GitHub/PCAPdroid
1
0
Fork 0
mirror of https://github.com/emanuele-f/PCAPdroid.git synced 2026-05-08 21:12:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update to nDPI 4.2

Browse Source 
Relevant changes:

- Reduced memory footprint
- Fix some memory issues
- Improved protocols dissection
This commit is contained in:
emanuele-f
2022-02-03 16:58:07 +01:00
parent 8fb3fa97b1
commit 59288b583d
5 changed files with 222 additions and 111 deletions
Download Patch File Download Diff File Expand all files Collapse all files
app/src/main/jni/core/pcapdroid.c
+10 -27
View File
@@ -19,6 +19,7 @@
#include <inttypes.h>
#include <assert.h> // NOTE: look for "assertion" in logcat
#include <pthread.h>
#include "pcapdroid.h"
#include "pcap_utils.h"
#include "common/utils.h"
@@ -55,14 +56,6 @@ static void conn_free_ndpi(pd_conn_t *data) {
ndpi_free_flow(data->ndpi_flow);
data->ndpi_flow = NULL;
}
if(data->src_id) {
ndpi_free(data->src_id);
data->src_id = NULL;
}
if(data->dst_id) {
ndpi_free(data->dst_id);
data->dst_id = NULL;
}
}
/* ******************************************************* */
@@ -71,7 +64,12 @@ static uint16_t ndpi2proto(ndpi_protocol proto) {
// The nDPI master/app protocol logic is not clear (e.g. the first packet of a DNS flow has
// master_protocol unknown whereas the second has master_protocol set to DNS). We are not interested
// in the app protocols, so just take the one that's not unknown.
return((proto.master_protocol != NDPI_PROTOCOL_UNKNOWN) ? proto.master_protocol : proto.app_protocol);
uint16_t l7proto = ((proto.master_protocol != NDPI_PROTOCOL_UNKNOWN) ? proto.master_protocol : proto.app_protocol);
if((l7proto == NDPI_PROTOCOL_HTTP_CONNECT) || (l7proto == NDPI_PROTOCOL_HTTP_PROXY))
l7proto = NDPI_PROTOCOL_HTTP;
return l7proto;
}
/* ******************************************************* */
@@ -287,16 +285,6 @@ pd_conn_t* pd_new_connection(pcapdroid_t *pd, const zdtun_5tuple_t *tuple, int u
conn_free_ndpi(data);
}
if((data->src_id = ndpi_calloc(1, SIZEOF_ID_STRUCT)) == NULL) {
log_e("ndpi_malloc(src_id) failed");
conn_free_ndpi(data);
}
if((data->dst_id = ndpi_calloc(1, SIZEOF_ID_STRUCT)) == NULL) {
log_e("ndpi_malloc(dst_id) failed");
conn_free_ndpi(data);
}
data->uid = uid;
data->incr_id = pd->new_conn_id++;
@@ -429,6 +417,7 @@ static void process_ndpi_data(pcapdroid_t *pd, const zdtun_5tuple_t *tuple, pd_c
char *found_info = NULL;
switch(data->l7proto) {
case NDPI_PROTOCOL_TLS:
case NDPI_PROTOCOL_DNS:
if(data->ndpi_flow->host_server_name[0])
found_info = (char*)data->ndpi_flow->host_server_name;
@@ -444,10 +433,6 @@ static void process_ndpi_data(pcapdroid_t *pd, const zdtun_5tuple_t *tuple, pd_c
}
break;
case NDPI_PROTOCOL_TLS:
if(data->ndpi_flow->protos.tls_quic_stun.tls_quic.client_requested_server_name[0])
found_info = (char*)data->ndpi_flow->protos.tls_quic_stun.tls_quic.client_requested_server_name;
break;
}
if(found_info && (!data->info || data->info_from_lru)) {
@@ -615,14 +600,12 @@ static void perform_dpi(pcapdroid_t *pd, pkt_context_t *pctx) {
uint16_t old_proto = data->l7proto;
