| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
| |
Fix: b07a910dc
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
| |
See 3a243bb40 for similar work about porn and LLM
|
| | |
|
| |
|
|
|
|
|
| |
Default ports trees are initialized during
`ndpi_finalize_initialization()`
Make `ndpi_init_detection_module()` less likely to fail, because there
are less memory allocations.
|
| |
|
|
|
| |
- AdultContent -> Category Adult Content
- LLM -> Category Artificial Intelligence
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The hard limit of total number of protocols (internal and custom) is ~65535,
because protocol ids are `u_int16_t`...
API changes:
1. From `NDPI_MAX_SUPPORTED_PROTOCOLS + NDPI_MAX_NUM_CUSTOM_PROTOCOLS` to
`ndpi_get_num_protocols()` (after having called
`ndpi_finalize_initialization()`);
2. From `proto_id >= NDPI_MAX_SUPPORTED_PROTOCOLS` to
`ndpi_is_custom_protocol(proto_id)` (after having called
`ndpi_finalize_initialization()`);
Close #2136
Close #2545
|
| |
|
| |
GLBP is a Cisco proprietary first-hop redundancy protocol similar to HSRP and VRRP, but with additional load balancing capabilities.
|
| |
|
| |
Simplify process of each packet
|
| |
|
| |
Close #2594
|
| |
|
|
| |
direction
|
| | |
|
| | |
|
| |
|
|
| |
PCRE2 is now enabled (if present) by default as necessary to report some HTTP risks
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
| |
Partial revert of 88bfe2cf0: in the trees we save the index and no more
a pointer to `ndpi_struct->proto_defaults[]`.
Remove same functions from public API
See #2136
|
| | |
|
| | |
|
| | |
|
| |
|
| |
File taken from #2136
|
| | |
|
| |
|
|
| |
Improved lists file parsing
|
| |
|
|
|
| |
Add some new tests about these configuration parameters.
Close #2858
|
| | |
|
| |
|
| |
Ad a trivial example, update SIP configuration to use range
|
| | |
|
| |
|
|
|
|
| |
We should be able to identified this protocol on the first packet,
without keeping any state
Close #2745
|
| |
|
| |
See #2827
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We use `registr_dissector()` instead of
`ndpi_set_bitmask_protocol_detection()`.
Every file in `src/lib/protocols/*.c` is a dissector.
Every dissector can handle multiple protocols.
The real goal is this small change:
```
struct call_function_struct {
- NDPI_PROTOCOL_BITMASK detection_bitmask;
```
i.e. getting rid of another protocol bitmask: this is mandatory to try
to fix #2136 (see also e845e8205b68752c997d05224d8b2fd45acde714)
As a nice side effect, we remove a bitmask comparison in the hot function
`check_ndpi_detection_func()`
TODO: change logging configuration from per-protocol to per-dissector
|
| |
|
|
|
|
|
|
|
| |
- default (0) is the native nDPI format
- MuonOF (1) has been added
The format can be changed using metadata.tcp_fingerprint_format
Added ability to identify mass scanners using TCP fingerprint
|
| | |
|
| | |
|
| |
|
|
| |
IPP is identified *only* as HTTP subprotocol, so it can't be over UDP
(HTTP is only over TCP...)
|
| |
|
| |
Co-authored-by: Ivan Nardi <nardi.ivan@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Don't use the same id for the same protocol identified via L3 info or
via standard TCP/UDP detection (example: ospf ip_proto 0x59 or TCP port
2604)
Before:
```
ivan@ivan-Precision-3591:~/svnrepos/nDPI(dev)$ ./example/ndpiReader -H | grep -wE 'OSPF|IPSec|AH|ESP|IP_OSPF'
79 79 IPSec UDP X Safe VPN 500,4500 500
85 85 OSPF X Acceptable Network - 2604
```
After:
```
ivan@ivan-Precision-3591:~/svnrepos/nDPI(ospf-ipsec)$ ./example/ndpiReader -H | grep -wE 'OSPF|IPSec|AH|ESP|IP_OSPF'
79 79 IPSec UDP X Safe VPN 500,4500 500
85 85 IP_OSPF X Acceptable Network - -
116 116 AH X Safe VPN - -
117 117 ESP X Safe VPN - -
184 184 OSPF TCP X Safe Network - 2604
```
|
| |
|
| |
See: c590dc495
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
Proton doesn't provide anymore the list of egress and ingress addresses.
Remove the (stale) lists and the relative configuration parameters.
See: https://www.reddit.com/r/ProtonVPN/comments/1k3lrl5/great_the_httpsapiprotonvpnchvpnlogicals_api_has/
See also 470a479eb
|
| | |
|