diff options
| -rw-r--r-- | doc/configuration_parameters.md | 2 | ||||
| -rw-r--r-- | example/ndpiReader.c | 73 | ||||
| -rw-r--r-- | example/reader_util.c | 18 | ||||
| -rw-r--r-- | example/reader_util.h | 4 | ||||
| -rw-r--r-- | fuzz/fuzz_common_code.c | 6 | ||||
| -rw-r--r-- | fuzz/fuzz_config.cpp | 14 | ||||
| -rw-r--r-- | fuzz/fuzz_filecfg_categories.c | 8 | ||||
| -rw-r--r-- | fuzz/fuzz_filecfg_malicious_ja3.c | 8 | ||||
| -rw-r--r-- | fuzz/fuzz_filecfg_malicious_sha1.c | 8 | ||||
| -rw-r--r-- | fuzz/fuzz_filecfg_protocols.c | 8 | ||||
| -rw-r--r-- | fuzz/fuzz_filecfg_risk_domains.c | 8 | ||||
| -rw-r--r-- | fuzz/fuzz_ndpi_reader.c | 8 | ||||
| -rw-r--r-- | fuzz/fuzz_readerutils_workflow.cpp | 3 | ||||
| -rw-r--r-- | src/include/ndpi_api.h | 2 | ||||
| -rw-r--r-- | src/include/ndpi_define.h.in | 10 | ||||
| -rw-r--r-- | src/include/ndpi_private.h | 6 | ||||
| -rw-r--r-- | src/lib/ndpi_main.c | 22 | ||||
| -rw-r--r-- | tests/dga/dga_evaluate.c | 2 |
18 files changed, 106 insertions, 104 deletions
diff --git a/doc/configuration_parameters.md b/doc/configuration_parameters.md index b19850d81..77fa5b962 100644 --- a/doc/configuration_parameters.md +++ b/doc/configuration_parameters.md @@ -16,6 +16,7 @@ TODO | NULL | "flow_risk.anonymous_subscriber.list.protonvpn.load" | 1 | NULL | NULL | Enable/disable loading of internal IP address list of ProtonVPN exit nodes used to check `NDPI_ANONYMOUS_SUBSCRIBER` flow risk | | NULL | "flow_risk.crawler_bot.list.load" | 1 | NULL | NULL | Enable/disable loading of internal IP address list used to check `NDPI_HTTP_CRAWLER_BOT` flow risk | | NULL | "filename.config" | NULL | NULL | NULL | Name of the file containing a list of configuration knobs itself (one per line)!. Useful to configure nDPI via text file instead of via API | +| NULL | "log.level" | 0 | 0 | 3 | Configure the log/debug level. Possible values: 0 = error, 1 = trace, 2 = debug, 3 = extra debug | | NULL | "lru.$CACHE_NAME.size" | See description | 0 | 16777215 | Set the size (in number of elements) of the specified LRU cache (0 = the cache is disabled). The keyword "$CACHE_NAME" is a placeholder for the cache name and the possible values are: ookla, bittorrent, zoom, stun, tls_cert, mining, msteams, stun_zoom. The default value is "32768" for the bittorrent cache, "512" for the zoom cache and "1024" for all the other caches | | NULL | "lru.$CACHE_NAME.ttl" | See description | 0 | 16777215 | Set the TTL (in seconds) for the elements of the specified LRU cache (0 = the elements never explicitly expire). The keyword "$CACHE_NAME" is a placeholder for the cache name and the possible values are: ookla, bittorrent, zoom, stun, tls_cert, mining, msteams, stun_zoom. The default value is "120" for the ookla cache, "60" for the msteams and stun_zoom caches and "0" for all the other caches | | "tls" | "certificate_expiration_threshold" | 30 | 0 | 365 | The threshold (in days) used to trigger the `NDPI_TLS_CERTIFICATE_ABOUT_TO_EXPIRE` flow risk | @@ -30,4 +31,5 @@ TODO | "dns" | "process_response.enable" | 1 | NULL | NULL | Enable/disable processing of DNS responses. By default, DNS flows are fully classified after the first request/response pair (or after the first response, if the request is missing). If this parameter is disabled, the flows are fully classified after the first packet, i.e. usually after the first request; in that