Skip to content

Commit

Permalink
Merge pull request #1 from ntop/dev
Browse files Browse the repository at this point in the history 
Merge the latest main branch
  • Loading branch information
@zyingp
zyingp committed Feb 5, 2018
2 parents 5e0880d + ea74d87 commit e641294
Show file tree
Hide file tree
Showing 9 changed files with 26 additions and 20 deletions.
2 changes: 1 addition & 1 deletion src/lib/ndpi_content_match.c.inc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -216,7 +216,7 @@ static ndpi_network host_protocol_list[] = {
{ 0x344D0000 /* 52.77.0.0/16 */, 16, NDPI_PROTOCOL_AMAZON },
{ 0x344E0000 /* 52.78.0.0/16 */, 16, NDPI_PROTOCOL_AMAZON },
{ 0x344F0000 /* 52.79.0.0/16 */, 16, NDPI_PROTOCOL_AMAZON },
{ 0x3452BB00 /* 52.82.0.0/14 */, 14, NDPI_PROTOCOL_AMAZON },
{ 0x34520000 /* 52.82.0.0/14 */, 14, NDPI_PROTOCOL_AMAZON },
{ 0x34580000 /* 52.88.0.0/13 */, 13, NDPI_PROTOCOL_AMAZON },
{ 0x345A0000 /* 52.90.0.0/15 */, 15, NDPI_PROTOCOL_AMAZON },
{ 0x345F0000 /* 52.95.0.0/21 */, 21, NDPI_PROTOCOL_AMAZON },
Expand Down
8 changes: 4 additions & 4 deletions tests/result/http_ipv6.pcap.out
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,10 +5,10 @@ QUIC 3 502 1
ntop 80 36401 4

1 UDP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:45931 <-> [2a00:1450:4001:803::1017]:443 [proto: 188.126/QUIC.Google][33 pkts/7741 bytes <-> 29 pkts/8236 bytes][Host: www.google.it]
2 TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:37506 <-> [2a03:b0c0:3:d0::70:1001]:443 [proto: 91.238/SSL.ntop][14 pkts/3969 bytes <-> 12 pkts/11648 bytes][client: www.ntop.org]
3 TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:37486 <-> [2a03:b0c0:3:d0::70:1001]:443 [proto: 91.238/SSL.ntop][11 pkts/1292 bytes <-> 8 pkts/5722 bytes][client: www.ntop.org]
4 TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:37494 <-> [2a03:b0c0:3:d0::70:1001]:443 [proto: 91.238/SSL.ntop][10 pkts/1206 bytes <-> 8 pkts/5722 bytes][client: www.ntop.org]
5 TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:37488 <-> [2a03:b0c0:3:d0::70:1001]:443 [proto: 91.238/SSL.ntop][10 pkts/1206 bytes <-> 7 pkts/5636 bytes][client: www.ntop.org]
2 TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:37506 <-> [2a03:b0c0:3:d0::70:1001]:443 [proto: 91.241/SSL.ntop][14 pkts/3969 bytes <-> 12 pkts/11648 bytes][client: www.ntop.org]
3 TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:37486 <-> [2a03:b0c0:3:d0::70:1001]:443 [proto: 91.241/SSL.ntop][11 pkts/1292 bytes <-> 8 pkts/5722 bytes][client: www.ntop.org]
4 TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:37494 <-> [2a03:b0c0:3:d0::70:1001]:443 [proto: 91.241/SSL.ntop][10 pkts/1206 bytes <-> 8 pkts/5722 bytes][client: www.ntop.org]
5 TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:37488 <-> [2a03:b0c0:3:d0::70:1001]:443 [proto: 91.241/SSL.ntop][10 pkts/1206 bytes <-> 7 pkts/5636 bytes][client: www.ntop.org]
6 TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:53132 <-> [2a02:26f0:ad:197::236]:443 [proto: 91.119/SSL.Facebook][7 pkts/960 bytes <-> 5 pkts/4227 bytes][client: s-static.ak.facebook.com][server: *.ak.fbcdn.net]
7 TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:53134 <-> [2a02:26f0:ad:197::236]:443 [proto: 91.119/SSL.Facebook][6 pkts/874 bytes <-> 4 pkts/4141 bytes][client: s-static.ak.facebook.com][server: *.ak.fbcdn.net]
8 TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:41776 <-> [2a00:1450:4001:803::1017]:443 [proto: 91/SSL][7 pkts/860 bytes <-> 7 pkts/1353 bytes]
Expand Down
2 changes: 1 addition & 1 deletion tests/result/mpeg.pcap.out
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
ntop 19 10643 1

