diff options
| author | Toni Uhlig <matzeton@googlemail.com> | 2021-08-03 11:26:44 +0200 |
|---|---|---|
| committer | Toni Uhlig <matzeton@googlemail.com> | 2021-08-03 12:37:59 +0200 |
| commit | 3a760355705761f46d57a70cca3a34834225ae97 (patch) | |
| tree | 273a6ac4a44af6bb33df0a36c7cd9b5b969c3bed /test/results/openvpn.pcap.out | |
| parent | c32461b032fd2fec74821f3bd5c9bcc2c9689de2 (diff) | |
bump libnDPI to 6b7e5fa8d251f11c1bae16ea892a43a92b098480
* fixed linking issue by using CMake to check if explicit link against libm required
* make nDPIsrvd collectd exit if parent pid changed, meaning that collectd died somehow
* nDPId-test restores SIGPIPE to the default handler (termination), so abnormal connection drop's do now have consequences
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
Diffstat (limited to 'test/results/openvpn.pcap.out')
| -rw-r--r-- | test/results/openvpn.pcap.out | 12 |
1 files changed, 6 insertions, 6 deletions
diff --git a/test/results/openvpn.pcap.out b/test/results/openvpn.pcap.out index ebf20a62e..1e573ef0c 100644 --- a/test/results/openvpn.pcap.out +++ b/test/results/openvpn.pcap.out @@ -6,7 +6,7 @@ 00485{"flow_id":1,"flow_packet_id":4,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":4,"source":"openvpn.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1467904947,"pkt_ts_usec":700508,"pkt_caplen":110,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":110,"pkt_l4_len":76,"pkt":"hCYVLjtSAA6OGXEMCABFAABgANdAAEAGYYzAqAFNLmXn2ursAbu+lXufbMVVl4AYOQicxwAAAQEICgANe68ANCgCACo4krivSnd\/x0J4ECTCdtmhqMIyGHmgImSzzLyAdwAAAAFXfnOzAAAAAAA="} 00422{"flow_id":1,"flow_packet_id":5,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":5,"source":"openvpn.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1467904947,"pkt_ts_usec":752893,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"pkt":"AA6OGXEMhCYVLjtSCABFoAA0fZtAADQG8FMuZefawKgBTQG76uxsxVWXvpV7y4AQOJDXpgAAAQEICgA0KPsADXuv"} 00503{"flow_id":1,"flow_packet_id":6,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":6,"source":"openvpn.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1467904947,"pkt_ts_usec":753377,"pkt_caplen":122,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":122,"pkt_l4_len":88,"pkt":"AA6OGXEMhCYVLjtSCABFoABsfZxAADQG8BouZefawKgBTQG76uxsxVWXvpV7y4AYOJArBwAAAQEICgA0KPsADXuvADZA2RbEhgyx2M+jc8\/WYxWfwCU7Upc7GJ9\/bLnfiwAAAAFXfnN9AQAAAACSuK9Kd3\/HQgAAAAA="} -00528{"flow_event_id":5,"flow_event_name":"detected","thread_id":0,"packet_id":6,"source":"openvpn.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":6,"flow_first_seen":1467904946700,"flow_last_seen":1467904947753,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":56,"flow_tot_l4_payload_len":100,"flow_avg_l4_payload_len":16,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.1.77","dst_ip":"46.101.231.218","src_port":60140,"dst_port":443,"l4_proto":"tcp","ndpi": {"proto":"OpenVPN","breed":"Acceptable","category":"VPN"}} +00585{"flow_event_id":5,"flow_event_name":"detected","thread_id":0,"packet_id":6,"source":"openvpn.