bump libnDPI to f8869cd670adc439cc41bde0bd04960e1befafc5HEADmain

 * fix API issue due to changed name of a public struct

Signed-off-by: Toni Uhlig <matzeton@googlemail.com>

2 files changed, 15 insertions, 35 deletions

diff --git a/test/results/stun_only_peer_address_enabled/stun_wa_call.pcapng.out b/test/results/stun_only_peer_address_enabled/stun_wa_call.pcapng.out
index 26c546042..58770785f 100644
--- a/test/results/stun_only_peer_address_enabled/stun_wa_call.pcapng.out
+++ b/test/results/stun_only_peer_address_enabled/stun_wa_call.pcapng.out
@@ -1,44 +1,34 @@
-00642{"daemon_event_id":1,"daemon_event_name":"init","thread_id":0,"packet_id":0,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"max-flows-per-thread":32768,"max-idle-flows-per-thread":1024,"reader-thread-count":1,"flow-scan-interval":10000000,"generic-max-idle-time":600000000,"icmp-max-idle-time":120000000,"udp-max-idle-time":180000000,"tcp-max-idle-time":7560000000,"max-packets-per-flow-to-send":5,"max-packets-per-flow-to-process":32,"max-packets-per-flow-to-analyse":32,"global_ts_usec":0}
-00863{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":1,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":1,"packets-processed":0,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":0,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":0,"total-detection-updates":0,"total-updates":0,"current-active-flows":0,"total-active-flows":0,"total-idle-flows":0,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2,"global_ts_usec":1676659968029444}
+00642{"daemon_event_id":1,"daemon_event_name":"init","thread_id":0,"packet_id":0,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.15.0-5258-f8869cd","ndpi_api_version":12317,"size_per_flow":1384,"max-flows-per-thread":32768,"max-idle-flows-per-thread":1024,"reader-thread-count":1,"flow-scan-interval":10000000,"generic-max-idle-time":600000000,"icmp-max-idle-time":120000000,"udp-max-idle-time":180000000,"tcp-max-idle-time":7560000000,"max-packets-per-flow-to-send":5,"max-packets-per-flow-to-process":32,"max-packets-per-flow-to-analyse":32,"global_ts_usec":0}
+00863{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":1,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.15.0-5258-f8869cd","ndpi_api_version":12317,"size_per_flow":1384,"packets-captured":1,"packets-processed":0,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":0,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":0,"total-detection-updates":0,"total-updates":0,"current-active-flows":0,"total-active-flows":0,"total-idle-flows":0,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2,"global_ts_usec":1676659968029444}
 00811{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1676659968029444,"flow_src_last_pkt_time":1676659968029444,"flow_dst_last_pkt_time":1676659968029444,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":212,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":212,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":212,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1676659968029444,"l3_proto":"ip4","src_ip":"192.168.12.156","dst_ip":"93.57.123.227","src_port":46652,"dst_port":3478,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
 00828{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":1,"flow_packet_id":1,"flow_src_last_pkt_time":1676659968029444,"flow_dst_last_pkt_time":1676659968029444,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":254,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":254,"pkt_l4_len":220,"thread_ts_usec":1676659968029444,"pkt":"CL6sCxduJjb1W8R1CABFwADw\/iFAAEARlLrAqAycXTl747Y8DZYA3LHsAAMAwCESpEJwdYtExyOnTtGTSiVAAACWCQK2KB7zQ7qLyqomatrasQEu9DL3wZ7hCtWVyMuhXanwNF5C+CJQZxH6MYVnGTbF6jGFc8Ra7q+tUTra0vtHBZoPsqgDXOfgB5x1\/6e\/ekoB1CeD7MsRipcZjz4uFoBrVRmh8t\/rSICod6ktukvIiZ6yItLQ7Y8kTJkbjPTyOKYPsF+LjDRbuhMBEHxTecFVlM8fNhbBAAAAFgAIAAEshHwr36EACAAUJM4QSLb1BesAMLdUeEcTNdZmV28="}
 01085{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1676659968029444,"flow_src_last_pkt_time":1676659968029444,"flow_dst_last_pkt_time":1676659968029444,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":212,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":212,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":212,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1676659968029444,"l3_proto":"ip4","src_ip":"192.168.12.156","dst_ip":"93.57.123.227","src_port":46652,"dst_port":3478,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"STUN.WhatsAppCall","proto_id":"78.45","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":10,"category":"VoIP","hostname":"","domainame":"","stun": {"relayed_address":"93.57.123.227:3478","multimedia_flow_types":"Unknown"}}}
 00829{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":1,"flow_packet_id":2,"flow_src_last_pkt_time":1676659968029608,"flow_dst_last_pkt_time":1676659968029444,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":254,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":254,"pkt_l4_len":220,"thread_ts_usec":1676659968029608,"pkt":"CL6sCxduJjb1W8R1CABFwADw\/iJAAEARlLnAqAycXTl747Y8DZYA3ICVAAMAwCESpEJwdYtExyOnTtGTSiZAAACWCQK2KB7zQ7qLyqomatrasQEu9DL3wZ7hCtWVyMuhXanwNF5C+CJQZxH6MYVnGTbF6jGFc8Ra7q+tUTra0vtHBZoPsqgDXOfgB5x1\/6e\/ekoB1CeD7MsRipcZjz4uFoBrVRmh8t\/rSICod6ktukvIiZ6yItLQ7Y8kTJkbjPTyOKYPsF+LjDRbuhMBEHxTecFVlM8fNhbBAAAAFgAIAAEshHwr36EACAAUYWrisy40lbl9bq4cXAmMmnnA\/ig="}
-01218{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":2,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":1676659968029444,"flow_src_last_pkt_time":1676659968029608,"flow_dst_last_pkt_time":1676659968029444,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":212,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":212,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":424,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1676659968029608,"l3_proto":"ip4","src_ip":"192.168.12.156","dst_ip":"93.57.123.227","src_port":46652,"dst_port":3478,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"STUN.WhatsAppCall","proto_id":"78.45","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":10,"category":"VoIP","hostname":"","domainame":"","stun": {"relayed_address":"93.57.123.227:3478","multimedia_flow_types":"Unknown"}}}
 00812{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":3,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":2,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1676659968035471,"flow_src_last_pkt_time":1676659968035471,"flow_dst_last_pkt_time":1676659968035471,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":212,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":212,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":212,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1676659968035471,"l3_proto":"ip4","src_ip":"192.168.12.156","dst_ip":"157.240.203.62","src_port":46652,"dst_port":3478,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
 00825{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":2,"flow_packet_id":1,"flow_src_last_pkt_time":1676659968035471,"flow_dst_last_pkt_time":1676659968035471,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":254,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":254,"pkt_l4_len":220,"thread_ts_usec":1676659968035471,"pkt":"CL6sCxduJjb1W8R1CABFwADwfTlAAEARhZDAqAycnfDLPrY8DZYA3GV0AAMAwCESpEJwdYtExyOnTtGTSidAAACWCQMtTkgnCkB3mlyHo2hELpK34qN\/tn27kX9DRUmi65QznJnJXr0IVJ+d4Fxix8NmNcmsfFkQLOW6576+A4JwNmi2uSQdWXRM2VKcszNCnJz207wH1jUAcpCU9XZA6ttuPzt6cvS6PNIk8FwKlWlblH32PnQxSRg2bkLvkOMPE7sKF8F2oGKz69cDRT5LGhyKnJSGY5lnAAAAFgAIAAEshLzib3wACAAUAA8jYlqEzFOauoSyCbgYSf5lAAk="}
 01090{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":3,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":2,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1676659968035471,"flow_src_last_pkt_time":1676659968035471,"flow_dst_last_pkt_time":1676659968035471,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":212,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":212,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":212,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1676659968035471,"l3_proto":"ip4","src_ip":"192.168.12.156","dst_ip":"157.240.203.62","src_port":46652,"dst_port":3478,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"STUN.WhatsAppCall","proto_id":"78.45","proto_by_ip":"Facebook","proto_by_ip_id":119,"encrypted":0,"breed":"Acceptable","category_id":10,"category":"VoIP","hostname":"","domainame":"","stun": {"relayed_address":"157.240.203.62:3478","multimedia_flow_types":"Unknown"}}}
 00826{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":4,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":2,"flow_packet_id":2,"flow_src_last_pkt_time":1676659968035552,"flow_dst_last_pkt_time":1676659968035471,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":254,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":254,"pkt_l4_len":220,"thread_ts_usec":1676659968035552,"pkt":"CL6sCxduJjb1W8R1CABFwADwfTpAAEARhY\/AqAycnfDLPrY8DZYA3BLxAAMAwCESpEJwdYtExyOnTtGTSihAAACWCQMtTkgnCkB3mlyHo2hELpK34qN\/tn27kX9DRUmi65QznJnJXr0IVJ+d4Fxix8NmNcmsfFkQLOW6576+A4JwNmi2uSQdWXRM2VKcszNCnJz207wH1jUAcpCU9XZA6ttuPzt6cvS6PNIk8FwKlWlblH32PnQxSRg2bkLvkOMPE7sKF8F2oGKz69cDRT5LGhyKnJSGY5lnAAAAFgAIAAEshLzib3wACAAUhAn28C7qfrkxLYQ0p3TNXw2BfFM="}
-01223{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":4,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":2,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":1676659968035471,"flow_src_last_pkt_time":1676659968035552,"flow_dst_last_pkt_time":1676659968035471,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":212,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":212,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":424,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1676659968035552,"l3_proto":"ip4","src_ip":"192.168.12.156","dst_ip":"157.240.203.62","src_port":46652,"dst_port":3478,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"STUN.WhatsAppCall","proto_id":"78.45","proto_by_ip":"Facebook","proto_by_ip_id":119,"encrypted":0,"breed":"Acceptable","category_id":10,"category":"VoIP","hostname":"","domainame":"","stun": {"relayed_address":"157.240.203.62:3478","multimedia_flow_types":"Unknown"}}}
 00812{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":5,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":3,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1676659968035642,"flow_src_last_pkt_time":1676659968035642,"flow_dst_last_pkt_time":1676659968035642,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":212,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":212,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":212,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1676659968035642,"l3_proto":"ip4","src_ip":"192.168.12.156","dst_ip":"157.240.231.62","src_port":46652,"dst_port":3478,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
