libndpi.git - Open Source Deep Packet Inspection Software Toolkit

	Commit message (Collapse)	Author	Age
*	When triggering risk "Known Proto on Non Std Port", nDPi now reports the ↵	Luca Deri	2024-11-22
\| \| \| \|	port that was supposed to be used as default
*	FPC: add DPI information (#2514)	Ivan Nardi	2024-07-23
\| \| \| \|	If the flow is classified (via DPI) after the first packet, we should use this information as FPC
*	FPC: small improvements (#2512)	Ivan Nardi	2024-07-22
\| \| \| \|	Add printing of fpc_dns statistics and add a general cconfiguration option. Rework the code to be more generic and ready to handle other logics.
*	Add infrastructure for explicit support of Fist Packet Classification (#2488)	Ivan Nardi	2024-07-03
\| \| \| \| \|	Let's start with some basic helpers and with FPC based on flow addresses. See: #2322
*	Zoom: remove "stun_zoom" LRU cache	Nardi Ivan	2024-06-17
\| \| \| \| \|	Since 070a0908b we are able to detect P2P calls directly from the packet content, without any correlation among flows
*	Remove "zoom" cache (#2420)	Ivan Nardi	2024-05-06
\| \| \| \| \| \| \| \| \|	This cache was added in b6b4967aa, when there was no real Zoom support. With 63f349319, a proper identification of multimedia stream has been added, making this cache quite useless: any improvements on Zoom classification should be properly done in Zoom dissector. Tested for some months with a few 10Gbits links of residential traffic: the cache pretty much never returned a valid hit.
*	STUN: fix boundary checks on attribute list parsing (#2387)	Ivan Nardi	2024-04-12
\| \| \| \| \|	Restore all unit tests. Add some configuration knobs. Fix the endianess.
*	Implemented STUN peer_address, relayed_address, response_origin, ↵	Luca Deri	2024-04-12
\| \| \| \| \| \| \|	other_address parsing Added code to ignore invalid STUN realm Extended JSON output with STUN information
*	Added support for STUN Mapped IP address	Luca Deri	2024-04-03
\|
*	ndpiReader: add breed stats on output used for CI (#2236)	Ivan Nardi	2024-01-05
\|
*	ndpiReader: fix `guessed_flow_protocols` statistic (#2203)	Ivan Nardi	2023-12-12
\| \| \|	Increment the counter only if the flow has been guessed
*	STUN: major code rework (#2116)	Ivan Nardi	2023-10-30
\| \| \| \| \| \| \| \| \| \| \| \|	Try to have a faster classification, on first packet; use standard extra dissection data path for sub-classification, metadata extraction and monitoring. STUN caches: * use the proper confidence value * lookup into the caches only once per flow, after having found a proper STUN classification Add identification of Telegram VoIP calls.
*	IPv6: add support for IPv6 risk exceptions (#2122)	Ivan Nardi	2023-10-29
\|
*	IPv6: add support for IPv6 risk tree (#2118)	Ivan Nardi	2023-10-27
\| \| \|	Fix the script to download crawler addressess
*	Jabber: remove support for UDP (#2115)	Ivan Nardi	2023-10-26
\| \| \| \| \| \|	Jabber/XMPP is only over TCP (even the name `ndpi_search_jabber_tcp` suggests that...). Bug introduced in 5266c726f
*	ipv6: add support for ipv6 addresses lists (#2113)	Ivan Nardi	2023-10-26
\|
*	Added generic Google Protobuf dissector. (#2109)	Toni	2023-10-24
\| \| \|	Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
*	Add CAN over Ethernet dissector.	Toni Uhlig	2023-10-23
\| \| \| \|	Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
*	Add Remote Management Control Protocol (RMCP).	Toni Uhlig	2023-10-19
\| \| \| \|	Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
*	Add Service Location Protocol dissector. (#2036)	Toni	2023-08-01
\| \| \|	Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
*	Fixes risk mask exception handling while improving the overall performance	Luca Deri	2023-07-14
\|
*	Hangout: detect Hangout/Duo/GoogleMeet/... in the STUN code (#2025)	Ivan Nardi	2023-06-27
\| \| \| \| \| \|	Regardless of the name, the removed trace doesn't contain meaningful Hangout traffic. Remove last piece of sub-classifiction based only on ip addresses.
*	RTP: rework code (#2021)	Ivan Nardi	2023-06-23
\| \| \| \| \| \| \|	Try avoiding false positives: look for 3 RTP packets before classifing the flow as such. Add a generic function `is_rtp_or_rtcp()` to identify RTP/RTCP packets also in other dissectors (see 3608ab01b commit message for an example)
*	Add Apache Thrift protocol dissector. (#2007)	Toni	2023-06-22
\| \| \|	Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
*	Add support for Epic Games and GeForceNow/Nvidia (#1990)	Ivan Nardi	2023-05-27
\|
*	All protocols should be excluded sooner or later (#1969)	Ivan Nardi	2023-05-10
\| \| \| \| \|	For a lot of protocols, reduce the number of packets after which the protocols dissector gives up. The values are quite arbitary, tring to not impact on classification
*	Add "Heroes of the Storm" video game signature detection. (#1949)	nikitamishagin	2023-04-22
\|
*	Added OICQ dissector. (#1950)	Toni	2023-04-21
\| \| \| \|	Signed-off-by: lns <matzeton@googlemail.com> Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
*	Added BACnet dissector. (#1940)	Toni	2023-04-11
\| \| \| \|	Signed-off-by: lns <matzeton@googlemail.com> Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
*	Added Source Engine dissector. (#1937)	Toni	2023-04-11
\| \| \| \|	Signed-off-by: lns <matzeton@googlemail.com> Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
*	Test multiple `ndpiReader` configurations (#1931)	Ivan Nardi	2023-04-06
	Extend internal unit tests to handle multiple configurations. As some examples, add tests about: * disabling some protocols * disabling Ookla aggressiveness Every configurations data is stored in a dedicated directory under `tests\cfgs`