betolj
commented
8 years ago You cant do this, yet. I think that: the best way to filter url is made with proxy servers, like squid (in userspace)
Closed rsweerarathna closed 8 years ago
betolj
commented
8 years ago You cant do this, yet. I think that: the best way to filter url is made with proxy servers, like squid (in userspace)
rightkick
commented
8 years ago I think what rsweerarathna has in mind is the custom protocol definitions that you can set with ndpi on ntop-ng.
rsweerarathna
commented
7 years ago Hi betolj, I have change nDPI code to identify the IFLIX as a protocol. It works with ndpiReader example and identifies all the flows as screenshot attached. make_output.txt . I changed only two files as mentioned in https://github.com/ntop/nDPI/issues/127 After changing these files i replace your netfilter module "ndpi_content_match.c.inc" and "ndpi_protocol_ids.h" with my updated files. Now it's giving some errors which attached here. Can you please help me to fix them? or just let me know what are the source files i should update to fix this.
Regards,
make_output.txt
Shamin weerarathna.
rsweerarathna
commented
7 years ago I had ndpi-netfiler older version.
Now i installed the latest ndpi-netfilter code and then replace that two files. now it's giving some different error. see the screenshot.
betolj
commented
7 years ago There are still remnants of old nDPI version. For example: the TDS protocol has been moved/replaced to MSSQL_TDS.
So, don't try to use the old project directory. Unpack and build again in another directory and move your files for this path too.
2016-10-09 1:18 GMT-04:00 rsweerarathna notifications@github.com:
I had ndpi-netfiler older version. Now i installed the latest ndpi-netfilter code and then replace that two files. now it's giving some different error. see the screenshot. [image: screenshot from 2016-10-09 10 40 26] https://cloud.githubusercontent.com/assets/17285987/19218097/e1e01784-8e0d-11e6-90cf-2e6be8550dfe.png
— You are receiving this because you modified the open/close state. Reply to this email directly, view it on GitHub https://github.com/betolj/ndpi-netfilter/issues/30#issuecomment-252465468, or mute the thread https://github.com/notifications/unsubscribe-auth/AEBma_Zmw2JWiSdFUx4oaBRthVpirPLpks5qyHkcgaJpZM4JLKAy .
betolj
commented
7 years ago The latest version now includes OCS. But, if there are new changes (custom protocol), you need to fix this manually. You can't overwrite the file directly. The older structure is incompatible.
betolj
commented
7 years ago It's need to include the nDPI ID in the file "/usr/src/ndpi-netfilter/src/xt_ndpi.h" too.
Hi, How can i define a custom protocol and drop that protocol with netfilter? I have a set of URLs and IPs and i need to define those URLs and IPs as a one protocol and drop them all using single netfilter rule. How can i do this?