From 18542cb4d7bff7956f4322feb3128369704c5d2d Mon Sep 17 00:00:00 2001
From: "Ycarus (Yannick Chabanois)" <ycarus@zugaina.org>
Date: Tue, 22 Nov 2022 20:17:00 +0100
Subject: [PATCH] Update ndpi-netfilter2

---
 ndpi-netfilter2/Makefile                      |   2 +-
 .../patches/add_streaming_service.patch       | 114 ------------------
 .../patches/fix-confidence-level.patch        |  34 ++++++
 3 files changed, 35 insertions(+), 115 deletions(-)
 delete mode 100644 ndpi-netfilter2/patches/add_streaming_service.patch
 create mode 100644 ndpi-netfilter2/patches/fix-confidence-level.patch

diff --git a/ndpi-netfilter2/Makefile b/ndpi-netfilter2/Makefile
index de684c287..2c8976aa6 100644
--- a/ndpi-netfilter2/Makefile
+++ b/ndpi-netfilter2/Makefile
@@ -12,7 +12,7 @@ include $(INCLUDE_DIR)/kernel.mk
 PKG_NAME:=ndpi-netfilter2
 PKG_RELEASE:=3
 #PKG_REV:=b19e6392cf0c7d51c44e076a91fc4db0cbbd6403
-PKG_REV:=ad41165daf477f9f575819782d8e19adb772fbbd
+PKG_REV:=ce5cca1ec5972f8404ad66ec750a3c10968010fd
 PKG_VERSION:=4-$(PKG_REV)
 
 PKG_SOURCE_PROTO:=git
diff --git a/ndpi-netfilter2/patches/add_streaming_service.patch b/ndpi-netfilter2/patches/add_streaming_service.patch
deleted file mode 100644
index 21133573e..000000000
--- a/ndpi-netfilter2/patches/add_streaming_service.patch
+++ /dev/null
@@ -1,114 +0,0 @@
-From 9aeb879f3ffb9f854c574936740fa61620886063 Mon Sep 17 00:00:00 2001
-From: root <deepak.doddigarla@cyberreefsolutions.com>
-Date: Fri, 16 Sep 2022 13:29:46 -0500
-Subject: [PATCH] Added streaming services as protos to nDPI
-
-* Apple TV+
-* DirecTV
-* HBO
-* Vudu
-* Showtime
-* Dailymotion
-* Livestream
-* Tencent Video
-* IHeart Radio
-* Tidal
-* TuneIn
-* SiriusXM Radio
-
-Domains based on https://www.netify.ai/resources/applications
----
- src/include/ndpi_protocol_ids.h  | 12 +++++++
- src/lib/ndpi_content_match.c.inc | 56 ++++++++++++++++++++++++++++++++
- 2 files changed, 68 insertions(+)
-
-diff --git a/src/include/ndpi_protocol_ids.h b/src/include/ndpi_protocol_ids.h
-index 256fd8f24f..94d621d0c9 100644
---- a/src/include/ndpi_protocol_ids.h
-+++ b/src/include/ndpi_protocol_ids.h
-@@ -340,6 +340,18 @@
-   NDPI_PROTOCOL_KISMET                = 309,
-   NDPI_PROTOCOL_FASTCGI               = 310,
-   NDPI_PROTOCOL_FTPS                  = 311,
-+  NDPI_PROTOCOL_APPLETVPLUS           = 306,
-+  NDPI_PROTOCOL_DIRECTV               = 307,
-+  NDPI_PROTOCOL_HBO                   = 308,
-+  NDPI_PROTOCOL_VUDU                  = 309,
-+  NDPI_PROTOCOL_SHOWTIME              = 310,
-+  NDPI_PROTOCOL_DAILYMOTION           = 311,
-+  NDPI_PROTOCOL_LIVESTREAM            = 312,
-+  NDPI_PROTOCOL_TENCENTVIDEO          = 313,
-+  NDPI_PROTOCOL_IHEARTRADIO           = 314,
-+  NDPI_PROTOCOL_TIDAL                 = 315,
-+  NDPI_PROTOCOL_TUNEIN                = 316,
-+  NDPI_PROTOCOL_SIRIUSXMRADIO         = 317,
- 
- #ifdef CUSTOM_NDPI_PROTOCOLS
- #include "../../../nDPI-custom/custom_ndpi_protocol_ids.h"
-diff --git a/src/lib/ndpi_content_match.c.inc b/src/lib/ndpi_content_match.c.inc
-index eb320df253..161fd77f4f 100644
---- a/src/lib/ndpi_content_match.c.inc
-+++ b/src/lib/ndpi_content_match.c.inc
-@@ -1703,6 +1703,62 @@ ndpi_protocol_match host_match[] =
- 
-    { "cachefly.com",           "CacheFly", NDPI_PROTOCOL_CACHEFLY, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
