aboutsummaryrefslogtreecommitdiff
path: root/src/lib/ndpi_main.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/ndpi_main.c')
-rw-r--r--src/lib/ndpi_main.c58
1 files changed, 36 insertions, 22 deletions
diff --git a/src/lib/ndpi_main.c b/src/lib/ndpi_main.c
index 8783ef6cd..b318ce566 100644
--- a/src/lib/ndpi_main.c
+++ b/src/lib/ndpi_main.c
@@ -187,7 +187,7 @@ static void ndpi_tdestroy_recurse(ndpi_node* root, void (*free_action)(void *))
void ndpi_tdestroy(void *vrootp, void (*freefct)(void *))
{
ndpi_node *root = (ndpi_node *) vrootp;
-
+
if(root != NULL)
ndpi_tdestroy_recurse(root, freefct);
}
@@ -338,7 +338,7 @@ void ndpi_flow_free(void *ptr) { if(_ndpi_flow_free) _ndpi_flow_free(ptr); else
void * ndpi_realloc(void *ptr, size_t old_size, size_t new_size)
{
void *ret = ndpi_malloc(new_size);
-
+
if(!ret)
return(ret);
else {
@@ -477,9 +477,9 @@ static int ndpi_default_ports_tree_node_t_cmp(const void *a, const void *b)
{
ndpi_default_ports_tree_node_t *fa = (ndpi_default_ports_tree_node_t*)a;
ndpi_default_ports_tree_node_t *fb = (ndpi_default_ports_tree_node_t*)b;
-
+
//printf("[NDPI] %s(%d, %d)\n", __FUNCTION__, fa->default_port, fb->default_port);
-
+
return((fa->default_port == fb->default_port) ? 0 : ((fa->default_port < fb->default_port) ? -1 : 1));
}
@@ -488,7 +488,7 @@ static int ndpi_default_ports_tree_node_t_cmp(const void *a, const void *b)
void ndpi_default_ports_tree_node_t_walker(const void *node, const ndpi_VISIT which, const int depth)
{
ndpi_default_ports_tree_node_t *f = *(ndpi_default_ports_tree_node_t **)node;
-
+
printf("<%d>Walk on node %s (%u)\n",
depth,
@@ -902,7 +902,7 @@ static void ndpi_init_protocol_defaults(struct ndpi_detection_module_struct *ndp
ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_BITTORRENT,
no_master,
no_master, "BitTorrent", NDPI_PROTOCOL_CATEGORY_P2P,
- ndpi_build_default_ports(ports_a, 51413, 0, 0, 0, 0) /* TCP */,
+ ndpi_build_default_ports(ports_a, 51413, 53646, 0, 0, 0) /* TCP */,
ndpi_build_default_ports(ports_b, 6771, 51413, 0, 0, 0) /* UDP */);
ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_TEREDO,
no_master,
@@ -1016,7 +1016,7 @@ static void ndpi_init_protocol_defaults(struct ndpi_detection_module_struct *ndp
ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */);
ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_HTTP_DOWNLOAD,
no_master,
- no_master, "HTTPDownload", NDPI_PROTOCOL_CATEGORY_FILE_TRANSFER,
+ no_master, "HTTP_Download", NDPI_PROTOCOL_CATEGORY_FILE_TRANSFER,
ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */,
ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */);
ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_QQLIVE,
@@ -1606,12 +1606,23 @@ static void ndpi_init_protocol_defaults(struct ndpi_detection_module_struct *ndp
no_master, "SMPP", NDPI_PROTOCOL_CATEGORY_P2P,
ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0), /* TCP */
ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0)); /* UDP */
-
- /* To be removed as soon as we define new protocols */
- ndpi_init_placeholder_proto(ndpi_mod, ports_a, ports_b, no_master, NDPI_PROTOCOL_FREE_191);
- ndpi_init_placeholder_proto(ndpi_mod, ports_a, ports_b, no_master, NDPI_PROTOCOL_FREE_192);
- ndpi_init_placeholder_proto(ndpi_mod, ports_a, ports_b, no_master, NDPI_PROTOCOL_FREE_197);
- ndpi_init_placeholder_proto(ndpi_mod, ports_a, ports_b, no_master, NDPI_PROTOCOL_FREE_208);
+ ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_OOKLA,
+ no_master,
+ no_master, "Ookla", NDPI_PROTOCOL_CATEGORY_NETWORK_TOOL,
+ ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0), /* TCP */
+ ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0)); /* UDP */
+ ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_AMQP,
