Add configuration of TCP fingerprint computation (#2598)

Extend configuration of raw format of JA4C fingerprint

2 files changed, 5 insertions, 1 deletions

diff --git a/src/include/ndpi_private.h b/src/include/ndpi_private.h
index a72a956d7..362e6aaf0 100644
--- a/src/include/ndpi_private.h
+++ b/src/include/ndpi_private.h
@@ -204,6 +204,7 @@ struct ndpi_detection_module_config_struct {
   int guess_ip_before_port;
   int use_client_ip_in_guess;
   int use_client_port_in_guess;
+  int tcp_fingerprint_enabled;
   
   char filename_config[CFG_MAX_LEN];
 
diff --git a/src/lib/ndpi_main.c b/src/lib/ndpi_main.c
index 2d855685f..93fd90321 100644
--- a/src/lib/ndpi_main.c
+++ b/src/lib/ndpi_main.c
@@ -6919,7 +6919,8 @@ static int ndpi_init_packet(struct ndpi_detection_module_struct *ndpi_str,
     tcp_header_len = packet->tcp->doff * 4;
 
     if(l4_packet_len >= tcp_header_len) {
-      if(flow->tcp.fingerprint == NULL) {
+      if(ndpi_str->cfg.tcp_fingerprint_enabled &&
+         flow->tcp.fingerprint == NULL) {
 	u_int8_t *t = (u_int8_t*)packet->tcp;
 	u_int16_t flags = ntohs(*((u_int16_t*)&t[12]));
 
@@ -11511,6 +11512,8 @@ static const struct cfg_param {
   { NULL,            "dpi.address_cache_size",                  "0", "0", "16777215", CFG_PARAM_INT, __OFF(address_cache_size), NULL },
   { NULL,            "fpc",                                     "1", NULL, NULL, CFG_PARAM_ENABLE_DISABLE, __OFF(fpc_enabled), NULL },
 
+  { NULL,            "metadata.tcp_fingerprint",                "enable", NULL, NULL, CFG_PARAM_ENABLE_DISABLE, __OFF(tcp_fingerprint_enabled), NULL },
+
   { NULL,            "flow_risk_lists.load",                    "1", NULL, NULL, CFG_PARAM_ENABLE_DISABLE, __OFF(flow_risk_lists_enabled), NULL },
 
   { NULL,            "flow_risk.anonymous_subscriber.list.icloudprivaterelay.load", "1", NULL, NULL, CFG_PARAM_ENABLE_DISABLE, __OFF(risk_anonymous_subscriber_list_icloudprivaterelay_enabled), NULL },