libndpi.git - Open Source Deep Packet Inspection Software Toolkit

	Commit message (Collapse)	Author	Age
*	Add Microsoft Delivery Optimization protocol (#2799)	Vladimir Gavrilov	2025-04-28
\|
*	WoW: update detection	Ivan Nardi	2025-03-30
\| \| \| \| \|	Remove the specific dissector and use the Blizzard's generic one. For the time being, keep `NDPI_PROTOCOL_WORLDOFWARCRAFT`
*	Remove `NDPI_FULLY_ENCRYPTED` flow risk (#2779)	Ivan Nardi	2025-03-25
\| \| \| \| \| \| \|	Use `NDPI_OBFUSCATED_TRAFFIC` instead; this way, all the obfuscated traffic is identified via `NDPI_OBFUSCATED_TRAFFIC` flow risk. Disable fully-encryption detection by default, like all the obfuscation heuristics.
*	Add GearUP Booster protocol dissector (heuristic based). (#2765)	Toni	2025-03-07
\| \| \|	Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
*	Flow risk infos are always exported "in order" (by flow risk id)	Ivan Nardi	2025-03-04
\| \| \| \| \| \| \| \|	This way, the `ndpiReader` output doesn't change if we change the internal logic about the order we set/check the various flow risks. Note that the flow risk list is already printed by `ndpiReader` in order.
*	Add LagoFast protocol dissector. (#2743)	Toni	2025-02-23
\| \| \|	Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
*	DNS: faster exclusion (#2719)	Ivan Nardi	2025-02-12
\|
*	When triggering risk "Known Proto on Non Std Port", nDPi now reports the ↵	Luca Deri	2024-11-22
\| \| \| \|	port that was supposed to be used as default
*	Added DICOM support	Luca	2024-11-15
\| \| \| \|	Testing pcaps courtesy of https://github.com/virtalabs/tapirx.git
*	Implemented Mikrotik discovery protocol dissection and metadata extraction ↵	Luca Deri	2024-11-14
\| \| \| \|	(#2618)
*	Add Paltalk protocol support (#2606)	Vladimir Gavrilov	2024-10-28
\|
*	Improved TCP fingerprint	Luca Deri	2024-10-20
\|
*	Improved TCP fingepring calculation	Luca Deri	2024-10-18
\| \| \| \|	Adde basidc OS detection based on TCP fingerprint
*	Increased struct ndpi_flow_struct size (#2596)	Luca Deri	2024-10-18
\| \| \|	Build fix
*	Added sonos dissector	Luca Deri	2024-10-13
\|
*	Add DingTalk protocol support (#2581)	Vladimir Gavrilov	2024-10-07
\|
*	Add an heuristic to detect encrypted/obfuscated OpenVPN flows (#2547)	Ivan Nardi	2024-09-16
	Based on the paper: "OpenVPN is Open to VPN Fingerprinting" See: https://www.usenix.org/conference/usenixsecurity22/presentation/xue-diwen Basic idea: * the distribution of the first byte of the messages (i.e. the distribution of the op-codes) is quite unique * this fingerprint might be still detectable even if the OpenVPN packets are somehow fully encrypted/obfuscated The heuristic is disabled by default.