case, some flow risks are not checked and some metadata are not exported | | "http" | "process_response.enable" | 1 | NULL | NULL | Enable/disable processing of HTTP responses. By default, HTTP flows are usually fully classified after the first request/response pair. If this parameter is disabled, the flows are fully classified after the first request (or after the first response, if the request is missing); in that case, some flow risks are not checked and some metadata are not exported | | "ookla" | "aggressiveness", | 0x01 | 0x00 | 0x01 | Detection aggressiveness for Ookla. The value is a bitmask. Values: 0x0 = disabled; 0x01 = enable heuristic for detection over TLS (via Ookla LRU cache) | +| $PROTO_NAME | "log.enable" | 0 | NULL | NULL | Enable/disable logging/debug for specific protocol. Use "any" as protocol name if you want to easily enable/disable logging/debug for all protocols | | $PROTO_NAME | "ip_list.load" | 1 | NULL | NULL | Enable/disable loading of internal list of IP addresses (used for (sub)classification) specific to that protocol. Use "any" as protocol name if you want to easily enable/disable all lists. This knob is valid only for the following protocols: Alibaba, Amazon AWS, Apple, Avast, Bloomberg, Cachefly, Cloudflare, Discord, Disney+, Dropbox, Edgecast, EpicGames, Ethereum, Facebook, Github, Google, Google Cloud, GoTo, Hotspot Shield, Hulu, Line, Microsoft 365, Microsoft Azure, Microsoft One Drive, Microsoft Outlook, Mullvad, Netflix, Nvidia, OpenDNS, ProtonVPN, RiotGames, Roblox, Skype/Teams, Starcraft, Steam, Teamviewer, Telegram, Tencent, Threema, TOR, Twitch, Twitter, UbuntuONE, VK, Yandex, Yandex Cloud, Webex, Whatsapp, Zoom | diff --git a/example/ndpiReader.c b/example/ndpiReader.c index e447bb520..d2c37c2af 100644 --- a/example/ndpiReader.c +++ b/example/ndpiReader.c @@ -104,8 +104,7 @@ struct cfg { static struct cfg cfgs[MAX_NUM_CFGS]; static int num_cfgs = 0; -int nDPI_LogLevel = 0; -char *_debug_protocols = NULL; +int reader_log_level = 0; char *_disabled_protocols = NULL; static u_int8_t stats_flag = 0; u_int8_t human_readeable_string_len = 5; @@ -586,9 +585,9 @@ static void help(u_int long_help) { " | 2 = very verbose\n" " | 3 = port stats\n" " | 4 = hash stats\n" - " -V <1-4> | nDPI logging level\n" - " | 1 - trace, 2 - debug, 3 - full debug\n" - " | >3 - full debug + log enabled for all protocols (i.e. '-u all')\n" + " -V <0-4> | nDPI logging level\n" + " | 0 - error, 1 - trace, 2 - debug, 3 - extra debug\n" + " | >3 - extra debug + log enabled for all protocols (i.e. '-u all')\n" " -u all|proto|num[,...] | Enable logging only for such protocol(s)\n" " | If this flag is present multiple times (directly, or via '-V'),\n" " | only the last instance will be considered\n" @@ -1117,19 +1116,60 @@ static void parseOptions(int argc, char **argv) { break; case 'V': - nDPI_LogLevel = atoi(optarg); - if(nDPI_LogLevel < NDPI_LOG_ERROR) nDPI_LogLevel = NDPI_LOG_ERROR; - if(nDPI_LogLevel > NDPI_LOG_DEBUG_EXTRA) { - nDPI_LogLevel = NDPI_LOG_DEBUG_EXTRA; - ndpi_free(_debug_protocols); - _debug_protocols = ndpi_strdup("all"); + { + char buf[12]; + int log_level; + const char *errstrp; + + /* (Internals) log levels are 0-3, but ndpiReader allows 0-4, where with 4 + we also enable all protocols */ + log_level = ndpi_strtonum(optarg, NDPI_LOG_ERROR, NDPI_LOG_DEBUG_EXTRA + 1, &errstrp, 10); + if(errstrp != NULL) { + printf("Invalid log level %s: %s\n", optarg, errstrp); + exit(1); } + if(log_level > NDPI_LOG_DEBUG_EXTRA) { + log_level = NDPI_LOG_DEBUG_EXTRA; + if(reader_add_cfg("all", "log.enable", "1", 1) == 1) { + printf("Invalid cfg [num:%d/%d]\n", num_cfgs, MAX_NUM_CFGS); + exit(1); + } + } + snprintf(buf, sizeof(buf), "%d", log_level); + if(reader_add_cfg(NULL, "log.level", buf, 1) == 1) { + printf("Invalid log level [%s] [num:%d/%d]\n", buf, num_cfgs, MAX_NUM_CFGS); + exit(1); + } + reader_log_level = log_level; break; + } case 'u': - ndpi_free(_debug_protocols); - _debug_protocols = ndpi_strdup(optarg); + { + char *n; + char *str = ndpi_strdup(optarg); + int inverted_logic; + + /* Reset any previous call to this knob */ + if(reader_add_cfg("all", "log.enable", "0", 1) == 1) { + printf("Invalid cfg [num:%d/%d]\n", num_cfgs, MAX_NUM_CFGS); + exit(1); + } + + for(n = strtok(str, ","); n && *n; n = strtok(NULL, ",")) { + inverted_logic = 0; + if(*n == '-') { + inverted_logic = 1; + n++; + } + if(reader_add_cfg(n, "log.enable", inverted_logic ? "0" : "1", 1) == 1) { + printf("Invalid parameter [%s] [num:%d/%d]\n", n, num_cfgs, MAX_NUM_CFGS); + exit(1); + } + } + ndpi_free(str); break; + } case 'B': ndpi_free(_disabled_protocols); @@ -1215,7 +1255,11 @@ static void parseOptions(int argc, char **argv) { case 'q': quiet_mode = 1; - nDPI_LogLevel = 0; + if(reader_add_cfg(NULL, "log.level", "0", 1) == 1) { + printf("Invalid cfg [num:%d/%d]\n", num_cfgs, MAX_NUM_CFGS); + exit(1); + } + reader_log_level = 0; break; /* Extcap */ @@ -5804,7 +5848,6 @@ int main(int argc, char **argv) { if(enable_malloc_bins) ndpi_free_bin(&malloc_bins); if(csv_fp) fclose(csv_fp); - ndpi_free(_debug_protocols); ndpi_free(_disabled_protocols); for(i = 0; i < num_cfgs; i++) { diff --git a/example/reader_util.c b/example/reader_util.c index e5399ab16..9f8a76c1c 100644 --- a/example/reader_util.c +++ b/example/reader_util.c @@ -448,15 +448,11 @@ int parse_proto_name_list(char *str, NDPI_PROTOCOL_BITMASK *bitmask, int inverte /* ***************************************************** */ -extern char *_debug_protocols; - struct ndpi_workflow* ndpi_workflow_init(const struct ndpi_workflow_prefs * prefs, pcap_t * pcap_handle, int do_init_flows_root, ndpi_serialization_format serialization_format) { struct ndpi_detection_module_struct * module; struct ndpi_workflow * workflow; - static NDPI_PROTOCOL_BITMASK debug_bitmask; - static int _debug_protocols_ok = 0; /* On some fuzzers we don't want to use these memory allocators, but some custom ones */ #ifndef DISABLE_CUSTOM_ALLOCATOR_ON_READERUTILS @@ -485,20 +481,6 @@ struct ndpi_workflow* ndpi_workflow_init(const struct ndpi_workflow_prefs * pref ndpi_set_user_data(module, workflow); - ndpi_set_log_level(module, nDPI_LogLevel); - - if(_debug_protocols != NULL && ! _debug_protocols_ok) { - NDPI_BITMASK_RESET(debug_bitmask); - if(parse_proto_name_list(_debug_protocols, &debug_bitmask, 0)) { - ndpi_exit_detection_module(module); - ndpi_free(workflow); - return NULL; - } - _debug_protocols_ok = 1; - } - if(_debug_protocols_ok) - ndpi_set_debug_bitmask(module, debug_bitmask); - if(do_init_flows_root) { workflow->ndpi_flows_root = ndpi_calloc(workflow->prefs.num_roots, sizeof(void *)); if(!workflow->ndpi_flows_root) { diff --git a/example/reader_util.h b/example/reader_util.h index 06cb6fab6..4623be378 100644 --- a/example/reader_util.h +++ b/example/reader_util.h @@ -428,12 +428,12 @@ void ndpi_flow_info_freer(void *node); const char* print_cipher_id(u_int32_t cipher); int parse_proto_name_list(char *str, NDPI_PROTOCOL_BITMASK *bitmask, int inverted_logic); -extern int nDPI_LogLevel; +extern int reader_log_level; #if defined(NDPI_ENABLE_DEBUG_MESSAGES) && !defined(FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION) #define LOG(log_level, args...) \ { \ - if(log_level <= nDPI_LogLevel) \ + if(log_level <= reader_log_level) \ printf(args); \ } #else diff --git a/fuzz/fuzz_common_code.c b/fuzz/fuzz_common_code.c index 13318df37..7bda091d5 100644 --- a/fuzz/fuzz_common_code.c +++ b/fuzz/fuzz_common_code.c @@ -37,14 +37,12 @@ void fuzz_set_alloc_callbacks_and_seed(int seed) void fuzz_init_detection_module(struct ndpi_detection_module_struct **ndpi_info_mod) { NDPI_PROTOCOL_BITMASK all; - NDPI_PROTOCOL_BITMASK debug_bitmask; if(*ndpi_info_mod == NULL) { *ndpi_info_mod = ndpi_init_detection_module(); - NDPI_BITMASK_SET_ALL(debug_bitmask); - ndpi_set_log_level(*ndpi_info_mod, 4); - ndpi_set_debug_bitmask(*ndpi_info_mod, debug_bitmask); + ndpi_set_config(*ndpi_info_mod, NULL, "log.level", "3"); + ndpi_set_config(*ndpi_info_mod, "all", "log.enable", "1"); ndpi_load_categories_dir(*ndpi_info_mod, "./lists/"); ndpi_load_protocols_file(*ndpi_info_mod, "protos.txt"); diff --git a/fuzz/fuzz_config.cpp b/fuzz/fuzz_config.cpp index eda75111f..93bff3313 100644 --- a/fuzz/fuzz_config.cpp +++ b/fuzz/fuzz_config.cpp @@ -140,6 +140,20 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { if(fuzzed_data.ConsumeBool()) { value = fuzzed_data.ConsumeIntegralInRange(0, 1 + 1); sprintf(cfg_value, "%d", value); + ndpi_set_config(ndpi_info_mod, "any", "log.enable", cfg_value); + } + for(i = 0; i < NDPI_MAX_SUPPORTED_PROTOCOLS; i++) { + if(fuzzed_data.ConsumeBool()) { + value = fuzzed_data.ConsumeIntegralInRange(0, 1 + 1); + sprintf(cfg_value, "%d", value); + sprintf(cfg_proto, "%d", i); + /* TODO: we should try to map integer into name */ + ndpi_set_config(ndpi_info_mod, cfg_proto, "log.enable", cfg_value); + } + } + if(fuzzed_data.ConsumeBool()) { + value = fuzzed_data.ConsumeIntegralInRange(0, 1 + 1); + sprintf(cfg_value, "%d", value); ndpi_set_config(ndpi_info_mod, "any", "ip_list.load", cfg_value); } for(i = 0; i < NDPI_MAX_SUPPORTED_PROTOCOLS; i++) { diff --git a/fuzz/fuzz_filecfg_categories.c b/fuzz/fuzz_filecfg_categories.c index 17947b58c..dd782ff67 100644 --- a/fuzz/fuzz_filecfg_categories.c +++ b/fuzz/fuzz_filecfg_categories.c @@ -6,7 +6,6 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { struct ndpi_detection_module_struct *ndpi_struct; FILE *fd; NDPI_PROTOCOL_BITMASK all; - NDPI_PROTOCOL_BITMASK debug_bitmask; /* To allow memory allocation failures */ fuzz_set_alloc_callbacks_and_seed(size); @@ -15,17 +14,14 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { NDPI_BITMASK_SET_ALL(all); ndpi_set_protocol_detection_bitmask2(ndpi_struct, &all); - NDPI_BITMASK_SET_ALL(debug_bitmask); - ndpi_set_log_level(ndpi_struct, 4); - ndpi_set_debug_bitmask(ndpi_struct, debug_bitmask); + ndpi_set_config(ndpi_struct, NULL, "log.level", "3"); + ndpi_set_config(ndpi_struct, "all", "log.enable", "1"); fd = buffer_to_file(data, size); load_categories_file_fd(ndpi_struct, fd, NULL); if(fd) fclose(fd); - /* We don't really need to call ndpi_finalize_initialization */ - ndpi_exit_detection_module(ndpi_struct); return 0; } diff --git a/fuzz/fuzz_filecfg_malicious_ja3.c b/fuzz/fuzz_filecfg_malicious_ja3.c index 2073ed5bd..22cc95e59 100644 --- a/fuzz/fuzz_filecfg_malicious_ja3.c +++ b/fuzz/fuzz_filecfg_malicious_ja3.c @@ -6,7 +6,6 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { struct ndpi_detection_module_struct *ndpi_struct; FILE *fd; NDPI_PROTOCOL_BITMASK all; - NDPI_PROTOCOL_BITMASK debug_bitmask; /* To allow memory allocation failures */ fuzz_set_alloc_callbacks_and_seed(size); @@ -15,17 +14,14 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { NDPI_BITMASK_SET_ALL(all); ndpi_set_protocol_detection_bitmask2(ndpi_struct, &all); - NDPI_BITMASK_SET_ALL(debug_bitmask); - ndpi_set_log_level(ndpi_struct, 4); - ndpi_set_debug_bitmask(ndpi_struct, debug_bitmask); + ndpi_set_config(ndpi_struct, NULL, "log.level", "3"); + ndpi_set_config(ndpi_struct, "all", "log.enable", "1"); fd = buffer_to_file(data, size); load_malicious_ja3_file_fd(ndpi_struct, fd); if(fd) fclose(fd); - /* We don't really need to call ndpi_finalize_initialization */ - ndpi_exit_detection_module(ndpi_struct); return 0; } diff --git a/fuzz/fuzz_filecfg_malicious_sha1.c b/fuzz/fuzz_filecfg_malicious_sha1.c index 665a8f942..649920533 100644 --- a/fuzz/fuzz_filecfg_malicious_sha1.c +++ b/fuzz/fuzz_filecfg_malicious_sha1.c @@ -6,7 +6,6 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { struct ndpi_detection_module_struct *ndpi_struct; FILE *fd; NDPI_PROTOCOL_BITMASK all; - NDPI_PROTOCOL_BITMASK debug_bitmask; /* To allow memory allocation failures */ fuzz_set_alloc_callbacks_and_seed(size); @@ -15,17 +14,14 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { NDPI_BITMASK_SET_ALL(all); ndpi_set_protocol_detection_bitmask2(ndpi_struct, &all); - NDPI_BITMASK_SET_ALL(debug_bitmask); - ndpi_set_log_level(ndpi_struct, 4); - ndpi_set_debug_bitmask(ndpi_struct, debug_bitmask); + ndpi_set_config(ndpi_struct, NULL, "log.level", "3"); + ndpi_set_config(ndpi_struct, "all", "log.enable", "1"); fd = buffer_to_file(data, size); load_malicious_sha1_file_fd(ndpi_struct, fd); if(fd) fclose(fd); - /* We don't really need to call ndpi_finalize_initialization */ - ndpi_exit_detection_module(ndpi_struct); return 0; } diff --git a/fuzz/fuzz_filecfg_protocols.c b/fuzz/fuzz_filecfg_protocols.c index 74a2c6e3d..deef4b91e 100644 --- a/fuzz/fuzz_filecfg_protocols.c +++ b/fuzz/fuzz_filecfg_protocols.c @@ -6,7 +6,6 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { struct ndpi_detection_module_struct *ndpi_struct; FILE *fd; NDPI_PROTOCOL_BITMASK all; - NDPI_PROTOCOL_BITMASK debug_bitmask; /* To allow memory allocation failures */ fuzz_set_alloc_callbacks_and_seed(size); @@ -15,17 +14,14 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { NDPI_BITMASK_SET_ALL(all); ndpi_set_protocol_detection_bitmask2(ndpi_struct, &all); - NDPI_BITMASK_SET_ALL(debug_bitmask); - ndpi_set_log_level(ndpi_struct, 4); - ndpi_set_debug_bitmask(ndpi_struct, debug_bitmask); + ndpi_set_config(ndpi_struct, NULL, "log.level", "3"); + ndpi_set_config(ndpi_struct, "all", "log.enable", "1"); fd = buffer_to_file(data, size); load_protocols_file_fd(ndpi_struct, fd); if(fd) fclose(fd); - /* We don't really need to call ndpi_finalize_initialization */ - ndpi_exit_detection_module(ndpi_struct); return 0; } diff --git a/fuzz/fuzz_filecfg_risk_domains.c b/fuzz/fuzz_filecfg_risk_domains.c