Ivan Nardi

> There is one more question: if the lists are generated by a script, then what is the point of storing ipv6 addresses as a string? No specific reasons: it...

@INT2ECALL , I am not sure I am understanding the issue here. While some protocols are detected at the first packet, some are detected correlating two packets (usually one for...

@utoni, do you have any experience with win32?

Not sure what you are doing, but "packet content" is always available in `packet->payload`. Example of trivial code handling a simple UDP protocol: ` src/lib/protocols/sflow.c`

As I said, I don't know what you are exactly doing, but if you are ONLY adding a new dissector, please test it with `ndpireader`: packet structure will be filled...

AFAIK, no, there are no plans. A patch to detect (un-encrypted) HTTP/2 has just been pushed. While HTTP/2 is one of the most used used protocols on "internet" (basically *all*...

> Why is there such a big gap between https://w3techs.com/technologies/details/ce-http2 and https://radar.cloudflare.com/traffic? Do I miss something? From the first site: ~35%. From the second: 60.9% of the HTTP traffic ->...

This issue is real and has been already reported in the past (https://github.com/ntop/nDPI/issues/819) No sure how to move forward...

I think that we can leave this issue open: we should fix it, somehow....

Other references: * this should be (a copy of) the "original" project: https://github.com/p0f/p0f * a more recent (...) post on this topic: https://blog.cloudflare.com/introducing-the-p0f-bpf-compiler/