IMBENJI.NET/waylume_server
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update nDPI analyzer for modern API

Browse Source 
- Use ndpi_global_init() and proper initialization
- Remove deprecated NDPI_PROTOCOL_BITMASK and related functions
- Use ndpi_flow_input_info structure for packet processing
- Remove confidence field (not available in current API)
This commit is contained in:
ImBenji
2025-08-29 16:07:08 +01:00
parent fe88b4bc3f
commit 6d2fa16717
1 changed files with 12 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
protocol_analyzer.c
View File

@@ -10,33 +10,24 @@
struct ndpi_detection_module_struct *ndpi_struct = NULL; struct ndpi_detection_module_struct *ndpi_struct = NULL;
struct ndpi_flow_struct *ndpi_flow = NULL; struct ndpi_flow_struct *ndpi_flow = NULL;
struct ndpi_id_struct *src_id = NULL, *dst_id = NULL;
void init_ndpi() { void init_ndpi() {
NDPI_PROTOCOL_BITMASK all; struct ndpi_global_context *g_ctx = ndpi_global_init();
ndpi_struct = ndpi_init_detection_module(); ndpi_struct = ndpi_init_detection_module(g_ctx);
if (ndpi_struct == NULL) { if (ndpi_struct == NULL) {
printf("ERROR: ndpi_init_detection_module failed\n"); printf("ERROR: ndpi_init_detection_module failed\n");
exit(1); exit(1);
} }
// Enable all protocols
NDPI_BITMASK_SET_ALL(all);
ndpi_set_protocol_detection_bitmask2(ndpi_struct, &all);
ndpi_finalize_initialization(ndpi_struct); ndpi_finalize_initialization(ndpi_struct);
// Allocate flow and ID structures // Allocate flow structure
ndpi_flow = calloc(1, NDPI_DETECTION_ONLY_IPV4_FLOW_SIZE); ndpi_flow = calloc(1, ndpi_detection_get_sizeof_ndpi_flow_struct());
src_id = calloc(1, NDPI_ID_SIZE);
dst_id = calloc(1, NDPI_ID_SIZE);
} }
void cleanup_ndpi() { void cleanup_ndpi() {
if (ndpi_flow) free(ndpi_flow); if (ndpi_flow) free(ndpi_flow);
if (src_id) free(src_id);
if (dst_id) free(dst_id);
if (ndpi_struct) ndpi_exit_detection_module(ndpi_struct); if (ndpi_struct) ndpi_exit_detection_module(ndpi_struct);
} }
@@ -79,13 +70,17 @@ void analyze_packet_from_hex(const char* hex_data) {
} }
// Reset flow for new analysis // Reset flow for new analysis
memset(ndpi_flow, 0, NDPI_DETECTION_ONLY_IPV4_FLOW_SIZE); memset(ndpi_flow, 0, ndpi_detection_get_sizeof_ndpi_flow_struct());
// Create flow input info
struct ndpi_flow_input_info input_info;
memset(&input_info, 0, sizeof(input_info));
// Perform nDPI detection // Perform nDPI detection
ndpi_protocol protocol = ndpi_detection_process_packet( ndpi_protocol protocol = ndpi_detection_process_packet(
ndpi_struct, ndpi_flow, packet_data, bin_len, ndpi_struct, ndpi_flow, packet_data, bin_len,
0, /* timestamp */ 0, /* timestamp */
src_id, dst_id &input_info
); );
// Output results in JSON format for easy parsing // Output results in JSON format for easy parsing
@@ -99,8 +94,7 @@ void analyze_packet_from_hex(const char* hex_data) {
printf(" \"src_port\": %u,\n", src_port); printf(" \"src_port\": %u,\n", src_port);
printf(" \"dst_port\": %u,\n", dst_port); printf(" \"dst_port\": %u,\n", dst_port);
printf(" \"protocol\": \"%s\",\n", ndpi_protocol2name(ndpi_struct, protocol, NULL, 0)); printf(" \"protocol\": \"%s\",\n", ndpi_protocol2name(ndpi_struct, protocol, NULL, 0));
printf(" \"category\": \"%s\",\n", ndpi_category_get_name(ndpi_struct, protocol.category)); printf(" \"category\": \"%s\"\n", ndpi_category_get_name(ndpi_struct, protocol.category));
printf(" \"confidence\": %u\n", protocol.confidence);
printf("}\n"); printf("}\n");
free(packet_data); free(packet_data);