1 files changed, 103 insertions, 11 deletions

diff --git a/src/include/ndpi_api.h b/src/include/ndpi_api.h
index a07c96e63..737e29cb9 100644
--- a/src/include/ndpi_api.h
+++ b/src/include/ndpi_api.h
@@ -115,22 +115,14 @@ extern "C" {
    *
    */  
   void ndpi_init_protocol_match(struct ndpi_detection_module_struct *ndpi_mod, ndpi_protocol_match *match);
-
   
   /**
    * Returns a new initialized detection module
    *
-   * @par     ticks_per_second    = the timestamp resolution per second (like 1000 for millisecond resolution)
-   * @par     __ndpi_malloc       = function pointer to a nDPI memory allocator
-   * @par     ndpi_debug_printf   = function pointer to a nDPI debug output function (use NULL in productive envionments)
    * @return  the initialized detection module
    *
    */
-  struct ndpi_detection_module_struct *ndpi_init_detection_module(u_int32_t ticks_per_second,
-								  void* (*__ndpi_malloc)(size_t size),
-								  void  (*__ndpi_free)(void *ptr),
-								  ndpi_debug_function_ptr ndpi_debug_printf);
-
+  struct ndpi_detection_module_struct *ndpi_init_detection_module();
   
   /**
    * Frees the memory allocated in the specified flow
@@ -157,10 +149,9 @@ extern "C" {
    * Destroys the detection module
    *
    * @par ndpi_struct  = the struct to clearing for the detection module
-   * @par ndpi_free    = function pointer to a nDPI memory free function
    *
    */
-  void ndpi_exit_detection_module(struct ndpi_detection_module_struct *ndpi_struct, void (*ndpi_free) (void *ptr));
+  void ndpi_exit_detection_module(struct ndpi_detection_module_struct *ndpi_struct);
 
 
   /**
@@ -233,6 +224,52 @@ extern "C" {
 					      struct ndpi_id_struct *src,
 					      struct ndpi_id_struct *dst);
 
+
+  /**
+   * Processes one packet of L4 and returns the ID of the detected protocol.
+   * L3 and L4 packet headers are passed in the arguments while payload
+   * points to the L4 body.
+   * This function mimics ndpi_detection_process_packet behaviour.
+   *
+   * @par    ndpi_struct           = the detection module
+   * @par    flow                  = pointer to the connection state machine
+   * @par    iph                   = IP packet header for IPv4 or NULL
+   * @par    iph6                  = IP packet header for IPv6 or NULL
+   * @par    tcp                   = TCP packet header for TCP or NULL
+   * @par    udp                   = UDP packet header for UDP or NULL
+   * @par    src_to_dst_direction  = order of src/dst state machines in a flow.
+   * @par    l4_proto              = L4 protocol of the packet.
+   * @par    src                   = pointer to the source subscriber state machine
+   * @par    dst                   = pointer to the destination subscriber state machine
+   * @par    sport                 = source port of L4 packet, used for protocol guessing.
+   * @par    dport                 = destination port of L4 packet, used for protocol guessing.
+   * @par    current_tick_l        = the current timestamp for the packet
+   * @par    payload               = unsigned char pointer to the Layer 4 (TCP/UDP body)
+   * @par    payload_len           = the length of the payload
+   * @return the detected ID of the protocol
+   *
+   * NOTE: in a current implementation flow->src and flow->dst are swapped with
+   * the src_to_dst_direction flag while ndpi_detection_process_packet does not swap
+   * these values.
+   *
+   */
+
+ndpi_protocol ndpi_l4_detection_process_packet(struct ndpi_detection_module_struct *ndpi_struct,
+					       struct ndpi_flow_struct *flow,
+					       const struct ndpi_iphdr *iph,
+					       struct ndpi_ipv6hdr *iph6,
+					       struct ndpi_tcphdr *tcp,
+					       struct ndpi_udphdr *udp,
+					       u_int8_t src_to_dst_direction,
+					       u_int8_t l4_proto,
+					       struct ndpi_id_struct *src,
+					       u_int16_t sport,
+					       struct ndpi_id_struct *dst,
+					       u_int16_t dport,
+					       const u_int64_t current_tick_l,
+					       u_int8_t *payload, u_int16_t payload_len);
+
+
   
   /**
    * Get the main protocol of the passed flows for the detected module
@@ -544,6 +581,61 @@ extern "C" {
 		      struct ndpi_flow_struct *flow, char *certificate);
 #endif
 
+  /* Wrappers functions */
+  /**
+   * Init Aho-Corasick automata
+   *
+   * @return  The requested automata, or NULL if an error occurred
+   * 
+   */
+  void* ndpi_init_automa();
+
+
+  /**
+   * Free Aho-Corasick automata allocated with ndpi_init_automa();
+   *
+   * @par     The automata initialized with ndpi_init_automa();
+   * 
+   */
+  void ndpi_free_automa(void *_automa);
+
+
+  /**
+   * Add a string to match to an automata
+   *
+   * @par     The automata initialized with ndpi_init_automa();
+   * @par     The (sub)string to search
+   * @return  0 in case of no error, or -1 if an error occurred.
+   * 
+   */
+  int ndpi_add_string_to_automa(void *_automa, char *str);
+
+
+  /**
+   * Finalize the automa (necessary before start searching)
+   *
+   * @par     The automata initialized with ndpi_init_automa();
+   * 
+   */
+  void ndpi_finalize_automa(void *_automa);
+
+
+  /**
+   * Add a string to match to an automata
+   *
+   * @par     The automata initialized with ndpi_init_automa();
+   * @par     The (sub)string to search
+   * @return  0 in case of match, or -1 if no match, or -2 if an error occurred.
+   * 
+   */
+  int ndpi_match_string(void *_automa, char *string_to_match);
+
+
+  /* Utility functions to set ndpi malloc/free/print wrappers */
+  void set_ndpi_malloc(void* (*__ndpi_malloc)(size_t size));
+  void set_ndpi_free(void  (*__ndpi_free)(void *ptr));
+  void set_ndpi_debug_function(ndpi_debug_function_ptr ndpi_debug_printf);
+
 #ifdef __cplusplus
 }
 #endif