| Commit message (Collapse) | Author | Age |
|---|
| ... | |
| |
|
|
|
|
| |
caching/buffering.
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
| |
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
|
|
|
| |
* nDPId: Renamed some of the misleading terms, still TODO for nDPIsrvd
* CMake improvments
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
|
|
| |
nDPId-test: Collect information about JSON string length's.
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
|
|
|
| |
* still allow blocking mode (with send timeout)
* improved daemon start/stop test script
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
|
|
|
|
| |
* fixed linking issue by using CMake to check if explicit link against libm required
* make nDPIsrvd collectd exit if parent pid changed, meaning that collectd died somehow
* nDPId-test restores SIGPIPE to the default handler (termination), so abnormal connection drop's do now have consequences
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
|
|
|
| |
* nDPIsrvd.h: iterate over subtokens
* nDPIsrvd-captured: select/ unselect risky flows to capture
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
|
|
| |
* print a summary
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
|
|
|
| |
* c-collectd gives the user control over collectd-exec instance name
* added missing collectd type `flow_l4_icmp_count`
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
|
|
|
|
|
|
| |
nDPIsrvd-captured supports skipping flows w/o any layer 4 payload.
* libndpi update
* run_tests does not generate any *.out files for fuzz-*.pcap anymore and
does not fail if nDPId-test exits with value 1 (most likely caused by a libpcap failure)
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
| |
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
|
|
|
| |
* generate DAEMON_EVENT_INIT as well as DAEMON_EVENT_SHUTDOWN
* process remaining flows before shutdown (and generate events)
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
re-using most of nDPId/nDPIsrvd core)
* improved Makefile.old install targets
* splitted nDPIsrvd_parse into nDPIsrvd_parse_line and nDPIsrvd_parse_all for the sake of readability
* minor Python script improvments (check for nDPIsrvd.py on multiple locations, may be superseeded by setuptools in the future)
* some paths needs to be absolute (chdir() during daemonize) and therefor additional checks introduced
* test run script checks and fails if certain files are are missing (PCAP file <=> result output file)
* removed not very useful "internal format error" JSON serialization if a BUG for same exists
* fixed invalid l4 type statistics counters for nDPIsrvd-collectd
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
|
|
|
|
|
|
| |
will help to reduce the average memory consumption.
How? After the detection finished, internal ndpi structs can be free'd as they are not needed anymore.
* Set the amount of max. packets to process via subopt.
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
|
|
* fixed invalid flow event schema type
* added run_tests.sh to generate/diff JSON dumps
* renamed lot's of vars/fns in nDPId.c/nDPIsrvd.c, so nDPId-test.c can include "*.c"
* improved CMake dependency checks
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|