From ffbce931b981f466bdb82ce8ab757f871997e822 Mon Sep 17 00:00:00 2001
From: Luca Deri <deri@ntop.org>
Date: Fri, 26 Mar 2021 15:53:04 +0100
Subject: Ignore TLD .local .lan and .home in DGA domain check

---
 src/lib/ndpi_main.c | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

(limited to 'src')

diff --git a/src/lib/ndpi_main.c b/src/lib/ndpi_main.c
index 18ad8f5b6..c43fb23a8 100644
--- a/src/lib/ndpi_main.c
+++ b/src/lib/ndpi_main.c
@@ -7318,7 +7318,12 @@ uint8_t ndpi_connection_tracking(struct ndpi_detection_module_struct *ndpi_str,
 
       if((!name)
 	 || (strchr(name, '_') != NULL)
-	 || (endsWith(name, "in-addr.arpa", 12)))
+	 || (endsWith(name, "in-addr.arpa", 12))
+	 /* Ignore TLD .local .lan and .home */
+	 || (endsWith(name, ".local", 6))
+	 || (endsWith(name, ".lan", 4))
+	 || (endsWith(name, ".home", 5))
+	 )
 	return(0);
     
       if(flow && (flow->packet.detected_protocol_stack[1] != NDPI_PROTOCOL_UNKNOWN))
-- 
cgit v1.2.3