aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorIvan Nardi <12729895+IvanNardi@users.noreply.github.com>2022-03-28 04:25:34 +0200
committerGitHub <noreply@github.com>2022-03-28 04:25:34 +0200
commit6bcba118d476d503c73fafe77054ed2e1117e745 (patch)
tree16195d5f3a88797a93cea115eb2cd88769d40247
parent6acf7a6abeb58547ea85236c044ac0d1b8f80d9d (diff)
reader_util: add support for userAgent in SSDP (#1502)
Update unit tests results Follow-up of d668ab4b
Diffstat
-rw-r--r--example/reader_util.c2
-rw-r--r--tests/result/anyconnect-vpn.pcap.out4
-rw-r--r--tests/result/gnutella.pcap.out12
-rw-r--r--tests/result/ssdp-m-search-ua.pcap.out2
-rw-r--r--tests/result/telegram.pcap.out2
5 files changed, 12 insertions, 10 deletions
diff --git a/example/reader_util.c b/example/reader_util.c
index eff022fe2..7bf2a681d 100644
--- a/example/reader_util.c
+++ b/example/reader_util.c
@@ -1113,6 +1113,8 @@ void process_ndpi_collected_info(struct ndpi_workflow * workflow, struct ndpi_fl
snprintf(flow->http.request_content_type, sizeof(flow->http.request_content_type), "%s", flow->ndpi_flow->http.request_content_type ? flow->ndpi_flow->http.request_content_type : "");
snprintf(flow->http.user_agent, sizeof(flow->http.user_agent), "%s", flow->ndpi_flow->http.user_agent ? flow->ndpi_flow->http.user_agent : "");
}
+ } else if(is_ndpi_proto(flow, NDPI_PROTOCOL_SSDP)) {
+ snprintf(flow->http.user_agent, sizeof(flow->http.user_agent), "%s", flow->ndpi_flow->http.user_agent ? flow->ndpi_flow->http.user_agent : "");
} else if(is_ndpi_proto(flow, NDPI_PROTOCOL_TELNET)) {
if(flow->ndpi_flow->protos.telnet.username[0] != '\0')
flow->telnet.username = ndpi_strdup(flow->ndpi_flow->protos.telnet.username);
diff --git a/tests/result/anyconnect-vpn.pcap.out b/tests/result/anyconnect-vpn.pcap.out
index dbca63334..03c30bbc0 100644
--- a/tests/result/anyconnect-vpn.pcap.out
+++ b/tests/result/anyconnect-vpn.pcap.out
@@ -51,7 +51,7 @@ JA3 Host Stats:
17 UDP 10.0.0.213:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][ClearText][Confidence: DPI][cat: Network/14][9 pkts/1448 bytes -> 0 pkts/0 bytes][Goodput ratio: 74/0][25.40 sec][Hostname/SNI: _raop._tcp.local][_raop._tcp.local][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 819/0 3174/0 11263/0 3646/0][Pkt Len c2s/s2c min/avg/max/stddev: 132/0 161/0 186/0 24/0][PLAIN TEXT (companion)][Plen Bins: 0,0,33,22,44,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
18 UDP 10.0.0.151:1900 -> 10.0.0.227:57547 [proto: 12/SSDP][ClearText][Confidence: DPI][cat: System/18][4 pkts/1412 bytes -> 0 pkts/0 bytes][Goodput ratio: 88/0][2.86 sec][PLAIN TEXT (HTTP/1.1 200 OK)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
19 TCP 10.0.0.227:56881 <-> 162.222.43.153:443 [proto: 91/TLS][Encrypted][Confidence: Match by port][cat: Web/5][6 pkts/762 bytes <-> 6 pkts/396 bytes][Goodput ratio: 48/0][0.05 sec][bytes ratio: 0.316 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/1 0/1 0/2 0/1][Pkt Len c2s/s2c min/avg/max/stddev: 82/66 127/66 292/66 75/0][Plen Bins: 50,33,0,0,0,0,0,16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 20 UDP 10.0.0.227:57547 -> 239.255.255.250:1900 [proto: 12/SSDP][ClearText][Confidence: DPI][cat: System/18][4 pkts/864 bytes -> 0 pkts/0 bytes][Goodput ratio: 80/0][3.00 sec][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 20 UDP 10.0.0.227:57547 -> 239.255.255.250:1900 [proto: 12/SSDP][ClearText][Confidence: DPI][cat: System/18][4 pkts/864 bytes -> 0 pkts/0 bytes][Goodput ratio: 80/0][3.00 sec][User-Agent: Google Chrome/77.0.3865.90 Mac OS X][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
