From 50f4049b58b9d04a403ba7570935f887aef937db Mon Sep 17 00:00:00 2001 From: Luca Deri Date: Fri, 29 Jan 2021 16:38:43 +0100 Subject: Improved wireguard dissection --- src/lib/protocols/wireguard.c | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'src/lib/protocols/wireguard.c') diff --git a/src/lib/protocols/wireguard.c b/src/lib/protocols/wireguard.c index 902113bf4..b2cc4287c 100644 --- a/src/lib/protocols/wireguard.c +++ b/src/lib/protocols/wireguard.c @@ -138,6 +138,11 @@ void ndpi_search_wireguard(struct ndpi_detection_module_struct * against the appropriate index for a match (stage 5). */ u_int32_t receiver_index = get_u_int32_t(payload, 4); + + /* We speculate this is wireguard, so let's remember it */ + if(flow->guessed_host_protocol_id == NDPI_PROTOCOL_UNKNOWN) + flow->guessed_host_protocol_id = NDPI_PROTOCOL_WIREGUARD; + if (flow->l4.udp.wireguard_stage == 0) { flow->l4.udp.wireguard_stage = 3 + packet->packet_direction; flow->l4.udp.wireguard_peer_index[packet->packet_direction] = receiver_index; -- cgit v1.2.3