From 63a3547f998bfbe52c2bc8a540e0f33d37f3ad88 Mon Sep 17 00:00:00 2001
From: Ivan Nardi <12729895+IvanNardi@users.noreply.github.com>
Date: Tue, 14 Jan 2025 12:05:03 +0100
Subject: Add (kind of) support for loading a list of JA4C malicious
 fingerprints (#2678)

It might be usefull to be able to match traffic against a list of
suspicious JA4C fingerprints

Use the same code/logic/infrastructure used for JA3C (note that we are
going to remove JA3C...)

See: #2551
---
 src/include/ndpi_api.h | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'src/include/ndpi_api.h')

diff --git a/src/include/ndpi_api.h b/src/include/ndpi_api.h
index f1f016be0..48b225d77 100644
--- a/src/include/ndpi_api.h
+++ b/src/include/ndpi_api.h
@@ -850,14 +850,14 @@ extern "C" {
   int ndpi_load_risk_domain_file(struct ndpi_detection_module_struct *ndpi_str, const char* path);
 
   /**
-   * Read a file and load the list of malicious JA3 signatures
+   * Read a file and load the list of malicious JA4 signatures
    *
    * @par     ndpi_mod = the detection module
    * @par     path     = the path of the file
    * @return  0 if the file is loaded correctly;
    *          -1 else
    */
-  int ndpi_load_malicious_ja3_file(struct ndpi_detection_module_struct *ndpi_str, const char *path);
+  int ndpi_load_malicious_ja4_file(struct ndpi_detection_module_struct *ndpi_str, const char *path);
 
   /**
    * Read a file and load the list of malicious SSL certificate SHA1 fingerprints.
-- 
cgit v1.2.3