Add infrastructure for explicit support of Fist Packet Classification (#2488)

Let's start with some basic helpers and with FPC based on flow addresses. See: #2322
author: Ivan Nardi <12729895+IvanNardi@users.noreply.github.com> 2024-07-03 18:02:07 +0200
committer: GitHub <noreply@github.com> 2024-07-03 18:02:07 +0200
commit: 843e4872706b07b9e78418986d35fc86bc156d60 (patch)
tree: 6198692542842324200ff783d5daf5398b5c92d0 /tests/cfgs/default/result/zug.pcap.out
parent: e5661337d07fb1f7b2d55318bfef0929e3ca6e61 (diff)
1 files changed, 7 insertions, 7 deletions
diff --git a/tests/cfgs/default/result/zug.pcap.out b/tests/cfgs/default/result/zug.pcap.out
index a34c72e95..06a033363 100644
--- a/tests/cfgs/default/result/zug.pcap.out
+++ b/tests/cfgs/default/result/zug.pcap.out
@@ -26,13 +26,13 @@ ZUG	6	984	6
 Acceptable                       6 984           6            
 Unrated                          1 452           1            
 
-	1	UDP 52.104.45.69:44174 -> 53.52.158.15:19000 [proto: 415/ZUG][IP: 221/MS_OneDrive][Encrypted][Confidence: DPI][DPI packets: 1][cat: Crypto_Currency/106][1 pkts/164 bytes -> 0 pkts/0 bytes][Goodput ratio: 74/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
-	2	UDP 74.90.102.55:44370 -> 17.218.251.92:19000 [proto: 415/ZUG][IP: 140/Apple][Encrypted][Confidence: DPI][DPI packets: 1][cat: Crypto_Currency/106][1 pkts/164 bytes -> 0 pkts/0 bytes][Goodput ratio: 74/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
-	3	UDP 117.220.197.41:37556 -> 44.22.132.225:19000 [proto: 415/ZUG][IP: 0/Unknown][Encrypted][Confidence: DPI][DPI packets: 1][cat: Crypto_Currency/106][1 pkts/164 bytes -> 0 pkts/0 bytes][Goodput ratio: 74/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
-	4	UDP 173.46.102.72:41686 -> 204.88.149.147:19000 [proto: 415/ZUG][IP: 0/Unknown][Encrypted][Confidence: DPI][DPI packets: 1][cat: Crypto_Currency/106][1 pkts/164 bytes -> 0 pkts/0 bytes][Goodput ratio: 74/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
-	5	UDP 197.130.35.95:39594 -> 163.40.238.205:19000 [proto: 415/ZUG][IP: 0/Unknown][Encrypted][Confidence: DPI][DPI packets: 1][cat: Crypto_Currency/106][1 pkts/164 bytes -> 0 pkts/0 bytes][Goodput ratio: 74/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
-	6	UDP 225.110.130.102:44066 -> 133.150.105.134:19000 [proto: 415/ZUG][IP: 0/Unknown][Encrypted][Confidence: DPI][DPI packets: 1][cat: Crypto_Currency/106][1 pkts/164 bytes -> 0 pkts/0 bytes][Goodput ratio: 74/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+	1	UDP 52.104.45.69:44174 -> 53.52.158.15:19000 [proto: 415/ZUG][IP: 221/MS_OneDrive][Encrypted][Confidence: DPI][FPC: 221/MS_OneDrive, Confidence: IP address][DPI packets: 1][cat: Crypto_Currency/106][1 pkts/164 bytes -> 0 pkts/0 bytes][Goodput ratio: 74/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+	2	UDP 74.90.102.55:44370 -> 17.218.251.92:19000 [proto: 415/ZUG][IP: 140/Apple][Encrypted][Confidence: DPI][FPC: 140/Apple, Confidence: IP address][DPI packets: 1][cat: Crypto_Currency/106][1 pkts/164 bytes -> 0 pkts/0 bytes][Goodput ratio: 74/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+	3	UDP 117.220.197.41:37556 -> 44.22.132.225:19000 [proto: 415/ZUG][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Crypto_Currency/106][1 pkts/164 bytes -> 0 pkts/0 bytes][Goodput ratio: 74/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+	4	UDP 173.46.102.72:41686 -> 204.88.149.147:19000 [proto: 415/ZUG][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Crypto_Currency/106][1 pkts/164 bytes -> 0 pkts/0 bytes][Goodput ratio: 74/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+	5	UDP 197.130.35.95:39594 -> 163.40.238.205:19000 [proto: 415/ZUG][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Crypto_Currency/106][1 pkts/164 bytes -> 0 pkts/0 bytes][Goodput ratio: 74/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+	6	UDP 225.110.130.102:44066 -> 133.150.105.134:19000 [proto: 415/ZUG][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Crypto_Currency/106][1 pkts/164 bytes -> 0 pkts/0 bytes][Goodput ratio: 74/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
 
 
 Undetected flows:
-	1	UDP 61.59.105.181:19000 -> 199.24.15.231:48793 [proto: 0/Unknown][IP: 0/Unknown][ClearText][Confidence: Unknown][DPI packets: 1][1 pkts/452 bytes -> 0 pkts/0 bytes][Goodput ratio: 91/0][< 1 sec][Risk: ** Susp Entropy **** Unidirectional Traffic **][Risk Score: 20][Risk Info: No server to client traffic / Entropy: 7.458 (Encrypted or Random?)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+	1	UDP 61.59.105.181:19000 -> 199.24.15.231:48793 [proto: 0/Unknown][IP: 0/Unknown][ClearText][Confidence: Unknown][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][1 pkts/452 bytes -> 0 pkts/0 bytes][Goodput ratio: 91/0][< 1 sec][Risk: ** Susp Entropy **** Unidirectional Traffic **][Risk Score: 20][Risk Info: No server to client traffic / Entropy: 7.458 (Encrypted or Random?)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
author	Ivan Nardi <12729895+IvanNardi@users.noreply.github.com>	2024-07-03 18:02:07 +0200
committer	GitHub <noreply@github.com>	2024-07-03 18:02:07 +0200
commit	843e4872706b07b9e78418986d35fc86bc156d60 (patch)
tree	6198692542842324200ff783d5daf5398b5c92d0 /tests/cfgs/default/result/zug.pcap.out
parent	e5661337d07fb1f7b2d55318bfef0929e3ca6e61 (diff)