vrr/nDPI
2
0
Fork 0
mirror of https://github.com/vel21ripn/nDPI.git synced 2026-05-05 19:15:12 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 6
2632 commits 9 branches 12 tags 263 MiB
Commit graph

64 commits

Author SHA1 Message Date
Luca Deri
36af97a14c Minor HLL fixes 2020-07-22 14:40:15 +02:00
Luca Deri
f6242f0e46 HLL memory usage notes 2020-07-22 11:28:14 +02:00
Luca Deri
9f3e3e8456 Add ndpi_hll_reset() API call 
Fixes bug in ndpi_data_window_average() with zero points
 2020-07-15 10:30:45 +02:00
Luca Deri
8de62c6d34 Values stored in patricia tree are now 32 bit (they used to be 16 bit) long 2020-06-26 17:49:45 +02:00
Luca Deri
60aaa80570 Added HyperLogLog cardinality estimator API calls 
/* Memory lifecycle */
int ndpi_hll_init(struct ndpi_hll *hll, u_int8_t bits);
void ndpi_hll_destroy(struct ndpi_hll *hll);

/* Add values */
void ndpi_hll_add(struct ndpi_hll *hll, const char *data, size_t data_len);
void ndpi_hll_add_number(struct ndpi_hll *hll, u_int32_t value) ;

/* Get cardinality estimation */
double ndpi_hll_count(struct ndpi_hll *hll);
 2020-06-10 23:43:35 +02:00
Luca Deri
64fab4a478 Win fixes 2020-06-08 23:08:12 +02:00
Luca Deri
2ccd2c204b API cleanup for indetifying explicitly in automa's what we're searching (protocol or category) 
Removed hyperscan support that is apperently unused
 2020-05-06 23:19:59 +02:00
Luca Deri
263547e77d Updated automa API to use 32 bit values splits from protocol/categpry 2020-05-06 21:57:32 +02:00
Luca Deri
84f66b4d6b Introduced custom protocols with IP and (optional) port support 
Example

- Single IP address
  ip:213.75.170.11@CustomProtocol

- IP address with CIDR
  ip:213.75.170.11/32@CustomProtocol

- IP address with CIDR and port
  ip:213.75.170.11/32:443@CustomProtocol

Please note that there are some restrictions on the port
usage. They have been listed in example/protos.txt
 2020-05-06 12:51:44 +02:00
Luca Deri
7855e0318d Various fixes to patricia tree handling 2020-05-06 11:13:57 +02:00
Luca Deri
48282369e2 False positive fixes 2020-05-06 01:34:55 +02:00
Luca Deri
427002d14f Reworked protocol handling chnging it is u_int16_t 2020-05-06 00:31:40 +02:00
Nardi Ivan
b40732d8a5 Fix an harmless memory leak 
Leak introduced in 90e08b35, while fixing #845
 2020-04-08 15:15:34 +02:00
Luca Deri
dd80ec869a Fixes #837 2020-02-19 23:44:22 +01:00
Luca Deri
90e08b3568 Fixes #845 2020-02-19 23:38:33 +01:00
MrTiz9
3422574c17 FIXED - nDPI now detect RCE injections via PCRE instead Intel Hyperscan 2020-02-01 17:18:35 +01:00
MrTiz9
5c8c2d843a nDPI now detect RCE injections via PCRE instead Intel Hyperscan - BUGGY, DOES NOT COMPILE 2020-01-30 15:08:26 +01:00
MrTiz9
daa1171593 nDPI now detect RCE in HTTP GET requests 2020-01-24 17:16:18 +01:00
Luca Deri
14e5adc7c2 Win fixes 2019-12-14 15:05:47 +01:00
Luca Deri
65d526d8f6 Code cleanup 2019-12-09 15:28:44 +01:00
MrTiz9
606ff10ecf Integration of the libinjection library to detect SQL injections and XSS type attacks in HTTP requests 2019-12-05 18:09:43 +01:00
Luca
0558d641f2 Added ndpi_finalize_initalization() initialization function 2019-11-07 19:28:16 +00:00
Luca Deri
c247a9d191 Code cleanup 2019-10-02 23:25:05 +02:00
emanuele-f
7f510c10fe Fix double free after b19bfa1e20 2019-10-02 16:26:52 +02:00
emanuele-f
b19bfa1e20 Fixes leaks in ndpi_add_host_url_subprotocol 
It is now possible to deallocate strings in ac_automata_release via
an additional parameter
 2019-10-02 14:02:19 +02:00
Luca Deri
659f75138c TLS cerficate hash calculation 2019-09-14 12:38:58 +02:00
Luca Deri
e7c0ac37d8 Implemented HASSH (https://github.com/salesforce/hassh) 2019-08-22 19:25:58 +02:00
Stuart Reilly
f3161309ff Fix missing braces 2019-06-28 16:21:49 +01:00
Stuart Reilly
79634a6789 Fix two resource leaks 2019-06-28 16:11:33 +01:00
Stuart Reilly
bc1b4885de Fix potential NULL deref in libcache 2019-06-28 16:00:32 +01:00
Luca Deri
efef99cbad Removed this party LRU and replaced with home grown 2019-01-17 00:40:28 +01:00
Luca Deri
92ad057332 Added Ookla cache 2018-12-17 22:33:58 +01:00
Luca Deri
977751efdb Added ndpi_flowv4_flow_hash and ndpi_flowv6_flow_hash skeletons for 
implementing https://github.com/corelight/community-id-spec
 2018-11-14 15:24:15 +01:00
Luca Deri
90ca91caa8 Renamed files to avoid name clashes during compilation with other libs 2018-09-29 08:38:00 +02:00
Luca Deri
1f24adc9cd Renamed source files to avoid clashes 2018-09-29 08:28:26 +02:00
Campus
ff83bfbad0 ADD: add prototype of function ht_free in hash.h - DEL: delete include file .c in ndpi_main.c 2018-08-23 11:22:21 +02:00
Luca Deri
1a6a9593fb Changed type to ease compilation accross platforms 2018-08-20 14:49:59 +02:00
Luca Deri
9847c2ccbb Generic protocol cleanup (work in progress) 2018-08-16 12:03:09 +02:00
Luca Deri
dc9409ae12 Added missing include 2018-06-05 23:02:24 +02:00
Luca Deri
6b16ad709e Fix for #560 2018-05-29 22:50:18 +02:00
Luca Deri
5d3ac78250 Fixed memory leak 
Optimized memory usage
 2018-05-18 10:15:05 +02:00
Luca Deri
dcdd7562f4 Implemented hash-based categories 2018-05-16 00:09:12 +02:00
Vitaly Lavrov
c3f5307a3d Update libcache 
Using ndpi_calloc(), ndpi_free() in libcache.
Fixing warnings about mixing declaration and code.
 2018-02-06 14:06:38 +03:00
Luca Deri
8d52491508 Added simplified makefile 
Fixed small warnings
Compilation fixes
 2017-12-25 19:26:17 +01:00
Vitaly Lavrov
25a4569e67 Fix undefined behavior (detected by gcc): 
ndpi_define.h.in:218: Macros NDPI_SET(), NDPI_CLR(), NDPI_ISSET()
  runtime error: left shift of 1 by 31 places cannot be represented in type 'int'

http.c:364: strncpy((char*)flow->protos.http.nat_ip,(char*)packet->forwarded_line.ptr,len);
 runtime error: null pointer passed as argument 2, which is declared to never be null

ndpi_patricia.c:ndpi_comp_with_mask(): int m = ((-1) << (8 - (mask % 8)));
  runtime error: left shift of negative value -1

Original function ndpi_comp_with_mask() is unreadable and slow.
We have only 2 type of address: 32 bit and 128 bit. The optimized version works 6 times faster (IPv4).
 2017-10-03 16:43:23 +03:00
Luca Deri
e6b594a626 Fixed TINC bug (cache usage) 
Merged MS Lync with Skype (Microsoft renamed MS Lync in Skype for Business)
Renumbered Nintendo protocols in former MS Lync that was no longer used
Fix for #425
 2017-07-27 00:18:15 +02:00
Michele Campus
1b5b38a3ba Merge pull request #391 from deselmo/dev 
Updated libcache's license
 2017-06-02 12:13:55 +02:00
William Guglielmo
e1b5b54c4c Update license libcache 2017-06-02 00:29:04 +02:00
cardigliano
22b7b407c3 compilation fix 2017-06-01 18:13:31 +02:00
William Guglielmo
b08fbe46c0 Delete test.c 2017-05-30 21:04:57 +02:00