diff options
| author | Toni Uhlig <matzeton@googlemail.com> | 2022-02-05 15:09:21 +0100 |
|---|---|---|
| committer | Toni Uhlig <matzeton@googlemail.com> | 2022-02-05 15:27:13 +0100 |
| commit | cb80c415d8a20b03f0d6a8f2fc38e8c8250a04da (patch) | |
| tree | 70e53424c24795b3e9a159f8cfaa05e1630064a8 /test/results/quic-v2-00.pcapng.out | |
| parent | 6fd6dff14d964aa8e5cf7ff3ec5a70c220ea61b4 (diff) | |
Improved py-flow-info to provide more optional information about received timestamps.
* py-flow-dashboard: Added color mapping for PieCharts/Graph that make more sense
* nDPId: Renamed `flow_type' to a more precisely `flow_state'
* nDPId: Changed the default setting to process only as much packets as libnDPI does
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
Diffstat (limited to 'test/results/quic-v2-00.pcapng.out')
| -rw-r--r-- | test/results/quic-v2-00.pcapng.out | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/test/results/quic-v2-00.pcapng.out b/test/results/quic-v2-00.pcapng.out index 931979856..3e9520d94 100644 --- a/test/results/quic-v2-00.pcapng.out +++ b/test/results/quic-v2-00.pcapng.out @@ -1,4 +1,4 @@ -00445{"daemon_event_id":1,"daemon_event_name":"init","thread_id":0,"packet_id":0,"source":"quic-v2-00.pcapng","alias":"nDPId-test","max-flows-per-thread":2048,"max-idle-flows-per-thread":64,"tick-resolution":1000,"reader-thread-count":1,"flow-scan-interval":10000,"generic-max-idle-time":600000,"icmp-max-idle-time":120000,"udp-max-idle-time":180000,"tcp-max-idle-time":7560000,"max-packets-per-flow-to-send":3,"max-packets-per-flow-to-process":255} +00444{"daemon_event_id":1,"daemon_event_name":"init","thread_id":0,"packet_id":0,"source":"quic-v2-00.pcapng","alias":"nDPId-test","max-flows-per-thread":2048,"max-idle-flows-per-thread":64,"tick-resolution":1000,"reader-thread-count":1,"flow-scan-interval":10000,"generic-max-idle-time":600000,"icmp-max-idle-time":120000,"udp-max-idle-time":180000,"tcp-max-idle-time":7560000,"max-packets-per-flow-to-send":3,"max-packets-per-flow-to-process":32} 00586{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1,"source":"quic-v2-00.pcapng","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_packets_processed":1,"flow_first_seen":1637834659980,"flow_last_seen":1637834659980,"flow_idle_time":180000,"flow_min_l4_payload_len":1252,"flow_max_l4_payload_len":1252,"flow_tot_l4_payload_len":1252,"flow_avg_l4_payload_len":1252,"midstream":0,"ts_msec":1637834659980,"l3_proto":"ip4","src_ip":"192.168.56.1","dst_ip":"192.168.56.198","src_port":50277,"dst_port":4443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 