diff options
| author | Toni Uhlig <matzeton@googlemail.com> | 2021-07-14 11:55:17 +0200 |
|---|---|---|
| committer | Toni Uhlig <matzeton@googlemail.com> | 2021-07-14 11:55:17 +0200 |
| commit | c32461b032fd2fec74821f3bd5c9bcc2c9689de2 (patch) | |
| tree | 3ecd07e7cd5a272ff831ca1d48b800edbdca05ff /test/results/iphone.pcap.out | |
| parent | 6f04807236f55c734816ddcc5ab80d06f89a3a9b (diff) | |
bump libnDPI to b95bd0358fd43d9fdfdc5266e3c8923b91e1d4db
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
Diffstat (limited to 'test/results/iphone.pcap.out')
| -rw-r--r-- | test/results/iphone.pcap.out | 12 |
1 files changed, 6 insertions, 6 deletions
diff --git a/test/results/iphone.pcap.out b/test/results/iphone.pcap.out index 5f7b8581f..176b2dea0 100644 --- a/test/results/iphone.pcap.out +++ b/test/results/iphone.pcap.out @@ -92,7 +92,7 @@ 00647{"flow_event_id":5,"flow_event_name":"detected","thread_id":0,"packet_id":52,"source":"iphone.pcap","alias":"nDPId-test","flow_id":20,"flow_packet_id":1,"flow_first_seen":1582454598212,"flow_last_seen":0,"flow_min_l4_payload_len":40,"flow_max_l4_payload_len":40,"flow_tot_l4_payload_len":40,"flow_avg_l4_payload_len":40,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.2.17","dst_ip":"192.168.2.1","src_port":55914,"dst_port":53,"l4_proto":"udp","ndpi": {"proto":"DNS.Apple","breed":"Safe","category":"Web"},"dns": {"query":"gsp85-ssl.ls.apple.com","num_queries":0,"num_answers":0,"reply_code":0,"query_type":1,"rsp_type":0,"rsp_addr":"0.0.0.0"}} 00482{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":53,"source":"iphone.pcap","alias":"nDPId-test","flow_id":21,"flow_packet_id":1,"flow_first_seen":1582454598246,"flow_last_seen":0,"flow_min_l4_payload_len":35,"flow_max_l4_payload_len":35,"flow_tot_l4_payload_len":35,"flow_avg_l4_payload_len":35,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.2.17","dst_ip":"192.168.2.1","src_port":51007,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00441{"flow_id":21,"flow_packet_id":1,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":53,"source":"iphone.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1582454598,"pkt_ts_usec":246275,"pkt_caplen":77,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":77,"pkt_l4_len":43,"pkt":"xiwDYGpkxGGLNYKpCABFAAA\/VFIAAP8R4fjAqAIRwKgCAcc\/ADUAK6bSYEMBAAABAAAAAAAAB2NhcHRpdmUFYXBwbGUDY29tAAABAAE="} -00656{"flow_event_id":5,"flow_event_name":"detected","thread_id":0,"packet_id":53,"source":"iphone.pcap","alias":"nDPId-test","flow_id":21,"flow_packet_id":1,"flow_first_seen":1582454598246,"flow_last_seen":0,"flow_min_l4_payload_len":35,"flow_max_l4_payload_len":35,"flow_tot_l4_payload_len":35,"flow_avg_l4_payload_len":35,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.2.17","dst_ip":"192.168.2.1","src_port":51007,"dst_port":53,"l4_proto":"udp","ndpi": {"proto":"DNS","breed":"Acceptable","category":"ConnectivityCheck"},"dns": {"query":"captive.apple.com","num_queries":0,"num_answers":0,"reply_code":0,"query_type":1,"rsp_type":0,"rsp_addr":"0.0.0.0"}} +00648{"flow_event_id":5,"flow_event_name":"detected","thread_id":0,"