data->l7proto = ndpi2proto(ndpi_detection_process_packet(pd->ndpi, data->ndpi_flow, (const u_char *)pkt->buf,
pkt->len, data->last_seen,
is_tx ? data->src_id : data->dst_id,
is_tx ? data->dst_id : data->src_id));
pkt->len, data->last_seen));
if(old_proto != data->l7proto)
data->update_type |= CONN_UPDATE_INFO;
if((!data->request_done) && !data->ndpi_flow->packet.tcp_retransmission)
if((!data->request_done) && !pd->ndpi->packet.tcp_retransmission)
process_request_data(pd, pctx);
if(!is_tx && (data->l7proto == NDPI_PROTOCOL_DNS))
generated/nDPI/ndpi_api.h
+86 -55
View File
@@ -34,9 +34,8 @@ extern "C" {
/* The #define below is used for apps that dynamically link with nDPI to make
sure that datastructures and in sync across versions
*/
#define NDPI_API_VERSION 4817
#define NDPI_API_VERSION 5710
#define SIZEOF_ID_STRUCT ( sizeof(struct ndpi_id_struct) )
#define SIZEOF_FLOW_STRUCT ( sizeof(struct ndpi_flow_struct) )
#define NDPI_DETECTION_ONLY_IPV4 ( 1 << 0 )
@@ -75,15 +74,6 @@ extern "C" {
u_int32_t ndpi_detection_get_sizeof_ndpi_flow_struct(void);
/**
* Get the size of the id struct
*
* @return the size of the id struct
*
*/
u_int32_t ndpi_detection_get_sizeof_ndpi_id_struct(void);
/**
* Get the size of the flow tcp struct
*
@@ -118,7 +108,8 @@ extern "C" {
void ndpi_free(void *ptr);
void * ndpi_flow_malloc(size_t size);
void ndpi_flow_free(void *ptr);
u_int32_t ndpi_get_tot_allocated_memory(void);
/**
* Search the first occurrence of substring -find- in -s-
* The search is limited to the first -slen- characters of the string
@@ -302,8 +293,6 @@ extern "C" {
* @par packet = unsigned char pointer to the Layer 3 (IP header)
* @par packetlen = the length of the packet
* @par packet_time_ms = the current timestamp for the packet (expressed in msec)
* @par src = pointer to the source subscriber state machine
* @par dst = pointer to the destination subscriber state machine
* @return void
*
*/
@@ -311,9 +300,7 @@ extern "C" {
struct ndpi_flow_struct *flow,
const unsigned char *packet,
const unsigned short packetlen,
const u_int64_t packet_time_ms,
struct ndpi_id_struct *src,
struct ndpi_id_struct *dst);
const u_int64_t packet_time_ms);
/**
* Processes one packet and returns the ID of the detected protocol.
@@ -324,8 +311,6 @@ extern "C" {
* @par packet = unsigned char pointer to the Layer 3 (IP header)
* @par packetlen = the length of the packet
* @par packet_time_ms = the current timestamp for the packet (expressed in msec)
* @par src = pointer to the source subscriber state machine
* @par dst = pointer to the destination subscriber state machine
* @return the detected ID of the protocol
*
*/
@@ -333,9 +318,7 @@ extern "C" {
struct ndpi_flow_struct *flow,
const unsigned char *packet,
const unsigned short packetlen,
const u_int64_t packet_time_ms,
struct ndpi_id_struct *src,
struct ndpi_id_struct *dst);
const u_int64_t packet_time_ms);
/**
* Get the main protocol of the passed flows for the detected module
*
@@ -424,7 +407,6 @@ extern "C" {
* @par string_to_match = the string to match
* @par string_to_match_len = the length of the string
