Add (kind of) support for loading a list of JA4C malicious fingerprints (#2678)

It might be usefull to be able to match traffic against a list of suspicious JA4C fingerprints Use the same code/logic/infrastructure used for JA3C (note that we are going to remove JA3C...) See: #2551
author: Ivan Nardi <12729895+IvanNardi@users.noreply.github.com> 2025-01-14 12:05:03 +0100
committer: GitHub <noreply@github.com> 2025-01-14 12:05:03 +0100
commit: 63a3547f998bfbe52c2bc8a540e0f33d37f3ad88 (patch)
tree: 782eac7281a01087a5cf374e7d0a3a76a7ebc552 /src/include/ndpi_api.h
parent: 69a4f8120a3e335074fcc33f81e1d82dc0a88791 (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/src/include/ndpi_api.h b/src/include/ndpi_api.h
index f1f016be0..48b225d77 100644
--- a/src/include/ndpi_api.h
+++ b/src/include/ndpi_api.h
@@ -850,14 +850,14 @@ extern "C" {
   int ndpi_load_risk_domain_file(struct ndpi_detection_module_struct *ndpi_str, const char* path);
 
   /**
-   * Read a file and load the list of malicious JA3 signatures
+   * Read a file and load the list of malicious JA4 signatures
    *
    * @par     ndpi_mod = the detection module
    * @par     path     = the path of the file
    * @return  0 if the file is loaded correctly;
    *          -1 else
    */
-  int ndpi_load_malicious_ja3_file(struct ndpi_detection_module_struct *ndpi_str, const char *path);
+  int ndpi_load_malicious_ja4_file(struct ndpi_detection_module_struct *ndpi_str, const char *path);
 
   /**
    * Read a file and load the list of malicious SSL certificate SHA1 fingerprints.
author	Ivan Nardi <12729895+IvanNardi@users.noreply.github.com>	2025-01-14 12:05:03 +0100
committer	GitHub <noreply@github.com>	2025-01-14 12:05:03 +0100
commit	63a3547f998bfbe52c2bc8a540e0f33d37f3ad88 (patch)
tree	782eac7281a01087a5cf374e7d0a3a76a7ebc552 /src/include/ndpi_api.h
parent	69a4f8120a3e335074fcc33f81e1d82dc0a88791 (diff)