aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/include/ndpi_api.h7
-rw-r--r--src/include/ndpi_typedefs.h13
-rw-r--r--src/lib/ndpi_main.c126
-rw-r--r--src/lib/protocols/bittorrent.c3
-rw-r--r--src/lib/protocols/hangout.c2
-rw-r--r--src/lib/protocols/http.c3
-rw-r--r--src/lib/protocols/mining.c2
-rw-r--r--src/lib/protocols/ookla.c3
-rw-r--r--src/lib/protocols/stun.c3
-rw-r--r--src/lib/protocols/tls.c3
10 files changed, 137 insertions, 28 deletions
diff --git a/src/include/ndpi_api.h b/src/include/ndpi_api.h
index 02fd54b79..962f68d87 100644
--- a/src/include/ndpi_api.h
+++ b/src/include/ndpi_api.h
@@ -1005,6 +1005,13 @@ extern "C" {
lru_cache_type cache_type,
struct ndpi_lru_cache_stats *stats);
+ int ndpi_get_lru_cache_size(struct ndpi_detection_module_struct *ndpi_struct,
+ lru_cache_type cache_type,
+ u_int32_t *num_entries);
+ int ndpi_set_lru_cache_size(struct ndpi_detection_module_struct *ndpi_struct,
+ lru_cache_type cache_type,
+ u_int32_t num_entries);
+
int ndpi_set_opportunistic_tls(struct ndpi_detection_module_struct *ndpi_struct,
u_int16_t proto, int value);
int ndpi_get_opportunistic_tls(struct ndpi_detection_module_struct *ndpi_struct,
diff --git a/src/include/ndpi_typedefs.h b/src/include/ndpi_typedefs.h
index c5cd96ade..4c9fbbf4d 100644
--- a/src/include/ndpi_typedefs.h
+++ b/src/include/ndpi_typedefs.h
@@ -1190,29 +1190,36 @@ struct ndpi_detection_module_struct {
u_int8_t ip_version_limit;
- /* NDPI_PROTOCOL_OOKLA */
- struct ndpi_lru_cache *ookla_cache;
-
/* NDPI_PROTOCOL_TINC */
struct cache *tinc_cache;
+ /* NDPI_PROTOCOL_OOKLA */
+ struct ndpi_lru_cache *ookla_cache;
+ u_int32_t ookla_cache_num_entries;
+
/* NDPI_PROTOCOL_BITTORRENT */
struct ndpi_lru_cache *bittorrent_cache;
+ u_int32_t bittorrent_cache_num_entries;
/* NDPI_PROTOCOL_ZOOM */
struct ndpi_lru_cache *zoom_cache;
+ u_int32_t zoom_cache_num_entries;
/* NDPI_PROTOCOL_STUN and subprotocols */
struct ndpi_lru_cache *stun_cache;
+ u_int32_t stun_cache_num_entries;
/* NDPI_PROTOCOL_TLS and subprotocols */
struct ndpi_lru_cache *tls_cert_cache;
+ u_int32_t tls_cert_cache_num_entries;
/* NDPI_PROTOCOL_MINING and subprotocols */
struct ndpi_lru_cache *mining_cache;
+ u_int32_t mining_cache_num_entries;
/* NDPI_PROTOCOL_MSTEAMS */
struct ndpi_lru_cache *msteams_cache;
+ u_int32_t msteams_cache_num_entries;
/* *** If you add a new LRU cache, please update lru_cache_type above! *** */
diff --git a/src/lib/ndpi_main.c b/src/lib/ndpi_main.c
index 173c98258..9d9c806af 100644
--- a/src/lib/ndpi_main.c
+++ b/src/lib/ndpi_main.c
@@ -2779,6 +2779,14 @@ struct ndpi_detection_module_struct *ndpi_init_detection_module(ndpi_init_prefs
return(NULL);
}
+ ndpi_str->ookla_cache_num_entries = 1024;
+ ndpi_str->bittorrent_cache_num_entries = 32768;
+ ndpi_str->zoom_cache_num_entries = 512;
+ ndpi_str->stun_cache_num_entries = 1024;
+ ndpi_str->tls_cert_cache_num_entries = 1024;
+ ndpi_str->mining_cache_num_entries = 1024;
+ ndpi_str->msteams_cache_num_entries = 1024;
+
ndpi_str->opportunistic_tls_smtp_enabled = 1;
