diff options
| author | Ivan Nardi <12729895+IvanNardi@users.noreply.github.com> | 2023-04-06 11:30:36 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-04-06 11:30:36 +0200 |
| commit | 7714507f816b36055ca25c67b6228637bd600cf9 (patch) | |
| tree | 03da206586dc5748b6912a8d744e355ecebf6a3b /tests/cfgs/default/result/simple-dnscrypt.pcap.out | |
| parent | 7a627296f0a032ea0d73989531f21096e1f295e9 (diff) | |
Test multiple `ndpiReader` configurations (#1931)
Extend internal unit tests to handle multiple configurations.
As some examples, add tests about:
* disabling some protocols
* disabling Ookla aggressiveness
Every configurations data is stored in a dedicated directory under
`tests\cfgs`
Diffstat (limited to 'tests/cfgs/default/result/simple-dnscrypt.pcap.out')
| -rw-r--r-- | tests/cfgs/default/result/simple-dnscrypt.pcap.out | 34 |
1 files changed, 34 insertions, 0 deletions
diff --git a/tests/cfgs/default/result/simple-dnscrypt.pcap.out b/tests/cfgs/default/result/simple-dnscrypt.pcap.out new file mode 100644 index 000000000..49838b212 --- /dev/null +++ b/tests/cfgs/default/result/simple-dnscrypt.pcap.out @@ -0,0 +1,34 @@ +Guessed flow protos: 0 + +DPI Packets (TCP): 47 (11.75 pkts/flow) +Confidence DPI (cache) : 3 (flows) +Confidence DPI : 1 (flows) +Num dissector calls: 4 (1.00 diss/flow) +LRU cache ookla: 0/0/0 (insert/search/found) +LRU cache bittorrent: 0/0/0 (insert/search/found) +LRU cache zoom: 0/0/0 (insert/search/found) +LRU cache stun: 0/0/0 (insert/search/found) +LRU cache tls_cert: 1/5/3 (insert/search/found) +LRU cache mining: 0/0/0 (insert/search/found) +LRU cache msteams: 0/0/0 (insert/search/found) +LRU cache stun_zoom: 0/0/0 (insert/search/found) +Automa host: 12/12 (search/found) +Automa domain: 12/0 (search/found) +Automa tls cert: 1/1 (search/found) +Automa risk mask: 4/0 (search/found) +Automa common alpns: 8/8 (search/found) +Patricia risk mask: 8/0 (search/found) +Patricia risk: 0/0 (search/found) +Patricia protocols: 8/0 (search/found) + +DNScrypt 111 44676 4 + +JA3 Host Stats: + IP Address # JA3C + 1 192.168.43.167 2 + + + 1 TCP 192.168.43.167:50233 <-> 134.119.26.24:443 [proto: 91.208/TLS.DNScrypt][IP: 0/Unknown][Encrypted][Confidence: DPI][DPI packets: 11][cat: Network/14][18 pkts/1788 bytes <-> 21 pkts/14580 bytes][Goodput ratio: 45/92][0.71 sec][Hostname/SNI: simplednscrypt.org][(Advertised) ALPNs: h2;http/1.1][(Negotiated) ALPN: h2][bytes ratio: -0.782 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 36/20 114/119 43/34][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 99/694 272/1364 68/594][Risk: ** Malicious JA3 Fingerp. **][Risk Score: 50][Risk Info: b8f81673c0e1d29908346f3bab892b9b][TLSv1.2][JA3C: b8f81673c0e1d29908346f3bab892b9b][ServerNames: simplednscrypt.org,www.simplednscrypt.org][JA3S: 76cc3e2d3028143b23ec18e27dbd7ca9][Issuer: C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Domain Validation Secure Server CA][Subject: OU=Domain Control Validated, OU=PositiveSSL, CN=simplednscrypt.org][Certificate SHA-1: 3E:20:0F:BF:AD:D8:5C:A1:A1:1B:E5:B2:A7:D4:68:E2:6A:DB:01:41][Validity: 2015-09-21 00:00:00 - 2017-09-20 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,25,8,4,0,0,8,0,4,4,0,4,0,0,0,0,0,0,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,4,33,0,0,0,0,0,0,0] + 2 TCP 192.168.43.167:50259 <-> 134.119.26.24:443 [proto: 91.208/TLS.DNScrypt][IP: 0/Unknown][Encrypted][Confidence: DPI (cache)][DPI packets: 12][cat: Network/14][18 pkts/1988 bytes <-> 18 pkts/9290 bytes][Goodput ratio: 50/89][0.52 sec][Hostname/SNI: simplednscrypt.org][(Advertised) ALPNs: h2;http/1.1][(Negotiated) ALPN: h2][bytes ratio: -0.647 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 25/25 105/106 34/35][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 110/516 334/1364 76/542][Risk: ** Malicious JA3 Fingerp. **][Risk Score: 50][Risk Info: 83e04bc58d402f9633983cbf22724b02][TLSv1.2][JA3C: 83e04bc58d402f9633983cbf22724b02][ServerNames: simplednscrypt.org,www.simplednscrypt.org][JA3S: 76cc3e2d3028143b23ec18e27dbd7ca9][Issuer: C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Domain Validation Secure Server CA][Subject: OU=Domain Control Validated, OU=PositiveSSL, CN=simplednscrypt.org][Certificate SHA-1: 3E:20:0F:BF:AD:D8:5C:A1:A1:1B:E5:B2:A7:D4:68:E2:6A:DB:01:41][Validity: 2015-09-21 00:00:00 - 2017-09-20 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,28,13,4,0,0,4,0,9,4,0,13,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,22,0,0,0,0,0,0,0] + 3 TCP 192.168.43.167:50253 <-> 134.119.26.24:443 [proto: 91.208/TLS.DNScrypt][IP: 0/Unknown][Encrypted][Confidence: DPI (cache)][DPI packets: 12][cat: Network/14][8 pkts/780 bytes <-> 10 pkts/7735 bytes][Goodput ratio: 43/93][0.44 sec][Hostname/SNI: simplednscrypt.org][(Advertised) ALPNs: h2;http/1.1][(Negotiated) ALPN: h2][bytes ratio: -0.817 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 72/32 188/124 74/51][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 98/774 264/1364 75/597][Risk: ** Malicious JA3 Fingerp. **][Risk Score: 50][Risk Info: 83e04bc58d402f9633983cbf22724b02][TLSv1.2][JA3C: 83e04bc58d402f9633983cbf22724b02][ServerNames: simplednscrypt.org,www.simplednscrypt.org][JA3S: 76cc3e2d3028143b23ec18e27dbd7ca9][Issuer: C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Domain Validation Secure Server CA][Subject: OU=Domain Control Validated, OU=PositiveSSL, CN=simplednscrypt.org][Certificate SHA-1: 3E:20:0F:BF:AD:D8:5C:A1:A1:1B:E5:B2:A7:D4:68:E2:6A:DB:01:41][Validity: 2015-09-21 00:00:00 - 2017-09-20 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,0,10,10,0,0,10,0,10,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0] + 4 TCP 192.168.43.167:50258 <-> 134.119.26.24:443 [proto: 91.208/TLS.DNScrypt][IP: 0/Unknown][Encrypted][Confidence: DPI (cache)][DPI packets: 12][cat: Network/14][8 pkts/780 bytes <-> 10 pkts/7735 bytes][Goodput ratio: 43/93][0.36 sec][Hostname/SNI: simplednscrypt.org][(Advertised) ALPNs: h2;http/1.1][(Negotiated) ALPN: h2][bytes ratio: -0.817 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 60/32 136/140 59/53][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 98/774 264/1364 75/597][Risk: ** Malicious JA3 Fingerp. **][Risk Score: 50][Risk Info: 83e04bc58d402f9633983cbf22724b02][TLSv1.2][JA3C: 83e04bc58d402f9633983cbf22724b02][ServerNames: simplednscrypt.org,www.simplednscrypt.org][JA3S: 76cc3e2d3028143b23ec18e27dbd7ca9][Issuer: C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Domain Validation Secure Server CA][Subject: OU=Domain Control Validated, OU=PositiveSSL, CN=simplednscrypt.org][Certificate SHA-1: 3E:20:0F:BF:AD:D8:5C:A1:A1:1B:E5:B2:A7:D4:68:E2:6A:DB:01:41][Validity: 2015-09-21 00:00:00 - 2017-09-20 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,0,10,10,0,0,10,0,10,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0] |