From 5849863ef91b9b6a3acc8f1799c6b3642d35f34c Mon Sep 17 00:00:00 2001 From: Luca Deri Date: Tue, 24 Jan 2023 22:58:17 +0100 Subject: Added new risk NDPI_TCP_ISSUES --- src/include/ndpi_typedefs.h | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) (limited to 'src/include') diff --git a/src/include/ndpi_typedefs.h b/src/include/ndpi_typedefs.h index 8c1b1823a..67f76473b 100644 --- a/src/include/ndpi_typedefs.h +++ b/src/include/ndpi_typedefs.h @@ -121,9 +121,10 @@ typedef enum { your app will clear this risk if future packets (not sent to nDPI) are received in the opposite direction */ NDPI_HTTP_OBSOLETE_SERVER, - NDPI_PERIODIC_FLOW, /* Set in case a flow repeats at a specific pace [used by apps on top of nDPI] */ - NDPI_MINOR_ISSUES, /* Generic packet issues (e.g. DNS with 0 TTL) */ - + NDPI_PERIODIC_FLOW, /* Set in case a flow repeats at a specific pace [used by apps on top of nDPI] */ + NDPI_MINOR_ISSUES, /* Generic packet issues (e.g. DNS with 0 TTL) */ + NDPI_TCP_ISSUES, /* TCP issues such as connection failed, probing or scan */ + /* Leave this as last member */ NDPI_MAX_RISK /* must be <= 63 due to (**) */ } ndpi_risk_enum; @@ -724,10 +725,9 @@ struct ndpi_flow_tcp_struct { u_int32_t postgres_stage:3; /* Part of the TCP header. */ - u_int32_t seen_syn:1; - u_int32_t seen_syn_ack:1; - u_int32_t seen_ack:1; - + u_int32_t seen_syn:1, seen_syn_ack:1, seen_ack:1, __notused:29; + u_int8_t cli2srv_tcp_flags, srv2cli_tcp_flags; + /* NDPI_PROTOCOL_ICECAST */ u_int32_t icecast_stage:1; @@ -1525,7 +1525,8 @@ struct ndpi_flow_struct { /* Only packets with L5 data (ie no TCP SYN, pure ACKs, ...) */ u_int16_t packet_counter; // can be 0 - 65000 u_int16_t packet_direction_counter[2]; - + u_int16_t all_packets_counter; /* All packets even those without payload */ + /* Every packets */ u_int16_t packet_direction_complete_counter[2]; // can be 0 - 65000 -- cgit v1.2.3