From 6027a7c7995eda54905f126f3495b4fea8515c5c Mon Sep 17 00:00:00 2001
From: Ivan Nardi <12729895+IvanNardi@users.noreply.github.com>
Date: Wed, 21 Oct 2020 22:27:42 +0200
Subject: Fix parsing of DLT_PPP datalink type (#1042)

---
 tests/pcap/dlt_ppp.pcap       | Bin 0 -> 1270 bytes
 tests/result/dlt_ppp.pcap.out |   8 ++++++++
 2 files changed, 8 insertions(+)
 create mode 100644 tests/pcap/dlt_ppp.pcap
 create mode 100644 tests/result/dlt_ppp.pcap.out

(limited to 'tests')

diff --git a/tests/pcap/dlt_ppp.pcap b/tests/pcap/dlt_ppp.pcap
new file mode 100644
index 000000000..feef559d0
Binary files /dev/null and b/tests/pcap/dlt_ppp.pcap differ
diff --git a/tests/result/dlt_ppp.pcap.out b/tests/result/dlt_ppp.pcap.out
new file mode 100644
index 000000000..fe4e41782
--- /dev/null
+++ b/tests/result/dlt_ppp.pcap.out
@@ -0,0 +1,8 @@
+QUIC	1	1230	1
+
+JA3 Host Stats: 
+		 IP Address                  	 # JA3C     
+	1	 193.167.0.252            	 1      
+
+
+	1	UDP 193.167.0.252:44083 -> 193.167.100.100:443 [proto: 188/QUIC][cat: Web/5][1 pkts/1230 bytes -> 0 pkts/0 bytes][Goodput ratio: 97/0][< 1 sec][ALPN: hq-29][TLS Supported Versions: TLSv1.3;TLSv1.3 (draft);TLSv1.3 (draft);TLSv1.3 (draft)][TLSv1.3][Client: server4][JA3C: fe94e313a5d76fb687c85443cdfa8170][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0]
-- 
cgit v1.2.3