aboutsummaryrefslogtreecommitdiff
path: root/tests/cfgs
diff options
context:
space:
mode:
authorIvan Nardi <12729895+IvanNardi@users.noreply.github.com>2024-02-24 09:44:24 +0100
committerGitHub <noreply@github.com>2024-02-24 09:44:24 +0100
commitc95e8c184e7e28915bf37aa623e4886fd720aba0 (patch)
tree3b12757c0a7bf44235176e9b133c3319c5827e1d /tests/cfgs
parent71b7afccf50e3832c4ee08274d324cd8861eea90 (diff)
STUN: fix category when sub-classification is set in "extra-dissection" data path (#2320)
Diffstat (limited to 'tests/cfgs')
-rw-r--r--tests/cfgs/default/result/stun.pcap.out2
-rw-r--r--tests/cfgs/default/result/stun_google_meet.pcapng.out4
-rw-r--r--tests/cfgs/default/result/stun_signal.pcapng.out10
-rw-r--r--tests/cfgs/default/result/telegram_videocall.pcapng.out12
4 files changed, 14 insertions, 14 deletions
diff --git a/tests/cfgs/default/result/stun.pcap.out b/tests/cfgs/default/result/stun.pcap.out
index 110f1abd1..5b5a51bdf 100644
--- a/tests/cfgs/default/result/stun.pcap.out
+++ b/tests/cfgs/default/result/stun.pcap.out
@@ -44,5 +44,5 @@ JA3 Host Stats:
4 TCP 87.47.100.17:3478 <-> 54.1.57.155:37257 [proto: 78/STUN][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 6][cat: Network/14][9 pkts/1494 bytes <-> 11 pkts/2178 bytes][Goodput ratio: 60/67][0.95 sec][Hostname/SNI: apps-host.com][bytes ratio: -0.186 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 104/96 267/252 102/93][Pkt Len c2s/s2c min/avg/max/stddev: 74/94 166/198 234/354 41/65][PLAIN TEXT (Unauthorized)][Plen Bins: 10,0,15,21,42,5,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
5 TCP 10.77.110.51:41588 <-> 10.206.50.239:42000 [VLAN: 1611][proto: 78.38/STUN.Skype_TeamsCall][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 3][cat: VoIP/10][7 pkts/1006 bytes <-> 8 pkts/1118 bytes][Goodput ratio: 58/57][1.05 sec][bytes ratio: -0.053 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 189/134 369/399 144/153][Pkt Len c2s/s2c min/avg/max/stddev: 70/64 144/140 164/172 31/43][Plen Bins: 0,0,25,75,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
6 UDP 192.168.12.169:43016 <-> 74.125.247.128:3478 [proto: 78.201/STUN.GoogleMeet][IP: 126/Google][ClearText][Confidence: DPI][DPI packets: 4][cat: VoIP/10][4 pkts/528 bytes <-> 4 pkts/408 bytes][Goodput ratio: 68/59][1.25 sec][Hostname/SNI: turn.l.google.com][bytes ratio: 0.128 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 9/23 342/409 974/1177 447/543][Pkt Len c2s/s2c min/avg/max/stddev: 62/74 132/102 198/122 61/19][PLAIN TEXT (BSnLfRxS6)][Plen Bins: 12,37,25,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 7 UDP 192.168.43.169:48854 <-> 134.224.90.111:8801 [proto: 30/DTLS][IP: 189/Zoom][Encrypted][Confidence: DPI][DPI packets: 4][3 pkts/660 bytes <-> 1 pkts/106 bytes][Goodput ratio: 81/60][0.12 sec][(Advertised) ALPNs: webrtc;c-webrtc][Risk: ** Missing SNI TLS Extn **][Risk Score: 50][DTLSv1.2][JA3C: 3e12a43c7535bb32beac3928f8fe905d][JA4: t00d0808we_c6c2b6ec87e0_06b1ae923e2a][Firefox][PLAIN TEXT (DCBD09778680)][Plen Bins: 0,0,25,0,25,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 7 UDP 192.168.43.169:48854 <-> 134.224.90.111:8801 [proto: 30/DTLS][IP: 189/Zoom][Encrypted][Confidence: DPI][DPI packets: 4][cat: Network/14][3 pkts/660 bytes <-> 1 pkts/106 bytes][Goodput ratio: 81/60][0.12 sec][(Advertised) ALPNs: webrtc;c-webrtc][Risk: ** Missing SNI TLS Extn **][Risk Score: 50][DTLSv1.2][JA3C: 3e12a43c7535bb32beac3928f8fe905d][JA4: t00d0808we_c6c2b6ec87e0_06b1ae923e2a][Firefox][PLAIN TEXT (DCBD09778680)][Plen Bins: 0,0,25,0,25,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
