vrr/nDPI
2
0
Fork 0
mirror of https://github.com/vel21ripn/nDPI.git synced 2026-04-29 07:29:39 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 6
5656 commits 9 branches 12 tags 263 MiB
Commit graph

1122 commits

Author SHA1 Message Date
Nardi Ivan
b24f5c4c0a Fix memory leak about purged/expired flows 
Create an helper to avoid similar errors in the future
Fixes: 1a62f4c7
 2020-06-28 12:05:12 +02:00
Nardi Ivan
ece5d3e199 Fix (harmless) memory leaks when DPDK is enabled 2020-06-28 12:05:12 +02:00
Nardi Ivan
2cdf7ce806 Fix startup when DPDK is enabled 
Fixes:a58c838c4
 2020-06-28 12:05:12 +02:00
Nardi Ivan
2effa57d8a ndpiReader: fix ports statistics 
They should take idle/expired flows into account, too
 2020-06-28 12:05:12 +02:00
Nardi Ivan
56d87186f7 Fix compilation with --enable-debug-messages flag 
NDPI_LOG* macros dereference ndpi_detection_module_struct object which is
private to ndpi library (via NDPI_LIB_COMPILATION define). So we can't use
them outside the library itself, i.e. in ndpiReader code
Therefore, in files in example/, convert all (rare) uses of NDPI_LOG* macros
to a new very simple macro, private to ndpiReader program. If necessary,
such macro may be improved.

According to a comment in ndpi_define.h, each dissector must define its own
NDPI_CURRENT_PROTO macro before including ndpi_api.h file
 2020-06-26 12:04:02 +02:00
Nardi Ivan
70a926088f Fixed harmless memory leak in extcap initialization 2020-06-25 18:02:03 +02:00
Nardi Ivan
6b69e7ebbc Restore extcap functionality, i.e. integration with wireshark 2020-06-25 18:02:03 +02:00
lucaderi
ecdf7df454 Compilation fixes for non-Linux (or outdated Linux) platforms 2020-06-25 10:25:24 +02:00
Luca Deri
2350daa2dc
Merge pull request #928 from lnslbrty/added/yet-another-ndpi-integration-example 
PROPOSAL: ndpiSimpleIntegration: added another integration example
 2020-06-25 10:05:49 +02:00
Toni Uhlig
17c26911fb
ndpiSimpleIntegration: added another integration example 
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
 2020-06-24 22:03:18 +02:00
Toni Uhlig
39800c88fa
Fixed unitialized values in ndpiReader protocol detection bitmask during dga selftest. 
* make ./tests/vagrind_test.sh directory agnostic

Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
 2020-06-23 17:23:56 +02:00
Luca Deri
d9af1562f0 Fixes #906 
Packet bins are not printed wehn empty
 2020-06-22 14:30:26 +02:00
Luca Deri
1a62f4c799 Added ndpi_bin_XXX API 
Added packet lenght distribution bins
 2020-06-22 01:02:54 +02:00
Luca Deri
b2c24558c5 DGA detection improvements 2020-06-18 00:17:30 +02:00
Luca Deri
46d96e7f32 Added checks for DGA detection 2020-06-17 19:46:37 +02:00
Luca Deri
55364ef0b4 Added DGA risk for names that look like a DGA 2020-06-11 18:51:53 +02:00
Luca Deri
60aaa80570 Added HyperLogLog cardinality estimator API calls 
/* Memory lifecycle */
int ndpi_hll_init(struct ndpi_hll *hll, u_int8_t bits);
void ndpi_hll_destroy(struct ndpi_hll *hll);

/* Add values */
void ndpi_hll_add(struct ndpi_hll *hll, const char *data, size_t data_len);
void ndpi_hll_add_number(struct ndpi_hll *hll, u_int32_t value) ;

