aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/include/ndpi_main.h7
-rw-r--r--src/include/ndpi_typedefs.h86
-rw-r--r--src/lib/ndpi_main.c114
-rw-r--r--src/lib/protocols/icecast.c7
4 files changed, 65 insertions, 149 deletions
diff --git a/src/include/ndpi_main.h b/src/include/ndpi_main.h
index f52d9c959..f2ce493c9 100644
--- a/src/include/ndpi_main.h
+++ b/src/include/ndpi_main.h
@@ -107,11 +107,6 @@ extern "C" {
extern void ndpi_set_proto_subprotocols(struct ndpi_detection_module_struct *ndpi_mod,
int protoId, ...);
- extern int ndpi_packet_src_ip_eql(const struct ndpi_packet_struct *packet, const ndpi_ip_addr_t * ip);
- extern int ndpi_packet_dst_ip_eql(const struct ndpi_packet_struct *packet, const ndpi_ip_addr_t * ip);
- extern void ndpi_packet_src_ip_get(const struct ndpi_packet_struct *packet, ndpi_ip_addr_t * ip);
- extern void ndpi_packet_dst_ip_get(const struct ndpi_packet_struct *packet, ndpi_ip_addr_t * ip);
-
extern int ndpi_parse_ip_string(const char *ip_str, ndpi_ip_addr_t *parsed_ip);
extern char *ndpi_get_ip_string(const ndpi_ip_addr_t * ip, char *buf, u_int buf_len);
extern u_int8_t ndpi_is_ipv6(const ndpi_ip_addr_t *ip);
@@ -177,8 +172,6 @@ extern "C" {
int64_t ndpi_asn1_ber_decode_length(const unsigned char *payload, int payload_len, u_int16_t *value_len);
char* ndpi_intoav4(unsigned int addr, char* buf, u_int16_t bufLen);
- int ndpi_current_pkt_from_client_to_server(const struct ndpi_packet_struct *packet, const struct ndpi_flow_struct *flow);
- int ndpi_current_pkt_from_server_to_client(const struct ndpi_packet_struct *packet, const struct ndpi_flow_struct *flow);
int ndpi_seen_flow_beginning(const struct ndpi_flow_struct *flow);
#ifdef __cplusplus
diff --git a/src/include/ndpi_typedefs.h b/src/include/ndpi_typedefs.h
index 8b1874f38..26fcf0be3 100644
--- a/src/include/ndpi_typedefs.h
+++ b/src/include/ndpi_typedefs.h
@@ -965,49 +965,6 @@ struct ndpi_int_one_line_struct {
u_int16_t len;
};
-struct ndpi_packet_struct {
- const struct ndpi_iphdr *iph;
- const struct ndpi_ipv6hdr *iphv6;
- const struct ndpi_tcphdr *tcp;
- const struct ndpi_udphdr *udp;
- const u_int8_t *generic_l4_ptr; /* is set only for non tcp-udp traffic */
- const u_int8_t *payload;
-
- u_int64_t current_time_ms;
-
- struct ndpi_int_one_line_struct line[NDPI_MAX_PARSE_LINES_PER_PACKET];
- /* HTTP headers */
- struct ndpi_int_one_line_struct host_line;
- struct ndpi_int_one_line_struct forwarded_line;
- struct ndpi_int_one_line_struct referer_line;
- struct ndpi_int_one_line_struct content_line;
- struct ndpi_int_one_line_struct content_disposition_line;
- struct ndpi_int_one_line_struct accept_line;
- struct ndpi_int_one_line_struct authorization_line;
- struct ndpi_int_one_line_struct user_agent_line;
- struct ndpi_int_one_line_struct http_url_name;
- struct ndpi_int_one_line_struct http_encoding;
- struct ndpi_int_one_line_struct http_transfer_encoding;
- struct ndpi_int_one_line_struct http_contentlen;
- struct ndpi_int_one_line_struct http_cookie;
- struct ndpi_int_one_line_struct http_origin;
- struct ndpi_int_one_line_struct http_x_session_type;
- struct ndpi_int_one_line_struct server_line;
- struct ndpi_int_one_line_struct http_method;
- struct ndpi_int_one_line_struct http_response; /* the first "word" in this pointer is the
- response code in the packet (200, etc) */
- u_int8_t http_num_headers; /* number of found (valid) header lines in HTTP request or response */
-
- u_int16_t l3_packet_len;
- u_int16_t payload_packet_len;
- u_int16_t parsed_lines;
- u_int16_t empty_line_position;
- u_int8_t tcp_retransmission;
-
- u_int8_t packet_lines_parsed_complete:1,
- packet_direction:1, empty_line_position_set:1, http_check_content:1, pad:4;
-};
-
struct ndpi_detection_module_struct;
struct ndpi_flow_struct;
@@ -1250,6 +1207,49 @@ typedef struct {
} nbpf_filter;
#endif
+struct ndpi_packet_struct {
+ const struct ndpi_iphdr *iph;
+ const struct ndpi_ipv6hdr *iphv6;
+ const struct ndpi_tcphdr *tcp;
+ const struct ndpi_udphdr *udp;
+ const u_int8_t *generic_l4_ptr; /* is set only for non tcp-udp traffic */
+ const u_int8_t *payload;
+
+ u_int64_t current_time_ms;
+
+ struct ndpi_int_one_line_struct line[NDPI_MAX_PARSE_LINES_PER_PACKET];
+ /* HTTP headers */
+ struct ndpi_int_one_line_struct host_line;
+ struct ndpi_int_one_line_struct forwarded_line;
+ struct ndpi_int_one_line_struct referer_line;
+ struct ndpi_int_one_line_struct content_line;
+ struct ndpi_int_one_line_struct content_disposition_line;
+ struct ndpi_int_one_line_struct accept_line;
+ struct ndpi_int_one_line_struct authorization_line;
+ struct ndpi_int_one_line_struct user_agent_line;
+ struct ndpi_int_one_line_struct http_url_name;
+ struct ndpi_int_one_line_struct http_encoding;
+ struct ndpi_int_one_line_struct http_transfer_encoding;
+ struct ndpi_int_one_line_struct http_contentlen;
+ struct ndpi_int_one_line_struct http_cookie;
+ struct ndpi_int_one_line_struct http_origin;
+ struct ndpi_int_one_line_struct http_x_session_type;
+ struct ndpi_int_one_line_struct server_line;
+ struct ndpi_int_one_line_struct http_method;
+ struct ndpi_int_one_line_struct http_response; /* the first "word" in this pointer is the
+ response code in the packet (200, etc) */
+ u_int8_t http_num_headers; /* number of found (valid) header lines in HTTP request or response */
+
+ u_int16_t l3_packet_len;
+ u_int16_t payload_packet_len;
+ u_int16_t parsed_lines;
+ u_int16_t empty_line_position;
+ u_int8_t tcp_retransmission;
+
+ u_int8_t packet_lines_parsed_complete:1,
+ packet_direction:1, empty_line_position_set:1, http_check_content:1, pad:4;
+};
+
struct ndpi_detection_module_struct {
NDPI_PROTOCOL_BITMASK detection_bitmask;
diff --git a/src/lib/ndpi_main.c b/src/lib/ndpi_main.c
index a6eceee28..5cdaa9f2b 100644
--- a/src/lib/ndpi_main.c
+++ b/src/lib/ndpi_main.c
@@ -6294,6 +6294,22 @@ static int fully_enc_heuristic(struct ndpi_detection_module_struct *ndpi_str,
/* ************************************************ */
+int ndpi_current_pkt_from_client_to_server(const struct ndpi_detection_module_struct *ndpi_str,
+ const struct ndpi_flow_struct *flow)
+{
+ return ndpi_str->packet.packet_direction == flow->client_packet_direction;
+}
+
