| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
|
|
| |
* fix API issue with a changed function signature
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
|
|
|
|
|
|
| |
Initial tunnel decoding (GRE - Layer4 only atm). Fixes #53
* make finally use of the thread distribution seed
* Handle GRE/PPP subprotocol the right way
* Add `-t` command line / config option
* Removed duplicated and obsolete IP{4,6}_SIZE_SMALLER_THAN_HEADER which is the same as IP{4,6}_PACKET_TOO_SHORT
* Updated error event schema
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
|
|
|
| |
* set max dots per line to improve CI output
* commented `flow_risk.crawler_bot.list.load` out
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
|
|
| |
* incorporated upstream changes
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
| |
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
| |
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
| |
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
|
|
|
|
|
|
| |
* set minimum nDPI version to 4.12.0 (incompatible API changes)
* fixed `ndpi_debug_printf()` function signature
* JSON schema (flow): added risk `56`: "Obfuscated Traffic"
* JSON schema (flow): added "domainame"
* fixed OpenWrt build
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
| |
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
| |
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
| |
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
|
|
|
|
|
| |
* replaced dumb `dumb_fuzzer.sh`
* fixed nDPId NULL pointer deref found by fuzzer
* nDPI: `--enable-debug-build` and `--enable-debug-messages` for non release builds
* nDPI: do not force `log.level` to `3` anymore, use config value instead
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
|
|
| |
* redirect `run_tests.sh` stderr to filename which prepends config name
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
|
|
|
|
| |
* support for adding *.ndpiconf for nDPI config tests
* all other configs should have the suffix *.conf
* fixed nDPI malloc/free wrapper set (was already too late set)
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
|
|
| |
* nDPId-test may now make use of an optional config file as cmd arg
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
|
|
| |
* 1.7-release
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
|
|
| |
flow events. Fixes #39.
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
| |
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| | |
|
| |
|
|
|
|
|
|
| |
* added new CMake option `ENABLE_MEMORY_STATUS` to restore the old behavior
(and increase performance)
* splitted `ENABLE_MEMORY_PROFILING` into `ENABLE_MEMORY_STATUS` and `ENABLE_MEMORY_PROFILING`
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
|
|
| |
* fixed `git format` hash length
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
|
|
| |
* fixed "unused function" warning in `ndpi_bitmap64_fuse.c`
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
|
|
| |
* fixed "unused function" warning in `roaring.h`
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
|
|
| |
* fixed "unused function" warning in `gcrypt_light.c`
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
|
|
| |
* incorporated API changes from 41eef9246c6a3055e3876e3dd7aeaadecb4b76c0
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
| |
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
|
|
|
|
| |
* required for regression testing
* added new confidence value (match by custom rule)
* updated / tweaked grafana exported dashboard
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
|
|
| |
* incorporated API changes from nDPI
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
|
|
| |
* aligned it with influxd example
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
|
|
|
|
|
| |
* CI: build single nDPId executable with `-Wall -Wextra -std=gnu99`
* fixed missing error events in influxd example
* added additional test cases for collectd
* extended grafana dashboard
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
|
|
|
| |
* similiar behavior to influxd example
* gauges and counters are now handled properly
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
|
|
|
|
|
| |
* a "detection-update" event was thrown even if nothing changed
* in some cases "not-detected" events were spammed if detection not completed
* tell `libnDPI` how many packets per flow we want to dissect
* `nDPId-test` validates total active flows in the right way
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
| |
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
| |
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
|
|
| |
* 1.6-release
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
|
|
| |
* Some logging related modifications were required to achieve this.
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
| |
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
|
|
|
| |
* fix ndpi data anylsis struct min/max issue
* py-flow-info cosmetics in printing some information
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
|
|
| |
after the first packet. Nonsense.
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
|
|
|
| |
* Fixed risk hash value calculation, which was only done lower 32 bits.
* Reduced default reader threads count to two if cross compiling.
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
| |
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
| |
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
|
|
| |
* use `ss` to make sure that the socket is not available anymore after every single test
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
|
|
| |
* changed nDPI version hints / requirements
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
| |
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
|
|
| |
* nDPId-test may also verify the correct encoding/decoding
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
| |
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
|
|
|
| |
* fixes loading of gambling lists which increased nDPId's memory usage *a lot*
* nDPId: handle EINTR correctly
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
|
|
|
|
|
|
| |
* added build fix for Gitlab CI
* added friendly C11 check
* set required libnDPI versionto 4.7
(ArchLinux ndpi-git sets version to 4.7, which is not released yet)
* reduced sklearn-random-forest memory consumption by adjusting min. sample leaf
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
| |
|
|
|
|
| |
* added custom nDPI logging callback
Signed-off-by: lns <matzeton@googlemail.com>
|