diff options
| author | Toni Uhlig <matzeton@googlemail.com> | 2022-10-20 18:07:12 +0200 |
|---|---|---|
| committer | Toni <matzeton@googlemail.com> | 2022-10-20 22:10:35 +0200 |
| commit | 29242cbcb631447b84199202bd1d3d5593e80dcc (patch) | |
| tree | a6ce152f2652bacd25a9fc376516dc5224189e0f /tests/result | |
| parent | 9c0caa536204e647518deab41e2cd5b7ff93c77d (diff) | |
Add Munin protocol dissector.
* all credits goes to @verzulli
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
Diffstat (limited to 'tests/result')
77 files changed, 104 insertions, 77 deletions
diff --git a/tests/result/1kxun.pcap.out b/tests/result/1kxun.pcap.out index 4ed7eb61e..4b5ff8fc1 100644 --- a/tests/result/1kxun.pcap.out +++ b/tests/result/1kxun.pcap.out @@ -5,7 +5,7 @@ DPI Packets (UDP): 120 (1.21 pkts/flow) Confidence Unknown : 14 (flows) Confidence Match by port : 6 (flows) Confidence DPI : 177 (flows) -Num dissector calls: 4783 (24.28 diss/flow) +Num dissector calls: 4786 (24.29 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/45/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/result/443-chrome.pcap.out b/tests/result/443-chrome.pcap.out index 33742ec0d..5e60d5bbb 100644 --- a/tests/result/443-chrome.pcap.out +++ b/tests/result/443-chrome.pcap.out @@ -2,7 +2,7 @@ Guessed flow protos: 1 DPI Packets (TCP): 1 (1.00 pkts/flow) Confidence Match by port : 1 (flows) -Num dissector calls: 126 (126.00 diss/flow) +Num dissector calls: 127 (127.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/result/443-opvn.pcap.out b/tests/result/443-opvn.pcap.out index db29de48f..538148c4a 100644 --- a/tests/result/443-opvn.pcap.out +++ b/tests/result/443-opvn.pcap.out @@ -2,7 +2,7 @@ Guessed flow protos: 0 DPI Packets (TCP): 6 (6.00 pkts/flow) Confidence DPI : 1 (flows) -Num dissector calls: 127 (127.00 diss/flow) +Num dissector calls: 128 (128.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/result/KakaoTalk_chat.pcap.out b/tests/result/KakaoTalk_chat.pcap.out index 29619ba10..2392f6e2d 100644 --- a/tests/result/KakaoTalk_chat.pcap.out +++ b/tests/result/KakaoTalk_chat.pcap.out @@ -5,7 +5,7 @@ DPI Packets (UDP): 36 (2.00 pkts/flow) DPI Packets (other): 1 (1.00 pkts/flow) Confidence Match by port : 5 (flows) Confidence DPI : 33 (flows) -Num dissector calls: 645 (16.97 diss/flow) +Num dissector calls: 647 (17.03 diss/flow) LRU cache ookla: 0/1/0 (insert/search/found) LRU cache bittorrent: 0/6/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/result/KakaoTalk_talk.pcap.out b/tests/result/KakaoTalk_talk.pcap.out index 53a3c9b4c..3cf094a00 100644 --- a/tests/result/KakaoTalk_talk.pcap.out +++ b/tests/result/KakaoTalk_talk.pcap.out @@ -5,7 +5,7 @@ DPI Packets (UDP): 6 (1.20 pkts/flow) Confidence Unknown : 1 (flows) Confidence Match by port : 8 (flows) Confidence DPI : 11 (flows) -Num dissector calls: 878 (43.90 diss/flow) +Num dissector calls: 882 (44.10 diss/flow) LRU cache ookla: 0/2/0 (insert/search/found) LRU cache bittorrent: 0/3/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/result/Oscar.pcap.out b/tests/result/Oscar.pcap.out index cc97ceb15..db112a95d 100644 --- a/tests/result/Oscar.pcap.out +++ b/tests/result/Oscar.pcap.out @@ -2,7 +2,7 @@ Guessed flow protos: 1 DPI Packets (TCP): 33 (33.00 pkts/flow) Confidence Match by port : 1 (flows) -Num dissector calls: 357 (357.00 diss/flow) +Num dissector calls: 358 (358.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/3/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/result/alexa-app.pcapng.out b/tests/result/alexa-app.pcapng.out index 76387ac15..25900eb3c 100644 --- a/tests/result/alexa-app.pcapng.out +++ b/tests/result/alexa-app.pcapng.out @@ -5,7 +5,7 @@ DPI Packets (UDP): 64 (1.94 pkts/flow) DPI Packets (other): 6 (1.00 pkts/flow) Confidence Match by port : 14 (flows) Confidence DPI : 146 (flows) -Num dissector calls: 540 (3.38 diss/flow) +Num dissector calls: 541 (3.38 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/result/amqp.pcap.out b/tests/result/amqp.pcap.out index dbcc76af3..32935510a 100644 --- a/tests/result/amqp.pcap.out +++ b/tests/result/amqp.pcap.out @@ -2,7 +2,7 @@ Guessed flow protos: 0 DPI Packets (TCP): 9 (3.00 pkts/flow) Confidence DPI : 3 (flows) -Num dissector calls: 410 (136.67 diss/flow) +Num dissector calls: 411 (137.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/3/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/result/anyconnect-vpn.pcap.out b/tests/result/anyconnect-vpn.pcap.out index f2ae477b9..a193c79d6 100644 --- a/tests/result/anyconnect-vpn.pcap.out +++ b/tests/result/anyconnect-vpn.pcap.out @@ -6,7 +6,7 @@ DPI Packets (other): 10 (1.00 pkts/flow) Confidence Unknown : 2 (flows) Confidence Match by port : 6 (flows) Confidence DPI : 61 (flows) -Num dissector calls: 934 (13.54 diss/flow) +Num dissector calls: 935 (13.55 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/9/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/result/cassandra.pcap.out b/tests/result/cassandra.pcap.out index cb0d3f578..6bee7c218 100644 --- a/tests/result/cassandra.pcap.out +++ b/tests/result/cassandra.pcap.out @@ -2,7 +2,7 @@ Guessed flow protos: 0 DPI Packets (TCP): 18 (9.00 pkts/flow) Confidence DPI : 2 (flows) -Num dissector calls: 356 (178.00 diss/flow) +Num dissector calls: 358 (179.