From 81e1ea545ca465cda064e7cc80333fe7f0ef2aff Mon Sep 17 00:00:00 2001 From: Ivan Nardi <12729895+IvanNardi@users.noreply.github.com> Date: Sat, 3 Dec 2022 12:07:32 +0100 Subject: Make LRU caches ipv6 aware (#1810) Simplest solution, keeping the existing cache data structure TLS certificate cache is used for DTLS traffic, too. Note that Ookla cache already works with ipv6 flows. TODO: * make the key/hashing more robust (extending the key size?) * update bittorrent cache too. That task is quite difficult because ntopng uses a public function (`ndpi_guess_undetected_protocol()`) intrinsically ipv4 only... --- src/lib/protocols/stun.c | 19 ++++++++++++------- 1 file changed, 12 insertions(+), 7 deletions(-) (limited to 'src/lib/protocols/stun.c') diff --git a/src/lib/protocols/stun.c b/src/lib/protocols/stun.c index d60270ecc..a06612b28 100644 --- a/src/lib/protocols/stun.c +++ b/src/lib/protocols/stun.c @@ -37,10 +37,17 @@ /* ************************************************************ */ u_int32_t get_stun_lru_key(struct ndpi_flow_struct *flow, u_int8_t rev) { - if(rev) - return(ntohl(flow->s_address.v4) + ntohs(flow->s_port)); - else - return(ntohl(flow->c_address.v4) + ntohs(flow->c_port)); + if(rev) { + if(flow->is_ipv6) + return ndpi_quick_hash(flow->s_address.v6, 16) + ntohs(flow->s_port); + else + return ntohl(flow->s_address.v4) + ntohs(flow->s_port); + } else { + if(flow->is_ipv6) + return ndpi_quick_hash(flow->c_address.v6, 16) + ntohs(flow->c_port); + else + return ntohl(flow->c_address.v4) + ntohs(flow->c_port); + } } /* ************************************************************ */ @@ -48,7 +55,6 @@ u_int32_t get_stun_lru_key(struct ndpi_flow_struct *flow, u_int8_t rev) { static void ndpi_int_stun_add_connection(struct ndpi_detection_module_struct *ndpi_struct, struct ndpi_flow_struct *flow, u_int app_proto) { - struct ndpi_packet_struct *packet = &ndpi_struct->packet; ndpi_confidence_t confidence = NDPI_CONFIDENCE_DPI; if(app_proto == NDPI_PROTOCOL_UNKNOWN) { @@ -59,7 +65,6 @@ static void ndpi_int_stun_add_connection(struct ndpi_detection_module_struct *nd } if(ndpi_struct->stun_cache - && packet->iph && (app_proto != NDPI_PROTOCOL_UNKNOWN) ) /* Cache flow sender info */ { u_int32_t key = get_stun_lru_key(flow, 0); @@ -182,7 +187,7 @@ static ndpi_int_stun_t ndpi_int_check_stun(struct ndpi_detection_module_struct * return(NDPI_IS_NOT_STUN); } - if(ndpi_struct->stun_cache && packet->iph) { /* TODO: ipv6 */ + if(ndpi_struct->stun_cache) { u_int16_t proto; u_int32_t key = get_stun_lru_key(flow, 0); int rc = ndpi_lru_find_cache(ndpi_struct->stun_cache, key, &proto, -- cgit v1.2.3