pool/ndpi
SHA256
4
0
Fork 1
Code Issues Pull Requests Packages Projects Releases Wiki Activity

- Update to version 4.12

Browse Source 
* https://github.com/ntop/nDPI/releases/tag/4.12
  * https://github.com/ntop/nDPI/releases/tag/4.10
  * https://github.com/ntop/nDPI/releases/tag/4.8
  * https://github.com/ntop/nDPI/releases/tag/4.6
  * https://github.com/ntop/nDPI/releases/tag/4.4
  * https://github.com/ntop/nDPI/releases/tag/4.2
- Drop not longer needed patches
  * 0001-Added-ability-to-report-whether-a-protocol-is-encryp.patch
  * 0002-Report-whether-a-protocol-is-encrypted.patch
  * 0003-Firs-crash-on-ARM-during-steam-protocol-dissection.patch
- Add patch:
  * fix-makefile.patch

OBS-URL: https://build.opensuse.org/package/show/server:monitoring/ndpi?expand=0&rev=29
This commit is contained in:
Martin Hauke 2024-12-24 14:35:22 +00:00 committed by Git OBS Bridge
commit e15d9e0fef
10 changed files with 2049 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
.gitattributes vendored Normal file
View File

@ -0,0 +1,23 @@
## Default LFS
*.7z filter=lfs diff=lfs merge=lfs -text
*.bsp filter=lfs diff=lfs merge=lfs -text
*.bz2 filter=lfs diff=lfs merge=lfs -text
*.gem filter=lfs diff=lfs merge=lfs -text
*.gz filter=lfs diff=lfs merge=lfs -text
*.jar filter=lfs diff=lfs merge=lfs -text
*.lz filter=lfs diff=lfs merge=lfs -text
*.lzma filter=lfs diff=lfs merge=lfs -text
*.obscpio filter=lfs diff=lfs merge=lfs -text
*.oxt filter=lfs diff=lfs merge=lfs -text
*.pdf filter=lfs diff=lfs merge=lfs -text
*.png filter=lfs diff=lfs merge=lfs -text
*.rpm filter=lfs diff=lfs merge=lfs -text
*.tbz filter=lfs diff=lfs merge=lfs -text
*.tbz2 filter=lfs diff=lfs merge=lfs -text
*.tgz filter=lfs diff=lfs merge=lfs -text
*.ttf filter=lfs diff=lfs merge=lfs -text
*.txz filter=lfs diff=lfs merge=lfs -text
*.whl filter=lfs diff=lfs merge=lfs -text
*.xz filter=lfs diff=lfs merge=lfs -text
*.zip filter=lfs diff=lfs merge=lfs -text
*.zst filter=lfs diff=lfs merge=lfs -text

1
.gitignore vendored Normal file
View File

@ -0,0 +1 @@
.osc

1343
0001-Added-ability-to-report-whether-a-protocol-is-encryp.patch Normal file
View File

File diff suppressed because it is too large Load Diff

26
0002-Report-whether-a-protocol-is-encrypted.patch Normal file
View File

@ -0,0 +1,26 @@
From 5f286a17c1ecb88b06ee069650fa73f7565165dc Mon Sep 17 00:00:00 2001
From: Luca Deri <deri@ntop.org>
Date: Sat, 7 Aug 2021 17:35:34 +0200
Subject: [PATCH 2/3] Report whether a protocol is encrypted
---
example/ndpiReader.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/example/ndpiReader.c b/example/ndpiReader.c
index b4434650..053dc2ec 100644
--- a/example/ndpiReader.c
+++ b/example/ndpiReader.c
@@ -1368,6 +1368,9 @@ static void printFlow(u_int32_t id, struct ndpi_flow_info *flow, u_int16_t threa
ndpi_protocol2name(ndpi_thread_info[thread_id].workflow->ndpi_struct,
flow->detected_protocol, buf1, sizeof(buf1)));
+ fprintf(out, "[%s]",
+ ndpi_is_encrypted_proto(ndpi_thread_info[thread_id].workflow->ndpi_struct, flow->detected_protocol) ? "Encrypted" : "ClearText");
+
if(flow->detected_protocol.category != 0)
fprintf(out, "[cat: %s/%u]",
ndpi_category_get_name(ndpi_thread_info[thread_id].workflow->ndpi_struct,
--
2.32.0

