aboutsummaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
...
* QUIC: add basic support for fragmented Client Hello (#1216)Ivan Nardi2021-06-24
| | | | Only in-order and non overlapping fragments are handled See #1195
* Added missing check to prevent crashesLuca Deri2021-06-23
|
* ndpiReader: memory leak (#1215)Vitaly Lavrov2021-06-23
| | | | | | Non-critical bugs. If a file list is used, then all files except the last are not closed. Opening the next file loses the memory allocated via pcap_open_offline() for the previous file. If a bpf filter is used, then no memory is freed after pcap_compile.
* Speed and memory size optimisation (#1214)Vitaly Lavrov2021-06-23
| | | | | | | Removed bigram_automata, impossible_bigram_automata, trigram_automata. The ahocorasick structure is replaced with a bitmap. The bitmap size for ndpi_en_bigram is 176 bytes. The bitmap size for ndpi_en_trigram is 2201 bytes. On the test machine, the test execution time was reduced from 27.3 seconds to 24.7 (9%).
* Addesses partial application matching (#1207)Luca Deri2021-06-21
|
* Restored 32 bit value in ndpi_match_string_value()Luca Deri2021-06-21
|
* Upgraded exponential smoothing to 64 bit valuesLuca Deri2021-06-18
|
* Added nDPI Score reportLuca Deri2021-06-17
|
* fixed lua errors in non-iec104 packets (#1209)martinscheu2021-06-17
| | | | | | | | | * Update iec.lua fixed lua errors in non iec 104 packets * Update iec.lua Co-authored-by: tinu <martin.scheu@switch.ch>
* Added bitmap boundary checksLuca Deri2021-06-17
|
* Extende nDPI API with ndpi_netbios_name_interpret()Luca Deri2021-06-17
|
* NetBIOS decoding changesLuca Deri2021-06-16
|
* Code review. (#1205)Vitaly Lavrov2021-06-15
| | | | | | | | | | | | | | | The common actions required to call the ac_automata_search() function have been moved to the ndpi_match_string_common function. This made it possible to simplify the ndpi_match_string, ndpi_match_string_protocol_id, ndpi_match_string_value, ndpi_match_custom_category, ndpi_match_string_subprotocol, ndpi_match_bigram, ndpi_match_trigram functions. Using u_int16_t type for protocol identifiers when working with the ahocorasick library (changes src/include/ndpi_api.h.in and src/include/ndpi_typedefs.h). Reworked "finalization" of all AC_AUTOMATA_t structures. Changing the order of fields in the ndpi_call_function_struct structure reduces the size of the ndpi_detection_module_struct structure by 10 kB (for x86_64).
* Win fixLuca Deri2021-06-15
|
* IEC analysis wireshark pluginLuca Deri2021-06-14
|
* Call ac_automata_release with free_pattern = 1 (malloc'ed patterns expected ↵Alfredo Cardigliano2021-06-14
| | | | in ndpi_add_string_to_automa)
* Fixes https://github.com/ntop/ntopng/issues/5482Luca Deri2021-06-11
|
* Reimplememnted SNMP dissectorLuca Deri2021-06-11
|
* Syntax error fixesLuca Deri2021-06-11
|
* Fixed flow score labelLuca Deri2021-06-11
|
* Changed output for the sharkfest lua scriptsMatteo Biscosi2021-06-11
|
* Bug in ndpi_lru_find_cache (#1204)Vitaly Lavrov2021-06-10
| | | Key value check is missing.
* Minor code cleanupLuca2021-06-09
|
* autoconf: Do not check for json-c if --with-only-libndpi is set. (#1202)Toni2021-06-09
| | | | | | * json-c is used by a unit test * required to fix some libnDPI cross compilation issues Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* OpenWRT document fixLuca Deri2021-06-08
|
* Win changesLuca Deri2021-06-08
|
* Updated scriptsLuca Deri2021-06-08
|
* New testing pcap with syn scan attackLuca2021-06-08
|
* Companion scripts written for the Sharkfest conferenceLuca2021-06-08
|
* Added report on score cli/srv breakdownLuca Deri2021-06-07
|
* New version of the ahocorasick library (#1200)Vitaly Lavrov2021-06-07
| | | | | | | | | | | | | | | | The new version is about 25% faster with -O2 and 45% faster with -O3. No recursion is used (smaller stack size required). Uses less memory (by valgrind info) bigram: - original 1796 allocs, 247864 bytes allocated - new 1232 allocs, 158880 bytes allocated host_match: - original 18038 allocs, 3004576 bytes allocated - new 6861 allocs, 396624 bytes allocated The function ac_automata_search() is thread safe. Optional case-insensitive comparison. Matching at the beginning and at the end of the string is supported. One code file and one header file.
* Fixed uninitialized memory use. (#1198)Vitaly Lavrov2021-06-07
| | | The pointer "header" must be initialized before first call pcap_next_ex().
* Fixed expected outputLuca Deri2021-06-03
|
* Warnign fixLuca Deri2021-06-03
|
* Renamed Skyp in Skype_Teams as the protocol is now shared across these appsLuca Deri2021-06-02
|
* wireshark/lua: improve flow risk visualization (#1194)Ivan Nardi2021-06-02
| | | | | Create a separated proto field entry for each possible flow risk. This way, filtering will be more natural: you can use something like "ndpi.flow_risk.desktop_file_sharing_session"
* Removed xbox and playstation invalid port guessesLuca Deri2021-06-02
|
* ndpiReader: fix collecting of risks statistics (#1192)Ivan Nardi2021-06-01
|
* TLS: improve check for common ALPNs (#1191)Ivan Nardi2021-06-01
| | | Facebook is still using its own ALPN for HTTP2 as well
* Reworked ndpi flow risk score adding client and server scoreLuca2021-06-01
|
* Fix warningsAlfredo Cardigliano2021-05-25
|
* Added TLS check to avoid crash with UDP-based trafficLuca2021-05-25
|
* Improved TLS browser detection heuristicsLuca Deri2021-05-19
|
* wireshark/lua: fix offsets (#1187)Ivan Nardi2021-05-18
|
* Added flow risk scoreLuca Deri2021-05-18
|
* TypoLuca Deri2021-05-18
|
* Added risk/score dump (ndpiReader -h)Luca Deri2021-05-18
| | | | Added ndpi_dump_risks_score() API score
* Updated API for ndpi_risk2score()Luca Deri2021-05-17
| | | | Added ndpi_get_upper_proto() API call
* Reworked human readeable string search in flowsLuca Deri2021-05-17
| | | | Removed fragment manager code
* Added further checksLuca Deri2021-05-15
|
Powered by cgit, Themed by Ted Yin.