diff options
| author | Ivan Nardi <12729895+IvanNardi@users.noreply.github.com> | 2021-12-18 13:24:51 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-12-18 13:24:51 +0100 |
| commit | 7153b8933ca6a3df3f6de7d47cbb25e66a8970d4 (patch) | |
| tree | 1c85b93b96cb78648ec60628afe5a728a5a1d43b /src/lib/protocols/dns.c | |
| parent | 58b33dcb2d60faf3d0fa8f7a482752b4664c5344 (diff) | |
Improve/add several protocols (#1383)
Improve Microsoft, GMail, Likee, Whatsapp, DisneyPlus and Tiktok
detection.
Add Vimeo, Fuze, Alibaba and Firebase Crashlytics detection.
Try to differentiate between Messenger/Signal standard flows (i.e chat)
and their VOIP (video)calls (like we already do for Whatsapp and
Snapchat).
Add a partial list of some ADS/Tracking stuff.
Fix Cassandra, Radius and GTP false positives.
Fix DNS, Syslog and SIP false negatives.
Improve GTP (sub)classification: differentiate among GTP-U, GTP_C and
GTP_PRIME.
Fix 3 LGTM warnings.
Diffstat (limited to 'src/lib/protocols/dns.c')
| -rw-r--r-- | src/lib/protocols/dns.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/src/lib/protocols/dns.c b/src/lib/protocols/dns.c index f32143320..c57d30ec0 100644 --- a/src/lib/protocols/dns.c +++ b/src/lib/protocols/dns.c @@ -206,10 +206,11 @@ static int search_valid_dns(struct ndpi_detection_module_struct *ndpi_struct, if(*is_query) { /* DNS Request */ - if((dns_header->num_queries > 0) && (dns_header->num_queries <= NDPI_MAX_DNS_REQUESTS) + if((dns_header->num_queries <= NDPI_MAX_DNS_REQUESTS) // && (dns_header->num_answers == 0) && (((dns_header->flags & 0x2800) == 0x2800 /* Dynamic DNS Update */) || ((dns_header->flags & 0xFCF0) == 0x00) /* Standard Query */ + || ((dns_header->flags & 0xFCFF) == 0x0800) /* Inverse query */ || ((dns_header->num_answers == 0) && (dns_header->authority_rrs == 0)))) { /* This is a good query */ while(x+2 < packet->payload_packet_len) { |