| Commit message (Collapse) | Author | Age | ||
|---|---|---|---|---|
| ... | ||||
| * | Fix handling of NDPI_UNIDIRECTIONAL_TRAFFIC risk (#1636) | Ivan Nardi | 2022-07-05 | |
| | | ||||
| * | SMTP with STARTTLS is now identified as SMTPS | Luca Deri | 2022-07-05 | |
| | | ||||
| * | Detect SMTPs w/ STARTTLS as TLS and dissect client/server hello. Fixes ↵ | Toni | 2022-07-05 | |
| | | | | | | | | #1630. (#1637) * FTP needs to get updated as well as it has similiar STARTTLS semantics -> follow-up Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | |||
| * | Run regression tests from different locations at the same time w/o side ↵ | Toni | 2022-07-05 | |
| | | | | | | effects on the results. (#1638) Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | |||
| * | Exported username in flow information | Luca Deri | 2022-07-04 | |
| | | ||||
| * | Updated ndpi_check_flow_risk_exceptions() signature | Luca Deri | 2022-07-04 | |
| | | ||||
| * | Cleaned-up issuer DN check code adding | Luca Deri | 2022-07-04 | |
| | | | | | | | | | | u_int8_t ndpi_check_issuerdn_risk_exception(struct ndpi_detection_module_struct *ndpi_str, char *issuerDN); Added new API function for checking nDPI-configured exceptions u_int8_t ndpi_check_flow_risk_exception(struct ndpi_detection_module_struct *ndpi_str, u_int num_params, ndpi_risk_params **params); | |||
| * | Set CiscoVPN as a network protocol | Luca Deri | 2022-07-04 | |
| | | ||||
| * | Updated JA3/SSL fingerprints. | Toni Uhlig | 2022-07-04 | |
| | | | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | |||
| * | Replaced malicious JA3-md5/SSL-cert-sha1 ac automata with hashmaps. | Toni Uhlig | 2022-07-04 | |
| | | | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | |||
| * | Added UltraSurf protocol dissector. (#1618) | Toni | 2022-07-04 | |
| | | | | | | * TLSv1.3 UltraSurf flows are not detected by now Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | |||
| * | Add two new confidence values: confidence by partial DPI (#1632) | Ivan Nardi | 2022-07-04 | |
| | | | | | Used for all classifications based on partial/incomplete DPI information, i.e. all classifications done in `ndpi_detection_giveup()`. | |||
| * | Update host content list match (#1633) | Ivan Nardi | 2022-07-04 | |
| | | | | | Improve classifications of Outlook, Cachefly, Cloudflare, Tiktok and Cybersecurity. | |||
| * | Sync Psiphon unit test. (#1634) | Toni | 2022-07-04 | |
| | | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | |||
| * | Added Psiphon detection patterns. See #566 and #1099. (#1631) | Toni | 2022-07-04 | |
| | | | | | | * The traces are not up to date, but this is the best we got so far. Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | |||
| * | OCSP: improve detection (#1629) | Ivan Nardi | 2022-07-04 | |
| | | ||||
| * | Added i3D and RiotGames protocol dissectors. (#1609) | Toni | 2022-07-03 | |
| | | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | |||
| * | TargusDataspeed: avoid false positives (#1628) | Ivan Nardi | 2022-07-03 | |
| | | | | | | TargusDataspeed dissector doesn't perform any real DPI checks but it only looks at the TCP/UDP ports. Delete it, and use standard logic to classify these flows by port. | |||
| * | Update ASN/IPs lists (#1627) | Ivan Nardi | 2022-07-03 | |
| | | ||||
| * | bins: add support for 64bit bins (#1626) | Ivan Nardi | 2022-07-03 | |
| | | ||||
| * | Skinny: rework and improve classification (#1625) | Ivan Nardi | 2022-07-03 | |
| | | ||||
| * | Skype_Teams, Mining, SnapchatCall: fix flow category (#1624) | Ivan Nardi | 2022-07-03 | |
| | | ||||
| * | Minor changes in how classification results are set (#1623) | Ivan Nardi | 2022-07-03 | |
