diff options
author | Toni Uhlig <matzeton@googlemail.com> | 2022-09-22 19:07:08 +0200 |
---|---|---|
committer | Toni Uhlig <matzeton@googlemail.com> | 2022-09-22 19:07:08 +0200 |
commit | 9a28475bba88b711b7075b58473b7e5b5df1f393 (patch) | |
tree | 73cdf56320f14b5fe0fbfb2e930cf7ea025f9117 /test/results/flow-info/fix.pcap.out | |
parent | 28971cd7647a79253000fb33e52b5d2129e5ba62 (diff) |
Improved flown analyse event:
* store packet directions
* merged direction based IATs
* merged direction based PKTLENs
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
Diffstat (limited to 'test/results/flow-info/fix.pcap.out')
-rw-r--r-- | test/results/flow-info/fix.pcap.out | 50 |
1 files changed, 30 insertions, 20 deletions
diff --git a/test/results/flow-info/fix.pcap.out b/test/results/flow-info/fix.pcap.out index e41f3ca79..7e9d6815f 100644 --- a/test/results/flow-info/fix.pcap.out +++ b/test/results/flow-info/fix.pcap.out @@ -14,32 +14,38 @@ new: [.....6] [ip4][..tcp] [.....8.17.22.31][.4000] -> [...192.168.0.20][47962] [MIDSTREAM] detected: [.....6] [ip4][..tcp] [.....8.17.22.31][.4000] -> [...192.168.0.20][47962] [FIX][RPC][Safe] analyse: [.....3] [ip4][..tcp] [..208.245.107.3][.4000] -> [...192.168.0.20][45578] [FIX][RPC][Safe] - [min|max|avg|stddev] - [IAT(flow)...: 0.000| 0.315| 0.065| 0.068] - [IAT(c->s)...: 0.004| 0.315| 0.067| 0.068][IAT(s->c)...: 0.000| 0.315| 0.063| 0.068] - [PKTLEN(c->s): 54.000| 511.000| 149.100| 106.800][PKTLEN(s->c): 60.000| 140.000| 65.000| 19.400] + [min|max|avg|stddev|variance|entropy] + [IAT.........: 0.000| 0.315| 0.065| 0.068| 4636.039| 0.000] + [PKTLEN......: 54.000| 511.000| 107.100| 87.500| 7658.200| 4.700] [BINS(c->s)..: 4,6,1,1,1,2,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 15,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + [DIRECTIONS..: 0,1,1,0,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1] + [IATS........: 170,209,52428,3585,93980,87569,49399,50741,50707,52796,52875,49653,49630,49737,49707,49456,49402,49750,49791,49981,50005,49926,49930,49589,49596,49797,49760,50218,50168,314891,314954,0] + [PKTLENS.....: 93,60,140,169,54,60,511,60,230,60,233,60,143,60,110,60,185,60,112,60,81,60,106,60,81,60,89,60,108,60,81,60] new: [.....7] [ip4][..tcp] [..208.245.107.3][.4000] -> [...192.168.0.20][38652] [MIDSTREAM] detected: [.....7] [ip4][..tcp] [..208.245.107.3][.4000] -> [...192.168.0.20][38652] [FIX][RPC][Safe] new: [.....8] [ip4][..tcp] [.....8.17.22.31][.4000] -> [...192.168.0.20][40918] [MIDSTREAM] detected: [.....8] [ip4][..tcp] [.....8.17.22.31][.4000] -> [...192.168.0.20][40918] [FIX][RPC][Safe] analyse: [.....2] [ip4][..tcp] [.....8.17.22.31][.4000] -> [...192.168.0.20][47968] [FIX][RPC][Safe] - [min|max|avg|stddev] - [IAT(flow)...: 0.000| 0.300| 0.091| 0.084] - [IAT(c->s)...: 0.000| 0.300| 0.094| 0.084][IAT(s->c)...: 0.000| 0.300| 0.088| 0.084] - [PKTLEN(c->s): 66.000| 135.000| 100.600| 15.800][PKTLEN(s->c): 66.000| 153.000| 71.400| 21.100] + [min|max|avg|stddev|variance|entropy] + [IAT.........: 0.000| 0.300| 0.091| 0.084| 7079.807| 0.000] + [PKTLEN......: 66.000| 153.000| 86.000| 23.600| 558.300| 4.900] [BINS(c->s)..: 6,8,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 15,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + [DIRECTIONS..: 0,1,0,0,1,1,0,0,1,1,0,1,0,1,0,1,0,0,1,1,1,0,0,1,0,1,0,1,0,1,0,1] + [IATS........: 147,100141,123,100163,124,100018,123,100053,25,99913,99995,100225,100166,100788,100836,300170,29,300186,26,222,17881,82390,142005,200503,158539,99966,99944,398,386,200212,200256,0] + [PKTLENS.....: 96,66,101,92,66,66,101,100,66,66,92,66,135,66,91,66,105,135,66,66,153,66,105,66,101,66,101,66,90,66,98,66] new: [.....9] [ip4][..tcp] [..208.245.107.3][.4000] -> [...192.168.0.20][38646] [MIDSTREAM] detected: [.....9] [ip4][..tcp] [..208.245.107.3][.4000] -> [...192.168.0.20][38646] [FIX][RPC][Safe] analyse: [.....1] [ip4][..tcp] [.....8.17.22.31][.4000] -> [...192.168.0.20][43594] [FIX][RPC][Safe] - [min|max|avg|stddev] - [IAT(flow)...: 