diff options
| author | Ivan Nardi <12729895+IvanNardi@users.noreply.github.com> | 2025-02-12 09:48:35 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2025-02-12 09:48:35 +0100 |
| commit | dba7e9a8ecf773dbbae5feb28d57a1cc81f13069 (patch) | |
| tree | c1a9b4a229d937917fe1d61256d46524c07cf2e4 /tests/cfgs | |
| parent | baca06bfd2d649d5a9b224e15cb4722382347872 (diff) | |
DNS: try to simplify the code (#2718)
Set the classification in only one place in the code.
Diffstat (limited to 'tests/cfgs')
| -rw-r--r-- | tests/cfgs/default/pcap/dns_retransmissions.pcap | bin | 0 -> 538 bytes | |||
| -rw-r--r-- | tests/cfgs/default/result/dns_retransmissions.pcap.out | 27 | ||||
| -rw-r--r-- | tests/cfgs/default/result/fuzz-2006-06-26-2594.pcap.out | 2 | ||||
| -rw-r--r-- | tests/cfgs/dns_sub_enable/config.txt (renamed from tests/cfgs/dns_subclassification_enable/config.txt) | 0 | ||||
| l--------- | tests/cfgs/dns_sub_enable/pcap/dns.pcap (renamed from tests/cfgs/dns_subclassification_enable/pcap/dns.pcap) | 0 | ||||
| l--------- | tests/cfgs/dns_sub_enable/pcap/dns2.pcap | 1 | ||||
| l--------- | tests/cfgs/dns_sub_enable/pcap/dns_multiple_transactions_same_flow.pcap | 1 | ||||
| l--------- | tests/cfgs/dns_sub_enable/pcap/dns_retransmissions.pcap | 1 | ||||
| -rw-r--r-- | tests/cfgs/dns_sub_enable/result/dns.pcap.out (renamed from tests/cfgs/dns_subclassification_enable/result/dns.pcap.out) | 4 | ||||
| -rw-r--r-- | tests/cfgs/dns_sub_enable/result/dns2.pcap.out | 27 | ||||
| -rw-r--r-- | tests/cfgs/dns_sub_enable/result/dns_multiple_transactions_same_flow.pcap.out | 27 | ||||
| -rw-r--r-- | tests/cfgs/dns_sub_enable/result/dns_retransmissions.pcap.out | 27 |
12 files changed, 114 insertions, 3 deletions
diff --git a/tests/cfgs/default/pcap/dns_retransmissions.pcap b/tests/cfgs/default/pcap/dns_retransmissions.pcap Binary files differnew file mode 100644 index 000000000..193846044 --- /dev/null +++ b/tests/cfgs/default/pcap/dns_retransmissions.pcap diff --git a/tests/cfgs/default/result/dns_retransmissions.pcap.out b/tests/cfgs/default/result/dns_retransmissions.pcap.out new file mode 100644 index 000000000..efd91d0b8 --- /dev/null +++ b/tests/cfgs/default/result/dns_retransmissions.pcap.out @@ -0,0 +1,27 @@ +DPI Packets (UDP): 3 (3.00 pkts/flow) +Confidence DPI : 1 (flows) +Num dissector calls: 1 (1.00 diss/flow) +LRU cache ookla: 0/0/0 (insert/search/found) +LRU cache bittorrent: 0/0/0 (insert/search/found) +LRU cache stun: 0/0/0 (insert/search/found) +LRU cache tls_cert: 0/0/0 (insert/search/found) +LRU cache mining: 0/0/0 (insert/search/found) +LRU cache msteams: 0/0/0 (insert/search/found) +LRU cache fpc_dns: 1/0/0 (insert/search/found) +Automa host: 3/3 (search/found) +Automa domain: 3/0 (search/found) +Automa tls cert: 0/0 (search/found) +Automa risk mask: 1/0 (search/found) +Automa common alpns: 0/0 (search/found) +Patricia risk mask: 2/0 (search/found) +Patricia risk mask IPv6: 0/0 (search/found) +Patricia risk: 1/0 (search/found) +Patricia risk IPv6: 0/0 (search/found) +Patricia protocols: 1/1 (search/found) +Patricia protocols IPv6: 0/0 (search/found) + +DNS 4 450 1 + +Acceptable 4 450 1 + + 1 UDP 37.41.101.140:11892 <-> 208.67.222.222:53 [VLAN: 103][proto: 5/DNS][IP: 225/OpenDNS][ClearText][Confidence: DPI][FPC: 5/DNS, Confidence: DPI][DPI packets: 3][cat: Network/14][2 pkts/150 bytes <-> 2 pkts/300 bytes][Goodput ratio: 38/69][0.20 sec][Hostname/SNI: api.msn.com][204.79.197.203][DNS Id: 0xb8e2][PLAIN TEXT (msedge)][Plen Bins: 50,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] diff --git a/tests/cfgs/default/result/fuzz-2006-06-26-2594.pcap.out b/tests/cfgs/default/result/fuzz-2006-06-26-2594.pcap.out index e2d0b6ab1..cd0758067 100644 --- a/tests/cfgs/default/result/fuzz-2006-06-26-2594.pcap.out +++ b/tests/cfgs/default/result/fuzz-2006-06-26-2594.pcap.out @@ -17,7 +17,7 @@ LRU cache fpc_dns: 0/63/0 (insert/search/found) Automa host: 244/0 (search/found) Automa domain: 237/0 (search/found) Automa tls cert: 0/0 (search/found) -Automa risk mask: 127/0 (search/found) +Automa risk mask: 128/0 (search/found) Automa common alpns: 0/0 (search/found) Patricia risk mask: 374/0 (search/found) Patricia risk mask IPv6: 0/0 (search/found) diff --git a/tests/cfgs/dns_subclassification_enable/config.txt b/tests/cfgs/dns_sub_enable/config.txt index 76280fbb3..76280fbb3 100644 --- a/tests/cfgs/dns_subclassification_enable/config.txt +++ b/tests/cfgs/dns_sub_enable/config.txt diff --git a/tests/cfgs/dns_subclassification_enable/pcap/dns.pcap b/tests/cfgs/dns_sub_enable/pcap/dns.pcap index aea7db12b..aea7db12b 120000 --- a/tests/cfgs/dns_subclassification_enable/pcap/dns.pcap +++ b/tests/cfgs/dns_sub_enable/pcap/dns.pcap diff --git a/tests/cfgs/dns_sub_enable/pcap/dns2.pcap b/tests/cfgs/dns_sub_enable/pcap/dns2.pcap new file mode 120000 index 000000000..ad76a4ee9 --- /dev/null +++ b/tests/cfgs/dns_sub_enable/pcap/dns2.pcap @@ -0,0 +1 @@ +../../default/pcap/dns2.pcap
\ No newline at end of file diff --git a/tests/cfgs/dns_sub_enable/pcap/dns_multiple_transactions_same_flow.pcap b/tests/cfgs/dns_sub_enable/pcap/dns_multiple_transactions_same_flow.pcap new file mode 120000 index 000000000..1b27fbb3b --- /dev/null +++ b/tests/cfgs/dns_sub_enable/pcap/dns_multiple_transactions_same_flow.pcap @@ -0,0 +1 @@ +../../default/pcap/dns_multiple_transactions_same_flow.pcap
\ No newline at end of file diff --git a/tests/cfgs/dns_sub_enable/pcap/dns_retransmissions.pcap b/tests/cfgs/dns_sub_enable/pcap/dns_retransmissions.pcap new file mode 120000 index 000000000..0f1975f5b --- /dev/null +++ b/tests/cfgs/dns_sub_enable/pcap/dns_retransmissions.pcap @@ -0,0 +1 @@ +../../default/pcap/dns_retransmissions.pcap
