Hi, just a fast feedback from here.
On Di, 2019-02-19 at 16:20 +0000, Michael Tremer wrote:
So, please toy around with (probably the ntop version of) nDPI. I would be interested to see where it goes, but I assume it won’t be very far. Does it work with nftables?
got some answers from the developer and it was pointed out to use the 4.15er kernel patch which did worked while building but loading the module was not possible:
[127389.287576] xt_ndpi: disagrees about version of symbol module_layout
which is a little sad since it seems like the only one actual development in this topic. Also the OpenDPI people have had their last activities 6 years ago --> https://github.com/ewildgoose/ndpi-netfilter .
A current working solution is here --> https://github.com/betolj/ndpi-netfilter findable which seems to be a kind of the original one. There is also no kernel/kernel_config patch needed but the code (but also the nDPI which is from ntop) seems to be pretty outdated (needed to patch main.c to bring it to life).
Some tests has been made and it do not work with 100 but with 90% but the last (fundamental) activities are there also 2 years ago and it looks like nobody maintains it currently.
A little documentation for a deeper look into, if wanted, can be found in here --> https://forum.ipfire.org/viewtopic.php?f=50&t=22320#p122679
Best and thanks again for your help.
Erik