aboutsummaryrefslogtreecommitdiff
path: root/tests/cfgs/default
Commit message (Collapse)AuthorAge
* websocket: `ndpi_set_detected_protocol()` should be called only onceHEADdevIvan Nardi2025-07-02
| | | | Fix: b07a910dc
* Rework classification in `ndpi_match_host_subprotocol()`-like functions (#2910)Ivan Nardi2025-07-01
|
* Jabber: proper subclassification of TruPhoneIvan Nardi2025-07-01
|
* Remove some hack for Google traffic in `ndpi_reconcile_protocols()`Ivan Nardi2025-07-01
|
* Fix `ndpi_reconcile_protocols` with classification by port/ipIvan Nardi2025-07-01
|
* Fix classification with nBPF rulesIvan Nardi2025-07-01
|
* Bittorrent: update default ports (#2902)Ivan Nardi2025-06-23
|
* STUN: don't check `NDPI_KNOWN_PROTOCOL_ON_NON_STANDARD_PORT` flow risk (#2901)Ivan Nardi2025-06-23
|
* ndpiReader: fix check on max number of packets per flowIvan Nardi2025-06-23
|
* Viber: fix categoryIvan Nardi2025-06-23
|
* Classify Tracking/ADS/Analytics traffic only via category (#2900)Ivan Nardi2025-06-23
| | | See 3a243bb40 for similar work about porn and LLM
* ndpiReader: print categories summary (#2895)Ivan Nardi2025-06-21
|
* Merged protocols (now free to use) into existing categoriesLuca Deri2025-06-17
| | | | | - AdultContent -> Category Adult Content - LLM -> Category Artificial Intelligence
* Add GLBP dissector (#2879)Vladimir Gavrilov2025-06-10
| | | GLBP is a Cisco proprietary first-hop redundancy protocol similar to HSRP and VRRP, but with additional load balancing capabilities.
* Simplify `ndpi_internal_detection_process_packet()` (#2877)Ivan Nardi2025-06-10
| | | Simplify process of each packet
* Add category and breed support for custom rules (#2872)Vladimir Gavrilov2025-06-08
| | | Close #2594
* Fixes invalid SSH client/server detection based on stage and not on packet ↵Luca Deri2025-06-08
| | | | direction
* Sync unit tests results and fix `NDPI_HTTP_SUSPICIOUS_HEADER` (#2874)Ivan Nardi2025-06-08
|
* Sync unit tests resultsIvan Nardi2025-06-08
|
* Improved HTTP risk reportLuca Deri2025-06-08
| | | | PCRE2 is now enabled (if present) by default as necessary to report some HTTP risks
* Normalize breed/category names: use _ instead of spaces and slashes (#2873)Vladimir Gavrilov2025-06-07
|
* Added IMO and Badoo filesLuca Deri2025-06-06
|
* Sync unit tests resultsIvan Nardi2025-06-05
|
* Sync unit tests resultsIvan Nardi2025-06-05
|
* Improved HTTP risk message reportLuca Deri2025-06-05
|
* Add Hamachi protocol detection support (#2860)Vladimir Gavrilov2025-06-02
|
* Updated bots and scanners listLuca Deri2025-05-29
| | | | Improved lists file parsing
* Fix configuration of ip lists of flow risks (#2859)Ivan Nardi2025-05-28
| | | | | Add some new tests about these configuration parameters. Close #2858
* Improved detection of TCP scannersLuca Deri2025-05-27
|
* Allow to specify default ports also via range (#2856)Ivan Nardi2025-05-27
| | | Ad a trivial example, update SIP configuration to use range
* Sync unit tests resultsIvan Nardi2025-05-27
|
* BFCP: fix check on payload length and extract metadata (#2854)Ivan Nardi2025-05-26
| | | | | | We should be able to identified this protocol on the first packet, without keeping any state Close #2745
* Dofus: update detection to version 3.X (#2852)Ivan Nardi2025-05-25
| | | See #2827
* Added the support for multiple TCP fingerprint formatLuca Deri2025-05-24
| | | | | | | | | - default (0) is the native nDPI format - MuonOF (1) has been added The format can be changed using metadata.tcp_fingerprint_format Added ability to identify mass scanners using TCP fingerprint
* Simplify ZeroMQ detection (#2847)Vladimir Gavrilov2025-05-23
|
* Add MELSEC protocol support (#2846)Vladimir Gavrilov2025-05-23
|
* IPP: fix selection bitmask (#2845)Ivan Nardi2025-05-22
| | | | IPP is identified *only* as HTTP subprotocol, so it can't be over UDP (HTTP is only over TCP...)
* Improve BFCP detection (#2844)Vladimir Gavrilov2025-05-22
| | | Co-authored-by: Ivan Nardi <nardi.ivan@gmail.com>
* ospf, ipsec: use different ids for protocols at layer3 (#2838)Ivan Nardi2025-05-21
| | | | | | | | | | | | | | | | | | | | | | Don't use the same id for the same protocol identified via L3 info or via standard TCP/UDP detection (example: ospf ip_proto 0x59 or TCP port 2604) Before: ``` ivan@ivan-Precision-3591:~/svnrepos/nDPI(dev)$ ./example/ndpiReader -H | grep -wE 'OSPF|IPSec|AH|ESP|IP_OSPF' 79 79 IPSec UDP X Safe VPN 500,4500 500 85 85 OSPF X Acceptable Network - 2604 ``` After: ``` ivan@ivan-Precision-3591:~/svnrepos/nDPI(ospf-ipsec)$ ./example/ndpiReader -H | grep -wE 'OSPF|IPSec|AH|ESP|IP_OSPF' 79 79 IPSec UDP X Safe VPN 500,4500 500 85 85 IP_OSPF X Acceptable Network - - 116 116 AH X Safe VPN - - 117 117 ESP X Safe VPN - - 184 184 OSPF TCP X Safe Network - 2604 ```
* Fix `isAppProtocol` for GTP_U (#2837)Ivan Nardi2025-05-21
| | | See: c590dc495
* Drop GW1 support and add basic GW2 detection (#2836)Vladimir Gavrilov2025-05-21
|
* CrossFire: update code (#2834)Vladimir Gavrilov2025-05-21
|
* Remove ProtonVPN address lists (#2831)Ivan Nardi2025-05-20
| | | | | | | Proton doesn't provide anymore the list of egress and ingress addresses. Remove the (stale) lists and the relative configuration parameters. See: https://www.reddit.com/r/ProtonVPN/comments/1k3lrl5/great_the_httpsapiprotonvpnchvpnlogicals_api_has/ See also 470a479eb
* Gnutella: avoid false positives (#2832)Ivan Nardi2025-05-20
|
* Gnutella: simplify code, to support only gtk-gnutella client (#2830)Ivan Nardi2025-05-20
| | | Close #2818
* Drop Warcraft 3 (pre Reforged) support (#2826)Vladimir Gavrilov2025-05-19
|
* RTSP: simplify detection (#2822)Ivan Nardi2025-05-18
|
* Remove Half-Life 2 support; improve Source Engine protocol detection0xA50C1A12025-05-16
|
* Rename NDPI_PROTOCOL_UBUNTUONE protocol ID to NDPI_PROTOCOL_CANONICAL0xA50C1A12025-05-15
|
* Rename Lotus Notes to HCL Notes for product consistency0xA50C1A12025-05-15
|
Powered by cgit, Themed by Ted Yin.