aboutsummaryrefslogtreecommitdiff
path: root/tests/cfgs/default/result/flute.pcapng.out
Commit message (Collapse)AuthorAge
* Implemented Mikrotik discovery protocol dissection and metadata extraction ↵Luca Deri2024-11-14
| | | | (#2618)
* Added sonos dissectorLuca Deri2024-10-13
|
* FPC: add DPI information (#2514)Ivan Nardi2024-07-23
| | | | If the flow is classified (via DPI) after the first packet, we should use this information as FPC
* FPC: small improvements (#2512)Ivan Nardi2024-07-22
| | | | Add printing of fpc_dns statistics and add a general cconfiguration option. Rework the code to be more generic and ready to handle other logics.
* Add infrastructure for explicit support of Fist Packet Classification (#2488)Ivan Nardi2024-07-03
| | | | | Let's start with some basic helpers and with FPC based on flow addresses. See: #2322
* Zoom: remove "stun_zoom" LRU cacheNardi Ivan2024-06-17
| | | | | Since 070a0908b we are able to detect P2P calls directly from the packet content, without any correlation among flows
* Remove "zoom" cache (#2420)Ivan Nardi2024-05-06
| | | | | | | | | This cache was added in b6b4967aa, when there was no real Zoom support. With 63f349319, a proper identification of multimedia stream has been added, making this cache quite useless: any improvements on Zoom classification should be properly done in Zoom dissector. Tested for some months with a few 10Gbits links of residential traffic: the cache pretty much never returned a valid hit.
* Merge RTP and RTCP logic (#2416)Ivan Nardi2024-05-06
| | | | | | | | | Avoid code duplication between these two protocols. We remove support for RTCP over TCP; it is quite rare to find this kind of traffic and, more important, we have never had support for RTP over TCP: we should try to add both detecion as follow-up. Fix a message log in the LINE code
* eDonkey: improve/update classification (#2410)Ivan Nardi2024-05-04
| | | | | | | | | | eDonkey is definitely not as used as >10 years ago, but it seems it is still active. While having a basic TCP support seems easy, identification over UDP doesn't work and it is hard to do it rightly (packets might be only 2 bytes long): remove it. Credits to V.G <v.gavrilov@securitycode.ru>
* Remove PPStream protocol and add iQIYI (#2403)0x41CEA552024-04-23
| | | | | | P2P video player PPStream was discontinued shortly after the purchase of PPS.tv by Baidu (iQIYI) on 2013 (see https://www.techinasia.com/report-baidu-acquires-video-rival-pps) So we remove the old `NDPI_PROTOCOL_PPSTREAM` logic and add `NDPI_PROTOCOL_IQIYI` id to handle all the iQIYI traffic, which is basically video streaming traffic. A video hosting service, called PPS.tv, is still offered by the same company: for the time being we classified both services with the same protocol id.
* Remove obsolete protocols: tuenty, tvuplayer and kontiki (#2398)0x41CEA552024-04-19
|
* Add FLUTE protocol dissector (#2351)Vladimir Gavrilov2024-03-19
* Add FLUTE protocol dissector * Add flute.c to MSVC project
Powered by cgit, Themed by Ted Yin.