mirror of
https://github.com/vel21ripn/nDPI.git
synced 2026-05-02 00:40:17 +00:00
56bfb439f8
Reworked Tor dissector embedded in TLS (fixes #1141) Removed false positive on HTTP User-Agent |
||
|---|---|---|
| .. | ||
| MacOS | ||
| Win32 | ||
| categories.txt | ||
| intrusion_detection.c | ||
| intrusion_detection.h | ||
| ja3_fingerprints.csv | ||
| Makefile.dpdk.in | ||
| Makefile.in | ||
| mining_hosts.txt | ||
| ndpi2timeline.py | ||
| ndpiReader.c | ||
| ndpiSimpleIntegration.c | ||
| protos.txt | ||
| reader_util.c | ||
| reader_util.h | ||
| README.DPDK | ||
| risky_domains.txt | ||
| sha1_fingerprints.csv | ||
Prerequisites ------------- You need to install and compile DPDK in your HOME directory as explained in See http://core.dpdk.org/doc/quick-start/ for DPDK installation and setup Once DPDK is built make sure to create a symbolic link $ cd $ ln -s dpdk-18.08 DPDK so the build process will use the DPDK directory letting you have multiple DPDK versions available on your system Build ----- Everything will happen automagically but if you want to do it by hand do: make -f Makefile.dpdk Run Application --------------- Supposing to capture packets from device eno1 you can start the application as follows: sudo ./build/ndpiReader -c 1 --vdev=net_pcap0,iface=eno1 -- -v 1 NOTE: - ndpiReader without DPDK support sits in this directory - ndpiReader with DPDK support can be found inside the ./build directory