diff options
| author | lns <matzeton@googlemail.com> | 2022-06-06 00:31:59 +0200 |
|---|---|---|
| committer | lns <matzeton@googlemail.com> | 2022-06-06 00:34:13 +0200 |
| commit | 3caf7727fd65e32e88d6e9153824b2dde68ade91 (patch) | |
| tree | 952a939fd2ebc6252621719882d851e6b297114c /test/results/pinterest.pcap.out | |
| parent | f5b002141300df8fcfe48ebcbd697c9227815559 (diff) | |
bump libnDPI to 0b3f8ed849cdf9971224c49a3958f0904a2bbbb5
* README/nDPId: fixed typ0
Signed-off-by: lns <matzeton@googlemail.com>
Diffstat (limited to 'test/results/pinterest.pcap.out')
| -rw-r--r-- | test/results/pinterest.pcap.out | 14 |
1 files changed, 7 insertions, 7 deletions
diff --git a/test/results/pinterest.pcap.out b/test/results/pinterest.pcap.out index 8ca79fb5c..bce77dd50 100644 --- a/test/results/pinterest.pcap.out +++ b/test/results/pinterest.pcap.out @@ -122,10 +122,10 @@ 01019{"flow_event_id":7,"flow_event_name":"detection-update","thread_id":0,"packet_id":8994,"source":"pinterest.pcap","alias":"nDPId-test","flow_id":21,"flow_state":"info","flow_packets_processed":6,"flow_first_seen":1605289715966,"flow_last_seen":1605289716084,"flow_idle_time":7580000,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":1208,"flow_tot_l4_payload_len":1725,"flow_avg_l4_payload_len":287,"midstream":0,"thread_ts_msec":1605289716084,"l3_proto":"ip6","src_ip":"2a01:cb01:2049:8b07:991d:ec85:28df:f629","dst_ip":"2a00:1450:4007:816::200a","src_port":47790,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"4":"DPI"},"proto":"TLS.GoogleServices","breed":"Acceptable","category":"Web"},"tls": {"version":"TLSv1.3","client_requested_server_name":"content-autofill.googleapis.com","ja3":"b32309a26951912be7dba376398abc3b","ja3s":"eb1d94daa7e0344597e756a1fb6e7054","unsafe_cipher":0,"cipher":"TLS_AES_128_GCM_SHA256","alpn":"h2,http\/1.1","tls_supported_versions":"GREASE,TLSv1.3,TLSv1.2,TLSv1.1,TLSv1"}} 00627{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":9522,"source":"pinterest.pcap","alias":"nDPId-test","flow_id":22,"flow_state":"info","flow_packets_processed":1,"flow_first_seen":1605289716168,"flow_last_seen":1605289716168,"flow_idle_time":7580000,"flow_min_l4_payload_len":158,"flow_max_l4_payload_len":158,"flow_tot_l4_payload_len":158,"flow_avg_l4_payload_len":158,"midstream":1,"thread_ts_msec":1605289716168,"l3_proto":"ip6","src_ip":"2a01:cb01:2049:8b07:991d:ec85:28df:f629","dst_ip":"2a00:1450:4007:805::2003","src_port":43562,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} 00721{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":9522,"source":"pinterest.pcap","alias":"nDPId-test","flow_id":22,"flow_packet_id":1,"flow_last_seen":1605289716168,"flow_idle_time":7580000,"pkt_oversize":false,"pkt_caplen":244,"pkt_type":34525,"pkt_l3_offset":14,"pkt_l4_offset":54,"pkt_len":244,"pkt_l4_len":190,"thread_ts_msec":1605289716168,"pkt":"qtsDr8lk5EKm5WPyht1gB32\/AL4GQCoBywEgSYsHmR3shSjf9ikqABRQQAcIBQAAAAAAACADqioBu9lam\/a\/4e68gBgE1TyJAAABAQgKZPSVcMK4jAQXAwMAmbA2YtBqXOwsPZhf0xplQUhs5uebiQ6HrXX0rQcB3CzDNqt6KEFEtOrnLbiyKoAl0\/PfpLU5lSyfN4b6GWAPMuxRzKK1mYHeU6cm19ssJsGj28uoKpDNJuLbc68jHie5jcE8\/swMHjb\/rsshDlUuBkbS0PBg+fBq\/uDg8aBU7dQCoscpqfDhz7OaLw8PBcid6Woaoneonk0XRQ=="} +00675{"flow_event_id":6,"flow_event_name":"detected","thread_id":0,"packet_id":9522,"source":"pinterest.pcap","alias":"nDPId-test","flow_id":22,"flow_state":"info","flow_packets_processed":1,"flow_first_seen":1605289716168,"flow_last_seen":1605289716168,"flow_idle_time":7580000,"flow_min_l4_payload_len":158,"flow_max_l4_payload_len":158,"flow_tot_l4_payload_len":158,"flow_avg_l4_payload_len":158,"midstream":1,"thread_ts_msec":1605289716168,"l3_proto":"ip6","src_ip":"2a01:cb01:2049:8b07:991d:ec85:28df:f629","dst_ip":"2a00:1450:4007:805::2003","src_port":43562,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"4":"DPI"},"proto":"TLS","breed":"Safe","category":"Web"}} 