tests/cfgs/default/result/capwap.pcap.out


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41

DPI Packets (UDP):	7	(1.17 pkts/flow)
DPI Packets (other):	4	(1.00 pkts/flow)
Confidence DPI              : 10 (flows)
Num dissector calls: 10 (1.00 diss/flow)
LRU cache ookla:      0/0/0 (insert/search/found)
LRU cache bittorrent: 0/0/0 (insert/search/found)
LRU cache stun:       0/0/0 (insert/search/found)
LRU cache tls_cert:   0/0/0 (insert/search/found)
LRU cache mining:     0/0/0 (insert/search/found)
LRU cache msteams:    0/0/0 (insert/search/found)
LRU cache fpc_dns:    0/0/0 (insert/search/found)
Automa host:          2/0 (search/found)
Automa domain:        2/0 (search/found)
Automa tls cert:      0/0 (search/found)
Automa risk mask:     0/0 (search/found)
Automa common alpns:  0/0 (search/found)
Patricia risk mask:   6/0 (search/found)
Patricia risk mask IPv6: 0/0 (search/found)
Patricia risk:        1/0 (search/found)
Patricia risk IPv6:   3/0 (search/found)
Patricia protocols:   14/0 (search/found)
Patricia protocols IPv6: 6/0 (search/found)

DNS	2	166	1
DHCP	5	2090	1
IGMP	1	122	1
ICMPV6	5	790	3
CAPWAP	379	94439	4

Acceptable                     392 97607         10           

	1	UDP 192.168.10.9:5246 <-> 192.168.10.10:12380 [proto: 247/CAPWAP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 247/CAPWAP, Confidence: DPI][DPI packets: 1][cat: Network/14][106 pkts/26144 bytes <-> 111 pkts/37530 bytes][Goodput ratio: 83/88][169.10 sec][bytes ratio: -0.179 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 1421/1619 21349/21721 3881/4475][Pkt Len c2s/s2c min/avg/max/stddev: 106/115 247/338 1499/1499 292/381][PLAIN TEXT (Cisco Systems)][Plen Bins: 0,0,30,47,2,6,0,0,2,0,0,0,0,0,1,0,0,1,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,4,1,0,0]
	2	UDP 192.168.10.10:12380 <-> 192.168.10.9:5247 [proto: 247/CAPWAP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 247/CAPWAP, Confidence: DPI][DPI packets: 1][cat: Network/14][156 pkts/29830 bytes <-> 1 pkts/168 bytes][Goodput ratio: 78/75][157.99 sec][bytes ratio: 0.989 (Upload)][IAT c2s/s2c min/avg/max/stddev: 3/0 1036/0 4999/0 902/0][Pkt Len c2s/s2c min/avg/max/stddev: 93/168 191/168 470/168 70/0][Plen Bins: 0,0,21,27,11,19,5,9,4,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
	3	UDP 0.0.0.0:68 -> 255.255.255.255:67 [proto: CAPWAP:18/DHCP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 18/DHCP, Confidence: DPI][DPI packets: 1][cat: Network/14][5 pkts/2090 bytes -> 0 pkts/0 bytes][Goodput ratio: 72/0][59.44 sec][Hostname/SNI: kawai-ipad3][DHCP Fingerprint: 1,3,6,15,119,252][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
	4	UDP 192.168.10.10:12380 -> 255.255.255.255:5246 [proto: 247/CAPWAP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 247/CAPWAP, Confidence: DPI][DPI packets: 1][cat: Network/14][4 pkts/660 bytes -> 0 pkts/0 bytes][Goodput ratio: 74/0][130.41 sec][PLAIN TEXT (838.61f)][Plen Bins: 0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
	5	ICMPV6 [fe80::fd:7a4c:8d72:7710]:0 -> [ff02::16]:0 [proto: CAPWAP:102/ICMPV6][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 102/ICMPV6, Confidence: DPI][DPI packets: 1][cat: Network/14][2 pkts/352 bytes -> 0 pkts/0 bytes][Goodput ratio: 17/0][4.56 sec][Plen Bins: 50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
	6	ICMPV6 [fe80::fd:7a4c:8d72:7710]:0 -> [ff02::2]:0 [proto: CAPWAP:102/ICMPV6][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 102/ICMPV6, Confidence: DPI][DPI packets: 1][cat: Network/14][2 pkts/284 bytes -> 0 pkts/0 bytes][Goodput ratio: 3/0][8.33 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
	7	UDP 192.168.10.10:49259 -> 255.255.255.255:53 [proto: 5/DNS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 5/DNS, Confidence: DPI][DPI packets: 2][cat: Network/14][2 pkts/166 bytes -> 0 pkts/0 bytes][Goodput ratio: 49/0][3.00 sec][Hostname/SNI: cisco-capwap-controller][::][PLAIN TEXT (CAPWAP)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
	8	ICMPV6 [::]:0 -> [ff02::1:ff72:7710]:0 [proto: CAPWAP:102/ICMPV6][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 102/ICMPV6, Confidence: DPI][DPI packets: 1][cat: Network/14][1 pkts/154 bytes -> 0 pkts/0 bytes][Goodput ratio: 10/0][< 1 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
	9	IGMP 169.254.87.121:0 -> 224.0.0.251:0 [proto: CAPWAP:82/IGMP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 82/IGMP, Confidence: DPI][DPI packets: 1][cat: Network/14][1 pkts/122 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
	10	UDP 192.168.10.9:5246 -> 192.168.10.10:12379 [proto: 247/CAPWAP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 247/CAPWAP, Confidence: DPI][DPI packets: 1][cat: Network/14][1 pkts/107 bytes -> 0 pkts/0 bytes][Goodput ratio: 60/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]