 00826{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":5,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":3,"flow_packet_id":1,"flow_src_last_pkt_time":1676659968035642,"flow_dst_last_pkt_time":1676659968035642,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":254,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":254,"pkt_l4_len":220,"thread_ts_usec":1676659968035642,"pkt":"CL6sCxduJjb1W8R1CABFwADwj9lAAEARVvDAqAycnfDnPrY8DZYA3J+gAAMAwCESpEJwdYtExyOnTtGTSilAAACWCQNxyDQh65HCwK\/NwM57eGVAnp73+KYPg1k+lNrVEVkNPnu5t9hC5BRxAv+1EaOtzlbgzlIq2\/WPsB5SRMDksABVRMTM9J4aDhkK8p1864X++Y5SKMM+YDG4F3l8CE9EEsygUCuw1FeaQaDvzERSEqz4d5mYYPBEmipy1b3wHHsk5VkyouOLzceIjWTBDv1RY+CT0wD4AAAAFgAIAAEshLziQ3wACAAUBDu46Kp0MzZ62SMrNOCqwnrJBCw="}
 01090{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":5,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":3,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1676659968035642,"flow_src_last_pkt_time":1676659968035642,"flow_dst_last_pkt_time":1676659968035642,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":212,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":212,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":212,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1676659968035642,"l3_proto":"ip4","src_ip":"192.168.12.156","dst_ip":"157.240.231.62","src_port":46652,"dst_port":3478,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"STUN.WhatsAppCall","proto_id":"78.45","proto_by_ip":"Facebook","proto_by_ip_id":119,"encrypted":0,"breed":"Acceptable","category_id":10,"category":"VoIP","hostname":"","domainame":"","stun": {"relayed_address":"157.240.231.62:3478","multimedia_flow_types":"Unknown"}}}
 00827{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":6,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":3,"flow_packet_id":2,"flow_src_last_pkt_time":1676659968036993,"flow_dst_last_pkt_time":1676659968035642,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":254,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":254,"pkt_l4_len":220,"thread_ts_usec":1676659968036993,"pkt":"CL6sCxduJjb1W8R1CABFwADwj9pAAEARVu\/AqAycnfDnPrY8DZYA3K1KAAMAwCESpEJwdYtExyOnTtGTSipAAACWCQNxyDQh65HCwK\/NwM57eGVAnp73+KYPg1k+lNrVEVkNPnu5t9hC5BRxAv+1EaOtzlbgzlIq2\/WPsB5SRMDksABVRMTM9J4aDhkK8p1864X++Y5SKMM+YDG4F3l8CE9EEsygUCuw1FeaQaDvzERSEqz4d5mYYPBEmipy1b3wHHsk5VkyouOLzceIjWTBDv1RY+CT0wD4AAAAFgAIAAEshLziQ3wACAAUPZihrJHzcl+3y+bEvnKo9qVH+uY="}
-01223{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":6,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":3,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":1676659968035642,"flow_src_last_pkt_time":1676659968036993,"flow_dst_last_pkt_time":1676659968035642,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":212,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":212,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":424,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1676659968036993,"l3_proto":"ip4","src_ip":"192.168.12.156","dst_ip":"157.240.231.62","src_port":46652,"dst_port":3478,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"STUN.WhatsAppCall","proto_id":"78.45","proto_by_ip":"Facebook","proto_by_ip_id":119,"encrypted":0,"breed":"Acceptable","category_id":10,"category":"VoIP","hostname":"","domainame":"","stun": {"relayed_address":"157.240.231.62:3478","multimedia_flow_types":"Unknown"}}}
 00811{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":7,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":4,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1676659968037054,"flow_src_last_pkt_time":1676659968037054,"flow_dst_last_pkt_time":1676659968037054,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":212,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":212,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":212,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1676659968037054,"l3_proto":"ip4","src_ip":"192.168.12.156","dst_ip":"157.240.21.51","src_port":46652,"dst_port":3478,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
 00829{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":7,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":4,"flow_packet_id":1,"flow_src_last_pkt_time":1676659968037054,"flow_dst_last_pkt_time":1676659968037054,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":254,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":254,"pkt_l4_len":220,"thread_ts_usec":1676659968037054,"pkt":"CL6sCxduJjb1W8R1CABFwADwz9NAAEAR6QHAqAycnfAVM7Y8DZYA3Ij9AAMAwCESpEJwdYtExyOnTtGTSitAAACWCQNaRGvs7+ccuZ\/MfxmbOvUVp8noEHkp7nF6xocCdKtvmOlig71m6+555gD\/mKnSGLIGNRynB98Dn1I4xNjPBc\/JcXx85sPvklgbnR+jKW8z3v+tFyKmLoRYXO+76gRpJvbZMI+O\/1oNzvmh6C\/4OrGc+hLich1SR+QSsMSOS20JWZv3s1la5zjKfswADrKC6jyH7ubtAAAAFgAIAAEshLzisXEACAAUjla64e3RO4Za5yiogz0w5BPrVCA="}
 01088{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":7,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":4,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1676659968037054,"flow_src_last_pkt_time":1676659968037054,"flow_dst_last_pkt_time":1676659968037054,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":212,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":212,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":212,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1676659968037054,"l3_proto":"ip4","src_ip":"192.168.12.156","dst_ip":"157.240.21.51","src_port":46652,"dst_port":3478,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"STUN.WhatsAppCall","proto_id":"78.45","proto_by_ip":"Facebook","proto_by_ip_id":119,"encrypted":0,"breed":"Acceptable","category_id":10,"category":"VoIP","hostname":"","domainame":"","stun": {"relayed_address":"157.240.21.51:3478","multimedia_flow_types":"Unknown"}}}
 00829{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":8,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":4,"flow_packet_id":2,"flow_src_last_pkt_time":1676659968037165,"flow_dst_last_pkt_time":1676659968037054,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":254,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":254,"pkt_l4_len":220,"thread_ts_usec":1676659968037165,"pkt":"CL6sCxduJjb1W8R1CABFwADwz9RAAEAR6QDAqAycnfAVM7Y8DZYA3Ds6AAMAwCESpEJwdYtExyOnTtGTSixAAACWCQNaRGvs7+ccuZ\/MfxmbOvUVp8noEHkp7nF6xocCdKtvmOlig71m6+555gD\/mKnSGLIGNRynB98Dn1I4xNjPBc\/JcXx85sPvklgbnR+jKW8z3v+tFyKmLoRYXO+76gRpJvbZMI+O\/1oNzvmh6C\/4OrGc+hLich1SR+QSsMSOS20JWZv3s1la5zjKfswADrKC6jyH7ubtAAAAFgAIAAEshLzisXEACAAUHONBvdq4CMLPEotcA1cTDrS++GA="}
-01221{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":8,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":4,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":1676659968037054,"flow_src_last_pkt_time":1676659968037165,"flow_dst_last_pkt_time":1676659968037054,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":212,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":212,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":424,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1676659968037165,"l3_proto":"ip4","src_ip":"192.168.12.156","dst_ip":"157.240.21.51","src_port":46652,"dst_port":3478,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"STUN.WhatsAppCall","proto_id":"78.45","proto_by_ip":"Facebook","proto_by_ip_id":119,"encrypted":0,"breed":"Acceptable","category_id":10,"category":"VoIP","hostname":"","domainame":"","stun": {"relayed_address":"157.240.21.51:3478","multimedia_flow_types":"Unknown"}}}
 00812{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":9,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":5,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1676659968037404,"flow_src_last_pkt_time":1676659968037404,"flow_dst_last_pkt_time":1676659968037404,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":212,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":212,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":212,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1676659968037404,"l3_proto":"ip4","src_ip":"192.168.12.156","dst_ip":"157.240.195.48","src_port":46652,"dst_port":3478,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
 00831{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":9,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":5,"flow_packet_id":1,"flow_src_last_pkt_time":1676659968037404,"flow_dst_last_pkt_time":1676659968037404,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":254,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":254,"pkt_l4_len":220,"thread_ts_usec":1676659968037404,"pkt":"CL6sCxduJjb1W8R1CABFwADwBWlAAEARBW\/AqAycnfDDMLY8DZYA3EQwAAMAwCESpEJwdYtExyOnTtGTSi1AAACWCQOx8jP4xX+S8mUrXXk2n15fuMSnBwYiWgGrpiuTXvKiSw3Eir1rG\/\/xENKpYnRSCtBCjSrxtliPheTZDngaGDi34a9YHKHQKUIhCjhpwP8Uvudi7up1PRXt6lCRefFe8K3b0jR++YvWvVrmASoE\/yY9XlSxVZ+G0ZOPBL6y2y9ny+kFjdqzj7\/4wvCraZgPwm+CCYR+AAAAFgAIAAEshLziZ3IACAAUYW\/o+S1f89d5dQU1\/5j2oMMTsiw="}
 01090{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":9,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":5,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1676659968037404,"flow_src_last_pkt_time":1676659968037404,"flow_dst_last_pkt_time":1676659968037404,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":212,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":212,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":212,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1676659968037404,"l3_proto":"ip4","src_ip":"192.168.12.156","dst_ip":"157.240.195.48","src_port":46652,"dst_port":3478,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"STUN.WhatsAppCall","proto_id":"78.45","proto_by_ip":"Facebook","proto_by_ip_id":119,"encrypted":0,"breed":"Acceptable","category_id":10,"category":"VoIP","hostname":"","domainame":"","stun": {"relayed_address":"157.240.195.48:3478","multimedia_flow_types":"Unknown"}}}
 00830{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":10,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":5,"flow_packet_id":2,"flow_src_last_pkt_time":1676659968037483,"flow_dst_last_pkt_time":1676659968037404,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":254,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":254,"pkt_l4_len":220,"thread_ts_usec":1676659968037483,"pkt":"CL6sCxduJjb1W8R1CABFwADwBWpAAEARBW7AqAycnfDDMLY8DZYA3L3JAAMAwCESpEJwdYtExyOnTtGTSi5AAACWCQOx8jP4xX+S8mUrXXk2n15fuMSnBwYiWgGrpiuTXvKiSw3Eir1rG\/\/xENKpYnRSCtBCjSrxtliPheTZDngaGDi34a9YHKHQKUIhCjhpwP8Uvudi7up1PRXt6lCRefFe8K3b0jR++YvWvVrmASoE\/yY9XlSxVZ+G0ZOPBL6y2y9ny+kFjdqzj7\/4wvCraZgPwm+CCYR+AAAAFgAIAAEshLziZ3IACAAUN3sV7GYe+yROEsWZI\/FgD4k1DJ4="}
