Hi, I might have missed some other source for using nDPI with netfilter
so I'm trying to update the code here to work with nDPI:
https://github.com/thomasbhatia/opendpi-netfilter
As part of that I observe some uses of libc functions in the protocol
detection and also I need a prototype for "ndpi_int_add_connection()"
(in fact could the whole removal of the prototypes in
ndpi_protocol_history.h be reverted and they be all left in for use by
external modules?)
I have attached a patch - grateful for your consideration or comments
Thanks
Ed W
diff -ur nDPI.svn.orig/src/include/ndpi_protocol_history.h
nDPI.svn/src/include/ndpi_protocol_history.h
--- nDPI.svn.orig/src/include/ndpi_protocol_history.h 2012-09-29
18:21:40.000000000 +0100
+++ nDPI.svn/src/include/ndpi_protocol_history.h 2012-10-01
18:19:25.000000000 +0100
@@ -30,5 +30,8 @@
NDPI_CORRELATED_PROTOCOL = 1
} ndpi_protocol_type_t;
+void ndpi_int_add_connection(struct ndpi_detection_module_struct *ndpi_struct,
+ struct ndpi_flow_struct *flow,
+ u_int16_t detected_protocol, ndpi_protocol_type_t
protocol_type);
#endif
diff -ur nDPI.svn.orig/src/lib/protocols/netflow.c
nDPI.svn/src/lib/protocols/netflow.c
--- nDPI.svn.orig/src/lib/protocols/netflow.c 2012-10-01 17:55:32.000000000
+0100
+++ nDPI.svn/src/lib/protocols/netflow.c 2012-10-01 18:20:50.000000000
+0100
@@ -42,7 +42,15 @@
when = ntohl(*_when);
- if((when >= 946684800 /* 1/1/2000 */) && (when <= time(NULL))) {
+#ifndef OPENDPI_NETFILTER_MODULE
+ time_t now = time(NULL);
+#else
+ struct timeval now_tv;
+ do_gettimeofday(&now_tv);
+ time_t now = now_tv.tv_sec;
+#endif
+
+ if((when >= 946684800 /* 1/1/2000 */) && (when <= now)) {
NDPI_LOG(NDPI_PROTOCOL_NETFLOW, ndpi_struct, NDPI_LOG_DEBUG, "Found
netflow.\n");
ndpi_int_add_connection(ndpi_struct, flow, NDPI_PROTOCOL_NETFLOW,
NDPI_REAL_PROTOCOL);
return;
diff -ur nDPI.svn.orig/src/lib/protocols/ssl.c nDPI.svn/src/lib/protocols/ssl.c
--- nDPI.svn.orig/src/lib/protocols/ssl.c 2012-10-01 17:55:32.000000000
+0100
+++ nDPI.svn/src/lib/protocols/ssl.c 2012-10-01 18:23:30.000000000 +0100
@@ -38,8 +38,22 @@
}
#ifndef WIN32
+#ifndef OPENDPI_NETFILTER_MODULE
inline int min(int a, int b) { return(a < b ? a : b); }
#endif
+#endif
+
+#ifdef OPENDPI_NETFILTER_MODULE
+/* Can't call libc functions from kernel space, define some stub instead */
+#define isalpha(ch) (((ch) >= 'a' && (ch) <= 'z') || ((ch) >= 'A' && (ch) <=
'Z'))
+#define isdigit(ch) ((ch) >= '0' && (ch) <= '9')
+#define isspace(ch) (((ch) >= '\t' && (ch) <= '\r') || ((ch) == ' '))
+#define isprint(ch) ((ch) >= 0x20 && (ch) <= 0x7e)
+#define ispunct(ch) (((ch) >= '!' && (ch) <= '/') || \
+ ((ch) >= ':' && (ch) <= '@') || \
+ ((ch) >= '[' && (ch) <= '`') || \
+ ((ch) >= '{' && (ch) <= '~'))
+#endif
static void stripCertificateTrailer(char *buffer, int buffer_len) {
int i;
_______________________________________________
Ntop-dev mailing list
[email protected]
http://listgateway.unipi.it/mailman/listinfo/ntop-dev