43
0003-Firs-crash-on-ARM-during-steam-protocol-dissection.patch Normal file
View File

@ -0,0 +1,43 @@
From 817c00b65ab4d0bf78927e494227ac5308417f91 Mon Sep 17 00:00:00 2001
From: Luca Deri <deri@ntop.org>
Date: Wed, 18 Aug 2021 11:33:33 +0200
Subject: [PATCH 3/3] Firs crash on ARM during steam protocol dissection
---
src/lib/protocols/steam.c | 19 ++++++++++++-------
1 file changed, 12 insertions(+), 7 deletions(-)
diff --git a/src/lib/protocols/steam.c b/src/lib/protocols/steam.c
index 8cd3ec41..53bbfc6a 100644
--- a/src/lib/protocols/steam.c
+++ b/src/lib/protocols/steam.c
@@ -114,14 +114,19 @@ static void ndpi_check_steam_udp1(struct ndpi_detection_module_struct *ndpi_stru
}
/* Check for Steam Datagram Relay (SDR) packets. */
- if (payload_len > 8 &&
- ndpi_ntohll(get_u_int64_t(packet->payload, 0)) == 0x0101736470696e67 /* "\x01\x01sdping" */)
- {
- NDPI_LOG_INFO(ndpi_struct, "found STEAM (Steam Datagram Relay)\n");
- ndpi_int_steam_add_connection(ndpi_struct, flow);
- return;
- }
+ if (payload_len > 8) {
+ u_int64_t n;
+ /* Necessary as simple cast crashes on ARM */
+ memcpy(&n, packet->payload, sizeof(u_int64_t));
+
+ if(ndpi_ntohll(n) == 0x0101736470696e67 /* "\x01\x01sdping" */) {
+ NDPI_LOG_INFO(ndpi_struct, "found STEAM (Steam Datagram Relay)\n");
+ ndpi_int_steam_add_connection(ndpi_struct, flow);
+ return;
+ }
+ }
+
/* Check if we so far detected the protocol in the request or not. */
if (flow->steam_stage1 == 0) {
NDPI_LOG_DBG2(ndpi_struct, "STEAM stage 0: \n");
--
2.32.0

29
fix-makefile.patch Normal file
View File

@ -0,0 +1,29 @@
diff --git a/src/lib/Makefile.in b/src/lib/Makefile.in
index b446ba2..e5d0ea4 100644
--- a/src/lib/Makefile.in
+++ b/src/lib/Makefile.in
@@ -11,7 +11,6 @@ RANLIB = @RANLIB@
#
# Installation directories
#
-PREFIX = @prefix@
libdir = @libdir@
includedir = @includedir@/ndpi
ifneq ($(OS),Windows_NT)
@@ -96,10 +95,10 @@ cppcheck:
cppcheck --template='{file}:{line}:{severity}:{message}' --quiet --enable=all --force -I ../include *.c protocols/*.c
install: $(NDPI_LIBS)
- mkdir -p $(DESTDIR)$(PREFIX)$(libdir)
- cp $(NDPI_LIBS) $(DESTDIR)$(PREFIX)$(libdir)/
- cp -P $(NDPI_LIB_SHARED_BASE) $(DESTDIR)$(PREFIX)$(libdir)/
- cp -P $(NDPI_LIB_SHARED_BASE).$(NDPI_VERSION_MAJOR) $(DESTDIR)$(PREFIX)$(libdir)/
- mkdir -p $(DESTDIR)$(PREFIX)$(includedir)
+ mkdir -p $(DESTDIR)$(libdir)
+ cp $(NDPI_LIBS) $(DESTDIR)$(libdir)/
+ cp -P $(NDPI_LIB_SHARED_BASE) $(DESTDIR)$(libdir)/
+ cp -P $(NDPI_LIB_SHARED_BASE).$(NDPI_VERSION_MAJOR) $(DESTDIR)$(libdir)/
+ mkdir -p $(DESTDIR)$(includedir)
#Avoid installing private header
- find ../include/*.h ! -name ndpi_private.h -exec cp "{}" $(DESTDIR)$(PREFIX)$(includedir)/ \;
+ find ../include/*.h ! -name ndpi_private.h -exec cp "{}" $(DESTDIR)$(includedir)/ \;

