diff options
| author | Nardi Ivan <nardi.ivan@gmail.com> | 2024-01-09 08:41:44 +0100 |
|---|---|---|
| committer | Ivan Nardi <12729895+IvanNardi@users.noreply.github.com> | 2024-01-18 10:21:24 +0100 |
| commit | d72a760ac3895dd8a0bd3e55d4b51f9e22e04e6c (patch) | |
| tree | c00c477a043b58c5c05f4afe6b5ecde5864011df /src/include | |
| parent | ca7df1db82e97954724f547c5966a5f99ad86e6b (diff) | |
New API for library configuration
This is the first step into providing (more) configuration options in nDPI.
The idea is to have a simple way to configure (most of) nDPI: only one
function (`ndpi_set_config()`) to set any configuration parameters
(in the present or on in the future) and we try to keep this function
prototype as agnostic as possible.
You can configure the library:
* via API, using `ndpi_set_config()`
* via a configuration file, in a text format
This way, anytime we need to add a new configuration parameter:
* we don't need to add two public functions (a getter and a setter)
* we don't break API/ABI compatibility of the library; even changing
the parameter type (from integer to a list of integer, for example)
doesn't break the compatibility.
The complete list of configuration options is provided in
`doc/configuration_parameters.md`.
As a first example, two configuration knobs are provided:
* the ability to enable/disable the extraction of the sha1 fingerprint of
the TLS certificates.
* the upper limit on the number of packets per flow that will be subject
to inspection
Diffstat (limited to 'src/include')
| -rw-r--r-- | src/include/ndpi_api.h | 9 | ||||
| -rw-r--r-- | src/include/ndpi_define.h.in | 1 | ||||
| -rw-r--r-- | src/include/ndpi_private.h | 17 | ||||
| -rw-r--r-- | src/include/ndpi_typedefs.h | 9 | ||||
| -rw-r--r-- | src/include/ndpi_win32.h | 4 |
5 files changed, 36 insertions, 4 deletions
diff --git a/src/include/ndpi_api.h b/src/include/ndpi_api.h index 8bec8e3eb..3a5c7eccc 100644 --- a/src/include/ndpi_api.h +++ b/src/include/ndpi_api.h @@ -2246,6 +2246,15 @@ extern "C" { /* ******************************* */ + ndpi_cfg_error ndpi_set_config(struct ndpi_detection_module_struct *ndpi_str, + const char *proto, const char *param, const char *value); + char *ndpi_get_config(struct ndpi_detection_module_struct *ndpi_str, + const char *proto, const char *param, char *buf, int buf_len); + char *ndpi_dump_config(struct ndpi_detection_module_struct *ndpi_str, + FILE *fd); + + /* ******************************* */ + /* Can't call libc functions from kernel space, define some stub instead */ #define ndpi_isalpha(ch) (((ch) >= 'a' && (ch) <= 'z') || ((ch) >= 'A' && (ch) <= 'Z')) diff --git a/src/include/ndpi_define.h.in b/src/include/ndpi_define.h.in index 3a5585f12..3ec09ebdd 100644 --- a/src/include/ndpi_define.h.in +++ b/src/include/ndpi_define.h.in @@ -153,7 +153,6 @@ /* misc definitions */ #define NDPI_DEFAULT_MAX_TCP_RETRANSMISSION_WINDOW_SIZE 0x10000 -#define NDPI_DEFAULT_MAX_NUM_PKTS_PER_FLOW_TO_DISSECT 32 /* TODO: rebuild all memory areas to have a more aligned memory block here */ diff --git a/src/include/ndpi_private.h b/src/include/ndpi_private.h index df3bfaf2c..d4ff2461f 100644 --- a/src/include/ndpi_private.h +++ b/src/include/ndpi_private.h @@ -144,13 +144,24 @@ typedef struct { } nbpf_filter; #endif +#define CFG_MAX_LEN 256 + +struct ndpi_detection_module_config_struct { + int max_packets_to_process; + + char filename_config[CFG_MAX_LEN]; + + /* Protocols */ + + int tls_sha1_fingerprint_enabled; +}; + struct ndpi_detection_module_struct { NDPI_PROTOCOL_BITMASK detection_bitmask; u_int64_t current_ts; - u_int16_t max_packets_to_process; u_int16_t num_tls_blocks_to_follow; - u_int8_t skip_tls_blocks_until_change_cipher:1, _notused:7; + u_int8_t skip_tls_blocks_until_change_cipher:1, finalized:1, _notused:6; u_int8_t tls_certificate_expire_in_x_days; void *user_data; @@ -226,6 +237,8 @@ struct ndpi_detection_module_struct { u_int8_t ip_version_limit; + struct ndpi_detection_module_config_struct cfg; + /* NDPI_PROTOCOL_TINC */ struct cache *tinc_cache; diff --git a/src/include/ndpi_typedefs.h b/src/include/ndpi_typedefs.h index 792aea9ee..3ed4ee50c 100644 --- a/src/include/ndpi_typedefs.h +++ b/src/include/ndpi_typedefs.h @@ -234,6 +234,14 @@ typedef enum { ndpi_leaf } ndpi_VISIT; +typedef enum { + NDPI_CFG_INVALID_CONTEXT = -1, + NDPI_CFG_NOT_FOUND = -2, + NDPI_CFG_INVALID_PARAM = -3, + NDPI_CFG_CONTEXT_ALREADY_INITIALIZED = -4, + + NDPI_CFG_OK = 0, +} ndpi_cfg_error; /* NDPI_MASK_SIZE */ typedef u_int32_t ndpi_ndpi_mask; @@ -1065,7 +1073,6 @@ typedef enum { typedef enum { ndpi_pref_direction_detect_disable = 0, - ndpi_pref_max_packets_to_process, ndpi_pref_enable_tls_block_dissection, /* nDPI considers only those blocks past the certificate exchange */ } ndpi_detection_preference; diff --git a/src/include/ndpi_win32.h b/src/include/ndpi_win32.h index 2ad8602aa..c6b3290f6 100644 --- a/src/include/ndpi_win32.h +++ b/src/include/ndpi_win32.h @@ -59,6 +59,10 @@ #define strdup _strdup #endif +#ifndef F_OK +#define F_OK 0 +#endif + extern char* strsep(char **sp, char *sep); typedef unsigned char u_char; |