vrr/nDPI
2
0
Fork 0
mirror of https://github.com/vel21ripn/nDPI.git synced 2026-04-29 07:29:39 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 6
5656 commits 9 branches 12 tags 263 MiB
Commit graph

148 commits

Author SHA1 Message Date
Toni
74a77e7b3d
Added --ignore-vlanid / -I to exclude VLAN ids for flow hash calculation. #1073 (#1085) 
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
 2020-12-11 21:01:51 +01:00
Luca Deri
948a906037 Added -D flag for detecting DoH in the wild 
Removed heuristic from CiscoVPN as it leads to false positives
 2020-10-26 21:40:59 +01:00
Adrian Zgorzałek
8f74d5733d OpenBSD: Introduce pkt_timeval to deal with (bpf_)_timeval 
Some BSD APIs called in example/ return `struct bpf_timeval`, where nDPI
APIs expect `struct timeval`. These two structs, besides having
a different name, share the exact same set of fields.
 2020-08-09 14:30:12 +01:00
Toni Uhlig
20fed83e0f
Removed csv_fp as external symbol. Instead passing csv_fp through as argument. 
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
 2020-07-08 23:21:35 +02:00
Luca Deri
db707e0829
Merge pull request #932 from IvanNardi/log 
Log
 2020-07-07 14:43:32 +02:00
Nardi Ivan
c08693fda5 Incorporated some feedback 2020-07-01 20:16:16 +02:00
Nardi Ivan
b24f5c4c0a Fix memory leak about purged/expired flows 
Create an helper to avoid similar errors in the future
Fixes: 1a62f4c7
 2020-06-28 12:05:12 +02:00
Nardi Ivan
ece5d3e199 Fix (harmless) memory leaks when DPDK is enabled 2020-06-28 12:05:12 +02:00
Nardi Ivan
56d87186f7 Fix compilation with --enable-debug-messages flag 
NDPI_LOG* macros dereference ndpi_detection_module_struct object which is
private to ndpi library (via NDPI_LIB_COMPILATION define). So we can't use
them outside the library itself, i.e. in ndpiReader code
Therefore, in files in example/, convert all (rare) uses of NDPI_LOG* macros
to a new very simple macro, private to ndpiReader program. If necessary,
such macro may be improved.

According to a comment in ndpi_define.h, each dissector must define its own
NDPI_CURRENT_PROTO macro before including ndpi_api.h file
 2020-06-26 12:04:02 +02:00
Luca Deri
1a62f4c799 Added ndpi_bin_XXX API 
Added packet lenght distribution bins
 2020-06-22 01:02:54 +02:00
Luca Deri
801c9481cb Removed some obsolete protocols (battlefield, oscar, pcanywhere, tvants) 2020-06-06 11:29:03 +02:00
Luca Deri
9c3bfeca80 Added support for Encrypted TLS SNI dissection 
https://datatracker.ietf.org/doc/draft-ietf-tls-sni-encryption/
 2020-05-28 17:44:18 +02:00
Luca Deri
e5e69d0f7a Added the ability to detect when a known protocol is using a non-standard port 
Added check to spot executables exchanged via HTTP
 2020-05-10 21:25:38 +02:00
Luca Deri
4a09b4efa0 Added TLS issuerDN and subjectDN 2020-05-07 18:44:51 +02:00
Nardi Ivan
e84563f971 ndpiReader: fix memory leak in idle sessions purging 2020-04-08 15:15:34 +02:00
Luca Deri
fdf8dd724f Minor fix 2020-02-17 22:15:36 +01:00
Luca Deri
3be263aafc Added TLS ALPN support 2020-02-07 21:54:04 +01:00
Luca Deri
5571ce114d Added flow extra info field 
Updated tests/results
 2020-01-10 22:21:16 +01:00
Luca Deri
d1fb41a161 Minor cleanup 2020-01-05 18:42:36 +01:00
emanuele-f
798bb6e2e1 Fix leaks and sha1 certificate detection 2020-01-02 14:39:51 +01:00
Luca
8b01056b21 Renamed TLS requested server name 2020-01-02 07:37:03 +01:00
Luca
daae1cc9b1 Reworked TLS dissection 2020-01-01 12:59:19 +01:00
Luca Deri
558983c99c
Merge pull request #813 from SimoneRicci97/dev 
Fixed intrusion detection
 2019-12-09 00:01:09 +01:00
Simone Ricci
a65c959940 Fixed intrusion detection 2019-11-26 21:20:22 +01:00
Luca Deri
fc82cdfa4a Implemented telnet password export 2019-11-21 19:36:01 +01:00
Luca Deri
a58c838c4c Added flow duration and goodput in output (-v and -c) 2019-11-21 13:31:56 +01:00
Luca
fb56b042c0 Merge branch 'dev' of https://github.com/ntop/nDPI into dev 2019-11-05 12:15:27 +00:00
Luca
6298ecc271 Added tunnelling decapsulation 2019-11-05 08:21:31 +00:00
Luca Deri
9e42b525ec
Merge pull request #806 from oleg-umnik/fix_1 
Don't leak memory in live capture mode
 2019-11-03 17:13:49 +01:00
Luca
4802987178 Initial work towards HTTP content-type export 2019-10-31 00:14:20 +01:00
Luca
0e54f87b18 Added telnet dissector 
Improved data report
 2019-10-29 19:12:42 +01:00
Oleg A. Arkhangelsky
9f5e5b90e5 Don't leak memory in live capture mode 2019-10-29 21:11:31 +03:00
Luca Deri
4fd7e5734a Manual merge of pull #769 2019-10-02 23:01:29 +02:00
Luca Deri
e45237a93f Removed http:// from HTTP url 
Reported URL in ndpiReader
 2019-10-01 12:25:39 +02:00
Luca
0ed679e795 Improves IAT calculation 2019-09-24 16:37:42 +02:00
Luca Deri
00e639d513 TLS certificate hash is not reported 2019-09-14 15:00:52 +02:00
Luca Deri
086c511a11 Parsed TLS certificate validity 2019-09-10 00:34:48 +02:00
Luca
886d575157 Added -C to generate CSV analysis files 
Improved IAT and byte distribution
 2019-09-03 18:38:54 +02:00
Luca
9a6f6d9fe4 Implemented IAT (Inter Arrival Time) stats 2019-08-29 13:40:44 +02:00
Luca
e4e40e3c70 Added entropy, average, stddev, variance, bytes ratio calculation 2019-08-28 14:02:39 +02:00
Luca Deri
6011790d79 Entropy calculation example 2019-08-27 10:44:41 +02:00
Luca
2acffb4163 Initial work towards traffic classification 2019-08-27 12:56:15 +02:00
Luca Deri
e7c0ac37d8 Implemented HASSH (https://github.com/salesforce/hassh) 2019-08-22 19:25:58 +02:00
Luca Deri
9f42a4482a Initial work workards payload analysis 2019-08-21 19:01:56 +02:00
Luca
cce8a6026f Reworked SSL/TLS field naming 2019-08-08 15:20:05 +02:00
Luca
419160f351 Implemented DTLS support 
Renamed ssl to tls
 2019-08-08 12:45:27 +02:00
Luca Deri
3369716fc3 Added SPLT (sequence of packet length and time) and BD (byte distribution) with -J 2019-07-24 23:55:07 +02:00
Luca Deri
b50635cb89 Renamed ndpi_util.c -> reader_util.c 
Added crash fix with IPv6
 2019-07-18 11:38:16 +02:00
Renamed from example/ndpi_util.h (Browse further)