nDPId: Added some error messages when workflow init fails.

 * Fixed invalid array subscript typ0 (caused some trouble..)
 * bump libnDPI to 2cd0479204301c50c6149706fcd4df3058b2a8cc

Signed-off-by: Toni Uhlig <matzeton@googlemail.com>

1 files changed, 31 insertions, 0 deletions

diff --git a/test/results/gtp_false_positive.pcapng.out b/test/results/gtp_false_positive.pcapng.out
new file mode 100644
index 000000000..e47fe2dfa
--- /dev/null
+++ b/test/results/gtp_false_positive.pcapng.out
@@ -0,0 +1,31 @@
+00454{"daemon_event_id":1,"daemon_event_name":"init","thread_id":0,"packet_id":0,"source":"gtp_false_positive.pcapng","alias":"nDPId-test","max-flows-per-thread":2048,"max-idle-flows-per-thread":256,"tick-resolution":1000,"reader-thread-count":1,"flow-scan-interval":10000,"generic-max-idle-time":600000,"icmp-max-idle-time":120000,"udp-max-idle-time":180000,"tcp-max-idle-time":7560000,"max-packets-per-flow-to-send":3,"max-packets-per-flow-to-process":255}
+00563{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1,"source":"gtp_false_positive.pcapng","alias":"nDPId-test","flow_id":1,"flow_packets_processed":1,"flow_first_seen":1638856441836,"flow_last_seen":1638856441836,"flow_idle_time":180000,"flow_min_l4_payload_len":39,"flow_max_l4_payload_len":39,"flow_tot_l4_payload_len":39,"flow_avg_l4_payload_len":39,"midstream":0,"ts_msec":1638856441836,"l3_proto":"ip4","src_ip":"24.1.33.66","dst_ip":"62.56.122.232","src_port":29255,"dst_port":3386,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3}
+00489{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1,"source":"gtp_false_positive.pcapng","alias":"nDPId-test","flow_id":1,"flow_packet_id":1,"flow_last_seen":1638856441836,"flow_idle_time":180000,"pkt_oversize":false,"pkt_caplen":81,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":81,"pkt_l4_len":47,"ts_msec":1638856441836,"pkt":"AAAAAAAAAAEAm1OyCABFAABDuMQAAD8R0IIYASFCPjh66HJHDToAL3+GJwAAAAJZAADIADJepW8BAAAAHa0lUAAAAAAAAAAAAAAAAAEAAAAA"}
+00489{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2,"source":"gtp_false_positive.pcapng","alias":"nDPId-test","flow_id":1,"flow_packet_id":2,"flow_last_seen":1638856442050,"flow_idle_time":180000,"pkt_oversize":false,"pkt_caplen":81,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":81,"pkt_l4_len":47,"ts_msec":1638856442050,"pkt":"AAAAAAAAAAEAm1OyCABFAABDLq0AAD8RWpoYASFCPjh66HJHDToAL3+GJwAAAAJZAADIADJepW8BAAAAHa0lUAAAAAAAAAAAAAAAAAEAAAAA"}
+00501{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3,"source":"gtp_false_positive.pcapng","alias":"nDPId-test","flow_id":1,"flow_packet_id":3,"flow_last_seen":1638856501910,"flow_idle_time":180000,"pkt_oversize":false,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"ts_msec":1638856501910,"pkt":"AAAAAAAAAAEAm1OyCABFAABLxYgAAD8Rw7YYASFCPjh66HJHDToANyFgLwAAAALBDwDIAAEAAADTFLeVMl6lbwABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="}
