diff options
| author | Toni Uhlig <matzeton@googlemail.com> | 2022-09-24 23:25:33 +0200 |
|---|---|---|
| committer | Toni Uhlig <matzeton@googlemail.com> | 2022-09-25 00:54:39 +0200 |
| commit | 2103ee0811e3f606b8129d044e22cd33804e2117 (patch) | |
| tree | 80e76fd406e5f6dbf745ca39fa6d55d85790c530 /test/results/flow-info/vnc.pcap.out | |
| parent | 36f1786bde2572cf7eb44aa1384b61ecfebdeff3 (diff) | |
Refactored client distributor C API.
* Still not perfect, but the code before was not even able to deal with JSON arrays.
Use common "speaking" function names for all functions in nDPIsrvd.h
* Provide a more or less generic and easy extendable JSON walk function.
* Modified C examples to align with the changed C API.
* c-collectd: Reduced lot's of code duplication by providing mapping tables.
* nDPId: IAT array requires one slot less (first packet has always an IAT of 0).
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
Diffstat (limited to 'test/results/flow-info/vnc.pcap.out')
| -rw-r--r-- | test/results/flow-info/vnc.pcap.out | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/test/results/flow-info/vnc.pcap.out b/test/results/flow-info/vnc.pcap.out index 460456186..4b435b887 100644 --- a/test/results/flow-info/vnc.pcap.out +++ b/test/results/flow-info/vnc.pcap.out @@ -11,7 +11,7 @@ [BINS(c->s)..: 12,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 13,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [DIRECTIONS..: 0,1,0,1,0,1,0,1,1,0,0,1,0,1,0,0,1,0,0,1,0,0,1,0,1,1,1,1,0,0,0,1] - [IATS(ms)....: 0.5,38.8,49.9,50.3,38.8,37.1,157.8,7.0,164.5,0.7,37.5,0.2,0.0,36.4,0.0,37.3,1.2,0.0,0.2,0.7,0.0,0.7,0.5,199.0,310.3,0.0,0.1,545.3,0.7,22.3,59.5,0.0] + [IATS(ms)....: 0.5,38.8,49.9,50.3,38.8,37.1,157.8,7.0,164.5,0.7,37.5,0.2,0.0,36.4,0.0,37.3,1.2,0.0,0.2,0.7,0.0,0.7,0.5,199.0,310.3,0.0,0.1,545.3,0.7,22.3,59.5] [PKTLENS.....: 66,66,60,66,66,62,60,54,73,60,83,88,88,76,60,89,54,88,86,54,82,86,54,77,54,84,82,86,60,60,81,54] new: [.....2] [ip4][..tcp] [..95.237.48.208][51559] -> [..192.168.2.110][.6900] detected: [.....2] [ip4][..tcp] [..95.237.48.208][51559] -> [..192.168.2.110][.6900] [VNC][RemoteAccess][Acceptable] @@ -23,7 +23,7 @@ [BINS(c->s)..: 13,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 12,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [DIRECTIONS..: 0,1,0,1,0,1,0,1,0,1,1,0,0,1,0,1,0,0,1,0,0,1,0,0,0,1,1,1,1,0,0,0] - [IATS(ms)....: 0.1,37.5,48.7,49.6,38.3,36.9,46.4,48.5,45.7,1.7,45.5,0.2,37.4,0.5,0.4,36.8,3.0,39.9,0.8,0.2,0.8,0.8,0.2,0.0,1.0,501.8,0.0,0.7,538.8,0.0,97.7,0.0] + [IATS(ms)....: 0.1,37.5,48.7,49.6,38.3,36.9,46.4,48.5,45.7,1.7,45.5,0.2,37.4,0.5,0.4,36.8,3.0,39.9,0.8,0.2,0.8,0.8,0.2,0.0,1.0,501.8,0.0,0.7,538.8,0.0,97.7] [PKTLENS.....: 66,66,60,66,66,62,60,54,60,54,73,60,83,88,88,76,60,89,54,88,86,54,82,86,77,54,84,82,86,60,60,81] idle: [.....2] [ip4][..tcp] [..95.237.48.208][51559] -> [..192.168.2.110][.6900] [VNC][RemoteAccess][Acceptable] RISK: Known Proto on Non Std Port, Desktop/File Sharing |