scottk/nDPId
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/nDPId.git synced 2026-01-10 01:01:32 +00:00
Code Issues Packages Projects Releases Wiki Activity

Commit Graph

  • 9e4e41e5f6 Updated README.md ASCII architecture. Toni Uhlig 2020-09-29 17:43:36 +02:00
  • f60e7a097d nDPIsrvd: Improved UDS related code parts. Toni Uhlig 2020-09-29 17:22:29 +02:00
  • a2bf721722 Added additional datalink header check for DLT_NULL/IPv6. Toni Uhlig 2020-09-28 21:13:23 +02:00
  • ab10561dcd Added alias support for an nDPId instance. Toni Uhlig 2020-09-27 00:44:52 +02:00
  • 458b77c3eb Added daemon events. Toni Uhlig 2020-09-27 00:15:37 +02:00
  • 04bbbcd055 Improved event parsing for Python scripts. Toni Uhlig 2020-09-26 15:15:15 +02:00
  • 8c61f88362 Added event validation functions and fixed Python scripts. Toni Uhlig 2020-09-26 11:19:21 +02:00
  • b6b62ac883 Use --squash for git subtree pull. Toni Uhlig 2020-09-26 00:51:59 +02:00
  • 84712686a7 Centralized EventName validation and moved code parts. Toni Uhlig 2020-09-26 00:48:24 +02:00
  • adce2272dc Removed DISABLE_JSMN define for c-json-stdout (built-in per default). Toni Uhlig 2020-09-26 00:44:29 +02:00
  • d3bb1ccf33 Added shell script to update/pull JSMN. Toni Uhlig 2020-09-26 00:43:15 +02:00
  • 9abd1d8cf9 Merge commit 'e8af059ab3deb2a49e75c20ddcaf14ee19bcc223' as 'contrib/jsmn' Toni Uhlig 2020-09-26 00:49:15 +02:00
  • e8af059ab3 Squashed 'contrib/jsmn/' content from commit 053d3cd Toni Uhlig 2020-09-26 00:49:15 +02:00
  • a3ed1af871 Removed examples/c-json-stdout/jsmn as it's new location will be contrib/jsmn, soon. Toni Uhlig 2020-09-26 00:39:51 +02:00
  • 5b9965ce63 Added host_server_name length to hash to send a detection update if length changed (hacky). Toni Uhlig 2020-09-26 00:35:37 +02:00
  • 6c0ac8b045 Added new flow event: FLOW_EVENT_DETECTION_UPDATE Toni Uhlig 2020-09-25 20:03:14 +02:00
  • 370ca7c00d Process extra packets with nDPI, still not perfect but results in a more accurate detection. Toni Uhlig 2020-09-24 23:38:53 +02:00
  • ec1ffb6723 nDPId: Change user/group after init. Toni Uhlig 2020-09-21 19:34:17 +02:00
  • 5e5c1a4d20 nDPIsrvd: Use of an anonymous enum for collector/distributor socket types fits best. Toni Uhlig 2020-09-07 21:05:47 +02:00
  • ab374d193f nDPIsrvd: Change user/group, allow listening on UNIX socket for incoming distributor connections Toni Uhlig 2020-09-05 17:52:34 +02:00
  • ec101fbc0f go-dashboard: Print unmarshalled JSON string in a textbox. Toni Uhlig 2020-09-03 20:34:57 +02:00
  • 001f84af3b go-dashboard: Added event structs and JSON unmarshal semantic. Toni Uhlig 2020-09-02 18:53:39 +02:00
  • 0a03293d16 go-dashboard: go mod/vendor support + termdash text user interface Toni Uhlig 2020-09-01 23:44:09 +02:00
  • 70febd225b nDPId: Print compiled-in libgcrypt version (if libndpi was compiled with libgcrypt support). Toni Uhlig 2020-08-31 16:12:13 +02:00
  • 9c3b5170fc Added golang JSON deserializer example. Toni Uhlig 2020-08-31 08:45:36 +02:00
  • 905d84506e Increased network buffer size from 8448 to 9216 with the hope that it might be finally enough. Toni Uhlig 2020-08-27 15:40:43 +02:00
  • 93fa7fcabf nDPId: Improved command line option parsing, app usage and subopts for (carefully) tuning some daemon options. Toni Uhlig 2020-08-26 17:24:12 +02:00
  • 1653137edb Makefile: Allow pkg-config based builds and also allow setting libndpi build options manually. Toni Uhlig 2020-08-24 18:16:43 +02:00
  • efcdb81350 risky-flow-to-pcap.py: dump the first few packets of a "risky" flow to a PCAP file Toni Uhlig 2020-08-23 13:39:04 +02:00
  • bae579e926 nDPId: subopt parsing skeleton Toni Uhlig 2020-08-19 20:16:11 +02:00
  • 5830beb70f nDPIsrvd.py: improved PCAP writing for guessed/undetected flows (ignore empty UDP/TCP packets) Toni Uhlig 2020-08-19 19:54:49 +02:00
