diff options
| -rw-r--r-- | src/lib/protocols/bittorrent.c | 14 | ||||
| -rw-r--r-- | tests/pcap/bittorrent_tcp_miss.pcapng | bin | 0 -> 100580 bytes | |||
| -rw-r--r-- | tests/result/bittorrent_tcp_miss.pcapng.out | 25 |
3 files changed, 26 insertions, 13 deletions
diff --git a/src/lib/protocols/bittorrent.c b/src/lib/protocols/bittorrent.c index 64e46a4ed..40268cb90 100644 --- a/src/lib/protocols/bittorrent.c +++ b/src/lib/protocols/bittorrent.c @@ -154,8 +154,6 @@ static u_int8_t ndpi_int_search_bittorrent_tcp_zero(struct ndpi_detection_module u_int16_t a = 0; if(packet->payload_packet_len == 1 && packet->payload[0] == 0x13) { - /* reset stage back to 0 so we will see the next packet here too */ - flow->bittorrent_stage = 0; return 0; } @@ -418,17 +416,7 @@ static void ndpi_int_search_bittorrent_tcp(struct ndpi_detection_module_struct * return; } - if(flow->bittorrent_stage == 0 && packet->payload_packet_len != 0) { - /* exclude stage 0 detection from next run */ - flow->bittorrent_stage = 1; - if(ndpi_int_search_bittorrent_tcp_zero(ndpi_struct, flow) != 0) { - NDPI_LOG_DBG2(ndpi_struct, "stage 0 has detected something, returning\n"); - return; - } - - NDPI_LOG_DBG2(ndpi_struct, "stage 0 has no direct detection, fall through\n"); - } - return; + ndpi_int_search_bittorrent_tcp_zero(ndpi_struct, flow); } /* ************************************* */ diff --git a/tests/pcap/bittorrent_tcp_miss.pcapng b/tests/pcap/bittorrent_tcp_miss.pcapng Binary files differnew file mode 100644 index 000000000..55acf2e5e --- /dev/null +++ b/tests/pcap/bittorrent_tcp_miss.pcapng diff --git a/tests/result/bittorrent_tcp_miss.pcapng.out b/tests/result/bittorrent_tcp_miss.pcapng.out new file mode 100644 index 000000000..a29585767 --- /dev/null +++ b/tests/result/bittorrent_tcp_miss.pcapng.out @@ -0,0 +1,25 @@ +Guessed flow protos: 0 + +DPI Packets (TCP): 10 (10.00 pkts/flow) +Confidence DPI : 1 (flows) +Num dissector calls: 220 (220.00 diss/flow) +LRU cache ookla: 0/0/0 (insert/search/found) +LRU cache bittorrent: 5/0/0 (insert/search/found) +LRU cache zoom: 0/0/0 (insert/search/found) +LRU cache stun: 0/0/0 (insert/search/found) +LRU cache tls_cert: 0/0/0 (insert/search/found) +LRU cache mining: 0/0/0 (insert/search/found) +LRU cache msteams: 0/0/0 (insert/search/found) +LRU cache stun_zoom: 0/0/0 (insert/search/found) +Automa host: 0/0 (search/found) +Automa domain: 0/0 (search/found) +Automa tls cert: 0/0 (search/found) +Automa risk mask: 0/0 (search/found) +Automa common alpns: 0/0 (search/found) +Patricia risk mask: 2/0 (search/found) +Patricia risk: 0/0 (search/found) +Patricia protocols: 2/0 (search/found) + +BitTorrent 100 96898 1 + + 1 TCP 192.168.122.34:48987 <-> 178.71.206.1:6881 [proto: 37/BitTorrent][IP: 0/Unknown][ClearText][Confidence: DPI][cat: Download/7][33 pkts/2895 bytes <-> 67 pkts/94003 bytes][Goodput ratio: 38/96][0.31 sec][bytes ratio: -0.940 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 7/4 33/64 11/12][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 88/1403 525/1494 98/324][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][BT Hash: 0f6b9cd2b7da4de9b6c846203920e3da49cdb795][PLAIN TEXT (BitTorrent protocol)][Plen Bins: 0,4,1,0,0,0,1,1,0,1,0,1,0,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,88,0,0] |