From 212598b45eaf7c00863171974f7da784b03a7db6 Mon Sep 17 00:00:00 2001 From: Darryl Sokoloski Date: Fri, 20 Jul 2018 13:28:38 -0400 Subject: Added example SSDP M-SEARCH capture file. --- tests/pcap/ssdp-m-search.pcap | Bin 0 -> 1525 bytes 1 file changed, 0 insertions(+), 0 deletions(-) create mode 100644 tests/pcap/ssdp-m-search.pcap (limited to 'tests') diff --git a/tests/pcap/ssdp-m-search.pcap b/tests/pcap/ssdp-m-search.pcap new file mode 100644 index 000000000..a71f32227 Binary files /dev/null and b/tests/pcap/ssdp-m-search.pcap differ -- cgit v1.2.3 From a499f369a560107b214e935dfbef22b4534f76a4 Mon Sep 17 00:00:00 2001 From: Luca Date: Sat, 21 Jul 2018 15:20:11 +0200 Subject: Updated results based on the new output format --- tests/result/1kxun.pcap.out | 214 +++++----- tests/result/6in4tunnel.pcap.out | 16 +- tests/result/BGP_Cisco_hdlc_slarp.pcap.out | 2 +- tests/result/BGP_redist.pcap.out | 4 +- tests/result/EAQ.pcap.out | 4 +- tests/result/Instagram.pcap.out | 38 +- tests/result/KakaoTalk_chat.pcap.out | 58 +-- tests/result/KakaoTalk_talk.pcap.out | 18 +- tests/result/NTPv2.pcap.out | 2 +- tests/result/NTPv3.pcap.out | 2 +- tests/result/NTPv4.pcap.out | 2 +- tests/result/Oscar.pcap.out | 2 +- tests/result/ajp.pcap.out | 4 +- tests/result/amqp.pcap.out | 6 +- tests/result/bittorrent.pcap.out | 48 +-- tests/result/bittorrent_utp.pcap.out | 2 +- tests/result/bt_search.pcap.out | 2 +- tests/result/check_mk_new.pcap.out | 2 +- tests/result/coap_mqtt.pcap.out | 24 +- tests/result/dnscrypt.pcap.out | 8 +- tests/result/drda_db2.pcap.out | 2 +- tests/result/dropbox.pcap.out | 70 ++-- tests/result/facebook.pcap.out | 4 +- tests/result/fix.pcap.out | 24 +- tests/result/git.pcap.out | 2 +- tests/result/google_ssl.pcap.out | 2 +- tests/result/hangout.pcap.out | 2 +- tests/result/http_ipv6.pcap.out | 16 +- tests/result/mpeg.pcap.out | 2 +- tests/result/mpegts.pcap.out | 2 +- tests/result/msnms.pcap.out | 12 +- tests/result/mssql_tds.pcap.out | 22 +- tests/result/netflix.pcap.out | 120 +++--- tests/result/nintendo.pcap.out | 28 +- tests/result/ocs.pcap.out | 26 +- tests/result/ookla.pcap.out | 4 +- tests/result/openvpn.pcap.out | 6 +- tests/result/pps.pcap.out | 140 +++---- tests/result/quic.pcap.out | 18 +- tests/result/quickplay.pcap.out | 42 +- tests/result/rx.pcap.out | 10 +- tests/result/sip.pcap.out | 8 +- tests/result/skype-conference-call.pcap.out | 2 +- tests/result/skype.pcap.out | 496 +++++++++++------------ tests/result/skype_no_unknown.pcap.out | 450 ++++++++++---------- tests/result/smpp_in_general.pcap.out | 2 +- tests/result/snapchat.pcap.out | 6 +- tests/result/starcraft_battle.pcap.out | 58 +-- tests/result/tinc.pcap.out | 8 +- tests/result/tor.pcap.out | 20 +- tests/result/ubntac2.pcap.out | 16 +- tests/result/viber.pcap.out | 38 +- tests/result/vnc.pcap.out | 4 +- tests/result/waze.pcap.out | 46 +-- tests/result/webex.pcap.out | 78 ++-- tests/result/wechat.pcap.out | 144 +++---- tests/result/weibo.pcap.out | 48 +-- tests/result/whatsapp_login_call.pcap.out | 38 +- tests/result/whatsapp_login_chat.pcap.out | 16 +- tests/result/whatsapp_voice_and_message.pcap.out | 10 +- tests/result/whatsappfiles.pcap.out | 4 +- tests/result/youtube_quic.pcap.out | 6 +- tests/result/youtubeupload.pcap.out | 6 +- 63 files changed, 1258 insertions(+), 1258 deletions(-) (limited to 'tests') diff --git a/tests/result/1kxun.pcap.out b/tests/result/1kxun.pcap.out index efbc2dba9..260e8c485 100644 --- a/tests/result/1kxun.pcap.out +++ b/tests/result/1kxun.pcap.out @@ -16,121 +16,121 @@ Google 3 176 1 LLMNR 89 6799 47 1kxun 433 311919 14 - 1 TCP 192.168.115.8:49613 <-> 183.131.48.144:80 [proto: 7.29/HTTP.SMTPS][cat: Email][260 pkts/15070 bytes <-> 159 pkts/168623 bytes][Host: 183.131.48.144] - 2 TCP 192.168.115.8:49600 <-> 106.187.35.246:80 [proto: 7.205/HTTP.1kxun][cat: Streaming][18 pkts/1722 bytes <-> 51 pkts/61707 bytes][Host: pic.1kxun.com] - 3 TCP 192.168.115.8:49601 <-> 106.187.35.246:80 [proto: 7.205/HTTP.1kxun][cat: Streaming][18 pkts/2440 bytes <-> 43 pkts/49237 bytes][Host: pic.1kxun.com] - 4 TCP 192.168.115.8:49602 <-> 106.187.35.246:80 [proto: 7.205/HTTP.1kxun][cat: Streaming][24 pkts/2786 bytes <-> 41 pkts/46203 bytes][Host: pic.1kxun.com] - 5 TCP 192.168.115.8:49604 <-> 106.187.35.246:80 [proto: 7.205/HTTP.1kxun][cat: Streaming][20 pkts/2564 bytes <-> 38 pkts/43013 bytes][Host: pic.1kxun.com] - 6 TCP 192.168.115.8:49606 <-> 106.185.35.110:80 [proto: 7.205/HTTP.1kxun][cat: Streaming][22 pkts/1926 bytes <-> 28 pkts/33821 bytes][Host: jp.kankan.1kxun.mobi] - 7 TCP 192.168.115.8:49599 <-> 106.187.35.246:80 [proto: 7.205/HTTP.1kxun][cat: Streaming][16 pkts/1612 bytes <-> 27 pkts/29579 bytes][Host: pic.1kxun.com] - 8 TCP 192.168.115.8:49603 <-> 106.187.35.246:80 [proto: 7.205/HTTP.1kxun][cat: Streaming][12 pkts/1396 bytes <-> 22 pkts/24184 bytes][Host: pic.1kxun.com] - 9 TCP 192.168.115.8:49609 <-> 42.120.51.152:8080 [proto: 7/HTTP][cat: Web][20 pkts/4716 bytes <-> 13 pkts/7005 bytes][Host: 42.120.51.152] - 10 TCP 192.168.5.16:53627 <-> 203.69.81.73:80 [proto: 7/HTTP][cat: Web][6 pkts/676 bytes <-> 8 pkts/8822 bytes][Host: dl-obs.official.line.naver.jp] - 11 TCP 192.168.5.16:53628 <-> 203.69.81.73:80 [proto: 7/HTTP][cat: Web][6 pkts/676 bytes <-> 8 pkts/8482 bytes][Host: dl-obs.official.line.naver.jp] - 12 UDP [fe80::9bd:81dd:2fdc:5750]:1900 -> [ff02::c]:1900 [proto: 12/SSDP][cat: System][16 pkts/8921 bytes -> 0 pkts/0 bytes] - 13 UDP 192.168.5.49:1900 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System][16 pkts/8473 bytes -> 0 pkts/0 bytes] + 1 TCP 192.168.115.8:49613 <-> 183.131.48.144:80 [proto: 7.29/HTTP.SMTPS][cat: Email/3][260 pkts/15070 bytes <-> 159 pkts/168623 bytes][Host: 183.131.48.144] + 2 TCP 192.168.115.8:49600 <-> 106.187.35.246:80 [proto: 7.205/HTTP.1kxun][cat: Streaming/17][18 pkts/1722 bytes <-> 51 pkts/61707 bytes][Host: pic.1kxun.com] + 3 TCP 192.168.115.8:49601 <-> 106.187.35.246:80 [proto: 7.205/HTTP.1kxun][cat: Streaming/17][18 pkts/2440 bytes <-> 43 pkts/49237 bytes][Host: pic.1kxun.com] + 4 TCP 192.168.115.8:49602 <-> 106.187.35.246:80 [proto: 7.205/HTTP.1kxun][cat: Streaming/17][24 pkts/2786 bytes <-> 41 pkts/46203 bytes][Host: pic.1kxun.com] + 5 TCP 192.168.115.8:49604 <-> 106.187.35.246:80 [proto: 7.205/HTTP.1kxun][cat: Streaming/17][20 pkts/2564 bytes <-> 38 pkts/43013 bytes][Host: pic.1kxun.com] + 6 TCP 192.168.115.8:49606 <-> 106.185.35.110:80 [proto: 7.205/HTTP.1kxun][cat: Streaming/17][22 pkts/1926 bytes <-> 28 pkts/33821 bytes][Host: jp.kankan.1kxun.mobi] + 7 TCP 192.168.115.8:49599 <-> 106.187.35.246:80 [proto: 7.205/HTTP.1kxun][cat: Streaming/17][16 pkts/1612 bytes <-> 27 pkts/29579 bytes][Host: pic.1kxun.com] + 8 TCP 192.168.115.8:49603 <-> 106.187.35.246:80 [proto: 7.205/HTTP.1kxun][cat: Streaming/17][12 pkts/1396 bytes <-> 22 pkts/24184 bytes][Host: pic.1kxun.com] + 9 TCP 192.168.115.8:49609 <-> 42.120.51.152:8080 [proto: 7/HTTP][cat: Web/5][20 pkts/4716 bytes <-> 13 pkts/7005 bytes][Host: 42.120.51.152] + 10 TCP 192.168.5.16:53627 <-> 203.69.81.73:80 [proto: 7/HTTP][cat: Web/5][6 pkts/676 bytes <-> 8 pkts/8822 bytes][Host: dl-obs.official.line.naver.jp] + 11 TCP 192.168.5.16:53628 <-> 203.69.81.73:80 [proto: 7/HTTP][cat: Web/5][6 pkts/676 bytes <-> 8 pkts/8482 bytes][Host: dl-obs.official.line.naver.jp] + 12 UDP [fe80::9bd:81dd:2fdc:5750]:1900 -> [ff02::c]:1900 [proto: 12/SSDP][cat: System/18][16 pkts/8921 bytes -> 0 pkts/0 bytes] + 13 UDP 192.168.5.49:1900 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][16 pkts/8473 bytes -> 0 pkts/0 bytes] 14 TCP 119.235.235.84:443 <-> 192.168.5.16:53406 [proto: 91/SSL][13 pkts/6269 bytes <-> 10 pkts/1165 bytes] - 15 TCP 192.168.115.8:49608 <-> 203.205.151.234:80 [proto: 7.48/HTTP.QQ][cat: Chat][18 pkts/3550 bytes <-> 7 pkts/1400 bytes][Host: vv.video.qq.com] - 16 UDP 192.168.119.1:67 -> 255.255.255.255:68 [proto: 18/DHCP][cat: Network][14 pkts/4788 bytes -> 0 pkts/0 bytes] + 15 TCP 192.168.115.8:49608 <-> 203.205.151.234:80 [proto: 7.48/HTTP.QQ][cat: Chat/9][18 pkts/3550 bytes <-> 7 pkts/1400 bytes][Host: vv.video.qq.com] + 16 UDP 192.168.119.1:67 -> 255.255.255.255:68 [proto: 18/DHCP][cat: Network/14][14 pkts/4788 bytes -> 0 pkts/0 bytes] 17 TCP 192.168.5.16:53580 <-> 31.13.87.36:443 [proto: 91.119/SSL.Facebook][4 pkts/2050 bytes <-> 5 pkts/2297 bytes] - 18 TCP 192.168.5.16:53623 <-> 192.168.115.75:443 [proto: 91/SSL][cat: Web][11 pkts/1959 bytes <-> 8 pkts/1683 bytes][client: 1] - 19 TCP 192.168.5.16:53625 <-> 192.168.115.75:443 [proto: 91/SSL][cat: Web][11 pkts/1955 bytes <-> 8 pkts/1683 bytes][client: 1] - 20 TCP 192.168.5.16:53629 <-> 192.168.115.75:443 [proto: 91/SSL][cat: Web][10 pkts/1895 bytes <-> 7 pkts/1623 bytes][client: 1] - 21 TCP 192.168.115.8:49605 <-> 106.185.35.110:80 [proto: 7.205/HTTP.1kxun][cat: Streaming][8 pkts/1128 bytes <-> 5 pkts/2282 bytes][Host: jp.kankan.1kxun.mobi] - 22 TCP 192.168.5.16:53626 <-> 192.168.115.75:443 [proto: 91/SSL][cat: Web][11 pkts/1943 bytes <-> 8 pkts/1267 bytes][client: 1] - 23 TCP 192.168.115.8:49597 <-> 106.185.35.110:80 [proto: 7.205/HTTP.1kxun][cat: Streaming][10 pkts/1394 bytes <-> 4 pkts/1464 bytes][Host: jp.kankan.1kxun.mobi] + 18 TCP 192.168.5.16:53623 <-> 192.168.115.75:443 [proto: 91/SSL][cat: Web/5][11 pkts/1959 bytes <-> 8 pkts/1683 bytes][client: 1] + 19 TCP 192.168.5.16:53625 <-> 192.168.115.75:443 [proto: 91/SSL][cat: Web/5][11 pkts/1955 bytes <-> 8 pkts/1683 bytes][client: 1] + 20 TCP 192.168.5.16:53629 <-> 192.168.115.75:443 [proto: 91/SSL][cat: Web/5][10 pkts/1895 bytes <-> 7 pkts/1623 bytes][client: 1] + 21 TCP 192.168.115.8:49605 <-> 106.185.35.110:80 [proto: 7.205/HTTP.1kxun][cat: Streaming/17][8 pkts/1128 bytes <-> 5 pkts/2282 bytes][Host: jp.kankan.1kxun.mobi] + 22 TCP 192.168.5.16:53626 <-> 192.168.115.75:443 [proto: 91/SSL][cat: Web/5][11 pkts/1943 bytes <-> 8 pkts/1267 bytes][client: 1] + 23 TCP 192.168.115.8:49597 <-> 106.185.35.110:80 [proto: 7.205/HTTP.1kxun][cat: Streaming/17][10 pkts/1394 bytes <-> 4 pkts/1464 bytes][Host: jp.kankan.1kxun.mobi] 24 TCP 31.13.87.1:443 <-> 192.168.5.16:53578 [proto: 91.119/SSL.Facebook][5 pkts/1006 bytes <-> 5 pkts/1487 bytes] - 25 UDP 192.168.5.57:55809 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System][14 pkts/2450 bytes -> 0 pkts/0 bytes] - 26 TCP 192.168.115.8:49598 <-> 222.73.254.167:80 [proto: 7.205/HTTP.1kxun][cat: Streaming][10 pkts/1406 bytes <-> 4 pkts/980 bytes][Host: kankan.1kxun.com] - 27 TCP 192.168.115.8:49612 <-> 183.131.48.145:80 [proto: 7/HTTP][cat: Web][10 pkts/1428 bytes <-> 4 pkts/867 bytes][Host: 183.131.48.145] - 28 UDP 192.168.5.44:51389 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System][13 pkts/2275 bytes -> 0 pkts/0 bytes] - 29 UDP 192.168.3.95:59468 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System][12 pkts/2100 bytes -> 0 pkts/0 bytes] - 30 UDP 192.168.5.9:55484 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System][12 pkts/2100 bytes -> 0 pkts/0 bytes] - 31 TCP 192.168.5.16:53624 <-> 68.233.253.133:80 [proto: 7/HTTP][cat: Web][7 pkts/996 bytes <-> 5 pkts/986 bytes][Host: api.magicansoft.com] - 32 UDP 192.168.101.33:55485 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System][10 pkts/1750 bytes -> 0 pkts/0 bytes] - 33 UDP 192.168.5.49:51704 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System][9 pkts/1611 bytes -> 0 pkts/0 bytes] - 34 UDP 192.168.5.50:64674 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System][9 pkts/1611 bytes -> 0 pkts/0 bytes] - 35 UDP 192.168.5.37:57325 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System][9 pkts/1575 bytes -> 0 pkts/0 bytes] - 36 TCP 192.168.115.8:49607 <-> 218.244.135.170:9099 [proto: 7/HTTP][cat: Web][10 pkts/880 bytes <-> 3 pkts/572 bytes][Host: 218.244.135.170] - 37 UDP 192.168.5.47:60267 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System][8 pkts/1432 bytes -> 0 pkts/0 bytes] - 38 UDP 192.168.5.41:55312 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System][8 pkts/1400 bytes -> 0 pkts/0 bytes] - 39 UDP 0.0.0.0:68 -> 255.255.255.255:67 [proto: 18/DHCP][cat: Network][4 pkts/1368 bytes -> 0 pkts/0 bytes][Host: shen] - 40 UDP 192.168.5.16:68 <-> 192.168.119.1:67 [proto: 18/DHCP][cat: Network][2 pkts/684 bytes <-> 2 pkts/684 bytes][Host: macbook-air] - 41 UDP 192.168.5.48:49701 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System][7 pkts/1253 bytes -> 0 pkts/0 bytes] - 42 UDP 192.168.3.236:137 -> 192.168.255.255:137 [proto: 10/NetBIOS][cat: System][13 pkts/1196 bytes -> 0 pkts/0 bytes] - 43 UDP 192.168.5.45:138 -> 192.168.255.255:138 [proto: 10/NetBIOS][cat: System][3 pkts/648 bytes -> 0 pkts/0 bytes] - 44 UDP 192.168.115.8:137 -> 192.168.255.255:137 [proto: 10/NetBIOS][cat: System][6 pkts/552 bytes -> 0 pkts/0 bytes] - 45 UDP 192.168.5.67:138 -> 192.168.255.255:138 [proto: 10/NetBIOS][cat: System][2 pkts/549 bytes -> 0 pkts/0 bytes] - 46 UDP [fe80::406:55a8:6453:25dd]:546 -> [ff02::1:2]:547 [proto: 103/DHCPV6][cat: Network][5 pkts/490 bytes -> 0 pkts/0 bytes] - 47 UDP [fe80::beee:7bff:fe0c:b3de]:546 -> [ff02::1:2]:547 [proto: 103/DHCPV6][cat: Network][4 pkts/392 bytes -> 0 pkts/0 bytes] - 48 UDP 192.168.5.16:63372 <-> 168.95.1.1:53 [proto: 5/DNS][cat: Network][1 pkts/89 bytes <-> 1 pkts/289 bytes][Host: dl-obs.official.line.naver.jp] + 25 UDP 192.168.5.57:55809 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][14 pkts/2450 bytes -> 0 pkts/0 bytes] + 26 TCP 192.168.115.8:49598 <-> 222.73.254.167:80 [proto: 7.205/HTTP.1kxun][cat: Streaming/17][10 pkts/1406 bytes <-> 4 pkts/980 bytes][Host: kankan.1kxun.com] + 27 TCP 192.168.115.8:49612 <-> 183.131.48.145:80 [proto: 7/HTTP][cat: Web/5][10 pkts/1428 bytes <-> 4 pkts/867 bytes][Host: 183.131.48.145] + 28 UDP 192.168.5.44:51389 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][13 pkts/2275 bytes -> 0 pkts/0 bytes] + 29 UDP 192.168.3.95:59468 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][12 pkts/2100 bytes -> 0 pkts/0 bytes] + 30 UDP 192.168.5.9:55484 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][12 pkts/2100 bytes -> 0 pkts/0 bytes] + 31 TCP 192.168.5.16:53624 <-> 68.233.253.133:80 [proto: 7/HTTP][cat: Web/5][7 pkts/996 bytes <-> 5 pkts/986 bytes][Host: api.magicansoft.com] + 32 UDP 192.168.101.33:55485 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][10 pkts/1750 bytes -> 0 pkts/0 bytes] + 33 UDP 192.168.5.49:51704 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][9 pkts/1611 bytes -> 0 pkts/0 bytes] + 34 UDP 192.168.5.50:64674 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][9 pkts/1611 bytes -> 0 pkts/0 bytes] + 35 UDP 192.168.5.37:57325 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][9 pkts/1575 bytes -> 0 pkts/0 bytes] + 36 TCP 192.168.115.8:49607 <-> 218.244.135.170:9099 [proto: 7/HTTP][cat: Web/5][10 pkts/880 bytes <-> 3 pkts/572 bytes][Host: 218.244.135.170] + 37 UDP 192.168.5.47:60267 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][8 pkts/1432 bytes -> 0 pkts/0 bytes] + 38 UDP 192.168.5.41:55312 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][8 pkts/1400 bytes -> 0 pkts/0 bytes] + 39 UDP 0.0.0.0:68 -> 255.255.255.255:67 [proto: 18/DHCP][cat: Network/14][4 pkts/1368 bytes -> 0 pkts/0 bytes][Host: shen] + 40 UDP 192.168.5.16:68 <-> 192.168.119.1:67 [proto: 18/DHCP][cat: Network/14][2 pkts/684 bytes <-> 2 pkts/684 bytes][Host: macbook-air] + 41 UDP 192.168.5.48:49701 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][7 pkts/1253 bytes -> 0 pkts/0 bytes] + 42 UDP 192.168.3.236:137 -> 192.168.255.255:137 [proto: 10/NetBIOS][cat: System/18][13 pkts/1196 bytes -> 0 pkts/0 bytes] + 43 UDP 192.168.5.45:138 -> 192.168.255.255:138 [proto: 10/NetBIOS][cat: System/18][3 pkts/648 bytes -> 0 pkts/0 bytes] + 44 UDP 192.168.115.8:137 -> 192.168.255.255:137 [proto: 10/NetBIOS][cat: System/18][6 pkts/552 bytes -> 0 pkts/0 bytes] + 45 UDP 192.168.5.67:138 -> 192.168.255.255:138 [proto: 10/NetBIOS][cat: System/18][2 pkts/549 bytes -> 0 pkts/0 bytes] + 46 UDP [fe80::406:55a8:6453:25dd]:546 -> [ff02::1:2]:547 [proto: 103/DHCPV6][cat: Network/14][5 pkts/490 bytes -> 0 pkts/0 bytes] + 47 UDP [fe80::beee:7bff:fe0c:b3de]:546 -> [ff02::1:2]:547 [proto: 103/DHCPV6][cat: Network/14][4 pkts/392 bytes -> 0 pkts/0 bytes] + 48 UDP 192.168.5.16:63372 <-> 168.95.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/89 bytes <-> 1 pkts/289 bytes][Host: dl-obs.official.line.naver.jp] 49 TCP 192.168.115.8:49596 <-> 203.66.182.87:443 [proto: 91/SSL][4 pkts/220 bytes <-> 2 pkts/132 bytes] - 50 UDP 192.168.5.9:68 -> 255.255.255.255:67 [proto: 18/DHCP][cat: Network][1 pkts/342 bytes -> 0 pkts/0 bytes][Host: joanna-pc] - 51 UDP 192.168.5.41:68 -> 255.255.255.255:67 [proto: 18/DHCP][cat: Network][1 pkts/342 bytes -> 0 pkts/0 bytes][Host: kevin-pc] - 52 UDP 192.168.115.8:60724 <-> 8.8.8.8:53 [proto: 5.205/DNS.1kxun][cat: Streaming][2 pkts/146 bytes <-> 1 pkts/137 bytes][Host: pic.1kxun.com] - 53 UDP 192.168.0.104:137 -> 192.168.255.255:137 [proto: 10/NetBIOS][cat: System][3 pkts/276 bytes -> 0 pkts/0 bytes] - 54 UDP 192.168.115.8:51024 <-> 8.8.8.8:53 [proto: 5.205/DNS.1kxun][cat: Streaming][2 pkts/160 bytes <-> 1 pkts/112 bytes][Host: jp.kankan.1kxun.mobi] - 55 UDP 192.168.115.8:54420 <-> 8.8.8.8:53 [proto: 5.48/DNS.QQ][cat: Chat][2 pkts/150 bytes <-> 1 pkts/116 bytes][Host: vv.video.qq.com] - 56 UDP 192.168.115.8:52723 <-> 8.8.8.8:53 [proto: 5.205/DNS.1kxun][cat: Streaming][2 pkts/152 bytes <-> 1 pkts/108 bytes][Host: kankan.1kxun.com] - 57 UDP 192.168.115.8:52723 <-> 168.95.1.1:53 [proto: 5.205/DNS.1kxun][cat: Streaming][2 pkts/152 bytes <-> 1 pkts/108 bytes][Host: kankan.1kxun.com] - 58 UDP 192.168.115.8:51458 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network][4 pkts/256 bytes -> 0 pkts/0 bytes][Host: wpad] + 50 UDP 192.168.5.9:68 -> 255.255.255.255:67 [proto: 18/DHCP][cat: Network/14][1 pkts/342 bytes -> 0 pkts/0 bytes][Host: joanna-pc] + 51 UDP 192.168.5.41:68 -> 255.255.255.255:67 [proto: 18/DHCP][cat: Network/14][1 pkts/342 bytes -> 0 pkts/0 bytes][Host: kevin-pc] + 52 UDP 192.168.115.8:60724 <-> 8.8.8.8:53 [proto: 5.205/DNS.1kxun][cat: Streaming/17][2 pkts/146 bytes <-> 1 pkts/137 bytes][Host: pic.1kxun.com] + 53 UDP 192.168.0.104:137 -> 192.168.255.255:137 [proto: 10/NetBIOS][cat: System/18][3 pkts/276 bytes -> 0 pkts/0 bytes] + 54 UDP 192.168.115.8:51024 <-> 8.8.8.8:53 [proto: 5.205/DNS.1kxun][cat: Streaming/17][2 pkts/160 bytes <-> 1 pkts/112 bytes][Host: jp.kankan.1kxun.mobi] + 55 UDP 192.168.115.8:54420 <-> 8.8.8.8:53 [proto: 5.48/DNS.QQ][cat: Chat/9][2 pkts/150 bytes <-> 1 pkts/116 bytes][Host: vv.video.qq.com] + 56 UDP 192.168.115.8:52723 <-> 8.8.8.8:53 [proto: 5.205/DNS.1kxun][cat: Streaming/17][2 pkts/152 bytes <-> 1 pkts/108 bytes][Host: kankan.1kxun.com] + 57 UDP 192.168.115.8:52723 <-> 168.95.1.1:53 [proto: 5.205/DNS.1kxun][cat: Streaming/17][2 pkts/152 bytes <-> 1 pkts/108 bytes][Host: kankan.1kxun.com] + 58 UDP 192.168.115.8:51458 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][4 pkts/256 bytes -> 0 pkts/0 bytes][Host: wpad] 59 TCP 192.168.5.16:53613 -> 68.233.253.133:80 [proto: 7/HTTP][3 pkts/198 bytes -> 0 pkts/0 bytes] - 60 UDP [fe80::9bd:81dd:2fdc:5750]:61548 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network][2 pkts/190 bytes -> 0 pkts/0 bytes][Host: caesar-thinkpad] - 61 UDP [fe80::9bd:81dd:2fdc:5750]:64568 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network][2 pkts/190 bytes -> 0 pkts/0 bytes][Host: caesar-thinkpad] - 62 UDP 192.168.5.45:137 -> 192.168.255.255:137 [proto: 10/NetBIOS][cat: System][2 pkts/184 bytes -> 0 pkts/0 bytes] - 63 UDP [fe80::e98f:bae2:19f7:6b0f]:51451 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network][2 pkts/184 bytes -> 0 pkts/0 bytes][Host: 小佛專機] - 64 UDP [fe80::e98f:bae2:19f7:6b0f]:54888 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network][2 pkts/184 bytes -> 0 pkts/0 bytes][Host: 小佛專機] - 65 UDP [fe80::e98f:bae2:19f7:6b0f]:58779 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network][2 pkts/184 bytes -> 0 pkts/0 bytes][Host: 小佛專機] - 66 UDP [fe80::e034:7be:d8f9:6197]:49766 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network][2 pkts/182 bytes -> 0 pkts/0 bytes][Host: charming-pc] - 67 UDP [fe80::5d92:62a8:ebde:1319]:49735 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network][2 pkts/178 bytes -> 0 pkts/0 bytes][Host: wangs-ltw] - 68 UDP [fe80::5d92:62a8:ebde:1319]:58468 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network][2 pkts/178 bytes -> 0 pkts/0 bytes][Host: wangs-ltw] + 60 UDP [fe80::9bd:81dd:2fdc:5750]:61548 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/190 bytes -> 0 pkts/0 bytes][Host: caesar-thinkpad] + 61 UDP [fe80::9bd:81dd:2fdc:5750]:64568 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/190 bytes -> 0 pkts/0 bytes][Host: caesar-thinkpad] + 62 UDP 192.168.5.45:137 -> 192.168.255.255:137 [proto: 10/NetBIOS][cat: System/18][2 pkts/184 bytes -> 0 pkts/0 bytes] + 63 UDP [fe80::e98f:bae2:19f7:6b0f]:51451 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/184 bytes -> 0 pkts/0 bytes][Host: 小佛專機] + 64 UDP [fe80::e98f:bae2:19f7:6b0f]:54888 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/184 bytes -> 0 pkts/0 bytes][Host: 小佛專機] + 65 UDP [fe80::e98f:bae2:19f7:6b0f]:58779 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/184 bytes -> 0 pkts/0 bytes][Host: 小佛專機] + 66 UDP [fe80::e034:7be:d8f9:6197]:49766 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/182 bytes -> 0 pkts/0 bytes][Host: charming-pc] + 67 UDP [fe80::5d92:62a8:ebde:1319]:49735 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/178 bytes -> 0 pkts/0 bytes][Host: wangs-ltw] + 68 UDP [fe80::5d92:62a8:ebde:1319]:58468 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/178 bytes -> 0 pkts/0 bytes][Host: wangs-ltw] 69 TCP 192.168.115.8:49581 <-> 64.233.189.128:80 [proto: 7.126/HTTP.Google][2 pkts/110 bytes <-> 1 pkts/66 bytes] - 70 UDP [fe80::4568:efbc:40b1:1346]:50194 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network][2 pkts/176 bytes -> 0 pkts/0 bytes][Host: kevin-pc] - 71 UDP [fe80::4568:efbc:40b1:1346]:57148 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network][2 pkts/176 bytes -> 0 pkts/0 bytes][Host: kevin-pc] - 72 UDP [fe80::5d92:62a8:ebde:1319]:61172 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network][2 pkts/174 bytes -> 0 pkts/0 bytes][Host: sonusav] - 73 UDP [fe80::5d92:62a8:ebde:1319]:53938 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network][2 pkts/172 bytes -> 0 pkts/0 bytes][Host: isatap] - 74 UDP [fe80::5d92:62a8:ebde:1319]:63659 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network][2 pkts/172 bytes -> 0 pkts/0 bytes][Host: isatap] - 75 UDP [fe80::edf5:240a:c8c0:8312]:53962 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network][2 pkts/172 bytes -> 0 pkts/0 bytes][Host: ro_x1c] - 76 UDP [fe80::edf5:240a:c8c0:8312]:61603 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network][2 pkts/172 bytes -> 0 pkts/0 bytes][Host: ro_x1c] - 77 UDP 192.168.5.49:61548 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network][2 pkts/150 bytes -> 0 pkts/0 bytes][Host: caesar-thinkpad] - 78 UDP 192.168.5.49:64568 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network][2 pkts/150 bytes -> 0 pkts/0 bytes][Host: caesar-thinkpad] - 79 UDP 192.168.3.95:51451 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network][2 pkts/144 bytes -> 0 pkts/0 bytes][Host: 小佛專機] - 80 UDP 192.168.3.95:54888 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network][2 pkts/144 bytes -> 0 pkts/0 bytes][Host: 小佛專機] - 81 UDP 192.168.3.95:58779 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network][2 pkts/144 bytes -> 0 pkts/0 bytes][Host: 小佛專機] - 82 UDP 192.168.5.50:57143 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network][2 pkts/142 bytes -> 0 pkts/0 bytes][Host: charming-pc] - 83 UDP 192.168.5.50:62756 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network][2 pkts/142 bytes -> 0 pkts/0 bytes][Host: charming-pc] - 84 UDP 192.168.5.48:59797 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network][2 pkts/140 bytes -> 0 pkts/0 bytes][Host: kasper-mac] - 85 UDP 192.168.3.236:62069 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network][2 pkts/138 bytes -> 0 pkts/0 bytes][Host: wangs-ltw] - 86 UDP 192.168.3.236:65496 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network][2 pkts/138 bytes -> 0 pkts/0 bytes][Host: wangs-ltw] - 87 UDP 192.168.5.9:58456 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network][2 pkts/138 bytes -> 0 pkts/0 bytes][Host: joanna-pc] - 88 UDP 192.168.5.9:62822 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network][2 pkts/138 bytes -> 0 pkts/0 bytes][Host: joanna-pc] - 89 UDP 192.168.101.33:58456 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network][2 pkts/138 bytes -> 0 pkts/0 bytes][Host: joanna-pc] - 90 UDP 192.168.101.33:62822 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network][2 pkts/138 bytes -> 0 pkts/0 bytes][Host: joanna-pc] - 91 UDP 192.168.5.37:54506 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network][2 pkts/136 bytes -> 0 pkts/0 bytes][Host: notebook] - 92 UDP 192.168.5.37:56366 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network][2 pkts/136 bytes -> 0 pkts/0 bytes][Host: notebook] - 93 UDP 192.168.5.41:54470 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network][2 pkts/136 bytes -> 0 pkts/0 bytes][Host: kevin-pc] - 94 UDP 192.168.5.44:58702 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network][2 pkts/136 bytes -> 0 pkts/0 bytes][Host: jason-pc] - 95 UDP 192.168.5.44:59571 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network][2 pkts/136 bytes -> 0 pkts/0 bytes][Host: jason-pc] - 96 UDP 192.168.5.57:64428 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network][2 pkts/136 bytes -> 0 pkts/0 bytes][Host: usher-pc] - 97 UDP 192.168.5.57:65150 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network][2 pkts/136 bytes -> 0 pkts/0 bytes][Host: usher-pc] - 98 UDP 192.168.3.236:51714 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network][2 pkts/132 bytes -> 0 pkts/0 bytes][Host: isatap] - 99 UDP 192.168.3.236:56043 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network][2 pkts/132 bytes -> 0 pkts/0 bytes][Host: isatap] - 100 UDP 192.168.5.47:53962 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network][2 pkts/132 bytes -> 0 pkts/0 bytes][Host: ro_x1c] - 101 UDP 192.168.5.47:61603 -> 224.0.0.252:5355 [proto: 87/RTP][cat: VoIP][2 pkts/132 bytes -> 0 pkts/0 bytes] + 70 UDP [fe80::4568:efbc:40b1:1346]:50194 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/176 bytes -> 0 pkts/0 bytes][Host: kevin-pc] + 71 UDP [fe80::4568:efbc:40b1:1346]:57148 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/176 bytes -> 0 pkts/0 bytes][Host: kevin-pc] + 72 UDP [fe80::5d92:62a8:ebde:1319]:61172 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/174 bytes -> 0 pkts/0 bytes][Host: sonusav] + 73 UDP [fe80::5d92:62a8:ebde:1319]:53938 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/172 bytes -> 0 pkts/0 bytes][Host: isatap] + 74 UDP [fe80::5d92:62a8:ebde:1319]:63659 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/172 bytes -> 0 pkts/0 bytes][Host: isatap] + 75 UDP [fe80::edf5:240a:c8c0:8312]:53962 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/172 bytes -> 0 pkts/0 bytes][Host: ro_x1c] + 76 UDP [fe80::edf5:240a:c8c0:8312]:61603 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/172 bytes -> 0 pkts/0 bytes][Host: ro_x1c] + 77 UDP 192.168.5.49:61548 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/150 bytes -> 0 pkts/0 bytes][Host: caesar-thinkpad] + 78 UDP 192.168.5.49:64568 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/150 bytes -> 0 pkts/0 bytes][Host: caesar-thinkpad] + 79 UDP 192.168.3.95:51451 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/144 bytes -> 0 pkts/0 bytes][Host: 小佛專機] + 80 UDP 192.168.3.95:54888 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/144 bytes -> 0 pkts/0 bytes][Host: 小佛專機] + 81 UDP 192.168.3.95:58779 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/144 bytes -> 0 pkts/0 bytes][Host: 小佛專機] + 82 UDP 192.168.5.50:57143 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/142 bytes -> 0 pkts/0 bytes][Host: charming-pc] + 83 UDP 192.168.5.50:62756 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/142 bytes -> 0 pkts/0 bytes][Host: charming-pc] + 84 UDP 192.168.5.48:59797 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/140 bytes -> 0 pkts/0 bytes][Host: kasper-mac] + 85 UDP 192.168.3.236:62069 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/138 bytes -> 0 pkts/0 bytes][Host: wangs-ltw] + 86 UDP 192.168.3.236:65496 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/138 bytes -> 0 pkts/0 bytes][Host: wangs-ltw] + 87 UDP 192.168.5.9:58456 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/138 bytes -> 0 pkts/0 bytes][Host: joanna-pc] + 88 UDP 192.168.5.9:62822 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/138 bytes -> 0 pkts/0 bytes][Host: joanna-pc] + 89 UDP 192.168.101.33:58456 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/138 bytes -> 0 pkts/0 bytes][Host: joanna-pc] + 90 UDP 192.168.101.33:62822 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/138 bytes -> 0 pkts/0 bytes][Host: joanna-pc] + 91 UDP 192.168.5.37:54506 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/136 bytes -> 0 pkts/0 bytes][Host: notebook] + 92 UDP 192.168.5.37:56366 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/136 bytes -> 0 pkts/0 bytes][Host: notebook] + 93 UDP 192.168.5.41:54470 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/136 bytes -> 0 pkts/0 bytes][Host: kevin-pc] + 94 UDP 192.168.5.44:58702 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/136 bytes -> 0 pkts/0 bytes][Host: jason-pc] + 95 UDP 192.168.5.44:59571 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/136 bytes -> 0 pkts/0 bytes][Host: jason-pc] + 96 UDP 192.168.5.57:64428 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/136 bytes -> 0 pkts/0 bytes][Host: usher-pc] + 97 UDP 192.168.5.57:65150 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/136 bytes -> 0 pkts/0 bytes][Host: usher-pc] + 98 UDP 192.168.3.236:51714 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/132 bytes -> 0 pkts/0 bytes][Host: isatap] + 99 UDP 192.168.3.236:56043 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/132 bytes -> 0 pkts/0 bytes][Host: isatap] + 100 UDP 192.168.5.47:53962 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/132 bytes -> 0 pkts/0 bytes][Host: ro_x1c] + 101 UDP 192.168.5.47:61603 -> 224.0.0.252:5355 [proto: 87/RTP][cat: Media/1][2 pkts/132 bytes -> 0 pkts/0 bytes] 102 TCP 192.168.5.16:53605 -> 68.233.253.133:80 [proto: 7/HTTP][2 pkts/126 bytes -> 0 pkts/0 bytes] 103 TCP 192.168.5.16:53622 <-> 192.168.115.75:443 [proto: 91/SSL][1 pkts/60 bytes <-> 1 pkts/60 bytes] - 104 UDP [fe80::f65c:89ff:fe89:e607]:546 -> [ff02::1:2]:547 [proto: 103/DHCPV6][cat: Network][1 pkts/98 bytes -> 0 pkts/0 bytes] - 105 UDP 192.168.5.45:59461 -> 192.168.255.255:137 [proto: 10/NetBIOS][cat: System][1 pkts/92 bytes -> 0 pkts/0 bytes] - 106 UDP 192.168.5.45:59789 -> 192.168.255.255:137 [proto: 10/NetBIOS][cat: System][1 pkts/92 bytes -> 0 pkts/0 bytes] - 107 UDP [fe80::e034:7be:d8f9:6197]:57143 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network][1 pkts/91 bytes -> 0 pkts/0 bytes][Host: charming-pc] - 108 UDP [fe80::e034:7be:d8f9:6197]:62756 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network][1 pkts/91 bytes -> 0 pkts/0 bytes][Host: charming-pc] - 109 UDP 192.168.5.16:123 -> 17.253.26.125:123 [proto: 9/NTP][cat: System][1 pkts/90 bytes -> 0 pkts/0 bytes] - 110 UDP 192.168.5.64:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network][1 pkts/82 bytes -> 0 pkts/0 bytes] - 111 UDP 192.168.5.50:49766 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network][1 pkts/71 bytes -> 0 pkts/0 bytes][Host: charming-pc] - 112 UDP 192.168.5.50:50030 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network][1 pkts/71 bytes -> 0 pkts/0 bytes][Host: charming-pc] - 113 UDP 192.168.5.41:55593 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network][1 pkts/68 bytes -> 0 pkts/0 bytes][Host: kevin-pc] - 114 UDP 192.168.5.44:59062 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network][1 pkts/68 bytes -> 0 pkts/0 bytes][Host: jason-pc] - 115 UDP 192.168.3.236:59730 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network][1 pkts/67 bytes -> 0 pkts/0 bytes][Host: sonusav] + 104 UDP [fe80::f65c:89ff:fe89:e607]:546 -> [ff02::1:2]:547 [proto: 103/DHCPV6][cat: Network/14][1 pkts/98 bytes -> 0 pkts/0 bytes] + 105 UDP 192.168.5.45:59461 -> 192.168.255.255:137 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes -> 0 pkts/0 bytes] + 106 UDP 192.168.5.45:59789 -> 192.168.255.255:137 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes -> 0 pkts/0 bytes] + 107 UDP [fe80::e034:7be:d8f9:6197]:57143 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][1 pkts/91 bytes -> 0 pkts/0 bytes][Host: charming-pc] + 108 UDP [fe80::e034:7be:d8f9:6197]:62756 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][1 pkts/91 bytes -> 0 pkts/0 bytes][Host: charming-pc] + 109 UDP 192.168.5.16:123 -> 17.253.26.125:123 [proto: 9/NTP][cat: System/18][1 pkts/90 bytes -> 0 pkts/0 bytes] + 110 UDP 192.168.5.64:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network/14][1 pkts/82 bytes -> 0 pkts/0 bytes] + 111 UDP 192.168.5.50:49766 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][1 pkts/71 bytes -> 0 pkts/0 bytes][Host: charming-pc] + 112 UDP 192.168.5.50:50030 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][1 pkts/71 bytes -> 0 pkts/0 bytes][Host: charming-pc] + 113 UDP 192.168.5.41:55593 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][1 pkts/68 bytes -> 0 pkts/0 bytes][Host: kevin-pc] + 114 UDP 192.168.5.44:59062 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][1 pkts/68 bytes -> 0 pkts/0 bytes][Host: jason-pc] + 115 UDP 192.168.3.236:59730 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][1 pkts/67 bytes -> 0 pkts/0 bytes][Host: sonusav] Undetected flows: diff --git a/tests/result/6in4tunnel.pcap.out b/tests/result/6in4tunnel.pcap.out index baabfcf45..28b2f5716 100644 --- a/tests/result/6in4tunnel.pcap.out +++ b/tests/result/6in4tunnel.pcap.out @@ -4,13 +4,13 @@ SSL 28 15397 1 ICMPV6 48 7862 3 Facebook 37 14726 3 - 1 TCP [2001:470:1f17:13f:3e97:eff:fe73:4dec]:60205 <-> [2604:a880:1:20::224:b001]:443 [proto: 91/SSL][cat: Web][14 pkts/2312 bytes <-> 14 pkts/13085 bytes][client: mail.tomasu.net][server: mail.tomasu.net] - 2 TCP [2001:470:1f17:13f:3e97:eff:fe73:4dec]:53234 <-> [2a03:2880:1010:6f03:face:b00c::2]:443 [proto: 91.119/SSL.Facebook][cat: SocialNetwork][18 pkts/6894 bytes <-> 15 pkts/7032 bytes][client: www.facebook.com][server: *.facebook.com] - 3 ICMPV6 [2001:470:1f17:13f:3e97:eff:fe73:4dec]:0 <-> [2604:a880:1:20::224:b001]:0 [proto: 102/ICMPV6][cat: Network][23 pkts/3174 bytes <-> 23 pkts/3174 bytes] - 4 TCP [2001:470:1f17:13f:3e97:eff:fe73:4dec]:41538 <-> [2604:a880:1:20::224:b001]:80 [proto: 7/HTTP][cat: Web][6 pkts/786 bytes <-> 4 pkts/1006 bytes][Host: mail.tomasu.net] - 5 ICMPV6 [2a03:2880:1010:6f03:face:b00c::2]:0 -> [2001:470:1f17:13f:3e97:eff:fe73:4dec]:0 [proto: 102/ICMPV6][cat: Network][1 pkts/1314 bytes -> 0 pkts/0 bytes] - 6 UDP [2001:470:1f16:13f::2]:53959 <-> [2a03:2880:fffe:b:face:b00c::99]:53 [proto: 5.119/DNS.Facebook][cat: SocialNetwork][1 pkts/133 bytes <-> 1 pkts/273 bytes][Host: star.c10r.facebook.com] - 7 UDP [2001:470:1f16:13f::2]:6404 <-> [2a03:2880:fffe:b:face:b00c::99]:53 [proto: 5.119/DNS.Facebook][cat: SocialNetwork][1 pkts/133 bytes <-> 1 pkts/261 bytes][Host: star.c10r.facebook.com] + 1 TCP [2001:470:1f17:13f:3e97:eff:fe73:4dec]:60205 <-> [2604:a880:1:20::224:b001]:443 [proto: 91/SSL][cat: Web/5][14 pkts/2312 bytes <-> 14 pkts/13085 bytes][client: mail.tomasu.net][server: mail.tomasu.net] + 2 TCP [2001:470:1f17:13f:3e97:eff:fe73:4dec]:53234 <-> [2a03:2880:1010:6f03:face:b00c::2]:443 [proto: 91.119/SSL.Facebook][cat: SocialNetwork/6][18 pkts/6894 bytes <-> 15 pkts/7032 bytes][client: www.facebook.com][server: *.facebook.com] + 3 ICMPV6 [2001:470:1f17:13f:3e97:eff:fe73:4dec]:0 <-> [2604:a880:1:20::224:b001]:0 [proto: 102/ICMPV6][cat: Network/14][23 pkts/3174 bytes <-> 23 pkts/3174 bytes] + 4 TCP [2001:470:1f17:13f:3e97:eff:fe73:4dec]:41538 <-> [2604:a880:1:20::224:b001]:80 [proto: 7/HTTP][cat: Web/5][6 pkts/786 bytes <-> 4 pkts/1006 bytes][Host: mail.tomasu.net] + 5 ICMPV6 [2a03:2880:1010:6f03:face:b00c::2]:0 -> [2001:470:1f17:13f:3e97:eff:fe73:4dec]:0 [proto: 102/ICMPV6][cat: Network/14][1 pkts/1314 bytes -> 0 pkts/0 bytes] + 6 UDP [2001:470:1f16:13f::2]:53959 <-> [2a03:2880:fffe:b:face:b00c::99]:53 [proto: 5.119/DNS.Facebook][cat: SocialNetwork/6][1 pkts/133 bytes <-> 1 pkts/273 bytes][Host: star.c10r.facebook.com] + 7 UDP [2001:470:1f16:13f::2]:6404 <-> [2a03:2880:fffe:b:face:b00c::99]:53 [proto: 5.119/DNS.Facebook][cat: SocialNetwork/6][1 pkts/133 bytes <-> 1 pkts/261 bytes][Host: star.c10r.facebook.com] 8 TCP [2604:a880:1:20::224:b001]:993 <-> [2001:470:1f17:13f:6d69:c72:7313:616f]:35610 [proto: 51/IMAPS][1 pkts/152 bytes <-> 1 pkts/106 bytes] 9 TCP [2604:a880:1:20::224:b001]:993 <-> [2001:470:1f17:13f:6d69:c72:7313:616f]:56381 [proto: 51/IMAPS][1 pkts/152 bytes <-> 1 pkts/106 bytes] - 10 ICMPV6 [2001:470:1f16:13f::2]:0 -> [2604:a880:1:20::224:b001]:0 [proto: 102/ICMPV6][cat: Network][1 pkts/200 bytes -> 0 pkts/0 bytes] + 10 ICMPV6 [2001:470:1f16:13f::2]:0 -> [2604:a880:1:20::224:b001]:0 [proto: 102/ICMPV6][cat: Network/14][1 pkts/200 bytes -> 0 pkts/0 bytes] diff --git a/tests/result/BGP_Cisco_hdlc_slarp.pcap.out b/tests/result/BGP_Cisco_hdlc_slarp.pcap.out index 6b5d01385..66a5d416a 100644 --- a/tests/result/BGP_Cisco_hdlc_slarp.pcap.out +++ b/tests/result/BGP_Cisco_hdlc_slarp.pcap.out @@ -1,3 +1,3 @@ BGP 14 969 1 - 1 TCP 100.16.1.2:18324 <-> 100.16.1.1:179 [proto: 13/BGP][cat: Network][7 pkts/388 bytes <-> 7 pkts/581 bytes] + 1 TCP 100.16.1.2:18324 <-> 100.16.1.1:179 [proto: 13/BGP][cat: Network/14][7 pkts/388 bytes <-> 7 pkts/581 bytes] diff --git a/tests/result/BGP_redist.pcap.out b/tests/result/BGP_redist.pcap.out index 9946be111..dddd85947 100644 --- a/tests/result/BGP_redist.pcap.out +++ b/tests/result/BGP_redist.pcap.out @@ -1,4 +1,4 @@ BGP 2 322 2 - 1 TCP 2.2.2.2:179 -> 4.4.4.4:63535 [proto: 13/BGP][cat: Network][1 pkts/163 bytes -> 0 pkts/0 bytes] - 2 TCP 2.2.2.2:179 -> 5.5.5.5:49433 [proto: 13/BGP][cat: Network][1 pkts/159 bytes -> 0 pkts/0 bytes] + 1 TCP 2.2.2.2:179 -> 4.4.4.4:63535 [proto: 13/BGP][cat: Network/14][1 pkts/163 bytes -> 0 pkts/0 bytes] + 2 TCP 2.2.2.2:179 -> 5.5.5.5:49433 [proto: 13/BGP][cat: Network/14][1 pkts/159 bytes -> 0 pkts/0 bytes] diff --git a/tests/result/EAQ.pcap.out b/tests/result/EAQ.pcap.out index f7c45acf7..673f8309d 100644 --- a/tests/result/EAQ.pcap.out +++ b/tests/result/EAQ.pcap.out @@ -1,8 +1,8 @@ Google 23 11743 2 EAQ 174 10092 29 - 1 TCP 10.8.0.1:40467 <-> 173.194.119.24:80 [proto: 7.126/HTTP.Google][cat: Web][8 pkts/591 bytes <-> 6 pkts/9998 bytes][Host: www.google.com.br] - 2 TCP 10.8.0.1:53497 <-> 173.194.119.48:80 [proto: 7.126/HTTP.Google][cat: Web][5 pkts/390 bytes <-> 4 pkts/764 bytes][Host: www.google.com] + 1 TCP 10.8.0.1:40467 <-> 173.194.119.24:80 [proto: 7.126/HTTP.Google][cat: Web/5][8 pkts/591 bytes <-> 6 pkts/9998 bytes][Host: www.google.com.br] + 2 TCP 10.8.0.1:53497 <-> 173.194.119.48:80 [proto: 7.126/HTTP.Google][cat: Web/5][5 pkts/390 bytes <-> 4 pkts/764 bytes][Host: www.google.com] 3 UDP 10.8.0.1:39185 <-> 200.194.132.67:6000 [proto: 190/EAQ][5 pkts/290 bytes <-> 5 pkts/290 bytes] 4 UDP 10.8.0.1:42620 <-> 200.194.148.66:6000 [proto: 190/EAQ][5 pkts/290 bytes <-> 5 pkts/290 bytes] 5 UDP 10.8.0.1:43641 <-> 200.194.148.68:6000 [proto: 190/EAQ][5 pkts/290 bytes <-> 5 pkts/290 bytes] diff --git a/tests/result/Instagram.pcap.out b/tests/result/Instagram.pcap.out index f07db1c29..416c11dca 100644 --- a/tests/result/Instagram.pcap.out +++ b/tests/result/Instagram.pcap.out @@ -7,36 +7,36 @@ Dropbox 5 725 2 Instagram 363 255094 16 1 TCP 31.13.86.52:80 <-> 192.168.0.103:58216 [proto: 7.119/HTTP.Facebook][103 pkts/150456 bytes <-> 47 pkts/3102 bytes] - 2 TCP 192.168.0.103:38816 <-> 46.33.70.160:80 [proto: 7.211/HTTP.Instagram][cat: SocialNetwork][13 pkts/1118 bytes <-> 39 pkts/57876 bytes][Host: photos-h.ak.instagram.com] - 3 TCP 192.168.0.103:58052 <-> 82.85.26.162:80 [proto: 7.211/HTTP.Instagram][cat: SocialNetwork][37 pkts/2702 bytes <-> 38 pkts/54537 bytes][Host: photos-g.ak.instagram.com] - 4 TCP 192.168.0.103:44379 <-> 82.85.26.186:80 [proto: 7.211/HTTP.Instagram][cat: SocialNetwork][41 pkts/3392 bytes <-> 40 pkts/50024 bytes][Host: photos-e.ak.instagram.com] - 5 TCP 192.168.0.103:57936 <-> 82.85.26.162:80 [proto: 7.211/HTTP.Instagram][cat: SocialNetwork][24 pkts/1837 bytes <-> 34 pkts/48383 bytes][Host: photos-g.ak.instagram.com] + 2 TCP 192.168.0.103:38816 <-> 46.33.70.160:80 [proto: 7.211/HTTP.Instagram][cat: SocialNetwork/6][13 pkts/1118 bytes <-> 39 pkts/57876 bytes][Host: photos-h.ak.instagram.com] + 3 TCP 192.168.0.103:58052 <-> 82.85.26.162:80 [proto: 7.211/HTTP.Instagram][cat: SocialNetwork/6][37 pkts/2702 bytes <-> 38 pkts/54537 bytes][Host: photos-g.ak.instagram.com] + 4 TCP 192.168.0.103:44379 <-> 82.85.26.186:80 [proto: 7.211/HTTP.Instagram][cat: SocialNetwork/6][41 pkts/3392 bytes <-> 40 pkts/50024 bytes][Host: photos-e.ak.instagram.com] + 5 TCP 192.168.0.103:57936 <-> 82.85.26.162:80 [proto: 7.211/HTTP.Instagram][cat: SocialNetwork/6][24 pkts/1837 bytes <-> 34 pkts/48383 bytes][Host: photos-g.ak.instagram.com] 6 TCP 192.168.0.103:33936 <-> 31.13.93.52:443 [proto: 91.119/SSL.Facebook][34 pkts/5555 bytes <-> 34 pkts/40133 bytes] 7 TCP 2.22.236.51:80 <-> 192.168.0.103:44151 [proto: 7/HTTP][25 pkts/37100 bytes <-> 24 pkts/1584 bytes] 8 TCP 192.168.0.103:33976 <-> 77.67.29.17:80 [proto: 7/HTTP][14 pkts/924 bytes <-> 20 pkts/28115 bytes] 9 TCP 92.122.48.138:80 <-> 192.168.0.103:41562 [proto: 7/HTTP][16 pkts/22931 bytes <-> 9 pkts/594 bytes] - 10 TCP 192.168.0.103:60908 <-> 46.33.70.136:443 [proto: 91.211/SSL.Instagram][cat: SocialNetwork][10 pkts/1369 bytes <-> 9 pkts/7971 bytes][client: igcdn-photos-g-a.akamaihd.net][server: a248.e.akamai.net] - 11 TCP 192.168.0.103:44558 <-> 46.33.70.174:443 [proto: 91.211/SSL.Instagram][cat: SocialNetwork][10 pkts/1545 bytes <-> 7 pkts/4824 bytes][client: igcdn-photos-h-a.akamaihd.net][server: a248.e.akamai.net] + 10 TCP 192.168.0.103:60908 <-> 46.33.70.136:443 [proto: 91.211/SSL.Instagram][cat: SocialNetwork/6][10 pkts/1369 bytes <-> 9 pkts/7971 bytes][client: igcdn-photos-g-a.akamaihd.net][server: a248.e.akamai.net] + 11 TCP 192.168.0.103:44558 <-> 46.33.70.174:443 [proto: 91.211/SSL.Instagram][cat: SocialNetwork/6][10 pkts/1545 bytes <-> 7 pkts/4824 bytes][client: igcdn-photos-h-a.akamaihd.net][server: a248.e.akamai.net] 12 TCP 31.13.93.52:443 <-> 192.168.0.103:33934 [proto: 91.119/SSL.Facebook][6 pkts/4699 bytes <-> 6 pkts/1345 bytes] - 13 TCP 192.168.0.103:41181 <-> 82.85.26.154:443 [proto: 91.211/SSL.Instagram][cat: SocialNetwork][8 pkts/896 bytes <-> 6 pkts/4671 bytes][client: igcdn-photos-a-a.akamaihd.net][server: a248.e.akamai.net] - 14 TCP 192.168.0.103:41182 <-> 82.85.26.154:443 [proto: 91.211/SSL.Instagram][cat: SocialNetwork][8 pkts/896 bytes <-> 6 pkts/4671 bytes][client: igcdn-photos-a-a.akamaihd.net][server: a248.e.akamai.net] + 13 TCP 192.168.0.103:41181 <-> 82.85.26.154:443 [proto: 91.211/SSL.Instagram][cat: SocialNetwork/6][8 pkts/896 bytes <-> 6 pkts/4671 bytes][client: igcdn-photos-a-a.akamaihd.net][server: a248.e.akamai.net] + 14 TCP 192.168.0.103:41182 <-> 82.85.26.154:443 [proto: 91.211/SSL.Instagram][cat: SocialNetwork/6][8 pkts/896 bytes <-> 6 pkts/4671 bytes][client: igcdn-photos-a-a.akamaihd.net][server: a248.e.akamai.net] 15 TCP 192.168.0.103:33763 <-> 31.13.93.52:443 [proto: 91.119/SSL.Facebook][5 pkts/1279 bytes <-> 6 pkts/4118 bytes] 16 TCP 192.168.0.103:33935 <-> 31.13.93.52:443 [proto: 91.119/SSL.Facebook][5 pkts/1279 bytes <-> 5 pkts/4020 bytes] - 17 TCP 192.168.0.103:57965 <-> 82.85.26.185:80 [proto: 7.211/HTTP.Instagram][cat: SocialNetwork][4 pkts/559 bytes <-> 3 pkts/3456 bytes][Host: photos-f.ak.instagram.com] - 18 TCP 192.168.0.103:56382 <-> 173.252.107.4:443 [proto: 91.211/SSL.Instagram][cat: SocialNetwork][9 pkts/1583 bytes <-> 8 pkts/1064 bytes][client: telegraph-ash.instagram.com] - 19 UDP 192.168.0.106:17500 -> 255.255.255.255:17500 [proto: 121/Dropbox][cat: Cloud][4 pkts/580 bytes -> 0 pkts/0 bytes] - 20 ICMP 192.168.0.103:0 -> 192.168.0.103:0 [proto: 81/ICMP][cat: Network][5 pkts/510 bytes -> 0 pkts/0 bytes] - 21 UDP 192.168.0.103:51219 <-> 8.8.8.8:53 [proto: 5.211/DNS.Instagram][cat: SocialNetwork][1 pkts/89 bytes <-> 1 pkts/305 bytes][Host: igcdn-photos-h-a.akamaihd.net] - 22 TCP 192.168.0.103:37350 -> 82.85.26.153:80 [proto: 7.211/HTTP.Instagram][cat: SocialNetwork][1 pkts/324 bytes -> 0 pkts/0 bytes][Host: photos-a.ak.instagram.com] - 23 TCP 192.168.0.103:58053 -> 82.85.26.162:80 [proto: 7.211/HTTP.Instagram][cat: SocialNetwork][1 pkts/321 bytes -> 0 pkts/0 bytes][Host: photos-g.ak.instagram.com] - 24 UDP 192.168.0.103:26540 <-> 8.8.8.8:53 [proto: 5.211/DNS.Instagram][cat: SocialNetwork][1 pkts/89 bytes <-> 1 pkts/209 bytes][Host: igcdn-photos-g-a.akamaihd.net] - 25 UDP 192.168.0.103:33603 <-> 8.8.8.8:53 [proto: 5.211/DNS.Instagram][cat: SocialNetwork][1 pkts/89 bytes <-> 1 pkts/209 bytes][Host: igcdn-photos-a-a.akamaihd.net] + 17 TCP 192.168.0.103:57965 <-> 82.85.26.185:80 [proto: 7.211/HTTP.Instagram][cat: SocialNetwork/6][4 pkts/559 bytes <-> 3 pkts/3456 bytes][Host: photos-f.ak.instagram.com] + 18 TCP 192.168.0.103:56382 <-> 173.252.107.4:443 [proto: 91.211/SSL.Instagram][cat: SocialNetwork/6][9 pkts/1583 bytes <-> 8 pkts/1064 bytes][client: telegraph-ash.instagram.com] + 19 UDP 192.168.0.106:17500 -> 255.255.255.255:17500 [proto: 121/Dropbox][cat: Cloud/13][4 pkts/580 bytes -> 0 pkts/0 bytes] + 20 ICMP 192.168.0.103:0 -> 192.168.0.103:0 [proto: 81/ICMP][cat: Network/14][5 pkts/510 bytes -> 0 pkts/0 bytes] + 21 UDP 192.168.0.103:51219 <-> 8.8.8.8:53 [proto: 5.211/DNS.Instagram][cat: SocialNetwork/6][1 pkts/89 bytes <-> 1 pkts/305 bytes][Host: igcdn-photos-h-a.akamaihd.net] + 22 TCP 192.168.0.103:37350 -> 82.85.26.153:80 [proto: 7.211/HTTP.Instagram][cat: SocialNetwork/6][1 pkts/324 bytes -> 0 pkts/0 bytes][Host: photos-a.ak.instagram.com] + 23 TCP 192.168.0.103:58053 -> 82.85.26.162:80 [proto: 7.211/HTTP.Instagram][cat: SocialNetwork/6][1 pkts/321 bytes -> 0 pkts/0 bytes][Host: photos-g.ak.instagram.com] + 24 UDP 192.168.0.103:26540 <-> 8.8.8.8:53 [proto: 5.211/DNS.Instagram][cat: SocialNetwork/6][1 pkts/89 bytes <-> 1 pkts/209 bytes][Host: igcdn-photos-g-a.akamaihd.net] + 25 UDP 192.168.0.103:33603 <-> 8.8.8.8:53 [proto: 5.211/DNS.Instagram][cat: SocialNetwork/6][1 pkts/89 bytes <-> 1 pkts/209 bytes][Host: igcdn-photos-a-a.akamaihd.net] 26 TCP 192.168.0.103:38817 <-> 46.33.70.160:80 [proto: 7/HTTP][2 pkts/132 bytes <-> 1 pkts/66 bytes] 27 TCP 192.168.0.103:57966 <-> 82.85.26.185:80 [proto: 7/HTTP][2 pkts/132 bytes <-> 1 pkts/66 bytes] 28 TCP 192.168.0.103:58690 -> 46.33.70.159:443 [proto: 91/SSL][2 pkts/169 bytes -> 0 pkts/0 bytes] - 29 UDP 192.168.0.106:17500 -> 192.168.0.255:17500 [proto: 121/Dropbox][cat: Cloud][1 pkts/145 bytes -> 0 pkts/0 bytes] + 29 UDP 192.168.0.106:17500 -> 192.168.0.255:17500 [proto: 121/Dropbox][cat: Cloud/13][1 pkts/145 bytes -> 0 pkts/0 bytes] 30 TCP 46.33.70.150:80 <-> 192.168.0.103:40855 [proto: 7/HTTP][1 pkts/74 bytes <-> 1 pkts/66 bytes] - 31 UDP 192.168.0.103:27124 -> 8.8.8.8:53 [proto: 5.211/DNS.Instagram][cat: SocialNetwork][1 pkts/85 bytes -> 0 pkts/0 bytes][Host: photos-b.ak.instagram.com] + 31 UDP 192.168.0.103:27124 -> 8.8.8.8:53 [proto: 5.211/DNS.Instagram][cat: SocialNetwork/6][1 pkts/85 bytes -> 0 pkts/0 bytes][Host: photos-b.ak.instagram.com] Undetected flows: diff --git a/tests/result/KakaoTalk_chat.pcap.out b/tests/result/KakaoTalk_chat.pcap.out index c4cc5a154..475345122 100644 --- a/tests/result/KakaoTalk_chat.pcap.out +++ b/tests/result/KakaoTalk_chat.pcap.out @@ -8,41 +8,41 @@ HTTP_Proxy 26 3926 1 Amazon 2 181 1 KakaoTalk 55 9990 15 - 1 TCP 10.24.82.188:43581 <-> 31.13.68.70:443 [proto: 91.119/SSL.Facebook][cat: SocialNetwork][17 pkts/3461 bytes <-> 17 pkts/6194 bytes][client: graph.facebook.com][server: *.facebook.com] - 2 TCP 10.24.82.188:45211 <-> 31.13.68.84:443 [proto: 91.119/SSL.Facebook][cat: SocialNetwork][14 pkts/2575 bytes <-> 15 pkts/6502 bytes][client: developers.facebook.com][server: *.facebook.com] - 3 TCP 10.24.82.188:45209 <-> 31.13.68.84:443 [proto: 91.119/SSL.Facebook][cat: SocialNetwork][10 pkts/2584 bytes <-> 9 pkts/5123 bytes][client: api.facebook.com][server: *.facebook.com] - 4 TCP 10.24.82.188:35503 <-> 173.252.97.2:443 [proto: 91.119/SSL.Facebook][cat: SocialNetwork][20 pkts/2849 bytes <-> 18 pkts/4742 bytes][server: *.facebook.com] - 5 TCP 10.24.82.188:45213 <-> 31.13.68.84:443 [proto: 91.119/SSL.Facebook][cat: SocialNetwork][15 pkts/2508 bytes <-> 13 pkts/5053 bytes][server: *.facebook.com] - 6 TCP 10.24.82.188:35511 <-> 173.252.97.2:443 [proto: 91.119/SSL.Facebook][cat: SocialNetwork][18 pkts/2390 bytes <-> 18 pkts/4762 bytes][server: *.facebook.com] - 7 TCP 10.24.82.188:37821 <-> 210.103.240.15:443 [proto: 91.193/SSL.KakaoTalk][cat: VoIP][13 pkts/2036 bytes <-> 14 pkts/5090 bytes][server: *.kakao.com] + 1 TCP 10.24.82.188:43581 <-> 31.13.68.70:443 [proto: 91.119/SSL.Facebook][cat: SocialNetwork/6][17 pkts/3461 bytes <-> 17 pkts/6194 bytes][client: graph.facebook.com][server: *.facebook.com] + 2 TCP 10.24.82.188:45211 <-> 31.13.68.84:443 [proto: 91.119/SSL.Facebook][cat: SocialNetwork/6][14 pkts/2575 bytes <-> 15 pkts/6502 bytes][client: developers.facebook.com][server: *.facebook.com] + 3 TCP 10.24.82.188:45209 <-> 31.13.68.84:443 [proto: 91.119/SSL.Facebook][cat: SocialNetwork/6][10 pkts/2584 bytes <-> 9 pkts/5123 bytes][client: api.facebook.com][server: *.facebook.com] + 4 TCP 10.24.82.188:35503 <-> 173.252.97.2:443 [proto: 91.119/SSL.Facebook][cat: SocialNetwork/6][20 pkts/2849 bytes <-> 18 pkts/4742 bytes][server: *.facebook.com] + 5 TCP 10.24.82.188:45213 <-> 31.13.68.84:443 [proto: 91.119/SSL.Facebook][cat: SocialNetwork/6][15 pkts/2508 bytes <-> 13 pkts/5053 bytes][server: *.facebook.com] + 6 TCP 10.24.82.188:35511 <-> 173.252.97.2:443 [proto: 91.119/SSL.Facebook][cat: SocialNetwork/6][18 pkts/2390 bytes <-> 18 pkts/4762 bytes][server: *.facebook.com] + 7 TCP 10.24.82.188:37821 <-> 210.103.240.15:443 [proto: 91.193/SSL.KakaoTalk][cat: VoIP/10][13 pkts/2036 bytes <-> 14 pkts/5090 bytes][server: *.kakao.com] 8 TCP 10.24.82.188:51021 <-> 103.246.57.251:8080 [proto: 131/HTTP_Proxy][17 pkts/2231 bytes <-> 9 pkts/1695 bytes] 9 TCP 139.150.0.125:443 <-> 10.24.82.188:46947 [proto: 91/SSL][9 pkts/1737 bytes <-> 9 pkts/672 bytes] - 10 TCP 10.24.82.188:58964 <-> 54.255.253.199:5223 [proto: 91/SSL][cat: Web][3 pkts/290 bytes <-> 3 pkts/1600 bytes][server: *.push.samsungosp.com] - 11 TCP 10.24.82.188:37557 <-> 31.13.68.84:80 [proto: 7.119/HTTP.Facebook][cat: SocialNetwork][5 pkts/487 bytes <-> 6 pkts/627 bytes][Host: www.facebook.com] - 12 TCP 10.24.82.188:37553 <-> 31.13.68.84:80 [proto: 7.119/HTTP.Facebook][cat: SocialNetwork][5 pkts/487 bytes <-> 5 pkts/571 bytes][Host: www.facebook.com] + 10 TCP 10.24.82.188:58964 <-> 54.255.253.199:5223 [proto: 91/SSL][cat: Web/5][3 pkts/290 bytes <-> 3 pkts/1600 bytes][server: *.push.samsungosp.com] + 11 TCP 10.24.82.188:37557 <-> 31.13.68.84:80 [proto: 7.119/HTTP.Facebook][cat: SocialNetwork/6][5 pkts/487 bytes <-> 6 pkts/627 bytes][Host: www.facebook.com] + 12 TCP 10.24.82.188:37553 <-> 31.13.68.84:80 [proto: 7.119/HTTP.Facebook][cat: SocialNetwork/6][5 pkts/487 bytes <-> 5 pkts/571 bytes][Host: www.facebook.com] 13 TCP 216.58.221.10:80 <-> 10.24.82.188:35922 [proto: 7.126/HTTP.Google][7 pkts/392 bytes <-> 7 pkts/392 bytes] 14 TCP 10.24.82.188:42332 <-> 210.103.240.15:443 [proto: 91/SSL][2 pkts/112 bytes <-> 3 pkts/168 bytes] 15 TCP 31.13.68.73:443 <-> 10.24.82.188:47007 [proto: 91.119/SSL.Facebook][2 pkts/139 bytes <-> 2 pkts/112 bytes] - 16 UDP 10.24.82.188:57816 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: VoIP][1 pkts/78 bytes <-> 1 pkts/166 bytes][Host: katalk.kakao.com] - 17 UDP 10.24.82.188:4017 <-> 10.188.1.1:53 [proto: 5.119/DNS.Facebook][cat: SocialNetwork][1 pkts/85 bytes <-> 1 pkts/144 bytes][Host: developers.facebook.com] - 18 UDP 10.24.82.188:19582 <-> 10.188.1.1:53 [proto: 5.119/DNS.Facebook][cat: SocialNetwork][1 pkts/80 bytes <-> 1 pkts/138 bytes][Host: graph.facebook.com] - 19 UDP 10.24.82.188:14650 <-> 10.188.1.1:53 [proto: 5/DNS][cat: Network][1 pkts/87 bytes <-> 1 pkts/130 bytes][Host: 2.97.252.173.in-addr.arpa] - 20 UDP 10.24.82.188:35603 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: VoIP][1 pkts/79 bytes <-> 1 pkts/136 bytes][Host: ac-talk.kakao.com] - 21 UDP 10.24.82.188:41909 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: VoIP][1 pkts/84 bytes <-> 1 pkts/130 bytes][Host: booking.loco.kakao.com] - 22 UDP 10.24.82.188:25117 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: VoIP][1 pkts/82 bytes <-> 1 pkts/126 bytes][Host: up-gp.talk.kakao.com] - 23 UDP 10.24.82.188:5929 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: VoIP][1 pkts/81 bytes <-> 1 pkts/124 bytes][Host: up-p.talk.kakao.com] - 24 UDP 10.24.82.188:9094 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: VoIP][1 pkts/81 bytes <-> 1 pkts/124 bytes][Host: up-v.talk.kakao.com] - 25 UDP 10.24.82.188:12908 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: VoIP][1 pkts/81 bytes <-> 1 pkts/124 bytes][Host: up-m.talk.kakao.com] - 26 UDP 10.24.82.188:29029 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: VoIP][1 pkts/81 bytes <-> 1 pkts/124 bytes][Host: up-a.talk.kakao.com] - 27 UDP 10.24.82.188:56820 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: VoIP][1 pkts/81 bytes <-> 1 pkts/124 bytes][Host: up-c.talk.kakao.com] - 28 UDP 10.24.82.188:61011 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: VoIP][1 pkts/81 bytes <-> 1 pkts/119 bytes][Host: plus-talk.kakao.com] - 29 UDP 10.24.82.188:61011 <-> 10.188.191.1:53 [proto: 5.193/DNS.KakaoTalk][cat: VoIP][1 pkts/81 bytes <-> 1 pkts/119 bytes][Host: plus-talk.kakao.com] - 30 UDP 10.24.82.188:24596 <-> 10.188.1.1:53 [proto: 5.119/DNS.Facebook][cat: SocialNetwork][1 pkts/78 bytes <-> 1 pkts/118 bytes][Host: api.facebook.com] - 31 UDP 10.24.82.188:38448 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: VoIP][1 pkts/76 bytes <-> 1 pkts/114 bytes][Host: auth.kakao.com] - 32 UDP 10.24.82.188:58810 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: VoIP][1 pkts/76 bytes <-> 1 pkts/114 bytes][Host: item.kakao.com] + 16 UDP 10.24.82.188:57816 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: VoIP/10][1 pkts/78 bytes <-> 1 pkts/166 bytes][Host: katalk.kakao.com] + 17 UDP 10.24.82.188:4017 <-> 10.188.1.1:53 [proto: 5.119/DNS.Facebook][cat: SocialNetwork/6][1 pkts/85 bytes <-> 1 pkts/144 bytes][Host: developers.facebook.com] + 18 UDP 10.24.82.188:19582 <-> 10.188.1.1:53 [proto: 5.119/DNS.Facebook][cat: SocialNetwork/6][1 pkts/80 bytes <-> 1 pkts/138 bytes][Host: graph.facebook.com] + 19 UDP 10.24.82.188:14650 <-> 10.188.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/87 bytes <-> 1 pkts/130 bytes][Host: 2.97.252.173.in-addr.arpa] + 20 UDP 10.24.82.188:35603 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: VoIP/10][1 pkts/79 bytes <-> 1 pkts/136 bytes][Host: ac-talk.kakao.com] + 21 UDP 10.24.82.188:41909 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: VoIP/10][1 pkts/84 bytes <-> 1 pkts/130 bytes][Host: booking.loco.kakao.com] + 22 UDP 10.24.82.188:25117 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: VoIP/10][1 pkts/82 bytes <-> 1 pkts/126 bytes][Host: up-gp.talk.kakao.com] + 23 UDP 10.24.82.188:5929 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: VoIP/10][1 pkts/81 bytes <-> 1 pkts/124 bytes][Host: up-p.talk.kakao.com] + 24 UDP 10.24.82.188:9094 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: VoIP/10][1 pkts/81 bytes <-> 1 pkts/124 bytes][Host: up-v.talk.kakao.com] + 25 UDP 10.24.82.188:12908 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: VoIP/10][1 pkts/81 bytes <-> 1 pkts/124 bytes][Host: up-m.talk.kakao.com] + 26 UDP 10.24.82.188:29029 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: VoIP/10][1 pkts/81 bytes <-> 1 pkts/124 bytes][Host: up-a.talk.kakao.com] + 27 UDP 10.24.82.188:56820 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: VoIP/10][1 pkts/81 bytes <-> 1 pkts/124 bytes][Host: up-c.talk.kakao.com] + 28 UDP 10.24.82.188:61011 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: VoIP/10][1 pkts/81 bytes <-> 1 pkts/119 bytes][Host: plus-talk.kakao.com] + 29 UDP 10.24.82.188:61011 <-> 10.188.191.1:53 [proto: 5.193/DNS.KakaoTalk][cat: VoIP/10][1 pkts/81 bytes <-> 1 pkts/119 bytes][Host: plus-talk.kakao.com] + 30 UDP 10.24.82.188:24596 <-> 10.188.1.1:53 [proto: 5.119/DNS.Facebook][cat: SocialNetwork/6][1 pkts/78 bytes <-> 1 pkts/118 bytes][Host: api.facebook.com] + 31 UDP 10.24.82.188:38448 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: VoIP/10][1 pkts/76 bytes <-> 1 pkts/114 bytes][Host: auth.kakao.com] + 32 UDP 10.24.82.188:58810 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: VoIP/10][1 pkts/76 bytes <-> 1 pkts/114 bytes][Host: item.kakao.com] 33 TCP 10.24.82.188:58927 -> 54.255.253.199:5223 [proto: 178/Amazon][2 pkts/181 bytes -> 0 pkts/0 bytes] - 34 UDP 10.24.82.188:43077 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: VoIP][1 pkts/81 bytes <-> 1 pkts/97 bytes][Host: dn-l.talk.kakao.com] + 34 UDP 10.24.82.188:43077 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: VoIP/10][1 pkts/81 bytes <-> 1 pkts/97 bytes][Host: dn-l.talk.kakao.com] 35 TCP 10.24.82.188:34686 -> 173.194.72.188:5228 [proto: 126/Google][1 pkts/164 bytes -> 0 pkts/0 bytes] - 36 ICMP 10.24.82.188:0 -> 10.188.191.1:0 [proto: 81/ICMP][cat: Network][1 pkts/147 bytes -> 0 pkts/0 bytes] + 36 ICMP 10.24.82.188:0 -> 10.188.191.1:0 [proto: 81/ICMP][cat: Network/14][1 pkts/147 bytes -> 0 pkts/0 bytes] 37 TCP 10.24.82.188:49217 -> 216.58.220.174:443 [proto: 91.126/SSL.Google][1 pkts/83 bytes -> 0 pkts/0 bytes] 38 TCP 120.28.26.242:80 -> 10.24.82.188:34503 [proto: 7/HTTP][1 pkts/56 bytes -> 0 pkts/0 bytes] diff --git a/tests/result/KakaoTalk_talk.pcap.out b/tests/result/KakaoTalk_talk.pcap.out index e09fb3eb6..02be47428 100644 --- a/tests/result/KakaoTalk_talk.pcap.out +++ b/tests/result/KakaoTalk_talk.pcap.out @@ -10,20 +10,20 @@ Tor 40 10538 1 Amazon 4 396 1 KakaoTalk_Voice 44 6196 2 - 1 UDP 10.24.82.188:11320 <-> 1.201.1.174:23044 [proto: 87/RTP][cat: VoIP][757 pkts/106335 bytes <-> 746 pkts/93906 bytes] - 2 UDP 10.24.82.188:10268 <-> 1.201.1.174:23046 [proto: 87/RTP][cat: VoIP][746 pkts/93906 bytes <-> 742 pkts/104604 bytes] - 3 TCP 10.24.82.188:58857 <-> 110.76.143.50:9001 [proto: 163/Tor][cat: VPN][22 pkts/5326 bytes <-> 18 pkts/5212 bytes] - 4 TCP 10.24.82.188:32968 <-> 110.76.143.50:8080 [proto: 64/SSL_No_Cert][cat: Web][23 pkts/4380 bytes <-> 22 pkts/5728 bytes] - 5 TCP 10.24.82.188:59954 <-> 173.252.88.128:443 [proto: 64/SSL_No_Cert][cat: Web][15 pkts/2932 bytes <-> 14 pkts/1092 bytes] - 6 UDP 10.24.82.188:10269 <-> 1.201.1.174:23047 [proto: 194/KakaoTalk_Voice][cat: VoIP][12 pkts/1692 bytes <-> 10 pkts/1420 bytes] - 7 UDP 10.24.82.188:11321 <-> 1.201.1.174:23045 [proto: 194/KakaoTalk_Voice][cat: VoIP][11 pkts/1542 bytes <-> 11 pkts/1542 bytes] - 8 TCP 10.24.82.188:48489 <-> 203.205.147.215:80 [proto: 7.48/HTTP.QQ][cat: Chat][8 pkts/1117 bytes <-> 7 pkts/610 bytes][Host: hkminorshort.weixin.qq.com] + 1 UDP 10.24.82.188:11320 <-> 1.201.1.174:23044 [proto: 87/RTP][cat: Media/1][757 pkts/106335 bytes <-> 746 pkts/93906 bytes] + 2 UDP 10.24.82.188:10268 <-> 1.201.1.174:23046 [proto: 87/RTP][cat: Media/1][746 pkts/93906 bytes <-> 742 pkts/104604 bytes] + 3 TCP 10.24.82.188:58857 <-> 110.76.143.50:9001 [proto: 163/Tor][cat: VPN/2][22 pkts/5326 bytes <-> 18 pkts/5212 bytes] + 4 TCP 10.24.82.188:32968 <-> 110.76.143.50:8080 [proto: 64/SSL_No_Cert][cat: Web/5][23 pkts/4380 bytes <-> 22 pkts/5728 bytes] + 5 TCP 10.24.82.188:59954 <-> 173.252.88.128:443 [proto: 64/SSL_No_Cert][cat: Web/5][15 pkts/2932 bytes <-> 14 pkts/1092 bytes] + 6 UDP 10.24.82.188:10269 <-> 1.201.1.174:23047 [proto: 194/KakaoTalk_Voice][cat: VoIP/10][12 pkts/1692 bytes <-> 10 pkts/1420 bytes] + 7 UDP 10.24.82.188:11321 <-> 1.201.1.174:23045 [proto: 194/KakaoTalk_Voice][cat: VoIP/10][11 pkts/1542 bytes <-> 11 pkts/1542 bytes] + 8 TCP 10.24.82.188:48489 <-> 203.205.147.215:80 [proto: 7.48/HTTP.QQ][cat: Chat/9][8 pkts/1117 bytes <-> 7 pkts/610 bytes][Host: hkminorshort.weixin.qq.com] 9 TCP 10.24.82.188:51021 <-> 103.246.57.251:8080 [proto: 131/HTTP_Proxy][6 pkts/543 bytes <-> 5 pkts/945 bytes] 10 TCP 139.150.0.125:443 <-> 10.24.82.188:46947 [proto: 91/SSL][3 pkts/1044 bytes <-> 2 pkts/154 bytes] 11 TCP 10.24.82.188:58916 <-> 54.255.185.236:5222 [proto: 178/Amazon][2 pkts/225 bytes <-> 2 pkts/171 bytes] 12 TCP 10.24.82.188:53974 -> 203.205.151.233:8080 [proto: 131/HTTP_Proxy][5 pkts/350 bytes -> 0 pkts/0 bytes] 13 TCP 120.28.26.242:80 <-> 10.24.82.188:34533 [proto: 7/HTTP][3 pkts/168 bytes <-> 2 pkts/112 bytes] - 14 UDP 10.24.82.188:25223 <-> 10.188.1.1:53 [proto: 5.119/DNS.Facebook][cat: SocialNetwork][1 pkts/79 bytes <-> 1 pkts/118 bytes][Host: mqtt.facebook.com] + 14 UDP 10.24.82.188:25223 <-> 10.188.1.1:53 [proto: 5.119/DNS.Facebook][cat: SocialNetwork/6][1 pkts/79 bytes <-> 1 pkts/118 bytes][Host: mqtt.facebook.com] 15 TCP 10.24.82.188:34686 -> 173.194.72.188:5228 [proto: 126/Google][1 pkts/164 bytes -> 0 pkts/0 bytes] 16 TCP 173.252.88.128:443 -> 10.24.82.188:59912 [proto: 91.119/SSL.Facebook][2 pkts/124 bytes -> 0 pkts/0 bytes] 17 TCP 10.24.82.188:49217 -> 216.58.220.174:443 [proto: 91.126/SSL.Google][1 pkts/83 bytes -> 0 pkts/0 bytes] diff --git a/tests/result/NTPv2.pcap.out b/tests/result/NTPv2.pcap.out index f66ce1f43..a6038a738 100644 --- a/tests/result/NTPv2.pcap.out +++ b/tests/result/NTPv2.pcap.out @@ -1,3 +1,3 @@ NTP 1 410 1 - 1 UDP 208.104.95.10:123 -> 78.46.76.2:80 [proto: 9/NTP][cat: System][1 pkts/410 bytes -> 0 pkts/0 bytes] + 1 UDP 208.104.95.10:123 -> 78.46.76.2:80 [proto: 9/NTP][cat: System/18][1 pkts/410 bytes -> 0 pkts/0 bytes] diff --git a/tests/result/NTPv3.pcap.out b/tests/result/NTPv3.pcap.out index bb8c1a32e..c0ef68243 100644 --- a/tests/result/NTPv3.pcap.out +++ b/tests/result/NTPv3.pcap.out @@ -1,3 +1,3 @@ NTP 1 90 1 - 1 UDP 175.144.140.29:123 -> 78.46.76.2:80 [proto: 9/NTP][cat: System][1 pkts/90 bytes -> 0 pkts/0 bytes] + 1 UDP 175.144.140.29:123 -> 78.46.76.2:80 [proto: 9/NTP][cat: System/18][1 pkts/90 bytes -> 0 pkts/0 bytes] diff --git a/tests/result/NTPv4.pcap.out b/tests/result/NTPv4.pcap.out index 43609d774..606c4787d 100644 --- a/tests/result/NTPv4.pcap.out +++ b/tests/result/NTPv4.pcap.out @@ -1,3 +1,3 @@ NTP 1 90 1 - 1 UDP 85.22.62.120:123 -> 78.46.76.11:123 [proto: 9/NTP][cat: System][1 pkts/90 bytes -> 0 pkts/0 bytes] + 1 UDP 85.22.62.120:123 -> 78.46.76.11:123 [proto: 9/NTP][cat: System/18][1 pkts/90 bytes -> 0 pkts/0 bytes] diff --git a/tests/result/Oscar.pcap.out b/tests/result/Oscar.pcap.out index e7166d465..18053c887 100644 --- a/tests/result/Oscar.pcap.out +++ b/tests/result/Oscar.pcap.out @@ -1,3 +1,3 @@ Oscar 71 9386 1 - 1 TCP 10.30.29.3:63357 <-> 178.237.24.249:443 [proto: 69/Oscar][cat: Chat][38 pkts/3580 bytes <-> 33 pkts/5806 bytes] + 1 TCP 10.30.29.3:63357 <-> 178.237.24.249:443 [proto: 69/Oscar][cat: Chat/9][38 pkts/3580 bytes <-> 33 pkts/5806 bytes] diff --git a/tests/result/ajp.pcap.out b/tests/result/ajp.pcap.out index ceac25731..dcb4fa500 100644 --- a/tests/result/ajp.pcap.out +++ b/tests/result/ajp.pcap.out @@ -1,8 +1,8 @@ Unknown 6 2200 2 AJP 26 4446 2 - 1 TCP 172.29.9.146:38856 <-> 172.29.9.147:8009 [VLAN: 7][proto: 139/AJP][cat: Web][7 pkts/1554 bytes <-> 6 pkts/669 bytes] - 2 TCP 172.29.9.146:38856 <-> 172.29.9.147:8010 [VLAN: 7][proto: 139/AJP][cat: Web][7 pkts/1554 bytes <-> 6 pkts/669 bytes] + 1 TCP 172.29.9.146:38856 <-> 172.29.9.147:8009 [VLAN: 7][proto: 139/AJP][cat: Web/5][7 pkts/1554 bytes <-> 6 pkts/669 bytes] + 2 TCP 172.29.9.146:38856 <-> 172.29.9.147:8010 [VLAN: 7][proto: 139/AJP][cat: Web/5][7 pkts/1554 bytes <-> 6 pkts/669 bytes] Undetected flows: diff --git a/tests/result/amqp.pcap.out b/tests/result/amqp.pcap.out index 21aaa55e7..ac54b0e25 100644 --- a/tests/result/amqp.pcap.out +++ b/tests/result/amqp.pcap.out @@ -1,5 +1,5 @@ AMQP 160 23514 3 - 1 TCP 127.0.0.1:44205 <-> 127.0.1.1:5672 [proto: 192/AMQP][cat: RPC][54 pkts/10859 bytes <-> 54 pkts/3564 bytes] - 2 TCP 127.0.1.1:5672 <-> 127.0.0.1:44204 [proto: 192/AMQP][cat: RPC][13 pkts/4327 bytes <-> 9 pkts/699 bytes] - 3 TCP 127.0.0.1:44206 <-> 127.0.1.1:5672 [proto: 192/AMQP][cat: RPC][15 pkts/3075 bytes <-> 15 pkts/990 bytes] + 1 TCP 127.0.0.1:44205 <-> 127.0.1.1:5672 [proto: 192/AMQP][cat: RPC/16][54 pkts/10859 bytes <-> 54 pkts/3564 bytes] + 2 TCP 127.0.1.1:5672 <-> 127.0.0.1:44204 [proto: 192/AMQP][cat: RPC/16][13 pkts/4327 bytes <-> 9 pkts/699 bytes] + 3 TCP 127.0.0.1:44206 <-> 127.0.1.1:5672 [proto: 192/AMQP][cat: RPC/16][15 pkts/3075 bytes <-> 15 pkts/990 bytes] diff --git a/tests/result/bittorrent.pcap.out b/tests/result/bittorrent.pcap.out index a4c055bc7..b549e5eab 100644 --- a/tests/result/bittorrent.pcap.out +++ b/tests/result/bittorrent.pcap.out @@ -1,26 +1,26 @@ BitTorrent 299 305728 24 - 1 TCP 192.168.1.3:52915 <-> 198.100.146.9:60163 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing][17 pkts/2745 bytes <-> 193 pkts/282394 bytes][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126] - 2 TCP 192.168.1.3:52895 <-> 83.216.184.241:51413 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing][4 pkts/583 bytes <-> 4 pkts/975 bytes][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126] - 3 TCP 192.168.1.3:52914 <-> 190.103.195.56:46633 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing][4 pkts/640 bytes <-> 3 pkts/910 bytes][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126] - 4 TCP 192.168.1.3:52907 <-> 82.58.216.115:38305 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing][2 pkts/583 bytes <-> 2 pkts/818 bytes][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126] - 5 TCP 192.168.1.3:52927 <-> 83.216.184.241:51413 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing][3 pkts/582 bytes <-> 2 pkts/796 bytes][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126] - 6 TCP 192.168.1.3:52897 <-> 151.26.95.30:22673 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing][3 pkts/510 bytes <-> 2 pkts/771 bytes][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126] - 7 TCP 192.168.1.3:52903 <-> 198.100.146.9:60163 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing][3 pkts/410 bytes <-> 3 pkts/851 bytes][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126] - 8 TCP 192.168.1.3:52917 <-> 151.15.48.189:47001 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing][3 pkts/455 bytes <-> 2 pkts/771 bytes][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126] - 9 TCP 192.168.1.3:52911 <-> 151.26.95.30:22673 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing][3 pkts/442 bytes <-> 2 pkts/771 bytes][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126] - 10 TCP 192.168.1.3:52921 <-> 95.234.159.16:41205 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing][3 pkts/440 bytes <-> 2 pkts/772 bytes][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126] - 11 TCP 192.168.1.3:52906 <-> 82.57.97.83:53137 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing][3 pkts/434 bytes <-> 2 pkts/771 bytes][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126] - 12 TCP 192.168.1.3:52922 <-> 95.237.193.34:11321 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing][3 pkts/434 bytes <-> 2 pkts/771 bytes][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126] - 13 TCP 192.168.1.3:52887 <-> 82.57.97.83:53137 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing][3 pkts/430 bytes <-> 2 pkts/771 bytes][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126] - 14 TCP 192.168.1.3:52896 <-> 79.53.228.2:14627 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing][3 pkts/409 bytes <-> 2 pkts/771 bytes][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126] - 15 TCP 192.168.1.3:52926 <-> 93.65.249.100:31336 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing][1 pkts/134 bytes <-> 2 pkts/796 bytes][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126] - 16 TCP 192.168.1.3:52888 <-> 82.58.216.115:38305 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing][1 pkts/134 bytes <-> 1 pkts/624 bytes][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126] - 17 TCP 192.168.1.3:52902 <-> 190.103.195.56:46633 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing][2 pkts/349 bytes <-> 2 pkts/265 bytes][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126] - 18 TCP 192.168.1.3:52912 <-> 151.72.255.163:59928 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing][3 pkts/455 bytes <-> 1 pkts/157 bytes][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126] - 19 TCP 192.168.1.3:52893 -> 79.55.129.22:12097 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing][1 pkts/134 bytes -> 0 pkts/0 bytes][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126] - 20 TCP 192.168.1.3:52894 -> 120.62.33.241:39332 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing][1 pkts/134 bytes -> 0 pkts/0 bytes][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126] - 21 TCP 192.168.1.3:52908 -> 79.55.129.22:12097 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing][1 pkts/134 bytes -> 0 pkts/0 bytes][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126] - 22 TCP 192.168.1.3:52909 -> 79.53.228.2:14627 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing][1 pkts/134 bytes -> 0 pkts/0 bytes][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126] - 23 TCP 192.168.1.3:52910 -> 120.62.33.241:39332 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing][1 pkts/134 bytes -> 0 pkts/0 bytes][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126] - 24 TCP 192.168.1.3:52925 -> 93.65.227.100:19116 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing][1 pkts/134 bytes -> 0 pkts/0 bytes][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126] + 1 TCP 192.168.1.3:52915 <-> 198.100.146.9:60163 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][17 pkts/2745 bytes <-> 193 pkts/282394 bytes][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126] + 2 TCP 192.168.1.3:52895 <-> 83.216.184.241:51413 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][4 pkts/583 bytes <-> 4 pkts/975 bytes][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126] + 3 TCP 192.168.1.3:52914 <-> 190.103.195.56:46633 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][4 pkts/640 bytes <-> 3 pkts/910 bytes][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126] + 4 TCP 192.168.1.3:52907 <-> 82.58.216.115:38305 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][2 pkts/583 bytes <-> 2 pkts/818 bytes][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126] + 5 TCP 192.168.1.3:52927 <-> 83.216.184.241:51413 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][3 pkts/582 bytes <-> 2 pkts/796 bytes][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126] + 6 TCP 192.168.1.3:52897 <-> 151.26.95.30:22673 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][3 pkts/510 bytes <-> 2 pkts/771 bytes][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126] + 7 TCP 192.168.1.3:52903 <-> 198.100.146.9:60163 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][3 pkts/410 bytes <-> 3 pkts/851 bytes][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126] + 8 TCP 192.168.1.3:52917 <-> 151.15.48.189:47001 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][3 pkts/455 bytes <-> 2 pkts/771 bytes][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126] + 9 TCP 192.168.1.3:52911 <-> 151.26.95.30:22673 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][3 pkts/442 bytes <-> 2 pkts/771 bytes][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126] + 10 TCP 192.168.1.3:52921 <-> 95.234.159.16:41205 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][3 pkts/440 bytes <-> 2 pkts/772 bytes][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126] + 11 TCP 192.168.1.3:52906 <-> 82.57.97.83:53137 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][3 pkts/434 bytes <-> 2 pkts/771 bytes][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126] + 12 TCP 192.168.1.3:52922 <-> 95.237.193.34:11321 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][3 pkts/434 bytes <-> 2 pkts/771 bytes][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126] + 13 TCP 192.168.1.3:52887 <-> 82.57.97.83:53137 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][3 pkts/430 bytes <-> 2 pkts/771 bytes][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126] + 14 TCP 192.168.1.3:52896 <-> 79.53.228.2:14627 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][3 pkts/409 bytes <-> 2 pkts/771 bytes][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126] + 15 TCP 192.168.1.3:52926 <-> 93.65.249.100:31336 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][1 pkts/134 bytes <-> 2 pkts/796 bytes][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126] + 16 TCP 192.168.1.3:52888 <-> 82.58.216.115:38305 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][1 pkts/134 bytes <-> 1 pkts/624 bytes][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126] + 17 TCP 192.168.1.3:52902 <-> 190.103.195.56:46633 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][2 pkts/349 bytes <-> 2 pkts/265 bytes][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126] + 18 TCP 192.168.1.3:52912 <-> 151.72.255.163:59928 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][3 pkts/455 bytes <-> 1 pkts/157 bytes][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126] + 19 TCP 192.168.1.3:52893 -> 79.55.129.22:12097 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][1 pkts/134 bytes -> 0 pkts/0 bytes][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126] + 20 TCP 192.168.1.3:52894 -> 120.62.33.241:39332 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][1 pkts/134 bytes -> 0 pkts/0 bytes][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126] + 21 TCP 192.168.1.3:52908 -> 79.55.129.22:12097 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][1 pkts/134 bytes -> 0 pkts/0 bytes][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126] + 22 TCP 192.168.1.3:52909 -> 79.53.228.2:14627 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][1 pkts/134 bytes -> 0 pkts/0 bytes][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126] + 23 TCP 192.168.1.3:52910 -> 120.62.33.241:39332 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][1 pkts/134 bytes -> 0 pkts/0 bytes][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126] + 24 TCP 192.168.1.3:52925 -> 93.65.227.100:19116 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][1 pkts/134 bytes -> 0 pkts/0 bytes][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126] diff --git a/tests/result/bittorrent_utp.pcap.out b/tests/result/bittorrent_utp.pcap.out index 7ac4aab03..ece7be47f 100644 --- a/tests/result/bittorrent_utp.pcap.out +++ b/tests/result/bittorrent_utp.pcap.out @@ -1,3 +1,3 @@ BitTorrent 86 41489 1 - 1 UDP 82.243.113.43:64969 <-> 192.168.1.5:40959 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing][47 pkts/36653 bytes <-> 39 pkts/4836 bytes] + 1 UDP 82.243.113.43:64969 <-> 192.168.1.5:40959 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][47 pkts/36653 bytes <-> 39 pkts/4836 bytes] diff --git a/tests/result/bt_search.pcap.out b/tests/result/bt_search.pcap.out index b9223217a..36c5b049e 100644 --- a/tests/result/bt_search.pcap.out +++ b/tests/result/bt_search.pcap.out @@ -1,3 +1,3 @@ BitTorrent 2 322 1 - 1 UDP 192.168.0.102:6771 -> 239.192.152.143:6771 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing][2 pkts/322 bytes -> 0 pkts/0 bytes] + 1 UDP 192.168.0.102:6771 -> 239.192.152.143:6771 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][2 pkts/322 bytes -> 0 pkts/0 bytes] diff --git a/tests/result/check_mk_new.pcap.out b/tests/result/check_mk_new.pcap.out index 8c0e21557..631a236c2 100644 --- a/tests/result/check_mk_new.pcap.out +++ b/tests/result/check_mk_new.pcap.out @@ -1,3 +1,3 @@ CHECKMK 98 20242 1 - 1 TCP 192.168.100.22:58998 <-> 192.168.100.50:6556 [proto: 138/CHECKMK][cat: DataTransfer][49 pkts/3242 bytes <-> 49 pkts/17000 bytes] + 1 TCP 192.168.100.22:58998 <-> 192.168.100.50:6556 [proto: 138/CHECKMK][cat: DataTransfer/4][49 pkts/3242 bytes <-> 49 pkts/17000 bytes] diff --git a/tests/result/coap_mqtt.pcap.out b/tests/result/coap_mqtt.pcap.out index d57d6e77a..20d676291 100644 --- a/tests/result/coap_mqtt.pcap.out +++ b/tests/result/coap_mqtt.pcap.out @@ -2,19 +2,19 @@ COAP 19 1614 8 Dropbox 800 80676 4 MQTT 7695 668291 4 - 1 TCP 192.168.56.1:53528 <-> 192.168.56.101:17501 [proto: 222/MQTT][cat: RPC][924 pkts/77180 bytes <-> 1004 pkts/90329 bytes] - 2 TCP 192.168.56.1:53523 <-> 192.168.56.101:17501 [proto: 222/MQTT][cat: RPC][918 pkts/76692 bytes <-> 1008 pkts/90434 bytes] - 3 TCP 192.168.56.1:53522 <-> 192.168.56.101:17501 [proto: 222/MQTT][cat: RPC][921 pkts/76872 bytes <-> 1001 pkts/90056 bytes] - 4 TCP 192.168.56.101:17501 <-> 192.168.56.1:53524 [proto: 222/MQTT][cat: RPC][1005 pkts/90274 bytes <-> 914 pkts/76454 bytes] + 1 TCP 192.168.56.1:53528 <-> 192.168.56.101:17501 [proto: 222/MQTT][cat: RPC/16][924 pkts/77180 bytes <-> 1004 pkts/90329 bytes] + 2 TCP 192.168.56.1:53523 <-> 192.168.56.101:17501 [proto: 222/MQTT][cat: RPC/16][918 pkts/76692 bytes <-> 1008 pkts/90434 bytes] + 3 TCP 192.168.56.1:53522 <-> 192.168.56.101:17501 [proto: 222/MQTT][cat: RPC/16][921 pkts/76872 bytes <-> 1001 pkts/90056 bytes] + 4 TCP 192.168.56.101:17501 <-> 192.168.56.1:53524 [proto: 222/MQTT][cat: RPC/16][1005 pkts/90274 bytes <-> 914 pkts/76454 bytes] 5 UDP 192.168.56.1:50318 <-> 192.168.56.101:17500 [proto: 121/Dropbox][100 pkts/13960 bytes <-> 100 pkts/6260 bytes] 6 UDP 192.168.56.1:50312 <-> 192.168.56.101:17500 [proto: 121/Dropbox][100 pkts/13947 bytes <-> 100 pkts/6247 bytes] 7 UDP 192.168.56.1:50319 <-> 192.168.56.101:17500 [proto: 121/Dropbox][100 pkts/13921 bytes <-> 100 pkts/6221 bytes] 8 UDP 192.168.56.1:50311 <-> 192.168.56.101:17500 [proto: 121/Dropbox][100 pkts/13910 bytes <-> 100 pkts/6210 bytes] - 9 UDP [bbbb::1]:46819 <-> [bbbb::3]:5683 [proto: 27/COAP][cat: RPC][3 pkts/262 bytes <-> 3 pkts/205 bytes] - 10 UDP [bbbb::1]:33499 <-> [bbbb::3]:5683 [proto: 27/COAP][cat: RPC][2 pkts/147 bytes <-> 2 pkts/257 bytes] - 11 UDP [bbbb::1]:50250 <-> [bbbb::3]:5683 [proto: 27/COAP][cat: RPC][2 pkts/158 bytes <-> 2 pkts/151 bytes] - 12 UDP [2001:da8:215:1171:a10b:cb48:8f83:57f6]:61047 -> [2001:620:8:35d9::10]:5683 [proto: 27/COAP][cat: RPC][1 pkts/90 bytes -> 0 pkts/0 bytes] - 13 UDP [2001:da8:215:1171:a10b:cb48:8f83:57f6]:61043 -> [2001:620:8:35d9::10]:5683 [proto: 27/COAP][cat: RPC][1 pkts/86 bytes -> 0 pkts/0 bytes] - 14 UDP [2001:da8:215:1171:a10b:cb48:8f83:57f6]:61044 -> [2001:620:8:35d9::10]:5683 [proto: 27/COAP][cat: RPC][1 pkts/86 bytes -> 0 pkts/0 bytes] - 15 UDP [2001:da8:215:1171:a10b:cb48:8f83:57f6]:61045 -> [2001:620:8:35d9::10]:5683 [proto: 27/COAP][cat: RPC][1 pkts/86 bytes -> 0 pkts/0 bytes] - 16 UDP [2001:da8:215:1171:a10b:cb48:8f83:57f6]:61046 -> [2001:620:8:35d9::10]:5683 [proto: 27/COAP][cat: RPC][1 pkts/86 bytes -> 0 pkts/0 bytes] + 9 UDP [bbbb::1]:46819 <-> [bbbb::3]:5683 [proto: 27/COAP][cat: RPC/16][3 pkts/262 bytes <-> 3 pkts/205 bytes] + 10 UDP [bbbb::1]:33499 <-> [bbbb::3]:5683 [proto: 27/COAP][cat: RPC/16][2 pkts/147 bytes <-> 2 pkts/257 bytes] + 11 UDP [bbbb::1]:50250 <-> [bbbb::3]:5683 [proto: 27/COAP][cat: RPC/16][2 pkts/158 bytes <-> 2 pkts/151 bytes] + 12 UDP [2001:da8:215:1171:a10b:cb48:8f83:57f6]:61047 -> [2001:620:8:35d9::10]:5683 [proto: 27/COAP][cat: RPC/16][1 pkts/90 bytes -> 0 pkts/0 bytes] + 13 UDP [2001:da8:215:1171:a10b:cb48:8f83:57f6]:61043 -> [2001:620:8:35d9::10]:5683 [proto: 27/COAP][cat: RPC/16][1 pkts/86 bytes -> 0 pkts/0 bytes] + 14 UDP [2001:da8:215:1171:a10b:cb48:8f83:57f6]:61044 -> [2001:620:8:35d9::10]:5683 [proto: 27/COAP][cat: RPC/16][1 pkts/86 bytes -> 0 pkts/0 bytes] + 15 UDP [2001:da8:215:1171:a10b:cb48:8f83:57f6]:61045 -> [2001:620:8:35d9::10]:5683 [proto: 27/COAP][cat: RPC/16][1 pkts/86 bytes -> 0 pkts/0 bytes] + 16 UDP [2001:da8:215:1171:a10b:cb48:8f83:57f6]:61046 -> [2001:620:8:35d9::10]:5683 [proto: 27/COAP][cat: RPC/16][1 pkts/86 bytes -> 0 pkts/0 bytes] diff --git a/tests/result/dnscrypt.pcap.out b/tests/result/dnscrypt.pcap.out index b70c1f23e..9ab60cc4e 100644 --- a/tests/result/dnscrypt.pcap.out +++ b/tests/result/dnscrypt.pcap.out @@ -1,6 +1,6 @@ DNScrypt 111 44676 4 - 1 TCP 192.168.43.167:50233 <-> 134.119.26.24:443 [proto: 91.208/SSL.DNScrypt][cat: Network][18 pkts/1788 bytes <-> 21 pkts/14580 bytes][client: simplednscrypt.org] - 2 TCP 192.168.43.167:50259 <-> 134.119.26.24:443 [proto: 91.208/SSL.DNScrypt][cat: Network][18 pkts/1988 bytes <-> 18 pkts/9290 bytes][client: simplednscrypt.org] - 3 TCP 192.168.43.167:50253 <-> 134.119.26.24:443 [proto: 91.208/SSL.DNScrypt][cat: Network][8 pkts/780 bytes <-> 10 pkts/7735 bytes][client: simplednscrypt.org] - 4 TCP 192.168.43.167:50258 <-> 134.119.26.24:443 [proto: 91.208/SSL.DNScrypt][cat: Network][8 pkts/780 bytes <-> 10 pkts/7735 bytes][client: simplednscrypt.org] + 1 TCP 192.168.43.167:50233 <-> 134.119.26.24:443 [proto: 91.208/SSL.DNScrypt][cat: Network/14][18 pkts/1788 bytes <-> 21 pkts/14580 bytes][client: simplednscrypt.org] + 2 TCP 192.168.43.167:50259 <-> 134.119.26.24:443 [proto: 91.208/SSL.DNScrypt][cat: Network/14][18 pkts/1988 bytes <-> 18 pkts/9290 bytes][client: simplednscrypt.org] + 3 TCP 192.168.43.167:50253 <-> 134.119.26.24:443 [proto: 91.208/SSL.DNScrypt][cat: Network/14][8 pkts/780 bytes <-> 10 pkts/7735 bytes][client: simplednscrypt.org] + 4 TCP 192.168.43.167:50258 <-> 134.119.26.24:443 [proto: 91.208/SSL.DNScrypt][cat: Network/14][8 pkts/780 bytes <-> 10 pkts/7735 bytes][client: simplednscrypt.org] diff --git a/tests/result/drda_db2.pcap.out b/tests/result/drda_db2.pcap.out index e8525a243..37d94f77e 100644 --- a/tests/result/drda_db2.pcap.out +++ b/tests/result/drda_db2.pcap.out @@ -1,3 +1,3 @@ DRDA 38 6691 1 - 1 TCP 192.168.106.1:4847 <-> 192.168.106.128:50000 [proto: 227/DRDA][cat: Database][20 pkts/3169 bytes <-> 18 pkts/3522 bytes] + 1 TCP 192.168.106.1:4847 <-> 192.168.106.128:50000 [proto: 227/DRDA][cat: Database/11][20 pkts/3169 bytes <-> 18 pkts/3522 bytes] diff --git a/tests/result/dropbox.pcap.out b/tests/result/dropbox.pcap.out index ae71381ed..4ba0e0e02 100644 --- a/tests/result/dropbox.pcap.out +++ b/tests/result/dropbox.pcap.out @@ -2,42 +2,42 @@ MDNS 16 1648 1 SSDP 140 61108 22 Dropbox 1104 246122 16 - 1 TCP 192.168.1.105:44949 <-> 54.240.174.31:443 [proto: 91.121/SSL.Dropbox][cat: Cloud][64 pkts/12228 bytes <-> 74 pkts/85074 bytes][client: client-cf.dropbox.com][server: client-cf.dropbox.com] - 2 TCP 192.168.1.105:47747 <-> 108.160.172.225:443 [proto: 91.121/SSL.Dropbox][cat: Cloud][28 pkts/12486 bytes <-> 26 pkts/14946 bytes][client: d.dropbox.com] + 1 TCP 192.168.1.105:44949 <-> 54.240.174.31:443 [proto: 91.121/SSL.Dropbox][cat: Cloud/13][64 pkts/12228 bytes <-> 74 pkts/85074 bytes][client: client-cf.dropbox.com][server: client-cf.dropbox.com] + 2 TCP 192.168.1.105:47747 <-> 108.160.172.225:443 [proto: 91.121/SSL.Dropbox][cat: Cloud/13][28 pkts/12486 bytes <-> 26 pkts/14946 bytes][client: d.dropbox.com] 3 UDP 192.168.56.1:50318 <-> 192.168.56.101:17500 [proto: 121/Dropbox][100 pkts/13960 bytes <-> 100 pkts/6260 bytes] 4 UDP 192.168.56.1:50312 <-> 192.168.56.101:17500 [proto: 121/Dropbox][100 pkts/13947 bytes <-> 100 pkts/6247 bytes] 5 UDP 192.168.56.1:50319 <-> 192.168.56.101:17500 [proto: 121/Dropbox][100 pkts/13921 bytes <-> 100 pkts/6221 bytes] 6 UDP 192.168.56.1:50311 <-> 192.168.56.101:17500 [proto: 121/Dropbox][100 pkts/13910 bytes <-> 100 pkts/6210 bytes] - 7 UDP 192.168.1.254:50828 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System][44 pkts/19936 bytes -> 0 pkts/0 bytes] - 8 TCP 192.168.1.105:59975 <-> 108.160.172.204:443 [proto: 91.121/SSL.Dropbox][cat: Cloud][18 pkts/3562 bytes <-> 16 pkts/14464 bytes][client: client.dropbox.com][server: *.dropbox.com] - 9 TCP 192.168.1.105:46394 <-> 162.125.17.131:443 [proto: 91.121/SSL.Dropbox][cat: Cloud][12 pkts/2338 bytes <-> 10 pkts/9054 bytes][client: notify.dropbox.com][server: *.dropbox.com] - 10 TCP 192.168.1.105:36226 <-> 108.160.172.195:80 [proto: 7.121/HTTP.Dropbox][cat: Cloud][10 pkts/2170 bytes <-> 10 pkts/1758 bytes][Host: log.getdropbox.com] - 11 UDP 192.168.1.101:1650 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System][6 pkts/2836 bytes -> 0 pkts/0 bytes] - 12 UDP 192.168.1.101:2141 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System][6 pkts/2836 bytes -> 0 pkts/0 bytes] - 13 UDP 192.168.1.101:2873 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System][6 pkts/2836 bytes -> 0 pkts/0 bytes] - 14 UDP 192.168.1.101:3412 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System][6 pkts/2836 bytes -> 0 pkts/0 bytes] - 15 UDP 192.168.1.101:3547 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System][6 pkts/2836 bytes -> 0 pkts/0 bytes] - 16 UDP 192.168.1.101:3959 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System][6 pkts/2836 bytes -> 0 pkts/0 bytes] - 17 UDP 192.168.1.101:4169 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System][6 pkts/2836 bytes -> 0 pkts/0 bytes] - 18 UDP 192.168.1.101:4171 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System][6 pkts/2836 bytes -> 0 pkts/0 bytes] - 19 UDP 192.168.1.101:4625 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System][6 pkts/2836 bytes -> 0 pkts/0 bytes] - 20 UDP 192.168.1.101:4974 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System][6 pkts/2836 bytes -> 0 pkts/0 bytes] - 21 UDP 192.168.1.106:57268 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System][16 pkts/2632 bytes -> 0 pkts/0 bytes] - 22 UDP 192.168.1.106:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network][16 pkts/1648 bytes -> 0 pkts/0 bytes] - 23 UDP 192.168.1.105:17500 -> 192.168.1.255:17500 [proto: 121/Dropbox][cat: Cloud][6 pkts/1422 bytes -> 0 pkts/0 bytes] - 24 UDP 192.168.1.105:17500 -> 255.255.255.255:17500 [proto: 121/Dropbox][cat: Cloud][6 pkts/1422 bytes -> 0 pkts/0 bytes] - 25 UDP 192.168.1.105:36173 <-> 192.168.1.254:53 [proto: 5.121/DNS.Dropbox][cat: Cloud][4 pkts/312 bytes <-> 4 pkts/1078 bytes][Host: log.getdropbox.com] - 26 UDP 192.168.1.101:1280 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System][2 pkts/1018 bytes -> 0 pkts/0 bytes] - 27 UDP 192.168.1.101:1346 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System][2 pkts/1018 bytes -> 0 pkts/0 bytes] - 28 UDP 192.168.1.101:1908 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System][2 pkts/1018 bytes -> 0 pkts/0 bytes] - 29 UDP 192.168.1.101:2159 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System][2 pkts/1018 bytes -> 0 pkts/0 bytes] - 30 UDP 192.168.1.101:2169 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System][2 pkts/1018 bytes -> 0 pkts/0 bytes] - 31 UDP 192.168.1.101:2544 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System][2 pkts/1018 bytes -> 0 pkts/0 bytes] - 32 UDP 192.168.1.101:2604 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System][2 pkts/1018 bytes -> 0 pkts/0 bytes] - 33 UDP 192.168.1.101:2991 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System][2 pkts/1018 bytes -> 0 pkts/0 bytes] - 34 UDP 192.168.1.101:3731 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System][2 pkts/1018 bytes -> 0 pkts/0 bytes] - 35 UDP 192.168.1.101:3777 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System][2 pkts/1018 bytes -> 0 pkts/0 bytes] - 36 UDP 192.168.1.105:55407 <-> 192.168.1.254:53 [proto: 5.121/DNS.Dropbox][cat: Cloud][2 pkts/156 bytes <-> 2 pkts/666 bytes][Host: client.dropbox.com] - 37 UDP 192.168.1.105:50789 <-> 192.168.1.254:53 [proto: 5.121/DNS.Dropbox][cat: Cloud][2 pkts/146 bytes <-> 2 pkts/646 bytes][Host: d.dropbox.com] - 38 UDP 192.168.1.105:49112 <-> 192.168.1.254:53 [proto: 5.121/DNS.Dropbox][cat: Cloud][2 pkts/162 bytes <-> 2 pkts/612 bytes][Host: client-cf.dropbox.com] - 39 UDP 192.168.1.105:33189 <-> 192.168.1.254:53 [proto: 5.121/DNS.Dropbox][cat: Cloud][2 pkts/156 bytes <-> 2 pkts/588 bytes][Host: notify.dropbox.com] + 7 UDP 192.168.1.254:50828 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][44 pkts/19936 bytes -> 0 pkts/0 bytes] + 8 TCP 192.168.1.105:59975 <-> 108.160.172.204:443 [proto: 91.121/SSL.Dropbox][cat: Cloud/13][18 pkts/3562 bytes <-> 16 pkts/14464 bytes][client: client.dropbox.com][server: *.dropbox.com] + 9 TCP 192.168.1.105:46394 <-> 162.125.17.131:443 [proto: 91.121/SSL.Dropbox][cat: Cloud/13][12 pkts/2338 bytes <-> 10 pkts/9054 bytes][client: notify.dropbox.com][server: *.dropbox.com] + 10 TCP 192.168.1.105:36226 <-> 108.160.172.195:80 [proto: 7.121/HTTP.Dropbox][cat: Cloud/13][10 pkts/2170 bytes <-> 10 pkts/1758 bytes][Host: log.getdropbox.com] + 11 UDP 192.168.1.101:1650 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][6 pkts/2836 bytes -> 0 pkts/0 bytes] + 12 UDP 192.168.1.101:2141 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][6 pkts/2836 bytes -> 0 pkts/0 bytes] + 13 UDP 192.168.1.101:2873 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][6 pkts/2836 bytes -> 0 pkts/0 bytes] + 14 UDP 192.168.1.101:3412 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][6 pkts/2836 bytes -> 0 pkts/0 bytes] + 15 UDP 192.168.1.101:3547 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][6 pkts/2836 bytes -> 0 pkts/0 bytes] + 16 UDP 192.168.1.101:3959 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][6 pkts/2836 bytes -> 0 pkts/0 bytes] + 17 UDP 192.168.1.101:4169 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][6 pkts/2836 bytes -> 0 pkts/0 bytes] + 18 UDP 192.168.1.101:4171 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][6 pkts/2836 bytes -> 0 pkts/0 bytes] + 19 UDP 192.168.1.101:4625 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][6 pkts/2836 bytes -> 0 pkts/0 bytes] + 20 UDP 192.168.1.101:4974 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][6 pkts/2836 bytes -> 0 pkts/0 bytes] + 21 UDP 192.168.1.106:57268 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][16 pkts/2632 bytes -> 0 pkts/0 bytes] + 22 UDP 192.168.1.106:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network/14][16 pkts/1648 bytes -> 0 pkts/0 bytes] + 23 UDP 192.168.1.105:17500 -> 192.168.1.255:17500 [proto: 121/Dropbox][cat: Cloud/13][6 pkts/1422 bytes -> 0 pkts/0 bytes] + 24 UDP 192.168.1.105:17500 -> 255.255.255.255:17500 [proto: 121/Dropbox][cat: Cloud/13][6 pkts/1422 bytes -> 0 pkts/0 bytes] + 25 UDP 192.168.1.105:36173 <-> 192.168.1.254:53 [proto: 5.121/DNS.Dropbox][cat: Cloud/13][4 pkts/312 bytes <-> 4 pkts/1078 bytes][Host: log.getdropbox.com] + 26 UDP 192.168.1.101:1280 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][2 pkts/1018 bytes -> 0 pkts/0 bytes] + 27 UDP 192.168.1.101:1346 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][2 pkts/1018 bytes -> 0 pkts/0 bytes] + 28 UDP 192.168.1.101:1908 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][2 pkts/1018 bytes -> 0 pkts/0 bytes] + 29 UDP 192.168.1.101:2159 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][2 pkts/1018 bytes -> 0 pkts/0 bytes] + 30 UDP 192.168.1.101:2169 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][2 pkts/1018 bytes -> 0 pkts/0 bytes] + 31 UDP 192.168.1.101:2544 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][2 pkts/1018 bytes -> 0 pkts/0 bytes] + 32 UDP 192.168.1.101:2604 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][2 pkts/1018 bytes -> 0 pkts/0 bytes] + 33 UDP 192.168.1.101:2991 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][2 pkts/1018 bytes -> 0 pkts/0 bytes] + 34 UDP 192.168.1.101:3731 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][2 pkts/1018 bytes -> 0 pkts/0 bytes] + 35 UDP 192.168.1.101:3777 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][2 pkts/1018 bytes -> 0 pkts/0 bytes] + 36 UDP 192.168.1.105:55407 <-> 192.168.1.254:53 [proto: 5.121/DNS.Dropbox][cat: Cloud/13][2 pkts/156 bytes <-> 2 pkts/666 bytes][Host: client.dropbox.com] + 37 UDP 192.168.1.105:50789 <-> 192.168.1.254:53 [proto: 5.121/DNS.Dropbox][cat: Cloud/13][2 pkts/146 bytes <-> 2 pkts/646 bytes][Host: d.dropbox.com] + 38 UDP 192.168.1.105:49112 <-> 192.168.1.254:53 [proto: 5.121/DNS.Dropbox][cat: Cloud/13][2 pkts/162 bytes <-> 2 pkts/612 bytes][Host: client-cf.dropbox.com] + 39 UDP 192.168.1.105:33189 <-> 192.168.1.254:53 [proto: 5.121/DNS.Dropbox][cat: Cloud/13][2 pkts/156 bytes <-> 2 pkts/588 bytes][Host: notify.dropbox.com] diff --git a/tests/result/facebook.pcap.out b/tests/result/facebook.pcap.out index 8e22a431b..b34851e55 100644 --- a/tests/result/facebook.pcap.out +++ b/tests/result/facebook.pcap.out @@ -1,4 +1,4 @@ Facebook 60 30511 2 - 1 TCP 192.168.43.18:44614 <-> 31.13.86.36:443 [proto: 91.119/SSL.Facebook][cat: SocialNetwork][19 pkts/2664 bytes <-> 22 pkts/22102 bytes][client: www.facebook.com] - 2 TCP 192.168.43.18:52066 <-> 66.220.156.68:443 [proto: 91.119/SSL.Facebook][cat: SocialNetwork][9 pkts/1345 bytes <-> 10 pkts/4400 bytes][client: facebook.com][server: *.facebook.com] + 1 TCP 192.168.43.18:44614 <-> 31.13.86.36:443 [proto: 91.119/SSL.Facebook][cat: SocialNetwork/6][19 pkts/2664 bytes <-> 22 pkts/22102 bytes][client: www.facebook.com] + 2 TCP 192.168.43.18:52066 <-> 66.220.156.68:443 [proto: 91.119/SSL.Facebook][cat: SocialNetwork/6][9 pkts/1345 bytes <-> 10 pkts/4400 bytes][client: facebook.com][server: *.facebook.com] diff --git a/tests/result/fix.pcap.out b/tests/result/fix.pcap.out index e8eae565a..1e2e57896 100644 --- a/tests/result/fix.pcap.out +++ b/tests/result/fix.pcap.out @@ -1,14 +1,14 @@ FIX 1261 115514 12 - 1 TCP 208.245.107.3:4000 <-> 192.168.0.20:45578 [proto: 230/FIX][cat: RPC][228 pkts/26333 bytes <-> 228 pkts/13920 bytes] - 2 TCP 8.17.22.31:4000 <-> 192.168.0.20:47968 [proto: 230/FIX][cat: RPC][201 pkts/21246 bytes <-> 200 pkts/13460 bytes] - 3 TCP 8.17.22.31:4000 <-> 192.168.0.20:43594 [proto: 230/FIX][cat: RPC][111 pkts/16881 bytes <-> 111 pkts/7680 bytes] - 4 TCP 208.245.107.3:4000 <-> 192.168.0.20:45584 [proto: 230/FIX][cat: RPC][35 pkts/3022 bytes <-> 35 pkts/2342 bytes] - 5 TCP 8.17.22.31:4000 <-> 192.168.0.20:40918 [proto: 230/FIX][cat: RPC][18 pkts/1938 bytes <-> 18 pkts/1358 bytes] - 6 TCP 208.245.107.3:4000 <-> 192.168.0.20:38652 [proto: 230/FIX][cat: RPC][9 pkts/961 bytes <-> 9 pkts/700 bytes] - 7 TCP 8.17.22.31:4000 <-> 192.168.0.20:47952 [proto: 230/FIX][cat: RPC][5 pkts/577 bytes <-> 5 pkts/484 bytes] - 8 TCP 8.17.22.31:4000 <-> 192.168.0.20:47962 [proto: 230/FIX][cat: RPC][6 pkts/513 bytes <-> 4 pkts/522 bytes] - 9 TCP 208.245.107.3:4000 <-> 192.168.0.20:39094 [proto: 230/FIX][cat: RPC][6 pkts/456 bytes <-> 5 pkts/551 bytes] - 10 TCP 217.192.86.32:4000 <-> 192.168.0.20:53330 [proto: 230/FIX][cat: RPC][6 pkts/456 bytes <-> 5 pkts/551 bytes] - 11 TCP 208.245.107.3:4000 <-> 192.168.0.20:38646 [proto: 230/FIX][cat: RPC][6 pkts/441 bytes <-> 4 pkts/477 bytes] - 12 TCP 8.17.22.31:4000 <-> 192.168.0.20:40928 [proto: 230/FIX][cat: RPC][4 pkts/342 bytes <-> 2 pkts/303 bytes] + 1 TCP 208.245.107.3:4000 <-> 192.168.0.20:45578 [proto: 230/FIX][cat: RPC/16][228 pkts/26333 bytes <-> 228 pkts/13920 bytes] + 2 TCP 8.17.22.31:4000 <-> 192.168.0.20:47968 [proto: 230/FIX][cat: RPC/16][201 pkts/21246 bytes <-> 200 pkts/13460 bytes] + 3 TCP 8.17.22.31:4000 <-> 192.168.0.20:43594 [proto: 230/FIX][cat: RPC/16][111 pkts/16881 bytes <-> 111 pkts/7680 bytes] + 4 TCP 208.245.107.3:4000 <-> 192.168.0.20:45584 [proto: 230/FIX][cat: RPC/16][35 pkts/3022 bytes <-> 35 pkts/2342 bytes] + 5 TCP 8.17.22.31:4000 <-> 192.168.0.20:40918 [proto: 230/FIX][cat: RPC/16][18 pkts/1938 bytes <-> 18 pkts/1358 bytes] + 6 TCP 208.245.107.3:4000 <-> 192.168.0.20:38652 [proto: 230/FIX][cat: RPC/16][9 pkts/961 bytes <-> 9 pkts/700 bytes] + 7 TCP 8.17.22.31:4000 <-> 192.168.0.20:47952 [proto: 230/FIX][cat: RPC/16][5 pkts/577 bytes <-> 5 pkts/484 bytes] + 8 TCP 8.17.22.31:4000 <-> 192.168.0.20:47962 [proto: 230/FIX][cat: RPC/16][6 pkts/513 bytes <-> 4 pkts/522 bytes] + 9 TCP 208.245.107.3:4000 <-> 192.168.0.20:39094 [proto: 230/FIX][cat: RPC/16][6 pkts/456 bytes <-> 5 pkts/551 bytes] + 10 TCP 217.192.86.32:4000 <-> 192.168.0.20:53330 [proto: 230/FIX][cat: RPC/16][6 pkts/456 bytes <-> 5 pkts/551 bytes] + 11 TCP 208.245.107.3:4000 <-> 192.168.0.20:38646 [proto: 230/FIX][cat: RPC/16][6 pkts/441 bytes <-> 4 pkts/477 bytes] + 12 TCP 8.17.22.31:4000 <-> 192.168.0.20:40928 [proto: 230/FIX][cat: RPC/16][4 pkts/342 bytes <-> 2 pkts/303 bytes] diff --git a/tests/result/git.pcap.out b/tests/result/git.pcap.out index 392823a47..e1415d97a 100644 --- a/tests/result/git.pcap.out +++ b/tests/result/git.pcap.out @@ -1,3 +1,3 @@ Git 90 74005 1 - 1 TCP 192.168.0.77:47991 <-> 5.153.231.21:9418 [proto: 226/Git][cat: Collaborative][41 pkts/3319 bytes <-> 49 pkts/70686 bytes] + 1 TCP 192.168.0.77:47991 <-> 5.153.231.21:9418 [proto: 226/Git][cat: Collaborative/15][41 pkts/3319 bytes <-> 49 pkts/70686 bytes] diff --git a/tests/result/google_ssl.pcap.out b/tests/result/google_ssl.pcap.out index d0049d632..0a4e91ba8 100644 --- a/tests/result/google_ssl.pcap.out +++ b/tests/result/google_ssl.pcap.out @@ -1,3 +1,3 @@ Google 28 9108 1 - 1 TCP 172.31.3.224:42835 <-> 216.58.212.100:443 [proto: 91.126/SSL.Google][cat: Web][16 pkts/1512 bytes <-> 12 pkts/7596 bytes][server: www.google.com] + 1 TCP 172.31.3.224:42835 <-> 216.58.212.100:443 [proto: 91.126/SSL.Google][cat: Web/5][16 pkts/1512 bytes <-> 12 pkts/7596 bytes][server: www.google.com] diff --git a/tests/result/hangout.pcap.out b/tests/result/hangout.pcap.out index ce689988f..323e41d36 100644 --- a/tests/result/hangout.pcap.out +++ b/tests/result/hangout.pcap.out @@ -1,3 +1,3 @@ GoogleHangout 19 2774 1 - 1 UDP 74.125.134.127:19305 -> 10.89.61.13:56406 [proto: 201/GoogleHangout][cat: Chat][19 pkts/2774 bytes -> 0 pkts/0 bytes] + 1 UDP 74.125.134.127:19305 -> 10.89.61.13:56406 [proto: 201/GoogleHangout][cat: Chat/9][19 pkts/2774 bytes -> 0 pkts/0 bytes] diff --git a/tests/result/http_ipv6.pcap.out b/tests/result/http_ipv6.pcap.out index b53de1bde..f0b5577d6 100644 --- a/tests/result/http_ipv6.pcap.out +++ b/tests/result/http_ipv6.pcap.out @@ -4,15 +4,15 @@ Facebook 22 10202 2 Google 62 15977 1 QUIC 3 502 1 - 1 UDP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:45931 <-> [2a00:1450:4001:803::1017]:443 [proto: 188.126/QUIC.Google][cat: Web][33 pkts/7741 bytes <-> 29 pkts/8236 bytes][Host: www.google.it] - 2 TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:37506 <-> [2a03:b0c0:3:d0::70:1001]:443 [proto: 91.26/SSL.ntop][cat: Network][14 pkts/3969 bytes <-> 12 pkts/11648 bytes][client: www.ntop.org] - 3 TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:37486 <-> [2a03:b0c0:3:d0::70:1001]:443 [proto: 91.26/SSL.ntop][cat: Network][11 pkts/1292 bytes <-> 8 pkts/5722 bytes][client: www.ntop.org] - 4 TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:37494 <-> [2a03:b0c0:3:d0::70:1001]:443 [proto: 91.26/SSL.ntop][cat: Network][10 pkts/1206 bytes <-> 8 pkts/5722 bytes][client: www.ntop.org] - 5 TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:37488 <-> [2a03:b0c0:3:d0::70:1001]:443 [proto: 91.26/SSL.ntop][cat: Network][10 pkts/1206 bytes <-> 7 pkts/5636 bytes][client: www.ntop.org] - 6 TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:53132 <-> [2a02:26f0:ad:197::236]:443 [proto: 91.119/SSL.Facebook][cat: SocialNetwork][7 pkts/960 bytes <-> 5 pkts/4227 bytes][client: s-static.ak.facebook.com][server: *.ak.fbcdn.net] - 7 TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:53134 <-> [2a02:26f0:ad:197::236]:443 [proto: 91.119/SSL.Facebook][cat: SocialNetwork][6 pkts/874 bytes <-> 4 pkts/4141 bytes][client: s-static.ak.facebook.com][server: *.ak.fbcdn.net] + 1 UDP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:45931 <-> [2a00:1450:4001:803::1017]:443 [proto: 188.126/QUIC.Google][cat: Web/5][33 pkts/7741 bytes <-> 29 pkts/8236 bytes][Host: www.google.it] + 2 TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:37506 <-> [2a03:b0c0:3:d0::70:1001]:443 [proto: 91.26/SSL.ntop][cat: Network/14][14 pkts/3969 bytes <-> 12 pkts/11648 bytes][client: www.ntop.org] + 3 TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:37486 <-> [2a03:b0c0:3:d0::70:1001]:443 [proto: 91.26/SSL.ntop][cat: Network/14][11 pkts/1292 bytes <-> 8 pkts/5722 bytes][client: www.ntop.org] + 4 TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:37494 <-> [2a03:b0c0:3:d0::70:1001]:443 [proto: 91.26/SSL.ntop][cat: Network/14][10 pkts/1206 bytes <-> 8 pkts/5722 bytes][client: www.ntop.org] + 5 TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:37488 <-> [2a03:b0c0:3:d0::70:1001]:443 [proto: 91.26/SSL.ntop][cat: Network/14][10 pkts/1206 bytes <-> 7 pkts/5636 bytes][client: www.ntop.org] + 6 TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:53132 <-> [2a02:26f0:ad:197::236]:443 [proto: 91.119/SSL.Facebook][cat: SocialNetwork/6][7 pkts/960 bytes <-> 5 pkts/4227 bytes][client: s-static.ak.facebook.com][server: *.ak.fbcdn.net] + 7 TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:53134 <-> [2a02:26f0:ad:197::236]:443 [proto: 91.119/SSL.Facebook][cat: SocialNetwork/6][6 pkts/874 bytes <-> 4 pkts/4141 bytes][client: s-static.ak.facebook.com][server: *.ak.fbcdn.net] 8 TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:41776 <-> [2a00:1450:4001:803::1017]:443 [proto: 91/SSL][7 pkts/860 bytes <-> 7 pkts/1353 bytes] - 9 UDP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:55145 <-> [2a00:1450:400b:c02::5f]:443 [proto: 188/QUIC][cat: Web][2 pkts/359 bytes <-> 1 pkts/143 bytes] + 9 UDP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:55145 <-> [2a00:1450:400b:c02::5f]:443 [proto: 188/QUIC][cat: Web/5][2 pkts/359 bytes <-> 1 pkts/143 bytes] 10 TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:33062 <-> [2a00:1450:400b:c02::9a]:443 [proto: 91/SSL][1 pkts/86 bytes <-> 1 pkts/86 bytes] 11 TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:40308 <-> [2a03:2880:1010:3f20:face:b00c::25de]:443 [proto: 91/SSL][1 pkts/86 bytes <-> 1 pkts/86 bytes] 12 TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:40526 <-> [2a00:1450:4006:804::200e]:443 [proto: 91/SSL][1 pkts/86 bytes <-> 1 pkts/86 bytes] diff --git a/tests/result/mpeg.pcap.out b/tests/result/mpeg.pcap.out index 3740ee42d..1d888d254 100644 --- a/tests/result/mpeg.pcap.out +++ b/tests/result/mpeg.pcap.out @@ -1,3 +1,3 @@ ntop 19 10643 1 - 1 TCP 192.168.80.160:55804 <-> 46.101.157.119:80 [proto: 7.26/HTTP.ntop][cat: Network][9 pkts/754 bytes <-> 10 pkts/9889 bytes][Host: luca.ntop.org] + 1 TCP 192.168.80.160:55804 <-> 46.101.157.119:80 [proto: 7.26/HTTP.ntop][cat: Network/14][9 pkts/754 bytes <-> 10 pkts/9889 bytes][Host: luca.ntop.org] diff --git a/tests/result/mpegts.pcap.out b/tests/result/mpegts.pcap.out index b85c1f63e..cda24f643 100644 --- a/tests/result/mpegts.pcap.out +++ b/tests/result/mpegts.pcap.out @@ -1,3 +1,3 @@ MPEG_TS 1 1362 1 - 1 UDP 10.1.16.48:40737 -> 230.200.201.23:1234 [VLAN: 3359][proto: 198/MPEG_TS][cat: Media][1 pkts/1362 bytes -> 0 pkts/0 bytes] + 1 UDP 10.1.16.48:40737 -> 230.200.201.23:1234 [VLAN: 3359][proto: 198/MPEG_TS][cat: Media/1][1 pkts/1362 bytes -> 0 pkts/0 bytes] diff --git a/tests/result/msnms.pcap.out b/tests/result/msnms.pcap.out index 397b397d8..bb3fc91e1 100644 --- a/tests/result/msnms.pcap.out +++ b/tests/result/msnms.pcap.out @@ -1,8 +1,8 @@ MSN 364 56503 6 - 1 TCP 192.168.1.14:1208 <-> 207.46.108.83:1863 [proto: 68/MSN][cat: Web][43 pkts/7166 bytes <-> 48 pkts/9557 bytes] - 2 TCP 192.168.1.14:1221 <-> 207.46.108.59:1863 [proto: 68/MSN][cat: Web][43 pkts/7062 bytes <-> 40 pkts/7349 bytes] - 3 TCP 192.168.1.14:1217 <-> 207.46.108.41:1863 [proto: 68/MSN][cat: Web][46 pkts/7655 bytes <-> 19 pkts/3761 bytes] - 4 TCP 192.168.1.14:1037 <-> 207.46.107.149:1863 [proto: 68/MSN][cat: Web][41 pkts/2425 bytes <-> 55 pkts/6426 bytes] - 5 TCP 192.168.1.14:1220 <-> 207.46.108.150:1863 [proto: 68/MSN][cat: Web][2 pkts/163 bytes <-> 14 pkts/2737 bytes] - 6 TCP 192.168.1.14:1176 -> 207.46.108.39:1863 [proto: 68/MSN][cat: Web][13 pkts/2202 bytes -> 0 pkts/0 bytes] + 1 TCP 192.168.1.14:1208 <-> 207.46.108.83:1863 [proto: 68/MSN][cat: Web/5][43 pkts/7166 bytes <-> 48 pkts/9557 bytes] + 2 TCP 192.168.1.14:1221 <-> 207.46.108.59:1863 [proto: 68/MSN][cat: Web/5][43 pkts/7062 bytes <-> 40 pkts/7349 bytes] + 3 TCP 192.168.1.14:1217 <-> 207.46.108.41:1863 [proto: 68/MSN][cat: Web/5][46 pkts/7655 bytes <-> 19 pkts/3761 bytes] + 4 TCP 192.168.1.14:1037 <-> 207.46.107.149:1863 [proto: 68/MSN][cat: Web/5][41 pkts/2425 bytes <-> 55 pkts/6426 bytes] + 5 TCP 192.168.1.14:1220 <-> 207.46.108.150:1863 [proto: 68/MSN][cat: Web/5][2 pkts/163 bytes <-> 14 pkts/2737 bytes] + 6 TCP 192.168.1.14:1176 -> 207.46.108.39:1863 [proto: 68/MSN][cat: Web/5][13 pkts/2202 bytes -> 0 pkts/0 bytes] diff --git a/tests/result/mssql_tds.pcap.out b/tests/result/mssql_tds.pcap.out index 908ddcef5..47403889e 100644 --- a/tests/result/mssql_tds.pcap.out +++ b/tests/result/mssql_tds.pcap.out @@ -1,14 +1,14 @@ MsSQL-TDS 38 16260 12 1 TCP 10.111.111.111:6666 -> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][7 pkts/8717 bytes -> 0 pkts/0 bytes] - 2 TCP 10.111.111.111:5555 <-> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database][10 pkts/1552 bytes <-> 7 pkts/1521 bytes] - 3 TCP 10.111.111.111:1111 <-> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database][2 pkts/614 bytes <-> 2 pkts/524 bytes] - 4 TCP 10.111.111.111:4444 -> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database][1 pkts/1136 bytes -> 0 pkts/0 bytes] - 5 TCP 10.111.111.111:7777 -> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database][1 pkts/425 bytes -> 0 pkts/0 bytes] - 6 TCP 10.111.111.111:33333 -> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database][1 pkts/374 bytes -> 0 pkts/0 bytes] - 7 TCP 10.111.111.111:22222 -> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database][1 pkts/322 bytes -> 0 pkts/0 bytes] - 8 TCP 10.111.111.111:9999 -> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database][1 pkts/272 bytes -> 0 pkts/0 bytes] - 9 TCP 10.111.111.111:11111 -> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database][1 pkts/253 bytes -> 0 pkts/0 bytes] - 10 TCP 10.111.111.111:3333 -> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database][1 pkts/239 bytes -> 0 pkts/0 bytes] - 11 TCP 10.111.111.111:2222 <-> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database][1 pkts/98 bytes <-> 1 pkts/71 bytes] - 12 TCP 10.111.111.111:8888 -> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database][1 pkts/142 bytes -> 0 pkts/0 bytes] + 2 TCP 10.111.111.111:5555 <-> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database/11][10 pkts/1552 bytes <-> 7 pkts/1521 bytes] + 3 TCP 10.111.111.111:1111 <-> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database/11][2 pkts/614 bytes <-> 2 pkts/524 bytes] + 4 TCP 10.111.111.111:4444 -> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database/11][1 pkts/1136 bytes -> 0 pkts/0 bytes] + 5 TCP 10.111.111.111:7777 -> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database/11][1 pkts/425 bytes -> 0 pkts/0 bytes] + 6 TCP 10.111.111.111:33333 -> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database/11][1 pkts/374 bytes -> 0 pkts/0 bytes] + 7 TCP 10.111.111.111:22222 -> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database/11][1 pkts/322 bytes -> 0 pkts/0 bytes] + 8 TCP 10.111.111.111:9999 -> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database/11][1 pkts/272 bytes -> 0 pkts/0 bytes] + 9 TCP 10.111.111.111:11111 -> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database/11][1 pkts/253 bytes -> 0 pkts/0 bytes] + 10 TCP 10.111.111.111:3333 -> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database/11][1 pkts/239 bytes -> 0 pkts/0 bytes] + 11 TCP 10.111.111.111:2222 <-> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database/11][1 pkts/98 bytes <-> 1 pkts/71 bytes] + 12 TCP 10.111.111.111:8888 -> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database/11][1 pkts/142 bytes -> 0 pkts/0 bytes] diff --git a/tests/result/netflix.pcap.out b/tests/result/netflix.pcap.out index 05739b694..9a3029b4c 100644 --- a/tests/result/netflix.pcap.out +++ b/tests/result/netflix.pcap.out @@ -4,64 +4,64 @@ IGMP 1 60 1 NetFlix 6976 6151821 56 Amazon 2 126 1 - 1 TCP 192.168.1.7:53217 <-> 23.246.11.141:80 [proto: 7.133/HTTP.NetFlix][cat: Streaming][667 pkts/50462 bytes <-> 1205 pkts/1807875 bytes][Host: 23.246.11.141] - 2 TCP 192.168.1.7:53183 <-> 23.246.3.140:80 [proto: 7.133/HTTP.NetFlix][cat: Streaming][502 pkts/40335 bytes <-> 805 pkts/1202445 bytes][Host: 23.246.3.140] - 3 TCP 192.168.1.7:53210 <-> 23.246.11.133:80 [proto: 7.133/HTTP.NetFlix][cat: Streaming][293 pkts/23170 bytes <-> 495 pkts/736113 bytes][Host: 23.246.11.133] - 4 TCP 192.168.1.7:53153 <-> 184.25.204.24:80 [proto: 7.133/HTTP.NetFlix][cat: Streaming][147 pkts/11558 bytes <-> 490 pkts/734346 bytes][Host: tp.akam.nflximg.com] - 5 TCP 192.168.1.7:53141 <-> 104.86.97.179:443 [proto: 91.133/SSL.NetFlix][cat: Streaming][83 pkts/7225 bytes <-> 147 pkts/202723 bytes][client: art-s.nflximg.net][server: secure.cdn.nflximg.net] - 6 TCP 192.168.1.7:53184 <-> 23.246.11.141:80 [proto: 7.133/HTTP.NetFlix][cat: Streaming][75 pkts/6610 bytes <-> 103 pkts/150772 bytes][Host: 23.246.11.141] - 7 TCP 192.168.1.7:53149 <-> 184.25.204.25:80 [proto: 7.133/HTTP.NetFlix][cat: Streaming][40 pkts/3413 bytes <-> 86 pkts/125190 bytes][Host: art-2.nflximg.net] - 8 TCP 192.168.1.7:53116 <-> 52.32.196.36:443 [proto: 91.133/SSL.NetFlix][cat: Streaming][75 pkts/31024 bytes <-> 73 pkts/42930 bytes][client: api-global.netflix.com][server: api.netflix.com] - 9 TCP 192.168.1.7:53193 <-> 54.191.17.51:443 [proto: 91.133/SSL.NetFlix][cat: Streaming][46 pkts/50218 bytes <-> 25 pkts/7943 bytes][client: ios.nccp.netflix.com][server: *.nccp.netflix.com] - 10 TCP 192.168.1.7:53164 <-> 23.246.10.139:80 [proto: 7.133/HTTP.NetFlix][cat: Streaming][24 pkts/2040 bytes <-> 34 pkts/45136 bytes] - 11 TCP 192.168.1.7:53171 <-> 23.246.3.140:80 [proto: 7.133/HTTP.NetFlix][cat: Streaming][21 pkts/1868 bytes <-> 34 pkts/45139 bytes] - 12 TCP 192.168.1.7:53148 <-> 184.25.204.25:80 [proto: 7.133/HTTP.NetFlix][cat: Streaming][31 pkts/2893 bytes <-> 32 pkts/44112 bytes][Host: art-2.nflximg.net] - 13 TCP 192.168.1.7:53163 <-> 23.246.11.145:80 [proto: 7.133/HTTP.NetFlix][cat: Streaming][21 pkts/1826 bytes <-> 32 pkts/43179 bytes] - 14 TCP 192.168.1.7:53133 <-> 52.89.39.139:443 [proto: 91.133/SSL.NetFlix][cat: Streaming][30 pkts/6328 bytes <-> 39 pkts/37610 bytes][client: api-global.netflix.com][server: api.netflix.com] - 15 TCP 192.168.1.7:53252 <-> 184.25.204.10:80 [proto: 7.133/HTTP.NetFlix][cat: Streaming][12 pkts/1221 bytes <-> 29 pkts/41018 bytes][Host: art-1.nflximg.net] - 16 TCP 192.168.1.7:53179 <-> 23.246.11.141:80 [proto: 7.133/HTTP.NetFlix][cat: Streaming][31 pkts/2596 bytes <-> 29 pkts/37544 bytes] - 17 TCP 192.168.1.7:53251 <-> 184.25.204.10:80 [proto: 7.133/HTTP.NetFlix][cat: Streaming][16 pkts/1558 bytes <-> 25 pkts/33413 bytes][Host: art-1.nflximg.net] - 18 TCP 192.168.1.7:53151 <-> 54.201.191.132:80 [proto: 7.133/HTTP.NetFlix][cat: Streaming][15 pkts/3626 bytes <-> 26 pkts/29544 bytes][Host: appboot.netflix.com] - 19 TCP 192.168.1.7:53182 <-> 23.246.11.141:80 [proto: 7.133/HTTP.NetFlix][cat: Streaming][33 pkts/2732 bytes <-> 25 pkts/30064 bytes] - 20 TCP 192.168.1.7:53173 <-> 23.246.11.133:80 [proto: 7.133/HTTP.NetFlix][cat: Streaming][24 pkts/2041 bytes <-> 25 pkts/30064 bytes] - 21 TCP 192.168.1.7:53175 <-> 23.246.11.141:80 [proto: 7.133/HTTP.NetFlix][cat: Streaming][31 pkts/2571 bytes <-> 22 pkts/28042 bytes] - 22 TCP 192.168.1.7:53239 <-> 52.41.30.5:443 [proto: 91.133/SSL.NetFlix][cat: Streaming][22 pkts/6384 bytes <-> 26 pkts/23277 bytes][client: api-global.netflix.com][server: api.netflix.com] - 23 TCP 192.168.1.7:53177 <-> 23.246.11.141:80 [proto: 7.133/HTTP.NetFlix][cat: Streaming][32 pkts/2572 bytes <-> 23 pkts/26661 bytes] - 24 TCP 192.168.1.7:53176 <-> 23.246.11.141:80 [proto: 7.133/HTTP.NetFlix][cat: Streaming][36 pkts/3030 bytes <-> 21 pkts/25455 bytes] - 25 TCP 192.168.1.7:53180 <-> 23.246.11.141:80 [proto: 7.133/HTTP.NetFlix][cat: Streaming][34 pkts/2864 bytes <-> 21 pkts/25456 bytes] - 26 TCP 192.168.1.7:53178 <-> 23.246.11.141:80 [proto: 7.133/HTTP.NetFlix][cat: Streaming][30 pkts/2553 bytes <-> 22 pkts/25510 bytes] - 27 TCP 192.168.1.7:53203 <-> 52.37.36.252:443 [proto: 91.133/SSL.NetFlix][cat: Streaming][28 pkts/22704 bytes <-> 17 pkts/5248 bytes][client: ichnaea.netflix.com][server: customerevents.netflix.com] - 28 TCP 192.168.1.7:53249 <-> 52.41.30.5:443 [proto: 91.133/SSL.NetFlix][cat: Streaming][25 pkts/5934 bytes <-> 27 pkts/19952 bytes][client: api-global.netflix.com] - 29 TCP 192.168.1.7:53174 <-> 23.246.11.141:80 [proto: 7.133/HTTP.NetFlix][cat: Streaming][35 pkts/2920 bytes <-> 19 pkts/22428 bytes] - 30 TCP 192.168.1.7:53181 <-> 23.246.11.141:80 [proto: 7.133/HTTP.NetFlix][cat: Streaming][34 pkts/2879 bytes <-> 20 pkts/22373 bytes] - 31 TCP 192.168.1.7:53172 <-> 23.246.11.133:80 [proto: 7.133/HTTP.NetFlix][cat: Streaming][30 pkts/2610 bytes <-> 20 pkts/22422 bytes] - 32 TCP 192.168.1.7:53202 <-> 54.191.17.51:443 [proto: 91.133/SSL.NetFlix][cat: Streaming][22 pkts/10686 bytes <-> 16 pkts/7850 bytes][client: ios.nccp.netflix.com][server: *.nccp.netflix.com] - 33 TCP 192.168.1.7:53152 <-> 52.89.39.139:80 [proto: 7.133/HTTP.NetFlix][cat: Streaming][14 pkts/10001 bytes <-> 13 pkts/6504 bytes][Host: api-global.netflix.com] - 34 TCP 192.168.1.7:53162 <-> 54.191.17.51:443 [proto: 91.133/SSL.NetFlix][cat: Streaming][18 pkts/5661 bytes <-> 13 pkts/9059 bytes][client: ios.nccp.netflix.com][server: *.nccp.netflix.com] - 35 TCP 192.168.1.7:53132 <-> 52.89.39.139:443 [proto: 91.133/SSL.NetFlix][cat: Streaming][22 pkts/6028 bytes <-> 18 pkts/7459 bytes][client: api-global.netflix.com][server: api.netflix.com] - 36 TCP 192.168.1.7:53150 <-> 184.25.204.25:80 [proto: 7.133/HTTP.NetFlix][cat: Streaming][10 pkts/941 bytes <-> 11 pkts/12318 bytes][Host: art-2.nflximg.net] - 37 TCP 192.168.1.7:53119 <-> 54.69.204.241:443 [proto: 91.133/SSL.NetFlix][cat: Streaming][20 pkts/7639 bytes <-> 16 pkts/5235 bytes][client: ichnaea.netflix.com][server: customerevents.netflix.com] - 38 TCP 192.168.1.7:53118 <-> 54.69.204.241:443 [proto: 91.133/SSL.NetFlix][cat: Streaming][19 pkts/7588 bytes <-> 15 pkts/5140 bytes][client: ichnaea.netflix.com][server: customerevents.netflix.com] - 39 TCP 192.168.1.7:53238 <-> 52.32.22.214:443 [proto: 91.133/SSL.NetFlix][cat: Streaming][17 pkts/5528 bytes <-> 14 pkts/5406 bytes][client: ios.nccp.netflix.com][server: *.nccp.netflix.com] - 40 TCP 192.168.1.7:53248 <-> 52.32.22.214:443 [proto: 91.133/SSL.NetFlix][cat: Streaming][12 pkts/5165 bytes <-> 10 pkts/5074 bytes][client: ios.nccp.netflix.com][server: *.nccp.netflix.com] - 41 TCP 192.168.1.7:53105 <-> 54.69.204.241:443 [proto: 91.133/SSL.NetFlix][cat: Streaming][21 pkts/3051 bytes <-> 16 pkts/6234 bytes][client: ichnaea.netflix.com][server: customerevents.netflix.com] - 42 TCP 192.168.1.7:53114 <-> 54.191.17.51:443 [proto: 91.133/SSL.NetFlix][cat: Streaming][14 pkts/3109 bytes <-> 11 pkts/5119 bytes][client: ios.nccp.netflix.com][server: *.nccp.netflix.com] - 43 TCP 192.168.1.7:53134 <-> 52.89.39.139:443 [proto: 91.133/SSL.NetFlix][cat: Streaming][14 pkts/3548 bytes <-> 11 pkts/4653 bytes][client: api-global.netflix.com] - 44 TCP 192.168.1.7:53115 <-> 52.32.196.36:443 [proto: 91.133/SSL.NetFlix][cat: Streaming][16 pkts/1657 bytes <-> 12 pkts/5005 bytes][client: api-global.netflix.com][server: api.netflix.com] - 45 TCP 192.168.1.7:53250 <-> 52.41.30.5:443 [proto: 91.133/SSL.NetFlix][cat: Streaming][10 pkts/2830 bytes <-> 7 pkts/2484 bytes][client: api-global.netflix.com] - 46 TCP 192.168.1.7:53117 <-> 52.32.196.36:443 [proto: 91.133/SSL.NetFlix][cat: Streaming][12 pkts/1294 bytes <-> 8 pkts/1723 bytes][client: api-global.netflix.com] - 47 UDP 192.168.1.7:53776 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System][16 pkts/2648 bytes -> 0 pkts/0 bytes] - 48 UDP 192.168.1.7:51543 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][cat: Streaming][2 pkts/160 bytes <-> 2 pkts/646 bytes][Host: ios.nccp.netflix.com] - 49 UDP 192.168.1.7:51622 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][cat: Streaming][2 pkts/160 bytes <-> 2 pkts/646 bytes][Host: ios.nccp.netflix.com] - 50 UDP 192.168.1.7:52347 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][cat: Streaming][1 pkts/80 bytes <-> 1 pkts/371 bytes][Host: ios.nccp.netflix.com] - 51 UDP 192.168.1.7:60962 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][cat: Streaming][1 pkts/83 bytes <-> 1 pkts/248 bytes][Host: ichnaea.geo.netflix.com] - 52 UDP 192.168.1.7:51949 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][cat: Streaming][1 pkts/97 bytes <-> 1 pkts/225 bytes][Host: api-global.latency.prodaa.netflix.com] - 53 UDP 192.168.1.7:52095 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][cat: Streaming][1 pkts/97 bytes <-> 1 pkts/225 bytes][Host: api-global.latency.prodaa.netflix.com] - 54 UDP 192.168.1.7:52116 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][cat: Streaming][1 pkts/96 bytes <-> 1 pkts/224 bytes][Host: ichnaea.us-west-2.prodaa.netflix.com] - 55 UDP 192.168.1.7:58102 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][cat: Streaming][1 pkts/79 bytes <-> 1 pkts/192 bytes][Host: appboot.netflix.com] - 56 UDP 192.168.1.7:59180 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][cat: Streaming][1 pkts/84 bytes <-> 1 pkts/148 bytes][Host: artwork.akam.nflximg.net] - 57 UDP 192.168.1.7:57719 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][cat: Streaming][1 pkts/85 bytes <-> 1 pkts/137 bytes][Host: sha2.san.akam.nflximg.net] - 58 UDP 192.168.1.7:57093 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network][1 pkts/81 bytes <-> 1 pkts/113 bytes][Host: a1907.dscg.akamai.net] - 59 UDP 192.168.1.7:51728 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network][1 pkts/80 bytes <-> 1 pkts/112 bytes][Host: a803.dscg.akamai.net] + 1 TCP 192.168.1.7:53217 <-> 23.246.11.141:80 [proto: 7.133/HTTP.NetFlix][cat: Streaming/17][667 pkts/50462 bytes <-> 1205 pkts/1807875 bytes][Host: 23.246.11.141] + 2 TCP 192.168.1.7:53183 <-> 23.246.3.140:80 [proto: 7.133/HTTP.NetFlix][cat: Streaming/17][502 pkts/40335 bytes <-> 805 pkts/1202445 bytes][Host: 23.246.3.140] + 3 TCP 192.168.1.7:53210 <-> 23.246.11.133:80 [proto: 7.133/HTTP.NetFlix][cat: Streaming/17][293 pkts/23170 bytes <-> 495 pkts/736113 bytes][Host: 23.246.11.133] + 4 TCP 192.168.1.7:53153 <-> 184.25.204.24:80 [proto: 7.133/HTTP.NetFlix][cat: Streaming/17][147 pkts/11558 bytes <-> 490 pkts/734346 bytes][Host: tp.akam.nflximg.com] + 5 TCP 192.168.1.7:53141 <-> 104.86.97.179:443 [proto: 91.133/SSL.NetFlix][cat: Streaming/17][83 pkts/7225 bytes <-> 147 pkts/202723 bytes][client: art-s.nflximg.net][server: secure.cdn.nflximg.net] + 6 TCP 192.168.1.7:53184 <-> 23.246.11.141:80 [proto: 7.133/HTTP.NetFlix][cat: Streaming/17][75 pkts/6610 bytes <-> 103 pkts/150772 bytes][Host: 23.246.11.141] + 7 TCP 192.168.1.7:53149 <-> 184.25.204.25:80 [proto: 7.133/HTTP.NetFlix][cat: Streaming/17][40 pkts/3413 bytes <-> 86 pkts/125190 bytes][Host: art-2.nflximg.net] + 8 TCP 192.168.1.7:53116 <-> 52.32.196.36:443 [proto: 91.133/SSL.NetFlix][cat: Streaming/17][75 pkts/31024 bytes <-> 73 pkts/42930 bytes][client: api-global.netflix.com][server: api.netflix.com] + 9 TCP 192.168.1.7:53193 <-> 54.191.17.51:443 [proto: 91.133/SSL.NetFlix][cat: Streaming/17][46 pkts/50218 bytes <-> 25 pkts/7943 bytes][client: ios.nccp.netflix.com][server: *.nccp.netflix.com] + 10 TCP 192.168.1.7:53164 <-> 23.246.10.139:80 [proto: 7.133/HTTP.NetFlix][cat: Streaming/17][24 pkts/2040 bytes <-> 34 pkts/45136 bytes] + 11 TCP 192.168.1.7:53171 <-> 23.246.3.140:80 [proto: 7.133/HTTP.NetFlix][cat: Streaming/17][21 pkts/1868 bytes <-> 34 pkts/45139 bytes] + 12 TCP 192.168.1.7:53148 <-> 184.25.204.25:80 [proto: 7.133/HTTP.NetFlix][cat: Streaming/17][31 pkts/2893 bytes <-> 32 pkts/44112 bytes][Host: art-2.nflximg.net] + 13 TCP 192.168.1.7:53163 <-> 23.246.11.145:80 [proto: 7.133/HTTP.NetFlix][cat: Streaming/17][21 pkts/1826 bytes <-> 32 pkts/43179 bytes] + 14 TCP 192.168.1.7:53133 <-> 52.89.39.139:443 [proto: 91.133/SSL.NetFlix][cat: Streaming/17][30 pkts/6328 bytes <-> 39 pkts/37610 bytes][client: api-global.netflix.com][server: api.netflix.com] + 15 TCP 192.168.1.7:53252 <-> 184.25.204.10:80 [proto: 7.133/HTTP.NetFlix][cat: Streaming/17][12 pkts/1221 bytes <-> 29 pkts/41018 bytes][Host: art-1.nflximg.net] + 16 TCP 192.168.1.7:53179 <-> 23.246.11.141:80 [proto: 7.133/HTTP.NetFlix][cat: Streaming/17][31 pkts/2596 bytes <-> 29 pkts/37544 bytes] + 17 TCP 192.168.1.7:53251 <-> 184.25.204.10:80 [proto: 7.133/HTTP.NetFlix][cat: Streaming/17][16 pkts/1558 bytes <-> 25 pkts/33413 bytes][Host: art-1.nflximg.net] + 18 TCP 192.168.1.7:53151 <-> 54.201.191.132:80 [proto: 7.133/HTTP.NetFlix][cat: Streaming/17][15 pkts/3626 bytes <-> 26 pkts/29544 bytes][Host: appboot.netflix.com] + 19 TCP 192.168.1.7:53182 <-> 23.246.11.141:80 [proto: 7.133/HTTP.NetFlix][cat: Streaming/17][33 pkts/2732 bytes <-> 25 pkts/30064 bytes] + 20 TCP 192.168.1.7:53173 <-> 23.246.11.133:80 [proto: 7.133/HTTP.NetFlix][cat: Streaming/17][24 pkts/2041 bytes <-> 25 pkts/30064 bytes] + 21 TCP 192.168.1.7:53175 <-> 23.246.11.141:80 [proto: 7.133/HTTP.NetFlix][cat: Streaming/17][31 pkts/2571 bytes <-> 22 pkts/28042 bytes] + 22 TCP 192.168.1.7:53239 <-> 52.41.30.5:443 [proto: 91.133/SSL.NetFlix][cat: Streaming/17][22 pkts/6384 bytes <-> 26 pkts/23277 bytes][client: api-global.netflix.com][server: api.netflix.com] + 23 TCP 192.168.1.7:53177 <-> 23.246.11.141:80 [proto: 7.133/HTTP.NetFlix][cat: Streaming/17][32 pkts/2572 bytes <-> 23 pkts/26661 bytes] + 24 TCP 192.168.1.7:53176 <-> 23.246.11.141:80 [proto: 7.133/HTTP.NetFlix][cat: Streaming/17][36 pkts/3030 bytes <-> 21 pkts/25455 bytes] + 25 TCP 192.168.1.7:53180 <-> 23.246.11.141:80 [proto: 7.133/HTTP.NetFlix][cat: Streaming/17][34 pkts/2864 bytes <-> 21 pkts/25456 bytes] + 26 TCP 192.168.1.7:53178 <-> 23.246.11.141:80 [proto: 7.133/HTTP.NetFlix][cat: Streaming/17][30 pkts/2553 bytes <-> 22 pkts/25510 bytes] + 27 TCP 192.168.1.7:53203 <-> 52.37.36.252:443 [proto: 91.133/SSL.NetFlix][cat: Streaming/17][28 pkts/22704 bytes <-> 17 pkts/5248 bytes][client: ichnaea.netflix.com][server: customerevents.netflix.com] + 28 TCP 192.168.1.7:53249 <-> 52.41.30.5:443 [proto: 91.133/SSL.NetFlix][cat: Streaming/17][25 pkts/5934 bytes <-> 27 pkts/19952 bytes][client: api-global.netflix.com] + 29 TCP 192.168.1.7:53174 <-> 23.246.11.141:80 [proto: 7.133/HTTP.NetFlix][cat: Streaming/17][35 pkts/2920 bytes <-> 19 pkts/22428 bytes] + 30 TCP 192.168.1.7:53181 <-> 23.246.11.141:80 [proto: 7.133/HTTP.NetFlix][cat: Streaming/17][34 pkts/2879 bytes <-> 20 pkts/22373 bytes] + 31 TCP 192.168.1.7:53172 <-> 23.246.11.133:80 [proto: 7.133/HTTP.NetFlix][cat: Streaming/17][30 pkts/2610 bytes <-> 20 pkts/22422 bytes] + 32 TCP 192.168.1.7:53202 <-> 54.191.17.51:443 [proto: 91.133/SSL.NetFlix][cat: Streaming/17][22 pkts/10686 bytes <-> 16 pkts/7850 bytes][client: ios.nccp.netflix.com][server: *.nccp.netflix.com] + 33 TCP 192.168.1.7:53152 <-> 52.89.39.139:80 [proto: 7.133/HTTP.NetFlix][cat: Streaming/17][14 pkts/10001 bytes <-> 13 pkts/6504 bytes][Host: api-global.netflix.com] + 34 TCP 192.168.1.7:53162 <-> 54.191.17.51:443 [proto: 91.133/SSL.NetFlix][cat: Streaming/17][18 pkts/5661 bytes <-> 13 pkts/9059 bytes][client: ios.nccp.netflix.com][server: *.nccp.netflix.com] + 35 TCP 192.168.1.7:53132 <-> 52.89.39.139:443 [proto: 91.133/SSL.NetFlix][cat: Streaming/17][22 pkts/6028 bytes <-> 18 pkts/7459 bytes][client: api-global.netflix.com][server: api.netflix.com] + 36 TCP 192.168.1.7:53150 <-> 184.25.204.25:80 [proto: 7.133/HTTP.NetFlix][cat: Streaming/17][10 pkts/941 bytes <-> 11 pkts/12318 bytes][Host: art-2.nflximg.net] + 37 TCP 192.168.1.7:53119 <-> 54.69.204.241:443 [proto: 91.133/SSL.NetFlix][cat: Streaming/17][20 pkts/7639 bytes <-> 16 pkts/5235 bytes][client: ichnaea.netflix.com][server: customerevents.netflix.com] + 38 TCP 192.168.1.7:53118 <-> 54.69.204.241:443 [proto: 91.133/SSL.NetFlix][cat: Streaming/17][19 pkts/7588 bytes <-> 15 pkts/5140 bytes][client: ichnaea.netflix.com][server: customerevents.netflix.com] + 39 TCP 192.168.1.7:53238 <-> 52.32.22.214:443 [proto: 91.133/SSL.NetFlix][cat: Streaming/17][17 pkts/5528 bytes <-> 14 pkts/5406 bytes][client: ios.nccp.netflix.com][server: *.nccp.netflix.com] + 40 TCP 192.168.1.7:53248 <-> 52.32.22.214:443 [proto: 91.133/SSL.NetFlix][cat: Streaming/17][12 pkts/5165 bytes <-> 10 pkts/5074 bytes][client: ios.nccp.netflix.com][server: *.nccp.netflix.com] + 41 TCP 192.168.1.7:53105 <-> 54.69.204.241:443 [proto: 91.133/SSL.NetFlix][cat: Streaming/17][21 pkts/3051 bytes <-> 16 pkts/6234 bytes][client: ichnaea.netflix.com][server: customerevents.netflix.com] + 42 TCP 192.168.1.7:53114 <-> 54.191.17.51:443 [proto: 91.133/SSL.NetFlix][cat: Streaming/17][14 pkts/3109 bytes <-> 11 pkts/5119 bytes][client: ios.nccp.netflix.com][server: *.nccp.netflix.com] + 43 TCP 192.168.1.7:53134 <-> 52.89.39.139:443 [proto: 91.133/SSL.NetFlix][cat: Streaming/17][14 pkts/3548 bytes <-> 11 pkts/4653 bytes][client: api-global.netflix.com] + 44 TCP 192.168.1.7:53115 <-> 52.32.196.36:443 [proto: 91.133/SSL.NetFlix][cat: Streaming/17][16 pkts/1657 bytes <-> 12 pkts/5005 bytes][client: api-global.netflix.com][server: api.netflix.com] + 45 TCP 192.168.1.7:53250 <-> 52.41.30.5:443 [proto: 91.133/SSL.NetFlix][cat: Streaming/17][10 pkts/2830 bytes <-> 7 pkts/2484 bytes][client: api-global.netflix.com] + 46 TCP 192.168.1.7:53117 <-> 52.32.196.36:443 [proto: 91.133/SSL.NetFlix][cat: Streaming/17][12 pkts/1294 bytes <-> 8 pkts/1723 bytes][client: api-global.netflix.com] + 47 UDP 192.168.1.7:53776 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][16 pkts/2648 bytes -> 0 pkts/0 bytes] + 48 UDP 192.168.1.7:51543 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][cat: Streaming/17][2 pkts/160 bytes <-> 2 pkts/646 bytes][Host: ios.nccp.netflix.com] + 49 UDP 192.168.1.7:51622 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][cat: Streaming/17][2 pkts/160 bytes <-> 2 pkts/646 bytes][Host: ios.nccp.netflix.com] + 50 UDP 192.168.1.7:52347 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][cat: Streaming/17][1 pkts/80 bytes <-> 1 pkts/371 bytes][Host: ios.nccp.netflix.com] + 51 UDP 192.168.1.7:60962 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][cat: Streaming/17][1 pkts/83 bytes <-> 1 pkts/248 bytes][Host: ichnaea.geo.netflix.com] + 52 UDP 192.168.1.7:51949 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][cat: Streaming/17][1 pkts/97 bytes <-> 1 pkts/225 bytes][Host: api-global.latency.prodaa.netflix.com] + 53 UDP 192.168.1.7:52095 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][cat: Streaming/17][1 pkts/97 bytes <-> 1 pkts/225 bytes][Host: api-global.latency.prodaa.netflix.com] + 54 UDP 192.168.1.7:52116 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][cat: Streaming/17][1 pkts/96 bytes <-> 1 pkts/224 bytes][Host: ichnaea.us-west-2.prodaa.netflix.com] + 55 UDP 192.168.1.7:58102 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][cat: Streaming/17][1 pkts/79 bytes <-> 1 pkts/192 bytes][Host: appboot.netflix.com] + 56 UDP 192.168.1.7:59180 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][cat: Streaming/17][1 pkts/84 bytes <-> 1 pkts/148 bytes][Host: artwork.akam.nflximg.net] + 57 UDP 192.168.1.7:57719 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][cat: Streaming/17][1 pkts/85 bytes <-> 1 pkts/137 bytes][Host: sha2.san.akam.nflximg.net] + 58 UDP 192.168.1.7:57093 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/81 bytes <-> 1 pkts/113 bytes][Host: a1907.dscg.akamai.net] + 59 UDP 192.168.1.7:51728 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/80 bytes <-> 1 pkts/112 bytes][Host: a803.dscg.akamai.net] 60 TCP 192.168.1.7:52929 -> 52.24.87.6:443 [proto: 91.178/SSL.Amazon][2 pkts/126 bytes -> 0 pkts/0 bytes] - 61 IGMP 192.168.1.7:0 -> 239.255.255.250:0 [proto: 82/IGMP][cat: Network][1 pkts/60 bytes -> 0 pkts/0 bytes] + 61 IGMP 192.168.1.7:0 -> 239.255.255.250:0 [proto: 82/IGMP][cat: Network/14][1 pkts/60 bytes -> 0 pkts/0 bytes] diff --git a/tests/result/nintendo.pcap.out b/tests/result/nintendo.pcap.out index 4db2cd6cb..2dd617913 100644 --- a/tests/result/nintendo.pcap.out +++ b/tests/result/nintendo.pcap.out @@ -2,23 +2,23 @@ ICMP 30 2100 2 Nintendo 890 320242 12 Amazon 76 10811 7 - 1 UDP 192.168.12.114:55915 <-> 185.118.169.65:27520 [proto: 173/Nintendo][cat: Game][169 pkts/61414 bytes <-> 278 pkts/126260 bytes] - 2 UDP 192.168.12.114:55915 <-> 93.237.131.235:56066 [proto: 173/Nintendo][cat: Game][122 pkts/48332 bytes <-> 35 pkts/5026 bytes] - 3 UDP 192.168.12.114:55915 <-> 81.61.158.138:51769 [proto: 173/Nintendo][cat: Game][122 pkts/46476 bytes <-> 38 pkts/5268 bytes] + 1 UDP 192.168.12.114:55915 <-> 185.118.169.65:27520 [proto: 173/Nintendo][cat: Game/8][169 pkts/61414 bytes <-> 278 pkts/126260 bytes] + 2 UDP 192.168.12.114:55915 <-> 93.237.131.235:56066 [proto: 173/Nintendo][cat: Game/8][122 pkts/48332 bytes <-> 35 pkts/5026 bytes] + 3 UDP 192.168.12.114:55915 <-> 81.61.158.138:51769 [proto: 173/Nintendo][cat: Game/8][122 pkts/46476 bytes <-> 38 pkts/5268 bytes] 4 TCP 54.187.10.185:443 <-> 192.168.12.114:48328 [proto: 91.178/SSL.Amazon][34 pkts/4466 bytes <-> 20 pkts/4021 bytes] - 5 TCP 192.168.12.114:41517 <-> 54.192.27.217:443 [proto: 91.173/SSL.Nintendo][cat: Game][11 pkts/2898 bytes <-> 10 pkts/4865 bytes][client: 5][server: *.baas.nintendo.com] - 6 TCP 192.168.12.114:31329 <-> 54.192.27.8:443 [proto: 91.173/SSL.Nintendo][cat: Game][10 pkts/2833 bytes <-> 10 pkts/4866 bytes][client: 5][server: *.baas.nintendo.com] - 7 UDP 192.168.12.114:52119 <-> 91.8.243.35:49432 [proto: 173/Nintendo][cat: Game][23 pkts/2682 bytes <-> 16 pkts/3408 bytes] - 8 UDP 192.168.12.114:52119 <-> 109.21.255.11:50251 [proto: 173/Nintendo][cat: Game][8 pkts/1024 bytes <-> 8 pkts/1024 bytes] - 9 UDP 192.168.12.114:52119 <-> 134.3.248.25:56955 [proto: 173/Nintendo][cat: Game][8 pkts/1040 bytes <-> 7 pkts/922 bytes] - 10 ICMP 151.6.184.100:0 -> 192.168.12.114:0 [proto: 81/ICMP][cat: Network][21 pkts/1470 bytes -> 0 pkts/0 bytes] - 11 UDP 192.168.12.114:10184 <-> 192.168.12.1:53 [proto: 5.173/DNS.Nintendo][cat: Game][4 pkts/368 bytes <-> 4 pkts/400 bytes][Host: g2df33d01-lp1.p.srv.nintendo.net] + 5 TCP 192.168.12.114:41517 <-> 54.192.27.217:443 [proto: 91.173/SSL.Nintendo][cat: Game/8][11 pkts/2898 bytes <-> 10 pkts/4865 bytes][client: 5][server: *.baas.nintendo.com] + 6 TCP 192.168.12.114:31329 <-> 54.192.27.8:443 [proto: 91.173/SSL.Nintendo][cat: Game/8][10 pkts/2833 bytes <-> 10 pkts/4866 bytes][client: 5][server: *.baas.nintendo.com] + 7 UDP 192.168.12.114:52119 <-> 91.8.243.35:49432 [proto: 173/Nintendo][cat: Game/8][23 pkts/2682 bytes <-> 16 pkts/3408 bytes] + 8 UDP 192.168.12.114:52119 <-> 109.21.255.11:50251 [proto: 173/Nintendo][cat: Game/8][8 pkts/1024 bytes <-> 8 pkts/1024 bytes] + 9 UDP 192.168.12.114:52119 <-> 134.3.248.25:56955 [proto: 173/Nintendo][cat: Game/8][8 pkts/1040 bytes <-> 7 pkts/922 bytes] + 10 ICMP 151.6.184.100:0 -> 192.168.12.114:0 [proto: 81/ICMP][cat: Network/14][21 pkts/1470 bytes -> 0 pkts/0 bytes] + 11 UDP 192.168.12.114:10184 <-> 192.168.12.1:53 [proto: 5.173/DNS.Nintendo][cat: Game/8][4 pkts/368 bytes <-> 4 pkts/400 bytes][Host: g2df33d01-lp1.p.srv.nintendo.net] 12 UDP 192.168.12.114:52119 -> 52.10.205.177:34343 [proto: 178/Amazon][1 pkts/730 bytes -> 0 pkts/0 bytes] - 13 ICMP 151.6.184.98:0 -> 192.168.12.114:0 [proto: 81/ICMP][cat: Network][9 pkts/630 bytes -> 0 pkts/0 bytes] + 13 ICMP 151.6.184.98:0 -> 192.168.12.114:0 [proto: 81/ICMP][cat: Network/14][9 pkts/630 bytes -> 0 pkts/0 bytes] 14 UDP 192.168.12.114:55915 <-> 35.158.74.61:10025 [proto: 178/Amazon][5 pkts/290 bytes <-> 5 pkts/290 bytes] - 15 UDP 192.168.12.114:18874 <-> 192.168.12.1:53 [proto: 5.173/DNS.Nintendo][cat: Game][1 pkts/110 bytes <-> 1 pkts/281 bytes][Host: e0d67c509fb203858ebcb2fe3f88c2aa.baas.nintendo.com] - 16 UDP 192.168.12.114:51035 <-> 192.168.12.1:53 [proto: 5.173/DNS.Nintendo][cat: Game][1 pkts/110 bytes <-> 1 pkts/281 bytes][Host: e0d67c509fb203858ebcb2fe3f88c2aa.baas.nintendo.com] - 17 UDP 192.168.12.114:52119 -> 35.158.74.61:33335 [proto: 173/Nintendo][cat: Game][3 pkts/354 bytes -> 0 pkts/0 bytes] + 15 UDP 192.168.12.114:18874 <-> 192.168.12.1:53 [proto: 5.173/DNS.Nintendo][cat: Game/8][1 pkts/110 bytes <-> 1 pkts/281 bytes][Host: e0d67c509fb203858ebcb2fe3f88c2aa.baas.nintendo.com] + 16 UDP 192.168.12.114:51035 <-> 192.168.12.1:53 [proto: 5.173/DNS.Nintendo][cat: Game/8][1 pkts/110 bytes <-> 1 pkts/281 bytes][Host: e0d67c509fb203858ebcb2fe3f88c2aa.baas.nintendo.com] + 17 UDP 192.168.12.114:52119 -> 35.158.74.61:33335 [proto: 173/Nintendo][cat: Game/8][3 pkts/354 bytes -> 0 pkts/0 bytes] 18 UDP 192.168.12.114:55915 -> 35.158.74.61:33335 [proto: 178/Amazon][3 pkts/318 bytes -> 0 pkts/0 bytes] 19 UDP 192.168.12.114:55915 -> 52.10.205.177:34343 [proto: 178/Amazon][1 pkts/298 bytes -> 0 pkts/0 bytes] 20 UDP 192.168.12.114:55915 -> 35.158.74.61:33334 [proto: 178/Amazon][5 pkts/290 bytes -> 0 pkts/0 bytes] diff --git a/tests/result/ocs.pcap.out b/tests/result/ocs.pcap.out index c9e692b90..ed1e8218c 100644 --- a/tests/result/ocs.pcap.out +++ b/tests/result/ocs.pcap.out @@ -7,25 +7,25 @@ OCS 863 57552 7 PlayStore 1 72 1 GoogleServices 13 2277 2 - 1 TCP 192.168.180.2:49881 -> 178.248.208.54:80 [proto: 7.218/HTTP.OCS][cat: Media][751 pkts/44783 bytes -> 0 pkts/0 bytes][Host: ocu03.labgency.ws] - 2 TCP 192.168.180.2:36680 -> 178.248.208.54:443 [proto: 91.218/SSL.OCS][cat: Media][20 pkts/6089 bytes -> 0 pkts/0 bytes][client: ocs.labgency.ws] - 3 TCP 192.168.180.2:42590 -> 178.248.208.210:80 [proto: 7.218/HTTP.OCS][cat: Media][83 pkts/5408 bytes -> 0 pkts/0 bytes][Host: www.ocs.fr] + 1 TCP 192.168.180.2:49881 -> 178.248.208.54:80 [proto: 7.218/HTTP.OCS][cat: Media/1][751 pkts/44783 bytes -> 0 pkts/0 bytes][Host: ocu03.labgency.ws] + 2 TCP 192.168.180.2:36680 -> 178.248.208.54:443 [proto: 91.218/SSL.OCS][cat: Media/1][20 pkts/6089 bytes -> 0 pkts/0 bytes][client: ocs.labgency.ws] + 3 TCP 192.168.180.2:42590 -> 178.248.208.210:80 [proto: 7.218/HTTP.OCS][cat: Media/1][83 pkts/5408 bytes -> 0 pkts/0 bytes][Host: www.ocs.fr] 4 TCP 192.168.180.2:39263 -> 23.21.230.199:443 [proto: 91/SSL][20 pkts/2715 bytes -> 0 pkts/0 bytes][client: settings.crashlytics.com] - 5 TCP 192.168.180.2:32946 -> 64.233.184.188:443 [proto: 91.239/SSL.GoogleServices][cat: Web][12 pkts/2212 bytes -> 0 pkts/0 bytes][client: mtalk.google.com] + 5 TCP 192.168.180.2:32946 -> 64.233.184.188:443 [proto: 91.239/SSL.GoogleServices][cat: Web/5][12 pkts/2212 bytes -> 0 pkts/0 bytes][client: mtalk.google.com] 6 TCP 192.168.180.2:47803 -> 64.233.166.95:443 [proto: 91.126/SSL.Google][12 pkts/1608 bytes -> 0 pkts/0 bytes] 7 TCP 192.168.180.2:41223 -> 216.58.208.46:443 [proto: 91.126/SSL.Google][13 pkts/1448 bytes -> 0 pkts/0 bytes] - 8 TCP 192.168.180.2:48250 -> 178.248.208.54:80 [proto: 7.218/HTTP.OCS][cat: Media][6 pkts/1092 bytes -> 0 pkts/0 bytes][Host: ocu03.labgency.ws] + 8 TCP 192.168.180.2:48250 -> 178.248.208.54:80 [proto: 7.218/HTTP.OCS][cat: Media/1][6 pkts/1092 bytes -> 0 pkts/0 bytes][Host: ocu03.labgency.ws] 9 TCP 192.168.180.2:44959 -> 137.135.129.206:80 [proto: 7/HTTP][7 pkts/540 bytes -> 0 pkts/0 bytes][Host: api.eu01.capptain.com] 10 TCP 192.168.180.2:53356 -> 137.135.129.206:80 [proto: 7/HTTP][6 pkts/479 bytes -> 0 pkts/0 bytes][Host: api.eu01.capptain.com] 11 TCP 192.168.180.2:47699 -> 64.233.184.188:5228 [proto: 126/Google][2 pkts/120 bytes -> 0 pkts/0 bytes] - 12 UDP 192.168.180.2:3621 -> 8.8.8.8:53 [proto: 5/DNS][cat: Network][1 pkts/77 bytes -> 0 pkts/0 bytes][Host: xmpp.device06.eu01.capptain.com] - 13 UDP 192.168.180.2:48770 -> 8.8.8.8:53 [proto: 5.228/DNS.PlayStore][cat: SoftwareUpdate][1 pkts/72 bytes -> 0 pkts/0 bytes][Host: android.clients.google.com] - 14 UDP 192.168.180.2:40097 -> 8.8.8.8:53 [proto: 5/DNS][cat: Network][1 pkts/70 bytes -> 0 pkts/0 bytes][Host: settings.crashlytics.com] - 15 UDP 192.168.180.2:1291 -> 8.8.8.8:53 [proto: 5/DNS][cat: Network][1 pkts/67 bytes -> 0 pkts/0 bytes][Host: api.eu01.capptain.com] - 16 UDP 192.168.180.2:11793 -> 8.8.8.8:53 [proto: 5.239/DNS.GoogleServices][cat: Web][1 pkts/65 bytes -> 0 pkts/0 bytes][Host: play.googleapis.com] - 17 UDP 192.168.180.2:38472 -> 8.8.8.8:53 [proto: 5.218/DNS.OCS][cat: Media][1 pkts/63 bytes -> 0 pkts/0 bytes][Host: ocu03.labgency.ws] - 18 UDP 192.168.180.2:2589 -> 8.8.8.8:53 [proto: 5.218/DNS.OCS][cat: Media][1 pkts/61 bytes -> 0 pkts/0 bytes][Host: ocs.labgency.ws] - 19 UDP 192.168.180.2:24245 -> 8.8.8.8:53 [proto: 5.218/DNS.OCS][cat: Media][1 pkts/56 bytes -> 0 pkts/0 bytes][Host: www.ocs.fr] + 12 UDP 192.168.180.2:3621 -> 8.8.8.8:53 [proto: 5/DNS][cat: Network/14][1 pkts/77 bytes -> 0 pkts/0 bytes][Host: xmpp.device06.eu01.capptain.com] + 13 UDP 192.168.180.2:48770 -> 8.8.8.8:53 [proto: 5.228/DNS.PlayStore][cat: SoftwareUpdate/19][1 pkts/72 bytes -> 0 pkts/0 bytes][Host: android.clients.google.com] + 14 UDP 192.168.180.2:40097 -> 8.8.8.8:53 [proto: 5/DNS][cat: Network/14][1 pkts/70 bytes -> 0 pkts/0 bytes][Host: settings.crashlytics.com] + 15 UDP 192.168.180.2:1291 -> 8.8.8.8:53 [proto: 5/DNS][cat: Network/14][1 pkts/67 bytes -> 0 pkts/0 bytes][Host: api.eu01.capptain.com] + 16 UDP 192.168.180.2:11793 -> 8.8.8.8:53 [proto: 5.239/DNS.GoogleServices][cat: Web/5][1 pkts/65 bytes -> 0 pkts/0 bytes][Host: play.googleapis.com] + 17 UDP 192.168.180.2:38472 -> 8.8.8.8:53 [proto: 5.218/DNS.OCS][cat: Media/1][1 pkts/63 bytes -> 0 pkts/0 bytes][Host: ocu03.labgency.ws] + 18 UDP 192.168.180.2:2589 -> 8.8.8.8:53 [proto: 5.218/DNS.OCS][cat: Media/1][1 pkts/61 bytes -> 0 pkts/0 bytes][Host: ocs.labgency.ws] + 19 UDP 192.168.180.2:24245 -> 8.8.8.8:53 [proto: 5.218/DNS.OCS][cat: Media/1][1 pkts/56 bytes -> 0 pkts/0 bytes][Host: www.ocs.fr] Undetected flows: diff --git a/tests/result/ookla.pcap.out b/tests/result/ookla.pcap.out index d89b6c4f2..8cd7bf73d 100644 --- a/tests/result/ookla.pcap.out +++ b/tests/result/ookla.pcap.out @@ -1,5 +1,5 @@ HTTP 5066 4685425 1 Ookla 20 4320 1 - 1 TCP 192.168.1.7:51215 <-> 46.44.253.187:8080 [proto: 7/HTTP][cat: Web][2202 pkts/1032520 bytes <-> 2864 pkts/3652905 bytes] - 2 TCP 192.168.1.7:51207 <-> 46.44.253.187:80 [proto: 7.191/HTTP.Ookla][cat: Network][12 pkts/2238 bytes <-> 8 pkts/2082 bytes] + 1 TCP 192.168.1.7:51215 <-> 46.44.253.187:8080 [proto: 7/HTTP][cat: Web/5][2202 pkts/1032520 bytes <-> 2864 pkts/3652905 bytes] + 2 TCP 192.168.1.7:51207 <-> 46.44.253.187:80 [proto: 7.191/HTTP.Ookla][cat: Network/14][12 pkts/2238 bytes <-> 8 pkts/2082 bytes] diff --git a/tests/result/openvpn.pcap.out b/tests/result/openvpn.pcap.out index dedd72082..4acffeaba 100644 --- a/tests/result/openvpn.pcap.out +++ b/tests/result/openvpn.pcap.out @@ -1,5 +1,5 @@ OpenVPN 298 57111 3 - 1 UDP 192.168.43.18:13680 <-> 139.59.151.137:13680 [proto: 159/OpenVPN][cat: VPN][62 pkts/11508 bytes <-> 58 pkts/16664 bytes] - 2 TCP 192.168.1.77:60140 <-> 46.101.231.218:443 [proto: 159/OpenVPN][cat: VPN][44 pkts/7514 bytes <-> 51 pkts/7866 bytes] - 3 UDP 192.168.43.12:41507 <-> 139.59.151.137:13680 [proto: 159/OpenVPN][cat: VPN][49 pkts/7860 bytes <-> 34 pkts/5699 bytes] + 1 UDP 192.168.43.18:13680 <-> 139.59.151.137:13680 [proto: 159/OpenVPN][cat: VPN/2][62 pkts/11508 bytes <-> 58 pkts/16664 bytes] + 2 TCP 192.168.1.77:60140 <-> 46.101.231.218:443 [proto: 159/OpenVPN][cat: VPN/2][44 pkts/7514 bytes <-> 51 pkts/7866 bytes] + 3 UDP 192.168.43.12:41507 <-> 139.59.151.137:13680 [proto: 159/OpenVPN][cat: VPN/2][49 pkts/7860 bytes <-> 34 pkts/5699 bytes] diff --git a/tests/result/pps.pcap.out b/tests/result/pps.pcap.out index 284677a92..225e6b886 100644 --- a/tests/result/pps.pcap.out +++ b/tests/result/pps.pcap.out @@ -6,76 +6,76 @@ Google 2 1093 1 UPnP 1 130 1 iQIYI 1459 1815935 51 - 1 TCP 192.168.115.8:50780 <-> 223.26.106.20:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming][1 pkts/303 bytes <-> 541 pkts/710082 bytes][Host: preimage1.qiyipic.com] - 2 TCP 192.168.115.8:50778 <-> 223.26.106.20:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming][1 pkts/303 bytes <-> 528 pkts/692658 bytes][Host: preimage1.qiyipic.com] - 3 TCP 192.168.115.8:50505 <-> 223.26.106.19:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming][2 pkts/400 bytes <-> 244 pkts/319633 bytes][Host: static.qiyi.com] - 4 TCP 192.168.115.8:50491 <-> 223.26.106.66:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming][1 pkts/426 bytes <-> 26 pkts/33872 bytes][Host: 223.26.106.66] - 5 TCP 192.168.115.8:50486 <-> 77.234.40.96:80 [proto: 7.60/HTTP.HTTP_Download][cat: Download-FileTransfer-FileSharing][11 pkts/11023 bytes <-> 12 pkts/14869 bytes][Host: bcu.ff.avast.com] - 6 UDP 192.168.5.38:1900 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System][18 pkts/9327 bytes -> 0 pkts/0 bytes] - 7 TCP 192.168.115.8:50476 <-> 101.227.32.39:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming][1 pkts/656 bytes <-> 4 pkts/3897 bytes][Host: cache.video.iqiyi.com] - 8 TCP 192.168.115.8:50495 <-> 202.108.14.236:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming][3 pkts/2844 bytes <-> 3 pkts/597 bytes][Host: msg.71.am] - 9 TCP 77.234.41.35:80 <-> 192.168.115.8:49174 [proto: 7/HTTP][cat: Web][4 pkts/2953 bytes <-> 1 pkts/356 bytes] - 10 TCP 192.168.115.8:50767 <-> 223.26.106.20:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming][4 pkts/800 bytes <-> 4 pkts/2112 bytes][Host: static.qiyi.com] - 11 TCP 192.168.115.8:50488 <-> 223.26.106.20:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming][1 pkts/311 bytes <-> 2 pkts/2035 bytes][Host: meta.video.qiyi.com] - 12 TCP 192.168.115.8:50471 <-> 202.108.14.236:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming][2 pkts/1898 bytes <-> 2 pkts/398 bytes][Host: msg.71.am] - 13 TCP 192.168.115.8:50501 <-> 202.108.14.236:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming][2 pkts/1893 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] - 14 TCP 192.168.115.8:50463 <-> 101.227.200.11:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming][2 pkts/1555 bytes <-> 1 pkts/306 bytes][Host: api.cupid.iqiyi.com] - 15 TCP 192.168.115.8:50496 <-> 101.227.200.11:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming][2 pkts/1555 bytes <-> 1 pkts/306 bytes][Host: api.cupid.iqiyi.com] - 16 TCP 192.168.115.8:50779 <-> 111.206.22.77:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming][2 pkts/1438 bytes <-> 1 pkts/194 bytes][Host: msg.iqiyi.com] - 17 UDP 192.168.5.38:58897 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System][9 pkts/1575 bytes -> 0 pkts/0 bytes] - 18 UDP 192.168.115.1:50945 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System][9 pkts/1539 bytes -> 0 pkts/0 bytes] - 19 TCP 192.168.115.8:50464 <-> 123.125.112.49:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming][1 pkts/707 bytes <-> 1 pkts/744 bytes][Host: click.hm.baidu.com] - 20 TCP 192.168.115.8:50492 <-> 111.206.13.3:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming][1 pkts/389 bytes <-> 2 pkts/1034 bytes][Host: pdata.video.qiyi.com] - 21 TCP 192.168.115.8:50777 <-> 111.206.22.77:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming][1 pkts/1186 bytes <-> 1 pkts/194 bytes][Host: msg.iqiyi.com] - 22 TCP 192.168.115.8:50494 <-> 223.26.106.66:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming][2 pkts/887 bytes <-> 1 pkts/443 bytes][Host: 223.26.106.66] - 23 TCP 192.168.115.8:50497 <-> 123.125.112.49:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming][1 pkts/1004 bytes <-> 2 pkts/301 bytes][Host: click.hm.baidu.com] - 24 TCP 192.168.115.8:50499 <-> 111.206.22.76:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming][1 pkts/1097 bytes <-> 1 pkts/199 bytes][Host: msg.iqiyi.com] - 25 TCP 192.168.115.8:50474 <-> 202.108.14.221:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming][1 pkts/1100 bytes <-> 1 pkts/194 bytes][Host: msg.iqiyi.com] - 26 TCP 192.168.115.8:50507 <-> 223.26.106.19:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming][1 pkts/212 bytes <-> 1 pkts/1063 bytes][Host: static.qiyi.com] - 27 TCP 192.168.115.8:50485 <-> 202.108.14.236:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming][1 pkts/947 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] - 28 TCP 192.168.115.8:50502 <-> 202.108.14.236:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming][1 pkts/947 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] - 29 TCP 192.168.115.8:50493 <-> 202.108.14.236:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming][1 pkts/946 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] - 30 TCP 192.168.115.8:50771 <-> 202.108.14.236:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming][1 pkts/946 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] - 31 TCP 192.168.115.8:50473 <-> 202.108.14.219:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming][1 pkts/944 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] - 32 TCP 192.168.115.8:50475 <-> 202.108.14.236:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming][1 pkts/941 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] - 33 TCP 192.168.115.8:50500 <-> 23.41.133.163:80 [proto: 7/HTTP][cat: Web][1 pkts/289 bytes <-> 1 pkts/839 bytes][Host: s1.symcb.com] - 34 TCP 192.168.115.8:50773 <-> 202.108.14.221:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming][1 pkts/919 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] - 35 TCP 192.168.115.8:50466 <-> 203.66.182.24:80 [proto: 7.126/HTTP.Google][cat: Web][1 pkts/280 bytes <-> 1 pkts/813 bytes][Host: clients1.google.com] - 36 UDP 192.168.5.50:52529 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System][6 pkts/1074 bytes -> 0 pkts/0 bytes] - 37 UDP 192.168.5.28:60023 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System][6 pkts/1050 bytes -> 0 pkts/0 bytes] - 38 UDP 192.168.5.57:59648 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System][6 pkts/1050 bytes -> 0 pkts/0 bytes] - 39 TCP 192.168.115.8:50504 -> 202.108.14.236:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming][1 pkts/946 bytes -> 0 pkts/0 bytes][Host: msg.71.am] - 40 TCP 192.168.115.8:50769 <-> 101.227.200.11:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming][1 pkts/604 bytes <-> 1 pkts/291 bytes][Host: api.cupid.iqiyi.com] - 41 TCP 192.168.115.8:50498 <-> 36.110.220.15:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming][1 pkts/694 bytes <-> 1 pkts/199 bytes][Host: msg.video.qiyi.com] - 42 TCP 192.168.115.8:50503 <-> 202.108.14.219:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming][1 pkts/683 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] - 43 UDP 192.168.5.41:50374 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System][5 pkts/875 bytes -> 0 pkts/0 bytes] - 44 TCP 192.168.115.8:50490 <-> 119.188.13.188:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming][1 pkts/357 bytes <-> 1 pkts/479 bytes][Host: pdata.video.qiyi.com] - 45 TCP 192.168.115.8:50467 <-> 202.108.14.219:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming][1 pkts/629 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] - 46 TCP 192.168.115.8:50484 <-> 202.108.14.219:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming][1 pkts/622 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] - 47 TCP 192.168.115.8:50477 <-> 202.108.14.219:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming][1 pkts/614 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] - 48 TCP 192.168.115.8:50774 <-> 202.108.14.219:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming][1 pkts/587 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] - 49 TCP 192.168.115.8:50469 <-> 202.108.14.219:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming][1 pkts/573 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] - 50 TCP 192.168.115.8:50482 <-> 140.205.243.64:80 [proto: 7/HTTP][cat: Web][1 pkts/444 bytes <-> 1 pkts/283 bytes][Host: cmc.tanx.com] - 51 TCP 192.168.115.8:50768 <-> 223.26.106.19:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming][1 pkts/198 bytes <-> 1 pkts/526 bytes][Host: static.qiyi.com] - 52 TCP 192.168.5.15:65128 <-> 68.233.253.133:80 [proto: 7/HTTP][cat: Web][1 pkts/331 bytes <-> 1 pkts/390 bytes][Host: api.magicansoft.com] - 53 TCP 192.168.115.8:50509 <-> 106.38.219.107:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming][1 pkts/163 bytes <-> 2 pkts/557 bytes][Host: iplocation.geo.qiyi.com] - 54 TCP 192.168.5.15:65127 <-> 68.233.253.133:80 [proto: 7/HTTP][cat: Web][1 pkts/323 bytes <-> 1 pkts/390 bytes][Host: api.magicansoft.com] - 55 TCP 192.168.115.8:50766 <-> 223.26.106.20:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming][1 pkts/198 bytes <-> 1 pkts/493 bytes][Host: static.qiyi.com] - 56 TCP 192.168.115.8:50487 -> 202.108.14.219:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming][1 pkts/683 bytes -> 0 pkts/0 bytes][Host: msg.71.am] - 57 TCP 192.168.115.8:50489 <-> 119.188.13.188:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming][1 pkts/253 bytes <-> 1 pkts/430 bytes][Host: pdata.video.qiyi.com] - 58 TCP 192.168.115.8:50772 <-> 123.125.111.70:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming][1 pkts/399 bytes <-> 1 pkts/275 bytes][Host: nl.rcd.iqiyi.com] - 59 TCP 192.168.115.8:50775 <-> 123.125.111.70:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming][1 pkts/399 bytes <-> 1 pkts/275 bytes][Host: nl.rcd.iqiyi.com] - 60 TCP 192.168.115.8:50470 <-> 202.108.14.236:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming][1 pkts/424 bytes <-> 1 pkts/194 bytes][Host: msg.iqiyi.com] - 61 TCP 192.168.115.8:50508 <-> 223.26.106.19:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming][1 pkts/198 bytes <-> 1 pkts/420 bytes][Host: static.qiyi.com] - 62 TCP 192.168.115.8:50483 <-> 202.108.14.219:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming][1 pkts/417 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] - 63 TCP 192.168.115.8:50776 <-> 111.206.22.77:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming][1 pkts/394 bytes <-> 1 pkts/194 bytes][Host: msg.iqiyi.com] - 64 TCP 192.168.115.8:50765 <-> 36.110.220.15:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming][1 pkts/264 bytes <-> 1 pkts/199 bytes][Host: msg.video.qiyi.com] - 65 TCP 202.108.14.219:80 -> 192.168.115.8:50295 [proto: 7/HTTP][cat: Web][2 pkts/398 bytes -> 0 pkts/0 bytes] - 66 UDP 192.168.5.48:63930 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System][2 pkts/358 bytes -> 0 pkts/0 bytes] - 67 TCP 117.79.81.135:80 -> 192.168.115.8:50443 [proto: 7/HTTP][cat: Web][1 pkts/347 bytes -> 0 pkts/0 bytes] - 68 TCP 192.168.115.8:50781 -> 223.26.106.20:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming][1 pkts/303 bytes -> 0 pkts/0 bytes][Host: preimage1.qiyipic.com] - 69 TCP 202.108.14.219:80 -> 192.168.115.8:50506 [proto: 7/HTTP][cat: Web][1 pkts/199 bytes -> 0 pkts/0 bytes] - 70 UDP 192.168.5.63:60976 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System][1 pkts/165 bytes -> 0 pkts/0 bytes] + 1 TCP 192.168.115.8:50780 <-> 223.26.106.20:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][1 pkts/303 bytes <-> 541 pkts/710082 bytes][Host: preimage1.qiyipic.com] + 2 TCP 192.168.115.8:50778 <-> 223.26.106.20:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][1 pkts/303 bytes <-> 528 pkts/692658 bytes][Host: preimage1.qiyipic.com] + 3 TCP 192.168.115.8:50505 <-> 223.26.106.19:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][2 pkts/400 bytes <-> 244 pkts/319633 bytes][Host: static.qiyi.com] + 4 TCP 192.168.115.8:50491 <-> 223.26.106.66:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][1 pkts/426 bytes <-> 26 pkts/33872 bytes][Host: 223.26.106.66] + 5 TCP 192.168.115.8:50486 <-> 77.234.40.96:80 [proto: 7.60/HTTP.HTTP_Download][cat: Download-FileTransfer-FileSharing/7][11 pkts/11023 bytes <-> 12 pkts/14869 bytes][Host: bcu.ff.avast.com] + 6 UDP 192.168.5.38:1900 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][18 pkts/9327 bytes -> 0 pkts/0 bytes] + 7 TCP 192.168.115.8:50476 <-> 101.227.32.39:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][1 pkts/656 bytes <-> 4 pkts/3897 bytes][Host: cache.video.iqiyi.com] + 8 TCP 192.168.115.8:50495 <-> 202.108.14.236:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][3 pkts/2844 bytes <-> 3 pkts/597 bytes][Host: msg.71.am] + 9 TCP 77.234.41.35:80 <-> 192.168.115.8:49174 [proto: 7/HTTP][cat: Web/5][4 pkts/2953 bytes <-> 1 pkts/356 bytes] + 10 TCP 192.168.115.8:50767 <-> 223.26.106.20:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][4 pkts/800 bytes <-> 4 pkts/2112 bytes][Host: static.qiyi.com] + 11 TCP 192.168.115.8:50488 <-> 223.26.106.20:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][1 pkts/311 bytes <-> 2 pkts/2035 bytes][Host: meta.video.qiyi.com] + 12 TCP 192.168.115.8:50471 <-> 202.108.14.236:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][2 pkts/1898 bytes <-> 2 pkts/398 bytes][Host: msg.71.am] + 13 TCP 192.168.115.8:50501 <-> 202.108.14.236:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][2 pkts/1893 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] + 14 TCP 192.168.115.8:50463 <-> 101.227.200.11:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][2 pkts/1555 bytes <-> 1 pkts/306 bytes][Host: api.cupid.iqiyi.com] + 15 TCP 192.168.115.8:50496 <-> 101.227.200.11:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][2 pkts/1555 bytes <-> 1 pkts/306 bytes][Host: api.cupid.iqiyi.com] + 16 TCP 192.168.115.8:50779 <-> 111.206.22.77:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][2 pkts/1438 bytes <-> 1 pkts/194 bytes][Host: msg.iqiyi.com] + 17 UDP 192.168.5.38:58897 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][9 pkts/1575 bytes -> 0 pkts/0 bytes] + 18 UDP 192.168.115.1:50945 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][9 pkts/1539 bytes -> 0 pkts/0 bytes] + 19 TCP 192.168.115.8:50464 <-> 123.125.112.49:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][1 pkts/707 bytes <-> 1 pkts/744 bytes][Host: click.hm.baidu.com] + 20 TCP 192.168.115.8:50492 <-> 111.206.13.3:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][1 pkts/389 bytes <-> 2 pkts/1034 bytes][Host: pdata.video.qiyi.com] + 21 TCP 192.168.115.8:50777 <-> 111.206.22.77:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][1 pkts/1186 bytes <-> 1 pkts/194 bytes][Host: msg.iqiyi.com] + 22 TCP 192.168.115.8:50494 <-> 223.26.106.66:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][2 pkts/887 bytes <-> 1 pkts/443 bytes][Host: 223.26.106.66] + 23 TCP 192.168.115.8:50497 <-> 123.125.112.49:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][1 pkts/1004 bytes <-> 2 pkts/301 bytes][Host: click.hm.baidu.com] + 24 TCP 192.168.115.8:50499 <-> 111.206.22.76:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][1 pkts/1097 bytes <-> 1 pkts/199 bytes][Host: msg.iqiyi.com] + 25 TCP 192.168.115.8:50474 <-> 202.108.14.221:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][1 pkts/1100 bytes <-> 1 pkts/194 bytes][Host: msg.iqiyi.com] + 26 TCP 192.168.115.8:50507 <-> 223.26.106.19:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][1 pkts/212 bytes <-> 1 pkts/1063 bytes][Host: static.qiyi.com] + 27 TCP 192.168.115.8:50485 <-> 202.108.14.236:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][1 pkts/947 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] + 28 TCP 192.168.115.8:50502 <-> 202.108.14.236:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][1 pkts/947 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] + 29 TCP 192.168.115.8:50493 <-> 202.108.14.236:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][1 pkts/946 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] + 30 TCP 192.168.115.8:50771 <-> 202.108.14.236:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][1 pkts/946 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] + 31 TCP 192.168.115.8:50473 <-> 202.108.14.219:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][1 pkts/944 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] + 32 TCP 192.168.115.8:50475 <-> 202.108.14.236:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][1 pkts/941 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] + 33 TCP 192.168.115.8:50500 <-> 23.41.133.163:80 [proto: 7/HTTP][cat: Web/5][1 pkts/289 bytes <-> 1 pkts/839 bytes][Host: s1.symcb.com] + 34 TCP 192.168.115.8:50773 <-> 202.108.14.221:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][1 pkts/919 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] + 35 TCP 192.168.115.8:50466 <-> 203.66.182.24:80 [proto: 7.126/HTTP.Google][cat: Web/5][1 pkts/280 bytes <-> 1 pkts/813 bytes][Host: clients1.google.com] + 36 UDP 192.168.5.50:52529 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][6 pkts/1074 bytes -> 0 pkts/0 bytes] + 37 UDP 192.168.5.28:60023 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][6 pkts/1050 bytes -> 0 pkts/0 bytes] + 38 UDP 192.168.5.57:59648 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][6 pkts/1050 bytes -> 0 pkts/0 bytes] + 39 TCP 192.168.115.8:50504 -> 202.108.14.236:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][1 pkts/946 bytes -> 0 pkts/0 bytes][Host: msg.71.am] + 40 TCP 192.168.115.8:50769 <-> 101.227.200.11:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][1 pkts/604 bytes <-> 1 pkts/291 bytes][Host: api.cupid.iqiyi.com] + 41 TCP 192.168.115.8:50498 <-> 36.110.220.15:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][1 pkts/694 bytes <-> 1 pkts/199 bytes][Host: msg.video.qiyi.com] + 42 TCP 192.168.115.8:50503 <-> 202.108.14.219:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][1 pkts/683 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] + 43 UDP 192.168.5.41:50374 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][5 pkts/875 bytes -> 0 pkts/0 bytes] + 44 TCP 192.168.115.8:50490 <-> 119.188.13.188:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][1 pkts/357 bytes <-> 1 pkts/479 bytes][Host: pdata.video.qiyi.com] + 45 TCP 192.168.115.8:50467 <-> 202.108.14.219:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][1 pkts/629 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] + 46 TCP 192.168.115.8:50484 <-> 202.108.14.219:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][1 pkts/622 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] + 47 TCP 192.168.115.8:50477 <-> 202.108.14.219:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][1 pkts/614 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] + 48 TCP 192.168.115.8:50774 <-> 202.108.14.219:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][1 pkts/587 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] + 49 TCP 192.168.115.8:50469 <-> 202.108.14.219:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][1 pkts/573 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] + 50 TCP 192.168.115.8:50482 <-> 140.205.243.64:80 [proto: 7/HTTP][cat: Web/5][1 pkts/444 bytes <-> 1 pkts/283 bytes][Host: cmc.tanx.com] + 51 TCP 192.168.115.8:50768 <-> 223.26.106.19:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][1 pkts/198 bytes <-> 1 pkts/526 bytes][Host: static.qiyi.com] + 52 TCP 192.168.5.15:65128 <-> 68.233.253.133:80 [proto: 7/HTTP][cat: Web/5][1 pkts/331 bytes <-> 1 pkts/390 bytes][Host: api.magicansoft.com] + 53 TCP 192.168.115.8:50509 <-> 106.38.219.107:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][1 pkts/163 bytes <-> 2 pkts/557 bytes][Host: iplocation.geo.qiyi.com] + 54 TCP 192.168.5.15:65127 <-> 68.233.253.133:80 [proto: 7/HTTP][cat: Web/5][1 pkts/323 bytes <-> 1 pkts/390 bytes][Host: api.magicansoft.com] + 55 TCP 192.168.115.8:50766 <-> 223.26.106.20:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][1 pkts/198 bytes <-> 1 pkts/493 bytes][Host: static.qiyi.com] + 56 TCP 192.168.115.8:50487 -> 202.108.14.219:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][1 pkts/683 bytes -> 0 pkts/0 bytes][Host: msg.71.am] + 57 TCP 192.168.115.8:50489 <-> 119.188.13.188:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][1 pkts/253 bytes <-> 1 pkts/430 bytes][Host: pdata.video.qiyi.com] + 58 TCP 192.168.115.8:50772 <-> 123.125.111.70:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][1 pkts/399 bytes <-> 1 pkts/275 bytes][Host: nl.rcd.iqiyi.com] + 59 TCP 192.168.115.8:50775 <-> 123.125.111.70:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][1 pkts/399 bytes <-> 1 pkts/275 bytes][Host: nl.rcd.iqiyi.com] + 60 TCP 192.168.115.8:50470 <-> 202.108.14.236:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][1 pkts/424 bytes <-> 1 pkts/194 bytes][Host: msg.iqiyi.com] + 61 TCP 192.168.115.8:50508 <-> 223.26.106.19:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][1 pkts/198 bytes <-> 1 pkts/420 bytes][Host: static.qiyi.com] + 62 TCP 192.168.115.8:50483 <-> 202.108.14.219:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][1 pkts/417 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] + 63 TCP 192.168.115.8:50776 <-> 111.206.22.77:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][1 pkts/394 bytes <-> 1 pkts/194 bytes][Host: msg.iqiyi.com] + 64 TCP 192.168.115.8:50765 <-> 36.110.220.15:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][1 pkts/264 bytes <-> 1 pkts/199 bytes][Host: msg.video.qiyi.com] + 65 TCP 202.108.14.219:80 -> 192.168.115.8:50295 [proto: 7/HTTP][cat: Web/5][2 pkts/398 bytes -> 0 pkts/0 bytes] + 66 UDP 192.168.5.48:63930 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][2 pkts/358 bytes -> 0 pkts/0 bytes] + 67 TCP 117.79.81.135:80 -> 192.168.115.8:50443 [proto: 7/HTTP][cat: Web/5][1 pkts/347 bytes -> 0 pkts/0 bytes] + 68 TCP 192.168.115.8:50781 -> 223.26.106.20:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][1 pkts/303 bytes -> 0 pkts/0 bytes][Host: preimage1.qiyipic.com] + 69 TCP 202.108.14.219:80 -> 192.168.115.8:50506 [proto: 7/HTTP][cat: Web/5][1 pkts/199 bytes -> 0 pkts/0 bytes] + 70 UDP 192.168.5.63:60976 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][1 pkts/165 bytes -> 0 pkts/0 bytes] 71 UDP 192.168.5.63:39383 -> 239.255.255.250:1900 [proto: 153/UPnP][1 pkts/130 bytes -> 0 pkts/0 bytes] 72 TCP 192.168.115.8:50462 -> 202.108.14.236:80 [proto: 7/HTTP][2 pkts/108 bytes -> 0 pkts/0 bytes] 73 TCP 192.168.5.15:65125 -> 68.233.253.133:80 [proto: 7/HTTP][1 pkts/66 bytes -> 0 pkts/0 bytes] diff --git a/tests/result/quic.pcap.out b/tests/result/quic.pcap.out index 16b9d39e4..dbfc7f84d 100644 --- a/tests/result/quic.pcap.out +++ b/tests/result/quic.pcap.out @@ -4,15 +4,15 @@ YouTube 85 76193 5 Google 11 10063 2 QUIC 3 364 1 - 1 UDP 192.168.1.109:57833 <-> 216.58.212.101:443 [proto: 188.122/QUIC.GMail][cat: Email][161 pkts/23930 bytes <-> 252 pkts/230944 bytes][Host: mail.google.com] - 2 UDP 192.168.1.109:35236 <-> 216.58.210.206:443 [proto: 188.124/QUIC.YouTube][cat: Media][25 pkts/5276 bytes <-> 44 pkts/53157 bytes][Host: www.youtube.com] - 3 UDP 192.168.1.105:34438 <-> 216.58.210.238:443 [proto: 188.124/QUIC.YouTube][cat: Media][4 pkts/3682 bytes <-> 3 pkts/2863 bytes][Host: www.youtube.com] - 4 UDP 192.168.1.105:40030 <-> 216.58.201.227:443 [proto: 188.126/QUIC.Google][cat: Web][3 pkts/2866 bytes <-> 3 pkts/2863 bytes][Host: fonts.gstatic.com] - 5 UDP 192.168.1.105:55934 <-> 216.58.201.238:443 [proto: 188.124/QUIC.YouTube][cat: Media][2 pkts/2784 bytes <-> 2 pkts/2784 bytes][Host: s.ytimg.com] - 6 UDP 192.168.1.105:45669 <-> 172.217.16.4:443 [proto: 188.126/QUIC.Google][cat: Web][3 pkts/1550 bytes <-> 2 pkts/2784 bytes][Host: www.google.com] - 7 UDP 192.168.1.105:48445 <-> 216.58.214.110:443 [proto: 188.124/QUIC.YouTube][cat: Media][2 pkts/1471 bytes <-> 1 pkts/1392 bytes][Host: i.ytimg.com] - 8 UDP 192.168.1.105:53817 <-> 216.58.210.225:443 [proto: 188.124/QUIC.YouTube][cat: Media][1 pkts/1392 bytes <-> 1 pkts/1392 bytes][Host: yt3.ggpht.com] - 9 UDP 192.168.1.105:40461 <-> 172.217.16.3:443 [proto: 188/QUIC][cat: Web][2 pkts/241 bytes <-> 1 pkts/123 bytes] + 1 UDP 192.168.1.109:57833 <-> 216.58.212.101:443 [proto: 188.122/QUIC.GMail][cat: Email/3][161 pkts/23930 bytes <-> 252 pkts/230944 bytes][Host: mail.google.com] + 2 UDP 192.168.1.109:35236 <-> 216.58.210.206:443 [proto: 188.124/QUIC.YouTube][cat: Media/1][25 pkts/5276 bytes <-> 44 pkts/53157 bytes][Host: www.youtube.com] + 3 UDP 192.168.1.105:34438 <-> 216.58.210.238:443 [proto: 188.124/QUIC.YouTube][cat: Media/1][4 pkts/3682 bytes <-> 3 pkts/2863 bytes][Host: www.youtube.com] + 4 UDP 192.168.1.105:40030 <-> 216.58.201.227:443 [proto: 188.126/QUIC.Google][cat: Web/5][3 pkts/2866 bytes <-> 3 pkts/2863 bytes][Host: fonts.gstatic.com] + 5 UDP 192.168.1.105:55934 <-> 216.58.201.238:443 [proto: 188.124/QUIC.YouTube][cat: Media/1][2 pkts/2784 bytes <-> 2 pkts/2784 bytes][Host: s.ytimg.com] + 6 UDP 192.168.1.105:45669 <-> 172.217.16.4:443 [proto: 188.126/QUIC.Google][cat: Web/5][3 pkts/1550 bytes <-> 2 pkts/2784 bytes][Host: www.google.com] + 7 UDP 192.168.1.105:48445 <-> 216.58.214.110:443 [proto: 188.124/QUIC.YouTube][cat: Media/1][2 pkts/1471 bytes <-> 1 pkts/1392 bytes][Host: i.ytimg.com] + 8 UDP 192.168.1.105:53817 <-> 216.58.210.225:443 [proto: 188.124/QUIC.YouTube][cat: Media/1][1 pkts/1392 bytes <-> 1 pkts/1392 bytes][Host: yt3.ggpht.com] + 9 UDP 192.168.1.105:40461 <-> 172.217.16.3:443 [proto: 188/QUIC][cat: Web/5][2 pkts/241 bytes <-> 1 pkts/123 bytes] Undetected flows: diff --git a/tests/result/quickplay.pcap.out b/tests/result/quickplay.pcap.out index de6981ec6..6dba3077e 100644 --- a/tests/result/quickplay.pcap.out +++ b/tests/result/quickplay.pcap.out @@ -4,24 +4,24 @@ Google 2 378 1 Amazon 2 1469 1 QuickPlay 133 96179 11 - 1 TCP 10.54.169.250:52009 <-> 120.28.35.40:80 [proto: 7.196/HTTP.QuickPlay][cat: Streaming][35 pkts/17902 bytes <-> 30 pkts/28000 bytes][Host: vod-singtelhawk.quickplay.com] - 2 TCP 10.54.169.250:52019 <-> 120.28.35.40:80 [proto: 7.196/HTTP.QuickPlay][cat: Streaming][14 pkts/7028 bytes <-> 11 pkts/12578 bytes][Host: vod-singtelhawk.quickplay.com] - 3 TCP 10.54.169.250:52017 <-> 120.28.35.40:80 [proto: 7.196/HTTP.QuickPlay][cat: Streaming][5 pkts/2510 bytes <-> 3 pkts/3522 bytes][Host: vod-singtelhawk.quickplay.com] - 4 TCP 10.54.169.250:52018 <-> 120.28.35.40:80 [proto: 7.196/HTTP.QuickPlay][cat: Streaming][4 pkts/2008 bytes <-> 3 pkts/3040 bytes][Host: vod-singtelhawk.quickplay.com] - 5 TCP 10.54.169.250:52022 <-> 120.28.35.40:80 [proto: 7.196/HTTP.QuickPlay][cat: Streaming][4 pkts/2008 bytes <-> 3 pkts/2276 bytes][Host: vod-singtelhawk.quickplay.com] - 6 TCP 10.54.169.250:50669 <-> 120.28.35.41:80 [proto: 7.196/HTTP.QuickPlay][cat: Streaming][2 pkts/844 bytes <-> 2 pkts/2836 bytes][Host: api-singtelhawk.quickplay.com] - 7 TCP 10.54.169.250:50668 <-> 120.28.35.41:80 [proto: 7.196/HTTP.QuickPlay][cat: Streaming][2 pkts/733 bytes <-> 2 pkts/2627 bytes][Host: api-singtelhawk.quickplay.com] - 8 TCP 10.54.169.250:52021 <-> 120.28.35.40:80 [proto: 7.196/HTTP.QuickPlay][cat: Streaming][3 pkts/1506 bytes <-> 1 pkts/1248 bytes][Host: vod-singtelhawk.quickplay.com] - 9 TCP 10.54.169.250:52007 <-> 120.28.35.40:80 [proto: 7.196/HTTP.QuickPlay][cat: Streaming][3 pkts/1583 bytes <-> 1 pkts/1152 bytes][Host: vod-singtelhawk.quickplay.com] - 10 TCP 10.54.169.250:44256 <-> 120.28.5.41:80 [proto: 7.196/HTTP.QuickPlay][cat: Streaming][2 pkts/1086 bytes <-> 1 pkts/1225 bytes][Host: play-singtelhawk.quickplay.com] - 11 TCP 10.54.169.250:56381 <-> 54.179.140.65:80 [proto: 7.178/HTTP.Amazon][cat: Web][1 pkts/638 bytes <-> 1 pkts/831 bytes][Host: api.account.xiaomi.com] - 12 TCP 10.54.169.250:54883 <-> 203.205.151.160:80 [proto: 7.48/HTTP.QQ][cat: Chat][2 pkts/1192 bytes <-> 1 pkts/145 bytes][Host: hkextshort.weixin.qq.com] - 13 TCP 10.54.169.250:54885 <-> 203.205.151.160:80 [proto: 7.48/HTTP.QQ][cat: Chat][1 pkts/461 bytes <-> 2 pkts/522 bytes][Host: hkextshort.weixin.qq.com] - 14 TCP 10.54.169.250:35670 <-> 203.205.147.215:80 [proto: 7.48/HTTP.QQ][cat: Chat][1 pkts/681 bytes <-> 1 pkts/262 bytes][Host: hkminorshort.weixin.qq.com] - 15 TCP 10.54.169.250:42762 <-> 203.205.129.101:80 [proto: 7.48/HTTP.QQ][cat: Chat][1 pkts/616 bytes <-> 1 pkts/261 bytes][Host: hkextshort.weixin.qq.com] - 16 TCP 10.54.169.250:42761 <-> 203.205.129.101:80 [proto: 7.48/HTTP.QQ][cat: Chat][1 pkts/380 bytes <-> 1 pkts/261 bytes][Host: hkextshort.weixin.qq.com] - 17 TCP 10.54.169.250:52285 <-> 173.252.74.22:80 [proto: 7.119/HTTP.Facebook][cat: SocialNetwork][1 pkts/243 bytes <-> 1 pkts/339 bytes][Host: www.facebook.com] - 18 TCP 10.54.169.250:52288 <-> 173.252.74.22:80 [proto: 7.119/HTTP.Facebook][cat: SocialNetwork][1 pkts/243 bytes <-> 1 pkts/339 bytes][Host: www.facebook.com] - 19 TCP 10.54.169.250:44793 <-> 31.13.68.49:80 [proto: 7.119/HTTP.Facebook][cat: SocialNetwork][1 pkts/237 bytes <-> 1 pkts/339 bytes][Host: www.facebook.com] - 20 TCP 10.54.169.250:33064 <-> 120.28.5.18:80 [proto: 7.196/HTTP.QuickPlay][cat: Streaming][1 pkts/358 bytes <-> 1 pkts/109 bytes][Host: api-singtelhawk.quickplay.com] - 21 TCP 10.54.169.250:33277 <-> 120.28.26.231:80 [proto: 7.126/HTTP.Google][cat: Web][1 pkts/241 bytes <-> 1 pkts/137 bytes][Host: clients3.google.com] + 1 TCP 10.54.169.250:52009 <-> 120.28.35.40:80 [proto: 7.196/HTTP.QuickPlay][cat: Streaming/17][35 pkts/17902 bytes <-> 30 pkts/28000 bytes][Host: vod-singtelhawk.quickplay.com] + 2 TCP 10.54.169.250:52019 <-> 120.28.35.40:80 [proto: 7.196/HTTP.QuickPlay][cat: Streaming/17][14 pkts/7028 bytes <-> 11 pkts/12578 bytes][Host: vod-singtelhawk.quickplay.com] + 3 TCP 10.54.169.250:52017 <-> 120.28.35.40:80 [proto: 7.196/HTTP.QuickPlay][cat: Streaming/17][5 pkts/2510 bytes <-> 3 pkts/3522 bytes][Host: vod-singtelhawk.quickplay.com] + 4 TCP 10.54.169.250:52018 <-> 120.28.35.40:80 [proto: 7.196/HTTP.QuickPlay][cat: Streaming/17][4 pkts/2008 bytes <-> 3 pkts/3040 bytes][Host: vod-singtelhawk.quickplay.com] + 5 TCP 10.54.169.250:52022 <-> 120.28.35.40:80 [proto: 7.196/HTTP.QuickPlay][cat: Streaming/17][4 pkts/2008 bytes <-> 3 pkts/2276 bytes][Host: vod-singtelhawk.quickplay.com] + 6 TCP 10.54.169.250:50669 <-> 120.28.35.41:80 [proto: 7.196/HTTP.QuickPlay][cat: Streaming/17][2 pkts/844 bytes <-> 2 pkts/2836 bytes][Host: api-singtelhawk.quickplay.com] + 7 TCP 10.54.169.250:50668 <-> 120.28.35.41:80 [proto: 7.196/HTTP.QuickPlay][cat: Streaming/17][2 pkts/733 bytes <-> 2 pkts/2627 bytes][Host: api-singtelhawk.quickplay.com] + 8 TCP 10.54.169.250:52021 <-> 120.28.35.40:80 [proto: 7.196/HTTP.QuickPlay][cat: Streaming/17][3 pkts/1506 bytes <-> 1 pkts/1248 bytes][Host: vod-singtelhawk.quickplay.com] + 9 TCP 10.54.169.250:52007 <-> 120.28.35.40:80 [proto: 7.196/HTTP.QuickPlay][cat: Streaming/17][3 pkts/1583 bytes <-> 1 pkts/1152 bytes][Host: vod-singtelhawk.quickplay.com] + 10 TCP 10.54.169.250:44256 <-> 120.28.5.41:80 [proto: 7.196/HTTP.QuickPlay][cat: Streaming/17][2 pkts/1086 bytes <-> 1 pkts/1225 bytes][Host: play-singtelhawk.quickplay.com] + 11 TCP 10.54.169.250:56381 <-> 54.179.140.65:80 [proto: 7.178/HTTP.Amazon][cat: Web/5][1 pkts/638 bytes <-> 1 pkts/831 bytes][Host: api.account.xiaomi.com] + 12 TCP 10.54.169.250:54883 <-> 203.205.151.160:80 [proto: 7.48/HTTP.QQ][cat: Chat/9][2 pkts/1192 bytes <-> 1 pkts/145 bytes][Host: hkextshort.weixin.qq.com] + 13 TCP 10.54.169.250:54885 <-> 203.205.151.160:80 [proto: 7.48/HTTP.QQ][cat: Chat/9][1 pkts/461 bytes <-> 2 pkts/522 bytes][Host: hkextshort.weixin.qq.com] + 14 TCP 10.54.169.250:35670 <-> 203.205.147.215:80 [proto: 7.48/HTTP.QQ][cat: Chat/9][1 pkts/681 bytes <-> 1 pkts/262 bytes][Host: hkminorshort.weixin.qq.com] + 15 TCP 10.54.169.250:42762 <-> 203.205.129.101:80 [proto: 7.48/HTTP.QQ][cat: Chat/9][1 pkts/616 bytes <-> 1 pkts/261 bytes][Host: hkextshort.weixin.qq.com] + 16 TCP 10.54.169.250:42761 <-> 203.205.129.101:80 [proto: 7.48/HTTP.QQ][cat: Chat/9][1 pkts/380 bytes <-> 1 pkts/261 bytes][Host: hkextshort.weixin.qq.com] + 17 TCP 10.54.169.250:52285 <-> 173.252.74.22:80 [proto: 7.119/HTTP.Facebook][cat: SocialNetwork/6][1 pkts/243 bytes <-> 1 pkts/339 bytes][Host: www.facebook.com] + 18 TCP 10.54.169.250:52288 <-> 173.252.74.22:80 [proto: 7.119/HTTP.Facebook][cat: SocialNetwork/6][1 pkts/243 bytes <-> 1 pkts/339 bytes][Host: www.facebook.com] + 19 TCP 10.54.169.250:44793 <-> 31.13.68.49:80 [proto: 7.119/HTTP.Facebook][cat: SocialNetwork/6][1 pkts/237 bytes <-> 1 pkts/339 bytes][Host: www.facebook.com] + 20 TCP 10.54.169.250:33064 <-> 120.28.5.18:80 [proto: 7.196/HTTP.QuickPlay][cat: Streaming/17][1 pkts/358 bytes <-> 1 pkts/109 bytes][Host: api-singtelhawk.quickplay.com] + 21 TCP 10.54.169.250:33277 <-> 120.28.26.231:80 [proto: 7.126/HTTP.Google][cat: Web/5][1 pkts/241 bytes <-> 1 pkts/137 bytes][Host: clients3.google.com] diff --git a/tests/result/rx.pcap.out b/tests/result/rx.pcap.out index f450ff1b0..c95dfd3e5 100644 --- a/tests/result/rx.pcap.out +++ b/tests/result/rx.pcap.out @@ -1,7 +1,7 @@ RX 132 26475 5 - 1 UDP 131.114.219.168:7001 <-> 192.167.206.241:7000 [proto: 223/RX][cat: RPC][48 pkts/6808 bytes <-> 31 pkts/5568 bytes] - 2 UDP 131.114.219.168:7001 <-> 192.167.206.124:7003 [proto: 223/RX][cat: RPC][18 pkts/1833 bytes <-> 9 pkts/8086 bytes] - 3 UDP 131.114.219.168:7001 <-> 192.167.206.124:7000 [proto: 223/RX][cat: RPC][10 pkts/2085 bytes <-> 10 pkts/1057 bytes] - 4 UDP 131.114.219.168:38331 <-> 192.167.206.124:7002 [proto: 223/RX][cat: RPC][2 pkts/441 bytes <-> 1 pkts/78 bytes] - 5 UDP 131.114.219.168:41559 <-> 192.167.206.124:7002 [proto: 223/RX][cat: RPC][2 pkts/441 bytes <-> 1 pkts/78 bytes] + 1 UDP 131.114.219.168:7001 <-> 192.167.206.241:7000 [proto: 223/RX][cat: RPC/16][48 pkts/6808 bytes <-> 31 pkts/5568 bytes] + 2 UDP 131.114.219.168:7001 <-> 192.167.206.124:7003 [proto: 223/RX][cat: RPC/16][18 pkts/1833 bytes <-> 9 pkts/8086 bytes] + 3 UDP 131.114.219.168:7001 <-> 192.167.206.124:7000 [proto: 223/RX][cat: RPC/16][10 pkts/2085 bytes <-> 10 pkts/1057 bytes] + 4 UDP 131.114.219.168:38331 <-> 192.167.206.124:7002 [proto: 223/RX][cat: RPC/16][2 pkts/441 bytes <-> 1 pkts/78 bytes] + 5 UDP 131.114.219.168:41559 <-> 192.167.206.124:7002 [proto: 223/RX][cat: RPC/16][2 pkts/441 bytes <-> 1 pkts/78 bytes] diff --git a/tests/result/sip.pcap.out b/tests/result/sip.pcap.out index f921667ff..16cb570ac 100644 --- a/tests/result/sip.pcap.out +++ b/tests/result/sip.pcap.out @@ -2,7 +2,7 @@ RTP 9 1926 1 SIP 102 47087 2 RTCP 1 146 1 - 1 UDP 192.168.1.2:5060 <-> 212.242.33.35:5060 [proto: 100/SIP][cat: VoIP][53 pkts/21940 bytes <-> 31 pkts/15635 bytes] - 2 UDP 192.168.1.2:5060 <-> 200.68.120.81:5060 [proto: 100/SIP][cat: VoIP][15 pkts/7568 bytes <-> 3 pkts/1944 bytes] - 3 UDP 192.168.1.2:30000 -> 212.242.33.36:40392 [proto: 87/RTP][cat: VoIP][9 pkts/1926 bytes -> 0 pkts/0 bytes] - 4 UDP 192.168.1.2:30001 -> 212.242.33.36:40393 [proto: 165/RTCP][cat: VoIP][1 pkts/146 bytes -> 0 pkts/0 bytes] + 1 UDP 192.168.1.2:5060 <-> 212.242.33.35:5060 [proto: 100/SIP][cat: VoIP/10][53 pkts/21940 bytes <-> 31 pkts/15635 bytes] + 2 UDP 192.168.1.2:5060 <-> 200.68.120.81:5060 [proto: 100/SIP][cat: VoIP/10][15 pkts/7568 bytes <-> 3 pkts/1944 bytes] + 3 UDP 192.168.1.2:30000 -> 212.242.33.36:40392 [proto: 87/RTP][cat: Media/1][9 pkts/1926 bytes -> 0 pkts/0 bytes] + 4 UDP 192.168.1.2:30001 -> 212.242.33.36:40393 [proto: 165/RTCP][cat: VoIP/10][1 pkts/146 bytes -> 0 pkts/0 bytes] diff --git a/tests/result/skype-conference-call.pcap.out b/tests/result/skype-conference-call.pcap.out index 49349613a..3a7c34e17 100644 --- a/tests/result/skype-conference-call.pcap.out +++ b/tests/result/skype-conference-call.pcap.out @@ -1,3 +1,3 @@ SkypeCallOut 200 39687 1 - 1 UDP 192.168.2.20:49282 <-> 104.46.40.49:60642 [proto: 125.38/Skype.SkypeCallOut][cat: VoIP][133 pkts/24845 bytes <-> 67 pkts/14842 bytes] + 1 UDP 192.168.2.20:49282 <-> 104.46.40.49:60642 [proto: 125.38/Skype.SkypeCallOut][cat: VoIP/10][133 pkts/24845 bytes <-> 67 pkts/14842 bytes] diff --git a/tests/result/skype.pcap.out b/tests/result/skype.pcap.out index 2c984ef1c..9f50790f3 100644 --- a/tests/result/skype.pcap.out +++ b/tests/result/skype.pcap.out @@ -14,288 +14,288 @@ Spotify 5 430 1 MS_OneDrive 387 198090 1 ApplePush 12 1877 1 - 1 TCP 192.168.1.34:50028 <-> 157.56.126.211:443 [proto: 91.221/SSL.MS_OneDrive][cat: Cloud][187 pkts/42539 bytes <-> 200 pkts/155551 bytes][server: *.gateway.messenger.live.com] - 2 TCP 192.168.1.34:50108 <-> 157.56.52.28:40009 [proto: 125/Skype][cat: VoIP][231 pkts/60232 bytes <-> 241 pkts/104395 bytes] - 3 UDP 192.168.0.254:1025 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System][79 pkts/29479 bytes -> 0 pkts/0 bytes] - 4 TCP 192.168.1.34:50128 <-> 17.172.100.36:443 [proto: 91.143/SSL.AppleiCloud][cat: Web][43 pkts/9635 bytes <-> 43 pkts/10651 bytes][client: p05-keyvalueservice.icloud.com] - 5 TCP 192.168.1.34:50119 <-> 86.31.35.30:59621 [proto: 125/Skype][cat: VoIP][62 pkts/6941 bytes <-> 38 pkts/5325 bytes] - 6 UDP 192.168.1.92:50084 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System][14 pkts/7281 bytes -> 0 pkts/0 bytes] + 1 TCP 192.168.1.34:50028 <-> 157.56.126.211:443 [proto: 91.221/SSL.MS_OneDrive][cat: Cloud/13][187 pkts/42539 bytes <-> 200 pkts/155551 bytes][server: *.gateway.messenger.live.com] + 2 TCP 192.168.1.34:50108 <-> 157.56.52.28:40009 [proto: 125/Skype][cat: VoIP/10][231 pkts/60232 bytes <-> 241 pkts/104395 bytes] + 3 UDP 192.168.0.254:1025 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][79 pkts/29479 bytes -> 0 pkts/0 bytes] + 4 TCP 192.168.1.34:50128 <-> 17.172.100.36:443 [proto: 91.143/SSL.AppleiCloud][cat: Web/5][43 pkts/9635 bytes <-> 43 pkts/10651 bytes][client: p05-keyvalueservice.icloud.com] + 5 TCP 192.168.1.34:50119 <-> 86.31.35.30:59621 [proto: 125/Skype][cat: VoIP/10][62 pkts/6941 bytes <-> 38 pkts/5325 bytes] + 6 UDP 192.168.1.92:50084 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][14 pkts/7281 bytes -> 0 pkts/0 bytes] 7 TCP 108.160.170.46:443 <-> 192.168.1.34:49445 [proto: 91.121/SSL.Dropbox][8 pkts/1636 bytes <-> 8 pkts/4344 bytes] - 8 TCP 192.168.1.34:50117 <-> 71.238.7.203:18767 [proto: 125/Skype][cat: VoIP][24 pkts/3136 bytes <-> 19 pkts/2618 bytes] - 9 TCP 192.168.1.34:50126 <-> 91.190.216.23:12350 [proto: 125/Skype][cat: VoIP][16 pkts/4788 bytes <-> 4 pkts/372 bytes] - 10 TCP 192.168.1.34:50138 <-> 71.238.7.203:18767 [proto: 125/Skype][cat: VoIP][19 pkts/2797 bytes <-> 13 pkts/2175 bytes] - 11 TCP 192.168.1.34:50118 <-> 5.248.186.221:31010 [proto: 125/Skype][cat: VoIP][18 pkts/2588 bytes <-> 13 pkts/2100 bytes] - 12 TCP 192.168.1.34:50139 <-> 5.248.186.221:31010 [proto: 125/Skype][cat: VoIP][15 pkts/2395 bytes <-> 8 pkts/1724 bytes] - 13 TCP 192.168.1.34:50027 <-> 23.223.73.34:443 [proto: 91.125/SSL.Skype][cat: VoIP][17 pkts/3605 bytes <-> 1 pkts/74 bytes][client: apps.skypeassets.com] - 14 TCP 192.168.1.34:50029 <-> 23.206.33.166:443 [proto: 91.125/SSL.Skype][cat: VoIP][16 pkts/3461 bytes <-> 1 pkts/74 bytes][client: apps.skype.com] - 15 UDP 192.168.1.34:17500 -> 192.168.1.255:17500 [proto: 121/Dropbox][cat: Cloud][6 pkts/3264 bytes -> 0 pkts/0 bytes] - 16 UDP 192.168.1.34:17500 -> 255.255.255.255:17500 [proto: 121/Dropbox][cat: Cloud][6 pkts/3264 bytes -> 0 pkts/0 bytes] - 17 UDP 192.168.1.92:17500 -> 192.168.1.255:17500 [proto: 121/Dropbox][cat: Cloud][5 pkts/2720 bytes -> 0 pkts/0 bytes] - 18 UDP 192.168.1.92:17500 -> 255.255.255.255:17500 [proto: 121/Dropbox][cat: Cloud][5 pkts/2720 bytes -> 0 pkts/0 bytes] - 19 TCP 192.168.1.34:50090 <-> 23.206.33.166:443 [proto: 91.125/SSL.Skype][cat: VoIP][12 pkts/2140 bytes <-> 3 pkts/200 bytes][client: apps.skype.com] - 20 TCP 192.168.1.34:50134 <-> 157.56.53.47:12350 [proto: 125/Skype][cat: VoIP][11 pkts/1578 bytes <-> 4 pkts/342 bytes] - 21 TCP 17.143.160.22:5223 <-> 192.168.1.34:49447 [proto: 238/ApplePush][cat: Cloud][6 pkts/1211 bytes <-> 6 pkts/666 bytes] + 8 TCP 192.168.1.34:50117 <-> 71.238.7.203:18767 [proto: 125/Skype][cat: VoIP/10][24 pkts/3136 bytes <-> 19 pkts/2618 bytes] + 9 TCP 192.168.1.34:50126 <-> 91.190.216.23:12350 [proto: 125/Skype][cat: VoIP/10][16 pkts/4788 bytes <-> 4 pkts/372 bytes] + 10 TCP 192.168.1.34:50138 <-> 71.238.7.203:18767 [proto: 125/Skype][cat: VoIP/10][19 pkts/2797 bytes <-> 13 pkts/2175 bytes] + 11 TCP 192.168.1.34:50118 <-> 5.248.186.221:31010 [proto: 125/Skype][cat: VoIP/10][18 pkts/2588 bytes <-> 13 pkts/2100 bytes] + 12 TCP 192.168.1.34:50139 <-> 5.248.186.221:31010 [proto: 125/Skype][cat: VoIP/10][15 pkts/2395 bytes <-> 8 pkts/1724 bytes] + 13 TCP 192.168.1.34:50027 <-> 23.223.73.34:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][17 pkts/3605 bytes <-> 1 pkts/74 bytes][client: apps.skypeassets.com] + 14 TCP 192.168.1.34:50029 <-> 23.206.33.166:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][16 pkts/3461 bytes <-> 1 pkts/74 bytes][client: apps.skype.com] + 15 UDP 192.168.1.34:17500 -> 192.168.1.255:17500 [proto: 121/Dropbox][cat: Cloud/13][6 pkts/3264 bytes -> 0 pkts/0 bytes] + 16 UDP 192.168.1.34:17500 -> 255.255.255.255:17500 [proto: 121/Dropbox][cat: Cloud/13][6 pkts/3264 bytes -> 0 pkts/0 bytes] + 17 UDP 192.168.1.92:17500 -> 192.168.1.255:17500 [proto: 121/Dropbox][cat: Cloud/13][5 pkts/2720 bytes -> 0 pkts/0 bytes] + 18 UDP 192.168.1.92:17500 -> 255.255.255.255:17500 [proto: 121/Dropbox][cat: Cloud/13][5 pkts/2720 bytes -> 0 pkts/0 bytes] + 19 TCP 192.168.1.34:50090 <-> 23.206.33.166:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][12 pkts/2140 bytes <-> 3 pkts/200 bytes][client: apps.skype.com] + 20 TCP 192.168.1.34:50134 <-> 157.56.53.47:12350 [proto: 125/Skype][cat: VoIP/10][11 pkts/1578 bytes <-> 4 pkts/342 bytes] + 21 TCP 17.143.160.22:5223 <-> 192.168.1.34:49447 [proto: 238/ApplePush][cat: Cloud/13][6 pkts/1211 bytes <-> 6 pkts/666 bytes] 22 TCP 192.168.1.34:50091 <-> 157.55.235.146:443 [proto: 91.125/SSL.Skype][13 pkts/1554 bytes <-> 3 pkts/200 bytes] - 23 TCP 192.168.1.34:50122 <-> 81.133.19.185:44431 [proto: 125/Skype][cat: VoIP][14 pkts/1090 bytes <-> 6 pkts/534 bytes] + 23 TCP 192.168.1.34:50122 <-> 81.133.19.185:44431 [proto: 125/Skype][cat: VoIP/10][14 pkts/1090 bytes <-> 6 pkts/534 bytes] 24 TCP 192.168.1.34:50039 <-> 213.199.179.175:443 [proto: 91/SSL][13 pkts/1392 bytes <-> 3 pkts/200 bytes] 25 TCP 192.168.1.34:50101 <-> 157.55.235.176:443 [proto: 91.125/SSL.Skype][12 pkts/1305 bytes <-> 3 pkts/285 bytes] 26 TCP 192.168.1.34:50037 <-> 157.55.56.170:443 [proto: 91.125/SSL.Skype][11 pkts/1218 bytes <-> 4 pkts/351 bytes] 27 TCP 192.168.1.34:50080 <-> 157.55.235.156:443 [proto: 91.125/SSL.Skype][12 pkts/1249 bytes <-> 3 pkts/285 bytes] 28 TCP 192.168.1.34:50111 <-> 91.190.216.125:443 [proto: 91.125/SSL.Skype][11 pkts/955 bytes <-> 9 pkts/561 bytes] 29 TCP 192.168.1.34:50081 <-> 157.55.130.176:443 [proto: 91.125/SSL.Skype][12 pkts/1270 bytes <-> 3 pkts/243 bytes] - 30 TCP 192.168.1.34:50116 <-> 81.83.77.141:17639 [proto: 125/Skype][cat: VoIP][15 pkts/1138 bytes <-> 4 pkts/372 bytes] - 31 TCP 192.168.1.34:50123 <-> 80.14.46.121:4415 [proto: 125/Skype][cat: VoIP][14 pkts/1075 bytes <-> 4 pkts/431 bytes] - 32 TCP 192.168.1.34:50075 <-> 213.199.179.142:40003 [proto: 125/Skype][cat: VoIP][14 pkts/1100 bytes <-> 5 pkts/395 bytes] + 30 TCP 192.168.1.34:50116 <-> 81.83.77.141:17639 [proto: 125/Skype][cat: VoIP/10][15 pkts/1138 bytes <-> 4 pkts/372 bytes] + 31 TCP 192.168.1.34:50123 <-> 80.14.46.121:4415 [proto: 125/Skype][cat: VoIP/10][14 pkts/1075 bytes <-> 4 pkts/431 bytes] + 32 TCP 192.168.1.34:50075 <-> 213.199.179.142:40003 [proto: 125/Skype][cat: VoIP/10][14 pkts/1100 bytes <-> 5 pkts/395 bytes] 33 TCP 192.168.1.34:50072 <-> 157.55.130.170:443 [proto: 91.125/SSL.Skype][12 pkts/1207 bytes <-> 3 pkts/277 bytes] 34 TCP 192.168.1.34:50066 <-> 65.55.223.12:443 [proto: 91/SSL][12 pkts/1221 bytes <-> 3 pkts/231 bytes] - 35 TCP 192.168.1.34:50137 <-> 5.248.186.221:31010 [proto: 125/Skype][cat: VoIP][14 pkts/1062 bytes <-> 4 pkts/383 bytes] - 36 TCP 192.168.1.34:50076 <-> 157.55.235.156:40014 [proto: 125/Skype][cat: VoIP][14 pkts/1083 bytes <-> 4 pkts/359 bytes] - 37 TCP 192.168.1.34:50054 <-> 157.55.130.153:40005 [proto: 125/Skype][cat: VoIP][13 pkts/1020 bytes <-> 4 pkts/421 bytes] - 38 TCP 192.168.1.34:50132 <-> 149.13.32.15:13392 [proto: 125/Skype][cat: VoIP][13 pkts/1010 bytes <-> 5 pkts/402 bytes] + 35 TCP 192.168.1.34:50137 <-> 5.248.186.221:31010 [proto: 125/Skype][cat: VoIP/10][14 pkts/1062 bytes <-> 4 pkts/383 bytes] + 36 TCP 192.168.1.34:50076 <-> 157.55.235.156:40014 [proto: 125/Skype][cat: VoIP/10][14 pkts/1083 bytes <-> 4 pkts/359 bytes] + 37 TCP 192.168.1.34:50054 <-> 157.55.130.153:40005 [proto: 125/Skype][cat: VoIP/10][13 pkts/1020 bytes <-> 4 pkts/421 bytes] + 38 TCP 192.168.1.34:50132 <-> 149.13.32.15:13392 [proto: 125/Skype][cat: VoIP/10][13 pkts/1010 bytes <-> 5 pkts/402 bytes] 39 TCP 192.168.1.34:50045 <-> 157.55.130.167:443 [proto: 91.125/SSL.Skype][12 pkts/1151 bytes <-> 3 pkts/260 bytes] - 40 TCP 192.168.1.34:50114 <-> 5.248.186.221:31010 [proto: 125/Skype][cat: VoIP][14 pkts/1040 bytes <-> 4 pkts/362 bytes] - 41 TCP 192.168.1.34:50065 <-> 65.55.223.12:40031 [proto: 125/Skype][cat: VoIP][13 pkts/1004 bytes <-> 4 pkts/397 bytes] + 40 TCP 192.168.1.34:50114 <-> 5.248.186.221:31010 [proto: 125/Skype][cat: VoIP/10][14 pkts/1040 bytes <-> 4 pkts/362 bytes] + 41 TCP 192.168.1.34:50065 <-> 65.55.223.12:40031 [proto: 125/Skype][cat: VoIP/10][13 pkts/1004 bytes <-> 4 pkts/397 bytes] 42 TCP 192.168.1.34:50069 <-> 157.55.56.160:443 [proto: 91.125/SSL.Skype][11 pkts/1050 bytes <-> 4 pkts/351 bytes] - 43 TCP 192.168.1.34:50034 <-> 157.55.130.140:40033 [proto: 125/Skype][cat: VoIP][13 pkts/1010 bytes <-> 4 pkts/390 bytes] - 44 TCP 192.168.1.34:50088 <-> 157.55.235.146:33033 [proto: 125/Skype][cat: VoIP][14 pkts/1085 bytes <-> 4 pkts/315 bytes] + 43 TCP 192.168.1.34:50034 <-> 157.55.130.140:40033 [proto: 125/Skype][cat: VoIP/10][13 pkts/1010 bytes <-> 4 pkts/390 bytes] + 44 TCP 192.168.1.34:50088 <-> 157.55.235.146:33033 [proto: 125/Skype][cat: VoIP/10][14 pkts/1085 bytes <-> 4 pkts/315 bytes] 45 TCP 192.168.1.34:50102 <-> 65.55.223.15:443 [proto: 91/SSL][11 pkts/1140 bytes <-> 3 pkts/250 bytes] - 46 TCP 192.168.1.34:50092 <-> 157.55.130.155:40020 [proto: 125/Skype][cat: VoIP][13 pkts/975 bytes <-> 4 pkts/412 bytes] - 47 TCP 192.168.1.34:50115 <-> 86.31.35.30:59621 [proto: 125/Skype][cat: VoIP][13 pkts/995 bytes <-> 4 pkts/391 bytes] - 48 TCP 192.168.1.34:50098 <-> 65.55.223.15:40026 [proto: 125/Skype][cat: VoIP][13 pkts/995 bytes <-> 4 pkts/386 bytes] - 49 TCP 192.168.1.34:50130 <-> 212.161.8.36:13392 [proto: 125/Skype][cat: VoIP][13 pkts/1000 bytes <-> 4 pkts/380 bytes] + 46 TCP 192.168.1.34:50092 <-> 157.55.130.155:40020 [proto: 125/Skype][cat: VoIP/10][13 pkts/975 bytes <-> 4 pkts/412 bytes] + 47 TCP 192.168.1.34:50115 <-> 86.31.35.30:59621 [proto: 125/Skype][cat: VoIP/10][13 pkts/995 bytes <-> 4 pkts/391 bytes] + 48 TCP 192.168.1.34:50098 <-> 65.55.223.15:40026 [proto: 125/Skype][cat: VoIP/10][13 pkts/995 bytes <-> 4 pkts/386 bytes] + 49 TCP 192.168.1.34:50130 <-> 212.161.8.36:13392 [proto: 125/Skype][cat: VoIP/10][13 pkts/1000 bytes <-> 4 pkts/380 bytes] 50 TCP 192.168.1.34:50079 <-> 213.199.179.142:443 [proto: 91/SSL][13 pkts/1176 bytes <-> 3 pkts/200 bytes] - 51 TCP 192.168.1.34:50097 <-> 157.55.235.176:40022 [proto: 125/Skype][cat: VoIP][13 pkts/1000 bytes <-> 4 pkts/371 bytes] - 52 TCP 192.168.1.34:50026 <-> 65.55.223.33:40002 [proto: 125/Skype][cat: VoIP][13 pkts/971 bytes <-> 4 pkts/399 bytes] - 53 TCP 192.168.1.34:50033 <-> 157.55.56.170:40015 [proto: 125/Skype][cat: VoIP][13 pkts/977 bytes <-> 4 pkts/384 bytes] - 54 TCP 192.168.1.34:50053 <-> 157.55.56.146:40030 [proto: 125/Skype][cat: VoIP][12 pkts/940 bytes <-> 5 pkts/415 bytes] - 55 TCP 192.168.1.34:50099 <-> 64.4.23.166:40022 [proto: 125/Skype][cat: VoIP][12 pkts/948 bytes <-> 4 pkts/407 bytes] - 56 TCP 192.168.1.34:50044 <-> 157.55.130.167:40031 [proto: 125/Skype][cat: VoIP][13 pkts/993 bytes <-> 4 pkts/360 bytes] + 51 TCP 192.168.1.34:50097 <-> 157.55.235.176:40022 [proto: 125/Skype][cat: VoIP/10][13 pkts/1000 bytes <-> 4 pkts/371 bytes] + 52 TCP 192.168.1.34:50026 <-> 65.55.223.33:40002 [proto: 125/Skype][cat: VoIP/10][13 pkts/971 bytes <-> 4 pkts/399 bytes] + 53 TCP 192.168.1.34:50033 <-> 157.55.56.170:40015 [proto: 125/Skype][cat: VoIP/10][13 pkts/977 bytes <-> 4 pkts/384 bytes] + 54 TCP 192.168.1.34:50053 <-> 157.55.56.146:40030 [proto: 125/Skype][cat: VoIP/10][12 pkts/940 bytes <-> 5 pkts/415 bytes] + 55 TCP 192.168.1.34:50099 <-> 64.4.23.166:40022 [proto: 125/Skype][cat: VoIP/10][12 pkts/948 bytes <-> 4 pkts/407 bytes] + 56 TCP 192.168.1.34:50044 <-> 157.55.130.167:40031 [proto: 125/Skype][cat: VoIP/10][13 pkts/993 bytes <-> 4 pkts/360 bytes] 57 TCP 192.168.1.34:50051 <-> 157.55.130.166:443 [proto: 91.125/SSL.Skype][12 pkts/1074 bytes <-> 3 pkts/277 bytes] 58 TCP 192.168.1.34:50057 <-> 157.55.130.153:443 [proto: 91.125/SSL.Skype][12 pkts/1102 bytes <-> 3 pkts/247 bytes] 59 TCP 192.168.1.34:50048 <-> 157.55.130.150:443 [proto: 91.125/SSL.Skype][12 pkts/1109 bytes <-> 3 pkts/236 bytes] - 60 TCP 192.168.1.34:50077 <-> 157.55.130.176:40022 [proto: 125/Skype][cat: VoIP][13 pkts/1004 bytes <-> 4 pkts/334 bytes] + 60 TCP 192.168.1.34:50077 <-> 157.55.130.176:40022 [proto: 125/Skype][cat: VoIP/10][13 pkts/1004 bytes <-> 4 pkts/334 bytes] 61 TCP 192.168.1.34:50036 <-> 157.56.52.44:443 [proto: 91.125/SSL.Skype][11 pkts/1074 bytes <-> 3 pkts/254 bytes] - 62 TCP 192.168.1.34:50074 <-> 157.55.130.173:40003 [proto: 125/Skype][cat: VoIP][13 pkts/1010 bytes <-> 4 pkts/317 bytes] + 62 TCP 192.168.1.34:50074 <-> 157.55.130.173:40003 [proto: 125/Skype][cat: VoIP/10][13 pkts/1010 bytes <-> 4 pkts/317 bytes] 63 TCP 192.168.1.34:50078 <-> 157.55.130.173:443 [proto: 91.125/SSL.Skype][12 pkts/1088 bytes <-> 3 pkts/236 bytes] - 64 TCP 192.168.1.34:50070 <-> 157.55.130.170:40018 [proto: 125/Skype][cat: VoIP][13 pkts/989 bytes <-> 4 pkts/323 bytes] + 64 TCP 192.168.1.34:50070 <-> 157.55.130.170:40018 [proto: 125/Skype][cat: VoIP/10][13 pkts/989 bytes <-> 4 pkts/323 bytes] 65 TCP 192.168.1.34:50030 <-> 65.55.223.33:443 [proto: 91/SSL][11 pkts/960 bytes <-> 4 pkts/351 bytes] - 66 TCP 192.168.1.34:50032 <-> 157.56.52.44:40032 [proto: 125/Skype][cat: VoIP][12 pkts/969 bytes <-> 4 pkts/337 bytes] + 66 TCP 192.168.1.34:50032 <-> 157.56.52.44:40032 [proto: 125/Skype][cat: VoIP/10][12 pkts/969 bytes <-> 4 pkts/337 bytes] 67 TCP 192.168.1.34:50094 <-> 157.55.130.155:443 [proto: 91.125/SSL.Skype][12 pkts/1039 bytes <-> 3 pkts/267 bytes] - 68 TCP 192.168.1.34:50067 <-> 157.55.56.160:40027 [proto: 125/Skype][cat: VoIP][12 pkts/899 bytes <-> 5 pkts/406 bytes] - 69 TCP 192.168.1.34:50035 <-> 213.199.179.175:40021 [proto: 125/Skype][cat: VoIP][13 pkts/982 bytes <-> 4 pkts/322 bytes] + 68 TCP 192.168.1.34:50067 <-> 157.55.56.160:40027 [proto: 125/Skype][cat: VoIP/10][12 pkts/899 bytes <-> 5 pkts/406 bytes] + 69 TCP 192.168.1.34:50035 <-> 213.199.179.175:40021 [proto: 125/Skype][cat: VoIP/10][13 pkts/982 bytes <-> 4 pkts/322 bytes] 70 TCP 192.168.1.34:50063 <-> 111.221.74.38:443 [proto: 91.125/SSL.Skype][10 pkts/1002 bytes <-> 3 pkts/285 bytes] - 71 TCP 192.168.1.34:50049 <-> 157.55.130.166:40021 [proto: 125/Skype][cat: VoIP][11 pkts/836 bytes <-> 5 pkts/442 bytes] - 72 TCP 192.168.1.34:50086 <-> 111.221.77.142:40023 [proto: 125/Skype][cat: VoIP][11 pkts/841 bytes <-> 5 pkts/429 bytes] + 71 TCP 192.168.1.34:50049 <-> 157.55.130.166:40021 [proto: 125/Skype][cat: VoIP/10][11 pkts/836 bytes <-> 5 pkts/442 bytes] + 72 TCP 192.168.1.34:50086 <-> 111.221.77.142:40023 [proto: 125/Skype][cat: VoIP/10][11 pkts/841 bytes <-> 5 pkts/429 bytes] 73 TCP 192.168.1.34:50056 <-> 157.55.56.146:443 [proto: 91.125/SSL.Skype][11 pkts/999 bytes <-> 4 pkts/266 bytes] 74 TCP 192.168.1.34:50038 <-> 157.55.130.140:443 [proto: 91.125/SSL.Skype][12 pkts/1032 bytes <-> 3 pkts/230 bytes] - 75 TCP 192.168.1.34:50055 <-> 111.221.74.47:40030 [proto: 125/Skype][cat: VoIP][11 pkts/866 bytes <-> 5 pkts/396 bytes] - 76 TCP 192.168.1.34:50112 <-> 76.167.161.6:20274 [proto: 125/Skype][cat: VoIP][11 pkts/843 bytes <-> 4 pkts/411 bytes] - 77 TCP 192.168.1.34:50141 <-> 80.14.46.121:4415 [proto: 125/Skype][cat: VoIP][13 pkts/994 bytes <-> 2 pkts/243 bytes] - 78 TCP 192.168.1.34:50059 <-> 111.221.74.38:40015 [proto: 125/Skype][cat: VoIP][11 pkts/820 bytes <-> 5 pkts/416 bytes] - 79 TCP 192.168.1.34:50046 <-> 157.55.130.150:40011 [proto: 125/Skype][cat: VoIP][11 pkts/843 bytes <-> 4 pkts/386 bytes] - 80 TCP 192.168.1.34:50096 <-> 111.221.74.46:40027 [proto: 125/Skype][cat: VoIP][11 pkts/822 bytes <-> 4 pkts/390 bytes] + 75 TCP 192.168.1.34:50055 <-> 111.221.74.47:40030 [proto: 125/Skype][cat: VoIP/10][11 pkts/866 bytes <-> 5 pkts/396 bytes] + 76 TCP 192.168.1.34:50112 <-> 76.167.161.6:20274 [proto: 125/Skype][cat: VoIP/10][11 pkts/843 bytes <-> 4 pkts/411 bytes] + 77 TCP 192.168.1.34:50141 <-> 80.14.46.121:4415 [proto: 125/Skype][cat: VoIP/10][13 pkts/994 bytes <-> 2 pkts/243 bytes] + 78 TCP 192.168.1.34:50059 <-> 111.221.74.38:40015 [proto: 125/Skype][cat: VoIP/10][11 pkts/820 bytes <-> 5 pkts/416 bytes] + 79 TCP 192.168.1.34:50046 <-> 157.55.130.150:40011 [proto: 125/Skype][cat: VoIP/10][11 pkts/843 bytes <-> 4 pkts/386 bytes] + 80 TCP 192.168.1.34:50096 <-> 111.221.74.46:40027 [proto: 125/Skype][cat: VoIP/10][11 pkts/822 bytes <-> 4 pkts/390 bytes] 81 TCP 192.168.1.34:50058 <-> 111.221.74.47:443 [proto: 91.125/SSL.Skype][10 pkts/857 bytes <-> 4 pkts/351 bytes] - 82 TCP 192.168.1.34:50113 <-> 71.238.7.203:18767 [proto: 125/Skype][cat: VoIP][11 pkts/827 bytes <-> 3 pkts/325 bytes] + 82 TCP 192.168.1.34:50113 <-> 71.238.7.203:18767 [proto: 125/Skype][cat: VoIP/10][11 pkts/827 bytes <-> 3 pkts/325 bytes] 83 TCP 192.168.1.34:50103 <-> 64.4.23.166:443 [proto: 91/SSL][9 pkts/862 bytes <-> 3 pkts/285 bytes] - 84 TCP 192.168.1.34:50143 <-> 78.202.226.115:29059 [proto: 125/Skype][cat: VoIP][12 pkts/935 bytes <-> 2 pkts/197 bytes] + 84 TCP 192.168.1.34:50143 <-> 78.202.226.115:29059 [proto: 125/Skype][cat: VoIP/10][12 pkts/935 bytes <-> 2 pkts/197 bytes] 85 TCP 192.168.1.34:50100 <-> 111.221.74.46:443 [proto: 91.125/SSL.Skype][10 pkts/872 bytes <-> 3 pkts/237 bytes] - 86 TCP 192.168.1.34:50135 <-> 76.167.161.6:20274 [proto: 125/Skype][cat: VoIP][11 pkts/838 bytes <-> 3 pkts/270 bytes] + 86 TCP 192.168.1.34:50135 <-> 76.167.161.6:20274 [proto: 125/Skype][cat: VoIP/10][11 pkts/838 bytes <-> 3 pkts/270 bytes] 87 TCP 192.168.1.34:50087 <-> 111.221.77.142:443 [proto: 91.125/SSL.Skype][9 pkts/822 bytes <-> 3 pkts/285 bytes] - 88 TCP 192.168.1.34:50136 <-> 71.238.7.203:18767 [proto: 125/Skype][cat: VoIP][11 pkts/814 bytes <-> 3 pkts/287 bytes] - 89 UDP [fe80::c62c:3ff:fe06:49fe]:5353 -> [ff02::fb]:5353 [proto: 8/MDNS][cat: Network][4 pkts/908 bytes -> 0 pkts/0 bytes] - 90 UDP 192.168.1.92:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network][4 pkts/828 bytes -> 0 pkts/0 bytes] + 88 TCP 192.168.1.34:50136 <-> 71.238.7.203:18767 [proto: 125/Skype][cat: VoIP/10][11 pkts/814 bytes <-> 3 pkts/287 bytes] + 89 UDP [fe80::c62c:3ff:fe06:49fe]:5353 -> [ff02::fb]:5353 [proto: 8/MDNS][cat: Network/14][4 pkts/908 bytes -> 0 pkts/0 bytes] + 90 UDP 192.168.1.92:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network/14][4 pkts/828 bytes -> 0 pkts/0 bytes] 91 TCP 192.168.1.34:50125 <-> 91.190.218.125:12350 [proto: 125/Skype][6 pkts/417 bytes <-> 4 pkts/352 bytes] - 92 ICMP 192.168.1.1:0 -> 192.168.1.34:0 [proto: 81/ICMP][cat: Network][8 pkts/656 bytes -> 0 pkts/0 bytes] - 93 UDP 192.168.1.34:55159 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP][7 pkts/651 bytes -> 0 pkts/0 bytes][Host: a.config.skype.trafficmanager.net] - 94 UDP 192.168.1.34:63108 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP][7 pkts/651 bytes -> 0 pkts/0 bytes][Host: a.config.skype.trafficmanager.net] - 95 UDP 192.168.1.34:49903 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP][9 pkts/648 bytes -> 0 pkts/0 bytes][Host: ui.skype.com] - 96 UDP 192.168.1.34:52850 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP][8 pkts/648 bytes -> 0 pkts/0 bytes][Host: conn.skype.akadns.net] - 97 UDP 192.168.1.34:55711 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP][8 pkts/648 bytes -> 0 pkts/0 bytes][Host: conn.skype.akadns.net] - 98 UDP 192.168.1.34:49360 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: pipe.prd.skypedata.akadns.net] - 99 UDP 192.168.1.34:54343 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: 335.0.7.7.3.rst13.r.skype.net] - 100 UDP 192.168.1.34:57726 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: pipe.prd.skypedata.akadns.net] - 101 UDP 192.168.1.34:58368 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: 335.0.7.7.3.rst13.r.skype.net] - 102 UDP 192.168.1.34:58458 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: pipe.prd.skypedata.akadns.net] - 103 UDP 192.168.1.34:60288 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: pipe.prd.skypedata.akadns.net] - 104 UDP 192.168.1.34:63421 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: pipe.prd.skypedata.akadns.net] - 105 UDP 192.168.1.34:65037 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: pipe.prd.skypedata.akadns.net] - 106 UDP 192.168.1.34:49990 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP][7 pkts/616 bytes -> 0 pkts/0 bytes][Host: 335.0.7.7.3.rst6.r.skype.net] - 107 UDP 192.168.1.34:52742 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP][7 pkts/616 bytes -> 0 pkts/0 bytes][Host: 335.0.7.7.3.rst5.r.skype.net] - 108 UDP 192.168.1.34:56387 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP][7 pkts/616 bytes -> 0 pkts/0 bytes][Host: 335.0.7.7.3.rst5.r.skype.net] - 109 UDP 192.168.1.34:57288 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP][7 pkts/616 bytes -> 0 pkts/0 bytes][Host: 335.0.7.7.3.rst6.r.skype.net] + 92 ICMP 192.168.1.1:0 -> 192.168.1.34:0 [proto: 81/ICMP][cat: Network/14][8 pkts/656 bytes -> 0 pkts/0 bytes] + 93 UDP 192.168.1.34:55159 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/651 bytes -> 0 pkts/0 bytes][Host: a.config.skype.trafficmanager.net] + 94 UDP 192.168.1.34:63108 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/651 bytes -> 0 pkts/0 bytes][Host: a.config.skype.trafficmanager.net] + 95 UDP 192.168.1.34:49903 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][9 pkts/648 bytes -> 0 pkts/0 bytes][Host: ui.skype.com] + 96 UDP 192.168.1.34:52850 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][8 pkts/648 bytes -> 0 pkts/0 bytes][Host: conn.skype.akadns.net] + 97 UDP 192.168.1.34:55711 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][8 pkts/648 bytes -> 0 pkts/0 bytes][Host: conn.skype.akadns.net] + 98 UDP 192.168.1.34:49360 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: pipe.prd.skypedata.akadns.net] + 99 UDP 192.168.1.34:54343 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: 335.0.7.7.3.rst13.r.skype.net] + 100 UDP 192.168.1.34:57726 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: pipe.prd.skypedata.akadns.net] + 101 UDP 192.168.1.34:58368 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: 335.0.7.7.3.rst13.r.skype.net] + 102 UDP 192.168.1.34:58458 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: pipe.prd.skypedata.akadns.net] + 103 UDP 192.168.1.34:60288 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: pipe.prd.skypedata.akadns.net] + 104 UDP 192.168.1.34:63421 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: pipe.prd.skypedata.akadns.net] + 105 UDP 192.168.1.34:65037 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: pipe.prd.skypedata.akadns.net] + 106 UDP 192.168.1.34:49990 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/616 bytes -> 0 pkts/0 bytes][Host: 335.0.7.7.3.rst6.r.skype.net] + 107 UDP 192.168.1.34:52742 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/616 bytes -> 0 pkts/0 bytes][Host: 335.0.7.7.3.rst5.r.skype.net] + 108 UDP 192.168.1.34:56387 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/616 bytes -> 0 pkts/0 bytes][Host: 335.0.7.7.3.rst5.r.skype.net] + 109 UDP 192.168.1.34:57288 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/616 bytes -> 0 pkts/0 bytes][Host: 335.0.7.7.3.rst6.r.skype.net] 110 TCP 192.168.1.34:50146 -> 157.56.53.51:443 [proto: 91/SSL][8 pkts/608 bytes -> 0 pkts/0 bytes] 111 TCP 192.168.1.34:50129 <-> 91.190.218.125:12350 [proto: 125/Skype][6 pkts/353 bytes <-> 4 pkts/246 bytes] - 112 UDP 192.168.1.34:49163 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP][7 pkts/546 bytes -> 0 pkts/0 bytes][Host: b.config.skype.com] - 113 UDP 192.168.1.34:51802 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP][7 pkts/546 bytes -> 0 pkts/0 bytes][Host: b.config.skype.com] - 114 UDP 192.168.1.34:52714 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP][7 pkts/546 bytes -> 0 pkts/0 bytes][Host: b.config.skype.com] - 115 UDP 192.168.1.34:57406 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP][7 pkts/546 bytes -> 0 pkts/0 bytes][Host: b.config.skype.com] - 116 UDP 192.168.1.34:49793 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP][7 pkts/532 bytes -> 0 pkts/0 bytes][Host: dsn4.d.skype.net] - 117 UDP 192.168.1.34:65045 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP][7 pkts/532 bytes -> 0 pkts/0 bytes][Host: dsn4.d.skype.net] - 118 UDP 192.168.1.34:54396 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP][7 pkts/511 bytes -> 0 pkts/0 bytes][Host: api.skype.com] - 119 UDP 192.168.1.34:65426 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP][7 pkts/511 bytes -> 0 pkts/0 bytes][Host: api.skype.com] + 112 UDP 192.168.1.34:49163 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/546 bytes -> 0 pkts/0 bytes][Host: b.config.skype.com] + 113 UDP 192.168.1.34:51802 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/546 bytes -> 0 pkts/0 bytes][Host: b.config.skype.com] + 114 UDP 192.168.1.34:52714 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/546 bytes -> 0 pkts/0 bytes][Host: b.config.skype.com] + 115 UDP 192.168.1.34:57406 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/546 bytes -> 0 pkts/0 bytes][Host: b.config.skype.com] + 116 UDP 192.168.1.34:49793 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/532 bytes -> 0 pkts/0 bytes][Host: dsn4.d.skype.net] + 117 UDP 192.168.1.34:65045 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/532 bytes -> 0 pkts/0 bytes][Host: dsn4.d.skype.net] + 118 UDP 192.168.1.34:54396 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/511 bytes -> 0 pkts/0 bytes][Host: api.skype.com] + 119 UDP 192.168.1.34:65426 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/511 bytes -> 0 pkts/0 bytes][Host: api.skype.com] 120 TCP 192.168.1.34:50109 <-> 91.190.216.125:12350 [proto: 125/Skype][3 pkts/297 bytes <-> 3 pkts/186 bytes] - 121 UDP 192.168.1.92:57621 -> 192.168.1.255:57621 [proto: 156/Spotify][cat: Streaming][5 pkts/430 bytes -> 0 pkts/0 bytes] + 121 UDP 192.168.1.92:57621 -> 192.168.1.255:57621 [proto: 156/Spotify][cat: Streaming/17][5 pkts/430 bytes -> 0 pkts/0 bytes] 122 TCP 192.168.1.34:50110 <-> 91.190.216.125:12350 [proto: 125/Skype][3 pkts/191 bytes <-> 3 pkts/186 bytes] - 123 UDP 192.168.1.34:55893 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP][5 pkts/360 bytes -> 0 pkts/0 bytes][Host: ui.skype.com] - 124 UDP 192.168.1.34:49485 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System][2 pkts/349 bytes -> 0 pkts/0 bytes] - 125 UDP 192.168.1.34:51066 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System][2 pkts/349 bytes -> 0 pkts/0 bytes] - 126 UDP 192.168.1.34:56886 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System][2 pkts/349 bytes -> 0 pkts/0 bytes] - 127 UDP 192.168.1.34:64560 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System][2 pkts/349 bytes -> 0 pkts/0 bytes] - 128 UDP 192.168.1.34:13021 -> 76.185.207.12:45493 [proto: 125/Skype][cat: VoIP][5 pkts/300 bytes -> 0 pkts/0 bytes] - 129 UDP 192.168.1.34:13021 -> 176.26.55.167:63773 [proto: 125/Skype][cat: VoIP][5 pkts/300 bytes -> 0 pkts/0 bytes] - 130 UDP 192.168.1.34:58681 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network][1 pkts/101 bytes <-> 1 pkts/166 bytes][Host: db3msgr5011709.gateway.messenger.live.com] - 131 UDP 192.168.1.34:62454 <-> 192.168.1.1:53 [proto: 5.143/DNS.AppleiCloud][cat: Web][1 pkts/101 bytes <-> 1 pkts/133 bytes][Host: p05-keyvalueservice.icloud.com.akadns.net] - 132 UDP 192.168.1.34:123 <-> 17.253.48.245:123 [proto: 9/NTP][cat: System][1 pkts/90 bytes <-> 1 pkts/90 bytes] - 133 UDP 192.168.1.34:51879 <-> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP][1 pkts/82 bytes <-> 1 pkts/98 bytes][Host: e4593.g.akamaiedge.net] - 134 UDP 192.168.1.34:63321 <-> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP][1 pkts/82 bytes <-> 1 pkts/98 bytes][Host: e4593.g.akamaiedge.net] - 135 UDP 192.168.1.34:64085 <-> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP][1 pkts/82 bytes <-> 1 pkts/98 bytes][Host: e7768.b.akamaiedge.net] + 123 UDP 192.168.1.34:55893 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][5 pkts/360 bytes -> 0 pkts/0 bytes][Host: ui.skype.com] + 124 UDP 192.168.1.34:49485 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][2 pkts/349 bytes -> 0 pkts/0 bytes] + 125 UDP 192.168.1.34:51066 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][2 pkts/349 bytes -> 0 pkts/0 bytes] + 126 UDP 192.168.1.34:56886 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][2 pkts/349 bytes -> 0 pkts/0 bytes] + 127 UDP 192.168.1.34:64560 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][2 pkts/349 bytes -> 0 pkts/0 bytes] + 128 UDP 192.168.1.34:13021 -> 76.185.207.12:45493 [proto: 125/Skype][cat: VoIP/10][5 pkts/300 bytes -> 0 pkts/0 bytes] + 129 UDP 192.168.1.34:13021 -> 176.26.55.167:63773 [proto: 125/Skype][cat: VoIP/10][5 pkts/300 bytes -> 0 pkts/0 bytes] + 130 UDP 192.168.1.34:58681 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/101 bytes <-> 1 pkts/166 bytes][Host: db3msgr5011709.gateway.messenger.live.com] + 131 UDP 192.168.1.34:62454 <-> 192.168.1.1:53 [proto: 5.143/DNS.AppleiCloud][cat: Web/5][1 pkts/101 bytes <-> 1 pkts/133 bytes][Host: p05-keyvalueservice.icloud.com.akadns.net] + 132 UDP 192.168.1.34:123 <-> 17.253.48.245:123 [proto: 9/NTP][cat: System/18][1 pkts/90 bytes <-> 1 pkts/90 bytes] + 133 UDP 192.168.1.34:51879 <-> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][1 pkts/82 bytes <-> 1 pkts/98 bytes][Host: e4593.g.akamaiedge.net] + 134 UDP 192.168.1.34:63321 <-> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][1 pkts/82 bytes <-> 1 pkts/98 bytes][Host: e4593.g.akamaiedge.net] + 135 UDP 192.168.1.34:64085 <-> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][1 pkts/82 bytes <-> 1 pkts/98 bytes][Host: e7768.b.akamaiedge.net] 136 TCP 192.168.1.34:50024 <-> 17.172.100.36:443 [proto: 91.140/SSL.Apple][2 pkts/108 bytes <-> 1 pkts/60 bytes] - 137 IGMP 192.168.0.254:0 -> 224.0.0.1:0 [proto: 82/IGMP][cat: Network][2 pkts/92 bytes -> 0 pkts/0 bytes] - 138 UDP 192.168.1.34:13021 -> 64.4.23.145:40024 [proto: 125/Skype][cat: VoIP][1 pkts/79 bytes -> 0 pkts/0 bytes] - 139 UDP 192.168.1.34:13021 -> 65.55.223.26:40004 [proto: 125/Skype][cat: VoIP][1 pkts/79 bytes -> 0 pkts/0 bytes] - 140 UDP 192.168.1.34:13021 -> 65.55.223.33:40011 [proto: 125/Skype][cat: VoIP][1 pkts/79 bytes -> 0 pkts/0 bytes] - 141 UDP 192.168.1.34:13021 -> 157.55.56.168:40006 [proto: 125/Skype][cat: VoIP][1 pkts/79 bytes -> 0 pkts/0 bytes] - 142 UDP 192.168.1.34:13021 -> 157.55.130.146:40026 [proto: 125/Skype][cat: VoIP][1 pkts/79 bytes -> 0 pkts/0 bytes] - 143 UDP 192.168.1.34:13021 -> 157.55.130.154:40005 [proto: 125/Skype][cat: VoIP][1 pkts/79 bytes -> 0 pkts/0 bytes] - 144 UDP 192.168.1.34:13021 -> 157.55.235.147:40020 [proto: 125/Skype][cat: VoIP][1 pkts/79 bytes -> 0 pkts/0 bytes] - 145 UDP 192.168.1.34:13021 -> 157.55.235.152:40001 [proto: 125/Skype][cat: VoIP][1 pkts/79 bytes -> 0 pkts/0 bytes] - 146 UDP 192.168.1.34:13021 -> 213.199.179.155:40004 [proto: 125/Skype][cat: VoIP][1 pkts/79 bytes -> 0 pkts/0 bytes] - 147 UDP 192.168.1.34:13021 -> 111.221.74.28:40014 [proto: 125/Skype][cat: VoIP][1 pkts/78 bytes -> 0 pkts/0 bytes] - 148 UDP 192.168.1.34:13021 -> 111.221.77.146:33033 [proto: 125/Skype][cat: VoIP][1 pkts/78 bytes -> 0 pkts/0 bytes] - 149 UDP 192.168.1.34:13021 -> 111.221.77.155:40004 [proto: 125/Skype][cat: VoIP][1 pkts/78 bytes -> 0 pkts/0 bytes] - 150 UDP 192.168.1.34:13021 -> 111.221.77.159:40009 [proto: 125/Skype][cat: VoIP][1 pkts/78 bytes -> 0 pkts/0 bytes] - 151 UDP 192.168.1.34:13021 -> 111.221.77.172:40010 [proto: 125/Skype][cat: VoIP][1 pkts/78 bytes -> 0 pkts/0 bytes] - 152 UDP 192.168.1.34:13021 -> 157.55.130.156:40034 [proto: 125/Skype][cat: VoIP][1 pkts/78 bytes -> 0 pkts/0 bytes] - 153 UDP 192.168.1.34:13021 -> 157.55.235.161:40011 [proto: 125/Skype][cat: VoIP][1 pkts/78 bytes -> 0 pkts/0 bytes] - 154 UDP 192.168.1.34:13021 -> 157.55.235.176:40022 [proto: 125/Skype][cat: VoIP][1 pkts/78 bytes -> 0 pkts/0 bytes] - 155 UDP 192.168.1.34:13021 -> 157.56.52.27:40027 [proto: 125/Skype][cat: VoIP][1 pkts/78 bytes -> 0 pkts/0 bytes] - 156 UDP 192.168.1.34:13021 -> 157.56.52.28:40009 [proto: 125/Skype][cat: VoIP][1 pkts/78 bytes -> 0 pkts/0 bytes] - 157 UDP 192.168.1.34:13021 -> 64.4.23.143:40018 [proto: 125/Skype][cat: VoIP][1 pkts/77 bytes -> 0 pkts/0 bytes] - 158 UDP 192.168.1.34:13021 -> 64.4.23.155:40004 [proto: 125/Skype][cat: VoIP][1 pkts/77 bytes -> 0 pkts/0 bytes] - 159 UDP 192.168.1.34:13021 -> 65.55.223.29:40010 [proto: 125/Skype][cat: VoIP][1 pkts/77 bytes -> 0 pkts/0 bytes] - 160 UDP 192.168.1.34:13021 -> 111.221.74.15:40024 [proto: 125/Skype][cat: VoIP][1 pkts/77 bytes -> 0 pkts/0 bytes] - 161 UDP 192.168.1.34:13021 -> 111.221.77.145:40027 [proto: 125/Skype][cat: VoIP][1 pkts/77 bytes -> 0 pkts/0 bytes] - 162 UDP 192.168.1.34:13021 -> 111.221.77.166:40011 [proto: 125/Skype][cat: VoIP][1 pkts/77 bytes -> 0 pkts/0 bytes] - 163 UDP 192.168.1.34:13021 -> 157.55.56.142:40023 [proto: 125/Skype][cat: VoIP][1 pkts/77 bytes -> 0 pkts/0 bytes] - 164 UDP 192.168.1.34:13021 -> 157.55.56.151:40027 [proto: 125/Skype][cat: VoIP][1 pkts/77 bytes -> 0 pkts/0 bytes] - 165 UDP 192.168.1.34:13021 -> 157.55.56.175:40013 [proto: 125/Skype][cat: VoIP][1 pkts/77 bytes -> 0 pkts/0 bytes] - 166 UDP 192.168.1.34:13021 -> 157.55.130.143:40017 [proto: 125/Skype][cat: VoIP][1 pkts/77 bytes -> 0 pkts/0 bytes] - 167 UDP 192.168.1.34:13021 -> 157.55.235.155:40003 [proto: 125/Skype][cat: VoIP][1 pkts/77 bytes -> 0 pkts/0 bytes] - 168 UDP 192.168.1.34:13021 -> 157.56.52.17:40013 [proto: 125/Skype][cat: VoIP][1 pkts/77 bytes -> 0 pkts/0 bytes] - 169 UDP 192.168.1.34:13021 -> 64.4.23.166:40022 [proto: 125/Skype][cat: VoIP][1 pkts/76 bytes -> 0 pkts/0 bytes] - 170 UDP 192.168.1.34:13021 -> 65.55.223.25:40028 [proto: 125/Skype][cat: VoIP][1 pkts/76 bytes -> 0 pkts/0 bytes] - 171 UDP 192.168.1.34:13021 -> 65.55.223.43:40002 [proto: 125/Skype][cat: VoIP][1 pkts/76 bytes -> 0 pkts/0 bytes] - 172 UDP 192.168.1.34:13021 -> 111.221.74.43:40001 [proto: 125/Skype][cat: VoIP][1 pkts/76 bytes -> 0 pkts/0 bytes] - 173 UDP 192.168.1.34:13021 -> 111.221.77.151:40027 [proto: 125/Skype][cat: VoIP][1 pkts/76 bytes -> 0 pkts/0 bytes] - 174 UDP 192.168.1.34:13021 -> 157.55.56.162:40004 [proto: 125/Skype][cat: VoIP][1 pkts/76 bytes -> 0 pkts/0 bytes] - 175 UDP 192.168.1.34:13021 -> 157.55.130.147:40019 [proto: 125/Skype][cat: VoIP][1 pkts/76 bytes -> 0 pkts/0 bytes] - 176 UDP 192.168.1.34:13021 -> 157.55.235.175:40008 [proto: 125/Skype][cat: VoIP][1 pkts/76 bytes -> 0 pkts/0 bytes] - 177 UDP 192.168.1.34:13021 -> 213.199.179.150:40004 [proto: 125/Skype][cat: VoIP][1 pkts/76 bytes -> 0 pkts/0 bytes] - 178 UDP 192.168.1.34:13021 -> 111.221.74.12:40031 [proto: 125/Skype][cat: VoIP][1 pkts/75 bytes -> 0 pkts/0 bytes] - 179 UDP 192.168.1.34:13021 -> 111.221.74.48:40008 [proto: 125/Skype][cat: VoIP][1 pkts/75 bytes -> 0 pkts/0 bytes] - 180 UDP 192.168.1.34:13021 -> 111.221.77.165:40020 [proto: 125/Skype][cat: VoIP][1 pkts/75 bytes -> 0 pkts/0 bytes] - 181 UDP 192.168.1.34:13021 -> 213.199.179.141:40015 [proto: 125/Skype][cat: VoIP][1 pkts/75 bytes -> 0 pkts/0 bytes] - 182 UDP 192.168.1.34:13021 -> 213.199.179.143:40022 [proto: 125/Skype][cat: VoIP][1 pkts/75 bytes -> 0 pkts/0 bytes] - 183 UDP 192.168.1.34:13021 -> 213.199.179.154:40034 [proto: 125/Skype][cat: VoIP][1 pkts/75 bytes -> 0 pkts/0 bytes] - 184 UDP 192.168.1.34:13021 -> 65.55.223.28:40026 [proto: 125/Skype][cat: VoIP][1 pkts/74 bytes -> 0 pkts/0 bytes] - 185 UDP 192.168.1.34:13021 -> 111.221.74.40:40018 [proto: 125/Skype][cat: VoIP][1 pkts/74 bytes -> 0 pkts/0 bytes] - 186 UDP 192.168.1.34:13021 -> 157.55.130.175:40006 [proto: 125/Skype][cat: VoIP][1 pkts/74 bytes -> 0 pkts/0 bytes] - 187 UDP 192.168.1.34:13021 -> 157.56.52.26:40026 [proto: 125/Skype][cat: VoIP][1 pkts/74 bytes -> 0 pkts/0 bytes] - 188 UDP 192.168.1.34:13021 -> 213.199.179.165:40007 [proto: 125/Skype][cat: VoIP][1 pkts/74 bytes -> 0 pkts/0 bytes] - 189 UDP 192.168.1.34:13021 -> 64.4.23.141:40004 [proto: 125/Skype][cat: VoIP][1 pkts/73 bytes -> 0 pkts/0 bytes] - 190 UDP 192.168.1.34:13021 -> 111.221.74.29:40024 [proto: 125/Skype][cat: VoIP][1 pkts/73 bytes -> 0 pkts/0 bytes] - 191 UDP 192.168.1.34:13021 -> 111.221.74.31:40021 [proto: 125/Skype][cat: VoIP][1 pkts/73 bytes -> 0 pkts/0 bytes] - 192 UDP 192.168.1.34:13021 -> 111.221.77.176:40020 [proto: 125/Skype][cat: VoIP][1 pkts/73 bytes -> 0 pkts/0 bytes] - 193 UDP 192.168.1.34:13021 -> 157.55.235.153:40023 [proto: 125/Skype][cat: VoIP][1 pkts/73 bytes -> 0 pkts/0 bytes] - 194 UDP 192.168.1.34:13021 -> 213.199.179.168:40006 [proto: 125/Skype][cat: VoIP][1 pkts/73 bytes -> 0 pkts/0 bytes] - 195 UDP 192.168.1.34:13021 -> 64.4.23.151:40029 [proto: 125/Skype][cat: VoIP][1 pkts/72 bytes -> 0 pkts/0 bytes] - 196 UDP 192.168.1.34:13021 -> 64.4.23.165:40020 [proto: 125/Skype][cat: VoIP][1 pkts/72 bytes -> 0 pkts/0 bytes] - 197 UDP 192.168.1.34:13021 -> 111.221.77.142:40023 [proto: 125/Skype][cat: VoIP][1 pkts/72 bytes -> 0 pkts/0 bytes] - 198 UDP 192.168.1.34:13021 -> 157.55.130.151:40017 [proto: 125/Skype][cat: VoIP][1 pkts/72 bytes -> 0 pkts/0 bytes] - 199 UDP 192.168.1.34:13021 -> 64.4.23.168:40006 [proto: 125/Skype][cat: VoIP][1 pkts/71 bytes -> 0 pkts/0 bytes] - 200 UDP 192.168.1.34:13021 -> 65.55.223.21:40027 [proto: 125/Skype][cat: VoIP][1 pkts/71 bytes -> 0 pkts/0 bytes] - 201 UDP 192.168.1.34:13021 -> 65.55.223.45:40012 [proto: 125/Skype][cat: VoIP][1 pkts/71 bytes -> 0 pkts/0 bytes] - 202 UDP 192.168.1.34:13021 -> 111.221.74.44:40031 [proto: 125/Skype][cat: VoIP][1 pkts/71 bytes -> 0 pkts/0 bytes] - 203 UDP 192.168.1.34:13021 -> 111.221.74.46:40027 [proto: 125/Skype][cat: VoIP][1 pkts/71 bytes -> 0 pkts/0 bytes] - 204 UDP 192.168.1.34:13021 -> 111.221.77.153:40024 [proto: 125/Skype][cat: VoIP][1 pkts/71 bytes -> 0 pkts/0 bytes] - 205 UDP 192.168.1.34:13021 -> 157.55.56.148:40010 [proto: 125/Skype][cat: VoIP][1 pkts/71 bytes -> 0 pkts/0 bytes] - 206 UDP 192.168.1.34:13021 -> 157.55.235.157:40010 [proto: 125/Skype][cat: VoIP][1 pkts/71 bytes -> 0 pkts/0 bytes] - 207 UDP 192.168.1.34:13021 -> 157.55.235.172:40032 [proto: 125/Skype][cat: VoIP][1 pkts/71 bytes -> 0 pkts/0 bytes] - 208 UDP 192.168.1.34:13021 -> 157.56.52.18:33033 [proto: 125/Skype][cat: VoIP][1 pkts/71 bytes -> 0 pkts/0 bytes] - 209 UDP 192.168.1.34:13021 -> 213.199.179.170:40011 [proto: 125/Skype][cat: VoIP][1 pkts/71 bytes -> 0 pkts/0 bytes] - 210 UDP 192.168.1.34:13021 -> 64.4.23.150:40004 [proto: 125/Skype][cat: VoIP][1 pkts/70 bytes -> 0 pkts/0 bytes] - 211 UDP 192.168.1.34:13021 -> 64.4.23.159:40009 [proto: 125/Skype][cat: VoIP][1 pkts/70 bytes -> 0 pkts/0 bytes] - 212 UDP 192.168.1.34:13021 -> 65.55.223.17:40022 [proto: 125/Skype][cat: VoIP][1 pkts/70 bytes -> 0 pkts/0 bytes] - 213 UDP 192.168.1.34:13021 -> 111.221.74.17:40022 [proto: 125/Skype][cat: VoIP][1 pkts/70 bytes -> 0 pkts/0 bytes] - 214 UDP 192.168.1.34:13021 -> 111.221.74.18:33033 [proto: 125/Skype][cat: VoIP][1 pkts/70 bytes -> 0 pkts/0 bytes] - 215 UDP 192.168.1.34:13021 -> 111.221.74.32:40009 [proto: 125/Skype][cat: VoIP][1 pkts/70 bytes -> 0 pkts/0 bytes] - 216 UDP 192.168.1.34:13021 -> 111.221.74.42:40024 [proto: 125/Skype][cat: VoIP][1 pkts/70 bytes -> 0 pkts/0 bytes] - 217 UDP 192.168.1.34:13021 -> 157.55.56.146:33033 [proto: 125/Skype][cat: VoIP][1 pkts/70 bytes -> 0 pkts/0 bytes] - 218 UDP 192.168.1.34:13021 -> 157.55.56.161:40012 [proto: 125/Skype][cat: VoIP][1 pkts/70 bytes -> 0 pkts/0 bytes] - 219 UDP 192.168.1.34:13021 -> 157.55.130.155:40020 [proto: 125/Skype][cat: VoIP][1 pkts/70 bytes -> 0 pkts/0 bytes] - 220 UDP 192.168.1.34:13021 -> 157.55.130.165:40026 [proto: 125/Skype][cat: VoIP][1 pkts/70 bytes -> 0 pkts/0 bytes] - 221 UDP 192.168.1.34:13021 -> 157.55.235.142:40025 [proto: 125/Skype][cat: VoIP][1 pkts/70 bytes -> 0 pkts/0 bytes] - 222 UDP 192.168.1.34:13021 -> 157.56.52.33:40011 [proto: 125/Skype][cat: VoIP][1 pkts/70 bytes -> 0 pkts/0 bytes] - 223 UDP 192.168.1.34:13021 -> 213.199.179.162:40029 [proto: 125/Skype][cat: VoIP][1 pkts/70 bytes -> 0 pkts/0 bytes] - 224 UDP 192.168.1.34:13021 -> 64.4.23.148:40010 [proto: 125/Skype][cat: VoIP][1 pkts/69 bytes -> 0 pkts/0 bytes] - 225 UDP 192.168.1.34:13021 -> 65.55.223.18:33033 [proto: 125/Skype][cat: VoIP][1 pkts/69 bytes -> 0 pkts/0 bytes] - 226 UDP 192.168.1.34:13021 -> 65.55.223.41:40027 [proto: 125/Skype][cat: VoIP][1 pkts/69 bytes -> 0 pkts/0 bytes] - 227 UDP 192.168.1.34:13021 -> 111.221.77.148:40029 [proto: 125/Skype][cat: VoIP][1 pkts/69 bytes -> 0 pkts/0 bytes] - 228 UDP 192.168.1.34:13021 -> 157.55.130.146:33033 [proto: 125/Skype][cat: VoIP][1 pkts/69 bytes -> 0 pkts/0 bytes] - 229 UDP 192.168.1.34:13021 -> 157.55.235.143:40030 [proto: 125/Skype][cat: VoIP][1 pkts/69 bytes -> 0 pkts/0 bytes] - 230 UDP 192.168.1.34:13021 -> 157.55.235.160:40027 [proto: 125/Skype][cat: VoIP][1 pkts/69 bytes -> 0 pkts/0 bytes] - 231 UDP 192.168.1.34:13021 -> 157.55.235.166:40015 [proto: 125/Skype][cat: VoIP][1 pkts/69 bytes -> 0 pkts/0 bytes] - 232 UDP 192.168.1.34:13021 -> 157.56.52.37:40032 [proto: 125/Skype][cat: VoIP][1 pkts/69 bytes -> 0 pkts/0 bytes] - 233 UDP 192.168.1.34:13021 -> 64.4.23.140:40012 [proto: 125/Skype][cat: VoIP][1 pkts/68 bytes -> 0 pkts/0 bytes] - 234 UDP 192.168.1.34:13021 -> 64.4.23.170:40011 [proto: 125/Skype][cat: VoIP][1 pkts/68 bytes -> 0 pkts/0 bytes] - 235 UDP 192.168.1.34:13021 -> 111.221.74.19:40001 [proto: 125/Skype][cat: VoIP][1 pkts/68 bytes -> 0 pkts/0 bytes] - 236 UDP 192.168.1.34:13021 -> 111.221.77.160:40028 [proto: 125/Skype][cat: VoIP][1 pkts/68 bytes -> 0 pkts/0 bytes] - 237 UDP 192.168.1.34:13021 -> 111.221.77.168:40007 [proto: 125/Skype][cat: VoIP][1 pkts/68 bytes -> 0 pkts/0 bytes] - 238 UDP 192.168.1.34:13021 -> 157.55.56.145:40027 [proto: 125/Skype][cat: VoIP][1 pkts/68 bytes -> 0 pkts/0 bytes] - 239 UDP 192.168.1.34:13021 -> 157.55.56.165:40020 [proto: 125/Skype][cat: VoIP][1 pkts/68 bytes -> 0 pkts/0 bytes] - 240 UDP 192.168.1.34:13021 -> 157.55.235.145:40022 [proto: 125/Skype][cat: VoIP][1 pkts/68 bytes -> 0 pkts/0 bytes] - 241 UDP 192.168.1.34:13021 -> 157.56.52.15:40027 [proto: 125/Skype][cat: VoIP][1 pkts/68 bytes -> 0 pkts/0 bytes] - 242 UDP 192.168.1.34:13021 -> 65.55.223.24:40032 [proto: 125/Skype][cat: VoIP][1 pkts/67 bytes -> 0 pkts/0 bytes] - 243 UDP 192.168.1.34:13021 -> 111.221.74.16:40032 [proto: 125/Skype][cat: VoIP][1 pkts/67 bytes -> 0 pkts/0 bytes] - 244 UDP 192.168.1.34:13021 -> 111.221.77.141:40020 [proto: 125/Skype][cat: VoIP][1 pkts/67 bytes -> 0 pkts/0 bytes] - 245 UDP 192.168.1.34:13021 -> 111.221.77.149:40030 [proto: 125/Skype][cat: VoIP][1 pkts/67 bytes -> 0 pkts/0 bytes] - 246 UDP 192.168.1.34:13021 -> 111.221.77.154:40017 [proto: 125/Skype][cat: VoIP][1 pkts/67 bytes -> 0 pkts/0 bytes] - 247 UDP 192.168.1.34:13021 -> 157.55.130.157:40013 [proto: 125/Skype][cat: VoIP][1 pkts/67 bytes -> 0 pkts/0 bytes] - 248 UDP 192.168.1.34:13021 -> 157.55.130.160:40029 [proto: 125/Skype][cat: VoIP][1 pkts/67 bytes -> 0 pkts/0 bytes] - 249 UDP 192.168.1.34:13021 -> 157.55.130.172:40019 [proto: 125/Skype][cat: VoIP][1 pkts/67 bytes -> 0 pkts/0 bytes] - 250 UDP 192.168.1.34:13021 -> 157.56.52.45:40012 [proto: 125/Skype][cat: VoIP][1 pkts/67 bytes -> 0 pkts/0 bytes] - 251 UDP 192.168.1.34:13021 -> 213.199.179.146:33033 [proto: 125/Skype][cat: VoIP][1 pkts/67 bytes -> 0 pkts/0 bytes] - 252 UDP 192.168.1.34:13021 -> 213.199.179.146:40030 [proto: 125/Skype][cat: VoIP][1 pkts/67 bytes -> 0 pkts/0 bytes] - 253 UDP 192.168.1.34:13021 -> 64.4.23.146:33033 [proto: 125/Skype][cat: VoIP][1 pkts/66 bytes -> 0 pkts/0 bytes] - 254 UDP 192.168.1.34:13021 -> 64.4.23.173:40017 [proto: 125/Skype][cat: VoIP][1 pkts/66 bytes -> 0 pkts/0 bytes] - 255 UDP 192.168.1.34:13021 -> 65.55.223.15:40026 [proto: 125/Skype][cat: VoIP][1 pkts/66 bytes -> 0 pkts/0 bytes] - 256 UDP 192.168.1.34:13021 -> 65.55.223.38:40015 [proto: 125/Skype][cat: VoIP][1 pkts/66 bytes -> 0 pkts/0 bytes] - 257 UDP 192.168.1.34:13021 -> 65.55.223.44:40013 [proto: 125/Skype][cat: VoIP][1 pkts/66 bytes -> 0 pkts/0 bytes] - 258 UDP 192.168.1.34:13021 -> 111.221.74.25:40028 [proto: 125/Skype][cat: VoIP][1 pkts/66 bytes -> 0 pkts/0 bytes] - 259 UDP 192.168.1.34:13021 -> 111.221.77.143:40022 [proto: 125/Skype][cat: VoIP][1 pkts/66 bytes -> 0 pkts/0 bytes] - 260 UDP 192.168.1.34:13021 -> 157.55.130.144:40034 [proto: 125/Skype][cat: VoIP][1 pkts/66 bytes -> 0 pkts/0 bytes] - 261 UDP 192.168.1.34:13021 -> 157.55.235.146:33033 [proto: 125/Skype][cat: VoIP][1 pkts/66 bytes -> 0 pkts/0 bytes] - 262 UDP 192.168.1.34:13021 -> 213.199.179.145:40027 [proto: 125/Skype][cat: VoIP][1 pkts/66 bytes -> 0 pkts/0 bytes] - 263 UDP 192.168.1.34:13021 -> 65.55.223.20:40033 [proto: 125/Skype][cat: VoIP][1 pkts/64 bytes -> 0 pkts/0 bytes] - 264 UDP 192.168.1.34:13021 -> 111.221.74.24:40001 [proto: 125/Skype][cat: VoIP][1 pkts/64 bytes -> 0 pkts/0 bytes] - 265 UDP 192.168.1.34:13021 -> 111.221.77.140:40003 [proto: 125/Skype][cat: VoIP][1 pkts/64 bytes -> 0 pkts/0 bytes] - 266 UDP 192.168.1.34:13021 -> 157.55.56.166:40022 [proto: 125/Skype][cat: VoIP][1 pkts/64 bytes -> 0 pkts/0 bytes] - 267 UDP 192.168.1.34:13021 -> 157.55.130.148:40019 [proto: 125/Skype][cat: VoIP][1 pkts/64 bytes -> 0 pkts/0 bytes] - 268 UDP 192.168.1.34:13021 -> 157.55.235.158:40031 [proto: 125/Skype][cat: VoIP][1 pkts/64 bytes -> 0 pkts/0 bytes] - 269 UDP 192.168.1.34:13021 -> 157.55.235.159:40021 [proto: 125/Skype][cat: VoIP][1 pkts/64 bytes -> 0 pkts/0 bytes] - 270 UDP 192.168.1.34:13021 -> 157.55.235.173:40012 [proto: 125/Skype][cat: VoIP][1 pkts/64 bytes -> 0 pkts/0 bytes] - 271 UDP 192.168.1.34:13021 -> 157.56.52.21:40004 [proto: 125/Skype][cat: VoIP][1 pkts/64 bytes -> 0 pkts/0 bytes] - 272 UDP 192.168.1.34:13021 -> 157.56.52.24:40001 [proto: 125/Skype][cat: VoIP][1 pkts/64 bytes -> 0 pkts/0 bytes] - 273 UDP 192.168.1.34:13021 -> 157.56.52.47:40029 [proto: 125/Skype][cat: VoIP][1 pkts/64 bytes -> 0 pkts/0 bytes] - 274 UDP 192.168.1.34:13021 -> 213.199.179.152:40023 [proto: 125/Skype][cat: VoIP][1 pkts/64 bytes -> 0 pkts/0 bytes] - 275 IGMP 192.168.1.1:0 -> 224.0.0.1:0 [proto: 82/IGMP][cat: Network][1 pkts/60 bytes -> 0 pkts/0 bytes] - 276 IGMP 192.168.1.92:0 -> 224.0.0.251:0 [proto: 82/IGMP][cat: Network][1 pkts/60 bytes -> 0 pkts/0 bytes] - 277 UDP 192.168.1.34:13021 -> 65.55.223.39:443 [proto: 125/Skype][cat: VoIP][1 pkts/60 bytes -> 0 pkts/0 bytes] - 278 UDP 192.168.1.34:13021 -> 71.62.0.85:33647 [proto: 125/Skype][cat: VoIP][1 pkts/60 bytes -> 0 pkts/0 bytes] - 279 UDP 192.168.1.34:13021 -> 106.188.249.186:15120 [proto: 125/Skype][cat: VoIP][1 pkts/60 bytes -> 0 pkts/0 bytes] - 280 UDP 192.168.1.34:13021 -> 157.55.130.145:443 [proto: 125/Skype][cat: VoIP][1 pkts/60 bytes -> 0 pkts/0 bytes] - 281 UDP 192.168.1.34:13021 -> 176.97.100.249:26635 [proto: 125/Skype][cat: VoIP][1 pkts/60 bytes -> 0 pkts/0 bytes] - 282 IGMP 192.168.1.34:0 -> 224.0.0.251:0 [proto: 82/IGMP][cat: Network][1 pkts/46 bytes -> 0 pkts/0 bytes] + 137 IGMP 192.168.0.254:0 -> 224.0.0.1:0 [proto: 82/IGMP][cat: Network/14][2 pkts/92 bytes -> 0 pkts/0 bytes] + 138 UDP 192.168.1.34:13021 -> 64.4.23.145:40024 [proto: 125/Skype][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] + 139 UDP 192.168.1.34:13021 -> 65.55.223.26:40004 [proto: 125/Skype][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] + 140 UDP 192.168.1.34:13021 -> 65.55.223.33:40011 [proto: 125/Skype][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] + 141 UDP 192.168.1.34:13021 -> 157.55.56.168:40006 [proto: 125/Skype][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] + 142 UDP 192.168.1.34:13021 -> 157.55.130.146:40026 [proto: 125/Skype][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] + 143 UDP 192.168.1.34:13021 -> 157.55.130.154:40005 [proto: 125/Skype][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] + 144 UDP 192.168.1.34:13021 -> 157.55.235.147:40020 [proto: 125/Skype][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] + 145 UDP 192.168.1.34:13021 -> 157.55.235.152:40001 [proto: 125/Skype][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] + 146 UDP 192.168.1.34:13021 -> 213.199.179.155:40004 [proto: 125/Skype][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] + 147 UDP 192.168.1.34:13021 -> 111.221.74.28:40014 [proto: 125/Skype][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] + 148 UDP 192.168.1.34:13021 -> 111.221.77.146:33033 [proto: 125/Skype][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] + 149 UDP 192.168.1.34:13021 -> 111.221.77.155:40004 [proto: 125/Skype][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] + 150 UDP 192.168.1.34:13021 -> 111.221.77.159:40009 [proto: 125/Skype][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] + 151 UDP 192.168.1.34:13021 -> 111.221.77.172:40010 [proto: 125/Skype][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] + 152 UDP 192.168.1.34:13021 -> 157.55.130.156:40034 [proto: 125/Skype][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] + 153 UDP 192.168.1.34:13021 -> 157.55.235.161:40011 [proto: 125/Skype][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] + 154 UDP 192.168.1.34:13021 -> 157.55.235.176:40022 [proto: 125/Skype][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] + 155 UDP 192.168.1.34:13021 -> 157.56.52.27:40027 [proto: 125/Skype][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] + 156 UDP 192.168.1.34:13021 -> 157.56.52.28:40009 [proto: 125/Skype][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] + 157 UDP 192.168.1.34:13021 -> 64.4.23.143:40018 [proto: 125/Skype][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 158 UDP 192.168.1.34:13021 -> 64.4.23.155:40004 [proto: 125/Skype][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 159 UDP 192.168.1.34:13021 -> 65.55.223.29:40010 [proto: 125/Skype][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 160 UDP 192.168.1.34:13021 -> 111.221.74.15:40024 [proto: 125/Skype][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 161 UDP 192.168.1.34:13021 -> 111.221.77.145:40027 [proto: 125/Skype][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 162 UDP 192.168.1.34:13021 -> 111.221.77.166:40011 [proto: 125/Skype][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 163 UDP 192.168.1.34:13021 -> 157.55.56.142:40023 [proto: 125/Skype][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 164 UDP 192.168.1.34:13021 -> 157.55.56.151:40027 [proto: 125/Skype][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 165 UDP 192.168.1.34:13021 -> 157.55.56.175:40013 [proto: 125/Skype][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 166 UDP 192.168.1.34:13021 -> 157.55.130.143:40017 [proto: 125/Skype][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 167 UDP 192.168.1.34:13021 -> 157.55.235.155:40003 [proto: 125/Skype][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 168 UDP 192.168.1.34:13021 -> 157.56.52.17:40013 [proto: 125/Skype][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 169 UDP 192.168.1.34:13021 -> 64.4.23.166:40022 [proto: 125/Skype][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] + 170 UDP 192.168.1.34:13021 -> 65.55.223.25:40028 [proto: 125/Skype][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] + 171 UDP 192.168.1.34:13021 -> 65.55.223.43:40002 [proto: 125/Skype][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] + 172 UDP 192.168.1.34:13021 -> 111.221.74.43:40001 [proto: 125/Skype][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] + 173 UDP 192.168.1.34:13021 -> 111.221.77.151:40027 [proto: 125/Skype][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] + 174 UDP 192.168.1.34:13021 -> 157.55.56.162:40004 [proto: 125/Skype][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] + 175 UDP 192.168.1.34:13021 -> 157.55.130.147:40019 [proto: 125/Skype][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] + 176 UDP 192.168.1.34:13021 -> 157.55.235.175:40008 [proto: 125/Skype][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] + 177 UDP 192.168.1.34:13021 -> 213.199.179.150:40004 [proto: 125/Skype][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] + 178 UDP 192.168.1.34:13021 -> 111.221.74.12:40031 [proto: 125/Skype][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] + 179 UDP 192.168.1.34:13021 -> 111.221.74.48:40008 [proto: 125/Skype][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] + 180 UDP 192.168.1.34:13021 -> 111.221.77.165:40020 [proto: 125/Skype][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] + 181 UDP 192.168.1.34:13021 -> 213.199.179.141:40015 [proto: 125/Skype][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] + 182 UDP 192.168.1.34:13021 -> 213.199.179.143:40022 [proto: 125/Skype][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] + 183 UDP 192.168.1.34:13021 -> 213.199.179.154:40034 [proto: 125/Skype][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] + 184 UDP 192.168.1.34:13021 -> 65.55.223.28:40026 [proto: 125/Skype][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] + 185 UDP 192.168.1.34:13021 -> 111.221.74.40:40018 [proto: 125/Skype][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] + 186 UDP 192.168.1.34:13021 -> 157.55.130.175:40006 [proto: 125/Skype][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] + 187 UDP 192.168.1.34:13021 -> 157.56.52.26:40026 [proto: 125/Skype][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] + 188 UDP 192.168.1.34:13021 -> 213.199.179.165:40007 [proto: 125/Skype][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] + 189 UDP 192.168.1.34:13021 -> 64.4.23.141:40004 [proto: 125/Skype][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] + 190 UDP 192.168.1.34:13021 -> 111.221.74.29:40024 [proto: 125/Skype][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] + 191 UDP 192.168.1.34:13021 -> 111.221.74.31:40021 [proto: 125/Skype][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] + 192 UDP 192.168.1.34:13021 -> 111.221.77.176:40020 [proto: 125/Skype][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] + 193 UDP 192.168.1.34:13021 -> 157.55.235.153:40023 [proto: 125/Skype][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] + 194 UDP 192.168.1.34:13021 -> 213.199.179.168:40006 [proto: 125/Skype][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] + 195 UDP 192.168.1.34:13021 -> 64.4.23.151:40029 [proto: 125/Skype][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] + 196 UDP 192.168.1.34:13021 -> 64.4.23.165:40020 [proto: 125/Skype][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] + 197 UDP 192.168.1.34:13021 -> 111.221.77.142:40023 [proto: 125/Skype][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] + 198 UDP 192.168.1.34:13021 -> 157.55.130.151:40017 [proto: 125/Skype][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] + 199 UDP 192.168.1.34:13021 -> 64.4.23.168:40006 [proto: 125/Skype][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] + 200 UDP 192.168.1.34:13021 -> 65.55.223.21:40027 [proto: 125/Skype][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] + 201 UDP 192.168.1.34:13021 -> 65.55.223.45:40012 [proto: 125/Skype][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] + 202 UDP 192.168.1.34:13021 -> 111.221.74.44:40031 [proto: 125/Skype][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] + 203 UDP 192.168.1.34:13021 -> 111.221.74.46:40027 [proto: 125/Skype][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] + 204 UDP 192.168.1.34:13021 -> 111.221.77.153:40024 [proto: 125/Skype][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] + 205 UDP 192.168.1.34:13021 -> 157.55.56.148:40010 [proto: 125/Skype][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] + 206 UDP 192.168.1.34:13021 -> 157.55.235.157:40010 [proto: 125/Skype][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] + 207 UDP 192.168.1.34:13021 -> 157.55.235.172:40032 [proto: 125/Skype][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] + 208 UDP 192.168.1.34:13021 -> 157.56.52.18:33033 [proto: 125/Skype][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] + 209 UDP 192.168.1.34:13021 -> 213.199.179.170:40011 [proto: 125/Skype][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] + 210 UDP 192.168.1.34:13021 -> 64.4.23.150:40004 [proto: 125/Skype][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 211 UDP 192.168.1.34:13021 -> 64.4.23.159:40009 [proto: 125/Skype][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 212 UDP 192.168.1.34:13021 -> 65.55.223.17:40022 [proto: 125/Skype][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 213 UDP 192.168.1.34:13021 -> 111.221.74.17:40022 [proto: 125/Skype][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 214 UDP 192.168.1.34:13021 -> 111.221.74.18:33033 [proto: 125/Skype][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 215 UDP 192.168.1.34:13021 -> 111.221.74.32:40009 [proto: 125/Skype][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 216 UDP 192.168.1.34:13021 -> 111.221.74.42:40024 [proto: 125/Skype][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 217 UDP 192.168.1.34:13021 -> 157.55.56.146:33033 [proto: 125/Skype][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 218 UDP 192.168.1.34:13021 -> 157.55.56.161:40012 [proto: 125/Skype][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 219 UDP 192.168.1.34:13021 -> 157.55.130.155:40020 [proto: 125/Skype][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 220 UDP 192.168.1.34:13021 -> 157.55.130.165:40026 [proto: 125/Skype][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 221 UDP 192.168.1.34:13021 -> 157.55.235.142:40025 [proto: 125/Skype][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 222 UDP 192.168.1.34:13021 -> 157.56.52.33:40011 [proto: 125/Skype][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 223 UDP 192.168.1.34:13021 -> 213.199.179.162:40029 [proto: 125/Skype][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 224 UDP 192.168.1.34:13021 -> 64.4.23.148:40010 [proto: 125/Skype][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] + 225 UDP 192.168.1.34:13021 -> 65.55.223.18:33033 [proto: 125/Skype][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] + 226 UDP 192.168.1.34:13021 -> 65.55.223.41:40027 [proto: 125/Skype][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] + 227 UDP 192.168.1.34:13021 -> 111.221.77.148:40029 [proto: 125/Skype][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] + 228 UDP 192.168.1.34:13021 -> 157.55.130.146:33033 [proto: 125/Skype][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] + 229 UDP 192.168.1.34:13021 -> 157.55.235.143:40030 [proto: 125/Skype][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] + 230 UDP 192.168.1.34:13021 -> 157.55.235.160:40027 [proto: 125/Skype][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] + 231 UDP 192.168.1.34:13021 -> 157.55.235.166:40015 [proto: 125/Skype][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] + 232 UDP 192.168.1.34:13021 -> 157.56.52.37:40032 [proto: 125/Skype][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] + 233 UDP 192.168.1.34:13021 -> 64.4.23.140:40012 [proto: 125/Skype][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] + 234 UDP 192.168.1.34:13021 -> 64.4.23.170:40011 [proto: 125/Skype][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] + 235 UDP 192.168.1.34:13021 -> 111.221.74.19:40001 [proto: 125/Skype][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] + 236 UDP 192.168.1.34:13021 -> 111.221.77.160:40028 [proto: 125/Skype][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] + 237 UDP 192.168.1.34:13021 -> 111.221.77.168:40007 [proto: 125/Skype][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] + 238 UDP 192.168.1.34:13021 -> 157.55.56.145:40027 [proto: 125/Skype][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] + 239 UDP 192.168.1.34:13021 -> 157.55.56.165:40020 [proto: 125/Skype][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] + 240 UDP 192.168.1.34:13021 -> 157.55.235.145:40022 [proto: 125/Skype][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] + 241 UDP 192.168.1.34:13021 -> 157.56.52.15:40027 [proto: 125/Skype][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] + 242 UDP 192.168.1.34:13021 -> 65.55.223.24:40032 [proto: 125/Skype][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 243 UDP 192.168.1.34:13021 -> 111.221.74.16:40032 [proto: 125/Skype][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 244 UDP 192.168.1.34:13021 -> 111.221.77.141:40020 [proto: 125/Skype][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 245 UDP 192.168.1.34:13021 -> 111.221.77.149:40030 [proto: 125/Skype][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 246 UDP 192.168.1.34:13021 -> 111.221.77.154:40017 [proto: 125/Skype][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 247 UDP 192.168.1.34:13021 -> 157.55.130.157:40013 [proto: 125/Skype][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 248 UDP 192.168.1.34:13021 -> 157.55.130.160:40029 [proto: 125/Skype][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 249 UDP 192.168.1.34:13021 -> 157.55.130.172:40019 [proto: 125/Skype][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 250 UDP 192.168.1.34:13021 -> 157.56.52.45:40012 [proto: 125/Skype][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 251 UDP 192.168.1.34:13021 -> 213.199.179.146:33033 [proto: 125/Skype][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 252 UDP 192.168.1.34:13021 -> 213.199.179.146:40030 [proto: 125/Skype][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 253 UDP 192.168.1.34:13021 -> 64.4.23.146:33033 [proto: 125/Skype][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] + 254 UDP 192.168.1.34:13021 -> 64.4.23.173:40017 [proto: 125/Skype][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] + 255 UDP 192.168.1.34:13021 -> 65.55.223.15:40026 [proto: 125/Skype][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] + 256 UDP 192.168.1.34:13021 -> 65.55.223.38:40015 [proto: 125/Skype][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] + 257 UDP 192.168.1.34:13021 -> 65.55.223.44:40013 [proto: 125/Skype][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] + 258 UDP 192.168.1.34:13021 -> 111.221.74.25:40028 [proto: 125/Skype][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] + 259 UDP 192.168.1.34:13021 -> 111.221.77.143:40022 [proto: 125/Skype][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] + 260 UDP 192.168.1.34:13021 -> 157.55.130.144:40034 [proto: 125/Skype][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] + 261 UDP 192.168.1.34:13021 -> 157.55.235.146:33033 [proto: 125/Skype][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] + 262 UDP 192.168.1.34:13021 -> 213.199.179.145:40027 [proto: 125/Skype][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] + 263 UDP 192.168.1.34:13021 -> 65.55.223.20:40033 [proto: 125/Skype][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] + 264 UDP 192.168.1.34:13021 -> 111.221.74.24:40001 [proto: 125/Skype][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] + 265 UDP 192.168.1.34:13021 -> 111.221.77.140:40003 [proto: 125/Skype][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] + 266 UDP 192.168.1.34:13021 -> 157.55.56.166:40022 [proto: 125/Skype][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] + 267 UDP 192.168.1.34:13021 -> 157.55.130.148:40019 [proto: 125/Skype][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] + 268 UDP 192.168.1.34:13021 -> 157.55.235.158:40031 [proto: 125/Skype][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] + 269 UDP 192.168.1.34:13021 -> 157.55.235.159:40021 [proto: 125/Skype][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] + 270 UDP 192.168.1.34:13021 -> 157.55.235.173:40012 [proto: 125/Skype][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] + 271 UDP 192.168.1.34:13021 -> 157.56.52.21:40004 [proto: 125/Skype][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] + 272 UDP 192.168.1.34:13021 -> 157.56.52.24:40001 [proto: 125/Skype][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] + 273 UDP 192.168.1.34:13021 -> 157.56.52.47:40029 [proto: 125/Skype][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] + 274 UDP 192.168.1.34:13021 -> 213.199.179.152:40023 [proto: 125/Skype][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] + 275 IGMP 192.168.1.1:0 -> 224.0.0.1:0 [proto: 82/IGMP][cat: Network/14][1 pkts/60 bytes -> 0 pkts/0 bytes] + 276 IGMP 192.168.1.92:0 -> 224.0.0.251:0 [proto: 82/IGMP][cat: Network/14][1 pkts/60 bytes -> 0 pkts/0 bytes] + 277 UDP 192.168.1.34:13021 -> 65.55.223.39:443 [proto: 125/Skype][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes] + 278 UDP 192.168.1.34:13021 -> 71.62.0.85:33647 [proto: 125/Skype][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes] + 279 UDP 192.168.1.34:13021 -> 106.188.249.186:15120 [proto: 125/Skype][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes] + 280 UDP 192.168.1.34:13021 -> 157.55.130.145:443 [proto: 125/Skype][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes] + 281 UDP 192.168.1.34:13021 -> 176.97.100.249:26635 [proto: 125/Skype][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes] + 282 IGMP 192.168.1.34:0 -> 224.0.0.251:0 [proto: 82/IGMP][cat: Network/14][1 pkts/46 bytes -> 0 pkts/0 bytes] Undetected flows: diff --git a/tests/result/skype_no_unknown.pcap.out b/tests/result/skype_no_unknown.pcap.out index 4927132a8..a4e58cd54 100644 --- a/tests/result/skype_no_unknown.pcap.out +++ b/tests/result/skype_no_unknown.pcap.out @@ -12,16 +12,16 @@ Apple 76 19581 1 MS_OneDrive 348 181687 1 ApplePush 8 1118 1 - 1 TCP 192.168.1.34:51230 <-> 157.56.126.211:443 [proto: 91.221/SSL.MS_OneDrive][cat: Cloud][166 pkts/39042 bytes <-> 182 pkts/142645 bytes][server: *.gateway.messenger.live.com] + 1 TCP 192.168.1.34:51230 <-> 157.56.126.211:443 [proto: 91.221/SSL.MS_OneDrive][cat: Cloud/13][166 pkts/39042 bytes <-> 182 pkts/142645 bytes][server: *.gateway.messenger.live.com] 2 TCP 192.168.1.34:51279 <-> 111.221.74.48:40008 [proto: 125/Skype][101 pkts/30681 bytes <-> 98 pkts/59934 bytes] 3 TCP 192.168.1.34:51227 <-> 17.172.100.36:443 [proto: 91.140/SSL.Apple][38 pkts/9082 bytes <-> 38 pkts/10499 bytes] - 4 UDP 192.168.0.254:1025 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System][36 pkts/13402 bytes -> 0 pkts/0 bytes] - 5 TCP 192.168.1.34:51292 <-> 71.238.7.203:18767 [proto: 125/Skype][cat: VoIP][17 pkts/2686 bytes <-> 13 pkts/2218 bytes] - 6 TCP 192.168.1.34:51293 <-> 5.248.186.221:31010 [proto: 125/Skype][cat: VoIP][12 pkts/2194 bytes <-> 8 pkts/1711 bytes] - 7 TCP 192.168.1.34:51231 <-> 23.206.33.166:443 [proto: 91.125/SSL.Skype][cat: VoIP][16 pkts/3461 bytes <-> 1 pkts/74 bytes][client: apps.skype.com] - 8 TCP 192.168.1.34:51297 <-> 91.190.216.24:12350 [proto: 125/Skype][cat: VoIP][12 pkts/3242 bytes <-> 3 pkts/290 bytes] + 4 UDP 192.168.0.254:1025 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][36 pkts/13402 bytes -> 0 pkts/0 bytes] + 5 TCP 192.168.1.34:51292 <-> 71.238.7.203:18767 [proto: 125/Skype][cat: VoIP/10][17 pkts/2686 bytes <-> 13 pkts/2218 bytes] + 6 TCP 192.168.1.34:51293 <-> 5.248.186.221:31010 [proto: 125/Skype][cat: VoIP/10][12 pkts/2194 bytes <-> 8 pkts/1711 bytes] + 7 TCP 192.168.1.34:51231 <-> 23.206.33.166:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][16 pkts/3461 bytes <-> 1 pkts/74 bytes][client: apps.skype.com] + 8 TCP 192.168.1.34:51297 <-> 91.190.216.24:12350 [proto: 125/Skype][cat: VoIP/10][12 pkts/3242 bytes <-> 3 pkts/290 bytes] 9 TCP 108.160.163.108:443 <-> 192.168.1.34:51222 [proto: 91.121/SSL.Dropbox][4 pkts/818 bytes <-> 4 pkts/2172 bytes] - 10 TCP 192.168.1.34:51295 <-> 23.206.33.166:443 [proto: 91.125/SSL.Skype][cat: VoIP][11 pkts/2074 bytes <-> 1 pkts/74 bytes][client: apps.skype.com] + 10 TCP 192.168.1.34:51295 <-> 23.206.33.166:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][11 pkts/2074 bytes <-> 1 pkts/74 bytes][client: apps.skype.com] 11 TCP 192.168.1.34:51238 <-> 157.55.235.147:443 [proto: 91.125/SSL.Skype][13 pkts/1446 bytes <-> 4 pkts/266 bytes] 12 TCP 192.168.1.34:51262 <-> 213.199.179.176:443 [proto: 91/SSL][13 pkts/1437 bytes <-> 3 pkts/200 bytes] 13 TCP 192.168.1.34:51241 <-> 157.55.130.176:443 [proto: 91.125/SSL.Skype][12 pkts/1333 bytes <-> 3 pkts/251 bytes] @@ -29,244 +29,244 @@ ApplePush 8 1118 1 15 TCP 192.168.1.34:51239 <-> 65.55.223.45:443 [proto: 91/SSL][12 pkts/1291 bytes <-> 3 pkts/242 bytes] 16 TCP 192.168.1.34:51274 <-> 157.55.235.152:443 [proto: 91.125/SSL.Skype][12 pkts/1235 bytes <-> 3 pkts/285 bytes] 17 TCP 192.168.1.34:51260 <-> 157.55.130.142:443 [proto: 91.125/SSL.Skype][12 pkts/1249 bytes <-> 3 pkts/265 bytes] - 18 TCP 192.168.1.34:51258 <-> 213.199.179.176:40021 [proto: 125/Skype][cat: VoIP][14 pkts/1104 bytes <-> 5 pkts/392 bytes] - 19 TCP 192.168.1.34:51269 <-> 213.199.179.175:40029 [proto: 125/Skype][cat: VoIP][14 pkts/1106 bytes <-> 5 pkts/385 bytes] - 20 TCP 192.168.1.34:51290 <-> 5.248.186.221:31010 [proto: 125/Skype][cat: VoIP][14 pkts/1070 bytes <-> 4 pkts/420 bytes] - 21 TCP 192.168.1.34:51234 <-> 157.55.235.147:40001 [proto: 125/Skype][cat: VoIP][14 pkts/1117 bytes <-> 4 pkts/337 bytes] + 18 TCP 192.168.1.34:51258 <-> 213.199.179.176:40021 [proto: 125/Skype][cat: VoIP/10][14 pkts/1104 bytes <-> 5 pkts/392 bytes] + 19 TCP 192.168.1.34:51269 <-> 213.199.179.175:40029 [proto: 125/Skype][cat: VoIP/10][14 pkts/1106 bytes <-> 5 pkts/385 bytes] + 20 TCP 192.168.1.34:51290 <-> 5.248.186.221:31010 [proto: 125/Skype][cat: VoIP/10][14 pkts/1070 bytes <-> 4 pkts/420 bytes] + 21 TCP 192.168.1.34:51234 <-> 157.55.235.147:40001 [proto: 125/Skype][cat: VoIP/10][14 pkts/1117 bytes <-> 4 pkts/337 bytes] 22 TCP 192.168.1.34:51253 <-> 64.4.23.166:443 [proto: 91/SSL][11 pkts/1164 bytes <-> 3 pkts/268 bytes] 23 TCP 192.168.1.34:51247 <-> 157.56.52.44:443 [proto: 91.125/SSL.Skype][10 pkts/1077 bytes <-> 4 pkts/351 bytes] - 24 TCP 192.168.1.34:51257 <-> 157.55.235.170:40032 [proto: 125/Skype][cat: VoIP][14 pkts/1059 bytes <-> 4 pkts/367 bytes] - 25 TCP 192.168.1.34:51277 <-> 157.55.235.156:40026 [proto: 125/Skype][cat: VoIP][13 pkts/1011 bytes <-> 4 pkts/415 bytes] - 26 TCP 192.168.1.34:51305 <-> 149.13.32.15:13392 [proto: 125/Skype][cat: VoIP][14 pkts/1093 bytes <-> 4 pkts/333 bytes] + 24 TCP 192.168.1.34:51257 <-> 157.55.235.170:40032 [proto: 125/Skype][cat: VoIP/10][14 pkts/1059 bytes <-> 4 pkts/367 bytes] + 25 TCP 192.168.1.34:51277 <-> 157.55.235.156:40026 [proto: 125/Skype][cat: VoIP/10][13 pkts/1011 bytes <-> 4 pkts/415 bytes] + 26 TCP 192.168.1.34:51305 <-> 149.13.32.15:13392 [proto: 125/Skype][cat: VoIP/10][14 pkts/1093 bytes <-> 4 pkts/333 bytes] 27 TCP 192.168.1.34:51271 <-> 213.199.179.175:443 [proto: 91/SSL][12 pkts/1130 bytes <-> 3 pkts/285 bytes] 28 TCP 192.168.1.34:51280 <-> 157.55.235.146:443 [proto: 91.125/SSL.Skype][12 pkts/1130 bytes <-> 3 pkts/285 bytes] 29 TCP 192.168.1.34:51281 <-> 157.55.235.156:443 [proto: 91.125/SSL.Skype][12 pkts/1095 bytes <-> 3 pkts/285 bytes] 30 TCP 192.168.1.34:51240 <-> 111.221.74.45:443 [proto: 91.125/SSL.Skype][10 pkts/1022 bytes <-> 4 pkts/351 bytes] - 31 TCP 192.168.1.34:51289 <-> 71.238.7.203:18767 [proto: 125/Skype][cat: VoIP][13 pkts/991 bytes <-> 4 pkts/378 bytes] - 32 TCP 192.168.1.34:51272 <-> 157.55.235.152:40029 [proto: 125/Skype][cat: VoIP][13 pkts/1006 bytes <-> 4 pkts/361 bytes] + 31 TCP 192.168.1.34:51289 <-> 71.238.7.203:18767 [proto: 125/Skype][cat: VoIP/10][13 pkts/991 bytes <-> 4 pkts/378 bytes] + 32 TCP 192.168.1.34:51272 <-> 157.55.235.152:40029 [proto: 125/Skype][cat: VoIP/10][13 pkts/1006 bytes <-> 4 pkts/361 bytes] 33 TCP 192.168.1.34:51250 <-> 111.221.77.175:443 [proto: 91.125/SSL.Skype][10 pkts/1012 bytes <-> 4 pkts/351 bytes] - 34 TCP 192.168.1.34:51235 <-> 65.55.223.45:40009 [proto: 125/Skype][cat: VoIP][13 pkts/976 bytes <-> 4 pkts/365 bytes] - 35 TCP 192.168.1.34:51237 <-> 157.55.130.176:40022 [proto: 125/Skype][cat: VoIP][13 pkts/986 bytes <-> 4 pkts/344 bytes] - 36 TCP 192.168.1.34:51276 <-> 157.55.235.146:40021 [proto: 125/Skype][cat: VoIP][13 pkts/981 bytes <-> 4 pkts/348 bytes] - 37 TCP 192.168.1.34:51255 <-> 157.55.130.142:40005 [proto: 125/Skype][cat: VoIP][13 pkts/1004 bytes <-> 4 pkts/318 bytes] - 38 TCP 192.168.1.34:51251 <-> 64.4.23.166:40029 [proto: 125/Skype][cat: VoIP][12 pkts/948 bytes <-> 4 pkts/349 bytes] - 39 TCP 192.168.1.34:51229 <-> 157.56.52.28:40009 [proto: 125/Skype][cat: VoIP][12 pkts/951 bytes <-> 4 pkts/341 bytes] - 40 TCP 192.168.1.34:51248 <-> 111.221.77.175:40030 [proto: 125/Skype][cat: VoIP][11 pkts/858 bytes <-> 5 pkts/426 bytes] - 41 TCP 192.168.1.34:51246 <-> 157.56.52.44:40020 [proto: 125/Skype][cat: VoIP][11 pkts/856 bytes <-> 5 pkts/409 bytes] - 42 TCP 192.168.1.34:51288 <-> 76.167.161.6:20274 [proto: 125/Skype][cat: VoIP][11 pkts/861 bytes <-> 4 pkts/397 bytes] - 43 TCP 192.168.1.34:51236 <-> 111.221.74.45:40008 [proto: 125/Skype][cat: VoIP][11 pkts/844 bytes <-> 5 pkts/413 bytes] + 34 TCP 192.168.1.34:51235 <-> 65.55.223.45:40009 [proto: 125/Skype][cat: VoIP/10][13 pkts/976 bytes <-> 4 pkts/365 bytes] + 35 TCP 192.168.1.34:51237 <-> 157.55.130.176:40022 [proto: 125/Skype][cat: VoIP/10][13 pkts/986 bytes <-> 4 pkts/344 bytes] + 36 TCP 192.168.1.34:51276 <-> 157.55.235.146:40021 [proto: 125/Skype][cat: VoIP/10][13 pkts/981 bytes <-> 4 pkts/348 bytes] + 37 TCP 192.168.1.34:51255 <-> 157.55.130.142:40005 [proto: 125/Skype][cat: VoIP/10][13 pkts/1004 bytes <-> 4 pkts/318 bytes] + 38 TCP 192.168.1.34:51251 <-> 64.4.23.166:40029 [proto: 125/Skype][cat: VoIP/10][12 pkts/948 bytes <-> 4 pkts/349 bytes] + 39 TCP 192.168.1.34:51229 <-> 157.56.52.28:40009 [proto: 125/Skype][cat: VoIP/10][12 pkts/951 bytes <-> 4 pkts/341 bytes] + 40 TCP 192.168.1.34:51248 <-> 111.221.77.175:40030 [proto: 125/Skype][cat: VoIP/10][11 pkts/858 bytes <-> 5 pkts/426 bytes] + 41 TCP 192.168.1.34:51246 <-> 157.56.52.44:40020 [proto: 125/Skype][cat: VoIP/10][11 pkts/856 bytes <-> 5 pkts/409 bytes] + 42 TCP 192.168.1.34:51288 <-> 76.167.161.6:20274 [proto: 125/Skype][cat: VoIP/10][11 pkts/861 bytes <-> 4 pkts/397 bytes] + 43 TCP 192.168.1.34:51236 <-> 111.221.74.45:40008 [proto: 125/Skype][cat: VoIP/10][11 pkts/844 bytes <-> 5 pkts/413 bytes] 44 TCP 192.168.1.34:51282 <-> 64.4.23.159:443 [proto: 91/SSL][10 pkts/972 bytes <-> 3 pkts/285 bytes] 45 TCP 192.168.1.34:51259 <-> 111.221.77.142:443 [proto: 91.125/SSL.Skype][10 pkts/902 bytes <-> 4 pkts/351 bytes] - 46 TCP 192.168.1.34:51256 <-> 111.221.77.142:40013 [proto: 125/Skype][cat: VoIP][11 pkts/815 bytes <-> 5 pkts/423 bytes] - 47 TCP 192.168.1.34:51291 <-> 81.83.77.141:17639 [proto: 125/Skype][cat: VoIP][12 pkts/942 bytes <-> 3 pkts/284 bytes] - 48 TCP 192.168.1.34:51278 <-> 64.4.23.159:40009 [proto: 125/Skype][cat: VoIP][11 pkts/832 bytes <-> 4 pkts/387 bytes] + 46 TCP 192.168.1.34:51256 <-> 111.221.77.142:40013 [proto: 125/Skype][cat: VoIP/10][11 pkts/815 bytes <-> 5 pkts/423 bytes] + 47 TCP 192.168.1.34:51291 <-> 81.83.77.141:17639 [proto: 125/Skype][cat: VoIP/10][12 pkts/942 bytes <-> 3 pkts/284 bytes] + 48 TCP 192.168.1.34:51278 <-> 64.4.23.159:40009 [proto: 125/Skype][cat: VoIP/10][11 pkts/832 bytes <-> 4 pkts/387 bytes] 49 TCP 192.168.1.34:51268 <-> 111.221.74.18:443 [proto: 91.125/SSL.Skype][10 pkts/852 bytes <-> 4 pkts/351 bytes] - 50 TCP 192.168.1.34:51309 <-> 149.13.32.15:13392 [proto: 125/Skype][cat: VoIP][12 pkts/916 bytes <-> 3 pkts/281 bytes] - 51 TCP 192.168.1.34:51316 <-> 149.13.32.15:13392 [proto: 125/Skype][cat: VoIP][11 pkts/862 bytes <-> 3 pkts/314 bytes] - 52 TCP 192.168.1.34:51267 <-> 111.221.74.18:40025 [proto: 125/Skype][cat: VoIP][10 pkts/785 bytes <-> 4 pkts/378 bytes] + 50 TCP 192.168.1.34:51309 <-> 149.13.32.15:13392 [proto: 125/Skype][cat: VoIP/10][12 pkts/916 bytes <-> 3 pkts/281 bytes] + 51 TCP 192.168.1.34:51316 <-> 149.13.32.15:13392 [proto: 125/Skype][cat: VoIP/10][11 pkts/862 bytes <-> 3 pkts/314 bytes] + 52 TCP 192.168.1.34:51267 <-> 111.221.74.18:40025 [proto: 125/Skype][cat: VoIP/10][10 pkts/785 bytes <-> 4 pkts/378 bytes] 53 TCP 192.168.1.34:51232 <-> 157.56.52.28:443 [proto: 91.125/SSL.Skype][10 pkts/872 bytes <-> 3 pkts/285 bytes] - 54 TCP 192.168.1.34:51298 <-> 82.224.110.241:38895 [proto: 125/Skype][cat: VoIP][12 pkts/931 bytes <-> 2 pkts/219 bytes] - 55 TCP 192.168.1.34:51313 <-> 212.161.8.36:13392 [proto: 125/Skype][cat: VoIP][11 pkts/855 bytes <-> 3 pkts/287 bytes] - 56 UDP 192.168.1.1:137 <-> 192.168.1.34:137 [proto: 10/NetBIOS][cat: System][6 pkts/958 bytes <-> 2 pkts/184 bytes] - 57 TCP 192.168.1.34:51311 <-> 93.79.224.176:14506 [proto: 125/Skype][cat: VoIP][11 pkts/848 bytes <-> 3 pkts/286 bytes] - 58 TCP 17.143.160.149:5223 <-> 192.168.1.34:50407 [proto: 238/ApplePush][cat: Cloud][4 pkts/674 bytes <-> 4 pkts/444 bytes] - 59 UDP 192.168.1.34:17500 -> 192.168.1.255:17500 [proto: 121/Dropbox][cat: Cloud][2 pkts/1088 bytes -> 0 pkts/0 bytes] - 60 UDP 192.168.1.34:17500 -> 255.255.255.255:17500 [proto: 121/Dropbox][cat: Cloud][2 pkts/1088 bytes -> 0 pkts/0 bytes] - 61 UDP 192.168.1.92:17500 -> 192.168.1.255:17500 [proto: 121/Dropbox][cat: Cloud][2 pkts/1088 bytes -> 0 pkts/0 bytes] - 62 UDP 192.168.1.92:17500 -> 255.255.255.255:17500 [proto: 121/Dropbox][cat: Cloud][2 pkts/1088 bytes -> 0 pkts/0 bytes] - 63 TCP 192.168.1.34:51318 <-> 212.161.8.36:13392 [proto: 125/Skype][cat: VoIP][7 pkts/571 bytes <-> 3 pkts/286 bytes] - 64 UDP 192.168.1.34:137 -> 192.168.1.255:137 [proto: 10/NetBIOS][cat: System][7 pkts/680 bytes -> 0 pkts/0 bytes] + 54 TCP 192.168.1.34:51298 <-> 82.224.110.241:38895 [proto: 125/Skype][cat: VoIP/10][12 pkts/931 bytes <-> 2 pkts/219 bytes] + 55 TCP 192.168.1.34:51313 <-> 212.161.8.36:13392 [proto: 125/Skype][cat: VoIP/10][11 pkts/855 bytes <-> 3 pkts/287 bytes] + 56 UDP 192.168.1.1:137 <-> 192.168.1.34:137 [proto: 10/NetBIOS][cat: System/18][6 pkts/958 bytes <-> 2 pkts/184 bytes] + 57 TCP 192.168.1.34:51311 <-> 93.79.224.176:14506 [proto: 125/Skype][cat: VoIP/10][11 pkts/848 bytes <-> 3 pkts/286 bytes] + 58 TCP 17.143.160.149:5223 <-> 192.168.1.34:50407 [proto: 238/ApplePush][cat: Cloud/13][4 pkts/674 bytes <-> 4 pkts/444 bytes] + 59 UDP 192.168.1.34:17500 -> 192.168.1.255:17500 [proto: 121/Dropbox][cat: Cloud/13][2 pkts/1088 bytes -> 0 pkts/0 bytes] + 60 UDP 192.168.1.34:17500 -> 255.255.255.255:17500 [proto: 121/Dropbox][cat: Cloud/13][2 pkts/1088 bytes -> 0 pkts/0 bytes] + 61 UDP 192.168.1.92:17500 -> 192.168.1.255:17500 [proto: 121/Dropbox][cat: Cloud/13][2 pkts/1088 bytes -> 0 pkts/0 bytes] + 62 UDP 192.168.1.92:17500 -> 255.255.255.255:17500 [proto: 121/Dropbox][cat: Cloud/13][2 pkts/1088 bytes -> 0 pkts/0 bytes] + 63 TCP 192.168.1.34:51318 <-> 212.161.8.36:13392 [proto: 125/Skype][cat: VoIP/10][7 pkts/571 bytes <-> 3 pkts/286 bytes] + 64 UDP 192.168.1.34:137 -> 192.168.1.255:137 [proto: 10/NetBIOS][cat: System/18][7 pkts/680 bytes -> 0 pkts/0 bytes] 65 TCP 192.168.1.34:51299 <-> 91.190.216.125:12350 [proto: 125/Skype][6 pkts/353 bytes <-> 5 pkts/306 bytes] - 66 UDP 192.168.1.34:58631 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP][8 pkts/648 bytes -> 0 pkts/0 bytes][Host: conn.skype.akadns.net] - 67 UDP 192.168.1.34:60688 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP][8 pkts/648 bytes -> 0 pkts/0 bytes][Host: conn.skype.akadns.net] - 68 UDP 192.168.1.34:50055 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: pipe.prd.skypedata.akadns.net] - 69 UDP 192.168.1.34:51753 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: pipe.prd.skypedata.akadns.net] - 70 UDP 192.168.1.34:53372 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: 335.0.7.7.3.rst11.r.skype.net] - 71 UDP 192.168.1.34:55866 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: pipe.prd.skypedata.akadns.net] - 72 UDP 192.168.1.34:57592 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: 335.0.7.7.3.rst11.r.skype.net] - 73 UDP 192.168.1.34:61095 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: pipe.prd.skypedata.akadns.net] - 74 UDP 192.168.1.34:60413 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP][7 pkts/616 bytes -> 0 pkts/0 bytes][Host: 335.0.7.7.3.rst0.r.skype.net] - 75 UDP 192.168.1.34:64364 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP][7 pkts/616 bytes -> 0 pkts/0 bytes][Host: 335.0.7.7.3.rst0.r.skype.net] + 66 UDP 192.168.1.34:58631 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][8 pkts/648 bytes -> 0 pkts/0 bytes][Host: conn.skype.akadns.net] + 67 UDP 192.168.1.34:60688 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][8 pkts/648 bytes -> 0 pkts/0 bytes][Host: conn.skype.akadns.net] + 68 UDP 192.168.1.34:50055 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: pipe.prd.skypedata.akadns.net] + 69 UDP 192.168.1.34:51753 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: pipe.prd.skypedata.akadns.net] + 70 UDP 192.168.1.34:53372 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: 335.0.7.7.3.rst11.r.skype.net] + 71 UDP 192.168.1.34:55866 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: pipe.prd.skypedata.akadns.net] + 72 UDP 192.168.1.34:57592 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: 335.0.7.7.3.rst11.r.skype.net] + 73 UDP 192.168.1.34:61095 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: pipe.prd.skypedata.akadns.net] + 74 UDP 192.168.1.34:60413 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/616 bytes -> 0 pkts/0 bytes][Host: 335.0.7.7.3.rst0.r.skype.net] + 75 UDP 192.168.1.34:64364 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/616 bytes -> 0 pkts/0 bytes][Host: 335.0.7.7.3.rst0.r.skype.net] 76 TCP 192.168.1.34:51302 <-> 91.190.216.125:443 [proto: 91.125/SSL.Skype][6 pkts/353 bytes <-> 4 pkts/246 bytes] - 77 UDP 192.168.1.34:63514 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP][8 pkts/576 bytes -> 0 pkts/0 bytes][Host: ui.skype.com] - 78 UDP 192.168.1.34:55028 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP][7 pkts/546 bytes -> 0 pkts/0 bytes][Host: a.config.skype.com] - 79 UDP 192.168.1.34:63342 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP][7 pkts/546 bytes -> 0 pkts/0 bytes][Host: b.config.skype.com] - 80 UDP 192.168.1.34:64258 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP][7 pkts/546 bytes -> 0 pkts/0 bytes][Host: b.config.skype.com] - 81 UDP 192.168.1.34:64971 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP][7 pkts/546 bytes -> 0 pkts/0 bytes][Host: a.config.skype.com] - 82 UDP 192.168.1.34:59113 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP][7 pkts/539 bytes -> 0 pkts/0 bytes][Host: dsn13.d.skype.net] - 83 UDP 192.168.1.34:62875 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP][7 pkts/539 bytes -> 0 pkts/0 bytes][Host: dsn13.d.skype.net] - 84 UDP 192.168.1.34:49864 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP][7 pkts/511 bytes -> 0 pkts/0 bytes][Host: api.skype.com] - 85 UDP 192.168.1.34:64240 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP][7 pkts/511 bytes -> 0 pkts/0 bytes][Host: api.skype.com] + 77 UDP 192.168.1.34:63514 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][8 pkts/576 bytes -> 0 pkts/0 bytes][Host: ui.skype.com] + 78 UDP 192.168.1.34:55028 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/546 bytes -> 0 pkts/0 bytes][Host: a.config.skype.com] + 79 UDP 192.168.1.34:63342 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/546 bytes -> 0 pkts/0 bytes][Host: b.config.skype.com] + 80 UDP 192.168.1.34:64258 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/546 bytes -> 0 pkts/0 bytes][Host: b.config.skype.com] + 81 UDP 192.168.1.34:64971 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/546 bytes -> 0 pkts/0 bytes][Host: a.config.skype.com] + 82 UDP 192.168.1.34:59113 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/539 bytes -> 0 pkts/0 bytes][Host: dsn13.d.skype.net] + 83 UDP 192.168.1.34:62875 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/539 bytes -> 0 pkts/0 bytes][Host: dsn13.d.skype.net] + 84 UDP 192.168.1.34:49864 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/511 bytes -> 0 pkts/0 bytes][Host: api.skype.com] + 85 UDP 192.168.1.34:64240 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/511 bytes -> 0 pkts/0 bytes][Host: api.skype.com] 86 TCP 192.168.1.34:51296 <-> 91.190.216.125:12350 [proto: 125/Skype][3 pkts/293 bytes <-> 3 pkts/186 bytes] 87 TCP 192.168.1.34:51308 -> 80.121.84.93:443 [proto: 91/SSL][6 pkts/468 bytes -> 0 pkts/0 bytes] 88 UDP 192.168.1.1:138 -> 192.168.1.34:138 [proto: 10/NetBIOS][2 pkts/452 bytes -> 0 pkts/0 bytes] - 89 UDP 192.168.1.34:138 -> 192.168.1.255:138 [proto: 10/NetBIOS][cat: System][2 pkts/432 bytes -> 0 pkts/0 bytes] + 89 UDP 192.168.1.34:138 -> 192.168.1.255:138 [proto: 10/NetBIOS][cat: System/18][2 pkts/432 bytes -> 0 pkts/0 bytes] 90 TCP 192.168.1.34:51284 <-> 91.190.218.125:12350 [proto: 125/Skype][3 pkts/237 bytes <-> 3 pkts/186 bytes] 91 TCP 192.168.1.34:51285 <-> 91.190.218.125:12350 [proto: 125/Skype][3 pkts/191 bytes <-> 3 pkts/186 bytes] 92 TCP 192.168.1.34:51286 <-> 91.190.218.125:443 [proto: 91.125/SSL.Skype][3 pkts/191 bytes <-> 3 pkts/186 bytes] - 93 UDP 192.168.1.34:58061 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System][2 pkts/349 bytes -> 0 pkts/0 bytes] - 94 UDP 192.168.1.34:59237 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System][2 pkts/349 bytes -> 0 pkts/0 bytes] - 95 ICMP 192.168.1.1:0 -> 192.168.1.34:0 [proto: 81/ICMP][cat: Network][4 pkts/328 bytes -> 0 pkts/0 bytes] - 96 UDP 192.168.1.34:13021 -> 83.31.12.173:23939 [proto: 125/Skype][cat: VoIP][5 pkts/300 bytes -> 0 pkts/0 bytes] - 97 UDP 192.168.1.34:13021 -> 174.49.171.224:32011 [proto: 125/Skype][cat: VoIP][5 pkts/300 bytes -> 0 pkts/0 bytes] - 98 UDP 192.168.1.34:57694 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network][1 pkts/101 bytes <-> 1 pkts/166 bytes][Host: db3msgr5011709.gateway.messenger.live.com] - 99 UDP [fe80::c62c:3ff:fe06:49fe]:5353 -> [ff02::fb]:5353 [proto: 8/MDNS][cat: Network][2 pkts/258 bytes -> 0 pkts/0 bytes] - 100 UDP 192.168.1.92:138 -> 192.168.1.255:138 [proto: 10/NetBIOS][cat: System][1 pkts/216 bytes -> 0 pkts/0 bytes] + 93 UDP 192.168.1.34:58061 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][2 pkts/349 bytes -> 0 pkts/0 bytes] + 94 UDP 192.168.1.34:59237 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][2 pkts/349 bytes -> 0 pkts/0 bytes] + 95 ICMP 192.168.1.1:0 -> 192.168.1.34:0 [proto: 81/ICMP][cat: Network/14][4 pkts/328 bytes -> 0 pkts/0 bytes] + 96 UDP 192.168.1.34:13021 -> 83.31.12.173:23939 [proto: 125/Skype][cat: VoIP/10][5 pkts/300 bytes -> 0 pkts/0 bytes] + 97 UDP 192.168.1.34:13021 -> 174.49.171.224:32011 [proto: 125/Skype][cat: VoIP/10][5 pkts/300 bytes -> 0 pkts/0 bytes] + 98 UDP 192.168.1.34:57694 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/101 bytes <-> 1 pkts/166 bytes][Host: db3msgr5011709.gateway.messenger.live.com] + 99 UDP [fe80::c62c:3ff:fe06:49fe]:5353 -> [ff02::fb]:5353 [proto: 8/MDNS][cat: Network/14][2 pkts/258 bytes -> 0 pkts/0 bytes] + 100 UDP 192.168.1.92:138 -> 192.168.1.255:138 [proto: 10/NetBIOS][cat: System/18][1 pkts/216 bytes -> 0 pkts/0 bytes] 101 TCP 192.168.1.34:51283 <-> 111.221.74.48:443 [proto: 91.125/SSL.Skype][2 pkts/132 bytes <-> 1 pkts/74 bytes] - 102 UDP 192.168.1.34:59788 <-> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP][1 pkts/82 bytes <-> 1 pkts/98 bytes][Host: e4593.g.akamaiedge.net] - 103 UDP 192.168.1.34:63661 <-> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP][1 pkts/82 bytes <-> 1 pkts/98 bytes][Host: e4593.g.akamaiedge.net] - 104 UDP 192.168.1.92:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network][1 pkts/142 bytes -> 0 pkts/0 bytes][Lucas-iMac.local] - 105 UDP 192.168.1.92:137 -> 192.168.1.255:137 [proto: 10/NetBIOS][cat: System][1 pkts/92 bytes -> 0 pkts/0 bytes] - 106 UDP 192.168.1.92:53826 -> 192.168.1.255:137 [proto: 10/NetBIOS][cat: System][1 pkts/92 bytes -> 0 pkts/0 bytes] - 107 UDP 192.168.1.34:61016 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP][1 pkts/80 bytes -> 0 pkts/0 bytes][Host: apps.skypeassets.com] - 108 UDP 192.168.1.34:13021 -> 64.4.23.148:40029 [proto: 125/Skype][cat: VoIP][1 pkts/79 bytes -> 0 pkts/0 bytes] - 109 UDP 192.168.1.34:13021 -> 64.4.23.171:40031 [proto: 125/Skype][cat: VoIP][1 pkts/79 bytes -> 0 pkts/0 bytes] - 110 UDP 192.168.1.34:13021 -> 65.55.223.27:40029 [proto: 125/Skype][cat: VoIP][1 pkts/79 bytes -> 0 pkts/0 bytes] - 111 UDP 192.168.1.34:13021 -> 111.221.74.40:40025 [proto: 125/Skype][cat: VoIP][1 pkts/79 bytes -> 0 pkts/0 bytes] - 112 UDP 192.168.1.34:13021 -> 111.221.77.151:40029 [proto: 125/Skype][cat: VoIP][1 pkts/79 bytes -> 0 pkts/0 bytes] - 113 UDP 192.168.1.34:13021 -> 111.221.77.173:40012 [proto: 125/Skype][cat: VoIP][1 pkts/79 bytes -> 0 pkts/0 bytes] - 114 UDP 192.168.1.34:13021 -> 157.55.56.147:40014 [proto: 125/Skype][cat: VoIP][1 pkts/79 bytes -> 0 pkts/0 bytes] - 115 UDP 192.168.1.34:13021 -> 157.55.130.167:40031 [proto: 125/Skype][cat: VoIP][1 pkts/79 bytes -> 0 pkts/0 bytes] - 116 UDP 192.168.1.34:13021 -> 157.55.235.144:40032 [proto: 125/Skype][cat: VoIP][1 pkts/79 bytes -> 0 pkts/0 bytes] - 117 UDP 192.168.1.34:13021 -> 157.56.52.15:40027 [proto: 125/Skype][cat: VoIP][1 pkts/79 bytes -> 0 pkts/0 bytes] - 118 UDP 192.168.1.34:13021 -> 213.199.179.141:40015 [proto: 125/Skype][cat: VoIP][1 pkts/79 bytes -> 0 pkts/0 bytes] - 119 UDP 192.168.1.34:13021 -> 213.199.179.156:40031 [proto: 125/Skype][cat: VoIP][1 pkts/79 bytes -> 0 pkts/0 bytes] - 120 UDP 192.168.1.34:13021 -> 64.4.23.143:40018 [proto: 125/Skype][cat: VoIP][1 pkts/78 bytes -> 0 pkts/0 bytes] - 121 UDP 192.168.1.34:13021 -> 111.221.74.28:40026 [proto: 125/Skype][cat: VoIP][1 pkts/78 bytes -> 0 pkts/0 bytes] - 122 UDP 192.168.1.34:13021 -> 111.221.77.170:40021 [proto: 125/Skype][cat: VoIP][1 pkts/78 bytes -> 0 pkts/0 bytes] - 123 UDP 192.168.1.34:13021 -> 157.56.52.39:40031 [proto: 125/Skype][cat: VoIP][1 pkts/78 bytes -> 0 pkts/0 bytes] - 124 UDP 192.168.1.34:13021 -> 157.56.52.43:40006 [proto: 125/Skype][cat: VoIP][1 pkts/78 bytes -> 0 pkts/0 bytes] - 125 UDP 192.168.1.34:13021 -> 213.199.179.143:40018 [proto: 125/Skype][cat: VoIP][1 pkts/78 bytes -> 0 pkts/0 bytes] - 126 UDP 192.168.1.34:13021 -> 213.199.179.154:40017 [proto: 125/Skype][cat: VoIP][1 pkts/78 bytes -> 0 pkts/0 bytes] - 127 UDP 192.168.1.34:13021 -> 213.199.179.165:40004 [proto: 125/Skype][cat: VoIP][1 pkts/78 bytes -> 0 pkts/0 bytes] - 128 UDP 192.168.1.34:13021 -> 65.55.223.15:40030 [proto: 125/Skype][cat: VoIP][1 pkts/77 bytes -> 0 pkts/0 bytes] - 129 UDP 192.168.1.34:13021 -> 65.55.223.24:40029 [proto: 125/Skype][cat: VoIP][1 pkts/77 bytes -> 0 pkts/0 bytes] - 130 UDP 192.168.1.34:13021 -> 65.55.223.32:40022 [proto: 125/Skype][cat: VoIP][1 pkts/77 bytes -> 0 pkts/0 bytes] - 131 UDP 192.168.1.34:13021 -> 65.55.223.43:40006 [proto: 125/Skype][cat: VoIP][1 pkts/77 bytes -> 0 pkts/0 bytes] - 132 UDP 192.168.1.34:13021 -> 111.221.74.20:40033 [proto: 125/Skype][cat: VoIP][1 pkts/77 bytes -> 0 pkts/0 bytes] - 133 UDP 192.168.1.34:13021 -> 111.221.77.154:40017 [proto: 125/Skype][cat: VoIP][1 pkts/77 bytes -> 0 pkts/0 bytes] - 134 UDP 192.168.1.34:13021 -> 157.55.130.149:40011 [proto: 125/Skype][cat: VoIP][1 pkts/77 bytes -> 0 pkts/0 bytes] - 135 UDP 192.168.1.34:13021 -> 157.55.235.168:40024 [proto: 125/Skype][cat: VoIP][1 pkts/77 bytes -> 0 pkts/0 bytes] - 136 UDP 192.168.1.34:13021 -> 157.56.52.18:33033 [proto: 125/Skype][cat: VoIP][1 pkts/77 bytes -> 0 pkts/0 bytes] - 137 UDP 192.168.1.34:13021 -> 157.56.52.20:40033 [proto: 125/Skype][cat: VoIP][1 pkts/77 bytes -> 0 pkts/0 bytes] - 138 UDP 192.168.1.34:13021 -> 213.199.179.160:40030 [proto: 125/Skype][cat: VoIP][1 pkts/77 bytes -> 0 pkts/0 bytes] - 139 UDP 192.168.1.34:13021 -> 64.4.23.158:40021 [proto: 125/Skype][cat: VoIP][1 pkts/76 bytes -> 0 pkts/0 bytes] - 140 UDP 192.168.1.34:13021 -> 64.4.23.173:40017 [proto: 125/Skype][cat: VoIP][1 pkts/76 bytes -> 0 pkts/0 bytes] - 141 UDP 192.168.1.34:13021 -> 65.55.223.42:40024 [proto: 125/Skype][cat: VoIP][1 pkts/76 bytes -> 0 pkts/0 bytes] - 142 UDP 192.168.1.34:13021 -> 65.55.223.44:40020 [proto: 125/Skype][cat: VoIP][1 pkts/76 bytes -> 0 pkts/0 bytes] - 143 UDP 192.168.1.34:13021 -> 111.221.74.33:40011 [proto: 125/Skype][cat: VoIP][1 pkts/76 bytes -> 0 pkts/0 bytes] - 144 UDP 192.168.1.34:13021 -> 111.221.77.165:40004 [proto: 125/Skype][cat: VoIP][1 pkts/76 bytes -> 0 pkts/0 bytes] - 145 UDP 192.168.1.34:13021 -> 157.55.56.140:40003 [proto: 125/Skype][cat: VoIP][1 pkts/76 bytes -> 0 pkts/0 bytes] - 146 UDP 192.168.1.34:13021 -> 157.55.56.170:40015 [proto: 125/Skype][cat: VoIP][1 pkts/76 bytes -> 0 pkts/0 bytes] - 147 UDP 192.168.1.34:13021 -> 157.55.130.165:40028 [proto: 125/Skype][cat: VoIP][1 pkts/76 bytes -> 0 pkts/0 bytes] - 148 UDP 192.168.1.34:13021 -> 157.55.130.170:40018 [proto: 125/Skype][cat: VoIP][1 pkts/76 bytes -> 0 pkts/0 bytes] - 149 UDP 192.168.1.34:13021 -> 157.55.235.146:33033 [proto: 125/Skype][cat: VoIP][1 pkts/76 bytes -> 0 pkts/0 bytes] - 150 UDP 192.168.1.34:13021 -> 157.56.52.25:40010 [proto: 125/Skype][cat: VoIP][1 pkts/76 bytes -> 0 pkts/0 bytes] - 151 UDP 192.168.1.34:13021 -> 213.199.179.172:40011 [proto: 125/Skype][cat: VoIP][1 pkts/76 bytes -> 0 pkts/0 bytes] - 152 UDP 192.168.1.34:13021 -> 64.4.23.165:40004 [proto: 125/Skype][cat: VoIP][1 pkts/75 bytes -> 0 pkts/0 bytes] - 153 UDP 192.168.1.34:13021 -> 111.221.77.149:40016 [proto: 125/Skype][cat: VoIP][1 pkts/75 bytes -> 0 pkts/0 bytes] - 154 UDP 192.168.1.34:13021 -> 157.55.235.148:40033 [proto: 125/Skype][cat: VoIP][1 pkts/75 bytes -> 0 pkts/0 bytes] - 155 UDP 192.168.1.34:13021 -> 157.56.52.13:40021 [proto: 125/Skype][cat: VoIP][1 pkts/75 bytes -> 0 pkts/0 bytes] - 156 UDP 192.168.1.34:13021 -> 157.56.52.38:40015 [proto: 125/Skype][cat: VoIP][1 pkts/75 bytes -> 0 pkts/0 bytes] - 157 UDP 192.168.1.34:13021 -> 157.56.52.42:40005 [proto: 125/Skype][cat: VoIP][1 pkts/75 bytes -> 0 pkts/0 bytes] - 158 UDP 192.168.1.34:13021 -> 213.199.179.146:33033 [proto: 125/Skype][cat: VoIP][1 pkts/75 bytes -> 0 pkts/0 bytes] - 159 UDP 192.168.1.34:13021 -> 64.4.23.155:40004 [proto: 125/Skype][cat: VoIP][1 pkts/74 bytes -> 0 pkts/0 bytes] - 160 UDP 192.168.1.34:13021 -> 65.55.223.22:40009 [proto: 125/Skype][cat: VoIP][1 pkts/74 bytes -> 0 pkts/0 bytes] - 161 UDP 192.168.1.34:13021 -> 65.55.223.28:40014 [proto: 125/Skype][cat: VoIP][1 pkts/74 bytes -> 0 pkts/0 bytes] - 162 UDP 192.168.1.34:13021 -> 65.55.223.33:40002 [proto: 125/Skype][cat: VoIP][1 pkts/74 bytes -> 0 pkts/0 bytes] - 163 UDP 192.168.1.34:13021 -> 157.55.235.155:40027 [proto: 125/Skype][cat: VoIP][1 pkts/74 bytes -> 0 pkts/0 bytes] - 164 UDP 192.168.1.34:13021 -> 157.55.235.175:40023 [proto: 125/Skype][cat: VoIP][1 pkts/74 bytes -> 0 pkts/0 bytes] - 165 UDP 192.168.1.34:13021 -> 64.4.23.145:40027 [proto: 125/Skype][cat: VoIP][1 pkts/73 bytes -> 0 pkts/0 bytes] - 166 UDP 192.168.1.34:13021 -> 111.221.74.19:40001 [proto: 125/Skype][cat: VoIP][1 pkts/73 bytes -> 0 pkts/0 bytes] - 167 UDP 192.168.1.34:13021 -> 111.221.74.34:40027 [proto: 125/Skype][cat: VoIP][1 pkts/73 bytes -> 0 pkts/0 bytes] - 168 UDP 192.168.1.34:13021 -> 157.55.130.146:40033 [proto: 125/Skype][cat: VoIP][1 pkts/73 bytes -> 0 pkts/0 bytes] - 169 UDP 192.168.1.34:13021 -> 157.55.235.158:40027 [proto: 125/Skype][cat: VoIP][1 pkts/73 bytes -> 0 pkts/0 bytes] - 170 UDP 192.168.1.34:13021 -> 157.55.235.176:40031 [proto: 125/Skype][cat: VoIP][1 pkts/73 bytes -> 0 pkts/0 bytes] - 171 UDP 192.168.1.34:13021 -> 213.199.179.149:40030 [proto: 125/Skype][cat: VoIP][1 pkts/73 bytes -> 0 pkts/0 bytes] - 172 UDP 192.168.1.34:13021 -> 64.4.23.142:40023 [proto: 125/Skype][cat: VoIP][1 pkts/72 bytes -> 0 pkts/0 bytes] - 173 UDP 192.168.1.34:13021 -> 111.221.74.24:40032 [proto: 125/Skype][cat: VoIP][1 pkts/72 bytes -> 0 pkts/0 bytes] - 174 UDP 192.168.1.34:13021 -> 111.221.77.159:40031 [proto: 125/Skype][cat: VoIP][1 pkts/72 bytes -> 0 pkts/0 bytes] - 175 UDP 192.168.1.34:13021 -> 157.55.56.142:40013 [proto: 125/Skype][cat: VoIP][1 pkts/72 bytes -> 0 pkts/0 bytes] - 176 UDP 192.168.1.34:13021 -> 157.55.56.145:40008 [proto: 125/Skype][cat: VoIP][1 pkts/72 bytes -> 0 pkts/0 bytes] - 177 UDP 192.168.1.34:13021 -> 157.55.130.140:40011 [proto: 125/Skype][cat: VoIP][1 pkts/72 bytes -> 0 pkts/0 bytes] - 178 UDP 192.168.1.34:13021 -> 157.55.130.148:40019 [proto: 125/Skype][cat: VoIP][1 pkts/72 bytes -> 0 pkts/0 bytes] - 179 UDP 192.168.1.34:13021 -> 157.55.130.152:40022 [proto: 125/Skype][cat: VoIP][1 pkts/72 bytes -> 0 pkts/0 bytes] - 180 UDP 192.168.1.34:13021 -> 157.55.130.173:40003 [proto: 125/Skype][cat: VoIP][1 pkts/72 bytes -> 0 pkts/0 bytes] - 181 UDP 192.168.1.34:13021 -> 157.55.235.174:40019 [proto: 125/Skype][cat: VoIP][1 pkts/72 bytes -> 0 pkts/0 bytes] - 182 UDP 192.168.1.34:13021 -> 157.56.52.27:40025 [proto: 125/Skype][cat: VoIP][1 pkts/72 bytes -> 0 pkts/0 bytes] - 183 UDP 192.168.1.34:13021 -> 213.199.179.173:40013 [proto: 125/Skype][cat: VoIP][1 pkts/72 bytes -> 0 pkts/0 bytes] - 184 UDP 192.168.1.34:13021 -> 64.4.23.149:40030 [proto: 125/Skype][cat: VoIP][1 pkts/71 bytes -> 0 pkts/0 bytes] - 185 UDP 192.168.1.34:13021 -> 65.55.223.13:40009 [proto: 125/Skype][cat: VoIP][1 pkts/71 bytes -> 0 pkts/0 bytes] - 186 UDP 192.168.1.34:13021 -> 111.221.74.15:40026 [proto: 125/Skype][cat: VoIP][1 pkts/71 bytes -> 0 pkts/0 bytes] - 187 UDP 192.168.1.34:13021 -> 157.55.56.146:40030 [proto: 125/Skype][cat: VoIP][1 pkts/71 bytes -> 0 pkts/0 bytes] - 188 UDP 192.168.1.34:13021 -> 157.55.130.150:40007 [proto: 125/Skype][cat: VoIP][1 pkts/71 bytes -> 0 pkts/0 bytes] - 189 UDP 192.168.1.34:13021 -> 157.55.130.171:40012 [proto: 125/Skype][cat: VoIP][1 pkts/71 bytes -> 0 pkts/0 bytes] - 190 UDP 192.168.1.34:13021 -> 157.55.235.143:40030 [proto: 125/Skype][cat: VoIP][1 pkts/71 bytes -> 0 pkts/0 bytes] - 191 UDP 192.168.1.34:13021 -> 157.56.52.33:40002 [proto: 125/Skype][cat: VoIP][1 pkts/71 bytes -> 0 pkts/0 bytes] - 192 UDP 192.168.1.34:13021 -> 213.199.179.174:40025 [proto: 125/Skype][cat: VoIP][1 pkts/71 bytes -> 0 pkts/0 bytes] - 193 UDP 192.168.1.34:13021 -> 64.4.23.154:40032 [proto: 125/Skype][cat: VoIP][1 pkts/70 bytes -> 0 pkts/0 bytes] - 194 UDP 192.168.1.34:13021 -> 65.55.223.16:40032 [proto: 125/Skype][cat: VoIP][1 pkts/70 bytes -> 0 pkts/0 bytes] - 195 UDP 192.168.1.34:13021 -> 65.55.223.17:40025 [proto: 125/Skype][cat: VoIP][1 pkts/70 bytes -> 0 pkts/0 bytes] - 196 UDP 192.168.1.34:13021 -> 65.55.223.65:33033 [proto: 125/Skype][cat: VoIP][1 pkts/70 bytes -> 0 pkts/0 bytes] - 197 UDP 192.168.1.34:13021 -> 111.221.74.27:40027 [proto: 125/Skype][cat: VoIP][1 pkts/70 bytes -> 0 pkts/0 bytes] - 198 UDP 192.168.1.34:13021 -> 111.221.74.44:40019 [proto: 125/Skype][cat: VoIP][1 pkts/70 bytes -> 0 pkts/0 bytes] - 199 UDP 192.168.1.34:13021 -> 111.221.77.146:33033 [proto: 125/Skype][cat: VoIP][1 pkts/70 bytes -> 0 pkts/0 bytes] - 200 UDP 192.168.1.34:13021 -> 111.221.77.160:40016 [proto: 125/Skype][cat: VoIP][1 pkts/70 bytes -> 0 pkts/0 bytes] - 201 UDP 192.168.1.34:13021 -> 157.56.52.24:40032 [proto: 125/Skype][cat: VoIP][1 pkts/70 bytes -> 0 pkts/0 bytes] - 202 UDP 192.168.1.34:13021 -> 213.199.179.140:40003 [proto: 125/Skype][cat: VoIP][1 pkts/70 bytes -> 0 pkts/0 bytes] - 203 UDP 192.168.1.34:13021 -> 64.4.23.151:40029 [proto: 125/Skype][cat: VoIP][1 pkts/69 bytes -> 0 pkts/0 bytes] - 204 UDP 192.168.1.34:13021 -> 64.4.23.176:40001 [proto: 125/Skype][cat: VoIP][1 pkts/69 bytes -> 0 pkts/0 bytes] - 205 UDP 192.168.1.34:13021 -> 157.55.130.146:33033 [proto: 125/Skype][cat: VoIP][1 pkts/69 bytes -> 0 pkts/0 bytes] - 206 UDP 192.168.1.34:13021 -> 157.55.235.172:40020 [proto: 125/Skype][cat: VoIP][1 pkts/69 bytes -> 0 pkts/0 bytes] - 207 UDP 192.168.1.34:13021 -> 213.199.179.144:40009 [proto: 125/Skype][cat: VoIP][1 pkts/69 bytes -> 0 pkts/0 bytes] - 208 UDP 192.168.1.34:13021 -> 111.221.77.145:40024 [proto: 125/Skype][cat: VoIP][1 pkts/68 bytes -> 0 pkts/0 bytes] - 209 UDP 192.168.1.34:13021 -> 157.55.56.150:40014 [proto: 125/Skype][cat: VoIP][1 pkts/68 bytes -> 0 pkts/0 bytes] - 210 UDP 192.168.1.34:13021 -> 157.55.130.175:40006 [proto: 125/Skype][cat: VoIP][1 pkts/68 bytes -> 0 pkts/0 bytes] - 211 UDP 192.168.1.34:13021 -> 157.55.235.160:40022 [proto: 125/Skype][cat: VoIP][1 pkts/68 bytes -> 0 pkts/0 bytes] - 212 UDP 192.168.1.34:13021 -> 157.56.52.19:40020 [proto: 125/Skype][cat: VoIP][1 pkts/68 bytes -> 0 pkts/0 bytes] - 213 UDP 192.168.1.34:13021 -> 213.199.179.146:40030 [proto: 125/Skype][cat: VoIP][1 pkts/68 bytes -> 0 pkts/0 bytes] - 214 UDP 192.168.1.34:13021 -> 64.4.23.140:40003 [proto: 125/Skype][cat: VoIP][1 pkts/67 bytes -> 0 pkts/0 bytes] - 215 UDP 192.168.1.34:13021 -> 65.55.223.18:33033 [proto: 125/Skype][cat: VoIP][1 pkts/67 bytes -> 0 pkts/0 bytes] - 216 UDP 192.168.1.34:13021 -> 65.55.223.18:40025 [proto: 125/Skype][cat: VoIP][1 pkts/67 bytes -> 0 pkts/0 bytes] - 217 UDP 192.168.1.34:13021 -> 111.221.74.18:33033 [proto: 125/Skype][cat: VoIP][1 pkts/67 bytes -> 0 pkts/0 bytes] - 218 UDP 192.168.1.34:13021 -> 111.221.74.42:40006 [proto: 125/Skype][cat: VoIP][1 pkts/67 bytes -> 0 pkts/0 bytes] - 219 UDP 192.168.1.34:13021 -> 111.221.74.43:40001 [proto: 125/Skype][cat: VoIP][1 pkts/67 bytes -> 0 pkts/0 bytes] - 220 UDP 192.168.1.34:13021 -> 111.221.74.46:40027 [proto: 125/Skype][cat: VoIP][1 pkts/67 bytes -> 0 pkts/0 bytes] - 221 UDP 192.168.1.34:13021 -> 111.221.77.143:40022 [proto: 125/Skype][cat: VoIP][1 pkts/67 bytes -> 0 pkts/0 bytes] - 222 UDP 192.168.1.34:13021 -> 157.55.56.161:40031 [proto: 125/Skype][cat: VoIP][1 pkts/67 bytes -> 0 pkts/0 bytes] - 223 UDP 192.168.1.34:13021 -> 157.55.56.167:40024 [proto: 125/Skype][cat: VoIP][1 pkts/67 bytes -> 0 pkts/0 bytes] - 224 UDP 192.168.1.34:13021 -> 157.55.130.144:40016 [proto: 125/Skype][cat: VoIP][1 pkts/67 bytes -> 0 pkts/0 bytes] - 225 UDP 192.168.1.34:13021 -> 157.55.130.160:40008 [proto: 125/Skype][cat: VoIP][1 pkts/67 bytes -> 0 pkts/0 bytes] - 226 UDP 192.168.1.34:13021 -> 157.55.235.166:40015 [proto: 125/Skype][cat: VoIP][1 pkts/67 bytes -> 0 pkts/0 bytes] - 227 UDP 192.168.1.34:13021 -> 157.56.52.12:40031 [proto: 125/Skype][cat: VoIP][1 pkts/67 bytes -> 0 pkts/0 bytes] - 228 UDP 192.168.1.34:13021 -> 157.56.52.29:40010 [proto: 125/Skype][cat: VoIP][1 pkts/67 bytes -> 0 pkts/0 bytes] - 229 UDP 192.168.1.34:13021 -> 64.4.23.146:33033 [proto: 125/Skype][cat: VoIP][1 pkts/66 bytes -> 0 pkts/0 bytes] - 230 UDP 192.168.1.34:13021 -> 64.4.23.170:40011 [proto: 125/Skype][cat: VoIP][1 pkts/66 bytes -> 0 pkts/0 bytes] - 231 UDP 192.168.1.34:13021 -> 65.55.223.20:40023 [proto: 125/Skype][cat: VoIP][1 pkts/66 bytes -> 0 pkts/0 bytes] - 232 UDP 192.168.1.34:13021 -> 157.55.56.143:40018 [proto: 125/Skype][cat: VoIP][1 pkts/66 bytes -> 0 pkts/0 bytes] - 233 UDP 192.168.1.34:13021 -> 157.55.130.154:40013 [proto: 125/Skype][cat: VoIP][1 pkts/66 bytes -> 0 pkts/0 bytes] - 234 UDP 192.168.1.34:13021 -> 157.55.235.162:40033 [proto: 125/Skype][cat: VoIP][1 pkts/66 bytes -> 0 pkts/0 bytes] - 235 UDP 192.168.1.34:13021 -> 157.55.235.171:40006 [proto: 125/Skype][cat: VoIP][1 pkts/66 bytes -> 0 pkts/0 bytes] - 236 UDP 192.168.1.34:13021 -> 157.56.52.16:40032 [proto: 125/Skype][cat: VoIP][1 pkts/66 bytes -> 0 pkts/0 bytes] - 237 UDP 192.168.1.34:13021 -> 157.56.52.17:40013 [proto: 125/Skype][cat: VoIP][1 pkts/66 bytes -> 0 pkts/0 bytes] - 238 UDP 192.168.1.34:13021 -> 111.221.74.13:40009 [proto: 125/Skype][cat: VoIP][1 pkts/64 bytes -> 0 pkts/0 bytes] - 239 UDP 192.168.1.34:13021 -> 111.221.74.38:40015 [proto: 125/Skype][cat: VoIP][1 pkts/64 bytes -> 0 pkts/0 bytes] - 240 UDP 192.168.1.34:13021 -> 111.221.77.171:40030 [proto: 125/Skype][cat: VoIP][1 pkts/64 bytes -> 0 pkts/0 bytes] - 241 UDP 192.168.1.34:13021 -> 157.55.130.156:40019 [proto: 125/Skype][cat: VoIP][1 pkts/64 bytes -> 0 pkts/0 bytes] - 242 UDP 192.168.1.34:13021 -> 157.55.130.157:40013 [proto: 125/Skype][cat: VoIP][1 pkts/64 bytes -> 0 pkts/0 bytes] - 243 UDP 192.168.1.34:13021 -> 157.55.130.159:40016 [proto: 125/Skype][cat: VoIP][1 pkts/64 bytes -> 0 pkts/0 bytes] - 244 UDP 192.168.1.34:13021 -> 157.55.235.167:40029 [proto: 125/Skype][cat: VoIP][1 pkts/64 bytes -> 0 pkts/0 bytes] - 245 UDP 192.168.1.34:13021 -> 157.56.52.40:40017 [proto: 125/Skype][cat: VoIP][1 pkts/64 bytes -> 0 pkts/0 bytes] - 246 UDP 192.168.1.34:13021 -> 213.199.179.145:40024 [proto: 125/Skype][cat: VoIP][1 pkts/64 bytes -> 0 pkts/0 bytes] - 247 IGMP 192.168.1.219:0 -> 224.0.0.22:0 [proto: 82/IGMP][cat: Network][1 pkts/60 bytes -> 0 pkts/0 bytes] - 248 IGMP 192.168.1.219:0 -> 233.89.188.1:0 [proto: 82/IGMP][cat: Network][1 pkts/60 bytes -> 0 pkts/0 bytes] - 249 IGMP 192.168.1.229:0 -> 224.0.0.251:0 [proto: 82/IGMP][cat: Network][1 pkts/60 bytes -> 0 pkts/0 bytes] - 250 UDP 192.168.1.34:13021 -> 111.221.74.14:443 [proto: 125/Skype][cat: VoIP][1 pkts/60 bytes -> 0 pkts/0 bytes] - 251 UDP 192.168.1.34:13021 -> 133.236.67.25:49195 [proto: 125/Skype][cat: VoIP][1 pkts/60 bytes -> 0 pkts/0 bytes] - 252 UDP 192.168.1.34:13021 -> 157.55.235.141:443 [proto: 125/Skype][cat: VoIP][1 pkts/60 bytes -> 0 pkts/0 bytes] - 253 UDP 192.168.1.34:13021 -> 189.138.161.88:19521 [proto: 125/Skype][cat: VoIP][1 pkts/60 bytes -> 0 pkts/0 bytes] - 254 UDP 192.168.1.34:13021 -> 189.188.134.174:22436 [proto: 125/Skype][cat: VoIP][1 pkts/60 bytes -> 0 pkts/0 bytes] - 255 IGMP 192.168.0.254:0 -> 224.0.0.1:0 [proto: 82/IGMP][cat: Network][1 pkts/46 bytes -> 0 pkts/0 bytes] + 102 UDP 192.168.1.34:59788 <-> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][1 pkts/82 bytes <-> 1 pkts/98 bytes][Host: e4593.g.akamaiedge.net] + 103 UDP 192.168.1.34:63661 <-> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][1 pkts/82 bytes <-> 1 pkts/98 bytes][Host: e4593.g.akamaiedge.net] + 104 UDP 192.168.1.92:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network/14][1 pkts/142 bytes -> 0 pkts/0 bytes][Lucas-iMac.local] + 105 UDP 192.168.1.92:137 -> 192.168.1.255:137 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes -> 0 pkts/0 bytes] + 106 UDP 192.168.1.92:53826 -> 192.168.1.255:137 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes -> 0 pkts/0 bytes] + 107 UDP 192.168.1.34:61016 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][1 pkts/80 bytes -> 0 pkts/0 bytes][Host: apps.skypeassets.com] + 108 UDP 192.168.1.34:13021 -> 64.4.23.148:40029 [proto: 125/Skype][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] + 109 UDP 192.168.1.34:13021 -> 64.4.23.171:40031 [proto: 125/Skype][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] + 110 UDP 192.168.1.34:13021 -> 65.55.223.27:40029 [proto: 125/Skype][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] + 111 UDP 192.168.1.34:13021 -> 111.221.74.40:40025 [proto: 125/Skype][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] + 112 UDP 192.168.1.34:13021 -> 111.221.77.151:40029 [proto: 125/Skype][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] + 113 UDP 192.168.1.34:13021 -> 111.221.77.173:40012 [proto: 125/Skype][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] + 114 UDP 192.168.1.34:13021 -> 157.55.56.147:40014 [proto: 125/Skype][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] + 115 UDP 192.168.1.34:13021 -> 157.55.130.167:40031 [proto: 125/Skype][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] + 116 UDP 192.168.1.34:13021 -> 157.55.235.144:40032 [proto: 125/Skype][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] + 117 UDP 192.168.1.34:13021 -> 157.56.52.15:40027 [proto: 125/Skype][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] + 118 UDP 192.168.1.34:13021 -> 213.199.179.141:40015 [proto: 125/Skype][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] + 119 UDP 192.168.1.34:13021 -> 213.199.179.156:40031 [proto: 125/Skype][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] + 120 UDP 192.168.1.34:13021 -> 64.4.23.143:40018 [proto: 125/Skype][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] + 121 UDP 192.168.1.34:13021 -> 111.221.74.28:40026 [proto: 125/Skype][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] + 122 UDP 192.168.1.34:13021 -> 111.221.77.170:40021 [proto: 125/Skype][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] + 123 UDP 192.168.1.34:13021 -> 157.56.52.39:40031 [proto: 125/Skype][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] + 124 UDP 192.168.1.34:13021 -> 157.56.52.43:40006 [proto: 125/Skype][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] + 125 UDP 192.168.1.34:13021 -> 213.199.179.143:40018 [proto: 125/Skype][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] + 126 UDP 192.168.1.34:13021 -> 213.199.179.154:40017 [proto: 125/Skype][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] + 127 UDP 192.168.1.34:13021 -> 213.199.179.165:40004 [proto: 125/Skype][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] + 128 UDP 192.168.1.34:13021 -> 65.55.223.15:40030 [proto: 125/Skype][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 129 UDP 192.168.1.34:13021 -> 65.55.223.24:40029 [proto: 125/Skype][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 130 UDP 192.168.1.34:13021 -> 65.55.223.32:40022 [proto: 125/Skype][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 131 UDP 192.168.1.34:13021 -> 65.55.223.43:40006 [proto: 125/Skype][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 132 UDP 192.168.1.34:13021 -> 111.221.74.20:40033 [proto: 125/Skype][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 133 UDP 192.168.1.34:13021 -> 111.221.77.154:40017 [proto: 125/Skype][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 134 UDP 192.168.1.34:13021 -> 157.55.130.149:40011 [proto: 125/Skype][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 135 UDP 192.168.1.34:13021 -> 157.55.235.168:40024 [proto: 125/Skype][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 136 UDP 192.168.1.34:13021 -> 157.56.52.18:33033 [proto: 125/Skype][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 137 UDP 192.168.1.34:13021 -> 157.56.52.20:40033 [proto: 125/Skype][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 138 UDP 192.168.1.34:13021 -> 213.199.179.160:40030 [proto: 125/Skype][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 139 UDP 192.168.1.34:13021 -> 64.4.23.158:40021 [proto: 125/Skype][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] + 140 UDP 192.168.1.34:13021 -> 64.4.23.173:40017 [proto: 125/Skype][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] + 141 UDP 192.168.1.34:13021 -> 65.55.223.42:40024 [proto: 125/Skype][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] + 142 UDP 192.168.1.34:13021 -> 65.55.223.44:40020 [proto: 125/Skype][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] + 143 UDP 192.168.1.34:13021 -> 111.221.74.33:40011 [proto: 125/Skype][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] + 144 UDP 192.168.1.34:13021 -> 111.221.77.165:40004 [proto: 125/Skype][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] + 145 UDP 192.168.1.34:13021 -> 157.55.56.140:40003 [proto: 125/Skype][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] + 146 UDP 192.168.1.34:13021 -> 157.55.56.170:40015 [proto: 125/Skype][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] + 147 UDP 192.168.1.34:13021 -> 157.55.130.165:40028 [proto: 125/Skype][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] + 148 UDP 192.168.1.34:13021 -> 157.55.130.170:40018 [proto: 125/Skype][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] + 149 UDP 192.168.1.34:13021 -> 157.55.235.146:33033 [proto: 125/Skype][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] + 150 UDP 192.168.1.34:13021 -> 157.56.52.25:40010 [proto: 125/Skype][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] + 151 UDP 192.168.1.34:13021 -> 213.199.179.172:40011 [proto: 125/Skype][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] + 152 UDP 192.168.1.34:13021 -> 64.4.23.165:40004 [proto: 125/Skype][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] + 153 UDP 192.168.1.34:13021 -> 111.221.77.149:40016 [proto: 125/Skype][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] + 154 UDP 192.168.1.34:13021 -> 157.55.235.148:40033 [proto: 125/Skype][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] + 155 UDP 192.168.1.34:13021 -> 157.56.52.13:40021 [proto: 125/Skype][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] + 156 UDP 192.168.1.34:13021 -> 157.56.52.38:40015 [proto: 125/Skype][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] + 157 UDP 192.168.1.34:13021 -> 157.56.52.42:40005 [proto: 125/Skype][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] + 158 UDP 192.168.1.34:13021 -> 213.199.179.146:33033 [proto: 125/Skype][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] + 159 UDP 192.168.1.34:13021 -> 64.4.23.155:40004 [proto: 125/Skype][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] + 160 UDP 192.168.1.34:13021 -> 65.55.223.22:40009 [proto: 125/Skype][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] + 161 UDP 192.168.1.34:13021 -> 65.55.223.28:40014 [proto: 125/Skype][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] + 162 UDP 192.168.1.34:13021 -> 65.55.223.33:40002 [proto: 125/Skype][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] + 163 UDP 192.168.1.34:13021 -> 157.55.235.155:40027 [proto: 125/Skype][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] + 164 UDP 192.168.1.34:13021 -> 157.55.235.175:40023 [proto: 125/Skype][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] + 165 UDP 192.168.1.34:13021 -> 64.4.23.145:40027 [proto: 125/Skype][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] + 166 UDP 192.168.1.34:13021 -> 111.221.74.19:40001 [proto: 125/Skype][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] + 167 UDP 192.168.1.34:13021 -> 111.221.74.34:40027 [proto: 125/Skype][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] + 168 UDP 192.168.1.34:13021 -> 157.55.130.146:40033 [proto: 125/Skype][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] + 169 UDP 192.168.1.34:13021 -> 157.55.235.158:40027 [proto: 125/Skype][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] + 170 UDP 192.168.1.34:13021 -> 157.55.235.176:40031 [proto: 125/Skype][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] + 171 UDP 192.168.1.34:13021 -> 213.199.179.149:40030 [proto: 125/Skype][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] + 172 UDP 192.168.1.34:13021 -> 64.4.23.142:40023 [proto: 125/Skype][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] + 173 UDP 192.168.1.34:13021 -> 111.221.74.24:40032 [proto: 125/Skype][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] + 174 UDP 192.168.1.34:13021 -> 111.221.77.159:40031 [proto: 125/Skype][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] + 175 UDP 192.168.1.34:13021 -> 157.55.56.142:40013 [proto: 125/Skype][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] + 176 UDP 192.168.1.34:13021 -> 157.55.56.145:40008 [proto: 125/Skype][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] + 177 UDP 192.168.1.34:13021 -> 157.55.130.140:40011 [proto: 125/Skype][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] + 178 UDP 192.168.1.34:13021 -> 157.55.130.148:40019 [proto: 125/Skype][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] + 179 UDP 192.168.1.34:13021 -> 157.55.130.152:40022 [proto: 125/Skype][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] + 180 UDP 192.168.1.34:13021 -> 157.55.130.173:40003 [proto: 125/Skype][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] + 181 UDP 192.168.1.34:13021 -> 157.55.235.174:40019 [proto: 125/Skype][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] + 182 UDP 192.168.1.34:13021 -> 157.56.52.27:40025 [proto: 125/Skype][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] + 183 UDP 192.168.1.34:13021 -> 213.199.179.173:40013 [proto: 125/Skype][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] + 184 UDP 192.168.1.34:13021 -> 64.4.23.149:40030 [proto: 125/Skype][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] + 185 UDP 192.168.1.34:13021 -> 65.55.223.13:40009 [proto: 125/Skype][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] + 186 UDP 192.168.1.34:13021 -> 111.221.74.15:40026 [proto: 125/Skype][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] + 187 UDP 192.168.1.34:13021 -> 157.55.56.146:40030 [proto: 125/Skype][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] + 188 UDP 192.168.1.34:13021 -> 157.55.130.150:40007 [proto: 125/Skype][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] + 189 UDP 192.168.1.34:13021 -> 157.55.130.171:40012 [proto: 125/Skype][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] + 190 UDP 192.168.1.34:13021 -> 157.55.235.143:40030 [proto: 125/Skype][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] + 191 UDP 192.168.1.34:13021 -> 157.56.52.33:40002 [proto: 125/Skype][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] + 192 UDP 192.168.1.34:13021 -> 213.199.179.174:40025 [proto: 125/Skype][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] + 193 UDP 192.168.1.34:13021 -> 64.4.23.154:40032 [proto: 125/Skype][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 194 UDP 192.168.1.34:13021 -> 65.55.223.16:40032 [proto: 125/Skype][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 195 UDP 192.168.1.34:13021 -> 65.55.223.17:40025 [proto: 125/Skype][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 196 UDP 192.168.1.34:13021 -> 65.55.223.65:33033 [proto: 125/Skype][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 197 UDP 192.168.1.34:13021 -> 111.221.74.27:40027 [proto: 125/Skype][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 198 UDP 192.168.1.34:13021 -> 111.221.74.44:40019 [proto: 125/Skype][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 199 UDP 192.168.1.34:13021 -> 111.221.77.146:33033 [proto: 125/Skype][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 200 UDP 192.168.1.34:13021 -> 111.221.77.160:40016 [proto: 125/Skype][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 201 UDP 192.168.1.34:13021 -> 157.56.52.24:40032 [proto: 125/Skype][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 202 UDP 192.168.1.34:13021 -> 213.199.179.140:40003 [proto: 125/Skype][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 203 UDP 192.168.1.34:13021 -> 64.4.23.151:40029 [proto: 125/Skype][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] + 204 UDP 192.168.1.34:13021 -> 64.4.23.176:40001 [proto: 125/Skype][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] + 205 UDP 192.168.1.34:13021 -> 157.55.130.146:33033 [proto: 125/Skype][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] + 206 UDP 192.168.1.34:13021 -> 157.55.235.172:40020 [proto: 125/Skype][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] + 207 UDP 192.168.1.34:13021 -> 213.199.179.144:40009 [proto: 125/Skype][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] + 208 UDP 192.168.1.34:13021 -> 111.221.77.145:40024 [proto: 125/Skype][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] + 209 UDP 192.168.1.34:13021 -> 157.55.56.150:40014 [proto: 125/Skype][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] + 210 UDP 192.168.1.34:13021 -> 157.55.130.175:40006 [proto: 125/Skype][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] + 211 UDP 192.168.1.34:13021 -> 157.55.235.160:40022 [proto: 125/Skype][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] + 212 UDP 192.168.1.34:13021 -> 157.56.52.19:40020 [proto: 125/Skype][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] + 213 UDP 192.168.1.34:13021 -> 213.199.179.146:40030 [proto: 125/Skype][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] + 214 UDP 192.168.1.34:13021 -> 64.4.23.140:40003 [proto: 125/Skype][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 215 UDP 192.168.1.34:13021 -> 65.55.223.18:33033 [proto: 125/Skype][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 216 UDP 192.168.1.34:13021 -> 65.55.223.18:40025 [proto: 125/Skype][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 217 UDP 192.168.1.34:13021 -> 111.221.74.18:33033 [proto: 125/Skype][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 218 UDP 192.168.1.34:13021 -> 111.221.74.42:40006 [proto: 125/Skype][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 219 UDP 192.168.1.34:13021 -> 111.221.74.43:40001 [proto: 125/Skype][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 220 UDP 192.168.1.34:13021 -> 111.221.74.46:40027 [proto: 125/Skype][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 221 UDP 192.168.1.34:13021 -> 111.221.77.143:40022 [proto: 125/Skype][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 222 UDP 192.168.1.34:13021 -> 157.55.56.161:40031 [proto: 125/Skype][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 223 UDP 192.168.1.34:13021 -> 157.55.56.167:40024 [proto: 125/Skype][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 224 UDP 192.168.1.34:13021 -> 157.55.130.144:40016 [proto: 125/Skype][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 225 UDP 192.168.1.34:13021 -> 157.55.130.160:40008 [proto: 125/Skype][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 226 UDP 192.168.1.34:13021 -> 157.55.235.166:40015 [proto: 125/Skype][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 227 UDP 192.168.1.34:13021 -> 157.56.52.12:40031 [proto: 125/Skype][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 228 UDP 192.168.1.34:13021 -> 157.56.52.29:40010 [proto: 125/Skype][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 229 UDP 192.168.1.34:13021 -> 64.4.23.146:33033 [proto: 125/Skype][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] + 230 UDP 192.168.1.34:13021 -> 64.4.23.170:40011 [proto: 125/Skype][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] + 231 UDP 192.168.1.34:13021 -> 65.55.223.20:40023 [proto: 125/Skype][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] + 232 UDP 192.168.1.34:13021 -> 157.55.56.143:40018 [proto: 125/Skype][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] + 233 UDP 192.168.1.34:13021 -> 157.55.130.154:40013 [proto: 125/Skype][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] + 234 UDP 192.168.1.34:13021 -> 157.55.235.162:40033 [proto: 125/Skype][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] + 235 UDP 192.168.1.34:13021 -> 157.55.235.171:40006 [proto: 125/Skype][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] + 236 UDP 192.168.1.34:13021 -> 157.56.52.16:40032 [proto: 125/Skype][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] + 237 UDP 192.168.1.34:13021 -> 157.56.52.17:40013 [proto: 125/Skype][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] + 238 UDP 192.168.1.34:13021 -> 111.221.74.13:40009 [proto: 125/Skype][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] + 239 UDP 192.168.1.34:13021 -> 111.221.74.38:40015 [proto: 125/Skype][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] + 240 UDP 192.168.1.34:13021 -> 111.221.77.171:40030 [proto: 125/Skype][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] + 241 UDP 192.168.1.34:13021 -> 157.55.130.156:40019 [proto: 125/Skype][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] + 242 UDP 192.168.1.34:13021 -> 157.55.130.157:40013 [proto: 125/Skype][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] + 243 UDP 192.168.1.34:13021 -> 157.55.130.159:40016 [proto: 125/Skype][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] + 244 UDP 192.168.1.34:13021 -> 157.55.235.167:40029 [proto: 125/Skype][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] + 245 UDP 192.168.1.34:13021 -> 157.56.52.40:40017 [proto: 125/Skype][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] + 246 UDP 192.168.1.34:13021 -> 213.199.179.145:40024 [proto: 125/Skype][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] + 247 IGMP 192.168.1.219:0 -> 224.0.0.22:0 [proto: 82/IGMP][cat: Network/14][1 pkts/60 bytes -> 0 pkts/0 bytes] + 248 IGMP 192.168.1.219:0 -> 233.89.188.1:0 [proto: 82/IGMP][cat: Network/14][1 pkts/60 bytes -> 0 pkts/0 bytes] + 249 IGMP 192.168.1.229:0 -> 224.0.0.251:0 [proto: 82/IGMP][cat: Network/14][1 pkts/60 bytes -> 0 pkts/0 bytes] + 250 UDP 192.168.1.34:13021 -> 111.221.74.14:443 [proto: 125/Skype][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes] + 251 UDP 192.168.1.34:13021 -> 133.236.67.25:49195 [proto: 125/Skype][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes] + 252 UDP 192.168.1.34:13021 -> 157.55.235.141:443 [proto: 125/Skype][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes] + 253 UDP 192.168.1.34:13021 -> 189.138.161.88:19521 [proto: 125/Skype][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes] + 254 UDP 192.168.1.34:13021 -> 189.188.134.174:22436 [proto: 125/Skype][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes] + 255 IGMP 192.168.0.254:0 -> 224.0.0.1:0 [proto: 82/IGMP][cat: Network/14][1 pkts/46 bytes -> 0 pkts/0 bytes] Undetected flows: diff --git a/tests/result/smpp_in_general.pcap.out b/tests/result/smpp_in_general.pcap.out index 23a6f8f5d..816f080f7 100644 --- a/tests/result/smpp_in_general.pcap.out +++ b/tests/result/smpp_in_general.pcap.out @@ -1,3 +1,3 @@ SMPP 17 1144 1 - 1 TCP 10.226.202.118:1770 <-> 10.226.202.53:9000 [proto: 207/SMPP][cat: Download-FileTransfer-FileSharing][10 pkts/670 bytes <-> 7 pkts/474 bytes] + 1 TCP 10.226.202.118:1770 <-> 10.226.202.53:9000 [proto: 207/SMPP][cat: Download-FileTransfer-FileSharing/7][10 pkts/670 bytes <-> 7 pkts/474 bytes] diff --git a/tests/result/snapchat.pcap.out b/tests/result/snapchat.pcap.out index dd40de1b0..35183e642 100644 --- a/tests/result/snapchat.pcap.out +++ b/tests/result/snapchat.pcap.out @@ -1,6 +1,6 @@ SSL_No_Cert 22 2879 1 Snapchat 34 7320 2 - 1 TCP 10.8.0.1:56193 <-> 74.125.136.141:443 [proto: 91.199/SSL.Snapchat][cat: Chat][9 pkts/2290 bytes <-> 8 pkts/1653 bytes][client: feelinsonice-hrd.appspot.com] - 2 TCP 10.8.0.1:44536 <-> 74.125.136.141:443 [proto: 91.199/SSL.Snapchat][cat: Chat][9 pkts/2345 bytes <-> 8 pkts/1032 bytes][client: feelinsonice-hrd.appspot.com] - 3 TCP 10.8.0.1:33233 <-> 74.125.136.141:443 [proto: 64/SSL_No_Cert][cat: Web][11 pkts/1910 bytes <-> 11 pkts/969 bytes] + 1 TCP 10.8.0.1:56193 <-> 74.125.136.141:443 [proto: 91.199/SSL.Snapchat][cat: Chat/9][9 pkts/2290 bytes <-> 8 pkts/1653 bytes][client: feelinsonice-hrd.appspot.com] + 2 TCP 10.8.0.1:44536 <-> 74.125.136.141:443 [proto: 91.199/SSL.Snapchat][cat: Chat/9][9 pkts/2345 bytes <-> 8 pkts/1032 bytes][client: feelinsonice-hrd.appspot.com] + 3 TCP 10.8.0.1:33233 <-> 74.125.136.141:443 [proto: 64/SSL_No_Cert][cat: Web/5][11 pkts/1910 bytes <-> 11 pkts/969 bytes] diff --git a/tests/result/starcraft_battle.pcap.out b/tests/result/starcraft_battle.pcap.out index 67ee3177e..ee66db4dd 100644 --- a/tests/result/starcraft_battle.pcap.out +++ b/tests/result/starcraft_battle.pcap.out @@ -10,36 +10,36 @@ QUIC 6 475 1 Github 3 234 1 Starcraft 236 51494 6 - 1 TCP 192.168.1.100:3508 <-> 87.248.221.254:80 [proto: 7.60/HTTP.HTTP_Download][cat: Download-FileTransfer-FileSharing][90 pkts/5059 bytes <-> 89 pkts/129145 bytes][Host: llnw.blizzard.com] - 2 TCP 192.168.1.100:3517 <-> 213.248.127.130:1119 [proto: 213/Starcraft][cat: Game][126 pkts/9157 bytes <-> 89 pkts/41021 bytes] - 3 TCP 192.168.1.100:3527 <-> 2.228.46.112:80 [proto: 7/HTTP][cat: Web][15 pkts/971 bytes <-> 26 pkts/36462 bytes][Host: bnetcmsus-a.akamaihd.net] - 4 TCP 192.168.1.100:3528 <-> 2.228.46.112:80 [proto: 7/HTTP][cat: Web][11 pkts/755 bytes <-> 18 pkts/24350 bytes][Host: bnetcmsus-a.akamaihd.net] - 5 TCP 192.168.1.100:3529 <-> 2.228.46.112:80 [proto: 7/HTTP][cat: Web][11 pkts/752 bytes <-> 18 pkts/24350 bytes][Host: bnetcmsus-a.akamaihd.net] - 6 TCP 192.168.1.100:3530 <-> 2.228.46.112:80 [proto: 7/HTTP][cat: Web][11 pkts/752 bytes <-> 18 pkts/24350 bytes][Host: bnetcmsus-a.akamaihd.net] - 7 TCP 192.168.1.100:3531 <-> 2.228.46.112:80 [proto: 7/HTTP][cat: Web][11 pkts/752 bytes <-> 18 pkts/24350 bytes][Host: bnetcmsus-a.akamaihd.net] - 8 UDP 192.168.1.254:38605 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System][11 pkts/4984 bytes -> 0 pkts/0 bytes] - 9 TCP 192.168.1.100:3525 <-> 80.239.186.40:80 [proto: 7/HTTP][cat: Web][6 pkts/545 bytes <-> 6 pkts/3388 bytes][Host: eu.battle.net] - 10 TCP 192.168.1.100:3526 <-> 80.239.186.40:80 [proto: 7/HTTP][cat: Web][6 pkts/547 bytes <-> 5 pkts/3139 bytes][Host: eu.battle.net] - 11 TCP 192.168.1.100:3516 <-> 80.239.186.21:80 [proto: 7/HTTP][cat: Web][6 pkts/549 bytes <-> 6 pkts/3131 bytes][Host: eu.launcher.battle.net] - 12 TCP 192.168.1.100:3522 <-> 80.239.186.21:80 [proto: 7/HTTP][cat: Web][6 pkts/549 bytes <-> 5 pkts/3071 bytes][Host: eu.launcher.battle.net] - 13 TCP 192.168.1.100:3506 <-> 173.194.113.224:80 [proto: 7.126/HTTP.Google][cat: Web][5 pkts/632 bytes <-> 4 pkts/667 bytes][Host: www.google-analytics.com] - 14 TCP 192.168.1.100:3518 <-> 80.239.186.26:80 [proto: 7/HTTP][cat: Web][6 pkts/473 bytes <-> 4 pkts/753 bytes][Host: nydus.battle.net] - 15 TCP 192.168.1.100:3515 <-> 80.239.186.26:80 [proto: 7/HTTP][cat: Web][6 pkts/475 bytes <-> 4 pkts/749 bytes][Host: nydus.battle.net] - 16 TCP 192.168.1.100:3521 <-> 80.239.186.26:80 [proto: 7/HTTP][cat: Web][6 pkts/475 bytes <-> 4 pkts/749 bytes][Host: nydus.battle.net] - 17 TCP 192.168.1.100:3524 <-> 80.239.186.26:80 [proto: 7/HTTP][cat: Web][6 pkts/481 bytes <-> 4 pkts/733 bytes][Host: nydus.battle.net] - 18 TCP 192.168.1.100:3523 <-> 80.239.186.26:80 [proto: 7/HTTP][cat: Web][6 pkts/483 bytes <-> 4 pkts/725 bytes][Host: nydus.battle.net] - 19 TCP 192.168.1.100:3519 <-> 80.239.186.21:80 [proto: 7/HTTP][cat: Web][5 pkts/482 bytes <-> 4 pkts/497 bytes][Host: eu.launcher.battle.net] + 1 TCP 192.168.1.100:3508 <-> 87.248.221.254:80 [proto: 7.60/HTTP.HTTP_Download][cat: Download-FileTransfer-FileSharing/7][90 pkts/5059 bytes <-> 89 pkts/129145 bytes][Host: llnw.blizzard.com] + 2 TCP 192.168.1.100:3517 <-> 213.248.127.130:1119 [proto: 213/Starcraft][cat: Game/8][126 pkts/9157 bytes <-> 89 pkts/41021 bytes] + 3 TCP 192.168.1.100:3527 <-> 2.228.46.112:80 [proto: 7/HTTP][cat: Web/5][15 pkts/971 bytes <-> 26 pkts/36462 bytes][Host: bnetcmsus-a.akamaihd.net] + 4 TCP 192.168.1.100:3528 <-> 2.228.46.112:80 [proto: 7/HTTP][cat: Web/5][11 pkts/755 bytes <-> 18 pkts/24350 bytes][Host: bnetcmsus-a.akamaihd.net] + 5 TCP 192.168.1.100:3529 <-> 2.228.46.112:80 [proto: 7/HTTP][cat: Web/5][11 pkts/752 bytes <-> 18 pkts/24350 bytes][Host: bnetcmsus-a.akamaihd.net] + 6 TCP 192.168.1.100:3530 <-> 2.228.46.112:80 [proto: 7/HTTP][cat: Web/5][11 pkts/752 bytes <-> 18 pkts/24350 bytes][Host: bnetcmsus-a.akamaihd.net] + 7 TCP 192.168.1.100:3531 <-> 2.228.46.112:80 [proto: 7/HTTP][cat: Web/5][11 pkts/752 bytes <-> 18 pkts/24350 bytes][Host: bnetcmsus-a.akamaihd.net] + 8 UDP 192.168.1.254:38605 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][11 pkts/4984 bytes -> 0 pkts/0 bytes] + 9 TCP 192.168.1.100:3525 <-> 80.239.186.40:80 [proto: 7/HTTP][cat: Web/5][6 pkts/545 bytes <-> 6 pkts/3388 bytes][Host: eu.battle.net] + 10 TCP 192.168.1.100:3526 <-> 80.239.186.40:80 [proto: 7/HTTP][cat: Web/5][6 pkts/547 bytes <-> 5 pkts/3139 bytes][Host: eu.battle.net] + 11 TCP 192.168.1.100:3516 <-> 80.239.186.21:80 [proto: 7/HTTP][cat: Web/5][6 pkts/549 bytes <-> 6 pkts/3131 bytes][Host: eu.launcher.battle.net] + 12 TCP 192.168.1.100:3522 <-> 80.239.186.21:80 [proto: 7/HTTP][cat: Web/5][6 pkts/549 bytes <-> 5 pkts/3071 bytes][Host: eu.launcher.battle.net] + 13 TCP 192.168.1.100:3506 <-> 173.194.113.224:80 [proto: 7.126/HTTP.Google][cat: Web/5][5 pkts/632 bytes <-> 4 pkts/667 bytes][Host: www.google-analytics.com] + 14 TCP 192.168.1.100:3518 <-> 80.239.186.26:80 [proto: 7/HTTP][cat: Web/5][6 pkts/473 bytes <-> 4 pkts/753 bytes][Host: nydus.battle.net] + 15 TCP 192.168.1.100:3515 <-> 80.239.186.26:80 [proto: 7/HTTP][cat: Web/5][6 pkts/475 bytes <-> 4 pkts/749 bytes][Host: nydus.battle.net] + 16 TCP 192.168.1.100:3521 <-> 80.239.186.26:80 [proto: 7/HTTP][cat: Web/5][6 pkts/475 bytes <-> 4 pkts/749 bytes][Host: nydus.battle.net] + 17 TCP 192.168.1.100:3524 <-> 80.239.186.26:80 [proto: 7/HTTP][cat: Web/5][6 pkts/481 bytes <-> 4 pkts/733 bytes][Host: nydus.battle.net] + 18 TCP 192.168.1.100:3523 <-> 80.239.186.26:80 [proto: 7/HTTP][cat: Web/5][6 pkts/483 bytes <-> 4 pkts/725 bytes][Host: nydus.battle.net] + 19 TCP 192.168.1.100:3519 <-> 80.239.186.21:80 [proto: 7/HTTP][cat: Web/5][5 pkts/482 bytes <-> 4 pkts/497 bytes][Host: eu.launcher.battle.net] 20 TCP 192.168.1.100:3427 <-> 80.239.208.193:1119 [proto: 213/Starcraft][6 pkts/376 bytes <-> 7 pkts/526 bytes] - 21 TCP 192.168.1.100:3512 <-> 12.129.222.54:80 [proto: 7.76/HTTP.WorldOfWarcraft][cat: Game][5 pkts/367 bytes <-> 4 pkts/513 bytes][Host: us.scan.worldofwarcraft.com] - 22 UDP 192.168.1.100:55468 <-> 192.168.1.254:53 [proto: 5/DNS][cat: Network][2 pkts/168 bytes <-> 2 pkts/388 bytes][Host: bnetcmsus-a.akamaihd.net] - 23 UDP 173.194.40.22:443 <-> 192.168.1.100:53568 [proto: 188/QUIC][cat: Web][3 pkts/243 bytes <-> 3 pkts/232 bytes] - 24 UDP 192.168.1.100:58851 <-> 192.168.1.254:53 [proto: 5/DNS][cat: Network][2 pkts/173 bytes <-> 2 pkts/282 bytes][Host: 22.40.194.173.in-addr.arpa] - 25 UDP 192.168.1.100:60026 <-> 192.168.1.254:53 [proto: 5/DNS][cat: Network][2 pkts/154 bytes <-> 2 pkts/288 bytes][Host: llnw.blizzard.com] - 26 UDP 192.168.1.100:58818 <-> 192.168.1.254:53 [proto: 5/DNS][cat: Network][2 pkts/172 bytes <-> 2 pkts/260 bytes][Host: 91.252.30.192.in-addr.arpa] - 27 UDP 192.168.1.100:58831 <-> 192.168.1.254:53 [proto: 5/DNS][cat: Network][2 pkts/172 bytes <-> 2 pkts/245 bytes][Host: 254.1.168.192.in-addr.arpa] + 21 TCP 192.168.1.100:3512 <-> 12.129.222.54:80 [proto: 7.76/HTTP.WorldOfWarcraft][cat: Game/8][5 pkts/367 bytes <-> 4 pkts/513 bytes][Host: us.scan.worldofwarcraft.com] + 22 UDP 192.168.1.100:55468 <-> 192.168.1.254:53 [proto: 5/DNS][cat: Network/14][2 pkts/168 bytes <-> 2 pkts/388 bytes][Host: bnetcmsus-a.akamaihd.net] + 23 UDP 173.194.40.22:443 <-> 192.168.1.100:53568 [proto: 188/QUIC][cat: Web/5][3 pkts/243 bytes <-> 3 pkts/232 bytes] + 24 UDP 192.168.1.100:58851 <-> 192.168.1.254:53 [proto: 5/DNS][cat: Network/14][2 pkts/173 bytes <-> 2 pkts/282 bytes][Host: 22.40.194.173.in-addr.arpa] + 25 UDP 192.168.1.100:60026 <-> 192.168.1.254:53 [proto: 5/DNS][cat: Network/14][2 pkts/154 bytes <-> 2 pkts/288 bytes][Host: llnw.blizzard.com] + 26 UDP 192.168.1.100:58818 <-> 192.168.1.254:53 [proto: 5/DNS][cat: Network/14][2 pkts/172 bytes <-> 2 pkts/260 bytes][Host: 91.252.30.192.in-addr.arpa] + 27 UDP 192.168.1.100:58831 <-> 