github-personal/nDPId
1
0
Fork 0
mirror of https://github.com/outbackdingo/nDPId.git synced 2026-01-28 02:19:37 +00:00
Code Issues Packages Projects Releases Wiki Activity
36 Commits 7 Branches 11 Tags
ndpi-example-proposal
Commit Graph

34 Commits

Author SHA1 Message Date
lns
9678d33d0c sync'd with ndpiSimpleIntegration from https://github.com/ntop/nDPI.git 
Signed-off-by: lns <matzeton@googlemail.com>
 2023-06-01 19:33:51 +02:00
Toni Uhlig
b94bf63067 sync'd with ndpiSimpleIntegration from https://github.com/ntop/nDPI.git 
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
 2021-07-04 20:02:48 +02:00
Toni Uhlig
0c24bb5d04 proposal ready for review 
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
 2020-06-24 22:04:13 +02:00
Toni Uhlig
5d7194a09b unified logging prefix 
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
 2020-06-24 21:16:56 +02:00
Toni Uhlig
25aeb01f71 adding some comments, obey coding style, etc 
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
 2020-06-22 23:29:01 +02:00
Toni Uhlig
be5e082c75 xcompile ready 
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
 2020-06-22 06:13:08 +02:00
Toni Uhlig
1e53dc7ad4 checking only IPv4/IPv6 header size, as rest is done through ndpi_detection_get_l4() 
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
 2020-06-21 14:06:33 +02:00
Toni Uhlig
8294f2e808 fixed possible crash (extra packet dissection is done via packet processing) 
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
 2020-06-21 13:38:28 +02:00
Toni Uhlig
32f322b3e5 using ndpi_detection_get_l4 to do some additional checks and get L4 payload 
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
 2020-06-20 21:57:24 +02:00
Toni Uhlig
f9a28eae97 more fine-tuning regarding TCP flow end 
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
 2020-06-20 17:43:04 +02:00
Toni Uhlig
c89435efd8 some fine-tuning regarding flow fin/idle cleanup, still not perfect 
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
 2020-06-20 15:45:32 +02:00
Toni Uhlig
ec62ddfe7f reduced MAX_FLOW_ROOTS_PER_THREAD to 2048 to safe some mem, print something to stderr if flow can't be classified at all (besides L3/L4) 
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
 2020-06-19 15:51:16 +02:00
Toni Uhlig
0e775a7409 improved console printing which is now more consistent any easier to read 
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
 2020-06-17 23:41:49 +02:00
Toni Uhlig
26fc26dbc3 support for TCP-FIN 
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
 2020-06-15 22:17:16 +02:00
Toni Uhlig
265cffdf12 new features: l7/l7-dissect/l7-guess/tcp-midstream/ssl/tls detection 
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
 2020-06-15 19:34:16 +02:00
Toni Uhlig
b1a25b8725 process extra packets if supported by protocol detection, prepare and print some statistics 
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
 2020-06-14 15:02:11 +02:00
Toni Uhlig
5f7eb0d5ac do not print ThreadID during flow free'ing 
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
 2020-06-13 18:44:26 +02:00
Toni Uhlig
dc0ecf454a use ndpi_flowv(4|6)_flow_hash api call and only as fallback src + dst 
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
 2020-06-13 18:27:33 +02:00
Toni Uhlig
baa29b72a6 print total packets captured, reduced console spam and added VERBOSE mode to print some l3/l4 metadata, used ull instead of size_t as its size is architecture dependant 
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
 2020-06-13 17:02:01 +02:00
Toni Uhlig
1e19f09fa9 read captured packets from a pcap savefile, check if file is EoF or an error occurred 
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
 2020-06-13 16:38:15 +02:00
Toni Uhlig
27bafb029a don't print ARP stuff, use ndpi_is_protocol_detected for checked protocol detection 
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
 2020-06-13 13:20:00 +02:00
Toni Uhlig
3423ca169b renamed ndpi_flow_roots, max_available_flows, num_allocated_flows, cur_allocated_flows to 
- ndpi_flows_active, max_active_flows, num_active_flows, cur_active_flows
 - consistent to idle flows naming

Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
 2020-06-13 13:07:26 +02:00
Toni Uhlig
220a575457 flow timeout handling 
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
 2020-06-13 12:54:11 +02:00
Toni Uhlig
14abcbfbc4 MAX_FLOWS_PER_THREAD -> MAX_FLOW_ROOTS_PER_THREAD, ndpi_flows_root -> ndpi_flow_roots, added per flow total packets 
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
 2020-06-12 06:34:53 +02:00
Toni Uhlig
48891c31c1 fixed flow distirbution bug, removed invalid ntohl() and set thread index seed 
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
 2020-06-12 01:17:15 +02:00
Toni Uhlig
6e902ecce9 improved packet distribution over threads, missing byteswap for IPv4/IPv6, added first/last seen timevals 
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
 2020-06-10 23:18:30 +02:00
Toni Uhlig
4d5edaf11f free_workflow if init_workflow fails, nDPId is tied to libnDPI>=3.2 for now 
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
 2020-06-10 01:11:26 +02:00
lns
66979995fc print per thread / total packets, use l4 protocol for per thread packet distribution 2020-06-08 00:00:03 +02:00
lns
1be995b4ad subscriber tracking and master/app protocol detection 2020-06-07 23:27:19 +02:00
lns
634ec5db29 fixed flow tracking bug during tree find, added ip tuple comparing routine 2020-06-07 21:26:50 +02:00
lns
d391401647 improved L3/L4 length checks 2020-06-06 13:26:43 +02:00
lns
a7069d0b72 flow tracking 2020-06-06 12:55:31 +02:00
lns
fd33b7355f dissect UDP, TCP; sighandler improvment, correct IPv6 parsing 2020-06-04 22:14:47 +02:00
lns
38b113d8c3 initial commit 2020-06-03 22:35:45 +02:00