From 9a0affc6aa40960791f83ea0453c8c86d1b34f6e Mon Sep 17 00:00:00 2001
From: Vladimir Gavrilov <105977161+0xA50C1A1@users.noreply.github.com>
Date: Thu, 25 Jan 2024 13:12:08 +0300
Subject: Improve MySQL detection (#2279)

* Improve MySQL detection

* Update copyright
---
 tests/cfgs/default/pcap/mysql-8.pcap       | Bin 7656 -> 0 bytes
 tests/cfgs/default/pcap/mysql.pcapng       | Bin 0 -> 8544 bytes
 tests/cfgs/default/result/mysql-8.pcap.out |  29 -----------------------------
 tests/cfgs/default/result/mysql.pcapng.out |  29 +++++++++++++++++++++++++++++
 4 files changed, 29 insertions(+), 29 deletions(-)
 delete mode 100644 tests/cfgs/default/pcap/mysql-8.pcap
 create mode 100644 tests/cfgs/default/pcap/mysql.pcapng
 delete mode 100644 tests/cfgs/default/result/mysql-8.pcap.out
 create mode 100644 tests/cfgs/default/result/mysql.pcapng.out

(limited to 'tests/cfgs/default')

diff --git a/tests/cfgs/default/pcap/mysql-8.pcap b/tests/cfgs/default/pcap/mysql-8.pcap
deleted file mode 100644
index d20e621eb..000000000
Binary files a/tests/cfgs/default/pcap/mysql-8.pcap and /dev/null differ
diff --git a/tests/cfgs/default/pcap/mysql.pcapng b/tests/cfgs/default/pcap/mysql.pcapng
new file mode 100644
index 000000000..26a633f72
Binary files /dev/null and b/tests/cfgs/default/pcap/mysql.pcapng differ
diff --git a/tests/cfgs/default/result/mysql-8.pcap.out b/tests/cfgs/default/result/mysql-8.pcap.out
deleted file mode 100644
index 0d47e05f1..000000000
--- a/tests/cfgs/default/result/mysql-8.pcap.out
+++ /dev/null
@@ -1,29 +0,0 @@
-DPI Packets (TCP):	8	(4.00 pkts/flow)
-Confidence DPI              : 2 (flows)
-Num dissector calls: 2 (1.00 diss/flow)
-LRU cache ookla:      0/0/0 (insert/search/found)
-LRU cache bittorrent: 0/0/0 (insert/search/found)
-LRU cache zoom:       0/0/0 (insert/search/found)
-LRU cache stun:       0/0/0 (insert/search/found)
-LRU cache tls_cert:   0/0/0 (insert/search/found)
-LRU cache mining:     0/0/0 (insert/search/found)
-LRU cache msteams:    0/0/0 (insert/search/found)
-LRU cache stun_zoom:  0/0/0 (insert/search/found)
-Automa host:          0/0 (search/found)
-Automa domain:        0/0 (search/found)
-Automa tls cert:      0/0 (search/found)
-Automa risk mask:     0/0 (search/found)
-Automa common alpns:  0/0 (search/found)
-Patricia risk mask:   0/0 (search/found)
-Patricia risk mask IPv6: 0/0 (search/found)
-Patricia risk:        0/0 (search/found)
-Patricia risk IPv6:   0/0 (search/found)
-Patricia protocols:   4/0 (search/found)
-Patricia protocols IPv6: 0/0 (search/found)
-
-MySQL	35	6224	2
-
-Acceptable                      35 6224          2            
-
-	1	TCP 192.168.20.80:47044 <-> 192.168.20.108:3306 [proto: 20/MySQL][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 4][cat: Database/11][15 pkts/1806 bytes <-> 16 pkts/4051 bytes][Goodput ratio: 45/74][2.86 sec][bytes ratio: -0.383 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 260/238 2778/2821 797/779][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 120/253 359/2251 88/522][PLAIN TEXT (8.0.32)][Plen Bins: 7,28,21,7,0,0,0,21,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,7]
-	2	TCP 192.168.1.105:8738 <-> 10.42.18.198:3306 [proto: 20/MySQL][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 4][cat: Database/11][2 pkts/140 bytes <-> 2 pkts/227 bytes][Goodput ratio: 0/38][0.00 sec][PLAIN TEXT (DDDDDD)][Plen Bins: 0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
diff --git a/tests/cfgs/default/result/mysql.pcapng.out b/tests/cfgs/default/result/mysql.pcapng.out
new file mode 100644
index 000000000..113f39ead
--- /dev/null
+++ b/tests/cfgs/default/result/mysql.pcapng.out
@@ -0,0 +1,29 @@
+DPI Packets (TCP):	8	(4.00 pkts/flow)
+Confidence DPI              : 2 (flows)
+Num dissector calls: 2 (1.00 diss/flow)
+LRU cache ookla:      0/0/0 (insert/search/found)
+LRU cache bittorrent: 0/0/0 (insert/search/found)
+LRU cache zoom:       0/0/0 (insert/search/found)
+LRU cache stun:       0/0/0 (insert/search/found)
+LRU cache tls_cert:   0/0/0 (insert/search/found)
+LRU cache mining:     0/0/0 (insert/search/found)
+LRU cache msteams:    0/0/0 (insert/search/found)
+LRU cache stun_zoom:  0/0/0 (insert/search/found)
+Automa host:          0/0 (search/found)
+Automa domain:        0/0 (search/found)
+Automa tls cert:      0/0 (search/found)
+Automa risk mask:     0/0 (search/found)
+Automa common alpns:  0/0 (search/found)
+Patricia risk mask:   0/0 (search/found)
+Patricia risk mask IPv6: 0/0 (search/found)
+Patricia risk:        0/0 (search/found)
+Patricia risk IPv6:   0/0 (search/found)
+Patricia protocols:   4/0 (search/found)
+Patricia protocols IPv6: 0/0 (search/found)
+
+MySQL	41	7009	2
+
+Acceptable                      41 7009          2            
+
+	1	TCP 192.168.88.231:36272 <-> 192.168.88.200:3306 [proto: 20/MySQL][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 4][cat: Database/11][15 pkts/1822 bytes <-> 11 pkts/3715 bytes][Goodput ratio: 45/80][2.47 sec][bytes ratio: -0.342 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 202/6 2386/24 659/9][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 121/338 388/2284 94/622][PLAIN TEXT (8.0.36)][Plen Bins: 21,21,7,14,0,0,0,21,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,7]
+	2	TCP 192.168.88.231:36732 <-> 192.168.88.201:3306 [proto: 20/MySQL][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 4][cat: Database/11][9 pkts/862 bytes <-> 6 pkts/610 bytes][Goodput ratio: 30/34][2.27 sec][bytes ratio: 0.171 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/1 318/0 2222/1 777/0][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 96/102 284/176 67/44][PLAIN TEXT (10.6.12)][Plen Bins: 34,16,16,16,0,0,16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
-- 
cgit v1.2.3