3
ndpi-4.0.tar.gz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:99e0aba6396fd633c3840f30e4942f6591a08066d037f560b65ba64e7310f4d6
size 120053617

3
ndpi-4.12.tar.gz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:28b0029877bbc970a8acc924664541c71e76e7a45e3761d5d0ddf3e695b6878c
size 47562110

438
ndpi.changes Normal file
View File

@ -0,0 +1,438 @@
-------------------------------------------------------------------
Fri Dec 20 16:18:54 UTC 2024 - Martin Hauke <mardnh@gmx.de>
- Update to version 4.12
* https://github.com/ntop/nDPI/releases/tag/4.12
* https://github.com/ntop/nDPI/releases/tag/4.10
* https://github.com/ntop/nDPI/releases/tag/4.8
* https://github.com/ntop/nDPI/releases/tag/4.6
* https://github.com/ntop/nDPI/releases/tag/4.4
* https://github.com/ntop/nDPI/releases/tag/4.2
- Drop not longer needed patches
* 0001-Added-ability-to-report-whether-a-protocol-is-encryp.patch
* 0002-Report-whether-a-protocol-is-encrypted.patch
* 0003-Firs-crash-on-ARM-during-steam-protocol-dissection.patch
- Add patch:
* fix-makefile.patch
-------------------------------------------------------------------
Thu Feb 22 13:56:41 UTC 2024 - Dominique Leuenberger <dimstar@opensuse.org>
- Use %autosetup macro. Allows to eliminate the usage of deprecated
%patchN
-------------------------------------------------------------------
Thu Aug 26 16:30:53 UTC 2021 - Dirk Stoecker <opensuse@dstoecker.de>
- Add conflicts for ndpi-common package, as version 3 did not follow
packaging guidelines fully
-------------------------------------------------------------------
Thu Aug 26 09:15:54 UTC 2021 - Martin Hauke <mardnh@gmx.de>
- Create -common subpackage
-------------------------------------------------------------------
Sun Aug 22 12:48:59 UTC 2021 - Martin Hauke <mardnh@gmx.de>
- Update to version 4.0
New Features
* Add API for computing RSI (Relative Strenght Index)
* Add GeoIP support
* Add fragments management
* Add API for jitter calculation
* Add single exponential smoothing API
* Add timeseries forecasting support implementing Holt-Winters
with confidence interval
* Add support for MAC to radi tree and expose the full API to
applications
* Add JA3+, with ALPN and elliptic curve
* Add double exponential smoothing implementation
* Extended API for managing flow risks
* Add flow risk score
* New flow risks:
+ Desktop or File Sharing Session
+ HTTP suspicious content (useful for tracking trickbot)
+ Malicious JA3
+ Malicious SHA1
+ Risky domain
+ Risky AS
+ TLS Certificate Validity Too Long
+ TLS Suspicious Extension
New Supported Protocols and Services
* New protocols:
+ AmongUs
+ AVAST SecureDNS
+ CPHA (CheckPoint High Availability Protocol)
+ DisneyPlus
+ DTLS
+ Genshin Impact
+ HP Virtual Machine Group Management (hpvirtgrp)
+ Mongodb
+ Pinterest
+ Reddit
+ Snapchat VoIP calls
+ Tumblr
+ Virtual Asssitant (Alexa, Siri)
+ Z39.50
* Add protocols to HTTP as subprotocols
* Add detection of TLS browser type
* Add connectionless DCE/RPC detection
Improvements
* 2.5x speed bump. Example ndpiReader with a long mixed pcap
v3.4 - nDPI throughput: 1.29 M pps / 3.35 Gb/sec
v4.0 - nDPI throughput: 3.35 M pps / 8.68 Gb/sec
* Improve detection/dissection of:
+ AnyDesk
+ DNS
+ Hulu
+ DCE/RPC (avoid false positives)
+ dnscrypt
+ Facebook (add new networks)
+ Fortigate
+ FTP Control
+ HTTP
- Fix user-agent parsing
- Fix logs when NDPI_ENABLE_DEBUG_MESSAGES is defined
+ IEC104
+ IEC60870
+ IRC
+ Netbios
+ Netflix
+ Ookla speedtest (detection over IPv6)
+ openspeedtest.com
+ Outlook / MicrosoftMail
+ QUIC
- update to draft-33
- improve handling of SNI
- support for fragmented Client Hello
- support for DNS-over-QUIC
+ RTSP
+ RTSP via HTTP
+ SNMP (reimplemented)
+ Skype
+ SSH
+ Steam (Steam Datagram Relay - SDR)
+ STUN (avoid false positives, improved Skype detection)
+ TeamViewer (add new hosts)
+ TOR (update hosts)
+ TLS
- Certificate Subject matching
- Check for common ALPNs
- Reworked fingerprint calculation
- Fix extraction for TLS signature algorithms
- Fix ClientHello parsing
+ UPnP
+ wireguard
+ Improve DGA detection
+ Improve JA3
+ Improve Mining detection
+ Improve string matching algorithm
+ Improve ndpi_pref_enable_tls_block_dissection
+ Optimize speed and memory size
+ Update ahocorasick library
+ Improve subprotocols detection
Fixes
* Fix partial application matching
* Fix multiple segfault and leaks
* Fix uninitialized memory use
* Fix release of patterns allocated in ndpi_add_string_to_automa
* Fix return value of ndpi_match_string_subprotocol
* Fix setting of flow risks on 32 bit machines
* Fix TLS certificate threshold
* Fix a memory error in TLS JA3 code
* Fix false positives in Z39.50
* Fix off-by-one memory error for TLS-JA3
* Fix bug in ndpi_lru_find_cache
* Fix invalid xbox and playstation port guesses
* Fix CAPWAP tunnel decoding
* Fix parsing of DLT_PPP datalink type
* Fix dissection of QUIC initial packets coalesced with 0-RTT one
* Fix parsing of GTP headers
* Add bitmap boundary checks
Misc
* Update download category name
* Update category labels
* Renamed Skype in Skype_Teams (the protocol is now shared across
these apps)
* Add IEC analysis wireshark plugin
* Flow risk visualization in Wireshark
* ndpiReader
+ add statistics about nDPI performance
+ fix memory leak
+ fix collecting of risks statistics
* Move installed libraries from /usr/local to /usr
* Improve NDPI_API_VERSION generation
* Update ndpi_ptree_match_addr prototype
- Add patches (for compatibility with ntopng 5.0):
* 0001-Added-ability-to-report-whether-a-protocol-is-encryp.patch
* 0002-Report-whether-a-protocol-is-encrypted.patch
* 0003-Firs-crash-on-ARM-during-steam-protocol-dissection.patch
-------------------------------------------------------------------
Fri Apr 23 14:57:05 UTC 2021 - Mathias Homann <Mathias.Homann@opensuse.org>
- Update to 3.4
* removed 001-Refresh-of-ndpi_netbios_name_interpret.patch, implemented
upstream
-------------------------------------------------------------------
Fri Apr 24 17:25:05 UTC 2020 - Petr Cervinka <petr@cervinka.net>
- Add upstream patch to fix ntopng build failure (ntopng#3675)
001-Refresh-of-ndpi_netbios_name_interpret.patch
-------------------------------------------------------------------
Thu Feb 20 21:03:45 UTC 2020 - Martin Hauke <mardnh@gmx.de>
- Update to version 3.2
New Features
* New API calls
* Protocol detection: ndpi_is_protocol_detected
* Categories: ndpi_load_categories_file / ndpi_load_category
* JSON/TLV serialization: ndpi_serialize_string_boolean /
ndpi_serialize_uint32_boolean
* Patricia tree: ndpi_load_ipv4_ptree
* Module initialization: ndpi_init_detection_module /
ndpi_finalize_initalization
* Base64 encoding: ndpi_base64_encode
* JSON export: ndpi_flow2json
* Print protocol: ndpi_get_l4_proto_name / ndpi_get_l4_proto_info
* Libfuzz integration
* Implemented Community ID hash (API call ndpi_flowv6_flow_hash
and ndpi_flowv4_flow_hash)
* Detection of RCE in HTTP GET requests via PCRE
* Integration of the libinjection library to detect SQL
injections and XSS type attacks in HTTP requests
New Supported Protocols and Services
* TLS: new decode
* Added ALPN support
* Added export of supported version in TLS header
* Added Telnet dissector with metadata extraction
* Added Zabbix dissector
* Added POP3/IMAP metadata extraction
* Added FTP user/password extraction
* Added NetBIOS metadata extraction
* Added Kerberos metadata extraction
* Implemented SQL Injection and XSS attack detection
* Host-based detection improvements and changes
* Added Microsoft range
* Added twitch.tv website
* Added brasilbandalarga.com.br and .eaqbr.com.br as EAQ
* Added 20.180.0.0/14, 20.184.0.0/13 range as Skype
* Added 52.84.0.0/14 range as Amazon
* Added pastebin.com
* Changed 13.64.0.0/11 range from Skype to Microsoft