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/result/cloudflare-warp.pcap.out b/tests/result/cloudflare-warp.pcap.out index 4254c80d9..765520449 100644 --- a/tests/result/cloudflare-warp.pcap.out +++ b/tests/result/cloudflare-warp.pcap.out @@ -4,7 +4,7 @@ DPI Packets (TCP): 41 (5.12 pkts/flow) Confidence Unknown : 1 (flows) Confidence Match by port : 2 (flows) Confidence DPI : 5 (flows) -Num dissector calls: 185 (23.12 diss/flow) +Num dissector calls: 186 (23.25 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/3/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/result/emotet.pcap.out b/tests/result/emotet.pcap.out index d8e85f9ef..dfe58826a 100644 --- a/tests/result/emotet.pcap.out +++ b/tests/result/emotet.pcap.out @@ -2,7 +2,7 @@ Guessed flow protos: 0 DPI Packets (TCP): 48 (8.00 pkts/flow) Confidence DPI : 6 (flows) -Num dissector calls: 203 (33.83 diss/flow) +Num dissector calls: 204 (34.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/result/fastcgi.pcap.out b/tests/result/fastcgi.pcap.out index ea8b54bcd..3c13ec385 100644 --- a/tests/result/fastcgi.pcap.out +++ b/tests/result/fastcgi.pcap.out @@ -2,7 +2,7 @@ Guessed flow protos: 0 DPI Packets (TCP): 6 (6.00 pkts/flow) Confidence DPI : 1 (flows) -Num dissector calls: 157 (157.00 diss/flow) +Num dissector calls: 158 (158.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/result/ftp-start-tls.pcap.out b/tests/result/ftp-start-tls.pcap.out index e7c20a4b7..0348493dd 100644 --- a/tests/result/ftp-start-tls.pcap.out +++ b/tests/result/ftp-start-tls.pcap.out @@ -2,7 +2,7 @@ Guessed flow protos: 0 DPI Packets (TCP): 17 (17.00 pkts/flow) Confidence DPI : 1 (flows) -Num dissector calls: 156 (156.00 diss/flow) +Num dissector calls: 157 (157.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/result/ftp.pcap.out b/tests/result/ftp.pcap.out index cc762de48..e03bb3d77 100644 --- a/tests/result/ftp.pcap.out +++ b/tests/result/ftp.pcap.out @@ -3,7 +3,7 @@ Guessed flow protos: 1 DPI Packets (TCP): 49 (16.33 pkts/flow) Confidence Unknown : 1 (flows) Confidence DPI : 2 (flows) -Num dissector calls: 663 (221.00 diss/flow) +Num dissector calls: 665 (221.67 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/3/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/result/ftp_failed.pcap.out b/tests/result/ftp_failed.pcap.out index 4370573b9..e2369e292 100644 --- a/tests/result/ftp_failed.pcap.out +++ b/tests/result/ftp_failed.pcap.out @@ -2,7 +2,7 @@ Guessed flow protos: 0 DPI Packets (TCP): 8 (8.00 pkts/flow) Confidence DPI : 1 (flows) -Num dissector calls: 155 (155.00 diss/flow) +Num dissector calls: 156 (156.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/result/fuzz-2006-06-26-2594.pcap.out b/tests/result/fuzz-2006-06-26-2594.pcap.out index 44ba1ed0c..e2899667b 100644 --- a/tests/result/fuzz-2006-06-26-2594.pcap.out +++ b/tests/result/fuzz-2006-06-26-2594.pcap.out @@ -6,7 +6,7 @@ DPI Packets (other): 5 (1.00 pkts/flow) Confidence Unknown : 30 (flows) Confidence Match by port : 28 (flows) Confidence DPI : 193 (flows) -Num dissector calls: 5543 (22.08 diss/flow) +Num dissector calls: 5556 (22.14 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/129/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/result/fuzz-2006-09-29-28586.pcap.out b/tests/result/fuzz-2006-09-29-28586.pcap.out index cb44bc2c9..1b4fbb798 100644 --- a/tests/result/fuzz-2006-09-29-28586.pcap.out +++ b/tests/result/fuzz-2006-09-29-28586.pcap.out @@ -5,7 +5,7 @@ DPI Packets (other): 1 (1.00 pkts/flow) Confidence Unknown : 3 (flows) Confidence Match by port : 26 (flows) Confidence DPI : 11 (flows) -Num dissector calls: 1025 (25.62 diss/flow) +Num dissector calls: 1031 (25.77 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/9/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/result/fuzz-2021-10-13.pcap.out b/tests/result/fuzz-2021-10-13.pcap.out index d1f1280f2..3b14fba8f 100644 --- a/tests/result/fuzz-2021-10-13.pcap.out +++ b/tests/result/fuzz-2021-10-13.pcap.out @@ -2,7 +2,7 @@ Guessed flow protos: 1 DPI Packets (TCP): 1 (1.00 pkts/flow) Confidence Unknown : 1 (flows) -Num dissector calls: 124 (124.00 diss/flow) +Num dissector calls: 125 (125.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/3/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/result/google_ssl.pcap.out b/tests/result/google_ssl.pcap.out index 54a270ae9..1d3b9c352 100644 --- a/tests/result/google_ssl.pcap.out +++ b/tests/result/google_ssl.pcap.out @@ -2,7 +2,7 @@ Guessed flow protos: 1 DPI Packets (TCP): 28 (28.00 pkts/flow) Confidence Match by port : 1 (flows) -Num dissector calls: 222 (222.00 diss/flow) +Num dissector calls: 223 (223.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/3/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/result/h323-overflow.pcap.out b/tests/result/h323-overflow.pcap.out index d727de0dd..53aefab49 100644 --- a/tests/result/h323-overflow.pcap.out +++ b/tests/result/h323-overflow.pcap.out @@ -21,4 +21,4 @@ Patricia protocols: 0/0 (search/found) HomeRouter 1 58 1 - 1 TCP 192.168.1.1:31337 -> 192.168.1.2:80 [proto: 330/HomeRouter][IP: 0/Unknown][ClearText][Confidence: nBPF][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 7/0][< 1 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 1 TCP 192.168.1.1:31337 -> 192.168.1.2:80 [proto: 331/HomeRouter][IP: 0/Unknown][ClearText][Confidence: nBPF][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 7/0][< 1 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] diff --git a/tests/result/h323.pcap.out b/tests/result/h323.pcap.out index 0e1eb2a7a..ffc0e0ad3 100644 --- a/tests/result/h323.pcap.out +++ b/tests/result/h323.pcap.out @@ -3,7 +3,7 @@ Guessed flow protos: 0 DPI Packets (TCP): 2 (2.00 pkts/flow) DPI Packets (UDP): 1 (1.00 pkts/flow) Confidence DPI : 2 (flows) -Num dissector calls: 128 (64.00 diss/flow) +Num dissector calls: 129 (64.50 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/result/http_guessed_host_and_guessed.pcapng.out b/tests/result/http_guessed_host_and_guessed.pcapng.out index af2816340..832a519e4 100644 --- a/tests/result/http_guessed_host_and_guessed.pcapng.out +++ b/tests/result/http_guessed_host_and_guessed.pcapng.out @@ -2,7 +2,7 @@ Guessed flow protos: 1 DPI Packets (TCP): 1 (1.00 pkts/flow) Confidence Match by port : 1 (flows) -Num dissector calls: 126 (126.00 diss/flow) +Num dissector calls: 127 (127.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/result/imap-starttls.pcap.out b/tests/result/imap-starttls.pcap.out index 9e4479268..9c14011e2 100644 --- a/tests/result/imap-starttls.pcap.out +++ b/tests/result/imap-starttls.pcap.out @@ -2,7 +2,7 @@ Guessed flow protos: 0 DPI Packets (TCP): 19 (19.00 pkts/flow) Confidence DPI : 1 (flows) -Num dissector calls: 208 (208.00 diss/flow) +Num dissector calls: 209 (209.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/result/imap.pcap.out b/tests/result/imap.pcap.out index 76c28dce6..9c2276f1e 100644 --- a/tests/result/imap.pcap.out +++ b/tests/result/imap.pcap.out @@ -2,7 +2,7 @@ Guessed flow protos: 0 DPI Packets (TCP): 11 (11.00 pkts/flow) Confidence DPI : 1 (flows) -Num dissector calls: 208 (208.00 diss/flow) +Num dissector calls: 209 (209.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/result/instagram.pcap.out b/tests/result/instagram.pcap.out index ead668a2b..ca5b0822b 100644 --- a/tests/result/instagram.pcap.out +++ b/tests/result/instagram.pcap.out @@ -6,7 +6,7 @@ DPI Packets (other): 1 (1.00 pkts/flow) Confidence Unknown : 1 (flows) Confidence Match by port : 7 (flows) Confidence DPI : 30 (flows) -Num dissector calls: 1913 (50.34 diss/flow) +Num dissector calls: 1917 (50.45 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/15/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/result/irc.pcap.out b/tests/result/irc.pcap.out index a7f59bcc2..d38088a93 100644 --- a/tests/result/irc.pcap.out +++ b/tests/result/irc.pcap.out @@ -2,7 +2,7 @@ Guessed flow protos: 0 DPI Packets (TCP): 7 (7.00 pkts/flow) Confidence DPI : 1 (flows) -Num dissector calls: 162 (162.00 diss/flow) +Num dissector calls: 163 (163.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/result/jabber.pcap.out b/tests/result/jabber.pcap.out index 8b03912a4..2a6c06c68 100644 --- a/tests/result/jabber.pcap.out +++ b/tests/result/jabber.pcap.out @@ -2,7 +2,7 @@ Guessed flow protos: 0 DPI Packets (TCP): 74 (6.17 pkts/flow) Confidence DPI : 12 (flows) -Num dissector calls: 1454 (121.17 diss/flow) +Num dissector calls: 1463 (121.92 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/result/kerberos.pcap.out b/tests/result/kerberos.pcap.out index f641c8f89..37ec051e3 100644 --- a/tests/result/kerberos.pcap.out +++ b/tests/result/kerberos.pcap.out @@ -4,7 +4,7 @@ DPI Packets (TCP): 77 (2.14 pkts/flow) Confidence Unknown : 2 (flows) Confidence Match by port : 23 (flows) Confidence DPI : 11 (flows) -Num dissector calls: 4021 (111.69 diss/flow) +Num dissector calls: 4046 (112.39 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/6/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/result/log4j-webapp-exploit.pcap.out b/tests/result/log4j-webapp-exploit.pcap.out index b6fe3d671..e1298e3bc 100644 --- a/tests/result/log4j-webapp-exploit.pcap.out +++ b/tests/result/log4j-webapp-exploit.pcap.out @@ -3,7 +3,7 @@ Guessed flow protos: 2 DPI Packets (TCP): 63 (9.00 pkts/flow) Confidence Unknown : 2 (flows) Confidence DPI : 5 (flows) -Num dissector calls: 467 (66.71 diss/flow) +Num dissector calls: 468 (66.86 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/6/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/result/memcached.cap.out b/tests/result/memcached.cap.out index 977656da0..a3c6a7015 100644 --- a/tests/result/memcached.cap.out +++ b/tests/result/memcached.cap.out @@ -2,7 +2,7 @@ Guessed flow protos: 0 DPI Packets (TCP): 6 (6.00 pkts/flow) Confidence DPI : 1 (flows) -Num dissector calls: 127 (127.00 diss/flow) +Num dissector calls: 128 (128.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/result/mongo_false_positive.pcapng.out b/tests/result/mongo_false_positive.pcapng.out index c940e5fa5..6f1572100 100644 --- a/tests/result/mongo_false_positive.pcapng.out +++ b/tests/result/mongo_false_positive.pcapng.out @@ -2,7 +2,7 @@ Guessed flow protos: 1 DPI Packets (TCP): 26 (26.00 pkts/flow) Confidence Match by port : 1 (flows) -Num dissector calls: 432 (432.00 diss/flow) +Num dissector calls: 433 (433.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/3/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/result/mssql_tds.pcap.out b/tests/result/mssql_tds.pcap.out index d2c6bbcba..c41277a0b 100644 --- a/tests/result/mssql_tds.pcap.out +++ b/tests/result/mssql_tds.pcap.out @@ -3,7 +3,7 @@ Guessed flow protos: 1 DPI Packets (TCP): 18 (1.50 pkts/flow) Confidence Match by port : 1 (flows) Confidence DPI : 11 (flows) -Num dissector calls: 296 (24.67 diss/flow) +Num dissector calls: 297 (24.75 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/result/munin.pcap.out b/tests/result/munin.pcap.out new file mode 100644 index 000000000..796cb6704 --- /dev/null +++ b/tests/result/munin.pcap.out @@ -0,0 +1,27 @@ +Guessed flow protos: 0 + +DPI Packets (TCP): 16 (4.00 pkts/flow) +Confidence DPI : 4 (flows) +Num dissector calls: 4 (1.00 diss/flow) +LRU cache ookla: 0/0/0 (insert/search/found) +LRU cache bittorrent: 0/0/0 (insert/search/found) +LRU cache zoom: 0/0/0 (insert/search/found) +LRU cache stun: 0/0/0 (insert/search/found) +LRU cache tls_cert: 0/0/0 (insert/search/found) +LRU cache mining: 0/0/0 (insert/search/found) +LRU cache msteams: 0/0/0 (insert/search/found) +Automa host: 0/0 (search/found) +Automa domain: 0/0 (search/found) +Automa tls cert: 0/0 (search/found) +Automa risk mask: 0/0 (search/found) +Automa common alpns: 0/0 (search/found) +Patricia risk mask: 8/0 (search/found) +Patricia risk: 0/0 (search/found) +Patricia protocols: 8/0 (search/found) + +Munin 60 5422 4 + + 1 TCP 172.16.16.108:59958 <-> 172.16.17.1:4949 [proto: 329/Munin][IP: 0/Unknown][ClearText][Confidence: DPI][cat: System/18][8 pkts/592 bytes <-> 7 pkts/835 bytes][Goodput ratio: 9/44][0.22 sec][Hostname/SNI: gw-ct][bytes ratio: -0.170 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 18/24 30/35 13/12][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 74/119 93/349 10/95][PLAIN TEXT ( munin node at gw)][Plen Bins: 75,12,0,0,0,0,0,0,12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 2 TCP 172.16.16.108:55256 <-> 172.16.17.102:4949 [proto: 329/Munin][IP: 0/Unknown][ClearText][Confidence: DPI][cat: System/18][8 pkts/602 bytes <-> 7 pkts/737 bytes][Goodput ratio: 11/36][0.23 sec][Hostname/SNI: elastic-node02][bytes ratio: -0.101 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 20/27 34/47 14/15][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 75/105 93/251 10/61][PLAIN TEXT ( munin node at elastic)][Plen Bins: 87,0,0,0,0,12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 3 TCP 172.16.16.108:45654 <-> 172.16.17.103:4949 [proto: 329/Munin][IP: 0/Unknown][ClearText][Confidence: DPI][cat: System/18][8 pkts/596 bytes <-> 7 pkts/732 bytes][Goodput ratio: 10/36][0.25 sec][Hostname/SNI: kibana-node01][bytes ratio: -0.102 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 21/29 42/50 15/17][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 74/105 93/251 10/61][PLAIN TEXT ( munin node at kibana)][Plen Bins: 87,0,0,0,0,12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 4 TCP 172.16.16.108:53314 <-> 172.16.17.101:4949 [proto: 329/Munin][IP: 0/Unknown][ClearText][Confidence: DPI][cat: System/18][8 pkts/596 bytes <-> 7 pkts/732 bytes][Goodput ratio: 10/36][0.22 sec][Hostname/SNI: log-collector][bytes ratio: -0.102 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 18/24 31/37 13/13][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 74/105 93/251 10/61][PLAIN TEXT ( munin node at log)][Plen Bins: 87,0,0,0,0,12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] diff --git a/tests/result/nest_log_sink.pcap.out b/tests/result/nest_log_sink.pcap.out index f5fd809e2..7cfbd0f32 100644 --- a/tests/result/nest_log_sink.pcap.out +++ b/tests/result/nest_log_sink.pcap.out @@ -4,7 +4,7 @@ DPI Packets (TCP): 130 (10.00 pkts/flow) DPI Packets (UDP): 2 (2.00 pkts/flow) Confidence Match by port : 1 (flows) Confidence DPI : 13 (flows) -Num dissector calls: 1897 (135.50 diss/flow) +Num dissector calls: 1909 (136.36 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/result/netbios.pcap.out b/tests/result/netbios.pcap.out index ee0b1f12f..2f6fa01b3 100644 --- a/tests/result/netbios.pcap.out +++ b/tests/result/netbios.pcap.out @@ -4,7 +4,7 @@ DPI Packets (TCP): 2 (2.00 pkts/flow) DPI Packets (UDP): 14 (1.00 pkts/flow) Confidence Match by port : 1 (flows) Confidence DPI : 14 (flows) -Num dissector calls: 140 (9.33 diss/flow) +Num dissector calls: 141 (9.40 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/result/nntp.pcap.out b/tests/result/nntp.pcap.out index 24f5d4082..0eb1904c9 100644 --- a/tests/result/nntp.pcap.out +++ b/tests/result/nntp.pcap.out @@ -2,7 +2,7 @@ Guessed flow protos: 0 DPI Packets (TCP): 6 (6.00 pkts/flow) Confidence DPI : 1 (flows) -Num dissector calls: 134 (134.00 diss/flow) +Num dissector calls: 135 (135.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/result/openvpn.pcap.out b/tests/result/openvpn.pcap.out index bcaf8cd39..be6415b0e 100644 --- a/tests/result/openvpn.pcap.out +++ b/tests/result/openvpn.pcap.out @@ -3,7 +3,7 @@ Guessed flow protos: 0 DPI Packets (TCP): 6 (6.00 pkts/flow) DPI Packets (UDP): 5 (2.50 pkts/flow) Confidence DPI : 3 (flows) -Num dissector calls: 402 (134.00 diss/flow) +Num dissector calls: 403 (134.33 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/result/oracle12.pcapng.out b/tests/result/oracle12.pcapng.out index 1ca8d1ea5..012697de4 100644 --- a/tests/result/oracle12.pcapng.out +++ b/tests/result/oracle12.pcapng.out @@ -2,7 +2,7 @@ Guessed flow protos: 1 DPI Packets (TCP): 20 (20.00 pkts/flow) Confidence Match by port : 1 (flows) -Num dissector calls: 302 (302.00 diss/flow) +Num dissector calls: 303 (303.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/3/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/result/pgsql.pcap.out b/tests/result/pgsql.pcap.out index f5e3439d1..b6d17cff3 100644 --- a/tests/result/pgsql.pcap.out +++ b/tests/result/pgsql.pcap.out @@ -2,7 +2,7 @@ Guessed flow protos: 0 DPI Packets (TCP): 12 (6.00 pkts/flow) Confidence DPI : 2 (flows) -Num dissector calls: 254 (127.00 diss/flow) +Num dissector calls: 256 (128.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/result/pop3.pcap.out b/tests/result/pop3.pcap.out index c80e22ff3..bc5e75c33 100644 --- a/tests/result/pop3.pcap.out +++ b/tests/result/pop3.pcap.out @@ -2,7 +2,7 @@ Guessed flow protos: 0 DPI Packets (TCP): 10 (10.00 pkts/flow) Confidence DPI : 1 (flows) -Num dissector calls: 183 (183.00 diss/flow) +Num dissector calls: 184 (184.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/result/pop3_stls.pcap.out b/tests/result/pop3_stls.pcap.out index 3927f2d0b..0658772cf 100644 --- a/tests/result/pop3_stls.pcap.out +++ b/tests/result/pop3_stls.pcap.out @@ -2,7 +2,7 @@ Guessed flow protos: 0 DPI Packets (TCP): 18 (18.00 pkts/flow) Confidence DPI : 1 (flows) -Num dissector calls: 238 (238.00 diss/flow) +Num dissector calls: 239 (239.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/result/reasm_crash_anon.pcapng.out b/tests/result/reasm_crash_anon.pcapng.out index 2b495bb98..2a4b5ce72 100644 --- a/tests/result/reasm_crash_anon.pcapng.out +++ b/tests/result/reasm_crash_anon.pcapng.out @@ -2,7 +2,7 @@ Guessed flow protos: 1 DPI Packets (TCP): 33 (33.00 pkts/flow) Confidence Unknown : 1 (flows) -Num dissector calls: 340 (340.00 diss/flow) +Num dissector calls: 341 (341.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/3/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/result/reasm_segv_anon.pcapng.out b/tests/result/reasm_segv_anon.pcapng.out index d98568a58..beea2e0d2 100644 --- a/tests/result/reasm_segv_anon.pcapng.out +++ b/tests/result/reasm_segv_anon.pcapng.out @@ -2,7 +2,7 @@ Guessed flow protos: 1 DPI Packets (TCP): 33 (33.00 pkts/flow) Confidence Match by port : 1 (flows) -Num dissector calls: 270 (270.00 diss/flow) +Num dissector calls: 271 (271.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/3/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/result/rsh.pcap.out b/tests/result/rsh.pcap.out index 9d70bd454..94dc2100d 100644 --- a/tests/result/rsh.pcap.out +++ b/tests/result/rsh.pcap.out @@ -2,7 +2,7 @@ Guessed flow protos: 0 DPI Packets (TCP): 12 (6.00 pkts/flow) Confidence DPI : 2 (flows) -Num dissector calls: 308 (154.00 diss/flow) +Num dissector calls: 310 (155.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/result/rsync.pcap.out b/tests/result/rsync.pcap.out index 4ddd84fbc..96e1c24c1 100644 --- a/tests/result/rsync.pcap.out +++ b/tests/result/rsync.pcap.out @@ -2,7 +2,7 @@ Guessed flow protos: 0 DPI Packets (TCP): 9 (9.00 pkts/flow) Confidence DPI : 1 (flows) -Num dissector calls: 176 (176.00 diss/flow) +Num dissector calls: 177 (177.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/result/rtmp.pcap.out b/tests/result/rtmp.pcap.out index d275c0dc8..05cb33c6a 100644 --- a/tests/result/rtmp.pcap.out +++ b/tests/result/rtmp.pcap.out @@ -2,7 +2,7 @@ Guessed flow protos: 0 DPI Packets (TCP): 8 (8.00 pkts/flow) Confidence DPI : 1 (flows) -Num dissector calls: 157 (157.00 diss/flow) +Num dissector calls: 158 (158.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/result/skype.pcap.out b/tests/result/skype.pcap.out index 2bde508d8..02d9abdc3 100644 --- a/tests/result/skype.pcap.out +++ b/tests/result/skype.pcap.out @@ -6,7 +6,7 @@ DPI Packets (other): 5 (1.00 pkts/flow) Confidence Unknown : 59 (flows) Confidence Match by port : 28 (flows) Confidence DPI : 206 (flows) -Num dissector calls: 29020 (99.04 diss/flow) +Num dissector calls: 29106 (99.34 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/213/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/result/skype_no_unknown.pcap.out b/tests/result/skype_no_unknown.pcap.out index 18318bacf..42efe9300 100644 --- a/tests/result/skype_no_unknown.pcap.out +++ b/tests/result/skype_no_unknown.pcap.out @@ -6,7 +6,7 @@ DPI Packets (other): 5 (1.00 pkts/flow) Confidence Unknown : 44 (flows) Confidence Match by port : 22 (flows) Confidence DPI : 201 (flows) -Num dissector calls: 24123 (90.35 diss/flow) +Num dissector calls: 24187 (90.59 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/156/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/result/smb_frags.pcap.out b/tests/result/smb_frags.pcap.out index 31b28ffa6..7b9318075 100644 --- a/tests/result/smb_frags.pcap.out +++ b/tests/result/smb_frags.pcap.out @@ -2,7 +2,7 @@ Guessed flow protos: 0 DPI Packets (TCP): 5 (5.00 pkts/flow) Confidence DPI : 1 (flows) -Num dissector calls: 157 (157.00 diss/flow) +Num dissector calls: 158 (158.