aboutsummaryrefslogtreecommitdiff
path: root/src/lib/ndpi_main.c
diff options
context:
space:
mode:
authorLuca Deri <deri@ntop.org>2022-01-26 09:23:23 +0100
committerLuca Deri <deri@ntop.org>2022-01-26 09:23:23 +0100
commit58a9aff17cec2842b5d232eee5a39c0d58a01a75 (patch)
treeaad123e364d9eb0faf62e233531d510621404eff /src/lib/ndpi_main.c
parent14e8808f0351da2f4a4a2a3ce55e42d06c48370a (diff)
Added NDPI_TLS_CERTIFICATE_ABOUT_TO_EXPIRE flow risk
Added ndpi_set_tls_cert_expire_days() API call to modify the number of days for triggering the above alert that by default is set to 30 days
Diffstat (limited to 'src/lib/ndpi_main.c')
-rw-r--r--src/lib/ndpi_main.c3
1 files changed, 2 insertions, 1 deletions
diff --git a/src/lib/ndpi_main.c b/src/lib/ndpi_main.c
index 2e528b6a4..e4106d58d 100644
--- a/src/lib/ndpi_main.c
+++ b/src/lib/ndpi_main.c
@@ -109,6 +109,7 @@ static ndpi_risk_info ndpi_known_risks[] = {
{ NDPI_DNS_FRAGMENTED, NDPI_RISK_MEDIUM, CLIENT_FAIR_RISK_PERCENTAGE },
{ NDPI_INVALID_CHARACTERS, NDPI_RISK_HIGH, CLIENT_HIGH_RISK_PERCENTAGE },
{ NDPI_POSSIBLE_EXPLOIT, NDPI_RISK_SEVERE, CLIENT_HIGH_RISK_PERCENTAGE },
+ { NDPI_TLS_CERTIFICATE_ABOUT_TO_EXPIRE, NDPI_RISK_MEDIUM, CLIENT_LOW_RISK_PERCENTAGE },
/* Leave this as last member */
{ NDPI_MAX_RISK, NDPI_RISK_LOW, CLIENT_FAIR_RISK_PERCENTAGE }
@@ -2398,7 +2399,7 @@ struct ndpi_detection_module_struct *ndpi_init_detection_module(ndpi_init_prefs
ndpi_str->tcp_max_retransmission_window_size = NDPI_DEFAULT_MAX_TCP_RETRANSMISSION_WINDOW_SIZE;
ndpi_str->directconnect_connection_ip_tick_timeout =
NDPI_DIRECTCONNECT_CONNECTION_IP_TICK_TIMEOUT * ndpi_str->ticks_per_second;
-
+ ndpi_str->tls_certificate_expire_in_x_days = 30; /* NDPI_TLS_CERTIFICATE_ABOUT_TO_EXPIRE flow risk */
ndpi_str->irc_timeout = NDPI_IRC_CONNECTION_TIMEOUT * ndpi_str->ticks_per_second;
ndpi_str->gnutella_timeout = NDPI_GNUTELLA_CONNECTION_TIMEOUT * ndpi_str->ticks_per_second;
ndpi_str->jabber_stun_timeout = NDPI_JABBER_STUN_TIMEOUT * ndpi_str->ticks_per_second;
Powered by cgit, Themed by Ted Yin.