
0x41CEA55
fd388845d5
Add BFCP protocol support ( #2401 )
2024-04-23 15:35:19 +02:00
0x41CEA55
905120588b
Remove obsolete protocols: tuenty, tvuplayer and kontiki ( #2398 )
2024-04-19 21:35:32 +02:00
0x41CEA55
e75d7a620e
Add KNXnet/IP protocol support ( #2397 )
...
* Add KNXnet/IP protocol support
* Improve KNXnet/IP over TCP detection
2024-04-19 12:54:00 +02:00
Vladimir Gavrilov
c63697205b
Add Label Distribution Protocol support ( #2385 )
...
* Add Label Distribution Protocol support
* Fix typo
* Update unit test results
2024-04-12 17:44:36 +02:00
Vladimir Gavrilov
5b32c98a21
Add LoL: Wild Rift detection ( #2356 )
2024-03-26 08:11:14 +01:00
Nardi Ivan
15a80527c6
STUN: remove workaround to identify RTP traffic
...
We are able to demultiplex RTP packets in STUN flows since 3608ab01b
2024-03-20 09:39:15 +01:00
Vladimir Gavrilov
e6474d835f
Add FLUTE protocol dissector ( #2351 )
...
* Add FLUTE protocol dissector
* Add flute.c to MSVC project
2024-03-19 09:11:04 +01:00
Vladimir Gavrilov
8fad77991d
Add PFCP protocol dissector ( #2342 )
2024-03-13 20:18:43 +01:00
Vladimir Gavrilov
58fdc9fafb
Add Naraka Bladepoint detection support ( #2334 )
2024-03-04 08:30:54 +01:00
Vladimir Gavrilov
f2e3c7fb90
Add BFD protocol dissector ( #2332 )
2024-02-29 08:19:00 +01:00
Vladimir Gavrilov
66b6e2b3f2
Add DLEP protocol dissector ( #2326 )
2024-02-20 16:05:41 +01:00
Vladimir Gavrilov
e93bcfd619
Add ANSI C12.22 protocol dissector ( #2317 )
...
* Add ANSI C12.22 protocol dissector
* Add UDP sample
2024-02-15 09:36:06 +01:00
Ivan Nardi
ae36648c6c
Skype: remove old detection logic ( #1954 )
...
Skype has been using standard protocols (STUN/ICE or TLS) for a long,
long time, now. Long gone are the days of Skype as a distribuited
protocol.
See: #2166
2024-02-12 18:39:24 +01:00
Vladimir Gavrilov
f5cec001f3
Add detection of Gaijin Entertainment games ( #2311 )
...
* Add detection of Gaijin Entertainment games
* Short NDPI_PROTOCOL_GAIJINENTERTAINMENT to NDPI_PROTOCOL_GAIJIN
* Add default UDP port for Gaijin Entertainment games
* Remove NDPI_PROTOCOL_CROSSOUT protocol id
2024-02-09 11:07:48 +01:00
Luca Deri
47f72443fa
Implemented CIP I/O (UDP version of the CIP protocol), Common Industrial protocol
2024-01-29 13:28:41 +01:00
Toni
7d24e1258d
Add Yojimbo (netcode) protocol dissector ( #2277 )
...
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
2024-01-21 17:47:42 +01:00
Ivan Nardi
eb129297e9
Add a dedicated dissector for Zoom ( #2265 )
...
Move it from the RTP code and extend it
2024-01-19 10:01:38 +01:00
Vladimir Gavrilov
6ac2ce84f8
Add Mumble detection support ( #2269 )
2024-01-19 07:46:51 +01:00
Vladimir Gavrilov
248f3d5588
Rework Steam detection (part 1) ( #2264 )
...
* Clean up Steam dissector
* Add Steam Datagram Relay dissector
* Update docs
* Update test results
* Remove csgo.c from MSVC project
* Small fixes
* Add Steam TLS pcap sample
* Merge Steam pcap samples into single one
* Fix typo
* Update test results
2024-01-18 19:23:44 +01:00
Nardi Ivan
0712d496fe
config: allow configuration of guessing algorithms
2024-01-18 10:21:24 +01:00