* @par ret_match = completed returned match information
* @par is_host_match = value of the second field of struct ndpi_automa
* @return the ID of the matched subprotocol;
* -1 if automa is not finalized;
* -2 if automa==NULL or string_to_match==NULL or empty string_to_match
@@ -433,8 +415,7 @@ extern "C" {
int ndpi_match_string_subprotocol(struct ndpi_detection_module_struct *ndpi_struct,
char *string_to_match,
u_int string_to_match_len,
ndpi_protocol_match_result *ret_match,
u_int8_t is_host_match);
ndpi_protocol_match_result *ret_match);
/**
* Check if the host passed match with a protocol
*
@@ -464,24 +445,6 @@ extern "C" {
void ndpi_check_subprotocol_risk(struct ndpi_detection_module_struct *ndpi_str,
struct ndpi_flow_struct *flow, u_int16_t subprotocol_id);
/**
* Check if the string content passed match with a protocol
*
* @par ndpi_struct = the detection module
* @par flow = the flow where match the host
* @par string_to_match = the string to match
* @par string_to_match_len = the length of the string
* @par ret_match = completed returned match information
* @par master_protocol_id = value of the ID associated to the master protocol detected
* @return the ID of the matched subprotocol
*
*/
u_int16_t ndpi_match_content_subprotocol(struct ndpi_detection_module_struct *ndpi_struct,
struct ndpi_flow_struct *flow,
char *string_to_match,
u_int string_to_match_len,
ndpi_protocol_match_result *ret_match,
u_int16_t master_protocol_id);
/**
* Exclude protocol from search
*
@@ -601,6 +564,15 @@ extern "C" {
const char* ndpi_category_get_name(struct ndpi_detection_module_struct *ndpi_mod,
ndpi_protocol_category_t category);
/**
* Get classification confidence as string
*
* @par confidence = the confidence value
* @return the string name of the confidence result
*
*/
const char* ndpi_confidence_get_name(ndpi_confidence_t confidence);
/**
* Set protocol category string
*
@@ -682,12 +654,19 @@ extern "C" {
*/
void ndpi_dump_protocols(struct ndpi_detection_module_struct *mod);
/**
* Generate Options list used in OPNsense firewall plugin
*
* @par opt = The Option list to generate
*/
void ndpi_generate_options(u_int opt);
/**
* Write the list of the scores and their associated risks
*
* @par ndpi_mod = the detection module
*/
void ndpi_dump_risks_score();
void ndpi_dump_risks_score(void);
/**
* Read a file and load the protocols
@@ -729,6 +708,15 @@ extern "C" {
*/
int ndpi_add_host_risk_mask(struct ndpi_detection_module_struct *ndpi_mod, char *host, ndpi_risk mask);
/**
* Add a trusted certificate issuer DN
*
* @par ndpi_mod = the detection module
* @par dn = the issuer DN as it appears in the certificate (example "CN=813845657003339838, O=Code42, OU=TEST, ST=MN, C=US")
* @return 0 if the rule is loaded correctly; < 0 in case an error is detected
*/
int ndpi_add_trusted_issuer_dn(struct ndpi_detection_module_struct *ndpi_mod, char *dn);
/**
* Read a file and load the categories
*
@@ -958,6 +946,18 @@ extern "C" {
ndpi_protocol_category_t *category,
ndpi_protocol_breed_t *breed);
/**
