diff options
| author | Toni Uhlig <matzeton@googlemail.com> | 2021-06-18 13:31:37 +0200 |
|---|---|---|
| committer | Toni Uhlig <matzeton@googlemail.com> | 2021-06-18 13:37:44 +0200 |
| commit | 114365a48012609d3d7930157b1b65d01face636 (patch) | |
| tree | 03697bf3620035e818b864eaa9a0a106e0d93027 | |
| parent | db87d45edb175572112aa08840f08bc7c61cadcb (diff) | |
Enable memory profiling for nDPId-test.
* print a summary
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
213 files changed, 2401 insertions, 9 deletions
diff --git a/CMakeLists.txt b/CMakeLists.txt index 997c45162..450e9a432 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -63,6 +63,8 @@ if(ENABLE_MEMORY_PROFILING) add_definitions("-DENABLE_MEMORY_PROFILING=1" "-Duthash_malloc=nDPIsrvd_uthash_malloc" "-Duthash_free=nDPIsrvd_uthash_free") +else() + set(NDPID_TEST_MPROF_DEFS "-DENABLE_MEMORY_PROFILING=1") endif() if(ENABLE_ZLIB) @@ -173,7 +175,7 @@ target_include_directories(nDPId-test PRIVATE target_compile_options(nDPId-test PRIVATE "-Wno-unused-function" "-pthread") target_compile_definitions(nDPId-test PRIVATE ${NDPID_DEFS} ${ZLIB_DEFS}) target_include_directories(nDPId-test PRIVATE "${STATIC_LIBNDPI_INC}" "${NDPI_INCLUDEDIR}" "${NDPI_INCLUDEDIR}/ndpi") -target_compile_definitions(nDPId-test PRIVATE "-D_GNU_SOURCE=1" "-DNO_MAIN=1" "-Dsyslog=mock_syslog_stderr") +target_compile_definitions(nDPId-test PRIVATE "-D_GNU_SOURCE=1" "-DNO_MAIN=1" "-Dsyslog=mock_syslog_stderr" ${NDPID_TEST_MPROF_DEFS}) target_link_libraries(nDPId-test "${STATIC_LIBNDPI_LIB}" "${pkgcfg_lib_NDPI_ndpi}" "${pkgcfg_lib_PCRE_pcre}" "${pkgcfg_lib_MAXMINDDB_maxminddb}" "${pkgcfg_lib_ZLIB_z}" "${GCRYPT_LIBRARY}" "${GCRYPT_ERROR_LIBRARY}" "${PCAP_LIBRARY}" diff --git a/nDPId-test.c b/nDPId-test.c index d8ef7847f..13d28cf77 100644 --- a/nDPId-test.c +++ b/nDPId-test.c @@ -21,6 +21,19 @@ struct thread_return_value int val; }; +struct nDPId_return_value +{ + struct thread_return_value thread_return_value; + + unsigned long long int packets_captured; + unsigned long long int packets_processed; + unsigned long long int total_skipped_flows; + unsigned long long int total_l4_data_len; + unsigned long long int detected_flow_protocols; + unsigned long long int total_active_flows; + unsigned long long int total_idle_flows; +}; + static int mock_pipefds[PIPE_COUNT] = {}; static int mock_servfds[PIPE_COUNT] = {}; static pthread_mutex_t log_mutex = PTHREAD_MUTEX_INITIALIZER; @@ -245,9 +258,12 @@ error: static void * nDPId_mainloop_thread(void * const arg) { + struct nDPId_return_value * const nrv = (struct nDPId_return_value *)arg; + struct thread_return_value * const trr = &nrv->thread_return_value; + if (setup_reader_threads() != 0) { - THREAD_ERROR(arg); + THREAD_ERROR(trr); return NULL; } @@ -258,6 +274,16 @@ static void * nDPId_mainloop_thread(void * const arg) jsonize_daemon(&reader_threads[0], DAEMON_EVENT_INIT); run_pcap_loop(&reader_threads[0]); process_remaining_flows(); + for (size_t i = 0; i < nDPId_options.reader_thread_count; ++i) + { + nrv->packets_captured = reader_threads[i].workflow->packets_captured; + nrv->packets_processed = reader_threads[i].workflow->packets_processed; + nrv->total_skipped_flows = reader_threads[i].workflow->total_skipped_flows; + nrv->total_l4_data_len = reader_threads[i].workflow->total_l4_data_len; + nrv->detected_flow_protocols = reader_threads[i].workflow->detected_flow_protocols; + nrv->total_active_flows = reader_threads[i].workflow->total_active_flows; + nrv->total_idle_flows = reader_threads[i].workflow->total_idle_flows; + } free_reader_threads(); close(mock_pipefds[PIPE_nDPId]); @@ -267,7 +293,11 @@ static void * nDPId_mainloop_thread(void * const arg) static void usage(char const * const arg0) { - fprintf(stderr, "usage: %s [path-to-pcap-file]\n", arg0); + fprintf(stderr, + "usage: %s [path-to-pcap-file]\n" + "\tinfluencial environment variable:\n" + "\t\tPRINT_SUMMARY - if set, print a summary after processing finished\n", + arg0); } static int thread_wait_for_termination(pthread_t thread, time_t wait_time_secs, struct thread_return_value * const trv) @@ -293,7 +323,8 @@ static int thread_wait_for_termination(pthread_t thread, time_t wait_time_secs, return 1; } -#define THREADS_RETURNED_ERROR() (nDPId_return.val != 0 || nDPIsrvd_return.val != 0 || distributor_return.val != 0) +#define THREADS_RETURNED_ERROR() \ + (nDPId_return.thread_return_value.val != 0 || nDPIsrvd_return.val != 0 || distributor_return.val != 0) int main(int argc, char ** argv) { if (argc != 2) @@ -307,6 +338,14 @@ int main(int argc, char ** argv) return 1; } +#ifdef ENABLE_ZLIB + /* + * zLib compression is forced disabled for testing at the moment. + * That may change in the future. + */ + nDPId_options.enable_zlib_compression = 0; +#endif + nDPId_options.memory_profiling_print_every = (unsigned long long int)-1; nDPId_options.reader_thread_count = 1; /* Please do not change this! Generating meaningful pcap diff's relies on a single reader thread! */ nDPId_options.instance_alias = strdup("nDPId-test"); @@ -336,7 +375,7 @@ int main(int argc, char ** argv) } pthread_t nDPId_thread; - struct thread_return_value nDPId_return = {}; + struct nDPId_return_value nDPId_return = {}; if (pthread_create(&nDPId_thread, NULL, nDPId_mainloop_thread, &nDPId_return) != 0) { return 1; @@ -366,7 +405,7 @@ int main(int argc, char ** argv) } } - while (thread_wait_for_termination(nDPId_thread, 1, &nDPId_return) == 0) + while (thread_wait_for_termination(nDPId_thread, 1, &nDPId_return.thread_return_value) == 0) { if (THREADS_RETURNED_ERROR() != 0) { @@ -382,5 +421,34 @@ int main(int argc, char ** argv) } } + if (getenv("PRINT_SUMMARY") != NULL) + { + printf( + "~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~\n" + "~~ packets captured/processed: %llu/%llu\n" + "~~ skipped flows.............: %llu\n" + "~~ total layer4 data length..: %llu bytes\n" + "~~ total detected protocols..: %llu\n" + "~~ total active/idle flows...: %llu/%llu\n" + "~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n", + nDPId_return.packets_captured, + nDPId_return.packets_processed, + nDPId_return.total_skipped_flows, + nDPId_return.total_l4_data_len, + nDPId_return.detected_flow_protocols, + nDPId_return.total_active_flows, + nDPId_return.total_idle_flows); + + printf( + "~~ total memory allocated....: %lu bytes\n" + "~~ total memory freed........: %lu bytes\n" + "~~ total allocations/frees...: %lu/%lu\n" + "~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n", + ndpi_memory_alloc_bytes, + ndpi_memory_free_bytes, + ndpi_memory_alloc_count, + ndpi_memory_free_count); + } + return THREADS_RETURNED_ERROR(); } @@ -337,6 +337,9 @@ static struct unsigned long long int max_idle_flows_per_thread; unsigned long long int tick_resolution; unsigned long long int reader_thread_count; +#ifdef ENABLE_MEMORY_PROFILING + unsigned long long int memory_profiling_print_every; +#endif #ifdef ENABLE_ZLIB unsigned long long int compression_scan_period; unsigned long long int compression_flow_inactivity; @@ -356,6 +359,9 @@ static struct .max_idle_flows_per_thread = nDPId_MAX_IDLE_FLOWS_PER_THREAD / 2, .tick_resolution = nDPId_TICK_RESOLUTION, .reader_thread_count = nDPId_MAX_READER_THREADS / 2, +#ifdef ENABLE_MEMORY_PROFILING + .memory_profiling_print_every = nDPId_LOG_MEMORY_USAGE_EVERY, +#endif #ifdef ENABLE_ZLIB .compression_scan_period = nDPId_COMPRESSION_SCAN_PERIOD, .compression_flow_inactivity = nDPId_COMPRESSION_FLOW_INACTIVITY, @@ -376,6 +382,9 @@ enum nDPId_subopts TICK_RESOLUTION, MAX_READER_THREADS, IDLE_SCAN_PERIOD, +#ifdef ENABLE_MEMORY_PROFILING + MEMORY_PROFILING_PRINT_EVERY, +#endif #ifdef ENABLE_ZLIB COMPRESSION_SCAN_PERIOD, COMPRESSION_FLOW_INACTIVITY, @@ -392,6 +401,9 @@ static char * const subopt_token[] = {[MAX_FLOWS_PER_THREAD] = "max-flows-per-th [MAX_IDLE_FLOWS_PER_THREAD] = "max-idle-flows-per-thread", [TICK_RESOLUTION] = "tick-resolution", [MAX_READER_THREADS] = "max-reader-threads", +#ifdef ENABLE_MEMORY_PROFILING + [MEMORY_PROFILING_PRINT_EVERY] = "memory-profiling-print-every", +#endif #ifdef ENABLE_ZLIB [COMPRESSION_SCAN_PERIOD] = "compression-scan-period", [COMPRESSION_FLOW_INACTIVITY] = "compression-flow-activity", @@ -921,7 +933,7 @@ static void log_memory_usage(struct nDPId_reader_thread * const reader_thread) { struct nDPId_workflow * const workflow = reader_thread->workflow; - if (workflow->last_memory_usage_log_time + nDPId_LOG_MEMORY_USAGE_EVERY < workflow->last_time) + if (workflow->last_memory_usage_log_time + nDPId_options.memory_profiling_print_every < workflow->last_time) { if (reader_thread->array_index == 0) { @@ -3369,6 +3381,11 @@ static void print_subopt_usage(void) case IDLE_SCAN_PERIOD: fprintf(stderr, "%llu\n", nDPId_options.idle_scan_period); break; +#ifdef ENABLE_MEMORY_PROFILING + case MEMORY_PROFILING_PRINT_EVERY: + fprintf(stderr, "%llu\n", nDPId_options.memory_profiling_print_every); + break; +#endif #ifdef ENABLE_ZLIB case COMPRESSION_SCAN_PERIOD: fprintf(stderr, "%llu\n", nDPId_options.compression_scan_period); @@ -3571,6 +3588,11 @@ static int nDPId_parse_options(int argc, char ** argv) case IDLE_SCAN_PERIOD: nDPId_options.idle_scan_period = value_llu; break; +#ifdef ENABLE_MEMORY_PROFILING + case MEMORY_PROFILING_PRINT_EVERY: + nDPId_options.memory_profiling_print_every = value_llu; + break; +#endif #ifdef ENABLE_ZLIB case COMPRESSION_SCAN_PERIOD: nDPId_options.compression_scan_period = value_llu; diff --git a/test/results/1kxun.pcap.out b/test/results/1kxun.pcap.out index c557ffd68..1b3c2c6cb 100644 --- a/test/results/1kxun.pcap.out +++ b/test/results/1kxun.pcap.out @@ -1163,3 +1163,14 @@ 00510{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1439,"source":"1kxun.pcap","alias":"nDPId-test","flow_id":146,"flow_packet_id":2,"flow_first_seen":1470104432630,"flow_last_seen":1470104432728,"flow_min_l4_payload_len":27,"flow_max_l4_payload_len":27,"flow_tot_l4_payload_len":54,"flow_avg_l4_payload_len":27,"midstream":0,"l3_proto":"ip6","src_ip":"fe80::5d92:62a8:ebde:1319","dst_ip":"ff02::1:3","src_port":58468,"dst_port":5355,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00511{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1439,"source":"1kxun.pcap","alias":"nDPId-test","flow_id":92,"flow_packet_id":16,"flow_first_seen":1470104400162,"flow_last_seen":1470104408559,"flow_min_l4_payload_len":448,"flow_max_l4_payload_len":528,"flow_tot_l4_payload_len":7929,"flow_avg_l4_payload_len":495,"midstream":0,"l3_proto":"ip6","src_ip":"fe80::9bd:81dd:2fdc:5750","dst_ip":"ff02::c","src_port":1900,"dst_port":1900,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00127{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":1439,"source":"1kxun.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 1439/1439 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 579199 bytes +~~ total detected protocols..: 113 +~~ total active/idle flows...: 148/148 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 5396869 bytes +~~ total memory freed........: 5396869 bytes +~~ total allocations/frees...: 60305/60305 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/443-chrome.pcap.out b/test/results/443-chrome.pcap.out index 77ab8d021..91f78d297 100644 --- a/test/results/443-chrome.pcap.out +++ b/test/results/443-chrome.pcap.out @@ -4,3 +4,14 @@ 00516{"flow_event_id":4,"flow_event_name":"guessed","thread_id":0,"packet_id":1,"source":"443-chrome.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":1,"flow_first_seen":1581109434258,"flow_last_seen":0,"flow_min_l4_payload_len":1440,"flow_max_l4_payload_len":1440,"flow_tot_l4_payload_len":1440,"flow_avg_l4_payload_len":1440,"midstream":1,"l3_proto":"ip4","src_ip":"178.62.197.130","dst_ip":"192.168.1.13","src_port":443,"dst_port":53059,"l4_proto":"tcp","ndpi": {"proto":"TLS","breed":"Safe","category":"Web"}} 00497{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1,"source":"443-chrome.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":1,"flow_first_seen":1581109434258,"flow_last_seen":0,"flow_min_l4_payload_len":1440,"flow_max_l4_payload_len":1440,"flow_tot_l4_payload_len":1440,"flow_avg_l4_payload_len":1440,"midstream":1,"l3_proto":"ip4","src_ip":"178.62.197.130","dst_ip":"192.168.1.13","src_port":443,"dst_port":53059,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00129{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":1,"source":"443-chrome.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 1/1 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 1472 bytes +~~ total detected protocols..: 0 +~~ total active/idle flows...: 1/1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4822160 bytes +~~ total memory freed........: 4822160 bytes +~~ total allocations/frees...: 58360/58360 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/443-curl.pcap.out b/test/results/443-curl.pcap.out index 3d7953d38..c984a6f22 100644 --- a/test/results/443-curl.pcap.out +++ b/test/results/443-curl.pcap.out @@ -20,3 +20,14 @@ 00426{"flow_id":1,"flow_packet_id":15,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":15,"source":"443-curl.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1581113120,"pkt_ts_usec":615535,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"pkt":"EBMx8Tl2KDc3AG3ICABFAAA0AABAAEAGAU7AqAENsj7FgtjjAbvMd3kZj5LdrYAQD\/wK2AAAAQEICh5iRj8laAr5"} 00507{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":109,"source":"443-curl.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":109,"flow_first_seen":1581113120474,"flow_last_seen":1581113121570,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":1440,"flow_tot_l4_payload_len":66816,"flow_avg_l4_payload_len":612,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.1.13","dst_ip":"178.62.197.130","src_port":55523,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00129{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":109,"source":"443-curl.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 109/109 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 70276 bytes +~~ total detected protocols..: 1 +~~ total active/idle flows...: 1/1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4828160 bytes +~~ total memory freed........: 4828160 bytes +~~ total allocations/frees...: 58473/58473 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/443-firefox.pcap.out b/test/results/443-firefox.pcap.out index e865d3e95..914cd32c1 100644 --- a/test/results/443-firefox.pcap.out +++ b/test/results/443-firefox.pcap.out @@ -20,3 +20,14 @@ 00429{"flow_id":1,"flow_packet_id":15,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":15,"source":"443-firefox.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1581109488,"pkt_ts_usec":164580,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"pkt":"EBMx8Tl2KDc3AG3ICABFAAA0AABAAEAGAU7AqAENsj7Fgs9oAbstYPADeCoduYAQD\/bxywAAAQEICh4r1dolMJ3j"} 00511{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":667,"source":"443-firefox.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":667,"flow_first_seen":1581109488041,"flow_last_seen":1581109496480,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":1440,"flow_tot_l4_payload_len":414073,"flow_avg_l4_payload_len":620,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.1.13","dst_ip":"178.62.197.130","src_port":53096,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00132{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":667,"source":"443-firefox.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 667/667 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 435389 bytes +~~ total detected protocols..: 1 +~~ total active/idle flows...: 1/1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4844396 bytes +~~ total memory freed........: 4844396 bytes +~~ total allocations/frees...: 59032/59032 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/443-git.pcap.out b/test/results/443-git.pcap.out index 34c1bff63..11278d39f 100644 --- a/test/results/443-git.pcap.out +++ b/test/results/443-git.pcap.out @@ -20,3 +20,14 @@ 00528{"flow_id":1,"flow_packet_id":15,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":15,"source":"443-git.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1581113658,"pkt_ts_usec":131250,"pkt_caplen":140,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":140,"pkt_l4_len":106,"pkt":"KDc3AG3IEBMx8Tl2CABFAAB+wP9AADIGx26MUnIEwKgBDQG72cCAzeBR9P6h0oAYAB7pmQAAAQEICg4LEHoeal0YFwMDAEWJm0EBvvRKLmX7drjPshGyaEJWmqcp1RQ+pyLs4CGONTV6yT1TRVDipzhBBC2J7XfD1QzS\/vH7qDNCq0AYEKrGNVvpC2I="} 00502{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":70,"source":"443-git.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":70,"flow_first_seen":1581113657633,"flow_last_seen":1581113658456,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":1424,"flow_tot_l4_payload_len":32585,"flow_avg_l4_payload_len":465,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.1.13","dst_ip":"140.82.114.4","src_port":55744,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00127{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":70,"source":"443-git.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 70/70 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 34809 bytes +~~ total detected protocols..: 1 +~~ total active/idle flows...: 1/1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4830539 bytes +~~ total memory freed........: 4830539 bytes +~~ total allocations/frees...: 58436/58436 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/443-opvn.pcap.out b/test/results/443-opvn.pcap.out index c89fef2c0..061b86c2e 100644 --- a/test/results/443-opvn.pcap.out +++ b/test/results/443-opvn.pcap.out @@ -18,3 +18,14 @@ 00500{"flow_id":1,"flow_packet_id":15,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":15,"source":"443-opvn.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1581153176,"pkt_ts_usec":716855,"pkt_caplen":118,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":118,"pkt_l4_len":84,"pkt":"EBMx8Tl2KDc3AG3ICABFAABoAABAAEAG+B\/AqAFUwAzAZ87tBKpga1xQYFmfoIAYD9hfJAAAAQEIChYNhM8cQO44ADIo1nvkW+XCAesovRmAJlqMfsDgqoZ62+nwdLKzdgAAAARePnuYAQAAAAEZCC6A+cpSgA=="} 00505{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":46,"source":"443-opvn.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":46,"flow_first_seen":1581153175528,"flow_last_seen":1581153184491,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":1440,"flow_tot_l4_payload_len":8517,"flow_avg_l4_payload_len":185,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.1.84","dst_ip":"192.12.192.103","src_port":52973,"dst_port":1194,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00128{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":46,"source":"443-opvn.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 46/46 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 10009 bytes +~~ total detected protocols..: 1 +~~ total active/idle flows...: 1/1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4823465 bytes +~~ total memory freed........: 4823465 bytes +~~ total allocations/frees...: 58405/58405 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/443-safari.pcap.out b/test/results/443-safari.pcap.out index 7ff60b61d..a872ca3ee 100644 --- a/test/results/443-safari.pcap.out +++ b/test/results/443-safari.pcap.out @@ -20,3 +20,14 @@ 00429{"flow_id":1,"flow_packet_id":15,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":15,"source":"443-safari.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1581109359,"pkt_ts_usec":948184,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"pkt":"EBMx8Tl2KDc3AG3ICABFAAA0AABAAEAGAU7AqAENsj7Fgs8nAbvmgoZMqpsvGoAQD\/0\/cQAAAQEICh4p6gwlLqkM"} 00508{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":41,"source":"443-safari.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":41,"flow_first_seen":1581109359601,"flow_last_seen":1581109360696,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":1440,"flow_tot_l4_payload_len":17203,"flow_avg_l4_payload_len":419,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.1.13","dst_ip":"178.62.197.130","src_port":53031,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00130{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":41,"source":"443-safari.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 41/41 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 18535 bytes +~~ total detected protocols..: 1 +~~ total active/idle flows...: 1/1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4826218 bytes +~~ total memory freed........: 4826218 bytes +~~ total allocations/frees...: 58405/58405 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/4in4tunnel.pcap.out b/test/results/4in4tunnel.pcap.out index c6fbe533c..748051a4b 100644 --- a/test/results/4in4tunnel.pcap.out +++ b/test/results/4in4tunnel.pcap.out @@ -10,3 +10,14 @@ 00531{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":5,"source":"4in4tunnel.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1537165843,"pkt_ts_usec":864842,"pkt_caplen":170,"pkt_type":33024,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":170,"pkt_l4_len":0,"pkt":"AAAAAAAEpMZPO7OagQBmWIEAYfkIAEW4AJTPEAAA\/wQqkEVDI5Ipyi5uRbgAgAABAAD+Ed6ECgpkGQoKZQLzn0JoAGz7LQACAAABZb+KAAAAAAABAACrzavNq82rzavNq82rzavNq82rzavNq82rzavNq82rzavNq82rzavNq82rzavNq82rzavNq82rzavNq82rzavNq82rzavNq82rzavNq82rzavNq80="} 00151{"basic_event_id":5,"basic_event_name":"Unknown packet type","thread_id":0,"packet_id":5,"source":"4in4tunnel.pcap","alias":"nDPId-test","type":33024} 00129{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":5,"source":"4in4tunnel.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 5/0 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 0 bytes +~~ total detected protocols..: 0 +~~ total active/idle flows...: 0/0 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4816931 bytes +~~ total memory freed........: 4816931 bytes +~~ total allocations/frees...: 58355/58355 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/4in6tunnel.pcap.out b/test/results/4in6tunnel.pcap.out index 0a120e4c3..d4cb07c05 100644 --- a/test/results/4in6tunnel.pcap.out +++ b/test/results/4in6tunnel.pcap.out @@ -7,3 +7,14 @@ 02371{"flow_id":1,"flow_packet_id":4,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":4,"source":"4in6tunnel.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1543235434,"pkt_ts_usec":19248,"pkt_caplen":1514,"pkt_type":34525,"pkt_l3_offset":14,"pkt_l4_offset":54,"pkt_len":1514,"pkt_l4_len":1412,"pkt":"AAECunaOAAAASfSHht1gAAAABYQEPTRKupQVKqw0AAAAAAAAACoi4BaF7ac4zFi98\/GqPyLYRQAFhEuhQABhBvQeCgoKAcCoAAEBu\/vHAwzKj9\/hP2NQEAQEHmIAABYDAxNZAgAAWgMDW5uXESPnDY6GVdXogmmrS1WdR7CnjiCJLtiMMET4LR0g70cAAGowHs5bbipHOvpkse5qjMhnnSOXdm6lLVoWT1DALwAAEgAQAAUAAwJoMgAXAAD\/AQABAAsAEccAEcQADAYwggwCMIIJ6qADAgECAhMtAAAymdcHHbfRcIpCAAAAADKZMA0GCSqGSIb3DQEBCwUAMIGLMQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMRUwEwYDVQQLEwxNaWNyb3NvZnQgSVQxHjAcBgNVBAMTFU1pY3Jvc29mdCBJVCBUTFMgQ0EgNTAeFw0xNzA3MjAxNzQ3MDhaFw0xOTA3MTAxNzQ3MDhaMBcxFTATBgNVBAMTDHd3dy5iaW5nLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALqOyD7\/sOUit2AU5xoOUrdFD2wiCQmyCmP5nEBsh7fOLKKYjGNWUdfzumqBdw2Fpg1sIUPSI+b5pR9u\/gYNMtH4Aivx5J6CrFn4IFOhgzrs2GlVitrUoC9jheCrGis7gUH0hZglGqEjdJl5neUsrm31e5QyJwbyXnacl+k91de8FxrbBQKrwUcQ5sbzW8nMRIDSG0ss9ON1RYFCdc+JblurOUYfPO\/whJXqO0Ms01rklGWFKVeGj7qkJ52E0Xsw\/jJNpqe0+8AQstFZfXdWGOCgJxEIK7SzyvFbkO5VaXY9vaLDfkwWc1aVyhXCrQCMB8YD7ERtr9YuJ3qp+RBy1iMCAwEAAaOCB9AwggfMMB0GA1UdDgQWBBQJh+WFKXgwICWz3X7cbO2lKagDcDALBgNVHQ8EBAMCBLAwHwYDVR0jBBgwFoAUCP4ln3TqhwTCvLuOqDhfM8bRbGUwgawGA1UdHwSBpDCBoTCBnqCBm6CBmIZLaHR0cDovL21zY3JsLm1pY3Jvc29mdC5jb20vcGtpL21zY29ycC9jcmwvTWljcm9zb2Z0JTIwSVQlMjBUTFMlMjBDQSUyMDUuY3JshklodHRwOi8vY3JsLm1pY3Jvc29mdC5jb20vcGtpL21zY29ycC9jcmwvTWljcm9zb2Z0JTIwSVQlMjBUTFMlMjBDQSUyMDUuY3JsMIGFBggrBgEFBQcBAQR5MHcwUQYIKwYBBQUHMAKGRWh0dHA6Ly93d3cubWljcm9zb2Z0LmNvbS9wa2kvbXNjb3JwL01pY3Jvc29mdCUyMElUJTIwVExTJTIwQ0ElMjA1LmNydDAiBggrBgEFBQcwAYYWaHR0cDovL29jc3AubXNvY3NwLmNvbTA+BgkrBgEEAYI3FQcEMTAvBicrBgEEAYI3FQiH2oZ1g+7ZAYLJhRuBtZ5hhfTrYIFdhNLfQoLnk3oCAWQCARAwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBME0GA1UdIARGMEQwQgYJKwYBBAGCNyoBMDUwMwYIKwYBBQUHAgEWJ2h0dHA6Ly93d3cubWljcm9zb2Z0LmNvbS9wa2kvbXNjb3JwL2NwczAnBgkrBgEEAYI3FQoEGjAYMAoGCCsGAQUFBwMCMAoGCCsGAQUFBwMBMIIFbQYDVR0RBIIFZDCCBWCCDHd3dy5iaW5nLmNvbYIQZGljdC5iaW5nLmNvbS5jboITKi5wbGF0Zm9ybS5iaW5nLmNvbYIKKi5iaW5nLmNvbYIIYmluZy5jb22CFmllb25saW5lLm1pY3Jvc28AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="} 00497{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":4,"source":"4in6tunnel.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":4,"flow_first_seen":1543235434019,"flow_last_seen":1543235434019,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":0,"flow_tot_l4_payload_len":0,"flow_avg_l4_payload_len":0,"midstream":0,"l3_proto":"ip6","src_ip":"22e0:1685:eda7:38cc:58bd:f3f1:aa3f:22d8","dst_ip":"344a:ba94:152a:ac34::2a","l4_proto":4,"flow_datalink":1,"flow_max_packets":15} 00129{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":4,"source":"4in6tunnel.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 4/4 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 1780 bytes +~~ total detected protocols..: 1 +~~ total active/idle flows...: 1/1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4820199 bytes +~~ total memory freed........: 4820199 bytes +~~ total allocations/frees...: 58362/58362 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/6in4tunnel.pcap.out b/test/results/6in4tunnel.pcap.out index 0a1f99af4..b2a9a8896 100644 --- a/test/results/6in4tunnel.pcap.out +++ b/test/results/6in4tunnel.pcap.out @@ -18,3 +18,14 @@ 00479{"flow_event_id":7,"flow_event_name":"not-detected","thread_id":0,"packet_id":127,"source":"6in4tunnel.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":127,"flow_first_seen":1444236893450,"flow_last_seen":1444236915586,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":0,"flow_tot_l4_payload_len":0,"flow_avg_l4_payload_len":0,"midstream":0,"l3_proto":"ip4","src_ip":"174.3.73.24","dst_ip":"184.105.255.26","l4_proto":41,"ndpi": {"proto":"Unknown","breed":"Unrated"}} 00465{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":127,"source":"6in4tunnel.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":127,"flow_first_seen":1444236893450,"flow_last_seen":1444236915586,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":0,"flow_tot_l4_payload_len":0,"flow_avg_l4_payload_len":0,"midstream":0,"l3_proto":"ip4","src_ip":"174.3.73.24","dst_ip":"184.105.255.26","l4_proto":41,"flow_datalink":1,"flow_max_packets":15} 00131{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":127,"source":"6in4tunnel.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 127/127 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 35975 bytes +~~ total detected protocols..: 0 +~~ total active/idle flows...: 1/1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4823766 bytes +~~ total memory freed........: 4823766 bytes +~~ total allocations/frees...: 58485/58485 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/6in6tunnel.pcap.out b/test/results/6in6tunnel.pcap.out index a2d4fc6f1..e19434938 100644 --- a/test/results/6in6tunnel.pcap.out +++ b/test/results/6in6tunnel.pcap.out @@ -8,3 +8,14 @@ 00458{"flow_event_id":7,"flow_event_name":"not-detected","thread_id":0,"packet_id":2,"source":"6in6tunnel.pcap","alias":"nDPId-test","flow_id":2,"flow_packet_id":1,"flow_first_seen":1335197872164,"flow_last_seen":0,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":0,"flow_tot_l4_payload_len":0,"flow_avg_l4_payload_len":0,"midstream":0,"l3_proto":"ip6","src_ip":"feed::beef","dst_ip":"feed::cafe","l4_proto":41,"ndpi": {"proto":"Unknown","breed":"Unrated"}} 00444{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2,"source":"6in6tunnel.pcap","alias":"nDPId-test","flow_id":2,"flow_packet_id":1,"flow_first_seen":1335197872164,"flow_last_seen":0,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":0,"flow_tot_l4_payload_len":0,"flow_avg_l4_payload_len":0,"midstream":0,"l3_proto":"ip6","src_ip":"feed::beef","dst_ip":"feed::cafe","l4_proto":41,"flow_datalink":1,"flow_max_packets":15} 00129{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":2,"source":"6in6tunnel.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 2/2 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 104 bytes +~~ total detected protocols..: 0 +~~ total active/idle flows...: 2/2 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4823293 bytes +~~ total memory freed........: 4823293 bytes +~~ total allocations/frees...: 58363/58363 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/BGP_Cisco_hdlc_slarp.pcap.out b/test/results/BGP_Cisco_hdlc_slarp.pcap.out index baf97feb5..8a2ef40e5 100644 --- a/test/results/BGP_Cisco_hdlc_slarp.pcap.out +++ b/test/results/BGP_Cisco_hdlc_slarp.pcap.out @@ -17,3 +17,14 @@ 00408{"flow_id":1,"flow_packet_id":14,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":14,"source":"BGP_Cisco_hdlc_slarp.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1445156989,"pkt_ts_usec":230918,"pkt_caplen":44,"pkt_type":2048,"pkt_l3_offset":4,"pkt_l4_offset":24,"pkt_len":44,"pkt_l4_len":20,"pkt":"DwAIAEXAACj4mEAAAQa2VGQQAQJkEAEBR5QAs7zqdh4ZWdSNUBA+8z2HAAA="} 00508{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":14,"source":"BGP_Cisco_hdlc_slarp.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":14,"flow_first_seen":1445156939131,"flow_last_seen":1445156989230,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":151,"flow_tot_l4_payload_len":345,"flow_avg_l4_payload_len":24,"midstream":0,"l3_proto":"ip4","src_ip":"100.16.1.2","dst_ip":"100.16.1.1","src_port":18324,"dst_port":179,"l4_proto":"tcp","flow_datalink":9,"flow_max_packets":15} 00140{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":14,"source":"BGP_Cisco_hdlc_slarp.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 14/14 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 633 bytes +~~ total detected protocols..: 1 +~~ total active/idle flows...: 1/1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4820489 bytes +~~ total memory freed........: 4820489 bytes +~~ total allocations/frees...: 58372/58372 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/BGP_redist.pcap.out b/test/results/BGP_redist.pcap.out index 140edb013..e71290621 100644 --- a/test/results/BGP_redist.pcap.out +++ b/test/results/BGP_redist.pcap.out @@ -6,3 +6,14 @@ 00511{"flow_event_id":5,"flow_event_name":"detected","thread_id":0,"packet_id":2,"source":"BGP_redist.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":1,"flow_first_seen":1256636836167,"flow_last_seen":0,"flow_min_l4_payload_len":115,"flow_max_l4_payload_len":115,"flow_tot_l4_payload_len":115,"flow_avg_l4_payload_len":115,"midstream":1,"l3_proto":"ip4","src_ip":"2.2.2.2","dst_ip":"5.5.5.5","src_port":179,"dst_port":49433,"l4_proto":"tcp","ndpi": {"proto":"BGP","breed":"Acceptable","category":"Network"}} 00483{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2,"source":"BGP_redist.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":1,"flow_first_seen":1256636836167,"flow_last_seen":0,"flow_min_l4_payload_len":115,"flow_max_l4_payload_len":115,"flow_tot_l4_payload_len":115,"flow_avg_l4_payload_len":115,"midstream":1,"l3_proto":"ip4","src_ip":"2.2.2.2","dst_ip":"5.5.5.5","src_port":179,"dst_port":49433,"l4_proto":"tcp","flow_datalink":104,"flow_max_packets":15} 00129{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":2,"source":"BGP_redist.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 2/1 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 135 bytes +~~ total detected protocols..: 1 +~~ total active/idle flows...: 1/1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4820112 bytes +~~ total memory freed........: 4820112 bytes +~~ total allocations/frees...: 58359/58359 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/EAQ.pcap.out b/test/results/EAQ.pcap.out index feaf97764..cdcf4298f 100644 --- a/test/results/EAQ.pcap.out +++ b/test/results/EAQ.pcap.out @@ -509,3 +509,14 @@ 00512{"flow_event_id":4,"flow_event_name":"guessed","thread_id":0,"packet_id":197,"source":"EAQ.pcap","alias":"nDPId-test","flow_id":100,"flow_packet_id":1,"flow_first_seen":1432821041151,"flow_last_seen":0,"flow_min_l4_payload_len":16,"flow_max_l4_payload_len":16,"flow_tot_l4_payload_len":16,"flow_avg_l4_payload_len":16,"midstream":0,"l3_proto":"ip4","src_ip":"10.8.0.1","dst_ip":"200.194.129.67","src_port":37985,"dst_port":6000,"l4_proto":"udp","ndpi": {"proto":"EAQ","breed":"Acceptable","category":"Network"}} 00483{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":197,"source":"EAQ.pcap","alias":"nDPId-test","flow_id":100,"flow_packet_id":1,"flow_first_seen":1432821041151,"flow_last_seen":0,"flow_min_l4_payload_len":16,"flow_max_l4_payload_len":16,"flow_tot_l4_payload_len":16,"flow_avg_l4_payload_len":16,"midstream":0,"l3_proto":"ip4","src_ip":"10.8.0.1","dst_ip":"200.194.129.67","src_port":37985,"dst_port":6000,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00124{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":197,"source":"EAQ.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 197/197 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 15137 bytes +~~ total detected protocols..: 10 +~~ total active/idle flows...: 104/104 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 5150553 bytes +~~ total memory freed........: 5150553 bytes +~~ total allocations/frees...: 58870/58870 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/IEC104.pcap.out b/test/results/IEC104.pcap.out index 09b9a01f2..cfba39e07 100644 --- a/test/results/IEC104.pcap.out +++ b/test/results/IEC104.pcap.out @@ -21,3 +21,14 @@ 00500{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":15,"source":"IEC104.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":12,"flow_first_seen":1317629088495,"flow_last_seen":1317629090498,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":252,"flow_tot_l4_payload_len":603,"flow_avg_l4_payload_len":50,"midstream":1,"l3_proto":"ip4","src_ip":"10.175.211.1","dst_ip":"10.119.105.26","src_port":2404,"dst_port":54768,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00494{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":15,"source":"IEC104.pcap","alias":"nDPId-test","flow_id":2,"flow_packet_id":3,"flow_first_seen":1317629088520,"flow_last_seen":1317629088739,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":6,"flow_tot_l4_payload_len":6,"flow_avg_l4_payload_len":2,"midstream":1,"l3_proto":"ip4","src_ip":"10.175.211.3","dst_ip":"10.119.105.26","src_port":2404,"dst_port":54769,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00126{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":15,"source":"IEC104.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 15/15 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 909 bytes +~~ total detected protocols..: 2 +~~ total active/idle flows...: 2/2 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4823670 bytes +~~ total memory freed........: 4823670 bytes +~~ total allocations/frees...: 58376/58376 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/KakaoTalk_chat.pcap.out b/test/results/KakaoTalk_chat.pcap.out index 7bb1c9cd3..d05719a74 100644 --- a/test/results/KakaoTalk_chat.pcap.out +++ b/test/results/KakaoTalk_chat.pcap.out @@ -376,3 +376,14 @@ 00512{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":347,"source":"KakaoTalk_chat.pcap","alias":"nDPId-test","flow_id":35,"flow_packet_id":18,"flow_first_seen":1430069044758,"flow_last_seen":1430069069274,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":247,"flow_tot_l4_payload_len":1401,"flow_avg_l4_payload_len":77,"midstream":1,"l3_proto":"ip4","src_ip":"139.150.0.125","dst_ip":"10.24.82.188","src_port":443,"dst_port":46947,"l4_proto":"tcp","flow_datalink":113,"flow_max_packets":15} 00504{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":347,"source":"KakaoTalk_chat.pcap","alias":"nDPId-test","flow_id":8,"flow_packet_id":2,"flow_first_seen":1430069022104,"flow_last_seen":1430069022234,"flow_min_l4_payload_len":37,"flow_max_l4_payload_len":80,"flow_tot_l4_payload_len":117,"flow_avg_l4_payload_len":58,"midstream":0,"l3_proto":"ip4","src_ip":"10.24.82.188","dst_ip":"10.188.1.1","src_port":9094,"dst_port":53,"l4_proto":"udp","flow_datalink":113,"flow_max_packets":15} 00135{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":347,"source":"KakaoTalk_chat.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 347/347 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 59444 bytes +~~ total detected protocols..: 29 +~~ total active/idle flows...: 39/39 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 5063745 bytes +~~ total memory freed........: 5063745 bytes +~~ total allocations/frees...: 59029/59029 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/KakaoTalk_talk.pcap.out b/test/results/KakaoTalk_talk.pcap.out index 63d18d8f2..b9bc8283c 100644 --- a/test/results/KakaoTalk_talk.pcap.out +++ b/test/results/KakaoTalk_talk.pcap.out @@ -224,3 +224,14 @@ 00528{"flow_event_id":4,"flow_event_name":"guessed","thread_id":0,"packet_id":3203,"source":"KakaoTalk_talk.pcap","alias":"nDPId-test","flow_id":7,"flow_packet_id":5,"flow_first_seen":1430069164656,"flow_last_seen":1430069216559,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":442,"flow_tot_l4_payload_len":918,"flow_avg_l4_payload_len":183,"midstream":1,"l3_proto":"ip4","src_ip":"139.150.0.125","dst_ip":"10.24.82.188","src_port":443,"dst_port":46947,"l4_proto":"tcp","ndpi": {"proto":"TLS","breed":"Safe","category":"Web"}} 00511{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3203,"source":"KakaoTalk_talk.pcap","alias":"nDPId-test","flow_id":7,"flow_packet_id":5,"flow_first_seen":1430069164656,"flow_last_seen":1430069216559,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":442,"flow_tot_l4_payload_len":918,"flow_avg_l4_payload_len":183,"midstream":1,"l3_proto":"ip4","src_ip":"139.150.0.125","dst_ip":"10.24.82.188","src_port":443,"dst_port":46947,"l4_proto":"tcp","flow_datalink":113,"flow_max_packets":15} 00136{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":3203,"source":"KakaoTalk_talk.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 3203/3203 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 320484 bytes +~~ total detected protocols..: 9 +~~ total active/idle flows...: 20/20 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4999785 bytes +~~ total memory freed........: 4999785 bytes +~~ total allocations/frees...: 61636/61636 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/NTPv2.pcap.out b/test/results/NTPv2.pcap.out index 8d939727c..69c8a5450 100644 --- a/test/results/NTPv2.pcap.out +++ b/test/results/NTPv2.pcap.out @@ -4,3 +4,14 @@ 00511{"flow_event_id":5,"flow_event_name":"detected","thread_id":0,"packet_id":1,"source":"NTPv2.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":1,"flow_first_seen":1436865383632,"flow_last_seen":0,"flow_min_l4_payload_len":368,"flow_max_l4_payload_len":368,"flow_tot_l4_payload_len":368,"flow_avg_l4_payload_len":368,"midstream":0,"l3_proto":"ip4","src_ip":"208.104.95.10","dst_ip":"78.46.76.2","src_port":123,"dst_port":80,"l4_proto":"udp","ndpi": {"proto":"NTP","breed":"Acceptable","category":"System"}} 00482{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1,"source":"NTPv2.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":1,"flow_first_seen":1436865383632,"flow_last_seen":0,"flow_min_l4_payload_len":368,"flow_max_l4_payload_len":368,"flow_tot_l4_payload_len":368,"flow_avg_l4_payload_len":368,"midstream":0,"l3_proto":"ip4","src_ip":"208.104.95.10","dst_ip":"78.46.76.2","src_port":123,"dst_port":80,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00124{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":1,"source":"NTPv2.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 1/1 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 376 bytes +~~ total detected protocols..: 1 +~~ total active/idle flows...: 1/1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4820112 bytes +~~ total memory freed........: 4820112 bytes +~~ total allocations/frees...: 58359/58359 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/NTPv3.pcap.out b/test/results/NTPv3.pcap.out index 5811bb37c..7e435cea5 100644 --- a/test/results/NTPv3.pcap.out +++ b/test/results/NTPv3.pcap.out @@ -4,3 +4,14 @@ 00508{"flow_event_id":5,"flow_event_name":"detected","thread_id":0,"packet_id":1,"source":"NTPv3.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":1,"flow_first_seen":1436865405371,"flow_last_seen":0,"flow_min_l4_payload_len":48,"flow_max_l4_payload_len":48,"flow_tot_l4_payload_len":48,"flow_avg_l4_payload_len":48,"midstream":0,"l3_proto":"ip4","src_ip":"175.144.140.29","dst_ip":"78.46.76.2","src_port":123,"dst_port":80,"l4_proto":"udp","ndpi": {"proto":"NTP","breed":"Acceptable","category":"System"}} 00479{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1,"source":"NTPv3.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":1,"flow_first_seen":1436865405371,"flow_last_seen":0,"flow_min_l4_payload_len":48,"flow_max_l4_payload_len":48,"flow_tot_l4_payload_len":48,"flow_avg_l4_payload_len":48,"midstream":0,"l3_proto":"ip4","src_ip":"175.144.140.29","dst_ip":"78.46.76.2","src_port":123,"dst_port":80,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00124{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":1,"source":"NTPv3.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 1/1 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 56 bytes +~~ total detected protocols..: 1 +~~ total active/idle flows...: 1/1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4820112 bytes +~~ total memory freed........: 4820112 bytes +~~ total allocations/frees...: 58359/58359 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/NTPv4.pcap.out b/test/results/NTPv4.pcap.out index 857a083e8..c1bae9d40 100644 --- a/test/results/NTPv4.pcap.out +++ b/test/results/NTPv4.pcap.out @@ -4,3 +4,14 @@ 00508{"flow_event_id":5,"flow_event_name":"detected","thread_id":0,"packet_id":1,"source":"NTPv4.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":1,"flow_first_seen":1436865396190,"flow_last_seen":0,"flow_min_l4_payload_len":48,"flow_max_l4_payload_len":48,"flow_tot_l4_payload_len":48,"flow_avg_l4_payload_len":48,"midstream":0,"l3_proto":"ip4","src_ip":"85.22.62.120","dst_ip":"78.46.76.11","src_port":123,"dst_port":123,"l4_proto":"udp","ndpi": {"proto":"NTP","breed":"Acceptable","category":"System"}} 00479{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1,"source":"NTPv4.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":1,"flow_first_seen":1436865396190,"flow_last_seen":0,"flow_min_l4_payload_len":48,"flow_max_l4_payload_len":48,"flow_tot_l4_payload_len":48,"flow_avg_l4_payload_len":48,"midstream":0,"l3_proto":"ip4","src_ip":"85.22.62.120","dst_ip":"78.46.76.11","src_port":123,"dst_port":123,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00124{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":1,"source":"NTPv4.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 1/1 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 56 bytes +~~ total detected protocols..: 1 +~~ total active/idle flows...: 1/1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4820112 bytes +~~ total memory freed........: 4820112 bytes +~~ total allocations/frees...: 58359/58359 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/Oscar.pcap.out b/test/results/Oscar.pcap.out index 5756928b0..f3a530210 100644 --- a/test/results/Oscar.pcap.out +++ b/test/results/Oscar.pcap.out @@ -18,3 +18,14 @@ 00518{"flow_event_id":4,"flow_event_name":"guessed","thread_id":0,"packet_id":71,"source":"Oscar.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":71,"flow_first_seen":1434606464176,"flow_last_seen":1434606536630,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":1360,"flow_tot_l4_payload_len":5450,"flow_avg_l4_payload_len":76,"midstream":0,"l3_proto":"ip4","src_ip":"10.30.29.3","dst_ip":"178.237.24.249","src_port":63357,"dst_port":443,"l4_proto":"tcp","ndpi": {"proto":"TLS","breed":"Safe","category":"Web"}} 00499{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":71,"source":"Oscar.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":71,"flow_first_seen":1434606464176,"flow_last_seen":1434606536630,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":1360,"flow_tot_l4_payload_len":5450,"flow_avg_l4_payload_len":76,"midstream":0,"l3_proto":"ip4","src_ip":"10.30.29.3","dst_ip":"178.237.24.249","src_port":63357,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00125{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":71,"source":"Oscar.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 71/71 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 6898 bytes +~~ total detected protocols..: 0 +~~ total active/idle flows...: 1/1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4866939 bytes +~~ total memory freed........: 4866939 bytes +~~ total allocations/frees...: 58443/58443 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/WebattackRCE.pcap.out b/test/results/WebattackRCE.pcap.out index 2026fbb42..fc5fda922 100644 --- a/test/results/WebattackRCE.pcap.out +++ b/test/results/WebattackRCE.pcap.out @@ -3188,3 +3188,14 @@ 00492{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":797,"source":"WebattackRCE.pcap","alias":"nDPId-test","flow_id":743,"flow_packet_id":1,"flow_first_seen":1576420277892,"flow_last_seen":0,"flow_min_l4_payload_len":173,"flow_max_l4_payload_len":173,"flow_tot_l4_payload_len":173,"flow_avg_l4_payload_len":173,"midstream":1,"l3_proto":"ip4","src_ip":"127.0.0.1","dst_ip":"127.0.0.1","src_port":51048,"dst_port":8080,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00492{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":797,"source":"WebattackRCE.pcap","alias":"nDPId-test","flow_id":744,"flow_packet_id":1,"flow_first_seen":1576420277893,"flow_last_seen":0,"flow_min_l4_payload_len":187,"flow_max_l4_payload_len":187,"flow_tot_l4_payload_len":187,"flow_avg_l4_payload_len":187,"midstream":1,"l3_proto":"ip4","src_ip":"127.0.0.1","dst_ip":"127.0.0.1","src_port":51050,"dst_port":8080,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00133{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":797,"source":"WebattackRCE.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 797/797 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 163905 bytes +~~ total detected protocols..: 797 +~~ total active/idle flows...: 797/797 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 7433460 bytes +~~ total memory freed........: 7433460 bytes +~~ total allocations/frees...: 63128/63128 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/WebattackSQLinj.pcap.out b/test/results/WebattackSQLinj.pcap.out index 4df3cdfbd..e356f7e56 100644 --- a/test/results/WebattackSQLinj.pcap.out +++ b/test/results/WebattackSQLinj.pcap.out @@ -121,3 +121,14 @@ 00507{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":94,"source":"WebattackSQLinj.pcap","alias":"nDPId-test","flow_id":8,"flow_packet_id":10,"flow_first_seen":1499348506489,"flow_last_seen":1499348511497,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":1881,"flow_tot_l4_payload_len":2418,"flow_avg_l4_payload_len":241,"midstream":0,"l3_proto":"ip4","src_ip":"172.16.0.1","dst_ip":"192.168.10.50","src_port":36210,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00507{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":94,"source":"WebattackSQLinj.pcap","alias":"nDPId-test","flow_id":9,"flow_packet_id":12,"flow_first_seen":1499348514064,"flow_last_seen":1499348519077,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":2701,"flow_tot_l4_payload_len":4749,"flow_avg_l4_payload_len":395,"midstream":0,"l3_proto":"ip4","src_ip":"172.16.0.1","dst_ip":"192.168.10.50","src_port":36212,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00135{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":94,"source":"WebattackSQLinj.