diff options
| author | Ivan Nardi <12729895+IvanNardi@users.noreply.github.com> | 2024-05-10 19:23:50 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-05-10 19:23:50 +0200 |
| commit | 4b4b358562a80b546d10f779dba8c56c5d0c6502 (patch) | |
| tree | 54636681c7f1f469f2249673292bfd84fd94e5ff | |
| parent | 6bbae9a70a2b346968406d582f411447c9cbbd00 (diff) | |
Line: use common helper to detect RTP/RTCP packets (#2429)
Add an explicit upper limit on the number of packets processed before
giving up.
| -rw-r--r-- | src/lib/protocols/line.c | 13 | ||||
| -rw-r--r-- | tests/cfgs/default/result/telegram.pcap.out | 2 |
2 files changed, 8 insertions, 7 deletions
diff --git a/src/lib/protocols/line.c b/src/lib/protocols/line.c index 6b69d690c..da28e613b 100644 --- a/src/lib/protocols/line.c +++ b/src/lib/protocols/line.c @@ -38,6 +38,7 @@ static void ndpi_search_line(struct ndpi_detection_module_struct *ndpi_struct, struct ndpi_flow_struct *flow) { struct ndpi_packet_struct const * const packet = &ndpi_struct->packet; + int rc; NDPI_LOG_DBG(ndpi_struct, "searching LineCall\n"); @@ -82,12 +83,12 @@ static void ndpi_search_line(struct ndpi_detection_module_struct *ndpi_struct, /* It might be a RTP/RTCP packet. Ignore it and keep looking for the LINE packet numbers */ /* Basic RTP detection */ - if((packet->payload[0] >> 6) == 2 && /* Version 2 */ - (packet->payload[1] == 201 || /* RTCP, Receiver Report */ - packet->payload[1] == 200 || /* RTCP, Sender Report */ - is_valid_rtp_payload_type(packet->payload[1] & 0x7F)) /* RTP */) { - NDPI_LOG_DBG(ndpi_struct, "Probably RTP; keep looking for LINE\n"); - return; + rc = is_rtp_or_rtcp(ndpi_struct, NULL); + if(rc == IS_RTCP || rc == IS_RTP) { + if(flow->packet_counter < 10) { + NDPI_LOG_DBG(ndpi_struct, "Probably RTP; keep looking for LINE\n"); + return; + } } else { if((u_int8_t)(flow->l4.udp.line_base_cnt[packet->packet_direction] + flow->l4.udp.line_pkts[packet->packet_direction]) == packet->payload[3]) { diff --git a/tests/cfgs/default/result/telegram.pcap.out b/tests/cfgs/default/result/telegram.pcap.out index 683df0993..e7c6e2db8 100644 --- a/tests/cfgs/default/result/telegram.pcap.out +++ b/tests/cfgs/default/result/telegram.pcap.out @@ -1,7 +1,7 @@ DPI Packets (UDP): 81 (1.69 pkts/flow) Confidence Unknown : 3 (flows) Confidence DPI : 45 (flows) -Num dissector calls: 1490 (31.04 diss/flow) +Num dissector calls: 1489 (31.02 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/9/0 (insert/search/found) LRU cache stun: 0/0/0 (insert/search/found) |