diff options
| author | Campus <campus@ntop.org> | 2016-03-19 01:18:48 +0100 |
|---|---|---|
| committer | Campus <campus@ntop.org> | 2016-03-19 01:18:48 +0100 |
| commit | a499da00baca803caa4c7721517a45d9a57d56fa (patch) | |
| tree | 742957a27e684086603c0a6682e82b1f0d2f306e | |
| parent | a4d9c8cc3babd40e3ba7c09b5d8b7d426ccef95c (diff) | |
added tcp port 51413 for TCP BT detection
| -rw-r--r-- | src/lib/ndpi_main.c | 2 | ||||
| -rw-r--r-- | src/lib/protocols/bittorrent.c | 50 |
2 files changed, 20 insertions, 32 deletions
diff --git a/src/lib/ndpi_main.c b/src/lib/ndpi_main.c index 890c3cad8..a5fab256e 100644 --- a/src/lib/ndpi_main.c +++ b/src/lib/ndpi_main.c @@ -867,7 +867,7 @@ static void ndpi_init_protocol_defaults(struct ndpi_detection_module_struct *ndp ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_BITTORRENT, no_master, no_master, "BitTorrent", - ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, + ndpi_build_default_ports(ports_a, 51413, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 6771, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_TEREDO, no_master, diff --git a/src/lib/protocols/bittorrent.c b/src/lib/protocols/bittorrent.c index fdaef48b9..8213d3b45 100644 --- a/src/lib/protocols/bittorrent.c +++ b/src/lib/protocols/bittorrent.c @@ -25,11 +25,11 @@ #include "ndpi_protocols.h" #ifdef NDPI_PROTOCOL_BITTORRENT -#define NDPI_PROTOCOL_UNSAFE_DETECTION 0 -#define NDPI_PROTOCOL_SAFE_DETECTION 1 +#define NDPI_PROTOCOL_UNSAFE_DETECTION 0 +#define NDPI_PROTOCOL_SAFE_DETECTION 1 -#define NDPI_PROTOCOL_PLAIN_DETECTION 0 -#define NDPI_PROTOCOL_WEBSEED_DETECTION 2 +#define NDPI_PROTOCOL_PLAIN_DETECTION 0 +#define NDPI_PROTOCOL_WEBSEED_DETECTION 2 struct ndpi_utp_hdr { @@ -104,8 +104,7 @@ static u_int8_t ndpi_int_search_bittorrent_tcp_zero(struct ndpi_detection_module if(memcmp(&packet->payload[1], "BitTorrent protocol", 19) == 0) { NDPI_LOG(NDPI_PROTOCOL_BITTORRENT, ndpi_struct, NDPI_LOG_TRACE, "BT: plain BitTorrent protocol detected\n"); ndpi_add_connection_as_bittorrent(ndpi_struct, flow, 20, 1, - NDPI_PROTOCOL_SAFE_DETECTION, NDPI_PROTOCOL_PLAIN_DETECTION/* , */ - /* NDPI_REAL_PROTOCOL */); + NDPI_PROTOCOL_SAFE_DETECTION, NDPI_PROTOCOL_PLAIN_DETECTION); return 1; } } @@ -115,8 +114,7 @@ static u_int8_t ndpi_int_search_bittorrent_tcp_zero(struct ndpi_detection_module NDPI_LOG(NDPI_PROTOCOL_BITTORRENT, ndpi_struct, NDPI_LOG_TRACE, "BT: plain webseed BitTorrent protocol detected\n"); ndpi_add_connection_as_bittorrent(ndpi_struct, flow, -1, 1, - NDPI_PROTOCOL_SAFE_DETECTION, NDPI_PROTOCOL_WEBSEED_DETECTION/* , */ - /* NDPI_CORRELATED_PROTOCOL */); + NDPI_PROTOCOL_SAFE_DETECTION, NDPI_PROTOCOL_WEBSEED_DETECTION); return 1; } /* seen Azureus as server for webseed, possibly other servers existing, to implement */ @@ -150,20 +148,18 @@ static u_int8_t ndpi_int_search_bittorrent_tcp_zero(struct ndpi_detection_module NDPI_LOG(NDPI_PROTOCOL_BITTORRENT, ndpi_struct, NDPI_LOG_TRACE, "Azureus /Bittorrent user agent line detected\n"); ndpi_add_connection_as_bittorrent(ndpi_struct, flow, -1, 1, - NDPI_PROTOCOL_SAFE_DETECTION, NDPI_PROTOCOL_WEBSEED_DETECTION/* , */ - /* NDPI_CORRELATED_PROTOCOL */); + NDPI_PROTOCOL_SAFE_DETECTION, NDPI_PROTOCOL_WEBSEED_DETECTION); return 1; } if(packet->user_agent_line.ptr != NULL - && (packet->user_agent_line.len >= 9 && memcmp(packet->user_agent_line.ptr, "Shareaza ", 9) == 0) - && (packet->parsed_lines > 8 && packet->line[8].ptr != 0 - && packet->line[8].len >= 9 && memcmp(packet->line[8].ptr, "X-Queue: ", 9) == 0)) { + && (packet->user_agent_line.len >= 9 && memcmp(packet->user_agent_line.ptr, "Shareaza ", 9) == 0) + && (packet->parsed_lines > 8 && packet->line[8].ptr != 0 + && packet->line[8].len >= 9 && memcmp(packet->line[8].ptr, "X-Queue: ", 9) == 0)) { NDPI_LOG(NDPI_PROTOCOL_BITTORRENT, ndpi_struct, NDPI_LOG_TRACE, "Bittorrent Shareaza detected.\n"); ndpi_add_connection_as_bittorrent(ndpi_struct, flow, -1, 1, - NDPI_PROTOCOL_SAFE_DETECTION, NDPI_PROTOCOL_WEBSEED_DETECTION/* , */ - /* NDPI_CORRELATED_PROTOCOL */); + NDPI_PROTOCOL_SAFE_DETECTION, NDPI_PROTOCOL_WEBSEED_DETECTION); return 1; } @@ -197,8 +193,7 @@ static u_int8_t ndpi_int_search_bittorrent_tcp_zero(struct ndpi_detection_module NDPI_LOG(NDPI_PROTOCOL_BITTORRENT, ndpi_struct, NDPI_LOG_TRACE, "Bitcomet LTS detected\n"); ndpi_add_connection_as_bittorrent(ndpi_struct, flow, -1, 1, - NDPI_PROTOCOL_UNSAFE_DETECTION, NDPI_PROTOCOL_PLAIN_DETECTION/* , */ - /* NDPI_CORRELATED_PROTOCOL */); + NDPI_PROTOCOL_UNSAFE_DETECTION, NDPI_PROTOCOL_PLAIN_DETECTION); return 1; } @@ -223,8 +218,7 @@ static u_int8_t ndpi_int_search_bittorrent_tcp_zero(struct ndpi_detection_module NDPI_LOG(NDPI_PROTOCOL_BITTORRENT, ndpi_struct, NDPI_LOG_TRACE, "FlashGet detected\n"); ndpi_add_connection_as_bittorrent(ndpi_struct, flow, -1, 1, - NDPI_PROTOCOL_UNSAFE_DETECTION, NDPI_PROTOCOL_PLAIN_DETECTION/* , */ - /* NDPI_CORRELATED_PROTOCOL */); + NDPI_PROTOCOL_UNSAFE_DETECTION, NDPI_PROTOCOL_PLAIN_DETECTION); return 1; } @@ -245,8 +239,7 @@ static u_int8_t ndpi_int_search_bittorrent_tcp_zero(struct ndpi_detection_module NDPI_LOG(NDPI_PROTOCOL_BITTORRENT, ndpi_struct, NDPI_LOG_TRACE, "FlashGet