+00580{"flow_event_id":8,"flow_event_name":"not-detected","thread_id":0,"packet_id":6,"source":"gtp_false_positive.pcapng","alias":"nDPId-test","flow_id":1,"flow_packets_processed":5,"flow_first_seen":1638856441836,"flow_last_seen":1638856511476,"flow_idle_time":180000,"flow_min_l4_payload_len":39,"flow_max_l4_payload_len":47,"flow_tot_l4_payload_len":218,"flow_avg_l4_payload_len":43,"midstream":0,"ts_msec":1639664897536,"l3_proto":"ip4","src_ip":"24.1.33.66","dst_ip":"62.56.122.232","src_port":29255,"dst_port":3386,"l4_proto":"udp","ndpi": {"proto":"Unknown","breed":"Unrated"}}
+00565{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6,"source":"gtp_false_positive.pcapng","alias":"nDPId-test","flow_id":1,"flow_packets_processed":5,"flow_first_seen":1638856441836,"flow_last_seen":1638856511476,"flow_idle_time":180000,"flow_min_l4_payload_len":39,"flow_max_l4_payload_len":47,"flow_tot_l4_payload_len":218,"flow_avg_l4_payload_len":43,"midstream":0,"ts_msec":1639664897536,"l3_proto":"ip4","src_ip":"24.1.33.66","dst_ip":"62.56.122.232","src_port":29255,"dst_port":3386,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3}
+00563{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":6,"source":"gtp_false_positive.pcapng","alias":"nDPId-test","flow_id":2,"flow_packets_processed":1,"flow_first_seen":1639664897536,"flow_last_seen":1639664897536,"flow_idle_time":180000,"flow_min_l4_payload_len":8,"flow_max_l4_payload_len":8,"flow_tot_l4_payload_len":8,"flow_avg_l4_payload_len":8,"midstream":0,"ts_msec":1639664897536,"l3_proto":"ip4","src_ip":"50.7.111.134","dst_ip":"103.225.103.159","src_port":17000,"dst_port":2123,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3}
+00457{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":6,"source":"gtp_false_positive.pcapng","alias":"nDPId-test","flow_id":2,"flow_packet_id":1,"flow_last_seen":1639664897536,"flow_idle_time":180000,"pkt_oversize":false,"pkt_caplen":56,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":56,"pkt_l4_len":16,"ts_msec":1639664897536,"pkt":"AAAAAAAAAAgAcgnYCABFaAAk3R5AADMR+TQyB2+GZ+Fnn0JoCEsAEMsJNwMAAEIAAAAAAAAAAAA="}
+00594{"flow_event_id":5,"flow_event_name":"guessed","thread_id":0,"packet_id":7,"source":"gtp_false_positive.pcapng","alias":"nDPId-test","flow_id":2,"flow_packets_processed":1,"flow_first_seen":1639664897536,"flow_last_seen":1639664897536,"flow_idle_time":180000,"flow_min_l4_payload_len":8,"flow_max_l4_payload_len":8,"flow_tot_l4_payload_len":8,"flow_avg_l4_payload_len":8,"midstream":0,"ts_msec":1640630605457,"l3_proto":"ip4","src_ip":"50.7.111.134","dst_ip":"103.225.103.159","src_port":17000,"dst_port":2123,"l4_proto":"udp","ndpi": {"proto":"GTP","breed":"Acceptable","category":"Network"}}
+00564{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7,"source":"gtp_false_positive.pcapng","alias":"nDPId-test","flow_id":2,"flow_packets_processed":1,"flow_first_seen":1639664897536,"flow_last_seen":1639664897536,"flow_idle_time":180000,"flow_min_l4_payload_len":8,"flow_max_l4_payload_len":8,"flow_tot_l4_payload_len":8,"flow_avg_l4_payload_len":8,"midstream":0,"ts_msec":1640630605457,"l3_proto":"ip4","src_ip":"50.7.111.134","dst_ip":"103.225.103.159","src_port":17000,"dst_port":2123,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3}
