diff options
| author | Luca Deri <deri@ntop.org> | 2017-09-15 11:13:25 +0200 |
|---|---|---|
| committer | Luca Deri <deri@ntop.org> | 2017-09-15 11:13:25 +0200 |
| commit | 83b1b34c18408f969da6689972e2394aa06efc2c (patch) | |
| tree | f6c68b817c506cd9404876459bfebc5a87cdfce5 /src | |
| parent | b4d535e184c91bc0d14292d7db2ec23a253b5fae (diff) | |
Added custom 5 protocol categories to be used by applications. They are currently empty
Added ndpi_is_custom_category() to check if a defined category is custom
Diffstat (limited to 'src')
| -rw-r--r-- | src/include/ndpi_api.h | 9 | ||||
| -rw-r--r-- | src/include/ndpi_typedefs.h | 11 | ||||
| -rw-r--r-- | src/lib/ndpi_content_match.c.inc | 34 | ||||
| -rw-r--r-- | src/lib/ndpi_main.c | 123 |
4 files changed, 116 insertions, 61 deletions
diff --git a/src/include/ndpi_api.h b/src/include/ndpi_api.h index 76285cb70..325ee0564 100644 --- a/src/include/ndpi_api.h +++ b/src/include/ndpi_api.h @@ -411,6 +411,15 @@ extern "C" { char* ndpi_protocol2name(struct ndpi_detection_module_struct *ndpi_mod, ndpi_protocol proto, char *buf, u_int buf_len); /** + * Find out if a given category is custom/user-defined + * + * @par category = the category associated to the protocol + * @return 1 if this is a custom user category, 0 otherwise + * + */ + int ndpi_is_custom_category(ndpi_protocol_category_t category); + + /** * Get protocol category as string * * @par category = the category associated to the protocol diff --git a/src/include/ndpi_typedefs.h b/src/include/ndpi_typedefs.h index e5e9053e8..51c0df449 100644 --- a/src/include/ndpi_typedefs.h +++ b/src/include/ndpi_typedefs.h @@ -748,10 +748,10 @@ typedef enum { NDPI_PROTOCOL_CATEGORY_MEDIA, /* Multimedia and streaming */ NDPI_PROTOCOL_CATEGORY_VPN, /* Virtual Private Networks */ NDPI_PROTOCOL_CATEGORY_MAIL, /* Protocols to send/receive/sync emails */ - NDPI_PROTOCOL_CATEGORY_FILE_TRANSFER, /* FTP and similar protocols */ + NDPI_PROTOCOL_CATEGORY_DATA_TRANSFER, /* AFS/NFS and similar protocols */ NDPI_PROTOCOL_CATEGORY_WEB, /* Web protocols and services */ NDPI_PROTOCOL_CATEGORY_SOCIAL_NETWORK, /* Social networks */ - NDPI_PROTOCOL_CATEGORY_P2P, /* File sharing and P2P */ + NDPI_PROTOCOL_CATEGORY_P2P_DOWNLOAD_FT, /* Download, FTP, file transfer/sharing and P2P */ NDPI_PROTOCOL_CATEGORY_GAME, /* Online games */ NDPI_PROTOCOL_CATEGORY_CHAT, /* Instant messaging */ NDPI_PROTOCOL_CATEGORY_VOIP, /* Real-time communications and conferencing */ @@ -762,8 +762,13 @@ typedef enum { NDPI_PROTOCOL_CATEGORY_COLLABORATIVE, /* Software for collaborative development, including Webmail */ NDPI_PROTOCOL_CATEGORY_RPC, /* High level network communication protocols */ NDPI_PROTOCOL_CATEGORY_NETWORK_TOOL, /* Network administration and monitor protocols */ - NDPI_PROTOCOL_CATEGORY_SYSTEM, /* System level applications */ + NDPI_PROTOCOL_CATEGORY_SYSTEM_OS, /* System/Operating System level applications */ NDPI_PROTOCOL_CATEGORY_SW_UPDATE, /* Software update */ + NDPI_PROTOCOL_CATEGORY_CUSTOM_1, /* User custom