* Refreshed Whatsapp server list, added whatsapp-.fbcdn.net IPs
* Added public DNSoverHTTPS servers
Improvements
* Reworked and improved the TLS dissector
* Reworked Kerberos dissector
* Improved DNS response decoding
* Support for DNS continuous flow dissection
* Improved Python bindings
* Improved Ethereum support
* Improved categories detection with streaming and HTTP
* Support for IP-based detection to compute the application
protocol
* Renamed protocol 104 to IEC60870 (more meaningful)
* Added failed authentication support with FTP
* Renamed DNSoverHTTPS to handle bot DoH and DoT
* Implemented stacked DPI decoding
* Improvements for CapWAP and Bloomberg
* Improved SMB dissection
* Improved SSH dissection
* Added capwap support
* Modified API signatures for ndpi_ssl_version2str /
ndpi_detection_giveup
* Removed ndpi_pref_http_dont_dissect_response /
ndpi_pref_dns_dont_dissect_response (replaced by
ndpi_extra_dissection_possible)
Fixes
* Fixed memory invalid access in SMTP and leaks in TLS
* Fixed a few memory leaks
* Fixed invalid memory access in a few protocol dissectors (HTTP,
memcached, Citrix, STUN, DNS, Amazon Video, TLS, Viber)
* Fixed IPv6 address format across the various platforms
* Fixed infinite loop in ndpi_workflow_process_packet
* Fixed SHA1 certificate detection
* Fixed custom protocol detection
* Fixed SMTP dissection (including email)
* Fixed Telnet dissection and invalid password report
* Fixed invalid category matching in HTTP
* Fixed Skype and STUN false positives
* Fixed SQL Injection detection
* Fixed invalid SMBv1 detection
* Fixed SSH dissection
* Fixed ndpi_ssl_version2str
* Fixed ndpi_extra_dissection_possible
* Fixed out of bounds read in ndpi_match_custom_category
ndpiReader
* CSV output enhancements
* Added tunnelling decapsulation
* Improved HTTP reporting
* Added scan and HTTP attacks (XSS, SQL Injection) detection
-------------------------------------------------------------------
Thu Jan 2 11:50:52 UTC 2020 - Martin Hauke <mardnh@gmx.de>
- Add hyperscan-devel as dependency to libndpi-devel
-------------------------------------------------------------------
Wed Dec 25 10:13:32 UTC 2019 - Martin Hauke <mardnh@gmx.de>
- Drop not longer needed patches (fixed upstream)
* ndpi-fix-build.patch
* reproducible.patch
- Update to version 3.0
New Features
* nDPI now reports the protocol ASAP even when specific fields
have not yet been dissected because such packets have not yet
been observed. This is important for inline applications that
can immediately act on traffic. Applications that need full
dissection need to call the new API function
ndpi_extra_dissection_possible() to check if metadata dissection
has been completely performed or if there is more to read before
declaring it completed.
* TLS (formerly identified as SSL in nDPI v2.x) is now dissected
more deeply, certificate validity is extracted as well
certificate SHA-1.
* nDPIreader can now export data in CSV format with option -C
* Implemented Sequence of Packet Length and Time (SPLT) and Byte
Distribution (BD) as specified by Cisco Joy
(https://github.com/cisco/joy). This allows malware activities
on encrypted TLS streams.
* Available as library and in ndpiReader with option -J
* Promoted usage of protocol categories rather than protocol
identifiers in order to classify protocols. This allows
application protocols to be clustered in families and thus better
managed by users/developers rather than using hundred of
protocols unknown to most of the people.
* Added Inter-Arrival Time (IAT) calculation used to detect
protocol misbehaviour (e.g. slow-DoS detection)
* Added data analysis features for computign metrics such as
entropy, average, stddev, variance on a single and consistent
place that will prevent when possible. This should ease traffic
analysis on monitoring/security applications. New API calls have