packet_id":53,"source":"iphone.pcap","alias":"nDPId-test","flow_id":21,"flow_packet_id":1,"flow_first_seen":1582454598246,"flow_last_seen":0,"flow_min_l4_payload_len":35,"flow_max_l4_payload_len":35,"flow_tot_l4_payload_len":35,"flow_avg_l4_payload_len":35,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.2.17","dst_ip":"192.168.2.1","src_port":51007,"dst_port":53,"l4_proto":"udp","ndpi": {"proto":"DNS","breed":"Acceptable","category":"ConnCheck"},"dns": {"query":"captive.apple.com","num_queries":0,"num_answers":0,"reply_code":0,"query_type":1,"rsp_type":0,"rsp_addr":"0.0.0.0"}} 00674{"flow_id":18,"flow_packet_id":2,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":54,"source":"iphone.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1582454598,"pkt_ts_usec":247243,"pkt_caplen":252,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":252,"pkt_l4_len":218,"pkt":"xGGLNYKpxiwDYGpkCABFAADuMPYAAEARw6bAqAIBwKgCEQA19qcA2lqQHhSBgAABAAkAAAAADXAyNi1mbWZtb2JpbGUGaWNsb3VkA2NvbQAAAQABwAwABQABAAARlgAcCWZtZm1vYmlsZQJmZQlhcHBsZS1kbnMDbmV0AMA2AAEAAQAAAA8ABBH4uYzANgABAAEAAAAPAAQR+IMIwDYAAQABAAAADwAEEfiDysA2AAEAAQAAAA8ABBH4g8vANgABAAEAAAAPAAQR+LmkwDYAAQABAAAADwAEEfi5Z8A2AAEAAQAAAA8ABBH4g7LANgABAAEAAAAPAAQR+Lkw"} 00691{"flow_event_id":6,"flow_event_name":"detection-update","thread_id":0,"packet_id":54,"source":"iphone.pcap","alias":"nDPId-test","flow_id":18,"flow_packet_id":2,"flow_first_seen":1582454598205,"flow_last_seen":1582454598247,"flow_min_l4_payload_len":42,"flow_max_l4_payload_len":210,"flow_tot_l4_payload_len":252,"flow_avg_l4_payload_len":126,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.2.17","dst_ip":"192.168.2.1","src_port":63143,"dst_port":53,"l4_proto":"udp","ndpi": {"proto":"DNS.AppleiCloud","breed":"Acceptable","category":"Web"},"dns": {"query":"p26-fmfmobile.icloud.com","num_queries":1,"num_answers":9,"reply_code":0,"query_type":1,"rsp_type":1,"rsp_addr":"17.248.185.140"}} 00690{"flow_id":17,"flow_packet_id":2,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":55,"source":"iphone.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1582454598,"pkt_ts_usec":247382,"pkt_caplen":264,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":264,"pkt_l4_len":230,"pkt":"xGGLNYKpxiwDYGpkCABFAAD6F4oAAEAR3QbAqAIBwKgCEQA195UA5qzeldOBgAABAAkAAAAAE3AyNi1rZXl2YWx1ZXNlcnZpY2UGaWNsb3VkA2NvbQAAAQABwAwABQABAAARlgAiD2tleXZhbHVlc2VydmljZQJmZQlhcHBsZS1kbnMDbmV0AMA8AAEAAQAAADUABBH4uVfAPAABAAEAAAA1AAQR+LkmwDwAAQABAAAANQAEEfi5J8A8AAEAAQAAADUABBH4uQrAPAABAAEAAAA1AAQR+IOrwDwAAQABAAAANQAEEfi5Z8A8AAEAAQAAADUABBH4uYTAPAABAAEAAAA1AAQR+LmN"} @@ -104,7 +104,7 @@ 00482{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":58,"source":"iphone.pcap","alias":"nDPId-test","flow_id":22,"flow_packet_id":1,"flow_first_seen":1582454598252,"flow_last_seen":0,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":0,"flow_tot_l4_payload_len":0,"flow_avg_l4_payload_len":0,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.2.17","dst_ip":"17.248.185.140","src_port":50575,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15} 00442{"flow_id":22,"flow_packet_id":1,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":58,"source":"iphone.