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 94/94 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 26812 bytes +~~ total detected protocols..: 9 +~~ total active/idle flows...: 9/9 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4849636 bytes +~~ total memory freed........: 4849636 bytes +~~ total allocations/frees...: 58503/58503 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/WebattackXSS.pcap.out b/test/results/WebattackXSS.pcap.out index 989faf769..2c9329e47 100644 --- a/test/results/WebattackXSS.pcap.out +++ b/test/results/WebattackXSS.pcap.out @@ -6146,3 +6146,14 @@ 00500{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":9374,"source":"WebattackXSS.pcap","alias":"nDPId-test","flow_id":661,"flow_packet_id":3,"flow_first_seen":1499348099359,"flow_last_seen":1499348099360,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":0,"flow_tot_l4_payload_len":0,"flow_avg_l4_payload_len":0,"midstream":0,"l3_proto":"ip4","src_ip":"172.16.0.1","dst_ip":"192.168.10.50","src_port":35950,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00511{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":9374,"source":"WebattackXSS.pcap","alias":"nDPId-test","flow_id":569,"flow_packet_id":311,"flow_first_seen":1499347939286,"flow_last_seen":1499348006339,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":1870,"flow_tot_l4_payload_len":232672,"flow_avg_l4_payload_len":748,"midstream":0,"l3_proto":"ip4","src_ip":"172.16.0.1","dst_ip":"192.168.10.50","src_port":34278,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00134{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":9374,"source":"WebattackXSS.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 9374/9374 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 4402432 bytes +~~ total detected protocols..: 22 +~~ total active/idle flows...: 661/661 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 7176199 bytes +~~ total memory freed........: 7176199 bytes +~~ total allocations/frees...: 69778/69778 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/aimini-http.pcap.out b/test/results/aimini-http.pcap.out index 079600c3e..f16158c73 100644 --- a/test/results/aimini-http.pcap.out +++ b/test/results/aimini-http.pcap.out @@ -70,3 +70,14 @@ 00502{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":139,"source":"aimini-http.pcap","alias":"nDPId-test","flow_id":3,"flow_packet_id":30,"flow_first_seen":1614860229388,"flow_last_seen":1614860229390,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":1460,"flow_tot_l4_payload_len":13568,"flow_avg_l4_payload_len":452,"midstream":0,"l3_proto":"ip4","src_ip":"10.101.0.2","dst_ip":"10.102.0.2","src_port":28503,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00500{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":139,"source":"aimini-http.pcap","alias":"nDPId-test","flow_id":4,"flow_packet_id":13,"flow_first_seen":1614860229389,"flow_last_seen":1614860229390,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":542,"flow_tot_l4_payload_len":1654,"flow_avg_l4_payload_len":127,"midstream":0,"l3_proto":"ip4","src_ip":"10.101.0.2","dst_ip":"10.102.0.2","src_port":28504,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00132{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":139,"source":"aimini-http.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 139/133 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 81918 bytes +~~ total detected protocols..: 4 +~~ total active/idle flows...: 4/4 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4834088 bytes +~~ total memory freed........: 4834088 bytes +~~ total allocations/frees...: 58508/58508 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/ajp.pcap.out b/test/results/ajp.pcap.out index cadd0b909..2906de6f5 100644 --- a/test/results/ajp.pcap.out +++ b/test/results/ajp.pcap.out @@ -76,3 +76,14 @@ 00390{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":38,"source":"ajp.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1505154584,"pkt_ts_usec":618218,"pkt_caplen":70,"pkt_type":33024,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":70,"pkt_l4_len":0,"pkt":"AFBWg47zAFBWg11YgQAABwgARQAANLLOQABABhyWrB0JkqwdCZOXyB9KcsXfUJOgL6qAEAB7dmUAAAEBCApOnGqSHlfwgw=="} 00145{"basic_event_id":5,"basic_event_name":"Unknown packet type","thread_id":0,"packet_id":38,"source":"ajp.pcap","alias":"nDPId-test","type":33024} 00123{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":38,"source":"ajp.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 38/0 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 0 bytes +~~ total detected protocols..: 0 +~~ total active/idle flows...: 0/0 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4816931 bytes +~~ total memory freed........: 4816931 bytes +~~ total allocations/frees...: 58355/58355 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/alexa-app.pcapng.out b/test/results/alexa-app.pcapng.out index a40039e55..1430f2131 100644 --- a/test/results/alexa-app.pcapng.out +++ b/test/results/alexa-app.pcapng.out @@ -2370,3 +2370,14 @@ 00510{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3435,"source":"alexa-app.pcapng","alias":"nDPId-test","flow_id":78,"flow_packet_id":27,"flow_first_seen":1490976080485,"flow_last_seen":1490976081484,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":1448,"flow_tot_l4_payload_len":7640,"flow_avg_l4_payload_len":282,"midstream":0,"l3_proto":"ip4","src_ip":"172.16.42.216","dst_ip":"34.199.52.240","src_port":38404,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00504{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3435,"source":"alexa-app.pcapng","alias":"nDPId-test","flow_id":17,"flow_packet_id":2,"flow_first_seen":1490976029669,"flow_last_seen":1490976029753,"flow_min_l4_payload_len":42,"flow_max_l4_payload_len":84,"flow_tot_l4_payload_len":126,"flow_avg_l4_payload_len":63,"midstream":0,"l3_proto":"ip4","src_ip":"172.16.42.216","dst_ip":"172.16.42.1","src_port":19967,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00133{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":3435,"source":"alexa-app.pcapng","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 3435/3406 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 1313763 bytes +~~ total detected protocols..: 147 +~~ total active/idle flows...: 162/162 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 5945688 bytes +~~ total memory freed........: 5945688 bytes +~~ total allocations/frees...: 62907/62907 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/among_us.pcap.out b/test/results/among_us.pcap.out index 6dd1379ea..353270a8d 100644 --- a/test/results/among_us.pcap.out +++ b/test/results/among_us.pcap.out @@ -4,3 +4,14 @@ 00509{"flow_event_id":5,"flow_event_name":"detected","thread_id":0,"packet_id":1,"source":"among_us.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":1,"flow_first_seen":946681200000,"flow_last_seen":0,"flow_min_l4_payload_len":15,"flow_max_l4_payload_len":15,"flow_tot_l4_payload_len":15,"flow_avg_l4_payload_len":15,"midstream":0,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"172.105.251.170","src_port":64260,"dst_port":22023,"l4_proto":"udp","ndpi": {"proto":"AmongUs","breed":"Fun","category":"Game"}} 00485{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1,"source":"among_us.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":1,"flow_first_seen":946681200000,"flow_last_seen":0,"flow_min_l4_payload_len":15,"flow_max_l4_payload_len":15,"flow_tot_l4_payload_len":15,"flow_avg_l4_payload_len":15,"midstream":0,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"172.105.251.170","src_port":64260,"dst_port":22023,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00127{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":1,"source":"among_us.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 1/1 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 23 bytes +~~ total detected protocols..: 1 +~~ total active/idle flows...: 1/1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4820112 bytes +~~ total memory freed........: 4820112 bytes +~~ total allocations/frees...: 58359/58359 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/amqp.pcap.out b/test/results/amqp.pcap.out index 2388dab2f..0793b33a7 100644 --- a/test/results/amqp.pcap.out +++ b/test/results/amqp.pcap.out @@ -54,3 +54,14 @@ 00494{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":160,"source":"amqp.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":108,"flow_first_seen":1490904166118,"flow_last_seen":1490904170243,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":329,"flow_tot_l4_payload_len":7295,"flow_avg_l4_payload_len":67,"midstream":1,"l3_proto":"ip4","src_ip":"127.0.0.1","dst_ip":"127.0.1.1","src_port":44205,"dst_port":5672,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00493{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":160,"source":"amqp.pcap","alias":"nDPId-test","flow_id":3,"flow_packet_id":30,"flow_first_seen":1490904169152,"flow_last_seen":1490904170195,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":246,"flow_tot_l4_payload_len":2085,"flow_avg_l4_payload_len":69,"midstream":1,"l3_proto":"ip4","src_ip":"127.0.0.1","dst_ip":"127.0.1.1","src_port":44206,"dst_port":5672,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00125{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":160,"source":"amqp.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 160/160 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 18074 bytes +~~ total detected protocols..: 3 +~~ total active/idle flows...: 3/3 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4837171 bytes +~~ total memory freed........: 4837171 bytes +~~ total allocations/frees...: 58527/58527 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/android.pcap.out b/test/results/android.pcap.out index f63d50c7c..9c950c037 100644 --- a/test/results/android.pcap.out +++ b/test/results/android.pcap.out @@ -640,3 +640,14 @@ 00497{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":500,"source":"android.pcap","alias":"nDPId-test","flow_id":52,"flow_packet_id":2,"flow_first_seen":1582454871600,"flow_last_seen":1582454871601,"flow_min_l4_payload_len":37,"flow_max_l4_payload_len":53,"flow_tot_l4_payload_len":90,"flow_avg_l4_payload_len":45,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.2.16","dst_ip":"192.168.2.1","src_port":58892,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00497{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":500,"source":"android.pcap","alias":"nDPId-test","flow_id":28,"flow_packet_id":2,"flow_first_seen":1582454867723,"flow_last_seen":1582454867761,"flow_min_l4_payload_len":37,"flow_max_l4_payload_len":53,"flow_tot_l4_payload_len":90,"flow_avg_l4_payload_len":45,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.2.16","dst_ip":"192.168.2.1","src_port":54837,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00128{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":500,"source":"android.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 500/475 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 115592 bytes +~~ total detected protocols..: 60 +~~ total active/idle flows...: 67/67 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 5251847 bytes +~~ total memory freed........: 5251847 bytes +~~ total allocations/frees...: 59294/59294 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/anyconnect-vpn.pcap.out b/test/results/anyconnect-vpn.pcap.out index 3821fa757..c7fb0c6c5 100644 --- a/test/results/anyconnect-vpn.pcap.out +++ b/test/results/anyconnect-vpn.pcap.out @@ -616,3 +616,14 @@ 00506{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3001,"source":"anyconnect-vpn.pcap","alias":"nDPId-test","flow_id":48,"flow_packet_id":2,"flow_first_seen":1569687267799,"flow_last_seen":1569687267814,"flow_min_l4_payload_len":31,"flow_max_l4_payload_len":182,"flow_tot_l4_payload_len":213,"flow_avg_l4_payload_len":106,"midstream":0,"l3_proto":"ip4","src_ip":"10.0.0.227","dst_ip":"75.75.75.75","src_port":60341,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00506{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3001,"source":"anyconnect-vpn.pcap","alias":"nDPId-test","flow_id":45,"flow_packet_id":2,"flow_first_seen":1569687267481,"flow_last_seen":1569687267500,"flow_min_l4_payload_len":42,"flow_max_l4_payload_len":200,"flow_tot_l4_payload_len":242,"flow_avg_l4_payload_len":121,"midstream":0,"l3_proto":"ip4","src_ip":"10.0.0.227","dst_ip":"75.75.75.75","src_port":62427,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00136{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":3001,"source":"anyconnect-vpn.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 3001/2997 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 914499 bytes +~~ total detected protocols..: 60 +~~ total active/idle flows...: 72/72 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 5195705 bytes +~~ total memory freed........: 5195705 bytes +~~ total allocations/frees...: 61616/61616 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/anydesk-2.pcap.out b/test/results/anydesk-2.pcap.out index efbc23951..09d5f23a2 100644 --- a/test/results/anydesk-2.pcap.out +++ b/test/results/anydesk-2.pcap.out @@ -927,3 +927,14 @@ 00501{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2521,"source":"anydesk-2.pcap","alias":"nDPId-test","flow_id":2,"flow_packet_id":2,"flow_first_seen":1613977585542,"flow_last_seen":1613977585553,"flow_min_l4_payload_len":48,"flow_max_l4_payload_len":64,"flow_tot_l4_payload_len":112,"flow_avg_l4_payload_len":56,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.1.187","dst_ip":"192.168.1.1","src_port":55376,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00501{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2521,"source":"anydesk-2.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":2,"flow_first_seen":1613977585247,"flow_last_seen":1613977585260,"flow_min_l4_payload_len":48,"flow_max_l4_payload_len":64,"flow_tot_l4_payload_len":112,"flow_avg_l4_payload_len":56,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.1.187","dst_ip":"192.168.1.1","src_port":59511,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00131{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":2521,"source":"anydesk-2.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 2521/2083 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 268799 bytes +~~ total detected protocols..: 4 +~~ total active/idle flows...: 4/4 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4902324 bytes +~~ total memory freed........: 4902324 bytes +~~ total allocations/frees...: 60456/60456 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/anydesk.pcap.out b/test/results/anydesk.pcap.out index c946c4c5d..163a12c47 100644 --- a/test/results/anydesk.pcap.out +++ b/test/results/anydesk.pcap.out @@ -38,3 +38,14 @@ 00504{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6963,"source":"anydesk.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":20,"flow_first_seen":1591342198821,"flow_last_seen":1591342244652,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":159,"flow_tot_l4_payload_len":607,"flow_avg_l4_payload_len":30,"midstream":1,"l3_proto":"ip4","src_ip":"192.168.149.129","dst_ip":"51.83.239.144","src_port":36351,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00512{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6963,"source":"anydesk.pcap","alias":"nDPId-test","flow_id":2,"flow_packet_id":6943,"flow_first_seen":1591342199201,"flow_last_seen":1591342255171,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":1460,"flow_tot_l4_payload_len":2417415,"flow_avg_l4_payload_len":348,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.149.129","dst_ip":"51.83.238.219","src_port":43535,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00129{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":6963,"source":"anydesk.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 6963/6963 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 2557306 bytes +~~ total detected protocols..: 1 +~~ total active/idle flows...: 2/2 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 5043037 bytes +~~ total memory freed........: 5043037 bytes +~~ total allocations/frees...: 65332/65332 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/bad-dns-traffic.pcap.out b/test/results/bad-dns-traffic.pcap.out index 589180ebc..dcfdb5435 100644 --- a/test/results/bad-dns-traffic.pcap.out +++ b/test/results/bad-dns-traffic.pcap.out @@ -69,3 +69,14 @@ 00508{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":382,"source":"bad-dns-traffic.pcap","alias":"nDPId-test","flow_id":2,"flow_packet_id":255,"flow_first_seen":1486012635073,"flow_last_seen":1486012727540,"flow_min_l4_payload_len":53,"flow_max_l4_payload_len":283,"flow_tot_l4_payload_len":61305,"flow_avg_l4_payload_len":240,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.43.91","dst_ip":"4.2.2.4","src_port":56354,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00505{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":382,"source":"bad-dns-traffic.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":19,"flow_first_seen":1486012623234,"flow_last_seen":1486012630741,"flow_min_l4_payload_len":53,"flow_max_l4_payload_len":187,"flow_tot_l4_payload_len":1620,"flow_avg_l4_payload_len":85,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.43.91","dst_ip":"4.2.2.4","src_port":35966,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00136{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":382,"source":"bad-dns-traffic.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 382/382 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 86386 bytes +~~ total detected protocols..: 3 +~~ total active/idle flows...: 3/3 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4837465 bytes +~~ total memory freed........: 4837465 bytes +~~ total allocations/frees...: 58746/58746 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/badpackets.pcap.out b/test/results/badpackets.pcap.out index 7fe717fef..d09da0844 100644 --- a/test/results/badpackets.pcap.out +++ b/test/results/badpackets.pcap.out @@ -200,3 +200,14 @@ 00672{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":93,"source":"badpackets.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1495451915,"pkt_ts_usec":752227,"pkt_caplen":274,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":274,"pkt_l4_len":0,"pkt":"xDRrta3IeLr5aHlnCABFAAXcZssgAOcRVFmDTlH+zLpQ5QA1TRMGuBtHRUGFkwABAAAADAABCkhRMDFXRUYwMDEDRElSAkFEA0RMQQNNSUwAAAEAAcAeAAYAAQAAA2gALQhlYWdsZWliMcAbC3JhbmR5LnNtaXRowB53sikrAAAqMAAABDgACTqAAAADhMAeAC4AAQAAA2gAmwAGCAIAAAOEWS\/o5lkiq9Y2JANkbGEDbWlsAEPjY6zabVfm9vwk6mSh9m4kj9u7ZDlkxqtiglIZTh\/RONTC0jpNpQmC+rJg1+X5ptcybqG6dncq1KPvSJq3fG1w8VDIG7zJf7f6G9gikY9VMCGmBxLlsKtyxHORaw=="} 00176{"basic_event_id":9,"basic_event_name":"nDPI IPv4\/L4 payload detection failed","thread_id":0,"packet_id":93,"source":"badpackets.pcap","alias":"nDPId-test","l4_data_len":240} 00130{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":93,"source":"badpackets.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 93/0 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 0 bytes +~~ total detected protocols..: 0 +~~ total active/idle flows...: 0/0 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4816931 bytes +~~ total memory freed........: 4816931 bytes +~~ total allocations/frees...: 58355/58355 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/bitcoin.pcap.out b/test/results/bitcoin.pcap.out index 534055020..54f3590c3 100644 --- a/test/results/bitcoin.pcap.out +++ b/test/results/bitcoin.pcap.out @@ -108,3 +108,14 @@ 00538{"flow_event_id":4,"flow_event_name":"guessed","thread_id":0,"packet_id":637,"source":"bitcoin.pcap","alias":"nDPId-test","flow_id":2,"flow_packet_id":139,"flow_first_seen":1301328089970,"flow_last_seen":1301328420526,"flow_min_l4_payload_len":20,"flow_max_l4_payload_len":1448,"flow_tot_l4_payload_len":182136,"flow_avg_l4_payload_len":1310,"midstream":1,"l3_proto":"ip4","src_ip":"192.168.1.142","dst_ip":"69.118.54.122","src_port":55328,"dst_port":8333,"l4_proto":"tcp","ndpi": {"proto":"Mining","breed":"Unsafe","category":"Mining"}} 00511{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":637,"source":"bitcoin.pcap","alias":"nDPId-test","flow_id":2,"flow_packet_id":139,"flow_first_seen":1301328089970,"flow_last_seen":1301328420526,"flow_min_l4_payload_len":20,"flow_max_l4_payload_len":1448,"flow_tot_l4_payload_len":182136,"flow_avg_l4_payload_len":1310,"midstream":1,"l3_proto":"ip4","src_ip":"192.168.1.142","dst_ip":"69.118.54.122","src_port":55328,"dst_port":8333,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00128{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":637,"source":"bitcoin.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 637/637 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 559416 bytes +~~ total detected protocols..: 0 +~~ total active/idle flows...: 6/6 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 9037776 bytes +~~ total memory freed........: 9037776 bytes +~~ total allocations/frees...: 59187/59187 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/bittorrent.pcap.out b/test/results/bittorrent.pcap.out index f61be8c94..ac1e0c137 100644 --- a/test/results/bittorrent.pcap.out +++ b/test/results/bittorrent.pcap.out @@ -179,3 +179,14 @@ 00505{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":299,"source":"bittorrent.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":2,"flow_first_seen":1455469967246,"flow_last_seen":1455469967465,"flow_min_l4_payload_len":68,"flow_max_l4_payload_len":558,"flow_tot_l4_payload_len":626,"flow_avg_l4_payload_len":313,"midstream":1,"l3_proto":"ip4","src_ip":"192.168.1.3","dst_ip":"82.58.216.115","src_port":52888,"dst_port":38305,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00508{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":299,"source":"bittorrent.pcap","alias":"nDPId-test","flow_id":10,"flow_packet_id":4,"flow_first_seen":1455469974358,"flow_last_seen":1455469976244,"flow_min_l4_payload_len":47,"flow_max_l4_payload_len":639,"flow_tot_l4_payload_len":1137,"flow_avg_l4_payload_len":284,"midstream":1,"l3_proto":"ip4","src_ip":"192.168.1.3","dst_ip":"82.58.216.115","src_port":52907,"dst_port":38305,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00131{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":299,"source":"bittorrent.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 299/299 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 295562 bytes +~~ total detected protocols..: 25 +~~ total active/idle flows...: 25/25 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4951506 bytes +~~ total memory freed........: 4951506 bytes +~~ total allocations/frees...: 58752/58752 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/bittorrent_ip.pcap.out b/test/results/bittorrent_ip.pcap.out index 4b4685462..ba235cd19 100644 --- a/test/results/bittorrent_ip.pcap.out +++ b/test/results/bittorrent_ip.pcap.out @@ -37,3 +37,14 @@ 00509{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":479,"source":"bittorrent_ip.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":48,"flow_first_seen":1492508985380,"flow_last_seen":1492508985594,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":1448,"flow_tot_l4_payload_len":34752,"flow_avg_l4_payload_len":724,"midstream":1,"l3_proto":"ip4","src_ip":"185.56.20.36","dst_ip":"10.0.0.14","src_port":53646,"dst_port":35030,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00512{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":479,"source":"bittorrent_ip.pcap","alias":"nDPId-test","flow_id":2,"flow_packet_id":255,"flow_first_seen":1492508991649,"flow_last_seen":1492508994096,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":1448,"flow_tot_l4_payload_len":259192,"flow_avg_l4_payload_len":1016,"midstream":1,"l3_proto":"ip4","src_ip":"77.222.174.20","dst_ip":"10.0.0.14","src_port":2866,"dst_port":46610,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00134{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":479,"source":"bittorrent_ip.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 479/479 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 491732 bytes +~~ total detected protocols..: 1 +~~ total active/idle flows...: 2/2 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 6256758 bytes +~~ total memory freed........: 6256758 bytes +~~ total allocations/frees...: 58894/58894 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/bittorrent_utp.pcap.out b/test/results/bittorrent_utp.pcap.out index b1e568d66..6e6a1d530 100644 --- a/test/results/bittorrent_utp.pcap.out +++ b/test/results/bittorrent_utp.pcap.out @@ -18,3 +18,14 @@ 00440{"flow_id":1,"flow_packet_id":15,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":15,"source":"bittorrent_utp.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1456385040,"pkt_ts_usec":807007,"pkt_caplen":68,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":68,"pkt_l4_len":34,"pkt":"LFbcjDU0xCwDBkn+CABFAAA2viAAAEARAADAqAEFUvNxK5\/\/\/ckAIoX\/IQFTAgcHYOz2ERRIAADwAEnJ5\/cABAEAAAA="} 00513{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":86,"source":"bittorrent_utp.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":86,"flow_first_seen":1456385034843,"flow_last_seen":1456385054059,"flow_min_l4_payload_len":20,"flow_max_l4_payload_len":1472,"flow_tot_l4_payload_len":37877,"flow_avg_l4_payload_len":440,"midstream":0,"l3_proto":"ip4","src_ip":"82.243.113.43","dst_ip":"192.168.1.5","src_port":64969,"dst_port":40959,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00134{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":86,"source":"bittorrent_utp.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 86/86 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 38565 bytes +~~ total detected protocols..: 1 +~~ total active/idle flows...: 1/1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4822577 bytes +~~ total memory freed........: 4822577 bytes +~~ total allocations/frees...: 58444/58444 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/bt_search.pcap.out b/test/results/bt_search.pcap.out index 1d04265b1..27a7c1bad 100644 --- a/test/results/bt_search.pcap.out +++ b/test/results/bt_search.pcap.out @@ -8,3 +8,14 @@ 00583{"flow_event_id":5,"flow_event_name":"detected","thread_id":0,"packet_id":2,"source":"bt_search.pcap","alias":"nDPId-test","flow_id":2,"flow_packet_id":1,"flow_first_seen":1430752525284,"flow_last_seen":0,"flow_min_l4_payload_len":119,"flow_max_l4_payload_len":119,"flow_tot_l4_payload_len":119,"flow_avg_l4_payload_len":119,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.0.102","dst_ip":"239.192.152.143","src_port":6771,"dst_port":6771,"l4_proto":"udp","ndpi": {"proto":"BitTorrent","breed":"Acceptable","category":"Download-FileTransfer-FileSharing"},"bittorrent": {"hash":""}} 00494{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2,"source":"bt_search.pcap","alias":"nDPId-test","flow_id":2,"flow_packet_id":1,"flow_first_seen":1430752525284,"flow_last_seen":0,"flow_min_l4_payload_len":119,"flow_max_l4_payload_len":119,"flow_tot_l4_payload_len":119,"flow_avg_l4_payload_len":119,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.0.102","dst_ip":"239.192.152.143","src_port":6771,"dst_port":6771,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00128{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":2,"source":"bt_search.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 2/2 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 254 bytes +~~ total detected protocols..: 2 +~~ total active/idle flows...: 2/2 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4823293 bytes +~~ total memory freed........: 4823293 bytes +~~ total allocations/frees...: 58363/58363 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/capwap.pcap.out b/test/results/capwap.pcap.out index 0fb91cb72..800735f42 100644 --- a/test/results/capwap.pcap.out +++ b/test/results/capwap.pcap.out @@ -70,3 +70,14 @@ 00507{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":422,"source":"capwap.pcap","alias":"nDPId-test","flow_id":4,"flow_packet_id":217,"flow_first_seen":1422329005767,"flow_last_seen":1422329174862,"flow_min_l4_payload_len":64,"flow_max_l4_payload_len":1457,"flow_tot_l4_payload_len":54560,"flow_avg_l4_payload_len":251,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.10.9","dst_ip":"192.168.10.10","src_port":5246,"dst_port":12380,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00506{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":422,"source":"capwap.pcap","alias":"nDPId-test","flow_id":5,"flow_packet_id":173,"flow_first_seen":1422329017533,"flow_last_seen":1422329175528,"flow_min_l4_payload_len":51,"flow_max_l4_payload_len":428,"flow_tot_l4_payload_len":26636,"flow_avg_l4_payload_len":153,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.10.10","dst_ip":"192.168.10.9","src_port":12380,"dst_port":5247,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00127{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":422,"source":"capwap.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 422/397 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 85011 bytes +~~ total detected protocols..: 5 +~~ total active/idle flows...: 5/5 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4844204 bytes +~~ total memory freed........: 4844204 bytes +~~ total allocations/frees...: 58767/58767 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/check_mk_new.pcap.out b/test/results/check_mk_new.pcap.out index 9bac9d6fe..041035da1 100644 --- a/test/results/check_mk_new.pcap.out +++ b/test/results/check_mk_new.pcap.out @@ -18,3 +18,14 @@ 00429{"flow_id":1,"flow_packet_id":15,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":15,"source":"check_mk_new.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1512031663,"pkt_ts_usec":740384,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"pkt":"RjIA9qTs8soKyPpECABFEAA0gw9AAEAGbgvAqGQWwKhkMuZ2GZzVcug4bqkFcIAQAPVJwAAAAQEICisMa0AWUVyf"} 00512{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":98,"source":"check_mk_new.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":98,"flow_first_seen":1512031663734,"flow_last_seen":1512031663775,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":4096,"flow_tot_l4_payload_len":13758,"flow_avg_l4_payload_len":140,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.100.22","dst_ip":"192.168.100.50","src_port":58998,"dst_port":6556,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00132{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":98,"source":"check_mk_new.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 98/98 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 16910 bytes +~~ total detected protocols..: 1 +~~ total active/idle flows...: 1/1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4822925 bytes +~~ total memory freed........: 4822925 bytes +~~ total allocations/frees...: 58456/58456 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/chrome.pcap.out b/test/results/chrome.pcap.out index 158750860..351a0c707 100644 --- a/test/results/chrome.pcap.out +++ b/test/results/chrome.pcap.out @@ -115,3 +115,14 @@ 00506{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":5633,"source":"chrome.pcap","alias":"nDPId-test","flow_id":5,"flow_packet_id":255,"flow_first_seen":1620902509274,"flow_last_seen":1620902515040,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":1440,"flow_tot_l4_payload_len":214304,"flow_avg_l4_payload_len":840,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.1.178","dst_ip":"146.48.58.18","src_port":64410,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00508{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":5633,"source":"chrome.pcap","alias":"nDPId-test","flow_id":6,"flow_packet_id":1199,"flow_first_seen":1620902509276,"flow_last_seen":1620902515049,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":1440,"flow_tot_l4_payload_len":1009870,"flow_avg_l4_payload_len":842,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.1.178","dst_ip":"146.48.58.18","src_port":64411,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00128{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":5633,"source":"chrome.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 5633/5633 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 4793635 bytes +~~ total detected protocols..: 6 +~~ total active/idle flows...: 6/6 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 5479666 bytes +~~ total memory freed........: 5479666 bytes +~~ total allocations/frees...: 64080/64080 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/coap_mqtt.pcap.out b/test/results/coap_mqtt.pcap.out index b7d16050c..c516349c6 100644 --- a/test/results/coap_mqtt.pcap.out +++ b/test/results/coap_mqtt.pcap.out @@ -187,3 +187,14 @@ 00511{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":8516,"source":"coap_mqtt.pcap","alias":"nDPId-test","flow_id":13,"flow_packet_id":1919,"flow_first_seen":1455907271483,"flow_last_seen":1455907286855,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":86,"flow_tot_l4_payload_len":61604,"flow_avg_l4_payload_len":32,"midstream":1,"l3_proto":"ip4","src_ip":"192.168.56.101","dst_ip":"192.168.56.1","src_port":17501,"dst_port":53524,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00511{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":8516,"source":"coap_mqtt.pcap","alias":"nDPId-test","flow_id":11,"flow_packet_id":1928,"flow_first_seen":1455907267002,"flow_last_seen":1455907286845,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":86,"flow_tot_l4_payload_len":61855,"flow_avg_l4_payload_len":32,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.56.1","dst_ip":"192.168.56.101","src_port":53528,"dst_port":17501,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00131{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":8516,"source":"coap_mqtt.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 8516/8514 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 454667 bytes +~~ total detected protocols..: 16 +~~ total active/idle flows...: 16/16 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 5122461 bytes +~~ total memory freed........: 5122461 bytes +~~ total allocations/frees...: 66921/66921 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/cpha.pcap.out b/test/results/cpha.pcap.out index 819138ff5..549768207 100644 --- a/test/results/cpha.pcap.out +++ b/test/results/cpha.pcap.out @@ -2,3 +2,14 @@ 00426{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":1,"source":"cpha.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1603354463,"pkt_ts_usec":286532,"pkt_caplen":96,"pkt_type":33024,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":96,"pkt_l4_len":0,"pkt":"AQBeFQMBAAAAAAEBgQAAFQgARQAATgAAAAD\/EQyKAAAAAKwVAwAftB+0ADpJ\/BqQDDEnhQABABZ5PgAB\/\/7gSgEAAAIAAQAACAoAAgADAAQAAAIECQAAAAkAAAAAAAIA"} 00145{"basic_event_id":5,"basic_event_name":"Unknown packet type","thread_id":0,"packet_id":1,"source":"cpha.pcap","alias":"nDPId-test","type":33024} 00123{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":1,"source":"cpha.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 1/0 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 0 bytes +~~ total detected protocols..: 0 +~~ total active/idle flows...: 0/0 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4816931 bytes +~~ total memory freed........: 4816931 bytes +~~ total allocations/frees...: 58355/58355 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/dcerpc.pcap.out b/test/results/dcerpc.pcap.out index 09b078362..d38a7b6c6 100644 --- a/test/results/dcerpc.pcap.out +++ b/test/results/dcerpc.pcap.out @@ -28,3 +28,14 @@ 00503{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":16,"source":"dcerpc.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":6,"flow_first_seen":1602860709979,"flow_last_seen":1602860710032,"flow_min_l4_payload_len":132,"flow_max_l4_payload_len":953,"flow_tot_l4_payload_len":3454,"flow_avg_l4_payload_len":575,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.1.11","dst_ip":"192.168.1.20","src_port":49155,"dst_port":34964,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00502{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":16,"source":"dcerpc.pcap","alias":"nDPId-test","flow_id":3,"flow_packet_id":2,"flow_first_seen":1602860710063,"flow_last_seen":1602860710063,"flow_min_l4_payload_len":132,"flow_max_l4_payload_len":132,"flow_tot_l4_payload_len":264,"flow_avg_l4_payload_len":132,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.1.20","dst_ip":"192.168.1.11","src_port":49162,"dst_port":34964,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00126{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":16,"source":"dcerpc.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 16/16 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 6322 bytes +~~ total detected protocols..: 4 +~~ total active/idle flows...: 4/4 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4830003 bytes +~~ total memory freed........: 4830003 bytes +~~ total allocations/frees...: 58383/58383 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/diameter.pcap.out b/test/results/diameter.pcap.out index af5302a33..a3da6b17d 100644 --- a/test/results/diameter.pcap.out +++ b/test/results/diameter.pcap.out @@ -9,3 +9,14 @@ 00536{"flow_event_id":4,"flow_event_name":"guessed","thread_id":0,"packet_id":6,"source":"diameter.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":6,"flow_first_seen":1263278878271,"flow_last_seen":1263278878357,"flow_min_l4_payload_len":172,"flow_max_l4_payload_len":360,"flow_tot_l4_payload_len":1656,"flow_avg_l4_payload_len":276,"midstream":1,"l3_proto":"ip4","src_ip":"10.201.9.245","dst_ip":"10.201.9.11","src_port":50957,"dst_port":3868,"l4_proto":"tcp","ndpi": {"proto":"Diameter","breed":"Acceptable","category":"Network"}} 00502{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6,"source":"diameter.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":6,"flow_first_seen":1263278878271,"flow_last_seen":1263278878357,"flow_min_l4_payload_len":172,"flow_max_l4_payload_len":360,"flow_tot_l4_payload_len":1656,"flow_avg_l4_payload_len":276,"midstream":1,"l3_proto":"ip4","src_ip":"10.201.9.245","dst_ip":"10.201.9.11","src_port":50957,"dst_port":3868,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00127{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":6,"source":"diameter.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 6/6 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 1776 bytes +~~ total detected protocols..: 0 +~~ total active/idle flows...: 1/1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4822305 bytes +~~ total memory freed........: 4822305 bytes +~~ total allocations/frees...: 58365/58365 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/dlt_ppp.pcap.out b/test/results/dlt_ppp.pcap.out index c93cf2556..c2dfd05b4 100644 --- a/test/results/dlt_ppp.pcap.out +++ b/test/results/dlt_ppp.pcap.out @@ -2,3 +2,14 @@ 01957{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":1,"source":"dlt_ppp.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1,"pkt_ts_usec":31048,"pkt_caplen":1230,"pkt_type":33,"pkt_l3_offset":2,"pkt_l4_offset":0,"pkt_len":1230,"pkt_l4_len":0,"pkt":"ACFFAgTMQT1AAD8RDTPBpwD8wadkZKwzAbsEuAAAz\/8AAB0MtxIpOpsU8gzQWdyoBJhpwdcARJZ0OsZN0bl8VJfvOykoeuttM0eMWHJwpGpOPAqWh0GUfp9IIe82zPEOJxxbudM5\/pOWImGkMJYnZKC4oc+Wie817ZluT3qGlbT6FmvR7wgU3ZlqiJlO4+0DRHL4d\/DzL3RfCdhaKCfxoviWr9OOaF9xayHBTgloTkVIbSLderihnwr+mk7qqrStghVdXJFtnOWHTzAMdmPpzaY99oTPzZwWklZzjG9W5shdxiA8ok\/3pt2WMY3QJIDzbHzKP+7ZsLr5YGFFIYxx1JspmQXO5+U3jVl43o7+huGmMmGYHNdWbRYYgFoAkcV642cnCac+cZPVd9ar\/XFRGfd\/WaFVK+zvTNX+exQ7Y3ZIotGRLaPFvGpj3H1W9HNWBEKODu7hETU2OX\/NaZuNjAbfxxKVTC9o6LUxoTVjag4leuFawG3pE6XLxFh9fenfXyYspIGy40nX701+znmPySuhrrYghEKqHVTFz\/fjb5y59pxDqwfx2gz+0tLjNRNMLdNY1Ag+BpNZPQBZDxS1Q4nlCfUqLKWSJpEsd+mHyUC3pRaolG8Jpu68ULGXjJ4ZKS7952WY2QtbjEtiMSGVNPERp0foW+HREy8qKb+tFgJ65NsBWY0E9\/jJGGpFUnix\/C7BDjtX\/ZgK9gfyvVQabBdj7mBntuOhNmnilWaVEIOX7CKCv2V+0LQWQOOVtmTWBQy0XrnBP7R005Av3+pdvoITeQ2zEo762fyDmFlboLbmiVV7z4cyXPPQL6MPya78HzZSLTnm3Xxv8O87bNxZE+T0J9baS33P9HRocrLvAjLFAWSMQbXzM6RAx0uu2+2kxSt4LNQRr+Nvhj9iZm0i+9tU23DVWOg6UFW+uqUPF0ds+jp9XdVBP+b6UC3e79iGd\/QTg4M7OYt7pt75ojnbr+ZjxHE8B0GZ1bPhHUhQ\/439iohTEuvizuLosg\/9ETTUUdbasnXh9D\/+SO51ABAnZvM6SDJ1pj177GYIwa\/ZqyWvarQpS41HFFKu4RYpQHjOT56xqgSjrLEWXyerkTEX8shaJqUzTf0hupuyCJ\/APa3545+ZYzvcCDGD7g4mx1kJ6bCPcx5s\/v5xv0RJBodp9K1hK4v\/DTDZxZGtU5gN0XXnA0WlvhheGJ1S\/ZaCizvBvbTeu8i2DUwd4Wme2LeIVwWL1YRsoozl32VaoHYmsfd7GuS4nwcSIq7qOKc\/v0ngj3r3ND1Z2VcoyXNbqPLJo2kpXaoXlSfOfSzoS+BYoeB3qst\/3RnzIpMan+YfjUUqTAsAH+lgJatdqf9zS60Yl5fSUpCDIosbThj4VOLqNKWrLQjA8v+93FIA3\/NFEDMSuNxj605kSA9S9GRrTJHsR5osW14O2xZRF\/BiXyz77L3\/OW35KvEzzuGXD5Apmt9048cnckQ+W8pGZui61Z81+NpEDiVl5\/7woKFPqgJn9vKV42rT4DXlRToJ8qpzLeevd936RndwoN8DMGcbfT7BT7\/CndBaHTk\/Xoi\/g0FlSSofCargF+zZqnP61iuG15DY\/IC7bC0k3NnOEoXpUUSiCOrtQOJtDXQygOL8Gb9V"} 00149{"basic_event_id":2,"basic_event_name":"Unknown L3 protocol","thread_id":0,"packet_id":1,"source":"dlt_ppp.pcap","alias":"nDPId-test","protocol":33} 00126{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":1,"source":"dlt_ppp.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 1/0 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 0 bytes +~~ total detected protocols..: 0 +~~ total active/idle flows...: 0/0 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4816931 bytes +~~ total memory freed........: 4816931 bytes +~~ total allocations/frees...: 58355/58355 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/dnp3.pcap.out b/test/results/dnp3.pcap.out index 805c5c17a..29debf9fa 100644 --- a/test/results/dnp3.pcap.out +++ b/test/results/dnp3.pcap.out @@ -144,3 +144,14 @@ 00488{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":543,"source":"dnp3.pcap","alias":"nDPId-test","flow_id":6,"flow_packet_id":27,"flow_first_seen":1097510947092,"flow_last_seen":1097510959487,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":24,"flow_tot_l4_payload_len":195,"flow_avg_l4_payload_len":7,"midstream":0,"l3_proto":"ip4","src_ip":"10.0.0.8","dst_ip":"10.0.0.3","src_port":1159,"dst_port":20000,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00488{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":543,"source":"dnp3.pcap","alias":"nDPId-test","flow_id":7,"flow_packet_id":33,"flow_first_seen":1097512255234,"flow_last_seen":1097512267645,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":24,"flow_tot_l4_payload_len":297,"flow_avg_l4_payload_len":9,"midstream":0,"l3_proto":"ip4","src_ip":"10.0.0.8","dst_ip":"10.0.0.3","src_port":1184,"dst_port":20000,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00125{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":543,"source":"dnp3.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 543/543 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 19032 bytes +~~ total detected protocols..: 8 +~~ total active/idle flows...: 8/8 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4859942 bytes +~~ total memory freed........: 4859942 bytes +~~ total allocations/frees...: 58923/58923 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/dns-tunnel-iodine.pcap.out b/test/results/dns-tunnel-iodine.pcap.out index 5b21fcd82..581cdf68a 100644 --- a/test/results/dns-tunnel-iodine.pcap.out +++ b/test/results/dns-tunnel-iodine.pcap.out @@ -24,3 +24,14 @@ 00761{"flow_event_id":6,"flow_event_name":"detection-update","thread_id":0,"packet_id":259,"source":"dns-tunnel-iodine.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":255,"flow_first_seen":1282356640051,"flow_last_seen":1282356654812,"flow_min_l4_payload_len":40,"flow_max_l4_payload_len":1470,"flow_tot_l4_payload_len":35494,"flow_avg_l4_payload_len":139,"midstream":0,"l3_proto":"ip4","src_ip":"10.0.2.30","dst_ip":"10.0.2.20","src_port":44639,"dst_port":53,"l4_proto":"udp","ndpi": {"flow_risk": {"16":"Suspicious DGA domain name","23":"Suspicious DNS traffic"},"proto":"DNS","breed":"Acceptable","category":"Network"},"dns": {"query":"yrbi02.pirate.sea","num_queries":1,"num_answers":1,"reply_code":0,"query_type":10,"rsp_type":10,"rsp_addr":"0.0.0.0"}} 00509{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":438,"source":"dns-tunnel-iodine.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":255,"flow_first_seen":1282356640051,"flow_last_seen":1282356664538,"flow_min_l4_payload_len":40,"flow_max_l4_payload_len":1470,"flow_tot_l4_payload_len":35494,"flow_avg_l4_payload_len":139,"midstream":0,"l3_proto":"ip4","src_ip":"10.0.2.30","dst_ip":"10.0.2.20","src_port":44639,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00138{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":438,"source":"dns-tunnel-iodine.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 438/434 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 55496 bytes +~~ total detected protocols..: 1 +~~ total active/idle flows...: 1/1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4832669 bytes +~~ total memory freed........: 4832669 bytes +~~ total allocations/frees...: 58792/58792 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/dns_doh.pcap.out b/test/results/dns_doh.pcap.out index b1b8dab2c..40ef356d1 100644 --- a/test/results/dns_doh.pcap.out +++ b/test/results/dns_doh.pcap.out @@ -19,3 +19,14 @@ 00518{"flow_id":1,"flow_packet_id":15,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":15,"source":"dns_doh.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1571089200,"pkt_ts_usec":997306,"pkt_caplen":133,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":133,"pkt_l4_len":99,"pkt":"WkBO7NFkeDHBvV4kCABFAAB3AABAAEAGI1+sFAoEaBD4+cLVAbuk7FwFymHoGFAYEACdtAAAFwMDAEqnnHxUsCqmPBkBxfdKmS1LGWAClj9T3prwE3TeVTsVPs4vesfDED+gBYka+2qIBZHm9ndhgvy1QPO4+xzZ0FzqwIc8Gf+UTIjqXQ=="} 00505{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":142,"source":"dns_doh.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":142,"flow_first_seen":1571089200789,"flow_last_seen":1571089204031,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":1300,"flow_tot_l4_payload_len":12658,"flow_avg_l4_payload_len":89,"midstream":0,"l3_proto":"ip4","src_ip":"172.20.10.4","dst_ip":"104.16.248.249","src_port":49877,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00128{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":142,"source":"dns_doh.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 142/142 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 15534 bytes +~~ total detected protocols..: 1 +~~ total active/idle flows...: 1/1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4831676 bytes +~~ total memory freed........: 4831676 bytes +~~ total allocations/frees...: 58505/58505 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/dns_dot.pcap.out b/test/results/dns_dot.pcap.out index c968c5f48..999110dd3 100644 --- a/test/results/dns_dot.pcap.out +++ b/test/results/dns_dot.pcap.out @@ -19,3 +19,14 @@ 00457{"flow_id":1,"flow_packet_id":15,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":15,"source":"dns_dot.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1572783664,"pkt_ts_usec":523258,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"pkt":"uCfrK5DxCAAnjau+CABFAABLw69AAEAGpIzAqAG5CAgICOOyA1VVRP1o7jtZWoAYAfXSrgAAAQEICiovmhuOOwBjFwMDABI82N\/gUdWtanJsd6FACr8N0eU="} 00498{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":24,"source":"dns_dot.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":24,"flow_first_seen":1572783663234,"flow_last_seen":1572783666246,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":3069,"flow_tot_l4_payload_len":4269,"flow_avg_l4_payload_len":177,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.1.185","dst_ip":"8.8.8.8","src_port":58290,"dst_port":853,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00127{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":24,"source":"dns_dot.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 24/24 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 5053 bytes +~~ total detected protocols..: 1 +~~ total active/idle flows...: 1/1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4826214 bytes +~~ total memory freed........: 4826214 bytes +~~ total allocations/frees...: 58391/58391 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/dns_exfiltration.pcap.out b/test/results/dns_exfiltration.pcap.out index 8d165f947..e961e9290 100644 --- a/test/results/dns_exfiltration.pcap.out +++ b/test/results/dns_exfiltration.pcap.out @@ -24,3 +24,14 @@ 00799{"flow_event_id":6,"flow_event_name":"detection-update","thread_id":0,"packet_id":255,"source":"dns_exfiltration.