diff options
| author | Luca Deri <deri@ntop.org> | 2021-07-24 16:18:18 +0200 |
|---|---|---|
| committer | Luca Deri <deri@ntop.org> | 2021-07-24 16:18:18 +0200 |
| commit | 526568fcd519ccef3216b563f79e77c7326e11b9 (patch) | |
| tree | 12806af2c9003795ec9acb4d8f7167a544df2bd6 /src/lib | |
| parent | c73501f8592420bec3e0f5087b9b6a9757166ff8 (diff) | |
Risk check improvement
Diffstat (limited to 'src/lib')
| -rw-r--r-- | src/lib/ndpi_utils.c | 31 |
1 files changed, 18 insertions, 13 deletions
diff --git a/src/lib/ndpi_utils.c b/src/lib/ndpi_utils.c index 2a5d1864b..80342b32d 100644 --- a/src/lib/ndpi_utils.c +++ b/src/lib/ndpi_utils.c @@ -2056,20 +2056,25 @@ static void ndpi_handle_risk_exceptions(struct ndpi_detection_module_struct *ndp if(flow->risk == 0) return; /* Nothing to do */ host = ndpi_get_flow_name(flow); - - if(host && (host[0] != '\0')) { - /* Check host exception */ - ndpi_automa *automa = &ndpi_str->host_risk_mask_automa; - - if(automa->ac_automa) { - AC_TEXT_t ac_input_text; - AC_REP_t match; - - ac_input_text.astring = host, ac_input_text.length = strlen(host); - ac_input_text.option = 0; + + if(!flow->host_risk_mask_evaluated) { + if(host && (host[0] != '\0')) { + /* Check host exception */ + ndpi_automa *automa = &ndpi_str->host_risk_mask_automa; - if(ac_automata_search(automa->ac_automa, &ac_input_text, &match) > 0) - flow->risk &= match.number64; + if(automa->ac_automa) { + AC_TEXT_t ac_input_text; + AC_REP_t match; + + ac_input_text.astring = host, ac_input_text.length = strlen(host); + ac_input_text.option = 0; + + if(ac_automata_search(automa->ac_automa, &ac_input_text, &match) > 0) + flow->risk &= match.number64; + } + + /* Used to avoid double checks (e.g. in DNS req/rsp) */ + flow->host_risk_mask_evaluated = 1; } } |