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":6,"flow_first_seen":1467904946700,"flow_last_seen":1467904947753,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":56,"flow_tot_l4_payload_len":100,"flow_avg_l4_payload_len":16,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.1.77","dst_ip":"46.101.231.218","src_port":60140,"dst_port":443,"l4_proto":"tcp","ndpi": {"flow_risk": {"5":"Known protocol on non standard port"},"proto":"OpenVPN","breed":"Acceptable","category":"VPN"}} 00422{"flow_id":1,"flow_packet_id":7,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":7,"source":"openvpn.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1467904947,"pkt_ts_usec":753403,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"pkt":"hCYVLjtSAA6OGXEMCABFAAA0ANhAAEAGYbfAqAFNLmXn2ursAbu+lXvLbMVVz4AQOQjW8QAAAQEICgANe7QANCj7"} 00497{"flow_id":1,"flow_packet_id":8,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":8,"source":"openvpn.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1467904947,"pkt_ts_usec":753584,"pkt_caplen":118,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":118,"pkt_l4_len":84,"pkt":"hCYVLjtSAA6OGXEMCABFAABoANlAAEAGYYLAqAFNLmXn2ursAbu+lXvLbMVVz4AYOQiyyQAAAQEICgANe7QANCj7ADIokrivSnd\/x0Iouku0o2HkwsWPIfcrIPU7eEbRwgAAAAJXfnOzAQAAAADZFsSGDLHYzw=="} 00423{"flow_id":1,"flow_packet_id":9,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":9,"source":"openvpn.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1467904947,"pkt_ts_usec":829783,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"pkt":"AA6OGXEMhCYVLjtSCABFoAA0fZ1AADQG8FEuZefawKgBTQG76uxsxVXPvpV7\/4AQOJDXIQAAAQEICgA0KQ8ADXu0"} @@ -20,7 +20,7 @@ 00489{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":96,"source":"openvpn.pcap","alias":"nDPId-test","flow_id":2,"flow_packet_id":1,"flow_first_seen":1470218591746,"flow_last_seen":0,"flow_min_l4_payload_len":42,"flow_max_l4_payload_len":42,"flow_tot_l4_payload_len":42,"flow_avg_l4_payload_len":42,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.43.12","dst_ip":"139.59.151.137","src_port":41507,"dst_port":13680,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15} 00448{"flow_id":2,"flow_packet_id":1,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":96,"source":"openvpn.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1470218591,"pkt_ts_usec":746723,"pkt_caplen":84,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":84,"pkt_l4_len":50,"pkt":"mAyC0zx8AAjKQoXqCABFAABG3rhAAEARTXXAqCsMizuXiaIjNXAAMosJOLAsz\/G18BdPwJFmbjsSS62jkXMxe5OXItH+Y74AAAABV6HBXwAAAAAA"} 00466{"flow_id":2,"flow_packet_id":2,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":97,"source":"openvpn.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1470218591,"pkt_ts_usec":941902,"pkt_caplen":96,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":96,"pkt_l4_len":62,"pkt":"AAjKQoXqmAyC0zx8CABFAABSYIhAADIR2ZmLO5eJwKgrDDVwoiMAPhWBQPd\/wu\/b4j9X3sTI1WVNByO\/jAvlQThWMnDPrhMAAAABV6HBXwEAAAAAsCzP8bXwF08AAAAA"} -00532{"flow_event_id":5,"flow_event_name":"detected","thread_id":0,"packet_id":97,"source":"openvpn.pcap","alias":"nDPId-test","flow_id":2,"flow_packet_id":2,"flow_first_seen":1470218591746,"flow_last_seen":1470218591941,"flow_min_l4_payload_len":42,"flow_max_l4_payload_len":54,"flow_tot_l4_payload_len":96,"flow_avg_l4_payload_len":48,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.43.12","dst_ip":"139.59.151.137","src_port":41507,"dst_port":13680,"l4_proto":"udp","ndpi": {"proto":"OpenVPN","breed":"Acceptable","category":"VPN"}} +00589{"flow_event_id":5,"flow_event_name":"detected","thread_id":0,"packet_id":97,"source":"openvpn.pcap","alias":"nDPId-test","flow_id":2,"flow_packet_id":2,"flow_first_seen":1470218591746,"flow_last_seen":1470218591941,"flow_min_l4_payload_len":42,"flow_max_l4_payload_len":54,"flow_tot_l4_payload_len":96,"flow_avg_l4_payload_len":48,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.43.12","dst_ip":"139.59.151.137","src_port":41507,"dst_port":13680,"l4_proto":"udp","ndpi": {"flow_risk": {"5":"Known