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":255,"flow_first_seen":1580978146717,"flow_last_seen":1580978206666,"flow_min_l4_payload_len":59,"flow_max_l4_payload_len":344,"flow_tot_l4_payload_len":48096,"flow_avg_l4_payload_len":188,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.220.56","dst_ip":"192.168.203.167","src_port":56373,"dst_port":53,"l4_proto":"udp","ndpi": {"flow_risk": {"16":"Suspicious DGA domain name"},"proto":"DNS","breed":"Acceptable","category":"Network"},"dns": {"query":"dnscat.a35c00f5005703c8b1b8cd000118b52347aeb1d73340c97cca43c34b27cf.edf0dbda","num_queries":1,"num_answers":1,"reply_code":0,"query_type":15,"rsp_type":15,"rsp_addr":"0.0.0.0"}} 00518{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":300,"source":"dns_exfiltration.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":255,"flow_first_seen":1580978146717,"flow_last_seen":1580978206707,"flow_min_l4_payload_len":59,"flow_max_l4_payload_len":344,"flow_tot_l4_payload_len":48096,"flow_avg_l4_payload_len":188,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.220.56","dst_ip":"192.168.203.167","src_port":56373,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00137{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":300,"source":"dns_exfiltration.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 300/300 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 63345 bytes +~~ total detected protocols..: 1 +~~ total active/idle flows...: 1/1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4828783 bytes +~~ total memory freed........: 4828783 bytes +~~ total allocations/frees...: 58658/58658 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/dns_long_domainname.pcap.out b/test/results/dns_long_domainname.pcap.out index 54d02e35e..969a1a452 100644 --- a/test/results/dns_long_domainname.pcap.out +++ b/test/results/dns_long_domainname.pcap.out @@ -6,3 +6,14 @@ 00707{"flow_event_id":6,"flow_event_name":"detection-update","thread_id":0,"packet_id":2,"source":"dns_long_domainname.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":2,"flow_first_seen":1599686652555,"flow_last_seen":1599686652578,"flow_min_l4_payload_len":61,"flow_max_l4_payload_len":117,"flow_tot_l4_payload_len":178,"flow_avg_l4_payload_len":89,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.1.168","dst_ip":"8.8.8.8","src_port":65311,"dst_port":53,"l4_proto":"udp","ndpi": {"proto":"DNS.Google","breed":"Tracker\/Ads","category":"Web"},"dns": {"query":"gmr02c.16.0.fhkfhsdkfhsk.tunnel.example.com","num_queries":1,"num_answers":1,"reply_code":3,"query_type":1,"rsp_type":0,"rsp_addr":"0.0.0.0"}} 00505{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2,"source":"dns_long_domainname.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":2,"flow_first_seen":1599686652555,"flow_last_seen":1599686652578,"flow_min_l4_payload_len":61,"flow_max_l4_payload_len":117,"flow_tot_l4_payload_len":178,"flow_avg_l4_payload_len":89,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.1.168","dst_ip":"8.8.8.8","src_port":65311,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00138{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":2,"source":"dns_long_domainname.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 2/2 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 194 bytes +~~ total detected protocols..: 1 +~~ total active/idle flows...: 1/1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4820141 bytes +~~ total memory freed........: 4820141 bytes +~~ total allocations/frees...: 58360/58360 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/dnscrypt-v1-and-resolver-pings.pcap.out b/test/results/dnscrypt-v1-and-resolver-pings.pcap.out index 50495673f..f43ed50d8 100644 --- a/test/results/dnscrypt-v1-and-resolver-pings.pcap.out +++ b/test/results/dnscrypt-v1-and-resolver-pings.pcap.out @@ -1481,3 +1481,14 @@ 00520{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":608,"source":"dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":250,"flow_packet_id":2,"flow_first_seen":946739727013,"flow_last_seen":946739727039,"flow_min_l4_payload_len":176,"flow_max_l4_payload_len":576,"flow_tot_l4_payload_len":752,"flow_avg_l4_payload_len":376,"midstream":0,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"51.15.62.65","src_port":33089,"dst_port":443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00520{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":608,"source":"dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":251,"flow_packet_id":2,"flow_first_seen":946739861286,"flow_last_seen":946739861499,"flow_min_l4_payload_len":176,"flow_max_l4_payload_len":576,"flow_tot_l4_payload_len":752,"flow_avg_l4_payload_len":376,"midstream":0,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"51.15.62.65","src_port":40675,"dst_port":443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00151{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":608,"source":"dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 608/488 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 292970 bytes +~~ total detected protocols..: 251 +~~ total active/idle flows...: 251/251 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 5622235 bytes +~~ total memory freed........: 5622235 bytes +~~ total allocations/frees...: 59596/59596 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/dnscrypt-v2-doh.pcap.out b/test/results/dnscrypt-v2-doh.pcap.out index 8ff81b9b0..c8439c97c 100644 --- a/test/results/dnscrypt-v2-doh.pcap.out +++ b/test/results/dnscrypt-v2-doh.pcap.out @@ -620,3 +620,14 @@ 00508{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":577,"source":"dnscrypt-v2-doh.pcap","alias":"nDPId-test","flow_id":16,"flow_packet_id":15,"flow_first_seen":946739348961,"flow_last_seen":946739364914,"flow_min_l4_payload_len":24,"flow_max_l4_payload_len":2904,"flow_tot_l4_payload_len":5460,"flow_avg_l4_payload_len":364,"midstream":1,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"45.153.187.96","src_port":38018,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00508{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":577,"source":"dnscrypt-v2-doh.pcap","alias":"nDPId-test","flow_id":5,"flow_packet_id":17,"flow_first_seen":946739305016,"flow_last_seen":946739327879,"flow_min_l4_payload_len":24,"flow_max_l4_payload_len":2904,"flow_tot_l4_payload_len":5516,"flow_avg_l4_payload_len":324,"midstream":1,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"185.253.154.66","src_port":59404,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00136{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":577,"source":"dnscrypt-v2-doh.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 577/577 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 196960 bytes +~~ total detected protocols..: 34 +~~ total active/idle flows...: 34/34 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 5153442 bytes +~~ total memory freed........: 5153442 bytes +~~ total allocations/frees...: 59191/59191 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/doq.pcapng.out b/test/results/doq.pcapng.out index 0dbf3d6b0..cf4a6a45c 100644 --- a/test/results/doq.pcapng.out +++ b/test/results/doq.pcapng.out @@ -26,3 +26,14 @@ 00443{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":20,"source":"doq.pcapng","alias":"nDPId-test","flow_id":2,"flow_packet_id":6,"flow_first_seen":1606056093260,"flow_last_seen":1606056096363,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":0,"flow_tot_l4_payload_len":0,"flow_avg_l4_payload_len":0,"midstream":0,"l3_proto":"ip6","src_ip":"::1","dst_ip":"::1","l4_proto":"icmp6","flow_datalink":1,"flow_max_packets":15} 00483{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":20,"source":"doq.pcapng","alias":"nDPId-test","flow_id":1,"flow_packet_id":14,"flow_first_seen":1606056093199,"flow_last_seen":1606056096363,"flow_min_l4_payload_len":55,"flow_max_l4_payload_len":1232,"flow_tot_l4_payload_len":3920,"flow_avg_l4_payload_len":280,"midstream":0,"l3_proto":"ip6","src_ip":"::1","dst_ip":"::1","src_port":47826,"dst_port":784,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00125{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":20,"source":"doq.pcapng","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 20/20 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 4878 bytes +~~ total detected protocols..: 2 +~~ total active/idle flows...: 2/2 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4829267 bytes +~~ total memory freed........: 4829267 bytes +~~ total allocations/frees...: 58393/58393 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/doq_adguard.pcapng.out b/test/results/doq_adguard.pcapng.out index 49e10561a..33f05d2fb 100644 --- a/test/results/doq_adguard.pcapng.out +++ b/test/results/doq_adguard.pcapng.out @@ -18,3 +18,14 @@ 00714{"flow_id":1,"flow_packet_id":15,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":15,"source":"doq_adguard.pcapng","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1608278425,"pkt_ts_usec":552488,"pkt_caplen":269,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":269,"pkt_l4_len":235,"pkt":"CL6sCxdumt9Y+uvcCABFAAD\/XadAAEARolvAqAypXowODqBuAxAA63Wt4f8AAB0ECv0qRBFd\/nzqdcW5fqNlTwscOQuxdUBAFgVCbN\/RWlf92Bi4xbsmestxwaOWzmLs0UOVup1GWKiJ0THmdCSxOUYMjjJQlUfCJ\/s8QbJV\/u5t7rXjjRFpv18K\/SpED3H7Bx4sBoyGtGJqEQTxS\/oeZBY\/wYowmf3EpJiUs1hRtfh+uoDwfq87X5glE18OQjoYidfBw7A4Umc8TkwRbDOR+jZ7zQbXe3U2zDrO2LQieDEhB+\/tUlVyGsn2PAgQPNlwZczAYXjqFOGeUuxU1TZ4wjfK6+evSSxkFUfwNAg="} 00514{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":296,"source":"doq_adguard.pcapng","alias":"nDPId-test","flow_id":1,"flow_packet_id":296,"flow_first_seen":1608278425043,"flow_last_seen":1608278463119,"flow_min_l4_payload_len":30,"flow_max_l4_payload_len":1252,"flow_tot_l4_payload_len":32013,"flow_avg_l4_payload_len":108,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.12.169","dst_ip":"94.140.14.14","src_port":41070,"dst_port":784,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00134{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":296,"source":"doq_adguard.pcapng","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 296/296 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 34381 bytes +~~ total detected protocols..: 1 +~~ total active/idle flows...: 1/1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4834071 bytes +~~ total memory freed........: 4834071 bytes +~~ total allocations/frees...: 58666/58666 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/dos_win98_smb_netbeui.pcap.out b/test/results/dos_win98_smb_netbeui.pcap.out index 8c227b0d7..41b0ce558 100644 --- a/test/results/dos_win98_smb_netbeui.pcap.out +++ b/test/results/dos_win98_smb_netbeui.pcap.out @@ -382,3 +382,14 @@ 00516{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":220,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":14,"flow_first_seen":1576409797553,"flow_last_seen":1576409928060,"flow_min_l4_payload_len":68,"flow_max_l4_payload_len":68,"flow_tot_l4_payload_len":952,"flow_avg_l4_payload_len":68,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.239.129","dst_ip":"192.168.239.2","src_port":137,"dst_port":137,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00522{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":220,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","flow_id":7,"flow_packet_id":12,"flow_first_seen":1576409867606,"flow_last_seen":1576409923353,"flow_min_l4_payload_len":177,"flow_max_l4_payload_len":207,"flow_tot_l4_payload_len":2262,"flow_avg_l4_payload_len":188,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.239.129","dst_ip":"192.168.239.255","src_port":138,"dst_port":138,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00142{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":220,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 220/62 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 6441 bytes +~~ total detected protocols..: 7 +~~ total active/idle flows...: 7/7 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4840793 bytes +~~ total memory freed........: 4840793 bytes +~~ total allocations/frees...: 58438/58438 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/drda_db2.pcap.out b/test/results/drda_db2.pcap.out index d750ad94d..8eb47c050 100644 --- a/test/results/drda_db2.pcap.out +++ b/test/results/drda_db2.pcap.out @@ -18,3 +18,14 @@ 00485{"flow_id":1,"flow_packet_id":15,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":15,"source":"drda_db2.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1175543773,"pkt_ts_usec":898676,"pkt_caplen":108,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":108,"pkt_l4_len":74,"pkt":"AFBWwAABAAwpfMZqCABFAABeel9AAEAGamjAqGqAwKhqAcNQEu\/9Xll6CrRsCVAYJEI06gAAACvQUgABACUiDAAGEUkABAAFIRUBABYhENToxMLyxMJAQEBAQEBAQEBAQAAL0AMAAQAFJAj\/"} 00506{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":38,"source":"drda_db2.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":38,"flow_first_seen":1175543772220,"flow_last_seen":1175543810683,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":663,"flow_tot_l4_payload_len":4623,"flow_avg_l4_payload_len":121,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.106.1","dst_ip":"192.168.106.128","src_port":4847,"dst_port":50000,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00128{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":38,"source":"drda_db2.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 38/38 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 5399 bytes +~~ total detected protocols..: 1 +~~ total active/idle flows...: 1/1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4823233 bytes +~~ total memory freed........: 4823233 bytes +~~ total allocations/frees...: 58397/58397 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/dropbox.pcap.out b/test/results/dropbox.pcap.out index 88d9fbb9c..6e9ef81c3 100644 --- a/test/results/dropbox.pcap.out +++ b/test/results/dropbox.pcap.out @@ -171,3 +171,14 @@ 00508{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":848,"source":"dropbox.pcap","alias":"nDPId-test","flow_id":18,"flow_packet_id":3,"flow_first_seen":1535391651168,"flow_last_seen":1535391682513,"flow_min_l4_payload_len":163,"flow_max_l4_payload_len":163,"flow_tot_l4_payload_len":489,"flow_avg_l4_payload_len":163,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.1.64","dst_ip":"255.255.255.255","src_port":17500,"dst_port":17500,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00506{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":848,"source":"dropbox.pcap","alias":"nDPId-test","flow_id":19,"flow_packet_id":3,"flow_first_seen":1535391651170,"flow_last_seen":1535391682514,"flow_min_l4_payload_len":163,"flow_max_l4_payload_len":163,"flow_tot_l4_payload_len":489,"flow_avg_l4_payload_len":163,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.1.64","dst_ip":"192.168.1.255","src_port":17500,"dst_port":17500,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00128{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":848,"source":"dropbox.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 848/848 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 61700 bytes +~~ total detected protocols..: 19 +~~ total active/idle flows...: 19/19 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4901411 bytes +~~ total memory freed........: 4901411 bytes +~~ total allocations/frees...: 59260/59260 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/dtls.pcap.out b/test/results/dtls.pcap.out index 0fe16ba80..cb2458e7e 100644 --- a/test/results/dtls.pcap.out +++ b/test/results/dtls.pcap.out @@ -5,3 +5,14 @@ 00599{"flow_id":1,"flow_packet_id":2,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2,"source":"dtls.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1545143424,"pkt_ts_usec":891780,"pkt_caplen":197,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":197,"pkt_l4_len":163,"pkt":"WLEPD4fwhLVBbZhoCABFAAC3FtBAAEARhxHAqA3LwKgNOZ8j3MMAozuLFv7\/AAAAAAAAAAAAjgEAAIIAAAAAAAAAgv79zrBtKgTLKhUXwuJm7W22k25ueldyqs3Q4tvQaM4mc34AAAAYwCvAL8ypzKjACcATwArAFACcAC8ANQAKAQAAQP8BAAEAABcAAAAjAAAADQAUABIEAwgEBAEFAwgFBQEIBgYBAgEADgAFAAIAAQAACwACAQAACgAIAAYAHQAXABg="} 00502{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2,"source":"dtls.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":2,"flow_first_seen":1545143424891,"flow_last_seen":1545143424891,"flow_min_l4_payload_len":155,"flow_max_l4_payload_len":155,"flow_tot_l4_payload_len":310,"flow_avg_l4_payload_len":155,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.13.203","dst_ip":"192.168.13.57","src_port":40739,"dst_port":56515,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00123{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":2,"source":"dtls.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 2/2 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 326 bytes +~~ total detected protocols..: 1 +~~ total active/idle flows...: 1/1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4820141 bytes +~~ total memory freed........: 4820141 bytes +~~ total allocations/frees...: 58360/58360 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/dtls2.pcap.out b/test/results/dtls2.pcap.out index 630ba2656..56d57a15c 100644 --- a/test/results/dtls2.pcap.out +++ b/test/results/dtls2.pcap.out @@ -19,3 +19,14 @@ 00546{"flow_id":1,"flow_packet_id":15,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":15,"source":"dtls2.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1507911706,"pkt_ts_usec":647553,"pkt_caplen":151,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":151,"pkt_l4_len":117,"pkt":"AAAAjZtQSEb7zh73CABFAACJ2GUAAD8RTNk9RG6Z1CDWJ8818BEAdWojF\/7\/AAEAAAAAAAQAYPlR045oqJCgSMh7ALVP58tRoxRJJZfJelm4LrwIvz5OUnOverhJu\/z67oZASGIM5zE03Z8YpZZX+V95itxyIN8Rawc56lHbJd\/wSy1wkJnsupWPJbKTGAml7J4a\/LW8KA=="} 00504{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":30,"source":"dtls2.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":30,"flow_first_seen":1507911659748,"flow_last_seen":1507912041896,"flow_min_l4_payload_len":60,"flow_max_l4_payload_len":825,"flow_tot_l4_payload_len":3731,"flow_avg_l4_payload_len":124,"midstream":0,"l3_proto":"ip4","src_ip":"61.68.110.153","dst_ip":"212.32.214.39","src_port":53045,"dst_port":61457,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00125{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":30,"source":"dtls2.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 30/30 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 3971 bytes +~~ total detected protocols..: 1 +~~ total active/idle flows...: 1/1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4820997 bytes +~~ total memory freed........: 4820997 bytes +~~ total allocations/frees...: 58390/58390 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/dtls_certificate_fragments.pcap.out b/test/results/dtls_certificate_fragments.pcap.out index b32adcf25..37bfdc5f3 100644 --- a/test/results/dtls_certificate_fragments.pcap.out +++ b/test/results/dtls_certificate_fragments.pcap.out @@ -19,3 +19,14 @@ 00714{"flow_id":1,"flow_packet_id":15,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":15,"source":"dtls_certificate_fragments.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1556606276,"pkt_ts_usec":388085,"pkt_caplen":263,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":263,"pkt_l4_len":229,"pkt":"AAAAp2BiAAAAtzPNCABFIAD54WRAAD4RKcgj0juGCrrGla2bmbMA5bs6F\/7\/AAEAAAAAAAMA0GXW0AV0AJtu0HPaz6RfzO9CZWHXd94kCiafP4nVscZ0fN+GHYFWd\/lv6OnyFN1LFbq1Hc1un3I8EQgIV9EyEXZymewAmNVoOpK44k\/X58OiRLTx0ka7NyiK8sq6JLUl1H2lAnGTrfQLPNzkrlc7KU7sQx922PVFO2GshX19R+IBXtxhY3LuWx5UHxgtU0Mm+AyZx3mijZlUhGlL7LgNUEQgZvTq+RIFlr5mZGDSlKzsQb3ZBrh4wmALuEwSh0ZOoyYhNEc53O0hzv2UAoIYxmQ="} 00527{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":20,"source":"dtls_certificate_fragments.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":20,"flow_first_seen":1556606275726,"flow_last_seen":1556606278645,"flow_min_l4_payload_len":48,"flow_max_l4_payload_len":1412,"flow_tot_l4_payload_len":5138,"flow_avg_l4_payload_len":256,"midstream":0,"l3_proto":"ip4","src_ip":"10.186.198.149","dst_ip":"35.210.59.134","src_port":39347,"dst_port":44443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00146{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":20,"source":"dtls_certificate_fragments.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 20/20 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 5298 bytes +~~ total detected protocols..: 1 +~~ total active/idle flows...: 1/1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4820663 bytes +~~ total memory freed........: 4820663 bytes +~~ total allocations/frees...: 58378/58378 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/dtls_session_id_and_coockie_both.pcap.out b/test/results/dtls_session_id_and_coockie_both.pcap.out index 1760625fb..f115c0591 100644 --- a/test/results/dtls_session_id_and_coockie_both.pcap.out +++ b/test/results/dtls_session_id_and_coockie_both.pcap.out @@ -8,3 +8,14 @@ 00870{"flow_event_id":6,"flow_event_name":"detection-update","thread_id":0,"packet_id":4,"source":"dtls_session_id_and_coockie_both.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":4,"flow_first_seen":1592388499775,"flow_last_seen":1592388499833,"flow_min_l4_payload_len":48,"flow_max_l4_payload_len":170,"flow_tot_l4_payload_len":436,"flow_avg_l4_payload_len":109,"midstream":0,"l3_proto":"ip4","src_ip":"185.196.113.239","dst_ip":"223.116.105.247","src_port":50257,"dst_port":44443,"l4_proto":"udp","ndpi": {"flow_risk": {"15":"TLS (probably) not carrying HTTPS","24":"SNI TLS extension was missing"},"proto":"DTLS","breed":"Safe","category":"Web"},"tls": {"version":"DTLSv1.2","client_requested_server_name":"","ja3":"e15c510766789ed8f49de0e37951c1da","ja3s":"a1d48eca741e476d8ee735578a26bdbd","unsafe_cipher":0,"cipher":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384"}} 00532{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":4,"source":"dtls_session_id_and_coockie_both.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":4,"flow_first_seen":1592388499775,"flow_last_seen":1592388499833,"flow_min_l4_payload_len":48,"flow_max_l4_payload_len":170,"flow_tot_l4_payload_len":436,"flow_avg_l4_payload_len":109,"midstream":0,"l3_proto":"ip4","src_ip":"185.196.113.239","dst_ip":"223.116.105.247","src_port":50257,"dst_port":44443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00151{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":4,"source":"dtls_session_id_and_coockie_both.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 4/4 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 468 bytes +~~ total detected protocols..: 1 +~~ total active/idle flows...: 1/1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4820199 bytes +~~ total memory freed........: 4820199 bytes +~~ total allocations/frees...: 58362/58362 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/encrypted_sni.pcap.out b/test/results/encrypted_sni.pcap.out index b3e0a6454..cef5f7b94 100644 --- a/test/results/encrypted_sni.pcap.out +++ b/test/results/encrypted_sni.pcap.out @@ -12,3 +12,14 @@ 00495{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3,"source":"encrypted_sni.pcap","alias":"nDPId-test","flow_id":3,"flow_packet_id":1,"flow_first_seen":1590680391590,"flow_last_seen":0,"flow_min_l4_payload_len":716,"flow_max_l4_payload_len":716,"flow_tot_l4_payload_len":716,"flow_avg_l4_payload_len":716,"midstream":1,"l3_proto":"ip4","src_ip":"192.168.1.12","dst_ip":"104.22.71.197","src_port":49897,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00496{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3,"source":"encrypted_sni.pcap","alias":"nDPId-test","flow_id":2,"flow_packet_id":1,"flow_first_seen":1590680387847,"flow_last_seen":0,"flow_min_l4_payload_len":716,"flow_max_l4_payload_len":716,"flow_tot_l4_payload_len":716,"flow_avg_l4_payload_len":716,"midstream":1,"l3_proto":"ip4","src_ip":"192.168.1.12","dst_ip":"104.16.125.175","src_port":49887,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00132{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":3,"source":"encrypted_sni.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 3/3 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 2208 bytes +~~ total detected protocols..: 3 +~~ total active/idle flows...: 3/3 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4834499 bytes +~~ total memory freed........: 4834499 bytes +~~ total allocations/frees...: 58379/58379 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/ethereum.pcap.out b/test/results/ethereum.pcap.out index 666c50960..bd158fd51 100644 --- a/test/results/ethereum.pcap.out +++ b/test/results/ethereum.pcap.out @@ -1027,3 +1027,14 @@ 00508{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2000,"source":"ethereum.pcap","alias":"nDPId-test","flow_id":39,"flow_packet_id":31,"flow_first_seen":1578508365009,"flow_last_seen":1578508365126,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":540,"flow_tot_l4_payload_len":1312,"flow_avg_l4_payload_len":42,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.1.184","dst_ip":"144.91.120.135","src_port":56641,"dst_port":30303,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00507{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2000,"source":"ethereum.pcap","alias":"nDPId-test","flow_id":33,"flow_packet_id":44,"flow_first_seen":1578508364824,"flow_last_seen":1578508365152,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":571,"flow_tot_l4_payload_len":1388,"flow_avg_l4_payload_len":31,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.1.184","dst_ip":"159.203.84.31","src_port":56634,"dst_port":30303,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00130{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":2000,"source":"ethereum.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 2000/2000 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 145756 bytes +~~ total detected protocols..: 71 +~~ total active/idle flows...: 74/74 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 5224931 bytes +~~ total memory freed........: 5224931 bytes +~~ total allocations/frees...: 60632/60632 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/exe_download.pcap.out b/test/results/exe_download.pcap.out index a980f25f7..459519e3d 100644 --- a/test/results/exe_download.pcap.out +++ b/test/results/exe_download.pcap.out @@ -19,3 +19,14 @@ 00414{"flow_id":1,"flow_packet_id":15,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":15,"source":"exe_download.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1569434051,"pkt_ts_usec":630369,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"pkt":"IOUqtpPxAAgCHEeuCABFAAAoALhAAIAGAIwKCRllkFtFw8ANAFC+hvi4Pu\/98VAQ+vAG2QAA"} 00509{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":703,"source":"exe_download.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":703,"flow_first_seen":1569434051004,"flow_last_seen":1569434056186,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":1460,"flow_tot_l4_payload_len":679485,"flow_avg_l4_payload_len":966,"midstream":0,"l3_proto":"ip4","src_ip":"10.9.25.101","dst_ip":"144.91.69.195","src_port":49165,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00133{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":703,"source":"exe_download.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 703/703 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 693561 bytes +~~ total detected protocols..: 1 +~~ total active/idle flows...: 1/1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4840550 bytes +~~ total memory freed........: 4840550 bytes +~~ total allocations/frees...: 59064/59064 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/exe_download_as_png.pcap.out b/test/results/exe_download_as_png.pcap.out index 01c86eae5..26441d85a 100644 --- a/test/results/exe_download_as_png.pcap.out +++ b/test/results/exe_download_as_png.pcap.out @@ -19,3 +19,14 @@ 02285{"flow_id":1,"flow_packet_id":15,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":15,"source":"exe_download_as_png.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1569434904,"pkt_ts_usec":56830,"pkt_caplen":1418,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1418,"pkt_l4_len":1384,"pkt":"AAgCHEeuIOUqtpPxCABFAAV8ESoAAIAG78i5Yle5CgkZZQBQwC0vLirOezzCLFAY+vBtPQAAAAAAAAAAAIAfQADol0AJ8DBAAP\/\/\/\/9AABIAjAYAAJwxQAABAAMAAAAAAAAAAABIIEAA+JdACawxQAABAAMA5CBAAPEgQAD+IEAACyFAABghQAAlIUAAMiFAAD8hQABmIUAAsCBAAL0gQADKIEAA1yBAAEwhQABZIUAAAAAAAPQeQABwHkAAqhdAALAXQAC2F0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMIgQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACoIEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAM8gQAC1IEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHB9AAHAeQACqF0AAsBdAALYXQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACBbCQEhwYAAOkrSgAAgWwkBIcGAADpzksAAIFsJASHBgAA6cFMAACBbCQEhwYAAOm0TgAAgWwkBP\/\/AADpp08AAIFsJAT\/\/wAA6SpQAACBbCQE\/\/8AAOmNUAAAgWwkBP\/\/AADpQFEAAIFsJAT\/\/wAA6bNRAACBbCQE\/\/8AAOn2UgAAgWwkBP\/\/AADpWVQAAIFsJAT\/\/wAA6UxVAACBbCQE\/\/8AAOn\/WAAAgWwkBP\/\/AADpYmwAAIFsJAT\/\/wAA6eVuAAAAAQADAGwrQAAAAAAAJGdAAP\/\/\/\/8AAAAAUCxAADTgQAAAAAAAQNJQCQAAAAAAAAAAAAAAAOQhQAABAAAAiDZAAAAAAADkIUAAAQAAAOwhQAAAAAAA6CFAAAcAAADsIUAABAC3AWgAbAAEI0AA8OVAAAAAAACo7WAJmDZAANA0QABAABgAOAAAAEQ0QAAFAAMAAAAAAAAAAAAUI0AAgJhACag2QAAFAAMAQAAJADwAAAC0NkAAAQADAAAAAAAAAAAAjCNAAJCYQAnENkAAAQADAEAAEQBAAAAAzDZAAAMAAwAAAAAAAAAAAMgjQACgmEAJ3DZAAAMAAwBAABgARAAAAEQ0QAACAAMAAAAAAAAAAAAkJEAAgJhACeQ2QAACAAMAQAASAEgAAACcMUAABgADAAAAAAAAAAAAnCRAAPiXQAnwNkAABgADAEAAHwBMAAAA\/DZAAP\/\/\/\/8AAAAAAAAAAPwkQACwmEAJDDdAAP\/\/\/\/9AABEAUAAAAMw2QAAEAAMAAAAAAAAAAACQJUAAoJhACRQ3QAAEAAMA7CVAAPslQAASJkAAHyZAAAAAAADsIUAAbCFAAKoXQACwF0AAthdAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAUIkAAbCFAAKoXQACwF0AAthdAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8IkAAbCFAAKoXQACwF0AAthdAABcmQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGQiQABsIUAAqhdAALAXQAC2F0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="} 00516{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":534,"source":"exe_download_as_png.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":534,"flow_first_seen":1569434903040,"flow_last_seen":1569434972556,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":1460,"flow_tot_l4_payload_len":500597,"flow_avg_l4_payload_len":937,"midstream":0,"l3_proto":"ip4","src_ip":"10.9.25.101","dst_ip":"185.98.87.185","src_port":49197,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00140{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":534,"source":"exe_download_as_png.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 534/534 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 511293 bytes +~~ total detected protocols..: 1 +~~ total active/idle flows...: 1/1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4835624 bytes +~~ total memory freed........: 4835624 bytes +~~ total allocations/frees...: 58895/58895 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/facebook.pcap.out b/test/results/facebook.pcap.out index 403531405..05fa91efc 100644 --- a/test/results/facebook.pcap.out +++ b/test/results/facebook.pcap.out @@ -39,3 +39,14 @@ 00505{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":60,"source":"facebook.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":19,"flow_first_seen":1472393122365,"flow_last_seen":1472393123665,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":1388,"flow_tot_l4_payload_len":4475,"flow_avg_l4_payload_len":235,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.43.18","dst_ip":"66.220.156.68","src_port":52066,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00504{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":60,"source":"facebook.pcap","alias":"nDPId-test","flow_id":2,"flow_packet_id":41,"flow_first_seen":1472393123550,"flow_last_seen":1472393124229,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":1388,"flow_tot_l4_payload_len":22044,"flow_avg_l4_payload_len":537,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.43.18","dst_ip":"31.13.86.36","src_port":44614,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00128{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":60,"source":"facebook.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 60/60 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 28471 bytes +~~ total detected protocols..: 2 +~~ total active/idle flows...: 2/2 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4836296 bytes +~~ total memory freed........: 4836296 bytes +~~ total allocations/frees...: 58442/58442 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/firefox.pcap.out b/test/results/firefox.pcap.out index a0e8630bb..21b8c3bd3 100644 --- a/test/results/firefox.pcap.out +++ b/test/results/firefox.pcap.out @@ -115,3 +115,14 @@ 00508{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":5441,"source":"firefox.pcap","alias":"nDPId-test","flow_id":5,"flow_packet_id":646,"flow_first_seen":1620927999111,"flow_last_seen":1620927999879,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":1440,"flow_tot_l4_payload_len":545091,"flow_avg_l4_payload_len":843,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.1.178","dst_ip":"146.48.58.18","src_port":51600,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00508{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":5441,"source":"firefox.pcap","alias":"nDPId-test","flow_id":6,"flow_packet_id":878,"flow_first_seen":1620927999112,"flow_last_seen":1620927999897,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":1440,"flow_tot_l4_payload_len":744373,"flow_avg_l4_payload_len":847,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.1.178","dst_ip":"146.48.58.18","src_port":51601,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00129{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":5441,"source":"firefox.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 5441/5441 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 4767738 bytes +~~ total detected protocols..: 6 +~~ total active/idle flows...: 6/6 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 5456529 bytes +~~ total memory freed........: 5456529 bytes +~~ total allocations/frees...: 63882/63882 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/fix.pcap.out b/test/results/fix.pcap.out index 22aeda8e6..3fcc7bc4c 100644 --- a/test/results/fix.pcap.out +++ b/test/results/fix.pcap.out @@ -184,3 +184,14 @@ 00498{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1261,"source":"fix.pcap","alias":"nDPId-test","flow_id":7,"flow_packet_id":18,"flow_first_seen":1493755110320,"flow_last_seen":1493755130355,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":86,"flow_tot_l4_payload_len":647,"flow_avg_l4_payload_len":35,"midstream":1,"l3_proto":"ip4","src_ip":"208.245.107.3","dst_ip":"192.168.0.20","src_port":4000,"dst_port":38652,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00499{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1261,"source":"fix.pcap","alias":"nDPId-test","flow_id":10,"flow_packet_id":11,"flow_first_seen":1493755113353,"flow_last_seen":1493755123449,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":99,"flow_tot_l4_payload_len":401,"flow_avg_l4_payload_len":36,"midstream":1,"l3_proto":"ip4","src_ip":"208.245.107.3","dst_ip":"192.168.0.20","src_port":4000,"dst_port":39094,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00125{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":1261,"source":"fix.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 1261/1261 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 71026 bytes +~~ total detected protocols..: 12 +~~ total active/idle flows...: 12/12 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4915900 bytes +~~ total memory freed........: 4915900 bytes +~~ total allocations/frees...: 59664/59664 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/forticlient.pcap.out b/test/results/forticlient.pcap.out index a7a6a06e8..f9565d5f8 100644 --- a/test/results/forticlient.pcap.out +++ b/test/results/forticlient.pcap.out @@ -100,3 +100,14 @@ 00509{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2000,"source":"forticlient.pcap","alias":"nDPId-test","flow_id":4,"flow_packet_id":29,"flow_first_seen":1621067206773,"flow_last_seen":1621067207860,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":1440,"flow_tot_l4_payload_len":7276,"flow_avg_l4_payload_len":250,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.1.178","dst_ip":"82.81.46.13","src_port":61812,"dst_port":10443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00514{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2000,"source":"forticlient.pcap","alias":"nDPId-test","flow_id":5,"flow_packet_id":1901,"flow_first_seen":1621067209199,"flow_last_seen":1621067222261,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":1440,"flow_tot_l4_payload_len":277457,"flow_avg_l4_payload_len":145,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.1.178","dst_ip":"82.81.46.13","src_port":61820,"dst_port":10443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00133{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":2000,"source":"forticlient.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 2000/2000 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 362931 bytes +~~ total detected protocols..: 5 +~~ total active/idle flows...: 5/5 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4935278 bytes +~~ total memory freed........: 4935278 bytes +~~ total allocations/frees...: 60397/60397 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/ftp.pcap.out b/test/results/ftp.pcap.out index 12af9d6bd..99690080f 100644 --- a/test/results/ftp.pcap.out +++ b/test/results/ftp.pcap.out @@ -48,3 +48,14 @@ 00497{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":1192,"source":"ftp.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":68,"flow_first_seen":1552590234892,"flow_last_seen":1552590243371,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":241,"flow_tot_l4_payload_len":1063,"flow_avg_l4_payload_len":15,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.1.212","dst_ip":"90.130.70.73","src_port":50694,"dst_port":21,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00501{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":1192,"source":"ftp.pcap","alias":"nDPId-test","flow_id":2,"flow_packet_id":9,"flow_first_seen":1552590236580,"flow_last_seen":1552590236666,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":1205,"flow_tot_l4_payload_len":1205,"flow_avg_l4_payload_len":133,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.1.212","dst_ip":"90.130.70.73","src_port":50695,"dst_port":25685,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00125{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":1192,"source":"ftp.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 1192/1192 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 1089060 bytes +~~ total detected protocols..: 2 +~~ total active/idle flows...: 3/3 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4867099 bytes +~~ total memory freed........: 4867099 bytes +~~ total allocations/frees...: 59559/59559 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/ftp_failed.pcap.out b/test/results/ftp_failed.pcap.out index 97956b71d..49ec9ce61 100644 --- a/test/results/ftp_failed.pcap.out +++ b/test/results/ftp_failed.pcap.out @@ -18,3 +18,14 @@ 00630{"flow_event_id":4,"flow_event_name":"guessed","thread_id":0,"packet_id":18,"source":"ftp_failed.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":18,"flow_first_seen":1574361625864,"flow_last_seen":1574361633102,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":40,"flow_tot_l4_payload_len":136,"flow_avg_l4_payload_len":7,"midstream":0,"l3_proto":"ip6","src_ip":"2a00:d40:1:3:192:12:193:11","dst_ip":"2a00:800:1010::1","src_port":44724,"dst_port":21,"l4_proto":"tcp","ndpi": {"proto":"FTP_CONTROL","breed":"Unsafe","category":"Download-FileTransfer-FileSharing"},"ftp": {"user":"hello","password":"","auth_failed":1}} 00516{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":18,"source":"ftp_failed.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":18,"flow_first_seen":1574361625864,"flow_last_seen":1574361633102,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":40,"flow_tot_l4_payload_len":136,"flow_avg_l4_payload_len":7,"midstream":0,"l3_proto":"ip6","src_ip":"2a00:d40:1:3:192:12:193:11","dst_ip":"2a00:800:1010::1","src_port":44724,"dst_port":21,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00130{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":18,"source":"ftp_failed.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 18/18 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 728 bytes +~~ total detected protocols..: 0 +~~ total active/idle flows...: 1/1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4822653 bytes +~~ total memory freed........: 4822653 bytes +~~ total allocations/frees...: 58377/58377 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/genshin-impact.pcap.out b/test/results/genshin-impact.pcap.out index b02c7423e..c612f08c3 100644 --- a/test/results/genshin-impact.pcap.out +++ b/test/results/genshin-impact.pcap.out @@ -54,3 +54,14 @@ 00472{"flow_id":3,"flow_packet_id":15,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":45,"source":"genshin-impact.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1618759618,"pkt_ts_usec":761347,"pkt_caplen":95,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":95,"pkt_l4_len":61,"pkt":"YDjgxTWgeJS0JASgCABFAABRCH1AADYRKoMI0UW\/wKgCZFZVzV8APR45XPECABn4gxJRAAABvJCX5QkAAAADAAAAGQAAAJqL1VapuS+c4jJOjLzuk7ttpvZ2nowWKgI="} 00512{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":45,"source":"genshin-impact.pcap","alias":"nDPId-test","flow_id":3,"flow_packet_id":15,"flow_first_seen":1618759616491,"flow_last_seen":1618759618761,"flow_min_l4_payload_len":20,"flow_max_l4_payload_len":606,"flow_tot_l4_payload_len":2645,"flow_avg_l4_payload_len":176,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"8.209.69.191","src_port":52575,"dst_port":22101,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00134{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":45,"source":"genshin-impact.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 45/45 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 9302 bytes +~~ total detected protocols..: 3 +~~ total active/idle flows...: 3/3 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4827692 bytes +~~ total memory freed........: 4827692 bytes +~~ total allocations/frees...: 58409/58409 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/git.pcap.out b/test/results/git.pcap.out index 4f465b9dd..74cad7b76 100644 --- a/test/results/git.pcap.out +++ b/test/results/git.pcap.out @@ -18,3 +18,14 @@ 02347{"flow_id":1,"flow_packet_id":15,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":15,"source":"git.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1460821630,"pkt_ts_usec":489457,"pkt_caplen":1506,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1506,"pkt_l4_len":1472,"pkt":"PJcOZtCOnJcm0ghCCABFCAXUJ\/VAAC8GcIMFmecVwKgATSTKu3dqwFKnfoYNooAQAHrgqAAAAQEICiuNae4Bp0hUMDAyMgJDb3VudGluZyBvYmplY3RzOiAxMjYsIGRvbmUuCjAwMjkCQ29tcHJlc3Npbmcgb2JqZWN0czogICAxJSAoMS81NykgICANMDAyOQJDb21wcmVzc2luZyBvYmplY3RzOiAgIDMlICgyLzU3KSAgIA0wMDI5AkNvbXByZXNzaW5nIG9iamVjdHM6ICAgNSUgKDMvNTcpICAgDTAwMjkCQ29tcHJlc3Npbmcgb2JqZWN0czogICA3JSAoNC81NykgICANMDAyOQJDb21wcmVzc2luZyBvYmplY3RzOiAgIDglICg1LzU3KSAgIA0wMDI5AkNvbXByZXNzaW5nIG9iamVjdHM6ICAxMCUgKDYvNTcpICAgDTAwMjkCQ29tcHJlc3Npbmcgb2JqZWN0czogIDEyJSAoNy81NykgICANMDAyOQJDb21wcmVzc2luZyBvYmplY3RzOiAgMTQlICg4LzU3KSAgIA0wMDI5AkNvbXByZXNzaW5nIG9iamVjdHM6ICAxNSUgKDkvNTcpICAgDTAwMmECQ29tcHJlc3Npbmcgb2JqZWN0czogIDE3JSAoMTAvNTcpICAgDTAwMmECQ29tcHJlc3Npbmcgb2JqZWN0czogIDE5JSAoMTEvNTcpICAgDTAwMmECQ29tcHJlc3Npbmcgb2JqZWN0czogIDIxJSAoMTIvNTcpICAgDTAwMmECQ29tcHJlc3Npbmcgb2JqZWN0czogIDIyJSAoMTMvNTcpICAgDTAwMmECQ29tcHJlc3Npbmcgb2JqZWN0czogIDI0JSAoMTQvNTcpICAgDTAwMmECQ29tcHJlc3Npbmcgb2JqZWN0czogIDI2JSAoMTUvNTcpICAgDTAwMmECQ29tcHJlc3Npbmcgb2JqZWN0czogIDI4JSAoMTYvNTcpICAgDTAwMmECQ29tcHJlc3Npbmcgb2JqZWN0czogIDI5JSAoMTcvNTcpICAgDTAwMmECQ29tcHJlc3Npbmcgb2JqZWN0czogIDMxJSAoMTgvNTcpICAgDTAwMmECQ29tcHJlc3Npbmcgb2JqZWN0czogIDMzJSAoMTkvNTcpICAgDTAwMmECQ29tcHJlc3Npbmcgb2JqZWN0czogIDM1JSAoMjAvNTcpICAgDTAwMmECQ29tcHJlc3Npbmcgb2JqZWN0czogIDM2JSAoMjEvNTcpICAgDTAwMmECQ29tcHJlc3Npbmcgb2JqZWN0czogIDM4JSAoMjIvNTcpICAgDTAwMmECQ29tcHJlc3Npbmcgb2JqZWN0czogIDQwJSAoMjMvNTcpICAgDTAwMmECQ29tcHJlc3Npbmcgb2JqZWN0czogIDQyJSAoMjQvNTcpICAgDTAwMmECQ29tcHJlc3Npbmcgb2JqZWN0czogIDQzJSAoMjUvNTcpICAgDTAwMmECQ29tcHJlc3Npbmcgb2JqZWN0czogIDQ1JSAoMjYvNTcpICAgDTAwMmECQ29tcHJlc3Npbmcgb2JqZWN0czogIDQ3JSAoMjcvNTcpICAgDTAwMmECQ29tcHJlc3Npbmcgb2JqZWN0czogIDQ5JSAoMjgvNTcpICAgDTAwMmECQ29tcHJlc3Npbmcgb2JqZWN0czogIDUwJSAoMjkvNTcpICAgDTAwMmECQ29tcHJlc3Npbmcgb2JqZWN0czogIDUyJSAoMzAvNTcpICAgDTAwMmECQ29tcHJlc3Npbmcgb2JqZWN0czogIDU0JSAoMzEvNTcpICAgDTAwMmECQ29tcHJlc3Npbmcgb2JqZWN0czogIDU2JSAoMzIvNTcpICAgDTAwMmECQ29tcHJlc3Npbmcgb2JqZWN0czogIDU3JSAoMzMvNTcpICAgDTAwMmECQ29tcHJlc3Npbmcgb2JqZWN0czogIDU5"} 00499{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":90,"source":"git.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":90,"flow_first_seen":1460821630164,"flow_last_seen":1460821631269,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":2880,"flow_tot_l4_payload_len":68049,"flow_avg_l4_payload_len":756,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.0.77","dst_ip":"5.153.231.21","src_port":47991,"dst_port":9418,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00123{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":90,"source":"git.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 90/90 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 70945 bytes +~~ total detected protocols..: 1 +~~ total active/idle flows...: 1/1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4822693 bytes +~~ total memory freed........: 4822693 bytes +~~ total allocations/frees...: 58448/58448 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/google_ssl.pcap.out b/test/results/google_ssl.pcap.out index 905ac057e..5b1def8e6 100644 --- a/test/results/google_ssl.pcap.out +++ b/test/results/google_ssl.pcap.out @@ -18,3 +18,14 @@ 00541{"flow_event_id":4,"flow_event_name":"guessed","thread_id":0,"packet_id":28,"source":"google_ssl.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":28,"flow_first_seen":1434443394683,"flow_last_seen":1434443401353,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":1430,"flow_tot_l4_payload_len":7568,"flow_avg_l4_payload_len":270,"midstream":0,"l3_proto":"ip4","src_ip":"172.31.3.224","dst_ip":"216.58.212.100","src_port":42835,"dst_port":443,"l4_proto":"tcp","ndpi": {"proto":"TLS.Google","breed":"Tracker\/Ads","category":"Web"}} 00506{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":28,"source":"google_ssl.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":28,"flow_first_seen":1434443394683,"flow_last_seen":1434443401353,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":1430,"flow_tot_l4_payload_len":7568,"flow_avg_l4_payload_len":270,"midstream":0,"l3_proto":"ip4","src_ip":"172.31.3.224","dst_ip":"216.58.212.100","src_port":42835,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00130{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":28,"source":"google_ssl.