vrr/nDPI
2
0
Fork 0
mirror of https://github.com/vel21ripn/nDPI.git synced 2026-04-29 15:39:42 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 6
5656 commits 9 branches 12 tags 263 MiB
Commit graph

176 commits

Author SHA1 Message Date
0x41CEA55
905120588b
Remove obsolete protocols: tuenty, tvuplayer and kontiki (#2398) 2024-04-19 21:35:32 +02:00
0x41CEA55
e75d7a620e
Add KNXnet/IP protocol support (#2397) 
* Add KNXnet/IP protocol support

* Improve KNXnet/IP over TCP detection
 2024-04-19 12:54:00 +02:00
Luca Deri
ad117bfaab
Domain Classification Improvements (#2396) 
* Added
size_t ndpi_compress_str(const char * in, size_t len, char * out, size_t bufsize);
size_t ndpi_decompress_str(const char * in, size_t len, char * out, size_t bufsize);

used to compress short strings such as domain names. This code is based on
https://github.com/Ed-von-Schleck/shoco

* Major code rewrite for ndpi_hash and ndpi_domain_classify

* Improvements to make sure custom categories are loaded and enabled

* Fixed string encoding

* Extended SalesForce/Cloudflare domains list
 2024-04-18 23:21:40 +02:00
Vladimir Gavrilov
c63697205b
Add Label Distribution Protocol support (#2385) 
* Add Label Distribution Protocol support

* Fix typo

* Update unit test results
 2024-04-12 17:44:36 +02:00
Vladimir Gavrilov
9ff4bece33
Add The Elder Scrolls Online support (#2376) 
* Add The Elder Scrolls Online support

* Use ndpi_memmem instead of memmem from libc

* Add protocol description

* Change selection bitmask to V4_V6

* Update protocols.rst
 2024-04-10 18:04:02 +02:00
Luca Deri
bd2968dcd3 Tuned DNS risk values 
Modified NDPI_BINARY_TRANSFER_ATTEMPT in NDPI_BINARY_DATA_TRANSFER
 2024-04-09 10:22:01 +02:00
Luca Deri
98bf0e243e Fixed false positives on binary application transfer risk 2024-04-08 23:52:27 +02:00
Toni
727e72d1f1
Calculate packet entropy for unknown protocols. (#2369) 
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
 2024-04-06 17:01:19 +02:00
Vladimir Gavrilov
5b32c98a21
Add LoL: Wild Rift detection (#2356) 2024-03-26 08:11:14 +01:00
Vladimir Gavrilov
e6474d835f
Add FLUTE protocol dissector (#2351) 
* Add FLUTE protocol dissector

* Add flute.c to MSVC project
 2024-03-19 09:11:04 +01:00
Vladimir Gavrilov
8fad77991d
Add PFCP protocol dissector (#2342) 2024-03-13 20:18:43 +01:00
Vladimir Gavrilov
e2949048e0
Add Path of Exile protocol dissector (#2337) 
* Add Path of Exile protocol dissector

* Update protocols.rst
 2024-03-06 19:59:09 +01:00
Vladimir Gavrilov
58fdc9fafb
Add Naraka Bladepoint detection support (#2334) 2024-03-04 08:30:54 +01:00
Vladimir Gavrilov
f2e3c7fb90
Add BFD protocol dissector (#2332) 2024-02-29 08:19:00 +01:00
Vladimir Gavrilov
66b6e2b3f2
Add DLEP protocol dissector (#2326) 2024-02-20 16:05:41 +01:00
Vladimir Gavrilov
e93bcfd619
Add ANSI C12.22 protocol dissector (#2317) 
* Add ANSI C12.22 protocol dissector

* Add UDP sample
 2024-02-15 09:36:06 +01:00
Ivan Nardi
ae36648c6c
Skype: remove old detection logic (#1954) 
Skype has been using standard protocols (STUN/ICE or TLS) for a long,
long time, now. Long gone are the days of Skype as a distribuited
protocol.

See: #2166
 2024-02-12 18:39:24 +01:00
Vladimir Gavrilov
f5cec001f3
Add detection of Gaijin Entertainment games (#2311) 
* Add detection of Gaijin Entertainment games

* Short NDPI_PROTOCOL_GAIJINENTERTAINMENT to NDPI_PROTOCOL_GAIJIN

* Add default UDP port for Gaijin Entertainment games

* Remove NDPI_PROTOCOL_CROSSOUT protocol id
 2024-02-09 11:07:48 +01:00
Vladimir Gavrilov
6207be43fa
Add TencentGames protocol dissector (#2306) 2024-02-08 08:10:35 +01:00
Vladimir Gavrilov
4c9446379f
Add Gearman protocol dissector (#2297) 2024-02-01 19:46:57 +01:00
Luca Deri
47f72443fa Implemented CIP I/O (UDP version of the CIP protocol), Common Industrial protocol 2024-01-29 13:28:41 +01:00
Vladimir Gavrilov
c807d84054
Fix RESP detection (#2289) 
* Rename redis_net.c to resp.c

* Fix RESP detection
 2024-01-27 21:19:34 +01:00
Toni
bcca89b78c
Add Raft protocol dissector. (#2286) 
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
 2024-01-25 20:26:18 +01:00
Vladimir Gavrilov
4e712e3ab5
Add Radmin protocol dissector (#2283) 
* Add Radmin protocol dissector

