libndpi.git - Open Source Deep Packet Inspection Software Toolkit

	Commit message (Collapse)	Author	Age
*	Fix parsing of ipv6 packets with extension headers	Nardi Ivan	2021-09-19
\| \| \| \| \| \| \| \|	Decoding of ipv6 traffic with extension headers was completely broken, since the beginning of the L4 header was always set to a wrong value. Handle the ipv6 fragments in the same way as the ipv4 ones: keep the first one and drop the others.
*	Compile everything with "-W -Wall -Wno-unused-parameter" flags (#1276)	Ivan Nardi	2021-08-20
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	Fix all the warnings. Getting rid of "-Wno-unused-parameter" is quite complex because some parameters usage depends on compilation variable (i.e. `--enable-debug-messages`). The "-Werror" flag has been added only in Travis builds to avoid breaking the builds to users using uncommon/untested OS/compiler/enviroment. Tested on: * x86_64; Ubuntu 20.04; gcc 7,8,9,10,11; clang 7,8,9,10,11,12 * x86_64; CentOS 7.7; gcc 4.8.5 (with "--disable-gcrypt" flag) * Raspberry 4; Debian 10.10; gcc 8.3.0
*	Fixed Mingw64 build, SonerCloud-CI and more. (#1273)	Toni	2021-08-18
\| \| \| \| \| \| \| \| \| \| \| \| \|	* Added ARM build and unit test run for SonarCloud-CI. Signed-off-by: Toni Uhlig <matzeton@googlemail.com> * Fixed Mingw64 build. * adapted to SonarCloud-CI workflow * removed broken and incomplete Windows example (tested on VS2017/VS2019) * removed unnecessary include (e.g. pthread.h for the library which does not make use of it) Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
*	Defined more standard ethernet protocol types	Luca Deri	2021-08-09
\|
*	Added protocol defines	Luca Deri	2021-08-09
\|
*	Implemented ALPN automa for checking uncommon ALPNs	Luca Deri	2021-07-24
\|
*	Reworked flow risk implementation	Luca Deri	2021-07-23
\|
*	Implemented function to retrieve flow information. #1253 (#1254)	Toni	2021-07-23
\| \| \| \| \|	* fixed [h]euristic typo Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
*	Implementation of flow risk eception (work in progress)	Luca Deri	2021-07-22
\|
*	ndpiReader: add statistics about nDPI performance (#1240)	Ivan Nardi	2021-07-13
\| \| \| \| \| \| \|	The goal is to have a (roughly) idea about how many packets nDPI needs to properly classify a flow. Log this information (and guessed flows number too) during unit tests, to keep track of improvements/regressions across commits.
*	Reworked human readeable string search in flows	Luca Deri	2021-05-17
\| \| \| \|	Removed fragment manager code
*	Check datalink during fuzzing to prevent console / logfile spam. See #1175 ↵	Toni	2021-05-09
\| \| \| \| \|	for more information. (#1177) Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
*	Initial work towards detection via TLS of browser types	Luca	2021-05-06
\|
*	Check for common ALPNs and set a flow risk if not known. (#1175)	Toni	2021-04-27
\| \| \| \| \| \|	* Increased risk bitmask to 64bit (instead of 32bit). * Removed annoying "Unknown datalink" error message for fuzzers. Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
*	Added flow risk to wireshark dissection	Luca Deri	2021-04-26
\|
*	Fix detunneling of GTP-U traffic (#1168)	Ivan Nardi	2021-04-18
\| \| \| \| \|	Fuzzing #1161 exposed some (completely unrelated) issues on GTP-U detunneling code. (see https://github.com/ntop/nDPI/actions/runs/719882047)
*	Fixed invalid guess stats	Luca Deri	2021-03-30
\|
*	ndpiReader: print an error msg if we found an unsupported datalink type (#1157)	Ivan Nardi	2021-03-23
\|
*	Reworked extendal dependency across testing tools	Luca Deri	2021-03-14
\|
*	Added experiemntal JA3+ implementation that can be used with -z i ndpiReader	Luca Deri	2021-03-09
\|
*	Add support for Snapchat voip calls (#1147)	Ivan Nardi	2021-03-06
\| \| \| \| \| \| \| \| \|	* Add support for Snapchat voip calls Snapchat multiplexes some of its audio/video real time traffic with QUIC sessions. The peculiarity of these sessions is that they are Q046 and don't have any SNI. * Fix tests with libgcrypt disabled
*	Fixed memory leaks caused by conditional free'ing for some TLS connec… (#1132)	Toni	2021-02-10
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	* Fixed memory leaks caused by conditional free'ing for some TLS connections. * Members of tls_quic struct should also free'd if the detected master protocol is IMAPS / POPS / SMTPS / etc. Signed-off-by: Toni Uhlig <matzeton@googlemail.com> * Prevent reader_util.c from exit()'ing if maximum flow count reached. This confuses the fuzzer. * Improved fuzz/Makefile.am to use LDADD for ../example/libndpiReader.a instead of LDFLAGS. That way, fuzz_ndpi_reader re-links to ../example/libndpiReader.a if something changed there. Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
*	RSI enhancements	Luca Deri	2021-02-05
\|
*	Improved debug message	Luca Deri	2021-02-03
\|
*	Cleaned up tls/quic datatypes	Luca Deri	2021-01-21
\|
*	Reworked TLS fingerprint calcolation	Luca Deri	2021-01-21
\| \| \| \|	Modified TLS memory free
*	(C) Update	Luca Deri	2021-01-07
\|
*	Split HTTP request from response Content-Type. Request Content-Type should ↵	Luca Deri	2021-01-06
\| \| \| \|	be present with POSTs and not with other methods such as GET
*	Restored QUIC stats	Luca Deri	2020-12-30
\|
*	Fixed output when tLS (nad not QUIC) is used	Luca Deri	2020-12-28
\|
*	Fixes bug introduced by https://github.com/ntop/nDPI/pull/1085	Luca Deri	2020-12-12
\|
*	Fix minimum packet length condition (#1087)	Zied Aouini	2020-12-12
\|
*	Added --ignore-vlanid / -I to exclude VLAN ids for flow hash calculation. ↵	Toni	2020-12-11
\| \| \| \| \|	#1073 (#1085) Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
*	Support raw IPv4 / IPv6 pcap packet processing. (#1053)	Toni	2020-11-09
\| \| \|	Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
*	Cosmetic changes	Luca Deri	2020-11-03
\|
*	Moved global in reader_util.c	Luca Deri	2020-10-27
\|
*	Added -D flag for detecting DoH in the wild	Luca Deri	2020-10-26
\| \| \| \|	Removed heuristic from CiscoVPN as it leads to false positives
*	Various improvemement when using ndpi_pref_enable_tls_block_dissection:	Luca Deri	2020-10-24
\| \| \| \| \| \|	application data TLS blocks are now ignored when exchanged before - the end of certificate negotiation (up to TLS 1.2) - change cipher
*	Fix parsing of DLT_PPP datalink type (#1042)	Ivan Nardi	2020-10-21
\|
*	CAPWAP tunnel decoding fix (#1038)	Zied Aouini	2020-10-21
\| \| \| \| \|	* Fix CAPWAP processing. * Update result.
*	Fix CAPWAP handling.	aouinizied	2020-10-13
\|
*	Added ndpi_quick_16_byte_hash	Luca	2020-10-05
\| \| \| \|	Warning fix
*	Warning fix	Luca Deri	2020-10-03
\|
*	Reworked MDNS dissector that is not based on the DNS dissector	Luca Deri	2020-09-17
\|
*	http: create a common function to parse User Agent field	Nardi Ivan	2020-09-08
\| \| \| \|	Prepare the code to handle UA information from flows other than HTTP
*	OpenBSD: Introduce pkt_timeval to deal with (bpf_)_timeval	Adrian Zgorzałek	2020-08-09
\| \| \| \| \| \|	Some BSD APIs called in example/ return `struct bpf_timeval`, where nDPI APIs expect `struct timeval`. These two structs, besides having a different name, share the exact same set of fields.
*	Tiny changes for TLS block lenght dissection	Luca Deri	2020-07-29
\|
*	wrapper cleanup	Luca Deri	2020-07-13
\|
*	Fixed heap overflow caused by missing lengthcheck in 802.11 LLC header parsing.	Toni Uhlig	2020-07-11
\| \| \| \| \| \|	* triggered by fuzz traces from wireshark Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
*	Removed csv_fp as external symbol. Instead passing csv_fp through as argument.	Toni Uhlig	2020-07-08
\| \| \| \|	Signed-off-by: Toni Uhlig <matzeton@googlemail.com>