nDPI

      
      nDPI是流行的OpenDPI库的ntop维护超集。它是根据LGPL许可发布，其目标是通过添加新协议来扩展原始库，这些协议否则仅在OpenDPI的付费版本上可用。除了Unix平台，我们还支持Windows，以便为您提供跨平台的DPI体验。此外，我们还对nDPI进行了修改，使其更适合流量监控应用程序，方法是禁用降低DPI引擎速度的特定功能，而这些功能对于网络流量监控不是必需的。
      
      无论使用哪个端口，ntop和nProbe都使用nDPI来添加协议的应用层检测。这意味着既可以检测非标准端口上的已知协议(例如，检测80以外的端口上的HTTP)，也可以检测相反的协议(例如，检测端口80上的Skype业务)。这是因为现在port=application的概念不再成立。
      
      我们正在不断扩展nDPI，到目前为止支持的协议有很多，包括：
      
      FTP_CONTROL
      POP3
      SMTP
      IMAP
      DNS
      IPP
      HTTP
      MDNS
      NTP
      NetBIOS
      NFS
      SSDP
      BGP
      SNMP
      XDMCP
      SMBv1
      Syslog
      DHCP
      PostgreSQL
      MySQL
      Hotmail
      Direct_Download_Link
      POPS
      AppleJuice
      DirectConnect
      ntop
      COAP
      VMware
      SMTPS
      FacebookZero
      UBNTAC2
      Kontiki
      OpenFT
      FastTrack
      Gnutella
      eDonkey
      BitTorrent
      SkypeCall
      Signal
      Memcached
      SMBv23
      Mining
      NestLogSink
      Modbus
      Xbox
      QQ
      TikTok
      RTSP
      IMAPS
      IceCast
      PPLive
      PPStream
      Zattoo
      ShoutCast
      Sopcast
      Tvants
      TVUplayer
      HTTP_Download
      QQLive
      Thunder
      Soulseek
      SSL_No_Cert
      IRC
      Ayiya
      Unencrypted_Jabber
      MSN
      Oscar
      Yahoo
      BattleField
      GooglePlus
      VRRP
      Steam
      HalfLife2
      WorldOfWarcraft
      Telnet
      STUN
      IPsec
      GRE
      ICMP
      IGMP
      EGP
      SCTP
      OSPF
      IP_in_IP
      RTP
      RDP
      VNC
      PcAnywhere
      SSL
      SSH
      Usenet
      MGCP
      IAX
      TFTP
      AFP
      Stealthnet
      Aimini
      SIP
      TruPhone
      ICMPV6
      DHCPV6
      Armagetron
      Crossfire
      Dofus
      Fiesta
      Florensia
      Guildwars
      HTTP_ActiveSync
      Kerberos
      LDAP
      MapleStory
      MsSQL-TDS
      PPTP
      Warcraft3
      WorldOfKungFu
      Slack
      Facebook
      Twitter
      Dropbox
      GMail
      GoogleMaps
      YouTube
      Skype
      Google
      DCE_RPC
      NetFlow
      sFlow
      HTTP_Connect
      HTTP_Proxy
      Citrix
      NetFlix
      LastFM
      Waze
      YouTubeUpload
      GenericProtocol
      CHECKMK
      AJP
      Apple
      Webex
      WhatsApp
      AppleiCloud
      Viber
      AppleiTunes
      Radius
      WindowsUpdate
      TeamViewer
      Tuenti
      LotusNotes
      SAP
      GTP
      UPnP
      LLMNR
      RemoteScan
      Spotify
      Messenger
      H323
      OpenVPN
      NOE
      CiscoVPN
      TeamSpeak
      Tor
      CiscoSkinny
      RTCP
      RSYNC
      Oracle
      Corba
      UbuntuONE
      Whois-DAS
      Collectd
      SOCKS
      Nintendo
      RTMP
      FTP_DATA
      Wikipedia
      ZeroMQ
      Amazon
      eBay
      CNN
      Megaco
      Redis
      Pando_Media_Booster
      VHUA
      Telegram
      Vevo
      Pandora
      QUIC
      WhatsAppVoice
      EAQ
      Ookla
      AMQP
      KakaoTalk
      KakaoTalk_Voice
      Twitch
      WeChat
      MPEG_TS
      Snapchat
      Sina(Weibo)
      GoogleHangout
      IFLIX
      Github
      BJNP
      SMPP
      DNScrypt
      TINC
      Deezer
      Instagram
      Microsoft
      Starcraft
      Teredo
      HotspotShield
      HEP
      GoogleDrive
      OCS
      Office365
      Cloudflare
      MS_OneDrive
      MQTT
      RX
      AppleStore
      OpenDNS
      Git
      DRDA
      PlayStore
      SOMEIP
      FIX
      Playstation
      Pastebin
      LinkedIn
      SoundCloud
      CSGO
      LISP
      Diameter
      ApplePush
      GoogleServices
      AmazonVideo
      GoogleDocs
      WhatsAppFiles
      Targus Dataspeed
      DNP3
      IEC60870
      Bloomberg
      CAPWAP
      Zabbix
      s7comm
      Microsoft Teams
      WebSocket
      
      处理加密内容
      
      Internet流量的趋势通常是使用SSL的加密内容。为了使nDPI支持加密的连接，我们添加了用于SSL（客户端和服务器）证书的解码器，因此我们可以使用加密证书找出协议。这使我们能够识别诸如Citrix Online和Apple iCloud之类的协议，否则这些协议将不会被检测到。