detected\n"); ndpi_add_connection_as_bittorrent(ndpi_struct, flow, -1, 1, - NDPI_PROTOCOL_UNSAFE_DETECTION, NDPI_PROTOCOL_PLAIN_DETECTION/* , */ - /* NDPI_CORRELATED_PROTOCOL */); + NDPI_PROTOCOL_UNSAFE_DETECTION, NDPI_PROTOCOL_PLAIN_DETECTION); return 1; } @@ -315,8 +308,7 @@ static u_int8_t ndpi_int_search_bittorrent_tcp_zero(struct ndpi_detection_module NDPI_LOG(NDPI_PROTOCOL_BITTORRENT, ndpi_struct, NDPI_LOG_TRACE, " BT stat: tracker info hash parsed\n"); ndpi_add_connection_as_bittorrent(ndpi_struct, flow, -1, 1, - NDPI_PROTOCOL_SAFE_DETECTION, NDPI_PROTOCOL_PLAIN_DETECTION/* , */ - /* NDPI_CORRELATED_PROTOCOL */); + NDPI_PROTOCOL_SAFE_DETECTION, NDPI_PROTOCOL_PLAIN_DETECTION); return 1; } @@ -345,8 +337,7 @@ static u_int8_t ndpi_int_search_bittorrent_tcp_zero(struct ndpi_detection_module NDPI_LOG(NDPI_PROTOCOL_BITTORRENT, ndpi_struct, NDPI_LOG_TRACE, "BT: Warez - Plain BitTorrent protocol detected\n"); ndpi_add_connection_as_bittorrent(ndpi_struct, flow, -1, 1, - NDPI_PROTOCOL_SAFE_DETECTION, NDPI_PROTOCOL_PLAIN_DETECTION/* , */ - /* NDPI_REAL_PROTOCOL */); + NDPI_PROTOCOL_SAFE_DETECTION, NDPI_PROTOCOL_PLAIN_DETECTION); return 1; } } @@ -362,8 +353,7 @@ static u_int8_t ndpi_int_search_bittorrent_tcp_zero(struct ndpi_detection_module ndpi_struct, NDPI_LOG_TRACE, "BT: Warez - Plain BitTorrent protocol detected due to Host: ip2p.com: pattern\n"); ndpi_add_connection_as_bittorrent(ndpi_struct, flow, -1, 1, - NDPI_PROTOCOL_SAFE_DETECTION, NDPI_PROTOCOL_WEBSEED_DETECTION/* , */ - /* NDPI_CORRELATED_PROTOCOL */); + NDPI_PROTOCOL_SAFE_DETECTION, NDPI_PROTOCOL_WEBSEED_DETECTION); return 1; } } @@ -435,8 +425,7 @@ void ndpi_search_bittorrent(struct ndpi_detection_module_struct *ndpi_struct, st if(packet->payload_packet_len >= 23 /* min header size */) { if(strncmp((const char*)packet->payload, bt_search, strlen(bt_search)) == 0) { ndpi_add_connection_as_bittorrent(ndpi_struct, flow, -1, 1, - NDPI_PROTOCOL_SAFE_DETECTION, NDPI_PROTOCOL_PLAIN_DETECTION /* , */ - /* NDPI_REAL_PROTOCOL */); + NDPI_PROTOCOL_SAFE_DETECTION, NDPI_PROTOCOL_PLAIN_DETECTION); return; } else { /* Check if this is protocol v0 */ @@ -500,8 +489,7 @@ void ndpi_search_bittorrent(struct ndpi_detection_module_struct *ndpi_struct, st NDPI_LOG(NDPI_PROTOCOL_BITTORRENT, ndpi_struct, NDPI_LOG_TRACE, "BT: plain BitTorrent protocol detected\n"); ndpi_add_connection_as_bittorrent(ndpi_struct, flow, -1, 0, - NDPI_PROTOCOL_SAFE_DETECTION, NDPI_PROTOCOL_PLAIN_DETECTION/* , */ - /* NDPI_REAL_PROTOCOL */); + NDPI_PROTOCOL_SAFE_DETECTION, NDPI_PROTOCOL_PLAIN_DETECTION); return; } } |