| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There are no real reasons to embed `struct ndpi_packet_struct` (i.e. "packet")
in `struct ndpi_flow_struct` (i.e. "flow"). In other words, we can avoid
saving dissection information of "current packet" into the "flow" state,
i.e. in the flow management table.
The nDPI detection module processes only one packet at the time, so it is
safe to save packet dissection information in `struct ndpi_detection_module_struct`,
reusing always the same "packet" instance and saving a huge amount of memory.
Bottom line: we need only one copy of "packet" (for detection module),
not one for each "flow".
It is not clear how/why "packet" ended up in "flow" in the first place.
It has been there since the beginning of the GIT history, but in the original
OpenDPI code `struct ipoque_packet_struct` was embedded in
`struct ipoque_detection_module_struct`, i.e. there was the same exact
situation this commit wants to achieve.
Most of the changes in this PR are some boilerplate to update something
like "flow->packet" into something like "module->packet" throughout the code.
Some attention has been paid to update `ndpi_init_packet()` since we need
to reset some "packet" fields before starting to process another packet.
There has been one important change, though, in ndpi_detection_giveup().
Nothing changed for the applications/users, but this function can't access
"packet" anymore.
The reason is that this function can be called "asynchronously" with respect
to the data processing, i.e in context where there is no valid notion of
"current packet"; for example ndpiReader calls it after having processed all
the traffic, iterating the entire session table.
Mining LRU stuff seems a bit odd (even before this patch): probably we need
to rethink it, as a follow-up.
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
https://github.com/veggiedefender/browsertunnel
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
| |
This commit inherits from https://github.com/ntop/nDPI/commit/7a2bcd9c395f9fe554109e04add33e9e65564d82
but leaves ndpi_netbios_name_interpret as part of the API as it
is used by ntopng
|
| |
|
|
| |
This reverts commit 7a2bcd9c395f9fe554109e04add33e9e65564d82.
|
| | |
|
| | |
|
| |\ |
|
| | |
| |
| |
| | |
since ndpi_process_extra_packet() can drive limited or full metadata export
|
| |/ |
|
| | |
|
| |
|
|
| |
Uodated (C)
|
| |
|
|
| |
Changed ndpi_detection_giveup() API: guess is now part of the call
|
| |
|
|
| |
Converted some not popular protocols to NDPI_PROTOCOL_GENERIC with category detection
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
levels of debug output:
0 - ERROR: Only for errors.
1 - TRACE: Start of each packets and if found protocol.
2 - DEBUG: Start of searching each protocol and excluding protocols.
3 - DEBUG_EXTRA: For all other messages.
Added field ndpi_struct->debug_logging for enable debug output of each protocols.
Simple macros for debugging output are added:
NDPI_LOG_ERR(), NDPI_LOG_INFO(), NDPI_LOG_DBG(), NDPI_LOG_DBG2(),
NDPI_EXCLUDE_PROTO()
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
Renamed ndpi_int_add_connection() with ndpi_set_detected_protocol()
|
| | |
|
| |
|