From fbf30d1aadb8c475f43084a8e71aa77fd203068e Mon Sep 17 00:00:00 2001
From: Luca <deri@ntop.org>
Date: Thu, 29 Sep 2022 18:15:37 +0200
Subject: Fixed invalid unidirectional traffic alert for unidirectional
 protocols (e.g. sFlow)

---
 src/lib/ndpi_main.c | 13 +++++++++++++
 1 file changed, 13 insertions(+)

(limited to 'src')

diff --git a/src/lib/ndpi_main.c b/src/lib/ndpi_main.c
index d515b7918..9871c6a59 100644
--- a/src/lib/ndpi_main.c
+++ b/src/lib/ndpi_main.c
@@ -5654,6 +5654,19 @@ static void ndpi_reconcile_protocols(struct ndpi_detection_module_struct *ndpi_s
     }
     break;
 
+  case NDPI_PROTOCOL_NETFLOW:
+  case NDPI_PROTOCOL_SFLOW:
+  case NDPI_PROTOCOL_RTP:
+  case NDPI_PROTOCOL_COLLECTD:
+    /* Remove NDPI_UNIDIRECTIONAL_TRAFFIC from unidirectional protocols */
+    ndpi_unset_risk(ndpi_str, flow, NDPI_UNIDIRECTIONAL_TRAFFIC);
+    break;
+    
+  case NDPI_PROTOCOL_SYSLOG:
+    if(flow->l4_proto == IPPROTO_UDP)
+      ndpi_unset_risk(ndpi_str, flow, NDPI_UNIDIRECTIONAL_TRAFFIC);    
+    break;
+    
   case NDPI_PROTOCOL_SKYPE_TEAMS:
   case NDPI_PROTOCOL_SKYPE_TEAMS_CALL:
     if(flow->is_ipv6 == 0
-- 
cgit v1.2.3