aboutsummaryrefslogtreecommitdiff
path: root/example/protos.txt
Commit message (Collapse)AuthorAge
* Implements support for symbolic host names (#2123)Luca Deri2023-10-29
|
* IPv6: add support for IPv6 risk exceptions (#2122)Ivan Nardi2023-10-29
|
* IPv6: add support for custom rules (#2120)Ivan Nardi2023-10-29
|
* ProtonVPN: split the ip list (#2060)Ivan Nardi2023-07-27
| | | | | | | | | | | Use two separate lists: * one for the ingress nodes, which triggers a ProtonVPN classification * one for the egress nodes, which triggers the `NDPI_ANONYMOUS_SUBSCRIBER` risk Add a command line option (to `ndpiReader`) to easily test IP/port matching. Add another example of custom rule.
* Add another example of custom rules (#1923)Ivan Nardi2023-03-30
| | | | | | Add an example where traffic matching the same IP, but different ports is classified to different protocols. Close #189
* Removed overlapping portLuca Deri2023-03-21
|
* Add some fuzzers to test other data structures. (#1870)Ivan Nardi2023-01-25
| | | | | | | Start using a dictionary for fuzzing (see: https://llvm.org/docs/LibFuzzer.html#dictionaries). Remove some dead code. Fuzzing with debug enabled is not usually a great idea (from performance POV). Keep the code since it might be useful while debugging.
* Fix infinite loop when a custom rule has port 65535 (#1833)Ivan Nardi2022-12-21
| | | Close #1829
* Updated test resultsLuca Deri2022-12-05
|
* Finalized nBPF support. You can now define custom protocols such asLuca Deri2022-09-21
| | | | | | | | | | (see exaple/protos.txt) nbpf:"host 192.168.1.1 and port 80"@HomeRouter In order to have nBPF support, you need to compile nDPI with it. Just download https://github.com/ntop/PF_RING in the same directory where you have downloaded nDPI and compile PF_RING/userland/nbpf
* Adds some risk exceptions for popular services and domain namesLuca2022-01-17
| | | | via a new (internal) function named ndpi_add_domain_risk_exceptions()
* Added the ability to specify trusted issueDN often used in companies to ↵Luca Deri2022-01-13
| | | | | | | | | | | self-signed certificates This allows to avoid triggering alerts for trusted albeit private certificate issuers. Extended the example/protos.txt with the new syntax for specifying trusted issueDN. Example: trusted_issuer_dn:"CN=813845657003339838, O=Code42, OU=TEST, ST=MN, C=US"
* Improved risk detection mask algorithmLuca Deri2021-07-26
|
* Risk check improvementLuca Deri2021-07-24
|
* Fixed risk mask implementationLuca Deri2021-07-23
|
* Implementation of flow risk eception (work in progress)Luca Deri2021-07-22
|
* Added missing comma (#1116)morefigs2021-01-21
| | | I presume there is a comma missing in this comma separated list.
* Introduced custom protocols with IP and (optional) port supportLuca Deri2020-05-06
| | | | | | | | | | | | | | | | Example - Single IP address ip:213.75.170.11@CustomProtocol - IP address with CIDR ip:213.75.170.11/32@CustomProtocol - IP address with CIDR and port ip:213.75.170.11/32:443@CustomProtocol Please note that there are some restrictions on the port usage. They have been listed in example/protos.txt
* Reworked protocol handling chnging it is u_int16_tLuca Deri2020-05-06
|
* Added detection of Microsoft TeamsLuca Deri2020-04-16
|
* Xbox and PS4 static port classification.Ravi Kerur2019-07-23
| | | | Signed-off-by: Ravi Kerur <ravi.kerur@viasat.com>
* spelling: googlesyndicationJosh Soref2017-03-12
|
* Added check for removing characters from nDPI custom-defined protocols that ↵Luca Deri2015-07-16
| | | | might cause apps to misbehave.
* Fix ip based protocol example in protos.txtgeorge.vakras@gmail.com2015-06-17
|
* Allow loading host IP based protocols from protos.txtgeorge.vakras@gmail.com2015-06-15
|
* Initial import from SVNLuca Deri2015-04-19
Powered by cgit, Themed by Ted Yin.