* Update test results
 2024-01-25 08:10:29 +01:00
Vladimir Gavrilov
f04b4450a1
Add STOMP protocol dissector (#2280) 2024-01-23 21:08:13 +01:00
Toni
7d24e1258d
Add Yojimbo (netcode) protocol dissector (#2277) 
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
 2024-01-21 17:47:42 +01:00
Ivan Nardi
eb129297e9
Add a dedicated dissector for Zoom (#2265) 
Move it from the RTP code and extend it
 2024-01-19 10:01:38 +01:00
Vladimir Gavrilov
6ac2ce84f8
Add Mumble detection support (#2269) 2024-01-19 07:46:51 +01:00
Vladimir Gavrilov
248f3d5588
Rework Steam detection (part 1) (#2264) 
* Clean up Steam dissector

* Add Steam Datagram Relay dissector

* Update docs

* Update test results

* Remove csgo.c from MSVC project

* Small fixes

* Add Steam TLS pcap sample

* Merge Steam pcap samples into single one

* Fix typo

* Update test results
 2024-01-18 19:23:44 +01:00
Toni
0aea509e23
Add KCP protocol dissector. (#2257) 
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
 2024-01-12 12:14:59 +01:00
Toni
c5b0b05b80
Add Roughtime protocol dissector. (#2248) 
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
 2024-01-09 07:56:27 +01:00
Ivan Nardi
40797521af
ndpiReader: add breed stats on output used for CI (#2236) 2024-01-05 13:02:39 +01:00
Vladimir Gavrilov
3d09b25653
Add Ceph protocol dissector (#2242) 
* Add Ceph protocol dissector

* Update protocols.rst
 2024-01-04 13:22:23 +01:00
Vladimir Gavrilov
7f9973bd0c
Add HL7 protocol dissector (#2240) 
* Add HL7 protocol dissector

* Small fixes

* Small fixes
 2024-01-02 20:57:05 +01:00
Vladimir Gavrilov
0180c1f04a
Add IEC62056 (DLMS/COSEM) protocol dissector (#2229) 
* Add IEC62056 (DLMS/COSEM) protocol dissector

* Fix detection on big endian architectures

* Update protocols.rst

* Add ndpi_crc16_x25 to fuzz/fuzz_alg_crc32_md5.c

* Update pcap sample

* Remove empty .out file

* iec62056: add some documentation

---------

Co-authored-by: Nardi Ivan <nardi.ivan@gmail.com>
 2024-01-02 16:45:54 +01:00
Vladimir Gavrilov
2796bc9b47
Add NoMachine NX protocol dissector (#2234) 
* Add NoMachine protocol dissector

* Fix detection on big endian architectures

* Make NoMachine over UDP check more strict

* Small fixes
 2024-01-02 10:23:42 +01:00
Luca Deri
8285fffdae Implements JA4 Support (#2191) 2023-12-22 20:40:42 +01:00
Vladimir Gavrilov
5eb468d07b
Add Apache Kafka protocol dissector (#2226) 2023-12-22 14:42:47 +01:00
Vladimir Gavrilov
149067b3fc
Add JSON-RPC protocol dissector (#2217) 
* Add JSON-RPC protocol dissector

* Small fixes

* Improve detection
 2023-12-20 12:42:25 +01:00
Vladimir Gavrilov
33f11cb10f
Add OpenFlow protocol dissector (#2222) 2023-12-20 10:48:45 +01:00
Vladimir Gavrilov
59c8eabc0e
Add UFTP protocol dissector (#2215) 
* Add UFTP protocol dissector

* Update docs

* Merge pcap files
 2023-12-18 11:21:07 +01:00
Vladimir Gavrilov
d8c7a76611
Add HiSLIP protocol dissector (#2214) 
* Add HiSLIP protocol dissector

* Fix error
 2023-12-17 11:52:55 +01:00
Vladimir Gavrilov
0f3e6d832b
Add PROFINET/IO protocol dissector (#2213) 
* Add PROFINET/IO protocol dissector

* Add LE (Little Endian) to the file name

* Rework dissector

* Remove redundant check
 2023-12-16 13:30:21 +01:00
Toni
ef62391dba
Add Monero protocol classification. (#2196) 
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
 2023-12-13 19:55:18 +01:00
Ivan Nardi
241c42ad7e
ndpiReader: fix guessed_flow_protocols statistic (#2203) 
Increment the counter only if the flow has been guessed
 2023-12-12 19:44:03 +01:00
Ivan Nardi
f74cf16c36
OpenVPN: rework detection (#2199) 
Close #1873
 2023-12-06 10:24:26 +01:00
Vladimir Gavrilov
ad20846fad
Add Ether-S-Bus protocol dissector (#2200) 2023-12-05 17:20:38 +01:00
Vladimir Gavrilov
be50493f44
Add IEEE C37.118 protocol dissector (#2193) 2023-12-05 08:06:15 +01:00
Vladimir Gavrilov
c34bded4ef
Add ISO 9506-1 MMS protocol dissector (#2189) 
* Add ISO 9506-1 MMS protocol dissector
* Fix detection on big-endian architectures
 2023-12-01 09:03:07 +01:00
Vladimir Gavrilov
24df1913ac
Add Beckhoff ADS protocol dissector (#2181) 
* Add Beckhoff ADS protocol dissector

* Remove redundant le32toh

* Fix detection on big-endian architectures
 2023-11-30 09:13:45 +01:00