8 ICMP 192.168.12.169:0 -> 74.125.247.128:0 [proto: 81/ICMP][IP: 126/Google][ClearText][Confidence: DPI][DPI packets: 1][cat: Network/14][1 pkts/122 bytes -> 0 pkts/0 bytes][Goodput ratio: 65/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][PLAIN TEXT (62NfUD5)][Plen Bins: 0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
diff --git a/tests/cfgs/default/result/stun_google_meet.pcapng.out b/tests/cfgs/default/result/stun_google_meet.pcapng.out
index c572c1b1b..1b422d858 100644
--- a/tests/cfgs/default/result/stun_google_meet.pcapng.out
+++ b/tests/cfgs/default/result/stun_google_meet.pcapng.out
@@ -30,6 +30,6 @@ Acceptable 362 74597 7
2 UDP 192.168.12.156:38152 <-> 142.250.82.76:19305 [proto: 78.201/STUN.GoogleMeet][IP: 126/Google][ClearText][Confidence: DPI][DPI packets: 1][cat: VoIP/10][28 pkts/4034 bytes <-> 46 pkts/12188 bytes][Goodput ratio: 71/84][0.87 sec][bytes ratio: -0.503 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 30/10 205/154 50/29][Pkt Len c2s/s2c min/avg/max/stddev: 87/79 144/265 587/1245 89/180][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][Risk Info: No server to client traffic][PLAIN TEXT (HrRgpad)][Plen Bins: 0,8,37,9,4,0,0,0,38,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0]
3 UDP 192.168.12.156:38152 <-> 142.250.82.76:3478 [proto: 78.201/STUN.GoogleMeet][IP: 126/Google][ClearText][Confidence: DPI][DPI packets: 1][cat: VoIP/10][55 pkts/7402 bytes <-> 24 pkts/3525 bytes][Goodput ratio: 69/71][6.63 sec][bytes ratio: 0.355 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/2 109/184 402/761 143/224][Pkt Len c2s/s2c min/avg/max/stddev: 87/82 135/147 423/579 69/115][PLAIN TEXT (HrRgpad)][Plen Bins: 0,39,34,15,0,1,0,0,5,1,1,1,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
4 UDP 192.168.12.156:45400 <-> 142.250.82.76:3478 [proto: 78.201/STUN.GoogleMeet][IP: 126/Google][ClearText][Confidence: DPI][DPI packets: 1][cat: VoIP/10][17 pkts/2694 bytes <-> 16 pkts/1696 bytes][Goodput ratio: 73/60][54.70 sec][bytes ratio: 0.227 (Upload)][IAT c2s/s2c min/avg/max/stddev: 90/78 3250/2028 17905/6554 4698/2127][Pkt Len c2s/s2c min/avg/max/stddev: 158/106 158/106 166/106 2/0][PLAIN TEXT (HrRgpad)][Plen Bins: 0,0,48,51,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 5 UDP 192.168.12.156:38152 <-> 74.125.128.127:19302 [proto: 78.201/STUN.GoogleMeet][IP: 126/Google][ClearText][Confidence: DPI (cache)][DPI packets: 3][cat: Network/14][6 pkts/372 bytes <-> 6 pkts/444 bytes][Goodput ratio: 32/43][50.12 sec][bytes ratio: -0.088 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 10019/10019 10022/10021 10026/10025 3/3][Pkt Len c2s/s2c min/avg/max/stddev: 62/74 62/74 62/74 0/0][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][PLAIN TEXT (kAGNNzv)][Plen Bins: 50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 6 UDP 192.168.12.156:45400 <-> 74.125.128.127:19302 [proto: 78.201/STUN.GoogleMeet][IP: 126/Google][ClearText][Confidence: DPI (cache)][DPI packets: 3][cat: Network/14][6 pkts/372 bytes <-> 