index e7d0b4c7f..c3521b435 100644 --- a/fuzz/fuzz_filecfg_risk_domains.c +++ b/fuzz/fuzz_filecfg_risk_domains.c @@ -6,7 +6,6 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { struct ndpi_detection_module_struct *ndpi_struct; FILE *fd; NDPI_PROTOCOL_BITMASK all; - NDPI_PROTOCOL_BITMASK debug_bitmask; /* To allow memory allocation failures */ fuzz_set_alloc_callbacks_and_seed(size); @@ -15,17 +14,14 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { NDPI_BITMASK_SET_ALL(all); ndpi_set_protocol_detection_bitmask2(ndpi_struct, &all); - NDPI_BITMASK_SET_ALL(debug_bitmask); - ndpi_set_log_level(ndpi_struct, 4); - ndpi_set_debug_bitmask(ndpi_struct, debug_bitmask); + ndpi_set_config(ndpi_struct, NULL, "log.level", "3"); + ndpi_set_config(ndpi_struct, "all", "log.enable", "1"); fd = buffer_to_file(data, size); load_risk_domain_file_fd(ndpi_struct, fd); if(fd) fclose(fd); - /* We don't really need to call ndpi_finalize_initialization */ - ndpi_exit_detection_module(ndpi_struct); return 0; } diff --git a/fuzz/fuzz_ndpi_reader.c b/fuzz/fuzz_ndpi_reader.c index d65e20b7c..7733b690f 100644 --- a/fuzz/fuzz_ndpi_reader.c +++ b/fuzz/fuzz_ndpi_reader.c @@ -11,8 +11,6 @@ struct ndpi_workflow_prefs *prefs = NULL; struct ndpi_workflow *workflow = NULL; -int nDPI_LogLevel = 0; -char *_debug_protocols = NULL; u_int32_t current_ndpi_memory = 0, max_ndpi_memory = 0; u_int8_t enable_protocol_guess = 1, enable_payload_analyzer = 0; u_int8_t enable_flow_stats = 1; @@ -36,7 +34,6 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { int r; char errbuf[PCAP_ERRBUF_SIZE]; NDPI_PROTOCOL_BITMASK all; - NDPI_PROTOCOL_BITMASK debug_bitmask; u_int i; FILE *fd; @@ -57,9 +54,8 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { workflow = ndpi_workflow_init(prefs, NULL /* pcap handler will be set later */, 0, ndpi_serialization_format_json); - NDPI_BITMASK_SET_ALL(debug_bitmask); - ndpi_set_log_level(workflow->ndpi_struct, 4); - ndpi_set_debug_bitmask(workflow->ndpi_struct, debug_bitmask); + ndpi_set_config(workflow->ndpi_struct, NULL, "log.level", "3"); + ndpi_set_config(workflow->ndpi_struct, "all", "log.enable", "1"); ndpi_load_protocols_file(workflow->ndpi_struct, "protos.txt"); ndpi_load_categories_file(workflow->ndpi_struct, "categories.txt", NULL); diff --git a/fuzz/fuzz_readerutils_workflow.cpp b/fuzz/fuzz_readerutils_workflow.cpp index e836cfdbf..ed5238f75 100644 --- a/fuzz/fuzz_readerutils_workflow.cpp +++ b/fuzz/fuzz_readerutils_workflow.cpp @@ -8,8 +8,6 @@ extern u_int8_t enable_doh_dot_detection; -char *_debug_protocols; -int nDPI_LogLevel = 0; u_int32_t current_ndpi_memory = 0, max_ndpi_memory = 0; u_int8_t enable_protocol_guess = 1, enable_payload_analyzer = 0; u_int8_t enable_flow_stats = 0; @@ -34,6 +32,7 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { char errbuf[PCAP_ERRBUF_SIZE]; FILE *fd; u_int8_t debug_protos_index; + char *_debug_protocols; const char *strs[] = { "all", "dns,quic", "+dns:-quic", diff --git a/src/include/ndpi_api.h b/src/include/ndpi_api.h index df31e30b1..818228aac 100644 --- a/src/include/ndpi_api.h +++ b/src/include/ndpi_api.h @@ -1052,8 +1052,6 @@ extern "C" { u_int ndpi_get_ndpi_num_supported_protocols(struct ndpi_detection_module_struct *ndpi_mod); u_int ndpi_get_ndpi_num_custom_protocols(struct ndpi_detection_module_struct *ndpi_mod); u_int ndpi_get_ndpi_detection_module_size(void); - void