mirror of
https://github.com/optim-enterprises-bv/nDPId-2.git
synced 2025-10-30 01:42:25 +00:00
Updated ToDo and added ChangeLog.
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
This commit is contained in:
Toni Uhlig
45
CHANGELOG.md
Normal file
45
CHANGELOG.md
Normal file
@@ -0,0 +1,45 @@
|
|||||||
|
# CHANGELOG
|
||||||
|
|
||||||
|
#### nDPId 1.5 (Apr 2022)
|
||||||
|
|
||||||
|
- Improved nDPId cross compilation
|
||||||
|
- zLib flow memory compression (Experimental!)
|
||||||
|
- Memory profiling for nDPId-test
|
||||||
|
- JSMN with parent link support for subtoken iteration
|
||||||
|
- Refactored nDPIsrvd buffer and buffer bloat handling
|
||||||
|
- Upgraded JSMN/uthash
|
||||||
|
- Improved nDPIsrvd.(h|py) debugging capability for client apps
|
||||||
|
- Advanced flow usage logging usable for memory profiling
|
||||||
|
- Support for dissection additional layer2/layer3 protocols
|
||||||
|
- Serialize more JSON information
|
||||||
|
- Add TCP/IP support for nDPIsrvd
|
||||||
|
- Improved nDPIsrvd connection lost behaviour
|
||||||
|
- Reworked Python/C distributor API
|
||||||
|
- Support read()/recv() timeouts and nonblocking I/O
|
||||||
|
|
||||||
|
|
||||||
|
#### nDPId 1.4 (Jun 2021)
|
||||||
|
|
||||||
|
- Use layer4 specific flow timeouts for nDPId
|
||||||
|
- Reworked layer4 flow length names and calculations (use only layer4 payload w/o any previous headers) for nDPId
|
||||||
|
- Build system cleanup and cosmetics
|
||||||
|
|
||||||
|
|
||||||
|
#### nDPId 1.3 (May 2021)
|
||||||
|
|
||||||
|
- Added missing datalink layer types
|
||||||
|
|
||||||
|
|
||||||
|
#### nDPId 1.2 (May 2021)
|
||||||
|
|
||||||
|
- OpenWrt compatible build system
|
||||||
|
|
||||||
|
|
||||||
|
#### nDPId 1.1 (May 2021)
|
||||||
|
|
||||||
|
- Added License information
|
||||||
|
|
||||||
|
|
||||||
|
#### nDPId 1.0 (May 2021)
|
||||||
|
|
||||||
|
- First public release
|
||||||
@@ -22,7 +22,7 @@ The purpose of this software is not to spy on others, but to detect network anom
|
|||||||
# Abstract
|
# Abstract
|
||||||
|
|
||||||
nDPId is a set of daemons and tools to capture, process and classify network traffic.
|
nDPId is a set of daemons and tools to capture, process and classify network traffic.
|
||||||
It's minimal dependencies (besides a half-way modern c library and POSIX threads) are libnDPI (**>**4.6.0 or current github dev branch) and libpcap.
|
It's minimal dependencies (besides a half-way modern c library and POSIX threads) are libnDPI (>=4.8.0 or current github dev branch) and libpcap.
|
||||||
|
|
||||||
The daemon `nDPId` is capable of multithreading for packet processing, but w/o mutexes for performance reasons.
|
The daemon `nDPId` is capable of multithreading for packet processing, but w/o mutexes for performance reasons.
|
||||||
Instead synchronization is achieved by a packet distribution mechanism.
|
Instead synchronization is achieved by a packet distribution mechanism.
|
||||||
|
|||||||
17
TODO.md
17
TODO.md
@@ -1,5 +1,16 @@
|
|||||||
# TODOs
|
# TODOs
|
||||||
|
|
||||||
1. improve UDP/TCP timeout handling by reading netfilter conntrack timeouts from /proc (or just read conntrack table entries)
|
1.6:
|
||||||
2. detect interface / timeout changes and apply them to nDPId
|
|
||||||
3. implement AEAD crypto via libsodium (at least for TCP communication)
|
* event I/O abstraction layer (testing)
|
||||||
|
* Apple/BSD port (testing)
|
||||||
|
|
||||||
|
1.7:
|
||||||
|
|
||||||
|
* let nDPIsrvd (collector) connect to other nDPIsrvd instances (as distributor)
|
||||||
|
* nDPIsrvd GnuTLS support for TCP/IP distributor connections
|
||||||
|
|
||||||
|
no release plan:
|
||||||
|
|
||||||
|
* improve UDP/TCP timeout handling by reading netfilter conntrack timeouts from /proc (or just read conntrack table entries)
|
||||||
|
* detect interface / timeout changes and apply them to nDPId
|
||||||
|
|||||||
Reference in New Issue
Block a user