aboutsummaryrefslogtreecommitdiff
path: root/src/lib
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib')
-rw-r--r--src/lib/ndpi_main.c1
-rw-r--r--src/lib/ndpi_utils.c5
-rw-r--r--src/lib/protocols/dns.c4
3 files changed, 7 insertions, 3 deletions
diff --git a/src/lib/ndpi_main.c b/src/lib/ndpi_main.c
index 09bfe7be3..a6d32a6ff 100644
--- a/src/lib/ndpi_main.c
+++ b/src/lib/ndpi_main.c
@@ -167,6 +167,7 @@ static ndpi_risk_info ndpi_known_risks[] = {
{ NDPI_UNIDIRECTIONAL_TRAFFIC, NDPI_RISK_LOW, CLIENT_FAIR_RISK_PERCENTAGE, NDPI_CLIENT_ACCOUNTABLE },
{ NDPI_HTTP_OBSOLETE_SERVER, NDPI_RISK_MEDIUM, CLIENT_LOW_RISK_PERCENTAGE, NDPI_SERVER_ACCOUNTABLE },
{ NDPI_PERIODIC_FLOW, NDPI_RISK_LOW, CLIENT_LOW_RISK_PERCENTAGE, NDPI_CLIENT_ACCOUNTABLE },
+ { NDPI_MINOR_ISSUES, NDPI_RISK_LOW, CLIENT_LOW_RISK_PERCENTAGE, NDPI_BOTH_ACCOUNTABLE },
/* Leave this as last member */
{ NDPI_MAX_RISK, NDPI_RISK_LOW, CLIENT_FAIR_RISK_PERCENTAGE, NDPI_NO_ACCOUNTABILITY }
diff --git a/src/lib/ndpi_utils.c b/src/lib/ndpi_utils.c
index e42e7d004..ace49cab7 100644
--- a/src/lib/ndpi_utils.c
+++ b/src/lib/ndpi_utils.c
@@ -2005,7 +2005,7 @@ const char* ndpi_risk2str(ndpi_risk_enum risk) {
case NDPI_DNS_LARGE_PACKET:
return("Large DNS Packet (512+ bytes)");
-
+
case NDPI_DNS_FRAGMENTED:
return("Fragmented DNS Message");
@@ -2047,6 +2047,9 @@ const char* ndpi_risk2str(ndpi_risk_enum risk) {
case NDPI_PERIODIC_FLOW:
return("Periodic Flow");
break;
+
+ case NDPI_MINOR_ISSUES:
+ return("Minor Issues");
default:
ndpi_snprintf(buf, sizeof(buf), "%d", (int)risk);
diff --git a/src/lib/protocols/dns.c b/src/lib/protocols/dns.c
index 7df825f8b..48da46e39 100644
--- a/src/lib/protocols/dns.c
+++ b/src/lib/protocols/dns.c
@@ -412,8 +412,8 @@ static int search_valid_dns(struct ndpi_detection_module_struct *ndpi_struct,
rsp_ttl = ntohl(*((u_int32_t*)&packet->payload[x+2]));
if(rsp_ttl == 0)
- ndpi_set_risk(ndpi_struct, flow, NDPI_DNS_SUSPICIOUS_TRAFFIC, "DNS Record with zero TTL");
-
+ ndpi_set_risk(ndpi_struct, flow, NDPI_MINOR_ISSUES, "DNS Record with zero TTL");
+
#ifdef DNS_DEBUG
printf("[DNS] TTL = %u\n", rsp_ttl);
printf("[DNS] [response] response_type=%d\n", rsp_type);
Powered by cgit, Themed by Ted Yin.