aboutsummaryrefslogtreecommitdiff
path: root/tests/cfgs/guess_ip_before_port_enabled
Commit message (Collapse)AuthorAge
* ndpiReader: print categories summary (#2895)Ivan Nardi2025-06-21
|
* Add GLBP dissector (#2879)Vladimir Gavrilov2025-06-10
| | | GLBP is a Cisco proprietary first-hop redundancy protocol similar to HSRP and VRRP, but with additional load balancing capabilities.
* Add Hamachi protocol detection support (#2860)Vladimir Gavrilov2025-06-02
|
* Simplify ZeroMQ detection (#2847)Vladimir Gavrilov2025-05-23
|
* Add MELSEC protocol support (#2846)Vladimir Gavrilov2025-05-23
|
* IPP: fix selection bitmask (#2845)Ivan Nardi2025-05-22
| | | | IPP is identified *only* as HTTP subprotocol, so it can't be over UDP (HTTP is only over TCP...)
* Gnutella: simplify code, to support only gtk-gnutella client (#2830)Ivan Nardi2025-05-20
| | | Close #2818
* Drop Warcraft 3 (pre Reforged) support (#2826)Vladimir Gavrilov2025-05-19
|
* RTSP: simplify detection (#2822)Ivan Nardi2025-05-18
|
* Remove Half-Life 2 support; improve Source Engine protocol detection0xA50C1A12025-05-16
|
* Remove Vhua support (#2816)Vladimir Gavrilov2025-05-15
|
* Remove World Of Kung Fu support (#2815)Vladimir Gavrilov2025-05-15
|
* Add Microsoft Delivery Optimization protocol (#2799)Vladimir Gavrilov2025-04-28
|
* FPC: save all addresses from DNS to `fpc_dns` cache (#2792)Ivan Nardi2025-04-10
|
* WoW: update detectionIvan Nardi2025-03-30
| | | | | Remove the specific dissector and use the Blizzard's generic one. For the time being, keep `NDPI_PROTOCOL_WORLDOFWARCRAFT`
* Rework the old MapleStory code to identify traffic from generic Nexon games ↵Ivan Nardi2025-03-19
| | | | | | (#2773) Remove `NDPI_PROTOCOL_MAPLESTORY` and add a generic `NDPI_PROTOCOL_NEXON`
* Merge pull request #2760 from IvanNardi/internal_giveupIvan Nardi2025-03-11
|\ | | | | Add a new internal function `internal_giveup()`
| * Add a new internal function `internal_giveup()`Ivan Nardi2025-03-05
| | | | | | | | | | | | | | | | This function is always called once for every flow, as last code processing the flow itself. As a first usage example, check here if the flow is unidirectional (instead of checking it at every packets)
* | Add GearUP Booster protocol dissector (heuristic based). (#2765)Toni2025-03-07
|/ | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* Flow risk infos are always exported "in order" (by flow risk id)Ivan Nardi2025-03-04
| | | | | | | | This way, the `ndpiReader` output doesn't change if we change the internal logic about the order we set/check the various flow risks. Note that the flow risk *list* is already printed by `ndpiReader` in order.
* Improved Google PlayStore detectionLuca Deri2025-02-24
|
* Add LagoFast protocol dissector. (#2743)Toni2025-02-23
| | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* Fixed bug in domain name computationLuca Deri2025-02-17
|
* DNS: faster exclusion (#2719)Ivan Nardi2025-02-12
|
* ndpiReader: print more DNS information (#2717)Ivan Nardi2025-02-11
|
* DNS: disable subclassification by default (#2715)Ivan Nardi2025-02-11
| | | | Prelimary change to start supporting multiple DNS transactions on the same flow
* Remove JA3C output from ndpiReader (#2667)Ivan Nardi2025-01-12
| | | | | | | | | | | | | Removing JA3C is an big task. Let's start with a simple change having an huge impact on unit tests: remove printing of JA3C information from ndpiReader. This way, when we will delete the actual code, the unit tests diffs should be a lot simpler to look at. Note that the information if the client/server cipher is weak or obsolete is still available via flow risk See: #2551
* HTTP: fix entropy calculation (#2666)Ivan Nardi2025-01-12
| | | | We calculate HTTP entropy according to "Content-type:" header, see `ndpi_validate_http_content()` on HTTP code
* Improved WebSocket-over-HTTP detection (#2664)Toni2025-01-11
| | | | | | * detect `chisel` SSH-over-HTTP-WebSocket * use `strncasecmp()` for `LINE_*` matching macros Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* ndpiReader: update JA statistics (#2646)Ivan Nardi2025-01-06
| | | | Show JA4C and JA3S information (instead of JA3C and JA3S) See #2551 for context
* Imporoved SMBv1 heuristic to avoid triggering risks for SMBv1 broadcast ↵Luca Deri2025-01-03
| | | | messages when used to browse (old) network devices
* When triggering risk "Known Proto on Non Std Port", nDPi now reports the ↵Luca Deri2024-11-22
| | | | port that was supposed to be used as default
* Added DICOM supportLuca2024-11-15
| | | | Testing pcaps courtesy of https://github.com/virtalabs/tapirx.git
* Implemented Mikrotik discovery protocol dissection and metadata extraction ↵Luca Deri2024-11-14
| | | | (#2618)
* Add Paltalk protocol support (#2606)Vladimir Gavrilov2024-10-28
|
* Fixes TCP fingerprint calculation when multiple EOL are specified in TCP optionsLuca Deri2024-10-27
|
* Improved TCP fingerprintLuca Deri2024-10-20
|
* Improved TCP fingepring calculationLuca Deri2024-10-18
| | | | Adde basidc OS detection based on TCP fingerprint
* Increased struct ndpi_flow_struct size (#2596)Luca Deri2024-10-18
| | | Build fix
* Added sonos dissectorLuca Deri2024-10-13
|
* Add DingTalk protocol support (#2581)Vladimir Gavrilov2024-10-07
|
* Allow IP guess before port in ndpi_detection_giveup (#2562)Liam Wilson2024-09-20
Add dpi.guess_ip_before_port which when enabled uses classification by-ip before classification by-port.
Powered by cgit, Themed by Ted Yin.