02130{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1,"source":"quic-v2-00.pcapng","alias":"nDPId-test","flow_id":1,"flow_packet_id":1,"flow_last_seen":1637834659980,"flow_idle_time":180000,"pkt_oversize":false,"pkt_caplen":1294,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1294,"pkt_l4_len":1260,"ts_msec":1637834659980,"pkt":"CAAnfrFjCgAnAAAACABFAgUApRBAAEARnsLAqDgBwKg4xsRlEVsE7OHRwv8CAAAIrj891mmhU7MITo0Xtz5eoNQARMoxqNSV7ADoFS7QxZ4\/HLjYUQBcyNcuN8bWG62+xF99Aye9DaJmsH6KCNcXJhjzha2fPdBZdc4Nidwy8pCVeYmH4yM6vXMdZ9UMG9ccEeFY0I8OcdmCSXa5odhdufBB8IiExzry\/kH3tbfUjXG04iCN+nOW3sUvM9jYBjMbDtvxmp3pNIhkRBYoqbdUsrgnC8gxSkuovl57ULo\/sHveA0VUZAGJSxTmVKe0r07WTY8Vme8cfKQuhCJyJQ0u6fy9TRgZZXMRXC0eJFf7TJ8th7p5hroNv6bLzmOuPgjvNTNJHwrDyFSySUxVtcYIdHVVK87NTKPpEsdU1rVG0M5a4NB7IceprsnY26+xxntF6CSj3awhr3bTkwpEEUY97+p1ajX+D8g1I4aOX6rhaGAvrlzvXuUaEGOgKPnQ+AUWgI4et+ESZ0jx95yNVOZMOIz03NHVCKK7sdoCvaV6DvfXrxC8VlZ\/voiimBSm4fxQtoq\/ehX+TDbJpuRVnW6tNqvoqo6b\/2mSeCze+AQTzCbQpJ9VxRP1OFSZb\/ZvwGL1xj+B+gsuWBOb2AKjTbcvrTFxQzjTz05z\/BTm\/8w6cUnlTZjNa6p5dHreDqezRbSD7lRQGWYzSIxQvxfAw3DmeDsgfIfLxIqlbjPAc7d1HLNRpPfAu9Xl2s0TOHTNNjxjvzFCmvhejA7r8fwovA9MGeABUWwJKX2lyb2KKRc6ZJ\/qwh1AmX1b27zLxiD3bmnWKipDS2J7nLbuit+X+x06cImd6I0jpxyszf9KlN8iShBGZLqWJuv4Sjm\/dbK5NAaFMyuxjutoHwHvt07Y0ybvrYM9q8eVqN2oXETUg3Q3JUPV6WrxRbJl02cOpYDWQmBbK32W+peQ6GgIPEGKh9xa53uYTOijgYPO7CzdBEq3yxlRm5mC45k9OnUXWP+pF\/\/3iqFzsEKAmw40YLrHgEhrRPwPwjA\/dEAdjlHQzLuPuJq\/lyh\/hngZe3iwYssgO+tjI9yT4GdtlNlxQxO2O3GnJGqReBKmRxUAIhvO4FGZvjzwaSnuQrlkrbMarvFnXBuA5xyokJGnx4Iuzxr8AuV8zTQH+3jPA\/IQu7te8iyjuipCCygjw5xX59DLE12WjOG6koGVDaTnK7EbaGXrceFbkurw9qrtaiM69Yc9LMJ8TlSB2bvsKUS5ROi5bB7Lkinodsq5TR+EIX9Vm4IdcjVjEMLk4PtAnY002vWcKoj7dqnG3PPxJ9jU5ZgalNcld216l74snMEx+DiVUziQSuix\/uhvgPCsbbNV7hTCbZgZrDyKiDQRY4+3\/aHIQ1egJTtTtCRN9\/hWBzta55pccPOZDmu4uFONofh4h8xzoTP70OytaDdl0wQ\/Ei3lAuHXsCv8+mDaCq5lkkdaZ4yec+Y7QXFDsftrwvwkHfmK1cVGIkQNhKGTJhXsAPIvMTJrvHKrKfkAkhkpujyQ9rOaLYnu9tKAqSFHSGbT4+tf9GwvC\/qe1icEqu7DGJuTrYJX248FiL4Ch+mdl93W3xuioDiePz\/LIUFTufH2qrWjaZO246tacboPOhhUtoHXq9yDKn+WDGCcQai7+YX70MiOjB7M+ZA9r4rhA4BnGOCHFairuSvx7tyf1IdmjIxzRQkOzw=="} 00982{"flow_event_id":6,"flow_event_name":"detected","thread_id":0,"packet_id":1,"source":"quic-v2-00.pcapng","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_packets_processed":1,"flow_first_seen":1637834659980,"flow_last_seen":1637834659980,"flow_idle_time":180000,"flow_min_l4_payload_len":1252,"flow_max_l4_payload_len":1252,"flow_tot_l4_payload_len":1252,"flow_avg_l4_payload_len":1252,"midstream":0,"ts_msec":1637834659980,"l3_proto":"ip4","src_ip":"192.168.56.1","dst_ip":"192.168.56.198","src_port":50277,"dst_port":4443,"l4_proto":"udp","ndpi": {"flow_risk": {"5":"Known protocol on non standard port","24":"SNI TLS extension was missing"},"proto":"QUIC","breed":"Acceptable","category":"Web"},"quic": {"version":"TLSv1.3","alpn":"h3-34,hq-34,h3-33,hq-33,h3-32,hq-32,h3-31,hq-31,h3-29,hq-29,h3-30,hq-30,h3-28,hq-28,h3-27,hq-27,h3,hq-interop","ja3":"0299b052ace53a14c3a04aceb5efd247","tls_supported_versions":"TLSv1.3,TLSv1.3 (draft),TLSv1.3 (draft),TLSv1.3 (draft)"}} |