aboutsummaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
...
* Added nDPI pkg-config file to Debian / Ubuntu ndpi-dev packaging. (#1318)Toni2021-10-03
| | | | | | | * Added nDPI pkg-config file to Debian / Ubuntu ndpi-dev packaging. * fixed missing gcrypt library dependency in libndpi.pc Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* Adds sections labels with risk id to the docsSimone Mainardi2021-10-01
|
* Warning fixLuca Deri2021-10-01
|
* Initial attempt to write nDPI documentation. Starting with flow risks. ↵Luca Deri2021-10-01
| | | | Please contribute
* Remove `detected_protocol_stack` field from `ndpi_packet_struct` (#1317)Ivan Nardi2021-09-29
| | | | | | | | | | | | | This field is an exact copy of `ndpi_flow_struct->detected_protocol_stack[2]`: * at the very beginning of packet dissection, the value saved in `flow->detected_protocol_stack` is copied in `packet->detected_protocol_stack` (via `ndpi_detection_process_packet()` -> `ndpi_init_packet_header()`) * every time we update `flow->detected_protocol_stack` we update `packet->detected_protocol_stack` too (via `ndpi_int_change_protocol()` -> `ndpi_int_change_packet_protocol()`) These two fields are always in sync: keeping the same value in two different places is useless.
* Fix warningAlfredo Cardigliano2021-09-28
|
* Added unit test for bitmap iterationLuca Deri2021-09-27
|
* Compilation fixed on CentOS 7Luca Deri2021-09-27
| | | | Bitmap APi changes
* Bitmap codeLuca Deri2021-09-27
|
* Reworked bitmap codeLuca Deri2021-09-27
|
* Warnign fixLuca Deri2021-09-27
|
* Fix armhf (#1315)Gianfranco Costamagna2021-09-26
| | | | | | | | | | | | | | | | * Fix unaligned memory accesses with get_u_int64_t at armhf see: https://bugs.debian.org/993627 * Use get_u_int64_t to avoid unaligned memory access at armhf see: https://bugs.debian.org/993627 * Update src/include/ndpi_define.h.in Drop const type from get_u_int64_t, from lnslbrty Co-authored-by: Bernhard Übelacker <bernhardu@mailbox.org> Co-authored-by: Toni <matzeton@googlemail.com>
* Added include for defining bools (not present on all platforms)Luca Deri2021-09-26
|
* Added API for handling compressed bitmapsLuca Deri2021-09-26
| | | | | | | | | | | | | | ndpi_bitmap* ndpi_bitmap_alloc(); void ndpi_bitmap_free(ndpi_bitmap* b); u_int64_t ndpi_bitmap_cardinality(ndpi_bitmap* b); void ndpi_bitmap_set(ndpi_bitmap* b, u_int32_t value); void ndpi_bitmap_unset(ndpi_bitmap* b, u_int32_t value); bool ndpi_bitmap_isset(ndpi_bitmap* b, u_int32_t value); void ndpi_bitmap_clear(ndpi_bitmap* b); size_t ndpi_bitmap_serialize(ndpi_bitmap* b, char **buf); ndpi_bitmap* ndpi_bitmap_deserialize(char *buf); based on https://github.com/RoaringBitmap/CRoaring
* Add arm64, armhf and s390x as part of CI. (#1314)Zied Aouini2021-09-23
| | | | | | | * Add arm64, armhf and s390x as part on CI. * Minor fix. * Fix code inspector complaints.
* QUIC: fix old GQUIC versions on big-endian machines (#1313)Ivan Nardi2021-09-23
|
* Improve CI (#1303)Zied Aouini2021-09-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Improve CI pipeline * Fix branch name. * Fix branch name. * Fix libgcrypt configuration. * Update build.yml * Move to Github Actions instead of Travis CI. * Fix mingw on ubuntu bionic. * Reactivate cross compile on Ubuntu Bionic. * Switch to single line steps. * Add several compilers versions * Minor fix. * Fix build all and delete cxx * Fix RCE detection. * Fix PCRE configuration. * Add condition on PCRE test pcap. * Update WebattackRCE.pcap.out * Add missing SUBST. * Delete WebattackRCE.pcap.out * Update WebAttackRCE result. * Fix typo. * Extend jobs with pcre+msan+maxminddb. * Fix code inpector warnings. * Delete .appveyor.yml
* Merge pull request #1311 from IvanNardi/ftp-start-tlsToni2021-09-22
|\ | | | | FTP: fix support for START-TLS sessions
| * FTP: fix support for START-TLS sessionsNardi Ivan2021-09-21
|/ | | | | | When TLS-over-FTP is used, the credentials are encrypted. So we must not wait for the username and the password commands, otherwise we elaborate a lot of packets for nothing.
* Merge pull request #1309 from IvanNardi/ipv6-headersToni2021-09-20
|\ | | | | Fix parsing of ipv6 packets with extension headers
| * Fix parsing of ipv6 packets with extension headersNardi Ivan2021-09-19
| | | | | | | | | | | | | | | | Decoding of ipv6 traffic with extension headers was completely broken, since the beginning of the L4 header was always set to a wrong value. Handle the ipv6 fragments in the same way as the ipv4 ones: keep the first one and drop the others.
