Works now, thank you!

(For the record: there's no existing file, you ought to create a new one in format described here <http://www.ntop.org/ndpi/configuring-ndpi-for-custom-protocol-detection/> for port-based protocol detection and specify this file in --ndpi-protocols argument of ntopng.)


--

With Best Regards,
Marat Khalili

On 10/08/17 15:10, Simone Mainardi wrote:
Marat,

On 10 Aug 2017, at 13:35, Marat Khalili <m...@rqc.ru <mailto:m...@rqc.ru>> wrote:


If you are capturing raw packets, then I encourage you to submit a request on the nDPI GitHub page along with a pcap of the traffic you are interested in supporting.
I'm using NetFlow, unfortunately.


If you are collecting NetFlow data, you can't leverage nDPI as no packet payload can be inspected by either nProbe or ntopng. In that case, please, use http://www.ntop.org/ndpi/configuring-ndpi-for-custom-protocol-detection/
I've read this page. It says that I can specify protocols in some configuration file with some simple format. But there's this file and how can it be enabled? And is it used during build or runtime?

See for example https://github.com/ntop/nDPI/issues/309#issuecomment-263911392

Hint: use google to search for previous similar questions: "site:https://github.com/ntop/ custom ndpi protocols"


--

With Best Regards,
Marat Khalili

On 10/08/17 10:43, Simone Mainardi wrote:
Marat,

If you are capturing raw packets, then I encourage you to submit a request on the nDPI GitHub page along with a pcap of the traffic you are interested in supporting.

If you are collecting NetFlow data, you can't leverage nDPI as no packet payload can be inspected by either nProbe or ntopng. In that case, please, use http://www.ntop.org/ndpi/configuring-ndpi-for-custom-protocol-detection/

Regards,
Simone

On 10 Aug 2017, at 09:16, Marat Khalili <m...@rqc.ru <mailto:m...@rqc.ru>> wrote:

Deal ntopng authors,
Dear all,

What can I do to make more ports/applications recognized by ntopng? Particularly I miss recognition of the following ports:

2193: both TCP and UDP registered by IANA for Dr.Web Enterprise Management Service
4971 TCP: BURP - BackUp and Restore Program
4972 TCP: BURP - BackUp and Restore Program (status requests)

Last two are not registered anywhere I afraid.


--

With Best Regards,
Marat Khalili
_______________________________________________
Ntop-misc mailing list
Ntop-misc@listgateway.unipi.it <mailto:Ntop-misc@listgateway.unipi.it>
http://listgateway.unipi.it/mailman/listinfo/ntop-misc



_______________________________________________
Ntop-misc mailing list
Ntop-misc@listgateway.unipi.it
http://listgateway.unipi.it/mailman/listinfo/ntop-misc

_______________________________________________
Ntop-misc mailing list
Ntop-misc@listgateway.unipi.it <mailto:Ntop-misc@listgateway.unipi.it>
http://listgateway.unipi.it/mailman/listinfo/ntop-misc



_______________________________________________
Ntop-misc mailing list
Ntop-misc@listgateway.unipi.it
http://listgateway.unipi.it/mailman/listinfo/ntop-misc

_______________________________________________
Ntop-misc mailing list
Ntop-misc@listgateway.unipi.it
http://listgateway.unipi.it/mailman/listinfo/ntop-misc

Reply via email to