diff options
Diffstat (limited to 'example')
| -rw-r--r-- | example/ndpiReader.c | 6 | ||||
| -rw-r--r-- | example/reader_util.c | 41 |
2 files changed, 31 insertions, 16 deletions
diff --git a/example/ndpiReader.c b/example/ndpiReader.c index b0d1a9122..c525346fa 100644 --- a/example/ndpiReader.c +++ b/example/ndpiReader.c @@ -1949,6 +1949,10 @@ static void setupDetection(u_int16_t thread_id, pcap_t * pcap_handle) { ndpi_load_categories_file(ndpi_thread_info[thread_id].workflow->ndpi_struct, _customCategoryFilePath); ndpi_finalize_initalization(ndpi_thread_info[thread_id].workflow->ndpi_struct); + +#ifdef USE_TLS_LEN + ndpi_set_detection_preferences(ndpi_thread_info[thread_id].workflow->ndpi_struct, ndpi_pref_enable_tls_block_dissection, 1); +#endif } /* *********************************************** */ @@ -2460,7 +2464,7 @@ static void printFlowsStats() { if(verbose > 1) { #ifndef DIRECTION_BINS struct ndpi_bin *bins = (struct ndpi_bin*)ndpi_malloc(sizeof(struct ndpi_bin)*num_flows); - u_int16_t *cluster_ids = (u_int16_t*)ndpi_malloc(sizeof(u_int16_t)*num_flows);; + u_int16_t *cluster_ids = (u_int16_t*)ndpi_malloc(sizeof(u_int16_t)*num_flows); #endif for(i=0; i<num_flows; i++) { diff --git a/example/reader_util.c b/example/reader_util.c index e26e8625d..7e68a378d 100644 --- a/example/reader_util.c +++ b/example/reader_util.c @@ -79,7 +79,7 @@ #define PLEN_MAX 1504 #define PLEN_BIN_LEN 32 -#define PLEN_NUM_BINS 47 /* 47*32 = 1504 */ +#define PLEN_NUM_BINS 48 /* 47*32 = 1504 */ #define MAX_NUM_BIN_PKTS 256 #include "ndpi_main.h" @@ -1021,6 +1021,20 @@ void correct_csv_data_field(char* data) { /* ****************************************************** */ +u_int8_t plen2slot(u_int16_t plen) { + /* + Slots [32 bytes lenght] + 0..31, 32..63 ... + */ + + if(plen > PLEN_MAX) + return(PLEN_NUM_BINS-1); + else + return(plen/PLEN_BIN_LEN); +} + +/* ****************************************************** */ + void process_ndpi_collected_info(struct ndpi_workflow * workflow, struct ndpi_flow_info *flow, FILE * csv_fp) { u_int i; @@ -1194,6 +1208,17 @@ void process_ndpi_collected_info(struct ndpi_workflow * workflow, struct ndpi_fl snprintf(flow->info, sizeof(flow->info), "ALPN: %s", flow->ndpi_flow->protos.stun_ssl.ssl.alpn); } + +#ifdef USE_TLS_LEN + /* For TLS we use TLS block lenght instead of payload lenght */ + ndpi_reset_bin(&flow->payload_len_bin); + + for(i=0; i<flow->ndpi_flow->l4.tcp.tls.num_tls_blocks; i++) { + u_int16_t len = abs(flow->ndpi_flow->l4.tcp.tls.tls_application_blocks_len[i]); + printf("%u\n", len); + ndpi_inc_bin(&flow->payload_len_bin, plen2slot(len), 1); + } +#endif } if(flow->detection_completed && (!flow->check_extra_packets)) { @@ -1258,20 +1283,6 @@ void update_tcp_flags_count(struct ndpi_flow_info* flow, struct ndpi_tcphdr* tcp } /* ****************************************************** */ - -u_int8_t plen2slot(u_int16_t plen) { - /* - Slots [32 bytes lenght] - 0..31, 32..63 ... - */ - - if(plen > PLEN_MAX) - return(PLEN_NUM_BINS-1); - else - return(plen/PLEN_BIN_LEN); -} - -/* ****************************************************** */ /** Function to process the packet: determine the flow of a packet and try to decode it |