- 
-+   { "tv.apple.com",                     "AppleTVPlus", NDPI_PROTOCOL_APPLETVPLUS, NDPI_PROTOCOL_CATEGORY_STREAMING, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_DEFAULT_LEVEL },
-+   { "tv.g.apple.com",                   "AppleTVPlus", NDPI_PROTOCOL_APPLETVPLUS, NDPI_PROTOCOL_CATEGORY_STREAMING, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_DEFAULT_LEVEL },
-+   { "tv.v.aaplimg.com",                 "AppleTVPlus", NDPI_PROTOCOL_APPLETVPLUS, NDPI_PROTOCOL_CATEGORY_STREAMING, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_DEFAULT_LEVEL },
-+
-+   { "directv.com",                      "DirecTV", NDPI_PROTOCOL_DIRECTV, NDPI_PROTOCOL_CATEGORY_STREAMING, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_DEFAULT_LEVEL },
-+   { "directvnow.com",                   "DirecTV", NDPI_PROTOCOL_DIRECTV, NDPI_PROTOCOL_CATEGORY_STREAMING, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_DEFAULT_LEVEL },
-+   { "dtvbb.tv",                         "DirecTV", NDPI_PROTOCOL_DIRECTV, NDPI_PROTOCOL_CATEGORY_STREAMING, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_DEFAULT_LEVEL },
-+   { "dtvce.com",                        "DirecTV", NDPI_PROTOCOL_DIRECTV, NDPI_PROTOCOL_CATEGORY_STREAMING, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_DEFAULT_LEVEL },
-+
-+   { "hbo.com",                          "HBO", NDPI_PROTOCOL_HBO, NDPI_PROTOCOL_CATEGORY_STREAMING, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_DEFAULT_LEVEL },
-+   { "hbogo.co.th",                      "HBO", NDPI_PROTOCOL_HBO, NDPI_PROTOCOL_CATEGORY_STREAMING, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_DEFAULT_LEVEL },
-+   { "hbogo.com",                        "HBO", NDPI_PROTOCOL_HBO, NDPI_PROTOCOL_CATEGORY_STREAMING, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_DEFAULT_LEVEL },
-+   { "hbogo.eu",                         "HBO", NDPI_PROTOCOL_HBO, NDPI_PROTOCOL_CATEGORY_STREAMING, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_DEFAULT_LEVEL },
-+   { "hbogoasia.com",                    "HBO", NDPI_PROTOCOL_HBO, NDPI_PROTOCOL_CATEGORY_STREAMING, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_DEFAULT_LEVEL },
-+   { "hbogoasia.id",                     "HBO", NDPI_PROTOCOL_HBO, NDPI_PROTOCOL_CATEGORY_STREAMING, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_DEFAULT_LEVEL },
-+   { "hbogoasia.ph",                     "HBO", NDPI_PROTOCOL_HBO, NDPI_PROTOCOL_CATEGORY_STREAMING, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_DEFAULT_LEVEL },
-+   { "hbomax.com",                       "HBO", NDPI_PROTOCOL_HBO, NDPI_PROTOCOL_CATEGORY_STREAMING, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_DEFAULT_LEVEL },
-+   { "hbomaxcdn.com",                    "HBO", NDPI_PROTOCOL_HBO, NDPI_PROTOCOL_CATEGORY_STREAMING, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_DEFAULT_LEVEL },
-+   { "hbonow.com",                       "HBO", NDPI_PROTOCOL_HBO, NDPI_PROTOCOL_CATEGORY_STREAMING, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_DEFAULT_LEVEL },
-+   { "maxgo.com",                        "HBO", NDPI_PROTOCOL_HBO, NDPI_PROTOCOL_CATEGORY_STREAMING, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_DEFAULT_LEVEL },
-+
-+   { "vudu.com",                         "Vudu", NDPI_PROTOCOL_VUDU, NDPI_PROTOCOL_CATEGORY_STREAMING, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_DEFAULT_LEVEL },
