diff options
| author | Luca Deri <deri@ntop.org> | 2022-02-10 09:50:06 +0100 |
|---|---|---|
| committer | Luca Deri <deri@ntop.org> | 2022-02-10 09:50:06 +0100 |
| commit | 5ddbbf4dd229f92efda087d09c710bf980e7ae42 (patch) | |
| tree | cc8d64fe0d2fd23c1cce439b335cd3fc852e153d /src/include | |
| parent | b5eea436ae151c0affeebbb79cd64f309555a3e6 (diff) | |
Added cybersecurity protocol and category that groups traffic towards leading cybersecurity companies and CDNs, useful to make destinations that should be marked as trusted in firewalls and security gateways
Diffstat (limited to 'src/include')
| -rw-r--r-- | src/include/ndpi_protocol_ids.h | 113 | ||||
| -rw-r--r-- | src/include/ndpi_typedefs.h | 2 |
2 files changed, 59 insertions, 56 deletions
diff --git a/src/include/ndpi_protocol_ids.h b/src/include/ndpi_protocol_ids.h index 862542f1b..70b9850e2 100644 --- a/src/include/ndpi_protocol_ids.h +++ b/src/include/ndpi_protocol_ids.h @@ -29,7 +29,7 @@ typedef enum { NDPI_PROTOCOL_UNKNOWN = 0, - NDPI_PROTOCOL_FTP_CONTROL = 1, /* Tomasz Bujlow <tomasz@skatnet.dk> */ + NDPI_PROTOCOL_FTP_CONTROL = 1, NDPI_PROTOCOL_MAIL_POP = 2, NDPI_PROTOCOL_MAIL_SMTP = 3, NDPI_PROTOCOL_MAIL_IMAP = 4, @@ -59,19 +59,19 @@ typedef enum { NDPI_PROTOCOL_VMWARE = 28, NDPI_PROTOCOL_MAIL_SMTPS = 29, NDPI_PROTOCOL_DTLS = 30, - NDPI_PROTOCOL_UBNTAC2 = 31, /* Ubiquity UBNT AirControl = 2 - Thomas Fjellstrom <thomas+ndpi@fjellstrom.ca> */ + NDPI_PROTOCOL_UBNTAC2 = 31, /* Ubiquity UBNT AirControl = 2 */ NDPI_PROTOCOL_KONTIKI = 32, NDPI_PROTOCOL_OPENFT = 33, NDPI_PROTOCOL_FASTTRACK = 34, NDPI_PROTOCOL_GNUTELLA = 35, - NDPI_PROTOCOL_EDONKEY = 36, /* Tomasz Bujlow <tomasz@skatnet.dk> */ + NDPI_PROTOCOL_EDONKEY = 36, NDPI_PROTOCOL_BITTORRENT = 37, NDPI_PROTOCOL_SKYPE_CALL = 38, /* Skype call and videocalls */ NDPI_PROTOCOL_SIGNAL = 39, - NDPI_PROTOCOL_MEMCACHED = 40, /* Memcached - Darryl Sokoloski <darryl@egloo.ca> */ + NDPI_PROTOCOL_MEMCACHED = 40, /* Memcached */ NDPI_PROTOCOL_SMBV23 = 41, /* SMB version 2/3 */ NDPI_PROTOCOL_MINING = 42, /* Bitcoin, Ethereum, ZCash, Monero */ - NDPI_PROTOCOL_NEST_LOG_SINK = 43, /* Nest Log Sink (Nest Protect) - Darryl Sokoloski <darryl@egloo.ca> */ + NDPI_PROTOCOL_NEST_LOG_SINK = 43, /* Nest Log Sink (Nest Protect) */ NDPI_PROTOCOL_MODBUS = 44, /* Modbus */ NDPI_PROTOCOL_WHATSAPP_CALL = 45, /* WhatsApp video ad audio calls go here */ NDPI_PROTOCOL_DATASAVER = 46, /* Protocols used to save data on Internet communications */ @@ -88,21 +88,21 @@ typedef enum { NDPI_PROTOCOL_SOPCAST = 57, NDPI_PROTOCOL_DISCORD = 58, NDPI_PROTOCOL_TVUPLAYER = 59, - NDPI_PROTOCOL_MONGODB = 60, /* Leonn Paiva <leonn.paiva@gmail.com> */ + NDPI_PROTOCOL_MONGODB = 60, NDPI_PROTOCOL_QQLIVE = 61, NDPI_PROTOCOL_THUNDER = 62, NDPI_PROTOCOL_OCSP = 63, - NDPI_PROTOCOL_VXLAN = 64, /* Dmytrii Vitman <dmytriiv@interfacemasters.com> */ + NDPI_PROTOCOL_VXLAN = 64, NDPI_PROTOCOL_IRC = 65, NDPI_PROTOCOL_AYIYA = 66, NDPI_PROTOCOL_JABBER = 67, NDPI_PROTOCOL_NATS = 68, - NDPI_PROTOCOL_AMONG_US = 69, /* Toni Uhlig <matzeton@googlemail.com> */ + NDPI_PROTOCOL_AMONG_US = 69, NDPI_PROTOCOL_YAHOO = 70, - NDPI_PROTOCOL_DISNEYPLUS = 71, /* Zied Aouini <aouinizied@gmail.com> */ + NDPI_PROTOCOL_DISNEYPLUS = 71, NDPI_PROTOCOL_GOOGLE_PLUS = 72, NDPI_PROTOCOL_IP_VRRP = 73, - NDPI_PROTOCOL_STEAM = 74, /* Tomasz Bujlow <tomasz@skatnet.dk> */ + NDPI_PROTOCOL_STEAM = 74, NDPI_PROTOCOL_HALFLIFE2 = 75, NDPI_PROTOCOL_WORLDOFWARCRAFT = 76, NDPI_PROTOCOL_TELNET = 77, @@ -118,7 +118,7 @@ typedef enum { NDPI_PROTOCOL_RTP = 87, NDPI_PROTOCOL_RDP = 88, NDPI_PROTOCOL_VNC = 89, - NDPI_PROTOCOL_TUMBLR = 90, /* Zied Aouini <aouinizied@gmail.com> */ + NDPI_PROTOCOL_TUMBLR = 90, NDPI_PROTOCOL_TLS = 91, NDPI_PROTOCOL_SSH = 92, NDPI_PROTOCOL_USENET = 93, @@ -138,7 +138,7 @@ typedef enum { NDPI_PROTOCOL_FIESTA = 107, NDPI_PROTOCOL_FLORENSIA = 108, NDPI_PROTOCOL_GUILDWARS = 109, - NDPI_PROTOCOL_AMAZON_ALEXA = 110, /* Zied Aouini <aouinizied@gmail.com> */ + NDPI_PROTOCOL_AMAZON_ALEXA = 110, NDPI_PROTOCOL_KERBEROS = 111, NDPI_PROTOCOL_LDAP = 112, NDPI_PROTOCOL_MAPLESTORY = 113, @@ -167,7 +167,7 @@ typedef enum { NDPI_PROTOCOL_YOUTUBE_UPLOAD = 136, /* Upload files to youtube */ NDPI_PROTOCOL_HULU = 137, NDPI_PROTOCOL_CHECKMK = 138, - NDPI_PROTOCOL_AJP = 139, /* Leonn Paiva <leonn.paiva@gmail.com> */ + NDPI_PROTOCOL_AJP = 139, NDPI_PROTOCOL_APPLE = 140, NDPI_PROTOCOL_WEBEX = 141, NDPI_PROTOCOL_WHATSAPP = 142, @@ -176,7 +176,7 @@ typedef enum { NDPI_PROTOCOL_APPLE_ITUNES = 145, NDPI_PROTOCOL_RADIUS = 146, NDPI_PROTOCOL_WINDOWS_UPDATE = 147, - NDPI_PROTOCOL_TEAMVIEWER = 148, /* xplico.org */ + NDPI_PROTOCOL_TEAMVIEWER = 148, NDPI_PROTOCOL_TUENTI = 149, NDPI_PROTOCOL_LOTUS_NOTES = 150, NDPI_PROTOCOL_SAP = 151, @@ -186,62 +186,62 @@ typedef enum { NDPI_PROTOCOL_REMOTE_SCAN = 155, NDPI_PROTOCOL_SPOTIFY = 156, NDPI_PROTOCOL_MESSENGER = 157, - NDPI_PROTOCOL_H323 = 158, /* Remy Mudingay <mudingay@ill.fr> */ - NDPI_PROTOCOL_OPENVPN = 159, /* Remy Mudingay <mudingay@ill.fr> */ - NDPI_PROTOCOL_NOE = 160, /* Remy Mudingay <mudingay@ill.fr> */ - NDPI_PROTOCOL_CISCOVPN = 161, /* Remy Mudingay <mudingay@ill.fr> */ - NDPI_PROTOCOL_TEAMSPEAK = 162, /* Remy Mudingay <mudingay@ill.fr> */ - NDPI_PROTOCOL_TOR = 163, /* Remy Mudingay <mudingay@ill.fr> */ - NDPI_PROTOCOL_SKINNY = 164, /* Remy Mudingay <mudingay@ill.fr> */ - NDPI_PROTOCOL_RTCP = 165, /* Remy Mudingay <mudingay@ill.fr> */ - NDPI_PROTOCOL_RSYNC = 166, /* Remy Mudingay <mudingay@ill.fr> */ - NDPI_PROTOCOL_ORACLE = 167, /* Remy Mudingay <mudingay@ill.fr> */ - NDPI_PROTOCOL_CORBA = 168, /* Remy Mudingay <mudingay@ill.fr> */ - NDPI_PROTOCOL_UBUNTUONE = 169, /* Remy Mudingay <mudingay@ill.fr> */ + NDPI_PROTOCOL_H323 = 158, + NDPI_PROTOCOL_OPENVPN = 159, + NDPI_PROTOCOL_NOE = 160, + NDPI_PROTOCOL_CISCOVPN = 161, + NDPI_PROTOCOL_TEAMSPEAK = 162, + NDPI_PROTOCOL_TOR = 163, + NDPI_PROTOCOL_SKINNY = 164, + NDPI_PROTOCOL_RTCP = 165, + NDPI_PROTOCOL_RSYNC = 166, + NDPI_PROTOCOL_ORACLE = 167, + NDPI_PROTOCOL_CORBA = 168, + NDPI_PROTOCOL_UBUNTUONE = 169, NDPI_PROTOCOL_WHOIS_DAS = 170, NDPI_PROTOCOL_COLLECTD = 171, - NDPI_PROTOCOL_SOCKS = 172, /* Tomasz Bujlow <tomasz@skatnet.dk> */ + NDPI_PROTOCOL_SOCKS = 172, NDPI_PROTOCOL_NINTENDO = 173, - NDPI_PROTOCOL_RTMP = 174, /* Tomasz Bujlow <tomasz@skatnet.dk> */ - NDPI_PROTOCOL_FTP_DATA = 175, /* Tomasz Bujlow <tomasz@skatnet.dk> */ - NDPI_PROTOCOL_WIKIPEDIA = 176, /* Tomasz Bujlow <tomasz@skatnet.dk> */ + NDPI_PROTOCOL_RTMP = 174, + NDPI_PROTOCOL_FTP_DATA = 175, + NDPI_PROTOCOL_WIKIPEDIA = 176, NDPI_PROTOCOL_ZMQ = 177, - NDPI_PROTOCOL_AMAZON = 178, /* Tomasz Bujlow <tomasz@skatnet.dk> */ - NDPI_PROTOCOL_EBAY = 179, /* Tomasz Bujlow <tomasz@skatnet.dk> */ - NDPI_PROTOCOL_CNN = 180, /* Tomasz Bujlow <tomasz@skatnet.dk> */ - NDPI_PROTOCOL_MEGACO = 181, /* Gianluca Costa <g.costa@xplico.org> */ + NDPI_PROTOCOL_AMAZON = 178, + NDPI_PROTOCOL_EBAY = 179, + NDPI_PROTOCOL_CNN = 180, + NDPI_PROTOCOL_MEGACO = 181, NDPI_PROTOCOL_REDIS = 182, - NDPI_PROTOCOL_PINTEREST = 183, /* Zied Aouini <aouinizied@gmail.com> */ + NDPI_PROTOCOL_PINTEREST = 183, NDPI_PROTOCOL_VHUA = 184, - NDPI_PROTOCOL_TELEGRAM = 185, /* Gianluca Costa <g.costa@xplico.org> */ + NDPI_PROTOCOL_TELEGRAM = 185, NDPI_PROTOCOL_VEVO = 186, NDPI_PROTOCOL_PANDORA = 187, - NDPI_PROTOCOL_QUIC = 188, /* Andrea Buscarinu <andrea.buscarinu@gmail.com> - Michele Campus <michelecampus5@gmail.com> */ + NDPI_PROTOCOL_QUIC = 188, NDPI_PROTOCOL_ZOOM = 189, /* Zoom video conference. */ NDPI_PROTOCOL_EAQ = 190, NDPI_PROTOCOL_OOKLA = 191, NDPI_PROTOCOL_AMQP = 192, NDPI_PROTOCOL_KAKAOTALK = 193, /* KakaoTalk Chat (no voice call) */ NDPI_PROTOCOL_KAKAOTALK_VOICE = 194, /* KakaoTalk Voice */ - NDPI_PROTOCOL_TWITCH = 195, /* Edoardo Dominici <edoaramis@gmail.com> */ + NDPI_PROTOCOL_TWITCH = 195, NDPI_PROTOCOL_DOH_DOT = 196, /* DoH (DNS over HTTPS), DoT (DNS over TLS), DoQ (DNS over QUIC). TODO: rename in NDPI_PROTOCOL_DOH_DOT_DOQ? */ NDPI_PROTOCOL_WECHAT = 197, NDPI_PROTOCOL_MPEGTS = 198, NDPI_PROTOCOL_SNAPCHAT = 199, NDPI_PROTOCOL_SINA = 200, NDPI_PROTOCOL_HANGOUT_DUO = 201, /* Google Hangout ad Duo (merged as they are very similar) */ - NDPI_PROTOCOL_IFLIX = 202, /* www.vizuamatix.com R&D team & M.Mallawaarachchie <manoj_ws@yahoo.com> */ + NDPI_PROTOCOL_IFLIX = 202, NDPI_PROTOCOL_GITHUB = 203, NDPI_PROTOCOL_BJNP = 204, - NDPI_PROTOCOL_REDDIT = 205, /* Zied Aouini <aouinizied@gmail.com> */ + NDPI_PROTOCOL_REDDIT = 205, NDPI_PROTOCOL_WIREGUARD = 206, - NDPI_PROTOCOL_SMPP = 207, /* Damir Franusic <df@release14.org> */ - NDPI_PROTOCOL_DNSCRYPT = 208, /* Toni Uhlig <matzeton@googlemail.com> */ - NDPI_PROTOCOL_TINC = 209, /* William Guglielmo <william@deselmo.com> */ + NDPI_PROTOCOL_SMPP = 207, + NDPI_PROTOCOL_DNSCRYPT = 208, + NDPI_PROTOCOL_TINC = 209, NDPI_PROTOCOL_DEEZER = 210, - NDPI_PROTOCOL_INSTAGRAM = 211, /* Andrea Buscarinu <andrea.buscarinu@gmail.com> */ + NDPI_PROTOCOL_INSTAGRAM = 211, NDPI_PROTOCOL_MICROSOFT = 212, - NDPI_PROTOCOL_STARCRAFT = 213, /* Matteo Bracci <matteobracci1@gmail.com> */ + NDPI_PROTOCOL_STARCRAFT = 213, NDPI_PROTOCOL_TEREDO = 214, NDPI_PROTOCOL_HOTSPOT_SHIELD = 215, NDPI_PROTOCOL_IMO = 216, @@ -260,8 +260,8 @@ typedef enum { NDPI_PROTOCOL_SOMEIP = 229, NDPI_PROTOCOL_FIX = 230, NDPI_PROTOCOL_PLAYSTATION = 231, - NDPI_PROTOCOL_PASTEBIN = 232, /* Paulo Angelo <pa@pauloangelo.com> */ - NDPI_PROTOCOL_LINKEDIN = 233, /* Paulo Angelo <pa@pauloangelo.com> */ + NDPI_PROTOCOL_PASTEBIN = 232, + NDPI_PROTOCOL_LINKEDIN = 233, NDPI_PROTOCOL_SOUNDCLOUD = 