diff options
| author | Ivan Nardi <12729895+IvanNardi@users.noreply.github.com> | 2022-12-03 12:07:32 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-12-03 12:07:32 +0100 |
| commit | 81e1ea545ca465cda064e7cc80333fe7f0ef2aff (patch) | |
| tree | d4aeb94cda0891d50f5502a289e0116b1cbeab8a /src/lib/protocols/stun.c | |
| parent | a387072872c93a7ebef637dec7745b2941bc5743 (diff) | |
Make LRU caches ipv6 aware (#1810)
Simplest solution, keeping the existing cache data structure
TLS certificate cache is used for DTLS traffic, too.
Note that Ookla cache already works with ipv6 flows.
TODO:
* make the key/hashing more robust (extending the key size?)
* update bittorrent cache too. That task is quite difficult because
ntopng uses a public function (`ndpi_guess_undetected_protocol()`)
intrinsically ipv4 only...
Diffstat (limited to 'src/lib/protocols/stun.c')
| -rw-r--r-- | src/lib/protocols/stun.c | 19 |
1 files changed, 12 insertions, 7 deletions
diff --git a/src/lib/protocols/stun.c b/src/lib/protocols/stun.c index d60270ecc..a06612b28 100644 --- a/src/lib/protocols/stun.c +++ b/src/lib/protocols/stun.c @@ -37,10 +37,17 @@ /* ************************************************************ */ u_int32_t get_stun_lru_key(struct ndpi_flow_struct *flow, u_int8_t rev) { - if(rev) - return(ntohl(flow->s_address.v4) + ntohs(flow->s_port)); - else - return(ntohl(flow->c_address.v4) + ntohs(flow->c_port)); + if(rev) { + if(flow->is_ipv6) + return ndpi_quick_hash(flow->s_address.v6, 16) + ntohs(flow->s_port); + else + return ntohl(flow->s_address.v4) + ntohs(flow->s_port); + } else { + if(flow->is_ipv6) + return ndpi_quick_hash(flow->c_address.v6, 16) + ntohs(flow->c_port); + else + return ntohl(flow->c_address.v4) + ntohs(flow->c_port); + } } /* ************************************************************ */ @@ -48,7 +55,6 @@ u_int32_t get_stun_lru_key(struct ndpi_flow_struct *flow, u_int8_t rev) { static void ndpi_int_stun_add_connection(struct ndpi_detection_module_struct *ndpi_struct, struct ndpi_flow_struct *flow, u_int app_proto) { - struct ndpi_packet_struct *packet = &ndpi_struct->packet; ndpi_confidence_t confidence = NDPI_CONFIDENCE_DPI; if(app_proto == NDPI_PROTOCOL_UNKNOWN) { @@ -59,7 +65,6 @@ static void ndpi_int_stun_add_connection(struct ndpi_detection_module_struct *nd } if(ndpi_struct->stun_cache - && packet->iph && (app_proto != NDPI_PROTOCOL_UNKNOWN) ) /* Cache flow sender info */ { u_int32_t key = get_stun_lru_key(flow, 0); @@ -182,7 +187,7 @@ static ndpi_int_stun_t ndpi_int_check_stun(struct ndpi_detection_module_struct * return(NDPI_IS_NOT_STUN); } - if(ndpi_struct->stun_cache && packet->iph) { /* TODO: ipv6 */ + if(ndpi_struct->stun_cache) { u_int16_t proto; u_int32_t key = get_stun_lru_key(flow, 0); int rc = ndpi_lru_find_cache(ndpi_struct->stun_cache, key, &proto, |