21 UDP 10.0.0.149:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][ClearText][Confidence: DPI][cat: Network/14][4 pkts/655 bytes -> 0 pkts/0 bytes][Goodput ratio: 74/0][0.00 sec][Hostname/SNI: _googlezone._tcp.local][_googlezone._tcp.local][PLAIN TEXT (googlezone)][Plen Bins: 0,25,25,0,25,0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
22 UDP 10.0.0.149:38616 -> 10.0.0.227:61328 [proto: 12/SSDP][ClearText][Confidence: DPI][cat: System/18][1 pkts/556 bytes -> 0 pkts/0 bytes][Goodput ratio: 92/0][< 1 sec][PLAIN TEXT (HTTP/1.1 200 OK)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
23 UDP 10.0.0.149:48166 -> 10.0.0.227:57547 [proto: 12/SSDP][ClearText][Confidence: DPI][cat: System/18][1 pkts/556 bytes -> 0 pkts/0 bytes][Goodput ratio: 92/0][< 1 sec][PLAIN TEXT (HTTP/1.1 200 OK)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
@@ -78,7 +78,7 @@ JA3 Host Stats:
44 UDP 10.0.0.227:57017 <-> 75.75.75.75:53 [proto: 5/DNS][ClearText][Confidence: DPI][cat: Network/14][1 pkts/93 bytes <-> 1 pkts/145 bytes][Goodput ratio: 54/71][0.02 sec][Hostname/SNI: lp-rkerur-osx.hsd1.ca.comcast.net][::][Risk: ** Error Code Detected **][Risk Score: 10][PLAIN TEXT (RKERUR)][Plen Bins: 0,50,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
45 UDP 10.0.0.227:59222 <-> 75.75.75.75:53 [proto: 5/DNS][ClearText][Confidence: DPI][cat: Network/14][1 pkts/93 bytes <-> 1 pkts/145 bytes][Goodput ratio: 54/71][0.02 sec][Hostname/SNI: lp-rkerur-osx.hsd1.ca.comcast.net][::][Risk: ** Error Code Detected **][Risk Score: 10][PLAIN TEXT (RKERUR)][Plen Bins: 0,50,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
46 UDP 10.0.0.227:54851 <-> 75.75.76.76:53 [proto: 5/DNS][ClearText][Confidence: DPI][cat: Network/14][1 pkts/76 bytes <-> 1 pkts/157 bytes][Goodput ratio: 44/73][0.05 sec][Hostname/SNI: print.viasat.com][::][Risk: ** Error Code Detected **][Risk Score: 10][PLAIN TEXT (viasat)][Plen Bins: 0,50,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 47 UDP 10.0.0.227:61328 -> 239.255.255.250:1900 [proto: 12/SSDP][ClearText][Confidence: DPI][cat: System/18][1 pkts/216 bytes -> 0 pkts/0 bytes][Goodput ratio: 80/0][< 1 sec][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 47 UDP 10.0.0.227:61328 -> 239.255.255.250:1900 [proto: 12/SSDP][ClearText][Confidence: DPI][cat: System/18][1 pkts/216 bytes -> 0 pkts/0 bytes][Goodput ratio: 80/0][< 1 sec][User-Agent: Google Chrome/77.0.3865.90 Mac OS X][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
48 UDP 10.0.0.227:63107 <-> 75.75.76.76:53 [proto: 5/DNS][ClearText][Confidence: DPI][cat: Network/14][1 pkts/65 bytes <-> 1 pkts/140 bytes][Goodput ratio: 35/70][0.03 sec][Hostname/SNI: local][::][Risk: ** Error Code Detected **][Risk Score: 10][PLAIN TEXT (servers)][Plen Bins: 50,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
