libndpi.git - Open Source Deep Packet Inspection Software Toolkit

	Commit message (Collapse)	Author	Age
*	Patricia tree, Ahocarasick automa, LRU cache: add statistics (#1683)	Ivan Nardi	2022-07-29
\| \| \| \| \| \| \| \| \| \|	Add (basic) internal stats to the main data structures used by the library; they might be usefull to check how effective these structures are. Add an option to `ndpiReader` to dump them; enabled by default in the unit tests. This new option enables/disables dumping of "num dissectors calls" values, too (see b4cb14ec).
*	TINC: avoid processing SYN packets (#1676)	Ivan Nardi	2022-07-28
\| \| \| \| \| \| \| \| \| \| \|	Since e6b332aa, we have proper support for detecting client/server direction. So Tinc dissector is now able to properly initialize the cache entry only when needed and not anymore at the SYN time; initializing that entry for every SYN packets was a complete waste of resources. Since 4896dabb, the various `struct ndpi_call_function_struct` structures are not more separate objects and therefore comparing them using only their pointers is bogus: this bug was triggered by this change because `ndpi_str->callback_buffer_size_tcp_no_payload` is now 0.
*	Update the protocol bitmask for some protocols (#1675)	Ivan Nardi	2022-07-27
\| \| \| \| \| \| \|	Tcp retransmissions should be ignored. Remove some unused protocol bitmasks. Update script to download Whatsapp IP list.
*	Improved Jabber/XMPP detection. (#1661)	Toni	2022-07-13
\| \| \|	Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
*	Keep track of how many dissectors calls we made for each flow (#1657)	Ivan Nardi	2022-07-11
\|
*	Label SMTP w/ STARTTLS as SMTPS and dissect TLS clho. (#1639)	Toni	2022-07-06
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	* Label SMTP w/ STARTTLS as SMTPS and dissect TLS clho. Signed-off-by: Toni Uhlig <matzeton@googlemail.com> * Revert "SMTP with STARTTLS is now identified as SMTPS" This reverts commit 52d987b603f49d996b4060f43265d1cf43c3c482. * Revert "Compilation fix" This reverts commit c019946f601bf3b55f64f78841a0d696e6c0bfc5. * Sync unit tests. Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
*	SMTP with STARTTLS is now identified as SMTPS	Luca Deri	2022-07-05
\|
*	Detect SMTPs w/ STARTTLS as TLS and dissect client/server hello. Fixes ↵	Toni	2022-07-05
\| \| \| \| \| \| \|	#1630. (#1637) * FTP needs to get updated as well as it has similiar STARTTLS semantics -> follow-up Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
*	Fix category for mail sessions (#1621)	Ivan Nardi	2022-07-03
\| \| \|	Close #629
*	Add a "confidence" field about the reliability of the classification. (#1395)	Ivan Nardi	2022-01-11
\| \| \| \| \| \| \| \| \| \| \| \| \|	As a general rule, the higher the confidence value, the higher the "reliability/precision" of the classification. In other words, this new field provides an hint about "how" the flow classification has been obtained. For example, the application may want to ignore classification "by-port" (they are not real DPI classifications, after all) or give a second glance at flows classified via LRU caches (because of false positives). Setting only one value for the confidence field is a bit tricky: more work is probably needed in the next future to tweak/fix/improve the logic.
*	ndpiReader: slight simplificaton of the output (#1378)	Ivan Nardi	2021-11-27
\|
*	IMAP, POP3, SMTP: improve dissection (#1368)	Ivan Nardi	2021-11-11
\| \| \|	Avoid NATS false positives
*	Refreshed results list	Luca Deri	2021-10-16
\|
*	Added extraction of hostname in SMTP	Luca Deri	2021-08-11
	Fixed mail incalid subprotocol calculation