aboutsummaryrefslogtreecommitdiff
path: root/src
Commit message (Collapse)AuthorAge
...
* Flow: keep track of "dissectors" (#2828)Ivan Nardi2025-05-19
| | | | | | In the flow, we should keep track of state of "dissectors", not "protocols". This way, flow structure doesn't depend anymore on the max number of protocols. This is also the first step into fixing #2136
* Drop Warcraft 3 (pre Reforged) support (#2826)Vladimir Gavrilov2025-05-19
|
* TLS: register TLS dissector only once (#2825)Ivan Nardi2025-05-19
| | | | This is the first, tiny, step into a better separation between "protocols" and "dissectors"
* Fix classification when non tcp/udp protocols are disabled (#2824)Ivan Nardi2025-05-19
|
* RTSP: simplify detection (#2822)Ivan Nardi2025-05-18
|
* Remove Half-Life 2 support; improve Source Engine protocol detection0xA50C1A12025-05-16
|
* Rename NDPI_PROTOCOL_UBUNTUONE protocol ID to NDPI_PROTOCOL_CANONICAL0xA50C1A12025-05-15
|
* Rename Lotus Notes to HCL Notes for product consistency0xA50C1A12025-05-15
|
* Remove Vhua support (#2816)Vladimir Gavrilov2025-05-15
|
* Remove World Of Kung Fu support (#2815)Vladimir Gavrilov2025-05-15
|
* added raw tcp fingerprint to json (#2812)funesca2025-05-15
| | | | | | | | | | | * added raw tcp fingerprint to json * removed unnecessary change * fixed key for json * added configuration option for raw tcp fingerprint * fixed typos
* Add kick.com support (#2813)Vladimir Gavrilov2025-05-14
|
* Improve Ubiquiti device discovery request/response detection. (#2810)Toni2025-05-12
| | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* Micro-optimizations of 'ndpi_strncasestr' and 'LINE_*' macros (#2808)Vladimir Gavrilov2025-05-12
|
* Add vkvideo domain (#2809)Vladimir Gavrilov2025-05-12
|
* Refreshed networksLuca Deri2025-05-06
|
* CentOS compilation fixLuca Deri2025-05-05
|
* Improved protocol guessLuca Deri2025-04-28
|
* Add Rockstar Games detection (#2805)Vladimir Gavrilov2025-04-28
|
* STUN: set default port for TCP, too (#2804)Ivan Nardi2025-04-28
|
* Add Microsoft Delivery Optimization protocol (#2799)Vladimir Gavrilov2025-04-28
|
* Added food categoryLuca Deri2025-04-27
|
* Added new categoriesLuca Deri2025-04-27
| | | | | | | | | | | | | | | | NDPI_PROTOCOL_CATEGORY_FINANCE NDPI_PROTOCOL_CATEGORY_NEWS NDPI_PROTOCOL_CATEGORY_SPORT NDPI_PROTOCOL_CATEGORY_BUSINESS NDPI_PROTOCOL_CATEGORY_INTERNET_HOSTING NDPI_PROTOCOL_CATEGORY_BLOCKCHAIN_CRYPTO NDPI_PROTOCOL_CATEGORY_BLOG_FORUM NDPI_PROTOCOL_CATEGORY_GOVERNMENT NDPI_PROTOCOL_CATEGORY_EDUCATION NDPI_PROTOCOL_CATEGORY_CND_PROXY NDPI_PROTOCOL_CATEGORY_HARDWARE_SOFTWARE NDPI_PROTOCOL_CATEGORY_DATING NDPI_PROTOCOL_CATEGORY_TRAVEL
* STUN/RTP: extend extracted metadata (#2798)Ivan Nardi2025-04-17
|
* Add a new specific ID for generic Ubiquity traffic (#2796)Ivan Nardi2025-04-16
|
* Update all IP/domain lists (#2795)Ivan Nardi2025-04-16
| | | | | | | | | | | | | | | | | | ProtonVPN script have been not working in the last week. ``` Error "Invalid access token" ``` ProtonVPN is doing a major upgrade in its infrastructure: ``` In progress - Scheduled maintenance is currently in progress. We will provide updates as necessary. Apr 09, 2025 - 11:30 CEST Scheduled - In the following period from the 9th of April up to the 30th of April, various Proton VPN dedicated servers will be in temporary maintenance mode, for a short duration period, in order to allow us to perform a major infrastructure upgrade, paving the way for overall increased performance and efficiency of our Proton VPN infrastructure. We apologize for the occasional inconvenience. Apr 9, 2025 11:30 - Apr 30, 2025 23:30 CEST ``` Let's wait if it works again in the future...
