Added the ability to detect when a known protocol is using a non-standard port

Added check to spot executables exchanged via HTTP
author: Luca Deri <deri@ntop.org> 2020-05-10 21:25:38 +0200
committer: Luca Deri <deri@ntop.org> 2020-05-10 21:25:38 +0200
commit: e5e69d0f7ab382e3507660fe752027c09e32310e (patch)
tree: d75624af11299774d82198a69c512451da9e0b29 /example/reader_util.c
parent: 39ae57e6a3d93cb91def5d76fc54e89075f01867 (diff)
1 files changed, 2 insertions, 0 deletions
diff --git a/example/reader_util.c b/example/reader_util.c
index 142e0ebe8..1feb2d7ff 100644
--- a/example/reader_util.c
+++ b/example/reader_util.c
@@ -993,6 +993,8 @@ void process_ndpi_collected_info(struct ndpi_workflow * workflow, struct ndpi_fl
   snprintf(flow->flow_extra_info, sizeof(flow->flow_extra_info), "%s",
 	   flow->ndpi_flow->flow_extra_info);
 
+  flow->risk = flow->ndpi_flow->risk;
+  
   if(is_ndpi_proto(flow, NDPI_PROTOCOL_DHCP)) {
     snprintf(flow->dhcp_fingerprint, sizeof(flow->dhcp_fingerprint), "%s", flow->ndpi_flow->protos.dhcp.fingerprint);
   } else if(is_ndpi_proto(flow, NDPI_PROTOCOL_BITTORRENT)) {
author	Luca Deri <deri@ntop.org>	2020-05-10 21:25:38 +0200
committer	Luca Deri <deri@ntop.org>	2020-05-10 21:25:38 +0200
commit	e5e69d0f7ab382e3507660fe752027c09e32310e (patch)
tree	d75624af11299774d82198a69c512451da9e0b29 /example/reader_util.c
parent	39ae57e6a3d93cb91def5d76fc54e89075f01867 (diff)