From a970998f5134fceb87290f4dc74f8893d2d52c0f Mon Sep 17 00:00:00 2001 From: funesca <100843515+funesca@users.noreply.github.com> Date: Thu, 15 May 2025 08:28:35 +0200 Subject: added raw tcp fingerprint to json (#2812) * added raw tcp fingerprint to json * removed unnecessary change * fixed key for json * added configuration option for raw tcp fingerprint * fixed typos --- src/lib/ndpi_main.c | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'src/lib/ndpi_main.c') diff --git a/src/lib/ndpi_main.c b/src/lib/ndpi_main.c index 0cc57e19b..6d9e65f2a 100644 --- a/src/lib/ndpi_main.c +++ b/src/lib/ndpi_main.c @@ -6883,6 +6883,9 @@ void ndpi_free_flow_data(struct ndpi_flow_struct* flow) { if(flow->tcp.fingerprint) ndpi_free(flow->tcp.fingerprint); + if(flow->tcp.fingerprint_raw) + ndpi_free(flow->tcp.fingerprint_raw); + if(flow->http.url) ndpi_free(flow->http.url); @@ -7237,6 +7240,9 @@ static int ndpi_init_packet(struct ndpi_detection_module_struct *ndpi_str, flow->tcp.fingerprint = ndpi_strdup(fingerprint), flow->tcp.os_hint = ndpi_os_unknown; + if(ndpi_str->cfg.tcp_fingerprint_raw_enabled) + flow->tcp.fingerprint_raw = ndpi_strdup(options_fp); + if(ndpi_str->tcp_fingerprint_hashmap != NULL) { u_int16_t ret; @@ -12018,6 +12024,7 @@ static const struct cfg_param { { NULL, "fpc", "1", NULL, NULL, CFG_PARAM_ENABLE_DISABLE, __OFF(fpc_enabled), NULL }, { NULL, "metadata.tcp_fingerprint", "enable", NULL, NULL, CFG_PARAM_ENABLE_DISABLE, __OFF(tcp_fingerprint_enabled), NULL }, + { NULL, "metadata.tcp_fingerprint_raw", "disable", NULL, NULL, CFG_PARAM_ENABLE_DISABLE, __OFF(tcp_fingerprint_raw_enabled), NULL }, { NULL, "flow_risk_lists.load", "1", NULL, NULL, CFG_PARAM_ENABLE_DISABLE, __OFF(flow_risk_lists_enabled), NULL }, -- cgit v1.2.3