Updated with latest nDPi risks

include/ntop_typedefs.h

@@ -519,6 +519,9 @@ typedef enum {
   flow_alert_modbus_unexpected_function_code = 93,
   flow_alert_modbus_too_many_exceptions = 94,
   flow_alert_modbus_invalid_transition = 95,
+  flow_alert_ndpi_fully_encrypted = 96,
+  flow_alert_ndpi_tls_alpn_sni_mismatch = 96,
+
   
   MAX_DEFINED_FLOW_ALERT_TYPE, /* Leave it as last member */
 

scripts/lua/modules/alert_keys/flow_alert_keys.lua

@@ -102,6 +102,9 @@ local flow_alert_keys = {
    flow_alert_modbus_unexpected_function_code      = 93,
    flow_alert_modbus_too_many_exceptions           = 94,
    flow_alert_modbus_invalid_transition            = 95,
+   flow_alert_ndpi_fully_encrypted                 = 96,
+   flow_alert_ndpi_tls_alpn_sni_mismatch           = 97,
+   
    
    -- NOTE: do not go beyond the size of the alert_map bitmal inside Flow.h (currently 128)
 }

src/FlowRiskAlerts.cpp

@@ -37,7 +37,7 @@
  * the live flow information, without contributing to the score for instance)
  */
 
-static const FlowAlertTypeExtended risk_enum_to_alert_type[NDPI_MAX_RISK]{
+static const FlowAlertTypeExtended risk_enum_to_alert_type[NDPI_MAX_RISK] {
     /* NDPI_NO_RISK */
     {{flow_alert_normal, alert_category_other}, "ndpi_no_risk"},
 
@@ -238,6 +238,12 @@ static const FlowAlertTypeExtended risk_enum_to_alert_type[NDPI_MAX_RISK]{
 
     /* NDPI_TCP_ISSUES */
     {{flow_alert_ndpi_tcp_issues, alert_category_network}, "ndpi_tcp_issues"},
+
+    /* NDPI_FULLY_ENCRYPTED */
+    {{flow_alert_ndpi_fully_encrypted, alert_category_network}, "ndpi_fully_encrypted"},
+
+    /* NDPI_TLS_ALPN_SNI_MISMATCH */
+    {{flow_alert_ndpi_tls_alpn_sni_mismatch, alert_category_security}, "ndpi_tls_alpn_sni_mismatch"},
 };
 
 /* **************************************************** */