aboutsummaryrefslogtreecommitdiff
path: root/test/results/default/umas.pcap.out
diff options
context:
space:
mode:
authorToni Uhlig <matzeton@googlemail.com>2024-02-06 10:34:26 +0100
committerToni Uhlig <matzeton@googlemail.com>2024-02-06 10:34:52 +0100
commitfeb2583ef680281c827df75e3c3f6d4b97be8d8f (patch)
treedf3f88da74327f058527e70d2ef39a0b5f47a13c /test/results/default/umas.pcap.out
parent7368f222dbddebab4cb36d7585cb152721bdd024 (diff)
bump libnDPI to 4543385d107fcc5a7e8632e35d9a60bcc40cb4f4
* incorporated API changes from nDPI Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
Diffstat (limited to 'test/results/default/umas.pcap.out')
-rw-r--r--test/results/default/umas.pcap.out27
1 files changed, 27 insertions, 0 deletions
diff --git a/test/results/default/umas.pcap.out b/test/results/default/umas.pcap.out
new file mode 100644
index 000000000..a5163c7bf
--- /dev/null
+++ b/test/results/default/umas.pcap.out
@@ -0,0 +1,27 @@
+00560{"daemon_event_id":1,"daemon_event_name":"init","thread_id":0,"packet_id":0,"source":"cfgs\/default\/pcap\/umas.pcap","alias":"nDPId-test","version":"1.6.0","ndpi_version":"4.9.0-4537-4543385d","max-flows-per-thread":2048,"max-idle-flows-per-thread":64,"reader-thread-count":1,"flow-scan-interval":10000000,"generic-max-idle-time":600000000,"icmp-max-idle-time":120000000,"udp-max-idle-time":180000000,"tcp-max-idle-time":7560000000,"max-packets-per-flow-to-send":5,"max-packets-per-flow-to-process":32,"max-packets-per-flow-to-analyse":32,"global_ts_usec":0}
+00623{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":1,"source":"cfgs\/default\/pcap\/umas.pcap","alias":"nDPId-test","version":"1.6.0","ndpi_version":"4.9.0-4537-4543385d","packets-captured":1,"packets-processed":0,"total-skipped-flows":0,"total-l4-payload-len":0,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":0,"total-detection-updates":0,"total-updates":0,"current-active-flows":0,"total-active-flows":0,"total-idle-flows":0,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2,"global_ts_usec":1427906557268207}
+00772{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1,"source":"cfgs\/default\/pcap\/umas.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1427906557268207,"flow_src_last_pkt_time":1427906557268207,"flow_dst_last_pkt_time":1427906557268207,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1427906557268207,"l3_proto":"ip4","src_ip":"192.168.63.100","dst_ip":"192.168.63.253","src_port":7718,"dst_port":502,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
+00539{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1,"source":"cfgs\/default\/pcap\/umas.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":1,"flow_src_last_pkt_time":1427906557268207,"flow_dst_last_pkt_time":1427906557268207,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1427906557268207,"pkt":"AABUFPJPPJcOkVSrCABFAAA0BEhAAIAGAADAqD9kwKg\/\/R4mAfZGhPwKAAAAAIAC+vAA2QAAAgQFtAEDAwABAQQC"}
+00539{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2,"source":"cfgs\/default\/pcap\/umas.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":2,"flow_src_last_pkt_time":1427906557268207,"flow_dst_last_pkt_time":1427906557269147,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":64,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":64,"pkt_l4_len":28,"thread_ts_usec":1427906557269147,"pkt":"PJcOkVSrAABUFPJPCABFAAAwA8UAAEAGdlHAqD\/9wKg\/ZAH2HiaDEM+9RoT8C3ASEAC94gAAAgQFtAEDAwABAQ=="}
+00523{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3,"source":"cfgs\/default\/pcap\/umas.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":3,"flow_src_last_pkt_time":1427906557269226,"flow_dst_last_pkt_time":1427906557269147,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":1427906557269226,"pkt":"AABUFPJPPJcOkVSrCABFAAAoBElAAIAGAADAqD9kwKg\/\/R4mAfZGhPwLgxDPvlAQ+vAAzQAA"}
+00539{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":4,"source":"cfgs\/default\/pcap\/umas.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":4,"flow_src_last_pkt_time":1427906557270030,"flow_dst_last_pkt_time":1427906557269147,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":64,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":64,"pkt_l4_len":30,"thread_ts_usec":1427906557270030,"pkt":"AABUFPJPPJcOkVSrCABFAAAyBEpAAIAGAADAqD9kwKg\/\/R4mAfZGhPwLgxDPvlAY+vAA1wAAAAAAAAAEAFoAAg=="}
+00936{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":4,"source":"cfgs\/default\/pcap\/umas.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":1427906557268207,"flow_src_last_pkt_time":1427906557270030,"flow_dst_last_pkt_time":1427906557269147,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":10,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":10,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1427906557270030,"l3_proto":"ip4","src_ip":"192.168.63.100","dst_ip":"192.168.63.253","src_port":7718,"dst_port":502,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"Modbus.UMAS","proto_id":"44.364","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":31,"category":"IoT-Scada"}}
