aboutsummaryrefslogtreecommitdiff
path: root/tests/cfgs/default/result/wow.pcap.out
diff options
context:
space:
mode:
authorIvan Nardi <12729895+IvanNardi@users.noreply.github.com>2023-05-16 16:01:55 +0200
committerGitHub <noreply@github.com>2023-05-16 16:01:55 +0200
commit4e186f6bfbd734bf44124e6e0f710a3a0372c92c (patch)
tree8c59a5ddd72d0e5feeb70ad512a8519cf65fddfc /tests/cfgs/default/result/wow.pcap.out
parent8c224b464f36da0497c9ef7c2fe2ec3c135a01ba (diff)
HTTP: rework state machine (#1966)
The goal if to correlate the right request-response pair, exporting metadata from only one transaction (for example, the right url & return state pair) As a nice side effect, the code should be much cleaner, but that is a matter of taste. Two differences respect to the previous code: * as it happens in the CI, if in the flow there are only one response (before) and one request (after), only the metadata of the response are saved/exported * for performance reasons, we don't call `ndpi_parse_packet_line_info()` anymore for ALL packets triggering the HTTP dissector, but only for the packets that we already know belong to an HTTP flow. This is the reason for the changes in RTSP/SOAP/... code
Diffstat (limited to 'tests/cfgs/default/result/wow.pcap.out')
-rw-r--r--tests/cfgs/default/result/wow.pcap.out2
1 files changed, 1 insertions, 1 deletions
diff --git a/tests/cfgs/default/result/wow.pcap.out b/tests/cfgs/default/result/wow.pcap.out
index ffb3bdd8b..7af2c7abe 100644
--- a/tests/cfgs/default/result/wow.pcap.out
+++ b/tests/cfgs/default/result/wow.pcap.out
@@ -23,7 +23,7 @@ Patricia protocols: 18/2 (search/found)
WorldOfWarcraft 95 10688 5
1 TCP 192.168.178.20:39329 <-> 12.129.228.153:3724 [proto: 76/WorldOfWarcraft][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 6][cat: Game/8][10 pkts/2788 bytes <-> 6 pkts/898 bytes][Goodput ratio: 76/55][1.83 sec][bytes ratio: 0.513 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/125 121/183 537/222 182/38][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 279/150 569/467 238/143][PLAIN TEXT (WORLD OF WARCRAFT CONNECTION )][Plen Bins: 0,44,0,0,0,0,0,0,0,0,0,0,11,0,0,44,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 2 TCP 192.168.178.20:39309 <-> 12.129.222.53:80 [proto: 7.76/HTTP.WorldOfWarcraft][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 9][cat: Game/8][18 pkts/1350 bytes <-> 6 pkts/950 bytes][Goodput ratio: 13/57][11.01 sec][Hostname/SNI: us.scan.worldofwarcraft.com][bytes ratio: 0.174 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/219 733/298 8393/378 2077/80][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 75/158 151/339 28/128][URL: us.scan.worldofwarcraft.com/update/Launcher.txt][StatusCode: 200][Content-Type: text/plain][Server: Apache/2.2.3 (CentOS)][Risk: ** HTTP Susp User-Agent **** HTTP Obsolete Server **][Risk Score: 150][Risk Info: Obsolete Apache server 2.2.3 / Empty or missing User-Agent][PLAIN TEXT (FGET /update/Launcher.t)][Plen Bins: 0,0,50,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 2 TCP 192.168.178.20:39309 <-> 12.129.222.53:80 [proto: 7.76/HTTP.WorldOfWarcraft][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 9][cat: Game/8][18 pkts/1350 bytes <-> 6 pkts/950 bytes][Goodput ratio: 13/57][11.01 sec][Hostname/SNI: us.scan.worldofwarcraft.com][bytes ratio: 0.174 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/219 733/298 8393/378 2077/80][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 75/158 151/339 28/128][URL: us.scan.worldofwarcraft.com/update/Launcher.txt][StatusCode: 200][Content-Type: text/plain][Server: Apache/2.2.3 (CentOS)][Risk: ** HTTP Susp User-Agent **** HTTP Obsolete Server **][Risk Score: 150][Risk Info: Empty or missing User-Agent / Obsolete Apache server 2.2.3][PLAIN TEXT (FGET /update/Launcher.t)][Plen Bins: 0,0,50,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
3 TCP 192.168.178.20:39312 <-> 24.105.29.21:80 [proto: 7.76/HTTP.WorldOfWarcraft][IP: 213/Starcraft][ClearText][Confidence: DPI][DPI packets: 9][cat: Game/8][18 pkts/1156 bytes <-> 6 pkts/876 bytes][Goodput ratio: 12/62][11.13 sec][Hostname/SNI: launcher.worldofwarcraft.com][bytes ratio: 0.138 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/157 741/904 8457/1650 2112/746][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 64/146 126/598 23/202][URL: launcher.worldofwarcraft.com/alert][StatusCode: 200][Content-Type: text/plain][Server: Apache][Risk: ** HTTP Susp User-Agent **][Risk Score: 100][Risk Info: Empty or missing User-Agent][PLAIN TEXT (GET /alert HTTP/1.1)][Plen Bins: 0,0,66,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
4 TCP 192.168.178.20:39364 <-> 12.129.228.153:3724 [proto: 76/WorldOfWarcraft][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 6][cat: Game/8][13 pkts/1076 bytes <-> 5 pkts/435 bytes][Goodput ratio: 19/22][0.88 sec][bytes ratio: 0.424 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/215 79/220 223/222 105/3][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 83/87 116/116 20/21][PLAIN TEXT (WORLD OF WARCRAFT CONNECTION )][Plen Bins: 40,60,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
5 TCP 192.168.178.20:39593 <-> 12.129.228.152:3724 [proto: 76/WorldOfWarcraft][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 6][cat: Game/8][8 pkts/728 bytes <-> 5 pkts/431 bytes][Goodput ratio: 25/22][0.91 sec][bytes ratio: 0.256 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/1 72/145 217/218 102/102][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 91/86 116/116 21/22][PLAIN TEXT (WORLD OF WARCRAFT CONNECTION )][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
Powered by cgit, Themed by Ted Yin.