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1582454598,"pkt_ts_usec":252419,"pkt_caplen":78,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":78,"pkt_l4_len":44,"pkt":"xiwDYGpkxGGLNYKpCABFAABAAABAAEAGrHrAqAIREfi5jMWPAbsN6rbUAAAAALDC\/\/8jQQAAAgQFtAEDAwcBAQgKEd\/m0wAAAAAEAgAA"} 00635{"flow_id":21,"flow_packet_id":2,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":59,"source":"iphone.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1582454598,"pkt_ts_usec":287759,"pkt_caplen":221,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":221,"pkt_l4_len":187,"pkt":"xGGLNYKpxiwDYGpkCABFAADPyCcAAEARLJTAqAIBwKgCEQA1xz8Au1lGYEOBgAABAAUAAAAAB2NhcHRpdmUFYXBwbGUDY29tAAABAAHADAAFAAEAABGWACoMY2FwdGl2ZS1jaWRyDG9yaWdpbi1hcHBsZQNjb20GYWthZG5zA25ldADALwAFAAEAAAC8AA4LY2FwdGl2ZS1jZG7APMBlAAUAAQAAAOYAFAdjYXB0aXZlAWcHYWFwbGltZ8AawH8AAQABAAAAEQAEEf1pysB\/AAEAAQAAABEABBH9Nco="} -00686{"flow_event_id":6,"flow_event_name":"detection-update","thread_id":0,"packet_id":59,"source":"iphone.pcap","alias":"nDPId-test","flow_id":21,"flow_packet_id":2,"flow_first_seen":1582454598246,"flow_last_seen":1582454598287,"flow_min_l4_payload_len":35,"flow_max_l4_payload_len":179,"flow_tot_l4_payload_len":214,"flow_avg_l4_payload_len":107,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.2.17","dst_ip":"192.168.2.1","src_port":51007,"dst_port":53,"l4_proto":"udp","ndpi": {"proto":"DNS.Apple","breed":"Safe","category":"ConnectivityCheck"},"dns": {"query":"captive.apple.com","num_queries":1,"num_answers":5,"reply_code":0,"query_type":1,"rsp_type":1,"rsp_addr":"17.253.105.202"}} +00678{"flow_event_id":6,"flow_event_name":"detection-update","thread_id":0,"packet_id":59,"source":"iphone.pcap","alias":"nDPId-test","flow_id":21,"flow_packet_id":2,"flow_first_seen":1582454598246,"flow_last_seen":1582454598287,"flow_min_l4_payload_len":35,"flow_max_l4_payload_len":179,"flow_tot_l4_payload_len":214,"flow_avg_l4_payload_len":107,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.2.17","dst_ip":"192.168.2.1","src_port":51007,"dst_port":53,"l4_proto":"udp","ndpi": {"proto":"DNS.Apple","breed":"Safe","category":"ConnCheck"},"dns": {"query":"captive.apple.com","num_queries":1,"num_answers":5,"reply_code":0,"query_type":1,"rsp_type":1,"rsp_addr":"17.253.105.202"}} 00482{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":60,"source":"iphone.pcap","alias":"nDPId-test","flow_id":23,"flow_packet_id":1,"flow_first_seen":1582454598373,"flow_last_seen":0,"flow_min_l4_payload_len":32,"flow_max_l4_payload_len":32,"flow_tot_l4_payload_len":32,"flow_avg_l4_payload_len":32,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.2.17","dst_ip":"192.168.2.1","src_port":55457,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00435{"flow_id":23,"flow_packet_id":1,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":60,"source":"iphone.