Move relevant functions to ndpi_util API module

1 files changed, 116 insertions, 0 deletions

diff --git a/src/include/ndpi_util.h b/src/include/ndpi_util.h
new file mode 100644
index 000000000..33e84d050
--- /dev/null
+++ b/src/include/ndpi_util.h
@@ -0,0 +1,116 @@
+/*
+ * ndpi_util.h
+ *
+ * Copyright (C) 2011-15 - ntop.org
+ * Copyright (C) 2009-11 - ipoque GmbH
+ *
+ * This file is part of nDPI, an open source deep packet inspection
+ * library based on the OpenDPI and PACE technology by ipoque GmbH
+ *
+ * nDPI is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * nDPI is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with nDPI.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+/**
+ * This module contains routines to help setup a simple nDPI program.
+ * 
+ * If you concern about performance or have to integrate nDPI in your
+ * application, you could need to reimplement them yourself.
+ * 
+ * WARNING: this API is unstable! Use it at your own risk!
+ */
+ 
+#include <pcap.h>
+
+// flow tracking
+typedef struct ndpi_flow_info {
+  u_int32_t lower_ip;
+  u_int32_t upper_ip;
+  u_int16_t lower_port;
+  u_int16_t upper_port;
+  u_int8_t detection_completed, protocol;
+  u_int16_t vlan_id;
+  struct ndpi_flow_struct *ndpi_flow;
+  char lower_name[48], upper_name[48];
+  u_int8_t ip_version;
+  u_int64_t last_seen;
+  u_int64_t bytes;
+  u_int32_t packets;
+
+  // result only, not used for flow identification
+  ndpi_protocol detected_protocol;
+
+  char host_server_name[192];
+  char bittorent_hash[41];
+
+  struct {
+    char client_certificate[48], server_certificate[48];
+  } ssl;
+
+  void *src_id, *dst_id;
+} ndpi_flow_info_t;
+
+typedef struct ndpi_stats {
+  u_int32_t guessed_flow_protocols;
+  u_int64_t raw_packet_count;
+  u_int64_t ip_packet_count;
+  u_int64_t total_wire_bytes, total_ip_bytes, total_discarded_bytes;
+  u_int64_t protocol_counter[NDPI_MAX_SUPPORTED_PROTOCOLS + NDPI_MAX_NUM_CUSTOM_PROTOCOLS + 1];
+  u_int64_t protocol_counter_bytes[NDPI_MAX_SUPPORTED_PROTOCOLS + NDPI_MAX_NUM_CUSTOM_PROTOCOLS + 1];
+  u_int32_t protocol_flows[NDPI_MAX_SUPPORTED_PROTOCOLS + NDPI_MAX_NUM_CUSTOM_PROTOCOLS + 1];
+  u_int32_t ndpi_flow_count;
+  u_int64_t tcp_count, udp_count;
+  u_int64_t mpls_count, pppoe_count, vlan_count, fragmented_count;
+  u_int64_t packet_len[6];
+  u_int16_t max_packet_len;
+} ndpi_stats_t;
+
+typedef struct ndpi_workflow_prefs {
+  u_int8_t decode_tunnels;
+  u_int8_t quiet_mode;
+  u_int32_t num_roots;
+  u_int32_t max_ndpi_flows;
+  u_int32_t detection_tick_resolution;
+} ndpi_workflow_prefs_t;
+
+typedef struct ndpi_workflow {
+  u_int64_t last_time;
+  u_int64_t last_idle_scan_time;
+  u_int32_t idle_scan_idx;
+  u_int32_t num_idle_flows;   /* TODO_EMA decide if idle flows will be handled */
+  
+  struct ndpi_workflow_prefs prefs;
+  struct ndpi_stats stats;
+  
+  /* outside referencies */
+  pcap_t *pcap_handle;
+
+  /* allocated by prefs */
+  struct ndpi_flow_info **idle_flows;
+  void **ndpi_flows_root;
+  struct ndpi_detection_module_struct *ndpi_struct;
+} ndpi_workflow_t;
+
+/* TODO: remove wrappers parameters and use ndpi global, when their initialization will be fixed... */
+struct ndpi_workflow * ndpi_workflow_init(const struct ndpi_workflow_prefs * prefs,
+        pcap_t * pcap_handle,
+        void * (*malloc_wrapper)(size_t),
+        void (*free_wrapper)(void*));
+        
+void ndpi_workflow_free(struct ndpi_workflow * workflow);
+
+/** Process a @packet and update the @workflow.  */
+void ndpi_workflow_process_packet (struct ndpi_workflow * workflow,
+				 const struct pcap_pkthdr *header,
+				 const u_char *packet);