protocol on non standard port"},"proto":"OpenVPN","breed":"Acceptable","category":"VPN"}} 00462{"flow_id":2,"flow_packet_id":3,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":98,"source":"openvpn.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1470218591,"pkt_ts_usec":942539,"pkt_caplen":92,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":92,"pkt_l4_len":58,"pkt":"mAyC0zx8AAjKQoXqCABFAABO3uZAAEARTT\/AqCsMizuXiaIjNXAAOpZEKLAsz\/G18BdPyDdJemqNaU65YLasCHjnV9mH+DAAAAACV6HBXwEAAAAA93\/C79viP1c="} 00801{"flow_id":2,"flow_packet_id":4,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":99,"source":"openvpn.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1470218591,"pkt_ts_usec":943377,"pkt_caplen":345,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":345,"pkt_l4_len":311,"pkt":"mAyC0zx8AAjKQoXqCABFAAFL3udAAEARTEHAqCsMizuXiaIjNXABN2YDILAsz\/G18BdPpXrCc4HfKvVooXdu\/RWr9x4wrZ0AAAADV6HBXwAAAAABFgMBAQABAAD8AwNE5fcPgzd79Sso6M19xG8bQl07yo41gslSLfJlFeywdgAAgsAwwCzAKMAkwBTACgClAKMAoQCfAGsAagBpAGgAOQA4ADcANgCIAIcAhgCFwDLALsAqwCbAD8AFwC\/AK8AnwCPAE8AJAKQAogCgAJ4AZwBAAD8APgAzADIAMQAwAEUARABDAELAMcAtwCnAJcAOwATAEsAIABYAEwAQAA3ADcADAP8BAABRAAsABAMAAQIACgAcABoAFwAZABwAGwAYABoAFgAOAA0ACwAMAAkACgANACAAHgYBBgIGAwUBBQIFAwQBBAIEAwMBAwIDAwIBAgICAwAPAAEB"} 00605{"flow_id":2,"flow_packet_id":5,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":100,"source":"openvpn.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1470218592,"pkt_ts_usec":119150,"pkt_caplen":196,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":196,"pkt_l4_len":162,"pkt":"AAjKQoXqmAyC0zx8CABFAAC2YKNAADIR2RqLO5eJwKgrDDVwoiMAohzKIPd\/wu\/b4j9X60eERHhjQN5zfeMCAdw3JKHt7ZoAAAACV6HBXwEAAAABsCzP8bXwF08AAAABFgMDAD4CAAA6AwNhg33pw8JOvroEJqnLpGmzYm+g0be9hVzmVAUEjVB5vQDAMAAAEv8BAAEAAAsABAMAAQIADwABARYDAwWWCwAFkgAFjwACzTCCAskwggGxoAMCAQICAQEwDQ=="} @@ -39,7 +39,7 @@ 00448{"flow_id":3,"flow_packet_id":1,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":179,"source":"openvpn.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1472334890,"pkt_ts_usec":224928,"pkt_caplen":84,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":84,"pkt_l4_len":50,"pkt":"mAyC0zx8MFLLbJwbCABFAABGe8pAAEARsF3AqCsSizuXiTVwNXAAMg7DOGYO4pqkkLBZfF5v2e87DGOeGNd7GPORrKCUl+wAAAABV8IMKgAAAAAA"} 00449{"flow_id":3,"flow_packet_id":2,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":180,"source":"openvpn.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1472334892,"pkt_ts_usec":420816,"pkt_caplen":84,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":84,"pkt_l4_len":50,"pkt":"mAyC0zx8MFLLbJwbCABFAABGfNNAAEARr1TAqCsSizuXiTVwNXAAMg7DOGYO4pqkkLBZptsOrY2Z8Me\/lrzRmp5vsU3x26QAAAACV8IMKgAAAAAA"} 00464{"flow_id":3,"flow_packet_id":3,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":181,"source":"openvpn.