aboutsummaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
...
* py-flow-info: Print BasicEvents.Toni Uhlig2020-10-12
| | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* nDPId/nDPIsrvd: change_user_group does now chown/chmod collector/distributor ↵Toni Uhlig2020-10-07
| | | | | | socket paths Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* Travi CIToni Uhlig2020-10-06
| | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* nDPId: Fixed BUG if flow was guessed but "Unknown" detected protocol serialized.Toni Uhlig2020-10-01
| | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* Improved python event validation with focus on readability.Toni Uhlig2020-09-30
| | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* Centralized some python code parts to make future modifications easier.Toni Uhlig2020-09-29
| | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* nDPIsrvd: Added very important warning and use UDS now by default.Toni Uhlig2020-09-29
| | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* Updated README.md ASCII architecture.Toni Uhlig2020-09-29
| | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* nDPIsrvd: Improved UDS related code parts.Toni Uhlig2020-09-29
| | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* Added additional datalink header check for DLT_NULL/IPv6.Toni Uhlig2020-09-28
| | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* Added alias support for an nDPId instance.Toni Uhlig2020-09-27
| | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* Added daemon events.Toni Uhlig2020-09-27
| | | | | | * Added missing IPv4 / IPv6 datalink layer (if no layer2 protocol used). Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* Improved event parsing for Python scripts.Toni Uhlig2020-09-26
| | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* Added event validation functions and fixed Python scripts.Toni Uhlig2020-09-26
| | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* Use --squash for git subtree pull.Toni Uhlig2020-09-26
| | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* Centralized EventName validation and moved code parts.Toni Uhlig2020-09-26
| | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* Removed DISABLE_JSMN define for c-json-stdout (built-in per default).Toni Uhlig2020-09-26
| | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* Added shell script to update/pull JSMN.Toni Uhlig2020-09-26
| | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* Merge commit 'e8af059ab3deb2a49e75c20ddcaf14ee19bcc223' as 'contrib/jsmn'Toni Uhlig2020-09-26
|\
| * Squashed 'contrib/jsmn/' content from commit 053d3cdToni Uhlig2020-09-26
| | | | | git-subtree-dir: contrib/jsmn git-subtree-split: 053d3cd29200edb1bfd181d917d140c16c1f8834
* Removed examples/c-json-stdout/jsmn as it's new location will be ↵Toni Uhlig2020-09-26
| | | | | | contrib/jsmn, soon. Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* Added host_server_name length to hash to send a detection update if length ↵Toni Uhlig2020-09-26
| | | | | | changed (hacky). Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* Added new flow event: FLOW_EVENT_DETECTION_UPDATEToni Uhlig2020-09-25
| | | | | | | * This event will be triggered when nDPI detection has some new information for us (hopefully). * Detection change is based on hashing with 32-bit murmur3 certain members of the ndpi flow struct. Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* Process extra packets with nDPI, still not perfect but results in a more ↵Toni Uhlig2020-09-24
| | | | | | | | | accurate detection. * set default user used for setuid() * added 2 TODOs Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* nDPId: Change user/group after init.Toni Uhlig2020-09-21
| | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* nDPIsrvd: Use of an anonymous enum for collector/distributor socket types ↵Toni Uhlig2020-09-07
| | | | | | fits best. Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* nDPIsrvd: Change user/group, allow listening on UNIX socket for incoming ↵Toni Uhlig2020-09-05
| | | | | | distributor connections Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* go-dashboard: Print unmarshalled JSON string in a textbox.Toni Uhlig2020-09-03
| | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* go-dashboard: Added event structs and JSON unmarshal semantic.Toni Uhlig2020-09-02
| | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* go-dashboard: go mod/vendor support + termdash text user interfaceToni Uhlig2020-09-01
| | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* nDPId: Print compiled-in libgcrypt version (if libndpi was compiled with ↵Toni Uhlig2020-08-31
| | | | | | libgcrypt support). Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* Added golang JSON deserializer example.Toni Uhlig2020-08-31
| | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* Increased network buffer size from 8448 to 9216 with the hope that it might ↵Toni Uhlig2020-08-27
| | | | | | be finally enough. Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* nDPId: Improved command line option parsing, app usage and subopts for ↵Toni Uhlig2020-08-26
| | | | | | (carefully) tuning some daemon options. Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* Makefile: Allow pkg-config based builds and also allow setting libndpi build ↵Toni Uhlig2020-08-24
| | | | | | options manually. Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* risky-flow-to-pcap.py: dump the first few packets of a "risky" flow to a ↵Toni Uhlig2020-08-23
| | | | | | PCAP file Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* nDPId: subopt parsing skeletonToni Uhlig2020-08-19
| | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* nDPIsrvd.py: improved PCAP writing for guessed/undetected flows (ignore ↵Toni Uhlig2020-08-19
| | | | | | empty UDP/TCP packets) Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* added pkt_type and pkt_ipoffset to json serializationToni Uhlig2020-08-19
| | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* nDPIsrvd: add command line option for distributor listen host/portToni Uhlig2020-08-18
| | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* merged code to reduce code duplicatesToni Uhlig2020-08-18
| | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* nDPIsrvd: log ip:port for distributor connection failsToni Uhlig2020-08-17
| | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* added nDPIsrvd communication/utils python moduleToni Uhlig2020-08-16
| | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* minor improvments regarding flow guessing on flow end/idle and other not ↵Toni Uhlig2020-08-16
| | | | | | worth to mention Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* yet another README.md updateToni Uhlig2020-08-15
| | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* error handling enhancementsToni Uhlig2020-08-15
| | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* README.md updateToni Uhlig2020-08-15
| | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* nDPIsrvd: fixed another two bugs; one related to EPOLLIN event for fd with ↵Toni Uhlig2020-08-15
| | | | | | shutdown reading end, one if write() did not write all bytes Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* adjust some config valuesToni Uhlig2020-08-15
| | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* several fixes and improvmentsToni Uhlig2020-08-14
| | | | | | | | - set errno to 0 if it is checked right after a libc call - ignore SIGPIPE as we want to avoid signal handling where possible - fixed another issue in nDPIsrvd/c-json-stdout which caused buffering errors Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
Powered by cgit, Themed by Ted Yin.