ndpi_str->opportunistic_tls_imap_enabled = 1;
ndpi_str->opportunistic_tls_pop_enabled = 1;
@@ -2851,6 +2859,56 @@ void ndpi_finalize_initialization(struct ndpi_detection_module_struct *ndpi_str)
ndpi_add_domain_risk_exceptions(ndpi_str);
+ if(ndpi_str->ookla_cache_num_entries > 0) {
+ ndpi_str->ookla_cache = ndpi_lru_cache_init(ndpi_str->ookla_cache_num_entries);
+ if(!ndpi_str->ookla_cache) {
+ NDPI_LOG_ERR(ndpi_str, "Error allocating lru cache (num_entries %u)\n",
+ ndpi_str->ookla_cache_num_entries);
+ }
+ }
+ if(ndpi_str->bittorrent_cache_num_entries > 0) {
+ ndpi_str->bittorrent_cache = ndpi_lru_cache_init(ndpi_str->bittorrent_cache_num_entries);
+ if(!ndpi_str->bittorrent_cache) {
+ NDPI_LOG_ERR(ndpi_str, "Error allocating lru cache (num_entries %u)\n",
+ ndpi_str->bittorrent_cache_num_entries);
+ }
+ }
+ if(ndpi_str->zoom_cache_num_entries > 0) {
+ ndpi_str->zoom_cache = ndpi_lru_cache_init(ndpi_str->zoom_cache_num_entries);
+ if(!ndpi_str->zoom_cache) {
+ NDPI_LOG_ERR(ndpi_str, "Error allocating lru cache (num_entries %u)\n",
+ ndpi_str->zoom_cache_num_entries);
+ }
+ }
+ if(ndpi_str->stun_cache_num_entries > 0) {
+ ndpi_str->stun_cache = ndpi_lru_cache_init(ndpi_str->stun_cache_num_entries);
+ if(!ndpi_str->stun_cache) {
+ NDPI_LOG_ERR(ndpi_str, "Error allocating lru cache (num_entries %u)\n",
+ ndpi_str->stun_cache_num_entries);
+ }
+ }
+ if(ndpi_str->tls_cert_cache_num_entries > 0) {
+ ndpi_str->tls_cert_cache = ndpi_lru_cache_init(ndpi_str->tls_cert_cache_num_entries);
+ if(!ndpi_str->tls_cert_cache) {
+ NDPI_LOG_ERR(ndpi_str, "Error allocating lru cache (num_entries %u)\n",
+ ndpi_str->tls_cert_cache_num_entries);
+ }
+ }
+ if(ndpi_str->mining_cache_num_entries > 0) {
+ ndpi_str->mining_cache = ndpi_lru_cache_init(ndpi_str->mining_cache_num_entries);
+ if(!ndpi_str->mining_cache) {
+ NDPI_LOG_ERR(ndpi_str, "Error allocating lru cache (num_entries %u)\n",
+ ndpi_str->mining_cache_num_entries);
+ }
+ }
+ if(ndpi_str->msteams_cache_num_entries > 0) {
+ ndpi_str->msteams_cache = ndpi_lru_cache_init(ndpi_str->msteams_cache_num_entries);
+ if(!ndpi_str->msteams_cache) {
+ NDPI_LOG_ERR(ndpi_str, "Error allocating lru cache (num_entries %u)\n",
+ ndpi_str->msteams_cache_num_entries);
+ }
+ }
+
if(ndpi_str->ac_automa_finalized) return;
ndpi_automa * const automa[] = { &ndpi_str->host_automa,
@@ -5625,9 +5683,6 @@ static void ndpi_reconcile_protocols(struct ndpi_detection_module_struct *ndpi_s
if(flow->is_ipv6 == 0 && flow->l4_proto == IPPROTO_TCP) {
// printf("====>> NDPI_PROTOCOL_MSTEAMS\n");
- if(ndpi_str->msteams_cache == NULL)
- ndpi_str->msteams_cache = ndpi_lru_cache_init(1024);
-
if(ndpi_str->msteams_cache)
ndpi_lru_add_to_cache(ndpi_str->msteams_cache,
ntohl(flow->c_address.v4),
@@ -5769,9 +5824,6 @@ static u_int8_t ndpi_search_into_zoom_cache(struct ndpi_detection_module_struct
static void ndpi_add_connection_as_zoom(struct ndpi_detection_module_struct *ndpi_struct,
u_int32_t daddr /* Network byte order */) {
- if(ndpi_struct->zoom_cache == NULL)
