aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/include/ndpi_api.h11
-rw-r--r--src/include/ndpi_typedefs.h12
-rw-r--r--src/lib/ndpi_analyze.c131
-rw-r--r--src/lib/ndpi_classify.c1
-rw-r--r--src/lib/ndpi_main.c4
5 files changed, 156 insertions, 3 deletions
diff --git a/src/include/ndpi_api.h b/src/include/ndpi_api.h
index 9350cd543..03f21d4cd 100644
--- a/src/include/ndpi_api.h
+++ b/src/include/ndpi_api.h
@@ -891,6 +891,17 @@ extern "C" {
ndpi_string *key, float *value);
int ndpi_deserialize_end_of_record(ndpi_deserializer *deserializer);
+ /* Data analysis */
+ struct ndpi_analyze_struct* ndpi_init_data_analysis(u_int16_t _max_series_len);
+ void ndpi_free_data_analysis(struct ndpi_analyze_struct *d);
+ void ndpi_data_add_value(struct ndpi_analyze_struct *s, const u_int32_t value);
+
+ float ndpi_data_average(struct ndpi_analyze_struct *s);
+ float ndpi_data_window_average(struct ndpi_analyze_struct *s);
+
+ float ndpi_entropy(struct ndpi_analyze_struct *s);
+
+ void ndpi_data_print_window_values(struct ndpi_analyze_struct *s); /* debug */
#ifdef __cplusplus
}
#endif
diff --git a/src/include/ndpi_typedefs.h b/src/include/ndpi_typedefs.h
index bdb5a76e1..2aacf847a 100644
--- a/src/include/ndpi_typedefs.h
+++ b/src/include/ndpi_typedefs.h
@@ -1363,4 +1363,16 @@ typedef struct {
u_int16_t str_len;
} ndpi_string;
+/* **************************************** */
+
+struct ndpi_analyze_struct {
+ u_int32_t *values;
+ u_int32_t sum_total, num_data_entries, next_value_insert_index;
+ u_int16_t num_values_array_len /* lenght of the values array */;
+};
+
+#define DEFAULT_SERIES_LEN 64
+#define MAX_SERIES_LEN 512
+#define MIN_SERIES_LEN 8
+
#endif /* __NDPI_TYPEDEFS_H__ */
diff --git a/src/lib/ndpi_analyze.c b/src/lib/ndpi_analyze.c
new file mode 100644
index 000000000..502c2d858
--- /dev/null
+++ b/src/lib/ndpi_analyze.c
@@ -0,0 +1,131 @@
+/*
+ * ndpi_analyze.c
+ *
+ * Copyright (C) 2019 - ntop.org
+ *
+ * This file is part of nDPI, an open source deep packet inspection
+ * library.
+ *
+ * nDPI is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * nDPI is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with nDPI. If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+#ifdef HAVE_CONFIG_H
+#include "ndpi_config.h"
+#endif
+
+#include <stdlib.h>
+#include <errno.h>
+#include <sys/types.h>
+#include <stdint.h>
+#include <math.h>
+#include <float.h> /* FLT_EPSILON */
+#include "ndpi_api.h"
+#include "ndpi_config.h"
+
+/* ********************************************************************************* */
+
+struct ndpi_analyze_struct* ndpi_init_data_analysis(u_int16_t _max_series_len) {
+ struct ndpi_analyze_struct *ret = ndpi_malloc(sizeof(struct ndpi_analyze_struct));
+ u_int32_t len;
+
+ if(ret == NULL)
+ return(ret);
+ else
+ memset(ret, 0, sizeof(struct ndpi_analyze_struct));
+
+ if(_max_series_len > MAX_SERIES_LEN) _max_series_len = MAX_SERIES_LEN;
+ if(_max_series_len == 0) _max_series_len = 1; /* At least 1 element */
+ ret->num_values_array_len = _max_series_len;
+
+ len = sizeof(u_int32_t)*ret->num_values_array_len;
+ if((ret->values = ndpi_malloc(len)) == NULL) {
+ ndpi_free(ret);
+ ret = NULL;
+ } else
+ memset(ret->values, 0, len);
+
+ return(ret);
+}
+
+/* ********************************************************************************* */
+
+void ndpi_free_data_analysis(struct ndpi_analyze_struct *d) {
+ ndpi_free(d->values);
+ ndpi_free(d);
+}
+
+/* ********************************************************************************* */
+
+/*
+ Add a new point to analyze
+ */
+void ndpi_data_add_value(struct ndpi_analyze_struct *s, const u_int32_t value) {
+ s->sum_total += value, s->num_data_entries++, s->values[s->next_value_insert_index] = value;
+ if(++s->next_value_insert_index == s->num_values_array_len)
+ s->next_value_insert_index = 0;
+}
+
+/* ********************************************************************************* */
+
+/* Compute the average on all value */
+float ndpi_data_average(struct ndpi_analyze_struct *s) {
+ return((float)s->sum_total / (float)s->num_data_entries);
+}
+
+/* ********************************************************************************* */
+
+/* Compute the average only on the sliding window */
+float ndpi_data_window_average(struct ndpi_analyze_struct *s) {
+ float sum = 0.0;
+ u_int16_t i, n = ndpi_min(s->num_data_entries, s->num_values_array_len);
+
+ for(i=0; i<n; i++)
+ sum += s->values[i];
+
+ return((float)sum / (float)n);
+}
+
+/* ********************************************************************************* */
+
+/*
+ Compute entropy on the last sliding window values
+*/
+float ndpi_entropy(struct ndpi_analyze_struct *s) {
+ int i;
+ float sum = 0.0, total = 0.0;
+
+ for(i=0; i<s->num_values_array_len; i++)
+ total += s->values[i];
+
+ for (i=0; i<s->num_values_array_len; i++) {
+ float tmp = (float)s->values[i] / (float)total;
+
+ if(tmp > FLT_EPSILON)
+ sum -= tmp * logf(tmp);
+ }
+
+ return(sum / logf(2.0));
+}
+
+/* ********************************************************************************* */
+
+void ndpi_data_print_window_values(struct ndpi_analyze_struct *s) {
+ u_int16_t i, n = ndpi_min(s->num_data_entries, s->num_values_array_len);
+
+ for(i=0; i<n; i++)
+ printf("[%u: %u]", i, s->values[i]);
+
+ printf("\n");
+}
diff --git a/src/lib/ndpi_classify.c b/src/lib/ndpi_classify.c
index 79cf1c234..96b2ecbb0 100644
--- a/src/lib/ndpi_classify.c
+++ b/src/lib/ndpi_classify.c
@@ -52,7 +52,6 @@
#include <stdlib.h>
#include <stdint.h>
#include <math.h>
-
#include "ndpi_main.h"
#include "ndpi_classify.h"
diff --git a/src/lib/ndpi_main.c b/src/lib/ndpi_main.c
index cca061856..c8e5adaea 100644
--- a/src/lib/ndpi_main.c
+++ b/src/lib/ndpi_main.c
@@ -118,8 +118,8 @@ void ndpi_flow_free(void *ptr) {
/* ****************************************** */
-void * ndpi_realloc(void *ptr, size_t old_size, size_t new_size)
-{
+void * ndpi_realloc(void *ptr, size_t old_size,
+ size_t new_size) {
void *ret = ndpi_malloc(new_size);
if(!ret)
Powered by cgit, Themed by Ted Yin.