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 28/28 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 8136 bytes +~~ total detected protocols..: 0 +~~ total active/idle flows...: 1/1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4822943 bytes +~~ total memory freed........: 4822943 bytes +~~ total allocations/frees...: 58387/58387 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/googledns_android10.pcap.out b/test/results/googledns_android10.pcap.out index f1981f3c9..cf385a672 100644 --- a/test/results/googledns_android10.pcap.out +++ b/test/results/googledns_android10.pcap.out @@ -120,3 +120,14 @@ 00511{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":532,"source":"googledns_android10.pcap","alias":"nDPId-test","flow_id":7,"flow_packet_id":133,"flow_first_seen":1592552878549,"flow_last_seen":1592552996502,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":517,"flow_tot_l4_payload_len":19828,"flow_avg_l4_payload_len":149,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.1.159","dst_ip":"8.8.4.4","src_port":48098,"dst_port":853,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00513{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":532,"source":"googledns_android10.pcap","alias":"nDPId-test","flow_id":8,"flow_packet_id":241,"flow_first_seen":1592553007037,"flow_last_seen":1592553079303,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":1418,"flow_tot_l4_payload_len":48857,"flow_avg_l4_payload_len":202,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.1.159","dst_ip":"8.8.4.4","src_port":48210,"dst_port":853,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00140{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":532,"source":"googledns_android10.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 532/532 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 114806 bytes +~~ total detected protocols..: 6 +~~ total active/idle flows...: 8/8 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4880159 bytes +~~ total memory freed........: 4880159 bytes +~~ total allocations/frees...: 58948/58948 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/gquic.pcap.out b/test/results/gquic.pcap.out index b905610a6..062742d05 100644 --- a/test/results/gquic.pcap.out +++ b/test/results/gquic.pcap.out @@ -4,3 +4,14 @@ 00655{"flow_event_id":5,"flow_event_name":"detected","thread_id":0,"packet_id":1,"source":"gquic.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":1,"flow_first_seen":1591876186378,"flow_last_seen":0,"flow_min_l4_payload_len":1350,"flow_max_l4_payload_len":1350,"flow_tot_l4_payload_len":1350,"flow_avg_l4_payload_len":1350,"midstream":0,"l3_proto":"ip4","src_ip":"10.44.5.25","dst_ip":"216.58.213.163","src_port":61097,"dst_port":443,"l4_proto":"udp","ndpi": {"proto":"QUIC.Google","breed":"Tracker\/Ads","category":"Web"},"quic": {"client_requested_server_name":"www.gstatic.com","user_agent":"canary Chrome\/85.0.4169.0 Windows NT 10.0; Win64; x64"}} 00490{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1,"source":"gquic.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":1,"flow_first_seen":1591876186378,"flow_last_seen":0,"flow_min_l4_payload_len":1350,"flow_max_l4_payload_len":1350,"flow_tot_l4_payload_len":1350,"flow_avg_l4_payload_len":1350,"midstream":0,"l3_proto":"ip4","src_ip":"10.44.5.25","dst_ip":"216.58.213.163","src_port":61097,"dst_port":443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00124{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":1,"source":"gquic.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 1/1 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 1358 bytes +~~ total detected protocols..: 1 +~~ total active/idle flows...: 1/1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4825672 bytes +~~ total memory freed........: 4825672 bytes +~~ total allocations/frees...: 58370/58370 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/h323-overflow.pcap.out b/test/results/h323-overflow.pcap.out index 0df301115..6b2ac2b08 100644 --- a/test/results/h323-overflow.pcap.out +++ b/test/results/h323-overflow.pcap.out @@ -4,3 +4,14 @@ 00519{"flow_event_id":4,"flow_event_name":"guessed","thread_id":0,"packet_id":1,"source":"h323-overflow.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":1,"flow_first_seen":946681200000,"flow_last_seen":0,"flow_min_l4_payload_len":4,"flow_max_l4_payload_len":4,"flow_tot_l4_payload_len":4,"flow_avg_l4_payload_len":4,"midstream":1,"l3_proto":"ip4","src_ip":"192.168.1.1","dst_ip":"192.168.1.2","src_port":31337,"dst_port":80,"l4_proto":"tcp","ndpi": {"proto":"HTTP","breed":"Acceptable","category":"Web"},"http": {}} 00482{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1,"source":"h323-overflow.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":1,"flow_first_seen":946681200000,"flow_last_seen":0,"flow_min_l4_payload_len":4,"flow_max_l4_payload_len":4,"flow_tot_l4_payload_len":4,"flow_avg_l4_payload_len":4,"midstream":1,"l3_proto":"ip4","src_ip":"192.168.1.1","dst_ip":"192.168.1.2","src_port":31337,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00132{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":1,"source":"h323-overflow.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 1/1 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 24 bytes +~~ total detected protocols..: 0 +~~ total active/idle flows...: 1/1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4822160 bytes +~~ total memory freed........: 4822160 bytes +~~ total allocations/frees...: 58360/58360 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/hangout.pcap.out b/test/results/hangout.pcap.out index 118f52014..8b667deeb 100644 --- a/test/results/hangout.pcap.out +++ b/test/results/hangout.pcap.out @@ -18,3 +18,14 @@ 00536{"flow_id":1,"flow_packet_id":15,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":15,"source":"hangout.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1468516961,"pkt_ts_usec":759411,"pkt_caplen":146,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":146,"pkt_l4_len":112,"pkt":"CJ4BbNkmACFeRhcmCABFAACE0uIAACwRoyRKfYZ\/Clk9DUtp3FYAcEuMAQEAVCESpEJ3RGRuSlI1b3p6TVQABgAhWWRWSldCNmwzN20xYzhENDpCbU1TU1l3ZHhBT1czSFlYAAAAACAACAABfY2fUviQAAgAFJx22As21z4ewdrKbbQZAFr9rafBgCgABAFQq5M="} 00506{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":19,"source":"hangout.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":19,"flow_first_seen":1468516947751,"flow_last_seen":1468516965768,"flow_min_l4_payload_len":104,"flow_max_l4_payload_len":104,"flow_tot_l4_payload_len":1976,"flow_avg_l4_payload_len":104,"midstream":0,"l3_proto":"ip4","src_ip":"74.125.134.127","dst_ip":"10.89.61.13","src_port":19305,"dst_port":56406,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00127{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":19,"source":"hangout.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 19/19 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 2128 bytes +~~ total detected protocols..: 1 +~~ total active/idle flows...: 1/1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4828842 bytes +~~ total memory freed........: 4828842 bytes +~~ total allocations/frees...: 58379/58379 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/hpvirtgrp.pcap.out b/test/results/hpvirtgrp.pcap.out index b54217266..aab0ec83a 100644 --- a/test/results/hpvirtgrp.pcap.out +++ b/test/results/hpvirtgrp.pcap.out @@ -162,3 +162,14 @@ 00505{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":135,"source":"hpvirtgrp.pcap","alias":"nDPId-test","flow_id":9,"flow_packet_id":15,"flow_first_seen":1614898090218,"flow_last_seen":1614898324173,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":163,"flow_tot_l4_payload_len":522,"flow_avg_l4_payload_len":34,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"160.44.194.66","src_port":42764,"dst_port":5223,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00505{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":135,"source":"hpvirtgrp.pcap","alias":"nDPId-test","flow_id":7,"flow_packet_id":15,"flow_first_seen":1614892184461,"flow_last_seen":1614892314046,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":163,"flow_tot_l4_payload_len":580,"flow_avg_l4_payload_len":38,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"160.44.194.66","src_port":49838,"dst_port":5223,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00130{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":135,"source":"hpvirtgrp.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 135/135 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 8041 bytes +~~ total detected protocols..: 9 +~~ total active/idle flows...: 9/9 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4867646 bytes +~~ total memory freed........: 4867646 bytes +~~ total allocations/frees...: 58526/58526 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/http-crash-content-disposition.pcap.out b/test/results/http-crash-content-disposition.pcap.out index 35ffba502..81a61e64d 100644 --- a/test/results/http-crash-content-disposition.pcap.out +++ b/test/results/http-crash-content-disposition.pcap.out @@ -18,3 +18,14 @@ 01625{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":9,"source":"http-crash-content-disposition.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1492518365,"pkt_ts_usec":968183,"pkt_caplen":981,"pkt_type":0,"pkt_l3_offset":0,"pkt_l4_offset":0,"pkt_len":981,"pkt_l4_len":0,"pkt":"RQAD1UN3QAAtBpcRroEACsCoAGcAUMfjkVclC3tFq0qAGAB6wJEAAAEBCAoroVxpABR97jQ8L21heF9kaXNwbGF5X251bT4KCTwvbWVzc2FnZT4KCTxtZXNzYWdlPgoJCTxpZD4yMDwvaWQ+CgkJPHRpdGxlPkEgUGVwIFRhbGsgZnJvbSBLaWQgUHJlc2lkZW50ITwvdGl0bGU+CgkJPGRlc2NyaXB0aW9uPldhdGNoIHRoZSBuZXdlc3QgdmlkZW8gZnJvbSBUaGUgR3JlZ29yeSBCcm90aGVycywgYW5kIHBlcmZvcm0geW91ciBvd24gcmVuZGl0aW9uITwvZGVzY3JpcHRpb24+CgkJPHVybD5odHRwOi8vd3d3LnlvdXR1YmUuY29tL3dhdGNoP3Y9bkZHY3JZUGRySlU8L3VybD4KCQk8dHlwZT4wPC90eXBlPgoJCTxjYXRlZ29yeT4xPC9jYXRlZ29yeT4KCQk8bWF4X2Rpc3BsYXlfbnVtPjIxNDYzNTQyNDg8L21heF9kaXNwbGF5X251bT4KCTwvbWVzc2FnZT4KCTxtZXNzYWdlPgoJCTxpZD4yMTwvaWQ+CgkJPHRpdGxlPlJhcCBsaWtlIEVtaW5lbSE8L3RpdGxlPgoJCTxkZXNjcmlwdGlvbj5BdXRvUmFwIHR1cm5zIHNwZWVjaCBpbnRvIHJhcCAoYW5kIGNvcnJlY3RzIGJhZCByYXBwaW5nKS48L2Rlc2NyaXB0aW9uPgoJCTx1cmw+aHR0cDovL2FwaS5zbXVsZS5jb20vdjIvcmVkaXJlY3QvZXlKM1pXSlZjbXdpT2lKb2RIUndjem92TDNCc1lYa3VaMjl2WjJ4bExtTnZiUzl6ZEc5eVpTOWhjSEJ6TDJSbGRHRnBiSE0vYVdSY2RUQXdNMlJqYjIwdWMyMTFiR1V1WVhWMGIzSmhjQ0lzSW0xdlltbHNaVlZ5YkNJNkltMWhjbXRsZERvdkwyUmxkR0ZwYkhNL2FXUmNkVEF3TTJSamIyMHVjMjExYkdVdVlYVjBiM0poY0NJc0ltTmhiWEJoYVdkdVNXUWlPakUxTVRNc0ltRndjQ0k2SWtGVlZFOVNRVkJmUjA5UFJ5Sjk8L3VybD4KCQk8dHlwZT4wPC90eXBlPgoJCTxjYXRlZ29yeT4zPC9jYXRlZ29yeT4KCQk8bWF4X2Rpc3BsYXlfbnVtPjIxNDYwNzU0MDI8L21heF9kaXNwbGF5X251bT4KCTwvbWVzc2FnZT4KPC9tZXNzYWdlX2xpc3Q+CjwvaW1zZ3M+"} 00168{"basic_event_id":5,"basic_event_name":"Unknown packet type","thread_id":0,"packet_id":9,"source":"http-crash-content-disposition.pcap","alias":"nDPId-test","type":12} 00149{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":9,"source":"http-crash-content-disposition.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 9/0 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 0 bytes +~~ total detected protocols..: 0 +~~ total active/idle flows...: 0/0 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4816931 bytes +~~ total memory freed........: 4816931 bytes +~~ total allocations/frees...: 58355/58355 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/http-lines-split.pcap.out b/test/results/http-lines-split.pcap.out index 0729fc788..6e0ff6fde 100644 --- a/test/results/http-lines-split.pcap.out +++ b/test/results/http-lines-split.pcap.out @@ -17,3 +17,14 @@ 00417{"flow_id":1,"flow_packet_id":14,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":14,"source":"http-lines-split.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1593713340,"pkt_ts_usec":404597,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"pkt":"YDjgxTWgABjzZLGICABFAAAoAABAALIGR2rAqAAUwKgAAXppmUT8cbYiK6JZ9lAQAfbgnQAA"} 00511{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":14,"source":"http-lines-split.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":14,"flow_first_seen":1593713340401,"flow_last_seen":1593713340404,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":1460,"flow_tot_l4_payload_len":1699,"flow_avg_l4_payload_len":121,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.0.1","dst_ip":"192.168.0.20","src_port":39236,"dst_port":31337,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00136{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":14,"source":"http-lines-split.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 14/14 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 2003 bytes +~~ total detected protocols..: 1 +~~ total active/idle flows...: 1/1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4820519 bytes +~~ total memory freed........: 4820519 bytes +~~ total allocations/frees...: 58374/58374 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/http_ipv6.pcap.out b/test/results/http_ipv6.pcap.out index 9793b5935..f4930b7b9 100644 --- a/test/results/http_ipv6.pcap.out +++ b/test/results/http_ipv6.pcap.out @@ -182,3 +182,14 @@ 00547{"flow_event_id":4,"flow_event_name":"guessed","thread_id":0,"packet_id":193,"source":"http_ipv6.pcap","alias":"nDPId-test","flow_id":13,"flow_packet_id":2,"flow_first_seen":1448269145458,"flow_last_seen":1448269145478,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":0,"flow_tot_l4_payload_len":0,"flow_avg_l4_payload_len":0,"midstream":1,"l3_proto":"ip6","src_ip":"2a00:d40:1:3:7aac:c0ff:fea7:d4c","dst_ip":"2a00:1450:4001:803::1012","src_port":59690,"dst_port":443,"l4_proto":"tcp","ndpi": {"proto":"TLS","breed":"Safe","category":"Web"}} 00528{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":193,"source":"http_ipv6.pcap","alias":"nDPId-test","flow_id":13,"flow_packet_id":2,"flow_first_seen":1448269145458,"flow_last_seen":1448269145478,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":0,"flow_tot_l4_payload_len":0,"flow_avg_l4_payload_len":0,"midstream":1,"l3_proto":"ip6","src_ip":"2a00:d40:1:3:7aac:c0ff:fea7:d4c","dst_ip":"2a00:1450:4001:803::1012","src_port":59690,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00130{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":193,"source":"http_ipv6.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 193/193 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 55905 bytes +~~ total detected protocols..: 7 +~~ total active/idle flows...: 15/15 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4940037 bytes +~~ total memory freed........: 4940037 bytes +~~ total allocations/frees...: 58659/58659 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/iec60780-5-104.pcap.out b/test/results/iec60780-5-104.pcap.out index 98f3a06f0..518f746a0 100644 --- a/test/results/iec60780-5-104.pcap.out +++ b/test/results/iec60780-5-104.pcap.out @@ -106,3 +106,14 @@ 00506{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":120,"source":"iec60780-5-104.pcap","alias":"nDPId-test","flow_id":5,"flow_packet_id":13,"flow_first_seen":1219992782348,"flow_last_seen":1219992818955,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":17,"flow_tot_l4_payload_len":34,"flow_avg_l4_payload_len":2,"midstream":0,"l3_proto":"ip4","src_ip":"172.27.248.109","dst_ip":"172.27.248.79","src_port":1577,"dst_port":2404,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00507{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":147,"source":"iec60780-5-104.pcap","alias":"nDPId-test","flow_id":6,"flow_packet_id":47,"flow_first_seen":1219992819942,"flow_last_seen":1219993055118,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":64,"flow_tot_l4_payload_len":417,"flow_avg_l4_payload_len":8,"midstream":0,"l3_proto":"ip4","src_ip":"172.27.248.109","dst_ip":"172.27.248.79","src_port":1578,"dst_port":2404,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00135{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":147,"source":"iec60780-5-104.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 147/147 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 3784 bytes +~~ total detected protocols..: 6 +~~ total active/idle flows...: 6/6 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4840106 bytes +~~ total memory freed........: 4840106 bytes +~~ total allocations/frees...: 58520/58520 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/imaps.pcap.out b/test/results/imaps.pcap.out index 28d8d6434..f98360ccd 100644 --- a/test/results/imaps.pcap.out +++ b/test/results/imaps.pcap.out @@ -20,3 +20,14 @@ 00493{"flow_id":1,"flow_packet_id":15,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":15,"source":"imaps.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1590857744,"pkt_ts_usec":905735,"pkt_caplen":117,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":117,"pkt_l4_len":83,"pkt":"KDc3AG3IEBMx8Tl2CABFAABnNsFAADQGzxenY9ekwKgBCAPhxUrMi6660TTRT4AYAfxr8wAAAQEICqnD6LUUTZ3qFAMDAAEBFgMDAChAqpq8t2fITIfMhvOf8DvJz3jdHhYAkNco57ZHSCpyv0i\/fAHB+HFs"} 00501{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":20,"source":"imaps.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":20,"flow_first_seen":1590857744659,"flow_last_seen":1590857744987,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":1440,"flow_tot_l4_payload_len":3856,"flow_avg_l4_payload_len":192,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.1.8","dst_ip":"167.99.215.164","src_port":50506,"dst_port":993,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00125{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":20,"source":"imaps.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 20/20 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 4516 bytes +~~ total detected protocols..: 1 +~~ total active/idle flows...: 1/1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4825574 bytes +~~ total memory freed........: 4825574 bytes +~~ total allocations/frees...: 58383/58383 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/instagram.pcap.out b/test/results/instagram.pcap.out index 975b966b2..900cbb856 100644 --- a/test/results/instagram.pcap.out +++ b/test/results/instagram.pcap.out @@ -500,3 +500,14 @@ 00508{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3443,"source":"instagram.pcap","alias":"nDPId-test","flow_id":37,"flow_packet_id":359,"flow_first_seen":1568796265146,"flow_last_seen":1568796268054,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":1388,"flow_tot_l4_payload_len":272019,"flow_avg_l4_payload_len":757,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.2.17","dst_ip":"31.13.86.52","src_port":49360,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00508{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3443,"source":"instagram.pcap","alias":"nDPId-test","flow_id":38,"flow_packet_id":212,"flow_first_seen":1568796265147,"flow_last_seen":1568796268053,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":1388,"flow_tot_l4_payload_len":155200,"flow_avg_l4_payload_len":732,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.2.17","dst_ip":"31.13.86.52","src_port":49361,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00131{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":3443,"source":"instagram.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 3443/3442 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 2809611 bytes +~~ total detected protocols..: 25 +~~ total active/idle flows...: 38/38 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 6197856 bytes +~~ total memory freed........: 6197856 bytes +~~ total allocations/frees...: 62092/62092 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/ip_fragmented_garbage.pcap.out b/test/results/ip_fragmented_garbage.pcap.out index 3e0311190..539c7a3d8 100644 --- a/test/results/ip_fragmented_garbage.pcap.out +++ b/test/results/ip_fragmented_garbage.pcap.out @@ -18212,3 +18212,14 @@ 00508{"flow_event_id":7,"flow_event_name":"not-detected","thread_id":0,"packet_id":9077,"source":"ip_fragmented_garbage.pcap","alias":"nDPId-test","flow_id":22,"flow_packet_id":1,"flow_first_seen":1534244031080,"flow_last_seen":0,"flow_min_l4_payload_len":4,"flow_max_l4_payload_len":4,"flow_tot_l4_payload_len":4,"flow_avg_l4_payload_len":4,"midstream":1,"l3_proto":"ip4","src_ip":"10.0.0.2","dst_ip":"10.128.0.2","src_port":18258,"dst_port":16199,"l4_proto":"tcp","ndpi": {"proto":"Unknown","breed":"Unrated"}} 00493{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":9077,"source":"ip_fragmented_garbage.pcap","alias":"nDPId-test","flow_id":22,"flow_packet_id":1,"flow_first_seen":1534244031080,"flow_last_seen":0,"flow_min_l4_payload_len":4,"flow_max_l4_payload_len":4,"flow_tot_l4_payload_len":4,"flow_avg_l4_payload_len":4,"midstream":1,"l3_proto":"ip4","src_ip":"10.0.0.2","dst_ip":"10.128.0.2","src_port":18258,"dst_port":16199,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00143{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":9077,"source":"ip_fragmented_garbage.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 9077/29 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 464 bytes +~~ total detected protocols..: 0 +~~ total active/idle flows...: 29/29 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4909180 bytes +~~ total memory freed........: 4909180 bytes +~~ total allocations/frees...: 58471/58471 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/iphone.pcap.out b/test/results/iphone.pcap.out index f90d026b5..9516131d5 100644 --- a/test/results/iphone.pcap.out +++ b/test/results/iphone.pcap.out @@ -502,3 +502,14 @@ 00498{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":500,"source":"iphone.pcap","alias":"nDPId-test","flow_id":32,"flow_packet_id":2,"flow_first_seen":1582454598713,"flow_last_seen":1582454598755,"flow_min_l4_payload_len":32,"flow_max_l4_payload_len":161,"flow_tot_l4_payload_len":193,"flow_avg_l4_payload_len":96,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.2.17","dst_ip":"192.168.2.1","src_port":52682,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00499{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":500,"source":"iphone.pcap","alias":"nDPId-test","flow_id":50,"flow_packet_id":2,"flow_first_seen":1582454599929,"flow_last_seen":1582454599930,"flow_min_l4_payload_len":39,"flow_max_l4_payload_len":199,"flow_tot_l4_payload_len":238,"flow_avg_l4_payload_len":119,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.2.17","dst_ip":"192.168.2.1","src_port":65079,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00127{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":500,"source":"iphone.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 500/486 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 204168 bytes +~~ total detected protocols..: 52 +~~ total active/idle flows...: 53/53 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 5437182 bytes +~~ total memory freed........: 5437182 bytes +~~ total allocations/frees...: 59276/59276 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/ipv6_in_gtp.pcap.out b/test/results/ipv6_in_gtp.pcap.out index 1390ddbbe..c5a8ee675 100644 --- a/test/results/ipv6_in_gtp.pcap.out +++ b/test/results/ipv6_in_gtp.pcap.out @@ -4,3 +4,14 @@ 00531{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":2,"source":"ipv6_in_gtp.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1536840494,"pkt_ts_usec":424533,"pkt_caplen":166,"pkt_type":33024,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":166,"pkt_l4_len":0,"pkt":"AAAAAAABNLNUB8pVgQAMn4EAQAIIAEVYAJD2QgAA\/xGMPAruJFwK7v5NCGgIaAB8AAAw\/wBsB0wVsGANtkgARDJAKgEEyMAUFE4AAQAClFtnYSoBBMjwAA9JAAAAAAAAAAT\/O2YDAAAAQhlm1OFxgeTba50SyREjm3lFbPc9lgrLUcRYebJHYlYzSCeWv2L\/IjSAXfS1U+Rh4DDxR7yVXb8kOaI3Xg=="} 00152{"basic_event_id":5,"basic_event_name":"Unknown packet type","thread_id":0,"packet_id":2,"source":"ipv6_in_gtp.pcap","alias":"nDPId-test","type":33024} 00130{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":2,"source":"ipv6_in_gtp.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 2/0 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 0 bytes +~~ total detected protocols..: 0 +~~ total active/idle flows...: 0/0 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4816931 bytes +~~ total memory freed........: 4816931 bytes +~~ total allocations/frees...: 58355/58355 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/irc.pcap.out b/test/results/irc.pcap.out index 288d25309..271db5dbc 100644 --- a/test/results/irc.pcap.out +++ b/test/results/irc.pcap.out @@ -18,3 +18,14 @@ 02358{"flow_id":1,"flow_packet_id":15,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":15,"source":"irc.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1387554250,"pkt_ts_usec":647295,"pkt_caplen":1514,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1514,"pkt_l4_len":1480,"pkt":"ABNyxPHhANAr0XYACABFAAXcCCVAADIGJlEm5UYUCrSc+R9As2GRFS4PaTHw+oAQAFsv4QAAAQEICjBILdS+wg+3OmNhcmQuZnJlZW5vZGUubmV0IDAwMSBtb2xvY2h0ZXN0IDpXZWxjb21lIHRvIHRoZSBmcmVlbm9kZSBJbnRlcm5ldCBSZWxheSBDaGF0IE5ldHdvcmsgbW9sb2NodGVzdA0KOmNhcmQuZnJlZW5vZGUubmV0IDAwMiBtb2xvY2h0ZXN0IDpZb3VyIGhvc3QgaXMgY2FyZC5mcmVlbm9kZS5uZXRbMzguMjI5LjcwLjIwLzgwMDBdLCBydW5uaW5nIHZlcnNpb24gaXJjZC1zZXZlbi0xLjEuMw0KOmNhcmQuZnJlZW5vZGUubmV0IDAwMyBtb2xvY2h0ZXN0IDpUaGlzIHNlcnZlciB3YXMgY3JlYXRlZCBTdW4gRGVjIDExIDIwMTEgYXQgMjI6MTY6MTAgVVRDDQo6Y2FyZC5mcmVlbm9kZS5uZXQgMDA0IG1vbG9jaHRlc3QgY2FyZC5mcmVlbm9kZS5uZXQgaXJjZC1zZXZlbi0xLjEuMyBET1FSU1phZ2hpbG9wc3d6IENGSUxNUFFTYmNlZmdpamtsbW5vcHFyc3R2eiBia2xvdmVxamZJDQo6Y2FyZC5mcmVlbm9kZS5uZXQgMDA1IG1vbG9jaHRlc3QgQ0hBTlRZUEVTPSMgRVhDRVBUUyBJTlZFWCBDSEFOTU9ERVM9ZUlicSxrLGZsaixDRkxNUFFTY2dpbW5wcnN0eiBDSEFOTElNSVQ9IzoxMjAgUFJFRklYPShvdilAKyBNQVhMSVNUPWJxZUk6MTAwIE1PREVTPTQgTkVUV09SSz1mcmVlbm9kZSBLTk9DSyBTVEFUVVNNU0c9QCsgQ0FMTEVSSUQ9ZyA6YXJlIHN1cHBvcnRlZCBieSB0aGlzIHNlcnZlcg0KOmNhcmQuZnJlZW5vZGUubmV0IDAwNSBtb2xvY2h0ZXN0IENBU0VNQVBQSU5HPXJmYzE0NTkgQ0hBUlNFVD1hc2NpaSBOSUNLTEVOPTE2IENIQU5ORUxMRU49NTAgVE9QSUNMRU49MzkwIEVUUkFDRSBDUFJJVk1TRyBDTk9USUNFIERFQUY9RCBNT05JVE9SPTEwMCBGTkMgVEFSR01BWD1OQU1FUzoxLExJU1Q6MSxLSUNLOjEsV0hPSVM6MSxQUklWTVNHOjQsTk9USUNFOjQsQUNDRVBUOixNT05JVE9SOiA6YXJlIHN1cHBvcnRlZCBieSB0aGlzIHNlcnZlcg0KOmNhcmQuZnJlZW5vZGUubmV0IDAwNSBtb2xvY2h0ZXN0IEVYVEJBTj0kLGFyeHogV0hPWCBDTElFTlRWRVI9My4wIFNBRkVMSVNUIEVMSVNUPUNUVSA6YXJlIHN1cHBvcnRlZCBieSB0aGlzIHNlcnZlcg0KOmNhcmQuZnJlZW5vZGUubmV0IDI1MSBtb2xvY2h0ZXN0IDpUaGVyZSBhcmUgMjIxIHVzZXJzIGFuZCA5MDE2NSBpbnZpc2libGUgb24gMjggc2VydmVycw0KOmNhcmQuZnJlZW5vZGUubmV0IDI1MiBtb2xvY2h0ZXN0IDMxIDpJUkMgT3BlcmF0b3JzIG9ubGluZQ0KOmNhcmQuZnJlZW5vZGUubmV0IDI1MyBtb2xvY2h0ZXN0IDEgOnVua25vd24gY29ubmVjdGlvbihzKQ0KOmNhcmQuZnJlZW5vZGUubmV0IDI1NCBtb2xvY2h0ZXN0IDU0NzQwIDpjaGFubmVscyBmb3JtZWQNCjpjYXJkLmZyZWVub2RlLm5ldCAyNTUgbW9sb2NodGVzdCA6SSBoYXZlIDIzMjQgY2xpZW50cyBhbmQgOCBzZXJ2ZXJzDQo6Y2FyZC5mcmVlbm9kZS5uZXQgMjY1IG1vbG9jaHRlc3QgMjMyNCA5OTI3IDpDdXJyZW50IGxvY2FsIHVzZXJzIDI="} 00501{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":29,"source":"irc.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":29,"flow_first_seen":1387554241634,"flow_last_seen":1387554256201,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":1448,"flow_tot_l4_payload_len":7015,"flow_avg_l4_payload_len":241,"midstream":0,"l3_proto":"ip4","src_ip":"10.180.156.249","dst_ip":"38.229.70.20","src_port":45921,"dst_port":8000,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00123{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":29,"source":"irc.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 29/29 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 7959 bytes +~~ total detected protocols..: 1 +~~ total active/idle flows...: 1/1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4822972 bytes +~~ total memory freed........: 4822972 bytes +~~ total allocations/frees...: 58388/58388 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/ja3_lots_of_cipher_suites.pcap.out b/test/results/ja3_lots_of_cipher_suites.pcap.out index 1a7fd1959..0db55bf37 100644 --- a/test/results/ja3_lots_of_cipher_suites.pcap.out +++ b/test/results/ja3_lots_of_cipher_suites.pcap.out @@ -22,3 +22,14 @@ 00408{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":11,"source":"ja3_lots_of_cipher_suites.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1557818846,"pkt_ts_usec":965822,"pkt_caplen":68,"pkt_type":33024,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":68,"pkt_l4_len":0,"pkt":"AAAAAAABsKp3tUhAgQAAXYEAAQIIAEUAACifbEAAPwbBvArOgxIKzkH55SEBu84u2SwAAAAAUAQAAEcBAAAAAAAAAAA="} 00167{"basic_event_id":5,"basic_event_name":"Unknown packet type","thread_id":0,"packet_id":11,"source":"ja3_lots_of_cipher_suites.pcap","alias":"nDPId-test","type":33024} 00145{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":11,"source":"ja3_lots_of_cipher_suites.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 11/0 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 0 bytes +~~ total detected protocols..: 0 +~~ total active/idle flows...: 0/0 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4816931 bytes +~~ total memory freed........: 4816931 bytes +~~ total allocations/frees...: 58355/58355 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/ja3_lots_of_cipher_suites_2_anon.pcap.out b/test/results/ja3_lots_of_cipher_suites_2_anon.pcap.out index d374114b4..c7d09526f 100644 --- a/test/results/ja3_lots_of_cipher_suites_2_anon.pcap.out +++ b/test/results/ja3_lots_of_cipher_suites_2_anon.pcap.out @@ -44,3 +44,14 @@ 00214{"basic_event_id":15,"basic_event_name":"Captured packet size is smaller than packet size","thread_id":0,"packet_id":25,"source":"ja3_lots_of_cipher_suites_2_anon.pcap","alias":"nDPId-test","caplen":106,"len":110} 00532{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":27,"source":"ja3_lots_of_cipher_suites_2_anon.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":27,"flow_first_seen":1505724520744,"flow_last_seen":1505724526702,"flow_min_l4_payload_len":48,"flow_max_l4_payload_len":1448,"flow_tot_l4_payload_len":5832,"flow_avg_l4_payload_len":216,"midstream":0,"l3_proto":"ip4","src_ip":"132.190.244.12","dst_ip":"151.121.185.44","src_port":2152,"dst_port":2152,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00152{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":27,"source":"ja3_lots_of_cipher_suites_2_anon.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 27/27 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 6048 bytes +~~ total detected protocols..: 1 +~~ total active/idle flows...: 1/1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4820866 bytes +~~ total memory freed........: 4820866 bytes +~~ total allocations/frees...: 58385/58385 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/kerberos.pcap.out b/test/results/kerberos.pcap.out index 3f95ec79b..5810f1023 100644 --- a/test/results/kerberos.pcap.out +++ b/test/results/kerberos.pcap.out @@ -185,3 +185,14 @@ 00532{"flow_event_id":4,"flow_event_name":"guessed","thread_id":0,"packet_id":77,"source":"kerberos.pcap","alias":"nDPId-test","flow_id":36,"flow_packet_id":2,"flow_first_seen":1549337952282,"flow_last_seen":1549337952283,"flow_min_l4_payload_len":260,"flow_max_l4_payload_len":356,"flow_tot_l4_payload_len":616,"flow_avg_l4_payload_len":308,"midstream":1,"l3_proto":"ip4","src_ip":"172.16.8.201","dst_ip":"172.16.8.8","src_port":49194,"dst_port":445,"l4_proto":"tcp","ndpi": {"proto":"SMBv23","breed":"Acceptable","category":"System"}} 00501{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":77,"source":"kerberos.pcap","alias":"nDPId-test","flow_id":36,"flow_packet_id":2,"flow_first_seen":1549337952282,"flow_last_seen":1549337952283,"flow_min_l4_payload_len":260,"flow_max_l4_payload_len":356,"flow_tot_l4_payload_len":616,"flow_avg_l4_payload_len":308,"midstream":1,"l3_proto":"ip4","src_ip":"172.16.8.201","dst_ip":"172.16.8.8","src_port":49194,"dst_port":445,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00128{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":77,"source":"kerberos.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 77/77 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 25673 bytes +~~ total detected protocols..: 3 +~~ total active/idle flows...: 36/36 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 5006364 bytes +~~ total memory freed........: 5006364 bytes +~~ total allocations/frees...: 58576/58576 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/long_tls_certificate.pcap.out b/test/results/long_tls_certificate.pcap.out index 19d43837a..450f3e92f 100644 --- a/test/results/long_tls_certificate.pcap.out +++ b/test/results/long_tls_certificate.pcap.out @@ -20,3 +20,14 @@ 00438{"flow_id":1,"flow_packet_id":15,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":15,"source":"long_tls_certificate.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1609756182,"pkt_ts_usec":43951,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"pkt":"EBMx8Tl2KDc3AG3ICABFAAA0AABAAEAGqlXAqAE8ag9ke9glAbsIXeMfpWxIPIAQ\/\/9fEAAAAQEFCqVsRCKlbEg8"} 00517{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":47,"source":"long_tls_certificate.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":47,"flow_first_seen":1609756181300,"flow_last_seen":1609756183162,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":1452,"flow_tot_l4_payload_len":12100,"flow_avg_l4_payload_len":257,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.1.60","dst_ip":"106.15.100.123","src_port":55333,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00140{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":47,"source":"long_tls_certificate.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 47/47 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 13184 bytes +~~ total detected protocols..: 1 +~~ total active/idle flows...: 1/1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 5218714 bytes +~~ total memory freed........: 5218714 bytes +~~ total allocations/frees...: 58598/58598 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/malformed_dns.pcap.out b/test/results/malformed_dns.pcap.out index 61402edbe..481363200 100644 --- a/test/results/malformed_dns.pcap.out +++ b/test/results/malformed_dns.pcap.out @@ -12,3 +12,14 @@ 02609{"flow_id":1,"flow_packet_id":6,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":6,"source":"malformed_dns.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1591551765,"pkt_ts_usec":368813,"pkt_caplen":1430,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1430,"pkt_l4_len":1396,"pkt":"\/\/\/\/\/\/\/\/AAAAAAAACABFAAWIAAEAAEARd2J\/AAABfwAAAQA1xQMFdLSchLSBAAACAAIAAAAAA3d3dwJ4dANjb20AAAEAASJBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBPwAAAAA\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8+Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz\/AQD0+Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/wEHAQjs8PT4\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/P8BDwETARcBGNzg5Ojs8PT4\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz\/AR8BIwEnASsBLwEzATcBOLzAxMjM0NTY3ODk6Ozw9Pj8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/Pz8\/wE\/AUMBRwFLAU8BUwFXAVsBXwFjAWcBawFvAXMBdwF4fICEiIyQlJicoKSorLC0uLzAxMjM0NTY3ODk6Ozw9PsBfwGDAYcBiwGPAZMBlwGbAZ8BowGnAasBrwGzAbcBuwG\/AcMBxwHLAc8B0wHXAdsB3wHjAecB6wHvAfMB9wH4AAQABwAwAAQABAAAAAAAEQkJCQsAMAAUAAQAAAAAATANBQUE\/MDAwMDEwMDAyMDAxMTAwMTIwMDIxMDAyMjAxMDEwMjAxMTEwMTEyMDEyMTAxMjIwMjAyMTEwMjEyMDIyMTAyBQAAAAAAwP8="} 00500{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6,"source":"malformed_dns.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":6,"flow_first_seen":1591551760342,"flow_last_seen":1591551765368,"flow_min_l4_payload_len":28,"flow_max_l4_payload_len":1388,"flow_tot_l4_payload_len":5608,"flow_avg_l4_payload_len":934,"midstream":0,"l3_proto":"ip4","src_ip":"127.0.0.1","dst_ip":"127.0.0.1","src_port":50435,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00132{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":6,"source":"malformed_dns.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 6/6 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 5656 bytes +~~ total detected protocols..: 1 +~~ total active/idle flows...: 1/1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4820257 bytes +~~ total memory freed........: 4820257 bytes +~~ total allocations/frees...: 58364/58364 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/malformed_icmp.pcap.out b/test/results/malformed_icmp.pcap.out index 06124b0ed..b7d7ad21b 100644 --- a/test/results/malformed_icmp.pcap.out +++ b/test/results/malformed_icmp.pcap.out @@ -4,3 +4,14 @@ 00531{"flow_event_id":5,"flow_event_name":"detected","thread_id":0,"packet_id":1,"source":"malformed_icmp.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":1,"flow_first_seen":1593066612951,"flow_last_seen":0,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":0,"flow_tot_l4_payload_len":0,"flow_avg_l4_payload_len":0,"midstream":0,"l3_proto":"ip4","src_ip":"218.152.179.213","dst_ip":"218.152.179.54","l4_proto":"icmp","ndpi": {"flow_risk": {"17":"Malformed packet"},"proto":"ICMP","breed":"Acceptable","category":"Network"}} 00461{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1,"source":"malformed_icmp.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":1,"flow_first_seen":1593066612951,"flow_last_seen":0,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":0,"flow_tot_l4_payload_len":0,"flow_avg_l4_payload_len":0,"midstream":0,"l3_proto":"ip4","src_ip":"218.152.179.213","dst_ip":"218.152.179.54","l4_proto":"icmp","flow_datalink":1,"flow_max_packets":15} 00133{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":1,"source":"malformed_icmp.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 1/1 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 8 bytes +~~ total detected protocols..: 1 +~~ total active/idle flows...: 1/1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4820112 bytes +~~ total memory freed........: 4820112 bytes +~~ total allocations/frees...: 58359/58359 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/malware.pcap.out b/test/results/malware.pcap.out index 764cc6ec6..4ec2345e7 100644 --- a/test/results/malware.pcap.out +++ b/test/results/malware.pcap.out @@ -39,3 +39,14 @@ 00501{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":26,"source":"malware.pcap","alias":"nDPId-test","flow_id":5,"flow_packet_id":20,"flow_first_seen":1569579416636,"flow_last_seen":1569579417280,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":1460,"flow_tot_l4_payload_len":6018,"flow_avg_l4_payload_len":300,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.7.7","dst_ip":"67.215.92.210","src_port":35236,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00499{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":26,"source":"malware.pcap","alias":"nDPId-test","flow_id":4,"flow_packet_id":2,"flow_first_seen":1569579408876,"flow_last_seen":1569579409087,"flow_min_l4_payload_len":44,"flow_max_l4_payload_len":329,"flow_tot_l4_payload_len":373,"flow_avg_l4_payload_len":186,"midstream":1,"l3_proto":"ip4","src_ip":"192.168.7.7","dst_ip":"67.215.92.210","src_port":48394,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00127{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":26,"source":"malware.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 26/26 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 7099 bytes +~~ total detected protocols..: 4 +~~ total active/idle flows...: 5/5 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4872650 bytes +~~ total memory freed........: 4872650 bytes +~~ total allocations/frees...: 58457/58457 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/memcached.cap.out b/test/results/memcached.cap.out index 46518ba69..235d83ec2 100644 --- a/test/results/memcached.cap.out +++ b/test/results/memcached.cap.out @@ -13,3 +13,14 @@ 00426{"flow_id":1,"flow_packet_id":10,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":10,"source":"memcached.cap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1534343745,"pkt_ts_usec":954749,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"pkt":"AAAAAAAAAAAAAAAACABFAAA0pUNAAEAGl35\/AAABfwAAAejUK8sskd7ZyyaAgIAQAWb+KAAAAQEICikge+4pIHvu"} 00498{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":10,"source":"memcached.cap","alias":"nDPId-test","flow_id":1,"flow_packet_id":10,"flow_first_seen":1534343745954,"flow_last_seen":1534343745954,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":1028,"flow_tot_l4_payload_len":1035,"flow_avg_l4_payload_len":103,"midstream":0,"l3_proto":"ip4","src_ip":"127.0.0.1","dst_ip":"127.0.0.1","src_port":59604,"dst_port":11211,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00128{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":10,"source":"memcached.cap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 10/10 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 1371 bytes +~~ total detected protocols..: 1 +~~ total active/idle flows...: 1/1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4822421 bytes +~~ total memory freed........: 4822421 bytes +~~ total allocations/frees...: 58369/58369 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/modbus.pcap.out b/test/results/modbus.pcap.out index 1489bde3f..113a484cf 100644 --- a/test/results/modbus.pcap.out +++ b/test/results/modbus.pcap.out @@ -18,3 +18,14 @@ 00425{"flow_id":1,"flow_packet_id":15,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":15,"source":"modbus.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1223541956,"pkt_ts_usec":933457,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"pkt":"ABzAX0kKAArkxYMKCABFAAA0jAhAAIAGEF3AqG6DwKhuiggaAfZB0usa4RU7G1AY\/Hn\/1wAAANgAAAAGAQMAAAAB"} 00506{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":102,"source":"modbus.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":102,"flow_first_seen":1223541953927,"flow_last_seen":1223541977037,"flow_min_l4_payload_len":11,"flow_max_l4_payload_len":12,"flow_tot_l4_payload_len":1173,"flow_avg_l4_payload_len":11,"midstream":1,"l3_proto":"ip4","src_ip":"192.168.110.131","dst_ip":"192.168.110.138","src_port":2074,"dst_port":502,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00127{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":102,"source":"modbus.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 102/102 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 3213 bytes +~~ total detected protocols..: 1 +~~ total active/idle flows...: 1/1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4823041 bytes +~~ total memory freed........: 4823041 bytes +~~ total allocations/frees...: 58460/58460 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/monero.pcap.out b/test/results/monero.pcap.out index fa9881d94..fbb2ab908 100644 --- a/test/results/monero.pcap.out +++ b/test/results/monero.pcap.out @@ -36,3 +36,14 @@ 00507{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":319,"source":"monero.pcap","alias":"nDPId-test","flow_id":2,"flow_packet_id":47,"flow_first_seen":1514196196437,"flow_last_seen":1514197261597,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":1444,"flow_tot_l4_payload_len":7711,"flow_avg_l4_payload_len":164,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.2.148","dst_ip":"116.211.167.195","src_port":53846,"dst_port":3333,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00508{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":319,"source":"monero.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":272,"flow_first_seen":1514196188350,"flow_last_seen":1514197279769,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":1448,"flow_tot_l4_payload_len":138379,"flow_avg_l4_payload_len":508,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.2.148","dst_ip":"94.23.199.191","src_port":46838,"dst_port":3333,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00127{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":319,"source":"monero.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 319/319 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 155806 bytes +~~ total detected protocols..: 2 +~~ total active/idle flows...: 2/2 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4844790 bytes +~~ total memory freed........: 4844790 bytes +~~ total allocations/frees...: 58684/58684 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/mongodb.pcap.out b/test/results/mongodb.pcap.out index 04496e3f7..f2eeb31ed 100644 --- a/test/results/mongodb.pcap.out +++ b/test/results/mongodb.pcap.out @@ -54,3 +54,14 @@ 00498{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":27,"source":"mongodb.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1483814916,"pkt_ts_usec":108514,"pkt_caplen":143,"pkt_type":33024,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":143,"pkt_l4_len":0,"pkt":"LGv11hfFABsXAAIwgQABLAgARQAAfYoRQAA\/BvKWCgoKEgoKChP8NnUwNO8EZBGWgSuAGBAgykwAAAEBCAoeHKgCUsc3tEkAAACHkQAA\/\/\/\/\/9QHAAAAAAAASW5hY3RpdmVVc2VySWRlbnRpdHkuJGNtZAAAAAAAAQAAABMAAAAQZ2V0bm9uY2UAAQAAAAA="} 00149{"basic_event_id":5,"basic_event_name":"Unknown packet type","thread_id":0,"packet_id":27,"source":"mongodb.pcap","alias":"nDPId-test","type":33024} 00127{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":27,"source":"mongodb.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 27/0 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 0 bytes +~~ total detected protocols..: 0 +~~ total active/idle flows...: 0/0 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4816931 bytes +~~ total memory freed........: 4816931 bytes +~~ total allocations/frees...: 58355/58355 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/mpeg.pcap.out b/test/results/mpeg.pcap.out index aa0706adf..c7e7de987 100644 --- a/test/results/mpeg.pcap.out +++ b/test/results/mpeg.pcap.out @@ -19,3 +19,14 @@ 01235{"flow_id":1,"flow_packet_id":15,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":15,"source":"mpeg.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1434379491,"pkt_ts_usec":161458,"pkt_caplen":665,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":665,"pkt_l4_len":631,"pkt":"PBXCt3IOyGyHABajCABFAAKLobdAADIGx5AuZZ13wKhQoABQ2fyPIlwFT+vGvYAYAHY9pgAAAQEICgC7m+4VKIZNQSlxWCwU16Cy6pgGmFF2UpCoOqaxROb\/84jEMUn8QdgB2MAAQDNNj0WmX9nE0jCg1oW6XOMYC+UXazArSkxoOZUxKXtZdVuwJAYxJ0vUkMkUsZxr8pf2Xd1TWplcpd0tq2zSVivzEnelaPJeGH0EqKMOJfJ1MbMTThFAckaYAloVczkNQ9Gn1ZyzmHajtNaXcy6DEvkinWgFdrLaR2n9jMMv7LaBgSEpAM4rpKBKDMSi0RYasWHpl2Xdh2zWhp\/rM1Gpda3SxmM5VaWl5qtTWsdZVsu1YzGbVWlpbP1qamx1lll3dWly\/eOOP5ZY\/\/\/rLLL8ssvx5+X\/+OP5U1NytTZfjz9Y\/rLLLcpjNrdLS2cf\/94444\/WppVS4kxBTUUzLjgyqqqqqqqqqqqqqqqqqqqqqqqqqqr\/84jEAAAAA0gAAAAATEFNRTMuODKqqqqqqqqqqqqqqqpMQU1FMy44Mqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqo="} 00501{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":19,"source":"mpeg.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":19,"flow_first_seen":1434379491040,"flow_last_seen":1434379491221,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":1436,"flow_tot_l4_payload_len":9363,"flow_avg_l4_payload_len":492,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.80.160","dst_ip":"46.101.157.119","src_port":55804,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00124{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":19,"source":"mpeg.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 19/19 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 9991 bytes +~~ total detected protocols..: 1 +~~ total active/idle flows...: 1/1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4820692 bytes +~~ total memory freed........: 4820692 bytes +~~ total allocations/frees...: 58380/58380 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/mpegts.pcap.out b/test/results/mpegts.pcap.out index 3aec0c5b1..87be09ef1 100644 --- a/test/results/mpegts.pcap.out +++ b/test/results/mpegts.pcap.out @@ -2,3 +2,14 @@ 02637{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":1,"source":"mpegts.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1435209297,"pkt_ts_usec":954335,"pkt_caplen":1362,"pkt_type":33024,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":1362,"pkt_l4_len":0,"pkt":"AQBeSMkXrPHfGMSBgQANHwgARQAFQAAAQAAHEaScCgEQMObIyRefIQTSBSxl6UcBARcAD7wd249nI5BqMCydEQCD1YeFyAwoYGMeHIwcYCWAHEkET\/taR\/5YANOTSagKaodBkABeSU4ooP2cAgISCfI7GswCLhYGUDAuoQXALotIDoDAaSxnQetyw1wSf\/AKkMmAETWkokF4lgj\/+lAZSgnOA6QAiGVAYA8goTB50WWTRpqMHIxOOJ8\/G9fR\/gRwAyKEkesyBkAB8oyaCwrrgKE0mAZ74p+4IoA5RfCyWS8HBk6egclHP3xARwEBGEEXVAcUcasfHBwWuxBEA0AR3\/itnAslgP4YRyyuCUAHIGOdlcBl0VAUgAPrJ4fANDAD4iy\/w8TBHHBQGqzAH4UZAHtGCiNQgPA1JISSwngX6AHm4Jf\/mKVIQhIaSD8CMAMGBoJf\/aEdACJNQ4OIkGi0bLH9Meczk8i+AAAAAQ4ShEUQIiWUxLGqxZhYCkaHcmBJHgFBLPZRvGhAjlBpCLwBHUOLiXyWkJ41IhP4BH1T\/uSXFhIJn\/tHAQEZ0kepcDEADUYFzAA1cjMHnioWBMyEDwGRt7NwM5CBuOLJQCnAKi98MAR7oiygHZNJiEoKSG4lmBgaTAxKQSf+iYWQguoQIAGwERxFmI3UAusNyXAUqSlbJ5X4WGOUAQUpObs+A8kBs4JQAaEE6oSWAdQMP\/9ghf9DiGSh5LAYDApaSdFFANnYrBjoHYtBPLLKRUBQDgP0DT\/\/ORgDyJQaGBg0vAKAK8BxyZ0AZ4JIBBDDOFjeKiGBUEcBARooBUCpMQWTeQxgYA46QHYBoSgCIhAOgHYCcAhDKgLuTwFgEYGcAGAZAG8AmQkA1JqS0AOwG5KwBKBQAa\/Alf+AOvwSQA\/sLgKAB+GoBCAGJrko0b0gVRwSf9QHYDoNQCQAIMqMFwDWAfgQnBg\/\/mSg85hwCgAiQkoDIXkxWGAeSTGBGAFG4YCT\/6WQ+AQpqEegNiL\/GrDRqRZackiI5OrlAZ43r4E0jenh7oKAIKjCCsBbeNw5Yo42RwEBGwAfQcAcRNBC\/5Z3JpRQI\/\/QCAlBZTk2chBKACsMQM4Iv\/Q0sAiADYCqACG5YMNXMdDDQLDOOlKiWGYBLwLsCN\/1yL7bI7FfbAAoJBHItxAyYj9CFdLCexAmGGF7vB7MBLz9L5WGDsERwDwKSQJIfcYImKe4c7uIjWFSGKP7CWSAC2zwgfUBhAEzwVP\/g6IJ5OIEAD+DAC0NAQgh\/9kMhk0B1uxSAKllJDAEQYAZFAUAQgk\/+DYh9IBHH\/8Q\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/0cf\/xD\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/"} 00147{"basic_event_id":5,"basic_event_name":"Unknown packet type","thread_id":0,"packet_id":1,"source":"mpegts.pcap","alias":"nDPId-test","type":33024} 00125{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":1,"source":"mpegts.