nDPI
nDPI copied to clipboard
ntop
Open Source Deep Packet Inspection Software Toolkit
Radius protocol detection dose not support pod (packet of disconnect) radius type. Pod-Port: 1700 Radius-Code: 40
## Describe the bug When I run ndpiReader with a pcap, it shows that an RDP session is created, but I see that there is http traffic from port 80...
Hello. I'm using compiled after "git clone" nDPI 4.9 on Linux and on Windows. I would like to have timestamps (first_seen, last_seen) in nanoseconds like in Wireshark after saving in...
utils/mergeipaddrlist.py: 15 utils/ipaddr2list.py: 47 example/ndpi2timeline.py: 97 134 Can add a condition to determine whether the file is in that folder avoid attackers
## Describe the bug Some networks are described in more than one protocol. Another problem is the lack of subnet aggregation. To solve these problems, we need to abandon "include...
It has ``` cp $(NDPI_LIBS) $(DESTDIR)$(PREFIX)$(libdir)/ ``` which is installing libraries into `/usr/usr/lib64/`, because in Autotools logic, `$libdir` must be absolute. Just make it ``` cp $(NDPI_LIBS) $(DESTDIR)$(libdir)/ ```
Hello, I'm using nDPI 4.8 Stable release for a traffic classification application. Performance is important for this application so I try to minimize the number of classification attempts per flow....
Currently, we support only a single port. It would be great to add port-range support (limited to a specific range, e.g. 64 ports max) Example: ip:1.2.3.4:80-90@HTTP udp:3260-3280@iSCSI
[user_kerberos.pcap.zip](https://github.com/ntop/nDPI/files/13180569/user_kerberos.pcap.zip) Hint: use "kerberos.CNameString" as Wireshark filter
Due to the old OpenDPI code, supporting many new protocols is a problem. This code needs to be rewritten in order to make it more modern. starting ndpiReader with the...