I-nDPI 4.6 ifika kunye nenkxaso kwiiprothokholi ezintsha, iinkonzo kunye nokunye

Darkcrizt

Imizuzu ye4

I-NDPI

I-nDPI® yithala leencwadi le-LGPLv3 lomthombo ovulekileyo wokuhlola ipakethe enzulu. Ngokusekwe kwi-OpenDPI, ibandakanya izandiso ze-ntop.

I ukukhululwa kwenguqulelo entsha ye-nDPI 4.6 eyazisa uphuculo oluninzi, kunye nenkxaso yeprothokholi ezongezelelweyo kunye nokomelela enkosi kwikhowudi edibanisayo eyaziswa kolu guqulelo. Iprotocol yokutsalwa kwemetadata iye yaphuculwa kwiiprothokholi ezininzi, njengoko kufunyenwe iDGA kumagama abamkeli, phakathi kwezinye izinto.

I-NDPI Iphawuleka ngokusetyenziswa kwazo zombini i-ntop kunye ne-nProbe ukongeza ukufunyanwa kweeprotocol kumaleko osetyenziso, ngaphandle kokuba izibuko lisetyenziswa. Oku kuthetha ukuba kunokwenzeka ukubhaqa iinkqubo ezaziwayo kumazibuko angaqhelekanga.

Le projekthi ikuvumela ukuba uchonge iiprotokholi zenqanaba lesicelo ezisetyenziswe kutrafikhi ngokuhlalutya ubunjani bomsebenzi wenethiwekhi ngaphandle kokubopha kwizibuko lenethiwekhi (ungachonga iiprothokholi ezaziwayo ezinabaqhubi bamkela unxibelelwano kumazibuko womnatha angaqhelekanga, umzekelo ukuba http ayithunyelwanga kwizibuko 80, okanye, ngokuchaseneyo, xa bezama ukuzifihla ezinye Umsebenzi wenethiwekhi onje nge-http esebenzayo kwizibuko 80).

Iimpawu ezintsha eziphambili ze-nDPI 4.6

Kukhupho olutsha lwe-nDPI 4.6, inika isakhono sokuchaza iiprothokholi zesiko kusetyenziswa izihluzi ze-nBPF (umzekelo: 'nbpf:»host 192.168.1.1 kunye nezibuko 80″@HomeRouter').

Tambien Uhlalutyo lwendlela yokusebenza luphuculwe kakhulu, kunye nokufunyanwa kweWebShell kunye nekhowudi ye-PHP kwii-URL ze-HTTP kunye nenkcazo ye-DGA (i-Domain Generational Algorithm).

Uluhlu lwezoyikiso zothungelwano olufunyenweyo kunye nemiba yandisiwe ezinxulumene nomngcipheko wokuzibophelela (umngcipheko wokuhamba). Inkxaso eyongeziweyo kwiindidi zezoyikiso ezintsha: NPI_HTTP_OBSOLETE_SERVER (ibhaqa iinguqulelo ezindala ze-Apache kunye ne-nginx), NDPI_PERIODIC_FLOW, NDPI_MINOR_ISSUES, NDPI_TCP_ISSUES.

Enye into entsha evezwa kule nguqulelo intsha yile iimvavanyo zokudibanisa ziphunyeziwe kunye nokuqwalaselwa okuphuculweyo kwemiyalelo ye-AES-NI kunye nophuculo olwenziwayo kwi-data serialization kwifomathi ye-JSON.

Kwelinye icala, kuyacaciswa ukuba ukongeza izibalo zePatricia, Ahocarasick kunye ne-LRU cache, kunye nengqiqo yokuguga ye-LRU cache eqwalaselweyo, inkxaso yeRTP imijelo yokuhambisa imetadata, kunye ne-ndpiReader eluncedo iphumeza inkxaso ye-Linux Cooked Capture v2 protocol.

