Implements custom protocols for ZMQ interfaces

src/ParserInterface.cpp

@@ -311,7 +311,29 @@ void ParserInterface::processFlow(ParsedFlow *zflow) {
   p.category = NDPI_PROTOCOL_CATEGORY_UNSPECIFIED;
 
   if(!flow->isDetectionCompleted()) {
+    ndpi_protocol guessed_protocol = Flow::ndpiUnknownProtocol;
+    u_int8_t is_proto_user_defined;
+
+    /* First, there's an attempt to guess the protocol so that custom protocols
+       defined in ntopng will still be applied to the protocols detected by nprobe. */
+    guessed_protocol.app_protocol = (int16_t)ndpi_guess_protocol_id(get_ndpi_struct(),
+								   NULL, flow->get_protocol(),
+								   flow->get_cli_port(),
+								   flow->get_srv_port(),
+								   &is_proto_user_defined);
+    if(guessed_protocol.app_protocol >= NDPI_MAX_SUPPORTED_PROTOCOLS) {
+      /* If the protocol is greater than NDPI_MAX_SUPPORTED_PROTOCOLS, it means it is
+         a custom protocol so the application protocol received from nprobe can be
+         overridden */
+      p.app_protocol = guessed_protocol.app_protocol;
+    }
+
+    /* Now, depending on the q and on the zflow, there's an additional check
+       to possibly override the category, according to the rules specified
+       in ntopng */
     flow->fillZmqFlowCategory(zflow, &p);
+
+    /* Here everything is setup and it is possible to set the actual protocol to the flow */
     flow->setDetectedProtocol(p, true);
   }