mirror of
https://github.com/vel21ripn/nDPI.git
synced 2026-05-02 00:40:17 +00:00
91bb77a880
Remove some unused fields and re-organize other ones. In particular: * Update the parameters of `ndpi_ssl_version2str()` function * Zattoo, Thunder: these timestamps aren't really used. * Ftp/mail: these protocols are dissected only over TCP. * Attention must be paid to TLS.Bittorrent flows to avoid invalid read/write to `flow->protos.bittorrent.hash` field. This is the last(?) commit of a long series (see |
||
|---|---|---|
| .. | ||
| MacOS | ||
| categories.txt | ||
| intrusion_detection.c | ||
| intrusion_detection.h | ||
| ja3_fingerprints.csv | ||
| Makefile.dpdk.in | ||
| Makefile.in | ||
| mining_hosts.txt | ||
| ndpi2timeline.py | ||
| ndpiReader.c | ||
| ndpiSimpleIntegration.c | ||
| protos.txt | ||
| reader_util.c | ||
| reader_util.h | ||
| README.DPDK | ||
| risky_domains.txt | ||
| sha1_fingerprints.csv | ||
Prerequisites ------------- You need to install and compile DPDK in your HOME directory as explained in See http://core.dpdk.org/doc/quick-start/ for DPDK installation and setup Once DPDK is built make sure to create a symbolic link $ cd $ ln -s dpdk-18.08 DPDK so the build process will use the DPDK directory letting you have multiple DPDK versions available on your system Build ----- Everything will happen automagically but if you want to do it by hand do: make -f Makefile.dpdk Run Application --------------- Supposing to capture packets from device eno1 you can start the application as follows: sudo ./build/ndpiReader -c 1 --vdev=net_pcap0,iface=eno1 -- -v 1 NOTE: - ndpiReader without DPDK support sits in this directory - ndpiReader with DPDK support can be found inside the ./build directory