diff options
| author | Luca Deri <deri@ntop.org> | 2024-01-27 20:46:00 +0100 |
|---|---|---|
| committer | Luca Deri <deri@ntop.org> | 2024-01-27 20:46:00 +0100 |
| commit | ec83a592b8b946c8035919fdfc066af4bf6f0e4f (patch) | |
| tree | 6e27ca8730a7adbca1723e97452409b29af7d91f | |
| parent | 7a7df2b7d79bf156b7c0963a6ff360f12c56cffd (diff) | |
Check DGA on domain name (as it should be) rather than on the host name
| -rw-r--r-- | src/lib/ndpi_main.c | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/src/lib/ndpi_main.c b/src/lib/ndpi_main.c index b70ebdb73..df70e26ab 100644 --- a/src/lib/ndpi_main.c +++ b/src/lib/ndpi_main.c @@ -10061,6 +10061,10 @@ static int ndpi_is_vowel(char c) { int ndpi_check_dga_name(struct ndpi_detection_module_struct *ndpi_str, struct ndpi_flow_struct *flow, char *name, u_int8_t is_hostname, u_int8_t check_subproto) { + + /* Get domain name if ndpi_load_domain_suffixes(..) has been called */ + name = (char*)ndpi_get_host_domain(ndpi_str, name); + if(ndpi_dga_function != NULL) { /* A custom DGA function is defined */ int rc = ndpi_dga_function(name, is_hostname); |