/* Get cardinality estimation */
double ndpi_hll_count(struct ndpi_hll *hll);
 2020-06-10 23:43:35 +02:00
Luca Deri
43ddbfdfba Merge branch 'dev' of https://github.com/ntop/nDPI into dev 2020-06-06 11:30:47 +02:00
Luca Deri
801c9481cb Removed some obsolete protocols (battlefield, oscar, pcanywhere, tvants) 2020-06-06 11:29:03 +02:00
Alfredo Cardigliano
2beecdc8af Handle EOR in TLV test 2020-06-06 11:18:17 +02:00
Luca Deri
605d548d4a removed obsolete yahoo plugin 2020-06-06 09:38:19 +02:00
Alfredo Cardigliano
0da76fdac6 Support for multiple records in CSV serialization 2020-06-05 17:28:27 +02:00
Luca Deri
597d6e5d60
Merge pull request #913 from yskcg/fix_segment_fault_dev 
Fix segment fault dev
 2020-06-05 16:57:46 +02:00
Alfredo Cardigliano
67c72a8cb5 Add ndpi_serializer_get_header API (CSV only) 2020-06-05 16:52:26 +02:00
ysk
52893d99f6 fix segment fault cause by the ssl.server_names when it may NULL 2020-06-03 10:44:35 +08:00
Luca Deri
9c3bfeca80 Added support for Encrypted TLS SNI dissection 
https://datatracker.ietf.org/doc/draft-ietf-tls-sni-encryption/
 2020-05-28 17:44:18 +02:00
Alfredo Cardigliano
2dce6cd525 Add ndpi_serialize_start_of_list/ndpi_serialize_end_of_list to serialize simple lists in JSON 2020-05-25 16:37:00 +02:00
Luca Deri
b7e666e465 Added fix to avoid potential heap buffer overflow in H.323 dissector 
Modified HTTP report information to make it closer to the HTTP field names
 2020-05-19 08:31:05 +02:00
Luca Deri
3d9285f1be Added check for invalid HTTP URLs 2020-05-16 00:10:35 +02:00
Luca Deri
c375782b96 Added check for binary scripts 
Added NDPI_HTTP_NUMERIC_IP_HOST risk
ndpi_risk moved to 32 bit
 2020-05-15 22:49:55 +02:00
Luca Deri
e5e69d0f7a Added the ability to detect when a known protocol is using a non-standard port 
Added check to spot executables exchanged via HTTP
 2020-05-10 21:25:38 +02:00
Luca Deri
4a09b4efa0 Added TLS issuerDN and subjectDN 2020-05-07 18:44:51 +02:00
Luca Deri
84f66b4d6b Introduced custom protocols with IP and (optional) port support 
Example

- Single IP address
  ip:213.75.170.11@CustomProtocol

- IP address with CIDR
  ip:213.75.170.11/32@CustomProtocol

- IP address with CIDR and port
  ip:213.75.170.11/32:443@CustomProtocol

Please note that there are some restrictions on the port
usage. They have been listed in example/protos.txt
 2020-05-06 12:51:44 +02:00
Luca Deri
427002d14f Reworked protocol handling chnging it is u_int16_t 2020-05-06 00:31:40 +02:00
Luca Deri
0bf809f8e5
Merge pull request #884 from lnslbrty/dev 
Added missing ndpiReader dependency for the install target
 2020-04-27 23:27:26 +02:00
Nardi Ivan
097127c31d Fix heap-overflow error in CAPWAP detunneling code 2020-04-24 10:42:52 +02:00
Nardi Ivan
c2ebbb15ad Fix "division by zero" runtime error 2020-04-23 14:24:49 +02:00
Nardi Ivan
f965983c23 Add basic support for some ip-in-ip tunnels 
Add support for 4in4, 6in6 and 4in6 encapsulations
Add support for ipv6 traffic in gtp tunnels, too

To allow gtp unit test, gtp detunneling flag has been globally enabled
in the test suite
 2020-04-23 10:55:33 +02:00
Toni Uhlig
8d8e61b256
Added missing ndpiReader dependency for the install target 
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
 2020-04-22 21:51:57 +02:00
Luca Deri
019b51bb17
Merge pull request #879 from IvanNardi/warnings 
Fix some compilation warnings
 2020-04-21 19:23:57 +02:00
Philippe Antoine
1b73f7372e Gets right protocol after IPv6 header 2020-04-21 15:34:53 +02:00
Nardi Ivan
b1a6c6b895 Fix some compilation warnings 2020-04-20 16:53:39 +02:00
Luca Deri
25cd2a23a6 Compilation fixes 2020-04-20 15:08:51 +02:00
Philippe Antoine
c2b2692e65 Seeting right flow protocol after IP6 extensions 
Finally fixing https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20727
 2020-04-18 14:39:57 +02:00
Philippe Antoine
da0889d3ba Adds bound check before calling ndpi_handle_ipv6_extension_headers 2020-04-17 22:21:03 +02:00
Luca Deri
a766de7b94
Merge pull request #876 from a-czyrny/dev 
additional csv semicolon fix
 2020-04-17 10:34:41 +02:00
Luca Deri
711ba99eaa Added detection of Microsoft Teams 2020-04-16 15:23:07 +02:00
Alexander Czyrny
32d25bfdaf additional csv semicolon fix 
Created function correct_csv_data_field to pevent duplicated code. Additionally used for _flow->ndpi_flow->protos.stun_ssl.ssl.alpn_ and _flow->ndpi_flow->protos.stun_ssl.ssl.tls_supported_versions_ to guarantee a valid csv output (commas replaced by semicolon) .
 2020-04-16 14:12:48 +02:00
Luca Deri
f4c24663fc
Merge pull request #874 from catenacyber/fuzz6fix 
Fuzz6fix
 2020-04-15 18:05:16 +02:00
Philippe Antoine
cf47ba234a Use ndpi_handle_ipv6_extension_headers in reader_util 2020-04-15 16:19:57 +02:00