* | Merge pull request #1310 from IvanNardi/stun-realmToni2021-09-20
|\ \ | |/ |/| STUN: fix extraction of Realm attribute
| * STUN: fix extraction of Realm attributeNardi Ivan2021-09-20
|/ | | | While at it, improve detection of Facebook Messenger
* Small fixes after latest commits (#1308)Ivan Nardi2021-09-18
|
* A (tiny) effort to reduce memory usage per flow (#1304)Ivan Nardi2021-09-18
| | | | | | | Follow-up of 22241a1d Only trivial changes: * remove completely unused fields * remove fields only written (but never read) * CSGO protocol only handles UDP traffic
* Added DNS fragmented test pcapLuca Deri2021-09-17
|
* Improved fragmented DNS detectionLuca Deri2021-09-17
|
* DNS dissection fixesLuca Deri2021-09-17
|
* Progetto esame Gestione di Reti - Debora Cerretini (#1290)deboracerretini2021-09-17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Add files via upload * Add files via upload * Add files via upload * Add files via upload * Add files via upload * Add files via upload * Add files via upload * Add files via upload * Add files via upload * Add files via upload * Add files via upload * Add files via upload * Add files via upload * Add files via upload * Add files via upload Co-authored-by: Luca Deri <lucaderi@users.noreply.github.com>
* TLS: avoid zeroing large structures (#1300)Ivan Nardi2021-09-16
| | | | | | | | | | Zeroing large structures (i.e. size > KB) is quite costly (from a CPU point of view): we can safely avoid doing that for a couple of big structures. Standard and Valgrind tests have been diverging quite a lot: it is time to re-sync them. Use the same script and enable Valgrind via an enviroment variable: NDPI_TESTS_VALGRIND=1 ./tests/do.sh
* Adds instructions to update flow risks in ntopngSimone Mainardi2021-09-15
|
* Hangout: fix usage of STUN function (#1299)Ivan Nardi2021-09-13
|
* Fix some ndpi_malloc/ndpi_free pairs (#1298)Ivan Nardi2021-09-13
|
* Update the list of default ports for QUIC protocol (#1297)Ivan Nardi2021-09-13
| | | There are no reasons to register UDP/80 as a default port for QUIC
* Bittorrent: fix a potential use-of-uninitialized-value error (#1296)Ivan Nardi2021-09-13
| | | | | | Not sure if this is the right fix (from a logical point-of-view): this code hasn't changed since OpenDPI era (!) and I have't found a trace triggering this code path. Anyway, the use-of-uninitialized-value error itself should be fixed.
* Removing unused fields from the id_struct structure. (#1293)Vitaly Lavrov2021-09-13
| | | Reduced by 40 bytes.
* Cassandra: fix compilation when "--enable-debug-messages" option is used (#1294)Ivan Nardi2021-09-11
| | | | Let's try adding a dedicated compilation in GitHub Actions to easily detect this kind of errors in the future
* Fix unit test results after 00857abf (#1295)Ivan Nardi2021-09-11
|
* Added new risk for clear text credentialsLuca Deri2021-09-10
|
* Add Cassandra protocol dissector (#1285)lucasbaile2021-09-09
| | | Co-authored-by: Lucas Santos <lucas.santos@zerum.com>
* Win fixLuca Deri2021-09-07
|
* Fix unused varAlfredo Cardigliano2021-09-03
|
* Print API versionAlfredo Cardigliano2021-09-01
|
* Fixed memory statsLuca Deri2021-08-26
|
* ARM fixesLuca Deri2021-08-25
|
* Compilation fixLuca Deri2021-08-20
|
* Fix access to some TLS fields in flow structure (#1277)Ivan Nardi2021-08-20
| | | | Fields 'tls.hello_processed` and `tls.subprotocol_detected` are used by QUIC (i.e UDP...), too.
* Compile everything with "-W -Wall -Wno-unused-parameter" flags (#1276)Ivan Nardi2021-08-20
| | | | | | | | | | | | | | | | Fix all the warnings. Getting rid of "-Wno-unused-parameter" is quite complex because some parameters usage depends on compilation variable (i.e. `--enable-debug-messages`). The "-Werror" flag has been added only in Travis builds to avoid breaking the builds to users using uncommon/untested OS/compiler/enviroment. Tested on: * x86_64; Ubuntu 20.04; gcc 7,8,9,10,11; clang 7,8,9,10,11,12 * x86_64; CentOS 7.7; gcc 4.8.5 (with "--disable-gcrypt" flag) * Raspberry 4; Debian 10.10; gcc 8.3.0
* wireshark/lua: restore full flow risks dissection (#1275)Ivan Nardi2021-08-18
| | | | | | | | It was partially disabled in 3eba8cc5. Wireshark and Wireshark-Lua bindings don't handle 64 bit integer very well. (see https://www.wireshark.org/docs/wsdg_html_chunked/lua_module_Int64.html). As workaround, only for visualization purpose, split the (64 bit) risk mask into two 32 bit integer values.
* Fixed Mingw64 build, SonerCloud-CI and more. (#1273)Toni2021-08-18
| | | | | | | | | | | | | * Added ARM build and unit test run for SonarCloud-CI. Signed-off-by: Toni Uhlig <matzeton@googlemail.com> * Fixed Mingw64 build. * adapted to SonarCloud-CI workflow * removed broken and incomplete Windows example (tested on VS2017/VS2019) * removed unnecessary include (e.g. pthread.h for the library which does not make use of it) Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
Powered by cgit, Themed by Ted Yin.