ndpi_set_log_level(struct ndpi_detection_module_struct *ndpi_mod, u_int l); - void ndpi_set_debug_bitmask(struct ndpi_detection_module_struct *ndpi_mod, NDPI_PROTOCOL_BITMASK debug_bitmask); /* Simple helper to get current time, in sec */ u_int32_t ndpi_get_current_time(struct ndpi_flow_struct *flow); diff --git a/src/include/ndpi_define.h.in b/src/include/ndpi_define.h.in index 3ec09ebdd..7a818195d 100644 --- a/src/include/ndpi_define.h.in +++ b/src/include/ndpi_define.h.in @@ -166,7 +166,7 @@ #define NDPI_LOG(proto, m, log_level, args...) \ { \ struct ndpi_detection_module_struct *mod = (struct ndpi_detection_module_struct*) m; \ - if(mod && mod->ndpi_log_level >= log_level) { \ + if(mod && mod->cfg.log_level >= log_level) { \ if(mod != NULL && mod->ndpi_debug_printf != NULL) \ (*(mod->ndpi_debug_printf))(proto, mod, log_level, __FILE__, __FUNCTION__, __LINE__, args); \ } \ @@ -185,25 +185,25 @@ #endif #define NDPI_LOG_ERR(mod, args...) \ - if(mod && mod->ndpi_log_level >= NDPI_LOG_ERROR) { \ + if(mod && mod->cfg.log_level >= NDPI_LOG_ERROR) { \ if(mod != NULL && mod->ndpi_debug_printf != NULL) \ (*(mod->ndpi_debug_printf))(NDPI_CURRENT_PROTO, mod, NDPI_LOG_ERROR , __FILE__, __FUNCTION__, __LINE__, args); \ } #define NDPI_LOG_INFO(mod, args...) \ - if(mod && mod->ndpi_log_level >= NDPI_LOG_TRACE) { \ + if(mod && mod->cfg.log_level >= NDPI_LOG_TRACE) { \ if(mod != NULL && mod->ndpi_debug_printf != NULL) \ (*(mod->ndpi_debug_printf))(NDPI_CURRENT_PROTO, mod, NDPI_LOG_TRACE , __FILE__, __FUNCTION__, __LINE__, args); \ } #define NDPI_LOG_DBG(mod, args...) \ - if(mod && mod->ndpi_log_level >= NDPI_LOG_DEBUG) { \ + if(mod && mod->cfg.log_level >= NDPI_LOG_DEBUG) { \ if(mod != NULL && mod->ndpi_debug_printf != NULL) \ (*(mod->ndpi_debug_printf))(NDPI_CURRENT_PROTO, mod, NDPI_LOG_DEBUG , __FILE__, __FUNCTION__, __LINE__, args); \ } #define NDPI_LOG_DBG2(mod, args...) \ - if(mod && mod->ndpi_log_level >= NDPI_LOG_DEBUG_EXTRA) { \ + if(mod && mod->cfg.log_level >= NDPI_LOG_DEBUG_EXTRA) { \ if(mod != NULL && mod->ndpi_debug_printf != NULL) \ (*(mod->ndpi_debug_printf))(NDPI_CURRENT_PROTO, mod, NDPI_LOG_DEBUG_EXTRA , __FILE__, __FUNCTION__, __LINE__, args); \ } diff --git a/src/include/ndpi_private.h b/src/include/ndpi_private.h index 0de05c817..282deba2d 100644 --- a/src/include/ndpi_private.h +++ b/src/include/ndpi_private.h @@ -170,6 +170,8 @@ struct ndpi_detection_module_config_struct { char filename_config[CFG_MAX_LEN]; + int log_level; + /* LRU caches */ int ookla_cache_num_entries; @@ -212,6 +214,7 @@ struct ndpi_detection_module_config_struct { int ookla_aggressiveness; + NDPI_PROTOCOL_BITMASK debug_bitmask; NDPI_PROTOCOL_BITMASK ip_list_bitmask; int flow_risk_lists_enabled; @@ -245,14 +248,11 @@ struct ndpi_detection_module_struct { default_ports_tree_node_t *tcpRoot, *udpRoot; - ndpi_log_level_t ndpi_log_level; /* default error */ - #ifdef NDPI_ENABLE_DEBUG_MESSAGES /* debug callback, only set when debug is used */ ndpi_debug_function_ptr ndpi_debug_printf; const char *ndpi_debug_print_file; const char *ndpi_debug_print_function; - NDPI_PROTOCOL_BITMASK debug_bitmask; #endif /* misc parameters */ diff --git a/src/lib/ndpi_main.c b/src/lib/ndpi_main.c index 8e0c8b278..b22b6c68e 100644 --- a/src/lib/ndpi_main.c +++ b/src/lib/ndpi_main.c @@ -475,7 +475,7 @@ void ndpi_exclude_protocol(struct ndpi_detection_module_struct *ndpi_str, struct u_int16_t protocol_id, const char *_file, const char *_func, int _line) { if(ndpi_is_valid_protoId(protocol_id)) { #ifdef NDPI_ENABLE_DEBUG_MESSAGES - if(ndpi_str && ndpi_str->ndpi_log_level >= NDPI_LOG_DEBUG && ndpi_str->ndpi_debug_printf != NULL) { + if(ndpi_str && ndpi_str->cfg.log_level >= NDPI_LOG_DEBUG && ndpi_str->ndpi_debug_printf != NULL) { (*(ndpi_str->ndpi_debug_printf))(protocol_id, ndpi_str, NDPI_LOG_DEBUG, _file, _func, _line, "exclude %s\n", ndpi_get_proto_name(ndpi_str, protocol_id)); } @@ -2914,7 +2914,7 @@ void ndpi_debug_printf(unsigned int proto, struct ndpi_detection_module_struct * #define MAX_STR_LEN 250 char str[MAX_STR_LEN]; if(ndpi_str != NULL && log_level > NDPI_LOG_ERROR && proto > 0 && proto < NDPI_MAX_SUPPORTED_PROTOCOLS && - !NDPI_ISSET(&ndpi_str->debug_bitmask, proto)) + !NDPI_ISSET(&ndpi_str->cfg.debug_bitmask, proto)) return; va_start(args, format); ndpi_vsnprintf(str, sizeof(str) - 1, format, args); @@ -3099,7 +3099,6 @@ struct ndpi_detection_module_struct *ndpi_init_detection_module(void) { #ifdef NDPI_ENABLE_DEBUG_MESSAGES set_ndpi_debug_function(ndpi_str, (ndpi_debug_function_ptr) ndpi_debug_printf); - NDPI_BITMASK_RESET(ndpi_str->debug_bitmask); #endif /* NDPI_ENABLE_DEBUG_MESSAGES */ if((ndpi_str->protocols_ptree = ndpi_patricia_new(32 /* IPv4 */)) == NULL || @@ -9786,18 +9785,6 @@ u_int ndpi_get_ndpi_detection_module_size() { return(sizeof(struct ndpi_detection_module_struct)); } -void ndpi_set_debug_bitmask(struct ndpi_detection_module_struct *ndpi_str, NDPI_PROTOCOL_BITMASK debug_bitmask) { -#ifdef NDPI_ENABLE_DEBUG_MESSAGES - if(ndpi_str) - ndpi_str->debug_bitmask = debug_bitmask; -#endif -} - -void ndpi_set_log_level(struct ndpi_detection_module_struct *ndpi_str, u_int l){ - if(ndpi_str) - ndpi_str->ndpi_log_level = l; -} - /* ******************************************************************** */ u_int32_t ndpi_get_current_time(struct ndpi_flow_struct *flow) @@ -10797,7 +10784,8 @@ static const struct cfg_param { { "ookla", "aggressiveness", "0x01", "0", "1", CFG_PARAM_INT, __OFF(ookla_aggressiveness) }, - { "$PROTO_NAME_OR_ID", "ip_list.load", "1", NULL, NULL, CFG_PARAM_PROTOCOL_ENABLE_DISABLE, __OFF(ip_list_bitmask)}, + { "$PROTO_NAME_OR_ID", "log.enable", "0", NULL, NULL, CFG_PARAM_PROTOCOL_ENABLE_DISABLE, __OFF(debug_bitmask) }, + { "$PROTO_NAME_OR_ID", "ip_list.load", "1", NULL, NULL, CFG_PARAM_PROTOCOL_ENABLE_DISABLE, __OFF(ip_list_bitmask) }, /* Global parameters */ @@ -10816,6 +10804,8 @@ static const struct cfg_param { { NULL, "filename.config", NULL, NULL, NULL, CFG_PARAM_FILENAME_CONFIG, __OFF(filename_config) }, + { NULL, "log.level", "0", "0", "3", CFG_PARAM_INT, __OFF(log_level) }, + /* LRU caches */ { NULL, "lru.ookla.size", "1024", "0", "16777215", CFG_PARAM_INT, __OFF(ookla_cache_num_entries)}, diff --git a/tests/dga/dga_evaluate.c b/tests/dga/dga_evaluate.c index 97ea362d0..2d226f2d4 100644 --- a/tests/dga/dga_evaluate.c +++ b/tests/dga/dga_evaluate.c @@ -96,7 +96,7 @@ int main(int argc, char **argv) { assert(ndpi_str != NULL); NDPI_BITMASK_SET_ALL(all); ndpi_set_protocol_detection_bitmask2(ndpi_str, &all); - ndpi_set_log_level(ndpi_str, NDPI_LOG_DEBUG_EXTRA); + ndpi_set_config(ndpi_str, NULL, "log.level", "3"); /* NDPI_LOG_DEBUG_EXTRA */ set_ndpi_debug_function(ndpi_str, ndpi_dbg_fn); ndpi_finalize_initialization(ndpi_str); assert(ndpi_str != NULL); |