aboutsummaryrefslogtreecommitdiff
path: root/src/lib
Commit message (Collapse)AuthorAge
...
* TLS: register TLS dissector only once (#2825)Ivan Nardi2025-05-19
| | | | This is the first, tiny, step into a better separation between "protocols" and "dissectors"
* Fix classification when non tcp/udp protocols are disabled (#2824)Ivan Nardi2025-05-19
|
* RTSP: simplify detection (#2822)Ivan Nardi2025-05-18
|
* Remove Half-Life 2 support; improve Source Engine protocol detection0xA50C1A12025-05-16
|
* Rename NDPI_PROTOCOL_UBUNTUONE protocol ID to NDPI_PROTOCOL_CANONICAL0xA50C1A12025-05-15
|
* Rename Lotus Notes to HCL Notes for product consistency0xA50C1A12025-05-15
|
* Remove Vhua support (#2816)Vladimir Gavrilov2025-05-15
|
* Remove World Of Kung Fu support (#2815)Vladimir Gavrilov2025-05-15
|
* added raw tcp fingerprint to json (#2812)funesca2025-05-15
| | | | | | | | | | | * added raw tcp fingerprint to json * removed unnecessary change * fixed key for json * added configuration option for raw tcp fingerprint * fixed typos
* Add kick.com support (#2813)Vladimir Gavrilov2025-05-14
|
* Improve Ubiquiti device discovery request/response detection. (#2810)Toni2025-05-12
| | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* Micro-optimizations of 'ndpi_strncasestr' and 'LINE_*' macros (#2808)Vladimir Gavrilov2025-05-12
|
* Add vkvideo domain (#2809)Vladimir Gavrilov2025-05-12
|
* Refreshed networksLuca Deri2025-05-06
|
* CentOS compilation fixLuca Deri2025-05-05
|
* Improved protocol guessLuca Deri2025-04-28
|
* Add Rockstar Games detection (#2805)Vladimir Gavrilov2025-04-28
|
* STUN: set default port for TCP, too (#2804)Ivan Nardi2025-04-28
|
* Add Microsoft Delivery Optimization protocol (#2799)Vladimir Gavrilov2025-04-28
|
* Added food categoryLuca Deri2025-04-27
|
* Added new categoriesLuca Deri2025-04-27
| | | | | | | | | | | | | | | | NDPI_PROTOCOL_CATEGORY_FINANCE NDPI_PROTOCOL_CATEGORY_NEWS NDPI_PROTOCOL_CATEGORY_SPORT NDPI_PROTOCOL_CATEGORY_BUSINESS NDPI_PROTOCOL_CATEGORY_INTERNET_HOSTING NDPI_PROTOCOL_CATEGORY_BLOCKCHAIN_CRYPTO NDPI_PROTOCOL_CATEGORY_BLOG_FORUM NDPI_PROTOCOL_CATEGORY_GOVERNMENT NDPI_PROTOCOL_CATEGORY_EDUCATION NDPI_PROTOCOL_CATEGORY_CND_PROXY NDPI_PROTOCOL_CATEGORY_HARDWARE_SOFTWARE NDPI_PROTOCOL_CATEGORY_DATING NDPI_PROTOCOL_CATEGORY_TRAVEL
* STUN/RTP: extend extracted metadata (#2798)Ivan Nardi2025-04-17
|
* Add a new specific ID for generic Ubiquity traffic (#2796)Ivan Nardi2025-04-16
|
* Update all IP/domain lists (#2795)Ivan Nardi2025-04-16
| | | | | | | | | | | | | | | | | | ProtonVPN script have been not working in the last week. ``` Error "Invalid access token" ``` ProtonVPN is doing a major upgrade in its infrastructure: ``` In progress - Scheduled maintenance is currently in progress. We will provide updates as necessary. Apr 09, 2025 - 11:30 CEST Scheduled - In the following period from the 9th of April up to the 30th of April, various Proton VPN dedicated servers will be in temporary maintenance mode, for a short duration period, in order to allow us to perform a major infrastructure upgrade, paving the way for overall increased performance and efficiency of our Proton VPN infrastructure. We apologize for the occasional inconvenience. Apr 9, 2025 11:30 - Apr 30, 2025 23:30 CEST ``` Let's wait if it works again in the future...
