Comments (3)
The debug_printf function was used in old ndpi_init_detection_module api.
Unfortunately, i have a little free time. But, in this weekend I will check the problem related for SSL connections.
from ndpi-netfilter.
I was thinking of the NDPI_LOG macro in the nDPI code.
I search to have the same level detection of ndpiReader (the little programme which comes with nDPI) in the kernel. But now, I have made some search (but no significative) and I will continue this week. If I find a solution, I tell you.
Do you know a solution to avoid set the detection of all protocol without rules in Iptables. I have tried only iptables -t mangle -A (PREROUTING || POSTROUTING) -ndpi --dpi_check but all packets are categorized as ""unknown". Yet if I add some rules on SSL, HTTP or GOOGLE, I have some detection.
It's very weird. So, I will compare the ndpiReader detection process and your code.
from ndpi-netfilter.
There are several differences between ndpiReader and ndpi-netfilter.
In ndpiReader the detection is made in sniffer mode (using libpcap) - so, by default, this application can inspect everything on network interface.
But, in ndpi-netfilter the inspection is made by netfilter flow (into proper firewall chain) - using the "flow struct". For this reason, we need to identify all packets directions. So, the dpi_check is used only to map all possibles flows to ndpi detection - no protocol is enabled at this moment.
All protocols are disabled when xt_ndpi module is loaded. For performance reason, the protocol is enabled only by firewall rule (with the ndpi_enable_protocols function).
-- line 821 in main.c code
for (i = 0; i <= NDPI_LAST_IMPLEMENTED_PROTOCOL; i++){
atomic_set (&protocols_cnt[i], 0);
// Set HTTP based protocols
if ((i > 118 && i < 127) || (i > 139 && i < 146) || (i > 175 && i <= 218 ) || i == 70 || i == 133) nfndpi_protocols_http[i]=1;
else nfndpi_protocols_http[i]=0;
}
/* disable all protocols */
NDPI_BITMASK_RESET(protocols_bitmask);
ndpi_set_protocol_detection_bitmask2(ndpi_struct, &protocols_bitmask);
from ndpi-netfilter.
Related Issues (20)
- Bandwidth Control on Microsoft Edge for Youtube
- Kernel Panic when you have high traffic volume. HOT 5
- Kernel Panic in high traffic volume.
- stdio.h: No such file or directory
- nf_ct_is_untracked HOT 6
- How to accept specific protocol and drop the other HOT 10
- Potential access to invalid nf_conn memory HOT 1
- Compatible with nDPI 2.4 ? HOT 2
- Problem with Ubuntu 18 HOT 6
- Cannot copy libxt_ndpi.so to /lib/xtables/ and gives an error "cp: cannot create regular file '/lib/xtables/': Not a directory" HOT 8
- Alpine Linux HOT 1
- Unable to install ndpi in debian 8 as well as no iptables rules are applied, giving an error such as iptables: No chain/target/match by that name. HOT 3
- Unknown Symbol when trying to insert the module HOT 1
- error running this cmnd sudo NDPI_PATH=/usr/src/ndpi-netfilter-master/nDPI make HOT 6
- ndpi-netfilter
- can not install the nDPI module for the given Linux kernel HOT 1
- Feature request: support nftables
- Drop a protocol/application for a specific mac address
- Facebook, Youtube and other protocols are not always detected
- not work on bridge
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from ndpi-netfilter.