Released nDPI 1.8

Posted · Add Comment

This is to announce the release of nDPI 1.8. In this version we have updated many protocol dissectors, simplified the API as well started to introduce changes that will be further improved in future versions. As usual we have changed many protocols dissectors. The whole changelog can be found below. Many thanks to all contributors!

Changelog

  • Recoded DNS and QUIC dissectors
  • Code passed checks of static code analysers
  • Added API wrappers (to be used in apps using nDPI) for substring-search
    • ndpi_init_automa()
    • ndpi_free_automa()
    • ndpi_add_string_to_automa()
    • ndpi_finalize_automa()
    • ndpi_match_string()
    • set_ndpi_malloc()
    • set_ndpi_free()
  • Added new ndpi_detection_giveup() API call to call before giving up for a given flow
  • Simplified API for init/term of the nDPI library
  • Simplified code of the ndpiReader test application
  • Added stronger checks for some dissectors to avoid buffer overflows
  • Fixed many memory-related bugs thanks to the ndpi-scapy tool
  • Added ability to extract BitTorrent hash (and eventually peerId)
  • Removed unused code to compile nDPI in Linux kernel (not a good idea to use DPI in kernels).
  • Added various packet encapsulations in ndpiReader
  • Improved dissectors
    • Tor
    • Dropbox
    • Skype
    • KakaoTalk
    • WhatsApp (Added WhatsApp Voice)
    • Microsoft
    • Viber
    • Google
    • MS OneDrive
    • SIP
    • TFTP
    • QQ
    • NetBIOS
    • HTTP (over IPv6)
    • 6in4tunnel
    • RTP
    • Ebay
    • HEP2 protocol detection support (sipcapture)
    • BitTorrent
    • Netflix
    • Amazon Cloud
    • Facebook
  • Removed some obsolete protocols (e.g. WinMX)
  • Added new dissectors
    • OpenDNS
    • Weibo
    • Mqtt (IoT protocol)
    • CoAP
    • HTTPDownload (to tag HTTP flows whose goal is to download files and not to transfer HTML)
    • MS Lync
    • Ubiquity AirControl 2