From c9ab5573765b605ed56b3f4781124df457ad3b52 Mon Sep 17 00:00:00 2001
From: lns <matzeton@googlemail.com>
Date: Sat, 4 Jun 2022 17:14:06 +0200
Subject: Added RSH dissector. Fixes #202.

 - added syslog false-positive pcap that was missing in 09fbe0a64a11b08a35435f516e9a19f7e0c20d7c
 - added NDPI_ARRAY_LENGTH() macro, usable on `type var[]` declarations

Signed-off-by: lns <matzeton@googlemail.com>
---
 tests/result/rsh-syslog-false-positive.pcap.out | 8 ++++++++
 1 file changed, 8 insertions(+)
 create mode 100644 tests/result/rsh-syslog-false-positive.pcap.out

(limited to 'tests/result/rsh-syslog-false-positive.pcap.out')

diff --git a/tests/result/rsh-syslog-false-positive.pcap.out b/tests/result/rsh-syslog-false-positive.pcap.out
new file mode 100644
index 000000000..a8c44d323
--- /dev/null
+++ b/tests/result/rsh-syslog-false-positive.pcap.out
@@ -0,0 +1,8 @@
+Guessed flow protos:	0
+
+DPI Packets (TCP):	6	(6.00 pkts/flow)
+Confidence DPI              : 1 (flows)
+
+RSH	6	3335	1
+
+	1	TCP 172.31.78.129:9039 -> 172.29.43.201:514 [proto: 294/RSH][ClearText][Confidence: DPI][cat: RemoteAccess/12][6 pkts/3335 bytes -> 0 pkts/0 bytes][Goodput ratio: 91/0][0.08 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 11/0 16/0 26/0 6/0][Pkt Len c2s/s2c min/avg/max/stddev: 292/0 556/0 844/0 212/0][Risk: ** Unsafe Protocol **][Risk Score: 10][PLAIN TEXT (52.926451)][Plen Bins: 0,0,0,0,0,0,0,34,0,0,0,0,0,16,0,0,0,0,16,0,0,16,0,0,16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
-- 
cgit v1.2.3