-01224{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":10,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":5,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":1676659968037404,"flow_src_last_pkt_time":1676659968037483,"flow_dst_last_pkt_time":1676659968037404,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":212,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":212,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":424,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1676659968037483,"l3_proto":"ip4","src_ip":"192.168.12.156","dst_ip":"157.240.195.48","src_port":46652,"dst_port":3478,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"STUN.WhatsAppCall","proto_id":"78.45","proto_by_ip":"Facebook","proto_by_ip_id":119,"encrypted":0,"breed":"Acceptable","category_id":10,"category":"VoIP","hostname":"","domainame":"","stun": {"relayed_address":"157.240.195.48:3478","multimedia_flow_types":"Unknown"}}}
 00635{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":11,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":1,"flow_packet_id":3,"flow_src_last_pkt_time":1676659968029608,"flow_dst_last_pkt_time":1676659968037875,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":110,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":110,"pkt_l4_len":76,"thread_ts_usec":1676659968037875,"pkt":"Jjb1W8R1CL6sCxduCABFAABg\/qtAAFcRfoBdOXvjwKgMnA2WtjwATGHpAQMAMCESpEJwdYtExyOnTtGTSiUAIAAIAAHRJHwxD0FAAgAIAAABhmC4yCcACAAUqnIJzW\/j1X8c\/WgxJFDYTIjCG04="}
-01133{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":11,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":1,"flow_first_seen":1676659968029444,"flow_src_last_pkt_time":1676659968029608,"flow_dst_last_pkt_time":1676659968037875,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":212,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":212,"flow_dst_max_l4_payload_len":68,"flow_src_tot_l4_payload_len":424,"flow_dst_tot_l4_payload_len":68,"midstream":0,"thread_ts_usec":1676659968037875,"l3_proto":"ip4","src_ip":"192.168.12.156","dst_ip":"93.57.123.227","src_port":46652,"dst_port":3478,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"STUN.WhatsAppCall","proto_id":"78.45","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":10,"category":"VoIP","hostname":"","domainame":"","stun": {"mapped_address":"93.35.171.3:61494","relayed_address":"93.57.123.227:3478","multimedia_flow_types":"Unknown"}}}
 00633{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":12,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":1,"flow_packet_id":4,"flow_src_last_pkt_time":1676659968029608,"flow_dst_last_pkt_time":1676659968037923,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":110,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":110,"pkt_l4_len":76,"thread_ts_usec":1676659968037923,"pkt":"Jjb1W8R1CL6sCxduCABFAABg\/qxAAFcRfn9dOXvjwKgMnA2WtjwATH+6AQMAMCESpEJwdYtExyOnTtGTSiYAIAAIAAHRJHwxD0FAAgAIAAABhmC4yCcACAAUsXruinhNMVlcZwjO7SsYhIE3y+M="}
 00632{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":13,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":2,"flow_packet_id":3,"flow_src_last_pkt_time":1676659968035552,"flow_dst_last_pkt_time":1676659968044522,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":110,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":110,"pkt_l4_len":76,"thread_ts_usec":1676659968044522,"pkt":"Jjb1W8R1CL6sCxduCABFAABgbwhAAFURgBGd8Ms+wKgMnA2WtjwATEezAQMAMCESpEJwdYtExyOnTtGTSicAIAAIAAHRJHwxD0FAAgAIAAABhmC4yC0ACAAUiLSqHkDyO4Nn0koco41Anoog2hY="}
-01138{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":13,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":2,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":1,"flow_first_seen":1676659968035471,"flow_src_last_pkt_time":1676659968035552,"flow_dst_last_pkt_time":1676659968044522,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":212,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":212,"flow_dst_max_l4_payload_len":68,"flow_src_tot_l4_payload_len":424,"flow_dst_tot_l4_payload_len":68,"midstream":0,"thread_ts_usec":1676659968044522,"l3_proto":"ip4","src_ip":"192.168.12.156","dst_ip":"157.240.203.62","src_port":46652,"dst_port":3478,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"STUN.WhatsAppCall","proto_id":"78.45","proto_by_ip":"Facebook","proto_by_ip_id":119,"encrypted":0,"breed":"Acceptable","category_id":10,"category":"VoIP","hostname":"","domainame":"","stun": {"mapped_address":"93.35.171.3:61494","relayed_address":"157.240.203.62:3478","multimedia_flow_types":"Unknown"}}}
 00633{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":14,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":2,"flow_packet_id":4,"flow_src_last_pkt_time":1676659968035552,"flow_dst_last_pkt_time":1676659968044575,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":110,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":110,"pkt_l4_len":76,"thread_ts_usec":1676659968044575,"pkt":"Jjb1W8R1CL6sCxduCABFAABgbwlAAFURgBCd8Ms+wKgMnA2WtjwATDevAQMAMCESpEJwdYtExyOnTtGTSigAIAAIAAHRJHwxD0FAAgAIAAABhmC4yC0ACAAUPpUdGzsHO6o60A2P\/YzAPtGyD14="}
 00632{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":15,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":3,"flow_packet_id":3,"flow_src_last_pkt_time":1676659968036993,"flow_dst_last_pkt_time":1676659968055421,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":110,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":110,"pkt_l4_len":76,"thread_ts_usec":1676659968055421,"pkt":"Jjb1W8R1CL6sCxduCABFAABgJFBAAFYRrcmd8Oc+wKgMnA2WtjwATEo8AQMAMCESpEJwdYtExyOnTtGTSikAIAAIAAHRJHwxD0FAAgAIAAABhmC4yDIACAAUfe6H1Xa456A0pvmxA+2DiUprJrM="}
-01138{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":15,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":3,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":1,"flow_first_seen":1676659968035642,"flow_src_last_pkt_time":1676659968036993,"flow_dst_last_pkt_time":1676659968055421,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":212,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":212,"flow_dst_max_l4_payload_len":68,"flow_src_tot_l4_payload_len":424,"flow_dst_tot_l4_payload_len":68,"midstream":0,"thread_ts_usec":1676659968055421,"l3_proto":"ip4","src_ip":"192.168.12.156","dst_ip":"157.240.231.62","src_port":46652,"dst_port":3478,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"STUN.WhatsAppCall","proto_id":"78.45","proto_by_ip":"Facebook","proto_by_ip_id":119,"encrypted":0,"breed":"Acceptable","category_id":10,"category":"VoIP","hostname":"","domainame":"","stun": {"mapped_address":"93.35.171.3:61494","relayed_address":"157.240.231.62:3478","multimedia_flow_types":"Unknown"}}}
 00633{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":16,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":3,"flow_packet_id":4,"flow_src_last_pkt_time":1676659968036993,"flow_dst_last_pkt_time":1676659968058079,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":110,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":110,"pkt_l4_len":76,"thread_ts_usec":1676659968058079,"pkt":"Jjb1W8R1CL6sCxduCABFAABgJFJAAFYRrced8Oc+wKgMnA2WtjwATE4+AQMAMCESpEJwdYtExyOnTtGTSioAIAAIAAHRJHwxD0FAAgAIAAABhmC4yDQACAAUwWTirh60\/VHH+ED4aqqQivjmyd4="}
 00632{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":17,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":4,"flow_packet_id":3,"flow_src_last_pkt_time":1676659968037165,"flow_dst_last_pkt_time":1676659968060837,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":110,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":110,"pkt_l4_len":76,"thread_ts_usec":1676659968060837,"pkt":"Jjb1W8R1CL6sCxduCABFAABgpVxAAFMRAcmd8BUzwKgMnA2WtjwATKdbAQMAMCESpEJwdYtExyOnTtGTSisAIAAIAAHRJHwxD0FAAgAIAAABhmC4yDgACAAUABEIe9NGgDdArgJP1RoA97aa1Do="}
-01136{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":17,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":4,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":1,"flow_first_seen":1676659968037054,"flow_src_last_pkt_time":1676659968037165,"flow_dst_last_pkt_time":1676659968060837,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":212,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":212,"flow_dst_max_l4_payload_len":68,"flow_src_tot_l4_payload_len":424,"flow_dst_tot_l4_payload_len":68,"midstream":0,"thread_ts_usec":1676659968060837,"l3_proto":"ip4","src_ip":"192.168.12.156","dst_ip":"157.240.21.51","src_port":46652,"dst_port":3478,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"STUN.WhatsAppCall","proto_id":"78.45","proto_by_ip":"Facebook","proto_by_ip_id":119,"encrypted":0,"breed":"Acceptable","category_id":10,"category":"VoIP","hostname":"","domainame":"","stun": {"mapped_address":"93.35.171.3:61494","relayed_address":"157.240.21.51:3478","multimedia_flow_types":"Unknown"}}}
 00633{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":18,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":4,"flow_packet_id":4,"flow_src_last_pkt_time":1676659968037165,"flow_dst_last_pkt_time":1676659968060888,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":110,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":110,"pkt_l4_len":76,"thread_ts_usec":1676659968060888,"pkt":"Jjb1W8R1CL6sCxduCABFAABgpV1AAFMRAcid8BUzwKgMnA2WtjwATFmEAQMAMCESpEJwdYtExyOnTtGTSiwAIAAIAAHRJHwxD0FAAgAIAAABhmC4yDgACAAUdeov0ALnfOy1FSGpfbM\/gVsZOSo="}
 00632{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":19,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":5,"flow_packet_id":3,"flow_src_last_pkt_time":1676659968037483,"flow_dst_last_pkt_time":1676659968064266,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":110,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":110,"pkt_l4_len":76,"thread_ts_usec":1676659968064266,"pkt":"Jjb1W8R1CL6sCxduCABFAABg0NlAAFQRJ06d8MMwwKgMnA2WtjwATMmfAQMAMCESpEJwdYtExyOnTtGTSi0AIAAIAAHRJHwxD0FAAgAIAAABhmC4yDQACAAUEauiV+5OdWK08lpoY4KvoDM8wkA="}
-01138{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":19,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":5,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":1,"flow_first_seen":1676659968037404,"flow_src_last_pkt_time":1676659968037483,"flow_dst_last_pkt_time":1676659968064266,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":212,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":212,"flow_dst_max_l4_payload_len":68,"flow_src_tot_l4_payload_len":424,"flow_dst_tot_l4_payload_len":68,"midstream":0,"thread_ts_usec":1676659968064266,"l3_proto":"ip4","src_ip":"192.168.12.156","dst_ip":"157.240.195.48","src_port":46652,"dst_port":3478,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"STUN.WhatsAppCall","proto_id":"78.45","proto_by_ip":"Facebook","proto_by_ip_id":119,"encrypted":0,"breed":"Acceptable","category_id":10,"category":"VoIP","hostname":"","domainame":"","stun": {"mapped_address":"93.35.171.3:61494","relayed_address":"157.240.195.48:3478","multimedia_flow_types":"Unknown"}}}