6 pkts/444 bytes][Goodput ratio: 32/43][50.12 sec][bytes ratio: -0.088 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 10020/10019 10022/10021 10026/10025 3/3][Pkt Len c2s/s2c min/avg/max/stddev: 62/74 62/74 62/74 0/0][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][PLAIN TEXT (tcEcaq476)][Plen Bins: 50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 5 UDP 192.168.12.156:38152 <-> 74.125.128.127:19302 [proto: 78.201/STUN.GoogleMeet][IP: 126/Google][ClearText][Confidence: DPI (cache)][DPI packets: 3][cat: VoIP/10][6 pkts/372 bytes <-> 6 pkts/444 bytes][Goodput ratio: 32/43][50.12 sec][bytes ratio: -0.088 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 10019/10019 10022/10021 10026/10025 3/3][Pkt Len c2s/s2c min/avg/max/stddev: 62/74 62/74 62/74 0/0][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][PLAIN TEXT (kAGNNzv)][Plen Bins: 50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 6 UDP 192.168.12.156:45400 <-> 74.125.128.127:19302 [proto: 78.201/STUN.GoogleMeet][IP: 126/Google][ClearText][Confidence: DPI (cache)][DPI packets: 3][cat: VoIP/10][6 pkts/372 bytes <-> 6 pkts/444 bytes][Goodput ratio: 32/43][50.12 sec][bytes ratio: -0.088 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 10020/10019 10022/10021 10026/10025 3/3][Pkt Len c2s/s2c min/avg/max/stddev: 62/74 62/74 62/74 0/0][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][PLAIN TEXT (tcEcaq476)][Plen Bins: 50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
7 UDP 192.168.12.156:45400 <-> 142.250.82.76:19305 [proto: 78.201/STUN.GoogleMeet][IP: 126/Google][ClearText][Confidence: DPI][DPI packets: 1][cat: VoIP/10][2 pkts/324 bytes <-> 2 pkts/212 bytes][Goodput ratio: 74/60][0.63 sec][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][Risk Info: No server to client traffic][PLAIN TEXT (ByyD/CC)][Plen Bins: 0,0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
diff --git a/tests/cfgs/default/result/stun_signal.pcapng.out b/tests/cfgs/default/result/stun_signal.pcapng.out
index 1be1073a1..f862cb9bb 100644
--- a/tests/cfgs/default/result/stun_signal.pcapng.out
+++ b/tests/cfgs/default/result/stun_signal.pcapng.out
@@ -40,7 +40,7 @@ Acceptable 460 48496 23
9 UDP 192.168.12.169:39950 -> 35.158.183.167:443 [proto: 78.269/STUN.SignalVoip][IP: 265/AmazonAWS][ClearText][Confidence: DPI (cache)][DPI packets: 1][cat: VoIP/10][16 pkts/1056 bytes -> 0 pkts/0 bytes][Goodput ratio: 36/0][23.80 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 37/0 1416/0 7961/0 2721/0][Pkt Len c2s/s2c min/avg/max/stddev: 62/0 66/0 70/0 4/0][Risk: ** Known Proto on Non Std Port **** Unidirectional Traffic **][Risk Score: 60][Risk Info: No server to client traffic / Expected on port 3478][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
10 UDP 192.168.12.169:43068 -> 35.158.183.167:443 [proto: 78.269/STUN.SignalVoip][IP: 265/AmazonAWS][ClearText][Confidence: DPI (cache)][DPI packets: 1][cat: VoIP/10][16 pkts/1056 bytes -> 0 pkts/0 bytes][Goodput ratio: 36/0][23.82 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 60/0 1419/0 7937/0 2708/0][Pkt Len c2s/s2c min/avg/max/stddev: 62/0 66/0 70/0 4/0][Risk: ** Known Proto on Non Std Port **** Unidirectional Traffic **][Risk Score: 60][Risk Info: No server to client traffic / Expected on port 3478][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