1 TCP 192.168.80.160:55804 <-> 46.101.157.119:80 [proto: 7.238/HTTP.ntop][9 pkts/754 bytes <-> 10 pkts/9889 bytes][Host: luca.ntop.org]
1 TCP 192.168.80.160:55804 <-> 46.101.157.119:80 [proto: 7.241/HTTP.ntop][9 pkts/754 bytes <-> 10 pkts/9889 bytes][Host: luca.ntop.org]
7 changes: 4 additions & 3 deletions tests/result/ocs.pcap.out
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,15 +2,16 @@ Unknown 6 360 1
DNS 3 214 3
HTTP 13 1019 2
SSL 20 2715 1
Google 40 5453 5
Google 27 3176 3
OCS 863 57552 7
PlayStore 1 72 1
GoogleServices 13 2277 2

1 TCP 192.168.180.2:49881 -> 178.248.208.54:80 [proto: 7.218/HTTP.OCS][751 pkts/44783 bytes -> 0 pkts/0 bytes][Host: ocu03.labgency.ws]
2 TCP 192.168.180.2:36680 -> 178.248.208.54:443 [proto: 91.218/SSL.OCS][20 pkts/6089 bytes -> 0 pkts/0 bytes][client: ocs.labgency.ws]
3 TCP 192.168.180.2:42590 -> 178.248.208.210:80 [proto: 7.218/HTTP.OCS][83 pkts/5408 bytes -> 0 pkts/0 bytes][Host: www.ocs.fr]
4 TCP 192.168.180.2:39263 -> 23.21.230.199:443 [proto: 91/SSL][20 pkts/2715 bytes -> 0 pkts/0 bytes][client: settings.crashlytics.com]
5 TCP 192.168.180.2:32946 -> 64.233.184.188:443 [proto: 91.126/SSL.Google][12 pkts/2212 bytes -> 0 pkts/0 bytes][client: mtalk.google.com]
5 TCP 192.168.180.2:32946 -> 64.233.184.188:443 [proto: 91.239/SSL.GoogleServices][12 pkts/2212 bytes -> 0 pkts/0 bytes][client: mtalk.google.com]
6 TCP 192.168.180.2:47803 -> 64.233.166.95:443 [proto: 91.126/SSL.Google][12 pkts/1608 bytes -> 0 pkts/0 bytes]
7 TCP 192.168.180.2:41223 -> 216.58.208.46:443 [proto: 91.126/SSL.Google][13 pkts/1448 bytes -> 0 pkts/0 bytes]
8 TCP 192.168.180.2:48250 -> 178.248.208.54:80 [proto: 7.218/HTTP.OCS][6 pkts/1092 bytes -> 0 pkts/0 bytes][Host: ocu03.labgency.ws]
Expand All @@ -21,7 +22,7 @@ PlayStore 1 72 1
13 UDP 192.168.180.2:48770 -> 8.8.8.8:53 [proto: 5.228/DNS.PlayStore][1 pkts/72 bytes -> 0 pkts/0 bytes][Host: android.clients.google.com]
14 UDP 192.168.180.2:40097 -> 8.8.8.8:53 [proto: 5/DNS][1 pkts/70 bytes -> 0 pkts/0 bytes][Host: settings.crashlytics.com]
15 UDP 192.168.180.2:1291 -> 8.8.8.8:53 [proto: 5/DNS][1 pkts/67 bytes -> 0 pkts/0 bytes][Host: api.eu01.capptain.com]
16 UDP 192.168.180.2:11793 -> 8.8.8.8:53 [proto: 5.126/DNS.Google][1 pkts/65 bytes -> 0 pkts/0 bytes][Host: play.googleapis.com]
16 UDP 192.168.180.2:11793 -> 8.8.8.8:53 [proto: 5.239/DNS.GoogleServices][1 pkts/65 bytes -> 0 pkts/0 bytes][Host: play.googleapis.com]
17 UDP 192.168.180.2:38472 -> 8.8.8.8:53 [proto: 5.218/DNS.OCS][1 pkts/63 bytes -> 0 pkts/0 bytes][Host: ocu03.labgency.ws]
18 UDP 192.168.180.2:2589 -> 8.8.8.8:53 [proto: 5.218/DNS.OCS][1 pkts/61 bytes -> 0 pkts/0 bytes][Host: ocs.labgency.ws]
19 UDP 192.168.180.2:24245 -> 8.8.8.8:53 [proto: 5.218/DNS.OCS][1 pkts/56 bytes -> 0 pkts/0 bytes][Host: www.ocs.fr]
Expand Down
5 changes: 3 additions & 2 deletions tests/result/skype.pcap.out
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,10 +8,11 @@ IGMP 5 258 4
SSL 96 8876 7
Dropbox 38 17948 5
Skype 2139 324409 249
Apple 15 2045 2
Apple 3 168 1
AppleiCloud 88 20520 2
Spotify 5 430 1
MS_OneDrive 387 198090 1
ApplePush 12 1877 1

