Various improvements in particular for CapWAP and Bloomberg

author: Luca Deri <deri@ntop.org> 2019-10-27 23:05:24 +0100
committer: Luca Deri <deri@ntop.org> 2019-10-27 23:05:24 +0100
commit: ecdb7cdc55ad7cbfce42b7ef3052d406ba249fee (patch)
tree: 410a4b68723256bd3685bb0c7b7f6ce326d5b55e /src
parent: fd38b752c4012c654dc51e8f835b83ee48c380ed (diff)
3 files changed, 26 insertions, 6 deletions
diff --git a/src/include/ndpi_protocol_ids.h b/src/include/ndpi_protocol_ids.h
index 7a4ceb22f..758609030 100644
--- a/src/include/ndpi_protocol_ids.h
+++ b/src/include/ndpi_protocol_ids.h
@@ -282,6 +282,7 @@ typedef enum {
   NDPI_PROTOCOL_104                   = 245,
   NDPI_PROTOCOL_BLOOMBERG             = 246,
   NDPI_PROTOCOL_CAPWAP                = 247,
+  NDPI_PROTOCOL_ZABBIX                = 248,
   
 /*
     IMPORTANT
diff --git a/src/lib/ndpi_content_match.c.inc b/src/lib/ndpi_content_match.c.inc
index d095e14ff..b5b3a9952 100644
--- a/src/lib/ndpi_content_match.c.inc
+++ b/src/lib/ndpi_content_match.c.inc
@@ -359,6 +359,7 @@ static ndpi_network host_protocol_list[] = {
   { 0x1F0D4934 /* 31.13.73.52/32 */, 32, NDPI_PROTOCOL_WHATSAPP },
   { 0x1F0D4A34 /* 31.13.74.52/32 */, 32, NDPI_PROTOCOL_WHATSAPP },
   { 0x1F0D4F35 /* 31.13.79.53/32 */, 32, NDPI_PROTOCOL_WHATSAPP },
+
   /* Files */
   { 0xB93CD835 /* 185.60.216.53/32 */, 32, NDPI_PROTOCOL_WHATSAPP_FILES },
   { 0xB93CD836 /* 185.60.216.54/32 */, 32, NDPI_PROTOCOL_WHATSAPP_FILES },
@@ -8308,6 +8309,20 @@ static ndpi_network host_protocol_list[] = {
   { 0xA7CEDA82 /* 167.206.218.130/32*/, 32, NDPI_PROTOCOL_PS_VUE },
   { 0xA7CEDA8A /* 167.206.218.138/32*/, 32, NDPI_PROTOCOL_PS_VUE },
 
+  /* Bloomberg */
+  { 0xD086A100 /* 208.134.161.0/24 */, 24, NDPI_PROTOCOL_BLOOMBERG },
+  { 0xCDB7F600 /* 205.183.246.0/24 */, 24, NDPI_PROTOCOL_BLOOMBERG },
+  { 0xC769B000 /* 199.105.176.0/21 */, 21, NDPI_PROTOCOL_BLOOMBERG },
+  { 0xC769B800 /* 199.105.184.0/23 */, 23, NDPI_PROTOCOL_BLOOMBERG },
+  { 0x45B80000 /* 69.184.0.0/13 */,    13, NDPI_PROTOCOL_BLOOMBERG },
+  { 0xA02B0000 /* 160.43.0.0/16 */,    24, NDPI_PROTOCOL_BLOOMBERG },
+  { 0xCE9C3500 /* 206.156.53.0/24 */,  24, NDPI_PROTOCOL_BLOOMBERG },
+  { 0xCDD87000 /* 205.216.112.0/24 */, 24, NDPI_PROTOCOL_BLOOMBERG },
+  { 0xD0163800 /* 208.22.56.0/24 */,   24, NDPI_PROTOCOL_BLOOMBERG },
+  { 0xD0163900 /* 208.22.57.0/24 */,   24, NDPI_PROTOCOL_BLOOMBERG },
+  { 0x45BFC000 /* 69.191.192.0/18 */,  18, NDPI_PROTOCOL_BLOOMBERG },
+  
+  /* End */
   { 0x0, 0, 0 }
 };
 
diff --git a/src/lib/ndpi_main.c b/src/lib/ndpi_main.c
index 25d81c142..b65a1f36f 100644
--- a/src/lib/ndpi_main.c
+++ b/src/lib/ndpi_main.c
@@ -1234,7 +1234,7 @@ static void ndpi_init_protocol_defaults(struct ndpi_detection_module_struct *ndp
 			    0 /* can_have_a_subprotocol */, no_master,
 			    no_master, "RDP", NDPI_PROTOCOL_CATEGORY_REMOTE_ACCESS,
 			    ndpi_build_default_ports(ports_a, 3389, 0, 0, 0, 0) /* TCP */,
-			    ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */);
+			    ndpi_build_default_ports(ports_b, 3389, 0, 0, 0, 0) /* UDP */);
     ndpi_set_proto_defaults(ndpi_str, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_VNC,
 			    0 /* can_have_a_subprotocol */, no_master,
 			    no_master, "VNC", NDPI_PROTOCOL_CATEGORY_REMOTE_ACCESS,
@@ -1758,19 +1758,23 @@ static void ndpi_init_protocol_defaults(struct ndpi_detection_module_struct *ndp
 			    no_master, "104", NDPI_PROTOCOL_CATEGORY_NETWORK, /* Perhaps IoT in the future */
 			    ndpi_build_default_ports(ports_a, 2404, 0, 0, 0, 0) /* TCP */,
 			    ndpi_build_default_ports(ports_b, 0,   0, 0, 0, 0) /* UDP */);
-
-
     ndpi_set_proto_defaults(ndpi_str, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_BLOOMBERG,
 			    1 /* no subprotocol */, no_master,
 			    no_master, "Bloomberg", NDPI_PROTOCOL_CATEGORY_NETWORK,
 			    ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */,
-			    ndpi_build_default_ports(ports_b, 0,   0, 0, 0, 0) /* UDP */);
-    
+			    ndpi_build_default_ports(ports_b, 0,   0, 0, 0, 0) /* UDP */);    
     ndpi_set_proto_defaults(ndpi_str, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_CAPWAP,
 			    1 /* no subprotocol */, no_master,
 			    no_master, "CAPWAP", NDPI_PROTOCOL_CATEGORY_NETWORK,
 			    ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */,
-			    // ndpi_build_default_ports(ports_b, 5246, 5247, 0, 0, 0) /* UDP */
+			    ndpi_build_default_ports(ports_b, 5246, 5247, 0, 0, 0) /* UDP */
+			    );
+
+    /* TODO: Needs a pcap file for Zabbix */
+    ndpi_set_proto_defaults(ndpi_str, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_ZABBIX,
+			    1 /* no subprotocol */, no_master,
+			    no_master, "Zabbix", NDPI_PROTOCOL_CATEGORY_NETWORK,
+			    ndpi_build_default_ports(ports_a, 10050, 0, 0, 0, 0) /* TCP */,
 			    ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */
 			    );
author	Luca Deri <deri@ntop.org>	2019-10-27 23:05:24 +0100
committer	Luca Deri <deri@ntop.org>	2019-10-27 23:05:24 +0100
commit	ecdb7cdc55ad7cbfce42b7ef3052d406ba249fee (patch)
tree	410a4b68723256bd3685bb0c7b7f6ce326d5b55e /src
parent	fd38b752c4012c654dc51e8f835b83ee48c380ed (diff)