49 UDP 10.0.0.227:64972 <-> 75.75.75.75:53 [proto: 5/DNS][ClearText][Confidence: DPI][cat: Network/14][1 pkts/101 bytes <-> 1 pkts/101 bytes][Goodput ratio: 58/58][0.02 sec][Hostname/SNI: lb._dns-sd._udp.0.128.28.172.in-addr.arpa][::][Risk: ** Error Code Detected **][Risk Score: 10][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
50 TCP 10.0.0.227:56865 <-> 10.0.0.149:8008 [proto: 161/CiscoVPN][Encrypted][Confidence: Match by port][cat: VPN/2][2 pkts/132 bytes <-> 1 pkts/66 bytes][Goodput ratio: 0/0][0.00 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
diff --git a/tests/result/gnutella.pcap.out b/tests/result/gnutella.pcap.out
index b641d1061..2011caca5 100644
--- a/tests/result/gnutella.pcap.out
+++ b/tests/result/gnutella.pcap.out
@@ -88,7 +88,7 @@ JA3 Host Stats:
55 TCP 10.0.2.15:50304 <-> 85.168.34.105:39908 [proto: 35/Gnutella][ClearText][Confidence: DPI][cat: Download/7][5 pkts/881 bytes <-> 5 pkts/528 bytes][Goodput ratio: 68/48][0.10 sec][bytes ratio: 0.251 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/14 24/19 43/42 18/17][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 176/106 653/308 238/101][Risk: ** Unsafe Protocol **][Risk Score: 10][PLAIN TEXT (GNUTELLA CONNECT/0.6)][Plen Bins: 0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
56 TCP 10.0.2.15:50261 <-> 156.57.42.2:33476 [proto: 35/Gnutella][ClearText][Confidence: DPI][cat: Download/7][5 pkts/879 bytes <-> 5 pkts/527 bytes][Goodput ratio: 68/48][13.84 sec][bytes ratio: 0.250 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 3460/4229 12669/12668 5337/5967][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 176/105 651/307 238/101][Risk: ** Unsafe Protocol **][Risk Score: 10][PLAIN TEXT (GNUTELLA CONNECT/0.6)][Plen Bins: 0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
57 TCP 10.0.2.15:50250 <-> 27.94.154.53:6346 [proto: 35/Gnutella][ClearText][Confidence: DPI][cat: Download/7][5 pkts/880 bytes <-> 5 pkts/524 bytes][Goodput ratio: 68/48][0.46 sec][bytes ratio: 0.254 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 114/85 256/255 115/120][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 176/105 652/304 238/100][Risk: ** Unsafe Protocol **][Risk Score: 10][PLAIN TEXT (GNUTELLA CONNECT/0.6)][Plen Bins: 0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 58 UDP 10.0.2.15:57623 -> 239.255.255.250:1900 [proto: 12/SSDP][ClearText][Confidence: DPI][cat: System/18][6 pkts/1294 bytes -> 0 pkts/0 bytes][Goodput ratio: 80/0][< 1 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/0 0/0 0/0][Pkt Len c2s/s2c min/avg/max/stddev: 188/0 216/0 224/0 13/0][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,0,16,83,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 58 UDP 10.0.2.15:57623 -> 239.255.255.250:1900 [proto: 12/SSDP][ClearText][Confidence: DPI][cat: System/18][6 pkts/1294 bytes -> 0 pkts/0 bytes][Goodput ratio: 80/0][< 1 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/0 0/0 0/0][Pkt Len c2s/s2c min/avg/max/stddev: 188/0 216/0 224/0 13/0][User-Agent: gtk-gnutella/1.2.2 (2022-02-25)][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,0,16,83,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
