IMBENJI.NET/waylume_server
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update nDPI analyzer for modern API

Browse Source 
- Use ndpi_global_init() and proper initialization
- Remove deprecated NDPI_PROTOCOL_BITMASK and related functions
- Use ndpi_flow_input_info structure for packet processing
- Remove confidence field (not available in current API)
This commit is contained in:
ImBenji
2025-08-29 16:07:08 +01:00
parent fe88b4bc3f
commit 6d2fa16717
1 changed files with 12 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
protocol_analyzer.c
View File

@@ -10,33 +10,24 @@
struct ndpi_detection_module_struct *ndpi_struct = NULL;
struct ndpi_flow_struct *ndpi_flow = NULL;
struct ndpi_id_struct *src_id = NULL, *dst_id = NULL;
void init_ndpi() {
NDPI_PROTOCOL_BITMASK all;
struct ndpi_global_context *g_ctx = ndpi_global_init();
ndpi_struct = ndpi_init_detection_module();
ndpi_struct = ndpi_init_detection_module(g_ctx);
if (ndpi_struct == NULL) {
printf("ERROR: ndpi_init_detection_module failed\n");
exit(1);
}
// Enable all protocols
NDPI_BITMASK_SET_ALL(all);
ndpi_set_protocol_detection_bitmask2(ndpi_struct, &all);
ndpi_finalize_initialization(ndpi_struct);
// Allocate flow and ID structures
ndpi_flow = calloc(1, NDPI_DETECTION_ONLY_IPV4_FLOW_SIZE);
src_id = calloc(1, NDPI_ID_SIZE);
dst_id = calloc(1, NDPI_ID_SIZE);
// Allocate flow structure
ndpi_flow = calloc(1, ndpi_detection_get_sizeof_ndpi_flow_struct());
}
void cleanup_ndpi() {
if (ndpi_flow) free(ndpi_flow);
if (src_id) free(src_id);
if (dst_id) free(dst_id);
if (ndpi_struct) ndpi_exit_detection_module(ndpi_struct);
}
@@ -79,13 +70,17 @@ void analyze_packet_from_hex(const char* hex_data) {
}
// Reset flow for new analysis
memset(ndpi_flow, 0, NDPI_DETECTION_ONLY_IPV4_FLOW_SIZE);
memset(ndpi_flow, 0, ndpi_detection_get_sizeof_ndpi_flow_struct());
// Perform nDPI detection
// Create flow input info
struct ndpi_flow_input_info input_info;
memset(&input_info, 0, sizeof(input_info));
// Perform nDPI detection
ndpi_protocol protocol = ndpi_detection_process_packet(
ndpi_struct, ndpi_flow, packet_data, bin_len,
0, /* timestamp */
src_id, dst_id
&input_info
);
// Output results in JSON format for easy parsing
@@ -99,8 +94,7 @@ void analyze_packet_from_hex(const char* hex_data) {
printf(" \"src_port\": %u,\n", src_port);
printf(" \"dst_port\": %u,\n", dst_port);
printf(" \"protocol\": \"%s\",\n", ndpi_protocol2name(ndpi_struct, protocol, NULL, 0));
printf(" \"category\": \"%s\",\n", ndpi_category_get_name(ndpi_struct, protocol.category));
printf(" \"confidence\": %u\n", protocol.confidence);
printf(" \"category\": \"%s\"\n", ndpi_category_get_name(ndpi_struct, protocol.category));
printf("}\n");
free(packet_data);