been implemented such as ndpi_data_XXX() to handle these
calculations.
* Initial release of Python bindings available under nDPI/python.
* Implemented search of human readable strings for promoting data
exfiltration detection
* Available as library and in ndpiReader with option -e
* Fingerprints
JA3 (https://github.com/salesforce/ja3)
HASSH (https://github.com/salesforce/hassh)
DHCP
* Implemented a library to serialize/deserialize data in both
Type-Length-Value (TLV) and JSON format
New Supported Protocols and Services
* DTLS (i.e. TLS over UDP)
* Hulu
* TikTok/Musical.ly
* WhatsApp Video
* DNSoverHTTPS
* Datasaver
* Line protocol
* Google Duo and Hangout merged
* WireGuard VPN
* IMO
* Zoom.us
Improvements
* TLS
+ Organizations
+ Ciphers
+ Certificate analysis
* Added PUBLISH/SUBSCRIBE methods to SIP
* Implemented STUN cache to enhance matching of STUN-based protocols
* Dissection improvements
+ Viber
+ WhatsApp
+ AmazonVideo
+ SnapChat
+ FTP
+ QUIC
+ OpenVPN support for UDP-based VPNs
+ Facebook Messenger mobile
+ Various improvements for STUN, Hangout and Duo
* Added new categories:
+ CUSTOM_CATEGORY_ANTIMALWARE,
+ NDPI_PROTOCOL_CATEGORY_MUSIC,
+ NDPI_PROTOCOL_CATEGORY_VIDEO,
+ NDPI_PROTOCOL_CATEGORY_SHOPPING,
+ NDPI_PROTOCOL_CATEGORY_PRODUCTIVITY
+ NDPI_PROTOCOL_CATEGORY_FILE_SHARING
* Added NDPI_PROTOCOL_DANGEROUS classification
Fixes
* Fixed the dissection of certain invalid DNS responses
* Fixed Spotify dissection
* Fixed false positives with FTP and FTP_DATA
* Fix to discard STUN over TCP flows
* Fixed MySQL dissector
* Fix category detection due to missing initialization
* Fix DNS rsp_addr missing in some tiny responses
* Various hardening fixes
-------------------------------------------------------------------
Wed Jun 5 04:03:31 UTC 2019 - Bernhard Wiedemann <bwiedemann@suse.com>
- Add reproducible.patch to override build date (boo#1047218)
-------------------------------------------------------------------
Sat Mar 30 09:53:01 UTC 2019 - Martin Hauke <mardnh@gmx.de>
- Update to version 2.8
New Supported Protocols and Services
* Added Modbus over TCP dissector
Improvements
* Wireshark Lua plugin compatibility with Wireshark 3
* Improved MDNS dissection
* Improved HTTP response code handling
* Full dissection of HTTP responses
Fixes
* Fixed false positive mining detection
* Fixed invalid TCP DNS dissection
* Releasing buffers upon realloc failures
* ndpiReader: Prevents references after free
* Endianness fixes
* Fixed IPv6 HTTP traffic dissection
* Fixed H.323 detection
Other
* Disabled ookla statistics which need to be improved
* Support for custom protocol files of arbitrary length
* Update radius.c to RFC2865
-------------------------------------------------------------------
Sun Feb 24 15:00:58 UTC 2019 - schwab@suse.de
- override prefix and libdir during install
- ndpi-fix-build.patch: don't install multiple copies of the library
-------------------------------------------------------------------
Tue Jan 8 17:01:56 UTC 2019 - Jan Engelhardt <jengelh@inai.de>
- Compact descriptions of all but the most promiment package
(libndpi2) for size. Trim bias and metadata redundancies, too.
-------------------------------------------------------------------
Mon Jan 7 21:52:45 UTC 2019 - mardnh@gmx.de
- Add wireshark/ndpi.lua to the doc section of ndpi-tools
- Add a comment to clarify the license of wireshark/ndpi.lua
-------------------------------------------------------------------
Fri Dec 28 19:44:08 UTC 2018 - mardnh@gmx.de
- Rename files according to the package name nDPI -> ndpi
-------------------------------------------------------------------
Sat Dec 22 20:38:16 UTC 2018 - mardnh@gmx.de
- Update to version 2.6
See /usr/share/doc/packages/libndpi2/CHANGELOG.md for the full
changelog
-------------------------------------------------------------------
Sun Oct 22 18:25:46 UTC 2017 - mardnh@gmx.de
- Initial package, version 2.0

