nDPI 2.8-stable is Out

Posted · Add Comment

This new release brings several fixes that make nDPI more stable. Such fixes involve especially DNS and HTTP traffic dissection.

Here is the full list of changes:

  • New Supported Protocols and Services
    • Added Modbus over TCP dissector
  • Improvements
    • Wireshark Lua plugin compatibility with Wireshark 3
    • Improved MDNS dissection
    • Improved HTTP response code handling
    • Full dissection of HTTP responses
  • Fixes
    • Fixed false positive mining detection
    • Fixed invalid TCP DNS dissection
    • Releasing buffers upon realloc failures
    • ndpiReader: Prevents references after free
    • Endianness fixes
    • Fixed IPv6 HTTP traffic dissection
    • Fixed H.323 detection
  • Other
    • Disabled ookla statistics which need to be improved
    • Support for custom protocol files of arbitrary lengthUpdate radius.c to RFC2865