+00571{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":7,"source":"gtp_false_positive.pcapng","alias":"nDPId-test","flow_id":3,"flow_packets_processed":1,"flow_first_seen":1640630605457,"flow_last_seen":1640630605457,"flow_idle_time":180000,"flow_min_l4_payload_len":326,"flow_max_l4_payload_len":326,"flow_tot_l4_payload_len":326,"flow_avg_l4_payload_len":326,"midstream":0,"ts_msec":1640630605457,"l3_proto":"ip4","src_ip":"119.185.190.173","dst_ip":"66.86.98.114","src_port":2123,"dst_port":50140,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3}
+00879{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":7,"source":"gtp_false_positive.pcapng","alias":"nDPId-test","flow_id":3,"flow_packet_id":1,"flow_last_seen":1640630605457,"flow_idle_time":180000,"pkt_oversize":false,"pkt_caplen":368,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":368,"pkt_l4_len":334,"ts_msec":1640630605457,"pkt":"AAAAAAAAAAgAF2izCABFAAFiEjRAAD0RTyh3ub6tQlZicghLw9wBTnl2RgEAAAJ5AwDIAMWLvaZzN8g7AAAAAHAALV6UJ\/cTHdx+UcbekdlVsrIQyORBtJYGjhwit4VPN8cgIpZwuzYVz0TO+kH8rnowgXXPb2P\/JTt2WeT4FCyPlfScgvudUxqPf1kwZMd0KmXiXleYPXTNqftx0xJj\/Kb2FN1yrSOQIVUjnqcH8TbL6jgJymGUAAAAfj1DGkvghwUAAAAAAQAAAAABAAAAAAAAAAAAAgBvbQcAAAAAAAAASgABBwAAAAgAYXV0b0FsZ28BADEQAGF1dG9Jbml0TGltaXRSZXMBADAMAGF1dG9MaW1pdFJlcwEAMAcAYndlQWxnbwEAMQwAZG91Ymxlaml0dGVyAQAwCQBwcm9iZVN0cmEBADAGAHNka2JiciAAYWNrVGltZU91dDoyMDB8YWNrVGltZUxlbmd0aDo2MDA="}
+00602{"flow_event_id":5,"flow_event_name":"guessed","thread_id":0,"packet_id":7,"source":"gtp_false_positive.pcapng","alias":"nDPId-test","flow_id":3,"flow_packets_processed":1,"flow_first_seen":1640630605457,"flow_last_seen":1640630605457,"flow_idle_time":180000,"flow_min_l4_payload_len":326,"flow_max_l4_payload_len":326,"flow_tot_l4_payload_len":326,"flow_avg_l4_payload_len":326,"midstream":0,"ts_msec":1640630605457,"l3_proto":"ip4","src_ip":"119.185.190.173","dst_ip":"66.86.98.114","src_port":2123,"dst_port":50140,"l4_proto":"udp","ndpi": {"proto":"GTP","breed":"Acceptable","category":"Network"}}
+00572{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7,"source":"gtp_false_positive.pcapng","alias":"nDPId-test","flow_id":3,"flow_packets_processed":1,"flow_first_seen":1640630605457,"flow_last_seen":1640630605457,"flow_idle_time":180000,"flow_min_l4_payload_len":326,"flow_max_l4_payload_len":326,"flow_tot_l4_payload_len":326,"flow_avg_l4_payload_len":326,"midstream":0,"ts_msec":1640630605457,"l3_proto":"ip4","src_ip":"119.185.190.173","dst_ip":"66.86.98.114","src_port":2123,"dst_port":50140,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3}
+00168{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":7,"source":"gtp_false_positive.pcapng","alias":"nDPId-test","total-events-serialized":16}
+~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~
+~~ packets captured/processed: 7/7
+~~ skipped flows.............: 0
+~~ total layer4 data length..: 552 bytes
+~~ total detected protocols..: 0
+~~ total active/idle flows...: 3/3
+~~ total timeout flows.......: 2
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+~~ total memory allocated....: 4593026 bytes
+~~ total memory freed........: 4593026 bytes
+~~ total allocations/frees...: 99547/99547
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+~~ json string min len.......: 173 chars
+~~ json string max len.......: 884 chars
+~~ json string avg len.......: 590 chars