From 17c21e1d27a90b394873a0e80e5d6992f4b985ee Mon Sep 17 00:00:00 2001 From: Toni Uhlig Date: Sun, 5 Nov 2023 16:00:47 +0100 Subject: [PATCH] Updated ToDo and added ChangeLog. Signed-off-by: Toni Uhlig --- CHANGELOG.md | 45 +++++++++++++++++++++++++++++++++++++++++++++ README.md | 2 +- TODO.md | 17 ++++++++++++++--- 3 files changed, 60 insertions(+), 4 deletions(-) create mode 100644 CHANGELOG.md diff --git a/CHANGELOG.md b/CHANGELOG.md new file mode 100644 index 00000000..85a45feb --- /dev/null +++ b/CHANGELOG.md @@ -0,0 +1,45 @@ +# CHANGELOG + +#### nDPId 1.5 (Apr 2022) + + - Improved nDPId cross compilation + - zLib flow memory compression (Experimental!) + - Memory profiling for nDPId-test + - JSMN with parent link support for subtoken iteration + - Refactored nDPIsrvd buffer and buffer bloat handling + - Upgraded JSMN/uthash + - Improved nDPIsrvd.(h|py) debugging capability for client apps + - Advanced flow usage logging usable for memory profiling + - Support for dissection additional layer2/layer3 protocols + - Serialize more JSON information + - Add TCP/IP support for nDPIsrvd + - Improved nDPIsrvd connection lost behaviour + - Reworked Python/C distributor API + - Support read()/recv() timeouts and nonblocking I/O + + +#### nDPId 1.4 (Jun 2021) + + - Use layer4 specific flow timeouts for nDPId + - Reworked layer4 flow length names and calculations (use only layer4 payload w/o any previous headers) for nDPId + - Build system cleanup and cosmetics + + +#### nDPId 1.3 (May 2021) + + - Added missing datalink layer types + + +#### nDPId 1.2 (May 2021) + + - OpenWrt compatible build system + + +#### nDPId 1.1 (May 2021) + + - Added License information + + +#### nDPId 1.0 (May 2021) + + - First public release diff --git a/README.md b/README.md index dbf18023..103272c7 100644 --- a/README.md +++ b/README.md @@ -22,7 +22,7 @@ The purpose of this software is not to spy on others, but to detect network anom # Abstract nDPId is a set of daemons and tools to capture, process and classify network traffic. -It's minimal dependencies (besides a half-way modern c library and POSIX threads) are libnDPI (**>**4.6.0 or current github dev branch) and libpcap. +It's minimal dependencies (besides a half-way modern c library and POSIX threads) are libnDPI (>=4.8.0 or current github dev branch) and libpcap. The daemon `nDPId` is capable of multithreading for packet processing, but w/o mutexes for performance reasons. Instead synchronization is achieved by a packet distribution mechanism. diff --git a/TODO.md b/TODO.md index 8582a3b6..dab40dba 100644 --- a/TODO.md +++ b/TODO.md @@ -1,5 +1,16 @@ # TODOs -1. improve UDP/TCP timeout handling by reading netfilter conntrack timeouts from /proc (or just read conntrack table entries) -2. detect interface / timeout changes and apply them to nDPId -3. implement AEAD crypto via libsodium (at least for TCP communication) +1.6: + + * event I/O abstraction layer (testing) + * Apple/BSD port (testing) + +1.7: + + * let nDPIsrvd (collector) connect to other nDPIsrvd instances (as distributor) + * nDPIsrvd GnuTLS support for TCP/IP distributor connections + +no release plan: + + * improve UDP/TCP timeout handling by reading netfilter conntrack timeouts from /proc (or just read conntrack table entries) + * detect interface / timeout changes and apply them to nDPId