| | | | | | | Protocol classification should always be set via `ndpi_set_detected_protocol()`: this way, the values in `flow->detected_protocol_stack[]` are always coherent. | |||
| * | Usenet: improve dissection (#1622) | Ivan Nardi | 2022-07-03 | |
| | | ||||
| * | Fix category for mail sessions (#1621) | Ivan Nardi | 2022-07-03 | |
| | | | | Close #629 | |||
| * | TLS: add support for old DTLS versions and for detection of mid-sessions (#1619) | Ivan Nardi | 2022-07-03 | |
| | | ||||
| * | Fix a compilation warning (#1620) | Ivan Nardi | 2022-07-03 | |
| | | | | | | | | | With clang-15 (nightly build) ``` In file included from ndpi_bitmap.c:39: ./third_party/src/roaring.cc:14233:13: warning: variable 'run_count' set but not used [-Wunused-but-set-variable] int run_count = 0; ``` | |||
| * | Generate profiling results as PNG. | Toni Uhlig | 2022-07-03 | |
| | | | | | | | * use -ltcmalloc_and_profiler and try to get rid of LD_PRELOAD=/usr/lib/x86_64-linux-gnu/libprofiler.so Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | |||
| * | gprof test/CI integration | lns | 2022-07-03 | |
| | | | | | | Signed-off-by: lns <matzeton@googlemail.com> Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | |||
| * | Improved TFTP. Dissect Read/Write Request filenames. (#1617) | Toni | 2022-07-03 | |
| | | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | |||
| * | Added TSAN support. (#1613) | Toni | 2022-07-03 | |
| | | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | |||
| * | Fix byte-order issue during ndpiReader tcp/udp src/dst port serialization. ↵ | Toni | 2022-07-03 | |
| | | | | | | | | | Fixes #1608. (#1614) * fixed possible memory leak caused by an invalid call to `node_proto_guess_walker()` during serialization * execute serialization code while running regression tests Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | |||
| * | Added Cloudflare WARP detection patterns. (#1615) (#1616) | Toni | 2022-07-02 | |
| | | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | |||
| * | Fixed SMTP default port 587 | Luca Deri | 2022-07-02 | |
| | | ||||
| * | Added TunnelBear VPN detection patterns. (#1615) | Toni | 2022-07-01 | |
| | | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | |||
| * | Updated (C) | Luca Deri | 2022-06-30 | |
| | | ||||
| * | Removed space from "Genshin Impact" | Luca Deri | 2022-06-30 | |
| | | ||||
| * | sync unit tests (#1612) | Toni | 2022-06-30 | |
| | | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | |||
| * | Fix after the protocol name update | Luca Deri | 2022-06-28 | |
| | | ||||
| * | Renamed Z39.50 -> Z3950 as the '.' breaks the naming convention | Luca | 2022-06-28 | |
| | | | | | QUIC is a network protocol | |||
| * | Enhanced TLS risk info reported to users | Luca Deri | 2022-06-28 | |
| | | ||||
| * | Added default port for syslog TCP | Luca Deri | 2022-06-27 | |
| | | ||||
| * | Fix compilation and sync unit tests results (#1606) | Ivan Nardi | 2022-06-20 | |
| | | ||||
| * | Added unidirectional traffic flow risk | Luca Deri | 2022-06-20 | |
| | | ||||
| * | Improved SOAP via HTTP. (#1605) | Toni | 2022-06-18 | |
| | | | | Signed-off-by: lns <matzeton@googlemail.com> | |||
| * | Improved GenshinImpact protocol dissector. (#1604) | Toni | 2022-06-18 | |
| | | | | Signed-off-by: lns <matzeton@googlemail.com> | |||
| * | Added collectd dissector (again). (#1601) | Toni | 2022-06-17 | |
| | | | | Signed-off-by: lns <matzeton@googlemail.com> | |||
| * | Replaced nDPI's internal hashmap with uthash. (#1602) | Toni | 2022-06-17 | |
| | | | | Signed-off-by: lns <matzeton@googlemail.com> | |||
| * | Improved IPSec/ISAKMP detection. (#1600) | Toni | 2022-06-16 | |
| | | | | Signed-off-by: lns <matzeton@googlemail.com> | |||
| * | Added new test pcaps | Luca | 2022-06-15 | |
| | | ||||