| Commit message (Collapse) | Author | Age | |
|---|---|---|---|
| * | Add TiVoConnect dissector. Fixes #1697. (#1699) | Toni | 2022-08-08 |
| | | | | | | * added static assert if supported, to complain if the flow struct changes Signed-off-by: lns <matzeton@googlemail.com> | ||
| * | Patricia tree, Ahocarasick automa, LRU cache: add statistics (#1683) | Ivan Nardi | 2022-07-29 |
| | | | | | | | | | | | Add (basic) internal stats to the main data structures used by the library; they might be usefull to check how effective these structures are. Add an option to `ndpiReader` to dump them; enabled by default in the unit tests. This new option enables/disables dumping of "num dissectors calls" values, too (see b4cb14ec). | ||
| * | TINC: avoid processing SYN packets (#1676) | Ivan Nardi | 2022-07-28 |
| | | | | | | | | | | | | Since e6b332aa, we have proper support for detecting client/server direction. So Tinc dissector is now able to properly initialize the cache entry only when needed and not anymore at the SYN time; initializing that entry for **every** SYN packets was a complete waste of resources. Since 4896dabb, the various `struct ndpi_call_function_struct` structures are not more separate objects and therefore comparing them using only their pointers is bogus: this bug was triggered by this change because `ndpi_str->callback_buffer_size_tcp_no_payload` is now 0. | ||
| * | Update the protocol bitmask for some protocols (#1675) | Ivan Nardi | 2022-07-27 |
| | | | | | | | | Tcp retransmissions should be ignored. Remove some unused protocol bitmasks. Update script to download Whatsapp IP list. | ||
| * | Add AVAST dissector. (#1674) | Toni | 2022-07-25 |
| | | | | Signed-off-by: lns <matzeton@googlemail.com> | ||
| * | Added AliCloud server access dissector. (#1672) | Toni | 2022-07-23 |
| | | | | | Signed-off-by: lns <matzeton@googlemail.com> Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | ||
| * | SKYPE: remove detection over TCP | Nardi Ivan | 2022-07-20 |
| | | | | | | | Skype detection over TCP has been completely disable since 659f75138 (3 years ago!). Since that logic was too weak anyway, remove it. | ||
| * | Improved Jabber/XMPP detection. (#1661) | Toni | 2022-07-13 |
| | | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | ||
| * | Keep track of how many dissectors calls we made for each flow (#1657) | Ivan Nardi | 2022-07-11 |
| | | |||
| * | Fixed dispay bug for risk_info | Luca Deri | 2022-05-30 |
| | | |||
| * | Updated tests results | Luca Deri | 2022-05-30 |
| | | | | | Code cleanup | ||
| * | Extend tests coverage (#1476) | Ivan Nardi | 2022-03-09 |
| Now there is at least one flow under `tests/pcap` for 249 protocols out of the 284 ones supported by nDPI. The 35 protocols without any tests are: * P2P/sharing protocols: DIRECT_DOWNLOAD_LINK, OPENFT, FASTTRACK, EDONKEY, SOPCAST, THUNDER, APPLEJUICE, DIRECTCONNECT, STEALTHNET * games: CSGO, HALFLIFE2, ARMAGETRON, CROSSFIRE, DOFUS, FIESTA, FLORENSIA, GUILDWARS, MAPLESTORY, WORLD_OF_KUNG_FU * voip/streaming: VHUA, ICECAST, SHOUTCAST, TVUPLAYER, TRUPHONE * other: AYIYA, SOAP, TARGUS_GETDATA, RPC, ZMQ, REDIS, VMWARE, NOE, LOTUS_NOTES, EGP, SAP Most of these protocols (expecially the P2P and games ones) have been inherited by OpenDPI and have not been updated since then: even if they are still used, the detection rules might be outdated. However code coverage (of `lib/protocols`) only increases from 65.6% to 68.9%. Improve Citrix, Corba, Fix, Aimini, Megaco, PPStream, SNMP and Some/IP dissection. Treat IPP as a HTTP sub protocol. Fix Cassandra false positives. Remove `NDPI_PROTOCOL_QQLIVE` and `NDPI_PROTOCOL_REMOTE_SCAN`: these protocol ids are defined but they are never used. Remove Collectd support: its code has never been called. If someone is really interested in this protocol, we can re-add it later, updating the dissector. Add decoding of PPI (Per-Packet Information) data link type. | |||