| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
This will only affect flows with the state `FT_FINISHED' (detection done).
* nDPIsrvd.py: force use of JSON schema Draft 7 validator
* flow-dash.py: gather/use total processed layer4 payload size
* flow-info.py: added additional event filter
* flow-info.py: prettified flow events printing whose detection is in progress
* py-semantic-validation.py: added validation checks for FT_FINISHED
* updated flow event JSON schema
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
|
|
|
|
|
| |
* fixed GitLab pipeline
* nDPId: added static assert (just for a test)
* nDPId: memory profiling for total bytes compressed
* nDPId-test: enable zLib compression if configured with ENABLE_ZLIB
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
|
|
|
|
|
| |
* bump libnDPI to c53c82d4823b5a8f856d1375155ac5112b68e8af
* run_tests.sh: improved execution from non-git directories e.g. via `make dist`
* updated JSON schema to be more restrictive
* nDPId: splitted generic get_ip_from_sockaddr into IPv4/IPv6 to prevent compiler warnings on some platforms
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
|
|
|
|
| |
client disconnected.
* README.md: Fixed a typ0 and added a meh image from examples/py-flow-dashboard/flow-dash.py
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
|
|
|
| |
* Fixed invalid array subscript typ0 (caused some trouble..)
* bump libnDPI to 2cd0479204301c50c6149706fcd4df3058b2a8cc
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
| |
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
|
|
|
| |
* TCP timeout after FIN/RST: switched back to the value from a35fc1d5ea8570609cc0c8cf6edadc81f8f5bb76
* py-flow-info: reset 'guessed' flag after detection/detection-update received
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- nDPId: fixed invalid IP4/IP6 tuple compare
- nDPIsrvd: fixed caching issue (finally)
- added tiny c example (can be used to check flow manager sanity)
- c-captured: use flow_last_seen timestamp from `struct nDPIsrvd_flow`
- README.md update: added example JSON sequence
- nDPId: added new flow event `update` necessary for correct
timeout handling (and other future use-cases)
- nDPIsrvd.h and nDPIsrvd.py: switched to an instance
(consists of an alias/source tuple) based flow manager
- every flow related event **must** now serialize `alias`, `source`,
`flow_id`, `flow_last_seen` and `flow_idle_time` to make the timeout
handling and verification process work correctly
- nDPIsrvd.h: ability to profile any dynamic memory (de-)allocation
- nDPIsrvd.py: removed PcapPacket class (unused)
- py-flow-dashboard and py-flow-multiprocess: fixed race condition
- py-flow-info: print statusbar with probably useful information
- nDPId/nDPIsrvd.h: switched from packet-flow only timestamps (`pkt_*sec`)
to a generic flow event timestamp `ts_msec`
- nDPId-test: added additional checks
- nDPId: increased ICMP flow timeout
- nDPId: using event based i/o if capturing packets from a device
- nDPIsrvd: fixed memory leak on shutdown if remote descriptors
were still connected
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
|
|
| |
c-captured anyway.
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
| |
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
|
|
| |
* Fixed MemoryProfiler stack overflow.
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
|
|
|
|
| |
* nDPId-test: disable #include <syslog.h> if NO_MAIN macro defined
* nDPId-test: mock syslog flags and functions
* gitlab-ci: force -Werror
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
|
|
| |
caching/buffering.
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
| |
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
| |
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
| |
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
| |
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
|
|
|
|
|
|
| |
* After the first packet was processed, "flow_last_seen" was still 0.
This behaviour is invalid as the first packet may contain l4 payload data e.g. for UDP
and it also breaks nDPId json consistency "flow_first_seen" > 0, but "flow_last_seen" == 0.
* JSON schema: set minimum timestamp value for Epoch timestamps to 24710 for flow_*_seen and
1 for pcap packet ts. Those values are dependant on some manipulated pcap's in libnDPI/tests/pcap.
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
| |
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
| |
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
| |
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
|
|
|
| |
* CPack support for debian packages
* Use CPack version string for nDPId
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
| |
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
| |
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
| |
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
| |
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
|
|
|
| |
* nDPId: Renamed some of the misleading terms, still TODO for nDPIsrvd
* CMake improvments
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
bf15263 Fix a "bug" in the example where option 3 interfered with option 1's counter.
b6e24ef Use `malloc(sizeof *s)` in example code.
a109c6b Stop using `gets` in example.c.
c85c9e1 fix: fix utstack example's compiling error
86e6776 Replace *.github.com urls with *.github.io (#227)
e493aa9 Bump version to 2.3.0.
ae2ac52 Fix README.md to display the *actual* TravisCI status.
134e241 Silence -Wswitch-default warnings, and add it to the TravisCI config.
62fefa6 Fix some typos in userguide.txt, and re-remove spaces in macro definitions.
37d2021 tests: add whitespaces to example code
524ca1a doc: add whitespaces to documentation
0f6c619 Fix a typo in the documentation for HASH_COUNT. NFC.
388134a Rename uthash_memcmp to HASH_KEYCMP, step 3.
053bed1 Eliminate HASH_FCN; change the handling of HASH_FUNCTION to match HASH_KEYCMP.
f0e1bd9 Refactor test93.c to avoid scan-build warnings.
45af88c Remove two dead writes in tests, to silence scan-build warnings.
66e2668 Bump version to 2.2.0.
973bd67 uthash.h: Swap multiplicands to put the widest ones first.
15ad042 Always include <stdint.h>, unless HASH_NO_STDINT is defined by the user.
6b4768b Rename uthash_memcmp to HASH_KEYCMP, step 2.
e64c7f0 Update tests/README to describe the most recently added tests. NFC.
c62796c HASH_CLEAR after some tests, to eliminate "memory leak" warnings.
7f0aadb Support spaces in $exe path
0831d9a uthash.h: fix compiler warning -Wcast-qual
ba2fbfd utarray.h: preserve constness in utarray_str_cpy
git-subtree-dir: dependencies/uthash
git-subtree-split: bf15263081be6229be31addd48566df93921cb46
|
| |\ \ |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
1aa2e8f Update README.md (#203)
b85f161 Update README.md (#213)
23f13d2 Merge pull request #108 from olmokramer/patch-1
git-subtree-dir: dependencies/jsmn
git-subtree-split: 1aa2e8f80849c983466b165d53542da9b1bd1b32
|
| | | |
| | |
| | |
| | |
| | |
| | | |
nDPId-test: Collect information about JSON string length's.
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| | | |
| | |
| | |
| | |
| | |
| | | |
too early from epoll queue (EPOLLOUT).
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
* still allow blocking mode (with send timeout)
* improved daemon start/stop test script
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* fixed linking issue by using CMake to check if explicit link against libm required
* make nDPIsrvd collectd exit if parent pid changed, meaning that collectd died somehow
* nDPId-test restores SIGPIPE to the default handler (termination), so abnormal connection drop's do now have consequences
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
* nDPIsrvd.h: iterate over subtokens
* nDPIsrvd-captured: select/ unselect risky flows to capture
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
* w/o zLib
* gcrypt requires to be enabled
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| | | |
| | |
| | |
| | |
| | |
| | | |
* print a summary
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* more structs are now "compressable"
* fixed missing DAEMON_RECONNECT event
* improved memory profiler
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
Please use this feature only for testing purposes.
It will change or be removed in the future.
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
(BUILD_NDPI=ON).
* for xcompile targets e.g. for OpenWrt, this env vars are already set
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| | | |
| | |
| | |
| | |
| | |
| | | |
* added a CMake warning as well
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| | | |
| | |
| | |
| | |
| | |
| | | |
dist` archive.
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|