Toni
If you can share pcap files for all mentioned protocols, it may be possible to implement protocol detections / dissectors for those.
What do you mean by CGO API support? Do you want to integrate nDPI in your Go app? If so, that should in theory already be possible. You can use...
I am currently thinking about extending nDPI with Go bindings. There is a more or less straight forward project to create those: [https://github.com/xlab/c-for-go](https://github.com/xlab/c-for-go)
I do not understand how you've integrated nDPI in your Go application. Can you provide more information on that, please?
~~Seems possible to me. We probably just need to implement a risk based on this tshark filter:~~ ~~`'dns.flags.response == 1' -R 'dns.qry.type == 0x0001' -R 'dns.count.answers >= 1'`~~ ~~It could...
In my oppinion there are two possibilities for implementing such feature. But both may not be suited for the core library. ~1. For every DNS request/response, let nDPI do it's...
`RoaringBitmap` is part of nDPI since 1efabef4cfce64a373f014ee43bab371a82f7e87. `2.` seems worth a try.
I would also agree on a separation between internal and external/public ids. From a dev perspective a mapping of those can be achieved with index tables where the numeric representation...
I agree that protocol dissectors should have precedence over custom defined rules. But what I do not get: Why would someone want to add a custom port(-only) based rule for...
Can you please check if PR #1541 and PR #1542 fixed your issue?