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1472334892,"pkt_ts_usec":467380,"pkt_caplen":96,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":96,"pkt_l4_len":62,"pkt":"MFLLbJwbmAyC0zx8CABFAABSgmRAADERuLeLO5eJwKgrEjVwNXAAPoh1QDWQheTdAi5E5ZNzw1yvtD56Ix7qRbnOSoCURYgAAAABV8IMLQEAAAAAZg7imqSQsFkAAAAA"} -00534{"flow_event_id":5,"flow_event_name":"detected","thread_id":0,"packet_id":181,"source":"openvpn.pcap","alias":"nDPId-test","flow_id":3,"flow_packet_id":3,"flow_first_seen":1472334890224,"flow_last_seen":1472334892467,"flow_min_l4_payload_len":42,"flow_max_l4_payload_len":54,"flow_tot_l4_payload_len":138,"flow_avg_l4_payload_len":46,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.43.18","dst_ip":"139.59.151.137","src_port":13680,"dst_port":13680,"l4_proto":"udp","ndpi": {"proto":"OpenVPN","breed":"Acceptable","category":"VPN"}} +00591{"flow_event_id":5,"flow_event_name":"detected","thread_id":0,"packet_id":181,"source":"openvpn.pcap","alias":"nDPId-test","flow_id":3,"flow_packet_id":3,"flow_first_seen":1472334890224,"flow_last_seen":1472334892467,"flow_min_l4_payload_len":42,"flow_max_l4_payload_len":54,"flow_tot_l4_payload_len":138,"flow_avg_l4_payload_len":46,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.43.18","dst_ip":"139.59.151.137","src_port":13680,"dst_port":13680,"l4_proto":"udp","ndpi": {"flow_risk": {"5":"Known protocol on non standard port"},"proto":"OpenVPN","breed":"Acceptable","category":"VPN"}} 00461{"flow_id":3,"flow_packet_id":4,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":182,"source":"openvpn.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1472334892,"pkt_ts_usec":467532,"pkt_caplen":92,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":92,"pkt_l4_len":58,"pkt":"mAyC0zx8MFLLbJwbCABFAABOfN1AAEARr0LAqCsSizuXiTVwNXAAOg7LKGYO4pqkkLBZccsCgHbPMustlcqr4N4\/rNnPtukAAAADV8IMKgEAAAAANZCF5N0CLkQ="} 00802{"flow_id":3,"flow_packet_id":5,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":183,"source":"openvpn.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1472334892,"pkt_ts_usec":467660,"pkt_caplen":345,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":345,"pkt_l4_len":311,"pkt":"mAyC0zx8MFLLbJwbCABFAAFLfN5AAEARrkTAqCsSizuXiTVwNXABNw\/IIGYO4pqkkLBZmyjlNBaAxD3dZ4KkKKFzUtIqpCkAAAAEV8IMKgAAAAABFgMBAQABAAD8AwPWitxhdgXJqtNghCcqHLNlospc\/gDFPYmAVgJE80nHTgAAgsAwwCzAKMAkwBTACgClAKMAoQCfAGsAagBpAGgAOQA4ADcANgCIAIcAhgCFwDLALsAqwCbAD8AFwC\/AK8AnwCPAE8AJAKQAogCgAJ4AZwBAAD8APgAzADIAMQAwAEUARABDAELAMcAtwCnAJcAOwATAEsAIABYAEwAQAA3ADcADAP8BAABRAAsABAMAAQIACgAcABoAFwAZABwAGwAYABoAFgAOAA0ACwAMAAkACgANACAAHgYBBgIGAwUBBQIFAwQBBAIEAwMBAwIDAwIBAgICAwAPAAEB"} 00460{"flow_id":3,"flow_packet_id":6,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":184,"source":"openvpn.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1472334892,"pkt_ts_usec":670483,"pkt_caplen":92,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":92,"pkt_l4_len":58,"pkt":"MFLLbJwbmAyC0zx8CABFAABOgnVAADERuKqLO5eJwKgrEjVwNXAAOufqKDWQheTdAi5ERcnhMU0OXaVp8mkudfeRDM6N9ckAAAACV8IMLQEAAAAAZg7imqSQsFk="} @@ -61,7 +61,7 @@ ~~ total detected protocols..: 3 ~~ total active/idle flows...: 3/3 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 1758453 bytes -~~ total memory freed........: 1758453 bytes -~~ total allocations/frees...: 33624/33624 +~~ total memory allocated....: 1943716 bytes +~~ total memory freed........: 1943716 bytes +~~ total allocations/frees...: 35629/35629 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |