libndpi.git - Open Source Deep Packet Inspection Software Toolkit

	Commit message (Collapse)	Author	Age
*	Telegram: improve identification	Nardi Ivan	2024-02-26
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	Follow up of 31c706c3dbbf0afc4c8e0a6d0bb6f20796296549 and 75485e177ccc4fafcc62dd46c6917d5b735cf7d2. Allow fast classification by ip, but give time to other dissectors to kick in (for example, the TLS code for the Telegram Web flows). Even if we don't classify it anymore at the very first packet (i.e. SYN) we fully classify Telegram traffic at the first packet with payload, as any other protocol. This way, we always have the proper category, the proper confidence for the UDP flows and we don't overwrite previous classifications (TLS or ICMP) Remove old and stale identification logic for TCP flows
*	Add identification of Huawei generic and cloud traffic (#2325)	Ivan Nardi	2024-02-20
\|
*	Add ElectronicArts detection support (#2274)	Vladimir Gavrilov	2024-01-21
\| \| \| \| \|	* Add ElectronicArts detection support * Merge electronicarts.pcapng into sites.pcapng
*	ndpiReader: add breed stats on output used for CI (#2236)	Ivan Nardi	2024-01-05
\|
*	Add HL7 protocol dissector (#2240)	Vladimir Gavrilov	2024-01-02
\| \| \| \| \| \| \|	* Add HL7 protocol dissector * Small fixes * Small fixes
*	Implements JA4 Support (#2191)	Luca Deri	2023-12-22
\|
*	Add JSON-RPC protocol dissector (#2217)	Vladimir Gavrilov	2023-12-20
\| \| \| \| \| \| \|	* Add JSON-RPC protocol dissector * Small fixes * Improve detection
*	Remove Google+ support (#2155)	Vladimir Gavrilov	2023-11-21
\| \| \| \| \| \| \| \| \| \| \| \| \|	* Remove Google+ support Google+ was discontiued in 2019, so I think that its protocol id can be freed for reuse. * Fix typo * Update tests --------- Co-authored-by: 0xA50C1A1 <mage.wizard88@gmail.com>
*	IPv6: add support for IPv6 risk exceptions (#2122)	Ivan Nardi	2023-10-29
\|
*	IPv6: add support for IPv6 risk tree (#2118)	Ivan Nardi	2023-10-27
\| \| \|	Fix the script to download crawler addressess
*	ipv6: add support for ipv6 addresses lists (#2113)	Ivan Nardi	2023-10-26
\|
*	QUIC: export QUIC version as metadata	Nardi Ivan	2023-10-11
\|
*	Fixes risk mask exception handling while improving the overall performance	Luca Deri	2023-07-14
\|
*	Add Apache Thrift protocol dissector. (#2007)	Toni	2023-06-22
\| \| \|	Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
*	Fix classification-by-ip in `ndpi_detection_giveup` (#1981)	Ivan Nardi	2023-05-17
\| \| \| \| \| \| \| \| \| \| \| \| \| \|	Return the "classification-by-ip" as protocol results only if no other results are available. In particular, never return something like "protocol_by_port/protocol_by_ip" (i.e. `NTP/Apple`, BitTorrent/GoogleCloud`, `Zoom/AWS`) because this kind of classification is quite confusing, if not plainly wrong. Notes: * the information about "classification-by-ip" is always available, so no information is lost with this change; * in the unit tests, the previous classifications with confidence `NDPI_CONFIDENCE_DPI_PARTIAL` were wrong, as noted in #1957
*	Fix MS Teams detection with heuristic (#1972)	Ivan Nardi	2023-05-10
\| \| \| \| \| \|	When we reconcile a TLS session to Teams, we need to keep TLs as master. This way: * we keep exporting all the TLS metadata * we avoid some memory leaks (of these metadata themeselves)
*	Updated results	Luca Deri	2023-05-10
\|
*	Test multiple `ndpiReader` configurations (#1931)	Ivan Nardi	2023-04-06
	Extend internal unit tests to handle multiple configurations. As some examples, add tests about: * disabling some protocols * disabling Ookla aggressiveness Every configurations data is stored in a dedicated directory under `tests\cfgs`