192.168.1.254:53 [proto: 5/DNS][cat: Network/14][2 pkts/172 bytes <-> 2 pkts/245 bytes][Host: 254.1.168.192.in-addr.arpa] 28 TCP 192.168.1.100:3532 <-> 2.228.46.112:80 [proto: 7/HTTP][3 pkts/320 bytes <-> 1 pkts/66 bytes][Host: bnetcmsus-a.akamaihd.net] 29 TCP 192.168.1.100:3533 <-> 2.228.46.112:80 [proto: 7/HTTP][3 pkts/320 bytes <-> 1 pkts/66 bytes][Host: bnetcmsus-a.akamaihd.net] - 30 UDP 192.168.1.100:53145 <-> 192.168.1.254:53 [proto: 5/DNS][cat: Network][2 pkts/152 bytes <-> 2 pkts/184 bytes][Host: nydus.battle.net] + 30 UDP 192.168.1.100:53145 <-> 192.168.1.254:53 [proto: 5/DNS][cat: Network/14][2 pkts/152 bytes <-> 2 pkts/184 bytes][Host: nydus.battle.net] 31 TCP 192.168.1.100:3479 <-> 2.228.46.114:443 [proto: 91/SSL][2 pkts/108 bytes <-> 2 pkts/167 bytes] 32 TCP 192.168.1.100:3480 <-> 2.228.46.114:443 [proto: 91/SSL][2 pkts/108 bytes <-> 2 pkts/167 bytes] 33 TCP 192.168.1.100:3481 <-> 2.228.46.114:443 [proto: 91/SSL][2 pkts/108 bytes <-> 2 pkts/167 bytes] @@ -50,11 +50,11 @@ Starcraft 236 51494 6 38 TCP 192.168.1.100:3492 <-> 2.228.46.104:443 [proto: 91/SSL][2 pkts/108 bytes <-> 2 pkts/167 bytes] 39 TCP 192.30.252.91:443 <-> 192.168.1.100:3213 [proto: 91.203/SSL.Github][2 pkts/145 bytes <-> 1 pkts/89 bytes] 40 TCP 192.168.1.100:3486 <-> 199.38.164.156:443 [proto: 91/SSL][2 pkts/108 bytes <-> 2 pkts/120 bytes] - 41 UDP 192.168.1.100:58844 <-> 192.168.1.254:53 [proto: 5/DNS][cat: Network][1 pkts/86 bytes <-> 1 pkts/124 bytes][Host: 40.186.239.80.in-addr.arpa] + 41 UDP 192.168.1.100:58844 <-> 192.168.1.254:53 [proto: 5/DNS][cat: Network/14][1 pkts/86 bytes <-> 1 pkts/124 bytes][Host: 40.186.239.80.in-addr.arpa] 42 TCP 192.168.1.100:3484 <-> 173.194.113.224:443 [proto: 91.126/SSL.Google][2 pkts/108 bytes <-> 1 pkts/60 bytes] 43 TCP 192.168.1.100:2759 <-> 64.233.184.188:5228 [proto: 126/Google][1 pkts/55 bytes <-> 1 pkts/66 bytes] 44 TCP 192.168.1.100:3052 <-> 216.58.212.110:443 [proto: 91.126/SSL.Google][1 pkts/55 bytes <-> 1 pkts/66 bytes] - 45 IGMP 192.168.1.107:0 -> 224.0.0.22:0 [proto: 82/IGMP][cat: Network][2 pkts/120 bytes -> 0 pkts/0 bytes] + 45 IGMP 192.168.1.107:0 -> 224.0.0.22:0 [proto: 82/IGMP][cat: Network/14][2 pkts/120 bytes -> 0 pkts/0 bytes] 46 UDP 192.168.1.100:53146 <-> 5.42.180.154:1119 [proto: 213/Starcraft][1 pkts/44 bytes <-> 1 pkts/60 bytes] 47 UDP 192.168.1.100:53146 <-> 62.115.246.51:1119 [proto: 213/Starcraft][1 pkts/44 bytes <-> 1 pkts/60 bytes] 48 UDP 192.168.1.100:6113 <-> 213.248.127.166:1119 [proto: 213/Starcraft][1 pkts/43 bytes <-> 1 pkts/60 bytes] diff --git a/tests/result/tinc.pcap.out b/tests/result/tinc.pcap.out index 41ccda23a..297bb051e 100644 --- a/tests/result/tinc.pcap.out +++ b/tests/result/tinc.pcap.out @@ -1,6 +1,6 @@ TINC 317 352291 4 - 1 UDP 185.83.218.112:55656 <-> 131.114.168.27:55656 [proto: 209/TINC][cat: VPN][29 pkts/30038 bytes <-> 105 pkts/139726 bytes] - 2 UDP 131.114.168.27:55655 <-> 185.83.218.112:55655 [proto: 209/TINC][cat: VPN][101 pkts/136966 bytes <-> 29 pkts/32550 bytes] - 3 TCP 131.114.168.27:49290 <-> 185.83.218.112:55656 [proto: 209/TINC][cat: VPN][14 pkts/3812 bytes <-> 13 pkts/3098 bytes] - 4 TCP 131.114.168.27:59244 <-> 185.83.218.112:55655 [proto: 209/TINC][cat: VPN][15 pkts/3169 bytes <-> 11 pkts/2932 bytes] + 1 UDP 185.83.218.112:55656 <-> 131.114.168.27:55656 [proto: 209/TINC][cat: VPN/2][29 pkts/30038 bytes <-> 105 pkts/139726 bytes] + 2 UDP 131.114.168.27:55655 <-> 185.83.218.112:55655 [proto: 209/TINC][cat: VPN/2][101 pkts/136966 bytes <-> 29 pkts/32550 bytes] + 3 TCP 131.114.168.27:49290 <-> 185.83.218.112:55656 [proto: 209/TINC][cat: VPN/2][14 pkts/3812 bytes <-> 13 pkts/3098 bytes] + 4 TCP 131.114.168.27:59244 <-> 185.83.218.112:55655 [proto: 209/TINC][cat: VPN/2][15 pkts/3169 bytes <-> 11 pkts/2932 bytes] diff --git a/tests/result/tor.pcap.out b/tests/result/tor.pcap.out index 0ce97d417..2cd7fd1da 100644 --- a/tests/result/tor.pcap.out +++ b/tests/result/tor.pcap.out @@ -4,14 +4,14 @@ DHCPV6 6 906 1 Dropbox 10 1860 1 Tor 3676 3014362 7 - 1 TCP 192.168.1.252:51176 <-> 38.229.70.53:443 [proto: 163/Tor][cat: VPN][693 pkts/181364 bytes <-> 1133 pkts/1331914 bytes] - 2 TCP 192.168.1.252:51112 <-> 38.229.70.53:443 [proto: 163/Tor][cat: VPN][580 pkts/145960 bytes <-> 996 pkts/1242832 bytes] - 3 TCP 192.168.1.252:51110 <-> 91.143.93.242:443 [proto: 163/Tor][cat: VPN][62 pkts/22715 bytes <-> 79 pkts/45823 bytes] - 4 TCP 192.168.1.252:51175 <-> 91.143.93.242:443 [proto: 163/Tor][cat: VPN][17 pkts/5489 bytes <-> 21 pkts/7031 bytes] - 5 TCP 192.168.1.252:51111 <-> 46.59.52.31:443 [proto: 163/Tor][cat: VPN][16 pkts/4858 bytes <-> 18 pkts/6284 bytes] - 6 TCP 192.168.1.252:51174 <-> 212.83.155.250:443 [proto: 163/Tor][cat: VPN][16 pkts/3691 bytes <-> 16 pkts/6740 bytes] - 7 TCP 192.168.1.252:51185 <-> 62.210.137.230:443 [proto: 163/Tor][cat: VPN][15 pkts/3634 bytes <-> 14 pkts/6027 bytes] - 8 UDP 192.168.1.1:17500 -> 192.168.1.255:17500 [proto: 121/Dropbox][cat: Cloud][10 pkts/1860 bytes -> 0 pkts/0 bytes] - 9 UDP [fe80::c583:1972:5728:7323]:546 -> [ff02::1:2]:547 [proto: 103/DHCPV6][cat: Network][6 pkts/906 bytes -> 0 pkts/0 bytes] - 10 UDP 192.168.1.252:138 -> 192.168.1.255:138 [proto: 10/NetBIOS][cat: System][1 pkts/252 bytes -> 0 pkts/0 bytes] + 1 TCP 192.168.1.252:51176 <-> 38.229.70.53:443 [proto: 163/Tor][cat: VPN/2][693 pkts/181364 bytes <-> 1133 pkts/1331914 bytes] + 2 TCP 192.168.1.252:51112 <-> 38.229.70.53:443 [proto: 163/Tor][cat: VPN/2][580 pkts/145960 bytes <-> 996 pkts/1242832 bytes] + 3 TCP 192.168.1.252:51110 <-> 91.143.93.242:443 [proto: 163/Tor][cat: VPN/2][62 pkts/22715 bytes <-> 79 pkts/45823 bytes] + 4 TCP 192.168.1.252:51175 <-> 91.143.93.242:443 [proto: 163/Tor][cat: VPN/2][17 pkts/5489 bytes <-> 21 pkts/7031 bytes] + 5 TCP 192.168.1.252:51111 <-> 46.59.52.31:443 [proto: 163/Tor][cat: VPN/2][16 pkts/4858 bytes <-> 18 pkts/6284 bytes] + 6 TCP 192.168.1.252:51174 <-> 212.83.155.250:443 [proto: 163/Tor][cat: VPN/2][16 pkts/3691 bytes <-> 16 pkts/6740 bytes] + 7 TCP 192.168.1.252:51185 <-> 62.210.137.230:443 [proto: 163/Tor][cat: VPN/2][15 pkts/3634 bytes <-> 14 pkts/6027 bytes] + 8 UDP 192.168.1.1:17500 -> 192.168.1.255:17500 [proto: 121/Dropbox][cat: Cloud/13][10 pkts/1860 bytes -> 0 pkts/0 bytes] + 9 UDP [fe80::c583:1972:5728:7323]:546 -> [ff02::1:2]:547 [proto: 103/DHCPV6][cat: Network/14][6 pkts/906 bytes -> 0 pkts/0 bytes] + 10 UDP 192.168.1.252:138 -> 192.168.1.255:138 [proto: 10/NetBIOS][cat: System/18][1 pkts/252 bytes -> 0 pkts/0 bytes] 11 TCP 192.168.1.252:51104 -> 157.56.30.46:443 [proto: 91/SSL][1 pkts/60 bytes -> 0 pkts/0 bytes] diff --git a/tests/result/ubntac2.pcap.out b/tests/result/ubntac2.pcap.out index bc1f8ab46..bd20ba3e9 100644 --- a/tests/result/ubntac2.pcap.out +++ b/tests/result/ubntac2.pcap.out @@ -1,10 +1,10 @@ UBNTAC2 8 1736 8 - 1 UDP 192.168.1.1:34085 -> 255.255.255.255:10001 [proto: 31/UBNTAC2][cat: Network][1 pkts/217 bytes -> 0 pkts/0 bytes][UniFiSecurityGateway.ER-e120.v4.3.33.4936086.161203.2031] - 2 UDP 192.168.1.1:42838 -> 255.255.255.255:10001 [proto: 31/UBNTAC2][cat: Network][1 pkts/217 bytes -> 0 pkts/0 bytes][UniFiSecurityGateway.ER-e120.v4.3.33.4936086.161203.2031] - 3 UDP 192.168.1.1:44641 -> 255.255.255.255:10001 [proto: 31/UBNTAC2][cat: Network][1 pkts/217 bytes -> 0 pkts/0 bytes][UniFiSecurityGateway.ER-e120.v4.3.33.4936086.161203.2031] - 4 UDP 192.168.1.1:47746 -> 255.255.255.255:10001 [proto: 31/UBNTAC2][cat: Network][1 pkts/217 bytes -> 0 pkts/0 bytes][UniFiSecurityGateway.ER-e120.v4.3.33.4936086.161203.2031] - 5 UDP 192.168.1.1:47871 -> 255.255.255.255:10001 [proto: 31/UBNTAC2][cat: Network][1 pkts/217 bytes -> 0 pkts/0 bytes][UniFiSecurityGateway.ER-e120.v4.3.33.4936086.161203.2031] - 6 UDP 192.168.1.1:52220 -> 255.255.255.255:10001 [proto: 31/UBNTAC2][cat: Network][1 pkts/217 bytes -> 0 pkts/0 bytes][UniFiSecurityGateway.ER-e120.v4.3.33.4936086.161203.2031] - 7 UDP 192.168.1.1:55321 -> 255.255.255.255:10001 [proto: 31/UBNTAC2][cat: Network][1 pkts/217 bytes -> 0 pkts/0 bytes][UniFiSecurityGateway.ER-e120.v4.3.33.4936086.161203.2031] - 8 UDP 192.168.1.1:59772 -> 255.255.255.255:10001 [proto: 31/UBNTAC2][cat: Network][1 pkts/217 bytes -> 0 pkts/0 bytes][UniFiSecurityGateway.ER-e120.v4.3.33.4936086.161203.2031] + 1 UDP 192.168.1.1:34085 -> 255.255.255.255:10001 [proto: 31/UBNTAC2][cat: Network/14][1 pkts/217 bytes -> 0 pkts/0 bytes][UniFiSecurityGateway.ER-e120.v4.3.33.4936086.161203.2031] + 2 UDP 192.168.1.1:42838 -> 255.255.255.255:10001 [proto: 31/UBNTAC2][cat: Network/14][1 pkts/217 bytes -> 0 pkts/0 bytes][UniFiSecurityGateway.ER-e120.v4.3.33.4936086.161203.2031] + 3 UDP 192.168.1.1:44641 -> 255.255.255.255:10001 [proto: 31/UBNTAC2][cat: Network/14][1 pkts/217 bytes -> 0 pkts/0 bytes][UniFiSecurityGateway.ER-e120.v4.3.33.4936086.161203.2031] + 4 UDP 192.168.1.1:47746 -> 255.255.255.255:10001 [proto: 31/UBNTAC2][cat: Network/14][1 pkts/217 bytes -> 0 pkts/0 bytes][UniFiSecurityGateway.ER-e120.v4.3.33.4936086.161203.2031] + 5 UDP 192.168.1.1:47871 -> 255.255.255.255:10001 [proto: 31/UBNTAC2][cat: Network/14][1 pkts/217 bytes -> 0 pkts/0 bytes][UniFiSecurityGateway.ER-e120.v4.3.33.4936086.161203.2031] + 6 UDP 192.168.1.1:52220 -> 255.255.255.255:10001 [proto: 31/UBNTAC2][cat: Network/14][1 pkts/217 bytes -> 0 pkts/0 bytes][UniFiSecurityGateway.ER-e120.v4.3.33.4936086.161203.2031] + 7 UDP 192.168.1.1:55321 -> 255.255.255.255:10001 [proto: 31/UBNTAC2][cat: Network/14][1 pkts/217 bytes -> 0 pkts/0 bytes][UniFiSecurityGateway.ER-e120.v4.3.33.4936086.161203.2031] + 8 UDP 192.168.1.1:59772 -> 255.255.255.255:10001 [proto: 31/UBNTAC2][cat: Network/14][1 pkts/217 bytes -> 0 pkts/0 bytes][UniFiSecurityGateway.ER-e120.v4.3.33.4936086.161203.2031] diff --git a/tests/result/viber.pcap.out b/tests/result/viber.pcap.out index 99b02a029..5d2f07f10 100644 --- a/tests/result/viber.pcap.out +++ b/tests/result/viber.pcap.out @@ -8,29 +8,29 @@ Google 2 164 1 Viber 268 99524 9 QUIC 3 194 1 - 1 TCP 192.168.0.17:53934 <-> 54.230.93.53:443 [proto: 91.144/SSL.Viber][cat: Chat][43 pkts/4571 bytes <-> 46 pkts/60087 bytes][client: dl-media.viber.com][server: *.viber.com] - 2 TCP 192.168.0.17:57520 <-> 54.230.93.96:443 [proto: 91.144/SSL.Viber][cat: Chat][12 pkts/1848 bytes <-> 12 pkts/9317 bytes][client: media.cdn.viber.com][server: *.cdn.viber.com] - 3 TCP 192.168.0.17:49048 <-> 54.187.91.182:443 [proto: 91/SSL][cat: Web][13 pkts/2823 bytes <-> 14 pkts/6552 bytes][client: brahe.apptimize.com][server: *.apptimize.com] + 1 TCP 192.168.0.17:53934 <-> 54.230.93.53:443 [proto: 91.144/SSL.Viber][cat: Chat/9][43 pkts/4571 bytes <-> 46 pkts/60087 bytes][client: dl-media.viber.com][server: *.viber.com] + 2 TCP 192.168.0.17:57520 <-> 54.230.93.96:443 [proto: 91.144/SSL.Viber][cat: Chat/9][12 pkts/1848 bytes <-> 12 pkts/9317 bytes][client: media.cdn.viber.com][server: *.cdn.viber.com] + 3 TCP 192.168.0.17:49048 <-> 54.187.91.182:443 [proto: 91/SSL][cat: Web/5][13 pkts/2823 bytes <-> 14 pkts/6552 bytes][client: brahe.apptimize.com][server: *.apptimize.com] 4 TCP 192.168.0.17:33208 <-> 52.0.253.101:4244 [proto: 144/Viber][32 pkts/6563 bytes <-> 26 pkts/2782 bytes] - 5 TCP 192.168.0.17:43702 <-> 172.217.23.78:443 [proto: 91/SSL][cat: Web][15 pkts/5339 bytes <-> 12 pkts/3436 bytes][client: app-measurement.com] - 6 TCP 192.168.0.17:36986 <-> 54.69.166.226:443 [proto: 91/SSL][cat: Web][11 pkts/1437 bytes <-> 11 pkts/6412 bytes][client: mapi.apptimize.com][server: *.apptimize.com] - 7 TCP 192.168.0.17:55746 <-> 151.101.1.130:443 [proto: 91/SSL][cat: Web][10 pkts/1534 bytes <-> 9 pkts/6239 bytes][client: venetia.iad.appboy.com][server: y.ssl.fastly.net] - 8 TCP 192.168.0.17:36988 <-> 54.69.166.226:443 [proto: 91/SSL][cat: Web][11 pkts/1462 bytes <-> 11 pkts/6163 bytes][client: mapi.apptimize.com][server: *.apptimize.com] + 5 TCP 192.168.0.17:43702 <-> 172.217.23.78:443 [proto: 91/SSL][cat: Web/5][15 pkts/5339 bytes <-> 12 pkts/3436 bytes][client: app-measurement.com] + 6 TCP 192.168.0.17:36986 <-> 54.69.166.226:443 [proto: 91/SSL][cat: Web/5][11 pkts/1437 bytes <-> 11 pkts/6412 bytes][client: mapi.apptimize.com][server: *.apptimize.com] + 7 TCP 192.168.0.17:55746 <-> 151.101.1.130:443 [proto: 91/SSL][cat: Web/5][10 pkts/1534 bytes <-> 9 pkts/6239 bytes][client: venetia.iad.appboy.com][server: y.ssl.fastly.net] + 8 TCP 192.168.0.17:36988 <-> 54.69.166.226:443 [proto: 91/SSL][cat: Web/5][11 pkts/1462 bytes <-> 11 pkts/6163 bytes][client: mapi.apptimize.com][server: *.apptimize.com] 9 UDP 192.168.0.17:47171 <-> 18.201.4.32:7985 [proto: 144/Viber][24 pkts/5035 bytes <-> 22 pkts/2302 bytes] 10 UDP 192.168.0.17:38190 <-> 18.201.4.3:7985 [proto: 144/Viber][25 pkts/4344 bytes <-> 18 pkts/1872 bytes] - 11 ICMP 192.168.0.17:0 <-> 192.168.0.15:0 [proto: 81/ICMP][cat: Network][1 pkts/1514 bytes <-> 1 pkts/1514 bytes] - 12 UDP 192.168.0.17:62872 <-> 192.168.0.15:53 [proto: 5/DNS][cat: Network][1 pkts/78 bytes <-> 1 pkts/373 bytes][Host: mapi.apptimize.com] + 11 ICMP 192.168.0.17:0 <-> 192.168.0.15:0 [proto: 81/ICMP][cat: Network/14][1 pkts/1514 bytes <-> 1 pkts/1514 bytes] + 12 UDP 192.168.0.17:62872 <-> 192.168.0.15:53 [proto: 5/DNS][cat: Network/14][1 pkts/78 bytes <-> 1 pkts/373 bytes][Host: mapi.apptimize.com] 13 TCP 192.168.0.17:33744 <-> 18.201.4.3:443 [proto: 91/SSL][4 pkts/272 bytes <-> 2 pkts/140 bytes] 14 TCP 192.168.0.17:45424 <-> 18.201.4.32:443 [proto: 91/SSL][4 pkts/272 bytes <-> 2 pkts/140 bytes] - 15 UDP 192.168.0.17:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network][4 pkts/412 bytes -> 0 pkts/0 bytes] - 16 UDP 192.168.0.17:35283 <-> 192.168.0.15:53 [proto: 5/DNS][cat: Network][1 pkts/74 bytes <-> 1 pkts/303 bytes][Host: app.adjust.com] - 17 UDP 192.168.0.17:45743 <-> 192.168.0.15:53 [proto: 5.119/DNS.Facebook][cat: SocialNetwork][1 pkts/78 bytes <-> 1 pkts/203 bytes][Host: graph.facebook.com] - 18 UDP 192.168.0.17:44376 <-> 192.168.0.15:53 [proto: 5/DNS][cat: Network][1 pkts/82 bytes <-> 1 pkts/183 bytes][Host: venetia.iad.appboy.com] - 19 UDP 192.168.0.17:37418 <-> 192.168.0.15:53 [proto: 5.144/DNS.Viber][cat: Chat][1 pkts/79 bytes <-> 1 pkts/185 bytes][Host: media.cdn.viber.com] - 20 UDP 192.168.0.17:40445 <-> 192.168.0.15:53 [proto: 5.144/DNS.Viber][cat: Chat][1 pkts/78 bytes <-> 1 pkts/185 bytes][Host: dl-media.viber.com] - 21 UDP 192.168.0.17:41993 <-> 172.217.23.106:443 [proto: 188/QUIC][cat: Web][2 pkts/130 bytes <-> 1 pkts/64 bytes] - 22 UDP 192.168.0.17:35331 <-> 192.168.0.15:53 [proto: 5/DNS][cat: Network][1 pkts/79 bytes <-> 1 pkts/95 bytes][Host: app-measurement.com] - 23 UDP 192.168.0.17:50097 <-> 192.168.0.15:53 [proto: 5.126/DNS.Google][cat: Web][1 pkts/74 bytes <-> 1 pkts/90 bytes][Host: www.google.com] - 24 ICMPV6 [fe80::3207:4dff:fea3:5fa7]:0 -> [ff02::2]:0 [proto: 102/ICMPV6][cat: Network][2 pkts/140 bytes -> 0 pkts/0 bytes] + 15 UDP 192.168.0.17:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network/14][4 pkts/412 bytes -> 0 pkts/0 bytes] + 16 UDP 192.168.0.17:35283 <-> 192.168.0.15:53 [proto: 5/DNS][cat: Network/14][1 pkts/74 bytes <-> 1 pkts/303 bytes][Host: app.adjust.com] + 17 UDP 192.168.0.17:45743 <-> 192.168.0.15:53 [proto: 5.119/DNS.Facebook][cat: SocialNetwork/6][1 pkts/78 bytes <-> 1 pkts/203 bytes][Host: graph.facebook.com] + 18 UDP 192.168.0.17:44376 <-> 192.168.0.15:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes <-> 1 pkts/183 bytes][Host: venetia.iad.appboy.com] + 19 UDP 192.168.0.17:37418 <-> 192.168.0.15:53 [proto: 5.144/DNS.Viber][cat: Chat/9][1 pkts/79 bytes <-> 1 pkts/185 bytes][Host: media.cdn.viber.com] + 20 UDP 192.168.0.17:40445 <-> 192.168.0.15:53 [proto: 5.144/DNS.Viber][cat: Chat/9][1 pkts/78 bytes <-> 1 pkts/185 bytes][Host: dl-media.viber.com] + 21 UDP 192.168.0.17:41993 <-> 172.217.23.106:443 [proto: 188/QUIC][cat: Web/5][2 pkts/130 bytes <-> 1 pkts/64 bytes] + 22 UDP 192.168.0.17:35331 <-> 192.168.0.15:53 [proto: 5/DNS][cat: Network/14][1 pkts/79 bytes <-> 1 pkts/95 bytes][Host: app-measurement.com] + 23 UDP 192.168.0.17:50097 <-> 192.168.0.15:53 [proto: 5.126/DNS.Google][cat: Web/5][1 pkts/74 bytes <-> 1 pkts/90 bytes][Host: www.google.com] + 24 ICMPV6 [fe80::3207:4dff:fea3:5fa7]:0 -> [ff02::2]:0 [proto: 102/ICMPV6][cat: Network/14][2 pkts/140 bytes -> 0 pkts/0 bytes] 25 UDP 192.168.0.17:38190 <-> 18.201.4.3:7987 [proto: 144/Viber][1 pkts/76 bytes <-> 1 pkts/62 bytes] 26 UDP 192.168.0.17:47171 <-> 18.201.4.32:7987 [proto: 144/Viber][1 pkts/76 bytes <-> 1 pkts/62 bytes] diff --git a/tests/result/vnc.pcap.out b/tests/result/vnc.pcap.out index 8f1e321a5..26b58b971 100644 --- a/tests/result/vnc.pcap.out +++ b/tests/result/vnc.pcap.out @@ -1,4 +1,4 @@ VNC 4551 329158 2 - 1 TCP 95.237.48.208:59791 <-> 192.168.2.110:6900 [proto: 89/VNC][cat: RemoteAccess][2485 pkts/199101 bytes <-> 1058 pkts/57444 bytes] - 2 TCP 95.237.48.208:51559 <-> 192.168.2.110:6900 [proto: 89/VNC][cat: RemoteAccess][684 pkts/54893 bytes <-> 324 pkts/17720 bytes] + 1 TCP 95.237.48.208:59791 <-> 192.168.2.110:6900 [proto: 89/VNC][cat: RemoteAccess/12][2485 pkts/199101 bytes <-> 1058 pkts/57444 bytes] + 2 TCP 95.237.48.208:51559 <-> 192.168.2.110:6900 [proto: 89/VNC][cat: RemoteAccess/12][684 pkts/54893 bytes <-> 324 pkts/17720 bytes] diff --git a/tests/result/waze.pcap.out b/tests/result/waze.pcap.out index 6c87a3ce9..8bf4d88fc 100644 --- a/tests/result/waze.pcap.out +++ b/tests/result/waze.pcap.out @@ -7,28 +7,28 @@ SSL 8 432 2 Waze 484 289335 19 WhatsApp 15 1341 1 - 1 TCP 10.8.0.1:36100 <-> 46.51.173.182:443 [proto: 91.135/SSL.Waze][cat: Web][52 pkts/10860 bytes <-> 55 pkts/74852 bytes][server: *.world.waze.com] - 2 TCP 10.8.0.1:54915 <-> 65.39.128.135:80 [proto: 7.60/HTTP.HTTP_Download][cat: Download-FileTransfer-FileSharing][19 pkts/1309 bytes <-> 18 pkts/61896 bytes][Host: xtra1.gpsonextra.net] - 3 TCP 10.8.0.1:39021 <-> 52.17.114.219:443 [proto: 91.135/SSL.Waze][cat: Web][17 pkts/1962 bytes <-> 16 pkts/56934 bytes][server: *.world.waze.com] - 4 TCP 10.8.0.1:36312 <-> 176.34.186.180:443 [proto: 91.135/SSL.Waze][cat: Web][17 pkts/2176 bytes <-> 15 pkts/42443 bytes][server: *.world.waze.com] - 5 TCP 10.8.0.1:36316 <-> 176.34.186.180:443 [proto: 91.135/SSL.Waze][cat: Web][15 pkts/1540 bytes <-> 13 pkts/26346 bytes][server: *.world.waze.com] - 6 TCP 10.8.0.1:36102 <-> 46.51.173.182:443 [proto: 91.135/SSL.Waze][cat: Web][19 pkts/2646 bytes <-> 18 pkts/9338 bytes][server: *.world.waze.com] - 7 TCP 10.8.0.1:39010 <-> 52.17.114.219:443 [proto: 91.135/SSL.Waze][cat: Web][8 pkts/1034 bytes <-> 8 pkts/8151 bytes][server: *.world.waze.com] - 8 TCP 10.8.0.1:51049 <-> 176.34.103.105:443 [proto: 91.135/SSL.Waze][cat: Web][12 pkts/1282 bytes <-> 11 pkts/6541 bytes][server: *.waze.com] - 9 TCP 10.8.0.1:51051 <-> 176.34.103.105:443 [proto: 91.135/SSL.Waze][cat: Web][11 pkts/1228 bytes <-> 10 pkts/6487 bytes][server: *.waze.com] - 10 TCP 10.8.0.1:36134 <-> 46.51.173.182:443 [proto: 91.135/SSL.Waze][cat: Web][12 pkts/1650 bytes <-> 12 pkts/4935 bytes][server: *.world.waze.com] - 11 TCP 10.8.0.1:36137 <-> 46.51.173.182:443 [proto: 91.135/SSL.Waze][cat: Web][12 pkts/1522 bytes <-> 11 pkts/4220 bytes][server: *.world.waze.com] - 12 TCP 10.8.0.1:36314 <-> 176.34.186.180:443 [proto: 91.135/SSL.Waze][cat: Web][11 pkts/1260 bytes <-> 9 pkts/4413 bytes][server: *.world.waze.com] - 13 TCP 10.8.0.1:51050 <-> 176.34.103.105:443 [proto: 91.135/SSL.Waze][cat: Web][9 pkts/1184 bytes <-> 9 pkts/4369 bytes][server: *.waze.com] - 14 TCP 10.8.0.1:45529 <-> 54.230.227.172:80 [proto: 7.135/HTTP.Waze][cat: Web][9 pkts/591 bytes <-> 8 pkts/3424 bytes][Host: roadshields.waze.com] - 15 TCP 10.8.0.1:36585 <-> 173.194.118.48:443 [proto: 64/SSL_No_Cert][cat: Web][7 pkts/1137 bytes <-> 6 pkts/1005 bytes] - 16 TCP 10.8.0.1:45536 <-> 54.230.227.172:80 [proto: 7.135/HTTP.Waze][cat: Web][8 pkts/594 bytes <-> 7 pkts/771 bytes][Host: cres.waze.com] - 17 TCP 10.8.0.1:50828 <-> 108.168.176.228:443 [proto: 142/WhatsApp][cat: Chat][8 pkts/673 bytes <-> 7 pkts/668 bytes] - 18 TCP 10.8.0.1:45546 <-> 54.230.227.172:80 [proto: 7.135/HTTP.Waze][cat: Web][7 pkts/557 bytes <-> 7 pkts/771 bytes][Host: cres.waze.com] - 19 TCP 10.8.0.1:45538 <-> 54.230.227.172:80 [proto: 7.135/HTTP.Waze][cat: Web][7 pkts/555 bytes <-> 7 pkts/771 bytes][Host: cres.waze.com] - 20 TCP 10.8.0.1:45552 <-> 54.230.227.172:80 [proto: 7.135/HTTP.Waze][cat: Web][7 pkts/552 bytes <-> 7 pkts/771 bytes][Host: cres.waze.com] - 21 TCP 10.8.0.1:45554 <-> 54.230.227.172:80 [proto: 7.135/HTTP.Waze][cat: Web][7 pkts/550 bytes <-> 7 pkts/769 bytes][Host: cres.waze.com] - 22 TCP 10.8.0.1:45540 <-> 54.230.227.172:80 [proto: 7.135/HTTP.Waze][cat: Web][7 pkts/553 bytes <-> 7 pkts/733 bytes][Host: roadshields.waze.com] + 1 TCP 10.8.0.1:36100 <-> 46.51.173.182:443 [proto: 91.135/SSL.Waze][cat: Web/5][52 pkts/10860 bytes <-> 55 pkts/74852 bytes][server: *.world.waze.com] + 2 TCP 10.8.0.1:54915 <-> 65.39.128.135:80 [proto: 7.60/HTTP.HTTP_Download][cat: Download-FileTransfer-FileSharing/7][19 pkts/1309 bytes <-> 18 pkts/61896 bytes][Host: xtra1.gpsonextra.net] + 3 TCP 10.8.0.1:39021 <-> 52.17.114.219:443 [proto: 91.135/SSL.Waze][cat: Web/5][17 pkts/1962 bytes <-> 16 pkts/56934 bytes][server: *.world.waze.com] + 4 TCP 10.8.0.1:36312 <-> 176.34.186.180:443 [proto: 91.135/SSL.Waze][cat: Web/5][17 pkts/2176 bytes <-> 15 pkts/42443 bytes][server: *.world.waze.com] + 5 TCP 10.8.0.1:36316 <-> 176.34.186.180:443 [proto: 91.135/SSL.Waze][cat: Web/5][15 pkts/1540 bytes <-> 13 pkts/26346 bytes][server: *.world.waze.com] + 6 TCP 10.8.0.1:36102 <-> 46.51.173.182:443 [proto: 91.135/SSL.Waze][cat: Web/5][19 pkts/2646 bytes <-> 18 pkts/9338 bytes][server: *.world.waze.com] + 7 TCP 10.8.0.1:39010 <-> 52.17.114.219:443 [proto: 91.135/SSL.Waze][cat: Web/5][8 pkts/1034 bytes <-> 8 pkts/8151 bytes][server: *.world.waze.com] + 8 TCP 10.8.0.1:51049 <-> 176.34.103.105:443 [proto: 91.135/SSL.Waze][cat: Web/5][12 pkts/1282 bytes <-> 11 pkts/6541 bytes][server: *.waze.com] + 9 TCP 10.8.0.1:51051 <-> 176.34.103.105:443 [proto: 91.135/SSL.Waze][cat: Web/5][11 pkts/1228 bytes <-> 10 pkts/6487 bytes][server: *.waze.com] + 10 TCP 10.8.0.1:36134 <-> 46.51.173.182:443 [proto: 91.135/SSL.Waze][cat: Web/5][12 pkts/1650 bytes <-> 12 pkts/4935 bytes][server: *.world.waze.com] + 11 TCP 10.8.0.1:36137 <-> 46.51.173.182:443 [proto: 91.135/SSL.Waze][cat: Web/5][12 pkts/1522 bytes <-> 11 pkts/4220 bytes][server: *.world.waze.com] + 12 TCP 10.8.0.1:36314 <-> 176.34.186.180:443 [proto: 91.135/SSL.Waze][cat: Web/5][11 pkts/1260 bytes <-> 9 pkts/4413 bytes][server: *.world.waze.com] + 13 TCP 10.8.0.1:51050 <-> 176.34.103.105:443 [proto: 91.135/SSL.Waze][cat: Web/5][9 pkts/1184 bytes <-> 9 pkts/4369 bytes][server: *.waze.com] + 14 TCP 10.8.0.1:45529 <-> 54.230.227.172:80 [proto: 7.135/HTTP.Waze][cat: Web/5][9 pkts/591 bytes <-> 8 pkts/3424 bytes][Host: roadshields.waze.com] + 15 TCP 10.8.0.1:36585 <-> 173.194.118.48:443 [proto: 64/SSL_No_Cert][cat: Web/5][7 pkts/1137 bytes <-> 6 pkts/1005 bytes] + 16 TCP 10.8.0.1:45536 <-> 54.230.227.172:80 [proto: 7.135/HTTP.Waze][cat: Web/5][8 pkts/594 bytes <-> 7 pkts/771 bytes][Host: cres.waze.com] + 17 TCP 10.8.0.1:50828 <-> 108.168.176.228:443 [proto: 142/WhatsApp][cat: Chat/9][8 pkts/673 bytes <-> 7 pkts/668 bytes] + 18 TCP 10.8.0.1:45546 <-> 54.230.227.172:80 [proto: 7.135/HTTP.Waze][cat: Web/5][7 pkts/557 bytes <-> 7 pkts/771 bytes][Host: cres.waze.com] + 19 TCP 10.8.0.1:45538 <-> 54.230.227.172:80 [proto: 7.135/HTTP.Waze][cat: Web/5][7 pkts/555 bytes <-> 7 pkts/771 bytes][Host: cres.waze.com] + 20 TCP 10.8.0.1:45552 <-> 54.230.227.172:80 [proto: 7.135/HTTP.Waze][cat: Web/5][7 pkts/552 bytes <-> 7 pkts/771 bytes][Host: cres.waze.com] + 21 TCP 10.8.0.1:45554 <-> 54.230.227.172:80 [proto: 7.135/HTTP.Waze][cat: Web/5][7 pkts/550 bytes <-> 7 pkts/769 bytes][Host: cres.waze.com] + 22 TCP 10.8.0.1:45540 <-> 54.230.227.172:80 [proto: 7.135/HTTP.Waze][cat: Web/5][7 pkts/553 bytes <-> 7 pkts/733 bytes][Host: roadshields.waze.com] 23 TCP 10.16.37.157:41823 <-> 200.160.4.49:80 [proto: 7/HTTP][2 pkts/120 bytes <-> 2 pkts/108 bytes] 24 TCP 10.16.37.157:43991 <-> 200.160.4.31:80 [proto: 7/HTTP][2 pkts/120 bytes <-> 2 pkts/108 bytes] 25 TCP 10.16.37.157:46473 <-> 200.160.4.49:80 [proto: 7/HTTP][2 pkts/120 bytes <-> 2 pkts/108 bytes] @@ -38,7 +38,7 @@ WhatsApp 15 1341 1 29 TCP 10.8.0.1:45169 <-> 200.160.4.198:80 [proto: 7/HTTP][2 pkts/108 bytes <-> 2 pkts/108 bytes] 30 TCP 10.8.0.1:60479 <-> 200.160.4.49:443 [proto: 91/SSL][2 pkts/108 bytes <-> 2 pkts/108 bytes] 31 TCP 10.8.0.1:60574 <-> 200.160.4.49:80 [proto: 7/HTTP][2 pkts/108 bytes <-> 2 pkts/108 bytes] - 32 UDP 10.8.0.1:46214 <-> 200.89.75.198:123 [proto: 9/NTP][cat: System][1 pkts/90 bytes <-> 1 pkts/90 bytes] + 32 UDP 10.8.0.1:46214 <-> 200.89.75.198:123 [proto: 9/NTP][cat: System/18][1 pkts/90 bytes <-> 1 pkts/90 bytes] Undetected flows: diff --git a/tests/result/webex.pcap.out b/tests/result/webex.pcap.out index 4360e223b..fbf341918 100644 --- a/tests/result/webex.pcap.out +++ b/tests/result/webex.pcap.out @@ -6,46 +6,46 @@ Google 17 6375 1 Webex 1380 818407 43 Amazon 3 174 1 - 1 TCP 10.8.0.1:51155 <-> 62.109.224.120:443 [proto: 91.141/SSL.Webex][cat: Collaborative][256 pkts/14707 bytes <-> 257 pkts/329379 bytes][server: *.webex.com] - 2 TCP 10.8.0.1:41348 <-> 64.68.105.103:443 [proto: 91.141/SSL.Webex][cat: Collaborative][28 pkts/4815 bytes <-> 28 pkts/104881 bytes][client: radcom.webex.com] - 3 TCP 10.8.0.1:41346 <-> 64.68.105.103:443 [proto: 91.141/SSL.Webex][cat: Collaborative][48 pkts/11540 bytes <-> 47 pkts/80696 bytes][client: radcom.webex.com][server: *.webex.com] - 4 TCP 10.8.0.1:41358 <-> 64.68.105.103:443 [proto: 91.141/SSL.Webex][cat: Collaborative][19 pkts/2005 bytes <-> 19 pkts/40477 bytes][server: *.webex.com] - 5 TCP 10.8.0.1:51194 <-> 62.109.224.120:443 [proto: 91.141/SSL.Webex][cat: Collaborative][12 pkts/1531 bytes <-> 12 pkts/34357 bytes][server: *.webex.com] - 6 TCP 10.8.0.1:41354 <-> 64.68.105.103:443 [proto: 91.141/SSL.Webex][cat: Collaborative][13 pkts/2145 bytes <-> 13 pkts/24239 bytes][server: *.webex.com] - 7 TCP 10.8.0.1:51154 <-> 62.109.224.120:443 [proto: 91.141/SSL.Webex][cat: Collaborative][55 pkts/12583 bytes <-> 50 pkts/6703 bytes][server: *.webex.com] - 8 UDP 10.8.0.1:64538 -> 172.16.1.75:5060 [proto: 100/SIP][cat: VoIP][22 pkts/15356 bytes -> 0 pkts/0 bytes] - 9 TCP 10.8.0.1:51857 <-> 62.109.229.158:443 [proto: 91.141/SSL.Webex][cat: Collaborative][29 pkts/4559 bytes <-> 21 pkts/5801 bytes][server: *.webex.com] - 10 TCP 10.8.0.1:46211 <-> 54.241.32.14:443 [proto: 91/SSL][cat: Web][16 pkts/1984 bytes <-> 14 pkts/7584 bytes][client: api.crittercism.com][server: *.crittercism.com] - 11 TCP 10.8.0.1:41386 <-> 64.68.105.103:443 [proto: 91.141/SSL.Webex][cat: Collaborative][9 pkts/1417 bytes <-> 8 pkts/6984 bytes][server: *.webex.com] - 12 TCP 10.8.0.1:41419 <-> 64.68.105.103:443 [proto: 91.141/SSL.Webex][cat: Collaborative][7 pkts/1309 bytes <-> 7 pkts/6930 bytes][server: *.webex.com] - 13 TCP 10.8.0.1:52730 <-> 173.243.4.76:443 [proto: 91.141/SSL.Webex][cat: Collaborative][9 pkts/1369 bytes <-> 8 pkts/6621 bytes][server: *.webex.com] - 14 TCP 10.8.0.1:44492 <-> 64.68.104.140:443 [proto: 91.141/SSL.Webex][cat: Collaborative][9 pkts/1369 bytes <-> 8 pkts/6600 bytes][server: *.webex.com] - 15 TCP 10.8.0.1:45814 <-> 62.109.231.3:443 [proto: 91.141/SSL.Webex][cat: Collaborative][8 pkts/1315 bytes <-> 8 pkts/6653 bytes][server: *.webex.com] - 16 TCP 10.8.0.1:47498 <-> 209.197.222.159:443 [proto: 91.141/SSL.Webex][cat: Collaborative][7 pkts/1261 bytes <-> 7 pkts/6535 bytes][server: *.webex.com] - 17 TCP 10.8.0.1:57647 <-> 64.68.121.153:443 [proto: 91.141/SSL.Webex][cat: Collaborative][7 pkts/1261 bytes <-> 7 pkts/6535 bytes][server: *.webex.com] - 18 TCP 10.8.0.1:37129 <-> 64.68.105.98:443 [proto: 91.141/SSL.Webex][cat: Collaborative][9 pkts/1369 bytes <-> 9 pkts/5838 bytes][server: *.webex.com] - 19 TCP 10.8.0.1:51370 <-> 64.68.105.97:443 [proto: 91.141/SSL.Webex][cat: Collaborative][8 pkts/1315 bytes <-> 8 pkts/5784 bytes][server: *.webex.com] - 20 TCP 10.8.0.1:55669 <-> 173.243.0.110:443 [proto: 91.141/SSL.Webex][cat: Collaborative][11 pkts/1830 bytes <-> 12 pkts/4811 bytes][server: *.webex.com] - 21 TCP 10.8.0.1:55665 <-> 173.243.0.110:443 [proto: 91.141/SSL.Webex][cat: Collaborative][11 pkts/1798 bytes <-> 11 pkts/4757 bytes][server: *.webex.com] - 22 TCP 10.8.0.1:55671 <-> 173.243.0.110:443 [proto: 91.141/SSL.Webex][cat: Collaborative][11 pkts/1798 bytes <-> 11 pkts/4757 bytes][server: *.webex.com] - 23 TCP 10.8.0.1:55687 <-> 173.243.0.110:443 [proto: 91.141/SSL.Webex][cat: Collaborative][11 pkts/1798 bytes <-> 11 pkts/4757 bytes][server: *.webex.com] - 24 TCP 10.8.0.1:43433 <-> 216.58.208.40:443 [proto: 91.126/SSL.Google][cat: Web][9 pkts/1540 bytes <-> 8 pkts/4835 bytes][client: ssl.google-analytics.com][server: *.google-analytics.com] - 25 TCP 10.8.0.1:51646 <-> 114.29.204.49:443 [proto: 91.141/SSL.Webex][cat: Collaborative][9 pkts/895 bytes <-> 8 pkts/4398 bytes][server: *.webex.com] - 26 TCP 10.8.0.1:52219 <-> 64.68.121.100:443 [proto: 91.141/SSL.Webex][cat: Collaborative][8 pkts/841 bytes <-> 7 pkts/4376 bytes][server: *.webex.com] - 27 TCP 10.8.0.1:55969 <-> 64.68.121.99:443 [proto: 91.141/SSL.Webex][cat: Collaborative][8 pkts/841 bytes <-> 7 pkts/4376 bytes][server: *.webex.com] - 28 TCP 10.8.0.1:49048 <-> 23.44.253.243:443 [proto: 91.141/SSL.Webex][cat: Collaborative][7 pkts/1181 bytes <-> 7 pkts/4021 bytes][server: www.webex.com] - 29 TCP 10.8.0.1:47116 <-> 114.29.202.139:443 [proto: 91.141/SSL.Webex][cat: Collaborative][7 pkts/461 bytes <-> 6 pkts/4231 bytes][server: *.webex.com] - 30 TCP 10.8.0.1:47841 <-> 114.29.200.11:443 [proto: 91.141/SSL.Webex][cat: Collaborative][6 pkts/407 bytes <-> 5 pkts/4177 bytes][server: *.webex.com] - 31 TCP 10.8.0.1:33551 <-> 80.74.110.68:443 [proto: 64/SSL_No_Cert][cat: Web][10 pkts/1465 bytes <-> 11 pkts/1065 bytes] - 32 TCP 10.8.0.1:33553 <-> 80.74.110.68:443 [proto: 64/SSL_No_Cert][cat: Web][10 pkts/1388 bytes <-> 10 pkts/1087 bytes] - 33 TCP 10.8.0.1:33512 <-> 80.74.110.68:443 [proto: 64/SSL_No_Cert][cat: Web][9 pkts/1357 bytes <-> 9 pkts/615 bytes] - 34 TCP 10.8.0.1:33554 <-> 80.74.110.68:443 [proto: 64/SSL_No_Cert][cat: Web][9 pkts/1357 bytes <-> 9 pkts/615 bytes] - 35 TCP 10.8.0.1:59756 <-> 78.46.237.91:80 [proto: 7/HTTP][cat: Web][6 pkts/970 bytes <-> 6 pkts/821 bytes][Host: cp.pushwoosh.com] - 36 TCP 10.8.0.1:33559 <-> 80.74.110.68:443 [proto: 64/SSL_No_Cert][cat: Web][7 pkts/1280 bytes <-> 6 pkts/453 bytes] - 37 TCP 10.8.0.1:59757 <-> 78.46.237.91:80 [proto: 7/HTTP][cat: Web][5 pkts/624 bytes <-> 5 pkts/767 bytes][Host: cp.pushwoosh.com] + 1 TCP 10.8.0.1:51155 <-> 62.109.224.120:443 [proto: 91.141/SSL.Webex][cat: Collaborative/15][256 pkts/14707 bytes <-> 257 pkts/329379 bytes][server: *.webex.com] + 2 TCP 10.8.0.1:41348 <-> 64.68.105.103:443 [proto: 91.141/SSL.Webex][cat: Collaborative/15][28 pkts/4815 bytes <-> 28 pkts/104881 bytes][client: radcom.webex.com] + 3 TCP 10.8.0.1:41346 <-> 64.68.105.103:443 [proto: 91.141/SSL.Webex][cat: Collaborative/15][48 pkts/11540 bytes <-> 47 pkts/80696 bytes][client: radcom.webex.com][server: *.webex.com] + 4 TCP 10.8.0.1:41358 <-> 64.68.105.103:443 [proto: 91.141/SSL.Webex][cat: Collaborative/15][19 pkts/2005 bytes <-> 19 pkts/40477 bytes][server: *.webex.com] + 5 TCP 10.8.0.1:51194 <-> 62.109.224.120:443 [proto: 91.141/SSL.Webex][cat: Collaborative/15][12 pkts/1531 bytes <-> 12 pkts/34357 bytes][server: *.webex.com] + 6 TCP 10.8.0.1:41354 <-> 64.68.105.103:443 [proto: 91.141/SSL.Webex][cat: Collaborative/15][13 pkts/2145 bytes <-> 13 pkts/24239 bytes][server: *.webex.com] + 7 TCP 10.8.0.1:51154 <-> 62.109.224.120:443 [proto: 91.141/SSL.Webex][cat: Collaborative/15][55 pkts/12583 bytes <-> 50 pkts/6703 bytes][server: *.webex.com] + 8 UDP 10.8.0.1:64538 -> 172.16.1.75:5060 [proto: 100/SIP][cat: VoIP/10][22 pkts/15356 bytes -> 0 pkts/0 bytes] + 9 TCP 10.8.0.1:51857 <-> 62.109.229.158:443 [proto: 91.141/SSL.Webex][cat: Collaborative/15][29 pkts/4559 bytes <-> 21 pkts/5801 bytes][server: *.webex.com] + 10 TCP 10.8.0.1:46211 <-> 54.241.32.14:443 [proto: 91/SSL][cat: Web/5][16 pkts/1984 bytes <-> 14 pkts/7584 bytes][client: api.crittercism.com][server: *.crittercism.com] + 11 TCP 10.8.0.1:41386 <-> 64.68.105.103:443 [proto: 91.141/SSL.Webex][cat: Collaborative/15][9 pkts/1417 bytes <-> 8 pkts/6984 bytes][server: *.webex.com] + 12 TCP 10.8.0.1:41419 <-> 64.68.105.103:443 [proto: 91.141/SSL.Webex][cat: Collaborative/15][7 pkts/1309 bytes <-> 7 pkts/6930 bytes][server: *.webex.com] + 13 TCP 10.8.0.1:52730 <-> 173.243.4.76:443 [proto: 91.141/SSL.Webex][cat: Collaborative/15][9 pkts/1369 bytes <-> 8 pkts/6621 bytes][server: *.webex.com] + 14 TCP 10.8.0.1:44492 <-> 64.68.104.140:443 [proto: 91.141/SSL.Webex][cat: Collaborative/15][9 pkts/1369 bytes <-> 8 pkts/6600 bytes][server: *.webex.com] + 15 TCP 10.8.0.1:45814 <-> 62.109.231.3:443 [proto: 91.141/SSL.Webex][cat: Collaborative/15][8 pkts/1315 bytes <-> 8 pkts/6653 bytes][server: *.webex.com] + 16 TCP 10.8.0.1:47498 <-> 209.197.222.159:443 [proto: 91.141/SSL.Webex][cat: Collaborative/15][7 pkts/1261 bytes <-> 7 pkts/6535 bytes][server: *.webex.com] + 17 TCP 10.8.0.1:57647 <-> 64.68.121.153:443 [proto: 91.141/SSL.Webex][cat: Collaborative/15][7 pkts/1261 bytes <-> 7 pkts/6535 bytes][server: *.webex.com] + 18 TCP 10.8.0.1:37129 <-> 64.68.105.98:443 [proto: 91.141/SSL.Webex][cat: Collaborative/15][9 pkts/1369 bytes <-> 9 pkts/5838 bytes][server: *.webex.com] + 19 TCP 10.8.0.1:51370 <-> 64.68.105.97:443 [proto: 91.141/SSL.Webex][cat: Collaborative/15][8 pkts/1315 bytes <-> 8 pkts/5784 bytes][server: *.webex.com] + 20 TCP 10.8.0.1:55669 <-> 173.243.0.110:443 [proto: 91.141/SSL.Webex][cat: Collaborative/15][11 pkts/1830 bytes <-> 12 pkts/4811 bytes][server: *.webex.com] + 21 TCP 10.8.0.1:55665 <-> 173.243.0.110:443 [proto: 91.141/SSL.Webex][cat: Collaborative/15][11 pkts/1798 bytes <-> 11 pkts/4757 bytes][server: *.webex.com] + 22 TCP 10.8.0.1:55671 <-> 173.243.0.110:443 [proto: 91.141/SSL.Webex][cat: Collaborative/15][11 pkts/1798 bytes <-> 11 pkts/4757 bytes][server: *.webex.com] + 23 TCP 10.8.0.1:55687 <-> 173.243.0.110:443 [proto: 91.141/SSL.Webex][cat: Collaborative/15][11 pkts/1798 bytes <-> 11 pkts/4757 bytes][server: *.webex.com] + 24 TCP 10.8.0.1:43433 <-> 216.58.208.40:443 [proto: 91.126/SSL.Google][cat: Web/5][9 pkts/1540 bytes <-> 8 pkts/4835 bytes][client: ssl.google-analytics.com][server: *.google-analytics.com] + 25 TCP 10.8.0.1:51646 <-> 114.29.204.49:443 [proto: 91.141/SSL.Webex][cat: Collaborative/15][9 pkts/895 bytes <-> 8 pkts/4398 bytes][server: *.webex.com] + 26 TCP 10.8.0.1:52219 <-> 64.68.121.100:443 [proto: 91.141/SSL.Webex][cat: Collaborative/15][8 pkts/841 bytes <-> 7 pkts/4376 bytes][server: *.webex.com] + 27 TCP 10.8.0.1:55969 <-> 64.68.121.99:443 [proto: 91.141/SSL.Webex][cat: Collaborative/15][8 pkts/841 bytes <-> 7 pkts/4376 bytes][server: *.webex.com] + 28 TCP 10.8.0.1:49048 <-> 23.44.253.243:443 [proto: 91.141/SSL.Webex][cat: Collaborative/15][7 pkts/1181 bytes <-> 7 pkts/4021 bytes][server: www.webex.com] + 29 TCP 10.8.0.1:47116 <-> 114.29.202.139:443 [proto: 91.141/SSL.Webex][cat: Collaborative/15][7 pkts/461 bytes <-> 6 pkts/4231 bytes][server: *.webex.com] + 30 TCP 10.8.0.1:47841 <-> 114.29.200.11:443 [proto: 91.141/SSL.Webex][cat: Collaborative/15][6 pkts/407 bytes <-> 5 pkts/4177 bytes][server: *.webex.com] + 31 TCP 10.8.0.1:33551 <-> 80.74.110.68:443 [proto: 64/SSL_No_Cert][cat: Web/5][10 pkts/1465 bytes <-> 11 pkts/1065 bytes] + 32 TCP 10.8.0.1:33553 <-> 80.74.110.68:443 [proto: 64/SSL_No_Cert][cat: Web/5][10 pkts/1388 bytes <-> 10 pkts/1087 bytes] + 33 TCP 10.8.0.1:33512 <-> 80.74.110.68:443 [proto: 64/SSL_No_Cert][cat: Web/5][9 pkts/1357 bytes <-> 9 pkts/615 bytes] + 34 TCP 10.8.0.1:33554 <-> 80.74.110.68:443 [proto: 64/SSL_No_Cert][cat: Web/5][9 pkts/1357 bytes <-> 9 pkts/615 bytes] + 35 TCP 10.8.0.1:59756 <-> 78.46.237.91:80 [proto: 7/HTTP][cat: Web/5][6 pkts/970 bytes <-> 6 pkts/821 bytes][Host: cp.pushwoosh.com] + 36 TCP 10.8.0.1:33559 <-> 80.74.110.68:443 [proto: 64/SSL_No_Cert][cat: Web/5][7 pkts/1280 bytes <-> 6 pkts/453 bytes] + 37 TCP 10.8.0.1:59757 <-> 78.46.237.91:80 [proto: 7/HTTP][cat: Web/5][5 pkts/624 bytes <-> 5 pkts/767 bytes][Host: cp.pushwoosh.com] 38 UDP 10.8.0.1:51772 <-> 62.109.229.158:9000 [proto: 141/Webex][14 pkts/1071 bytes <-> 2 pkts/100 bytes] - 39 TCP 10.8.0.1:41350 <-> 64.68.105.103:443 [proto: 91.141/SSL.Webex][cat: Collaborative][6 pkts/614 bytes <-> 5 pkts/399 bytes][client: radcom.webex.com] - 40 TCP 10.8.0.1:41351 <-> 64.68.105.103:443 [proto: 91.141/SSL.Webex][cat: Collaborative][5 pkts/560 bytes <-> 4 pkts/345 bytes][client: radcom.webex.com] + 39 TCP 10.8.0.1:41350 <-> 64.68.105.103:443 [proto: 91.141/SSL.Webex][cat: Collaborative/15][6 pkts/614 bytes <-> 5 pkts/399 bytes][client: radcom.webex.com] + 40 TCP 10.8.0.1:41351 <-> 64.68.105.103:443 [proto: 91.141/SSL.Webex][cat: Collaborative/15][5 pkts/560 bytes <-> 4 pkts/345 bytes][client: radcom.webex.com] 41 TCP 10.8.0.1:51190 <-> 62.109.224.120:443 [proto: 91.141/SSL.Webex][7 pkts/501 bytes <-> 4 pkts/216 bytes] 42 TCP 10.8.0.1:37139 <-> 64.68.105.98:443 [proto: 91.141/SSL.Webex][6 pkts/427 bytes <-> 5 pkts/270 bytes] 43 TCP 10.8.0.1:41394 <-> 64.68.105.103:443 [proto: 91.141/SSL.Webex][6 pkts/427 bytes <-> 5 pkts/270 bytes] diff --git a/tests/result/wechat.pcap.out b/tests/result/wechat.pcap.out index ad06329ad..b9c7c3de0 100644 --- a/tests/result/wechat.pcap.out +++ b/tests/result/wechat.pcap.out @@ -14,52 +14,52 @@ WeChat 1251 606425 49 GoogleDocs 15 5114 2 1 TCP 203.205.151.162:443 <-> 192.168.1.103:54058 [proto: 91.197/SSL.WeChat][88 pkts/15114 bytes <-> 91 pkts/61842 bytes] - 2 TCP 192.168.1.103:54101 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: Chat][46 pkts/12575 bytes <-> 40 pkts/53424 bytes][client: web.wechat.com][server: web.wechat.com] - 3 TCP 192.168.1.103:54103 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: Chat][50 pkts/23958 bytes <-> 46 pkts/39684 bytes][client: web.wechat.com][server: web.wechat.com] - 4 TCP 192.168.1.103:54113 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: Chat][38 pkts/8933 bytes <-> 35 pkts/35112 bytes][client: web.wechat.com][server: web.wechat.com] - 5 TCP 192.168.1.103:54099 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: Chat][25 pkts/9013 bytes <-> 29 pkts/27440 bytes][client: web.wechat.com][server: web.wechat.com] - 6 TCP 192.168.1.103:54119 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: Chat][26 pkts/8129 bytes <-> 24 pkts/22836 bytes][client: web.wechat.com][server: web.wechat.com] - 7 TCP 192.168.1.103:58038 <-> 203.205.147.171:443 [proto: 91.197/SSL.WeChat][cat: Chat][34 pkts/17556 bytes <-> 25 pkts/12172 bytes][client: web.wechat.com][server: web.wechat.com] - 8 TCP 192.168.1.103:54089 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: Chat][21 pkts/7826 bytes <-> 20 pkts/18761 bytes][client: web.wechat.com][server: web.wechat.com] - 9 TCP 192.168.1.103:54095 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: Chat][21 pkts/7825 bytes <-> 18 pkts/17898 bytes][client: web.wechat.com][server: web.wechat.com] - 10 TCP 192.168.1.103:58040 <-> 203.205.147.171:443 [proto: 91.197/SSL.WeChat][cat: Chat][29 pkts/17545 bytes <-> 20 pkts/6923 bytes][client: web.wechat.com][server: web.wechat.com] - 11 TCP 192.168.1.103:54097 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: Chat][25 pkts/12063 bytes <-> 19 pkts/7932 bytes][client: web.wechat.com][server: web.wechat.com] - 12 TCP 192.168.1.103:54094 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: Chat][22 pkts/10193 bytes <-> 18 pkts/8262 bytes][client: web.wechat.com][server: web.wechat.com] - 13 TCP 192.168.1.103:54102 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: Chat][13 pkts/2317 bytes <-> 15 pkts/15724 bytes][client: web.wechat.com][server: web.wechat.com] - 14 TCP 192.168.1.103:54098 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: Chat][22 pkts/8507 bytes <-> 16 pkts/6575 bytes][client: web.wechat.com][server: web.wechat.com] - 15 TCP 192.168.1.103:54117 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: Chat][20 pkts/8397 bytes <-> 16 pkts/6566 bytes][client: web.wechat.com][server: web.wechat.com] - 16 TCP 192.168.1.103:58036 <-> 203.205.147.171:443 [proto: 91.197/SSL.WeChat][cat: Chat][15 pkts/6450 bytes <-> 11 pkts/5068 bytes][client: web.wechat.com][server: web.wechat.com] - 17 TCP 192.168.1.103:54092 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: Chat][15 pkts/6438 bytes <-> 11 pkts/5068 bytes][client: web.wechat.com][server: web.wechat.com] - 18 TCP 192.168.1.103:54100 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: Chat][15 pkts/4627 bytes <-> 12 pkts/5905 bytes][client: web.wechat.com][server: web.wechat.com] - 19 TCP 192.168.1.103:54111 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: Chat][14 pkts/4626 bytes <-> 12 pkts/5135 bytes][client: web.wechat.com][server: web.wechat.com] - 20 TCP 192.168.1.103:58042 <-> 203.205.147.171:443 [proto: 91.197/SSL.WeChat][cat: Chat][12 pkts/4516 bytes <-> 10 pkts/5004 bytes][client: web.wechat.com][server: web.wechat.com] - 21 TCP 192.168.1.103:43850 <-> 203.205.158.34:443 [proto: 91.48/SSL.QQ][cat: Chat][12 pkts/2005 bytes <-> 12 pkts/6787 bytes][client: res.wx.qq.com][server: wx.qq.com] - 22 TCP 192.168.1.103:38657 <-> 172.217.22.14:443 [proto: 91.126/SSL.Google][cat: Web][17 pkts/2413 bytes <-> 17 pkts/6268 bytes][client: safebrowsing.googleusercontent.com][server: *.googleusercontent.com] - 23 UDP 192.168.1.103:51507 <-> 172.217.23.67:443 [proto: 188.126/QUIC.Google][cat: Web][7 pkts/3507 bytes <-> 6 pkts/3329 bytes][Host: ssl.gstatic.com] - 24 UDP 192.168.1.103:57591 <-> 216.58.198.46:443 [proto: 188.241/QUIC.GoogleDocs][cat: Media][6 pkts/2687 bytes <-> 7 pkts/2125 bytes][Host: docs.google.com] - 25 TCP 192.168.1.103:54120 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: Chat][10 pkts/1032 bytes <-> 8 pkts/3711 bytes][client: web.wechat.com][server: web.wechat.com] - 26 TCP 192.168.1.103:58041 <-> 203.205.147.171:443 [proto: 91.197/SSL.WeChat][cat: Chat][10 pkts/1032 bytes <-> 8 pkts/3711 bytes][client: web.wechat.com][server: web.wechat.com] - 27 TCP 192.168.1.103:54118 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: Chat][10 pkts/1032 bytes <-> 8 pkts/3703 bytes][client: web.wechat.com][server: web.wechat.com] - 28 TCP 192.168.1.103:54090 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: Chat][10 pkts/1032 bytes <-> 7 pkts/3637 bytes][client: web.wechat.com][server: web.wechat.com] - 29 TCP 192.168.1.103:54096 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: Chat][10 pkts/1032 bytes <-> 7 pkts/3637 bytes][client: web.wechat.com][server: web.wechat.com] - 30 TCP 192.168.1.103:54104 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: Chat][10 pkts/1032 bytes <-> 7 pkts/3637 bytes][client: web.wechat.com][server: web.wechat.com] - 31 TCP 192.168.1.103:54091 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: Chat][9 pkts/966 bytes <-> 6 pkts/3571 bytes][client: web.wechat.com][server: web.wechat.com] - 32 UDP [fe80::7a92:9cff:fe0f:a88e]:5353 -> [ff02::fb]:5353 [proto: 8/MDNS][cat: Network][44 pkts/4488 bytes -> 0 pkts/0 bytes] - 33 UDP 192.168.1.103:35601 <-> 172.217.23.67:443 [proto: 188.126/QUIC.Google][cat: Web][5 pkts/2035 bytes <-> 5 pkts/1937 bytes][Host: ssl.gstatic.com] - 34 UDP 192.168.1.103:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network][44 pkts/3608 bytes -> 0 pkts/0 bytes] + 2 TCP 192.168.1.103:54101 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: Chat/9][46 pkts/12575 bytes <-> 40 pkts/53424 bytes][client: web.wechat.com][server: web.wechat.com] + 3 TCP 192.168.1.103:54103 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: Chat/9][50 pkts/23958 bytes <-> 46 pkts/39684 bytes][client: web.wechat.com][server: web.wechat.com] + 4 TCP 192.168.1.103:54113 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: Chat/9][38 pkts/8933 bytes <-> 35 pkts/35112 bytes][client: web.wechat.com][server: web.wechat.com] + 5 TCP 192.168.1.103:54099 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: Chat/9][25 pkts/9013 bytes <-> 29 pkts/27440 bytes][client: web.wechat.com][server: web.wechat.com] + 6 TCP 192.168.1.103:54119 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: Chat/9][26 pkts/8129 bytes <-> 24 pkts/22836 bytes][client: web.wechat.com][server: web.wechat.com] + 7 TCP 192.168.1.103:58038 <-> 203.205.147.171:443 [proto: 91.197/SSL.WeChat][cat: Chat/9][34 pkts/17556 bytes <-> 25 pkts/12172 bytes][client: web.wechat.com][server: web.wechat.com] + 8 TCP 192.168.1.103:54089 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: Chat/9][21 pkts/7826 bytes <-> 20 pkts/18761 bytes][client: web.wechat.com][server: web.wechat.com] + 9 TCP 192.168.1.103:54095 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: Chat/9][21 pkts/7825 bytes <-> 18 pkts/17898 bytes][client: web.wechat.com][server: web.wechat.com] + 10 TCP 192.168.1.103:58040 <-> 203.205.147.171:443 [proto: 91.197/SSL.WeChat][cat: Chat/9][29 pkts/17545 bytes <-> 20 pkts/6923 bytes][client: web.wechat.com][server: web.wechat.com] + 11 TCP 192.168.1.103:54097 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: Chat/9][25 pkts/12063 bytes <-> 19 pkts/7932 bytes][client: web.wechat.com][server: web.wechat.com] + 12 TCP 192.168.1.103:54094 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: Chat/9][22 pkts/10193 bytes <-> 18 pkts/8262 bytes][client: web.wechat.com][server: web.wechat.com] + 13 TCP 192.168.1.103:54102 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: Chat/9][13 pkts/2317 bytes <-> 15 pkts/15724 bytes][client: web.wechat.com][server: web.wechat.com] + 14 TCP 192.168.1.103:54098 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: Chat/9][22 pkts/8507 bytes <-> 16 pkts/6575 bytes][client: web.wechat.com][server: web.wechat.com] + 15 TCP 192.168.1.103:54117 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: Chat/9][20 pkts/8397 bytes <-> 16 pkts/6566 bytes][client: web.wechat.com][server: web.wechat.com] + 16 TCP 192.168.1.103:58036 <-> 203.205.147.171:443 [proto: 91.197/SSL.WeChat][cat: Chat/9][15 pkts/6450 bytes <-> 11 pkts/5068 bytes][client: web.wechat.com][server: web.wechat.com] + 17 TCP 192.168.1.103:54092 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: Chat/9][15 pkts/6438 bytes <-> 11 pkts/5068 bytes][client: web.wechat.com][server: web.wechat.com] + 18 TCP 192.168.1.103:54100 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: Chat/9][15 pkts/4627 bytes <-> 12 pkts/5905 bytes][client: web.wechat.com][server: web.wechat.com] + 19 TCP 192.168.1.103:54111 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: Chat/9][14 pkts/4626 bytes <-> 12 pkts/5135 bytes][client: web.wechat.com][server: web.wechat.com] + 20 TCP 192.168.1.103:58042 <-> 203.205.147.171:443 [proto: 91.197/SSL.WeChat][cat: Chat/9][12 pkts/4516 bytes <-> 10 pkts/5004 bytes][client: web.wechat.com][server: web.wechat.com] + 21 TCP 192.168.1.103:43850 <-> 203.205.158.34:443 [proto: 91.48/SSL.QQ][cat: Chat/9][12 pkts/2005 bytes <-> 12 pkts/6787 bytes][client: res.wx.qq.com][server: wx.qq.com] + 22 TCP 192.168.1.103:38657 <-> 172.217.22.14:443 [proto: 91.126/SSL.Google][cat: Web/5][17 pkts/2413 bytes <-> 17 pkts/6268 bytes][client: safebrowsing.googleusercontent.com][server: *.googleusercontent.com] + 23 UDP 192.168.1.103:51507 <-> 172.217.23.67:443 [proto: 188.126/QUIC.Google][cat: Web/5][7 pkts/3507 bytes <-> 6 pkts/3329 bytes][Host: ssl.gstatic.com] + 24 UDP 192.168.1.103:57591 <-> 216.58.198.46:443 [proto: 188.241/QUIC.GoogleDocs][cat: Media/1][6 pkts/2687 bytes <-> 7 pkts/2125 bytes][Host: docs.google.com] + 25 TCP 192.168.1.103:54120 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: Chat/9][10 pkts/1032 bytes <-> 8 pkts/3711 bytes][client: web.wechat.com][server: web.wechat.com] + 26 TCP 192.168.1.103:58041 <-> 203.205.147.171:443 [proto: 91.197/SSL.WeChat][cat: Chat/9][10 pkts/1032 bytes <-> 8 pkts/3711 bytes][client: web.wechat.com][server: web.wechat.com] + 27 TCP 192.168.1.103:54118 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: Chat/9][10 pkts/1032 bytes <-> 8 pkts/3703 bytes][client: web.wechat.com][server: web.wechat.com] + 28 TCP 192.168.1.103:54090 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: Chat/9][10 pkts/1032 bytes <-> 7 pkts/3637 bytes][client: web.wechat.com][server: web.wechat.com] + 29 TCP 192.168.1.103:54096 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: Chat/9][10 pkts/1032 bytes <-> 7 pkts/3637 bytes][client: web.wechat.com][server: web.wechat.com] + 30 TCP 192.168.1.103:54104 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: Chat/9][10 pkts/1032 bytes <-> 7 pkts/3637 bytes][client: web.wechat.com][server: web.wechat.com] + 31 TCP 192.168.1.103:54091 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: Chat/9][9 pkts/966 bytes <-> 6 pkts/3571 bytes][client: web.wechat.com][server: web.wechat.com] + 32 UDP [fe80::7a92:9cff:fe0f:a88e]:5353 -> [ff02::fb]:5353 [proto: 8/MDNS][cat: Network/14][44 pkts/4488 bytes -> 0 pkts/0 bytes] + 33 UDP 192.168.1.103:35601 <-> 172.217.23.67:443 [proto: 188.126/QUIC.Google][cat: Web/5][5 pkts/2035 bytes <-> 5 pkts/1937 bytes][Host: ssl.gstatic.com] + 34 UDP 192.168.1.103:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network/14][44 pkts/3608 bytes -> 0 pkts/0 bytes] 35 TCP 192.168.1.103:54183 -> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][2 pkts/2508 bytes -> 0 pkts/0 bytes] - 36 UDP [fe80::91f9:3df3:7436:6cd6]:5353 -> [ff02::fb]:5353 [proto: 8/MDNS][cat: Network][14 pkts/1428 bytes -> 0 pkts/0 bytes] + 36 UDP [fe80::91f9:3df3:7436:6cd6]:5353 -> [ff02::fb]:5353 [proto: 8/MDNS][cat: Network/14][14 pkts/1428 bytes -> 0 pkts/0 bytes] 37 TCP 192.168.1.103:36017 <-> 64.233.167.188:5228 [proto: 126/Google][10 pkts/660 bytes <-> 10 pkts/660 bytes] - 38 UDP 192.168.1.100:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network][14 pkts/1148 bytes -> 0 pkts/0 bytes] + 38 UDP 192.168.1.100:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network/14][14 pkts/1148 bytes -> 0 pkts/0 bytes] 39 TCP 192.168.1.103:58039 <-> 203.205.147.171:443 [proto: 91.197/SSL.WeChat][13 pkts/866 bytes <-> 4 pkts/280 bytes] 40 TCP 192.168.1.103:58143 -> 216.58.205.131:443 [proto: 91.126/SSL.Google][3 pkts/1078 bytes -> 0 pkts/0 bytes] 41 TCP 203.205.151.162:443 <-> 192.168.1.103:54084 [proto: 91.197/SSL.WeChat][3 pkts/802 bytes <-> 3 pkts/198 bytes] - 42 UDP 192.168.1.100:137 -> 192.168.1.255:137 [proto: 10/NetBIOS][cat: System][9 pkts/828 bytes -> 0 pkts/0 bytes] - 43 IGMP 192.168.1.100:0 -> 224.0.0.22:0 [proto: 82/IGMP][cat: Network][15 pkts/810 bytes -> 0 pkts/0 bytes] - 44 UDP 192.168.1.100:138 -> 192.168.1.255:138 [proto: 10/NetBIOS][cat: System][3 pkts/751 bytes -> 0 pkts/0 bytes] + 42 UDP 192.168.1.100:137 -> 192.168.1.255:137 [proto: 10/NetBIOS][cat: System/18][9 pkts/828 bytes -> 0 pkts/0 bytes] + 43 IGMP 192.168.1.100:0 -> 224.0.0.22:0 [proto: 82/IGMP][cat: Network/14][15 pkts/810 bytes -> 0 pkts/0 bytes] + 44 UDP 192.168.1.100:138 -> 192.168.1.255:138 [proto: 10/NetBIOS][cat: System/18][3 pkts/751 bytes -> 0 pkts/0 bytes] 45 TCP 192.168.1.103:54112 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][5 pkts/338 bytes <-> 4 pkts/280 bytes] 46 TCP 192.168.1.103:54114 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][5 pkts/338 bytes <-> 4 pkts/280 bytes] - 47 UDP 192.168.1.103:19041 <-> 192.168.1.254:53 [proto: 5.48/DNS.QQ][cat: Chat][1 pkts/73 bytes <-> 1 pkts/537 bytes][Host: res.wx.qq.com] + 47 UDP 192.168.1.103:19041 <-> 192.168.1.254:53 [proto: 5.48/DNS.QQ][cat: Chat/9][1 pkts/73 bytes <-> 1 pkts/537 bytes][Host: res.wx.qq.com] 48 TCP 192.168.1.103:34981 -> 95.101.34.33:80 [proto: 7/HTTP][9 pkts/594 bytes -> 0 pkts/0 bytes] 49 TCP 192.168.1.103:34996 -> 95.101.34.33:80 [proto: 7/HTTP][9 pkts/594 bytes -> 0 pkts/0 bytes] 50 TCP 192.168.1.103:34999 -> 95.101.34.33:80 [proto: 7/HTTP][9 pkts/594 bytes -> 0 pkts/0 bytes] @@ -74,45 +74,45 @@ GoogleDocs 15 5114 2 59 TCP 192.168.1.103:43851 <-> 203.205.158.34:443 [proto: 91/SSL][5 pkts/290 bytes <-> 4 pkts/234 bytes] 60 TCP 192.168.1.103:47627 <-> 216.58.205.78:443 [proto: 91.126/SSL.Google][3 pkts/198 bytes <-> 4 pkts/319 bytes] 61 TCP 192.168.1.103:40740 <-> 203.205.151.211:443 [proto: 91/SSL][4 pkts/216 bytes <-> 4 pkts/253 bytes] - 62 UDP 192.168.1.103:60356 <-> 192.168.1.254:53 [proto: 5.197/DNS.WeChat][cat: Chat][1 pkts/74 bytes <-> 1 pkts/391 bytes][Host: web.wechat.com] + 62 UDP 192.168.1.103:60356 <-> 192.168.1.254:53 [proto: 5.197/DNS.WeChat][cat: Chat/9][1 pkts/74 bytes <-> 1 pkts/391 bytes][Host: web.wechat.com] 63 TCP 192.168.1.103:49787 <-> 216.58.205.142:443 [proto: 91.126/SSL.Google][3 pkts/198 bytes <-> 3 pkts/198 bytes] 64 TCP 192.168.1.103:58226 -> 203.205.147.171:443 [proto: 91.197/SSL.WeChat][6 pkts/396 bytes -> 0 pkts/0 bytes] - 65 UDP 192.168.1.103:53734 <-> 192.168.1.254:53 [proto: 5.126/DNS.Google][cat: Web][1 pkts/94 bytes <-> 1 pkts/272 bytes][Host: safebrowsing.googleusercontent.com] + 65 UDP 192.168.1.103:53734 <-> 192.168.1.254:53 [proto: 5.126/DNS.Google][cat: Web/5][1 pkts/94 bytes <-> 1 pkts/272 bytes][Host: safebrowsing.googleusercontent.com] 66 TCP 192.168.1.103:58043 <-> 203.205.147.171:443 [proto: 91.197/SSL.WeChat][3 pkts/206 bytes <-> 2 pkts/148 bytes] - 67 UDP 0.0.0.0:68 -> 255.255.255.255:67 [proto: 18/DHCP][cat: Network][1 pkts/342 bytes -> 0 pkts/0 bytes][Host: iphonedimonica] - 68 UDP 192.168.1.103:46078 <-> 192.168.1.254:53 [proto: 5.126/DNS.Google][cat: Web][1 pkts/75 bytes <-> 1 pkts/234 bytes][Host: ssl.gstatic.com] - 69 UDP 192.168.1.103:60562 <-> 192.168.1.254:53 [proto: 5.126/DNS.Google][cat: Web][1 pkts/75 bytes <-> 1 pkts/234 bytes][Host: ssl.gstatic.com] - 70 UDP 192.168.1.103:55862 <-> 192.168.1.254:53 [proto: 5.241/DNS.GoogleDocs][cat: Media][1 pkts/75 bytes <-> 1 pkts/227 bytes][Host: docs.google.com] - 71 IGMP 192.168.1.103:0 -> 224.0.0.22:0 [proto: 82/IGMP][cat: Network][4 pkts/216 bytes -> 0 pkts/0 bytes] + 67 UDP 0.0.0.0:68 -> 255.255.255.255:67 [proto: 18/DHCP][cat: Network/14][1 pkts/342 bytes -> 0 pkts/0 bytes][Host: iphonedimonica] + 68 UDP 192.168.1.103:46078 <-> 192.168.1.254:53 [proto: 5.126/DNS.Google][cat: Web/5][1 pkts/75 bytes <-> 1 pkts/234 bytes][Host: ssl.gstatic.com] + 69 UDP 192.168.1.103:60562 <-> 192.168.1.254:53 [proto: 5.126/DNS.Google][cat: Web/5][1 pkts/75 bytes <-> 1 pkts/234 bytes][Host: ssl.gstatic.com] + 70 UDP 192.168.1.103:55862 <-> 192.168.1.254:53 [proto: 5.241/DNS.GoogleDocs][cat: Media/1][1 pkts/75 bytes <-> 1 pkts/227 bytes][Host: docs.google.com] + 71 IGMP 192.168.1.103:0 -> 224.0.0.22:0 [proto: 82/IGMP][cat: Network/14][4 pkts/216 bytes -> 0 pkts/0 bytes] 72 TCP 192.168.1.103:40741 <-> 203.205.151.211:443 [proto: 91/SSL][2 pkts/108 bytes <-> 2 pkts/108 bytes] - 73 IGMP 192.168.1.254:0 -> 224.0.0.1:0 [proto: 82/IGMP][cat: Network][4 pkts/200 bytes -> 0 pkts/0 bytes] + 73 IGMP 192.168.1.254:0 -> 224.0.0.1:0 [proto: 82/IGMP][cat: Network/14][4 pkts/200 bytes -> 0 pkts/0 bytes] 74 TCP 192.168.1.103:54085 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][2 pkts/132 bytes <-> 1 pkts/66 bytes] - 75 UDP [fe80::91f9:3df3:7436:6cd6]:50440 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network][2 pkts/180 bytes -> 0 pkts/0 bytes][Host: lbjamwptxz] - 76 UDP [fe80::91f9:3df3:7436:6cd6]:49195 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network][2 pkts/176 bytes -> 0 pkts/0 bytes][Host: cansaqcq] - 77 UDP [fe80::91f9:3df3:7436:6cd6]:50577 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network][2 pkts/176 bytes -> 0 pkts/0 bytes][Host: mcztmpkc] - 78 UDP 192.168.1.103:43705 -> 192.168.1.254:53 [proto: 5.197/DNS.WeChat][cat: Chat][2 pkts/172 bytes -> 0 pkts/0 bytes][Host: webpush.web.wechat.com.lan] - 79 UDP 192.168.1.103:42856 -> 192.168.1.254:53 [proto: 5/DNS][cat: Network][2 pkts/170 bytes -> 0 pkts/0 bytes][Host: 1.debian.pool.ntp.org.lan] - 80 UDP 192.168.1.103:45366 -> 192.168.1.254:53 [proto: 5.197/DNS.WeChat][cat: Chat][2 pkts/164 bytes -> 0 pkts/0 bytes][Host: webpush.web.wechat.com] - 81 UDP 192.168.1.103:56367 -> 192.168.1.254:53 [proto: 5.197/DNS.WeChat][cat: Chat][2 pkts/164 bytes -> 0 pkts/0 bytes][Host: webpush.web.wechat.com] - 82 UDP 192.168.1.103:41759 -> 192.168.1.254:53 [proto: 5/DNS][cat: Network][2 pkts/162 bytes -> 0 pkts/0 bytes][Host: 2.debian.pool.ntp.org] - 83 UDP 192.168.1.103:44063 -> 192.168.1.254:53 [proto: 5/DNS][cat: Network][2 pkts/162 bytes -> 0 pkts/0 bytes][Host: 1.debian.pool.ntp.org] - 84 UDP 192.168.1.103:42074 -> 192.168.1.254:53 [proto: 5.126/DNS.Google][cat: Web][2 pkts/158 bytes -> 0 pkts/0 bytes][Host: ssl.gstatic.com.lan] - 85 UDP 192.168.1.100:54124 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network][2 pkts/140 bytes -> 0 pkts/0 bytes][Host: lbjamwptxz] - 86 UDP 192.168.1.100:49832 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network][2 pkts/136 bytes -> 0 pkts/0 bytes][Host: cansaqcq] - 87 UDP 192.168.1.100:57401 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network][2 pkts/136 bytes -> 0 pkts/0 bytes][Host: mcztmpkc] + 75 UDP [fe80::91f9:3df3:7436:6cd6]:50440 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/180 bytes -> 0 pkts/0 bytes][Host: lbjamwptxz] + 76 UDP [fe80::91f9:3df3:7436:6cd6]:49195 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/176 bytes -> 0 pkts/0 bytes][Host: cansaqcq] + 77 UDP [fe80::91f9:3df3:7436:6cd6]:50577 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/176 bytes -> 0 pkts/0 bytes][Host: mcztmpkc] + 78 UDP 192.168.1.103:43705 -> 192.168.1.254:53 [proto: 5.197/DNS.WeChat][cat: Chat/9][2 pkts/172 bytes -> 0 pkts/0 bytes][Host: webpush.web.wechat.com.lan] + 79 UDP 192.168.1.103:42856 -> 192.168.1.254:53 [proto: 5/DNS][cat: Network/14][2 pkts/170 bytes -> 0 pkts/0 bytes][Host: 1.debian.pool.ntp.org.lan] + 80 UDP 192.168.1.103:45366 -> 192.168.1.254:53 [proto: 5.197/DNS.WeChat][cat: Chat/9][2 pkts/164 bytes -> 0 pkts/0 bytes][Host: webpush.web.wechat.com] + 81 UDP 192.168.1.103:56367 -> 192.168.1.254:53 [proto: 5.197/DNS.WeChat][cat: Chat/9][2 pkts/164 bytes -> 0 pkts/0 bytes][Host: webpush.web.wechat.com] + 82 UDP 192.168.1.103:41759 -> 192.168.1.254:53 [proto: 5/DNS][cat: Network/14][2 pkts/162 bytes -> 0 pkts/0 bytes][Host: 2.debian.pool.ntp.org] + 83 UDP 192.168.1.103:44063 -> 192.168.1.254:53 [proto: 5/DNS][cat: Network/14][2 pkts/162 bytes -> 0 pkts/0 bytes][Host: 1.debian.pool.ntp.org] + 84 UDP 192.168.1.103:42074 -> 192.168.1.254:53 [proto: 5.126/DNS.Google][cat: Web/5][2 pkts/158 bytes -> 0 pkts/0 bytes][Host: ssl.gstatic.com.lan] + 85 UDP 192.168.1.100:54124 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/140 bytes -> 0 pkts/0 bytes][Host: lbjamwptxz] + 86 UDP 192.168.1.100:49832 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/136 bytes -> 0 pkts/0 bytes][Host: cansaqcq] + 87 UDP 192.168.1.100:57401 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/136 bytes -> 0 pkts/0 bytes][Host: mcztmpkc] 88 TCP 192.168.1.103:54106 -> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][2 pkts/132 bytes -> 0 pkts/0 bytes] 89 TCP 192.168.1.103:54109 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][1 pkts/66 bytes <-> 1 pkts/66 bytes] 90 TCP 192.168.1.103:54110 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][1 pkts/66 bytes <-> 1 pkts/66 bytes] 91 TCP 192.168.1.103:54205 -> 64.233.167.188:443 [proto: 91.126/SSL.Google][2 pkts/132 bytes -> 0 pkts/0 bytes] - 92 ICMPV6 [fe80::842:a3f3:a286:6c5b]:0 -> [ff02::2]:0 [proto: 102/ICMPV6][cat: Network][2 pkts/132 bytes -> 0 pkts/0 bytes] - 93 0 [fe80::842:a3f3:a286:6c5b]:0 -> [ff02::16]:0 [proto: 102/ICMPV6][cat: Network][1 pkts/110 bytes -> 0 pkts/0 bytes] - 94 UDP 192.168.1.103:37578 -> 193.204.114.233:123 [proto: 9/NTP][cat: System][1 pkts/90 bytes -> 0 pkts/0 bytes] - 95 UDP 192.168.1.103:44346 -> 192.168.1.254:53 [proto: 5.197/DNS.WeChat][cat: Chat][1 pkts/86 bytes -> 0 pkts/0 bytes][Host: webpush.web.wechat.com.lan] - 96 UDP 192.168.1.103:53515 -> 192.168.1.254:53 [proto: 5.197/DNS.WeChat][cat: Chat][1 pkts/86 bytes -> 0 pkts/0 bytes][Host: webpush.web.wechat.com.lan] - 97 ICMPV6 [::]:0 -> [ff02::1:ff86:6c5b]:0 [proto: 102/ICMPV6][cat: Network][1 pkts/86 bytes -> 0 pkts/0 bytes] - 98 UDP 192.168.1.103:33915 -> 192.168.1.254:53 [proto: 5.197/DNS.WeChat][cat: Chat][1 pkts/82 bytes -> 0 pkts/0 bytes][Host: webpush.web.wechat.com] - 99 UDP 192.168.1.103:43317 -> 192.168.1.254:53 [proto: 5.197/DNS.WeChat][cat: Chat][1 pkts/82 bytes -> 0 pkts/0 bytes][Host: webpush.web.wechat.com] - 100 UDP 192.168.1.103:58165 -> 192.168.1.254:53 [proto: 5.197/DNS.WeChat][cat: Chat][1 pkts/82 bytes -> 0 pkts/0 bytes][Host: webpush.web.wechat.com] - 101 UDP 192.168.1.103:59567 -> 192.168.1.254:53 [proto: 5.126/DNS.Google][cat: Web][1 pkts/79 bytes -> 0 pkts/0 bytes][Host: ssl.gstatic.com.lan] - 102 UDP 192.168.1.103:42589 -> 192.168.1.254:53 [proto: 5.126/DNS.Google][cat: Web][1 pkts/75 bytes -> 0 pkts/0 bytes][Host: ssl.gstatic.com] - 103 IGMP 192.168.1.108:0 -> 224.0.0.22:0 [proto: 82/IGMP][cat: Network][1 pkts/54 bytes -> 0 pkts/0 bytes] + 92 ICMPV6 [fe80::842:a3f3:a286:6c5b]:0 -> [ff02::2]:0 [proto: 102/ICMPV6][cat: Network/14][2 pkts/132 bytes -> 0 pkts/0 bytes] + 93 0 [fe80::842:a3f3:a286:6c5b]:0 -> [ff02::16]:0 [proto: 102/ICMPV6][cat: Network/14][1 pkts/110 bytes -> 0 pkts/0 bytes] + 94 UDP 192.168.1.103:37578 -> 193.204.114.233:123 [proto: 9/NTP][cat: System/18][1 pkts/90 bytes -> 0 pkts/0 bytes] + 95 UDP 192.168.1.103:44346 -> 192.168.1.254:53 [proto: 5.197/DNS.WeChat][cat: Chat/9][1 pkts/86 bytes -> 0 pkts/0 bytes][Host: webpush.web.wechat.com.lan] + 96 UDP 192.168.1.103:53515 -> 192.168.1.254:53 [proto: 5.197/DNS.WeChat][cat: Chat/9][1 pkts/86 bytes -> 0 pkts/0 bytes][Host: webpush.web.wechat.com.lan] + 97 ICMPV6 [::]:0 -> [ff02::1:ff86:6c5b]:0 [proto: 102/ICMPV6][cat: Network/14][1 pkts/86 bytes -> 0 pkts/0 bytes] + 98 UDP 192.168.1.103:33915 -> 192.168.1.254:53 [proto: 5.197/DNS.WeChat][cat: Chat/9][1 pkts/82 bytes -> 0 pkts/0 bytes][Host: webpush.web.wechat.com] + 99 UDP 192.168.1.103:43317 -> 192.168.1.254:53 [proto: 5.197/DNS.WeChat][cat: Chat/9][1 pkts/82 bytes -> 0 pkts/0 bytes][Host: webpush.web.wechat.com] + 100 UDP 192.168.1.103:58165 -> 192.168.1.254:53 [proto: 5.197/DNS.WeChat][cat: Chat/9][1 pkts/82 bytes -> 0 pkts/0 bytes][Host: webpush.web.wechat.com] + 101 UDP 192.168.1.103:59567 -> 192.168.1.254:53 [proto: 5.126/DNS.Google][cat: Web/5][1 pkts/79 bytes -> 0 pkts/0 bytes][Host: ssl.gstatic.com.lan] + 102 UDP 192.168.1.103:42589 -> 192.168.1.254:53 [proto: 5.126/DNS.Google][cat: Web/5][1 pkts/75 bytes -> 0 pkts/0 bytes][Host: ssl.gstatic.com] + 103 IGMP 192.168.1.108:0 -> 224.0.0.22:0 [proto: 82/IGMP][cat: Network/14][1 pkts/54 bytes -> 0 pkts/0 bytes] diff --git a/tests/result/weibo.pcap.out b/tests/result/weibo.pcap.out index 16a72e025..8ae9cdea1 100644 --- a/tests/result/weibo.pcap.out +++ b/tests/result/weibo.pcap.out @@ -6,39 +6,39 @@ Amazon 2 132 1 QUIC 23 4118 2 Sina(Weibo) 418 258007 15 - 1 TCP 192.168.1.105:35803 <-> 93.188.134.246:80 [proto: 7.200/HTTP.Sina(Weibo)][cat: SocialNetwork][52 pkts/5367 bytes <-> 54 pkts/71536 bytes][Host: img.t.sinajs.cn] - 2 TCP 192.168.1.105:35804 <-> 93.188.134.246:80 [proto: 7.200/HTTP.Sina(Weibo)][cat: SocialNetwork][32 pkts/3624 bytes <-> 40 pkts/50657 bytes][Host: img.t.sinajs.cn] - 3 TCP 192.168.1.105:51698 <-> 93.188.134.137:80 [proto: 7.200/HTTP.Sina(Weibo)][cat: SocialNetwork][40 pkts/3462 bytes <-> 39 pkts/34030 bytes][Host: www.weibo.com] - 4 TCP 192.168.1.105:35807 <-> 93.188.134.246:80 [proto: 7.200/HTTP.Sina(Weibo)][cat: SocialNetwork][27 pkts/2298 bytes <-> 26 pkts/34170 bytes][Host: img.t.sinajs.cn] - 5 TCP 192.168.1.105:35805 <-> 93.188.134.246:80 [proto: 7.200/HTTP.Sina(Weibo)][cat: SocialNetwork][21 pkts/2323 bytes <-> 20 pkts/20922 bytes][Host: img.t.sinajs.cn] - 6 TCP 192.168.1.105:35809 <-> 93.188.134.246:80 [proto: 7.200/HTTP.Sina(Weibo)][cat: SocialNetwork][18 pkts/1681 bytes <-> 17 pkts/20680 bytes][Host: img.t.sinajs.cn] - 7 TCP 192.168.1.105:35806 <-> 93.188.134.246:80 [proto: 7.200/HTTP.Sina(Weibo)][cat: SocialNetwork][7 pkts/946 bytes <-> 6 pkts/3755 bytes][Host: img.t.sinajs.cn] - 8 UDP 192.168.1.105:53656 <-> 216.58.210.227:443 [proto: 188/QUIC][cat: Web][8 pkts/1301 bytes <-> 6 pkts/873 bytes] - 9 UDP 216.58.210.14:443 <-> 192.168.1.105:49361 [proto: 188/QUIC][cat: Web][5 pkts/963 bytes <-> 4 pkts/981 bytes] - 10 TCP 192.168.1.105:59119 <-> 114.134.80.162:80 [proto: 7/HTTP][cat: Web][5 pkts/736 bytes <-> 4 pkts/863 bytes][Host: weibo.com] - 11 TCP 192.168.1.105:35811 <-> 93.188.134.246:80 [proto: 7.200/HTTP.Sina(Weibo)][cat: SocialNetwork][3 pkts/604 bytes <-> 2 pkts/140 bytes][Host: js.t.sinajs.cn] - 12 TCP 192.168.1.105:42275 <-> 222.73.28.96:80 [proto: 7.200/HTTP.Sina(Weibo)][cat: SocialNetwork][3 pkts/610 bytes <-> 1 pkts/66 bytes][Host: u1.img.mobile.sina.cn] + 1 TCP 192.168.1.105:35803 <-> 93.188.134.246:80 [proto: 7.200/HTTP.Sina(Weibo)][cat: SocialNetwork/6][52 pkts/5367 bytes <-> 54 pkts/71536 bytes][Host: img.t.sinajs.cn] + 2 TCP 192.168.1.105:35804 <-> 93.188.134.246:80 [proto: 7.200/HTTP.Sina(Weibo)][cat: SocialNetwork/6][32 pkts/3624 bytes <-> 40 pkts/50657 bytes][Host: img.t.sinajs.cn] + 3 TCP 192.168.1.105:51698 <-> 93.188.134.137:80 [proto: 7.200/HTTP.Sina(Weibo)][cat: SocialNetwork/6][40 pkts/3462 bytes <-> 39 pkts/34030 bytes][Host: www.weibo.com] + 4 TCP 192.168.1.105:35807 <-> 93.188.134.246:80 [proto: 7.200/HTTP.Sina(Weibo)][cat: SocialNetwork/6][27 pkts/2298 bytes <-> 26 pkts/34170 bytes][Host: img.t.sinajs.cn] + 5 TCP 192.168.1.105:35805 <-> 93.188.134.246:80 [proto: 7.200/HTTP.Sina(Weibo)][cat: SocialNetwork/6][21 pkts/2323 bytes <-> 20 pkts/20922 bytes][Host: img.t.sinajs.cn] + 6 TCP 192.168.1.105:35809 <-> 93.188.134.246:80 [proto: 7.200/HTTP.Sina(Weibo)][cat: SocialNetwork/6][18 pkts/1681 bytes <-> 17 pkts/20680 bytes][Host: img.t.sinajs.cn] + 7 TCP 192.168.1.105:35806 <-> 93.188.134.246:80 [proto: 7.200/HTTP.Sina(Weibo)][cat: SocialNetwork/6][7 pkts/946 bytes <-> 6 pkts/3755 bytes][Host: img.t.sinajs.cn] + 8 UDP 192.168.1.105:53656 <-> 216.58.210.227:443 [proto: 188/QUIC][cat: Web/5][8 pkts/1301 bytes <-> 6 pkts/873 bytes] + 9 UDP 216.58.210.14:443 <-> 192.168.1.105:49361 [proto: 188/QUIC][cat: Web/5][5 pkts/963 bytes <-> 4 pkts/981 bytes] + 10 TCP 192.168.1.105:59119 <-> 114.134.80.162:80 [proto: 7/HTTP][cat: Web/5][5 pkts/736 bytes <-> 4 pkts/863 bytes][Host: weibo.com] + 11 TCP 192.168.1.105:35811 <-> 93.188.134.246:80 [proto: 7.200/HTTP.Sina(Weibo)][cat: SocialNetwork/6][3 pkts/604 bytes <-> 2 pkts/140 bytes][Host: js.t.sinajs.cn] + 12 TCP 192.168.1.105:42275 <-> 222.73.28.96:80 [proto: 7.200/HTTP.Sina(Weibo)][cat: SocialNetwork/6][3 pkts/610 bytes <-> 1 pkts/66 bytes][Host: u1.img.mobile.sina.cn] 13 TCP 192.168.1.105:50827 <-> 47.89.65.229:443 [proto: 91/SSL][3 pkts/382 bytes <-> 1 pkts/66 bytes][client: g.alicdn.com] - 14 UDP 192.168.1.105:53543 <-> 192.168.1.1:53 [proto: 5.200/DNS.Sina(Weibo)][cat: SocialNetwork][1 pkts/75 bytes <-> 1 pkts/191 bytes][Host: img.t.sinajs.cn] - 15 UDP 192.168.1.105:41352 <-> 192.168.1.1:53 [proto: 5.200/DNS.Sina(Weibo)][cat: SocialNetwork][1 pkts/74 bytes <-> 1 pkts/190 bytes][Host: js.t.sinajs.cn] - 16 UDP 192.168.1.105:51440 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network][1 pkts/72 bytes <-> 1 pkts/171 bytes][Host: g.alicdn.com] - 17 UDP 192.168.1.105:33822 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network][1 pkts/76 bytes <-> 1 pkts/166 bytes][Host: login.taobao.com] - 18 UDP 192.168.1.105:18035 <-> 192.168.1.1:53 [proto: 5.200/DNS.Sina(Weibo)][cat: SocialNetwork][1 pkts/81 bytes <-> 1 pkts/159 bytes][Host: u1.img.mobile.sina.cn] - 19 UDP 192.168.1.105:50640 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network][1 pkts/77 bytes <-> 1 pkts/157 bytes][Host: acjstb.aliyun.com] - 20 UDP 192.168.1.105:7148 <-> 192.168.1.1:53 [proto: 5.200/DNS.Sina(Weibo)][cat: SocialNetwork][1 pkts/73 bytes <-> 1 pkts/142 bytes][Host: www.weibo.com] + 14 UDP 192.168.1.105:53543 <-> 192.168.1.1:53 [proto: 5.200/DNS.Sina(Weibo)][cat: SocialNetwork/6][1 pkts/75 bytes <-> 1 pkts/191 bytes][Host: img.t.sinajs.cn] + 15 UDP 192.168.1.105:41352 <-> 192.168.1.1:53 [proto: 5.200/DNS.Sina(Weibo)][cat: SocialNetwork/6][1 pkts/74 bytes <-> 1 pkts/190 bytes][Host: js.t.sinajs.cn] + 16 UDP 192.168.1.105:51440 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/72 bytes <-> 1 pkts/171 bytes][Host: g.alicdn.com] + 17 UDP 192.168.1.105:33822 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/76 bytes <-> 1 pkts/166 bytes][Host: login.taobao.com] + 18 UDP 192.168.1.105:18035 <-> 192.168.1.1:53 [proto: 5.200/DNS.Sina(Weibo)][cat: SocialNetwork/6][1 pkts/81 bytes <-> 1 pkts/159 bytes][Host: u1.img.mobile.sina.cn] + 19 UDP 192.168.1.105:50640 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/77 bytes <-> 1 pkts/157 bytes][Host: acjstb.aliyun.com] + 20 UDP 192.168.1.105:7148 <-> 192.168.1.1:53 [proto: 5.200/DNS.Sina(Weibo)][cat: SocialNetwork/6][1 pkts/73 bytes <-> 1 pkts/142 bytes][Host: www.weibo.com] 21 TCP 192.168.1.105:35808 <-> 93.188.134.246:80 [proto: 7/HTTP][2 pkts/140 bytes <-> 1 pkts/74 bytes] 22 TCP 192.168.1.105:50831 <-> 47.89.65.229:443 [proto: 91/SSL][2 pkts/128 bytes <-> 1 pkts/66 bytes] 23 TCP 192.168.1.105:59120 <-> 114.134.80.162:80 [proto: 7/HTTP][2 pkts/128 bytes <-> 1 pkts/66 bytes] 24 TCP 192.168.1.105:59121 <-> 114.134.80.162:80 [proto: 7/HTTP][2 pkts/128 bytes <-> 1 pkts/66 bytes] - 25 UDP 192.168.1.105:53466 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network][1 pkts/74 bytes <-> 1 pkts/112 bytes][Host: log.mmstat.com] - 26 UDP 192.168.1.105:54988 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network][1 pkts/69 bytes <-> 1 pkts/85 bytes][Host: weibo.com] + 25 UDP 192.168.1.105:53466 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/74 bytes <-> 1 pkts/112 bytes][Host: log.mmstat.com] + 26 UDP 192.168.1.105:54988 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/69 bytes <-> 1 pkts/85 bytes][Host: weibo.com] 27 TCP 192.168.1.105:34699 <-> 216.58.212.65:443 [proto: 91.126/SSL.Google][1 pkts/66 bytes <-> 1 pkts/66 bytes] 28 TCP 192.168.1.105:35154 <-> 216.58.210.206:443 [proto: 91.126/SSL.Google][1 pkts/66 bytes <-> 1 pkts/66 bytes] 29 TCP 192.168.1.105:37802 <-> 216.58.212.69:443 [proto: 91.126/SSL.Google][1 pkts/66 bytes <-> 1 pkts/66 bytes] 30 TCP 192.168.1.105:40440 <-> 54.225.163.210:443 [proto: 91.178/SSL.Amazon][1 pkts/66 bytes <-> 1 pkts/66 bytes] 31 TCP 192.168.1.105:58480 <-> 216.58.214.78:443 [proto: 91.126/SSL.Google][1 pkts/66 bytes <-> 1 pkts/66 bytes] 32 TCP 192.168.1.105:58481 <-> 216.58.214.78:443 [proto: 91.126/SSL.Google][1 pkts/66 bytes <-> 1 pkts/66 bytes] - 33 UDP 192.168.1.105:11798 -> 192.168.1.1:53 [proto: 5.200/DNS.Sina(Weibo)][cat: SocialNetwork][1 pkts/77 bytes -> 0 pkts/0 bytes][Host: account.weibo.com] + 33 UDP 192.168.1.105:11798 -> 192.168.1.1:53 [proto: 5.200/DNS.Sina(Weibo)][cat: SocialNetwork/6][1 pkts/77 bytes -> 0 pkts/0 bytes][Host: account.weibo.com] 34 TCP 192.168.1.105:42280 -> 222.73.28.96:80 [proto: 7/HTTP][1 pkts/74 bytes -> 0 pkts/0 bytes] 35 TCP 192.168.1.105:47721 -> 140.205.170.63:443 [proto: 91/SSL][1 pkts/74 bytes -> 0 pkts/0 bytes] 36 TCP 192.168.1.105:47723 -> 140.205.170.63:443 [proto: 91/SSL][1 pkts/74 bytes -> 0 pkts/0 bytes] @@ -48,5 +48,5 @@ Sina(Weibo) 418 258007 15 40 TCP 192.168.1.105:52271 -> 42.156.184.19:443 [proto: 91/SSL][1 pkts/74 bytes -> 0 pkts/0 bytes] 41 TCP 192.168.1.105:52272 -> 42.156.184.19:443 [proto: 91/SSL][1 pkts/74 bytes -> 0 pkts/0 bytes] 42 TCP 192.168.1.105:52274 -> 42.156.184.19:443 [proto: 91/SSL][1 pkts/74 bytes -> 0 pkts/0 bytes] - 43 UDP 192.168.1.105:50533 -> 192.168.1.1:53 [proto: 5.200/DNS.Sina(Weibo)][cat: SocialNetwork][1 pkts/74 bytes -> 0 pkts/0 bytes][Host: data.weibo.com] - 44 UDP 192.168.1.105:16804 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network][1 pkts/70 bytes -> 0 pkts/0 bytes][Host: c.weibo.cn] + 43 UDP 192.168.1.105:50533 -> 192.168.1.1:53 [proto: 5.200/DNS.Sina(Weibo)][cat: SocialNetwork/6][1 pkts/74 bytes -> 0 pkts/0 bytes][Host: data.weibo.com] + 44 UDP 192.168.1.105:16804 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/70 bytes -> 0 pkts/0 bytes][Host: c.weibo.cn] diff --git a/tests/result/whatsapp_login_call.pcap.out b/tests/result/whatsapp_login_call.pcap.out index cb4d94650..f6250fa67 100644 --- a/tests/result/whatsapp_login_call.pcap.out +++ b/tests/result/whatsapp_login_call.pcap.out @@ -13,19 +13,19 @@ WhatsAppVoice 706 91156 4 AppleStore 85 28087 2 ApplePush 22 5926 1 - 1 UDP 192.168.2.4:51518 <-> 91.253.176.65:9344 [proto: 189/WhatsAppVoice][cat: VoIP][186 pkts/27025 bytes <-> 278 pkts/25895 bytes] - 2 UDP 192.168.2.4:52794 <-> 91.253.176.65:9665 [proto: 189/WhatsAppVoice][cat: VoIP][141 pkts/17530 bytes <-> 57 pkts/12888 bytes] - 3 TCP 192.168.2.4:49202 <-> 184.173.179.37:5222 [proto: 142/WhatsApp][cat: Chat][100 pkts/14711 bytes <-> 80 pkts/10163 bytes] - 4 TCP 192.168.2.4:49204 <-> 17.173.66.102:443 [proto: 91.224/SSL.AppleStore][cat: SoftwareUpdate][29 pkts/11770 bytes <-> 24 pkts/6612 bytes][client: p53-buy.itunes.apple.com] - 5 TCP 192.168.2.4:49201 <-> 17.178.104.12:443 [proto: 91.140/SSL.Apple][cat: Web][21 pkts/7644 bytes <-> 17 pkts/9576 bytes][client: query.ess.apple.com][server: *.ess.apple.com] - 6 TCP 192.168.2.4:49205 <-> 17.173.66.102:443 [proto: 91.224/SSL.AppleStore][cat: SoftwareUpdate][17 pkts/6166 bytes <-> 15 pkts/3539 bytes][client: p53-buy.itunes.apple.com] - 7 TCP 192.168.2.4:49193 <-> 17.110.229.14:5223 [proto: 238/ApplePush][cat: Cloud][11 pkts/4732 bytes <-> 11 pkts/1194 bytes] - 8 UDP 192.168.2.4:51518 <-> 31.13.93.48:3478 [proto: 189/WhatsAppVoice][cat: VoIP][12 pkts/2341 bytes <-> 12 pkts/2484 bytes] - 9 UDP 0.0.0.0:68 -> 255.255.255.255:67 [proto: 18/DHCP][cat: Network][10 pkts/3420 bytes -> 0 pkts/0 bytes][Host: lucas-imac] - 10 UDP 192.168.2.4:52794 <-> 31.13.84.48:3478 [proto: 189/WhatsAppVoice][cat: VoIP][9 pkts/1842 bytes <-> 11 pkts/1151 bytes] - 11 UDP 192.168.2.1:17500 -> 192.168.2.255:17500 [proto: 121/Dropbox][cat: Cloud][4 pkts/2176 bytes -> 0 pkts/0 bytes] + 1 UDP 192.168.2.4:51518 <-> 91.253.176.65:9344 [proto: 189/WhatsAppVoice][cat: VoIP/10][186 pkts/27025 bytes <-> 278 pkts/25895 bytes] + 2 UDP 192.168.2.4:52794 <-> 91.253.176.65:9665 [proto: 189/WhatsAppVoice][cat: VoIP/10][141 pkts/17530 bytes <-> 57 pkts/12888 bytes] + 3 TCP 192.168.2.4:49202 <-> 184.173.179.37:5222 [proto: 142/WhatsApp][cat: Chat/9][100 pkts/14711 bytes <-> 80 pkts/10163 bytes] + 4 TCP 192.168.2.4:49204 <-> 17.173.66.102:443 [proto: 91.224/SSL.AppleStore][cat: SoftwareUpdate/19][29 pkts/11770 bytes <-> 24 pkts/6612 bytes][client: p53-buy.itunes.apple.com] + 5 TCP 192.168.2.4:49201 <-> 17.178.104.12:443 [proto: 91.140/SSL.Apple][cat: Web/5][21 pkts/7644 bytes <-> 17 pkts/9576 bytes][client: query.ess.apple.com][server: *.ess.apple.com] + 6 TCP 192.168.2.4:49205 <-> 17.173.66.102:443 [proto: 91.224/SSL.AppleStore][cat: SoftwareUpdate/19][17 pkts/6166 bytes <-> 15 pkts/3539 bytes][client: p53-buy.itunes.apple.com] + 7 TCP 192.168.2.4:49193 <-> 17.110.229.14:5223 [proto: 238/ApplePush][cat: Cloud/13][11 pkts/4732 bytes <-> 11 pkts/1194 bytes] + 8 UDP 192.168.2.4:51518 <-> 31.13.93.48:3478 [proto: 189/WhatsAppVoice][cat: VoIP/10][12 pkts/2341 bytes <-> 12 pkts/2484 bytes] + 9 UDP 0.0.0.0:68 -> 255.255.255.255:67 [proto: 18/DHCP][cat: Network/14][10 pkts/3420 bytes -> 0 pkts/0 bytes][Host: lucas-imac] + 10 UDP 192.168.2.4:52794 <-> 31.13.84.48:3478 [proto: 189/WhatsAppVoice][cat: VoIP/10][9 pkts/1842 bytes <-> 11 pkts/1151 bytes] + 11 UDP 192.168.2.1:17500 -> 192.168.2.255:17500 [proto: 121/Dropbox][cat: Cloud/13][4 pkts/2176 bytes -> 0 pkts/0 bytes] 12 TCP 192.168.2.4:49199 <-> 17.172.100.70:993 [proto: 51.140/IMAPS.Apple][9 pkts/1130 bytes <-> 8 pkts/868 bytes] - 13 ICMP 192.168.2.4:0 -> 91.253.176.65:0 [proto: 81/ICMP][cat: Network][10 pkts/700 bytes -> 0 pkts/0 bytes] + 13 ICMP 192.168.2.4:0 -> 91.253.176.65:0 [proto: 81/ICMP][cat: Network/14][10 pkts/700 bytes -> 0 pkts/0 bytes] 14 UDP 192.168.2.4:51518 <-> 31.13.64.48:3478 [proto: 119.78/Facebook.STUN][3 pkts/504 bytes <-> 2 pkts/172 bytes] 15 UDP 192.168.2.4:51518 <-> 31.13.70.48:3478 [proto: 119.78/Facebook.STUN][3 pkts/504 bytes <-> 2 pkts/172 bytes] 16 UDP 192.168.2.4:51518 <-> 31.13.73.48:3478 [proto: 119.78/Facebook.STUN][3 pkts/504 bytes <-> 2 pkts/172 bytes] @@ -42,13 +42,13 @@ ApplePush 22 5926 1 27 UDP 192.168.2.4:52794 <-> 179.60.192.48:3478 [proto: 119.78/Facebook.STUN][3 pkts/504 bytes <-> 2 pkts/172 bytes] 28 TCP 192.168.2.4:49172 <-> 23.50.148.228:443 [proto: 91/SSL][3 pkts/174 bytes <-> 2 pkts/217 bytes] 29 TCP 192.168.2.4:49192 <-> 93.186.135.8:80 [proto: 7/HTTP][3 pkts/198 bytes <-> 2 pkts/132 bytes] - 30 UDP 192.168.2.4:51897 <-> 192.168.2.1:53 [proto: 5.140/DNS.Apple][cat: Web][1 pkts/79 bytes <-> 1 pkts/251 bytes][Host: query.ess.apple.com] - 31 UDP 192.168.2.4:52190 <-> 192.168.2.1:53 [proto: 5.142/DNS.WhatsApp][cat: Chat][1 pkts/76 bytes <-> 1 pkts/204 bytes][Host: e13.whatsapp.net] - 32 UDP 192.168.2.1:57621 -> 192.168.2.255:57621 [proto: 156/Spotify][cat: Streaming][3 pkts/258 bytes -> 0 pkts/0 bytes] - 33 UDP [fe80::c42c:3ff:fe60:6a64]:5353 -> [ff02::fb]:5353 [proto: 8/MDNS][cat: Network][2 pkts/258 bytes -> 0 pkts/0 bytes] - 34 UDP [fe80::da30:62ff:fe56:1c]:5353 -> [ff02::fb]:5353 [proto: 8/MDNS][cat: Network][2 pkts/258 bytes -> 0 pkts/0 bytes] - 35 UDP 169.254.166.207:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network][2 pkts/218 bytes -> 0 pkts/0 bytes] - 36 UDP 192.168.2.1:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network][2 pkts/218 bytes -> 0 pkts/0 bytes] + 30 UDP 192.168.2.4:51897 <-> 192.168.2.1:53 [proto: 5.140/DNS.Apple][cat: Web/5][1 pkts/79 bytes <-> 1 pkts/251 bytes][Host: query.ess.apple.com] + 31 UDP 192.168.2.4:52190 <-> 192.168.2.1:53 [proto: 5.142/DNS.WhatsApp][cat: Chat/9][1 pkts/76 bytes <-> 1 pkts/204 bytes][Host: e13.whatsapp.net] + 32 UDP 192.168.2.1:57621 -> 192.168.2.255:57621 [proto: 156/Spotify][cat: Streaming/17][3 pkts/258 bytes -> 0 pkts/0 bytes] + 33 UDP [fe80::c42c:3ff:fe60:6a64]:5353 -> [ff02::fb]:5353 [proto: 8/MDNS][cat: Network/14][2 pkts/258 bytes -> 0 pkts/0 bytes] + 34 UDP [fe80::da30:62ff:fe56:1c]:5353 -> [ff02::fb]:5353 [proto: 8/MDNS][cat: Network/14][2 pkts/258 bytes -> 0 pkts/0 bytes] + 35 UDP 169.254.166.207:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network/14][2 pkts/218 bytes -> 0 pkts/0 bytes] + 36 UDP 192.168.2.1:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network/14][2 pkts/218 bytes -> 0 pkts/0 bytes] 37 TCP 192.168.2.4:49173 <-> 93.186.135.82:80 [proto: 7/HTTP][2 pkts/132 bytes <-> 1 pkts/66 bytes] 38 TCP 192.168.2.4:49174 <-> 5.178.42.26:80 [proto: 7/HTTP][2 pkts/132 bytes <-> 1 pkts/66 bytes] 39 TCP 192.168.2.4:49194 <-> 93.62.150.157:443 [proto: 91/SSL][2 pkts/132 bytes <-> 1 pkts/66 bytes] diff --git a/tests/result/whatsapp_login_chat.pcap.out b/tests/result/whatsapp_login_chat.pcap.out index 0972ccc15..c3aab5c2d 100644 --- a/tests/result/whatsapp_login_chat.pcap.out +++ b/tests/result/whatsapp_login_chat.pcap.out @@ -7,11 +7,11 @@ Spotify 1 86 1 ApplePush 6 2095 1 1 TCP 192.168.2.4:49205 <-> 17.173.66.102:443 [proto: 91.140/SSL.Apple][24 pkts/15117 bytes <-> 20 pkts/6254 bytes] - 2 TCP 192.168.2.4:49206 <-> 158.85.58.15:5222 [proto: 142/WhatsApp][cat: Chat][17 pkts/1794 bytes <-> 13 pkts/1169 bytes] - 3 TCP 17.110.229.14:5223 -> 192.168.2.4:49193 [proto: 238/ApplePush][cat: Cloud][6 pkts/2095 bytes -> 0 pkts/0 bytes] - 4 UDP 0.0.0.0:68 -> 255.255.255.255:67 [proto: 18/DHCP][cat: Network][6 pkts/2052 bytes -> 0 pkts/0 bytes][Host: lucas-imac] - 5 UDP 192.168.2.1:17500 -> 192.168.2.255:17500 [proto: 121/Dropbox][cat: Cloud][2 pkts/1088 bytes -> 0 pkts/0 bytes] - 6 UDP 192.168.2.4:61697 <-> 192.168.2.1:53 [proto: 5.142/DNS.WhatsApp][cat: Chat][1 pkts/76 bytes <-> 1 pkts/204 bytes][Host: e12.whatsapp.net] - 7 UDP [fe80::189c:c31b:1298:224]:5353 -> [ff02::fb]:5353 [proto: 8/MDNS][cat: Network][1 pkts/111 bytes -> 0 pkts/0 bytes] - 8 UDP 192.168.2.4:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network][1 pkts/91 bytes -> 0 pkts/0 bytes] - 9 UDP 192.168.2.1:57621 -> 192.168.2.255:57621 [proto: 156/Spotify][cat: Streaming][1 pkts/86 bytes -> 0 pkts/0 bytes] + 2 TCP 192.168.2.4:49206 <-> 158.85.58.15:5222 [proto: 142/WhatsApp][cat: Chat/9][17 pkts/1794 bytes <-> 13 pkts/1169 bytes] + 3 TCP 17.110.229.14:5223 -> 192.168.2.4:49193 [proto: 238/ApplePush][cat: Cloud/13][6 pkts/2095 bytes -> 0 pkts/0 bytes] + 4 UDP 0.0.0.0:68 -> 255.255.255.255:67 [proto: 18/DHCP][cat: Network/14][6 pkts/2052 bytes -> 0 pkts/0 bytes][Host: lucas-imac] + 5 UDP 192.168.2.1:17500 -> 192.168.2.255:17500 [proto: 121/Dropbox][cat: Cloud/13][2 pkts/1088 bytes -> 0 pkts/0 bytes] + 6 UDP 192.168.2.4:61697 <-> 192.168.2.1:53 [proto: 5.142/DNS.WhatsApp][cat: Chat/9][1 pkts/76 bytes <-> 1 pkts/204 bytes][Host: e12.whatsapp.net] + 7 UDP [fe80::189c:c31b:1298:224]:5353 -> [ff02::fb]:5353 [proto: 8/MDNS][cat: Network/14][1 pkts/111 bytes -> 0 pkts/0 bytes] + 8 UDP 192.168.2.4:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network/14][1 pkts/91 bytes -> 0 pkts/0 bytes] + 9 UDP 192.168.2.1:57621 -> 192.168.2.255:57621 [proto: 156/Spotify][cat: Streaming/17][1 pkts/86 bytes -> 0 pkts/0 bytes] diff --git a/tests/result/whatsapp_voice_and_message.pcap.out b/tests/result/whatsapp_voice_and_message.pcap.out index e35e49fd3..df4f997e1 100644 --- a/tests/result/whatsapp_voice_and_message.pcap.out +++ b/tests/result/whatsapp_voice_and_message.pcap.out @@ -2,11 +2,11 @@ SkypeCallIn 9 1184 1 STUN 35 4732 7 WhatsApp 217 22139 5 - 1 TCP 10.8.0.1:42241 <-> 173.192.222.189:5222 [proto: 142/WhatsApp][cat: Chat][30 pkts/2539 bytes <-> 32 pkts/3070 bytes] - 2 TCP 10.8.0.1:35480 <-> 184.173.179.46:443 [proto: 142/WhatsApp][cat: Chat][24 pkts/3029 bytes <-> 22 pkts/1961 bytes] - 3 TCP 10.8.0.1:44819 <-> 158.85.58.42:5222 [proto: 142/WhatsApp][cat: Chat][15 pkts/2690 bytes <-> 15 pkts/2019 bytes] - 4 TCP 10.8.0.1:49721 <-> 158.85.58.109:5222 [proto: 142/WhatsApp][cat: Chat][26 pkts/2311 bytes <-> 26 pkts/2300 bytes] - 5 TCP 10.8.0.1:51570 <-> 158.85.5.199:443 [proto: 142/WhatsApp][cat: Chat][14 pkts/1123 bytes <-> 13 pkts/1097 bytes] + 1 TCP 10.8.0.1:42241 <-> 173.192.222.189:5222 [proto: 142/WhatsApp][cat: Chat/9][30 pkts/2539 bytes <-> 32 pkts/3070 bytes] + 2 TCP 10.8.0.1:35480 <-> 184.173.179.46:443 [proto: 142/WhatsApp][cat: Chat/9][24 pkts/3029 bytes <-> 22 pkts/1961 bytes] + 3 TCP 10.8.0.1:44819 <-> 158.85.58.42:5222 [proto: 142/WhatsApp][cat: Chat/9][15 pkts/2690 bytes <-> 15 pkts/2019 bytes] + 4 TCP 10.8.0.1:49721 <-> 158.85.58.109:5222 [proto: 142/WhatsApp][cat: Chat/9][26 pkts/2311 bytes <-> 26 pkts/2300 bytes] + 5 TCP 10.8.0.1:51570 <-> 158.85.5.199:443 [proto: 142/WhatsApp][cat: Chat/9][14 pkts/1123 bytes <-> 13 pkts/1097 bytes] 6 UDP 10.8.0.1:53620 <-> 31.13.73.48:3478 [proto: 125.49/Skype.SkypeCallIn][5 pkts/840 bytes <-> 4 pkts/344 bytes] 7 UDP 10.8.0.1:53620 <-> 31.13.64.48:3478 [proto: 119.78/Facebook.STUN][3 pkts/504 bytes <-> 2 pkts/172 bytes] 8 UDP 10.8.0.1:53620 <-> 31.13.74.48:3478 [proto: 119.78/Facebook.STUN][3 pkts/504 bytes <-> 2 pkts/172 bytes] diff --git a/tests/result/whatsappfiles.pcap.out b/tests/result/whatsappfiles.pcap.out index 241e2d3e4..6feb99217 100644 --- a/tests/result/whatsappfiles.pcap.out +++ b/tests/result/whatsappfiles.pcap.out @@ -1,4 +1,4 @@ WhatsAppFiles 620 452233 2 - 1 TCP 192.168.2.29:49698 <-> 185.60.216.53:443 [proto: 242/WhatsAppFiles][cat: Download-FileTransfer-FileSharing][132 pkts/9906 bytes <-> 178 pkts/237405 bytes] - 2 TCP 192.168.2.29:49674 <-> 185.60.216.53:443 [proto: 242/WhatsAppFiles][cat: Download-FileTransfer-FileSharing][161 pkts/189194 bytes <-> 149 pkts/15728 bytes] + 1 TCP 192.168.2.29:49698 <-> 185.60.216.53:443 [proto: 91.242/SSL.WhatsAppFiles][cat: Download-FileTransfer-FileSharing/7][132 pkts/9906 bytes <-> 178 pkts/237405 bytes][client: mmg-fna.whatsapp.net] + 2 TCP 192.168.2.29:49674 <-> 185.60.216.53:443 [proto: 91.242/SSL.WhatsAppFiles][cat: Download-FileTransfer-FileSharing/7][161 pkts/189194 bytes <-> 149 pkts/15728 bytes][client: mmg-fna.whatsapp.net][server: *.whatsapp.net] diff --git a/tests/result/youtube_quic.pcap.out b/tests/result/youtube_quic.pcap.out index 04388e419..79012ce78 100644 --- a/tests/result/youtube_quic.pcap.out +++ b/tests/result/youtube_quic.pcap.out @@ -1,6 +1,6 @@ YouTube 258 178495 1 Google 31 13144 2 - 1 UDP 192.168.1.7:56074 <-> 216.58.198.33:443 [proto: 188.124/QUIC.YouTube][cat: Media][113 pkts/16111 bytes <-> 145 pkts/162384 bytes][Host: yt3.ggpht.com] - 2 UDP 192.168.1.7:53859 <-> 216.58.205.66:443 [proto: 188.126/QUIC.Google][cat: Web][9 pkts/3929 bytes <-> 9 pkts/4736 bytes][Host: googleads.g.doubleclick.net] - 3 UDP 192.168.1.7:54997 <-> 216.58.205.66:443 [proto: 188.126/QUIC.Google][cat: Web][7 pkts/2312 bytes <-> 6 pkts/2167 bytes][Host: pagead2.googlesyndication.com] + 1 UDP 192.168.1.7:56074 <-> 216.58.198.33:443 [proto: 188.124/QUIC.YouTube][cat: Media/1][113 pkts/16111 bytes <-> 145 pkts/162384 bytes][Host: yt3.ggpht.com] + 2 UDP 192.168.1.7:53859 <-> 216.58.205.66:443 [proto: 188.126/QUIC.Google][cat: Web/5][9 pkts/3929 bytes <-> 9 pkts/4736 bytes][Host: googleads.g.doubleclick.net] + 3 UDP 192.168.1.7:54997 <-> 216.58.205.66:443 [proto: 188.126/QUIC.Google][cat: Web/5][7 pkts/2312 bytes <-> 6 pkts/2167 bytes][Host: pagead2.googlesyndication.com] diff --git a/tests/result/youtubeupload.pcap.out b/tests/result/youtubeupload.pcap.out index b01ca251c..6e65c9abd 100644 --- a/tests/result/youtubeupload.pcap.out +++ b/tests/result/youtubeupload.pcap.out @@ -1,5 +1,5 @@ YouTubeUpload 137 127038 3 - 1 UDP 192.168.2.27:51925 <-> 172.217.23.111:443 [proto: 188.136/QUIC.YouTubeUpload][cat: Media][80 pkts/100473 bytes <-> 20 pkts/6003 bytes][Host: upload.youtube.com] - 2 UDP 192.168.2.27:62232 <-> 172.217.23.111:443 [proto: 188.136/QUIC.YouTubeUpload][cat: Media][13 pkts/8651 bytes <-> 11 pkts/6463 bytes][Host: upload.youtube.com] - 3 TCP 192.168.2.27:57452 <-> 172.217.23.111:443 [proto: 91.136/SSL.YouTubeUpload][cat: Media][6 pkts/649 bytes <-> 7 pkts/4799 bytes][client: upload.youtube.com][server: upload.video.google.com] + 1 UDP 192.168.2.27:51925 <-> 172.217.23.111:443 [proto: 188.136/QUIC.YouTubeUpload][cat: Media/1][80 pkts/100473 bytes <-> 20 pkts/6003 bytes][Host: upload.youtube.com] + 2 UDP 192.168.2.27:62232 <-> 172.217.23.111:443 [proto: 188.136/QUIC.YouTubeUpload][cat: Media/1][13 pkts/8651 bytes <-> 11 pkts/6463 bytes][Host: upload.youtube.com] + 3 TCP 192.168.2.27:57452 <-> 172.217.23.111:443 [proto: 91.136/SSL.YouTubeUpload][cat: Media/1][6 pkts/649 bytes <-> 7 pkts/4799 bytes][client: upload.youtube.com][server: upload.video.google.com] -- cgit v1.2.3 From b3b8feabf1a60bcf9e6e8fc748a0a7a6cd8923f2 Mon Sep 17 00:00:00 2001 From: Darryl Sokoloski Date: Wed, 15 Aug 2018 16:47:21 -0400 Subject: Added new dissector for Memcached. Signed-off-by: Darryl Sokoloski --- src/include/ndpi_protocol_ids.h | 2 +- src/include/ndpi_protocols.h | 2 + src/include/ndpi_typedefs.h | 6 ++ src/lib/ndpi_main.c | 11 ++- src/lib/protocols/memcached.c | 189 ++++++++++++++++++++++++++++++++++++++++ tests/pcap/memcached.cap | Bin 0 -> 1895 bytes 6 files changed, 205 insertions(+), 5 deletions(-) create mode 100644 src/lib/protocols/memcached.c create mode 100644 tests/pcap/memcached.cap (limited to 'tests') diff --git a/src/include/ndpi_protocol_ids.h b/src/include/ndpi_protocol_ids.h index 32f3177d8..f3e100d64 100644 --- a/src/include/ndpi_protocol_ids.h +++ b/src/include/ndpi_protocol_ids.h @@ -74,8 +74,8 @@ typedef enum { NDPI_PROTOCOL_BITTORRENT = 37, NDPI_PROTOCOL_SKYPE_CALL_OUT = 38, NDPI_PROTOCOL_MUSICALLY = 39, + NDPI_PROTOCOL_MEMCACHED = 40, /* Memcached - Darryl Sokoloski */ - NDPI_PROTOCOL_FREE_40 = 40, /* Free */ NDPI_PROTOCOL_FREE_41 = 41, /* Free */ NDPI_PROTOCOL_FREE_42 = 42, /* Free */ NDPI_PROTOCOL_FREE_43 = 43, /* Free */ diff --git a/src/include/ndpi_protocols.h b/src/include/ndpi_protocols.h index f08b1de73..5c08f85f5 100644 --- a/src/include/ndpi_protocols.h +++ b/src/include/ndpi_protocols.h @@ -203,6 +203,7 @@ void ndpi_search_tinc(struct ndpi_detection_module_struct *ndpi_struct, struct n void ndpi_search_fix(struct ndpi_detection_module_struct *ndpi_struct, struct ndpi_flow_struct *flow); void ndpi_search_csgo(struct ndpi_detection_module_struct *ndpi_struct, struct ndpi_flow_struct *flow); void ndpi_search_ajp(struct ndpi_detection_module_struct *ndpi_struct, struct ndpi_flow_struct *flow); +void ndpi_search_memcached(struct ndpi_detection_module_struct *ndpi_struct, struct ndpi_flow_struct *flow); /* --- INIT FUNCTIONS --- */ void init_diameter_dissector(struct ndpi_detection_module_struct *ndpi_struct, u_int32_t *id, NDPI_PROTOCOL_BITMASK *detection_bitmask); void init_afp_dissector(struct ndpi_detection_module_struct *ndpi_struct, u_int32_t *id, NDPI_PROTOCOL_BITMASK *detection_bitmask); @@ -356,4 +357,5 @@ void init_apple_push_dissector(struct ndpi_detection_module_struct *ndpi_struct, void init_whatsapp_dissector(struct ndpi_detection_module_struct *ndpi_struct, u_int32_t *id, NDPI_PROTOCOL_BITMASK *detection_bitmask); void init_ajp_dissector(struct ndpi_detection_module_struct *ndpi_struct, u_int32_t *id, NDPI_PROTOCOL_BITMASK *detection_bitmask); void init_fbzero_dissector(struct ndpi_detection_module_struct *ndpi_struct, u_int32_t *id, NDPI_PROTOCOL_BITMASK *detection_bitmask); +void init_memcached_dissector(struct ndpi_detection_module_struct *ndpi_struct, u_int32_t *id, NDPI_PROTOCOL_BITMASK *detection_bitmask); #endif /* __NDPI_PROTOCOLS_H__ */ diff --git a/src/include/ndpi_typedefs.h b/src/include/ndpi_typedefs.h index 41c78bb31..5573c0e90 100644 --- a/src/include/ndpi_typedefs.h +++ b/src/include/ndpi_typedefs.h @@ -589,6 +589,9 @@ struct ndpi_flow_tcp_struct { /* NDPI_PROTOCOL_PPSTREAM */ u_int32_t ppstream_stage:3; + +/* NDPI_PROTOCOL_MEMCACHED */ + u_int8_t memcached_matches; } #ifndef WIN32 __attribute__ ((__packed__)) @@ -641,6 +644,9 @@ struct ndpi_flow_udp_struct { /* NDPI_PROTOCOL_RX */ u_int32_t rx_conn_epoch; u_int32_t rx_conn_id; + +/* NDPI_PROTOCOL_MEMCACHED */ + u_int8_t memcached_matches; } #ifndef WIN32 __attribute__ ((__packed__)) diff --git a/src/lib/ndpi_main.c b/src/lib/ndpi_main.c index 13c89424e..45490685f 100644 --- a/src/lib/ndpi_main.c +++ b/src/lib/ndpi_main.c @@ -1164,11 +1164,11 @@ static void ndpi_init_protocol_defaults(struct ndpi_detection_module_struct *ndp no_master, "Musical.ly", NDPI_PROTOCOL_CATEGORY_SOCIAL_NETWORK, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); - ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_FREE_40, + ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_MEMCACHED, no_master, - no_master, "Free", NDPI_PROTOCOL_CATEGORY_CUSTOM_1 /* dummy */, - ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, - ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); + no_master, "Memcached", NDPI_PROTOCOL_CATEGORY_NETWORK, + ndpi_build_default_ports(ports_a, 11211, 0, 0, 0, 0) /* TCP */, + ndpi_build_default_ports(ports_b, 11211, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_FREE_41, no_master, no_master, "Free", NDPI_PROTOCOL_CATEGORY_CUSTOM_1 /* dummy */, @@ -3160,6 +3160,9 @@ void ndpi_set_protocol_detection_bitmask2(struct ndpi_detection_module_struct *n /* AJP */ init_ajp_dissector(ndpi_struct, &a, detection_bitmask); + /* Memcached */ + init_memcached_dissector(ndpi_struct, &a, detection_bitmask); + /* ----------------------------------------------------------------- */ ndpi_struct->callback_buffer_size = a; diff --git a/src/lib/protocols/memcached.c b/src/lib/protocols/memcached.c new file mode 100644 index 000000000..e9deb5cc9 --- /dev/null +++ b/src/lib/protocols/memcached.c @@ -0,0 +1,189 @@ +/* + * memcached.c + * + * Copyright (C) 2009-2011 by ipoque GmbH + * Copyright (C) 2011-18 - ntop.org + * Copyright (C) 2018 - eGloo Incorporated + * + * This file is part of nDPI, an open source deep packet inspection + * library based on the OpenDPI and PACE technology by ipoque GmbH + * + * nDPI is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * nDPI is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with nDPI. If not, see . + * + */ + +#include "ndpi_protocol_ids.h" + +#define NDPI_CURRENT_PROTO NDPI_PROTOCOL_MEMCACHED + +#include "ndpi_api.h" + +#define MCDC_SET "set " +#define MCDC_SET_LEN (sizeof(MCDC_SET) - 1) +#define MCDC_ADD "add " +#define MCDC_ADD_LEN (sizeof(MCDC_ADD) - 1) +#define MCDC_REPLACE "replace " +#define MCDC_REPLACE_LEN (sizeof(MCDC_REPLACE) - 1) +#define MCDC_APPEND "append " +#define MCDC_APPEND_LEN (sizeof(MCDC_APPEND) - 1) +#define MCDC_PREPEND "prepend " +#define MCDC_PREPEND_LEN (sizeof(MCDC_PREPEND) - 1) +#define MCDC_CAS "cas " +#define MCDC_CAS_LEN (sizeof(MCDC_CAS) - 1) +#define MCDC_GET "get " +#define MCDC_GET_LEN (sizeof(MCDC_GET) - 1) +#define MCDC_GETS "gets " +#define MCDC_GETS_LEN (sizeof(MCDC_GETS) - 1) +#define MCDC_DELETE "delete " +#define MCDC_DELETE_LEN (sizeof(MCDC_DELETE) - 1) +#define MCDC_INCR "incr " +#define MCDC_INCR_LEN (sizeof(MCDC_INCR) - 1) +#define MCDC_DECR "decr " +#define MCDC_DECR_LEN (sizeof(MCDC_DECR) - 1) +#define MCDC_TOUCH "touch " +#define MCDC_TOUCH_LEN (sizeof(MCDC_TOUCH) - 1) +#define MCDC_GAT "gat " +#define MCDC_GAT_LEN (sizeof(MCDC_GAT) - 1) +#define MCDC_GATS "gats " +#define MCDC_GATS_LEN (sizeof(MCDC_GATS) - 1) +#define MCDC_STATS "stats" +#define MCDC_STATS_LEN (sizeof(MCDC_STATS) - 1) + +#define MCDR_ERROR "ERROR\r\n" +#define MCDR_ERROR_LEN (sizeof(MCDR_ERROR) - 1) +#define MCDR_CLIENT_ERROR "CLIENT_ERROR " +#define MCDR_CLIENT_ERROR_LEN (sizeof(MCDR_CLIENT_ERROR) - 1) +#define MCDR_SERVER_ERROR "SERVER_ERROR " +#define MCDR_SERVER_ERROR_LEN (sizeof(MCDR_SERVER_ERROR) - 1) +#define MCDR_STORED "STORED\r\n" +#define MCDR_STORED_LEN (sizeof(MCDR_STORED) - 1) +#define MCDR_NOT_STORED "NOT_STORED\r\n" +#define MCDR_NOT_STORED_LEN (sizeof(MCDR_NOT_STORED) - 1) +#define MCDR_EXISTS "EXISTS\r\n" +#define MCDR_EXISTS_LEN (sizeof(MCDR_EXISTS) - 1) +#define MCDR_NOT_FOUND "NOT_FOUND\r\n" +#define MCDR_NOT_FOUND_LEN (sizeof(MCDR_NOT_FOUND) - 1) +#define MCDR_END "END\r\n" +#define MCDR_END_LEN (sizeof(MCDR_END) - 1) +#define MCDR_DELETED "DELETED\r\n" +#define MCDR_DELETED_LEN (sizeof(MCDR_DELETED) - 1) +#define MCDR_TOUCHED "TOUCHED\r\n" +#define MCDR_TOUCHED_LEN (sizeof(MCDR_TOUCHED) - 1) +#define MCDR_STAT "STAT " +#define MCDR_STAT_LEN (sizeof(MCDR_STAT) - 1) + +#define MEMCACHED_UDP_HDR_LEN 8 +#define MEMCACHED_MIN_LEN MCDR_END_LEN +#define MEMCACHED_MIN_UDP_LEN (MEMCACHED_MIN_LEN + MEMCACHED_UDP_HDR_LEN) + +#define MEMCACHED_MIN_MATCH 2 /* Minimum number of command/responses required */ + +#define MEMCACHED_MATCH(cr) memcmp(offset, cr, cr ## _LEN) + +static void ndpi_int_memcached_add_connection(struct ndpi_detection_module_struct + *ndpi_struct, struct ndpi_flow_struct *flow) +{ + NDPI_LOG_INFO(ndpi_struct, "found memcached\n"); + ndpi_set_detected_protocol(ndpi_struct, flow, + NDPI_PROTOCOL_MEMCACHED, NDPI_PROTOCOL_UNKNOWN); +} + +void ndpi_search_memcached( + struct ndpi_detection_module_struct *ndpi_struct, + struct ndpi_flow_struct *flow) +{ + struct ndpi_packet_struct *packet = &flow->packet; + const u_int8_t *offset = packet->payload; + u_int8_t *matches; + + NDPI_LOG_DBG(ndpi_struct, "search memcached\n"); + + if (packet->tcp != NULL) { + if (packet->payload_packet_len < MEMCACHED_MIN_LEN) { + NDPI_EXCLUDE_PROTO(ndpi_struct, flow); + return; + } + + matches = &flow->l4.tcp.memcached_matches; + } + else if (packet->udp != NULL) { + if (packet->payload_packet_len < MEMCACHED_MIN_UDP_LEN) { + NDPI_EXCLUDE_PROTO(ndpi_struct, flow); + return; + } + + if ((offset[4] == 0x00 && offset[5] == 0x00) || + offset[6] != 0x00 || offset[7] != 0x00) { + NDPI_EXCLUDE_PROTO(ndpi_struct, flow); + return; + } + + offset += MEMCACHED_UDP_HDR_LEN; + matches = &flow->l4.udp.memcached_matches; + } + else { + NDPI_EXCLUDE_PROTO(ndpi_struct, flow); + return; + } + + /* grep MCD memcached.c |\ + * egrep -v '(LEN|MATCH)' |\ + * sed -e 's/^#define //g' |\ + * awk '{ printf "else if (! MEMCACHED_MATCH(%s)) *matches += 1;\n",$1 }' */ + + if (! MEMCACHED_MATCH(MCDC_SET)) *matches += 1; + else if (! MEMCACHED_MATCH(MCDC_ADD)) *matches += 1; + else if (! MEMCACHED_MATCH(MCDC_REPLACE)) *matches += 1; + else if (! MEMCACHED_MATCH(MCDC_APPEND)) *matches += 1; + else if (! MEMCACHED_MATCH(MCDC_PREPEND)) *matches += 1; + else if (! MEMCACHED_MATCH(MCDC_CAS)) *matches += 1; + else if (! MEMCACHED_MATCH(MCDC_GET)) *matches += 1; + else if (! MEMCACHED_MATCH(MCDC_GETS)) *matches += 1; + else if (! MEMCACHED_MATCH(MCDC_DELETE)) *matches += 1; + else if (! MEMCACHED_MATCH(MCDC_INCR)) *matches += 1; + else if (! MEMCACHED_MATCH(MCDC_DECR)) *matches += 1; + else if (! MEMCACHED_MATCH(MCDC_TOUCH)) *matches += 1; + else if (! MEMCACHED_MATCH(MCDC_GAT)) *matches += 1; + else if (! MEMCACHED_MATCH(MCDC_GATS)) *matches += 1; + else if (! MEMCACHED_MATCH(MCDC_STATS)) *matches += 1; + else if (! MEMCACHED_MATCH(MCDR_ERROR)) *matches += 1; + else if (! MEMCACHED_MATCH(MCDR_CLIENT_ERROR)) *matches += 1; + else if (! MEMCACHED_MATCH(MCDR_SERVER_ERROR)) *matches += 1; + else if (! MEMCACHED_MATCH(MCDR_STORED)) *matches += 1; + else if (! MEMCACHED_MATCH(MCDR_NOT_STORED)) *matches += 1; + else if (! MEMCACHED_MATCH(MCDR_EXISTS)) *matches += 1; + else if (! MEMCACHED_MATCH(MCDR_NOT_FOUND)) *matches += 1; + else if (! MEMCACHED_MATCH(MCDR_END)) *matches += 1; + else if (! MEMCACHED_MATCH(MCDR_DELETED)) *matches += 1; + else if (! MEMCACHED_MATCH(MCDR_TOUCHED)) *matches += 1; + else if (! MEMCACHED_MATCH(MCDR_STAT)) *matches += 1; + + if (*matches >= MEMCACHED_MIN_MATCH) + ndpi_int_memcached_add_connection(ndpi_struct, flow); +} + +void init_memcached_dissector( + struct ndpi_detection_module_struct *ndpi_struct, + u_int32_t *id, NDPI_PROTOCOL_BITMASK *detection_bitmask) +{ + ndpi_set_bitmask_protocol_detection("MEMCACHED", + ndpi_struct, detection_bitmask, *id, + NDPI_PROTOCOL_MEMCACHED, + ndpi_search_memcached, + NDPI_SELECTION_BITMASK_PROTOCOL_V4_V6_TCP_OR_UDP_WITH_PAYLOAD, + SAVE_DETECTION_BITMASK_AS_UNKNOWN, + ADD_TO_DETECTION_BITMASK); + + *id += 1; +} diff --git a/tests/pcap/memcached.cap b/tests/pcap/memcached.cap new file mode 100644 index 000000000..3b4c1a425 Binary files /dev/null and b/tests/pcap/memcached.cap differ -- cgit v1.2.3 From f88648fbc845eaf75a74f1c45a9483d144993e29 Mon Sep 17 00:00:00 2001 From: Luca Deri Date: Thu, 16 Aug 2018 12:05:07 +0200 Subject: Tests update --- tests/result/1kxun.pcap.out | 35 ++++++----- tests/result/pps.pcap.out | 113 ++++++++++++++++++------------------ tests/result/quickplay.pcap.out | 24 ++++---- tests/result/whatsappfiles.pcap.out | 4 +- 4 files changed, 87 insertions(+), 89 deletions(-) (limited to 'tests') diff --git a/tests/result/1kxun.pcap.out b/tests/result/1kxun.pcap.out index 260e8c485..5e37a65af 100644 --- a/tests/result/1kxun.pcap.out +++ b/tests/result/1kxun.pcap.out @@ -1,29 +1,28 @@ Unknown 24 6428 14 DNS 2 378 1 -HTTP 105 36430 8 +HTTP 524 220123 9 MDNS 1 82 1 NTP 1 90 1 NetBIOS 31 3589 8 SSDP 143 36951 13 DHCP 24 8208 5 -SMTPS 419 183693 1 QQ 28 5216 2 RTP 2 132 1 SSL 105 21914 7 DHCPV6 10 980 3 Facebook 19 6840 2 Google 3 176 1 +GenericProtocol 433 311919 14 LLMNR 89 6799 47 -1kxun 433 311919 14 - 1 TCP 192.168.115.8:49613 <-> 183.131.48.144:80 [proto: 7.29/HTTP.SMTPS][cat: Email/3][260 pkts/15070 bytes <-> 159 pkts/168623 bytes][Host: 183.131.48.144] - 2 TCP 192.168.115.8:49600 <-> 106.187.35.246:80 [proto: 7.205/HTTP.1kxun][cat: Streaming/17][18 pkts/1722 bytes <-> 51 pkts/61707 bytes][Host: pic.1kxun.com] - 3 TCP 192.168.115.8:49601 <-> 106.187.35.246:80 [proto: 7.205/HTTP.1kxun][cat: Streaming/17][18 pkts/2440 bytes <-> 43 pkts/49237 bytes][Host: pic.1kxun.com] - 4 TCP 192.168.115.8:49602 <-> 106.187.35.246:80 [proto: 7.205/HTTP.1kxun][cat: Streaming/17][24 pkts/2786 bytes <-> 41 pkts/46203 bytes][Host: pic.1kxun.com] - 5 TCP 192.168.115.8:49604 <-> 106.187.35.246:80 [proto: 7.205/HTTP.1kxun][cat: Streaming/17][20 pkts/2564 bytes <-> 38 pkts/43013 bytes][Host: pic.1kxun.com] - 6 TCP 192.168.115.8:49606 <-> 106.185.35.110:80 [proto: 7.205/HTTP.1kxun][cat: Streaming/17][22 pkts/1926 bytes <-> 28 pkts/33821 bytes][Host: jp.kankan.1kxun.mobi] - 7 TCP 192.168.115.8:49599 <-> 106.187.35.246:80 [proto: 7.205/HTTP.1kxun][cat: Streaming/17][16 pkts/1612 bytes <-> 27 pkts/29579 bytes][Host: pic.1kxun.com] - 8 TCP 192.168.115.8:49603 <-> 106.187.35.246:80 [proto: 7.205/HTTP.1kxun][cat: Streaming/17][12 pkts/1396 bytes <-> 22 pkts/24184 bytes][Host: pic.1kxun.com] + 1 TCP 192.168.115.8:49613 <-> 183.131.48.144:80 [proto: 7/HTTP][cat: Web/5][260 pkts/15070 bytes <-> 159 pkts/168623 bytes][Host: 183.131.48.144] + 2 TCP 192.168.115.8:49600 <-> 106.187.35.246:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][18 pkts/1722 bytes <-> 51 pkts/61707 bytes][Host: pic.1kxun.com] + 3 TCP 192.168.115.8:49601 <-> 106.187.35.246:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][18 pkts/2440 bytes <-> 43 pkts/49237 bytes][Host: pic.1kxun.com] + 4 TCP 192.168.115.8:49602 <-> 106.187.35.246:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][24 pkts/2786 bytes <-> 41 pkts/46203 bytes][Host: pic.1kxun.com] + 5 TCP 192.168.115.8:49604 <-> 106.187.35.246:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][20 pkts/2564 bytes <-> 38 pkts/43013 bytes][Host: pic.1kxun.com] + 6 TCP 192.168.115.8:49606 <-> 106.185.35.110:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][22 pkts/1926 bytes <-> 28 pkts/33821 bytes][Host: jp.kankan.1kxun.mobi] + 7 TCP 192.168.115.8:49599 <-> 106.187.35.246:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][16 pkts/1612 bytes <-> 27 pkts/29579 bytes][Host: pic.1kxun.com] + 8 TCP 192.168.115.8:49603 <-> 106.187.35.246:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][12 pkts/1396 bytes <-> 22 pkts/24184 bytes][Host: pic.1kxun.com] 9 TCP 192.168.115.8:49609 <-> 42.120.51.152:8080 [proto: 7/HTTP][cat: Web/5][20 pkts/4716 bytes <-> 13 pkts/7005 bytes][Host: 42.120.51.152] 10 TCP 192.168.5.16:53627 <-> 203.69.81.73:80 [proto: 7/HTTP][cat: Web/5][6 pkts/676 bytes <-> 8 pkts/8822 bytes][Host: dl-obs.official.line.naver.jp] 11 TCP 192.168.5.16:53628 <-> 203.69.81.73:80 [proto: 7/HTTP][cat: Web/5][6 pkts/676 bytes <-> 8 pkts/8482 bytes][Host: dl-obs.official.line.naver.jp] @@ -36,12 +35,12 @@ LLMNR 89 6799 47 18 TCP 192.168.5.16:53623 <-> 192.168.115.75:443 [proto: 91/SSL][cat: Web/5][11 pkts/1959 bytes <-> 8 pkts/1683 bytes][client: 1] 19 TCP 192.168.5.16:53625 <-> 192.168.115.75:443 [proto: 91/SSL][cat: Web/5][11 pkts/1955 bytes <-> 8 pkts/1683 bytes][client: 1] 20 TCP 192.168.5.16:53629 <-> 192.168.115.75:443 [proto: 91/SSL][cat: Web/5][10 pkts/1895 bytes <-> 7 pkts/1623 bytes][client: 1] - 21 TCP 192.168.115.8:49605 <-> 106.185.35.110:80 [proto: 7.205/HTTP.1kxun][cat: Streaming/17][8 pkts/1128 bytes <-> 5 pkts/2282 bytes][Host: jp.kankan.1kxun.mobi] + 21 TCP 192.168.115.8:49605 <-> 106.185.35.110:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][8 pkts/1128 bytes <-> 5 pkts/2282 bytes][Host: jp.kankan.1kxun.mobi] 22 TCP 192.168.5.16:53626 <-> 192.168.115.75:443 [proto: 91/SSL][cat: Web/5][11 pkts/1943 bytes <-> 8 pkts/1267 bytes][client: 1] - 23 TCP 192.168.115.8:49597 <-> 106.185.35.110:80 [proto: 7.205/HTTP.1kxun][cat: Streaming/17][10 pkts/1394 bytes <-> 4 pkts/1464 bytes][Host: jp.kankan.1kxun.mobi] + 23 TCP 192.168.115.8:49597 <-> 106.185.35.110:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][10 pkts/1394 bytes <-> 4 pkts/1464 bytes][Host: jp.kankan.1kxun.mobi] 24 TCP 31.13.87.1:443 <-> 192.168.5.16:53578 [proto: 91.119/SSL.Facebook][5 pkts/1006 bytes <-> 5 pkts/1487 bytes] 25 UDP 192.168.5.57:55809 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][14 pkts/2450 bytes -> 0 pkts/0 bytes] - 26 TCP 192.168.115.8:49598 <-> 222.73.254.167:80 [proto: 7.205/HTTP.1kxun][cat: Streaming/17][10 pkts/1406 bytes <-> 4 pkts/980 bytes][Host: kankan.1kxun.com] + 26 TCP 192.168.115.8:49598 <-> 222.73.254.167:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][10 pkts/1406 bytes <-> 4 pkts/980 bytes][Host: kankan.1kxun.com] 27 TCP 192.168.115.8:49612 <-> 183.131.48.145:80 [proto: 7/HTTP][cat: Web/5][10 pkts/1428 bytes <-> 4 pkts/867 bytes][Host: 183.131.48.145] 28 UDP 192.168.5.44:51389 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][13 pkts/2275 bytes -> 0 pkts/0 bytes] 29 UDP 192.168.3.95:59468 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][12 pkts/2100 bytes -> 0 pkts/0 bytes] @@ -67,12 +66,12 @@ LLMNR 89 6799 47 49 TCP 192.168.115.8:49596 <-> 203.66.182.87:443 [proto: 91/SSL][4 pkts/220 bytes <-> 2 pkts/132 bytes] 50 UDP 192.168.5.9:68 -> 255.255.255.255:67 [proto: 18/DHCP][cat: Network/14][1 pkts/342 bytes -> 0 pkts/0 bytes][Host: joanna-pc] 51 UDP 192.168.5.41:68 -> 255.255.255.255:67 [proto: 18/DHCP][cat: Network/14][1 pkts/342 bytes -> 0 pkts/0 bytes][Host: kevin-pc] - 52 UDP 192.168.115.8:60724 <-> 8.8.8.8:53 [proto: 5.205/DNS.1kxun][cat: Streaming/17][2 pkts/146 bytes <-> 1 pkts/137 bytes][Host: pic.1kxun.com] + 52 UDP 192.168.115.8:60724 <-> 8.8.8.8:53 [proto: 5.137/DNS.GenericProtocol][cat: Streaming/17][2 pkts/146 bytes <-> 1 pkts/137 bytes][Host: pic.1kxun.com] 53 UDP 192.168.0.104:137 -> 192.168.255.255:137 [proto: 10/NetBIOS][cat: System/18][3 pkts/276 bytes -> 0 pkts/0 bytes] - 54 UDP 192.168.115.8:51024 <-> 8.8.8.8:53 [proto: 5.205/DNS.1kxun][cat: Streaming/17][2 pkts/160 bytes <-> 1 pkts/112 bytes][Host: jp.kankan.1kxun.mobi] + 54 UDP 192.168.115.8:51024 <-> 8.8.8.8:53 [proto: 5.137/DNS.GenericProtocol][cat: Streaming/17][2 pkts/160 bytes <-> 1 pkts/112 bytes][Host: jp.kankan.1kxun.mobi] 55 UDP 192.168.115.8:54420 <-> 8.8.8.8:53 [proto: 5.48/DNS.QQ][cat: Chat/9][2 pkts/150 bytes <-> 1 pkts/116 bytes][Host: vv.video.qq.com] - 56 UDP 192.168.115.8:52723 <-> 8.8.8.8:53 [proto: 5.205/DNS.1kxun][cat: Streaming/17][2 pkts/152 bytes <-> 1 pkts/108 bytes][Host: kankan.1kxun.com] - 57 UDP 192.168.115.8:52723 <-> 168.95.1.1:53 [proto: 5.205/DNS.1kxun][cat: Streaming/17][2 pkts/152 bytes <-> 1 pkts/108 bytes][Host: kankan.1kxun.com] + 56 UDP 192.168.115.8:52723 <-> 8.8.8.8:53 [proto: 5.137/DNS.GenericProtocol][cat: Streaming/17][2 pkts/152 bytes <-> 1 pkts/108 bytes][Host: kankan.1kxun.com] + 57 UDP 192.168.115.8:52723 <-> 168.95.1.1:53 [proto: 5.137/DNS.GenericProtocol][cat: Streaming/17][2 pkts/152 bytes <-> 1 pkts/108 bytes][Host: kankan.1kxun.com] 58 UDP 192.168.115.8:51458 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][4 pkts/256 bytes -> 0 pkts/0 bytes][Host: wpad] 59 TCP 192.168.5.16:53613 -> 68.233.253.133:80 [proto: 7/HTTP][3 pkts/198 bytes -> 0 pkts/0 bytes] 60 UDP [fe80::9bd:81dd:2fdc:5750]:61548 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/190 bytes -> 0 pkts/0 bytes][Host: caesar-thinkpad] diff --git a/tests/result/pps.pcap.out b/tests/result/pps.pcap.out index 225e6b886..5b3c3e7ce 100644 --- a/tests/result/pps.pcap.out +++ b/tests/result/pps.pcap.out @@ -1,82 +1,81 @@ Unknown 990 378832 34 -HTTP 20 7716 10 -SSDP 62 17013 9 -HTTP_Download 23 25892 1 +HTTP 47 42014 11 +SSDP 63 17143 10 +HTTP_Download 26 27222 2 Google 2 1093 1 -UPnP 1 130 1 -iQIYI 1459 1815935 51 +GenericProtocol 1429 1780307 49 - 1 TCP 192.168.115.8:50780 <-> 223.26.106.20:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][1 pkts/303 bytes <-> 541 pkts/710082 bytes][Host: preimage1.qiyipic.com] - 2 TCP 192.168.115.8:50778 <-> 223.26.106.20:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][1 pkts/303 bytes <-> 528 pkts/692658 bytes][Host: preimage1.qiyipic.com] - 3 TCP 192.168.115.8:50505 <-> 223.26.106.19:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][2 pkts/400 bytes <-> 244 pkts/319633 bytes][Host: static.qiyi.com] - 4 TCP 192.168.115.8:50491 <-> 223.26.106.66:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][1 pkts/426 bytes <-> 26 pkts/33872 bytes][Host: 223.26.106.66] + 1 TCP 192.168.115.8:50780 <-> 223.26.106.20:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/303 bytes <-> 541 pkts/710082 bytes][Host: preimage1.qiyipic.com] + 2 TCP 192.168.115.8:50778 <-> 223.26.106.20:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/303 bytes <-> 528 pkts/692658 bytes][Host: preimage1.qiyipic.com] + 3 TCP 192.168.115.8:50505 <-> 223.26.106.19:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][2 pkts/400 bytes <-> 244 pkts/319633 bytes][Host: static.qiyi.com] + 4 TCP 192.168.115.8:50491 <-> 223.26.106.66:80 [proto: 7/HTTP][cat: Web/5][1 pkts/426 bytes <-> 26 pkts/33872 bytes][Host: 223.26.106.66] 5 TCP 192.168.115.8:50486 <-> 77.234.40.96:80 [proto: 7.60/HTTP.HTTP_Download][cat: Download-FileTransfer-FileSharing/7][11 pkts/11023 bytes <-> 12 pkts/14869 bytes][Host: bcu.ff.avast.com] 6 UDP 192.168.5.38:1900 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][18 pkts/9327 bytes -> 0 pkts/0 bytes] - 7 TCP 192.168.115.8:50476 <-> 101.227.32.39:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][1 pkts/656 bytes <-> 4 pkts/3897 bytes][Host: cache.video.iqiyi.com] - 8 TCP 192.168.115.8:50495 <-> 202.108.14.236:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][3 pkts/2844 bytes <-> 3 pkts/597 bytes][Host: msg.71.am] + 7 TCP 192.168.115.8:50476 <-> 101.227.32.39:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/656 bytes <-> 4 pkts/3897 bytes][Host: cache.video.iqiyi.com] + 8 TCP 192.168.115.8:50495 <-> 202.108.14.236:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][3 pkts/2844 bytes <-> 3 pkts/597 bytes][Host: msg.71.am] 9 TCP 77.234.41.35:80 <-> 192.168.115.8:49174 [proto: 7/HTTP][cat: Web/5][4 pkts/2953 bytes <-> 1 pkts/356 bytes] - 10 TCP 192.168.115.8:50767 <-> 223.26.106.20:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][4 pkts/800 bytes <-> 4 pkts/2112 bytes][Host: static.qiyi.com] - 11 TCP 192.168.115.8:50488 <-> 223.26.106.20:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][1 pkts/311 bytes <-> 2 pkts/2035 bytes][Host: meta.video.qiyi.com] - 12 TCP 192.168.115.8:50471 <-> 202.108.14.236:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][2 pkts/1898 bytes <-> 2 pkts/398 bytes][Host: msg.71.am] - 13 TCP 192.168.115.8:50501 <-> 202.108.14.236:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][2 pkts/1893 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] - 14 TCP 192.168.115.8:50463 <-> 101.227.200.11:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][2 pkts/1555 bytes <-> 1 pkts/306 bytes][Host: api.cupid.iqiyi.com] - 15 TCP 192.168.115.8:50496 <-> 101.227.200.11:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][2 pkts/1555 bytes <-> 1 pkts/306 bytes][Host: api.cupid.iqiyi.com] - 16 TCP 192.168.115.8:50779 <-> 111.206.22.77:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][2 pkts/1438 bytes <-> 1 pkts/194 bytes][Host: msg.iqiyi.com] + 10 TCP 192.168.115.8:50767 <-> 223.26.106.20:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][4 pkts/800 bytes <-> 4 pkts/2112 bytes][Host: static.qiyi.com] + 11 TCP 192.168.115.8:50488 <-> 223.26.106.20:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/311 bytes <-> 2 pkts/2035 bytes][Host: meta.video.qiyi.com] + 12 TCP 192.168.115.8:50471 <-> 202.108.14.236:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][2 pkts/1898 bytes <-> 2 pkts/398 bytes][Host: msg.71.am] + 13 TCP 192.168.115.8:50501 <-> 202.108.14.236:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][2 pkts/1893 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] + 14 TCP 192.168.115.8:50463 <-> 101.227.200.11:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][2 pkts/1555 bytes <-> 1 pkts/306 bytes][Host: api.cupid.iqiyi.com] + 15 TCP 192.168.115.8:50496 <-> 101.227.200.11:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][2 pkts/1555 bytes <-> 1 pkts/306 bytes][Host: api.cupid.iqiyi.com] + 16 TCP 192.168.115.8:50779 <-> 111.206.22.77:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][2 pkts/1438 bytes <-> 1 pkts/194 bytes][Host: msg.iqiyi.com] 17 UDP 192.168.5.38:58897 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][9 pkts/1575 bytes -> 0 pkts/0 bytes] 18 UDP 192.168.115.1:50945 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][9 pkts/1539 bytes -> 0 pkts/0 bytes] - 19 TCP 192.168.115.8:50464 <-> 123.125.112.49:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][1 pkts/707 bytes <-> 1 pkts/744 bytes][Host: click.hm.baidu.com] - 20 TCP 192.168.115.8:50492 <-> 111.206.13.3:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][1 pkts/389 bytes <-> 2 pkts/1034 bytes][Host: pdata.video.qiyi.com] - 21 TCP 192.168.115.8:50777 <-> 111.206.22.77:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][1 pkts/1186 bytes <-> 1 pkts/194 bytes][Host: msg.iqiyi.com] - 22 TCP 192.168.115.8:50494 <-> 223.26.106.66:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][2 pkts/887 bytes <-> 1 pkts/443 bytes][Host: 223.26.106.66] - 23 TCP 192.168.115.8:50497 <-> 123.125.112.49:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][1 pkts/1004 bytes <-> 2 pkts/301 bytes][Host: click.hm.baidu.com] - 24 TCP 192.168.115.8:50499 <-> 111.206.22.76:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][1 pkts/1097 bytes <-> 1 pkts/199 bytes][Host: msg.iqiyi.com] - 25 TCP 192.168.115.8:50474 <-> 202.108.14.221:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][1 pkts/1100 bytes <-> 1 pkts/194 bytes][Host: msg.iqiyi.com] - 26 TCP 192.168.115.8:50507 <-> 223.26.106.19:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][1 pkts/212 bytes <-> 1 pkts/1063 bytes][Host: static.qiyi.com] - 27 TCP 192.168.115.8:50485 <-> 202.108.14.236:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][1 pkts/947 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] - 28 TCP 192.168.115.8:50502 <-> 202.108.14.236:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][1 pkts/947 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] - 29 TCP 192.168.115.8:50493 <-> 202.108.14.236:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][1 pkts/946 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] - 30 TCP 192.168.115.8:50771 <-> 202.108.14.236:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][1 pkts/946 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] - 31 TCP 192.168.115.8:50473 <-> 202.108.14.219:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][1 pkts/944 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] - 32 TCP 192.168.115.8:50475 <-> 202.108.14.236:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][1 pkts/941 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] + 19 TCP 192.168.115.8:50464 <-> 123.125.112.49:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/707 bytes <-> 1 pkts/744 bytes][Host: click.hm.baidu.com] + 20 TCP 192.168.115.8:50492 <-> 111.206.13.3:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/389 bytes <-> 2 pkts/1034 bytes][Host: pdata.video.qiyi.com] + 21 TCP 192.168.115.8:50777 <-> 111.206.22.77:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/1186 bytes <-> 1 pkts/194 bytes][Host: msg.iqiyi.com] + 22 TCP 192.168.115.8:50494 <-> 223.26.106.66:80 [proto: 7.60/HTTP.HTTP_Download][cat: Download-FileTransfer-FileSharing/7][2 pkts/887 bytes <-> 1 pkts/443 bytes][Host: 223.26.106.66] + 23 TCP 192.168.115.8:50497 <-> 123.125.112.49:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/1004 bytes <-> 2 pkts/301 bytes][Host: click.hm.baidu.com] + 24 TCP 192.168.115.8:50499 <-> 111.206.22.76:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/1097 bytes <-> 1 pkts/199 bytes][Host: msg.iqiyi.com] + 25 TCP 192.168.115.8:50474 <-> 202.108.14.221:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/1100 bytes <-> 1 pkts/194 bytes][Host: msg.iqiyi.com] + 26 TCP 192.168.115.8:50507 <-> 223.26.106.19:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/212 bytes <-> 1 pkts/1063 bytes][Host: static.qiyi.com] + 27 TCP 192.168.115.8:50485 <-> 202.108.14.236:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/947 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] + 28 TCP 192.168.115.8:50502 <-> 202.108.14.236:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/947 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] + 29 TCP 192.168.115.8:50493 <-> 202.108.14.236:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/946 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] + 30 TCP 192.168.115.8:50771 <-> 202.108.14.236:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/946 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] + 31 TCP 192.168.115.8:50473 <-> 202.108.14.219:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/944 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] + 32 TCP 192.168.115.8:50475 <-> 202.108.14.236:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/941 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] 33 TCP 192.168.115.8:50500 <-> 23.41.133.163:80 [proto: 7/HTTP][cat: Web/5][1 pkts/289 bytes <-> 1 pkts/839 bytes][Host: s1.symcb.com] - 34 TCP 192.168.115.8:50773 <-> 202.108.14.221:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][1 pkts/919 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] + 34 TCP 192.168.115.8:50773 <-> 202.108.14.221:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/919 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] 35 TCP 192.168.115.8:50466 <-> 203.66.182.24:80 [proto: 7.126/HTTP.Google][cat: Web/5][1 pkts/280 bytes <-> 1 pkts/813 bytes][Host: clients1.google.com] 36 UDP 192.168.5.50:52529 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][6 pkts/1074 bytes -> 0 pkts/0 bytes] 37 UDP 192.168.5.28:60023 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][6 pkts/1050 bytes -> 0 pkts/0 bytes] 38 UDP 192.168.5.57:59648 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][6 pkts/1050 bytes -> 0 pkts/0 bytes] - 39 TCP 192.168.115.8:50504 -> 202.108.14.236:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][1 pkts/946 bytes -> 0 pkts/0 bytes][Host: msg.71.am] - 40 TCP 192.168.115.8:50769 <-> 101.227.200.11:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][1 pkts/604 bytes <-> 1 pkts/291 bytes][Host: api.cupid.iqiyi.com] - 41 TCP 192.168.115.8:50498 <-> 36.110.220.15:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][1 pkts/694 bytes <-> 1 pkts/199 bytes][Host: msg.video.qiyi.com] - 42 TCP 192.168.115.8:50503 <-> 202.108.14.219:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][1 pkts/683 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] + 39 TCP 192.168.115.8:50504 -> 202.108.14.236:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/946 bytes -> 0 pkts/0 bytes][Host: msg.71.am] + 40 TCP 192.168.115.8:50769 <-> 101.227.200.11:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/604 bytes <-> 1 pkts/291 bytes][Host: api.cupid.iqiyi.com] + 41 TCP 192.168.115.8:50498 <-> 36.110.220.15:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/694 bytes <-> 1 pkts/199 bytes][Host: msg.video.qiyi.com] + 42 TCP 192.168.115.8:50503 <-> 202.108.14.219:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/683 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] 43 UDP 192.168.5.41:50374 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][5 pkts/875 bytes -> 0 pkts/0 bytes] - 44 TCP 192.168.115.8:50490 <-> 119.188.13.188:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][1 pkts/357 bytes <-> 1 pkts/479 bytes][Host: pdata.video.qiyi.com] - 45 TCP 192.168.115.8:50467 <-> 202.108.14.219:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][1 pkts/629 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] - 46 TCP 192.168.115.8:50484 <-> 202.108.14.219:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][1 pkts/622 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] - 47 TCP 192.168.115.8:50477 <-> 202.108.14.219:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][1 pkts/614 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] - 48 TCP 192.168.115.8:50774 <-> 202.108.14.219:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][1 pkts/587 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] - 49 TCP 192.168.115.8:50469 <-> 202.108.14.219:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][1 pkts/573 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] + 44 TCP 192.168.115.8:50490 <-> 119.188.13.188:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/357 bytes <-> 1 pkts/479 bytes][Host: pdata.video.qiyi.com] + 45 TCP 192.168.115.8:50467 <-> 202.108.14.219:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/629 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] + 46 TCP 192.168.115.8:50484 <-> 202.108.14.219:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/622 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] + 47 TCP 192.168.115.8:50477 <-> 202.108.14.219:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/614 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] + 48 TCP 192.168.115.8:50774 <-> 202.108.14.219:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/587 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] + 49 TCP 192.168.115.8:50469 <-> 202.108.14.219:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/573 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] 50 TCP 192.168.115.8:50482 <-> 140.205.243.64:80 [proto: 7/HTTP][cat: Web/5][1 pkts/444 bytes <-> 1 pkts/283 bytes][Host: cmc.tanx.com] - 51 TCP 192.168.115.8:50768 <-> 223.26.106.19:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][1 pkts/198 bytes <-> 1 pkts/526 bytes][Host: static.qiyi.com] + 51 TCP 192.168.115.8:50768 <-> 223.26.106.19:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/198 bytes <-> 1 pkts/526 bytes][Host: static.qiyi.com] 52 TCP 192.168.5.15:65128 <-> 68.233.253.133:80 [proto: 7/HTTP][cat: Web/5][1 pkts/331 bytes <-> 1 pkts/390 bytes][Host: api.magicansoft.com] - 53 TCP 192.168.115.8:50509 <-> 106.38.219.107:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][1 pkts/163 bytes <-> 2 pkts/557 bytes][Host: iplocation.geo.qiyi.com] + 53 TCP 192.168.115.8:50509 <-> 106.38.219.107:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/163 bytes <-> 2 pkts/557 bytes][Host: iplocation.geo.qiyi.com] 54 TCP 192.168.5.15:65127 <-> 68.233.253.133:80 [proto: 7/HTTP][cat: Web/5][1 pkts/323 bytes <-> 1 pkts/390 bytes][Host: api.magicansoft.com] - 55 TCP 192.168.115.8:50766 <-> 223.26.106.20:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][1 pkts/198 bytes <-> 1 pkts/493 bytes][Host: static.qiyi.com] - 56 TCP 192.168.115.8:50487 -> 202.108.14.219:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][1 pkts/683 bytes -> 0 pkts/0 bytes][Host: msg.71.am] - 57 TCP 192.168.115.8:50489 <-> 119.188.13.188:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][1 pkts/253 bytes <-> 1 pkts/430 bytes][Host: pdata.video.qiyi.com] - 58 TCP 192.168.115.8:50772 <-> 123.125.111.70:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][1 pkts/399 bytes <-> 1 pkts/275 bytes][Host: nl.rcd.iqiyi.com] - 59 TCP 192.168.115.8:50775 <-> 123.125.111.70:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][1 pkts/399 bytes <-> 1 pkts/275 bytes][Host: nl.rcd.iqiyi.com] - 60 TCP 192.168.115.8:50470 <-> 202.108.14.236:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][1 pkts/424 bytes <-> 1 pkts/194 bytes][Host: msg.iqiyi.com] - 61 TCP 192.168.115.8:50508 <-> 223.26.106.19:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][1 pkts/198 bytes <-> 1 pkts/420 bytes][Host: static.qiyi.com] - 62 TCP 192.168.115.8:50483 <-> 202.108.14.219:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][1 pkts/417 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] - 63 TCP 192.168.115.8:50776 <-> 111.206.22.77:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][1 pkts/394 bytes <-> 1 pkts/194 bytes][Host: msg.iqiyi.com] - 64 TCP 192.168.115.8:50765 <-> 36.110.220.15:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][1 pkts/264 bytes <-> 1 pkts/199 bytes][Host: msg.video.qiyi.com] + 55 TCP 192.168.115.8:50766 <-> 223.26.106.20:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/198 bytes <-> 1 pkts/493 bytes][Host: static.qiyi.com] + 56 TCP 192.168.115.8:50487 -> 202.108.14.219:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/683 bytes -> 0 pkts/0 bytes][Host: msg.71.am] + 57 TCP 192.168.115.8:50489 <-> 119.188.13.188:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/253 bytes <-> 1 pkts/430 bytes][Host: pdata.video.qiyi.com] + 58 TCP 192.168.115.8:50772 <-> 123.125.111.70:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/399 bytes <-> 1 pkts/275 bytes][Host: nl.rcd.iqiyi.com] + 59 TCP 192.168.115.8:50775 <-> 123.125.111.70:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/399 bytes <-> 1 pkts/275 bytes][Host: nl.rcd.iqiyi.com] + 60 TCP 192.168.115.8:50470 <-> 202.108.14.236:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/424 bytes <-> 1 pkts/194 bytes][Host: msg.iqiyi.com] + 61 TCP 192.168.115.8:50508 <-> 223.26.106.19:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/198 bytes <-> 1 pkts/420 bytes][Host: static.qiyi.com] + 62 TCP 192.168.115.8:50483 <-> 202.108.14.219:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/417 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] + 63 TCP 192.168.115.8:50776 <-> 111.206.22.77:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/394 bytes <-> 1 pkts/194 bytes][Host: msg.iqiyi.com] + 64 TCP 192.168.115.8:50765 <-> 36.110.220.15:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/264 bytes <-> 1 pkts/199 bytes][Host: msg.video.qiyi.com] 65 TCP 202.108.14.219:80 -> 192.168.115.8:50295 [proto: 7/HTTP][cat: Web/5][2 pkts/398 bytes -> 0 pkts/0 bytes] 66 UDP 192.168.5.48:63930 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][2 pkts/358 bytes -> 0 pkts/0 bytes] 67 TCP 117.79.81.135:80 -> 192.168.115.8:50443 [proto: 7/HTTP][cat: Web/5][1 pkts/347 bytes -> 0 pkts/0 bytes] - 68 TCP 192.168.115.8:50781 -> 223.26.106.20:80 [proto: 7.206/HTTP.iQIYI][cat: Streaming/17][1 pkts/303 bytes -> 0 pkts/0 bytes][Host: preimage1.qiyipic.com] + 68 TCP 192.168.115.8:50781 -> 223.26.106.20:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/303 bytes -> 0 pkts/0 bytes][Host: preimage1.qiyipic.com] 69 TCP 202.108.14.219:80 -> 192.168.115.8:50506 [proto: 7/HTTP][cat: Web/5][1 pkts/199 bytes -> 0 pkts/0 bytes] 70 UDP 192.168.5.63:60976 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][1 pkts/165 bytes -> 0 pkts/0 bytes] - 71 UDP 192.168.5.63:39383 -> 239.255.255.250:1900 [proto: 153/UPnP][1 pkts/130 bytes -> 0 pkts/0 bytes] + 71 UDP 192.168.5.63:39383 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][1 pkts/130 bytes -> 0 pkts/0 bytes] 72 TCP 192.168.115.8:50462 -> 202.108.14.236:80 [proto: 7/HTTP][2 pkts/108 bytes -> 0 pkts/0 bytes] 73 TCP 192.168.5.15:65125 -> 68.233.253.133:80 [proto: 7/HTTP][1 pkts/66 bytes -> 0 pkts/0 bytes] diff --git a/tests/result/quickplay.pcap.out b/tests/result/quickplay.pcap.out index 6dba3077e..c510958eb 100644 --- a/tests/result/quickplay.pcap.out +++ b/tests/result/quickplay.pcap.out @@ -1,19 +1,19 @@ QQ 12 4781 5 Facebook 6 1740 3 Google 2 378 1 +GenericProtocol 133 96179 11 Amazon 2 1469 1 -QuickPlay 133 96179 11 - 1 TCP 10.54.169.250:52009 <-> 120.28.35.40:80 [proto: 7.196/HTTP.QuickPlay][cat: Streaming/17][35 pkts/17902 bytes <-> 30 pkts/28000 bytes][Host: vod-singtelhawk.quickplay.com] - 2 TCP 10.54.169.250:52019 <-> 120.28.35.40:80 [proto: 7.196/HTTP.QuickPlay][cat: Streaming/17][14 pkts/7028 bytes <-> 11 pkts/12578 bytes][Host: vod-singtelhawk.quickplay.com] - 3 TCP 10.54.169.250:52017 <-> 120.28.35.40:80 [proto: 7.196/HTTP.QuickPlay][cat: Streaming/17][5 pkts/2510 bytes <-> 3 pkts/3522 bytes][Host: vod-singtelhawk.quickplay.com] - 4 TCP 10.54.169.250:52018 <-> 120.28.35.40:80 [proto: 7.196/HTTP.QuickPlay][cat: Streaming/17][4 pkts/2008 bytes <-> 3 pkts/3040 bytes][Host: vod-singtelhawk.quickplay.com] - 5 TCP 10.54.169.250:52022 <-> 120.28.35.40:80 [proto: 7.196/HTTP.QuickPlay][cat: Streaming/17][4 pkts/2008 bytes <-> 3 pkts/2276 bytes][Host: vod-singtelhawk.quickplay.com] - 6 TCP 10.54.169.250:50669 <-> 120.28.35.41:80 [proto: 7.196/HTTP.QuickPlay][cat: Streaming/17][2 pkts/844 bytes <-> 2 pkts/2836 bytes][Host: api-singtelhawk.quickplay.com] - 7 TCP 10.54.169.250:50668 <-> 120.28.35.41:80 [proto: 7.196/HTTP.QuickPlay][cat: Streaming/17][2 pkts/733 bytes <-> 2 pkts/2627 bytes][Host: api-singtelhawk.quickplay.com] - 8 TCP 10.54.169.250:52021 <-> 120.28.35.40:80 [proto: 7.196/HTTP.QuickPlay][cat: Streaming/17][3 pkts/1506 bytes <-> 1 pkts/1248 bytes][Host: vod-singtelhawk.quickplay.com] - 9 TCP 10.54.169.250:52007 <-> 120.28.35.40:80 [proto: 7.196/HTTP.QuickPlay][cat: Streaming/17][3 pkts/1583 bytes <-> 1 pkts/1152 bytes][Host: vod-singtelhawk.quickplay.com] - 10 TCP 10.54.169.250:44256 <-> 120.28.5.41:80 [proto: 7.196/HTTP.QuickPlay][cat: Streaming/17][2 pkts/1086 bytes <-> 1 pkts/1225 bytes][Host: play-singtelhawk.quickplay.com] + 1 TCP 10.54.169.250:52009 <-> 120.28.35.40:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][35 pkts/17902 bytes <-> 30 pkts/28000 bytes][Host: vod-singtelhawk.quickplay.com] + 2 TCP 10.54.169.250:52019 <-> 120.28.35.40:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][14 pkts/7028 bytes <-> 11 pkts/12578 bytes][Host: vod-singtelhawk.quickplay.com] + 3 TCP 10.54.169.250:52017 <-> 120.28.35.40:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][5 pkts/2510 bytes <-> 3 pkts/3522 bytes][Host: vod-singtelhawk.quickplay.com] + 4 TCP 10.54.169.250:52018 <-> 120.28.35.40:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][4 pkts/2008 bytes <-> 3 pkts/3040 bytes][Host: vod-singtelhawk.quickplay.com] + 5 TCP 10.54.169.250:52022 <-> 120.28.35.40:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][4 pkts/2008 bytes <-> 3 pkts/2276 bytes][Host: vod-singtelhawk.quickplay.com] + 6 TCP 10.54.169.250:50669 <-> 120.28.35.41:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][2 pkts/844 bytes <-> 2 pkts/2836 bytes][Host: api-singtelhawk.quickplay.com] + 7 TCP 10.54.169.250:50668 <-> 120.28.35.41:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][2 pkts/733 bytes <-> 2 pkts/2627 bytes][Host: api-singtelhawk.quickplay.com] + 8 TCP 10.54.169.250:52021 <-> 120.28.35.40:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][3 pkts/1506 bytes <-> 1 pkts/1248 bytes][Host: vod-singtelhawk.quickplay.com] + 9 TCP 10.54.169.250:52007 <-> 120.28.35.40:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][3 pkts/1583 bytes <-> 1 pkts/1152 bytes][Host: vod-singtelhawk.quickplay.com] + 10 TCP 10.54.169.250:44256 <-> 120.28.5.41:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][2 pkts/1086 bytes <-> 1 pkts/1225 bytes][Host: play-singtelhawk.quickplay.com] 11 TCP 10.54.169.250:56381 <-> 54.179.140.65:80 [proto: 7.178/HTTP.Amazon][cat: Web/5][1 pkts/638 bytes <-> 1 pkts/831 bytes][Host: api.account.xiaomi.com] 12 TCP 10.54.169.250:54883 <-> 203.205.151.160:80 [proto: 7.48/HTTP.QQ][cat: Chat/9][2 pkts/1192 bytes <-> 1 pkts/145 bytes][Host: hkextshort.weixin.qq.com] 13 TCP 10.54.169.250:54885 <-> 203.205.151.160:80 [proto: 7.48/HTTP.QQ][cat: Chat/9][1 pkts/461 bytes <-> 2 pkts/522 bytes][Host: hkextshort.weixin.qq.com] @@ -23,5 +23,5 @@ QuickPlay 133 96179 11 17 TCP 10.54.169.250:52285 <-> 173.252.74.22:80 [proto: 7.119/HTTP.Facebook][cat: SocialNetwork/6][1 pkts/243 bytes <-> 1 pkts/339 bytes][Host: www.facebook.com] 18 TCP 10.54.169.250:52288 <-> 173.252.74.22:80 [proto: 7.119/HTTP.Facebook][cat: SocialNetwork/6][1 pkts/243 bytes <-> 1 pkts/339 bytes][Host: www.facebook.com] 19 TCP 10.54.169.250:44793 <-> 31.13.68.49:80 [proto: 7.119/HTTP.Facebook][cat: SocialNetwork/6][1 pkts/237 bytes <-> 1 pkts/339 bytes][Host: www.facebook.com] - 20 TCP 10.54.169.250:33064 <-> 120.28.5.18:80 [proto: 7.196/HTTP.QuickPlay][cat: Streaming/17][1 pkts/358 bytes <-> 1 pkts/109 bytes][Host: api-singtelhawk.quickplay.com] + 20 TCP 10.54.169.250:33064 <-> 120.28.5.18:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/358 bytes <-> 1 pkts/109 bytes][Host: api-singtelhawk.quickplay.com] 21 TCP 10.54.169.250:33277 <-> 120.28.26.231:80 [proto: 7.126/HTTP.Google][cat: Web/5][1 pkts/241 bytes <-> 1 pkts/137 bytes][Host: clients3.google.com] diff --git a/tests/result/whatsappfiles.pcap.out b/tests/result/whatsappfiles.pcap.out index 6feb99217..e6e8f0fa7 100644 --- a/tests/result/whatsappfiles.pcap.out +++ b/tests/result/whatsappfiles.pcap.out @@ -1,4 +1,4 @@ WhatsAppFiles 620 452233 2 - 1 TCP 192.168.2.29:49698 <-> 185.60.216.53:443 [proto: 91.242/SSL.WhatsAppFiles][cat: Download-FileTransfer-FileSharing/7][132 pkts/9906 bytes <-> 178 pkts/237405 bytes][client: mmg-fna.whatsapp.net] - 2 TCP 192.168.2.29:49674 <-> 185.60.216.53:443 [proto: 91.242/SSL.WhatsAppFiles][cat: Download-FileTransfer-FileSharing/7][161 pkts/189194 bytes <-> 149 pkts/15728 bytes][client: mmg-fna.whatsapp.net][server: *.whatsapp.net] + 1 TCP 192.168.2.29:49698 <-> 185.60.216.53:443 [proto: 242/WhatsAppFiles][cat: Download-FileTransfer-FileSharing/7][132 pkts/9906 bytes <-> 178 pkts/237405 bytes] + 2 TCP 192.168.2.29:49674 <-> 185.60.216.53:443 [proto: 242/WhatsAppFiles][cat: Download-FileTransfer-FileSharing/7][161 pkts/189194 bytes <-> 149 pkts/15728 bytes] -- cgit v1.2.3 From 01bf295a19c19dc4f521ee40f0c478c794e1b5e4 Mon Sep 17 00:00:00 2001 From: Luca Deri Date: Thu, 16 Aug 2018 14:57:44 +0200 Subject: Completed custom category implementation --- example/ndpiReader.c | 81 +++++++++++++++++---------- src/include/ndpi_api.h | 6 ++ src/include/ndpi_main.h | 60 ++++++++++++++------ src/include/ndpi_typedefs.h | 9 ++- src/lib/Makefile | 2 +- src/lib/ndpi_main.c | 108 +++++++++++++++++++++++++----------- src/lib/protocols/dns.c | 8 ++- src/lib/protocols/fbzero.c | 4 +- src/lib/protocols/http.c | 27 ++++++--- src/lib/protocols/quic.c | 2 + src/lib/protocols/ssl.c | 67 +++++++++++----------- tests/result/pps.pcap.out | 4 +- tests/result/webex.pcap.out | 58 +++++++++---------- tests/result/whatsappfiles.pcap.out | 4 +- 14 files changed, 283 insertions(+), 157 deletions(-) (limited to 'tests') diff --git a/example/ndpiReader.c b/example/ndpiReader.c index 39748cd90..faa453ee2 100644 --- a/example/ndpiReader.c +++ b/example/ndpiReader.c @@ -111,7 +111,6 @@ struct flow_info { static struct flow_info *all_flows; - struct info_pair { u_int32_t addr; u_int8_t version; /* IP version */ @@ -135,16 +134,15 @@ struct port_stats { u_int32_t cumulative_addr; /*cumulative some of IP addresses */ addr_node *addr_tree; /* tree of distinct IP addresses */ struct info_pair top_ip_addrs[MAX_NUM_IP_ADDRESS]; - u_int8_t hasTopHost; /* as boolean flag*/ - u_int32_t top_host; /*host that is contributed to > 95% of traffic*/ - u_int8_t version; /* top host's ip version */ - char proto[16]; /*application level protocol of top host */ - UT_hash_handle hh; /* makes this structure hashable */ + u_int8_t hasTopHost; /* as boolean flag */ + u_int32_t top_host; /* host that is contributed to > 95% of traffic */ + u_int8_t version; /* top host's ip version */ + char proto[16]; /* application level protocol of top host */ + UT_hash_handle hh; /* makes this structure hashable */ }; struct port_stats *srcStats = NULL, *dstStats = NULL; - // struct to hold count of flows received by destination ports struct port_flow_info { u_int32_t port; /* key */ @@ -349,6 +347,8 @@ struct ndpi_proto_sorter { char name[16]; }; +/* ********************************** */ + int cmpProto(const void *_a, const void *_b) { struct ndpi_proto_sorter *a = (struct ndpi_proto_sorter*)_a; struct ndpi_proto_sorter *b = (struct ndpi_proto_sorter*)_b; @@ -356,6 +356,8 @@ int cmpProto(const void *_a, const void *_b) { return(strcmp(a->name, b->name)); } +/* ********************************** */ + int cmpFlows(const void *_a, const void *_b) { struct ndpi_flow_info *fa = ((struct flow_info*)_a)->flow; struct ndpi_flow_info *fb = ((struct flow_info*)_b)->flow; @@ -375,6 +377,8 @@ int cmpFlows(const void *_a, const void *_b) { return(0); } +/* ********************************** */ + void extcap_config() { int i, argidx = 0; struct ndpi_proto_sorter *protos; @@ -656,12 +660,12 @@ static void parseOptions(int argc, char **argv) { #endif } +/* ********************************** */ /** * @brief From IPPROTO to string NAME */ static char* ipProto2Name(u_int16_t proto_id) { - static char proto[8]; switch(proto_id) { @@ -689,12 +693,12 @@ static char* ipProto2Name(u_int16_t proto_id) { return(proto); } +/* ********************************** */ /** * @brief A faster replacement for inet_ntoa(). */ char* intoaV4(u_int32_t addr, char* buf, u_int16_t bufLen) { - char *cp, *retStr; uint byte; int n; @@ -723,6 +727,8 @@ char* intoaV4(u_int32_t addr, char* buf, u_int16_t bufLen) { return(retStr); } +/* ********************************** */ + /** * @brief Print the flow */ @@ -792,16 +798,20 @@ static void printFlow(u_int16_t id, struct ndpi_flow_info *flow, u_int16_t threa json_object_object_add(jObj,"host_b.port",json_object_new_int(ntohs(flow->dst_port))); if(flow->detected_protocol.master_protocol) - json_object_object_add(jObj,"detected.master_protocol",json_object_new_int(flow->detected_protocol.master_protocol)); + json_object_object_add(jObj,"detected.master_protocol", + json_object_new_int(flow->detected_protocol.master_protocol)); - json_object_object_add(jObj,"detected.app_protocol",json_object_new_int(flow->detected_protocol.app_protocol)); + json_object_object_add(jObj,"detected.app_protocol", + json_object_new_int(flow->detected_protocol.app_protocol)); if(flow->detected_protocol.master_protocol) { char tmp[256]; snprintf(tmp, sizeof(tmp), "%s.%s", - ndpi_get_proto_name(ndpi_thread_info[thread_id].workflow->ndpi_struct, flow->detected_protocol.master_protocol), - ndpi_get_proto_name(ndpi_thread_info[thread_id].workflow->ndpi_struct, flow->detected_protocol.app_protocol)); + ndpi_get_proto_name(ndpi_thread_info[thread_id].workflow->ndpi_struct, + flow->detected_protocol.master_protocol), + ndpi_get_proto_name(ndpi_thread_info[thread_id].workflow->ndpi_struct, + flow->detected_protocol.app_protocol)); json_object_object_add(jObj,"detected.protocol.name", json_object_new_string(tmp)); @@ -836,12 +846,13 @@ static void printFlow(u_int16_t id, struct ndpi_flow_info *flow, u_int16_t threa } } +/* ********************************** */ /** * @brief Unknown Proto Walker */ -static void node_print_unknown_proto_walker(const void *node, ndpi_VISIT which, int depth, void *user_data) { - +static void node_print_unknown_proto_walker(const void *node, + ndpi_VISIT which, int depth, void *user_data) { struct ndpi_flow_info *flow = *(struct ndpi_flow_info**)node; u_int16_t thread_id = *((u_int16_t*)user_data); @@ -854,11 +865,13 @@ static void node_print_unknown_proto_walker(const void *node, ndpi_VISIT which, } } +/* ********************************** */ + /** * @brief Known Proto Walker */ -static void node_print_known_proto_walker(const void *node, ndpi_VISIT which, int depth, void *user_data) { - +static void node_print_known_proto_walker(const void *node, + ndpi_VISIT which, int depth, void *user_data) { struct ndpi_flow_info *flow = *(struct ndpi_flow_info**)node; u_int16_t thread_id = *((u_int16_t*)user_data); @@ -871,6 +884,7 @@ static void node_print_known_proto_walker(const void *node, ndpi_VISIT which, in } } +/* ********************************** */ /** * @brief Guess Undetected Protocol @@ -890,6 +904,7 @@ static u_int16_t node_guess_undetected_protocol(u_int16_t thread_id, struct ndpi return(flow->detected_protocol.app_protocol); } +/* ********************************** */ /** * @brief Proto Guess Walker @@ -909,6 +924,7 @@ static void node_proto_guess_walker(const void *node, ndpi_VISIT which, int dept } process_ndpi_collected_info(ndpi_thread_info[thread_id].workflow, flow); + ndpi_thread_info[thread_id].workflow->stats.protocol_counter[flow->detected_protocol.app_protocol] += flow->src2dst_packets + flow->dst2src_packets; ndpi_thread_info[thread_id].workflow->stats.protocol_counter_bytes[flow->detected_protocol.app_protocol] += flow->src2dst_bytes + flow->dst2src_bytes; ndpi_thread_info[thread_id].workflow->stats.protocol_flows[flow->detected_protocol.app_protocol]++; @@ -1354,7 +1370,6 @@ static void port_stats_walker(const void *node, ndpi_VISIT which, int depth, voi * @brief Idle Scan Walker */ static void node_idle_scan_walker(const void *node, ndpi_VISIT which, int depth, void *user_data) { - struct ndpi_flow_info *flow = *(struct ndpi_flow_info **) node; u_int16_t thread_id = *((u_int16_t *) user_data); @@ -1386,7 +1401,6 @@ static void node_idle_scan_walker(const void *node, ndpi_VISIT which, int depth, static void on_protocol_discovered(struct ndpi_workflow * workflow, struct ndpi_flow_info * flow, void * udata) { - const u_int16_t thread_id = (uintptr_t) udata; if(verbose > 1) { @@ -1446,7 +1460,6 @@ static void debug_printf(u_int32_t protocol, void *id_struct, * @brief Setup for detection begin */ static void setupDetection(u_int16_t thread_id, pcap_t * pcap_handle) { - NDPI_PROTOCOL_BITMASK all; struct ndpi_workflow_prefs prefs; @@ -1468,16 +1481,20 @@ static void setupDetection(u_int16_t thread_id, pcap_t * pcap_handle) { ndpi_pref_enable_category_substring_match, 1); ndpi_workflow_set_flow_detected_callback(ndpi_thread_info[thread_id].workflow, - on_protocol_discovered, (void *)(uintptr_t)thread_id); + on_protocol_discovered, + (void *)(uintptr_t)thread_id); // enable all protocols NDPI_BITMASK_SET_ALL(all); ndpi_set_protocol_detection_bitmask2(ndpi_thread_info[thread_id].workflow->ndpi_struct, &all); // clear memory for results - memset(ndpi_thread_info[thread_id].workflow->stats.protocol_counter, 0, sizeof(ndpi_thread_info[thread_id].workflow->stats.protocol_counter)); - memset(ndpi_thread_info[thread_id].workflow->stats.protocol_counter_bytes, 0, sizeof(ndpi_thread_info[thread_id].workflow->stats.protocol_counter_bytes)); - memset(ndpi_thread_info[thread_id].workflow->stats.protocol_flows, 0, sizeof(ndpi_thread_info[thread_id].workflow->stats.protocol_flows)); + memset(ndpi_thread_info[thread_id].workflow->stats.protocol_counter, 0, + sizeof(ndpi_thread_info[thread_id].workflow->stats.protocol_counter)); + memset(ndpi_thread_info[thread_id].workflow->stats.protocol_counter_bytes, 0, + sizeof(ndpi_thread_info[thread_id].workflow->stats.protocol_counter_bytes)); + memset(ndpi_thread_info[thread_id].workflow->stats.protocol_flows, 0, + sizeof(ndpi_thread_info[thread_id].workflow->stats.protocol_flows)); if(_protoFilePath != NULL) ndpi_load_protocols_file(ndpi_thread_info[thread_id].workflow->ndpi_struct, _protoFilePath); @@ -1608,7 +1625,9 @@ static void json_open_stats_file() { static void json_close_stats_file() { json_object *jObjFinal = json_object_new_object(); - json_object_object_add(jObjFinal,"duration.in.seconds",json_object_new_int(pcap_analysis_duration)); + + json_object_object_add(jObjFinal,"duration.in.seconds", + json_object_new_int(pcap_analysis_duration)); json_object_object_add(jObjFinal,"statistics", jArray_topStats); fprintf(stats_fp,"%s\n",json_object_to_json_string(jObjFinal)); fclose(stats_fp); @@ -1910,8 +1929,10 @@ static void printResults(u_int64_t tot_usec) { continue; for(i=0; indpi_flows_root[i], node_proto_guess_walker, &thread_id); - if(verbose == 3 || stats_flag) ndpi_twalk(ndpi_thread_info[thread_id].workflow->ndpi_flows_root[i], port_stats_walker, &thread_id); + ndpi_twalk(ndpi_thread_info[thread_id].workflow->ndpi_flows_root[i], + node_proto_guess_walker, &thread_id); + if(verbose == 3 || stats_flag) ndpi_twalk(ndpi_thread_info[thread_id].workflow->ndpi_flows_root[i], + port_stats_walker, &thread_id); } /* Stats aggregation */ @@ -2396,11 +2417,11 @@ static void pcap_process_packet(u_char *args, if(live_capture) { if(ndpi_thread_info[thread_id].last_idle_scan_time + IDLE_SCAN_PERIOD < ndpi_thread_info[thread_id].workflow->last_time) { /* scan for idle flows */ - ndpi_twalk(ndpi_thread_info[thread_id].workflow->ndpi_flows_root[ndpi_thread_info[thread_id].idle_scan_idx], node_idle_scan_walker, &thread_id); + ndpi_twalk(ndpi_thread_info[thread_id].workflow->ndpi_flows_root[ndpi_thread_info[thread_id].idle_scan_idx], + node_idle_scan_walker, &thread_id); /* remove idle flows (unfortunately we cannot do this inline) */ - while (ndpi_thread_info[thread_id].num_idle_flows > 0) { - + while(ndpi_thread_info[thread_id].num_idle_flows > 0) { /* search and delete the idle flow from the "ndpi_flow_root" (see struct reader thread) - here flows are the node of a b-tree */ ndpi_tdelete(ndpi_thread_info[thread_id].idle_flows[--ndpi_thread_info[thread_id].num_idle_flows], &ndpi_thread_info[thread_id].workflow->ndpi_flows_root[ndpi_thread_info[thread_id].idle_scan_idx], diff --git a/src/include/ndpi_api.h b/src/include/ndpi_api.h index 358c0491c..3fefc8e4b 100644 --- a/src/include/ndpi_api.h +++ b/src/include/ndpi_api.h @@ -346,6 +346,7 @@ extern "C" { * @par ndpi_struct = the detection module * @par string_to_match = the string to match * @par string_to_match_len = the length of the string + * @par ret_match = completed returned match information * @par is_host_match = value of the second field of struct ndpi_automa * @return the ID of the matched subprotocol * @@ -353,6 +354,7 @@ extern "C" { int ndpi_match_string_subprotocol(struct ndpi_detection_module_struct *ndpi_struct, char *string_to_match, u_int string_to_match_len, + ndpi_protocol_match_result *ret_match, u_int8_t is_host_match); /** * Check if the host passed match with a protocol @@ -361,6 +363,7 @@ extern "C" { * @par flow = the flow where match the host * @par string_to_match = the string to match * @par string_to_match_len = the length of the string + * @par ret_match = completed returned match information * @par master_protocol_id = value of the ID associated to the master protocol detected * @return the ID of the matched subprotocol * @@ -369,6 +372,7 @@ extern "C" { struct ndpi_flow_struct *flow, char *string_to_match, u_int string_to_match_len, + ndpi_protocol_match_result *ret_match, u_int16_t master_protocol_id); @@ -379,6 +383,7 @@ extern "C" { * @par flow = the flow where match the host * @par string_to_match = the string to match * @par string_to_match_len = the length of the string + * @par ret_match = completed returned match information * @par master_protocol_id = value of the ID associated to the master protocol detected * @return the ID of the matched subprotocol * @@ -387,6 +392,7 @@ extern "C" { struct ndpi_flow_struct *flow, char *string_to_match, u_int string_to_match_len, + ndpi_protocol_match_result *ret_match, u_int16_t master_protocol_id); /** * Exclude protocol from search diff --git a/src/include/ndpi_main.h b/src/include/ndpi_main.h index b18efa21a..3517d45b2 100644 --- a/src/include/ndpi_main.h +++ b/src/include/ndpi_main.h @@ -53,34 +53,55 @@ extern "C" { extern u_int8_t ndpi_ips_match(u_int32_t src, u_int32_t dst, u_int32_t net, u_int32_t num_bits); - u_int16_t ntohs_ndpi_bytestream_to_number(const u_int8_t * str, u_int16_t max_chars_to_read, u_int16_t * bytes_read); - - u_int32_t ndpi_bytestream_to_number(const u_int8_t * str, u_int16_t max_chars_to_read, u_int16_t * bytes_read); - u_int64_t ndpi_bytestream_to_number64(const u_int8_t * str, u_int16_t max_chars_to_read, u_int16_t * bytes_read); - u_int32_t ndpi_bytestream_dec_or_hex_to_number(const u_int8_t * str, u_int16_t max_chars_to_read, u_int16_t * bytes_read); - u_int64_t ndpi_bytestream_dec_or_hex_to_number64(const u_int8_t * str, u_int16_t max_chars_to_read, u_int16_t * bytes_read); - u_int32_t ndpi_bytestream_to_ipv4(const u_int8_t * str, u_int16_t max_chars_to_read, u_int16_t * bytes_read); + u_int16_t ntohs_ndpi_bytestream_to_number(const u_int8_t * str, + u_int16_t max_chars_to_read, + u_int16_t * bytes_read); + + u_int32_t ndpi_bytestream_to_number(const u_int8_t * str, u_int16_t max_chars_to_read, + u_int16_t * bytes_read); + u_int64_t ndpi_bytestream_to_number64(const u_int8_t * str, u_int16_t max_chars_to_read, + u_int16_t * bytes_read); + u_int32_t ndpi_bytestream_dec_or_hex_to_number(const u_int8_t * str, + u_int16_t max_chars_to_read, + u_int16_t * bytes_read); + u_int64_t ndpi_bytestream_dec_or_hex_to_number64(const u_int8_t * str, + u_int16_t max_chars_to_read, + u_int16_t * bytes_read); + u_int32_t ndpi_bytestream_to_ipv4(const u_int8_t * str, u_int16_t max_chars_to_read, + u_int16_t * bytes_read); void ndpi_set_detected_protocol(struct ndpi_detection_module_struct *ndpi_struct, struct ndpi_flow_struct *flow, u_int16_t upper_detected_protocol, u_int16_t lower_detected_protocol); - extern void ndpi_parse_packet_line_info(struct ndpi_detection_module_struct *ndpi_struct, struct ndpi_flow_struct *flow); - extern void ndpi_parse_packet_line_info_any(struct ndpi_detection_module_struct *ndpi_struct, struct ndpi_flow_struct *flow); + extern void ndpi_parse_packet_line_info(struct ndpi_detection_module_struct *ndpi_struct, + struct ndpi_flow_struct *flow); + extern void ndpi_parse_packet_line_info_any(struct ndpi_detection_module_struct *ndpi_struct, + struct ndpi_flow_struct *flow); - extern u_int16_t ndpi_check_for_email_address(struct ndpi_detection_module_struct *ndpi_struct, struct ndpi_flow_struct *flow, u_int16_t counter); + extern u_int16_t ndpi_check_for_email_address(struct ndpi_detection_module_struct *ndpi_struct, + struct ndpi_flow_struct *flow, u_int16_t counter); - extern void ndpi_int_change_packet_protocol(struct ndpi_detection_module_struct *ndpi_struct, struct ndpi_flow_struct *flow, + extern void ndpi_int_change_packet_protocol(struct ndpi_detection_module_struct *ndpi_struct, + struct ndpi_flow_struct *flow, u_int16_t upper_detected_protocol, u_int16_t lower_detected_protocol); - extern void ndpi_int_change_protocol(struct ndpi_detection_module_struct *ndpi_struct, struct ndpi_flow_struct *flow, + extern void ndpi_int_change_protocol(struct ndpi_detection_module_struct *ndpi_struct, + struct ndpi_flow_struct *flow, u_int16_t upper_detected_protocol, u_int16_t lower_detected_protocol); - extern void ndpi_set_proto_defaults(struct ndpi_detection_module_struct *ndpi_mod, ndpi_protocol_breed_t protoBreed, u_int16_t protoId, - u_int16_t tcp_alias_protoId[2], u_int16_t udp_alias_protoId[2], char *protoName, + extern void ndpi_int_change_category(struct ndpi_detection_module_struct *ndpi_struct, + struct ndpi_flow_struct *flow, + ndpi_protocol_category_t protocol_category); + + extern void ndpi_set_proto_defaults(struct ndpi_detection_module_struct *ndpi_mod, + ndpi_protocol_breed_t protoBreed, u_int16_t protoId, + u_int16_t tcp_alias_protoId[2], + u_int16_t udp_alias_protoId[2], char *protoName, ndpi_protocol_category_t protoCategory, - ndpi_port_range *tcpDefPorts, ndpi_port_range *udpDefPorts); + ndpi_port_range *tcpDefPorts, + ndpi_port_range *udpDefPorts); extern void ndpi_int_reset_packet_protocol(struct ndpi_packet_struct *packet); extern void ndpi_int_reset_protocol(struct ndpi_flow_struct *flow); @@ -90,8 +111,10 @@ extern "C" { extern void ndpi_packet_src_ip_get(const struct ndpi_packet_struct *packet, ndpi_ip_addr_t * ip); extern void ndpi_packet_dst_ip_get(const struct ndpi_packet_struct *packet, ndpi_ip_addr_t * ip); - extern char *ndpi_get_ip_string(struct ndpi_detection_module_struct *ndpi_struct, const ndpi_ip_addr_t * ip); - extern char *ndpi_get_packet_src_ip_string(struct ndpi_detection_module_struct *ndpi_struct, const struct ndpi_packet_struct *packet); + extern char *ndpi_get_ip_string(struct ndpi_detection_module_struct *ndpi_struct, + const ndpi_ip_addr_t * ip); + extern char *ndpi_get_packet_src_ip_string(struct ndpi_detection_module_struct *ndpi_struct, + const struct ndpi_packet_struct *packet); extern char* ndpi_get_proto_by_id(struct ndpi_detection_module_struct *ndpi_mod, u_int id); u_int16_t ndpi_get_proto_by_name(struct ndpi_detection_module_struct *ndpi_mod, const char *name); @@ -102,7 +125,8 @@ extern "C" { extern u_int8_t ndpi_is_proto(ndpi_protocol p, u_int16_t proto); extern u_int16_t ndpi_get_lower_proto(ndpi_protocol p); - extern int ndpi_get_protocol_id_master_proto(struct ndpi_detection_module_struct *ndpi_struct, u_int16_t protocol_id, + extern int ndpi_get_protocol_id_master_proto(struct ndpi_detection_module_struct *ndpi_struct, + u_int16_t protocol_id, u_int16_t** tcp_master_proto, u_int16_t** udp_master_proto); #/* NDPI_PROTOCOL_NETBIOS */ diff --git a/src/include/ndpi_typedefs.h b/src/include/ndpi_typedefs.h index 244074044..3d0eccab7 100644 --- a/src/include/ndpi_typedefs.h +++ b/src/include/ndpi_typedefs.h @@ -1099,8 +1099,9 @@ struct ndpi_flow_struct { /* protocols which have marked a connection as this connection cannot be protocol XXX, multiple u_int64_t */ NDPI_PROTOCOL_BITMASK excluded_protocol_bitmask; - + ndpi_protocol_category_t category; + /* NDPI_PROTOCOL_REDIS */ u_int8_t redis_s2d_first_char, redis_d2s_first_char; @@ -1207,4 +1208,10 @@ typedef struct { u_int8_t value; } ndpi_network; +typedef struct { + int protocol_id; + ndpi_protocol_category_t protocol_category; + ndpi_protocol_breed_t protocol_breed; +} ndpi_protocol_match_result; + #endif /* __NDPI_TYPEDEFS_H__ */ diff --git a/src/lib/Makefile b/src/lib/Makefile index c9f317931..19c6f1cfe 100644 --- a/src/lib/Makefile +++ b/src/lib/Makefile @@ -6,7 +6,7 @@ # make -f Makefile.simple # CFLAGS += -fPIC -DPIC -I../include -Ithird_party/include -DNDPI_LIB_COMPILATION -g -RANLIB=ranlib +RANLIB = ranlib OBJECTS = $(patsubst protocols/%.c, protocols/%.o, $(wildcard protocols/*.c)) $(patsubst third_party/src/%.c, third_party/src/%.o, $(wildcard third_party/src/*.c)) ndpi_main.o HEADERS = $(wildcard ../include/*.h) diff --git a/src/lib/ndpi_main.c b/src/lib/ndpi_main.c index 494c93bd0..952026ce6 100644 --- a/src/lib/ndpi_main.c +++ b/src/lib/ndpi_main.c @@ -413,15 +413,13 @@ u_int32_t ndpi_detection_get_sizeof_ndpi_id_struct(void) { return sizeof(struct /* *********************************************************************************** */ -char * ndpi_get_proto_by_id(struct ndpi_detection_module_struct *ndpi_mod, u_int id) -{ +char * ndpi_get_proto_by_id(struct ndpi_detection_module_struct *ndpi_mod, u_int id) { return((id >= ndpi_mod->ndpi_num_supported_protocols) ? NULL : ndpi_mod->proto_defaults[id].protoName); } /* *********************************************************************************** */ -u_int16_t ndpi_get_proto_by_name(struct ndpi_detection_module_struct *ndpi_mod, const char *name) -{ +u_int16_t ndpi_get_proto_by_name(struct ndpi_detection_module_struct *ndpi_mod, const char *name) { u_int16_t i, num = ndpi_get_num_supported_protocols(ndpi_mod); for(i = 0; i < num; i++) @@ -438,8 +436,7 @@ ndpi_port_range * ndpi_build_default_ports_range(ndpi_port_range *ports, u_int16_t portB_low, u_int16_t portB_high, u_int16_t portC_low, u_int16_t portC_high, u_int16_t portD_low, u_int16_t portD_high, - u_int16_t portE_low, u_int16_t portE_high) -{ + u_int16_t portE_low, u_int16_t portE_high) { int i = 0; ports[i].port_low = portA_low, ports[i].port_high = portA_high; i++; @@ -458,8 +455,7 @@ ndpi_port_range * ndpi_build_default_ports(ndpi_port_range *ports, u_int16_t portB, u_int16_t portC, u_int16_t portD, - u_int16_t portE) -{ + u_int16_t portE) { int i = 0; ports[i].port_low = portA, ports[i].port_high = portA; i++; @@ -753,8 +749,7 @@ static int ndpi_remove_host_url_subprotocol(struct ndpi_detection_module_struct /* ******************************************************************** */ void ndpi_init_protocol_match(struct ndpi_detection_module_struct *ndpi_mod, - ndpi_protocol_match *match) -{ + ndpi_protocol_match *match) { u_int16_t no_master[2] = { NDPI_PROTOCOL_NO_MASTER_PROTO, NDPI_PROTOCOL_NO_MASTER_PROTO }; ndpi_port_range ports_a[MAX_DEFAULT_PORTS], ports_b[MAX_DEFAULT_PORTS]; static u_int16_t generic_id = NDPI_LAST_IMPLEMENTED_PROTOCOL; @@ -2634,7 +2629,7 @@ int ndpi_handle_rule(struct ndpi_detection_module_struct *ndpi_mod, else removeDefaultPort(&range, def, is_tcp ? &ndpi_mod->tcpRoot : &ndpi_mod->udpRoot); } else if(is_ip) { -/* NDPI_PROTOCOL_TOR */ + /* NDPI_PROTOCOL_TOR */ ndpi_add_host_ip_subprotocol(ndpi_mod, value, subprotocol_id); } else { if(do_add) @@ -4172,6 +4167,11 @@ int ndpi_enable_loaded_categories(struct ndpi_detection_module_struct *ndpi_str) void ndpi_fill_protocol_category(struct ndpi_detection_module_struct *ndpi_struct, struct ndpi_flow_struct *flow, ndpi_protocol *ret) { + if(flow->category != NDPI_PROTOCOL_CATEGORY_UNSPECIFIED) { + ret->category = flow->category; + return; + } + if(ndpi_struct->custom_categories.categories_loaded) { if(flow->packet.iph) { prefix_t prefix; @@ -4189,7 +4189,7 @@ void ndpi_fill_protocol_category(struct ndpi_detection_module_struct *ndpi_struc } if(node) { - ret->category = (ndpi_protocol_category_t)node->value.user_value; + flow->category = ret->category = (ndpi_protocol_category_t)node->value.user_value; return; } } @@ -4199,7 +4199,7 @@ void ndpi_fill_protocol_category(struct ndpi_detection_module_struct *ndpi_struc int rc = ndpi_match_custom_category(ndpi_struct, (char *)flow->host_server_name, &id); if(rc == 0) { - ret->category = (ndpi_protocol_category_t)id; + flow->category = ret->category = (ndpi_protocol_category_t)id; return; } } @@ -4209,13 +4209,13 @@ void ndpi_fill_protocol_category(struct ndpi_detection_module_struct *ndpi_struc int rc = ndpi_match_custom_category(ndpi_struct, (char *)flow->protos.stun_ssl.ssl.server_certificate, &id); if(rc == 0) { - ret->category = (ndpi_protocol_category_t)id; + flow->category = ret->category = (ndpi_protocol_category_t)id; return; } } } - ret->category = ndpi_get_proto_category(ndpi_struct, *ret); + flow->category = ret->category = ndpi_get_proto_category(ndpi_struct, *ret); } /* ********************************************************************************* */ @@ -4347,6 +4347,19 @@ ndpi_protocol ndpi_detection_process_packet(struct ndpi_detection_module_struct if(flow->guessed_host_protocol_id >= (NDPI_MAX_SUPPORTED_PROTOCOLS-1)) { /* This is a custom protocol and it has priority over everything else */ ret.master_protocol = NDPI_PROTOCOL_UNKNOWN, ret.app_protocol = flow->guessed_host_protocol_id; + + if(flow->packet.tcp) { + /* Minimal guess for HTTP/SSL-based protocols */ + switch(ntohs(flow->packet.tcp->dest)) { + case 80: + ret.master_protocol = NDPI_PROTOCOL_HTTP; + break; + case 443: + ret.master_protocol = NDPI_PROTOCOL_SSL; /* QUIC could also match */ + break; + } + } + ndpi_check_flow_func(ndpi_struct, flow, &ndpi_selection_packet); ndpi_fill_protocol_category(ndpi_struct, flow, &ret); return(ret); @@ -4921,10 +4934,11 @@ void ndpi_debug_get_last_log_function_line(struct ndpi_detection_module_struct /* ********************************************************************************* */ -u_int8_t ndpi_detection_get_l4(const u_int8_t * l3, u_int16_t l3_len, const u_int8_t ** l4_return, u_int16_t * l4_len_return, - u_int8_t * l4_protocol_return, u_int32_t flags) -{ - return ndpi_detection_get_l4_internal(NULL, l3, l3_len, l4_return, l4_len_return, l4_protocol_return, flags); +u_int8_t ndpi_detection_get_l4(const u_int8_t * l3, u_int16_t l3_len, + const u_int8_t ** l4_return, u_int16_t * l4_len_return, + u_int8_t * l4_protocol_return, u_int32_t flags) { + return ndpi_detection_get_l4_internal(NULL, l3, l3_len, + l4_return, l4_len_return, l4_protocol_return, flags); } /* ********************************************************************************* */ @@ -4932,8 +4946,7 @@ u_int8_t ndpi_detection_get_l4(const u_int8_t * l3, u_int16_t l3_len, const u_in void ndpi_set_detected_protocol(struct ndpi_detection_module_struct *ndpi_struct, struct ndpi_flow_struct *flow, u_int16_t upper_detected_protocol, - u_int16_t lower_detected_protocol) -{ + u_int16_t lower_detected_protocol) { struct ndpi_id_struct *src = flow->src; struct ndpi_id_struct *dst = flow->dst; @@ -4969,7 +4982,8 @@ void ndpi_int_change_flow_protocol(struct ndpi_detection_module_struct *ndpi_str u_int16_t lower_detected_protocol) { if(!flow) return; - flow->detected_protocol_stack[0] = upper_detected_protocol, flow->detected_protocol_stack[1] = lower_detected_protocol; + flow->detected_protocol_stack[0] = upper_detected_protocol, + flow->detected_protocol_stack[1] = lower_detected_protocol; } /* ********************************************************************************* */ @@ -5018,6 +5032,14 @@ void ndpi_int_change_protocol(struct ndpi_detection_module_struct *ndpi_struct, /* ********************************************************************************* */ +void ndpi_int_change_category(struct ndpi_detection_module_struct *ndpi_struct, + struct ndpi_flow_struct *flow, + ndpi_protocol_category_t protocol_category) { + flow->category = protocol_category; +} + +/* ********************************************************************************* */ + /* change protocol only if guessing is active */ /* void ndpi_guess_change_protocol(struct ndpi_detection_module_struct *ndpi_struct, */ /* struct ndpi_flow_struct *flow) */ @@ -5600,22 +5622,29 @@ int ndpi_match_prefix(const u_int8_t *payload, size_t payload_len, int ndpi_match_string_subprotocol(struct ndpi_detection_module_struct *ndpi_struct, char *string_to_match, u_int string_to_match_len, + ndpi_protocol_match_result *ret_match, u_int8_t is_host_match) { - AC_REP_t match = { NDPI_PROTOCOL_UNKNOWN, NDPI_PROTOCOL_CATEGORY_UNSPECIFIED, NDPI_PROTOCOL_UNRATED }; AC_TEXT_t ac_input_text; - ndpi_automa *automa = is_host_match ? &ndpi_struct->host_automa : &ndpi_struct->content_automa; - - if((automa->ac_automa == NULL) || (string_to_match_len == 0)) return(NDPI_PROTOCOL_UNKNOWN); + ndpi_automa *automa = is_host_match ? &ndpi_struct->host_automa : + &ndpi_struct->content_automa; + AC_REP_t match = { NDPI_PROTOCOL_UNKNOWN, NDPI_PROTOCOL_CATEGORY_UNSPECIFIED, NDPI_PROTOCOL_UNRATED }; + + if((automa->ac_automa == NULL) || (string_to_match_len == 0)) + return(NDPI_PROTOCOL_UNKNOWN); if(!automa->ac_automa_finalized) { ac_automata_finalize((AC_AUTOMATA_t*)automa->ac_automa); automa->ac_automa_finalized = 1; } - + ac_input_text.astring = string_to_match, ac_input_text.length = string_to_match_len; ac_automata_search(((AC_AUTOMATA_t*)automa->ac_automa), &ac_input_text, &match); ac_automata_reset(((AC_AUTOMATA_t*)automa->ac_automa)); - + + ret_match->protocol_id = match.number, + ret_match->protocol_category = match.category, + ret_match->protocol_breed = match.breed; + return(match.number); } @@ -5627,10 +5656,15 @@ static int ndpi_automa_match_string_subprotocol(struct ndpi_detection_module_str struct ndpi_flow_struct *flow, char *string_to_match, u_int string_to_match_len, u_int16_t master_protocol_id, + ndpi_protocol_match_result *ret_match, u_int8_t is_host_match) { - int matching_protocol_id = ndpi_match_string_subprotocol(ndpi_struct, string_to_match, string_to_match_len, is_host_match); + int matching_protocol_id; struct ndpi_packet_struct *packet = &flow->packet; + matching_protocol_id = ndpi_match_string_subprotocol(ndpi_struct, string_to_match, + string_to_match_len, ret_match, + is_host_match); + #ifdef DEBUG { char m[256]; @@ -5650,8 +5684,9 @@ static int ndpi_automa_match_string_subprotocol(struct ndpi_detection_module_str packet->detected_protocol_stack[0] = matching_protocol_id; flow->detected_protocol_stack[0] = packet->detected_protocol_stack[0], - flow->detected_protocol_stack[1] = packet->detected_protocol_stack[1]; - + flow->detected_protocol_stack[1] = packet->detected_protocol_stack[1], + flow->category = ret_match->protocol_category; + return(packet->detected_protocol_stack[0]); } @@ -5679,10 +5714,15 @@ static int ndpi_automa_match_string_subprotocol(struct ndpi_detection_module_str struct ndpi_flow_struct *flow, char *string_to_match, u_int string_to_match_len, u_int16_t master_protocol_id, + ndpi_automa_match_string_subprotocol *ret_match, u_int8_t is_host_match) { int rv = NDPI_PROTOCOL_UNKNOWN; struct hs *hs = (struct hs*)ndpi_struct->hyperscan; + /* + TODO HYPERSCAN + In case of match fill up ret_match and set flow protocol + category + */ if(hs_scan(hs->database, string_to_match, string_to_match_len, 0, hs->scratch, hyperscanEventHandler, &rv) != HS_SUCCESS) @@ -5698,10 +5738,11 @@ static int ndpi_automa_match_string_subprotocol(struct ndpi_detection_module_str int ndpi_match_host_subprotocol(struct ndpi_detection_module_struct *ndpi_struct, struct ndpi_flow_struct *flow, char *string_to_match, u_int string_to_match_len, + ndpi_protocol_match_result *ret_match, u_int16_t master_protocol_id) { return(ndpi_automa_match_string_subprotocol(ndpi_struct, flow, string_to_match, string_to_match_len, - master_protocol_id, 1)); + master_protocol_id, ret_match, 1)); } /* ****************************************************** */ @@ -5709,10 +5750,11 @@ int ndpi_match_host_subprotocol(struct ndpi_detection_module_struct *ndpi_struct int ndpi_match_content_subprotocol(struct ndpi_detection_module_struct *ndpi_struct, struct ndpi_flow_struct *flow, char *string_to_match, u_int string_to_match_len, + ndpi_protocol_match_result *ret_match, u_int16_t master_protocol_id) { return(ndpi_automa_match_string_subprotocol(ndpi_struct, flow, string_to_match, string_to_match_len, - master_protocol_id, 0)); + master_protocol_id, ret_match, 0)); } /* ****************************************************** */ diff --git a/src/lib/protocols/dns.c b/src/lib/protocols/dns.c index 6ffa74a27..90be9544c 100644 --- a/src/lib/protocols/dns.c +++ b/src/lib/protocols/dns.c @@ -207,12 +207,16 @@ void ndpi_search_dns(struct ndpi_detection_module_struct *ndpi_struct, struct nd flow->protos.dns.num_queries = (u_int8_t)dns_header.num_queries, flow->protos.dns.num_answers = (u_int8_t) (dns_header.num_answers + dns_header.authority_rrs + dns_header.additional_rrs); - if(j > 0) + if(j > 0) { + ndpi_protocol_match_result ret_match; + ndpi_match_host_subprotocol(ndpi_struct, flow, (char *)flow->host_server_name, strlen((const char*)flow->host_server_name), + &ret_match, NDPI_PROTOCOL_DNS); - + } + #ifdef DNS_DEBUG NDPI_LOG_DBG2(ndpi_struct, "[num_queries=%d][num_answers=%d][reply_code=%u][rsp_type=%u][host_server_name=%s]\n", flow->protos.dns.num_queries, flow->protos.dns.num_answers, diff --git a/src/lib/protocols/fbzero.c b/src/lib/protocols/fbzero.c index 3048bff79..6c818e3c7 100644 --- a/src/lib/protocols/fbzero.c +++ b/src/lib/protocols/fbzero.c @@ -84,7 +84,8 @@ void ndpi_search_fbzero(struct ndpi_detection_module_struct *ndpi_struct, && (t->tag[2] == 'I') && (t->tag[3] == '\0')) { char *value = (char*)&packet->payload[data_offset + data_prev_offset]; u_int tag_len = t->tag_offset_len-data_prev_offset, max_len; - + ndpi_protocol_match_result ret_match; + max_len = ndpi_min(tag_len, sizeof(flow->host_server_name)-1); strncpy((char*)flow->host_server_name, value, max_len); @@ -99,6 +100,7 @@ void ndpi_search_fbzero(struct ndpi_detection_module_struct *ndpi_struct, ndpi_match_host_subprotocol(ndpi_struct, flow, (char *)flow->host_server_name, strlen((const char *)flow->host_server_name), + &ret_match, NDPI_PROTOCOL_FBZERO); return; } diff --git a/src/lib/protocols/http.c b/src/lib/protocols/http.c index e03b48710..94d918e76 100644 --- a/src/lib/protocols/http.c +++ b/src/lib/protocols/http.c @@ -172,7 +172,8 @@ static void setHttpUserAgent(struct ndpi_detection_module_struct *ndpi_struct, static void parseHttpSubprotocol(struct ndpi_detection_module_struct *ndpi_struct, struct ndpi_flow_struct *flow) { if((flow->l4.tcp.http_stage == 0) || (flow->http.url && flow->http_detected)) { char *double_col = strchr((char*)flow->host_server_name, ':'); - + ndpi_protocol_match_result ret_match; + if(double_col) double_col[0] = '\0'; /** @@ -182,6 +183,7 @@ static void parseHttpSubprotocol(struct ndpi_detection_module_struct *ndpi_struc */ ndpi_match_host_subprotocol(ndpi_struct, flow, (char *)flow->host_server_name, strlen((const char *)flow->host_server_name), + &ret_match, NDPI_PROTOCOL_HTTP); } } @@ -349,12 +351,16 @@ static void check_content_type_and_change_protocol(struct ndpi_detection_module_ packet->host_line.len, packet->host_line.ptr); /* call ndpi_match_host_subprotocol to see if there is a match with known-host HTTP subprotocol */ - if((ndpi_struct->http_dont_dissect_response) || flow->http_detected) + if((ndpi_struct->http_dont_dissect_response) || flow->http_detected) { + ndpi_protocol_match_result ret_match; + ndpi_match_host_subprotocol(ndpi_struct, flow, (char*)packet->host_line.ptr, packet->host_line.len, + &ret_match, NDPI_PROTOCOL_HTTP); - + } + /* Copy result for nDPI apps */ if(!ndpi_struct->disable_metadata_export) { len = ndpi_min(packet->host_line.len, sizeof(flow->host_server_name)-1); @@ -395,12 +401,16 @@ static void check_content_type_and_change_protocol(struct ndpi_detection_module_ if((flow->detected_protocol_stack[0] == NDPI_PROTOCOL_UNKNOWN) && ((ndpi_struct->http_dont_dissect_response) || flow->http_detected) - && (packet->http_origin.len > 0)) + && (packet->http_origin.len > 0)) { + ndpi_protocol_match_result ret_match; + ndpi_match_host_subprotocol(ndpi_struct, flow, (char *)packet->http_origin.ptr, packet->http_origin.len, + &ret_match, NDPI_PROTOCOL_HTTP); - + } + if(flow->detected_protocol_stack[0] != NDPI_PROTOCOL_UNKNOWN) { if(packet->detected_protocol_stack[0] != NDPI_PROTOCOL_HTTP) { NDPI_LOG_INFO(ndpi_struct, "found HTTP/%s\n", @@ -440,10 +450,13 @@ static void check_content_type_and_change_protocol(struct ndpi_detection_module_ NDPI_LOG_DBG2(ndpi_struct, "Content Type line found %.*s\n", packet->content_line.len, packet->content_line.ptr); - if((ndpi_struct->http_dont_dissect_response) || flow->http_detected) + if((ndpi_struct->http_dont_dissect_response) || flow->http_detected) { + ndpi_protocol_match_result ret_match; + ndpi_match_content_subprotocol(ndpi_struct, flow, (char*)packet->content_line.ptr, packet->content_line.len, - NDPI_PROTOCOL_HTTP); + &ret_match, NDPI_PROTOCOL_HTTP); + } } } diff --git a/src/lib/protocols/quic.c b/src/lib/protocols/quic.c index 4c838f41f..e28db634a 100644 --- a/src/lib/protocols/quic.c +++ b/src/lib/protocols/quic.c @@ -107,6 +107,7 @@ void ndpi_search_quic(struct ndpi_detection_module_struct *ndpi_struct, if((sni_offset+len) < udp_len) { if(!ndpi_struct->disable_metadata_export) { int max_len = sizeof(flow->host_server_name)-1, j = 0; + ndpi_protocol_match_result ret_match; if(len > max_len) len = max_len; @@ -118,6 +119,7 @@ void ndpi_search_quic(struct ndpi_detection_module_struct *ndpi_struct, ndpi_match_host_subprotocol(ndpi_struct, flow, (char *)flow->host_server_name, strlen((const char*)flow->host_server_name), + &ret_match, NDPI_PROTOCOL_QUIC); } } diff --git a/src/lib/protocols/ssl.c b/src/lib/protocols/ssl.c index a277f8120..b8c36976b 100644 --- a/src/lib/protocols/ssl.c +++ b/src/lib/protocols/ssl.c @@ -327,13 +327,13 @@ int sslTryAndRetrieveServerCertificate(struct ndpi_detection_module_struct *ndpi } /* Client hello, Server Hello, and certificate packets probably all checked in this case */ if ((packet->ssl_certificate_num_checks >= 3) - && (flow->l4.tcp.seen_syn) - && (flow->l4.tcp.seen_syn_ack) - && (flow->l4.tcp.seen_ack) /* We have seen the 3-way handshake */) - { - /* We're done processing extra packets since we've probably checked all possible cert packets */ - return 0; - } + && (flow->l4.tcp.seen_syn) + && (flow->l4.tcp.seen_syn_ack) + && (flow->l4.tcp.seen_ack) /* We have seen the 3-way handshake */) + { + /* We're done processing extra packets since we've probably checked all possible cert packets */ + return 0; + } } /* 1 means keep looking for more packets */ return 1; @@ -368,22 +368,27 @@ int sslDetectProtocolFromCertificate(struct ndpi_detection_module_struct *ndpi_s #ifdef CERTIFICATE_DEBUG NDPI_LOG_DBG2(ndpi_struct, "***** [SSL] %s\n", certificate); #endif + ndpi_protocol_match_result ret_match; u_int32_t subproto = ndpi_match_host_subprotocol(ndpi_struct, flow, certificate, - strlen(certificate), NDPI_PROTOCOL_SSL); + strlen(certificate), + &ret_match, + NDPI_PROTOCOL_SSL); + if(subproto != NDPI_PROTOCOL_UNKNOWN) { - /* If we've detected the subprotocol from client certificate but haven't had a chance - * to see the server certificate yet, set up extra packet processing to wait - * a few more packets. */ - if((flow->protos.stun_ssl.ssl.client_certificate[0] != '\0') && (flow->protos.stun_ssl.ssl.server_certificate[0] == '\0')) { - sslInitExtraPacketProcessing(0, flow); - } - ndpi_set_detected_protocol(ndpi_struct, flow, subproto, - ndpi_ssl_refine_master_protocol(ndpi_struct, flow, NDPI_PROTOCOL_SSL)); - return(rc); /* Fix courtesy of Gianluca Costa */ - } + /* If we've detected the subprotocol from client certificate but haven't had a chance + * to see the server certificate yet, set up extra packet processing to wait + * a few more packets. */ + if((flow->protos.stun_ssl.ssl.client_certificate[0] != '\0') && (flow->protos.stun_ssl.ssl.server_certificate[0] == '\0')) { + sslInitExtraPacketProcessing(0, flow); + } + + ndpi_set_detected_protocol(ndpi_struct, flow, subproto, + ndpi_ssl_refine_master_protocol(ndpi_struct, flow, NDPI_PROTOCOL_SSL)); + return(rc); /* Fix courtesy of Gianluca Costa */ + } - if(ndpi_is_ssl_tor(ndpi_struct, flow, certificate) != 0) - return(rc); + if(ndpi_is_ssl_tor(ndpi_struct, flow, certificate) != 0) + return(rc); } if(((packet->ssl_certificate_num_checks >= 2) @@ -394,9 +399,9 @@ int sslDetectProtocolFromCertificate(struct ndpi_detection_module_struct *ndpi_s /* || (flow->protos.stun_ssl.ssl.client_certificate[0] != '\0') */ ) { ndpi_int_ssl_add_connection(ndpi_struct, flow, NDPI_PROTOCOL_SSL); - } + } + } } - } return(0); } @@ -480,7 +485,7 @@ static void ssl_mark_and_payload_search_for_other_protocols(struct ndpi_int_ssl_add_connection(ndpi_struct, flow, NDPI_PROTOCOL_SSL_NO_CERT); } else NDPI_LOG_INFO(ndpi_struct, "found ssl\n"); - ndpi_int_ssl_add_connection(ndpi_struct, flow, NDPI_PROTOCOL_SSL); + ndpi_int_ssl_add_connection(ndpi_struct, flow, NDPI_PROTOCOL_SSL); } } @@ -516,16 +521,16 @@ static u_int8_t ndpi_search_sslv3_direction1(struct ndpi_detection_module_struct u_int32_t cert_start; NDPI_LOG_DBG2(ndpi_struct, - "maybe SSLv3 server hello split into smaller packets\n"); + "maybe SSLv3 server hello split into smaller packets\n"); /* lets hope at least the server hello and the start of the certificate block are in the first packet */ cert_start = ntohs(get_u_int16_t(packet->payload, 7)) + 5 + 4; NDPI_LOG_DBG2(ndpi_struct, "suspected start of certificate: %u\n", - cert_start); + cert_start); if(cert_start < packet->payload_packet_len && packet->payload[cert_start] == 0x0b) { NDPI_LOG_DBG2(ndpi_struct, - "found 0x0b at suspected start of certificate block\n"); + "found 0x0b at suspected start of certificate block\n"); return 2; } } @@ -536,16 +541,16 @@ static u_int8_t ndpi_search_sslv3_direction1(struct ndpi_detection_module_struct u_int32_t cert_start; NDPI_LOG_DBG2(ndpi_struct, - "maybe SSLv3 server hello split into smaller packets but with seperate record for the certificate\n"); + "maybe SSLv3 server hello split into smaller packets but with seperate record for the certificate\n"); /* lets hope at least the server hello record and the start of the certificate record are in the first packet */ cert_start = ntohs(get_u_int16_t(packet->payload, 7)) + 5 + 5 + 4; NDPI_LOG_DBG2(ndpi_struct, "suspected start of certificate: %u\n", - cert_start); + cert_start); if(cert_start < packet->payload_packet_len && packet->payload[cert_start] == 0x0b) { NDPI_LOG_DBG2(ndpi_struct, - "found 0x0b at suspected start of certificate block\n"); + "found 0x0b at suspected start of certificate block\n"); return 2; } } @@ -603,7 +608,7 @@ void ndpi_search_ssl_tcp(struct ndpi_detection_module_struct *ndpi_struct, struc * so go on checking for certificate patterns for a couple more packets */ NDPI_LOG_DBG2(ndpi_struct, - "ssl flow but check another packet for patterns\n"); + "ssl flow but check another packet for patterns\n"); ssl_mark_and_payload_search_for_other_protocols(ndpi_struct, flow); if(packet->detected_protocol_stack[0] == NDPI_PROTOCOL_SSL) { /* still ssl so check another packet */ @@ -685,7 +690,7 @@ void ndpi_search_ssl_tcp(struct ndpi_detection_module_struct *ndpi_struct, struc return; } else if(ret == 2) { NDPI_LOG_DBG2(ndpi_struct, - "sslv3 server len match with split packet -> check some more packets for SSL patterns\n"); + "sslv3 server len match with split packet -> check some more packets for SSL patterns\n"); ssl_mark_and_payload_search_for_other_protocols(ndpi_struct, flow); if(packet->detected_protocol_stack[0] == NDPI_PROTOCOL_SSL) { flow->l4.tcp.ssl_stage = 3; diff --git a/tests/result/pps.pcap.out b/tests/result/pps.pcap.out index 5b3c3e7ce..a8259c514 100644 --- a/tests/result/pps.pcap.out +++ b/tests/result/pps.pcap.out @@ -23,11 +23,11 @@ GenericProtocol 1429 1780307 49 16 TCP 192.168.115.8:50779 <-> 111.206.22.77:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][2 pkts/1438 bytes <-> 1 pkts/194 bytes][Host: msg.iqiyi.com] 17 UDP 192.168.5.38:58897 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][9 pkts/1575 bytes -> 0 pkts/0 bytes] 18 UDP 192.168.115.1:50945 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][9 pkts/1539 bytes -> 0 pkts/0 bytes] - 19 TCP 192.168.115.8:50464 <-> 123.125.112.49:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/707 bytes <-> 1 pkts/744 bytes][Host: click.hm.baidu.com] + 19 TCP 192.168.115.8:50464 <-> 123.125.112.49:80 [proto: 7.137/HTTP.GenericProtocol][cat: Web/5][1 pkts/707 bytes <-> 1 pkts/744 bytes][Host: click.hm.baidu.com] 20 TCP 192.168.115.8:50492 <-> 111.206.13.3:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/389 bytes <-> 2 pkts/1034 bytes][Host: pdata.video.qiyi.com] 21 TCP 192.168.115.8:50777 <-> 111.206.22.77:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/1186 bytes <-> 1 pkts/194 bytes][Host: msg.iqiyi.com] 22 TCP 192.168.115.8:50494 <-> 223.26.106.66:80 [proto: 7.60/HTTP.HTTP_Download][cat: Download-FileTransfer-FileSharing/7][2 pkts/887 bytes <-> 1 pkts/443 bytes][Host: 223.26.106.66] - 23 TCP 192.168.115.8:50497 <-> 123.125.112.49:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/1004 bytes <-> 2 pkts/301 bytes][Host: click.hm.baidu.com] + 23 TCP 192.168.115.8:50497 <-> 123.125.112.49:80 [proto: 7.137/HTTP.GenericProtocol][cat: Web/5][1 pkts/1004 bytes <-> 2 pkts/301 bytes][Host: click.hm.baidu.com] 24 TCP 192.168.115.8:50499 <-> 111.206.22.76:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/1097 bytes <-> 1 pkts/199 bytes][Host: msg.iqiyi.com] 25 TCP 192.168.115.8:50474 <-> 202.108.14.221:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/1100 bytes <-> 1 pkts/194 bytes][Host: msg.iqiyi.com] 26 TCP 192.168.115.8:50507 <-> 223.26.106.19:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/212 bytes <-> 1 pkts/1063 bytes][Host: static.qiyi.com] diff --git a/tests/result/webex.pcap.out b/tests/result/webex.pcap.out index fbf341918..ecd0f6432 100644 --- a/tests/result/webex.pcap.out +++ b/tests/result/webex.pcap.out @@ -6,36 +6,36 @@ Google 17 6375 1 Webex 1380 818407 43 Amazon 3 174 1 - 1 TCP 10.8.0.1:51155 <-> 62.109.224.120:443 [proto: 91.141/SSL.Webex][cat: Collaborative/15][256 pkts/14707 bytes <-> 257 pkts/329379 bytes][server: *.webex.com] - 2 TCP 10.8.0.1:41348 <-> 64.68.105.103:443 [proto: 91.141/SSL.Webex][cat: Collaborative/15][28 pkts/4815 bytes <-> 28 pkts/104881 bytes][client: radcom.webex.com] - 3 TCP 10.8.0.1:41346 <-> 64.68.105.103:443 [proto: 91.141/SSL.Webex][cat: Collaborative/15][48 pkts/11540 bytes <-> 47 pkts/80696 bytes][client: radcom.webex.com][server: *.webex.com] - 4 TCP 10.8.0.1:41358 <-> 64.68.105.103:443 [proto: 91.141/SSL.Webex][cat: Collaborative/15][19 pkts/2005 bytes <-> 19 pkts/40477 bytes][server: *.webex.com] - 5 TCP 10.8.0.1:51194 <-> 62.109.224.120:443 [proto: 91.141/SSL.Webex][cat: Collaborative/15][12 pkts/1531 bytes <-> 12 pkts/34357 bytes][server: *.webex.com] - 6 TCP 10.8.0.1:41354 <-> 64.68.105.103:443 [proto: 91.141/SSL.Webex][cat: Collaborative/15][13 pkts/2145 bytes <-> 13 pkts/24239 bytes][server: *.webex.com] - 7 TCP 10.8.0.1:51154 <-> 62.109.224.120:443 [proto: 91.141/SSL.Webex][cat: Collaborative/15][55 pkts/12583 bytes <-> 50 pkts/6703 bytes][server: *.webex.com] + 1 TCP 10.8.0.1:51155 <-> 62.109.224.120:443 [proto: 91.141/SSL.Webex][cat: VoIP/10][256 pkts/14707 bytes <-> 257 pkts/329379 bytes][server: *.webex.com] + 2 TCP 10.8.0.1:41348 <-> 64.68.105.103:443 [proto: 91.141/SSL.Webex][cat: VoIP/10][28 pkts/4815 bytes <-> 28 pkts/104881 bytes][client: radcom.webex.com] + 3 TCP 10.8.0.1:41346 <-> 64.68.105.103:443 [proto: 91.141/SSL.Webex][cat: VoIP/10][48 pkts/11540 bytes <-> 47 pkts/80696 bytes][client: radcom.webex.com][server: *.webex.com] + 4 TCP 10.8.0.1:41358 <-> 64.68.105.103:443 [proto: 91.141/SSL.Webex][cat: VoIP/10][19 pkts/2005 bytes <-> 19 pkts/40477 bytes][server: *.webex.com] + 5 TCP 10.8.0.1:51194 <-> 62.109.224.120:443 [proto: 91.141/SSL.Webex][cat: VoIP/10][12 pkts/1531 bytes <-> 12 pkts/34357 bytes][server: *.webex.com] + 6 TCP 10.8.0.1:41354 <-> 64.68.105.103:443 [proto: 91.141/SSL.Webex][cat: VoIP/10][13 pkts/2145 bytes <-> 13 pkts/24239 bytes][server: *.webex.com] + 7 TCP 10.8.0.1:51154 <-> 62.109.224.120:443 [proto: 91.141/SSL.Webex][cat: VoIP/10][55 pkts/12583 bytes <-> 50 pkts/6703 bytes][server: *.webex.com] 8 UDP 10.8.0.1:64538 -> 172.16.1.75:5060 [proto: 100/SIP][cat: VoIP/10][22 pkts/15356 bytes -> 0 pkts/0 bytes] - 9 TCP 10.8.0.1:51857 <-> 62.109.229.158:443 [proto: 91.141/SSL.Webex][cat: Collaborative/15][29 pkts/4559 bytes <-> 21 pkts/5801 bytes][server: *.webex.com] + 9 TCP 10.8.0.1:51857 <-> 62.109.229.158:443 [proto: 91.141/SSL.Webex][cat: VoIP/10][29 pkts/4559 bytes <-> 21 pkts/5801 bytes][server: *.webex.com] 10 TCP 10.8.0.1:46211 <-> 54.241.32.14:443 [proto: 91/SSL][cat: Web/5][16 pkts/1984 bytes <-> 14 pkts/7584 bytes][client: api.crittercism.com][server: *.crittercism.com] - 11 TCP 10.8.0.1:41386 <-> 64.68.105.103:443 [proto: 91.141/SSL.Webex][cat: Collaborative/15][9 pkts/1417 bytes <-> 8 pkts/6984 bytes][server: *.webex.com] - 12 TCP 10.8.0.1:41419 <-> 64.68.105.103:443 [proto: 91.141/SSL.Webex][cat: Collaborative/15][7 pkts/1309 bytes <-> 7 pkts/6930 bytes][server: *.webex.com] - 13 TCP 10.8.0.1:52730 <-> 173.243.4.76:443 [proto: 91.141/SSL.Webex][cat: Collaborative/15][9 pkts/1369 bytes <-> 8 pkts/6621 bytes][server: *.webex.com] - 14 TCP 10.8.0.1:44492 <-> 64.68.104.140:443 [proto: 91.141/SSL.Webex][cat: Collaborative/15][9 pkts/1369 bytes <-> 8 pkts/6600 bytes][server: *.webex.com] - 15 TCP 10.8.0.1:45814 <-> 62.109.231.3:443 [proto: 91.141/SSL.Webex][cat: Collaborative/15][8 pkts/1315 bytes <-> 8 pkts/6653 bytes][server: *.webex.com] - 16 TCP 10.8.0.1:47498 <-> 209.197.222.159:443 [proto: 91.141/SSL.Webex][cat: Collaborative/15][7 pkts/1261 bytes <-> 7 pkts/6535 bytes][server: *.webex.com] - 17 TCP 10.8.0.1:57647 <-> 64.68.121.153:443 [proto: 91.141/SSL.Webex][cat: Collaborative/15][7 pkts/1261 bytes <-> 7 pkts/6535 bytes][server: *.webex.com] - 18 TCP 10.8.0.1:37129 <-> 64.68.105.98:443 [proto: 91.141/SSL.Webex][cat: Collaborative/15][9 pkts/1369 bytes <-> 9 pkts/5838 bytes][server: *.webex.com] - 19 TCP 10.8.0.1:51370 <-> 64.68.105.97:443 [proto: 91.141/SSL.Webex][cat: Collaborative/15][8 pkts/1315 bytes <-> 8 pkts/5784 bytes][server: *.webex.com] - 20 TCP 10.8.0.1:55669 <-> 173.243.0.110:443 [proto: 91.141/SSL.Webex][cat: Collaborative/15][11 pkts/1830 bytes <-> 12 pkts/4811 bytes][server: *.webex.com] - 21 TCP 10.8.0.1:55665 <-> 173.243.0.110:443 [proto: 91.141/SSL.Webex][cat: Collaborative/15][11 pkts/1798 bytes <-> 11 pkts/4757 bytes][server: *.webex.com] - 22 TCP 10.8.0.1:55671 <-> 173.243.0.110:443 [proto: 91.141/SSL.Webex][cat: Collaborative/15][11 pkts/1798 bytes <-> 11 pkts/4757 bytes][server: *.webex.com] - 23 TCP 10.8.0.1:55687 <-> 173.243.0.110:443 [proto: 91.141/SSL.Webex][cat: Collaborative/15][11 pkts/1798 bytes <-> 11 pkts/4757 bytes][server: *.webex.com] + 11 TCP 10.8.0.1:41386 <-> 64.68.105.103:443 [proto: 91.141/SSL.Webex][cat: VoIP/10][9 pkts/1417 bytes <-> 8 pkts/6984 bytes][server: *.webex.com] + 12 TCP 10.8.0.1:41419 <-> 64.68.105.103:443 [proto: 91.141/SSL.Webex][cat: VoIP/10][7 pkts/1309 bytes <-> 7 pkts/6930 bytes][server: *.webex.com] + 13 TCP 10.8.0.1:52730 <-> 173.243.4.76:443 [proto: 91.141/SSL.Webex][cat: VoIP/10][9 pkts/1369 bytes <-> 8 pkts/6621 bytes][server: *.webex.com] + 14 TCP 10.8.0.1:44492 <-> 64.68.104.140:443 [proto: 91.141/SSL.Webex][cat: VoIP/10][9 pkts/1369 bytes <-> 8 pkts/6600 bytes][server: *.webex.com] + 15 TCP 10.8.0.1:45814 <-> 62.109.231.3:443 [proto: 91.141/SSL.Webex][cat: VoIP/10][8 pkts/1315 bytes <-> 8 pkts/6653 bytes][server: *.webex.com] + 16 TCP 10.8.0.1:47498 <-> 209.197.222.159:443 [proto: 91.141/SSL.Webex][cat: VoIP/10][7 pkts/1261 bytes <-> 7 pkts/6535 bytes][server: *.webex.com] + 17 TCP 10.8.0.1:57647 <-> 64.68.121.153:443 [proto: 91.141/SSL.Webex][cat: VoIP/10][7 pkts/1261 bytes <-> 7 pkts/6535 bytes][server: *.webex.com] + 18 TCP 10.8.0.1:37129 <-> 64.68.105.98:443 [proto: 91.141/SSL.Webex][cat: VoIP/10][9 pkts/1369 bytes <-> 9 pkts/5838 bytes][server: *.webex.com] + 19 TCP 10.8.0.1:51370 <-> 64.68.105.97:443 [proto: 91.141/SSL.Webex][cat: VoIP/10][8 pkts/1315 bytes <-> 8 pkts/5784 bytes][server: *.webex.com] + 20 TCP 10.8.0.1:55669 <-> 173.243.0.110:443 [proto: 91.141/SSL.Webex][cat: VoIP/10][11 pkts/1830 bytes <-> 12 pkts/4811 bytes][server: *.webex.com] + 21 TCP 10.8.0.1:55665 <-> 173.243.0.110:443 [proto: 91.141/SSL.Webex][cat: VoIP/10][11 pkts/1798 bytes <-> 11 pkts/4757 bytes][server: *.webex.com] + 22 TCP 10.8.0.1:55671 <-> 173.243.0.110:443 [proto: 91.141/SSL.Webex][cat: VoIP/10][11 pkts/1798 bytes <-> 11 pkts/4757 bytes][server: *.webex.com] + 23 TCP 10.8.0.1:55687 <-> 173.243.0.110:443 [proto: 91.141/SSL.Webex][cat: VoIP/10][11 pkts/1798 bytes <-> 11 pkts/4757 bytes][server: *.webex.com] 24 TCP 10.8.0.1:43433 <-> 216.58.208.40:443 [proto: 91.126/SSL.Google][cat: Web/5][9 pkts/1540 bytes <-> 8 pkts/4835 bytes][client: ssl.google-analytics.com][server: *.google-analytics.com] - 25 TCP 10.8.0.1:51646 <-> 114.29.204.49:443 [proto: 91.141/SSL.Webex][cat: Collaborative/15][9 pkts/895 bytes <-> 8 pkts/4398 bytes][server: *.webex.com] - 26 TCP 10.8.0.1:52219 <-> 64.68.121.100:443 [proto: 91.141/SSL.Webex][cat: Collaborative/15][8 pkts/841 bytes <-> 7 pkts/4376 bytes][server: *.webex.com] - 27 TCP 10.8.0.1:55969 <-> 64.68.121.99:443 [proto: 91.141/SSL.Webex][cat: Collaborative/15][8 pkts/841 bytes <-> 7 pkts/4376 bytes][server: *.webex.com] - 28 TCP 10.8.0.1:49048 <-> 23.44.253.243:443 [proto: 91.141/SSL.Webex][cat: Collaborative/15][7 pkts/1181 bytes <-> 7 pkts/4021 bytes][server: www.webex.com] - 29 TCP 10.8.0.1:47116 <-> 114.29.202.139:443 [proto: 91.141/SSL.Webex][cat: Collaborative/15][7 pkts/461 bytes <-> 6 pkts/4231 bytes][server: *.webex.com] - 30 TCP 10.8.0.1:47841 <-> 114.29.200.11:443 [proto: 91.141/SSL.Webex][cat: Collaborative/15][6 pkts/407 bytes <-> 5 pkts/4177 bytes][server: *.webex.com] + 25 TCP 10.8.0.1:51646 <-> 114.29.204.49:443 [proto: 91.141/SSL.Webex][cat: VoIP/10][9 pkts/895 bytes <-> 8 pkts/4398 bytes][server: *.webex.com] + 26 TCP 10.8.0.1:52219 <-> 64.68.121.100:443 [proto: 91.141/SSL.Webex][cat: VoIP/10][8 pkts/841 bytes <-> 7 pkts/4376 bytes][server: *.webex.com] + 27 TCP 10.8.0.1:55969 <-> 64.68.121.99:443 [proto: 91.141/SSL.Webex][cat: VoIP/10][8 pkts/841 bytes <-> 7 pkts/4376 bytes][server: *.webex.com] + 28 TCP 10.8.0.1:49048 <-> 23.44.253.243:443 [proto: 91.141/SSL.Webex][cat: VoIP/10][7 pkts/1181 bytes <-> 7 pkts/4021 bytes][server: www.webex.com] + 29 TCP 10.8.0.1:47116 <-> 114.29.202.139:443 [proto: 91.141/SSL.Webex][cat: VoIP/10][7 pkts/461 bytes <-> 6 pkts/4231 bytes][server: *.webex.com] + 30 TCP 10.8.0.1:47841 <-> 114.29.200.11:443 [proto: 91.141/SSL.Webex][cat: VoIP/10][6 pkts/407 bytes <-> 5 pkts/4177 bytes][server: *.webex.com] 31 TCP 10.8.0.1:33551 <-> 80.74.110.68:443 [proto: 64/SSL_No_Cert][cat: Web/5][10 pkts/1465 bytes <-> 11 pkts/1065 bytes] 32 TCP 10.8.0.1:33553 <-> 80.74.110.68:443 [proto: 64/SSL_No_Cert][cat: Web/5][10 pkts/1388 bytes <-> 10 pkts/1087 bytes] 33 TCP 10.8.0.1:33512 <-> 80.74.110.68:443 [proto: 64/SSL_No_Cert][cat: Web/5][9 pkts/1357 bytes <-> 9 pkts/615 bytes] @@ -44,8 +44,8 @@ Amazon 3 174 1 36 TCP 10.8.0.1:33559 <-> 80.74.110.68:443 [proto: 64/SSL_No_Cert][cat: Web/5][7 pkts/1280 bytes <-> 6 pkts/453 bytes] 37 TCP 10.8.0.1:59757 <-> 78.46.237.91:80 [proto: 7/HTTP][cat: Web/5][5 pkts/624 bytes <-> 5 pkts/767 bytes][Host: cp.pushwoosh.com] 38 UDP 10.8.0.1:51772 <-> 62.109.229.158:9000 [proto: 141/Webex][14 pkts/1071 bytes <-> 2 pkts/100 bytes] - 39 TCP 10.8.0.1:41350 <-> 64.68.105.103:443 [proto: 91.141/SSL.Webex][cat: Collaborative/15][6 pkts/614 bytes <-> 5 pkts/399 bytes][client: radcom.webex.com] - 40 TCP 10.8.0.1:41351 <-> 64.68.105.103:443 [proto: 91.141/SSL.Webex][cat: Collaborative/15][5 pkts/560 bytes <-> 4 pkts/345 bytes][client: radcom.webex.com] + 39 TCP 10.8.0.1:41350 <-> 64.68.105.103:443 [proto: 91.141/SSL.Webex][cat: VoIP/10][6 pkts/614 bytes <-> 5 pkts/399 bytes][client: radcom.webex.com] + 40 TCP 10.8.0.1:41351 <-> 64.68.105.103:443 [proto: 91.141/SSL.Webex][cat: VoIP/10][5 pkts/560 bytes <-> 4 pkts/345 bytes][client: radcom.webex.com] 41 TCP 10.8.0.1:51190 <-> 62.109.224.120:443 [proto: 91.141/SSL.Webex][7 pkts/501 bytes <-> 4 pkts/216 bytes] 42 TCP 10.8.0.1:37139 <-> 64.68.105.98:443 [proto: 91.141/SSL.Webex][6 pkts/427 bytes <-> 5 pkts/270 bytes] 43 TCP 10.8.0.1:41394 <-> 64.68.105.103:443 [proto: 91.141/SSL.Webex][6 pkts/427 bytes <-> 5 pkts/270 bytes] diff --git a/tests/result/whatsappfiles.pcap.out b/tests/result/whatsappfiles.pcap.out index e6e8f0fa7..40d4fa391 100644 --- a/tests/result/whatsappfiles.pcap.out +++ b/tests/result/whatsappfiles.pcap.out @@ -1,4 +1,4 @@ WhatsAppFiles 620 452233 2 - 1 TCP 192.168.2.29:49698 <-> 185.60.216.53:443 [proto: 242/WhatsAppFiles][cat: Download-FileTransfer-FileSharing/7][132 pkts/9906 bytes <-> 178 pkts/237405 bytes] - 2 TCP 192.168.2.29:49674 <-> 185.60.216.53:443 [proto: 242/WhatsAppFiles][cat: Download-FileTransfer-FileSharing/7][161 pkts/189194 bytes <-> 149 pkts/15728 bytes] + 1 TCP 192.168.2.29:49698 <-> 185.60.216.53:443 [proto: 91.242/SSL.WhatsAppFiles][cat: Download-FileTransfer-FileSharing/7][132 pkts/9906 bytes <-> 178 pkts/237405 bytes] + 2 TCP 192.168.2.29:49674 <-> 185.60.216.53:443 [proto: 91.242/SSL.WhatsAppFiles][cat: Download-FileTransfer-FileSharing/7][161 pkts/189194 bytes <-> 149 pkts/15728 bytes] -- cgit v1.2.3 From db74459ca2b8a05f52019c324b06f698a1df1465 Mon Sep 17 00:00:00 2001 From: Simone Mainardi Date: Fri, 17 Aug 2018 12:29:08 +0200 Subject: Fixes weibo detection --- src/lib/ndpi_content_match.c.inc | 1 + tests/result/weibo.pcap.out | 6 +++--- 2 files changed, 4 insertions(+), 3 deletions(-) (limited to 'tests') diff --git a/src/lib/ndpi_content_match.c.inc b/src/lib/ndpi_content_match.c.inc index d6da458eb..390424eeb 100644 --- a/src/lib/ndpi_content_match.c.inc +++ b/src/lib/ndpi_content_match.c.inc @@ -8237,6 +8237,7 @@ ndpi_protocol_match host_match[] = { { ".gtimg.com", NULL, "\\.gtimg" TLD, "QQ", NDPI_PROTOCOL_QQ, NDPI_PROTOCOL_CATEGORY_CHAT, NDPI_PROTOCOL_FUN }, { ".weibo.com", NULL, "\\.weibo" TLD, "Sina(Weibo)", NDPI_PROTOCOL_SINA, NDPI_PROTOCOL_CATEGORY_SOCIAL_NETWORK, NDPI_PROTOCOL_FUN }, + { ".weibo.cn", NULL, NULL, "Sina(Weibo)", NDPI_PROTOCOL_SINA, NDPI_PROTOCOL_CATEGORY_SOCIAL_NETWORK, NDPI_PROTOCOL_FUN }, { ".sinaimg.cn", NULL, "\\.sinaimg" TLD, "Sina", NDPI_PROTOCOL_SINA, NDPI_PROTOCOL_CATEGORY_SOCIAL_NETWORK, NDPI_PROTOCOL_FUN }, { ".sinajs.cn", NULL, "\\.sinajs" TLD, "Sina", NDPI_PROTOCOL_SINA, NDPI_PROTOCOL_CATEGORY_SOCIAL_NETWORK, NDPI_PROTOCOL_FUN }, { ".sina.cn", NULL, "\\.sina" TLD, "Sina", NDPI_PROTOCOL_SINA, NDPI_PROTOCOL_CATEGORY_SOCIAL_NETWORK, NDPI_PROTOCOL_FUN }, diff --git a/tests/result/weibo.pcap.out b/tests/result/weibo.pcap.out index 8ae9cdea1..befa40bea 100644 --- a/tests/result/weibo.pcap.out +++ b/tests/result/weibo.pcap.out @@ -1,10 +1,10 @@ -DNS 11 1129 6 +DNS 10 1059 5 HTTP 19 2275 5 SSL 15 1234 10 Google 10 660 5 Amazon 2 132 1 QUIC 23 4118 2 -Sina(Weibo) 418 258007 15 +Sina(Weibo) 419 258077 16 1 TCP 192.168.1.105:35803 <-> 93.188.134.246:80 [proto: 7.200/HTTP.Sina(Weibo)][cat: SocialNetwork/6][52 pkts/5367 bytes <-> 54 pkts/71536 bytes][Host: img.t.sinajs.cn] 2 TCP 192.168.1.105:35804 <-> 93.188.134.246:80 [proto: 7.200/HTTP.Sina(Weibo)][cat: SocialNetwork/6][32 pkts/3624 bytes <-> 40 pkts/50657 bytes][Host: img.t.sinajs.cn] @@ -49,4 +49,4 @@ Sina(Weibo) 418 258007 15 41 TCP 192.168.1.105:52272 -> 42.156.184.19:443 [proto: 91/SSL][1 pkts/74 bytes -> 0 pkts/0 bytes] 42 TCP 192.168.1.105:52274 -> 42.156.184.19:443 [proto: 91/SSL][1 pkts/74 bytes -> 0 pkts/0 bytes] 43 UDP 192.168.1.105:50533 -> 192.168.1.1:53 [proto: 5.200/DNS.Sina(Weibo)][cat: SocialNetwork/6][1 pkts/74 bytes -> 0 pkts/0 bytes][Host: data.weibo.com] - 44 UDP 192.168.1.105:16804 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/70 bytes -> 0 pkts/0 bytes][Host: c.weibo.cn] + 44 UDP 192.168.1.105:16804 -> 192.168.1.1:53 [proto: 5.200/DNS.Sina(Weibo)][cat: SocialNetwork/6][1 pkts/70 bytes -> 0 pkts/0 bytes][Host: c.weibo.cn] -- cgit v1.2.3 From a98c0a81be86936e96be7d2312ae11ef85b785b2 Mon Sep 17 00:00:00 2001 From: Luca Date: Sat, 25 Aug 2018 10:50:16 +0200 Subject: Added target for shared liubrary creation Added target for install Fixes #593 --- Makefile.am | 7 +--- autogen.sh | 2 +- configure.seed | 4 +- libndpi.pc.in | 10 ----- libndpi.sym | 75 ------------------------------------- src/lib/Makefile | 26 ------------- src/lib/Makefile.in | 49 ++++++++++++++++++++++++ tests/result/ssdp-m-search.pcap.out | 3 ++ 8 files changed, 57 insertions(+), 119 deletions(-) delete mode 100644 libndpi.pc.in delete mode 100644 libndpi.sym delete mode 100644 src/lib/Makefile create mode 100644 src/lib/Makefile.in create mode 100644 tests/result/ssdp-m-search.pcap.out (limited to 'tests') diff --git a/Makefile.am b/Makefile.am index 17c674812..0642aec9d 100644 --- a/Makefile.am +++ b/Makefile.am @@ -1,8 +1,3 @@ ACLOCAL_AMFLAGS = -I m4 - SUBDIRS = src/lib example tests - -pkgconfigdir = $(libdir)/pkgconfig -pkgconfig_DATA = libndpi.pc - -EXTRA_DIST = libndpi.sym autogen.sh +EXTRA_DIST = autogen.sh diff --git a/autogen.sh b/autogen.sh index ea5ed6694..20bf400ab 100755 --- a/autogen.sh +++ b/autogen.sh @@ -5,7 +5,7 @@ NDPI_MINOR="5" NDPI_PATCH="0" NDPI_VERSION_SHORT="$NDPI_MAJOR.$NDPI_MINOR.$NDPI_PATCH" -rm -f configure config.h config.h.in src/lib/Makefile.in +rm -f configure config.h config.h.in AUTOCONF=$(command -v autoconf) AUTOMAKE=$(command -v automake) diff --git a/configure.seed b/configure.seed index 6b85c66e9..946557a33 100644 --- a/configure.seed +++ b/configure.seed @@ -10,6 +10,7 @@ AC_PROG_CC AM_PROG_CC_C_O AX_PTHREAD +NDPI_VERSION_SHORT="@NDPI_VERSION_SHORT@" NDPI_MAJOR="@NDPI_MAJOR@" NDPI_MINOR="@NDPI_MINOR@" NDPI_PATCH="@NDPI_PATCH@" @@ -127,12 +128,13 @@ AC_ARG_ENABLE([debug-messages], AC_CHECK_LIB(pthread, pthread_setaffinity_np, AC_DEFINE_UNQUOTED(HAVE_PTHREAD_SETAFFINITY_NP, 1, [libc has pthread_setaffinity_np])) -AC_CONFIG_FILES([Makefile example/Makefile tests/Makefile libndpi.pc src/include/ndpi_define.h]) +AC_CONFIG_FILES([Makefile example/Makefile tests/Makefile src/include/ndpi_define.h src/lib/Makefile]) AC_CONFIG_HEADERS(src/include/ndpi_config.h) AC_SUBST(GIT_RELEASE) AC_SUBST(NDPI_MAJOR) AC_SUBST(NDPI_MINOR) AC_SUBST(NDPI_PATCH) +AC_SUBST(NDPI_VERSION_SHORT) AC_SUBST(SVN_DATE) AC_SUBST(JSON_C_LIB) AC_SUBST(PCAP_INC) diff --git a/libndpi.pc.in b/libndpi.pc.in deleted file mode 100644 index 291429cc7..000000000 --- a/libndpi.pc.in +++ /dev/null @@ -1,10 +0,0 @@ -prefix=@prefix@ -exec_prefix=@exec_prefix@ -libdir=@libdir@ -includedir=@includedir@ - -Name: libndpi -Description: deep packet inspection library -Version: @VERSION@ -Libs: -L${libdir} -lndpi -Cflags: -I${includedir}/libndpi-@VERSION@ diff --git a/libndpi.sym b/libndpi.sym deleted file mode 100644 index 66cffbb18..000000000 --- a/libndpi.sym +++ /dev/null @@ -1,75 +0,0 @@ -ndpi_dump_protocols -ndpi_strnstr -ndpi_detection_giveup -ndpi_get_proto_name -ndpi_free -ndpi_flow_free -ndpi_guess_undetected_protocol -ndpi_tfind -ndpi_tsearch -ndpi_set_protocol_detection_bitmask2 -ndpi_detection_get_sizeof_ndpi_id_struct -ndpi_detection_get_sizeof_ndpi_flow_struct -ndpi_load_protocols_file -ndpi_tdestroy -ndpi_exit_detection_module -ndpi_l4_detection_process_packet -ndpi_detection_process_packet -ndpi_process_extra_packet -ndpi_twalk -ndpi_tdelete -ndpi_revision -ndpi_init_detection_module -ndpi_get_num_supported_protocols -ndpi_set_proto_defaults -ndpi_get_protocol_id -ndpi_get_category_id -ndpi_find_port_based_protocol -ndpi_get_http_method -ndpi_get_http_url -ndpi_get_http_content_type -ndpi_free_flow -ndpi_get_proto_breed -ndpi_get_proto_breed_name -ndpi_get_proto_by_id -ndpi_get_proto_by_name -ndpi_get_protocol_id_master_proto -ndpi_guess_protocol_id -ndpi_protocol2name -ndpi_get_lower_proto -ndpi_is_proto -ndpi_malloc -ndpi_calloc -ndpi_set_detected_protocol -ndpi_match_string_subprotocol -ndpi_init_automa -ndpi_free_automa -ndpi_add_string_value_to_automa -ndpi_add_string_to_automa -ndpi_finalize_automa -ndpi_match_string -ndpi_match_string_id -set_ndpi_malloc -set_ndpi_flow_malloc -set_ndpi_free -set_ndpi_flow_free -set_ndpi_debug_function -ndpi_category_str -ndpi_get_proto_category -ndpi_netbios_name_interpret -ndpi_category_set_name -ndpi_category_get_name -ndpi_is_custom_category -ndpi_is_subprotocol_informative -ndpi_set_proto_category -ndpi_get_api_version -ndpi_network_ptree_match -ndpi_check_flow_func -ndpi_fill_protocol_category -ndpi_load_hostname_category -ndpi_enable_loaded_categories -ndpi_set_detection_preferences -ndpi_get_proto_defaults -ndpi_get_ndpi_num_supported_protocols -ndpi_get_ndpi_num_custom_protocols -ndpi_get_ndpi_detection_module_size diff --git a/src/lib/Makefile b/src/lib/Makefile deleted file mode 100644 index 19c6f1cfe..000000000 --- a/src/lib/Makefile +++ /dev/null @@ -1,26 +0,0 @@ -# -# Simple non-autotools dependent makefile -# -# ./autogen.sh -# cd src/lib -# make -f Makefile.simple -# -CFLAGS += -fPIC -DPIC -I../include -Ithird_party/include -DNDPI_LIB_COMPILATION -g -RANLIB = ranlib - -OBJECTS = $(patsubst protocols/%.c, protocols/%.o, $(wildcard protocols/*.c)) $(patsubst third_party/src/%.c, third_party/src/%.o, $(wildcard third_party/src/*.c)) ndpi_main.o -HEADERS = $(wildcard ../include/*.h) - -all: libndpi.a - -ndpi_main.c: ndpi_content_match.c.inc - -libndpi.a: $(OBJECTS) - ar rc $@ $(OBJECTS) - $(RANLIB) $@ - -%.o: %.c $(HEADERS) Makefile - $(CC) $(CFLAGS) -c $< -o $@ - -clean: - /bin/rm -f libndpi.a $(OBJECTS) diff --git a/src/lib/Makefile.in b/src/lib/Makefile.in new file mode 100644 index 000000000..1bbc4095e --- /dev/null +++ b/src/lib/Makefile.in @@ -0,0 +1,49 @@ +# +# Simple non-autotools dependent makefile +# +# ./autogen.sh +# cd src/lib +# make Makefile +# + +# +# Installation directories +# +prefix = /usr/local +libdir = ${prefix}/lib +includedir = ${prefix}/include/ndpi + +CFLAGS += -fPIC -DPIC -I../include -Ithird_party/include -DNDPI_LIB_COMPILATION -g +RANLIB = ranlib + +OBJECTS = $(patsubst protocols/%.c, protocols/%.o, $(wildcard protocols/*.c)) $(patsubst third_party/src/%.c, third_party/src/%.o, $(wildcard third_party/src/*.c)) ndpi_main.o +HEADERS = $(wildcard ../include/*.h) +NDPI_LIB_STATIC = libndpi.a +NDPI_LIB_SHARED_BASE = libndpi.so +NDPI_LIB_SHARED = $(NDPI_LIB_SHARED_BASE).@NDPI_VERSION_SHORT@ +NDPI_LIBS = $(NDPI_LIB_STATIC) $(NDPI_LIB_SHARED) + +all: $(NDPI_LIBS) + +ndpi_main.c: ndpi_content_match.c.inc + +$(NDPI_LIB_STATIC): $(OBJECTS) + ar rc $@ $(OBJECTS) + $(RANLIB) $@ + +$(NDPI_LIB_SHARED): $(OBJECTS) + gcc -shared -fPIC -o $@ $(OBJECTS) + ln -Fs $(NDPI_LIB_SHARED) $(NDPI_LIB_SHARED_BASE) + +%.o: %.c $(HEADERS) Makefile + $(CC) $(CFLAGS) -c $< -o $@ + +clean: + /bin/rm -f $(NDPI_LIB_STATIC) $(OBJECTS) *.o *.so *.lo + +install: $(NDPI_LIBS) + mkdir -p $(DESTDIR)$(libdir) + cp $(NDPI_LIBS) $(DESTDIR)$(libdir)/ + ln -Fs $(DESTDIR)$(libdir)/$(NDPI_LIB_SHARED) $(DESTDIR)$(libdir)/$(NDPI_LIB_SHARED_BASE) + mkdir -p $(DESTDIR)$(includedir) + cp ../include/*.h $(DESTDIR)$(includedir) diff --git a/tests/result/ssdp-m-search.pcap.out b/tests/result/ssdp-m-search.pcap.out new file mode 100644 index 000000000..e975bfeb4 --- /dev/null +++ b/tests/result/ssdp-m-search.pcap.out @@ -0,0 +1,3 @@ +SSDP 19 1197 1 + + 1 UDP 192.168.242.8:42253 -> 192.168.242.255:32412 [proto: 12/SSDP][cat: System/18][19 pkts/1197 bytes -> 0 pkts/0 bytes] -- cgit v1.2.3 From e4f01976a66f1943bde7b253b62430d36c6d9e74 Mon Sep 17 00:00:00 2001 From: Luca Date: Thu, 30 Aug 2018 11:10:30 +0200 Subject: Added missing categorization when giveup/guess is called Added optimization for TCP flows that do not start with a SYN packet: early giveup is performed Code cleanup --- src/include/ndpi_typedefs.h | 3 +- src/lib/ndpi_main.c | 75 +++++++++++++----------- tests/result/1kxun.pcap.out | 16 ++--- tests/result/6in4tunnel.pcap.out | 4 +- tests/result/EAQ.pcap.out | 58 +++++++++--------- tests/result/Instagram.pcap.out | 24 ++++---- tests/result/KakaoTalk_chat.pcap.out | 18 +++--- tests/result/KakaoTalk_talk.pcap.out | 22 +++---- tests/result/bittorrent_ip.pcap.out | 4 +- tests/result/coap_mqtt.pcap.out | 8 +-- tests/result/diameter.pcap.out | 2 +- tests/result/dropbox.pcap.out | 8 +-- tests/result/http_ipv6.pcap.out | 14 ++--- tests/result/mssql_tds.pcap.out | 2 +- tests/result/netflix.pcap.out | 2 +- tests/result/nintendo.pcap.out | 14 ++--- tests/result/ocs.pcap.out | 12 ++-- tests/result/pps.pcap.out | 4 +- tests/result/skype.pcap.out | 68 ++++++++++----------- tests/result/skype_no_unknown.pcap.out | 60 +++++++++---------- tests/result/starcraft_battle.pcap.out | 46 +++++++-------- tests/result/teredo.pcap.out | 10 ++-- tests/result/tor.pcap.out | 2 +- tests/result/viber.pcap.out | 14 ++--- tests/result/waze.pcap.out | 18 +++--- tests/result/webex.pcap.out | 36 ++++++------ tests/result/wechat.pcap.out | 62 ++++++++++---------- tests/result/weibo.pcap.out | 40 ++++++------- tests/result/whatsapp_login_call.pcap.out | 72 +++++++++++------------ tests/result/whatsapp_login_chat.pcap.out | 2 +- tests/result/whatsapp_voice_and_message.pcap.out | 16 ++--- 31 files changed, 372 insertions(+), 364 deletions(-) (limited to 'tests') diff --git a/src/include/ndpi_typedefs.h b/src/include/ndpi_typedefs.h index a3ed39c2d..0e069ae77 100644 --- a/src/include/ndpi_typedefs.h +++ b/src/include/ndpi_typedefs.h @@ -989,7 +989,6 @@ struct ndpi_flow_struct { /* init parameter, internal used to set up timestamp,... */ u_int16_t guessed_protocol_id, guessed_host_protocol_id, guessed_category; - u_int8_t protocol_id_already_guessed:1, host_already_guessed:1, init_finished:1, setup_packet_direction:1, packet_direction:1, check_extra_packets:1; /* @@ -1000,6 +999,8 @@ struct ndpi_flow_struct { u_int8_t max_extra_packets_to_check; u_int8_t num_extra_packets_checked; + u_int8_t num_processed_pkts; /* <= WARNING it can wrap but we do expect people to giveup earlier */ + int (*extra_packets_func) (struct ndpi_detection_module_struct *, struct ndpi_flow_struct *flow); /* diff --git a/src/lib/ndpi_main.c b/src/lib/ndpi_main.c index 2a51316fa..b5d587dce 100644 --- a/src/lib/ndpi_main.c +++ b/src/lib/ndpi_main.c @@ -3516,7 +3516,7 @@ static int ndpi_init_packet_header(struct ndpi_detection_module_struct *ndpi_str if(flow->packet.l4_packet_len >=flow->packet.tcp->doff * 4) { flow->packet.payload_packet_len = flow->packet.l4_packet_len -flow->packet.tcp->doff * 4; - flow->packet.actual_payload_len =flow->packet.payload_packet_len; + flow->packet.actual_payload_len = flow->packet.payload_packet_len; flow->packet.payload = ((u_int8_t *)flow->packet.tcp) + (flow->packet.tcp->doff * 4); /* check for new tcp syn packets, here @@ -3526,15 +3526,17 @@ static int ndpi_init_packet_header(struct ndpi_detection_module_struct *ndpi_str && flow->packet.tcp->ack == 0 && flow->init_finished != 0 && flow->detected_protocol_stack[0] == NDPI_PROTOCOL_UNKNOWN) { - if(flow->http.url) - ndpi_free(flow->http.url); - if(flow->http.content_type) - ndpi_free(flow->http.content_type); - memset(flow, 0, sizeof(*(flow))); + u_int8_t backup; + + if(flow->http.url) ndpi_free(flow->http.url); + if(flow->http.content_type) ndpi_free(flow->http.content_type); + backup = flow->num_processed_pkts; + memset(flow, 0, sizeof(*(flow))); + flow->num_processed_pkts = backup; + NDPI_LOG_DBG(ndpi_struct, "tcp syn packet for unknown protocol, reset detection state\n"); - } } else { /* tcp header not complete */ @@ -3547,6 +3549,7 @@ static int ndpi_init_packet_header(struct ndpi_detection_module_struct *ndpi_str } else { flow->packet.generic_l4_ptr = l4ptr; } + return 0; } @@ -3837,7 +3840,6 @@ void check_ndpi_tcp_flow_func(struct ndpi_detection_module_struct *ndpi_struct, } } - /* ********************************************************************************* */ void ndpi_check_flow_func(struct ndpi_detection_module_struct *ndpi_struct, @@ -3932,6 +3934,7 @@ ndpi_protocol ndpi_detection_giveup(struct ndpi_detection_module_struct *ndpi_st } ret.master_protocol = flow->detected_protocol_stack[1], ret.app_protocol = flow->detected_protocol_stack[0]; + ndpi_fill_protocol_category(ndpi_struct, flow, &ret); return(ret); } @@ -4236,6 +4239,8 @@ ndpi_protocol ndpi_detection_process_packet(struct ndpi_detection_module_struct u_int32_t a; ndpi_protocol ret = { NDPI_PROTOCOL_UNKNOWN, NDPI_PROTOCOL_UNKNOWN, NDPI_PROTOCOL_CATEGORY_UNSPECIFIED }; + flow->num_processed_pkts++; + if(ndpi_struct->ndpi_log_level >= NDPI_LOG_TRACE) NDPI_LOG(flow ? flow->detected_protocol_stack[0]:NDPI_PROTOCOL_UNKNOWN, ndpi_struct, NDPI_LOG_TRACE, "START packet processing\n"); @@ -4264,7 +4269,6 @@ ndpi_protocol ndpi_detection_process_packet(struct ndpi_detection_module_struct return(ret); /* detect traffic for tcp or udp only */ - flow->src = src, flow->dst = dst; ndpi_connection_tracking(ndpi_struct, flow); @@ -4367,6 +4371,7 @@ ndpi_protocol ndpi_detection_process_packet(struct ndpi_detection_module_struct ndpi_check_flow_func(ndpi_struct, flow, &ndpi_selection_packet); ndpi_fill_protocol_category(ndpi_struct, flow, &ret); + return(ret); } @@ -4395,6 +4400,24 @@ ndpi_protocol ndpi_detection_process_packet(struct ndpi_detection_module_struct ret.app_protocol = flow->detected_protocol_stack[0]; ndpi_fill_protocol_category(ndpi_struct, flow, &ret); + + if((flow->num_processed_pkts == 1) + && (ret.master_protocol == NDPI_PROTOCOL_UNKNOWN) + && (ret.app_protocol == NDPI_PROTOCOL_UNKNOWN) + && flow->packet.tcp + && (flow->packet.tcp->syn == 0) + ) { + /* + This is a TCP flow + - whose first packet is NOT a SYN + - no protocol has been detected + + We don't see how future packets can match anything + hence we giveup here + */ + ret = ndpi_detection_giveup(ndpi_struct, flow); + } + return(ret); } @@ -4613,7 +4636,6 @@ void ndpi_parse_packet_line_info(struct ndpi_detection_module_struct *ndpi_struc strncpy((char*)flow->http.response_status_code, (char*)packet->http_response.ptr, 3); flow->http.response_status_code[4]='\0'; - NDPI_LOG_DBG2(ndpi_struct, "ndpi_parse_packet_line_info: HTTP response parsed: \"%.*s\"\n", packet->http_response.len, packet->http_response.ptr); @@ -5045,27 +5067,6 @@ void ndpi_int_change_category(struct ndpi_detection_module_struct *ndpi_struct, /* ********************************************************************************* */ -/* change protocol only if guessing is active */ -/* void ndpi_guess_change_protocol(struct ndpi_detection_module_struct *ndpi_struct, */ -/* struct ndpi_flow_struct *flow) */ -/* { */ -/* if(flow->guessed_host_protocol_id != 0 && */ -/* flow->guessed_protocol_id != 0) { */ -/* /\* app proto for flow *\/ */ -/* flow->detected_protocol_stack[0] = flow->guessed_host_protocol_id; */ -/* /\* master proto for flow *\/ */ -/* flow->detected_protocol_stack[1] = flow->guessed_protocol_id; */ - -/* /\* app proto for packet *\/ */ -/* flow->packet.detected_protocol_stack[0] = flow->guessed_host_protocol_id; */ -/* /\* master proto for packet *\/ */ -/* flow->packet.detected_protocol_stack[1] = flow->guessed_protocol_id; */ - -/* } */ -/* } */ - -/* ********************************************************************************* */ - /* turns a packet back to unknown */ void ndpi_int_reset_packet_protocol(struct ndpi_packet_struct *packet) { int a; @@ -5297,11 +5298,13 @@ ndpi_protocol ndpi_guess_undetected_protocol(struct ndpi_detection_module_struct if(rc != NDPI_PROTOCOL_UNKNOWN) { ret.app_protocol = rc, - ret.master_protocol = ndpi_guess_protocol_id(ndpi_struct, proto, sport, dport, &user_defined_proto); + ret.master_protocol = ndpi_guess_protocol_id(ndpi_struct, proto, sport, + dport, &user_defined_proto); if(ret.app_protocol == ret.master_protocol) ret.master_protocol = NDPI_PROTOCOL_UNKNOWN; + ret.category = ndpi_get_proto_category(ndpi_struct, ret); return(ret); } @@ -5311,8 +5314,10 @@ ndpi_protocol ndpi_guess_undetected_protocol(struct ndpi_detection_module_struct if(rc == NDPI_PROTOCOL_SSL) goto check_guessed_skype; - else + else { + ret.category = ndpi_get_proto_category(ndpi_struct, ret); return(ret); + } } check_guessed_skype: @@ -5325,8 +5330,10 @@ ndpi_protocol ndpi_guess_undetected_protocol(struct ndpi_detection_module_struct ret.app_protocol = NDPI_PROTOCOL_SKYPE; } } else - ret.app_protocol = ndpi_guess_protocol_id(ndpi_struct, proto, sport, dport, &user_defined_proto); + ret.app_protocol = ndpi_guess_protocol_id(ndpi_struct, proto, sport, + dport, &user_defined_proto); + ret.category = ndpi_get_proto_category(ndpi_struct, ret); return(ret); } diff --git a/tests/result/1kxun.pcap.out b/tests/result/1kxun.pcap.out index 5e37a65af..e02ddac2f 100644 --- a/tests/result/1kxun.pcap.out +++ b/tests/result/1kxun.pcap.out @@ -28,17 +28,17 @@ LLMNR 89 6799 47 11 TCP 192.168.5.16:53628 <-> 203.69.81.73:80 [proto: 7/HTTP][cat: Web/5][6 pkts/676 bytes <-> 8 pkts/8482 bytes][Host: dl-obs.official.line.naver.jp] 12 UDP [fe80::9bd:81dd:2fdc:5750]:1900 -> [ff02::c]:1900 [proto: 12/SSDP][cat: System/18][16 pkts/8921 bytes -> 0 pkts/0 bytes] 13 UDP 192.168.5.49:1900 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][16 pkts/8473 bytes -> 0 pkts/0 bytes] - 14 TCP 119.235.235.84:443 <-> 192.168.5.16:53406 [proto: 91/SSL][13 pkts/6269 bytes <-> 10 pkts/1165 bytes] + 14 TCP 119.235.235.84:443 <-> 192.168.5.16:53406 [proto: 91/SSL][cat: Web/5][13 pkts/6269 bytes <-> 10 pkts/1165 bytes] 15 TCP 192.168.115.8:49608 <-> 203.205.151.234:80 [proto: 7.48/HTTP.QQ][cat: Chat/9][18 pkts/3550 bytes <-> 7 pkts/1400 bytes][Host: vv.video.qq.com] 16 UDP 192.168.119.1:67 -> 255.255.255.255:68 [proto: 18/DHCP][cat: Network/14][14 pkts/4788 bytes -> 0 pkts/0 bytes] - 17 TCP 192.168.5.16:53580 <-> 31.13.87.36:443 [proto: 91.119/SSL.Facebook][4 pkts/2050 bytes <-> 5 pkts/2297 bytes] + 17 TCP 192.168.5.16:53580 <-> 31.13.87.36:443 [proto: 91.119/SSL.Facebook][cat: SocialNetwork/6][4 pkts/2050 bytes <-> 5 pkts/2297 bytes] 18 TCP 192.168.5.16:53623 <-> 192.168.115.75:443 [proto: 91/SSL][cat: Web/5][11 pkts/1959 bytes <-> 8 pkts/1683 bytes][client: 1] 19 TCP 192.168.5.16:53625 <-> 192.168.115.75:443 [proto: 91/SSL][cat: Web/5][11 pkts/1955 bytes <-> 8 pkts/1683 bytes][client: 1] 20 TCP 192.168.5.16:53629 <-> 192.168.115.75:443 [proto: 91/SSL][cat: Web/5][10 pkts/1895 bytes <-> 7 pkts/1623 bytes][client: 1] 21 TCP 192.168.115.8:49605 <-> 106.185.35.110:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][8 pkts/1128 bytes <-> 5 pkts/2282 bytes][Host: jp.kankan.1kxun.mobi] 22 TCP 192.168.5.16:53626 <-> 192.168.115.75:443 [proto: 91/SSL][cat: Web/5][11 pkts/1943 bytes <-> 8 pkts/1267 bytes][client: 1] 23 TCP 192.168.115.8:49597 <-> 106.185.35.110:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][10 pkts/1394 bytes <-> 4 pkts/1464 bytes][Host: jp.kankan.1kxun.mobi] - 24 TCP 31.13.87.1:443 <-> 192.168.5.16:53578 [proto: 91.119/SSL.Facebook][5 pkts/1006 bytes <-> 5 pkts/1487 bytes] + 24 TCP 31.13.87.1:443 <-> 192.168.5.16:53578 [proto: 91.119/SSL.Facebook][cat: SocialNetwork/6][5 pkts/1006 bytes <-> 5 pkts/1487 bytes] 25 UDP 192.168.5.57:55809 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][14 pkts/2450 bytes -> 0 pkts/0 bytes] 26 TCP 192.168.115.8:49598 <-> 222.73.254.167:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][10 pkts/1406 bytes <-> 4 pkts/980 bytes][Host: kankan.1kxun.com] 27 TCP 192.168.115.8:49612 <-> 183.131.48.145:80 [proto: 7/HTTP][cat: Web/5][10 pkts/1428 bytes <-> 4 pkts/867 bytes][Host: 183.131.48.145] @@ -63,7 +63,7 @@ LLMNR 89 6799 47 46 UDP [fe80::406:55a8:6453:25dd]:546 -> [ff02::1:2]:547 [proto: 103/DHCPV6][cat: Network/14][5 pkts/490 bytes -> 0 pkts/0 bytes] 47 UDP [fe80::beee:7bff:fe0c:b3de]:546 -> [ff02::1:2]:547 [proto: 103/DHCPV6][cat: Network/14][4 pkts/392 bytes -> 0 pkts/0 bytes] 48 UDP 192.168.5.16:63372 <-> 168.95.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/89 bytes <-> 1 pkts/289 bytes][Host: dl-obs.official.line.naver.jp] - 49 TCP 192.168.115.8:49596 <-> 203.66.182.87:443 [proto: 91/SSL][4 pkts/220 bytes <-> 2 pkts/132 bytes] + 49 TCP 192.168.115.8:49596 <-> 203.66.182.87:443 [proto: 91/SSL][cat: Web/5][4 pkts/220 bytes <-> 2 pkts/132 bytes] 50 UDP 192.168.5.9:68 -> 255.255.255.255:67 [proto: 18/DHCP][cat: Network/14][1 pkts/342 bytes -> 0 pkts/0 bytes][Host: joanna-pc] 51 UDP 192.168.5.41:68 -> 255.255.255.255:67 [proto: 18/DHCP][cat: Network/14][1 pkts/342 bytes -> 0 pkts/0 bytes][Host: kevin-pc] 52 UDP 192.168.115.8:60724 <-> 8.8.8.8:53 [proto: 5.137/DNS.GenericProtocol][cat: Streaming/17][2 pkts/146 bytes <-> 1 pkts/137 bytes][Host: pic.1kxun.com] @@ -73,7 +73,7 @@ LLMNR 89 6799 47 56 UDP 192.168.115.8:52723 <-> 8.8.8.8:53 [proto: 5.137/DNS.GenericProtocol][cat: Streaming/17][2 pkts/152 bytes <-> 1 pkts/108 bytes][Host: kankan.1kxun.com] 57 UDP 192.168.115.8:52723 <-> 168.95.1.1:53 [proto: 5.137/DNS.GenericProtocol][cat: Streaming/17][2 pkts/152 bytes <-> 1 pkts/108 bytes][Host: kankan.1kxun.com] 58 UDP 192.168.115.8:51458 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][4 pkts/256 bytes -> 0 pkts/0 bytes][Host: wpad] - 59 TCP 192.168.5.16:53613 -> 68.233.253.133:80 [proto: 7/HTTP][3 pkts/198 bytes -> 0 pkts/0 bytes] + 59 TCP 192.168.5.16:53613 -> 68.233.253.133:80 [proto: 7/HTTP][cat: Web/5][3 pkts/198 bytes -> 0 pkts/0 bytes] 60 UDP [fe80::9bd:81dd:2fdc:5750]:61548 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/190 bytes -> 0 pkts/0 bytes][Host: caesar-thinkpad] 61 UDP [fe80::9bd:81dd:2fdc:5750]:64568 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/190 bytes -> 0 pkts/0 bytes][Host: caesar-thinkpad] 62 UDP 192.168.5.45:137 -> 192.168.255.255:137 [proto: 10/NetBIOS][cat: System/18][2 pkts/184 bytes -> 0 pkts/0 bytes] @@ -83,7 +83,7 @@ LLMNR 89 6799 47 66 UDP [fe80::e034:7be:d8f9:6197]:49766 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/182 bytes -> 0 pkts/0 bytes][Host: charming-pc] 67 UDP [fe80::5d92:62a8:ebde:1319]:49735 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/178 bytes -> 0 pkts/0 bytes][Host: wangs-ltw] 68 UDP [fe80::5d92:62a8:ebde:1319]:58468 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/178 bytes -> 0 pkts/0 bytes][Host: wangs-ltw] - 69 TCP 192.168.115.8:49581 <-> 64.233.189.128:80 [proto: 7.126/HTTP.Google][2 pkts/110 bytes <-> 1 pkts/66 bytes] + 69 TCP 192.168.115.8:49581 <-> 64.233.189.128:80 [proto: 7.126/HTTP.Google][cat: Web/5][2 pkts/110 bytes <-> 1 pkts/66 bytes] 70 UDP [fe80::4568:efbc:40b1:1346]:50194 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/176 bytes -> 0 pkts/0 bytes][Host: kevin-pc] 71 UDP [fe80::4568:efbc:40b1:1346]:57148 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/176 bytes -> 0 pkts/0 bytes][Host: kevin-pc] 72 UDP [fe80::5d92:62a8:ebde:1319]:61172 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/174 bytes -> 0 pkts/0 bytes][Host: sonusav] @@ -116,8 +116,8 @@ LLMNR 89 6799 47 99 UDP 192.168.3.236:56043 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/132 bytes -> 0 pkts/0 bytes][Host: isatap] 100 UDP 192.168.5.47:53962 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/132 bytes -> 0 pkts/0 bytes][Host: ro_x1c] 101 UDP 192.168.5.47:61603 -> 224.0.0.252:5355 [proto: 87/RTP][cat: Media/1][2 pkts/132 bytes -> 0 pkts/0 bytes] - 102 TCP 192.168.5.16:53605 -> 68.233.253.133:80 [proto: 7/HTTP][2 pkts/126 bytes -> 0 pkts/0 bytes] - 103 TCP 192.168.5.16:53622 <-> 192.168.115.75:443 [proto: 91/SSL][1 pkts/60 bytes <-> 1 pkts/60 bytes] + 102 TCP 192.168.5.16:53605 -> 68.233.253.133:80 [proto: 7/HTTP][cat: Web/5][2 pkts/126 bytes -> 0 pkts/0 bytes] + 103 TCP 192.168.5.16:53622 <-> 192.168.115.75:443 [proto: 91/SSL][cat: Web/5][1 pkts/60 bytes <-> 1 pkts/60 bytes] 104 UDP [fe80::f65c:89ff:fe89:e607]:546 -> [ff02::1:2]:547 [proto: 103/DHCPV6][cat: Network/14][1 pkts/98 bytes -> 0 pkts/0 bytes] 105 UDP 192.168.5.45:59461 -> 192.168.255.255:137 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes -> 0 pkts/0 bytes] 106 UDP 192.168.5.45:59789 -> 192.168.255.255:137 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes -> 0 pkts/0 bytes] diff --git a/tests/result/6in4tunnel.pcap.out b/tests/result/6in4tunnel.pcap.out index 28b2f5716..32ddda168 100644 --- a/tests/result/6in4tunnel.pcap.out +++ b/tests/result/6in4tunnel.pcap.out @@ -11,6 +11,6 @@ Facebook 37 14726 3 5 ICMPV6 [2a03:2880:1010:6f03:face:b00c::2]:0 -> [2001:470:1f17:13f:3e97:eff:fe73:4dec]:0 [proto: 102/ICMPV6][cat: Network/14][1 pkts/1314 bytes -> 0 pkts/0 bytes] 6 UDP [2001:470:1f16:13f::2]:53959 <-> [2a03:2880:fffe:b:face:b00c::99]:53 [proto: 5.119/DNS.Facebook][cat: SocialNetwork/6][1 pkts/133 bytes <-> 1 pkts/273 bytes][Host: star.c10r.facebook.com] 7 UDP [2001:470:1f16:13f::2]:6404 <-> [2a03:2880:fffe:b:face:b00c::99]:53 [proto: 5.119/DNS.Facebook][cat: SocialNetwork/6][1 pkts/133 bytes <-> 1 pkts/261 bytes][Host: star.c10r.facebook.com] - 8 TCP [2604:a880:1:20::224:b001]:993 <-> [2001:470:1f17:13f:6d69:c72:7313:616f]:35610 [proto: 51/IMAPS][1 pkts/152 bytes <-> 1 pkts/106 bytes] - 9 TCP [2604:a880:1:20::224:b001]:993 <-> [2001:470:1f17:13f:6d69:c72:7313:616f]:56381 [proto: 51/IMAPS][1 pkts/152 bytes <-> 1 pkts/106 bytes] + 8 TCP [2604:a880:1:20::224:b001]:993 <-> [2001:470:1f17:13f:6d69:c72:7313:616f]:35610 [proto: 51/IMAPS][cat: Email/3][1 pkts/152 bytes <-> 1 pkts/106 bytes] + 9 TCP [2604:a880:1:20::224:b001]:993 <-> [2001:470:1f17:13f:6d69:c72:7313:616f]:56381 [proto: 51/IMAPS][cat: Email/3][1 pkts/152 bytes <-> 1 pkts/106 bytes] 10 ICMPV6 [2001:470:1f16:13f::2]:0 -> [2604:a880:1:20::224:b001]:0 [proto: 102/ICMPV6][cat: Network/14][1 pkts/200 bytes -> 0 pkts/0 bytes] diff --git a/tests/result/EAQ.pcap.out b/tests/result/EAQ.pcap.out index 673f8309d..88828fa67 100644 --- a/tests/result/EAQ.pcap.out +++ b/tests/result/EAQ.pcap.out @@ -3,32 +3,32 @@ EAQ 174 10092 29 1 TCP 10.8.0.1:40467 <-> 173.194.119.24:80 [proto: 7.126/HTTP.Google][cat: Web/5][8 pkts/591 bytes <-> 6 pkts/9998 bytes][Host: www.google.com.br] 2 TCP 10.8.0.1:53497 <-> 173.194.119.48:80 [proto: 7.126/HTTP.Google][cat: Web/5][5 pkts/390 bytes <-> 4 pkts/764 bytes][Host: www.google.com] - 3 UDP 10.8.0.1:39185 <-> 200.194.132.67:6000 [proto: 190/EAQ][5 pkts/290 bytes <-> 5 pkts/290 bytes] - 4 UDP 10.8.0.1:42620 <-> 200.194.148.66:6000 [proto: 190/EAQ][5 pkts/290 bytes <-> 5 pkts/290 bytes] - 5 UDP 10.8.0.1:43641 <-> 200.194.148.68:6000 [proto: 190/EAQ][5 pkts/290 bytes <-> 5 pkts/290 bytes] - 6 UDP 10.8.0.1:43979 <-> 200.194.132.66:6000 [proto: 190/EAQ][5 pkts/290 bytes <-> 5 pkts/290 bytes] - 7 UDP 10.8.0.1:48890 <-> 200.185.125.226:6000 [proto: 190/EAQ][5 pkts/290 bytes <-> 5 pkts/290 bytes] - 8 UDP 10.8.0.1:51569 <-> 200.194.148.67:6000 [proto: 190/EAQ][5 pkts/290 bytes <-> 5 pkts/290 bytes] - 9 UDP 10.8.0.1:52257 <-> 200.185.138.146:6000 [proto: 190/EAQ][5 pkts/290 bytes <-> 5 pkts/290 bytes] - 10 UDP 10.8.0.1:52726 <-> 200.194.132.68:6000 [proto: 190/EAQ][5 pkts/290 bytes <-> 5 pkts/290 bytes] - 11 UDP 10.8.0.1:34687 -> 200.194.141.68:6000 [proto: 190/EAQ][5 pkts/290 bytes -> 0 pkts/0 bytes] - 12 UDP 10.8.0.1:37985 -> 200.194.129.67:6000 [proto: 190/EAQ][5 pkts/290 bytes -> 0 pkts/0 bytes] - 13 UDP 10.8.0.1:39221 -> 200.194.137.67:6000 [proto: 190/EAQ][5 pkts/290 bytes -> 0 pkts/0 bytes] - 14 UDP 10.8.0.1:41438 -> 200.194.141.66:6000 [proto: 190/EAQ][5 pkts/290 bytes -> 0 pkts/0 bytes] - 15 UDP 10.8.0.1:47714 -> 200.194.129.68:6000 [proto: 190/EAQ][5 pkts/290 bytes -> 0 pkts/0 bytes] - 16 UDP 10.8.0.1:48563 -> 200.194.141.67:6000 [proto: 190/EAQ][5 pkts/290 bytes -> 0 pkts/0 bytes] - 17 UDP 10.8.0.1:48666 -> 200.194.129.66:6000 [proto: 190/EAQ][5 pkts/290 bytes -> 0 pkts/0 bytes] - 18 UDP 10.8.0.1:53354 -> 200.194.137.66:6000 [proto: 190/EAQ][5 pkts/290 bytes -> 0 pkts/0 bytes] - 19 UDP 10.8.0.1:56128 -> 200.194.133.66:6000 [proto: 190/EAQ][5 pkts/290 bytes -> 0 pkts/0 bytes] - 20 UDP 10.8.0.1:59959 -> 200.194.137.68:6000 [proto: 190/EAQ][5 pkts/290 bytes -> 0 pkts/0 bytes] - 21 UDP 10.8.0.1:33356 -> 200.194.149.66:6000 [proto: 190/EAQ][4 pkts/232 bytes -> 0 pkts/0 bytes] - 22 UDP 10.8.0.1:36552 -> 200.194.136.66:6000 [proto: 190/EAQ][4 pkts/232 bytes -> 0 pkts/0 bytes] - 23 UDP 10.8.0.1:36577 -> 200.194.149.68:6000 [proto: 190/EAQ][4 pkts/232 bytes -> 0 pkts/0 bytes] - 24 UDP 10.8.0.1:40058 -> 200.194.134.67:6000 [proto: 190/EAQ][4 pkts/232 bytes -> 0 pkts/0 bytes] - 25 UDP 10.8.0.1:43934 -> 200.194.136.68:6000 [proto: 190/EAQ][4 pkts/232 bytes -> 0 pkts/0 bytes] - 26 UDP 10.8.0.1:47346 -> 200.194.134.66:6000 [proto: 190/EAQ][4 pkts/232 bytes -> 0 pkts/0 bytes] - 27 UDP 10.8.0.1:50175 -> 200.194.149.67:6000 [proto: 190/EAQ][4 pkts/232 bytes -> 0 pkts/0 bytes] - 28 UDP 10.8.0.1:53059 -> 200.194.133.68:6000 [proto: 190/EAQ][4 pkts/232 bytes -> 0 pkts/0 bytes] - 29 UDP 10.8.0.1:57004 -> 200.194.133.67:6000 [proto: 190/EAQ][4 pkts/232 bytes -> 0 pkts/0 bytes] - 30 UDP 10.8.0.1:59098 -> 200.194.134.68:6000 [proto: 190/EAQ][4 pkts/232 bytes -> 0 pkts/0 bytes] - 31 UDP 10.8.0.1:60013 -> 200.194.136.67:6000 [proto: 190/EAQ][4 pkts/232 bytes -> 0 pkts/0 bytes] + 3 UDP 10.8.0.1:39185 <-> 200.194.132.67:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes <-> 5 pkts/290 bytes] + 4 UDP 10.8.0.1:42620 <-> 200.194.148.66:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes <-> 5 pkts/290 bytes] + 5 UDP 10.8.0.1:43641 <-> 200.194.148.68:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes <-> 5 pkts/290 bytes] + 6 UDP 10.8.0.1:43979 <-> 200.194.132.66:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes <-> 5 pkts/290 bytes] + 7 UDP 10.8.0.1:48890 <-> 200.185.125.226:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes <-> 5 pkts/290 bytes] + 8 UDP 10.8.0.1:51569 <-> 200.194.148.67:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes <-> 5 pkts/290 bytes] + 9 UDP 10.8.0.1:52257 <-> 200.185.138.146:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes <-> 5 pkts/290 bytes] + 10 UDP 10.8.0.1:52726 <-> 200.194.132.68:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes <-> 5 pkts/290 bytes] + 11 UDP 10.8.0.1:34687 -> 200.194.141.68:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes -> 0 pkts/0 bytes] + 12 UDP 10.8.0.1:37985 -> 200.194.129.67:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes -> 0 pkts/0 bytes] + 13 UDP 10.8.0.1:39221 -> 200.194.137.67:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes -> 0 pkts/0 bytes] + 14 UDP 10.8.0.1:41438 -> 200.194.141.66:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes -> 0 pkts/0 bytes] + 15 UDP 10.8.0.1:47714 -> 200.194.129.68:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes -> 0 pkts/0 bytes] + 16 UDP 10.8.0.1:48563 -> 200.194.141.67:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes -> 0 pkts/0 bytes] + 17 UDP 10.8.0.1:48666 -> 200.194.129.66:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes -> 0 pkts/0 bytes] + 18 UDP 10.8.0.1:53354 -> 200.194.137.66:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes -> 0 pkts/0 bytes] + 19 UDP 10.8.0.1:56128 -> 200.194.133.66:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes -> 0 pkts/0 bytes] + 20 UDP 10.8.0.1:59959 -> 200.194.137.68:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes -> 0 pkts/0 bytes] + 21 UDP 10.8.0.1:33356 -> 200.194.149.66:6000 [proto: 190/EAQ][cat: Network/14][4 pkts/232 bytes -> 0 pkts/0 bytes] + 22 UDP 10.8.0.1:36552 -> 200.194.136.66:6000 [proto: 190/EAQ][cat: Network/14][4 pkts/232 bytes -> 0 pkts/0 bytes] + 23 UDP 10.8.0.1:36577 -> 200.194.149.68:6000 [proto: 190/EAQ][cat: Network/14][4 pkts/232 bytes -> 0 pkts/0 bytes] + 24 UDP 10.8.0.1:40058 -> 200.194.134.67:6000 [proto: 190/EAQ][cat: Network/14][4 pkts/232 bytes -> 0 pkts/0 bytes] + 25 UDP 10.8.0.1:43934 -> 200.194.136.68:6000 [proto: 190/EAQ][cat: Network/14][4 pkts/232 bytes -> 0 pkts/0 bytes] + 26 UDP 10.8.0.1:47346 -> 200.194.134.66:6000 [proto: 190/EAQ][cat: Network/14][4 pkts/232 bytes -> 0 pkts/0 bytes] + 27 UDP 10.8.0.1:50175 -> 200.194.149.67:6000 [proto: 190/EAQ][cat: Network/14][4 pkts/232 bytes -> 0 pkts/0 bytes] + 28 UDP 10.8.0.1:53059 -> 200.194.133.68:6000 [proto: 190/EAQ][cat: Network/14][4 pkts/232 bytes -> 0 pkts/0 bytes] + 29 UDP 10.8.0.1:57004 -> 200.194.133.67:6000 [proto: 190/EAQ][cat: Network/14][4 pkts/232 bytes -> 0 pkts/0 bytes] + 30 UDP 10.8.0.1:59098 -> 200.194.134.68:6000 [proto: 190/EAQ][cat: Network/14][4 pkts/232 bytes -> 0 pkts/0 bytes] + 31 UDP 10.8.0.1:60013 -> 200.194.136.67:6000 [proto: 190/EAQ][cat: Network/14][4 pkts/232 bytes -> 0 pkts/0 bytes] diff --git a/tests/result/Instagram.pcap.out b/tests/result/Instagram.pcap.out index 416c11dca..9a34e2008 100644 --- a/tests/result/Instagram.pcap.out +++ b/tests/result/Instagram.pcap.out @@ -6,22 +6,22 @@ Facebook 251 215986 5 Dropbox 5 725 2 Instagram 363 255094 16 - 1 TCP 31.13.86.52:80 <-> 192.168.0.103:58216 [proto: 7.119/HTTP.Facebook][103 pkts/150456 bytes <-> 47 pkts/3102 bytes] + 1 TCP 31.13.86.52:80 <-> 192.168.0.103:58216 [proto: 7.119/HTTP.Facebook][cat: SocialNetwork/6][103 pkts/150456 bytes <-> 47 pkts/3102 bytes] 2 TCP 192.168.0.103:38816 <-> 46.33.70.160:80 [proto: 7.211/HTTP.Instagram][cat: SocialNetwork/6][13 pkts/1118 bytes <-> 39 pkts/57876 bytes][Host: photos-h.ak.instagram.com] 3 TCP 192.168.0.103:58052 <-> 82.85.26.162:80 [proto: 7.211/HTTP.Instagram][cat: SocialNetwork/6][37 pkts/2702 bytes <-> 38 pkts/54537 bytes][Host: photos-g.ak.instagram.com] 4 TCP 192.168.0.103:44379 <-> 82.85.26.186:80 [proto: 7.211/HTTP.Instagram][cat: SocialNetwork/6][41 pkts/3392 bytes <-> 40 pkts/50024 bytes][Host: photos-e.ak.instagram.com] 5 TCP 192.168.0.103:57936 <-> 82.85.26.162:80 [proto: 7.211/HTTP.Instagram][cat: SocialNetwork/6][24 pkts/1837 bytes <-> 34 pkts/48383 bytes][Host: photos-g.ak.instagram.com] - 6 TCP 192.168.0.103:33936 <-> 31.13.93.52:443 [proto: 91.119/SSL.Facebook][34 pkts/5555 bytes <-> 34 pkts/40133 bytes] - 7 TCP 2.22.236.51:80 <-> 192.168.0.103:44151 [proto: 7/HTTP][25 pkts/37100 bytes <-> 24 pkts/1584 bytes] - 8 TCP 192.168.0.103:33976 <-> 77.67.29.17:80 [proto: 7/HTTP][14 pkts/924 bytes <-> 20 pkts/28115 bytes] - 9 TCP 92.122.48.138:80 <-> 192.168.0.103:41562 [proto: 7/HTTP][16 pkts/22931 bytes <-> 9 pkts/594 bytes] + 6 TCP 192.168.0.103:33936 <-> 31.13.93.52:443 [proto: 91.119/SSL.Facebook][cat: SocialNetwork/6][34 pkts/5555 bytes <-> 34 pkts/40133 bytes] + 7 TCP 2.22.236.51:80 <-> 192.168.0.103:44151 [proto: 7/HTTP][cat: Web/5][25 pkts/37100 bytes <-> 24 pkts/1584 bytes] + 8 TCP 192.168.0.103:33976 <-> 77.67.29.17:80 [proto: 7/HTTP][cat: Web/5][14 pkts/924 bytes <-> 20 pkts/28115 bytes] + 9 TCP 92.122.48.138:80 <-> 192.168.0.103:41562 [proto: 7/HTTP][cat: Web/5][16 pkts/22931 bytes <-> 9 pkts/594 bytes] 10 TCP 192.168.0.103:60908 <-> 46.33.70.136:443 [proto: 91.211/SSL.Instagram][cat: SocialNetwork/6][10 pkts/1369 bytes <-> 9 pkts/7971 bytes][client: igcdn-photos-g-a.akamaihd.net][server: a248.e.akamai.net] 11 TCP 192.168.0.103:44558 <-> 46.33.70.174:443 [proto: 91.211/SSL.Instagram][cat: SocialNetwork/6][10 pkts/1545 bytes <-> 7 pkts/4824 bytes][client: igcdn-photos-h-a.akamaihd.net][server: a248.e.akamai.net] - 12 TCP 31.13.93.52:443 <-> 192.168.0.103:33934 [proto: 91.119/SSL.Facebook][6 pkts/4699 bytes <-> 6 pkts/1345 bytes] + 12 TCP 31.13.93.52:443 <-> 192.168.0.103:33934 [proto: 91.119/SSL.Facebook][cat: SocialNetwork/6][6 pkts/4699 bytes <-> 6 pkts/1345 bytes] 13 TCP 192.168.0.103:41181 <-> 82.85.26.154:443 [proto: 91.211/SSL.Instagram][cat: SocialNetwork/6][8 pkts/896 bytes <-> 6 pkts/4671 bytes][client: igcdn-photos-a-a.akamaihd.net][server: a248.e.akamai.net] 14 TCP 192.168.0.103:41182 <-> 82.85.26.154:443 [proto: 91.211/SSL.Instagram][cat: SocialNetwork/6][8 pkts/896 bytes <-> 6 pkts/4671 bytes][client: igcdn-photos-a-a.akamaihd.net][server: a248.e.akamai.net] - 15 TCP 192.168.0.103:33763 <-> 31.13.93.52:443 [proto: 91.119/SSL.Facebook][5 pkts/1279 bytes <-> 6 pkts/4118 bytes] - 16 TCP 192.168.0.103:33935 <-> 31.13.93.52:443 [proto: 91.119/SSL.Facebook][5 pkts/1279 bytes <-> 5 pkts/4020 bytes] + 15 TCP 192.168.0.103:33763 <-> 31.13.93.52:443 [proto: 91.119/SSL.Facebook][cat: SocialNetwork/6][5 pkts/1279 bytes <-> 6 pkts/4118 bytes] + 16 TCP 192.168.0.103:33935 <-> 31.13.93.52:443 [proto: 91.119/SSL.Facebook][cat: SocialNetwork/6][5 pkts/1279 bytes <-> 5 pkts/4020 bytes] 17 TCP 192.168.0.103:57965 <-> 82.85.26.185:80 [proto: 7.211/HTTP.Instagram][cat: SocialNetwork/6][4 pkts/559 bytes <-> 3 pkts/3456 bytes][Host: photos-f.ak.instagram.com] 18 TCP 192.168.0.103:56382 <-> 173.252.107.4:443 [proto: 91.211/SSL.Instagram][cat: SocialNetwork/6][9 pkts/1583 bytes <-> 8 pkts/1064 bytes][client: telegraph-ash.instagram.com] 19 UDP 192.168.0.106:17500 -> 255.255.255.255:17500 [proto: 121/Dropbox][cat: Cloud/13][4 pkts/580 bytes -> 0 pkts/0 bytes] @@ -31,11 +31,11 @@ Instagram 363 255094 16 23 TCP 192.168.0.103:58053 -> 82.85.26.162:80 [proto: 7.211/HTTP.Instagram][cat: SocialNetwork/6][1 pkts/321 bytes -> 0 pkts/0 bytes][Host: photos-g.ak.instagram.com] 24 UDP 192.168.0.103:26540 <-> 8.8.8.8:53 [proto: 5.211/DNS.Instagram][cat: SocialNetwork/6][1 pkts/89 bytes <-> 1 pkts/209 bytes][Host: igcdn-photos-g-a.akamaihd.net] 25 UDP 192.168.0.103:33603 <-> 8.8.8.8:53 [proto: 5.211/DNS.Instagram][cat: SocialNetwork/6][1 pkts/89 bytes <-> 1 pkts/209 bytes][Host: igcdn-photos-a-a.akamaihd.net] - 26 TCP 192.168.0.103:38817 <-> 46.33.70.160:80 [proto: 7/HTTP][2 pkts/132 bytes <-> 1 pkts/66 bytes] - 27 TCP 192.168.0.103:57966 <-> 82.85.26.185:80 [proto: 7/HTTP][2 pkts/132 bytes <-> 1 pkts/66 bytes] - 28 TCP 192.168.0.103:58690 -> 46.33.70.159:443 [proto: 91/SSL][2 pkts/169 bytes -> 0 pkts/0 bytes] + 26 TCP 192.168.0.103:38817 <-> 46.33.70.160:80 [proto: 7/HTTP][cat: Web/5][2 pkts/132 bytes <-> 1 pkts/66 bytes] + 27 TCP 192.168.0.103:57966 <-> 82.85.26.185:80 [proto: 7/HTTP][cat: Web/5][2 pkts/132 bytes <-> 1 pkts/66 bytes] + 28 TCP 192.168.0.103:58690 -> 46.33.70.159:443 [proto: 91/SSL][cat: Web/5][2 pkts/169 bytes -> 0 pkts/0 bytes] 29 UDP 192.168.0.106:17500 -> 192.168.0.255:17500 [proto: 121/Dropbox][cat: Cloud/13][1 pkts/145 bytes -> 0 pkts/0 bytes] - 30 TCP 46.33.70.150:80 <-> 192.168.0.103:40855 [proto: 7/HTTP][1 pkts/74 bytes <-> 1 pkts/66 bytes] + 30 TCP 46.33.70.150:80 <-> 192.168.0.103:40855 [proto: 7/HTTP][cat: Web/5][1 pkts/74 bytes <-> 1 pkts/66 bytes] 31 UDP 192.168.0.103:27124 -> 8.8.8.8:53 [proto: 5.211/DNS.Instagram][cat: SocialNetwork/6][1 pkts/85 bytes -> 0 pkts/0 bytes][Host: photos-b.ak.instagram.com] diff --git a/tests/result/KakaoTalk_chat.pcap.out b/tests/result/KakaoTalk_chat.pcap.out index 475345122..2648cce2a 100644 --- a/tests/result/KakaoTalk_chat.pcap.out +++ b/tests/result/KakaoTalk_chat.pcap.out @@ -15,14 +15,14 @@ KakaoTalk 55 9990 15 5 TCP 10.24.82.188:45213 <-> 31.13.68.84:443 [proto: 91.119/SSL.Facebook][cat: SocialNetwork/6][15 pkts/2508 bytes <-> 13 pkts/5053 bytes][server: *.facebook.com] 6 TCP 10.24.82.188:35511 <-> 173.252.97.2:443 [proto: 91.119/SSL.Facebook][cat: SocialNetwork/6][18 pkts/2390 bytes <-> 18 pkts/4762 bytes][server: *.facebook.com] 7 TCP 10.24.82.188:37821 <-> 210.103.240.15:443 [proto: 91.193/SSL.KakaoTalk][cat: VoIP/10][13 pkts/2036 bytes <-> 14 pkts/5090 bytes][server: *.kakao.com] - 8 TCP 10.24.82.188:51021 <-> 103.246.57.251:8080 [proto: 131/HTTP_Proxy][17 pkts/2231 bytes <-> 9 pkts/1695 bytes] - 9 TCP 139.150.0.125:443 <-> 10.24.82.188:46947 [proto: 91/SSL][9 pkts/1737 bytes <-> 9 pkts/672 bytes] + 8 TCP 10.24.82.188:51021 <-> 103.246.57.251:8080 [proto: 131/HTTP_Proxy][cat: Web/5][17 pkts/2231 bytes <-> 9 pkts/1695 bytes] + 9 TCP 139.150.0.125:443 <-> 10.24.82.188:46947 [proto: 91/SSL][cat: Web/5][9 pkts/1737 bytes <-> 9 pkts/672 bytes] 10 TCP 10.24.82.188:58964 <-> 54.255.253.199:5223 [proto: 91/SSL][cat: Web/5][3 pkts/290 bytes <-> 3 pkts/1600 bytes][server: *.push.samsungosp.com] 11 TCP 10.24.82.188:37557 <-> 31.13.68.84:80 [proto: 7.119/HTTP.Facebook][cat: SocialNetwork/6][5 pkts/487 bytes <-> 6 pkts/627 bytes][Host: www.facebook.com] 12 TCP 10.24.82.188:37553 <-> 31.13.68.84:80 [proto: 7.119/HTTP.Facebook][cat: SocialNetwork/6][5 pkts/487 bytes <-> 5 pkts/571 bytes][Host: www.facebook.com] - 13 TCP 216.58.221.10:80 <-> 10.24.82.188:35922 [proto: 7.126/HTTP.Google][7 pkts/392 bytes <-> 7 pkts/392 bytes] - 14 TCP 10.24.82.188:42332 <-> 210.103.240.15:443 [proto: 91/SSL][2 pkts/112 bytes <-> 3 pkts/168 bytes] - 15 TCP 31.13.68.73:443 <-> 10.24.82.188:47007 [proto: 91.119/SSL.Facebook][2 pkts/139 bytes <-> 2 pkts/112 bytes] + 13 TCP 216.58.221.10:80 <-> 10.24.82.188:35922 [proto: 7.126/HTTP.Google][cat: Web/5][7 pkts/392 bytes <-> 7 pkts/392 bytes] + 14 TCP 10.24.82.188:42332 <-> 210.103.240.15:443 [proto: 91/SSL][cat: Web/5][2 pkts/112 bytes <-> 3 pkts/168 bytes] + 15 TCP 31.13.68.73:443 <-> 10.24.82.188:47007 [proto: 91.119/SSL.Facebook][cat: SocialNetwork/6][2 pkts/139 bytes <-> 2 pkts/112 bytes] 16 UDP 10.24.82.188:57816 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: VoIP/10][1 pkts/78 bytes <-> 1 pkts/166 bytes][Host: katalk.kakao.com] 17 UDP 10.24.82.188:4017 <-> 10.188.1.1:53 [proto: 5.119/DNS.Facebook][cat: SocialNetwork/6][1 pkts/85 bytes <-> 1 pkts/144 bytes][Host: developers.facebook.com] 18 UDP 10.24.82.188:19582 <-> 10.188.1.1:53 [proto: 5.119/DNS.Facebook][cat: SocialNetwork/6][1 pkts/80 bytes <-> 1 pkts/138 bytes][Host: graph.facebook.com] @@ -40,9 +40,9 @@ KakaoTalk 55 9990 15 30 UDP 10.24.82.188:24596 <-> 10.188.1.1:53 [proto: 5.119/DNS.Facebook][cat: SocialNetwork/6][1 pkts/78 bytes <-> 1 pkts/118 bytes][Host: api.facebook.com] 31 UDP 10.24.82.188:38448 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: VoIP/10][1 pkts/76 bytes <-> 1 pkts/114 bytes][Host: auth.kakao.com] 32 UDP 10.24.82.188:58810 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: VoIP/10][1 pkts/76 bytes <-> 1 pkts/114 bytes][Host: item.kakao.com] - 33 TCP 10.24.82.188:58927 -> 54.255.253.199:5223 [proto: 178/Amazon][2 pkts/181 bytes -> 0 pkts/0 bytes] + 33 TCP 10.24.82.188:58927 -> 54.255.253.199:5223 [proto: 178/Amazon][cat: Web/5][2 pkts/181 bytes -> 0 pkts/0 bytes] 34 UDP 10.24.82.188:43077 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: VoIP/10][1 pkts/81 bytes <-> 1 pkts/97 bytes][Host: dn-l.talk.kakao.com] - 35 TCP 10.24.82.188:34686 -> 173.194.72.188:5228 [proto: 126/Google][1 pkts/164 bytes -> 0 pkts/0 bytes] + 35 TCP 10.24.82.188:34686 -> 173.194.72.188:5228 [proto: 126/Google][cat: Web/5][1 pkts/164 bytes -> 0 pkts/0 bytes] 36 ICMP 10.24.82.188:0 -> 10.188.191.1:0 [proto: 81/ICMP][cat: Network/14][1 pkts/147 bytes -> 0 pkts/0 bytes] - 37 TCP 10.24.82.188:49217 -> 216.58.220.174:443 [proto: 91.126/SSL.Google][1 pkts/83 bytes -> 0 pkts/0 bytes] - 38 TCP 120.28.26.242:80 -> 10.24.82.188:34503 [proto: 7/HTTP][1 pkts/56 bytes -> 0 pkts/0 bytes] + 37 TCP 10.24.82.188:49217 -> 216.58.220.174:443 [proto: 91.126/SSL.Google][cat: Web/5][1 pkts/83 bytes -> 0 pkts/0 bytes] + 38 TCP 120.28.26.242:80 -> 10.24.82.188:34503 [proto: 7/HTTP][cat: Web/5][1 pkts/56 bytes -> 0 pkts/0 bytes] diff --git a/tests/result/KakaoTalk_talk.pcap.out b/tests/result/KakaoTalk_talk.pcap.out index 02be47428..9bb9fca1b 100644 --- a/tests/result/KakaoTalk_talk.pcap.out +++ b/tests/result/KakaoTalk_talk.pcap.out @@ -18,15 +18,15 @@ KakaoTalk_Voice 44 6196 2 6 UDP 10.24.82.188:10269 <-> 1.201.1.174:23047 [proto: 194/KakaoTalk_Voice][cat: VoIP/10][12 pkts/1692 bytes <-> 10 pkts/1420 bytes] 7 UDP 10.24.82.188:11321 <-> 1.201.1.174:23045 [proto: 194/KakaoTalk_Voice][cat: VoIP/10][11 pkts/1542 bytes <-> 11 pkts/1542 bytes] 8 TCP 10.24.82.188:48489 <-> 203.205.147.215:80 [proto: 7.48/HTTP.QQ][cat: Chat/9][8 pkts/1117 bytes <-> 7 pkts/610 bytes][Host: hkminorshort.weixin.qq.com] - 9 TCP 10.24.82.188:51021 <-> 103.246.57.251:8080 [proto: 131/HTTP_Proxy][6 pkts/543 bytes <-> 5 pkts/945 bytes] - 10 TCP 139.150.0.125:443 <-> 10.24.82.188:46947 [proto: 91/SSL][3 pkts/1044 bytes <-> 2 pkts/154 bytes] - 11 TCP 10.24.82.188:58916 <-> 54.255.185.236:5222 [proto: 178/Amazon][2 pkts/225 bytes <-> 2 pkts/171 bytes] - 12 TCP 10.24.82.188:53974 -> 203.205.151.233:8080 [proto: 131/HTTP_Proxy][5 pkts/350 bytes -> 0 pkts/0 bytes] - 13 TCP 120.28.26.242:80 <-> 10.24.82.188:34533 [proto: 7/HTTP][3 pkts/168 bytes <-> 2 pkts/112 bytes] + 9 TCP 10.24.82.188:51021 <-> 103.246.57.251:8080 [proto: 131/HTTP_Proxy][cat: Web/5][6 pkts/543 bytes <-> 5 pkts/945 bytes] + 10 TCP 139.150.0.125:443 <-> 10.24.82.188:46947 [proto: 91/SSL][cat: Web/5][3 pkts/1044 bytes <-> 2 pkts/154 bytes] + 11 TCP 10.24.82.188:58916 <-> 54.255.185.236:5222 [proto: 178/Amazon][cat: Web/5][2 pkts/225 bytes <-> 2 pkts/171 bytes] + 12 TCP 10.24.82.188:53974 -> 203.205.151.233:8080 [proto: 131/HTTP_Proxy][cat: Web/5][5 pkts/350 bytes -> 0 pkts/0 bytes] + 13 TCP 120.28.26.242:80 <-> 10.24.82.188:34533 [proto: 7/HTTP][cat: Web/5][3 pkts/168 bytes <-> 2 pkts/112 bytes] 14 UDP 10.24.82.188:25223 <-> 10.188.1.1:53 [proto: 5.119/DNS.Facebook][cat: SocialNetwork/6][1 pkts/79 bytes <-> 1 pkts/118 bytes][Host: mqtt.facebook.com] - 15 TCP 10.24.82.188:34686 -> 173.194.72.188:5228 [proto: 126/Google][1 pkts/164 bytes -> 0 pkts/0 bytes] - 16 TCP 173.252.88.128:443 -> 10.24.82.188:59912 [proto: 91.119/SSL.Facebook][2 pkts/124 bytes -> 0 pkts/0 bytes] - 17 TCP 10.24.82.188:49217 -> 216.58.220.174:443 [proto: 91.126/SSL.Google][1 pkts/83 bytes -> 0 pkts/0 bytes] - 18 TCP 173.194.117.229:443 -> 10.24.82.188:38380 [proto: 91.126/SSL.Google][1 pkts/56 bytes -> 0 pkts/0 bytes] - 19 TCP 173.252.122.1:443 -> 10.24.82.188:52123 [proto: 91.119/SSL.Facebook][1 pkts/56 bytes -> 0 pkts/0 bytes] - 20 TCP 216.58.220.161:443 -> 10.24.82.188:56697 [proto: 91.126/SSL.Google][1 pkts/56 bytes -> 0 pkts/0 bytes] + 15 TCP 10.24.82.188:34686 -> 173.194.72.188:5228 [proto: 126/Google][cat: Web/5][1 pkts/164 bytes -> 0 pkts/0 bytes] + 16 TCP 173.252.88.128:443 -> 10.24.82.188:59912 [proto: 91.119/SSL.Facebook][cat: SocialNetwork/6][2 pkts/124 bytes -> 0 pkts/0 bytes] + 17 TCP 10.24.82.188:49217 -> 216.58.220.174:443 [proto: 91.126/SSL.Google][cat: Web/5][1 pkts/83 bytes -> 0 pkts/0 bytes] + 18 TCP 173.194.117.229:443 -> 10.24.82.188:38380 [proto: 91.126/SSL.Google][cat: Web/5][1 pkts/56 bytes -> 0 pkts/0 bytes] + 19 TCP 173.252.122.1:443 -> 10.24.82.188:52123 [proto: 91.119/SSL.Facebook][cat: SocialNetwork/6][1 pkts/56 bytes -> 0 pkts/0 bytes] + 20 TCP 216.58.220.161:443 -> 10.24.82.188:56697 [proto: 91.126/SSL.Google][cat: Web/5][1 pkts/56 bytes -> 0 pkts/0 bytes] diff --git a/tests/result/bittorrent_ip.pcap.out b/tests/result/bittorrent_ip.pcap.out index 5a08d2dee..5594deec3 100644 --- a/tests/result/bittorrent_ip.pcap.out +++ b/tests/result/bittorrent_ip.pcap.out @@ -1,4 +1,4 @@ BitTorrent 479 508018 2 - 1 TCP 77.222.174.20:2866 <-> 10.0.0.14:46610 [proto: 37/BitTorrent][305 pkts/461770 bytes <-> 126 pkts/8316 bytes] - 2 TCP 185.56.20.36:53646 <-> 10.0.0.14:35030 [proto: 37/BitTorrent][25 pkts/36414 bytes <-> 23 pkts/1518 bytes] + 1 TCP 77.222.174.20:2866 <-> 10.0.0.14:46610 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][305 pkts/461770 bytes <-> 126 pkts/8316 bytes] + 2 TCP 185.56.20.36:53646 <-> 10.0.0.14:35030 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][25 pkts/36414 bytes <-> 23 pkts/1518 bytes] diff --git a/tests/result/coap_mqtt.pcap.out b/tests/result/coap_mqtt.pcap.out index 20d676291..4b780fee0 100644 --- a/tests/result/coap_mqtt.pcap.out +++ b/tests/result/coap_mqtt.pcap.out @@ -6,10 +6,10 @@ MQTT 7695 668291 4 2 TCP 192.168.56.1:53523 <-> 192.168.56.101:17501 [proto: 222/MQTT][cat: RPC/16][918 pkts/76692 bytes <-> 1008 pkts/90434 bytes] 3 TCP 192.168.56.1:53522 <-> 192.168.56.101:17501 [proto: 222/MQTT][cat: RPC/16][921 pkts/76872 bytes <-> 1001 pkts/90056 bytes] 4 TCP 192.168.56.101:17501 <-> 192.168.56.1:53524 [proto: 222/MQTT][cat: RPC/16][1005 pkts/90274 bytes <-> 914 pkts/76454 bytes] - 5 UDP 192.168.56.1:50318 <-> 192.168.56.101:17500 [proto: 121/Dropbox][100 pkts/13960 bytes <-> 100 pkts/6260 bytes] - 6 UDP 192.168.56.1:50312 <-> 192.168.56.101:17500 [proto: 121/Dropbox][100 pkts/13947 bytes <-> 100 pkts/6247 bytes] - 7 UDP 192.168.56.1:50319 <-> 192.168.56.101:17500 [proto: 121/Dropbox][100 pkts/13921 bytes <-> 100 pkts/6221 bytes] - 8 UDP 192.168.56.1:50311 <-> 192.168.56.101:17500 [proto: 121/Dropbox][100 pkts/13910 bytes <-> 100 pkts/6210 bytes] + 5 UDP 192.168.56.1:50318 <-> 192.168.56.101:17500 [proto: 121/Dropbox][cat: Cloud/13][100 pkts/13960 bytes <-> 100 pkts/6260 bytes] + 6 UDP 192.168.56.1:50312 <-> 192.168.56.101:17500 [proto: 121/Dropbox][cat: Cloud/13][100 pkts/13947 bytes <-> 100 pkts/6247 bytes] + 7 UDP 192.168.56.1:50319 <-> 192.168.56.101:17500 [proto: 121/Dropbox][cat: Cloud/13][100 pkts/13921 bytes <-> 100 pkts/6221 bytes] + 8 UDP 192.168.56.1:50311 <-> 192.168.56.101:17500 [proto: 121/Dropbox][cat: Cloud/13][100 pkts/13910 bytes <-> 100 pkts/6210 bytes] 9 UDP [bbbb::1]:46819 <-> [bbbb::3]:5683 [proto: 27/COAP][cat: RPC/16][3 pkts/262 bytes <-> 3 pkts/205 bytes] 10 UDP [bbbb::1]:33499 <-> [bbbb::3]:5683 [proto: 27/COAP][cat: RPC/16][2 pkts/147 bytes <-> 2 pkts/257 bytes] 11 UDP [bbbb::1]:50250 <-> [bbbb::3]:5683 [proto: 27/COAP][cat: RPC/16][2 pkts/158 bytes <-> 2 pkts/151 bytes] diff --git a/tests/result/diameter.pcap.out b/tests/result/diameter.pcap.out index 9a43af0ef..50b5651ab 100644 --- a/tests/result/diameter.pcap.out +++ b/tests/result/diameter.pcap.out @@ -1,3 +1,3 @@ Diameter 6 1980 1 - 1 TCP 10.201.9.245:50957 <-> 10.201.9.11:3868 [proto: 237/Diameter][3 pkts/1174 bytes <-> 3 pkts/806 bytes] + 1 TCP 10.201.9.245:50957 <-> 10.201.9.11:3868 [proto: 237/Diameter][cat: Web/5][3 pkts/1174 bytes <-> 3 pkts/806 bytes] diff --git a/tests/result/dropbox.pcap.out b/tests/result/dropbox.pcap.out index 4ba0e0e02..10fb21cb6 100644 --- a/tests/result/dropbox.pcap.out +++ b/tests/result/dropbox.pcap.out @@ -4,10 +4,10 @@ Dropbox 1104 246122 16 1 TCP 192.168.1.105:44949 <-> 54.240.174.31:443 [proto: 91.121/SSL.Dropbox][cat: Cloud/13][64 pkts/12228 bytes <-> 74 pkts/85074 bytes][client: client-cf.dropbox.com][server: client-cf.dropbox.com] 2 TCP 192.168.1.105:47747 <-> 108.160.172.225:443 [proto: 91.121/SSL.Dropbox][cat: Cloud/13][28 pkts/12486 bytes <-> 26 pkts/14946 bytes][client: d.dropbox.com] - 3 UDP 192.168.56.1:50318 <-> 192.168.56.101:17500 [proto: 121/Dropbox][100 pkts/13960 bytes <-> 100 pkts/6260 bytes] - 4 UDP 192.168.56.1:50312 <-> 192.168.56.101:17500 [proto: 121/Dropbox][100 pkts/13947 bytes <-> 100 pkts/6247 bytes] - 5 UDP 192.168.56.1:50319 <-> 192.168.56.101:17500 [proto: 121/Dropbox][100 pkts/13921 bytes <-> 100 pkts/6221 bytes] - 6 UDP 192.168.56.1:50311 <-> 192.168.56.101:17500 [proto: 121/Dropbox][100 pkts/13910 bytes <-> 100 pkts/6210 bytes] + 3 UDP 192.168.56.1:50318 <-> 192.168.56.101:17500 [proto: 121/Dropbox][cat: Cloud/13][100 pkts/13960 bytes <-> 100 pkts/6260 bytes] + 4 UDP 192.168.56.1:50312 <-> 192.168.56.101:17500 [proto: 121/Dropbox][cat: Cloud/13][100 pkts/13947 bytes <-> 100 pkts/6247 bytes] + 5 UDP 192.168.56.1:50319 <-> 192.168.56.101:17500 [proto: 121/Dropbox][cat: Cloud/13][100 pkts/13921 bytes <-> 100 pkts/6221 bytes] + 6 UDP 192.168.56.1:50311 <-> 192.168.56.101:17500 [proto: 121/Dropbox][cat: Cloud/13][100 pkts/13910 bytes <-> 100 pkts/6210 bytes] 7 UDP 192.168.1.254:50828 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][44 pkts/19936 bytes -> 0 pkts/0 bytes] 8 TCP 192.168.1.105:59975 <-> 108.160.172.204:443 [proto: 91.121/SSL.Dropbox][cat: Cloud/13][18 pkts/3562 bytes <-> 16 pkts/14464 bytes][client: client.dropbox.com][server: *.dropbox.com] 9 TCP 192.168.1.105:46394 <-> 162.125.17.131:443 [proto: 91.121/SSL.Dropbox][cat: Cloud/13][12 pkts/2338 bytes <-> 10 pkts/9054 bytes][client: notify.dropbox.com][server: *.dropbox.com] diff --git a/tests/result/http_ipv6.pcap.out b/tests/result/http_ipv6.pcap.out index f0b5577d6..c9de9cedb 100644 --- a/tests/result/http_ipv6.pcap.out +++ b/tests/result/http_ipv6.pcap.out @@ -11,11 +11,11 @@ QUIC 3 502 1 5 TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:37488 <-> [2a03:b0c0:3:d0::70:1001]:443 [proto: 91.26/SSL.ntop][cat: Network/14][10 pkts/1206 bytes <-> 7 pkts/5636 bytes][client: www.ntop.org] 6 TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:53132 <-> [2a02:26f0:ad:197::236]:443 [proto: 91.119/SSL.Facebook][cat: SocialNetwork/6][7 pkts/960 bytes <-> 5 pkts/4227 bytes][client: s-static.ak.facebook.com][server: *.ak.fbcdn.net] 7 TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:53134 <-> [2a02:26f0:ad:197::236]:443 [proto: 91.119/SSL.Facebook][cat: SocialNetwork/6][6 pkts/874 bytes <-> 4 pkts/4141 bytes][client: s-static.ak.facebook.com][server: *.ak.fbcdn.net] - 8 TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:41776 <-> [2a00:1450:4001:803::1017]:443 [proto: 91/SSL][7 pkts/860 bytes <-> 7 pkts/1353 bytes] + 8 TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:41776 <-> [2a00:1450:4001:803::1017]:443 [proto: 91/SSL][cat: Web/5][7 pkts/860 bytes <-> 7 pkts/1353 bytes] 9 UDP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:55145 <-> [2a00:1450:400b:c02::5f]:443 [proto: 188/QUIC][cat: Web/5][2 pkts/359 bytes <-> 1 pkts/143 bytes] - 10 TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:33062 <-> [2a00:1450:400b:c02::9a]:443 [proto: 91/SSL][1 pkts/86 bytes <-> 1 pkts/86 bytes] - 11 TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:40308 <-> [2a03:2880:1010:3f20:face:b00c::25de]:443 [proto: 91/SSL][1 pkts/86 bytes <-> 1 pkts/86 bytes] - 12 TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:40526 <-> [2a00:1450:4006:804::200e]:443 [proto: 91/SSL][1 pkts/86 bytes <-> 1 pkts/86 bytes] - 13 TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:58660 <-> [2a00:1450:4006:803::2008]:443 [proto: 91/SSL][1 pkts/86 bytes <-> 1 pkts/86 bytes] - 14 TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:59690 <-> [2a00:1450:4001:803::1012]:443 [proto: 91/SSL][1 pkts/86 bytes <-> 1 pkts/86 bytes] - 15 TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:60124 <-> [2a02:26f0:ad:1a1::eed]:443 [proto: 91/SSL][1 pkts/86 bytes <-> 1 pkts/86 bytes] + 10 TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:33062 <-> [2a00:1450:400b:c02::9a]:443 [proto: 91/SSL][cat: Web/5][1 pkts/86 bytes <-> 1 pkts/86 bytes] + 11 TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:40308 <-> [2a03:2880:1010:3f20:face:b00c::25de]:443 [proto: 91/SSL][cat: Web/5][1 pkts/86 bytes <-> 1 pkts/86 bytes] + 12 TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:40526 <-> [2a00:1450:4006:804::200e]:443 [proto: 91/SSL][cat: Web/5][1 pkts/86 bytes <-> 1 pkts/86 bytes] + 13 TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:58660 <-> [2a00:1450:4006:803::2008]:443 [proto: 91/SSL][cat: Web/5][1 pkts/86 bytes <-> 1 pkts/86 bytes] + 14 TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:59690 <-> [2a00:1450:4001:803::1012]:443 [proto: 91/SSL][cat: Web/5][1 pkts/86 bytes <-> 1 pkts/86 bytes] + 15 TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:60124 <-> [2a02:26f0:ad:1a1::eed]:443 [proto: 91/SSL][cat: Web/5][1 pkts/86 bytes <-> 1 pkts/86 bytes] diff --git a/tests/result/mssql_tds.pcap.out b/tests/result/mssql_tds.pcap.out index 47403889e..b24080ac7 100644 --- a/tests/result/mssql_tds.pcap.out +++ b/tests/result/mssql_tds.pcap.out @@ -1,6 +1,6 @@ MsSQL-TDS 38 16260 12 - 1 TCP 10.111.111.111:6666 -> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][7 pkts/8717 bytes -> 0 pkts/0 bytes] + 1 TCP 10.111.111.111:6666 -> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database/11][7 pkts/8717 bytes -> 0 pkts/0 bytes] 2 TCP 10.111.111.111:5555 <-> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database/11][10 pkts/1552 bytes <-> 7 pkts/1521 bytes] 3 TCP 10.111.111.111:1111 <-> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database/11][2 pkts/614 bytes <-> 2 pkts/524 bytes] 4 TCP 10.111.111.111:4444 -> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database/11][1 pkts/1136 bytes -> 0 pkts/0 bytes] diff --git a/tests/result/netflix.pcap.out b/tests/result/netflix.pcap.out index 9a3029b4c..41ad6e3f9 100644 --- a/tests/result/netflix.pcap.out +++ b/tests/result/netflix.pcap.out @@ -63,5 +63,5 @@ Amazon 2 126 1 57 UDP 192.168.1.7:57719 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][cat: Streaming/17][1 pkts/85 bytes <-> 1 pkts/137 bytes][Host: sha2.san.akam.nflximg.net] 58 UDP 192.168.1.7:57093 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/81 bytes <-> 1 pkts/113 bytes][Host: a1907.dscg.akamai.net] 59 UDP 192.168.1.7:51728 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/80 bytes <-> 1 pkts/112 bytes][Host: a803.dscg.akamai.net] - 60 TCP 192.168.1.7:52929 -> 52.24.87.6:443 [proto: 91.178/SSL.Amazon][2 pkts/126 bytes -> 0 pkts/0 bytes] + 60 TCP 192.168.1.7:52929 -> 52.24.87.6:443 [proto: 91.178/SSL.Amazon][cat: Web/5][2 pkts/126 bytes -> 0 pkts/0 bytes] 61 IGMP 192.168.1.7:0 -> 239.255.255.250:0 [proto: 82/IGMP][cat: Network/14][1 pkts/60 bytes -> 0 pkts/0 bytes] diff --git a/tests/result/nintendo.pcap.out b/tests/result/nintendo.pcap.out index 2dd617913..025c468b3 100644 --- a/tests/result/nintendo.pcap.out +++ b/tests/result/nintendo.pcap.out @@ -5,7 +5,7 @@ Amazon 76 10811 7 1 UDP 192.168.12.114:55915 <-> 185.118.169.65:27520 [proto: 173/Nintendo][cat: Game/8][169 pkts/61414 bytes <-> 278 pkts/126260 bytes] 2 UDP 192.168.12.114:55915 <-> 93.237.131.235:56066 [proto: 173/Nintendo][cat: Game/8][122 pkts/48332 bytes <-> 35 pkts/5026 bytes] 3 UDP 192.168.12.114:55915 <-> 81.61.158.138:51769 [proto: 173/Nintendo][cat: Game/8][122 pkts/46476 bytes <-> 38 pkts/5268 bytes] - 4 TCP 54.187.10.185:443 <-> 192.168.12.114:48328 [proto: 91.178/SSL.Amazon][34 pkts/4466 bytes <-> 20 pkts/4021 bytes] + 4 TCP 54.187.10.185:443 <-> 192.168.12.114:48328 [proto: 91.178/SSL.Amazon][cat: Web/5][34 pkts/4466 bytes <-> 20 pkts/4021 bytes] 5 TCP 192.168.12.114:41517 <-> 54.192.27.217:443 [proto: 91.173/SSL.Nintendo][cat: Game/8][11 pkts/2898 bytes <-> 10 pkts/4865 bytes][client: 5][server: *.baas.nintendo.com] 6 TCP 192.168.12.114:31329 <-> 54.192.27.8:443 [proto: 91.173/SSL.Nintendo][cat: Game/8][10 pkts/2833 bytes <-> 10 pkts/4866 bytes][client: 5][server: *.baas.nintendo.com] 7 UDP 192.168.12.114:52119 <-> 91.8.243.35:49432 [proto: 173/Nintendo][cat: Game/8][23 pkts/2682 bytes <-> 16 pkts/3408 bytes] @@ -13,13 +13,13 @@ Amazon 76 10811 7 9 UDP 192.168.12.114:52119 <-> 134.3.248.25:56955 [proto: 173/Nintendo][cat: Game/8][8 pkts/1040 bytes <-> 7 pkts/922 bytes] 10 ICMP 151.6.184.100:0 -> 192.168.12.114:0 [proto: 81/ICMP][cat: Network/14][21 pkts/1470 bytes -> 0 pkts/0 bytes] 11 UDP 192.168.12.114:10184 <-> 192.168.12.1:53 [proto: 5.173/DNS.Nintendo][cat: Game/8][4 pkts/368 bytes <-> 4 pkts/400 bytes][Host: g2df33d01-lp1.p.srv.nintendo.net] - 12 UDP 192.168.12.114:52119 -> 52.10.205.177:34343 [proto: 178/Amazon][1 pkts/730 bytes -> 0 pkts/0 bytes] + 12 UDP 192.168.12.114:52119 -> 52.10.205.177:34343 [proto: 178/Amazon][cat: Web/5][1 pkts/730 bytes -> 0 pkts/0 bytes] 13 ICMP 151.6.184.98:0 -> 192.168.12.114:0 [proto: 81/ICMP][cat: Network/14][9 pkts/630 bytes -> 0 pkts/0 bytes] - 14 UDP 192.168.12.114:55915 <-> 35.158.74.61:10025 [proto: 178/Amazon][5 pkts/290 bytes <-> 5 pkts/290 bytes] + 14 UDP 192.168.12.114:55915 <-> 35.158.74.61:10025 [proto: 178/Amazon][cat: Web/5][5 pkts/290 bytes <-> 5 pkts/290 bytes] 15 UDP 192.168.12.114:18874 <-> 192.168.12.1:53 [proto: 5.173/DNS.Nintendo][cat: Game/8][1 pkts/110 bytes <-> 1 pkts/281 bytes][Host: e0d67c509fb203858ebcb2fe3f88c2aa.baas.nintendo.com] 16 UDP 192.168.12.114:51035 <-> 192.168.12.1:53 [proto: 5.173/DNS.Nintendo][cat: Game/8][1 pkts/110 bytes <-> 1 pkts/281 bytes][Host: e0d67c509fb203858ebcb2fe3f88c2aa.baas.nintendo.com] 17 UDP 192.168.12.114:52119 -> 35.158.74.61:33335 [proto: 173/Nintendo][cat: Game/8][3 pkts/354 bytes -> 0 pkts/0 bytes] - 18 UDP 192.168.12.114:55915 -> 35.158.74.61:33335 [proto: 178/Amazon][3 pkts/318 bytes -> 0 pkts/0 bytes] - 19 UDP 192.168.12.114:55915 -> 52.10.205.177:34343 [proto: 178/Amazon][1 pkts/298 bytes -> 0 pkts/0 bytes] - 20 UDP 192.168.12.114:55915 -> 35.158.74.61:33334 [proto: 178/Amazon][5 pkts/290 bytes -> 0 pkts/0 bytes] - 21 TCP 192.168.12.114:11534 <-> 54.146.242.74:443 [proto: 91.178/SSL.Amazon][1 pkts/54 bytes <-> 1 pkts/54 bytes] + 18 UDP 192.168.12.114:55915 -> 35.158.74.61:33335 [proto: 178/Amazon][cat: Web/5][3 pkts/318 bytes -> 0 pkts/0 bytes] + 19 UDP 192.168.12.114:55915 -> 52.10.205.177:34343 [proto: 178/Amazon][cat: Web/5][1 pkts/298 bytes -> 0 pkts/0 bytes] + 20 UDP 192.168.12.114:55915 -> 35.158.74.61:33334 [proto: 178/Amazon][cat: Web/5][5 pkts/290 bytes -> 0 pkts/0 bytes] + 21 TCP 192.168.12.114:11534 <-> 54.146.242.74:443 [proto: 91.178/SSL.Amazon][cat: Web/5][1 pkts/54 bytes <-> 1 pkts/54 bytes] diff --git a/tests/result/ocs.pcap.out b/tests/result/ocs.pcap.out index ed1e8218c..b5b526bfa 100644 --- a/tests/result/ocs.pcap.out +++ b/tests/result/ocs.pcap.out @@ -10,14 +10,14 @@ GoogleServices 13 2277 2 1 TCP 192.168.180.2:49881 -> 178.248.208.54:80 [proto: 7.218/HTTP.OCS][cat: Media/1][751 pkts/44783 bytes -> 0 pkts/0 bytes][Host: ocu03.labgency.ws] 2 TCP 192.168.180.2:36680 -> 178.248.208.54:443 [proto: 91.218/SSL.OCS][cat: Media/1][20 pkts/6089 bytes -> 0 pkts/0 bytes][client: ocs.labgency.ws] 3 TCP 192.168.180.2:42590 -> 178.248.208.210:80 [proto: 7.218/HTTP.OCS][cat: Media/1][83 pkts/5408 bytes -> 0 pkts/0 bytes][Host: www.ocs.fr] - 4 TCP 192.168.180.2:39263 -> 23.21.230.199:443 [proto: 91/SSL][20 pkts/2715 bytes -> 0 pkts/0 bytes][client: settings.crashlytics.com] + 4 TCP 192.168.180.2:39263 -> 23.21.230.199:443 [proto: 91/SSL][cat: Web/5][20 pkts/2715 bytes -> 0 pkts/0 bytes][client: settings.crashlytics.com] 5 TCP 192.168.180.2:32946 -> 64.233.184.188:443 [proto: 91.239/SSL.GoogleServices][cat: Web/5][12 pkts/2212 bytes -> 0 pkts/0 bytes][client: mtalk.google.com] - 6 TCP 192.168.180.2:47803 -> 64.233.166.95:443 [proto: 91.126/SSL.Google][12 pkts/1608 bytes -> 0 pkts/0 bytes] - 7 TCP 192.168.180.2:41223 -> 216.58.208.46:443 [proto: 91.126/SSL.Google][13 pkts/1448 bytes -> 0 pkts/0 bytes] + 6 TCP 192.168.180.2:47803 -> 64.233.166.95:443 [proto: 91.126/SSL.Google][cat: Web/5][12 pkts/1608 bytes -> 0 pkts/0 bytes] + 7 TCP 192.168.180.2:41223 -> 216.58.208.46:443 [proto: 91.126/SSL.Google][cat: Web/5][13 pkts/1448 bytes -> 0 pkts/0 bytes] 8 TCP 192.168.180.2:48250 -> 178.248.208.54:80 [proto: 7.218/HTTP.OCS][cat: Media/1][6 pkts/1092 bytes -> 0 pkts/0 bytes][Host: ocu03.labgency.ws] - 9 TCP 192.168.180.2:44959 -> 137.135.129.206:80 [proto: 7/HTTP][7 pkts/540 bytes -> 0 pkts/0 bytes][Host: api.eu01.capptain.com] - 10 TCP 192.168.180.2:53356 -> 137.135.129.206:80 [proto: 7/HTTP][6 pkts/479 bytes -> 0 pkts/0 bytes][Host: api.eu01.capptain.com] - 11 TCP 192.168.180.2:47699 -> 64.233.184.188:5228 [proto: 126/Google][2 pkts/120 bytes -> 0 pkts/0 bytes] + 9 TCP 192.168.180.2:44959 -> 137.135.129.206:80 [proto: 7/HTTP][cat: Web/5][7 pkts/540 bytes -> 0 pkts/0 bytes][Host: api.eu01.capptain.com] + 10 TCP 192.168.180.2:53356 -> 137.135.129.206:80 [proto: 7/HTTP][cat: Web/5][6 pkts/479 bytes -> 0 pkts/0 bytes][Host: api.eu01.capptain.com] + 11 TCP 192.168.180.2:47699 -> 64.233.184.188:5228 [proto: 126/Google][cat: Web/5][2 pkts/120 bytes -> 0 pkts/0 bytes] 12 UDP 192.168.180.2:3621 -> 8.8.8.8:53 [proto: 5/DNS][cat: Network/14][1 pkts/77 bytes -> 0 pkts/0 bytes][Host: xmpp.device06.eu01.capptain.com] 13 UDP 192.168.180.2:48770 -> 8.8.8.8:53 [proto: 5.228/DNS.PlayStore][cat: SoftwareUpdate/19][1 pkts/72 bytes -> 0 pkts/0 bytes][Host: android.clients.google.com] 14 UDP 192.168.180.2:40097 -> 8.8.8.8:53 [proto: 5/DNS][cat: Network/14][1 pkts/70 bytes -> 0 pkts/0 bytes][Host: settings.crashlytics.com] diff --git a/tests/result/pps.pcap.out b/tests/result/pps.pcap.out index a8259c514..dd6d1710b 100644 --- a/tests/result/pps.pcap.out +++ b/tests/result/pps.pcap.out @@ -76,8 +76,8 @@ GenericProtocol 1429 1780307 49 69 TCP 202.108.14.219:80 -> 192.168.115.8:50506 [proto: 7/HTTP][cat: Web/5][1 pkts/199 bytes -> 0 pkts/0 bytes] 70 UDP 192.168.5.63:60976 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][1 pkts/165 bytes -> 0 pkts/0 bytes] 71 UDP 192.168.5.63:39383 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][1 pkts/130 bytes -> 0 pkts/0 bytes] - 72 TCP 192.168.115.8:50462 -> 202.108.14.236:80 [proto: 7/HTTP][2 pkts/108 bytes -> 0 pkts/0 bytes] - 73 TCP 192.168.5.15:65125 -> 68.233.253.133:80 [proto: 7/HTTP][1 pkts/66 bytes -> 0 pkts/0 bytes] + 72 TCP 192.168.115.8:50462 -> 202.108.14.236:80 [proto: 7/HTTP][cat: Web/5][2 pkts/108 bytes -> 0 pkts/0 bytes] + 73 TCP 192.168.5.15:65125 -> 68.233.253.133:80 [proto: 7/HTTP][cat: Web/5][1 pkts/66 bytes -> 0 pkts/0 bytes] Undetected flows: diff --git a/tests/result/skype.pcap.out b/tests/result/skype.pcap.out index 9f50790f3..590f97c71 100644 --- a/tests/result/skype.pcap.out +++ b/tests/result/skype.pcap.out @@ -20,7 +20,7 @@ ApplePush 12 1877 1 4 TCP 192.168.1.34:50128 <-> 17.172.100.36:443 [proto: 91.143/SSL.AppleiCloud][cat: Web/5][43 pkts/9635 bytes <-> 43 pkts/10651 bytes][client: p05-keyvalueservice.icloud.com] 5 TCP 192.168.1.34:50119 <-> 86.31.35.30:59621 [proto: 125/Skype][cat: VoIP/10][62 pkts/6941 bytes <-> 38 pkts/5325 bytes] 6 UDP 192.168.1.92:50084 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][14 pkts/7281 bytes -> 0 pkts/0 bytes] - 7 TCP 108.160.170.46:443 <-> 192.168.1.34:49445 [proto: 91.121/SSL.Dropbox][8 pkts/1636 bytes <-> 8 pkts/4344 bytes] + 7 TCP 108.160.170.46:443 <-> 192.168.1.34:49445 [proto: 91.121/SSL.Dropbox][cat: Cloud/13][8 pkts/1636 bytes <-> 8 pkts/4344 bytes] 8 TCP 192.168.1.34:50117 <-> 71.238.7.203:18767 [proto: 125/Skype][cat: VoIP/10][24 pkts/3136 bytes <-> 19 pkts/2618 bytes] 9 TCP 192.168.1.34:50126 <-> 91.190.216.23:12350 [proto: 125/Skype][cat: VoIP/10][16 pkts/4788 bytes <-> 4 pkts/372 bytes] 10 TCP 192.168.1.34:50138 <-> 71.238.7.203:18767 [proto: 125/Skype][cat: VoIP/10][19 pkts/2797 bytes <-> 13 pkts/2175 bytes] @@ -35,76 +35,76 @@ ApplePush 12 1877 1 19 TCP 192.168.1.34:50090 <-> 23.206.33.166:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][12 pkts/2140 bytes <-> 3 pkts/200 bytes][client: apps.skype.com] 20 TCP 192.168.1.34:50134 <-> 157.56.53.47:12350 [proto: 125/Skype][cat: VoIP/10][11 pkts/1578 bytes <-> 4 pkts/342 bytes] 21 TCP 17.143.160.22:5223 <-> 192.168.1.34:49447 [proto: 238/ApplePush][cat: Cloud/13][6 pkts/1211 bytes <-> 6 pkts/666 bytes] - 22 TCP 192.168.1.34:50091 <-> 157.55.235.146:443 [proto: 91.125/SSL.Skype][13 pkts/1554 bytes <-> 3 pkts/200 bytes] + 22 TCP 192.168.1.34:50091 <-> 157.55.235.146:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][13 pkts/1554 bytes <-> 3 pkts/200 bytes] 23 TCP 192.168.1.34:50122 <-> 81.133.19.185:44431 [proto: 125/Skype][cat: VoIP/10][14 pkts/1090 bytes <-> 6 pkts/534 bytes] - 24 TCP 192.168.1.34:50039 <-> 213.199.179.175:443 [proto: 91/SSL][13 pkts/1392 bytes <-> 3 pkts/200 bytes] - 25 TCP 192.168.1.34:50101 <-> 157.55.235.176:443 [proto: 91.125/SSL.Skype][12 pkts/1305 bytes <-> 3 pkts/285 bytes] - 26 TCP 192.168.1.34:50037 <-> 157.55.56.170:443 [proto: 91.125/SSL.Skype][11 pkts/1218 bytes <-> 4 pkts/351 bytes] - 27 TCP 192.168.1.34:50080 <-> 157.55.235.156:443 [proto: 91.125/SSL.Skype][12 pkts/1249 bytes <-> 3 pkts/285 bytes] - 28 TCP 192.168.1.34:50111 <-> 91.190.216.125:443 [proto: 91.125/SSL.Skype][11 pkts/955 bytes <-> 9 pkts/561 bytes] - 29 TCP 192.168.1.34:50081 <-> 157.55.130.176:443 [proto: 91.125/SSL.Skype][12 pkts/1270 bytes <-> 3 pkts/243 bytes] + 24 TCP 192.168.1.34:50039 <-> 213.199.179.175:443 [proto: 91/SSL][cat: Web/5][13 pkts/1392 bytes <-> 3 pkts/200 bytes] + 25 TCP 192.168.1.34:50101 <-> 157.55.235.176:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][12 pkts/1305 bytes <-> 3 pkts/285 bytes] + 26 TCP 192.168.1.34:50037 <-> 157.55.56.170:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][11 pkts/1218 bytes <-> 4 pkts/351 bytes] + 27 TCP 192.168.1.34:50080 <-> 157.55.235.156:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][12 pkts/1249 bytes <-> 3 pkts/285 bytes] + 28 TCP 192.168.1.34:50111 <-> 91.190.216.125:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][11 pkts/955 bytes <-> 9 pkts/561 bytes] + 29 TCP 192.168.1.34:50081 <-> 157.55.130.176:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][12 pkts/1270 bytes <-> 3 pkts/243 bytes] 30 TCP 192.168.1.34:50116 <-> 81.83.77.141:17639 [proto: 125/Skype][cat: VoIP/10][15 pkts/1138 bytes <-> 4 pkts/372 bytes] 31 TCP 192.168.1.34:50123 <-> 80.14.46.121:4415 [proto: 125/Skype][cat: VoIP/10][14 pkts/1075 bytes <-> 4 pkts/431 bytes] 32 TCP 192.168.1.34:50075 <-> 213.199.179.142:40003 [proto: 125/Skype][cat: VoIP/10][14 pkts/1100 bytes <-> 5 pkts/395 bytes] - 33 TCP 192.168.1.34:50072 <-> 157.55.130.170:443 [proto: 91.125/SSL.Skype][12 pkts/1207 bytes <-> 3 pkts/277 bytes] - 34 TCP 192.168.1.34:50066 <-> 65.55.223.12:443 [proto: 91/SSL][12 pkts/1221 bytes <-> 3 pkts/231 bytes] + 33 TCP 192.168.1.34:50072 <-> 157.55.130.170:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][12 pkts/1207 bytes <-> 3 pkts/277 bytes] + 34 TCP 192.168.1.34:50066 <-> 65.55.223.12:443 [proto: 91/SSL][cat: Web/5][12 pkts/1221 bytes <-> 3 pkts/231 bytes] 35 TCP 192.168.1.34:50137 <-> 5.248.186.221:31010 [proto: 125/Skype][cat: VoIP/10][14 pkts/1062 bytes <-> 4 pkts/383 bytes] 36 TCP 192.168.1.34:50076 <-> 157.55.235.156:40014 [proto: 125/Skype][cat: VoIP/10][14 pkts/1083 bytes <-> 4 pkts/359 bytes] 37 TCP 192.168.1.34:50054 <-> 157.55.130.153:40005 [proto: 125/Skype][cat: VoIP/10][13 pkts/1020 bytes <-> 4 pkts/421 bytes] 38 TCP 192.168.1.34:50132 <-> 149.13.32.15:13392 [proto: 125/Skype][cat: VoIP/10][13 pkts/1010 bytes <-> 5 pkts/402 bytes] - 39 TCP 192.168.1.34:50045 <-> 157.55.130.167:443 [proto: 91.125/SSL.Skype][12 pkts/1151 bytes <-> 3 pkts/260 bytes] + 39 TCP 192.168.1.34:50045 <-> 157.55.130.167:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][12 pkts/1151 bytes <-> 3 pkts/260 bytes] 40 TCP 192.168.1.34:50114 <-> 5.248.186.221:31010 [proto: 125/Skype][cat: VoIP/10][14 pkts/1040 bytes <-> 4 pkts/362 bytes] 41 TCP 192.168.1.34:50065 <-> 65.55.223.12:40031 [proto: 125/Skype][cat: VoIP/10][13 pkts/1004 bytes <-> 4 pkts/397 bytes] - 42 TCP 192.168.1.34:50069 <-> 157.55.56.160:443 [proto: 91.125/SSL.Skype][11 pkts/1050 bytes <-> 4 pkts/351 bytes] + 42 TCP 192.168.1.34:50069 <-> 157.55.56.160:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][11 pkts/1050 bytes <-> 4 pkts/351 bytes] 43 TCP 192.168.1.34:50034 <-> 157.55.130.140:40033 [proto: 125/Skype][cat: VoIP/10][13 pkts/1010 bytes <-> 4 pkts/390 bytes] 44 TCP 192.168.1.34:50088 <-> 157.55.235.146:33033 [proto: 125/Skype][cat: VoIP/10][14 pkts/1085 bytes <-> 4 pkts/315 bytes] - 45 TCP 192.168.1.34:50102 <-> 65.55.223.15:443 [proto: 91/SSL][11 pkts/1140 bytes <-> 3 pkts/250 bytes] + 45 TCP 192.168.1.34:50102 <-> 65.55.223.15:443 [proto: 91/SSL][cat: Web/5][11 pkts/1140 bytes <-> 3 pkts/250 bytes] 46 TCP 192.168.1.34:50092 <-> 157.55.130.155:40020 [proto: 125/Skype][cat: VoIP/10][13 pkts/975 bytes <-> 4 pkts/412 bytes] 47 TCP 192.168.1.34:50115 <-> 86.31.35.30:59621 [proto: 125/Skype][cat: VoIP/10][13 pkts/995 bytes <-> 4 pkts/391 bytes] 48 TCP 192.168.1.34:50098 <-> 65.55.223.15:40026 [proto: 125/Skype][cat: VoIP/10][13 pkts/995 bytes <-> 4 pkts/386 bytes] 49 TCP 192.168.1.34:50130 <-> 212.161.8.36:13392 [proto: 125/Skype][cat: VoIP/10][13 pkts/1000 bytes <-> 4 pkts/380 bytes] - 50 TCP 192.168.1.34:50079 <-> 213.199.179.142:443 [proto: 91/SSL][13 pkts/1176 bytes <-> 3 pkts/200 bytes] + 50 TCP 192.168.1.34:50079 <-> 213.199.179.142:443 [proto: 91/SSL][cat: Web/5][13 pkts/1176 bytes <-> 3 pkts/200 bytes] 51 TCP 192.168.1.34:50097 <-> 157.55.235.176:40022 [proto: 125/Skype][cat: VoIP/10][13 pkts/1000 bytes <-> 4 pkts/371 bytes] 52 TCP 192.168.1.34:50026 <-> 65.55.223.33:40002 [proto: 125/Skype][cat: VoIP/10][13 pkts/971 bytes <-> 4 pkts/399 bytes] 53 TCP 192.168.1.34:50033 <-> 157.55.56.170:40015 [proto: 125/Skype][cat: VoIP/10][13 pkts/977 bytes <-> 4 pkts/384 bytes] 54 TCP 192.168.1.34:50053 <-> 157.55.56.146:40030 [proto: 125/Skype][cat: VoIP/10][12 pkts/940 bytes <-> 5 pkts/415 bytes] 55 TCP 192.168.1.34:50099 <-> 64.4.23.166:40022 [proto: 125/Skype][cat: VoIP/10][12 pkts/948 bytes <-> 4 pkts/407 bytes] 56 TCP 192.168.1.34:50044 <-> 157.55.130.167:40031 [proto: 125/Skype][cat: VoIP/10][13 pkts/993 bytes <-> 4 pkts/360 bytes] - 57 TCP 192.168.1.34:50051 <-> 157.55.130.166:443 [proto: 91.125/SSL.Skype][12 pkts/1074 bytes <-> 3 pkts/277 bytes] - 58 TCP 192.168.1.34:50057 <-> 157.55.130.153:443 [proto: 91.125/SSL.Skype][12 pkts/1102 bytes <-> 3 pkts/247 bytes] - 59 TCP 192.168.1.34:50048 <-> 157.55.130.150:443 [proto: 91.125/SSL.Skype][12 pkts/1109 bytes <-> 3 pkts/236 bytes] + 57 TCP 192.168.1.34:50051 <-> 157.55.130.166:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][12 pkts/1074 bytes <-> 3 pkts/277 bytes] + 58 TCP 192.168.1.34:50057 <-> 157.55.130.153:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][12 pkts/1102 bytes <-> 3 pkts/247 bytes] + 59 TCP 192.168.1.34:50048 <-> 157.55.130.150:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][12 pkts/1109 bytes <-> 3 pkts/236 bytes] 60 TCP 192.168.1.34:50077 <-> 157.55.130.176:40022 [proto: 125/Skype][cat: VoIP/10][13 pkts/1004 bytes <-> 4 pkts/334 bytes] - 61 TCP 192.168.1.34:50036 <-> 157.56.52.44:443 [proto: 91.125/SSL.Skype][11 pkts/1074 bytes <-> 3 pkts/254 bytes] + 61 TCP 192.168.1.34:50036 <-> 157.56.52.44:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][11 pkts/1074 bytes <-> 3 pkts/254 bytes] 62 TCP 192.168.1.34:50074 <-> 157.55.130.173:40003 [proto: 125/Skype][cat: VoIP/10][13 pkts/1010 bytes <-> 4 pkts/317 bytes] - 63 TCP 192.168.1.34:50078 <-> 157.55.130.173:443 [proto: 91.125/SSL.Skype][12 pkts/1088 bytes <-> 3 pkts/236 bytes] + 63 TCP 192.168.1.34:50078 <-> 157.55.130.173:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][12 pkts/1088 bytes <-> 3 pkts/236 bytes] 64 TCP 192.168.1.34:50070 <-> 157.55.130.170:40018 [proto: 125/Skype][cat: VoIP/10][13 pkts/989 bytes <-> 4 pkts/323 bytes] - 65 TCP 192.168.1.34:50030 <-> 65.55.223.33:443 [proto: 91/SSL][11 pkts/960 bytes <-> 4 pkts/351 bytes] + 65 TCP 192.168.1.34:50030 <-> 65.55.223.33:443 [proto: 91/SSL][cat: Web/5][11 pkts/960 bytes <-> 4 pkts/351 bytes] 66 TCP 192.168.1.34:50032 <-> 157.56.52.44:40032 [proto: 125/Skype][cat: VoIP/10][12 pkts/969 bytes <-> 4 pkts/337 bytes] - 67 TCP 192.168.1.34:50094 <-> 157.55.130.155:443 [proto: 91.125/SSL.Skype][12 pkts/1039 bytes <-> 3 pkts/267 bytes] + 67 TCP 192.168.1.34:50094 <-> 157.55.130.155:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][12 pkts/1039 bytes <-> 3 pkts/267 bytes] 68 TCP 192.168.1.34:50067 <-> 157.55.56.160:40027 [proto: 125/Skype][cat: VoIP/10][12 pkts/899 bytes <-> 5 pkts/406 bytes] 69 TCP 192.168.1.34:50035 <-> 213.199.179.175:40021 [proto: 125/Skype][cat: VoIP/10][13 pkts/982 bytes <-> 4 pkts/322 bytes] - 70 TCP 192.168.1.34:50063 <-> 111.221.74.38:443 [proto: 91.125/SSL.Skype][10 pkts/1002 bytes <-> 3 pkts/285 bytes] + 70 TCP 192.168.1.34:50063 <-> 111.221.74.38:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][10 pkts/1002 bytes <-> 3 pkts/285 bytes] 71 TCP 192.168.1.34:50049 <-> 157.55.130.166:40021 [proto: 125/Skype][cat: VoIP/10][11 pkts/836 bytes <-> 5 pkts/442 bytes] 72 TCP 192.168.1.34:50086 <-> 111.221.77.142:40023 [proto: 125/Skype][cat: VoIP/10][11 pkts/841 bytes <-> 5 pkts/429 bytes] - 73 TCP 192.168.1.34:50056 <-> 157.55.56.146:443 [proto: 91.125/SSL.Skype][11 pkts/999 bytes <-> 4 pkts/266 bytes] - 74 TCP 192.168.1.34:50038 <-> 157.55.130.140:443 [proto: 91.125/SSL.Skype][12 pkts/1032 bytes <-> 3 pkts/230 bytes] + 73 TCP 192.168.1.34:50056 <-> 157.55.56.146:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][11 pkts/999 bytes <-> 4 pkts/266 bytes] + 74 TCP 192.168.1.34:50038 <-> 157.55.130.140:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][12 pkts/1032 bytes <-> 3 pkts/230 bytes] 75 TCP 192.168.1.34:50055 <-> 111.221.74.47:40030 [proto: 125/Skype][cat: VoIP/10][11 pkts/866 bytes <-> 5 pkts/396 bytes] 76 TCP 192.168.1.34:50112 <-> 76.167.161.6:20274 [proto: 125/Skype][cat: VoIP/10][11 pkts/843 bytes <-> 4 pkts/411 bytes] 77 TCP 192.168.1.34:50141 <-> 80.14.46.121:4415 [proto: 125/Skype][cat: VoIP/10][13 pkts/994 bytes <-> 2 pkts/243 bytes] 78 TCP 192.168.1.34:50059 <-> 111.221.74.38:40015 [proto: 125/Skype][cat: VoIP/10][11 pkts/820 bytes <-> 5 pkts/416 bytes] 79 TCP 192.168.1.34:50046 <-> 157.55.130.150:40011 [proto: 125/Skype][cat: VoIP/10][11 pkts/843 bytes <-> 4 pkts/386 bytes] 80 TCP 192.168.1.34:50096 <-> 111.221.74.46:40027 [proto: 125/Skype][cat: VoIP/10][11 pkts/822 bytes <-> 4 pkts/390 bytes] - 81 TCP 192.168.1.34:50058 <-> 111.221.74.47:443 [proto: 91.125/SSL.Skype][10 pkts/857 bytes <-> 4 pkts/351 bytes] + 81 TCP 192.168.1.34:50058 <-> 111.221.74.47:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][10 pkts/857 bytes <-> 4 pkts/351 bytes] 82 TCP 192.168.1.34:50113 <-> 71.238.7.203:18767 [proto: 125/Skype][cat: VoIP/10][11 pkts/827 bytes <-> 3 pkts/325 bytes] - 83 TCP 192.168.1.34:50103 <-> 64.4.23.166:443 [proto: 91/SSL][9 pkts/862 bytes <-> 3 pkts/285 bytes] + 83 TCP 192.168.1.34:50103 <-> 64.4.23.166:443 [proto: 91/SSL][cat: Web/5][9 pkts/862 bytes <-> 3 pkts/285 bytes] 84 TCP 192.168.1.34:50143 <-> 78.202.226.115:29059 [proto: 125/Skype][cat: VoIP/10][12 pkts/935 bytes <-> 2 pkts/197 bytes] - 85 TCP 192.168.1.34:50100 <-> 111.221.74.46:443 [proto: 91.125/SSL.Skype][10 pkts/872 bytes <-> 3 pkts/237 bytes] + 85 TCP 192.168.1.34:50100 <-> 111.221.74.46:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][10 pkts/872 bytes <-> 3 pkts/237 bytes] 86 TCP 192.168.1.34:50135 <-> 76.167.161.6:20274 [proto: 125/Skype][cat: VoIP/10][11 pkts/838 bytes <-> 3 pkts/270 bytes] - 87 TCP 192.168.1.34:50087 <-> 111.221.77.142:443 [proto: 91.125/SSL.Skype][9 pkts/822 bytes <-> 3 pkts/285 bytes] + 87 TCP 192.168.1.34:50087 <-> 111.221.77.142:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][9 pkts/822 bytes <-> 3 pkts/285 bytes] 88 TCP 192.168.1.34:50136 <-> 71.238.7.203:18767 [proto: 125/Skype][cat: VoIP/10][11 pkts/814 bytes <-> 3 pkts/287 bytes] 89 UDP [fe80::c62c:3ff:fe06:49fe]:5353 -> [ff02::fb]:5353 [proto: 8/MDNS][cat: Network/14][4 pkts/908 bytes -> 0 pkts/0 bytes] 90 UDP 192.168.1.92:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network/14][4 pkts/828 bytes -> 0 pkts/0 bytes] - 91 TCP 192.168.1.34:50125 <-> 91.190.218.125:12350 [proto: 125/Skype][6 pkts/417 bytes <-> 4 pkts/352 bytes] + 91 TCP 192.168.1.34:50125 <-> 91.190.218.125:12350 [proto: 125/Skype][cat: VoIP/10][6 pkts/417 bytes <-> 4 pkts/352 bytes] 92 ICMP 192.168.1.1:0 -> 192.168.1.34:0 [proto: 81/ICMP][cat: Network/14][8 pkts/656 bytes -> 0 pkts/0 bytes] 93 UDP 192.168.1.34:55159 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/651 bytes -> 0 pkts/0 bytes][Host: a.config.skype.trafficmanager.net] 94 UDP 192.168.1.34:63108 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/651 bytes -> 0 pkts/0 bytes][Host: a.config.skype.trafficmanager.net] @@ -123,8 +123,8 @@ ApplePush 12 1877 1 107 UDP 192.168.1.34:52742 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/616 bytes -> 0 pkts/0 bytes][Host: 335.0.7.7.3.rst5.r.skype.net] 108 UDP 192.168.1.34:56387 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/616 bytes -> 0 pkts/0 bytes][Host: 335.0.7.7.3.rst5.r.skype.net] 109 UDP 192.168.1.34:57288 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/616 bytes -> 0 pkts/0 bytes][Host: 335.0.7.7.3.rst6.r.skype.net] - 110 TCP 192.168.1.34:50146 -> 157.56.53.51:443 [proto: 91/SSL][8 pkts/608 bytes -> 0 pkts/0 bytes] - 111 TCP 192.168.1.34:50129 <-> 91.190.218.125:12350 [proto: 125/Skype][6 pkts/353 bytes <-> 4 pkts/246 bytes] + 110 TCP 192.168.1.34:50146 -> 157.56.53.51:443 [proto: 91/SSL][cat: Web/5][8 pkts/608 bytes -> 0 pkts/0 bytes] + 111 TCP 192.168.1.34:50129 <-> 91.190.218.125:12350 [proto: 125/Skype][cat: VoIP/10][6 pkts/353 bytes <-> 4 pkts/246 bytes] 112 UDP 192.168.1.34:49163 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/546 bytes -> 0 pkts/0 bytes][Host: b.config.skype.com] 113 UDP 192.168.1.34:51802 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/546 bytes -> 0 pkts/0 bytes][Host: b.config.skype.com] 114 UDP 192.168.1.34:52714 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/546 bytes -> 0 pkts/0 bytes][Host: b.config.skype.com] @@ -133,9 +133,9 @@ ApplePush 12 1877 1 117 UDP 192.168.1.34:65045 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/532 bytes -> 0 pkts/0 bytes][Host: dsn4.d.skype.net] 118 UDP 192.168.1.34:54396 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/511 bytes -> 0 pkts/0 bytes][Host: api.skype.com] 119 UDP 192.168.1.34:65426 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/511 bytes -> 0 pkts/0 bytes][Host: api.skype.com] - 120 TCP 192.168.1.34:50109 <-> 91.190.216.125:12350 [proto: 125/Skype][3 pkts/297 bytes <-> 3 pkts/186 bytes] + 120 TCP 192.168.1.34:50109 <-> 91.190.216.125:12350 [proto: 125/Skype][cat: VoIP/10][3 pkts/297 bytes <-> 3 pkts/186 bytes] 121 UDP 192.168.1.92:57621 -> 192.168.1.255:57621 [proto: 156/Spotify][cat: Streaming/17][5 pkts/430 bytes -> 0 pkts/0 bytes] - 122 TCP 192.168.1.34:50110 <-> 91.190.216.125:12350 [proto: 125/Skype][3 pkts/191 bytes <-> 3 pkts/186 bytes] + 122 TCP 192.168.1.34:50110 <-> 91.190.216.125:12350 [proto: 125/Skype][cat: VoIP/10][3 pkts/191 bytes <-> 3 pkts/186 bytes] 123 UDP 192.168.1.34:55893 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][5 pkts/360 bytes -> 0 pkts/0 bytes][Host: ui.skype.com] 124 UDP 192.168.1.34:49485 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][2 pkts/349 bytes -> 0 pkts/0 bytes] 125 UDP 192.168.1.34:51066 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][2 pkts/349 bytes -> 0 pkts/0 bytes] @@ -149,7 +149,7 @@ ApplePush 12 1877 1 133 UDP 192.168.1.34:51879 <-> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][1 pkts/82 bytes <-> 1 pkts/98 bytes][Host: e4593.g.akamaiedge.net] 134 UDP 192.168.1.34:63321 <-> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][1 pkts/82 bytes <-> 1 pkts/98 bytes][Host: e4593.g.akamaiedge.net] 135 UDP 192.168.1.34:64085 <-> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][1 pkts/82 bytes <-> 1 pkts/98 bytes][Host: e7768.b.akamaiedge.net] - 136 TCP 192.168.1.34:50024 <-> 17.172.100.36:443 [proto: 91.140/SSL.Apple][2 pkts/108 bytes <-> 1 pkts/60 bytes] + 136 TCP 192.168.1.34:50024 <-> 17.172.100.36:443 [proto: 91.140/SSL.Apple][cat: Web/5][2 pkts/108 bytes <-> 1 pkts/60 bytes] 137 IGMP 192.168.0.254:0 -> 224.0.0.1:0 [proto: 82/IGMP][cat: Network/14][2 pkts/92 bytes -> 0 pkts/0 bytes] 138 UDP 192.168.1.34:13021 -> 64.4.23.145:40024 [proto: 125/Skype][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] 139 UDP 192.168.1.34:13021 -> 65.55.223.26:40004 [proto: 125/Skype][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] diff --git a/tests/result/skype_no_unknown.pcap.out b/tests/result/skype_no_unknown.pcap.out index a4e58cd54..9c1dcbd1f 100644 --- a/tests/result/skype_no_unknown.pcap.out +++ b/tests/result/skype_no_unknown.pcap.out @@ -13,38 +13,38 @@ MS_OneDrive 348 181687 1 ApplePush 8 1118 1 1 TCP 192.168.1.34:51230 <-> 157.56.126.211:443 [proto: 91.221/SSL.MS_OneDrive][cat: Cloud/13][166 pkts/39042 bytes <-> 182 pkts/142645 bytes][server: *.gateway.messenger.live.com] - 2 TCP 192.168.1.34:51279 <-> 111.221.74.48:40008 [proto: 125/Skype][101 pkts/30681 bytes <-> 98 pkts/59934 bytes] - 3 TCP 192.168.1.34:51227 <-> 17.172.100.36:443 [proto: 91.140/SSL.Apple][38 pkts/9082 bytes <-> 38 pkts/10499 bytes] + 2 TCP 192.168.1.34:51279 <-> 111.221.74.48:40008 [proto: 125/Skype][cat: VoIP/10][101 pkts/30681 bytes <-> 98 pkts/59934 bytes] + 3 TCP 192.168.1.34:51227 <-> 17.172.100.36:443 [proto: 91.140/SSL.Apple][cat: Web/5][38 pkts/9082 bytes <-> 38 pkts/10499 bytes] 4 UDP 192.168.0.254:1025 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][36 pkts/13402 bytes -> 0 pkts/0 bytes] 5 TCP 192.168.1.34:51292 <-> 71.238.7.203:18767 [proto: 125/Skype][cat: VoIP/10][17 pkts/2686 bytes <-> 13 pkts/2218 bytes] 6 TCP 192.168.1.34:51293 <-> 5.248.186.221:31010 [proto: 125/Skype][cat: VoIP/10][12 pkts/2194 bytes <-> 8 pkts/1711 bytes] 7 TCP 192.168.1.34:51231 <-> 23.206.33.166:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][16 pkts/3461 bytes <-> 1 pkts/74 bytes][client: apps.skype.com] 8 TCP 192.168.1.34:51297 <-> 91.190.216.24:12350 [proto: 125/Skype][cat: VoIP/10][12 pkts/3242 bytes <-> 3 pkts/290 bytes] - 9 TCP 108.160.163.108:443 <-> 192.168.1.34:51222 [proto: 91.121/SSL.Dropbox][4 pkts/818 bytes <-> 4 pkts/2172 bytes] + 9 TCP 108.160.163.108:443 <-> 192.168.1.34:51222 [proto: 91.121/SSL.Dropbox][cat: Cloud/13][4 pkts/818 bytes <-> 4 pkts/2172 bytes] 10 TCP 192.168.1.34:51295 <-> 23.206.33.166:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][11 pkts/2074 bytes <-> 1 pkts/74 bytes][client: apps.skype.com] - 11 TCP 192.168.1.34:51238 <-> 157.55.235.147:443 [proto: 91.125/SSL.Skype][13 pkts/1446 bytes <-> 4 pkts/266 bytes] - 12 TCP 192.168.1.34:51262 <-> 213.199.179.176:443 [proto: 91/SSL][13 pkts/1437 bytes <-> 3 pkts/200 bytes] - 13 TCP 192.168.1.34:51241 <-> 157.55.130.176:443 [proto: 91.125/SSL.Skype][12 pkts/1333 bytes <-> 3 pkts/251 bytes] - 14 TCP 192.168.1.34:51261 <-> 157.55.235.170:443 [proto: 91.125/SSL.Skype][12 pkts/1284 bytes <-> 3 pkts/285 bytes] - 15 TCP 192.168.1.34:51239 <-> 65.55.223.45:443 [proto: 91/SSL][12 pkts/1291 bytes <-> 3 pkts/242 bytes] - 16 TCP 192.168.1.34:51274 <-> 157.55.235.152:443 [proto: 91.125/SSL.Skype][12 pkts/1235 bytes <-> 3 pkts/285 bytes] - 17 TCP 192.168.1.34:51260 <-> 157.55.130.142:443 [proto: 91.125/SSL.Skype][12 pkts/1249 bytes <-> 3 pkts/265 bytes] + 11 TCP 192.168.1.34:51238 <-> 157.55.235.147:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][13 pkts/1446 bytes <-> 4 pkts/266 bytes] + 12 TCP 192.168.1.34:51262 <-> 213.199.179.176:443 [proto: 91/SSL][cat: Web/5][13 pkts/1437 bytes <-> 3 pkts/200 bytes] + 13 TCP 192.168.1.34:51241 <-> 157.55.130.176:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][12 pkts/1333 bytes <-> 3 pkts/251 bytes] + 14 TCP 192.168.1.34:51261 <-> 157.55.235.170:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][12 pkts/1284 bytes <-> 3 pkts/285 bytes] + 15 TCP 192.168.1.34:51239 <-> 65.55.223.45:443 [proto: 91/SSL][cat: Web/5][12 pkts/1291 bytes <-> 3 pkts/242 bytes] + 16 TCP 192.168.1.34:51274 <-> 157.55.235.152:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][12 pkts/1235 bytes <-> 3 pkts/285 bytes] + 17 TCP 192.168.1.34:51260 <-> 157.55.130.142:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][12 pkts/1249 bytes <-> 3 pkts/265 bytes] 18 TCP 192.168.1.34:51258 <-> 213.199.179.176:40021 [proto: 125/Skype][cat: VoIP/10][14 pkts/1104 bytes <-> 5 pkts/392 bytes] 19 TCP 192.168.1.34:51269 <-> 213.199.179.175:40029 [proto: 125/Skype][cat: VoIP/10][14 pkts/1106 bytes <-> 5 pkts/385 bytes] 20 TCP 192.168.1.34:51290 <-> 5.248.186.221:31010 [proto: 125/Skype][cat: VoIP/10][14 pkts/1070 bytes <-> 4 pkts/420 bytes] 21 TCP 192.168.1.34:51234 <-> 157.55.235.147:40001 [proto: 125/Skype][cat: VoIP/10][14 pkts/1117 bytes <-> 4 pkts/337 bytes] - 22 TCP 192.168.1.34:51253 <-> 64.4.23.166:443 [proto: 91/SSL][11 pkts/1164 bytes <-> 3 pkts/268 bytes] - 23 TCP 192.168.1.34:51247 <-> 157.56.52.44:443 [proto: 91.125/SSL.Skype][10 pkts/1077 bytes <-> 4 pkts/351 bytes] + 22 TCP 192.168.1.34:51253 <-> 64.4.23.166:443 [proto: 91/SSL][cat: Web/5][11 pkts/1164 bytes <-> 3 pkts/268 bytes] + 23 TCP 192.168.1.34:51247 <-> 157.56.52.44:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][10 pkts/1077 bytes <-> 4 pkts/351 bytes] 24 TCP 192.168.1.34:51257 <-> 157.55.235.170:40032 [proto: 125/Skype][cat: VoIP/10][14 pkts/1059 bytes <-> 4 pkts/367 bytes] 25 TCP 192.168.1.34:51277 <-> 157.55.235.156:40026 [proto: 125/Skype][cat: VoIP/10][13 pkts/1011 bytes <-> 4 pkts/415 bytes] 26 TCP 192.168.1.34:51305 <-> 149.13.32.15:13392 [proto: 125/Skype][cat: VoIP/10][14 pkts/1093 bytes <-> 4 pkts/333 bytes] - 27 TCP 192.168.1.34:51271 <-> 213.199.179.175:443 [proto: 91/SSL][12 pkts/1130 bytes <-> 3 pkts/285 bytes] - 28 TCP 192.168.1.34:51280 <-> 157.55.235.146:443 [proto: 91.125/SSL.Skype][12 pkts/1130 bytes <-> 3 pkts/285 bytes] - 29 TCP 192.168.1.34:51281 <-> 157.55.235.156:443 [proto: 91.125/SSL.Skype][12 pkts/1095 bytes <-> 3 pkts/285 bytes] - 30 TCP 192.168.1.34:51240 <-> 111.221.74.45:443 [proto: 91.125/SSL.Skype][10 pkts/1022 bytes <-> 4 pkts/351 bytes] + 27 TCP 192.168.1.34:51271 <-> 213.199.179.175:443 [proto: 91/SSL][cat: Web/5][12 pkts/1130 bytes <-> 3 pkts/285 bytes] + 28 TCP 192.168.1.34:51280 <-> 157.55.235.146:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][12 pkts/1130 bytes <-> 3 pkts/285 bytes] + 29 TCP 192.168.1.34:51281 <-> 157.55.235.156:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][12 pkts/1095 bytes <-> 3 pkts/285 bytes] + 30 TCP 192.168.1.34:51240 <-> 111.221.74.45:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][10 pkts/1022 bytes <-> 4 pkts/351 bytes] 31 TCP 192.168.1.34:51289 <-> 71.238.7.203:18767 [proto: 125/Skype][cat: VoIP/10][13 pkts/991 bytes <-> 4 pkts/378 bytes] 32 TCP 192.168.1.34:51272 <-> 157.55.235.152:40029 [proto: 125/Skype][cat: VoIP/10][13 pkts/1006 bytes <-> 4 pkts/361 bytes] - 33 TCP 192.168.1.34:51250 <-> 111.221.77.175:443 [proto: 91.125/SSL.Skype][10 pkts/1012 bytes <-> 4 pkts/351 bytes] + 33 TCP 192.168.1.34:51250 <-> 111.221.77.175:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][10 pkts/1012 bytes <-> 4 pkts/351 bytes] 34 TCP 192.168.1.34:51235 <-> 65.55.223.45:40009 [proto: 125/Skype][cat: VoIP/10][13 pkts/976 bytes <-> 4 pkts/365 bytes] 35 TCP 192.168.1.34:51237 <-> 157.55.130.176:40022 [proto: 125/Skype][cat: VoIP/10][13 pkts/986 bytes <-> 4 pkts/344 bytes] 36 TCP 192.168.1.34:51276 <-> 157.55.235.146:40021 [proto: 125/Skype][cat: VoIP/10][13 pkts/981 bytes <-> 4 pkts/348 bytes] @@ -55,16 +55,16 @@ ApplePush 8 1118 1 41 TCP 192.168.1.34:51246 <-> 157.56.52.44:40020 [proto: 125/Skype][cat: VoIP/10][11 pkts/856 bytes <-> 5 pkts/409 bytes] 42 TCP 192.168.1.34:51288 <-> 76.167.161.6:20274 [proto: 125/Skype][cat: VoIP/10][11 pkts/861 bytes <-> 4 pkts/397 bytes] 43 TCP 192.168.1.34:51236 <-> 111.221.74.45:40008 [proto: 125/Skype][cat: VoIP/10][11 pkts/844 bytes <-> 5 pkts/413 bytes] - 44 TCP 192.168.1.34:51282 <-> 64.4.23.159:443 [proto: 91/SSL][10 pkts/972 bytes <-> 3 pkts/285 bytes] - 45 TCP 192.168.1.34:51259 <-> 111.221.77.142:443 [proto: 91.125/SSL.Skype][10 pkts/902 bytes <-> 4 pkts/351 bytes] + 44 TCP 192.168.1.34:51282 <-> 64.4.23.159:443 [proto: 91/SSL][cat: Web/5][10 pkts/972 bytes <-> 3 pkts/285 bytes] + 45 TCP 192.168.1.34:51259 <-> 111.221.77.142:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][10 pkts/902 bytes <-> 4 pkts/351 bytes] 46 TCP 192.168.1.34:51256 <-> 111.221.77.142:40013 [proto: 125/Skype][cat: VoIP/10][11 pkts/815 bytes <-> 5 pkts/423 bytes] 47 TCP 192.168.1.34:51291 <-> 81.83.77.141:17639 [proto: 125/Skype][cat: VoIP/10][12 pkts/942 bytes <-> 3 pkts/284 bytes] 48 TCP 192.168.1.34:51278 <-> 64.4.23.159:40009 [proto: 125/Skype][cat: VoIP/10][11 pkts/832 bytes <-> 4 pkts/387 bytes] - 49 TCP 192.168.1.34:51268 <-> 111.221.74.18:443 [proto: 91.125/SSL.Skype][10 pkts/852 bytes <-> 4 pkts/351 bytes] + 49 TCP 192.168.1.34:51268 <-> 111.221.74.18:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][10 pkts/852 bytes <-> 4 pkts/351 bytes] 50 TCP 192.168.1.34:51309 <-> 149.13.32.15:13392 [proto: 125/Skype][cat: VoIP/10][12 pkts/916 bytes <-> 3 pkts/281 bytes] 51 TCP 192.168.1.34:51316 <-> 149.13.32.15:13392 [proto: 125/Skype][cat: VoIP/10][11 pkts/862 bytes <-> 3 pkts/314 bytes] 52 TCP 192.168.1.34:51267 <-> 111.221.74.18:40025 [proto: 125/Skype][cat: VoIP/10][10 pkts/785 bytes <-> 4 pkts/378 bytes] - 53 TCP 192.168.1.34:51232 <-> 157.56.52.28:443 [proto: 91.125/SSL.Skype][10 pkts/872 bytes <-> 3 pkts/285 bytes] + 53 TCP 192.168.1.34:51232 <-> 157.56.52.28:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][10 pkts/872 bytes <-> 3 pkts/285 bytes] 54 TCP 192.168.1.34:51298 <-> 82.224.110.241:38895 [proto: 125/Skype][cat: VoIP/10][12 pkts/931 bytes <-> 2 pkts/219 bytes] 55 TCP 192.168.1.34:51313 <-> 212.161.8.36:13392 [proto: 125/Skype][cat: VoIP/10][11 pkts/855 bytes <-> 3 pkts/287 bytes] 56 UDP 192.168.1.1:137 <-> 192.168.1.34:137 [proto: 10/NetBIOS][cat: System/18][6 pkts/958 bytes <-> 2 pkts/184 bytes] @@ -76,7 +76,7 @@ ApplePush 8 1118 1 62 UDP 192.168.1.92:17500 -> 255.255.255.255:17500 [proto: 121/Dropbox][cat: Cloud/13][2 pkts/1088 bytes -> 0 pkts/0 bytes] 63 TCP 192.168.1.34:51318 <-> 212.161.8.36:13392 [proto: 125/Skype][cat: VoIP/10][7 pkts/571 bytes <-> 3 pkts/286 bytes] 64 UDP 192.168.1.34:137 -> 192.168.1.255:137 [proto: 10/NetBIOS][cat: System/18][7 pkts/680 bytes -> 0 pkts/0 bytes] - 65 TCP 192.168.1.34:51299 <-> 91.190.216.125:12350 [proto: 125/Skype][6 pkts/353 bytes <-> 5 pkts/306 bytes] + 65 TCP 192.168.1.34:51299 <-> 91.190.216.125:12350 [proto: 125/Skype][cat: VoIP/10][6 pkts/353 bytes <-> 5 pkts/306 bytes] 66 UDP 192.168.1.34:58631 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][8 pkts/648 bytes -> 0 pkts/0 bytes][Host: conn.skype.akadns.net] 67 UDP 192.168.1.34:60688 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][8 pkts/648 bytes -> 0 pkts/0 bytes][Host: conn.skype.akadns.net] 68 UDP 192.168.1.34:50055 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: pipe.prd.skypedata.akadns.net] @@ -87,7 +87,7 @@ ApplePush 8 1118 1 73 UDP 192.168.1.34:61095 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: pipe.prd.skypedata.akadns.net] 74 UDP 192.168.1.34:60413 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/616 bytes -> 0 pkts/0 bytes][Host: 335.0.7.7.3.rst0.r.skype.net] 75 UDP 192.168.1.34:64364 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/616 bytes -> 0 pkts/0 bytes][Host: 335.0.7.7.3.rst0.r.skype.net] - 76 TCP 192.168.1.34:51302 <-> 91.190.216.125:443 [proto: 91.125/SSL.Skype][6 pkts/353 bytes <-> 4 pkts/246 bytes] + 76 TCP 192.168.1.34:51302 <-> 91.190.216.125:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][6 pkts/353 bytes <-> 4 pkts/246 bytes] 77 UDP 192.168.1.34:63514 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][8 pkts/576 bytes -> 0 pkts/0 bytes][Host: ui.skype.com] 78 UDP 192.168.1.34:55028 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/546 bytes -> 0 pkts/0 bytes][Host: a.config.skype.com] 79 UDP 192.168.1.34:63342 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/546 bytes -> 0 pkts/0 bytes][Host: b.config.skype.com] @@ -97,13 +97,13 @@ ApplePush 8 1118 1 83 UDP 192.168.1.34:62875 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/539 bytes -> 0 pkts/0 bytes][Host: dsn13.d.skype.net] 84 UDP 192.168.1.34:49864 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/511 bytes -> 0 pkts/0 bytes][Host: api.skype.com] 85 UDP 192.168.1.34:64240 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/511 bytes -> 0 pkts/0 bytes][Host: api.skype.com] - 86 TCP 192.168.1.34:51296 <-> 91.190.216.125:12350 [proto: 125/Skype][3 pkts/293 bytes <-> 3 pkts/186 bytes] - 87 TCP 192.168.1.34:51308 -> 80.121.84.93:443 [proto: 91/SSL][6 pkts/468 bytes -> 0 pkts/0 bytes] - 88 UDP 192.168.1.1:138 -> 192.168.1.34:138 [proto: 10/NetBIOS][2 pkts/452 bytes -> 0 pkts/0 bytes] + 86 TCP 192.168.1.34:51296 <-> 91.190.216.125:12350 [proto: 125/Skype][cat: VoIP/10][3 pkts/293 bytes <-> 3 pkts/186 bytes] + 87 TCP 192.168.1.34:51308 -> 80.121.84.93:443 [proto: 91/SSL][cat: Web/5][6 pkts/468 bytes -> 0 pkts/0 bytes] + 88 UDP 192.168.1.1:138 -> 192.168.1.34:138 [proto: 10/NetBIOS][cat: System/18][2 pkts/452 bytes -> 0 pkts/0 bytes] 89 UDP 192.168.1.34:138 -> 192.168.1.255:138 [proto: 10/NetBIOS][cat: System/18][2 pkts/432 bytes -> 0 pkts/0 bytes] - 90 TCP 192.168.1.34:51284 <-> 91.190.218.125:12350 [proto: 125/Skype][3 pkts/237 bytes <-> 3 pkts/186 bytes] - 91 TCP 192.168.1.34:51285 <-> 91.190.218.125:12350 [proto: 125/Skype][3 pkts/191 bytes <-> 3 pkts/186 bytes] - 92 TCP 192.168.1.34:51286 <-> 91.190.218.125:443 [proto: 91.125/SSL.Skype][3 pkts/191 bytes <-> 3 pkts/186 bytes] + 90 TCP 192.168.1.34:51284 <-> 91.190.218.125:12350 [proto: 125/Skype][cat: VoIP/10][3 pkts/237 bytes <-> 3 pkts/186 bytes] + 91 TCP 192.168.1.34:51285 <-> 91.190.218.125:12350 [proto: 125/Skype][cat: VoIP/10][3 pkts/191 bytes <-> 3 pkts/186 bytes] + 92 TCP 192.168.1.34:51286 <-> 91.190.218.125:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][3 pkts/191 bytes <-> 3 pkts/186 bytes] 93 UDP 192.168.1.34:58061 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][2 pkts/349 bytes -> 0 pkts/0 bytes] 94 UDP 192.168.1.34:59237 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][2 pkts/349 bytes -> 0 pkts/0 bytes] 95 ICMP 192.168.1.1:0 -> 192.168.1.34:0 [proto: 81/ICMP][cat: Network/14][4 pkts/328 bytes -> 0 pkts/0 bytes] @@ -112,7 +112,7 @@ ApplePush 8 1118 1 98 UDP 192.168.1.34:57694 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/101 bytes <-> 1 pkts/166 bytes][Host: db3msgr5011709.gateway.messenger.live.com] 99 UDP [fe80::c62c:3ff:fe06:49fe]:5353 -> [ff02::fb]:5353 [proto: 8/MDNS][cat: Network/14][2 pkts/258 bytes -> 0 pkts/0 bytes] 100 UDP 192.168.1.92:138 -> 192.168.1.255:138 [proto: 10/NetBIOS][cat: System/18][1 pkts/216 bytes -> 0 pkts/0 bytes] - 101 TCP 192.168.1.34:51283 <-> 111.221.74.48:443 [proto: 91.125/SSL.Skype][2 pkts/132 bytes <-> 1 pkts/74 bytes] + 101 TCP 192.168.1.34:51283 <-> 111.221.74.48:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][2 pkts/132 bytes <-> 1 pkts/74 bytes] 102 UDP 192.168.1.34:59788 <-> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][1 pkts/82 bytes <-> 1 pkts/98 bytes][Host: e4593.g.akamaiedge.net] 103 UDP 192.168.1.34:63661 <-> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][1 pkts/82 bytes <-> 1 pkts/98 bytes][Host: e4593.g.akamaiedge.net] 104 UDP 192.168.1.92:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network/14][1 pkts/142 bytes -> 0 pkts/0 bytes][Lucas-iMac.local] diff --git a/tests/result/starcraft_battle.pcap.out b/tests/result/starcraft_battle.pcap.out index ee66db4dd..c385561d7 100644 --- a/tests/result/starcraft_battle.pcap.out +++ b/tests/result/starcraft_battle.pcap.out @@ -29,7 +29,7 @@ Starcraft 236 51494 6 17 TCP 192.168.1.100:3524 <-> 80.239.186.26:80 [proto: 7/HTTP][cat: Web/5][6 pkts/481 bytes <-> 4 pkts/733 bytes][Host: nydus.battle.net] 18 TCP 192.168.1.100:3523 <-> 80.239.186.26:80 [proto: 7/HTTP][cat: Web/5][6 pkts/483 bytes <-> 4 pkts/725 bytes][Host: nydus.battle.net] 19 TCP 192.168.1.100:3519 <-> 80.239.186.21:80 [proto: 7/HTTP][cat: Web/5][5 pkts/482 bytes <-> 4 pkts/497 bytes][Host: eu.launcher.battle.net] - 20 TCP 192.168.1.100:3427 <-> 80.239.208.193:1119 [proto: 213/Starcraft][6 pkts/376 bytes <-> 7 pkts/526 bytes] + 20 TCP 192.168.1.100:3427 <-> 80.239.208.193:1119 [proto: 213/Starcraft][cat: Game/8][6 pkts/376 bytes <-> 7 pkts/526 bytes] 21 TCP 192.168.1.100:3512 <-> 12.129.222.54:80 [proto: 7.76/HTTP.WorldOfWarcraft][cat: Game/8][5 pkts/367 bytes <-> 4 pkts/513 bytes][Host: us.scan.worldofwarcraft.com] 22 UDP 192.168.1.100:55468 <-> 192.168.1.254:53 [proto: 5/DNS][cat: Network/14][2 pkts/168 bytes <-> 2 pkts/388 bytes][Host: bnetcmsus-a.akamaihd.net] 23 UDP 173.194.40.22:443 <-> 192.168.1.100:53568 [proto: 188/QUIC][cat: Web/5][3 pkts/243 bytes <-> 3 pkts/232 bytes] @@ -37,28 +37,28 @@ Starcraft 236 51494 6 25 UDP 192.168.1.100:60026 <-> 192.168.1.254:53 [proto: 5/DNS][cat: Network/14][2 pkts/154 bytes <-> 2 pkts/288 bytes][Host: llnw.blizzard.com] 26 UDP 192.168.1.100:58818 <-> 192.168.1.254:53 [proto: 5/DNS][cat: Network/14][2 pkts/172 bytes <-> 2 pkts/260 bytes][Host: 91.252.30.192.in-addr.arpa] 27 UDP 192.168.1.100:58831 <-> 192.168.1.254:53 [proto: 5/DNS][cat: Network/14][2 pkts/172 bytes <-> 2 pkts/245 bytes][Host: 254.1.168.192.in-addr.arpa] - 28 TCP 192.168.1.100:3532 <-> 2.228.46.112:80 [proto: 7/HTTP][3 pkts/320 bytes <-> 1 pkts/66 bytes][Host: bnetcmsus-a.akamaihd.net] - 29 TCP 192.168.1.100:3533 <-> 2.228.46.112:80 [proto: 7/HTTP][3 pkts/320 bytes <-> 1 pkts/66 bytes][Host: bnetcmsus-a.akamaihd.net] + 28 TCP 192.168.1.100:3532 <-> 2.228.46.112:80 [proto: 7/HTTP][cat: Web/5][3 pkts/320 bytes <-> 1 pkts/66 bytes][Host: bnetcmsus-a.akamaihd.net] + 29 TCP 192.168.1.100:3533 <-> 2.228.46.112:80 [proto: 7/HTTP][cat: Web/5][3 pkts/320 bytes <-> 1 pkts/66 bytes][Host: bnetcmsus-a.akamaihd.net] 30 UDP 192.168.1.100:53145 <-> 192.168.1.254:53 [proto: 5/DNS][cat: Network/14][2 pkts/152 bytes <-> 2 pkts/184 bytes][Host: nydus.battle.net] - 31 TCP 192.168.1.100:3479 <-> 2.228.46.114:443 [proto: 91/SSL][2 pkts/108 bytes <-> 2 pkts/167 bytes] - 32 TCP 192.168.1.100:3480 <-> 2.228.46.114:443 [proto: 91/SSL][2 pkts/108 bytes <-> 2 pkts/167 bytes] - 33 TCP 192.168.1.100:3481 <-> 2.228.46.114:443 [proto: 91/SSL][2 pkts/108 bytes <-> 2 pkts/167 bytes] - 34 TCP 192.168.1.100:3482 <-> 2.228.46.114:443 [proto: 91/SSL][2 pkts/108 bytes <-> 2 pkts/167 bytes] - 35 TCP 192.168.1.100:3489 <-> 2.228.46.104:443 [proto: 91/SSL][2 pkts/108 bytes <-> 2 pkts/167 bytes] - 36 TCP 192.168.1.100:3490 <-> 2.228.46.104:443 [proto: 91/SSL][2 pkts/108 bytes <-> 2 pkts/167 bytes] - 37 TCP 192.168.1.100:3491 <-> 2.228.46.104:443 [proto: 91/SSL][2 pkts/108 bytes <-> 2 pkts/167 bytes] - 38 TCP 192.168.1.100:3492 <-> 2.228.46.104:443 [proto: 91/SSL][2 pkts/108 bytes <-> 2 pkts/167 bytes] - 39 TCP 192.30.252.91:443 <-> 192.168.1.100:3213 [proto: 91.203/SSL.Github][2 pkts/145 bytes <-> 1 pkts/89 bytes] - 40 TCP 192.168.1.100:3486 <-> 199.38.164.156:443 [proto: 91/SSL][2 pkts/108 bytes <-> 2 pkts/120 bytes] + 31 TCP 192.168.1.100:3479 <-> 2.228.46.114:443 [proto: 91/SSL][cat: Web/5][2 pkts/108 bytes <-> 2 pkts/167 bytes] + 32 TCP 192.168.1.100:3480 <-> 2.228.46.114:443 [proto: 91/SSL][cat: Web/5][2 pkts/108 bytes <-> 2 pkts/167 bytes] + 33 TCP 192.168.1.100:3481 <-> 2.228.46.114:443 [proto: 91/SSL][cat: Web/5][2 pkts/108 bytes <-> 2 pkts/167 bytes] + 34 TCP 192.168.1.100:3482 <-> 2.228.46.114:443 [proto: 91/SSL][cat: Web/5][2 pkts/108 bytes <-> 2 pkts/167 bytes] + 35 TCP 192.168.1.100:3489 <-> 2.228.46.104:443 [proto: 91/SSL][cat: Web/5][2 pkts/108 bytes <-> 2 pkts/167 bytes] + 36 TCP 192.168.1.100:3490 <-> 2.228.46.104:443 [proto: 91/SSL][cat: Web/5][2 pkts/108 bytes <-> 2 pkts/167 bytes] + 37 TCP 192.168.1.100:3491 <-> 2.228.46.104:443 [proto: 91/SSL][cat: Web/5][2 pkts/108 bytes <-> 2 pkts/167 bytes] + 38 TCP 192.168.1.100:3492 <-> 2.228.46.104:443 [proto: 91/SSL][cat: Web/5][2 pkts/108 bytes <-> 2 pkts/167 bytes] + 39 TCP 192.30.252.91:443 <-> 192.168.1.100:3213 [proto: 91.203/SSL.Github][cat: Collaborative/15][2 pkts/145 bytes <-> 1 pkts/89 bytes] + 40 TCP 192.168.1.100:3486 <-> 199.38.164.156:443 [proto: 91/SSL][cat: Web/5][2 pkts/108 bytes <-> 2 pkts/120 bytes] 41 UDP 192.168.1.100:58844 <-> 192.168.1.254:53 [proto: 5/DNS][cat: Network/14][1 pkts/86 bytes <-> 1 pkts/124 bytes][Host: 40.186.239.80.in-addr.arpa] - 42 TCP 192.168.1.100:3484 <-> 173.194.113.224:443 [proto: 91.126/SSL.Google][2 pkts/108 bytes <-> 1 pkts/60 bytes] - 43 TCP 192.168.1.100:2759 <-> 64.233.184.188:5228 [proto: 126/Google][1 pkts/55 bytes <-> 1 pkts/66 bytes] - 44 TCP 192.168.1.100:3052 <-> 216.58.212.110:443 [proto: 91.126/SSL.Google][1 pkts/55 bytes <-> 1 pkts/66 bytes] + 42 TCP 192.168.1.100:3484 <-> 173.194.113.224:443 [proto: 91.126/SSL.Google][cat: Web/5][2 pkts/108 bytes <-> 1 pkts/60 bytes] + 43 TCP 192.168.1.100:2759 <-> 64.233.184.188:5228 [proto: 126/Google][cat: Web/5][1 pkts/55 bytes <-> 1 pkts/66 bytes] + 44 TCP 192.168.1.100:3052 <-> 216.58.212.110:443 [proto: 91.126/SSL.Google][cat: Web/5][1 pkts/55 bytes <-> 1 pkts/66 bytes] 45 IGMP 192.168.1.107:0 -> 224.0.0.22:0 [proto: 82/IGMP][cat: Network/14][2 pkts/120 bytes -> 0 pkts/0 bytes] - 46 UDP 192.168.1.100:53146 <-> 5.42.180.154:1119 [proto: 213/Starcraft][1 pkts/44 bytes <-> 1 pkts/60 bytes] - 47 UDP 192.168.1.100:53146 <-> 62.115.246.51:1119 [proto: 213/Starcraft][1 pkts/44 bytes <-> 1 pkts/60 bytes] - 48 UDP 192.168.1.100:6113 <-> 213.248.127.166:1119 [proto: 213/Starcraft][1 pkts/43 bytes <-> 1 pkts/60 bytes] - 49 UDP 192.168.1.100:6113 <-> 213.248.127.212:1119 [proto: 213/Starcraft][1 pkts/43 bytes <-> 1 pkts/60 bytes] - 50 TCP 192.168.1.100:3534 -> 2.228.46.112:80 [proto: 7/HTTP][1 pkts/66 bytes -> 0 pkts/0 bytes] - 51 TCP 80.239.186.26:443 -> 192.168.1.100:3476 [proto: 91/SSL][1 pkts/60 bytes -> 0 pkts/0 bytes] - 52 TCP 80.239.186.40:443 -> 192.168.1.100:3478 [proto: 91/SSL][1 pkts/60 bytes -> 0 pkts/0 bytes] + 46 UDP 192.168.1.100:53146 <-> 5.42.180.154:1119 [proto: 213/Starcraft][cat: Game/8][1 pkts/44 bytes <-> 1 pkts/60 bytes] + 47 UDP 192.168.1.100:53146 <-> 62.115.246.51:1119 [proto: 213/Starcraft][cat: Game/8][1 pkts/44 bytes <-> 1 pkts/60 bytes] + 48 UDP 192.168.1.100:6113 <-> 213.248.127.166:1119 [proto: 213/Starcraft][cat: Game/8][1 pkts/43 bytes <-> 1 pkts/60 bytes] + 49 UDP 192.168.1.100:6113 <-> 213.248.127.212:1119 [proto: 213/Starcraft][cat: Game/8][1 pkts/43 bytes <-> 1 pkts/60 bytes] + 50 TCP 192.168.1.100:3534 -> 2.228.46.112:80 [proto: 7/HTTP][cat: Web/5][1 pkts/66 bytes -> 0 pkts/0 bytes] + 51 TCP 80.239.186.26:443 -> 192.168.1.100:3476 [proto: 91/SSL][cat: Web/5][1 pkts/60 bytes -> 0 pkts/0 bytes] + 52 TCP 80.239.186.40:443 -> 192.168.1.100:3478 [proto: 91/SSL][cat: Web/5][1 pkts/60 bytes -> 0 pkts/0 bytes] diff --git a/tests/result/teredo.pcap.out b/tests/result/teredo.pcap.out index 55dc2932c..24be9ebb2 100644 --- a/tests/result/teredo.pcap.out +++ b/tests/result/teredo.pcap.out @@ -1,7 +1,7 @@ Teredo 24 2574 5 - 1 UDP 10.112.16.67:51812 <-> 194.136.28.76:3544 [proto: 214/Teredo][10 pkts/930 bytes <-> 4 pkts/374 bytes] - 2 UDP 10.112.16.106:52513 <-> 194.136.28.76:3544 [proto: 214/Teredo][2 pkts/206 bytes <-> 2 pkts/302 bytes] - 3 UDP 10.112.16.64:56154 <-> 194.136.28.76:3544 [proto: 214/Teredo][1 pkts/103 bytes <-> 1 pkts/151 bytes] - 4 UDP 10.112.16.89:60381 <-> 194.136.28.76:3544 [proto: 214/Teredo][1 pkts/103 bytes <-> 1 pkts/151 bytes] - 5 UDP 10.112.16.92:63448 <-> 194.136.28.76:3544 [proto: 214/Teredo][1 pkts/103 bytes <-> 1 pkts/151 bytes] + 1 UDP 10.112.16.67:51812 <-> 194.136.28.76:3544 [proto: 214/Teredo][cat: Network/14][10 pkts/930 bytes <-> 4 pkts/374 bytes] + 2 UDP 10.112.16.106:52513 <-> 194.136.28.76:3544 [proto: 214/Teredo][cat: Network/14][2 pkts/206 bytes <-> 2 pkts/302 bytes] + 3 UDP 10.112.16.64:56154 <-> 194.136.28.76:3544 [proto: 214/Teredo][cat: Network/14][1 pkts/103 bytes <-> 1 pkts/151 bytes] + 4 UDP 10.112.16.89:60381 <-> 194.136.28.76:3544 [proto: 214/Teredo][cat: Network/14][1 pkts/103 bytes <-> 1 pkts/151 bytes] + 5 UDP 10.112.16.92:63448 <-> 194.136.28.76:3544 [proto: 214/Teredo][cat: Network/14][1 pkts/103 bytes <-> 1 pkts/151 bytes] diff --git a/tests/result/tor.pcap.out b/tests/result/tor.pcap.out index 2cd7fd1da..69b7d3e71 100644 --- a/tests/result/tor.pcap.out +++ b/tests/result/tor.pcap.out @@ -14,4 +14,4 @@ Tor 3676 3014362 7 8 UDP 192.168.1.1:17500 -> 192.168.1.255:17500 [proto: 121/Dropbox][cat: Cloud/13][10 pkts/1860 bytes -> 0 pkts/0 bytes] 9 UDP [fe80::c583:1972:5728:7323]:546 -> [ff02::1:2]:547 [proto: 103/DHCPV6][cat: Network/14][6 pkts/906 bytes -> 0 pkts/0 bytes] 10 UDP 192.168.1.252:138 -> 192.168.1.255:138 [proto: 10/NetBIOS][cat: System/18][1 pkts/252 bytes -> 0 pkts/0 bytes] - 11 TCP 192.168.1.252:51104 -> 157.56.30.46:443 [proto: 91/SSL][1 pkts/60 bytes -> 0 pkts/0 bytes] + 11 TCP 192.168.1.252:51104 -> 157.56.30.46:443 [proto: 91/SSL][cat: Web/5][1 pkts/60 bytes -> 0 pkts/0 bytes] diff --git a/tests/result/viber.pcap.out b/tests/result/viber.pcap.out index 5d2f07f10..738169827 100644 --- a/tests/result/viber.pcap.out +++ b/tests/result/viber.pcap.out @@ -11,17 +11,17 @@ QUIC 3 194 1 1 TCP 192.168.0.17:53934 <-> 54.230.93.53:443 [proto: 91.144/SSL.Viber][cat: Chat/9][43 pkts/4571 bytes <-> 46 pkts/60087 bytes][client: dl-media.viber.com][server: *.viber.com] 2 TCP 192.168.0.17:57520 <-> 54.230.93.96:443 [proto: 91.144/SSL.Viber][cat: Chat/9][12 pkts/1848 bytes <-> 12 pkts/9317 bytes][client: media.cdn.viber.com][server: *.cdn.viber.com] 3 TCP 192.168.0.17:49048 <-> 54.187.91.182:443 [proto: 91/SSL][cat: Web/5][13 pkts/2823 bytes <-> 14 pkts/6552 bytes][client: brahe.apptimize.com][server: *.apptimize.com] - 4 TCP 192.168.0.17:33208 <-> 52.0.253.101:4244 [proto: 144/Viber][32 pkts/6563 bytes <-> 26 pkts/2782 bytes] + 4 TCP 192.168.0.17:33208 <-> 52.0.253.101:4244 [proto: 144/Viber][cat: Chat/9][32 pkts/6563 bytes <-> 26 pkts/2782 bytes] 5 TCP 192.168.0.17:43702 <-> 172.217.23.78:443 [proto: 91/SSL][cat: Web/5][15 pkts/5339 bytes <-> 12 pkts/3436 bytes][client: app-measurement.com] 6 TCP 192.168.0.17:36986 <-> 54.69.166.226:443 [proto: 91/SSL][cat: Web/5][11 pkts/1437 bytes <-> 11 pkts/6412 bytes][client: mapi.apptimize.com][server: *.apptimize.com] 7 TCP 192.168.0.17:55746 <-> 151.101.1.130:443 [proto: 91/SSL][cat: Web/5][10 pkts/1534 bytes <-> 9 pkts/6239 bytes][client: venetia.iad.appboy.com][server: y.ssl.fastly.net] 8 TCP 192.168.0.17:36988 <-> 54.69.166.226:443 [proto: 91/SSL][cat: Web/5][11 pkts/1462 bytes <-> 11 pkts/6163 bytes][client: mapi.apptimize.com][server: *.apptimize.com] - 9 UDP 192.168.0.17:47171 <-> 18.201.4.32:7985 [proto: 144/Viber][24 pkts/5035 bytes <-> 22 pkts/2302 bytes] - 10 UDP 192.168.0.17:38190 <-> 18.201.4.3:7985 [proto: 144/Viber][25 pkts/4344 bytes <-> 18 pkts/1872 bytes] + 9 UDP 192.168.0.17:47171 <-> 18.201.4.32:7985 [proto: 144/Viber][cat: Chat/9][24 pkts/5035 bytes <-> 22 pkts/2302 bytes] + 10 UDP 192.168.0.17:38190 <-> 18.201.4.3:7985 [proto: 144/Viber][cat: Chat/9][25 pkts/4344 bytes <-> 18 pkts/1872 bytes] 11 ICMP 192.168.0.17:0 <-> 192.168.0.15:0 [proto: 81/ICMP][cat: Network/14][1 pkts/1514 bytes <-> 1 pkts/1514 bytes] 12 UDP 192.168.0.17:62872 <-> 192.168.0.15:53 [proto: 5/DNS][cat: Network/14][1 pkts/78 bytes <-> 1 pkts/373 bytes][Host: mapi.apptimize.com] - 13 TCP 192.168.0.17:33744 <-> 18.201.4.3:443 [proto: 91/SSL][4 pkts/272 bytes <-> 2 pkts/140 bytes] - 14 TCP 192.168.0.17:45424 <-> 18.201.4.32:443 [proto: 91/SSL][4 pkts/272 bytes <-> 2 pkts/140 bytes] + 13 TCP 192.168.0.17:33744 <-> 18.201.4.3:443 [proto: 91/SSL][cat: Web/5][4 pkts/272 bytes <-> 2 pkts/140 bytes] + 14 TCP 192.168.0.17:45424 <-> 18.201.4.32:443 [proto: 91/SSL][cat: Web/5][4 pkts/272 bytes <-> 2 pkts/140 bytes] 15 UDP 192.168.0.17:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network/14][4 pkts/412 bytes -> 0 pkts/0 bytes] 16 UDP 192.168.0.17:35283 <-> 192.168.0.15:53 [proto: 5/DNS][cat: Network/14][1 pkts/74 bytes <-> 1 pkts/303 bytes][Host: app.adjust.com] 17 UDP 192.168.0.17:45743 <-> 192.168.0.15:53 [proto: 5.119/DNS.Facebook][cat: SocialNetwork/6][1 pkts/78 bytes <-> 1 pkts/203 bytes][Host: graph.facebook.com] @@ -32,5 +32,5 @@ QUIC 3 194 1 22 UDP 192.168.0.17:35331 <-> 192.168.0.15:53 [proto: 5/DNS][cat: Network/14][1 pkts/79 bytes <-> 1 pkts/95 bytes][Host: app-measurement.com] 23 UDP 192.168.0.17:50097 <-> 192.168.0.15:53 [proto: 5.126/DNS.Google][cat: Web/5][1 pkts/74 bytes <-> 1 pkts/90 bytes][Host: www.google.com] 24 ICMPV6 [fe80::3207:4dff:fea3:5fa7]:0 -> [ff02::2]:0 [proto: 102/ICMPV6][cat: Network/14][2 pkts/140 bytes -> 0 pkts/0 bytes] - 25 UDP 192.168.0.17:38190 <-> 18.201.4.3:7987 [proto: 144/Viber][1 pkts/76 bytes <-> 1 pkts/62 bytes] - 26 UDP 192.168.0.17:47171 <-> 18.201.4.32:7987 [proto: 144/Viber][1 pkts/76 bytes <-> 1 pkts/62 bytes] + 25 UDP 192.168.0.17:38190 <-> 18.201.4.3:7987 [proto: 144/Viber][cat: Chat/9][1 pkts/76 bytes <-> 1 pkts/62 bytes] + 26 UDP 192.168.0.17:47171 <-> 18.201.4.32:7987 [proto: 144/Viber][cat: Chat/9][1 pkts/76 bytes <-> 1 pkts/62 bytes] diff --git a/tests/result/waze.pcap.out b/tests/result/waze.pcap.out index 8bf4d88fc..5b183ea2c 100644 --- a/tests/result/waze.pcap.out +++ b/tests/result/waze.pcap.out @@ -29,15 +29,15 @@ WhatsApp 15 1341 1 20 TCP 10.8.0.1:45552 <-> 54.230.227.172:80 [proto: 7.135/HTTP.Waze][cat: Web/5][7 pkts/552 bytes <-> 7 pkts/771 bytes][Host: cres.waze.com] 21 TCP 10.8.0.1:45554 <-> 54.230.227.172:80 [proto: 7.135/HTTP.Waze][cat: Web/5][7 pkts/550 bytes <-> 7 pkts/769 bytes][Host: cres.waze.com] 22 TCP 10.8.0.1:45540 <-> 54.230.227.172:80 [proto: 7.135/HTTP.Waze][cat: Web/5][7 pkts/553 bytes <-> 7 pkts/733 bytes][Host: roadshields.waze.com] - 23 TCP 10.16.37.157:41823 <-> 200.160.4.49:80 [proto: 7/HTTP][2 pkts/120 bytes <-> 2 pkts/108 bytes] - 24 TCP 10.16.37.157:43991 <-> 200.160.4.31:80 [proto: 7/HTTP][2 pkts/120 bytes <-> 2 pkts/108 bytes] - 25 TCP 10.16.37.157:46473 <-> 200.160.4.49:80 [proto: 7/HTTP][2 pkts/120 bytes <-> 2 pkts/108 bytes] - 26 TCP 10.16.37.157:52746 <-> 200.160.4.49:80 [proto: 7/HTTP][2 pkts/120 bytes <-> 2 pkts/108 bytes] - 27 TCP 10.16.37.157:52953 <-> 200.160.4.49:80 [proto: 7/HTTP][2 pkts/120 bytes <-> 2 pkts/108 bytes] - 28 TCP 10.8.0.1:43089 <-> 200.160.4.198:443 [proto: 91/SSL][2 pkts/108 bytes <-> 2 pkts/108 bytes] - 29 TCP 10.8.0.1:45169 <-> 200.160.4.198:80 [proto: 7/HTTP][2 pkts/108 bytes <-> 2 pkts/108 bytes] - 30 TCP 10.8.0.1:60479 <-> 200.160.4.49:443 [proto: 91/SSL][2 pkts/108 bytes <-> 2 pkts/108 bytes] - 31 TCP 10.8.0.1:60574 <-> 200.160.4.49:80 [proto: 7/HTTP][2 pkts/108 bytes <-> 2 pkts/108 bytes] + 23 TCP 10.16.37.157:41823 <-> 200.160.4.49:80 [proto: 7/HTTP][cat: Web/5][2 pkts/120 bytes <-> 2 pkts/108 bytes] + 24 TCP 10.16.37.157:43991 <-> 200.160.4.31:80 [proto: 7/HTTP][cat: Web/5][2 pkts/120 bytes <-> 2 pkts/108 bytes] + 25 TCP 10.16.37.157:46473 <-> 200.160.4.49:80 [proto: 7/HTTP][cat: Web/5][2 pkts/120 bytes <-> 2 pkts/108 bytes] + 26 TCP 10.16.37.157:52746 <-> 200.160.4.49:80 [proto: 7/HTTP][cat: Web/5][2 pkts/120 bytes <-> 2 pkts/108 bytes] + 27 TCP 10.16.37.157:52953 <-> 200.160.4.49:80 [proto: 7/HTTP][cat: Web/5][2 pkts/120 bytes <-> 2 pkts/108 bytes] + 28 TCP 10.8.0.1:43089 <-> 200.160.4.198:443 [proto: 91/SSL][cat: Web/5][2 pkts/108 bytes <-> 2 pkts/108 bytes] + 29 TCP 10.8.0.1:45169 <-> 200.160.4.198:80 [proto: 7/HTTP][cat: Web/5][2 pkts/108 bytes <-> 2 pkts/108 bytes] + 30 TCP 10.8.0.1:60479 <-> 200.160.4.49:443 [proto: 91/SSL][cat: Web/5][2 pkts/108 bytes <-> 2 pkts/108 bytes] + 31 TCP 10.8.0.1:60574 <-> 200.160.4.49:80 [proto: 7/HTTP][cat: Web/5][2 pkts/108 bytes <-> 2 pkts/108 bytes] 32 UDP 10.8.0.1:46214 <-> 200.89.75.198:123 [proto: 9/NTP][cat: System/18][1 pkts/90 bytes <-> 1 pkts/90 bytes] diff --git a/tests/result/webex.pcap.out b/tests/result/webex.pcap.out index ecd0f6432..71fb528d1 100644 --- a/tests/result/webex.pcap.out +++ b/tests/result/webex.pcap.out @@ -43,23 +43,23 @@ Amazon 3 174 1 35 TCP 10.8.0.1:59756 <-> 78.46.237.91:80 [proto: 7/HTTP][cat: Web/5][6 pkts/970 bytes <-> 6 pkts/821 bytes][Host: cp.pushwoosh.com] 36 TCP 10.8.0.1:33559 <-> 80.74.110.68:443 [proto: 64/SSL_No_Cert][cat: Web/5][7 pkts/1280 bytes <-> 6 pkts/453 bytes] 37 TCP 10.8.0.1:59757 <-> 78.46.237.91:80 [proto: 7/HTTP][cat: Web/5][5 pkts/624 bytes <-> 5 pkts/767 bytes][Host: cp.pushwoosh.com] - 38 UDP 10.8.0.1:51772 <-> 62.109.229.158:9000 [proto: 141/Webex][14 pkts/1071 bytes <-> 2 pkts/100 bytes] + 38 UDP 10.8.0.1:51772 <-> 62.109.229.158:9000 [proto: 141/Webex][cat: VoIP/10][14 pkts/1071 bytes <-> 2 pkts/100 bytes] 39 TCP 10.8.0.1:41350 <-> 64.68.105.103:443 [proto: 91.141/SSL.Webex][cat: VoIP/10][6 pkts/614 bytes <-> 5 pkts/399 bytes][client: radcom.webex.com] 40 TCP 10.8.0.1:41351 <-> 64.68.105.103:443 [proto: 91.141/SSL.Webex][cat: VoIP/10][5 pkts/560 bytes <-> 4 pkts/345 bytes][client: radcom.webex.com] - 41 TCP 10.8.0.1:51190 <-> 62.109.224.120:443 [proto: 91.141/SSL.Webex][7 pkts/501 bytes <-> 4 pkts/216 bytes] - 42 TCP 10.8.0.1:37139 <-> 64.68.105.98:443 [proto: 91.141/SSL.Webex][6 pkts/427 bytes <-> 5 pkts/270 bytes] - 43 TCP 10.8.0.1:41394 <-> 64.68.105.103:443 [proto: 91.141/SSL.Webex][6 pkts/427 bytes <-> 5 pkts/270 bytes] - 44 TCP 10.8.0.1:41757 <-> 114.29.213.212:443 [proto: 91.141/SSL.Webex][6 pkts/427 bytes <-> 5 pkts/270 bytes] - 45 TCP 10.8.0.1:47135 <-> 114.29.202.139:443 [proto: 91.141/SSL.Webex][6 pkts/427 bytes <-> 5 pkts/270 bytes] - 46 TCP 10.8.0.1:51134 <-> 62.109.224.120:443 [proto: 91.141/SSL.Webex][6 pkts/427 bytes <-> 5 pkts/270 bytes] - 47 TCP 10.8.0.1:51135 <-> 62.109.224.120:443 [proto: 91.141/SSL.Webex][6 pkts/427 bytes <-> 5 pkts/270 bytes] - 48 TCP 10.8.0.1:51676 <-> 114.29.204.49:443 [proto: 91.141/SSL.Webex][6 pkts/427 bytes <-> 5 pkts/270 bytes] - 49 TCP 10.8.0.1:33511 <-> 80.74.110.68:443 [proto: 91/SSL][4 pkts/452 bytes <-> 4 pkts/216 bytes] - 50 TCP 10.8.0.1:51833 <-> 62.109.229.158:443 [proto: 91.141/SSL.Webex][4 pkts/423 bytes <-> 4 pkts/216 bytes] - 51 TCP 10.8.0.1:51839 <-> 62.109.229.158:443 [proto: 91.141/SSL.Webex][4 pkts/423 bytes <-> 4 pkts/216 bytes] - 52 TCP 10.8.0.1:41726 <-> 114.29.213.212:443 [proto: 91.141/SSL.Webex][4 pkts/299 bytes <-> 4 pkts/216 bytes] - 53 TCP 10.8.0.1:51195 <-> 62.109.224.120:443 [proto: 91.141/SSL.Webex][3 pkts/245 bytes <-> 2 pkts/108 bytes] - 54 TCP 10.133.206.47:33459 <-> 80.74.110.68:443 [proto: 91/SSL][3 pkts/209 bytes <-> 2 pkts/108 bytes] - 55 TCP 10.8.0.1:51859 <-> 62.109.229.158:443 [proto: 91.141/SSL.Webex][2 pkts/128 bytes <-> 1 pkts/54 bytes] - 56 TCP 10.133.206.47:54651 <-> 185.63.147.10:443 [proto: 91/SSL][1 pkts/66 bytes <-> 2 pkts/108 bytes] - 57 TCP 10.133.206.47:59447 <-> 107.20.242.44:443 [proto: 91.178/SSL.Amazon][1 pkts/66 bytes <-> 2 pkts/108 bytes] + 41 TCP 10.8.0.1:51190 <-> 62.109.224.120:443 [proto: 91.141/SSL.Webex][cat: VoIP/10][7 pkts/501 bytes <-> 4 pkts/216 bytes] + 42 TCP 10.8.0.1:37139 <-> 64.68.105.98:443 [proto: 91.141/SSL.Webex][cat: VoIP/10][6 pkts/427 bytes <-> 5 pkts/270 bytes] + 43 TCP 10.8.0.1:41394 <-> 64.68.105.103:443 [proto: 91.141/SSL.Webex][cat: VoIP/10][6 pkts/427 bytes <-> 5 pkts/270 bytes] + 44 TCP 10.8.0.1:41757 <-> 114.29.213.212:443 [proto: 91.141/SSL.Webex][cat: VoIP/10][6 pkts/427 bytes <-> 5 pkts/270 bytes] + 45 TCP 10.8.0.1:47135 <-> 114.29.202.139:443 [proto: 91.141/SSL.Webex][cat: VoIP/10][6 pkts/427 bytes <-> 5 pkts/270 bytes] + 46 TCP 10.8.0.1:51134 <-> 62.109.224.120:443 [proto: 91.141/SSL.Webex][cat: VoIP/10][6 pkts/427 bytes <-> 5 pkts/270 bytes] + 47 TCP 10.8.0.1:51135 <-> 62.109.224.120:443 [proto: 91.141/SSL.Webex][cat: VoIP/10][6 pkts/427 bytes <-> 5 pkts/270 bytes] + 48 TCP 10.8.0.1:51676 <-> 114.29.204.49:443 [proto: 91.141/SSL.Webex][cat: VoIP/10][6 pkts/427 bytes <-> 5 pkts/270 bytes] + 49 TCP 10.8.0.1:33511 <-> 80.74.110.68:443 [proto: 91/SSL][cat: Web/5][4 pkts/452 bytes <-> 4 pkts/216 bytes] + 50 TCP 10.8.0.1:51833 <-> 62.109.229.158:443 [proto: 91.141/SSL.Webex][cat: VoIP/10][4 pkts/423 bytes <-> 4 pkts/216 bytes] + 51 TCP 10.8.0.1:51839 <-> 