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1582454598,"pkt_ts_usec":373077,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"pkt":"xiwDYGpkxGGLNYKpCABFAAA8dgsAAP8RwELAqAIRwKgCAdihADUAKKMQFxsBAAABAAAAAAAABG1lc3UFYXBwbGUDY29tAAABAAE="} 00639{"flow_event_id":5,"flow_event_name":"detected","thread_id":0,"packet_id":60,"source":"iphone.pcap","alias":"nDPId-test","flow_id":23,"flow_packet_id":1,"flow_first_seen":1582454598373,"flow_last_seen":0,"flow_min_l4_payload_len":32,"flow_max_l4_payload_len":32,"flow_tot_l4_payload_len":32,"flow_avg_l4_payload_len":32,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.2.17","dst_ip":"192.168.2.1","src_port":55457,"dst_port":53,"l4_proto":"udp","ndpi": {"proto":"DNS.Apple","breed":"Safe","category":"Web"},"dns": {"query":"mesu.apple.com","num_queries":0,"num_answers":0,"reply_code":0,"query_type":1,"rsp_type":0,"rsp_addr":"0.0.0.0"}} @@ -148,7 +148,7 @@ 00655{"flow_event_id":5,"flow_event_name":"detected","thread_id":0,"packet_id":85,"source":"iphone.pcap","alias":"nDPId-test","flow_id":30,"flow_packet_id":1,"flow_first_seen":1582454598542,"flow_last_seen":0,"flow_min_l4_payload_len":36,"flow_max_l4_payload_len":36,"flow_tot_l4_payload_len":36,"flow_avg_l4_payload_len":36,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.2.17","dst_ip":"192.168.2.1","src_port":52852,"dst_port":53,"l4_proto":"udp","ndpi": {"proto":"DNS.AppleiCloud","breed":"Acceptable","category":"Web"},"dns": {"query":"gateway.icloud.com","num_queries":0,"num_answers":0,"reply_code":0,"query_type":1,"rsp_type":0,"rsp_addr":"0.0.0.0"}} 00424{"flow_id":27,"flow_packet_id":3,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":86,"source":"iphone.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1582454598,"pkt_ts_usec":544705,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"pkt":"xiwDYGpkxGGLNYKpCABFAAA0AABAAEAG\/EPAqAIREf1pysAAAFAslesym7UszoAQCBZUCQAAAQEIChHf5+gdNCSF"} 00602{"flow_id":27,"flow_packet_id":4,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":87,"source":"iphone.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1582454598,"pkt_ts_usec":545135,"pkt_caplen":197,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":197,"pkt_l4_len":163,"pkt":"xiwDYGpkxGGLNYKpCABFAgC3AABAAEAG+77AqAIREf1pysAAAFAslesym7UszoAYCBZ75QAAAQEIChHf5+kdNCSFR0VUIC9ob3RzcG90LWRldGVjdC5odG1sIEhUVFAvMS4wDQpIb3N0OiBjYXB0aXZlLmFwcGxlLmNvbQ0KQ29ubmVjdGlvbjogY2xvc2UNClVzZXItQWdlbnQ6IENhcHRpdmVOZXR3b3JrU3VwcG9ydC0zOTAuNjAuMSB3aXNwcg0KDQo="} -00707{"flow_event_id":5,"flow_event_name":"detected","thread_id":0,"packet_id":87,"source":"iphone.pcap","alias":"nDPId-test","flow_id":27,"flow_packet_id":4,"flow_first_seen":1582454598387,"flow_last_seen":1582454598545,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":131,"flow_tot_l4_payload_len":131,"flow_avg_l4_payload_len":32,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.2.17","dst_ip":"17.253.105.202","src_port":49152,"dst_port":80,"l4_proto":"tcp","ndpi": {"proto":"HTTP.Apple","breed":"Safe","category":"ConnectivityCheck"},"http": {"hostname":"captive.apple.com","url":"captive.apple.com\/hotspot-detect.html","code":0,"content_type":"","user_agent":"CaptiveNetworkSupport-390.60.1 