Added RiskInfo string

3 files changed, 13 insertions, 1 deletions

diff --git a/example/ndpiReader.c b/example/ndpiReader.c
index f8886fed1..d7dac2e15 100644
--- a/example/ndpiReader.c
+++ b/example/ndpiReader.c
@@ -1515,6 +1515,9 @@ static void printFlow(u_int32_t id, struct ndpi_flow_info *flow, u_int16_t threa
       fprintf(out, "]");
 
       fprintf(out, "[Risk Score: %u]", ndpi_risk2score(flow->risk, &cli_score, &srv_score));
+
+      if(flow->risk_str)
+	fprintf(out, "[Risk Info: %s]", flow->risk_str);
     }
 
     if(flow->ssh_tls.ssl_version != 0) fprintf(out, "[%s]", ndpi_ssl_version2str(buf_ver, sizeof(buf_ver),
diff --git a/example/reader_util.c b/example/reader_util.c
index 49c647516..cb591d52e 100644
--- a/example/reader_util.c
+++ b/example/reader_util.c
@@ -541,6 +541,8 @@ void ndpi_flow_info_free_data(struct ndpi_flow_info *flow) {
 #else
   ndpi_free_bin(&flow->payload_len_bin);
 #endif
+
+  if(flow->risk_str) ndpi_free(flow->risk_str);
 }
 
 /* ***************************************************** */
@@ -1036,11 +1038,17 @@ u_int8_t plen2slot(u_int16_t plen) {
 
 void process_ndpi_collected_info(struct ndpi_workflow * workflow, struct ndpi_flow_info *flow) {
   u_int i, is_quic = 0;
-
+  char out[128], *s;
+  
   if(!flow->ndpi_flow) return;
 
   flow->info_type = INFO_INVALID;
 
+  s = ndpi_get_flow_risk_info(flow->ndpi_flow, out, sizeof(out));
+
+  if(s != NULL)
+    flow->risk_str = ndpi_strdup(s);
+  
   flow->confidence = flow->ndpi_flow->confidence;
 
   ndpi_snprintf(flow->host_server_name, sizeof(flow->host_server_name), "%s",
diff --git a/example/reader_util.h b/example/reader_util.h
index 6259de5f2..c2a152d38 100644
--- a/example/reader_util.h
+++ b/example/reader_util.h
@@ -198,6 +198,7 @@ typedef struct ndpi_flow_info {
   u_int32_t src2dst_packets, dst2src_packets;
   u_int32_t has_human_readeable_strings;
   char human_readeable_string_buffer[32];
+  char *risk_str;
 
   // result only, not used for flow identification
   ndpi_protocol detected_protocol;