I-nDPI 4.6 ifika nokusekelwa kwezivumelwano ezintsha, amasevisi nokunye

Darkcrizt

Imizuzu ye-4

I-nDPI

I-nDPI® ingumthombo ovulekile welabhulali ye-LGPLv3 yokuhlolwa kwephakethe okujulile. Ngokusekelwe ku-OpenDPI, ifaka izandiso ze-ntop.

I ukukhishwa kwenguqulo entsha ye-nDPI 4.6 esethula ukuthuthukiswa okuningana, kanye nokwesekwa kwezivumelwano ezengeziwe nokuqina ngenxa yekhodi yokuhlanganisa eyethulwe kule nguqulo. Ukukhishwa kwemethadatha yephrothokholi kuye kwathuthukiswa kuzo zonke izivumelwano ezimbalwa, njengoba kwenzeka nokutholwa kwe-DGA kumagama abasingathi, phakathi kwezinye izinto.

I-nDPI Kubonakala ngokusetshenziswa yizo zombili i-ntop ne-nProbe ukufaka ukutholwa kwamaphrothokholi kusendlalelo sohlelo lokusebenza, noma ngabe itheku liyasetshenziswa. Lokhu kusho ukuthi izivumelwano ezaziwayo zingatholakala emachwebeni angajwayelekile.

Le phrojekthi ikuvumela ukuthi unqume imigomo yezinga lokufaka isicelo esetshenziswe kuthrafikhi ngokuhlaziya ubunjalo bomsebenzi wenethiwekhi ngaphandle kokuzibophezela kumachweba wenethiwekhi (ungathola izinqubo ezaziwayo abashayeli babo abamukela ukuxhumana kumachweba wenethiwekhi angajwayelekile, ngokwesibonelo uma i-http ingathunyelwanga isuka ethekwini 80, noma, ngakolunye uhlangothi, lapho bezama ukufihla okunye imisebenzi yenethiwekhi efana ne-http esebenza ethekwini 80).

Izici ezintsha eziyinhloko ze-nDPI 4.6

Ekukhishweni okusha kwe-nDPI 4.6, inikeze ikhono lokuchaza izivumelwano ezenziwe ngokwezifiso kusetshenziswa izihlungi ze-nBPF (ngokwesibonelo: 'nbpf:»host 192.168.1.1 kanye ne-port 80″@HomeRouter').

Tambien ukusebenza kokuhlaziywa kwethrafikhi kwenziwe ngcono kakhulu, kanye nokutholwa kwe-WebShell nekhodi ye-PHP kuma-URL e-HTTP kanye nencazelo ye-DGA (I-Domain Generational Algorithm).

Ibanga lezinsongo zenethiwekhi ezitholiwe nezinkinga zinwetshiwe okuhambisana nengozi yokuzibophezela (ingozi yokugeleza). Usekelo olungeziwe lwezinhlobo ezintsha zosongo: I-NDPI_HTTP_OBSOLETE_SERVER (ithola izinguqulo ezindala ze-Apache ne-nginx), NDPI_PERIODIC_FLOW, NDPI_MINOR_ISSUES, NDPI_TCP_ISSUES.

Enye into entsha eyethulwe kule nguqulo entsha yile ukuhlolwa kwe-fuzzing kwenziwe kanye nokuhlolwa okuthuthukisiwe kwemiyalo ye-AES-NI nokuthuthukiswa okwenziwe ekukhiqizeni idatha ngefomethi ye-JSON.

Ngakolunye uhlangothi, futhi kuqokonyiswa lokho ungeze izibalo ze-Patricia, Ahocarasick kanye ne-LRU cache, kanye nendlela yokuguga yokuguga yenqolobane ye-LRU, ukusekelwa kokusakazwa kwe-RTP ukuze usakaze imethadatha, nokuthi insiza ye-ndpiReader isebenzisa usekelo lwephrothokholi ye-Linux Cooked Capture v2.

