diff options
| author | Ivan Nardi <12729895+IvanNardi@users.noreply.github.com> | 2024-01-21 19:53:32 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-01-21 19:53:32 +0100 |
| commit | 82e8bf91ddb5bf38974d4372fb0ec4849b964ec8 (patch) | |
| tree | 8ae35cfb52d31a1d1d4acfb496f7807a68d8bb64 /example/ndpiReader.c | |
| parent | 5620e10742986fd25d6fb0be1ac16502d8d10055 (diff) | |
Improve handling of custom rules (#2276)
Avoid collisions between user-ids and internal-ids protocols in the
`example/protos.txt` file.
Add a new value for the classification confidence:
`NDPI_CONFIDENCE_CUSTOM_RULE`
With `./example/ndpiReader -p example/protos.txt -H` we now see also the
custom protocols and their internal/external ids:
```
nDPI supported protocols:
Id Userd-id Protocol Layer_4 Nw_Proto Breed Category
0 0 Unknown TCP X Unrated Unspecified
...
387 387 Mumble UDP X Fun VoIP
388 388 iSCSI TCP Acceptable Unspecified
389 389 Kibana TCP Acceptable Unspecified
390 390 TestProto TCP Acceptable Unspecified
391 391 HomeRouter TCP Acceptable Unspecified
392 392 CustomProtocol TCP Acceptable Unspecified
393 393 AmazonPrime TCP Acceptable Unspecified
394 394 CustomProtocolA TCP Acceptable Unspecified
395 395 CustomProtocolB TCP Acceptable Unspecified
396 800 CustomProtocolC TCP Acceptable Unspecified
397 1024 CustomProtocolD TCP Acceptable Unspecified
398 2048 CustomProtocolE TCP Acceptable Unspecified
399 2049 CustomProtocolF TCP Acceptable Unspecified
400 2050 CustomProtocolG TCP Acceptable Unspecified
401 65535 CustomProtocolH TCP Acceptable Unspecified
```
We likely need to take a better look in general at the iteration between
internal and external protocols ids...
This PR fixes the issue observed in
https://github.com/ntop/nDPI/pull/2274#discussion_r1460674874 and in
https://github.com/ntop/nDPI/pull/2275.
Diffstat (limited to 'example/ndpiReader.c')
| -rw-r--r-- | example/ndpiReader.c | 14 |
1 files changed, 10 insertions, 4 deletions
diff --git a/example/ndpiReader.c b/example/ndpiReader.c index ecb2a7477..5685cda9a 100644 --- a/example/ndpiReader.c +++ b/example/ndpiReader.c @@ -609,6 +609,10 @@ static void help(u_int long_help) { struct ndpi_detection_module_struct *ndpi_info_mod = ndpi_init_detection_module(); NDPI_BITMASK_SET_ALL(all); ndpi_set_protocol_detection_bitmask2(ndpi_info_mod, &all); + + if(_protoFilePath != NULL) + ndpi_load_protocols_file(ndpi_info_mod, _protoFilePath); + ndpi_finalize_initialization(ndpi_info_mod); printf("\nProtocols configuration parameters:\n"); @@ -635,8 +639,8 @@ static void help(u_int long_help) { sizeof(((struct ndpi_flow_struct *)0)->protos)); printf("\n\nnDPI supported protocols:\n"); - printf("%3s %-22s %-10s %-8s %-12s %s\n", - "Id", "Protocol", "Layer_4", "Nw_Proto", "Breed", "Category"); + printf("%3s %8s %-22s %-10s %-8s %-12s %s\n", + "Id", "Userd-id", "Protocol", "Layer_4", "Nw_Proto", "Breed", "Category"); num_threads = 1; ndpi_dump_protocols(ndpi_info_mod, stdout); @@ -4126,7 +4130,8 @@ static void printResults(u_int64_t processing_time_usec, u_int64_t setup_time_us if(!quiet_mode) printf("\n\nDetected protocols:\n"); for(i = 0; i <= ndpi_get_num_supported_protocols(ndpi_thread_info[0].workflow->ndpi_struct); i++) { - ndpi_protocol_breed_t breed = ndpi_get_proto_breed(ndpi_thread_info[0].workflow->ndpi_struct, i); + ndpi_protocol_breed_t breed = ndpi_get_proto_breed(ndpi_thread_info[0].workflow->ndpi_struct, + ndpi_map_ndpi_id_to_user_proto_id(ndpi_thread_info[0].workflow->ndpi_struct, i)); if(cumulative_stats.protocol_counter[i] > 0) { breed_stats_bytes[breed] += (long long unsigned int)cumulative_stats.protocol_counter_bytes[i]; @@ -4135,7 +4140,8 @@ static void printResults(u_int64_t processing_time_usec, u_int64_t setup_time_us if(results_file) fprintf(results_file, "%s\t%llu\t%llu\t%u\n", - ndpi_get_proto_name(ndpi_thread_info[0].workflow->ndpi_struct, i), + ndpi_get_proto_name(ndpi_thread_info[0].workflow->ndpi_struct, + ndpi_map_ndpi_id_to_user_proto_id(ndpi_thread_info[0].workflow->ndpi_struct, i)), (long long unsigned int)cumulative_stats.protocol_counter[i], (long long unsigned int)cumulative_stats.protocol_counter_bytes[i], cumulative_stats.protocol_flows[i]); |