* Enhanced Cybersecurity protocolLuca Deri2025-04-12
|
* UBNTAC2,Ookla: improve detection (#2793)Ivan Nardi2025-04-10
|
* FPC: save all addresses from DNS to `fpc_dns` cache (#2792)Ivan Nardi2025-04-10
|
* Follow-up of latest Signal call change (see: 4d41588a7)Ivan Nardi2025-04-05
|
* Extend list of domains for SNI matching (#2791)Ivan Nardi2025-04-05
|
* Add a resonable TTL (!=0) for all LRU caches (#2790)Ivan Nardi2025-04-04
| | | Be sure that entries expire sooner or later
* Added check while dissecting non-TCP packets ndpi_search_tls_tcpLuca Deri2025-04-04
| | | | Renamed ndpi_search_tls_udp to ndpi_search_dtls
* Implemented detection of the latest Signal video/audio calls leveraging on ↵Luca Deri2025-04-02
| | | | Cloudflare CDN
* OS fingerprint code cleanupLuca Deri2025-03-31
|
* blizzard: improve detection of generic battle.net trafficIvan Nardi2025-03-30
|
* blizzard: add detection of Overwatch2Ivan Nardi2025-03-30
|
* WoW: update detectionIvan Nardi2025-03-30
| | | | | Remove the specific dissector and use the Blizzard's generic one. For the time being, keep `NDPI_PROTOCOL_WORLDOFWARCRAFT`
* Wireguard: fix configuration of sub-classificationIvan Nardi2025-03-28
|
* TLS: avoid exporting TLS heuristic fingerprint as metadata (#2783)Ivan Nardi2025-03-27
|
* Add safety checksAlfredo Cardigliano2025-03-27
|
* Add support for UTF-8 encoding in JSON serializationAlfredo Cardigliano2025-03-27
|
* Fix a stack-buffer-overflow error (#2782)Ivan Nardi2025-03-27
| | | | | | | | | | | | | | ``` ==40795==ERROR: AddressSanitizer: stack-buffer-overflow on address 0x7dd7ff94a6a0 at pc 0x5f2e95e21423 bp 0x7ffccfe0f110 sp 0x7ffccfe0e8d0 READ of size 129 at 0x7dd7ff94a6a0 thread T0 #0 0x5f2e95e21422 in StrtolFixAndCheck(void*, char const*, char**, char*, int) asan_interceptors.cpp.o #1 0x5f2e95e0ceb1 in __isoc23_strtol (/home/ivan/svnrepos/nDPI/fuzz/fuzz_filecfg_config+0x7bfeb1) (BuildId: 2cfb818387b5d84d6fa1447db291acb2595493d4) #2 0x5f2e95f1d036 in __get_flowrisk_id /home/ivan/svnrepos/nDPI/src/lib/ndpi_main.c:11524:9 #3 0x5f2e95f1c3c7 in _set_param_flowrisk_enable_disable /home/ivan/svnrepos/nDPI/src/lib/ndpi_main.c:11793:17 #4 0x5f2e95e9e17f in ndpi_set_config /home/ivan/svnrepos/nDPI/src/lib/ndpi_main.c:12051:12 #5 0x5f2e95e9cbe5 in load_config_file_fd /home/ivan/svnrepos/nDPI/src/lib/ndpi_main.c:4985:14 ``` Found by oss-fuzz. See: https://issues.oss-fuzz.com/issues/406446504
* Added ndpi_str_to_utf8() API call to convert an ISO 8859 stirng to UTF-8Luca2025-03-27
|
* Use the proper helper to exclude protocols (#2781)Ivan Nardi2025-03-26
|
* Improved configuration to enable/disable export of flow risk info (#2780)Ivan Nardi2025-03-25
| | | | Follow-up of f56831336334dddcff00eaf2132e5e0f226f0e32: now the configuration is for flow-risk, not global
* Warning fixLuca Deri2025-03-25
|
* Added API calls to load TCP fingeprintsLuca Deri2025-03-25
| | | | | | | int ndpi_add_tcp_fingerprint(struct ndpi_detection_module_struct *ndpi_str, char *fingerprint, enum operating_system_hint os); int load_tcp_fingerprint_file_fd(struct ndpi_detection_module_struct *ndpi_str, FILE *fd); int ndpi_load_tcp_fingerprint_file(struct ndpi_detection_module_struct *ndpi_str, const char *path);
* Rework the old Starcraft code to identify traffic from generic Blizzard ↵Ivan Nardi2025-03-25
| | | | | games (#2776) Remove `NDPI_PROTOCOL_STARCRAFT` and add a generic `NDPI_PROTOCOL_BLIZZARD`.
* Remove `NDPI_FULLY_ENCRYPTED` flow risk (#2779)Ivan Nardi2025-03-25
| | | | | | | Use `NDPI_OBFUSCATED_TRAFFIC` instead; this way, all the obfuscated traffic is identified via `NDPI_OBFUSCATED_TRAFFIC` flow risk. Disable fully-encryption detection by default, like all the obfuscation heuristics.
* Remove `NDPI_TLS_SUSPICIOUS_ESNI_USAGE` flow risk (#2778)Ivan Nardi2025-03-25
| | | | | | That flow risk was introduced in 79b89d286605635f15edfe3c21297aaa3b5f3acf but we can now use the generic `NDPI_TLS_SUSPICIOUS_EXTENSION` instead: ESNI is quite suspicious nowadays in itself (i.e. even without SNI). Note that ESNI support has been removed in cae9fb9989838f213eeb857b8fc4bbeac6940049
* armagetron: update code (#2777)Ivan Nardi2025-03-25
|
Powered by cgit, Themed by Ted Yin.