aboutsummaryrefslogtreecommitdiff
path: root/tests/cfgs/default/pcap
Commit message (Collapse)AuthorAge
* Rework classification in `ndpi_match_host_subprotocol()`-like functions (#2910)Ivan Nardi2025-07-01
|
* Add GLBP dissector (#2879)Vladimir Gavrilov2025-06-10
| | | GLBP is a Cisco proprietary first-hop redundancy protocol similar to HSRP and VRRP, but with additional load balancing capabilities.
* Add category and breed support for custom rules (#2872)Vladimir Gavrilov2025-06-08
| | | Close #2594
* Add Hamachi protocol detection support (#2860)Vladimir Gavrilov2025-06-02
|
* Fix configuration of ip lists of flow risks (#2859)Ivan Nardi2025-05-28
| | | | | Add some new tests about these configuration parameters. Close #2858
* Improved detection of TCP scannersLuca Deri2025-05-27
|
* BFCP: fix check on payload length and extract metadata (#2854)Ivan Nardi2025-05-26
| | | | | | We should be able to identified this protocol on the first packet, without keeping any state Close #2745
* Dofus: update detection to version 3.X (#2852)Ivan Nardi2025-05-25
| | | See #2827
* Added the support for multiple TCP fingerprint formatLuca Deri2025-05-24
| | | | | | | | | - default (0) is the native nDPI format - MuonOF (1) has been added The format can be changed using metadata.tcp_fingerprint_format Added ability to identify mass scanners using TCP fingerprint
* Simplify ZeroMQ detection (#2847)Vladimir Gavrilov2025-05-23
|
* Add MELSEC protocol support (#2846)Vladimir Gavrilov2025-05-23
|
* Improve BFCP detection (#2844)Vladimir Gavrilov2025-05-22
| | | Co-authored-by: Ivan Nardi <nardi.ivan@gmail.com>
* Fix `isAppProtocol` for GTP_U (#2837)Ivan Nardi2025-05-21
| | | See: c590dc495
* Drop GW1 support and add basic GW2 detection (#2836)Vladimir Gavrilov2025-05-21
|
* CrossFire: update code (#2834)Vladimir Gavrilov2025-05-21
|
* Rename NDPI_PROTOCOL_UBUNTUONE protocol ID to NDPI_PROTOCOL_CANONICAL0xA50C1A12025-05-15
|
* Rename Lotus Notes to HCL Notes for product consistency0xA50C1A12025-05-15
|
* Add kick.com support (#2813)Vladimir Gavrilov2025-05-14
|
* Improve Ubiquiti device discovery request/response detection. (#2810)Toni2025-05-12
| | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* Add vkvideo domain (#2809)Vladimir Gavrilov2025-05-12
|
* Add Rockstar Games detection (#2805)Vladimir Gavrilov2025-04-28
|
* Add Microsoft Delivery Optimization protocol (#2799)Vladimir Gavrilov2025-04-28
|
* Add a new specific ID for generic Ubiquity traffic (#2796)Ivan Nardi2025-04-16
|
* UBNTAC2,Ookla: improve detection (#2793)Ivan Nardi2025-04-10
|
* Follow-up of latest Signal call change (see: 4d41588a7)Ivan Nardi2025-04-05
|
* blizzard: add detection of Overwatch2Ivan Nardi2025-03-30
|
* WoW: update detectionIvan Nardi2025-03-30
| | | | | Remove the specific dissector and use the Blizzard's generic one. For the time being, keep `NDPI_PROTOCOL_WORLDOFWARCRAFT`
* Rework the old Starcraft code to identify traffic from generic Blizzard ↵Ivan Nardi2025-03-25
| | | | | games (#2776) Remove `NDPI_PROTOCOL_STARCRAFT` and add a generic `NDPI_PROTOCOL_BLIZZARD`.
* armagetron: update code (#2777)Ivan Nardi2025-03-25
|
* Rework the old MapleStory code to identify traffic from generic Nexon games ↵Ivan Nardi2025-03-19
| | | | | | (#2773) Remove `NDPI_PROTOCOL_MAPLESTORY` and add a generic `NDPI_PROTOCOL_NEXON`
* TLS: avoid sub-classification for RDP flows (#2769)Ivan Nardi2025-03-14
| | | | | | | | | | | | | | | | These flows are already classified as TLS.RDP. This change also fix a memory leak ``` Direct leak of 62 byte(s) in 1 object(s) allocated from: #0 0x5883d762429f in __interceptor_malloc /src/llvm-project/compiler-rt/lib/asan/asan_malloc_linux.cpp:68:3 #1 0x5883d76fe46a in ndpi_malloc ndpi/src/lib/ndpi_memory.c:57:46 #2 0x5883d76fe46a in ndpi_strdup ndpi/src/lib/ndpi_memory.c:110:13 #3 0x5883d77adcd6 in ndpi_compute_ja4 ndpi/src/lib/protocols/tls.c:2298:46 #4 0x5883d77ab2ec in processClientServerHello ndpi/src/lib/protocols/tls.c:3314:10 #5 0x5883d77a4c51 in processTLSBlock ndpi/src/lib/protocols/tls.c:1319:5 ``` Found by oss-fuzz. See: https://oss-fuzz.com/testcase-detail/5244512192757760
* Add GearUP Booster protocol dissector (heuristic based). (#2765)Toni2025-03-07
| | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* Improved Tor detectionLuca Deri2025-02-24
|
* UBNTAC2: rework detection (#2744)Ivan Nardi2025-02-23
|
* Add LagoFast protocol dissector. (#2743)Toni2025-02-23
| | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* Update the capture length of the ssdp example (#2741)Ivan Nardi2025-02-21
| | | | | | | | Some old libpcap versions don't handle pcap files with capture length bigger than 262144 bytes ``` ERROR: could not open pcap file: invalid interface capture length 524288, bigger than maximum of 262144 ```
* DNS: fix message parsing (#2732)Ivan Nardi2025-02-16
|
* Implement SSDP Metadata export (#2729)Ivan Kapranov2025-02-16
| | | Close #2524
* Added RUTUBE (#2725)Ivan Kapranov2025-02-15
|
* DNS: fix dissection (#2726)Ivan Nardi2025-02-15
|
* DNS: try to simplify the code (#2718)Ivan Nardi2025-02-12
| | | Set the classification in only one place in the code.
* DNS: fix dissection when there is only the response messageIvan Nardi2025-02-11
|
* DNS: extend testsIvan Nardi2025-02-11
|
* Extend regression testsIvan Nardi2025-02-04
|
* RTP: improve detection of multimedia type for Signal calls (#2697)Ivan Nardi2025-01-24
|
* Add Vivox support (#2668)Vladimir Gavrilov2025-01-11
|
* Improved WebSocket-over-HTTP detection (#2664)Toni2025-01-11
| | | | | | * detect `chisel` SSH-over-HTTP-WebSocket * use `strncasecmp()` for `LINE_*` matching macros Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* Path of Exile 2 support (#2654)Vladimir Gavrilov2025-01-06
|
* STUN: fix monitoring (#2639)Ivan Nardi2024-12-06
|
* signal: improve detection of chats and calls (#2637)Ivan Nardi2024-12-04
|
Powered by cgit, Themed by Ted Yin.