1 TCP 192.168.1.34:50028 <-> 157.56.126.211:443 [proto: 91.221/SSL.MS_OneDrive][187 pkts/42539 bytes <-> 200 pkts/155551 bytes][server: *.gateway.messenger.live.com]
2 TCP 192.168.1.34:50108 <-> 157.56.52.28:40009 [proto: 125/Skype][231 pkts/60232 bytes <-> 241 pkts/104395 bytes]
Expand All @@ -33,7 +34,7 @@ MS_OneDrive 387 198090 1
18 UDP 192.168.1.92:17500 -> 255.255.255.255:17500 [proto: 121/Dropbox][5 pkts/2720 bytes -> 0 pkts/0 bytes]
19 TCP 192.168.1.34:50090 <-> 23.206.33.166:443 [proto: 91.125/SSL.Skype][12 pkts/2140 bytes <-> 3 pkts/200 bytes][client: apps.skype.com]
20 TCP 192.168.1.34:50134 <-> 157.56.53.47:12350 [proto: 125/Skype][11 pkts/1578 bytes <-> 4 pkts/342 bytes]
21 TCP 17.143.160.22:5223 <-> 192.168.1.34:49447 [proto: 140/Apple][6 pkts/1211 bytes <-> 6 pkts/666 bytes]
21 TCP 17.143.160.22:5223 <-> 192.168.1.34:49447 [proto: 238/ApplePush][6 pkts/1211 bytes <-> 6 pkts/666 bytes]
22 TCP 192.168.1.34:50091 <-> 157.55.235.146:443 [proto: 91.125/SSL.Skype][13 pkts/1554 bytes <-> 3 pkts/200 bytes]
23 TCP 192.168.1.34:50122 <-> 81.133.19.185:44431 [proto: 125/Skype][14 pkts/1090 bytes <-> 6 pkts/534 bytes]
24 TCP 192.168.1.34:50039 <-> 213.199.179.175:443 [proto: 91/SSL][13 pkts/1392 bytes <-> 3 pkts/200 bytes]
Expand Down
5 changes: 3 additions & 2 deletions tests/result/skype_no_unknown.pcap.out
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,8 +8,9 @@ IGMP 4 226 4
SSL 79 7742 6
Dropbox 16 7342 5
Skype 1291 190136 223
Apple 84 20699 2
Apple 76 19581 1
MS_OneDrive 348 181687 1
ApplePush 8 1118 1

1 TCP 192.168.1.34:51230 <-> 157.56.126.211:443 [proto: 91.221/SSL.MS_OneDrive][166 pkts/39042 bytes <-> 182 pkts/142645 bytes][server: *.gateway.messenger.live.com]
2 TCP 192.168.1.34:51279 <-> 111.221.74.48:40008 [proto: 125/Skype][101 pkts/30681 bytes <-> 98 pkts/59934 bytes]
Expand Down Expand Up @@ -68,7 +69,7 @@ MS_OneDrive 348 181687 1
55 TCP 192.168.1.34:51313 <-> 212.161.8.36:13392 [proto: 125/Skype][11 pkts/855 bytes <-> 3 pkts/287 bytes]
56 UDP 192.168.1.1:137 <-> 192.168.1.34:137 [proto: 10/NetBIOS][6 pkts/958 bytes <-> 2 pkts/184 bytes]
57 TCP 192.168.1.34:51311 <-> 93.79.224.176:14506 [proto: 125/Skype][11 pkts/848 bytes <-> 3 pkts/286 bytes]
58 TCP 17.143.160.149:5223 <-> 192.168.1.34:50407 [proto: 140/Apple][4 pkts/674 bytes <-> 4 pkts/444 bytes]
58 TCP 17.143.160.149:5223 <-> 192.168.1.34:50407 [proto: 238/ApplePush][4 pkts/674 bytes <-> 4 pkts/444 bytes]
59 UDP 192.168.1.34:17500 -> 192.168.1.255:17500 [proto: 121/Dropbox][2 pkts/1088 bytes -> 0 pkts/0 bytes]
60 UDP 192.168.1.34:17500 -> 255.255.255.255:17500 [proto: 121/Dropbox][2 pkts/1088 bytes -> 0 pkts/0 bytes]
61 UDP 192.168.1.92:17500 -> 192.168.1.255:17500 [proto: 121/Dropbox][2 pkts/1088 bytes -> 0 pkts/0 bytes]
Expand Down
7 changes: 4 additions & 3 deletions tests/result/viber_mobile.pcap.out
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,10 +8,11 @@ SSL 72 21126 6
Facebook 50 17455 3
Dropbox 2 163 1
GMail 35 14773 2
Google 76 17175 8
Google 59 14520 6
WhatsApp 38 6756 3
Viber 10081 1413446 4
Amazon 8 528 1
GoogleServices 17 2655 2