00670{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":9523,"source":"pinterest.pcap","alias":"nDPId-test","flow_id":22,"flow_packet_id":2,"flow_last_seen":1605289716168,"flow_idle_time":7580000,"pkt_oversize":false,"pkt_caplen":209,"pkt_type":34525,"pkt_l3_offset":14,"pkt_l4_offset":54,"pkt_len":209,"pkt_l4_len":155,"thread_ts_msec":1605289716168,"pkt":"qtsDr8lk5EKm5WPyht1gB32\/AJsGQCoBywEgSYsHmR3shSjf9ikqABRQQAcIBQAAAAAAACADqioBu9lanJS\/4e68gBgE1YEBAAABAQgKZPSVcMK4jAQXAwMAT0+KQ56NjlMHGW+d6G5ddduewRHnDyQJNOhFGSBeS16m4KVAja7XHlyuQrxKoq24Sn8bLVvUYgiRl0ogV926yAF+\/eBnK0DefdFCPgWpP6kXAwMAIh\/Eke2gVwnwKuWIWa9HbFAoJdRk5f1TigycRztSwvhmbFo="} 00501{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":9663,"source":"pinterest.pcap","alias":"nDPId-test","flow_id":22,"flow_packet_id":3,"flow_last_seen":1605289716192,"flow_idle_time":7580000,"pkt_oversize":false,"pkt_caplen":86,"pkt_type":34525,"pkt_l3_offset":14,"pkt_l4_offset":54,"pkt_len":86,"pkt_l4_len":32,"thread_ts_msec":1605289716192,"pkt":"5EKm5WPyqtsDr8lkht1gAAAAACAGPSoAFFBABwgFAAAAAAAAIAMqAcsBIEmLB5kd7IUo3\/YpAbuqKr\/h7rzZWpyUgBALf8h0AAABAQgKwrkp2GT0lXA="} -00686{"flow_event_id":5,"flow_event_name":"guessed","thread_id":0,"packet_id":9768,"source":"pinterest.pcap","alias":"nDPId-test","flow_id":22,"flow_state":"info","flow_packets_processed":32,"flow_first_seen":1605289716168,"flow_last_seen":1605289716199,"flow_idle_time":7580000,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":1208,"flow_tot_l4_payload_len":21339,"flow_avg_l4_payload_len":666,"midstream":1,"thread_ts_msec":1605289716199,"l3_proto":"ip6","src_ip":"2a01:cb01:2049:8b07:991d:ec85:28df:f629","dst_ip":"2a00:1450:4007:805::2003","src_port":43562,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"1":"Match by port"},"proto":"TLS","breed":"Safe","category":"Web"}} -00687{"flow_event_id":6,"flow_event_name":"detected","thread_id":0,"packet_id":9768,"source":"pinterest.pcap","alias":"nDPId-test","flow_id":22,"flow_state":"info","flow_packets_processed":32,"flow_first_seen":1605289716168,"flow_last_seen":1605289716199,"flow_idle_time":7580000,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":1208,"flow_tot_l4_payload_len":21339,"flow_avg_l4_payload_len":666,"midstream":1,"thread_ts_msec":1605289716199,"l3_proto":"ip6","src_ip":"2a01:cb01:2049:8b07:991d:ec85:28df:f629","dst_ip":"2a00:1450:4007:805::2003","src_port":43562,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"1":"Match by port"},"proto":"TLS","breed":"Safe","category":"Web"}} +00685{"flow_event_id":7,"flow_event_name":"detection-update","thread_id":0,"packet_id":9768,"source":"pinterest.pcap","alias":"nDPId-test","flow_id":22,"flow_state":"info","flow_packets_processed":32,"flow_first_seen":1605289716168,"flow_last_seen":1605289716199,"flow_idle_time":7580000,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":1208,"flow_tot_l4_payload_len":21339,"flow_avg_l4_payload_len":666,"midstream":1,"thread_ts_msec":1605289716199,"l3_proto":"ip6","src_ip":"2a01:cb01:2049:8b07:991d:ec85:28df:f629","dst_ip":"2a00:1450:4007:805::2003","src_port":43562,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"4":"DPI"},"proto":"TLS","breed":"Safe","category":"Web"}} 