- ndpi_struct->zoom_cache = ndpi_lru_cache_init(512);
-
if(ndpi_struct->zoom_cache)
ndpi_lru_add_to_cache(ndpi_struct->zoom_cache, daddr, NDPI_PROTOCOL_ZOOM);
}
@@ -8291,6 +8343,68 @@ int ndpi_get_lru_cache_stats(struct ndpi_detection_module_struct *ndpi_struct,
}
}
+int ndpi_set_lru_cache_size(struct ndpi_detection_module_struct *ndpi_struct,
+ lru_cache_type cache_type,
+ u_int32_t num_entries)
+{
+ switch(cache_type) {
+ case NDPI_LRUCACHE_OOKLA:
+ ndpi_struct->ookla_cache_num_entries = num_entries;
+ return 0;
+ case NDPI_LRUCACHE_BITTORRENT:
+ ndpi_struct->bittorrent_cache_num_entries = num_entries;
+ return 0;
+ case NDPI_LRUCACHE_ZOOM:
+ ndpi_struct->zoom_cache_num_entries = num_entries;
+ return 0;
+ case NDPI_LRUCACHE_STUN:
+ ndpi_struct->stun_cache_num_entries = num_entries;
+ return 0;
+ case NDPI_LRUCACHE_TLS_CERT:
+ ndpi_struct->tls_cert_cache_num_entries = num_entries;
+ return 0;
+ case NDPI_LRUCACHE_MINING:
+ ndpi_struct->mining_cache_num_entries = num_entries;
+ return 0;
+ case NDPI_LRUCACHE_MSTEAMS:
+ ndpi_struct->msteams_cache_num_entries = num_entries;
+ return 0;
+ default:
+ return -1;
+ }
+}
+
+int ndpi_get_lru_cache_size(struct ndpi_detection_module_struct *ndpi_struct,
+ lru_cache_type cache_type,
+ u_int32_t *num_entries)
+{
+ switch(cache_type) {
+ case NDPI_LRUCACHE_OOKLA:
+ *num_entries = ndpi_struct->ookla_cache_num_entries;
+ return 0;
+ case NDPI_LRUCACHE_BITTORRENT:
+ *num_entries = ndpi_struct->bittorrent_cache_num_entries;
+ return 0;
+ case NDPI_LRUCACHE_ZOOM:
+ *num_entries = ndpi_struct->zoom_cache_num_entries;
+ return 0;
+ case NDPI_LRUCACHE_STUN:
+ *num_entries = ndpi_struct->stun_cache_num_entries;
+ return 0;
+ case NDPI_LRUCACHE_TLS_CERT:
+ *num_entries = ndpi_struct->tls_cert_cache_num_entries;
+ return 0;
+ case NDPI_LRUCACHE_MINING:
+ *num_entries = ndpi_struct->mining_cache_num_entries;
+ return 0;
+ case NDPI_LRUCACHE_MSTEAMS:
+ *num_entries = ndpi_struct->msteams_cache_num_entries;
+ return 0;
+ default:
+ return -1;
+ }
+}
+
/* ******************************************************************** */
/*
diff --git a/src/lib/protocols/bittorrent.c b/src/lib/protocols/bittorrent.c
index c28c8bcd4..cac66b6be 100644
--- a/src/lib/protocols/bittorrent.c
+++ b/src/lib/protocols/bittorrent.c
@@ -118,9 +118,6 @@ static void ndpi_add_connection_as_bittorrent(struct ndpi_detection_module_struc
flow->extra_packets_func = search_bittorrent_again;
}
- if(ndpi_struct->bittorrent_cache == NULL)
- ndpi_struct->bittorrent_cache = ndpi_lru_cache_init(32768);
-
if(ndpi_struct->bittorrent_cache && packet->iph) {
u_int32_t key1, key2, i;
diff --git a/src/lib/protocols/hangout.c b/src/lib/protocols/hangout.c
index 7f5414ef0..c8ae84177 100644
--- a/src/lib/protocols/hangout.c
+++ b/src/lib/protocols/hangout.c
@@ -98,8 +98,6 @@ void ndpi_search_hangout(struct ndpi_detection_module_struct *ndpi_struct,
NDPI_LOG_INFO(ndpi_struct, "found Hangout\n");
/* Hangout is over STUN hence the LRU cache is shared */
- if(ndpi_struct->stun_cache == NULL)
- ndpi_struct->stun_cache = ndpi_lru_cache_init(1024);
