From b77d3e3ab6d216cda9a092794a5fb8b1eac86fe6 Mon Sep 17 00:00:00 2001
From: Luca Deri <deri@ntop.org>
Date: Sun, 15 Sep 2024 20:21:32 +0200
Subject: Enhanced DHCP fingerprint Exported it with -E

---
 example/reader_util.c | 15 +++++++++++++--
 1 file changed, 13 insertions(+), 2 deletions(-)

(limited to 'example')

diff --git a/example/reader_util.c b/example/reader_util.c
index d2b60859d..51e8c3da0 100644
--- a/example/reader_util.c
+++ b/example/reader_util.c
@@ -1057,8 +1057,19 @@ static void dump_raw_fingerprint(struct ndpi_workflow * workflow,
 /* ****************************************************** */
 
 static void dump_flow_fingerprint(struct ndpi_workflow * workflow, struct ndpi_flow_info *flow) {
-  if(flow->ndpi_flow->protos.tls_quic.ja4_client_raw != NULL)
-    dump_raw_fingerprint(workflow, flow, "JA4r", flow->ndpi_flow->protos.tls_quic.ja4_client_raw);
+  if(is_ndpi_proto(flow, NDPI_PROTOCOL_TLS) || is_ndpi_proto(flow, NDPI_PROTOCOL_QUIC)) {
+    if(flow->ndpi_flow->protos.tls_quic.ja4_client_raw != NULL)
+      dump_raw_fingerprint(workflow, flow, "JA4r", flow->ndpi_flow->protos.tls_quic.ja4_client_raw);
+  } else if(is_ndpi_proto(flow, NDPI_PROTOCOL_DHCP)
+	    && (flow->ndpi_flow->protos.dhcp.fingerprint[0] != '\0')) {
+    char buf[256];
+
+    snprintf(buf, sizeof(buf), "%s_%s",
+	     flow->ndpi_flow->protos.dhcp.options,
+	     flow->ndpi_flow->protos.dhcp.fingerprint);
+    
+    dump_raw_fingerprint(workflow, flow, "DHCP_r", buf);
+  }
 }
 
 /* ****************************************************** */
-- 
cgit v1.2.3