aboutsummaryrefslogtreecommitdiff
path: root/tests/cfgs/default/result/tcp_scan.pcapng.out
Commit message (Collapse)AuthorAge
* Sync unit tests resultsIvan Nardi2024-11-21
|
* Fixes TCP fingerprint calculation when multiple EOL are specified in TCP optionsLuca Deri2024-10-27
|
* Improved TCP fingerprintLuca Deri2024-10-20
|
* Improved TCP fingepring calculationLuca Deri2024-10-18
| | | | Adde basidc OS detection based on TCP fingerprint
* Increased struct ndpi_flow_struct size (#2596)Luca Deri2024-10-18
| | | Build fix
* Fixed probing attempt risk that was creating false positivesLuca Deri2024-08-07
|
* FPC: small improvements (#2512)Ivan Nardi2024-07-22
| | | | Add printing of fpc_dns statistics and add a general cconfiguration option. Rework the code to be more generic and ready to handle other logics.
* Add infrastructure for explicit support of Fist Packet Classification (#2488)Ivan Nardi2024-07-03
| | | | | Let's start with some basic helpers and with FPC based on flow addresses. See: #2322
* Zoom: remove "stun_zoom" LRU cacheNardi Ivan2024-06-17
| | | | | Since 070a0908b we are able to detect P2P calls directly from the packet content, without any correlation among flows
* More NDPI_PROBING_ATTEMPT changesLuca2024-05-22
|
* Remove "zoom" cache (#2420)Ivan Nardi2024-05-06
| | | | | | | | | This cache was added in b6b4967aa, when there was no real Zoom support. With 63f349319, a proper identification of multimedia stream has been added, making this cache quite useless: any improvements on Zoom classification should be properly done in Zoom dissector. Tested for some months with a few 10Gbits links of residential traffic: the cache pretty much never returned a valid hit.
* ndpiReader: add breed stats on output used for CI (#2236)Ivan Nardi2024-01-05
|
* ndpiReader: fix `guessed_flow_protocols` statistic (#2203)Ivan Nardi2023-12-12
| | | Increment the counter only if the flow has been guessed
* IPv6: add support for IPv6 risk exceptions (#2122)Ivan Nardi2023-10-29
|
* IPv6: add support for IPv6 risk tree (#2118)Ivan Nardi2023-10-27
| | | Fix the script to download crawler addressess
* ipv6: add support for ipv6 addresses lists (#2113)Ivan Nardi2023-10-26
|
* Fixes risk mask exception handling while improving the overall performanceLuca Deri2023-07-14
|
* Remove special handling of some TCP flows without SYN (#1965)Ivan Nardi2023-05-09
| | | | | | | | | | | | | | | | | | | | | This piece of code has multiple problems: * nDPI is able to detect some TCP protocols even with mid-flows (i.e. without the initial packets of the session); TLS is the most significative example * since e6b332aa4a1399e33df68998cf8351bccaee3fc4 it is perfectly valid to not pass the TCP Handshake packets to nDPI * in any case, we shouldn't call `ndpi_detection_giveup()`. That function is usually called by the application and we end up calling it twice in some cases. The simple solution is to completely remove that code: process these kinds of flows like everyone else. Note that the application can always avoid to pass to nDPI any TCP flows without the initial handshake; the flow managemnt is always up to the application. Looking at the CI results, some rare flows are now processed significantly longer. As a follow-up we could look into that.
* Test multiple `ndpiReader` configurations (#1931)Ivan Nardi2023-04-06
Extend internal unit tests to handle multiple configurations. As some examples, add tests about: * disabling some protocols * disabling Ookla aggressiveness Every configurations data is stored in a dedicated directory under `tests\cfgs`
Powered by cgit, Themed by Ted Yin.