vrr/nDPI
2
0
Fork 0
mirror of https://github.com/vel21ripn/nDPI.git synced 2026-05-05 19:15:12 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 6
3361 commits 9 branches 12 tags 263 MiB
Commit graph

195 commits

Author SHA1 Message Date
Luca Deri
a7b5e09195 Added Salesforce detection 2021-11-26 19:07:45 +01:00
Ivan Nardi
3e5491fa10
Add detection of OCSP (#1370) 
This protocol is detected via HTTP Content-Type header.

Until 89d548f9, nDPI had a dedicated automa (`content_automa`) to
classify a HTTP flow according to this header. Since then, this automa has
been useless because it is always empty.
Re-enable it to match only a string seems overkilling.

Remove all `content_automa` leftovers.
 2021-11-11 12:36:55 +01:00
Ivan Nardi
5464bad6db
Differentiate between standard Amazon stuff (i.e market) and AWS (#1369) 2021-11-04 00:20:45 +01:00
Luca Deri
b97dc6baa4 Removed outdated (and broken) soulseek dissector 2021-10-15 17:27:27 +02:00
lucasbaile
1fadf4754a
Add Cassandra protocol dissector (#1285) 
Co-authored-by: Lucas Santos <lucas.santos@zerum.com>
 2021-09-09 22:47:58 +02:00
Toni
c411df523e
Added AVAST SecureDNS protocol. (#1244) 
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
 2021-07-14 11:11:59 +02:00
Ivan Nardi
1116d0e4b1
Improve content match lists (#1226) 
Add support for Likee app (https://likee.video/) and GitLab
Improve detection of Google domains ("gtv1.com" added in 6dd42d19f was
likely a typo)
Improve Snapchat and Tiktok detection
 2021-07-05 09:42:11 +02:00
Toni
1c2a0c36f1
Added Z39.50 protocol. (#1219) 
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
 2021-06-29 15:32:16 +02:00
Luca Deri
8761ac1887 Renamed Skyp in Skype_Teams as the protocol is now shared across these apps 2021-06-02 21:47:01 +02:00
Luca Deri
abd6bce6f9 Added TLS certifiacate caching 
Added Fortigate protocol
 2021-05-15 10:52:16 +02:00
Luca Deri
66ebe444ae Added (partial) Activision protocol support (based on tencent cloud) 2021-05-10 15:41:52 +02:00
Toni
b4a8c8c63f
Add Genshin Impact protocol. (#1173) 
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
 2021-04-25 10:02:07 +02:00
Toni
9377991263
Add HP Virtual Machine Group Management (hpvirtgrp) protocol. (#1170) 
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
 2021-04-20 14:12:16 +02:00
Ivan Nardi
c50a8d4808
Add support for Snapchat voip calls (#1147) 
* Add support for Snapchat voip calls

Snapchat multiplexes some of its audio/video real time traffic with QUIC
sessions. The peculiarity of these sessions is that they are Q046 and
don't have any SNI.

* Fix tests with libgcrypt disabled
 2021-03-06 05:48:36 +01:00
Luca Deri
ea0309d21b Removed now obsolete NDPI_DETECTION_SUPPORT_IPV6: code is more readeable now 2021-02-10 19:09:11 +01:00
Luca
0809956e5f Rewored UPnP protocol that in essence was WSD hence it has been renamed 
Cleaned up TLS code for DTLS detection by defining a new DTLS protocol
 2021-01-20 09:53:30 +01:00
Luca Deri
68b6ac7da8 (C) Update 2021-01-07 11:13:36 +01:00
Ivan Nardi
2080cc7365
QUIC: add suppport for DNS-over-QUIC (#1107) 
Even if it is only an early internet draft, DoQ has already (at least)
one deployed implementation.
See: https://www.zdnet.com/article/ad-blocker-adguard-deploys-worlds-first-dns-over-quic-resolver/
Draft: https://tools.ietf.org/html/draft-huitema-dprive-dnsoquic-00

In the future, if this protocol will be really used, it might be worth to
rename NDPI_PROTOCOL_DOH_DOT in NDPI_PROTOCOL_DOH_DOT_DOQ
 2021-01-07 10:56:39 +01:00
Ivan Nardi
23b84cd3ee
Remove FB_ZERO protocol (#1102) 
FB_ZERO was an experimental protocol run by Facebook.
They switched to QUIC/TLS1.3 more than 2 years ago; no one ever used it but
them so it is definitely dead.
See: https://engineering.fb.com/2018/08/06/security/fizz/
 2021-01-04 15:49:19 +01:00
Toni
62cd852c6f
Rename Jabber detection name as we are not sure if it is unencrypted e.g. if START_TLS used. (#1079) 
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
 2020-12-08 15:49:17 +01:00
Zied Aouini
bfabb0ddf4
Add Virtual Asssitant (Alexa, Siri) support. (#1057) 
* Add AmazonAlexa protocol.

