Added new risk NDPI_TCP_ISSUES

1 files changed, 9 insertions, 8 deletions

diff --git a/src/include/ndpi_typedefs.h b/src/include/ndpi_typedefs.h
index 8c1b1823a..67f76473b 100644
--- a/src/include/ndpi_typedefs.h
+++ b/src/include/ndpi_typedefs.h
@@ -121,9 +121,10 @@ typedef enum {
 				  your app will clear this risk if future packets (not sent to nDPI)
 				  are received in the opposite direction */
   NDPI_HTTP_OBSOLETE_SERVER,
-  NDPI_PERIODIC_FLOW, /* Set in case a flow repeats at a specific pace [used by apps on top of nDPI] */
-  NDPI_MINOR_ISSUES, /* Generic packet issues (e.g. DNS with 0 TTL) */
-  
+  NDPI_PERIODIC_FLOW,          /* Set in case a flow repeats at a specific pace [used by apps on top of nDPI] */
+  NDPI_MINOR_ISSUES,           /* Generic packet issues (e.g. DNS with 0 TTL) */
+  NDPI_TCP_ISSUES,             /* TCP issues such as connection failed, probing or scan */
+
   /* Leave this as last member */
   NDPI_MAX_RISK /* must be <= 63 due to (**) */
 } ndpi_risk_enum;
@@ -724,10 +725,9 @@ struct ndpi_flow_tcp_struct {
   u_int32_t postgres_stage:3;
 
   /* Part of the TCP header. */
-  u_int32_t seen_syn:1;
-  u_int32_t seen_syn_ack:1;
-  u_int32_t seen_ack:1;
-
+  u_int32_t seen_syn:1, seen_syn_ack:1, seen_ack:1, __notused:29;
+  u_int8_t cli2srv_tcp_flags, srv2cli_tcp_flags;
+  
   /* NDPI_PROTOCOL_ICECAST */
   u_int32_t icecast_stage:1;
 
@@ -1525,7 +1525,8 @@ struct ndpi_flow_struct {
   /* Only packets with L5 data (ie no TCP SYN, pure ACKs, ...) */
   u_int16_t packet_counter;		      // can be 0 - 65000
   u_int16_t packet_direction_counter[2];
-
+  u_int16_t all_packets_counter; /* All packets even those without payload */
+  
   /* Every packets */
   u_int16_t packet_direction_complete_counter[2];      // can be 0 - 65000