* Specifies the threshold used to trigger the NDPI_TLS_CERTIFICATE_ABOUT_TO_EXPIRE
* flow risk that by default is set to 30 days
*
* @par ndpi_struct = the struct created for the protocol detection
* @par days = the number of days threshold for emitting the alert
*
*/
void ndpi_set_tls_cert_expire_days(struct ndpi_detection_module_struct *ndpi_str,
u_int8_t days);
/* Utility functions to set ndpi malloc/free/print wrappers */
void set_ndpi_malloc(void* (*__ndpi_malloc)(size_t size));
void set_ndpi_free(void (*__ndpi_free)(void *ptr));
@@ -988,7 +988,7 @@ extern "C" {
/* Return a flow info string (summarized). Does only work for DNS/HTTP/TLS/QUIC. */
const char* ndpi_get_flow_info(struct ndpi_flow_struct const * const flow,
ndpi_protocol const * const l7_protocol);
char* ndpi_ssl_version2str(struct ndpi_flow_struct *flow,
char* ndpi_ssl_version2str(char *buf, int buf_len,
u_int16_t version, u_int8_t *unknown_tls_version);
int ndpi_netbios_name_interpret(u_char *in, u_int in_len, u_char *out, u_int out_len);
void ndpi_patchIPv6Address(char *str);
@@ -1007,7 +1007,7 @@ extern "C" {
int ndpi_flow2json(struct ndpi_detection_module_struct *ndpi_struct,
struct ndpi_flow_struct *flow,
u_int8_t ip_version,
u_int8_t l4_protocol, u_int16_t vlan_id,
u_int8_t l4_protocol,
u_int32_t src_v4, u_int32_t dst_v4,
struct ndpi_in6_addr *src_v6, struct ndpi_in6_addr *dst_v6,
u_int16_t src_port, u_int16_t dst_port,
@@ -1093,6 +1093,12 @@ extern "C" {
*/
void ndpi_reset_serializer(ndpi_serializer *serializer);
/**
* Hint to not create the header (used to avoid creaign the header when not used)
* @param serializer The serializer handle
*/
void ndpi_serializer_skip_header(ndpi_serializer *serializer);
/**
* Serialize a 32-bit unsigned int key and a 32-bit unsigned int value
* @param serializer The serializer handle
@@ -1521,12 +1527,14 @@ extern "C" {
int ndpi_ses_init(struct ndpi_ses_struct *ses, double alpha, float significance);
int ndpi_ses_add_value(struct ndpi_ses_struct *ses, const u_int64_t _value, double *forecast, double *confidence_band);
void ndpi_ses_fitting(double *values, u_int32_t num_values, float *ret_alpha);
/* ******************************* */
int ndpi_des_init(struct ndpi_des_struct *des, double alpha, double beta, float significance);
int ndpi_des_add_value(struct ndpi_des_struct *des, const u_int64_t _value, double *forecast, double *confidence_band);
void ndpi_des_fitting(double *values, u_int32_t num_values, float *ret_alpha, float *ret_beta);
/* ******************************* */
int ndpi_jitter_init(struct ndpi_jitter_struct *hw, u_int16_t num_periods);
@@ -1543,8 +1551,10 @@ extern "C" {
u_int8_t ndpi_is_protocol_detected(struct ndpi_detection_module_struct *ndpi_str,
ndpi_protocol proto);
void ndpi_serialize_risk(ndpi_serializer *serializer, struct ndpi_flow_struct *flow);
void ndpi_serialize_risk(ndpi_serializer *serializer, ndpi_risk_enum risk);
void ndpi_serialize_proto(struct ndpi_detection_module_struct *ndpi_struct,
ndpi_serializer *serializer, ndpi_risk_enum risk,
ndpi_protocol l7_protocol);