 00632{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":20,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":5,"flow_packet_id":4,"flow_src_last_pkt_time":1676659968037483,"flow_dst_last_pkt_time":1676659968064299,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":110,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":110,"pkt_l4_len":76,"thread_ts_usec":1676659968064299,"pkt":"Jjb1W8R1CL6sCxduCABFAABg0NpAAFQRJ02d8MMwwKgMnA2WtjwATLBEAQMAMCESpEJwdYtExyOnTtGTSi4AIAAIAAHRJHwxD0FAAgAIAAABhmC4yDQACAAUBF3x7h5ICsoSF2To96zryfeV154="}
 00602{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":21,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":1,"flow_packet_id":5,"flow_src_last_pkt_time":1676659968029608,"flow_dst_last_pkt_time":1676659970501672,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":88,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":88,"pkt_l4_len":54,"thread_ts_usec":1676659970501672,"pkt":"Jjb1W8R1CL6sCxduCABFAABKBqBAAFcRdqJdOXvjwKgMnA2WtjwANj3TgcoAB+FyMapRK5FaypeotDESW84OgO841cZwILWkJxeAAAAB+Wopohy6zZkyGw=="}
 00909{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":24,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":2,"flow_packet_id":5,"flow_src_last_pkt_time":1676659970535244,"flow_dst_last_pkt_time":1676659968044575,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":314,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":314,"pkt_l4_len":280,"thread_ts_usec":1676659970535244,"pkt":"CL6sCxduJjb1W8R1CABFwAEsfaFAAEARhOzAqAycnfDLPrY8DZYBGBQxAAMA\/CESpEJwdYtExyOnTtGTSjFAAACWCQMtTkgnCkB3mlyHo2hELpK34qN\/tn27kX9DRUmi65QznJnJXr0IVJ+d4Fxix8NmNcmsfFkQLOW6576+A4JwNmi2uSQdWXRM2VKcszNCnJz207wH1jUAcpCU9XZA6ttuPzt6cvS6PNIk8FwKlWlblH32PnQxSRg2bkLvkOMPE7sKF8F2oGKz69cDRT5LGhyKnJSGY5lnAAAAIgAQA2iP+zSLUWDQyLFKEwEwAAAiAA4DCBO34E8CVbwHHovTAAAAACIAEAMbnwHuSmVz+ONk\/YEBMAAAFgAIAAEshLzib3wACAAUXTCmuD43X2iZxaQUlL\/5MyGiwQU="}
@@ -50,42 +40,32 @@
 00910{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":414,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":6,"flow_packet_id":1,"flow_src_last_pkt_time":1676660020625604,"flow_dst_last_pkt_time":1676660020625604,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":314,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":314,"pkt_l4_len":280,"thread_ts_usec":1676660020625604,"pkt":"CL6sCxduJjb1W8R1CABFwAEsi9JAAEARdrvAqAycnfDLPsF2DZYBGCb2AAMA\/CESpEI9TftlKWJACU3e+TlAAACWCQOxp8aYvFg8y+QXBpsvhjNMa1N4G7Sf9JFjapUuLmz0CsTDFAPO9KqiGsXxWezQ59eQpoCSxT1fsfDFF2XYEWLYT7Z5ywaH6eaIeDG7vzkQfWGJo3mm7lbdY7xd0W8bEsEGktqDrQsGdB5\/+jjeW0yFm1wJQhQWIaUpZQMlzDvLLl3GStdW2AnbX4eC5IclH+Gf\/MylAAAAIgAQA1wnJY8VQYrMrds8LwExAAAiAA4Djh5nVd\/1ziuce4idAAAAACIAEANRZ9y246wbSEgX3HYBMQAAFgAIAAEshLzib3wACAAUpYIpus8qv8w9yHZkGb+Y7RORCLU="}
 01092{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":414,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":6,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1676660020625604,"flow_src_last_pkt_time":1676660020625604,"flow_dst_last_pkt_time":1676660020625604,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":272,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":272,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":272,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1676660020625604,"l3_proto":"ip4","src_ip":"192.168.12.156","dst_ip":"157.240.203.62","src_port":49526,"dst_port":3478,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"STUN.WhatsAppCall","proto_id":"78.45","proto_by_ip":"Facebook","proto_by_ip_id":119,"encrypted":0,"breed":"Acceptable","category_id":10,"category":"VoIP","hostname":"","domainame":"","stun": {"relayed_address":"157.240.203.62:3478","multimedia_flow_types":"Unknown"}}}
 00910{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":415,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":6,"flow_packet_id":2,"flow_src_last_pkt_time":1676660020625741,"flow_dst_last_pkt_time":1676660020625604,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":314,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":314,"pkt_l4_len":280,"thread_ts_usec":1676660020625741,"pkt":"CL6sCxduJjb1W8R1CABFwAEsi9NAAEARdrrAqAycnfDLPsF2DZYBGPgrAAMA\/CESpEI9TftlKWJACU3e+TpAAACWCQOxp8aYvFg8y+QXBpsvhjNMa1N4G7Sf9JFjapUuLmz0CsTDFAPO9KqiGsXxWezQ59eQpoCSxT1fsfDFF2XYEWLYT7Z5ywaH6eaIeDG7vzkQfWGJo3mm7lbdY7xd0W8bEsEGktqDrQsGdB5\/+jjeW0yFm1wJQhQWIaUpZQMlzDvLLl3GStdW2AnbX4eC5IclH+Gf\/MylAAAAIgAQA1wnJY8VQYrMrds8LwExAAAiAA4Djh5nVd\/1ziuce4idAAAAACIAEANRZ9y246wbSEgX3HYBMQAAFgAIAAEshLzib3wACAAUEQwgZYwKJgQ4LTYK3y4FIA+jynM="}
-01225{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":415,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":6,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":1676660020625604,"flow_src_last_pkt_time":1676660020625741,"flow_dst_last_pkt_time":1676660020625604,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":272,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":272,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":544,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1676660020625741,"l3_proto":"ip4","src_ip":"192.168.12.156","dst_ip":"157.240.203.62","src_port":49526,"dst_port":3478,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"STUN.WhatsAppCall","proto_id":"78.45","proto_by_ip":"Facebook","proto_by_ip_id":119,"encrypted":0,"breed":"Acceptable","category_id":10,"category":"VoIP","hostname":"","domainame":"","stun": {"relayed_address":"157.240.203.62:3478","multimedia_flow_types":"Unknown"}}}
 00814{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":416,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":7,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1676660020625888,"flow_src_last_pkt_time":1676660020625888,"flow_dst_last_pkt_time":1676660020625888,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":272,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":272,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":272,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1676660020625888,"l3_proto":"ip4","src_ip":"192.168.12.156","dst_ip":"157.240.231.62","src_port":49526,"dst_port":3478,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
 00914{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":416,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":7,"flow_packet_id":1,"flow_src_last_pkt_time":1676660020625888,"flow_dst_last_pkt_time":1676660020625888,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":314,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":314,"pkt_l4_len":280,"thread_ts_usec":1676660020625888,"pkt":"CL6sCxduJjb1W8R1CABFwAEsmRpAAEARTXPAqAycnfDnPsF2DZYBGH7rAAMA\/CESpEI9TftlKWJACU3e+TtAAACWCQPeFjak0d7PKFAs7XLj2+P+s\/PhMuWphSLboMCgL8FYcsJ22UWhr314dj\/sKuxUjmg5xQ\/jx9XG\/YEFdqUUT0rbOYoIi50IwG51J2FjLJRXjMezKXn+8dloeg+G6pVS2Czb4qwcI\/U\/yOu2RsIn1ZkxZBTgillM10QGiC2nxS3GP3Pyg89JFN85UcQxXm3doEZ8I2gXAAAAIgAQA1wnJY8VQYrMrds8LwExAAAiAA4Djh5nVd\/1ziuce4idAAAAACIAEANRZ9y246wbSEgX3HYBMQAAFgAIAAEshLziQ3wACAAUCDd5eQa4+xNebQ8SJJA4mgXX1Xw="}
 01092{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":416,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":7,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1676660020625888,"flow_src_last_pkt_time":1676660020625888,"flow_dst_last_pkt_time":1676660020625888,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":272,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":272,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":272,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1676660020625888,"l3_proto":"ip4","src_ip":"192.168.12.156","dst_ip":"157.240.231.62","src_port":49526,"dst_port":3478,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"STUN.WhatsAppCall","proto_id":"78.45","proto_by_ip":"Facebook","proto_by_ip_id":119,"encrypted":0,"breed":"Acceptable","category_id":10,"category":"VoIP","hostname":"","domainame":"","stun": {"relayed_address":"157.240.231.62:3478","multimedia_flow_types":"Unknown"}}}
 00914{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":417,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":7,"flow_packet_id":2,"flow_src_last_pkt_time":1676660020626848,"flow_dst_last_pkt_time":1676660020625888,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":314,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":314,"pkt_l4_len":280,"thread_ts_usec":1676660020626848,"pkt":"CL6sCxduJjb1W8R1CABFwAEsmRtAAEARTXLAqAycnfDnPsF2DZYBGAyJAAMA\/CESpEI9TftlKWJACU3e+TxAAACWCQPeFjak0d7PKFAs7XLj2+P+s\/PhMuWphSLboMCgL8FYcsJ22UWhr314dj\/sKuxUjmg5xQ\/jx9XG\/YEFdqUUT0rbOYoIi50IwG51J2FjLJRXjMezKXn+8dloeg+G6pVS2Czb4qwcI\/U\/yOu2RsIn1ZkxZBTgillM10QGiC2nxS3GP3Pyg89JFN85UcQxXm3doEZ8I2gXAAAAIgAQA1wnJY8VQYrMrds8LwExAAAiAA4Djh5nVd\/1ziuce4idAAAAACIAEANRZ9y246wbSEgX3HYBMQAAFgAIAAEshLziQ3wACAAUmjsvXCKwESsJBUhkQNrKqeK5XsE="}
-01225{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":417,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":7,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":1676660020625888,"flow_src_last_pkt_time":1676660020626848,"flow_dst_last_pkt_time":1676660020625888,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":272,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":272,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":544,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1676660020626848,"l3_proto":"ip4","src_ip":"192.168.12.156","dst_ip":"157.240.231.62","src_port":49526,"dst_port":3478,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"STUN.WhatsAppCall","proto_id":"78.45","proto_by_ip":"Facebook","proto_by_ip_id":119,"encrypted":0,"breed":"Acceptable","category_id":10,"category":"VoIP","hostname":"","domainame":"","stun": {"relayed_address":"157.240.231.62:3478","multimedia_flow_types":"Unknown"}}}
 00814{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":418,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":8,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1676660020626979,"flow_src_last_pkt_time":1676660020626979,"flow_dst_last_pkt_time":1676660020626979,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":272,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":272,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":272,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1676660020626979,"l3_proto":"ip4","src_ip":"192.168.12.156","dst_ip":"157.240.196.62","src_port":49526,"dst_port":3478,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
