Iphrojekthi ye-ntop, ethuthukisa amathuluzi okuthwebula nokuhlaziya ithrafikhi, ishicilele ukukhululwa kwe-nDPI 4.4 deep inspection toolkit, eqhubeka nokuthuthukiswa komtapo wezincwadi we-OpenDPI. Iphrojekthi ye-nDPI yasungulwa ngemva komzamo ongaphumelelanga wokuphusha izinguquko endaweni yokugcina i-OpenDPI, eshiywe inganakekelwa. Ikhodi ye-nDPI ibhalwe ngo-C futhi ilayisensi ngaphansi kwe-LGPLv3.
Uhlelo lukuvumela ukuthi unqume amaphrothokholi ezinga lohlelo lokusebenza asetshenziswa kuthrafikhi, uhlaziye imvelo yomsebenzi wenethiwekhi ngaphandle kokuboshelwa ezimbobeni zenethiwekhi (inganquma izivumelwano ezaziwa kakhulu abaphathi bazo abamukela ukuxhumeka ezimbobeni zenethiwekhi ezingajwayelekile, isibonelo, uma i-http ingathunyelwa kusuka ku-port 80, noma, ngokuphambene, lapho Bazama ukufihla omunye umsebenzi wenethiwekhi njenge-http ngokuwusebenzisa ku-port 80).
Umehluko ovela ku-OpenDPI uhlanganisa ukwesekwa kwezivumelwano ezengeziwe, ukuthuthwa ku-Windows platform, ukusebenza kahle, ukuzivumelanisa nezimo ukuze kusetshenziswe izinhlelo zokusebenza zokuqapha ithrafikhi ngesikhathi sangempela (ezinye izici ezithile ezehlise ijubane injini zisusiwe), ikhono lokwakha ngendlela Imojuli ye-Linux kernel, nokusekelwa kokuchaza ama-subprotocols .
Sekukonke, izincazelo zezivumelwano nezinhlelo zokusebenza ezingaba ngu-300 ziyasekelwa, kusukela ku-OpenVPN, Tor, QUIC, SOCKS, BitTorrent ne-IPsec kuya kuTelegram, Viber, WhatsApp, PostgreSQL kanye nezingcingo eziya ku-GMail, Office365, GoogleDocs ne-YouTube. Kunesiphakeli nesikhikhidakhodi sesitifiketi se-SSL esikuvumela ukuthi unqume umthetho olandelwayo (isibonelo, i-Citrix Online ne-Apple iCloud) usebenzisa isitifiketi sokubethela. Insiza ye-nDPIreader ihlinzekwa ukuhlaziya okuqukethwe kokulahlwa kwe-pcap noma ithrafikhi yamanje ngesixhumi esibonakalayo senethiwekhi.
Ekukhishweni okusha:
- Imethadatha engeziwe enolwazi mayelana nesizathu sokubiza isibambi ngosongo oluthile.
- Kwengezwe umsebenzi we-ndpi_check_flow_risk_exceptions() wokuxhuma izibambi zosongo lwenethiwekhi.
- Ukwehlukaniswa kwenziwe kwaba amaphrothokholi enethiwekhi (isibonelo, i-TLS) kanye nezivumelwano zohlelo lokusebenza (isibonelo, amasevisi e-Google).
- Kwengezwe amazinga amasha amabili obumfihlo: NDPI_CONFIDENCE_DPI_PARTIAL kanye ne-NDPI_CONFIDENCE_DPI_PARTIAL_CACHE.
- Kwengezwe ithempulethi ukuze kuchazwe ukusetshenziswa kwesevisi ye-Cloudflare WARP
- Ukufakwa kwe-hashmap yangaphakathi kuthathelwe indawo i-uthash.
- Kubuyekeziwe ukubophezela kolimi lwePython.
- Ngokuzenzakalelayo, ukusetshenziswa kwe-gcrypt eyakhelwe ngaphakathi kunikwe amandla (inketho --with-libgcrypt inikezwa ukuze kusetshenziswe ukuqaliswa kwesistimu).
- Ibanga lezinsongo zenethiwekhi ezihlonziwe kanye nezinkinga ezihlobene nengcuphe yokuba sengozini (ingozi yokugeleza) inwetshiwe. Usekelo olungeziwe lwezinhlobo ezintsha ezisongelayo: NDPI_PUNYCODE_IDN, NPI_ERROR_CODE_DETECTED, NDPI_HTTP_CRAWLER_BOT kanye ne-NDPI_ANONYMOUS_SUBSCRIBER.
- Ukwesekwa okwengeziwe kwamaphrothokholi namasevisi:
- I-UltraSurf
- i3D
- I-RiotGames
- I-TSAN
- I-TunnelBear VPN
- kuqoqiwe
- I-PIM (Protocol Independent Multicast)
- I-Pragmatic General Multicast (PGM)
- I-RSH
- Imikhiqizo ye-GoTo efana ne-GoToMeeting
- UDazn
- I-MPEG-DASH
- I-Agora Software Defined Real-time Network (SD-RTN)
- Toca Boca
- I-VXLAN
- I-DMNS/LLMNR
- Ukuhlukaniswa nokutholwa kwephrothokholi okuthuthukisiwe:
- I-SMTP/SMTPS (Usekelo lwe-STARTTLS lwengeziwe)
- I-OCSP
- TargusDataspeed
- Usenet
- I-DTLS
- I-TFTP
- INSIPHO nge-HTTP
- Genshin Impact
- IPSec/ISAKMP
- DNS
- syslog
- DHCP
- AMANATS
- Viber
- Xiaomi
- I-Raknet
- i-gnutella
- I-Kerberos
- I-QUIC (ukwesekwa okwengeziwe kokucaciswa kwe-v2drft 01)
- I-SSDP
- SNMP
- I-DGA
- I-AES-NI
Source: opennet.ru