diff options
| author | Toni <matzeton@googlemail.com> | 2021-10-27 09:22:19 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-10-27 09:22:19 +0200 |
| commit | c4eebaaf5eaf54bb5f2656a504a4485ace1d0da4 (patch) | |
| tree | 633b7e0143b3a6f6c2589b06916076562414dacc /src | |
| parent | f41d8ac1068ac66f2e444f3107cb5bc6a65da8ec (diff) | |
Serialize additional information stored in the flow struct. (#1362)
* Changed function signature of ndpi_flow2json (removed unused vlan_id; API break)
* Serialize NTP information.
* Improved QUIC serialization.
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
Diffstat (limited to 'src')
| -rw-r--r-- | src/include/ndpi_api.h.in | 2 | ||||
| -rw-r--r-- | src/lib/ndpi_utils.c | 13 |
2 files changed, 12 insertions, 3 deletions
diff --git a/src/include/ndpi_api.h.in b/src/include/ndpi_api.h.in index e9d34d821..68dd320a4 100644 --- a/src/include/ndpi_api.h.in +++ b/src/include/ndpi_api.h.in @@ -1014,7 +1014,7 @@ extern "C" { int ndpi_flow2json(struct ndpi_detection_module_struct *ndpi_struct, struct ndpi_flow_struct *flow, u_int8_t ip_version, - u_int8_t l4_protocol, u_int16_t vlan_id, + u_int8_t l4_protocol, u_int32_t src_v4, u_int32_t dst_v4, struct ndpi_in6_addr *src_v6, struct ndpi_in6_addr *dst_v6, u_int16_t src_port, u_int16_t dst_port, diff --git a/src/lib/ndpi_utils.c b/src/lib/ndpi_utils.c index 76b427e87..a9361f7c5 100644 --- a/src/lib/ndpi_utils.c +++ b/src/lib/ndpi_utils.c @@ -1189,6 +1189,13 @@ int ndpi_dpi2json(struct ndpi_detection_module_struct *ndpi_struct, ndpi_serialize_end_of_block(serializer); break; + case NDPI_PROTOCOL_NTP: + ndpi_serialize_start_of_block(serializer, "ntp"); + ndpi_serialize_string_uint32(serializer, "request_code", flow->protos.ntp.request_code); + ndpi_serialize_string_uint32(serializer, "version", flow->protos.ntp.request_code); + ndpi_serialize_end_of_block(serializer); + break; + case NDPI_PROTOCOL_MDNS: ndpi_serialize_start_of_block(serializer, "mdns"); ndpi_serialize_string_string(serializer, "answer", (const char*)flow->host_server_name); @@ -1234,6 +1241,8 @@ int ndpi_dpi2json(struct ndpi_detection_module_struct *ndpi_struct, if(flow->protos.tls_quic_stun.tls_quic.client_requested_server_name[0] != '\0') ndpi_serialize_string_string(serializer, "client_requested_server_name", flow->protos.tls_quic_stun.tls_quic.client_requested_server_name); + if(flow->protos.tls_quic_stun.tls_quic.server_names) + ndpi_serialize_string_string(serializer, "server_names", flow->protos.tls_quic_stun.tls_quic.server_names); if(flow->http.user_agent) ndpi_serialize_string_string(serializer, "user_agent", flow->http.user_agent); if(flow->protos.tls_quic_stun.tls_quic.ssl_version) { @@ -1329,7 +1338,7 @@ int ndpi_dpi2json(struct ndpi_detection_module_struct *ndpi_struct, ndpi_serialize_string_string(serializer, "issuerDN", flow->protos.tls_quic_stun.tls_quic.issuerDN); if(flow->protos.tls_quic_stun.tls_quic.subjectDN) - ndpi_serialize_string_string(serializer, "issuerDN", flow->protos.tls_quic_stun.tls_quic.subjectDN); + ndpi_serialize_string_string(serializer, "subjectDN", flow->protos.tls_quic_stun.tls_quic.subjectDN); if(flow->protos.tls_quic_stun.tls_quic.alpn) ndpi_serialize_string_string(serializer, "alpn", flow->protos.tls_quic_stun.tls_quic.alpn); @@ -1363,7 +1372,7 @@ int ndpi_dpi2json(struct ndpi_detection_module_struct *ndpi_struct, int ndpi_flow2json(struct ndpi_detection_module_struct *ndpi_struct, struct ndpi_flow_struct *flow, u_int8_t ip_version, - u_int8_t l4_protocol, u_int16_t vlan_id, + u_int8_t l4_protocol, u_int32_t src_v4, u_int32_t dst_v4, struct ndpi_in6_addr *src_v6, struct ndpi_in6_addr *dst_v6, u_int16_t src_port, u_int16_t dst_port, |