 00915{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":418,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":8,"flow_packet_id":1,"flow_src_last_pkt_time":1676660020626979,"flow_dst_last_pkt_time":1676660020626979,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":314,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":314,"pkt_l4_len":280,"thread_ts_usec":1676660020626979,"pkt":"CL6sCxduJjb1W8R1CABFwAEsOIpAAEAR0QPAqAycnfDEPsF2DZYBGJUCAAMA\/CESpEI9TftlKWJACU3e+T1AAACWCQPGTvqHwwSK7PRiLSImLIKh\/fPLrOsx\/rtb4xnlO+h\/S8O\/UZlWtSeGS1rfAQxxwD3rylX96sS7cSBQmvCNf2TOwF\/JRt9mywjNe1pUQo9jU5c0ZxrdUZDRq+CZMIW0FSHrmDPoAXCraaMzfQ1aJVz\/5ObQw+UDNrc6hxQu5PTn27CWWZVuQS13m6BeFu60vevHT2j7AAAAIgAQA1wnJY8VQYrMrds8LwExAAAiAA4Djh5nVd\/1ziuce4idAAAAACIAEANRZ9y246wbSEgX3HYBMQAAFgAIAAEshLziYHwACAAUB5JO\/KlnIgtwDyIZGyJD72U36pw="}
 01092{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":418,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":8,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1676660020626979,"flow_src_last_pkt_time":1676660020626979,"flow_dst_last_pkt_time":1676660020626979,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":272,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":272,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":272,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1676660020626979,"l3_proto":"ip4","src_ip":"192.168.12.156","dst_ip":"157.240.196.62","src_port":49526,"dst_port":3478,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"STUN.WhatsAppCall","proto_id":"78.45","proto_by_ip":"Facebook","proto_by_ip_id":119,"encrypted":0,"breed":"Acceptable","category_id":10,"category":"VoIP","hostname":"","domainame":"","stun": {"relayed_address":"157.240.196.62:3478","multimedia_flow_types":"Unknown"}}}
 00914{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":419,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":8,"flow_packet_id":2,"flow_src_last_pkt_time":1676660020627131,"flow_dst_last_pkt_time":1676660020626979,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":314,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":314,"pkt_l4_len":280,"thread_ts_usec":1676660020627131,"pkt":"CL6sCxduJjb1W8R1CABFwAEsOItAAEAR0QLAqAycnfDEPsF2DZYBGPuoAAMA\/CESpEI9TftlKWJACU3e+T5AAACWCQPGTvqHwwSK7PRiLSImLIKh\/fPLrOsx\/rtb4xnlO+h\/S8O\/UZlWtSeGS1rfAQxxwD3rylX96sS7cSBQmvCNf2TOwF\/JRt9mywjNe1pUQo9jU5c0ZxrdUZDRq+CZMIW0FSHrmDPoAXCraaMzfQ1aJVz\/5ObQw+UDNrc6hxQu5PTn27CWWZVuQS13m6BeFu60vevHT2j7AAAAIgAQA1wnJY8VQYrMrds8LwExAAAiAA4Djh5nVd\/1ziuce4idAAAAACIAEANRZ9y246wbSEgX3HYBMQAAFgAIAAEshLziYHwACAAUfoSihPG3YBzTpEujhX4y3pFRIJQ="}
-01225{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":419,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":8,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":1676660020626979,"flow_src_last_pkt_time":1676660020627131,"flow_dst_last_pkt_time":1676660020626979,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":272,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":272,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":544,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1676660020627131,"l3_proto":"ip4","src_ip":"192.168.12.156","dst_ip":"157.240.196.62","src_port":49526,"dst_port":3478,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"STUN.WhatsAppCall","proto_id":"78.45","proto_by_ip":"Facebook","proto_by_ip_id":119,"encrypted":0,"breed":"Acceptable","category_id":10,"category":"VoIP","hostname":"","domainame":"","stun": {"relayed_address":"157.240.196.62:3478","multimedia_flow_types":"Unknown"}}}
 00813{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":420,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":9,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1676660020627268,"flow_src_last_pkt_time":1676660020627268,"flow_dst_last_pkt_time":1676660020627268,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":272,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":272,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":272,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1676660020627268,"l3_proto":"ip4","src_ip":"192.168.12.156","dst_ip":"179.60.192.48","src_port":49526,"dst_port":3478,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
 00914{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":420,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":9,"flow_packet_id":1,"flow_src_last_pkt_time":1676660020627268,"flow_dst_last_pkt_time":1676660020627268,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":314,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":314,"pkt_l4_len":280,"thread_ts_usec":1676660020627268,"pkt":"CL6sCxduJjb1W8R1CABFwAEsdxlAAEARgTbAqAycszzAMMF2DZYBGFP0AAMA\/CESpEI9TftlKWJACU3e+T9AAACWCQNKyv924htSBDgoPvPaA6yOr0x9kSC6Te5xTak23qUax5cZtJwuAApb8Ui+tHOwfpbSpWzleIv+\/Y\/zgmUivrJJrbIFK11cX6yt\/W617VBhxdI74dpc53FDSKllCH09m2ZVJ6nirDntuXoVFquWylwpGeMX8BF7kcX7XJ\/ujSasdt1cdHPd78hU0rxNGJvrkV7sECvDAAAAIgAQA1wnJY8VQYrMrds8LwExAAAiAA4Djh5nVd\/1ziuce4idAAAAACIAEANRZ9y246wbSEgX3HYBMQAAFgAIAAEshJIuZHIACAAUhqeiK6BMauUxm+\/Y2otPN+x\/Trc="}
 01090{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":420,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":9,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1676660020627268,"flow_src_last_pkt_time":1676660020627268,"flow_dst_last_pkt_time":1676660020627268,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":272,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":272,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":272,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1676660020627268,"l3_proto":"ip4","src_ip":"192.168.12.156","dst_ip":"179.60.192.48","src_port":49526,"dst_port":3478,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"STUN.WhatsAppCall","proto_id":"78.45","proto_by_ip":"Facebook","proto_by_ip_id":119,"encrypted":0,"breed":"Acceptable","category_id":10,"category":"VoIP","hostname":"","domainame":"","stun": {"relayed_address":"179.60.192.48:3478","multimedia_flow_types":"Unknown"}}}
 00912{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":421,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":9,"flow_packet_id":2,"flow_src_last_pkt_time":1676660020627411,"flow_dst_last_pkt_time":1676660020627268,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":314,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":314,"pkt_l4_len":280,"thread_ts_usec":1676660020627411,"pkt":"CL6sCxduJjb1W8R1CABFwAEsdxpAAEARgTXAqAycszzAMMF2DZYBGONAAAMA\/CESpEI9TftlKWJACU3e+UBAAACWCQNKyv924htSBDgoPvPaA6yOr0x9kSC6Te5xTak23qUax5cZtJwuAApb8Ui+tHOwfpbSpWzleIv+\/Y\/zgmUivrJJrbIFK11cX6yt\/W617VBhxdI74dpc53FDSKllCH09m2ZVJ6nirDntuXoVFquWylwpGeMX8BF7kcX7XJ\/ujSasdt1cdHPd78hU0rxNGJvrkV7sECvDAAAAIgAQA1wnJY8VQYrMrds8LwExAAAiAA4Djh5nVd\/1ziuce4idAAAAACIAEANRZ9y246wbSEgX3HYBMQAAFgAIAAEshJIuZHIACAAUyHPsRBz2TIoTMZ+WvAxhGroaguM="}
-01223{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":421,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":9,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":1676660020627268,"flow_src_last_pkt_time":1676660020627411,"flow_dst_last_pkt_time":1676660020627268,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":272,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":272,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":544,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1676660020627411,"l3_proto":"ip4","src_ip":"192.168.12.156","dst_ip":"179.60.192.48","src_port":49526,"dst_port":3478,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"STUN.WhatsAppCall","proto_id":"78.45","proto_by_ip":"Facebook","proto_by_ip_id":119,"encrypted":0,"breed":"Acceptable","category_id":10,"category":"VoIP","hostname":"","domainame":"","stun": {"relayed_address":"179.60.192.48:3478","multimedia_flow_types":"Unknown"}}}
 00814{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":422,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":10,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1676660020627509,"flow_src_last_pkt_time":1676660020627509,"flow_dst_last_pkt_time":1676660020627509,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":272,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":272,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":272,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1676660020627509,"l3_proto":"ip4","src_ip":"192.168.12.156","dst_ip":"185.60.216.51","src_port":49526,"dst_port":3478,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
 00914{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":422,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":10,"flow_packet_id":1,"flow_src_last_pkt_time":1676660020627509,"flow_dst_last_pkt_time":1676660020627509,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":314,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":314,"pkt_l4_len":280,"thread_ts_usec":1676660020627509,"pkt":"CL6sCxduJjb1W8R1CABFwAEsa6ZAAEARbqbAqAycuTzYM8F2DZYBGAVtAAMA\/CESpEI9TftlKWJACU3e+UFAAACWCQOH4\/VCAbPTeMBQBMAl\/C5Apejo8c+1K6Qp4JXppgVH0mQBYEvtKrySE8q2mN2RHr6SUlSQIl0QzHLhhkGXTmiDzzcayhZ2Q3j+W2AjW7xjHlhoZ\/1oB6f1R7cM2YJpevSLPRG1\/9xX5i8OwLQGJZP0IxmexdIX7onMgJjjwxjNZQ25j3xFqkTqBfg35nDf7wZxC\/YQAAAAIgAQA1wnJY8VQYrMrds8LwExAAAiAA4Djh5nVd\/1ziuce4idAAAAACIAEANRZ9y246wbSEgX3HYBMQAAFgAIAAEshJgufHEACAAUkNyfIYYrYkDQ4zmgKorzXUAe8eI="}
 01091{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":422,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":10,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1676660020627509,"flow_src_last_pkt_time":1676660020627509,"flow_dst_last_pkt_time":1676660020627509,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":272,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":272,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":272,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1676660020627509,"l3_proto":"ip4","src_ip":"192.168.12.156","dst_ip":"185.60.216.51","src_port":49526,"dst_port":3478,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"STUN.WhatsAppCall","proto_id":"78.45","proto_by_ip":"Facebook","proto_by_ip_id":119,"encrypted":0,"breed":"Acceptable","category_id":10,"category":"VoIP","hostname":"","domainame":"","stun": {"relayed_address":"185.60.216.51:3478","multimedia_flow_types":"Unknown"}}}
 00914{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":423,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":10,"flow_packet_id":2,"flow_src_last_pkt_time":1676660020627695,"flow_dst_last_pkt_time":1676660020627509,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":314,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":314,"pkt_l4_len":280,"thread_ts_usec":1676660020627695,"pkt":"CL6sCxduJjb1W8R1CABFwAEsa6dAAEARbqXAqAycuTzYM8F2DZYBGKyuAAMA\/CESpEI9TftlKWJACU3e+UJAAACWCQOH4\/VCAbPTeMBQBMAl\/C5Apejo8c+1K6Qp4JXppgVH0mQBYEvtKrySE8q2mN2RHr6SUlSQIl0QzHLhhkGXTmiDzzcayhZ2Q3j+W2AjW7xjHlhoZ\/1oB6f1R7cM2YJpevSLPRG1\/9xX5i8OwLQGJZP0IxmexdIX7onMgJjjwxjNZQ25j3xFqkTqBfg35nDf7wZxC\/YQAAAAIgAQA1wnJY8VQYrMrds8LwExAAAiAA4Djh5nVd\/1ziuce4idAAAAACIAEANRZ9y246wbSEgX3HYBMQAAFgAIAAEshJgufHEACAAU1fgpuSj5BRZ8oNucqnlM0gIwTBo="}
