From 694bc039e85493786b2ff9049459748f43a0a233 Mon Sep 17 00:00:00 2001 From: William Guglielmo Date: Mon, 29 May 2017 19:09:32 +0200 Subject: Added tinc protocol detection --- src/include/ndpi_protocol_ids.h | 5 +---- src/include/ndpi_protocols.h | 2 ++ src/include/ndpi_typedefs.h | 21 +++++++++++++++++++++ 3 files changed, 24 insertions(+), 4 deletions(-) (limited to 'src/include') diff --git a/src/include/ndpi_protocol_ids.h b/src/include/ndpi_protocol_ids.h index 726736a06..4fce98b14 100644 --- a/src/include/ndpi_protocol_ids.h +++ b/src/include/ndpi_protocol_ids.h @@ -247,10 +247,7 @@ #define NDPI_PROTOCOL_SMPP 207 /* Damir Franusic */ #define NDPI_PROTOCOL_DNSCRYPT 208 - -/* 209 free */ -#define NDPI_PROTOCOL_FREE_209 209 - +#define NDPI_PROTOCOL_TINC 209 /* William Guglielmo */ #define NDPI_PROTOCOL_DEEZER 210 #define NDPI_PROTOCOL_INSTAGRAM 211 /* Andrea Buscarinu */ #define NDPI_PROTOCOL_MICROSOFT 212 diff --git a/src/include/ndpi_protocols.h b/src/include/ndpi_protocols.h index b3b4092b4..c0bce974e 100644 --- a/src/include/ndpi_protocols.h +++ b/src/include/ndpi_protocols.h @@ -196,6 +196,7 @@ void ndpi_search_drda(struct ndpi_detection_module_struct *ndpi_struct, struct n void ndpi_search_bjnp(struct ndpi_detection_module_struct *ndpi_struct, struct ndpi_flow_struct *flow); void ndpi_search_kxun(struct ndpi_detection_module_struct *ndpi_struct, struct ndpi_flow_struct *flow); void ndpi_search_smpp(struct ndpi_detection_module_struct *ndpi_struct, struct ndpi_flow_struct *flow); +void ndpi_search_tinc(struct ndpi_detection_module_struct *ndpi_struct, struct ndpi_flow_struct *flow); /* --- INIT FUNCTIONS --- */ void init_afp_dissector(struct ndpi_detection_module_struct *ndpi_struct, u_int32_t *id, NDPI_PROTOCOL_BITMASK *detection_bitmask); void init_aimini_dissector(struct ndpi_detection_module_struct *ndpi_struct, u_int32_t *id, NDPI_PROTOCOL_BITMASK *detection_bitmask); @@ -339,4 +340,5 @@ void init_drda_dissector(struct ndpi_detection_module_struct *ndpi_struct, u_int void init_bjnp_dissector(struct ndpi_detection_module_struct *ndpi_struct, u_int32_t *id, NDPI_PROTOCOL_BITMASK *detection_bitmask); void init_kxun_dissector(struct ndpi_detection_module_struct *ndpi_struct, u_int32_t *id, NDPI_PROTOCOL_BITMASK *detection_bitmask); void init_smpp_dissector(struct ndpi_detection_module_struct *ndpi_struct, u_int32_t *id, NDPI_PROTOCOL_BITMASK *detection_bitmask); +void init_tinc_dissector(struct ndpi_detection_module_struct *ndpi_struct, u_int32_t *id, NDPI_PROTOCOL_BITMASK *detection_bitmask); #endif /* __NDPI_PROTOCOLS_H__ */ diff --git a/src/include/ndpi_typedefs.h b/src/include/ndpi_typedefs.h index e1fbeb71c..906268b62 100644 --- a/src/include/ndpi_typedefs.h +++ b/src/include/ndpi_typedefs.h @@ -25,6 +25,7 @@ #define __NDPI_TYPEDEFS_H__ #include "ndpi_define.h" +#include "../lib/third_party/include/libcache.h" #define BT_ANNOUNCE #define SNAP_EXT @@ -330,6 +331,18 @@ struct bt_announce { // 192 bytes }; #endif +#ifdef NDPI_PROTOCOL_TINC + +#define TINC_CACHE_MAX_SIZE 100 + +typedef struct { + u_int32_t src_address; + u_int32_t dst_address; + u_int16_t dst_port; +} tinc_cache_entry_t; + +#endif + typedef enum { HTTP_METHOD_UNKNOWN = 0, HTTP_METHOD_OPTIONS, @@ -877,6 +890,9 @@ struct ndpi_detection_module_struct { struct bt_announce *bt_ann; int bt_ann_len; #endif +#endif +#ifdef NDPI_PROTOCOL_TINC + cache_t *tinc_cache; #endif ndpi_proto_defaults_t proto_defaults[NDPI_MAX_SUPPORTED_PROTOCOLS+NDPI_MAX_NUM_CUSTOM_PROTOCOLS]; @@ -1052,6 +1068,11 @@ struct ndpi_flow_struct { u_int8_t ovpn_session_id[8]; u_int8_t ovpn_counter; #endif +#ifdef NDPI_PROTOCOL_TINC + u_int8_t tinc_state; + tinc_cache_entry_t tinc_cache_entry; +#endif + /* internal structures to save functions calls */ struct ndpi_packet_struct packet; -- cgit v1.2.3