diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/include/ndpi_private.h | 7 | ||||
| -rw-r--r-- | src/lib/ndpi_main.c | 2 | ||||
| -rw-r--r-- | src/lib/protocols/http.c | 22 |
3 files changed, 17 insertions, 14 deletions
diff --git a/src/include/ndpi_private.h b/src/include/ndpi_private.h index 8f7208a05..cf857be23 100644 --- a/src/include/ndpi_private.h +++ b/src/include/ndpi_private.h @@ -205,6 +205,8 @@ struct ndpi_detection_module_config_struct { int stun_opportunistic_tls_enabled; + int http_parse_response_enabled; + int ookla_aggressiveness; NDPI_PROTOCOL_BITMASK ip_list_bitmask; @@ -327,14 +329,9 @@ struct ndpi_detection_module_struct { /* *** If you add a new LRU cache, please update lru_cache_type above! *** */ - int tcp_ack_paylod_heuristic; - int fully_encrypted_based_on_first_pkt_heuristic; - u_int16_t ndpi_to_user_proto_id[NDPI_MAX_NUM_CUSTOM_PROTOCOLS]; /* custom protocolId mapping */ ndpi_proto_defaults_t proto_defaults[NDPI_MAX_SUPPORTED_PROTOCOLS+NDPI_MAX_NUM_CUSTOM_PROTOCOLS]; - u_int8_t direction_detect_disable:1, /* disable internal detection of packet direction */ _pad:7; - #ifdef CUSTOM_NDPI_PROTOCOLS #include "../../../nDPI-custom/custom_ndpi_typedefs.h" #endif diff --git a/src/lib/ndpi_main.c b/src/lib/ndpi_main.c index 33278c490..d3282c7da 100644 --- a/src/lib/ndpi_main.c +++ b/src/lib/ndpi_main.c @@ -10790,6 +10790,8 @@ static const struct cfg_param { { "stun", "tls_dissection.enable", "1", NULL, NULL, CFG_PARAM_ENABLE_DISABLE, __OFF(stun_opportunistic_tls_enabled) }, + { "http", "process_response.enable", "1", NULL, NULL, CFG_PARAM_ENABLE_DISABLE, __OFF(http_parse_response_enabled) }, + { "ookla", "aggressiveness", "0x01", "0", "1", CFG_PARAM_INT, __OFF(ookla_aggressiveness) }, { "$PROTO_NAME_OR_ID", "ip_list.load", "1", NULL, NULL, CFG_PARAM_PROTOCOL_ENABLE_DISABLE, __OFF(ip_list_bitmask)}, diff --git a/src/lib/protocols/http.c b/src/lib/protocols/http.c index b0bbd30ca..673345b93 100644 --- a/src/lib/protocols/http.c +++ b/src/lib/protocols/http.c @@ -1493,16 +1493,20 @@ static void ndpi_search_http_tcp(struct ndpi_detection_module_struct *ndpi_struc NDPI_LOG_DBG(ndpi_struct, "search HTTP\n"); ndpi_check_http_tcp(ndpi_struct, flow); - if((flow->host_server_name[0] != '\0'&& + if((ndpi_struct->cfg.http_parse_response_enabled && + flow->host_server_name[0] != '\0'&& flow->http.response_status_code != 0) || - /* We have found 3 consecutive requests (without the reply) or 3 - consecutive replies (without the request). If the traffic is really - asymmetric, stop here, because we will never find the metadata from - both the request and the reply. We wait for 3 events (instead of 2) - to avoid false positives triggered by missing/dropped packets */ - (flow->l4.tcp.http_asymmetric_stage == 2 && - (flow->packet_direction_complete_counter[0] == 0 || - flow->packet_direction_complete_counter[1] == 0))) { + (!ndpi_struct->cfg.http_parse_response_enabled && + (flow->host_server_name[0] != '\0' || + flow->http.response_status_code != 0)) || + /* We have found 3 consecutive requests (without the reply) or 3 + consecutive replies (without the request). If the traffic is really + asymmetric, stop here, because we will never find the metadata from + both the request and the reply. We wait for 3 events (instead of 2) + to avoid false positives triggered by missing/dropped packets */ + (flow->l4.tcp.http_asymmetric_stage == 2 && + (flow->packet_direction_complete_counter[0] == 0 || + flow->packet_direction_complete_counter[1] == 0))) { flow->extra_packets_func = NULL; /* We're good now */ if(flow->initial_binary_bytes_len) ndpi_analyze_content_signature(ndpi_struct, flow); |