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/result/smbv1.pcap.out b/tests/result/smbv1.pcap.out index ec5a29bfc..22725a8e7 100644 --- a/tests/result/smbv1.pcap.out +++ b/tests/result/smbv1.pcap.out @@ -2,7 +2,7 @@ Guessed flow protos: 0 DPI Packets (TCP): 3 (3.00 pkts/flow) Confidence DPI : 1 (flows) -Num dissector calls: 159 (159.00 diss/flow) +Num dissector calls: 160 (160.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/result/smtp-starttls.pcap.out b/tests/result/smtp-starttls.pcap.out index 8580cfcee..5b0103628 100644 --- a/tests/result/smtp-starttls.pcap.out +++ b/tests/result/smtp-starttls.pcap.out @@ -2,7 +2,7 @@ Guessed flow protos: 0 DPI Packets (TCP): 26 (13.00 pkts/flow) Confidence DPI : 2 (flows) -Num dissector calls: 154 (77.00 diss/flow) +Num dissector calls: 155 (77.50 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/result/smtp.pcap.out b/tests/result/smtp.pcap.out index dbcbd3df2..3c59d9980 100644 --- a/tests/result/smtp.pcap.out +++ b/tests/result/smtp.pcap.out @@ -2,7 +2,7 @@ Guessed flow protos: 0 DPI Packets (TCP): 11 (11.00 pkts/flow) Confidence DPI : 1 (flows) -Num dissector calls: 202 (202.00 diss/flow) +Num dissector calls: 203 (203.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/result/soap.pcap.out b/tests/result/soap.pcap.out index 705180b29..98ac156a2 100644 --- a/tests/result/soap.pcap.out +++ b/tests/result/soap.pcap.out @@ -3,7 +3,7 @@ Guessed flow protos: 2 DPI Packets (TCP): 20 (6.67 pkts/flow) Confidence Match by port : 1 (flows) Confidence DPI : 2 (flows) -Num dissector calls: 387 (129.00 diss/flow) +Num dissector calls: 389 (129.67 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/result/socks-http-example.pcap.out b/tests/result/socks-http-example.pcap.out index 56744eef3..5f3b20f37 100644 --- a/tests/result/socks-http-example.pcap.out +++ b/tests/result/socks-http-example.pcap.out @@ -3,7 +3,7 @@ Guessed flow protos: 1 DPI Packets (TCP): 29 (9.67 pkts/flow) Confidence Match by port : 1 (flows) Confidence DPI : 2 (flows) -Num dissector calls: 491 (163.67 diss/flow) +Num dissector calls: 494 (164.67 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/result/starcraft_battle.pcap.out b/tests/result/starcraft_battle.pcap.out index cefcd0586..423778bf1 100644 --- a/tests/result/starcraft_battle.pcap.out +++ b/tests/result/starcraft_battle.pcap.out @@ -6,7 +6,7 @@ DPI Packets (other): 1 (1.00 pkts/flow) Confidence Unknown : 2 (flows) Confidence Match by port : 11 (flows) Confidence DPI : 39 (flows) -Num dissector calls: 1522 (29.27 diss/flow) +Num dissector calls: 1525 (29.33 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/6/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/result/stun.pcap.out b/tests/result/stun.pcap.out index 456f6cb75..ca1e01a21 100644 --- a/tests/result/stun.pcap.out +++ b/tests/result/stun.pcap.out @@ -3,7 +3,7 @@ Guessed flow protos: 0 DPI Packets (TCP): 4 (4.00 pkts/flow) DPI Packets (UDP): 13 (4.33 pkts/flow) Confidence DPI : 4 (flows) -Num dissector calls: 586 (146.50 diss/flow) +Num dissector calls: 587 (146.75 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/result/synscan.pcap.out b/tests/result/synscan.pcap.out index 5fd01eab9..5a5e03901 100644 --- a/tests/result/synscan.pcap.out +++ b/tests/result/synscan.pcap.out @@ -121,7 +121,7 @@ iSCSI 2 116 2 44 TCP 172.16.0.8:36050 -> 64.13.134.52:2605 [proto: 13/BGP][IP: 0/Unknown][ClearText][Confidence: Match by port][cat: Network/14][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] 45 TCP 172.16.0.8:36050 -> 64.13.134.52:3000 [proto: 26/ntop][IP: 0/Unknown][ClearText][Confidence: Match by port][cat: Network/14][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] 46 TCP 172.16.0.8:36050 -> 64.13.134.52:3128 [proto: 131/HTTP_Proxy][IP: 0/Unknown][ClearText][Confidence: Match by port][cat: Web/5][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 47 TCP 172.16.0.8:36050 -> 64.13.134.52:3260 [proto: 329/iSCSI][IP: 0/Unknown][ClearText][Confidence: Match by port][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 47 TCP 172.16.0.8:36050 -> 64.13.134.52:3260 [proto: 330/iSCSI][IP: 0/Unknown][ClearText][Confidence: Match by port][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] 48 TCP 172.16.0.8:36050 -> 64.13.134.52:3306 [proto: 20/MySQL][IP: 0/Unknown][ClearText][Confidence: Match by port][cat: Database/11][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] 49 TCP 172.16.0.8:36050 -> 64.13.134.52:3389 [proto: 88/RDP][IP: 0/Unknown][ClearText][Confidence: Match by port][cat: RemoteAccess/12][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Desktop/File Sharing **** Unidirectional Traffic **][Risk Score: 20][Risk Info: No server to client traffic / Found RDP][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] 50 TCP 172.16.0.8:36050 -> 64.13.134.52:4343 [proto: 170/Whois-DAS][IP: 0/Unknown][ClearText][Confidence: Match by port][cat: Network/14][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] @@ -183,7 +183,7 @@ iSCSI 2 116 2 106 TCP 172.16.0.8:36051 -> 64.13.134.52:2605 [proto: 13/BGP][IP: 0/Unknown][ClearText][Confidence: Match by port][cat: Network/14][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] 107 TCP 172.16.0.8:36051 -> 64.13.134.52:3000 [proto: 26/ntop][IP: 0/Unknown][ClearText][Confidence: Match by port][cat: Network/14][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] 108 TCP 172.16.0.8:36051 -> 64.13.134.52:3128 [proto: 131/HTTP_Proxy][IP: 0/Unknown][ClearText][Confidence: Match by port][cat: Web/5][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 109 TCP 172.16.0.8:36051 -> 64.13.134.52:3260 [proto: 329/iSCSI][IP: 0/Unknown][ClearText][Confidence: Match by port][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 109 TCP 172.16.0.8:36051 -> 64.13.134.52:3260 [proto: 330/iSCSI][IP: 0/Unknown][ClearText][Confidence: Match by port][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] 110 TCP 172.16.0.8:36051 -> 64.13.134.52:3306 [proto: 20/MySQL][IP: 0/Unknown][ClearText][Confidence: Match by port][cat: Database/11][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] 111 TCP 172.16.0.8:36051 -> 64.13.134.52:3389 [proto: 88/RDP][IP: 0/Unknown][ClearText][Confidence: Match by port][cat: RemoteAccess/12][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Desktop/File Sharing **** Unidirectional Traffic **][Risk Score: 20][Risk Info: No server to client traffic / Found RDP][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] 112 TCP 172.16.0.8:36051 -> 64.13.134.52:4343 [proto: 170/Whois-DAS][IP: 0/Unknown][ClearText][Confidence: Match by port][cat: Network/14][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] diff --git a/tests/result/teams.pcap.out b/tests/result/teams.pcap.out index aa8bbdf49..fe5afa749 100644 --- a/tests/result/teams.pcap.out +++ b/tests/result/teams.pcap.out @@ -7,7 +7,7 @@ Confidence Unknown : 1 (flows) Confidence Match by port : 1 (flows) Confidence DPI (partial) : 1 (flows) Confidence DPI : 80 (flows) -Num dissector calls: 610 (7.35 diss/flow) +Num dissector calls: 611 (7.36 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/6/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/result/telnet.pcap.out b/tests/result/telnet.pcap.out index e14a8e11e..59fea57b2 100644 --- a/tests/result/telnet.pcap.out +++ b/tests/result/telnet.pcap.out @@ -2,7 +2,7 @@ Guessed flow protos: 0 DPI Packets (TCP): 33 (33.00 pkts/flow) Confidence DPI : 1 (flows) -Num dissector calls: 156 (156.00 diss/flow) +Num dissector calls: 157 (157.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/result/threema.pcap.out b/tests/result/threema.pcap.out index cd18f29d7..f9d6dc85e 100644 --- a/tests/result/threema.pcap.out +++ b/tests/result/threema.pcap.out @@ -3,7 +3,7 @@ Guessed flow protos: 2 DPI Packets (TCP): 66 (11.00 pkts/flow) Confidence Unknown : 2 (flows) Confidence DPI : 4 (flows) -Num dissector calls: 1290 (215.00 diss/flow) +Num dissector calls: 1296 (216.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/6/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/result/tinc.pcap.out b/tests/result/tinc.pcap.out index 51d65a70b..5b98b8ae1 100644 --- a/tests/result/tinc.pcap.out +++ b/tests/result/tinc.pcap.out @@ -4,7 +4,7 @@ DPI Packets (TCP): 19 (9.50 pkts/flow) DPI Packets (UDP): 2 (1.00 pkts/flow) Confidence DPI (cache) : 2 (flows) Confidence DPI : 2 (flows) -Num dissector calls: 538 (134.50 diss/flow) +Num dissector calls: 540 (135.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/result/tls-appdata.pcap.out b/tests/result/tls-appdata.pcap.out index bad823a3a..085545584 100644 --- a/tests/result/tls-appdata.pcap.out +++ b/tests/result/tls-appdata.pcap.out @@ -2,7 +2,7 @@ Guessed flow protos: 1 DPI Packets (TCP): 17 (8.50 pkts/flow) Confidence DPI : 2 (flows) -Num dissector calls: 128 (64.00 diss/flow) +Num dissector calls: 129 (64.50 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/result/tls_certificate_too_long.pcap.out b/tests/result/tls_certificate_too_long.pcap.out index 0c319351f..9736f8634 100644 --- a/tests/result/tls_certificate_too_long.pcap.out +++ b/tests/result/tls_certificate_too_long.pcap.out @@ -6,7 +6,7 @@ DPI Packets (other): 2 (1.00 pkts/flow) Confidence Unknown : 1 (flows) Confidence Match by port : 1 (flows) Confidence DPI : 33 (flows) -Num dissector calls: 611 (17.46 diss/flow) +Num dissector calls: 614 (17.54 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/3/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/result/tls_false_positives.pcapng.out b/tests/result/tls_false_positives.pcapng.out index 6d9c6fdfc..28d22b2d9 100644 --- a/tests/result/tls_false_positives.pcapng.out +++ b/tests/result/tls_false_positives.pcapng.out @@ -2,7 +2,7 @@ Guessed flow protos: 1 DPI Packets (TCP): 30 (30.00 pkts/flow) Confidence Unknown : 1 (flows) -Num dissector calls: 439 (439.00 diss/flow) +Num dissector calls: 440 (440.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/3/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/result/tls_invalid_reads.pcap.out b/tests/result/tls_invalid_reads.pcap.out index b628c98d1..ee2ba43e3 100644 --- a/tests/result/tls_invalid_reads.pcap.out +++ b/tests/result/tls_invalid_reads.pcap.out @@ -3,7 +3,7 @@ Guessed flow protos: 2 DPI Packets (TCP): 10 (3.33 pkts/flow) Confidence Match by port : 1 (flows) Confidence DPI : 2 (flows) -Num dissector calls: 128 (42.67 diss/flow) +Num dissector calls: 129 (43.