+/* ******************************************************************** */
+
+int ndpi_current_pkt_from_server_to_client(const struct ndpi_detection_module_struct *ndpi_str,
+ const struct ndpi_flow_struct *flow)
+{
+ return ndpi_str->packet.packet_direction != flow->client_packet_direction;
+}
+
+/* ******************************************************************** */
+
static int tcp_ack_padding(struct ndpi_packet_struct *packet) {
const struct ndpi_tcphdr *tcph = packet->tcp;
if(tcph && tcph->ack && !tcph->psh &&
@@ -6497,7 +6513,7 @@ void ndpi_connection_tracking(struct ndpi_detection_module_struct *ndpi_str,
}
}
- if(ndpi_current_pkt_from_client_to_server(packet, flow)) {
+ if(ndpi_current_pkt_from_client_to_server(ndpi_str, flow)) {
if(flow->is_ipv6 == 0) {
flow->c_address.v4 = packet->iph->saddr;
flow->s_address.v4 = packet->iph->daddr;
@@ -8738,86 +8754,6 @@ int NDPI_PROTOCOL_IP_is_set(const ndpi_ip_addr_t *ip) {
/* ********************************************************************************* */
-/* check if the source ip address in packet and ip are equal */
-/* NTOP */
-int ndpi_packet_src_ip_eql(const struct ndpi_packet_struct *packet, const ndpi_ip_addr_t *ip) {
- /* IPv6 */
- if(packet->iphv6 != NULL) {
- if(packet->iphv6->ip6_src.u6_addr.u6_addr32[0] == ip->ipv6.u6_addr.u6_addr32[0] &&
- packet->iphv6->ip6_src.u6_addr.u6_addr32[1] == ip->ipv6.u6_addr.u6_addr32[1] &&
- packet->iphv6->ip6_src.u6_addr.u6_addr32[2] == ip->ipv6.u6_addr.u6_addr32[2] &&
- packet->iphv6->ip6_src.u6_addr.u6_addr32[3] == ip->ipv6.u6_addr.u6_addr32[3])
- return(1);
- //else
- return(0);
- }
-
- /* IPv4 */
- if(packet->iph->saddr == ip->ipv4)
- return(1);
- return(0);
-}
-
-/* ********************************************************************************* */
-
-/* check if the destination ip address in packet and ip are equal */
-int ndpi_packet_dst_ip_eql(const struct ndpi_packet_struct *packet, const ndpi_ip_addr_t *ip) {
- /* IPv6 */
- if(packet->iphv6 != NULL) {
- if(packet->iphv6->ip6_dst.u6_addr.u6_addr32[0] == ip->ipv6.u6_addr.u6_addr32[0] &&
- packet->iphv6->ip6_dst.u6_addr.u6_addr32[1] == ip->ipv6.u6_addr.u6_addr32[1] &&
- packet->iphv6->ip6_dst.u6_addr.u6_addr32[2] == ip->ipv6.u6_addr.u6_addr32[2] &&
- packet->iphv6->ip6_dst.u6_addr.u6_addr32[3] == ip->ipv6.u6_addr.u6_addr32[3])
- return(1);
- //else
- return(0);
- }
-
- /* IPv4 */
- if(packet->iph->saddr == ip->ipv4)
- return(1);
-
- return(0);
-}
-
-/* ********************************************************************************* */
-
-/* get the source ip address from packet and put it into ip */
-/* NTOP */
-void ndpi_packet_src_ip_get(const struct ndpi_packet_struct *packet, ndpi_ip_addr_t *ip) {
- NDPI_PROTOCOL_IP_clear(ip);
-
- /* IPv6 */
- if(packet->iphv6 != NULL) {
- ip->ipv6.u6_addr.u6_addr32[0] = packet->iphv6->ip6_src.u6_addr.u6_addr32[0];
- ip->ipv6.u6_addr.u6_addr32[1] = packet->iphv6->ip6_src.u6_addr.u6_addr32[1];
- ip->ipv6.u6_addr.u6_addr32[2] = packet->iphv6->ip6_src.u6_addr.u6_addr32[2];
- ip->ipv6.u6_addr.u6_addr32[3] = packet->iphv6->ip6_src.u6_addr.u6_addr32[3];
- } else {
- /* IPv4 */
- ip->ipv4 = packet->iph->saddr;
- }
-}
-
-/* ********************************************************************************* */
-
-/* get the destination ip address from packet and put it into ip */
-/* NTOP */
-void ndpi_packet_dst_ip_get(const struct ndpi_packet_struct *packet, ndpi_ip_addr_t *ip) {
- NDPI_PROTOCOL_IP_clear(ip);
-
- if(packet->iphv6 != NULL) {
- ip->ipv6.u6_addr.u6_addr32[0] = packet->iphv6->ip6_dst.u6_addr.u6_addr32[0];
- ip->ipv6.u6_addr.u6_addr32[1] = packet->iphv6->ip6_dst.u6_addr.u6_addr32[1];
- ip->ipv6.u6_addr.u6_addr32[2] = packet->iphv6->ip6_dst.u6_addr.u6_addr32[2];
- ip->ipv6.u6_addr.u6_addr32[3] = packet->iphv6->ip6_dst.u6_addr.u6_addr32[3];
-
- } else
- ip->ipv4 = packet->iph->daddr;
-}
-
-/* ********************************************************************************* */
-
u_int8_t ndpi_is_ipv6(const ndpi_ip_addr_t *ip) {
return(ip->ipv6.u6_addr.u6_addr32[1] != 0 || ip->ipv6.u6_addr.u6_addr32[2] != 0 ||
ip->ipv6.u6_addr.u6_addr32[3] != 0);
@@ -10596,22 +10532,6 @@ char *ndpi_user_agent_set(struct ndpi_flow_struct *flow,
/* ******************************************************************** */
-int ndpi_current_pkt_from_client_to_server(const struct ndpi_packet_struct *packet,
- const struct ndpi_flow_struct *flow)
-{
- return packet->packet_direction == flow->client_packet_direction;
-}
-
-/* ******************************************************************** */
-
-int ndpi_current_pkt_from_server_to_client(const struct ndpi_packet_struct *packet,
- const struct ndpi_flow_struct *flow)
-{
- return packet->packet_direction != flow->client_packet_direction;
-}
-
-/* ******************************************************************** */
-
int ndpi_seen_flow_beginning(const struct ndpi_flow_struct *flow)
{
if(flow->l4_proto == IPPROTO_TCP &&
diff --git a/src/lib/protocols/icecast.c b/src/lib/protocols/icecast.c
index 354650233..d7baa261c 100644
--- a/src/lib/protocols/icecast.c
+++ b/src/lib/protocols/icecast.c
@@ -28,6 +28,9 @@
#include "ndpi_api.h"
+extern int ndpi_current_pkt_from_client_to_server(const struct ndpi_detection_module_struct *ndpi_str, const struct ndpi_flow_struct *flow);
+extern int ndpi_current_pkt_from_server_to_client(const struct ndpi_detection_module_struct *ndpi_str, const struct ndpi_flow_struct *flow);
+
static void ndpi_int_icecast_add_connection(struct ndpi_detection_module_struct *ndpi_struct, struct ndpi_flow_struct *flow)
{
ndpi_set_detected_protocol(ndpi_struct, flow, NDPI_PROTOCOL_ICECAST, NDPI_PROTOCOL_UNKNOWN, NDPI_CONFIDENCE_DPI);
@@ -60,12 +63,12 @@ static void ndpi_search_icecast_tcp(struct ndpi_detection_module_struct *ndpi_st
}
}
- if(ndpi_current_pkt_from_client_to_server(packet, flow)
+ if(ndpi_current_pkt_from_client_to_server(ndpi_struct, flow)
&& (flow->packet_counter < 10)) {
return;
}
- if(ndpi_current_pkt_from_server_to_client(packet, flow)) {
+ if(ndpi_current_pkt_from_server_to_client(ndpi_struct, flow)) {
/* server answer, now test Server for Icecast */
ndpi_parse_packet_line_info(ndpi_struct, flow);
Powered by cgit, Themed by Ted Yin.