diff options
| author | Vladimir Gavrilov <105977161+0xA50C1A1@users.noreply.github.com> | 2023-11-23 00:04:22 +0300 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-11-22 22:04:22 +0100 |
| commit | 5c8c5c90c2b0d34a3e528c7271de7ac5c131a027 (patch) | |
| tree | cba274810f954746a2ca5bb07019fe0a826bb22b /tests/cfgs/default/result/hart_ip.pcap.out | |
| parent | 21f25740337c6c0412181c135b8cee8881fc7f58 (diff) | |
Add HART-IP protocol dissector (#2163)
* Add HART-IP protocol dissector
* Update docs
* Update protocols.rst
* Reuse free proto id and re-run tests
* docs: move HART-IP to top of list
---------
Co-authored-by: 0xA50C1A1 <mage.wizard88@gmail.com>
Diffstat (limited to 'tests/cfgs/default/result/hart_ip.pcap.out')
| -rw-r--r-- | tests/cfgs/default/result/hart_ip.pcap.out | 31 |
1 files changed, 31 insertions, 0 deletions
diff --git a/tests/cfgs/default/result/hart_ip.pcap.out b/tests/cfgs/default/result/hart_ip.pcap.out new file mode 100644 index 000000000..3b287d0d6 --- /dev/null +++ b/tests/cfgs/default/result/hart_ip.pcap.out @@ -0,0 +1,31 @@ +Guessed flow protos: 0 + +DPI Packets (TCP): 4 (4.00 pkts/flow) +DPI Packets (UDP): 2 (1.00 pkts/flow) +Confidence DPI : 3 (flows) +Num dissector calls: 233 (77.67 diss/flow) +LRU cache ookla: 0/0/0 (insert/search/found) +LRU cache bittorrent: 0/0/0 (insert/search/found) +LRU cache zoom: 0/0/0 (insert/search/found) +LRU cache stun: 0/0/0 (insert/search/found) +LRU cache tls_cert: 0/0/0 (insert/search/found) +LRU cache mining: 0/0/0 (insert/search/found) +LRU cache msteams: 0/0/0 (insert/search/found) +LRU cache stun_zoom: 0/0/0 (insert/search/found) +Automa host: 0/0 (search/found) +Automa domain: 0/0 (search/found) +Automa tls cert: 0/0 (search/found) +Automa risk mask: 0/0 (search/found) +Automa common alpns: 0/0 (search/found) +Patricia risk mask: 4/0 (search/found) +Patricia risk mask IPv6: 0/0 (search/found) +Patricia risk: 0/0 (search/found) +Patricia risk IPv6: 0/0 (search/found) +Patricia protocols: 6/0 (search/found) +Patricia protocols IPv6: 0/0 (search/found) + +HART-IP 65 4413 3 + + 1 TCP 192.168.0.101:49559 <-> 192.168.0.10:5094 [proto: 72/HART-IP][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 4][cat: IoT-Scada/31][27 pkts/1652 bytes <-> 14 pkts/1156 bytes][Goodput ratio: 11/33][34.10 sec][bytes ratio: 0.177 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/6 1547/3394 30003/30004 6255/8934][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 61/83 75/110 8/16][PLAIN TEXT (wihartgw)][Plen Bins: 70,29,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 2 UDP 192.168.0.10:5095 <-> 192.168.0.101:49905 [proto: 72/HART-IP][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 1][cat: IoT-Scada/31][12 pkts/915 bytes <-> 11 pkts/635 bytes][Goodput ratio: 42/27][34.71 sec][bytes ratio: 0.181 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 46/51 516/3796 4241/30007 1317/9907][Pkt Len c2s/s2c min/avg/max/stddev: 60/50 76/58 98/63 13/4][PLAIN TEXT (wihartgw)][Plen Bins: 69,30,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 3 UDP 192.168.0.101:49905 -> 192.168.0.10:5094 [proto: 72/HART-IP][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 1][cat: IoT-Scada/31][1 pkts/55 bytes -> 0 pkts/0 bytes][Goodput ratio: 23/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] |