Merge branch 'huniyaarif1-dev' into dev

author: Campus <campus@ntop.org> 2017-09-14 11:45:11 +0200
committer: Campus <campus@ntop.org> 2017-09-14 11:45:11 +0200
commit: b4d535e184c91bc0d14292d7db2ec23a253b5fae (patch)
tree: 00af21bda6af75173330d30647e164459ed26d41 /src
parent: 8a6a8ea07ec9ca8bd90f789b5fcc1d29c80d1562 (diff)
parent: f7e9264c36d0e94844a645588cddaafa192fd48d (diff)
6 files changed, 82 insertions, 2 deletions
diff --git a/src/include/ndpi_main.h b/src/include/ndpi_main.h
index 24bdcb171..79eeab8f1 100644
--- a/src/include/ndpi_main.h
+++ b/src/include/ndpi_main.h
@@ -28,8 +28,8 @@
 #include "ndpi_define.h"
 #include "ndpi_protocol_ids.h"
 #include "ndpi_typedefs.h"
-#include "ndpi_protocols.h"
 #include "ndpi_api.h"
+#include "ndpi_protocols.h"
 
 #ifdef __cplusplus
 extern "C" {
diff --git a/src/include/ndpi_protocol_ids.h b/src/include/ndpi_protocol_ids.h
index 1ba8d3b89..bd0c8e999 100644
--- a/src/include/ndpi_protocol_ids.h
+++ b/src/include/ndpi_protocol_ids.h
@@ -273,9 +273,10 @@
 #define NDPI_PROTOCOL_LINKEDIN              233 /* Paulo Angelo <pa@pauloangelo.com> */
 #define NDPI_PROTOCOL_SOUNDCLOUD            234
 #define NDPI_PROTOCOL_CSGO                  235 /* Counter-Strike Global Offensive, Dota 2 */
+#define NDPI_PROTOCOL_LISP	            236
 
 /* UPDATE UPDATE UPDATE UPDATE UPDATE UPDATE UPDATE UPDATE UPDATE */
-#define NDPI_LAST_IMPLEMENTED_PROTOCOL              NDPI_PROTOCOL_CSGO
+#define NDPI_LAST_IMPLEMENTED_PROTOCOL              NDPI_PROTOCOL_LISP
 
 #define NDPI_MAX_SUPPORTED_PROTOCOLS                (NDPI_LAST_IMPLEMENTED_PROTOCOL + 1)
 #define NDPI_MAX_NUM_CUSTOM_PROTOCOLS               (NDPI_NUM_BITS-NDPI_LAST_IMPLEMENTED_PROTOCOL)
diff --git a/src/include/ndpi_protocols.h b/src/include/ndpi_protocols.h
index adfd19b17..ef248027a 100644
--- a/src/include/ndpi_protocols.h
+++ b/src/include/ndpi_protocols.h
@@ -53,6 +53,7 @@ void ndpi_search_tcp_or_udp(struct ndpi_detection_module_struct *ndpi_struct, st
 
 /* Applications and other protocols. */
 void ndpi_search_bittorrent(struct ndpi_detection_module_struct *ndpi_struct, struct ndpi_flow_struct *flow);
+void ndpi_search_lisp(struct ndpi_detection_module_struct *ndpi_struct, struct ndpi_flow_struct *flow);
 void ndpi_search_edonkey(struct ndpi_detection_module_struct *ndpi_struct, struct ndpi_flow_struct *flow);
 void ndpi_search_fasttrack_tcp(struct ndpi_detection_module_struct *ndpi_struct, struct ndpi_flow_struct *flow);
 void ndpi_search_gnutella(struct ndpi_detection_module_struct *ndpi_struct, struct ndpi_flow_struct *flow);
@@ -209,6 +210,7 @@ void init_amqp_dissector(struct ndpi_detection_module_struct *ndpi_struct, u_int
 void init_battlefield_dissector(struct ndpi_detection_module_struct *ndpi_struct, u_int32_t *id, NDPI_PROTOCOL_BITMASK *detection_bitmask);
 void init_bgp_dissector(struct ndpi_detection_module_struct *ndpi_struct, u_int32_t *id, NDPI_PROTOCOL_BITMASK *detection_bitmask);
 void init_bittorrent_dissector(struct ndpi_detection_module_struct *ndpi_struct, u_int32_t *id, NDPI_PROTOCOL_BITMASK *detection_bitmask);
+void init_lisp_dissector(struct ndpi_detection_module_struct *ndpi_struct, u_int32_t *id, NDPI_PROTOCOL_BITMASK *detection_bitmask);
 void init_teredo_dissector(struct ndpi_detection_module_struct *ndpi_struct, u_int32_t *id, NDPI_PROTOCOL_BITMASK *detection_bitmask);
 void init_ciscovpn_dissector(struct ndpi_detection_module_struct *ndpi_struct, u_int32_t *id, NDPI_PROTOCOL_BITMASK *detection_bitmask);
 void init_citrix_dissector(struct ndpi_detection_module_struct *ndpi_struct, u_int32_t *id, NDPI_PROTOCOL_BITMASK *detection_bitmask);
diff --git a/src/lib/Makefile.am b/src/lib/Makefile.am
index 740e3ee48..c2b4e4b13 100644
--- a/src/lib/Makefile.am
+++ b/src/lib/Makefile.am
@@ -71,6 +71,7 @@ libndpi_la_SOURCES = ndpi_content_match.c.inc \
 		     protocols/kontiki.c \
 		     protocols/ldap.c \
 		     protocols/lotus_notes.c \
+		     protocols/lisp.c \
 		     protocols/mail_imap.c \
 		     protocols/mail_pop.c \
 		     protocols/mail_smtp.c \
diff --git a/src/lib/ndpi_main.c b/src/lib/ndpi_main.c
index ffb4ed909..26983f0a8 100644
--- a/src/lib/ndpi_main.c
+++ b/src/lib/ndpi_main.c
@@ -1390,6 +1390,11 @@ static void ndpi_init_protocol_defaults(struct ndpi_detection_module_struct *ndp
 			    no_master, "Dropbox", NDPI_PROTOCOL_CATEGORY_CLOUD,
 			    ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */,
 			    ndpi_build_default_ports(ports_b, 17500, 0, 0, 0, 0) /* UDP */);
+    ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_LISP,
+			    no_master,
+			    no_master, "LISP", NDPI_PROTOCOL_CATEGORY_CLOUD,
+			    ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */,
+			    ndpi_build_default_ports(ports_b, 4342, 4341, 0, 0, 0) /* UDP */);
     ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_EAQ,
 			    no_master,
 			    no_master, "EAQ", NDPI_PROTOCOL_CATEGORY_NETWORK,
@@ -2735,6 +2740,9 @@ void ndpi_set_protocol_detection_bitmask2(struct ndpi_detection_module_struct *n
   /* CSGO */
   init_csgo_dissector(ndpi_struct, &a, detection_bitmask);
 
+  /* LISP */
+  init_lisp_dissector(ndpi_struct, &a, detection_bitmask);
+
   /* ----------------------------------------------------------------- */
 
   ndpi_struct->callback_buffer_size = a;
diff --git a/src/lib/protocols/lisp.c b/src/lib/protocols/lisp.c
new file mode 100644
index 000000000..531f7f68f
--- /dev/null
+++ b/src/lib/protocols/lisp.c
@@ -0,0 +1,68 @@
+#include "ndpi_api.h"
+#ifdef NDPI_PROTOCOL_LISP
+
+#define LISP_PORT 4341
+#define LISP_PORT1 4342
+
+static void ndpi_int_lisp_add_connection(struct ndpi_detection_module_struct *ndpi_struct,
+					    struct ndpi_flow_struct *flow,
+					    u_int8_t due_to_correlation)
+{
+
+  ndpi_set_detected_protocol(ndpi_struct, flow, NDPI_PROTOCOL_LISP, NDPI_PROTOCOL_UNKNOWN);
+}
+
+static void ndpi_check_lisp(struct ndpi_detection_module_struct *ndpi_struct, struct ndpi_flow_struct *flow)
+{
+
+  struct ndpi_packet_struct *packet = &flow->packet;  
+  u_int32_t payload_len = packet->payload_packet_len;
+
+   if(packet->udp != NULL) {
+
+    u_int16_t lisp_port = htons(LISP_PORT);
+    u_int16_t lisp_port1 = htons(LISP_PORT1);
+    
+    if(((packet->udp->source == lisp_port)
+       && (packet->udp->dest == lisp_port)) || 
+	((packet->udp->source == lisp_port1)
+       && (packet->udp->dest == lisp_port1)) ) {
+     
+	  NDPI_LOG(NDPI_PROTOCOL_LISP, ndpi_struct, NDPI_LOG_DEBUG, "Found lisp.\n");
+	  ndpi_int_lisp_add_connection(ndpi_struct, flow, 0);
+	  return;
+
+      }
+    }
+
+  NDPI_LOG(NDPI_PROTOCOL_lisp, ndpi_struct, NDPI_LOG_DEBUG, "exclude lisp.\n");
+  NDPI_ADD_PROTOCOL_TO_BITMASK(flow->excluded_protocol_bitmask, NDPI_PROTOCOL_LISP);
+}
+
+void ndpi_search_lisp(struct ndpi_detection_module_struct *ndpi_struct, struct ndpi_flow_struct *flow)
+{
+  struct ndpi_packet_struct *packet = &flow->packet;
+
+  NDPI_LOG(NDPI_PROTOCOL_LISP, ndpi_struct, NDPI_LOG_DEBUG, "lisp detection...\n");
+
+  /* skip marked packets */
+  if (packet->detected_protocol_stack[0] != NDPI_PROTOCOL_LISP) {
+ 
+      ndpi_check_lisp(ndpi_struct, flow);
+   
+  }
+}
+
+
+void init_lisp_dissector(struct ndpi_detection_module_struct *ndpi_struct, u_int32_t *id, NDPI_PROTOCOL_BITMASK *detection_bitmask) 
+{
+  ndpi_set_bitmask_protocol_detection("LISP", ndpi_struct, detection_bitmask, *id,
+				      NDPI_PROTOCOL_LISP,
+				      ndpi_search_lisp,
+				      NDPI_SELECTION_BITMASK_PROTOCOL_UDP_WITH_PAYLOAD,
+				      SAVE_DETECTION_BITMASK_AS_UNKNOWN,
+				      ADD_TO_DETECTION_BITMASK);
+  *id += 1;
+}
+
+#endif
author	Campus <campus@ntop.org>	2017-09-14 11:45:11 +0200
committer	Campus <campus@ntop.org>	2017-09-14 11:45:11 +0200
commit	b4d535e184c91bc0d14292d7db2ec23a253b5fae (patch)
tree	00af21bda6af75173330d30647e164459ed26d41 /src
parent	8a6a8ea07ec9ca8bd90f789b5fcc1d29c80d1562 (diff)
parent	f7e9264c36d0e94844a645588cddaafa192fd48d (diff)