Tags: utoni/nDPId
Tags
Support PF\_RING and read/parse configuration files * Bump jsmn and uthash * Read and parse configuration files for nDPId (+ libnDPI) and nDPIsrvd * Added loading risk domains from a file (`-R`, thanks to @UnveilTech) * Added Filebeat configuration file * Improved hostname handling; will now always be part of `analyse`/`end`/`idle` events (if dissected) * Improved Documentation (INSTALL / Schema) * Added PF\_RING support * Improved nDPIsrvd-analyse to write global stats to a CSV * Added global (heap) memory stats for daemon status events (if enabled) * Fixed IPv6 address/netmask retrieval on some systems * Improved nDPIsrvd-collect; gauges and counters are now handled the right way * Added nDPId Grafana dashboard * Fixed `detection-update` event bug; was thrown even if nothing changed * Fixed `not-detected` event spam if detection not completed (in some rare cases) * Improved InfluxDB push daemon (severity parsing / gauge handling) * Improved zLib compression * Fixed nDPIsrvd-collectd missing escape character
Support PF\_RING and read/parse configuration files * Bump jsmn and uthash * Read and parse configuration files for nDPId (+ libnDPI) and nDPIsrvd * Added loading risk domains from a file (`-R`, thanks to @UnveilTech) * Added Filebeat configuration file * Improved hostname handling; will now always be part of `analyse`/`end`/`idle` events (if dissected) * Improved Documentation (INSTALL / Schema) * Added PF\_RING support * Improved nDPIsrvd-analyse to write global stats to a CSV * Added global (heap) memory stats for daemon status events (if enabled) * Fixed IPv6 address/netmask retrieval on some systems * Improved nDPIsrvd-collect; gauges and counters are now handled the right way * Added nDPId Grafana dashboard * Fixed `detection-update` event bug; was thrown even if nothing changed * Fixed `not-detected` event spam if detection not completed (in some rare cases) * Improved InfluxDB push daemon (severity parsing / gauge handling) * Improved zLib compression * Fixed nDPIsrvd-collectd missing escape character
Support PF\_RING and read/parse configuration files * Read and parse configuration files for nDPId (+ libnDPI) and nDPIsrvd * Added loading risk domains from a file (`-R`, thanks to @UnveilTech) * Added Filebeat configuration file * Improved hostname handling; will now always be part of `analyse`/`end`/`idle` events (if dissected) * Improved Documentation (INSTALL / Schema) * Added PF\_RING support * Improved nDPIsrvd-analyse to write global stats to a CSV * Added global (heap) memory stats for daemon status events (if enabled) * Fixed IPv6 address/netmask retrieval on some systems * Improved nDPIsrvd-collect; gauges and counters are now handled the right way * Added nDPId Grafana dashboard * Fixed `detection-update` event bug; was thrown even if nothing changed * Fixed `not-detected` event spam if detection not completed (in some rare cases) * Improved InfluxDB push daemon (severity parsing / gauge handling) * Improved zLib compression * Fixed nDPIsrvd-collectd missing escape character
OpenWrt, OSX and *BSD * Added Event I/O abstraction layer (supporting only poll/epoll by now) * Support for OSX and *BSD systems * Added proper DLT_RAW dissection for IPv4 and IPv6 * Improved TCP timeout handling if FIN/RST seen which caused Midstream TCP flows when there shouldn't be any * Fixed a crash if `nDPId -o value=''` was used * Added OpenWrt packaging * Added new flow event "analyse" used to give some statistical information about active flows * Added new analyse event daemon which generates CSV files from such events * Fixed a crash in nDPIsrvd if a collector closes a connection * Support `nDPId` to send it's data to a UDP endpoint instead of a nDPIsrvd collector * Added events and flow states documentation * Added basic systemd support * Fixed a bug in base64 encoding which could lead to invalid base64 strings * Added some machine learning examples * Fixed various smaller bugs * Fixed nDPIsrvd bug which causes invalid JSON strings sent to Distributors
OpenWrt, OSX and *BSD * Added Event I/O abstraction layer (supporting only poll/epoll by now). * Support for OSX and *BSD systems. * Added proper DLT_RAW dissection for IPv4 and IPv6. * Improved TCP timeout handling if FIN/RST seen which caused Midstream TCP flows when there shouldn't be any. * Fixed a crash if `nDPId -o value=''` was used. * Added OpenWrt packaging. * Added new flow event "analyse" used to give some statistical information about active flows. * Added new analyse event daemon which generates CSV files from such events. * Fixed a crash in nDPIsrvd if a collector closes a connection. * Support `nDPId` to send it's data to a UDP endpoint instead of a nDPIsrvd collector. * Added events and flow states documentation. * Added basic systemd support. * Fixed a bug in base64 encoding which could lead to invalid base64 strings. * Added some machine learning examples. * Fixed various smaller bugs.
