From 2b8e49b02fdf62c0d8857b7fe661e9fb9d353979 Mon Sep 17 00:00:00 2001 From: Toni Uhlig Date: Mon, 8 Jan 2024 23:11:14 +0100 Subject: Add Roughtime protocol dissector. Signed-off-by: Toni Uhlig --- tests/cfgs/default/result/roughtime.pcap.out | 31 ++++++++++++++++++++++++++++ 1 file changed, 31 insertions(+) create mode 100644 tests/cfgs/default/result/roughtime.pcap.out (limited to 'tests/cfgs/default/result/roughtime.pcap.out') diff --git a/tests/cfgs/default/result/roughtime.pcap.out b/tests/cfgs/default/result/roughtime.pcap.out new file mode 100644 index 000000000..61ceca5f7 --- /dev/null +++ b/tests/cfgs/default/result/roughtime.pcap.out @@ -0,0 +1,31 @@ +DPI Packets (UDP): 4 (1.00 pkts/flow) +Confidence DPI : 4 (flows) +Num dissector calls: 4 (1.00 diss/flow) +LRU cache ookla: 0/0/0 (insert/search/found) +LRU cache bittorrent: 0/0/0 (insert/search/found) +LRU cache zoom: 0/0/0 (insert/search/found) +LRU cache stun: 0/0/0 (insert/search/found) +LRU cache tls_cert: 0/0/0 (insert/search/found) +LRU cache mining: 0/0/0 (insert/search/found) +LRU cache msteams: 0/0/0 (insert/search/found) +LRU cache stun_zoom: 0/0/0 (insert/search/found) +Automa host: 0/0 (search/found) +Automa domain: 0/0 (search/found) +Automa tls cert: 0/0 (search/found) +Automa risk mask: 0/0 (search/found) +Automa common alpns: 0/0 (search/found) +Patricia risk mask: 8/0 (search/found) +Patricia risk mask IPv6: 0/0 (search/found) +Patricia risk: 0/0 (search/found) +Patricia risk IPv6: 0/0 (search/found) +Patricia protocols: 6/4 (search/found) +Patricia protocols IPv6: 0/0 (search/found) + +Roughtime 4 2936 4 + +Acceptable 4 2936 4 + + 1 UDP 192.168.2.100:36225 -> 64.233.164.158:2002 [proto: 383/Roughtime][IP: 126/Google][ClearText][Confidence: DPI][DPI packets: 1][cat: System/18][1 pkts/1066 bytes -> 0 pkts/0 bytes][Goodput ratio: 96/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][PLAIN TEXT (NONCPAD)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 2 UDP 192.168.2.100:39393 -> 35.192.98.51:2002 [proto: 383/Roughtime][IP: 284/GoogleCloud][ClearText][Confidence: DPI][DPI packets: 1][cat: System/18][1 pkts/1066 bytes -> 0 pkts/0 bytes][Goodput ratio: 96/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][PLAIN TEXT (NONCPAD)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 3 UDP 35.192.98.51:2002 -> 192.168.2.100:57626 [proto: 383/Roughtime][IP: 284/GoogleCloud][ClearText][Confidence: DPI][DPI packets: 1][cat: System/18][1 pkts/402 bytes -> 0 pkts/0 bytes][Goodput ratio: 89/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][PLAIN TEXT (PATHSREPCERTIND)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 4 UDP 162.159.200.1:2002 -> 192.168.2.100:49021 [proto: 383/Roughtime][IP: 220/Cloudflare][ClearText][Confidence: DPI][DPI packets: 1][cat: System/18][1 pkts/402 bytes -> 0 pkts/0 bytes][Goodput ratio: 89/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][PLAIN TEXT (PATHSREPCERTIND)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] -- cgit v1.2.3