vrr/nDPI

Fork 0

mirror of https://github.com/vel21ripn/nDPI.git synced 2026-04-30 07:59:49 +00:00

Commit graph

Author	SHA1	Message	Date
Ivan Nardi	39f3cd9558	test: rework main script The issue about `config.txt` files is that they contains paths: * to configuration files, which are in the source tree * to the dynamic plugins, which are in the build tree Solution: * copy all configuration files into the build tree * all those paths are about the build tree * tests run from the build tree, no from the source tree anymore	2025-12-08 17:51:32 +01:00
Luca Deri	3f2f1f8ce4	Added ability to define protocol dissectors in shared libraries (#3047 ) * Added ability to define protocol dissectors in shred libraries and load them at runtime --------- Co-authored-by: Ivan Nardi <nardi.ivan@gmail.com>	2025-12-04 15:26:15 +01:00
Ivan Nardi	0ddbda1f82	Add an heuristic to detect encrypted/obfuscated OpenVPN flows (#2547 ) Based on the paper: "OpenVPN is Open to VPN Fingerprinting" See: https://www.usenix.org/conference/usenixsecurity22/presentation/xue-diwen Basic idea: * the distribution of the first byte of the messages (i.e. the distribution of the op-codes) is quite unique * this fingerprint might be still detectable even if the OpenVPN packets are somehow fully encrypted/obfuscated The heuristic is disabled by default.	2024-09-16 18:38:26 +02:00

Author

SHA1

Message

Date

Ivan Nardi

39f3cd9558

test: rework main script

The issue about `config.txt` files is that they contains paths:
* to configuration files, which are in the source tree
* to the dynamic plugins, which are in the build tree

Solution:
* copy all configuration files into the build tree
* all those paths are about the build tree
* tests run from the build tree, no from the source tree anymore

2025-12-08 17:51:32 +01:00

Luca Deri

3f2f1f8ce4

Added ability to define protocol dissectors in shared libraries (#3047 )

* Added ability to define protocol dissectors in shred libraries and load them at runtime

---------

Co-authored-by: Ivan Nardi <nardi.ivan@gmail.com>

2025-12-04 15:26:15 +01:00

Ivan Nardi

0ddbda1f82

Add an heuristic to detect encrypted/obfuscated OpenVPN flows (#2547 )

Based on the paper: "OpenVPN is Open to VPN Fingerprinting"
See: https://www.usenix.org/conference/usenixsecurity22/presentation/xue-diwen

Basic idea:
* the distribution of the first byte of the messages (i.e. the distribution
of the op-codes) is quite unique
* this fingerprint might be still detectable even if the OpenVPN packets are
somehow fully encrypted/obfuscated

The heuristic is disabled by default.

2024-09-16 18:38:26 +02:00

3 commits