11 UDP 192.168.12.169:39518 <-> 35.158.183.167:3478 [proto: 78.269/STUN.SignalVoip][IP: 265/AmazonAWS][ClearText][Confidence: DPI][DPI packets: 4][cat: VoIP/10][4 pkts/448 bytes <-> 4 pkts/504 bytes][Goodput ratio: 62/67][4.85 sec][Hostname/SNI: signal.org][bytes ratio: -0.059 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 23/30 1612/1611 4762/4754 2228/2222][Pkt Len c2s/s2c min/avg/max/stddev: 62/110 112/126 158/134 46/10][PLAIN TEXT (GBLsrHn)][Plen Bins: 25,0,50,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 12 UDP 192.168.12.169:47204 <-> 35.158.183.167:3478 [proto: 78.269/STUN.SignalVoip][IP: 265/AmazonAWS][ClearText][Confidence: DPI (cache)][DPI packets: 3][cat: Network/14][4 pkts/448 bytes <-> 4 pkts/504 bytes][Goodput ratio: 62/67][4.85 sec][bytes ratio: -0.059 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 41/42 1612/1612 4721/4721 2198/2199][Pkt Len c2s/s2c min/avg/max/stddev: 62/110 112/126 158/134 46/10][PLAIN TEXT (nYAy610)][Plen Bins: 25,0,50,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 12 UDP 192.168.12.169:47204 <-> 35.158.183.167:3478 [proto: 78.269/STUN.SignalVoip][IP: 265/AmazonAWS][ClearText][Confidence: DPI (cache)][DPI packets: 3][cat: VoIP/10][4 pkts/448 bytes <-> 4 pkts/504 bytes][Goodput ratio: 62/67][4.85 sec][bytes ratio: -0.059 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 41/42 1612/1612 4721/4721 2198/2199][Pkt Len c2s/s2c min/avg/max/stddev: 62/110 112/126 158/134 46/10][PLAIN TEXT (nYAy610)][Plen Bins: 25,0,50,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
13 UDP 192.168.12.169:37970 -> 35.158.122.211:443 [proto: 78.269/STUN.SignalVoip][IP: 265/AmazonAWS][ClearText][Confidence: DPI (cache)][DPI packets: 1][cat: VoIP/10][14 pkts/924 bytes -> 0 pkts/0 bytes][Goodput ratio: 36/0][15.78 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 984/0 7992/0 2186/0][Pkt Len c2s/s2c min/avg/max/stddev: 62/0 66/0 70/0 4/0][Risk: ** Known Proto on Non Std Port **** Unidirectional Traffic **][Risk Score: 60][Risk Info: No server to client traffic / Expected on port 3478][PLAIN TEXT (braaHWB)][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
14 UDP 192.168.12.169:47767 -> 35.158.122.211:443 [proto: 78.269/STUN.SignalVoip][IP: 265/AmazonAWS][ClearText][Confidence: DPI (cache)][DPI packets: 1][cat: VoIP/10][14 pkts/924 bytes -> 0 pkts/0 bytes][Goodput ratio: 36/0][15.78 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 982/0 8022/0 2200/0][Pkt Len c2s/s2c min/avg/max/stddev: 62/0 66/0 70/0 4/0][Risk: ** Known Proto on Non Std Port **** Unidirectional Traffic **][Risk Score: 60][Risk Info: No server to client traffic / Expected on port 3478][PLAIN TEXT (BtotYst)][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
15 UDP 192.168.12.169:37970 <-> 172.253.121.127:19302 [proto: 78.269/STUN.SignalVoip][IP: 126/Google][ClearText][Confidence: DPI (cache)][DPI packets: 1][cat: VoIP/10][6 pkts/372 bytes <-> 6 pkts/444 bytes][Goodput ratio: 32/43][21.39 sec][bytes ratio: -0.088 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 250/250 4201/2720 10126/10103 4828/4263][Pkt Len c2s/s2c min/avg/max/stddev: 62/74 62/74 62/74 0/0][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][Risk Info: No server to client traffic][PLAIN TEXT (BNEmtWH)][Plen Bins: 50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
@@ -48,7 +48,7 @@ Acceptable 460 48496 23
17 UDP 192.168.12.169:43068 <-> 172.253.121.127:19302 [proto: 78.269/STUN.SignalVoip][IP: 126/Google][ClearText][Confidence: DPI (cache)][DPI packets: 1][cat: VoIP/10][6 pkts/372 bytes <-> 6 pkts/444 bytes][Goodput ratio: 32/43][21.38 sec][bytes ratio: -0.088 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 250/249 4201/2720 10128/10128 4837/4277][Pkt Len c2s/s2c min/avg/max/stddev: 62/74 62/74 62/74 0/0][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][Risk Info: No server to client traffic][PLAIN TEXT (BnDbEJB)][Plen Bins: 50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
18 UDP 192.168.12.169:47767 <-> 172.253.121.127:19302 [proto: 78.269/STUN.SignalVoip][IP: 126/Google][ClearText][Confidence: DPI (cache)][DPI packets: 1][cat: VoIP/10][6 pkts/372 bytes <-> 6 pkts/444 bytes][Goodput ratio: 32/43][21.39 sec][bytes ratio: -0.088 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 249/250 4202/2720 10130/10105 4830/4264][Pkt Len c2s/s2c min/avg/max/stddev: 62/74 62/74 62/74 0/0][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][Risk Info: No server to client traffic][PLAIN TEXT (lbMRpRo)][Plen Bins: 50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
19 UDP 192.168.12.169:47767 <-> 18.195.131.143:54054 [proto: 78.269/STUN.SignalVoip][IP: 265/AmazonAWS][ClearText][Confidence: DPI (cache)][DPI packets: 1][cat: VoIP/10][3 pkts/390 bytes <-> 3 pkts/350 bytes][Goodput ratio: 68/64][0.18 sec][bytes ratio: 0.054 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 6/4 48/52 90/101 42/48][Pkt Len c2s/s2c min/avg/max/stddev: 106/106 130/117 146/138 17/15][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][Risk Info: No server to client traffic][PLAIN TEXT (JUrAzE1)][Plen Bins: 0,0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 20 UDP 192.168.12.169:39518 -> 35.158.183.167:443 [proto: 78.269/STUN.SignalVoip][IP: 265/AmazonAWS][ClearText][Confidence: DPI (cache)][DPI packets: 3][cat: Network/14][10 pkts/660 bytes -> 0 pkts/0 bytes][Goodput ratio: 36/0][3.82 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 64/0 424/0 1928/0 598/0][Pkt Len c2s/s2c min/avg/max/stddev: 62/0 66/0 70/0 4/0][Risk: ** Known Proto on Non Std Port **** Unidirectional Traffic **][Risk Score: 60][Risk Info: No server to client traffic / Expected on port 3478][PLAIN TEXT (BJKHNYBG4)][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 21 UDP 192.168.12.169:47204 -> 35.158.183.167:443 [proto: 78.269/STUN.SignalVoip][IP: 265/AmazonAWS][ClearText][Confidence: DPI (cache)][DPI packets: 3][cat: Network/14][10 pkts/660 bytes -> 0 pkts/0 bytes][Goodput ratio: 36/0][3.82 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 63/0 424/0 1928/0 597/0][Pkt Len c2s/s2c min/avg/max/stddev: 62/0 66/0 70/0 4/0][Risk: ** Known Proto on Non Std Port **** Unidirectional Traffic **][Risk Score: 60][Risk Info: No server to client traffic / Expected on port 3478][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 22 UDP 192.168.12.169:39518 <-> 172.253.121.127:19302 [proto: 78.269/STUN.SignalVoip][IP: 126/Google][ClearText][Confidence: DPI (cache)][DPI packets: 2][cat: Network/14][2 pkts/124 bytes <-> 2 pkts/148 bytes][Goodput ratio: 32/43][0.62 sec][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][Risk Info: No server to client traffic][Plen Bins: 50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 23 UDP 192.168.12.169:47204 <-> 172.253.121.127:19302 [proto: 78.269/STUN.SignalVoip][IP: 126/Google][ClearText][Confidence: DPI (cache)][DPI packets: 2][cat: Network/14][2 pkts/124 bytes <-> 2 pkts/148 bytes][Goodput ratio: 32/43][0.63 sec][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][Risk Info: No server to client traffic][Plen Bins: 50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 20 UDP 192.168.12.169:39518 -> 35.158.183.167:443 [proto: 78.269/STUN.SignalVoip][IP: 265/AmazonAWS][ClearText][Confidence: DPI (cache)][DPI packets: 3][cat: VoIP/10][10 pkts/660 bytes -> 0 pkts/0 bytes][Goodput ratio: 36/0][3.82 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 64/0 424/0 1928/0 598/0][Pkt Len c2s/s2c min/avg/max/stddev: 62/0 66/0 70/0 4/0][Risk: ** Known Proto on Non Std Port **** Unidirectional Traffic **][Risk Score: 60][Risk Info: No server to client traffic / Expected on port 3478][PLAIN TEXT (BJKHNYBG4)][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 21 UDP 192.168.12.169:47204 -> 35.158.183.167:443 [proto: 78.269/STUN.SignalVoip][IP: 265/AmazonAWS][ClearText][Confidence: DPI (cache)][DPI packets: 3][cat: VoIP/10][10 pkts/660 bytes -> 0 pkts/0 bytes][Goodput ratio: 36/0][3.82 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 63/0 424/0 1928/0 597/0][Pkt Len c2s/s2c min/avg/max/stddev: 62/0 66/0 70/0 4/0][Risk: ** Known Proto on Non Std Port **** Unidirectional Traffic **][Risk Score: 60][Risk Info: No server to client traffic / Expected on port 3478][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 22 UDP 192.168.12.169:39518 <-> 172.253.121.127:19302 [proto: 78.269/STUN.SignalVoip][IP: 126/Google][ClearText][Confidence: DPI (cache)][DPI packets: 2][cat: VoIP/10][2 pkts/124 bytes <-> 2 pkts/148 bytes][Goodput ratio: 32/43][0.62 sec][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][Risk Info: No server to client traffic][Plen Bins: 50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 23 UDP 192.168.12.169:47204 <-> 172.253.121.127:19302 [proto: 78.269/STUN.SignalVoip][IP: 126/Google][ClearText][Confidence: DPI (cache)][DPI packets: 2][cat: VoIP/10][2 pkts/124 bytes <-> 2 pkts/148 bytes][Goodput ratio: 32/43][0.63 sec][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][Risk Info: No server to client traffic][Plen Bins: 50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
diff --git a/tests/cfgs/default/result/telegram_videocall.pcapng.out b/tests/cfgs/default/result/telegram_videocall.pcapng.out
index 777af23c5..7d8a9f88e 100644
--- a/tests/cfgs/default/result/telegram_videocall.pcapng.out
+++ b/tests/cfgs/default/result/telegram_videocall.pcapng.out
@@ -55,12 +55,12 @@ Acceptable 883 382822 33
15 UDP 192.168.12.169:37530 <-> 91.108.13.23:1400 [proto: 78.355/STUN.TelegramVoip][IP: 185/Telegram][ClearText][Confidence: DPI][DPI packets: 6][cat: VoIP/10][3 pkts/402 bytes <-> 3 pkts/378 bytes][Goodput ratio: 68/66][14.30 sec][Hostname/SNI: telegram.org][bytes ratio: 0.031 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 133/132 7082/7082 14032/14032 6950/6950][Pkt Len c2s/s2c min/avg/max/stddev: 70/110 134/126 166/134 45/11][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][PLAIN TEXT (Unauthorized)][Plen Bins: 16,0,50,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