-01224{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":423,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":10,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":1676660020627509,"flow_src_last_pkt_time":1676660020627695,"flow_dst_last_pkt_time":1676660020627509,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":272,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":272,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":544,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1676660020627695,"l3_proto":"ip4","src_ip":"192.168.12.156","dst_ip":"185.60.216.51","src_port":49526,"dst_port":3478,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"STUN.WhatsAppCall","proto_id":"78.45","proto_by_ip":"Facebook","proto_by_ip_id":119,"encrypted":0,"breed":"Acceptable","category_id":10,"category":"VoIP","hostname":"","domainame":"","stun": {"relayed_address":"185.60.216.51:3478","multimedia_flow_types":"Unknown"}}}
 00634{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":424,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":6,"flow_packet_id":3,"flow_src_last_pkt_time":1676660020625741,"flow_dst_last_pkt_time":1676660020633882,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":110,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":110,"pkt_l4_len":76,"thread_ts_usec":1676660020633882,"pkt":"Jjb1W8R1CL6sCxduCABFAABgu4RAAFURM5Wd8Ms+wKgMnA2WwXYATBxlAQMAMCESpEI9TftlKWJACU3e+TkAIAAIAAHRX3wxD0FAAgAIAAABhmC5lZsACAAUUb\/WTpOkWW3X+FJVIBlYvEA2oDs="}
-01139{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":424,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":6,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":1,"flow_first_seen":1676660020625604,"flow_src_last_pkt_time":1676660020625741,"flow_dst_last_pkt_time":1676660020633882,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":272,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":272,"flow_dst_max_l4_payload_len":68,"flow_src_tot_l4_payload_len":544,"flow_dst_tot_l4_payload_len":68,"midstream":0,"thread_ts_usec":1676660020633882,"l3_proto":"ip4","src_ip":"192.168.12.156","dst_ip":"157.240.203.62","src_port":49526,"dst_port":3478,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"STUN.WhatsAppCall","proto_id":"78.45","proto_by_ip":"Facebook","proto_by_ip_id":119,"encrypted":0,"breed":"Acceptable","category_id":10,"category":"VoIP","hostname":"","domainame":"","stun": {"mapped_address":"93.35.171.3:61517","relayed_address":"157.240.203.62:3478","multimedia_flow_types":"Unknown"}}}
 00633{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":425,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":6,"flow_packet_id":4,"flow_src_last_pkt_time":1676660020625741,"flow_dst_last_pkt_time":1676660020633906,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":110,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":110,"pkt_l4_len":76,"thread_ts_usec":1676660020633906,"pkt":"Jjb1W8R1CL6sCxduCABFAABgu4VAAFURM5Sd8Ms+wKgMnA2WwXYATMHnAQMAMCESpEI9TftlKWJACU3e+ToAIAAIAAHRX3wxD0FAAgAIAAABhmC5lZsACAAUDYqarGE3M6w9+UUOpDJLk0B0AtY="}
 00630{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":426,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":6,"flow_packet_id":5,"flow_src_last_pkt_time":1676660020635842,"flow_dst_last_pkt_time":1676660020633906,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":106,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":106,"pkt_l4_len":72,"thread_ts_usec":1676660020635842,"pkt":"CL6sCxduJjb1W8R1CABFwABci9RAAEARd4nAqAycnfDLPsF2DZYASEFRCAQALCESpEI9TftlKWJACU3e+UNABwACAfQAAAAWAAgAASyEvOJvfAAIABQ46era\/Z2SZjhFF95tb67cFTcxPA=="}
 00634{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":428,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":7,"flow_packet_id":3,"flow_src_last_pkt_time":1676660020626848,"flow_dst_last_pkt_time":1676660020646356,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":110,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":110,"pkt_l4_len":76,"thread_ts_usec":1676660020646356,"pkt":"Jjb1W8R1CL6sCxduCABFAABgEA9AAFYRwgqd8Oc+wKgMnA2WwXYATESqAQMAMCESpEI9TftlKWJACU3e+TsAIAAIAAHRX3wxD0FAAgAIAAABhmC5laIACAAU2sO6qtIQRG8Fb8Ku\/1Yc8bkNCwU="}
-01139{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":428,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":7,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":1,"flow_first_seen":1676660020625888,"flow_src_last_pkt_time":1676660020626848,"flow_dst_last_pkt_time":1676660020646356,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":272,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":272,"flow_dst_max_l4_payload_len":68,"flow_src_tot_l4_payload_len":544,"flow_dst_tot_l4_payload_len":68,"midstream":0,"thread_ts_usec":1676660020646356,"l3_proto":"ip4","src_ip":"192.168.12.156","dst_ip":"157.240.231.62","src_port":49526,"dst_port":3478,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"STUN.WhatsAppCall","proto_id":"78.45","proto_by_ip":"Facebook","proto_by_ip_id":119,"encrypted":0,"breed":"Acceptable","category_id":10,"category":"VoIP","hostname":"","domainame":"","stun": {"mapped_address":"93.35.171.3:61517","relayed_address":"157.240.231.62:3478","multimedia_flow_types":"Unknown"}}}
 00633{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":429,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":7,"flow_packet_id":4,"flow_src_last_pkt_time":1676660020626848,"flow_dst_last_pkt_time":1676660020646394,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":110,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":110,"pkt_l4_len":76,"thread_ts_usec":1676660020646394,"pkt":"Jjb1W8R1CL6sCxduCABFAABgEBBAAFYRwgmd8Oc+wKgMnA2WwXYATMHdAQMAMCESpEI9TftlKWJACU3e+TwAIAAIAAHRX3wxD0FAAgAIAAABhmC5laIACAAUtd5zvNHTNstw7o7HFkTuf+A5wEQ="}
 00634{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":430,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":10,"flow_packet_id":3,"flow_src_last_pkt_time":1676660020627695,"flow_dst_last_pkt_time":1676660020646446,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":110,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":110,"pkt_l4_len":76,"thread_ts_usec":1676660020646446,"pkt":"Jjb1W8R1CL6sCxduCABFAABgKX5AAFMRn1q5PNgzwKgMnA2WwXYATEpFAQMAMCESpEI9TftlKWJACU3e+UEAIAAIAAHRX3wxD0FAAgAIAAABhmC5laEACAAUH8edTAMAuZVpRGGCYax6hVg0ya8="}
-01138{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":430,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":10,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":1,"flow_first_seen":1676660020627509,"flow_src_last_pkt_time":1676660020627695,"flow_dst_last_pkt_time":1676660020646446,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":272,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":272,"flow_dst_max_l4_payload_len":68,"flow_src_tot_l4_payload_len":544,"flow_dst_tot_l4_payload_len":68,"midstream":0,"thread_ts_usec":1676660020646446,"l3_proto":"ip4","src_ip":"192.168.12.156","dst_ip":"185.60.216.51","src_port":49526,"dst_port":3478,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"STUN.WhatsAppCall","proto_id":"78.45","proto_by_ip":"Facebook","proto_by_ip_id":119,"encrypted":0,"breed":"Acceptable","category_id":10,"category":"VoIP","hostname":"","domainame":"","stun": {"mapped_address":"93.35.171.3:61517","relayed_address":"185.60.216.51:3478","multimedia_flow_types":"Unknown"}}}
 00635{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":431,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":10,"flow_packet_id":4,"flow_src_last_pkt_time":1676660020627695,"flow_dst_last_pkt_time":1676660020646471,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":110,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":110,"pkt_l4_len":76,"thread_ts_usec":1676660020646471,"pkt":"Jjb1W8R1CL6sCxduCABFAABgKX9AAFMRn1m5PNgzwKgMnA2WwXYATDurAQMAMCESpEI9TftlKWJACU3e+UIAIAAIAAHRX3wxD0FAAgAIAAABhmC5laIACAAUqiKz9h9t1ITvWTv\/BN9zdrh6ouk="}
 00634{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":432,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":9,"flow_packet_id":3,"flow_src_last_pkt_time":1676660020627411,"flow_dst_last_pkt_time":1676660020649547,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":110,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":110,"pkt_l4_len":76,"thread_ts_usec":1676660020649547,"pkt":"Jjb1W8R1CL6sCxduCABFAABgXFdAAFMRioSzPMAwwKgMnA2WwXYATFMNAQMAMCESpEI9TftlKWJACU3e+T8AIAAIAAHRX3wxD0FAAgAIAAABhmC5laMACAAUAUJ5rKYzB8P+FxjEnR76AoJ8\/mE="}
-01137{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":432,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":9,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":1,"flow_first_seen":1676660020627268,"flow_src_last_pkt_time":1676660020627411,"flow_dst_last_pkt_time":1676660020649547,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":272,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":272,"flow_dst_max_l4_payload_len":68,"flow_src_tot_l4_payload_len":544,"flow_dst_tot_l4_payload_len":68,"midstream":0,"thread_ts_usec":1676660020649547,"l3_proto":"ip4","src_ip":"192.168.12.156","dst_ip":"179.60.192.48","src_port":49526,"dst_port":3478,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"STUN.WhatsAppCall","proto_id":"78.45","proto_by_ip":"Facebook","proto_by_ip_id":119,"encrypted":0,"breed":"Acceptable","category_id":10,"category":"VoIP","hostname":"","domainame":"","stun": {"mapped_address":"93.35.171.3:61517","relayed_address":"179.60.192.48:3478","multimedia_flow_types":"Unknown"}}}
 00633{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":433,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":9,"flow_packet_id":4,"flow_src_last_pkt_time":1676660020627411,"flow_dst_last_pkt_time":1676660020649585,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":110,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":110,"pkt_l4_len":76,"thread_ts_usec":1676660020649585,"pkt":"Jjb1W8R1CL6sCxduCABFAABgXFhAAFMRioOzPMAwwKgMnA2WwXYATFWhAQMAMCESpEI9TftlKWJACU3e+UAAIAAIAAHRX3wxD0FAAgAIAAABhmC5laMACAAUgv6L2fitRmrDKBO6QOmHmVTNEwk="}
 00633{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":434,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":8,"flow_packet_id":3,"flow_src_last_pkt_time":1676660020627131,"flow_dst_last_pkt_time":1676660020649607,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":110,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":110,"pkt_l4_len":76,"thread_ts_usec":1676660020649607,"pkt":"Jjb1W8R1CL6sCxduCABFAABg00xAAFQRI82d8MQ+wKgMnA2WwXYATB51AQMAMCESpEI9TftlKWJACU3e+T0AIAAIAAHRX3wxD0FAAgAIAAABhmC5laAACAAUDM36X1qnGrp9aVSAhimrdKC7fMo="}
