aboutsummaryrefslogtreecommitdiff
path: root/test/results/default/ethernetIP.pcap.out
diff options
context:
space:
mode:
authorToni Uhlig <matzeton@googlemail.com>2023-11-08 17:07:20 +0100
committerToni Uhlig <matzeton@googlemail.com>2023-11-08 17:07:20 +0100
commitb667f9e1daa913acddb0bf2117651481d788fdf8 (patch)
treeba30ba11c159888e5cac8adb2747df0562849342 /test/results/default/ethernetIP.pcap.out
parent55c8a848d3ee160c2b4630180b62d534c2b70788 (diff)
Forcefully reset `NDPI_UNIDIRECTIONAL_TRAFFIC` if classification was done after the first packet. Nonsense.
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
Diffstat (limited to 'test/results/default/ethernetIP.pcap.out')
-rw-r--r--test/results/default/ethernetIP.pcap.out8
1 files changed, 4 insertions, 4 deletions
diff --git a/test/results/default/ethernetIP.pcap.out b/test/results/default/ethernetIP.pcap.out
index b8fa2a0a1..d99dd8fa0 100644
--- a/test/results/default/ethernetIP.pcap.out
+++ b/test/results/default/ethernetIP.pcap.out
@@ -2,12 +2,12 @@
00629{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":1,"source":"cfgs\/default\/pcap\/ethernetIP.pcap","alias":"nDPId-test","version":"1.5.0","ndpi_version":"4.9.0-4361-0db12b13","packets-captured":1,"packets-processed":0,"total-skipped-flows":0,"total-l4-payload-len":0,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":0,"total-detection-updates":0,"total-updates":0,"current-active-flows":0,"total-active-flows":0,"total-idle-flows":0,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2,"global_ts_usec":1352718180263865}
00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1,"source":"cfgs\/default\/pcap\/ethernetIP.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1352718180263865,"flow_src_last_pkt_time":1352718180263865,"flow_dst_last_pkt_time":1352718180263865,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":82,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":82,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":82,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1352718180263865,"l3_proto":"ip4","src_ip":"141.81.0.10","dst_ip":"141.81.0.83","src_port":50275,"dst_port":44818,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00642{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1,"source":"cfgs\/default\/pcap\/ethernetIP.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":1,"flow_src_last_pkt_time":1352718180263865,"flow_dst_last_pkt_time":1352718180263865,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":136,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":136,"pkt_l4_len":102,"thread_ts_usec":1352718180263865,"pkt":"AAC80WDaeOfR4AJeCABFAAB6cCZAAIAGAACNUQAKjVEAU8RjrxLdiI2HlJVDUVAY+XQbbAAAcAA6AAABAhAAAAAAGjkvAAAAAAAAAAAAAAAAAAoAAgChAAQACRM1ALEAJgDkagoCIAIkAQIABgASAEwCIHIkAADOBAABAEwCIHIkACw9BAABAA=="}
-01059{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1,"source":"cfgs\/default\/pcap\/ethernetIP.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1352718180263865,"flow_src_last_pkt_time":1352718180263865,"flow_dst_last_pkt_time":1352718180263865,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":82,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":82,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":82,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1352718180263865,"l3_proto":"ip4","src_ip":"141.81.0.10","dst_ip":"141.81.0.83","src_port":50275,"dst_port":44818,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"EthernetIP","proto_id":"278","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}}
+00934{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1,"source":"cfgs\/default\/pcap\/ethernetIP.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1352718180263865,"flow_src_last_pkt_time":1352718180263865,"flow_dst_last_pkt_time":1352718180263865,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":82,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":82,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":82,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1352718180263865,"l3_proto":"ip4","src_ip":"141.81.0.10","dst_ip":"141.81.0.83","src_port":50275,"dst_port":44818,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"EthernetIP","proto_id":"278","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}}
00535{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2,"source":"cfgs\/default\/pcap\/ethernetIP.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":2,"flow_src_last_pkt_time":1352718180263865,"flow_dst_last_pkt_time":1352718180264941,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":60,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":60,"pkt_l4_len":20,"thread_ts_usec":1352718180264941,"pkt":"eOfR4AJeAAC80WDaCABFAAAowW9AAEAGXmGNUQBTjVEACq8SxGOUlUNR3YiN2VAQD8bOTwAAAAAAAI1R"}
02146{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3,"source":"cfgs\/default\/pcap\/ethernetIP.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":3,"flow_src_last_pkt_time":1352718180264969,"flow_dst_last_pkt_time":1352718180264941,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":1258,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1258,"pkt_l4_len":1224,"thread_ts_usec":1352718180264969,"pkt":"AAC80WDaeOfR4AJeCABFAATccChAAIAGAACNUQAKjVEAU8RjrxLdiI3ZlJVDUVAY+XQfzgAAcAAsAAABAhAAAAAAGzkvAAAAAAAAAAAAAAAAAAoAAgChAAQAChU1ALEAGACvuAoCIAIkAQEABABMAiByJAAEggYAAQBwADoAAAECEAAAAAAcOS8AAAAAAAAAAAAAAAAACgACAKEABAAFCzUAsQAmAHuyCgIgAiQBAgAGABIATAIgciQAGLcEAAEATAIgciQAvFQGAAEAcAAsAAABAhAAAAAAHTkvAAAAAAAAAAAAAAAAAAoAAgChAAQABg01ALEAGAAHpAoCIAIkAQEABABMAiByJAAEggYAAQBwAKoAAAECEAAAAAAeOS8AAAAAAAAAAAAAAAAACgACAKEABAABAzUAsQCWABkzCgIgAiQBCgAWACIALgA6AEYAUgBeAGoAdgCCAEwCIHIkAHR\/BwABAEwCIHIkANiMBAABAEwCIHIkAITEBAABAEwCIHIkAAznBQABAEwCIHIkABh0BwABAEwCIHIkADS+BgABAEwCIHIkABDjBAABAEwCIHIkADQ\/BgABAEwCIHIkADS8BQABAEwCIHIkADTGBgABAHAA4gAAAQIQAAAAAB85LwAAAAAAAAAAAAAAAAAKAAIAoQAEAAIFNQCxAM4AoxkKAiACJAEOAB4AKgA2AEIATgBaAGYAcgB+AIoAlgCiAK4AugBMAiByJACUpgQAAQBMAiByJABAoQYAAQBMAiByJADc\/QUAAQBMAiByJAD0hgUABgBMAiByJAAs5QUAAQBMAiByJACYFAcAAQBMAiByJACkkwYAAQBMAiByJABstwQABABMAiByJAA8cgQAAQBMAiByJAC8oAQAAQBMAiByJABQpQUAAQBMAiByJABY4wQAAQBMAiByJAC4xwcAAwBMAiByJAC0zwQAAQBwACwAAAECEAAAAAAgOS8AAAAAAAAAAAAAAAAACgACAKEABAADBzUAsQAYAHenCgIgAiQBAQAEAEwCIHIkAGiiBwAJAHAAwgEAAQIQAAAAACE5LwAAAAAAAAAAAAAAAAAKAAIAoQAEAAQJNQCxAK4Bf58KAiACJAEeAD4ASgBWAGIAbgB6AIYAkgCeAKoAtgDCAM4A2gDmAPIA\/gAKARYBIgEuAToBRgFSAV4BagF2AYIBjgGaAUwCIHIkAIx0BwABAEwCIHIkAKiiBwABAEwCIHIkAJg0BAABAEwCIHIkADgxBwABAEwCIHIkAChvBgABAEwCIHIkACiNBgABAEwCIHIkAAgQBgABAEwCIHIkANRpBwABAEwCIHIkAEB1BgABAEwCIHIkAPQcBgABAEwCIHIkAOwZBgABAEwCIHIkAIizBwABAEwCIHIkAOQgBgABAEwCIHIkAMgaBgABAEwCIHIkAGQ5BwABAEwCIHIkADi\/BgABAEwCIHIkACivBQABAEwCIHIkABwhBgABAEwCIHIkAEj1BQABAEwCIHIkAFT1BgABAEwCIHIkAAA8BgABAEwCIHIkAMRfBwABAEwCIHIkALCqBQABAEwCIHIkAKC1BgABAEwCIHIkAMT8BwABAEwCIHIkAMB0BgABAEwCIHIkAEzoBwABAEwCIHIkAGguBAABAEwCIHIkAHyvBQABAEwCIHIkALwJBgABAA=="}
00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":4,"source":"cfgs\/default\/pcap\/ethernetIP.pcap","alias":"nDPId-test","flow_id":2,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1352718180265384,"flow_src_last_pkt_time":1352718180265384,"flow_dst_last_pkt_time":1352718180265384,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":72,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":72,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":72,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1352718180265384,"l3_proto":"ip4","src_ip":"141.81.0.63","dst_ip":"141.81.0.10","src_port":44818,"dst_port":52593,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00626{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":4,"source":"cfgs\/default\/pcap\/ethernetIP.pcap","alias":"nDPId-test","flow_id":2,"flow_packet_id":1,"flow_src_last_pkt_time":1352718180265384,"flow_dst_last_pkt_time":1352718180265384,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":126,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":126,"pkt_l4_len":92,"thread_ts_usec":1352718180265384,"pkt":"eOfR4AJeAAC8x85WCABFAABwk1RAAEAGjEiNUQA\/jVEACq8SzXF9dCfmE+ef0VAYEACJaQAAcAAwAAAFAhMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgChAAQAncYAgLEAHAAzNYoAAAACAAYADgDMAAAAAQAAAMwAAAAFAAAA"}
-01059{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":4,"source":"cfgs\/default\/pcap\/ethernetIP.pcap","alias":"nDPId-test","flow_id":2,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1352718180265384,"flow_src_last_pkt_time":1352718180265384,"flow_dst_last_pkt_time":1352718180265384,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":72,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":72,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":72,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1352718180265384,"l3_proto":"ip4","src_ip":"141.81.0.63","dst_ip":"141.81.0.10","src_port":44818,"dst_port":52593,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"EthernetIP","proto_id":"278","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}}
+00934{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":4,"source":"cfgs\/default\/pcap\/ethernetIP.pcap","alias":"nDPId-test","flow_id":2,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1352718180265384,"flow_src_last_pkt_time":1352718180265384,"flow_dst_last_pkt_time":1352718180265384,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":72,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":72,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":72,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1352718180265384,"l3_proto":"ip4","src_ip":"141.81.0.63","dst_ip":"141.81.0.10","src_port":44818,"dst_port":52593,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"EthernetIP","proto_id":"278","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}}
00976{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":5,"source":"cfgs\/default\/pcap\/ethernetIP.pcap","alias":"nDPId-test","flow_id":2,"flow_packet_id":2,"flow_src_last_pkt_time":1352718180265384,"flow_dst_last_pkt_time":1352718180265435,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":386,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":386,"pkt_l4_len":352,"thread_ts_usec":1352718180265435,"pkt":"AAC8x85WeOfR4AJeCABFAAF0cCpAAIAGAACNUQAKjVEAP81xrxIT55\/RfXQoLlAY9kIcUgAAcAA6AAAFAhMAAAAAZsC+AAAAAAAAAAAAAAAAAAoAAgChAAQABy8uALEAJgDoRwoCIAIkAQIABgASAEwCIHIkABi3BAABAEwCIHIkADxUBgABAHAA4gAABQITAAAAAGfAvgAAAAAAAAAAAAAAAAAKAAIAoQAEAAMnLgCxAM4AUkkKAiACJAEOAB4AKgA2AEIATgBaAGYAcgB+AIoAlgCiAK4AugBMAiByJACUpgQAAQBMAiByJABEoQYAAQBMAiByJABc\/QUAAQBMAiByJAB0hgUABgBMAiByJACs5AUAAQBMAiByJACcFAcAAQBMAiByJACokwYAAQBMAiByJABstwQABABMAiByJAA8cgQAAQBMAiByJAC8oAQAAQBMAiByJADQpAUAAQBMAiByJABY4wQAAQBMAiByJAC8xwcAAwBMAiByJAC0zwQAAQA="}
00536{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":6,"source":"cfgs\/default\/pcap\/ethernetIP.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":4,"flow_src_last_pkt_time":1352718180264969,"flow_dst_last_pkt_time":1352718180267354,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":60,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":60,"pkt_l4_len":20,"thread_ts_usec":1352718180267354,"pkt":"eOfR4AJeAAC80WDaCABFAAAowXBAAEAGXmCNUQBTjVEACq8SxGOUlUNR3YiSjVAQC2TN\/QAAAAAAAI1R"}