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/result/tls_missing_ch_frag.pcap.out b/tests/result/tls_missing_ch_frag.pcap.out index d6e41219a..c5dee47a5 100644 --- a/tests/result/tls_missing_ch_frag.pcap.out +++ b/tests/result/tls_missing_ch_frag.pcap.out @@ -2,7 +2,7 @@ Guessed flow protos: 0 DPI Packets (TCP): 3 (3.00 pkts/flow) Confidence DPI : 1 (flows) -Num dissector calls: 127 (127.00 diss/flow) +Num dissector calls: 128 (128.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/result/viber.pcap.out b/tests/result/viber.pcap.out index 68cc677a2..34c954d78 100644 --- a/tests/result/viber.pcap.out +++ b/tests/result/viber.pcap.out @@ -6,7 +6,7 @@ DPI Packets (other): 2 (1.00 pkts/flow) Confidence Unknown : 1 (flows) Confidence Match by port : 3 (flows) Confidence DPI : 25 (flows) -Num dissector calls: 548 (18.90 diss/flow) +Num dissector calls: 549 (18.93 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/6/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/result/vnc.pcap.out b/tests/result/vnc.pcap.out index 2fe238ecc..231d52d5a 100644 --- a/tests/result/vnc.pcap.out +++ b/tests/result/vnc.pcap.out @@ -2,7 +2,7 @@ Guessed flow protos: 0 DPI Packets (TCP): 10 (5.00 pkts/flow) Confidence DPI : 2 (flows) -Num dissector calls: 268 (134.00 diss/flow) +Num dissector calls: 270 (135.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/result/wa_video.pcap.out b/tests/result/wa_video.pcap.out index a8dc4aebe..045e5621f 100644 --- a/tests/result/wa_video.pcap.out +++ b/tests/result/wa_video.pcap.out @@ -4,7 +4,7 @@ DPI Packets (TCP): 33 (33.00 pkts/flow) DPI Packets (UDP): 13 (1.00 pkts/flow) Confidence Unknown : 1 (flows) Confidence DPI : 13 (flows) -Num dissector calls: 536 (38.29 diss/flow) +Num dissector calls: 537 (38.36 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/3/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/result/waze.pcap.out b/tests/result/waze.pcap.out index 0d99324f9..495d08aa4 100644 --- a/tests/result/waze.pcap.out +++ b/tests/result/waze.pcap.out @@ -5,7 +5,7 @@ DPI Packets (UDP): 1 (1.00 pkts/flow) Confidence Unknown : 1 (flows) Confidence Match by port : 9 (flows) Confidence DPI : 23 (flows) -Num dissector calls: 386 (11.70 diss/flow) +Num dissector calls: 387 (11.73 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/3/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/result/wechat.pcap.out b/tests/result/wechat.pcap.out index 13684a271..eb301f681 100644 --- a/tests/result/wechat.pcap.out +++ b/tests/result/wechat.pcap.out @@ -6,7 +6,7 @@ DPI Packets (other): 7 (1.00 pkts/flow) Confidence Unknown : 1 (flows) Confidence Match by port : 24 (flows) Confidence DPI : 78 (flows) -Num dissector calls: 319 (3.10 diss/flow) +Num dissector calls: 320 (3.11 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/3/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/result/whatsapp.pcap.out b/tests/result/whatsapp.pcap.out index a63d1c64d..cc257f62f 100644 --- a/tests/result/whatsapp.pcap.out +++ b/tests/result/whatsapp.pcap.out @@ -2,7 +2,7 @@ Guessed flow protos: 0 DPI Packets (TCP): 344 (4.00 pkts/flow) Confidence DPI : 86 (flows) -Num dissector calls: 12900 (150.00 diss/flow) +Num dissector calls: 12986 (151.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/result/whatsapp_login_chat.pcap.out b/tests/result/whatsapp_login_chat.pcap.out index 7141b1f9f..ab0f87bfd 100644 --- a/tests/result/whatsapp_login_chat.pcap.out +++ b/tests/result/whatsapp_login_chat.pcap.out @@ -3,7 +3,7 @@ Guessed flow protos: 2 DPI Packets (TCP): 17 (5.67 pkts/flow) DPI Packets (UDP): 7 (1.17 pkts/flow) Confidence DPI : 9 (flows) -Num dissector calls: 305 (33.89 diss/flow) +Num dissector calls: 306 (34.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/result/whois.pcapng.out b/tests/result/whois.pcapng.out index d723d51d9..cef45e2cc 100644 --- a/tests/result/whois.pcapng.out +++ b/tests/result/whois.pcapng.out @@ -3,7 +3,7 @@ Guessed flow protos: 1 DPI Packets (TCP): 16 (5.33 pkts/flow) Confidence Match by port : 1 (flows) Confidence DPI : 2 (flows) -Num dissector calls: 189 (63.00 diss/flow) +Num dissector calls: 190 (63.33 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/result/z3950.pcapng.out b/tests/result/z3950.pcapng.out index 99c300eef..fc901042a 100644 --- a/tests/result/z3950.pcapng.out +++ b/tests/result/z3950.pcapng.out @@ -3,7 +3,7 @@ Guessed flow protos: 1 DPI Packets (TCP): 26 (13.00 pkts/flow) Confidence Match by port : 1 (flows) Confidence DPI : 1 (flows) -Num dissector calls: 484 (242.00 diss/flow) +Num dissector calls: 486 (243.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/result/zoom.pcap.out b/tests/result/zoom.pcap.out index 95c8d6a97..826dfec4f 100644 --- a/tests/result/zoom.pcap.out +++ b/tests/result/zoom.pcap.out @@ -5,7 +5,7 @@ DPI Packets (UDP): 29 (1.71 pkts/flow) DPI Packets (other): 2 (1.00 pkts/flow) Confidence Match by port : 2 (flows) Confidence DPI : 31 (flows) -Num dissector calls: 1072 (32.48 diss/flow) +Num dissector calls: 1074 (32.55 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 7/0/0 (insert/search/found) |