Kwicala lezongezo zenkxaso kwiiprothokholi kunye neenkonzo:

  • U msebenzi
  • Ukufikelela kwiseva ye-AliCloud
  • VUKELA
  • I-CryNetwork
  • Nayiphi na ideski
  • I-Bittorrent (lungisa ukuzithemba, ukufunyanwa kwi-TCP)
  • DNS, yongeza ukukwazi ukucacisa iirekhodi ze-DNS PTR ezisetyenziselwa isisombululo sedilesi
  • I-DTLS (bamba iziqwenga zesatifikethi)
  • Facebook VoIP iminxeba
  • I-FastCGI (yicazulule iPARMS)
  • FortiClient (uhlaziywa amazibuko angagqibekanga)
  • Ingxoxo
  • edns
  • Elasticsearch
  • I-FastCGI
  • Kismet
  • Liane App kunye Line VoIP iminxeba
  • Meraki Cloud
  • mna
  • NATPMP
  • HTTP subclassification
  • Jonga into engenanto/elahlekileyo yomsebenzisi-arhente kwiHTTP
  • I-IRC (uqwalaselo lweenkcukacha)
  • IJabber / XMPP
  • I-Kerberos (inkxaso yemiyalezo ye-Krb-Error)
  • I-LDAP
  • MGCP
  • I-MONGODB (ugweme izinto zobuxoki)
  • Syncthing
  • I-TP-LINK Smart Home
  • ILAN YAKHO
  • IsoftEther VPN
  • Isikali somsila
  • TiVoConnect
  • SNMP
  • I-SMB (inkxaso yemiyalezo eyahlulwe yangamacandelo amaninzi e-TCP)
  • I-SMTP (inkxaso yomyalelo we-X-ANONYMOUSTLS)
  • I-STUN
  • I-SKYPE (ukuphucula ukubonwa kwi-UDP, susa ubhaqo ngaphezulu kwe-TCP)
  • I-Teamspeak3 (ilayisensi/uluhlu lweWebhu lokubhaqwa)
  • Threema Messenger
  • Zoom
  • Yongeza ukubonwa kokwabelana kwesikrini sokuSondeza
  • Yongeza ukubonwa kokuhamba koontanga-kuya-ntanga kwi-STUN
  • I-Hangout/Duo Voip ifowunela ukubhaqwa, khulisa ukujonga kumthi weprotocol
  • HTTP
  • Ukuphathwa kwe-HTTP-Proxy kunye ne-HTTP-Connect
  • Iiposti
  • POP3
  • I-QUIC (inkxaso yeepakethi ze-0-RTT ezifunyenwe ngaphambi kokuqala)
  • Snapchat VoIP iminxeba

Gqibela ukuba unomdla wokwazi okungakumbi ngayo Malunga nale nguqulo intsha, ungakhangela iinkcukacha kwi ukulandela ikhonkco.

Uyifaka njani i-nDPI kwiLinux?

Kwabo banomdla wokukwazi ukufaka esi sixhobo kwinkqubo yabo, banokukwenza ngokulandela imiyalelo esabelana ngayo ngezantsi.

Ukuze ufake isixhobo, kufuneka sikhuphele ikhowudi yemvelaphi kwaye siyihlanganise, kodwa ngaphambi koko ukuba zikho Debian, Ubuntu okanye abasebenzisi abavela Kwezi, kufuneka siqale sifake oku kulandelayo:

sudo apt-get install build-essential git gettext flex bison libtool autoconf automake pkg-config libpcap-dev libjson-c-dev libnuma-dev libpcre2-dev libmaxminddb-dev librrd-dev

Kwimeko yabo bangabo Abasebenzisi beArch Linux:

sudo pacman -S gcc git gettext flex bison libtool autoconf automake pkg-config libpcap json-c numactl pcre2 libmaxminddb rrdtool

Ngoku, ukuze sihlanganise, kufuneka sikhuphele ikhowudi yemvelaphi, onokuyifumana ngokuchwetheza:

git clone https://github.com/ntop/nDPI.git

cd nDPI

Kwaye siqhubeka nokuqulunqa isixhobo ngokuchwetheza:

./autogen.sh
make

Ukuba unomdla wokwazi ngakumbi malunga nokusetyenziswa kwesixhobo, unako jonga eli khonkco lilandelayo.


Shiya uluvo lwakho

Idilesi yakho ye email aziyi kupapashwa. ezidingekayo ziphawulwe *

*

*

  1. Inoxanduva lwedatha: I-AB Internet Networks 2008 SL
  2. Injongo yedatha: Ulawulo lwe-SPAM, ulawulo lwezimvo.
  3. Umthetho: Imvume yakho
  4. Unxibelelwano lwedatha: Idatha ayizukuhanjiswa kubantu besithathu ngaphandle koxanduva lomthetho.
  5. Ukugcinwa kweenkcukacha
  6. Amalungelo: Ngalo naliphi na ixesha unganciphisa, uphinde uphinde ucime ulwazi lwakho.