Add --no-dport-filter flag

This flag allows to reduce amount of network packet to analyze.
2026-01-27 12:40:36 +03:00 · 2025-01-09 00:53:56 +03:00
parent 37c8a798fd
commit 9b58869864
5 changed files with 24 additions and 0 deletions
--- a/src/mangle.c
+++ b/src/mangle.c
@@ -214,6 +214,11 @@ int process_tcp_packet(const struct section_config_t *section, const uint8_t *ra
 		goto accept;
 	}

+	// As defined by TLS standard.
+	if (section->dport_filter && ntohs(tcph->dest) != 443) {
+		goto accept;
+	}
+
 	if (tcph->syn && section->synfake) {
 		lgtrace_addp("TCP syn alter");