OpenWrt, OSX and *BSD * Added Event I/O abstraction layer (supporting only poll/epoll by now). * Support for OSX and *BSD systems. * Added proper DLT_RAW dissection for IPv4 and IPv6. * Improved TCP timeout handling if FIN/RST seen which caused Midstream TCP flows when there shouldn't be any. * Fixed a crash if `nDPId -o value=''` was used. * Added OpenWrt packaging. * Added new flow event "analyse" used to give some statistical information about active flows. * Added new analyse event daemon which generates CSV files from such events. * Fixed a crash in nDPIsrvd if a collector closes a connection. * Support `nDPId` to send it's data to a UDP endpoint instead of a nDPIsrvd collector. * Added events and flow states documentation. * Added basic systemd support. * Fixed a bug in base64 encoding which could lead to invalid base64 strings. * Added some machine learning examples. * Fixed various smaller bugs.
OpenWrt, OSX and *BSD * Added Event I/O abstraction layer (supporting only poll/epoll by now). * Support for OSX and *BSD systems. * Added proper DLT_RAW dissection for IPv4 and IPv6. * Improved TCP timeout handling if FIN/RST seen which caused Midstream TCP flows when there shouldn't be any. * Fixed a crash if `nDPId -o value=''` was used. * Added OpenWrt packaging. * Added new flow event "analyse" used to give some statistical information about active flows. * Added new analyse event daemon which generates CSV files from such events. * Fixed a crash in nDPIsrvd if a collector closes a connection. * Support `nDPId` to send it's data to a UDP endpoint instead of a nDPIsrvd collector. * Added events and flow states documentation. * Added basic systemd support. * Fixed a bug in base64 encoding which could lead to invalid base64 strings. * Added some machine learning examples. * Fixed various smaller bugs.
OpenWrt, OSX and *BSD * Added Event I/O abstraction layer (supporting only poll/epoll by now). * Support for OSX and *BSD systems. * Added proper DLT_RAW dissection for IPv4 and IPv6. * Improved TCP timeout handling if FIN/RST seen which caused Midstream TCP flows when there shouldn't be any. * Fixed a crash if `nDPId -o value=''` was used. * Added OpenWrt packaging. * Added new flow event "analyse" used to give some statistical information about active flows. * Added new analyse event daemon which generates CSV files from such events. * Fixed a crash in nDPIsrvd if a collector closes a connection. * Support `nDPId` to send it's data to a UDP endpoint instead of a nDPIsrvd collector. * Added events and flow states documentation. * Added basic systemd support. * Fixed a bug in base64 encoding which could lead to invalid base64 strings. * Added some machine learning examples. * Fixed various smaller bugs.
Major nDPId extension * Improved nDPId cross compilation * zLib flow memory compression (Experimental!) * Memory profiling for nDPId-test * JSMN with parent link support for subtoken iteration * Refactored nDPIsrvd buffer and buffer bloat handling * Upgraded JSMN/uthash * Improved nDPIsrvd.(h|py) debugging capability for client apps * Advanced flow usage logging usable for memory profiling * Support for dissection additional layer2/layer3 protocols * Serialize more JSON information * Add TCP/IP support for nDPIsrvd * Improved nDPIsrvd connection lost behaviour * Reworked Python/C distributor API * Support read()/recv() timeouts and nonblocking I/O
PreviousNext