00620{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":14612,"source":"pinterest.pcap","alias":"nDPId-test","flow_id":23,"flow_state":"info","flow_packets_processed":1,"flow_first_seen":1605289717548,"flow_last_seen":1605289717548,"flow_idle_time":7580000,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":0,"flow_tot_l4_payload_len":0,"flow_avg_l4_payload_len":0,"midstream":0,"thread_ts_msec":1605289717548,"l3_proto":"ip6","src_ip":"2a01:cb01:2049:8b07:991d:ec85:28df:f629","dst_ip":"2a00:1450:4007:816::200d","src_port":40894,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} 00512{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":14612,"source":"pinterest.pcap","alias":"nDPId-test","flow_id":23,"flow_packet_id":1,"flow_last_seen":1605289717548,"flow_idle_time":7580000,"pkt_oversize":false,"pkt_caplen":94,"pkt_type":34525,"pkt_l3_offset":14,"pkt_l4_offset":54,"pkt_len":94,"pkt_l4_len":40,"thread_ts_msec":1605289717548,"pkt":"qtsDr8lk5EKm5WPyht1gD67DACgGQCoBywEgSYsHmR3shSjf9ikqABRQQAcIFgAAAAAAACANn74Bu+7PaD4AAAAAoAL9ID+FAAACBAWgBAIICjGG9eUAAAAAAQMDBw=="} 00514{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":14613,"source":"pinterest.pcap","alias":"nDPId-test","flow_id":23,"flow_packet_id":2,"flow_last_seen":1605289717572,"flow_idle_time":7580000,"pkt_oversize":false,"pkt_caplen":94,"pkt_type":34525,"pkt_l3_offset":14,"pkt_l4_offset":54,"pkt_len":94,"pkt_l4_len":40,"thread_ts_msec":1605289717572,"pkt":"5EKm5WPyqtsDr8lkht1gAAAAACgGPSoAFFBABwgWAAAAAAAAIA0qAcsBIEmLB5kd7IUo3\/YpAbufvovR75juz2g\/oBJXgHfiAAACBAV4AQMDAwQCCArCuS86MYb15Q=="} @@ -200,7 +200,7 @@ 00613{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":17657,"source":"pinterest.pcap","alias":"nDPId-test","flow_id":28,"flow_state":"info","flow_packets_processed":2,"flow_first_seen":1605289720502,"flow_last_seen":1605289720592,"flow_idle_time":7580000,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":0,"flow_tot_l4_payload_len":0,"flow_avg_l4_payload_len":0,"midstream":1,"thread_ts_msec":1605289734948,"l3_proto":"ip6","src_ip":"2a01:cb01:2049:8b07:991d:ec85:28df:f629","dst_ip":"2a04:4e42:1d::84","src_port":38402,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} 00669{"flow_event_id":5,"flow_event_name":"guessed","thread_id":0,"packet_id":17657,"source":"pinterest.pcap","alias":"nDPId-test","flow_id":30,"flow_state":"info","flow_packets_processed":2,"flow_first_seen":1605289722610,"flow_last_seen":1605289722642,"flow_idle_time":7580000,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":0,"flow_tot_l4_payload_len":0,"flow_avg_l4_payload_len":0,"midstream":1,"thread_ts_msec":1605289734948,"l3_proto":"ip6","src_ip":"2a01:cb01:2049:8b07:991d:ec85:28df:f629","dst_ip":"2a04:4e42:1d::84","src_port":38406,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"1":"Match by port"},"proto":"TLS","breed":"Safe","category":"Web"}} 