| Commit message (Collapse) | Author | Age |
|---|
| ... | |
| |
|
|
|
|
|
|
|
| |
* fixed invalid flow event schema type
* added run_tests.sh to generate/diff JSON dumps
* renamed lot's of vars/fns in nDPId.c/nDPIsrvd.c, so nDPId-test.c can include "*.c"
* improved CMake dependency checks
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
| |
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
| |
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
|
|
|
| |
* Install targets updated.
* Removed nDPIsrvd.h token validation function (done automatically by token_get).
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
|
|
| |
* Added collectd example config and types.db
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
| |
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
| |
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
| |
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
|
|
|
|
|
|
| |
examples/c-captured/c-captured.c
* `make install` C examples
* examples/py-flow-info/flow-info.py supports filtering
* added breed to examples/py-flow-info/flow-info.py
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
| |
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
|
|
| |
* Fixed memory holes in nDPId structs.
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
|
|
|
|
|
| |
* nDPId supports looading of custom nDPI protocol/category files
* extended JSON schemas according to nDPI / nDPId JSON serializing
* removed memory holes in nDPId
* extended examples/c-captured
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
|
|
| |
* Make use of flow id / alias / source which is required for future use cases where multiple nDPId instances (same / different machines) feed one nDPIsrvd.
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
| |
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
| |
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
|
|
|
|
|
| |
* Simplified Python interface as well.
* c-captured and flow-undetected-to-pcap.py produce similiar results
* Removed overloaded nDPIsrvd.py event structures.
* flow-info.py prints (with a color-hash) additional information e.g. alias/source and midstream
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
|
|
| |
header definitions from libc instead.
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
|
|
|
|
| |
* nDPIsrvd.h does flow mgmt out of the box
* dissect received JSON strings via callback
* added new JSON key/values for packet-flows (usecTimestamp/L3/L4 info)
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
|
|
|
|
|
| |
to also increase NETWORK_BUFFER_LENGTH_DIGITS to 5.
* Fixed ARM32 xcompile warnings; Other GCC versions, other uint64_t's..
* Replaced ridiculous nDPIsrvd_JSON_BYTES with NETWORK_BUFFER_LENGTH_DIGITS.
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
information).
* Making Compare&Fetch mandatory.
* Added some more Compare&Fetch to prevent TSAN complaining about data races.
Fixed possible but more ore less harmless data races during shutdown process.
* Shrink SIGNAL handler to a minimum. SYSV Signal handling and MT-safety is awkward.
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
|
|
| |
* instance alias is now mandatory (will be required for future use-cases)
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
| |
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
| |
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
| |
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
|
|
| |
* fixed incorrect handling of skipped flows
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
|
|
| |
capacity reached).
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
|
|
|
|
| |
* only IPv4 supported for now
* refactored nDPId's internal IP address storage
* use fresh ndpi_free_flow_data() to free nDPI's dynamic allocated data
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
|
|
|
|
| |
Two reasons:
* reduce heap memory allocations
* nDPId flow info struct may be inflated in the future (more bytes to compress)
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
|
|
| |
* serialize and send datalink layer type
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
|
|
|
|
|
| |
Switching back to blocking mode works as a quick fix but is not sufficient.
See comments.
* nDPId prints more accurate error messages if command line argument validation failed
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
|
|
| |
* increased nDPId_MAX_READER_THREADS to 32
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
| |
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
|
|
| |
* aims to be re-usable for many different apps and use-cases
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |\ |
|
| |
|
|
|
| |
git-subtree-dir: dependencies/uthash
git-subtree-split: 8e67ced1d1c5bd8141c542a22630e6de78aa6b90
|
| |
|
|
|
|
| |
* Added UNIX socket support for nDPIsrvd.h (and c-captured)
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
|
|
| |
* New Makefile target: mocksrvd, fake nDPIsrvd instamce
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
needs further testing..)
* Added pcap diff script
* Added \n to JSON string end (useful for debugging and readability)
* Use first host/server name character for hash calculation as well
* Removed error'ing EPOLLHUP handling in nDPIsrvd (connection closing will be detected via read())
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
| |
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
|
|
|
| |
* added .gitignore to prevent SCM check-ins of unwanted files
* fixed invalid include path for python examples
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
|
|
|
|
|
| |
pkg-config based projects.
* added lua as new dependency for examples/c-captured
* improved `make help' print
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
| |
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
| |
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |\
| |
| |
| |
| |
| | |
git-subtree-dir: dependencies/jsmn
git-subtree-mainline: f79991d70c66040426cb2c59876d0c48f80fdfe6
git-subtree-split: 053d3cd29200edb1bfd181d917d140c16c1f8834
|
| | |\
| | |
| | | |
jsmn: declare struct names to allow forward decls
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Both `jsmntok_t` and `jsmn_parser` are declared as anonymous structures
that are typedeffed to their actual name. This forces all downstream
users of jsmn to always use the typedef name, instead of using e.g.
`struct jsmn_parser`. While this might be considered a matter of taste,
using typedefs only has the technical downside of disallowing forward
declarations. E.g. if a dependent whishes to declare a pointer to
`jsmntok_t` without actually pulling in the "jsmn.h" header, then he is
not able to do so because there is no way in C to provide a forward
declaration for typedefs to anonymous structs.
Fix this by providing names for both `jsmntok_t` and `jsmn_parser`
structures.
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
size/signedness (#187)
* fixed gcc/clang warnings regarding implicit numeric to enum type conversion
* fixed unnecessary implicit type casts regarding size and signedness
Co-authored-by: Toni Uhlig <Toni.Uhlig@rohde-schwarz.com>
|
| | |/ |
|
| | |\
| | |
| | | |
Add default case for a switch statement to avoid complaints from the compiler.
|
| | |/
| |
| |
| |
| | |
gcc (and others) like a default case for switch statement,
even if it is empty.
|