diff options
| author | Ivan Nardi <12729895+IvanNardi@users.noreply.github.com> | 2023-05-20 17:23:48 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-05-20 17:23:48 +0200 |
| commit | 86b56646b532660a7efeb55498766e14ce8bc2c9 (patch) | |
| tree | be4072e34e403401e5bc2e78fb037e56d28159da | |
| parent | 5e8f93c2d157b4af818bc80b2737ee17e920e8e9 (diff) | |
ndpiReader: fix export of DNS/BitTorrent attributes (#1985)
There is no BitTorrent hash in the DNS flows
| -rw-r--r-- | example/reader_util.c | 1 | ||||
| -rw-r--r-- | tests/cfgs/default/pcap/bt-dns.pcap | bin | 0 -> 216 bytes | |||
| -rw-r--r-- | tests/cfgs/default/result/bt-dns.pcap.out | 25 |
3 files changed, 26 insertions, 0 deletions
diff --git a/example/reader_util.c b/example/reader_util.c index 57b37ec4a..c36b62ca1 100644 --- a/example/reader_util.c +++ b/example/reader_util.c @@ -1121,6 +1121,7 @@ void process_ndpi_collected_info(struct ndpi_workflow * workflow, struct ndpi_fl if(flow->ndpi_flow->protos.dhcp.class_ident[0] != '\0') flow->dhcp_class_ident = ndpi_strdup(flow->ndpi_flow->protos.dhcp.class_ident); } else if(is_ndpi_proto(flow, NDPI_PROTOCOL_BITTORRENT) && + !is_ndpi_proto(flow, NDPI_PROTOCOL_DNS) && !is_ndpi_proto(flow, NDPI_PROTOCOL_TLS)) { u_int j; diff --git a/tests/cfgs/default/pcap/bt-dns.pcap b/tests/cfgs/default/pcap/bt-dns.pcap Binary files differnew file mode 100644 index 000000000..59396edda --- /dev/null +++ b/tests/cfgs/default/pcap/bt-dns.pcap diff --git a/tests/cfgs/default/result/bt-dns.pcap.out b/tests/cfgs/default/result/bt-dns.pcap.out new file mode 100644 index 000000000..790fa46e4 --- /dev/null +++ b/tests/cfgs/default/result/bt-dns.pcap.out @@ -0,0 +1,25 @@ +Guessed flow protos: 0 + +DPI Packets (UDP): 2 (2.00 pkts/flow) +Confidence DPI : 1 (flows) +Num dissector calls: 1 (1.00 diss/flow) +LRU cache ookla: 0/0/0 (insert/search/found) +LRU cache bittorrent: 0/0/0 (insert/search/found) +LRU cache zoom: 0/0/0 (insert/search/found) +LRU cache stun: 0/0/0 (insert/search/found) +LRU cache tls_cert: 0/0/0 (insert/search/found) +LRU cache mining: 0/0/0 (insert/search/found) +LRU cache msteams: 0/0/0 (insert/search/found) +LRU cache stun_zoom: 0/0/0 (insert/search/found) +Automa host: 2/2 (search/found) +Automa domain: 2/0 (search/found) +Automa tls cert: 0/0 (search/found) +Automa risk mask: 0/0 (search/found) +Automa common alpns: 0/0 (search/found) +Patricia risk mask: 2/0 (search/found) +Patricia risk: 0/0 (search/found) +Patricia protocols: 2/0 (search/found) + +BitTorrent 2 160 1 + + 1 UDP 10.0.2.15:59751 <-> 10.0.2.3:53 [proto: 5.37/DNS.BitTorrent][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 2][cat: Network/14][1 pkts/72 bytes <-> 1 pkts/88 bytes][Goodput ratio: 41/52][0.00 sec][Hostname/SNI: utorrent.com][98.143.146.7][PLAIN TEXT (utorrent)][Plen Bins: 50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] |