140
ndpi.spec Normal file
View File

@ -0,0 +1,140 @@
#
# spec file for package ndpi
#
# Copyright (c) 2024 SUSE LLC
# Copyright (c) 2017-2024, Martin Hauke <mardnh@gmx.de>
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
%define sover 4
%ifarch %{ix86} x86_64
%bcond_without hyperscan
%endif
Name: ndpi
Version: 4.12
Release: 0
Summary: Extensible deep packet inspection library
# wireshark/ndpi.lua is GPL-3.0-or-later
License: LGPL-3.0-only
Group: Development/Libraries/C and C++
URL: https://github.com/ntop/nDPI
Source: https://github.com/ntop/nDPI/archive/%{version}.tar.gz#/%{name}-%{version}.tar.gz
Patch0: fix-makefile.patch
BuildRequires: autoconf
BuildRequires: automake
BuildRequires: gcc-c++
BuildRequires: libnuma-devel
BuildRequires: libpcap-devel
BuildRequires: libtool
BuildRequires: pkgconfig
BuildRequires: pkgconfig(json-c)
%if 0%{with hyperscan}
BuildRequires: pkgconfig(libhs)
%endif
%description
nDPI is a ntop-maintained superset of the OpenDPI library. It extends
the original library by adding new protocols that are otherwise
available only on the paid version of OpenDPI.
%package -n libndpi%{sover}
Summary: Extensible deep packet inspection library
Group: System/Libraries
Requires: ndpi-common
%description -n libndpi%{sover}
nDPI is a ntop-maintained superset of the OpenDPI library. It extends
the original library by adding new protocols that are otherwise
available only on the paid version of OpenDPI. nDPI was modified to
be more suitable for traffic monitoring applications, by disabling
specific features that slow down the DPI engine while being them
un-necessary for network traffic monitoring.
%package -n libndpi-devel
Summary: Development headers for nNDPI
Group: Development/Libraries/C and C++
Requires: libndpi%{sover} = %{version}
%if 0%{with hyperscan}
Requires: pkgconfig(libhs)
%endif
%description -n libndpi-devel
nDPI is a ntop-maintained superset of the OpenDPI library. It extends
the original library by adding new protocols that are otherwise
available only on the paid version of OpenDPI.
This package contains the Development headers for libndpi.
%package -n ndpi-tools
Summary: Tools for nNDPI
Group: Development/Libraries/C and C++
%description -n ndpi-tools
nDPI is a ntop-maintained superset of the OpenDPI library. It extends
the original library by adding new protocols that are otherwise
available only on the paid version of OpenDPI.
This package contains the ndpiReader binary.
%package -n ndpi-common
Summary: Common files used by nDPI
Group: Development/Libraries/C and C++
# version 3 rpm did not yet follow rules correctly
Conflicts: libndpi3
%description -n ndpi-common
nDPI is a ntop-maintained superset of the OpenDPI library. It extends
the original library by adding new protocols that are otherwise
available only on the paid version of OpenDPI.
This package contains common files used by nDPI.
%prep
%autosetup -p1 -n nDPI-%{version}
%build
autoreconf -fiv
%configure \
%if 0%{with hyperscan}
--with-hyperscan \
%endif
%{nil}
%make_build
%install
%make_install
rm %{buildroot}/%{_libdir}/libndpi.a
%post -n libndpi%{sover} -p /sbin/ldconfig
%postun -n libndpi%{sover} -p /sbin/ldconfig
%files -n libndpi%{sover}
%{_libdir}/libndpi.so.%{sover}*
%files -n libndpi-devel
%{_includedir}/ndpi
%{_libdir}/libndpi.so
%{_libdir}/pkgconfig/libndpi.pc
%files -n ndpi-tools
%{_bindir}/ndpiReader
%doc wireshark
%files -n ndpi-common
%license COPYING
%doc CHANGELOG.md README.md
%doc doc/guide/nDPI_QuickStartGuide.pdf
%{_datadir}/%{name}
%changelog