  • 4c9e099d0f added pkt_type and pkt_ipoffset to json serialization Toni Uhlig 2020-08-19 19:52:38 +02:00
  • 1db474507b nDPIsrvd: add command line option for distributor listen host/port Toni Uhlig 2020-08-18 17:14:05 +02:00
  • e6c2bc6373 merged code to reduce code duplicates Toni Uhlig 2020-08-18 16:48:01 +02:00
  • 230e96803e nDPIsrvd: log ip:port for distributor connection fails Toni Uhlig 2020-08-17 16:10:43 +02:00
  • 41d0c414cc added nDPIsrvd communication/utils python module Toni Uhlig 2020-08-16 00:44:15 +02:00
  • 9990865362 minor improvments regarding flow guessing on flow end/idle and other not worth to mention Toni Uhlig 2020-08-16 00:21:07 +02:00
  • 3080fff9a3 yet another README.md update Toni Uhlig 2020-08-15 13:08:57 +02:00
  • 84448d5e4e error handling enhancements Toni Uhlig 2020-08-15 13:05:49 +02:00
  • 9ab656dbe2 README.md update Toni Uhlig 2020-08-15 13:01:05 +02:00
  • a619a850c7 nDPIsrvd: fixed another two bugs; one related to EPOLLIN event for fd with shutdown reading end, one if write() did not write all bytes Toni Uhlig 2020-08-15 10:57:48 +02:00
  • e8a115b39f adjust some config values Toni Uhlig 2020-08-15 10:48:38 +02:00
  • be4366b0e1 several fixes and improvments Toni Uhlig 2020-08-14 17:33:52 +02:00
  • a5f8783bda minor improvments Toni Uhlig 2020-08-14 16:10:21 +02:00
  • 37e46a506a c-json-stdout: fixed broken buffering Toni Uhlig 2020-08-14 15:24:40 +02:00
  • 4b9b695946 nDPIsrvd: fixed broken buffering Toni Uhlig 2020-08-14 14:39:10 +02:00
  • a377008644 nDPId: removed unused code, process remaining flows on shutdown (useful for replaying pcap files) Toni Uhlig 2020-08-14 14:37:50 +02:00
  • 0ce3965d1f flow-undetected-to-pcap.py: apply 'guessed' or 'undetected' to the filepath Toni Uhlig 2020-08-14 14:17:53 +02:00
  • d8a3693cd0 Makefile: ENABLE_DEBUG disables function inlining Toni Uhlig 2020-08-14 14:16:47 +02:00
  • 52945ff903 set detection_completed = 1 if guessed/not-detected event thrown Toni Uhlig 2020-08-13 10:53:22 +02:00
  • 68fb4030ee flow-info.py, flow-undetected-to-pcap.py: throw socket error runtime exception if disconnect received Toni Uhlig 2020-08-13 10:52:10 +02:00
  • c164c5f921 flow-undetected-to-pcap.py: do not write pcaps for midstream flows, write pcaps after detection completed or flow EoF but only once Toni Uhlig 2020-08-13 09:50:55 +02:00
  • 3f783f9f01 improved TCP-FIN/TCP-RST and TCP-keepalive/-idle timeout handling Toni Uhlig 2020-08-13 09:49:14 +02:00
  • dcd206abfd replaced deprecated pcap_lookupdev with pcap_findalldevs Toni Uhlig 2020-08-12 12:57:24 +02:00
  • 5e0a27d213 improved nDPIsrvd buffering if write returned EAGAIN Toni Uhlig 2020-08-12 12:24:39 +02:00
  • 8ccdadd3c7 do not disconnect a distributor client if write returned EAGAIN (still not perfect) Toni Uhlig 2020-08-09 23:07:06 +02:00
  • dc61464135 moved PACKET_EVENT_PAYLOAD_FLOW after FLOW_EVENT_NEW (and before FLOW_EVENT_END/IDLE) Toni Uhlig 2020-08-09 22:58:35 +02:00
  • 67407a8a39 flow-info.py: fixed buffering issue Toni Uhlig 2020-08-08 19:40:58 +02:00
  • 530ec3ccf7 event consistency: call ndpi_dpi2json only for GUESSED, DETECTED, NOT-DETECTED flow events Toni Uhlig 2020-08-08 13:51:44 +02:00
  • 9ae4aa7ce9 flow-info.py overhaul, terminal color support, ndpi protocol/category/flow-risk output Toni Uhlig 2020-08-07 15:21:24 +02:00
  • 79e4fc9bfe nDPId: do not serialize flow riskm twice Toni Uhlig 2020-08-07 14:12:21 +02:00
  • b3337c053d added some random info's Toni Uhlig 2020-08-06 18:17:25 +02:00
  • 0c2b2a9750 added python flow info script, improved IPv4/IPv6 string conversion Toni Uhlig 2020-08-06 16:26:14 +02:00
  • 5a7b0499ed nDPIsrvd sighandler and cmd opt parser Toni Uhlig 2020-08-06 00:50:02 +02:00
  • 6031b07eb4 added utils module to share some code parts with other apps Toni Uhlig 2020-08-05 16:03:28 +02:00
  • 88aa768184 nDPId daemonize / pidfile support + improved syslog logging Toni Uhlig 2020-08-05 12:02:28 +02:00
  • ea636f4ab6 improved Makefile help target Toni Uhlig 2020-08-05 11:42:59 +02:00
  • d828ef1bf0 json buffering and parsing Toni Uhlig 2020-08-04 22:38:08 +02:00
  • 8a6021268e introduced NETWORK_BUFFER_MAX_SIZE to replace BUFSIZ as this might change depending on the arch/libc used Toni Uhlig 2020-08-04 17:29:31 +02:00
  • 823b95828c fixed buffering issue, improved logging verbosity Toni Uhlig 2020-08-04 16:22:00 +02:00
  • 115438bf44 print snprintf retval and buffer size if buffer preparation failed Toni Uhlig 2020-08-04 16:18:53 +02:00
  • 0004753eb1 added basic "consumer" example Toni Uhlig 2020-08-04 16:15:21 +02:00
  • 3fd32fb337 clang-format Toni Uhlig 2020-08-04 10:28:56 +02:00
  • bbeb147cde nDPIsrvd: collect, buffer and distribute JSON strings Toni Uhlig 2020-08-04 10:27:18 +02:00
  • 913c8d5a18 moved more default config options into config.h Toni Uhlig 2020-08-04 01:55:21 +02:00
  • 88b85cecb8 merged some pre-processor macros which are used in multiple executables Toni Uhlig 2020-08-04 01:35:32 +02:00
  • e9467b7fb6 Merge commit '791b8f611e5388015d30f64a50ab4fa5293a4a1c' as 'examples/c-json-stdout/jsmn' Toni Uhlig 2020-08-04 01:27:54 +02:00
  • 791b8f611e Squashed 'examples/c-json-stdout/jsmn/' content from commit 053d3cd Toni Uhlig 2020-08-04 01:27:54 +02:00
  • f99ddb5bce prefix every generated json string with the length of itself in bytes Toni Uhlig 2020-08-03 21:42:58 +02:00
  • 89dd7a2178 removed python nDPId debug script Toni Uhlig 2020-08-03 21:11:26 +02:00
  • 61807ffd09 forwarding data from collector(client,source,UNIX-sock) to distributor(client,sink,TCP-sock) Toni Uhlig 2020-08-03 17:12:30 +02:00
  • 92925a8355 remote connection tracking/ event-handling for collector(UNIX) and distributor(TCP) connections Toni Uhlig 2020-08-03 16:27:14 +02:00
  • 536a1c03a5 nDPIsrvd: getting events from epoll and accepting new connections Toni Uhlig 2020-07-19 21:02:35 +02:00
  • 89191dff42 nDPIsrvd: UNIX/INET socket creation Toni Uhlig 2020-07-19 16:53:00 +02:00
  • f757b9d313 renamed collector to debug and removed obsolete, unused code Toni Uhlig 2020-07-17 20:21:15 +02:00
  • ef7c11a750 added %zu format string, so CC won't complain if size types used Toni Uhlig 2020-07-16 20:30:36 +02:00
  • a5d46a67e3 moved CFLAGS to PROJECT_CFLAGS so OpenWrt won't overwrite it Toni Uhlig 2020-07-16 20:28:46 +02:00
  • de2d5749b7 add_flow / del_flow / add_pkt / cleanup Toni Uhlig 2020-07-15 19:49:16 +02:00
  • 6068a99a56 serialize flow risk, send information about how much raw pkts are sent to the json endpoint, send also a json thread init complete event Toni Uhlig 2020-07-15 18:37:33 +02:00
  • 5364603fba added packet based events Toni Uhlig 2020-07-14 21:27:41 +02:00
  • e7406606c1 shutdown socket reading end as we just want to send json strings and never read something Toni Uhlig 2020-07-13 16:09:08 +02:00
  • 48dc26140a replaced fprintf with syslog calls Toni Uhlig 2020-07-11 16:17:12 +02:00
  • 1085608ad4 removed obsolete DISABLE_JSONIZER mode Toni Uhlig 2020-07-11 15:33:17 +02:00
  • c6952a5995 removed obsolete EXTRA_VERBOSE mode Toni Uhlig 2020-07-11 15:24:21 +02:00
  • e4e2a9ccab -fsanitize=enum Toni Uhlig 2020-07-11 15:23:22 +02:00
  • cfcaa4eb81 use a string mapping table for event id to name conversion Toni Uhlig 2020-07-11 15:22:40 +02:00
  • d8122ca762 more write after read race conditions fixed Toni Uhlig 2020-07-10 22:58:51 +02:00
  • 429aceec8f do not omit frame pointer in debug mode Toni Uhlig 2020-07-10 22:48:04 +02:00
  • ea8cba7f58 enable thread snitizer Toni Uhlig 2020-07-10 22:45:34 +02:00
  • e1debd9198 fixed some race conditions Toni Uhlig 2020-07-10 22:45:12 +02:00