vrr/nfstream
2
0
Fork 0
mirror of https://github.com/nfstream/nfstream.git synced 2026-05-18 14:49:04 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
nfstream/tests/pcaps
History
Exact
Adrian Pekar 68dfdb6120
Upgrade nDPI from 4.7.0 to 5.0 with Windows libpcap fix (#235) 
* Upgrade nDPI from 4.7.0 to 5.0 with Windows build fix (#230)


- Upgrade nDPI submodule from 4.7.0 to 5.0
- Fix all 9 nDPI 5.0 API breaking changes:
  * Protocol structure: .app_protocol -> .proto.app_protocol
  * Protocol structure: .master_protocol -> .proto.master_protocol
  * ndpi_protocol2name() signature change
  * ndpi_detection_giveup() signature change (removed enable_guess/guessed params)
  * ndpi_extra_dissection_possible() replaced with state check
  * ndpi_init_detection_module() now expects NULL
  * Protocol bitmask removed (all protocols enabled by default)
  * TCP/UDP struct size checks removed
  * Fingerprint extraction: ja3_client -> ja4_client

- Maintain backward compatibility by keeping field names:
  * client_fingerprint: Now JA4 (TLS), HASSH client (SSH), DHCP fingerprint
  * server_fingerprint: Now JA3S (TLS), HASSH server (SSH)

- Update build system for nDPI 5.0:
  * Add --with-only-libndpi flag to build.sh
  * Make CFFI marker extraction optional in engine_build.py

- Update tests for nDPI 5.0:
  * Update fingerprint assertions (JA3 MD5 -> JA4 format)
  * Regenerate all 228 baseline test results
  * Remove invalid test file (memcached.cap)

- All 29 tests passing

* Fix memcpy buffer overreads and enable DNS subclassification

- Fix buffer overread in fingerprint memcpy calls by using source size
  instead of destination size:
  - HASSH client/server: 33 bytes (was reading 48)
  - JA4 client: 37 bytes (was reading 48)
  - JA3 server: 33 bytes (was reading 48)
  - DHCP: 48 bytes (consistent with others)

- Enable DNS subclassification (disabled by default in nDPI 5.0)
  to restore detection of DNS.Apple, DNS.Google, etc.

- Regenerate test baselines with fixes applied

* Replace outdated Steam test pcaps with nDPI 5.0 version

- Remove steam.pcap and steam_datagram_relay_ping.pcapng (obsolete)
- Add steam.pcapng from nDPI 5.0 test suite
- nDPI 5.0 reworked Steam detection (ntop/nDPI#2264)

* Fix Windows build: add missing configure step for nDPI 5.0

The Windows build script was missing the ./configure --with-only-libndpi
step before make, causing nDPI headers to not be properly installed.
This resulted in the CFFI preprocessing marker //CFFI.NDPI_PACKED_STRUCTURES
being absent from ndpi_cdefinitions_packed.h, crashing engine_build.py.

Aligns build_windows.sh with build.sh which already had this step.