+ no_master,
+ no_master, "AMQP", NDPI_PROTOCOL_CATEGORY_RPC,
+ ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0), /* TCP */
+ ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0)); /* UDP */
+ ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DNSCRYPT,
+ no_master,
+ no_master, "DNScrypt", NDPI_PROTOCOL_CATEGORY_NETWORK,
+ ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0), /* TCP */
+ ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0)); /* UDP */
+
+/* To be removed as soon as we define new protocols */
ndpi_init_placeholder_proto(ndpi_mod, ports_a, ports_b, no_master, NDPI_PROTOCOL_FREE_209);
ndpi_init_placeholder_proto(ndpi_mod, ports_a, ports_b, no_master, NDPI_PROTOCOL_FREE_217);
ndpi_init_placeholder_proto(ndpi_mod, ports_a, ports_b, no_master, NDPI_PROTOCOL_FREE_224);
@@ -2706,6 +2717,9 @@ void ndpi_set_protocol_detection_bitmask2(struct ndpi_detection_module_struct *n
/* BITTORRENT */
init_bittorrent_dissector(ndpi_struct, &a, detection_bitmask);
+ /* AMQP */
+ init_amqp_dissector(ndpi_struct, &a, detection_bitmask);
+
/* ----------------------------------------------------------------- */
@@ -3293,8 +3307,8 @@ void check_ndpi_tcp_flow_func(struct ndpi_detection_module_struct *ndpi_struct,
&& NDPI_BITMASK_COMPARE(ndpi_struct->callback_buffer_tcp_payload[a].detection_bitmask,
detection_bitmask) != 0) {
ndpi_struct->callback_buffer_tcp_payload[a].func(ndpi_struct, flow);
-
-
+
+
if(flow->detected_protocol_stack[0] != NDPI_PROTOCOL_UNKNOWN)
break; /* Stop after detecting the first protocol */
}
@@ -3359,7 +3373,7 @@ ndpi_protocol ndpi_detection_giveup(struct ndpi_detection_module_struct *ndpi_st
if(flow->protos.ssl.client_certificate[0] != '\0') {
ndpi_set_detected_protocol(ndpi_struct, flow, NDPI_PROTOCOL_SSL, NDPI_PROTOCOL_UNKNOWN);
- } else {
+ } else {
if((flow->guessed_protocol_id == NDPI_PROTOCOL_UNKNOWN)
&& (flow->packet.l4_protocol == IPPROTO_TCP)
&& (flow->l4.tcp.ssl_stage > 1))
@@ -3497,9 +3511,9 @@ ndpi_protocol ndpi_detection_process_packet(struct ndpi_detection_module_struct
/* guess protocol */
flow->guessed_protocol_id = (int16_t) ndpi_guess_protocol_id(ndpi_struct, protocol, sport, dport, &user_defined_proto);
-
+
if(user_defined_proto && flow->guessed_protocol_id != NDPI_PROTOCOL_UNKNOWN) {
-
+
if(flow->packet.iph) {
/* guess host protocol */
flow->guessed_host_protocol_id = ndpi_network_ptree_match(ndpi_struct, (struct in_addr *)&flow->packet.iph->saddr);
@@ -3508,7 +3522,7 @@ ndpi_protocol ndpi_detection_process_packet(struct ndpi_detection_module_struct
if(flow->guessed_host_protocol_id != NDPI_PROTOCOL_UNKNOWN)
/* ret.master_protocol = flow->guessed_protocol_id , ret.app_protocol = flow->guessed_host_protocol_id; /\* ****** *\/ */
ret = ndpi_detection_giveup(ndpi_struct, flow);
-
+
return(ret);
}
} else {
@@ -3520,7 +3534,7 @@ ndpi_protocol ndpi_detection_process_packet(struct ndpi_detection_module_struct
}
}
}
-
+
check_ndpi_flow_func(ndpi_struct, flow, &ndpi_selection_packet);
a = flow->packet.detected_protocol_stack[0];
@@ -4123,7 +4137,7 @@ void ndpi_int_change_protocol(struct ndpi_detection_module_struct *ndpi_struct,
/* flow->packet.detected_protocol_stack[0] = flow->guessed_host_protocol_id; */
/* /\* master proto for packet *\/ */
/* flow->packet.detected_protocol_stack[1] = flow->guessed_protocol_id; */
-
+
/* } */
/* } */
@@ -4358,7 +4372,7 @@ ndpi_protocol ndpi_guess_undetected_protocol(struct ndpi_detection_module_struct
if(rc != NDPI_PROTOCOL_UNKNOWN) {
ret.app_protocol = rc,
ret.master_protocol = ndpi_guess_protocol_id(ndpi_struct, proto, sport, dport, &user_defined_proto);
-
+
if(ret.app_protocol == ret.master_protocol)
ret.master_protocol = NDPI_PROTOCOL_UNKNOWN;
Powered by cgit, Themed by Ted Yin.