From 7aee856aa063f7861be7e7fe2970ba014391d9bf Mon Sep 17 00:00:00 2001 From: Ivan Nardi <12729895+IvanNardi@users.noreply.github.com> Date: Wed, 9 Mar 2022 22:37:35 +0100 Subject: Extend tests coverage (#1476) Now there is at least one flow under `tests/pcap` for 249 protocols out of the 284 ones supported by nDPI. The 35 protocols without any tests are: * P2P/sharing protocols: DIRECT_DOWNLOAD_LINK, OPENFT, FASTTRACK, EDONKEY, SOPCAST, THUNDER, APPLEJUICE, DIRECTCONNECT, STEALTHNET * games: CSGO, HALFLIFE2, ARMAGETRON, CROSSFIRE, DOFUS, FIESTA, FLORENSIA, GUILDWARS, MAPLESTORY, WORLD_OF_KUNG_FU * voip/streaming: VHUA, ICECAST, SHOUTCAST, TVUPLAYER, TRUPHONE * other: AYIYA, SOAP, TARGUS_GETDATA, RPC, ZMQ, REDIS, VMWARE, NOE, LOTUS_NOTES, EGP, SAP Most of these protocols (expecially the P2P and games ones) have been inherited by OpenDPI and have not been updated since then: even if they are still used, the detection rules might be outdated. However code coverage (of `lib/protocols`) only increases from 65.6% to 68.9%. Improve Citrix, Corba, Fix, Aimini, Megaco, PPStream, SNMP and Some/IP dissection. Treat IPP as a HTTP sub protocol. Fix Cassandra false positives. Remove `NDPI_PROTOCOL_QQLIVE` and `NDPI_PROTOCOL_REMOTE_SCAN`: these protocol ids are defined but they are never used. Remove Collectd support: its code has never been called. If someone is really interested in this protocol, we can re-add it later, updating the dissector. Add decoding of PPI (Per-Packet Information) data link type. --- python/ndpi.py | 3 --- python/ndpi_typestruct.py | 1 - 2 files changed, 4 deletions(-) (limited to 'python') diff --git a/python/ndpi.py b/python/ndpi.py index f83763c02..ac5d1afca 100644 --- a/python/ndpi.py +++ b/python/ndpi.py @@ -577,9 +577,6 @@ struct ndpi_flow_tcp_struct { /* NDPI_PROTOCOL_SKYPE */ uint8_t skype_packet_id; - /* NDPI_PROTOCOL_CITRIX */ - uint8_t citrix_packet_id; - /* NDPI_PROTOCOL_LOTUS_NOTES */ uint8_t lotus_notes_packet_id; diff --git a/python/ndpi_typestruct.py b/python/ndpi_typestruct.py index 7ff561d4e..52238c6d9 100644 --- a/python/ndpi_typestruct.py +++ b/python/ndpi_typestruct.py @@ -352,7 +352,6 @@ class NDPIFlowTcpStruct(Structure): ('mail_imap_stage', c_uint32, 3), ('mail_imap_starttls', c_uint32, 2), ('skype_packet_id', c_uint8), - ('citrix_packet_id', c_uint8), ('lotus_notes_packet_id', c_uint8), ('teamviewer_stage', c_uint8), ('prev_zmq_pkt_len', c_uint8), -- cgit v1.2.3