* Fix Windows build: install libpcap-dev for nDPI 5.0 configure

nDPI 5.0 configure requires libpcap when --with-only-libndpi is used
on MinGW (see ntop/nDPI#3114). Install mingw-w64-x86_64-libpcap via
pacman to satisfy this dependency.
2026-02-15 20:30:16 +01:00
..
1kxun.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
4in4tunnel.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
4in6tunnel.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
6in4tunnel.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
6in6tunnel.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
443-chrome.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
443-curl.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
443-firefox.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
443-git.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
443-opvn.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
443-safari.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
aimini-http.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
ajp.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
alexa-app.pcapng [WIP] Windows support. 2021-11-29 14:30:39 +01:00
among_us.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
amqp.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
android.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
anyconnect-vpn.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
anydesk-2.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
anydesk.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
avast_securedns.pcapng [WIP] Windows support. 2021-11-29 14:30:39 +01:00
bad-dns-traffic.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
badpackets.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
BGP_Cisco_hdlc_slarp.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
BGP_redist.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
bitcoin.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
bittorrent.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
bittorrent_ip.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
bittorrent_utp.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
bt_search.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
capwap.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
cassandra.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
check_mk_new.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
chrome.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
coap_mqtt.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
cpha.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
dcerpc.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
dhcp.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
dhcp.pcapng [WIP] Windows support. 2021-11-29 14:30:39 +01:00
dhcp_big_endian.pcapng [WIP] Windows support. 2021-11-29 14:30:39 +01:00
dhcp_little_endian.pcapng [WIP] Windows support. 2021-11-29 14:30:39 +01:00
diameter.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
dlt_ppp.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
dnp3.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
dns-tunnel-iodine.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
dns_ambiguous_names.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
dns_doh.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
dns_dot.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
dns_exfiltration.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
dns_fragmented.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
dns_long_domainname.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
dnscrypt-v1-and-resolver-pings.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
dnscrypt-v2-doh.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
dnscrypt_skype_false_positive.pcapng [WIP] Windows support. 2021-11-29 14:30:39 +01:00
doq.pcapng Fix windows CI. 2022-03-07 18:21:50 +01:00
doq_adguard.pcapng Fix windows CI. 2022-03-07 18:21:50 +01:00
dos_win98_smb_netbeui.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
drda_db2.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
dropbox.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
dtls.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
dtls2.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
dtls_certificate_fragments.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
dtls_session_id_and_coockie_both.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
EAQ.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
encrypted_sni.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
ethereum.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
exe_download.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
exe_download_as_png.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
facebook.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
firefox.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
fix.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
forticlient.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
ftp.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
ftp_failed.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
fuzz-2021-06-07-c6c72a0a56.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
genshin-impact.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
git.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
google_ssl.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
googledns_android10.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
gquic.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
gtp-u.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
h323-overflow.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
hangout.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
http-lines-split.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
http-manipulated.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
http_auth.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
http_ipv6.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
IEC104.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
iec60780-5-104.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
imaps.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
instagram.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
ip_fragmented_garbage.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
iphone.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
ipv6_in_gtp.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
irc.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
ja3_lots_of_cipher_suites.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
KakaoTalk_chat.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
KakaoTalk_talk.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
kerberos.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
long_tls_certificate.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
malformed_dns.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
malformed_icmp.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
malware.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
mdns.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
modbus.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
monero.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
mongodb.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
mpeg.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
mpegts.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
mssql_tds.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
mysql-8.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
nats.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
nest_log_sink.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
netbios.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
netbios_wildcard_dns_query.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
netflix.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
netflow-fritz.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
netflowv9.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
nintendo.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
no_sni.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
NTPv2.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
NTPv3.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
NTPv4.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
one_flow.pcap Fix test cases. 2022-07-28 13:57:38 +02:00
one_flow_1_5.pcap Fix test cases. 2022-07-28 13:57:38 +02:00
one_flow_6_10.pcap Fix test cases. 2022-07-28 13:57:38 +02:00
one_flow_11_15.pcap Fix test cases. 2022-07-28 13:57:38 +02:00
one_flow_16_19.pcap Fix test cases. 2022-07-28 13:57:38 +02:00
ookla.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
openvpn.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
os_detected.pcapng [WIP] Windows support. 2021-11-29 14:30:39 +01:00
Oscar.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
pinterest.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
pps.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
ps_vue.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
quic-23.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
quic-24.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
quic-27.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
quic-28.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
quic-29.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
quic-33.pcapng [WIP] Windows support. 2021-11-29 14:30:39 +01:00
quic-mvfst-22.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
quic-mvfst-27.pcapng [WIP] Windows support. 2021-11-29 14:30:39 +01:00
quic-mvfst-exp.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
quic.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
quic046.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
quic_0RTT.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
quic_frags_ch_in_multiple_packets.pcapng [WIP] Windows support. 2021-11-29 14:30:39 +01:00
quic_frags_ch_out_of_order_same_packet_craziness.pcapng [WIP] Windows support. 2021-11-29 14:30:39 +01:00
quic_interop_V.pcapng [WIP] Windows support. 2021-11-29 14:30:39 +01:00
quic_q39.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
quic_q43.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
quic_q46.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
quic_q46_b.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
quic_q50.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
quic_t50.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
quic_t51.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
quickplay.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
raw.pcap Fix raw datalink handling on Windows. (https://github.com/nfstream/nfstream/issues/104 and https://github.com/nfstream/nfstream/issues/114) 2022-03-15 18:54:55 +01:00
rdp.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
reasm_crash_anon.pcapng [WIP] Windows support. 2021-11-29 14:30:39 +01:00
reddit.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
rtsp_setup_http.pcapng [WIP] Windows support. 2021-11-29 14:30:39 +01:00
rx.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
s7comm.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
safari.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
selfsigned.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
signal.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
simple-dnscrypt.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
sip.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
skype-conference-call.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
skype.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
skype_no_unknown.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
skype_udp.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
smb_deletefile.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
smbv1.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
smpp_in_general.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
smtp-starttls.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
snapchat.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
snapchat_call.pcapng [WIP] Windows support. 2021-11-29 14:30:39 +01:00
ssdp-m-search.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
ssh.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
ssl-cert-name-mismatch.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
starcraft_battle.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
steam.pcapng Upgrade nDPI from 4.7.0 to 5.0 with Windows libpcap fix (#235) 2026-02-15 20:30:16 +01:00
stun_facebook.pcapng [WIP] Windows support. 2021-11-29 14:30:39 +01:00
synscan.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
teamspeak3.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
telegram.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
teredo.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
tftp.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
tinc.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
tk.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
tls-esni-fuzzed.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
tls-rdn-extract.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
tls_alert.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
tls_certificate_too_long.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
tls_esni_sni_both.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
tls_long_cert.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
tls_verylong_certificate.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
tor.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
trickbot.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
tumblr.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
ubntac2.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
upnp.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
viber.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
vnc.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
wa_video.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
wa_voice.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
waze.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
WebattackSQLinj.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
WebattackXSS.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
webex.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
websocket.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
wechat.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
weibo.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
whatsapp_login_call.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
whatsapp_login_chat.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
whatsapp_voice_and_message.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
whatsappfiles.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
wireguard.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
youtube_quic.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
youtubeupload.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
z3950.pcapng [WIP] Windows support. 2021-11-29 14:30:39 +01:00
zabbix.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
zcash.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00
zoom.pcap [WIP] Windows support. 2021-11-29 14:30:39 +01:00