-01139{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":434,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":8,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":1,"flow_first_seen":1676660020626979,"flow_src_last_pkt_time":1676660020627131,"flow_dst_last_pkt_time":1676660020649607,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":272,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":272,"flow_dst_max_l4_payload_len":68,"flow_src_tot_l4_payload_len":544,"flow_dst_tot_l4_payload_len":68,"midstream":0,"thread_ts_usec":1676660020649607,"l3_proto":"ip4","src_ip":"192.168.12.156","dst_ip":"157.240.196.62","src_port":49526,"dst_port":3478,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"STUN.WhatsAppCall","proto_id":"78.45","proto_by_ip":"Facebook","proto_by_ip_id":119,"encrypted":0,"breed":"Acceptable","category_id":10,"category":"VoIP","hostname":"","domainame":"","stun": {"mapped_address":"93.35.171.3:61517","relayed_address":"157.240.196.62:3478","multimedia_flow_types":"Unknown"}}}
 00633{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":435,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":8,"flow_packet_id":4,"flow_src_last_pkt_time":1676660020627131,"flow_dst_last_pkt_time":1676660020649623,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":110,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":110,"pkt_l4_len":76,"thread_ts_usec":1676660020649623,"pkt":"Jjb1W8R1CL6sCxduCABFAABg001AAFQRI8yd8MQ+wKgMnA2WwXYATIH0AQMAMCESpEI9TftlKWJACU3e+T4AIAAIAAHRX3wxD0FAAgAIAAABhmC5laAACAAUxKTeHLccf0M6tOjMy8siv2yc4lE="}
 02229{"flow_event_id":5,"flow_event_name":"analyse","thread_id":0,"packet_id":461,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":6,"flow_state":"finished","flow_src_packets_processed":16,"flow_dst_packets_processed":16,"flow_first_seen":1676660020625604,"flow_src_last_pkt_time":1676660020791890,"flow_dst_last_pkt_time":1676660020799292,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":20,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":272,"flow_dst_max_l4_payload_len":512,"flow_src_tot_l4_payload_len":1396,"flow_dst_tot_l4_payload_len":6812,"midstream":0,"thread_ts_usec":1676660020799292,"l3_proto":"ip4","src_ip":"192.168.12.156","dst_ip":"157.240.203.62","src_port":49526,"dst_port":3478,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"data_analysis": {"iat": {"min":24,"avg":10966.9,"max":25268,"stddev":4978.7,"var":24787812.0,"ent":4.8,"data": [137,8278,24,10101,8060,24512,25268,11561,10122,12790,14381,10560,10576,10583,10464,16311,6103,16248,5886,9963,9713,10612,11320,10716,10523,10812,10574,10236,10724,11289,11527]},"pktlen": {"min":48,"avg":284.5,"max":540,"stddev":217.5,"var":47305.8,"ent":4.6,"data": [300,300,96,96,92,540,92,540,92,540,92,540,92,540,92,540,48,92,48,540,92,540,92,540,92,540,92,540,92,540,92,540]},"bins": {"c_to_s": [1,0,13,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"s_to_c": [1,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,13,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]},"directions": [0,0,1,1,0,1,0,1,0,1,0,1,0,1,0,1,0,0,1,1,0,1,0,1,0,1,0,1,0,1,0,1],"entropies": [6.990001202,7.010884762,5.755636215,5.672302246,5.721662998,1.491354108,5.778674603,1.487650514,5.626501560,1.484854460,5.623420715,1.491354465,5.691719532,1.491354108,5.569489479,1.485344768,5.160700798,5.721662998,5.136841774,1.489048600,5.743401527,1.492752314,5.735196590,1.489956141,5.640035152,1.476539373,5.664651394,1.487650633,5.808619022,1.477447271,5.713458061,1.502465248]},"ndpi": {"confidence": {"6":"DPI"},"proto":"STUN.WhatsAppCall","proto_id":"78.45","proto_by_ip":"Facebook","proto_by_ip_id":119,"encrypted":0,"breed":"Acceptable","category_id":10,"category":"VoIP"}}
 00811{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":531,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":11,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1676660024064221,"flow_src_last_pkt_time":1676660024064221,"flow_dst_last_pkt_time":1676660024064221,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":44,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":44,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":44,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1676660024064221,"l3_proto":"ip4","src_ip":"192.168.12.156","dst_ip":"10.82.40.241","src_port":49526,"dst_port":40436,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
@@ -100,10 +80,10 @@
 00664{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":549,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":12,"flow_packet_id":5,"flow_src_last_pkt_time":1676660024325807,"flow_dst_last_pkt_time":1676660024239979,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":131,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":131,"pkt_l4_len":97,"thread_ts_usec":1676660024325807,"pkt":"CL6sCxduJjb1W8R1CABFwAB1QNhAAEARWCPAqAycXSF2V8F2oJMAYc1lkHgABQAA3UBRZ9y23r4AA1ErK2EAvZEZhwAAAKbOSK90hIl36enLLzUIk6r\/w1XH6T2mtq3Gg8VNMWWeuoZcZLDNzrjMgd0lraiBKjJ3Gy5jB\/m61+BApbg="}
 01142{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":549,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":12,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":2,"flow_first_seen":1676660024118990,"flow_src_last_pkt_time":1676660024325807,"flow_dst_last_pkt_time":1676660024239979,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":44,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":89,"flow_dst_max_l4_payload_len":44,"flow_src_tot_l4_payload_len":177,"flow_dst_tot_l4_payload_len":88,"midstream":0,"thread_ts_usec":1676660024325807,"l3_proto":"ip4","src_ip":"192.168.12.156","dst_ip":"93.33.118.87","src_port":49526,"dst_port":41107,"l4_proto":"udp","ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":160,"client":140,"server":20}}},"confidence": {"6":"DPI"},"proto":"SRTP.WhatsAppCall","proto_id":"338.45","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":10,"category":"VoIP","stream_content":"Audio"}}
 00600{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":561,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":11,"flow_packet_id":2,"flow_src_last_pkt_time":1676660024620334,"flow_dst_last_pkt_time":1676660024064221,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":86,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":86,"pkt_l4_len":52,"thread_ts_usec":1676660024620334,"pkt":"CL6sCxduJjb1W8R1CABFwABISE9AAEAR8Q7AqAycClIo8cF2nfQANEB+AAEAGCESpEIXwuNn6QQGBGvPy2QACAAUUNSepUVO3cHbT1W7D8IkB9QMLLk="}
-01304{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":561,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":11,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":1676660024064221,"flow_src_last_pkt_time":1676660024620334,"flow_dst_last_pkt_time":1676660024064221,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":44,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":44,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":88,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1676660024620334,"l3_proto":"ip4","src_ip":"192.168.12.156","dst_ip":"10.82.40.241","src_port":49526,"dst_port":40436,"l4_proto":"udp","ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":160,"client":140,"server":20}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"5":"DPI (cache)"},"proto":"STUN.WhatsAppCall","proto_id":"78.45","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":10,"category":"VoIP","hostname":"","domainame":"","stun": {"multimedia_flow_types":"Unknown"}}}
 00600{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":562,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":11,"flow_packet_id":3,"flow_src_last_pkt_time":1676660025173851,"flow_dst_last_pkt_time":1676660024064221,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":86,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":86,"pkt_l4_len":52,"thread_ts_usec":1676660025173851,"pkt":"CL6sCxduJjb1W8R1CABFwABISHxAAEAR8OHAqAycClIo8cF2nfQANJUKAAEAGCESpEJbGGZZJbjNIbGSmgoACAAUqscImv03XhISfmW0WS8IT6fPtOk="}
 00601{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":563,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":11,"flow_packet_id":4,"flow_src_last_pkt_time":1676660025726086,"flow_dst_last_pkt_time":1676660024064221,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":86,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":86,"pkt_l4_len":52,"thread_ts_usec":1676660025726086,"pkt":"CL6sCxduJjb1W8R1CABFwABISIRAAEAR8NnAqAycClIo8cF2nfQANJ6PAAEAGCESpEKk0qlxm\/ZTOSdEwkYACAAUXDPKAV6TGyzZ4WyS4fYKXK0zlIs="}
 00601{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":564,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":11,"flow_packet_id":5,"flow_src_last_pkt_time":1676660026276036,"flow_dst_last_pkt_time":1676660024064221,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":86,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":86,"pkt_l4_len":52,"thread_ts_usec":1676660026276036,"pkt":"CL6sCxduJjb1W8R1CABFwABISLRAAEAR8KnAqAycClIo8cF2nfQANMOEAAEAGCESpEKl9A496LZkbYe+i00ACAAU\/ewrDda+DUas0DsT+++L7XeLDdc="}
+01305{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":568,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":11,"flow_state":"info","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":1676660024064221,"flow_src_last_pkt_time":1676660027427176,"flow_dst_last_pkt_time":1676660024064221,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":44,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":44,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":308,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1676660027427176,"l3_proto":"ip4","src_ip":"192.168.12.156","dst_ip":"10.82.40.241","src_port":49526,"dst_port":40436,"l4_proto":"udp","ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":160,"client":140,"server":20}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"5":"DPI (cache)"},"proto":"STUN.WhatsAppCall","proto_id":"78.45","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":10,"category":"VoIP","hostname":"","domainame":"","stun": {"multimedia_flow_types":"Unknown"}}}
 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":569,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":13,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1676660027432762,"flow_src_last_pkt_time":1676660027432762,"flow_dst_last_pkt_time":1676660027432762,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":76,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":76,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":76,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1676660027432762,"l3_proto":"ip4","src_ip":"93.63.100.129","dst_ip":"192.168.12.156","l4_proto":"icmp","flow_datalink":1,"flow_max_packets":5}
