From 5811a5613b85fe7d0c5b2d23f525b59ee98ec3fc Mon Sep 17 00:00:00 2001 From: Ivan Nardi <12729895+IvanNardi@users.noreply.github.com> Date: Fri, 14 Jul 2023 23:19:30 +0200 Subject: Add a configuration knob to enable/disable loading of gambling list (#2047) --- src/include/ndpi_typedefs.h | 3 ++- src/lib/ndpi_main.c | 9 +++++++-- 2 files changed, 9 insertions(+), 3 deletions(-) (limited to 'src') diff --git a/src/include/ndpi_typedefs.h b/src/include/ndpi_typedefs.h index 91ae93b4e..0b2a879bb 100644 --- a/src/include/ndpi_typedefs.h +++ b/src/include/ndpi_typedefs.h @@ -1196,7 +1196,7 @@ struct ndpi_detection_module_struct { u_int64_t current_ts; u_int16_t max_packets_to_process; u_int16_t num_tls_blocks_to_follow; - u_int8_t skip_tls_blocks_until_change_cipher:1, enable_ja3_plus:1, _notused:6; + u_int8_t skip_tls_blocks_until_change_cipher:1, enable_ja3_plus:1, enable_load_gambling_list:1, _notused:5; u_int8_t tls_certificate_expire_in_x_days; void *user_data; @@ -1744,6 +1744,7 @@ typedef enum { ndpi_enable_tcp_ack_payload_heuristic = (1 << 17), ndpi_dont_load_crawlers_list = (1 << 18), ndpi_dont_load_protonvpn_list = (1 << 19), + ndpi_dont_load_gambling_list = (1 << 20), } ndpi_prefs; typedef struct { diff --git a/src/lib/ndpi_main.c b/src/lib/ndpi_main.c index ca7bdd912..65257593e 100644 --- a/src/lib/ndpi_main.c +++ b/src/lib/ndpi_main.c @@ -941,8 +941,9 @@ static void init_string_based_protocols(struct ndpi_detection_module_struct *ndp for(i = 0; host_match[i].string_to_match != NULL; i++) ndpi_init_protocol_match(ndpi_str, &host_match[i]); - for(i = 0; ndpi_protocol_gambling_hostname_list[i].string_to_match != NULL; i++) - ndpi_init_protocol_match(ndpi_str, &ndpi_protocol_gambling_hostname_list[i]); + if(ndpi_str->enable_load_gambling_list) + for(i = 0; ndpi_protocol_gambling_hostname_list[i].string_to_match != NULL; i++) + ndpi_init_protocol_match(ndpi_str, &ndpi_protocol_gambling_hostname_list[i]); /* ************************ */ @@ -2776,6 +2777,10 @@ struct ndpi_detection_module_struct *ndpi_init_detection_module(ndpi_init_prefs if(prefs & ndpi_enable_ja3_plus) ndpi_str->enable_ja3_plus = 1; + ndpi_str->enable_load_gambling_list = 1; + if(prefs & ndpi_dont_load_gambling_list) + ndpi_str->enable_load_gambling_list = 0; + if(!(prefs & ndpi_dont_init_libgcrypt)) { if(!gcry_control (GCRYCTL_INITIALIZATION_FINISHED_P)) { const char *gcrypt_ver = gcry_check_version(NULL); -- cgit v1.2.3