0.000| 0.291| 0.178| 0.113] - [IAT(c->s)...: 0.000| 0.251| 0.184| 0.108][IAT(s->c)...: 0.000| 0.291| 0.172| 0.117] - [PKTLEN(c->s): 66.000| 254.000| 148.100| 45.100][PKTLEN(s->c): 66.000| 151.000| 71.300| 20.600] + [min|max|avg|stddev|variance|entropy] + [IAT.........: 0.000| 0.291| 0.178| 0.113|12753.578| 0.000] + [PKTLEN......: 66.000| 254.000| 109.700| 52.000| 2700.500| 4.800] [BINS(c->s)..: 2,4,3,5,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 15,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + [DIRECTIONS..: 0,1,0,1,0,0,1,1,1,0,0,1,0,1,0,1,0,1,0,1,0,1,0,0,1,1,0,1,0,1,0,1] + [IATS........: 209,293,265,250589,114,250615,24,223,18233,232135,291268,250073,208970,250691,250733,250586,250560,250658,250654,250671,250658,250632,30,250660,26,251471,251453,249735,249759,250325,250315,0] + [PKTLENS.....: 152,66,91,66,105,152,66,66,151,66,169,66,169,66,186,66,169,66,169,66,118,66,254,113,66,66,135,66,203,66,118,66] new: [....10] [ip4][..tcp] [..208.245.107.3][.4000] -> [...192.168.0.20][39094] [MIDSTREAM] detected: [....10] [ip4][..tcp] [..208.245.107.3][.4000] -> [...192.168.0.20][39094] [FIX][RPC][Safe] new: [....11] [ip4][..tcp] [..217.192.86.32][.4000] -> [...192.168.0.20][53330] [MIDSTREAM] @@ -47,19 +53,23 @@ new: [....12] [ip4][..tcp] [.....8.17.22.31][.4000] -> [...192.168.0.20][40928] [MIDSTREAM] detected: [....12] [ip4][..tcp] [.....8.17.22.31][.4000] -> [...192.168.0.20][40928] [FIX][RPC][Safe] analyse: [.....5] [ip4][..tcp] [..208.245.107.3][.4000] -> [...192.168.0.20][45584] [FIX][RPC][Safe] - [min|max|avg|stddev] - [IAT(flow)...: 0.000| 5.507| 0.699| 1.281] - [IAT(c->s)...: 0.046| 5.507| 0.721| 1.296][IAT(s->c)...: 0.000| 5.507| 0.678| 1.266] - [PKTLEN(c->s): 54.000| 93.000| 85.100| 11.800][PKTLEN(s->c): 60.000| 141.000| 70.100| 26.600] + [min|max|avg|stddev|variance|entropy] + [IAT.........: 0.000| 5.507| 0.699| 1.281|1640706.605| 0.000] + [PKTLEN......: 54.000| 141.000| 77.600| 21.900| 481.200| 4.900] [BINS(c->s)..: 2,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 14,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + [DIRECTIONS..: 0,1,0,1,0,1,1,0,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,1,0,0,1] + [IATS........: 168,500717,500699,200419,200471,184,89723,210661,340264,500679,460548,5507291,5507323,600979,600971,400442,400455,700964,700990,400404,400386,600557,600559,400806,400807,600830,600822,215,54314,45693,140268,0] + [PKTLENS.....: 89,60,89,60,93,60,141,54,89,60,89,60,89,60,89,60,89,60,89,60,89,60,89,60,89,60,93,60,140,54,89,60] analyse: [.....8] [ip4][..tcp] [.....8.17.22.31][.4000] -> [...192.168.0.20][40918] [FIX][RPC][Safe] - [min|max|avg|stddev] - [IAT(flow)...: 0.000| 4.175| 1.332| 1.132] - [IAT(c->s)...: 0.022| 4.175| 1.376| 1.120][IAT(s->c)...: 0.000| 4.175| 1.290| 1.143] - [PKTLEN(c->s): 66.000| 147.000| 106.700| 19.500][PKTLEN(s->c): 66.000| 151.000| 76.600| 28.100] + [min|max|avg|stddev|variance|entropy] + [IAT.........: 0.000| 4.175| 1.332| 1.132|1282462.056| 0.000] + [PKTLEN......: 66.000| 151.000| 91.700| 28.500| 811.200| 4.900] [BINS(c->s)..: 2,13,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 14,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + [DIRECTIONS..: 0,1,0,1,0,1,0,1,1,0,0,1,0,1,0,1,0,1,0,1,0,1,0,1,1,0,0,1,0,1,0,1] + [IATS........: 110,1093319,1093395,599016,598995,1546128,1546141,239,22763,2072709,2137804,913298,870712,442005,442027,3366066,3366054,1195438,1195405,437653,437695,1550229,1550211,211,22417,1711389,1774342,1498173,1457475,4175061,4175010,0] + [PKTLENS.....: 105,66,126,66,105,66,105,66,151,66,105,66,105,66,126,66,105,66,126,66,105,66,105,66,151,66,105,66,147,66,105,66] idle: [.....3] [ip4][..tcp] [..208.245.107.3][.4000] -> [...192.168.0.20][45578] [FIX][RPC][Safe] idle: [.....5] [ip4][..tcp] [..208.245.107.3][.4000] -> [...192.168.0.20][45584] [FIX][RPC][Safe] idle: [.....8] [ip4][..tcp] [.....8.17.22.31][.4000] -> [...192.168.0.20][40918] [FIX][RPC][Safe] |