00613{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":17657,"source":"pinterest.pcap","alias":"nDPId-test","flow_id":30,"flow_state":"info","flow_packets_processed":2,"flow_first_seen":1605289722610,"flow_last_seen":1605289722642,"flow_idle_time":7580000,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":0,"flow_tot_l4_payload_len":0,"flow_avg_l4_payload_len":0,"midstream":1,"thread_ts_msec":1605289734948,"l3_proto":"ip6","src_ip":"2a01:cb01:2049:8b07:991d:ec85:28df:f629","dst_ip":"2a04:4e42:1d::84","src_port":38406,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} -00727{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":17657,"source":"pinterest.pcap","alias":"nDPId-test","flow_id":22,"flow_state":"finished","flow_packets_processed":50,"flow_first_seen":1605289716168,"flow_last_seen":1605289716373,"flow_idle_time":7580000,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":1208,"flow_tot_l4_payload_len":32185,"flow_avg_l4_payload_len":643,"midstream":1,"thread_ts_msec":1605289734948,"l3_proto":"ip6","src_ip":"2a01:cb01:2049:8b07:991d:ec85:28df:f629","dst_ip":"2a00:1450:4007:805::2003","src_port":43562,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"1":"Match by port"},"proto":"TLS","breed":"Safe","category":"Web"}} +00717{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":17657,"source":"pinterest.pcap","alias":"nDPId-test","flow_id":22,"flow_state":"finished","flow_packets_processed":50,"flow_first_seen":1605289716168,"flow_last_seen":1605289716373,"flow_idle_time":7580000,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":1208,"flow_tot_l4_payload_len":32185,"flow_avg_l4_payload_len":643,"midstream":1,"thread_ts_msec":1605289734948,"l3_proto":"ip6","src_ip":"2a01:cb01:2049:8b07:991d:ec85:28df:f629","dst_ip":"2a00:1450:4007:805::2003","src_port":43562,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"4":"DPI"},"proto":"TLS","breed":"Safe","category":"Web"}} 00677{"flow_event_id":5,"flow_event_name":"guessed","thread_id":0,"packet_id":17657,"source":"pinterest.pcap","alias":"nDPId-test","flow_id":32,"flow_state":"info","flow_packets_processed":2,"flow_first_seen":1605289726582,"flow_last_seen":1605289726637,"flow_idle_time":7580000,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":0,"flow_tot_l4_payload_len":0,"flow_avg_l4_payload_len":0,"midstream":1,"thread_ts_msec":1605289734948,"l3_proto":"ip6","src_ip":"2a01:cb01:2049:8b07:991d:ec85:28df:f629","dst_ip":"2a00:1450:4007:816::200a","src_port":47682,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"1":"Match by port"},"proto":"TLS","breed":"Safe","category":"Web"}} 00621{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":17657,"source":"pinterest.pcap","alias":"nDPId-test","flow_id":32,"flow_state":"info","flow_packets_processed":2,"flow_first_seen":1605289726582,"flow_last_seen":1605289726637,"flow_idle_time":7580000,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":0,"flow_tot_l4_payload_len":0,"flow_avg_l4_payload_len":0,"midstream":1,"thread_ts_msec":1605289734948,"l3_proto":"ip6","src_ip":"2a01:cb01:2049:8b07:991d:ec85:28df:f629","dst_ip":"2a00:1450:4007:816::200a","src_port":47682,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} 00742{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":17657,"source":"pinterest.pcap","alias":"nDPId-test","flow_id":19,"flow_state":"finished","flow_packets_processed":71,"flow_first_seen":1605289715274,"flow_last_seen":1605289715612,"flow_idle_time":7580000,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":12420,"flow_tot_l4_payload_len":67017,"flow_avg_l4_payload_len":943,"midstream":0,"thread_ts_msec":1605289734948,"l3_proto":"ip6","src_ip":"2a01:cb01:2049:8b07:991d:ec85:28df:f629","dst_ip":"2a03:2880:f030:13:face:b00c::3","src_port":51292,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"4":"DPI"},"proto":"TLS.Facebook","breed":"Fun","category":"SocialNetwork"}} @@ -238,7 +238,7 @@ 