diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/include/ndpi_api.h | 7 | ||||
| -rw-r--r-- | src/include/ndpi_typedefs.h | 13 | ||||
| -rw-r--r-- | src/lib/ndpi_main.c | 126 | ||||
| -rw-r--r-- | src/lib/protocols/bittorrent.c | 3 | ||||
| -rw-r--r-- | src/lib/protocols/hangout.c | 2 | ||||
| -rw-r--r-- | src/lib/protocols/http.c | 3 | ||||
| -rw-r--r-- | src/lib/protocols/mining.c | 2 | ||||
| -rw-r--r-- | src/lib/protocols/ookla.c | 3 | ||||
| -rw-r--r-- | src/lib/protocols/stun.c | 3 | ||||
| -rw-r--r-- | src/lib/protocols/tls.c | 3 |
10 files changed, 137 insertions, 28 deletions
diff --git a/src/include/ndpi_api.h b/src/include/ndpi_api.h index 02fd54b79..962f68d87 100644 --- a/src/include/ndpi_api.h +++ b/src/include/ndpi_api.h @@ -1005,6 +1005,13 @@ extern "C" { lru_cache_type cache_type, struct ndpi_lru_cache_stats *stats); + int ndpi_get_lru_cache_size(struct ndpi_detection_module_struct *ndpi_struct, + lru_cache_type cache_type, + u_int32_t *num_entries); + int ndpi_set_lru_cache_size(struct ndpi_detection_module_struct *ndpi_struct, + lru_cache_type cache_type, + u_int32_t num_entries); + int ndpi_set_opportunistic_tls(struct ndpi_detection_module_struct *ndpi_struct, u_int16_t proto, int value); int ndpi_get_opportunistic_tls(struct ndpi_detection_module_struct *ndpi_struct, diff --git a/src/include/ndpi_typedefs.h b/src/include/ndpi_typedefs.h index c5cd96ade..4c9fbbf4d 100644 --- a/src/include/ndpi_typedefs.h +++ b/src/include/ndpi_typedefs.h @@ -1190,29 +1190,36 @@ struct ndpi_detection_module_struct { u_int8_t ip_version_limit; - /* NDPI_PROTOCOL_OOKLA */ - struct ndpi_lru_cache *ookla_cache; - /* NDPI_PROTOCOL_TINC */ struct cache *tinc_cache; + /* NDPI_PROTOCOL_OOKLA */ + struct ndpi_lru_cache *ookla_cache; + u_int32_t ookla_cache_num_entries; + /* NDPI_PROTOCOL_BITTORRENT */ struct ndpi_lru_cache *bittorrent_cache; + u_int32_t bittorrent_cache_num_entries; /* NDPI_PROTOCOL_ZOOM */ struct ndpi_lru_cache *zoom_cache; + u_int32_t zoom_cache_num_entries; /* NDPI_PROTOCOL_STUN and subprotocols */ struct ndpi_lru_cache *stun_cache; + u_int32_t stun_cache_num_entries; /* NDPI_PROTOCOL_TLS and subprotocols */ struct ndpi_lru_cache *tls_cert_cache; + u_int32_t tls_cert_cache_num_entries; /* NDPI_PROTOCOL_MINING and subprotocols */ struct ndpi_lru_cache *mining_cache; + u_int32_t mining_cache_num_entries; /* NDPI_PROTOCOL_MSTEAMS */ struct ndpi_lru_cache *msteams_cache; + u_int32_t msteams_cache_num_entries; /* *** If you add a new LRU cache, please update lru_cache_type above! *** */ diff --git a/src/lib/ndpi_main.c b/src/lib/ndpi_main.c index 173c98258..9d9c806af 100644 --- a/src/lib/ndpi_main.c +++ b/src/lib/ndpi_main.c @@ -2779,6 +2779,14 @@ struct ndpi_detection_module_struct *ndpi_init_detection_module(ndpi_init_prefs return(NULL); } + ndpi_str->ookla_cache_num_entries = 1024; + ndpi_str->bittorrent_cache_num_entries = 32768; + ndpi_str->zoom_cache_num_entries = 512; + ndpi_str->stun_cache_num_entries = 1024; + ndpi_str->tls_cert_cache_num_entries = 1024; + ndpi_str->mining_cache_num_entries = 1024; + ndpi_str->msteams_cache_num_entries = 1024; + ndpi_str->opportunistic_tls_smtp_enabled = 1; ndpi_str->opportunistic_tls_imap_enabled = 1; ndpi_str->opportunistic_tls_pop_enabled = 1; @@ -2851,6 +2859,56 @@ void ndpi_finalize_initialization(struct ndpi_detection_module_struct *ndpi_str) ndpi_add_domain_risk_exceptions(ndpi_str); + if(ndpi_str->ookla_cache_num_entries > 0) { + ndpi_str->ookla_cache = ndpi_lru_cache_init(ndpi_str->ookla_cache_num_entries); + if(!ndpi_str->ookla_cache) { + NDPI_LOG_ERR(ndpi_str, "Error allocating lru cache (num_entries %u)\n", + ndpi_str->ookla_cache_num_entries); + } + } + if(ndpi_str->bittorrent_cache_num_entries > 0) { + ndpi_str->bittorrent_cache = ndpi_lru_cache_init(ndpi_str->bittorrent_cache_num_entries); + if(!ndpi_str->bittorrent_cache) { + NDPI_LOG_ERR(ndpi_str, "Error allocating lru cache (num_entries %u)\n", + ndpi_str->bittorrent_cache_num_entries); + } + } + if(ndpi_str->zoom_cache_num_entries > 0) { + ndpi_str->zoom_cache = ndpi_lru_cache_init(ndpi_str->zoom_cache_num_entries); + if(!ndpi_str->zoom_cache) { + NDPI_LOG_ERR(ndpi_str, "Error allocating lru cache (num_entries %u)\n", + ndpi_str->zoom_cache_num_entries); + } + } + if(ndpi_str->stun_cache_num_entries > 0) { + ndpi_str->stun_cache = ndpi_lru_cache_init(ndpi_str->stun_cache_num_entries); + if(!ndpi_str->stun_cache) { + NDPI_LOG_ERR(ndpi_str, "Error allocating lru cache (num_entries %u)\n", + ndpi_str->stun_cache_num_entries); + } + } + if(ndpi_str->tls_cert_cache_num_entries > 0) { + ndpi_str->tls_cert_cache = ndpi_lru_cache_init(ndpi_str->tls_cert_cache_num_entries); + if(!ndpi_str->tls_cert_cache) { + NDPI_LOG_ERR(ndpi_str, "Error allocating lru cache (num_entries %u)\n", + ndpi_str->tls_cert_cache_num_entries); + } + } + if(ndpi_str->mining_cache_num_entries > 0) { + ndpi_str->mining_cache = ndpi_lru_cache_init(ndpi_str->mining_cache_num_entries); + if(!ndpi_str->mining_cache) { + NDPI_LOG_ERR(ndpi_str, "Error allocating lru cache (num_entries %u)\n", + ndpi_str->mining_cache_num_entries); + } + } + if(ndpi_str->msteams_cache_num_entries > 0) { + ndpi_str->msteams_cache = ndpi_lru_cache_init(ndpi_str->msteams_cache_num_entries); + if(!ndpi_str->msteams_cache) { + NDPI_LOG_ERR(ndpi_str, "Error allocating lru cache (num_entries %u)\n", + ndpi_str->msteams_cache_num_entries); + } + } + if(ndpi_str->ac_automa_finalized) return; ndpi_automa * const automa[] = { &ndpi_str->host_automa, @@ -5625,9 +5683,6 @@ static void ndpi_reconcile_protocols(struct ndpi_detection_module_struct *ndpi_s if(flow->is_ipv6 == 0 && flow->l4_proto == IPPROTO_TCP) { // printf("====>> NDPI_PROTOCOL_MSTEAMS\n"); - if(ndpi_str->msteams_cache == NULL) - ndpi_str->msteams_cache = ndpi_lru_cache_init(1024); - if(ndpi_str->msteams_cache) ndpi_lru_add_to_cache(ndpi_str->msteams_cache, ntohl(flow->c_address.v4), @@ -5769,9 +5824,6 @@ static u_int8_t ndpi_search_into_zoom_cache(struct ndpi_detection_module_struct static void ndpi_add_connection_as_zoom(struct ndpi_detection_module_struct *ndpi_struct, u_int32_t daddr /* Network byte order */) { - if(ndpi_struct->zoom_cache == NULL) - ndpi_struct->zoom_cache = ndpi_lru_cache_init(512); - if(ndpi_struct->zoom_cache) ndpi_lru_add_to_cache(ndpi_struct->zoom_cache, daddr, NDPI_PROTOCOL_ZOOM); } @@ -8291,6 +8343,68 @@ int ndpi_get_lru_cache_stats(struct ndpi_detection_module_struct *ndpi_struct, } } +int ndpi_set_lru_cache_size(struct ndpi_detection_module_struct *ndpi_struct, + lru_cache_type cache_type, + u_int32_t num_entries) +{ + switch(cache_type) { + case NDPI_LRUCACHE_OOKLA: + ndpi_struct->ookla_cache_num_entries = num_entries; + return 0; + case NDPI_LRUCACHE_BITTORRENT: + ndpi_struct->bittorrent_cache_num_entries = num_entries; + return 0; + case NDPI_LRUCACHE_ZOOM: + ndpi_struct->zoom_cache_num_entries = num_entries; + return 0; + case NDPI_LRUCACHE_STUN: + ndpi_struct->stun_cache_num_entries = num_entries; + return 0; + case NDPI_LRUCACHE_TLS_CERT: + ndpi_struct->tls_cert_cache_num_entries = num_entries; + return 0; + case NDPI_LRUCACHE_MINING: + ndpi_struct->mining_cache_num_entries = num_entries; + return 0; + case NDPI_LRUCACHE_MSTEAMS: + ndpi_struct->msteams_cache_num_entries = num_entries; + return 0; + default: + return -1; + } +} + +int ndpi_get_lru_cache_size(struct ndpi_detection_module_struct *ndpi_struct, + lru_cache_type cache_type, + u_int32_t *num_entries) +{ + switch(cache_type) { + case NDPI_LRUCACHE_OOKLA: + *num_entries = ndpi_struct->ookla_cache_num_entries; + return 0; + case NDPI_LRUCACHE_BITTORRENT: + *num_entries = ndpi_struct->bittorrent_cache_num_entries; + return 0; + case NDPI_LRUCACHE_ZOOM: + *num_entries = ndpi_struct->zoom_cache_num_entries; + return 0; + case NDPI_LRUCACHE_STUN: + *num_entries = ndpi_struct->stun_cache_num_entries; + return 0; + case NDPI_LRUCACHE_TLS_CERT: + *num_entries = ndpi_struct->tls_cert_cache_num_entries; + return 0; + case NDPI_LRUCACHE_MINING: + *num_entries = ndpi_struct->mining_cache_num_entries; + return 0; + case NDPI_LRUCACHE_MSTEAMS: + *num_entries = ndpi_struct->msteams_cache_num_entries; + return 0; + default: + return -1; + } +} + /* ******************************************************************** */ /* diff --git a/src/lib/protocols/bittorrent.c b/src/lib/protocols/bittorrent.c index c28c8bcd4..cac66b6be 100644 --- a/src/lib/protocols/bittorrent.c +++ b/src/lib/protocols/bittorrent.c @@ -118,9 +118,6 @@ static void ndpi_add_connection_as_bittorrent(struct ndpi_detection_module_struc flow->extra_packets_func = search_bittorrent_again; } - if(ndpi_struct->bittorrent_cache == NULL) - ndpi_struct->bittorrent_cache = ndpi_lru_cache_init(32768); - if(ndpi_struct->bittorrent_cache && packet->iph) { u_int32_t key1, key2, i; diff --git a/src/lib/protocols/hangout.c b/src/lib/protocols/hangout.c index 7f5414ef0..c8ae84177 100644 --- a/src/lib/protocols/hangout.c +++ b/src/lib/protocols/hangout.c @@ -98,8 +98,6 @@ void ndpi_search_hangout(struct ndpi_detection_module_struct *ndpi_struct, NDPI_LOG_INFO(ndpi_struct, "found Hangout\n"); /* Hangout is over STUN hence the LRU cache is shared */ - if(ndpi_struct->stun_cache == NULL) - ndpi_struct->stun_cache = ndpi_lru_cache_init(1024); if(ndpi_struct->stun_cache && packet->iph) { u_int32_t key = get_stun_lru_key(flow, !matched_src); diff --git a/src/lib/protocols/http.c b/src/lib/protocols/http.c index b50967a3c..96e0e309a 100644 --- a/src/lib/protocols/http.c +++ b/src/lib/protocols/http.c @@ -1171,9 +1171,6 @@ static void ndpi_check_http_tcp(struct ndpi_detection_module_struct *ndpi_struct ookla_found: ndpi_int_http_add_connection(ndpi_struct, flow, NDPI_PROTOCOL_OOKLA, NDPI_PROTOCOL_CATEGORY_WEB); - if(ndpi_struct->ookla_cache == NULL) - ndpi_struct->ookla_cache = ndpi_lru_cache_init(1024); - if(ndpi_struct->ookla_cache != NULL) { if(packet->iph != NULL) { if(packet->tcp->source == htons(8080)) diff --git a/src/lib/protocols/mining.c b/src/lib/protocols/mining.c index eb5e651d9..6d6e48f02 100644 --- a/src/lib/protocols/mining.c +++ b/src/lib/protocols/mining.c @@ -28,8 +28,6 @@ static void cacheMiningHostTwins(struct ndpi_detection_module_struct *ndpi_struct, u_int32_t host_keys /* network byte order */) { - if(ndpi_struct->mining_cache == NULL) ndpi_struct->mining_cache = ndpi_lru_cache_init(1024); - if(ndpi_struct->mining_cache) ndpi_lru_add_to_cache(ndpi_struct->mining_cache, host_keys, NDPI_PROTOCOL_MINING); } diff --git a/src/lib/protocols/ookla.c b/src/lib/protocols/ookla.c index 5f4c170bf..a57231c30 100644 --- a/src/lib/protocols/ookla.c +++ b/src/lib/protocols/ookla.c @@ -56,9 +56,6 @@ void ndpi_search_ookla(struct ndpi_detection_module_struct* ndpi_struct, struct && (packet->payload[2] == 0x0A)) { ndpi_set_detected_protocol(ndpi_struct, flow, NDPI_PROTOCOL_OOKLA, NDPI_PROTOCOL_UNKNOWN, NDPI_CONFIDENCE_DPI); - if(ndpi_struct->ookla_cache == NULL) - ndpi_struct->ookla_cache = ndpi_lru_cache_init(1024); - if(ndpi_struct->ookla_cache != NULL) { /* In order to avoid creating an IPv6 LRU we hash the IPv6 address */ h = ndpi_quick_hash((unsigned char *)&packet->iphv6->ip6_dst, sizeof(packet->iphv6->ip6_dst)); diff --git a/src/lib/protocols/stun.c b/src/lib/protocols/stun.c index b0826fd4b..a09e898d6 100644 --- a/src/lib/protocols/stun.c +++ b/src/lib/protocols/stun.c @@ -58,9 +58,6 @@ static void ndpi_int_stun_add_connection(struct ndpi_detection_module_struct *nd app_proto = NDPI_PROTOCOL_FACEBOOK_VOIP; } - if(ndpi_struct->stun_cache == NULL) - ndpi_struct->stun_cache = ndpi_lru_cache_init(1024); - if(ndpi_struct->stun_cache && packet->iph && (app_proto != NDPI_PROTOCOL_UNKNOWN) diff --git a/src/lib/protocols/tls.c b/src/lib/protocols/tls.c index 3cfe70e3a..8210f51fe 100644 --- a/src/lib/protocols/tls.c +++ b/src/lib/protocols/tls.c @@ -695,9 +695,6 @@ static void processCertificateElements(struct ndpi_detection_module_struct *ndpi flow->category = ndpi_get_proto_category(ndpi_struct, ret); ndpi_check_subprotocol_risk(ndpi_struct, flow, proto_id); - if(ndpi_struct->tls_cert_cache == NULL) - ndpi_struct->tls_cert_cache = ndpi_lru_cache_init(1024); - if(ndpi_struct->tls_cert_cache && packet->iph && packet->tcp) { u_int32_t key = packet->iph->saddr + packet->tcp->source; /* Server */ |