aboutsummaryrefslogtreecommitdiff
path: root/nDPId.c
Commit message (Collapse)AuthorAge
...
* Added host_server_name length to hash to send a detection update if length ↵Toni Uhlig2020-09-26
| | | | | | changed (hacky). Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* Added new flow event: FLOW_EVENT_DETECTION_UPDATEToni Uhlig2020-09-25
| | | | | | | * This event will be triggered when nDPI detection has some new information for us (hopefully). * Detection change is based on hashing with 32-bit murmur3 certain members of the ndpi flow struct. Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* Process extra packets with nDPI, still not perfect but results in a more ↵Toni Uhlig2020-09-24
| | | | | | | | | accurate detection. * set default user used for setuid() * added 2 TODOs Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* nDPId: Change user/group after init.Toni Uhlig2020-09-21
| | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* nDPId: Print compiled-in libgcrypt version (if libndpi was compiled with ↵Toni Uhlig2020-08-31
| | | | | | libgcrypt support). Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* nDPId: Improved command line option parsing, app usage and subopts for ↵Toni Uhlig2020-08-26
| | | | | | (carefully) tuning some daemon options. Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* nDPId: subopt parsing skeletonToni Uhlig2020-08-19
| | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* added pkt_type and pkt_ipoffset to json serializationToni Uhlig2020-08-19
| | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* minor improvments regarding flow guessing on flow end/idle and other not ↵Toni Uhlig2020-08-16
| | | | | | worth to mention Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* error handling enhancementsToni Uhlig2020-08-15
| | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* several fixes and improvmentsToni Uhlig2020-08-14
| | | | | | | | - set errno to 0 if it is checked right after a libc call - ignore SIGPIPE as we want to avoid signal handling where possible - fixed another issue in nDPIsrvd/c-json-stdout which caused buffering errors Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* nDPId: removed unused code, process remaining flows on shutdown (useful for ↵Toni Uhlig2020-08-14
| | | | | | replaying pcap files) Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* set detection_completed = 1 if guessed/not-detected event thrownToni Uhlig2020-08-13
| | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* improved TCP-FIN/TCP-RST and TCP-keepalive/-idle timeout handlingToni Uhlig2020-08-13
| | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* replaced deprecated pcap_lookupdev with pcap_findalldevsToni Uhlig2020-08-12
|
* moved PACKET_EVENT_PAYLOAD_FLOW after FLOW_EVENT_NEW (and before ↵Toni Uhlig2020-08-09
| | | | | | FLOW_EVENT_END/IDLE) Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* event consistency: call ndpi_dpi2json only for GUESSED, DETECTED, ↵Toni Uhlig2020-08-08
| | | | | | | | NOT-DETECTED flow events - force generation of GUESSED, NOT-DETECTED events on flow idle/end if detection finished Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* nDPId: do not serialize flow riskm twiceToni Uhlig2020-08-07
| | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* added python flow info script, improved IPv4/IPv6 string conversionToni Uhlig2020-08-06
| | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* added utils module to share some code parts with other appsToni Uhlig2020-08-05
| | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* nDPId daemonize / pidfile support + improved syslog loggingToni Uhlig2020-08-05
| | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* introduced NETWORK_BUFFER_MAX_SIZE to replace BUFSIZ as this might change ↵Toni Uhlig2020-08-04
| | | | | | depending on the arch/libc used Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* print snprintf retval and buffer size if buffer preparation failedToni Uhlig2020-08-04
| | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* clang-formatToni Uhlig2020-08-04
| | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* moved more default config options into config.hToni Uhlig2020-08-04
| | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* merged some pre-processor macros which are used in multiple executablesToni Uhlig2020-08-04
| | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* prefix every generated json string with the length of itself in bytesToni Uhlig2020-08-03
| | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* added %zu format string, so CC won't complain if size types usedToni Uhlig2020-07-16
| | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* serialize flow risk, send information about how much raw pkts are sent to ↵Toni Uhlig2020-07-15
| | | | | | the json endpoint, send also a json thread init complete event Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* added packet based eventsToni Uhlig2020-07-14
| | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* shutdown socket reading end as we just want to send json strings and never ↵Toni Uhlig2020-07-13
| | | | | | read something Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* replaced fprintf with syslog callsToni Uhlig2020-07-11
| | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* removed obsolete DISABLE_JSONIZER modeToni Uhlig2020-07-11
| | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* removed obsolete EXTRA_VERBOSE modeToni Uhlig2020-07-11
| | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* use a string mapping table for event id to name conversionToni Uhlig2020-07-11
| | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* more write after read race conditions fixedToni Uhlig2020-07-10
| | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* fixed some race conditionsToni Uhlig2020-07-10
| | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* compare&fetch for global flow_id counter, set missing variable on new flow, ↵Toni Uhlig2020-07-10
| | | | | | added struct padding for alignment Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* care more about DISABLE_JSONIZERToni Uhlig2020-07-10
| | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* clang-format and set BreakBeforeBraces to AllmanzToni Uhlig2020-07-10
| | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* json formatting/ stringification overhaulToni Uhlig2020-07-10
| | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* send json string to sink, added basic json event serialization fn callToni Uhlig2020-07-09
| | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* renamed: jsonize_basic_event_error -> jsonize_format_errorToni Uhlig2020-07-08
| | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* jsonize_basic_event // jsonize_basic_event_errorToni Uhlig2020-07-07
| | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* send JSON string on a per thread basis to a remote sink, means that no ↵Toni Uhlig2020-07-05
expensive locking required Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
Powered by cgit, Themed by Ted Yin.