16 UDP 192.168.12.169:37849 <-> 91.108.9.35:1400 [proto: 78.355/STUN.TelegramVoip][IP: 185/Telegram][ClearText][Confidence: DPI][DPI packets: 6][cat: VoIP/10][3 pkts/402 bytes <-> 3 pkts/378 bytes][Goodput ratio: 68/66][14.20 sec][Hostname/SNI: telegram.org][bytes ratio: 0.031 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 30/45 7084/7084 14138/14124 7054/7040][Pkt Len c2s/s2c min/avg/max/stddev: 70/110 134/126 166/134 45/11][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][PLAIN TEXT (Bs/cdOs)][Plen Bins: 16,0,50,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
17 UDP 192.168.12.169:40906 <-> 93.36.13.115:35393 [proto: 78.355/STUN.TelegramVoip][IP: 0/Unknown][ClearText][Confidence: DPI (cache)][DPI packets: 1][cat: VoIP/10][2 pkts/248 bytes <-> 2 pkts/244 bytes][Goodput ratio: 66/65][0.13 sec][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][Risk Info: No server to client traffic][Plen Bins: 0,0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 18 UDP 192.168.12.169:40906 <-> 91.108.9.35:1400 [proto: 78.355/STUN.TelegramVoip][IP: 185/Telegram][ClearText][Confidence: DPI (cache)][DPI packets: 4][cat: Network/14][2 pkts/124 bytes <-> 2 pkts/252 bytes][Goodput ratio: 32/66][10.06 sec][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][Plen Bins: 50,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 19 UDP 192.168.12.169:40906 <-> 91.108.13.23:1400 [proto: 78.355/STUN.TelegramVoip][IP: 185/Telegram][ClearText][Confidence: DPI (cache)][DPI packets: 4][cat: Network/14][2 pkts/124 bytes <-> 2 pkts/252 bytes][Goodput ratio: 32/66][10.28 sec][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][PLAIN TEXT (RBkPSgr)][Plen Bins: 50,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 20 UDP 192.168.12.169:40906 <-> 91.108.17.2:1400 [proto: 78.355/STUN.TelegramVoip][IP: 185/Telegram][ClearText][Confidence: DPI (cache)][DPI packets: 4][cat: Network/14][2 pkts/124 bytes <-> 2 pkts/252 bytes][Goodput ratio: 32/66][10.30 sec][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][Plen Bins: 50,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 21 UDP 192.168.12.169:42197 <-> 91.108.9.35:1400 [proto: 78.355/STUN.TelegramVoip][IP: 185/Telegram][ClearText][Confidence: DPI (cache)][DPI packets: 4][cat: Network/14][2 pkts/124 bytes <-> 2 pkts/252 bytes][Goodput ratio: 32/66][10.06 sec][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][PLAIN TEXT (BZOyNeHQUCZIf)][Plen Bins: 50,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 22 UDP 192.168.12.169:42197 <-> 91.108.13.23:1400 [proto: 78.355/STUN.TelegramVoip][IP: 185/Telegram][ClearText][Confidence: DPI (cache)][DPI packets: 4][cat: Network/14][2 pkts/124 bytes <-> 2 pkts/252 bytes][Goodput ratio: 32/66][10.27 sec][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][PLAIN TEXT (BrHWdEqa2)][Plen Bins: 50,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 23 UDP 192.168.12.169:42197 <-> 91.108.17.2:1400 [proto: 78.355/STUN.TelegramVoip][IP: 185/Telegram][ClearText][Confidence: DPI (cache)][DPI packets: 4][cat: Network/14][2 pkts/124 bytes <-> 2 pkts/252 bytes][Goodput ratio: 32/66][10.30 