Update for nDPI 4.10

1 files changed, 191 insertions, 0 deletions

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 5b5698edd..e3f5258d7 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,196 @@
 # CHANGELOG
 
+#### nDPI 4.10 (Aug 2024)
+
+## Major Changes
+- Initial work towards First Packet Classification (FPC)
+
+## New Supported Protocols and Services
+- Add OpenWire support (#2513)
+- FPC: add DNS correlation  (#2497)
+- ipaddr2list.py, ndpi2timeline.py: reformatted (#2509)
+- Add Nano (XNO) protocol support (#2508)
+- Added ClickHouse protocol
+- Add HLS support (#2502)
+- Add infrastructure for explicit support of Fist Packet Classification (#2488)
+- Add detection of Twitter bot (#2487)
+- Added default port mappings to ndpiReader help -H (#2477)
+- Add Ripe Atlas probe protocol. (#2473)
+- Add ZUG consensus protocol dissector. (#2458)
+- Added NDPI_PROBING_ATTEMPT risk
+- DTLS: add support for DTLS 1.3 (#2445)
+- Added dpi.compute_entropy configuration parameter
+- Add Call of Duty Mobile support (#2438)
+- Add Ethernet Global Data support (#2437)
+- Viber: add detection of voip calls and avoid false positives (#2434)
+- Add support for Mastodon, Bluesky and (FB-)Threads (#2418)
+- Fixes JA4 computation adding a better GREASE detect funzion
+- DTLS: add support for Alert message type (similar to TLS) (#2406)
+- Add Adobe Connect support (#2407)
+- Remove PPStream protocol and add iQIYI (#2403)
+- Add BFCP protocol support (#2401)
+- Add strlcpy implementation (#2395)
+- Add KNXnet/IP protocol support (#2397)
+- STUN: add support for ipv6 in some metadata (#2389)
+- Implemented STUN peer_address, relayed_address, response_origin, other_address parsing Added code to ignore invalid STUN realm Extended JSON output with STUN information
+- Add Label Distribution Protocol support (#2385)
+- Add The Elder Scrolls Online support (#2376)
+- Add Shellscript risk detection. (#2375)
+- Add PE32/PE32+ risk detection (detect transmitted windows executables). (#2312)
+- Added support for STUN Mapped IP address
+- Added binary data transfer risk alert
+- Add LoL: Wild Rift detection (#2356)
+- STUN: add dissection of XOR-PEER-ADDRESS with ipv6 address
+- Add FLUTE protocol dissector (#2351)
+- Add PFCP protocol dissector (#2342)
+- Add Path of Exile protocol dissector (#2337)
+- Add NetEase Games detection support (#2335)
+- Add Naraka Bladepoint detection support (#2334)
+- Add BFD protocol dissector (#2332)
+- Add DLEP protocol dissector (#2326)
+- Add ANSI C12.22 protocol dissector (#2317)
+- TLS: add configuration of JA* fingerprints (#2313)
+- Add detection of Gaijin Entertainment games (#2311)
+- Add new AppsFlyer domain (#2307)
+- Add TencentGames protocol dissector (#2306)
+- Add Gearman protocol dissector (#2297)
+- Add Raft protocol dissector. (#2286)
+- Add Radmin protocol dissector (#2283)
+- Add STOMP protocol dissector (#2280)
+- Add ElectronicArts detection support (#2274)
+- Add Yojimbo (netcode) protocol dissector (#2277)
+- Add a dedicated dissector for Zoom (#2265)
+- Add Mumble detection support (#2269)
+- Add KCP protocol dissector. (#2257)
+- Add PIA (Private Internet Access) support (#2250)
+- Add more adult content hostnames (#2247)
+- Add Roughtime protocol dissector. (#2248)
+- Add realtime protocol output to `ndpiReader`. (#2197)
+- Add Google Chat support (#2244)
+- ndpiReader: add breed stats on output used for CI (#2236)
+- Add Ceph protocol dissector (#2242)
+- Add HL7 protocol dissector (#2240)
+- Add IEC62056 (DLMS/COSEM) protocol dissector (#2229)
+- Add NoMachine NX protocol dissector (#2234)
+- Add Apache Kafka protocol dissector (#2226)
+- Add WebDAV detection support (#2224)
+- Add JSON-RPC protocol dissector (#2217)
+- Add OpenFlow protocol dissector (#2222)
+- Add UFTP protocol dissector (#2215)
+- Add HiSLIP protocol dissector (#2214)
+- Add PROFINET/IO protocol dissector (#2213)
+- Add Monero protocol classification. (#2196)
+- Add Ether-S-Bus protocol dissector (#2200)
+- Add IEEE C37.118 protocol dissector (#2193)
+- Add ISO 9506-1 MMS protocol dissector (#2189)
+- Add Beckhoff ADS protocol dissector (#2181)
+- Add Schneider Electric’s UMAS detection support (#2180)
+- Add Ether-S-I/O protocol dissector (#2174)
+- Add Omron FINS protocol dissector (#2172)
+- Rework S7Comm dissector; add S7Comm Plus support (#2165)
+- Add OPC UA protocol dissector (#2169)
+- Add RTPS protocol dissector (#2168)
+- Add HART-IP protocol dissector (#2163)
+- Add IEEE 1588-2008 (PTPv2) dissector (#2156)
