| Commit message (Collapse) | Author | Age | ||
|---|---|---|---|---|
| ... | ||||
| * | Add detection of SurfShark VPN | Nardi Ivan | 2024-09-05 | |
| | | ||||
| * | OpenVPN, Wireguard: improve sub-classification | Nardi Ivan | 2024-09-05 | |
| | | | | | | | | | Allow sub-classification of OpenVPN/Wireguard flows using their server IP. That is useful to detect the specific VPN application/app used. At the moment, the supported protocols are: Mullvad, NordVPN, ProtonVPN. This feature is configurable. | |||
| * | Add detection of NordVPN | Nardi Ivan | 2024-09-05 | |
| | | ||||
| * | OpenVPN: improve detection | Nardi Ivan | 2024-09-05 | |
| | | ||||
| * | Add Lustre protocol detection support (#2544) | Vladimir Gavrilov | 2024-09-04 | |
| | | ||||
| * | Align serialized risk names to all others (first letter; uppercase letter) ↵ | Toni | 2024-09-03 | |
| | | | | | | (#2541) Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | |||
| * | TLS: better state about handshake (#2534) | Ivan Nardi | 2024-09-03 | |
| | | | | | Keep track if we received CH or/and SH messsages: usefull with unidirectional flows | |||
| * | bins: fix `ndpi_set_bin`, `ndpi_inc_bin` and `ndpi_get_bin_value` (#2536) | Ivan Nardi | 2024-09-03 | |
| | | | | | When the required slot is too big, use the latest/bigger available bin, not in the first one. | |||
| * | fuzz: improve fuzzing coverage (#2535) | Ivan Nardi | 2024-09-03 | |
| | | | | | Updtae pl7m code (fix a Use-of-uninitialized-value error and add GTP support) | |||
| * | Bittorrent: improve detection of UTPv1 and avoid false positives | Nardi Ivan | 2024-09-03 | |
| | | ||||
| * | Bittorrent: fix extra dissection | Nardi Ivan | 2024-09-03 | |
| | | | | | | | | On extra-dissection data-path we only need to look for the hash (the flow is already classified as Bittorrent). As a nice side-effect, the confidence is now always with the right value. | |||
| * | HTTP, QUIC, TLS: allow to disable sub-classification (#2533) | Ivan Nardi | 2024-09-03 | |
| | | ||||
| * | Improved Yahoo matching for Japanese traffic (#2539) | Liam Wilson | 2024-09-02 | |
| | | | | | Japanese Yahoo domains are missed. Add yahoo.co.jp, yimg.jp, and the domain for ads seen when accessing yahoo.co.jp. | |||
| * | Fix CNP-IP false positives (#2531) | Vladimir Gavrilov | 2024-08-30 | |
| | | ||||
| * | Print risk code in ndpi_dump_risks_score | Alfredo Cardigliano | 2024-08-28 | |
| | | ||||
| * | Add missing risks in ndpi_risk2code and ndpi_risk2code | Alfredo Cardigliano | 2024-08-28 | |
| | | ||||
| * | Added print_ndpi_address_port in nDPi API | Luca Deri | 2024-08-27 | |
| | | ||||
| * | Added ndpi_risk2code and ndpi_code2risk | Luca Deri | 2024-08-27 | |
| | | ||||
| * | ndpi_get_protocol_by_name now return UNKNoWN when one protocol (either ↵ | Luca Deri | 2024-08-26 | |
| | | | | | master or app) is not recognized | |||
| * | Comments | Luca Deri | 2024-08-26 | |
| | | ||||
| * | Added in API | Luca Deri | 2024-08-26 | |
| | | | | | | | | | | | | | bool ndpi_is_proto(ndpi_master_app_protocol proto, u_int16_t p); bool ndpi_is_proto_unknown(ndpi_master_app_protocol proto); bool ndpi_is_proto_equals(ndpi_master_app_protocol to_check, ndpi_master_app_protocol to_match, bool exact_match_only); u_int16_t ndpi_get_proto_by_name(struct ndpi_detection_module_struct *ndpi_mod, const char *name); char* ndpi_get_proto_by_id(struct ndpi_detection_module_struct *ndpi_mod, u_int id); extern ndpi_master_app_protocol ndpi_get_protocol_by_name(struct ndpi_detection_module_struct *ndpi_str, const char *name); Removed (duplicate of ndpi_get_proto_by_name) int ndpi_get_protocol_id(struct ndpi_detection_module_struct *ndpi_mod, char *proto); | |||
| * | Typo | Luca Deri | 2024-08-26 | |
| | | ||||
| * | Add TRDP protocol support (#2528) | Vladimir Gavrilov | 2024-08-25 | |