category 1 */ + NDPI_PROTOCOL_CATEGORY_CUSTOM_2, /* User custom category 2 */ + NDPI_PROTOCOL_CATEGORY_CUSTOM_3, /* User custom category 3 */ + NDPI_PROTOCOL_CATEGORY_CUSTOM_4, /* User custom category 4 */ + NDPI_PROTOCOL_CATEGORY_CUSTOM_5, /* User custom category 5 */ NDPI_PROTOCOL_NUM_CATEGORIES /* NOTE: Keep this as last member diff --git a/src/lib/ndpi_content_match.c.inc b/src/lib/ndpi_content_match.c.inc index b2131e413..3def0f7b7 100644 --- a/src/lib/ndpi_content_match.c.inc +++ b/src/lib/ndpi_content_match.c.inc @@ -8192,8 +8192,8 @@ ndpi_protocol_match host_match[] = { { ".deezer.com", "Deezer", NDPI_PROTOCOL_DEEZER, NDPI_PROTOCOL_CATEGORY_MEDIA, NDPI_PROTOCOL_FUN }, { ".microsoft.com", "Microsoft", NDPI_PROTOCOL_MICROSOFT, NDPI_PROTOCOL_CATEGORY_WEB, NDPI_PROTOCOL_SAFE }, - { "i-msdn.sec.s-msft.com", "Microsoft", NDPI_PROTOCOL_MICROSOFT, NDPI_PROTOCOL_CATEGORY_SYSTEM, NDPI_PROTOCOL_ACCEPTABLE }, - { "i2-msdn.sec.s-msft.com", "Microsoft", NDPI_PROTOCOL_MICROSOFT, NDPI_PROTOCOL_CATEGORY_SYSTEM, NDPI_PROTOCOL_ACCEPTABLE }, + { "i-msdn.sec.s-msft.com", "Microsoft", NDPI_PROTOCOL_MICROSOFT, NDPI_PROTOCOL_CATEGORY_SYSTEM_OS, NDPI_PROTOCOL_ACCEPTABLE }, + { "i2-msdn.sec.s-msft.com", "Microsoft", NDPI_PROTOCOL_MICROSOFT, NDPI_PROTOCOL_CATEGORY_SYSTEM_OS, NDPI_PROTOCOL_ACCEPTABLE }, { ".webtrends.com", "Microsoft", NDPI_PROTOCOL_MICROSOFT, NDPI_PROTOCOL_CATEGORY_WEB, NDPI_PROTOCOL_ACCEPTABLE }, { ".msecnd.net", "Microsoft", NDPI_PROTOCOL_MICROSOFT, NDPI_PROTOCOL_CATEGORY_WEB, NDPI_PROTOCOL_ACCEPTABLE }, { "bing.com", "Microsoft", NDPI_PROTOCOL_MICROSOFT, NDPI_PROTOCOL_CATEGORY_WEB, NDPI_PROTOCOL_SAFE }, @@ -8287,9 +8287,9 @@ ndpi_protocol_match host_match[] = { { "dnscrypt.org", "DNScrypt", NDPI_PROTOCOL_DNSCRYPT, NDPI_PROTOCOL_CATEGORY_NETWORK, NDPI_PROTOCOL_ACCEPTABLE }, - { "torrent.", "BitTorrent", NDPI_PROTOCOL_BITTORRENT, NDPI_PROTOCOL_CATEGORY_P2P, NDPI_PROTOCOL_UNSAFE }, - { "torrents.", "BitTorrent", NDPI_PROTOCOL_BITTORRENT, NDPI_PROTOCOL_CATEGORY_P2P, NDPI_PROTOCOL_UNSAFE }, - { "torrentz.", "BitTorrent", NDPI_PROTOCOL_BITTORRENT, NDPI_PROTOCOL_CATEGORY_P2P, NDPI_PROTOCOL_UNSAFE }, + { "torrent.", "BitTorrent", NDPI_PROTOCOL_BITTORRENT, NDPI_PROTOCOL_CATEGORY_P2P_DOWNLOAD_FT, NDPI_PROTOCOL_UNSAFE }, + { "torrents.", "BitTorrent", NDPI_PROTOCOL_BITTORRENT, NDPI_PROTOCOL_CATEGORY_P2P_DOWNLOAD_FT, NDPI_PROTOCOL_UNSAFE }, + { "torrentz.", "BitTorrent", NDPI_PROTOCOL_BITTORRENT, NDPI_PROTOCOL_CATEGORY_P2P_DOWNLOAD_FT, NDPI_PROTOCOL_UNSAFE }, { ".nintendo.net", "Nintendo", NDPI_PROTOCOL_NINTENDO, NDPI_PROTOCOL_CATEGORY_GAME, NDPI_PROTOCOL_FUN }, { ".nintendo.com", "Nintendo", NDPI_PROTOCOL_NINTENDO, NDPI_PROTOCOL_CATEGORY_GAME, NDPI_PROTOCOL_FUN }, @@ -8297,7 +8297,7 @@ ndpi_protocol_match host_match[] = { { ".playstation.com", "Playstation", NDPI_PROTOCOL_PLAYSTATION, NDPI_PROTOCOL_CATEGORY_GAME, NDPI_PROTOCOL_FUN }, { ".sonyentertainmentnetwork.com","Playstation", NDPI_PROTOCOL_PLAYSTATION, NDPI_PROTOCOL_CATEGORY_GAME, NDPI_PROTOCOL_FUN }, - { ".pastebin.com", "Pastebin", NDPI_PROTOCOL_PASTEBIN, NDPI_PROTOCOL_CATEGORY_FILE_TRANSFER, NDPI_PROTOCOL_POTENTIALLY_DANGEROUS }, + { ".pastebin.com", "Pastebin", NDPI_PROTOCOL_PASTEBIN, NDPI_PROTOCOL_CATEGORY_P2P_DOWNLOAD_FT, NDPI_PROTOCOL_POTENTIALLY_DANGEROUS }, { ".linkedin.com", "LinkedIn", NDPI_PROTOCOL_LINKEDIN, NDPI_PROTOCOL_CATEGORY_SOCIAL_NETWORK, NDPI_PROTOCOL_FUN }, { ".licdn.com", "LinkedIn", NDPI_PROTOCOL_LINKEDIN, NDPI_PROTOCOL_CATEGORY_SOCIAL_NETWORK, NDPI_PROTOCOL_FUN }, @@ -8354,17 +8354,17 @@ ndpi_protocol_match content_match[] = { { "video/webm", NULL, NDPI_CONTENT_WEBM, NDPI_PROTOCOL_CATEGORY_MEDIA, NDPI_PROTOCOL_FUN }, { "application/x-rtsp-tunnelled", NULL, NDPI_PROTOCOL_RTSP, NDPI_PROTOCOL_CATEGORY_MEDIA, NDPI_PROTOCOL_FUN }, { "application/vnd.apple.mpegurl",NULL, NDPI_CONTENT_MPEG, NDPI_PROTOCOL_CATEGORY_MEDIA, NDPI_PROTOCOL_FUN }, - { "application/x-tar", NULL, NDPI_PROTOCOL_HTTP_DOWNLOAD, NDPI_PROTOCOL_CATEGORY_FILE_TRANSFER, NDPI_PROTOCOL_ACCEPTABLE }, - { "application/octet-stream", NULL, NDPI_PROTOCOL_HTTP_DOWNLOAD, NDPI_PROTOCOL_CATEGORY_FILE_TRANSFER, NDPI_PROTOCOL_ACCEPTABLE }, - { "application/mac-binary", NULL, NDPI_PROTOCOL_HTTP_DOWNLOAD, NDPI_PROTOCOL_CATEGORY_FILE_TRANSFER, NDPI_PROTOCOL_ACCEPTABLE }, - { "/x-bzip", NULL, NDPI_PROTOCOL_HTTP_DOWNLOAD, NDPI_PROTOCOL_CATEGORY_FILE_TRANSFER, NDPI_PROTOCOL_ACCEPTABLE }, - { "/x-gzip", NULL, NDPI_PROTOCOL_HTTP_DOWNLOAD, NDPI_PROTOCOL_CATEGORY_FILE_TRANSFER, NDPI_PROTOCOL_ACCEPTABLE }, - { "/x-zip", NULL, NDPI_PROTOCOL_HTTP_DOWNLOAD, NDPI_PROTOCOL_CATEGORY_FILE_TRANSFER, NDPI_PROTOCOL_ACCEPTABLE }, - { "/zip", NULL, NDPI_PROTOCOL_HTTP_DOWNLOAD, NDPI_PROTOCOL_CATEGORY_FILE_TRANSFER, NDPI_PROTOCOL_ACCEPTABLE }, - { "binhex", NULL, NDPI_PROTOCOL_HTTP_DOWNLOAD, NDPI_PROTOCOL_CATEGORY_FILE_TRANSFER, NDPI_PROTOCOL_ACCEPTABLE }, - { "/base64", NULL, NDPI_PROTOCOL_HTTP_DOWNLOAD, NDPI_PROTOCOL_CATEGORY_FILE_TRANSFER, NDPI_PROTOCOL_ACCEPTABLE }, - { "application/gnutar", NULL, NDPI_PROTOCOL_HTTP_DOWNLOAD, NDPI_PROTOCOL_CATEGORY_FILE_TRANSFER, NDPI_PROTOCOL_ACCEPTABLE }, - { "application/x-compressed", NULL, NDPI_PROTOCOL_HTTP_DOWNLOAD, NDPI_PROTOCOL_CATEGORY_FILE_TRANSFER, NDPI_PROTOCOL_ACCEPTABLE }, + { "application/x-tar", NULL, NDPI_PROTOCOL_HTTP_DOWNLOAD, NDPI_PROTOCOL_CATEGORY_P2P_DOWNLOAD_FT, NDPI_PROTOCOL_ACCEPTABLE }, + { "application/octet-stream", NULL, NDPI_PROTOCOL_HTTP_DOWNLOAD, NDPI_PROTOCOL_CATEGORY_P2P_DOWNLOAD_FT, NDPI_PROTOCOL_ACCEPTABLE }, + { "application/mac-binary", NULL, NDPI_PROTOCOL_HTTP_DOWNLOAD, NDPI_PROTOCOL_CATEGORY_P2P_DOWNLOAD_FT, NDPI_PROTOCOL_ACCEPTABLE }, + { "/x-bzip", NULL, NDPI_PROTOCOL_HTTP_DOWNLOAD, NDPI_PROTOCOL_CATEGORY_P2P_DOWNLOAD_FT, NDPI_PROTOCOL_ACCEPTABLE }, + { "/x-gzip", NULL, NDPI_PROTOCOL_HTTP_DOWNLOAD, NDPI_PROTOCOL_CATEGORY_P2P_DOWNLOAD_FT, NDPI_PROTOCOL_ACCEPTABLE }, + { "/x-zip", NULL, NDPI_PROTOCOL_HTTP_DOWNLOAD, NDPI_PROTOCOL_CATEGORY_P2P_DOWNLOAD_FT, NDPI_PROTOCOL_ACCEPTABLE }, + { "/zip", NULL, NDPI_PROTOCOL_HTTP_DOWNLOAD, NDPI_PROTOCOL_CATEGORY_P2P_DOWNLOAD_FT, NDPI_PROTOCOL_ACCEPTABLE }, + { "binhex", NULL, NDPI_PROTOCOL_HTTP_DOWNLOAD, NDPI_PROTOCOL_CATEGORY_P2P_DOWNLOAD_FT, NDPI_PROTOCOL_ACCEPTABLE }, + { "/base64", NULL, NDPI_PROTOCOL_HTTP_DOWNLOAD, NDPI_PROTOCOL_CATEGORY_P2P_DOWNLOAD_FT, NDPI_PROTOCOL_ACCEPTABLE }, + { "application/gnutar", NULL, NDPI_PROTOCOL_HTTP_DOWNLOAD, NDPI_PROTOCOL_CATEGORY_P2P_DOWNLOAD_FT, NDPI_PROTOCOL_ACCEPTABLE }, + { "application/x-compressed", NULL, NDPI_PROTOCOL_HTTP_DOWNLOAD, NDPI_PROTOCOL_CATEGORY_P2P_DOWNLOAD_FT, NDPI_PROTOCOL_ACCEPTABLE }, { NULL, 0 } }; diff --git a/src/lib/ndpi_main.c b/src/lib/ndpi_main.c index 26983f0a8..fccedecb0 100644 --- a/src/lib/ndpi_main.c +++ b/src/lib/ndpi_main.c @@ -436,8 +436,7 @@ void ndpi_set_proto_defaults(struct ndpi_detection_module_struct *ndpi_mod, ndpi_protocol_breed_t breed, u_int16_t protoId, u_int16_t tcp_master_protoId[2], u_int16_t udp_master_protoId[2], char *protoName, ndpi_protocol_category_t protoCategory, - ndpi_port_range *tcpDefPorts, ndpi_port_range *udpDefPorts) -{ + ndpi_port_range *tcpDefPorts, ndpi_port_range *udpDefPorts) { char *name; int j; @@ -706,12 +705,12 @@ static void ndpi_init_protocol_defaults(struct ndpi_detection_module_struct *ndp ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_UNSAFE, NDPI_PROTOCOL_FTP_CONTROL, no_master, - no_master, "FTP_CONTROL", NDPI_PROTOCOL_CATEGORY_FILE_TRANSFER, + no_master, "FTP_CONTROL", NDPI_PROTOCOL_CATEGORY_P2P_DOWNLOAD_FT, ndpi_build_default_ports(ports_a, 21, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_FTP_DATA, no_master, - no_master, "FTP_DATA", NDPI_PROTOCOL_CATEGORY_FILE_TRANSFER, + no_master, "FTP_DATA", NDPI_PROTOCOL_CATEGORY_P2P_DOWNLOAD_FT, ndpi_build_default_ports(ports_a, 20, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_UNSAFE, NDPI_PROTOCOL_MAIL_POP, @@ -751,7 +750,7 @@ static void ndpi_init_protocol_defaults(struct ndpi_detection_module_struct *ndp ndpi_build_default_ports(ports_b, 53, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_IPP, no_master, - no_master, "IPP", NDPI_PROTOCOL_CATEGORY_SYSTEM, + no_master, "IPP", NDPI_PROTOCOL_CATEGORY_SYSTEM_OS, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_HEP, @@ -771,22 +770,22 @@ static void ndpi_init_protocol_defaults(struct ndpi_detection_module_struct *ndp ndpi_build_default_ports(ports_b, 5353, 5354, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_NTP, no_master, - no_master, "NTP", NDPI_PROTOCOL_CATEGORY_SYSTEM, + no_master, "NTP", NDPI_PROTOCOL_CATEGORY_SYSTEM_OS, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 123, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_NETBIOS, no_master, - no_master, "NetBIOS", NDPI_PROTOCOL_CATEGORY_SYSTEM, + no_master, "NetBIOS", NDPI_PROTOCOL_CATEGORY_SYSTEM_OS, ndpi_build_default_ports(ports_a, 139, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 137, 138, 139, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_NFS, no_master, - no_master, "NFS", NDPI_PROTOCOL_CATEGORY_FILE_TRANSFER, + no_master, "NFS", NDPI_PROTOCOL_CATEGORY_DATA_TRANSFER, ndpi_build_default_ports(ports_a, 