diff options
| author | Luca Deri <deri@ntop.org> | 2022-09-21 00:03:12 +0200 |
|---|---|---|
| committer | Luca Deri <deri@ntop.org> | 2022-09-21 00:03:12 +0200 |
| commit | 1d0bc7c3506ea08fd84bb0781098193924ad1308 (patch) | |
| tree | 8da3a44bc729a8affe550f51aa5d5ab5ab2a29a9 /tests | |
| parent | a7c2734b387f6817088593f7c4e78d01dd6e0b74 (diff) | |
Finalized nBPF support. You can now define custom protocols such as
(see exaple/protos.txt)
nbpf:"host 192.168.1.1 and port 80"@HomeRouter
In order to have nBPF support, you need to compile nDPI with it. Just download
https://github.com/ntop/PF_RING in the same directory where you have downloaded
nDPI and compile PF_RING/userland/nbpf
Diffstat (limited to 'tests')
| -rw-r--r-- | tests/result/h323-overflow.pcap.out | 14 |
1 files changed, 7 insertions, 7 deletions
diff --git a/tests/result/h323-overflow.pcap.out b/tests/result/h323-overflow.pcap.out index f2a8e0bb8..4d0287b16 100644 --- a/tests/result/h323-overflow.pcap.out +++ b/tests/result/h323-overflow.pcap.out @@ -1,8 +1,8 @@ -Guessed flow protos: 1 +Guessed flow protos: 0 DPI Packets (TCP): 1 (1.00 pkts/flow) -Confidence Match by port : 1 (flows) -Num dissector calls: 126 (126.00 diss/flow) +Confidence nBPF : 1 (flows) +Num dissector calls: 0 (0.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) @@ -15,10 +15,10 @@ Automa domain: 0/0 (search/found) Automa tls cert: 0/0 (search/found) Automa risk mask: 0/0 (search/found) Automa common alpns: 0/0 (search/found) -Patricia risk mask: 2/0 (search/found) +Patricia risk mask: 0/0 (search/found) Patricia risk: 0/0 (search/found) -Patricia protocols: 2/0 (search/found) +Patricia protocols: 0/0 (search/found) -HTTP 1 58 1 +HomeRouter 1 58 1 - 1 TCP 192.168.1.1:31337 -> 192.168.1.2:80 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: Match by port][cat: Web/5][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 7/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 1 TCP 192.168.1.1:31337 -> 192.168.1.2:80 [proto: 316/HomeRouter][IP: 0/Unknown][ClearText][Confidence: nBPF][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 7/0][< 1 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] |