* Add AmazonAlexa test file and result.

* Include pcapng as file format.

* Rename Category to VirtualAssistant.

* Add AppleSiri virtual assistant.

* Fix pcapng test files format support.

Co-authored-by: Luca Deri <lucaderi@users.noreply.github.com>
 2020-11-16 21:19:38 +01:00
Zied Aouini
3529268df8
Add Tumblr support. (#1061) 
* Add Tumblr protocol.

* Add Tumblr test file and result.

Co-authored-by: Luca Deri <lucaderi@users.noreply.github.com>
 2020-11-16 21:14:06 +01:00
Zied Aouini
22780da8d5
Add Reddit support. (#1060) 
* Add Reddit protocol.

* Add Reddit test file and result.

Co-authored-by: Luca Deri <lucaderi@users.noreply.github.com>
 2020-11-16 21:13:01 +01:00
Zied Aouini
13dab51cc7
Add Pinterest support. (#1059) 
* Add Pinterest protocol.

* Add Pinterest test file and result.

Co-authored-by: Luca Deri <lucaderi@users.noreply.github.com>
 2020-11-16 21:11:43 +01:00
Zied Aouini
f35fad13c3
Add DisneyPlus protocol. (#1058) 2020-11-16 21:10:11 +01:00
Luca Deri
328ff24657 Renumbered AmongUs protocol 2020-11-09 16:23:01 +01:00
Toni
6b5bdf773d
Added support for AmongUs. (#1054) 
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
 2020-11-09 16:19:00 +01:00
Leonn
0576dc2a49
💡 Add mongodb protocol dissector (#1048) 2020-11-03 16:16:02 +01:00
Luca Deri
833d0eee53 Added CPHA - CheckPoint High Availability Protocol protocl support 2020-10-22 18:39:13 +02:00
Luca Deri
9dac9945c9 Fixes #1033 2020-10-21 20:59:02 +02:00
Luca Deri
044ed14b4f Various optimizations to reduce not-necessary calls 
Optimized various UDP dissectors
Removed dead protocols such as pando and pplive
 2020-09-24 23:26:03 +02:00
Toni Uhlig
799a6abfe6
Improved dnscrypt v1/v2 protocol detection. 
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
 2020-09-06 23:24:55 +02:00
Luca Deri
9f431f9218
Merge pull request #985 from lnslbrty/add/SOAP 
Added support for SOAP.
 2020-08-19 21:49:12 +02:00
Toni Uhlig
8e93f48c43
Added support for SOAP. 
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
 2020-08-18 16:21:26 +02:00
Luca Deri
98a9afc40c Added support for discord 2020-08-16 10:01:40 +02:00
Toni Uhlig
da37f2444f
Implemented proprietary AnyDesk protocol 
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
 2020-06-17 01:23:03 +02:00
Luca Deri
801c9481cb Removed some obsolete protocols (battlefield, oscar, pcanywhere, tvants) 2020-06-06 11:29:03 +02:00
Luca Deri
4148c5e065 Removed now obsolete MSN protocol 
Added nats.io protocol dissector
 2020-05-03 18:20:21 +02:00
Leonn Paiva
780dc8d1e7 💡 implement websocket protocol dissector 2020-04-26 02:53:12 -03:00
Luca Deri
e603549967 Office365 renamed to Microsoft365 (by Microsoft) 2020-04-20 15:44:27 +02:00
Luca Deri
711ba99eaa Added detection of Microsoft Teams 2020-04-16 15:23:07 +02:00
havup
a2b163beca
Update ndpi_protocol_ids.h 2020-03-25 19:04:00 +08:00
Luca Deri
88fc9232ff Code improvements 2020-02-04 22:31:02 +01:00
Luca Deri
29dd45838d Updated (C) 2020-01-05 18:24:58 +01:00
Luca Deri
c4d476cc58 Code improvements 2019-12-09 00:29:02 +01:00
Luca Deri
68d66b780c Added new test pcaps 
Renamed protocol 104 to IEC60870 (more meaningful)
 2019-11-23 13:27:34 +01:00
Luca Deri
da029607a0 Removed (unreliable) line protocol detection 2019-11-18 21:21:52 +01:00
Luca
d0e7e69552 Renamed DNSoverHTTPS to handle bot DoH and DoT 2019-11-08 09:23:52 +00:00
Luca Deri
42c8d3ac27 Added ability to defien custom protocols 2019-10-29 10:29:12 +01:00
Luca Deri
ecdb7cdc55 Various improvements in particular for CapWAP and Bloomberg 2019-10-27 23:05:24 +01:00