diff options
| author | Luca Deri <deri@ntop.org> | 2021-10-05 17:14:31 +0200 |
|---|---|---|
| committer | Luca Deri <deri@ntop.org> | 2021-10-05 17:14:31 +0200 |
| commit | 8957c52a48232e54efa8b3cbd23aa7ee06c849c9 (patch) | |
| tree | 9b70d0657085a23c14ee96967577384e6c6b411f | |
| parent | 408d78e6281aa664fbc07d96d00e764bb0371a86 (diff) | |
Numeric IPs are not considered for DGA checks
| -rw-r--r-- | src/lib/ndpi_main.c | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/src/lib/ndpi_main.c b/src/lib/ndpi_main.c index 7b279a906..9e2f3b68b 100644 --- a/src/lib/ndpi_main.c +++ b/src/lib/ndpi_main.c @@ -7514,6 +7514,15 @@ int ndpi_check_dga_name(struct ndpi_detection_module_struct *ndpi_str, if(ndpi_match_string_subprotocol(ndpi_str, name, strlen(name), &ret_match, 1) > 0) return(0); /* Ignore DGA for known domain names */ + + if(isnumber(name[0])) { + struct in_addr ip_addr; + char buf[22]; + + ip_addr.s_addr = inet_addr(buf); + if(strcmp(inet_ntoa(ip_addr), buf) == 0) + return(0); /* Ignore numeric IPs */ + } if(strncmp(name, "www.", 4) == 0) name = &name[4]; |