59 UDP 10.0.2.15:138 -> 10.0.2.255:138 [proto: 10.16/NetBIOS.SMBv1][ClearText][Confidence: DPI][cat: System/18][5 pkts/1215 bytes -> 0 pkts/0 bytes][Goodput ratio: 83/0][582.84 sec][Hostname/SNI: msedgewin10][Risk: ** Unsafe Protocol **][Risk Score: 10][PLAIN TEXT ( ENFDEFEEEHEFFHEJEODBDACACACACA)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
60 TCP 10.0.2.15:50199 <-> 47.147.52.21:36728 [proto: 35/Gnutella][ClearText][Confidence: DPI][cat: Download/7][5 pkts/880 bytes <-> 4 pkts/220 bytes][Goodput ratio: 68/0][0.44 sec][bytes ratio: 0.600 (Upload)][IAT c2s/s2c min/avg/max/stddev: 27/27 111/36 232/44 82/8][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 176/55 652/58 238/2][Risk: ** Unsafe Protocol **][Risk Score: 10][PLAIN TEXT (GNUTELLA CONNECT/0.6)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
61 TCP 10.0.2.15:50291 <-> 200.7.155.210:28365 [proto: 35/Gnutella][ClearText][Confidence: DPI][cat: Download/7][5 pkts/905 bytes <-> 3 pkts/166 bytes][Goodput ratio: 66/0][24.54 sec][bytes ratio: 0.690 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1/2 3913/2 6610/2 2636/0][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 181/55 653/58 236/2][Risk: ** Unsafe Protocol **][Risk Score: 10][PLAIN TEXT (GNUTELLA CONNECT/0.6)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
@@ -98,11 +98,11 @@ JA3 Host Stats:
65 TCP 10.0.2.15:50293 <-> 97.83.183.148:8890 [proto: 35/Gnutella][ClearText][Confidence: DPI][cat: Download/7][3 pkts/773 bytes <-> 3 pkts/166 bytes][Goodput ratio: 77/0][0.34 sec][bytes ratio: 0.646 (Upload)][IAT c2s/s2c min/avg/max/stddev: 5/5 82/5 160/5 78/0][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 258/55 653/58 280/2][Risk: ** Unsafe Protocol **][Risk Score: 10][PLAIN TEXT (GNUTELLA CONNECT/0.6)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
66 TCP 10.0.2.15:50302 <-> 75.64.6.175:4743 [proto: 35/Gnutella][ClearText][Confidence: DPI][cat: Download/7][3 pkts/771 bytes <-> 3 pkts/166 bytes][Goodput ratio: 77/0][11.17 sec][bytes ratio: 0.646 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 76/0 153/0 76/0][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 257/55 651/58 279/2][Risk: ** Unsafe Protocol **][Risk Score: 10][PLAIN TEXT (GNUTELLA CONNECT/0.6)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
67 UDP [fe80::c50d:519f:96a4:e108]:5353 -> [ff02::fb]:5353 [proto: 8/MDNS][ClearText][Confidence: DPI][cat: Network/14][9 pkts/906 bytes -> 0 pkts/0 bytes][Goodput ratio: 38/0][30.66 sec][Hostname/SNI: msedgewin10.local][msedgewin10.local][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 3832/0 27655/0 9028/0][Pkt Len c2s/s2c min/avg/max/stddev: 92/0 101/0 135/0 13/0][PLAIN TEXT (MSEDGEWIN)][Plen Bins: 44,44,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 68 UDP 10.0.2.15:50213 -> 239.255.255.250:1900 [proto: 12/SSDP][ClearText][Confidence: DPI][cat: System/18][4 pkts/864 bytes -> 0 pkts/0 bytes][Goodput ratio: 80/0][3.03 sec][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 69 UDP 10.0.2.15:50214 -> 239.255.255.250:1900 [proto: 12/SSDP][ClearText][Confidence: DPI][cat: System/18][4 pkts/864 bytes -> 0 pkts/0 bytes][Goodput ratio: 80/0][3.06 sec][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 70 UDP 10.0.2.15:51685 -> 239.255.255.250:1900 [proto: 12/SSDP][ClearText][Confidence: DPI][cat: System/18][4 pkts/864 bytes -> 0 pkts/0 bytes][Goodput ratio: 80/0][3.03 sec][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 71 UDP 10.0.2.15:55708 -> 239.255.255.250:1900 [proto: 12/SSDP][ClearText][Confidence: DPI][cat: System/18][4 pkts/864 bytes -> 0 pkts/0 bytes][Goodput ratio: 80/0][3.05 sec][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 72 UDP 10.0.2.15:57552 -> 239.255.255.250:1900 [proto: 12/SSDP][ClearText][Confidence: DPI][cat: System/18][4 pkts/864 bytes -> 0 pkts/0 bytes][Goodput ratio: 80/0][3.04 sec][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 68 UDP 10.0.2.15:50213 -> 239.255.255.250:1900 [proto: 12/SSDP][ClearText][Confidence: DPI][cat: System/18][4 pkts/864 bytes -> 0 pkts/0 bytes][Goodput ratio: 80/0][3.03 sec][User-Agent: Microsoft Edge/99.0.1150.30 Windows][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 69 UDP 10.0.2.15:50214 -> 239.255.255.250:1900 [proto: 12/SSDP][ClearText][Confidence: DPI][cat: System/18][4 pkts/864 bytes -> 0 pkts/0 bytes][Goodput ratio: 80/0][3.06 sec][User-Agent: Microsoft Edge/99.0.1150.30 Windows][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 70 UDP 10.0.2.15:51685 -> 239.255.255.250:1900 [proto: 12/SSDP][ClearText][Confidence: DPI][cat: System/18][4 pkts/864 bytes -> 0 pkts/0 bytes][Goodput ratio: 80/0][3.03 sec][User-Agent: Microsoft Edge/99.0.1150.30 Windows][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 71 UDP 10.0.2.15:55708 -> 239.255.255.250:1900 [proto: 12/SSDP][ClearText][Confidence: DPI][cat: System/18][4 pkts/864 bytes -> 0 pkts/0 bytes][Goodput ratio: 80/0][3.05 sec][User-Agent: Microsoft Edge/99.0.1150.30 Windows][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 72 UDP 10.0.2.15:57552 -> 239.255.255.250:1900 [proto: 12/SSDP][ClearText][Confidence: DPI][cat: System/18][4 pkts/864 bytes -> 0 pkts/0 bytes][Goodput ratio: 80/0][3.04 sec][User-Agent: Microsoft Edge/99.0.1150.30 Windows][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
73 TCP 10.0.2.15:50206 <-> 175.181.156.244:8255 [proto: 35/Gnutella][ClearText][Confidence: DPI][cat: Download/7][5 pkts/586 bytes <-> 4 pkts/220 bytes][Goodput ratio: 52/0][0.53 sec][bytes ratio: 0.454 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 132/0 270/0 132/0][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 117/55 358/58 120/2][Risk: ** Unsafe Protocol **][Risk Score: 10][PLAIN TEXT (GNUTELLA CONNECT/0.6)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
74 UDP [fe80::c50d:519f:96a4:e108]:63960 -> [ff02::c]:1900 [proto: 12/SSDP][ClearText][Confidence: DPI][cat: System/18][5 pkts/785 bytes -> 0 pkts/0 bytes][Goodput ratio: 60/0][6.01 sec][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
75 UDP 10.0.2.15:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][ClearText][Confidence: DPI][cat: Network/14][9 pkts/726 bytes -> 0 pkts/0 bytes][Goodput ratio: 48/0][30.66 sec][Hostname/SNI: msedgewin10.local][msedgewin10.local][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 3832/0 27655/0 9028/0][Pkt Len c2s/s2c min/avg/max/stddev: 72/0 81/0 115/0 13/0][PLAIN TEXT (MSEDGEWIN)][Plen Bins: 44,44,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
diff --git a/tests/result/ssdp-m-search-ua.pcap.out b/tests/result/ssdp-m-search-ua.pcap.out