\ No newline at end of file diff --git a/tests/cfgs/dns_subclassification_enable/result/dns.pcap.out b/tests/cfgs/dns_sub_enable/result/dns.pcap.out index 58245839a..eb066950c 100644 --- a/tests/cfgs/dns_subclassification_enable/result/dns.pcap.out +++ b/tests/cfgs/dns_sub_enable/result/dns.pcap.out @@ -11,9 +11,9 @@ LRU cache fpc_dns: 1/0/0 (insert/search/found) Automa host: 3/3 (search/found) Automa domain: 3/0 (search/found) Automa tls cert: 0/0 (search/found) -Automa risk mask: 1/0 (search/found) +Automa risk mask: 2/0 (search/found) Automa common alpns: 0/0 (search/found) -Patricia risk mask: 2/0 (search/found) +Patricia risk mask: 4/0 (search/found) Patricia risk mask IPv6: 0/0 (search/found) Patricia risk: 1/0 (search/found) Patricia risk IPv6: 0/0 (search/found) diff --git a/tests/cfgs/dns_sub_enable/result/dns2.pcap.out b/tests/cfgs/dns_sub_enable/result/dns2.pcap.out new file mode 100644 index 000000000..fca56be89 --- /dev/null +++ b/tests/cfgs/dns_sub_enable/result/dns2.pcap.out @@ -0,0 +1,27 @@ +DPI Packets (UDP): 3 (3.00 pkts/flow) +Confidence DPI : 1 (flows) +Num dissector calls: 1 (1.00 diss/flow) +LRU cache ookla: 0/0/0 (insert/search/found) +LRU cache bittorrent: 0/0/0 (insert/search/found) +LRU cache stun: 0/0/0 (insert/search/found) +LRU cache tls_cert: 0/0/0 (insert/search/found) +LRU cache mining: 0/0/0 (insert/search/found) +LRU cache msteams: 0/0/0 (insert/search/found) +LRU cache fpc_dns: 0/0/0 (insert/search/found) +Automa host: 3/3 (search/found) +Automa domain: 3/0 (search/found) +Automa tls cert: 0/0 (search/found) +Automa risk mask: 1/0 (search/found) +Automa common alpns: 0/0 (search/found) +Patricia risk mask: 2/0 (search/found) +Patricia risk mask IPv6: 0/0 (search/found) +Patricia risk: 0/0 (search/found) +Patricia risk IPv6: 0/0 (search/found) +Patricia protocols: 1/1 (search/found) +Patricia protocols IPv6: 0/0 (search/found) + +Github 4 405 1 + +Acceptable 4 405 1 + + 1 UDP 192.168.255.251:56550 <-> 8.8.8.8:53 [proto: 5.203/DNS.Github][IP: 126/Google][ClearText][Confidence: DPI][FPC: 5.203/DNS.Github, Confidence: DPI][DPI packets: 3][cat: Network/14][2 pkts/148 bytes <-> 2 pkts/257 bytes][Goodput ratio: 43/67][0.03 sec][Hostname/SNI: www.github.com][0.0.0.0][DNS Id: 0xeaef][PLAIN TEXT (github)][Plen Bins: 0,75,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] diff --git a/tests/cfgs/dns_sub_enable/result/dns_multiple_transactions_same_flow.pcap.out b/tests/cfgs/dns_sub_enable/result/dns_multiple_transactions_same_flow.pcap.out new file mode 100644 index 000000000..e9b7cfc77 --- /dev/null +++ b/tests/cfgs/dns_sub_enable/result/dns_multiple_transactions_same_flow.pcap.out @@ -0,0 +1,27 @@ +DPI Packets (UDP): 2 (2.00 pkts/flow) +Confidence DPI : 1 (flows) +Num dissector calls: 1 (1.00 diss/flow) +LRU cache ookla: 0/0/0 (insert/search/found) +LRU cache bittorrent: 0/0/0 (insert/search/found) +LRU cache stun: 0/0/0 (insert/search/found) +LRU cache tls_cert: 0/0/0 (insert/search/found) +LRU cache mining: 0/0/0 (insert/search/found) +LRU cache msteams: 0/0/0 (insert/search/found) +LRU cache fpc_dns: 1/0/0 (insert/search/found) +Automa host: 2/2 (search/found) +Automa domain: 2/0 (search/found) +Automa tls cert: 0/0 (search/found) +Automa risk mask: 1/0 (search/found) +Automa common alpns: 0/0 (search/found) +Patricia risk mask: 2/0 (search/found) +Patricia risk mask IPv6: 0/0 (search/found) +Patricia risk: 0/0 (search/found) +Patricia risk IPv6: 0/0 (search/found) +Patricia protocols: 2/0 (search/found) +Patricia protocols IPv6: 0/0 (search/found) + +Google 80 10969 1 + +Acceptable 80 10969 1 + + 1 UDP 192.168.1.204:50234 <-> 192.168.1.253:53 [proto: 5.126/DNS.Google][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 5.126/DNS.Google, Confidence: DPI][DPI packets: 2][cat: Network/14][40 pkts/3152 bytes <-> 40 pkts/7817 bytes][Goodput ratio: 47/78][403.67 sec][Hostname/SNI: www.google.com][142.251.209.36][DNS Id: 0x1655][bytes ratio: -0.425 (Download)][IAT c2s/s2c min/avg/max/stddev: 23/9 11635/11637 110617/110608 23370/23370][Pkt Len c2s/s2c min/avg/max/stddev: 68/68 79/195 94/356 9/104][PLAIN TEXT (google)][Plen Bins: 27,36,6,8,0,1,5,2,6,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] diff --git a/tests/cfgs/dns_sub_enable/result/dns_retransmissions.pcap.out b/tests/cfgs/dns_sub_enable/result/dns_retransmissions.pcap.out new file mode 100644 index 000000000..fffa41ff8 --- /dev/null +++ b/tests/cfgs/dns_sub_enable/result/dns_retransmissions.pcap.out @@ -0,0 +1,27 @@ +DPI Packets (UDP): 3 (3.00 pkts/flow) +Confidence DPI : 1 (flows) +Num dissector calls: 1 (1.00 diss/flow) +LRU cache ookla: 0/0/0 (insert/search/found) +LRU cache bittorrent: 0/0/0 (insert/search/found) +LRU cache stun: 0/0/0 (insert/search/found) +LRU cache tls_cert: 0/0/0 (insert/search/found) +LRU cache mining: 0/0/0 (insert/search/found) +LRU cache msteams: 0/0/0 (insert/search/found) +LRU cache fpc_dns: 1/0/0 (insert/search/found) +Automa host: 3/3 (search/found) +Automa domain: 3/0 (search/found) +Automa tls cert: 0/0 (search/found) +Automa risk mask: 1/0 (search/found) +Automa common alpns: 0/0 (search/found) +Patricia risk mask: 2/0 (search/found) +Patricia risk mask IPv6: 0/0 (search/found) +Patricia risk: 1/0 (search/found) +Patricia risk IPv6: 0/0 (search/found) +Patricia protocols: 1/1 (search/found) +Patricia protocols IPv6: 0/0 (search/found) + +Microsoft 4 450 1 + +Safe 4 450 1 + + 1 UDP 37.41.101.140:11892 <-> 208.67.222.222:53 [VLAN: 103][proto: 5.212/DNS.Microsoft][IP: 225/OpenDNS][ClearText][Confidence: DPI][FPC: 5.212/DNS.Microsoft, Confidence: DPI][DPI packets: 3][cat: Network/14][2 pkts/150 bytes <-> 2 pkts/300 bytes][Goodput ratio: 38/69][0.20 sec][Hostname/SNI: api.msn.com][204.79.197.203][DNS Id: 0xb8e2][PLAIN TEXT (msedge)][Plen Bins: 50,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] |