diff options
| author | Ivan Nardi <12729895+IvanNardi@users.noreply.github.com> | 2024-07-23 08:50:27 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-07-23 08:50:27 +0200 |
| commit | 85501c9aaabf207b04e3fe961825385f9519f633 (patch) | |
| tree | 9aa1bc85e61707ac7ed17570c076f341bcb89e1b /tests/cfgs/default/result/stun_zoom.pcapng.out | |
| parent | b15337a32bcff7a0b0734cb60c6984229f07a7e5 (diff) | |
FPC: add DPI information (#2514)
If the flow is classified (via DPI) after the first packet, we should
use this information as FPC
Diffstat (limited to 'tests/cfgs/default/result/stun_zoom.pcapng.out')
| -rw-r--r-- | tests/cfgs/default/result/stun_zoom.pcapng.out | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/tests/cfgs/default/result/stun_zoom.pcapng.out b/tests/cfgs/default/result/stun_zoom.pcapng.out index adec4ec91..e2d990dcc 100644 --- a/tests/cfgs/default/result/stun_zoom.pcapng.out +++ b/tests/cfgs/default/result/stun_zoom.pcapng.out @@ -7,7 +7,7 @@ LRU cache stun: 0/38/0 (insert/search/found) LRU cache tls_cert: 0/8/0 (insert/search/found) LRU cache mining: 0/0/0 (insert/search/found) LRU cache msteams: 0/0/0 (insert/search/found) -LRU cache fpc_dns: 0/2/0 (insert/search/found) +LRU cache fpc_dns: 0/0/0 (insert/search/found) Automa host: 1/1 (search/found) Automa domain: 1/0 (search/found) Automa tls cert: 0/0 (search/found) @@ -31,5 +31,5 @@ JA3 Host Stats: 1 192.168.43.169 1 - 1 UDP 192.168.43.169:53065 <-> 134.224.90.111:8801 [proto: 30/DTLS][IP: 189/Zoom][Encrypted][Confidence: DPI][FPC: 189/Zoom, Confidence: IP address][DPI packets: 17][cat: Network/14][19 pkts/3524 bytes <-> 21 pkts/6353 bytes][Goodput ratio: 77/86][1.19 sec][(Advertised) ALPNs: webrtc;c-webrtc][bytes ratio: -0.286 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 64/45 153/178 50/56][Pkt Len c2s/s2c min/avg/max/stddev: 91/56 185/303 231/1094 42/390][Mapped IP/Port: 93.33.105.111:8466][DTLSv1.2][JA3C: 3e12a43c7535bb32beac3928f8fe905d][JA4: dd2d0808we_c6c2b6ec87e0_06b1ae923e2a][Firefox][PLAIN TEXT (webrtc)][Plen Bins: 5,15,27,2,27,10,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 2 UDP 192.168.43.169:48854 <-> 134.224.90.111:8801 [proto: 30.189/DTLS.Zoom][IP: 189/Zoom][Encrypted][Confidence: DPI][FPC: 189/Zoom, Confidence: IP address][DPI packets: 14][cat: Video/26][13 pkts/2491 bytes <-> 17 pkts/5890 bytes][Goodput ratio: 78/88][0.76 sec][(Advertised) ALPNs: webrtc;c-webrtc][bytes ratio: -0.406 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 73/43 200/286 59/80][Pkt Len c2s/s2c min/avg/max/stddev: 91/56 192/346 231/1094 40/422][Mapped IP/Port: 93.33.105.111:8466][DTLSv1.2][JA3C: 3e12a43c7535bb32beac3928f8fe905d][JA4: dd2d0808we_c6c2b6ec87e0_06b1ae923e2a][ServerNames: *.cloud.zoom.us][JA3S: 323ab23be4a686962b978f9ca6735add][Issuer: C=US, O=DigiCert Inc, CN=DigiCert TLS RSA SHA256 2020 CA1][Subject: C=US, ST=California, L=San Jose, O=Zoom Video Communications, Inc., CN=*.cloud.zoom.us][Certificate SHA-1: FD:F2:22:45:64:31:28:BD:2D:56:D6:F4:56:01:71:88:E3:4C:2C:D9][Firefox][Validity: 2022-01-22 00:00:00 - 2023-01-24 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256][PLAIN TEXT (DCBD09778680)][Plen Bins: 10,13,23,0,26,10,0,0,0,0,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,13,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 1 UDP 192.168.43.169:53065 <-> 134.224.90.111:8801 [proto: 30/DTLS][IP: 189/Zoom][Encrypted][Confidence: DPI][FPC: 78/STUN, Confidence: DPI][DPI packets: 17][cat: Network/14][19 pkts/3524 bytes <-> 21 pkts/6353 bytes][Goodput ratio: 77/86][1.19 sec][(Advertised) ALPNs: webrtc;c-webrtc][bytes ratio: -0.286 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 64/45 153/178 50/56][Pkt Len c2s/s2c min/avg/max/stddev: 91/56 185/303 231/1094 42/390][Mapped IP/Port: 93.33.105.111:8466][DTLSv1.2][JA3C: 3e12a43c7535bb32beac3928f8fe905d][JA4: dd2d0808we_c6c2b6ec87e0_06b1ae923e2a][Firefox][PLAIN TEXT (webrtc)][Plen Bins: 5,15,27,2,27,10,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 2 UDP 192.168.43.169:48854 <-> 134.224.90.111:8801 [proto: 30.189/DTLS.Zoom][IP: 189/Zoom][Encrypted][Confidence: DPI][FPC: 78/STUN, Confidence: DPI][DPI packets: 14][cat: Video/26][13 pkts/2491 bytes <-> 17 pkts/5890 bytes][Goodput ratio: 78/88][0.76 sec][(Advertised) ALPNs: webrtc;c-webrtc][bytes ratio: -0.406 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 73/43 200/286 59/80][Pkt Len c2s/s2c min/avg/max/stddev: 91/56 192/346 231/1094 40/422][Mapped IP/Port: 93.33.105.111:8466][DTLSv1.2][JA3C: 3e12a43c7535bb32beac3928f8fe905d][JA4: dd2d0808we_c6c2b6ec87e0_06b1ae923e2a][ServerNames: *.cloud.zoom.us][JA3S: 323ab23be4a686962b978f9ca6735add][Issuer: C=US, O=DigiCert Inc, CN=DigiCert TLS RSA SHA256 2020 CA1][Subject: C=US, ST=California, L=San Jose, O=Zoom Video Communications, Inc., CN=*.cloud.zoom.us][Certificate SHA-1: FD:F2:22:45:64:31:28:BD:2D:56:D6:F4:56:01:71:88:E3:4C:2C:D9][Firefox][Validity: 2022-01-22 00:00:00 - 2023-01-24 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256][PLAIN TEXT (DCBD09778680)][Plen Bins: 10,13,23,0,26,10,0,0,0,0,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,13,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] |