234, NDPI_PROTOCOL_CSGO = 235, /* Counter-Strike Global Offensive, Dota = 2 */ NDPI_PROTOCOL_LISP = 236, @@ -279,20 +279,20 @@ typedef enum { NDPI_PROTOCOL_ZABBIX = 248, NDPI_PROTOCOL_S7COMM = 249, NDPI_PROTOCOL_MSTEAMS = 250, - NDPI_PROTOCOL_WEBSOCKET = 251, /* Leonn Paiva <leonn.paiva@gmail.com> */ - NDPI_PROTOCOL_ANYDESK = 252, /* Toni Uhlig <matzeton@googlemail.com> */ - NDPI_PROTOCOL_SOAP = 253, /* Toni Uhlig <matzeton@googlemail.com> */ - NDPI_PROTOCOL_APPLE_SIRI = 254, /* Zied Aouini <aouinizied@gmail.com> */ + NDPI_PROTOCOL_WEBSOCKET = 251, + NDPI_PROTOCOL_ANYDESK = 252, + NDPI_PROTOCOL_SOAP = 253, + NDPI_PROTOCOL_APPLE_SIRI = 254, NDPI_PROTOCOL_SNAPCHAT_CALL = 255, - NDPI_PROTOCOL_HPVIRTGRP = 256, /* Toni Uhlig <matzeton@googlemail.com> */ - NDPI_PROTOCOL_GENSHIN_IMPACT = 257, /* Toni Uhlig <matzeton@googlemail.com> */ + NDPI_PROTOCOL_HPVIRTGRP = 256, + NDPI_PROTOCOL_GENSHIN_IMPACT = 257, NDPI_PROTOCOL_ACTIVISION = 258, NDPI_PROTOCOL_FORTICLIENT = 259, - NDPI_PROTOCOL_Z3950 = 260, /* Toni Uhlig <matzeton@googlemail.com> */ + NDPI_PROTOCOL_Z3950 = 260, NDPI_PROTOCOL_LIKEE = 261, NDPI_PROTOCOL_GITLAB = 262, - NDPI_PROTOCOL_AVAST_SECUREDNS = 263, /* Toni Uhlig <matzeton@googlemail.com> */ - NDPI_PROTOCOL_CASSANDRA = 264, /* Lucas Santos <lfneiva.santos@gmail.com> */ + NDPI_PROTOCOL_AVAST_SECUREDNS = 263, + NDPI_PROTOCOL_CASSANDRA = 264, NDPI_PROTOCOL_AMAZON_AWS = 265, NDPI_PROTOCOL_SALESFORCE = 266, NDPI_PROTOCOL_VIMEO = 267, @@ -311,6 +311,7 @@ typedef enum { NDPI_PROTOCOL_ACCUWEATHER = 280, NDPI_PROTOCOL_GOOGLE_CLASSROOM = 281, NDPI_PROTOCOL_HSRP = 282, + NDPI_PROTOCOL_CYBERSECURITY = 283, /* Cybersecurity companies */ #ifdef CUSTOM_NDPI_PROTOCOLS #include "../../../nDPI-custom/custom_ndpi_protocol_ids.h" diff --git a/src/include/ndpi_typedefs.h b/src/include/ndpi_typedefs.h index f1fbd1ff9..0b798c530 100644 --- a/src/include/ndpi_typedefs.h +++ b/src/include/ndpi_typedefs.h @@ -872,6 +872,7 @@ typedef enum { NDPI_PROTOCOL_CATEGORY_SHOPPING, NDPI_PROTOCOL_CATEGORY_PRODUCTIVITY, NDPI_PROTOCOL_CATEGORY_FILE_SHARING, + /* The category below is used by sites who are used to test connectivity @@ -882,6 +883,7 @@ typedef enum { The category below is used for vocal assistance services. */ NDPI_PROTOCOL_CATEGORY_VIRTUAL_ASSISTANT, + NDPI_PROTOCOL_CATEGORY_CYBERSECURITY, /* Some custom categories */ CUSTOM_CATEGORY_MINING = 99, |