Ngakolunye uhlangothi lwezengezo zosekelo zamaphrothokholi namasevisi:

  • Activision
  • Ukufinyelela kweseva ye-AliCloud
  • VUKELA
  • I-CryNetwork
  • Anydesk
  • I-Bittorrent (lungisa ukuzethemba, ukutholwa nge-TCP)
  • I-DNS, engeza ikhono lokunquma amarekhodi e-DNS PTR asetshenziselwa ukulungiswa kwekheli lokuhlehla
  • I-DTLS (bamba izingcezu zesitifiketi)
  • Izingcingo ze-Facebook VoIP
  • I-FastCGI (dissect PARAMS)
  • I-FortiClient (buyekeza izimbobo ezizenzakalelayo)
  • I-Discord
  • edns
  • Islastiki
  • I-FastCGI
  • kuyiKismet
  • I-Liane App kanye nezingcingo ze-Line VoIP
  • Meraki Cloud
  • muani
  • I-NATPMP
  • I-HTTP subclassification
  • Hlola umenzeli womsebenzisi ongenalutho/ongekho ku-HTTP
  • I-IRC (ukuhlolwa kwemininingwane)
  • IJabber / XMPP
  • I-Kerberos (ukusekelwa kwemilayezo ye-Krb-Error)
  • I-LDAP
  • I-MGCP
  • I-MONGODB (gwema imibono engamanga)
  • Ukuvumelanisa
  • I-TP-LINK Smart Home
  • I-LAN YAKHO
  • I-SoftEther VPN
  • I-Tailscale
  • I-TiVoConnect
  • SNMP
  • I-SMB (ukusekelwa kwemilayezo ihlukaniswe yaba izingxenye eziningi ze-TCP)
  • I-SMTP (usekelo lomyalo we-X-ANONYMOUSTLS)
  • STUN
  • I-SKYPE (thuthukisa ukutholwa nge-UDP, susa ukutholwa nge-TCP)
  • I-Teamspeak3 (Ukutholwa kwelayisensi/uhlu lwewebhu)
  • Threema Messenger
  • Zoom
  • Engeza ukutholwa kokwabelana kwesikrini sokusondeza
  • Engeza ukutholwa kokugeleza kokusondeza kontanga ku-STUN
  • Ukutholwa kwamakholi we-Hangout/Duo Voip, lungiselela ukubheka esihlahleni sephrothokholi
  • HTTP
  • Ukuphathwa kwe-HTTP-Proxy ne-HTTP-Connect
  • Ama-Postgres
  • I-POP3
  • I-QUIC (usekelo lwamaphakethe angu-0-RTT atholwe ngaphambi kokuqala)
  • Izingcingo ze-Snapchat VoIP

Okokugcina uma unentshisekelo yokwazi kabanzi ngakho Mayelana nale nguqulo entsha, ungabheka imininingwane ku- isixhumanisi esilandelayo.

Ungayifaka kanjani i-nDPI ku-Linux?

Kulabo abanentshisekelo yokukwazi ukufaka leli thuluzi kusistimu yabo, bangakwenza lokho ngokulandela imiyalelo esabelana ngayo ngezansi.

Ukuze ufake ithuluzi, kufanele silande ikhodi yomthombo futhi siyihlanganise, kodwa ngaphambi kwalokho uma bekhona Abasebenzisi be-Debian, Ubuntu noma abavela Kulokhu, kufanele siqale sifake okulandelayo:

sudo apt-get install build-essential git gettext flex bison libtool autoconf automake pkg-config libpcap-dev libjson-c-dev libnuma-dev libpcre2-dev libmaxminddb-dev librrd-dev

Endabeni yalabo abakhona Abasebenzisi be-Arch Linux:

sudo pacman -S gcc git gettext flex bison libtool autoconf automake pkg-config libpcap json-c numactl pcre2 libmaxminddb rrdtool

Manje, ukuze sihlanganise, kufanele silande ikhodi yomthombo, ongayithola ngokuthayipha:

git clone https://github.com/ntop/nDPI.git

cd nDPI

Futhi siyaqhubeka nokuhlanganisa ithuluzi ngokuthayipha:

./autogen.sh
make

Uma ungathanda ukwazi okwengeziwe mayelana nokusetshenziswa kwethuluzi, ungakwazi hlola isixhumanisi esilandelayo.


Shiya umbono wakho

Ikheli lakho le ngeke ishicilelwe. Ezidingekayo ibhalwe nge *

*

*

  1. Unomthwalo wemfanelo ngedatha: AB Internet Networks 2008 SL
  2. Inhloso yedatha: Lawula Ugaxekile, ukuphathwa kwamazwana.
  3. Ukusemthethweni: Imvume yakho
  4. Ukuxhumana kwemininingwane: Imininingwane ngeke idluliselwe kubantu besithathu ngaphandle kwesibopho esisemthethweni.
  5. Isitoreji sedatha: Idatabase ebanjwe yi-Occentus Networks (EU)
  6. Amalungelo: Nganoma yisiphi isikhathi ungakhawulela, uthole futhi ususe imininingwane yakho.