* py-semantic-validation: Decode base64 raw packet data as well
* nDPIsrvd.py: Added PACKETS_PLEN_MAX
* nDPIsrvd.py: Improved JSON parse error/exception handling
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* nDPId-test: Increased the max-packets-per-flow-to-send from 3 to 5.
This is quite useful for TCP as the first 3 packets are usually part of the three-way-handshake.
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* nDPId/nDPIsrvd/c-examples: Parameter parsing needs to be improved
if `strdup()` in combination with static strings is used.
* Other non-critical fixes.
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* The issue can result in an error message like:
`Base64 encoding failed with: Buffer too small.`
and also in too big JSON strings generated by nDPId
which nDPIsrvd does not like as it's length is
greater than `NETWORK_BUFFER_MAX_SIZE`.
* nDPId will now obey `NETWORK_BUFFER_MAX_SIZE` while
trying to base64 encode raw packet data.
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* Still not perfect, but the code before was not even able to deal with JSON arrays.
Use common "speaking" function names for all functions in nDPIsrvd.h
* Provide a more or less generic and easy extendable JSON walk function.
* Modified C examples to align with the changed C API.
* c-collectd: Reduced lot's of code duplication by providing mapping tables.
* nDPId: IAT array requires one slot less (first packet has always an IAT of 0).
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* The goal was to provide a separate event for extracted feature that are not required
and only useful for a few (e.g. someone who wants do ML).
* Increased network buffer size to 32kB (8192 * 4).
* Switched timestamp precision from ms to us for *ALL* timestamps.
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* export env vars AR / CMAKE_C_COMPILER_AR and RANLIB / CMAKE_C_COMPILER_RANLIB while building libnDPI
* nDPId check API version during startup (macro vs. function call) and print a warning if they are different
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* nDPId: imrpvoed collector socket error messages on connect/write/etc failures
* reverted `netcat` parts of the README
Signed-off-by: lns <matzeton@googlemail.com>
* no use for `flow_avg_l4_payload_len' -> removed
* test/run_tests.sh does not fail if git-worktree's are used
Signed-off-by: lns <matzeton@googlemail.com>
* try to use same wording wherever possible e.g.
renamed workflow->total_l4_data_len to workflow->total_l4_payload_len
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* nDPIsrvd.h: Provide nDPId thread storage.
* nDPIsrvd.py: Fixed instance cleanup bug.
* nDPIsrvd.h: Support for instance/thread user data and cleanup callback.
* nDPIsrvd.h: Most recent flow time stored in thread ht instead of instance ht.
* nDPId: Moved flow logger out the memory profilier into SIGUSR1 signal handling.
* nDPId: Added signal fd to be usable within epoll's event handling (live-capture only!)
* nDPId: Added information about ZLib compressions to daemon status/shutdown events.
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* nDPIsrvd: Collector/Distributor logging improved
* nDPIsrvd: Command line option for max remote descriptors
* nDPId: Stop spamming nDPIsrvd Collector with the same events over and over again
* nDPId: Refactored some variable names and events
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* py-flow-dashboard: Added color mapping for PieCharts/Graph that make more sense
* nDPId: Renamed `flow_type' to a more precisely `flow_state'
* nDPId: Changed the default setting to process only as much packets as libnDPI does
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
This will only affect flows with the state `FT_FINISHED' (detection done).
* nDPIsrvd.py: force use of JSON schema Draft 7 validator
* flow-dash.py: gather/use total processed layer4 payload size
* flow-info.py: added additional event filter
* flow-info.py: prettified flow events printing whose detection is in progress
* py-semantic-validation.py: added validation checks for FT_FINISHED
* updated flow event JSON schema
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* fixed GitLab pipeline
* nDPId: added static assert (just for a test)
* nDPId: memory profiling for total bytes compressed
* nDPId-test: enable zLib compression if configured with ENABLE_ZLIB
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* bump libnDPI to c53c82d4823b5a8f856d1375155ac5112b68e8af
* run_tests.sh: improved execution from non-git directories e.g. via `make dist`
* updated JSON schema to be more restrictive
* nDPId: splitted generic get_ip_from_sockaddr into IPv4/IPv6 to prevent compiler warnings on some platforms
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
