diff options
Diffstat (limited to 'src/lib/protocols/ntp.c')
| -rw-r--r-- | src/lib/protocols/ntp.c | 32 |
1 files changed, 12 insertions, 20 deletions
diff --git a/src/lib/protocols/ntp.c b/src/lib/protocols/ntp.c index 8e08b391a..95ef7dddd 100644 --- a/src/lib/protocols/ntp.c +++ b/src/lib/protocols/ntp.c @@ -2,7 +2,7 @@ * ntp.c * * Copyright (C) 2009-11 - ipoque GmbH - * Copyright (C) 2011-22 - ntop.org + * Copyright (C) 2011-25 - ntop.org * * This file is part of nDPI, an open source deep packet inspection * library based on the OpenDPI and PACE technology by ipoque GmbH @@ -44,15 +44,11 @@ static void ndpi_search_ntp_udp(struct ndpi_detection_module_struct *ndpi_struct if (packet->udp->dest == htons(123) || packet->udp->source == htons(123)) { NDPI_LOG_DBG2(ndpi_struct, "NTP port and length detected\n"); - - if ((((packet->payload[0] & 0x38) >> 3) <= 4)) { - - // 38 in binary representation is 00111000 - flow->protos.ntp.version = (packet->payload[0] & 0x38) >> 3; - - if (packet->payload_packet_len > 3 && flow->protos.ntp.version == 2) { - flow->protos.ntp.request_code = packet->payload[3]; - } + uint8_t version = (packet->payload[0] & 56) >> 3; + + if (version <= 4) { + flow->protos.ntp.version = version; + flow->protos.ntp.mode = packet->payload[0] & 7; NDPI_LOG_INFO(ndpi_struct, "found NTP\n"); ndpi_int_ntp_add_connection(ndpi_struct, flow); @@ -60,19 +56,15 @@ static void ndpi_search_ntp_udp(struct ndpi_detection_module_struct *ndpi_struct } } - NDPI_EXCLUDE_PROTO(ndpi_struct, flow); + NDPI_EXCLUDE_DISSECTOR(ndpi_struct, flow); } -void init_ntp_dissector(struct ndpi_detection_module_struct *ndpi_struct, u_int32_t *id) +void init_ntp_dissector(struct ndpi_detection_module_struct *ndpi_struct) { - ndpi_set_bitmask_protocol_detection("NTP", ndpi_struct, *id, - NDPI_PROTOCOL_NTP, - ndpi_search_ntp_udp, - NDPI_SELECTION_BITMASK_PROTOCOL_V4_V6_UDP_WITH_PAYLOAD, - SAVE_DETECTION_BITMASK_AS_UNKNOWN, - ADD_TO_DETECTION_BITMASK); - - *id += 1; + register_dissector("NTP", ndpi_struct, + ndpi_search_ntp_udp, + NDPI_SELECTION_BITMASK_PROTOCOL_V4_V6_UDP_WITH_PAYLOAD, + 1, NDPI_PROTOCOL_NTP); } |