From 526cf6f2919398e1c9c5698b1b5783f18ed41fff Mon Sep 17 00:00:00 2001 From: Nardi Ivan Date: Fri, 14 Jun 2024 20:20:58 +0200 Subject: Zoom: remove "stun_zoom" LRU cache Since 070a0908b we are able to detect P2P calls directly from the packet content, without any correlation among flows --- src/lib/protocols/zoom.c | 4 ---- 1 file changed, 4 deletions(-) (limited to 'src/lib/protocols/zoom.c') diff --git a/src/lib/protocols/zoom.c b/src/lib/protocols/zoom.c index 4ec16353f..bb677d4de 100644 --- a/src/lib/protocols/zoom.c +++ b/src/lib/protocols/zoom.c @@ -187,8 +187,6 @@ static void ndpi_search_zoom(struct ndpi_detection_module_struct *ndpi_struct, u_int64_t ip_len, uuid_len; /* Check if it is a Peer-To-Peer call. - We have been identifing such flows using the "stun_zoom" LRU cache; let's - see if we are able to detect them properly via DPI. According to the paper, P2P calls should use "Zoom Media Encapsulation" header without any "Zoom SFU Encapsulation". Looking at the traces, it seems that the packet structure is something like: @@ -198,8 +196,6 @@ static void ndpi_search_zoom(struct ndpi_detection_module_struct *ndpi_struct, * an ip address (as string) * some kind of UUID * 4 bytes as 0x00 at the end - - TODO: if everything will work as expected, we can remove stun_zoom cache */ ip_len = ntohl(*(u_int32_t *)&packet->payload[24]); -- cgit v1.2.3