diff options
| author | Toni Uhlig <matzeton@googlemail.com> | 2023-11-08 01:27:42 +0100 |
|---|---|---|
| committer | Toni Uhlig <matzeton@googlemail.com> | 2023-11-08 01:27:42 +0100 |
| commit | d80ea84d2ebebe29761f3727fbc5295ba3cb81b8 (patch) | |
| tree | 036fa1f3a19cdd9e03b9119cecd0e0386cb9bf86 /test/results/flow-info/default/softether.pcap.out | |
| parent | b1e679b0bbc4e2c33db12dde598c35c8bf680490 (diff) | |
Reset `Unidirectional Traffc` risk if packets from both directions processed.1.6rc2
* Fixed risk hash value calculation, which was only done lower 32 bits.
* Reduced default reader threads count to two if cross compiling.
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
Diffstat (limited to 'test/results/flow-info/default/softether.pcap.out')
1 files changed, 16 insertions, 15 deletions
diff --git a/test/results/flow-info/default/softether.pcap.out b/test/results/flow-info/default/softether.pcap.out index 0fbe92379..2dbf121f3 100644 --- a/test/results/flow-info/default/softether.pcap.out +++ b/test/results/flow-info/default/softether.pcap.out @@ -16,9 +16,9 @@ DAEMON-EVENT: [Flows][active: 1 / 2|skipped: 0|!detected: 0|guessed: 0|detection-updates: 1|updates: 3] new: [.....3] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.113][.5004] detected: [.....3] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.113][.5004] [Softether][Unknown][VPN][Acceptable] - idle: [.....2] [ip4][..tcp] [..192.168.2.100][37504] -> [..130.158.75.45][...80] - update: [.....3] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.113][.5004] - update: [.....3] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.113][.5004] + idle: [.....2] [ip4][..tcp] [..192.168.2.100][37504] -> [..130.158.75.45][...80] [HTTP.Softether][Unknown][VPN][Acceptable] + update: [.....3] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.113][.5004] [Softether][Unknown][VPN][Acceptable] + update: [.....3] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.113][.5004] [Softether][Unknown][VPN][Acceptable] detection-update: [.....3] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.113][.5004] [Softether][Unknown][VPN][Acceptable] update: [.....3] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.113][.5004] [Softether][Unknown][VPN][Acceptable] DAEMON-EVENT: [Processed: 34 pkts][ZLib][compressions: 0|diff: 0 / 0] @@ -26,6 +26,7 @@ new: [.....4] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.105][.5004] detected: [.....4] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.105][.5004] [Softether][Unknown][VPN][Acceptable] RISK: Unidirectional Traffic + detection-update: [.....4] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.105][.5004] [Softether][Unknown][VPN][Acceptable] update: [.....3] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.113][.5004] [Softether][Unknown][VPN][Acceptable] detection-update: [.....4] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.105][.5004] [Softether][Unknown][VPN][Acceptable] detection-update: [.....4] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.105][.5004] [Softether][Unknown][VPN][Acceptable] @@ -34,43 +35,43 @@ update: [.....3] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.113][.5004] [Softether][Unknown][VPN][Acceptable] update: [.....4] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.105][.5004] [Softether][Unknown][VPN][Acceptable] DAEMON-EVENT: [Processed: 55 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 2 / 4|skipped: 0|!detected: 0|guessed: 0|detection-updates: 4|updates: 11] + DAEMON-EVENT: [Flows][active: 2 / 4|skipped: 0|!detected: 0|guessed: 0|detection-updates: 5|updates: 11] idle: [.....3] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.113][.5004] [Softether][Unknown][VPN][Acceptable] update: [.....4] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.105][.5004] [Softether][Unknown][VPN][Acceptable] update: [.....4] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.105][.5004] [Softether][Unknown][VPN][Acceptable] update: [.....4] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.105][.5004] [Softether][Unknown][VPN][Acceptable] update: [.....4] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.105][.5004] [Softether][Unknown][VPN][Acceptable] DAEMON-EVENT: [Processed: 70 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 1 / 4|skipped: 0|!detected: 0|guessed: 0|detection-updates: 4|updates: 15] + DAEMON-EVENT: [Flows][active: 1 / 4|skipped: 0|!detected: 0|guessed: 0|detection-updates: 5|updates: 15] new: [.....5] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.112][.5004] detected: [.....5] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.112][.5004] [Softether][Unknown][VPN][Acceptable] idle: [.....4] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.105][.5004] [Softether][Unknown][VPN][Acceptable] - update: [.....5] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.112][.5004] - update: [.....5] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.112][.5004] - update: [.....5] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.112][.5004] + update: [.....5] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.112][.5004] [Softether][Unknown][VPN][Acceptable] + update: [.....5] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.112][.5004] [Softether][Unknown][VPN][Acceptable] + update: [.....5] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.112][.5004] [Softether][Unknown][VPN][Acceptable] DAEMON-EVENT: [Processed: 85 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 1 / 5|skipped: 0|!detected: 0|guessed: 0|detection-updates: 4|updates: 18] + DAEMON-EVENT: [Flows][active: 1 / 5|skipped: 0|!detected: 0|guessed: 0|detection-updates: 5|updates: 18] update: [.....5] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.112][.5004] [Softether][Unknown][VPN][Acceptable] update: [.....5] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.112][.5004] [Softether][Unknown][VPN][Acceptable] update: [.....5] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.112][.5004] [Softether][Unknown][VPN][Acceptable] update: [.....5] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.112][.5004] [Softether][Unknown][VPN][Acceptable] DAEMON-EVENT: [Processed: 100 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 1 / 5|skipped: 0|!detected: 0|guessed: 0|detection-updates: 4|updates: 22] + DAEMON-EVENT: [Flows][active: 1 / 5|skipped: 0|!detected: 0|guessed: 0|detection-updates: 5|updates: 22] new: [.....6] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.113][.5004] detected: [.....6] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.113][.5004] [Softether][Unknown][VPN][Acceptable] idle: [.....5] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.112][.5004] [Softether][Unknown][VPN][Acceptable] - update: [.....6] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.113][.5004] + update: [.....6] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.113][.5004] [Softether][Unknown][VPN][Acceptable] detection-update: [.....6] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.113][.5004] [Softether][Unknown][VPN][Acceptable] update: [.....6] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.113][.5004] [Softether][Unknown][VPN][Acceptable] update: [.....6] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.113][.5004] [Softether][Unknown][VPN][Acceptable] DAEMON-EVENT: [Processed: 115 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 1 / 6|skipped: 0|!detected: 0|guessed: 0|detection-updates: 5|updates: 25] + DAEMON-EVENT: [Flows][active: 1 / 6|skipped: 0|!detected: 0|guessed: 0|detection-updates: 6|updates: 25] update: [.....6] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.113][.5004] [Softether][Unknown][VPN][Acceptable] update: [.....6] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.113][.5004] [Softether][Unknown][VPN][Acceptable] update: [.....6] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.113][.5004] [Softether][Unknown][VPN][Acceptable] update: [.....6] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.113][.5004] [Softether][Unknown][VPN][Acceptable] DAEMON-EVENT: [Processed: 130 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 1 / 6|skipped: 0|!detected: 0|guessed: 0|detection-updates: 5|updates: 29] + DAEMON-EVENT: [Flows][active: 1 / 6|skipped: 0|!detected: 0|guessed: 0|detection-updates: 6|updates: 29] analyse: [.....6] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.113][.5004] [Softether][Unknown][VPN][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: 0.257| 1566.080| 9319.382| 0.000| 0.000| 1.100] @@ -86,13 +87,13 @@ update: [.....6] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.113][.5004] [Softether][Unknown][VPN][Acceptable] update: [.....6] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.113][.5004] [Softether][Unknown][VPN][Acceptable] DAEMON-EVENT: [Processed: 145 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 1 / 6|skipped: 0|!detected: 0|guessed: 0|detection-updates: 5|updates: 33] + DAEMON-EVENT: [Flows][active: 1 / 6|skipped: 0|!detected: 0|guessed: 0|detection-updates: 6|updates: 33] update: [.....6] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.113][.5004] [Softether][Unknown][VPN][Acceptable] update: [.....6] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.113][.5004] [Softether][Unknown][VPN][Acceptable] update: [.....6] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.113][.5004] [Softether][Unknown][VPN][Acceptable] update: [.....6] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.113][.5004] [Softether][Unknown][VPN][Acceptable] DAEMON-EVENT: [Processed: 162 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 1 / 6|skipped: 0|!detected: 0|guessed: 0|detection-updates: 5|updates: 37] + DAEMON-EVENT: [Flows][active: 1 / 6|skipped: 0|!detected: 0|guessed: 0|detection-updates: 6|updates: 37] update: [.....6] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.113][.5004] [Softether][Unknown][VPN][Acceptable] update: [.....6] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.113][.5004] [Softether][Unknown][VPN][Acceptable] update: [.....6] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.113][.5004] [Softether][Unknown][VPN][Acceptable] |