00626{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":7,"source":"cfgs\/default\/pcap\/ethernetIP.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":5,"flow_src_last_pkt_time":1352718180264969,"flow_dst_last_pkt_time":1352718180268264,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":126,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":126,"pkt_l4_len":92,"thread_ts_usec":1352718180268264,"pkt":"eOfR4AJeAAC80WDaCABFAABwwXFAAEAGXheNUQBTjVEACq8SxGOUlUNR3YiSjVAYC5C8jwAAcAAwAAABAhAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgChAAQA1\/EAgLEAHADkaooAAAACAAYADgDMAAAAAQAAAMwAAAAFAAAA"}
@@ -16,13 +16,13 @@
00528{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":10,"source":"cfgs\/default\/pcap\/ethernetIP.pcap","alias":"nDPId-test","flow_id":2,"flow_packet_id":5,"flow_src_last_pkt_time":1352718180277875,"flow_dst_last_pkt_time":1352718180277922,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":1352718180277922,"pkt":"AAC8x85WeOfR4AJeCABFAAAocCtAAIAGAACNUQAKjVEAP81xrxIT56EdfXQpXlAQ+vAbBgAA"}
00782{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":33,"source":"cfgs\/default\/pcap\/ethernetIP.pcap","alias":"nDPId-test","flow_id":3,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1352718180390103,"flow_src_last_pkt_time":1352718180390103,"flow_dst_last_pkt_time":1352718180390103,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":194,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":194,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":194,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1352718180390103,"l3_proto":"ip4","src_ip":"141.81.0.10","dst_ip":"141.81.0.43","src_port":52594,"dst_port":44818,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00791{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":33,"source":"cfgs\/default\/pcap\/ethernetIP.pcap","alias":"nDPId-test","flow_id":3,"flow_packet_id":1,"flow_src_last_pkt_time":1352718180390103,"flow_dst_last_pkt_time":1352718180390103,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":248,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":248,"pkt_l4_len":214,"thread_ts_usec":1352718180390103,"pkt":"AAC8X0j6eOfR4AJeCABFAADqcEVAAIAGAACNUQAKjVEAK81yrxIurdArV0tI1VAY+M4btAAAcACqAAAEAhAAAAAAVgG6AAAAAAAAAAAAAAAAAAoAAgChAAQAASuWALEAlgBI5QoCIAIkAQoAFgAiAC4AOgBGAFIAXgBqAHYAggBMAiByJABI8gcAAQBMAiByJAAY8QQAAQBMAiByJABUPgUAAQBMAiByJAB42QcAAQBMAiByJAC8YQYAAQBMAiByJAAgzgQAAQBMAiByJAC8LgUAAQBMAiByJACcBgQAAQBMAiByJACwAQYAAQBMAiByJAD8DwQAAQA="}
-01063{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":33,"source":"cfgs\/default\/pcap\/ethernetIP.pcap","alias":"nDPId-test","flow_id":3,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1352718180390103,"flow_src_last_pkt_time":1352718180390103,"flow_dst_last_pkt_time":1352718180390103,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":194,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":194,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":194,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1352718180390103,"l3_proto":"ip4","src_ip":"141.81.0.10","dst_ip":"141.81.0.43","src_port":52594,"dst_port":44818,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"EthernetIP","proto_id":"278","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}}
+00938{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":33,"source":"cfgs\/default\/pcap\/ethernetIP.pcap","alias":"nDPId-test","flow_id":3,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1352718180390103,"flow_src_last_pkt_time":1352718180390103,"flow_dst_last_pkt_time":1352718180390103,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":194,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":194,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":194,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1352718180390103,"l3_proto":"ip4","src_ip":"141.81.0.10","dst_ip":"141.81.0.43","src_port":52594,"dst_port":44818,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"EthernetIP","proto_id":"278","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}}