00621{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":17657,"source":"pinterest.pcap","alias":"nDPId-test","flow_id":27,"flow_state":"info","flow_packets_processed":2,"flow_first_seen":1605289718347,"flow_last_seen":1605289718378,"flow_idle_time":7580000,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":0,"flow_tot_l4_payload_len":0,"flow_avg_l4_payload_len":0,"midstream":1,"thread_ts_msec":1605289734948,"l3_proto":"ip6","src_ip":"2a01:cb01:2049:8b07:991d:ec85:28df:f629","dst_ip":"2a00:1450:4007:80c::200a","src_port":57130,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} 00670{"flow_event_id":5,"flow_event_name":"guessed","thread_id":0,"packet_id":17657,"source":"pinterest.pcap","alias":"nDPId-test","flow_id":29,"flow_state":"info","flow_packets_processed":2,"flow_first_seen":1605289722442,"flow_last_seen":1605289722621,"flow_idle_time":7580000,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":0,"flow_tot_l4_payload_len":0,"flow_avg_l4_payload_len":0,"midstream":1,"thread_ts_msec":1605289734948,"l3_proto":"ip6","src_ip":"2a01:cb01:2049:8b07:991d:ec85:28df:f629","dst_ip":"2600:1901::7a0b::","src_port":46918,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"1":"Match by port"},"proto":"TLS","breed":"Safe","category":"Web"}} 00614{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":17657,"source":"pinterest.pcap","alias":"nDPId-test","flow_id":29,"flow_state":"info","flow_packets_processed":2,"flow_first_seen":1605289722442,"flow_last_seen":1605289722621,"flow_idle_time":7580000,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":0,"flow_tot_l4_payload_len":0,"flow_avg_l4_payload_len":0,"midstream":1,"thread_ts_msec":1605289734948,"l3_proto":"ip6","src_ip":"2a01:cb01:2049:8b07:991d:ec85:28df:f629","dst_ip":"2600:1901::7a0b::","src_port":46918,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} -00574{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":17657,"source":"pinterest.pcap","alias":"nDPId-test","packets-captured":17657,"packets-processed":17657,"total-skipped-flows":0,"total-l4-data-len":26490343,"total-not-detected-flows":0,"total-guessed-flows":17,"total-detected-flows":21,"total-detection-updates":31,"total-updates":0,"current-active-flows":0,"total-active-flows":37,"total-idle-flows":37,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":241,"global_ts_msec":1605289734948} +00574{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":17657,"source":"pinterest.pcap","alias":"nDPId-test","packets-captured":17657,"packets-processed":17657,"total-skipped-flows":0,"total-l4-data-len":26490343,"total-not-detected-flows":0,"total-guessed-flows":16,"total-detected-flows":21,"total-detection-updates":32,"total-updates":0,"current-active-flows":0,"total-active-flows":37,"total-idle-flows":37,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":241,"global_ts_msec":1605289734948} ~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ ~~ packets captured/processed: 17657/17657 ~~ skipped flows.............: 0 @@ -247,9 +247,9 @@ ~~ total active/idle flows...: 37/37 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 6629146 bytes -~~ total memory freed........: 6629146 bytes -~~ total allocations/frees...: 132273/132273 +~~ total memory allocated....: 7400342 bytes +~~ total memory freed........: 7400342 bytes +~~ total allocations/frees...: 137045/137045 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 465 chars ~~ json string max len.......: 3224 chars |