+00540{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":5,"source":"cfgs\/default\/pcap\/umas.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":5,"flow_src_last_pkt_time":1427906557270030,"flow_dst_last_pkt_time":1427906557270934,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":64,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":64,"pkt_l4_len":20,"thread_ts_usec":1427906557270934,"pkt":"PJcOkVSrAABUFPJPCABFAAAoA8YAAEAGdljAqD\/9wKg\/ZAH2HiaDEM++RoT8FVAQD\/3pnwAAAAAAAAAAr4V9rA=="}
+02159{"flow_event_id":5,"flow_event_name":"analyse","thread_id":0,"packet_id":32,"source":"cfgs\/default\/pcap\/umas.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"finished","flow_src_packets_processed":16,"flow_dst_packets_processed":16,"flow_first_seen":1427906557268207,"flow_src_last_pkt_time":1427906557351115,"flow_dst_last_pkt_time":1427906557356975,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":261,"flow_dst_max_l4_payload_len":261,"flow_src_tot_l4_payload_len":681,"flow_dst_tot_l4_payload_len":1681,"midstream":0,"thread_ts_usec":1427906557356975,"l3_proto":"ip4","src_ip":"192.168.63.100","dst_ip":"192.168.63.253","src_port":7718,"dst_port":502,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"data_analysis": {"iat": {"min":804,"avg":5537.9,"max":7349,"stddev":1780.8,"var":3171216.5,"ent":4.9,"data": [940,1019,804,1787,4681,6040,6956,6823,7337,7349,5705,5982,6152,6208,5897,5633,6112,6363,7173,6903,5759,5817,5975,5922,6032,6032,6059,6067,5931,5946,6272]},"pktlen": {"min":40,"avg":114.8,"max":301,"stddev":89.3,"var":7972.7,"ent":4.6,"data": [52,50,40,50,50,96,51,63,300,300,51,97,51,159,50,116,51,63,301,301,50,116,50,116,59,153,59,209,59,153,59,299]},"bins": {"c_to_s": [14,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"s_to_c": [4,2,3,3,0,1,0,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]},"directions": [0,1,0,0,1,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1],"entropies": [4.246296406,4.708757401,4.521928310,4.311788559,4.583464622,4.516215324,4.273243427,4.058829784,1.425814629,1.414997816,4.327260494,4.809130192,4.337956429,2.794489384,4.322699070,3.938342094,4.248828888,4.110339642,7.800658226,7.811439037,4.362698555,3.921101093,4.362698555,3.944849730,4.149783134,3.941774607,4.248089790,3.106703520,4.183681011,2.442554474,4.214191437,2.672472954]},"ndpi": {"confidence": {"6":"DPI"},"proto":"Modbus.UMAS","proto_id":"44.364","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":31,"category":"IoT-Scada"}}
+00987{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":191,"source":"cfgs\/default\/pcap\/umas.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"finished","flow_src_packets_processed":94,"flow_dst_packets_processed":97,"flow_first_seen":1427906557268207,"flow_src_last_pkt_time":1427906558034821,"flow_dst_last_pkt_time":1427906558034788,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":261,"flow_dst_max_l4_payload_len":261,"flow_src_tot_l4_payload_len":1788,"flow_dst_tot_l4_payload_len":16862,"midstream":0,"thread_ts_usec":1427906558034821,"l3_proto":"ip4","src_ip":"192.168.63.100","dst_ip":"192.168.63.253","src_port":7718,"dst_port":502,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"Modbus.UMAS","proto_id":"44.364","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":31,"category":"IoT-Scada"}}
+00636{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":191,"source":"cfgs\/default\/pcap\/umas.pcap","alias":"nDPId-test","version":"1.6.0","ndpi_version":"4.9.0-4537-4543385d","packets-captured":191,"packets-processed":191,"total-skipped-flows":0,"total-l4-payload-len":18650,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":1,"total-detection-updates":0,"total-updates":0,"current-active-flows":0,"total-active-flows":1,"total-idle-flows":1,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":12,"global_ts_usec":1427906558034821}
+~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~
+~~ packets captured/processed: 191/191
+~~ skipped flows.............: 0
+~~ total layer4 data length..: 18650 bytes
+~~ total detected protocols..: 1
+~~ total active/idle flows...: 1/1
+~~ total timeout flows.......: 0
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+~~ total memory allocated....: 5343655 bytes
+~~ total memory freed........: 5343655 bytes
+~~ total allocations/frees...: 86207/86207
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+~~ json message min len.......: 528 chars
+~~ json message max len.......: 2164 chars
+~~ json message avg len.......: 1266 chars
Powered by cgit, Themed by Ted Yin.