Split former protocol into upper and lower protocol

author: Luca <deri@ntop.org> 2015-07-01 17:40:14 +0200
committer: Luca <deri@ntop.org> 2015-07-01 17:40:14 +0200
commit: 60884f9047882863d27f7e8f5fb760897c599800 (patch)
tree: 2b09f2ec1a551b59a98baee790c858fb3e038ffe /src/lib/protocols/sopcast.c
parent: 49ea23530f876930896dc5aa6a84ef6219589171 (diff)
1 files changed, 147 insertions, 147 deletions
diff --git a/src/lib/protocols/sopcast.c b/src/lib/protocols/sopcast.c
index 33c4f8fca..c0879a2dd 100644
--- a/src/lib/protocols/sopcast.c
+++ b/src/lib/protocols/sopcast.c
@@ -29,9 +29,9 @@
 
 
 static void ndpi_int_sopcast_add_connection(struct ndpi_detection_module_struct
-											  *ndpi_struct, struct ndpi_flow_struct *flow)
+					    *ndpi_struct, struct ndpi_flow_struct *flow)
 {
-	ndpi_set_detected_protocol(ndpi_struct, flow, NDPI_PROTOCOL_SOPCAST);
+  ndpi_set_detected_protocol(ndpi_struct, flow, NDPI_PROTOCOL_SOPCAST, NDPI_PROTOCOL_UNKNOWN);
 }
 
 /**
@@ -42,178 +42,178 @@ static void ndpi_int_sopcast_add_connection(struct ndpi_detection_module_struct
  */
 	
 #if !defined(WIN32)
- static inline
+static inline
 #else
 __forceinline static
 #endif
-	 u_int8_t ndpi_int_is_sopcast_tcp(const u_int8_t * payload, const u_int16_t payload_len)
+u_int8_t ndpi_int_is_sopcast_tcp(const u_int8_t * payload, const u_int16_t payload_len)
 {
-	if (payload_len != 54)
-		return 0;
-
-	if (payload[2] != payload[3] - 4 && payload[2] != payload[3] + 4)
-		return 0;
-
-	if (payload[2] != payload[4] - 1 && payload[2] != payload[4] + 1)
-		return 0;
-
-	if (payload[25] != payload[25 + 16 - 1] + 1 && payload[25] != payload[25 + 16 - 1] - 1) {
-
-		if (payload[3] != payload[25] &&
-			payload[3] != payload[25] - 4 && payload[3] != payload[25] + 4 && payload[3] != payload[25] - 21) {
-			return 0;
-		}
-	}
-
-	if (payload[4] != payload[28] ||
-		payload[28] != payload[30] ||
-		payload[30] != payload[31] ||
-		get_u_int16_t(payload, 30) != get_u_int16_t(payload, 32) || get_u_int16_t(payload, 32) != get_u_int16_t(payload, 34)) {
-
-		if ((payload[2] != payload[5] - 1 && payload[2] != payload[5] + 1) ||
-			payload[2] != payload[25] ||
-			payload[4] != payload[28] ||
-			payload[4] != payload[31] ||
-			payload[4] != payload[32] ||
-			payload[4] != payload[33] ||
-			payload[4] != payload[34] ||
-			payload[4] != payload[35] || payload[4] != payload[30] || payload[2] != payload[36]) {
-			return 0;
-		}
-	}
-
-	if (payload[42] != payload[53])
-		return 0;
-
-	if (payload[45] != payload[46] + 1 && payload[45] != payload[46] - 1)
-		return 0;
-
-	if (payload[45] != payload[49] || payload[46] != payload[50] || payload[47] != payload[51])
-		return 0;
-
-	return 1;
+  if (payload_len != 54)
+    return 0;
+
+  if (payload[2] != payload[3] - 4 && payload[2] != payload[3] + 4)
+    return 0;
+
+  if (payload[2] != payload[4] - 1 && payload[2] != payload[4] + 1)
+    return 0;
+
+  if (payload[25] != payload[25 + 16 - 1] + 1 && payload[25] != payload[25 + 16 - 1] - 1) {
+
+    if (payload[3] != payload[25] &&
+	payload[3] != payload[25] - 4 && payload[3] != payload[25] + 4 && payload[3] != payload[25] - 21) {
+      return 0;
+    }
+  }
+
+  if (payload[4] != payload[28] ||
+      payload[28] != payload[30] ||
+      payload[30] != payload[31] ||
+      get_u_int16_t(payload, 30) != get_u_int16_t(payload, 32) || get_u_int16_t(payload, 32) != get_u_int16_t(payload, 34)) {
+
+    if ((payload[2] != payload[5] - 1 && payload[2] != payload[5] + 1) ||
+	payload[2] != payload[25] ||
+	payload[4] != payload[28] ||
+	payload[4] != payload[31] ||
+	payload[4] != payload[32] ||
+	payload[4] != payload[33] ||
+	payload[4] != payload[34] ||
+	payload[4] != payload[35] || payload[4] != payload[30] || payload[2] != payload[36]) {
+      return 0;
+    }
+  }
+
+  if (payload[42] != payload[53])
+    return 0;
+
+  if (payload[45] != payload[46] + 1 && payload[45] != payload[46] - 1)
+    return 0;
+
+  if (payload[45] != payload[49] || payload[46] != payload[50] || payload[47] != payload[51])
+    return 0;
+
+  return 1;
 }
 
