'ndpi_add_host_url_subprotocol', need custom category and breed

[UnveilTech]

Hello Ivan,

proposal of improvment:
to be able to define a category and breed with the function 'ndpi_add_host_url_subprotocol'

• file: ndpi_main.c
• main function: static int ndpi_handle_rule(struct ndpi_detection_module_struct *ndpi_str, char *rule)
• used function: ndpi_add_host_url_subprotocol(ndpi_str, value, subprotocol_id, NDPI_PROTOCOL_CATEGORY_UNSPECIFIED, NDPI_PROTOCOL_ACCEPTABLE, 0);

it should be fine to use category and breed we need instead of NDPI_PROTOCOL_CATEGORY_UNSPECIFIED and NDPI_PROTOCOL_ACCEPTABLE as by default here.

what do you think ?

we understand it could modify the format of the proto.txt, but it'll be a great +

bye Fred

[0xA50C1A1]

I've tried to implement this before, but didn't create a PR. I think the main issue with the new proto.txt format is: how to add category and breed in a way that doesn't make it ambiguous?

[UnveilTech]

Hi Vladimir,
quick examples:
'host:"api-global.netflix.com"@Netflix=|Network|Safe'
'host:"api-global.netflix.com"@Netflix=1024|Network|Safe'
'host:"api-global.netflix.com"@Netflix=|Network'
'host:"api-global.netflix.com"@Netflix=1024||Safe'
'host:"api-global.netflix.com"@Netflix=1024,Network,Safe'
'host:"api-global.netflix.com"@Netflix,Network,Safe' (no number after the CustomProtocol means the next part is a category)
etc...

there are dozens of scenarios here.
you can use the mark you think it could be the best or the easiest to cut the string... :o)

another nice way could be to use a json format (ex.: proto.json) to define each host/values... maybe more complicated but much more powerful.

bye Fred