vrr/nDPI
2
0
Fork 0
mirror of https://github.com/vel21ripn/nDPI.git synced 2026-05-01 00:19:42 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 5
4188 commits 9 branches 12 tags 263 MiB
Commit graph

22 commits

Author SHA1 Message Date
Ivan Nardi
3e06bcce8d
Add another example of custom rules (#1923) 
Add an example where traffic matching the same IP, but different ports
is classified to different protocols.

Close #189
 2023-03-30 08:45:17 +02:00
Luca Deri
b3457c644f Removed overlapping port 2023-03-21 19:27:56 +01:00
Ivan Nardi
9fc724de5a
Add some fuzzers to test other data structures. (#1870) 
Start using a dictionary for fuzzing (see:
https://llvm.org/docs/LibFuzzer.html#dictionaries).
Remove some dead code.
Fuzzing with debug enabled is not usually a great idea (from performance
POV). Keep the code since it might be useful while debugging.
 2023-01-25 11:44:59 +01:00
Ivan Nardi
e9d5e72fb5
Fix infinite loop when a custom rule has port 65535 (#1833) 
Close #1829
 2022-12-21 10:55:14 +01:00
Luca Deri
57562b3dfe Updated test results 2022-12-05 21:32:45 +01:00
Luca Deri
1d0bc7c350 Finalized nBPF support. You can now define custom protocols such as 
(see exaple/protos.txt)

nbpf:"host 192.168.1.1 and port 80"@HomeRouter

In order to have nBPF support, you need to compile nDPI with it. Just download
https://github.com/ntop/PF_RING in the same directory where you have downloaded
nDPI and compile PF_RING/userland/nbpf
 2022-09-21 00:03:12 +02:00
Luca
6679453d86 Adds some risk exceptions for popular services and domain names 
via a new (internal) function named ndpi_add_domain_risk_exceptions()
 2022-01-17 09:00:25 +01:00
Luca Deri
406ac7e8c8 Added the ability to specify trusted issueDN often used in companies to self-signed certificates 
This allows to avoid triggering alerts for trusted albeit private certificate issuers.

Extended the example/protos.txt with the new syntax for specifying trusted issueDN.
Example:

trusted_issuer_dn:"CN=813845657003339838, O=Code42, OU=TEST, ST=MN, C=US"
 2022-01-13 19:06:21 +01:00
Luca Deri
4cafa7cb1e Improved risk detection mask algorithm 2021-07-26 09:38:53 +02:00
Luca Deri
526568fcd5 Risk check improvement 2021-07-24 16:18:18 +02:00
Luca Deri
8ea8ba8e9b Fixed risk mask implementation 2021-07-23 08:29:36 +02:00
Luca Deri
b01b60a2b5 Implementation of flow risk eception (work in progress) 2021-07-22 01:35:57 +02:00
morefigs
53415c8855
Added missing comma (#1116) 
I presume there is a comma missing in this comma separated list.
 2021-01-21 08:58:42 +01:00
Luca Deri
84f66b4d6b Introduced custom protocols with IP and (optional) port support 
Example

- Single IP address
  ip:213.75.170.11@CustomProtocol

- IP address with CIDR
  ip:213.75.170.11/32@CustomProtocol

- IP address with CIDR and port
  ip:213.75.170.11/32:443@CustomProtocol

Please note that there are some restrictions on the port
usage. They have been listed in example/protos.txt
 2020-05-06 12:51:44 +02:00
Luca Deri
427002d14f Reworked protocol handling chnging it is u_int16_t 2020-05-06 00:31:40 +02:00
Luca Deri
711ba99eaa Added detection of Microsoft Teams 2020-04-16 15:23:07 +02:00
Ravi Kerur
6b8234d938 Xbox and PS4 static port classification. 
Signed-off-by: Ravi Kerur <ravi.kerur@viasat.com>
 2019-07-23 09:56:15 -07:00
Josh Soref
d332370298 spelling: googlesyndication 2017-03-12 21:37:41 +00:00
Luca Deri
73358d5ec2 Added check for removing characters from nDPI custom-defined protocols that might cause apps to misbehave. 2015-07-16 21:01:30 +02:00
george.vakras@gmail.com
b16ff0a3dc Fix ip based protocol example in protos.txt 2015-06-17 14:14:19 +02:00
george.vakras@gmail.com
7391fe0c5e Allow loading host IP based protocols from protos.txt 2015-06-15 09:50:13 +02:00
Luca Deri
2e5ceac844 Initial import from SVN 2015-04-19 07:25:59 +02:00