| Commit message (Collapse) | Author | Age | |
|---|---|---|---|
| * | ndpiReader: print categories summary (#2895) | Ivan Nardi | 2025-06-21 |
| | | |||
| * | Add Hamachi protocol detection support (#2860) | Vladimir Gavrilov | 2025-06-02 |
| | | |||
| * | Simplify ZeroMQ detection (#2847) | Vladimir Gavrilov | 2025-05-23 |
| | | |||
| * | Add MELSEC protocol support (#2846) | Vladimir Gavrilov | 2025-05-23 |
| | | |||
| * | Gnutella: simplify code, to support only gtk-gnutella client (#2830) | Ivan Nardi | 2025-05-20 |
| | | | | Close #2818 | ||
| * | Drop Warcraft 3 (pre Reforged) support (#2826) | Vladimir Gavrilov | 2025-05-19 |
| | | |||
| * | RTSP: simplify detection (#2822) | Ivan Nardi | 2025-05-18 |
| | | |||
| * | Remove World Of Kung Fu support (#2815) | Vladimir Gavrilov | 2025-05-15 |
| | | |||
| * | Add Microsoft Delivery Optimization protocol (#2799) | Vladimir Gavrilov | 2025-04-28 |
| | | |||
| * | WoW: update detection | Ivan Nardi | 2025-03-30 |
| | | | | | | Remove the specific dissector and use the Blizzard's generic one. For the time being, keep `NDPI_PROTOCOL_WORLDOFWARCRAFT` | ||
| * | Rework the old MapleStory code to identify traffic from generic Nexon games ↵ | Ivan Nardi | 2025-03-19 |
| | | | | | | | (#2773) Remove `NDPI_PROTOCOL_MAPLESTORY` and add a generic `NDPI_PROTOCOL_NEXON` | ||
| * | Flow risk infos are always exported "in order" (by flow risk id) | Ivan Nardi | 2025-03-04 |
| | | | | | | | | | This way, the `ndpiReader` output doesn't change if we change the internal logic about the order we set/check the various flow risks. Note that the flow risk *list* is already printed by `ndpiReader` in order. | ||
| * | DNS: faster exclusion (#2719) | Ivan Nardi | 2025-02-12 |
| | | |||
| * | Improved WebSocket-over-HTTP detection (#2664) | Toni | 2025-01-11 |
| | | | | | | | * detect `chisel` SSH-over-HTTP-WebSocket * use `strncasecmp()` for `LINE_*` matching macros Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | ||
| * | When triggering risk "Known Proto on Non Std Port", nDPi now reports the ↵ | Luca Deri | 2024-11-22 |
| | | | | | port that was supposed to be used as default | ||
| * | Sync unit tests results | Ivan Nardi | 2024-11-21 |
| | | |||
| * | Added DICOM support | Luca | 2024-11-15 |
| | | | | | Testing pcaps courtesy of https://github.com/virtalabs/tapirx.git | ||
| * | Add Paltalk protocol support (#2606) | Vladimir Gavrilov | 2024-10-28 |
| | | |||
| * | Improved TCP fingerprint | Luca Deri | 2024-10-20 |
| | | |||
| * | Improved TCP fingepring calculation | Luca Deri | 2024-10-18 |
| | | | | | Adde basidc OS detection based on TCP fingerprint | ||
| * | Increased struct ndpi_flow_struct size (#2596) | Luca Deri | 2024-10-18 |
| | | | | Build fix | ||
| * | Add DingTalk protocol support (#2581) | Vladimir Gavrilov | 2024-10-07 |
| | | |||
| * | oracle: fix dissector (#2548) | Ivan Nardi | 2024-09-07 |
| | | | | | We can do definitely better, but this change is a big improvements respect the current broken code | ||
| * | Add Lustre protocol detection support (#2544) | Vladimir Gavrilov | 2024-09-04 |
| | | |||
| * | Fix CNP-IP false positives (#2531) | Vladimir Gavrilov | 2024-08-30 |
| | | |||
| * | Add TRDP protocol support (#2528) | Vladimir Gavrilov | 2024-08-25 |
| | | | | The Train Real Time Data Protocol (TRDP) is a UDP/TCP-based communication protocol designed for IP networks in trains, enabling data exchange between devices such as door controls and air conditioning systems. It is standardized by the IEC under IEC 61375-2-3 and is not related to the Remote Desktop Protocol (RDP). | ||
| * | Add Automatic Tank Gauge protocol (#2527) | wssxsxxsx | 2024-08-23 |
| | | | | | | | | See also #2523 --------- Co-authored-by: Nardi Ivan <nardi.ivan@gmail.com> | ||
| * | Add CNP/IP protocol support (#2521) | Vladimir Gavrilov | 2024-08-22 |
