diff options
| -rw-r--r-- | example/ndpiReader.c | 11 | ||||
| -rw-r--r-- | example/reader_util.c | 31 |
2 files changed, 32 insertions, 10 deletions
diff --git a/example/ndpiReader.c b/example/ndpiReader.c index 7f6271435..8a59b77e3 100644 --- a/example/ndpiReader.c +++ b/example/ndpiReader.c @@ -91,13 +91,12 @@ static ndpi_serialization_format serialization_format = ndpi_serialization_forma static char* domain_to_check = NULL; static char* ip_port_to_check = NULL; static u_int8_t ignore_vlanid = 0; - FILE *fingerprint_fp = NULL; /**< for flow fingerprint export */ - /** User preferences **/ u_int8_t enable_realtime_output = 0, enable_protocol_guess = NDPI_GIVEUP_GUESS_BY_PORT | NDPI_GIVEUP_GUESS_BY_IP, enable_payload_analyzer = 0, num_bin_clusters = 0, extcap_exit = 0; u_int8_t verbose = 0, enable_flow_stats = 0; +bool do_load_lists = false; struct cfg { char *proto; @@ -1122,11 +1121,13 @@ static void parseOptions(int argc, char **argv) { printf("Unable to write on fingerprint file %s: %s\n", optarg, strerror(errno)); exit(1); } - + if(reader_add_cfg("tls", "metadata.ja4r_fingerprint", "1", 1) == -1) { printf("Unable to enable JA4r fingerprints\n"); exit(1); } + + do_load_lists = true; break; case 'i': @@ -1453,7 +1454,7 @@ static void parseOptions(int argc, char **argv) { exit(0); printCSVHeader(); - + #ifndef USE_DPDK if(do_extcap_capture) { quiet_mode = 1; @@ -6175,7 +6176,7 @@ void ballTreeUnitTest() { num_columns, nun_results); assert(result.n_samples == 2); - + for (i = 0; i < result.n_samples; i++) { printf("{\"knn_idx\": ["); for (j = 0; j < result.n_neighbors; j++) diff --git a/example/reader_util.c b/example/reader_util.c index d38850fc4..287f133cd 100644 --- a/example/reader_util.c +++ b/example/reader_util.c @@ -43,6 +43,7 @@ #include <netinet/ip.h> #endif #include <assert.h> +#include <sys/stat.h> #include "reader_util.h" @@ -81,7 +82,7 @@ static u_int32_t flow_id = 0; extern FILE *fingerprint_fp; u_int8_t enable_doh_dot_detection = 0; - +extern bool do_load_lists; extern int malloc_size_stats; /* ****************************************************** */ @@ -409,6 +410,23 @@ int parse_proto_name_list(char *str, NDPI_PROTOCOL_BITMASK *bitmask, int inverte /* ***************************************************** */ +bool load_public_lists(struct ndpi_detection_module_struct *ndpi_str) { + char *lists_path = "../lists/public_suffix_list.dat"; + struct stat st; + + if(stat(lists_path, &st) != 0) + lists_path = &lists_path[1]; /* use local file */ + + if(stat(lists_path, &st) == 0) { + if(ndpi_load_domain_suffixes(ndpi_str, (char*)lists_path) == 0) + return(true); + } + + return(false); +} + +/* ***************************************************** */ + struct ndpi_workflow* ndpi_workflow_init(const struct ndpi_workflow_prefs * prefs, pcap_t * pcap_handle, int do_init_flows_root, ndpi_serialization_format serialization_format, @@ -447,6 +465,9 @@ struct ndpi_workflow* ndpi_workflow_init(const struct ndpi_workflow_prefs * pref workflow->ndpi_serialization_format = serialization_format; + if(do_load_lists) + load_public_lists(module); + return workflow; } @@ -1049,12 +1070,12 @@ static void dump_flow_fingerprint(struct ndpi_workflow * workflow, struct ndpi_flow_info *flow) { ndpi_serializer serializer; bool rc; - + if(ndpi_init_serializer(&serializer, ndpi_serialization_format_json) == -1) return; ndpi_serialize_start_of_block(&serializer, "fingerprint"); - rc = ndpi_serialize_flow_fingerprint(flow->ndpi_flow, &serializer); + rc = ndpi_serialize_flow_fingerprint(workflow->ndpi_struct, flow->ndpi_flow, &serializer); ndpi_serialize_end_of_block(&serializer); if(rc) { @@ -1074,8 +1095,8 @@ static void dump_flow_fingerprint(struct ndpi_workflow * workflow, buffer = ndpi_serializer_get_buffer(&serializer, &buffer_len); fprintf(fingerprint_fp, "%s\n", buffer); } - - ndpi_term_serializer(&serializer); + + ndpi_term_serializer(&serializer); } /* ****************************************************** */ |