ntop
diff --git a/‎src/lib/protocols/gearup_booster.c‎
Lines changed: 42 additions & 7 deletions b/‎src/lib/protocols/gearup_booster.c‎
Lines changed: 42 additions & 7 deletions
diff --git a/‎tests/cfgs/caches_cfg/result/ookla.pcap.out‎
Lines changed: 1 addition & 1 deletion b/‎tests/cfgs/caches_cfg/result/ookla.pcap.out‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎tests/cfgs/caches_cfg/result/teams.pcap.out‎
Lines changed: 1 addition & 1 deletion b/‎tests/cfgs/caches_cfg/result/teams.pcap.out‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎tests/cfgs/caches_global/result/ookla.pcap.out‎
Lines changed: 1 addition & 1 deletion b/‎tests/cfgs/caches_global/result/ookla.pcap.out‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎tests/cfgs/caches_global/result/teams.pcap.out‎
Lines changed: 1 addition & 1 deletion b/‎tests/cfgs/caches_global/result/teams.pcap.out‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎tests/cfgs/classification_only/result/bittorrent_tcp_miss.pcapng.out‎
Lines changed: 1 addition & 1 deletion b/‎tests/cfgs/classification_only/result/bittorrent_tcp_miss.pcapng.out‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎tests/cfgs/classification_only/result/ookla.pcap.out‎
Lines changed: 1 addition & 1 deletion b/‎tests/cfgs/classification_only/result/ookla.pcap.out‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎tests/cfgs/classification_only/result/teams.pcap.out‎
Lines changed: 1 addition & 1 deletion b/‎tests/cfgs/classification_only/result/teams.pcap.out‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎tests/cfgs/classification_only/result/waze.pcap.out‎
Lines changed: 1 addition & 1 deletion b/‎tests/cfgs/classification_only/result/waze.pcap.out‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎tests/cfgs/default/pcap/gearup_booster.pcap‎
6.29 KB b/‎tests/cfgs/default/pcap/gearup_booster.pcap‎
6.29 KB
@@ -42,19 +42,54 @@ static void ndpi_search_gearup_booster(struct ndpi_detection_module_struct *ndpi
 
   NDPI_LOG_DBG(ndpi_struct, "search GearUP Booster\n");
 
-  if (packet->udp->source != htons(9999) && packet->udp->dest != htons(9999))
-  {
-    NDPI_EXCLUDE_DISSECTOR(ndpi_struct, flow);
+  if (packet->tcp != NULL && packet->payload_packet_len >= 16) {
+    if (flow->packet_counter <= 3) {
+      int32_t pdu_length = ntohl(get_u_int32_t(packet->payload, 0));
+      if (pdu_length != packet->payload_packet_len - 4) {
+        NDPI_EXCLUDE_DISSECTOR(ndpi_struct, flow);
+        return;
+      }
+    }
+    if (packet->payload[4] != 0x08) {
+      NDPI_EXCLUDE_DISSECTOR(ndpi_struct, flow);
+      return;
+    }
+    if (flow->packet_counter <= 2) {
+      if (packet->payload_packet_len > 128 ||
+          packet->payload[5] != 0x01)
+      {
+        NDPI_EXCLUDE_DISSECTOR(ndpi_struct, flow);
+        return;
+      }
+    } else {
+      if (get_u_int16_t(packet->payload, 7) != ntohs(0x0510) ||
+          get_u_int16_t(packet->payload, 13) != ntohs(0x2000))
+      {
+        NDPI_EXCLUDE_DISSECTOR(ndpi_struct, flow);
+        return;
+      }
+    }
+    if (flow->packet_counter >= 4) {
+      ndpi_int_gearup_booster_add_connection(ndpi_struct, flow);
+    }
     return;
   }
 