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 1/0 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 0 bytes +~~ total detected protocols..: 0 +~~ total active/idle flows...: 0/0 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4816931 bytes +~~ total memory freed........: 4816931 bytes +~~ total allocations/frees...: 58355/58355 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/mssql_tds.pcap.out b/test/results/mssql_tds.pcap.out index c20dc728d..5cc18cf9d 100644 --- a/test/results/mssql_tds.pcap.out +++ b/test/results/mssql_tds.pcap.out @@ -72,3 +72,14 @@ 00489{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":38,"source":"mssql_tds.pcap","alias":"nDPId-test","flow_id":9,"flow_packet_id":1,"flow_first_seen":1278068444584,"flow_last_seen":0,"flow_min_l4_payload_len":218,"flow_max_l4_payload_len":218,"flow_tot_l4_payload_len":218,"flow_avg_l4_payload_len":218,"midstream":1,"l3_proto":"ip4","src_ip":"10.111.111.111","dst_ip":"10.0.0.1","src_port":9999,"dst_port":1433,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00491{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":38,"source":"mssql_tds.pcap","alias":"nDPId-test","flow_id":12,"flow_packet_id":1,"flow_first_seen":1278068444666,"flow_last_seen":0,"flow_min_l4_payload_len":320,"flow_max_l4_payload_len":320,"flow_tot_l4_payload_len":320,"flow_avg_l4_payload_len":320,"midstream":1,"l3_proto":"ip4","src_ip":"10.111.111.111","dst_ip":"10.0.0.1","src_port":33333,"dst_port":1433,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00129{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":38,"source":"mssql_tds.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 38/38 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 14950 bytes +~~ total detected protocols..: 11 +~~ total active/idle flows...: 12/12 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4894690 bytes +~~ total memory freed........: 4894690 bytes +~~ total allocations/frees...: 58436/58436 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/mysql-8.pcap.out b/test/results/mysql-8.pcap.out index 06247bc9c..c635db4c2 100644 --- a/test/results/mysql-8.pcap.out +++ b/test/results/mysql-8.pcap.out @@ -7,3 +7,14 @@ 00527{"flow_event_id":5,"flow_event_name":"detected","thread_id":0,"packet_id":4,"source":"mysql-8.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":4,"flow_first_seen":946708780103,"flow_last_seen":946708780104,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":87,"flow_tot_l4_payload_len":87,"flow_avg_l4_payload_len":21,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.1.105","dst_ip":"10.42.18.198","src_port":8738,"dst_port":3306,"l4_proto":"tcp","ndpi": {"proto":"MySQL","breed":"Acceptable","category":"Database"}} 00494{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":4,"source":"mysql-8.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":4,"flow_first_seen":946708780103,"flow_last_seen":946708780104,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":87,"flow_tot_l4_payload_len":87,"flow_avg_l4_payload_len":21,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.1.105","dst_ip":"10.42.18.198","src_port":8738,"dst_port":3306,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00126{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":4,"source":"mysql-8.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 4/4 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 231 bytes +~~ total detected protocols..: 1 +~~ total active/idle flows...: 1/1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4820199 bytes +~~ total memory freed........: 4820199 bytes +~~ total allocations/frees...: 58362/58362 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/nats.pcap.out b/test/results/nats.pcap.out index 6e8f0a2a9..92a1fd92e 100644 --- a/test/results/nats.pcap.out +++ b/test/results/nats.pcap.out @@ -54,3 +54,14 @@ 00367{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":27,"source":"nats.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1586288042,"pkt_ts_usec":776134,"pkt_caplen":56,"pkt_type":0,"pkt_l3_offset":0,"pkt_l4_offset":0,"pkt_len":56,"pkt_l4_len":0,"pkt":"AgAAAEUAADQAAEAAQAYAAH8AAAF\/AAABEH7WJfixMVfQ63fXgBAx0v4oAAABAQgKNpSm4zaUpuM="} 00174{"basic_event_id":1,"basic_event_name":"Unknown datalink layer packet","thread_id":0,"packet_id":27,"source":"nats.pcap","alias":"nDPId-test","datalink":0,"header":33554432} 00124{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":27,"source":"nats.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 27/0 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 0 bytes +~~ total detected protocols..: 0 +~~ total active/idle flows...: 0/0 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4816931 bytes +~~ total memory freed........: 4816931 bytes +~~ total allocations/frees...: 58355/58355 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/nest_log_sink.pcap.out b/test/results/nest_log_sink.pcap.out index 3980c8d16..f1289f616 100644 --- a/test/results/nest_log_sink.pcap.out +++ b/test/results/nest_log_sink.pcap.out @@ -271,3 +271,14 @@ 00507{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":892,"source":"nest_log_sink.pcap","alias":"nDPId-test","flow_id":14,"flow_packet_id":2,"flow_first_seen":1536718202959,"flow_last_seen":1536718202959,"flow_min_l4_payload_len":40,"flow_max_l4_payload_len":56,"flow_tot_l4_payload_len":96,"flow_avg_l4_payload_len":48,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.242.15","dst_ip":"192.168.242.1","src_port":52849,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00514{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1000,"source":"nest_log_sink.pcap","alias":"nDPId-test","flow_id":16,"flow_packet_id":96,"flow_first_seen":1536718206572,"flow_last_seen":1536719715232,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":676,"flow_tot_l4_payload_len":3846,"flow_avg_l4_payload_len":40,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.242.15","dst_ip":"35.174.82.237","src_port":63352,"dst_port":11095,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00135{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":1000,"source":"nest_log_sink.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 1000/774 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 90776 bytes +~~ total detected protocols..: 16 +~~ total active/idle flows...: 17/17 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4919585 bytes +~~ total memory freed........: 4919585 bytes +~~ total allocations/frees...: 59193/59193 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/netbios.pcap.out b/test/results/netbios.pcap.out index cdb6d7d68..70ad68672 100644 --- a/test/results/netbios.pcap.out +++ b/test/results/netbios.pcap.out @@ -98,3 +98,14 @@ 00520{"flow_event_id":4,"flow_event_name":"guessed","thread_id":0,"packet_id":260,"source":"netbios.pcap","alias":"nDPId-test","flow_id":4,"flow_packet_id":2,"flow_first_seen":1447772216537,"flow_last_seen":1447772216537,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":1,"flow_tot_l4_payload_len":1,"flow_avg_l4_payload_len":0,"midstream":1,"l3_proto":"ip4","src_ip":"10.0.4.24","dst_ip":"10.0.4.131","src_port":139,"dst_port":1398,"l4_proto":"tcp","ndpi": {"proto":"NetBIOS","breed":"Acceptable","category":"System"}} 00488{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":260,"source":"netbios.pcap","alias":"nDPId-test","flow_id":4,"flow_packet_id":2,"flow_first_seen":1447772216537,"flow_last_seen":1447772216537,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":1,"flow_tot_l4_payload_len":1,"flow_avg_l4_payload_len":0,"midstream":1,"l3_proto":"ip4","src_ip":"10.0.4.24","dst_ip":"10.0.4.131","src_port":139,"dst_port":1398,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00128{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":260,"source":"netbios.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 260/260 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 15831 bytes +~~ total detected protocols..: 15 +~~ total active/idle flows...: 16/16 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4876951 bytes +~~ total memory freed........: 4876951 bytes +~~ total allocations/frees...: 58664/58664 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/netbios_wildcard_dns_query.pcap.out b/test/results/netbios_wildcard_dns_query.pcap.out index d8076266e..2d44c1bce 100644 --- a/test/results/netbios_wildcard_dns_query.pcap.out +++ b/test/results/netbios_wildcard_dns_query.pcap.out @@ -4,3 +4,14 @@ 00678{"flow_event_id":5,"flow_event_name":"detected","thread_id":0,"packet_id":1,"source":"netbios_wildcard_dns_query.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":1,"flow_first_seen":1597866040493,"flow_last_seen":0,"flow_min_l4_payload_len":50,"flow_max_l4_payload_len":50,"flow_tot_l4_payload_len":50,"flow_avg_l4_payload_len":50,"midstream":0,"l3_proto":"ip4","src_ip":"10.1.67.250","dst_ip":"10.1.66.20","src_port":41335,"dst_port":53,"l4_proto":"udp","ndpi": {"proto":"DNS","breed":"Acceptable","category":"Network"},"dns": {"query":"ckaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa","num_queries":0,"num_answers":0,"reply_code":0,"query_type":33,"rsp_type":0,"rsp_addr":"0.0.0.0"}} 00499{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1,"source":"netbios_wildcard_dns_query.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":1,"flow_first_seen":1597866040493,"flow_last_seen":0,"flow_min_l4_payload_len":50,"flow_max_l4_payload_len":50,"flow_tot_l4_payload_len":50,"flow_avg_l4_payload_len":50,"midstream":0,"l3_proto":"ip4","src_ip":"10.1.67.250","dst_ip":"10.1.66.20","src_port":41335,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00145{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":1,"source":"netbios_wildcard_dns_query.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 1/1 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 58 bytes +~~ total detected protocols..: 1 +~~ total active/idle flows...: 1/1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4820112 bytes +~~ total memory freed........: 4820112 bytes +~~ total allocations/frees...: 58359/58359 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/netflix.pcap.out b/test/results/netflix.pcap.out index 209a56fee..8f99a0710 100644 --- a/test/results/netflix.pcap.out +++ b/test/results/netflix.pcap.out @@ -975,3 +975,14 @@ 00504{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":6999,"source":"netflix.pcap","alias":"nDPId-test","flow_id":50,"flow_packet_id":45,"flow_first_seen":1484319064711,"flow_last_seen":1484319096924,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":1448,"flow_tot_l4_payload_len":24950,"flow_avg_l4_payload_len":554,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.1.7","dst_ip":"52.37.36.252","src_port":53203,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00500{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6999,"source":"netflix.pcap","alias":"nDPId-test","flow_id":49,"flow_packet_id":2,"flow_first_seen":1484319064683,"flow_last_seen":1484319064699,"flow_min_l4_payload_len":41,"flow_max_l4_payload_len":206,"flow_tot_l4_payload_len":247,"flow_avg_l4_payload_len":123,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.1.7","dst_ip":"192.168.1.1","src_port":60962,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00129{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":6999,"source":"netflix.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 6999/6999 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 5916793 bytes +~~ total detected protocols..: 60 +~~ total active/idle flows...: 62/62 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 5631848 bytes +~~ total memory freed........: 5631848 bytes +~~ total allocations/frees...: 65792/65792 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/netflow-fritz.pcap.out b/test/results/netflow-fritz.pcap.out index c82165b47..cc8cde59b 100644 --- a/test/results/netflow-fritz.pcap.out +++ b/test/results/netflow-fritz.pcap.out @@ -4,3 +4,14 @@ 00527{"flow_event_id":5,"flow_event_name":"detected","thread_id":0,"packet_id":1,"source":"netflow-fritz.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":1,"flow_first_seen":1498072707863,"flow_last_seen":0,"flow_min_l4_payload_len":180,"flow_max_l4_payload_len":180,"flow_tot_l4_payload_len":180,"flow_avg_l4_payload_len":180,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.0.1","dst_ip":"192.168.1.1","src_port":23384,"dst_port":2055,"l4_proto":"udp","ndpi": {"proto":"NetFlow","breed":"Acceptable","category":"Network"}} 00493{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1,"source":"netflow-fritz.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":1,"flow_first_seen":1498072707863,"flow_last_seen":0,"flow_min_l4_payload_len":180,"flow_max_l4_payload_len":180,"flow_tot_l4_payload_len":180,"flow_avg_l4_payload_len":180,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.0.1","dst_ip":"192.168.1.1","src_port":23384,"dst_port":2055,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00132{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":1,"source":"netflow-fritz.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 1/1 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 188 bytes +~~ total detected protocols..: 1 +~~ total active/idle flows...: 1/1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4820112 bytes +~~ total memory freed........: 4820112 bytes +~~ total allocations/frees...: 58359/58359 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/netflowv9.pcap.out b/test/results/netflowv9.pcap.out index fa3ae1acf..60562ebb5 100644 --- a/test/results/netflowv9.pcap.out +++ b/test/results/netflowv9.pcap.out @@ -13,3 +13,14 @@ 02251{"flow_id":1,"flow_packet_id":10,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":10,"source":"netflowv9.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1568213026,"pkt_ts_usec":962107,"pkt_caplen":1414,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1414,"pkt_l4_len":1380,"pkt":"ACWQ1Mz5rB9rrWosCABFAAV4LB9AAEARgqHAqAKGwKgC3r31CAkFZN5EAAkAECROCO5dZ6gMFm+mkQAAAAEBAwR0AAoEJE2RsyRNkbMAAAAAAAAAKAAAAAAAAAABBor2nvZcdiVS2B5mSgIAkwAAixYAADIQ2GfZGI\/ahHisFZ1CAAAAAAAAAAAAAAAAAAAAAAAAAAoEJE2CECRNghAAAAAAAAAAKAAAAAAAAAABBor2OXclMedoxbwTrgIAkwADMZMAADIQ2GfZGI\/ahHisFZ1CAAAAAAAAAAAAAAAAAAAAAAAAAAoEJE0kxiRNhT0AAAAAAAAAeAAAAAAAAAADBo0oJv55orZfIKsAFwIAkwAAEp4AADIQ2GfZGI\/ahHisFZ1CAAAAAAAAAAAAAAAAAAAAAAAAAAoEJE15tyRNebcAAAAAAAAAKAAAAAAAAAABBor2DuK5sBu2oskHfwIAkwADHowAADIQ2GfZGI\/ahHisFZ1CAAAAAAAAAAAAAAAAAAAAAAAAAAoEJE2PliRNj5YAAAAAAAAAKAAAAAAAAAABBoOfFgrZPRSt14MAFgIAkwADDMsAAzG32GfZGI\/ahHisFZ1CAAAAAAAgAAAAAAAAAAAAAAAAAAoEJE1q9CRNavQAAAAAAAAAKAAAAAAAAAABBoOfvGdcdiVS2B5piAIAkwAAixYAAzG32GfZGI\/ahHisFZ1CAAAAAAAAAAAAAAAAAAAAAAAAAAoEJE158iRNefIAAAAAAAAAKAAAAAAAAAABBo1UAydcd6AhqNceJQIAkwAAwWEAADIQ2GfZGI\/ahHisFZ1CAAAAAAAgAAAAAAAAAAAAAAAAAAoEJE1\/6SRNf+kAAAAAAAAAKAAAAAAAAAABBo0o31BQUkB\/4JoGfwIAkwADFrkAADIQ2GfZGI\/ahHisFZ1CAAAAAAAAAAAAAAAAAAAAAAAAAAoEJE2B1CRNgm8AAAAAAAAEPQAAAAAAAAAHBlCeFGiK9gJ+voIBuxoAkwAAMhAAAIUmhHisFZ1C2GfZGI\/aAAAAAAAAAAAAAAAAAAAAAAAAAAoEJE2B4yRNgksAAAAAAAAS1AAAAAAAAAAHBor2An5QnhRoAbu+ghoAkwAAhSYAADIQ2GfZGI\/ahHisFZ1CAAAAAAAAAAAAAAAAAAAAAAAAAAoEJE2OwyRNjsMAAAAAAAAAKAAAAAAAAAABBo1UqqB9QF7Tg04kWgIAkwAAlYsAADIQ2GfZGI\/ahHisFZ1CAAAAAAAAAAAAAAAAAAAAAAAAAAoEJE0FlCRNfq0AAAAAAAANngAAAAAAAAAWBg1riAmK9gJw5gwBuxsAkwAAMhAAAB+EhHisFZ1C2GfZGI\/aAAAAAAAAAAAAAAAAAAAAAAAAAAoEJE0FqSRNfqkAAAAAAAA3dAAAAAAAAAAWBor2AnANa4gJAbvmDBsAkwAAH4QAADIQ2GfZGI\/ahHisFZ1CAAAAAAAAAAAAAAAAAAAAAAAAAAoEJE149yRNePcAAAAAAAAAKAAAAAAAAAABBor01gdcdiVS2B5s7wIAkwAAixYAADIQ2GfZGI\/ahHisFZ1CAAAAAAAAAAAAAAAAAAAAAAAAAAoBBwDUAAoGJE13nyRNd94AAAAAAAAEDwAAAAAAAAAGBiABTKAAAPI\/qZ7QTVkjzpUqABRQQAwMBwAAAAAAAAC8rw4UbBsAbAAAMhAAADtBhHisFZ1C2GfZGI\/aAAAAAAAAAAAAAAAAAAAAAAAACgYkTXevJE138gAAAAAAAAIDAAAAAAAAAAUGKgAUUEAMDAcAAAAAAAAAvCABTKAAAPI\/qZ7QTVkjzpUUbK8OGgBsAAA7QQAAMhDYZ9kYj9qEeKwVnUIAAAAAAAAAAAAAAAAAAAAAAA=="} 00512{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":10,"source":"netflowv9.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":10,"flow_first_seen":1568213026961,"flow_last_seen":1568213026962,"flow_min_l4_payload_len":1320,"flow_max_l4_payload_len":1376,"flow_tot_l4_payload_len":13468,"flow_avg_l4_payload_len":1346,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.2.134","dst_ip":"192.168.2.222","src_port":48629,"dst_port":2057,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00129{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":10,"source":"netflowv9.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 10/10 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 13548 bytes +~~ total detected protocols..: 1 +~~ total active/idle flows...: 1/1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4820373 bytes +~~ total memory freed........: 4820373 bytes +~~ total allocations/frees...: 58368/58368 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/nintendo.pcap.out b/test/results/nintendo.pcap.out index 24b405d9a..0c0857271 100644 --- a/test/results/nintendo.pcap.out +++ b/test/results/nintendo.pcap.out @@ -270,3 +270,14 @@ 00468{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1000,"source":"nintendo.pcap","alias":"nDPId-test","flow_id":21,"flow_packet_id":9,"flow_first_seen":1500731343274,"flow_last_seen":1500731343874,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":0,"flow_tot_l4_payload_len":0,"flow_avg_l4_payload_len":0,"midstream":0,"l3_proto":"ip4","src_ip":"151.6.184.98","dst_ip":"192.168.12.114","l4_proto":"icmp","flow_datalink":1,"flow_max_packets":15} 00470{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1000,"source":"nintendo.pcap","alias":"nDPId-test","flow_id":18,"flow_packet_id":21,"flow_first_seen":1500731342860,"flow_last_seen":1500731343591,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":0,"flow_tot_l4_payload_len":0,"flow_avg_l4_payload_len":0,"midstream":0,"l3_proto":"ip4","src_ip":"151.6.184.100","dst_ip":"192.168.12.114","l4_proto":"icmp","flow_datalink":1,"flow_max_packets":15} 00130{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":1000,"source":"nintendo.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 1000/996 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 299289 bytes +~~ total detected protocols..: 14 +~~ total active/idle flows...: 21/21 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4923847 bytes +~~ total memory freed........: 4923847 bytes +~~ total allocations/frees...: 59427/59427 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/no_sni.pcap.out b/test/results/no_sni.pcap.out index 844f063b3..4d19a34ab 100644 --- a/test/results/no_sni.pcap.out +++ b/test/results/no_sni.pcap.out @@ -143,3 +143,14 @@ 00505{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1185,"source":"no_sni.pcap","alias":"nDPId-test","flow_id":4,"flow_packet_id":23,"flow_first_seen":1604822447227,"flow_last_seen":1604822447785,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":1460,"flow_tot_l4_payload_len":4696,"flow_avg_l4_payload_len":204,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.1.119","dst_ip":"104.17.198.37","src_port":51635,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00505{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1185,"source":"no_sni.pcap","alias":"nDPId-test","flow_id":5,"flow_packet_id":23,"flow_first_seen":1604822447249,"flow_last_seen":1604822447807,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":1460,"flow_tot_l4_payload_len":4696,"flow_avg_l4_payload_len":204,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.1.119","dst_ip":"104.17.198.37","src_port":51636,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00128{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":1185,"source":"no_sni.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 1185/1185 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 553330 bytes +~~ total detected protocols..: 7 +~~ total active/idle flows...: 8/8 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4908480 bytes +~~ total memory freed........: 4908480 bytes +~~ total allocations/frees...: 59595/59595 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/ocs.pcap.out b/test/results/ocs.pcap.out index 725f6e86f..b8c2d8b5b 100644 --- a/test/results/ocs.pcap.out +++ b/test/results/ocs.pcap.out @@ -1892,3 +1892,14 @@ 00378{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":946,"source":"ocs.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1449652846,"pkt_ts_usec":380718,"pkt_caplen":64,"pkt_type":0,"pkt_l3_offset":0,"pkt_l4_offset":0,"pkt_len":64,"pkt_l4_len":0,"pkt":"RQAAQD9rQABABgLXwKi0ArL40NKmXgBQrzComDk0Q6ywEAgki50AAAEBCAoANZnyGkFqZAEBBQo5NE6EOTRZXA=="} 00143{"basic_event_id":5,"basic_event_name":"Unknown packet type","thread_id":0,"packet_id":946,"source":"ocs.pcap","alias":"nDPId-test","type":12} 00124{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":946,"source":"ocs.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 946/0 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 0 bytes +~~ total detected protocols..: 0 +~~ total active/idle flows...: 0/0 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4816931 bytes +~~ total memory freed........: 4816931 bytes +~~ total allocations/frees...: 58355/58355 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/ookla.pcap.out b/test/results/ookla.pcap.out index 912e237a2..eba0007a1 100644 --- a/test/results/ookla.pcap.out +++ b/test/results/ookla.pcap.out @@ -36,3 +36,14 @@ 00507{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":5086,"source":"ookla.pcap","alias":"nDPId-test","flow_id":2,"flow_packet_id":5066,"flow_first_seen":1491069115107,"flow_last_seen":1491069155251,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":1440,"flow_tot_l4_payload_len":4346133,"flow_avg_l4_payload_len":857,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.1.7","dst_ip":"46.44.253.187","src_port":51215,"dst_port":8080,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00499{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":5086,"source":"ookla.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":20,"flow_first_seen":1491069108756,"flow_last_seen":1491069114084,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":457,"flow_tot_l4_payload_len":2980,"flow_avg_l4_payload_len":149,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.1.7","dst_ip":"46.44.253.187","src_port":51207,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00127{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":5086,"source":"ookla.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 5086/5086 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 4516821 bytes +~~ total detected protocols..: 2 +~~ total active/idle flows...: 2/2 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4981001 bytes +~~ total memory freed........: 4981001 bytes +~~ total allocations/frees...: 63451/63451 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/openvpn.pcap.out b/test/results/openvpn.pcap.out index 0f1c206dd..793deebd4 100644 --- a/test/results/openvpn.pcap.out +++ b/test/results/openvpn.pcap.out @@ -54,3 +54,14 @@ 00591{"flow_id":3,"flow_packet_id":15,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":193,"source":"openvpn.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1472334892,"pkt_ts_usec":875376,"pkt_caplen":184,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":184,"pkt_l4_len":150,"pkt":"MFLLbJwbmAyC0zx8CABFAACqgqFAADERuCKLO5eJwKgrEjVwNXAAloHZIDWQheTdAi5EGn+8Hpjn1EX+kGpde81XFbgwab0AAAAHV8IMLQAAAAAFXs16Z1Oqb5\/NXvcN\/JPmFRsB9Qn433GGYzVrij\/603Hf3x8+jZjnDWISqi+KCm7yOhv+vC+HduaYS8lkNp0MRD+iOTf9JQGGMbbarVk+UP2lQsnNAgMBAAGjIDAeMAkGA1UdEw=="} 00511{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":298,"source":"openvpn.pcap","alias":"nDPId-test","flow_id":3,"flow_packet_id":120,"flow_first_seen":1472334890224,"flow_last_seen":1472334909465,"flow_min_l4_payload_len":42,"flow_max_l4_payload_len":1245,"flow_tot_l4_payload_len":23132,"flow_avg_l4_payload_len":192,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.43.18","dst_ip":"139.59.151.137","src_port":13680,"dst_port":13680,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00128{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":298,"source":"openvpn.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 298/298 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 46979 bytes +~~ total detected protocols..: 3 +~~ total active/idle flows...: 3/3 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4837077 bytes +~~ total memory freed........: 4837077 bytes +~~ total allocations/frees...: 58663/58663 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/os_detected.pcapng.out b/test/results/os_detected.pcapng.out index 4c9fe782d..e883f485d 100644 --- a/test/results/os_detected.pcapng.out +++ b/test/results/os_detected.pcapng.out @@ -4,3 +4,14 @@ 00827{"flow_event_id":5,"flow_event_name":"detected","thread_id":0,"packet_id":1,"source":"os_detected.pcapng","alias":"nDPId-test","flow_id":1,"flow_packet_id":1,"flow_first_seen":1611427514609,"flow_last_seen":0,"flow_min_l4_payload_len":1252,"flow_max_l4_payload_len":1252,"flow_tot_l4_payload_len":1252,"flow_avg_l4_payload_len":1252,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"8.8.8.8","src_port":39821,"dst_port":443,"l4_proto":"udp","ndpi": {"flow_risk": {"24":"SNI TLS extension was missing"},"proto":"QUIC.Google","breed":"Tracker\/Ads","category":"Web"},"quic": {"user_agent":"Mozilla\/5.0 (Windows NT 5.2; U; CPU OS 3_2 like Mac OS X; en-us) AppleWebKit\/531.21.10 (KHTML, like Gecko)","version":"TLSv1.3","alpn":"h3-29","ja3":"9addef84847d700f759746b237c405c8","tls_supported_versions":"TLSv1.3"}} 00494{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1,"source":"os_detected.pcapng","alias":"nDPId-test","flow_id":1,"flow_packet_id":1,"flow_first_seen":1611427514609,"flow_last_seen":0,"flow_min_l4_payload_len":1252,"flow_max_l4_payload_len":1252,"flow_tot_l4_payload_len":1252,"flow_avg_l4_payload_len":1252,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"8.8.8.8","src_port":39821,"dst_port":443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00132{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":1,"source":"os_detected.pcapng","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 1/1 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 1260 bytes +~~ total detected protocols..: 1 +~~ total active/idle flows...: 1/1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4825641 bytes +~~ total memory freed........: 4825641 bytes +~~ total allocations/frees...: 58372/58372 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/pinterest.pcap.out b/test/results/pinterest.pcap.out index 1d7aab7a7..0fb4a4e3f 100644 --- a/test/results/pinterest.pcap.out +++ b/test/results/pinterest.pcap.out @@ -489,3 +489,14 @@ 00550{"flow_event_id":4,"flow_event_name":"guessed","thread_id":0,"packet_id":17657,"source":"pinterest.pcap","alias":"nDPId-test","flow_id":29,"flow_packet_id":2,"flow_first_seen":1605289722442,"flow_last_seen":1605289722621,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":0,"flow_tot_l4_payload_len":0,"flow_avg_l4_payload_len":0,"midstream":1,"l3_proto":"ip6","src_ip":"2a01:cb01:2049:8b07:991d:ec85:28df:f629","dst_ip":"2600:1901::7a0b::","src_port":46918,"dst_port":443,"l4_proto":"tcp","ndpi": {"proto":"TLS","breed":"Safe","category":"Web"}} 00531{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":17657,"source":"pinterest.pcap","alias":"nDPId-test","flow_id":29,"flow_packet_id":2,"flow_first_seen":1605289722442,"flow_last_seen":1605289722621,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":0,"flow_tot_l4_payload_len":0,"flow_avg_l4_payload_len":0,"midstream":1,"l3_proto":"ip6","src_ip":"2a01:cb01:2049:8b07:991d:ec85:28df:f629","dst_ip":"2600:1901::7a0b::","src_port":46918,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00132{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":17657,"source":"pinterest.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 17657/17657 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 27055447 bytes +~~ total detected protocols..: 20 +~~ total active/idle flows...: 37/37 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 6475436 bytes +~~ total memory freed........: 6475436 bytes +~~ total allocations/frees...: 77334/77334 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/pps.pcap.out b/test/results/pps.pcap.out index 9042cd559..27519abc5 100644 --- a/test/results/pps.pcap.out +++ b/test/results/pps.pcap.out @@ -743,3 +743,14 @@ 00513{"flow_event_id":7,"flow_event_name":"not-detected","thread_id":0,"packet_id":2557,"source":"pps.pcap","alias":"nDPId-test","flow_id":15,"flow_packet_id":2,"flow_first_seen":1467353136833,"flow_last_seen":1467353136834,"flow_min_l4_payload_len":24,"flow_max_l4_payload_len":24,"flow_tot_l4_payload_len":48,"flow_avg_l4_payload_len":24,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.115.8","dst_ip":"36.237.154.69","src_port":22793,"dst_port":4316,"l4_proto":"udp","ndpi": {"proto":"Unknown","breed":"Unrated"}} 00499{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2557,"source":"pps.pcap","alias":"nDPId-test","flow_id":15,"flow_packet_id":2,"flow_first_seen":1467353136833,"flow_last_seen":1467353136834,"flow_min_l4_payload_len":24,"flow_max_l4_payload_len":24,"flow_tot_l4_payload_len":48,"flow_avg_l4_payload_len":24,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.115.8","dst_ip":"36.237.154.69","src_port":22793,"dst_port":4316,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00125{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":2557,"source":"pps.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 2557/2557 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 2159666 bytes +~~ total detected protocols..: 75 +~~ total active/idle flows...: 110/110 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 5257113 bytes +~~ total memory freed........: 5257113 bytes +~~ total allocations/frees...: 61362/61362 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/ps_vue.pcap.out b/test/results/ps_vue.pcap.out index 0cfc69806..19219f1e3 100644 --- a/test/results/ps_vue.pcap.out +++ b/test/results/ps_vue.pcap.out @@ -56,3 +56,14 @@ 00519{"flow_event_id":4,"flow_event_name":"guessed","thread_id":0,"packet_id":1740,"source":"ps_vue.pcap","alias":"nDPId-test","flow_id":2,"flow_packet_id":3,"flow_first_seen":1568831055576,"flow_last_seen":1568831063575,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":31,"flow_tot_l4_payload_len":31,"flow_avg_l4_payload_len":10,"midstream":1,"l3_proto":"ip4","src_ip":"209.102.209.13","dst_ip":"192.168.1.132","src_port":443,"dst_port":65112,"l4_proto":"tcp","ndpi": {"proto":"TLS","breed":"Safe","category":"Web"}} 00499{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":1740,"source":"ps_vue.pcap","alias":"nDPId-test","flow_id":2,"flow_packet_id":3,"flow_first_seen":1568831055576,"flow_last_seen":1568831063575,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":31,"flow_tot_l4_payload_len":31,"flow_avg_l4_payload_len":10,"midstream":1,"l3_proto":"ip4","src_ip":"209.102.209.13","dst_ip":"192.168.1.132","src_port":443,"dst_port":65112,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00128{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":1740,"source":"ps_vue.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 1740/1740 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 2141790 bytes +~~ total detected protocols..: 1 +~~ total active/idle flows...: 8/8 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 6386220 bytes +~~ total memory freed........: 6386220 bytes +~~ total allocations/frees...: 60175/60175 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/quic-23.pcap.out b/test/results/quic-23.pcap.out index 661ef8d2a..2acf65204 100644 --- a/test/results/quic-23.pcap.out +++ b/test/results/quic-23.pcap.out @@ -18,3 +18,14 @@ 00468{"flow_id":1,"flow_packet_id":15,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":15,"source":"quic-23.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1568282515,"pkt_ts_usec":729605,"pkt_caplen":94,"pkt_type":34525,"pkt_l3_offset":14,"pkt_l4_offset":54,"pkt_len":94,"pkt_l4_len":40,"pkt":"nJcmWLFfnLbQWTW8ht1gDdl5ACgRQC5Kd00m\/X+beFstG0+KY8c7zJmR+rq64c0q4v2zvsWrxKMBuwAoDs1PRXPGBLrjR7TqLABTK+TsP5wNYWccDpmpF\/I4\/Gqybg=="} 00557{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":20,"source":"quic-23.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":20,"flow_first_seen":1568282515655,"flow_last_seen":1568282515762,"flow_min_l4_payload_len":30,"flow_max_l4_payload_len":1280,"flow_tot_l4_payload_len":5951,"flow_avg_l4_payload_len":297,"midstream":0,"l3_proto":"ip6","src_ip":"2e4a:774d:26fd:7f9b:785b:2d1b:4f8a:63c7","dst_ip":"3bcc:9991:faba:bae1:cd2a:e2fd:b3be:c5ab","src_port":50339,"dst_port":443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00127{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":20,"source":"quic-23.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 20/20 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 6111 bytes +~~ total detected protocols..: 1 +~~ total active/idle flows...: 1/1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4826113 bytes +~~ total memory freed........: 4826113 bytes +~~ total allocations/frees...: 58390/58390 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/quic-24.pcap.out b/test/results/quic-24.pcap.out index 56fbd3df9..e131064ab 100644 --- a/test/results/quic-24.pcap.out +++ b/test/results/quic-24.pcap.out @@ -18,3 +18,14 @@ 00449{"flow_id":1,"flow_packet_id":15,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":15,"source":"quic-24.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1574209163,"pkt_ts_usec":81103,"pkt_caplen":82,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":82,"pkt_l4_len":48,"pkt":"ClnTQ78Jzivom94WCABFAABE3IZAAEARSg4KCQABCgkAAqHcAbsAMBRWReCYz+cZz4V1CzMLBns\/aZp\/25sTROHCqKYw+n6Ol0QxqpRmDt2U2w=="} 00495{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":15,"source":"quic-24.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":15,"flow_first_seen":1574209133040,"flow_last_seen":1574209163081,"flow_min_l4_payload_len":39,"flow_max_l4_payload_len":1252,"flow_tot_l4_payload_len":7370,"flow_avg_l4_payload_len":491,"midstream":0,"l3_proto":"ip4","src_ip":"10.9.0.1","dst_ip":"10.9.0.2","src_port":41436,"dst_port":443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00127{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":15,"source":"quic-24.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 15/15 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 7490 bytes +~~ total detected protocols..: 1 +~~ total active/idle flows...: 1/1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4825940 bytes +~~ total memory freed........: 4825940 bytes +~~ total allocations/frees...: 58385/58385 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/quic-27.pcap.out b/test/results/quic-27.pcap.out index 9a3c804f3..d6cbbe034 100644 --- a/test/results/quic-27.pcap.out +++ b/test/results/quic-27.pcap.out @@ -18,3 +18,14 @@ 02221{"flow_id":1,"flow_packet_id":15,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":15,"source":"quic-27.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1592388084,"pkt_ts_usec":237837,"pkt_caplen":1388,"pkt_type":34525,"pkt_l3_offset":14,"pkt_l4_offset":54,"pkt_len":1388,"pkt_l4_len":1334,"pkt":"AAAAAAAAAAgA1Oceht1gDrouBTYRPz70IZT0pjUDQM0HFABXxOQvPWTRnVlUmwAAAAAAACAO+uUBuwU2Dg1ae6d1Co879Va2ZZM8syPbsXCspbQN41glVHJVHAlKR4QayFu+64ooEGBAvsbCn8jPDFYncNADtTPv3asuZvQwLMtyR+hCJX\/nHLi6fraIVO8AAG0gdKiCM2xwF4t4DtsgF3WvC+kxionBGo0UshXoxep08Js3Xnpp8rhTL9O63UTuXknIs5TJ4VmNG4WOKJ2nNbb7DSGnE23WI02O3mt\/zI2zGLQrRa2u7\/Cf7QSnMawLIvFuubdQtbFVr3ZbH3\/VJxC0Uo8fqS+f+nUycibOzF03uqAjpE0+7jsdzR\/s0FaLYiEqzhPTVOdTvZHW0+uDaIi0L1XXiaL44H4ftqvR4ZkLqYs87tX8cGlVVb44oxQGUy2+qH1dY8LMiupdzpMCIQZkN96FbuXnJImigQaWL18KPPCU26rDz8x0z\/QbCxvNVh785gzW3sWZg4Vhd6Ys4g0QRB6WHqpU7D4Lim7aA0lRkVbs9Tm3smCV78GqlLKcuv\/LATc0CwL58E3puILDQn5COR9CbSxiT6hDKeHU7oySJ28SV3RUNIhwcYvJcj\/hz3w1rtiiTnVFkM1vzFQv5QLWZXZtFXK4OG0eXndCUFGc3Z5bqHStx28ewBEXbON+8U8loy9G7zZXXzMDdGp5F5wTsARLAKIGIVRNYoIyaozwMB6PpgXEHoKypd2e3UZZl6NBgCs9vUWAuVv6agH6u2dqIJKzgZUVv3C5jLPcm\/49skYrQBOVnTF\/VAgGfscx0aef5fvSGQMV1q5VlZZID8NZtA3EIMn3Ze5dGghaPfpEk58u7A9qXqLQaQxDJX9z2RgHP1YVvdITOwLj\/zBchuC92Tlw\/YkgxjjzjLZQc2Vb9NrOCJPVqJD2JRLptVYJWP43tlAKWxgZLoupXKKJ5e31jI6rVcRPLRu7kj4HC21B+hmVQbgVgZwKrYS91C9moo6ZCgV0Eg5bt8IT+Kqdnr8OoLz\/iPp+geQ2g\/Br1S3Ur1BFTff+VF4okLnpVbHwTyUlKI\/L7kauYykEC5xx5slsr1gD09C\/jI6ZmnMUV9DOwoM8Y7PEyV4K5MbJgbrkVv8i57qPHfcPVmzWgzfYXVsVEbAAcUEky4K\/eVzQ4efxFhzShdWM3hmvFmUJLmNczh431lTzD81m96N1fbOuSlQ45OT1Qyk1I25rqvAG0ookjSvHOKLBnG2+FaNx184FvguqIG0X0YSHOAVWVSRfK5emxBc1AHXiWutXhJ9PIMqqzmGDGUSqdh4m75bkEcKFVwTfjCPwVdcLx+P0uy6AVdZpTXt2Letk+D9MCCIYxfL\/84U7LhHZrEEG\/1LVU3Mn5KKTnOxYOE23i1CzJmAYiJF29J7OpQmaoG2\/tm8DJSYjxOgO0sjt19ggtozhkEHpounRlS7uU5\/\/nitU0qwp+gR5N1cRHHs06M3yRIAb49528nfAjgI8RNOPf6q2ATBVhV9LlPFxzhXRBUdqjesUgw5lGCzrXxP+1G\/yIQ9ZBV6RfRq+diwUk4ouIlXMEOPQDuifMm\/xmzt+u8bTYff8H79e1dD8cvE7ze6FNOtt67qe4+xNsln5jTrtIwas8Tm9H4uljGH3m0owyWvlAetbIFEq8NJyojv0Dj4R16WWUkAz\/O3h6C8rNIx99Zh3unIrOKEFfXOkDOrq6TLHbLznRoVlozOhvcdcwQ93IOtqHykPxljYVIhhzEfwh41fV3jbRQaRL5Rd7lKAIMYGpCdCw\/XhLSaACgfZHeiU+VHVxLMMtJ1aPGsKMZdeO7w="} 00541{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":20,"source":"quic-27.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":20,"flow_first_seen":1592388075915,"flow_last_seen":1592388084373,"flow_min_l4_payload_len":25,"flow_max_l4_payload_len":1330,"flow_tot_l4_payload_len":11647,"flow_avg_l4_payload_len":582,"midstream":0,"l3_proto":"ip6","src_ip":"3ef4:2194:f4a6:3503:40cd:714:57:c4e4","dst_ip":"2f3d:64d1:9d59:549b::200e","src_port":64229,"dst_port":443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00127{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":20,"source":"quic-27.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 20/20 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 11807 bytes +~~ total detected protocols..: 1 +~~ total active/idle flows...: 1/1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4826216 bytes +~~ total memory freed........: 4826216 bytes +~~ total allocations/frees...: 58391/58391 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/quic-28.pcap.out b/test/results/quic-28.pcap.out index 95014e966..b23f358da 100644 --- a/test/results/quic-28.pcap.out +++ b/test/results/quic-28.pcap.out @@ -18,3 +18,14 @@ 00492{"flow_id":1,"flow_packet_id":15,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":15,"source":"quic-28.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1591267474,"pkt_ts_usec":892309,"pkt_caplen":112,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":112,"pkt_l4_len":78,"pkt":"bmImQfCg7jdRvai\/CABFAABi8ZpAADkR0dtoGgvwCgkAAgG76soATqcp7\/8AABsUQMS6Zy9FF9Xn7IIP1UsQeHX9qMwU0rPlqKVxohC0BrmDOppdYLs59TAWLgmItzxBSvZiKyQnISBjChlAVjqW7Q=="} 00504{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":253,"source":"quic-28.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":253,"flow_first_seen":1591267474847,"flow_last_seen":1591267477602,"flow_min_l4_payload_len":42,"flow_max_l4_payload_len":1200,"flow_tot_l4_payload_len":236167,"flow_avg_l4_payload_len":933,"midstream":0,"l3_proto":"ip4","src_ip":"10.9.0.2","dst_ip":"104.26.11.240","src_port":60106,"dst_port":443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00128{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":253,"source":"quic-28.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 253/253 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 238191 bytes +~~ total detected protocols..: 1 +~~ total active/idle flows...: 1/1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4832796 bytes +~~ total memory freed........: 4832796 bytes +~~ total allocations/frees...: 58623/58623 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/quic-29.pcap.out b/test/results/quic-29.pcap.out index 757e94eff..490c3d79c 100644 --- a/test/results/quic-29.pcap.out +++ b/test/results/quic-29.pcap.out @@ -18,3 +18,14 @@ 00451{"flow_id":1,"flow_packet_id":15,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":15,"source":"quic-29.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1592171671,"pkt_ts_usec":699048,"pkt_caplen":84,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":84,"pkt_l4_len":50,"pkt":"bmImQfCg7jdRvai\/CABFAABG8aVAAEARNO0KCQABCgkAAo7sAbsAMhRYRLjoRKWduhtWqcE2Jm\/Mgr2pfyylxXskvsjmut\/j6WYYiwt6b+RVGzFH"} 00495{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":15,"source":"quic-29.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":15,"flow_first_seen":1592171671664,"flow_last_seen":1592171671699,"flow_min_l4_payload_len":39,"flow_max_l4_payload_len":1252,"flow_tot_l4_payload_len":8756,"flow_avg_l4_payload_len":583,"midstream":0,"l3_proto":"ip4","src_ip":"10.9.0.1","dst_ip":"10.9.0.2","src_port":36588,"dst_port":443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00127{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":15,"source":"quic-29.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 15/15 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 8876 bytes +~~ total detected protocols..: 1 +~~ total active/idle flows...: 1/1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4825940 bytes +~~ total memory freed........: 4825940 bytes +~~ total allocations/frees...: 58385/58385 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/quic-33.pcapng.out b/test/results/quic-33.pcapng.out index bc4428ca3..ae731a149 100644 --- a/test/results/quic-33.pcapng.out +++ b/test/results/quic-33.pcapng.out @@ -18,3 +18,14 @@ 00499{"flow_id":1,"flow_packet_id":15,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":15,"source":"quic-33.pcapng","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1607938456,"pkt_ts_usec":569159,"pkt_caplen":117,"pkt_type":34525,"pkt_l3_offset":14,"pkt_l4_offset":54,"pkt_len":117,"pkt_l4_len":63,"pkt":"AAAAAAAAAAAAAAAAht1gLBAvAD8RQAAAAAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAABEVvI5gA\/AFIRowe9l5MR3aF28MLH\/69bW3jeVbEpPKzZTDZSAWWOpkR3naiJgy2c4GBD8Ud7hIzlSuhZTuEf"} 00494{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":992,"source":"quic-33.pcapng","alias":"nDPId-test","flow_id":1,"flow_packet_id":992,"flow_first_seen":1607938456563,"flow_last_seen":1607938456578,"flow_min_l4_payload_len":31,"flow_max_l4_payload_len":1440,"flow_tot_l4_payload_len":1279218,"flow_avg_l4_payload_len":1289,"midstream":0,"l3_proto":"ip6","src_ip":"::1","dst_ip":"::1","src_port":51430,"dst_port":4443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00130{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":992,"source":"quic-33.pcapng","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 992/992 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 1287154 bytes +~~ total detected protocols..: 1 +~~ total active/idle flows...: 1/1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4854343 bytes +~~ total memory freed........: 4854343 bytes +~~ total allocations/frees...: 59362/59362 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/quic-mvfst-22.pcap.out b/test/results/quic-mvfst-22.pcap.out index 5df9f4850..c80827f28 100644 --- a/test/results/quic-mvfst-22.pcap.out +++ b/test/results/quic-mvfst-22.pcap.out @@ -18,3 +18,14 @@ 00435{"flow_id":1,"flow_packet_id":15,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":15,"source":"quic-mvfst-22.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":26,"pkt_ts_usec":865094,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"pkt":"UlQAEjUCCAAnANMtCABFAAA8AABAAEARuY0KAAIPHw1WCIsRAbsAKPiYQ0hjA85S+SrV7ZXz\/rdFh3Bql8c0WhU1o790KTEFQHs="} 00493{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":490,"source":"quic-mvfst-22.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":490,"flow_first_seen":24710,"flow_last_seen":139922,"flow_min_l4_payload_len":24,"flow_max_l4_payload_len":1252,"flow_tot_l4_payload_len":267723,"flow_avg_l4_payload_len":546,"midstream":0,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"31.13.86.8","src_port":35601,"dst_port":443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00134{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":490,"source":"quic-mvfst-22.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 490/490 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 271643 bytes +~~ total detected protocols..: 1 +~~ total active/idle flows...: 1/1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4839721 bytes +~~ total memory freed........: 4839721 bytes +~~ total allocations/frees...: 58860/58860 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/quic-mvfst-22_decryption_error.pcap.out b/test/results/quic-mvfst-22_decryption_error.pcap.out index 73391b301..e4757ee99 100644 --- a/test/results/quic-mvfst-22_decryption_error.pcap.out +++ b/test/results/quic-mvfst-22_decryption_error.pcap.out @@ -706,3 +706,14 @@ 02054{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":353,"source":"quic-mvfst-22_decryption_error.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1593498297,"pkt_ts_usec":36000,"pkt_caplen":1280,"pkt_type":0,"pkt_l3_offset":0,"pkt_l4_offset":0,"pkt_len":1280,"pkt_l4_len":0,"pkt":"RQAFAAACQABZEalpXmHhkgrmKKgBu\/L0BOxzEVh\/\/F+FsvgskZSJEq72gHo10TdgNOHV3qtvLr34ysT4\/BQu08NXy68awukgm428CY+3uFIa\/SsYHOQWYv\/6hMCX46sHEfK3FsGd9B4aOMTDZmbct0Hi6B5hFbC0RysqpiuCGv72ybkRYMTkkmBSpKkaxMd628mXMhcYd517jH\/CS6rxLyjH721TKnNGFMFZJpKZW05u1pmo9F74UGjuzXEO89ZOXqanGwo8ZLmQTCj85x1E1RZX9aigKv5BEr63ws6yLhHIXtPDYscZDNmE2ULVjoz3kzJuZzMzTW64HxXlwsMaX6uzVAwAX\/DVkW2gqZT9R4oqnG1iUCq0cb0MR6letAQ\/fU12ToEri5STxN\/eLewgY07DxQqjTUjGstGtGCNM\/FfDTgRtPzwTJZih3hD1CfW1YEkB9tXv3wCFGUyLRPlE7MbrU8qTOcUAn41czqUHKXgJpSWqjRlqdsmuAgafgOGhqdjw1Dm38vteZONnaZ0QujAZ7ZN3UoLVU\/0h2yR1MEUH\/ATH25T5lgD9ffI\/fHDa86FcEH0enSe06V9t2jUIcvqLGVwSzjxtjTGJjrQ5mZ9ZuX\/RsW9eLUa5XcOl6q9p1sCAM956+nfVkS7tt1A7eldJbVXEI+ZcnDnBu\/HfhQghjRReyowO0uY88d1b6J5BW747Za2CrWV3An3xcrcgJ3r7Eegcow70EpRrR+5W8ayOPOR2SGTCLovooCpYeUYQ6T838f5KeN4CcXxx7FVrW0hCqLV+HJCGz2o\/AeBkwyRwIR35fIDm64HoUOpCMEB3l7n2WMd9lZS2DQtlFlThLuIymsnTAeZZCutQ7DJyF72B2wkJ9WAmyRaM7Nq+x0zpTQHmxR9xaamH9bBNq6ua2oCT5qfTkzoaG+IHmszzghAt5peXz7eqEaFqSW9OSi6Rt7nXeWpRnZS0xwrMxUtgUDclrW\/KBEJo0yZx1nkaOYHw9iwtzDJs2GBWmR94yQl7wvUuGIY6KjXTfn457StRyrcmSAcZVTUGxz7jG3KLfU2hiD2i+hGp67x8HUPue8RVimCp3M+CVhljP3AEXbJYiKYJq17hw\/NXXqU+vH3l4Ac+JioVTo5Q3+FwrWO7xRdRizXH89EUM4LwVRIVqhBY5DmxiNvI\/yxCgFw19mN2hP7yR4ixoyVHHevKc24iODyxhVIi2laJWFJ5DG5knu8grskOXH1flWjfxJBK\/\/3jC1BdMicLllb+efDa9SzMy\/3dPDg61ZXUXioRNvGC9lAdQLPrOxjvJhrN1U4tovGRi4vfa\/M+cLnYZdFxrakeiE5p5Ge8ewqhhgDnypGVxiKqOhWMtyl1pD7cCSKY+KDEUtztnzSKJJP5e5q2vmnfhsLtwxqp4YcMsGrDdwcy+whkFVB73zRViDcA8nfxNKx3ksom\/BzlnliiQ1AdXWXCf1pFpesZUDEc3UwYuqXdIonQnRDiCYrlhZ4tAO39+6nh8o7UbXxKCT7JVAC8TwzVqp8T9mo3m+mofsKgSIEYSKy38vRMDGMM9v4WJ+IK5iuL78dmEipzGMd1w89fuz3c5cxVfZRr1V7++wg3gzWDHZREzG0PMXkvJzh3OJ9rs93FmzU64537zWQLvOws8sCivE3d4H+qISlUIyJMOC5xzhRlbFKhIzWtB8ba5COlFqmJ\/NM="} 00170{"basic_event_id":5,"basic_event_name":"Unknown packet type","thread_id":0,"packet_id":353,"source":"quic-mvfst-22_decryption_error.pcap","alias":"nDPId-test","type":12} 00151{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":353,"source":"quic-mvfst-22_decryption_error.