wispr"}} +00699{"flow_event_id":5,"flow_event_name":"detected","thread_id":0,"packet_id":87,"source":"iphone.pcap","alias":"nDPId-test","flow_id":27,"flow_packet_id":4,"flow_first_seen":1582454598387,"flow_last_seen":1582454598545,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":131,"flow_tot_l4_payload_len":131,"flow_avg_l4_payload_len":32,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.2.17","dst_ip":"17.253.105.202","src_port":49152,"dst_port":80,"l4_proto":"tcp","ndpi": {"proto":"HTTP.Apple","breed":"Safe","category":"ConnCheck"},"http": {"hostname":"captive.apple.com","url":"captive.apple.com\/hotspot-detect.html","code":0,"content_type":"","user_agent":"CaptiveNetworkSupport-390.60.1 wispr"}} 00424{"flow_id":26,"flow_packet_id":3,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":88,"source":"iphone.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1582454598,"pkt_ts_usec":545149,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"pkt":"xiwDYGpkxGGLNYKpCABFAAA0AABAAEAGZFvAqAIREYICLsWRAbsZOusY368Fo4AQBAtqWAAAAQEIChHf5\/C1T9He"} 01123{"flow_id":26,"flow_packet_id":4,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":89,"source":"iphone.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1582454598,"pkt_ts_usec":545339,"pkt_caplen":583,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":583,"pkt_l4_len":549,"pkt":"xiwDYGpkxGGLNYKpCABFAgI5AABAAEAGYlTAqAIREYICLsWRAbsZOusY368Fo4AYBAtvbAAAAQEIChHf5\/C1T9HeFgMBAgABAAH8AwM6mEOdusbq\/ybUNBuomqShrPK58qj3XjuDYY2EHh6A2yDTYkCcwL+VPEDok15qjRZu79\/9di6dUR8br4F4StJmaAA0EwETAhMDwCzAK8AkwCPACsAJzKnAMMAvwCjAJ8AUwBPMqACdAJwAPQA8ADUAL8AIwBIACgEAAX\/\/AQABAAAAABsAGQAAFmdzcDg1LXNzbC5scy5hcHBsZS5jb20AFwAAACMAAAANABgAFgQDCAQEAQUDAgMIBQgFBQEIBgYBAgEABQAFAQAAAAAAEgAAABAADgAMAmgyCGh0dHAvMS4xAAsAAgEAADMAJgAkAB0AIN+r0D4xweI5p++PFWedre1z33L6xxisP0vyRpUTwaJfAC0AAgEBACsACQgDBAMDAwIDAQAKAAoACAAdABcAGAAZABUAwwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="} 00792{"flow_event_id":5,"flow_event_name":"detected","thread_id":0,"packet_id":89,"source":"iphone.pcap","alias":"nDPId-test","flow_id":26,"flow_packet_id":4,"flow_first_seen":1582454598385,"flow_last_seen":1582454598545,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":517,"flow_tot_l4_payload_len":517,"flow_avg_l4_payload_len":129,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.2.17","dst_ip":"17.130.2.46","src_port":50577,"dst_port":443,"l4_proto":"tcp","ndpi": {"proto":"TLS.Apple","breed":"Safe","category":"Web"},"tls": {"version":"TLSv1.2","client_requested_server_name":"gsp85-ssl.ls.apple.com","ja3":"55271a105172d5f225e4704755b9b250","ja3s":"","unsafe_cipher":0,"cipher":"TLS_NULL_WITH_NULL_NULL","alpn":"h2,http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2,TLSv1.1,TLSv1"}} @@ -509,7 +509,7 @@ ~~ total detected protocols..: 52 ~~ total active/idle flows...: 53/53 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 2370441 bytes -~~ total memory freed........: 2370441 bytes -~~ total allocations/frees...: 34909/34909 +~~ total memory allocated....: 2358558 bytes +~~ total memory freed........: 2358558 bytes +~~ total allocations/frees...: 34237/34237 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |