aboutsummaryrefslogtreecommitdiff
path: root/src/lib/protocols
diff options
context:
space:
mode:
authorLuca Deri <deri@ntop.org>2018-11-21 00:32:32 +0100
committerLuca Deri <deri@ntop.org>2018-11-21 00:32:32 +0100
commit669fdf6b5f3657c638ffa8df6ff1baebf5b311b1 (patch)
treeaf6540946a53550ea3d198c7e232ea5ac8ae072e /src/lib/protocols
parent21504c849233d69b896fdff364b3933e8ec997d3 (diff)
Improved skype, teredo, netbios heuristics
Changed ndpi_detection_giveup() API: guess is now part of the call
Diffstat (limited to 'src/lib/protocols')
-rw-r--r--src/lib/protocols/netbios.c5
-rw-r--r--src/lib/protocols/skype.c2
-rw-r--r--src/lib/protocols/teredo.c2
3 files changed, 4 insertions, 5 deletions
diff --git a/src/lib/protocols/netbios.c b/src/lib/protocols/netbios.c
index 4c5897c14..925b864ad 100644
--- a/src/lib/protocols/netbios.c
+++ b/src/lib/protocols/netbios.c
@@ -330,9 +330,8 @@ void ndpi_search_netbios(struct ndpi_detection_module_struct *ndpi_struct, struc
NDPI_LOG_DBG2(ndpi_struct, "found netbios port 138 and payload length >= 112 \n");
- if(packet->payload[0] >= 0x11 && packet->payload[0] <= 0x16) {
-
- NDPI_LOG_DBG2(ndpi_struct, "found netbios with MSG-type 0x11,0x12,0x13,0x14,0x15 or 0x16\n");
+ if(packet->payload[0] >= 0x10 && packet->payload[0] <= 0x16) {
+ NDPI_LOG_DBG2(ndpi_struct, "found netbios with MSG-type 0x10,0x11,0x12,0x13,0x14,0x15 or 0x16\n");
if(ntohl(get_u_int32_t(packet->payload, 4)) == ntohl(packet->iph->saddr)) {
NDPI_LOG_INFO(ndpi_struct, "found netbios with checked ip-address\n");
diff --git a/src/lib/protocols/skype.c b/src/lib/protocols/skype.c
index 8a4eafca4..faeac17c5 100644
--- a/src/lib/protocols/skype.c
+++ b/src/lib/protocols/skype.c
@@ -66,7 +66,7 @@ static void ndpi_check_skype(struct ndpi_detection_module_struct *ndpi_struct, s
}
}
- return;
+ // return;
}
NDPI_EXCLUDE_PROTO(ndpi_struct, flow);
diff --git a/src/lib/protocols/teredo.c b/src/lib/protocols/teredo.c
index 732b1d6c9..e377d09a4 100644
--- a/src/lib/protocols/teredo.c
+++ b/src/lib/protocols/teredo.c
@@ -32,7 +32,7 @@ void ndpi_search_teredo(struct ndpi_detection_module_struct *ndpi_struct, struct
NDPI_LOG_DBG(ndpi_struct,"search teredo\n");
if(packet->udp
&& packet->iph
- && ((ntohl(packet->iph->daddr) & 0xF0000000) == 0xE0000000 /* A multicast address */)
+ && ((ntohl(packet->iph->daddr) & 0xF0000000) != 0xE0000000 /* Not a multicast address */)
&& ((ntohs(packet->udp->source) == 3544) || (ntohs(packet->udp->dest) == 3544))
&& (packet->payload_packet_len >= 40 /* IPv6 header */)) {
NDPI_LOG_INFO(ndpi_struct,"found teredo\n");
Powered by cgit, Themed by Ted Yin.