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 353/0 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 0 bytes +~~ total detected protocols..: 0 +~~ total active/idle flows...: 0/0 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4816931 bytes +~~ total memory freed........: 4816931 bytes +~~ total allocations/frees...: 58355/58355 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/quic-mvfst-27.pcapng.out b/test/results/quic-mvfst-27.pcapng.out index 31f2f1a1b..90a0aa395 100644 --- a/test/results/quic-mvfst-27.pcapng.out +++ b/test/results/quic-mvfst-27.pcapng.out @@ -18,3 +18,14 @@ 01870{"flow_id":1,"flow_packet_id":15,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":15,"source":"quic-mvfst-27.pcapng","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":50,"pkt_ts_usec":309237,"pkt_caplen":1133,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1133,"pkt_l4_len":1047,"pkt":"UlQAEjUCCAAnANMtCABFAAQrAABAAEAR6vgKAAIPRav6D4x1AbsEF2uFUWUZSqSBwJ2mMcfPOUKudx8IIdHFM+KYJWQvGFhfEc+0DxpgsTk44tZtXhYT2vNYWnzuIL1izcfXlPisguidPmO2DqtN7xgWikzAgQY8F03zNKDzWAGNqzF+LwWD+XTBieSsyeSBANPhvyxGVuE04HB+E00Q7ceTw8dR+xfDxfHvwU9UmfDZocpLYx377vu\/M6kJ\/X8XH5pcrTmMfFBo6MSZ7Bc7jrGDWNg3je6LONHE93LfSwNV1LIiMYJJybwFgfl4G8+uIwH4zKgX4UzCKwFaitESJ3\/P0woXSIe4VhcvPOZCqKbd5EXS7ylCxgNR0CAaLPbHtRyowOgRxiJeeoHGEq5zwK9u5Ee0sARBdMz4uFPT3KAMyOerg36WU1qYHYfP9k6jgIXTaEDFLgtpmuh3GDDch3UKt8xAuikoUDhknxmxc6aUubsklPpCltOmm9Woi9N7qceDtuzlf0WZpEYZC5QliXkSyp70lnKWjAuMPEDhtundmLlompnxrMRidleKKdTtuo1l5nX\/ECbozZoAv4MuQCX9YWYSMjv0u0uUT1c6uvEu0d51yOL+s9AV8pKlvk3MLKn0WgC2YLCcjG9WYhSMJ58b+84ZaBBUZ3Og5qPYcRKEdHAAa0N3rFC78EoJApuBItaIZj1OUUcwcBvGTJ752ruh2TWzG4VnIM1vofvYSAkxeeeIf+Ua5J6Ak2MKIA79HqfkvUrxlhcca7VEuSVvoTOWM5i\/I8cMfw6y2avOBJdbCtWDM7pY60Rwt5B5GdifarEN4OcqipbPZLDax0HccOkJJaC2pgFYW5brOiYImYlxggdctEaB1k0DPifMZQ+zGgB7Cb0H\/zZsPJkegDkB+kVN1iB1n6nJBAEUjI3qTLmAy68krMF61lsL0LwNoBtIJnEklxridi3Hae6kz2w0pbSJMDpPqGcAMCgz9XgWU\/lbULK1TU5ov+2bFyy+yI+Cf9B7yUUfDLkMOgEVwdra9DpaNhRAK8y7ctoft25rY7LGurcOG4hJgLAWwg0TenWVvjqlWP8G4JwMRLUK6GmeXsem6rYz8wAml+y77EXDfzohoNACzJoBo5k\/NxeSRif9VK9vJmx8uvrFfptb\/TY2HPHPvXYBhKLbdDnKaGfbOL6KeOo0pQhT3NUo5NasuPbGn9valN\/JkvdIRb1qZdXPZDXvNJNCgdwe+CjjA9ks9mo1Oq5oROlL4NzopfnJ6UzUYHRuFegfbmZnG81daq+iJEfAicFte2S4AB3XHpsAdypFr\/7g3vbSHXA1dE3\/ZmxinbKy9yb2dR2\/YwaQL2ZeNv4j3ghJeBU6mtAUufHJX\/pK3RTdcW\/lPWIACQf4z6pCDcEKG0ol83FYIOJxgk3y9h66neuY3f\/zIBloCSQB2gHaBGQDAQAAAAAAAAAAAAAAFgABAAIAIQHaAAAAAAAAAAAAAAAAAAAAADw7OGY="} 00493{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":20,"source":"quic-mvfst-27.pcapng","alias":"nDPId-test","flow_id":1,"flow_packet_id":20,"flow_first_seen":41432,"flow_last_seen":50392,"flow_min_l4_payload_len":21,"flow_max_l4_payload_len":1252,"flow_tot_l4_payload_len":9519,"flow_avg_l4_payload_len":475,"midstream":0,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"69.171.250.15","src_port":35957,"dst_port":443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00135{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":20,"source":"quic-mvfst-27.pcapng","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 20/20 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 9679 bytes +~~ total detected protocols..: 1 +~~ total active/idle flows...: 1/1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4826084 bytes +~~ total memory freed........: 4826084 bytes +~~ total allocations/frees...: 58390/58390 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/quic-mvfst-exp.pcap.out b/test/results/quic-mvfst-exp.pcap.out index 4601c2081..e10ae9e23 100644 --- a/test/results/quic-mvfst-exp.pcap.out +++ b/test/results/quic-mvfst-exp.pcap.out @@ -18,3 +18,14 @@ 00873{"flow_id":1,"flow_packet_id":15,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":15,"source":"quic-mvfst-exp.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1600365863,"pkt_ts_usec":769593,"pkt_caplen":387,"pkt_type":34525,"pkt_l3_offset":14,"pkt_l4_offset":54,"pkt_len":387,"pkt_l4_len":333,"pkt":"AAAAAAAAAAoAaIxPht1gAAAAAU0ROz9l7On+cW4q+s6wDAAANY4qrM331QZ4B5CSB1+pY\/SrAbvg8wFNFVJOFV85r8TQp35z5Bmda\/4gy7xWTjcVk2PcyPeU7PEmDCCTibj8O5j2MvMx2t3Zehez\/Q3Fwkabqn9Gng6dHvuSrFzjTxmqbSrnm7HGyMZr14EARqqO3OBgQ9D7x6Cd8yQGx8hKBp36sWTXi3SZe5uNWzEWfSikvV6swcWlrw6nwXAvPX0Qqt\/w\/tDUQOWHkhJSWnzd7P74FlBdSqel46D1qWYZCbGLGiFV5T+xKzKbeFSteb8rShQFzCUYMT4dAAlP3Qu+J+6zcctNPFU0NHL9g29CiqeomGbPIDP1Gb28EN6h31bpk3Fll3IccI66k\/NpcqQv+o5E9MaEPy88n8cbnHVu0H4esytSKdg+tfpPJckbnlS\/DK\/erDDhRMsmLxBIKilQS\/lNJ2qyfsfNQviVS0sIFl\/F9Yyet8+l9Rf5Iah4Jd09"} 00560{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":30,"source":"quic-mvfst-exp.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":30,"flow_first_seen":1600365863681,"flow_last_seen":1600365863839,"flow_min_l4_payload_len":31,"flow_max_l4_payload_len":1232,"flow_tot_l4_payload_len":24449,"flow_avg_l4_payload_len":814,"midstream":0,"l3_proto":"ip6","src_ip":"2aac:cdf7:d506:7807:9092:75f:a963:f4ab","dst_ip":"3f65:ece9:fe71:6e2a:face:b00c::358e","src_port":57587,"dst_port":443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00134{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":30,"source":"quic-mvfst-exp.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 30/30 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 24689 bytes +~~ total detected protocols..: 1 +~~ total active/idle flows...: 1/1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4826374 bytes +~~ total memory freed........: 4826374 bytes +~~ total allocations/frees...: 58400/58400 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/quic.pcap.out b/test/results/quic.pcap.out index 5e3ed32ef..331eced31 100644 --- a/test/results/quic.pcap.out +++ b/test/results/quic.pcap.out @@ -96,3 +96,14 @@ 01956{"flow_id":10,"flow_packet_id":15,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":464,"source":"quic.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1463075953,"pkt_ts_usec":428518,"pkt_caplen":1188,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1188,"pkt_l4_len":1154,"pkt":"ABlmWmaM6HTmLPTkCABFAASWG1YAADQR+eLYOtLOwKgBbQG7iaQEgrfkAAnf4DCMrsUbO\/ngChm3BUxvj6ihF711mBPSXPVFdDhpSOtcrbvY1KsY0f4vCqIi1MXzoSbEcl8CFyGdECH08WWlYgy6GmXJ+IpdKgMRIunQ0WNk82BxUlyvqQQzyafpjH4+5Y814Kb4YgqBF\/zJ7AWokLdMqZd2sh5fS4lv7RgAT+IwyMSp23pRzGxvNPTD\/VBqoMIIcR0xsXYQ7cIRDkEghEXLz\/miWktIBLJB+76uq2WcJL1iRBTB7BrhW3xzrub2U\/qksP\/rNCTPyoRaGvkcD6kS+cZjUHuSBrbBFfY\/kFvtiyzOt+1dUS2H5WvK\/e9cdd4hZTdVW8z0+NuWpQ650nDVcLNHwpcvT8Y7kFGRH1aJWlNwYnCjjhjFGL4WJ0nGves2K55q9L1NWMo60zkIPt2gSkDN7ic5vrsZJo2pbLNjLoHl26mIrU9iwWWlSyPBJw0zLkVPJRtg6rCHPZRO8DI39uhPGktSe6PgYTZq3cvhG3I+WHymsGbmr3SWPKy2nJ5Icb5lItEcNjwBHM8VuWWpEFkLmCY1DSf0YTyNPXH0ray\/Zb9BueH0uIEmJpW9lIgxkUn8Fne\/+5B8hXt+Fn3ULzd4BLoKH5WoQuZW4dB0BAizlUCv7XkBpKL1jJ\/Xa0ynkC0\/GM+6y6rPY\/N2RBKBls946wbH1MamdLsvuDy0J+CIMnAU1VbKQfcuzVTDU6PyCd5vjc6L39DK9LfYRwahFhdDInWWn6Z1liwAY0utnhWQfYKSQJW3tgH6I3sxruO6UxMDcvLVAywZuAtwP5usEfc9neWEWSGAS94nId1TSYp\/UnV2jfx6M+\/eMtUpc3UoXcMVDvYRCMagfHcjPYbOvaBXufrlERvzBra4C62\/8Z8sz6eWaljp7aAzDuKzSv31lgrX9j0JQF5yFUGWET+shJydWdq9Y9lg4eDmqzM1DwA7N9pEuyM\/BI9BypXeQmpVKTaerJ\/uedM64ldi40vJlWQi\/6fsYMZjeCnF7d2WXDVfBiu\/EtHx5p7cDiKTY6u3IcWJP+WvWIfbyrSDxy8ul9ZxbCK2KP2dJslbz5i10BRktzGiNojUoZji5U6mCs9XEQk6Veq09SpgVmPX1kSE+3SW8D\/uGNOm1fmyOP\/xKDgMBCTeFDgZZgVZV1oq\/p2X0qeAs+5fQFsMMtl6tY4Bt5P3ohcc0Oxg8FEqUHyM6zRnP15PIOpxxlN\/\/s4SZSt\/aMq\/IPg2lPmc9CpcJMS0L8LVIyaDXcScO1DvsyEALATmTDycfe2+tthjTeQnxlEsN5sjob5ccENZo1PjR6HhP2LlJJ2bD4T5tGRBb1rdnIqtT8v8ksY+Yc0uO63TLrkRWlws+y6ccPBHNJzsgcal11JK8nMhJeJlFRIt2rf3Hapg5hwia\/UuQUfF+4cWZc9DvUL3MSuO2Ox\/iCroKvXeyNPw3CVhgyihJPqrOqtB4BuzMAouyKKIjCC2KhyXI+JgP1S2E9CCp7Lj\/eDne2tDHDryZxZ1lwQJntiYx7Y32qZi\/GVd"} 00506{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":518,"source":"quic.pcap","alias":"nDPId-test","flow_id":10,"flow_packet_id":69,"flow_first_seen":1463075953299,"flow_last_seen":1463075954300,"flow_min_l4_payload_len":19,"flow_max_l4_payload_len":1350,"flow_tot_l4_payload_len":55535,"flow_avg_l4_payload_len":804,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.1.109","dst_ip":"216.58.210.206","src_port":35236,"dst_port":443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00125{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":518,"source":"quic.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 518/518 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 330954 bytes +~~ total detected protocols..: 9 +~~ total active/idle flows...: 10/10 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4863730 bytes +~~ total memory freed........: 4863730 bytes +~~ total allocations/frees...: 58911/58911 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/quic046.pcap.out b/test/results/quic046.pcap.out index 7007e9e2d..f9ad3cdda 100644 --- a/test/results/quic046.pcap.out +++ b/test/results/quic046.pcap.out @@ -18,3 +18,14 @@ 02223{"flow_id":1,"flow_packet_id":15,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":15,"source":"quic046.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1584456191,"pkt_ts_usec":963728,"pkt_caplen":1392,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1392,"pkt_l4_len":1358,"pkt":"AJqdnpsZILABHGh4CABFAAViAABAADgR1GXYOs5WwKgB7AG7xZsFThrOQARe3aLxBgB4IuP2cKS3ZFA39NpBP+15OEWf22Jpc8sHpTbJTKat717iP6h1RXfrq6jSurGYM6rZ7io\/\/Yx2k8FZDOmxqv7n60K76Dlk8Eovb+EHUwR9ornDEzEqFnI5ERPefTYFAQRy61YzgS9eu9G4a0tk92z7y\/MSWyIknfp9RdJRXDbNgwwQyJ+PVjEIfn5Sxcb8ukhNxzmsR9eMMNt+vjjnOVfCxTa9miq+KyK5+uhPp6KAdBkh97rk2dLJmMR3wpsn+vOgshKNwAIWHyCAKyhutl22MDVNmz52XXCtpv2TwpdlNmQQqptuzyivHEMGjKdxBszewCZStU0cNSKw5gv3NSuZxbbEa+SpY9pqRoeBiNCDYfftTxLUbCwKaT\/dV1ISgXzwjt\/tZua13Bad1q6A1AczQpDK8bNBAEzb0rCZq1LASrcH7KSx0lCxDahh4yLD\/WkK0Oo3N5bHbrF6wsHgOazbPhqijCCTmoFublIfQ2sy1cnuDvlrLageTlV0DOxX4VpqwLLO0Mwn\/4ZfONp1aFjEU\/aZv2E\/XsWQLitO+unHUuEN2QBoytB1VGJ+7JkqB0qwL0Znh4ui98Fvi7zhY7LhxwQVK39IqHRiymIc8RqRtVyZqiQ9tSnRuwfXndZXNjZLI7N7oFk742er0XT+cPAuYyoutcRCI9d6gUi97RbLn9JfOM5qseC9SL83ojZ3+Z3O+E8Jd9AXS8VTVpqbfjKISIeR5H24B4JrPuJpFW2y5KJJZn+EIfA1ciNjQ4FD3HFQjqUgNrRptJaCZBlZdUNffjcIkFMYY2NTp1pO1RsiTdHr+WjIo8yDB6KSysbGRZtWGamQ7\/lb80Jq64+GG\/EXMfLm40xLfwBppU0dy0FTMTLIBFxQm7kTz2CgeyH+C2LwbwDauaEOMZ5Zyu2a4b9jJGqhg+5OfoLYodmJLf46Iw8nVdUEjQdNCacNVTg4ViIt6\/MFiTaTSlmKig4\/jei21qGXUUBhjDQZuD8JD9OcR7IDdWQDKYK\/0Af71hhRw6IF8+NrtA3svD0x3G9NsOG\/Dpx3cmC0m0b0iXGJl9GssoxP6ytRRRl9yoXeGPc6CPZJW9fxHx1mA8KsC9QKIeyd8ggumO\/HvblXMnx6lyKsqeqSVZeDqKHLmvu\/fkJlPzoFp1oFmMydJb6g1jJ2zxHdfVHHf5hID1KxAGIVduds40luxpRtvL5vBNhCbmmtCIApNhUocMLbjSFl1mdAphYRVCzJPvkCcrPecC1RAludqvAINCoBoTq4piorsrSBbEQR10GJv2H4VKLIwhgK82gaQKjlIfT4r69kPHuVL639lG27WhOadqrqk0ZDQSSEWiqAGpb260jFS2ddY0oAkQKVU9na+RBb4cvBYNFJIjISsLi3YpF8r5c8gGC\/X5cZ8eAW4+fg\/VR2DrgiJorieJ5X3ZQnuXkxL2r+bImsG+gTbsIXHiH4tbrfRJTsbWsVW9Pt9YPWn+GDgEBxXoWaIUnbS1dCXqn3+Ibok7QqZwO4oBBCJZCTJzf4OeWN6hoFkAY7b8udICS2h2QPr81wCHodt\/ohnh0NOmSEpqdb5Uh8bZaGl3xpuj1fGVuLNhyyw7\/iU+N1mVtOflAgeXbMcsb39K9w2HTcPnp2U06Zvoxg187JQmElF1R5aqPhoQ8e\/xxFcfzvbF3llslbMPtHWAF+Ngakk\/3G9RQIfSkMHEmoGt6V\/OozmvD+un1fo3v6SPA8UQHGfBQkLKzCkvAs\/+fRosNUPK8AgFvNblLO6rBqsYglJXM56rKEcBdOXYXx"} 00508{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":100,"source":"quic046.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":100,"flow_first_seen":1584456191933,"flow_last_seen":1584456191986,"flow_min_l4_payload_len":20,"flow_max_l4_payload_len":1350,"flow_tot_l4_payload_len":87097,"flow_avg_l4_payload_len":870,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.1.236","dst_ip":"216.58.206.86","src_port":50587,"dst_port":443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00128{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":100,"source":"quic046.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 100/100 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 87897 bytes +~~ total detected protocols..: 1 +~~ total active/idle flows...: 1/1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4823031 bytes +~~ total memory freed........: 4823031 bytes +~~ total allocations/frees...: 58459/58459 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/quic_0RTT.pcap.out b/test/results/quic_0RTT.pcap.out index 5d504fb0e..fe83a8f2e 100644 --- a/test/results/quic_0RTT.pcap.out +++ b/test/results/quic_0RTT.pcap.out @@ -5,3 +5,14 @@ 02093{"flow_id":1,"flow_packet_id":2,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2,"source":"quic_0RTT.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1603888789,"pkt_ts_usec":792113,"pkt_caplen":1294,"pkt_type":34525,"pkt_l3_offset":14,"pkt_l4_offset":54,"pkt_len":1294,"pkt_l4_len":1240,"pkt":"AAAAAAAAAAAAAAAAht1gIEmLBNgRQAAAAAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAABEVvsKwTYBOuB\/wAAHAiw7LD1RGMN+wgWsFEjN2HZaQBAoeulPe6gJ\/sr\/GIbyJYc14UNgXtYbxk5qiSqETQY4WZpoAlQETVvk0wWYFOpUIdBARl1suh9iNp9EVeqqDCK8cOmjC1x9D6Kfk9hGxfOeT71tvhKd4oN+bdYPjbqVP0GFxeHN3IMs7Zr+fKeQyuFIUWnb5Z155Se3XdA\/gkvhnMx1ULX5WEKCC9gZx60DO5zH6utYTXgxvBd7Ru+OqadPKlFof8AABwIsOyw9URjDfsIFrBRIzdh2WlAxDmD+hjo+e1bU72YwbmAGOLxO5htQDsPNuVs6LSSsGz3SFw0RPm4E415JCnhx8Ge0QKEWADh5iBKGwMueF2ztpwDH7jsWxr3wB6t01oBA1kA7ZvkbHO543VSXW8URQBDqZoClPbnrQAcBZ+H69\/w3iitABvrJy3KVNkC9+NdHjbogcNpY\/5rLpRLS5HK\/H6JgUnP0BdrxIIF6HWRic\/Wf7gn1j0WoelZtuUrK3RpR66wFjn8EMNQiKG+ggDuldLKh\/U6tL0BsOyw9URjDfuFTTkGJh6F+XUUpTe3M82jojmegspYUKam1MxQec2Qkg\/alipH7KpbN4YAt16GjKA0vziYX61TA5r\/+c+B2T\/sfMV9v\/HKdLDeTVTmLVtM6L+LQWLFNxbF4yrEngXf\/VZT2XaqBGXuy2LCG0Ll9PjYDBtAtstKFFXX1\/Aq9PC+CdywR1PopMQdX5Z9pMSyZiyB5Lzg3cVGVQshXQFro5Kf54d6amO7D2XxOTcZnQiaAf\/TGRrLMf2QELrrUW5vGD6IdIKDtOHH0dTjyWhDTPJEfsacf7m9B9Xhce36eKCRqwlUUYp9cEORg9tAs+LNJkhiCPhfdI2kmtp2bekrtpez6Fafq\/eSu5bTHdTjUlYAqlsCVns0h2QvzRkddQkOUP7gAh5QNKxagIYkVNaIjoRzRpVUuqTaY5AYQbzrX47APe8VY1hIf5XFE6TPMKmMe2Q\/0CtWSycEDeCk28gGteNWfkas+cB+UI1rrRtWgkmad7zXpxmJvEVKx1EjCgwWfU89z+KDl6jD4P4IeVlDy+ynTr4HbYfYMZyTtc1RDHu8b7675WQKM\/HIrQq6E8CeXlwrV\/kN4X7y3aDTZ8UUUEk3f6P1Q8uLPJ2Yruxo4hJaXf2cw6q7EdHqcpvwl9wyP0SydRM5I5Xs9cDxcS9AAJl75598Onx7hfnsjzw2+Lk4PiuB9x8RRtBxDIfr1GIv04yL1ivxWfjBmvn9aCE1EDAtVLxBhg2AhlMxK5+fcZuD8gajCU3jBim0JQ1mEhqnrWZNbjfhTXGYll4oRXXUgYKlIV5s1CchSlcMgg5uu0+4Aj3J0p8FsizlxDbb6CHs\/xgqFSxARbNxD3LVLxEd+HIIdIWwvT1MTqPrwh0uOKGI3kFXzTPm+StyKn3RLAeyIgL4EkpQslwgXWxlUtDWXyicGhGk5giCxEYaSUkCR2ecvlHkQpbq28IGeTXJEr9czuuYuc6xx6JNXW8HuS7eYhN\/9rkNRrkW+Ih9+rtXr1O+2Dy7ZXSKTG4Wnmba1vr6ZEKbxvCvQURsWLQQxX5DHxb0xG+It92fZknkVToOutQ6p1RiqEpFpKmIm03EPunCuw=="} 00489{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2,"source":"quic_0RTT.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":2,"flow_first_seen":1603888789791,"flow_last_seen":1603888789792,"flow_min_l4_payload_len":1232,"flow_max_l4_payload_len":1232,"flow_tot_l4_payload_len":2464,"flow_avg_l4_payload_len":1232,"midstream":0,"l3_proto":"ip6","src_ip":"::1","dst_ip":"::1","src_port":60459,"dst_port":4443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00128{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":2,"source":"quic_0RTT.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 2/2 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 2480 bytes +~~ total detected protocols..: 1 +~~ total active/idle flows...: 1/1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4824887 bytes +~~ total memory freed........: 4824887 bytes +~~ total allocations/frees...: 58372/58372 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/quic_interop_V.pcapng.out b/test/results/quic_interop_V.pcapng.out index b2bfacc7e..4c7f82b64 100644 --- a/test/results/quic_interop_V.pcapng.out +++ b/test/results/quic_interop_V.pcapng.out @@ -477,3 +477,14 @@ 00516{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":246,"source":"quic_interop_V.pcapng","alias":"nDPId-test","flow_id":66,"flow_packet_id":4,"flow_first_seen":1603816434765,"flow_last_seen":1603816435194,"flow_min_l4_payload_len":19,"flow_max_l4_payload_len":1252,"flow_tot_l4_payload_len":2542,"flow_avg_l4_payload_len":635,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"140.227.52.92","src_port":57926,"dst_port":4434,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00515{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":246,"source":"quic_interop_V.pcapng","alias":"nDPId-test","flow_id":40,"flow_packet_id":2,"flow_first_seen":1603816434648,"flow_last_seen":1603816434782,"flow_min_l4_payload_len":35,"flow_max_l4_payload_len":1252,"flow_tot_l4_payload_len":1287,"flow_avg_l4_payload_len":643,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"18.189.84.245","src_port":34903,"dst_port":443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00137{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":246,"source":"quic_interop_V.pcapng","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 246/246 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 232840 bytes +~~ total detected protocols..: 77 +~~ total active/idle flows...: 77/77 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 5410401 bytes +~~ total memory freed........: 5410401 bytes +~~ total allocations/frees...: 59588/59588 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/quic_q39.pcap.out b/test/results/quic_q39.pcap.out index ee2316cbc..0ff5bfc79 100644 --- a/test/results/quic_q39.pcap.out +++ b/test/results/quic_q39.pcap.out @@ -18,3 +18,14 @@ 02233{"flow_id":1,"flow_packet_id":15,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":15,"source":"quic_q39.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1509099002,"pkt_ts_usec":669496,"pkt_caplen":1392,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1392,"pkt_l4_len":1358,"pkt":"AAAAPJ7rSEb7OSWDCABFAAVipzBAAD8RBjGq2BDRFZ2345bcAbsFTnGmDOca1dd1bE1NCEDGSCS6CpN1gn+hs3\/OBWtuqhvbB1BmM0CLGfGZXhrE1a0YMUWLncsB3JYlR0zQR58euNUaKo10\/scQGQnEFufSBkgnU2frk0WlzryDYm2sz+IorYl62WCRmKOufrjmnfRuxa+QmKZ5OSOn95peSYyEUegRkVwv5J8IRpZfBNlSpkW3GlKkUGpPzOvZQCQNU6ierzq8OyOsKYBXRYE8LTgbRzx5bvR0ElNCUGQHcerGgiqoibt8RR0OVvZ7XuQlXrh1LVMkCBleV3FI6CoRE3mvFkZD71LGK251GpID\/BzrZBprJLKWSkM4L\/MCUnhQ3dDueCThk8qkjpfnkm4t4oacIr1CcwiGfIVgFCWdiQpJYFqK5EtjXrCILEaJSYSlqirijr8Irw1pKxlb7KRyNi627qiQeMULDWWvkd7cNYL+RvcKDpuFItNgZ16cKJpOvy3B+w8YcNlTt3QbB4JaY4vtTD9ql0+oBKH5Cl2sQc1wtWaDwNo85WLijHkHfKn4kResl2rjWTzlPF9CsN6tMqaeeqKqbvEZAE0be4eblaB3RtHdiQ1IPhOnv71XkHArzB5ggHUzn4ZWQ5qKViJtNMgAvDcChWV5opIzw\/zFWMaaAHrrX80tyo0\/Cn1vwu9GKmBk1kOk0qxags\/Yby0BCWH3R6qxpjI2ePbaCAN\/CZ4mrcnjtd8\/8yEoOC1F\/NZQureeglyyr5WPZdl+I9+0icXcSSWIGbnMbCW2Gqnan\/PEF6yEFRbrIuK9rz+CKpCp3xWhcprXViDQXiPQTcVafXFF9iSjEaxr93GF3Tx77dmBjDyl+bkysejCHxgldhZJfVsQ9yXJZvHA\/vikr+dthXsOJISwApyvvOagJZNt4iwhFcTnr3sjxdBSc58qHCffPSg3CAqNi0\/FqcTa4IsqpRiRnoTkCfu1XF8SHBOu7AyT1c\/fubqE3LU7GukFqoj+SLNTW4cgl\/o1dy3bjrE8ZZNBfW\/2mhLblx4\/5gxbCsFWA+z4Ga9oLn33ws8j\/IOK\/9gRz5POJi17pLerOmQiJc\/rZN0mRVutFQUbBeBhU38zQ8++WcLY3uzB1tJli\/EQIwvmz1C5pTLqS79DJArMmvPMlmyRgjcAp\/qBAh94PXYN4Y3cbFc0kIWhDsG3MAoVKL6ptZyFg+OppJBQcRfYOFYvlhnRbWycb4pB8wzuKEGvNdKGe05WPkznr7nlJzkYSAhKlQ4JdYyvdT5aCd4p12shaypPbEKAyC+txXhm320YtM\/kAXnq3I6jNeWnWsWifcOCbYKKzlI\/lI9mAa34CHbC1wSujlIRBZBulJ5XFBpVcepctnc7fE1yTq3bKuOqNaZm\/j6\/RqnjSGf6hIiFirXwp\/K9IlWEsg98he6FmjSKQnZ2IU1LNlO6bsvarQQax\/krnwLzJbNKti8k2DS0AeKAQRaRXgW8eSm4qkRH9oHbEhAyQBSL7AeBg+U1oU9uMxPyIKGpSkkldySR3pkomSIF\/ixuiMmKDtUm+xzWoqga6ZTHMJMTFRrfGt5I7AXVA9Fq2\/OoDiaB49rmJu4CWOz7PjQrr8ww0Y\/2kF15xDM\/BZlFUfWXw9EAoNElGskiYB6oy+PBTj0dX1z7a+Vg5V4TuACnZrya0PKssqXYUMLtr9uO2YtKvqZk1T2hpa1h5XnLhRl255ZKEiFFAejFgu5WiQy8+db6bZMAtB84rYRAAbfvdvy2q+YpkjjAbhIQI1coBJ8yKsirsK2i2F49g\/nEOs7XxmMidu0K0orhrVjAa8mJjs3qw1aXW\/E1"} 00509{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":60,"source":"quic_q39.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":60,"flow_first_seen":1509098995610,"flow_last_seen":1509099044559,"flow_min_l4_payload_len":16,"flow_max_l4_payload_len":1350,"flow_tot_l4_payload_len":21651,"flow_avg_l4_payload_len":360,"midstream":0,"l3_proto":"ip4","src_ip":"170.216.16.209","dst_ip":"21.157.183.227","src_port":38620,"dst_port":443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00128{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":60,"source":"quic_q39.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 60/60 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 22131 bytes +~~ total detected protocols..: 1 +~~ total active/idle flows...: 1/1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4821869 bytes +~~ total memory freed........: 4821869 bytes +~~ total allocations/frees...: 58419/58419 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/quic_q43.pcap.out b/test/results/quic_q43.pcap.out index f648aed07..b861a4d22 100644 --- a/test/results/quic_q43.pcap.out +++ b/test/results/quic_q43.pcap.out @@ -5,3 +5,14 @@ 00432{"flow_id":1,"flow_packet_id":2,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2,"source":"quic_q43.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1592388060,"pkt_ts_usec":251652,"pkt_caplen":72,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":72,"pkt_l4_len":38,"pkt":"AAAAAAAAAAoAtmi7CABFAAA6AABAADsR1dxId9kdM3gUygG7wFkAJsU\/COg8d72PiRX5AdVtByTcf3A7ZqGOSkABJDYBAAYA"} 00504{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2,"source":"quic_q43.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":2,"flow_first_seen":1592388060203,"flow_last_seen":1592388060251,"flow_min_l4_payload_len":30,"flow_max_l4_payload_len":1350,"flow_tot_l4_payload_len":1380,"flow_avg_l4_payload_len":690,"midstream":0,"l3_proto":"ip4","src_ip":"51.120.20.202","dst_ip":"72.119.217.29","src_port":49241,"dst_port":443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00127{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":2,"source":"quic_q43.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 2/2 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 1396 bytes +~~ total detected protocols..: 1 +~~ total active/idle flows...: 1/1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4820141 bytes +~~ total memory freed........: 4820141 bytes +~~ total allocations/frees...: 58360/58360 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/quic_q46.pcap.out b/test/results/quic_q46.pcap.out index 225382079..e9f0a2f42 100644 --- a/test/results/quic_q46.pcap.out +++ b/test/results/quic_q46.pcap.out @@ -18,3 +18,14 @@ 02232{"flow_id":1,"flow_packet_id":15,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":15,"source":"quic_q46.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1559632338,"pkt_ts_usec":349062,"pkt_caplen":1392,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1392,"pkt_l4_len":1358,"pkt":"AAAAAAAAAAAA4JDHCABFgAViAABAADURGCKZFLfLrB0q7AG7lZQFTvUmQDg1EsYe0Hw4IIPzfn8wfNQhwOn0an7tljSwOZL4zdhRBNyMoFMRXJWnT+JKgN4pD7+fWIL9i6DEJpDVoGv2Uyc4T98H8kDMlfM0Sh396kz9TxS6vHpzFRW0yVGhF1G1nZtl1xaVLcWveCedsquOHu81jW0KUPC3OoDp\/vKHQNGwirYR\/c2IfZ1n+Wgk2\/O5aff6LwgdCVhHe2qATBRrzTPV5+H0Yu9lzgjnKSLkjHWnmjpmMeSIqGkcf2eregarfZEY2xwaO\/nw\/WOXa7BfkHVKowB+nXXN7PNH3M9daCFDBW\/+VkpKhrCPdYP1t\/7E0UUqE0Yz+okqAkQjHzDyin94wgqnC3Wc\/dk\/5Qz19ilZRNzwK3pUXuPnSXCxzVgq88OPEsQ8pd63tOVj9LTagAmzkowopTI3NSBPFvLyss1AF9ywgLX\/LD2qE6DW6d+RhJ9dVonXLT5F6jPPkIu53iASUeZdvvk6aEeYpRVa097cV1XhheEEVhY7zNvTZpuYwuXokrR9TywT7+bmctPhCDvCJeAmXforkEv7U6w\/FYMbeorFMhloXX90EBwcIydyfhujAE9J1cFvFPvqUSF60S9yJ4ZJ8Ww98mnC2a7L1ezLjZcu3ZEnx5pqj7euzmW58dKwHNoGgrNJfNkryBfwXnZ3j55DDi68cXNIYf5Q1U2m4DzXZ\/ZzI\/YMYS6ayMDBOHPk8GqPmZfz7Z2ZZCAzck0fSzAcTz\/7eO8exGoQmraKj6BojVn1DsiqqpXi42NW5lTsYZdKOt8R08ZmwJkNm4upspaZgf0Fo\/Vr0j08sUjClYml0PQJPcMO8zb+nI4vhMF8nKybaZS9ejfMtgIuZuwqIlsGDSkn1h17\/dyiHg\/+N7YyjJbCBpp+srcxF59j1g1K5ac3HQMTS5XK3YUlWqk\/MS761E04dEyULtNCsXFvhz3qLEUM7ewLwe7VP7RHMk48mPcwYDtDI7BmoJGAQoIeObu6QUxjhKJlcpK9eCi+n+gqZJ2BQlMclF2xlgk0PvfNEKlsLlpbBPPtGuWfgMx3QxcGI9AgwygYjc3duP5soQrqak0aLYc\/9rp4DN\/4SbYQXygarZ3OQ08Ye7+JcJ84ykWDaA2s+mqBSWrOKarhbGH9TLSNj9RmuJLQ6e1siFVefkspM\/p5wVxegy+Tz4xhyoni7lOcF1PalxKJ6fDQGpRtSuP5KutRpSlGMla2CU4uErznmUC1RtEnon+OJoF2uIYRc3XTL5fWaIEldzBOS1KoV\/cETBkh3I5NYO+7ByOK8p6xXsWfTu2xXHaVtqJAeR7hr2v72QgPzvMDDO0Fd1zRBBPpEpLyRmtUYhSqPyb6zsMJOq1tqZn0dqBFbieqdA4EWoDsib6EoL6uXnHJJU\/3RYe\/\/kfmvNVIjoB\/Jq+mwlevm8YR+cP55qBHlh\/TeE2podzm6KHrNTyhnB+A4PXc2M4DhCdxhzvI4lyf5qctN0bFMx1D+srUAYtiabuLguT0sEwQUOImlr8oJOTLk\/1xXcGSq7\/Z9sR5K1Ogqu6caz5SHyFBMquy39RGYIpkYmRnJx+nTPNjV42v+uaEoQb7EjEnRSjpQozX1m6w\/Pk1cMQPKCtgOoQCiNT6Fy\/LAbjrARSIzAjEftlwNihrRen1igci8e84GbTrVMzc4lV1k0SZRckwFQwYvgXSLrH6NHBlH1osX7rTIwtvEYUB+2TUjSV2KHNqlKQqkW3g2WfmWzfNiABYo3Epcb2MEA+Erelxn2pv3qxh7\/w6h\/ZwfQ66atOb235o5f3HEPG+QzBvLrsa"} 00509{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":20,"source":"quic_q46.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":20,"flow_first_seen":1559632338055,"flow_last_seen":1559632338367,"flow_min_l4_payload_len":28,"flow_max_l4_payload_len":1350,"flow_tot_l4_payload_len":20401,"flow_avg_l4_payload_len":1020,"midstream":0,"l3_proto":"ip4","src_ip":"172.29.42.236","dst_ip":"153.20.183.203","src_port":38292,"dst_port":443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00128{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":20,"source":"quic_q46.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 20/20 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 20561 bytes +~~ total detected protocols..: 1 +~~ total active/idle flows...: 1/1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4820707 bytes +~~ total memory freed........: 4820707 bytes +~~ total allocations/frees...: 58379/58379 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/quic_q46_b.pcap.out b/test/results/quic_q46_b.pcap.out index 47155f096..cf75c8c2a 100644 --- a/test/results/quic_q46_b.pcap.out +++ b/test/results/quic_q46_b.pcap.out @@ -18,3 +18,14 @@ 00485{"flow_id":1,"flow_packet_id":15,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":15,"source":"quic_q46_b.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1561708874,"pkt_ts_usec":385304,"pkt_caplen":106,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":106,"pkt_l4_len":24,"pkt":"AAAAAAAAAAIAGNwmCABFAAAsAABAADkRWsNu54YjrBtF2AG7sdoAGCfVQAmmRyNJwJ7Eza+L+zYDjAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="} 00509{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":20,"source":"quic_q46_b.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":20,"flow_first_seen":1561708873328,"flow_last_seen":1561708876422,"flow_min_l4_payload_len":16,"flow_max_l4_payload_len":1350,"flow_tot_l4_payload_len":5220,"flow_avg_l4_payload_len":261,"midstream":0,"l3_proto":"ip4","src_ip":"172.27.69.216","dst_ip":"110.231.134.35","src_port":45530,"dst_port":443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00130{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":20,"source":"quic_q46_b.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 20/20 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 5380 bytes +~~ total detected protocols..: 1 +~~ total active/idle flows...: 1/1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4820709 bytes +~~ total memory freed........: 4820709 bytes +~~ total allocations/frees...: 58379/58379 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/quic_q50.pcap.out b/test/results/quic_q50.pcap.out index ef7d0bfef..50f3e576d 100644 --- a/test/results/quic_q50.pcap.out +++ b/test/results/quic_q50.pcap.out @@ -18,3 +18,14 @@ 02214{"flow_id":1,"flow_packet_id":15,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":15,"source":"quic_q50.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1592388088,"pkt_ts_usec":914059,"pkt_caplen":1392,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1392,"pkt_l4_len":1358,"pkt":"AAAAAAAAABAAH2tiCABFAAViAABAADkRR+K4l8Ht+JCBkwG7mSMFTr2UUxzWygZ9b3y06pi5ZYapHKY9BS8JU4g+mqRe2XZzTFm1pB5lfWD4XEQ7CJcjsxAxChd687DeKIyjyk8x3oKzISjX83CNRZ2vbT2MvVwtLGc0i1Pr2qw4lwUu3R+NukpnxEbkPw9S1L7aOa13Rma+gGROdnyg9svhMRF3QeBC7q0Jw4mZZs67C1I6Z26MbVM1LtlhVSp2M+rbXkNQye9P56NVO7HbEem2REGM5seHBGqn8VsW3GQjCsq2Lw6qQsGbiveQKXQ73zLxygzHcIokoYZTVRIj03xYRdzNKuo8hsweI8l4S7bqKbi+KCUAORr+9861zE2rjtIfrxPwyyYtMJS7aW285y5lzCY+y89px829pAI1NkK\/kdvLUSN0VEEb2xjpSd6k+wDeZtwhwvFMidXuywGxts9dBAdoYmNmsmOYDf2R6sEubPt5YdNg\/f9Qn+sKLmPdsT8MaT7jFhr0oikXVwDyx5RuSOhYKGYGa0TRPeI7TpWdjdu7Y1i9FNnfvDwM+pH1ppCnuxTiCegw2TMDM\/WGdxWlPzVQlKgef9bzDw1AbXurxxJUKTX9dfFDdbOVymxfUjb8AhWJq+D\/BUO9zpjJQ8gRlSFER4XBjT1z3Di5PZLqQYf2ba6ZPAZqvzDTbo5ZphRqWDBoaL6q+HhUlbOuS1zivy2kjcBzUFNCTj1EF1ZAHptW7qyiV4IIaRNjnpVyANDHxJ538a9SsEUZ71NyHEDff5qpuqEU51rmcZidjzJAL7AonqRT9T99WRSO+3+j4xG1ix9OhyMQsRCawrqs18KiMKpdXsy6SitTNJ5o\/FHZ53LmB4Qv10K2++vw7bLc4RwBgxI0vwJ3IW9xBymycm2RB4f5IeyvChCTttLoPF1dKGgHtVdqRfhrBT\/mOc4o8Emw0tFAz1ocvvx66xgq5VTKEdNsVQGssbLdigAipR22vNeHoB1Virf6gtstKFEQDAPcAzTJHa+LIczW3Y440fT45gCocVqjLQzpS5o8Hhfilo5Mlhx2MYXAkwzpwItCGR2I1DPHnfWGnRHUG4HE+JMuUmXOVRLvDb8WOGnyBzqFmSEWyFRtM2SFFmNVEs+QQe9MeJ7g5C4opxJAGvUgmPx9COj0xXRdhTJza9fGKdobpt3EpUOTPSd73VZg4po3aMwWxb5Jeo+FLm9eQwPX2FVxQf92EGQPA6MFlmCxJfGW8TAl5FCSgcjNNHVf2p9XXKvqWBffw6645FBEcnis0IRrnJ+vXQ32hg59+txLkKX+KSLOlt3PdoMYLBY+cXTFFFU8Va62mRPJ9v1gr5G09m1CPVyR8YugWtOCg78BBgwmV1RYYvJJ5msim0hzmV3RqlNUXjaJWOec4o6TY1EgFbPMV2qiC8J9n9yXV5YvI05g4IOlqR7S2iqZhqYULtEWR6ovIpNXnrZJpy2Yn\/zYXiZVZE023vTTnBDx95EA\/cI++FVV2wG2YR1sAc79D\/s1fSQWrDliG530wWJyVzvDWWaJdBia3evaJRW9JJCGGMr56q1SVQoUWgvS6eELCd9V8VJ8DagVQV+8H9sg54sHlzHBxIwDHfK7ROpezRnokDq\/bjW5ztu7Oy23WFbid9S0ThBecI\/8EO9dB1cBlHAkkL0IJ\/Zvli6tNzEeuTP2+1ak8ROcgatBAKEuuflz9JINeyMH7RyfTIP97\/S5ek7gGEfVidR2nCnTnx2F\/kKhg8Gktkb7QYhaPMw9DSXpeKWciUACqjiiTBlMTb1TtFFfwFRneqpdQT\/5mpXBhWm3GpWN2LqM+inieYBwNLFo39t6"} 00511{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":20,"source":"quic_q50.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":20,"flow_first_seen":1592388088469,"flow_last_seen":1592388088935,"flow_min_l4_payload_len":25,"flow_max_l4_payload_len":1350,"flow_tot_l4_payload_len":19594,"flow_avg_l4_payload_len":979,"midstream":0,"l3_proto":"ip4","src_ip":"248.144.129.147","dst_ip":"184.151.193.237","src_port":39203,"dst_port":443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00128{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":20,"source":"quic_q50.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 20/20 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 19754 bytes +~~ total detected protocols..: 1 +~~ total active/idle flows...: 1/1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4826213 bytes +~~ total memory freed........: 4826213 bytes +~~ total allocations/frees...: 58389/58389 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/quic_t50.pcap.out b/test/results/quic_t50.pcap.out index 2d2b58b1c..3b1dfdafe 100644 --- a/test/results/quic_t50.pcap.out +++ b/test/results/quic_t50.pcap.out @@ -15,3 +15,14 @@ 00440{"flow_id":1,"flow_packet_id":12,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":12,"source":"quic_t50.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1598618820,"pkt_ts_usec":984161,"pkt_caplen":75,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":75,"pkt_l4_len":41,"pkt":"AAAAAAAAAAQAMt+PCABFAAA9UXFAAH8Rnhoomn\/IpvC80cKsAbsAKbCuQFVfMtNfKdhjvCDG5lHY2Vep\/b8otkMpD\/Eek8ZQl9VQ"} 00509{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":12,"source":"quic_t50.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":12,"flow_first_seen":1598618820564,"flow_last_seen":1598618820984,"flow_min_l4_payload_len":26,"flow_max_l4_payload_len":1350,"flow_tot_l4_payload_len":7916,"flow_avg_l4_payload_len":659,"midstream":0,"l3_proto":"ip4","src_ip":"40.154.127.200","dst_ip":"166.240.188.209","src_port":49836,"dst_port":443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00128{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":12,"source":"quic_t50.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 12/12 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 8012 bytes +~~ total detected protocols..: 1 +~~ total active/idle flows...: 1/1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4826000 bytes +~~ total memory freed........: 4826000 bytes +~~ total allocations/frees...: 58383/58383 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/quic_t51.pcap.out b/test/results/quic_t51.pcap.out index c0fa59f12..15dbb4b09 100644 --- a/test/results/quic_t51.pcap.out +++ b/test/results/quic_t51.pcap.out @@ -18,3 +18,14 @@ 01265{"flow_id":1,"flow_packet_id":15,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":15,"source":"quic_t51.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1598620445,"pkt_ts_usec":18622,"pkt_caplen":682,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":682,"pkt_l4_len":648,"pkt":"AAAAAAAAAAIA\/tPQCABFAAKcAABAADkRk4PT95Nau+OImAG72DwCiLkRRUQ\/6vkZVV\/ROzhbKeoRReCXAsU2A9sjDcWKUpUKE20+JfmKTS5epz37+ogCTB3O0gMCMzVDnFdaJcS6+BN05F\/4JuxKu4G1tpzczS9sm8YNK\/yKXdRv4mVvdoxmRlg3UOh2\/HXmM4zkHZRGDq5gvf1YtAZn9UT7LsL3ba43Q8SnB+rUVySuu7l1RHkrEWg8uyOET5mlnXLlWR9Grc3kARdxeBr1\/WcmPSnvrZSLx1Yubftvk4neBnd4+d5h0uJVaP+xEQf1a8mwYApxdilAfGbuHGI1b3p\/3kL4nnq3IJOuSSNOnomgt9UYIYG6JkTs88ZO0WDXcKQgHSWiD3S5b55ck0VFoMVGi6XvxaS5dDL7irZqR+xUbIGJU+5KmsKgfA7I8vhbhlBInT22prpicg+aHmV2Mfe\/D32ni\/2JKthXhSWWTVnEZBANDcgGYP\/4NUgVhBiqDrAFYNnh4TpROEqCcVxLVLryNrzUeH7QkEbcjWfjgc1iq2O3xKKvNnDVO7PiKnn323eZoAEB9oWFA9G1nVAQC23JJC+CnKPFPChKEXym9Dh4Orny9OuAnT2rnxyfNcQUzTUgHDT2V7VEjBNfPreDUCXxeu5gdY1osBS40zZnHQbiRnLlaoi5GCT3tnzL3T1LFfAUmB7xQ9GiiYxgRwyuSbp3f6GcUujaHRbjguLy26pc3INccugl0f1At7jIrf9EqyuaS7XaakX31gYDzEUt04O8Omx3QUnvBZgydp7VVVYOZXv\/1GYhCscRuXdM5GQHqnPBMCwk9Y4VH2nkD7iDBE4uvSjbXU9u9lIbiPNzYqPtOVbqx\/o\/Bmq+eYkSeas+WHpkMkc3YMCicg=="} 00513{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":642,"source":"quic_t51.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":642,"flow_first_seen":1598620434413,"flow_last_seen":1598620524479,"flow_min_l4_payload_len":25,"flow_max_l4_payload_len":1350,"flow_tot_l4_payload_len":546754,"flow_avg_l4_payload_len":851,"midstream":0,"l3_proto":"ip4","src_ip":"187.227.136.152","dst_ip":"211.247.147.90","src_port":55356,"dst_port":443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00129{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":642,"source":"quic_t51.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 642/642 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 551890 bytes +~~ total detected protocols..: 1 +~~ total active/idle flows...: 1/1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4844273 bytes +~~ total memory freed........: 4844273 bytes +~~ total allocations/frees...: 59013/59013 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/quickplay.pcap.out b/test/results/quickplay.pcap.out index 2e95f1e41..c327beabf 100644 --- a/test/results/quickplay.pcap.out +++ b/test/results/quickplay.pcap.out @@ -158,3 +158,14 @@ 00510{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":155,"source":"quickplay.pcap","alias":"nDPId-test","flow_id":15,"flow_packet_id":2,"flow_first_seen":1429000110390,"flow_last_seen":1429000110528,"flow_min_l4_payload_len":206,"flow_max_l4_payload_len":625,"flow_tot_l4_payload_len":831,"flow_avg_l4_payload_len":415,"midstream":1,"l3_proto":"ip4","src_ip":"10.54.169.250","dst_ip":"203.205.147.215","src_port":35670,"dst_port":80,"l4_proto":"tcp","flow_datalink":113,"flow_max_packets":15} 00507{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":155,"source":"quickplay.pcap","alias":"nDPId-test","flow_id":8,"flow_packet_id":3,"flow_first_seen":1429000048159,"flow_last_seen":1429000048795,"flow_min_l4_payload_len":487,"flow_max_l4_payload_len":1169,"flow_tot_l4_payload_len":2143,"flow_avg_l4_payload_len":714,"midstream":1,"l3_proto":"ip4","src_ip":"10.54.169.250","dst_ip":"120.28.5.41","src_port":44256,"dst_port":80,"l4_proto":"tcp","flow_datalink":113,"flow_max_packets":15} 00130{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":155,"source":"quickplay.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 155/155 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 98967 bytes +~~ total detected protocols..: 21 +~~ total active/idle flows...: 21/21 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4892636 bytes +~~ total memory freed........: 4892636 bytes +~~ total allocations/frees...: 58615/58615 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/rdp.pcap.out b/test/results/rdp.pcap.out index 0e2ed9da2..9404b88df 100644 --- a/test/results/rdp.pcap.out +++ b/test/results/rdp.pcap.out @@ -4020,3 +4020,14 @@ 00351{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":2010,"source":"rdp.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1559207472,"pkt_ts_usec":692980,"pkt_caplen":44,"pkt_type":0,"pkt_l3_offset":0,"pkt_l4_offset":0,"pkt_len":44,"pkt_l4_len":0,"pkt":"AgAAAEUAAChjxUAAfwYmC8CoAo6sEAK5DT3NDkeioY5HoqGOUAQAAJEzAAA="} 00175{"basic_event_id":1,"basic_event_name":"Unknown datalink layer packet","thread_id":0,"packet_id":2010,"source":"rdp.pcap","alias":"nDPId-test","datalink":0,"header":33554432} 00125{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":2010,"source":"rdp.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 2010/0 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 0 bytes +~~ total detected protocols..: 0 +~~ total active/idle flows...: 0/0 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4816931 bytes +~~ total memory freed........: 4816931 bytes +~~ total allocations/frees...: 58355/58355 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/reasm_crash_anon.pcapng.out b/test/results/reasm_crash_anon.pcapng.out index fc7072e5f..472fd8dd6 100644 --- a/test/results/reasm_crash_anon.pcapng.out +++ b/test/results/reasm_crash_anon.pcapng.out @@ -36,3 +36,14 @@ 00532{"flow_event_id":7,"flow_event_name":"not-detected","thread_id":0,"packet_id":209,"source":"reasm_crash_anon.pcapng","alias":"nDPId-test","flow_id":1,"flow_packet_id":200,"flow_first_seen":1410865705717,"flow_last_seen":1410867180785,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":725,"flow_tot_l4_payload_len":6327,"flow_avg_l4_payload_len":31,"midstream":1,"l3_proto":"ip4","src_ip":"192.168.145.147","dst_ip":"10.209.8.148","src_port":51218,"dst_port":21999,"l4_proto":"tcp","ndpi": {"proto":"Unknown","breed":"Unrated"}} 00519{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":209,"source":"reasm_crash_anon.pcapng","alias":"nDPId-test","flow_id":1,"flow_packet_id":200,"flow_first_seen":1410865705717,"flow_last_seen":1410867180785,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":725,"flow_tot_l4_payload_len":6327,"flow_avg_l4_payload_len":31,"midstream":1,"l3_proto":"ip4","src_ip":"192.168.145.147","dst_ip":"10.209.8.148","src_port":51218,"dst_port":21999,"l4_proto":"tcp","flow_datalink":113,"flow_max_packets":15} 00139{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":209,"source":"reasm_crash_anon.pcapng","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 209/200 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 12867 bytes +~~ total detected protocols..: 0 +~~ total active/idle flows...: 1/1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4839746 bytes +~~ total memory freed........: 4839746 bytes +~~ total allocations/frees...: 58564/58564 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/reasm_segv_anon.pcapng.out b/test/results/reasm_segv_anon.pcapng.out index 50fe5be27..bd5e9aabf 100644 --- a/test/results/reasm_segv_anon.pcapng.out +++ b/test/results/reasm_segv_anon.pcapng.out @@ -74,3 +74,14 @@ 00199{"basic_event_id":15,"basic_event_name":"Captured packet size is smaller than packet size","thread_id":0,"packet_id":81,"source":"reasm_segv_anon.pcapng","alias":"nDPId-test","caplen":122,"len":126} 00514{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":82,"source":"reasm_segv_anon.pcapng","alias":"nDPId-test","flow_id":1,"flow_packet_id":82,"flow_first_seen":1550422828553,"flow_last_seen":1550422844224,"flow_min_l4_payload_len":48,"flow_max_l4_payload_len":1448,"flow_tot_l4_payload_len":74496,"flow_avg_l4_payload_len":908,"midstream":0,"l3_proto":"ip4","src_ip":"145.76.2.236","dst_ip":"187.96.52.85","src_port":2152,"dst_port":2152,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00137{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":82,"source":"reasm_segv_anon.pcapng","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 82/82 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 75152 bytes +~~ total detected protocols..: 1 +~~ total active/idle flows...: 1/1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4822461 bytes +~~ total memory freed........: 4822461 bytes +~~ total allocations/frees...: 58440/58440 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/reddit.pcap.out b/test/results/reddit.pcap.out index 46000cdda..cc6e169fa 100644 --- a/test/results/reddit.pcap.out +++ b/test/results/reddit.pcap.out @@ -1152,3 +1152,14 @@ 00546{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":11682,"source":"reddit.pcap","alias":"nDPId-test","flow_id":22,"flow_packet_id":164,"flow_first_seen":1605291686985,"flow_last_seen":1605291698522,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":2333,"flow_tot_l4_payload_len":45370,"flow_avg_l4_payload_len":276,"midstream":0,"l3_proto":"ip6","src_ip":"2a01:cb01:2049:8b07:991d:ec85:28df:f629","dst_ip":"2a00:1450:4007:805::2002","src_port":50960,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00544{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":11682,"source":"reddit.pcap","alias":"nDPId-test","flow_id":45,"flow_packet_id":31,"flow_first_seen":1605291690373,"flow_last_seen":1605291690520,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":1208,"flow_tot_l4_payload_len":5684,"flow_avg_l4_payload_len":183,"midstream":0,"l3_proto":"ip6","src_ip":"2a01:cb01:2049:8b07:991d:ec85:28df:f629","dst_ip":"2a00:1450:4007:805::2002","src_port":51006,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00129{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":11682,"source":"reddit.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 11682/11682 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 10947343 bytes +~~ total detected protocols..: 59 +~~ total active/idle flows...: 60/60 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 6071021 bytes +~~ total memory freed........: 6071021 bytes +~~ total allocations/frees...: 70645/70645 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/rx.pcap.out b/test/results/rx.pcap.out index 46a192b6b..6f39e83ac 100644 --- a/test/results/rx.pcap.out +++ b/test/results/rx.pcap.out @@ -66,3 +66,14 @@ 00505{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":132,"source":"rx.pcap","alias":"nDPId-test","flow_id":3,"flow_packet_id":27,"flow_first_seen":1460647299605,"flow_last_seen":1460647300326,"flow_min_l4_payload_len":40,"flow_max_l4_payload_len":1076,"flow_tot_l4_payload_len":8785,"flow_avg_l4_payload_len":325,"midstream":0,"l3_proto":"ip4","src_ip":"131.114.219.168","dst_ip":"192.167.206.124","src_port":7001,"dst_port":7003,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00503{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":132,"source":"rx.pcap","alias":"nDPId-test","flow_id":2,"flow_packet_id":3,"flow_first_seen":1460647283326,"flow_last_seen":1460647283340,"flow_min_l4_payload_len":36,"flow_max_l4_payload_len":292,"flow_tot_l4_payload_len":393,"flow_avg_l4_payload_len":131,"midstream":0,"l3_proto":"ip4","src_ip":"131.114.219.168","dst_ip":"192.167.206.124","src_port":38331,"dst_port":7002,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00123{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":132,"source":"rx.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 132/132 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 21987 bytes +~~ total detected protocols..: 5 +~~ total active/idle flows...: 5/5 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4836519 bytes +~~ total memory freed........: 4836519 bytes +~~ total allocations/frees...: 58502/58502 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/s7comm.pcap.out b/test/results/s7comm.pcap.out index cb1ded062..97378820c 100644 --- a/test/results/s7comm.pcap.out +++ b/test/results/s7comm.pcap.out @@ -18,3 +18,14 @@ 00451{"flow_id":1,"flow_packet_id":15,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":15,"source":"s7comm.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1408528803,"pkt_ts_usec":910913,"pkt_caplen":87,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":87,"pkt_l4_len":53,"pkt":"ABsbI+s7kOa6hF5BCABFAABJLVRAAIAGAADAqAEKwKgBKBBZAGaQRN5QAAL8wFAY+UCDvgAAAwAAIQLwgDIHAAAGAAAIAAgAARIEEUQBAP8JAAQBMQAE"} 00498{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":55,"source":"s7comm.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":55,"flow_first_seen":1408528803880,"flow_last_seen":1408528804016,"flow_min_l4_payload_len":7,"flow_max_l4_payload_len":247,"flow_tot_l4_payload_len":2290,"flow_avg_l4_payload_len":41,"midstream":1,"l3_proto":"ip4","src_ip":"192.168.1.10","dst_ip":"192.168.1.40","src_port":4185,"dst_port":102,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00126{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":55,"source":"s7comm.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 55/55 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 3390 bytes +~~ total detected protocols..: 1 +~~ total active/idle flows...: 1/1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4821678 bytes +~~ total memory freed........: 4821678 bytes +~~ total allocations/frees...: 58413/58413 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/safari.pcap.out b/test/results/safari.pcap.out index 7f8d187b3..aed7770af 100644 --- a/test/results/safari.pcap.out +++ b/test/results/safari.pcap.out @@ -135,3 +135,14 @@ 00507{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6019,"source":"safari.pcap","alias":"nDPId-test","flow_id":6,"flow_packet_id":769,"flow_first_seen":1620898025217,"flow_last_seen":1620898026109,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":1440,"flow_tot_l4_payload_len":648144,"flow_avg_l4_payload_len":842,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.1.178","dst_ip":"146.48.58.18","src_port":55269,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00504{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6019,"source":"safari.pcap","alias":"nDPId-test","flow_id":7,"flow_packet_id":18,"flow_first_seen":1620898027036,"flow_last_seen":1620898027166,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":1440,"flow_tot_l4_payload_len":5402,"flow_avg_l4_payload_len":300,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.1.178","dst_ip":"146.48.58.18","src_port":55285,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00128{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":6019,"source":"safari.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 6019/6019 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 5365663 bytes +~~ total detected protocols..: 7 +~~ total active/idle flows...: 7/7 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 5064478 bytes +~~ total memory freed........: 5064478 bytes +~~ total allocations/frees...: 64418/64418 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/selfsigned.pcap.out b/test/results/selfsigned.pcap.out index 082b67581..e260c63e8 100644 --- a/test/results/selfsigned.pcap.out +++ b/test/results/selfsigned.pcap.out @@ -40,3 +40,14 @@ 00357{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":20,"source":"selfsigned.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1588921646,"pkt_ts_usec":517337,"pkt_caplen":44,"pkt_type":0,"pkt_l3_offset":0,"pkt_l4_offset":0,"pkt_len":44,"pkt_l4_len":0,"pkt":"AgAAAEUAACgAAEAAQAYAAH8AAAF\/AAABC7nJlxL1HEsAAAAAUAQAAP4cAAA="} 00180{"basic_event_id":1,"basic_event_name":"Unknown datalink layer packet","thread_id":0,"packet_id":20,"source":"selfsigned.pcap","alias":"nDPId-test","datalink":0,"header":33554432} 00130{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":20,"source":"selfsigned.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 20/0 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 0 bytes +~~ total detected protocols..: 0 +~~ total active/idle flows...: 0/0 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4816931 bytes +~~ total memory freed........: 4816931 bytes +~~ total allocations/frees...: 58355/58355 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/signal.pcap.out b/test/results/signal.pcap.out index 73a529d5c..b0238e475 100644 --- a/test/results/signal.pcap.out +++ b/test/results/signal.pcap.out @@ -299,3 +299,14 @@ 00499{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":637,"source":"signal.pcap","alias":"nDPId-test","flow_id":12,"flow_packet_id":2,"flow_first_seen":1569051264088,"flow_last_seen":1569051264113,"flow_min_l4_payload_len":55,"flow_max_l4_payload_len":151,"flow_tot_l4_payload_len":206,"flow_avg_l4_payload_len":103,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.2.17","dst_ip":"192.168.2.1","src_port":56263,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00496{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":637,"source":"signal.pcap","alias":"nDPId-test","flow_id":2,"flow_packet_id":2,"flow_first_seen":1569051247593,"flow_last_seen":1569051247630,"flow_min_l4_payload_len":43,"flow_max_l4_payload_len":59,"flow_tot_l4_payload_len":102,"flow_avg_l4_payload_len":51,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.2.17","dst_ip":"192.168.2.1","src_port":60793,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00127{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":637,"source":"signal.