00736{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":34,"source":"cfgs\/default\/pcap\/ethernetIP.pcap","alias":"nDPId-test","flow_id":3,"flow_packet_id":2,"flow_src_last_pkt_time":1352718180390103,"flow_dst_last_pkt_time":1352718180392743,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":206,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":206,"pkt_l4_len":172,"thread_ts_usec":1352718180392743,"pkt":"eOfR4AJeAAC8X0j6CABFAADAqJJAAEAGds6NUQArjVEACq8SzXJXS0jVLq3Q7VAYEAA2UAAAcACAAAAEAhAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgChAAQApcYAgLEAbABI5YoAAAAKABYAHgAmAC4ANgA+AEYATgBWAF4AzAAAAGC0GD\/MAAAAM1O1QswAAAC1P4xBzAAAAAAAAADMAAAAYLQYP8wAAAAAAKBAzAAAAAAAAEDMAAAAAAAAAMwAAAAAAAAAzAAAAAAAAAA="}
01163{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":35,"source":"cfgs\/default\/pcap\/ethernetIP.pcap","alias":"nDPId-test","flow_id":3,"flow_packet_id":3,"flow_src_last_pkt_time":1352718180392878,"flow_dst_last_pkt_time":1352718180392743,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":528,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":528,"pkt_l4_len":494,"thread_ts_usec":1352718180392878,"pkt":"AAC8X0j6eOfR4AJeCABFAAICcEdAAIAGAACNUQAKjVEAK81yrxIurdDtV0tJbVAY+DYczAAAcADCAQAEAhAAAAAAVwG6AAAAAAAAAAAAAAAAAAoAAgChAAQAAi2WALEArgFJUwoCIAIkAR4APgBKAFYAYgBuAHoAhgCSAJ4AqgC2AMIAzgDaAOYA8gD+AAoBFgEiAS4BOgFGAVIBXgFqAXYBggGOAZoBTAIgciQALBwHAAEATAIgciQA0BsGAAEATAIgciQAsBQHAAEATAIgciQA3PMHAAEATAIgciQAnDYFAAEATAIgciQAvAcHAAEATAIgciQAkNEFAAEATAIgciQAAH8HAAEATAIgciQATCMGAAEATAIgciQAOEkGAAEATAIgciQALIcEAAEATAIgciQAALQFAAEATAIgciQAqHwFAAEATAIgciQATJYHAAEATAIgciQAaBgHAAEATAIgciQA3PsGAAEATAIgciQATLwGAAEATAIgciQAGB0IAAEATAIgciQAcFMHAAEATAIgciQAvIMFAAEATAIgciQAvBkGAAEATAIgciQAOJQFAAEATAIgciQATLEFAAEATAIgciQA9HoGAAEATAIgciQApPIGAAEATAIgciQAFIEEAAEATAIgciQA2PAEAAEATAIgciQA+FMGAAEATAIgciQA2PUGAAEATAIgciQApF8HAAEA"}
01003{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":36,"source":"cfgs\/default\/pcap\/ethernetIP.pcap","alias":"nDPId-test","flow_id":3,"flow_packet_id":4,"flow_src_last_pkt_time":1352718180392878,"flow_dst_last_pkt_time":1352718180396360,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":406,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":406,"pkt_l4_len":372,"thread_ts_usec":1352718180396360,"pkt":"eOfR4AJeAAC8X0j6CABFAAGIqJNAAEAGdgWNUQArjVEACq8SzXJXS0ltLq3Sx1AYEAC7AgAAcABIAQAEAhAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgChAAQAp8YAgLEANAFJU4oAAAAeAD4ARgBOAFYAXgBmAG4AdgB+AIYAjgCWAJ4ApgCuALYAvgDGAM4A1gDeAOYA7gD2AP4ABgEOARYBHgEmAcwAAAAAAAAAzAAAAAAAAADMAAAAAQAAAMwAAAAAAAAAzAAAAAAAAADMAAAAAQAAAMwAAAAAAAAAzAAAAAAAAADMAAAAAAAAAMwAAAAAAAAAzAAAAAAAAADMAAAAAAAAAMwAAAABAAAAzAAAAAEAAADMAAAAAQAAAMwAAAAAAAAAzAAAAAEAAADMAAAAAAAAAMwAAAAAAAAAzAAAAAAAAADMAAAAAAAAAMwAAAAAAAAAzAAAAAAAAADMAAAAAAAAAMwAAAAAAAAAzAAAAAAAAADMAAAAAAAAAMwAAAAAAAAAzAAAAAAAAADMAAAAAAAAAA=="}
00782{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":37,"source":"cfgs\/default\/pcap\/ethernetIP.pcap","alias":"nDPId-test","flow_id":4,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1352718180397556,"flow_src_last_pkt_time":1352718180397556,"flow_dst_last_pkt_time":1352718180397556,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":194,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":194,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":194,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1352718180397556,"l3_proto":"ip4","src_ip":"141.81.0.10","dst_ip":"141.81.0.23","src_port":62717,"dst_port":44818,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00792{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":37,"source":"cfgs\/default\/pcap\/ethernetIP.pcap","alias":"nDPId-test","flow_id":4,"flow_packet_id":1,"flow_src_last_pkt_time":1352718180397556,"flow_dst_last_pkt_time":1352718180397556,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":248,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":248,"pkt_l4_len":214,"thread_ts_usec":1352718180397556,"pkt":"AAC8X0lReOfR4AJeCABFAADqcEpAAIAGAACNUQAKjVEAF\/T9rxIm2H0TxmFi41AY9W4boAAAcACqAAABAhAAAAAAo6iTAAAAAAAAAAAAAAAAAAoAAgChAAQAAQOLALEAlgBx7AoCIAIkAQQACgAoAEYAagBODJEWTE1TX0RJU0FCTEVfMkRTQ0FOTkVSMQEAAf9ODJEWTE1TX0RJU0FCTEVfMkRTQ0FOTkVSMgEAAf9OD5EbTE1TX0RJU0FCTEVfQkFSQ09ERV9TQ0FOTkVSAAEAAP5OD5EbTE1TX1NFVFBPSU5UQ0hBTkdFX1JFQ0VJVkVEAAEAAP4="}
