Reworked nDPIsrvd.h C-API.

 * nDPIsrvd.h: Provide nDPId thread storage.
 * nDPIsrvd.py: Fixed instance cleanup bug.
 * nDPIsrvd.h: Support for instance/thread user data and cleanup callback.
 * nDPIsrvd.h: Most recent flow time stored in thread ht instead of instance ht.
 * nDPId: Moved flow logger out the memory profilier into SIGUSR1 signal handling.
 * nDPId: Added signal fd to be usable within epoll's event handling (live-capture only!)
 * nDPId: Added information about ZLib compressions to daemon status/shutdown events.

Signed-off-by: Toni Uhlig <matzeton@googlemail.com>

1 files changed, 5 insertions, 5 deletions

diff --git a/test/results/tor.pcap.out b/test/results/tor.pcap.out
index f2a1530fb..edd89f7bd 100644
--- a/test/results/tor.pcap.out
+++ b/test/results/tor.pcap.out
@@ -1,5 +1,5 @@
 00454{"daemon_event_id":1,"daemon_event_name":"init","thread_id":0,"packet_id":0,"source":"tor.pcap","alias":"nDPId-test","max-flows-per-thread":2048,"max-idle-flows-per-thread":64,"tick-resolution":1000,"reader-thread-count":1,"flow-scan-interval":10000,"generic-max-idle-time":600000,"icmp-max-idle-time":120000,"udp-max-idle-time":180000,"tcp-max-idle-time":7560000,"max-packets-per-flow-to-send":3,"max-packets-per-flow-to-process":32,"global_ts_msec":0}
-00461{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":1,"source":"tor.pcap","alias":"nDPId-test","packets-captured":1,"packets-processed":0,"total-skipped-flows":0,"total-l4-data-len":0,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":0,"total-detection-updates":0,"total-updates":0,"current-active-flows":0,"total-active-flows":0,"total-idle-flows":0,"total-events-serialized":2,"global_ts_msec":1383821660212}
+00540{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":1,"source":"tor.pcap","alias":"nDPId-test","packets-captured":1,"packets-processed":0,"total-skipped-flows":0,"total-l4-data-len":0,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":0,"total-detection-updates":0,"total-updates":0,"current-active-flows":0,"total-active-flows":0,"total-idle-flows":0,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2,"global_ts_msec":1383821660212}
 00177{"error_event_id":5,"error_event_name":"Unknown packet type","datalink":1,"packet_id":1,"source":"tor.pcap","alias":"nDPId-test","layer_type":38,"global_ts_msec":1383821660212}
 00331{"packet_event_id":1,"packet_event_name":"packet","packet_id":1,"source":"tor.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":60,"pkt_type":38,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":60,"pkt_l4_len":0,"thread_ts_msec":0,"pkt":"AYDCAAAA\/lQA2EYhACZCQgMAAAAAAIAAUlQAwqwfAAAAAIAAUlQAwqwfgAMAABQAAgAAAAAAAAAAAAAA"}
 00177{"error_event_id":5,"error_event_name":"Unknown packet type","datalink":1,"packet_id":2,"source":"tor.pcap","alias":"nDPId-test","layer_type":38,"global_ts_msec":1383821662212}
@@ -328,7 +328,7 @@
 00346{"packet_event_id":1,"packet_event_name":"packet","packet_id":3752,"source":"tor.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":60,"pkt_type":38,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":60,"pkt_l4_len":0,"thread_ts_msec":1383822255869,"pkt":"AYDCAAAA\/lQA2EYhACZCQgMAAAAAAIAAUlQAwqwfAAAAAIAAUlQAwqwfgAMAABQAAgAAAAAAAAAAAAAA"}
 00180{"error_event_id":5,"error_event_name":"Unknown packet type","datalink":1,"packet_id":3810,"source":"tor.pcap","alias":"nDPId-test","layer_type":38,"global_ts_msec":1383822258212}
 00346{"packet_event_id":1,"packet_event_name":"packet","packet_id":3810,"source":"tor.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":60,"pkt_type":38,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":60,"pkt_l4_len":0,"thread_ts_msec":1383822257040,"pkt":"AYDCAAAA\/lQA2EYhACZCQgMAAAAAAIAAUlQAwqwfAAAAAIAAUlQAwqwfgAMAABQAAgAAAAAAAAAAAAAA"}
-00480{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":3821,"source":"tor.pcap","alias":"nDPId-test","packets-captured":3821,"packets-processed":3664,"total-skipped-flows":0,"total-l4-data-len":2806614,"total-not-detected-flows":0,"total-guessed-flows":1,"total-detected-flows":10,"total-detection-updates":7,"total-updates":1,"current-active-flows":6,"total-active-flows":11,"total-idle-flows":5,"total-events-serialized":331,"global_ts_msec":1383822260212}
+00559{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":3821,"source":"tor.pcap","alias":"nDPId-test","packets-captured":3821,"packets-processed":3664,"total-skipped-flows":0,"total-l4-data-len":2806614,"total-not-detected-flows":0,"total-guessed-flows":1,"total-detected-flows":10,"total-detection-updates":7,"total-updates":1,"current-active-flows":6,"total-active-flows":11,"total-idle-flows":5,"total-compressions":1,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":331,"global_ts_msec":1383822260212}
 00180{"error_event_id":5,"error_event_name":"Unknown packet type","datalink":1,"packet_id":3821,"source":"tor.pcap","alias":"nDPId-test","layer_type":38,"global_ts_msec":1383822260212}
 00346{"packet_event_id":1,"packet_event_name":"packet","packet_id":3821,"source":"tor.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":60,"pkt_type":38,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":60,"pkt_l4_len":0,"thread_ts_msec":1383822259716,"pkt":"AYDCAAAA\/lQA2EYhACZCQgMAAAAAAIAAUlQAwqwfAAAAAIAAUlQAwqwfgAMAABQAAgAAAAAAAAAAAAAA"}
 00180{"error_event_id":5,"error_event_name":"Unknown packet type","datalink":1,"packet_id":3826,"source":"tor.pcap","alias":"nDPId-test","layer_type":38,"global_ts_msec":1383822262211}
@@ -353,7 +353,7 @@
 00810{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3859,"source":"tor.pcap","alias":"nDPId-test","flow_id":10,"flow_state":"finished","flow_packets_processed":29,"flow_first_seen":1383822190886,"flow_last_seen":1383822265123,"flow_idle_time":7440000,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":1460,"flow_tot_l4_payload_len":8029,"flow_avg_l4_payload_len":276,"midstream":0,"thread_ts_msec":1383822274144,"l3_proto":"ip4","src_ip":"192.168.1.252","dst_ip":"62.210.137.230","src_port":51185,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"7": {"risk":"Obsolete TLS Version (1.1 or older)","severity":"High","risk_score": {"total":510,"client":455,"server":55}}},"confidence": {"4":"DPI"},"proto":"TLS","breed":"Safe","category":"Web"}}
 00809{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3859,"source":"tor.pcap","alias":"nDPId-test","flow_id":7,"flow_state":"finished","flow_packets_processed":32,"flow_first_seen":1383822129889,"flow_last_seen":1383822265160,"flow_idle_time":7440000,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":1460,"flow_tot_l4_payload_len":8625,"flow_avg_l4_payload_len":269,"midstream":0,"thread_ts_msec":1383822274144,"l3_proto":"ip4","src_ip":"192.168.1.252","dst_ip":"212.83.155.250","src_port":51174,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"7": {"risk":"Obsolete TLS Version (1.1 or older)","severity":"High","risk_score": {"total":510,"client":455,"server":55}}},"confidence": {"4":"DPI"},"proto":"TLS","breed":"Safe","category":"Web"}}
 00812{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3859,"source":"tor.pcap","alias":"nDPId-test","flow_id":9,"flow_state":"finished","flow_packets_processed":1826,"flow_first_seen":1383822130889,"flow_last_seen":1383822265215,"flow_idle_time":7440000,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":1460,"flow_tot_l4_payload_len":1411596,"flow_avg_l4_payload_len":773,"midstream":0,"thread_ts_msec":1383822274144,"l3_proto":"ip4","src_ip":"192.168.1.252","dst_ip":"38.229.70.53","src_port":51176,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"7": {"risk":"Obsolete TLS Version (1.1 or older)","severity":"High","risk_score": {"total":510,"client":455,"server":55}}},"confidence": {"4":"DPI"},"proto":"TLS","breed":"Safe","category":"Web"}}
-00483{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":3859,"source":"tor.pcap","alias":"nDPId-test","packets-captured":3859,"packets-processed":3694,"total-skipped-flows":0,"total-l4-data-len":2811958,"total-not-detected-flows":0,"total-guessed-flows":1,"total-detected-flows":10,"total-detection-updates":7,"total-updates":1,"current-active-flows":0,"total-active-flows":11,"total-idle-flows":11,"total-events-serialized":356,"global_ts_msec":1383822276211}
+00562{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":3859,"source":"tor.pcap","alias":"nDPId-test","packets-captured":3859,"packets-processed":3694,"total-skipped-flows":0,"total-l4-data-len":2811958,"total-not-detected-flows":0,"total-guessed-flows":1,"total-detected-flows":10,"total-detection-updates":7,"total-updates":1,"current-active-flows":0,"total-active-flows":11,"total-idle-flows":11,"total-compressions":1,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":356,"global_ts_msec":1383822276211}
 ~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~
 ~~ packets captured/processed: 3859/3694
 ~~ skipped flows.............: 0
@@ -362,8 +362,8 @@
 ~~ total active/idle flows...: 11/11
 ~~ total timeout flows.......: 0
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-~~ total memory allocated....: 4811059 bytes
-~~ total memory freed........: 4811059 bytes
+~~ total memory allocated....: 4811083 bytes
+~~ total memory freed........: 4811083 bytes
 ~~ total allocations/frees...: 104890/104890
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 ~~ json string min len.......: 182 chars