1 UDP 192.168.200.222:48564 <-> 54.169.63.186:7985 [proto: 144/Viber][4192 pkts/515224 bytes <-> 5865 pkts/895629 bytes]
2 TCP 192.168.200.222:38039 <-> 31.13.79.246:443 [proto: 91.119/SSL.Facebook][19 pkts/3115 bytes <-> 18 pkts/13053 bytes][client: graph.facebook.com][server: *.facebook.com]
Expand All @@ -22,7 +23,7 @@ Amazon 8 528 1
7 TCP 192.168.200.222:40005 <-> 108.168.176.234:443 [proto: 142/WhatsApp][13 pkts/1401 bytes <-> 16 pkts/4545 bytes]
8 TCP 192.168.200.222:43287 <-> 52.0.253.46:443 [proto: 64/SSL_No_Cert][22 pkts/3437 bytes <-> 14 pkts/2437 bytes]
9 TCP 192.168.200.222:59011 <-> 74.125.130.188:5228 [proto: 126/Google][8 pkts/3893 bytes <-> 8 pkts/1945 bytes]
10 TCP 192.168.200.222:57999 <-> 74.125.130.188:5228 [proto: 91.126/SSL.Google][7 pkts/1505 bytes <-> 8 pkts/953 bytes][client: mtalk.google.com]
10 TCP 192.168.200.222:57999 <-> 74.125.130.188:5228 [proto: 91.239/SSL.GoogleServices][7 pkts/1505 bytes <-> 8 pkts/953 bytes][client: mtalk.google.com]
11 TCP 192.168.200.222:36675 -> 112.124.219.82:80 [proto: 7/HTTP][9 pkts/2188 bytes -> 0 pkts/0 bytes][Host: androiddailyyogacn.oss-cn-hangzhou.aliyuncs.com]
12 TCP 52.0.253.46:4244 <-> 192.168.200.222:43454 [proto: 144/Viber][8 pkts/1187 bytes <-> 8 pkts/856 bytes]
13 UDP 192.168.200.222:39413 <-> 24.43.1.206:17193 [proto: 37/BitTorrent][4 pkts/996 bytes <-> 4 pkts/996 bytes]
Expand Down Expand Up @@ -71,7 +72,7 @@ Amazon 8 528 1
56 UDP 192.168.200.222:55854 <-> 8.8.8.8:53 [proto: 5/DNS][1 pkts/70 bytes <-> 1 pkts/166 bytes][Host: s.jpush.cn]
57 UDP 192.168.200.222:60474 <-> 8.8.8.8:53 [proto: 5/DNS][1 pkts/77 bytes <-> 1 pkts/141 bytes][Host: easytomessage.com]
58 UDP 192.168.200.222:39695 <-> 8.8.8.8:53 [proto: 5.119/DNS.Facebook][1 pkts/78 bytes <-> 1 pkts/136 bytes][Host: graph.facebook.com]
59 UDP 192.168.200.222:47874 <-> 8.8.8.8:53 [proto: 5.126/DNS.Google][1 pkts/76 bytes <-> 1 pkts/121 bytes][Host: mtalk.google.com]
59 UDP 192.168.200.222:47874 <-> 8.8.8.8:53 [proto: 5.239/DNS.GoogleServices][1 pkts/76 bytes <-> 1 pkts/121 bytes][Host: mtalk.google.com]
60 ICMP 192.168.200.222:0 -> 192.168.1.1:0 [proto: 81/ICMP][2 pkts/196 bytes -> 0 pkts/0 bytes]
61 UDP 192.168.200.222:39149 <-> 8.8.8.8:53 [proto: 5/DNS][1 pkts/72 bytes <-> 1 pkts/120 bytes][Host: sis.jpush.io]
62 ICMP 37.214.167.82:0 -> 192.168.200.222:0 [proto: 81/ICMP][1 pkts/174 bytes -> 0 pkts/0 bytes]
Expand Down
5 changes: 3 additions & 2 deletions tests/result/whatsapp_login_call.pcap.out
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,19 +6,20 @@ ICMP 10 700 1
SSL 8 589 2
Facebook 70 9464 14
Dropbox 4 2176 1
Apple 127 28102 20
Apple 105 22176 19
WhatsApp 182 25154 2
Spotify 3 258 1
WhatsAppVoice 706 91156 4
AppleStore 85 28087 2
ApplePush 22 5926 1

