aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--src/lib/protocols/dhcp.c30
-rw-r--r--src/lib/protocols/dns.c38
2 files changed, 35 insertions, 33 deletions
diff --git a/src/lib/protocols/dhcp.c b/src/lib/protocols/dhcp.c
index cb78c9429..8ffc04d51 100644
--- a/src/lib/protocols/dhcp.c
+++ b/src/lib/protocols/dhcp.c
@@ -35,27 +35,27 @@ static void ndpi_int_dhcp_add_connection(struct ndpi_detection_module_struct *nd
void ndpi_search_dhcp_udp(struct ndpi_detection_module_struct *ndpi_struct, struct ndpi_flow_struct *flow)
{
- struct ndpi_packet_struct *packet = &flow->packet;
+ struct ndpi_packet_struct *packet = &flow->packet;
-// struct ndpi_id_struct *src=ndpi_struct->src;
-// struct ndpi_id_struct *dst=ndpi_struct->dst;
+ // struct ndpi_id_struct *src=ndpi_struct->src;
+ // struct ndpi_id_struct *dst=ndpi_struct->dst;
- /* this detection also works for asymmetric dhcp traffic */
+ /* this detection also works for asymmetric dhcp traffic */
- /*check standard DHCP 0.0.0.0:68 -> 255.255.255.255:67 */
- if (packet->payload_packet_len >= 244 && (packet->udp->source == htons(67)
- || packet->udp->source == htons(68))
- && (packet->udp->dest == htons(67) || packet->udp->dest == htons(68))
- && get_u_int32_t(packet->payload, 236) == htonl(0x63825363)
- && get_u_int16_t(packet->payload, 240) == htons(0x3501)) {
+ /*check standard DHCP 0.0.0.0:68 -> 255.255.255.255:67 */
+ if (packet->payload_packet_len >= 244 && (packet->udp->source == htons(67)
+ || packet->udp->source == htons(68))
+ && (packet->udp->dest == htons(67) || packet->udp->dest == htons(68))
+ && get_u_int32_t(packet->payload, 236) == htonl(0x63825363)
+ && get_u_int16_t(packet->payload, 240) == htons(0x3501)) {
- NDPI_LOG(NDPI_PROTOCOL_DHCP, ndpi_struct, NDPI_LOG_DEBUG, "DHCP request\n");
+ NDPI_LOG(NDPI_PROTOCOL_DHCP, ndpi_struct, NDPI_LOG_DEBUG, "DHCP request\n");
- ndpi_int_dhcp_add_connection(ndpi_struct, flow);
- return;
- }
+ ndpi_int_dhcp_add_connection(ndpi_struct, flow);
+ return;
+ }
- NDPI_ADD_PROTOCOL_TO_BITMASK(flow->excluded_protocol_bitmask, NDPI_PROTOCOL_DHCP);
+ NDPI_ADD_PROTOCOL_TO_BITMASK(flow->excluded_protocol_bitmask, NDPI_PROTOCOL_DHCP);
}
diff --git a/src/lib/protocols/dns.c b/src/lib/protocols/dns.c
index 4c78fb4e1..c975465ea 100644
--- a/src/lib/protocols/dns.c
+++ b/src/lib/protocols/dns.c
@@ -80,24 +80,26 @@ void ndpi_search_dns(struct ndpi_detection_module_struct *ndpi_struct, struct nd
else
invalid = 1;
- if(is_query) {
- /* DNS Request */
- if((dns_header.num_queries > 0) && (dns_header.num_queries <= NDPI_MAX_DNS_REQUESTS)
- && (((dns_header.flags & 0x2800) == 0x2800 /* Dynamic DNS Update */)
- || ((dns_header.num_answers == 0) && (dns_header.authority_rrs == 0)))) {
- /* This is a good query */
- } else
- invalid = 1;
- } else {
- /* DNS Reply */
- if((dns_header.num_queries > 0) && (dns_header.num_queries <= NDPI_MAX_DNS_REQUESTS) /* Don't assume that num_queries must be zero */
- && (((dns_header.num_answers > 0) && (dns_header.num_answers <= NDPI_MAX_DNS_REQUESTS))
- || ((dns_header.authority_rrs > 0) && (dns_header.authority_rrs <= NDPI_MAX_DNS_REQUESTS))
- || ((dns_header.additional_rrs > 0) && (dns_header.additional_rrs <= NDPI_MAX_DNS_REQUESTS)))
- ) {
- /* This is a good reply */
- } else
- invalid = 1;
+ if(!invalid) {
+ if(is_query) {
+ /* DNS Request */
+ if((dns_header.num_queries > 0) && (dns_header.num_queries <= NDPI_MAX_DNS_REQUESTS)
+ && (((dns_header.flags & 0x2800) == 0x2800 /* Dynamic DNS Update */)
+ || ((dns_header.num_answers == 0) && (dns_header.authority_rrs == 0)))) {
+ /* This is a good query */
+ } else
+ invalid = 1;
+ } else {
+ /* DNS Reply */
+ if((dns_header.num_queries > 0) && (dns_header.num_queries <= NDPI_MAX_DNS_REQUESTS) /* Don't assume that num_queries must be zero */
+ && (((dns_header.num_answers > 0) && (dns_header.num_answers <= NDPI_MAX_DNS_REQUESTS))
+ || ((dns_header.authority_rrs > 0) && (dns_header.authority_rrs <= NDPI_MAX_DNS_REQUESTS))
+ || ((dns_header.additional_rrs > 0) && (dns_header.additional_rrs <= NDPI_MAX_DNS_REQUESTS)))
+ ) {
+ /* This is a good reply */
+ } else
+ invalid = 1;
+ }
}
if(invalid) {