if(ndpi_struct->stun_cache && packet->iph) {
u_int32_t key = get_stun_lru_key(flow, !matched_src);
diff --git a/src/lib/protocols/http.c b/src/lib/protocols/http.c
index b50967a3c..96e0e309a 100644
--- a/src/lib/protocols/http.c
+++ b/src/lib/protocols/http.c
@@ -1171,9 +1171,6 @@ static void ndpi_check_http_tcp(struct ndpi_detection_module_struct *ndpi_struct
ookla_found:
ndpi_int_http_add_connection(ndpi_struct, flow, NDPI_PROTOCOL_OOKLA, NDPI_PROTOCOL_CATEGORY_WEB);
- if(ndpi_struct->ookla_cache == NULL)
- ndpi_struct->ookla_cache = ndpi_lru_cache_init(1024);
-
if(ndpi_struct->ookla_cache != NULL) {
if(packet->iph != NULL) {
if(packet->tcp->source == htons(8080))
diff --git a/src/lib/protocols/mining.c b/src/lib/protocols/mining.c
index eb5e651d9..6d6e48f02 100644
--- a/src/lib/protocols/mining.c
+++ b/src/lib/protocols/mining.c
@@ -28,8 +28,6 @@
static void cacheMiningHostTwins(struct ndpi_detection_module_struct *ndpi_struct,
u_int32_t host_keys /* network byte order */) {
- if(ndpi_struct->mining_cache == NULL) ndpi_struct->mining_cache = ndpi_lru_cache_init(1024);
-
if(ndpi_struct->mining_cache)
ndpi_lru_add_to_cache(ndpi_struct->mining_cache, host_keys, NDPI_PROTOCOL_MINING);
}
diff --git a/src/lib/protocols/ookla.c b/src/lib/protocols/ookla.c
index 5f4c170bf..a57231c30 100644
--- a/src/lib/protocols/ookla.c
+++ b/src/lib/protocols/ookla.c
@@ -56,9 +56,6 @@ void ndpi_search_ookla(struct ndpi_detection_module_struct* ndpi_struct, struct
&& (packet->payload[2] == 0x0A)) {
ndpi_set_detected_protocol(ndpi_struct, flow, NDPI_PROTOCOL_OOKLA, NDPI_PROTOCOL_UNKNOWN, NDPI_CONFIDENCE_DPI);
- if(ndpi_struct->ookla_cache == NULL)
- ndpi_struct->ookla_cache = ndpi_lru_cache_init(1024);
-
if(ndpi_struct->ookla_cache != NULL) {
/* In order to avoid creating an IPv6 LRU we hash the IPv6 address */
h = ndpi_quick_hash((unsigned char *)&packet->iphv6->ip6_dst, sizeof(packet->iphv6->ip6_dst));
diff --git a/src/lib/protocols/stun.c b/src/lib/protocols/stun.c
index b0826fd4b..a09e898d6 100644
--- a/src/lib/protocols/stun.c
+++ b/src/lib/protocols/stun.c
@@ -58,9 +58,6 @@ static void ndpi_int_stun_add_connection(struct ndpi_detection_module_struct *nd
app_proto = NDPI_PROTOCOL_FACEBOOK_VOIP;
}
- if(ndpi_struct->stun_cache == NULL)
- ndpi_struct->stun_cache = ndpi_lru_cache_init(1024);
-
if(ndpi_struct->stun_cache
&& packet->iph
&& (app_proto != NDPI_PROTOCOL_UNKNOWN)
diff --git a/src/lib/protocols/tls.c b/src/lib/protocols/tls.c
index 3cfe70e3a..8210f51fe 100644
--- a/src/lib/protocols/tls.c
+++ b/src/lib/protocols/tls.c
@@ -695,9 +695,6 @@ static void processCertificateElements(struct ndpi_detection_module_struct *ndpi
flow->category = ndpi_get_proto_category(ndpi_struct, ret);
ndpi_check_subprotocol_risk(ndpi_struct, flow, proto_id);
- if(ndpi_struct->tls_cert_cache == NULL)
- ndpi_struct->tls_cert_cache = ndpi_lru_cache_init(1024);
-
if(ndpi_struct->tls_cert_cache && packet->iph && packet->tcp) {
u_int32_t key = packet->iph->saddr + packet->tcp->source; /* Server */