What is nDPI
nDPI is a DPI (Deep Packet Inspection) toolkit able to:
Detect application protocol on traffic flows
Analize encrypted traffic flows via ET (Encrypted Traffic Analysis)
Extract selected protocol metadata from traffic
Implement APIs for analysing traffic
Releases and Features
nDPI development lifecycle is typically 6 to 9 months. The history of changes and features implemented by every release, is available on its Changelog.
Installation
nDPI is open source and available on GitHub. In addition, pre-compiled, binary nDPI packages are available both for Linux and other platforms. Installation instructions for binary packages are available below.
Installing on Linux
Installation instructions can be found at http://packages.ntop.org/. Development and stable builds are available. Stable builds are intended for production environments whereas development builds are intended for testing or early feature access.
Software Updates
General instructions for updating the software can be found at http://packages.ntop.org/ together with the installation instructions. Depending on the Operating System, nDPI supports also automatic updates through the GUI as described in the below sections.
Updating the Software on Linux
Instructions for updating the software via command line can be found at http://packages.ntop.org/. For example on Ubuntu/Debian systems the below commands will update the repository, check for updates and install the latest software update if any:
apt-get update
apt-get upgrade