If `NDPI_KNOWN_PROTOCOL_ON_NON_STANDARD_PORT` risk is disabled, avoid some work (#2899)

3 files changed, 5 insertions, 1 deletions

diff --git a/src/include/ndpi_private.h b/src/include/ndpi_private.h
index ef9f110d8..8d963149e 100644
--- a/src/include/ndpi_private.h
+++ b/src/include/ndpi_private.h
@@ -620,6 +620,7 @@ struct ndpi_detection_module_struct {
 /* Generic */
 
 int is_proto_enabled(struct ndpi_detection_module_struct *ndpi_str, int protoId);
+int is_flowrisk_enabled(struct ndpi_detection_module_struct *ndpi_str, ndpi_risk_enum flowrisk_id);
 
 void register_dissector(char *dissector_name, struct ndpi_detection_module_struct *ndpi_str,
                         void (*func)(struct ndpi_detection_module_struct *,
diff --git a/src/lib/ndpi_main.c b/src/lib/ndpi_main.c
index 57de07ce6..117689656 100644
--- a/src/lib/ndpi_main.c
+++ b/src/lib/ndpi_main.c
@@ -9678,6 +9678,9 @@ static void check_proto_on_non_std_port_risk(struct ndpi_detection_module_struct
   default_ports_tree_node_t *found;
   ndpi_port_range *default_ports;
 
+  if(!is_flowrisk_enabled(ndpi_str, NDPI_KNOWN_PROTOCOL_ON_NON_STANDARD_PORT))
+    return;
+
   if(packet->udp)
     found = ndpi_get_guessed_protocol_id(ndpi_str, IPPROTO_UDP,
                                          ntohs(flow->c_port),
diff --git a/src/lib/ndpi_utils.c b/src/lib/ndpi_utils.c
index 4e3d9f582..8844bf7d7 100644
--- a/src/lib/ndpi_utils.c
+++ b/src/lib/ndpi_utils.c
@@ -3020,7 +3020,7 @@ static u_int8_t ndpi_check_ipv6_exception(struct ndpi_detection_module_struct *n
 
 /* ********************************************************************************* */
 
-static int is_flowrisk_enabled(struct ndpi_detection_module_struct *ndpi_str, ndpi_risk_enum flowrisk_id)
+int is_flowrisk_enabled(struct ndpi_detection_module_struct *ndpi_str, ndpi_risk_enum flowrisk_id)
 {
   if(ndpi_bitmask_is_set(&ndpi_str->cfg.flowrisk_bitmask, flowrisk_id) == 0)
     return 0;