aboutsummaryrefslogtreecommitdiff
path: root/example/protos.txt
Commit message (Collapse)AuthorAge
* Performed some grammar and typo fixes (#2511)Petr2024-07-19
|
* fuzz: extend fuzzing coverage (#2281)Ivan Nardi2024-01-24
|
* Improve handling of custom rules (#2276)Ivan Nardi2024-01-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Avoid collisions between user-ids and internal-ids protocols in the `example/protos.txt` file. Add a new value for the classification confidence: `NDPI_CONFIDENCE_CUSTOM_RULE` With `./example/ndpiReader -p example/protos.txt -H` we now see also the custom protocols and their internal/external ids: ``` nDPI supported protocols: Id Userd-id Protocol Layer_4 Nw_Proto Breed Category 0 0 Unknown TCP X Unrated Unspecified ... 387 387 Mumble UDP X Fun VoIP 388 388 iSCSI TCP Acceptable Unspecified 389 389 Kibana TCP Acceptable Unspecified 390 390 TestProto TCP Acceptable Unspecified 391 391 HomeRouter TCP Acceptable Unspecified 392 392 CustomProtocol TCP Acceptable Unspecified 393 393 AmazonPrime TCP Acceptable Unspecified 394 394 CustomProtocolA TCP Acceptable Unspecified 395 395 CustomProtocolB TCP Acceptable Unspecified 396 800 CustomProtocolC TCP Acceptable Unspecified 397 1024 CustomProtocolD TCP Acceptable Unspecified 398 2048 CustomProtocolE TCP Acceptable Unspecified 399 2049 CustomProtocolF TCP Acceptable Unspecified 400 2050 CustomProtocolG TCP Acceptable Unspecified 401 65535 CustomProtocolH TCP Acceptable Unspecified ``` We likely need to take a better look in general at the iteration between internal and external protocols ids... This PR fixes the issue observed in https://github.com/ntop/nDPI/pull/2274#discussion_r1460674874 and in https://github.com/ntop/nDPI/pull/2275.
* Implements support for symbolic host names (#2123)Luca Deri2023-10-29
|
* IPv6: add support for IPv6 risk exceptions (#2122)Ivan Nardi2023-10-29
|
* IPv6: add support for custom rules (#2120)Ivan Nardi2023-10-29
|
* ProtonVPN: split the ip list (#2060)Ivan Nardi2023-07-27
| | | | | | | | | | | Use two separate lists: * one for the ingress nodes, which triggers a ProtonVPN classification * one for the egress nodes, which triggers the `NDPI_ANONYMOUS_SUBSCRIBER` risk Add a command line option (to `ndpiReader`) to easily test IP/port matching. Add another example of custom rule.
* Add another example of custom rules (#1923)Ivan Nardi2023-03-30
| | | | | | Add an example where traffic matching the same IP, but different ports is classified to different protocols. Close #189
* Removed overlapping portLuca Deri2023-03-21
|
* Add some fuzzers to test other data structures. (#1870)Ivan Nardi2023-01-25
| | | | | | | Start using a dictionary for fuzzing (see: https://llvm.org/docs/LibFuzzer.html#dictionaries). Remove some dead code. Fuzzing with debug enabled is not usually a great idea (from performance POV). Keep the code since it might be useful while debugging.
* Fix infinite loop when a custom rule has port 65535 (#1833)Ivan Nardi2022-12-21
| | | Close #1829
* Updated test resultsLuca Deri2022-12-05
|
* Finalized nBPF support. You can now define custom protocols such asLuca Deri2022-09-21
| | | | | | | | | | (see exaple/protos.txt) nbpf:"host 192.168.1.1 and port 80"@HomeRouter In order to have nBPF support, you need to compile nDPI with it. Just download https://github.com/ntop/PF_RING in the same directory where you have downloaded nDPI and compile PF_RING/userland/nbpf
* Adds some risk exceptions for popular services and domain namesLuca2022-01-17
| | | | via a new (internal) function named ndpi_add_domain_risk_exceptions()
* Added the ability to specify trusted issueDN often used in companies to ↵Luca Deri2022-01-13
| | | | | | | | | | | self-signed certificates This allows to avoid triggering alerts for trusted albeit private certificate issuers. Extended the example/protos.txt with the new syntax for specifying trusted issueDN. Example: trusted_issuer_dn:"CN=813845657003339838, O=Code42, OU=TEST, ST=MN, C=US"
* Improved risk detection mask algorithmLuca Deri2021-07-26
|
* Risk check improvementLuca Deri2021-07-24
|
* Fixed risk mask implementationLuca Deri2021-07-23
|
* Implementation of flow risk eception (work in progress)Luca Deri2021-07-22
|
* Added missing comma (#1116)morefigs2021-01-21
| | | I presume there is a comma missing in this comma separated list.
* Introduced custom protocols with IP and (optional) port supportLuca Deri2020-05-06
| | | | | | | | | | | | | | | | Example - Single IP address ip:213.75.170.11@CustomProtocol - IP address with CIDR ip:213.75.170.11/32@CustomProtocol - IP address with CIDR and port ip:213.75.170.11/32:443@CustomProtocol Please note that there are some restrictions on the port usage. They have been listed in example/protos.txt
* Reworked protocol handling chnging it is u_int16_tLuca Deri2020-05-06
|
* Added detection of Microsoft TeamsLuca Deri2020-04-16
|
* Xbox and PS4 static port classification.Ravi Kerur2019-07-23
| | | | Signed-off-by: Ravi Kerur <ravi.kerur@viasat.com>
* spelling: googlesyndicationJosh Soref2017-03-12
|
* Added check for removing characters from nDPI custom-defined protocols that ↵Luca Deri2015-07-16
| | | | might cause apps to misbehave.
* Fix ip based protocol example in protos.txtgeorge.vakras@gmail.com2015-06-17
|
* Allow loading host IP based protocols from protos.txtgeorge.vakras@gmail.com2015-06-15
|
* Initial import from SVNLuca Deri2015-04-19
Powered by cgit, Themed by Ted Yin.