Skip to content

3.4 Stable

Compare
Choose a tag to compare
@lucaderi lucaderi released this 19 Oct 14:21
· 7 commits to 3.4-stable since this release

New Features

  • Completely reworked and extended QUIC dissector
  • Added flow risk concept to move nDPI towards result interpretation
  • Added ndpi_dpi2json() API call
  • Added DGA risk for names that look like a DGA
  • Added HyperLogLog cardinality estimator API calls
  • Added ndpi_bin_XXX API calls to handle bin handling
  • Fully fuzzy tested code that has greatly improved reliability and robustness

New Supported Protocols and Services

  • QUIC
  • SMBv1
  • WebSocket
  • TLS: added ESNI support
  • SOAP
  • DNScrypt

Improvements

  • Python CFFI bindings
  • Various TLS extensions and fixes including extendede metadata support
  • Added various pcap files for testing corner cases in protocols
  • Various improvements in JSON/Binary data serialization
  • CiscoVPN
  • H323
  • MDNS
  • MySQL 8
  • IEC 60870-5-104
  • DoH/DoT dissection improvements
  • Office365 renamed to Microsoft365
  • Major protocol dissection improvement in particular with unknwon traffic
  • Improvement in Telegram v6 protocol support
  • HTTP improvements to detect file download/upload and binary files
  • BitTorrent and WhatsApp dissection improvement
  • Spotify
  • Added detection of malformed packets
  • Fuzzy testing support has been greatly improved
  • SSH code cleanup

Fixes

  • Fixed various memory leaks and race conditions in protocol decoding
  • NATS, CAPWAP dissector
  • Removed HyperScan support that greatly simplified the code
  • ARM platform fixes on memory alignment
  • Wireshark extcap support
  • DPDK support
  • OpenWRT, OpenBSD support
  • MINGW compiler support

MISC

  • Created demo app for nDPI newcomers
  • Removed obsolete pplive and pando protocols