libndpi.git - Open Source Deep Packet Inspection Software Toolkit

	Commit message (Collapse)	Author	Age
*	Add DingTalk protocol support (#2581)	Vladimir Gavrilov	2024-10-07
\|
*	Exports DNS A/AAAA responses (up to 4 addresses)	Luca	2024-10-02
\| \| \| \|	Changed the default to IPv4 (used to be IPv6) in case of DNS error response
*	Tls out of order (#2561)	Ivan Nardi	2024-09-18
\| \| \| \| \| \| \| \| \| \| \| \|	* Revert "Added fix for handling Server Hello before CLient Hello" This reverts commit eb15b22e7757cb70894fdcde440e62bc40f22df1. * TLS: add some tests with unidirectional traffic * TLS: another attempt to process CH received after the SH Obviously, we will process unidirectional traffic longer, because we are now waiting for messages in both directions
*	Added fix for handling Server Hello before CLient Hello	Luca	2024-09-17
\|
*	oracle: fix dissector (#2548)	Ivan Nardi	2024-09-07
\| \| \| \|	We can do definitely better, but this change is a big improvements respect the current broken code
*	Add Lustre protocol detection support (#2544)	Vladimir Gavrilov	2024-09-04
\|
*	Fix CNP-IP false positives (#2531)	Vladimir Gavrilov	2024-08-30
\|
*	Add TRDP protocol support (#2528)	Vladimir Gavrilov	2024-08-25
\| \| \|	The Train Real Time Data Protocol (TRDP) is a UDP/TCP-based communication protocol designed for IP networks in trains, enabling data exchange between devices such as door controls and air conditioning systems. It is standardized by the IEC under IEC 61375-2-3 and is not related to the Remote Desktop Protocol (RDP).
*	Add Automatic Tank Gauge protocol (#2527)	wssxsxxsx	2024-08-23
\| \| \| \| \| \| \|	See also #2523 --------- Co-authored-by: Nardi Ivan <nardi.ivan@gmail.com>
*	Add CNP/IP protocol support (#2521)	Vladimir Gavrilov	2024-08-22
\| \| \|	ISO/IEC 14908-4 defines how to tunnel Control Network Protocol (CNP) over IP networks. It encapsulates protocols like EIA-709, EIA-600, and CNP, making it a versatile solution for building automation and control systems.
*	Fixed probing attempt risk that was creating false positives	Luca Deri	2024-08-07
\|
*	Update all IP lists (#2515)	Ivan Nardi	2024-08-02
\| \| \| \| \|	The `suffix_id` is simply an incremental index (see `ndpi_load_domain_suffixes`), so its value might changes every time we update the public suffix list.
*	FPC: add DPI information (#2514)	Ivan Nardi	2024-07-23
\| \| \| \|	If the flow is classified (via DPI) after the first packet, we should use this information as FPC
*	Add OpenWire support (#2513)	Vladimir Gavrilov	2024-07-22
\|
*	FPC: small improvements (#2512)	Ivan Nardi	2024-07-22
\| \| \| \|	Add printing of fpc_dns statistics and add a general cconfiguration option. Rework the code to be more generic and ready to handle other logics.
*	FPC: add DNS correlation (#2497)	mmanoj	2024-07-22
\| \| \| \| \| \| \| \| \|	Use DNS information to get a better First Packet Classification. See: #2322 --------- Co-authored-by: Nardi Ivan <nardi.ivan@gmail.com>
*	Add Nano (XNO) protocol support (#2508)	Vladimir Gavrilov	2024-07-18
\|
*	Improve detection of Cloudflare WARP traffic (#2491)	Ivan Nardi	2024-07-04
\| \| \|	See: #2484
*	Add infrastructure for explicit support of Fist Packet Classification (#2488)	Ivan Nardi	2024-07-03
\| \| \| \| \|	Let's start with some basic helpers and with FPC based on flow addresses. See: #2322
*	Add Ripe Atlas probe protocol. (#2473)	Toni	2024-06-17
\| \| \|	Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
*	Zoom: harden RTP/RTCP detection	Nardi Ivan	2024-06-17
\|
*	Zoom: remove "stun_zoom" LRU cache	Nardi Ivan	2024-06-17
\| \| \| \| \|	Since 070a0908b we are able to detect P2P calls directly from the packet content, without any correlation among flows
*	Added protocol - JRMI - Java Remote Method Invocation (#2470)	Mark Jeffery	2024-06-15
\|
*	Zoom: faster detection of P2P flows (#2467)	Ivan Nardi	2024-06-07