API to add wildcard strings into automata #1709
Comments
|
In my understanding, these fields were provided to add wildcard feature in automata matching. So, if we add ABC$ in the automata, and string ABCD comes for matching, it should not match, AABC will match. Is this a correct understanding? |
|
The library used by nDPI implements substring matching so what you do is currently implemented checking the results returned, or with tricks like ".activision.com" to avoid matching myactivision.com |
|
Thanks @lucaderi . I have added another API as ndpi's string matching library already has support for "from_start", "at_end". Now this api can distinguish cases like "blabla.ABC.blabla" and "ABC". Using tricks like ".ABC." will match "blabla.ABC.blabla" as well, which is not desired. In host_match[], there are string to match like "*.gateway.messenger.live.com". Are we expecting CDNs to come with exactly same content having "*." ? Because I think there is no support in ahocorasick for "*.*" type of regex to Match-zero-or-more Operator. (eg. abc*.test.*res*). |
Hi,
In nDPI, I can't find any API to add wildcard strings(ABC$, ^ABC, ^A.BC$ etc) into automata. Inside AC_PATTERN_t structure nDPI has support to add "from_start", "at_end" field for each string. But from application POV, without wrapper APIs we need to fill/expose internal AC_PATTERN_t structure. ndpi_add_string_to_automa() should handle this before adding string to the automata. Any views on this?
Thanks
S
The text was updated successfully, but these errors were encountered: