vrr/nDPI
2
0
Fork 0
mirror of https://github.com/vel21ripn/nDPI.git synced 2026-04-29 23:49:41 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 6
2582 commits 9 branches 12 tags 263 MiB
Commit graph

539 commits

Author SHA1 Message Date
Luca Deri
9d8967236e
Merge pull request #957 from lnslbrty/fix/build 
Fix/build
 2020-07-09 17:27:53 +02:00
Luca Deri
d658ac9e61 Added -b to ndpiReader to evaluate bins 2020-07-09 00:15:21 +02:00
Toni Uhlig
f75984633b
ndpiSimpleIntegration should not be included in a static library 
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
 2020-07-08 23:47:51 +02:00
Toni Uhlig
20fed83e0f
Removed csv_fp as external symbol. Instead passing csv_fp through as argument. 
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
 2020-07-08 23:21:35 +02:00
Nardi Ivan
fd6a5bc1cd Fix memory leak reported in #955 
This leak is clearly happening because of missing/disabled code in "bins"
handling.
This is a trivial workaround useful until such code is completed.
In this way tavis-ci will stop complaining
 2020-07-08 11:30:39 +02:00
Luca Deri
fb04dbbc47 Added testing bin code 2020-07-07 19:18:43 +02:00
Luca Deri
f1dd8bc8c5 Memory allocation fixes 2020-07-07 17:32:26 +02:00
Toni Uhlig
e308e59002
fixed memory leak in ndpi_cluster_bins / binUnitTest 
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
 2020-07-07 17:07:20 +02:00
Luca Deri
1c60c22893 Added ndpi_cluster_bins() for clustering bins and ancillary functions for bins manipulation 2020-07-07 15:10:51 +02:00
Luca Deri
db707e0829
Merge pull request #932 from IvanNardi/log 
Log
 2020-07-07 14:43:32 +02:00
Nardi Ivan
030f3f3d48 Fix a memory leak 2020-07-07 10:27:57 +02:00
Toni Uhlig
de25ba7d0b
Fixed heap overflow caused by missing lengthcheck in reader uutil. 
* triggered by fuzz traces from wireshark

Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
 2020-07-06 23:30:40 +02:00
Luca Deri
513c857631 Added unit test 2020-07-03 14:43:14 +02:00
Nardi Ivan
974c1cc681 Improve help message of --dbg-proto option 
Make it clear that such option is general, not about extcap
functionality
 2020-07-02 09:42:53 +02:00
Nardi Ivan
c08693fda5 Incorporated some feedback 2020-07-01 20:16:16 +02:00
Luca Deri
392ce44573 Added ndpi_print_bin() API call 2020-06-29 22:36:46 +02:00
Luca Deri
2c263bc726 Added ndpi_bin_similarity() for computing bin similarity 2020-06-29 19:09:38 +02:00
Nardi Ivan
b24f5c4c0a Fix memory leak about purged/expired flows 
Create an helper to avoid similar errors in the future
Fixes: 1a62f4c7
 2020-06-28 12:05:12 +02:00
Nardi Ivan
ece5d3e199 Fix (harmless) memory leaks when DPDK is enabled 2020-06-28 12:05:12 +02:00
Nardi Ivan
2cdf7ce806 Fix startup when DPDK is enabled 
Fixes:a58c838c4
 2020-06-28 12:05:12 +02:00
Nardi Ivan
2effa57d8a ndpiReader: fix ports statistics 
They should take idle/expired flows into account, too
 2020-06-28 12:05:12 +02:00
Nardi Ivan
56d87186f7 Fix compilation with --enable-debug-messages flag 
NDPI_LOG* macros dereference ndpi_detection_module_struct object which is
private to ndpi library (via NDPI_LIB_COMPILATION define). So we can't use
them outside the library itself, i.e. in ndpiReader code
Therefore, in files in example/, convert all (rare) uses of NDPI_LOG* macros
to a new very simple macro, private to ndpiReader program. If necessary,
such macro may be improved.

According to a comment in ndpi_define.h, each dissector must define its own
NDPI_CURRENT_PROTO macro before including ndpi_api.h file
 2020-06-26 12:04:02 +02:00
Nardi Ivan
70a926088f Fixed harmless memory leak in extcap initialization 2020-06-25 18:02:03 +02:00
Nardi Ivan
6b69e7ebbc Restore extcap functionality, i.e. integration with wireshark 2020-06-25 18:02:03 +02:00
lucaderi
ecdf7df454 Compilation fixes for non-Linux (or outdated Linux) platforms 2020-06-25 10:25:24 +02:00
Luca Deri
2350daa2dc
Merge pull request #928 from lnslbrty/added/yet-another-ndpi-integration-example 
PROPOSAL: ndpiSimpleIntegration: added another integration example
 2020-06-25 10:05:49 +02:00
Toni Uhlig
17c26911fb
ndpiSimpleIntegration: added another integration example 
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
 2020-06-24 22:03:18 +02:00
Toni Uhlig
39800c88fa
Fixed unitialized values in ndpiReader protocol detection bitmask during dga selftest. 
* make ./tests/vagrind_test.sh directory agnostic

Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
 2020-06-23 17:23:56 +02:00
Luca Deri
d9af1562f0 Fixes #906 
Packet bins are not printed wehn empty
 2020-06-22 14:30:26 +02:00
Luca Deri
1a62f4c799 Added ndpi_bin_XXX API 
Added packet lenght distribution bins
 2020-06-22 01:02:54 +02:00
Luca Deri
b2c24558c5 DGA detection improvements 2020-06-18 00:17:30 +02:00
Luca Deri
46d96e7f32 Added checks for DGA detection 2020-06-17 19:46:37 +02:00
Luca Deri
55364ef0b4 Added DGA risk for names that look like a DGA 2020-06-11 18:51:53 +02:00
Luca Deri
60aaa80570 Added HyperLogLog cardinality estimator API calls 
/* Memory lifecycle */
int ndpi_hll_init(struct ndpi_hll *hll, u_int8_t bits);
void ndpi_hll_destroy(struct ndpi_hll *hll);

/* Add values */
void ndpi_hll_add(struct ndpi_hll *hll, const char *data, size_t data_len);
void ndpi_hll_add_number(struct ndpi_hll *hll, u_int32_t value) ;

/* Get cardinality estimation */
double ndpi_hll_count(struct ndpi_hll *hll);
 2020-06-10 23:43:35 +02:00
Luca Deri
43ddbfdfba Merge branch 'dev' of https://github.com/ntop/nDPI into dev 2020-06-06 11:30:47 +02:00
Luca Deri
801c9481cb Removed some obsolete protocols (battlefield, oscar, pcanywhere, tvants) 2020-06-06 11:29:03 +02:00
Alfredo Cardigliano
2beecdc8af Handle EOR in TLV test 2020-06-06 11:18:17 +02:00
Luca Deri
605d548d4a removed obsolete yahoo plugin 2020-06-06 09:38:19 +02:00
Alfredo Cardigliano
0da76fdac6 Support for multiple records in CSV serialization 2020-06-05 17:28:27 +02:00
Luca Deri
597d6e5d60
Merge pull request #913 from yskcg/fix_segment_fault_dev 
Fix segment fault dev
 2020-06-05 16:57:46 +02:00
Alfredo Cardigliano
67c72a8cb5 Add ndpi_serializer_get_header API (CSV only) 2020-06-05 16:52:26 +02:00
ysk
52893d99f6 fix segment fault cause by the ssl.server_names when it may NULL 2020-06-03 10:44:35 +08:00
Luca Deri
9c3bfeca80 Added support for Encrypted TLS SNI dissection 
https://datatracker.ietf.org/doc/draft-ietf-tls-sni-encryption/
 2020-05-28 17:44:18 +02:00
Alfredo Cardigliano
2dce6cd525 Add ndpi_serialize_start_of_list/ndpi_serialize_end_of_list to serialize simple lists in JSON 2020-05-25 16:37:00 +02:00
Luca Deri
b7e666e465 Added fix to avoid potential heap buffer overflow in H.323 dissector 
Modified HTTP report information to make it closer to the HTTP field names
 2020-05-19 08:31:05 +02:00
Luca Deri
3d9285f1be Added check for invalid HTTP URLs 2020-05-16 00:10:35 +02:00
Luca Deri
c375782b96 Added check for binary scripts 
Added NDPI_HTTP_NUMERIC_IP_HOST risk
ndpi_risk moved to 32 bit
 2020-05-15 22:49:55 +02:00
Luca Deri
e5e69d0f7a Added the ability to detect when a known protocol is using a non-standard port 
Added check to spot executables exchanged via HTTP
 2020-05-10 21:25:38 +02:00
Luca Deri
4a09b4efa0 Added TLS issuerDN and subjectDN 2020-05-07 18:44:51 +02:00
Luca Deri
84f66b4d6b Introduced custom protocols with IP and (optional) port support 
Example

- Single IP address
  ip:213.75.170.11@CustomProtocol

- IP address with CIDR
  ip:213.75.170.11/32@CustomProtocol

- IP address with CIDR and port
  ip:213.75.170.11/32:443@CustomProtocol

Please note that there are some restrictions on the port
usage. They have been listed in example/protos.txt
 2020-05-06 12:51:44 +02:00