62.109.229.158:443 [proto: 91.141/SSL.Webex][cat: VoIP/10][4 pkts/423 bytes <-> 4 pkts/216 bytes] + 52 TCP 10.8.0.1:41726 <-> 114.29.213.212:443 [proto: 91.141/SSL.Webex][cat: VoIP/10][4 pkts/299 bytes <-> 4 pkts/216 bytes] + 53 TCP 10.8.0.1:51195 <-> 62.109.224.120:443 [proto: 91.141/SSL.Webex][cat: VoIP/10][3 pkts/245 bytes <-> 2 pkts/108 bytes] + 54 TCP 10.133.206.47:33459 <-> 80.74.110.68:443 [proto: 91/SSL][cat: Web/5][3 pkts/209 bytes <-> 2 pkts/108 bytes] + 55 TCP 10.8.0.1:51859 <-> 62.109.229.158:443 [proto: 91.141/SSL.Webex][cat: VoIP/10][2 pkts/128 bytes <-> 1 pkts/54 bytes] + 56 TCP 10.133.206.47:54651 <-> 185.63.147.10:443 [proto: 91/SSL][cat: Web/5][1 pkts/66 bytes <-> 2 pkts/108 bytes] + 57 TCP 10.133.206.47:59447 <-> 107.20.242.44:443 [proto: 91.178/SSL.Amazon][cat: Web/5][1 pkts/66 bytes <-> 2 pkts/108 bytes] diff --git a/tests/result/wechat.pcap.out b/tests/result/wechat.pcap.out index b9c7c3de0..92c6852e0 100644 --- a/tests/result/wechat.pcap.out +++ b/tests/result/wechat.pcap.out @@ -13,7 +13,7 @@ LLMNR 12 944 6 WeChat 1251 606425 49 GoogleDocs 15 5114 2 - 1 TCP 203.205.151.162:443 <-> 192.168.1.103:54058 [proto: 91.197/SSL.WeChat][88 pkts/15114 bytes <-> 91 pkts/61842 bytes] + 1 TCP 203.205.151.162:443 <-> 192.168.1.103:54058 [proto: 91.197/SSL.WeChat][cat: Chat/9][88 pkts/15114 bytes <-> 91 pkts/61842 bytes] 2 TCP 192.168.1.103:54101 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: Chat/9][46 pkts/12575 bytes <-> 40 pkts/53424 bytes][client: web.wechat.com][server: web.wechat.com] 3 TCP 192.168.1.103:54103 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: Chat/9][50 pkts/23958 bytes <-> 46 pkts/39684 bytes][client: web.wechat.com][server: web.wechat.com] 4 TCP 192.168.1.103:54113 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: Chat/9][38 pkts/8933 bytes <-> 35 pkts/35112 bytes][client: web.wechat.com][server: web.wechat.com] @@ -47,46 +47,46 @@ GoogleDocs 15 5114 2 32 UDP [fe80::7a92:9cff:fe0f:a88e]:5353 -> [ff02::fb]:5353 [proto: 8/MDNS][cat: Network/14][44 pkts/4488 bytes -> 0 pkts/0 bytes] 33 UDP 192.168.1.103:35601 <-> 172.217.23.67:443 [proto: 188.126/QUIC.Google][cat: Web/5][5 pkts/2035 bytes <-> 5 pkts/1937 bytes][Host: ssl.gstatic.com] 34 UDP 192.168.1.103:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network/14][44 pkts/3608 bytes -> 0 pkts/0 bytes] - 35 TCP 192.168.1.103:54183 -> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][2 pkts/2508 bytes -> 0 pkts/0 bytes] + 35 TCP 192.168.1.103:54183 -> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: Chat/9][2 pkts/2508 bytes -> 0 pkts/0 bytes] 36 UDP [fe80::91f9:3df3:7436:6cd6]:5353 -> [ff02::fb]:5353 [proto: 8/MDNS][cat: Network/14][14 pkts/1428 bytes -> 0 pkts/0 bytes] - 37 TCP 192.168.1.103:36017 <-> 64.233.167.188:5228 [proto: 126/Google][10 pkts/660 bytes <-> 10 pkts/660 bytes] + 37 TCP 192.168.1.103:36017 <-> 64.233.167.188:5228 [proto: 126/Google][cat: Web/5][10 pkts/660 bytes <-> 10 pkts/660 bytes] 38 UDP 192.168.1.100:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network/14][14 pkts/1148 bytes -> 0 pkts/0 bytes] - 39 TCP 192.168.1.103:58039 <-> 203.205.147.171:443 [proto: 91.197/SSL.WeChat][13 pkts/866 bytes <-> 4 pkts/280 bytes] - 40 TCP 192.168.1.103:58143 -> 216.58.205.131:443 [proto: 91.126/SSL.Google][3 pkts/1078 bytes -> 0 pkts/0 bytes] - 41 TCP 203.205.151.162:443 <-> 192.168.1.103:54084 [proto: 91.197/SSL.WeChat][3 pkts/802 bytes <-> 3 pkts/198 bytes] + 39 TCP 192.168.1.103:58039 <-> 203.205.147.171:443 [proto: 91.197/SSL.WeChat][cat: Chat/9][13 pkts/866 bytes <-> 4 pkts/280 bytes] + 40 TCP 192.168.1.103:58143 -> 216.58.205.131:443 [proto: 91.126/SSL.Google][cat: Web/5][3 pkts/1078 bytes -> 0 pkts/0 bytes] + 41 TCP 203.205.151.162:443 <-> 192.168.1.103:54084 [proto: 91.197/SSL.WeChat][cat: Chat/9][3 pkts/802 bytes <-> 3 pkts/198 bytes] 42 UDP 192.168.1.100:137 -> 192.168.1.255:137 [proto: 10/NetBIOS][cat: System/18][9 pkts/828 bytes -> 0 pkts/0 bytes] 43 IGMP 192.168.1.100:0 -> 224.0.0.22:0 [proto: 82/IGMP][cat: Network/14][15 pkts/810 bytes -> 0 pkts/0 bytes] 44 UDP 192.168.1.100:138 -> 192.168.1.255:138 [proto: 10/NetBIOS][cat: System/18][3 pkts/751 bytes -> 0 pkts/0 bytes] - 45 TCP 192.168.1.103:54112 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][5 pkts/338 bytes <-> 4 pkts/280 bytes] - 46 TCP 192.168.1.103:54114 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][5 pkts/338 bytes <-> 4 pkts/280 bytes] + 45 TCP 192.168.1.103:54112 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: Chat/9][5 pkts/338 bytes <-> 4 pkts/280 bytes] + 46 TCP 192.168.1.103:54114 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: Chat/9][5 pkts/338 bytes <-> 4 pkts/280 bytes] 47 UDP 192.168.1.103:19041 <-> 192.168.1.254:53 [proto: 5.48/DNS.QQ][cat: Chat/9][1 pkts/73 bytes <-> 1 pkts/537 bytes][Host: res.wx.qq.com] - 48 TCP 192.168.1.103:34981 -> 95.101.34.33:80 [proto: 7/HTTP][9 pkts/594 bytes -> 0 pkts/0 bytes] - 49 TCP 192.168.1.103:34996 -> 95.101.34.33:80 [proto: 7/HTTP][9 pkts/594 bytes -> 0 pkts/0 bytes] - 50 TCP 192.168.1.103:34999 -> 95.101.34.33:80 [proto: 7/HTTP][9 pkts/594 bytes -> 0 pkts/0 bytes] - 51 TCP 192.168.1.103:35000 -> 95.101.34.33:80 [proto: 7/HTTP][9 pkts/594 bytes -> 0 pkts/0 bytes] - 52 TCP 192.168.1.103:39207 -> 95.101.34.34:80 [proto: 7/HTTP][9 pkts/594 bytes -> 0 pkts/0 bytes] - 53 TCP 192.168.1.103:39231 -> 95.101.34.34:80 [proto: 7/HTTP][9 pkts/594 bytes -> 0 pkts/0 bytes] - 54 TCP 192.168.1.103:53220 <-> 172.217.23.78:443 [proto: 91.126/SSL.Google][4 pkts/264 bytes <-> 4 pkts/319 bytes] - 55 TCP 192.168.1.103:54093 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][5 pkts/338 bytes <-> 3 pkts/214 bytes] - 56 TCP 192.168.1.103:58037 <-> 203.205.147.171:443 [proto: 91.197/SSL.WeChat][5 pkts/338 bytes <-> 3 pkts/214 bytes] - 57 TCP 192.168.1.103:39195 -> 95.101.34.34:80 [proto: 7/HTTP][8 pkts/528 bytes -> 0 pkts/0 bytes] - 58 TCP 192.168.1.103:52020 -> 95.101.180.179:80 [proto: 7/HTTP][8 pkts/528 bytes -> 0 pkts/0 bytes] - 59 TCP 192.168.1.103:43851 <-> 203.205.158.34:443 [proto: 91/SSL][5 pkts/290 bytes <-> 4 pkts/234 bytes] - 60 TCP 192.168.1.103:47627 <-> 216.58.205.78:443 [proto: 91.126/SSL.Google][3 pkts/198 bytes <-> 4 pkts/319 bytes] - 61 TCP 192.168.1.103:40740 <-> 203.205.151.211:443 [proto: 91/SSL][4 pkts/216 bytes <-> 4 pkts/253 bytes] + 48 TCP 192.168.1.103:34981 -> 95.101.34.33:80 [proto: 7/HTTP][cat: Web/5][9 pkts/594 bytes -> 0 pkts/0 bytes] + 49 TCP 192.168.1.103:34996 -> 95.101.34.33:80 [proto: 7/HTTP][cat: Web/5][9 pkts/594 bytes -> 0 pkts/0 bytes] + 50 TCP 192.168.1.103:34999 -> 95.101.34.33:80 [proto: 7/HTTP][cat: Web/5][9 pkts/594 bytes -> 0 pkts/0 bytes] + 51 TCP 192.168.1.103:35000 -> 95.101.34.33:80 [proto: 7/HTTP][cat: Web/5][9 pkts/594 bytes -> 0 pkts/0 bytes] + 52 TCP 192.168.1.103:39207 -> 95.101.34.34:80 [proto: 7/HTTP][cat: Web/5][9 pkts/594 bytes -> 0 pkts/0 bytes] + 53 TCP 192.168.1.103:39231 -> 95.101.34.34:80 [proto: 7/HTTP][cat: Web/5][9 pkts/594 bytes -> 0 pkts/0 bytes] + 54 TCP 192.168.1.103:53220 <-> 172.217.23.78:443 [proto: 91.126/SSL.Google][cat: Web/5][4 pkts/264 bytes <-> 4 pkts/319 bytes] + 55 TCP 192.168.1.103:54093 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: Chat/9][5 pkts/338 bytes <-> 3 pkts/214 bytes] + 56 TCP 192.168.1.103:58037 <-> 203.205.147.171:443 [proto: 91.197/SSL.WeChat][cat: Chat/9][5 pkts/338 bytes <-> 3 pkts/214 bytes] + 57 TCP 192.168.1.103:39195 -> 95.101.34.34:80 [proto: 7/HTTP][cat: Web/5][8 pkts/528 bytes -> 0 pkts/0 bytes] + 58 TCP 192.168.1.103:52020 -> 95.101.180.179:80 [proto: 7/HTTP][cat: Web/5][8 pkts/528 bytes -> 0 pkts/0 bytes] + 59 TCP 192.168.1.103:43851 <-> 203.205.158.34:443 [proto: 91/SSL][cat: Web/5][5 pkts/290 bytes <-> 4 pkts/234 bytes] + 60 TCP 192.168.1.103:47627 <-> 216.58.205.78:443 [proto: 91.126/SSL.Google][cat: Web/5][3 pkts/198 bytes <-> 4 pkts/319 bytes] + 61 TCP 192.168.1.103:40740 <-> 203.205.151.211:443 [proto: 91/SSL][cat: Web/5][4 pkts/216 bytes <-> 4 pkts/253 bytes] 62 UDP 192.168.1.103:60356 <-> 192.168.1.254:53 [proto: 5.197/DNS.WeChat][cat: Chat/9][1 pkts/74 bytes <-> 1 pkts/391 bytes][Host: web.wechat.com] - 63 TCP 192.168.1.103:49787 <-> 216.58.205.142:443 [proto: 91.126/SSL.Google][3 pkts/198 bytes <-> 3 pkts/198 bytes] - 64 TCP 192.168.1.103:58226 -> 203.205.147.171:443 [proto: 91.197/SSL.WeChat][6 pkts/396 bytes -> 0 pkts/0 bytes] + 63 TCP 192.168.1.103:49787 <-> 216.58.205.142:443 [proto: 91.126/SSL.Google][cat: Web/5][3 pkts/198 bytes <-> 3 pkts/198 bytes] + 64 TCP 192.168.1.103:58226 -> 203.205.147.171:443 [proto: 91.197/SSL.WeChat][cat: Chat/9][6 pkts/396 bytes -> 0 pkts/0 bytes] 65 UDP 192.168.1.103:53734 <-> 192.168.1.254:53 [proto: 5.126/DNS.Google][cat: Web/5][1 pkts/94 bytes <-> 1 pkts/272 bytes][Host: safebrowsing.googleusercontent.com] - 66 TCP 192.168.1.103:58043 <-> 203.205.147.171:443 [proto: 91.197/SSL.WeChat][3 pkts/206 bytes <-> 2 pkts/148 bytes] + 66 TCP 192.168.1.103:58043 <-> 203.205.147.171:443 [proto: 91.197/SSL.WeChat][cat: Chat/9][3 pkts/206 bytes <-> 2 pkts/148 bytes] 67 UDP 0.0.0.0:68 -> 255.255.255.255:67 [proto: 18/DHCP][cat: Network/14][1 pkts/342 bytes -> 0 pkts/0 bytes][Host: iphonedimonica] 68 UDP 192.168.1.103:46078 <-> 192.168.1.254:53 [proto: 5.126/DNS.Google][cat: Web/5][1 pkts/75 bytes <-> 1 pkts/234 bytes][Host: ssl.gstatic.com] 69 UDP 192.168.1.103:60562 <-> 192.168.1.254:53 [proto: 5.126/DNS.Google][cat: Web/5][1 pkts/75 bytes <-> 1 pkts/234 bytes][Host: ssl.gstatic.com] 70 UDP 192.168.1.103:55862 <-> 192.168.1.254:53 [proto: 5.241/DNS.GoogleDocs][cat: Media/1][1 pkts/75 bytes <-> 1 pkts/227 bytes][Host: docs.google.com] 71 IGMP 192.168.1.103:0 -> 224.0.0.22:0 [proto: 82/IGMP][cat: Network/14][4 pkts/216 bytes -> 0 pkts/0 bytes] - 72 TCP 192.168.1.103:40741 <-> 203.205.151.211:443 [proto: 91/SSL][2 pkts/108 bytes <-> 2 pkts/108 bytes] + 72 TCP 192.168.1.103:40741 <-> 203.205.151.211:443 [proto: 91/SSL][cat: Web/5][2 pkts/108 bytes <-> 2 pkts/108 bytes] 73 IGMP 192.168.1.254:0 -> 224.0.0.1:0 [proto: 82/IGMP][cat: Network/14][4 pkts/200 bytes -> 0 pkts/0 bytes] - 74 TCP 192.168.1.103:54085 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][2 pkts/132 bytes <-> 1 pkts/66 bytes] + 74 TCP 192.168.1.103:54085 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: Chat/9][2 pkts/132 bytes <-> 1 pkts/66 bytes] 75 UDP [fe80::91f9:3df3:7436:6cd6]:50440 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/180 bytes -> 0 pkts/0 bytes][Host: lbjamwptxz] 76 UDP [fe80::91f9:3df3:7436:6cd6]:49195 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/176 bytes -> 0 pkts/0 bytes][Host: cansaqcq] 77 UDP [fe80::91f9:3df3:7436:6cd6]:50577 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/176 bytes -> 0 pkts/0 bytes][Host: mcztmpkc] @@ -100,10 +100,10 @@ GoogleDocs 15 5114 2 85 UDP 192.168.1.100:54124 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/140 bytes -> 0 pkts/0 bytes][Host: lbjamwptxz] 86 UDP 192.168.1.100:49832 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/136 bytes -> 0 pkts/0 bytes][Host: cansaqcq] 87 UDP 192.168.1.100:57401 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/136 bytes -> 0 pkts/0 bytes][Host: mcztmpkc] - 88 TCP 192.168.1.103:54106 -> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][2 pkts/132 bytes -> 0 pkts/0 bytes] - 89 TCP 192.168.1.103:54109 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][1 pkts/66 bytes <-> 1 pkts/66 bytes] - 90 TCP 192.168.1.103:54110 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][1 pkts/66 bytes <-> 1 pkts/66 bytes] - 91 TCP 192.168.1.103:54205 -> 64.233.167.188:443 [proto: 91.126/SSL.Google][2 pkts/132 bytes -> 0 pkts/0 bytes] + 88 TCP 192.168.1.103:54106 -> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: Chat/9][2 pkts/132 bytes -> 0 pkts/0 bytes] + 89 TCP 192.168.1.103:54109 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: Chat/9][1 pkts/66 bytes <-> 1 pkts/66 bytes] + 90 TCP 192.168.1.103:54110 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: Chat/9][1 pkts/66 bytes <-> 1 pkts/66 bytes] + 91 TCP 192.168.1.103:54205 -> 64.233.167.188:443 [proto: 91.126/SSL.Google][cat: Web/5][2 pkts/132 bytes -> 0 pkts/0 bytes] 92 ICMPV6 [fe80::842:a3f3:a286:6c5b]:0 -> [ff02::2]:0 [proto: 102/ICMPV6][cat: Network/14][2 pkts/132 bytes -> 0 pkts/0 bytes] 93 0 [fe80::842:a3f3:a286:6c5b]:0 -> [ff02::16]:0 [proto: 102/ICMPV6][cat: Network/14][1 pkts/110 bytes -> 0 pkts/0 bytes] 94 UDP 192.168.1.103:37578 -> 193.204.114.233:123 [proto: 9/NTP][cat: System/18][1 pkts/90 bytes -> 0 pkts/0 bytes] diff --git a/tests/result/weibo.pcap.out b/tests/result/weibo.pcap.out index befa40bea..f6c618bcf 100644 --- a/tests/result/weibo.pcap.out +++ b/tests/result/weibo.pcap.out @@ -18,7 +18,7 @@ Sina(Weibo) 419 258077 16 10 TCP 192.168.1.105:59119 <-> 114.134.80.162:80 [proto: 7/HTTP][cat: Web/5][5 pkts/736 bytes <-> 4 pkts/863 bytes][Host: weibo.com] 11 TCP 192.168.1.105:35811 <-> 93.188.134.246:80 [proto: 7.200/HTTP.Sina(Weibo)][cat: SocialNetwork/6][3 pkts/604 bytes <-> 2 pkts/140 bytes][Host: js.t.sinajs.cn] 12 TCP 192.168.1.105:42275 <-> 222.73.28.96:80 [proto: 7.200/HTTP.Sina(Weibo)][cat: SocialNetwork/6][3 pkts/610 bytes <-> 1 pkts/66 bytes][Host: u1.img.mobile.sina.cn] - 13 TCP 192.168.1.105:50827 <-> 47.89.65.229:443 [proto: 91/SSL][3 pkts/382 bytes <-> 1 pkts/66 bytes][client: g.alicdn.com] + 13 TCP 192.168.1.105:50827 <-> 47.89.65.229:443 [proto: 91/SSL][cat: Web/5][3 pkts/382 bytes <-> 1 pkts/66 bytes][client: g.alicdn.com] 14 UDP 192.168.1.105:53543 <-> 192.168.1.1:53 [proto: 5.200/DNS.Sina(Weibo)][cat: SocialNetwork/6][1 pkts/75 bytes <-> 1 pkts/191 bytes][Host: img.t.sinajs.cn] 15 UDP 192.168.1.105:41352 <-> 192.168.1.1:53 [proto: 5.200/DNS.Sina(Weibo)][cat: SocialNetwork/6][1 pkts/74 bytes <-> 1 pkts/190 bytes][Host: js.t.sinajs.cn] 16 UDP 192.168.1.105:51440 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/72 bytes <-> 1 pkts/171 bytes][Host: g.alicdn.com] @@ -26,27 +26,27 @@ Sina(Weibo) 419 258077 16 18 UDP 192.168.1.105:18035 <-> 192.168.1.1:53 [proto: 5.200/DNS.Sina(Weibo)][cat: SocialNetwork/6][1 pkts/81 bytes <-> 1 pkts/159 bytes][Host: u1.img.mobile.sina.cn] 19 UDP 192.168.1.105:50640 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/77 bytes <-> 1 pkts/157 bytes][Host: acjstb.aliyun.com] 20 UDP 192.168.1.105:7148 <-> 192.168.1.1:53 [proto: 5.200/DNS.Sina(Weibo)][cat: SocialNetwork/6][1 pkts/73 bytes <-> 1 pkts/142 bytes][Host: www.weibo.com] - 21 TCP 192.168.1.105:35808 <-> 93.188.134.246:80 [proto: 7/HTTP][2 pkts/140 bytes <-> 1 pkts/74 bytes] - 22 TCP 192.168.1.105:50831 <-> 47.89.65.229:443 [proto: 91/SSL][2 pkts/128 bytes <-> 1 pkts/66 bytes] - 23 TCP 192.168.1.105:59120 <-> 114.134.80.162:80 [proto: 7/HTTP][2 pkts/128 bytes <-> 1 pkts/66 bytes] - 24 TCP 192.168.1.105:59121 <-> 114.134.80.162:80 [proto: 7/HTTP][2 pkts/128 bytes <-> 1 pkts/66 bytes] + 21 TCP 192.168.1.105:35808 <-> 93.188.134.246:80 [proto: 7/HTTP][cat: Web/5][2 pkts/140 bytes <-> 1 pkts/74 bytes] + 22 TCP 192.168.1.105:50831 <-> 47.89.65.229:443 [proto: 91/SSL][cat: Web/5][2 pkts/128 bytes <-> 1 pkts/66 bytes] + 23 TCP 192.168.1.105:59120 <-> 114.134.80.162:80 [proto: 7/HTTP][cat: Web/5][2 pkts/128 bytes <-> 1 pkts/66 bytes] + 24 TCP 192.168.1.105:59121 <-> 114.134.80.162:80 [proto: 7/HTTP][cat: Web/5][2 pkts/128 bytes <-> 1 pkts/66 bytes] 25 UDP 192.168.1.105:53466 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/74 bytes <-> 1 pkts/112 bytes][Host: log.mmstat.com] 26 UDP 192.168.1.105:54988 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/69 bytes <-> 1 pkts/85 bytes][Host: weibo.com] - 27 TCP 192.168.1.105:34699 <-> 216.58.212.65:443 [proto: 91.126/SSL.Google][1 pkts/66 bytes <-> 1 pkts/66 bytes] - 28 TCP 192.168.1.105:35154 <-> 216.58.210.206:443 [proto: 91.126/SSL.Google][1 pkts/66 bytes <-> 1 pkts/66 bytes] - 29 TCP 192.168.1.105:37802 <-> 216.58.212.69:443 [proto: 91.126/SSL.Google][1 pkts/66 bytes <-> 1 pkts/66 bytes] - 30 TCP 192.168.1.105:40440 <-> 54.225.163.210:443 [proto: 91.178/SSL.Amazon][1 pkts/66 bytes <-> 1 pkts/66 bytes] - 31 TCP 192.168.1.105:58480 <-> 216.58.214.78:443 [proto: 91.126/SSL.Google][1 pkts/66 bytes <-> 1 pkts/66 bytes] - 32 TCP 192.168.1.105:58481 <-> 216.58.214.78:443 [proto: 91.126/SSL.Google][1 pkts/66 bytes <-> 1 pkts/66 bytes] + 27 TCP 192.168.1.105:34699 <-> 216.58.212.65:443 [proto: 91.126/SSL.Google][cat: Web/5][1 pkts/66 bytes <-> 1 pkts/66 bytes] + 28 TCP 192.168.1.105:35154 <-> 216.58.210.206:443 [proto: 91.126/SSL.Google][cat: Web/5][1 pkts/66 bytes <-> 1 pkts/66 bytes] + 29 TCP 192.168.1.105:37802 <-> 216.58.212.69:443 [proto: 91.126/SSL.Google][cat: Web/5][1 pkts/66 bytes <-> 1 pkts/66 bytes] + 30 TCP 192.168.1.105:40440 <-> 54.225.163.210:443 [proto: 91.178/SSL.Amazon][cat: Web/5][1 pkts/66 bytes <-> 1 pkts/66 bytes] + 31 TCP 192.168.1.105:58480 <-> 216.58.214.78:443 [proto: 91.126/SSL.Google][cat: Web/5][1 pkts/66 bytes <-> 1 pkts/66 bytes] + 32 TCP 192.168.1.105:58481 <-> 216.58.214.78:443 [proto: 91.126/SSL.Google][cat: Web/5][1 pkts/66 bytes <-> 1 pkts/66 bytes] 33 UDP 192.168.1.105:11798 -> 192.168.1.1:53 [proto: 5.200/DNS.Sina(Weibo)][cat: SocialNetwork/6][1 pkts/77 bytes -> 0 pkts/0 bytes][Host: account.weibo.com] - 34 TCP 192.168.1.105:42280 -> 222.73.28.96:80 [proto: 7/HTTP][1 pkts/74 bytes -> 0 pkts/0 bytes] - 35 TCP 192.168.1.105:47721 -> 140.205.170.63:443 [proto: 91/SSL][1 pkts/74 bytes -> 0 pkts/0 bytes] - 36 TCP 192.168.1.105:47723 -> 140.205.170.63:443 [proto: 91/SSL][1 pkts/74 bytes -> 0 pkts/0 bytes] - 37 TCP 192.168.1.105:48352 -> 140.205.174.1:443 [proto: 91/SSL][1 pkts/74 bytes -> 0 pkts/0 bytes] - 38 TCP 192.168.1.105:48353 -> 140.205.174.1:443 [proto: 91/SSL][1 pkts/74 bytes -> 0 pkts/0 bytes] - 39 TCP 192.168.1.105:48356 -> 140.205.174.1:443 [proto: 91/SSL][1 pkts/74 bytes -> 0 pkts/0 bytes] - 40 TCP 192.168.1.105:52271 -> 42.156.184.19:443 [proto: 91/SSL][1 pkts/74 bytes -> 0 pkts/0 bytes] - 41 TCP 192.168.1.105:52272 -> 42.156.184.19:443 [proto: 91/SSL][1 pkts/74 bytes -> 0 pkts/0 bytes] - 42 TCP 192.168.1.105:52274 -> 42.156.184.19:443 [proto: 91/SSL][1 pkts/74 bytes -> 0 pkts/0 bytes] + 34 TCP 192.168.1.105:42280 -> 222.73.28.96:80 [proto: 7/HTTP][cat: Web/5][1 pkts/74 bytes -> 0 pkts/0 bytes] + 35 TCP 192.168.1.105:47721 -> 140.205.170.63:443 [proto: 91/SSL][cat: Web/5][1 pkts/74 bytes -> 0 pkts/0 bytes] + 36 TCP 192.168.1.105:47723 -> 140.205.170.63:443 [proto: 91/SSL][cat: Web/5][1 pkts/74 bytes -> 0 pkts/0 bytes] + 37 TCP 192.168.1.105:48352 -> 140.205.174.1:443 [proto: 91/SSL][cat: Web/5][1 pkts/74 bytes -> 0 pkts/0 bytes] + 38 TCP 192.168.1.105:48353 -> 140.205.174.1:443 [proto: 91/SSL][cat: Web/5][1 pkts/74 bytes -> 0 pkts/0 bytes] + 39 TCP 192.168.1.105:48356 -> 140.205.174.1:443 [proto: 91/SSL][cat: Web/5][1 pkts/74 bytes -> 0 pkts/0 bytes] + 40 TCP 192.168.1.105:52271 -> 42.156.184.19:443 [proto: 91/SSL][cat: Web/5][1 pkts/74 bytes -> 0 pkts/0 bytes] + 41 TCP 192.168.1.105:52272 -> 42.156.184.19:443 [proto: 91/SSL][cat: Web/5][1 pkts/74 bytes -> 0 pkts/0 bytes] + 42 TCP 192.168.1.105:52274 -> 42.156.184.19:443 [proto: 91/SSL][cat: Web/5][1 pkts/74 bytes -> 0 pkts/0 bytes] 43 UDP 192.168.1.105:50533 -> 192.168.1.1:53 [proto: 5.200/DNS.Sina(Weibo)][cat: SocialNetwork/6][1 pkts/74 bytes -> 0 pkts/0 bytes][Host: data.weibo.com] 44 UDP 192.168.1.105:16804 -> 192.168.1.1:53 [proto: 5.200/DNS.Sina(Weibo)][cat: SocialNetwork/6][1 pkts/70 bytes -> 0 pkts/0 bytes][Host: c.weibo.cn] diff --git a/tests/result/whatsapp_login_call.pcap.out b/tests/result/whatsapp_login_call.pcap.out index f6250fa67..0fa82a7df 100644 --- a/tests/result/whatsapp_login_call.pcap.out +++ b/tests/result/whatsapp_login_call.pcap.out @@ -24,24 +24,24 @@ ApplePush 22 5926 1 9 UDP 0.0.0.0:68 -> 255.255.255.255:67 [proto: 18/DHCP][cat: Network/14][10 pkts/3420 bytes -> 0 pkts/0 bytes][Host: lucas-imac] 10 UDP 192.168.2.4:52794 <-> 31.13.84.48:3478 [proto: 189/WhatsAppVoice][cat: VoIP/10][9 pkts/1842 bytes <-> 11 pkts/1151 bytes] 11 UDP 192.168.2.1:17500 -> 192.168.2.255:17500 [proto: 121/Dropbox][cat: Cloud/13][4 pkts/2176 bytes -> 0 pkts/0 bytes] - 12 TCP 192.168.2.4:49199 <-> 17.172.100.70:993 [proto: 51.140/IMAPS.Apple][9 pkts/1130 bytes <-> 8 pkts/868 bytes] + 12 TCP 192.168.2.4:49199 <-> 17.172.100.70:993 [proto: 51.140/IMAPS.Apple][cat: Web/5][9 pkts/1130 bytes <-> 8 pkts/868 bytes] 13 ICMP 192.168.2.4:0 -> 91.253.176.65:0 [proto: 81/ICMP][cat: Network/14][10 pkts/700 bytes -> 0 pkts/0 bytes] - 14 UDP 192.168.2.4:51518 <-> 31.13.64.48:3478 [proto: 119.78/Facebook.STUN][3 pkts/504 bytes <-> 2 pkts/172 bytes] - 15 UDP 192.168.2.4:51518 <-> 31.13.70.48:3478 [proto: 119.78/Facebook.STUN][3 pkts/504 bytes <-> 2 pkts/172 bytes] - 16 UDP 192.168.2.4:51518 <-> 31.13.73.48:3478 [proto: 119.78/Facebook.STUN][3 pkts/504 bytes <-> 2 pkts/172 bytes] - 17 UDP 192.168.2.4:51518 <-> 31.13.79.192:3478 [proto: 119.78/Facebook.STUN][3 pkts/504 bytes <-> 2 pkts/172 bytes] - 18 UDP 192.168.2.4:51518 <-> 31.13.85.48:3478 [proto: 119.78/Facebook.STUN][3 pkts/504 bytes <-> 2 pkts/172 bytes] - 19 UDP 192.168.2.4:51518 <-> 31.13.91.48:3478 [proto: 119.78/Facebook.STUN][3 pkts/504 bytes <-> 2 pkts/172 bytes] - 20 UDP 192.168.2.4:51518 <-> 31.13.100.14:3478 [proto: 119.78/Facebook.STUN][3 pkts/504 bytes <-> 2 pkts/172 bytes] - 21 UDP 192.168.2.4:52794 <-> 31.13.73.48:3478 [proto: 119.78/Facebook.STUN][3 pkts/504 bytes <-> 2 pkts/172 bytes] - 22 UDP 192.168.2.4:52794 <-> 31.13.74.48:3478 [proto: 119.78/Facebook.STUN][3 pkts/504 bytes <-> 2 pkts/172 bytes] - 23 UDP 192.168.2.4:52794 <-> 31.13.79.192:3478 [proto: 119.78/Facebook.STUN][3 pkts/504 bytes <-> 2 pkts/172 bytes] - 24 UDP 192.168.2.4:52794 <-> 31.13.90.48:3478 [proto: 119.78/Facebook.STUN][3 pkts/504 bytes <-> 2 pkts/172 bytes] - 25 UDP 192.168.2.4:52794 <-> 31.13.93.48:3478 [proto: 119.78/Facebook.STUN][3 pkts/504 bytes <-> 2 pkts/172 bytes] - 26 UDP 192.168.2.4:52794 <-> 173.252.114.1:3478 [proto: 119.78/Facebook.STUN][3 pkts/504 bytes <-> 2 pkts/172 bytes] - 27 UDP 192.168.2.4:52794 <-> 179.60.192.48:3478 [proto: 119.78/Facebook.STUN][3 pkts/504 bytes <-> 2 pkts/172 bytes] - 28 TCP 192.168.2.4:49172 <-> 23.50.148.228:443 [proto: 91/SSL][3 pkts/174 bytes <-> 2 pkts/217 bytes] - 29 TCP 192.168.2.4:49192 <-> 93.186.135.8:80 [proto: 7/HTTP][3 pkts/198 bytes <-> 2 pkts/132 bytes] + 14 UDP 192.168.2.4:51518 <-> 31.13.64.48:3478 [proto: 119.78/Facebook.STUN][cat: Network/14][3 pkts/504 bytes <-> 2 pkts/172 bytes] + 15 UDP 192.168.2.4:51518 <-> 31.13.70.48:3478 [proto: 119.78/Facebook.STUN][cat: Network/14][3 pkts/504 bytes <-> 2 pkts/172 bytes] + 16 UDP 192.168.2.4:51518 <-> 31.13.73.48:3478 [proto: 119.78/Facebook.STUN][cat: Network/14][3 pkts/504 bytes <-> 2 pkts/172 bytes] + 17 UDP 192.168.2.4:51518 <-> 31.13.79.192:3478 [proto: 119.78/Facebook.STUN][cat: Network/14][3 pkts/504 bytes <-> 2 pkts/172 bytes] + 18 UDP 192.168.2.4:51518 <-> 31.13.85.48:3478 [proto: 119.78/Facebook.STUN][cat: Network/14][3 pkts/504 bytes <-> 2 pkts/172 bytes] + 19 UDP 192.168.2.4:51518 <-> 31.13.91.48:3478 [proto: 119.78/Facebook.STUN][cat: Network/14][3 pkts/504 bytes <-> 2 pkts/172 bytes] + 20 UDP 192.168.2.4:51518 <-> 31.13.100.14:3478 [proto: 119.78/Facebook.STUN][cat: Network/14][3 pkts/504 bytes <-> 2 pkts/172 bytes] + 21 UDP 192.168.2.4:52794 <-> 31.13.73.48:3478 [proto: 119.78/Facebook.STUN][cat: Network/14][3 pkts/504 bytes <-> 2 pkts/172 bytes] + 22 UDP 192.168.2.4:52794 <-> 31.13.74.48:3478 [proto: 119.78/Facebook.STUN][cat: Network/14][3 pkts/504 bytes <-> 2 pkts/172 bytes] + 23 UDP 192.168.2.4:52794 <-> 31.13.79.192:3478 [proto: 119.78/Facebook.STUN][cat: Network/14][3 pkts/504 bytes <-> 2 pkts/172 bytes] + 24 UDP 192.168.2.4:52794 <-> 31.13.90.48:3478 [proto: 119.78/Facebook.STUN][cat: Network/14][3 pkts/504 bytes <-> 2 pkts/172 bytes] + 25 UDP 192.168.2.4:52794 <-> 31.13.93.48:3478 [proto: 119.78/Facebook.STUN][cat: Network/14][3 pkts/504 bytes <-> 2 pkts/172 bytes] + 26 UDP 192.168.2.4:52794 <-> 173.252.114.1:3478 [proto: 119.78/Facebook.STUN][cat: Network/14][3 pkts/504 bytes <-> 2 pkts/172 bytes] + 27 UDP 192.168.2.4:52794 <-> 179.60.192.48:3478 [proto: 119.78/Facebook.STUN][cat: Network/14][3 pkts/504 bytes <-> 2 pkts/172 bytes] + 28 TCP 192.168.2.4:49172 <-> 23.50.148.228:443 [proto: 91/SSL][cat: Web/5][3 pkts/174 bytes <-> 2 pkts/217 bytes] + 29 TCP 192.168.2.4:49192 <-> 93.186.135.8:80 [proto: 7/HTTP][cat: Web/5][3 pkts/198 bytes <-> 2 pkts/132 bytes] 30 UDP 192.168.2.4:51897 <-> 192.168.2.1:53 [proto: 5.140/DNS.Apple][cat: Web/5][1 pkts/79 bytes <-> 1 pkts/251 bytes][Host: query.ess.apple.com] 31 UDP 192.168.2.4:52190 <-> 192.168.2.1:53 [proto: 5.142/DNS.WhatsApp][cat: Chat/9][1 pkts/76 bytes <-> 1 pkts/204 bytes][Host: e13.whatsapp.net] 32 UDP 192.168.2.1:57621 -> 192.168.2.255:57621 [proto: 156/Spotify][cat: Streaming/17][3 pkts/258 bytes -> 0 pkts/0 bytes] @@ -49,25 +49,25 @@ ApplePush 22 5926 1 34 UDP [fe80::da30:62ff:fe56:1c]:5353 -> [ff02::fb]:5353 [proto: 8/MDNS][cat: Network/14][2 pkts/258 bytes -> 0 pkts/0 bytes] 35 UDP 169.254.166.207:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network/14][2 pkts/218 bytes -> 0 pkts/0 bytes] 36 UDP 192.168.2.1:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network/14][2 pkts/218 bytes -> 0 pkts/0 bytes] - 37 TCP 192.168.2.4:49173 <-> 93.186.135.82:80 [proto: 7/HTTP][2 pkts/132 bytes <-> 1 pkts/66 bytes] - 38 TCP 192.168.2.4:49174 <-> 5.178.42.26:80 [proto: 7/HTTP][2 pkts/132 bytes <-> 1 pkts/66 bytes] - 39 TCP 192.168.2.4:49194 <-> 93.62.150.157:443 [proto: 91/SSL][2 pkts/132 bytes <-> 1 pkts/66 bytes] - 40 TCP 192.168.2.4:49203 <-> 17.178.104.14:443 [proto: 91.140/SSL.Apple][2 pkts/132 bytes <-> 1 pkts/66 bytes] - 41 TCP 192.168.2.4:49163 <-> 17.154.66.111:443 [proto: 91.140/SSL.Apple][2 pkts/108 bytes <-> 1 pkts/54 bytes] - 42 TCP 192.168.2.4:49164 <-> 17.167.142.31:443 [proto: 91.140/SSL.Apple][2 pkts/108 bytes <-> 1 pkts/54 bytes] - 43 TCP 192.168.2.4:49165 <-> 17.172.100.55:443 [proto: 91.140/SSL.Apple][2 pkts/108 bytes <-> 1 pkts/54 bytes] - 44 TCP 192.168.2.4:49166 <-> 17.154.66.121:443 [proto: 91.140/SSL.Apple][2 pkts/108 bytes <-> 1 pkts/54 bytes] - 45 TCP 192.168.2.4:49167 <-> 17.172.100.8:443 [proto: 91.140/SSL.Apple][2 pkts/108 bytes <-> 1 pkts/54 bytes] - 46 TCP 192.168.2.4:49169 <-> 17.173.66.102:443 [proto: 91.140/SSL.Apple][2 pkts/108 bytes <-> 1 pkts/54 bytes] - 47 TCP 192.168.2.4:49175 <-> 17.172.100.53:443 [proto: 91.140/SSL.Apple][2 pkts/108 bytes <-> 1 pkts/54 bytes] - 48 TCP 192.168.2.4:49176 <-> 17.130.137.77:443 [proto: 91.140/SSL.Apple][2 pkts/108 bytes <-> 1 pkts/54 bytes] - 49 TCP 192.168.2.4:49180 <-> 17.172.100.59:443 [proto: 91.140/SSL.Apple][2 pkts/108 bytes <-> 1 pkts/54 bytes] - 50 TCP 192.168.2.4:49181 <-> 17.172.100.37:443 [proto: 91.140/SSL.Apple][2 pkts/108 bytes <-> 1 pkts/54 bytes] - 51 TCP 192.168.2.4:49182 <-> 17.172.100.52:443 [proto: 91.140/SSL.Apple][2 pkts/108 bytes <-> 1 pkts/54 bytes] - 52 TCP 192.168.2.4:49191 <-> 17.172.100.49:443 [proto: 91.140/SSL.Apple][2 pkts/108 bytes <-> 1 pkts/54 bytes] - 53 TCP 192.168.2.4:49197 <-> 17.167.142.39:443 [proto: 91.140/SSL.Apple][2 pkts/108 bytes <-> 1 pkts/54 bytes] - 54 TCP 192.168.2.4:49198 <-> 17.167.142.13:443 [proto: 91.140/SSL.Apple][2 pkts/108 bytes <-> 1 pkts/54 bytes] - 55 TCP 192.168.2.4:49200 <-> 17.167.142.13:443 [proto: 91.140/SSL.Apple][2 pkts/108 bytes <-> 1 pkts/54 bytes] + 37 TCP 192.168.2.4:49173 <-> 93.186.135.82:80 [proto: 7/HTTP][cat: Web/5][2 pkts/132 bytes <-> 1 pkts/66 bytes] + 38 TCP 192.168.2.4:49174 <-> 5.178.42.26:80 [proto: 7/HTTP][cat: Web/5][2 pkts/132 bytes <-> 1 pkts/66 bytes] + 39 TCP 192.168.2.4:49194 <-> 93.62.150.157:443 [proto: 91/SSL][cat: Web/5][2 pkts/132 bytes <-> 1 pkts/66 bytes] + 40 TCP 192.168.2.4:49203 <-> 17.178.104.14:443 [proto: 91.140/SSL.Apple][cat: Web/5][2 pkts/132 bytes <-> 1 pkts/66 bytes] + 41 TCP 192.168.2.4:49163 <-> 17.154.66.111:443 [proto: 91.140/SSL.Apple][cat: Web/5][2 pkts/108 bytes <-> 1 pkts/54 bytes] + 42 TCP 192.168.2.4:49164 <-> 17.167.142.31:443 [proto: 91.140/SSL.Apple][cat: Web/5][2 pkts/108 bytes <-> 1 pkts/54 bytes] + 43 TCP 192.168.2.4:49165 <-> 17.172.100.55:443 [proto: 91.140/SSL.Apple][cat: Web/5][2 pkts/108 bytes <-> 1 pkts/54 bytes] + 44 TCP 192.168.2.4:49166 <-> 17.154.66.121:443 [proto: 91.140/SSL.Apple][cat: Web/5][2 pkts/108 bytes <-> 1 pkts/54 bytes] + 45 TCP 192.168.2.4:49167 <-> 17.172.100.8:443 [proto: 91.140/SSL.Apple][cat: Web/5][2 pkts/108 bytes <-> 1 pkts/54 bytes] + 46 TCP 192.168.2.4:49169 <-> 17.173.66.102:443 [proto: 91.140/SSL.Apple][cat: Web/5][2 pkts/108 bytes <-> 1 pkts/54 bytes] + 47 TCP 192.168.2.4:49175 <-> 17.172.100.53:443 [proto: 91.140/SSL.Apple][cat: Web/5][2 pkts/108 bytes <-> 1 pkts/54 bytes] + 48 TCP 192.168.2.4:49176 <-> 17.130.137.77:443 [proto: 91.140/SSL.Apple][cat: Web/5][2 pkts/108 bytes <-> 1 pkts/54 bytes] + 49 TCP 192.168.2.4:49180 <-> 17.172.100.59:443 [proto: 91.140/SSL.Apple][cat: Web/5][2 pkts/108 bytes <-> 1 pkts/54 bytes] + 50 TCP 192.168.2.4:49181 <-> 17.172.100.37:443 [proto: 91.140/SSL.Apple][cat: Web/5][2 pkts/108 bytes <-> 1 pkts/54 bytes] + 51 TCP 192.168.2.4:49182 <-> 17.172.100.52:443 [proto: 91.140/SSL.Apple][cat: Web/5][2 pkts/108 bytes <-> 1 pkts/54 bytes] + 52 TCP 192.168.2.4:49191 <-> 17.172.100.49:443 [proto: 91.140/SSL.Apple][cat: Web/5][2 pkts/108 bytes <-> 1 pkts/54 bytes] + 53 TCP 192.168.2.4:49197 <-> 17.167.142.39:443 [proto: 91.140/SSL.Apple][cat: Web/5][2 pkts/108 bytes <-> 1 pkts/54 bytes] + 54 TCP 192.168.2.4:49198 <-> 17.167.142.13:443 [proto: 91.140/SSL.Apple][cat: Web/5][2 pkts/108 bytes <-> 1 pkts/54 bytes] + 55 TCP 192.168.2.4:49200 <-> 17.167.142.13:443 [proto: 91.140/SSL.Apple][cat: Web/5][2 pkts/108 bytes <-> 1 pkts/54 bytes] Undetected flows: diff --git a/tests/result/whatsapp_login_chat.pcap.out b/tests/result/whatsapp_login_chat.pcap.out index c3aab5c2d..324b0cd4c 100644 --- a/tests/result/whatsapp_login_chat.pcap.out +++ b/tests/result/whatsapp_login_chat.pcap.out @@ -6,7 +6,7 @@ WhatsApp 32 3243 2 Spotify 1 86 1 ApplePush 6 2095 1 - 1 TCP 192.168.2.4:49205 <-> 17.173.66.102:443 [proto: 91.140/SSL.Apple][24 pkts/15117 bytes <-> 20 pkts/6254 bytes] + 1 TCP 192.168.2.4:49205 <-> 17.173.66.102:443 [proto: 91.140/SSL.Apple][cat: Web/5][24 pkts/15117 bytes <-> 20 pkts/6254 bytes] 2 TCP 192.168.2.4:49206 <-> 158.85.58.15:5222 [proto: 142/WhatsApp][cat: Chat/9][17 pkts/1794 bytes <-> 13 pkts/1169 bytes] 3 TCP 17.110.229.14:5223 -> 192.168.2.4:49193 [proto: 238/ApplePush][cat: Cloud/13][6 pkts/2095 bytes -> 0 pkts/0 bytes] 4 UDP 0.0.0.0:68 -> 255.255.255.255:67 [proto: 18/DHCP][cat: Network/14][6 pkts/2052 bytes -> 0 pkts/0 bytes][Host: lucas-imac] diff --git a/tests/result/whatsapp_voice_and_message.pcap.out b/tests/result/whatsapp_voice_and_message.pcap.out index df4f997e1..e14163cbd 100644 --- a/tests/result/whatsapp_voice_and_message.pcap.out +++ b/tests/result/whatsapp_voice_and_message.pcap.out @@ -7,11 +7,11 @@ WhatsApp 217 22139 5 3 TCP 10.8.0.1:44819 <-> 158.85.58.42:5222 [proto: 142/WhatsApp][cat: Chat/9][15 pkts/2690 bytes <-> 15 pkts/2019 bytes] 4 TCP 10.8.0.1:49721 <-> 158.85.58.109:5222 [proto: 142/WhatsApp][cat: Chat/9][26 pkts/2311 bytes <-> 26 pkts/2300 bytes] 5 TCP 10.8.0.1:51570 <-> 158.85.5.199:443 [proto: 142/WhatsApp][cat: Chat/9][14 pkts/1123 bytes <-> 13 pkts/1097 bytes] - 6 UDP 10.8.0.1:53620 <-> 31.13.73.48:3478 [proto: 125.49/Skype.SkypeCallIn][5 pkts/840 bytes <-> 4 pkts/344 bytes] - 7 UDP 10.8.0.1:53620 <-> 31.13.64.48:3478 [proto: 119.78/Facebook.STUN][3 pkts/504 bytes <-> 2 pkts/172 bytes] - 8 UDP 10.8.0.1:53620 <-> 31.13.74.48:3478 [proto: 119.78/Facebook.STUN][3 pkts/504 bytes <-> 2 pkts/172 bytes] - 9 UDP 10.8.0.1:53620 <-> 31.13.79.192:3478 [proto: 119.78/Facebook.STUN][3 pkts/504 bytes <-> 2 pkts/172 bytes] - 10 UDP 10.8.0.1:53620 <-> 31.13.84.48:3478 [proto: 119.78/Facebook.STUN][3 pkts/504 bytes <-> 2 pkts/172 bytes] - 11 UDP 10.8.0.1:53620 <-> 31.13.93.48:3478 [proto: 119.78/Facebook.STUN][3 pkts/504 bytes <-> 2 pkts/172 bytes] - 12 UDP 10.8.0.1:53620 <-> 173.252.121.1:3478 [proto: 119.78/Facebook.STUN][3 pkts/504 bytes <-> 2 pkts/172 bytes] - 13 UDP 10.8.0.1:53620 <-> 179.60.192.48:3478 [proto: 119.78/Facebook.STUN][3 pkts/504 bytes <-> 2 pkts/172 bytes] + 6 UDP 10.8.0.1:53620 <-> 31.13.73.48:3478 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][5 pkts/840 bytes <-> 4 pkts/344 bytes] + 7 UDP 10.8.0.1:53620 <-> 31.13.64.48:3478 [proto: 119.78/Facebook.STUN][cat: Network/14][3 pkts/504 bytes <-> 2 pkts/172 bytes] + 8 UDP 10.8.0.1:53620 <-> 31.13.74.48:3478 [proto: 119.78/Facebook.STUN][cat: Network/14][3 pkts/504 bytes <-> 2 pkts/172 bytes] + 9 UDP 10.8.0.1:53620 <-> 31.13.79.192:3478 [proto: 119.78/Facebook.STUN][cat: Network/14][3 pkts/504 bytes <-> 2 pkts/172 bytes] + 10 UDP 10.8.0.1:53620 <-> 31.13.84.48:3478 [proto: 119.78/Facebook.STUN][cat: Network/14][3 pkts/504 bytes <-> 2 pkts/172 bytes] + 11 UDP 10.8.0.1:53620 <-> 31.13.93.48:3478 [proto: 119.78/Facebook.STUN][cat: Network/14][3 pkts/504 bytes <-> 2 pkts/172 bytes] + 12 UDP 10.8.0.1:53620 <-> 173.252.121.1:3478 [proto: 119.78/Facebook.STUN][cat: Network/14][3 pkts/504 bytes <-> 2 pkts/172 bytes] + 13 UDP 10.8.0.1:53620 <-> 179.60.192.48:3478 [proto: 119.78/Facebook.STUN][cat: Network/14][3 pkts/504 bytes <-> 2 pkts/172 bytes] -- cgit v1.2.3 From 225826ce83c224000a8c5f8e72cb33a1f2559fd9 Mon Sep 17 00:00:00 2001 From: Campus Date: Wed, 5 Sep 2018 16:10:07 +0200 Subject: FIX: dropbox dissector. UPD: updated pcap file with new dropbox pkts --- src/lib/protocols/dropbox.c | 2 +- tests/pcap/dropbox.pcap | Bin 329062 -> 104124 bytes tests/result/dropbox.pcap.out | 58 ++++++++++++------------------------------ 3 files changed, 17 insertions(+), 43 deletions(-) (limited to 'tests') diff --git a/src/lib/protocols/dropbox.c b/src/lib/protocols/dropbox.c index b987ba253..d981c76b3 100644 --- a/src/lib/protocols/dropbox.c +++ b/src/lib/protocols/dropbox.c @@ -51,7 +51,7 @@ static void ndpi_check_dropbox(struct ndpi_detection_module_struct *ndpi_struct, if((packet->udp->source == dropbox_port) && (packet->udp->dest == dropbox_port)) { if(payload_len > 2) { - if(strncmp((const char *)packet->payload, "{\"host_int\"", 11) == 0) { + if(strstr((const char *)packet->payload, "\"host_int\"") != NULL) { NDPI_LOG_INFO(ndpi_struct, "found dropbox\n"); ndpi_int_dropbox_add_connection(ndpi_struct, flow, 0); diff --git a/tests/pcap/dropbox.pcap b/tests/pcap/dropbox.pcap index 6e950826e..9824eb6ed 100644 Binary files a/tests/pcap/dropbox.pcap and b/tests/pcap/dropbox.pcap differ diff --git a/tests/result/dropbox.pcap.out b/tests/result/dropbox.pcap.out index 10fb21cb6..a015f4d46 100644 --- a/tests/result/dropbox.pcap.out +++ b/tests/result/dropbox.pcap.out @@ -1,43 +1,17 @@ -MDNS 16 1648 1 -SSDP 140 61108 22 -Dropbox 1104 246122 16 +Dropbox 848 90532 15 - 1 TCP 192.168.1.105:44949 <-> 54.240.174.31:443 [proto: 91.121/SSL.Dropbox][cat: Cloud/13][64 pkts/12228 bytes <-> 74 pkts/85074 bytes][client: client-cf.dropbox.com][server: client-cf.dropbox.com] - 2 TCP 192.168.1.105:47747 <-> 108.160.172.225:443 [proto: 91.121/SSL.Dropbox][cat: Cloud/13][28 pkts/12486 bytes <-> 26 pkts/14946 bytes][client: d.dropbox.com] - 3 UDP 192.168.56.1:50318 <-> 192.168.56.101:17500 [proto: 121/Dropbox][cat: Cloud/13][100 pkts/13960 bytes <-> 100 pkts/6260 bytes] - 4 UDP 192.168.56.1:50312 <-> 192.168.56.101:17500 [proto: 121/Dropbox][cat: Cloud/13][100 pkts/13947 bytes <-> 100 pkts/6247 bytes] - 5 UDP 192.168.56.1:50319 <-> 192.168.56.101:17500 [proto: 121/Dropbox][cat: Cloud/13][100 pkts/13921 bytes <-> 100 pkts/6221 bytes] - 6 UDP 192.168.56.1:50311 <-> 192.168.56.101:17500 [proto: 121/Dropbox][cat: Cloud/13][100 pkts/13910 bytes <-> 100 pkts/6210 bytes] - 7 UDP 192.168.1.254:50828 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][44 pkts/19936 bytes -> 0 pkts/0 bytes] - 8 TCP 192.168.1.105:59975 <-> 108.160.172.204:443 [proto: 91.121/SSL.Dropbox][cat: Cloud/13][18 pkts/3562 bytes <-> 16 pkts/14464 bytes][client: client.dropbox.com][server: *.dropbox.com] - 9 TCP 192.168.1.105:46394 <-> 162.125.17.131:443 [proto: 91.121/SSL.Dropbox][cat: Cloud/13][12 pkts/2338 bytes <-> 10 pkts/9054 bytes][client: notify.dropbox.com][server: *.dropbox.com] - 10 TCP 192.168.1.105:36226 <-> 108.160.172.195:80 [proto: 7.121/HTTP.Dropbox][cat: Cloud/13][10 pkts/2170 bytes <-> 10 pkts/1758 bytes][Host: log.getdropbox.com] - 11 UDP 192.168.1.101:1650 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][6 pkts/2836 bytes -> 0 pkts/0 bytes] - 12 UDP 192.168.1.101:2141 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][6 pkts/2836 bytes -> 0 pkts/0 bytes] - 13 UDP 192.168.1.101:2873 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][6 pkts/2836 bytes -> 0 pkts/0 bytes] - 14 UDP 192.168.1.101:3412 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][6 pkts/2836 bytes -> 0 pkts/0 bytes] - 15 UDP 192.168.1.101:3547 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][6 pkts/2836 bytes -> 0 pkts/0 bytes] - 16 UDP 192.168.1.101:3959 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][6 pkts/2836 bytes -> 0 pkts/0 bytes] - 17 UDP 192.168.1.101:4169 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][6 pkts/2836 bytes -> 0 pkts/0 bytes] - 18 UDP 192.168.1.101:4171 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][6 pkts/2836 bytes -> 0 pkts/0 bytes] - 19 UDP 192.168.1.101:4625 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][6 pkts/2836 bytes -> 0 pkts/0 bytes] - 20 UDP 192.168.1.101:4974 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][6 pkts/2836 bytes -> 0 pkts/0 bytes] - 21 UDP 192.168.1.106:57268 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][16 pkts/2632 bytes -> 0 pkts/0 bytes] - 22 UDP 192.168.1.106:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network/14][16 pkts/1648 bytes -> 0 pkts/0 bytes] - 23 UDP 192.168.1.105:17500 -> 192.168.1.255:17500 [proto: 121/Dropbox][cat: Cloud/13][6 pkts/1422 bytes -> 0 pkts/0 bytes] - 24 UDP 192.168.1.105:17500 -> 255.255.255.255:17500 [proto: 121/Dropbox][cat: Cloud/13][6 pkts/1422 bytes -> 0 pkts/0 bytes] - 25 UDP 192.168.1.105:36173 <-> 192.168.1.254:53 [proto: 5.121/DNS.Dropbox][cat: Cloud/13][4 pkts/312 bytes <-> 4 pkts/1078 bytes][Host: log.getdropbox.com] - 26 UDP 192.168.1.101:1280 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][2 pkts/1018 bytes -> 0 pkts/0 bytes] - 27 UDP 192.168.1.101:1346 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][2 pkts/1018 bytes -> 0 pkts/0 bytes] - 28 UDP 192.168.1.101:1908 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][2 pkts/1018 bytes -> 0 pkts/0 bytes] - 29 UDP 192.168.1.101:2159 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][2 pkts/1018 bytes -> 0 pkts/0 bytes] - 30 UDP 192.168.1.101:2169 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][2 pkts/1018 bytes -> 0 pkts/0 bytes] - 31 UDP 192.168.1.101:2544 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][2 pkts/1018 bytes -> 0 pkts/0 bytes] - 32 UDP 192.168.1.101:2604 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][2 pkts/1018 bytes -> 0 pkts/0 bytes] - 33 UDP 192.168.1.101:2991 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][2 pkts/1018 bytes -> 0 pkts/0 bytes] - 34 UDP 192.168.1.101:3731 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][2 pkts/1018 bytes -> 0 pkts/0 bytes] - 35 UDP 192.168.1.101:3777 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][2 pkts/1018 bytes -> 0 pkts/0 bytes] - 36 UDP 192.168.1.105:55407 <-> 192.168.1.254:53 [proto: 5.121/DNS.Dropbox][cat: Cloud/13][2 pkts/156 bytes <-> 2 pkts/666 bytes][Host: client.dropbox.com] - 37 UDP 192.168.1.105:50789 <-> 192.168.1.254:53 [proto: 5.121/DNS.Dropbox][cat: Cloud/13][2 pkts/146 bytes <-> 2 pkts/646 bytes][Host: d.dropbox.com] - 38 UDP 192.168.1.105:49112 <-> 192.168.1.254:53 [proto: 5.121/DNS.Dropbox][cat: Cloud/13][2 pkts/162 bytes <-> 2 pkts/612 bytes][Host: client-cf.dropbox.com] - 39 UDP 192.168.1.105:33189 <-> 192.168.1.254:53 [proto: 5.121/DNS.Dropbox][cat: Cloud/13][2 pkts/156 bytes <-> 2 pkts/588 bytes][Host: notify.dropbox.com] + 1 UDP 192.168.56.1:50318 <-> 192.168.56.101:17500 [proto: 121/Dropbox][cat: Cloud/13][100 pkts/13960 bytes <-> 100 pkts/6260 bytes] + 2 UDP 192.168.56.1:50312 <-> 192.168.56.101:17500 [proto: 121/Dropbox][cat: Cloud/13][100 pkts/13947 bytes <-> 100 pkts/6247 bytes] + 3 UDP 192.168.56.1:50319 <-> 192.168.56.101:17500 [proto: 121/Dropbox][cat: Cloud/13][100 pkts/13921 bytes <-> 100 pkts/6221 bytes] + 4 UDP 192.168.56.1:50311 <-> 192.168.56.101:17500 [proto: 121/Dropbox][cat: Cloud/13][100 pkts/13910 bytes <-> 100 pkts/6210 bytes] + 5 UDP 192.168.1.105:17500 -> 192.168.1.255:17500 [proto: 121/Dropbox][cat: Cloud/13][6 pkts/1422 bytes -> 0 pkts/0 bytes] + 6 UDP 192.168.1.105:17500 -> 255.255.255.255:17500 [proto: 121/Dropbox][cat: Cloud/13][6 pkts/1422 bytes -> 0 pkts/0 bytes] + 7 UDP 192.168.1.105:36173 <-> 192.168.1.254:53 [proto: 5.121/DNS.Dropbox][cat: Cloud/13][4 pkts/312 bytes <-> 4 pkts/1078 bytes][Host: log.getdropbox.com] + 8 UDP 192.168.1.105:55407 <-> 192.168.1.254:53 [proto: 5.121/DNS.Dropbox][cat: Cloud/13][2 pkts/156 bytes <-> 2 pkts/666 bytes][Host: client.dropbox.com] + 9 UDP 192.168.1.105:50789 <-> 192.168.1.254:53 [proto: 5.121/DNS.Dropbox][cat: Cloud/13][2 pkts/146 bytes <-> 2 pkts/646 bytes][Host: d.dropbox.com] + 10 UDP 192.168.1.105:49112 <-> 192.168.1.254:53 [proto: 5.121/DNS.Dropbox][cat: Cloud/13][2 pkts/162 bytes <-> 2 pkts/612 bytes][Host: client-cf.dropbox.com] + 11 UDP 192.168.1.105:33189 <-> 192.168.1.254:53 [proto: 5.121/DNS.Dropbox][cat: Cloud/13][2 pkts/156 bytes <-> 2 pkts/588 bytes][Host: notify.dropbox.com] + 12 UDP 192.168.1.6:17500 -> 192.168.1.255:17500 [proto: 121/Dropbox][cat: Cloud/13][3 pkts/630 bytes -> 0 pkts/0 bytes] + 13 UDP 192.168.1.6:17500 -> 255.255.255.255:17500 [proto: 121/Dropbox][cat: Cloud/13][3 pkts/630 bytes -> 0 pkts/0 bytes] + 14 UDP 192.168.1.64:17500 -> 192.168.1.255:17500 [proto: 121/Dropbox][cat: Cloud/13][3 pkts/615 bytes -> 0 pkts/0 bytes] + 15 UDP 192.168.1.64:17500 -> 255.255.255.255:17500 [proto: 121/Dropbox][cat: Cloud/13][3 pkts/615 bytes -> 0 pkts/0 bytes] -- cgit v1.2.3 From c6b427c2521c0916866f932ea1db43334a01b2f4 Mon Sep 17 00:00:00 2001 From: Luca Date: Tue, 18 Sep 2018 18:13:04 +0200 Subject: Implementation of Bitcoin, Ethereum, ZCash, Monero dissectors all identified as mining Implements #503 --- src/include/ndpi_protocol_ids.h | 4 +- src/include/ndpi_protocols.h | 1 + src/lib/ndpi_main.c | 9 ++-- src/lib/protocols/mining.c | 94 ++++++++++++++++++++++++++++++++++++++++ tests/pcap/bitcoin.pcap | Bin 0 -> 591290 bytes tests/pcap/ethereum.pcap | Bin 0 -> 147293 bytes tests/pcap/monero.pcap | Bin 0 -> 171804 bytes tests/pcap/zcash.pcap | Bin 0 -> 22988 bytes tests/result/bitcoin.pcap.out | 8 ++++ tests/result/ethereum.pcap.out | 4 ++ tests/result/monero.pcap.out | 4 ++ tests/result/zcash.pcap.out | 3 ++ 12 files changed, 122 insertions(+), 5 deletions(-) create mode 100644 src/lib/protocols/mining.c create mode 100644 tests/pcap/bitcoin.pcap create mode 100644 tests/pcap/ethereum.pcap create mode 100644 tests/pcap/monero.pcap create mode 100644 tests/pcap/zcash.pcap create mode 100644 tests/result/bitcoin.pcap.out create mode 100644 tests/result/ethereum.pcap.out create mode 100644 tests/result/monero.pcap.out create mode 100644 tests/result/zcash.pcap.out (limited to 'tests') diff --git a/src/include/ndpi_protocol_ids.h b/src/include/ndpi_protocol_ids.h index 7b4961a0e..607e8deef 100644 --- a/src/include/ndpi_protocol_ids.h +++ b/src/include/ndpi_protocol_ids.h @@ -75,9 +75,9 @@ typedef enum { NDPI_PROTOCOL_SKYPE_CALL_OUT = 38, NDPI_PROTOCOL_MUSICALLY = 39, NDPI_PROTOCOL_MEMCACHED = 40, /* Memcached - Darryl Sokoloski */ - NDPI_PROTOCOL_SMBV23 = 41, /* SMB version 2/3 */ + NDPI_PROTOCOL_SMBV23 = 41, /* SMB version 2/3 */ + NDPI_PROTOCOL_MINING = 42, /* Bitcoin, Ethereum, ZCash, Monero */ - NDPI_PROTOCOL_FREE_42 = 42, /* Free */ NDPI_PROTOCOL_FREE_43 = 43, /* Free */ NDPI_PROTOCOL_FREE_44 = 44, /* Free */ NDPI_PROTOCOL_FREE_45 = 45, /* Free */ diff --git a/src/include/ndpi_protocols.h b/src/include/ndpi_protocols.h index 5c08f85f5..e1f3af4fb 100644 --- a/src/include/ndpi_protocols.h +++ b/src/include/ndpi_protocols.h @@ -260,6 +260,7 @@ void init_maplestory_dissector(struct ndpi_detection_module_struct *ndpi_struct, void init_mdns_dissector(struct ndpi_detection_module_struct *ndpi_struct, u_int32_t *id, NDPI_PROTOCOL_BITMASK *detection_bitmask); void init_megaco_dissector(struct ndpi_detection_module_struct *ndpi_struct, u_int32_t *id, NDPI_PROTOCOL_BITMASK *detection_bitmask); void init_mgpc_dissector(struct ndpi_detection_module_struct *ndpi_struct, u_int32_t *id, NDPI_PROTOCOL_BITMASK *detection_bitmask); +void init_mining_dissector(struct ndpi_detection_module_struct *ndpi_struct, u_int32_t *id, NDPI_PROTOCOL_BITMASK *detection_bitmask); void init_mms_dissector(struct ndpi_detection_module_struct *ndpi_struct, u_int32_t *id, NDPI_PROTOCOL_BITMASK *detection_bitmask); void init_msn_dissector(struct ndpi_detection_module_struct *ndpi_struct, u_int32_t *id, NDPI_PROTOCOL_BITMASK *detection_bitmask); void init_mpegts_dissector(struct ndpi_detection_module_struct *ndpi_struct, u_int32_t *id, NDPI_PROTOCOL_BITMASK *detection_bitmask); diff --git a/src/lib/ndpi_main.c b/src/lib/ndpi_main.c index 8fed1ebf1..9b6501d9b 100644 --- a/src/lib/ndpi_main.c +++ b/src/lib/ndpi_main.c @@ -1222,10 +1222,10 @@ static void ndpi_init_protocol_defaults(struct ndpi_detection_module_struct *ndp no_master, "SMBv23", NDPI_PROTOCOL_CATEGORY_SYSTEM_OS, ndpi_build_default_ports(ports_a, 445, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); - ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_FREE_42, + ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_MINING, no_master, - no_master, "Free", NDPI_PROTOCOL_CATEGORY_CUSTOM_1 /* dummy */, - ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, + no_master, "Mining", CUSTOM_CATEGORY_MINING /* dummy */, + ndpi_build_default_ports(ports_a, 8333, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_FREE_43, no_master, @@ -2929,6 +2929,9 @@ void ndpi_set_protocol_detection_bitmask2(struct ndpi_detection_module_struct *n /* SMB */ init_smb_dissector(ndpi_struct, &a, detection_bitmask); + /* MINING */ + init_mining_dissector(ndpi_struct, &a, detection_bitmask); + /* TELNET */ init_telnet_dissector(ndpi_struct, &a, detection_bitmask); diff --git a/src/lib/protocols/mining.c b/src/lib/protocols/mining.c new file mode 100644 index 000000000..ec094e7d3 --- /dev/null +++ b/src/lib/protocols/mining.c @@ -0,0 +1,94 @@ +/* + * mining.c [Bitcoin, Ethereum, ZCash, Monero] + * + * Copyright (C) 2018 - ntop.org + * + * This file is part of nDPI, an open source deep packet inspection + * library based on the OpenDPI and PACE technology by ipoque GmbH + * + * nDPI is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * nDPI is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with nDPI. If not, see . + * + */ +#include "ndpi_protocol_ids.h" + +#include "ndpi_api.h" + +void ndpi_search_mining_tcp(struct ndpi_detection_module_struct *ndpi_struct, + struct ndpi_flow_struct *flow) { + struct ndpi_packet_struct *packet = &flow->packet; + + NDPI_LOG_DBG(ndpi_struct, "search MINING\n"); + + /* Check connection over TCP */ + if(packet->tcp && (packet->payload_packet_len > 10)) { + + if(packet->tcp->source == htons(8333)) { + /* + Bitcoin + + bitcoin.magic == 0xf9beb4d9 || bitcoin.magic == 0xfabfb5da + */ + u_int32_t magic = htonl(0xf9beb4d9), magic1 = htonl(0xfabfb5da), *to_match = (u_int32_t*)packet->payload; + + if((*to_match == magic) || (*to_match == magic1)) { + ndpi_set_detected_protocol(ndpi_struct, flow, NDPI_PROTOCOL_MINING, NDPI_PROTOCOL_UNKNOWN); + } + } if(ndpi_strnstr((const char *)packet->payload, "\"eth1.0\"", packet->payload_packet_len) + || ndpi_strnstr((const char *)packet->payload, "\"worker\"", packet->payload_packet_len) + || ndpi_strnstr((const char *)packet->payload, "\"id\"", packet->payload_packet_len)) { + /* + Ethereum + + {"worker": "eth1.0", "jsonrpc": "2.0", "params": ["0x0fccfff9e61a230ff380530c6827caf4759337c6.rig2", "x"], "id": 2, "method": "eth_submitLogin"} + { "id": 2, "jsonrpc":"2.0","result":true} + {"worker": "", "jsonrpc": "2.0", "params": [], "id": 3, "method": "eth_getWork"} + */ + ndpi_set_detected_protocol(ndpi_struct, flow, NDPI_PROTOCOL_MINING, NDPI_PROTOCOL_UNKNOWN); + } else if(ndpi_strnstr((const char *)packet->payload, "\"method\"", packet->payload_packet_len) + || ndpi_strnstr((const char *)packet->payload, "\"blob\"", packet->payload_packet_len) + || ndpi_strnstr((const char *)packet->payload, "\"id\"", packet->payload_packet_len)) { + /* + ZCash + + {"method":"login","params":{"login":"4BCeEPhodgPMbPWFN1dPwhWXdRX8q4mhhdZdA1dtSMLTLCEYvAj9QXjXAfF7CugEbmfBhgkqHbdgK9b2wKA6nqRZQCgvCDm.cb2b73415c4faf214035a73b9d947c202342f3bf3bdf632132bd6d7af98cb257.ryzen","pass":"x","agent":"xmr-stak-cpu/1.3.0-1.5.0"},"id":1} + {"id":1,"jsonrpc":"2.0","error":null,"result":{"id":"479059546883218","job":{"blob":"0606e89883d205a65d8ee78991838a1cf3ec2ebbc5fb1fa43dec5fa1cd2bee4069212a549cd731000000005a88235653097aa3e97ef2ceef4aee610751a828f9be1a0758a78365fb0a4c8c05","job_id":"722134174127131","target":"dc460300"},"status":"OK"}} + {"method":"submit","params":{"id":"479059546883218","job_id":"722134174127131","nonce":"98024001","result":"c9be9381a68d533c059d614d961e0534d7d8785dd5c339c2f9596eb95f320100"},"id":1} + + Monero + + {"method":"login","params":{"login":"4BCeEPhodgPMbPWFN1dPwhWXdRX8q4mhhdZdA1dtSMLTLCEYvAj9QXjXAfF7CugEbmfBhgkqHbdgK9b2wKA6nqRZQCgvCDm.cb2b73415c4faf214035a73b9d947c202342f3bf3bdf632132bd6d7af98cb257.ryzen","pass":"x","agent":"xmr-stak-cpu/1.3.0-1.5.0"},"id":1} + {"id":1,"jsonrpc":"2.0","error":null,"result":{"id":"479059546883218","job":{"blob":"0606e89883d205a65d8ee78991838a1cf3ec2ebbc5fb1fa43dec5fa1cd2bee4069212a549cd731000000005a88235653097aa3e97ef2ceef4aee610751a828f9be1a0758a78365fb0a4c8c05","job_id":"722134174127131","target":"dc460300"},"status":"OK"}} + {"method":"submit","params":{"id":"479059546883218","job_id":"722134174127131","nonce":"98024001","result":"c9be9381a68d533c059d614d961e0534d7d8785dd5c339c2f9596eb95f320100"},"id":1} + */ + ndpi_set_detected_protocol(ndpi_struct, flow, NDPI_PROTOCOL_MINING, NDPI_PROTOCOL_UNKNOWN); + } + } + + ndpi_exclude_protocol(ndpi_struct, flow, NDPI_PROTOCOL_MINING, __FILE__, __FUNCTION__, __LINE__); +} + + +void init_mining_dissector(struct ndpi_detection_module_struct *ndpi_struct, + u_int32_t *id, NDPI_PROTOCOL_BITMASK *detection_bitmask) +{ + ndpi_set_bitmask_protocol_detection("Mining", ndpi_struct, detection_bitmask, *id, + NDPI_PROTOCOL_MINING, + ndpi_search_mining_tcp, + NDPI_SELECTION_BITMASK_PROTOCOL_V4_V6_TCP_WITH_PAYLOAD_WITHOUT_RETRANSMISSION, + SAVE_DETECTION_BITMASK_AS_UNKNOWN, + ADD_TO_DETECTION_BITMASK); + + *id += 1; +} + diff --git a/tests/pcap/bitcoin.pcap b/tests/pcap/bitcoin.pcap new file mode 100644 index 000000000..ce62ed779 Binary files /dev/null and b/tests/pcap/bitcoin.pcap differ diff --git a/tests/pcap/ethereum.pcap b/tests/pcap/ethereum.pcap new file mode 100644 index 000000000..f77637d62 Binary files /dev/null and b/tests/pcap/ethereum.pcap differ diff --git a/tests/pcap/monero.pcap b/tests/pcap/monero.pcap new file mode 100644 index 000000000..67d796882 Binary files /dev/null and b/tests/pcap/monero.pcap differ diff --git a/tests/pcap/zcash.pcap b/tests/pcap/zcash.pcap new file mode 100644 index 000000000..213585dbd Binary files /dev/null and b/tests/pcap/zcash.pcap differ diff --git a/tests/result/bitcoin.pcap.out b/tests/result/bitcoin.pcap.out new file mode 100644 index 000000000..d10fa583d --- /dev/null +++ b/tests/result/bitcoin.pcap.out @@ -0,0 +1,8 @@ +Mining 637 581074 6 + + 1 TCP 192.168.1.142:55328 <-> 69.118.54.122:8333 [proto: 42/Mining][cat: Unspecified/99][2 pkts/281 bytes <-> 137 pkts/191029 bytes] + 2 TCP 192.168.1.142:55348 <-> 74.89.181.229:8333 [proto: 42/Mining][cat: Unspecified/99][55 pkts/28663 bytes <-> 117 pkts/134830 bytes] + 3 TCP 192.168.1.142:55383 <-> 66.68.83.22:8333 [proto: 42/Mining][cat: Unspecified/99][65 pkts/45271 bytes <-> 96 pkts/70339 bytes] + 4 TCP 192.168.1.142:55400 <-> 195.218.16.178:8333 [proto: 42/Mining][cat: Unspecified/99][47 pkts/26824 bytes <-> 72 pkts/55927 bytes] + 5 TCP 192.168.1.142:55317 <-> 188.165.213.169:8333 [proto: 42/Mining][cat: Unspecified/99][16 pkts/21673 bytes <-> 3 pkts/1771 bytes] + 6 TCP 192.168.1.142:55487 <-> 184.58.165.119:8333 [proto: 42/Mining][cat: Unspecified/99][24 pkts/3082 bytes <-> 3 pkts/1384 bytes] diff --git a/tests/result/ethereum.pcap.out b/tests/result/ethereum.pcap.out new file mode 100644 index 000000000..a4c607d2d --- /dev/null +++ b/tests/result/ethereum.pcap.out @@ -0,0 +1,4 @@ +Mining 819 134165 2 + + 1 TCP 192.168.2.92:57726 <-> 94.23.36.128:4444 [proto: 42/Mining][cat: Unspecified/99][478 pkts/52883 bytes <-> 308 pkts/76667 bytes] + 2 TCP 192.168.2.92:41680 <-> 91.121.222.33:4444 [proto: 42/Mining][cat: Unspecified/99][20 pkts/2159 bytes <-> 13 pkts/2456 bytes] diff --git a/tests/result/monero.pcap.out b/tests/result/monero.pcap.out new file mode 100644 index 000000000..732ada2ed --- /dev/null +++ b/tests/result/monero.pcap.out @@ -0,0 +1,4 @@ +Mining 319 166676 2 + + 1 TCP 192.168.2.148:46838 <-> 94.23.199.191:3333 [proto: 42/Mining][cat: Unspecified/99][159 pkts/143155 bytes <-> 113 pkts/13204 bytes] + 2 TCP 192.168.2.148:53846 <-> 116.211.167.195:3333 [proto: 42/Mining][cat: Unspecified/99][24 pkts/4455 bytes <-> 23 pkts/5862 bytes] diff --git a/tests/result/zcash.pcap.out b/tests/result/zcash.pcap.out new file mode 100644 index 000000000..eb3e155ee --- /dev/null +++ b/tests/result/zcash.pcap.out @@ -0,0 +1,3 @@ +Mining 145 20644 1 + + 1 TCP 192.168.2.92:55190 <-> 178.32.196.217:9050 [proto: 42/Mining][cat: Unspecified/99][83 pkts/11785 bytes <-> 62 pkts/8859 bytes] -- cgit v1.2.3 From 31f62c5cf54c41fcd73ed3d7862e37277f5449ea Mon Sep 17 00:00:00 2001 From: Darryl Sokoloski Date: Wed, 19 Sep 2018 21:25:16 -0400 Subject: New dissector: Nest Log Sink This is a dissector for the Nest Log Sink protocol which is used by the Nest Protect (https://nest.com/ca/smoke-co-alarm/overview/). Signed-off-by: Darryl Sokoloski --- src/include/ndpi_protocol_ids.h | 2 +- src/include/ndpi_typedefs.h | 3 ++ src/lib/ndpi_main.c | 9 +++-- src/lib/protocols/nest_log_sink.c | 81 ++++++++++++++++++++++++++++++++++++++ tests/pcap/nest_log_sink.pcap | Bin 0 -> 146010 bytes 5 files changed, 91 insertions(+), 4 deletions(-) create mode 100644 src/lib/protocols/nest_log_sink.c create mode 100644 tests/pcap/nest_log_sink.pcap (limited to 'tests') diff --git a/src/include/ndpi_protocol_ids.h b/src/include/ndpi_protocol_ids.h index 607e8deef..0d2712d20 100644 --- a/src/include/ndpi_protocol_ids.h +++ b/src/include/ndpi_protocol_ids.h @@ -77,8 +77,8 @@ typedef enum { NDPI_PROTOCOL_MEMCACHED = 40, /* Memcached - Darryl Sokoloski */ NDPI_PROTOCOL_SMBV23 = 41, /* SMB version 2/3 */ NDPI_PROTOCOL_MINING = 42, /* Bitcoin, Ethereum, ZCash, Monero */ + NDPI_PROTOCOL_NEST_LOG_SINK = 43, /* Nest Log Sink (Nest Protect) - Darryl Sokoloski */ - NDPI_PROTOCOL_FREE_43 = 43, /* Free */ NDPI_PROTOCOL_FREE_44 = 44, /* Free */ NDPI_PROTOCOL_FREE_45 = 45, /* Free */ NDPI_PROTOCOL_FREE_46 = 46, /* Free */ diff --git a/src/include/ndpi_typedefs.h b/src/include/ndpi_typedefs.h index 52da6195d..f0b47b358 100644 --- a/src/include/ndpi_typedefs.h +++ b/src/include/ndpi_typedefs.h @@ -596,6 +596,9 @@ struct ndpi_flow_tcp_struct { /* NDPI_PROTOCOL_MEMCACHED */ u_int8_t memcached_matches; + +/* NDPI_PROTOCOL_NEST_LOG_SINK */ + u_int8_t nest_log_sink_matches; } #ifndef WIN32 __attribute__ ((__packed__)) diff --git a/src/lib/ndpi_main.c b/src/lib/ndpi_main.c index 84a1de400..83094602d 100644 --- a/src/lib/ndpi_main.c +++ b/src/lib/ndpi_main.c @@ -1227,10 +1227,10 @@ static void ndpi_init_protocol_defaults(struct ndpi_detection_module_struct *ndp no_master, "Mining", CUSTOM_CATEGORY_MINING, ndpi_build_default_ports(ports_a, 8333, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); - ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_FREE_43, + ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_NEST_LOG_SINK, no_master, - no_master, "Free", NDPI_PROTOCOL_CATEGORY_CUSTOM_1 /* dummy */, - ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, + no_master, "NestLogSink", NDPI_PROTOCOL_CATEGORY_CLOUD, + ndpi_build_default_ports(ports_a, 11095, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_FREE_44, no_master, @@ -3228,6 +3228,9 @@ void ndpi_set_protocol_detection_bitmask2(struct ndpi_detection_module_struct *n /* Memcached */ init_memcached_dissector(ndpi_struct, &a, detection_bitmask); + /* Nest Log Sink */ + init_nest_log_sink_dissector(ndpi_struct, &a, detection_bitmask); + /* ----------------------------------------------------------------- */ ndpi_struct->callback_buffer_size = a; diff --git a/src/lib/protocols/nest_log_sink.c b/src/lib/protocols/nest_log_sink.c new file mode 100644 index 000000000..47cc65dc8 --- /dev/null +++ b/src/lib/protocols/nest_log_sink.c @@ -0,0 +1,81 @@ +/* + * nest_log_sink.c + * + * Copyright (C) 2009-2011 by ipoque GmbH + * Copyright (C) 2011-18 - ntop.org + * Copyright (C) 2018 - eGloo Incorporated + * + * This file is part of nDPI, an open source deep packet inspection + * library based on the OpenDPI and PACE technology by ipoque GmbH + * + * nDPI is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * nDPI is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with nDPI. If not, see . + * + */ + +#include "ndpi_protocol_ids.h" + +#define NDPI_CURRENT_PROTO NDPI_PROTOCOL_NEST_LOG_SINK + +#include "ndpi_api.h" + +#define NEST_LOG_SINK_PORT 11095 +#define NEST_LOG_SINK_MIN_LEN 8 +#define NEST_LOG_SINK_MIN_MATCH 3 + +void ndpi_search_nest_log_sink( + struct ndpi_detection_module_struct *ndpi_struct, + struct ndpi_flow_struct *flow) +{ + struct ndpi_packet_struct *packet = &flow->packet; + const u_int8_t *offset = packet->payload; + u_int8_t *matches; + + NDPI_LOG_DBG(ndpi_struct, "search nest_log_sink\n"); + + if (packet->payload_packet_len < NEST_LOG_SINK_MIN_LEN) { + NDPI_EXCLUDE_PROTO(ndpi_struct, flow); + return; + } + + if (ntohs(packet->tcp->source) != NEST_LOG_SINK_PORT && + ntohs(packet->tcp->dest) != NEST_LOG_SINK_PORT) { + NDPI_EXCLUDE_PROTO(ndpi_struct, flow); + return; + } + + if (packet->payload[1] <= 0x02 && + (packet->payload[2] == 0x00 || packet->payload[2] == 0x10) && + packet->payload[3] == 0x13) + flow->l4.tcp.nest_log_sink_matches++; + + if (flow->l4.tcp.nest_log_sink_matches == NEST_LOG_SINK_MIN_MATCH) { + NDPI_LOG_INFO(ndpi_struct, "found nest_log_sink\n"); + ndpi_set_detected_protocol(ndpi_struct, flow, NDPI_PROTOCOL_NEST_LOG_SINK, NDPI_PROTOCOL_UNKNOWN); + } +} + +void init_nest_log_sink_dissector( + struct ndpi_detection_module_struct *ndpi_struct, + u_int32_t *id, NDPI_PROTOCOL_BITMASK *detection_bitmask) +{ + ndpi_set_bitmask_protocol_detection("NEST_LOG_SINK", + ndpi_struct, detection_bitmask, *id, + NDPI_PROTOCOL_NEST_LOG_SINK, + ndpi_search_nest_log_sink, + NDPI_SELECTION_BITMASK_PROTOCOL_V4_V6_TCP_WITH_PAYLOAD, + SAVE_DETECTION_BITMASK_AS_UNKNOWN, + ADD_TO_DETECTION_BITMASK); + + *id += 1; +} diff --git a/tests/pcap/nest_log_sink.pcap b/tests/pcap/nest_log_sink.pcap new file mode 100644 index 000000000..2cf286d22 Binary files /dev/null and b/tests/pcap/nest_log_sink.pcap differ -- cgit v1.2.3 From f7e7ef2f30620e604b3ecaeec1c166ad36da59a9 Mon Sep 17 00:00:00 2001 From: Luca Deri Date: Sat, 3 Nov 2018 10:05:13 +0100 Subject: Improved SSL decoding --- example/ndpi_util.h | 2 +- src/include/ndpi_typedefs.h | 2 +- src/lib/protocols/ssl.c | 15 +++++++++++++-- tests/result/bitcoin.pcap.out | 12 ++++++------ tests/result/ethereum.pcap.out | 4 ++-- tests/result/monero.pcap.out | 4 ++-- tests/result/nintendo.pcap.out | 4 ++-- tests/result/pps.pcap.out | 4 ++-- tests/result/zcash.pcap.out | 2 +- 9 files changed, 30 insertions(+), 19 deletions(-) (limited to 'tests') diff --git a/example/ndpi_util.h b/example/ndpi_util.h index 0ea174aa5..d1d461490 100644 --- a/example/ndpi_util.h +++ b/example/ndpi_util.h @@ -79,7 +79,7 @@ typedef struct ndpi_flow_info { char bittorent_hash[41]; struct { - char client_info[48], server_info[48]; + char client_info[64], server_info[64]; } ssh_ssl; void *src_id, *dst_id; diff --git a/src/include/ndpi_typedefs.h b/src/include/ndpi_typedefs.h index f0b47b358..51681e60e 100644 --- a/src/include/ndpi_typedefs.h +++ b/src/include/ndpi_typedefs.h @@ -1080,7 +1080,7 @@ struct ndpi_flow_struct { struct { struct { - char client_certificate[48], server_certificate[48]; + char client_certificate[64], server_certificate[64]; } ssl; struct { diff --git a/src/lib/protocols/ssl.c b/src/lib/protocols/ssl.c index 59aedcb45..979d234b9 100644 --- a/src/lib/protocols/ssl.c +++ b/src/lib/protocols/ssl.c @@ -284,9 +284,18 @@ int getSSLcertificate(struct ndpi_detection_module_struct *ndpi_struct, #endif if(extension_id == 0) { - u_int begin = 0,len; +#if 1 + u_int16_t len; + + len = (packet->payload[offset+extension_offset+3] << 8) + packet->payload[offset+extension_offset+4]; + len = (u_int)ndpi_min(len, buffer_len-1); + strncpy(buffer, (char*)&packet->payload[offset+extension_offset+5], len); + buffer[len] = '\0'; +#else + /* old code */ + u_int begin = 0; char *server_name = (char*)&packet->payload[offset+extension_offset]; - + while(begin < extension_len) { if((!ndpi_isprint(server_name[begin])) || ndpi_ispunct(server_name[begin]) @@ -299,6 +308,8 @@ int getSSLcertificate(struct ndpi_detection_module_struct *ndpi_struct, len = (u_int)ndpi_min(extension_len-begin, buffer_len-1); strncpy(buffer, &server_name[begin], len); buffer[len] = '\0'; +#endif + stripCertificateTrailer(buffer, buffer_len); if(!ndpi_struct->disable_metadata_export) { diff --git a/tests/result/bitcoin.pcap.out b/tests/result/bitcoin.pcap.out index d10fa583d..3b0e89dd0 100644 --- a/tests/result/bitcoin.pcap.out +++ b/tests/result/bitcoin.pcap.out @@ -1,8 +1,8 @@ Mining 637 581074 6 - 1 TCP 192.168.1.142:55328 <-> 69.118.54.122:8333 [proto: 42/Mining][cat: Unspecified/99][2 pkts/281 bytes <-> 137 pkts/191029 bytes] - 2 TCP 192.168.1.142:55348 <-> 74.89.181.229:8333 [proto: 42/Mining][cat: Unspecified/99][55 pkts/28663 bytes <-> 117 pkts/134830 bytes] - 3 TCP 192.168.1.142:55383 <-> 66.68.83.22:8333 [proto: 42/Mining][cat: Unspecified/99][65 pkts/45271 bytes <-> 96 pkts/70339 bytes] - 4 TCP 192.168.1.142:55400 <-> 195.218.16.178:8333 [proto: 42/Mining][cat: Unspecified/99][47 pkts/26824 bytes <-> 72 pkts/55927 bytes] - 5 TCP 192.168.1.142:55317 <-> 188.165.213.169:8333 [proto: 42/Mining][cat: Unspecified/99][16 pkts/21673 bytes <-> 3 pkts/1771 bytes] - 6 TCP 192.168.1.142:55487 <-> 184.58.165.119:8333 [proto: 42/Mining][cat: Unspecified/99][24 pkts/3082 bytes <-> 3 pkts/1384 bytes] + 1 TCP 192.168.1.142:55328 <-> 69.118.54.122:8333 [proto: 42/Mining][cat: Mining/99][2 pkts/281 bytes <-> 137 pkts/191029 bytes] + 2 TCP 192.168.1.142:55348 <-> 74.89.181.229:8333 [proto: 42/Mining][cat: Mining/99][55 pkts/28663 bytes <-> 117 pkts/134830 bytes] + 3 TCP 192.168.1.142:55383 <-> 66.68.83.22:8333 [proto: 42/Mining][cat: Mining/99][65 pkts/45271 bytes <-> 96 pkts/70339 bytes] + 4 TCP 192.168.1.142:55400 <-> 195.218.16.178:8333 [proto: 42/Mining][cat: Mining/99][47 pkts/26824 bytes <-> 72 pkts/55927 bytes] + 5 TCP 192.168.1.142:55317 <-> 188.165.213.169:8333 [proto: 42/Mining][cat: Mining/99][16 pkts/21673 bytes <-> 3 pkts/1771 bytes] + 6 TCP 192.168.1.142:55487 <-> 184.58.165.119:8333 [proto: 42/Mining][cat: Mining/99][24 pkts/3082 bytes <-> 3 pkts/1384 bytes] diff --git a/tests/result/ethereum.pcap.out b/tests/result/ethereum.pcap.out index a4c607d2d..2afe0fad1 100644 --- a/tests/result/ethereum.pcap.out +++ b/tests/result/ethereum.pcap.out @@ -1,4 +1,4 @@ Mining 819 134165 2 - 1 TCP 192.168.2.92:57726 <-> 94.23.36.128:4444 [proto: 42/Mining][cat: Unspecified/99][478 pkts/52883 bytes <-> 308 pkts/76667 bytes] - 2 TCP 192.168.2.92:41680 <-> 91.121.222.33:4444 [proto: 42/Mining][cat: Unspecified/99][20 pkts/2159 bytes <-> 13 pkts/2456 bytes] + 1 TCP 192.168.2.92:57726 <-> 94.23.36.128:4444 [proto: 42/Mining][cat: Mining/99][478 pkts/52883 bytes <-> 308 pkts/76667 bytes] + 2 TCP 192.168.2.92:41680 <-> 91.121.222.33:4444 [proto: 42/Mining][cat: Mining/99][20 pkts/2159 bytes <-> 13 pkts/2456 bytes] diff --git a/tests/result/monero.pcap.out b/tests/result/monero.pcap.out index 732ada2ed..d37beae60 100644 --- a/tests/result/monero.pcap.out +++ b/tests/result/monero.pcap.out @@ -1,4 +1,4 @@ Mining 319 166676 2 - 1 TCP 192.168.2.148:46838 <-> 94.23.199.191:3333 [proto: 42/Mining][cat: Unspecified/99][159 pkts/143155 bytes <-> 113 pkts/13204 bytes] - 2 TCP 192.168.2.148:53846 <-> 116.211.167.195:3333 [proto: 42/Mining][cat: Unspecified/99][24 pkts/4455 bytes <-> 23 pkts/5862 bytes] + 1 TCP 192.168.2.148:46838 <-> 94.23.199.191:3333 [proto: 42/Mining][cat: Mining/99][159 pkts/143155 bytes <-> 113 pkts/13204 bytes] + 2 TCP 192.168.2.148:53846 <-> 116.211.167.195:3333 [proto: 42/Mining][cat: Mining/99][24 pkts/4455 bytes <-> 23 pkts/5862 bytes] diff --git a/tests/result/nintendo.pcap.out b/tests/result/nintendo.pcap.out index 025c468b3..e6f3b10fb 100644 --- a/tests/result/nintendo.pcap.out +++ b/tests/result/nintendo.pcap.out @@ -6,8 +6,8 @@ Amazon 76 10811 7 2 UDP 192.168.12.114:55915 <-> 93.237.131.235:56066 [proto: 173/Nintendo][cat: Game/8][122 pkts/48332 bytes <-> 35 pkts/5026 bytes] 3 UDP 192.168.12.114:55915 <-> 81.61.158.138:51769 [proto: 173/Nintendo][cat: Game/8][122 pkts/46476 bytes <-> 38 pkts/5268 bytes] 4 TCP 54.187.10.185:443 <-> 192.168.12.114:48328 [proto: 91.178/SSL.Amazon][cat: Web/5][34 pkts/4466 bytes <-> 20 pkts/4021 bytes] - 5 TCP 192.168.12.114:41517 <-> 54.192.27.217:443 [proto: 91.173/SSL.Nintendo][cat: Game/8][11 pkts/2898 bytes <-> 10 pkts/4865 bytes][client: 5][server: *.baas.nintendo.com] - 6 TCP 192.168.12.114:31329 <-> 54.192.27.8:443 [proto: 91.173/SSL.Nintendo][cat: Game/8][10 pkts/2833 bytes <-> 10 pkts/4866 bytes][client: 5][server: *.baas.nintendo.com] + 5 TCP 192.168.12.114:41517 <-> 54.192.27.217:443 [proto: 91.173/SSL.Nintendo][cat: Game/8][11 pkts/2898 bytes <-> 10 pkts/4865 bytes][client: e0d67c509fb203858ebcb2fe3f88c2aa.baas.nintendo.][server: *.baas.nintendo.com] + 6 TCP 192.168.12.114:31329 <-> 54.192.27.8:443 [proto: 91.173/SSL.Nintendo][cat: Game/8][10 pkts/2833 bytes <-> 10 pkts/4866 bytes][client: e0d67c509fb203858ebcb2fe3f88c2aa.baas.nintendo.][server: *.baas.nintendo.com] 7 UDP 192.168.12.114:52119 <-> 91.8.243.35:49432 [proto: 173/Nintendo][cat: Game/8][23 pkts/2682 bytes <-> 16 pkts/3408 bytes] 8 UDP 192.168.12.114:52119 <-> 109.21.255.11:50251 [proto: 173/Nintendo][cat: Game/8][8 pkts/1024 bytes <-> 8 pkts/1024 bytes] 9 UDP 192.168.12.114:52119 <-> 134.3.248.25:56955 [proto: 173/Nintendo][cat: Game/8][8 pkts/1040 bytes <-> 7 pkts/922 bytes] diff --git a/tests/result/pps.pcap.out b/tests/result/pps.pcap.out index dd6d1710b..778aa1197 100644 --- a/tests/result/pps.pcap.out +++ b/tests/result/pps.pcap.out @@ -23,11 +23,11 @@ GenericProtocol 1429 1780307 49 16 TCP 192.168.115.8:50779 <-> 111.206.22.77:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][2 pkts/1438 bytes <-> 1 pkts/194 bytes][Host: msg.iqiyi.com] 17 UDP 192.168.5.38:58897 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][9 pkts/1575 bytes -> 0 pkts/0 bytes] 18 UDP 192.168.115.1:50945 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][9 pkts/1539 bytes -> 0 pkts/0 bytes] - 19 TCP 192.168.115.8:50464 <-> 123.125.112.49:80 [proto: 7.137/HTTP.GenericProtocol][cat: Web/5][1 pkts/707 bytes <-> 1 pkts/744 bytes][Host: click.hm.baidu.com] + 19 TCP 192.168.115.8:50464 <-> 123.125.112.49:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/707 bytes <-> 1 pkts/744 bytes][Host: click.hm.baidu.com] 20 TCP 192.168.115.8:50492 <-> 111.206.13.3:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/389 bytes <-> 2 pkts/1034 bytes][Host: pdata.video.qiyi.com] 21 TCP 192.168.115.8:50777 <-> 111.206.22.77:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/1186 bytes <-> 1 pkts/194 bytes][Host: msg.iqiyi.com] 22 TCP 192.168.115.8:50494 <-> 223.26.106.66:80 [proto: 7.60/HTTP.HTTP_Download][cat: Download-FileTransfer-FileSharing/7][2 pkts/887 bytes <-> 1 pkts/443 bytes][Host: 223.26.106.66] - 23 TCP 192.168.115.8:50497 <-> 123.125.112.49:80 [proto: 7.137/HTTP.GenericProtocol][cat: Web/5][1 pkts/1004 bytes <-> 2 pkts/301 bytes][Host: click.hm.baidu.com] + 23 TCP 192.168.115.8:50497 <-> 123.125.112.49:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/1004 bytes <-> 2 pkts/301 bytes][Host: click.hm.baidu.com] 24 TCP 192.168.115.8:50499 <-> 111.206.22.76:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/1097 bytes <-> 1 pkts/199 bytes][Host: msg.iqiyi.com] 25 TCP 192.168.115.8:50474 <-> 202.108.14.221:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/1100 bytes <-> 1 pkts/194 bytes][Host: msg.iqiyi.com] 26 TCP 192.168.115.8:50507 <-> 223.26.106.19:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/212 bytes <-> 1 pkts/1063 bytes][Host: static.qiyi.com] diff --git a/tests/result/zcash.pcap.out b/tests/result/zcash.pcap.out index eb3e155ee..f144e4f21 100644 --- a/tests/result/zcash.pcap.out +++ b/tests/result/zcash.pcap.out @@ -1,3 +1,3 @@ Mining 145 20644 1 - 1 TCP 192.168.2.92:55190 <-> 178.32.196.217:9050 [proto: 42/Mining][cat: Unspecified/99][83 pkts/11785 bytes <-> 62 pkts/8859 bytes] + 1 TCP 192.168.2.92:55190 <-> 178.32.196.217:9050 [proto: 42/Mining][cat: Mining/99][83 pkts/11785 bytes <-> 62 pkts/8859 bytes] -- cgit v1.2.3 From 9c5a4a6d1f117dbc8e3d0d46fa2d36f1d65761b3 Mon Sep 17 00:00:00 2001 From: Luca Deri Date: Wed, 7 Nov 2018 22:45:29 +0100 Subject: Added UPnP test pcap updated Nintendo test ourcome --- tests/pcap/upnp.pcap | Bin 0 -> 10648 bytes tests/result/nintendo.pcap.out | 4 ++-- tests/result/upnp.pcap.out | 4 ++++ 3 files changed, 6 insertions(+), 2 deletions(-) create mode 100644 tests/pcap/upnp.pcap create mode 100644 tests/result/upnp.pcap.out (limited to 'tests') diff --git a/tests/pcap/upnp.pcap b/tests/pcap/upnp.pcap new file mode 100644 index 000000000..c1068b04a Binary files /dev/null and b/tests/pcap/upnp.pcap differ diff --git a/tests/result/nintendo.pcap.out b/tests/result/nintendo.pcap.out index e6f3b10fb..6535e7cc5 100644 --- a/tests/result/nintendo.pcap.out +++ b/tests/result/nintendo.pcap.out @@ -6,8 +6,8 @@ Amazon 76 10811 7 2 UDP 192.168.12.114:55915 <-> 93.237.131.235:56066 [proto: 173/Nintendo][cat: Game/8][122 pkts/48332 bytes <-> 35 pkts/5026 bytes] 3 UDP 192.168.12.114:55915 <-> 81.61.158.138:51769 [proto: 173/Nintendo][cat: Game/8][122 pkts/46476 bytes <-> 38 pkts/5268 bytes] 4 TCP 54.187.10.185:443 <-> 192.168.12.114:48328 [proto: 91.178/SSL.Amazon][cat: Web/5][34 pkts/4466 bytes <-> 20 pkts/4021 bytes] - 5 TCP 192.168.12.114:41517 <-> 54.192.27.217:443 [proto: 91.173/SSL.Nintendo][cat: Game/8][11 pkts/2898 bytes <-> 10 pkts/4865 bytes][client: e0d67c509fb203858ebcb2fe3f88c2aa.baas.nintendo.][server: *.baas.nintendo.com] - 6 TCP 192.168.12.114:31329 <-> 54.192.27.8:443 [proto: 91.173/SSL.Nintendo][cat: Game/8][10 pkts/2833 bytes <-> 10 pkts/4866 bytes][client: e0d67c509fb203858ebcb2fe3f88c2aa.baas.nintendo.][server: *.baas.nintendo.com] + 5 TCP 192.168.12.114:41517 <-> 54.192.27.217:443 [proto: 91.173/SSL.Nintendo][cat: Game/8][11 pkts/2898 bytes <-> 10 pkts/4865 bytes][client: e0d67c509fb203858ebcb2fe3f88c2aa.baas.nintendo.com][server: *.baas.nintendo.com] + 6 TCP 192.168.12.114:31329 <-> 54.192.27.8:443 [proto: 91.173/SSL.Nintendo][cat: Game/8][10 pkts/2833 bytes <-> 10 pkts/4866 bytes][client: e0d67c509fb203858ebcb2fe3f88c2aa.baas.nintendo.com][server: *.baas.nintendo.com] 7 UDP 192.168.12.114:52119 <-> 91.8.243.35:49432 [proto: 173/Nintendo][cat: Game/8][23 pkts/2682 bytes <-> 16 pkts/3408 bytes] 8 UDP 192.168.12.114:52119 <-> 109.21.255.11:50251 [proto: 173/Nintendo][cat: Game/8][8 pkts/1024 bytes <-> 8 pkts/1024 bytes] 9 UDP 192.168.12.114:52119 <-> 134.3.248.25:56955 [proto: 173/Nintendo][cat: Game/8][8 pkts/1040 bytes <-> 7 pkts/922 bytes] diff --git a/tests/result/upnp.pcap.out b/tests/result/upnp.pcap.out new file mode 100644 index 000000000..923a6688a --- /dev/null +++ b/tests/result/upnp.pcap.out @@ -0,0 +1,4 @@ +UPnP 14 9912 2 + + 1 UDP [fe80::3441:3d24:6d30:a807]:58932 -> [ff02::c]:3702 [proto: 153/UPnP][cat: Network/14][7 pkts/5026 bytes -> 0 pkts/0 bytes] + 2 UDP 192.168.61.66:58931 -> 239.255.255.250:3702 [proto: 153/UPnP][cat: Network/14][7 pkts/4886 bytes -> 0 pkts/0 bytes] -- cgit v1.2.3 From 8e6640605a513ab63c06315525a20b962013c0f3 Mon Sep 17 00:00:00 2001 From: Luca Deri Date: Thu, 8 Nov 2018 22:13:05 +0100 Subject: Removed skype false positives better STUP detection --- src/lib/ndpi_main.c | 8 ++++++++ tests/result/whatsapp_voice_and_message.pcap.out | 5 ++--- 2 files changed, 10 insertions(+), 3 deletions(-) (limited to 'tests') diff --git a/src/lib/ndpi_main.c b/src/lib/ndpi_main.c index 7dd8777ec..c099b3a32 100644 --- a/src/lib/ndpi_main.c +++ b/src/lib/ndpi_main.c @@ -3971,6 +3971,12 @@ ndpi_protocol ndpi_detection_giveup(struct ndpi_detection_module_struct *ndpi_st if((guessed_protocol_id != NDPI_PROTOCOL_UNKNOWN) || (guessed_host_protocol_id != NDPI_PROTOCOL_UNKNOWN)) { + + if((guessed_protocol_id == 0) + && (flow->protos.stun_ssl.stun.num_binding_requests > 0) + && (flow->protos.stun_ssl.stun.num_processed_pkts > 0)) + guessed_protocol_id = NDPI_PROTOCOL_STUN; + ndpi_int_change_protocol(ndpi_struct, flow, guessed_host_protocol_id, guessed_protocol_id); @@ -3988,11 +3994,13 @@ ndpi_protocol ndpi_detection_giveup(struct ndpi_detection_module_struct *ndpi_st && (flow->guessed_protocol_id == NDPI_PROTOCOL_STUN)) { check_stun_export: if(flow->protos.stun_ssl.stun.num_processed_pkts > 0) { +#if 0 if(flow->protos.stun_ssl.stun.num_processed_pkts >= NDPI_MIN_NUM_STUN_DETECTION) { u_int16_t proto = (flow->protos.stun_ssl.stun.num_binding_requests < 4) ? NDPI_PROTOCOL_SKYPE_CALL_IN : NDPI_PROTOCOL_SKYPE_CALL_OUT; ndpi_set_detected_protocol(ndpi_struct, flow, proto, NDPI_PROTOCOL_SKYPE); } else +#endif ndpi_set_detected_protocol(ndpi_struct, flow, NDPI_PROTOCOL_STUN, flow->guessed_host_protocol_id); } } diff --git a/tests/result/whatsapp_voice_and_message.pcap.out b/tests/result/whatsapp_voice_and_message.pcap.out index e14163cbd..18ed7943d 100644 --- a/tests/result/whatsapp_voice_and_message.pcap.out +++ b/tests/result/whatsapp_voice_and_message.pcap.out @@ -1,5 +1,4 @@ -SkypeCallIn 9 1184 1 -STUN 35 4732 7 +STUN 44 5916 8 WhatsApp 217 22139 5 1 TCP 10.8.0.1:42241 <-> 173.192.222.189:5222 [proto: 142/WhatsApp][cat: Chat/9][30 pkts/2539 bytes <-> 32 pkts/3070 bytes] @@ -7,7 +6,7 @@ WhatsApp 217 22139 5 3 TCP 10.8.0.1:44819 <-> 158.85.58.42:5222 [proto: 142/WhatsApp][cat: Chat/9][15 pkts/2690 bytes <-> 15 pkts/2019 bytes] 4 TCP 10.8.0.1:49721 <-> 158.85.58.109:5222 [proto: 142/WhatsApp][cat: Chat/9][26 pkts/2311 bytes <-> 26 pkts/2300 bytes] 5 TCP 10.8.0.1:51570 <-> 158.85.5.199:443 [proto: 142/WhatsApp][cat: Chat/9][14 pkts/1123 bytes <-> 13 pkts/1097 bytes] - 6 UDP 10.8.0.1:53620 <-> 31.13.73.48:3478 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][5 pkts/840 bytes <-> 4 pkts/344 bytes] + 6 UDP 10.8.0.1:53620 <-> 31.13.73.48:3478 [proto: 119.78/Facebook.STUN][cat: Network/14][5 pkts/840 bytes <-> 4 pkts/344 bytes] 7 UDP 10.8.0.1:53620 <-> 31.13.64.48:3478 [proto: 119.78/Facebook.STUN][cat: Network/14][3 pkts/504 bytes <-> 2 pkts/172 bytes] 8 UDP 10.8.0.1:53620 <-> 31.13.74.48:3478 [proto: 119.78/Facebook.STUN][cat: Network/14][3 pkts/504 bytes <-> 2 pkts/172 bytes] 9 UDP 10.8.0.1:53620 <-> 31.13.79.192:3478 [proto: 119.78/Facebook.STUN][cat: Network/14][3 pkts/504 bytes <-> 2 pkts/172 bytes] -- cgit v1.2.3 From b31337db4a8fadc90ef6e45d761696d1d0d50182 Mon Sep 17 00:00:00 2001 From: Luca Deri Date: Fri, 9 Nov 2018 11:31:08 +0100 Subject: Improved Skype detection --- src/lib/ndpi_content_match.c.inc | 1 + src/lib/ndpi_main.c | 5 ++-- src/lib/protocols/stun.c | 16 ++++++++++++- tests/result/whatsapp_login_call.pcap.out | 30 ++++++++++++------------ tests/result/whatsapp_voice_and_message.pcap.out | 19 ++++++++------- 5 files changed, 43 insertions(+), 28 deletions(-) (limited to 'tests') diff --git a/src/lib/ndpi_content_match.c.inc b/src/lib/ndpi_content_match.c.inc index e39fc3939..71e236d37 100644 --- a/src/lib/ndpi_content_match.c.inc +++ b/src/lib/ndpi_content_match.c.inc @@ -706,6 +706,7 @@ static ndpi_network host_protocol_list[] = { { 0x287F816D /* 40.126.129.109 */, 32, NDPI_PROTOCOL_SKYPE }, { 0x4237DF00 /* 65.55.223.0 */, 26, NDPI_PROTOCOL_SKYPE }, { 0x17600000 /* 23.96.0.0 */, 13, NDPI_PROTOCOL_SKYPE }, + { 0x34724A05 /* 52.114.74.5 */, 32, NDPI_PROTOCOL_SKYPE }, /* Blizzard Entertainment, Inc diff --git a/src/lib/ndpi_main.c b/src/lib/ndpi_main.c index 242f7e35e..da478cc3b 100644 --- a/src/lib/ndpi_main.c +++ b/src/lib/ndpi_main.c @@ -3994,13 +3994,12 @@ ndpi_protocol ndpi_detection_giveup(struct ndpi_detection_module_struct *ndpi_st && (flow->guessed_protocol_id == NDPI_PROTOCOL_STUN)) { check_stun_export: if(flow->protos.stun_ssl.stun.num_processed_pkts > 0) { -#if 0 - if(flow->protos.stun_ssl.stun.num_processed_pkts >= NDPI_MIN_NUM_STUN_DETECTION) { + if(/* (flow->protos.stun_ssl.stun.num_processed_pkts >= NDPI_MIN_NUM_STUN_DETECTION) */ + flow->protos.stun_ssl.stun.is_skype) { u_int16_t proto = (flow->protos.stun_ssl.stun.num_binding_requests < 4) ? NDPI_PROTOCOL_SKYPE_CALL_IN : NDPI_PROTOCOL_SKYPE_CALL_OUT; ndpi_set_detected_protocol(ndpi_struct, flow, proto, NDPI_PROTOCOL_SKYPE); } else -#endif ndpi_set_detected_protocol(ndpi_struct, flow, flow->guessed_host_protocol_id, NDPI_PROTOCOL_STUN); } } diff --git a/src/lib/protocols/stun.c b/src/lib/protocols/stun.c index ad6a585f9..cb1322e5e 100644 --- a/src/lib/protocols/stun.c +++ b/src/lib/protocols/stun.c @@ -106,7 +106,7 @@ static ndpi_int_stun_t ndpi_int_check_stun(struct ndpi_detection_module_struct * case 0x4002: /* These are the only messages apparently whatsapp voice can use */ break; - + case 0x8054: /* Candidate Identifier */ if((len == 4) && ((offset+7) < payload_length) @@ -119,6 +119,20 @@ static ndpi_int_stun_t ndpi_int_check_stun(struct ndpi_detection_module_struct * } break; + case 0x8055: /* MS Service Quality (skype?) */ + break; + + /* Proprietary fields found on skype calls */ + case 0x24DF: + case 0x3802: + case 0x8036: + case 0x8095: + case 0x0800: + /* printf("====>>>> %04X\n", attribute); */ + flow->protos.stun_ssl.stun.is_skype = 1; + return(NDPI_IS_STUN); + break; + case 0x8070: /* Implementation Version */ if((len == 4) && ((offset+7) < payload_length) diff --git a/tests/result/whatsapp_login_call.pcap.out b/tests/result/whatsapp_login_call.pcap.out index 0fa82a7df..666b3d70a 100644 --- a/tests/result/whatsapp_login_call.pcap.out +++ b/tests/result/whatsapp_login_call.pcap.out @@ -2,13 +2,13 @@ Unknown 27 2322 2 HTTP 11 726 3 MDNS 8 952 4 DHCP 10 3420 1 -STUN 70 9464 14 ICMP 10 700 1 SSL 8 589 2 Dropbox 4 2176 1 Apple 105 22176 19 WhatsApp 182 25154 2 Spotify 3 258 1 +Messenger 70 9464 14 WhatsAppVoice 706 91156 4 AppleStore 85 28087 2 ApplePush 22 5926 1 @@ -26,20 +26,20 @@ ApplePush 22 5926 1 11 UDP 192.168.2.1:17500 -> 192.168.2.255:17500 [proto: 121/Dropbox][cat: Cloud/13][4 pkts/2176 bytes -> 0 pkts/0 bytes] 12 TCP 192.168.2.4:49199 <-> 17.172.100.70:993 [proto: 51.140/IMAPS.Apple][cat: Web/5][9 pkts/1130 bytes <-> 8 pkts/868 bytes] 13 ICMP 192.168.2.4:0 -> 91.253.176.65:0 [proto: 81/ICMP][cat: Network/14][10 pkts/700 bytes -> 0 pkts/0 bytes] - 14 UDP 192.168.2.4:51518 <-> 31.13.64.48:3478 [proto: 119.78/Facebook.STUN][cat: Network/14][3 pkts/504 bytes <-> 2 pkts/172 bytes] - 15 UDP 192.168.2.4:51518 <-> 31.13.70.48:3478 [proto: 119.78/Facebook.STUN][cat: Network/14][3 pkts/504 bytes <-> 2 pkts/172 bytes] - 16 UDP 192.168.2.4:51518 <-> 31.13.73.48:3478 [proto: 119.78/Facebook.STUN][cat: Network/14][3 pkts/504 bytes <-> 2 pkts/172 bytes] - 17 UDP 192.168.2.4:51518 <-> 31.13.79.192:3478 [proto: 119.78/Facebook.STUN][cat: Network/14][3 pkts/504 bytes <-> 2 pkts/172 bytes] - 18 UDP 192.168.2.4:51518 <-> 31.13.85.48:3478 [proto: 119.78/Facebook.STUN][cat: Network/14][3 pkts/504 bytes <-> 2 pkts/172 bytes] - 19 UDP 192.168.2.4:51518 <-> 31.13.91.48:3478 [proto: 119.78/Facebook.STUN][cat: Network/14][3 pkts/504 bytes <-> 2 pkts/172 bytes] - 20 UDP 192.168.2.4:51518 <-> 31.13.100.14:3478 [proto: 119.78/Facebook.STUN][cat: Network/14][3 pkts/504 bytes <-> 2 pkts/172 bytes] - 21 UDP 192.168.2.4:52794 <-> 31.13.73.48:3478 [proto: 119.78/Facebook.STUN][cat: Network/14][3 pkts/504 bytes <-> 2 pkts/172 bytes] - 22 UDP 192.168.2.4:52794 <-> 31.13.74.48:3478 [proto: 119.78/Facebook.STUN][cat: Network/14][3 pkts/504 bytes <-> 2 pkts/172 bytes] - 23 UDP 192.168.2.4:52794 <-> 31.13.79.192:3478 [proto: 119.78/Facebook.STUN][cat: Network/14][3 pkts/504 bytes <-> 2 pkts/172 bytes] - 24 UDP 192.168.2.4:52794 <-> 31.13.90.48:3478 [proto: 119.78/Facebook.STUN][cat: Network/14][3 pkts/504 bytes <-> 2 pkts/172 bytes] - 25 UDP 192.168.2.4:52794 <-> 31.13.93.48:3478 [proto: 119.78/Facebook.STUN][cat: Network/14][3 pkts/504 bytes <-> 2 pkts/172 bytes] - 26 UDP 192.168.2.4:52794 <-> 173.252.114.1:3478 [proto: 119.78/Facebook.STUN][cat: Network/14][3 pkts/504 bytes <-> 2 pkts/172 bytes] - 27 UDP 192.168.2.4:52794 <-> 179.60.192.48:3478 [proto: 119.78/Facebook.STUN][cat: Network/14][3 pkts/504 bytes <-> 2 pkts/172 bytes] + 14 UDP 192.168.2.4:51518 <-> 31.13.64.48:3478 [proto: 78.157/STUN.Messenger][cat: Chat/9][3 pkts/504 bytes <-> 2 pkts/172 bytes] + 15 UDP 192.168.2.4:51518 <-> 31.13.70.48:3478 [proto: 78.157/STUN.Messenger][cat: Chat/9][3 pkts/504 bytes <-> 2 pkts/172 bytes] + 16 UDP 192.168.2.4:51518 <-> 31.13.73.48:3478 [proto: 78.157/STUN.Messenger][cat: Chat/9][3 pkts/504 bytes <-> 2 pkts/172 bytes] + 17 UDP 192.168.2.4:51518 <-> 31.13.79.192:3478 [proto: 78.157/STUN.Messenger][cat: Chat/9][3 pkts/504 bytes <-> 2 pkts/172 bytes] + 18 UDP 192.168.2.4:51518 <-> 31.13.85.48:3478 [proto: 78.157/STUN.Messenger][cat: Chat/9][3 pkts/504 bytes <-> 2 pkts/172 bytes] + 19 UDP 192.168.2.4:51518 <-> 31.13.91.48:3478 [proto: 78.157/STUN.Messenger][cat: Chat/9][3 pkts/504 bytes <-> 2 pkts/172 bytes] + 20 UDP 192.168.2.4:51518 <-> 31.13.100.14:3478 [proto: 78.157/STUN.Messenger][cat: Chat/9][3 pkts/504 bytes <-> 2 pkts/172 bytes] + 21 UDP 192.168.2.4:52794 <-> 31.13.73.48:3478 [proto: 78.157/STUN.Messenger][cat: Chat/9][3 pkts/504 bytes <-> 2 pkts/172 bytes] + 22 UDP 192.168.2.4:52794 <-> 31.13.74.48:3478 [proto: 78.157/STUN.Messenger][cat: Chat/9][3 pkts/504 bytes <-> 2 pkts/172 bytes] + 23 UDP 192.168.2.4:52794 <-> 31.13.79.192:3478 [proto: 78.157/STUN.Messenger][cat: Chat/9][3 pkts/504 bytes <-> 2 pkts/172 bytes] + 24 UDP 192.168.2.4:52794 <-> 31.13.90.48:3478 [proto: 78.157/STUN.Messenger][cat: Chat/9][3 pkts/504 bytes <-> 2 pkts/172 bytes] + 25 UDP 192.168.2.4:52794 <-> 31.13.93.48:3478 [proto: 78.157/STUN.Messenger][cat: Chat/9][3 pkts/504 bytes <-> 2 pkts/172 bytes] + 26 UDP 192.168.2.4:52794 <-> 173.252.114.1:3478 [proto: 78.157/STUN.Messenger][cat: Chat/9][3 pkts/504 bytes <-> 2 pkts/172 bytes] + 27 UDP 192.168.2.4:52794 <-> 179.60.192.48:3478 [proto: 78.157/STUN.Messenger][cat: Chat/9][3 pkts/504 bytes <-> 2 pkts/172 bytes] 28 TCP 192.168.2.4:49172 <-> 23.50.148.228:443 [proto: 91/SSL][cat: Web/5][3 pkts/174 bytes <-> 2 pkts/217 bytes] 29 TCP 192.168.2.4:49192 <-> 93.186.135.8:80 [proto: 7/HTTP][cat: Web/5][3 pkts/198 bytes <-> 2 pkts/132 bytes] 30 UDP 192.168.2.4:51897 <-> 192.168.2.1:53 [proto: 5.140/DNS.Apple][cat: Web/5][1 pkts/79 bytes <-> 1 pkts/251 bytes][Host: query.ess.apple.com] diff --git a/tests/result/whatsapp_voice_and_message.pcap.out b/tests/result/whatsapp_voice_and_message.pcap.out index 18ed7943d..2b9ee2e26 100644 --- a/tests/result/whatsapp_voice_and_message.pcap.out +++ b/tests/result/whatsapp_voice_and_message.pcap.out @@ -1,16 +1,17 @@ -STUN 44 5916 8 +SkypeCallIn 9 1184 1 WhatsApp 217 22139 5 +Messenger 35 4732 7 1 TCP 10.8.0.1:42241 <-> 173.192.222.189:5222 [proto: 142/WhatsApp][cat: Chat/9][30 pkts/2539 bytes <-> 32 pkts/3070 bytes] 2 TCP 10.8.0.1:35480 <-> 184.173.179.46:443 [proto: 142/WhatsApp][cat: Chat/9][24 pkts/3029 bytes <-> 22 pkts/1961 bytes] 3 TCP 10.8.0.1:44819 <-> 158.85.58.42:5222 [proto: 142/WhatsApp][cat: Chat/9][15 pkts/2690 bytes <-> 15 pkts/2019 bytes] 4 TCP 10.8.0.1:49721 <-> 158.85.58.109:5222 [proto: 142/WhatsApp][cat: Chat/9][26 pkts/2311 bytes <-> 26 pkts/2300 bytes] 5 TCP 10.8.0.1:51570 <-> 158.85.5.199:443 [proto: 142/WhatsApp][cat: Chat/9][14 pkts/1123 bytes <-> 13 pkts/1097 bytes] - 6 UDP 10.8.0.1:53620 <-> 31.13.73.48:3478 [proto: 119.78/Facebook.STUN][cat: Network/14][5 pkts/840 bytes <-> 4 pkts/344 bytes] - 7 UDP 10.8.0.1:53620 <-> 31.13.64.48:3478 [proto: 119.78/Facebook.STUN][cat: Network/14][3 pkts/504 bytes <-> 2 pkts/172 bytes] - 8 UDP 10.8.0.1:53620 <-> 31.13.74.48:3478 [proto: 119.78/Facebook.STUN][cat: Network/14][3 pkts/504 bytes <-> 2 pkts/172 bytes] - 9 UDP 10.8.0.1:53620 <-> 31.13.79.192:3478 [proto: 119.78/Facebook.STUN][cat: Network/14][3 pkts/504 bytes <-> 2 pkts/172 bytes] - 10 UDP 10.8.0.1:53620 <-> 31.13.84.48:3478 [proto: 119.78/Facebook.STUN][cat: Network/14][3 pkts/504 bytes <-> 2 pkts/172 bytes] - 11 UDP 10.8.0.1:53620 <-> 31.13.93.48:3478 [proto: 119.78/Facebook.STUN][cat: Network/14][3 pkts/504 bytes <-> 2 pkts/172 bytes] - 12 UDP 10.8.0.1:53620 <-> 173.252.121.1:3478 [proto: 119.78/Facebook.STUN][cat: Network/14][3 pkts/504 bytes <-> 2 pkts/172 bytes] - 13 UDP 10.8.0.1:53620 <-> 179.60.192.48:3478 [proto: 119.78/Facebook.STUN][cat: Network/14][3 pkts/504 bytes <-> 2 pkts/172 bytes] + 6 UDP 10.8.0.1:53620 <-> 31.13.73.48:3478 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][5 pkts/840 bytes <-> 4 pkts/344 bytes] + 7 UDP 10.8.0.1:53620 <-> 31.13.64.48:3478 [proto: 78.157/STUN.Messenger][cat: Chat/9][3 pkts/504 bytes <-> 2 pkts/172 bytes] + 8 UDP 10.8.0.1:53620 <-> 31.13.74.48:3478 [proto: 78.157/STUN.Messenger][cat: Chat/9][3 pkts/504 bytes <-> 2 pkts/172 bytes] + 9 UDP 10.8.0.1:53620 <-> 31.13.79.192:3478 [proto: 78.157/STUN.Messenger][cat: Chat/9][3 pkts/504 bytes <-> 2 pkts/172 bytes] + 10 UDP 10.8.0.1:53620 <-> 31.13.84.48:3478 [proto: 78.157/STUN.Messenger][cat: Chat/9][3 pkts/504 bytes <-> 2 pkts/172 bytes] + 11 UDP 10.8.0.1:53620 <-> 31.13.93.48:3478 [proto: 78.157/STUN.Messenger][cat: Chat/9][3 pkts/504 bytes <-> 2 pkts/172 bytes] + 12 UDP 10.8.0.1:53620 <-> 173.252.121.1:3478 [proto: 78.157/STUN.Messenger][cat: Chat/9][3 pkts/504 bytes <-> 2 pkts/172 bytes] + 13 UDP 10.8.0.1:53620 <-> 179.60.192.48:3478 [proto: 78.157/STUN.Messenger][cat: Chat/9][3 pkts/504 bytes <-> 2 pkts/172 bytes] -- cgit v1.2.3 From 2b4554ad44b979a95159ed814d8f7d4a5cb45e36 Mon Sep 17 00:00:00 2001 From: Luca Date: Tue, 13 Nov 2018 15:35:17 +0100 Subject: Updated test results --- tests/result/KakaoTalk_chat.pcap.out | 2 +- tests/result/whatsapp_voice_and_message.pcap.out | 5 ++--- 2 files changed, 3 insertions(+), 4 deletions(-) (limited to 'tests') diff --git a/tests/result/KakaoTalk_chat.pcap.out b/tests/result/KakaoTalk_chat.pcap.out index 2648cce2a..eedfab56a 100644 --- a/tests/result/KakaoTalk_chat.pcap.out +++ b/tests/result/KakaoTalk_chat.pcap.out @@ -40,7 +40,7 @@ KakaoTalk 55 9990 15 30 UDP 10.24.82.188:24596 <-> 10.188.1.1:53 [proto: 5.119/DNS.Facebook][cat: SocialNetwork/6][1 pkts/78 bytes <-> 1 pkts/118 bytes][Host: api.facebook.com] 31 UDP 10.24.82.188:38448 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: VoIP/10][1 pkts/76 bytes <-> 1 pkts/114 bytes][Host: auth.kakao.com] 32 UDP 10.24.82.188:58810 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: VoIP/10][1 pkts/76 bytes <-> 1 pkts/114 bytes][Host: item.kakao.com] - 33 TCP 10.24.82.188:58927 -> 54.255.253.199:5223 [proto: 178/Amazon][cat: Web/5][2 pkts/181 bytes -> 0 pkts/0 bytes] + 33 TCP 10.24.82.188:58927 -> 54.255.253.199:5223 [proto: 64.178/SSL_No_Cert.Amazon][cat: Web/5][2 pkts/181 bytes -> 0 pkts/0 bytes] 34 UDP 10.24.82.188:43077 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: VoIP/10][1 pkts/81 bytes <-> 1 pkts/97 bytes][Host: dn-l.talk.kakao.com] 35 TCP 10.24.82.188:34686 -> 173.194.72.188:5228 [proto: 126/Google][cat: Web/5][1 pkts/164 bytes -> 0 pkts/0 bytes] 36 ICMP 10.24.82.188:0 -> 10.188.191.1:0 [proto: 81/ICMP][cat: Network/14][1 pkts/147 bytes -> 0 pkts/0 bytes] diff --git a/tests/result/whatsapp_voice_and_message.pcap.out b/tests/result/whatsapp_voice_and_message.pcap.out index 2b9ee2e26..a8bd6e497 100644 --- a/tests/result/whatsapp_voice_and_message.pcap.out +++ b/tests/result/whatsapp_voice_and_message.pcap.out @@ -1,13 +1,12 @@ -SkypeCallIn 9 1184 1 WhatsApp 217 22139 5 -Messenger 35 4732 7 +Messenger 44 5916 8 1 TCP 10.8.0.1:42241 <-> 173.192.222.189:5222 [proto: 142/WhatsApp][cat: Chat/9][30 pkts/2539 bytes <-> 32 pkts/3070 bytes] 2 TCP 10.8.0.1:35480 <-> 184.173.179.46:443 [proto: 142/WhatsApp][cat: Chat/9][24 pkts/3029 bytes <-> 22 pkts/1961 bytes] 3 TCP 10.8.0.1:44819 <-> 158.85.58.42:5222 [proto: 142/WhatsApp][cat: Chat/9][15 pkts/2690 bytes <-> 15 pkts/2019 bytes] 4 TCP 10.8.0.1:49721 <-> 158.85.58.109:5222 [proto: 142/WhatsApp][cat: Chat/9][26 pkts/2311 bytes <-> 26 pkts/2300 bytes] 5 TCP 10.8.0.1:51570 <-> 158.85.5.199:443 [proto: 142/WhatsApp][cat: Chat/9][14 pkts/1123 bytes <-> 13 pkts/1097 bytes] - 6 UDP 10.8.0.1:53620 <-> 31.13.73.48:3478 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][5 pkts/840 bytes <-> 4 pkts/344 bytes] + 6 UDP 10.8.0.1:53620 <-> 31.13.73.48:3478 [proto: 78.157/STUN.Messenger][cat: Chat/9][5 pkts/840 bytes <-> 4 pkts/344 bytes] 7 UDP 10.8.0.1:53620 <-> 31.13.64.48:3478 [proto: 78.157/STUN.Messenger][cat: Chat/9][3 pkts/504 bytes <-> 2 pkts/172 bytes] 8 UDP 10.8.0.1:53620 <-> 31.13.74.48:3478 [proto: 78.157/STUN.Messenger][cat: Chat/9][3 pkts/504 bytes <-> 2 pkts/172 bytes] 9 UDP 10.8.0.1:53620 <-> 31.13.79.192:3478 [proto: 78.157/STUN.Messenger][cat: Chat/9][3 pkts/504 bytes <-> 2 pkts/172 bytes] -- cgit v1.2.3 From 12adb256650bece834173fce6213021d2e7a677b Mon Sep 17 00:00:00 2001 From: Luca Deri Date: Mon, 19 Nov 2018 18:28:18 +0100 Subject: Improved Skype detection Update test results Added initialization for some free protocols --- src/lib/ndpi_main.c | 2 +- tests/result/skype.pcap.out | 387 +++++++++++++++++---------------- tests/result/skype_no_unknown.pcap.out | 359 +++++++++++++++--------------- tests/result/wechat.pcap.out | 98 ++++----- 4 files changed, 424 insertions(+), 422 deletions(-) (limited to 'tests') diff --git a/src/lib/ndpi_main.c b/src/lib/ndpi_main.c index 02ad31a5e..fcfaec713 100644 --- a/src/lib/ndpi_main.c +++ b/src/lib/ndpi_main.c @@ -1249,7 +1249,7 @@ static void ndpi_init_protocol_defaults(struct ndpi_detection_module_struct *ndp no_master, "Free", NDPI_PROTOCOL_CATEGORY_CUSTOM_1 /* dummy */, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); - ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_FREE_39, + ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_FREE_196, no_master, no_master, "Free", NDPI_PROTOCOL_CATEGORY_CUSTOM_1 /* dummy */, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, diff --git a/tests/result/skype.pcap.out b/tests/result/skype.pcap.out index 590f97c71..4d09243a3 100644 --- a/tests/result/skype.pcap.out +++ b/tests/result/skype.pcap.out @@ -3,11 +3,12 @@ DNS 2 267 1 MDNS 8 1736 2 NTP 2 180 1 SSDP 101 38156 6 +SkypeCallIn 1555 267750 192 ICMP 8 656 1 IGMP 5 258 4 SSL 96 8876 7 Dropbox 38 17948 5 -Skype 2139 324409 249 +Skype 584 56659 57 Apple 3 168 1 AppleiCloud 88 20520 2 Spotify 5 430 1 @@ -15,17 +16,17 @@ MS_OneDrive 387 198090 1 ApplePush 12 1877 1 1 TCP 192.168.1.34:50028 <-> 157.56.126.211:443 [proto: 91.221/SSL.MS_OneDrive][cat: Cloud/13][187 pkts/42539 bytes <-> 200 pkts/155551 bytes][server: *.gateway.messenger.live.com] - 2 TCP 192.168.1.34:50108 <-> 157.56.52.28:40009 [proto: 125/Skype][cat: VoIP/10][231 pkts/60232 bytes <-> 241 pkts/104395 bytes] + 2 TCP 192.168.1.34:50108 <-> 157.56.52.28:40009 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][231 pkts/60232 bytes <-> 241 pkts/104395 bytes] 3 UDP 192.168.0.254:1025 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][79 pkts/29479 bytes -> 0 pkts/0 bytes] 4 TCP 192.168.1.34:50128 <-> 17.172.100.36:443 [proto: 91.143/SSL.AppleiCloud][cat: Web/5][43 pkts/9635 bytes <-> 43 pkts/10651 bytes][client: p05-keyvalueservice.icloud.com] - 5 TCP 192.168.1.34:50119 <-> 86.31.35.30:59621 [proto: 125/Skype][cat: VoIP/10][62 pkts/6941 bytes <-> 38 pkts/5325 bytes] + 5 TCP 192.168.1.34:50119 <-> 86.31.35.30:59621 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][62 pkts/6941 bytes <-> 38 pkts/5325 bytes] 6 UDP 192.168.1.92:50084 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][14 pkts/7281 bytes -> 0 pkts/0 bytes] 7 TCP 108.160.170.46:443 <-> 192.168.1.34:49445 [proto: 91.121/SSL.Dropbox][cat: Cloud/13][8 pkts/1636 bytes <-> 8 pkts/4344 bytes] - 8 TCP 192.168.1.34:50117 <-> 71.238.7.203:18767 [proto: 125/Skype][cat: VoIP/10][24 pkts/3136 bytes <-> 19 pkts/2618 bytes] - 9 TCP 192.168.1.34:50126 <-> 91.190.216.23:12350 [proto: 125/Skype][cat: VoIP/10][16 pkts/4788 bytes <-> 4 pkts/372 bytes] - 10 TCP 192.168.1.34:50138 <-> 71.238.7.203:18767 [proto: 125/Skype][cat: VoIP/10][19 pkts/2797 bytes <-> 13 pkts/2175 bytes] - 11 TCP 192.168.1.34:50118 <-> 5.248.186.221:31010 [proto: 125/Skype][cat: VoIP/10][18 pkts/2588 bytes <-> 13 pkts/2100 bytes] - 12 TCP 192.168.1.34:50139 <-> 5.248.186.221:31010 [proto: 125/Skype][cat: VoIP/10][15 pkts/2395 bytes <-> 8 pkts/1724 bytes] + 8 TCP 192.168.1.34:50117 <-> 71.238.7.203:18767 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][24 pkts/3136 bytes <-> 19 pkts/2618 bytes] + 9 TCP 192.168.1.34:50126 <-> 91.190.216.23:12350 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][16 pkts/4788 bytes <-> 4 pkts/372 bytes] + 10 TCP 192.168.1.34:50138 <-> 71.238.7.203:18767 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][19 pkts/2797 bytes <-> 13 pkts/2175 bytes] + 11 TCP 192.168.1.34:50118 <-> 5.248.186.221:31010 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][18 pkts/2588 bytes <-> 13 pkts/2100 bytes] + 12 TCP 192.168.1.34:50139 <-> 5.248.186.221:31010 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][15 pkts/2395 bytes <-> 8 pkts/1724 bytes] 13 TCP 192.168.1.34:50027 <-> 23.223.73.34:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][17 pkts/3605 bytes <-> 1 pkts/74 bytes][client: apps.skypeassets.com] 14 TCP 192.168.1.34:50029 <-> 23.206.33.166:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][16 pkts/3461 bytes <-> 1 pkts/74 bytes][client: apps.skype.com] 15 UDP 192.168.1.34:17500 -> 192.168.1.255:17500 [proto: 121/Dropbox][cat: Cloud/13][6 pkts/3264 bytes -> 0 pkts/0 bytes] @@ -33,75 +34,75 @@ ApplePush 12 1877 1 17 UDP 192.168.1.92:17500 -> 192.168.1.255:17500 [proto: 121/Dropbox][cat: Cloud/13][5 pkts/2720 bytes -> 0 pkts/0 bytes] 18 UDP 192.168.1.92:17500 -> 255.255.255.255:17500 [proto: 121/Dropbox][cat: Cloud/13][5 pkts/2720 bytes -> 0 pkts/0 bytes] 19 TCP 192.168.1.34:50090 <-> 23.206.33.166:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][12 pkts/2140 bytes <-> 3 pkts/200 bytes][client: apps.skype.com] - 20 TCP 192.168.1.34:50134 <-> 157.56.53.47:12350 [proto: 125/Skype][cat: VoIP/10][11 pkts/1578 bytes <-> 4 pkts/342 bytes] + 20 TCP 192.168.1.34:50134 <-> 157.56.53.47:12350 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][11 pkts/1578 bytes <-> 4 pkts/342 bytes] 21 TCP 17.143.160.22:5223 <-> 192.168.1.34:49447 [proto: 238/ApplePush][cat: Cloud/13][6 pkts/1211 bytes <-> 6 pkts/666 bytes] 22 TCP 192.168.1.34:50091 <-> 157.55.235.146:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][13 pkts/1554 bytes <-> 3 pkts/200 bytes] - 23 TCP 192.168.1.34:50122 <-> 81.133.19.185:44431 [proto: 125/Skype][cat: VoIP/10][14 pkts/1090 bytes <-> 6 pkts/534 bytes] + 23 TCP 192.168.1.34:50122 <-> 81.133.19.185:44431 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][14 pkts/1090 bytes <-> 6 pkts/534 bytes] 24 TCP 192.168.1.34:50039 <-> 213.199.179.175:443 [proto: 91/SSL][cat: Web/5][13 pkts/1392 bytes <-> 3 pkts/200 bytes] 25 TCP 192.168.1.34:50101 <-> 157.55.235.176:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][12 pkts/1305 bytes <-> 3 pkts/285 bytes] 26 TCP 192.168.1.34:50037 <-> 157.55.56.170:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][11 pkts/1218 bytes <-> 4 pkts/351 bytes] 27 TCP 192.168.1.34:50080 <-> 157.55.235.156:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][12 pkts/1249 bytes <-> 3 pkts/285 bytes] 28 TCP 192.168.1.34:50111 <-> 91.190.216.125:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][11 pkts/955 bytes <-> 9 pkts/561 bytes] 29 TCP 192.168.1.34:50081 <-> 157.55.130.176:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][12 pkts/1270 bytes <-> 3 pkts/243 bytes] - 30 TCP 192.168.1.34:50116 <-> 81.83.77.141:17639 [proto: 125/Skype][cat: VoIP/10][15 pkts/1138 bytes <-> 4 pkts/372 bytes] - 31 TCP 192.168.1.34:50123 <-> 80.14.46.121:4415 [proto: 125/Skype][cat: VoIP/10][14 pkts/1075 bytes <-> 4 pkts/431 bytes] - 32 TCP 192.168.1.34:50075 <-> 213.199.179.142:40003 [proto: 125/Skype][cat: VoIP/10][14 pkts/1100 bytes <-> 5 pkts/395 bytes] + 30 TCP 192.168.1.34:50116 <-> 81.83.77.141:17639 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][15 pkts/1138 bytes <-> 4 pkts/372 bytes] + 31 TCP 192.168.1.34:50123 <-> 80.14.46.121:4415 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][14 pkts/1075 bytes <-> 4 pkts/431 bytes] + 32 TCP 192.168.1.34:50075 <-> 213.199.179.142:40003 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][14 pkts/1100 bytes <-> 5 pkts/395 bytes] 33 TCP 192.168.1.34:50072 <-> 157.55.130.170:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][12 pkts/1207 bytes <-> 3 pkts/277 bytes] 34 TCP 192.168.1.34:50066 <-> 65.55.223.12:443 [proto: 91/SSL][cat: Web/5][12 pkts/1221 bytes <-> 3 pkts/231 bytes] - 35 TCP 192.168.1.34:50137 <-> 5.248.186.221:31010 [proto: 125/Skype][cat: VoIP/10][14 pkts/1062 bytes <-> 4 pkts/383 bytes] - 36 TCP 192.168.1.34:50076 <-> 157.55.235.156:40014 [proto: 125/Skype][cat: VoIP/10][14 pkts/1083 bytes <-> 4 pkts/359 bytes] - 37 TCP 192.168.1.34:50054 <-> 157.55.130.153:40005 [proto: 125/Skype][cat: VoIP/10][13 pkts/1020 bytes <-> 4 pkts/421 bytes] - 38 TCP 192.168.1.34:50132 <-> 149.13.32.15:13392 [proto: 125/Skype][cat: VoIP/10][13 pkts/1010 bytes <-> 5 pkts/402 bytes] + 35 TCP 192.168.1.34:50137 <-> 5.248.186.221:31010 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][14 pkts/1062 bytes <-> 4 pkts/383 bytes] + 36 TCP 192.168.1.34:50076 <-> 157.55.235.156:40014 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][14 pkts/1083 bytes <-> 4 pkts/359 bytes] + 37 TCP 192.168.1.34:50054 <-> 157.55.130.153:40005 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][13 pkts/1020 bytes <-> 4 pkts/421 bytes] + 38 TCP 192.168.1.34:50132 <-> 149.13.32.15:13392 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][13 pkts/1010 bytes <-> 5 pkts/402 bytes] 39 TCP 192.168.1.34:50045 <-> 157.55.130.167:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][12 pkts/1151 bytes <-> 3 pkts/260 bytes] - 40 TCP 192.168.1.34:50114 <-> 5.248.186.221:31010 [proto: 125/Skype][cat: VoIP/10][14 pkts/1040 bytes <-> 4 pkts/362 bytes] - 41 TCP 192.168.1.34:50065 <-> 65.55.223.12:40031 [proto: 125/Skype][cat: VoIP/10][13 pkts/1004 bytes <-> 4 pkts/397 bytes] + 40 TCP 192.168.1.34:50114 <-> 5.248.186.221:31010 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][14 pkts/1040 bytes <-> 4 pkts/362 bytes] + 41 TCP 192.168.1.34:50065 <-> 65.55.223.12:40031 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][13 pkts/1004 bytes <-> 4 pkts/397 bytes] 42 TCP 192.168.1.34:50069 <-> 157.55.56.160:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][11 pkts/1050 bytes <-> 4 pkts/351 bytes] - 43 TCP 192.168.1.34:50034 <-> 157.55.130.140:40033 [proto: 125/Skype][cat: VoIP/10][13 pkts/1010 bytes <-> 4 pkts/390 bytes] - 44 TCP 192.168.1.34:50088 <-> 157.55.235.146:33033 [proto: 125/Skype][cat: VoIP/10][14 pkts/1085 bytes <-> 4 pkts/315 bytes] + 43 TCP 192.168.1.34:50034 <-> 157.55.130.140:40033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][13 pkts/1010 bytes <-> 4 pkts/390 bytes] + 44 TCP 192.168.1.34:50088 <-> 157.55.235.146:33033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][14 pkts/1085 bytes <-> 4 pkts/315 bytes] 45 TCP 192.168.1.34:50102 <-> 65.55.223.15:443 [proto: 91/SSL][cat: Web/5][11 pkts/1140 bytes <-> 3 pkts/250 bytes] - 46 TCP 192.168.1.34:50092 <-> 157.55.130.155:40020 [proto: 125/Skype][cat: VoIP/10][13 pkts/975 bytes <-> 4 pkts/412 bytes] - 47 TCP 192.168.1.34:50115 <-> 86.31.35.30:59621 [proto: 125/Skype][cat: VoIP/10][13 pkts/995 bytes <-> 4 pkts/391 bytes] - 48 TCP 192.168.1.34:50098 <-> 65.55.223.15:40026 [proto: 125/Skype][cat: VoIP/10][13 pkts/995 bytes <-> 4 pkts/386 bytes] - 49 TCP 192.168.1.34:50130 <-> 212.161.8.36:13392 [proto: 125/Skype][cat: VoIP/10][13 pkts/1000 bytes <-> 4 pkts/380 bytes] + 46 TCP 192.168.1.34:50092 <-> 157.55.130.155:40020 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][13 pkts/975 bytes <-> 4 pkts/412 bytes] + 47 TCP 192.168.1.34:50115 <-> 86.31.35.30:59621 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][13 pkts/995 bytes <-> 4 pkts/391 bytes] + 48 TCP 192.168.1.34:50098 <-> 65.55.223.15:40026 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][13 pkts/995 bytes <-> 4 pkts/386 bytes] + 49 TCP 192.168.1.34:50130 <-> 212.161.8.36:13392 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][13 pkts/1000 bytes <-> 4 pkts/380 bytes] 50 TCP 192.168.1.34:50079 <-> 213.199.179.142:443 [proto: 91/SSL][cat: Web/5][13 pkts/1176 bytes <-> 3 pkts/200 bytes] - 51 TCP 192.168.1.34:50097 <-> 157.55.235.176:40022 [proto: 125/Skype][cat: VoIP/10][13 pkts/1000 bytes <-> 4 pkts/371 bytes] - 52 TCP 192.168.1.34:50026 <-> 65.55.223.33:40002 [proto: 125/Skype][cat: VoIP/10][13 pkts/971 bytes <-> 4 pkts/399 bytes] - 53 TCP 192.168.1.34:50033 <-> 157.55.56.170:40015 [proto: 125/Skype][cat: VoIP/10][13 pkts/977 bytes <-> 4 pkts/384 bytes] - 54 TCP 192.168.1.34:50053 <-> 157.55.56.146:40030 [proto: 125/Skype][cat: VoIP/10][12 pkts/940 bytes <-> 5 pkts/415 bytes] - 55 TCP 192.168.1.34:50099 <-> 64.4.23.166:40022 [proto: 125/Skype][cat: VoIP/10][12 pkts/948 bytes <-> 4 pkts/407 bytes] - 56 TCP 192.168.1.34:50044 <-> 157.55.130.167:40031 [proto: 125/Skype][cat: VoIP/10][13 pkts/993 bytes <-> 4 pkts/360 bytes] + 51 TCP 192.168.1.34:50097 <-> 157.55.235.176:40022 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][13 pkts/1000 bytes <-> 4 pkts/371 bytes] + 52 TCP 192.168.1.34:50026 <-> 65.55.223.33:40002 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][13 pkts/971 bytes <-> 4 pkts/399 bytes] + 53 TCP 192.168.1.34:50033 <-> 157.55.56.170:40015 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][13 pkts/977 bytes <-> 4 pkts/384 bytes] + 54 TCP 192.168.1.34:50053 <-> 157.55.56.146:40030 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][12 pkts/940 bytes <-> 5 pkts/415 bytes] + 55 TCP 192.168.1.34:50099 <-> 64.4.23.166:40022 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][12 pkts/948 bytes <-> 4 pkts/407 bytes] + 56 TCP 192.168.1.34:50044 <-> 157.55.130.167:40031 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][13 pkts/993 bytes <-> 4 pkts/360 bytes] 57 TCP 192.168.1.34:50051 <-> 157.55.130.166:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][12 pkts/1074 bytes <-> 3 pkts/277 bytes] 58 TCP 192.168.1.34:50057 <-> 157.55.130.153:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][12 pkts/1102 bytes <-> 3 pkts/247 bytes] 59 TCP 192.168.1.34:50048 <-> 157.55.130.150:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][12 pkts/1109 bytes <-> 3 pkts/236 bytes] - 60 TCP 192.168.1.34:50077 <-> 157.55.130.176:40022 [proto: 125/Skype][cat: VoIP/10][13 pkts/1004 bytes <-> 4 pkts/334 bytes] + 60 TCP 192.168.1.34:50077 <-> 157.55.130.176:40022 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][13 pkts/1004 bytes <-> 4 pkts/334 bytes] 61 TCP 192.168.1.34:50036 <-> 157.56.52.44:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][11 pkts/1074 bytes <-> 3 pkts/254 bytes] - 62 TCP 192.168.1.34:50074 <-> 157.55.130.173:40003 [proto: 125/Skype][cat: VoIP/10][13 pkts/1010 bytes <-> 4 pkts/317 bytes] + 62 TCP 192.168.1.34:50074 <-> 157.55.130.173:40003 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][13 pkts/1010 bytes <-> 4 pkts/317 bytes] 63 TCP 192.168.1.34:50078 <-> 157.55.130.173:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][12 pkts/1088 bytes <-> 3 pkts/236 bytes] - 64 TCP 192.168.1.34:50070 <-> 157.55.130.170:40018 [proto: 125/Skype][cat: VoIP/10][13 pkts/989 bytes <-> 4 pkts/323 bytes] + 64 TCP 192.168.1.34:50070 <-> 157.55.130.170:40018 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][13 pkts/989 bytes <-> 4 pkts/323 bytes] 65 TCP 192.168.1.34:50030 <-> 65.55.223.33:443 [proto: 91/SSL][cat: Web/5][11 pkts/960 bytes <-> 4 pkts/351 bytes] - 66 TCP 192.168.1.34:50032 <-> 157.56.52.44:40032 [proto: 125/Skype][cat: VoIP/10][12 pkts/969 bytes <-> 4 pkts/337 bytes] + 66 TCP 192.168.1.34:50032 <-> 157.56.52.44:40032 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][12 pkts/969 bytes <-> 4 pkts/337 bytes] 67 TCP 192.168.1.34:50094 <-> 157.55.130.155:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][12 pkts/1039 bytes <-> 3 pkts/267 bytes] - 68 TCP 192.168.1.34:50067 <-> 157.55.56.160:40027 [proto: 125/Skype][cat: VoIP/10][12 pkts/899 bytes <-> 5 pkts/406 bytes] - 69 TCP 192.168.1.34:50035 <-> 213.199.179.175:40021 [proto: 125/Skype][cat: VoIP/10][13 pkts/982 bytes <-> 4 pkts/322 bytes] + 68 TCP 192.168.1.34:50067 <-> 157.55.56.160:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][12 pkts/899 bytes <-> 5 pkts/406 bytes] + 69 TCP 192.168.1.34:50035 <-> 213.199.179.175:40021 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][13 pkts/982 bytes <-> 4 pkts/322 bytes] 70 TCP 192.168.1.34:50063 <-> 111.221.74.38:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][10 pkts/1002 bytes <-> 3 pkts/285 bytes] - 71 TCP 192.168.1.34:50049 <-> 157.55.130.166:40021 [proto: 125/Skype][cat: VoIP/10][11 pkts/836 bytes <-> 5 pkts/442 bytes] - 72 TCP 192.168.1.34:50086 <-> 111.221.77.142:40023 [proto: 125/Skype][cat: VoIP/10][11 pkts/841 bytes <-> 5 pkts/429 bytes] + 71 TCP 192.168.1.34:50049 <-> 157.55.130.166:40021 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][11 pkts/836 bytes <-> 5 pkts/442 bytes] + 72 TCP 192.168.1.34:50086 <-> 111.221.77.142:40023 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][11 pkts/841 bytes <-> 5 pkts/429 bytes] 73 TCP 192.168.1.34:50056 <-> 157.55.56.146:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][11 pkts/999 bytes <-> 4 pkts/266 bytes] 74 TCP 192.168.1.34:50038 <-> 157.55.130.140:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][12 pkts/1032 bytes <-> 3 pkts/230 bytes] - 75 TCP 192.168.1.34:50055 <-> 111.221.74.47:40030 [proto: 125/Skype][cat: VoIP/10][11 pkts/866 bytes <-> 5 pkts/396 bytes] - 76 TCP 192.168.1.34:50112 <-> 76.167.161.6:20274 [proto: 125/Skype][cat: VoIP/10][11 pkts/843 bytes <-> 4 pkts/411 bytes] - 77 TCP 192.168.1.34:50141 <-> 80.14.46.121:4415 [proto: 125/Skype][cat: VoIP/10][13 pkts/994 bytes <-> 2 pkts/243 bytes] - 78 TCP 192.168.1.34:50059 <-> 111.221.74.38:40015 [proto: 125/Skype][cat: VoIP/10][11 pkts/820 bytes <-> 5 pkts/416 bytes] - 79 TCP 192.168.1.34:50046 <-> 157.55.130.150:40011 [proto: 125/Skype][cat: VoIP/10][11 pkts/843 bytes <-> 4 pkts/386 bytes] - 80 TCP 192.168.1.34:50096 <-> 111.221.74.46:40027 [proto: 125/Skype][cat: VoIP/10][11 pkts/822 bytes <-> 4 pkts/390 bytes] + 75 TCP 192.168.1.34:50055 <-> 111.221.74.47:40030 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][11 pkts/866 bytes <-> 5 pkts/396 bytes] + 76 TCP 192.168.1.34:50112 <-> 76.167.161.6:20274 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][11 pkts/843 bytes <-> 4 pkts/411 bytes] + 77 TCP 192.168.1.34:50141 <-> 80.14.46.121:4415 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][13 pkts/994 bytes <-> 2 pkts/243 bytes] + 78 TCP 192.168.1.34:50059 <-> 111.221.74.38:40015 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][11 pkts/820 bytes <-> 5 pkts/416 bytes] + 79 TCP 192.168.1.34:50046 <-> 157.55.130.150:40011 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][11 pkts/843 bytes <-> 4 pkts/386 bytes] + 80 TCP 192.168.1.34:50096 <-> 111.221.74.46:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][11 pkts/822 bytes <-> 4 pkts/390 bytes] 81 TCP 192.168.1.34:50058 <-> 111.221.74.47:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][10 pkts/857 bytes <-> 4 pkts/351 bytes] - 82 TCP 192.168.1.34:50113 <-> 71.238.7.203:18767 [proto: 125/Skype][cat: VoIP/10][11 pkts/827 bytes <-> 3 pkts/325 bytes] + 82 TCP 192.168.1.34:50113 <-> 71.238.7.203:18767 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][11 pkts/827 bytes <-> 3 pkts/325 bytes] 83 TCP 192.168.1.34:50103 <-> 64.4.23.166:443 [proto: 91/SSL][cat: Web/5][9 pkts/862 bytes <-> 3 pkts/285 bytes] - 84 TCP 192.168.1.34:50143 <-> 78.202.226.115:29059 [proto: 125/Skype][cat: VoIP/10][12 pkts/935 bytes <-> 2 pkts/197 bytes] + 84 TCP 192.168.1.34:50143 <-> 78.202.226.115:29059 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][12 pkts/935 bytes <-> 2 pkts/197 bytes] 85 TCP 192.168.1.34:50100 <-> 111.221.74.46:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][10 pkts/872 bytes <-> 3 pkts/237 bytes] - 86 TCP 192.168.1.34:50135 <-> 76.167.161.6:20274 [proto: 125/Skype][cat: VoIP/10][11 pkts/838 bytes <-> 3 pkts/270 bytes] + 86 TCP 192.168.1.34:50135 <-> 76.167.161.6:20274 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][11 pkts/838 bytes <-> 3 pkts/270 bytes] 87 TCP 192.168.1.34:50087 <-> 111.221.77.142:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][9 pkts/822 bytes <-> 3 pkts/285 bytes] - 88 TCP 192.168.1.34:50136 <-> 71.238.7.203:18767 [proto: 125/Skype][cat: VoIP/10][11 pkts/814 bytes <-> 3 pkts/287 bytes] + 88 TCP 192.168.1.34:50136 <-> 71.238.7.203:18767 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][11 pkts/814 bytes <-> 3 pkts/287 bytes] 89 UDP [fe80::c62c:3ff:fe06:49fe]:5353 -> [ff02::fb]:5353 [proto: 8/MDNS][cat: Network/14][4 pkts/908 bytes -> 0 pkts/0 bytes] 90 UDP 192.168.1.92:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network/14][4 pkts/828 bytes -> 0 pkts/0 bytes] 91 TCP 192.168.1.34:50125 <-> 91.190.218.125:12350 [proto: 125/Skype][cat: VoIP/10][6 pkts/417 bytes <-> 4 pkts/352 bytes] @@ -141,8 +142,8 @@ ApplePush 12 1877 1 125 UDP 192.168.1.34:51066 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][2 pkts/349 bytes -> 0 pkts/0 bytes] 126 UDP 192.168.1.34:56886 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][2 pkts/349 bytes -> 0 pkts/0 bytes] 127 UDP 192.168.1.34:64560 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][2 pkts/349 bytes -> 0 pkts/0 bytes] - 128 UDP 192.168.1.34:13021 -> 76.185.207.12:45493 [proto: 125/Skype][cat: VoIP/10][5 pkts/300 bytes -> 0 pkts/0 bytes] - 129 UDP 192.168.1.34:13021 -> 176.26.55.167:63773 [proto: 125/Skype][cat: VoIP/10][5 pkts/300 bytes -> 0 pkts/0 bytes] + 128 UDP 192.168.1.34:13021 -> 76.185.207.12:45493 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][5 pkts/300 bytes -> 0 pkts/0 bytes] + 129 UDP 192.168.1.34:13021 -> 176.26.55.167:63773 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][5 pkts/300 bytes -> 0 pkts/0 bytes] 130 UDP 192.168.1.34:58681 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/101 bytes <-> 1 pkts/166 bytes][Host: db3msgr5011709.gateway.messenger.live.com] 131 UDP 192.168.1.34:62454 <-> 192.168.1.1:53 [proto: 5.143/DNS.AppleiCloud][cat: Web/5][1 pkts/101 bytes <-> 1 pkts/133 bytes][Host: p05-keyvalueservice.icloud.com.akadns.net] 132 UDP 192.168.1.34:123 <-> 17.253.48.245:123 [proto: 9/NTP][cat: System/18][1 pkts/90 bytes <-> 1 pkts/90 bytes] @@ -151,150 +152,150 @@ ApplePush 12 1877 1 135 UDP 192.168.1.34:64085 <-> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][1 pkts/82 bytes <-> 1 pkts/98 bytes][Host: e7768.b.akamaiedge.net] 136 TCP 192.168.1.34:50024 <-> 17.172.100.36:443 [proto: 91.140/SSL.Apple][cat: Web/5][2 pkts/108 bytes <-> 1 pkts/60 bytes] 137 IGMP 192.168.0.254:0 -> 224.0.0.1:0 [proto: 82/IGMP][cat: Network/14][2 pkts/92 bytes -> 0 pkts/0 bytes] - 138 UDP 192.168.1.34:13021 -> 64.4.23.145:40024 [proto: 125/Skype][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] - 139 UDP 192.168.1.34:13021 -> 65.55.223.26:40004 [proto: 125/Skype][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] - 140 UDP 192.168.1.34:13021 -> 65.55.223.33:40011 [proto: 125/Skype][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] - 141 UDP 192.168.1.34:13021 -> 157.55.56.168:40006 [proto: 125/Skype][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] - 142 UDP 192.168.1.34:13021 -> 157.55.130.146:40026 [proto: 125/Skype][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] - 143 UDP 192.168.1.34:13021 -> 157.55.130.154:40005 [proto: 125/Skype][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] - 144 UDP 192.168.1.34:13021 -> 157.55.235.147:40020 [proto: 125/Skype][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] - 145 UDP 192.168.1.34:13021 -> 157.55.235.152:40001 [proto: 125/Skype][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] - 146 UDP 192.168.1.34:13021 -> 213.199.179.155:40004 [proto: 125/Skype][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] - 147 UDP 192.168.1.34:13021 -> 111.221.74.28:40014 [proto: 125/Skype][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] - 148 UDP 192.168.1.34:13021 -> 111.221.77.146:33033 [proto: 125/Skype][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] - 149 UDP 192.168.1.34:13021 -> 111.221.77.155:40004 [proto: 125/Skype][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] - 150 UDP 192.168.1.34:13021 -> 111.221.77.159:40009 [proto: 125/Skype][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] - 151 UDP 192.168.1.34:13021 -> 111.221.77.172:40010 [proto: 125/Skype][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] - 152 UDP 192.168.1.34:13021 -> 157.55.130.156:40034 [proto: 125/Skype][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] - 153 UDP 192.168.1.34:13021 -> 157.55.235.161:40011 [proto: 125/Skype][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] - 154 UDP 192.168.1.34:13021 -> 157.55.235.176:40022 [proto: 125/Skype][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] - 155 UDP 192.168.1.34:13021 -> 157.56.52.27:40027 [proto: 125/Skype][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] - 156 UDP 192.168.1.34:13021 -> 157.56.52.28:40009 [proto: 125/Skype][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] - 157 UDP 192.168.1.34:13021 -> 64.4.23.143:40018 [proto: 125/Skype][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 158 UDP 192.168.1.34:13021 -> 64.4.23.155:40004 [proto: 125/Skype][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 159 UDP 192.168.1.34:13021 -> 65.55.223.29:40010 [proto: 125/Skype][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 160 UDP 192.168.1.34:13021 -> 111.221.74.15:40024 [proto: 125/Skype][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 161 UDP 192.168.1.34:13021 -> 111.221.77.145:40027 [proto: 125/Skype][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 162 UDP 192.168.1.34:13021 -> 111.221.77.166:40011 [proto: 125/Skype][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 163 UDP 192.168.1.34:13021 -> 157.55.56.142:40023 [proto: 125/Skype][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 164 UDP 192.168.1.34:13021 -> 157.55.56.151:40027 [proto: 125/Skype][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 165 UDP 192.168.1.34:13021 -> 157.55.56.175:40013 [proto: 125/Skype][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 166 UDP 192.168.1.34:13021 -> 157.55.130.143:40017 [proto: 125/Skype][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 167 UDP 192.168.1.34:13021 -> 157.55.235.155:40003 [proto: 125/Skype][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 168 UDP 192.168.1.34:13021 -> 157.56.52.17:40013 [proto: 125/Skype][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 169 UDP 192.168.1.34:13021 -> 64.4.23.166:40022 [proto: 125/Skype][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] - 170 UDP 192.168.1.34:13021 -> 65.55.223.25:40028 [proto: 125/Skype][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] - 171 UDP 192.168.1.34:13021 -> 65.55.223.43:40002 [proto: 125/Skype][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] - 172 UDP 192.168.1.34:13021 -> 111.221.74.43:40001 [proto: 125/Skype][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] - 173 UDP 192.168.1.34:13021 -> 111.221.77.151:40027 [proto: 125/Skype][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] - 174 UDP 192.168.1.34:13021 -> 157.55.56.162:40004 [proto: 125/Skype][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] - 175 UDP 192.168.1.34:13021 -> 157.55.130.147:40019 [proto: 125/Skype][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] - 176 UDP 192.168.1.34:13021 -> 157.55.235.175:40008 [proto: 125/Skype][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] - 177 UDP 192.168.1.34:13021 -> 213.199.179.150:40004 [proto: 125/Skype][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] - 178 UDP 192.168.1.34:13021 -> 111.221.74.12:40031 [proto: 125/Skype][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] - 179 UDP 192.168.1.34:13021 -> 111.221.74.48:40008 [proto: 125/Skype][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] - 180 UDP 192.168.1.34:13021 -> 111.221.77.165:40020 [proto: 125/Skype][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] - 181 UDP 192.168.1.34:13021 -> 213.199.179.141:40015 [proto: 125/Skype][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] - 182 UDP 192.168.1.34:13021 -> 213.199.179.143:40022 [proto: 125/Skype][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] - 183 UDP 192.168.1.34:13021 -> 213.199.179.154:40034 [proto: 125/Skype][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] - 184 UDP 192.168.1.34:13021 -> 65.55.223.28:40026 [proto: 125/Skype][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] - 185 UDP 192.168.1.34:13021 -> 111.221.74.40:40018 [proto: 125/Skype][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] - 186 UDP 192.168.1.34:13021 -> 157.55.130.175:40006 [proto: 125/Skype][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] - 187 UDP 192.168.1.34:13021 -> 157.56.52.26:40026 [proto: 125/Skype][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] - 188 UDP 192.168.1.34:13021 -> 213.199.179.165:40007 [proto: 125/Skype][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] - 189 UDP 192.168.1.34:13021 -> 64.4.23.141:40004 [proto: 125/Skype][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] - 190 UDP 192.168.1.34:13021 -> 111.221.74.29:40024 [proto: 125/Skype][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] - 191 UDP 192.168.1.34:13021 -> 111.221.74.31:40021 [proto: 125/Skype][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] - 192 UDP 192.168.1.34:13021 -> 111.221.77.176:40020 [proto: 125/Skype][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] - 193 UDP 192.168.1.34:13021 -> 157.55.235.153:40023 [proto: 125/Skype][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] - 194 UDP 192.168.1.34:13021 -> 213.199.179.168:40006 [proto: 125/Skype][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] - 195 UDP 192.168.1.34:13021 -> 64.4.23.151:40029 [proto: 125/Skype][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] - 196 UDP 192.168.1.34:13021 -> 64.4.23.165:40020 [proto: 125/Skype][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] - 197 UDP 192.168.1.34:13021 -> 111.221.77.142:40023 [proto: 125/Skype][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] - 198 UDP 192.168.1.34:13021 -> 157.55.130.151:40017 [proto: 125/Skype][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] - 199 UDP 192.168.1.34:13021 -> 64.4.23.168:40006 [proto: 125/Skype][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] - 200 UDP 192.168.1.34:13021 -> 65.55.223.21:40027 [proto: 125/Skype][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] - 201 UDP 192.168.1.34:13021 -> 65.55.223.45:40012 [proto: 125/Skype][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] - 202 UDP 192.168.1.34:13021 -> 111.221.74.44:40031 [proto: 125/Skype][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] - 203 UDP 192.168.1.34:13021 -> 111.221.74.46:40027 [proto: 125/Skype][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] - 204 UDP 192.168.1.34:13021 -> 111.221.77.153:40024 [proto: 125/Skype][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] - 205 UDP 192.168.1.34:13021 -> 157.55.56.148:40010 [proto: 125/Skype][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] - 206 UDP 192.168.1.34:13021 -> 157.55.235.157:40010 [proto: 125/Skype][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] - 207 UDP 192.168.1.34:13021 -> 157.55.235.172:40032 [proto: 125/Skype][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] - 208 UDP 192.168.1.34:13021 -> 157.56.52.18:33033 [proto: 125/Skype][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] - 209 UDP 192.168.1.34:13021 -> 213.199.179.170:40011 [proto: 125/Skype][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] - 210 UDP 192.168.1.34:13021 -> 64.4.23.150:40004 [proto: 125/Skype][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 211 UDP 192.168.1.34:13021 -> 64.4.23.159:40009 [proto: 125/Skype][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 212 UDP 192.168.1.34:13021 -> 65.55.223.17:40022 [proto: 125/Skype][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 213 UDP 192.168.1.34:13021 -> 111.221.74.17:40022 [proto: 125/Skype][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 214 UDP 192.168.1.34:13021 -> 111.221.74.18:33033 [proto: 125/Skype][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 215 UDP 192.168.1.34:13021 -> 111.221.74.32:40009 [proto: 125/Skype][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 216 UDP 192.168.1.34:13021 -> 111.221.74.42:40024 [proto: 125/Skype][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 217 UDP 192.168.1.34:13021 -> 157.55.56.146:33033 [proto: 125/Skype][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 218 UDP 192.168.1.34:13021 -> 157.55.56.161:40012 [proto: 125/Skype][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 219 UDP 192.168.1.34:13021 -> 157.55.130.155:40020 [proto: 125/Skype][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 220 UDP 192.168.1.34:13021 -> 157.55.130.165:40026 [proto: 125/Skype][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 221 UDP 192.168.1.34:13021 -> 157.55.235.142:40025 [proto: 125/Skype][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 222 UDP 192.168.1.34:13021 -> 157.56.52.33:40011 [proto: 125/Skype][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 223 UDP 192.168.1.34:13021 -> 213.199.179.162:40029 [proto: 125/Skype][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 224 UDP 192.168.1.34:13021 -> 64.4.23.148:40010 [proto: 125/Skype][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] - 225 UDP 192.168.1.34:13021 -> 65.55.223.18:33033 [proto: 125/Skype][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] - 226 UDP 192.168.1.34:13021 -> 65.55.223.41:40027 [proto: 125/Skype][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] - 227 UDP 192.168.1.34:13021 -> 111.221.77.148:40029 [proto: 125/Skype][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] - 228 UDP 192.168.1.34:13021 -> 157.55.130.146:33033 [proto: 125/Skype][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] - 229 UDP 192.168.1.34:13021 -> 157.55.235.143:40030 [proto: 125/Skype][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] - 230 UDP 192.168.1.34:13021 -> 157.55.235.160:40027 [proto: 125/Skype][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] - 231 UDP 192.168.1.34:13021 -> 157.55.235.166:40015 [proto: 125/Skype][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] - 232 UDP 192.168.1.34:13021 -> 157.56.52.37:40032 [proto: 125/Skype][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] - 233 UDP 192.168.1.34:13021 -> 64.4.23.140:40012 [proto: 125/Skype][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] - 234 UDP 192.168.1.34:13021 -> 64.4.23.170:40011 [proto: 125/Skype][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] - 235 UDP 192.168.1.34:13021 -> 111.221.74.19:40001 [proto: 125/Skype][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] - 236 UDP 192.168.1.34:13021 -> 111.221.77.160:40028 [proto: 125/Skype][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] - 237 UDP 192.168.1.34:13021 -> 111.221.77.168:40007 [proto: 125/Skype][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] - 238 UDP 192.168.1.34:13021 -> 157.55.56.145:40027 [proto: 125/Skype][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] - 239 UDP 192.168.1.34:13021 -> 157.55.56.165:40020 [proto: 125/Skype][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] - 240 UDP 192.168.1.34:13021 -> 157.55.235.145:40022 [proto: 125/Skype][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] - 241 UDP 192.168.1.34:13021 -> 157.56.52.15:40027 [proto: 125/Skype][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] - 242 UDP 192.168.1.34:13021 -> 65.55.223.24:40032 [proto: 125/Skype][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 243 UDP 192.168.1.34:13021 -> 111.221.74.16:40032 [proto: 125/Skype][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 244 UDP 192.168.1.34:13021 -> 111.221.77.141:40020 [proto: 125/Skype][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 245 UDP 192.168.1.34:13021 -> 111.221.77.149:40030 [proto: 125/Skype][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 246 UDP 192.168.1.34:13021 -> 111.221.77.154:40017 [proto: 125/Skype][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 247 UDP 192.168.1.34:13021 -> 157.55.130.157:40013 [proto: 125/Skype][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 248 UDP 192.168.1.34:13021 -> 157.55.130.160:40029 [proto: 125/Skype][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 249 UDP 192.168.1.34:13021 -> 157.55.130.172:40019 [proto: 125/Skype][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 250 UDP 192.168.1.34:13021 -> 157.56.52.45:40012 [proto: 125/Skype][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 251 UDP 192.168.1.34:13021 -> 213.199.179.146:33033 [proto: 125/Skype][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 252 UDP 192.168.1.34:13021 -> 213.199.179.146:40030 [proto: 125/Skype][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 253 UDP 192.168.1.34:13021 -> 64.4.23.146:33033 [proto: 125/Skype][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] - 254 UDP 192.168.1.34:13021 -> 64.4.23.173:40017 [proto: 125/Skype][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] - 255 UDP 192.168.1.34:13021 -> 65.55.223.15:40026 [proto: 125/Skype][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] - 256 UDP 192.168.1.34:13021 -> 65.55.223.38:40015 [proto: 125/Skype][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] - 257 UDP 192.168.1.34:13021 -> 65.55.223.44:40013 [proto: 125/Skype][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] - 258 UDP 192.168.1.34:13021 -> 111.221.74.25:40028 [proto: 125/Skype][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] - 259 UDP 192.168.1.34:13021 -> 111.221.77.143:40022 [proto: 125/Skype][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] - 260 UDP 192.168.1.34:13021 -> 157.55.130.144:40034 [proto: 125/Skype][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] - 261 UDP 192.168.1.34:13021 -> 157.55.235.146:33033 [proto: 125/Skype][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] - 262 UDP 192.168.1.34:13021 -> 213.199.179.145:40027 [proto: 125/Skype][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] - 263 UDP 192.168.1.34:13021 -> 65.55.223.20:40033 [proto: 125/Skype][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] - 264 UDP 192.168.1.34:13021 -> 111.221.74.24:40001 [proto: 125/Skype][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] - 265 UDP 192.168.1.34:13021 -> 111.221.77.140:40003 [proto: 125/Skype][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] - 266 UDP 192.168.1.34:13021 -> 157.55.56.166:40022 [proto: 125/Skype][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] - 267 UDP 192.168.1.34:13021 -> 157.55.130.148:40019 [proto: 125/Skype][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] - 268 UDP 192.168.1.34:13021 -> 157.55.235.158:40031 [proto: 125/Skype][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] - 269 UDP 192.168.1.34:13021 -> 157.55.235.159:40021 [proto: 125/Skype][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] - 270 UDP 192.168.1.34:13021 -> 157.55.235.173:40012 [proto: 125/Skype][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] - 271 UDP 192.168.1.34:13021 -> 157.56.52.21:40004 [proto: 125/Skype][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] - 272 UDP 192.168.1.34:13021 -> 157.56.52.24:40001 [proto: 125/Skype][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] - 273 UDP 192.168.1.34:13021 -> 157.56.52.47:40029 [proto: 125/Skype][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] - 274 UDP 192.168.1.34:13021 -> 213.199.179.152:40023 [proto: 125/Skype][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] + 138 UDP 192.168.1.34:13021 -> 64.4.23.145:40024 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] + 139 UDP 192.168.1.34:13021 -> 65.55.223.26:40004 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] + 140 UDP 192.168.1.34:13021 -> 65.55.223.33:40011 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] + 141 UDP 192.168.1.34:13021 -> 157.55.56.168:40006 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] + 142 UDP 192.168.1.34:13021 -> 157.55.130.146:40026 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] + 143 UDP 192.168.1.34:13021 -> 157.55.130.154:40005 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] + 144 UDP 192.168.1.34:13021 -> 157.55.235.147:40020 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] + 145 UDP 192.168.1.34:13021 -> 157.55.235.152:40001 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] + 146 UDP 192.168.1.34:13021 -> 213.199.179.155:40004 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] + 147 UDP 192.168.1.34:13021 -> 111.221.74.28:40014 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] + 148 UDP 192.168.1.34:13021 -> 111.221.77.146:33033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] + 149 UDP 192.168.1.34:13021 -> 111.221.77.155:40004 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] + 150 UDP 192.168.1.34:13021 -> 111.221.77.159:40009 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] + 151 UDP 192.168.1.34:13021 -> 111.221.77.172:40010 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] + 152 UDP 192.168.1.34:13021 -> 157.55.130.156:40034 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] + 153 UDP 192.168.1.34:13021 -> 157.55.235.161:40011 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] + 154 UDP 192.168.1.34:13021 -> 157.55.235.176:40022 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] + 155 UDP 192.168.1.34:13021 -> 157.56.52.27:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] + 156 UDP 192.168.1.34:13021 -> 157.56.52.28:40009 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] + 157 UDP 192.168.1.34:13021 -> 64.4.23.143:40018 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 158 UDP 192.168.1.34:13021 -> 64.4.23.155:40004 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 159 UDP 192.168.1.34:13021 -> 65.55.223.29:40010 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 160 UDP 192.168.1.34:13021 -> 111.221.74.15:40024 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 161 UDP 192.168.1.34:13021 -> 111.221.77.145:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 162 UDP 192.168.1.34:13021 -> 111.221.77.166:40011 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 163 UDP 192.168.1.34:13021 -> 157.55.56.142:40023 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 164 UDP 192.168.1.34:13021 -> 157.55.56.151:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 165 UDP 192.168.1.34:13021 -> 157.55.56.175:40013 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 166 UDP 192.168.1.34:13021 -> 157.55.130.143:40017 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 167 UDP 192.168.1.34:13021 -> 157.55.235.155:40003 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 168 UDP 192.168.1.34:13021 -> 157.56.52.17:40013 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 169 UDP 192.168.1.34:13021 -> 64.4.23.166:40022 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] + 170 UDP 192.168.1.34:13021 -> 65.55.223.25:40028 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] + 171 UDP 192.168.1.34:13021 -> 65.55.223.43:40002 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] + 172 UDP 192.168.1.34:13021 -> 111.221.74.43:40001 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] + 173 UDP 192.168.1.34:13021 -> 111.221.77.151:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] + 174 UDP 192.168.1.34:13021 -> 157.55.56.162:40004 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] + 175 UDP 192.168.1.34:13021 -> 157.55.130.147:40019 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] + 176 UDP 192.168.1.34:13021 -> 157.55.235.175:40008 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] + 177 UDP 192.168.1.34:13021 -> 213.199.179.150:40004 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] + 178 UDP 192.168.1.34:13021 -> 111.221.74.12:40031 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] + 179 UDP 192.168.1.34:13021 -> 111.221.74.48:40008 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] + 180 UDP 192.168.1.34:13021 -> 111.221.77.165:40020 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] + 181 UDP 192.168.1.34:13021 -> 213.199.179.141:40015 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] + 182 UDP 192.168.1.34:13021 -> 213.199.179.143:40022 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] + 183 UDP 192.168.1.34:13021 -> 213.199.179.154:40034 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] + 184 UDP 192.168.1.34:13021 -> 65.55.223.28:40026 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] + 185 UDP 192.168.1.34:13021 -> 111.221.74.40:40018 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] + 186 UDP 192.168.1.34:13021 -> 157.55.130.175:40006 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] + 187 UDP 192.168.1.34:13021 -> 157.56.52.26:40026 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] + 188 UDP 192.168.1.34:13021 -> 213.199.179.165:40007 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] + 189 UDP 192.168.1.34:13021 -> 64.4.23.141:40004 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] + 190 UDP 192.168.1.34:13021 -> 111.221.74.29:40024 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] + 191 UDP 192.168.1.34:13021 -> 111.221.74.31:40021 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] + 192 UDP 192.168.1.34:13021 -> 111.221.77.176:40020 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] + 193 UDP 192.168.1.34:13021 -> 157.55.235.153:40023 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] + 194 UDP 192.168.1.34:13021 -> 213.199.179.168:40006 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] + 195 UDP 192.168.1.34:13021 -> 64.4.23.151:40029 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] + 196 UDP 192.168.1.34:13021 -> 64.4.23.165:40020 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] + 197 UDP 192.168.1.34:13021 -> 111.221.77.142:40023 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] + 198 UDP 192.168.1.34:13021 -> 157.55.130.151:40017 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] + 199 UDP 192.168.1.34:13021 -> 64.4.23.168:40006 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] + 200 UDP 192.168.1.34:13021 -> 65.55.223.21:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] + 201 UDP 192.168.1.34:13021 -> 65.55.223.45:40012 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] + 202 UDP 192.168.1.34:13021 -> 111.221.74.44:40031 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] + 203 UDP 192.168.1.34:13021 -> 111.221.74.46:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] + 204 UDP 192.168.1.34:13021 -> 111.221.77.153:40024 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] + 205 UDP 192.168.1.34:13021 -> 157.55.56.148:40010 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] + 206 UDP 192.168.1.34:13021 -> 157.55.235.157:40010 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] + 207 UDP 192.168.1.34:13021 -> 157.55.235.172:40032 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] + 208 UDP 192.168.1.34:13021 -> 157.56.52.18:33033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] + 209 UDP 192.168.1.34:13021 -> 213.199.179.170:40011 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] + 210 UDP 192.168.1.34:13021 -> 64.4.23.150:40004 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 211 UDP 192.168.1.34:13021 -> 64.4.23.159:40009 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 212 UDP 192.168.1.34:13021 -> 65.55.223.17:40022 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 213 UDP 192.168.1.34:13021 -> 111.221.74.17:40022 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 214 UDP 192.168.1.34:13021 -> 111.221.74.18:33033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 215 UDP 192.168.1.34:13021 -> 111.221.74.32:40009 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 216 UDP 192.168.1.34:13021 -> 111.221.74.42:40024 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 217 UDP 192.168.1.34:13021 -> 157.55.56.146:33033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 218 UDP 192.168.1.34:13021 -> 157.55.56.161:40012 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 219 UDP 192.168.1.34:13021 -> 157.55.130.155:40020 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 220 UDP 192.168.1.34:13021 -> 157.55.130.165:40026 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 221 UDP 192.168.1.34:13021 -> 157.55.235.142:40025 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 222 UDP 192.168.1.34:13021 -> 157.56.52.33:40011 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 223 UDP 192.168.1.34:13021 -> 213.199.179.162:40029 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 224 UDP 192.168.1.34:13021 -> 64.4.23.148:40010 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] + 225 UDP 192.168.1.34:13021 -> 65.55.223.18:33033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] + 226 UDP 192.168.1.34:13021 -> 65.55.223.41:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] + 227 UDP 192.168.1.34:13021 -> 111.221.77.148:40029 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] + 228 UDP 192.168.1.34:13021 -> 157.55.130.146:33033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] + 229 UDP 192.168.1.34:13021 -> 157.55.235.143:40030 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] + 230 UDP 192.168.1.34:13021 -> 157.55.235.160:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] + 231 UDP 192.168.1.34:13021 -> 157.55.235.166:40015 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] + 232 UDP 192.168.1.34:13021 -> 157.56.52.37:40032 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] + 233 UDP 192.168.1.34:13021 -> 64.4.23.140:40012 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] + 234 UDP 192.168.1.34:13021 -> 64.4.23.170:40011 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] + 235 UDP 192.168.1.34:13021 -> 111.221.74.19:40001 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] + 236 UDP 192.168.1.34:13021 -> 111.221.77.160:40028 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] + 237 UDP 192.168.1.34:13021 -> 111.221.77.168:40007 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] + 238 UDP 192.168.1.34:13021 -> 157.55.56.145:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] + 239 UDP 192.168.1.34:13021 -> 157.55.56.165:40020 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] + 240 UDP 192.168.1.34:13021 -> 157.55.235.145:40022 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] + 241 UDP 192.168.1.34:13021 -> 157.56.52.15:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] + 242 UDP 192.168.1.34:13021 -> 65.55.223.24:40032 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 243 UDP 192.168.1.34:13021 -> 111.221.74.16:40032 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 244 UDP 192.168.1.34:13021 -> 111.221.77.141:40020 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 245 UDP 192.168.1.34:13021 -> 111.221.77.149:40030 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 246 UDP 192.168.1.34:13021 -> 111.221.77.154:40017 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 247 UDP 192.168.1.34:13021 -> 157.55.130.157:40013 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 248 UDP 192.168.1.34:13021 -> 157.55.130.160:40029 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 249 UDP 192.168.1.34:13021 -> 157.55.130.172:40019 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 250 UDP 192.168.1.34:13021 -> 157.56.52.45:40012 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 251 UDP 192.168.1.34:13021 -> 213.199.179.146:33033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 252 UDP 192.168.1.34:13021 -> 213.199.179.146:40030 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 253 UDP 192.168.1.34:13021 -> 64.4.23.146:33033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] + 254 UDP 192.168.1.34:13021 -> 64.4.23.173:40017 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] + 255 UDP 192.168.1.34:13021 -> 65.55.223.15:40026 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] + 256 UDP 192.168.1.34:13021 -> 65.55.223.38:40015 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] + 257 UDP 192.168.1.34:13021 -> 65.55.223.44:40013 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] + 258 UDP 192.168.1.34:13021 -> 111.221.74.25:40028 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] + 259 UDP 192.168.1.34:13021 -> 111.221.77.143:40022 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] + 260 UDP 192.168.1.34:13021 -> 157.55.130.144:40034 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] + 261 UDP 192.168.1.34:13021 -> 157.55.235.146:33033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] + 262 UDP 192.168.1.34:13021 -> 213.199.179.145:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] + 263 UDP 192.168.1.34:13021 -> 65.55.223.20:40033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] + 264 UDP 192.168.1.34:13021 -> 111.221.74.24:40001 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] + 265 UDP 192.168.1.34:13021 -> 111.221.77.140:40003 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] + 266 UDP 192.168.1.34:13021 -> 157.55.56.166:40022 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] + 267 UDP 192.168.1.34:13021 -> 157.55.130.148:40019 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] + 268 UDP 192.168.1.34:13021 -> 157.55.235.158:40031 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] + 269 UDP 192.168.1.34:13021 -> 157.55.235.159:40021 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] + 270 UDP 192.168.1.34:13021 -> 157.55.235.173:40012 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] + 271 UDP 192.168.1.34:13021 -> 157.56.52.21:40004 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] + 272 UDP 192.168.1.34:13021 -> 157.56.52.24:40001 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] + 273 UDP 192.168.1.34:13021 -> 157.56.52.47:40029 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] + 274 UDP 192.168.1.34:13021 -> 213.199.179.152:40023 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] 275 IGMP 192.168.1.1:0 -> 224.0.0.1:0 [proto: 82/IGMP][cat: Network/14][1 pkts/60 bytes -> 0 pkts/0 bytes] 276 IGMP 192.168.1.92:0 -> 224.0.0.251:0 [proto: 82/IGMP][cat: Network/14][1 pkts/60 bytes -> 0 pkts/0 bytes] - 277 UDP 192.168.1.34:13021 -> 65.55.223.39:443 [proto: 125/Skype][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes] - 278 UDP 192.168.1.34:13021 -> 71.62.0.85:33647 [proto: 125/Skype][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes] - 279 UDP 192.168.1.34:13021 -> 106.188.249.186:15120 [proto: 125/Skype][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes] - 280 UDP 192.168.1.34:13021 -> 157.55.130.145:443 [proto: 125/Skype][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes] - 281 UDP 192.168.1.34:13021 -> 176.97.100.249:26635 [proto: 125/Skype][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes] + 277 UDP 192.168.1.34:13021 -> 65.55.223.39:443 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes] + 278 UDP 192.168.1.34:13021 -> 71.62.0.85:33647 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes] + 279 UDP 192.168.1.34:13021 -> 106.188.249.186:15120 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes] + 280 UDP 192.168.1.34:13021 -> 157.55.130.145:443 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes] + 281 UDP 192.168.1.34:13021 -> 176.97.100.249:26635 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes] 282 IGMP 192.168.1.34:0 -> 224.0.0.251:0 [proto: 82/IGMP][cat: Network/14][1 pkts/46 bytes -> 0 pkts/0 bytes] diff --git a/tests/result/skype_no_unknown.pcap.out b/tests/result/skype_no_unknown.pcap.out index 9c1dcbd1f..1c43d3161 100644 --- a/tests/result/skype_no_unknown.pcap.out +++ b/tests/result/skype_no_unknown.pcap.out @@ -3,11 +3,12 @@ DNS 2 267 1 MDNS 3 400 2 NetBIOS 22 3106 7 SSDP 40 14100 3 +SkypeCallIn 684 60681 178 ICMP 4 328 1 IGMP 4 226 4 SSL 79 7742 6 Dropbox 16 7342 5 -Skype 1291 190136 223 +Skype 607 129455 45 Apple 76 19581 1 MS_OneDrive 348 181687 1 ApplePush 8 1118 1 @@ -16,10 +17,10 @@ ApplePush 8 1118 1 2 TCP 192.168.1.34:51279 <-> 111.221.74.48:40008 [proto: 125/Skype][cat: VoIP/10][101 pkts/30681 bytes <-> 98 pkts/59934 bytes] 3 TCP 192.168.1.34:51227 <-> 17.172.100.36:443 [proto: 91.140/SSL.Apple][cat: Web/5][38 pkts/9082 bytes <-> 38 pkts/10499 bytes] 4 UDP 192.168.0.254:1025 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][36 pkts/13402 bytes -> 0 pkts/0 bytes] - 5 TCP 192.168.1.34:51292 <-> 71.238.7.203:18767 [proto: 125/Skype][cat: VoIP/10][17 pkts/2686 bytes <-> 13 pkts/2218 bytes] - 6 TCP 192.168.1.34:51293 <-> 5.248.186.221:31010 [proto: 125/Skype][cat: VoIP/10][12 pkts/2194 bytes <-> 8 pkts/1711 bytes] + 5 TCP 192.168.1.34:51292 <-> 71.238.7.203:18767 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][17 pkts/2686 bytes <-> 13 pkts/2218 bytes] + 6 TCP 192.168.1.34:51293 <-> 5.248.186.221:31010 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][12 pkts/2194 bytes <-> 8 pkts/1711 bytes] 7 TCP 192.168.1.34:51231 <-> 23.206.33.166:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][16 pkts/3461 bytes <-> 1 pkts/74 bytes][client: apps.skype.com] - 8 TCP 192.168.1.34:51297 <-> 91.190.216.24:12350 [proto: 125/Skype][cat: VoIP/10][12 pkts/3242 bytes <-> 3 pkts/290 bytes] + 8 TCP 192.168.1.34:51297 <-> 91.190.216.24:12350 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][12 pkts/3242 bytes <-> 3 pkts/290 bytes] 9 TCP 108.160.163.108:443 <-> 192.168.1.34:51222 [proto: 91.121/SSL.Dropbox][cat: Cloud/13][4 pkts/818 bytes <-> 4 pkts/2172 bytes] 10 TCP 192.168.1.34:51295 <-> 23.206.33.166:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][11 pkts/2074 bytes <-> 1 pkts/74 bytes][client: apps.skype.com] 11 TCP 192.168.1.34:51238 <-> 157.55.235.147:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][13 pkts/1446 bytes <-> 4 pkts/266 bytes] @@ -29,52 +30,52 @@ ApplePush 8 1118 1 15 TCP 192.168.1.34:51239 <-> 65.55.223.45:443 [proto: 91/SSL][cat: Web/5][12 pkts/1291 bytes <-> 3 pkts/242 bytes] 16 TCP 192.168.1.34:51274 <-> 157.55.235.152:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][12 pkts/1235 bytes <-> 3 pkts/285 bytes] 17 TCP 192.168.1.34:51260 <-> 157.55.130.142:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][12 pkts/1249 bytes <-> 3 pkts/265 bytes] - 18 TCP 192.168.1.34:51258 <-> 213.199.179.176:40021 [proto: 125/Skype][cat: VoIP/10][14 pkts/1104 bytes <-> 5 pkts/392 bytes] - 19 TCP 192.168.1.34:51269 <-> 213.199.179.175:40029 [proto: 125/Skype][cat: VoIP/10][14 pkts/1106 bytes <-> 5 pkts/385 bytes] - 20 TCP 192.168.1.34:51290 <-> 5.248.186.221:31010 [proto: 125/Skype][cat: VoIP/10][14 pkts/1070 bytes <-> 4 pkts/420 bytes] - 21 TCP 192.168.1.34:51234 <-> 157.55.235.147:40001 [proto: 125/Skype][cat: VoIP/10][14 pkts/1117 bytes <-> 4 pkts/337 bytes] + 18 TCP 192.168.1.34:51258 <-> 213.199.179.176:40021 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][14 pkts/1104 bytes <-> 5 pkts/392 bytes] + 19 TCP 192.168.1.34:51269 <-> 213.199.179.175:40029 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][14 pkts/1106 bytes <-> 5 pkts/385 bytes] + 20 TCP 192.168.1.34:51290 <-> 5.248.186.221:31010 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][14 pkts/1070 bytes <-> 4 pkts/420 bytes] + 21 TCP 192.168.1.34:51234 <-> 157.55.235.147:40001 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][14 pkts/1117 bytes <-> 4 pkts/337 bytes] 22 TCP 192.168.1.34:51253 <-> 64.4.23.166:443 [proto: 91/SSL][cat: Web/5][11 pkts/1164 bytes <-> 3 pkts/268 bytes] 23 TCP 192.168.1.34:51247 <-> 157.56.52.44:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][10 pkts/1077 bytes <-> 4 pkts/351 bytes] - 24 TCP 192.168.1.34:51257 <-> 157.55.235.170:40032 [proto: 125/Skype][cat: VoIP/10][14 pkts/1059 bytes <-> 4 pkts/367 bytes] - 25 TCP 192.168.1.34:51277 <-> 157.55.235.156:40026 [proto: 125/Skype][cat: VoIP/10][13 pkts/1011 bytes <-> 4 pkts/415 bytes] - 26 TCP 192.168.1.34:51305 <-> 149.13.32.15:13392 [proto: 125/Skype][cat: VoIP/10][14 pkts/1093 bytes <-> 4 pkts/333 bytes] + 24 TCP 192.168.1.34:51257 <-> 157.55.235.170:40032 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][14 pkts/1059 bytes <-> 4 pkts/367 bytes] + 25 TCP 192.168.1.34:51277 <-> 157.55.235.156:40026 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][13 pkts/1011 bytes <-> 4 pkts/415 bytes] + 26 TCP 192.168.1.34:51305 <-> 149.13.32.15:13392 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][14 pkts/1093 bytes <-> 4 pkts/333 bytes] 27 TCP 192.168.1.34:51271 <-> 213.199.179.175:443 [proto: 91/SSL][cat: Web/5][12 pkts/1130 bytes <-> 3 pkts/285 bytes] 28 TCP 192.168.1.34:51280 <-> 157.55.235.146:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][12 pkts/1130 bytes <-> 3 pkts/285 bytes] 29 TCP 192.168.1.34:51281 <-> 157.55.235.156:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][12 pkts/1095 bytes <-> 3 pkts/285 bytes] 30 TCP 192.168.1.34:51240 <-> 111.221.74.45:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][10 pkts/1022 bytes <-> 4 pkts/351 bytes] - 31 TCP 192.168.1.34:51289 <-> 71.238.7.203:18767 [proto: 125/Skype][cat: VoIP/10][13 pkts/991 bytes <-> 4 pkts/378 bytes] - 32 TCP 192.168.1.34:51272 <-> 157.55.235.152:40029 [proto: 125/Skype][cat: VoIP/10][13 pkts/1006 bytes <-> 4 pkts/361 bytes] + 31 TCP 192.168.1.34:51289 <-> 71.238.7.203:18767 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][13 pkts/991 bytes <-> 4 pkts/378 bytes] + 32 TCP 192.168.1.34:51272 <-> 157.55.235.152:40029 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][13 pkts/1006 bytes <-> 4 pkts/361 bytes] 33 TCP 192.168.1.34:51250 <-> 111.221.77.175:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][10 pkts/1012 bytes <-> 4 pkts/351 bytes] - 34 TCP 192.168.1.34:51235 <-> 65.55.223.45:40009 [proto: 125/Skype][cat: VoIP/10][13 pkts/976 bytes <-> 4 pkts/365 bytes] - 35 TCP 192.168.1.34:51237 <-> 157.55.130.176:40022 [proto: 125/Skype][cat: VoIP/10][13 pkts/986 bytes <-> 4 pkts/344 bytes] - 36 TCP 192.168.1.34:51276 <-> 157.55.235.146:40021 [proto: 125/Skype][cat: VoIP/10][13 pkts/981 bytes <-> 4 pkts/348 bytes] - 37 TCP 192.168.1.34:51255 <-> 157.55.130.142:40005 [proto: 125/Skype][cat: VoIP/10][13 pkts/1004 bytes <-> 4 pkts/318 bytes] - 38 TCP 192.168.1.34:51251 <-> 64.4.23.166:40029 [proto: 125/Skype][cat: VoIP/10][12 pkts/948 bytes <-> 4 pkts/349 bytes] - 39 TCP 192.168.1.34:51229 <-> 157.56.52.28:40009 [proto: 125/Skype][cat: VoIP/10][12 pkts/951 bytes <-> 4 pkts/341 bytes] - 40 TCP 192.168.1.34:51248 <-> 111.221.77.175:40030 [proto: 125/Skype][cat: VoIP/10][11 pkts/858 bytes <-> 5 pkts/426 bytes] - 41 TCP 192.168.1.34:51246 <-> 157.56.52.44:40020 [proto: 125/Skype][cat: VoIP/10][11 pkts/856 bytes <-> 5 pkts/409 bytes] - 42 TCP 192.168.1.34:51288 <-> 76.167.161.6:20274 [proto: 125/Skype][cat: VoIP/10][11 pkts/861 bytes <-> 4 pkts/397 bytes] - 43 TCP 192.168.1.34:51236 <-> 111.221.74.45:40008 [proto: 125/Skype][cat: VoIP/10][11 pkts/844 bytes <-> 5 pkts/413 bytes] + 34 TCP 192.168.1.34:51235 <-> 65.55.223.45:40009 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][13 pkts/976 bytes <-> 4 pkts/365 bytes] + 35 TCP 192.168.1.34:51237 <-> 157.55.130.176:40022 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][13 pkts/986 bytes <-> 4 pkts/344 bytes] + 36 TCP 192.168.1.34:51276 <-> 157.55.235.146:40021 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][13 pkts/981 bytes <-> 4 pkts/348 bytes] + 37 TCP 192.168.1.34:51255 <-> 157.55.130.142:40005 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][13 pkts/1004 bytes <-> 4 pkts/318 bytes] + 38 TCP 192.168.1.34:51251 <-> 64.4.23.166:40029 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][12 pkts/948 bytes <-> 4 pkts/349 bytes] + 39 TCP 192.168.1.34:51229 <-> 157.56.52.28:40009 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][12 pkts/951 bytes <-> 4 pkts/341 bytes] + 40 TCP 192.168.1.34:51248 <-> 111.221.77.175:40030 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][11 pkts/858 bytes <-> 5 pkts/426 bytes] + 41 TCP 192.168.1.34:51246 <-> 157.56.52.44:40020 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][11 pkts/856 bytes <-> 5 pkts/409 bytes] + 42 TCP 192.168.1.34:51288 <-> 76.167.161.6:20274 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][11 pkts/861 bytes <-> 4 pkts/397 bytes] + 43 TCP 192.168.1.34:51236 <-> 111.221.74.45:40008 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][11 pkts/844 bytes <-> 5 pkts/413 bytes] 44 TCP 192.168.1.34:51282 <-> 64.4.23.159:443 [proto: 91/SSL][cat: Web/5][10 pkts/972 bytes <-> 3 pkts/285 bytes] 45 TCP 192.168.1.34:51259 <-> 111.221.77.142:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][10 pkts/902 bytes <-> 4 pkts/351 bytes] - 46 TCP 192.168.1.34:51256 <-> 111.221.77.142:40013 [proto: 125/Skype][cat: VoIP/10][11 pkts/815 bytes <-> 5 pkts/423 bytes] - 47 TCP 192.168.1.34:51291 <-> 81.83.77.141:17639 [proto: 125/Skype][cat: VoIP/10][12 pkts/942 bytes <-> 3 pkts/284 bytes] - 48 TCP 192.168.1.34:51278 <-> 64.4.23.159:40009 [proto: 125/Skype][cat: VoIP/10][11 pkts/832 bytes <-> 4 pkts/387 bytes] + 46 TCP 192.168.1.34:51256 <-> 111.221.77.142:40013 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][11 pkts/815 bytes <-> 5 pkts/423 bytes] + 47 TCP 192.168.1.34:51291 <-> 81.83.77.141:17639 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][12 pkts/942 bytes <-> 3 pkts/284 bytes] + 48 TCP 192.168.1.34:51278 <-> 64.4.23.159:40009 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][11 pkts/832 bytes <-> 4 pkts/387 bytes] 49 TCP 192.168.1.34:51268 <-> 111.221.74.18:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][10 pkts/852 bytes <-> 4 pkts/351 bytes] - 50 TCP 192.168.1.34:51309 <-> 149.13.32.15:13392 [proto: 