-  if (flow->packet_counter == 1)
-  {
-    if (packet->packet_direction != 0 || packet->udp->dest != htons(9999))
+  if (packet->udp != NULL) {
+    if (packet->udp->source != htons(9999) && packet->udp->dest != htons(9999))
     {
       NDPI_EXCLUDE_DISSECTOR(ndpi_struct, flow);
       return;
     }
+
+    if (flow->packet_counter == 1)
+    {
+      if (packet->packet_direction != 0 || packet->udp->dest != htons(9999))
+      {
+        NDPI_EXCLUDE_DISSECTOR(ndpi_struct, flow);
+        return;
+      }
+    }
   }
 
   if (packet->payload_packet_len == 4)
@@ -86,7 +121,7 @@ void init_gearup_booster_dissector(struct ndpi_detection_module_struct *ndpi_str
 {
   ndpi_register_dissector("GeaUP_Booster", ndpi_struct,
                      ndpi_search_gearup_booster,
-                     NDPI_SELECTION_BITMASK_PROTOCOL_V4_V6_UDP_WITH_PAYLOAD,
+                     NDPI_SELECTION_BITMASK_PROTOCOL_V4_V6_TCP_OR_UDP_WITH_PAYLOAD_WITHOUT_RETRANSMISSION,
                      1, NDPI_PROTOCOL_GEARUP_BOOSTER);
 }
 
@@ -3,7 +3,7 @@ Guessed flow protos:	1
 DPI Packets (TCP):	40	(6.67 pkts/flow)
 Confidence Match by port    : 1 (flows)
 Confidence DPI              : 5 (flows)
-Num dissector calls: 566 (94.33 diss/flow)
+Num dissector calls: 569 (94.83 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/3/0 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)
 
@@ -6,7 +6,7 @@ DPI Packets (other):	1	(1.00 pkts/flow)
 Confidence Unknown          : 1 (flows)
 Confidence Match by port    : 2 (flows)
 Confidence DPI              : 80 (flows)
-Num dissector calls: 523 (6.30 diss/flow)
+Num dissector calls: 524 (6.31 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/9/0 (insert/search/found)
 LRU cache stun:       30/0/0 (insert/search/found)
 
@@ -4,7 +4,7 @@ DPI Packets (TCP):	40	(6.67 pkts/flow)
 Confidence DPI (partial cache): 1 (flows)
 Confidence DPI              : 4 (flows)
 Confidence DPI (aggressive) : 1 (flows)
-Num dissector calls: 566 (94.33 diss/flow)
+Num dissector calls: 569 (94.83 diss/flow)
 LRU cache ookla:      4/2/2 (insert/search/found)
 LRU cache bittorrent: 0/3/0 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)
 
@@ -7,7 +7,7 @@ Confidence Unknown          : 1 (flows)
 Confidence Match by port    : 2 (flows)
 Confidence DPI (partial)    : 4 (flows)
 Confidence DPI              : 76 (flows)
-Num dissector calls: 523 (6.30 diss/flow)
+Num dissector calls: 524 (6.31 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/9/0 (insert/search/found)
 LRU cache stun:       30/0/0 (insert/search/found)
 
@@ -1,6 +1,6 @@
 DPI Packets (TCP):	10	(10.00 pkts/flow)
 Confidence DPI              : 1 (flows)
-Num dissector calls: 223 (223.00 diss/flow)
+Num dissector calls: 224 (224.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 5/0/0 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)
 
@@ -4,7 +4,7 @@ DPI Packets (TCP):	38	(6.33 pkts/flow)
 Confidence DPI (partial cache): 1 (flows)
 Confidence DPI              : 4 (flows)
 Confidence DPI (aggressive) : 1 (flows)
-Num dissector calls: 566 (94.33 diss/flow)
+Num dissector calls: 569 (94.83 diss/flow)
 LRU cache ookla:      4/2/2 (insert/search/found)
 LRU cache bittorrent: 0/3/0 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)
 
@@ -7,7 +7,7 @@ Confidence Unknown          : 1 (flows)
 Confidence Match by port    : 2 (flows)
 Confidence DPI (partial)    : 6 (flows)
 Confidence DPI              : 74 (flows)
-Num dissector calls: 523 (6.30 diss/flow)
+Num dissector calls: 524 (6.31 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/9/0 (insert/search/found)
 LRU cache stun:       24/0/0 (insert/search/found)
 
@@ -5,7 +5,7 @@ DPI Packets (UDP):	1	(1.00 pkts/flow)
 Confidence Unknown          : 1 (flows)
 Confidence Match by port    : 9 (flows)
 Confidence DPI              : 23 (flows)
-Num dissector calls: 346 (10.48 diss/flow)
+Num dissector calls: 347 (10.52 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/30/0 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)