diff --git a/src/lib/protocols/path_of_exile.c b/src/lib/protocols/path_of_exile.c index 3248e0f6822..7a14b50d640 100644 --- a/src/lib/protocols/path_of_exile.c +++ b/src/lib/protocols/path_of_exile.c @@ -36,6 +36,19 @@ static void ndpi_search_pathofexile(struct ndpi_detection_module_struct *ndpi_st NDPI_LOG_DBG(ndpi_struct, "search Path of Exile\n"); + /* Path of Exile 2 */ + if (packet->payload_packet_len == 19 && packet->payload[0] == 0) { + if (ntohs(get_u_int16_t(packet->payload, 1)) == 0x300 && + ntohs(get_u_int16_t(packet->payload, 7)) == 0x200 && + ntohl(get_u_int32_t(packet->payload, 14)) == 0x40) + { + NDPI_LOG_INFO(ndpi_struct, "found Path of Exile 2\n"); + ndpi_set_detected_protocol(ndpi_struct, flow, NDPI_PROTOCOL_PATHOFEXILE, NDPI_PROTOCOL_UNKNOWN, + NDPI_CONFIDENCE_DPI); + return; + } + } + /* The first packet always contains these signatures and the character's * nickname (from 4 to 23 chars). */ diff --git a/tests/cfgs/default/pcap/path_of_exile.pcapng b/tests/cfgs/default/pcap/path_of_exile.pcapng index f36b904f3db..a1a5eb95861 100644 Binary files a/tests/cfgs/default/pcap/path_of_exile.pcapng and b/tests/cfgs/default/pcap/path_of_exile.pcapng differ diff --git a/tests/cfgs/default/result/path_of_exile.pcapng.out b/tests/cfgs/default/result/path_of_exile.pcapng.out index fab1004833d..6bcb935a07c 100644 --- a/tests/cfgs/default/result/path_of_exile.pcapng.out +++ b/tests/cfgs/default/result/path_of_exile.pcapng.out @@ -1,13 +1,13 @@ -DPI Packets (TCP): 4 (4.00 pkts/flow) -Confidence DPI : 1 (flows) -Num dissector calls: 146 (146.00 diss/flow) +DPI Packets (TCP): 16 (4.00 pkts/flow) +Confidence DPI : 4 (flows) +Num dissector calls: 584 (146.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache stun: 0/0/0 (insert/search/found) LRU cache tls_cert: 0/0/0 (insert/search/found) LRU cache mining: 0/0/0 (insert/search/found) LRU cache msteams: 0/0/0 (insert/search/found) -LRU cache fpc_dns: 0/1/0 (insert/search/found) +LRU cache fpc_dns: 0/4/0 (insert/search/found) Automa host: 0/0 (search/found) Automa domain: 0/0 (search/found) Automa tls cert: 0/0 (search/found) @@ -17,11 +17,14 @@ Patricia risk mask: 0/0 (search/found) Patricia risk mask IPv6: 0/0 (search/found) Patricia risk: 0/0 (search/found) Patricia risk IPv6: 0/0 (search/found) -Patricia protocols: 2/0 (search/found) +Patricia protocols: 8/0 (search/found) Patricia protocols IPv6: 0/0 (search/found) -PathofExile 4 311 1 +PathofExile 16 1208 4 -Fun 4 311 1 +Fun 16 1208 4 1 TCP 192.168.88.231:36262 <-> 198.50.120.150:6112 [proto: 403/PathofExile][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 4][cat: Game/8][3 pkts/237 bytes <-> 1 pkts/74 bytes][Goodput ratio: 13/0][0.14 sec][TCP Fingerprint: 2_64_32120_2e3cee914fc1/Linux][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 2 TCP 192.168.1.13:36492 <-> 203.57.83.5:21360 [proto: 403/PathofExile][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 4][cat: Game/8][3 pkts/225 bytes <-> 1 pkts/74 bytes][Goodput ratio: 8/0][0.06 sec][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 3 TCP 192.168.1.13:49554 <-> 91.206.197.210:21360 [proto: 403/PathofExile][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 4][cat: Game/8][3 pkts/225 bytes <-> 1 pkts/74 bytes][Goodput ratio: 8/0][0.01 sec][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 4 TCP 192.168.1.13:50808 <-> 209.192.244.174:21360 [proto: 403/PathofExile][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 4][cat: Game/8][3 pkts/225 bytes <-> 1 pkts/74 bytes][Goodput ratio: 8/0][0.16 sec][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]