-01063{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":37,"source":"cfgs\/default\/pcap\/ethernetIP.pcap","alias":"nDPId-test","flow_id":4,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1352718180397556,"flow_src_last_pkt_time":1352718180397556,"flow_dst_last_pkt_time":1352718180397556,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":194,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":194,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":194,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1352718180397556,"l3_proto":"ip4","src_ip":"141.81.0.10","dst_ip":"141.81.0.23","src_port":62717,"dst_port":44818,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"EthernetIP","proto_id":"278","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}}
+00938{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":37,"source":"cfgs\/default\/pcap\/ethernetIP.pcap","alias":"nDPId-test","flow_id":4,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1352718180397556,"flow_src_last_pkt_time":1352718180397556,"flow_dst_last_pkt_time":1352718180397556,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":194,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":194,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":194,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1352718180397556,"l3_proto":"ip4","src_ip":"141.81.0.10","dst_ip":"141.81.0.23","src_port":62717,"dst_port":44818,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"EthernetIP","proto_id":"278","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}}
00634{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":38,"source":"cfgs\/default\/pcap\/ethernetIP.pcap","alias":"nDPId-test","flow_id":4,"flow_packet_id":2,"flow_src_last_pkt_time":1352718180397556,"flow_dst_last_pkt_time":1352718180400615,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":130,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":130,"pkt_l4_len":96,"thread_ts_usec":1352718180400615,"pkt":"eOfR4AJeAAC8X0lRCABFAAB0TSZAAEAG0pqNUQAXjVEACq8S9P3GYWLjJth91VAYEADGbgAAcAA0AAABAhAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgChAAQAtccAgLEAIABx7IoAAAAEAAoADgASABYAzgAAAM4AAADOAAAAzgAAAA=="}
00821{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":39,"source":"cfgs\/default\/pcap\/ethernetIP.pcap","alias":"nDPId-test","flow_id":3,"flow_packet_id":5,"flow_src_last_pkt_time":1352718180445661,"flow_dst_last_pkt_time":1352718180396360,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":270,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":270,"pkt_l4_len":236,"thread_ts_usec":1352718180445661,"pkt":"AAC8X0j6eOfR4AJeCABFAAEAcF5AAIAGAACNUQAKjVEAK81yrxIurdLHV0tKzVAY9tYbygAAcADAAAAEAhAAAAAAWAG6AAAAAAAAAAAAAAAAAAoAAgChAAQAASuWALEArABJ5QoCIAIkAQUADAAgAD4AXACAAE4HkQxMTVNfQUxJVkVCSVQBAAD+TgyRFkxNU19ESVNBQkxFXzJEU0NBTk5FUjEBAAH\/TgyRFkxNU19ESVNBQkxFXzJEU0NBTk5FUjIBAAH\/Tg+RG0xNU19ESVNBQkxFX0JBUkNPREVfU0NBTk5FUgABAAD+Tg+RG0xNU19TRVRQT0lOVENIQU5HRV9SRUNFSVZFRAABAAD+"}
00529{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":52,"source":"cfgs\/default\/pcap\/ethernetIP.pcap","alias":"nDPId-test","flow_id":4,"flow_packet_id":3,"flow_src_last_pkt_time":1352718180599940,"flow_dst_last_pkt_time":1352718180400615,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":1352718180599940,"pkt":"AAC8X0lReOfR4AJeCABFAAAocJ5AAIAGAACNUQAKjVEAF\/T9rxIm2H3VxmFjL1AQ+vAa3gAA"}
Powered by cgit, Themed by Ted Yin.