| | | | | ISO/IEC 14908-4 defines how to tunnel Control Network Protocol (CNP) over IP networks. It encapsulates protocols like EIA-709, EIA-600, and CNP, making it a versatile solution for building automation and control systems. | ||
| * | Fixed probing attempt risk that was creating false positives | Luca Deri | 2024-08-07 |
| | | |||
| * | Add OpenWire support (#2513) | Vladimir Gavrilov | 2024-07-22 |
| | | |||
| * | FPC: small improvements (#2512) | Ivan Nardi | 2024-07-22 |
| | | | | | Add printing of fpc_dns statistics and add a general cconfiguration option. Rework the code to be more generic and ready to handle other logics. | ||
| * | Add Nano (XNO) protocol support (#2508) | Vladimir Gavrilov | 2024-07-18 |
| | | |||
| * | Add infrastructure for explicit support of Fist Packet Classification (#2488) | Ivan Nardi | 2024-07-03 |
| | | | | | | Let's start with some basic helpers and with FPC based on flow addresses. See: #2322 | ||
| * | Zoom: remove "stun_zoom" LRU cache | Nardi Ivan | 2024-06-17 |
| | | | | | | Since 070a0908b we are able to detect P2P calls directly from the packet content, without any correlation among flows | ||
| * | Added protocol - JRMI - Java Remote Method Invocation (#2470) | Mark Jeffery | 2024-06-15 |
| | | |||
| * | support rtp/rtcp over tcp (#2422) (#2457) | Maatuq | 2024-05-28 |
| | | | | | | Support rtp/rtcp over tcp as per rfc4571. Signed-off-by: mmaatuq <mahmoudmatook.mm@gmail.com> | ||
| * | CiscoVPN: we detect it only over UDP (#2454) | Ivan Nardi | 2024-05-28 |
| | | | | The original code handled also TCP/TLS, but it was removed in 6fc29b3ae | ||
| * | More NDPI_PROBING_ATTEMPT changes | Luca | 2024-05-22 |
| | | |||
| * | Follow-up of 2093ac5bf (#2451) | Ivan Nardi | 2024-05-21 |
| | | |||
| * | Minor dissector optimizations | Luca Deri | 2024-05-20 |
| | | |||
| * | H323: improve detection and avoid false positives (#2432) | Ivan Nardi | 2024-05-11 |
| | | |||
| * | Remove "zoom" cache (#2420) | Ivan Nardi | 2024-05-06 |
| | | | | | | | | | | This cache was added in b6b4967aa, when there was no real Zoom support. With 63f349319, a proper identification of multimedia stream has been added, making this cache quite useless: any improvements on Zoom classification should be properly done in Zoom dissector. Tested for some months with a few 10Gbits links of residential traffic: the cache pretty much never returned a valid hit. | ||
| * | Merge RTP and RTCP logic (#2416) | Ivan Nardi | 2024-05-06 |
| | | | | | | | | | | Avoid code duplication between these two protocols. We remove support for RTCP over TCP; it is quite rare to find this kind of traffic and, more important, we have never had support for RTP over TCP: we should try to add both detecion as follow-up. Fix a message log in the LINE code | ||
| * | Add BFCP protocol support (#2401) | 0x41CEA55 | 2024-04-23 |
| | | |||
| * | Remove obsolete protocols: tuenty, tvuplayer and kontiki (#2398) | 0x41CEA55 | 2024-04-19 |
| | | |||
| * | Add KNXnet/IP protocol support (#2397) | 0x41CEA55 | 2024-04-19 |
| | | | | | | * Add KNXnet/IP protocol support * Improve KNXnet/IP over TCP detection | ||
| * | Add Label Distribution Protocol support (#2385) | Vladimir Gavrilov | 2024-04-12 |
| | | | | | | | | * Add Label Distribution Protocol support * Fix typo * Update unit test results | ||
| * | Add The Elder Scrolls Online support (#2376) | Vladimir Gavrilov | 2024-04-10 |
| | | | | | | | | | | | | * Add The Elder Scrolls Online support * Use ndpi_memmem instead of memmem from libc * Add protocol description * Change selection bitmask to V4_V6 * Update protocols.rst | ||
| * | Added binary data transfer risk alert | Luca | 2024-04-03 |
| | | |||
| * | Add Path of Exile protocol dissector (#2337) | Vladimir Gavrilov | 2024-03-06 |
| | | | | | | * Add Path of Exile protocol dissector * Update protocols.rst | ||