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 637/637 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 294110 bytes +~~ total detected protocols..: 16 +~~ total active/idle flows...: 19/19 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 5166470 bytes +~~ total memory freed........: 5166470 bytes +~~ total allocations/frees...: 59163/59163 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/simple-dnscrypt.pcap.out b/test/results/simple-dnscrypt.pcap.out index 1f4008f21..50c17081d 100644 --- a/test/results/simple-dnscrypt.pcap.out +++ b/test/results/simple-dnscrypt.pcap.out @@ -80,3 +80,14 @@ 00514{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":111,"source":"simple-dnscrypt.pcap","alias":"nDPId-test","flow_id":3,"flow_packet_id":18,"flow_first_seen":1491813286392,"flow_last_seen":1491813286753,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":1310,"flow_tot_l4_payload_len":7519,"flow_avg_l4_payload_len":417,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.43.167","dst_ip":"134.119.26.24","src_port":50258,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00514{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":111,"source":"simple-dnscrypt.pcap","alias":"nDPId-test","flow_id":4,"flow_packet_id":36,"flow_first_seen":1491813286393,"flow_last_seen":1491813286913,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":1310,"flow_tot_l4_payload_len":9310,"flow_avg_l4_payload_len":258,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.43.167","dst_ip":"134.119.26.24","src_port":50259,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00136{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":111,"source":"simple-dnscrypt.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 111/111 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 40902 bytes +~~ total detected protocols..: 4 +~~ total active/idle flows...: 4/4 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4922206 bytes +~~ total memory freed........: 4922206 bytes +~~ total allocations/frees...: 58520/58520 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/sip.pcap.out b/test/results/sip.pcap.out index 3b56d1127..4ed3c1cd0 100644 --- a/test/results/sip.pcap.out +++ b/test/results/sip.pcap.out @@ -70,3 +70,14 @@ 00500{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":112,"source":"sip.pcap","alias":"nDPId-test","flow_id":3,"flow_packet_id":34,"flow_first_seen":1120470796804,"flow_last_seen":1120471094413,"flow_min_l4_payload_len":5,"flow_max_l4_payload_len":1076,"flow_tot_l4_payload_len":15555,"flow_avg_l4_payload_len":457,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.1.2","dst_ip":"212.242.33.35","src_port":5060,"dst_port":5060,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00501{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":112,"source":"sip.pcap","alias":"nDPId-test","flow_id":4,"flow_packet_id":9,"flow_first_seen":1120470985348,"flow_last_seen":1120470985511,"flow_min_l4_payload_len":172,"flow_max_l4_payload_len":172,"flow_tot_l4_payload_len":1548,"flow_avg_l4_payload_len":172,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.1.2","dst_ip":"212.242.33.36","src_port":30000,"dst_port":40392,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00124{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":112,"source":"sip.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 112/112 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 45351 bytes +~~ total detected protocols..: 5 +~~ total active/idle flows...: 5/5 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4835939 bytes +~~ total memory freed........: 4835939 bytes +~~ total allocations/frees...: 58482/58482 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/skype-conference-call.pcap.out b/test/results/skype-conference-call.pcap.out index 5b6c812cc..cac7465a7 100644 --- a/test/results/skype-conference-call.pcap.out +++ b/test/results/skype-conference-call.pcap.out @@ -18,3 +18,14 @@ 00585{"flow_id":1,"flow_packet_id":15,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":15,"source":"skype-conference-call.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1501061916,"pkt_ts_usec":809040,"pkt_caplen":169,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":169,"pkt_l4_len":135,"pkt":"xCwDBkn+XEl5dU5qCABFAACbRT0AAG4Rs\/loLigxwKgCFOziwIIAh3lxgMkABgAABLEYhveI+TJqXoNflKzETGTrRbw2whOI8HHGZ9H1FnMJe5bOVFI65E6c22uJfv\/qd5toD\/qg2AhULgiZ0dL4yqWJoA7uey4F0+\/ntXNU1VN2Qkq5FFOEjp3tzTNRRgKcJLBlUIvR1ZSm7IAAAA0B0DttNZRbKmPtmw=="} 00521{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":200,"source":"skype-conference-call.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":200,"flow_first_seen":1501061916646,"flow_last_seen":1501061918151,"flow_min_l4_payload_len":32,"flow_max_l4_payload_len":915,"flow_tot_l4_payload_len":31287,"flow_avg_l4_payload_len":156,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.2.20","dst_ip":"104.46.40.49","src_port":49282,"dst_port":60642,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00142{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":200,"source":"skype-conference-call.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 200/200 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 32887 bytes +~~ total detected protocols..: 1 +~~ total active/idle flows...: 1/1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4834091 bytes +~~ total memory freed........: 4834091 bytes +~~ total allocations/frees...: 58560/58560 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/skype.pcap.out b/test/results/skype.pcap.out index d67fad8d4..588e49a76 100644 --- a/test/results/skype.pcap.out +++ b/test/results/skype.pcap.out @@ -2768,3 +2768,14 @@ 00516{"flow_event_id":7,"flow_event_name":"not-detected","thread_id":0,"packet_id":3284,"source":"skype.pcap","alias":"nDPId-test","flow_id":161,"flow_packet_id":17,"flow_first_seen":1431969679451,"flow_last_seen":1431969698502,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":90,"flow_tot_l4_payload_len":271,"flow_avg_l4_payload_len":15,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"65.55.223.12","src_port":50065,"dst_port":40031,"l4_proto":"tcp","ndpi": {"proto":"Unknown","breed":"Unrated"}} 00501{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3284,"source":"skype.pcap","alias":"nDPId-test","flow_id":161,"flow_packet_id":17,"flow_first_seen":1431969679451,"flow_last_seen":1431969698502,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":90,"flow_tot_l4_payload_len":271,"flow_avg_l4_payload_len":15,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"65.55.223.12","src_port":50065,"dst_port":40031,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00127{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":3284,"source":"skype.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 3284/3069 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 529727 bytes +~~ total detected protocols..: 224 +~~ total active/idle flows...: 317/317 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 8495931 bytes +~~ total memory freed........: 8495931 bytes +~~ total allocations/frees...: 62635/62635 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/skype_no_unknown.pcap.out b/test/results/skype_no_unknown.pcap.out index 63c7ca3d0..c49269a52 100644 --- a/test/results/skype_no_unknown.pcap.out +++ b/test/results/skype_no_unknown.pcap.out @@ -2178,3 +2178,14 @@ 00550{"flow_event_id":4,"flow_event_name":"guessed","thread_id":0,"packet_id":2146,"source":"skype_no_unknown.pcap","alias":"nDPId-test","flow_id":253,"flow_packet_id":11,"flow_first_seen":1431970691584,"flow_last_seen":1431970703178,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":5,"flow_tot_l4_payload_len":10,"flow_avg_l4_payload_len":0,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"91.190.216.125","src_port":51299,"dst_port":12350,"l4_proto":"tcp","ndpi": {"proto":"TLS.Skype_Teams","breed":"Acceptable","category":"VoIP"}} 00511{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2146,"source":"skype_no_unknown.pcap","alias":"nDPId-test","flow_id":253,"flow_packet_id":11,"flow_first_seen":1431970691584,"flow_last_seen":1431970703178,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":5,"flow_tot_l4_payload_len":10,"flow_avg_l4_payload_len":0,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"91.190.216.125","src_port":51299,"dst_port":12350,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00138{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":2146,"source":"skype_no_unknown.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 2146/2079 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 416800 bytes +~~ total detected protocols..: 198 +~~ total active/idle flows...: 272/272 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 6937354 bytes +~~ total memory freed........: 6937354 bytes +~~ total allocations/frees...: 61407/61407 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/skype_udp.pcap.out b/test/results/skype_udp.pcap.out index 9f4294687..07baf3da1 100644 --- a/test/results/skype_udp.pcap.out +++ b/test/results/skype_udp.pcap.out @@ -9,3 +9,14 @@ 00417{"flow_id":1,"flow_packet_id":5,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":5,"source":"skype_udp.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1156534567,"pkt_ts_usec":244697,"pkt_caplen":60,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":60,"pkt_l4_len":26,"pkt":"AAR2lnvaABbjGScVCABFAAAuy+IAAGUR8LwY4L6VwKgBAplejJYAGg6E4FcCztAyD8zMjQ7u\/eBiRTNa"} 00502{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":5,"source":"skype_udp.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":5,"flow_first_seen":1156534494734,"flow_last_seen":1156534567244,"flow_min_l4_payload_len":18,"flow_max_l4_payload_len":31,"flow_tot_l4_payload_len":129,"flow_avg_l4_payload_len":25,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.1.2","dst_ip":"24.224.190.149","src_port":35990,"dst_port":39262,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00128{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":5,"source":"skype_udp.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 5/5 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 169 bytes +~~ total detected protocols..: 1 +~~ total active/idle flows...: 1/1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4820228 bytes +~~ total memory freed........: 4820228 bytes +~~ total allocations/frees...: 58363/58363 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/smb_deletefile.pcap.out b/test/results/smb_deletefile.pcap.out index 78e963fe2..bec592421 100644 --- a/test/results/smb_deletefile.pcap.out +++ b/test/results/smb_deletefile.pcap.out @@ -18,3 +18,14 @@ 00560{"flow_id":1,"flow_packet_id":15,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":15,"source":"smb_deletefile.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1584368317,"pkt_ts_usec":587709,"pkt_caplen":158,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":158,"pkt_l4_len":124,"pkt":"2MuK4S0uKDc3AG3ICABFAACQAABAAEAGtebAqAF2wKgBu94QAb3ooAsa8kM6QVAYqgANAgAAAAAAZP5TTUJAAAEAAAAAABIAAAEAAAAAAAAAAKgPAAAAAAAA\/\/4AABEAAAAdAAAAACgAAAAAAAAAAAAAAAAAAAAAAAAkAAAAAAAAAM216xScgEmJp3LvkTALdLsAAAAAAAAAAAAAAAA="} 00514{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":101,"source":"smb_deletefile.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":101,"flow_first_seen":1584368315417,"flow_last_seen":1584368317802,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":1460,"flow_tot_l4_payload_len":25252,"flow_avg_l4_payload_len":250,"midstream":1,"l3_proto":"ip4","src_ip":"192.168.1.118","dst_ip":"192.168.1.187","src_port":56848,"dst_port":445,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00135{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":101,"source":"smb_deletefile.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 101/101 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 27272 bytes +~~ total detected protocols..: 1 +~~ total active/idle flows...: 1/1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4823012 bytes +~~ total memory freed........: 4823012 bytes +~~ total allocations/frees...: 58459/58459 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/smbv1.pcap.out b/test/results/smbv1.pcap.out index 0e2c3d77e..5344b10d2 100644 --- a/test/results/smbv1.pcap.out +++ b/test/results/smbv1.pcap.out @@ -10,3 +10,14 @@ 00521{"flow_id":1,"flow_packet_id":7,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":7,"source":"smbv1.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1492191036,"pkt_ts_usec":191677,"pkt_caplen":136,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":136,"pkt_l4_len":102,"pkt":"AFBW6AqxAAwpAu9qCABFAAB6F9UAAIAGzqOsEJyCCoAA88bvAb3S22nWm3wbiVAY+YJgRQAAAAAATv9TTUIyAAAAABgHwAAAAAAAAAAAAAAAAAAI\/\/4ACEEADwwAAAABAAAAAAAAAMxs6wAAAAwAQgAAAE4AAQAOAA0AAAAAAAAAAAAAAAAAAA=="} 00499{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7,"source":"smbv1.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":7,"flow_first_seen":1492191036092,"flow_last_seen":1492191036191,"flow_min_l4_payload_len":60,"flow_max_l4_payload_len":189,"flow_tot_l4_payload_len":819,"flow_avg_l4_payload_len":117,"midstream":1,"l3_proto":"ip4","src_ip":"172.16.156.130","dst_ip":"10.128.0.243","src_port":50927,"dst_port":445,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00124{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":7,"source":"smbv1.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 7/7 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 959 bytes +~~ total detected protocols..: 1 +~~ total active/idle flows...: 1/1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4822334 bytes +~~ total memory freed........: 4822334 bytes +~~ total allocations/frees...: 58366/58366 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/smpp_in_general.pcap.out b/test/results/smpp_in_general.pcap.out index a13be971f..9fc39232e 100644 --- a/test/results/smpp_in_general.pcap.out +++ b/test/results/smpp_in_general.pcap.out @@ -18,3 +18,14 @@ 00424{"flow_id":1,"flow_packet_id":15,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":15,"source":"smpp_in_general.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1217149884,"pkt_ts_usec":833831,"pkt_caplen":60,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":60,"pkt_l4_len":20,"pkt":"ABbU5r3hAAKlxo7UCABFAAAoM4IAADwGoN4K4so1CuLKdiMoBuqoDP6P5r379lAQ8ABiAAAAAAAAAAAA"} 00508{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":17,"source":"smpp_in_general.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":17,"flow_first_seen":1217149853878,"flow_last_seen":1217149884833,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":50,"flow_tot_l4_payload_len":200,"flow_avg_l4_payload_len":11,"midstream":0,"l3_proto":"ip4","src_ip":"10.226.202.118","dst_ip":"10.226.202.53","src_port":1770,"dst_port":9000,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00135{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":17,"source":"smpp_in_general.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 17/17 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 552 bytes +~~ total detected protocols..: 1 +~~ total active/idle flows...: 1/1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4822624 bytes +~~ total memory freed........: 4822624 bytes +~~ total allocations/frees...: 58376/58376 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/snapchat.pcap.out b/test/results/snapchat.pcap.out index cd3adcf40..b39319f2f 100644 --- a/test/results/snapchat.pcap.out +++ b/test/results/snapchat.pcap.out @@ -57,3 +57,14 @@ 00501{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":56,"source":"snapchat.pcap","alias":"nDPId-test","flow_id":3,"flow_packet_id":17,"flow_first_seen":1431418008133,"flow_last_seen":1431418008853,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":1069,"flow_tot_l4_payload_len":3005,"flow_avg_l4_payload_len":176,"midstream":0,"l3_proto":"ip4","src_ip":"10.8.0.1","dst_ip":"74.125.136.141","src_port":56193,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00500{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":56,"source":"snapchat.pcap","alias":"nDPId-test","flow_id":2,"flow_packet_id":17,"flow_first_seen":1431418008131,"flow_last_seen":1431418008701,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":536,"flow_tot_l4_payload_len":2439,"flow_avg_l4_payload_len":143,"midstream":0,"l3_proto":"ip4","src_ip":"10.8.0.1","dst_ip":"74.125.136.141","src_port":44536,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00128{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":56,"source":"snapchat.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 56/56 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 8295 bytes +~~ total detected protocols..: 3 +~~ total active/idle flows...: 3/3 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4834173 bytes +~~ total memory freed........: 4834173 bytes +~~ total allocations/frees...: 58425/58425 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/snapchat_call.pcapng.out b/test/results/snapchat_call.pcapng.out index 08fa32d2b..6009b916d 100644 --- a/test/results/snapchat_call.pcapng.out +++ b/test/results/snapchat_call.pcapng.out @@ -18,3 +18,14 @@ 00618{"flow_id":1,"flow_packet_id":15,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":15,"source":"snapchat_call.pcapng","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1595865799,"pkt_ts_usec":105971,"pkt_caplen":201,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":201,"pkt_l4_len":167,"pkt":"CL6sCxdumt9Y+uvcCABFAAC7AJNAAEARzwfAqAypEriKjqRjAbsAp9wkQMOARud6owbqCRc3SXpZ6Q9b9545QLOgrmU7yrTkDeu1OuRMhPND6AkTs3ROozWJziUGPGTD7NgdmiQX5t0ozTRtTxbk7\/KukXzKWYmVD9Mk3HoJXFObywsgcQzdtt+wsCQ6BlbJTbVGz4\/ddaV5nEeaHbghbcZU6VpqPRWkwkqgnOUcsHXDm4\/7lQ3gSNvX5H+o61wG2b9kKE9PLXv5"} 00516{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":50,"source":"snapchat_call.pcapng","alias":"nDPId-test","flow_id":1,"flow_packet_id":50,"flow_first_seen":1595865799020,"flow_last_seen":1595865807311,"flow_min_l4_payload_len":20,"flow_max_l4_payload_len":1350,"flow_tot_l4_payload_len":10672,"flow_avg_l4_payload_len":213,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.12.169","dst_ip":"18.184.138.142","src_port":42083,"dst_port":443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00135{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":50,"source":"snapchat_call.pcapng","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 50/50 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 11072 bytes +~~ total detected protocols..: 1 +~~ total active/idle flows...: 1/1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4821533 bytes +~~ total memory freed........: 4821533 bytes +~~ total allocations/frees...: 58408/58408 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/ssdp-m-search.pcap.out b/test/results/ssdp-m-search.pcap.out index a49da6c2d..dbb29c954 100644 --- a/test/results/ssdp-m-search.pcap.out +++ b/test/results/ssdp-m-search.pcap.out @@ -18,3 +18,14 @@ 00436{"flow_id":1,"flow_packet_id":15,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":15,"source":"ssdp-m-search.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1532054715,"pkt_ts_usec":808776,"pkt_caplen":63,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":63,"pkt_l4_len":29,"pkt":"\/\/\/\/\/\/\/\/AAibydCMCABFAAAxxENAAEAREB\/AqPIIwKjy\/6UNfpwAHf9xTS1TRUFSQ0ggKiBIVFRQLzEuMQ0K"} 00511{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":19,"source":"ssdp-m-search.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":19,"flow_first_seen":1532054645808,"flow_last_seen":1532054735808,"flow_min_l4_payload_len":21,"flow_max_l4_payload_len":21,"flow_tot_l4_payload_len":399,"flow_avg_l4_payload_len":21,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.242.8","dst_ip":"192.168.242.255","src_port":42253,"dst_port":32412,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00133{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":19,"source":"ssdp-m-search.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 19/19 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 551 bytes +~~ total detected protocols..: 1 +~~ total active/idle flows...: 1/1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4820634 bytes +~~ total memory freed........: 4820634 bytes +~~ total allocations/frees...: 58377/58377 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/ssh.pcap.out b/test/results/ssh.pcap.out index 71eadf8b8..f3602a736 100644 --- a/test/results/ssh.pcap.out +++ b/test/results/ssh.pcap.out @@ -21,3 +21,14 @@ 00617{"flow_id":1,"flow_packet_id":15,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":15,"source":"ssh.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1320435464,"pkt_ts_usec":774287,"pkt_caplen":210,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":210,"pkt_l4_len":176,"pkt":"AAwppUXgAFBWwAAICABFAADEyg1AAEAGO1usEO4BrBDuqOQbABY3XoNgQqJ59IAY\/\/+RQAAAAQEIChyVsAMAEyMEAAAAjAUgAAAAgQCKUG7tHgFITWPHoMxc4wuZ1BXy9n04qGBXJaOb+9wr70emYr8wHGq5ovMs7cviXyxxuF2Wdy30WLOfkouWkCplLGVZjdOTH0a5W2C9UmG80DhI+zr3en+DO3OfgxTtHr+gZJk6dXUbjvnH28419VgXWQUn69FtGg8SjApYMkgSUQAAAAAA"} 00500{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":258,"source":"ssh.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":258,"flow_first_seen":1320435464760,"flow_last_seen":1320435713237,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":1280,"flow_tot_l4_payload_len":18498,"flow_avg_l4_payload_len":71,"midstream":0,"l3_proto":"ip4","src_ip":"172.16.238.1","dst_ip":"172.16.238.168","src_port":58395,"dst_port":22,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00124{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":258,"source":"ssh.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 258/258 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 26774 bytes +~~ total detected protocols..: 1 +~~ total active/idle flows...: 1/1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4829569 bytes +~~ total memory freed........: 4829569 bytes +~~ total allocations/frees...: 58620/58620 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/ssl-cert-name-mismatch.pcap.out b/test/results/ssl-cert-name-mismatch.pcap.out index d68fd4944..2cfa528fc 100644 --- a/test/results/ssl-cert-name-mismatch.pcap.out +++ b/test/results/ssl-cert-name-mismatch.pcap.out @@ -20,3 +20,14 @@ 00440{"flow_id":1,"flow_packet_id":15,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":15,"source":"ssl-cert-name-mismatch.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1620643422,"pkt_ts_usec":620446,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"pkt":"ACWQ1Mz5BBjWBrNaCABFAAA0X19AADAGZdtomllpwKgC3gG71fRoLGFnT\/C3q4AQAOXuoAAAAQEICq19miIBlw+X"} 00519{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":21,"source":"ssl-cert-name-mismatch.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":21,"flow_first_seen":1620643422034,"flow_last_seen":1620643422754,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":1408,"flow_tot_l4_payload_len":4010,"flow_avg_l4_payload_len":190,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.2.222","dst_ip":"104.154.89.105","src_port":54772,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00142{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":21,"source":"ssl-cert-name-mismatch.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 21/21 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 4698 bytes +~~ total detected protocols..: 1 +~~ total active/idle flows...: 1/1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4828900 bytes +~~ total memory freed........: 4828900 bytes +~~ total allocations/frees...: 58387/58387 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/starcraft_battle.pcap.out b/test/results/starcraft_battle.pcap.out index e85cc11f4..4092f8727 100644 --- a/test/results/starcraft_battle.pcap.out +++ b/test/results/starcraft_battle.pcap.out @@ -522,3 +522,14 @@ 00510{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":800,"source":"starcraft_battle.pcap","alias":"nDPId-test","flow_id":9,"flow_packet_id":4,"flow_first_seen":1437389956550,"flow_last_seen":1437389956605,"flow_min_l4_payload_len":44,"flow_max_l4_payload_len":115,"flow_tot_l4_payload_len":287,"flow_avg_l4_payload_len":71,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.1.100","dst_ip":"192.168.1.254","src_port":58851,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00508{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":800,"source":"starcraft_battle.pcap","alias":"nDPId-test","flow_id":16,"flow_packet_id":9,"flow_first_seen":1437389967432,"flow_last_seen":1437389968027,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":273,"flow_tot_l4_payload_len":358,"flow_avg_l4_payload_len":39,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.1.100","dst_ip":"12.129.222.54","src_port":3512,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00137{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":800,"source":"starcraft_battle.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 800/797 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 332408 bytes +~~ total detected protocols..: 30 +~~ total active/idle flows...: 52/52 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 5030477 bytes +~~ total memory freed........: 5030477 bytes +~~ total allocations/frees...: 59377/59377 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/steam.pcap.out b/test/results/steam.pcap.out index 4d440e25f..e26862f25 100644 --- a/test/results/steam.pcap.out +++ b/test/results/steam.pcap.out @@ -269,3 +269,14 @@ 00503{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":104,"source":"steam.pcap","alias":"nDPId-test","flow_id":13,"flow_packet_id":2,"flow_first_seen":1357332164836,"flow_last_seen":1357332165015,"flow_min_l4_payload_len":36,"flow_max_l4_payload_len":44,"flow_tot_l4_payload_len":80,"flow_avg_l4_payload_len":40,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.188.149","dst_ip":"146.66.152.14","src_port":45665,"dst_port":27019,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00502{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":104,"source":"steam.pcap","alias":"nDPId-test","flow_id":2,"flow_packet_id":2,"flow_first_seen":1357332164693,"flow_last_seen":1357332164892,"flow_min_l4_payload_len":36,"flow_max_l4_payload_len":44,"flow_tot_l4_payload_len":80,"flow_avg_l4_payload_len":40,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.188.149","dst_ip":"146.66.152.12","src_port":45665,"dst_port":27019,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00126{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":104,"source":"steam.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 104/104 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 5484 bytes +~~ total detected protocols..: 55 +~~ total active/idle flows...: 55/55 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4993307 bytes +~~ total memory freed........: 4993307 bytes +~~ total allocations/frees...: 58624/58624 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/synscan.pcap.out b/test/results/synscan.pcap.out index 753af820d..0f616b872 100644 --- a/test/results/synscan.pcap.out +++ b/test/results/synscan.pcap.out @@ -7993,3 +7993,14 @@ 00511{"flow_event_id":7,"flow_event_name":"not-detected","thread_id":0,"packet_id":2011,"source":"synscan.pcap","alias":"nDPId-test","flow_id":109,"flow_packet_id":2,"flow_first_seen":1278275058031,"flow_last_seen":1278275058093,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":0,"flow_tot_l4_payload_len":0,"flow_avg_l4_payload_len":0,"midstream":0,"l3_proto":"ip4","src_ip":"172.16.0.8","dst_ip":"64.13.134.52","src_port":36050,"dst_port":31337,"l4_proto":"tcp","ndpi": {"proto":"Unknown","breed":"Unrated"}} 00496{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2011,"source":"synscan.pcap","alias":"nDPId-test","flow_id":109,"flow_packet_id":2,"flow_first_seen":1278275058031,"flow_last_seen":1278275058093,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":0,"flow_tot_l4_payload_len":0,"flow_avg_l4_payload_len":0,"midstream":0,"l3_proto":"ip4","src_ip":"172.16.0.8","dst_ip":"64.13.134.52","src_port":36050,"dst_port":31337,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00129{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":2011,"source":"synscan.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 2011/2011 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 48244 bytes +~~ total detected protocols..: 2 +~~ total active/idle flows...: 1994/1994 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 11160338 bytes +~~ total memory freed........: 11160338 bytes +~~ total allocations/frees...: 66348/66348 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/teams.pcap.out b/test/results/teams.pcap.out index c33b55bd8..dba89cbf5 100644 --- a/test/results/teams.pcap.out +++ b/test/results/teams.pcap.out @@ -1117,3 +1117,14 @@ 00504{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2817,"source":"teams.pcap","alias":"nDPId-test","flow_id":55,"flow_packet_id":32,"flow_first_seen":1587041687436,"flow_last_seen":1587041687725,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":1440,"flow_tot_l4_payload_len":9349,"flow_avg_l4_payload_len":292,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.1.6","dst_ip":"104.40.187.151","src_port":60562,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00498{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2817,"source":"teams.pcap","alias":"nDPId-test","flow_id":41,"flow_packet_id":2,"flow_first_seen":1587041685093,"flow_last_seen":1587041685127,"flow_min_l4_payload_len":53,"flow_max_l4_payload_len":174,"flow_tot_l4_payload_len":227,"flow_avg_l4_payload_len":113,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.1.6","dst_ip":"192.168.1.1","src_port":50653,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00127{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":2817,"source":"teams.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 2817/2775 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 1392023 bytes +~~ total detected protocols..: 78 +~~ total active/idle flows...: 85/85 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 6908722 bytes +~~ total memory freed........: 6908722 bytes +~~ total allocations/frees...: 61882/61882 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/teamspeak3.pcap.out b/test/results/teamspeak3.pcap.out index ec60a0bdb..4e912cc48 100644 --- a/test/results/teamspeak3.pcap.out +++ b/test/results/teamspeak3.pcap.out @@ -16,3 +16,14 @@ 00443{"flow_id":1,"flow_packet_id":13,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":13,"source":"teamspeak3.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":946745717,"pkt_ts_usec":746131,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"pkt":"REREREREZmZmZmZmCABFAAA+3ANAAK8RVIkKAAABCgAAAs\/DJwMAKptdVFMzSU5JVDEAZQAAiA3QV2YAX1kXBU+nh1MAAAAAAAAAAA=="} 00496{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":13,"source":"teamspeak3.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":13,"flow_first_seen":946745680740,"flow_last_seen":946745717746,"flow_min_l4_payload_len":34,"flow_max_l4_payload_len":188,"flow_tot_l4_payload_len":1365,"flow_avg_l4_payload_len":105,"midstream":0,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"10.0.0.2","src_port":53187,"dst_port":9987,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00130{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":13,"source":"teamspeak3.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 13/13 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 1469 bytes +~~ total detected protocols..: 1 +~~ total active/idle flows...: 1/1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4820460 bytes +~~ total memory freed........: 4820460 bytes +~~ total allocations/frees...: 58371/58371 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/telegram.pcap.out b/test/results/telegram.pcap.out index 788badcb5..eb3826c40 100644 --- a/test/results/telegram.pcap.out +++ b/test/results/telegram.pcap.out @@ -514,3 +514,14 @@ 00507{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1566,"source":"telegram.pcap","alias":"nDPId-test","flow_id":36,"flow_packet_id":3,"flow_first_seen":1588779634762,"flow_last_seen":1588779634795,"flow_min_l4_payload_len":28,"flow_max_l4_payload_len":1350,"flow_tot_l4_payload_len":2728,"flow_avg_l4_payload_len":909,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.1.77","dst_ip":"216.58.205.68","src_port":61974,"dst_port":443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00515{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1566,"source":"telegram.pcap","alias":"nDPId-test","flow_id":6,"flow_packet_id":120,"flow_first_seen":1588779596708,"flow_last_seen":1588779655298,"flow_min_l4_payload_len":100,"flow_max_l4_payload_len":427,"flow_tot_l4_payload_len":19803,"flow_avg_l4_payload_len":165,"midstream":0,"l3_proto":"ip6","src_ip":"fe80::4ba:91a:7817:e318","dst_ip":"ff02::fb","src_port":5353,"dst_port":5353,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00130{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":1566,"source":"telegram.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 1566/1566 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 281061 bytes +~~ total detected protocols..: 53 +~~ total active/idle flows...: 54/54 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 5032649 bytes +~~ total memory freed........: 5032649 bytes +~~ total allocations/frees...: 60085/60085 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/teredo.pcap.out b/test/results/teredo.pcap.out index c55334182..89fa58d4f 100644 --- a/test/results/teredo.pcap.out +++ b/test/results/teredo.pcap.out @@ -39,3 +39,14 @@ 00501{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":24,"source":"teredo.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":4,"flow_first_seen":1438853615305,"flow_last_seen":1438853653403,"flow_min_l4_payload_len":61,"flow_max_l4_payload_len":109,"flow_tot_l4_payload_len":340,"flow_avg_l4_payload_len":85,"midstream":0,"l3_proto":"ip4","src_ip":"10.112.16.106","dst_ip":"194.136.28.76","src_port":52513,"dst_port":3544,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00500{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":24,"source":"teredo.pcap","alias":"nDPId-test","flow_id":3,"flow_packet_id":2,"flow_first_seen":1438853629357,"flow_last_seen":1438853629411,"flow_min_l4_payload_len":61,"flow_max_l4_payload_len":109,"flow_tot_l4_payload_len":170,"flow_avg_l4_payload_len":85,"midstream":0,"l3_proto":"ip4","src_ip":"10.112.16.92","dst_ip":"194.136.28.76","src_port":63448,"dst_port":3544,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00126{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":24,"source":"teredo.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 24/24 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 1758 bytes +~~ total detected protocols..: 5 +~~ total active/idle flows...: 5/5 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4833387 bytes +~~ total memory freed........: 4833387 bytes +~~ total allocations/frees...: 58394/58394 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/tftp_rrq.pcap.out b/test/results/tftp_rrq.pcap.out index 0d6a5cb6c..e5d8992a8 100644 --- a/test/results/tftp_rrq.pcap.out +++ b/test/results/tftp_rrq.pcap.out @@ -22,3 +22,14 @@ 00516{"flow_event_id":4,"flow_event_name":"guessed","thread_id":0,"packet_id":99,"source":"tftp_rrq.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":1,"flow_first_seen":1367411051972,"flow_last_seen":0,"flow_min_l4_payload_len":20,"flow_max_l4_payload_len":20,"flow_tot_l4_payload_len":20,"flow_avg_l4_payload_len":20,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.0.253","dst_ip":"192.168.0.10","src_port":50618,"dst_port":69,"l4_proto":"udp","ndpi": {"proto":"STUN","breed":"Acceptable","category":"Network"}} 00486{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":99,"source":"tftp_rrq.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":1,"flow_first_seen":1367411051972,"flow_last_seen":0,"flow_min_l4_payload_len":20,"flow_max_l4_payload_len":20,"flow_tot_l4_payload_len":20,"flow_avg_l4_payload_len":20,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.0.253","dst_ip":"192.168.0.10","src_port":50618,"dst_port":69,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00128{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":99,"source":"tftp_rrq.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 99/99 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 25803 bytes +~~ total detected protocols..: 1 +~~ total active/idle flows...: 2/2 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4826106 bytes +~~ total memory freed........: 4826106 bytes +~~ total allocations/frees...: 58460/58460 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/tinc.pcap.out b/test/results/tinc.pcap.out index 2ef936dee..916ff61a1 100644 --- a/test/results/tinc.pcap.out +++ b/test/results/tinc.pcap.out @@ -72,3 +72,14 @@ 00511{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":317,"source":"tinc.pcap","alias":"nDPId-test","flow_id":4,"flow_packet_id":134,"flow_first_seen":1495983428043,"flow_last_seen":1495983463866,"flow_min_l4_payload_len":76,"flow_max_l4_payload_len":1468,"flow_tot_l4_payload_len":164136,"flow_avg_l4_payload_len":1224,"midstream":0,"l3_proto":"ip4","src_ip":"185.83.218.112","dst_ip":"131.114.168.27","src_port":55656,"dst_port":55656,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00505{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":317,"source":"tinc.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":26,"flow_first_seen":1495983427717,"flow_last_seen":1495983475073,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":1039,"flow_tot_l4_payload_len":4647,"flow_avg_l4_payload_len":178,"midstream":0,"l3_proto":"ip4","src_ip":"131.114.168.27","dst_ip":"185.83.218.112","src_port":59244,"dst_port":55655,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00125{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":317,"source":"tinc.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 317/317 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 341465 bytes +~~ total detected protocols..: 4 +~~ total active/idle flows...: 4/4 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4847245 bytes +~~ total memory freed........: 4847245 bytes +~~ total allocations/frees...: 58696/58696 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/tk.pcap.out b/test/results/tk.pcap.out index 8d7217b96..370853e26 100644 --- a/test/results/tk.pcap.out +++ b/test/results/tk.pcap.out @@ -18,3 +18,14 @@ 00491{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6,"source":"tk.pcap","alias":"nDPId-test","flow_id":3,"flow_packet_id":2,"flow_first_seen":1613939315184,"flow_last_seen":1613939315239,"flow_min_l4_payload_len":30,"flow_max_l4_payload_len":89,"flow_tot_l4_payload_len":119,"flow_avg_l4_payload_len":59,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.1.178","dst_ip":"192.168.1.1","src_port":53820,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00490{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6,"source":"tk.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":2,"flow_first_seen":1613939315029,"flow_last_seen":1613939315127,"flow_min_l4_payload_len":30,"flow_max_l4_payload_len":46,"flow_tot_l4_payload_len":76,"flow_avg_l4_payload_len":38,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.1.178","dst_ip":"192.168.1.1","src_port":51954,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00121{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":6,"source":"tk.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 6/6 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 362 bytes +~~ total detected protocols..: 3 +~~ total active/idle flows...: 3/3 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4826561 bytes +~~ total memory freed........: 4826561 bytes +~~ total allocations/frees...: 58370/58370 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/tls-esni-fuzzed.pcap.out b/test/results/tls-esni-fuzzed.pcap.out index bf56cf571..02b2d5b6f 100644 --- a/test/results/tls-esni-fuzzed.pcap.out +++ b/test/results/tls-esni-fuzzed.pcap.out @@ -12,3 +12,14 @@ 00497{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3,"source":"tls-esni-fuzzed.pcap","alias":"nDPId-test","flow_id":3,"flow_packet_id":1,"flow_first_seen":1590680391590,"flow_last_seen":0,"flow_min_l4_payload_len":716,"flow_max_l4_payload_len":716,"flow_tot_l4_payload_len":716,"flow_avg_l4_payload_len":716,"midstream":1,"l3_proto":"ip4","src_ip":"192.168.1.12","dst_ip":"104.22.71.197","src_port":49897,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00498{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3,"source":"tls-esni-fuzzed.pcap","alias":"nDPId-test","flow_id":2,"flow_packet_id":1,"flow_first_seen":1590680387847,"flow_last_seen":0,"flow_min_l4_payload_len":716,"flow_max_l4_payload_len":716,"flow_tot_l4_payload_len":716,"flow_avg_l4_payload_len":716,"midstream":1,"l3_proto":"ip4","src_ip":"192.168.1.12","dst_ip":"104.16.125.175","src_port":49887,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00134{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":3,"source":"tls-esni-fuzzed.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 3/3 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 2208 bytes +~~ total detected protocols..: 3 +~~ total active/idle flows...: 3/3 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4833914 bytes +~~ total memory freed........: 4833914 bytes +~~ total allocations/frees...: 58378/58378 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/tls-rdn-extract.pcap.out b/test/results/tls-rdn-extract.pcap.out index 6cf7faeb9..af05a3e35 100644 --- a/test/results/tls-rdn-extract.pcap.out +++ b/test/results/tls-rdn-extract.pcap.out @@ -11,3 +11,14 @@ 02977{"flow_event_id":6,"flow_event_name":"detection-update","thread_id":0,"packet_id":6,"source":"tls-rdn-extract.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":6,"flow_first_seen":946681200000,"flow_last_seen":946681200000,"flow_min_l4_payload_len":127,"flow_max_l4_payload_len":1460,"flow_tot_l4_payload_len":6881,"flow_avg_l4_payload_len":1146,"midstream":1,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"213.199.149.251","src_port":31337,"dst_port":443,"l4_proto":"tcp","ndpi": {"flow_risk": {"7":"Obsolete TLS version (< 1.1)","8":"Weak TLS cipher","9":"TLS Expired Certificate"},"proto":"TLS.Microsoft","breed":"Safe","category":"Web"},"tls": {"version":"TLSv1","client_requested_server_name":"ads1.msads.net","server_names":"*.vo.msecnd.net,*.officeapps.live.com,*.msads.net,*.ads2.msads.net,*.stc.s-msn.com,cdn.dc2files.*.livefilestore-int.com,cdn.*.livefilestore.com,*.marketplace.windowsmobile.com,*.marketplace.windowsmobile-int.com,*.marketplace.windowsmobile-perf.com,*.stj.s-msn.com,ajax.microsoft.com,*.microsoft-sbs-domains.com,*.live.net,*.msn.com,*.msn-int.com,*.f1ds.shared.live-int.com,*.f1ds.wlxrs-int.com,*.shared.live-int.com,*.shared.live.com,*.microsoft.com,*.live.com,*.live-int.com,*.wlxrs.com,*.wlxrs-int.com,*.st.s-msn.com,*.stb.s-msn.com,images.moxy.windowsphone-int.com,*.wlxrsu-int.com,images.partner.windowsphone-int.com,images.partner.windowsphone.com,*.jp.msn.com,*.c3scs.jp.msn.com,*.aspnetcdn.com,*.hotmail.com,*.partner-df.windowsphone-int.com,*.s-msn.com,*.live-int.net,*.windowsphone-int.com,*.windowsphone.com,*.partner-pc.windowsphone-int.com,*.manage.microsoft.com","ja3":"2201d8e006f8f005a6b415f61e677532","ja3s":"18e962e106761869a61045bed0e81c2c","unsafe_cipher":1,"cipher":"TLS_RSA_WITH_AES_128_CBC_SHA","issuerDN":"CN=Microsoft Secure Server Authority","issuerDN":"C=US, L=Redmond, O=Microsoft, OU=GFS, CN=*.officeapps.live.com, CN=*.msads.net, CN=*.ads2.msads.net, CN=*.stc.s-msn.com, CN=cdn.dc2files.*.livefilestore-int.com, CN=cdn.*.livefilestore.com, CN=*.marketplace.windowsmobile.com, CN=*.marketplace.windowsmobile-int.com, CN=*.marketplace.windowsmobile-perf.com, CN=*.stj.s-msn.com, CN=ajax.microsoft.com, CN=*.microsoft-sbs-domains.com, CN=*.live.net, CN=*.msn.com, CN=*.msn-int.com, CN=*.f1ds.shared.live-int.com, CN=*.f1ds.wlxrs-int.com, CN=*.shared.live-int.com, CN=*.shared.live.com, CN=*.microsoft.com, CN=*.live.com, CN=*.live-int.com, CN=*.wlxrs.com, CN=*.wlxrs-int.com, CN=*.st.s-msn.com, CN=*.stb.s-msn.com, CN=images.moxy.windowsphone-int.com, CN=*.wlxrsu-int.com, CN=images.partner.windowsphone-int.com, CN=images.partner.windowsphone.com, CN=*.jp.msn.com, CN=*.c3scs.jp.msn.com, CN=*.aspnetcdn.com, CN=*.hotmail.com, CN=*.partner-df.windowsphone-int.com, CN=*.s-msn.com, CN=*.live-int.net, CN=*.windowsphone-int.com, CN=*.windowsphone.com, CN=*.partner-pc.windowsphone-int.com, CN=*.manage.microsoft.com, CN=*.vo.msecnd.net","fingerprint":"FF:BF:9A:69:8F:C8:44:FF:89:F2:61:49:A7:D1:9A:98:DE:32:84:3B"}} 00508{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6,"source":"tls-rdn-extract.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":6,"flow_first_seen":946681200000,"flow_last_seen":946681200000,"flow_min_l4_payload_len":127,"flow_max_l4_payload_len":1460,"flow_tot_l4_payload_len":6881,"flow_avg_l4_payload_len":1146,"midstream":1,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"213.199.149.251","src_port":31337,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00134{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":6,"source":"tls-rdn-extract.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 6/6 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 7001 bytes +~~ total detected protocols..: 1 +~~ total active/idle flows...: 1/1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4861924 bytes +~~ total memory freed........: 4861924 bytes +~~ total allocations/frees...: 58413/58413 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/tls_esni_sni_both.pcap.out b/test/results/tls_esni_sni_both.pcap.out index 4f5d99d8a..55fce747f 100644 --- a/test/results/tls_esni_sni_both.pcap.out +++ b/test/results/tls_esni_sni_both.pcap.out @@ -38,3 +38,14 @@ 00512{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":38,"source":"tls_esni_sni_both.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":20,"flow_first_seen":1595697574192,"flow_last_seen":1595697574326,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":1460,"flow_tot_l4_payload_len":7615,"flow_avg_l4_payload_len":380,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.1.21","dst_ip":"104.17.175.85","src_port":55500,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00512{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":38,"source":"tls_esni_sni_both.pcap","alias":"nDPId-test","flow_id":2,"flow_packet_id":18,"flow_first_seen":1595697597731,"flow_last_seen":1595697597855,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":1460,"flow_tot_l4_payload_len":6160,"flow_avg_l4_payload_len":342,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.1.21","dst_ip":"104.17.175.85","src_port":55514,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00137{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":38,"source":"tls_esni_sni_both.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 38/38 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 14607 bytes +~~ total detected protocols..: 2 +~~ total active/idle flows...: 2/2 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4842837 bytes +~~ total memory freed........: 4842837 bytes +~~ total allocations/frees...: 58409/58409 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/tls_invalid_reads.pcap.out b/test/results/tls_invalid_reads.pcap.out index 6efee9db9..0dd43a1a7 100644 --- a/test/results/tls_invalid_reads.pcap.out +++ b/test/results/tls_invalid_reads.pcap.out @@ -23,3 +23,14 @@ 00751{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":12,"source":"tls_invalid_reads.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1544035479,"pkt_ts_usec":768404,"pkt_caplen":324,"pkt_type":33024,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":324,"pkt_l4_len":0,"pkt":"AAAAAAAFYAgQGhx\/gQBsn4EAYAIIAEVoAS7V9AAA\/xG2FAruJEAK7vQxCGgIaAEaAAAw\/wEKB+zklkUAAOux30AAQAbbUgq\/ixE23eAt5LgBu\/kVfJ8aWkgcgBgFWRb9AAABAQgKABTNax1e0BYWAwEAsgEAAK4DA+Jfj3VZ7Se+llOF2hoK\/0SOWa4JB8kGoFPipHXr6zI3AAAowCvALMAvwDAAngCfwAnACsATwBQAMwA5wAfAEQCcAJ0ALwA1AAUA\/wEAAF0AAAAWABQAABFlLmNyYXNobHl0aWNzLmNvbQAXAAAAIwAAAA0AFgAUBgEGAwUBBQMEAQQDAwEDAwIBAgMAEAALuImlL1Y1GeVflD5H40\/GlDV3w0Q4eHATzs15UMvq3bDFbT9WBxf4WY7WsXHZhuEm\/fgNJZccyFnwUKMb"} 00159{"basic_event_id":5,"basic_event_name":"Unknown packet type","thread_id":0,"packet_id":12,"source":"tls_invalid_reads.pcap","alias":"nDPId-test","type":33024} 00137{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":12,"source":"tls_invalid_reads.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 12/8 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 1613 bytes +~~ total detected protocols..: 2 +~~ total active/idle flows...: 2/2 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4827563 bytes +~~ total memory freed........: 4827563 bytes +~~ total allocations/frees...: 58371/58371 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/tls_long_cert.pcap.out b/test/results/tls_long_cert.pcap.out index fb57fc799..e1273151f 100644 --- a/test/results/tls_long_cert.pcap.out +++ b/test/results/tls_long_cert.pcap.out @@ -20,3 +20,14 @@ 01566{"flow_id":1,"flow_packet_id":15,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":15,"source":"tls_long_cert.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1553619078,"pkt_ts_usec":105197,"pkt_caplen":902,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":902,"pkt_l4_len":868,"pkt":"BBjWMe9aeDHBvV4kCABFAAN4AABAAEAGNI3AqAJ+aG\/XXesOAbssL+9iMZpZdIAYCACgXgAAAQEICiSv2bvQt2sFFwMDAz8AAAAAAAAAAuMmufqqvCfCAgI+Y8ziAqtHnha8l08vk42HEKw5f8DNApnAf8eKGbrx81Mau3Kmxm7mc51VsRf3eP8BKCREjqar62CkMs3353fhMkczdZrTQh04YZgdkMJnSYFA4IiBLU1ncL\/o7W5EdFOmDG80nxc+JX5TM5N8c\/68A8pL7d4\/SXNUhHxe6BYbqz1ca6V0ykfLrkBJfeIMsQX1HGuKEEVBqn4ldYw\/k4Hc7PjMH4SPmr5Eor\/tMJjXaJhp9Bo+WuiHzj+8r+qVGVESvVM5uAiGhFbV\/jTRSXhGemYw82ONxC+6sF137EptS2HXtf2+Q89WVpGM\/UqKRf0xutuxtqQgaj50Bo136z61I3zDp5DgRhPhbx7UmTMY6G3yG4D2C\/6ylHqdx8IwZxbf3txr1TnyZ6t6NEUGLPyRtff+UZinltNjRbDh0OeMHX6qgYfdh+mmJSxUItZc7CDFNjqeoSIK5duKt9Oh\/nL1tHm+ZqKSxfLuhJ3ohEAsQAES3V\/pC3OtgKA5W60oylVTTb5\/i4dxCH820+amYUnuY5nY93oDQifKZRf83pgimFeleqpIkko1q3+6G4oF64xQ2oU7TX41+jdTIt\/wMtO4bo85mmZKePkoS5Dq5W8LtVNMBzUhbMZHJjxK5vanJNtBQOT6Vgc1ts7Z3VUqKIHrbCkw+riLw5taZE7qi+G8+Kh54juPU9m63V5iVXtN6S60y+EkKeVI+nAxw+2qVfFHV7RAnrM8KkXjFxvnUdSPSEFVr\/YGrOy1R8ltnqncOwARaMuX+zBwS\/XV5N8iC8p4uJsKUWh0i9VWtZtQkThVs3QiX362SVnNNPocF0+IQy+zl+fhkUuQ4X5wfhipaWHAKjxCavdUYRgE7LBRhFBQ6y6aBJ+y61PNJdt4N7yU7gydERP1C0+C\/xTDZztQVRZNmNyfILw2mQVuoP8ICAbsjc7MhFI6qu+kcMxy2+L32f+JInMGFsDu\/mOves3MgjcTzzjivlqZ1EBBgY2vFvckrPKwnJNGye6e1H8jhmGRGsrq6Dc5YlcV0qstUWKAnYlX5noGh9TZ0AY7xXAldx5TQ40IiedW1b41+pyOgjQ="} 00514{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":182,"source":"tls_long_cert.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":182,"flow_first_seen":1553619078033,"flow_last_seen":1553619149372,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":1448,"flow_tot_l4_payload_len":105569,"flow_avg_l4_payload_len":580,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"104.111.215.93","src_port":60174,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00134{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":182,"source":"tls_long_cert.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 182/182 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 111413 bytes +~~ total detected protocols..: 1 +~~ total active/idle flows...: 1/1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4866199 bytes +~~ total memory freed........: 4866199 bytes +~~ total allocations/frees...: 58602/58602 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/tls_verylong_certificate.pcap.out b/test/results/tls_verylong_certificate.pcap.out index cc3ef5f52..a451d048d 100644 --- a/test/results/tls_verylong_certificate.pcap.out +++ b/test/results/tls_verylong_certificate.pcap.out @@ -20,3 +20,14 @@ 00513{"flow_id":1,"flow_packet_id":15,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":15,"source":"tls_verylong_certificate.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1578254908,"pkt_ts_usec":512283,"pkt_caplen":117,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":117,"pkt_l4_len":83,"pkt":"KDc3AG3IEBMx8Tl2CABFAABnJkZAADYGgmyXZUIxwKgBoAG71hTYdrP5q+PiyIAYADhRZgAAAQEICnKdu40Bv7cvFAMDAAEBFgMDACj8bciWxFxco8nBV+vz6uJapqJf1ww4lYVxVlyDlR2X\/\/a25cyE9xS0"} 00521{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":48,"source":"tls_verylong_certificate.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":48,"flow_first_seen":1578254908457,"flow_last_seen":1578254908551,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":1368,"flow_tot_l4_payload_len":19077,"flow_avg_l4_payload_len":397,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.1.160","dst_ip":"151.101.66.49","src_port":54804,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00144{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":48,"source":"tls_verylong_certificate.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 48/48 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 20597 bytes +~~ total detected protocols..: 1 +~~ total active/idle flows...: 1/1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4993754 bytes +~~ total memory freed........: 4993754 bytes +~~ total allocations/frees...: 58543/58543 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/tor.pcap.out b/test/results/tor.pcap.out index e41c0e3b3..e3a7d7148 100644 --- a/test/results/tor.pcap.out +++ b/test/results/tor.pcap.out @@ -472,3 +472,14 @@ 00503{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3859,"source":"tor.pcap","alias":"nDPId-test","flow_id":11,"flow_packet_id":32,"flow_first_seen":1383822129889,"flow_last_seen":1383822265160,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":1460,"flow_tot_l4_payload_len":8625,"flow_avg_l4_payload_len":269,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.1.252","dst_ip":"212.83.155.250","src_port":51174,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00506{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3859,"source":"tor.pcap","alias":"nDPId-test","flow_id":13,"flow_packet_id":1826,"flow_first_seen":1383822130889,"flow_last_seen":1383822265215,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":1460,"flow_tot_l4_payload_len":1411596,"flow_avg_l4_payload_len":773,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.1.252","dst_ip":"38.229.70.53","src_port":51176,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00125{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":3859,"source":"tor.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 3859/3694 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 2886102 bytes +~~ total detected protocols..: 19 +~~ total active/idle flows...: 20/20 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 5001808 bytes +~~ total memory freed........: 5001808 bytes +~~ total allocations/frees...: 62130/62130 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/trickbot.pcap.out b/test/results/trickbot.pcap.out index 961f6c461..95f993e28 100644 --- a/test/results/trickbot.pcap.out +++ b/test/results/trickbot.pcap.out @@ -19,3 +19,14 @@ 02403{"flow_id":1,"flow_packet_id":15,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":15,"source":"trickbot.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1609266109,"pkt_ts_usec":508985,"pkt_caplen":1514,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1514,"pkt_l4_len":1480,"pkt":"AAgCHEeuIOUqtpPxCABFAAXcYE0AAIAGeSNSduHECgwdZRuo74Zi7WewEnbcVFAQ+vCZ3wAAKxkPv0AaA6ZGcQjAFPG1i3bFgP7usmIhGBKyiXvC+9Coca73cem7oBgmT\/W0abVcwBTLNBjxNKVWAHQ4nygPFvB01N+NUYOWTHfT9BmVMGJLX68WbXxyyW4BWXsrgNax7AkOcb9M8cpE2wfv+Syw1p2\/3b19rXRJhamDlMt7QQCyVLj7MG\/gmo5aA\/RMLoovC\/cnwNKc4yHWMQ\/spJ5AqgmiozWq7NpbcFXR6FeOs+bFx5vY3zBfokCkV7h0fwMLoGubeAdlxHIF5vqz3WZYoyRDF7MGVkzLVX8n1NghN6XolPvX75Zwox0rUZVWSJD3XhMVU\/E\/IXpndmjItwgKgMdfrMlo+LZ0tGMMAhYMSZnC\/5MVT+VB0pLkzr753cFidiyQesvEx26Uvpw7amSYI\/k\/eHnCs5V3pkgxmyEXlj3AaE7IhPh\/3ZGl0pWRqBWT2FCvfC210NkKOsPoWKdErIZZ+dDtfUiIXGC3JCByN8o2TVtDdsHUiik7FsKEcX5TMyGJKXFAQP1XFBEIGgYKdeY3ED2tmOdYYGrBzKy+koAAgJXqZ0q1h3iFh2RrGL4tysay2MTGZiGDjF8hRpd1O8\/s7glx+VWCUa4f29+nbunC9+eh1djoeE0yYlUf25swEQHzTdM86HExsD\/znUfBQ30i4lz5F8omVaNwZC+\/HNRWFKu7g0r6kJ3fFg9yxqQtFbPbu+KXEH02jlKE6Qr0T9X36ZNG0cRuEBIpLRknN6Zp8ugd2Ga6hIlICjGA99gCumhWqU3FJJ66wIr1+Kcsh6XBUk9HqOE5Wyu9siM4gDySlCu+oXAg6\/xgSilX2mbXQU0rt0fCyrLrLm9hFcn6arcSqN4LyIv3Zgb5GNOqlS7VHIkzRnGRgCTwe8EvCWN\/v6EgXDQ1DHFrzgusR+nvjBfCcC83mpGRb9TLQ1zYJr\/u\/abfVw80vOeM2ZWp3Cb+l5i24AZF5ytjOsJAmq6oXHwznGBDGbyOTVWDiUZNU6TsmZulUQs5tMVAgpChF\/7E+gHoeWinkxc\/a0VOUmEEPH06pjPsiIOmd\/9apUwMV\/l+wKmptaS+LQMLHbNj2VaNPPwzXvR9k3Y0x7ZELJzo41B8VLjajkegyhOiGz47IFUHiZThn4UvYBnnsWYBZIeajBkbS1QREMxuZVz6Vm5Pp+K9t5nY+SimaScNl9WLDmHOAOtW4n9FH4zlN8z9D0F\/a1maWmRHFJN4Kt5Mu+r\/FrWazx3ECmYB80\/Xuj7cHSofm8Uk0wACYiSd9+vUkmYel7uV9c85NwAxkVazfPvCgLQL\/U4Ldoc2Qxz1\/54oE3uRFk9h\/V7WvtguMFm4LPPB9TlhO\/LXtUXVYqp91zHP36CgItPdmRLyg96LS3eyGGWomV0QNG4Zyf\/H0Gfyik4d25JvDgixmtOeK+EjU3ob07I3+xY7wSO3QELs3tUX2O5F\/8mKYxURnBDle9ZCs1xR7LffyD3IhzxsGl0pIAddsfcwzjb2G1pUPNdQ5kMBAD+gxPZWVJaN\/jzh4Zjx0Lte9IS+nTCfaHYkIJXpnIKYnipEOH5Flsd7+vohDpige+YQHRZVG2LlzghLfY0gBkuppDdOhrgA5HYnUxu9FNWVkOumFlvD5W+DkRvWL\/r6ouDQB1CyE9ybFYTUoAyiclYov9WWv5JLWLTcc5oqDZRMUnk8LMnIcEEGSTbaq7GhpzepcUz6IA1KsLUj+rvvww1hoe3HUUDZgZsWwKM3jL756Ht\/OrdOVuxtL2xBIgpeu7dcLIdPrmQDbN6GAUQagfSDS0vFfbfF06tAOI2B3G36NuxPUeQdJU8QBCY12yiab\/DH\/AX6bHTMRxzY8yktz2iRCVkcb7CEdvUZY\/ZpHqZJF\/AX5PWXS\/jzQLmWyemVvh0PBn0HowzcWrkaDlMqPQ+aaxgwq8idVQc8LQM3F5G2OgOALbU="} 00506{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":74,"source":"trickbot.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":74,"flow_first_seen":1609266107551,"flow_last_seen":1609266115947,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":1460,"flow_tot_l4_payload_len":57990,"flow_avg_l4_payload_len":783,"midstream":0,"l3_proto":"ip4","src_ip":"10.12.29.101","dst_ip":"82.118.225.196","src_port":61318,"dst_port":7080,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00128{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":74,"source":"trickbot.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 74/74 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 59486 bytes +~~ total detected protocols..: 1 +~~ total active/idle flows...: 1/1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4822405 bytes +~~ total memory freed........: 4822405 bytes +~~ total allocations/frees...: 58436/58436 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/tumblr.pcap.out b/test/results/tumblr.pcap.out index b0f65d236..1907d0a7b 100644 --- a/test/results/tumblr.pcap.out +++ b/test/results/tumblr.pcap.out @@ -478,3 +478,14 @@ 00554{"flow_event_id":4,"flow_event_name":"guessed","thread_id":0,"packet_id":24745,"source":"tumblr.pcap","alias":"nDPId-test","flow_id":22,"flow_packet_id":2,"flow_first_seen":1605292116554,"flow_last_seen":1605292116783,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":0,"flow_tot_l4_payload_len":0,"flow_avg_l4_payload_len":0,"midstream":1,"l3_proto":"ip6","src_ip":"2a01:cb01:2049:8b07:991d:ec85:28df:f629","dst_ip":"2a00:1450:4007:805::2002","src_port":50960,"dst_port":443,"l4_proto":"tcp","ndpi": {"proto":"TLS","breed":"Safe","category":"Web"}} 00535{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":24745,"source":"tumblr.pcap","alias":"nDPId-test","flow_id":22,"flow_packet_id":2,"flow_first_seen":1605292116554,"flow_last_seen":1605292116783,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":0,"flow_tot_l4_payload_len":0,"flow_avg_l4_payload_len":0,"midstream":1,"l3_proto":"ip6","src_ip":"2a01:cb01:2049:8b07:991d:ec85:28df:f629","dst_ip":"2a00:1450:4007:805::2002","src_port":50960,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00129{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":24745,"source":"tumblr.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 24745/24745 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 23003102 bytes +~~ total detected protocols..: 13 +~~ total active/idle flows...: 48/48 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 7899645 bytes +~~ total memory freed........: 7899645 bytes +~~ total allocations/frees...: 83425/83425 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/ubntac2.pcap.out b/test/results/ubntac2.pcap.out index 32780a6ec..503a42219 100644 --- a/test/results/ubntac2.pcap.out +++ b/test/results/ubntac2.pcap.out @@ -32,3 +32,14 @@ 00577{"flow_event_id":5,"flow_event_name":"detected","thread_id":0,"packet_id":8,"source":"ubntac2.pcap","alias":"nDPId-test","flow_id":8,"flow_packet_id":1,"flow_first_seen":1486943504301,"flow_last_seen":0,"flow_min_l4_payload_len":175,"flow_max_l4_payload_len":175,"flow_tot_l4_payload_len":175,"flow_avg_l4_payload_len":175,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.1.1","dst_ip":"255.255.255.255","src_port":42838,"dst_port":10001,"l4_proto":"udp","ndpi": {"proto":"UBNTAC2","breed":"Safe","category":"Network"},"ubntac2": {"version":"UniFiSecurityGateway.ER-e120.v4"}} 00492{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":8,"source":"ubntac2.pcap","alias":"nDPId-test","flow_id":8,"flow_packet_id":1,"flow_first_seen":1486943504301,"flow_last_seen":0,"flow_min_l4_payload_len":175,"flow_max_l4_payload_len":175,"flow_tot_l4_payload_len":175,"flow_avg_l4_payload_len":175,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.1.1","dst_ip":"255.255.255.255","src_port":42838,"dst_port":10001,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00126{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":8,"source":"ubntac2.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 8/8 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 1464 bytes +~~ total detected protocols..: 8 +~~ total active/idle flows...: 8/8 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4842379 bytes +~~ total memory freed........: 4842379 bytes +~~ total allocations/frees...: 58387/58387 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/upnp.pcap.out b/test/results/upnp.pcap.out index fee91ce9b..a772e60f4 100644 --- a/test/results/upnp.pcap.out +++ b/test/results/upnp.pcap.out @@ -20,3 +20,14 @@ 00533{"flow_event_id":4,"flow_event_name":"guessed","thread_id":0,"packet_id":14,"source":"upnp.pcap","alias":"nDPId-test","flow_id":2,"flow_packet_id":7,"flow_first_seen":1541515314827,"flow_last_seen":1541515321472,"flow_min_l4_payload_len":656,"flow_max_l4_payload_len":656,"flow_tot_l4_payload_len":4592,"flow_avg_l4_payload_len":656,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.61.66","dst_ip":"239.255.255.250","src_port":58931,"dst_port":3702,"l4_proto":"udp","ndpi": {"proto":"WSD","breed":"Acceptable","category":"Network"}} 00504{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":14,"source":"upnp.pcap","alias":"nDPId-test","flow_id":2,"flow_packet_id":7,"flow_first_seen":1541515314827,"flow_last_seen":1541515321472,"flow_min_l4_payload_len":656,"flow_max_l4_payload_len":656,"flow_tot_l4_payload_len":4592,"flow_avg_l4_payload_len":656,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.61.66","dst_ip":"239.255.255.250","src_port":58931,"dst_port":3702,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00124{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":14,"source":"upnp.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 14/14 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 9296 bytes +~~ total detected protocols..: 0 +~~ total active/idle flows...: 2/2 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4823641 bytes +~~ total memory freed........: 4823641 bytes +~~ total allocations/frees...: 58375/58375 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/viber.pcap.out b/test/results/viber.pcap.out index b54d2644f..95cba4d22 100644 --- a/test/results/viber.pcap.out +++ b/test/results/viber.pcap.out @@ -288,3 +288,14 @@ 00490{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":424,"source":"viber.pcap","alias":"nDPId-test","flow_id":22,"flow_packet_id":6,"flow_first_seen":1527155679410,"flow_last_seen":1527155685132,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":0,"flow_tot_l4_payload_len":0,"flow_avg_l4_payload_len":0,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.0.17","dst_ip":"18.201.4.3","src_port":33744,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00497{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":424,"source":"viber.pcap","alias":"nDPId-test","flow_id":9,"flow_packet_id":2,"flow_first_seen":1527155641813,"flow_last_seen":1527155641840,"flow_min_l4_payload_len":36,"flow_max_l4_payload_len":143,"flow_tot_l4_payload_len":179,"flow_avg_l4_payload_len":89,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.0.17","dst_ip":"192.168.0.15","src_port":40445,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00126{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":424,"source":"viber.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 424/420 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 132911 bytes +~~ total detected protocols..: 22 +~~ total active/idle flows...: 26/26 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 5163573 bytes +~~ total memory freed........: 5163573 bytes +~~ total allocations/frees...: 58929/58929 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/vnc.pcap.out b/test/results/vnc.pcap.out index adaea0c50..d65c5b3d3 100644 --- a/test/results/vnc.pcap.out +++ b/test/results/vnc.pcap.out @@ -36,3 +36,14 @@ 00503{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":4551,"source":"vnc.pcap","alias":"nDPId-test","flow_id":2,"flow_packet_id":1008,"flow_first_seen":1476111286462,"flow_last_seen":1476111290613,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":35,"flow_tot_l4_payload_len":17966,"flow_avg_l4_payload_len":17,"midstream":0,"l3_proto":"ip4","src_ip":"95.237.48.208","dst_ip":"192.168.2.110","src_port":51559,"dst_port":6900,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00502{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":4551,"source":"vnc.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":3543,"flow_first_seen":1476111264364,"flow_last_seen":1476111280884,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":35,"flow_tot_l4_payload_len":64300,"flow_avg_l4_payload_len":18,"midstream":0,"l3_proto":"ip4","src_ip":"95.237.48.208","dst_ip":"192.168.2.110","src_port":59791,"dst_port":6900,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00125{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":4551,"source":"vnc.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 4551/4551 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 173334 bytes +~~ total detected protocols..: 2 +~~ total active/idle flows...: 2/2 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4959310 bytes +~~ total memory freed........: 4959310 bytes +~~ total allocations/frees...: 62914/62914 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/wa_video.pcap.out b/test/results/wa_video.pcap.out index 0cef5f944..5f492640e 100644 --- a/test/results/wa_video.pcap.out +++ b/test/results/wa_video.pcap.out @@ -135,3 +135,14 @@ 00508{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1567,"source":"wa_video.pcap","alias":"nDPId-test","flow_id":2,"flow_packet_id":133,"flow_first_seen":1561455767339,"flow_last_seen":1561455795283,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":1388,"flow_tot_l4_payload_len":11742,"flow_avg_l4_payload_len":88,"midstream":1,"l3_proto":"ip4","src_ip":"192.168.2.12","dst_ip":"157.240.20.53","src_port":49355,"dst_port":5222,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00503{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1567,"source":"wa_video.pcap","alias":"nDPId-test","flow_id":11,"flow_packet_id":18,"flow_first_seen":1561455781247,"flow_last_seen":1561455791996,"flow_min_l4_payload_len":44,"flow_max_l4_payload_len":44,"flow_tot_l4_payload_len":792,"flow_avg_l4_payload_len":44,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.2.12","dst_ip":"1.60.78.64","src_port":53688,"dst_port":59491,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00130{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":1567,"source":"wa_video.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 1567/1567 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 907707 bytes +~~ total detected protocols..: 14 +~~ total active/idle flows...: 15/15 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 5290270 bytes +~~ total memory freed........: 5290270 bytes +~~ total allocations/frees...: 60030/60030 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/wa_voice.pcap.out b/test/results/wa_voice.pcap.out index 3a2329bee..d670f5176 100644 --- a/test/results/wa_voice.pcap.out +++ b/test/results/wa_voice.pcap.out @@ -287,3 +287,14 @@ 00504{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":736,"source":"wa_voice.pcap","alias":"nDPId-test","flow_id":15,"flow_packet_id":8,"flow_first_seen":1561455706912,"flow_last_seen":1561455741419,"flow_min_l4_payload_len":44,"flow_max_l4_payload_len":126,"flow_tot_l4_payload_len":762,"flow_avg_l4_payload_len":95,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.2.12","dst_ip":"185.60.216.51","src_port":56328,"dst_port":3478,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00503{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":736,"source":"wa_voice.pcap","alias":"nDPId-test","flow_id":14,"flow_packet_id":49,"flow_first_seen":1561455706912,"flow_last_seen":1561455741419,"flow_min_l4_payload_len":2,"flow_max_l4_payload_len":284,"flow_tot_l4_payload_len":3959,"flow_avg_l4_payload_len":80,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.2.12","dst_ip":"31.13.86.48","src_port":56328,"dst_port":3478,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00129{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":736,"source":"wa_voice.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 736/734 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 145160 bytes +~~ total detected protocols..: 28 +~~ total active/idle flows...: 30/30 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 6311575 bytes +~~ total memory freed........: 6311575 bytes +~~ total allocations/frees...: 59305/59305 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/waze.pcap.out b/test/results/waze.pcap.out index 9c164a3fe..582b88a81 100644 --- a/test/results/waze.pcap.out +++ b/test/results/waze.pcap.out @@ -492,3 +492,14 @@ 00512{"flow_event_id":7,"flow_event_name":"not-detected","thread_id":0,"packet_id":597,"source":"waze.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":10,"flow_first_seen":1435587866603,"flow_last_seen":1435587898628,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":25,"flow_tot_l4_payload_len":150,"flow_avg_l4_payload_len":15,"midstream":1,"l3_proto":"ip4","src_ip":"10.16.37.157","dst_ip":"174.37.231.81","src_port":42256,"dst_port":5222,"l4_proto":"tcp","ndpi": {"proto":"Unknown","breed":"Unrated"}} 00497{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":597,"source":"waze.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":10,"flow_first_seen":1435587866603,"flow_last_seen":1435587898628,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":25,"flow_tot_l4_payload_len":150,"flow_avg_l4_payload_len":15,"midstream":1,"l3_proto":"ip4","src_ip":"10.16.37.157","dst_ip":"174.37.231.81","src_port":42256,"dst_port":5222,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00125{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":597,"source":"waze.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 597/597 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 338695 bytes +~~ total detected protocols..: 22 +~~ total active/idle flows...: 33/33 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 5203654 bytes +~~ total memory freed........: 5203654 bytes +~~ total allocations/frees...: 59147/59147 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/webex.pcap.out b/test/results/webex.pcap.out index 882a63a72..d14cd75db 100644 --- a/test/results/webex.pcap.out +++ b/test/results/webex.pcap.out @@ -917,3 +917,14 @@ 00493{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":1580,"source":"webex.pcap","alias":"nDPId-test","flow_id":30,"flow_packet_id":11,"flow_first_seen":1444570640319,"flow_last_seen":1444570652361,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":63,"flow_tot_l4_payload_len":63,"flow_avg_l4_payload_len":5,"midstream":0,"l3_proto":"ip4","src_ip":"10.8.0.1","dst_ip":"64.68.105.103","src_port":41394,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00499{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":1580,"source":"webex.pcap","alias":"nDPId-test","flow_id":38,"flow_packet_id":14,"flow_first_seen":1444570672215,"flow_last_seen":1444570673280,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":3939,"flow_tot_l4_payload_len":7463,"flow_avg_l4_payload_len":533,"midstream":0,"l3_proto":"ip4","src_ip":"10.8.0.1","dst_ip":"64.68.105.103","src_port":41419,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00127{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":1580,"source":"webex.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 1580/1580 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 811183 bytes +~~ total detected protocols..: 52 +~~ total active/idle flows...: 57/57 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 5345015 bytes +~~ total memory freed........: 5345015 bytes +~~ total allocations/frees...: 60326/60326 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/websocket.pcap.out b/test/results/websocket.pcap.out index 823bfdce7..1d6e59ebf 100644 --- a/test/results/websocket.pcap.out +++ b/test/results/websocket.pcap.out @@ -11,3 +11,14 @@ 00517{"flow_event_id":7,"flow_event_name":"not-detected","thread_id":0,"packet_id":5,"source":"websocket.pcap","alias":"nDPId-test","flow_id":2,"flow_packet_id":4,"flow_first_seen":1475155946892,"flow_last_seen":1475156008657,"flow_min_l4_payload_len":18,"flow_max_l4_payload_len":55,"flow_tot_l4_payload_len":146,"flow_avg_l4_payload_len":36,"midstream":1,"l3_proto":"ip4","src_ip":"192.168.43.1","dst_ip":"192.168.43.135","src_port":50999,"dst_port":12345,"l4_proto":"tcp","ndpi": {"proto":"Unknown","breed":"Unrated"}} 00503{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":5,"source":"websocket.pcap","alias":"nDPId-test","flow_id":2,"flow_packet_id":4,"flow_first_seen":1475155946892,"flow_last_seen":1475156008657,"flow_min_l4_payload_len":18,"flow_max_l4_payload_len":55,"flow_tot_l4_payload_len":146,"flow_avg_l4_payload_len":36,"midstream":1,"l3_proto":"ip4","src_ip":"192.168.43.1","dst_ip":"192.168.43.135","src_port":50999,"dst_port":12345,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00128{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":5,"source":"websocket.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 5/5 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 271 bytes +~~ total detected protocols..: 1 +~~ total active/idle flows...: 2/2 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4827476 bytes +~~ total memory freed........: 4827476 bytes +~~ total allocations/frees...: 58368/58368 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/wechat.pcap.out b/test/results/wechat.pcap.out index 0d757f16d..d520e6c4c 100644 --- a/test/results/wechat.pcap.out +++ b/test/results/wechat.pcap.out @@ -1308,3 +1308,14 @@ 00532{"flow_event_id":4,"flow_event_name":"guessed","thread_id":0,"packet_id":1672,"source":"wechat.pcap","alias":"nDPId-test","flow_id":21,"flow_packet_id":6,"flow_first_seen":1492167377896,"flow_last_seen":1492167468048,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":0,"flow_tot_l4_payload_len":0,"flow_avg_l4_payload_len":0,"midstream":1,"l3_proto":"ip4","src_ip":"192.168.1.103","dst_ip":"216.58.205.142","src_port":49787,"dst_port":443,"l4_proto":"tcp","ndpi": {"proto":"TLS.Google","breed":"Tracker\/Ads","category":"Web"}} 00498{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1672,"source":"wechat.pcap","alias":"nDPId-test","flow_id":21,"flow_packet_id":6,"flow_first_seen":1492167377896,"flow_last_seen":1492167468048,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":0,"flow_tot_l4_payload_len":0,"flow_avg_l4_payload_len":0,"midstream":1,"l3_proto":"ip4","src_ip":"192.168.1.103","dst_ip":"216.58.205.142","src_port":49787,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00128{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":1672,"source":"wechat.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 1672/1672 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 608968 bytes +~~ total detected protocols..: 86 +~~ total active/idle flows...: 127/127 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 5679389 bytes +~~ total memory freed........: 5679389 bytes +~~ total allocations/frees...: 61023/61023 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/weibo.pcap.out b/test/results/weibo.pcap.out index 8891d3cf7..6be04e2c4 100644 --- a/test/results/weibo.pcap.out +++ b/test/results/weibo.pcap.out @@ -343,3 +343,14 @@ 00498{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":498,"source":"weibo.pcap","alias":"nDPId-test","flow_id":21,"flow_packet_id":2,"flow_first_seen":1463089073287,"flow_last_seen":1463089073760,"flow_min_l4_payload_len":35,"flow_max_l4_payload_len":115,"flow_tot_l4_payload_len":150,"flow_avg_l4_payload_len":75,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.1.105","dst_ip":"192.168.1.1","src_port":50640,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00484{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":498,"source":"weibo.pcap","alias":"nDPId-test","flow_id":29,"flow_packet_id":1,"flow_first_seen":1463089073394,"flow_last_seen":0,"flow_min_l4_payload_len":35,"flow_max_l4_payload_len":35,"flow_tot_l4_payload_len":35,"flow_avg_l4_payload_len":35,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.1.105","dst_ip":"192.168.1.1","src_port":11798,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00126{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":498,"source":"weibo.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 498/498 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 250623 bytes +~~ total detected protocols..: 23 +~~ total active/idle flows...: 44/44 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4973897 bytes +~~ total memory freed........: 4973897 bytes +~~ total allocations/frees...: 59014/59014 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/whatsapp_login_call.pcap.out b/test/results/whatsapp_login_call.pcap.out index ea785634f..82eab2c18 100644 --- a/test/results/whatsapp_login_call.pcap.out +++ b/test/results/whatsapp_login_call.pcap.out @@ -551,3 +551,14 @@ 00517{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":1253,"source":"whatsapp_login_call.pcap","alias":"nDPId-test","flow_id":17,"flow_packet_id":53,"flow_first_seen":1432582230648,"flow_last_seen":1432582264928,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":1440,"flow_tot_l4_payload_len":15484,"flow_avg_l4_payload_len":292,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.2.4","dst_ip":"17.173.66.102","src_port":49204,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00517{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1253,"source":"whatsapp_login_call.pcap","alias":"nDPId-test","flow_id":63,"flow_packet_id":32,"flow_first_seen":1432582355253,"flow_last_seen":1432582356195,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":1440,"flow_tot_l4_payload_len":7941,"flow_avg_l4_payload_len":248,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.2.4","dst_ip":"17.173.66.102","src_port":49205,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00141{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":1253,"source":"whatsapp_login_call.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 1253/1251 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 150492 bytes +~~ total detected protocols..: 40 +~~ total active/idle flows...: 63/63 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 5658704 bytes +~~ total memory freed........: 5658704 bytes +~~ total allocations/frees...: 59883/59883 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/whatsapp_login_chat.pcap.out b/test/results/whatsapp_login_chat.pcap.out index 38d9478ce..42c822a54 100644 --- a/test/results/whatsapp_login_chat.pcap.out +++ b/test/results/whatsapp_login_chat.pcap.out @@ -80,3 +80,14 @@ 00540{"flow_event_id":4,"flow_event_name":"guessed","thread_id":0,"packet_id":93,"source":"whatsapp_login_chat.pcap","alias":"nDPId-test","flow_id":4,"flow_packet_id":44,"flow_first_seen":1432582381179,"flow_last_seen":1432582385071,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":1440,"flow_tot_l4_payload_len":18995,"flow_avg_l4_payload_len":431,"midstream":1,"l3_proto":"ip4","src_ip":"192.168.2.4","dst_ip":"17.173.66.102","src_port":49205,"dst_port":443,"l4_proto":"tcp","ndpi": {"proto":"TLS.Apple","breed":"Safe","category":"Web"}} 00515{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":93,"source":"whatsapp_login_chat.pcap","alias":"nDPId-test","flow_id":4,"flow_packet_id":44,"flow_first_seen":1432582381179,"flow_last_seen":1432582385071,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":1440,"flow_tot_l4_payload_len":18995,"flow_avg_l4_payload_len":431,"midstream":1,"l3_proto":"ip4","src_ip":"192.168.2.4","dst_ip":"17.173.66.102","src_port":49205,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00139{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":93,"source":"whatsapp_login_chat.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 93/93 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 26955 bytes +~~ total detected protocols..: 8 +~~ total active/idle flows...: 10/10 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4857292 bytes +~~ total memory freed........: 4857292 bytes +~~ total allocations/frees...: 58481/58481 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/whatsapp_voice_and_message.pcap.out b/test/results/whatsapp_voice_and_message.pcap.out index bb1b5f5a4..0e836fd72 100644 --- a/test/results/whatsapp_voice_and_message.pcap.out +++ b/test/results/whatsapp_voice_and_message.pcap.out @@ -158,3 +158,14 @@ 00550{"flow_event_id":4,"flow_event_name":"guessed","thread_id":0,"packet_id":261,"source":"whatsapp_voice_and_message.pcap","alias":"nDPId-test","flow_id":12,"flow_packet_id":52,"flow_first_seen":1432820681899,"flow_last_seen":1432820691973,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":254,"flow_tot_l4_payload_len":1783,"flow_avg_l4_payload_len":34,"midstream":0,"l3_proto":"ip4","src_ip":"10.8.0.1","dst_ip":"158.85.58.109","src_port":49721,"dst_port":5222,"l4_proto":"tcp","ndpi": {"proto":"WhatsApp","breed":"Acceptable","category":"Chat"}} 00518{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":261,"source":"whatsapp_voice_and_message.pcap","alias":"nDPId-test","flow_id":12,"flow_packet_id":52,"flow_first_seen":1432820681899,"flow_last_seen":1432820691973,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":254,"flow_tot_l4_payload_len":1783,"flow_avg_l4_payload_len":34,"midstream":0,"l3_proto":"ip4","src_ip":"10.8.0.1","dst_ip":"158.85.58.109","src_port":49721,"dst_port":5222,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00147{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":261,"source":"whatsapp_voice_and_message.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 261/261 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 19181 bytes +~~ total detected protocols..: 8 +~~ total active/idle flows...: 13/13 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4883924 bytes +~~ total memory freed........: 4883924 bytes +~~ total allocations/frees...: 58662/58662 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/whatsappfiles.pcap.out b/test/results/whatsappfiles.pcap.out index 730f7f235..3ace1edaa 100644 --- a/test/results/whatsappfiles.pcap.out +++ b/test/results/whatsappfiles.pcap.out @@ -39,3 +39,14 @@ 00512{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":620,"source":"whatsappfiles.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":310,"flow_first_seen":1519924083411,"flow_last_seen":1519924193429,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":1398,"flow_tot_l4_payload_len":183524,"flow_avg_l4_payload_len":592,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.2.29","dst_ip":"185.60.216.53","src_port":49674,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00513{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":620,"source":"whatsappfiles.pcap","alias":"nDPId-test","flow_id":2,"flow_packet_id":310,"flow_first_seen":1519924240121,"flow_last_seen":1519924247388,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":1398,"flow_tot_l4_payload_len":226819,"flow_avg_l4_payload_len":731,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.2.29","dst_ip":"185.60.216.53","src_port":49698,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00134{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":620,"source":"whatsappfiles.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 620/620 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 431135 bytes +~~ total detected protocols..: 2 +~~ total active/idle flows...: 2/2 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4851760 bytes +~~ total memory freed........: 4851760 bytes +~~ total allocations/frees...: 58995/58995 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/wireguard.pcap.out b/test/results/wireguard.pcap.out index 2e5b755c6..c47d14056 100644 --- a/test/results/wireguard.pcap.out +++ b/test/results/wireguard.pcap.out @@ -18,3 +18,14 @@ 00525{"flow_id":1,"flow_packet_id":15,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":15,"source":"wireguard.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1563973555,"pkt_ts_usec":59830,"pkt_caplen":138,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":138,"pkt_l4_len":104,"pkt":"OCxKuzMdABAY3q0FCABFAAB8FrAAADURYcuLosCdwKgADspsjRQAaH8xBAAAAL5AaY1zAAAAAAAAAKsmGYGKi6UV\/ABoO1rTU3erm9HJ6ajuCHhNTr+BNzOxxDMpzZpoj4pN4xXAtWKi+3K8fQ4EuV95kwtHAB1+WdN92q42fF3e2HUsuFze7Je7"} 00516{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2399,"source":"wireguard.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":2399,"flow_first_seen":1563973554628,"flow_last_seen":1563973935842,"flow_min_l4_payload_len":32,"flow_max_l4_payload_len":1362,"flow_tot_l4_payload_len":633424,"flow_avg_l4_payload_len":264,"midstream":0,"l3_proto":"ip4","src_ip":"139.162.192.157","dst_ip":"192.168.0.14","src_port":51820,"dst_port":36116,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00131{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":2399,"source":"wireguard.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 2399/2399 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 652616 bytes +~~ total detected protocols..: 1 +~~ total active/idle flows...: 1/1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4889654 bytes +~~ total memory freed........: 4889654 bytes +~~ total allocations/frees...: 60757/60757 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/youtube_quic.pcap.out b/test/results/youtube_quic.pcap.out index ea25c1cca..c20142203 100644 --- a/test/results/youtube_quic.pcap.out +++ b/test/results/youtube_quic.pcap.out @@ -52,3 +52,14 @@ 00509{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":289,"source":"youtube_quic.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":13,"flow_first_seen":1489363823466,"flow_last_seen":1489363824024,"flow_min_l4_payload_len":30,"flow_max_l4_payload_len":1350,"flow_tot_l4_payload_len":3933,"flow_avg_l4_payload_len":302,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.1.7","dst_ip":"216.58.205.66","src_port":54997,"dst_port":443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00509{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":289,"source":"youtube_quic.pcap","alias":"nDPId-test","flow_id":3,"flow_packet_id":18,"flow_first_seen":1489363824401,"flow_last_seen":1489363824840,"flow_min_l4_payload_len":27,"flow_max_l4_payload_len":1350,"flow_tot_l4_payload_len":7909,"flow_avg_l4_payload_len":439,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.1.7","dst_ip":"216.58.205.66","src_port":53859,"dst_port":443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00133{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":289,"source":"youtube_quic.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 289/289 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 181813 bytes +~~ total detected protocols..: 3 +~~ total active/idle flows...: 3/3 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4834912 bytes +~~ total memory freed........: 4834912 bytes +~~ total allocations/frees...: 58656/58656 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/youtubeupload.pcap.out b/test/results/youtubeupload.pcap.out index 64d461166..a4451aa5d 100644 --- a/test/results/youtubeupload.pcap.out +++ b/test/results/youtubeupload.pcap.out @@ -54,3 +54,14 @@ 00516{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":137,"source":"youtubeupload.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":100,"flow_first_seen":1511102576794,"flow_last_seen":1511102580286,"flow_min_l4_payload_len":16,"flow_max_l4_payload_len":1350,"flow_tot_l4_payload_len":102276,"flow_avg_l4_payload_len":1022,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.2.27","dst_ip":"172.217.23.111","src_port":51925,"dst_port":443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00513{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":137,"source":"youtubeupload.pcap","alias":"nDPId-test","flow_id":3,"flow_packet_id":24,"flow_first_seen":1511102578051,"flow_last_seen":1511102594936,"flow_min_l4_payload_len":18,"flow_max_l4_payload_len":1350,"flow_tot_l4_payload_len":14106,"flow_avg_l4_payload_len":587,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.2.27","dst_ip":"172.217.23.111","src_port":62232,"dst_port":443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00134{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":137,"source":"youtubeupload.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 137/137 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 122362 bytes +~~ total detected protocols..: 3 +~~ total active/idle flows...: 3/3 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4840768 bytes +~~ total memory freed........: 4840768 bytes +~~ total allocations/frees...: 58522/58522 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/zabbix.pcap.out b/test/results/zabbix.pcap.out index 5d617179c..16c50cac7 100644 --- a/test/results/zabbix.pcap.out +++ b/test/results/zabbix.pcap.out @@ -13,3 +13,14 @@ 00423{"flow_id":1,"flow_packet_id":10,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":10,"source":"zabbix.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1572254070,"pkt_ts_usec":614852,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"pkt":"OjUSPEK7RoQclwmZCABFAAA0t4lAAEAGe27AqEMZwKhDYidC30pw8Xh2cAHR7YAQAONpGAAAAQEICit9Rf0rwjXV"} 00498{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":10,"source":"zabbix.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":10,"flow_first_seen":1572254070608,"flow_last_seen":1572254070614,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":23,"flow_tot_l4_payload_len":39,"flow_avg_l4_payload_len":3,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.67.98","dst_ip":"192.168.67.25","src_port":57162,"dst_port":10050,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00126{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":10,"source":"zabbix.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 10/10 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 375 bytes +~~ total detected protocols..: 1 +~~ total active/idle flows...: 1/1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4820373 bytes +~~ total memory freed........: 4820373 bytes +~~ total allocations/frees...: 58368/58368 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/zcash.pcap.out b/test/results/zcash.pcap.out index df9fdb3b0..02897cbe6 100644 --- a/test/results/zcash.pcap.out +++ b/test/results/zcash.pcap.out @@ -18,3 +18,14 @@ 00509{"flow_id":1,"flow_packet_id":15,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":15,"source":"zcash.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1514196116,"pkt_ts_usec":444796,"pkt_caplen":129,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":129,"pkt_l4_len":95,"pkt":"cIXCQA64fmgbW\/gUCABFAABzzTpAADMGQEyyIMTZwKgCXCNa15Yj5r7UgJ4CY4AYADmIgwAAAQEICuyFhZdPjtFDeyJpZCI6MSwianNvbnJwYyI6IjIuMCIsImVycm9yIjpudWxsLCJyZXN1bHQiOnsic3RhdHVzIjoiT0sifX0K"} 00504{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":145,"source":"zcash.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":145,"flow_first_seen":1514196094240,"flow_last_seen":1514197248783,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":303,"flow_tot_l4_payload_len":11022,"flow_avg_l4_payload_len":76,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.2.92","dst_ip":"178.32.196.217","src_port":55190,"dst_port":9050,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00126{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":145,"source":"zcash.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 145/145 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 15714 bytes +~~ total detected protocols..: 1 +~~ total active/idle flows...: 1/1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 4834544 bytes +~~ total memory freed........: 4834544 bytes +~~ total allocations/frees...: 58506/58506 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/results/zoom.pcap.out b/test/results/zoom.pcap.out index 708c878f0..cf2139b7a 100644 --- a/test/results/zoom.pcap.out +++ b/test/results/zoom.pcap.out @@ -362,3 +362,14 @@ 00505{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":700,"source":"zoom.pcap","alias":"nDPId-test","flow_id":30,"flow_packet_id":210,"flow_first_seen":1569520471189,"flow_last_seen":1569520473190,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":1440,"flow_tot_l4_payload_len":57752,"flow_avg_l4_payload_len":275,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.1.117","dst_ip":"109.94.160.99","src_port":54871,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00495{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":700,"source":"zoom.pcap","alias":"nDPId-test","flow_id":20,"flow_packet_id":2,"flow_first_seen":1569520469984,"flow_last_seen":1569520470021,"flow_min_l4_payload_len":30,"flow_max_l4_payload_len":46,"flow_tot_l4_payload_len":76,"flow_avg_l4_payload_len":38,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.1.117","dst_ip":"192.168.1.1","src_port":62988,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00125{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":700,"source":"zoom.pcap","alias":"nDPId-test"} +~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ +~~ packets captured/processed: 700/697 +~~ skipped flows.............: 0 +~~ total layer4 data length..: 345098 bytes +~~ total detected protocols..: 29 +~~ total active/idle flows...: 33/33 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +~~ total memory allocated....: 5164207 bytes +~~ total memory freed........: 5164207 bytes +~~ total allocations/frees...: 59236/59236 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/test/run_tests.sh b/test/run_tests.sh index f9612ba90..a97ec52fa 100755 --- a/test/run_tests.sh +++ b/test/run_tests.sh @@ -90,7 +90,7 @@ for pcap_file in *.pcap *.pcapng *.cap; do printf "%-${LINE_SPACES}s\t" "${pcap_file}" - ${nDPId_test_EXEC} "${pcap_file}" \ + PRINT_SUMMARY=y ${nDPId_test_EXEC} "${pcap_file}" \ >"${MYDIR}/results/${pcap_file}.out.new" \ 2>>"/tmp/nDPId-test-stderr/${pcap_file}.out" nDPId_test_RETVAL=$? @@ -155,7 +155,8 @@ function validate_results() return 0 fi - cat "${result_file}" | ${NETCAT_EXEC} & + # Note that the grep command is required as we generate a summary in the results file. (PRINT_SUMMARY=y) + cat "${result_file}" | grep -vE '^~~.*$' | ${NETCAT_EXEC} & nc_pid=$! printf '%s\n' "-- ${validator_exec}" >>"/tmp/nDPId-test-stderr/${pcap_file}.out" ${validator_exec} 2>>"/tmp/nDPId-test-stderr/${pcap_file}.out" |