2049, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 2049, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_SSDP, no_master, - no_master, "SSDP", NDPI_PROTOCOL_CATEGORY_SYSTEM, + no_master, "SSDP", NDPI_PROTOCOL_CATEGORY_SYSTEM_OS, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_BGP, @@ -806,12 +805,12 @@ static void ndpi_init_protocol_defaults(struct ndpi_detection_module_struct *ndp ndpi_build_default_ports(ports_b, 177, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_SMB, no_master, - no_master, "SMB", NDPI_PROTOCOL_CATEGORY_SYSTEM, + no_master, "SMB", NDPI_PROTOCOL_CATEGORY_SYSTEM_OS, ndpi_build_default_ports(ports_a, 445, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_SYSLOG, no_master, - no_master, "Syslog", NDPI_PROTOCOL_CATEGORY_SYSTEM, + no_master, "Syslog", NDPI_PROTOCOL_CATEGORY_SYSTEM_OS, ndpi_build_default_ports(ports_a, 514, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 514, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DHCP, @@ -831,17 +830,17 @@ static void ndpi_init_protocol_defaults(struct ndpi_detection_module_struct *ndp ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_POTENTIALLY_DANGEROUS, NDPI_PROTOCOL_DIRECT_DOWNLOAD_LINK, no_master, - no_master, "Direct_Download_Link", NDPI_PROTOCOL_CATEGORY_P2P, + no_master, "Direct_Download_Link", NDPI_PROTOCOL_CATEGORY_P2P_DOWNLOAD_FT, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_POTENTIALLY_DANGEROUS, NDPI_PROTOCOL_APPLEJUICE, no_master, - no_master, "AppleJuice", NDPI_PROTOCOL_CATEGORY_P2P, + no_master, "AppleJuice", NDPI_PROTOCOL_CATEGORY_P2P_DOWNLOAD_FT, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_POTENTIALLY_DANGEROUS, NDPI_PROTOCOL_DIRECTCONNECT, no_master, - no_master, "DirectConnect", NDPI_PROTOCOL_CATEGORY_P2P, + no_master, "DirectConnect", NDPI_PROTOCOL_CATEGORY_P2P_DOWNLOAD_FT, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_POTENTIALLY_DANGEROUS, NDPI_PROTOCOL_SOCRATES, @@ -856,7 +855,7 @@ static void ndpi_init_protocol_defaults(struct ndpi_detection_module_struct *ndp ndpi_build_default_ports(ports_b, 902, 903, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_POTENTIALLY_DANGEROUS, NDPI_PROTOCOL_FILETOPIA, no_master, - no_master, "Filetopia", NDPI_PROTOCOL_CATEGORY_P2P, + no_master, "Filetopia", NDPI_PROTOCOL_CATEGORY_P2P_DOWNLOAD_FT, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_POTENTIALLY_DANGEROUS, NDPI_PROTOCOL_KONTIKI, @@ -866,29 +865,34 @@ static void ndpi_init_protocol_defaults(struct ndpi_detection_module_struct *ndp ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_POTENTIALLY_DANGEROUS, NDPI_PROTOCOL_OPENFT, no_master, - no_master, "OpenFT", NDPI_PROTOCOL_CATEGORY_P2P, + no_master, "OpenFT", NDPI_PROTOCOL_CATEGORY_P2P_DOWNLOAD_FT, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_POTENTIALLY_DANGEROUS, NDPI_PROTOCOL_FASTTRACK, no_master, - no_master, "FastTrack", NDPI_PROTOCOL_CATEGORY_P2P, + no_master, "FastTrack", NDPI_PROTOCOL_CATEGORY_P2P_DOWNLOAD_FT, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_POTENTIALLY_DANGEROUS, NDPI_PROTOCOL_GNUTELLA, no_master, - no_master, "Gnutella", NDPI_PROTOCOL_CATEGORY_P2P, + no_master, "Gnutella", NDPI_PROTOCOL_CATEGORY_P2P_DOWNLOAD_FT, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); - ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_POTENTIALLY_DANGEROUS, NDPI_PROTOCOL_EDONKEY, + ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_UNSAFE, NDPI_PROTOCOL_EDONKEY, no_master, - no_master, "eDonkey", NDPI_PROTOCOL_CATEGORY_P2P, + no_master, "eDonkey", NDPI_PROTOCOL_CATEGORY_P2P_DOWNLOAD_FT, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_UNSAFE, NDPI_PROTOCOL_BITTORRENT, no_master, - no_master, "BitTorrent", NDPI_PROTOCOL_CATEGORY_P2P, + no_master, "BitTorrent", NDPI_PROTOCOL_CATEGORY_P2P_DOWNLOAD_FT, ndpi_build_default_ports(ports_a, 51413, 53646, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 6771, 51413, 0, 0, 0) /* UDP */); + ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_SKYPE, + no_master, + no_master, "Skype", NDPI_PROTOCOL_CATEGORY_VOIP, + ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, + ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_TEREDO, no_master, no_master, "Teredo", NDPI_PROTOCOL_CATEGORY_NETWORK, @@ -1001,7 +1005,7 @@ static void ndpi_init_protocol_defaults(struct ndpi_detection_module_struct *ndp ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_HTTP_DOWNLOAD, no_master, - no_master, "HTTP_Download", NDPI_PROTOCOL_CATEGORY_FILE_TRANSFER, + no_master, "HTTP_Download", NDPI_PROTOCOL_CATEGORY_P2P_DOWNLOAD_FT, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_QQLIVE, @@ -1011,12 +1015,12 @@ static void ndpi_init_protocol_defaults(struct ndpi_detection_module_struct *ndp ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_THUNDER, no_master, - no_master, "Thunder", NDPI_PROTOCOL_CATEGORY_P2P, + no_master, "Thunder", NDPI_PROTOCOL_CATEGORY_P2P_DOWNLOAD_FT, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_SOULSEEK, no_master, - no_master, "Soulseek", NDPI_PROTOCOL_CATEGORY_P2P, + no_master, "Soulseek", NDPI_PROTOCOL_CATEGORY_P2P_DOWNLOAD_FT, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); @@ -1187,17 +1191,17 @@ static void ndpi_init_protocol_defaults(struct ndpi_detection_module_struct *ndp ndpi_build_default_ports(ports_b, 4569, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_AFP, no_master, - no_master, "AFP", NDPI_PROTOCOL_CATEGORY_FILE_TRANSFER, + no_master, "AFP", NDPI_PROTOCOL_CATEGORY_DATA_TRANSFER, ndpi_build_default_ports(ports_a, 548, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 548, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_POTENTIALLY_DANGEROUS, NDPI_PROTOCOL_STEALTHNET, no_master, - no_master, "Stealthnet", NDPI_PROTOCOL_CATEGORY_P2P, + no_master, "Stealthnet", NDPI_PROTOCOL_CATEGORY_P2P_DOWNLOAD_FT, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_AIMINI, no_master, - no_master, "Aimini", NDPI_PROTOCOL_CATEGORY_P2P, + no_master, "Aimini", NDPI_PROTOCOL_CATEGORY_P2P_DOWNLOAD_FT, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_SIP, @@ -1262,7 +1266,7 @@ static void ndpi_init_protocol_defaults(struct ndpi_detection_module_struct *ndp ndpi_build_default_ports(ports_b, 88, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_LDAP, no_master, - no_master, "LDAP", NDPI_PROTOCOL_CATEGORY_SYSTEM, + no_master, "LDAP", NDPI_PROTOCOL_CATEGORY_SYSTEM_OS, ndpi_build_default_ports(ports_a, 389, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 389, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_MAPLESTORY, @@ -1463,7 +1467,7 @@ static void ndpi_init_protocol_defaults(struct ndpi_detection_module_struct *ndp ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_RSYNC, no_master, - no_master, "RSYNC", NDPI_PROTOCOL_CATEGORY_FILE_TRANSFER, + no_master, "RSYNC", NDPI_PROTOCOL_CATEGORY_DATA_TRANSFER, ndpi_build_default_ports(ports_a, 873, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_ORACLE, @@ -1488,7 +1492,7 @@ static void ndpi_init_protocol_defaults(struct ndpi_detection_module_struct *ndp ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0)); /* UDP */ ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_COLLECTD, no_master, - no_master, "Collectd", NDPI_PROTOCOL_CATEGORY_SYSTEM, + no_master, "Collectd", NDPI_PROTOCOL_CATEGORY_SYSTEM_OS, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0), /* TCP */ ndpi_build_default_ports(ports_b, 25826, 0, 0, 0, 0)); /* UDP */ ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_SOCKS, @@ -1498,7 +1502,7 @@ static void ndpi_init_protocol_defaults(struct ndpi_detection_module_struct *ndp ndpi_build_default_ports(ports_b, 1080, 0, 0, 0, 0)); /* UDP */ ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_TFTP, no_master, - no_master, "TFTP", NDPI_PROTOCOL_CATEGORY_FILE_TRANSFER, + no_master, "TFTP", NDPI_PROTOCOL_CATEGORY_DATA_TRANSFER, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0), /* TCP */ ndpi_build_default_ports(ports_b, 69, 0, 0, 0, 0)); /* UDP */ ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_RTMP, @@ -1583,12 +1587,12 @@ static void ndpi_init_protocol_defaults(struct ndpi_detection_module_struct *ndp ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_BJNP, no_master, - no_master, "BJNP", NDPI_PROTOCOL_CATEGORY_UNSPECIFIED, + no_master, "BJNP", NDPI_PROTOCOL_CATEGORY_SYSTEM_OS, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 8612, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_SMPP, no_master, - no_master, "SMPP", NDPI_PROTOCOL_CATEGORY_P2P, + no_master, "SMPP", NDPI_PROTOCOL_CATEGORY_P2P_DOWNLOAD_FT, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0), /* TCP */ ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0)); /* UDP */ ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_SAFE, NDPI_PROTOCOL_OOKLA, @@ -1631,8 +1635,12 @@ static void ndpi_init_protocol_defaults(struct ndpi_detection_module_struct *ndp init_string_based_protocols(ndpi_mod); for(i=0; i<(int)ndpi_mod->ndpi_num_supported_protocols; i++) { - if(ndpi_mod->proto_defaults[i].protoName == NULL) { - printf("[NDPI] %s(missing protoId=%d) INTERNAL ERROR: not all protocols have been initialized\n", __FUNCTION__, i); + if((ndpi_mod->proto_defaults[i].protoName == NULL) + || ((i != NDPI_PROTOCOL_UNKNOWN) + && (ndpi_mod->proto_defaults[i].protoCategory == NDPI_PROTOCOL_CATEGORY_UNSPECIFIED))) { + printf("[NDPI] %s(missing protoId=%d/%s) INTERNAL ERROR: not all protocols have been initialized\n", + __FUNCTION__, i, + ndpi_mod->proto_defaults[i].protoName ? ndpi_mod->proto_defaults[i].protoName : "???"); } } } @@ -4543,6 +4551,24 @@ char* ndpi_protocol2name(struct ndpi_detection_module_struct *ndpi_mod, /* ****************************************************** */ +int ndpi_is_custom_category(ndpi_protocol_category_t category) { + switch(category) { + case NDPI_PROTOCOL_CATEGORY_CUSTOM_1: + case NDPI_PROTOCOL_CATEGORY_CUSTOM_2: + case NDPI_PROTOCOL_CATEGORY_CUSTOM_3: + case NDPI_PROTOCOL_CATEGORY_CUSTOM_4: + case NDPI_PROTOCOL_CATEGORY_CUSTOM_5: + return(1); + break; + + default: + return(0); + break; + } +} + +/* ****************************************************** */ + const char* ndpi_category_str(ndpi_protocol_category_t category) { switch(category) { case NDPI_PROTOCOL_CATEGORY_MEDIA: @@ -4551,11 +4577,14 @@ const char* ndpi_category_str(ndpi_protocol_category_t category) { case NDPI_PROTOCOL_CATEGORY_VPN: return("VPN"); break; + case NDPI_PROTOCOL_CATEGORY_DATA_TRANSFER: + return("DataTransfer"); + break; case NDPI_PROTOCOL_CATEGORY_MAIL: return("Email"); break; - case NDPI_PROTOCOL_CATEGORY_FILE_TRANSFER: - return("FileTransfer"); + case NDPI_PROTOCOL_CATEGORY_P2P_DOWNLOAD_FT: + return("Download/P2P/FileTransfer/FileSharing"); break; case NDPI_PROTOCOL_CATEGORY_WEB: return("Web"); @@ -4563,9 +4592,6 @@ const char* ndpi_category_str(ndpi_protocol_category_t category) { case NDPI_PROTOCOL_CATEGORY_SOCIAL_NETWORK: return("SocialNetwork"); break; - case NDPI_PROTOCOL_CATEGORY_P2P: - return("P2P"); - break; case NDPI_PROTOCOL_CATEGORY_GAME: return("Game"); break; @@ -4596,7 +4622,7 @@ const char* ndpi_category_str(ndpi_protocol_category_t category) { case NDPI_PROTOCOL_CATEGORY_NETWORK_TOOL: return("NetworkTool"); break; - case NDPI_PROTOCOL_CATEGORY_SYSTEM: + case NDPI_PROTOCOL_CATEGORY_SYSTEM_OS: return("System"); break; case NDPI_PROTOCOL_CATEGORY_UNSPECIFIED: @@ -4605,6 +4631,21 @@ const char* ndpi_category_str(ndpi_protocol_category_t category) { case NDPI_PROTOCOL_CATEGORY_SW_UPDATE: return("SoftwareUpdate"); break; + case NDPI_PROTOCOL_CATEGORY_CUSTOM_1: + return("User custom category 1"); + break; + case NDPI_PROTOCOL_CATEGORY_CUSTOM_2: + return("User custom category 2"); + break; + case NDPI_PROTOCOL_CATEGORY_CUSTOM_3: + return("User custom category 3"); + break; + case NDPI_PROTOCOL_CATEGORY_CUSTOM_4: + return("User custom category 4"); + break; + case NDPI_PROTOCOL_CATEGORY_CUSTOM_5: + return("User custom category 5"); + break; case NDPI_PROTOCOL_NUM_CATEGORIES: return("Code should not use this internal constant"); break; |