const char* ndpi_risk2str(ndpi_risk_enum risk);
const char* ndpi_severity2str(ndpi_risk_severity s);
ndpi_risk_info* ndpi_risk2severity(ndpi_risk_enum risk);
@@ -1569,16 +1579,17 @@ extern "C" {
/* ******************************* */
int ndpi_init_bin(struct ndpi_bin *b, enum ndpi_bin_family f, u_int8_t num_bins);
int ndpi_init_bin(struct ndpi_bin *b, enum ndpi_bin_family f, u_int16_t num_bins);
void ndpi_free_bin(struct ndpi_bin *b);
struct ndpi_bin* ndpi_clone_bin(struct ndpi_bin *b);
void ndpi_inc_bin(struct ndpi_bin *b, u_int8_t slot_id, u_int32_t val);
void ndpi_set_bin(struct ndpi_bin *b, u_int8_t slot_id, u_int32_t value);
u_int32_t ndpi_get_bin_value(struct ndpi_bin *b, u_int8_t slot_id);
void ndpi_inc_bin(struct ndpi_bin *b, u_int16_t slot_id, u_int32_t val);
void ndpi_set_bin(struct ndpi_bin *b, u_int16_t slot_id, u_int32_t value);
u_int32_t ndpi_get_bin_value(struct ndpi_bin *b, u_int16_t slot_id);
void ndpi_reset_bin(struct ndpi_bin *b);
void ndpi_normalize_bin(struct ndpi_bin *b);
char* ndpi_print_bin(struct ndpi_bin *b, u_int8_t normalize_first, char *out_buf, u_int out_buf_len);
float ndpi_bin_similarity(struct ndpi_bin *b1, struct ndpi_bin *b2, u_int8_t normalize_first);
float ndpi_bin_similarity(struct ndpi_bin *b1, struct ndpi_bin *b2,
u_int8_t normalize_first, float similarity_max_threshold);
int ndpi_cluster_bins(struct ndpi_bin *bins, u_int16_t num_bins,
u_int8_t num_clusters, u_int16_t *cluster_ids,
struct ndpi_bin *centroids);
@@ -1610,6 +1621,26 @@ extern "C" {
char* ndpi_get_flow_name(struct ndpi_flow_struct *flow);
/* ******************************* */
ndpi_bitmap* ndpi_bitmap_alloc(void);
void ndpi_bitmap_free(ndpi_bitmap* b);
u_int64_t ndpi_bitmap_cardinality(ndpi_bitmap* b);
void ndpi_bitmap_set(ndpi_bitmap* b, u_int32_t value);
void ndpi_bitmap_unset(ndpi_bitmap* b, u_int32_t value);
bool ndpi_bitmap_isset(ndpi_bitmap* b, u_int32_t value);
void ndpi_bitmap_clear(ndpi_bitmap* b);
size_t ndpi_bitmap_serialize(ndpi_bitmap* b, char **buf);
ndpi_bitmap* ndpi_bitmap_deserialize(char *buf);
void ndpi_bitmap_and(ndpi_bitmap* a, ndpi_bitmap* b_and);
void ndpi_bitmap_or(ndpi_bitmap* a, ndpi_bitmap* b_or);
ndpi_bitmap_iterator* ndpi_bitmap_iterator_alloc(ndpi_bitmap* b);
void ndpi_bitmap_iterator_free(ndpi_bitmap* b);
bool ndpi_bitmap_iterator_next(ndpi_bitmap_iterator* i, uint32_t *value);
/* ******************************* */
#ifdef __cplusplus
}
generated/nDPI/ndpi_config.h
+31 -16
View File
@@ -4,21 +4,30 @@
/* Define to 1 if you have the <dlfcn.h> header file. */
#define HAVE_DLFCN_H 1
/* Define to 1 if you have the <float.h> header file. */
#define HAVE_FLOAT_H 1
/* Define to 1 if you have the <inttypes.h> header file. */
#define HAVE_INTTYPES_H 1
/* Define to 1 if you have the <json.h> header file. */
/* #undef HAVE_JSON_H */
/* Define to 1 if you have the `gcrypt' library (-lgcrypt). */
/* #undef HAVE_LIBGCRYPT */
/* Define to 1 if you have the `gpg-error' library (-lgpg-error). */
/* #undef HAVE_LIBGPG_ERROR */
/* Define to 1 if you have the `json-c' library (-ljson-c). */
/* #undef HAVE_LIBJSON_C */
/* Define to 1 if you have the `m' library (-lm). */
/* #undef HAVE_LIBM */
/* Define to 1 if you have the `maxminddb' library (-lmaxminddb). */
/* #undef HAVE_LIBMAXMINDDB */
/* Define to 1 if you have the <math.h> header file. */
#define HAVE_MATH_H 1
/* MaxMind DB support */
/* #undef HAVE_MAXMINDDB */
@@ -32,14 +41,17 @@
/* #undef HAVE_PCRE */
/* Define if you have POSIX threads libraries and header files. */
#define HAVE_PTHREAD 1
/* #undef HAVE_PTHREAD */
/* Have PTHREAD_PRIO_INHERIT. */
#define HAVE_PTHREAD_PRIO_INHERIT 1
/* #undef HAVE_PTHREAD_PRIO_INHERIT */
/* libc has pthread_setaffinity_np */
/* #undef HAVE_PTHREAD_SETAFFINITY_NP */
/* rrdtool is present */
/* #undef HAVE_RRDTOOL */
/* Define to 1 if you have the <stdint.h> header file. */
#define HAVE_STDINT_H 1
@@ -71,40 +83,43 @@
/* #undef NDPI_ENABLE_DEBUG_MESSAGES */
/* Last GIT change */
#define NDPI_GIT_DATE "Thu Oct 14 14:31:59 2021 +0200"
#define NDPI_GIT_DATE "Tue Feb 1 09:14:05 2022 +0100"
/* GIT Release */
#define NDPI_GIT_RELEASE "4.0.0-3212-f732a761"
#define NDPI_GIT_RELEASE "4.2.0-3463-8b5c6af7"
/* nDPI major release */
#define NDPI_MAJOR_RELEASE "4"
/* nDPI minor release */
#define NDPI_MINOR_RELEASE "0"
#define NDPI_MINOR_RELEASE "2"
/* nDPI patch level */
#define NDPI_PATCH_LEVEL "0"
/* Define to 1 if your C compiler doesn't accept -c and -o together. */
/* #undef NO_MINUS_C_MINUS_O */
/* Name of package */
/* #undef PACKAGE */
#define PACKAGE "libndpi"
/* Define to the address where bug reports for this package should be sent. */
/* #undef PACKAGE_BUGREPORT */
#define PACKAGE_BUGREPORT ""
/* Define to the full name of this package. */
/* #undef PACKAGE_NAME */
#define PACKAGE_NAME "libndpi"
/* Define to the full name and version of this package. */
/* #undef PACKAGE_STRING */
#define PACKAGE_STRING "libndpi 4.2.0"
/* Define to the one symbol short name of this package. */
/* #undef PACKAGE_TARNAME */
#define PACKAGE_TARNAME "libndpi"
/* Define to the home page for this package. */
/* #undef PACKAGE_URL */
#define PACKAGE_URL ""
/* Define to the version of this package. */
/* #undef PACKAGE_VERSION */
#define PACKAGE_VERSION "4.2.0"
/* Define to necessary symbol if this constant uses a non-standard name on
your system. */
@@ -116,4 +131,4 @@
#define STDC_HEADERS 1
/* Version number of package */
/* #undef VERSION */
#define VERSION "4.2.0"
generated/nDPI/ndpi_define.h
+94 -12
View File
@@ -27,8 +27,8 @@
gcc -E -dM - < /dev/null |grep ENDIAN
*/
#if defined(__FreeBSD__) || defined(__NetBSD__) || defined(__OpenBSD__)
#include <machine/endian.h>
#if defined(__FreeBSD__) || defined(__NetBSD__)
#include <sys/endian.h>
#endif
#ifdef __OpenBSD__
@@ -156,6 +156,7 @@
/* misc definitions */
#define NDPI_DEFAULT_MAX_TCP_RETRANSMISSION_WINDOW_SIZE 0x10000
#define NDPI_MAX_NUM_PKTS_PER_FLOW_TO_DISSECT 32
/* TODO: rebuild all memory areas to have a more aligned memory block here */
@@ -171,20 +172,11 @@
#define NDPI_GNUTELLA_CONNECTION_TIMEOUT 60
#define NDPI_BATTLEFIELD_CONNECTION_TIMEOUT 60
#define NDPI_THUNDER_CONNECTION_TIMEOUT 30
#define NDPI_RTSP_CONNECTION_TIMEOUT 5
#define NDPI_TVANTS_CONNECTION_TIMEOUT 5
#define NDPI_YAHOO_DETECT_HTTP_CONNECTIONS 1
#define NDPI_YAHOO_LAN_VIDEO_TIMEOUT 30
#define NDPI_ZATTOO_CONNECTION_TIMEOUT 120
#define NDPI_ZATTOO_FLASH_TIMEOUT 5
#define NDPI_JABBER_STUN_TIMEOUT 30
#define NDPI_JABBER_FT_TIMEOUT 5
#define NDPI_SOULSEEK_CONNECTION_IP_TICK_TIMEOUT 600
#ifndef _NDPI_CONFIG_H_
#include "ndpi_config.h" /* To have access to NDPI_ENABLE_DEBUG_MESSAGES */
#define _NDPI_CONFIG_H_
#endif
#ifdef NDPI_ENABLE_DEBUG_MESSAGES
#define NDPI_LOG(proto, m, log_level, args...) \
@@ -321,7 +313,16 @@
#define get_u_int8_t(X,O) (*(u_int8_t *)((&(((u_int8_t *)X)[O]))))
#define get_u_int16_t(X,O) (*(u_int16_t *)((&(((u_int8_t *)X)[O]))))
#define get_u_int32_t(X,O) (*(u_int32_t *)((&(((u_int8_t *)X)[O]))))
#if defined(__arm__)
static inline u_int64_t get_u_int64_t(const u_int8_t* X, int O)
{
u_int64_t tmp;
memcpy(&tmp, X + O, sizeof(tmp));
return tmp;
}
#else
#define get_u_int64_t(X,O) (*(u_int64_t *)((&(((u_int8_t *)X)[O]))))
#endif // __arm__
/* new definitions to get little endian from network bytes */
#define get_ul8(X,O) get_u_int8_t(X,O)
@@ -345,11 +346,24 @@
#define snprintf _snprintf
#endif
#if defined(WIN32)
#undef strtok_r
#define strtok_r strtok_s
#if BYTE_ORDER == LITTLE_ENDIAN
#define le16toh(x) (x)
#define le32toh(x) (x)
#else
#error "byte order not supported"
#endif
#endif /* WIN32 */
#define NDPI_MAX_DNS_REQUESTS 16
#define NDPI_MIN_NUM_STUN_DETECTION 8
#define NDPI_MAJOR 4
#define NDPI_MINOR 0
#define NDPI_MINOR 2
#define NDPI_PATCH 0
/* IMPORTANT: order according to its severity */
@@ -382,4 +396,72 @@
#endif /* __APPLE__ */
#if defined(__MINGW32__)
#if __BYTE_ORDER__ == __ORDER_LITTLE_ENDIAN__
#define htobe16(x) htons(x)
#define htole16(x) (x)
#define be16toh(x) ntohs(x)
#define le16toh(x) (x)
#define htobe32(x) htonl(x)
#define htole32(x) (x)
#define be32toh(x) ntohl(x)
#define le32toh(x) (x)
#define htobe64(x) htonll(x)
#define htole64(x) (x)
#define be64toh(x) ntohll(x)
#define le64toh(x) (x)
#elif __BYTE_ORDER__ == __ORDER_BIG_ENDIAN__
#define htobe16(x) (x)
#define htole16(x) __builtin_bswap16(x)
#define be16toh(x) (x)
#define le16toh(x) __builtin_bswap16(x)
#define htobe32(x) (x)
#define htole32(x) __builtin_bswap32(x)
#define be32toh(x) (x)
#define le32toh(x) __builtin_bswap32(x)
#define htobe64(x) (x)
#define htole64(x) __builtin_bswap64(x)
#define be64toh(x) (x)
#define le64toh(x) __builtin_bswap64(x)
#else
#error Unexpected __BYTE_ORDER__
#endif /* __BYTE_ORDER__ */
#endif /* __MINGW32__ */
#ifndef ETH_ARP
#define ETH_ARP 0x0806
#endif
#ifndef ETH_P_IP
#define ETH_P_IP 0x0800 /* IPv4 */
#endif
#ifndef ETH_P_IPV6
#define ETH_P_IPV6 0x86dd /* IPv6 */
#endif
#ifndef ETH_P_VLAN
#define ETH_P_VLAN 0x8100
#endif
#ifndef ETH_P_MPLS_UNI
#define ETH_P_MPLS_UNI 0x8847
#endif
#ifndef ETH_P_MPLS_MULTI
#define ETH_P_MPLS_MULTI 0x8848
#endif
#ifndef ETH_P_PPPoE
#define ETH_P_PPPoE 0x8864
#endif
#endif /* __NDPI_DEFINE_INCLUDE_FILE__ */
submodules/nDPI
+1 -1
Submodule submodules/nDPI updated: 21b4b8bc22...d67dba69b7