diff options
| author | Ivan Nardi <12729895+IvanNardi@users.noreply.github.com> | 2025-02-27 10:55:54 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2025-02-27 10:55:54 +0100 |
| commit | 678d284a25325a55dcbb8d5e84d23f76735ee66c (patch) | |
| tree | 59ade6df7a27c9389fd12cffa4dc4742bd286b69 /src/lib/ndpi_main.c | |
| parent | 70b7d3d1eb4608d000bcace4d0852f25e7b731ee (diff) | |
TOR: fix ip lists (#2748)
One list is from ingress nodes (used for protocol classification) and
the second one is from exit nodes (used for flow risk check)
Diffstat (limited to 'src/lib/ndpi_main.c')
| -rw-r--r-- | src/lib/ndpi_main.c | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/src/lib/ndpi_main.c b/src/lib/ndpi_main.c index fe8004178..95446b6fb 100644 --- a/src/lib/ndpi_main.c +++ b/src/lib/ndpi_main.c @@ -69,6 +69,7 @@ #include "ndpi_dga_match.c.inc" #include "inc_generated/ndpi_azure_match.c.inc" #include "inc_generated/ndpi_tor_match.c.inc" +#include "inc_generated/ndpi_tor_exit_nodes_match.c.inc" #include "inc_generated/ndpi_whatsapp_match.c.inc" #include "inc_generated/ndpi_amazon_aws_match.c.inc" #include "inc_generated/ndpi_ethereum_match.c.inc" @@ -471,6 +472,8 @@ int is_flow_addr_informative(const struct ndpi_flow_struct *flow) /* This is basically the list of VPNs (with **entry** addresses) supported by nDPI */ case NDPI_PROTOCOL_NORDVPN: case NDPI_PROTOCOL_PROTONVPN: + case NDPI_PROTOCOL_SURFSHARK: + case NDPI_PROTOCOL_TOR: return 0; default: return 1; @@ -3925,6 +3928,11 @@ int ndpi_finalize_initialization(struct ndpi_detection_module_struct *ndpi_str) ndpi_init_ptree_ipv6(ndpi_str, ndpi_str->ip_risk->v6, ndpi_anonymous_subscriber_protonvpn_protocol_list_6); } + if(ndpi_str->cfg.risk_anonymous_subscriber_list_tor_exit_nodes_enabled) { + ndpi_init_ptree_ipv4(ndpi_str->ip_risk->v4, ndpi_anonymous_subscriber_tor_exit_nodes_protocol_list); + ndpi_init_ptree_ipv6(ndpi_str, ndpi_str->ip_risk->v6, ndpi_anonymous_subscriber_tor_exit_nodes_protocol_list_6); + } + if(ndpi_str->cfg.risk_crawler_bot_list_enabled) { ndpi_init_ptree_ipv4(ndpi_str->ip_risk->v4, ndpi_http_crawler_bot_protocol_list); ndpi_init_ptree_ipv6(ndpi_str, ndpi_str->ip_risk->v6, ndpi_http_crawler_bot_protocol_list_6); @@ -11830,6 +11838,7 @@ static const struct cfg_param { { NULL, "flow_risk.anonymous_subscriber.list.icloudprivaterelay.load", "1", NULL, NULL, CFG_PARAM_ENABLE_DISABLE, __OFF(risk_anonymous_subscriber_list_icloudprivaterelay_enabled), NULL }, { NULL, "flow_risk.anonymous_subscriber.list.protonvpn.load", "1", NULL, NULL, CFG_PARAM_ENABLE_DISABLE, __OFF(risk_anonymous_subscriber_list_protonvpn_enabled), NULL }, + { NULL, "flow_risk.anonymous_subscriber.list.tor.load", "1", NULL, NULL, CFG_PARAM_ENABLE_DISABLE, __OFF(risk_anonymous_subscriber_list_tor_exit_nodes_enabled), NULL }, { NULL, "flow_risk.crawler_bot.list.load", "1", NULL, NULL, CFG_PARAM_ENABLE_DISABLE, __OFF(risk_crawler_bot_list_enabled), NULL }, { NULL, "filename.config", NULL, NULL, NULL, CFG_PARAM_FILENAME_CONFIG, __OFF(filename_config), NULL }, |