aboutsummaryrefslogtreecommitdiff
path: root/tests/result/wa_voice.pcap.out
Commit message (Collapse)AuthorAge
* Keep track of how many dissectors calls we made for each flow (#1657)Ivan Nardi2022-07-11
|
* Avoid spurious calls to extra dissection (#1648)Ivan Nardi2022-07-07
| | | | If the extra callabck is not set, calling the extra dissection is only a waste of resources...
* Fix handling of NDPI_UNIDIRECTIONAL_TRAFFIC risk (#1636)Ivan Nardi2022-07-05
|
* Added unidirectional traffic flow riskLuca Deri2022-06-20
|
* Improved WhatsApp detection. (#1595)Toni2022-06-14
| | | Signed-off-by: lns <matzeton@googlemail.com>
* Updated DNS alert triggered only with TTL == 0Luca Deri2022-06-14
|
* Improved DNS traffic analysisLuca Deri2022-06-13
| | | | Added ability to identify application and network protocols
* Dissect host line if SSDP contains such. (#1586)Toni2022-06-07
| | | Signed-off-by: lns <matzeton@googlemail.com>
* Improved TLS alert detection. (#1542)Toni2022-05-08
| | | Signed-off-by: lns <matzeton@googlemail.com>
* Sync unit tests results (#1533)Ivan Nardi2022-04-27
|
* Improve protocol stacks (#1425)Ivan Nardi2022-01-30
| | | | | | | | | | | | | | | | | We should have two protocols in classification results only when the "master" protocol allows some sub-protocols. Classifications like `AmazonAWS`, `TLS/AmazonAWS`, `DNS/AmazonAWS` are fine. However classifications like `NTP/Apple`, `BitTorrent/Azure`, `DNScrypt.AmazonAWS` or `NestLogSink.Google` are misleading. For example, `ndpiReader`shows `BitTorrent/Azure` flows under `Azure` statistics; that seems to be wrong or, at least, very misleading. This is quite important since we have lots of addresses from CDN operators. The only drawback of this solution is that right now ICMP traffic is classified simply as `ICMP`; if we are really interested in ICMP stuff we can restore the old behaviour later.
* Sync unit tests results (#1423)Ivan Nardi2022-01-28
| | | Fix: 7a3aa41a
* STUN: fix "confidence" value for some classifications (#1407)Ivan Nardi2022-01-15
|
* Add a "confidence" field about the reliability of the classification. (#1395)Ivan Nardi2022-01-11
| | | | | | | | | | | | | As a general rule, the higher the confidence value, the higher the "reliability/precision" of the classification. In other words, this new field provides an hint about "how" the flow classification has been obtained. For example, the application may want to ignore classification "by-port" (they are not real DPI classifications, after all) or give a second glance at flows classified via LRU caches (because of false positives). Setting only one value for the confidence field is a bit tricky: more work is probably needed in the next future to tweak/fix/improve the logic.
* ndpiReader: slight simplificaton of the output (#1378)Ivan Nardi2021-11-27
|
* Fixed cleartext protocol assignment (#1357)Ivan Nardi2021-10-25
|
* Refreshed results listLuca Deri2021-10-16
|
* Updated test results after latest commitLuca Deri2021-10-16
|
* Updated outputLuca Deri2021-08-07
|
* Added legacy whatsapp rules used to match old pcaps that need to be removed ↵Luca Deri2021-07-31
| | | | in the future
* ndpiReader: add statistics about nDPI performance (#1240)Ivan Nardi2021-07-13
| | | | | | | The goal is to have a (roughly) idea about how many packets nDPI needs to properly classify a flow. Log this information (and guessed flows number too) during unit tests, to keep track of improvements/regressions across commits.
* Improved TLS browser detection heuristicsLuca Deri2021-05-19
|
* Added flow risk scoreLuca Deri2021-05-18
|
* Fixed invalid DNS dissectionLuca Deri2021-04-26
|
* Improved DNS dissectorLuca Deri2021-02-26
|
* Reworked MDNS dissector that is not based on the DNS dissectorLuca Deri2020-09-17
|
* Fixed partial TLS dissectionLuca Deri2020-07-30
|
* Changed due to bin size extensionLuca Deri2020-07-30
|
* Updated test results due to bin changesLuca Deri2020-07-09
|
* Fixes #906Luca Deri2020-06-22
| | | | Packet bins are not printed wehn empty
* Added ndpi_bin_XXX APILuca Deri2020-06-22
| | | | Added packet lenght distribution bins
* Added the ability to detect when a known protocol is using a non-standard portLuca Deri2020-05-10
| | | | Added check to spot executables exchanged via HTTP
* Results updateLuca Deri2020-04-17
|
* Added wa_voice.pcapLuca Deri2020-03-23
Powered by cgit, Themed by Ted Yin.