1 UDP 192.168.2.4:51518 <-> 91.253.176.65:9344 [proto: 189/WhatsAppVoice][186 pkts/27025 bytes <-> 278 pkts/25895 bytes]
2 UDP 192.168.2.4:52794 <-> 91.253.176.65:9665 [proto: 189/WhatsAppVoice][141 pkts/17530 bytes <-> 57 pkts/12888 bytes]
3 TCP 192.168.2.4:49202 <-> 184.173.179.37:5222 [proto: 142/WhatsApp][100 pkts/14711 bytes <-> 80 pkts/10163 bytes]
4 TCP 192.168.2.4:49204 <-> 17.173.66.102:443 [proto: 91.224/SSL.AppleStore][29 pkts/11770 bytes <-> 24 pkts/6612 bytes][client: p53-buy.itunes.apple.com]
5 TCP 192.168.2.4:49201 <-> 17.178.104.12:443 [proto: 91.140/SSL.Apple][21 pkts/7644 bytes <-> 17 pkts/9576 bytes][client: query.ess.apple.com][server: *.ess.apple.com]
6 TCP 192.168.2.4:49205 <-> 17.173.66.102:443 [proto: 91.224/SSL.AppleStore][17 pkts/6166 bytes <-> 15 pkts/3539 bytes][client: p53-buy.itunes.apple.com]
7 TCP 192.168.2.4:49193 <-> 17.110.229.14:5223 [proto: 140/Apple][11 pkts/4732 bytes <-> 11 pkts/1194 bytes]
7 TCP 192.168.2.4:49193 <-> 17.110.229.14:5223 [proto: 238/ApplePush][11 pkts/4732 bytes <-> 11 pkts/1194 bytes]
8 UDP 192.168.2.4:51518 <-> 31.13.93.48:3478 [proto: 189/WhatsAppVoice][12 pkts/2341 bytes <-> 12 pkts/2484 bytes]
9 UDP 0.0.0.0:68 -> 255.255.255.255:67 [proto: 18/DHCP][10 pkts/3420 bytes -> 0 pkts/0 bytes][Host: lucas-imac]
10 UDP 192.168.2.4:52794 <-> 31.13.84.48:3478 [proto: 189/WhatsAppVoice][9 pkts/1842 bytes <-> 11 pkts/1151 bytes]
Expand Down
5 changes: 3 additions & 2 deletions tests/result/whatsapp_login_chat.pcap.out
View file
Original file line number Diff line number Diff line change
@@ -1,13 +1,14 @@
MDNS 2 202 2
DHCP 6 2052 1
Dropbox 2 1088 1
Apple 50 23466 2
Apple 44 21371 1
WhatsApp 32 3243 2
Spotify 1 86 1
ApplePush 6 2095 1

1 TCP 192.168.2.4:49205 <-> 17.173.66.102:443 [proto: 91.140/SSL.Apple][24 pkts/15117 bytes <-> 20 pkts/6254 bytes]
2 TCP 192.168.2.4:49206 <-> 158.85.58.15:5222 [proto: 142/WhatsApp][17 pkts/1794 bytes <-> 13 pkts/1169 bytes]
3 TCP 17.110.229.14:5223 -> 192.168.2.4:49193 [proto: 140/Apple][6 pkts/2095 bytes -> 0 pkts/0 bytes]
3 TCP 17.110.229.14:5223 -> 192.168.2.4:49193 [proto: 238/ApplePush][6 pkts/2095 bytes -> 0 pkts/0 bytes]
4 UDP 0.0.0.0:68 -> 255.255.255.255:67 [proto: 18/DHCP][6 pkts/2052 bytes -> 0 pkts/0 bytes][Host: lucas-imac]
5 UDP 192.168.2.1:17500 -> 192.168.2.255:17500 [proto: 121/Dropbox][2 pkts/1088 bytes -> 0 pkts/0 bytes]
6 UDP 192.168.2.4:61697 <-> 192.168.2.1:53 [proto: 5.142/DNS.WhatsApp][1 pkts/76 bytes <-> 1 pkts/204 bytes][Host: e12.whatsapp.net]
Expand Down

0 comments on commit e641294

Please sign in to comment.