 static void ndpi_search_sopcast_tcp(struct ndpi_detection_module_struct
-									  *ndpi_struct, struct ndpi_flow_struct *flow)
+				    *ndpi_struct, struct ndpi_flow_struct *flow)
 {
 
-	struct ndpi_packet_struct *packet = &flow->packet;
+  struct ndpi_packet_struct *packet = &flow->packet;
 	
-	if (flow->packet_counter == 1 && packet->payload_packet_len == 54 && get_u_int16_t(packet->payload, 0) == ntohs(0x0036)) {
-		if (ndpi_int_is_sopcast_tcp(packet->payload, packet->payload_packet_len)) {
-			NDPI_LOG(NDPI_PROTOCOL_SOPCAST, ndpi_struct, NDPI_LOG_DEBUG, "found sopcast TCP \n");
-			ndpi_int_sopcast_add_connection(ndpi_struct, flow);
-			return;
-		}
-	}
+  if (flow->packet_counter == 1 && packet->payload_packet_len == 54 && get_u_int16_t(packet->payload, 0) == ntohs(0x0036)) {
+    if (ndpi_int_is_sopcast_tcp(packet->payload, packet->payload_packet_len)) {
+      NDPI_LOG(NDPI_PROTOCOL_SOPCAST, ndpi_struct, NDPI_LOG_DEBUG, "found sopcast TCP \n");
+      ndpi_int_sopcast_add_connection(ndpi_struct, flow);
+      return;
+    }
+  }
 
-	NDPI_LOG(NDPI_PROTOCOL_SOPCAST, ndpi_struct, NDPI_LOG_DEBUG, "exclude sopcast TCP.  \n");
-	NDPI_ADD_PROTOCOL_TO_BITMASK(flow->excluded_protocol_bitmask, NDPI_PROTOCOL_SOPCAST);
+  NDPI_LOG(NDPI_PROTOCOL_SOPCAST, ndpi_struct, NDPI_LOG_DEBUG, "exclude sopcast TCP.  \n");
+  NDPI_ADD_PROTOCOL_TO_BITMASK(flow->excluded_protocol_bitmask, NDPI_PROTOCOL_SOPCAST);
 
 
 }
 
 static void ndpi_search_sopcast_udp(struct ndpi_detection_module_struct
-									  *ndpi_struct, struct ndpi_flow_struct *flow)
+				    *ndpi_struct, struct ndpi_flow_struct *flow)
 {
-	struct ndpi_packet_struct *packet = &flow->packet;
+  struct ndpi_packet_struct *packet = &flow->packet;
 	
 
-//      struct ndpi_id_struct         *src=ndpi_struct->src;
-//      struct ndpi_id_struct         *dst=ndpi_struct->dst;
-
-	NDPI_LOG(NDPI_PROTOCOL_SOPCAST, ndpi_struct, NDPI_LOG_DEBUG, "search sopcast.  \n");
-
-
-	if (packet->payload_packet_len == 52 && packet->payload[0] == 0xff
-		&& packet->payload[1] == 0xff && packet->payload[2] == 0x01
-		&& packet->payload[8] == 0x02 && packet->payload[9] == 0xff
-		&& packet->payload[10] == 0x00 && packet->payload[11] == 0x2c
-		&& packet->payload[12] == 0x00 && packet->payload[13] == 0x00 && packet->payload[14] == 0x00) {
-		NDPI_LOG(NDPI_PROTOCOL_SOPCAST, ndpi_struct, NDPI_LOG_DEBUG, "found sopcast with if I.  \n");
-		ndpi_int_sopcast_add_connection(ndpi_struct, flow);
-		return;
-	}
-	if ((packet->payload_packet_len == 80 || packet->payload_packet_len == 28 || packet->payload_packet_len == 94)
-		&& packet->payload[0] == 0x00 && (packet->payload[2] == 0x02 || packet->payload[2] == 0x01)
-		&& packet->payload[8] == 0x01 && packet->payload[9] == 0xff
-		&& packet->payload[10] == 0x00 && packet->payload[11] == 0x14
-		&& packet->payload[12] == 0x00 && packet->payload[13] == 0x00) {
-		NDPI_LOG(NDPI_PROTOCOL_SOPCAST, ndpi_struct, NDPI_LOG_DEBUG, "found sopcast with if II.  \n");
-		ndpi_int_sopcast_add_connection(ndpi_struct, flow);
-		return;
-	}
-	/* this case has been seen once. Please revome this comment, if you see it another time */
-	if (packet->payload_packet_len == 60 && packet->payload[0] == 0x00
-		&& packet->payload[2] == 0x01
-		&& packet->payload[8] == 0x03 && packet->payload[9] == 0xff
-		&& packet->payload[10] == 0x00 && packet->payload[11] == 0x34
-		&& packet->payload[12] == 0x00 && packet->payload[13] == 0x00 && packet->payload[14] == 0x00) {
-		NDPI_LOG(NDPI_PROTOCOL_SOPCAST, ndpi_struct, NDPI_LOG_DEBUG, "found sopcast with if III.  \n");
-		ndpi_int_sopcast_add_connection(ndpi_struct, flow);
-		return;
-	}
-	if (packet->payload_packet_len == 42 && packet->payload[0] == 0x00
-		&& packet->payload[1] == 0x02 && packet->payload[2] == 0x01
-		&& packet->payload[3] == 0x07 && packet->payload[4] == 0x03
-		&& packet->payload[8] == 0x06
-		&& packet->payload[9] == 0x01 && packet->payload[10] == 0x00
-		&& packet->payload[11] == 0x22 && packet->payload[12] == 0x00 && packet->payload[13] == 0x00) {
-		NDPI_LOG(NDPI_PROTOCOL_SOPCAST, ndpi_struct, NDPI_LOG_DEBUG, "found sopcast with if IV.  \n");
-		ndpi_int_sopcast_add_connection(ndpi_struct, flow);
-		return;
-	}
-	if (packet->payload_packet_len == 28 && packet->payload[0] == 0x00
-		&& packet->payload[1] == 0x0c && packet->payload[2] == 0x01
-		&& packet->payload[3] == 0x07 && packet->payload[4] == 0x00
-		&& packet->payload[8] == 0x01
-		&& packet->payload[9] == 0x01 && packet->payload[10] == 0x00
-		&& packet->payload[11] == 0x14 && packet->payload[12] == 0x00 && packet->payload[13] == 0x00) {
-		NDPI_LOG(NDPI_PROTOCOL_SOPCAST, ndpi_struct, NDPI_LOG_DEBUG, "found sopcast with if V.  \n");
-		ndpi_int_sopcast_add_connection(ndpi_struct, flow);
-		return;
-	}
-	/* this case has been seen once. Please revome this comment, if you see it another time */
-	if (packet->payload_packet_len == 286 && packet->payload[0] == 0x00
-		&& packet->payload[1] == 0x02 && packet->payload[2] == 0x01
-		&& packet->payload[3] == 0x07 && packet->payload[4] == 0x03
-		&& packet->payload[8] == 0x06
-		&& packet->payload[9] == 0x01 && packet->payload[10] == 0x01
-		&& packet->payload[11] == 0x16 && packet->payload[12] == 0x00 && packet->payload[13] == 0x00) {
-		NDPI_LOG(NDPI_PROTOCOL_SOPCAST, ndpi_struct, NDPI_LOG_DEBUG, "found sopcast with if VI.  \n");
-		ndpi_int_sopcast_add_connection(ndpi_struct, flow);
-		return;
-	}
-	if (packet->payload_packet_len == 76 && packet->payload[0] == 0xff
-		&& packet->payload[1] == 0xff && packet->payload[2] == 0x01
-		&& packet->payload[8] == 0x0c && packet->payload[9] == 0xff
-		&& packet->payload[10] == 0x00 && packet->payload[11] == 0x44
-		&& packet->payload[16] == 0x01 && packet->payload[15] == 0x01
-		&& packet->payload[12] == 0x00 && packet->payload[13] == 0x00 && packet->payload[14] == 0x00) {
-		NDPI_LOG(NDPI_PROTOCOL_SOPCAST, ndpi_struct, NDPI_LOG_DEBUG, "found sopcast with if VII.  \n");
-		ndpi_int_sopcast_add_connection(ndpi_struct, flow);
-		return;
-	}
-
-	/* Attention please: no asymmetric detection necessary. This detection works asymmetrically as well. */
-
-	NDPI_LOG(NDPI_PROTOCOL_SOPCAST, ndpi_struct, NDPI_LOG_DEBUG, "exclude sopcast.  \n");
-	NDPI_ADD_PROTOCOL_TO_BITMASK(flow->excluded_protocol_bitmask, NDPI_PROTOCOL_SOPCAST);
+  //      struct ndpi_id_struct         *src=ndpi_struct->src;
+  //      struct ndpi_id_struct         *dst=ndpi_struct->dst;
+
+  NDPI_LOG(NDPI_PROTOCOL_SOPCAST, ndpi_struct, NDPI_LOG_DEBUG, "search sopcast.  \n");
+
+
+  if (packet->payload_packet_len == 52 && packet->payload[0] == 0xff
+      && packet->payload[1] == 0xff && packet->payload[2] == 0x01
+      && packet->payload[8] == 0x02 && packet->payload[9] == 0xff
+      && packet->payload[10] == 0x00 && packet->payload[11] == 0x2c
+      && packet->payload[12] == 0x00 && packet->payload[13] == 0x00 && packet->payload[14] == 0x00) {
+    NDPI_LOG(NDPI_PROTOCOL_SOPCAST, ndpi_struct, NDPI_LOG_DEBUG, "found sopcast with if I.  \n");
+    ndpi_int_sopcast_add_connection(ndpi_struct, flow);
+    return;
+  }
+  if ((packet->payload_packet_len == 80 || packet->payload_packet_len == 28 || packet->payload_packet_len == 94)
+      && packet->payload[0] == 0x00 && (packet->payload[2] == 0x02 || packet->payload[2] == 0x01)
+      && packet->payload[8] == 0x01 && packet->payload[9] == 0xff
+      && packet->payload[10] == 0x00 && packet->payload[11] == 0x14
+      && packet->payload[12] == 0x00 && packet->payload[13] == 0x00) {
+    NDPI_LOG(NDPI_PROTOCOL_SOPCAST, ndpi_struct, NDPI_LOG_DEBUG, "found sopcast with if II.  \n");
+    ndpi_int_sopcast_add_connection(ndpi_struct, flow);
+    return;
+  }
+  /* this case has been seen once. Please revome this comment, if you see it another time */
+  if (packet->payload_packet_len == 60 && packet->payload[0] == 0x00
+      && packet->payload[2] == 0x01
+      && packet->payload[8] == 0x03 && packet->payload[9] == 0xff
+      && packet->payload[10] == 0x00 && packet->payload[11] == 0x34
+      && packet->payload[12] == 0x00 && packet->payload[13] == 0x00 && packet->payload[14] == 0x00) {
+    NDPI_LOG(NDPI_PROTOCOL_SOPCAST, ndpi_struct, NDPI_LOG_DEBUG, "found sopcast with if III.  \n");
+    ndpi_int_sopcast_add_connection(ndpi_struct, flow);
+    return;
+  }
+  if (packet->payload_packet_len == 42 && packet->payload[0] == 0x00
+      && packet->payload[1] == 0x02 && packet->payload[2] == 0x01
+      && packet->payload[3] == 0x07 && packet->payload[4] == 0x03
+      && packet->payload[8] == 0x06
+      && packet->payload[9] == 0x01 && packet->payload[10] == 0x00
+      && packet->payload[11] == 0x22 && packet->payload[12] == 0x00 && packet->payload[13] == 0x00) {
+    NDPI_LOG(NDPI_PROTOCOL_SOPCAST, ndpi_struct, NDPI_LOG_DEBUG, "found sopcast with if IV.  \n");
+    ndpi_int_sopcast_add_connection(ndpi_struct, flow);
+    return;
+  }
+  if (packet->payload_packet_len == 28 && packet->payload[0] == 0x00
+      && packet->payload[1] == 0x0c && packet->payload[2] == 0x01
+      && packet->payload[3] == 0x07 && packet->payload[4] == 0x00
+      && packet->payload[8] == 0x01
+      && packet->payload[9] == 0x01 && packet->payload[10] == 0x00
+      && packet->payload[11] == 0x14 && packet->payload[12] == 0x00 && packet->payload[13] == 0x00) {
+    NDPI_LOG(NDPI_PROTOCOL_SOPCAST, ndpi_struct, NDPI_LOG_DEBUG, "found sopcast with if V.  \n");
+    ndpi_int_sopcast_add_connection(ndpi_struct, flow);
+    return;
+  }
+  /* this case has been seen once. Please revome this comment, if you see it another time */
+  if (packet->payload_packet_len == 286 && packet->payload[0] == 0x00
+      && packet->payload[1] == 0x02 && packet->payload[2] == 0x01
+      && packet->payload[3] == 0x07 && packet->payload[4] == 0x03
+      && packet->payload[8] == 0x06
+      && packet->payload[9] == 0x01 && packet->payload[10] == 0x01
+      && packet->payload[11] == 0x16 && packet->payload[12] == 0x00 && packet->payload[13] == 0x00) {
+    NDPI_LOG(NDPI_PROTOCOL_SOPCAST, ndpi_struct, NDPI_LOG_DEBUG, "found sopcast with if VI.  \n");
+    ndpi_int_sopcast_add_connection(ndpi_struct, flow);
+    return;
+  }
+  if (packet->payload_packet_len == 76 && packet->payload[0] == 0xff
+      && packet->payload[1] == 0xff && packet->payload[2] == 0x01
+      && packet->payload[8] == 0x0c && packet->payload[9] == 0xff
+      && packet->payload[10] == 0x00 && packet->payload[11] == 0x44
+      && packet->payload[16] == 0x01 && packet->payload[15] == 0x01
+      && packet->payload[12] == 0x00 && packet->payload[13] == 0x00 && packet->payload[14] == 0x00) {
+    NDPI_LOG(NDPI_PROTOCOL_SOPCAST, ndpi_struct, NDPI_LOG_DEBUG, "found sopcast with if VII.  \n");
+    ndpi_int_sopcast_add_connection(ndpi_struct, flow);
+    return;
+  }
+
+  /* Attention please: no asymmetric detection necessary. This detection works asymmetrically as well. */
+
+  NDPI_LOG(NDPI_PROTOCOL_SOPCAST, ndpi_struct, NDPI_LOG_DEBUG, "exclude sopcast.  \n");
+  NDPI_ADD_PROTOCOL_TO_BITMASK(flow->excluded_protocol_bitmask, NDPI_PROTOCOL_SOPCAST);
 
 
 
 }
 
 void ndpi_search_sopcast(struct ndpi_detection_module_struct
-						   *ndpi_struct, struct ndpi_flow_struct *flow)
+			 *ndpi_struct, struct ndpi_flow_struct *flow)
 {
-	struct ndpi_packet_struct *packet = &flow->packet;
+  struct ndpi_packet_struct *packet = &flow->packet;
 
-	if (packet->udp != NULL)
-		ndpi_search_sopcast_udp(ndpi_struct, flow);
-	if (packet->tcp != NULL)
-		ndpi_search_sopcast_tcp(ndpi_struct, flow);
+  if (packet->udp != NULL)
+    ndpi_search_sopcast_udp(ndpi_struct, flow);
+  if (packet->tcp != NULL)
+    ndpi_search_sopcast_tcp(ndpi_struct, flow);
 
 }
 #endif
author	Luca <deri@ntop.org>	2015-07-01 17:40:14 +0200
committer	Luca <deri@ntop.org>	2015-07-01 17:40:14 +0200
commit	60884f9047882863d27f7e8f5fb760897c599800 (patch)
tree	2b09f2ec1a551b59a98baee790c858fb3e038ffe /src/lib/protocols/sopcast.c
parent	49ea23530f876930896dc5aa6a84ef6219589171 (diff)