From 18655655148a6074d36f4fb57167b6e7823d7aa8 Mon Sep 17 00:00:00 2001 From: Kjell Hedstrom Date: Fri, 4 Oct 2013 13:40:08 -0600 Subject: [PATCH] Updated Applications.proto/DpiMsgLRproto.proto and Applications.csv to Qosmos 1.2.0 --- protofiles/Applications.proto | 13 +++++++++++++ protofiles/DpiMsgLRproto.proto | 29 ++++++++++++++++++++++++++--- resources/Applications.csv | 13 +++++++++++++ 3 files changed, 52 insertions(+), 3 deletions(-) diff --git a/protofiles/Applications.proto b/protofiles/Applications.proto index 1449315f391dd..9da99b115ca8e 100644 --- a/protofiles/Applications.proto +++ b/protofiles/Applications.proto @@ -1614,4 +1614,17 @@ optional string chatroulette = 1612 [default = "Chatroulette is an online chat w optional string cryptoheaven = 1613 [default = "Secure email and online file storage service."]; optional string mendeley = 1614 [default = "Sharing and annotating document web service. ( http://www.mendeley.com )"]; optional string pichat = 1615 [default = "Online Chat Application ( pichat.net )."]; +optional string blackberry_update = 1616 [default = "This protocol classifies the Blackberry 10 family OS software updates."]; +optional string itv_player = 1617 [default = "Proprietary iOS application and website for VOD content (TV catch up) and live channels streaming."]; +optional string mypeople_messenger = 1618 [default = "MyPeople Messenger is a cross-platform application providing free text picture and video messaging."]; +optional string line_games = 1619 [default = "This protocol plug-in classifies the http traffic to the host linegame.com the portal of various Line games."]; +optional string chat_on = 1620 [default = "chatON is a global mobile communication service introduced by Samsung Electronics."]; +optional string line_wind_runner = 1621 [default = "Line Wind Runner is a popular asian mobile device game accessible from the Line application."]; +optional string touch = 1622 [default = "Touch is a cross-platform application providing free text picture and video messaging."]; +optional string websocket = 1623 [default = "The WebSocket Protocol as described in IETF RFC6455."]; +optional string magumagu = 1624 [default = "2013 for Kakao (aka Magu-Magu) is Korean baseball game developped by CJ E&M corp."]; +optional string lync = 1625 [default = "Microsoft Lync IM VoIP and desktop sharing services (corporate and on-line services)."]; +optional string high_entropy = 1626 [default = "High Entropy is a virtual protocol used to detect potentially encrypted payloads. Important note: the classification of this layer is effective since the 4.18.0 version of the ixEngine framework. The classification is based on two methods: entropy value computation and printable strings detection."]; +optional string saavn_music = 1627 [default = "Saavn is a streaming application providing free Indian and Bollywood music to listeners."]; +optional string maaii = 1628 [default = "Maaii is a cross-platform messaging application which allows iPhone and Android users to send and receive text messages and phone calls for free."]; } diff --git a/protofiles/DpiMsgLRproto.proto b/protofiles/DpiMsgLRproto.proto index 92614ade9b41f..43f1bc743874f 100644 --- a/protofiles/DpiMsgLRproto.proto +++ b/protofiles/DpiMsgLRproto.proto @@ -1937,8 +1937,6 @@ repeated bytes user_idQ_PROTO_SIP = 2218; // QOSMOS:Q_PROTO_SIP,Q_SIP_USER_ID repeated bytes loginQ_PROTO_SKYBLOG = 2219; // QOSMOS:Q_PROTO_SKYBLOG,Q_MPA_LOGIN repeated bytes passwordQ_PROTO_SKYBLOG = 2220; // QOSMOS:Q_PROTO_SKYBLOG,Q_MPA_PASSWORD repeated bytes versionQ_PROTO_SKYPE = 2221; // QOSMOS:Q_PROTO_SKYPE,Q_MPA_VERSION -repeated bytes service_typeQ_PROTO_SKYPE = 2222; // QOSMOS:Q_PROTO_SKYPE,Q_SKYPE_SERVICE_TYPE -optional uint32 service_divergenceQ_PROTO_SKYPE = 2223; // QOSMOS:Q_PROTO_SKYPE,Q_SKYPE_SERVICE_DIVERGENCE repeated bytes nearest_serviceQ_PROTO_SKYPE = 2224; // QOSMOS:Q_PROTO_SKYPE,Q_SKYPE_NEAREST_SERVICE repeated bytes queryQ_PROTO_SLSK = 2225; // QOSMOS:Q_PROTO_SLSK,Q_MPA_QUERY optional uint32 versionQ_PROTO_SLSK = 2226; // QOSMOS:Q_PROTO_SLSK,Q_MPA_VERSION @@ -2576,7 +2574,6 @@ repeated bytes versionQ_PROTO_H225 = 2858; // QOSMOS:Q_PROTO_H225,Q_MPA_VERSION repeated bytes ntlm_domainQ_PROTO_HTTP = 2859; // QOSMOS:Q_PROTO_HTTP,Q_MPA_NTLM_DOMAIN repeated bytes ntlm_userQ_PROTO_HTTP = 2860; // QOSMOS:Q_PROTO_HTTP,Q_MPA_NTLM_USER repeated bytes ntlm_workstationQ_PROTO_HTTP = 2861; // QOSMOS:Q_PROTO_HTTP,Q_MPA_NTLM_WORKSTATION -repeated bytes x_client_ipQ_PROTO_ICAP = 2862; // QOSMOS:Q_PROTO_ICAP,Q_ICAP_X_CLIENT_IP repeated bytes user_agentQ_PROTO_LINE = 2863; // QOSMOS:Q_PROTO_LINE,Q_MPA_USER_AGENT optional uint32 service_idQ_PROTO_MPLUS_MESSENGER = 2864; // QOSMOS:Q_PROTO_MPLUS_MESSENGER,Q_MPA_SERVICE_ID repeated bytes serviceQ_PROTO_MPLUS_MESSENGER = 2865; // QOSMOS:Q_PROTO_MPLUS_MESSENGER,Q_MPA_SERVICE @@ -2608,4 +2605,30 @@ optional uint32 mos_satelliteQ_PROTO_RTP = 2890; // QOSMOS:Q_PROTO_RTP,Q_RTP_MOS optional uint32 caller_user_phoneQ_PROTO_SIP = 2891; // QOSMOS:Q_PROTO_SIP,Q_SIP_CALLER_USER_PHONE optional uint32 callee_user_phoneQ_PROTO_SIP = 2892; // QOSMOS:Q_PROTO_SIP,Q_SIP_CALLEE_USER_PHONE optional uint32 call_durationQ_PROTO_TANGO = 2893; // QOSMOS:Q_PROTO_TANGO,Q_MPA_CALL_DURATION +optional uint32 entropyQ_PROTO_HIGH_ENTROPY = 2894; // QOSMOS:Q_PROTO_HIGH_ENTROPY,Q_HIGH_ENTROPY_ENTROPY +repeated bytes upgrade_headerQ_PROTO_HTTP = 2895; // QOSMOS:Q_PROTO_HTTP,Q_HTTP_UPGRADE_HEADER +repeated bytes uri_decodedQ_PROTO_HTTP = 2896; // QOSMOS:Q_PROTO_HTTP,Q_HTTP_URI_DECODED +repeated bytes uri_get_decodedQ_PROTO_HTTP = 2897; // QOSMOS:Q_PROTO_HTTP,Q_HTTP_URI_GET_DECODED +repeated bytes uri_post_decodedQ_PROTO_HTTP = 2898; // QOSMOS:Q_PROTO_HTTP,Q_HTTP_URI_POST_DECODED +repeated bytes uri_path_decodedQ_PROTO_HTTP = 2899; // QOSMOS:Q_PROTO_HTTP,Q_HTTP_URI_PATH_DECODED +repeated bytes post_variable_decodedQ_PROTO_HTTP = 2900; // QOSMOS:Q_PROTO_HTTP,Q_HTTP_POST_VARIABLE_DECODED +repeated bytes x_client_ip_respmod_reqQ_PROTO_ICAP = 2901; // QOSMOS:Q_PROTO_ICAP,Q_ICAP_X_CLIENT_IP_RESPMOD_REQ +repeated bytes referer_respmod_reqQ_PROTO_ICAP = 2902; // QOSMOS:Q_PROTO_ICAP,Q_ICAP_REFERER_RESPMOD_REQ +repeated bytes content_type_respmod_reqQ_PROTO_ICAP = 2903; // QOSMOS:Q_PROTO_ICAP,Q_ICAP_CONTENT_TYPE_RESPMOD_REQ +repeated bytes user_agent_respmod_reqQ_PROTO_ICAP = 2904; // QOSMOS:Q_PROTO_ICAP,Q_ICAP_USER_AGENT_RESPMOD_REQ +repeated bytes host_respmod_reqQ_PROTO_ICAP = 2905; // QOSMOS:Q_PROTO_ICAP,Q_ICAP_HOST_RESPMOD_REQ +repeated bytes uri_respmod_reqQ_PROTO_ICAP = 2906; // QOSMOS:Q_PROTO_ICAP,Q_ICAP_URI_RESPMOD_REQ +repeated bytes method_respmod_reqQ_PROTO_ICAP = 2907; // QOSMOS:Q_PROTO_ICAP,Q_ICAP_METHOD_RESPMOD_REQ +optional uint32 code_respmod_reqQ_PROTO_ICAP = 2908; // QOSMOS:Q_PROTO_ICAP,Q_ICAP_CODE_RESPMOD_REQ +repeated bytes callerQ_PROTO_LINE = 2909; // QOSMOS:Q_PROTO_LINE,Q_MPA_CALLER +optional string call_durationQ_PROTO_QQ = 2910; // QOSMOS:Q_PROTO_QQ,Q_MPA_CALL_DURATION,timeval,timevalToString +repeated bytes serviceQ_PROTO_SKYPE = 2911; // QOSMOS:Q_PROTO_SKYPE,Q_SKYPE_SERVICE +optional uint32 service_idQ_PROTO_SKYPE = 2912; // QOSMOS:Q_PROTO_SKYPE,Q_MPA_SERVICE_ID +repeated bytes serviceQ_PROTO_TANGO = 2913; // QOSMOS:Q_PROTO_TANGO,Q_MPA_SERVICE +repeated bytes serviceQ_PROTO_VIBER = 2914; // QOSMOS:Q_PROTO_VIBER,Q_MPA_SERVICE +optional uint32 service_idQ_PROTO_VIBER = 2915; // QOSMOS:Q_PROTO_VIBER,Q_MPA_SERVICE_ID +optional uint32 service_idQ_PROTO_WECHAT = 2916; // QOSMOS:Q_PROTO_WECHAT,Q_MPA_SERVICE_ID +repeated bytes serviceQ_PROTO_WECHAT = 2917; // QOSMOS:Q_PROTO_WECHAT,Q_MPA_SERVICE +optional uint32 service_idQ_PROTO_WHATSAPP = 2918; // QOSMOS:Q_PROTO_WHATSAPP,Q_MPA_SERVICE_ID +repeated bytes serviceQ_PROTO_WHATSAPP = 2919; // QOSMOS:Q_PROTO_WHATSAPP,Q_MPA_SERVICE } diff --git a/resources/Applications.csv b/resources/Applications.csv index 2a609c18e2736..9ad825359d511 100644 --- a/resources/Applications.csv +++ b/resources/Applications.csv @@ -1607,3 +1607,16 @@ chatroulette,1612,"Chatroulette is an online chat website. ( http://chatroulette cryptoheaven,1613,"Secure email and online file storage service." mendeley,1614,"Sharing and annotating document web service. ( http://www.mendeley.com )" pichat,1615,"Online Chat Application ( pichat.net )." +blackberry_update,1616,"This protocol classifies the Blackberry 10 family OS software updates." +itv_player,1617,"Proprietary iOS application and website for VOD content (TV catch up) and live channels streaming." +mypeople_messenger,1618,"MyPeople Messenger is a cross-platform application providing free text picture and video messaging." +line_games,1619,"This protocol plug-in classifies the http traffic to the host linegame.com the portal of various Line games." +chat_on,1620,"chatON is a global mobile communication service introduced by Samsung Electronics." +line_wind_runner,1621,"Line Wind Runner is a popular asian mobile device game accessible from the Line application." +touch,1622,"Touch is a cross-platform application providing free text picture and video messaging." +websocket,1623,"The WebSocket Protocol as described in IETF RFC6455." +magumagu,1624,"2013 for Kakao (aka Magu-Magu) is Korean baseball game developped by CJ E&M corp." +lync,1625,"Microsoft Lync IM VoIP and desktop sharing services (corporate and on-line services)." +high_entropy,1626,"High Entropy is a virtual protocol used to detect potentially encrypted payloads. Important note: the classification of this layer is effective since the 4.18.0 version of the ixEngine framework. The classification is based on two methods: entropy value computation and printable strings detection." +saavn_music,1627,"Saavn is a streaming application providing free Indian and Bollywood music to listeners." +maaii,1628,"Maaii is a cross-platform messaging application which allows iPhone and Android users to send and receive text messages and phone calls for free."