diff options
| author | Ivan Nardi <12729895+IvanNardi@users.noreply.github.com> | 2024-09-30 16:55:22 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-09-30 16:55:22 +0200 |
| commit | bfab402e05a033036b80b932cc1aa25c23303781 (patch) | |
| tree | b6dc03339fcf26d00cc097fa757d48f626b35cab /example/ndpiReader.c | |
| parent | 69c89f9061967372d00269e258c8fb2be14e9dba (diff) | |
wireshark: extcap: allow configuration of OpenVPN/TLS heuristics via GUI (#2576)
Diffstat (limited to 'example/ndpiReader.c')
| -rw-r--r-- | example/ndpiReader.c | 30 |
1 files changed, 29 insertions, 1 deletions
diff --git a/example/ndpiReader.c b/example/ndpiReader.c index 6fe6e3e00..fe8c4fe03 100644 --- a/example/ndpiReader.c +++ b/example/ndpiReader.c @@ -692,6 +692,10 @@ static void help(u_int long_help) { " -A | Dump internal statistics (LRU caches / Patricia trees / Ahocarasick automas / ...\n" " -M | Memory allocation stats on data-path (only by the library).\n" " | It works only on single-thread configuration\n" + " --openvp_heuristics | Enable OpenVPN heuristics.\n" + " | It is a shortcut to --cfg=openvpn.heuristics,0x01\n" + " --tls_heuristics | Enable TLS heuristics.\n" + " | It is a shortcut to --cfg=tls.heuristics,0x07\n" " --cfg=proto,param,value | Configure the specific attribute of this protocol\n" , human_readeable_string_len, @@ -751,6 +755,8 @@ static void help(u_int long_help) { #define OPTLONG_VALUE_CFG 3000 +#define OPTLONG_VALUE_OPENVPN_HEURISTICS 3001 +#define OPTLONG_VALUE_TLS_HEURISTICS 3002 static struct option longopts[] = { /* mandatory extcap options */ @@ -794,6 +800,8 @@ static struct option longopts[] = { { "quiet", no_argument, NULL, 'q'}, { "cfg", required_argument, NULL, OPTLONG_VALUE_CFG}, + { "openvpn_heuristics", no_argument, NULL, OPTLONG_VALUE_OPENVPN_HEURISTICS}, + { "tls_heuristics", no_argument, NULL, OPTLONG_VALUE_TLS_HEURISTICS}, {0, 0, 0, 0} }; @@ -887,7 +895,7 @@ void extcap_config() { protos = (struct ndpi_proto_sorter*)ndpi_malloc(sizeof(struct ndpi_proto_sorter) * ndpi_num_supported_protocols); if(!protos) exit(0); - printf("arg {number=%d}{call=--ndpi-proto-filter}{display=nDPI Protocol Filter}{type=selector}{group=Filter}" + printf("arg {number=%d}{call=--ndpi-proto-filter}{display=nDPI Protocol Filter}{type=selector}{group=Options}" "{tooltip=nDPI Protocol to be filtered}\n", argidx); printf("value {arg=%d}{value=%d}{display=%s}{default=true}\n", argidx, (u_int32_t)-1, "No nDPI filtering"); @@ -904,6 +912,12 @@ void extcap_config() { protos[i].name, protos[i].id); ndpi_free(protos); + argidx++; + + printf("arg {number=%d}{call=--openvp_heuristics}{display=Enable Obfuscated OpenVPN heuristics}" + "{tooltip=Enable Obfuscated OpenVPN heuristics}{type=boolflag}{group=Options}\n", argidx++); + printf("arg {number=%d}{call=--tls_heuristics}{display=Enable Obfuscated TLS heuristics}" + "{tooltip=Enable Obfuscated TLS heuristics}{type=boolflag}{group=Options}\n", argidx++); ndpi_exit_detection_module(ndpi_str); @@ -1362,6 +1376,20 @@ static void parseOptions(int argc, char **argv) { reader_log_level = 0; break; + case OPTLONG_VALUE_OPENVPN_HEURISTICS: + if(reader_add_cfg("openvpn", "dpi.heuristics", "0x01", 1) == 1) { + printf("Invalid cfg [num:%d/%d]\n", num_cfgs, MAX_NUM_CFGS); + exit(1); + } + break; + + case OPTLONG_VALUE_TLS_HEURISTICS: + if(reader_add_cfg("tls", "dpi.heuristics", "0x07", 1) == 1) { + printf("Invalid cfg [num:%d/%d]\n", num_cfgs, MAX_NUM_CFGS); + exit(1); + } + break; + /* Extcap */ case '0': extcap_interfaces(); |