| | | | | The Train Real Time Data Protocol (TRDP) is a UDP/TCP-based communication protocol designed for IP networks in trains, enabling data exchange between devices such as door controls and air conditioning systems. It is standardized by the IEC under IEC 61375-2-3 and is not related to the Remote Desktop Protocol (RDP). | |||
| * | Added comment | Luca Deri | 2024-08-25 | |
| | | ||||
| * | Endian-independent implementation of IEEE 802.3 CRC32 (#2529) | Vladimir Gavrilov | 2024-08-25 | |
| | | ||||
| * | Changed NDPI_MALICIOUS_JA3 to NDPI_MALICIOUS_FINGERPRINT | Luca Deri | 2024-08-25 | |
| | | ||||
| * | Added ndpi_get_protocol_by_name*( API call | Luca Deri | 2024-08-24 | |
| | | ||||
| * | Introduced ndpi_master_app_protocol typedef | Luca Deri | 2024-08-24 | |
| | | ||||
| * | Add Automatic Tank Gauge protocol (#2527) | wssxsxxsx | 2024-08-23 | |
| | | | | | | | | See also #2523 --------- Co-authored-by: Nardi Ivan <nardi.ivan@gmail.com> | |||
| * | ahocorasick: fix mem leaked AC_NODE_T object (#2258) (#2522) | Maatuq | 2024-08-23 | |
| | | | | | | | | Skipping node at depth = AC_PATTRN_MAX_LENGTH inside `ac_automata_walk()` caused this leak, as one of the added patterns has len = AC_PATTRN_MAX_LENGTH (not including the null char), this change avoid this. Fix: #2258 Signed-off-by: mmaatuq <mahmoudmatook.mm@gmail.com> | |||
| * | Add CNP/IP protocol support (#2521) | Vladimir Gavrilov | 2024-08-22 | |
| | | | | ISO/IEC 14908-4 defines how to tunnel Control Network Protocol (CNP) over IP networks. It encapsulates protocols like EIA-709, EIA-600, and CNP, making it a versatile solution for building automation and control systems. | |||
| * | Removed unnecessary includes (#2525) | Luca Deri | 2024-08-21 | |
| | | ||||
| * | Fixes Viber false positive detection | Luca Deri | 2024-08-19 | |
| | | ||||
| * | Fixed probing attempt risk that was creating false positives | Luca Deri | 2024-08-07 | |
| | | ||||
| * | Update all IP lists (#2515) | Ivan Nardi | 2024-08-02 | |
| | | | | | | The `suffix_id` is simply an incremental index (see `ndpi_load_domain_suffixes`), so its value might changes every time we update the public suffix list. | |||
| * | Enhanced PrimeVideo detection | Luca Deri | 2024-07-30 | |
| | | ||||
| * | Enhanced ookla tracing | Luca Deri | 2024-07-29 | |
| | | ||||
| * | Improved ICMP malformed packet risk description | Luca Deri | 2024-07-25 | |
| | | ||||
| * | FPC: add DPI information (#2514) | Ivan Nardi | 2024-07-23 | |
| | | | | | If the flow is classified (via DPI) after the first packet, we should use this information as FPC | |||
| * | Add OpenWire support (#2513) | Vladimir Gavrilov | 2024-07-22 | |
| | | ||||
| * | FPC: small improvements (#2512) | Ivan Nardi | 2024-07-22 | |
| | | | | | Add printing of fpc_dns statistics and add a general cconfiguration option. Rework the code to be more generic and ready to handle other logics. | |||
| * | FPC: add DNS correlation (#2497) | mmanoj | 2024-07-22 | |
| | | | | | | | | | | Use DNS information to get a better First Packet Classification. See: #2322 --------- Co-authored-by: Nardi Ivan <nardi.ivan@gmail.com> | |||
| * | Performed some grammar and typo fixes (#2511) | Petr | 2024-07-19 | |
| | | ||||
| * | ndpi_strncasestr: optimization, fixes, tests (#2507) | Petr | 2024-07-18 | |
| | | ||||
| * | smpp: fix parsing of Generic Nack message (#2496) | Ivan Nardi | 2024-07-18 | |
| | | ||||
| * | Add Nano (XNO) protocol support (#2508) | Vladimir Gavrilov | 2024-07-18 | |
| | | ||||
| * | Added ClickHouse protocol | Luca | 2024-07-17 | |
| | | ||||
| * | Add HLS support (#2502) | Vladimir Gavrilov | 2024-07-16 | |
| | | ||||
| * | Refactor ndpi_strnstr to use ndpi_memmem (#2500) | Vladimir Gavrilov | 2024-07-15 | |
| | | ||||
| * | ndpi_memmem: optimized, fixed bug, added tests (#2499) | Petr | 2024-07-15 | |
| | | ||||