-+
-+   { ".showtime.com",                     "Showtime", NDPI_PROTOCOL_SHOWTIME, NDPI_PROTOCOL_CATEGORY_STREAMING, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_DEFAULT_LEVEL },
-+
-+   { "dai.ly",                           "Dailymotion", NDPI_PROTOCOL_DAILYMOTION, NDPI_PROTOCOL_CATEGORY_STREAMING, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_DEFAULT_LEVEL },
-+   { "dailymotion.com",                  "Dailymotion", NDPI_PROTOCOL_DAILYMOTION, NDPI_PROTOCOL_CATEGORY_STREAMING, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_DEFAULT_LEVEL },
-+   { "dailymotionadvertising.com",       "Dailymotion", NDPI_PROTOCOL_DAILYMOTION, NDPI_PROTOCOL_CATEGORY_STREAMING, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_DEFAULT_LEVEL },
-+   { "dmcdn.net",                        "Dailymotion", NDPI_PROTOCOL_DAILYMOTION, NDPI_PROTOCOL_CATEGORY_STREAMING, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_DEFAULT_LEVEL },
-+   { "dmxleo.com",                       "Dailymotion", NDPI_PROTOCOL_DAILYMOTION, NDPI_PROTOCOL_CATEGORY_STREAMING, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_DEFAULT_LEVEL },
-+
-+   { ".livestream.com",                   "Livestream", NDPI_PROTOCOL_LIVESTREAM, NDPI_PROTOCOL_CATEGORY_STREAMING, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_DEFAULT_LEVEL },
-+
-+   { "v.qq.com",                         "Tencentvideo", NDPI_PROTOCOL_TENCENTVIDEO, NDPI_PROTOCOL_CATEGORY_STREAMING, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_DEFAULT_LEVEL },
-+
-+   { "937theriver.com",                  "IHeartRadio", NDPI_PROTOCOL_IHEARTRADIO, NDPI_PROTOCOL_CATEGORY_MUSIC, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_DEFAULT_LEVEL },
-+   { "iheart.com",                       "IHeartRadio", NDPI_PROTOCOL_IHEARTRADIO, NDPI_PROTOCOL_CATEGORY_MUSIC, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_DEFAULT_LEVEL },
-+   { "iheart.mx",                        "IHeartRadio", NDPI_PROTOCOL_IHEARTRADIO, NDPI_PROTOCOL_CATEGORY_MUSIC, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_DEFAULT_LEVEL },
-+   { "iheartmedia.com",                  "IHeartRadio", NDPI_PROTOCOL_IHEARTRADIO, NDPI_PROTOCOL_CATEGORY_MUSIC, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_DEFAULT_LEVEL },
-+   { "iheartradio.ca",                   "IHeartRadio", NDPI_PROTOCOL_IHEARTRADIO, NDPI_PROTOCOL_CATEGORY_MUSIC, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_DEFAULT_LEVEL },
-+   { "iheartradio.co.nz",                "IHeartRadio", NDPI_PROTOCOL_IHEARTRADIO, NDPI_PROTOCOL_CATEGORY_MUSIC, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_DEFAULT_LEVEL },
-+   { "iheartradio.com",                  "IHeartRadio", NDPI_PROTOCOL_IHEARTRADIO, NDPI_PROTOCOL_CATEGORY_MUSIC, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_DEFAULT_LEVEL },
-+   { "ihrdev.com",                       "IHeartRadio", NDPI_PROTOCOL_IHEARTRADIO, NDPI_PROTOCOL_CATEGORY_MUSIC, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_DEFAULT_LEVEL },
-+   { "ihrhls.com",                       "IHeartRadio", NDPI_PROTOCOL_IHEARTRADIO, NDPI_PROTOCOL_CATEGORY_MUSIC, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_DEFAULT_LEVEL },
-+   { "ihrint.com",                       "IHeartRadio", NDPI_PROTOCOL_IHEARTRADIO, NDPI_PROTOCOL_CATEGORY_MUSIC, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_DEFAULT_LEVEL },
-+   { "ihrstage.com",                     "IHeartRadio", NDPI_PROTOCOL_IHEARTRADIO, NDPI_PROTOCOL_CATEGORY_MUSIC, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_DEFAULT_LEVEL },
-+   
-+   { ".tidal.com",                        "Tidal", NDPI_PROTOCOL_TIDAL, NDPI_PROTOCOL_CATEGORY_MUSIC, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_DEFAULT_LEVEL },
-+
-+   { "radiotime.com",                    "TuneIn", NDPI_PROTOCOL_TUNEIN, NDPI_PROTOCOL_CATEGORY_MUSIC, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_DEFAULT_LEVEL },
-+   { "tunein.com",                       "TuneIn", NDPI_PROTOCOL_TUNEIN, NDPI_PROTOCOL_CATEGORY_MUSIC, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_DEFAULT_LEVEL },
-+   { "tunenet.io",                       "TuneIn", NDPI_PROTOCOL_TUNEIN, NDPI_PROTOCOL_CATEGORY_MUSIC, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_DEFAULT_LEVEL },
-+
-+   { "siriusxm.ca",                       "SiriusXMRadio", NDPI_PROTOCOL_SIRIUSXMRADIO, NDPI_PROTOCOL_CATEGORY_MUSIC, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_DEFAULT_LEVEL },
-+   { "siriusxm.com",                      "SiriusXMRadio", NDPI_PROTOCOL_SIRIUSXMRADIO, NDPI_PROTOCOL_CATEGORY_MUSIC, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_DEFAULT_LEVEL },
-+
- #ifdef CUSTOM_NDPI_PROTOCOLS
- #include "../../../nDPI-custom/custom_ndpi_content_match_host_match.c.inc"
- #endif
diff --git a/ndpi-netfilter2/patches/fix-confidence-level.patch b/ndpi-netfilter2/patches/fix-confidence-level.patch
new file mode 100644
index 000000000..a28dbc90d
--- /dev/null
+++ b/ndpi-netfilter2/patches/fix-confidence-level.patch
@@ -0,0 +1,34 @@
+From d238ff6ad1715a640df62c7b47373293c8c136bd Mon Sep 17 00:00:00 2001
+From: Vitaly Lavrov <vel21ripn@gmail.com>
+Date: Tue, 22 Nov 2022 15:18:46 +0300
+Subject: [PATCH] Fix confidence level after ndpi_detection_giveup()
+
+---
+ ndpi-netfilter/src/main.c | 11 +++++++++++
+ 1 file changed, 11 insertions(+)
+
+diff --git a/ndpi-netfilter/src/main.c b/ndpi-netfilter/src/main.c
+index 5582eee938..3c39af8d5e 100644
+--- a/ndpi-netfilter/src/main.c
++++ b/ndpi-netfilter/src/main.c
+@@ -1676,9 +1676,20 @@ ndpi_mt(const struct sk_buff *skb, struct xt_action_param *par)
+ 		    	detect_complete = 1;
+ 			if(proto.app_protocol == NDPI_PROTOCOL_UNKNOWN) {
+ 			    u_int8_t proto_guessed;
++			    ndpi_protocol p_old = proto;
+ 			    proto = ndpi_detection_giveup(n->ndpi_struct, flow, 1, &proto_guessed);
++			    if(_DBG_TRACE_DPI) {
++			        if( p_old.app_protocol != proto.app_protocol ||
++				    p_old.master_protocol != proto.master_protocol ||
++				    confidence != flow->confidence)
++				    pr_info(" ndpi_process_packet ndpi_detection_giveup app,master [%u,%u]->[%u,%u] c %u->%u\n",
++						p_old.app_protocol,p_old.master_protocol,
++						proto.app_protocol,proto.master_protocol,
++						confidence,flow->confidence);
++			    }
+ 			    ct_ndpi->proto.app_protocol = proto.app_protocol;
+ 			    ct_ndpi->proto.master_protocol = proto.master_protocol;
++			    ct_ndpi->confidence = confidence = flow->confidence;
+ 			    c_proto->proto = pack_proto(proto);
+ 			}
+ 		    	if(_DBG_TRACE_DDONE)