* Enhanced Cybersecurity protocolLuca Deri2025-04-12
|
* UBNTAC2,Ookla: improve detection (#2793)Ivan Nardi2025-04-10
|
* FPC: save all addresses from DNS to `fpc_dns` cache (#2792)Ivan Nardi2025-04-10
|
* Follow-up of latest Signal call change (see: 4d41588a7)Ivan Nardi2025-04-05
|
* Extend list of domains for SNI matching (#2791)Ivan Nardi2025-04-05
|
* Add a resonable TTL (!=0) for all LRU caches (#2790)Ivan Nardi2025-04-04
| | | Be sure that entries expire sooner or later
* Added check while dissecting non-TCP packets ndpi_search_tls_tcpLuca Deri2025-04-04
| | | | Renamed ndpi_search_tls_udp to ndpi_search_dtls
* Implemented detection of the latest Signal video/audio calls leveraging on ↵Luca Deri2025-04-02
| | | | Cloudflare CDN
* OS fingerprint code cleanupLuca Deri2025-03-31
|
* blizzard: improve detection of generic battle.net trafficIvan Nardi2025-03-30
|
* blizzard: add detection of Overwatch2Ivan Nardi2025-03-30
|
* WoW: update detectionIvan Nardi2025-03-30
| | | | | Remove the specific dissector and use the Blizzard's generic one. For the time being, keep `NDPI_PROTOCOL_WORLDOFWARCRAFT`
* Wireguard: fix configuration of sub-classificationIvan Nardi2025-03-28
|
* TLS: avoid exporting TLS heuristic fingerprint as metadata (#2783)Ivan Nardi2025-03-27
|
* Add safety checksAlfredo Cardigliano2025-03-27
|
* Add support for UTF-8 encoding in JSON serializationAlfredo Cardigliano2025-03-27
|
* Fix a stack-buffer-overflow error (#2782)Ivan Nardi2025-03-27
| | | | | | | | | | | | | | ``` ==40795==ERROR: AddressSanitizer: stack-buffer-overflow on address 0x7dd7ff94a6a0 at pc 0x5f2e95e21423 bp 0x7ffccfe0f110 sp 0x7ffccfe0e8d0 READ of size 129 at 0x7dd7ff94a6a0 thread T0 #0 0x5f2e95e21422 in StrtolFixAndCheck(void*, char const*, char**, char*, int) asan_interceptors.cpp.o #1 0x5f2e95e0ceb1 in __isoc23_strtol (/home/ivan/svnrepos/nDPI/fuzz/fuzz_filecfg_config+0x7bfeb1) (BuildId: 2cfb818387b5d84d6fa1447db291acb2595493d4) #2 0x5f2e95f1d036 in __get_flowrisk_id /home/ivan/svnrepos/nDPI/src/lib/ndpi_main.c:11524:9 #3 0x5f2e95f1c3c7 in _set_param_flowrisk_enable_disable /home/ivan/svnrepos/nDPI/src/lib/ndpi_main.c:11793:17 #4 0x5f2e95e9e17f in ndpi_set_config /home/ivan/svnrepos/nDPI/src/lib/ndpi_main.c:12051:12 #5 0x5f2e95e9cbe5 in load_config_file_fd /home/ivan/svnrepos/nDPI/src/lib/ndpi_main.c:4985:14 ``` Found by oss-fuzz. See: https://issues.oss-fuzz.com/issues/406446504
* Added ndpi_str_to_utf8() API call to convert an ISO 8859 stirng to UTF-8Luca2025-03-27
|
* Use the proper helper to exclude protocols (#2781)Ivan Nardi2025-03-26
|
* Improved configuration to enable/disable export of flow risk info (#2780)Ivan Nardi2025-03-25
| | | | Follow-up of f56831336334dddcff00eaf2132e5e0f226f0e32: now the configuration is for flow-risk, not global
* Warning fixLuca Deri2025-03-25
|
* Added API calls to load TCP fingeprintsLuca Deri2025-03-25
| | | | | | | int ndpi_add_tcp_fingerprint(struct ndpi_detection_module_struct *ndpi_str, char *fingerprint, enum operating_system_hint os); int load_tcp_fingerprint_file_fd(struct ndpi_detection_module_struct *ndpi_str, FILE *fd); int ndpi_load_tcp_fingerprint_file(struct ndpi_detection_module_struct *ndpi_str, const char *path);
* Rework the old Starcraft code to identify traffic from generic Blizzard ↵Ivan Nardi2025-03-25
| | | | | games (#2776) Remove `NDPI_PROTOCOL_STARCRAFT` and add a generic `NDPI_PROTOCOL_BLIZZARD`.
* Remove `NDPI_FULLY_ENCRYPTED` flow risk (#2779)Ivan Nardi2025-03-25
| | | | | | | Use `NDPI_OBFUSCATED_TRAFFIC` instead; this way, all the obfuscated traffic is identified via `NDPI_OBFUSCATED_TRAFFIC` flow risk. Disable fully-encryption detection by default, like all the obfuscation heuristics.
Powered by cgit, Themed by Ted Yin.