diff options
-rw-r--r-- | src/lib/protocols/dhcp.c | 30 | ||||
-rw-r--r-- | src/lib/protocols/dns.c | 38 |
2 files changed, 35 insertions, 33 deletions
diff --git a/src/lib/protocols/dhcp.c b/src/lib/protocols/dhcp.c index cb78c9429..8ffc04d51 100644 --- a/src/lib/protocols/dhcp.c +++ b/src/lib/protocols/dhcp.c @@ -35,27 +35,27 @@ static void ndpi_int_dhcp_add_connection(struct ndpi_detection_module_struct *nd void ndpi_search_dhcp_udp(struct ndpi_detection_module_struct *ndpi_struct, struct ndpi_flow_struct *flow) { - struct ndpi_packet_struct *packet = &flow->packet; + struct ndpi_packet_struct *packet = &flow->packet; -// struct ndpi_id_struct *src=ndpi_struct->src; -// struct ndpi_id_struct *dst=ndpi_struct->dst; + // struct ndpi_id_struct *src=ndpi_struct->src; + // struct ndpi_id_struct *dst=ndpi_struct->dst; - /* this detection also works for asymmetric dhcp traffic */ + /* this detection also works for asymmetric dhcp traffic */ - /*check standard DHCP 0.0.0.0:68 -> 255.255.255.255:67 */ - if (packet->payload_packet_len >= 244 && (packet->udp->source == htons(67) - || packet->udp->source == htons(68)) - && (packet->udp->dest == htons(67) || packet->udp->dest == htons(68)) - && get_u_int32_t(packet->payload, 236) == htonl(0x63825363) - && get_u_int16_t(packet->payload, 240) == htons(0x3501)) { + /*check standard DHCP 0.0.0.0:68 -> 255.255.255.255:67 */ + if (packet->payload_packet_len >= 244 && (packet->udp->source == htons(67) + || packet->udp->source == htons(68)) + && (packet->udp->dest == htons(67) || packet->udp->dest == htons(68)) + && get_u_int32_t(packet->payload, 236) == htonl(0x63825363) + && get_u_int16_t(packet->payload, 240) == htons(0x3501)) { - NDPI_LOG(NDPI_PROTOCOL_DHCP, ndpi_struct, NDPI_LOG_DEBUG, "DHCP request\n"); + NDPI_LOG(NDPI_PROTOCOL_DHCP, ndpi_struct, NDPI_LOG_DEBUG, "DHCP request\n"); - ndpi_int_dhcp_add_connection(ndpi_struct, flow); - return; - } + ndpi_int_dhcp_add_connection(ndpi_struct, flow); + return; + } - NDPI_ADD_PROTOCOL_TO_BITMASK(flow->excluded_protocol_bitmask, NDPI_PROTOCOL_DHCP); + NDPI_ADD_PROTOCOL_TO_BITMASK(flow->excluded_protocol_bitmask, NDPI_PROTOCOL_DHCP); } diff --git a/src/lib/protocols/dns.c b/src/lib/protocols/dns.c index 4c78fb4e1..c975465ea 100644 --- a/src/lib/protocols/dns.c +++ b/src/lib/protocols/dns.c @@ -80,24 +80,26 @@ void ndpi_search_dns(struct ndpi_detection_module_struct *ndpi_struct, struct nd else invalid = 1; - if(is_query) { - /* DNS Request */ - if((dns_header.num_queries > 0) && (dns_header.num_queries <= NDPI_MAX_DNS_REQUESTS) - && (((dns_header.flags & 0x2800) == 0x2800 /* Dynamic DNS Update */) - || ((dns_header.num_answers == 0) && (dns_header.authority_rrs == 0)))) { - /* This is a good query */ - } else - invalid = 1; - } else { - /* DNS Reply */ - if((dns_header.num_queries > 0) && (dns_header.num_queries <= NDPI_MAX_DNS_REQUESTS) /* Don't assume that num_queries must be zero */ - && (((dns_header.num_answers > 0) && (dns_header.num_answers <= NDPI_MAX_DNS_REQUESTS)) - || ((dns_header.authority_rrs > 0) && (dns_header.authority_rrs <= NDPI_MAX_DNS_REQUESTS)) - || ((dns_header.additional_rrs > 0) && (dns_header.additional_rrs <= NDPI_MAX_DNS_REQUESTS))) - ) { - /* This is a good reply */ - } else - invalid = 1; + if(!invalid) { + if(is_query) { + /* DNS Request */ + if((dns_header.num_queries > 0) && (dns_header.num_queries <= NDPI_MAX_DNS_REQUESTS) + && (((dns_header.flags & 0x2800) == 0x2800 /* Dynamic DNS Update */) + || ((dns_header.num_answers == 0) && (dns_header.authority_rrs == 0)))) { + /* This is a good query */ + } else + invalid = 1; + } else { + /* DNS Reply */ + if((dns_header.num_queries > 0) && (dns_header.num_queries <= NDPI_MAX_DNS_REQUESTS) /* Don't assume that num_queries must be zero */ + && (((dns_header.num_answers > 0) && (dns_header.num_answers <= NDPI_MAX_DNS_REQUESTS)) + || ((dns_header.authority_rrs > 0) && (dns_header.authority_rrs <= NDPI_MAX_DNS_REQUESTS)) + || ((dns_header.additional_rrs > 0) && (dns_header.additional_rrs <= NDPI_MAX_DNS_REQUESTS))) + ) { + /* This is a good reply */ + } else + invalid = 1; + } } if(invalid) { |