| Commit message (Collapse) | Author | Age | |
|---|---|---|---|
| * | TOR: fix ip lists (#2748) | Ivan Nardi | 2025-02-27 |
| | | | | | One list is from ingress nodes (used for protocol classification) and the second one is from exit nodes (used for flow risk check) | ||
| * | Fix csv serialization | Alfredo Cardigliano | 2025-02-26 |
| | | |||
| * | Add a basic example to show how to use geo API (#2747) | Ivan Nardi | 2025-02-25 |
| | | | | Credits to @LTxAlves | ||
| * | Improved Tor detection | Luca Deri | 2025-02-24 |
| | | |||
| * | Sync unit tests results | Ivan Nardi | 2025-02-24 |
| | | |||
| * | Improved Tor exit node download and added IPv6 support | Luca Deri | 2025-02-24 |
| | | |||
| * | Add city as a geoip possibility (#2746) | Leonardo Teixeira Alves | 2025-02-24 |
| | | |||
| * | Improved Google PlayStore detection | Luca Deri | 2025-02-24 |
| | | |||
| * | UBNTAC2: rework detection (#2744) | Ivan Nardi | 2025-02-23 |
| | | |||
| * | Add LagoFast protocol dissector. (#2743) | Toni | 2025-02-23 |
| | | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | ||
| * | RTP: payload type info should be set only for real RTP flows (#2742) | Ivan Nardi | 2025-02-22 |
| | | |||
| * | Update the capture length of the ssdp example (#2741) | Ivan Nardi | 2025-02-21 |
| | | | | | | | | | Some old libpcap versions don't handle pcap files with capture length bigger than 262144 bytes ``` ERROR: could not open pcap file: invalid interface capture length 524288, bigger than maximum of 262144 ``` | ||
| * | Create a new protocol id to handle Mozilla/Firefox generic traffic (#2740) | Ivan Nardi | 2025-02-21 |
| | | | | Close #2738 | ||
| * | Move `rtp` info out of `flow->protos` (#2739) | Ivan Nardi | 2025-02-21 |
| | | | | | | Thiw way, the code is ready to handle rtp info from STUN flows too. And, most important, this change works as workaround to fix some crashes reported by oss-fuzz | ||
| * | Fix build error due to an unused static function in the p17m fuzzer. (#2737) | Toni | 2025-02-21 |
| | | | | | | * fixed buffer overflow in RTP dissector Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | ||
| * | Added check | Luca | 2025-02-21 |
| | | |||
| * | Updated test result | Luca | 2025-02-21 |
| | | |||
| * | Improved RTP dissection with EVS and other mobile voice codecs | Luca Deri | 2025-02-20 |
| | | |||
| * | Updated test rsults after RTP payload extraction | Luca Deri | 2025-02-19 |
| | | |||
| * | Exported RTP payload in packet metadata | Luca Deri | 2025-02-19 |
| | | | | | Added ndpi_rtp_payload_type2str() API call | ||
| * | Further domain checks | Luca Deri | 2025-02-19 |
| | | |||
| * | Fixed bug in domain name computation | Luca Deri | 2025-02-17 |
| | | |||
| * | SSDP: add configuration for disabling metadata extraction (#2736) | Ivan Nardi | 2025-02-17 |
| | | |||
| * | DNS: rework "extra-dissection" code (#2735) | Ivan Nardi | 2025-02-17 |
| | | |||
| * | added metadata fields for M-NOTIFY (#2733) | Ivan Kapranov | 2025-02-17 |
| | | |||
| * | Fix/restore some public defines (#2734) | Ivan Nardi | 2025-02-17 |
| | | | | See 6899f6c17 and 9bf513b34 | ||
| * | Added defines | Luca Deri | 2025-02-16 |
| | | |||
| * | Reworked memory allocation | Luca Deri | 2025-02-16 |
| | | |||
| * | DNS: fix message parsing (#2732) | Ivan Nardi | 2025-02-16 |
| | | |||
| * | Implement SSDP Metadata export (#2729) | Ivan Kapranov | 2025-02-16 |
| | | | | Close #2524 | ||
| * | DNS: fix parsing of hostname for empty response messages (#2731) | Ivan Nardi | 2025-02-16 |
| | | |||
| * | DNS: rework adding entries to the FPC-DNS cache (#2730) | Ivan Nardi | 2025-02-16 |
| | | | | | | Try to populate the FPC-DNS cache using directly the info from the current packet, and not from the metadata saved in `struct ndpi_flow_struct`. This will be important when adding monitoring support | ||
| * | DNS: improved detection and handling of TCP packets (#2728) | Ivan Nardi | 2025-02-15 |
| | | |||
| * | DNS: rework code (#2727) | Ivan Nardi | 2025-02-15 |
| | | |||
| * | Added RUTUBE (#2725) | Ivan Kapranov | 2025-02-15 |
| | | |||
| * | DNS: fix dissection (#2726) | Ivan Nardi | 2025-02-15 |
| | | |||
| * | DNS: set `NDPI_MALFORMED_PACKET` risk if the answer message is invalid (#2724) | Ivan Nardi | 2025-02-15 |
| | | | | We already set the same flow risk for invalid request messages | ||
| * | reworked ntp info extraction (#2723) | Ivan Kapranov | 2025-02-15 |
| | | |||
| * | DNS: rework code parsing responses (#2722) | Ivan Nardi | 2025-02-14 |
| | | |||
| * | DNS: rework/isolate code to process domain name (#2721) | Ivan Nardi | 2025-02-13 |
| | | |||
| * | DNS: faster exclusion (#2719) | Ivan Nardi | 2025-02-12 |
| | | |||
| * | DNS: try to simplify the code (#2718) | Ivan Nardi | 2025-02-12 |
| | | | | Set the classification in only one place in the code. | ||
| * | ndpiReader: print more DNS information (#2717) | Ivan Nardi | 2025-02-11 |
| | | |||
| * | DNS: fix check for DGA domain (#2716) | Ivan Nardi | 2025-02-11 |
| | | | | | If we have a (potential) valid sub-classification, we shoudn't check for DGA, even if the subclassification itself is disabled! | ||
| * | DNS: disable subclassification by default (#2715) | Ivan Nardi | 2025-02-11 |
| | | | | | Prelimary change to start supporting multiple DNS transactions on the same flow | ||
| * | DNS: evaluate all flow risks even if sub-classification is disabled (#2714) | Ivan Nardi | 2025-02-11 |
| | | |||
| * | dns: fix writing to `flow->protos.dns` | Ivan Nardi | 2025-02-11 |
| | | | | | | We can't write to `flow->protos.dns` until we are sure it is a valid DNS flow | ||
| * | DNS: fix dissection when there is only the response message | Ivan Nardi | 2025-02-11 |
| | | |||
| * | DNS: extend tests | Ivan Nardi | 2025-02-11 |
| | | |||
| * | Removed trace | Luca Deri | 2025-02-10 |
| | | |||