diff options
| author | Luca Deri <deri@ntop.org> | 2022-05-04 16:27:36 +0200 |
|---|---|---|
| committer | Luca Deri <deri@ntop.org> | 2022-05-04 16:27:36 +0200 |
| commit | 434c38c74d20571437d92c0c06874ff4aa443c16 (patch) | |
| tree | ec44a8e1439d0a498a3c275a7ca7e1db4f44afa9 /src | |
| parent | 5996cf1725a6be57e1dce975303502ee447333b9 (diff) | |
Added extra check to make sure that the guessed protocol is the one we expect and not another one
Diffstat (limited to 'src')
| -rw-r--r-- | src/lib/ndpi_main.c | 10 |
1 files changed, 6 insertions, 4 deletions
diff --git a/src/lib/ndpi_main.c b/src/lib/ndpi_main.c index 8fa10edc8..9d155cf02 100644 --- a/src/lib/ndpi_main.c +++ b/src/lib/ndpi_main.c @@ -6096,10 +6096,11 @@ ndpi_protocol ndpi_detection_process_packet(struct ndpi_detection_module_struct } /* for */ if(!found) { - ndpi_default_ports_tree_node_t *ret = ndpi_get_guessed_protocol_id(ndpi_str, packet->udp ? IPPROTO_UDP : IPPROTO_TCP, + ndpi_default_ports_tree_node_t *r = ndpi_get_guessed_protocol_id(ndpi_str, packet->udp ? IPPROTO_UDP : IPPROTO_TCP, sport, dport); - if(ret == NULL) + if((r == NULL) + || ((r->proto->protoId != ret.app_protocol) && (r->proto->protoId != ret.master_protocol))) ndpi_set_risk(ndpi_str, flow, NDPI_KNOWN_PROTOCOL_ON_NON_STANDARD_PORT); } } @@ -6125,10 +6126,11 @@ ndpi_protocol ndpi_detection_process_packet(struct ndpi_detection_module_struct } if(!found) { - ndpi_default_ports_tree_node_t *ret = ndpi_get_guessed_protocol_id(ndpi_str, packet->udp ? IPPROTO_UDP : IPPROTO_TCP, + ndpi_default_ports_tree_node_t *r = ndpi_get_guessed_protocol_id(ndpi_str, packet->udp ? IPPROTO_UDP : IPPROTO_TCP, sport, dport); - if(ret == NULL) + if((r == NULL) + || ((r->proto->protoId != ret.app_protocol) && (r->proto->protoId != ret.master_protocol))) ndpi_set_risk(ndpi_str, flow, NDPI_KNOWN_PROTOCOL_ON_NON_STANDARD_PORT); } } |