125/Skype][cat: VoIP/10][12 pkts/916 bytes <-> 3 pkts/281 bytes] - 51 TCP 192.168.1.34:51316 <-> 149.13.32.15:13392 [proto: 125/Skype][cat: VoIP/10][11 pkts/862 bytes <-> 3 pkts/314 bytes] - 52 TCP 192.168.1.34:51267 <-> 111.221.74.18:40025 [proto: 125/Skype][cat: VoIP/10][10 pkts/785 bytes <-> 4 pkts/378 bytes] + 50 TCP 192.168.1.34:51309 <-> 149.13.32.15:13392 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][12 pkts/916 bytes <-> 3 pkts/281 bytes] + 51 TCP 192.168.1.34:51316 <-> 149.13.32.15:13392 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][11 pkts/862 bytes <-> 3 pkts/314 bytes] + 52 TCP 192.168.1.34:51267 <-> 111.221.74.18:40025 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][10 pkts/785 bytes <-> 4 pkts/378 bytes] 53 TCP 192.168.1.34:51232 <-> 157.56.52.28:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][10 pkts/872 bytes <-> 3 pkts/285 bytes] - 54 TCP 192.168.1.34:51298 <-> 82.224.110.241:38895 [proto: 125/Skype][cat: VoIP/10][12 pkts/931 bytes <-> 2 pkts/219 bytes] - 55 TCP 192.168.1.34:51313 <-> 212.161.8.36:13392 [proto: 125/Skype][cat: VoIP/10][11 pkts/855 bytes <-> 3 pkts/287 bytes] + 54 TCP 192.168.1.34:51298 <-> 82.224.110.241:38895 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][12 pkts/931 bytes <-> 2 pkts/219 bytes] + 55 TCP 192.168.1.34:51313 <-> 212.161.8.36:13392 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][11 pkts/855 bytes <-> 3 pkts/287 bytes] 56 UDP 192.168.1.1:137 <-> 192.168.1.34:137 [proto: 10/NetBIOS][cat: System/18][6 pkts/958 bytes <-> 2 pkts/184 bytes] - 57 TCP 192.168.1.34:51311 <-> 93.79.224.176:14506 [proto: 125/Skype][cat: VoIP/10][11 pkts/848 bytes <-> 3 pkts/286 bytes] + 57 TCP 192.168.1.34:51311 <-> 93.79.224.176:14506 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][11 pkts/848 bytes <-> 3 pkts/286 bytes] 58 TCP 17.143.160.149:5223 <-> 192.168.1.34:50407 [proto: 238/ApplePush][cat: Cloud/13][4 pkts/674 bytes <-> 4 pkts/444 bytes] 59 UDP 192.168.1.34:17500 -> 192.168.1.255:17500 [proto: 121/Dropbox][cat: Cloud/13][2 pkts/1088 bytes -> 0 pkts/0 bytes] 60 UDP 192.168.1.34:17500 -> 255.255.255.255:17500 [proto: 121/Dropbox][cat: Cloud/13][2 pkts/1088 bytes -> 0 pkts/0 bytes] 61 UDP 192.168.1.92:17500 -> 192.168.1.255:17500 [proto: 121/Dropbox][cat: Cloud/13][2 pkts/1088 bytes -> 0 pkts/0 bytes] 62 UDP 192.168.1.92:17500 -> 255.255.255.255:17500 [proto: 121/Dropbox][cat: Cloud/13][2 pkts/1088 bytes -> 0 pkts/0 bytes] - 63 TCP 192.168.1.34:51318 <-> 212.161.8.36:13392 [proto: 125/Skype][cat: VoIP/10][7 pkts/571 bytes <-> 3 pkts/286 bytes] + 63 TCP 192.168.1.34:51318 <-> 212.161.8.36:13392 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][7 pkts/571 bytes <-> 3 pkts/286 bytes] 64 UDP 192.168.1.34:137 -> 192.168.1.255:137 [proto: 10/NetBIOS][cat: System/18][7 pkts/680 bytes -> 0 pkts/0 bytes] 65 TCP 192.168.1.34:51299 <-> 91.190.216.125:12350 [proto: 125/Skype][cat: VoIP/10][6 pkts/353 bytes <-> 5 pkts/306 bytes] 66 UDP 192.168.1.34:58631 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][8 pkts/648 bytes -> 0 pkts/0 bytes][Host: conn.skype.akadns.net] @@ -107,8 +108,8 @@ ApplePush 8 1118 1 93 UDP 192.168.1.34:58061 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][2 pkts/349 bytes -> 0 pkts/0 bytes] 94 UDP 192.168.1.34:59237 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][2 pkts/349 bytes -> 0 pkts/0 bytes] 95 ICMP 192.168.1.1:0 -> 192.168.1.34:0 [proto: 81/ICMP][cat: Network/14][4 pkts/328 bytes -> 0 pkts/0 bytes] - 96 UDP 192.168.1.34:13021 -> 83.31.12.173:23939 [proto: 125/Skype][cat: VoIP/10][5 pkts/300 bytes -> 0 pkts/0 bytes] - 97 UDP 192.168.1.34:13021 -> 174.49.171.224:32011 [proto: 125/Skype][cat: VoIP/10][5 pkts/300 bytes -> 0 pkts/0 bytes] + 96 UDP 192.168.1.34:13021 -> 83.31.12.173:23939 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][5 pkts/300 bytes -> 0 pkts/0 bytes] + 97 UDP 192.168.1.34:13021 -> 174.49.171.224:32011 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][5 pkts/300 bytes -> 0 pkts/0 bytes] 98 UDP 192.168.1.34:57694 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/101 bytes <-> 1 pkts/166 bytes][Host: db3msgr5011709.gateway.messenger.live.com] 99 UDP [fe80::c62c:3ff:fe06:49fe]:5353 -> [ff02::fb]:5353 [proto: 8/MDNS][cat: Network/14][2 pkts/258 bytes -> 0 pkts/0 bytes] 100 UDP 192.168.1.92:138 -> 192.168.1.255:138 [proto: 10/NetBIOS][cat: System/18][1 pkts/216 bytes -> 0 pkts/0 bytes] @@ -119,153 +120,153 @@ ApplePush 8 1118 1 105 UDP 192.168.1.92:137 -> 192.168.1.255:137 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes -> 0 pkts/0 bytes] 106 UDP 192.168.1.92:53826 -> 192.168.1.255:137 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes -> 0 pkts/0 bytes] 107 UDP 192.168.1.34:61016 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][1 pkts/80 bytes -> 0 pkts/0 bytes][Host: apps.skypeassets.com] - 108 UDP 192.168.1.34:13021 -> 64.4.23.148:40029 [proto: 125/Skype][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] - 109 UDP 192.168.1.34:13021 -> 64.4.23.171:40031 [proto: 125/Skype][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] - 110 UDP 192.168.1.34:13021 -> 65.55.223.27:40029 [proto: 125/Skype][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] - 111 UDP 192.168.1.34:13021 -> 111.221.74.40:40025 [proto: 125/Skype][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] - 112 UDP 192.168.1.34:13021 -> 111.221.77.151:40029 [proto: 125/Skype][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] - 113 UDP 192.168.1.34:13021 -> 111.221.77.173:40012 [proto: 125/Skype][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] - 114 UDP 192.168.1.34:13021 -> 157.55.56.147:40014 [proto: 125/Skype][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] - 115 UDP 192.168.1.34:13021 -> 157.55.130.167:40031 [proto: 125/Skype][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] - 116 UDP 192.168.1.34:13021 -> 157.55.235.144:40032 [proto: 125/Skype][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] - 117 UDP 192.168.1.34:13021 -> 157.56.52.15:40027 [proto: 125/Skype][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] - 118 UDP 192.168.1.34:13021 -> 213.199.179.141:40015 [proto: 125/Skype][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] - 119 UDP 192.168.1.34:13021 -> 213.199.179.156:40031 [proto: 125/Skype][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] - 120 UDP 192.168.1.34:13021 -> 64.4.23.143:40018 [proto: 125/Skype][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] - 121 UDP 192.168.1.34:13021 -> 111.221.74.28:40026 [proto: 125/Skype][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] - 122 UDP 192.168.1.34:13021 -> 111.221.77.170:40021 [proto: 125/Skype][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] - 123 UDP 192.168.1.34:13021 -> 157.56.52.39:40031 [proto: 125/Skype][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] - 124 UDP 192.168.1.34:13021 -> 157.56.52.43:40006 [proto: 125/Skype][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] - 125 UDP 192.168.1.34:13021 -> 213.199.179.143:40018 [proto: 125/Skype][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] - 126 UDP 192.168.1.34:13021 -> 213.199.179.154:40017 [proto: 125/Skype][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] - 127 UDP 192.168.1.34:13021 -> 213.199.179.165:40004 [proto: 125/Skype][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] - 128 UDP 192.168.1.34:13021 -> 65.55.223.15:40030 [proto: 125/Skype][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 129 UDP 192.168.1.34:13021 -> 65.55.223.24:40029 [proto: 125/Skype][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 130 UDP 192.168.1.34:13021 -> 65.55.223.32:40022 [proto: 125/Skype][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 131 UDP 192.168.1.34:13021 -> 65.55.223.43:40006 [proto: 125/Skype][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 132 UDP 192.168.1.34:13021 -> 111.221.74.20:40033 [proto: 125/Skype][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 133 UDP 192.168.1.34:13021 -> 111.221.77.154:40017 [proto: 125/Skype][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 134 UDP 192.168.1.34:13021 -> 157.55.130.149:40011 [proto: 125/Skype][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 135 UDP 192.168.1.34:13021 -> 157.55.235.168:40024 [proto: 125/Skype][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 136 UDP 192.168.1.34:13021 -> 157.56.52.18:33033 [proto: 125/Skype][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 137 UDP 192.168.1.34:13021 -> 157.56.52.20:40033 [proto: 125/Skype][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 138 UDP 192.168.1.34:13021 -> 213.199.179.160:40030 [proto: 125/Skype][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 139 UDP 192.168.1.34:13021 -> 64.4.23.158:40021 [proto: 125/Skype][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] - 140 UDP 192.168.1.34:13021 -> 64.4.23.173:40017 [proto: 125/Skype][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] - 141 UDP 192.168.1.34:13021 -> 65.55.223.42:40024 [proto: 125/Skype][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] - 142 UDP 192.168.1.34:13021 -> 65.55.223.44:40020 [proto: 125/Skype][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] - 143 UDP 192.168.1.34:13021 -> 111.221.74.33:40011 [proto: 125/Skype][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] - 144 UDP 192.168.1.34:13021 -> 111.221.77.165:40004 [proto: 125/Skype][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] - 145 UDP 192.168.1.34:13021 -> 157.55.56.140:40003 [proto: 125/Skype][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] - 146 UDP 192.168.1.34:13021 -> 157.55.56.170:40015 [proto: 125/Skype][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] - 147 UDP 192.168.1.34:13021 -> 157.55.130.165:40028 [proto: 125/Skype][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] - 148 UDP 192.168.1.34:13021 -> 157.55.130.170:40018 [proto: 125/Skype][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] - 149 UDP 192.168.1.34:13021 -> 157.55.235.146:33033 [proto: 125/Skype][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] - 150 UDP 192.168.1.34:13021 -> 157.56.52.25:40010 [proto: 125/Skype][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] - 151 UDP 192.168.1.34:13021 -> 213.199.179.172:40011 [proto: 125/Skype][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] - 152 UDP 192.168.1.34:13021 -> 64.4.23.165:40004 [proto: 125/Skype][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] - 153 UDP 192.168.1.34:13021 -> 111.221.77.149:40016 [proto: 125/Skype][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] - 154 UDP 192.168.1.34:13021 -> 157.55.235.148:40033 [proto: 125/Skype][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] - 155 UDP 192.168.1.34:13021 -> 157.56.52.13:40021 [proto: 125/Skype][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] - 156 UDP 192.168.1.34:13021 -> 157.56.52.38:40015 [proto: 125/Skype][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] - 157 UDP 192.168.1.34:13021 -> 157.56.52.42:40005 [proto: 125/Skype][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] - 158 UDP 192.168.1.34:13021 -> 213.199.179.146:33033 [proto: 125/Skype][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] - 159 UDP 192.168.1.34:13021 -> 64.4.23.155:40004 [proto: 125/Skype][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] - 160 UDP 192.168.1.34:13021 -> 65.55.223.22:40009 [proto: 125/Skype][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] - 161 UDP 192.168.1.34:13021 -> 65.55.223.28:40014 [proto: 125/Skype][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] - 162 UDP 192.168.1.34:13021 -> 65.55.223.33:40002 [proto: 125/Skype][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] - 163 UDP 192.168.1.34:13021 -> 157.55.235.155:40027 [proto: 125/Skype][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] - 164 UDP 192.168.1.34:13021 -> 157.55.235.175:40023 [proto: 125/Skype][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] - 165 UDP 192.168.1.34:13021 -> 64.4.23.145:40027 [proto: 125/Skype][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] - 166 UDP 192.168.1.34:13021 -> 111.221.74.19:40001 [proto: 125/Skype][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] - 167 UDP 192.168.1.34:13021 -> 111.221.74.34:40027 [proto: 125/Skype][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] - 168 UDP 192.168.1.34:13021 -> 157.55.130.146:40033 [proto: 125/Skype][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] - 169 UDP 192.168.1.34:13021 -> 157.55.235.158:40027 [proto: 125/Skype][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] - 170 UDP 192.168.1.34:13021 -> 157.55.235.176:40031 [proto: 125/Skype][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] - 171 UDP 192.168.1.34:13021 -> 213.199.179.149:40030 [proto: 125/Skype][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] - 172 UDP 192.168.1.34:13021 -> 64.4.23.142:40023 [proto: 125/Skype][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] - 173 UDP 192.168.1.34:13021 -> 111.221.74.24:40032 [proto: 125/Skype][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] - 174 UDP 192.168.1.34:13021 -> 111.221.77.159:40031 [proto: 125/Skype][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] - 175 UDP 192.168.1.34:13021 -> 157.55.56.142:40013 [proto: 125/Skype][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] - 176 UDP 192.168.1.34:13021 -> 157.55.56.145:40008 [proto: 125/Skype][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] - 177 UDP 192.168.1.34:13021 -> 157.55.130.140:40011 [proto: 125/Skype][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] - 178 UDP 192.168.1.34:13021 -> 157.55.130.148:40019 [proto: 125/Skype][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] - 179 UDP 192.168.1.34:13021 -> 157.55.130.152:40022 [proto: 125/Skype][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] - 180 UDP 192.168.1.34:13021 -> 157.55.130.173:40003 [proto: 125/Skype][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] - 181 UDP 192.168.1.34:13021 -> 157.55.235.174:40019 [proto: 125/Skype][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] - 182 UDP 192.168.1.34:13021 -> 157.56.52.27:40025 [proto: 125/Skype][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] - 183 UDP 192.168.1.34:13021 -> 213.199.179.173:40013 [proto: 125/Skype][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] - 184 UDP 192.168.1.34:13021 -> 64.4.23.149:40030 [proto: 125/Skype][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] - 185 UDP 192.168.1.34:13021 -> 65.55.223.13:40009 [proto: 125/Skype][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] - 186 UDP 192.168.1.34:13021 -> 111.221.74.15:40026 [proto: 125/Skype][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] - 187 UDP 192.168.1.34:13021 -> 157.55.56.146:40030 [proto: 125/Skype][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] - 188 UDP 192.168.1.34:13021 -> 157.55.130.150:40007 [proto: 125/Skype][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] - 189 UDP 192.168.1.34:13021 -> 157.55.130.171:40012 [proto: 125/Skype][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] - 190 UDP 192.168.1.34:13021 -> 157.55.235.143:40030 [proto: 125/Skype][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] - 191 UDP 192.168.1.34:13021 -> 157.56.52.33:40002 [proto: 125/Skype][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] - 192 UDP 192.168.1.34:13021 -> 213.199.179.174:40025 [proto: 125/Skype][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] - 193 UDP 192.168.1.34:13021 -> 64.4.23.154:40032 [proto: 125/Skype][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 194 UDP 192.168.1.34:13021 -> 65.55.223.16:40032 [proto: 125/Skype][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 195 UDP 192.168.1.34:13021 -> 65.55.223.17:40025 [proto: 125/Skype][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 196 UDP 192.168.1.34:13021 -> 65.55.223.65:33033 [proto: 125/Skype][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 197 UDP 192.168.1.34:13021 -> 111.221.74.27:40027 [proto: 125/Skype][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 198 UDP 192.168.1.34:13021 -> 111.221.74.44:40019 [proto: 125/Skype][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 199 UDP 192.168.1.34:13021 -> 111.221.77.146:33033 [proto: 125/Skype][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 200 UDP 192.168.1.34:13021 -> 111.221.77.160:40016 [proto: 125/Skype][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 201 UDP 192.168.1.34:13021 -> 157.56.52.24:40032 [proto: 125/Skype][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 202 UDP 192.168.1.34:13021 -> 213.199.179.140:40003 [proto: 125/Skype][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 203 UDP 192.168.1.34:13021 -> 64.4.23.151:40029 [proto: 125/Skype][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] - 204 UDP 192.168.1.34:13021 -> 64.4.23.176:40001 [proto: 125/Skype][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] - 205 UDP 192.168.1.34:13021 -> 157.55.130.146:33033 [proto: 125/Skype][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] - 206 UDP 192.168.1.34:13021 -> 157.55.235.172:40020 [proto: 125/Skype][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] - 207 UDP 192.168.1.34:13021 -> 213.199.179.144:40009 [proto: 125/Skype][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] - 208 UDP 192.168.1.34:13021 -> 111.221.77.145:40024 [proto: 125/Skype][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] - 209 UDP 192.168.1.34:13021 -> 157.55.56.150:40014 [proto: 125/Skype][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] - 210 UDP 192.168.1.34:13021 -> 157.55.130.175:40006 [proto: 125/Skype][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] - 211 UDP 192.168.1.34:13021 -> 157.55.235.160:40022 [proto: 125/Skype][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] - 212 UDP 192.168.1.34:13021 -> 157.56.52.19:40020 [proto: 125/Skype][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] - 213 UDP 192.168.1.34:13021 -> 213.199.179.146:40030 [proto: 125/Skype][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] - 214 UDP 192.168.1.34:13021 -> 64.4.23.140:40003 [proto: 125/Skype][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 215 UDP 192.168.1.34:13021 -> 65.55.223.18:33033 [proto: 125/Skype][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 216 UDP 192.168.1.34:13021 -> 65.55.223.18:40025 [proto: 125/Skype][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 217 UDP 192.168.1.34:13021 -> 111.221.74.18:33033 [proto: 125/Skype][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 218 UDP 192.168.1.34:13021 -> 111.221.74.42:40006 [proto: 125/Skype][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 219 UDP 192.168.1.34:13021 -> 111.221.74.43:40001 [proto: 125/Skype][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 220 UDP 192.168.1.34:13021 -> 111.221.74.46:40027 [proto: 125/Skype][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 221 UDP 192.168.1.34:13021 -> 111.221.77.143:40022 [proto: 125/Skype][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 222 UDP 192.168.1.34:13021 -> 157.55.56.161:40031 [proto: 125/Skype][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 223 UDP 192.168.1.34:13021 -> 157.55.56.167:40024 [proto: 125/Skype][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 224 UDP 192.168.1.34:13021 -> 157.55.130.144:40016 [proto: 125/Skype][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 225 UDP 192.168.1.34:13021 -> 157.55.130.160:40008 [proto: 125/Skype][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 226 UDP 192.168.1.34:13021 -> 157.55.235.166:40015 [proto: 125/Skype][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 227 UDP 192.168.1.34:13021 -> 157.56.52.12:40031 [proto: 125/Skype][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 228 UDP 192.168.1.34:13021 -> 157.56.52.29:40010 [proto: 125/Skype][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 229 UDP 192.168.1.34:13021 -> 64.4.23.146:33033 [proto: 125/Skype][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] - 230 UDP 192.168.1.34:13021 -> 64.4.23.170:40011 [proto: 125/Skype][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] - 231 UDP 192.168.1.34:13021 -> 65.55.223.20:40023 [proto: 125/Skype][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] - 232 UDP 192.168.1.34:13021 -> 157.55.56.143:40018 [proto: 125/Skype][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] - 233 UDP 192.168.1.34:13021 -> 157.55.130.154:40013 [proto: 125/Skype][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] - 234 UDP 192.168.1.34:13021 -> 157.55.235.162:40033 [proto: 125/Skype][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] - 235 UDP 192.168.1.34:13021 -> 157.55.235.171:40006 [proto: 125/Skype][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] - 236 UDP 192.168.1.34:13021 -> 157.56.52.16:40032 [proto: 125/Skype][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] - 237 UDP 192.168.1.34:13021 -> 157.56.52.17:40013 [proto: 125/Skype][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] - 238 UDP 192.168.1.34:13021 -> 111.221.74.13:40009 [proto: 125/Skype][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] - 239 UDP 192.168.1.34:13021 -> 111.221.74.38:40015 [proto: 125/Skype][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] - 240 UDP 192.168.1.34:13021 -> 111.221.77.171:40030 [proto: 125/Skype][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] - 241 UDP 192.168.1.34:13021 -> 157.55.130.156:40019 [proto: 125/Skype][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] - 242 UDP 192.168.1.34:13021 -> 157.55.130.157:40013 [proto: 125/Skype][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] - 243 UDP 192.168.1.34:13021 -> 157.55.130.159:40016 [proto: 125/Skype][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] - 244 UDP 192.168.1.34:13021 -> 157.55.235.167:40029 [proto: 125/Skype][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] - 245 UDP 192.168.1.34:13021 -> 157.56.52.40:40017 [proto: 125/Skype][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] - 246 UDP 192.168.1.34:13021 -> 213.199.179.145:40024 [proto: 125/Skype][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] + 108 UDP 192.168.1.34:13021 -> 64.4.23.148:40029 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] + 109 UDP 192.168.1.34:13021 -> 64.4.23.171:40031 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] + 110 UDP 192.168.1.34:13021 -> 65.55.223.27:40029 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] + 111 UDP 192.168.1.34:13021 -> 111.221.74.40:40025 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] + 112 UDP 192.168.1.34:13021 -> 111.221.77.151:40029 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] + 113 UDP 192.168.1.34:13021 -> 111.221.77.173:40012 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] + 114 UDP 192.168.1.34:13021 -> 157.55.56.147:40014 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] + 115 UDP 192.168.1.34:13021 -> 157.55.130.167:40031 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] + 116 UDP 192.168.1.34:13021 -> 157.55.235.144:40032 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] + 117 UDP 192.168.1.34:13021 -> 157.56.52.15:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] + 118 UDP 192.168.1.34:13021 -> 213.199.179.141:40015 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] + 119 UDP 192.168.1.34:13021 -> 213.199.179.156:40031 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] + 120 UDP 192.168.1.34:13021 -> 64.4.23.143:40018 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] + 121 UDP 192.168.1.34:13021 -> 111.221.74.28:40026 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] + 122 UDP 192.168.1.34:13021 -> 111.221.77.170:40021 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] + 123 UDP 192.168.1.34:13021 -> 157.56.52.39:40031 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] + 124 UDP 192.168.1.34:13021 -> 157.56.52.43:40006 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] + 125 UDP 192.168.1.34:13021 -> 213.199.179.143:40018 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] + 126 UDP 192.168.1.34:13021 -> 213.199.179.154:40017 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] + 127 UDP 192.168.1.34:13021 -> 213.199.179.165:40004 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] + 128 UDP 192.168.1.34:13021 -> 65.55.223.15:40030 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 129 UDP 192.168.1.34:13021 -> 65.55.223.24:40029 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 130 UDP 192.168.1.34:13021 -> 65.55.223.32:40022 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 131 UDP 192.168.1.34:13021 -> 65.55.223.43:40006 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 132 UDP 192.168.1.34:13021 -> 111.221.74.20:40033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 133 UDP 192.168.1.34:13021 -> 111.221.77.154:40017 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 134 UDP 192.168.1.34:13021 -> 157.55.130.149:40011 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 135 UDP 192.168.1.34:13021 -> 157.55.235.168:40024 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 136 UDP 192.168.1.34:13021 -> 157.56.52.18:33033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 137 UDP 192.168.1.34:13021 -> 157.56.52.20:40033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 138 UDP 192.168.1.34:13021 -> 213.199.179.160:40030 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 139 UDP 192.168.1.34:13021 -> 64.4.23.158:40021 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] + 140 UDP 192.168.1.34:13021 -> 64.4.23.173:40017 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] + 141 UDP 192.168.1.34:13021 -> 65.55.223.42:40024 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] + 142 UDP 192.168.1.34:13021 -> 65.55.223.44:40020 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] + 143 UDP 192.168.1.34:13021 -> 111.221.74.33:40011 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] + 144 UDP 192.168.1.34:13021 -> 111.221.77.165:40004 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] + 145 UDP 192.168.1.34:13021 -> 157.55.56.140:40003 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] + 146 UDP 192.168.1.34:13021 -> 157.55.56.170:40015 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] + 147 UDP 192.168.1.34:13021 -> 157.55.130.165:40028 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] + 148 UDP 192.168.1.34:13021 -> 157.55.130.170:40018 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] + 149 UDP 192.168.1.34:13021 -> 157.55.235.146:33033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] + 150 UDP 192.168.1.34:13021 -> 157.56.52.25:40010 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] + 151 UDP 192.168.1.34:13021 -> 213.199.179.172:40011 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] + 152 UDP 192.168.1.34:13021 -> 64.4.23.165:40004 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] + 153 UDP 192.168.1.34:13021 -> 111.221.77.149:40016 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] + 154 UDP 192.168.1.34:13021 -> 157.55.235.148:40033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] + 155 UDP 192.168.1.34:13021 -> 157.56.52.13:40021 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] + 156 UDP 192.168.1.34:13021 -> 157.56.52.38:40015 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] + 157 UDP 192.168.1.34:13021 -> 157.56.52.42:40005 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] + 158 UDP 192.168.1.34:13021 -> 213.199.179.146:33033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] + 159 UDP 192.168.1.34:13021 -> 64.4.23.155:40004 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] + 160 UDP 192.168.1.34:13021 -> 65.55.223.22:40009 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] + 161 UDP 192.168.1.34:13021 -> 65.55.223.28:40014 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] + 162 UDP 192.168.1.34:13021 -> 65.55.223.33:40002 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] + 163 UDP 192.168.1.34:13021 -> 157.55.235.155:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] + 164 UDP 192.168.1.34:13021 -> 157.55.235.175:40023 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] + 165 UDP 192.168.1.34:13021 -> 64.4.23.145:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] + 166 UDP 192.168.1.34:13021 -> 111.221.74.19:40001 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] + 167 UDP 192.168.1.34:13021 -> 111.221.74.34:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] + 168 UDP 192.168.1.34:13021 -> 157.55.130.146:40033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] + 169 UDP 192.168.1.34:13021 -> 157.55.235.158:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] + 170 UDP 192.168.1.34:13021 -> 157.55.235.176:40031 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] + 171 UDP 192.168.1.34:13021 -> 213.199.179.149:40030 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] + 172 UDP 192.168.1.34:13021 -> 64.4.23.142:40023 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] + 173 UDP 192.168.1.34:13021 -> 111.221.74.24:40032 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] + 174 UDP 192.168.1.34:13021 -> 111.221.77.159:40031 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] + 175 UDP 192.168.1.34:13021 -> 157.55.56.142:40013 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] + 176 UDP 192.168.1.34:13021 -> 157.55.56.145:40008 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] + 177 UDP 192.168.1.34:13021 -> 157.55.130.140:40011 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] + 178 UDP 192.168.1.34:13021 -> 157.55.130.148:40019 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] + 179 UDP 192.168.1.34:13021 -> 157.55.130.152:40022 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] + 180 UDP 192.168.1.34:13021 -> 157.55.130.173:40003 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] + 181 UDP 192.168.1.34:13021 -> 157.55.235.174:40019 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] + 182 UDP 192.168.1.34:13021 -> 157.56.52.27:40025 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] + 183 UDP 192.168.1.34:13021 -> 213.199.179.173:40013 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] + 184 UDP 192.168.1.34:13021 -> 64.4.23.149:40030 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] + 185 UDP 192.168.1.34:13021 -> 65.55.223.13:40009 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] + 186 UDP 192.168.1.34:13021 -> 111.221.74.15:40026 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] + 187 UDP 192.168.1.34:13021 -> 157.55.56.146:40030 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] + 188 UDP 192.168.1.34:13021 -> 157.55.130.150:40007 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] + 189 UDP 192.168.1.34:13021 -> 157.55.130.171:40012 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] + 190 UDP 192.168.1.34:13021 -> 157.55.235.143:40030 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] + 191 UDP 192.168.1.34:13021 -> 157.56.52.33:40002 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] + 192 UDP 192.168.1.34:13021 -> 213.199.179.174:40025 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] + 193 UDP 192.168.1.34:13021 -> 64.4.23.154:40032 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 194 UDP 192.168.1.34:13021 -> 65.55.223.16:40032 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 195 UDP 192.168.1.34:13021 -> 65.55.223.17:40025 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 196 UDP 192.168.1.34:13021 -> 65.55.223.65:33033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 197 UDP 192.168.1.34:13021 -> 111.221.74.27:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 198 UDP 192.168.1.34:13021 -> 111.221.74.44:40019 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 199 UDP 192.168.1.34:13021 -> 111.221.77.146:33033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 200 UDP 192.168.1.34:13021 -> 111.221.77.160:40016 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 201 UDP 192.168.1.34:13021 -> 157.56.52.24:40032 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 202 UDP 192.168.1.34:13021 -> 213.199.179.140:40003 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 203 UDP 192.168.1.34:13021 -> 64.4.23.151:40029 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] + 204 UDP 192.168.1.34:13021 -> 64.4.23.176:40001 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] + 205 UDP 192.168.1.34:13021 -> 157.55.130.146:33033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] + 206 UDP 192.168.1.34:13021 -> 157.55.235.172:40020 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] + 207 UDP 192.168.1.34:13021 -> 213.199.179.144:40009 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] + 208 UDP 192.168.1.34:13021 -> 111.221.77.145:40024 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] + 209 UDP 192.168.1.34:13021 -> 157.55.56.150:40014 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] + 210 UDP 192.168.1.34:13021 -> 157.55.130.175:40006 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] + 211 UDP 192.168.1.34:13021 -> 157.55.235.160:40022 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] + 212 UDP 192.168.1.34:13021 -> 157.56.52.19:40020 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] + 213 UDP 192.168.1.34:13021 -> 213.199.179.146:40030 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] + 214 UDP 192.168.1.34:13021 -> 64.4.23.140:40003 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 215 UDP 192.168.1.34:13021 -> 65.55.223.18:33033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 216 UDP 192.168.1.34:13021 -> 65.55.223.18:40025 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 217 UDP 192.168.1.34:13021 -> 111.221.74.18:33033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 218 UDP 192.168.1.34:13021 -> 111.221.74.42:40006 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 219 UDP 192.168.1.34:13021 -> 111.221.74.43:40001 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 220 UDP 192.168.1.34:13021 -> 111.221.74.46:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 221 UDP 192.168.1.34:13021 -> 111.221.77.143:40022 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 222 UDP 192.168.1.34:13021 -> 157.55.56.161:40031 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 223 UDP 192.168.1.34:13021 -> 157.55.56.167:40024 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 224 UDP 192.168.1.34:13021 -> 157.55.130.144:40016 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 225 UDP 192.168.1.34:13021 -> 157.55.130.160:40008 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 226 UDP 192.168.1.34:13021 -> 157.55.235.166:40015 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 227 UDP 192.168.1.34:13021 -> 157.56.52.12:40031 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 228 UDP 192.168.1.34:13021 -> 157.56.52.29:40010 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 229 UDP 192.168.1.34:13021 -> 64.4.23.146:33033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] + 230 UDP 192.168.1.34:13021 -> 64.4.23.170:40011 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] + 231 UDP 192.168.1.34:13021 -> 65.55.223.20:40023 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] + 232 UDP 192.168.1.34:13021 -> 157.55.56.143:40018 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] + 233 UDP 192.168.1.34:13021 -> 157.55.130.154:40013 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] + 234 UDP 192.168.1.34:13021 -> 157.55.235.162:40033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] + 235 UDP 192.168.1.34:13021 -> 157.55.235.171:40006 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] + 236 UDP 192.168.1.34:13021 -> 157.56.52.16:40032 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] + 237 UDP 192.168.1.34:13021 -> 157.56.52.17:40013 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] + 238 UDP 192.168.1.34:13021 -> 111.221.74.13:40009 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] + 239 UDP 192.168.1.34:13021 -> 111.221.74.38:40015 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] + 240 UDP 192.168.1.34:13021 -> 111.221.77.171:40030 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] + 241 UDP 192.168.1.34:13021 -> 157.55.130.156:40019 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] + 242 UDP 192.168.1.34:13021 -> 157.55.130.157:40013 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] + 243 UDP 192.168.1.34:13021 -> 157.55.130.159:40016 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] + 244 UDP 192.168.1.34:13021 -> 157.55.235.167:40029 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] + 245 UDP 192.168.1.34:13021 -> 157.56.52.40:40017 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] + 246 UDP 192.168.1.34:13021 -> 213.199.179.145:40024 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] 247 IGMP 192.168.1.219:0 -> 224.0.0.22:0 [proto: 82/IGMP][cat: Network/14][1 pkts/60 bytes -> 0 pkts/0 bytes] 248 IGMP 192.168.1.219:0 -> 233.89.188.1:0 [proto: 82/IGMP][cat: Network/14][1 pkts/60 bytes -> 0 pkts/0 bytes] 249 IGMP 192.168.1.229:0 -> 224.0.0.251:0 [proto: 82/IGMP][cat: Network/14][1 pkts/60 bytes -> 0 pkts/0 bytes] - 250 UDP 192.168.1.34:13021 -> 111.221.74.14:443 [proto: 125/Skype][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes] - 251 UDP 192.168.1.34:13021 -> 133.236.67.25:49195 [proto: 125/Skype][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes] - 252 UDP 192.168.1.34:13021 -> 157.55.235.141:443 [proto: 125/Skype][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes] - 253 UDP 192.168.1.34:13021 -> 189.138.161.88:19521 [proto: 125/Skype][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes] - 254 UDP 192.168.1.34:13021 -> 189.188.134.174:22436 [proto: 125/Skype][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes] + 250 UDP 192.168.1.34:13021 -> 111.221.74.14:443 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes] + 251 UDP 192.168.1.34:13021 -> 133.236.67.25:49195 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes] + 252 UDP 192.168.1.34:13021 -> 157.55.235.141:443 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes] + 253 UDP 192.168.1.34:13021 -> 189.138.161.88:19521 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes] + 254 UDP 192.168.1.34:13021 -> 189.188.134.174:22436 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes] 255 IGMP 192.168.0.254:0 -> 224.0.0.1:0 [proto: 82/IGMP][cat: Network/14][1 pkts/46 bytes -> 0 pkts/0 bytes] diff --git a/tests/result/wechat.pcap.out b/tests/result/wechat.pcap.out index 92c6852e0..716e4cb6a 100644 --- a/tests/result/wechat.pcap.out +++ b/tests/result/wechat.pcap.out @@ -13,52 +13,52 @@ LLMNR 12 944 6 WeChat 1251 606425 49 GoogleDocs 15 5114 2 - 1 TCP 203.205.151.162:443 <-> 192.168.1.103:54058 [proto: 91.197/SSL.WeChat][cat: Chat/9][88 pkts/15114 bytes <-> 91 pkts/61842 bytes] - 2 TCP 192.168.1.103:54101 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: Chat/9][46 pkts/12575 bytes <-> 40 pkts/53424 bytes][client: web.wechat.com][server: web.wechat.com] - 3 TCP 192.168.1.103:54103 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: Chat/9][50 pkts/23958 bytes <-> 46 pkts/39684 bytes][client: web.wechat.com][server: web.wechat.com] - 4 TCP 192.168.1.103:54113 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: Chat/9][38 pkts/8933 bytes <-> 35 pkts/35112 bytes][client: web.wechat.com][server: web.wechat.com] - 5 TCP 192.168.1.103:54099 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: Chat/9][25 pkts/9013 bytes <-> 29 pkts/27440 bytes][client: web.wechat.com][server: web.wechat.com] - 6 TCP 192.168.1.103:54119 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: Chat/9][26 pkts/8129 bytes <-> 24 pkts/22836 bytes][client: web.wechat.com][server: web.wechat.com] - 7 TCP 192.168.1.103:58038 <-> 203.205.147.171:443 [proto: 91.197/SSL.WeChat][cat: Chat/9][34 pkts/17556 bytes <-> 25 pkts/12172 bytes][client: web.wechat.com][server: web.wechat.com] - 8 TCP 192.168.1.103:54089 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: Chat/9][21 pkts/7826 bytes <-> 20 pkts/18761 bytes][client: web.wechat.com][server: web.wechat.com] - 9 TCP 192.168.1.103:54095 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: Chat/9][21 pkts/7825 bytes <-> 18 pkts/17898 bytes][client: web.wechat.com][server: web.wechat.com] - 10 TCP 192.168.1.103:58040 <-> 203.205.147.171:443 [proto: 91.197/SSL.WeChat][cat: Chat/9][29 pkts/17545 bytes <-> 20 pkts/6923 bytes][client: web.wechat.com][server: web.wechat.com] - 11 TCP 192.168.1.103:54097 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: Chat/9][25 pkts/12063 bytes <-> 19 pkts/7932 bytes][client: web.wechat.com][server: web.wechat.com] - 12 TCP 192.168.1.103:54094 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: Chat/9][22 pkts/10193 bytes <-> 18 pkts/8262 bytes][client: web.wechat.com][server: web.wechat.com] - 13 TCP 192.168.1.103:54102 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: Chat/9][13 pkts/2317 bytes <-> 15 pkts/15724 bytes][client: web.wechat.com][server: web.wechat.com] - 14 TCP 192.168.1.103:54098 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: Chat/9][22 pkts/8507 bytes <-> 16 pkts/6575 bytes][client: web.wechat.com][server: web.wechat.com] - 15 TCP 192.168.1.103:54117 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: Chat/9][20 pkts/8397 bytes <-> 16 pkts/6566 bytes][client: web.wechat.com][server: web.wechat.com] - 16 TCP 192.168.1.103:58036 <-> 203.205.147.171:443 [proto: 91.197/SSL.WeChat][cat: Chat/9][15 pkts/6450 bytes <-> 11 pkts/5068 bytes][client: web.wechat.com][server: web.wechat.com] - 17 TCP 192.168.1.103:54092 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: Chat/9][15 pkts/6438 bytes <-> 11 pkts/5068 bytes][client: web.wechat.com][server: web.wechat.com] - 18 TCP 192.168.1.103:54100 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: Chat/9][15 pkts/4627 bytes <-> 12 pkts/5905 bytes][client: web.wechat.com][server: web.wechat.com] - 19 TCP 192.168.1.103:54111 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: Chat/9][14 pkts/4626 bytes <-> 12 pkts/5135 bytes][client: web.wechat.com][server: web.wechat.com] - 20 TCP 192.168.1.103:58042 <-> 203.205.147.171:443 [proto: 91.197/SSL.WeChat][cat: Chat/9][12 pkts/4516 bytes <-> 10 pkts/5004 bytes][client: web.wechat.com][server: web.wechat.com] + 1 TCP 203.205.151.162:443 <-> 192.168.1.103:54058 [proto: 91.197/SSL.WeChat][cat: SocialNetwork/6][88 pkts/15114 bytes <-> 91 pkts/61842 bytes] + 2 TCP 192.168.1.103:54101 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: SocialNetwork/6][46 pkts/12575 bytes <-> 40 pkts/53424 bytes][client: web.wechat.com][server: web.wechat.com] + 3 TCP 192.168.1.103:54103 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: SocialNetwork/6][50 pkts/23958 bytes <-> 46 pkts/39684 bytes][client: web.wechat.com][server: web.wechat.com] + 4 TCP 192.168.1.103:54113 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: SocialNetwork/6][38 pkts/8933 bytes <-> 35 pkts/35112 bytes][client: web.wechat.com][server: web.wechat.com] + 5 TCP 192.168.1.103:54099 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: SocialNetwork/6][25 pkts/9013 bytes <-> 29 pkts/27440 bytes][client: web.wechat.com][server: web.wechat.com] + 6 TCP 192.168.1.103:54119 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: SocialNetwork/6][26 pkts/8129 bytes <-> 24 pkts/22836 bytes][client: web.wechat.com][server: web.wechat.com] + 7 TCP 192.168.1.103:58038 <-> 203.205.147.171:443 [proto: 91.197/SSL.WeChat][cat: SocialNetwork/6][34 pkts/17556 bytes <-> 25 pkts/12172 bytes][client: web.wechat.com][server: web.wechat.com] + 8 TCP 192.168.1.103:54089 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: SocialNetwork/6][21 pkts/7826 bytes <-> 20 pkts/18761 bytes][client: web.wechat.com][server: web.wechat.com] + 9 TCP 192.168.1.103:54095 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: SocialNetwork/6][21 pkts/7825 bytes <-> 18 pkts/17898 bytes][client: web.wechat.com][server: web.wechat.com] + 10 TCP 192.168.1.103:58040 <-> 203.205.147.171:443 [proto: 91.197/SSL.WeChat][cat: SocialNetwork/6][29 pkts/17545 bytes <-> 20 pkts/6923 bytes][client: web.wechat.com][server: web.wechat.com] + 11 TCP 192.168.1.103:54097 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: SocialNetwork/6][25 pkts/12063 bytes <-> 19 pkts/7932 bytes][client: web.wechat.com][server: web.wechat.com] + 12 TCP 192.168.1.103:54094 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: SocialNetwork/6][22 pkts/10193 bytes <-> 18 pkts/8262 bytes][client: web.wechat.com][server: web.wechat.com] + 13 TCP 192.168.1.103:54102 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: SocialNetwork/6][13 pkts/2317 bytes <-> 15 pkts/15724 bytes][client: web.wechat.com][server: web.wechat.com] + 14 TCP 192.168.1.103:54098 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: SocialNetwork/6][22 pkts/8507 bytes <-> 16 pkts/6575 bytes][client: web.wechat.com][server: web.wechat.com] + 15 TCP 192.168.1.103:54117 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: SocialNetwork/6][20 pkts/8397 bytes <-> 16 pkts/6566 bytes][client: web.wechat.com][server: web.wechat.com] + 16 TCP 192.168.1.103:58036 <-> 203.205.147.171:443 [proto: 91.197/SSL.WeChat][cat: SocialNetwork/6][15 pkts/6450 bytes <-> 11 pkts/5068 bytes][client: web.wechat.com][server: web.wechat.com] + 17 TCP 192.168.1.103:54092 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: SocialNetwork/6][15 pkts/6438 bytes <-> 11 pkts/5068 bytes][client: web.wechat.com][server: web.wechat.com] + 18 TCP 192.168.1.103:54100 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: SocialNetwork/6][15 pkts/4627 bytes <-> 12 pkts/5905 bytes][client: web.wechat.com][server: web.wechat.com] + 19 TCP 192.168.1.103:54111 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: SocialNetwork/6][14 pkts/4626 bytes <-> 12 pkts/5135 bytes][client: web.wechat.com][server: web.wechat.com] + 20 TCP 192.168.1.103:58042 <-> 203.205.147.171:443 [proto: 91.197/SSL.WeChat][cat: SocialNetwork/6][12 pkts/4516 bytes <-> 10 pkts/5004 bytes][client: web.wechat.com][server: web.wechat.com] 21 TCP 192.168.1.103:43850 <-> 203.205.158.34:443 [proto: 91.48/SSL.QQ][cat: Chat/9][12 pkts/2005 bytes <-> 12 pkts/6787 bytes][client: res.wx.qq.com][server: wx.qq.com] 22 TCP 192.168.1.103:38657 <-> 172.217.22.14:443 [proto: 91.126/SSL.Google][cat: Web/5][17 pkts/2413 bytes <-> 17 pkts/6268 bytes][client: safebrowsing.googleusercontent.com][server: *.googleusercontent.com] 23 UDP 192.168.1.103:51507 <-> 172.217.23.67:443 [proto: 188.126/QUIC.Google][cat: Web/5][7 pkts/3507 bytes <-> 6 pkts/3329 bytes][Host: ssl.gstatic.com] 24 UDP 192.168.1.103:57591 <-> 216.58.198.46:443 [proto: 188.241/QUIC.GoogleDocs][cat: Media/1][6 pkts/2687 bytes <-> 7 pkts/2125 bytes][Host: docs.google.com] - 25 TCP 192.168.1.103:54120 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: Chat/9][10 pkts/1032 bytes <-> 8 pkts/3711 bytes][client: web.wechat.com][server: web.wechat.com] - 26 TCP 192.168.1.103:58041 <-> 203.205.147.171:443 [proto: 91.197/SSL.WeChat][cat: Chat/9][10 pkts/1032 bytes <-> 8 pkts/3711 bytes][client: web.wechat.com][server: web.wechat.com] - 27 TCP 192.168.1.103:54118 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: Chat/9][10 pkts/1032 bytes <-> 8 pkts/3703 bytes][client: web.wechat.com][server: web.wechat.com] - 28 TCP 192.168.1.103:54090 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: Chat/9][10 pkts/1032 bytes <-> 7 pkts/3637 bytes][client: web.wechat.com][server: web.wechat.com] - 29 TCP 192.168.1.103:54096 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: Chat/9][10 pkts/1032 bytes <-> 7 pkts/3637 bytes][client: web.wechat.com][server: web.wechat.com] - 30 TCP 192.168.1.103:54104 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: Chat/9][10 pkts/1032 bytes <-> 7 pkts/3637 bytes][client: web.wechat.com][server: web.wechat.com] - 31 TCP 192.168.1.103:54091 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: Chat/9][9 pkts/966 bytes <-> 6 pkts/3571 bytes][client: web.wechat.com][server: web.wechat.com] + 25 TCP 192.168.1.103:54120 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: SocialNetwork/6][10 pkts/1032 bytes <-> 8 pkts/3711 bytes][client: web.wechat.com][server: web.wechat.com] + 26 TCP 192.168.1.103:58041 <-> 203.205.147.171:443 [proto: 91.197/SSL.WeChat][cat: SocialNetwork/6][10 pkts/1032 bytes <-> 8 pkts/3711 bytes][client: web.wechat.com][server: web.wechat.com] + 27 TCP 192.168.1.103:54118 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: SocialNetwork/6][10 pkts/1032 bytes <-> 8 pkts/3703 bytes][client: web.wechat.com][server: web.wechat.com] + 28 TCP 192.168.1.103:54090 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: SocialNetwork/6][10 pkts/1032 bytes <-> 7 pkts/3637 bytes][client: web.wechat.com][server: web.wechat.com] + 29 TCP 192.168.1.103:54096 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: SocialNetwork/6][10 pkts/1032 bytes <-> 7 pkts/3637 bytes][client: web.wechat.com][server: web.wechat.com] + 30 TCP 192.168.1.103:54104 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: SocialNetwork/6][10 pkts/1032 bytes <-> 7 pkts/3637 bytes][client: web.wechat.com][server: web.wechat.com] + 31 TCP 192.168.1.103:54091 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: SocialNetwork/6][9 pkts/966 bytes <-> 6 pkts/3571 bytes][client: web.wechat.com][server: web.wechat.com] 32 UDP [fe80::7a92:9cff:fe0f:a88e]:5353 -> [ff02::fb]:5353 [proto: 8/MDNS][cat: Network/14][44 pkts/4488 bytes -> 0 pkts/0 bytes] 33 UDP 192.168.1.103:35601 <-> 172.217.23.67:443 [proto: 188.126/QUIC.Google][cat: Web/5][5 pkts/2035 bytes <-> 5 pkts/1937 bytes][Host: ssl.gstatic.com] 34 UDP 192.168.1.103:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network/14][44 pkts/3608 bytes -> 0 pkts/0 bytes] - 35 TCP 192.168.1.103:54183 -> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: Chat/9][2 pkts/2508 bytes -> 0 pkts/0 bytes] + 35 TCP 192.168.1.103:54183 -> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: SocialNetwork/6][2 pkts/2508 bytes -> 0 pkts/0 bytes] 36 UDP [fe80::91f9:3df3:7436:6cd6]:5353 -> [ff02::fb]:5353 [proto: 8/MDNS][cat: Network/14][14 pkts/1428 bytes -> 0 pkts/0 bytes] 37 TCP 192.168.1.103:36017 <-> 64.233.167.188:5228 [proto: 126/Google][cat: Web/5][10 pkts/660 bytes <-> 10 pkts/660 bytes] 38 UDP 192.168.1.100:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network/14][14 pkts/1148 bytes -> 0 pkts/0 bytes] - 39 TCP 192.168.1.103:58039 <-> 203.205.147.171:443 [proto: 91.197/SSL.WeChat][cat: Chat/9][13 pkts/866 bytes <-> 4 pkts/280 bytes] + 39 TCP 192.168.1.103:58039 <-> 203.205.147.171:443 [proto: 91.197/SSL.WeChat][cat: SocialNetwork/6][13 pkts/866 bytes <-> 4 pkts/280 bytes] 40 TCP 192.168.1.103:58143 -> 216.58.205.131:443 [proto: 91.126/SSL.Google][cat: Web/5][3 pkts/1078 bytes -> 0 pkts/0 bytes] - 41 TCP 203.205.151.162:443 <-> 192.168.1.103:54084 [proto: 91.197/SSL.WeChat][cat: Chat/9][3 pkts/802 bytes <-> 3 pkts/198 bytes] + 41 TCP 203.205.151.162:443 <-> 192.168.1.103:54084 [proto: 91.197/SSL.WeChat][cat: SocialNetwork/6][3 pkts/802 bytes <-> 3 pkts/198 bytes] 42 UDP 192.168.1.100:137 -> 192.168.1.255:137 [proto: 10/NetBIOS][cat: System/18][9 pkts/828 bytes -> 0 pkts/0 bytes] 43 IGMP 192.168.1.100:0 -> 224.0.0.22:0 [proto: 82/IGMP][cat: Network/14][15 pkts/810 bytes -> 0 pkts/0 bytes] 44 UDP 192.168.1.100:138 -> 192.168.1.255:138 [proto: 10/NetBIOS][cat: System/18][3 pkts/751 bytes -> 0 pkts/0 bytes] - 45 TCP 192.168.1.103:54112 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: Chat/9][5 pkts/338 bytes <-> 4 pkts/280 bytes] - 46 TCP 192.168.1.103:54114 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: Chat/9][5 pkts/338 bytes <-> 4 pkts/280 bytes] + 45 TCP 192.168.1.103:54112 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: SocialNetwork/6][5 pkts/338 bytes <-> 4 pkts/280 bytes] + 46 TCP 192.168.1.103:54114 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: SocialNetwork/6][5 pkts/338 bytes <-> 4 pkts/280 bytes] 47 UDP 192.168.1.103:19041 <-> 192.168.1.254:53 [proto: 5.48/DNS.QQ][cat: Chat/9][1 pkts/73 bytes <-> 1 pkts/537 bytes][Host: res.wx.qq.com] 48 TCP 192.168.1.103:34981 -> 95.101.34.33:80 [proto: 7/HTTP][cat: Web/5][9 pkts/594 bytes -> 0 pkts/0 bytes] 49 TCP 192.168.1.103:34996 -> 95.101.34.33:80 [proto: 7/HTTP][cat: Web/5][9 pkts/594 bytes -> 0 pkts/0 bytes] @@ -67,18 +67,18 @@ GoogleDocs 15 5114 2 52 TCP 192.168.1.103:39207 -> 95.101.34.34:80 [proto: 7/HTTP][cat: Web/5][9 pkts/594 bytes -> 0 pkts/0 bytes] 53 TCP 192.168.1.103:39231 -> 95.101.34.34:80 [proto: 7/HTTP][cat: Web/5][9 pkts/594 bytes -> 0 pkts/0 bytes] 54 TCP 192.168.1.103:53220 <-> 172.217.23.78:443 [proto: 91.126/SSL.Google][cat: Web/5][4 pkts/264 bytes <-> 4 pkts/319 bytes] - 55 TCP 192.168.1.103:54093 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: Chat/9][5 pkts/338 bytes <-> 3 pkts/214 bytes] - 56 TCP 192.168.1.103:58037 <-> 203.205.147.171:443 [proto: 91.197/SSL.WeChat][cat: Chat/9][5 pkts/338 bytes <-> 3 pkts/214 bytes] + 55 TCP 192.168.1.103:54093 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: SocialNetwork/6][5 pkts/338 bytes <-> 3 pkts/214 bytes] + 56 TCP 192.168.1.103:58037 <-> 203.205.147.171:443 [proto: 91.197/SSL.WeChat][cat: SocialNetwork/6][5 pkts/338 bytes <-> 3 pkts/214 bytes] 57 TCP 192.168.1.103:39195 -> 95.101.34.34:80 [proto: 7/HTTP][cat: Web/5][8 pkts/528 bytes -> 0 pkts/0 bytes] 58 TCP 192.168.1.103:52020 -> 95.101.180.179:80 [proto: 7/HTTP][cat: Web/5][8 pkts/528 bytes -> 0 pkts/0 bytes] 59 TCP 192.168.1.103:43851 <-> 203.205.158.34:443 [proto: 91/SSL][cat: Web/5][5 pkts/290 bytes <-> 4 pkts/234 bytes] 60 TCP 192.168.1.103:47627 <-> 216.58.205.78:443 [proto: 91.126/SSL.Google][cat: Web/5][3 pkts/198 bytes <-> 4 pkts/319 bytes] 61 TCP 192.168.1.103:40740 <-> 203.205.151.211:443 [proto: 91/SSL][cat: Web/5][4 pkts/216 bytes <-> 4 pkts/253 bytes] - 62 UDP 192.168.1.103:60356 <-> 192.168.1.254:53 [proto: 5.197/DNS.WeChat][cat: Chat/9][1 pkts/74 bytes <-> 1 pkts/391 bytes][Host: web.wechat.com] + 62 UDP 192.168.1.103:60356 <-> 192.168.1.254:53 [proto: 5.197/DNS.WeChat][cat: SocialNetwork/6][1 pkts/74 bytes <-> 1 pkts/391 bytes][Host: web.wechat.com] 63 TCP 192.168.1.103:49787 <-> 216.58.205.142:443 [proto: 91.126/SSL.Google][cat: Web/5][3 pkts/198 bytes <-> 3 pkts/198 bytes] - 64 TCP 192.168.1.103:58226 -> 203.205.147.171:443 [proto: 91.197/SSL.WeChat][cat: Chat/9][6 pkts/396 bytes -> 0 pkts/0 bytes] + 64 TCP 192.168.1.103:58226 -> 203.205.147.171:443 [proto: 91.197/SSL.WeChat][cat: SocialNetwork/6][6 pkts/396 bytes -> 0 pkts/0 bytes] 65 UDP 192.168.1.103:53734 <-> 192.168.1.254:53 [proto: 5.126/DNS.Google][cat: Web/5][1 pkts/94 bytes <-> 1 pkts/272 bytes][Host: safebrowsing.googleusercontent.com] - 66 TCP 192.168.1.103:58043 <-> 203.205.147.171:443 [proto: 91.197/SSL.WeChat][cat: Chat/9][3 pkts/206 bytes <-> 2 pkts/148 bytes] + 66 TCP 192.168.1.103:58043 <-> 203.205.147.171:443 [proto: 91.197/SSL.WeChat][cat: SocialNetwork/6][3 pkts/206 bytes <-> 2 pkts/148 bytes] 67 UDP 0.0.0.0:68 -> 255.255.255.255:67 [proto: 18/DHCP][cat: Network/14][1 pkts/342 bytes -> 0 pkts/0 bytes][Host: iphonedimonica] 68 UDP 192.168.1.103:46078 <-> 192.168.1.254:53 [proto: 5.126/DNS.Google][cat: Web/5][1 pkts/75 bytes <-> 1 pkts/234 bytes][Host: ssl.gstatic.com] 69 UDP 192.168.1.103:60562 <-> 192.168.1.254:53 [proto: 5.126/DNS.Google][cat: Web/5][1 pkts/75 bytes <-> 1 pkts/234 bytes][Host: ssl.gstatic.com] @@ -86,33 +86,33 @@ GoogleDocs 15 5114 2 71 IGMP 192.168.1.103:0 -> 224.0.0.22:0 [proto: 82/IGMP][cat: Network/14][4 pkts/216 bytes -> 0 pkts/0 bytes] 72 TCP 192.168.1.103:40741 <-> 203.205.151.211:443 [proto: 91/SSL][cat: Web/5][2 pkts/108 bytes <-> 2 pkts/108 bytes] 73 IGMP 192.168.1.254:0 -> 224.0.0.1:0 [proto: 82/IGMP][cat: Network/14][4 pkts/200 bytes -> 0 pkts/0 bytes] - 74 TCP 192.168.1.103:54085 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: Chat/9][2 pkts/132 bytes <-> 1 pkts/66 bytes] + 74 TCP 192.168.1.103:54085 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: SocialNetwork/6][2 pkts/132 bytes <-> 1 pkts/66 bytes] 75 UDP [fe80::91f9:3df3:7436:6cd6]:50440 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/180 bytes -> 0 pkts/0 bytes][Host: lbjamwptxz] 76 UDP [fe80::91f9:3df3:7436:6cd6]:49195 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/176 bytes -> 0 pkts/0 bytes][Host: cansaqcq] 77 UDP [fe80::91f9:3df3:7436:6cd6]:50577 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/176 bytes -> 0 pkts/0 bytes][Host: mcztmpkc] - 78 UDP 192.168.1.103:43705 -> 192.168.1.254:53 [proto: 5.197/DNS.WeChat][cat: Chat/9][2 pkts/172 bytes -> 0 pkts/0 bytes][Host: webpush.web.wechat.com.lan] + 78 UDP 192.168.1.103:43705 -> 192.168.1.254:53 [proto: 5.197/DNS.WeChat][cat: SocialNetwork/6][2 pkts/172 bytes -> 0 pkts/0 bytes][Host: webpush.web.wechat.com.lan] 79 UDP 192.168.1.103:42856 -> 192.168.1.254:53 [proto: 5/DNS][cat: Network/14][2 pkts/170 bytes -> 0 pkts/0 bytes][Host: 1.debian.pool.ntp.org.lan] - 80 UDP 192.168.1.103:45366 -> 192.168.1.254:53 [proto: 5.197/DNS.WeChat][cat: Chat/9][2 pkts/164 bytes -> 0 pkts/0 bytes][Host: webpush.web.wechat.com] - 81 UDP 192.168.1.103:56367 -> 192.168.1.254:53 [proto: 5.197/DNS.WeChat][cat: Chat/9][2 pkts/164 bytes -> 0 pkts/0 bytes][Host: webpush.web.wechat.com] + 80 UDP 192.168.1.103:45366 -> 192.168.1.254:53 [proto: 5.197/DNS.WeChat][cat: SocialNetwork/6][2 pkts/164 bytes -> 0 pkts/0 bytes][Host: webpush.web.wechat.com] + 81 UDP 192.168.1.103:56367 -> 192.168.1.254:53 [proto: 5.197/DNS.WeChat][cat: SocialNetwork/6][2 pkts/164 bytes -> 0 pkts/0 bytes][Host: webpush.web.wechat.com] 82 UDP 192.168.1.103:41759 -> 192.168.1.254:53 [proto: 5/DNS][cat: Network/14][2 pkts/162 bytes -> 0 pkts/0 bytes][Host: 2.debian.pool.ntp.org] 83 UDP 192.168.1.103:44063 -> 192.168.1.254:53 [proto: 5/DNS][cat: Network/14][2 pkts/162 bytes -> 0 pkts/0 bytes][Host: 1.debian.pool.ntp.org] 84 UDP 192.168.1.103:42074 -> 192.168.1.254:53 [proto: 5.126/DNS.Google][cat: Web/5][2 pkts/158 bytes -> 0 pkts/0 bytes][Host: ssl.gstatic.com.lan] 85 UDP 192.168.1.100:54124 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/140 bytes -> 0 pkts/0 bytes][Host: lbjamwptxz] 86 UDP 192.168.1.100:49832 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/136 bytes -> 0 pkts/0 bytes][Host: cansaqcq] 87 UDP 192.168.1.100:57401 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/136 bytes -> 0 pkts/0 bytes][Host: mcztmpkc] - 88 TCP 192.168.1.103:54106 -> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: Chat/9][2 pkts/132 bytes -> 0 pkts/0 bytes] - 89 TCP 192.168.1.103:54109 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: Chat/9][1 pkts/66 bytes <-> 1 pkts/66 bytes] - 90 TCP 192.168.1.103:54110 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: Chat/9][1 pkts/66 bytes <-> 1 pkts/66 bytes] + 88 TCP 192.168.1.103:54106 -> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: SocialNetwork/6][2 pkts/132 bytes -> 0 pkts/0 bytes] + 89 TCP 192.168.1.103:54109 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: SocialNetwork/6][1 pkts/66 bytes <-> 1 pkts/66 bytes] + 90 TCP 192.168.1.103:54110 <-> 203.205.151.162:443 [proto: 91.197/SSL.WeChat][cat: SocialNetwork/6][1 pkts/66 bytes <-> 1 pkts/66 bytes] 91 TCP 192.168.1.103:54205 -> 64.233.167.188:443 [proto: 91.126/SSL.Google][cat: Web/5][2 pkts/132 bytes -> 0 pkts/0 bytes] 92 ICMPV6 [fe80::842:a3f3:a286:6c5b]:0 -> [ff02::2]:0 [proto: 102/ICMPV6][cat: Network/14][2 pkts/132 bytes -> 0 pkts/0 bytes] 93 0 [fe80::842:a3f3:a286:6c5b]:0 -> [ff02::16]:0 [proto: 102/ICMPV6][cat: Network/14][1 pkts/110 bytes -> 0 pkts/0 bytes] 94 UDP 192.168.1.103:37578 -> 193.204.114.233:123 [proto: 9/NTP][cat: System/18][1 pkts/90 bytes -> 0 pkts/0 bytes] - 95 UDP 192.168.1.103:44346 -> 192.168.1.254:53 [proto: 5.197/DNS.WeChat][cat: Chat/9][1 pkts/86 bytes -> 0 pkts/0 bytes][Host: webpush.web.wechat.com.lan] - 96 UDP 192.168.1.103:53515 -> 192.168.1.254:53 [proto: 5.197/DNS.WeChat][cat: Chat/9][1 pkts/86 bytes -> 0 pkts/0 bytes][Host: webpush.web.wechat.com.lan] + 95 UDP 192.168.1.103:44346 -> 192.168.1.254:53 [proto: 5.197/DNS.WeChat][cat: SocialNetwork/6][1 pkts/86 bytes -> 0 pkts/0 bytes][Host: webpush.web.wechat.com.lan] + 96 UDP 192.168.1.103:53515 -> 192.168.1.254:53 [proto: 5.197/DNS.WeChat][cat: SocialNetwork/6][1 pkts/86 bytes -> 0 pkts/0 bytes][Host: webpush.web.wechat.com.lan] 97 ICMPV6 [::]:0 -> [ff02::1:ff86:6c5b]:0 [proto: 102/ICMPV6][cat: Network/14][1 pkts/86 bytes -> 0 pkts/0 bytes] - 98 UDP 192.168.1.103:33915 -> 192.168.1.254:53 [proto: 5.197/DNS.WeChat][cat: Chat/9][1 pkts/82 bytes -> 0 pkts/0 bytes][Host: webpush.web.wechat.com] - 99 UDP 192.168.1.103:43317 -> 192.168.1.254:53 [proto: 5.197/DNS.WeChat][cat: Chat/9][1 pkts/82 bytes -> 0 pkts/0 bytes][Host: webpush.web.wechat.com] - 100 UDP 192.168.1.103:58165 -> 192.168.1.254:53 [proto: 5.197/DNS.WeChat][cat: Chat/9][1 pkts/82 bytes -> 0 pkts/0 bytes][Host: webpush.web.wechat.com] + 98 UDP 192.168.1.103:33915 -> 192.168.1.254:53 [proto: 5.197/DNS.WeChat][cat: SocialNetwork/6][1 pkts/82 bytes -> 0 pkts/0 bytes][Host: webpush.web.wechat.com] + 99 UDP 192.168.1.103:43317 -> 192.168.1.254:53 [proto: 5.197/DNS.WeChat][cat: SocialNetwork/6][1 pkts/82 bytes -> 0 pkts/0 bytes][Host: webpush.web.wechat.com] + 100 UDP 192.168.1.103:58165 -> 192.168.1.254:53 [proto: 5.197/DNS.WeChat][cat: SocialNetwork/6][1 pkts/82 bytes -> 0 pkts/0 bytes][Host: webpush.web.wechat.com] 101 UDP 192.168.1.103:59567 -> 192.168.1.254:53 [proto: 5.126/DNS.Google][cat: Web/5][1 pkts/79 bytes -> 0 pkts/0 bytes][Host: ssl.gstatic.com.lan] 102 UDP 192.168.1.103:42589 -> 192.168.1.254:53 [proto: 5.126/DNS.Google][cat: Web/5][1 pkts/75 bytes -> 0 pkts/0 bytes][Host: ssl.gstatic.com] 103 IGMP 192.168.1.108:0 -> 224.0.0.22:0 [proto: 82/IGMP][cat: Network/14][1 pkts/54 bytes -> 0 pkts/0 bytes] -- cgit v1.2.3 From 669fdf6b5f3657c638ffa8df6ff1baebf5b311b1 Mon Sep 17 00:00:00 2001 From: Luca Deri Date: Wed, 21 Nov 2018 00:32:32 +0100 Subject: Improved skype, teredo, netbios heuristics Changed ndpi_detection_giveup() API: guess is now part of the call --- example/ndpiReader.c | 51 +----- example/ndpi_util.c | 7 +- src/include/ndpi_api.h | 4 +- src/lib/ndpi_main.c | 77 ++++++-- src/lib/protocols/netbios.c | 5 +- src/lib/protocols/skype.c | 2 +- src/lib/protocols/teredo.c | 2 +- tests/do.sh | 5 +- tests/result/pps.pcap.out | 193 ++++++++++---------- tests/result/skype.pcap.out | 310 ++++++++++++++++---------------- tests/result/skype_no_unknown.pcap.out | 316 ++++++++++++++++----------------- tests/result/viber.pcap.out | 42 +++-- tests/result/waze.pcap.out | 27 ++- 13 files changed, 531 insertions(+), 510 deletions(-) (limited to 'tests') diff --git a/example/ndpiReader.c b/example/ndpiReader.c index cb3238a88..78d95a76d 100644 --- a/example/ndpiReader.c +++ b/example/ndpiReader.c @@ -81,7 +81,8 @@ static json_object *jArray_topStats; static u_int8_t live_capture = 0; static u_int8_t undetected_flows_deleted = 0; /** User preferences **/ -static u_int8_t enable_protocol_guess = 1, verbose = 0, json_flag = 0; +u_int8_t enable_protocol_guess = 1; +static u_int8_t verbose = 0, json_flag = 0; int nDPI_LogLevel = 0; char *_debug_protocols = NULL; static u_int8_t stats_flag = 0, bpf_filter_flag = 0; @@ -97,7 +98,7 @@ static struct timeval begin, end; #ifdef linux static int core_affinity[MAX_NUM_READER_THREADS]; #endif -static struct timeval pcap_start, pcap_end; +static struct timeval pcap_start = { 0, 0}, pcap_end = { 0, 0 }; /** Detection parameters **/ static time_t capture_for = 0; static time_t capture_until = 0; @@ -905,27 +906,6 @@ static void node_print_known_proto_walker(const void *node, /* ********************************** */ -/** - * @brief Guess Undetected Protocol - */ -static u_int16_t node_guess_undetected_protocol(u_int16_t thread_id, struct ndpi_flow_info *flow) { - - flow->detected_protocol = ndpi_guess_undetected_protocol(ndpi_thread_info[thread_id].workflow->ndpi_struct, - NULL, - flow->protocol, - ntohl(flow->src_ip), - ntohs(flow->src_port), - ntohl(flow->dst_ip), - ntohs(flow->dst_port)); - // printf("Guess state: %u\n", flow->detected_protocol); - if(flow->detected_protocol.app_protocol != NDPI_PROTOCOL_UNKNOWN) - ndpi_thread_info[thread_id].workflow->stats.guessed_flow_protocols++; - - return(flow->detected_protocol.app_protocol); -} - -/* ********************************** */ - /** * @brief Proto Guess Walker */ @@ -935,13 +915,7 @@ static void node_proto_guess_walker(const void *node, ndpi_VISIT which, int dept if((which == ndpi_preorder) || (which == ndpi_leaf)) { /* Avoid walking the same node multiple times */ if((!flow->detection_completed) && flow->ndpi_flow) - flow->detected_protocol = ndpi_detection_giveup(ndpi_thread_info[0].workflow->ndpi_struct, flow->ndpi_flow); - - if(enable_protocol_guess) { - if(flow->detected_protocol.app_protocol == NDPI_PROTOCOL_UNKNOWN) { - node_guess_undetected_protocol(thread_id, flow); - } - } + flow->detected_protocol = ndpi_detection_giveup(ndpi_thread_info[0].workflow->ndpi_struct, flow->ndpi_flow, enable_protocol_guess); process_ndpi_collected_info(ndpi_thread_info[thread_id].workflow, flow); @@ -1416,23 +1390,12 @@ static void node_idle_scan_walker(const void *node, ndpi_VISIT which, int depth, /** - * @brief On Protocol Discover - call node_guess_undetected_protocol() for protocol + * @brief On Protocol Discover - demo callback */ static void on_protocol_discovered(struct ndpi_workflow * workflow, struct ndpi_flow_info * flow, void * udata) { - const u_int16_t thread_id = (uintptr_t) udata; - - if(verbose > 1) { - if(enable_protocol_guess) { - if(flow->detected_protocol.app_protocol == NDPI_PROTOCOL_UNKNOWN) { - flow->detected_protocol.app_protocol = node_guess_undetected_protocol(thread_id, flow), - flow->detected_protocol.master_protocol = NDPI_PROTOCOL_UNKNOWN; - } - } - - // printFlow(thread_id, flow); - } + ; } #if 0 @@ -2026,8 +1989,10 @@ static void printResults(u_int64_t tot_usec) { float t = (float)(cumulative_stats.ip_packet_count*1000000)/(float)tot_usec; float b = (float)(cumulative_stats.total_wire_bytes * 8 *1000000)/(float)tot_usec; float traffic_duration; + if(live_capture) traffic_duration = tot_usec; else traffic_duration = (pcap_end.tv_sec*1000000 + pcap_end.tv_usec) - (pcap_start.tv_sec*1000000 + pcap_start.tv_usec); + printf("\tnDPI throughput: %s pps / %s/sec\n", formatPackets(t, buf), formatTraffic(b, 1, buf1)); t = (float)(cumulative_stats.ip_packet_count*1000000)/(float)traffic_duration; b = (float)(cumulative_stats.total_wire_bytes * 8 *1000000)/(float)traffic_duration; diff --git a/example/ndpi_util.c b/example/ndpi_util.c index 1a0d45914..58dc896b1 100644 --- a/example/ndpi_util.c +++ b/example/ndpi_util.c @@ -74,6 +74,8 @@ #include "ndpi_main.h" #include "ndpi_util.h" +extern u_int8_t enable_protocol_guess; + /* ***************************************************** */ void ndpi_free_flow_info_half(struct ndpi_flow_info *flow) { @@ -677,8 +679,9 @@ static struct ndpi_proto packet_processing(struct ndpi_workflow * workflow, flow->check_extra_packets = 1; if(flow->detected_protocol.app_protocol == NDPI_PROTOCOL_UNKNOWN) - flow->detected_protocol = ndpi_detection_giveup(workflow->ndpi_struct, - flow->ndpi_flow); + flow->detected_protocol = ndpi_detection_giveup(workflow->ndpi_struct, flow->ndpi_flow, + enable_protocol_guess); + process_ndpi_collected_info(workflow, flow); } diff --git a/src/include/ndpi_api.h b/src/include/ndpi_api.h index c7ed7cd17..5bee25f5b 100644 --- a/src/include/ndpi_api.h +++ b/src/include/ndpi_api.h @@ -213,11 +213,13 @@ extern "C" { * * @par ndpi_struct = the detection module * @par flow = the flow given for the detection module + * @par enable_guess = guess protocol if unknown * @return the detected protocol even if the flow is not completed; * */ ndpi_protocol ndpi_detection_giveup(struct ndpi_detection_module_struct *ndpi_struct, - struct ndpi_flow_struct *flow); + struct ndpi_flow_struct *flow, + u_int8_t enable_guess); /** * Processes an extra packet in order to get more information for a given protocol diff --git a/src/lib/ndpi_main.c b/src/lib/ndpi_main.c index fcfaec713..c7d9e237e 100644 --- a/src/lib/ndpi_main.c +++ b/src/lib/ndpi_main.c @@ -2526,6 +2526,25 @@ static ndpi_default_ports_tree_node_t* ndpi_get_guessed_protocol_id(struct ndpi_ /* ****************************************************** */ +/* + These are UDP protocols that must fit a single packet + and thus that if have NOT been detected they cannot be guessed + as they have been excluded + */ +u_int8_t is_udp_guessable_protocol(u_int16_t l7_guessed_proto) { + switch(l7_guessed_proto) { + case NDPI_PROTOCOL_QUIC: + case NDPI_PROTOCOL_SNMP: + case NDPI_PROTOCOL_NETFLOW: + /* TODO: add more protocols (if any missing) */ + return(1); + } + + return(0); +} + +/* ****************************************************** */ + u_int16_t ndpi_guess_protocol_id(struct ndpi_detection_module_struct *ndpi_struct, struct ndpi_flow_struct *flow, u_int8_t proto, u_int16_t sport, u_int16_t dport, @@ -2541,7 +2560,9 @@ u_int16_t ndpi_guess_protocol_id(struct ndpi_detection_module_struct *ndpi_struc /* We need to check if the guessed protocol isn't excluded by nDPI */ if(flow && (proto == IPPROTO_UDP) - && (NDPI_COMPARE_PROTOCOL_TO_BITMASK(flow->excluded_protocol_bitmask, guessed_proto))) + && NDPI_COMPARE_PROTOCOL_TO_BITMASK(flow->excluded_protocol_bitmask, guessed_proto) + && is_udp_guessable_protocol(guessed_proto) + ) return(NDPI_PROTOCOL_UNKNOWN); else { *user_defined_proto = found->customUserProto; @@ -3397,7 +3418,7 @@ static int ndpi_handle_ipv6_extension_headers(struct ndpi_detection_module_struc } return 0; } -#endif /* NDPI_DETECTION_SUPPORT_IPV6 */ +#endif /* NDPI_DETECTION_SUPPORT_IPV6 */ static u_int8_t ndpi_iph_is_valid_and_not_fragmented(const struct ndpi_iphdr *iph, const u_int16_t ipsize) @@ -3605,13 +3626,18 @@ static int ndpi_init_packet_header(struct ndpi_detection_module_struct *ndpi_str && flow->init_finished != 0 && flow->detected_protocol_stack[0] == NDPI_PROTOCOL_UNKNOWN) { u_int8_t backup; + u_int16_t backup1, backup2; if(flow->http.url) ndpi_free(flow->http.url); if(flow->http.content_type) ndpi_free(flow->http.content_type); - backup = flow->num_processed_pkts; + backup = flow->num_processed_pkts; + backup1 = flow->guessed_protocol_id; + backup2 = flow->guessed_host_protocol_id; memset(flow, 0, sizeof(*(flow))); flow->num_processed_pkts = backup; + flow->guessed_protocol_id = backup1; + flow->guessed_host_protocol_id = backup2; NDPI_LOG_DBG(ndpi_struct, "tcp syn packet for unknown protocol, reset detection state\n"); @@ -3785,9 +3811,8 @@ void check_ndpi_other_flow_func(struct ndpi_detection_module_struct *ndpi_struct ndpi_struct->callback_buffer_non_tcp_udp[a].ndpi_selection_bitmask && (flow == NULL || - NDPI_BITMASK_COMPARE - (flow->excluded_protocol_bitmask, - ndpi_struct->callback_buffer_non_tcp_udp[a].excluded_protocol_bitmask) == 0) + NDPI_BITMASK_COMPARE(flow->excluded_protocol_bitmask, + ndpi_struct->callback_buffer_non_tcp_udp[a].excluded_protocol_bitmask) == 0) && NDPI_BITMASK_COMPARE(ndpi_struct->callback_buffer_non_tcp_udp[a].detection_bitmask, detection_bitmask) != 0) { @@ -3905,8 +3930,7 @@ void check_ndpi_tcp_flow_func(struct ndpi_detection_module_struct *ndpi_struct, && (ndpi_struct->callback_buffer_tcp_no_payload[a].ndpi_selection_bitmask & *ndpi_selection_packet) == ndpi_struct->callback_buffer_tcp_no_payload[a].ndpi_selection_bitmask && NDPI_BITMASK_COMPARE(flow->excluded_protocol_bitmask, - ndpi_struct-> - callback_buffer_tcp_no_payload[a].excluded_protocol_bitmask) == 0 + ndpi_struct->callback_buffer_tcp_no_payload[a].excluded_protocol_bitmask) == 0 && NDPI_BITMASK_COMPARE(ndpi_struct->callback_buffer_tcp_no_payload[a].detection_bitmask, detection_bitmask) != 0) { ndpi_struct->callback_buffer_tcp_no_payload[a].func(ndpi_struct, flow); @@ -3951,7 +3975,7 @@ static u_int16_t ndpi_guess_host_protocol_id(struct ndpi_detection_module_struct /* ********************************************************************************* */ ndpi_protocol ndpi_detection_giveup(struct ndpi_detection_module_struct *ndpi_struct, - struct ndpi_flow_struct *flow) { + struct ndpi_flow_struct *flow, u_int8_t enable_guess) { ndpi_protocol ret = { NDPI_PROTOCOL_UNKNOWN, NDPI_PROTOCOL_UNKNOWN, NDPI_PROTOCOL_CATEGORY_UNSPECIFIED }; if(flow == NULL) return(ret); @@ -3973,13 +3997,18 @@ ndpi_protocol ndpi_detection_giveup(struct ndpi_detection_module_struct *ndpi_st guessed_protocol_id = flow->guessed_protocol_id, guessed_host_protocol_id = flow->guessed_host_protocol_id; if((guessed_host_protocol_id != NDPI_PROTOCOL_UNKNOWN) - && ((flow->packet.l4_protocol == IPPROTO_UDP) && NDPI_ISSET(&flow->excluded_protocol_bitmask, guessed_host_protocol_id))) + && ((flow->packet.l4_protocol == IPPROTO_UDP) + && NDPI_ISSET(&flow->excluded_protocol_bitmask, guessed_host_protocol_id) + && is_udp_guessable_protocol(guessed_host_protocol_id) + )) flow->guessed_host_protocol_id = guessed_host_protocol_id = NDPI_PROTOCOL_UNKNOWN; /* Ignore guessed protocol if they have been discarded */ if((guessed_protocol_id != NDPI_PROTOCOL_UNKNOWN) // && (guessed_host_protocol_id == NDPI_PROTOCOL_UNKNOWN) - && (flow->packet.l4_protocol == IPPROTO_UDP) && NDPI_ISSET(&flow->excluded_protocol_bitmask, guessed_protocol_id)) + && (flow->packet.l4_protocol == IPPROTO_UDP) + && NDPI_ISSET(&flow->excluded_protocol_bitmask, guessed_protocol_id) + && is_udp_guessable_protocol(guessed_protocol_id)) flow->guessed_protocol_id = guessed_protocol_id = NDPI_PROTOCOL_UNKNOWN; if((guessed_protocol_id != NDPI_PROTOCOL_UNKNOWN) @@ -4026,6 +4055,20 @@ ndpi_protocol ndpi_detection_giveup(struct ndpi_detection_module_struct *ndpi_st ret.app_protocol = NDPI_PROTOCOL_HANGOUT; } + if(enable_guess + && (ret.app_protocol == NDPI_PROTOCOL_UNKNOWN) + && flow->packet.iph /* Guess only IPv4 */ + && (flow->packet.tcp || flow->packet.udp) + ) + ret = ndpi_guess_undetected_protocol(ndpi_struct, + flow, + flow->packet.l4_protocol, + ntohl(flow->packet.iph->saddr), + ntohs(flow->packet.udp ? flow->packet.udp->source : flow->packet.tcp->source), + ntohl(flow->packet.iph->daddr), + ntohs(flow->packet.udp ? flow->packet.udp->dest : flow->packet.tcp->dest) + ); + ndpi_fill_protocol_category(ndpi_struct, flow, &ret); return(ret); @@ -4421,7 +4464,7 @@ ndpi_protocol ndpi_detection_process_packet(struct ndpi_detection_module_struct if(flow->packet.iph) { if(flow->guessed_host_protocol_id != NDPI_PROTOCOL_UNKNOWN) { /* ret.master_protocol = flow->guessed_protocol_id , ret.app_protocol = flow->guessed_host_protocol_id; /\* ****** *\/ */ - ret = ndpi_detection_giveup(ndpi_struct, flow); + ret = ndpi_detection_giveup(ndpi_struct, flow, 0); } ndpi_fill_protocol_category(ndpi_struct, flow, &ret); @@ -4499,7 +4542,7 @@ ndpi_protocol ndpi_detection_process_packet(struct ndpi_detection_module_struct We don't see how future packets can match anything hence we giveup here */ - ret = ndpi_detection_giveup(ndpi_struct, flow); + ret = ndpi_detection_giveup(ndpi_struct, flow, 0); } return(ret); @@ -5382,7 +5425,9 @@ ndpi_protocol ndpi_guess_undetected_protocol(struct ndpi_detection_module_struct rc = ndpi_search_tcp_or_udp_raw(ndpi_struct, NULL, proto, shost, dhost, sport, dport); if(rc != NDPI_PROTOCOL_UNKNOWN) { - if(flow && (proto == IPPROTO_UDP) && NDPI_COMPARE_PROTOCOL_TO_BITMASK(flow->excluded_protocol_bitmask, rc)) + if(flow && (proto == IPPROTO_UDP) + && NDPI_COMPARE_PROTOCOL_TO_BITMASK(flow->excluded_protocol_bitmask, rc) + && is_udp_guessable_protocol(rc)) ; else { ret.app_protocol = rc, @@ -5399,7 +5444,9 @@ ndpi_protocol ndpi_guess_undetected_protocol(struct ndpi_detection_module_struct rc = ndpi_guess_protocol_id(ndpi_struct, NULL, proto, sport, dport, &user_defined_proto); if(rc != NDPI_PROTOCOL_UNKNOWN) { - if(flow && (proto == IPPROTO_UDP) && NDPI_COMPARE_PROTOCOL_TO_BITMASK(flow->excluded_protocol_bitmask, rc)) + if(flow && (proto == IPPROTO_UDP) + && NDPI_COMPARE_PROTOCOL_TO_BITMASK(flow->excluded_protocol_bitmask, rc) + && is_udp_guessable_protocol(rc)) ; else { ret.app_protocol = rc; diff --git a/src/lib/protocols/netbios.c b/src/lib/protocols/netbios.c index 4c5897c14..925b864ad 100644 --- a/src/lib/protocols/netbios.c +++ b/src/lib/protocols/netbios.c @@ -330,9 +330,8 @@ void ndpi_search_netbios(struct ndpi_detection_module_struct *ndpi_struct, struc NDPI_LOG_DBG2(ndpi_struct, "found netbios port 138 and payload length >= 112 \n"); - if(packet->payload[0] >= 0x11 && packet->payload[0] <= 0x16) { - - NDPI_LOG_DBG2(ndpi_struct, "found netbios with MSG-type 0x11,0x12,0x13,0x14,0x15 or 0x16\n"); + if(packet->payload[0] >= 0x10 && packet->payload[0] <= 0x16) { + NDPI_LOG_DBG2(ndpi_struct, "found netbios with MSG-type 0x10,0x11,0x12,0x13,0x14,0x15 or 0x16\n"); if(ntohl(get_u_int32_t(packet->payload, 4)) == ntohl(packet->iph->saddr)) { NDPI_LOG_INFO(ndpi_struct, "found netbios with checked ip-address\n"); diff --git a/src/lib/protocols/skype.c b/src/lib/protocols/skype.c index 8a4eafca4..faeac17c5 100644 --- a/src/lib/protocols/skype.c +++ b/src/lib/protocols/skype.c @@ -66,7 +66,7 @@ static void ndpi_check_skype(struct ndpi_detection_module_struct *ndpi_struct, s } } - return; + // return; } NDPI_EXCLUDE_PROTO(ndpi_struct, flow); diff --git a/src/lib/protocols/teredo.c b/src/lib/protocols/teredo.c index 732b1d6c9..e377d09a4 100644 --- a/src/lib/protocols/teredo.c +++ b/src/lib/protocols/teredo.c @@ -32,7 +32,7 @@ void ndpi_search_teredo(struct ndpi_detection_module_struct *ndpi_struct, struct NDPI_LOG_DBG(ndpi_struct,"search teredo\n"); if(packet->udp && packet->iph - && ((ntohl(packet->iph->daddr) & 0xF0000000) == 0xE0000000 /* A multicast address */) + && ((ntohl(packet->iph->daddr) & 0xF0000000) != 0xE0000000 /* Not a multicast address */) && ((ntohs(packet->udp->source) == 3544) || (ntohs(packet->udp->dest) == 3544)) && (packet->payload_packet_len >= 40 /* IPv6 header */)) { NDPI_LOG_INFO(ndpi_struct,"found teredo\n"); diff --git a/tests/do.sh b/tests/do.sh index 7516e5997..a17878fb5 100755 --- a/tests/do.sh +++ b/tests/do.sh @@ -7,7 +7,10 @@ build_results() { for f in $PCAPS; do #echo $f # create result files if not present - [ ! -f result/$f.out ] && $READER -q -i pcap/$f -w result/$f.out -v 1 + if [ ! -f result/$f.out ]; then + CMD="$READER -q -i pcap/$f -w result/$f.out -v 1" + $CMD + fi done } diff --git a/tests/result/pps.pcap.out b/tests/result/pps.pcap.out index 778aa1197..baad4b4e6 100644 --- a/tests/result/pps.pcap.out +++ b/tests/result/pps.pcap.out @@ -1,9 +1,10 @@ -Unknown 990 378832 34 +Unknown 985 375351 33 HTTP 47 42014 11 SSDP 63 17143 10 HTTP_Download 26 27222 2 Google 2 1093 1 GenericProtocol 1429 1780307 49 +QUIC 5 3481 1 1 TCP 192.168.115.8:50780 <-> 223.26.106.20:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/303 bytes <-> 541 pkts/710082 bytes][Host: preimage1.qiyipic.com] 2 TCP 192.168.115.8:50778 <-> 223.26.106.20:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/303 bytes <-> 528 pkts/692658 bytes][Host: preimage1.qiyipic.com] @@ -12,72 +13,73 @@ GenericProtocol 1429 1780307 49 5 TCP 192.168.115.8:50486 <-> 77.234.40.96:80 [proto: 7.60/HTTP.HTTP_Download][cat: Download-FileTransfer-FileSharing/7][11 pkts/11023 bytes <-> 12 pkts/14869 bytes][Host: bcu.ff.avast.com] 6 UDP 192.168.5.38:1900 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][18 pkts/9327 bytes -> 0 pkts/0 bytes] 7 TCP 192.168.115.8:50476 <-> 101.227.32.39:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/656 bytes <-> 4 pkts/3897 bytes][Host: cache.video.iqiyi.com] - 8 TCP 192.168.115.8:50495 <-> 202.108.14.236:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][3 pkts/2844 bytes <-> 3 pkts/597 bytes][Host: msg.71.am] - 9 TCP 77.234.41.35:80 <-> 192.168.115.8:49174 [proto: 7/HTTP][cat: Web/5][4 pkts/2953 bytes <-> 1 pkts/356 bytes] - 10 TCP 192.168.115.8:50767 <-> 223.26.106.20:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][4 pkts/800 bytes <-> 4 pkts/2112 bytes][Host: static.qiyi.com] - 11 TCP 192.168.115.8:50488 <-> 223.26.106.20:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/311 bytes <-> 2 pkts/2035 bytes][Host: meta.video.qiyi.com] - 12 TCP 192.168.115.8:50471 <-> 202.108.14.236:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][2 pkts/1898 bytes <-> 2 pkts/398 bytes][Host: msg.71.am] - 13 TCP 192.168.115.8:50501 <-> 202.108.14.236:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][2 pkts/1893 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] - 14 TCP 192.168.115.8:50463 <-> 101.227.200.11:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][2 pkts/1555 bytes <-> 1 pkts/306 bytes][Host: api.cupid.iqiyi.com] - 15 TCP 192.168.115.8:50496 <-> 101.227.200.11:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][2 pkts/1555 bytes <-> 1 pkts/306 bytes][Host: api.cupid.iqiyi.com] - 16 TCP 192.168.115.8:50779 <-> 111.206.22.77:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][2 pkts/1438 bytes <-> 1 pkts/194 bytes][Host: msg.iqiyi.com] - 17 UDP 192.168.5.38:58897 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][9 pkts/1575 bytes -> 0 pkts/0 bytes] - 18 UDP 192.168.115.1:50945 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][9 pkts/1539 bytes -> 0 pkts/0 bytes] - 19 TCP 192.168.115.8:50464 <-> 123.125.112.49:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/707 bytes <-> 1 pkts/744 bytes][Host: click.hm.baidu.com] - 20 TCP 192.168.115.8:50492 <-> 111.206.13.3:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/389 bytes <-> 2 pkts/1034 bytes][Host: pdata.video.qiyi.com] - 21 TCP 192.168.115.8:50777 <-> 111.206.22.77:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/1186 bytes <-> 1 pkts/194 bytes][Host: msg.iqiyi.com] - 22 TCP 192.168.115.8:50494 <-> 223.26.106.66:80 [proto: 7.60/HTTP.HTTP_Download][cat: Download-FileTransfer-FileSharing/7][2 pkts/887 bytes <-> 1 pkts/443 bytes][Host: 223.26.106.66] - 23 TCP 192.168.115.8:50497 <-> 123.125.112.49:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/1004 bytes <-> 2 pkts/301 bytes][Host: click.hm.baidu.com] - 24 TCP 192.168.115.8:50499 <-> 111.206.22.76:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/1097 bytes <-> 1 pkts/199 bytes][Host: msg.iqiyi.com] - 25 TCP 192.168.115.8:50474 <-> 202.108.14.221:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/1100 bytes <-> 1 pkts/194 bytes][Host: msg.iqiyi.com] - 26 TCP 192.168.115.8:50507 <-> 223.26.106.19:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/212 bytes <-> 1 pkts/1063 bytes][Host: static.qiyi.com] - 27 TCP 192.168.115.8:50485 <-> 202.108.14.236:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/947 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] - 28 TCP 192.168.115.8:50502 <-> 202.108.14.236:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/947 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] - 29 TCP 192.168.115.8:50493 <-> 202.108.14.236:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/946 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] - 30 TCP 192.168.115.8:50771 <-> 202.108.14.236:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/946 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] - 31 TCP 192.168.115.8:50473 <-> 202.108.14.219:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/944 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] - 32 TCP 192.168.115.8:50475 <-> 202.108.14.236:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/941 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] - 33 TCP 192.168.115.8:50500 <-> 23.41.133.163:80 [proto: 7/HTTP][cat: Web/5][1 pkts/289 bytes <-> 1 pkts/839 bytes][Host: s1.symcb.com] - 34 TCP 192.168.115.8:50773 <-> 202.108.14.221:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/919 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] - 35 TCP 192.168.115.8:50466 <-> 203.66.182.24:80 [proto: 7.126/HTTP.Google][cat: Web/5][1 pkts/280 bytes <-> 1 pkts/813 bytes][Host: clients1.google.com] - 36 UDP 192.168.5.50:52529 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][6 pkts/1074 bytes -> 0 pkts/0 bytes] - 37 UDP 192.168.5.28:60023 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][6 pkts/1050 bytes -> 0 pkts/0 bytes] - 38 UDP 192.168.5.57:59648 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][6 pkts/1050 bytes -> 0 pkts/0 bytes] - 39 TCP 192.168.115.8:50504 -> 202.108.14.236:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/946 bytes -> 0 pkts/0 bytes][Host: msg.71.am] - 40 TCP 192.168.115.8:50769 <-> 101.227.200.11:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/604 bytes <-> 1 pkts/291 bytes][Host: api.cupid.iqiyi.com] - 41 TCP 192.168.115.8:50498 <-> 36.110.220.15:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/694 bytes <-> 1 pkts/199 bytes][Host: msg.video.qiyi.com] - 42 TCP 192.168.115.8:50503 <-> 202.108.14.219:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/683 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] - 43 UDP 192.168.5.41:50374 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][5 pkts/875 bytes -> 0 pkts/0 bytes] - 44 TCP 192.168.115.8:50490 <-> 119.188.13.188:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/357 bytes <-> 1 pkts/479 bytes][Host: pdata.video.qiyi.com] - 45 TCP 192.168.115.8:50467 <-> 202.108.14.219:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/629 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] - 46 TCP 192.168.115.8:50484 <-> 202.108.14.219:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/622 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] - 47 TCP 192.168.115.8:50477 <-> 202.108.14.219:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/614 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] - 48 TCP 192.168.115.8:50774 <-> 202.108.14.219:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/587 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] - 49 TCP 192.168.115.8:50469 <-> 202.108.14.219:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/573 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] - 50 TCP 192.168.115.8:50482 <-> 140.205.243.64:80 [proto: 7/HTTP][cat: Web/5][1 pkts/444 bytes <-> 1 pkts/283 bytes][Host: cmc.tanx.com] - 51 TCP 192.168.115.8:50768 <-> 223.26.106.19:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/198 bytes <-> 1 pkts/526 bytes][Host: static.qiyi.com] - 52 TCP 192.168.5.15:65128 <-> 68.233.253.133:80 [proto: 7/HTTP][cat: Web/5][1 pkts/331 bytes <-> 1 pkts/390 bytes][Host: api.magicansoft.com] - 53 TCP 192.168.115.8:50509 <-> 106.38.219.107:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/163 bytes <-> 2 pkts/557 bytes][Host: iplocation.geo.qiyi.com] - 54 TCP 192.168.5.15:65127 <-> 68.233.253.133:80 [proto: 7/HTTP][cat: Web/5][1 pkts/323 bytes <-> 1 pkts/390 bytes][Host: api.magicansoft.com] - 55 TCP 192.168.115.8:50766 <-> 223.26.106.20:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/198 bytes <-> 1 pkts/493 bytes][Host: static.qiyi.com] - 56 TCP 192.168.115.8:50487 -> 202.108.14.219:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/683 bytes -> 0 pkts/0 bytes][Host: msg.71.am] - 57 TCP 192.168.115.8:50489 <-> 119.188.13.188:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/253 bytes <-> 1 pkts/430 bytes][Host: pdata.video.qiyi.com] - 58 TCP 192.168.115.8:50772 <-> 123.125.111.70:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/399 bytes <-> 1 pkts/275 bytes][Host: nl.rcd.iqiyi.com] - 59 TCP 192.168.115.8:50775 <-> 123.125.111.70:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/399 bytes <-> 1 pkts/275 bytes][Host: nl.rcd.iqiyi.com] - 60 TCP 192.168.115.8:50470 <-> 202.108.14.236:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/424 bytes <-> 1 pkts/194 bytes][Host: msg.iqiyi.com] - 61 TCP 192.168.115.8:50508 <-> 223.26.106.19:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/198 bytes <-> 1 pkts/420 bytes][Host: static.qiyi.com] - 62 TCP 192.168.115.8:50483 <-> 202.108.14.219:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/417 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] - 63 TCP 192.168.115.8:50776 <-> 111.206.22.77:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/394 bytes <-> 1 pkts/194 bytes][Host: msg.iqiyi.com] - 64 TCP 192.168.115.8:50765 <-> 36.110.220.15:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/264 bytes <-> 1 pkts/199 bytes][Host: msg.video.qiyi.com] - 65 TCP 202.108.14.219:80 -> 192.168.115.8:50295 [proto: 7/HTTP][cat: Web/5][2 pkts/398 bytes -> 0 pkts/0 bytes] - 66 UDP 192.168.5.48:63930 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][2 pkts/358 bytes -> 0 pkts/0 bytes] - 67 TCP 117.79.81.135:80 -> 192.168.115.8:50443 [proto: 7/HTTP][cat: Web/5][1 pkts/347 bytes -> 0 pkts/0 bytes] - 68 TCP 192.168.115.8:50781 -> 223.26.106.20:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/303 bytes -> 0 pkts/0 bytes][Host: preimage1.qiyipic.com] - 69 TCP 202.108.14.219:80 -> 192.168.115.8:50506 [proto: 7/HTTP][cat: Web/5][1 pkts/199 bytes -> 0 pkts/0 bytes] - 70 UDP 192.168.5.63:60976 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][1 pkts/165 bytes -> 0 pkts/0 bytes] - 71 UDP 192.168.5.63:39383 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][1 pkts/130 bytes -> 0 pkts/0 bytes] - 72 TCP 192.168.115.8:50462 -> 202.108.14.236:80 [proto: 7/HTTP][cat: Web/5][2 pkts/108 bytes -> 0 pkts/0 bytes] - 73 TCP 192.168.5.15:65125 -> 68.233.253.133:80 [proto: 7/HTTP][cat: Web/5][1 pkts/66 bytes -> 0 pkts/0 bytes] + 8 UDP 192.168.115.8:22793 <-> 202.198.7.89:16039 [proto: 188/QUIC][cat: Web/5][2 pkts/158 bytes <-> 3 pkts/3323 bytes] + 9 TCP 192.168.115.8:50495 <-> 202.108.14.236:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][3 pkts/2844 bytes <-> 3 pkts/597 bytes][Host: msg.71.am] + 10 TCP 77.234.41.35:80 <-> 192.168.115.8:49174 [proto: 7/HTTP][cat: Web/5][4 pkts/2953 bytes <-> 1 pkts/356 bytes] + 11 TCP 192.168.115.8:50767 <-> 223.26.106.20:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][4 pkts/800 bytes <-> 4 pkts/2112 bytes][Host: static.qiyi.com] + 12 TCP 192.168.115.8:50488 <-> 223.26.106.20:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/311 bytes <-> 2 pkts/2035 bytes][Host: meta.video.qiyi.com] + 13 TCP 192.168.115.8:50471 <-> 202.108.14.236:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][2 pkts/1898 bytes <-> 2 pkts/398 bytes][Host: msg.71.am] + 14 TCP 192.168.115.8:50501 <-> 202.108.14.236:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][2 pkts/1893 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] + 15 TCP 192.168.115.8:50463 <-> 101.227.200.11:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][2 pkts/1555 bytes <-> 1 pkts/306 bytes][Host: api.cupid.iqiyi.com] + 16 TCP 192.168.115.8:50496 <-> 101.227.200.11:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][2 pkts/1555 bytes <-> 1 pkts/306 bytes][Host: api.cupid.iqiyi.com] + 17 TCP 192.168.115.8:50779 <-> 111.206.22.77:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][2 pkts/1438 bytes <-> 1 pkts/194 bytes][Host: msg.iqiyi.com] + 18 UDP 192.168.5.38:58897 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][9 pkts/1575 bytes -> 0 pkts/0 bytes] + 19 UDP 192.168.115.1:50945 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][9 pkts/1539 bytes -> 0 pkts/0 bytes] + 20 TCP 192.168.115.8:50464 <-> 123.125.112.49:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/707 bytes <-> 1 pkts/744 bytes][Host: click.hm.baidu.com] + 21 TCP 192.168.115.8:50492 <-> 111.206.13.3:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/389 bytes <-> 2 pkts/1034 bytes][Host: pdata.video.qiyi.com] + 22 TCP 192.168.115.8:50777 <-> 111.206.22.77:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/1186 bytes <-> 1 pkts/194 bytes][Host: msg.iqiyi.com] + 23 TCP 192.168.115.8:50494 <-> 223.26.106.66:80 [proto: 7.60/HTTP.HTTP_Download][cat: Download-FileTransfer-FileSharing/7][2 pkts/887 bytes <-> 1 pkts/443 bytes][Host: 223.26.106.66] + 24 TCP 192.168.115.8:50497 <-> 123.125.112.49:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/1004 bytes <-> 2 pkts/301 bytes][Host: click.hm.baidu.com] + 25 TCP 192.168.115.8:50499 <-> 111.206.22.76:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/1097 bytes <-> 1 pkts/199 bytes][Host: msg.iqiyi.com] + 26 TCP 192.168.115.8:50474 <-> 202.108.14.221:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/1100 bytes <-> 1 pkts/194 bytes][Host: msg.iqiyi.com] + 27 TCP 192.168.115.8:50507 <-> 223.26.106.19:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/212 bytes <-> 1 pkts/1063 bytes][Host: static.qiyi.com] + 28 TCP 192.168.115.8:50485 <-> 202.108.14.236:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/947 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] + 29 TCP 192.168.115.8:50502 <-> 202.108.14.236:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/947 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] + 30 TCP 192.168.115.8:50493 <-> 202.108.14.236:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/946 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] + 31 TCP 192.168.115.8:50771 <-> 202.108.14.236:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/946 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] + 32 TCP 192.168.115.8:50473 <-> 202.108.14.219:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/944 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] + 33 TCP 192.168.115.8:50475 <-> 202.108.14.236:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/941 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] + 34 TCP 192.168.115.8:50500 <-> 23.41.133.163:80 [proto: 7/HTTP][cat: Web/5][1 pkts/289 bytes <-> 1 pkts/839 bytes][Host: s1.symcb.com] + 35 TCP 192.168.115.8:50773 <-> 202.108.14.221:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/919 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] + 36 TCP 192.168.115.8:50466 <-> 203.66.182.24:80 [proto: 7.126/HTTP.Google][cat: Web/5][1 pkts/280 bytes <-> 1 pkts/813 bytes][Host: clients1.google.com] + 37 UDP 192.168.5.50:52529 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][6 pkts/1074 bytes -> 0 pkts/0 bytes] + 38 UDP 192.168.5.28:60023 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][6 pkts/1050 bytes -> 0 pkts/0 bytes] + 39 UDP 192.168.5.57:59648 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][6 pkts/1050 bytes -> 0 pkts/0 bytes] + 40 TCP 192.168.115.8:50504 -> 202.108.14.236:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/946 bytes -> 0 pkts/0 bytes][Host: msg.71.am] + 41 TCP 192.168.115.8:50769 <-> 101.227.200.11:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/604 bytes <-> 1 pkts/291 bytes][Host: api.cupid.iqiyi.com] + 42 TCP 192.168.115.8:50498 <-> 36.110.220.15:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/694 bytes <-> 1 pkts/199 bytes][Host: msg.video.qiyi.com] + 43 TCP 192.168.115.8:50503 <-> 202.108.14.219:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/683 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] + 44 UDP 192.168.5.41:50374 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][5 pkts/875 bytes -> 0 pkts/0 bytes] + 45 TCP 192.168.115.8:50490 <-> 119.188.13.188:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/357 bytes <-> 1 pkts/479 bytes][Host: pdata.video.qiyi.com] + 46 TCP 192.168.115.8:50467 <-> 202.108.14.219:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/629 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] + 47 TCP 192.168.115.8:50484 <-> 202.108.14.219:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/622 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] + 48 TCP 192.168.115.8:50477 <-> 202.108.14.219:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/614 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] + 49 TCP 192.168.115.8:50774 <-> 202.108.14.219:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/587 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] + 50 TCP 192.168.115.8:50469 <-> 202.108.14.219:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/573 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] + 51 TCP 192.168.115.8:50482 <-> 140.205.243.64:80 [proto: 7/HTTP][cat: Web/5][1 pkts/444 bytes <-> 1 pkts/283 bytes][Host: cmc.tanx.com] + 52 TCP 192.168.115.8:50768 <-> 223.26.106.19:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/198 bytes <-> 1 pkts/526 bytes][Host: static.qiyi.com] + 53 TCP 192.168.5.15:65128 <-> 68.233.253.133:80 [proto: 7/HTTP][cat: Web/5][1 pkts/331 bytes <-> 1 pkts/390 bytes][Host: api.magicansoft.com] + 54 TCP 192.168.115.8:50509 <-> 106.38.219.107:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/163 bytes <-> 2 pkts/557 bytes][Host: iplocation.geo.qiyi.com] + 55 TCP 192.168.5.15:65127 <-> 68.233.253.133:80 [proto: 7/HTTP][cat: Web/5][1 pkts/323 bytes <-> 1 pkts/390 bytes][Host: api.magicansoft.com] + 56 TCP 192.168.115.8:50766 <-> 223.26.106.20:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/198 bytes <-> 1 pkts/493 bytes][Host: static.qiyi.com] + 57 TCP 192.168.115.8:50487 -> 202.108.14.219:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/683 bytes -> 0 pkts/0 bytes][Host: msg.71.am] + 58 TCP 192.168.115.8:50489 <-> 119.188.13.188:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/253 bytes <-> 1 pkts/430 bytes][Host: pdata.video.qiyi.com] + 59 TCP 192.168.115.8:50772 <-> 123.125.111.70:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/399 bytes <-> 1 pkts/275 bytes][Host: nl.rcd.iqiyi.com] + 60 TCP 192.168.115.8:50775 <-> 123.125.111.70:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/399 bytes <-> 1 pkts/275 bytes][Host: nl.rcd.iqiyi.com] + 61 TCP 192.168.115.8:50470 <-> 202.108.14.236:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/424 bytes <-> 1 pkts/194 bytes][Host: msg.iqiyi.com] + 62 TCP 192.168.115.8:50508 <-> 223.26.106.19:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/198 bytes <-> 1 pkts/420 bytes][Host: static.qiyi.com] + 63 TCP 192.168.115.8:50483 <-> 202.108.14.219:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/417 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] + 64 TCP 192.168.115.8:50776 <-> 111.206.22.77:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/394 bytes <-> 1 pkts/194 bytes][Host: msg.iqiyi.com] + 65 TCP 192.168.115.8:50765 <-> 36.110.220.15:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/264 bytes <-> 1 pkts/199 bytes][Host: msg.video.qiyi.com] + 66 TCP 202.108.14.219:80 -> 192.168.115.8:50295 [proto: 7/HTTP][cat: Web/5][2 pkts/398 bytes -> 0 pkts/0 bytes] + 67 UDP 192.168.5.48:63930 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][2 pkts/358 bytes -> 0 pkts/0 bytes] + 68 TCP 117.79.81.135:80 -> 192.168.115.8:50443 [proto: 7/HTTP][cat: Web/5][1 pkts/347 bytes -> 0 pkts/0 bytes] + 69 TCP 192.168.115.8:50781 -> 223.26.106.20:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/303 bytes -> 0 pkts/0 bytes][Host: preimage1.qiyipic.com] + 70 TCP 202.108.14.219:80 -> 192.168.115.8:50506 [proto: 7/HTTP][cat: Web/5][1 pkts/199 bytes -> 0 pkts/0 bytes] + 71 UDP 192.168.5.63:60976 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][1 pkts/165 bytes -> 0 pkts/0 bytes] + 72 UDP 192.168.5.63:39383 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][1 pkts/130 bytes -> 0 pkts/0 bytes] + 73 TCP 192.168.115.8:50462 -> 202.108.14.236:80 [proto: 7/HTTP][cat: Web/5][2 pkts/108 bytes -> 0 pkts/0 bytes] + 74 TCP 192.168.5.15:65125 -> 68.233.253.133:80 [proto: 7/HTTP][cat: Web/5][1 pkts/66 bytes -> 0 pkts/0 bytes] Undetected flows: @@ -86,32 +88,31 @@ Undetected flows: 3 UDP 118.171.15.56:5544 <-> 192.168.115.8:22793 [proto: 0/Unknown][30 pkts/33210 bytes <-> 71 pkts/5609 bytes] 4 UDP 192.168.115.8:22793 <-> 219.228.107.156:1250 [proto: 0/Unknown][34 pkts/2686 bytes <-> 11 pkts/12177 bytes] 5 UDP 192.168.115.8:22793 <-> 222.197.138.12:6956 [proto: 0/Unknown][30 pkts/2370 bytes <-> 10 pkts/10042 bytes] - 6 UDP 192.168.115.8:22793 <-> 202.198.7.89:16039 [proto: 0/Unknown][2 pkts/158 bytes <-> 3 pkts/3323 bytes] - 7 UDP 192.168.115.8:22793 -> 1.169.136.116:17951 [proto: 0/Unknown][4 pkts/512 bytes -> 0 pkts/0 bytes] - 8 UDP 192.168.115.8:22793 -> 114.41.144.153:10492 [proto: 0/Unknown][4 pkts/512 bytes -> 0 pkts/0 bytes] - 9 UDP 192.168.115.8:22793 -> 218.61.39.103:17788 [proto: 0/Unknown][2 pkts/300 bytes -> 0 pkts/0 bytes] - 10 UDP 192.168.115.8:22793 -> 119.188.133.182:17788 [proto: 0/Unknown][2 pkts/260 bytes -> 0 pkts/0 bytes] - 11 UDP 192.168.115.8:22793 -> 183.61.167.104:17788 [proto: 0/Unknown][2 pkts/260 bytes -> 0 pkts/0 bytes] - 12 UDP 192.168.115.8:22793 -> 218.61.39.87:17788 [proto: 0/Unknown][2 pkts/260 bytes -> 0 pkts/0 bytes] - 13 UDP 183.228.182.44:13913 <-> 192.168.115.8:22793 [proto: 0/Unknown][1 pkts/87 bytes <-> 2 pkts/170 bytes] - 14 UDP 192.168.115.8:22793 -> 183.61.167.82:17788 [proto: 0/Unknown][2 pkts/188 bytes -> 0 pkts/0 bytes] - 15 UDP 192.168.115.8:22793 -> 220.130.154.23:35941 [proto: 0/Unknown][2 pkts/174 bytes -> 0 pkts/0 bytes] - 16 UDP 192.168.115.8:22793 -> 111.249.53.196:32443 [proto: 0/Unknown][2 pkts/158 bytes -> 0 pkts/0 bytes] - 17 UDP 192.168.115.8:22793 -> 1.175.128.104:5185 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes] - 18 UDP 192.168.115.8:22793 -> 36.233.39.81:18590 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes] - 19 UDP 192.168.115.8:22793 -> 36.237.154.69:4316 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes] - 20 UDP 192.168.115.8:22793 -> 61.223.204.67:11102 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes] - 21 UDP 192.168.115.8:22793 -> 61.227.170.88:20227 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes] - 22 UDP 192.168.115.8:22793 -> 111.117.101.81:10162 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes] - 23 UDP 192.168.115.8:22793 -> 111.250.102.66:1107 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes] - 24 UDP 192.168.115.8:22793 -> 114.37.142.173:1074 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes] - 25 UDP 192.168.115.8:22793 -> 114.47.91.129:22576 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes] - 26 UDP 192.168.115.8:22793 -> 115.157.62.243:29006 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes] - 27 UDP 192.168.115.8:22793 -> 121.248.133.93:12757 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes] - 28 UDP 192.168.115.8:22793 -> 202.112.31.89:29072 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes] - 29 UDP 192.168.115.8:22793 -> 210.44.171.1:29702 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes] - 30 UDP 192.168.115.8:22793 -> 210.44.232.243:21044 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes] - 31 UDP 192.168.115.8:22793 -> 210.47.12.19:33738 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes] - 32 UDP 192.168.115.8:22793 -> 210.47.12.20:33738 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes] - 33 UDP 192.168.115.8:22793 -> 222.26.74.190:1037 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes] - 34 UDP 192.168.115.8:22793 -> 222.26.193.119:7133 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes] + 6 UDP 192.168.115.8:22793 -> 1.169.136.116:17951 [proto: 0/Unknown][4 pkts/512 bytes -> 0 pkts/0 bytes] + 7 UDP 192.168.115.8:22793 -> 114.41.144.153:10492 [proto: 0/Unknown][4 pkts/512 bytes -> 0 pkts/0 bytes] + 8 UDP 192.168.115.8:22793 -> 218.61.39.103:17788 [proto: 0/Unknown][2 pkts/300 bytes -> 0 pkts/0 bytes] + 9 UDP 192.168.115.8:22793 -> 119.188.133.182:17788 [proto: 0/Unknown][2 pkts/260 bytes -> 0 pkts/0 bytes] + 10 UDP 192.168.115.8:22793 -> 183.61.167.104:17788 [proto: 0/Unknown][2 pkts/260 bytes -> 0 pkts/0 bytes] + 11 UDP 192.168.115.8:22793 -> 218.61.39.87:17788 [proto: 0/Unknown][2 pkts/260 bytes -> 0 pkts/0 bytes] + 12 UDP 183.228.182.44:13913 <-> 192.168.115.8:22793 [proto: 0/Unknown][1 pkts/87 bytes <-> 2 pkts/170 bytes] + 13 UDP 192.168.115.8:22793 -> 183.61.167.82:17788 [proto: 0/Unknown][2 pkts/188 bytes -> 0 pkts/0 bytes] + 14 UDP 192.168.115.8:22793 -> 220.130.154.23:35941 [proto: 0/Unknown][2 pkts/174 bytes -> 0 pkts/0 bytes] + 15 UDP 192.168.115.8:22793 -> 111.249.53.196:32443 [proto: 0/Unknown][2 pkts/158 bytes -> 0 pkts/0 bytes] + 16 UDP 192.168.115.8:22793 -> 1.175.128.104:5185 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes] + 17 UDP 192.168.115.8:22793 -> 36.233.39.81:18590 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes] + 18 UDP 192.168.115.8:22793 -> 36.237.154.69:4316 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes] + 19 UDP 192.168.115.8:22793 -> 61.223.204.67:11102 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes] + 20 UDP 192.168.115.8:22793 -> 61.227.170.88:20227 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes] + 21 UDP 192.168.115.8:22793 -> 111.117.101.81:10162 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes] + 22 UDP 192.168.115.8:22793 -> 111.250.102.66:1107 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes] + 23 UDP 192.168.115.8:22793 -> 114.37.142.173:1074 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes] + 24 UDP 192.168.115.8:22793 -> 114.47.91.129:22576 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes] + 25 UDP 192.168.115.8:22793 -> 115.157.62.243:29006 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes] + 26 UDP 192.168.115.8:22793 -> 121.248.133.93:12757 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes] + 27 UDP 192.168.115.8:22793 -> 202.112.31.89:29072 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes] + 28 UDP 192.168.115.8:22793 -> 210.44.171.1:29702 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes] + 29 UDP 192.168.115.8:22793 -> 210.44.232.243:21044 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes] + 30 UDP 192.168.115.8:22793 -> 210.47.12.19:33738 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes] + 31 UDP 192.168.115.8:22793 -> 210.47.12.20:33738 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes] + 32 UDP 192.168.115.8:22793 -> 222.26.74.190:1037 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes] + 33 UDP 192.168.115.8:22793 -> 222.26.193.119:7133 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes] diff --git a/tests/result/skype.pcap.out b/tests/result/skype.pcap.out index 4d09243a3..ddb00deaa 100644 --- a/tests/result/skype.pcap.out +++ b/tests/result/skype.pcap.out @@ -1,4 +1,4 @@ -Unknown 175 20913 11 +Unknown 171 20697 10 DNS 2 267 1 MDNS 8 1736 2 NTP 2 180 1 @@ -9,7 +9,7 @@ IGMP 5 258 4 SSL 96 8876 7 Dropbox 38 17948 5 Skype 584 56659 57 -Apple 3 168 1 +Apple 7 384 2 AppleiCloud 88 20520 2 Spotify 5 430 1 MS_OneDrive 387 198090 1 @@ -146,157 +146,158 @@ ApplePush 12 1877 1 129 UDP 192.168.1.34:13021 -> 176.26.55.167:63773 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][5 pkts/300 bytes -> 0 pkts/0 bytes] 130 UDP 192.168.1.34:58681 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/101 bytes <-> 1 pkts/166 bytes][Host: db3msgr5011709.gateway.messenger.live.com] 131 UDP 192.168.1.34:62454 <-> 192.168.1.1:53 [proto: 5.143/DNS.AppleiCloud][cat: Web/5][1 pkts/101 bytes <-> 1 pkts/133 bytes][Host: p05-keyvalueservice.icloud.com.akadns.net] - 132 UDP 192.168.1.34:123 <-> 17.253.48.245:123 [proto: 9/NTP][cat: System/18][1 pkts/90 bytes <-> 1 pkts/90 bytes] - 133 UDP 192.168.1.34:51879 <-> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][1 pkts/82 bytes <-> 1 pkts/98 bytes][Host: e4593.g.akamaiedge.net] - 134 UDP 192.168.1.34:63321 <-> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][1 pkts/82 bytes <-> 1 pkts/98 bytes][Host: e4593.g.akamaiedge.net] - 135 UDP 192.168.1.34:64085 <-> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][1 pkts/82 bytes <-> 1 pkts/98 bytes][Host: e7768.b.akamaiedge.net] - 136 TCP 192.168.1.34:50024 <-> 17.172.100.36:443 [proto: 91.140/SSL.Apple][cat: Web/5][2 pkts/108 bytes <-> 1 pkts/60 bytes] - 137 IGMP 192.168.0.254:0 -> 224.0.0.1:0 [proto: 82/IGMP][cat: Network/14][2 pkts/92 bytes -> 0 pkts/0 bytes] - 138 UDP 192.168.1.34:13021 -> 64.4.23.145:40024 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] - 139 UDP 192.168.1.34:13021 -> 65.55.223.26:40004 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] - 140 UDP 192.168.1.34:13021 -> 65.55.223.33:40011 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] - 141 UDP 192.168.1.34:13021 -> 157.55.56.168:40006 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] - 142 UDP 192.168.1.34:13021 -> 157.55.130.146:40026 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] - 143 UDP 192.168.1.34:13021 -> 157.55.130.154:40005 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] - 144 UDP 192.168.1.34:13021 -> 157.55.235.147:40020 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] - 145 UDP 192.168.1.34:13021 -> 157.55.235.152:40001 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] - 146 UDP 192.168.1.34:13021 -> 213.199.179.155:40004 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] - 147 UDP 192.168.1.34:13021 -> 111.221.74.28:40014 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] - 148 UDP 192.168.1.34:13021 -> 111.221.77.146:33033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] - 149 UDP 192.168.1.34:13021 -> 111.221.77.155:40004 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] - 150 UDP 192.168.1.34:13021 -> 111.221.77.159:40009 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] - 151 UDP 192.168.1.34:13021 -> 111.221.77.172:40010 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] - 152 UDP 192.168.1.34:13021 -> 157.55.130.156:40034 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] - 153 UDP 192.168.1.34:13021 -> 157.55.235.161:40011 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] - 154 UDP 192.168.1.34:13021 -> 157.55.235.176:40022 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] - 155 UDP 192.168.1.34:13021 -> 157.56.52.27:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] - 156 UDP 192.168.1.34:13021 -> 157.56.52.28:40009 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] - 157 UDP 192.168.1.34:13021 -> 64.4.23.143:40018 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 158 UDP 192.168.1.34:13021 -> 64.4.23.155:40004 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 159 UDP 192.168.1.34:13021 -> 65.55.223.29:40010 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 160 UDP 192.168.1.34:13021 -> 111.221.74.15:40024 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 161 UDP 192.168.1.34:13021 -> 111.221.77.145:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 162 UDP 192.168.1.34:13021 -> 111.221.77.166:40011 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 163 UDP 192.168.1.34:13021 -> 157.55.56.142:40023 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 164 UDP 192.168.1.34:13021 -> 157.55.56.151:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 165 UDP 192.168.1.34:13021 -> 157.55.56.175:40013 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 166 UDP 192.168.1.34:13021 -> 157.55.130.143:40017 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 167 UDP 192.168.1.34:13021 -> 157.55.235.155:40003 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 168 UDP 192.168.1.34:13021 -> 157.56.52.17:40013 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 169 UDP 192.168.1.34:13021 -> 64.4.23.166:40022 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] - 170 UDP 192.168.1.34:13021 -> 65.55.223.25:40028 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] - 171 UDP 192.168.1.34:13021 -> 65.55.223.43:40002 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] - 172 UDP 192.168.1.34:13021 -> 111.221.74.43:40001 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] - 173 UDP 192.168.1.34:13021 -> 111.221.77.151:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] - 174 UDP 192.168.1.34:13021 -> 157.55.56.162:40004 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] - 175 UDP 192.168.1.34:13021 -> 157.55.130.147:40019 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] - 176 UDP 192.168.1.34:13021 -> 157.55.235.175:40008 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] - 177 UDP 192.168.1.34:13021 -> 213.199.179.150:40004 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] - 178 UDP 192.168.1.34:13021 -> 111.221.74.12:40031 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] - 179 UDP 192.168.1.34:13021 -> 111.221.74.48:40008 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] - 180 UDP 192.168.1.34:13021 -> 111.221.77.165:40020 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] - 181 UDP 192.168.1.34:13021 -> 213.199.179.141:40015 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] - 182 UDP 192.168.1.34:13021 -> 213.199.179.143:40022 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] - 183 UDP 192.168.1.34:13021 -> 213.199.179.154:40034 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] - 184 UDP 192.168.1.34:13021 -> 65.55.223.28:40026 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] - 185 UDP 192.168.1.34:13021 -> 111.221.74.40:40018 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] - 186 UDP 192.168.1.34:13021 -> 157.55.130.175:40006 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] - 187 UDP 192.168.1.34:13021 -> 157.56.52.26:40026 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] - 188 UDP 192.168.1.34:13021 -> 213.199.179.165:40007 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] - 189 UDP 192.168.1.34:13021 -> 64.4.23.141:40004 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] - 190 UDP 192.168.1.34:13021 -> 111.221.74.29:40024 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] - 191 UDP 192.168.1.34:13021 -> 111.221.74.31:40021 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] - 192 UDP 192.168.1.34:13021 -> 111.221.77.176:40020 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] - 193 UDP 192.168.1.34:13021 -> 157.55.235.153:40023 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] - 194 UDP 192.168.1.34:13021 -> 213.199.179.168:40006 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] - 195 UDP 192.168.1.34:13021 -> 64.4.23.151:40029 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] - 196 UDP 192.168.1.34:13021 -> 64.4.23.165:40020 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] - 197 UDP 192.168.1.34:13021 -> 111.221.77.142:40023 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] - 198 UDP 192.168.1.34:13021 -> 157.55.130.151:40017 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] - 199 UDP 192.168.1.34:13021 -> 64.4.23.168:40006 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] - 200 UDP 192.168.1.34:13021 -> 65.55.223.21:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] - 201 UDP 192.168.1.34:13021 -> 65.55.223.45:40012 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] - 202 UDP 192.168.1.34:13021 -> 111.221.74.44:40031 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] - 203 UDP 192.168.1.34:13021 -> 111.221.74.46:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] - 204 UDP 192.168.1.34:13021 -> 111.221.77.153:40024 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] - 205 UDP 192.168.1.34:13021 -> 157.55.56.148:40010 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] - 206 UDP 192.168.1.34:13021 -> 157.55.235.157:40010 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] - 207 UDP 192.168.1.34:13021 -> 157.55.235.172:40032 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] - 208 UDP 192.168.1.34:13021 -> 157.56.52.18:33033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] - 209 UDP 192.168.1.34:13021 -> 213.199.179.170:40011 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] - 210 UDP 192.168.1.34:13021 -> 64.4.23.150:40004 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 211 UDP 192.168.1.34:13021 -> 64.4.23.159:40009 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 212 UDP 192.168.1.34:13021 -> 65.55.223.17:40022 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 213 UDP 192.168.1.34:13021 -> 111.221.74.17:40022 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 214 UDP 192.168.1.34:13021 -> 111.221.74.18:33033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 215 UDP 192.168.1.34:13021 -> 111.221.74.32:40009 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 216 UDP 192.168.1.34:13021 -> 111.221.74.42:40024 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 217 UDP 192.168.1.34:13021 -> 157.55.56.146:33033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 218 UDP 192.168.1.34:13021 -> 157.55.56.161:40012 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 219 UDP 192.168.1.34:13021 -> 157.55.130.155:40020 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 220 UDP 192.168.1.34:13021 -> 157.55.130.165:40026 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 221 UDP 192.168.1.34:13021 -> 157.55.235.142:40025 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 222 UDP 192.168.1.34:13021 -> 157.56.52.33:40011 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 223 UDP 192.168.1.34:13021 -> 213.199.179.162:40029 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 224 UDP 192.168.1.34:13021 -> 64.4.23.148:40010 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] - 225 UDP 192.168.1.34:13021 -> 65.55.223.18:33033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] - 226 UDP 192.168.1.34:13021 -> 65.55.223.41:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] - 227 UDP 192.168.1.34:13021 -> 111.221.77.148:40029 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] - 228 UDP 192.168.1.34:13021 -> 157.55.130.146:33033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] - 229 UDP 192.168.1.34:13021 -> 157.55.235.143:40030 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] - 230 UDP 192.168.1.34:13021 -> 157.55.235.160:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] - 231 UDP 192.168.1.34:13021 -> 157.55.235.166:40015 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] - 232 UDP 192.168.1.34:13021 -> 157.56.52.37:40032 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] - 233 UDP 192.168.1.34:13021 -> 64.4.23.140:40012 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] - 234 UDP 192.168.1.34:13021 -> 64.4.23.170:40011 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] - 235 UDP 192.168.1.34:13021 -> 111.221.74.19:40001 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] - 236 UDP 192.168.1.34:13021 -> 111.221.77.160:40028 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] - 237 UDP 192.168.1.34:13021 -> 111.221.77.168:40007 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] - 238 UDP 192.168.1.34:13021 -> 157.55.56.145:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] - 239 UDP 192.168.1.34:13021 -> 157.55.56.165:40020 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] - 240 UDP 192.168.1.34:13021 -> 157.55.235.145:40022 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] - 241 UDP 192.168.1.34:13021 -> 157.56.52.15:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] - 242 UDP 192.168.1.34:13021 -> 65.55.223.24:40032 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 243 UDP 192.168.1.34:13021 -> 111.221.74.16:40032 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 244 UDP 192.168.1.34:13021 -> 111.221.77.141:40020 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 245 UDP 192.168.1.34:13021 -> 111.221.77.149:40030 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 246 UDP 192.168.1.34:13021 -> 111.221.77.154:40017 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 247 UDP 192.168.1.34:13021 -> 157.55.130.157:40013 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 248 UDP 192.168.1.34:13021 -> 157.55.130.160:40029 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 249 UDP 192.168.1.34:13021 -> 157.55.130.172:40019 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 250 UDP 192.168.1.34:13021 -> 157.56.52.45:40012 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 251 UDP 192.168.1.34:13021 -> 213.199.179.146:33033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 252 UDP 192.168.1.34:13021 -> 213.199.179.146:40030 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 253 UDP 192.168.1.34:13021 -> 64.4.23.146:33033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] - 254 UDP 192.168.1.34:13021 -> 64.4.23.173:40017 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] - 255 UDP 192.168.1.34:13021 -> 65.55.223.15:40026 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] - 256 UDP 192.168.1.34:13021 -> 65.55.223.38:40015 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] - 257 UDP 192.168.1.34:13021 -> 65.55.223.44:40013 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] - 258 UDP 192.168.1.34:13021 -> 111.221.74.25:40028 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] - 259 UDP 192.168.1.34:13021 -> 111.221.77.143:40022 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] - 260 UDP 192.168.1.34:13021 -> 157.55.130.144:40034 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] - 261 UDP 192.168.1.34:13021 -> 157.55.235.146:33033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] - 262 UDP 192.168.1.34:13021 -> 213.199.179.145:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] - 263 UDP 192.168.1.34:13021 -> 65.55.223.20:40033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] - 264 UDP 192.168.1.34:13021 -> 111.221.74.24:40001 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] - 265 UDP 192.168.1.34:13021 -> 111.221.77.140:40003 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] - 266 UDP 192.168.1.34:13021 -> 157.55.56.166:40022 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] - 267 UDP 192.168.1.34:13021 -> 157.55.130.148:40019 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] - 268 UDP 192.168.1.34:13021 -> 157.55.235.158:40031 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] - 269 UDP 192.168.1.34:13021 -> 157.55.235.159:40021 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] - 270 UDP 192.168.1.34:13021 -> 157.55.235.173:40012 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] - 271 UDP 192.168.1.34:13021 -> 157.56.52.21:40004 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] - 272 UDP 192.168.1.34:13021 -> 157.56.52.24:40001 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] - 273 UDP 192.168.1.34:13021 -> 157.56.52.47:40029 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] - 274 UDP 192.168.1.34:13021 -> 213.199.179.152:40023 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] - 275 IGMP 192.168.1.1:0 -> 224.0.0.1:0 [proto: 82/IGMP][cat: Network/14][1 pkts/60 bytes -> 0 pkts/0 bytes] - 276 IGMP 192.168.1.92:0 -> 224.0.0.251:0 [proto: 82/IGMP][cat: Network/14][1 pkts/60 bytes -> 0 pkts/0 bytes] - 277 UDP 192.168.1.34:13021 -> 65.55.223.39:443 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes] - 278 UDP 192.168.1.34:13021 -> 71.62.0.85:33647 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes] - 279 UDP 192.168.1.34:13021 -> 106.188.249.186:15120 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes] - 280 UDP 192.168.1.34:13021 -> 157.55.130.145:443 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes] - 281 UDP 192.168.1.34:13021 -> 176.97.100.249:26635 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes] - 282 IGMP 192.168.1.34:0 -> 224.0.0.251:0 [proto: 82/IGMP][cat: Network/14][1 pkts/46 bytes -> 0 pkts/0 bytes] + 132 UDP 192.168.1.34:54067 -> 192.168.1.1:5351 [proto: 140/Apple][cat: Web/5][4 pkts/216 bytes -> 0 pkts/0 bytes] + 133 UDP 192.168.1.34:123 <-> 17.253.48.245:123 [proto: 9/NTP][cat: System/18][1 pkts/90 bytes <-> 1 pkts/90 bytes] + 134 UDP 192.168.1.34:51879 <-> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][1 pkts/82 bytes <-> 1 pkts/98 bytes][Host: e4593.g.akamaiedge.net] + 135 UDP 192.168.1.34:63321 <-> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][1 pkts/82 bytes <-> 1 pkts/98 bytes][Host: e4593.g.akamaiedge.net] + 136 UDP 192.168.1.34:64085 <-> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][1 pkts/82 bytes <-> 1 pkts/98 bytes][Host: e7768.b.akamaiedge.net] + 137 TCP 192.168.1.34:50024 <-> 17.172.100.36:443 [proto: 91.140/SSL.Apple][cat: Web/5][2 pkts/108 bytes <-> 1 pkts/60 bytes] + 138 IGMP 192.168.0.254:0 -> 224.0.0.1:0 [proto: 82/IGMP][cat: Network/14][2 pkts/92 bytes -> 0 pkts/0 bytes] + 139 UDP 192.168.1.34:13021 -> 64.4.23.145:40024 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] + 140 UDP 192.168.1.34:13021 -> 65.55.223.26:40004 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] + 141 UDP 192.168.1.34:13021 -> 65.55.223.33:40011 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] + 142 UDP 192.168.1.34:13021 -> 157.55.56.168:40006 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] + 143 UDP 192.168.1.34:13021 -> 157.55.130.146:40026 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] + 144 UDP 192.168.1.34:13021 -> 157.55.130.154:40005 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] + 145 UDP 192.168.1.34:13021 -> 157.55.235.147:40020 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] + 146 UDP 192.168.1.34:13021 -> 157.55.235.152:40001 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] + 147 UDP 192.168.1.34:13021 -> 213.199.179.155:40004 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] + 148 UDP 192.168.1.34:13021 -> 111.221.74.28:40014 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] + 149 UDP 192.168.1.34:13021 -> 111.221.77.146:33033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] + 150 UDP 192.168.1.34:13021 -> 111.221.77.155:40004 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] + 151 UDP 192.168.1.34:13021 -> 111.221.77.159:40009 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] + 152 UDP 192.168.1.34:13021 -> 111.221.77.172:40010 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] + 153 UDP 192.168.1.34:13021 -> 157.55.130.156:40034 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] + 154 UDP 192.168.1.34:13021 -> 157.55.235.161:40011 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] + 155 UDP 192.168.1.34:13021 -> 157.55.235.176:40022 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] + 156 UDP 192.168.1.34:13021 -> 157.56.52.27:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] + 157 UDP 192.168.1.34:13021 -> 157.56.52.28:40009 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] + 158 UDP 192.168.1.34:13021 -> 64.4.23.143:40018 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 159 UDP 192.168.1.34:13021 -> 64.4.23.155:40004 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 160 UDP 192.168.1.34:13021 -> 65.55.223.29:40010 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 161 UDP 192.168.1.34:13021 -> 111.221.74.15:40024 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 162 UDP 192.168.1.34:13021 -> 111.221.77.145:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 163 UDP 192.168.1.34:13021 -> 111.221.77.166:40011 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 164 UDP 192.168.1.34:13021 -> 157.55.56.142:40023 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 165 UDP 192.168.1.34:13021 -> 157.55.56.151:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 166 UDP 192.168.1.34:13021 -> 157.55.56.175:40013 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 167 UDP 192.168.1.34:13021 -> 157.55.130.143:40017 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 168 UDP 192.168.1.34:13021 -> 157.55.235.155:40003 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 169 UDP 192.168.1.34:13021 -> 157.56.52.17:40013 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 170 UDP 192.168.1.34:13021 -> 64.4.23.166:40022 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] + 171 UDP 192.168.1.34:13021 -> 65.55.223.25:40028 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] + 172 UDP 192.168.1.34:13021 -> 65.55.223.43:40002 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] + 173 UDP 192.168.1.34:13021 -> 111.221.74.43:40001 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] + 174 UDP 192.168.1.34:13021 -> 111.221.77.151:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] + 175 UDP 192.168.1.34:13021 -> 157.55.56.162:40004 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] + 176 UDP 192.168.1.34:13021 -> 157.55.130.147:40019 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] + 177 UDP 192.168.1.34:13021 -> 157.55.235.175:40008 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] + 178 UDP 192.168.1.34:13021 -> 213.199.179.150:40004 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] + 179 UDP 192.168.1.34:13021 -> 111.221.74.12:40031 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] + 180 UDP 192.168.1.34:13021 -> 111.221.74.48:40008 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] + 181 UDP 192.168.1.34:13021 -> 111.221.77.165:40020 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] + 182 UDP 192.168.1.34:13021 -> 213.199.179.141:40015 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] + 183 UDP 192.168.1.34:13021 -> 213.199.179.143:40022 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] + 184 UDP 192.168.1.34:13021 -> 213.199.179.154:40034 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] + 185 UDP 192.168.1.34:13021 -> 65.55.223.28:40026 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] + 186 UDP 192.168.1.34:13021 -> 111.221.74.40:40018 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] + 187 UDP 192.168.1.34:13021 -> 157.55.130.175:40006 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] + 188 UDP 192.168.1.34:13021 -> 157.56.52.26:40026 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] + 189 UDP 192.168.1.34:13021 -> 213.199.179.165:40007 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] + 190 UDP 192.168.1.34:13021 -> 64.4.23.141:40004 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] + 191 UDP 192.168.1.34:13021 -> 111.221.74.29:40024 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] + 192 UDP 192.168.1.34:13021 -> 111.221.74.31:40021 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] + 193 UDP 192.168.1.34:13021 -> 111.221.77.176:40020 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] + 194 UDP 192.168.1.34:13021 -> 157.55.235.153:40023 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] + 195 UDP 192.168.1.34:13021 -> 213.199.179.168:40006 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] + 196 UDP 192.168.1.34:13021 -> 64.4.23.151:40029 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] + 197 UDP 192.168.1.34:13021 -> 64.4.23.165:40020 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] + 198 UDP 192.168.1.34:13021 -> 111.221.77.142:40023 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] + 199 UDP 192.168.1.34:13021 -> 157.55.130.151:40017 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] + 200 UDP 192.168.1.34:13021 -> 64.4.23.168:40006 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] + 201 UDP 192.168.1.34:13021 -> 65.55.223.21:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] + 202 UDP 192.168.1.34:13021 -> 65.55.223.45:40012 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] + 203 UDP 192.168.1.34:13021 -> 111.221.74.44:40031 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] + 204 UDP 192.168.1.34:13021 -> 111.221.74.46:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] + 205 UDP 192.168.1.34:13021 -> 111.221.77.153:40024 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] + 206 UDP 192.168.1.34:13021 -> 157.55.56.148:40010 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] + 207 UDP 192.168.1.34:13021 -> 157.55.235.157:40010 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] + 208 UDP 192.168.1.34:13021 -> 157.55.235.172:40032 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] + 209 UDP 192.168.1.34:13021 -> 157.56.52.18:33033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] + 210 UDP 192.168.1.34:13021 -> 213.199.179.170:40011 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] + 211 UDP 192.168.1.34:13021 -> 64.4.23.150:40004 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 212 UDP 192.168.1.34:13021 -> 64.4.23.159:40009 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 213 UDP 192.168.1.34:13021 -> 65.55.223.17:40022 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 214 UDP 192.168.1.34:13021 -> 111.221.74.17:40022 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 215 UDP 192.168.1.34:13021 -> 111.221.74.18:33033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 216 UDP 192.168.1.34:13021 -> 111.221.74.32:40009 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 217 UDP 192.168.1.34:13021 -> 111.221.74.42:40024 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 218 UDP 192.168.1.34:13021 -> 157.55.56.146:33033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 219 UDP 192.168.1.34:13021 -> 157.55.56.161:40012 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 220 UDP 192.168.1.34:13021 -> 157.55.130.155:40020 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 221 UDP 192.168.1.34:13021 -> 157.55.130.165:40026 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 222 UDP 192.168.1.34:13021 -> 157.55.235.142:40025 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 223 UDP 192.168.1.34:13021 -> 157.56.52.33:40011 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 224 UDP 192.168.1.34:13021 -> 213.199.179.162:40029 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 225 UDP 192.168.1.34:13021 -> 64.4.23.148:40010 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] + 226 UDP 192.168.1.34:13021 -> 65.55.223.18:33033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] + 227 UDP 192.168.1.34:13021 -> 65.55.223.41:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] + 228 UDP 192.168.1.34:13021 -> 111.221.77.148:40029 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] + 229 UDP 192.168.1.34:13021 -> 157.55.130.146:33033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] + 230 UDP 192.168.1.34:13021 -> 157.55.235.143:40030 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] + 231 UDP 192.168.1.34:13021 -> 157.55.235.160:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] + 232 UDP 192.168.1.34:13021 -> 157.55.235.166:40015 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] + 233 UDP 192.168.1.34:13021 -> 157.56.52.37:40032 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] + 234 UDP 192.168.1.34:13021 -> 64.4.23.140:40012 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] + 235 UDP 192.168.1.34:13021 -> 64.4.23.170:40011 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] + 236 UDP 192.168.1.34:13021 -> 111.221.74.19:40001 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] + 237 UDP 192.168.1.34:13021 -> 111.221.77.160:40028 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] + 238 UDP 192.168.1.34:13021 -> 111.221.77.168:40007 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] + 239 UDP 192.168.1.34:13021 -> 157.55.56.145:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] + 240 UDP 192.168.1.34:13021 -> 157.55.56.165:40020 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] + 241 UDP 192.168.1.34:13021 -> 157.55.235.145:40022 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] + 242 UDP 192.168.1.34:13021 -> 157.56.52.15:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] + 243 UDP 192.168.1.34:13021 -> 65.55.223.24:40032 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 244 UDP 192.168.1.34:13021 -> 111.221.74.16:40032 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 245 UDP 192.168.1.34:13021 -> 111.221.77.141:40020 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 246 UDP 192.168.1.34:13021 -> 111.221.77.149:40030 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 247 UDP 192.168.1.34:13021 -> 111.221.77.154:40017 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 248 UDP 192.168.1.34:13021 -> 157.55.130.157:40013 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 249 UDP 192.168.1.34:13021 -> 157.55.130.160:40029 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 250 UDP 192.168.1.34:13021 -> 157.55.130.172:40019 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 251 UDP 192.168.1.34:13021 -> 157.56.52.45:40012 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 252 UDP 192.168.1.34:13021 -> 213.199.179.146:33033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 253 UDP 192.168.1.34:13021 -> 213.199.179.146:40030 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 254 UDP 192.168.1.34:13021 -> 64.4.23.146:33033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] + 255 UDP 192.168.1.34:13021 -> 64.4.23.173:40017 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] + 256 UDP 192.168.1.34:13021 -> 65.55.223.15:40026 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] + 257 UDP 192.168.1.34:13021 -> 65.55.223.38:40015 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] + 258 UDP 192.168.1.34:13021 -> 65.55.223.44:40013 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] + 259 UDP 192.168.1.34:13021 -> 111.221.74.25:40028 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] + 260 UDP 192.168.1.34:13021 -> 111.221.77.143:40022 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] + 261 UDP 192.168.1.34:13021 -> 157.55.130.144:40034 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] + 262 UDP 192.168.1.34:13021 -> 157.55.235.146:33033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] + 263 UDP 192.168.1.34:13021 -> 213.199.179.145:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] + 264 UDP 192.168.1.34:13021 -> 65.55.223.20:40033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] + 265 UDP 192.168.1.34:13021 -> 111.221.74.24:40001 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] + 266 UDP 192.168.1.34:13021 -> 111.221.77.140:40003 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] + 267 UDP 192.168.1.34:13021 -> 157.55.56.166:40022 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] + 268 UDP 192.168.1.34:13021 -> 157.55.130.148:40019 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] + 269 UDP 192.168.1.34:13021 -> 157.55.235.158:40031 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] + 270 UDP 192.168.1.34:13021 -> 157.55.235.159:40021 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] + 271 UDP 192.168.1.34:13021 -> 157.55.235.173:40012 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] + 272 UDP 192.168.1.34:13021 -> 157.56.52.21:40004 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] + 273 UDP 192.168.1.34:13021 -> 157.56.52.24:40001 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] + 274 UDP 192.168.1.34:13021 -> 157.56.52.47:40029 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] + 275 UDP 192.168.1.34:13021 -> 213.199.179.152:40023 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] + 276 IGMP 192.168.1.1:0 -> 224.0.0.1:0 [proto: 82/IGMP][cat: Network/14][1 pkts/60 bytes -> 0 pkts/0 bytes] + 277 IGMP 192.168.1.92:0 -> 224.0.0.251:0 [proto: 82/IGMP][cat: Network/14][1 pkts/60 bytes -> 0 pkts/0 bytes] + 278 UDP 192.168.1.34:13021 -> 65.55.223.39:443 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes] + 279 UDP 192.168.1.34:13021 -> 71.62.0.85:33647 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes] + 280 UDP 192.168.1.34:13021 -> 106.188.249.186:15120 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes] + 281 UDP 192.168.1.34:13021 -> 157.55.130.145:443 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes] + 282 UDP 192.168.1.34:13021 -> 176.97.100.249:26635 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes] + 283 IGMP 192.168.1.34:0 -> 224.0.0.251:0 [proto: 82/IGMP][cat: Network/14][1 pkts/46 bytes -> 0 pkts/0 bytes] Undetected flows: @@ -309,5 +310,4 @@ Undetected flows: 7 TCP 192.168.1.34:50144 <-> 78.202.226.115:29059 [proto: 0/Unknown][10 pkts/797 bytes <-> 4 pkts/342 bytes] 8 TCP 192.168.1.34:50145 -> 157.56.53.51:12350 [proto: 0/Unknown][8 pkts/608 bytes -> 0 pkts/0 bytes] 9 UDP 192.168.1.34:49511 -> 192.168.1.1:5351 [proto: 0/Unknown][4 pkts/216 bytes -> 0 pkts/0 bytes] - 10 UDP 192.168.1.34:54067 -> 192.168.1.1:5351 [proto: 0/Unknown][4 pkts/216 bytes -> 0 pkts/0 bytes] - 11 TCP 192.168.1.34:50140 <-> 76.167.161.6:20274 [proto: 0/Unknown][2 pkts/132 bytes <-> 1 pkts/74 bytes] + 10 TCP 192.168.1.34:50140 <-> 76.167.161.6:20274 [proto: 0/Unknown][2 pkts/132 bytes <-> 1 pkts/74 bytes] diff --git a/tests/result/skype_no_unknown.pcap.out b/tests/result/skype_no_unknown.pcap.out index 1c43d3161..a278e42eb 100644 --- a/tests/result/skype_no_unknown.pcap.out +++ b/tests/result/skype_no_unknown.pcap.out @@ -1,4 +1,4 @@ -Unknown 186 61791 12 +Unknown 183 61585 11 DNS 2 267 1 MDNS 3 400 2 NetBIOS 22 3106 7 @@ -8,7 +8,7 @@ ICMP 4 328 1 IGMP 4 226 4 SSL 79 7742 6 Dropbox 16 7342 5 -Skype 607 129455 45 +Skype 610 129661 46 Apple 76 19581 1 MS_OneDrive 348 181687 1 ApplePush 8 1118 1 @@ -114,160 +114,161 @@ ApplePush 8 1118 1 99 UDP [fe80::c62c:3ff:fe06:49fe]:5353 -> [ff02::fb]:5353 [proto: 8/MDNS][cat: Network/14][2 pkts/258 bytes -> 0 pkts/0 bytes] 100 UDP 192.168.1.92:138 -> 192.168.1.255:138 [proto: 10/NetBIOS][cat: System/18][1 pkts/216 bytes -> 0 pkts/0 bytes] 101 TCP 192.168.1.34:51283 <-> 111.221.74.48:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][2 pkts/132 bytes <-> 1 pkts/74 bytes] - 102 UDP 192.168.1.34:59788 <-> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][1 pkts/82 bytes <-> 1 pkts/98 bytes][Host: e4593.g.akamaiedge.net] - 103 UDP 192.168.1.34:63661 <-> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][1 pkts/82 bytes <-> 1 pkts/98 bytes][Host: e4593.g.akamaiedge.net] - 104 UDP 192.168.1.92:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network/14][1 pkts/142 bytes -> 0 pkts/0 bytes][Lucas-iMac.local] - 105 UDP 192.168.1.92:137 -> 192.168.1.255:137 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes -> 0 pkts/0 bytes] - 106 UDP 192.168.1.92:53826 -> 192.168.1.255:137 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes -> 0 pkts/0 bytes] - 107 UDP 192.168.1.34:61016 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][1 pkts/80 bytes -> 0 pkts/0 bytes][Host: apps.skypeassets.com] - 108 UDP 192.168.1.34:13021 -> 64.4.23.148:40029 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] - 109 UDP 192.168.1.34:13021 -> 64.4.23.171:40031 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] - 110 UDP 192.168.1.34:13021 -> 65.55.223.27:40029 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] - 111 UDP 192.168.1.34:13021 -> 111.221.74.40:40025 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] - 112 UDP 192.168.1.34:13021 -> 111.221.77.151:40029 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] - 113 UDP 192.168.1.34:13021 -> 111.221.77.173:40012 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] - 114 UDP 192.168.1.34:13021 -> 157.55.56.147:40014 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] - 115 UDP 192.168.1.34:13021 -> 157.55.130.167:40031 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] - 116 UDP 192.168.1.34:13021 -> 157.55.235.144:40032 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] - 117 UDP 192.168.1.34:13021 -> 157.56.52.15:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] - 118 UDP 192.168.1.34:13021 -> 213.199.179.141:40015 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] - 119 UDP 192.168.1.34:13021 -> 213.199.179.156:40031 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] - 120 UDP 192.168.1.34:13021 -> 64.4.23.143:40018 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] - 121 UDP 192.168.1.34:13021 -> 111.221.74.28:40026 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] - 122 UDP 192.168.1.34:13021 -> 111.221.77.170:40021 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] - 123 UDP 192.168.1.34:13021 -> 157.56.52.39:40031 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] - 124 UDP 192.168.1.34:13021 -> 157.56.52.43:40006 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] - 125 UDP 192.168.1.34:13021 -> 213.199.179.143:40018 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] - 126 UDP 192.168.1.34:13021 -> 213.199.179.154:40017 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] - 127 UDP 192.168.1.34:13021 -> 213.199.179.165:40004 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] - 128 UDP 192.168.1.34:13021 -> 65.55.223.15:40030 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 129 UDP 192.168.1.34:13021 -> 65.55.223.24:40029 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 130 UDP 192.168.1.34:13021 -> 65.55.223.32:40022 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 131 UDP 192.168.1.34:13021 -> 65.55.223.43:40006 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 132 UDP 192.168.1.34:13021 -> 111.221.74.20:40033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 133 UDP 192.168.1.34:13021 -> 111.221.77.154:40017 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 134 UDP 192.168.1.34:13021 -> 157.55.130.149:40011 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 135 UDP 192.168.1.34:13021 -> 157.55.235.168:40024 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 136 UDP 192.168.1.34:13021 -> 157.56.52.18:33033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 137 UDP 192.168.1.34:13021 -> 157.56.52.20:40033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 138 UDP 192.168.1.34:13021 -> 213.199.179.160:40030 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 139 UDP 192.168.1.34:13021 -> 64.4.23.158:40021 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] - 140 UDP 192.168.1.34:13021 -> 64.4.23.173:40017 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] - 141 UDP 192.168.1.34:13021 -> 65.55.223.42:40024 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] - 142 UDP 192.168.1.34:13021 -> 65.55.223.44:40020 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] - 143 UDP 192.168.1.34:13021 -> 111.221.74.33:40011 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] - 144 UDP 192.168.1.34:13021 -> 111.221.77.165:40004 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] - 145 UDP 192.168.1.34:13021 -> 157.55.56.140:40003 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] - 146 UDP 192.168.1.34:13021 -> 157.55.56.170:40015 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] - 147 UDP 192.168.1.34:13021 -> 157.55.130.165:40028 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] - 148 UDP 192.168.1.34:13021 -> 157.55.130.170:40018 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] - 149 UDP 192.168.1.34:13021 -> 157.55.235.146:33033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] - 150 UDP 192.168.1.34:13021 -> 157.56.52.25:40010 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] - 151 UDP 192.168.1.34:13021 -> 213.199.179.172:40011 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] - 152 UDP 192.168.1.34:13021 -> 64.4.23.165:40004 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] - 153 UDP 192.168.1.34:13021 -> 111.221.77.149:40016 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] - 154 UDP 192.168.1.34:13021 -> 157.55.235.148:40033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] - 155 UDP 192.168.1.34:13021 -> 157.56.52.13:40021 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] - 156 UDP 192.168.1.34:13021 -> 157.56.52.38:40015 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] - 157 UDP 192.168.1.34:13021 -> 157.56.52.42:40005 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] - 158 UDP 192.168.1.34:13021 -> 213.199.179.146:33033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] - 159 UDP 192.168.1.34:13021 -> 64.4.23.155:40004 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] - 160 UDP 192.168.1.34:13021 -> 65.55.223.22:40009 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] - 161 UDP 192.168.1.34:13021 -> 65.55.223.28:40014 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] - 162 UDP 192.168.1.34:13021 -> 65.55.223.33:40002 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] - 163 UDP 192.168.1.34:13021 -> 157.55.235.155:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] - 164 UDP 192.168.1.34:13021 -> 157.55.235.175:40023 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] - 165 UDP 192.168.1.34:13021 -> 64.4.23.145:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] - 166 UDP 192.168.1.34:13021 -> 111.221.74.19:40001 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] - 167 UDP 192.168.1.34:13021 -> 111.221.74.34:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] - 168 UDP 192.168.1.34:13021 -> 157.55.130.146:40033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] - 169 UDP 192.168.1.34:13021 -> 157.55.235.158:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] - 170 UDP 192.168.1.34:13021 -> 157.55.235.176:40031 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] - 171 UDP 192.168.1.34:13021 -> 213.199.179.149:40030 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] - 172 UDP 192.168.1.34:13021 -> 64.4.23.142:40023 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] - 173 UDP 192.168.1.34:13021 -> 111.221.74.24:40032 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] - 174 UDP 192.168.1.34:13021 -> 111.221.77.159:40031 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] - 175 UDP 192.168.1.34:13021 -> 157.55.56.142:40013 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] - 176 UDP 192.168.1.34:13021 -> 157.55.56.145:40008 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] - 177 UDP 192.168.1.34:13021 -> 157.55.130.140:40011 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] - 178 UDP 192.168.1.34:13021 -> 157.55.130.148:40019 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] - 179 UDP 192.168.1.34:13021 -> 157.55.130.152:40022 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] - 180 UDP 192.168.1.34:13021 -> 157.55.130.173:40003 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] - 181 UDP 192.168.1.34:13021 -> 157.55.235.174:40019 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] - 182 UDP 192.168.1.34:13021 -> 157.56.52.27:40025 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] - 183 UDP 192.168.1.34:13021 -> 213.199.179.173:40013 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] - 184 UDP 192.168.1.34:13021 -> 64.4.23.149:40030 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] - 185 UDP 192.168.1.34:13021 -> 65.55.223.13:40009 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] - 186 UDP 192.168.1.34:13021 -> 111.221.74.15:40026 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] - 187 UDP 192.168.1.34:13021 -> 157.55.56.146:40030 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] - 188 UDP 192.168.1.34:13021 -> 157.55.130.150:40007 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] - 189 UDP 192.168.1.34:13021 -> 157.55.130.171:40012 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] - 190 UDP 192.168.1.34:13021 -> 157.55.235.143:40030 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] - 191 UDP 192.168.1.34:13021 -> 157.56.52.33:40002 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] - 192 UDP 192.168.1.34:13021 -> 213.199.179.174:40025 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] - 193 UDP 192.168.1.34:13021 -> 64.4.23.154:40032 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 194 UDP 192.168.1.34:13021 -> 65.55.223.16:40032 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 195 UDP 192.168.1.34:13021 -> 65.55.223.17:40025 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 196 UDP 192.168.1.34:13021 -> 65.55.223.65:33033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 197 UDP 192.168.1.34:13021 -> 111.221.74.27:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 198 UDP 192.168.1.34:13021 -> 111.221.74.44:40019 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 199 UDP 192.168.1.34:13021 -> 111.221.77.146:33033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 200 UDP 192.168.1.34:13021 -> 111.221.77.160:40016 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 201 UDP 192.168.1.34:13021 -> 157.56.52.24:40032 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 202 UDP 192.168.1.34:13021 -> 213.199.179.140:40003 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 203 UDP 192.168.1.34:13021 -> 64.4.23.151:40029 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] - 204 UDP 192.168.1.34:13021 -> 64.4.23.176:40001 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] - 205 UDP 192.168.1.34:13021 -> 157.55.130.146:33033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] - 206 UDP 192.168.1.34:13021 -> 157.55.235.172:40020 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] - 207 UDP 192.168.1.34:13021 -> 213.199.179.144:40009 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] - 208 UDP 192.168.1.34:13021 -> 111.221.77.145:40024 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] - 209 UDP 192.168.1.34:13021 -> 157.55.56.150:40014 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] - 210 UDP 192.168.1.34:13021 -> 157.55.130.175:40006 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] - 211 UDP 192.168.1.34:13021 -> 157.55.235.160:40022 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] - 212 UDP 192.168.1.34:13021 -> 157.56.52.19:40020 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] - 213 UDP 192.168.1.34:13021 -> 213.199.179.146:40030 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] - 214 UDP 192.168.1.34:13021 -> 64.4.23.140:40003 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 215 UDP 192.168.1.34:13021 -> 65.55.223.18:33033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 216 UDP 192.168.1.34:13021 -> 65.55.223.18:40025 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 217 UDP 192.168.1.34:13021 -> 111.221.74.18:33033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 218 UDP 192.168.1.34:13021 -> 111.221.74.42:40006 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 219 UDP 192.168.1.34:13021 -> 111.221.74.43:40001 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 220 UDP 192.168.1.34:13021 -> 111.221.74.46:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 221 UDP 192.168.1.34:13021 -> 111.221.77.143:40022 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 222 UDP 192.168.1.34:13021 -> 157.55.56.161:40031 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 223 UDP 192.168.1.34:13021 -> 157.55.56.167:40024 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 224 UDP 192.168.1.34:13021 -> 157.55.130.144:40016 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 225 UDP 192.168.1.34:13021 -> 157.55.130.160:40008 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 226 UDP 192.168.1.34:13021 -> 157.55.235.166:40015 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 227 UDP 192.168.1.34:13021 -> 157.56.52.12:40031 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 228 UDP 192.168.1.34:13021 -> 157.56.52.29:40010 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 229 UDP 192.168.1.34:13021 -> 64.4.23.146:33033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] - 230 UDP 192.168.1.34:13021 -> 64.4.23.170:40011 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] - 231 UDP 192.168.1.34:13021 -> 65.55.223.20:40023 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] - 232 UDP 192.168.1.34:13021 -> 157.55.56.143:40018 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] - 233 UDP 192.168.1.34:13021 -> 157.55.130.154:40013 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] - 234 UDP 192.168.1.34:13021 -> 157.55.235.162:40033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] - 235 UDP 192.168.1.34:13021 -> 157.55.235.171:40006 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] - 236 UDP 192.168.1.34:13021 -> 157.56.52.16:40032 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] - 237 UDP 192.168.1.34:13021 -> 157.56.52.17:40013 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] - 238 UDP 192.168.1.34:13021 -> 111.221.74.13:40009 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] - 239 UDP 192.168.1.34:13021 -> 111.221.74.38:40015 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] - 240 UDP 192.168.1.34:13021 -> 111.221.77.171:40030 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] - 241 UDP 192.168.1.34:13021 -> 157.55.130.156:40019 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] - 242 UDP 192.168.1.34:13021 -> 157.55.130.157:40013 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] - 243 UDP 192.168.1.34:13021 -> 157.55.130.159:40016 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] - 244 UDP 192.168.1.34:13021 -> 157.55.235.167:40029 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] - 245 UDP 192.168.1.34:13021 -> 157.56.52.40:40017 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] - 246 UDP 192.168.1.34:13021 -> 213.199.179.145:40024 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] - 247 IGMP 192.168.1.219:0 -> 224.0.0.22:0 [proto: 82/IGMP][cat: Network/14][1 pkts/60 bytes -> 0 pkts/0 bytes] - 248 IGMP 192.168.1.219:0 -> 233.89.188.1:0 [proto: 82/IGMP][cat: Network/14][1 pkts/60 bytes -> 0 pkts/0 bytes] - 249 IGMP 192.168.1.229:0 -> 224.0.0.251:0 [proto: 82/IGMP][cat: Network/14][1 pkts/60 bytes -> 0 pkts/0 bytes] - 250 UDP 192.168.1.34:13021 -> 111.221.74.14:443 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes] - 251 UDP 192.168.1.34:13021 -> 133.236.67.25:49195 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes] - 252 UDP 192.168.1.34:13021 -> 157.55.235.141:443 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes] - 253 UDP 192.168.1.34:13021 -> 189.138.161.88:19521 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes] - 254 UDP 192.168.1.34:13021 -> 189.188.134.174:22436 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes] - 255 IGMP 192.168.0.254:0 -> 224.0.0.1:0 [proto: 82/IGMP][cat: Network/14][1 pkts/46 bytes -> 0 pkts/0 bytes] + 102 TCP 192.168.1.34:51300 <-> 76.167.161.6:20274 [proto: 125/Skype][cat: VoIP/10][2 pkts/132 bytes <-> 1 pkts/74 bytes] + 103 UDP 192.168.1.34:59788 <-> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][1 pkts/82 bytes <-> 1 pkts/98 bytes][Host: e4593.g.akamaiedge.net] + 104 UDP 192.168.1.34:63661 <-> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][1 pkts/82 bytes <-> 1 pkts/98 bytes][Host: e4593.g.akamaiedge.net] + 105 UDP 192.168.1.92:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network/14][1 pkts/142 bytes -> 0 pkts/0 bytes][Lucas-iMac.local] + 106 UDP 192.168.1.92:137 -> 192.168.1.255:137 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes -> 0 pkts/0 bytes] + 107 UDP 192.168.1.92:53826 -> 192.168.1.255:137 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes -> 0 pkts/0 bytes] + 108 UDP 192.168.1.34:61016 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][1 pkts/80 bytes -> 0 pkts/0 bytes][Host: apps.skypeassets.com] + 109 UDP 192.168.1.34:13021 -> 64.4.23.148:40029 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] + 110 UDP 192.168.1.34:13021 -> 64.4.23.171:40031 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] + 111 UDP 192.168.1.34:13021 -> 65.55.223.27:40029 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] + 112 UDP 192.168.1.34:13021 -> 111.221.74.40:40025 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] + 113 UDP 192.168.1.34:13021 -> 111.221.77.151:40029 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] + 114 UDP 192.168.1.34:13021 -> 111.221.77.173:40012 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] + 115 UDP 192.168.1.34:13021 -> 157.55.56.147:40014 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] + 116 UDP 192.168.1.34:13021 -> 157.55.130.167:40031 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] + 117 UDP 192.168.1.34:13021 -> 157.55.235.144:40032 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] + 118 UDP 192.168.1.34:13021 -> 157.56.52.15:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] + 119 UDP 192.168.1.34:13021 -> 213.199.179.141:40015 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] + 120 UDP 192.168.1.34:13021 -> 213.199.179.156:40031 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] + 121 UDP 192.168.1.34:13021 -> 64.4.23.143:40018 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] + 122 UDP 192.168.1.34:13021 -> 111.221.74.28:40026 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] + 123 UDP 192.168.1.34:13021 -> 111.221.77.170:40021 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] + 124 UDP 192.168.1.34:13021 -> 157.56.52.39:40031 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] + 125 UDP 192.168.1.34:13021 -> 157.56.52.43:40006 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] + 126 UDP 192.168.1.34:13021 -> 213.199.179.143:40018 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] + 127 UDP 192.168.1.34:13021 -> 213.199.179.154:40017 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] + 128 UDP 192.168.1.34:13021 -> 213.199.179.165:40004 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] + 129 UDP 192.168.1.34:13021 -> 65.55.223.15:40030 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 130 UDP 192.168.1.34:13021 -> 65.55.223.24:40029 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 131 UDP 192.168.1.34:13021 -> 65.55.223.32:40022 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 132 UDP 192.168.1.34:13021 -> 65.55.223.43:40006 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 133 UDP 192.168.1.34:13021 -> 111.221.74.20:40033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 134 UDP 192.168.1.34:13021 -> 111.221.77.154:40017 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 135 UDP 192.168.1.34:13021 -> 157.55.130.149:40011 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 136 UDP 192.168.1.34:13021 -> 157.55.235.168:40024 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 137 UDP 192.168.1.34:13021 -> 157.56.52.18:33033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 138 UDP 192.168.1.34:13021 -> 157.56.52.20:40033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 139 UDP 192.168.1.34:13021 -> 213.199.179.160:40030 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 140 UDP 192.168.1.34:13021 -> 64.4.23.158:40021 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] + 141 UDP 192.168.1.34:13021 -> 64.4.23.173:40017 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] + 142 UDP 192.168.1.34:13021 -> 65.55.223.42:40024 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] + 143 UDP 192.168.1.34:13021 -> 65.55.223.44:40020 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] + 144 UDP 192.168.1.34:13021 -> 111.221.74.33:40011 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] + 145 UDP 192.168.1.34:13021 -> 111.221.77.165:40004 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] + 146 UDP 192.168.1.34:13021 -> 157.55.56.140:40003 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] + 147 UDP 192.168.1.34:13021 -> 157.55.56.170:40015 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] + 148 UDP 192.168.1.34:13021 -> 157.55.130.165:40028 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] + 149 UDP 192.168.1.34:13021 -> 157.55.130.170:40018 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] + 150 UDP 192.168.1.34:13021 -> 157.55.235.146:33033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] + 151 UDP 192.168.1.34:13021 -> 157.56.52.25:40010 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] + 152 UDP 192.168.1.34:13021 -> 213.199.179.172:40011 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] + 153 UDP 192.168.1.34:13021 -> 64.4.23.165:40004 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] + 154 UDP 192.168.1.34:13021 -> 111.221.77.149:40016 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] + 155 UDP 192.168.1.34:13021 -> 157.55.235.148:40033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] + 156 UDP 192.168.1.34:13021 -> 157.56.52.13:40021 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] + 157 UDP 192.168.1.34:13021 -> 157.56.52.38:40015 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] + 158 UDP 192.168.1.34:13021 -> 157.56.52.42:40005 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] + 159 UDP 192.168.1.34:13021 -> 213.199.179.146:33033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] + 160 UDP 192.168.1.34:13021 -> 64.4.23.155:40004 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] + 161 UDP 192.168.1.34:13021 -> 65.55.223.22:40009 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] + 162 UDP 192.168.1.34:13021 -> 65.55.223.28:40014 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] + 163 UDP 192.168.1.34:13021 -> 65.55.223.33:40002 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] + 164 UDP 192.168.1.34:13021 -> 157.55.235.155:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] + 165 UDP 192.168.1.34:13021 -> 157.55.235.175:40023 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] + 166 UDP 192.168.1.34:13021 -> 64.4.23.145:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] + 167 UDP 192.168.1.34:13021 -> 111.221.74.19:40001 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] + 168 UDP 192.168.1.34:13021 -> 111.221.74.34:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] + 169 UDP 192.168.1.34:13021 -> 157.55.130.146:40033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] + 170 UDP 192.168.1.34:13021 -> 157.55.235.158:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] + 171 UDP 192.168.1.34:13021 -> 157.55.235.176:40031 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] + 172 UDP 192.168.1.34:13021 -> 213.199.179.149:40030 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] + 173 UDP 192.168.1.34:13021 -> 64.4.23.142:40023 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] + 174 UDP 192.168.1.34:13021 -> 111.221.74.24:40032 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] + 175 UDP 192.168.1.34:13021 -> 111.221.77.159:40031 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] + 176 UDP 192.168.1.34:13021 -> 157.55.56.142:40013 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] + 177 UDP 192.168.1.34:13021 -> 157.55.56.145:40008 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] + 178 UDP 192.168.1.34:13021 -> 157.55.130.140:40011 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] + 179 UDP 192.168.1.34:13021 -> 157.55.130.148:40019 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] + 180 UDP 192.168.1.34:13021 -> 157.55.130.152:40022 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] + 181 UDP 192.168.1.34:13021 -> 157.55.130.173:40003 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] + 182 UDP 192.168.1.34:13021 -> 157.55.235.174:40019 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] + 183 UDP 192.168.1.34:13021 -> 157.56.52.27:40025 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] + 184 UDP 192.168.1.34:13021 -> 213.199.179.173:40013 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] + 185 UDP 192.168.1.34:13021 -> 64.4.23.149:40030 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] + 186 UDP 192.168.1.34:13021 -> 65.55.223.13:40009 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] + 187 UDP 192.168.1.34:13021 -> 111.221.74.15:40026 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] + 188 UDP 192.168.1.34:13021 -> 157.55.56.146:40030 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] + 189 UDP 192.168.1.34:13021 -> 157.55.130.150:40007 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] + 190 UDP 192.168.1.34:13021 -> 157.55.130.171:40012 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] + 191 UDP 192.168.1.34:13021 -> 157.55.235.143:40030 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] + 192 UDP 192.168.1.34:13021 -> 157.56.52.33:40002 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] + 193 UDP 192.168.1.34:13021 -> 213.199.179.174:40025 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] + 194 UDP 192.168.1.34:13021 -> 64.4.23.154:40032 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 195 UDP 192.168.1.34:13021 -> 65.55.223.16:40032 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 196 UDP 192.168.1.34:13021 -> 65.55.223.17:40025 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 197 UDP 192.168.1.34:13021 -> 65.55.223.65:33033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 198 UDP 192.168.1.34:13021 -> 111.221.74.27:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 199 UDP 192.168.1.34:13021 -> 111.221.74.44:40019 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 200 UDP 192.168.1.34:13021 -> 111.221.77.146:33033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 201 UDP 192.168.1.34:13021 -> 111.221.77.160:40016 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 202 UDP 192.168.1.34:13021 -> 157.56.52.24:40032 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 203 UDP 192.168.1.34:13021 -> 213.199.179.140:40003 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 204 UDP 192.168.1.34:13021 -> 64.4.23.151:40029 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] + 205 UDP 192.168.1.34:13021 -> 64.4.23.176:40001 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] + 206 UDP 192.168.1.34:13021 -> 157.55.130.146:33033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] + 207 UDP 192.168.1.34:13021 -> 157.55.235.172:40020 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] + 208 UDP 192.168.1.34:13021 -> 213.199.179.144:40009 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] + 209 UDP 192.168.1.34:13021 -> 111.221.77.145:40024 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] + 210 UDP 192.168.1.34:13021 -> 157.55.56.150:40014 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] + 211 UDP 192.168.1.34:13021 -> 157.55.130.175:40006 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] + 212 UDP 192.168.1.34:13021 -> 157.55.235.160:40022 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] + 213 UDP 192.168.1.34:13021 -> 157.56.52.19:40020 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] + 214 UDP 192.168.1.34:13021 -> 213.199.179.146:40030 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] + 215 UDP 192.168.1.34:13021 -> 64.4.23.140:40003 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 216 UDP 192.168.1.34:13021 -> 65.55.223.18:33033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 217 UDP 192.168.1.34:13021 -> 65.55.223.18:40025 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 218 UDP 192.168.1.34:13021 -> 111.221.74.18:33033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 219 UDP 192.168.1.34:13021 -> 111.221.74.42:40006 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 220 UDP 192.168.1.34:13021 -> 111.221.74.43:40001 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 221 UDP 192.168.1.34:13021 -> 111.221.74.46:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 222 UDP 192.168.1.34:13021 -> 111.221.77.143:40022 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 223 UDP 192.168.1.34:13021 -> 157.55.56.161:40031 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 224 UDP 192.168.1.34:13021 -> 157.55.56.167:40024 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 225 UDP 192.168.1.34:13021 -> 157.55.130.144:40016 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 226 UDP 192.168.1.34:13021 -> 157.55.130.160:40008 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 227 UDP 192.168.1.34:13021 -> 157.55.235.166:40015 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 228 UDP 192.168.1.34:13021 -> 157.56.52.12:40031 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 229 UDP 192.168.1.34:13021 -> 157.56.52.29:40010 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 230 UDP 192.168.1.34:13021 -> 64.4.23.146:33033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] + 231 UDP 192.168.1.34:13021 -> 64.4.23.170:40011 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] + 232 UDP 192.168.1.34:13021 -> 65.55.223.20:40023 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] + 233 UDP 192.168.1.34:13021 -> 157.55.56.143:40018 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] + 234 UDP 192.168.1.34:13021 -> 157.55.130.154:40013 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] + 235 UDP 192.168.1.34:13021 -> 157.55.235.162:40033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] + 236 UDP 192.168.1.34:13021 -> 157.55.235.171:40006 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] + 237 UDP 192.168.1.34:13021 -> 157.56.52.16:40032 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] + 238 UDP 192.168.1.34:13021 -> 157.56.52.17:40013 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] + 239 UDP 192.168.1.34:13021 -> 111.221.74.13:40009 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] + 240 UDP 192.168.1.34:13021 -> 111.221.74.38:40015 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] + 241 UDP 192.168.1.34:13021 -> 111.221.77.171:40030 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] + 242 UDP 192.168.1.34:13021 -> 157.55.130.156:40019 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] + 243 UDP 192.168.1.34:13021 -> 157.55.130.157:40013 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] + 244 UDP 192.168.1.34:13021 -> 157.55.130.159:40016 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] + 245 UDP 192.168.1.34:13021 -> 157.55.235.167:40029 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] + 246 UDP 192.168.1.34:13021 -> 157.56.52.40:40017 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] + 247 UDP 192.168.1.34:13021 -> 213.199.179.145:40024 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] + 248 IGMP 192.168.1.219:0 -> 224.0.0.22:0 [proto: 82/IGMP][cat: Network/14][1 pkts/60 bytes -> 0 pkts/0 bytes] + 249 IGMP 192.168.1.219:0 -> 233.89.188.1:0 [proto: 82/IGMP][cat: Network/14][1 pkts/60 bytes -> 0 pkts/0 bytes] + 250 IGMP 192.168.1.229:0 -> 224.0.0.251:0 [proto: 82/IGMP][cat: Network/14][1 pkts/60 bytes -> 0 pkts/0 bytes] + 251 UDP 192.168.1.34:13021 -> 111.221.74.14:443 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes] + 252 UDP 192.168.1.34:13021 -> 133.236.67.25:49195 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes] + 253 UDP 192.168.1.34:13021 -> 157.55.235.141:443 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes] + 254 UDP 192.168.1.34:13021 -> 189.138.161.88:19521 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes] + 255 UDP 192.168.1.34:13021 -> 189.188.134.174:22436 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes] + 256 IGMP 192.168.0.254:0 -> 224.0.0.1:0 [proto: 82/IGMP][cat: Network/14][1 pkts/46 bytes -> 0 pkts/0 bytes] Undetected flows: @@ -281,5 +282,4 @@ Undetected flows: 8 TCP 192.168.1.34:51303 -> 80.121.84.93:62381 [proto: 0/Unknown][7 pkts/546 bytes -> 0 pkts/0 bytes] 9 TCP 192.168.1.34:51306 -> 80.121.84.93:62381 [proto: 0/Unknown][6 pkts/468 bytes -> 0 pkts/0 bytes] 10 UDP 192.168.1.34:59052 -> 192.168.1.1:5351 [proto: 0/Unknown][4 pkts/216 bytes -> 0 pkts/0 bytes] - 11 TCP 192.168.1.34:51300 <-> 76.167.161.6:20274 [proto: 0/Unknown][2 pkts/132 bytes <-> 1 pkts/74 bytes] - 12 TCP 192.168.1.34:51319 -> 212.161.8.36:13392 [proto: 0/Unknown][1 pkts/78 bytes -> 0 pkts/0 bytes] + 11 TCP 192.168.1.34:51319 -> 212.161.8.36:13392 [proto: 0/Unknown][1 pkts/78 bytes -> 0 pkts/0 bytes] diff --git a/tests/result/viber.pcap.out b/tests/result/viber.pcap.out index 738169827..0c85aae9e 100644 --- a/tests/result/viber.pcap.out +++ b/tests/result/viber.pcap.out @@ -1,3 +1,4 @@ +Unknown 93 13829 4 DNS 8 1267 4 MDNS 4 412 1 ICMP 2 3028 1 @@ -5,7 +6,7 @@ SSL 129 42221 7 ICMPV6 2 140 1 Facebook 2 281 1 Google 2 164 1 -Viber 268 99524 9 +Viber 175 85695 5 QUIC 3 194 1 1 TCP 192.168.0.17:53934 <-> 54.230.93.53:443 [proto: 91.144/SSL.Viber][cat: Chat/9][43 pkts/4571 bytes <-> 46 pkts/60087 bytes][client: dl-media.viber.com][server: *.viber.com] @@ -16,21 +17,24 @@ QUIC 3 194 1 6 TCP 192.168.0.17:36986 <-> 54.69.166.226:443 [proto: 91/SSL][cat: Web/5][11 pkts/1437 bytes <-> 11 pkts/6412 bytes][client: mapi.apptimize.com][server: *.apptimize.com] 7 TCP 192.168.0.17:55746 <-> 151.101.1.130:443 [proto: 91/SSL][cat: Web/5][10 pkts/1534 bytes <-> 9 pkts/6239 bytes][client: venetia.iad.appboy.com][server: y.ssl.fastly.net] 8 TCP 192.168.0.17:36988 <-> 54.69.166.226:443 [proto: 91/SSL][cat: Web/5][11 pkts/1462 bytes <-> 11 pkts/6163 bytes][client: mapi.apptimize.com][server: *.apptimize.com] - 9 UDP 192.168.0.17:47171 <-> 18.201.4.32:7985 [proto: 144/Viber][cat: Chat/9][24 pkts/5035 bytes <-> 22 pkts/2302 bytes] - 10 UDP 192.168.0.17:38190 <-> 18.201.4.3:7985 [proto: 144/Viber][cat: Chat/9][25 pkts/4344 bytes <-> 18 pkts/1872 bytes] - 11 ICMP 192.168.0.17:0 <-> 192.168.0.15:0 [proto: 81/ICMP][cat: Network/14][1 pkts/1514 bytes <-> 1 pkts/1514 bytes] - 12 UDP 192.168.0.17:62872 <-> 192.168.0.15:53 [proto: 5/DNS][cat: Network/14][1 pkts/78 bytes <-> 1 pkts/373 bytes][Host: mapi.apptimize.com] - 13 TCP 192.168.0.17:33744 <-> 18.201.4.3:443 [proto: 91/SSL][cat: Web/5][4 pkts/272 bytes <-> 2 pkts/140 bytes] - 14 TCP 192.168.0.17:45424 <-> 18.201.4.32:443 [proto: 91/SSL][cat: Web/5][4 pkts/272 bytes <-> 2 pkts/140 bytes] - 15 UDP 192.168.0.17:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network/14][4 pkts/412 bytes -> 0 pkts/0 bytes] - 16 UDP 192.168.0.17:35283 <-> 192.168.0.15:53 [proto: 5/DNS][cat: Network/14][1 pkts/74 bytes <-> 1 pkts/303 bytes][Host: app.adjust.com] - 17 UDP 192.168.0.17:45743 <-> 192.168.0.15:53 [proto: 5.119/DNS.Facebook][cat: SocialNetwork/6][1 pkts/78 bytes <-> 1 pkts/203 bytes][Host: graph.facebook.com] - 18 UDP 192.168.0.17:44376 <-> 192.168.0.15:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes <-> 1 pkts/183 bytes][Host: venetia.iad.appboy.com] - 19 UDP 192.168.0.17:37418 <-> 192.168.0.15:53 [proto: 5.144/DNS.Viber][cat: Chat/9][1 pkts/79 bytes <-> 1 pkts/185 bytes][Host: media.cdn.viber.com] - 20 UDP 192.168.0.17:40445 <-> 192.168.0.15:53 [proto: 5.144/DNS.Viber][cat: Chat/9][1 pkts/78 bytes <-> 1 pkts/185 bytes][Host: dl-media.viber.com] - 21 UDP 192.168.0.17:41993 <-> 172.217.23.106:443 [proto: 188/QUIC][cat: Web/5][2 pkts/130 bytes <-> 1 pkts/64 bytes] - 22 UDP 192.168.0.17:35331 <-> 192.168.0.15:53 [proto: 5/DNS][cat: Network/14][1 pkts/79 bytes <-> 1 pkts/95 bytes][Host: app-measurement.com] - 23 UDP 192.168.0.17:50097 <-> 192.168.0.15:53 [proto: 5.126/DNS.Google][cat: Web/5][1 pkts/74 bytes <-> 1 pkts/90 bytes][Host: www.google.com] - 24 ICMPV6 [fe80::3207:4dff:fea3:5fa7]:0 -> [ff02::2]:0 [proto: 102/ICMPV6][cat: Network/14][2 pkts/140 bytes -> 0 pkts/0 bytes] - 25 UDP 192.168.0.17:38190 <-> 18.201.4.3:7987 [proto: 144/Viber][cat: Chat/9][1 pkts/76 bytes <-> 1 pkts/62 bytes] - 26 UDP 192.168.0.17:47171 <-> 18.201.4.32:7987 [proto: 144/Viber][cat: Chat/9][1 pkts/76 bytes <-> 1 pkts/62 bytes] + 9 ICMP 192.168.0.17:0 <-> 192.168.0.15:0 [proto: 81/ICMP][cat: Network/14][1 pkts/1514 bytes <-> 1 pkts/1514 bytes] + 10 UDP 192.168.0.17:62872 <-> 192.168.0.15:53 [proto: 5/DNS][cat: Network/14][1 pkts/78 bytes <-> 1 pkts/373 bytes][Host: mapi.apptimize.com] + 11 TCP 192.168.0.17:33744 <-> 18.201.4.3:443 [proto: 91/SSL][cat: Web/5][4 pkts/272 bytes <-> 2 pkts/140 bytes] + 12 TCP 192.168.0.17:45424 <-> 18.201.4.32:443 [proto: 91/SSL][cat: Web/5][4 pkts/272 bytes <-> 2 pkts/140 bytes] + 13 UDP 192.168.0.17:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network/14][4 pkts/412 bytes -> 0 pkts/0 bytes] + 14 UDP 192.168.0.17:35283 <-> 192.168.0.15:53 [proto: 5/DNS][cat: Network/14][1 pkts/74 bytes <-> 1 pkts/303 bytes][Host: app.adjust.com] + 15 UDP 192.168.0.17:45743 <-> 192.168.0.15:53 [proto: 5.119/DNS.Facebook][cat: SocialNetwork/6][1 pkts/78 bytes <-> 1 pkts/203 bytes][Host: graph.facebook.com] + 16 UDP 192.168.0.17:44376 <-> 192.168.0.15:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes <-> 1 pkts/183 bytes][Host: venetia.iad.appboy.com] + 17 UDP 192.168.0.17:37418 <-> 192.168.0.15:53 [proto: 5.144/DNS.Viber][cat: Chat/9][1 pkts/79 bytes <-> 1 pkts/185 bytes][Host: media.cdn.viber.com] + 18 UDP 192.168.0.17:40445 <-> 192.168.0.15:53 [proto: 5.144/DNS.Viber][cat: Chat/9][1 pkts/78 bytes <-> 1 pkts/185 bytes][Host: dl-media.viber.com] + 19 UDP 192.168.0.17:41993 <-> 172.217.23.106:443 [proto: 188/QUIC][cat: Web/5][2 pkts/130 bytes <-> 1 pkts/64 bytes] + 20 UDP 192.168.0.17:35331 <-> 192.168.0.15:53 [proto: 5/DNS][cat: Network/14][1 pkts/79 bytes <-> 1 pkts/95 bytes][Host: app-measurement.com] + 21 UDP 192.168.0.17:50097 <-> 192.168.0.15:53 [proto: 5.126/DNS.Google][cat: Web/5][1 pkts/74 bytes <-> 1 pkts/90 bytes][Host: www.google.com] + 22 ICMPV6 [fe80::3207:4dff:fea3:5fa7]:0 -> [ff02::2]:0 [proto: 102/ICMPV6][cat: Network/14][2 pkts/140 bytes -> 0 pkts/0 bytes] + + +Undetected flows: + 1 UDP 192.168.0.17:47171 <-> 18.201.4.32:7985 [proto: 0/Unknown][24 pkts/5035 bytes <-> 22 pkts/2302 bytes] + 2 UDP 192.168.0.17:38190 <-> 18.201.4.3:7985 [proto: 0/Unknown][25 pkts/4344 bytes <-> 18 pkts/1872 bytes] + 3 UDP 192.168.0.17:38190 <-> 18.201.4.3:7987 [proto: 0/Unknown][1 pkts/76 bytes <-> 1 pkts/62 bytes] + 4 UDP 192.168.0.17:47171 <-> 18.201.4.32:7987 [proto: 0/Unknown][1 pkts/76 bytes <-> 1 pkts/62 bytes] diff --git a/tests/result/waze.pcap.out b/tests/result/waze.pcap.out index 5b183ea2c..bdb4acf91 100644 --- a/tests/result/waze.pcap.out +++ b/tests/result/waze.pcap.out @@ -1,4 +1,3 @@ -Unknown 10 786 1 HTTP 28 1572 7 NTP 2 180 1 HTTP_Download 37 63205 1 @@ -6,6 +5,7 @@ SSL_No_Cert 13 2142 1 SSL 8 432 2 Waze 484 289335 19 WhatsApp 15 1341 1 +Amazon 10 786 1 1 TCP 10.8.0.1:36100 <-> 46.51.173.182:443 [proto: 91.135/SSL.Waze][cat: Web/5][52 pkts/10860 bytes <-> 55 pkts/74852 bytes][server: *.world.waze.com] 2 TCP 10.8.0.1:54915 <-> 65.39.128.135:80 [proto: 7.60/HTTP.HTTP_Download][cat: Download-FileTransfer-FileSharing/7][19 pkts/1309 bytes <-> 18 pkts/61896 bytes][Host: xtra1.gpsonextra.net] @@ -29,17 +29,14 @@ WhatsApp 15 1341 1 20 TCP 10.8.0.1:45552 <-> 54.230.227.172:80 [proto: 7.135/HTTP.Waze][cat: Web/5][7 pkts/552 bytes <-> 7 pkts/771 bytes][Host: cres.waze.com] 21 TCP 10.8.0.1:45554 <-> 54.230.227.172:80 [proto: 7.135/HTTP.Waze][cat: Web/5][7 pkts/550 bytes <-> 7 pkts/769 bytes][Host: cres.waze.com] 22 TCP 10.8.0.1:45540 <-> 54.230.227.172:80 [proto: 7.135/HTTP.Waze][cat: Web/5][7 pkts/553 bytes <-> 7 pkts/733 bytes][Host: roadshields.waze.com] - 23 TCP 10.16.37.157:41823 <-> 200.160.4.49:80 [proto: 7/HTTP][cat: Web/5][2 pkts/120 bytes <-> 2 pkts/108 bytes] - 24 TCP 10.16.37.157:43991 <-> 200.160.4.31:80 [proto: 7/HTTP][cat: Web/5][2 pkts/120 bytes <-> 2 pkts/108 bytes] - 25 TCP 10.16.37.157:46473 <-> 200.160.4.49:80 [proto: 7/HTTP][cat: Web/5][2 pkts/120 bytes <-> 2 pkts/108 bytes] - 26 TCP 10.16.37.157:52746 <-> 200.160.4.49:80 [proto: 7/HTTP][cat: Web/5][2 pkts/120 bytes <-> 2 pkts/108 bytes] - 27 TCP 10.16.37.157:52953 <-> 200.160.4.49:80 [proto: 7/HTTP][cat: Web/5][2 pkts/120 bytes <-> 2 pkts/108 bytes] - 28 TCP 10.8.0.1:43089 <-> 200.160.4.198:443 [proto: 91/SSL][cat: Web/5][2 pkts/108 bytes <-> 2 pkts/108 bytes] - 29 TCP 10.8.0.1:45169 <-> 200.160.4.198:80 [proto: 7/HTTP][cat: Web/5][2 pkts/108 bytes <-> 2 pkts/108 bytes] - 30 TCP 10.8.0.1:60479 <-> 200.160.4.49:443 [proto: 91/SSL][cat: Web/5][2 pkts/108 bytes <-> 2 pkts/108 bytes] - 31 TCP 10.8.0.1:60574 <-> 200.160.4.49:80 [proto: 7/HTTP][cat: Web/5][2 pkts/108 bytes <-> 2 pkts/108 bytes] - 32 UDP 10.8.0.1:46214 <-> 200.89.75.198:123 [proto: 9/NTP][cat: System/18][1 pkts/90 bytes <-> 1 pkts/90 bytes] - - -Undetected flows: - 1 TCP 10.16.37.157:42256 <-> 174.37.231.81:5222 [proto: 0/Unknown][8 pkts/678 bytes <-> 2 pkts/108 bytes] + 23 TCP 10.16.37.157:42256 <-> 174.37.231.81:5222 [proto: 91.178/SSL.Amazon][cat: Web/5][8 pkts/678 bytes <-> 2 pkts/108 bytes] + 24 TCP 10.16.37.157:41823 <-> 200.160.4.49:80 [proto: 7/HTTP][cat: Web/5][2 pkts/120 bytes <-> 2 pkts/108 bytes] + 25 TCP 10.16.37.157:43991 <-> 200.160.4.31:80 [proto: 7/HTTP][cat: Web/5][2 pkts/120 bytes <-> 2 pkts/108 bytes] + 26 TCP 10.16.37.157:46473 <-> 200.160.4.49:80 [proto: 7/HTTP][cat: Web/5][2 pkts/120 bytes <-> 2 pkts/108 bytes] + 27 TCP 10.16.37.157:52746 <-> 200.160.4.49:80 [proto: 7/HTTP][cat: Web/5][2 pkts/120 bytes <-> 2 pkts/108 bytes] + 28 TCP 10.16.37.157:52953 <-> 200.160.4.49:80 [proto: 7/HTTP][cat: Web/5][2 pkts/120 bytes <-> 2 pkts/108 bytes] + 29 TCP 10.8.0.1:43089 <-> 200.160.4.198:443 [proto: 91/SSL][cat: Web/5][2 pkts/108 bytes <-> 2 pkts/108 bytes] + 30 TCP 10.8.0.1:45169 <-> 200.160.4.198:80 [proto: 7/HTTP][cat: Web/5][2 pkts/108 bytes <-> 2 pkts/108 bytes] + 31 TCP 10.8.0.1:60479 <-> 200.160.4.49:443 [proto: 91/SSL][cat: Web/5][2 pkts/108 bytes <-> 2 pkts/108 bytes] + 32 TCP 10.8.0.1:60574 <-> 200.160.4.49:80 [proto: 7/HTTP][cat: Web/5][2 pkts/108 bytes <-> 2 pkts/108 bytes] + 33 UDP 10.8.0.1:46214 <-> 200.89.75.198:123 [proto: 9/NTP][cat: System/18][1 pkts/90 bytes <-> 1 pkts/90 bytes] -- cgit v1.2.3 From c09284ba276a3caf9dd4a8d9440e35e2808d5551 Mon Sep 17 00:00:00 2001 From: Luca Date: Thu, 29 Nov 2018 08:44:41 +0100 Subject: Improved heuristics Used the host guessed protocol if upper protocol has not been detected --- src/lib/ndpi_content_match.c.inc | 4 +- src/lib/ndpi_main.c | 9 + src/lib/protocols/skype.c | 5 +- tests/result/1kxun.pcap.out | 4 +- tests/result/Instagram.pcap.out | 5 +- tests/result/KakaoTalk_chat.pcap.out | 6 +- tests/result/KakaoTalk_talk.pcap.out | 6 +- tests/result/hangout.pcap.out | 4 +- tests/result/nintendo.pcap.out | 6 +- tests/result/ocs.pcap.out | 13 +- tests/result/pps.pcap.out | 193 ++++++++-------- tests/result/quic.pcap.out | 5 +- tests/result/skype.pcap.out | 362 +++++++++++++++--------------- tests/result/skype_no_unknown.pcap.out | 37 ++- tests/result/snapchat.pcap.out | 4 +- tests/result/starcraft_battle.pcap.out | 5 +- tests/result/viber.pcap.out | 56 +++-- tests/result/waze.pcap.out | 4 +- tests/result/webex.pcap.out | 6 +- tests/result/weibo.pcap.out | 7 +- tests/result/whatsapp_login_call.pcap.out | 12 +- tests/result/whatsapp_login_chat.pcap.out | 5 +- 22 files changed, 378 insertions(+), 380 deletions(-) (limited to 'tests') diff --git a/src/lib/ndpi_content_match.c.inc b/src/lib/ndpi_content_match.c.inc index 7ea9927ec..45cd46484 100644 --- a/src/lib/ndpi_content_match.c.inc +++ b/src/lib/ndpi_content_match.c.inc @@ -118,8 +118,6 @@ static ndpi_network host_protocol_list[] = { { 0x67071E25 /* 103.7.30.37/32 */, 32, NDPI_PROTOCOL_WECHAT }, { 0XCBCDB000 /* 203.205.176.0/20 */, 20, NDPI_PROTOCOL_WECHAT }, { 0XCBCDC000 /* 203.205.192.0/18 */, 18, NDPI_PROTOCOL_WECHAT }, - - /* OpenDNS, LLC @@ -814,7 +812,7 @@ static ndpi_network host_protocol_list[] = { /* Canonical Ltd (Ubuntu) - origin AS41231 + origin AS41231z */ { 0x5BBD5800 /* 91.189.88.0/21 */, 21, NDPI_PROTOCOL_UBUNTUONE }, diff --git a/src/lib/ndpi_main.c b/src/lib/ndpi_main.c index 00707cd8a..0812e63ac 100644 --- a/src/lib/ndpi_main.c +++ b/src/lib/ndpi_main.c @@ -5179,6 +5179,15 @@ void ndpi_int_change_protocol(struct ndpi_detection_module_struct *ndpi_struct, if(upper_detected_protocol == lower_detected_protocol) lower_detected_protocol = NDPI_PROTOCOL_UNKNOWN; + if((upper_detected_protocol != NDPI_PROTOCOL_UNKNOWN) + && (lower_detected_protocol == NDPI_PROTOCOL_UNKNOWN)) { + if((flow->guessed_host_protocol_id != NDPI_PROTOCOL_UNKNOWN) + && (upper_detected_protocol != flow->guessed_host_protocol_id)) { + lower_detected_protocol = upper_detected_protocol; + upper_detected_protocol = flow->guessed_host_protocol_id; + } + } + ndpi_int_change_flow_protocol(ndpi_struct, flow, upper_detected_protocol, lower_detected_protocol); ndpi_int_change_packet_protocol(ndpi_struct, flow, diff --git a/src/lib/protocols/skype.c b/src/lib/protocols/skype.c index faeac17c5..0f5e8c780 100644 --- a/src/lib/protocols/skype.c +++ b/src/lib/protocols/skype.c @@ -72,7 +72,10 @@ static void ndpi_check_skype(struct ndpi_detection_module_struct *ndpi_struct, s NDPI_EXCLUDE_PROTO(ndpi_struct, flow); return; // TCP check - } else if(packet->tcp != NULL) { + } else if((packet->tcp != NULL) + /* As the TCP skype heuristic is weak, we need to make sure no other protocols overlap */ + && (flow->guessed_host_protocol_id == NDPI_PROTOCOL_UNKNOWN) + && (flow->guessed_protocol_id == NDPI_PROTOCOL_UNKNOWN)) { flow->l4.tcp.skype_packet_id++; if(flow->l4.tcp.skype_packet_id < 3) { diff --git a/tests/result/1kxun.pcap.out b/tests/result/1kxun.pcap.out index e02ddac2f..5eead7a9c 100644 --- a/tests/result/1kxun.pcap.out +++ b/tests/result/1kxun.pcap.out @@ -2,7 +2,6 @@ Unknown 24 6428 14 DNS 2 378 1 HTTP 524 220123 9 MDNS 1 82 1 -NTP 1 90 1 NetBIOS 31 3589 8 SSDP 143 36951 13 DHCP 24 8208 5 @@ -13,6 +12,7 @@ DHCPV6 10 980 3 Facebook 19 6840 2 Google 3 176 1 GenericProtocol 433 311919 14 +Apple 1 90 1 LLMNR 89 6799 47 1 TCP 192.168.115.8:49613 <-> 183.131.48.144:80 [proto: 7/HTTP][cat: Web/5][260 pkts/15070 bytes <-> 159 pkts/168623 bytes][Host: 183.131.48.144] @@ -123,7 +123,7 @@ LLMNR 89 6799 47 106 UDP 192.168.5.45:59789 -> 192.168.255.255:137 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes -> 0 pkts/0 bytes] 107 UDP [fe80::e034:7be:d8f9:6197]:57143 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][1 pkts/91 bytes -> 0 pkts/0 bytes][Host: charming-pc] 108 UDP [fe80::e034:7be:d8f9:6197]:62756 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][1 pkts/91 bytes -> 0 pkts/0 bytes][Host: charming-pc] - 109 UDP 192.168.5.16:123 -> 17.253.26.125:123 [proto: 9/NTP][cat: System/18][1 pkts/90 bytes -> 0 pkts/0 bytes] + 109 UDP 192.168.5.16:123 -> 17.253.26.125:123 [proto: 9.140/NTP.Apple][cat: Web/5][1 pkts/90 bytes -> 0 pkts/0 bytes] 110 UDP 192.168.5.64:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network/14][1 pkts/82 bytes -> 0 pkts/0 bytes] 111 UDP 192.168.5.50:49766 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][1 pkts/71 bytes -> 0 pkts/0 bytes][Host: charming-pc] 112 UDP 192.168.5.50:50030 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][1 pkts/71 bytes -> 0 pkts/0 bytes][Host: charming-pc] diff --git a/tests/result/Instagram.pcap.out b/tests/result/Instagram.pcap.out index 9a34e2008..7e35db0cc 100644 --- a/tests/result/Instagram.pcap.out +++ b/tests/result/Instagram.pcap.out @@ -2,11 +2,12 @@ Unknown 1 66 1 HTTP 116 91784 6 ICMP 5 510 1 SSL 2 169 1 -Facebook 251 215986 5 +Facebook 101 62428 4 Dropbox 5 725 2 +WhatsApp 150 153558 1 Instagram 363 255094 16 - 1 TCP 31.13.86.52:80 <-> 192.168.0.103:58216 [proto: 7.119/HTTP.Facebook][cat: SocialNetwork/6][103 pkts/150456 bytes <-> 47 pkts/3102 bytes] + 1 TCP 31.13.86.52:80 <-> 192.168.0.103:58216 [proto: 7.142/HTTP.WhatsApp][cat: Chat/9][103 pkts/150456 bytes <-> 47 pkts/3102 bytes] 2 TCP 192.168.0.103:38816 <-> 46.33.70.160:80 [proto: 7.211/HTTP.Instagram][cat: SocialNetwork/6][13 pkts/1118 bytes <-> 39 pkts/57876 bytes][Host: photos-h.ak.instagram.com] 3 TCP 192.168.0.103:58052 <-> 82.85.26.162:80 [proto: 7.211/HTTP.Instagram][cat: SocialNetwork/6][37 pkts/2702 bytes <-> 38 pkts/54537 bytes][Host: photos-g.ak.instagram.com] 4 TCP 192.168.0.103:44379 <-> 82.85.26.186:80 [proto: 7.211/HTTP.Instagram][cat: SocialNetwork/6][41 pkts/3392 bytes <-> 40 pkts/50024 bytes][Host: photos-e.ak.instagram.com] diff --git a/tests/result/KakaoTalk_chat.pcap.out b/tests/result/KakaoTalk_chat.pcap.out index eedfab56a..0826675ea 100644 --- a/tests/result/KakaoTalk_chat.pcap.out +++ b/tests/result/KakaoTalk_chat.pcap.out @@ -1,11 +1,11 @@ DNS 2 217 1 HTTP 1 56 1 ICMP 1 147 1 -SSL 29 4579 3 +SSL 23 2689 2 Facebook 215 51809 12 Google 16 1031 3 HTTP_Proxy 26 3926 1 -Amazon 2 181 1 +Amazon 8 2071 2 KakaoTalk 55 9990 15 1 TCP 10.24.82.188:43581 <-> 31.13.68.70:443 [proto: 91.119/SSL.Facebook][cat: SocialNetwork/6][17 pkts/3461 bytes <-> 17 pkts/6194 bytes][client: graph.facebook.com][server: *.facebook.com] @@ -17,7 +17,7 @@ KakaoTalk 55 9990 15 7 TCP 10.24.82.188:37821 <-> 210.103.240.15:443 [proto: 91.193/SSL.KakaoTalk][cat: VoIP/10][13 pkts/2036 bytes <-> 14 pkts/5090 bytes][server: *.kakao.com] 8 TCP 10.24.82.188:51021 <-> 103.246.57.251:8080 [proto: 131/HTTP_Proxy][cat: Web/5][17 pkts/2231 bytes <-> 9 pkts/1695 bytes] 9 TCP 139.150.0.125:443 <-> 10.24.82.188:46947 [proto: 91/SSL][cat: Web/5][9 pkts/1737 bytes <-> 9 pkts/672 bytes] - 10 TCP 10.24.82.188:58964 <-> 54.255.253.199:5223 [proto: 91/SSL][cat: Web/5][3 pkts/290 bytes <-> 3 pkts/1600 bytes][server: *.push.samsungosp.com] + 10 TCP 10.24.82.188:58964 <-> 54.255.253.199:5223 [proto: 91.178/SSL.Amazon][cat: Web/5][3 pkts/290 bytes <-> 3 pkts/1600 bytes][server: *.push.samsungosp.com] 11 TCP 10.24.82.188:37557 <-> 31.13.68.84:80 [proto: 7.119/HTTP.Facebook][cat: SocialNetwork/6][5 pkts/487 bytes <-> 6 pkts/627 bytes][Host: www.facebook.com] 12 TCP 10.24.82.188:37553 <-> 31.13.68.84:80 [proto: 7.119/HTTP.Facebook][cat: SocialNetwork/6][5 pkts/487 bytes <-> 5 pkts/571 bytes][Host: www.facebook.com] 13 TCP 216.58.221.10:80 <-> 10.24.82.188:35922 [proto: 7.126/HTTP.Google][cat: Web/5][7 pkts/392 bytes <-> 7 pkts/392 bytes] diff --git a/tests/result/KakaoTalk_talk.pcap.out b/tests/result/KakaoTalk_talk.pcap.out index 9bb9fca1b..ec5e97620 100644 --- a/tests/result/KakaoTalk_talk.pcap.out +++ b/tests/result/KakaoTalk_talk.pcap.out @@ -1,9 +1,9 @@ HTTP 5 280 1 QQ 15 1727 1 -SSL_No_Cert 74 14132 2 +SSL_No_Cert 45 10108 1 RTP 2991 398751 2 SSL 5 1198 1 -Facebook 5 377 3 +Facebook 34 4401 4 Google 4 359 4 HTTP_Proxy 16 1838 2 Tor 40 10538 1 @@ -14,7 +14,7 @@ KakaoTalk_Voice 44 6196 2 2 UDP 10.24.82.188:10268 <-> 1.201.1.174:23046 [proto: 87/RTP][cat: Media/1][746 pkts/93906 bytes <-> 742 pkts/104604 bytes] 3 TCP 10.24.82.188:58857 <-> 110.76.143.50:9001 [proto: 163/Tor][cat: VPN/2][22 pkts/5326 bytes <-> 18 pkts/5212 bytes] 4 TCP 10.24.82.188:32968 <-> 110.76.143.50:8080 [proto: 64/SSL_No_Cert][cat: Web/5][23 pkts/4380 bytes <-> 22 pkts/5728 bytes] - 5 TCP 10.24.82.188:59954 <-> 173.252.88.128:443 [proto: 64/SSL_No_Cert][cat: Web/5][15 pkts/2932 bytes <-> 14 pkts/1092 bytes] + 5 TCP 10.24.82.188:59954 <-> 173.252.88.128:443 [proto: 64.119/SSL_No_Cert.Facebook][cat: SocialNetwork/6][15 pkts/2932 bytes <-> 14 pkts/1092 bytes] 6 UDP 10.24.82.188:10269 <-> 1.201.1.174:23047 [proto: 194/KakaoTalk_Voice][cat: VoIP/10][12 pkts/1692 bytes <-> 10 pkts/1420 bytes] 7 UDP 10.24.82.188:11321 <-> 1.201.1.174:23045 [proto: 194/KakaoTalk_Voice][cat: VoIP/10][11 pkts/1542 bytes <-> 11 pkts/1542 bytes] 8 TCP 10.24.82.188:48489 <-> 203.205.147.215:80 [proto: 7.48/HTTP.QQ][cat: Chat/9][8 pkts/1117 bytes <-> 7 pkts/610 bytes][Host: hkminorshort.weixin.qq.com] diff --git a/tests/result/hangout.pcap.out b/tests/result/hangout.pcap.out index 323e41d36..430ecdcae 100644 --- a/tests/result/hangout.pcap.out +++ b/tests/result/hangout.pcap.out @@ -1,3 +1,3 @@ -GoogleHangout 19 2774 1 +Google 19 2774 1 - 1 UDP 74.125.134.127:19305 -> 10.89.61.13:56406 [proto: 201/GoogleHangout][cat: Chat/9][19 pkts/2774 bytes -> 0 pkts/0 bytes] + 1 UDP 74.125.134.127:19305 -> 10.89.61.13:56406 [proto: 201.126/GoogleHangout.Google][cat: Web/5][19 pkts/2774 bytes -> 0 pkts/0 bytes] diff --git a/tests/result/nintendo.pcap.out b/tests/result/nintendo.pcap.out index 6535e7cc5..c1b44147a 100644 --- a/tests/result/nintendo.pcap.out +++ b/tests/result/nintendo.pcap.out @@ -1,6 +1,6 @@ ICMP 30 2100 2 -Nintendo 890 320242 12 -Amazon 76 10811 7 +Nintendo 887 319888 11 +Amazon 79 11165 8 1 UDP 192.168.12.114:55915 <-> 185.118.169.65:27520 [proto: 173/Nintendo][cat: Game/8][169 pkts/61414 bytes <-> 278 pkts/126260 bytes] 2 UDP 192.168.12.114:55915 <-> 93.237.131.235:56066 [proto: 173/Nintendo][cat: Game/8][122 pkts/48332 bytes <-> 35 pkts/5026 bytes] @@ -18,7 +18,7 @@ Amazon 76 10811 7 14 UDP 192.168.12.114:55915 <-> 35.158.74.61:10025 [proto: 178/Amazon][cat: Web/5][5 pkts/290 bytes <-> 5 pkts/290 bytes] 15 UDP 192.168.12.114:18874 <-> 192.168.12.1:53 [proto: 5.173/DNS.Nintendo][cat: Game/8][1 pkts/110 bytes <-> 1 pkts/281 bytes][Host: e0d67c509fb203858ebcb2fe3f88c2aa.baas.nintendo.com] 16 UDP 192.168.12.114:51035 <-> 192.168.12.1:53 [proto: 5.173/DNS.Nintendo][cat: Game/8][1 pkts/110 bytes <-> 1 pkts/281 bytes][Host: e0d67c509fb203858ebcb2fe3f88c2aa.baas.nintendo.com] - 17 UDP 192.168.12.114:52119 -> 35.158.74.61:33335 [proto: 173/Nintendo][cat: Game/8][3 pkts/354 bytes -> 0 pkts/0 bytes] + 17 UDP 192.168.12.114:52119 -> 35.158.74.61:33335 [proto: 173.178/Nintendo.Amazon][cat: Web/5][3 pkts/354 bytes -> 0 pkts/0 bytes] 18 UDP 192.168.12.114:55915 -> 35.158.74.61:33335 [proto: 178/Amazon][cat: Web/5][3 pkts/318 bytes -> 0 pkts/0 bytes] 19 UDP 192.168.12.114:55915 -> 52.10.205.177:34343 [proto: 178/Amazon][cat: Web/5][1 pkts/298 bytes -> 0 pkts/0 bytes] 20 UDP 192.168.12.114:55915 -> 35.158.74.61:33334 [proto: 178/Amazon][cat: Web/5][5 pkts/290 bytes -> 0 pkts/0 bytes] diff --git a/tests/result/ocs.pcap.out b/tests/result/ocs.pcap.out index b5b526bfa..51d926ee3 100644 --- a/tests/result/ocs.pcap.out +++ b/tests/result/ocs.pcap.out @@ -1,8 +1,7 @@ Unknown 6 360 1 -DNS 3 214 3 HTTP 13 1019 2 -SSL 20 2715 1 -Google 27 3176 3 +Google 30 3390 6 +Amazon 20 2715 1 OCS 863 57552 7 PlayStore 1 72 1 GoogleServices 13 2277 2 @@ -10,7 +9,7 @@ GoogleServices 13 2277 2 1 TCP 192.168.180.2:49881 -> 178.248.208.54:80 [proto: 7.218/HTTP.OCS][cat: Media/1][751 pkts/44783 bytes -> 0 pkts/0 bytes][Host: ocu03.labgency.ws] 2 TCP 192.168.180.2:36680 -> 178.248.208.54:443 [proto: 91.218/SSL.OCS][cat: Media/1][20 pkts/6089 bytes -> 0 pkts/0 bytes][client: ocs.labgency.ws] 3 TCP 192.168.180.2:42590 -> 178.248.208.210:80 [proto: 7.218/HTTP.OCS][cat: Media/1][83 pkts/5408 bytes -> 0 pkts/0 bytes][Host: www.ocs.fr] - 4 TCP 192.168.180.2:39263 -> 23.21.230.199:443 [proto: 91/SSL][cat: Web/5][20 pkts/2715 bytes -> 0 pkts/0 bytes][client: settings.crashlytics.com] + 4 TCP 192.168.180.2:39263 -> 23.21.230.199:443 [proto: 91.178/SSL.Amazon][cat: Web/5][20 pkts/2715 bytes -> 0 pkts/0 bytes][client: settings.crashlytics.com] 5 TCP 192.168.180.2:32946 -> 64.233.184.188:443 [proto: 91.239/SSL.GoogleServices][cat: Web/5][12 pkts/2212 bytes -> 0 pkts/0 bytes][client: mtalk.google.com] 6 TCP 192.168.180.2:47803 -> 64.233.166.95:443 [proto: 91.126/SSL.Google][cat: Web/5][12 pkts/1608 bytes -> 0 pkts/0 bytes] 7 TCP 192.168.180.2:41223 -> 216.58.208.46:443 [proto: 91.126/SSL.Google][cat: Web/5][13 pkts/1448 bytes -> 0 pkts/0 bytes] @@ -18,10 +17,10 @@ GoogleServices 13 2277 2 9 TCP 192.168.180.2:44959 -> 137.135.129.206:80 [proto: 7/HTTP][cat: Web/5][7 pkts/540 bytes -> 0 pkts/0 bytes][Host: api.eu01.capptain.com] 10 TCP 192.168.180.2:53356 -> 137.135.129.206:80 [proto: 7/HTTP][cat: Web/5][6 pkts/479 bytes -> 0 pkts/0 bytes][Host: api.eu01.capptain.com] 11 TCP 192.168.180.2:47699 -> 64.233.184.188:5228 [proto: 126/Google][cat: Web/5][2 pkts/120 bytes -> 0 pkts/0 bytes] - 12 UDP 192.168.180.2:3621 -> 8.8.8.8:53 [proto: 5/DNS][cat: Network/14][1 pkts/77 bytes -> 0 pkts/0 bytes][Host: xmpp.device06.eu01.capptain.com] + 12 UDP 192.168.180.2:3621 -> 8.8.8.8:53 [proto: 5.126/DNS.Google][cat: Web/5][1 pkts/77 bytes -> 0 pkts/0 bytes][Host: xmpp.device06.eu01.capptain.com] 13 UDP 192.168.180.2:48770 -> 8.8.8.8:53 [proto: 5.228/DNS.PlayStore][cat: SoftwareUpdate/19][1 pkts/72 bytes -> 0 pkts/0 bytes][Host: android.clients.google.com] - 14 UDP 192.168.180.2:40097 -> 8.8.8.8:53 [proto: 5/DNS][cat: Network/14][1 pkts/70 bytes -> 0 pkts/0 bytes][Host: settings.crashlytics.com] - 15 UDP 192.168.180.2:1291 -> 8.8.8.8:53 [proto: 5/DNS][cat: Network/14][1 pkts/67 bytes -> 0 pkts/0 bytes][Host: api.eu01.capptain.com] + 14 UDP 192.168.180.2:40097 -> 8.8.8.8:53 [proto: 5.126/DNS.Google][cat: Web/5][1 pkts/70 bytes -> 0 pkts/0 bytes][Host: settings.crashlytics.com] + 15 UDP 192.168.180.2:1291 -> 8.8.8.8:53 [proto: 5.126/DNS.Google][cat: Web/5][1 pkts/67 bytes -> 0 pkts/0 bytes][Host: api.eu01.capptain.com] 16 UDP 192.168.180.2:11793 -> 8.8.8.8:53 [proto: 5.239/DNS.GoogleServices][cat: Web/5][1 pkts/65 bytes -> 0 pkts/0 bytes][Host: play.googleapis.com] 17 UDP 192.168.180.2:38472 -> 8.8.8.8:53 [proto: 5.218/DNS.OCS][cat: Media/1][1 pkts/63 bytes -> 0 pkts/0 bytes][Host: ocu03.labgency.ws] 18 UDP 192.168.180.2:2589 -> 8.8.8.8:53 [proto: 5.218/DNS.OCS][cat: Media/1][1 pkts/61 bytes -> 0 pkts/0 bytes][Host: ocs.labgency.ws] diff --git a/tests/result/pps.pcap.out b/tests/result/pps.pcap.out index baad4b4e6..778aa1197 100644 --- a/tests/result/pps.pcap.out +++ b/tests/result/pps.pcap.out @@ -1,10 +1,9 @@ -Unknown 985 375351 33 +Unknown 990 378832 34 HTTP 47 42014 11 SSDP 63 17143 10 HTTP_Download 26 27222 2 Google 2 1093 1 GenericProtocol 1429 1780307 49 -QUIC 5 3481 1 1 TCP 192.168.115.8:50780 <-> 223.26.106.20:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/303 bytes <-> 541 pkts/710082 bytes][Host: preimage1.qiyipic.com] 2 TCP 192.168.115.8:50778 <-> 223.26.106.20:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/303 bytes <-> 528 pkts/692658 bytes][Host: preimage1.qiyipic.com] @@ -13,73 +12,72 @@ QUIC 5 3481 1 5 TCP 192.168.115.8:50486 <-> 77.234.40.96:80 [proto: 7.60/HTTP.HTTP_Download][cat: Download-FileTransfer-FileSharing/7][11 pkts/11023 bytes <-> 12 pkts/14869 bytes][Host: bcu.ff.avast.com] 6 UDP 192.168.5.38:1900 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][18 pkts/9327 bytes -> 0 pkts/0 bytes] 7 TCP 192.168.115.8:50476 <-> 101.227.32.39:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/656 bytes <-> 4 pkts/3897 bytes][Host: cache.video.iqiyi.com] - 8 UDP 192.168.115.8:22793 <-> 202.198.7.89:16039 [proto: 188/QUIC][cat: Web/5][2 pkts/158 bytes <-> 3 pkts/3323 bytes] - 9 TCP 192.168.115.8:50495 <-> 202.108.14.236:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][3 pkts/2844 bytes <-> 3 pkts/597 bytes][Host: msg.71.am] - 10 TCP 77.234.41.35:80 <-> 192.168.115.8:49174 [proto: 7/HTTP][cat: Web/5][4 pkts/2953 bytes <-> 1 pkts/356 bytes] - 11 TCP 192.168.115.8:50767 <-> 223.26.106.20:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][4 pkts/800 bytes <-> 4 pkts/2112 bytes][Host: static.qiyi.com] - 12 TCP 192.168.115.8:50488 <-> 223.26.106.20:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/311 bytes <-> 2 pkts/2035 bytes][Host: meta.video.qiyi.com] - 13 TCP 192.168.115.8:50471 <-> 202.108.14.236:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][2 pkts/1898 bytes <-> 2 pkts/398 bytes][Host: msg.71.am] - 14 TCP 192.168.115.8:50501 <-> 202.108.14.236:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][2 pkts/1893 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] - 15 TCP 192.168.115.8:50463 <-> 101.227.200.11:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][2 pkts/1555 bytes <-> 1 pkts/306 bytes][Host: api.cupid.iqiyi.com] - 16 TCP 192.168.115.8:50496 <-> 101.227.200.11:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][2 pkts/1555 bytes <-> 1 pkts/306 bytes][Host: api.cupid.iqiyi.com] - 17 TCP 192.168.115.8:50779 <-> 111.206.22.77:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][2 pkts/1438 bytes <-> 1 pkts/194 bytes][Host: msg.iqiyi.com] - 18 UDP 192.168.5.38:58897 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][9 pkts/1575 bytes -> 0 pkts/0 bytes] - 19 UDP 192.168.115.1:50945 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][9 pkts/1539 bytes -> 0 pkts/0 bytes] - 20 TCP 192.168.115.8:50464 <-> 123.125.112.49:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/707 bytes <-> 1 pkts/744 bytes][Host: click.hm.baidu.com] - 21 TCP 192.168.115.8:50492 <-> 111.206.13.3:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/389 bytes <-> 2 pkts/1034 bytes][Host: pdata.video.qiyi.com] - 22 TCP 192.168.115.8:50777 <-> 111.206.22.77:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/1186 bytes <-> 1 pkts/194 bytes][Host: msg.iqiyi.com] - 23 TCP 192.168.115.8:50494 <-> 223.26.106.66:80 [proto: 7.60/HTTP.HTTP_Download][cat: Download-FileTransfer-FileSharing/7][2 pkts/887 bytes <-> 1 pkts/443 bytes][Host: 223.26.106.66] - 24 TCP 192.168.115.8:50497 <-> 123.125.112.49:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/1004 bytes <-> 2 pkts/301 bytes][Host: click.hm.baidu.com] - 25 TCP 192.168.115.8:50499 <-> 111.206.22.76:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/1097 bytes <-> 1 pkts/199 bytes][Host: msg.iqiyi.com] - 26 TCP 192.168.115.8:50474 <-> 202.108.14.221:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/1100 bytes <-> 1 pkts/194 bytes][Host: msg.iqiyi.com] - 27 TCP 192.168.115.8:50507 <-> 223.26.106.19:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/212 bytes <-> 1 pkts/1063 bytes][Host: static.qiyi.com] - 28 TCP 192.168.115.8:50485 <-> 202.108.14.236:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/947 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] - 29 TCP 192.168.115.8:50502 <-> 202.108.14.236:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/947 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] - 30 TCP 192.168.115.8:50493 <-> 202.108.14.236:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/946 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] - 31 TCP 192.168.115.8:50771 <-> 202.108.14.236:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/946 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] - 32 TCP 192.168.115.8:50473 <-> 202.108.14.219:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/944 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] - 33 TCP 192.168.115.8:50475 <-> 202.108.14.236:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/941 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] - 34 TCP 192.168.115.8:50500 <-> 23.41.133.163:80 [proto: 7/HTTP][cat: Web/5][1 pkts/289 bytes <-> 1 pkts/839 bytes][Host: s1.symcb.com] - 35 TCP 192.168.115.8:50773 <-> 202.108.14.221:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/919 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] - 36 TCP 192.168.115.8:50466 <-> 203.66.182.24:80 [proto: 7.126/HTTP.Google][cat: Web/5][1 pkts/280 bytes <-> 1 pkts/813 bytes][Host: clients1.google.com] - 37 UDP 192.168.5.50:52529 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][6 pkts/1074 bytes -> 0 pkts/0 bytes] - 38 UDP 192.168.5.28:60023 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][6 pkts/1050 bytes -> 0 pkts/0 bytes] - 39 UDP 192.168.5.57:59648 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][6 pkts/1050 bytes -> 0 pkts/0 bytes] - 40 TCP 192.168.115.8:50504 -> 202.108.14.236:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/946 bytes -> 0 pkts/0 bytes][Host: msg.71.am] - 41 TCP 192.168.115.8:50769 <-> 101.227.200.11:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/604 bytes <-> 1 pkts/291 bytes][Host: api.cupid.iqiyi.com] - 42 TCP 192.168.115.8:50498 <-> 36.110.220.15:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/694 bytes <-> 1 pkts/199 bytes][Host: msg.video.qiyi.com] - 43 TCP 192.168.115.8:50503 <-> 202.108.14.219:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/683 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] - 44 UDP 192.168.5.41:50374 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][5 pkts/875 bytes -> 0 pkts/0 bytes] - 45 TCP 192.168.115.8:50490 <-> 119.188.13.188:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/357 bytes <-> 1 pkts/479 bytes][Host: pdata.video.qiyi.com] - 46 TCP 192.168.115.8:50467 <-> 202.108.14.219:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/629 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] - 47 TCP 192.168.115.8:50484 <-> 202.108.14.219:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/622 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] - 48 TCP 192.168.115.8:50477 <-> 202.108.14.219:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/614 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] - 49 TCP 192.168.115.8:50774 <-> 202.108.14.219:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/587 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] - 50 TCP 192.168.115.8:50469 <-> 202.108.14.219:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/573 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] - 51 TCP 192.168.115.8:50482 <-> 140.205.243.64:80 [proto: 7/HTTP][cat: Web/5][1 pkts/444 bytes <-> 1 pkts/283 bytes][Host: cmc.tanx.com] - 52 TCP 192.168.115.8:50768 <-> 223.26.106.19:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/198 bytes <-> 1 pkts/526 bytes][Host: static.qiyi.com] - 53 TCP 192.168.5.15:65128 <-> 68.233.253.133:80 [proto: 7/HTTP][cat: Web/5][1 pkts/331 bytes <-> 1 pkts/390 bytes][Host: api.magicansoft.com] - 54 TCP 192.168.115.8:50509 <-> 106.38.219.107:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/163 bytes <-> 2 pkts/557 bytes][Host: iplocation.geo.qiyi.com] - 55 TCP 192.168.5.15:65127 <-> 68.233.253.133:80 [proto: 7/HTTP][cat: Web/5][1 pkts/323 bytes <-> 1 pkts/390 bytes][Host: api.magicansoft.com] - 56 TCP 192.168.115.8:50766 <-> 223.26.106.20:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/198 bytes <-> 1 pkts/493 bytes][Host: static.qiyi.com] - 57 TCP 192.168.115.8:50487 -> 202.108.14.219:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/683 bytes -> 0 pkts/0 bytes][Host: msg.71.am] - 58 TCP 192.168.115.8:50489 <-> 119.188.13.188:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/253 bytes <-> 1 pkts/430 bytes][Host: pdata.video.qiyi.com] - 59 TCP 192.168.115.8:50772 <-> 123.125.111.70:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/399 bytes <-> 1 pkts/275 bytes][Host: nl.rcd.iqiyi.com] - 60 TCP 192.168.115.8:50775 <-> 123.125.111.70:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/399 bytes <-> 1 pkts/275 bytes][Host: nl.rcd.iqiyi.com] - 61 TCP 192.168.115.8:50470 <-> 202.108.14.236:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/424 bytes <-> 1 pkts/194 bytes][Host: msg.iqiyi.com] - 62 TCP 192.168.115.8:50508 <-> 223.26.106.19:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/198 bytes <-> 1 pkts/420 bytes][Host: static.qiyi.com] - 63 TCP 192.168.115.8:50483 <-> 202.108.14.219:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/417 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] - 64 TCP 192.168.115.8:50776 <-> 111.206.22.77:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/394 bytes <-> 1 pkts/194 bytes][Host: msg.iqiyi.com] - 65 TCP 192.168.115.8:50765 <-> 36.110.220.15:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/264 bytes <-> 1 pkts/199 bytes][Host: msg.video.qiyi.com] - 66 TCP 202.108.14.219:80 -> 192.168.115.8:50295 [proto: 7/HTTP][cat: Web/5][2 pkts/398 bytes -> 0 pkts/0 bytes] - 67 UDP 192.168.5.48:63930 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][2 pkts/358 bytes -> 0 pkts/0 bytes] - 68 TCP 117.79.81.135:80 -> 192.168.115.8:50443 [proto: 7/HTTP][cat: Web/5][1 pkts/347 bytes -> 0 pkts/0 bytes] - 69 TCP 192.168.115.8:50781 -> 223.26.106.20:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/303 bytes -> 0 pkts/0 bytes][Host: preimage1.qiyipic.com] - 70 TCP 202.108.14.219:80 -> 192.168.115.8:50506 [proto: 7/HTTP][cat: Web/5][1 pkts/199 bytes -> 0 pkts/0 bytes] - 71 UDP 192.168.5.63:60976 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][1 pkts/165 bytes -> 0 pkts/0 bytes] - 72 UDP 192.168.5.63:39383 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][1 pkts/130 bytes -> 0 pkts/0 bytes] - 73 TCP 192.168.115.8:50462 -> 202.108.14.236:80 [proto: 7/HTTP][cat: Web/5][2 pkts/108 bytes -> 0 pkts/0 bytes] - 74 TCP 192.168.5.15:65125 -> 68.233.253.133:80 [proto: 7/HTTP][cat: Web/5][1 pkts/66 bytes -> 0 pkts/0 bytes] + 8 TCP 192.168.115.8:50495 <-> 202.108.14.236:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][3 pkts/2844 bytes <-> 3 pkts/597 bytes][Host: msg.71.am] + 9 TCP 77.234.41.35:80 <-> 192.168.115.8:49174 [proto: 7/HTTP][cat: Web/5][4 pkts/2953 bytes <-> 1 pkts/356 bytes] + 10 TCP 192.168.115.8:50767 <-> 223.26.106.20:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][4 pkts/800 bytes <-> 4 pkts/2112 bytes][Host: static.qiyi.com] + 11 TCP 192.168.115.8:50488 <-> 223.26.106.20:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/311 bytes <-> 2 pkts/2035 bytes][Host: meta.video.qiyi.com] + 12 TCP 192.168.115.8:50471 <-> 202.108.14.236:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][2 pkts/1898 bytes <-> 2 pkts/398 bytes][Host: msg.71.am] + 13 TCP 192.168.115.8:50501 <-> 202.108.14.236:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][2 pkts/1893 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] + 14 TCP 192.168.115.8:50463 <-> 101.227.200.11:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][2 pkts/1555 bytes <-> 1 pkts/306 bytes][Host: api.cupid.iqiyi.com] + 15 TCP 192.168.115.8:50496 <-> 101.227.200.11:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][2 pkts/1555 bytes <-> 1 pkts/306 bytes][Host: api.cupid.iqiyi.com] + 16 TCP 192.168.115.8:50779 <-> 111.206.22.77:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][2 pkts/1438 bytes <-> 1 pkts/194 bytes][Host: msg.iqiyi.com] + 17 UDP 192.168.5.38:58897 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][9 pkts/1575 bytes -> 0 pkts/0 bytes] + 18 UDP 192.168.115.1:50945 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][9 pkts/1539 bytes -> 0 pkts/0 bytes] + 19 TCP 192.168.115.8:50464 <-> 123.125.112.49:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/707 bytes <-> 1 pkts/744 bytes][Host: click.hm.baidu.com] + 20 TCP 192.168.115.8:50492 <-> 111.206.13.3:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/389 bytes <-> 2 pkts/1034 bytes][Host: pdata.video.qiyi.com] + 21 TCP 192.168.115.8:50777 <-> 111.206.22.77:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/1186 bytes <-> 1 pkts/194 bytes][Host: msg.iqiyi.com] + 22 TCP 192.168.115.8:50494 <-> 223.26.106.66:80 [proto: 7.60/HTTP.HTTP_Download][cat: Download-FileTransfer-FileSharing/7][2 pkts/887 bytes <-> 1 pkts/443 bytes][Host: 223.26.106.66] + 23 TCP 192.168.115.8:50497 <-> 123.125.112.49:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/1004 bytes <-> 2 pkts/301 bytes][Host: click.hm.baidu.com] + 24 TCP 192.168.115.8:50499 <-> 111.206.22.76:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/1097 bytes <-> 1 pkts/199 bytes][Host: msg.iqiyi.com] + 25 TCP 192.168.115.8:50474 <-> 202.108.14.221:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/1100 bytes <-> 1 pkts/194 bytes][Host: msg.iqiyi.com] + 26 TCP 192.168.115.8:50507 <-> 223.26.106.19:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/212 bytes <-> 1 pkts/1063 bytes][Host: static.qiyi.com] + 27 TCP 192.168.115.8:50485 <-> 202.108.14.236:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/947 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] + 28 TCP 192.168.115.8:50502 <-> 202.108.14.236:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/947 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] + 29 TCP 192.168.115.8:50493 <-> 202.108.14.236:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/946 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] + 30 TCP 192.168.115.8:50771 <-> 202.108.14.236:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/946 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] + 31 TCP 192.168.115.8:50473 <-> 202.108.14.219:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/944 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] + 32 TCP 192.168.115.8:50475 <-> 202.108.14.236:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/941 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] + 33 TCP 192.168.115.8:50500 <-> 23.41.133.163:80 [proto: 7/HTTP][cat: Web/5][1 pkts/289 bytes <-> 1 pkts/839 bytes][Host: s1.symcb.com] + 34 TCP 192.168.115.8:50773 <-> 202.108.14.221:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/919 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] + 35 TCP 192.168.115.8:50466 <-> 203.66.182.24:80 [proto: 7.126/HTTP.Google][cat: Web/5][1 pkts/280 bytes <-> 1 pkts/813 bytes][Host: clients1.google.com] + 36 UDP 192.168.5.50:52529 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][6 pkts/1074 bytes -> 0 pkts/0 bytes] + 37 UDP 192.168.5.28:60023 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][6 pkts/1050 bytes -> 0 pkts/0 bytes] + 38 UDP 192.168.5.57:59648 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][6 pkts/1050 bytes -> 0 pkts/0 bytes] + 39 TCP 192.168.115.8:50504 -> 202.108.14.236:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/946 bytes -> 0 pkts/0 bytes][Host: msg.71.am] + 40 TCP 192.168.115.8:50769 <-> 101.227.200.11:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/604 bytes <-> 1 pkts/291 bytes][Host: api.cupid.iqiyi.com] + 41 TCP 192.168.115.8:50498 <-> 36.110.220.15:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/694 bytes <-> 1 pkts/199 bytes][Host: msg.video.qiyi.com] + 42 TCP 192.168.115.8:50503 <-> 202.108.14.219:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/683 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] + 43 UDP 192.168.5.41:50374 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][5 pkts/875 bytes -> 0 pkts/0 bytes] + 44 TCP 192.168.115.8:50490 <-> 119.188.13.188:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/357 bytes <-> 1 pkts/479 bytes][Host: pdata.video.qiyi.com] + 45 TCP 192.168.115.8:50467 <-> 202.108.14.219:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/629 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] + 46 TCP 192.168.115.8:50484 <-> 202.108.14.219:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/622 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] + 47 TCP 192.168.115.8:50477 <-> 202.108.14.219:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/614 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] + 48 TCP 192.168.115.8:50774 <-> 202.108.14.219:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/587 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] + 49 TCP 192.168.115.8:50469 <-> 202.108.14.219:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/573 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] + 50 TCP 192.168.115.8:50482 <-> 140.205.243.64:80 [proto: 7/HTTP][cat: Web/5][1 pkts/444 bytes <-> 1 pkts/283 bytes][Host: cmc.tanx.com] + 51 TCP 192.168.115.8:50768 <-> 223.26.106.19:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/198 bytes <-> 1 pkts/526 bytes][Host: static.qiyi.com] + 52 TCP 192.168.5.15:65128 <-> 68.233.253.133:80 [proto: 7/HTTP][cat: Web/5][1 pkts/331 bytes <-> 1 pkts/390 bytes][Host: api.magicansoft.com] + 53 TCP 192.168.115.8:50509 <-> 106.38.219.107:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/163 bytes <-> 2 pkts/557 bytes][Host: iplocation.geo.qiyi.com] + 54 TCP 192.168.5.15:65127 <-> 68.233.253.133:80 [proto: 7/HTTP][cat: Web/5][1 pkts/323 bytes <-> 1 pkts/390 bytes][Host: api.magicansoft.com] + 55 TCP 192.168.115.8:50766 <-> 223.26.106.20:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/198 bytes <-> 1 pkts/493 bytes][Host: static.qiyi.com] + 56 TCP 192.168.115.8:50487 -> 202.108.14.219:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/683 bytes -> 0 pkts/0 bytes][Host: msg.71.am] + 57 TCP 192.168.115.8:50489 <-> 119.188.13.188:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/253 bytes <-> 1 pkts/430 bytes][Host: pdata.video.qiyi.com] + 58 TCP 192.168.115.8:50772 <-> 123.125.111.70:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/399 bytes <-> 1 pkts/275 bytes][Host: nl.rcd.iqiyi.com] + 59 TCP 192.168.115.8:50775 <-> 123.125.111.70:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/399 bytes <-> 1 pkts/275 bytes][Host: nl.rcd.iqiyi.com] + 60 TCP 192.168.115.8:50470 <-> 202.108.14.236:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/424 bytes <-> 1 pkts/194 bytes][Host: msg.iqiyi.com] + 61 TCP 192.168.115.8:50508 <-> 223.26.106.19:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/198 bytes <-> 1 pkts/420 bytes][Host: static.qiyi.com] + 62 TCP 192.168.115.8:50483 <-> 202.108.14.219:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/417 bytes <-> 1 pkts/199 bytes][Host: msg.71.am] + 63 TCP 192.168.115.8:50776 <-> 111.206.22.77:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/394 bytes <-> 1 pkts/194 bytes][Host: msg.iqiyi.com] + 64 TCP 192.168.115.8:50765 <-> 36.110.220.15:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/264 bytes <-> 1 pkts/199 bytes][Host: msg.video.qiyi.com] + 65 TCP 202.108.14.219:80 -> 192.168.115.8:50295 [proto: 7/HTTP][cat: Web/5][2 pkts/398 bytes -> 0 pkts/0 bytes] + 66 UDP 192.168.5.48:63930 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][2 pkts/358 bytes -> 0 pkts/0 bytes] + 67 TCP 117.79.81.135:80 -> 192.168.115.8:50443 [proto: 7/HTTP][cat: Web/5][1 pkts/347 bytes -> 0 pkts/0 bytes] + 68 TCP 192.168.115.8:50781 -> 223.26.106.20:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/303 bytes -> 0 pkts/0 bytes][Host: preimage1.qiyipic.com] + 69 TCP 202.108.14.219:80 -> 192.168.115.8:50506 [proto: 7/HTTP][cat: Web/5][1 pkts/199 bytes -> 0 pkts/0 bytes] + 70 UDP 192.168.5.63:60976 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][1 pkts/165 bytes -> 0 pkts/0 bytes] + 71 UDP 192.168.5.63:39383 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][1 pkts/130 bytes -> 0 pkts/0 bytes] + 72 TCP 192.168.115.8:50462 -> 202.108.14.236:80 [proto: 7/HTTP][cat: Web/5][2 pkts/108 bytes -> 0 pkts/0 bytes] + 73 TCP 192.168.5.15:65125 -> 68.233.253.133:80 [proto: 7/HTTP][cat: Web/5][1 pkts/66 bytes -> 0 pkts/0 bytes] Undetected flows: @@ -88,31 +86,32 @@ Undetected flows: 3 UDP 118.171.15.56:5544 <-> 192.168.115.8:22793 [proto: 0/Unknown][30 pkts/33210 bytes <-> 71 pkts/5609 bytes] 4 UDP 192.168.115.8:22793 <-> 219.228.107.156:1250 [proto: 0/Unknown][34 pkts/2686 bytes <-> 11 pkts/12177 bytes] 5 UDP 192.168.115.8:22793 <-> 222.197.138.12:6956 [proto: 0/Unknown][30 pkts/2370 bytes <-> 10 pkts/10042 bytes] - 6 UDP 192.168.115.8:22793 -> 1.169.136.116:17951 [proto: 0/Unknown][4 pkts/512 bytes -> 0 pkts/0 bytes] - 7 UDP 192.168.115.8:22793 -> 114.41.144.153:10492 [proto: 0/Unknown][4 pkts/512 bytes -> 0 pkts/0 bytes] - 8 UDP 192.168.115.8:22793 -> 218.61.39.103:17788 [proto: 0/Unknown][2 pkts/300 bytes -> 0 pkts/0 bytes] - 9 UDP 192.168.115.8:22793 -> 119.188.133.182:17788 [proto: 0/Unknown][2 pkts/260 bytes -> 0 pkts/0 bytes] - 10 UDP 192.168.115.8:22793 -> 183.61.167.104:17788 [proto: 0/Unknown][2 pkts/260 bytes -> 0 pkts/0 bytes] - 11 UDP 192.168.115.8:22793 -> 218.61.39.87:17788 [proto: 0/Unknown][2 pkts/260 bytes -> 0 pkts/0 bytes] - 12 UDP 183.228.182.44:13913 <-> 192.168.115.8:22793 [proto: 0/Unknown][1 pkts/87 bytes <-> 2 pkts/170 bytes] - 13 UDP 192.168.115.8:22793 -> 183.61.167.82:17788 [proto: 0/Unknown][2 pkts/188 bytes -> 0 pkts/0 bytes] - 14 UDP 192.168.115.8:22793 -> 220.130.154.23:35941 [proto: 0/Unknown][2 pkts/174 bytes -> 0 pkts/0 bytes] - 15 UDP 192.168.115.8:22793 -> 111.249.53.196:32443 [proto: 0/Unknown][2 pkts/158 bytes -> 0 pkts/0 bytes] - 16 UDP 192.168.115.8:22793 -> 1.175.128.104:5185 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes] - 17 UDP 192.168.115.8:22793 -> 36.233.39.81:18590 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes] - 18 UDP 192.168.115.8:22793 -> 36.237.154.69:4316 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes] - 19 UDP 192.168.115.8:22793 -> 61.223.204.67:11102 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes] - 20 UDP 192.168.115.8:22793 -> 61.227.170.88:20227 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes] - 21 UDP 192.168.115.8:22793 -> 111.117.101.81:10162 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes] - 22 UDP 192.168.115.8:22793 -> 111.250.102.66:1107 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes] - 23 UDP 192.168.115.8:22793 -> 114.37.142.173:1074 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes] - 24 UDP 192.168.115.8:22793 -> 114.47.91.129:22576 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes] - 25 UDP 192.168.115.8:22793 -> 115.157.62.243:29006 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes] - 26 UDP 192.168.115.8:22793 -> 121.248.133.93:12757 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes] - 27 UDP 192.168.115.8:22793 -> 202.112.31.89:29072 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes] - 28 UDP 192.168.115.8:22793 -> 210.44.171.1:29702 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes] - 29 UDP 192.168.115.8:22793 -> 210.44.232.243:21044 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes] - 30 UDP 192.168.115.8:22793 -> 210.47.12.19:33738 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes] - 31 UDP 192.168.115.8:22793 -> 210.47.12.20:33738 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes] - 32 UDP 192.168.115.8:22793 -> 222.26.74.190:1037 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes] - 33 UDP 192.168.115.8:22793 -> 222.26.193.119:7133 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes] + 6 UDP 192.168.115.8:22793 <-> 202.198.7.89:16039 [proto: 0/Unknown][2 pkts/158 bytes <-> 3 pkts/3323 bytes] + 7 UDP 192.168.115.8:22793 -> 1.169.136.116:17951 [proto: 0/Unknown][4 pkts/512 bytes -> 0 pkts/0 bytes] + 8 UDP 192.168.115.8:22793 -> 114.41.144.153:10492 [proto: 0/Unknown][4 pkts/512 bytes -> 0 pkts/0 bytes] + 9 UDP 192.168.115.8:22793 -> 218.61.39.103:17788 [proto: 0/Unknown][2 pkts/300 bytes -> 0 pkts/0 bytes] + 10 UDP 192.168.115.8:22793 -> 119.188.133.182:17788 [proto: 0/Unknown][2 pkts/260 bytes -> 0 pkts/0 bytes] + 11 UDP 192.168.115.8:22793 -> 183.61.167.104:17788 [proto: 0/Unknown][2 pkts/260 bytes -> 0 pkts/0 bytes] + 12 UDP 192.168.115.8:22793 -> 218.61.39.87:17788 [proto: 0/Unknown][2 pkts/260 bytes -> 0 pkts/0 bytes] + 13 UDP 183.228.182.44:13913 <-> 192.168.115.8:22793 [proto: 0/Unknown][1 pkts/87 bytes <-> 2 pkts/170 bytes] + 14 UDP 192.168.115.8:22793 -> 183.61.167.82:17788 [proto: 0/Unknown][2 pkts/188 bytes -> 0 pkts/0 bytes] + 15 UDP 192.168.115.8:22793 -> 220.130.154.23:35941 [proto: 0/Unknown][2 pkts/174 bytes -> 0 pkts/0 bytes] + 16 UDP 192.168.115.8:22793 -> 111.249.53.196:32443 [proto: 0/Unknown][2 pkts/158 bytes -> 0 pkts/0 bytes] + 17 UDP 192.168.115.8:22793 -> 1.175.128.104:5185 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes] + 18 UDP 192.168.115.8:22793 -> 36.233.39.81:18590 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes] + 19 UDP 192.168.115.8:22793 -> 36.237.154.69:4316 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes] + 20 UDP 192.168.115.8:22793 -> 61.223.204.67:11102 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes] + 21 UDP 192.168.115.8:22793 -> 61.227.170.88:20227 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes] + 22 UDP 192.168.115.8:22793 -> 111.117.101.81:10162 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes] + 23 UDP 192.168.115.8:22793 -> 111.250.102.66:1107 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes] + 24 UDP 192.168.115.8:22793 -> 114.37.142.173:1074 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes] + 25 UDP 192.168.115.8:22793 -> 114.47.91.129:22576 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes] + 26 UDP 192.168.115.8:22793 -> 115.157.62.243:29006 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes] + 27 UDP 192.168.115.8:22793 -> 121.248.133.93:12757 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes] + 28 UDP 192.168.115.8:22793 -> 202.112.31.89:29072 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes] + 29 UDP 192.168.115.8:22793 -> 210.44.171.1:29702 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes] + 30 UDP 192.168.115.8:22793 -> 210.44.232.243:21044 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes] + 31 UDP 192.168.115.8:22793 -> 210.47.12.19:33738 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes] + 32 UDP 192.168.115.8:22793 -> 210.47.12.20:33738 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes] + 33 UDP 192.168.115.8:22793 -> 222.26.74.190:1037 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes] + 34 UDP 192.168.115.8:22793 -> 222.26.193.119:7133 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes] diff --git a/tests/result/quic.pcap.out b/tests/result/quic.pcap.out index dbfc7f84d..e1f4aa97f 100644 --- a/tests/result/quic.pcap.out +++ b/tests/result/quic.pcap.out @@ -1,8 +1,7 @@ Unknown 6 7072 1 GMail 413 254874 1 YouTube 85 76193 5 -Google 11 10063 2 -QUIC 3 364 1 +Google 14 10427 3 1 UDP 192.168.1.109:57833 <-> 216.58.212.101:443 [proto: 188.122/QUIC.GMail][cat: Email/3][161 pkts/23930 bytes <-> 252 pkts/230944 bytes][Host: mail.google.com] 2 UDP 192.168.1.109:35236 <-> 216.58.210.206:443 [proto: 188.124/QUIC.YouTube][cat: Media/1][25 pkts/5276 bytes <-> 44 pkts/53157 bytes][Host: www.youtube.com] @@ -12,7 +11,7 @@ QUIC 3 364 1 6 UDP 192.168.1.105:45669 <-> 172.217.16.4:443 [proto: 188.126/QUIC.Google][cat: Web/5][3 pkts/1550 bytes <-> 2 pkts/2784 bytes][Host: www.google.com] 7 UDP 192.168.1.105:48445 <-> 216.58.214.110:443 [proto: 188.124/QUIC.YouTube][cat: Media/1][2 pkts/1471 bytes <-> 1 pkts/1392 bytes][Host: i.ytimg.com] 8 UDP 192.168.1.105:53817 <-> 216.58.210.225:443 [proto: 188.124/QUIC.YouTube][cat: Media/1][1 pkts/1392 bytes <-> 1 pkts/1392 bytes][Host: yt3.ggpht.com] - 9 UDP 192.168.1.105:40461 <-> 172.217.16.3:443 [proto: 188/QUIC][cat: Web/5][2 pkts/241 bytes <-> 1 pkts/123 bytes] + 9 UDP 192.168.1.105:40461 <-> 172.217.16.3:443 [proto: 188.126/QUIC.Google][cat: Web/5][2 pkts/241 bytes <-> 1 pkts/123 bytes] Undetected flows: diff --git a/tests/result/skype.pcap.out b/tests/result/skype.pcap.out index ddb00deaa..d02ced39b 100644 --- a/tests/result/skype.pcap.out +++ b/tests/result/skype.pcap.out @@ -1,29 +1,27 @@ -Unknown 171 20697 10 +Unknown 175 20913 11 DNS 2 267 1 MDNS 8 1736 2 -NTP 2 180 1 SSDP 101 38156 6 -SkypeCallIn 1555 267750 192 +SkypeCallIn 730 71378 170 ICMP 8 656 1 IGMP 5 258 4 SSL 96 8876 7 Dropbox 38 17948 5 -Skype 584 56659 57 -Apple 7 384 2 +Skype 1409 253031 79 +Apple 17 2225 3 AppleiCloud 88 20520 2 Spotify 5 430 1 MS_OneDrive 387 198090 1 -ApplePush 12 1877 1 1 TCP 192.168.1.34:50028 <-> 157.56.126.211:443 [proto: 91.221/SSL.MS_OneDrive][cat: Cloud/13][187 pkts/42539 bytes <-> 200 pkts/155551 bytes][server: *.gateway.messenger.live.com] - 2 TCP 192.168.1.34:50108 <-> 157.56.52.28:40009 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][231 pkts/60232 bytes <-> 241 pkts/104395 bytes] + 2 TCP 192.168.1.34:50108 <-> 157.56.52.28:40009 [proto: 125/Skype][cat: VoIP/10][231 pkts/60232 bytes <-> 241 pkts/104395 bytes] 3 UDP 192.168.0.254:1025 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][79 pkts/29479 bytes -> 0 pkts/0 bytes] 4 TCP 192.168.1.34:50128 <-> 17.172.100.36:443 [proto: 91.143/SSL.AppleiCloud][cat: Web/5][43 pkts/9635 bytes <-> 43 pkts/10651 bytes][client: p05-keyvalueservice.icloud.com] 5 TCP 192.168.1.34:50119 <-> 86.31.35.30:59621 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][62 pkts/6941 bytes <-> 38 pkts/5325 bytes] 6 UDP 192.168.1.92:50084 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][14 pkts/7281 bytes -> 0 pkts/0 bytes] 7 TCP 108.160.170.46:443 <-> 192.168.1.34:49445 [proto: 91.121/SSL.Dropbox][cat: Cloud/13][8 pkts/1636 bytes <-> 8 pkts/4344 bytes] 8 TCP 192.168.1.34:50117 <-> 71.238.7.203:18767 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][24 pkts/3136 bytes <-> 19 pkts/2618 bytes] - 9 TCP 192.168.1.34:50126 <-> 91.190.216.23:12350 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][16 pkts/4788 bytes <-> 4 pkts/372 bytes] + 9 TCP 192.168.1.34:50126 <-> 91.190.216.23:12350 [proto: 125/Skype][cat: VoIP/10][16 pkts/4788 bytes <-> 4 pkts/372 bytes] 10 TCP 192.168.1.34:50138 <-> 71.238.7.203:18767 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][19 pkts/2797 bytes <-> 13 pkts/2175 bytes] 11 TCP 192.168.1.34:50118 <-> 5.248.186.221:31010 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][18 pkts/2588 bytes <-> 13 pkts/2100 bytes] 12 TCP 192.168.1.34:50139 <-> 5.248.186.221:31010 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][15 pkts/2395 bytes <-> 8 pkts/1724 bytes] @@ -35,7 +33,7 @@ ApplePush 12 1877 1 18 UDP 192.168.1.92:17500 -> 255.255.255.255:17500 [proto: 121/Dropbox][cat: Cloud/13][5 pkts/2720 bytes -> 0 pkts/0 bytes] 19 TCP 192.168.1.34:50090 <-> 23.206.33.166:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][12 pkts/2140 bytes <-> 3 pkts/200 bytes][client: apps.skype.com] 20 TCP 192.168.1.34:50134 <-> 157.56.53.47:12350 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][11 pkts/1578 bytes <-> 4 pkts/342 bytes] - 21 TCP 17.143.160.22:5223 <-> 192.168.1.34:49447 [proto: 238/ApplePush][cat: Cloud/13][6 pkts/1211 bytes <-> 6 pkts/666 bytes] + 21 TCP 17.143.160.22:5223 <-> 192.168.1.34:49447 [proto: 238.140/ApplePush.Apple][cat: Web/5][6 pkts/1211 bytes <-> 6 pkts/666 bytes] 22 TCP 192.168.1.34:50091 <-> 157.55.235.146:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][13 pkts/1554 bytes <-> 3 pkts/200 bytes] 23 TCP 192.168.1.34:50122 <-> 81.133.19.185:44431 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][14 pkts/1090 bytes <-> 6 pkts/534 bytes] 24 TCP 192.168.1.34:50039 <-> 213.199.179.175:443 [proto: 91/SSL][cat: Web/5][13 pkts/1392 bytes <-> 3 pkts/200 bytes] @@ -50,51 +48,51 @@ ApplePush 12 1877 1 33 TCP 192.168.1.34:50072 <-> 157.55.130.170:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][12 pkts/1207 bytes <-> 3 pkts/277 bytes] 34 TCP 192.168.1.34:50066 <-> 65.55.223.12:443 [proto: 91/SSL][cat: Web/5][12 pkts/1221 bytes <-> 3 pkts/231 bytes] 35 TCP 192.168.1.34:50137 <-> 5.248.186.221:31010 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][14 pkts/1062 bytes <-> 4 pkts/383 bytes] - 36 TCP 192.168.1.34:50076 <-> 157.55.235.156:40014 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][14 pkts/1083 bytes <-> 4 pkts/359 bytes] - 37 TCP 192.168.1.34:50054 <-> 157.55.130.153:40005 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][13 pkts/1020 bytes <-> 4 pkts/421 bytes] + 36 TCP 192.168.1.34:50076 <-> 157.55.235.156:40014 [proto: 125/Skype][cat: VoIP/10][14 pkts/1083 bytes <-> 4 pkts/359 bytes] + 37 TCP 192.168.1.34:50054 <-> 157.55.130.153:40005 [proto: 125/Skype][cat: VoIP/10][13 pkts/1020 bytes <-> 4 pkts/421 bytes] 38 TCP 192.168.1.34:50132 <-> 149.13.32.15:13392 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][13 pkts/1010 bytes <-> 5 pkts/402 bytes] 39 TCP 192.168.1.34:50045 <-> 157.55.130.167:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][12 pkts/1151 bytes <-> 3 pkts/260 bytes] 40 TCP 192.168.1.34:50114 <-> 5.248.186.221:31010 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][14 pkts/1040 bytes <-> 4 pkts/362 bytes] 41 TCP 192.168.1.34:50065 <-> 65.55.223.12:40031 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][13 pkts/1004 bytes <-> 4 pkts/397 bytes] 42 TCP 192.168.1.34:50069 <-> 157.55.56.160:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][11 pkts/1050 bytes <-> 4 pkts/351 bytes] - 43 TCP 192.168.1.34:50034 <-> 157.55.130.140:40033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][13 pkts/1010 bytes <-> 4 pkts/390 bytes] - 44 TCP 192.168.1.34:50088 <-> 157.55.235.146:33033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][14 pkts/1085 bytes <-> 4 pkts/315 bytes] + 43 TCP 192.168.1.34:50034 <-> 157.55.130.140:40033 [proto: 125/Skype][cat: VoIP/10][13 pkts/1010 bytes <-> 4 pkts/390 bytes] + 44 TCP 192.168.1.34:50088 <-> 157.55.235.146:33033 [proto: 125/Skype][cat: VoIP/10][14 pkts/1085 bytes <-> 4 pkts/315 bytes] 45 TCP 192.168.1.34:50102 <-> 65.55.223.15:443 [proto: 91/SSL][cat: Web/5][11 pkts/1140 bytes <-> 3 pkts/250 bytes] - 46 TCP 192.168.1.34:50092 <-> 157.55.130.155:40020 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][13 pkts/975 bytes <-> 4 pkts/412 bytes] + 46 TCP 192.168.1.34:50092 <-> 157.55.130.155:40020 [proto: 125/Skype][cat: VoIP/10][13 pkts/975 bytes <-> 4 pkts/412 bytes] 47 TCP 192.168.1.34:50115 <-> 86.31.35.30:59621 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][13 pkts/995 bytes <-> 4 pkts/391 bytes] 48 TCP 192.168.1.34:50098 <-> 65.55.223.15:40026 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][13 pkts/995 bytes <-> 4 pkts/386 bytes] 49 TCP 192.168.1.34:50130 <-> 212.161.8.36:13392 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][13 pkts/1000 bytes <-> 4 pkts/380 bytes] 50 TCP 192.168.1.34:50079 <-> 213.199.179.142:443 [proto: 91/SSL][cat: Web/5][13 pkts/1176 bytes <-> 3 pkts/200 bytes] - 51 TCP 192.168.1.34:50097 <-> 157.55.235.176:40022 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][13 pkts/1000 bytes <-> 4 pkts/371 bytes] + 51 TCP 192.168.1.34:50097 <-> 157.55.235.176:40022 [proto: 125/Skype][cat: VoIP/10][13 pkts/1000 bytes <-> 4 pkts/371 bytes] 52 TCP 192.168.1.34:50026 <-> 65.55.223.33:40002 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][13 pkts/971 bytes <-> 4 pkts/399 bytes] - 53 TCP 192.168.1.34:50033 <-> 157.55.56.170:40015 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][13 pkts/977 bytes <-> 4 pkts/384 bytes] - 54 TCP 192.168.1.34:50053 <-> 157.55.56.146:40030 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][12 pkts/940 bytes <-> 5 pkts/415 bytes] + 53 TCP 192.168.1.34:50033 <-> 157.55.56.170:40015 [proto: 125/Skype][cat: VoIP/10][13 pkts/977 bytes <-> 4 pkts/384 bytes] + 54 TCP 192.168.1.34:50053 <-> 157.55.56.146:40030 [proto: 125/Skype][cat: VoIP/10][12 pkts/940 bytes <-> 5 pkts/415 bytes] 55 TCP 192.168.1.34:50099 <-> 64.4.23.166:40022 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][12 pkts/948 bytes <-> 4 pkts/407 bytes] - 56 TCP 192.168.1.34:50044 <-> 157.55.130.167:40031 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][13 pkts/993 bytes <-> 4 pkts/360 bytes] + 56 TCP 192.168.1.34:50044 <-> 157.55.130.167:40031 [proto: 125/Skype][cat: VoIP/10][13 pkts/993 bytes <-> 4 pkts/360 bytes] 57 TCP 192.168.1.34:50051 <-> 157.55.130.166:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][12 pkts/1074 bytes <-> 3 pkts/277 bytes] 58 TCP 192.168.1.34:50057 <-> 157.55.130.153:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][12 pkts/1102 bytes <-> 3 pkts/247 bytes] 59 TCP 192.168.1.34:50048 <-> 157.55.130.150:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][12 pkts/1109 bytes <-> 3 pkts/236 bytes] - 60 TCP 192.168.1.34:50077 <-> 157.55.130.176:40022 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][13 pkts/1004 bytes <-> 4 pkts/334 bytes] + 60 TCP 192.168.1.34:50077 <-> 157.55.130.176:40022 [proto: 125/Skype][cat: VoIP/10][13 pkts/1004 bytes <-> 4 pkts/334 bytes] 61 TCP 192.168.1.34:50036 <-> 157.56.52.44:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][11 pkts/1074 bytes <-> 3 pkts/254 bytes] - 62 TCP 192.168.1.34:50074 <-> 157.55.130.173:40003 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][13 pkts/1010 bytes <-> 4 pkts/317 bytes] + 62 TCP 192.168.1.34:50074 <-> 157.55.130.173:40003 [proto: 125/Skype][cat: VoIP/10][13 pkts/1010 bytes <-> 4 pkts/317 bytes] 63 TCP 192.168.1.34:50078 <-> 157.55.130.173:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][12 pkts/1088 bytes <-> 3 pkts/236 bytes] - 64 TCP 192.168.1.34:50070 <-> 157.55.130.170:40018 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][13 pkts/989 bytes <-> 4 pkts/323 bytes] + 64 TCP 192.168.1.34:50070 <-> 157.55.130.170:40018 [proto: 125/Skype][cat: VoIP/10][13 pkts/989 bytes <-> 4 pkts/323 bytes] 65 TCP 192.168.1.34:50030 <-> 65.55.223.33:443 [proto: 91/SSL][cat: Web/5][11 pkts/960 bytes <-> 4 pkts/351 bytes] - 66 TCP 192.168.1.34:50032 <-> 157.56.52.44:40032 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][12 pkts/969 bytes <-> 4 pkts/337 bytes] + 66 TCP 192.168.1.34:50032 <-> 157.56.52.44:40032 [proto: 125/Skype][cat: VoIP/10][12 pkts/969 bytes <-> 4 pkts/337 bytes] 67 TCP 192.168.1.34:50094 <-> 157.55.130.155:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][12 pkts/1039 bytes <-> 3 pkts/267 bytes] - 68 TCP 192.168.1.34:50067 <-> 157.55.56.160:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][12 pkts/899 bytes <-> 5 pkts/406 bytes] + 68 TCP 192.168.1.34:50067 <-> 157.55.56.160:40027 [proto: 125/Skype][cat: VoIP/10][12 pkts/899 bytes <-> 5 pkts/406 bytes] 69 TCP 192.168.1.34:50035 <-> 213.199.179.175:40021 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][13 pkts/982 bytes <-> 4 pkts/322 bytes] 70 TCP 192.168.1.34:50063 <-> 111.221.74.38:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][10 pkts/1002 bytes <-> 3 pkts/285 bytes] - 71 TCP 192.168.1.34:50049 <-> 157.55.130.166:40021 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][11 pkts/836 bytes <-> 5 pkts/442 bytes] - 72 TCP 192.168.1.34:50086 <-> 111.221.77.142:40023 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][11 pkts/841 bytes <-> 5 pkts/429 bytes] + 71 TCP 192.168.1.34:50049 <-> 157.55.130.166:40021 [proto: 125/Skype][cat: VoIP/10][11 pkts/836 bytes <-> 5 pkts/442 bytes] + 72 TCP 192.168.1.34:50086 <-> 111.221.77.142:40023 [proto: 125/Skype][cat: VoIP/10][11 pkts/841 bytes <-> 5 pkts/429 bytes] 73 TCP 192.168.1.34:50056 <-> 157.55.56.146:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][11 pkts/999 bytes <-> 4 pkts/266 bytes] 74 TCP 192.168.1.34:50038 <-> 157.55.130.140:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][12 pkts/1032 bytes <-> 3 pkts/230 bytes] - 75 TCP 192.168.1.34:50055 <-> 111.221.74.47:40030 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][11 pkts/866 bytes <-> 5 pkts/396 bytes] + 75 TCP 192.168.1.34:50055 <-> 111.221.74.47:40030 [proto: 125/Skype][cat: VoIP/10][11 pkts/866 bytes <-> 5 pkts/396 bytes] 76 TCP 192.168.1.34:50112 <-> 76.167.161.6:20274 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][11 pkts/843 bytes <-> 4 pkts/411 bytes] 77 TCP 192.168.1.34:50141 <-> 80.14.46.121:4415 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][13 pkts/994 bytes <-> 2 pkts/243 bytes] - 78 TCP 192.168.1.34:50059 <-> 111.221.74.38:40015 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][11 pkts/820 bytes <-> 5 pkts/416 bytes] - 79 TCP 192.168.1.34:50046 <-> 157.55.130.150:40011 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][11 pkts/843 bytes <-> 4 pkts/386 bytes] - 80 TCP 192.168.1.34:50096 <-> 111.221.74.46:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][11 pkts/822 bytes <-> 4 pkts/390 bytes] + 78 TCP 192.168.1.34:50059 <-> 111.221.74.38:40015 [proto: 125/Skype][cat: VoIP/10][11 pkts/820 bytes <-> 5 pkts/416 bytes] + 79 TCP 192.168.1.34:50046 <-> 157.55.130.150:40011 [proto: 125/Skype][cat: VoIP/10][11 pkts/843 bytes <-> 4 pkts/386 bytes] + 80 TCP 192.168.1.34:50096 <-> 111.221.74.46:40027 [proto: 125/Skype][cat: VoIP/10][11 pkts/822 bytes <-> 4 pkts/390 bytes] 81 TCP 192.168.1.34:50058 <-> 111.221.74.47:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][10 pkts/857 bytes <-> 4 pkts/351 bytes] 82 TCP 192.168.1.34:50113 <-> 71.238.7.203:18767 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][11 pkts/827 bytes <-> 3 pkts/325 bytes] 83 TCP 192.168.1.34:50103 <-> 64.4.23.166:443 [proto: 91/SSL][cat: Web/5][9 pkts/862 bytes <-> 3 pkts/285 bytes] @@ -146,158 +144,157 @@ ApplePush 12 1877 1 129 UDP 192.168.1.34:13021 -> 176.26.55.167:63773 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][5 pkts/300 bytes -> 0 pkts/0 bytes] 130 UDP 192.168.1.34:58681 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/101 bytes <-> 1 pkts/166 bytes][Host: db3msgr5011709.gateway.messenger.live.com] 131 UDP 192.168.1.34:62454 <-> 192.168.1.1:53 [proto: 5.143/DNS.AppleiCloud][cat: Web/5][1 pkts/101 bytes <-> 1 pkts/133 bytes][Host: p05-keyvalueservice.icloud.com.akadns.net] - 132 UDP 192.168.1.34:54067 -> 192.168.1.1:5351 [proto: 140/Apple][cat: Web/5][4 pkts/216 bytes -> 0 pkts/0 bytes] - 133 UDP 192.168.1.34:123 <-> 17.253.48.245:123 [proto: 9/NTP][cat: System/18][1 pkts/90 bytes <-> 1 pkts/90 bytes] - 134 UDP 192.168.1.34:51879 <-> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][1 pkts/82 bytes <-> 1 pkts/98 bytes][Host: e4593.g.akamaiedge.net] - 135 UDP 192.168.1.34:63321 <-> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][1 pkts/82 bytes <-> 1 pkts/98 bytes][Host: e4593.g.akamaiedge.net] - 136 UDP 192.168.1.34:64085 <-> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][1 pkts/82 bytes <-> 1 pkts/98 bytes][Host: e7768.b.akamaiedge.net] - 137 TCP 192.168.1.34:50024 <-> 17.172.100.36:443 [proto: 91.140/SSL.Apple][cat: Web/5][2 pkts/108 bytes <-> 1 pkts/60 bytes] - 138 IGMP 192.168.0.254:0 -> 224.0.0.1:0 [proto: 82/IGMP][cat: Network/14][2 pkts/92 bytes -> 0 pkts/0 bytes] - 139 UDP 192.168.1.34:13021 -> 64.4.23.145:40024 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] - 140 UDP 192.168.1.34:13021 -> 65.55.223.26:40004 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] - 141 UDP 192.168.1.34:13021 -> 65.55.223.33:40011 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] - 142 UDP 192.168.1.34:13021 -> 157.55.56.168:40006 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] - 143 UDP 192.168.1.34:13021 -> 157.55.130.146:40026 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] - 144 UDP 192.168.1.34:13021 -> 157.55.130.154:40005 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] - 145 UDP 192.168.1.34:13021 -> 157.55.235.147:40020 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] - 146 UDP 192.168.1.34:13021 -> 157.55.235.152:40001 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] - 147 UDP 192.168.1.34:13021 -> 213.199.179.155:40004 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] - 148 UDP 192.168.1.34:13021 -> 111.221.74.28:40014 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] - 149 UDP 192.168.1.34:13021 -> 111.221.77.146:33033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] - 150 UDP 192.168.1.34:13021 -> 111.221.77.155:40004 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] - 151 UDP 192.168.1.34:13021 -> 111.221.77.159:40009 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] - 152 UDP 192.168.1.34:13021 -> 111.221.77.172:40010 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] - 153 UDP 192.168.1.34:13021 -> 157.55.130.156:40034 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] - 154 UDP 192.168.1.34:13021 -> 157.55.235.161:40011 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] - 155 UDP 192.168.1.34:13021 -> 157.55.235.176:40022 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] - 156 UDP 192.168.1.34:13021 -> 157.56.52.27:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] - 157 UDP 192.168.1.34:13021 -> 157.56.52.28:40009 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] - 158 UDP 192.168.1.34:13021 -> 64.4.23.143:40018 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 159 UDP 192.168.1.34:13021 -> 64.4.23.155:40004 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 160 UDP 192.168.1.34:13021 -> 65.55.223.29:40010 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 161 UDP 192.168.1.34:13021 -> 111.221.74.15:40024 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 162 UDP 192.168.1.34:13021 -> 111.221.77.145:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 163 UDP 192.168.1.34:13021 -> 111.221.77.166:40011 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 164 UDP 192.168.1.34:13021 -> 157.55.56.142:40023 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 165 UDP 192.168.1.34:13021 -> 157.55.56.151:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 166 UDP 192.168.1.34:13021 -> 157.55.56.175:40013 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 167 UDP 192.168.1.34:13021 -> 157.55.130.143:40017 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 168 UDP 192.168.1.34:13021 -> 157.55.235.155:40003 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 169 UDP 192.168.1.34:13021 -> 157.56.52.17:40013 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 170 UDP 192.168.1.34:13021 -> 64.4.23.166:40022 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] - 171 UDP 192.168.1.34:13021 -> 65.55.223.25:40028 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] - 172 UDP 192.168.1.34:13021 -> 65.55.223.43:40002 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] - 173 UDP 192.168.1.34:13021 -> 111.221.74.43:40001 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] - 174 UDP 192.168.1.34:13021 -> 111.221.77.151:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] - 175 UDP 192.168.1.34:13021 -> 157.55.56.162:40004 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] - 176 UDP 192.168.1.34:13021 -> 157.55.130.147:40019 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] - 177 UDP 192.168.1.34:13021 -> 157.55.235.175:40008 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] - 178 UDP 192.168.1.34:13021 -> 213.199.179.150:40004 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] - 179 UDP 192.168.1.34:13021 -> 111.221.74.12:40031 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] - 180 UDP 192.168.1.34:13021 -> 111.221.74.48:40008 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] - 181 UDP 192.168.1.34:13021 -> 111.221.77.165:40020 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] - 182 UDP 192.168.1.34:13021 -> 213.199.179.141:40015 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] - 183 UDP 192.168.1.34:13021 -> 213.199.179.143:40022 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] - 184 UDP 192.168.1.34:13021 -> 213.199.179.154:40034 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] - 185 UDP 192.168.1.34:13021 -> 65.55.223.28:40026 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] - 186 UDP 192.168.1.34:13021 -> 111.221.74.40:40018 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] - 187 UDP 192.168.1.34:13021 -> 157.55.130.175:40006 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] - 188 UDP 192.168.1.34:13021 -> 157.56.52.26:40026 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] - 189 UDP 192.168.1.34:13021 -> 213.199.179.165:40007 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] - 190 UDP 192.168.1.34:13021 -> 64.4.23.141:40004 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] - 191 UDP 192.168.1.34:13021 -> 111.221.74.29:40024 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] - 192 UDP 192.168.1.34:13021 -> 111.221.74.31:40021 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] - 193 UDP 192.168.1.34:13021 -> 111.221.77.176:40020 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] - 194 UDP 192.168.1.34:13021 -> 157.55.235.153:40023 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] - 195 UDP 192.168.1.34:13021 -> 213.199.179.168:40006 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] - 196 UDP 192.168.1.34:13021 -> 64.4.23.151:40029 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] - 197 UDP 192.168.1.34:13021 -> 64.4.23.165:40020 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] - 198 UDP 192.168.1.34:13021 -> 111.221.77.142:40023 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] - 199 UDP 192.168.1.34:13021 -> 157.55.130.151:40017 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] - 200 UDP 192.168.1.34:13021 -> 64.4.23.168:40006 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] - 201 UDP 192.168.1.34:13021 -> 65.55.223.21:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] - 202 UDP 192.168.1.34:13021 -> 65.55.223.45:40012 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] - 203 UDP 192.168.1.34:13021 -> 111.221.74.44:40031 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] - 204 UDP 192.168.1.34:13021 -> 111.221.74.46:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] - 205 UDP 192.168.1.34:13021 -> 111.221.77.153:40024 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] - 206 UDP 192.168.1.34:13021 -> 157.55.56.148:40010 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] - 207 UDP 192.168.1.34:13021 -> 157.55.235.157:40010 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] - 208 UDP 192.168.1.34:13021 -> 157.55.235.172:40032 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] - 209 UDP 192.168.1.34:13021 -> 157.56.52.18:33033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] - 210 UDP 192.168.1.34:13021 -> 213.199.179.170:40011 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] - 211 UDP 192.168.1.34:13021 -> 64.4.23.150:40004 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 212 UDP 192.168.1.34:13021 -> 64.4.23.159:40009 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 213 UDP 192.168.1.34:13021 -> 65.55.223.17:40022 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 214 UDP 192.168.1.34:13021 -> 111.221.74.17:40022 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 215 UDP 192.168.1.34:13021 -> 111.221.74.18:33033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 216 UDP 192.168.1.34:13021 -> 111.221.74.32:40009 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 217 UDP 192.168.1.34:13021 -> 111.221.74.42:40024 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 218 UDP 192.168.1.34:13021 -> 157.55.56.146:33033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 219 UDP 192.168.1.34:13021 -> 157.55.56.161:40012 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 220 UDP 192.168.1.34:13021 -> 157.55.130.155:40020 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 221 UDP 192.168.1.34:13021 -> 157.55.130.165:40026 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 222 UDP 192.168.1.34:13021 -> 157.55.235.142:40025 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 223 UDP 192.168.1.34:13021 -> 157.56.52.33:40011 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 224 UDP 192.168.1.34:13021 -> 213.199.179.162:40029 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 225 UDP 192.168.1.34:13021 -> 64.4.23.148:40010 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] - 226 UDP 192.168.1.34:13021 -> 65.55.223.18:33033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] - 227 UDP 192.168.1.34:13021 -> 65.55.223.41:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] - 228 UDP 192.168.1.34:13021 -> 111.221.77.148:40029 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] - 229 UDP 192.168.1.34:13021 -> 157.55.130.146:33033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] - 230 UDP 192.168.1.34:13021 -> 157.55.235.143:40030 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] - 231 UDP 192.168.1.34:13021 -> 157.55.235.160:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] - 232 UDP 192.168.1.34:13021 -> 157.55.235.166:40015 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] - 233 UDP 192.168.1.34:13021 -> 157.56.52.37:40032 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] - 234 UDP 192.168.1.34:13021 -> 64.4.23.140:40012 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] - 235 UDP 192.168.1.34:13021 -> 64.4.23.170:40011 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] - 236 UDP 192.168.1.34:13021 -> 111.221.74.19:40001 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] - 237 UDP 192.168.1.34:13021 -> 111.221.77.160:40028 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] - 238 UDP 192.168.1.34:13021 -> 111.221.77.168:40007 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] - 239 UDP 192.168.1.34:13021 -> 157.55.56.145:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] - 240 UDP 192.168.1.34:13021 -> 157.55.56.165:40020 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] - 241 UDP 192.168.1.34:13021 -> 157.55.235.145:40022 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] - 242 UDP 192.168.1.34:13021 -> 157.56.52.15:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] - 243 UDP 192.168.1.34:13021 -> 65.55.223.24:40032 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 244 UDP 192.168.1.34:13021 -> 111.221.74.16:40032 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 245 UDP 192.168.1.34:13021 -> 111.221.77.141:40020 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 246 UDP 192.168.1.34:13021 -> 111.221.77.149:40030 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 247 UDP 192.168.1.34:13021 -> 111.221.77.154:40017 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 248 UDP 192.168.1.34:13021 -> 157.55.130.157:40013 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 249 UDP 192.168.1.34:13021 -> 157.55.130.160:40029 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 250 UDP 192.168.1.34:13021 -> 157.55.130.172:40019 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 251 UDP 192.168.1.34:13021 -> 157.56.52.45:40012 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 252 UDP 192.168.1.34:13021 -> 213.199.179.146:33033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 253 UDP 192.168.1.34:13021 -> 213.199.179.146:40030 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 254 UDP 192.168.1.34:13021 -> 64.4.23.146:33033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] - 255 UDP 192.168.1.34:13021 -> 64.4.23.173:40017 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] - 256 UDP 192.168.1.34:13021 -> 65.55.223.15:40026 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] - 257 UDP 192.168.1.34:13021 -> 65.55.223.38:40015 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] - 258 UDP 192.168.1.34:13021 -> 65.55.223.44:40013 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] - 259 UDP 192.168.1.34:13021 -> 111.221.74.25:40028 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] - 260 UDP 192.168.1.34:13021 -> 111.221.77.143:40022 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] - 261 UDP 192.168.1.34:13021 -> 157.55.130.144:40034 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] - 262 UDP 192.168.1.34:13021 -> 157.55.235.146:33033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] - 263 UDP 192.168.1.34:13021 -> 213.199.179.145:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] - 264 UDP 192.168.1.34:13021 -> 65.55.223.20:40033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] - 265 UDP 192.168.1.34:13021 -> 111.221.74.24:40001 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] - 266 UDP 192.168.1.34:13021 -> 111.221.77.140:40003 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] - 267 UDP 192.168.1.34:13021 -> 157.55.56.166:40022 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] - 268 UDP 192.168.1.34:13021 -> 157.55.130.148:40019 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] - 269 UDP 192.168.1.34:13021 -> 157.55.235.158:40031 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] - 270 UDP 192.168.1.34:13021 -> 157.55.235.159:40021 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] - 271 UDP 192.168.1.34:13021 -> 157.55.235.173:40012 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] - 272 UDP 192.168.1.34:13021 -> 157.56.52.21:40004 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] - 273 UDP 192.168.1.34:13021 -> 157.56.52.24:40001 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] - 274 UDP 192.168.1.34:13021 -> 157.56.52.47:40029 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] - 275 UDP 192.168.1.34:13021 -> 213.199.179.152:40023 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] - 276 IGMP 192.168.1.1:0 -> 224.0.0.1:0 [proto: 82/IGMP][cat: Network/14][1 pkts/60 bytes -> 0 pkts/0 bytes] - 277 IGMP 192.168.1.92:0 -> 224.0.0.251:0 [proto: 82/IGMP][cat: Network/14][1 pkts/60 bytes -> 0 pkts/0 bytes] - 278 UDP 192.168.1.34:13021 -> 65.55.223.39:443 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes] - 279 UDP 192.168.1.34:13021 -> 71.62.0.85:33647 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes] - 280 UDP 192.168.1.34:13021 -> 106.188.249.186:15120 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes] - 281 UDP 192.168.1.34:13021 -> 157.55.130.145:443 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes] - 282 UDP 192.168.1.34:13021 -> 176.97.100.249:26635 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes] - 283 IGMP 192.168.1.34:0 -> 224.0.0.251:0 [proto: 82/IGMP][cat: Network/14][1 pkts/46 bytes -> 0 pkts/0 bytes] + 132 UDP 192.168.1.34:123 <-> 17.253.48.245:123 [proto: 9.140/NTP.Apple][cat: Web/5][1 pkts/90 bytes <-> 1 pkts/90 bytes] + 133 UDP 192.168.1.34:51879 <-> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][1 pkts/82 bytes <-> 1 pkts/98 bytes][Host: e4593.g.akamaiedge.net] + 134 UDP 192.168.1.34:63321 <-> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][1 pkts/82 bytes <-> 1 pkts/98 bytes][Host: e4593.g.akamaiedge.net] + 135 UDP 192.168.1.34:64085 <-> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][1 pkts/82 bytes <-> 1 pkts/98 bytes][Host: e7768.b.akamaiedge.net] + 136 TCP 192.168.1.34:50024 <-> 17.172.100.36:443 [proto: 91.140/SSL.Apple][cat: Web/5][2 pkts/108 bytes <-> 1 pkts/60 bytes] + 137 IGMP 192.168.0.254:0 -> 224.0.0.1:0 [proto: 82/IGMP][cat: Network/14][2 pkts/92 bytes -> 0 pkts/0 bytes] + 138 UDP 192.168.1.34:13021 -> 64.4.23.145:40024 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] + 139 UDP 192.168.1.34:13021 -> 65.55.223.26:40004 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] + 140 UDP 192.168.1.34:13021 -> 65.55.223.33:40011 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] + 141 UDP 192.168.1.34:13021 -> 157.55.56.168:40006 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] + 142 UDP 192.168.1.34:13021 -> 157.55.130.146:40026 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] + 143 UDP 192.168.1.34:13021 -> 157.55.130.154:40005 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] + 144 UDP 192.168.1.34:13021 -> 157.55.235.147:40020 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] + 145 UDP 192.168.1.34:13021 -> 157.55.235.152:40001 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] + 146 UDP 192.168.1.34:13021 -> 213.199.179.155:40004 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] + 147 UDP 192.168.1.34:13021 -> 111.221.74.28:40014 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] + 148 UDP 192.168.1.34:13021 -> 111.221.77.146:33033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] + 149 UDP 192.168.1.34:13021 -> 111.221.77.155:40004 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] + 150 UDP 192.168.1.34:13021 -> 111.221.77.159:40009 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] + 151 UDP 192.168.1.34:13021 -> 111.221.77.172:40010 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] + 152 UDP 192.168.1.34:13021 -> 157.55.130.156:40034 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] + 153 UDP 192.168.1.34:13021 -> 157.55.235.161:40011 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] + 154 UDP 192.168.1.34:13021 -> 157.55.235.176:40022 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] + 155 UDP 192.168.1.34:13021 -> 157.56.52.27:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] + 156 UDP 192.168.1.34:13021 -> 157.56.52.28:40009 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] + 157 UDP 192.168.1.34:13021 -> 64.4.23.143:40018 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 158 UDP 192.168.1.34:13021 -> 64.4.23.155:40004 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 159 UDP 192.168.1.34:13021 -> 65.55.223.29:40010 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 160 UDP 192.168.1.34:13021 -> 111.221.74.15:40024 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 161 UDP 192.168.1.34:13021 -> 111.221.77.145:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 162 UDP 192.168.1.34:13021 -> 111.221.77.166:40011 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 163 UDP 192.168.1.34:13021 -> 157.55.56.142:40023 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 164 UDP 192.168.1.34:13021 -> 157.55.56.151:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 165 UDP 192.168.1.34:13021 -> 157.55.56.175:40013 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 166 UDP 192.168.1.34:13021 -> 157.55.130.143:40017 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 167 UDP 192.168.1.34:13021 -> 157.55.235.155:40003 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 168 UDP 192.168.1.34:13021 -> 157.56.52.17:40013 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 169 UDP 192.168.1.34:13021 -> 64.4.23.166:40022 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] + 170 UDP 192.168.1.34:13021 -> 65.55.223.25:40028 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] + 171 UDP 192.168.1.34:13021 -> 65.55.223.43:40002 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] + 172 UDP 192.168.1.34:13021 -> 111.221.74.43:40001 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] + 173 UDP 192.168.1.34:13021 -> 111.221.77.151:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] + 174 UDP 192.168.1.34:13021 -> 157.55.56.162:40004 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] + 175 UDP 192.168.1.34:13021 -> 157.55.130.147:40019 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] + 176 UDP 192.168.1.34:13021 -> 157.55.235.175:40008 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] + 177 UDP 192.168.1.34:13021 -> 213.199.179.150:40004 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] + 178 UDP 192.168.1.34:13021 -> 111.221.74.12:40031 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] + 179 UDP 192.168.1.34:13021 -> 111.221.74.48:40008 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] + 180 UDP 192.168.1.34:13021 -> 111.221.77.165:40020 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] + 181 UDP 192.168.1.34:13021 -> 213.199.179.141:40015 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] + 182 UDP 192.168.1.34:13021 -> 213.199.179.143:40022 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] + 183 UDP 192.168.1.34:13021 -> 213.199.179.154:40034 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] + 184 UDP 192.168.1.34:13021 -> 65.55.223.28:40026 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] + 185 UDP 192.168.1.34:13021 -> 111.221.74.40:40018 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] + 186 UDP 192.168.1.34:13021 -> 157.55.130.175:40006 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] + 187 UDP 192.168.1.34:13021 -> 157.56.52.26:40026 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] + 188 UDP 192.168.1.34:13021 -> 213.199.179.165:40007 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] + 189 UDP 192.168.1.34:13021 -> 64.4.23.141:40004 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] + 190 UDP 192.168.1.34:13021 -> 111.221.74.29:40024 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] + 191 UDP 192.168.1.34:13021 -> 111.221.74.31:40021 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] + 192 UDP 192.168.1.34:13021 -> 111.221.77.176:40020 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] + 193 UDP 192.168.1.34:13021 -> 157.55.235.153:40023 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] + 194 UDP 192.168.1.34:13021 -> 213.199.179.168:40006 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] + 195 UDP 192.168.1.34:13021 -> 64.4.23.151:40029 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] + 196 UDP 192.168.1.34:13021 -> 64.4.23.165:40020 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] + 197 UDP 192.168.1.34:13021 -> 111.221.77.142:40023 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] + 198 UDP 192.168.1.34:13021 -> 157.55.130.151:40017 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] + 199 UDP 192.168.1.34:13021 -> 64.4.23.168:40006 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] + 200 UDP 192.168.1.34:13021 -> 65.55.223.21:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] + 201 UDP 192.168.1.34:13021 -> 65.55.223.45:40012 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] + 202 UDP 192.168.1.34:13021 -> 111.221.74.44:40031 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] + 203 UDP 192.168.1.34:13021 -> 111.221.74.46:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] + 204 UDP 192.168.1.34:13021 -> 111.221.77.153:40024 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] + 205 UDP 192.168.1.34:13021 -> 157.55.56.148:40010 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] + 206 UDP 192.168.1.34:13021 -> 157.55.235.157:40010 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] + 207 UDP 192.168.1.34:13021 -> 157.55.235.172:40032 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] + 208 UDP 192.168.1.34:13021 -> 157.56.52.18:33033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] + 209 UDP 192.168.1.34:13021 -> 213.199.179.170:40011 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] + 210 UDP 192.168.1.34:13021 -> 64.4.23.150:40004 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 211 UDP 192.168.1.34:13021 -> 64.4.23.159:40009 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 212 UDP 192.168.1.34:13021 -> 65.55.223.17:40022 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 213 UDP 192.168.1.34:13021 -> 111.221.74.17:40022 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 214 UDP 192.168.1.34:13021 -> 111.221.74.18:33033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 215 UDP 192.168.1.34:13021 -> 111.221.74.32:40009 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 216 UDP 192.168.1.34:13021 -> 111.221.74.42:40024 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 217 UDP 192.168.1.34:13021 -> 157.55.56.146:33033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 218 UDP 192.168.1.34:13021 -> 157.55.56.161:40012 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 219 UDP 192.168.1.34:13021 -> 157.55.130.155:40020 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 220 UDP 192.168.1.34:13021 -> 157.55.130.165:40026 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 221 UDP 192.168.1.34:13021 -> 157.55.235.142:40025 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 222 UDP 192.168.1.34:13021 -> 157.56.52.33:40011 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 223 UDP 192.168.1.34:13021 -> 213.199.179.162:40029 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 224 UDP 192.168.1.34:13021 -> 64.4.23.148:40010 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] + 225 UDP 192.168.1.34:13021 -> 65.55.223.18:33033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] + 226 UDP 192.168.1.34:13021 -> 65.55.223.41:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] + 227 UDP 192.168.1.34:13021 -> 111.221.77.148:40029 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] + 228 UDP 192.168.1.34:13021 -> 157.55.130.146:33033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] + 229 UDP 192.168.1.34:13021 -> 157.55.235.143:40030 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] + 230 UDP 192.168.1.34:13021 -> 157.55.235.160:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] + 231 UDP 192.168.1.34:13021 -> 157.55.235.166:40015 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] + 232 UDP 192.168.1.34:13021 -> 157.56.52.37:40032 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] + 233 UDP 192.168.1.34:13021 -> 64.4.23.140:40012 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] + 234 UDP 192.168.1.34:13021 -> 64.4.23.170:40011 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] + 235 UDP 192.168.1.34:13021 -> 111.221.74.19:40001 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] + 236 UDP 192.168.1.34:13021 -> 111.221.77.160:40028 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] + 237 UDP 192.168.1.34:13021 -> 111.221.77.168:40007 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] + 238 UDP 192.168.1.34:13021 -> 157.55.56.145:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] + 239 UDP 192.168.1.34:13021 -> 157.55.56.165:40020 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] + 240 UDP 192.168.1.34:13021 -> 157.55.235.145:40022 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] + 241 UDP 192.168.1.34:13021 -> 157.56.52.15:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] + 242 UDP 192.168.1.34:13021 -> 65.55.223.24:40032 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 243 UDP 192.168.1.34:13021 -> 111.221.74.16:40032 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 244 UDP 192.168.1.34:13021 -> 111.221.77.141:40020 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 245 UDP 192.168.1.34:13021 -> 111.221.77.149:40030 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 246 UDP 192.168.1.34:13021 -> 111.221.77.154:40017 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 247 UDP 192.168.1.34:13021 -> 157.55.130.157:40013 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 248 UDP 192.168.1.34:13021 -> 157.55.130.160:40029 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 249 UDP 192.168.1.34:13021 -> 157.55.130.172:40019 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 250 UDP 192.168.1.34:13021 -> 157.56.52.45:40012 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 251 UDP 192.168.1.34:13021 -> 213.199.179.146:33033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 252 UDP 192.168.1.34:13021 -> 213.199.179.146:40030 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 253 UDP 192.168.1.34:13021 -> 64.4.23.146:33033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] + 254 UDP 192.168.1.34:13021 -> 64.4.23.173:40017 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] + 255 UDP 192.168.1.34:13021 -> 65.55.223.15:40026 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] + 256 UDP 192.168.1.34:13021 -> 65.55.223.38:40015 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] + 257 UDP 192.168.1.34:13021 -> 65.55.223.44:40013 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] + 258 UDP 192.168.1.34:13021 -> 111.221.74.25:40028 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] + 259 UDP 192.168.1.34:13021 -> 111.221.77.143:40022 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] + 260 UDP 192.168.1.34:13021 -> 157.55.130.144:40034 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] + 261 UDP 192.168.1.34:13021 -> 157.55.235.146:33033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] + 262 UDP 192.168.1.34:13021 -> 213.199.179.145:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] + 263 UDP 192.168.1.34:13021 -> 65.55.223.20:40033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] + 264 UDP 192.168.1.34:13021 -> 111.221.74.24:40001 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] + 265 UDP 192.168.1.34:13021 -> 111.221.77.140:40003 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] + 266 UDP 192.168.1.34:13021 -> 157.55.56.166:40022 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] + 267 UDP 192.168.1.34:13021 -> 157.55.130.148:40019 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] + 268 UDP 192.168.1.34:13021 -> 157.55.235.158:40031 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] + 269 UDP 192.168.1.34:13021 -> 157.55.235.159:40021 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] + 270 UDP 192.168.1.34:13021 -> 157.55.235.173:40012 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] + 271 UDP 192.168.1.34:13021 -> 157.56.52.21:40004 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] + 272 UDP 192.168.1.34:13021 -> 157.56.52.24:40001 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] + 273 UDP 192.168.1.34:13021 -> 157.56.52.47:40029 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] + 274 UDP 192.168.1.34:13021 -> 213.199.179.152:40023 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] + 275 IGMP 192.168.1.1:0 -> 224.0.0.1:0 [proto: 82/IGMP][cat: Network/14][1 pkts/60 bytes -> 0 pkts/0 bytes] + 276 IGMP 192.168.1.92:0 -> 224.0.0.251:0 [proto: 82/IGMP][cat: Network/14][1 pkts/60 bytes -> 0 pkts/0 bytes] + 277 UDP 192.168.1.34:13021 -> 65.55.223.39:443 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes] + 278 UDP 192.168.1.34:13021 -> 71.62.0.85:33647 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes] + 279 UDP 192.168.1.34:13021 -> 106.188.249.186:15120 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes] + 280 UDP 192.168.1.34:13021 -> 157.55.130.145:443 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes] + 281 UDP 192.168.1.34:13021 -> 176.97.100.249:26635 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes] + 282 IGMP 192.168.1.34:0 -> 224.0.0.251:0 [proto: 82/IGMP][cat: Network/14][1 pkts/46 bytes -> 0 pkts/0 bytes] Undetected flows: @@ -310,4 +307,5 @@ Undetected flows: 7 TCP 192.168.1.34:50144 <-> 78.202.226.115:29059 [proto: 0/Unknown][10 pkts/797 bytes <-> 4 pkts/342 bytes] 8 TCP 192.168.1.34:50145 -> 157.56.53.51:12350 [proto: 0/Unknown][8 pkts/608 bytes -> 0 pkts/0 bytes] 9 UDP 192.168.1.34:49511 -> 192.168.1.1:5351 [proto: 0/Unknown][4 pkts/216 bytes -> 0 pkts/0 bytes] - 10 TCP 192.168.1.34:50140 <-> 76.167.161.6:20274 [proto: 0/Unknown][2 pkts/132 bytes <-> 1 pkts/74 bytes] + 10 UDP 192.168.1.34:54067 -> 192.168.1.1:5351 [proto: 0/Unknown][4 pkts/216 bytes -> 0 pkts/0 bytes] + 11 TCP 192.168.1.34:50140 <-> 76.167.161.6:20274 [proto: 0/Unknown][2 pkts/132 bytes <-> 1 pkts/74 bytes] diff --git a/tests/result/skype_no_unknown.pcap.out b/tests/result/skype_no_unknown.pcap.out index a278e42eb..bbddd568f 100644 --- a/tests/result/skype_no_unknown.pcap.out +++ b/tests/result/skype_no_unknown.pcap.out @@ -3,15 +3,14 @@ DNS 2 267 1 MDNS 3 400 2 NetBIOS 22 3106 7 SSDP 40 14100 3 -SkypeCallIn 684 60681 178 +SkypeCallIn 454 39996 164 ICMP 4 328 1 IGMP 4 226 4 SSL 79 7742 6 Dropbox 16 7342 5 -Skype 610 129661 46 -Apple 76 19581 1 +Skype 840 150346 60 +Apple 84 20699 2 MS_OneDrive 348 181687 1 -ApplePush 8 1118 1 1 TCP 192.168.1.34:51230 <-> 157.56.126.211:443 [proto: 91.221/SSL.MS_OneDrive][cat: Cloud/13][166 pkts/39042 bytes <-> 182 pkts/142645 bytes][server: *.gateway.messenger.live.com] 2 TCP 192.168.1.34:51279 <-> 111.221.74.48:40008 [proto: 125/Skype][cat: VoIP/10][101 pkts/30681 bytes <-> 98 pkts/59934 bytes] @@ -20,7 +19,7 @@ ApplePush 8 1118 1 5 TCP 192.168.1.34:51292 <-> 71.238.7.203:18767 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][17 pkts/2686 bytes <-> 13 pkts/2218 bytes] 6 TCP 192.168.1.34:51293 <-> 5.248.186.221:31010 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][12 pkts/2194 bytes <-> 8 pkts/1711 bytes] 7 TCP 192.168.1.34:51231 <-> 23.206.33.166:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][16 pkts/3461 bytes <-> 1 pkts/74 bytes][client: apps.skype.com] - 8 TCP 192.168.1.34:51297 <-> 91.190.216.24:12350 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][12 pkts/3242 bytes <-> 3 pkts/290 bytes] + 8 TCP 192.168.1.34:51297 <-> 91.190.216.24:12350 [proto: 125/Skype][cat: VoIP/10][12 pkts/3242 bytes <-> 3 pkts/290 bytes] 9 TCP 108.160.163.108:443 <-> 192.168.1.34:51222 [proto: 91.121/SSL.Dropbox][cat: Cloud/13][4 pkts/818 bytes <-> 4 pkts/2172 bytes] 10 TCP 192.168.1.34:51295 <-> 23.206.33.166:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][11 pkts/2074 bytes <-> 1 pkts/74 bytes][client: apps.skype.com] 11 TCP 192.168.1.34:51238 <-> 157.55.235.147:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][13 pkts/1446 bytes <-> 4 pkts/266 bytes] @@ -33,44 +32,44 @@ ApplePush 8 1118 1 18 TCP 192.168.1.34:51258 <-> 213.199.179.176:40021 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][14 pkts/1104 bytes <-> 5 pkts/392 bytes] 19 TCP 192.168.1.34:51269 <-> 213.199.179.175:40029 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][14 pkts/1106 bytes <-> 5 pkts/385 bytes] 20 TCP 192.168.1.34:51290 <-> 5.248.186.221:31010 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][14 pkts/1070 bytes <-> 4 pkts/420 bytes] - 21 TCP 192.168.1.34:51234 <-> 157.55.235.147:40001 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][14 pkts/1117 bytes <-> 4 pkts/337 bytes] + 21 TCP 192.168.1.34:51234 <-> 157.55.235.147:40001 [proto: 125/Skype][cat: VoIP/10][14 pkts/1117 bytes <-> 4 pkts/337 bytes] 22 TCP 192.168.1.34:51253 <-> 64.4.23.166:443 [proto: 91/SSL][cat: Web/5][11 pkts/1164 bytes <-> 3 pkts/268 bytes] 23 TCP 192.168.1.34:51247 <-> 157.56.52.44:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][10 pkts/1077 bytes <-> 4 pkts/351 bytes] - 24 TCP 192.168.1.34:51257 <-> 157.55.235.170:40032 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][14 pkts/1059 bytes <-> 4 pkts/367 bytes] - 25 TCP 192.168.1.34:51277 <-> 157.55.235.156:40026 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][13 pkts/1011 bytes <-> 4 pkts/415 bytes] + 24 TCP 192.168.1.34:51257 <-> 157.55.235.170:40032 [proto: 125/Skype][cat: VoIP/10][14 pkts/1059 bytes <-> 4 pkts/367 bytes] + 25 TCP 192.168.1.34:51277 <-> 157.55.235.156:40026 [proto: 125/Skype][cat: VoIP/10][13 pkts/1011 bytes <-> 4 pkts/415 bytes] 26 TCP 192.168.1.34:51305 <-> 149.13.32.15:13392 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][14 pkts/1093 bytes <-> 4 pkts/333 bytes] 27 TCP 192.168.1.34:51271 <-> 213.199.179.175:443 [proto: 91/SSL][cat: Web/5][12 pkts/1130 bytes <-> 3 pkts/285 bytes] 28 TCP 192.168.1.34:51280 <-> 157.55.235.146:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][12 pkts/1130 bytes <-> 3 pkts/285 bytes] 29 TCP 192.168.1.34:51281 <-> 157.55.235.156:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][12 pkts/1095 bytes <-> 3 pkts/285 bytes] 30 TCP 192.168.1.34:51240 <-> 111.221.74.45:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][10 pkts/1022 bytes <-> 4 pkts/351 bytes] 31 TCP 192.168.1.34:51289 <-> 71.238.7.203:18767 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][13 pkts/991 bytes <-> 4 pkts/378 bytes] - 32 TCP 192.168.1.34:51272 <-> 157.55.235.152:40029 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][13 pkts/1006 bytes <-> 4 pkts/361 bytes] + 32 TCP 192.168.1.34:51272 <-> 157.55.235.152:40029 [proto: 125/Skype][cat: VoIP/10][13 pkts/1006 bytes <-> 4 pkts/361 bytes] 33 TCP 192.168.1.34:51250 <-> 111.221.77.175:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][10 pkts/1012 bytes <-> 4 pkts/351 bytes] 34 TCP 192.168.1.34:51235 <-> 65.55.223.45:40009 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][13 pkts/976 bytes <-> 4 pkts/365 bytes] - 35 TCP 192.168.1.34:51237 <-> 157.55.130.176:40022 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][13 pkts/986 bytes <-> 4 pkts/344 bytes] - 36 TCP 192.168.1.34:51276 <-> 157.55.235.146:40021 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][13 pkts/981 bytes <-> 4 pkts/348 bytes] - 37 TCP 192.168.1.34:51255 <-> 157.55.130.142:40005 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][13 pkts/1004 bytes <-> 4 pkts/318 bytes] + 35 TCP 192.168.1.34:51237 <-> 157.55.130.176:40022 [proto: 125/Skype][cat: VoIP/10][13 pkts/986 bytes <-> 4 pkts/344 bytes] + 36 TCP 192.168.1.34:51276 <-> 157.55.235.146:40021 [proto: 125/Skype][cat: VoIP/10][13 pkts/981 bytes <-> 4 pkts/348 bytes] + 37 TCP 192.168.1.34:51255 <-> 157.55.130.142:40005 [proto: 125/Skype][cat: VoIP/10][13 pkts/1004 bytes <-> 4 pkts/318 bytes] 38 TCP 192.168.1.34:51251 <-> 64.4.23.166:40029 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][12 pkts/948 bytes <-> 4 pkts/349 bytes] - 39 TCP 192.168.1.34:51229 <-> 157.56.52.28:40009 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][12 pkts/951 bytes <-> 4 pkts/341 bytes] - 40 TCP 192.168.1.34:51248 <-> 111.221.77.175:40030 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][11 pkts/858 bytes <-> 5 pkts/426 bytes] - 41 TCP 192.168.1.34:51246 <-> 157.56.52.44:40020 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][11 pkts/856 bytes <-> 5 pkts/409 bytes] + 39 TCP 192.168.1.34:51229 <-> 157.56.52.28:40009 [proto: 125/Skype][cat: VoIP/10][12 pkts/951 bytes <-> 4 pkts/341 bytes] + 40 TCP 192.168.1.34:51248 <-> 111.221.77.175:40030 [proto: 125/Skype][cat: VoIP/10][11 pkts/858 bytes <-> 5 pkts/426 bytes] + 41 TCP 192.168.1.34:51246 <-> 157.56.52.44:40020 [proto: 125/Skype][cat: VoIP/10][11 pkts/856 bytes <-> 5 pkts/409 bytes] 42 TCP 192.168.1.34:51288 <-> 76.167.161.6:20274 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][11 pkts/861 bytes <-> 4 pkts/397 bytes] - 43 TCP 192.168.1.34:51236 <-> 111.221.74.45:40008 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][11 pkts/844 bytes <-> 5 pkts/413 bytes] + 43 TCP 192.168.1.34:51236 <-> 111.221.74.45:40008 [proto: 125/Skype][cat: VoIP/10][11 pkts/844 bytes <-> 5 pkts/413 bytes] 44 TCP 192.168.1.34:51282 <-> 64.4.23.159:443 [proto: 91/SSL][cat: Web/5][10 pkts/972 bytes <-> 3 pkts/285 bytes] 45 TCP 192.168.1.34:51259 <-> 111.221.77.142:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][10 pkts/902 bytes <-> 4 pkts/351 bytes] - 46 TCP 192.168.1.34:51256 <-> 111.221.77.142:40013 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][11 pkts/815 bytes <-> 5 pkts/423 bytes] + 46 TCP 192.168.1.34:51256 <-> 111.221.77.142:40013 [proto: 125/Skype][cat: VoIP/10][11 pkts/815 bytes <-> 5 pkts/423 bytes] 47 TCP 192.168.1.34:51291 <-> 81.83.77.141:17639 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][12 pkts/942 bytes <-> 3 pkts/284 bytes] 48 TCP 192.168.1.34:51278 <-> 64.4.23.159:40009 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][11 pkts/832 bytes <-> 4 pkts/387 bytes] 49 TCP 192.168.1.34:51268 <-> 111.221.74.18:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][10 pkts/852 bytes <-> 4 pkts/351 bytes] 50 TCP 192.168.1.34:51309 <-> 149.13.32.15:13392 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][12 pkts/916 bytes <-> 3 pkts/281 bytes] 51 TCP 192.168.1.34:51316 <-> 149.13.32.15:13392 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][11 pkts/862 bytes <-> 3 pkts/314 bytes] - 52 TCP 192.168.1.34:51267 <-> 111.221.74.18:40025 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][10 pkts/785 bytes <-> 4 pkts/378 bytes] + 52 TCP 192.168.1.34:51267 <-> 111.221.74.18:40025 [proto: 125/Skype][cat: VoIP/10][10 pkts/785 bytes <-> 4 pkts/378 bytes] 53 TCP 192.168.1.34:51232 <-> 157.56.52.28:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][10 pkts/872 bytes <-> 3 pkts/285 bytes] 54 TCP 192.168.1.34:51298 <-> 82.224.110.241:38895 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][12 pkts/931 bytes <-> 2 pkts/219 bytes] 55 TCP 192.168.1.34:51313 <-> 212.161.8.36:13392 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][11 pkts/855 bytes <-> 3 pkts/287 bytes] 56 UDP 192.168.1.1:137 <-> 192.168.1.34:137 [proto: 10/NetBIOS][cat: System/18][6 pkts/958 bytes <-> 2 pkts/184 bytes] 57 TCP 192.168.1.34:51311 <-> 93.79.224.176:14506 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][11 pkts/848 bytes <-> 3 pkts/286 bytes] - 58 TCP 17.143.160.149:5223 <-> 192.168.1.34:50407 [proto: 238/ApplePush][cat: Cloud/13][4 pkts/674 bytes <-> 4 pkts/444 bytes] + 58 TCP 17.143.160.149:5223 <-> 192.168.1.34:50407 [proto: 238.140/ApplePush.Apple][cat: Web/5][4 pkts/674 bytes <-> 4 pkts/444 bytes] 59 UDP 192.168.1.34:17500 -> 192.168.1.255:17500 [proto: 121/Dropbox][cat: Cloud/13][2 pkts/1088 bytes -> 0 pkts/0 bytes] 60 UDP 192.168.1.34:17500 -> 255.255.255.255:17500 [proto: 121/Dropbox][cat: Cloud/13][2 pkts/1088 bytes -> 0 pkts/0 bytes] 61 UDP 192.168.1.92:17500 -> 192.168.1.255:17500 [proto: 121/Dropbox][cat: Cloud/13][2 pkts/1088 bytes -> 0 pkts/0 bytes] diff --git a/tests/result/snapchat.pcap.out b/tests/result/snapchat.pcap.out index 35183e642..017d5a639 100644 --- a/tests/result/snapchat.pcap.out +++ b/tests/result/snapchat.pcap.out @@ -1,6 +1,6 @@ -SSL_No_Cert 22 2879 1 +Google 22 2879 1 Snapchat 34 7320 2 1 TCP 10.8.0.1:56193 <-> 74.125.136.141:443 [proto: 91.199/SSL.Snapchat][cat: Chat/9][9 pkts/2290 bytes <-> 8 pkts/1653 bytes][client: feelinsonice-hrd.appspot.com] 2 TCP 10.8.0.1:44536 <-> 74.125.136.141:443 [proto: 91.199/SSL.Snapchat][cat: Chat/9][9 pkts/2345 bytes <-> 8 pkts/1032 bytes][client: feelinsonice-hrd.appspot.com] - 3 TCP 10.8.0.1:33233 <-> 74.125.136.141:443 [proto: 64/SSL_No_Cert][cat: Web/5][11 pkts/1910 bytes <-> 11 pkts/969 bytes] + 3 TCP 10.8.0.1:33233 <-> 74.125.136.141:443 [proto: 64.126/SSL_No_Cert.Google][cat: Web/5][11 pkts/1910 bytes <-> 11 pkts/969 bytes] diff --git a/tests/result/starcraft_battle.pcap.out b/tests/result/starcraft_battle.pcap.out index c385561d7..c63b86dc8 100644 --- a/tests/result/starcraft_battle.pcap.out +++ b/tests/result/starcraft_battle.pcap.out @@ -5,8 +5,7 @@ HTTP_Download 179 134204 1 WorldOfWarcraft 9 880 1 IGMP 2 120 1 SSL 38 2548 11 -Google 16 1709 4 -QUIC 6 475 1 +Google 22 2184 5 Github 3 234 1 Starcraft 236 51494 6 @@ -32,7 +31,7 @@ Starcraft 236 51494 6 20 TCP 192.168.1.100:3427 <-> 80.239.208.193:1119 [proto: 213/Starcraft][cat: Game/8][6 pkts/376 bytes <-> 7 pkts/526 bytes] 21 TCP 192.168.1.100:3512 <-> 12.129.222.54:80 [proto: 7.76/HTTP.WorldOfWarcraft][cat: Game/8][5 pkts/367 bytes <-> 4 pkts/513 bytes][Host: us.scan.worldofwarcraft.com] 22 UDP 192.168.1.100:55468 <-> 192.168.1.254:53 [proto: 5/DNS][cat: Network/14][2 pkts/168 bytes <-> 2 pkts/388 bytes][Host: bnetcmsus-a.akamaihd.net] - 23 UDP 173.194.40.22:443 <-> 192.168.1.100:53568 [proto: 188/QUIC][cat: Web/5][3 pkts/243 bytes <-> 3 pkts/232 bytes] + 23 UDP 173.194.40.22:443 <-> 192.168.1.100:53568 [proto: 188.126/QUIC.Google][cat: Web/5][3 pkts/243 bytes <-> 3 pkts/232 bytes] 24 UDP 192.168.1.100:58851 <-> 192.168.1.254:53 [proto: 5/DNS][cat: Network/14][2 pkts/173 bytes <-> 2 pkts/282 bytes][Host: 22.40.194.173.in-addr.arpa] 25 UDP 192.168.1.100:60026 <-> 192.168.1.254:53 [proto: 5/DNS][cat: Network/14][2 pkts/154 bytes <-> 2 pkts/288 bytes][Host: llnw.blizzard.com] 26 UDP 192.168.1.100:58818 <-> 192.168.1.254:53 [proto: 5/DNS][cat: Network/14][2 pkts/172 bytes <-> 2 pkts/260 bytes][Host: 91.252.30.192.in-addr.arpa] diff --git a/tests/result/viber.pcap.out b/tests/result/viber.pcap.out index 0c85aae9e..e200492ee 100644 --- a/tests/result/viber.pcap.out +++ b/tests/result/viber.pcap.out @@ -1,40 +1,36 @@ -Unknown 93 13829 4 DNS 8 1267 4 MDNS 4 412 1 ICMP 2 3028 1 -SSL 129 42221 7 +SSL 31 8597 3 ICMPV6 2 140 1 Facebook 2 281 1 -Google 2 164 1 -Viber 175 85695 5 -QUIC 3 194 1 +Google 32 9133 3 +Viber 268 99524 9 +Amazon 71 24849 3 1 TCP 192.168.0.17:53934 <-> 54.230.93.53:443 [proto: 91.144/SSL.Viber][cat: Chat/9][43 pkts/4571 bytes <-> 46 pkts/60087 bytes][client: dl-media.viber.com][server: *.viber.com] 2 TCP 192.168.0.17:57520 <-> 54.230.93.96:443 [proto: 91.144/SSL.Viber][cat: Chat/9][12 pkts/1848 bytes <-> 12 pkts/9317 bytes][client: media.cdn.viber.com][server: *.cdn.viber.com] - 3 TCP 192.168.0.17:49048 <-> 54.187.91.182:443 [proto: 91/SSL][cat: Web/5][13 pkts/2823 bytes <-> 14 pkts/6552 bytes][client: brahe.apptimize.com][server: *.apptimize.com] + 3 TCP 192.168.0.17:49048 <-> 54.187.91.182:443 [proto: 91.178/SSL.Amazon][cat: Web/5][13 pkts/2823 bytes <-> 14 pkts/6552 bytes][client: brahe.apptimize.com][server: *.apptimize.com] 4 TCP 192.168.0.17:33208 <-> 52.0.253.101:4244 [proto: 144/Viber][cat: Chat/9][32 pkts/6563 bytes <-> 26 pkts/2782 bytes] - 5 TCP 192.168.0.17:43702 <-> 172.217.23.78:443 [proto: 91/SSL][cat: Web/5][15 pkts/5339 bytes <-> 12 pkts/3436 bytes][client: app-measurement.com] - 6 TCP 192.168.0.17:36986 <-> 54.69.166.226:443 [proto: 91/SSL][cat: Web/5][11 pkts/1437 bytes <-> 11 pkts/6412 bytes][client: mapi.apptimize.com][server: *.apptimize.com] + 5 TCP 192.168.0.17:43702 <-> 172.217.23.78:443 [proto: 91.126/SSL.Google][cat: Web/5][15 pkts/5339 bytes <-> 12 pkts/3436 bytes][client: app-measurement.com] + 6 TCP 192.168.0.17:36986 <-> 54.69.166.226:443 [proto: 91.178/SSL.Amazon][cat: Web/5][11 pkts/1437 bytes <-> 11 pkts/6412 bytes][client: mapi.apptimize.com][server: *.apptimize.com] 7 TCP 192.168.0.17:55746 <-> 151.101.1.130:443 [proto: 91/SSL][cat: Web/5][10 pkts/1534 bytes <-> 9 pkts/6239 bytes][client: venetia.iad.appboy.com][server: y.ssl.fastly.net] - 8 TCP 192.168.0.17:36988 <-> 54.69.166.226:443 [proto: 91/SSL][cat: Web/5][11 pkts/1462 bytes <-> 11 pkts/6163 bytes][client: mapi.apptimize.com][server: *.apptimize.com] - 9 ICMP 192.168.0.17:0 <-> 192.168.0.15:0 [proto: 81/ICMP][cat: Network/14][1 pkts/1514 bytes <-> 1 pkts/1514 bytes] - 10 UDP 192.168.0.17:62872 <-> 192.168.0.15:53 [proto: 5/DNS][cat: Network/14][1 pkts/78 bytes <-> 1 pkts/373 bytes][Host: mapi.apptimize.com] - 11 TCP 192.168.0.17:33744 <-> 18.201.4.3:443 [proto: 91/SSL][cat: Web/5][4 pkts/272 bytes <-> 2 pkts/140 bytes] - 12 TCP 192.168.0.17:45424 <-> 18.201.4.32:443 [proto: 91/SSL][cat: Web/5][4 pkts/272 bytes <-> 2 pkts/140 bytes] - 13 UDP 192.168.0.17:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network/14][4 pkts/412 bytes -> 0 pkts/0 bytes] - 14 UDP 192.168.0.17:35283 <-> 192.168.0.15:53 [proto: 5/DNS][cat: Network/14][1 pkts/74 bytes <-> 1 pkts/303 bytes][Host: app.adjust.com] - 15 UDP 192.168.0.17:45743 <-> 192.168.0.15:53 [proto: 5.119/DNS.Facebook][cat: SocialNetwork/6][1 pkts/78 bytes <-> 1 pkts/203 bytes][Host: graph.facebook.com] - 16 UDP 192.168.0.17:44376 <-> 192.168.0.15:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes <-> 1 pkts/183 bytes][Host: venetia.iad.appboy.com] - 17 UDP 192.168.0.17:37418 <-> 192.168.0.15:53 [proto: 5.144/DNS.Viber][cat: Chat/9][1 pkts/79 bytes <-> 1 pkts/185 bytes][Host: media.cdn.viber.com] - 18 UDP 192.168.0.17:40445 <-> 192.168.0.15:53 [proto: 5.144/DNS.Viber][cat: Chat/9][1 pkts/78 bytes <-> 1 pkts/185 bytes][Host: dl-media.viber.com] - 19 UDP 192.168.0.17:41993 <-> 172.217.23.106:443 [proto: 188/QUIC][cat: Web/5][2 pkts/130 bytes <-> 1 pkts/64 bytes] - 20 UDP 192.168.0.17:35331 <-> 192.168.0.15:53 [proto: 5/DNS][cat: Network/14][1 pkts/79 bytes <-> 1 pkts/95 bytes][Host: app-measurement.com] - 21 UDP 192.168.0.17:50097 <-> 192.168.0.15:53 [proto: 5.126/DNS.Google][cat: Web/5][1 pkts/74 bytes <-> 1 pkts/90 bytes][Host: www.google.com] - 22 ICMPV6 [fe80::3207:4dff:fea3:5fa7]:0 -> [ff02::2]:0 [proto: 102/ICMPV6][cat: Network/14][2 pkts/140 bytes -> 0 pkts/0 bytes] - - -Undetected flows: - 1 UDP 192.168.0.17:47171 <-> 18.201.4.32:7985 [proto: 0/Unknown][24 pkts/5035 bytes <-> 22 pkts/2302 bytes] - 2 UDP 192.168.0.17:38190 <-> 18.201.4.3:7985 [proto: 0/Unknown][25 pkts/4344 bytes <-> 18 pkts/1872 bytes] - 3 UDP 192.168.0.17:38190 <-> 18.201.4.3:7987 [proto: 0/Unknown][1 pkts/76 bytes <-> 1 pkts/62 bytes] - 4 UDP 192.168.0.17:47171 <-> 18.201.4.32:7987 [proto: 0/Unknown][1 pkts/76 bytes <-> 1 pkts/62 bytes] + 8 TCP 192.168.0.17:36988 <-> 54.69.166.226:443 [proto: 91.178/SSL.Amazon][cat: Web/5][11 pkts/1462 bytes <-> 11 pkts/6163 bytes][client: mapi.apptimize.com][server: *.apptimize.com] + 9 UDP 192.168.0.17:47171 <-> 18.201.4.32:7985 [proto: 144/Viber][cat: Chat/9][24 pkts/5035 bytes <-> 22 pkts/2302 bytes] + 10 UDP 192.168.0.17:38190 <-> 18.201.4.3:7985 [proto: 144/Viber][cat: Chat/9][25 pkts/4344 bytes <-> 18 pkts/1872 bytes] + 11 ICMP 192.168.0.17:0 <-> 192.168.0.15:0 [proto: 81/ICMP][cat: Network/14][1 pkts/1514 bytes <-> 1 pkts/1514 bytes] + 12 UDP 192.168.0.17:62872 <-> 192.168.0.15:53 [proto: 5/DNS][cat: Network/14][1 pkts/78 bytes <-> 1 pkts/373 bytes][Host: mapi.apptimize.com] + 13 TCP 192.168.0.17:33744 <-> 18.201.4.3:443 [proto: 91/SSL][cat: Web/5][4 pkts/272 bytes <-> 2 pkts/140 bytes] + 14 TCP 192.168.0.17:45424 <-> 18.201.4.32:443 [proto: 91/SSL][cat: Web/5][4 pkts/272 bytes <-> 2 pkts/140 bytes] + 15 UDP 192.168.0.17:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network/14][4 pkts/412 bytes -> 0 pkts/0 bytes] + 16 UDP 192.168.0.17:35283 <-> 192.168.0.15:53 [proto: 5/DNS][cat: Network/14][1 pkts/74 bytes <-> 1 pkts/303 bytes][Host: app.adjust.com] + 17 UDP 192.168.0.17:45743 <-> 192.168.0.15:53 [proto: 5.119/DNS.Facebook][cat: SocialNetwork/6][1 pkts/78 bytes <-> 1 pkts/203 bytes][Host: graph.facebook.com] + 18 UDP 192.168.0.17:44376 <-> 192.168.0.15:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes <-> 1 pkts/183 bytes][Host: venetia.iad.appboy.com] + 19 UDP 192.168.0.17:37418 <-> 192.168.0.15:53 [proto: 5.144/DNS.Viber][cat: Chat/9][1 pkts/79 bytes <-> 1 pkts/185 bytes][Host: media.cdn.viber.com] + 20 UDP 192.168.0.17:40445 <-> 192.168.0.15:53 [proto: 5.144/DNS.Viber][cat: Chat/9][1 pkts/78 bytes <-> 1 pkts/185 bytes][Host: dl-media.viber.com] + 21 UDP 192.168.0.17:41993 <-> 172.217.23.106:443 [proto: 188.126/QUIC.Google][cat: Web/5][2 pkts/130 bytes <-> 1 pkts/64 bytes] + 22 UDP 192.168.0.17:35331 <-> 192.168.0.15:53 [proto: 5/DNS][cat: Network/14][1 pkts/79 bytes <-> 1 pkts/95 bytes][Host: app-measurement.com] + 23 UDP 192.168.0.17:50097 <-> 192.168.0.15:53 [proto: 5.126/DNS.Google][cat: Web/5][1 pkts/74 bytes <-> 1 pkts/90 bytes][Host: www.google.com] + 24 ICMPV6 [fe80::3207:4dff:fea3:5fa7]:0 -> [ff02::2]:0 [proto: 102/ICMPV6][cat: Network/14][2 pkts/140 bytes -> 0 pkts/0 bytes] + 25 UDP 192.168.0.17:38190 <-> 18.201.4.3:7987 [proto: 144/Viber][cat: Chat/9][1 pkts/76 bytes <-> 1 pkts/62 bytes] + 26 UDP 192.168.0.17:47171 <-> 18.201.4.32:7987 [proto: 144/Viber][cat: Chat/9][1 pkts/76 bytes <-> 1 pkts/62 bytes] diff --git a/tests/result/waze.pcap.out b/tests/result/waze.pcap.out index bdb4acf91..b964af613 100644 --- a/tests/result/waze.pcap.out +++ b/tests/result/waze.pcap.out @@ -1,8 +1,8 @@ HTTP 28 1572 7 NTP 2 180 1 HTTP_Download 37 63205 1 -SSL_No_Cert 13 2142 1 SSL 8 432 2 +Google 13 2142 1 Waze 484 289335 19 WhatsApp 15 1341 1 Amazon 10 786 1 @@ -21,7 +21,7 @@ Amazon 10 786 1 12 TCP 10.8.0.1:36314 <-> 176.34.186.180:443 [proto: 91.135/SSL.Waze][cat: Web/5][11 pkts/1260 bytes <-> 9 pkts/4413 bytes][server: *.world.waze.com] 13 TCP 10.8.0.1:51050 <-> 176.34.103.105:443 [proto: 91.135/SSL.Waze][cat: Web/5][9 pkts/1184 bytes <-> 9 pkts/4369 bytes][server: *.waze.com] 14 TCP 10.8.0.1:45529 <-> 54.230.227.172:80 [proto: 7.135/HTTP.Waze][cat: Web/5][9 pkts/591 bytes <-> 8 pkts/3424 bytes][Host: roadshields.waze.com] - 15 TCP 10.8.0.1:36585 <-> 173.194.118.48:443 [proto: 64/SSL_No_Cert][cat: Web/5][7 pkts/1137 bytes <-> 6 pkts/1005 bytes] + 15 TCP 10.8.0.1:36585 <-> 173.194.118.48:443 [proto: 64.126/SSL_No_Cert.Google][cat: Web/5][7 pkts/1137 bytes <-> 6 pkts/1005 bytes] 16 TCP 10.8.0.1:45536 <-> 54.230.227.172:80 [proto: 7.135/HTTP.Waze][cat: Web/5][8 pkts/594 bytes <-> 7 pkts/771 bytes][Host: cres.waze.com] 17 TCP 10.8.0.1:50828 <-> 108.168.176.228:443 [proto: 142/WhatsApp][cat: Chat/9][8 pkts/673 bytes <-> 7 pkts/668 bytes] 18 TCP 10.8.0.1:45546 <-> 54.230.227.172:80 [proto: 7.135/HTTP.Waze][cat: Web/5][7 pkts/557 bytes <-> 7 pkts/771 bytes][Host: cres.waze.com] diff --git a/tests/result/webex.pcap.out b/tests/result/webex.pcap.out index 71fb528d1..ed5418eae 100644 --- a/tests/result/webex.pcap.out +++ b/tests/result/webex.pcap.out @@ -1,10 +1,10 @@ HTTP 22 3182 2 SSL_No_Cert 90 10682 5 -SSL 46 10727 4 +SSL 16 1159 3 SIP 22 15356 1 Google 17 6375 1 Webex 1380 818407 43 -Amazon 3 174 1 +Amazon 33 9742 2 1 TCP 10.8.0.1:51155 <-> 62.109.224.120:443 [proto: 91.141/SSL.Webex][cat: VoIP/10][256 pkts/14707 bytes <-> 257 pkts/329379 bytes][server: *.webex.com] 2 TCP 10.8.0.1:41348 <-> 64.68.105.103:443 [proto: 91.141/SSL.Webex][cat: VoIP/10][28 pkts/4815 bytes <-> 28 pkts/104881 bytes][client: radcom.webex.com] @@ -15,7 +15,7 @@ Amazon 3 174 1 7 TCP 10.8.0.1:51154 <-> 62.109.224.120:443 [proto: 91.141/SSL.Webex][cat: VoIP/10][55 pkts/12583 bytes <-> 50 pkts/6703 bytes][server: *.webex.com] 8 UDP 10.8.0.1:64538 -> 172.16.1.75:5060 [proto: 100/SIP][cat: VoIP/10][22 pkts/15356 bytes -> 0 pkts/0 bytes] 9 TCP 10.8.0.1:51857 <-> 62.109.229.158:443 [proto: 91.141/SSL.Webex][cat: VoIP/10][29 pkts/4559 bytes <-> 21 pkts/5801 bytes][server: *.webex.com] - 10 TCP 10.8.0.1:46211 <-> 54.241.32.14:443 [proto: 91/SSL][cat: Web/5][16 pkts/1984 bytes <-> 14 pkts/7584 bytes][client: api.crittercism.com][server: *.crittercism.com] + 10 TCP 10.8.0.1:46211 <-> 54.241.32.14:443 [proto: 91.178/SSL.Amazon][cat: Web/5][16 pkts/1984 bytes <-> 14 pkts/7584 bytes][client: api.crittercism.com][server: *.crittercism.com] 11 TCP 10.8.0.1:41386 <-> 64.68.105.103:443 [proto: 91.141/SSL.Webex][cat: VoIP/10][9 pkts/1417 bytes <-> 8 pkts/6984 bytes][server: *.webex.com] 12 TCP 10.8.0.1:41419 <-> 64.68.105.103:443 [proto: 91.141/SSL.Webex][cat: VoIP/10][7 pkts/1309 bytes <-> 7 pkts/6930 bytes][server: *.webex.com] 13 TCP 10.8.0.1:52730 <-> 173.243.4.76:443 [proto: 91.141/SSL.Webex][cat: VoIP/10][9 pkts/1369 bytes <-> 8 pkts/6621 bytes][server: *.webex.com] diff --git a/tests/result/weibo.pcap.out b/tests/result/weibo.pcap.out index f6c618bcf..b62f14fff 100644 --- a/tests/result/weibo.pcap.out +++ b/tests/result/weibo.pcap.out @@ -1,9 +1,8 @@ DNS 10 1059 5 HTTP 19 2275 5 SSL 15 1234 10 -Google 10 660 5 +Google 33 4778 7 Amazon 2 132 1 -QUIC 23 4118 2 Sina(Weibo) 419 258077 16 1 TCP 192.168.1.105:35803 <-> 93.188.134.246:80 [proto: 7.200/HTTP.Sina(Weibo)][cat: SocialNetwork/6][52 pkts/5367 bytes <-> 54 pkts/71536 bytes][Host: img.t.sinajs.cn] @@ -13,8 +12,8 @@ Sina(Weibo) 419 258077 16 5 TCP 192.168.1.105:35805 <-> 93.188.134.246:80 [proto: 7.200/HTTP.Sina(Weibo)][cat: SocialNetwork/6][21 pkts/2323 bytes <-> 20 pkts/20922 bytes][Host: img.t.sinajs.cn] 6 TCP 192.168.1.105:35809 <-> 93.188.134.246:80 [proto: 7.200/HTTP.Sina(Weibo)][cat: SocialNetwork/6][18 pkts/1681 bytes <-> 17 pkts/20680 bytes][Host: img.t.sinajs.cn] 7 TCP 192.168.1.105:35806 <-> 93.188.134.246:80 [proto: 7.200/HTTP.Sina(Weibo)][cat: SocialNetwork/6][7 pkts/946 bytes <-> 6 pkts/3755 bytes][Host: img.t.sinajs.cn] - 8 UDP 192.168.1.105:53656 <-> 216.58.210.227:443 [proto: 188/QUIC][cat: Web/5][8 pkts/1301 bytes <-> 6 pkts/873 bytes] - 9 UDP 216.58.210.14:443 <-> 192.168.1.105:49361 [proto: 188/QUIC][cat: Web/5][5 pkts/963 bytes <-> 4 pkts/981 bytes] + 8 UDP 192.168.1.105:53656 <-> 216.58.210.227:443 [proto: 188.126/QUIC.Google][cat: Web/5][8 pkts/1301 bytes <-> 6 pkts/873 bytes] + 9 UDP 216.58.210.14:443 <-> 192.168.1.105:49361 [proto: 188.126/QUIC.Google][cat: Web/5][5 pkts/963 bytes <-> 4 pkts/981 bytes] 10 TCP 192.168.1.105:59119 <-> 114.134.80.162:80 [proto: 7/HTTP][cat: Web/5][5 pkts/736 bytes <-> 4 pkts/863 bytes][Host: weibo.com] 11 TCP 192.168.1.105:35811 <-> 93.188.134.246:80 [proto: 7.200/HTTP.Sina(Weibo)][cat: SocialNetwork/6][3 pkts/604 bytes <-> 2 pkts/140 bytes][Host: js.t.sinajs.cn] 12 TCP 192.168.1.105:42275 <-> 222.73.28.96:80 [proto: 7.200/HTTP.Sina(Weibo)][cat: SocialNetwork/6][3 pkts/610 bytes <-> 1 pkts/66 bytes][Host: u1.img.mobile.sina.cn] diff --git a/tests/result/whatsapp_login_call.pcap.out b/tests/result/whatsapp_login_call.pcap.out index 666b3d70a..701215a49 100644 --- a/tests/result/whatsapp_login_call.pcap.out +++ b/tests/result/whatsapp_login_call.pcap.out @@ -4,14 +4,14 @@ MDNS 8 952 4 DHCP 10 3420 1 ICMP 10 700 1 SSL 8 589 2 +Facebook 44 7818 2 Dropbox 4 2176 1 -Apple 105 22176 19 +Apple 127 28102 20 WhatsApp 182 25154 2 Spotify 3 258 1 Messenger 70 9464 14 -WhatsAppVoice 706 91156 4 +WhatsAppVoice 662 83338 2 AppleStore 85 28087 2 -ApplePush 22 5926 1 1 UDP 192.168.2.4:51518 <-> 91.253.176.65:9344 [proto: 189/WhatsAppVoice][cat: VoIP/10][186 pkts/27025 bytes <-> 278 pkts/25895 bytes] 2 UDP 192.168.2.4:52794 <-> 91.253.176.65:9665 [proto: 189/WhatsAppVoice][cat: VoIP/10][141 pkts/17530 bytes <-> 57 pkts/12888 bytes] @@ -19,10 +19,10 @@ ApplePush 22 5926 1 4 TCP 192.168.2.4:49204 <-> 17.173.66.102:443 [proto: 91.224/SSL.AppleStore][cat: SoftwareUpdate/19][29 pkts/11770 bytes <-> 24 pkts/6612 bytes][client: p53-buy.itunes.apple.com] 5 TCP 192.168.2.4:49201 <-> 17.178.104.12:443 [proto: 91.140/SSL.Apple][cat: Web/5][21 pkts/7644 bytes <-> 17 pkts/9576 bytes][client: query.ess.apple.com][server: *.ess.apple.com] 6 TCP 192.168.2.4:49205 <-> 17.173.66.102:443 [proto: 91.224/SSL.AppleStore][cat: SoftwareUpdate/19][17 pkts/6166 bytes <-> 15 pkts/3539 bytes][client: p53-buy.itunes.apple.com] - 7 TCP 192.168.2.4:49193 <-> 17.110.229.14:5223 [proto: 238/ApplePush][cat: Cloud/13][11 pkts/4732 bytes <-> 11 pkts/1194 bytes] - 8 UDP 192.168.2.4:51518 <-> 31.13.93.48:3478 [proto: 189/WhatsAppVoice][cat: VoIP/10][12 pkts/2341 bytes <-> 12 pkts/2484 bytes] + 7 TCP 192.168.2.4:49193 <-> 17.110.229.14:5223 [proto: 238.140/ApplePush.Apple][cat: Web/5][11 pkts/4732 bytes <-> 11 pkts/1194 bytes] + 8 UDP 192.168.2.4:51518 <-> 31.13.93.48:3478 [proto: 189.119/WhatsAppVoice.Facebook][cat: SocialNetwork/6][12 pkts/2341 bytes <-> 12 pkts/2484 bytes] 9 UDP 0.0.0.0:68 -> 255.255.255.255:67 [proto: 18/DHCP][cat: Network/14][10 pkts/3420 bytes -> 0 pkts/0 bytes][Host: lucas-imac] - 10 UDP 192.168.2.4:52794 <-> 31.13.84.48:3478 [proto: 189/WhatsAppVoice][cat: VoIP/10][9 pkts/1842 bytes <-> 11 pkts/1151 bytes] + 10 UDP 192.168.2.4:52794 <-> 31.13.84.48:3478 [proto: 189.119/WhatsAppVoice.Facebook][cat: SocialNetwork/6][9 pkts/1842 bytes <-> 11 pkts/1151 bytes] 11 UDP 192.168.2.1:17500 -> 192.168.2.255:17500 [proto: 121/Dropbox][cat: Cloud/13][4 pkts/2176 bytes -> 0 pkts/0 bytes] 12 TCP 192.168.2.4:49199 <-> 17.172.100.70:993 [proto: 51.140/IMAPS.Apple][cat: Web/5][9 pkts/1130 bytes <-> 8 pkts/868 bytes] 13 ICMP 192.168.2.4:0 -> 91.253.176.65:0 [proto: 81/ICMP][cat: Network/14][10 pkts/700 bytes -> 0 pkts/0 bytes] diff --git a/tests/result/whatsapp_login_chat.pcap.out b/tests/result/whatsapp_login_chat.pcap.out index 324b0cd4c..51ce4456a 100644 --- a/tests/result/whatsapp_login_chat.pcap.out +++ b/tests/result/whatsapp_login_chat.pcap.out @@ -1,14 +1,13 @@ MDNS 2 202 2 DHCP 6 2052 1 Dropbox 2 1088 1 -Apple 44 21371 1 +Apple 50 23466 2 WhatsApp 32 3243 2 Spotify 1 86 1 -ApplePush 6 2095 1 1 TCP 192.168.2.4:49205 <-> 17.173.66.102:443 [proto: 91.140/SSL.Apple][cat: Web/5][24 pkts/15117 bytes <-> 20 pkts/6254 bytes] 2 TCP 192.168.2.4:49206 <-> 158.85.58.15:5222 [proto: 142/WhatsApp][cat: Chat/9][17 pkts/1794 bytes <-> 13 pkts/1169 bytes] - 3 TCP 17.110.229.14:5223 -> 192.168.2.4:49193 [proto: 238/ApplePush][cat: Cloud/13][6 pkts/2095 bytes -> 0 pkts/0 bytes] + 3 TCP 17.110.229.14:5223 -> 192.168.2.4:49193 [proto: 238.140/ApplePush.Apple][cat: Web/5][6 pkts/2095 bytes -> 0 pkts/0 bytes] 4 UDP 0.0.0.0:68 -> 255.255.255.255:67 [proto: 18/DHCP][cat: Network/14][6 pkts/2052 bytes -> 0 pkts/0 bytes][Host: lucas-imac] 5 UDP 192.168.2.1:17500 -> 192.168.2.255:17500 [proto: 121/Dropbox][cat: Cloud/13][2 pkts/1088 bytes -> 0 pkts/0 bytes] 6 UDP 192.168.2.4:61697 <-> 192.168.2.1:53 [proto: 5.142/DNS.WhatsApp][cat: Chat/9][1 pkts/76 bytes <-> 1 pkts/204 bytes][Host: e12.whatsapp.net] -- cgit v1.2.3 From be2934f9ad2f9ea21ca19a9f64e5bf3b67e22447 Mon Sep 17 00:00:00 2001 From: Luca Date: Fri, 30 Nov 2018 18:41:16 +0100 Subject: Added the concept of protocols that can have subprotocols. Example Spotify cannot have subprotocols, DNS can (DNS.Spotify) Merged Skype call in/out in Skype Call --- src/include/ndpi_main.h | 1 + src/include/ndpi_protocol_ids.h | 4 +- src/include/ndpi_typedefs.h | 1 + src/lib/ndpi_main.c | 418 ++++++++++++++-------------- src/lib/protocols/skype.c | 4 +- src/lib/protocols/stun.c | 7 +- tests/result/1kxun.pcap.out | 90 +++--- tests/result/hangout.pcap.out | 4 +- tests/result/nintendo.pcap.out | 6 +- tests/result/skype-conference-call.pcap.out | 4 +- tests/result/skype.pcap.out | 350 +++++++++++------------ tests/result/skype_no_unknown.pcap.out | 335 +++++++++++----------- tests/result/whatsapp_login_call.pcap.out | 12 +- tests/result/whatsapp_login_chat.pcap.out | 5 +- 14 files changed, 626 insertions(+), 615 deletions(-) (limited to 'tests') diff --git a/src/include/ndpi_main.h b/src/include/ndpi_main.h index 41280fb8e..e37576289 100644 --- a/src/include/ndpi_main.h +++ b/src/include/ndpi_main.h @@ -97,6 +97,7 @@ extern "C" { extern void ndpi_set_proto_defaults(struct ndpi_detection_module_struct *ndpi_mod, ndpi_protocol_breed_t protoBreed, u_int16_t protoId, + u_int8_t can_have_a_subprotocol, u_int16_t tcp_alias_protoId[2], u_int16_t udp_alias_protoId[2], char *protoName, ndpi_protocol_category_t protoCategory, diff --git a/src/include/ndpi_protocol_ids.h b/src/include/ndpi_protocol_ids.h index 376ae1958..14f1810ed 100644 --- a/src/include/ndpi_protocol_ids.h +++ b/src/include/ndpi_protocol_ids.h @@ -72,7 +72,7 @@ typedef enum { NDPI_PROTOCOL_GNUTELLA = 35, NDPI_PROTOCOL_EDONKEY = 36, /* Tomasz Bujlow */ NDPI_PROTOCOL_BITTORRENT = 37, - NDPI_PROTOCOL_SKYPE_CALL_OUT = 38, + NDPI_PROTOCOL_SKYPE_CALL = 38, /* Skype call and videocalls */ NDPI_PROTOCOL_SIGNAL = 39, NDPI_PROTOCOL_MEMCACHED = 40, /* Memcached - Darryl Sokoloski */ NDPI_PROTOCOL_SMBV23 = 41, /* SMB version 2/3 */ @@ -85,7 +85,7 @@ typedef enum { NDPI_PROTOCOL_XBOX = 47, NDPI_PROTOCOL_QQ = 48, - NDPI_PROTOCOL_SKYPE_CALL_IN = 49, + NDPI_PROTOCOL_FREE_49 = 49, /* Free */ NDPI_PROTOCOL_RTSP = 50, NDPI_PROTOCOL_MAIL_IMAPS = 51, NDPI_PROTOCOL_ICECAST = 52, diff --git a/src/include/ndpi_typedefs.h b/src/include/ndpi_typedefs.h index 4b69c2b7b..d48453baf 100644 --- a/src/include/ndpi_typedefs.h +++ b/src/include/ndpi_typedefs.h @@ -833,6 +833,7 @@ typedef enum { typedef struct ndpi_proto_defaults { char *protoName; ndpi_protocol_category_t protoCategory; + u_int8_t can_have_a_subprotocol; u_int16_t protoId, protoIdx; u_int16_t master_tcp_protoId[2], master_udp_protoId[2]; /* The main protocols on which this sub-protocol sits on */ ndpi_protocol_breed_t protoBreed; diff --git a/src/lib/ndpi_main.c b/src/lib/ndpi_main.c index 8ee2dd1a6..12aba272e 100644 --- a/src/lib/ndpi_main.c +++ b/src/lib/ndpi_main.c @@ -527,6 +527,7 @@ void ndpi_exclude_protocol(struct ndpi_detection_module_struct *ndpi_struct, void ndpi_set_proto_defaults(struct ndpi_detection_module_struct *ndpi_mod, ndpi_protocol_breed_t breed, u_int16_t protoId, + u_int8_t can_have_a_subprotocol, u_int16_t tcp_master_protoId[2], u_int16_t udp_master_protoId[2], char *protoName, ndpi_protocol_category_t protoCategory, ndpi_port_range *tcpDefPorts, ndpi_port_range *udpDefPorts) { @@ -553,7 +554,8 @@ void ndpi_set_proto_defaults(struct ndpi_detection_module_struct *ndpi_mod, ndpi_mod->proto_defaults[protoId].protoCategory = protoCategory, ndpi_mod->proto_defaults[protoId].protoId = protoId, ndpi_mod->proto_defaults[protoId].protoBreed = breed; - + ndpi_mod->proto_defaults[protoId].can_have_a_subprotocol = can_have_a_subprotocol; + memcpy(&ndpi_mod->proto_defaults[protoId].master_tcp_protoId, tcp_master_protoId, 2*sizeof(u_int16_t)); memcpy(&ndpi_mod->proto_defaults[protoId].master_udp_protoId, udp_master_protoId, 2*sizeof(u_int16_t)); @@ -754,6 +756,7 @@ void ndpi_init_protocol_match(struct ndpi_detection_module_struct *ndpi_mod, ndpi_set_proto_defaults(ndpi_mod, ndpi_mod->proto_defaults[match->protocol_id].protoBreed, ndpi_mod->proto_defaults[match->protocol_id].protoId, + 0 /* can_have_a_subprotocol */, no_master, no_master, ndpi_mod->proto_defaults[match->protocol_id].protoName, ndpi_mod->proto_defaults[match->protocol_id].protoCategory, @@ -995,966 +998,971 @@ static void ndpi_init_protocol_defaults(struct ndpi_detection_module_struct *ndp memset(ndpi_mod->proto_defaults, 0, sizeof(ndpi_mod->proto_defaults)); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_UNRATED, NDPI_PROTOCOL_UNKNOWN, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "Unknown", NDPI_PROTOCOL_CATEGORY_UNSPECIFIED, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_UNSAFE, NDPI_PROTOCOL_FTP_CONTROL, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "FTP_CONTROL", NDPI_PROTOCOL_CATEGORY_DOWNLOAD_FT, ndpi_build_default_ports(ports_a, 21, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_FTP_DATA, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "FTP_DATA", NDPI_PROTOCOL_CATEGORY_DOWNLOAD_FT, ndpi_build_default_ports(ports_a, 20, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_UNSAFE, NDPI_PROTOCOL_MAIL_POP, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "POP3", NDPI_PROTOCOL_CATEGORY_MAIL, ndpi_build_default_ports(ports_a, 110, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_SAFE, NDPI_PROTOCOL_MAIL_POPS, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "POPS", NDPI_PROTOCOL_CATEGORY_MAIL, ndpi_build_default_ports(ports_a, 995, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_MAIL_SMTP, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "SMTP", NDPI_PROTOCOL_CATEGORY_MAIL, ndpi_build_default_ports(ports_a, 25, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_SAFE, NDPI_PROTOCOL_MAIL_SMTPS, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "SMTPS", NDPI_PROTOCOL_CATEGORY_MAIL, ndpi_build_default_ports(ports_a, 465, 587, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_UNSAFE, NDPI_PROTOCOL_MAIL_IMAP, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "IMAP", NDPI_PROTOCOL_CATEGORY_MAIL, ndpi_build_default_ports(ports_a, 143, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_SAFE, NDPI_PROTOCOL_MAIL_IMAPS, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "IMAPS", NDPI_PROTOCOL_CATEGORY_MAIL, ndpi_build_default_ports(ports_a, 993, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DNS, - no_master, + 1 /* can_have_a_subprotocol */, no_master, no_master, "DNS", NDPI_PROTOCOL_CATEGORY_NETWORK, ndpi_build_default_ports(ports_a, 53, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 53, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_IPP, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "IPP", NDPI_PROTOCOL_CATEGORY_SYSTEM_OS, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_HEP, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "HEP", NDPI_PROTOCOL_CATEGORY_NETWORK, ndpi_build_default_ports(ports_a, 9064, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 9063, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_HTTP, - no_master, + 1 /* can_have_a_subprotocol */, no_master, no_master, "HTTP", NDPI_PROTOCOL_CATEGORY_WEB, ndpi_build_default_ports(ports_a, 80, 0 /* ntop */, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_MDNS, - no_master, + 1 /* can_have_a_subprotocol */, no_master, no_master, "MDNS", NDPI_PROTOCOL_CATEGORY_NETWORK, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 5353, 5354, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_NTP, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "NTP", NDPI_PROTOCOL_CATEGORY_SYSTEM_OS, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 123, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_NETBIOS, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "NetBIOS", NDPI_PROTOCOL_CATEGORY_SYSTEM_OS, ndpi_build_default_ports(ports_a, 139, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 137, 138, 139, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_NFS, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "NFS", NDPI_PROTOCOL_CATEGORY_DATA_TRANSFER, ndpi_build_default_ports(ports_a, 2049, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 2049, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_SSDP, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "SSDP", NDPI_PROTOCOL_CATEGORY_SYSTEM_OS, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_BGP, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "BGP", NDPI_PROTOCOL_CATEGORY_NETWORK, ndpi_build_default_ports(ports_a, 179, 2605, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_SNMP, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "SNMP", NDPI_PROTOCOL_CATEGORY_NETWORK, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 161, 162, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_XDMCP, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "XDMCP", NDPI_PROTOCOL_CATEGORY_REMOTE_ACCESS, ndpi_build_default_ports(ports_a, 177, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 177, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_SMBV1, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "SMBv1", NDPI_PROTOCOL_CATEGORY_SYSTEM_OS, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_SYSLOG, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "Syslog", NDPI_PROTOCOL_CATEGORY_SYSTEM_OS, ndpi_build_default_ports(ports_a, 514, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 514, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DHCP, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "DHCP", NDPI_PROTOCOL_CATEGORY_NETWORK, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 67, 68, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_POSTGRES, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "PostgreSQL", NDPI_PROTOCOL_CATEGORY_DATABASE, ndpi_build_default_ports(ports_a, 5432, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_MYSQL, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "MySQL", NDPI_PROTOCOL_CATEGORY_DATABASE, ndpi_build_default_ports(ports_a, 3306, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_POTENTIALLY_DANGEROUS, NDPI_PROTOCOL_DIRECT_DOWNLOAD_LINK, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "Direct_Download_Link", NDPI_PROTOCOL_CATEGORY_DOWNLOAD_FT, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_POTENTIALLY_DANGEROUS, NDPI_PROTOCOL_APPLEJUICE, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "AppleJuice", NDPI_PROTOCOL_CATEGORY_DOWNLOAD_FT, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_POTENTIALLY_DANGEROUS, NDPI_PROTOCOL_DIRECTCONNECT, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "DirectConnect", NDPI_PROTOCOL_CATEGORY_DOWNLOAD_FT, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_SAFE, NDPI_PROTOCOL_NTOP, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "ntop", NDPI_PROTOCOL_CATEGORY_NETWORK, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_VMWARE, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "VMware", NDPI_PROTOCOL_CATEGORY_REMOTE_ACCESS, ndpi_build_default_ports(ports_a, 903, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 902, 903, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_SAFE, NDPI_PROTOCOL_FBZERO, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "FacebookZero", NDPI_PROTOCOL_CATEGORY_WEB, ndpi_build_default_ports(ports_a, 443, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_POTENTIALLY_DANGEROUS, NDPI_PROTOCOL_KONTIKI, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "Kontiki", NDPI_PROTOCOL_CATEGORY_MEDIA, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_POTENTIALLY_DANGEROUS, NDPI_PROTOCOL_OPENFT, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "OpenFT", NDPI_PROTOCOL_CATEGORY_DOWNLOAD_FT, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_POTENTIALLY_DANGEROUS, NDPI_PROTOCOL_FASTTRACK, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "FastTrack", NDPI_PROTOCOL_CATEGORY_DOWNLOAD_FT, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_POTENTIALLY_DANGEROUS, NDPI_PROTOCOL_GNUTELLA, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "Gnutella", NDPI_PROTOCOL_CATEGORY_DOWNLOAD_FT, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_UNSAFE, NDPI_PROTOCOL_EDONKEY, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "eDonkey", NDPI_PROTOCOL_CATEGORY_DOWNLOAD_FT, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_UNSAFE, NDPI_PROTOCOL_BITTORRENT, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "BitTorrent", NDPI_PROTOCOL_CATEGORY_DOWNLOAD_FT, ndpi_build_default_ports(ports_a, 51413, 53646, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 6771, 51413, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_SKYPE, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "Skype", NDPI_PROTOCOL_CATEGORY_VOIP, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); - ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_SKYPE_CALL_IN, - no_master, - no_master, "SkypeCallIn", NDPI_PROTOCOL_CATEGORY_VOIP, + ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_SKYPE_CALL, + 0 /* can_have_a_subprotocol */, no_master, + no_master, "SkypeCall", NDPI_PROTOCOL_CATEGORY_VOIP, + ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, + ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); + ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_FREE_49, + 0 /* can_have_a_subprotocol */, no_master, + no_master, "Free_49", NDPI_PROTOCOL_CATEGORY_VOIP, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); - ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_SKYPE_CALL_OUT, - no_master, - no_master, "SkypeCallOut", NDPI_PROTOCOL_CATEGORY_VOIP, + ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_FREE_49, + 0 /* can_have_a_subprotocol */, no_master, + no_master, "SkypeCall", NDPI_PROTOCOL_CATEGORY_VOIP, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_TEREDO, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "Teredo", NDPI_PROTOCOL_CATEGORY_NETWORK, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 3544, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_WECHAT, - no_master, /* wechat.com */ + 0 /* can_have_a_subprotocol */, no_master, /* wechat.com */ no_master, "WeChat", NDPI_PROTOCOL_CATEGORY_SOCIAL_NETWORK, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_MEMCACHED, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "Memcached", NDPI_PROTOCOL_CATEGORY_NETWORK, ndpi_build_default_ports(ports_a, 11211, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 11211, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_SMBV23, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "SMBv23", NDPI_PROTOCOL_CATEGORY_SYSTEM_OS, ndpi_build_default_ports(ports_a, 445, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_UNSAFE, NDPI_PROTOCOL_MINING, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "Mining", CUSTOM_CATEGORY_MINING, ndpi_build_default_ports(ports_a, 8333, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_NEST_LOG_SINK, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "NestLogSink", NDPI_PROTOCOL_CATEGORY_CLOUD, ndpi_build_default_ports(ports_a, 11095, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_FREE_44, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "Free", NDPI_PROTOCOL_CATEGORY_CUSTOM_1 /* dummy */, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_FREE_45, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "Free", NDPI_PROTOCOL_CATEGORY_CUSTOM_1 /* dummy */, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_FREE_46, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "Free", NDPI_PROTOCOL_CATEGORY_CUSTOM_1 /* dummy */, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_SIGNAL, - no_master, /* https://signal.org */ + 0 /* can_have_a_subprotocol */, no_master, /* https://signal.org */ no_master, "Signal", NDPI_PROTOCOL_CATEGORY_CHAT, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_FREE_196, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "Free", NDPI_PROTOCOL_CATEGORY_CUSTOM_1 /* dummy */, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_FREE_205, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "Free", NDPI_PROTOCOL_CATEGORY_CUSTOM_1 /* dummy */, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_VIDTO, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "PPStream", NDPI_PROTOCOL_CATEGORY_MEDIA, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_XBOX, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "Xbox", NDPI_PROTOCOL_CATEGORY_GAME, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_QQ, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "QQ", NDPI_PROTOCOL_CATEGORY_CHAT, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_RTSP, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "RTSP", NDPI_PROTOCOL_CATEGORY_MEDIA, ndpi_build_default_ports(ports_a, 554, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 554, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_ICECAST, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "IceCast", NDPI_PROTOCOL_CATEGORY_MEDIA, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_PPLIVE, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "PPLive", NDPI_PROTOCOL_CATEGORY_MEDIA, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_PPSTREAM, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "PPStream", NDPI_PROTOCOL_CATEGORY_MEDIA, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_ZATTOO, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "Zattoo", NDPI_PROTOCOL_CATEGORY_MEDIA, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_SHOUTCAST, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "ShoutCast", NDPI_PROTOCOL_CATEGORY_MEDIA, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_SOPCAST, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "Sopcast", NDPI_PROTOCOL_CATEGORY_MEDIA, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_TVANTS, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "Tvants", NDPI_PROTOCOL_CATEGORY_MEDIA, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_TVUPLAYER, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "TVUplayer", NDPI_PROTOCOL_CATEGORY_MEDIA, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_HTTP_DOWNLOAD, - no_master, + 1 /* can_have_a_subprotocol */, no_master, no_master, "HTTP_Download", NDPI_PROTOCOL_CATEGORY_DOWNLOAD_FT, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_QQLIVE, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "QQLive", NDPI_PROTOCOL_CATEGORY_MEDIA, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_THUNDER, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "Thunder", NDPI_PROTOCOL_CATEGORY_DOWNLOAD_FT, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_SOULSEEK, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "Soulseek", NDPI_PROTOCOL_CATEGORY_DOWNLOAD_FT, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); custom_master[0] = NDPI_PROTOCOL_SSL, custom_master[1] = NDPI_PROTOCOL_UNKNOWN; ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_SSL_NO_CERT, - custom_master, + 1 /* can_have_a_subprotocol */, custom_master, no_master, "SSL_No_Cert", NDPI_PROTOCOL_CATEGORY_WEB, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_UNSAFE, NDPI_PROTOCOL_IRC, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "IRC", NDPI_PROTOCOL_CATEGORY_CHAT, ndpi_build_default_ports(ports_a, 194, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 194, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_AYIYA, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "Ayiya", NDPI_PROTOCOL_CATEGORY_NETWORK, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 5072, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_UNENCRYPTED_JABBER, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "Unencrypted_Jabber", NDPI_PROTOCOL_CATEGORY_WEB, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_OSCAR, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "Oscar", NDPI_PROTOCOL_CATEGORY_CHAT, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_BATTLEFIELD, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "BattleField", NDPI_PROTOCOL_CATEGORY_GAME, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_IP_VRRP, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "VRRP", NDPI_PROTOCOL_CATEGORY_NETWORK, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_STEAM, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "Steam", NDPI_PROTOCOL_CATEGORY_GAME, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_HALFLIFE2, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "HalfLife2", NDPI_PROTOCOL_CATEGORY_GAME, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_WORLDOFWARCRAFT, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "WorldOfWarcraft", NDPI_PROTOCOL_CATEGORY_GAME, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_POTENTIALLY_DANGEROUS, NDPI_PROTOCOL_HOTSPOT_SHIELD, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "HotspotShield", NDPI_PROTOCOL_CATEGORY_VPN, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_UNSAFE, NDPI_PROTOCOL_TELNET, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "Telnet", NDPI_PROTOCOL_CATEGORY_REMOTE_ACCESS, ndpi_build_default_ports(ports_a, 23, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); custom_master[0] = NDPI_PROTOCOL_SIP, custom_master[1] = NDPI_PROTOCOL_H323; ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_STUN, - no_master, + 0 /* can_have_a_subprotocol */, no_master, custom_master, "STUN", NDPI_PROTOCOL_CATEGORY_NETWORK, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 3478, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_SAFE, NDPI_PROTOCOL_IP_IPSEC, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "IPsec", NDPI_PROTOCOL_CATEGORY_VPN, ndpi_build_default_ports(ports_a, 500, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 500, 4500, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_IP_GRE, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "GRE", NDPI_PROTOCOL_CATEGORY_NETWORK, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_IP_ICMP, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "ICMP", NDPI_PROTOCOL_CATEGORY_NETWORK, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_IP_IGMP, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "IGMP", NDPI_PROTOCOL_CATEGORY_NETWORK, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_IP_EGP, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "EGP", NDPI_PROTOCOL_CATEGORY_NETWORK, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_IP_SCTP, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "SCTP", NDPI_PROTOCOL_CATEGORY_NETWORK, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_IP_OSPF, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "OSPF", NDPI_PROTOCOL_CATEGORY_NETWORK, ndpi_build_default_ports(ports_a, 2604, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_IP_IP_IN_IP, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "IP_in_IP", NDPI_PROTOCOL_CATEGORY_NETWORK, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_RTP, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "RTP", NDPI_PROTOCOL_CATEGORY_MEDIA, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_RDP, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "RDP", NDPI_PROTOCOL_CATEGORY_REMOTE_ACCESS, ndpi_build_default_ports(ports_a, 3389, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_VNC, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "VNC", NDPI_PROTOCOL_CATEGORY_REMOTE_ACCESS, ndpi_build_default_ports(ports_a, 5900, 5901, 5800, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_PCANYWHERE, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "PcAnywhere", NDPI_PROTOCOL_CATEGORY_REMOTE_ACCESS, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_WHATSAPP_VOICE, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "WhatsAppVoice", NDPI_PROTOCOL_CATEGORY_VOIP, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_WHATSAPP_FILES, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "WhatsAppFiles", NDPI_PROTOCOL_CATEGORY_DOWNLOAD_FT, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_WHATSAPP, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "WhatsApp", NDPI_PROTOCOL_CATEGORY_CHAT, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); custom_master[0] = NDPI_PROTOCOL_SSL_NO_CERT, custom_master[1] = NDPI_PROTOCOL_UNKNOWN; ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_SAFE, NDPI_PROTOCOL_SSL, - no_master, + 1 /* can_have_a_subprotocol */, no_master, custom_master, "SSL", NDPI_PROTOCOL_CATEGORY_WEB, ndpi_build_default_ports(ports_a, 443, 3001 /* ntop */, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_SSH, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "SSH", NDPI_PROTOCOL_CATEGORY_REMOTE_ACCESS, ndpi_build_default_ports(ports_a, 22, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_USENET, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "Usenet", NDPI_PROTOCOL_CATEGORY_WEB, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_MGCP, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "MGCP", NDPI_PROTOCOL_CATEGORY_VOIP, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_IAX, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "IAX", NDPI_PROTOCOL_CATEGORY_VOIP, ndpi_build_default_ports(ports_a, 4569, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 4569, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_AFP, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "AFP", NDPI_PROTOCOL_CATEGORY_DATA_TRANSFER, ndpi_build_default_ports(ports_a, 548, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 548, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_CATEGORY_CUSTOM_1, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, NDPI_CONST_GENERIC_PROTOCOL_NAME, NDPI_PROTOCOL_CATEGORY_UNSPECIFIED, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_CHECKMK, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "CHECKMK", NDPI_PROTOCOL_CATEGORY_DATA_TRANSFER, ndpi_build_default_ports(ports_a, 6556, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_POTENTIALLY_DANGEROUS, NDPI_PROTOCOL_STEALTHNET, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "Stealthnet", NDPI_PROTOCOL_CATEGORY_DOWNLOAD_FT, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_AIMINI, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "Aimini", NDPI_PROTOCOL_CATEGORY_DOWNLOAD_FT, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_SIP, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "SIP", NDPI_PROTOCOL_CATEGORY_VOIP, ndpi_build_default_ports(ports_a, 5060, 5061, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 5060, 5061, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_TRUPHONE, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "TruPhone", NDPI_PROTOCOL_CATEGORY_VOIP, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_IP_ICMPV6, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "ICMPV6", NDPI_PROTOCOL_CATEGORY_NETWORK, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DHCPV6, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "DHCPV6", NDPI_PROTOCOL_CATEGORY_NETWORK, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_ARMAGETRON, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "Armagetron", NDPI_PROTOCOL_CATEGORY_GAME, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_CROSSFIRE, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "Crossfire", NDPI_PROTOCOL_CATEGORY_RPC, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_DOFUS, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "Dofus", NDPI_PROTOCOL_CATEGORY_GAME, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_FIESTA, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "Fiesta", NDPI_PROTOCOL_CATEGORY_GAME, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_FLORENSIA, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "Florensia", NDPI_PROTOCOL_CATEGORY_GAME, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_GUILDWARS, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "Guildwars", NDPI_PROTOCOL_CATEGORY_GAME, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_HTTP_ACTIVESYNC, - no_master, + 1 /* can_have_a_subprotocol */, no_master, no_master, "HTTP_ActiveSync", NDPI_PROTOCOL_CATEGORY_CLOUD, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_KERBEROS, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "Kerberos", NDPI_PROTOCOL_CATEGORY_NETWORK, ndpi_build_default_ports(ports_a, 88, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 88, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_LDAP, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "LDAP", NDPI_PROTOCOL_CATEGORY_SYSTEM_OS, ndpi_build_default_ports(ports_a, 389, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 389, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_MAPLESTORY, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "MapleStory", NDPI_PROTOCOL_CATEGORY_GAME, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_MSSQL_TDS, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "MsSQL-TDS", NDPI_PROTOCOL_CATEGORY_DATABASE, ndpi_build_default_ports(ports_a, 1433, 1434, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_PPTP, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "PPTP", NDPI_PROTOCOL_CATEGORY_VPN, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_WARCRAFT3, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "Warcraft3", NDPI_PROTOCOL_CATEGORY_GAME, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_WORLD_OF_KUNG_FU, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "WorldOfKungFu", NDPI_PROTOCOL_CATEGORY_GAME, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DCERPC, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "DCE_RPC", NDPI_PROTOCOL_CATEGORY_RPC, ndpi_build_default_ports(ports_a, 135, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_NETFLOW, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "NetFlow", NDPI_PROTOCOL_CATEGORY_NETWORK, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 2055, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_SFLOW, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "sFlow", NDPI_PROTOCOL_CATEGORY_NETWORK, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 6343, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_HTTP_CONNECT, - no_master, + 1 /* can_have_a_subprotocol */, no_master, no_master, "HTTP_Connect", NDPI_PROTOCOL_CATEGORY_WEB, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_HTTP_PROXY, - no_master, + 1 /* can_have_a_subprotocol */, no_master, no_master, "HTTP_Proxy", NDPI_PROTOCOL_CATEGORY_WEB, ndpi_build_default_ports(ports_a, 8080, 3128, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_CITRIX, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "Citrix", NDPI_PROTOCOL_CATEGORY_NETWORK, ndpi_build_default_ports(ports_a, 1494, 2598, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_WEBEX, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "Webex", NDPI_PROTOCOL_CATEGORY_VOIP, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_RADIUS, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "Radius", NDPI_PROTOCOL_CATEGORY_NETWORK, ndpi_build_default_ports(ports_a, 1812, 1813, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 1812, 1813, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_TEAMVIEWER, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "TeamViewer", NDPI_PROTOCOL_CATEGORY_REMOTE_ACCESS, ndpi_build_default_ports(ports_a, 5938, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 5938, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_LOTUS_NOTES, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "LotusNotes", NDPI_PROTOCOL_CATEGORY_COLLABORATIVE, ndpi_build_default_ports(ports_a, 1352, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_SAP, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "SAP", NDPI_PROTOCOL_CATEGORY_NETWORK, ndpi_build_default_ports(ports_a, 3201, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); /* Missing dissector: port based only */ ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_GTP, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "GTP", NDPI_PROTOCOL_CATEGORY_NETWORK, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 2152, 2123, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_UPNP, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "UPnP", NDPI_PROTOCOL_CATEGORY_NETWORK, ndpi_build_default_ports(ports_a, 1780, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 1900, 0, 0, 0, 0) /* UDP */); /* Missing dissector: port based only */ ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_TELEGRAM, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "Telegram", NDPI_PROTOCOL_CATEGORY_CHAT, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_QUIC, - no_master, + 1 /* can_have_a_subprotocol */, no_master, no_master, "QUIC", NDPI_PROTOCOL_CATEGORY_WEB, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 443, 80, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DIAMETER, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "Diameter", NDPI_PROTOCOL_CATEGORY_WEB, ndpi_build_default_ports(ports_a, 3868, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_APPLE_PUSH, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "ApplePush", NDPI_PROTOCOL_CATEGORY_CLOUD, ndpi_build_default_ports(ports_a, 1, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DROPBOX, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "Dropbox", NDPI_PROTOCOL_CATEGORY_CLOUD, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 17500, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_SPOTIFY, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "Spotify", NDPI_PROTOCOL_CATEGORY_STREAMING, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_LISP, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "LISP", NDPI_PROTOCOL_CATEGORY_CLOUD, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 4342, 4341, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_EAQ, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "EAQ", NDPI_PROTOCOL_CATEGORY_NETWORK, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 6000, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_KAKAOTALK_VOICE, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "KakaoTalk_Voice", NDPI_PROTOCOL_CATEGORY_VOIP, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_MPEGTS, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "MPEG_TS", NDPI_PROTOCOL_CATEGORY_MEDIA, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); /* http://en.wikipedia.org/wiki/Link-local_Multicast_Name_Resolution */ ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_LLMNR, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "LLMNR", NDPI_PROTOCOL_CATEGORY_NETWORK, ndpi_build_default_ports(ports_a, 5355, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 5355, 0, 0, 0, 0) /* UDP */); /* Missing dissector: port based only */ ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_POTENTIALLY_DANGEROUS, NDPI_PROTOCOL_REMOTE_SCAN, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "RemoteScan", NDPI_PROTOCOL_CATEGORY_NETWORK, ndpi_build_default_ports(ports_a, 6077, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 6078, 0, 0, 0, 0) /* UDP */); /* Missing dissector: port based only */ ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_H323, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master,"H323", NDPI_PROTOCOL_CATEGORY_VOIP, ndpi_build_default_ports(ports_a, 1719, 1720, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 1719, 1720, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_OPENVPN, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "OpenVPN", NDPI_PROTOCOL_CATEGORY_VPN, ndpi_build_default_ports(ports_a, 1194, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 1194, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_NOE, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "NOE", NDPI_PROTOCOL_CATEGORY_VOIP, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_CISCOVPN, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "CiscoVPN", NDPI_PROTOCOL_CATEGORY_VPN, ndpi_build_default_ports(ports_a, 10000, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 10000, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_TEAMSPEAK, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "TeamSpeak", NDPI_PROTOCOL_CATEGORY_CHAT, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_SKINNY, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "CiscoSkinny", NDPI_PROTOCOL_CATEGORY_VOIP, ndpi_build_default_ports(ports_a, 2000, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_RTCP, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "RTCP", NDPI_PROTOCOL_CATEGORY_VOIP, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_RSYNC, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "RSYNC", NDPI_PROTOCOL_CATEGORY_DATA_TRANSFER, ndpi_build_default_ports(ports_a, 873, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_ORACLE, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "Oracle", NDPI_PROTOCOL_CATEGORY_DATABASE, ndpi_build_default_ports(ports_a, 1521, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_CORBA, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "Corba", NDPI_PROTOCOL_CATEGORY_RPC, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_UBUNTUONE, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "UbuntuONE", NDPI_PROTOCOL_CATEGORY_CLOUD, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_WHOIS_DAS, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "Whois-DAS", NDPI_PROTOCOL_CATEGORY_NETWORK, ndpi_build_default_ports(ports_a, 43, 4343, 0, 0, 0), /* TCP */ ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0)); /* UDP */ ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_COLLECTD, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "Collectd", NDPI_PROTOCOL_CATEGORY_SYSTEM_OS, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0), /* TCP */ ndpi_build_default_ports(ports_b, 25826, 0, 0, 0, 0)); /* UDP */ ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_SOCKS, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "SOCKS", NDPI_PROTOCOL_CATEGORY_WEB, ndpi_build_default_ports(ports_a, 1080, 0, 0, 0, 0), /* TCP */ ndpi_build_default_ports(ports_b, 1080, 0, 0, 0, 0)); /* UDP */ ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_TFTP, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "TFTP", NDPI_PROTOCOL_CATEGORY_DATA_TRANSFER, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0), /* TCP */ ndpi_build_default_ports(ports_b, 69, 0, 0, 0, 0)); /* UDP */ ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_RTMP, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "RTMP", NDPI_PROTOCOL_CATEGORY_MEDIA, ndpi_build_default_ports(ports_a, 1935, 0, 0, 0, 0), /* TCP */ ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0)); /* UDP */ ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_PANDO, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "Pando_Media_Booster", NDPI_PROTOCOL_CATEGORY_WEB, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0), /* TCP */ ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0)); /* UDP */ ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_MEGACO, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "Megaco", NDPI_PROTOCOL_CATEGORY_VOIP, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0), /* TCP */ ndpi_build_default_ports(ports_b, 2944 , 0, 0, 0, 0)); /* UDP */ ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_REDIS, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "Redis", NDPI_PROTOCOL_CATEGORY_DATABASE, ndpi_build_default_ports(ports_a, 6379, 0, 0, 0, 0), /* TCP */ ndpi_build_default_ports(ports_b, 0 , 0, 0, 0, 0)); /* UDP */ ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_ZMQ, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "ZeroMQ", NDPI_PROTOCOL_CATEGORY_RPC, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0), /* TCP */ ndpi_build_default_ports(ports_b, 0 , 0, 0, 0, 0) ); /* UDP */ ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_VHUA, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "VHUA", NDPI_PROTOCOL_CATEGORY_VOIP, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0), /* TCP */ ndpi_build_default_ports(ports_b, 58267, 0, 0, 0, 0)); /* UDP */ ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_STARCRAFT, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "Starcraft", NDPI_PROTOCOL_CATEGORY_GAME, ndpi_build_default_ports(ports_a, 1119, 0, 0, 0, 0), /* TCP */ ndpi_build_default_ports(ports_b, 1119, 0, 0, 0, 0)); /* UDP */ ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_SAFE, NDPI_PROTOCOL_UBNTAC2, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "UBNTAC2", NDPI_PROTOCOL_CATEGORY_NETWORK, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0), /* TCP */ ndpi_build_default_ports(ports_b, 10001, 0, 0, 0, 0)); /* UDP */ ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_VIBER, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "Viber", NDPI_PROTOCOL_CATEGORY_CHAT, ndpi_build_default_ports(ports_a, 7985, 5242, 5243, 4244, 0), /* TCP */ ndpi_build_default_ports(ports_b, 7985, 7987, 5242, 5243, 4244)); /* UDP */ ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_SAFE, NDPI_PROTOCOL_COAP, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "COAP", NDPI_PROTOCOL_CATEGORY_RPC, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0), /* TCP */ ndpi_build_default_ports(ports_b, 5683, 5684, 0, 0, 0)); /* UDP */ ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_MQTT, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "MQTT", NDPI_PROTOCOL_CATEGORY_RPC, ndpi_build_default_ports(ports_a, 1883, 8883, 0, 0, 0), /* TCP */ ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0)); /* UDP */ ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_SOMEIP, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "SOMEIP", NDPI_PROTOCOL_CATEGORY_RPC, ndpi_build_default_ports(ports_a, 30491, 30501, 0, 0, 0), /* TCP */ ndpi_build_default_ports(ports_b, 30491, 30501, 30490, 0, 0)); /* UDP */ ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_RX, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "RX", NDPI_PROTOCOL_CATEGORY_RPC, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0), /* TCP */ ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0)); /* UDP */ ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_SAFE, NDPI_PROTOCOL_GIT, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "Git", NDPI_PROTOCOL_CATEGORY_COLLABORATIVE, ndpi_build_default_ports(ports_a, 9418, 0, 0, 0, 0), /* TCP */ ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0)); /* UDP */ ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DRDA, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "DRDA", NDPI_PROTOCOL_CATEGORY_DATABASE, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0), /* TCP */ ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0)); /* UDP */ ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_HANGOUT, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "GoogleHangout", NDPI_PROTOCOL_CATEGORY_CHAT, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_BJNP, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "BJNP", NDPI_PROTOCOL_CATEGORY_SYSTEM_OS, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 8612, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_SMPP, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "SMPP", NDPI_PROTOCOL_CATEGORY_DOWNLOAD_FT, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0), /* TCP */ ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0)); /* UDP */ ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_SAFE, NDPI_PROTOCOL_OOKLA, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "Ookla", NDPI_PROTOCOL_CATEGORY_NETWORK, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0), /* TCP */ ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0)); /* UDP */ ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_AMQP, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "AMQP", NDPI_PROTOCOL_CATEGORY_RPC, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0), /* TCP */ ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0)); /* UDP */ ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_SAFE, NDPI_PROTOCOL_DNSCRYPT, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "DNScrypt", NDPI_PROTOCOL_CATEGORY_NETWORK, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0), /* TCP */ ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0)); /* UDP */ ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_TINC, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "TINC", NDPI_PROTOCOL_CATEGORY_VPN, ndpi_build_default_ports(ports_a, 655, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 655, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_SAFE, NDPI_PROTOCOL_FIX, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "FIX", NDPI_PROTOCOL_CATEGORY_RPC, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_NINTENDO, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "Nintendo", NDPI_PROTOCOL_CATEGORY_GAME, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_CSGO, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "CSGO", NDPI_PROTOCOL_CATEGORY_GAME, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_AJP, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, "AJP", NDPI_PROTOCOL_CATEGORY_WEB, ndpi_build_default_ports(ports_a, 8009, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); @@ -2686,7 +2694,7 @@ int ndpi_handle_rule(struct ndpi_detection_module_struct *ndpi_mod, ndpi_set_proto_defaults(ndpi_mod, NDPI_PROTOCOL_ACCEPTABLE, ndpi_mod->ndpi_num_supported_protocols, - no_master, + 0 /* can_have_a_subprotocol */, no_master, no_master, ndpi_strdup(proto), NDPI_PROTOCOL_CATEGORY_UNSPECIFIED, /* TODO add protocol category support in rules */ @@ -4038,9 +4046,7 @@ ndpi_protocol ndpi_detection_giveup(struct ndpi_detection_module_struct *ndpi_st if(flow->protos.stun_ssl.stun.num_processed_pkts > 0) { if(/* (flow->protos.stun_ssl.stun.num_processed_pkts >= NDPI_MIN_NUM_STUN_DETECTION) */ flow->protos.stun_ssl.stun.is_skype) { - u_int16_t proto = (flow->protos.stun_ssl.stun.num_binding_requests < 4) ? NDPI_PROTOCOL_SKYPE_CALL_IN : NDPI_PROTOCOL_SKYPE_CALL_OUT; - - ndpi_set_detected_protocol(ndpi_struct, flow, proto, NDPI_PROTOCOL_SKYPE); + ndpi_set_detected_protocol(ndpi_struct, flow, NDPI_PROTOCOL_SKYPE_CALL, NDPI_PROTOCOL_SKYPE); } else ndpi_set_detected_protocol(ndpi_struct, flow, flow->guessed_host_protocol_id, NDPI_PROTOCOL_STUN); } @@ -5184,8 +5190,10 @@ void ndpi_int_change_protocol(struct ndpi_detection_module_struct *ndpi_struct, && (lower_detected_protocol == NDPI_PROTOCOL_UNKNOWN)) { if((flow->guessed_host_protocol_id != NDPI_PROTOCOL_UNKNOWN) && (upper_detected_protocol != flow->guessed_host_protocol_id)) { - lower_detected_protocol = upper_detected_protocol; - upper_detected_protocol = flow->guessed_host_protocol_id; + if(ndpi_struct->proto_defaults[upper_detected_protocol].can_have_a_subprotocol) { + lower_detected_protocol = upper_detected_protocol; + upper_detected_protocol = flow->guessed_host_protocol_id; + } } } @@ -6052,10 +6060,8 @@ int ndpi_match_bigram(struct ndpi_detection_module_struct *ndpi_struct, void ndpi_free_flow(struct ndpi_flow_struct *flow) { if(flow) { - if(flow->http.url) - ndpi_free(flow->http.url); - if(flow->http.content_type) - ndpi_free(flow->http.content_type); + if(flow->http.url) ndpi_free(flow->http.url); + if(flow->http.content_type) ndpi_free(flow->http.content_type); ndpi_free(flow); } } diff --git a/src/lib/protocols/skype.c b/src/lib/protocols/skype.c index 0f5e8c780..35dcb0161 100644 --- a/src/lib/protocols/skype.c +++ b/src/lib/protocols/skype.c @@ -24,12 +24,10 @@ #include "ndpi_api.h" static void ndpi_skype_report_protocol(struct ndpi_detection_module_struct *ndpi_struct, struct ndpi_flow_struct *flow) { - u_int16_t proto = (flow->protos.stun_ssl.stun.num_binding_requests < 4) ? NDPI_PROTOCOL_SKYPE_CALL_IN : NDPI_PROTOCOL_SKYPE_CALL_OUT; - //printf("-> payload_len=%u\n", flow->packet.payload_packet_len); NDPI_LOG_INFO(ndpi_struct, "found skype\n"); - ndpi_set_detected_protocol(ndpi_struct, flow, proto, NDPI_PROTOCOL_SKYPE); + ndpi_set_detected_protocol(ndpi_struct, flow, NDPI_PROTOCOL_SKYPE_CALL, NDPI_PROTOCOL_SKYPE); } static int is_port(u_int16_t a, u_int16_t b, u_int16_t c) { diff --git a/src/lib/protocols/stun.c b/src/lib/protocols/stun.c index cb1322e5e..c169a47db 100644 --- a/src/lib/protocols/stun.c +++ b/src/lib/protocols/stun.c @@ -203,7 +203,7 @@ void ndpi_search_stun(struct ndpi_detection_module_struct *ndpi_struct, struct n NDPI_LOG_INFO(ndpi_struct, "found Skype\n"); if((flow->protos.stun_ssl.stun.num_processed_pkts >= 8) || (flow->protos.stun_ssl.stun.num_binding_requests >= 4)) - ndpi_set_detected_protocol(ndpi_struct, flow, (flow->protos.stun_ssl.stun.num_binding_requests < 4) ? NDPI_PROTOCOL_SKYPE_CALL_IN : NDPI_PROTOCOL_SKYPE_CALL_OUT, NDPI_PROTOCOL_SKYPE); + ndpi_set_detected_protocol(ndpi_struct, flow, NDPI_PROTOCOL_SKYPE_CALL, NDPI_PROTOCOL_SKYPE); } else { NDPI_LOG_INFO(ndpi_struct, "found UDP stun\n"); /* Ummmmm we're in the TCP branch. This code looks bad */ ndpi_int_stun_add_connection(ndpi_struct, @@ -221,9 +221,10 @@ void ndpi_search_stun(struct ndpi_detection_module_struct *ndpi_struct, struct n if(flow->protos.stun_ssl.stun.is_skype) { NDPI_LOG_INFO(ndpi_struct, "Found Skype\n"); - + + /* flow->protos.stun_ssl.stun.num_binding_requests < 4) ? NDPI_PROTOCOL_SKYPE_CALL_IN : NDPI_PROTOCOL_SKYPE_CALL_OUT */ if((flow->protos.stun_ssl.stun.num_processed_pkts >= 8) || (flow->protos.stun_ssl.stun.num_binding_requests >= 4)) - ndpi_set_detected_protocol(ndpi_struct, flow, (flow->protos.stun_ssl.stun.num_binding_requests < 4) ? NDPI_PROTOCOL_SKYPE_CALL_IN : NDPI_PROTOCOL_SKYPE_CALL_OUT, NDPI_PROTOCOL_SKYPE); + ndpi_set_detected_protocol(ndpi_struct, flow, NDPI_PROTOCOL_SKYPE_CALL, NDPI_PROTOCOL_SKYPE); } else { NDPI_LOG_INFO(ndpi_struct, "found UDP stun\n"); ndpi_int_stun_add_connection(ndpi_struct, diff --git a/tests/result/1kxun.pcap.out b/tests/result/1kxun.pcap.out index 5eead7a9c..738340781 100644 --- a/tests/result/1kxun.pcap.out +++ b/tests/result/1kxun.pcap.out @@ -1,7 +1,8 @@ -Unknown 24 6428 14 +Unknown 23 6265 13 DNS 2 378 1 HTTP 524 220123 9 MDNS 1 82 1 +NTP 1 90 1 NetBIOS 31 3589 8 SSDP 143 36951 13 DHCP 24 8208 5 @@ -12,8 +13,7 @@ DHCPV6 10 980 3 Facebook 19 6840 2 Google 3 176 1 GenericProtocol 433 311919 14 -Apple 1 90 1 -LLMNR 89 6799 47 +LLMNR 90 6962 48 1 TCP 192.168.115.8:49613 <-> 183.131.48.144:80 [proto: 7/HTTP][cat: Web/5][260 pkts/15070 bytes <-> 159 pkts/168623 bytes][Host: 183.131.48.144] 2 TCP 192.168.115.8:49600 <-> 106.187.35.246:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][18 pkts/1722 bytes <-> 51 pkts/61707 bytes][Host: pic.1kxun.com] @@ -91,45 +91,46 @@ LLMNR 89 6799 47 74 UDP [fe80::5d92:62a8:ebde:1319]:63659 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/172 bytes -> 0 pkts/0 bytes][Host: isatap] 75 UDP [fe80::edf5:240a:c8c0:8312]:53962 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/172 bytes -> 0 pkts/0 bytes][Host: ro_x1c] 76 UDP [fe80::edf5:240a:c8c0:8312]:61603 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/172 bytes -> 0 pkts/0 bytes][Host: ro_x1c] - 77 UDP 192.168.5.49:61548 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/150 bytes -> 0 pkts/0 bytes][Host: caesar-thinkpad] - 78 UDP 192.168.5.49:64568 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/150 bytes -> 0 pkts/0 bytes][Host: caesar-thinkpad] - 79 UDP 192.168.3.95:51451 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/144 bytes -> 0 pkts/0 bytes][Host: 小佛專機] - 80 UDP 192.168.3.95:54888 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/144 bytes -> 0 pkts/0 bytes][Host: 小佛專機] - 81 UDP 192.168.3.95:58779 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/144 bytes -> 0 pkts/0 bytes][Host: 小佛專機] - 82 UDP 192.168.5.50:57143 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/142 bytes -> 0 pkts/0 bytes][Host: charming-pc] - 83 UDP 192.168.5.50:62756 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/142 bytes -> 0 pkts/0 bytes][Host: charming-pc] - 84 UDP 192.168.5.48:59797 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/140 bytes -> 0 pkts/0 bytes][Host: kasper-mac] - 85 UDP 192.168.3.236:62069 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/138 bytes -> 0 pkts/0 bytes][Host: wangs-ltw] - 86 UDP 192.168.3.236:65496 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/138 bytes -> 0 pkts/0 bytes][Host: wangs-ltw] - 87 UDP 192.168.5.9:58456 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/138 bytes -> 0 pkts/0 bytes][Host: joanna-pc] - 88 UDP 192.168.5.9:62822 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/138 bytes -> 0 pkts/0 bytes][Host: joanna-pc] - 89 UDP 192.168.101.33:58456 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/138 bytes -> 0 pkts/0 bytes][Host: joanna-pc] - 90 UDP 192.168.101.33:62822 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/138 bytes -> 0 pkts/0 bytes][Host: joanna-pc] - 91 UDP 192.168.5.37:54506 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/136 bytes -> 0 pkts/0 bytes][Host: notebook] - 92 UDP 192.168.5.37:56366 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/136 bytes -> 0 pkts/0 bytes][Host: notebook] - 93 UDP 192.168.5.41:54470 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/136 bytes -> 0 pkts/0 bytes][Host: kevin-pc] - 94 UDP 192.168.5.44:58702 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/136 bytes -> 0 pkts/0 bytes][Host: jason-pc] - 95 UDP 192.168.5.44:59571 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/136 bytes -> 0 pkts/0 bytes][Host: jason-pc] - 96 UDP 192.168.5.57:64428 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/136 bytes -> 0 pkts/0 bytes][Host: usher-pc] - 97 UDP 192.168.5.57:65150 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/136 bytes -> 0 pkts/0 bytes][Host: usher-pc] - 98 UDP 192.168.3.236:51714 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/132 bytes -> 0 pkts/0 bytes][Host: isatap] - 99 UDP 192.168.3.236:56043 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/132 bytes -> 0 pkts/0 bytes][Host: isatap] - 100 UDP 192.168.5.47:53962 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/132 bytes -> 0 pkts/0 bytes][Host: ro_x1c] - 101 UDP 192.168.5.47:61603 -> 224.0.0.252:5355 [proto: 87/RTP][cat: Media/1][2 pkts/132 bytes -> 0 pkts/0 bytes] - 102 TCP 192.168.5.16:53605 -> 68.233.253.133:80 [proto: 7/HTTP][cat: Web/5][2 pkts/126 bytes -> 0 pkts/0 bytes] - 103 TCP 192.168.5.16:53622 <-> 192.168.115.75:443 [proto: 91/SSL][cat: Web/5][1 pkts/60 bytes <-> 1 pkts/60 bytes] - 104 UDP [fe80::f65c:89ff:fe89:e607]:546 -> [ff02::1:2]:547 [proto: 103/DHCPV6][cat: Network/14][1 pkts/98 bytes -> 0 pkts/0 bytes] - 105 UDP 192.168.5.45:59461 -> 192.168.255.255:137 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes -> 0 pkts/0 bytes] - 106 UDP 192.168.5.45:59789 -> 192.168.255.255:137 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes -> 0 pkts/0 bytes] - 107 UDP [fe80::e034:7be:d8f9:6197]:57143 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][1 pkts/91 bytes -> 0 pkts/0 bytes][Host: charming-pc] - 108 UDP [fe80::e034:7be:d8f9:6197]:62756 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][1 pkts/91 bytes -> 0 pkts/0 bytes][Host: charming-pc] - 109 UDP 192.168.5.16:123 -> 17.253.26.125:123 [proto: 9.140/NTP.Apple][cat: Web/5][1 pkts/90 bytes -> 0 pkts/0 bytes] - 110 UDP 192.168.5.64:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network/14][1 pkts/82 bytes -> 0 pkts/0 bytes] - 111 UDP 192.168.5.50:49766 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][1 pkts/71 bytes -> 0 pkts/0 bytes][Host: charming-pc] - 112 UDP 192.168.5.50:50030 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][1 pkts/71 bytes -> 0 pkts/0 bytes][Host: charming-pc] - 113 UDP 192.168.5.41:55593 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][1 pkts/68 bytes -> 0 pkts/0 bytes][Host: kevin-pc] - 114 UDP 192.168.5.44:59062 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][1 pkts/68 bytes -> 0 pkts/0 bytes][Host: jason-pc] - 115 UDP 192.168.3.236:59730 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][1 pkts/67 bytes -> 0 pkts/0 bytes][Host: sonusav] + 77 UDP 192.168.119.2:43786 -> 255.255.255.255:5678 [proto: 154/LLMNR][cat: Network/14][1 pkts/163 bytes -> 0 pkts/0 bytes] + 78 UDP 192.168.5.49:61548 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/150 bytes -> 0 pkts/0 bytes][Host: caesar-thinkpad] + 79 UDP 192.168.5.49:64568 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/150 bytes -> 0 pkts/0 bytes][Host: caesar-thinkpad] + 80 UDP 192.168.3.95:51451 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/144 bytes -> 0 pkts/0 bytes][Host: 小佛專機] + 81 UDP 192.168.3.95:54888 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/144 bytes -> 0 pkts/0 bytes][Host: 小佛專機] + 82 UDP 192.168.3.95:58779 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/144 bytes -> 0 pkts/0 bytes][Host: 小佛專機] + 83 UDP 192.168.5.50:57143 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/142 bytes -> 0 pkts/0 bytes][Host: charming-pc] + 84 UDP 192.168.5.50:62756 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/142 bytes -> 0 pkts/0 bytes][Host: charming-pc] + 85 UDP 192.168.5.48:59797 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/140 bytes -> 0 pkts/0 bytes][Host: kasper-mac] + 86 UDP 192.168.3.236:62069 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/138 bytes -> 0 pkts/0 bytes][Host: wangs-ltw] + 87 UDP 192.168.3.236:65496 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/138 bytes -> 0 pkts/0 bytes][Host: wangs-ltw] + 88 UDP 192.168.5.9:58456 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/138 bytes -> 0 pkts/0 bytes][Host: joanna-pc] + 89 UDP 192.168.5.9:62822 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/138 bytes -> 0 pkts/0 bytes][Host: joanna-pc] + 90 UDP 192.168.101.33:58456 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/138 bytes -> 0 pkts/0 bytes][Host: joanna-pc] + 91 UDP 192.168.101.33:62822 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/138 bytes -> 0 pkts/0 bytes][Host: joanna-pc] + 92 UDP 192.168.5.37:54506 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/136 bytes -> 0 pkts/0 bytes][Host: notebook] + 93 UDP 192.168.5.37:56366 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/136 bytes -> 0 pkts/0 bytes][Host: notebook] + 94 UDP 192.168.5.41:54470 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/136 bytes -> 0 pkts/0 bytes][Host: kevin-pc] + 95 UDP 192.168.5.44:58702 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/136 bytes -> 0 pkts/0 bytes][Host: jason-pc] + 96 UDP 192.168.5.44:59571 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/136 bytes -> 0 pkts/0 bytes][Host: jason-pc] + 97 UDP 192.168.5.57:64428 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/136 bytes -> 0 pkts/0 bytes][Host: usher-pc] + 98 UDP 192.168.5.57:65150 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/136 bytes -> 0 pkts/0 bytes][Host: usher-pc] + 99 UDP 192.168.3.236:51714 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/132 bytes -> 0 pkts/0 bytes][Host: isatap] + 100 UDP 192.168.3.236:56043 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/132 bytes -> 0 pkts/0 bytes][Host: isatap] + 101 UDP 192.168.5.47:53962 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/132 bytes -> 0 pkts/0 bytes][Host: ro_x1c] + 102 UDP 192.168.5.47:61603 -> 224.0.0.252:5355 [proto: 87/RTP][cat: Media/1][2 pkts/132 bytes -> 0 pkts/0 bytes] + 103 TCP 192.168.5.16:53605 -> 68.233.253.133:80 [proto: 7/HTTP][cat: Web/5][2 pkts/126 bytes -> 0 pkts/0 bytes] + 104 TCP 192.168.5.16:53622 <-> 192.168.115.75:443 [proto: 91/SSL][cat: Web/5][1 pkts/60 bytes <-> 1 pkts/60 bytes] + 105 UDP [fe80::f65c:89ff:fe89:e607]:546 -> [ff02::1:2]:547 [proto: 103/DHCPV6][cat: Network/14][1 pkts/98 bytes -> 0 pkts/0 bytes] + 106 UDP 192.168.5.45:59461 -> 192.168.255.255:137 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes -> 0 pkts/0 bytes] + 107 UDP 192.168.5.45:59789 -> 192.168.255.255:137 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes -> 0 pkts/0 bytes] + 108 UDP [fe80::e034:7be:d8f9:6197]:57143 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][1 pkts/91 bytes -> 0 pkts/0 bytes][Host: charming-pc] + 109 UDP [fe80::e034:7be:d8f9:6197]:62756 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][1 pkts/91 bytes -> 0 pkts/0 bytes][Host: charming-pc] + 110 UDP 192.168.5.16:123 -> 17.253.26.125:123 [proto: 9/NTP][cat: System/18][1 pkts/90 bytes -> 0 pkts/0 bytes] + 111 UDP 192.168.5.64:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network/14][1 pkts/82 bytes -> 0 pkts/0 bytes] + 112 UDP 192.168.5.50:49766 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][1 pkts/71 bytes -> 0 pkts/0 bytes][Host: charming-pc] + 113 UDP 192.168.5.50:50030 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][1 pkts/71 bytes -> 0 pkts/0 bytes][Host: charming-pc] + 114 UDP 192.168.5.41:55593 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][1 pkts/68 bytes -> 0 pkts/0 bytes][Host: kevin-pc] + 115 UDP 192.168.5.44:59062 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][1 pkts/68 bytes -> 0 pkts/0 bytes][Host: jason-pc] + 116 UDP 192.168.3.236:59730 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][1 pkts/67 bytes -> 0 pkts/0 bytes][Host: sonusav] Undetected flows: @@ -144,6 +145,5 @@ Undetected flows: 9 UDP 192.168.119.1:56861 -> 255.255.255.255:5678 [proto: 0/Unknown][1 pkts/177 bytes -> 0 pkts/0 bytes] 10 UDP 59.120.208.218:50151 -> 255.255.255.255:1947 [proto: 0/Unknown][2 pkts/164 bytes -> 0 pkts/0 bytes] 11 UDP 192.168.2.186:32768 -> 255.255.255.255:1947 [proto: 0/Unknown][2 pkts/164 bytes -> 0 pkts/0 bytes] - 12 UDP 192.168.119.2:43786 -> 255.255.255.255:5678 [proto: 0/Unknown][1 pkts/163 bytes -> 0 pkts/0 bytes] - 13 UDP 192.168.0.100:50925 -> 255.255.255.255:5678 [proto: 0/Unknown][1 pkts/142 bytes -> 0 pkts/0 bytes] - 14 UDP 59.120.208.212:32768 -> 255.255.255.255:1947 [proto: 0/Unknown][1 pkts/82 bytes -> 0 pkts/0 bytes] + 12 UDP 192.168.0.100:50925 -> 255.255.255.255:5678 [proto: 0/Unknown][1 pkts/142 bytes -> 0 pkts/0 bytes] + 13 UDP 59.120.208.212:32768 -> 255.255.255.255:1947 [proto: 0/Unknown][1 pkts/82 bytes -> 0 pkts/0 bytes] diff --git a/tests/result/hangout.pcap.out b/tests/result/hangout.pcap.out index 430ecdcae..323e41d36 100644 --- a/tests/result/hangout.pcap.out +++ b/tests/result/hangout.pcap.out @@ -1,3 +1,3 @@ -Google 19 2774 1 +GoogleHangout 19 2774 1 - 1 UDP 74.125.134.127:19305 -> 10.89.61.13:56406 [proto: 201.126/GoogleHangout.Google][cat: Web/5][19 pkts/2774 bytes -> 0 pkts/0 bytes] + 1 UDP 74.125.134.127:19305 -> 10.89.61.13:56406 [proto: 201/GoogleHangout][cat: Chat/9][19 pkts/2774 bytes -> 0 pkts/0 bytes] diff --git a/tests/result/nintendo.pcap.out b/tests/result/nintendo.pcap.out index c1b44147a..6535e7cc5 100644 --- a/tests/result/nintendo.pcap.out +++ b/tests/result/nintendo.pcap.out @@ -1,6 +1,6 @@ ICMP 30 2100 2 -Nintendo 887 319888 11 -Amazon 79 11165 8 +Nintendo 890 320242 12 +Amazon 76 10811 7 1 UDP 192.168.12.114:55915 <-> 185.118.169.65:27520 [proto: 173/Nintendo][cat: Game/8][169 pkts/61414 bytes <-> 278 pkts/126260 bytes] 2 UDP 192.168.12.114:55915 <-> 93.237.131.235:56066 [proto: 173/Nintendo][cat: Game/8][122 pkts/48332 bytes <-> 35 pkts/5026 bytes] @@ -18,7 +18,7 @@ Amazon 79 11165 8 14 UDP 192.168.12.114:55915 <-> 35.158.74.61:10025 [proto: 178/Amazon][cat: Web/5][5 pkts/290 bytes <-> 5 pkts/290 bytes] 15 UDP 192.168.12.114:18874 <-> 192.168.12.1:53 [proto: 5.173/DNS.Nintendo][cat: Game/8][1 pkts/110 bytes <-> 1 pkts/281 bytes][Host: e0d67c509fb203858ebcb2fe3f88c2aa.baas.nintendo.com] 16 UDP 192.168.12.114:51035 <-> 192.168.12.1:53 [proto: 5.173/DNS.Nintendo][cat: Game/8][1 pkts/110 bytes <-> 1 pkts/281 bytes][Host: e0d67c509fb203858ebcb2fe3f88c2aa.baas.nintendo.com] - 17 UDP 192.168.12.114:52119 -> 35.158.74.61:33335 [proto: 173.178/Nintendo.Amazon][cat: Web/5][3 pkts/354 bytes -> 0 pkts/0 bytes] + 17 UDP 192.168.12.114:52119 -> 35.158.74.61:33335 [proto: 173/Nintendo][cat: Game/8][3 pkts/354 bytes -> 0 pkts/0 bytes] 18 UDP 192.168.12.114:55915 -> 35.158.74.61:33335 [proto: 178/Amazon][cat: Web/5][3 pkts/318 bytes -> 0 pkts/0 bytes] 19 UDP 192.168.12.114:55915 -> 52.10.205.177:34343 [proto: 178/Amazon][cat: Web/5][1 pkts/298 bytes -> 0 pkts/0 bytes] 20 UDP 192.168.12.114:55915 -> 35.158.74.61:33334 [proto: 178/Amazon][cat: Web/5][5 pkts/290 bytes -> 0 pkts/0 bytes] diff --git a/tests/result/skype-conference-call.pcap.out b/tests/result/skype-conference-call.pcap.out index 3a7c34e17..fd6dde8c4 100644 --- a/tests/result/skype-conference-call.pcap.out +++ b/tests/result/skype-conference-call.pcap.out @@ -1,3 +1,3 @@ -SkypeCallOut 200 39687 1 +SkypeCall 200 39687 1 - 1 UDP 192.168.2.20:49282 <-> 104.46.40.49:60642 [proto: 125.38/Skype.SkypeCallOut][cat: VoIP/10][133 pkts/24845 bytes <-> 67 pkts/14842 bytes] + 1 UDP 192.168.2.20:49282 <-> 104.46.40.49:60642 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][133 pkts/24845 bytes <-> 67 pkts/14842 bytes] diff --git a/tests/result/skype.pcap.out b/tests/result/skype.pcap.out index d02ced39b..f1fef0ed8 100644 --- a/tests/result/skype.pcap.out +++ b/tests/result/skype.pcap.out @@ -1,30 +1,32 @@ Unknown 175 20913 11 DNS 2 267 1 MDNS 8 1736 2 +NTP 2 180 1 SSDP 101 38156 6 -SkypeCallIn 730 71378 170 +SkypeCall 730 71378 170 ICMP 8 656 1 IGMP 5 258 4 SSL 96 8876 7 Dropbox 38 17948 5 Skype 1409 253031 79 -Apple 17 2225 3 +Apple 3 168 1 AppleiCloud 88 20520 2 Spotify 5 430 1 MS_OneDrive 387 198090 1 +ApplePush 12 1877 1 1 TCP 192.168.1.34:50028 <-> 157.56.126.211:443 [proto: 91.221/SSL.MS_OneDrive][cat: Cloud/13][187 pkts/42539 bytes <-> 200 pkts/155551 bytes][server: *.gateway.messenger.live.com] 2 TCP 192.168.1.34:50108 <-> 157.56.52.28:40009 [proto: 125/Skype][cat: VoIP/10][231 pkts/60232 bytes <-> 241 pkts/104395 bytes] 3 UDP 192.168.0.254:1025 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][79 pkts/29479 bytes -> 0 pkts/0 bytes] 4 TCP 192.168.1.34:50128 <-> 17.172.100.36:443 [proto: 91.143/SSL.AppleiCloud][cat: Web/5][43 pkts/9635 bytes <-> 43 pkts/10651 bytes][client: p05-keyvalueservice.icloud.com] - 5 TCP 192.168.1.34:50119 <-> 86.31.35.30:59621 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][62 pkts/6941 bytes <-> 38 pkts/5325 bytes] + 5 TCP 192.168.1.34:50119 <-> 86.31.35.30:59621 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][62 pkts/6941 bytes <-> 38 pkts/5325 bytes] 6 UDP 192.168.1.92:50084 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][14 pkts/7281 bytes -> 0 pkts/0 bytes] 7 TCP 108.160.170.46:443 <-> 192.168.1.34:49445 [proto: 91.121/SSL.Dropbox][cat: Cloud/13][8 pkts/1636 bytes <-> 8 pkts/4344 bytes] - 8 TCP 192.168.1.34:50117 <-> 71.238.7.203:18767 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][24 pkts/3136 bytes <-> 19 pkts/2618 bytes] + 8 TCP 192.168.1.34:50117 <-> 71.238.7.203:18767 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][24 pkts/3136 bytes <-> 19 pkts/2618 bytes] 9 TCP 192.168.1.34:50126 <-> 91.190.216.23:12350 [proto: 125/Skype][cat: VoIP/10][16 pkts/4788 bytes <-> 4 pkts/372 bytes] - 10 TCP 192.168.1.34:50138 <-> 71.238.7.203:18767 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][19 pkts/2797 bytes <-> 13 pkts/2175 bytes] - 11 TCP 192.168.1.34:50118 <-> 5.248.186.221:31010 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][18 pkts/2588 bytes <-> 13 pkts/2100 bytes] - 12 TCP 192.168.1.34:50139 <-> 5.248.186.221:31010 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][15 pkts/2395 bytes <-> 8 pkts/1724 bytes] + 10 TCP 192.168.1.34:50138 <-> 71.238.7.203:18767 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][19 pkts/2797 bytes <-> 13 pkts/2175 bytes] + 11 TCP 192.168.1.34:50118 <-> 5.248.186.221:31010 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][18 pkts/2588 bytes <-> 13 pkts/2100 bytes] + 12 TCP 192.168.1.34:50139 <-> 5.248.186.221:31010 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][15 pkts/2395 bytes <-> 8 pkts/1724 bytes] 13 TCP 192.168.1.34:50027 <-> 23.223.73.34:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][17 pkts/3605 bytes <-> 1 pkts/74 bytes][client: apps.skypeassets.com] 14 TCP 192.168.1.34:50029 <-> 23.206.33.166:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][16 pkts/3461 bytes <-> 1 pkts/74 bytes][client: apps.skype.com] 15 UDP 192.168.1.34:17500 -> 192.168.1.255:17500 [proto: 121/Dropbox][cat: Cloud/13][6 pkts/3264 bytes -> 0 pkts/0 bytes] @@ -32,42 +34,42 @@ MS_OneDrive 387 198090 1 17 UDP 192.168.1.92:17500 -> 192.168.1.255:17500 [proto: 121/Dropbox][cat: Cloud/13][5 pkts/2720 bytes -> 0 pkts/0 bytes] 18 UDP 192.168.1.92:17500 -> 255.255.255.255:17500 [proto: 121/Dropbox][cat: Cloud/13][5 pkts/2720 bytes -> 0 pkts/0 bytes] 19 TCP 192.168.1.34:50090 <-> 23.206.33.166:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][12 pkts/2140 bytes <-> 3 pkts/200 bytes][client: apps.skype.com] - 20 TCP 192.168.1.34:50134 <-> 157.56.53.47:12350 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][11 pkts/1578 bytes <-> 4 pkts/342 bytes] - 21 TCP 17.143.160.22:5223 <-> 192.168.1.34:49447 [proto: 238.140/ApplePush.Apple][cat: Web/5][6 pkts/1211 bytes <-> 6 pkts/666 bytes] + 20 TCP 192.168.1.34:50134 <-> 157.56.53.47:12350 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][11 pkts/1578 bytes <-> 4 pkts/342 bytes] + 21 TCP 17.143.160.22:5223 <-> 192.168.1.34:49447 [proto: 238/ApplePush][cat: Cloud/13][6 pkts/1211 bytes <-> 6 pkts/666 bytes] 22 TCP 192.168.1.34:50091 <-> 157.55.235.146:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][13 pkts/1554 bytes <-> 3 pkts/200 bytes] - 23 TCP 192.168.1.34:50122 <-> 81.133.19.185:44431 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][14 pkts/1090 bytes <-> 6 pkts/534 bytes] + 23 TCP 192.168.1.34:50122 <-> 81.133.19.185:44431 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][14 pkts/1090 bytes <-> 6 pkts/534 bytes] 24 TCP 192.168.1.34:50039 <-> 213.199.179.175:443 [proto: 91/SSL][cat: Web/5][13 pkts/1392 bytes <-> 3 pkts/200 bytes] 25 TCP 192.168.1.34:50101 <-> 157.55.235.176:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][12 pkts/1305 bytes <-> 3 pkts/285 bytes] 26 TCP 192.168.1.34:50037 <-> 157.55.56.170:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][11 pkts/1218 bytes <-> 4 pkts/351 bytes] 27 TCP 192.168.1.34:50080 <-> 157.55.235.156:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][12 pkts/1249 bytes <-> 3 pkts/285 bytes] 28 TCP 192.168.1.34:50111 <-> 91.190.216.125:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][11 pkts/955 bytes <-> 9 pkts/561 bytes] 29 TCP 192.168.1.34:50081 <-> 157.55.130.176:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][12 pkts/1270 bytes <-> 3 pkts/243 bytes] - 30 TCP 192.168.1.34:50116 <-> 81.83.77.141:17639 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][15 pkts/1138 bytes <-> 4 pkts/372 bytes] - 31 TCP 192.168.1.34:50123 <-> 80.14.46.121:4415 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][14 pkts/1075 bytes <-> 4 pkts/431 bytes] - 32 TCP 192.168.1.34:50075 <-> 213.199.179.142:40003 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][14 pkts/1100 bytes <-> 5 pkts/395 bytes] + 30 TCP 192.168.1.34:50116 <-> 81.83.77.141:17639 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][15 pkts/1138 bytes <-> 4 pkts/372 bytes] + 31 TCP 192.168.1.34:50123 <-> 80.14.46.121:4415 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][14 pkts/1075 bytes <-> 4 pkts/431 bytes] + 32 TCP 192.168.1.34:50075 <-> 213.199.179.142:40003 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][14 pkts/1100 bytes <-> 5 pkts/395 bytes] 33 TCP 192.168.1.34:50072 <-> 157.55.130.170:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][12 pkts/1207 bytes <-> 3 pkts/277 bytes] 34 TCP 192.168.1.34:50066 <-> 65.55.223.12:443 [proto: 91/SSL][cat: Web/5][12 pkts/1221 bytes <-> 3 pkts/231 bytes] - 35 TCP 192.168.1.34:50137 <-> 5.248.186.221:31010 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][14 pkts/1062 bytes <-> 4 pkts/383 bytes] + 35 TCP 192.168.1.34:50137 <-> 5.248.186.221:31010 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][14 pkts/1062 bytes <-> 4 pkts/383 bytes] 36 TCP 192.168.1.34:50076 <-> 157.55.235.156:40014 [proto: 125/Skype][cat: VoIP/10][14 pkts/1083 bytes <-> 4 pkts/359 bytes] 37 TCP 192.168.1.34:50054 <-> 157.55.130.153:40005 [proto: 125/Skype][cat: VoIP/10][13 pkts/1020 bytes <-> 4 pkts/421 bytes] - 38 TCP 192.168.1.34:50132 <-> 149.13.32.15:13392 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][13 pkts/1010 bytes <-> 5 pkts/402 bytes] + 38 TCP 192.168.1.34:50132 <-> 149.13.32.15:13392 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][13 pkts/1010 bytes <-> 5 pkts/402 bytes] 39 TCP 192.168.1.34:50045 <-> 157.55.130.167:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][12 pkts/1151 bytes <-> 3 pkts/260 bytes] - 40 TCP 192.168.1.34:50114 <-> 5.248.186.221:31010 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][14 pkts/1040 bytes <-> 4 pkts/362 bytes] - 41 TCP 192.168.1.34:50065 <-> 65.55.223.12:40031 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][13 pkts/1004 bytes <-> 4 pkts/397 bytes] + 40 TCP 192.168.1.34:50114 <-> 5.248.186.221:31010 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][14 pkts/1040 bytes <-> 4 pkts/362 bytes] + 41 TCP 192.168.1.34:50065 <-> 65.55.223.12:40031 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][13 pkts/1004 bytes <-> 4 pkts/397 bytes] 42 TCP 192.168.1.34:50069 <-> 157.55.56.160:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][11 pkts/1050 bytes <-> 4 pkts/351 bytes] 43 TCP 192.168.1.34:50034 <-> 157.55.130.140:40033 [proto: 125/Skype][cat: VoIP/10][13 pkts/1010 bytes <-> 4 pkts/390 bytes] 44 TCP 192.168.1.34:50088 <-> 157.55.235.146:33033 [proto: 125/Skype][cat: VoIP/10][14 pkts/1085 bytes <-> 4 pkts/315 bytes] 45 TCP 192.168.1.34:50102 <-> 65.55.223.15:443 [proto: 91/SSL][cat: Web/5][11 pkts/1140 bytes <-> 3 pkts/250 bytes] 46 TCP 192.168.1.34:50092 <-> 157.55.130.155:40020 [proto: 125/Skype][cat: VoIP/10][13 pkts/975 bytes <-> 4 pkts/412 bytes] - 47 TCP 192.168.1.34:50115 <-> 86.31.35.30:59621 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][13 pkts/995 bytes <-> 4 pkts/391 bytes] - 48 TCP 192.168.1.34:50098 <-> 65.55.223.15:40026 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][13 pkts/995 bytes <-> 4 pkts/386 bytes] - 49 TCP 192.168.1.34:50130 <-> 212.161.8.36:13392 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][13 pkts/1000 bytes <-> 4 pkts/380 bytes] + 47 TCP 192.168.1.34:50115 <-> 86.31.35.30:59621 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][13 pkts/995 bytes <-> 4 pkts/391 bytes] + 48 TCP 192.168.1.34:50098 <-> 65.55.223.15:40026 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][13 pkts/995 bytes <-> 4 pkts/386 bytes] + 49 TCP 192.168.1.34:50130 <-> 212.161.8.36:13392 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][13 pkts/1000 bytes <-> 4 pkts/380 bytes] 50 TCP 192.168.1.34:50079 <-> 213.199.179.142:443 [proto: 91/SSL][cat: Web/5][13 pkts/1176 bytes <-> 3 pkts/200 bytes] 51 TCP 192.168.1.34:50097 <-> 157.55.235.176:40022 [proto: 125/Skype][cat: VoIP/10][13 pkts/1000 bytes <-> 4 pkts/371 bytes] - 52 TCP 192.168.1.34:50026 <-> 65.55.223.33:40002 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][13 pkts/971 bytes <-> 4 pkts/399 bytes] + 52 TCP 192.168.1.34:50026 <-> 65.55.223.33:40002 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][13 pkts/971 bytes <-> 4 pkts/399 bytes] 53 TCP 192.168.1.34:50033 <-> 157.55.56.170:40015 [proto: 125/Skype][cat: VoIP/10][13 pkts/977 bytes <-> 4 pkts/384 bytes] 54 TCP 192.168.1.34:50053 <-> 157.55.56.146:40030 [proto: 125/Skype][cat: VoIP/10][12 pkts/940 bytes <-> 5 pkts/415 bytes] - 55 TCP 192.168.1.34:50099 <-> 64.4.23.166:40022 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][12 pkts/948 bytes <-> 4 pkts/407 bytes] + 55 TCP 192.168.1.34:50099 <-> 64.4.23.166:40022 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][12 pkts/948 bytes <-> 4 pkts/407 bytes] 56 TCP 192.168.1.34:50044 <-> 157.55.130.167:40031 [proto: 125/Skype][cat: VoIP/10][13 pkts/993 bytes <-> 4 pkts/360 bytes] 57 TCP 192.168.1.34:50051 <-> 157.55.130.166:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][12 pkts/1074 bytes <-> 3 pkts/277 bytes] 58 TCP 192.168.1.34:50057 <-> 157.55.130.153:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][12 pkts/1102 bytes <-> 3 pkts/247 bytes] @@ -81,26 +83,26 @@ MS_OneDrive 387 198090 1 66 TCP 192.168.1.34:50032 <-> 157.56.52.44:40032 [proto: 125/Skype][cat: VoIP/10][12 pkts/969 bytes <-> 4 pkts/337 bytes] 67 TCP 192.168.1.34:50094 <-> 157.55.130.155:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][12 pkts/1039 bytes <-> 3 pkts/267 bytes] 68 TCP 192.168.1.34:50067 <-> 157.55.56.160:40027 [proto: 125/Skype][cat: VoIP/10][12 pkts/899 bytes <-> 5 pkts/406 bytes] - 69 TCP 192.168.1.34:50035 <-> 213.199.179.175:40021 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][13 pkts/982 bytes <-> 4 pkts/322 bytes] + 69 TCP 192.168.1.34:50035 <-> 213.199.179.175:40021 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][13 pkts/982 bytes <-> 4 pkts/322 bytes] 70 TCP 192.168.1.34:50063 <-> 111.221.74.38:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][10 pkts/1002 bytes <-> 3 pkts/285 bytes] 71 TCP 192.168.1.34:50049 <-> 157.55.130.166:40021 [proto: 125/Skype][cat: VoIP/10][11 pkts/836 bytes <-> 5 pkts/442 bytes] 72 TCP 192.168.1.34:50086 <-> 111.221.77.142:40023 [proto: 125/Skype][cat: VoIP/10][11 pkts/841 bytes <-> 5 pkts/429 bytes] 73 TCP 192.168.1.34:50056 <-> 157.55.56.146:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][11 pkts/999 bytes <-> 4 pkts/266 bytes] 74 TCP 192.168.1.34:50038 <-> 157.55.130.140:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][12 pkts/1032 bytes <-> 3 pkts/230 bytes] 75 TCP 192.168.1.34:50055 <-> 111.221.74.47:40030 [proto: 125/Skype][cat: VoIP/10][11 pkts/866 bytes <-> 5 pkts/396 bytes] - 76 TCP 192.168.1.34:50112 <-> 76.167.161.6:20274 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][11 pkts/843 bytes <-> 4 pkts/411 bytes] - 77 TCP 192.168.1.34:50141 <-> 80.14.46.121:4415 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][13 pkts/994 bytes <-> 2 pkts/243 bytes] + 76 TCP 192.168.1.34:50112 <-> 76.167.161.6:20274 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][11 pkts/843 bytes <-> 4 pkts/411 bytes] + 77 TCP 192.168.1.34:50141 <-> 80.14.46.121:4415 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][13 pkts/994 bytes <-> 2 pkts/243 bytes] 78 TCP 192.168.1.34:50059 <-> 111.221.74.38:40015 [proto: 125/Skype][cat: VoIP/10][11 pkts/820 bytes <-> 5 pkts/416 bytes] 79 TCP 192.168.1.34:50046 <-> 157.55.130.150:40011 [proto: 125/Skype][cat: VoIP/10][11 pkts/843 bytes <-> 4 pkts/386 bytes] 80 TCP 192.168.1.34:50096 <-> 111.221.74.46:40027 [proto: 125/Skype][cat: VoIP/10][11 pkts/822 bytes <-> 4 pkts/390 bytes] 81 TCP 192.168.1.34:50058 <-> 111.221.74.47:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][10 pkts/857 bytes <-> 4 pkts/351 bytes] - 82 TCP 192.168.1.34:50113 <-> 71.238.7.203:18767 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][11 pkts/827 bytes <-> 3 pkts/325 bytes] + 82 TCP 192.168.1.34:50113 <-> 71.238.7.203:18767 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][11 pkts/827 bytes <-> 3 pkts/325 bytes] 83 TCP 192.168.1.34:50103 <-> 64.4.23.166:443 [proto: 91/SSL][cat: Web/5][9 pkts/862 bytes <-> 3 pkts/285 bytes] - 84 TCP 192.168.1.34:50143 <-> 78.202.226.115:29059 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][12 pkts/935 bytes <-> 2 pkts/197 bytes] + 84 TCP 192.168.1.34:50143 <-> 78.202.226.115:29059 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][12 pkts/935 bytes <-> 2 pkts/197 bytes] 85 TCP 192.168.1.34:50100 <-> 111.221.74.46:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][10 pkts/872 bytes <-> 3 pkts/237 bytes] - 86 TCP 192.168.1.34:50135 <-> 76.167.161.6:20274 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][11 pkts/838 bytes <-> 3 pkts/270 bytes] + 86 TCP 192.168.1.34:50135 <-> 76.167.161.6:20274 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][11 pkts/838 bytes <-> 3 pkts/270 bytes] 87 TCP 192.168.1.34:50087 <-> 111.221.77.142:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][9 pkts/822 bytes <-> 3 pkts/285 bytes] - 88 TCP 192.168.1.34:50136 <-> 71.238.7.203:18767 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][11 pkts/814 bytes <-> 3 pkts/287 bytes] + 88 TCP 192.168.1.34:50136 <-> 71.238.7.203:18767 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][11 pkts/814 bytes <-> 3 pkts/287 bytes] 89 UDP [fe80::c62c:3ff:fe06:49fe]:5353 -> [ff02::fb]:5353 [proto: 8/MDNS][cat: Network/14][4 pkts/908 bytes -> 0 pkts/0 bytes] 90 UDP 192.168.1.92:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network/14][4 pkts/828 bytes -> 0 pkts/0 bytes] 91 TCP 192.168.1.34:50125 <-> 91.190.218.125:12350 [proto: 125/Skype][cat: VoIP/10][6 pkts/417 bytes <-> 4 pkts/352 bytes] @@ -140,160 +142,160 @@ MS_OneDrive 387 198090 1 125 UDP 192.168.1.34:51066 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][2 pkts/349 bytes -> 0 pkts/0 bytes] 126 UDP 192.168.1.34:56886 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][2 pkts/349 bytes -> 0 pkts/0 bytes] 127 UDP 192.168.1.34:64560 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][2 pkts/349 bytes -> 0 pkts/0 bytes] - 128 UDP 192.168.1.34:13021 -> 76.185.207.12:45493 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][5 pkts/300 bytes -> 0 pkts/0 bytes] - 129 UDP 192.168.1.34:13021 -> 176.26.55.167:63773 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][5 pkts/300 bytes -> 0 pkts/0 bytes] + 128 UDP 192.168.1.34:13021 -> 76.185.207.12:45493 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][5 pkts/300 bytes -> 0 pkts/0 bytes] + 129 UDP 192.168.1.34:13021 -> 176.26.55.167:63773 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][5 pkts/300 bytes -> 0 pkts/0 bytes] 130 UDP 192.168.1.34:58681 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/101 bytes <-> 1 pkts/166 bytes][Host: db3msgr5011709.gateway.messenger.live.com] 131 UDP 192.168.1.34:62454 <-> 192.168.1.1:53 [proto: 5.143/DNS.AppleiCloud][cat: Web/5][1 pkts/101 bytes <-> 1 pkts/133 bytes][Host: p05-keyvalueservice.icloud.com.akadns.net] - 132 UDP 192.168.1.34:123 <-> 17.253.48.245:123 [proto: 9.140/NTP.Apple][cat: Web/5][1 pkts/90 bytes <-> 1 pkts/90 bytes] + 132 UDP 192.168.1.34:123 <-> 17.253.48.245:123 [proto: 9/NTP][cat: System/18][1 pkts/90 bytes <-> 1 pkts/90 bytes] 133 UDP 192.168.1.34:51879 <-> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][1 pkts/82 bytes <-> 1 pkts/98 bytes][Host: e4593.g.akamaiedge.net] 134 UDP 192.168.1.34:63321 <-> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][1 pkts/82 bytes <-> 1 pkts/98 bytes][Host: e4593.g.akamaiedge.net] 135 UDP 192.168.1.34:64085 <-> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][1 pkts/82 bytes <-> 1 pkts/98 bytes][Host: e7768.b.akamaiedge.net] 136 TCP 192.168.1.34:50024 <-> 17.172.100.36:443 [proto: 91.140/SSL.Apple][cat: Web/5][2 pkts/108 bytes <-> 1 pkts/60 bytes] 137 IGMP 192.168.0.254:0 -> 224.0.0.1:0 [proto: 82/IGMP][cat: Network/14][2 pkts/92 bytes -> 0 pkts/0 bytes] - 138 UDP 192.168.1.34:13021 -> 64.4.23.145:40024 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] - 139 UDP 192.168.1.34:13021 -> 65.55.223.26:40004 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] - 140 UDP 192.168.1.34:13021 -> 65.55.223.33:40011 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] - 141 UDP 192.168.1.34:13021 -> 157.55.56.168:40006 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] - 142 UDP 192.168.1.34:13021 -> 157.55.130.146:40026 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] - 143 UDP 192.168.1.34:13021 -> 157.55.130.154:40005 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] - 144 UDP 192.168.1.34:13021 -> 157.55.235.147:40020 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] - 145 UDP 192.168.1.34:13021 -> 157.55.235.152:40001 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] - 146 UDP 192.168.1.34:13021 -> 213.199.179.155:40004 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] - 147 UDP 192.168.1.34:13021 -> 111.221.74.28:40014 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] - 148 UDP 192.168.1.34:13021 -> 111.221.77.146:33033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] - 149 UDP 192.168.1.34:13021 -> 111.221.77.155:40004 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] - 150 UDP 192.168.1.34:13021 -> 111.221.77.159:40009 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] - 151 UDP 192.168.1.34:13021 -> 111.221.77.172:40010 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] - 152 UDP 192.168.1.34:13021 -> 157.55.130.156:40034 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] - 153 UDP 192.168.1.34:13021 -> 157.55.235.161:40011 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] - 154 UDP 192.168.1.34:13021 -> 157.55.235.176:40022 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] - 155 UDP 192.168.1.34:13021 -> 157.56.52.27:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] - 156 UDP 192.168.1.34:13021 -> 157.56.52.28:40009 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] - 157 UDP 192.168.1.34:13021 -> 64.4.23.143:40018 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 158 UDP 192.168.1.34:13021 -> 64.4.23.155:40004 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 159 UDP 192.168.1.34:13021 -> 65.55.223.29:40010 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 160 UDP 192.168.1.34:13021 -> 111.221.74.15:40024 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 161 UDP 192.168.1.34:13021 -> 111.221.77.145:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 162 UDP 192.168.1.34:13021 -> 111.221.77.166:40011 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 163 UDP 192.168.1.34:13021 -> 157.55.56.142:40023 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 164 UDP 192.168.1.34:13021 -> 157.55.56.151:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 165 UDP 192.168.1.34:13021 -> 157.55.56.175:40013 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 166 UDP 192.168.1.34:13021 -> 157.55.130.143:40017 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 167 UDP 192.168.1.34:13021 -> 157.55.235.155:40003 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 168 UDP 192.168.1.34:13021 -> 157.56.52.17:40013 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 169 UDP 192.168.1.34:13021 -> 64.4.23.166:40022 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] - 170 UDP 192.168.1.34:13021 -> 65.55.223.25:40028 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] - 171 UDP 192.168.1.34:13021 -> 65.55.223.43:40002 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] - 172 UDP 192.168.1.34:13021 -> 111.221.74.43:40001 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] - 173 UDP 192.168.1.34:13021 -> 111.221.77.151:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] - 174 UDP 192.168.1.34:13021 -> 157.55.56.162:40004 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] - 175 UDP 192.168.1.34:13021 -> 157.55.130.147:40019 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] - 176 UDP 192.168.1.34:13021 -> 157.55.235.175:40008 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] - 177 UDP 192.168.1.34:13021 -> 213.199.179.150:40004 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] - 178 UDP 192.168.1.34:13021 -> 111.221.74.12:40031 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] - 179 UDP 192.168.1.34:13021 -> 111.221.74.48:40008 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] - 180 UDP 192.168.1.34:13021 -> 111.221.77.165:40020 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] - 181 UDP 192.168.1.34:13021 -> 213.199.179.141:40015 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] - 182 UDP 192.168.1.34:13021 -> 213.199.179.143:40022 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] - 183 UDP 192.168.1.34:13021 -> 213.199.179.154:40034 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] - 184 UDP 192.168.1.34:13021 -> 65.55.223.28:40026 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] - 185 UDP 192.168.1.34:13021 -> 111.221.74.40:40018 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] - 186 UDP 192.168.1.34:13021 -> 157.55.130.175:40006 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] - 187 UDP 192.168.1.34:13021 -> 157.56.52.26:40026 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] - 188 UDP 192.168.1.34:13021 -> 213.199.179.165:40007 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] - 189 UDP 192.168.1.34:13021 -> 64.4.23.141:40004 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] - 190 UDP 192.168.1.34:13021 -> 111.221.74.29:40024 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] - 191 UDP 192.168.1.34:13021 -> 111.221.74.31:40021 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] - 192 UDP 192.168.1.34:13021 -> 111.221.77.176:40020 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] - 193 UDP 192.168.1.34:13021 -> 157.55.235.153:40023 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] - 194 UDP 192.168.1.34:13021 -> 213.199.179.168:40006 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] - 195 UDP 192.168.1.34:13021 -> 64.4.23.151:40029 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] - 196 UDP 192.168.1.34:13021 -> 64.4.23.165:40020 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] - 197 UDP 192.168.1.34:13021 -> 111.221.77.142:40023 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] - 198 UDP 192.168.1.34:13021 -> 157.55.130.151:40017 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] - 199 UDP 192.168.1.34:13021 -> 64.4.23.168:40006 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] - 200 UDP 192.168.1.34:13021 -> 65.55.223.21:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] - 201 UDP 192.168.1.34:13021 -> 65.55.223.45:40012 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] - 202 UDP 192.168.1.34:13021 -> 111.221.74.44:40031 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] - 203 UDP 192.168.1.34:13021 -> 111.221.74.46:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] - 204 UDP 192.168.1.34:13021 -> 111.221.77.153:40024 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] - 205 UDP 192.168.1.34:13021 -> 157.55.56.148:40010 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] - 206 UDP 192.168.1.34:13021 -> 157.55.235.157:40010 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] - 207 UDP 192.168.1.34:13021 -> 157.55.235.172:40032 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] - 208 UDP 192.168.1.34:13021 -> 157.56.52.18:33033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] - 209 UDP 192.168.1.34:13021 -> 213.199.179.170:40011 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] - 210 UDP 192.168.1.34:13021 -> 64.4.23.150:40004 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 211 UDP 192.168.1.34:13021 -> 64.4.23.159:40009 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 212 UDP 192.168.1.34:13021 -> 65.55.223.17:40022 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 213 UDP 192.168.1.34:13021 -> 111.221.74.17:40022 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 214 UDP 192.168.1.34:13021 -> 111.221.74.18:33033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 215 UDP 192.168.1.34:13021 -> 111.221.74.32:40009 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 216 UDP 192.168.1.34:13021 -> 111.221.74.42:40024 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 217 UDP 192.168.1.34:13021 -> 157.55.56.146:33033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 218 UDP 192.168.1.34:13021 -> 157.55.56.161:40012 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 219 UDP 192.168.1.34:13021 -> 157.55.130.155:40020 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 220 UDP 192.168.1.34:13021 -> 157.55.130.165:40026 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 221 UDP 192.168.1.34:13021 -> 157.55.235.142:40025 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 222 UDP 192.168.1.34:13021 -> 157.56.52.33:40011 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 223 UDP 192.168.1.34:13021 -> 213.199.179.162:40029 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 224 UDP 192.168.1.34:13021 -> 64.4.23.148:40010 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] - 225 UDP 192.168.1.34:13021 -> 65.55.223.18:33033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] - 226 UDP 192.168.1.34:13021 -> 65.55.223.41:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] - 227 UDP 192.168.1.34:13021 -> 111.221.77.148:40029 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] - 228 UDP 192.168.1.34:13021 -> 157.55.130.146:33033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] - 229 UDP 192.168.1.34:13021 -> 157.55.235.143:40030 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] - 230 UDP 192.168.1.34:13021 -> 157.55.235.160:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] - 231 UDP 192.168.1.34:13021 -> 157.55.235.166:40015 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] - 232 UDP 192.168.1.34:13021 -> 157.56.52.37:40032 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] - 233 UDP 192.168.1.34:13021 -> 64.4.23.140:40012 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] - 234 UDP 192.168.1.34:13021 -> 64.4.23.170:40011 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] - 235 UDP 192.168.1.34:13021 -> 111.221.74.19:40001 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] - 236 UDP 192.168.1.34:13021 -> 111.221.77.160:40028 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] - 237 UDP 192.168.1.34:13021 -> 111.221.77.168:40007 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] - 238 UDP 192.168.1.34:13021 -> 157.55.56.145:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] - 239 UDP 192.168.1.34:13021 -> 157.55.56.165:40020 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] - 240 UDP 192.168.1.34:13021 -> 157.55.235.145:40022 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] - 241 UDP 192.168.1.34:13021 -> 157.56.52.15:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] - 242 UDP 192.168.1.34:13021 -> 65.55.223.24:40032 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 243 UDP 192.168.1.34:13021 -> 111.221.74.16:40032 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 244 UDP 192.168.1.34:13021 -> 111.221.77.141:40020 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 245 UDP 192.168.1.34:13021 -> 111.221.77.149:40030 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 246 UDP 192.168.1.34:13021 -> 111.221.77.154:40017 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 247 UDP 192.168.1.34:13021 -> 157.55.130.157:40013 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 248 UDP 192.168.1.34:13021 -> 157.55.130.160:40029 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 249 UDP 192.168.1.34:13021 -> 157.55.130.172:40019 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 250 UDP 192.168.1.34:13021 -> 157.56.52.45:40012 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 251 UDP 192.168.1.34:13021 -> 213.199.179.146:33033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 252 UDP 192.168.1.34:13021 -> 213.199.179.146:40030 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 253 UDP 192.168.1.34:13021 -> 64.4.23.146:33033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] - 254 UDP 192.168.1.34:13021 -> 64.4.23.173:40017 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] - 255 UDP 192.168.1.34:13021 -> 65.55.223.15:40026 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] - 256 UDP 192.168.1.34:13021 -> 65.55.223.38:40015 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] - 257 UDP 192.168.1.34:13021 -> 65.55.223.44:40013 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] - 258 UDP 192.168.1.34:13021 -> 111.221.74.25:40028 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] - 259 UDP 192.168.1.34:13021 -> 111.221.77.143:40022 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] - 260 UDP 192.168.1.34:13021 -> 157.55.130.144:40034 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] - 261 UDP 192.168.1.34:13021 -> 157.55.235.146:33033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] - 262 UDP 192.168.1.34:13021 -> 213.199.179.145:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] - 263 UDP 192.168.1.34:13021 -> 65.55.223.20:40033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] - 264 UDP 192.168.1.34:13021 -> 111.221.74.24:40001 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] - 265 UDP 192.168.1.34:13021 -> 111.221.77.140:40003 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] - 266 UDP 192.168.1.34:13021 -> 157.55.56.166:40022 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] - 267 UDP 192.168.1.34:13021 -> 157.55.130.148:40019 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] - 268 UDP 192.168.1.34:13021 -> 157.55.235.158:40031 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] - 269 UDP 192.168.1.34:13021 -> 157.55.235.159:40021 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] - 270 UDP 192.168.1.34:13021 -> 157.55.235.173:40012 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] - 271 UDP 192.168.1.34:13021 -> 157.56.52.21:40004 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] - 272 UDP 192.168.1.34:13021 -> 157.56.52.24:40001 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] - 273 UDP 192.168.1.34:13021 -> 157.56.52.47:40029 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] - 274 UDP 192.168.1.34:13021 -> 213.199.179.152:40023 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] + 138 UDP 192.168.1.34:13021 -> 64.4.23.145:40024 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] + 139 UDP 192.168.1.34:13021 -> 65.55.223.26:40004 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] + 140 UDP 192.168.1.34:13021 -> 65.55.223.33:40011 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] + 141 UDP 192.168.1.34:13021 -> 157.55.56.168:40006 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] + 142 UDP 192.168.1.34:13021 -> 157.55.130.146:40026 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] + 143 UDP 192.168.1.34:13021 -> 157.55.130.154:40005 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] + 144 UDP 192.168.1.34:13021 -> 157.55.235.147:40020 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] + 145 UDP 192.168.1.34:13021 -> 157.55.235.152:40001 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] + 146 UDP 192.168.1.34:13021 -> 213.199.179.155:40004 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] + 147 UDP 192.168.1.34:13021 -> 111.221.74.28:40014 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] + 148 UDP 192.168.1.34:13021 -> 111.221.77.146:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] + 149 UDP 192.168.1.34:13021 -> 111.221.77.155:40004 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] + 150 UDP 192.168.1.34:13021 -> 111.221.77.159:40009 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] + 151 UDP 192.168.1.34:13021 -> 111.221.77.172:40010 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] + 152 UDP 192.168.1.34:13021 -> 157.55.130.156:40034 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] + 153 UDP 192.168.1.34:13021 -> 157.55.235.161:40011 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] + 154 UDP 192.168.1.34:13021 -> 157.55.235.176:40022 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] + 155 UDP 192.168.1.34:13021 -> 157.56.52.27:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] + 156 UDP 192.168.1.34:13021 -> 157.56.52.28:40009 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] + 157 UDP 192.168.1.34:13021 -> 64.4.23.143:40018 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 158 UDP 192.168.1.34:13021 -> 64.4.23.155:40004 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 159 UDP 192.168.1.34:13021 -> 65.55.223.29:40010 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 160 UDP 192.168.1.34:13021 -> 111.221.74.15:40024 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 161 UDP 192.168.1.34:13021 -> 111.221.77.145:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 162 UDP 192.168.1.34:13021 -> 111.221.77.166:40011 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 163 UDP 192.168.1.34:13021 -> 157.55.56.142:40023 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 164 UDP 192.168.1.34:13021 -> 157.55.56.151:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 165 UDP 192.168.1.34:13021 -> 157.55.56.175:40013 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 166 UDP 192.168.1.34:13021 -> 157.55.130.143:40017 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 167 UDP 192.168.1.34:13021 -> 157.55.235.155:40003 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 168 UDP 192.168.1.34:13021 -> 157.56.52.17:40013 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 169 UDP 192.168.1.34:13021 -> 64.4.23.166:40022 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] + 170 UDP 192.168.1.34:13021 -> 65.55.223.25:40028 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] + 171 UDP 192.168.1.34:13021 -> 65.55.223.43:40002 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] + 172 UDP 192.168.1.34:13021 -> 111.221.74.43:40001 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] + 173 UDP 192.168.1.34:13021 -> 111.221.77.151:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] + 174 UDP 192.168.1.34:13021 -> 157.55.56.162:40004 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] + 175 UDP 192.168.1.34:13021 -> 157.55.130.147:40019 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] + 176 UDP 192.168.1.34:13021 -> 157.55.235.175:40008 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] + 177 UDP 192.168.1.34:13021 -> 213.199.179.150:40004 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] + 178 UDP 192.168.1.34:13021 -> 111.221.74.12:40031 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] + 179 UDP 192.168.1.34:13021 -> 111.221.74.48:40008 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] + 180 UDP 192.168.1.34:13021 -> 111.221.77.165:40020 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] + 181 UDP 192.168.1.34:13021 -> 213.199.179.141:40015 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] + 182 UDP 192.168.1.34:13021 -> 213.199.179.143:40022 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] + 183 UDP 192.168.1.34:13021 -> 213.199.179.154:40034 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] + 184 UDP 192.168.1.34:13021 -> 65.55.223.28:40026 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] + 185 UDP 192.168.1.34:13021 -> 111.221.74.40:40018 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] + 186 UDP 192.168.1.34:13021 -> 157.55.130.175:40006 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] + 187 UDP 192.168.1.34:13021 -> 157.56.52.26:40026 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] + 188 UDP 192.168.1.34:13021 -> 213.199.179.165:40007 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] + 189 UDP 192.168.1.34:13021 -> 64.4.23.141:40004 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] + 190 UDP 192.168.1.34:13021 -> 111.221.74.29:40024 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] + 191 UDP 192.168.1.34:13021 -> 111.221.74.31:40021 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] + 192 UDP 192.168.1.34:13021 -> 111.221.77.176:40020 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] + 193 UDP 192.168.1.34:13021 -> 157.55.235.153:40023 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] + 194 UDP 192.168.1.34:13021 -> 213.199.179.168:40006 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] + 195 UDP 192.168.1.34:13021 -> 64.4.23.151:40029 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] + 196 UDP 192.168.1.34:13021 -> 64.4.23.165:40020 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] + 197 UDP 192.168.1.34:13021 -> 111.221.77.142:40023 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] + 198 UDP 192.168.1.34:13021 -> 157.55.130.151:40017 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] + 199 UDP 192.168.1.34:13021 -> 64.4.23.168:40006 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] + 200 UDP 192.168.1.34:13021 -> 65.55.223.21:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] + 201 UDP 192.168.1.34:13021 -> 65.55.223.45:40012 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] + 202 UDP 192.168.1.34:13021 -> 111.221.74.44:40031 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] + 203 UDP 192.168.1.34:13021 -> 111.221.74.46:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] + 204 UDP 192.168.1.34:13021 -> 111.221.77.153:40024 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] + 205 UDP 192.168.1.34:13021 -> 157.55.56.148:40010 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] + 206 UDP 192.168.1.34:13021 -> 157.55.235.157:40010 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] + 207 UDP 192.168.1.34:13021 -> 157.55.235.172:40032 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] + 208 UDP 192.168.1.34:13021 -> 157.56.52.18:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] + 209 UDP 192.168.1.34:13021 -> 213.199.179.170:40011 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] + 210 UDP 192.168.1.34:13021 -> 64.4.23.150:40004 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 211 UDP 192.168.1.34:13021 -> 64.4.23.159:40009 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 212 UDP 192.168.1.34:13021 -> 65.55.223.17:40022 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 213 UDP 192.168.1.34:13021 -> 111.221.74.17:40022 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 214 UDP 192.168.1.34:13021 -> 111.221.74.18:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 215 UDP 192.168.1.34:13021 -> 111.221.74.32:40009 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 216 UDP 192.168.1.34:13021 -> 111.221.74.42:40024 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 217 UDP 192.168.1.34:13021 -> 157.55.56.146:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 218 UDP 192.168.1.34:13021 -> 157.55.56.161:40012 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 219 UDP 192.168.1.34:13021 -> 157.55.130.155:40020 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 220 UDP 192.168.1.34:13021 -> 157.55.130.165:40026 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 221 UDP 192.168.1.34:13021 -> 157.55.235.142:40025 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 222 UDP 192.168.1.34:13021 -> 157.56.52.33:40011 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 223 UDP 192.168.1.34:13021 -> 213.199.179.162:40029 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 224 UDP 192.168.1.34:13021 -> 64.4.23.148:40010 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] + 225 UDP 192.168.1.34:13021 -> 65.55.223.18:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] + 226 UDP 192.168.1.34:13021 -> 65.55.223.41:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] + 227 UDP 192.168.1.34:13021 -> 111.221.77.148:40029 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] + 228 UDP 192.168.1.34:13021 -> 157.55.130.146:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] + 229 UDP 192.168.1.34:13021 -> 157.55.235.143:40030 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] + 230 UDP 192.168.1.34:13021 -> 157.55.235.160:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] + 231 UDP 192.168.1.34:13021 -> 157.55.235.166:40015 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] + 232 UDP 192.168.1.34:13021 -> 157.56.52.37:40032 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] + 233 UDP 192.168.1.34:13021 -> 64.4.23.140:40012 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] + 234 UDP 192.168.1.34:13021 -> 64.4.23.170:40011 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] + 235 UDP 192.168.1.34:13021 -> 111.221.74.19:40001 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] + 236 UDP 192.168.1.34:13021 -> 111.221.77.160:40028 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] + 237 UDP 192.168.1.34:13021 -> 111.221.77.168:40007 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] + 238 UDP 192.168.1.34:13021 -> 157.55.56.145:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] + 239 UDP 192.168.1.34:13021 -> 157.55.56.165:40020 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] + 240 UDP 192.168.1.34:13021 -> 157.55.235.145:40022 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] + 241 UDP 192.168.1.34:13021 -> 157.56.52.15:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] + 242 UDP 192.168.1.34:13021 -> 65.55.223.24:40032 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 243 UDP 192.168.1.34:13021 -> 111.221.74.16:40032 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 244 UDP 192.168.1.34:13021 -> 111.221.77.141:40020 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 245 UDP 192.168.1.34:13021 -> 111.221.77.149:40030 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 246 UDP 192.168.1.34:13021 -> 111.221.77.154:40017 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 247 UDP 192.168.1.34:13021 -> 157.55.130.157:40013 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 248 UDP 192.168.1.34:13021 -> 157.55.130.160:40029 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 249 UDP 192.168.1.34:13021 -> 157.55.130.172:40019 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 250 UDP 192.168.1.34:13021 -> 157.56.52.45:40012 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 251 UDP 192.168.1.34:13021 -> 213.199.179.146:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 252 UDP 192.168.1.34:13021 -> 213.199.179.146:40030 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 253 UDP 192.168.1.34:13021 -> 64.4.23.146:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] + 254 UDP 192.168.1.34:13021 -> 64.4.23.173:40017 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] + 255 UDP 192.168.1.34:13021 -> 65.55.223.15:40026 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] + 256 UDP 192.168.1.34:13021 -> 65.55.223.38:40015 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] + 257 UDP 192.168.1.34:13021 -> 65.55.223.44:40013 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] + 258 UDP 192.168.1.34:13021 -> 111.221.74.25:40028 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] + 259 UDP 192.168.1.34:13021 -> 111.221.77.143:40022 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] + 260 UDP 192.168.1.34:13021 -> 157.55.130.144:40034 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] + 261 UDP 192.168.1.34:13021 -> 157.55.235.146:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] + 262 UDP 192.168.1.34:13021 -> 213.199.179.145:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] + 263 UDP 192.168.1.34:13021 -> 65.55.223.20:40033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] + 264 UDP 192.168.1.34:13021 -> 111.221.74.24:40001 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] + 265 UDP 192.168.1.34:13021 -> 111.221.77.140:40003 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] + 266 UDP 192.168.1.34:13021 -> 157.55.56.166:40022 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] + 267 UDP 192.168.1.34:13021 -> 157.55.130.148:40019 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] + 268 UDP 192.168.1.34:13021 -> 157.55.235.158:40031 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] + 269 UDP 192.168.1.34:13021 -> 157.55.235.159:40021 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] + 270 UDP 192.168.1.34:13021 -> 157.55.235.173:40012 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] + 271 UDP 192.168.1.34:13021 -> 157.56.52.21:40004 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] + 272 UDP 192.168.1.34:13021 -> 157.56.52.24:40001 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] + 273 UDP 192.168.1.34:13021 -> 157.56.52.47:40029 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] + 274 UDP 192.168.1.34:13021 -> 213.199.179.152:40023 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] 275 IGMP 192.168.1.1:0 -> 224.0.0.1:0 [proto: 82/IGMP][cat: Network/14][1 pkts/60 bytes -> 0 pkts/0 bytes] 276 IGMP 192.168.1.92:0 -> 224.0.0.251:0 [proto: 82/IGMP][cat: Network/14][1 pkts/60 bytes -> 0 pkts/0 bytes] - 277 UDP 192.168.1.34:13021 -> 65.55.223.39:443 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes] - 278 UDP 192.168.1.34:13021 -> 71.62.0.85:33647 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes] - 279 UDP 192.168.1.34:13021 -> 106.188.249.186:15120 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes] - 280 UDP 192.168.1.34:13021 -> 157.55.130.145:443 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes] - 281 UDP 192.168.1.34:13021 -> 176.97.100.249:26635 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes] + 277 UDP 192.168.1.34:13021 -> 65.55.223.39:443 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes] + 278 UDP 192.168.1.34:13021 -> 71.62.0.85:33647 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes] + 279 UDP 192.168.1.34:13021 -> 106.188.249.186:15120 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes] + 280 UDP 192.168.1.34:13021 -> 157.55.130.145:443 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes] + 281 UDP 192.168.1.34:13021 -> 176.97.100.249:26635 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes] 282 IGMP 192.168.1.34:0 -> 224.0.0.251:0 [proto: 82/IGMP][cat: Network/14][1 pkts/46 bytes -> 0 pkts/0 bytes] diff --git a/tests/result/skype_no_unknown.pcap.out b/tests/result/skype_no_unknown.pcap.out index bbddd568f..f83f6b559 100644 --- a/tests/result/skype_no_unknown.pcap.out +++ b/tests/result/skype_no_unknown.pcap.out @@ -3,21 +3,22 @@ DNS 2 267 1 MDNS 3 400 2 NetBIOS 22 3106 7 SSDP 40 14100 3 -SkypeCallIn 454 39996 164 +SkypeCall 454 39996 164 ICMP 4 328 1 IGMP 4 226 4 SSL 79 7742 6 Dropbox 16 7342 5 Skype 840 150346 60 -Apple 84 20699 2 +Apple 76 19581 1 MS_OneDrive 348 181687 1 +ApplePush 8 1118 1 1 TCP 192.168.1.34:51230 <-> 157.56.126.211:443 [proto: 91.221/SSL.MS_OneDrive][cat: Cloud/13][166 pkts/39042 bytes <-> 182 pkts/142645 bytes][server: *.gateway.messenger.live.com] 2 TCP 192.168.1.34:51279 <-> 111.221.74.48:40008 [proto: 125/Skype][cat: VoIP/10][101 pkts/30681 bytes <-> 98 pkts/59934 bytes] 3 TCP 192.168.1.34:51227 <-> 17.172.100.36:443 [proto: 91.140/SSL.Apple][cat: Web/5][38 pkts/9082 bytes <-> 38 pkts/10499 bytes] 4 UDP 192.168.0.254:1025 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][36 pkts/13402 bytes -> 0 pkts/0 bytes] - 5 TCP 192.168.1.34:51292 <-> 71.238.7.203:18767 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][17 pkts/2686 bytes <-> 13 pkts/2218 bytes] - 6 TCP 192.168.1.34:51293 <-> 5.248.186.221:31010 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][12 pkts/2194 bytes <-> 8 pkts/1711 bytes] + 5 TCP 192.168.1.34:51292 <-> 71.238.7.203:18767 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][17 pkts/2686 bytes <-> 13 pkts/2218 bytes] + 6 TCP 192.168.1.34:51293 <-> 5.248.186.221:31010 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][12 pkts/2194 bytes <-> 8 pkts/1711 bytes] 7 TCP 192.168.1.34:51231 <-> 23.206.33.166:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][16 pkts/3461 bytes <-> 1 pkts/74 bytes][client: apps.skype.com] 8 TCP 192.168.1.34:51297 <-> 91.190.216.24:12350 [proto: 125/Skype][cat: VoIP/10][12 pkts/3242 bytes <-> 3 pkts/290 bytes] 9 TCP 108.160.163.108:443 <-> 192.168.1.34:51222 [proto: 91.121/SSL.Dropbox][cat: Cloud/13][4 pkts/818 bytes <-> 4 pkts/2172 bytes] @@ -29,52 +30,52 @@ MS_OneDrive 348 181687 1 15 TCP 192.168.1.34:51239 <-> 65.55.223.45:443 [proto: 91/SSL][cat: Web/5][12 pkts/1291 bytes <-> 3 pkts/242 bytes] 16 TCP 192.168.1.34:51274 <-> 157.55.235.152:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][12 pkts/1235 bytes <-> 3 pkts/285 bytes] 17 TCP 192.168.1.34:51260 <-> 157.55.130.142:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][12 pkts/1249 bytes <-> 3 pkts/265 bytes] - 18 TCP 192.168.1.34:51258 <-> 213.199.179.176:40021 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][14 pkts/1104 bytes <-> 5 pkts/392 bytes] - 19 TCP 192.168.1.34:51269 <-> 213.199.179.175:40029 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][14 pkts/1106 bytes <-> 5 pkts/385 bytes] - 20 TCP 192.168.1.34:51290 <-> 5.248.186.221:31010 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][14 pkts/1070 bytes <-> 4 pkts/420 bytes] + 18 TCP 192.168.1.34:51258 <-> 213.199.179.176:40021 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][14 pkts/1104 bytes <-> 5 pkts/392 bytes] + 19 TCP 192.168.1.34:51269 <-> 213.199.179.175:40029 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][14 pkts/1106 bytes <-> 5 pkts/385 bytes] + 20 TCP 192.168.1.34:51290 <-> 5.248.186.221:31010 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][14 pkts/1070 bytes <-> 4 pkts/420 bytes] 21 TCP 192.168.1.34:51234 <-> 157.55.235.147:40001 [proto: 125/Skype][cat: VoIP/10][14 pkts/1117 bytes <-> 4 pkts/337 bytes] 22 TCP 192.168.1.34:51253 <-> 64.4.23.166:443 [proto: 91/SSL][cat: Web/5][11 pkts/1164 bytes <-> 3 pkts/268 bytes] 23 TCP 192.168.1.34:51247 <-> 157.56.52.44:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][10 pkts/1077 bytes <-> 4 pkts/351 bytes] 24 TCP 192.168.1.34:51257 <-> 157.55.235.170:40032 [proto: 125/Skype][cat: VoIP/10][14 pkts/1059 bytes <-> 4 pkts/367 bytes] 25 TCP 192.168.1.34:51277 <-> 157.55.235.156:40026 [proto: 125/Skype][cat: VoIP/10][13 pkts/1011 bytes <-> 4 pkts/415 bytes] - 26 TCP 192.168.1.34:51305 <-> 149.13.32.15:13392 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][14 pkts/1093 bytes <-> 4 pkts/333 bytes] + 26 TCP 192.168.1.34:51305 <-> 149.13.32.15:13392 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][14 pkts/1093 bytes <-> 4 pkts/333 bytes] 27 TCP 192.168.1.34:51271 <-> 213.199.179.175:443 [proto: 91/SSL][cat: Web/5][12 pkts/1130 bytes <-> 3 pkts/285 bytes] 28 TCP 192.168.1.34:51280 <-> 157.55.235.146:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][12 pkts/1130 bytes <-> 3 pkts/285 bytes] 29 TCP 192.168.1.34:51281 <-> 157.55.235.156:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][12 pkts/1095 bytes <-> 3 pkts/285 bytes] 30 TCP 192.168.1.34:51240 <-> 111.221.74.45:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][10 pkts/1022 bytes <-> 4 pkts/351 bytes] - 31 TCP 192.168.1.34:51289 <-> 71.238.7.203:18767 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][13 pkts/991 bytes <-> 4 pkts/378 bytes] + 31 TCP 192.168.1.34:51289 <-> 71.238.7.203:18767 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][13 pkts/991 bytes <-> 4 pkts/378 bytes] 32 TCP 192.168.1.34:51272 <-> 157.55.235.152:40029 [proto: 125/Skype][cat: VoIP/10][13 pkts/1006 bytes <-> 4 pkts/361 bytes] 33 TCP 192.168.1.34:51250 <-> 111.221.77.175:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][10 pkts/1012 bytes <-> 4 pkts/351 bytes] - 34 TCP 192.168.1.34:51235 <-> 65.55.223.45:40009 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][13 pkts/976 bytes <-> 4 pkts/365 bytes] + 34 TCP 192.168.1.34:51235 <-> 65.55.223.45:40009 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][13 pkts/976 bytes <-> 4 pkts/365 bytes] 35 TCP 192.168.1.34:51237 <-> 157.55.130.176:40022 [proto: 125/Skype][cat: VoIP/10][13 pkts/986 bytes <-> 4 pkts/344 bytes] 36 TCP 192.168.1.34:51276 <-> 157.55.235.146:40021 [proto: 125/Skype][cat: VoIP/10][13 pkts/981 bytes <-> 4 pkts/348 bytes] 37 TCP 192.168.1.34:51255 <-> 157.55.130.142:40005 [proto: 125/Skype][cat: VoIP/10][13 pkts/1004 bytes <-> 4 pkts/318 bytes] - 38 TCP 192.168.1.34:51251 <-> 64.4.23.166:40029 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][12 pkts/948 bytes <-> 4 pkts/349 bytes] + 38 TCP 192.168.1.34:51251 <-> 64.4.23.166:40029 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][12 pkts/948 bytes <-> 4 pkts/349 bytes] 39 TCP 192.168.1.34:51229 <-> 157.56.52.28:40009 [proto: 125/Skype][cat: VoIP/10][12 pkts/951 bytes <-> 4 pkts/341 bytes] 40 TCP 192.168.1.34:51248 <-> 111.221.77.175:40030 [proto: 125/Skype][cat: VoIP/10][11 pkts/858 bytes <-> 5 pkts/426 bytes] 41 TCP 192.168.1.34:51246 <-> 157.56.52.44:40020 [proto: 125/Skype][cat: VoIP/10][11 pkts/856 bytes <-> 5 pkts/409 bytes] - 42 TCP 192.168.1.34:51288 <-> 76.167.161.6:20274 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][11 pkts/861 bytes <-> 4 pkts/397 bytes] + 42 TCP 192.168.1.34:51288 <-> 76.167.161.6:20274 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][11 pkts/861 bytes <-> 4 pkts/397 bytes] 43 TCP 192.168.1.34:51236 <-> 111.221.74.45:40008 [proto: 125/Skype][cat: VoIP/10][11 pkts/844 bytes <-> 5 pkts/413 bytes] 44 TCP 192.168.1.34:51282 <-> 64.4.23.159:443 [proto: 91/SSL][cat: Web/5][10 pkts/972 bytes <-> 3 pkts/285 bytes] 45 TCP 192.168.1.34:51259 <-> 111.221.77.142:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][10 pkts/902 bytes <-> 4 pkts/351 bytes] 46 TCP 192.168.1.34:51256 <-> 111.221.77.142:40013 [proto: 125/Skype][cat: VoIP/10][11 pkts/815 bytes <-> 5 pkts/423 bytes] - 47 TCP 192.168.1.34:51291 <-> 81.83.77.141:17639 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][12 pkts/942 bytes <-> 3 pkts/284 bytes] - 48 TCP 192.168.1.34:51278 <-> 64.4.23.159:40009 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][11 pkts/832 bytes <-> 4 pkts/387 bytes] + 47 TCP 192.168.1.34:51291 <-> 81.83.77.141:17639 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][12 pkts/942 bytes <-> 3 pkts/284 bytes] + 48 TCP 192.168.1.34:51278 <-> 64.4.23.159:40009 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][11 pkts/832 bytes <-> 4 pkts/387 bytes] 49 TCP 192.168.1.34:51268 <-> 111.221.74.18:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][10 pkts/852 bytes <-> 4 pkts/351 bytes] - 50 TCP 192.168.1.34:51309 <-> 149.13.32.15:13392 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][12 pkts/916 bytes <-> 3 pkts/281 bytes] - 51 TCP 192.168.1.34:51316 <-> 149.13.32.15:13392 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][11 pkts/862 bytes <-> 3 pkts/314 bytes] + 50 TCP 192.168.1.34:51309 <-> 149.13.32.15:13392 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][12 pkts/916 bytes <-> 3 pkts/281 bytes] + 51 TCP 192.168.1.34:51316 <-> 149.13.32.15:13392 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][11 pkts/862 bytes <-> 3 pkts/314 bytes] 52 TCP 192.168.1.34:51267 <-> 111.221.74.18:40025 [proto: 125/Skype][cat: VoIP/10][10 pkts/785 bytes <-> 4 pkts/378 bytes] 53 TCP 192.168.1.34:51232 <-> 157.56.52.28:443 [proto: 91.125/SSL.Skype][cat: VoIP/10][10 pkts/872 bytes <-> 3 pkts/285 bytes] - 54 TCP 192.168.1.34:51298 <-> 82.224.110.241:38895 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][12 pkts/931 bytes <-> 2 pkts/219 bytes] - 55 TCP 192.168.1.34:51313 <-> 212.161.8.36:13392 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][11 pkts/855 bytes <-> 3 pkts/287 bytes] + 54 TCP 192.168.1.34:51298 <-> 82.224.110.241:38895 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][12 pkts/931 bytes <-> 2 pkts/219 bytes] + 55 TCP 192.168.1.34:51313 <-> 212.161.8.36:13392 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][11 pkts/855 bytes <-> 3 pkts/287 bytes] 56 UDP 192.168.1.1:137 <-> 192.168.1.34:137 [proto: 10/NetBIOS][cat: System/18][6 pkts/958 bytes <-> 2 pkts/184 bytes] - 57 TCP 192.168.1.34:51311 <-> 93.79.224.176:14506 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][11 pkts/848 bytes <-> 3 pkts/286 bytes] - 58 TCP 17.143.160.149:5223 <-> 192.168.1.34:50407 [proto: 238.140/ApplePush.Apple][cat: Web/5][4 pkts/674 bytes <-> 4 pkts/444 bytes] + 57 TCP 192.168.1.34:51311 <-> 93.79.224.176:14506 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][11 pkts/848 bytes <-> 3 pkts/286 bytes] + 58 TCP 17.143.160.149:5223 <-> 192.168.1.34:50407 [proto: 238/ApplePush][cat: Cloud/13][4 pkts/674 bytes <-> 4 pkts/444 bytes] 59 UDP 192.168.1.34:17500 -> 192.168.1.255:17500 [proto: 121/Dropbox][cat: Cloud/13][2 pkts/1088 bytes -> 0 pkts/0 bytes] 60 UDP 192.168.1.34:17500 -> 255.255.255.255:17500 [proto: 121/Dropbox][cat: Cloud/13][2 pkts/1088 bytes -> 0 pkts/0 bytes] 61 UDP 192.168.1.92:17500 -> 192.168.1.255:17500 [proto: 121/Dropbox][cat: Cloud/13][2 pkts/1088 bytes -> 0 pkts/0 bytes] 62 UDP 192.168.1.92:17500 -> 255.255.255.255:17500 [proto: 121/Dropbox][cat: Cloud/13][2 pkts/1088 bytes -> 0 pkts/0 bytes] - 63 TCP 192.168.1.34:51318 <-> 212.161.8.36:13392 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][7 pkts/571 bytes <-> 3 pkts/286 bytes] + 63 TCP 192.168.1.34:51318 <-> 212.161.8.36:13392 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][7 pkts/571 bytes <-> 3 pkts/286 bytes] 64 UDP 192.168.1.34:137 -> 192.168.1.255:137 [proto: 10/NetBIOS][cat: System/18][7 pkts/680 bytes -> 0 pkts/0 bytes] 65 TCP 192.168.1.34:51299 <-> 91.190.216.125:12350 [proto: 125/Skype][cat: VoIP/10][6 pkts/353 bytes <-> 5 pkts/306 bytes] 66 UDP 192.168.1.34:58631 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][8 pkts/648 bytes -> 0 pkts/0 bytes][Host: conn.skype.akadns.net] @@ -107,8 +108,8 @@ MS_OneDrive 348 181687 1 93 UDP 192.168.1.34:58061 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][2 pkts/349 bytes -> 0 pkts/0 bytes] 94 UDP 192.168.1.34:59237 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][2 pkts/349 bytes -> 0 pkts/0 bytes] 95 ICMP 192.168.1.1:0 -> 192.168.1.34:0 [proto: 81/ICMP][cat: Network/14][4 pkts/328 bytes -> 0 pkts/0 bytes] - 96 UDP 192.168.1.34:13021 -> 83.31.12.173:23939 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][5 pkts/300 bytes -> 0 pkts/0 bytes] - 97 UDP 192.168.1.34:13021 -> 174.49.171.224:32011 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][5 pkts/300 bytes -> 0 pkts/0 bytes] + 96 UDP 192.168.1.34:13021 -> 83.31.12.173:23939 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][5 pkts/300 bytes -> 0 pkts/0 bytes] + 97 UDP 192.168.1.34:13021 -> 174.49.171.224:32011 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][5 pkts/300 bytes -> 0 pkts/0 bytes] 98 UDP 192.168.1.34:57694 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/101 bytes <-> 1 pkts/166 bytes][Host: db3msgr5011709.gateway.messenger.live.com] 99 UDP [fe80::c62c:3ff:fe06:49fe]:5353 -> [ff02::fb]:5353 [proto: 8/MDNS][cat: Network/14][2 pkts/258 bytes -> 0 pkts/0 bytes] 100 UDP 192.168.1.92:138 -> 192.168.1.255:138 [proto: 10/NetBIOS][cat: System/18][1 pkts/216 bytes -> 0 pkts/0 bytes] @@ -120,153 +121,153 @@ MS_OneDrive 348 181687 1 106 UDP 192.168.1.92:137 -> 192.168.1.255:137 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes -> 0 pkts/0 bytes] 107 UDP 192.168.1.92:53826 -> 192.168.1.255:137 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes -> 0 pkts/0 bytes] 108 UDP 192.168.1.34:61016 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][1 pkts/80 bytes -> 0 pkts/0 bytes][Host: apps.skypeassets.com] - 109 UDP 192.168.1.34:13021 -> 64.4.23.148:40029 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] - 110 UDP 192.168.1.34:13021 -> 64.4.23.171:40031 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] - 111 UDP 192.168.1.34:13021 -> 65.55.223.27:40029 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] - 112 UDP 192.168.1.34:13021 -> 111.221.74.40:40025 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] - 113 UDP 192.168.1.34:13021 -> 111.221.77.151:40029 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] - 114 UDP 192.168.1.34:13021 -> 111.221.77.173:40012 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] - 115 UDP 192.168.1.34:13021 -> 157.55.56.147:40014 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] - 116 UDP 192.168.1.34:13021 -> 157.55.130.167:40031 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] - 117 UDP 192.168.1.34:13021 -> 157.55.235.144:40032 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] - 118 UDP 192.168.1.34:13021 -> 157.56.52.15:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] - 119 UDP 192.168.1.34:13021 -> 213.199.179.141:40015 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] - 120 UDP 192.168.1.34:13021 -> 213.199.179.156:40031 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] - 121 UDP 192.168.1.34:13021 -> 64.4.23.143:40018 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] - 122 UDP 192.168.1.34:13021 -> 111.221.74.28:40026 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] - 123 UDP 192.168.1.34:13021 -> 111.221.77.170:40021 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] - 124 UDP 192.168.1.34:13021 -> 157.56.52.39:40031 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] - 125 UDP 192.168.1.34:13021 -> 157.56.52.43:40006 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] - 126 UDP 192.168.1.34:13021 -> 213.199.179.143:40018 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] - 127 UDP 192.168.1.34:13021 -> 213.199.179.154:40017 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] - 128 UDP 192.168.1.34:13021 -> 213.199.179.165:40004 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] - 129 UDP 192.168.1.34:13021 -> 65.55.223.15:40030 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 130 UDP 192.168.1.34:13021 -> 65.55.223.24:40029 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 131 UDP 192.168.1.34:13021 -> 65.55.223.32:40022 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 132 UDP 192.168.1.34:13021 -> 65.55.223.43:40006 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 133 UDP 192.168.1.34:13021 -> 111.221.74.20:40033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 134 UDP 192.168.1.34:13021 -> 111.221.77.154:40017 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 135 UDP 192.168.1.34:13021 -> 157.55.130.149:40011 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 136 UDP 192.168.1.34:13021 -> 157.55.235.168:40024 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 137 UDP 192.168.1.34:13021 -> 157.56.52.18:33033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 138 UDP 192.168.1.34:13021 -> 157.56.52.20:40033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 139 UDP 192.168.1.34:13021 -> 213.199.179.160:40030 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 140 UDP 192.168.1.34:13021 -> 64.4.23.158:40021 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] - 141 UDP 192.168.1.34:13021 -> 64.4.23.173:40017 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] - 142 UDP 192.168.1.34:13021 -> 65.55.223.42:40024 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] - 143 UDP 192.168.1.34:13021 -> 65.55.223.44:40020 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] - 144 UDP 192.168.1.34:13021 -> 111.221.74.33:40011 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] - 145 UDP 192.168.1.34:13021 -> 111.221.77.165:40004 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] - 146 UDP 192.168.1.34:13021 -> 157.55.56.140:40003 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] - 147 UDP 192.168.1.34:13021 -> 157.55.56.170:40015 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] - 148 UDP 192.168.1.34:13021 -> 157.55.130.165:40028 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] - 149 UDP 192.168.1.34:13021 -> 157.55.130.170:40018 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] - 150 UDP 192.168.1.34:13021 -> 157.55.235.146:33033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] - 151 UDP 192.168.1.34:13021 -> 157.56.52.25:40010 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] - 152 UDP 192.168.1.34:13021 -> 213.199.179.172:40011 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] - 153 UDP 192.168.1.34:13021 -> 64.4.23.165:40004 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] - 154 UDP 192.168.1.34:13021 -> 111.221.77.149:40016 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] - 155 UDP 192.168.1.34:13021 -> 157.55.235.148:40033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] - 156 UDP 192.168.1.34:13021 -> 157.56.52.13:40021 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] - 157 UDP 192.168.1.34:13021 -> 157.56.52.38:40015 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] - 158 UDP 192.168.1.34:13021 -> 157.56.52.42:40005 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] - 159 UDP 192.168.1.34:13021 -> 213.199.179.146:33033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] - 160 UDP 192.168.1.34:13021 -> 64.4.23.155:40004 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] - 161 UDP 192.168.1.34:13021 -> 65.55.223.22:40009 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] - 162 UDP 192.168.1.34:13021 -> 65.55.223.28:40014 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] - 163 UDP 192.168.1.34:13021 -> 65.55.223.33:40002 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] - 164 UDP 192.168.1.34:13021 -> 157.55.235.155:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] - 165 UDP 192.168.1.34:13021 -> 157.55.235.175:40023 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] - 166 UDP 192.168.1.34:13021 -> 64.4.23.145:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] - 167 UDP 192.168.1.34:13021 -> 111.221.74.19:40001 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] - 168 UDP 192.168.1.34:13021 -> 111.221.74.34:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] - 169 UDP 192.168.1.34:13021 -> 157.55.130.146:40033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] - 170 UDP 192.168.1.34:13021 -> 157.55.235.158:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] - 171 UDP 192.168.1.34:13021 -> 157.55.235.176:40031 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] - 172 UDP 192.168.1.34:13021 -> 213.199.179.149:40030 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] - 173 UDP 192.168.1.34:13021 -> 64.4.23.142:40023 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] - 174 UDP 192.168.1.34:13021 -> 111.221.74.24:40032 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] - 175 UDP 192.168.1.34:13021 -> 111.221.77.159:40031 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] - 176 UDP 192.168.1.34:13021 -> 157.55.56.142:40013 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] - 177 UDP 192.168.1.34:13021 -> 157.55.56.145:40008 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] - 178 UDP 192.168.1.34:13021 -> 157.55.130.140:40011 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] - 179 UDP 192.168.1.34:13021 -> 157.55.130.148:40019 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] - 180 UDP 192.168.1.34:13021 -> 157.55.130.152:40022 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] - 181 UDP 192.168.1.34:13021 -> 157.55.130.173:40003 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] - 182 UDP 192.168.1.34:13021 -> 157.55.235.174:40019 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] - 183 UDP 192.168.1.34:13021 -> 157.56.52.27:40025 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] - 184 UDP 192.168.1.34:13021 -> 213.199.179.173:40013 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] - 185 UDP 192.168.1.34:13021 -> 64.4.23.149:40030 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] - 186 UDP 192.168.1.34:13021 -> 65.55.223.13:40009 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] - 187 UDP 192.168.1.34:13021 -> 111.221.74.15:40026 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] - 188 UDP 192.168.1.34:13021 -> 157.55.56.146:40030 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] - 189 UDP 192.168.1.34:13021 -> 157.55.130.150:40007 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] - 190 UDP 192.168.1.34:13021 -> 157.55.130.171:40012 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] - 191 UDP 192.168.1.34:13021 -> 157.55.235.143:40030 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] - 192 UDP 192.168.1.34:13021 -> 157.56.52.33:40002 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] - 193 UDP 192.168.1.34:13021 -> 213.199.179.174:40025 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] - 194 UDP 192.168.1.34:13021 -> 64.4.23.154:40032 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 195 UDP 192.168.1.34:13021 -> 65.55.223.16:40032 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 196 UDP 192.168.1.34:13021 -> 65.55.223.17:40025 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 197 UDP 192.168.1.34:13021 -> 65.55.223.65:33033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 198 UDP 192.168.1.34:13021 -> 111.221.74.27:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 199 UDP 192.168.1.34:13021 -> 111.221.74.44:40019 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 200 UDP 192.168.1.34:13021 -> 111.221.77.146:33033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 201 UDP 192.168.1.34:13021 -> 111.221.77.160:40016 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 202 UDP 192.168.1.34:13021 -> 157.56.52.24:40032 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 203 UDP 192.168.1.34:13021 -> 213.199.179.140:40003 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 204 UDP 192.168.1.34:13021 -> 64.4.23.151:40029 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] - 205 UDP 192.168.1.34:13021 -> 64.4.23.176:40001 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] - 206 UDP 192.168.1.34:13021 -> 157.55.130.146:33033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] - 207 UDP 192.168.1.34:13021 -> 157.55.235.172:40020 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] - 208 UDP 192.168.1.34:13021 -> 213.199.179.144:40009 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] - 209 UDP 192.168.1.34:13021 -> 111.221.77.145:40024 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] - 210 UDP 192.168.1.34:13021 -> 157.55.56.150:40014 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] - 211 UDP 192.168.1.34:13021 -> 157.55.130.175:40006 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] - 212 UDP 192.168.1.34:13021 -> 157.55.235.160:40022 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] - 213 UDP 192.168.1.34:13021 -> 157.56.52.19:40020 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] - 214 UDP 192.168.1.34:13021 -> 213.199.179.146:40030 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] - 215 UDP 192.168.1.34:13021 -> 64.4.23.140:40003 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 216 UDP 192.168.1.34:13021 -> 65.55.223.18:33033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 217 UDP 192.168.1.34:13021 -> 65.55.223.18:40025 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 218 UDP 192.168.1.34:13021 -> 111.221.74.18:33033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 219 UDP 192.168.1.34:13021 -> 111.221.74.42:40006 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 220 UDP 192.168.1.34:13021 -> 111.221.74.43:40001 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 221 UDP 192.168.1.34:13021 -> 111.221.74.46:40027 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 222 UDP 192.168.1.34:13021 -> 111.221.77.143:40022 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 223 UDP 192.168.1.34:13021 -> 157.55.56.161:40031 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 224 UDP 192.168.1.34:13021 -> 157.55.56.167:40024 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 225 UDP 192.168.1.34:13021 -> 157.55.130.144:40016 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 226 UDP 192.168.1.34:13021 -> 157.55.130.160:40008 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 227 UDP 192.168.1.34:13021 -> 157.55.235.166:40015 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 228 UDP 192.168.1.34:13021 -> 157.56.52.12:40031 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 229 UDP 192.168.1.34:13021 -> 157.56.52.29:40010 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 230 UDP 192.168.1.34:13021 -> 64.4.23.146:33033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] - 231 UDP 192.168.1.34:13021 -> 64.4.23.170:40011 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] - 232 UDP 192.168.1.34:13021 -> 65.55.223.20:40023 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] - 233 UDP 192.168.1.34:13021 -> 157.55.56.143:40018 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] - 234 UDP 192.168.1.34:13021 -> 157.55.130.154:40013 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] - 235 UDP 192.168.1.34:13021 -> 157.55.235.162:40033 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] - 236 UDP 192.168.1.34:13021 -> 157.55.235.171:40006 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] - 237 UDP 192.168.1.34:13021 -> 157.56.52.16:40032 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] - 238 UDP 192.168.1.34:13021 -> 157.56.52.17:40013 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] - 239 UDP 192.168.1.34:13021 -> 111.221.74.13:40009 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] - 240 UDP 192.168.1.34:13021 -> 111.221.74.38:40015 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] - 241 UDP 192.168.1.34:13021 -> 111.221.77.171:40030 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] - 242 UDP 192.168.1.34:13021 -> 157.55.130.156:40019 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] - 243 UDP 192.168.1.34:13021 -> 157.55.130.157:40013 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] - 244 UDP 192.168.1.34:13021 -> 157.55.130.159:40016 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] - 245 UDP 192.168.1.34:13021 -> 157.55.235.167:40029 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] - 246 UDP 192.168.1.34:13021 -> 157.56.52.40:40017 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] - 247 UDP 192.168.1.34:13021 -> 213.199.179.145:40024 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] + 109 UDP 192.168.1.34:13021 -> 64.4.23.148:40029 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] + 110 UDP 192.168.1.34:13021 -> 64.4.23.171:40031 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] + 111 UDP 192.168.1.34:13021 -> 65.55.223.27:40029 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] + 112 UDP 192.168.1.34:13021 -> 111.221.74.40:40025 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] + 113 UDP 192.168.1.34:13021 -> 111.221.77.151:40029 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] + 114 UDP 192.168.1.34:13021 -> 111.221.77.173:40012 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] + 115 UDP 192.168.1.34:13021 -> 157.55.56.147:40014 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] + 116 UDP 192.168.1.34:13021 -> 157.55.130.167:40031 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] + 117 UDP 192.168.1.34:13021 -> 157.55.235.144:40032 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] + 118 UDP 192.168.1.34:13021 -> 157.56.52.15:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] + 119 UDP 192.168.1.34:13021 -> 213.199.179.141:40015 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] + 120 UDP 192.168.1.34:13021 -> 213.199.179.156:40031 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] + 121 UDP 192.168.1.34:13021 -> 64.4.23.143:40018 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] + 122 UDP 192.168.1.34:13021 -> 111.221.74.28:40026 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] + 123 UDP 192.168.1.34:13021 -> 111.221.77.170:40021 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] + 124 UDP 192.168.1.34:13021 -> 157.56.52.39:40031 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] + 125 UDP 192.168.1.34:13021 -> 157.56.52.43:40006 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] + 126 UDP 192.168.1.34:13021 -> 213.199.179.143:40018 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] + 127 UDP 192.168.1.34:13021 -> 213.199.179.154:40017 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] + 128 UDP 192.168.1.34:13021 -> 213.199.179.165:40004 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] + 129 UDP 192.168.1.34:13021 -> 65.55.223.15:40030 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 130 UDP 192.168.1.34:13021 -> 65.55.223.24:40029 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 131 UDP 192.168.1.34:13021 -> 65.55.223.32:40022 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 132 UDP 192.168.1.34:13021 -> 65.55.223.43:40006 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 133 UDP 192.168.1.34:13021 -> 111.221.74.20:40033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 134 UDP 192.168.1.34:13021 -> 111.221.77.154:40017 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 135 UDP 192.168.1.34:13021 -> 157.55.130.149:40011 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 136 UDP 192.168.1.34:13021 -> 157.55.235.168:40024 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 137 UDP 192.168.1.34:13021 -> 157.56.52.18:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 138 UDP 192.168.1.34:13021 -> 157.56.52.20:40033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 139 UDP 192.168.1.34:13021 -> 213.199.179.160:40030 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] + 140 UDP 192.168.1.34:13021 -> 64.4.23.158:40021 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] + 141 UDP 192.168.1.34:13021 -> 64.4.23.173:40017 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] + 142 UDP 192.168.1.34:13021 -> 65.55.223.42:40024 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] + 143 UDP 192.168.1.34:13021 -> 65.55.223.44:40020 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] + 144 UDP 192.168.1.34:13021 -> 111.221.74.33:40011 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] + 145 UDP 192.168.1.34:13021 -> 111.221.77.165:40004 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] + 146 UDP 192.168.1.34:13021 -> 157.55.56.140:40003 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] + 147 UDP 192.168.1.34:13021 -> 157.55.56.170:40015 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] + 148 UDP 192.168.1.34:13021 -> 157.55.130.165:40028 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] + 149 UDP 192.168.1.34:13021 -> 157.55.130.170:40018 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] + 150 UDP 192.168.1.34:13021 -> 157.55.235.146:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] + 151 UDP 192.168.1.34:13021 -> 157.56.52.25:40010 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] + 152 UDP 192.168.1.34:13021 -> 213.199.179.172:40011 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] + 153 UDP 192.168.1.34:13021 -> 64.4.23.165:40004 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] + 154 UDP 192.168.1.34:13021 -> 111.221.77.149:40016 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] + 155 UDP 192.168.1.34:13021 -> 157.55.235.148:40033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] + 156 UDP 192.168.1.34:13021 -> 157.56.52.13:40021 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] + 157 UDP 192.168.1.34:13021 -> 157.56.52.38:40015 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] + 158 UDP 192.168.1.34:13021 -> 157.56.52.42:40005 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] + 159 UDP 192.168.1.34:13021 -> 213.199.179.146:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] + 160 UDP 192.168.1.34:13021 -> 64.4.23.155:40004 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] + 161 UDP 192.168.1.34:13021 -> 65.55.223.22:40009 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] + 162 UDP 192.168.1.34:13021 -> 65.55.223.28:40014 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] + 163 UDP 192.168.1.34:13021 -> 65.55.223.33:40002 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] + 164 UDP 192.168.1.34:13021 -> 157.55.235.155:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] + 165 UDP 192.168.1.34:13021 -> 157.55.235.175:40023 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] + 166 UDP 192.168.1.34:13021 -> 64.4.23.145:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] + 167 UDP 192.168.1.34:13021 -> 111.221.74.19:40001 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] + 168 UDP 192.168.1.34:13021 -> 111.221.74.34:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] + 169 UDP 192.168.1.34:13021 -> 157.55.130.146:40033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] + 170 UDP 192.168.1.34:13021 -> 157.55.235.158:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] + 171 UDP 192.168.1.34:13021 -> 157.55.235.176:40031 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] + 172 UDP 192.168.1.34:13021 -> 213.199.179.149:40030 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] + 173 UDP 192.168.1.34:13021 -> 64.4.23.142:40023 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] + 174 UDP 192.168.1.34:13021 -> 111.221.74.24:40032 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] + 175 UDP 192.168.1.34:13021 -> 111.221.77.159:40031 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] + 176 UDP 192.168.1.34:13021 -> 157.55.56.142:40013 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] + 177 UDP 192.168.1.34:13021 -> 157.55.56.145:40008 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] + 178 UDP 192.168.1.34:13021 -> 157.55.130.140:40011 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] + 179 UDP 192.168.1.34:13021 -> 157.55.130.148:40019 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] + 180 UDP 192.168.1.34:13021 -> 157.55.130.152:40022 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] + 181 UDP 192.168.1.34:13021 -> 157.55.130.173:40003 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] + 182 UDP 192.168.1.34:13021 -> 157.55.235.174:40019 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] + 183 UDP 192.168.1.34:13021 -> 157.56.52.27:40025 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] + 184 UDP 192.168.1.34:13021 -> 213.199.179.173:40013 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] + 185 UDP 192.168.1.34:13021 -> 64.4.23.149:40030 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] + 186 UDP 192.168.1.34:13021 -> 65.55.223.13:40009 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] + 187 UDP 192.168.1.34:13021 -> 111.221.74.15:40026 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] + 188 UDP 192.168.1.34:13021 -> 157.55.56.146:40030 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] + 189 UDP 192.168.1.34:13021 -> 157.55.130.150:40007 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] + 190 UDP 192.168.1.34:13021 -> 157.55.130.171:40012 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] + 191 UDP 192.168.1.34:13021 -> 157.55.235.143:40030 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] + 192 UDP 192.168.1.34:13021 -> 157.56.52.33:40002 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] + 193 UDP 192.168.1.34:13021 -> 213.199.179.174:40025 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] + 194 UDP 192.168.1.34:13021 -> 64.4.23.154:40032 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 195 UDP 192.168.1.34:13021 -> 65.55.223.16:40032 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 196 UDP 192.168.1.34:13021 -> 65.55.223.17:40025 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 197 UDP 192.168.1.34:13021 -> 65.55.223.65:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 198 UDP 192.168.1.34:13021 -> 111.221.74.27:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 199 UDP 192.168.1.34:13021 -> 111.221.74.44:40019 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 200 UDP 192.168.1.34:13021 -> 111.221.77.146:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 201 UDP 192.168.1.34:13021 -> 111.221.77.160:40016 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 202 UDP 192.168.1.34:13021 -> 157.56.52.24:40032 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 203 UDP 192.168.1.34:13021 -> 213.199.179.140:40003 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] + 204 UDP 192.168.1.34:13021 -> 64.4.23.151:40029 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] + 205 UDP 192.168.1.34:13021 -> 64.4.23.176:40001 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] + 206 UDP 192.168.1.34:13021 -> 157.55.130.146:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] + 207 UDP 192.168.1.34:13021 -> 157.55.235.172:40020 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] + 208 UDP 192.168.1.34:13021 -> 213.199.179.144:40009 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] + 209 UDP 192.168.1.34:13021 -> 111.221.77.145:40024 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] + 210 UDP 192.168.1.34:13021 -> 157.55.56.150:40014 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] + 211 UDP 192.168.1.34:13021 -> 157.55.130.175:40006 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] + 212 UDP 192.168.1.34:13021 -> 157.55.235.160:40022 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] + 213 UDP 192.168.1.34:13021 -> 157.56.52.19:40020 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] + 214 UDP 192.168.1.34:13021 -> 213.199.179.146:40030 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] + 215 UDP 192.168.1.34:13021 -> 64.4.23.140:40003 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 216 UDP 192.168.1.34:13021 -> 65.55.223.18:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 217 UDP 192.168.1.34:13021 -> 65.55.223.18:40025 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 218 UDP 192.168.1.34:13021 -> 111.221.74.18:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 219 UDP 192.168.1.34:13021 -> 111.221.74.42:40006 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 220 UDP 192.168.1.34:13021 -> 111.221.74.43:40001 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 221 UDP 192.168.1.34:13021 -> 111.221.74.46:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 222 UDP 192.168.1.34:13021 -> 111.221.77.143:40022 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 223 UDP 192.168.1.34:13021 -> 157.55.56.161:40031 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 224 UDP 192.168.1.34:13021 -> 157.55.56.167:40024 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 225 UDP 192.168.1.34:13021 -> 157.55.130.144:40016 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 226 UDP 192.168.1.34:13021 -> 157.55.130.160:40008 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 227 UDP 192.168.1.34:13021 -> 157.55.235.166:40015 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 228 UDP 192.168.1.34:13021 -> 157.56.52.12:40031 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 229 UDP 192.168.1.34:13021 -> 157.56.52.29:40010 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] + 230 UDP 192.168.1.34:13021 -> 64.4.23.146:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] + 231 UDP 192.168.1.34:13021 -> 64.4.23.170:40011 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] + 232 UDP 192.168.1.34:13021 -> 65.55.223.20:40023 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] + 233 UDP 192.168.1.34:13021 -> 157.55.56.143:40018 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] + 234 UDP 192.168.1.34:13021 -> 157.55.130.154:40013 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] + 235 UDP 192.168.1.34:13021 -> 157.55.235.162:40033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] + 236 UDP 192.168.1.34:13021 -> 157.55.235.171:40006 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] + 237 UDP 192.168.1.34:13021 -> 157.56.52.16:40032 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] + 238 UDP 192.168.1.34:13021 -> 157.56.52.17:40013 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] + 239 UDP 192.168.1.34:13021 -> 111.221.74.13:40009 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] + 240 UDP 192.168.1.34:13021 -> 111.221.74.38:40015 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] + 241 UDP 192.168.1.34:13021 -> 111.221.77.171:40030 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] + 242 UDP 192.168.1.34:13021 -> 157.55.130.156:40019 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] + 243 UDP 192.168.1.34:13021 -> 157.55.130.157:40013 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] + 244 UDP 192.168.1.34:13021 -> 157.55.130.159:40016 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] + 245 UDP 192.168.1.34:13021 -> 157.55.235.167:40029 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] + 246 UDP 192.168.1.34:13021 -> 157.56.52.40:40017 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] + 247 UDP 192.168.1.34:13021 -> 213.199.179.145:40024 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] 248 IGMP 192.168.1.219:0 -> 224.0.0.22:0 [proto: 82/IGMP][cat: Network/14][1 pkts/60 bytes -> 0 pkts/0 bytes] 249 IGMP 192.168.1.219:0 -> 233.89.188.1:0 [proto: 82/IGMP][cat: Network/14][1 pkts/60 bytes -> 0 pkts/0 bytes] 250 IGMP 192.168.1.229:0 -> 224.0.0.251:0 [proto: 82/IGMP][cat: Network/14][1 pkts/60 bytes -> 0 pkts/0 bytes] - 251 UDP 192.168.1.34:13021 -> 111.221.74.14:443 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes] - 252 UDP 192.168.1.34:13021 -> 133.236.67.25:49195 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes] - 253 UDP 192.168.1.34:13021 -> 157.55.235.141:443 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes] - 254 UDP 192.168.1.34:13021 -> 189.138.161.88:19521 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes] - 255 UDP 192.168.1.34:13021 -> 189.188.134.174:22436 [proto: 125.49/Skype.SkypeCallIn][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes] + 251 UDP 192.168.1.34:13021 -> 111.221.74.14:443 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes] + 252 UDP 192.168.1.34:13021 -> 133.236.67.25:49195 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes] + 253 UDP 192.168.1.34:13021 -> 157.55.235.141:443 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes] + 254 UDP 192.168.1.34:13021 -> 189.138.161.88:19521 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes] + 255 UDP 192.168.1.34:13021 -> 189.188.134.174:22436 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes] 256 IGMP 192.168.0.254:0 -> 224.0.0.1:0 [proto: 82/IGMP][cat: Network/14][1 pkts/46 bytes -> 0 pkts/0 bytes] diff --git a/tests/result/whatsapp_login_call.pcap.out b/tests/result/whatsapp_login_call.pcap.out index 701215a49..666b3d70a 100644 --- a/tests/result/whatsapp_login_call.pcap.out +++ b/tests/result/whatsapp_login_call.pcap.out @@ -4,14 +4,14 @@ MDNS 8 952 4 DHCP 10 3420 1 ICMP 10 700 1 SSL 8 589 2 -Facebook 44 7818 2 Dropbox 4 2176 1 -Apple 127 28102 20 +Apple 105 22176 19 WhatsApp 182 25154 2 Spotify 3 258 1 Messenger 70 9464 14 -WhatsAppVoice 662 83338 2 +WhatsAppVoice 706 91156 4 AppleStore 85 28087 2 +ApplePush 22 5926 1 1 UDP 192.168.2.4:51518 <-> 91.253.176.65:9344 [proto: 189/WhatsAppVoice][cat: VoIP/10][186 pkts/27025 bytes <-> 278 pkts/25895 bytes] 2 UDP 192.168.2.4:52794 <-> 91.253.176.65:9665 [proto: 189/WhatsAppVoice][cat: VoIP/10][141 pkts/17530 bytes <-> 57 pkts/12888 bytes] @@ -19,10 +19,10 @@ AppleStore 85 28087 2 4 TCP 192.168.2.4:49204 <-> 17.173.66.102:443 [proto: 91.224/SSL.AppleStore][cat: SoftwareUpdate/19][29 pkts/11770 bytes <-> 24 pkts/6612 bytes][client: p53-buy.itunes.apple.com] 5 TCP 192.168.2.4:49201 <-> 17.178.104.12:443 [proto: 91.140/SSL.Apple][cat: Web/5][21 pkts/7644 bytes <-> 17 pkts/9576 bytes][client: query.ess.apple.com][server: *.ess.apple.com] 6 TCP 192.168.2.4:49205 <-> 17.173.66.102:443 [proto: 91.224/SSL.AppleStore][cat: SoftwareUpdate/19][17 pkts/6166 bytes <-> 15 pkts/3539 bytes][client: p53-buy.itunes.apple.com] - 7 TCP 192.168.2.4:49193 <-> 17.110.229.14:5223 [proto: 238.140/ApplePush.Apple][cat: Web/5][11 pkts/4732 bytes <-> 11 pkts/1194 bytes] - 8 UDP 192.168.2.4:51518 <-> 31.13.93.48:3478 [proto: 189.119/WhatsAppVoice.Facebook][cat: SocialNetwork/6][12 pkts/2341 bytes <-> 12 pkts/2484 bytes] + 7 TCP 192.168.2.4:49193 <-> 17.110.229.14:5223 [proto: 238/ApplePush][cat: Cloud/13][11 pkts/4732 bytes <-> 11 pkts/1194 bytes] + 8 UDP 192.168.2.4:51518 <-> 31.13.93.48:3478 [proto: 189/WhatsAppVoice][cat: VoIP/10][12 pkts/2341 bytes <-> 12 pkts/2484 bytes] 9 UDP 0.0.0.0:68 -> 255.255.255.255:67 [proto: 18/DHCP][cat: Network/14][10 pkts/3420 bytes -> 0 pkts/0 bytes][Host: lucas-imac] - 10 UDP 192.168.2.4:52794 <-> 31.13.84.48:3478 [proto: 189.119/WhatsAppVoice.Facebook][cat: SocialNetwork/6][9 pkts/1842 bytes <-> 11 pkts/1151 bytes] + 10 UDP 192.168.2.4:52794 <-> 31.13.84.48:3478 [proto: 189/WhatsAppVoice][cat: VoIP/10][9 pkts/1842 bytes <-> 11 pkts/1151 bytes] 11 UDP 192.168.2.1:17500 -> 192.168.2.255:17500 [proto: 121/Dropbox][cat: Cloud/13][4 pkts/2176 bytes -> 0 pkts/0 bytes] 12 TCP 192.168.2.4:49199 <-> 17.172.100.70:993 [proto: 51.140/IMAPS.Apple][cat: Web/5][9 pkts/1130 bytes <-> 8 pkts/868 bytes] 13 ICMP 192.168.2.4:0 -> 91.253.176.65:0 [proto: 81/ICMP][cat: Network/14][10 pkts/700 bytes -> 0 pkts/0 bytes] diff --git a/tests/result/whatsapp_login_chat.pcap.out b/tests/result/whatsapp_login_chat.pcap.out index 51ce4456a..324b0cd4c 100644 --- a/tests/result/whatsapp_login_chat.pcap.out +++ b/tests/result/whatsapp_login_chat.pcap.out @@ -1,13 +1,14 @@ MDNS 2 202 2 DHCP 6 2052 1 Dropbox 2 1088 1 -Apple 50 23466 2 +Apple 44 21371 1 WhatsApp 32 3243 2 Spotify 1 86 1 +ApplePush 6 2095 1 1 TCP 192.168.2.4:49205 <-> 17.173.66.102:443 [proto: 91.140/SSL.Apple][cat: Web/5][24 pkts/15117 bytes <-> 20 pkts/6254 bytes] 2 TCP 192.168.2.4:49206 <-> 158.85.58.15:5222 [proto: 142/WhatsApp][cat: Chat/9][17 pkts/1794 bytes <-> 13 pkts/1169 bytes] - 3 TCP 17.110.229.14:5223 -> 192.168.2.4:49193 [proto: 238.140/ApplePush.Apple][cat: Web/5][6 pkts/2095 bytes -> 0 pkts/0 bytes] + 3 TCP 17.110.229.14:5223 -> 192.168.2.4:49193 [proto: 238/ApplePush][cat: Cloud/13][6 pkts/2095 bytes -> 0 pkts/0 bytes] 4 UDP 0.0.0.0:68 -> 255.255.255.255:67 [proto: 18/DHCP][cat: Network/14][6 pkts/2052 bytes -> 0 pkts/0 bytes][Host: lucas-imac] 5 UDP 192.168.2.1:17500 -> 192.168.2.255:17500 [proto: 121/Dropbox][cat: Cloud/13][2 pkts/1088 bytes -> 0 pkts/0 bytes] 6 UDP 192.168.2.4:61697 <-> 192.168.2.1:53 [proto: 5.142/DNS.WhatsApp][cat: Chat/9][1 pkts/76 bytes <-> 1 pkts/204 bytes][Host: e12.whatsapp.net] -- cgit v1.2.3