sec][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][PLAIN TEXT (BYyA/MmBER1)][Plen Bins: 50,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 18 UDP 192.168.12.169:40906 <-> 91.108.9.35:1400 [proto: 78.355/STUN.TelegramVoip][IP: 185/Telegram][ClearText][Confidence: DPI (cache)][DPI packets: 4][cat: VoIP/10][2 pkts/124 bytes <-> 2 pkts/252 bytes][Goodput ratio: 32/66][10.06 sec][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][Plen Bins: 50,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 19 UDP 192.168.12.169:40906 <-> 91.108.13.23:1400 [proto: 78.355/STUN.TelegramVoip][IP: 185/Telegram][ClearText][Confidence: DPI (cache)][DPI packets: 4][cat: VoIP/10][2 pkts/124 bytes <-> 2 pkts/252 bytes][Goodput ratio: 32/66][10.28 sec][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][PLAIN TEXT (RBkPSgr)][Plen Bins: 50,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 20 UDP 192.168.12.169:40906 <-> 91.108.17.2:1400 [proto: 78.355/STUN.TelegramVoip][IP: 185/Telegram][ClearText][Confidence: DPI (cache)][DPI packets: 4][cat: VoIP/10][2 pkts/124 bytes <-> 2 pkts/252 bytes][Goodput ratio: 32/66][10.30 sec][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][Plen Bins: 50,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 21 UDP 192.168.12.169:42197 <-> 91.108.9.35:1400 [proto: 78.355/STUN.TelegramVoip][IP: 185/Telegram][ClearText][Confidence: DPI (cache)][DPI packets: 4][cat: VoIP/10][2 pkts/124 bytes <-> 2 pkts/252 bytes][Goodput ratio: 32/66][10.06 sec][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][PLAIN TEXT (BZOyNeHQUCZIf)][Plen Bins: 50,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 22 UDP 192.168.12.169:42197 <-> 91.108.13.23:1400 [proto: 78.355/STUN.TelegramVoip][IP: 185/Telegram][ClearText][Confidence: DPI (cache)][DPI packets: 4][cat: VoIP/10][2 pkts/124 bytes <-> 2 pkts/252 bytes][Goodput ratio: 32/66][10.27 sec][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][PLAIN TEXT (BrHWdEqa2)][Plen Bins: 50,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 23 UDP 192.168.12.169:42197 <-> 91.108.17.2:1400 [proto: 78.355/STUN.TelegramVoip][IP: 185/Telegram][ClearText][Confidence: DPI (cache)][DPI packets: 4][cat: VoIP/10][2 pkts/124 bytes <-> 2 pkts/252 bytes][Goodput ratio: 32/66][10.30 sec][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][PLAIN TEXT (BYyA/MmBER1)][Plen Bins: 50,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
24 UDP 192.168.12.1:17500 -> 192.168.12.255:17500 [proto: 121/Dropbox][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 1][cat: Cloud/13][2 pkts/348 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][30.01 sec][PLAIN TEXT (version)][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
25 TCP 18.195.162.93:443 <-> 192.168.12.169:38956 [proto: 91/TLS][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][DPI packets: 1][cat: Web/5][2 pkts/163 bytes <-> 2 pkts/132 bytes][Goodput ratio: 19/0][5.09 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
26 TCP 192.168.12.169:40710 <-> 52.58.18.25:5222 [proto: 265/AmazonAWS][IP: 265/AmazonAWS][Encrypted][Confidence: Match by IP][DPI packets: 4][cat: Cloud/13][2 pkts/144 bytes <-> 2 pkts/144 bytes][Goodput ratio: 8/8][0.02 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
Powered by cgit, Themed by Ted Yin.