aboutsummaryrefslogtreecommitdiff
path: root/src/lib/ndpi_main.c
Commit message (Collapse)AuthorAge
...
* Added NDPI_MALICIOUS_SHA1 flow risk. (#1142)Toni2021-02-26
| | | | | | * An external file which contains known malicious SSL certificate SHA-1 hashes can be loaded via ndpi_load_malicious_sha1_file(...) Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* [Fix] replace free to ndpi_free (#1140)pengtian2021-02-25
| | | same as https://github.com/ntop/nDPI/issues/1096
* Fix ndpi_fill_prefix_v6Alfredo Cardigliano2021-02-24
|
* Add more utility functions to work with patricia treesAlfredo Cardigliano2021-02-23
|
* Add support for MAC to Patricia tree. Expose full API to applications. Add ↵Alfredo Cardigliano2021-02-23
| | | | utility functions.
* Added NDPI_MALICIOUS_JA3 flow riskLuca Deri2021-02-22
| | | | Added ndpi_load_malicious_ja3_file() API call
* Implemented TLS Certificate Sibject matchingLuca Deri2021-02-22
| | | | Improved AnyDesk detection
* Added risky domain flow-risk supportLuca Deri2021-02-21
|
* Removed old unused codeLuca Deri2021-02-19
|
* Fix leakAlfredo Cardigliano2021-02-19
|
* Initial geoip supportLuca Deri2021-02-18
|
* Improved nDPI string matching algorithmLuca Deri2021-02-18
|
* Fixes due to the fragment mananegr codeLuca Deri2021-02-18
|
* Fix warningAlfredo Cardigliano2021-02-12
|
* Performance optimization to avoid un-necessary calls and thus increase the ↵Luca Deri2021-02-11
| | | | overall performance
* Some optimizations during flow guessLuca Deri2021-02-10
|
* Code refactoryLuca Deri2021-02-10
|
* Removed now obsolete NDPI_DETECTION_SUPPORT_IPV6: code is more readeable nowLuca Deri2021-02-10
|
* Fixed memory leaks caused by conditional free'ing for some TLS connec… (#1132)Toni2021-02-10
| | | | | | | | | | | | | | | * Fixed memory leaks caused by conditional free'ing for some TLS connections. * Members of tls_quic struct should also free'd if the detected master protocol is IMAPS / POPS / SMTPS / etc. Signed-off-by: Toni Uhlig <matzeton@googlemail.com> * Prevent reader_util.c from exit()'ing if maximum flow count reached. This confuses the fuzzer. * Improved fuzz/Makefile.am to use LDADD for ../example/libndpiReader.a instead of LDFLAGS. That way, fuzz_ndpi_reader re-links to ../example/libndpiReader.a if something changed there. Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* STUN improvementsLuca Deri2021-02-10
|
* Fixed CPHA missing protocol initializationLuca Deri2021-02-10
| | | | Improved IEC104 and IRC detection
* Removed debug statementLuca Deri2021-02-09
|
* Partial fix for #1129Luca Deri2021-02-05
|
* Fix some memory leakes in reassembler code (#1127)Ivan Nardi2021-02-04
|
* Added missing checkLuca Deri2021-02-04
|
* Fixed leak with DTLSLuca Deri2021-02-03
|
* Fixes an issue with https://github.com/ntop/nDPI/pull/1122 that misprocsssed ↵Luca Deri2021-02-03
| | | | packets belonging to flows whose initial part (e.g. the 3WH) was not observed by nDPI (e.g. capture started in the middle of the flow)
* fragments management added (#1122)Roberto AGOSTINO2021-02-03
| | | | | | Management of tcp segments managements. Co-authored-by: ragostino <ragostino73@gmail.com> Co-authored-by: Luca Deri <lucaderi@users.noreply.github.com>
* DGA name improvementLuca Deri2021-01-27
|
* Cleaned up tls/quic datatypesLuca Deri2021-01-21
|
* Reworked TLS fingerprint calcolationLuca Deri2021-01-21
| | | | Modified TLS memory free
* Rewored UPnP protocol that in essence was WSD hence it has been renamedLuca2021-01-20
| | | | Cleaned up TLS code for DTLS detection by defining a new DTLS protocol
* (C) UpdateLuca Deri2021-01-07
|
* QUIC: add suppport for DNS-over-QUIC (#1107)Ivan Nardi2021-01-07
| | | | | | | | | Even if it is only an early internet draft, DoQ has already (at least) one deployed implementation. See: https://www.zdnet.com/article/ad-blocker-adguard-deploys-worlds-first-dns-over-quic-resolver/ Draft: https://tools.ietf.org/html/draft-huitema-dprive-dnsoquic-00 In the future, if this protocol will be really used, it might be worth to rename NDPI_PROTOCOL_DOH_DOT in NDPI_PROTOCOL_DOH_DOT_DOQ
* Split HTTP request from response Content-Type. Request Content-Type should ↵Luca Deri2021-01-06
| | | | be present with POSTs and not with other methods such as GET
* Remove FB_ZERO protocol (#1102)Ivan Nardi2021-01-04
| | | | | | FB_ZERO was an experimental protocol run by Facebook. They switched to QUIC/TLS1.3 more than 2 years ago; no one ever used it but them so it is definitely dead. See: https://engineering.fb.com/2018/08/06/security/fizz/
* Added a new API function `ndpi_free_flow_data' which free's all members of ↵Toni2021-01-04
| | | | | ndpi_flow_struct but not the struct itself. (#1101) Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* Fix memory leak introduced in b7376cc6 (#1100)Ivan Nardi2021-01-04
|
* Updated ndpi_ptree_match_addr() prototypeLuca Deri2020-12-30
|
* Split ptree user data in 32 and 64 bit entriesLuca Deri2020-12-30
|
* Bugfix for host check (#1097)pengtian2020-12-29
| | | this bug is from commit `427002d14` `2020-05-06 00:31:40`
* Added known protocol on unknown port for ntopLuca Deri2020-12-28
|
* Initialization fixLuca Deri2020-12-28
|
* Free flow fixLuca Deri2020-12-28
|
* Removed space from protocol nameLuca Deri2020-12-23
|
* Fixed invalid TLS check for extra processing detectionLuca Deri2020-12-21
|
* Rule changes work in progressLuca Deri2020-12-11
|
* Rename Jabber detection name as we are not sure if it is unencrypted e.g. if ↵Toni2020-12-08
| | | | | START_TLS used. (#1079) Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* Add a connectionless DCE/RPC detection (#1078)rafaliusz2020-12-08
| | | | | | | * Add connectionless DCE/RPC detection * Add DCE/RPC pcap file as well as its test result Co-authored-by: rafal <rafal.burzynski@cryptomage.com>
* Add Virtual Asssitant (Alexa, Siri) support. (#1057)Zied Aouini2020-11-16
| | | | | | | | | | | | | | | * Add AmazonAlexa protocol. * Add AmazonAlexa test file and result. * Include pcapng as file format. * Rename Category to VirtualAssistant. * Add AppleSiri virtual assistant. * Fix pcapng test files format support. Co-authored-by: Luca Deri <lucaderi@users.noreply.github.com>
Powered by cgit, Themed by Ted Yin.