index bd1477c1c..919c5b965 100644
--- a/tests/result/ssdp-m-search-ua.pcap.out
+++ b/tests/result/ssdp-m-search-ua.pcap.out
@@ -5,4 +5,4 @@ Confidence DPI : 1 (flows)
SSDP 4 864 1
- 1 UDP 192.168.242.50:56446 -> 239.255.255.250:1900 [proto: 12/SSDP][ClearText][Confidence: DPI][cat: System/18][4 pkts/864 bytes -> 0 pkts/0 bytes][Goodput ratio: 80/0][3.00 sec][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 1 UDP 192.168.242.50:56446 -> 239.255.255.250:1900 [proto: 12/SSDP][ClearText][Confidence: DPI][cat: System/18][4 pkts/864 bytes -> 0 pkts/0 bytes][Goodput ratio: 80/0][3.00 sec][User-Agent: Google Chrome/99.0.4844.74 Mac OS X][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
diff --git a/tests/result/telegram.pcap.out b/tests/result/telegram.pcap.out
index ba260a081..a456b0479 100644
--- a/tests/result/telegram.pcap.out
+++ b/tests/result/telegram.pcap.out
@@ -43,7 +43,7 @@ GoogleServices 2 186 1
21 UDP 192.168.1.77:17500 -> 192.168.1.255:17500 [proto: 121/Dropbox][ClearText][Confidence: DPI][cat: Cloud/13][2 pkts/1012 bytes -> 0 pkts/0 bytes][Goodput ratio: 92/0][31.08 sec][PLAIN TEXT (version)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
22 UDP 192.168.1.77:17500 -> 255.255.255.255:17500 [proto: 121/Dropbox][ClearText][Confidence: DPI][cat: Cloud/13][2 pkts/1012 bytes -> 0 pkts/0 bytes][Goodput ratio: 92/0][31.08 sec][PLAIN TEXT (version)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
23 UDP [fe80::18a0:a412:8935:c01b]:5353 -> [ff02::fb]:5353 [proto: 8/MDNS][ClearText][Confidence: DPI][cat: Network/14][5 pkts/945 bytes -> 0 pkts/0 bytes][Goodput ratio: 67/0][40.09 sec][Hostname/SNI: _sleep-proxy._udp.local][_sleep-proxy._udp.local][PLAIN TEXT (homekit)][Plen Bins: 0,0,0,60,20,0,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 24 UDP 192.168.1.77:52127 -> 239.255.255.250:1900 [proto: 12/SSDP][ClearText][Confidence: DPI][cat: System/18][4 pkts/864 bytes -> 0 pkts/0 bytes][Goodput ratio: 80/0][3.00 sec][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 24 UDP 192.168.1.77:52127 -> 239.255.255.250:1900 [proto: 12/SSDP][ClearText][Confidence: DPI][cat: System/18][4 pkts/864 bytes -> 0 pkts/0 bytes][Goodput ratio: 80/0][3.00 sec][User-Agent: Google Chrome/83.0.4103.34 Mac OS X][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
25 UDP 192.168.1.53:56384 -> 239.255.255.250:1900 [proto: 12/SSDP][ClearText][Confidence: DPI][cat: System/18][4 pkts/672 bytes -> 0 pkts/0 bytes][Goodput ratio: 75/0][6.01 sec][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
26 UDP 192.168.1.53:57621 -> 192.168.1.255:57621 [proto: 156/Spotify][Encrypted][Confidence: DPI][cat: Music/25][8 pkts/656 bytes -> 0 pkts/0 bytes][Goodput ratio: 49/0][40.88 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1749/0 5840/0 21180/0 6407/0][Pkt Len c2s/s2c min/avg/max/stddev: 82/0 82/0 82/0 0/0][PLAIN TEXT (fSpotUdp0)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
27 UDP 192.168.1.75:57916 -> 239.255.255.250:1900 [proto: 12/SSDP][ClearText][Confidence: DPI][cat: System/18][3 pkts/501 bytes -> 0 pkts/0 bytes][Goodput ratio: 75/0][0.30 sec][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
Powered by cgit, Themed by Ted Yin.