forked from embedway/l7detect
Frank-KunLi/l7detect
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Folders and files
Name | Name | Last commit message | Last commit date | |
---|---|---|---|---|
Repository files navigation
1. l7detect是一个基于流的应用协议识别的框架; 2. l7detect实现了四个常用的协议识别引擎,基于port的pde,基于字符和位置的规则sde, 基于lua的lde,基于lua的协议解析引擎cdde(可针对特定协议解析,并加入ip+port作为快速表协议识别特征,可用于ftp,sip等协议)这些引擎都是以插件方式存在,你也可以做出自己的引擎,将她放入l7detect中; 3. 你现在可以用lua来扩展你希望识别的其他协议,现在的lde是比较简陋的,只能基于包的字节,包的长度等一些常用特征进行匹配,但她已经具备了一定的可扩展性,如:跨包的匹配,状态机的切换等等; 4. 希望有兴趣的朋友可以一起开发和完善l7detect框架以及协议识别引擎,有想法的话可以互相交流,我的邮箱是windslinux@gmail.com; 5. l7detect以解决中国国内的协议为主要问题,因此对于国外协议可能会出现不能很好支持的情况,希望有兴趣的人可以完善协议特征库,协议特征库在test/app.proto中; 6. l7detect会长期发展下去,但我只能利用有限的工作之余的时间来完成,如果bug不能及时修复,请大家见谅; 7. 非常感谢各种开源软件和技术,emacs,gcc, Makefile, git,lua,wireshark,没有你们我无法完成任何事情; 8. 该软件在federal core 5上测试通过,编译使用的是gcc和Gnu make,编译前请先安装好libpcap的开发库,如果你在别的类unix平台上不能编译通过或运行,请致信; English: 1. l7detect is a flow-based architecture of network application analysis; 2. Two simple engine was provied by l7detect, port base pde engine and lua based lde engine. All engines was designed as a plugin, so it is allowed to develop a new engine by yourself to add to l7detect; 3. lua config can be extended to support protocols you need. Although lde is a simple engine, she owns extensible characteristic, such as: multiple packet match, state machine. You are encouraged to enhance all protocol engines; 4. It's welcomed to develop l7detect framework and protocol detect engines, my email address is windslinux@gmail.com; 5. l7detect will slove most popular application protocols in China, other protocol is supported by someone who interested in it. Protocol signature is stored in test/app.proto file; 6. l7detect is a long-term project; 7. Thanks to a lot of open source project such as emacs,gcc, Makefile, git,lua,wireshark. Without the help of these project, I can do nothing; 8. l7detect was compiled and run in Fedore core 5, with gcc and Gnu make. If you have any problems, contact me with Email:windslinux@gmail.com;
About
Network application protocol detection software
Resources
Stars
Watchers
Forks
Packages 0
No packages published
Languages
- C 95.7%
- Makefile 2.7%
- Lua 1.6%