From fc16c9368e1f5ba93144115d687fd2ce09f50955 Mon Sep 17 00:00:00 2001 From: Luca Deri Date: Sun, 21 Feb 2021 21:33:26 +0100 Subject: Added risky domain flow-risk support --- src/include/ndpi_api.h.in | 10 ++++++++++ src/include/ndpi_typedefs.h | 5 +++-- 2 files changed, 13 insertions(+), 2 deletions(-) (limited to 'src/include') diff --git a/src/include/ndpi_api.h.in b/src/include/ndpi_api.h.in index e701c51d4..8163c0553 100644 --- a/src/include/ndpi_api.h.in +++ b/src/include/ndpi_api.h.in @@ -695,6 +695,16 @@ extern "C" { */ int ndpi_load_categories_file(struct ndpi_detection_module_struct *ndpi_str, const char* path); + /** + * Read a file and load the list of risky domains + * + * @par ndpi_mod = the detection module + * @par path = the path of the file + * @return 0 if the file is loaded correctly; + * -1 else + */ + int ndpi_load_risk_domain_file(struct ndpi_detection_module_struct *ndpi_str, const char* path); + /** * Get the total number of the supported protocols * diff --git a/src/include/ndpi_typedefs.h b/src/include/ndpi_typedefs.h index 3f86ec416..795d78b02 100644 --- a/src/include/ndpi_typedefs.h +++ b/src/include/ndpi_typedefs.h @@ -1094,11 +1094,12 @@ struct ndpi_detection_module_struct { u_int ndpi_num_supported_protocols; u_int ndpi_num_custom_protocols; - /* HTTP/DNS/HTTPS host matching */ + /* HTTP/DNS/HTTPS/QUIC host matching */ ndpi_automa host_automa, /* Used for DNS/HTTPS */ content_automa, /* Used for HTTP subprotocol_detection */ subprotocol_automa, /* Used for HTTP subprotocol_detection */ - bigrams_automa, impossible_bigrams_automa; /* TOR */ + bigrams_automa, impossible_bigrams_automa, /* TOR */ + risky_domain_automa; /* IMPORTANT: please update ndpi_finalize_initalization() whenever you add a new automa */ struct { -- cgit v1.2.3