IvanNardi
commented
3 days ago You are wrong. All metadata structures are public in ndpi_typedefs.h
Open shailendra-patil opened 3 days ago
IvanNardi
commented
3 days ago You are wrong. All metadata structures are public in ndpi_typedefs.h
shailendra-patil
commented
3 days ago ya, those are defined in ndpi_typedefs.h...Thanks for correcting...
Also, I have attached a pcap where in there are RTP packets inside the TURN channel Data, but when i process this the library flags the master-protocol as STUN and APP-Protocol as ViberVoip. But lets say in cases, where there is RTP inside TURN channel OR there is RTP inside STUN(generally as part of DATA attribute, which we see for Skype and Teams calls) can we have a way where in we can flag the packet as the containing RTP data. i mean any attribute i can access which tells me this?....I have attached both viber and skype pcaps.
Also, in the viber pcap we can see that flow assigned as STUN and after than same flow is assigned as DTLS. Any reason for this?...
Please share your thoughts on this also.
Currently, the protocol attributes are present under ndpi_private.h file which is not by default added to /use/include/ndpi folder while we install this library. Is there any way in which we can use the protocol specific fields once the flow is detected aa a protocol. For example, STUN --> Mapped_Address, Relayed_Address.
Just need to know whether is it possible to use them when we install nDPI as library OR this is just for internal use....
Please help on this topic.