Extensible deep packet inspection library

Overview Repositories Revisions Requests Users Attributes Meta

Extensible deep packet inspection library

nDPI is a ntop-maintained superset of the popular OpenDPI library. Released
under the LGPL license, its goal is to extend the original library by adding
new protocols that are otherwise available only on the paid version of OpenDPI.
In addition to Unix platforms, we also support Windows, in order to provide
you a cross-platform DPI experience. Furthermore, we have modified nDPI do be
more suitable for traffic monitoring applications, by disabling specific
features that slow down the DPI engine while being them un-necessary for
network traffic monitoring.

Devel package for openSUSE:Factory
5 derived packages
Derived Packages
home:mnhauke:security

home:X0F:branches:network

home:Andreas_Schwab:Factory

home:frispete:15.2

home:mnhauke:monitoring
Cancel
Links to openSUSE:Factory / ndpi
Has a link diff
Download package
Checkout Package
osc -A https://api.opensuse.org checkout server:monitoring/ndpi && cd $_
Create Badge

Build Results
RPM Lint

Refresh

Source Files

Filename	Size	Changed
0001-Added-ability-to-report-whether-a-protocol-is-encryp.patch	0000094081 91.9 KB	almost 3 years ago
0002-Report-whether-a-protocol-is-encrypted.patch	0000000980 980 Bytes	almost 3 years ago
0003-Firs-crash-on-ARM-during-steam-protocol-dissection.patch	0000001491 1.46 KB	almost 3 years ago
ndpi-4.0.tar.gz	0120053617 114 MB	almost 3 years ago
ndpi.changes	0000015250 14.9 KB	almost 3 years ago
ndpi.spec	0000004952 4.84 KB	almost 3 years ago

Revision 23 (latest revision is 27)

Dirk Stoecker (dstoecker) accepted request 913748 from

Martin Hauke (mnhauke) almost 3 years ago (revision 23)

- Update to version 4.0
  New Features
  * Add API for computing RSI (Relative Strenght Index)
  * Add GeoIP support
  * Add fragments management
  * Add API for jitter calculation
  * Add single exponential smoothing API
  * Add timeseries forecasting support implementing Holt-Winters
    with confidence interval
  * Add support for MAC to radi tree and expose the full API to
    applications
  * Add JA3+, with ALPN and elliptic curve
  * Add double exponential smoothing implementation
  * Extended API for managing flow risks
  * Add flow risk score
  * New flow risks:
    + Desktop or File Sharing Session
    + HTTP suspicious content (useful for tracking trickbot)
    + Malicious JA3
    + Malicious SHA1
    + Risky domain
    + Risky AS
    + TLS Certificate Validity Too Long
    + TLS Suspicious Extension
  New Supported Protocols and Services
  * New protocols:
    + AmongUs
    + AVAST SecureDNS
    + CPHA (CheckPoint High Availability Protocol)
    + DisneyPlus

Places

Actions on this page