| Commit message (Collapse) | Author | Age |
|---|
| |
|
| |
Fix: 7a3aa41a
|
| |
|
|
|
|
|
| |
Found by oss-fuzz:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=40269
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=41432
Fix fuzz compilation (follow-up of f5545a80)
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
As a general rule, the higher the confidence value, the higher the
"reliability/precision" of the classification.
In other words, this new field provides an hint about "how" the flow
classification has been obtained.
For example, the application may want to ignore classification "by-port"
(they are not real DPI classifications, after all) or give a second
glance at flows classified via LRU caches (because of false positives).
Setting only one value for the confidence field is a bit tricky: more
work is probably needed in the next future to tweak/fix/improve the logic.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Improve Microsoft, GMail, Likee, Whatsapp, DisneyPlus and Tiktok
detection.
Add Vimeo, Fuze, Alibaba and Firebase Crashlytics detection.
Try to differentiate between Messenger/Signal standard flows (i.e chat)
and their VOIP (video)calls (like we already do for Whatsapp and
Snapchat).
Add a partial list of some ADS/Tracking stuff.
Fix Cassandra, Radius and GTP false positives.
Fix DNS, Syslog and SIP false negatives.
Improve GTP (sub)classification: differentiate among GTP-U, GTP_C and
GTP_PRIME.
Fix 3 LGTM warnings.
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
| |
* validates client/server hello TLS extensions
* inspects content for some extensions
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
|
|
|
| |
The goal is to have a (roughly) idea about how many packets nDPI needs
to properly classify a flow.
Log this information (and guessed flows number too) during unit tests,
to keep track of improvements/regressions across commits.
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Error detected with valgrind.
==13127== Conditional jump or move depends on uninitialised value(s)
==13127== at 0x483EF58: strlen (in /usr/lib/x86_64-linux-gnu/valgrind/vgpreload_memcheck-amd64-linux.so)
==13127== by 0x1A93B6: ndpi_strdup (ndpi_main.c:159)
==13127== by 0x1C07CC: processClientServerHello (tls.c:1678)
==13127== by 0x1C0C4C: processTLSBlock (tls.c:712)
==13127== by 0x1C0C4C: ndpi_search_tls_tcp.part.0 (tls.c:849)
See also 8c3674e9
|
|
|
Error detected with valgrind.
==125883== Conditional jump or move depends on uninitialised value(s)
==125883== at 0x438F57: processClientServerHello (tls.c:1421)
==125883== by 0x43B35A: processTLSBlock (tls.c:712)
==125883== by 0x43B1C4: ndpi_search_tls_tcp (tls.c:849)
==125883== by 0x42C60B: check_ndpi_detection_func (ndpi_main.c:4426)
==125883== by 0x42E920: ndpi_detection_process_packet (ndpi_main.c:5301)
==125916== Conditional jump or move depends on uninitialised value(s)
==125916== at 0x438D7D: processClientServerHello (tls.c:1379)
==125916== by 0x43B35A: processTLSBlock (tls.c:712)
==125916== by 0x43B1C4: ndpi_search_tls_tcp (tls.c:849)
==125916== by 0x42C60B: check_ndpi_detection_func (ndpi_main.c:4426)
==125932== Conditional jump or move depends on uninitialised value(s)
==125932== at 0x438C1D: processClientServerHello (tls.c:1298)
==125932== by 0x43B35A: processTLSBlock (tls.c:712)
==125932== by 0x43B1C4: ndpi_search_tls_tcp (tls.c:849)
==125932== by 0x42C60B: check_ndpi_detection_func (ndpi_main.c:4426)
==125950== Conditional jump or move depends on uninitialised value(s)
==125950== at 0x438D4F: processClientServerHello (tls.c:1371)
==125950== by 0x43B35A: processTLSBlock (tls.c:712)
==125950== by 0x43B1C4: ndpi_search_tls_tcp (tls.c:849)
==125950== by 0x42C079: check_ndpi_detection_func (ndpi_main.c:4443)
|