+- Added TeslaServices and improved TikTok host names. Fixes #2140. (#2144)
+- Add ethereum protocol dissector. (#2111)
+- Added generic Google Protobuf dissector. (#2109)
+- Add CAN over Ethernet dissector.
+	
+	
+## Improvements
+
+ - Enhanced PrimeVideo detection
+ - Enhanced ookla tracing
+ - Improved ICMP malformed packet risk description
+- Improve detection of Cloudflare WARP traffic (#2491)
+- tunnelbear: improve detection over wireguard (#2485)
+- Improve detection of Twitter/X (#2482)
+- Zoom: fix detection of screen sharing (#2476)
+ - Improved detection of Android connectiity checks
+ - Zoom: fix integer overflow (#2469)
+ - RTP/STUN: look for STUN packets after RTP/RTCP classification (#2465)
+ - Zoom: faster detection of P2P flows (#2467)
+ - Added NDPI_PROTOCOL_NTOP assert and removed percentage comparison (#2460)
+- Add extra entropy checks and more precise(?) analysis. (#2383)
+- STUN: improve extraction of Mapped-Address metadata (#2370)
+- Added support for roaring bitmap v3 (#2355)
+- Add more TencentGames signatures (#2354)
+- Added DGA exception for Dropbox
+- QUIC: add heuristic to detect unidirectional *G*QUIC flows (#2207)
+- fuzzing: improve coverage (#2495)
+- Improve detection of Cloudflare WARP traffic (#2491)
+- fuzz: improve fuzzers using pl7m (#2486)
+- wireshark: lua: minor improvements
+- Improved logic for checking invalid DNS queries
+- fuzz: improve fuzzing coverage (#2474)
+- Improved Kafka dissector. (#2456)
+- H323: improve detection and avoid false positives (#2432)
+- Fix/improve fuzzing (#2426) (#2400)
+- eDonkey: improve/update classification (#2410)
+- Domain Classification Improvements  (#2396)
+- STUN: improve extraction of Mapped-Address metadata (#2370)
+- Improve LoL: Wild Rift detection (#2359)
+- Improve TencentGames detection (#2353)
+- STUN: improve heurstic to detect old classic-stun
+- ahocorasick: improve matching with subdomains (#2331)
+- Improved alert on suspicious DNS traffic
+- Telegram: improve identification
+- Improved Telegram detection
+- Improved modbus dissection to discard false positives
+- Improved Polish gambling sites fetch script. (#2315)
+- fuzz: improve fuzzing coverage (#2309)
+- Improve normalization of `flow->host_server_name` (#2310)
+- Improve `ndpi_set_config` error printing. (#2300)
+- Improve MySQL detection (#2279)
+- Improve handling of custom rules (#2276)
+- Zoom: improve detection (#2270)
+- Improved ndpi_get_host_domain
+- Bittorrent: improve detection of UTPv1 (#2259)
+- Improved uTorrent via utp (TCP-like streams over UDP). (#2255)
+- fuzz: improve fuzzing coverage (#2239)
+- fuzz: improve fuzzing coverage (#2220)
+- Improved belgium gambling sites regex. (#2184)
+- Improve CORBA detection (#2167)
+- STUN: improve demultiplexing of DTLS packets (#2153)
+- Improved TFTP. Fixes #2075. (#2149)
+- fuzz: improve coverage and remove dead code (#2135)
+- Improved Protobuf dissector. (#2119)
+- Improved detection as non DGA for hostnames belnging to a CDN (#2068)
+- Improved CryNetwork protocol dissector.
+
+## Tools
+- Make the CI faster (#2475)
+- Add a script to download/update the domain suffix list (#2321)
+- Add identification of Huawei generic and cloud traffic (#2325)
+- ndpiReader: improve the check on max number of pkts processed per flow (#2261)
+- Added default port mappings to ndpiReader help -H (#2477)
+- ndpiReader: restore `ndpiReader -x $DOMAIN_NAME` functionality (#2329)
+- ndpiReader: improve the check on max number of pkts processed per flow (#2261)
+- ndpiReader: fix memory leak
+- Add realtime protocol output to `ndpiReader`. (#2197)
+- ndpiReader: add breed stats on output used for CI (#2236)
+- ndpiReader: avoid creating two detection modules when processing traffic/traces (#2209)
+- ndpiReader: fix `guessed_flow_protocols` statistic (#2203)
+
+## Misc
+- Improved tests coverage
+- Varisous performance improvements
+- Added stress test
+- Added new API calls - ndpi_load_domain_suffixes() - ndpi_get_host_domain_suffix()
+- Add some fast CRC16 algorithms implementation (#2195)
+- Add a FAQ for the project (#2185)
+- Ip address list: aggregate Mullvad and Tor lists too (#2154)
+- IP lists: aggregate addresses wherever possible (#2152)
+- Added malicious sites from the polish cert. (#2121)
+- IPv6: add support for custom categories (#2126)
+- IPv6: add support for IPv6 risk exceptions (#2122)
+- IPv6: add support for custom rules (#2120)
+- IPv6: add support for IPv6 risk tree (#2118)
+- ipv6: add support for ipv6 addresses lists (#2113)
+
+
+
 #### nDPI 4.8 (Oct 2023)
 
 ## Major Changes