 00636{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":569,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":13,"flow_packet_id":1,"flow_src_last_pkt_time":1676660027432762,"flow_dst_last_pkt_time":1676660027432762,"flow_idle_time":140000000,"pkt_datalink":1,"pkt_caplen":110,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":110,"pkt_l4_len":76,"thread_ts_usec":1676660027432762,"pkt":"Jjb1W8R1CL6sCxduCABFAABgoiQAAPgBkXNdP2SBwKgMnAMApW4AEQAARQAASEjeQAA4Efk\/wKgMnApSKPHBdp30ADSYCgABABghEqRC5xzHRnteXD13uFxaAAgAFDCLx\/tSkAsmj1JamKGIXok="}
 01062{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":569,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":13,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1676660027432762,"flow_src_last_pkt_time":1676660027432762,"flow_dst_last_pkt_time":1676660027432762,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":76,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":76,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":76,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1676660027432762,"l3_proto":"ip4","src_ip":"93.63.100.129","dst_ip":"192.168.12.156","l4_proto":"icmp","ndpi": {"flow_risk": {"35": {"risk":"Susp Entropy","severity":"Low","risk_score": {"total":210,"client":165,"server":45}}},"confidence": {"6":"DPI"},"proto":"ICMP","proto_id":"81","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network","entropy":5.458712}}
@@ -129,7 +109,7 @@
 01017{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":591,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":7,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":2,"flow_first_seen":1676660020625888,"flow_src_last_pkt_time":1676660035302538,"flow_dst_last_pkt_time":1676660020646394,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":220,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":272,"flow_dst_max_l4_payload_len":68,"flow_src_tot_l4_payload_len":764,"flow_dst_tot_l4_payload_len":136,"midstream":0,"thread_ts_usec":1676660035303048,"l3_proto":"ip4","src_ip":"192.168.12.156","dst_ip":"157.240.231.62","src_port":49526,"dst_port":3478,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"STUN.WhatsAppCall","proto_id":"78.45","proto_by_ip":"Facebook","proto_by_ip_id":119,"encrypted":0,"breed":"Acceptable","category_id":10,"category":"VoIP"}}
 01017{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":591,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":8,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":2,"flow_first_seen":1676660020626979,"flow_src_last_pkt_time":1676660035302780,"flow_dst_last_pkt_time":1676660020649623,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":220,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":272,"flow_dst_max_l4_payload_len":68,"flow_src_tot_l4_payload_len":764,"flow_dst_tot_l4_payload_len":136,"midstream":0,"thread_ts_usec":1676660035303048,"l3_proto":"ip4","src_ip":"192.168.12.156","dst_ip":"157.240.196.62","src_port":49526,"dst_port":3478,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"STUN.WhatsAppCall","proto_id":"78.45","proto_by_ip":"Facebook","proto_by_ip_id":119,"encrypted":0,"breed":"Acceptable","category_id":10,"category":"VoIP"}}
 01028{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":591,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","flow_id":6,"flow_state":"finished","flow_src_packets_processed":48,"flow_dst_packets_processed":73,"flow_first_seen":1676660020625604,"flow_src_last_pkt_time":1676660035302005,"flow_dst_last_pkt_time":1676660032998729,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":20,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":500,"flow_dst_max_l4_payload_len":1113,"flow_src_tot_l4_payload_len":10937,"flow_dst_tot_l4_payload_len":37017,"midstream":0,"thread_ts_usec":1676660035303048,"l3_proto":"ip4","src_ip":"192.168.12.156","dst_ip":"157.240.203.62","src_port":49526,"dst_port":3478,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"STUN.WhatsAppCall","proto_id":"78.45","proto_by_ip":"Facebook","proto_by_ip_id":119,"encrypted":0,"breed":"Acceptable","category_id":10,"category":"VoIP"}}
-00882{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":591,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":591,"packets-processed":591,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":108875,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":13,"total-detection-updates":22,"total-updates":5,"current-active-flows":0,"total-active-flows":13,"total-idle-flows":13,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":132,"global_ts_usec":1676660035303048}
+00881{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":591,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/stun_wa_call.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.15.0-5258-f8869cd","ndpi_api_version":12317,"size_per_flow":1384,"packets-captured":591,"packets-processed":591,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":108875,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":13,"total-detection-updates":2,"total-updates":5,"current-active-flows":0,"total-active-flows":13,"total-idle-flows":13,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":112,"global_ts_usec":1676660035303048}
 ~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~
 ~~ packets captured/processed: 591/591
 ~~ skipped flows.............: 0
@@ -138,9 +118,9 @@
 ~~ total active/idle flows...: 13/13
 ~~ total timeout flows.......: 0
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-~~ total memory allocated....: 8468632 bytes
-~~ total memory freed........: 8468632 bytes
-~~ total allocations/frees...: 145467/145467
+~~ total memory allocated....: 9250305 bytes
+~~ total memory freed........: 9250305 bytes
+~~ total allocations/frees...: 150491/150491
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 ~~ json message min len.......: 605 chars
 ~~ json message max len.......: 2234 chars
diff --git a/test/results/stun_only_peer_address_enabled/telegram_videocall.pcapng.out b/test/results/stun_only_peer_address_enabled/telegram_videocall.pcapng.out
index e9faa858f..e6088e9b4 100644
--- a/test/results/stun_only_peer_address_enabled/telegram_videocall.pcapng.out
+++ b/test/results/stun_only_peer_address_enabled/telegram_videocall.pcapng.out
@@ -1,5 +1,5 @@
-00648{"daemon_event_id":1,"daemon_event_name":"init","thread_id":0,"packet_id":0,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/telegram_videocall.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"max-flows-per-thread":32768,"max-idle-flows-per-thread":1024,"reader-thread-count":1,"flow-scan-interval":10000000,"generic-max-idle-time":600000000,"icmp-max-idle-time":120000000,"udp-max-idle-time":180000000,"tcp-max-idle-time":7560000000,"max-packets-per-flow-to-send":5,"max-packets-per-flow-to-process":32,"max-packets-per-flow-to-analyse":32,"global_ts_usec":0}
-00869{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":1,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/telegram_videocall.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":1,"packets-processed":0,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":0,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":0,"total-detection-updates":0,"total-updates":0,"current-active-flows":0,"total-active-flows":0,"total-idle-flows":0,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2,"global_ts_usec":1648032334213648}
+00648{"daemon_event_id":1,"daemon_event_name":"init","thread_id":0,"packet_id":0,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/telegram_videocall.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.15.0-5258-f8869cd","ndpi_api_version":12317,"size_per_flow":1384,"max-flows-per-thread":32768,"max-idle-flows-per-thread":1024,"reader-thread-count":1,"flow-scan-interval":10000000,"generic-max-idle-time":600000000,"icmp-max-idle-time":120000000,"udp-max-idle-time":180000000,"tcp-max-idle-time":7560000000,"max-packets-per-flow-to-send":5,"max-packets-per-flow-to-process":32,"max-packets-per-flow-to-analyse":32,"global_ts_usec":0}
+00869{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":1,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/telegram_videocall.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.15.0-5258-f8869cd","ndpi_api_version":12317,"size_per_flow":1384,"packets-captured":1,"packets-processed":0,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":0,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":0,"total-detection-updates":0,"total-updates":0,"current-active-flows":0,"total-active-flows":0,"total-idle-flows":0,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2,"global_ts_usec":1648032334213648}
 00788{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/telegram_videocall.pcapng","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1648032334213648,"flow_src_last_pkt_time":1648032334213648,"flow_dst_last_pkt_time":1648032334213648,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":16,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":16,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":16,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1648032334213648,"l3_proto":"ip6","src_ip":"fe80::98df:58ff:fefa:ebdc","dst_ip":"ff02::2","l4_proto":"icmp6","flow_datalink":1,"flow_max_packets":5}
 00590{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/telegram_videocall.pcapng","alias":"nDPId-test","flow_id":1,"flow_packet_id":1,"flow_src_last_pkt_time":1648032334213648,"flow_dst_last_pkt_time":1648032334213648,"flow_idle_time":140000000,"pkt_datalink":1,"pkt_caplen":70,"pkt_type":34525,"pkt_l3_offset":14,"pkt_l4_offset":54,"pkt_len":70,"pkt_l4_len":16,"thread_ts_usec":1648032334213648,"pkt":"MzMAAAACmt9Y+uvcht1gAAAAABA6\/\/6AAAAAAAAAmN9Y\/\/7669z\/AgAAAAAAAAAAAAAAAAAChQC\/wAAAAAABAZrfWPrr3A=="}
 00940{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/telegram_videocall.pcapng","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1648032334213648,"flow_src_last_pkt_time":1648032334213648,"flow_dst_last_pkt_time":1648032334213648,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":16,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":16,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":16,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1648032334213648,"l3_proto":"ip6","src_ip":"fe80::98df:58ff:fefa:ebdc","dst_ip":"ff02::2","l4_proto":"icmp6","ndpi": {"confidence": {"6":"DPI"},"proto":"ICMPV6","proto_id":"102","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}}
@@ -154,9 +154,7 @@
 00677{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":663,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/telegram_videocall.pcapng","alias":"nDPId-test","flow_id":27,"flow_packet_id":3,"flow_src_last_pkt_time":1648032354126265,"flow_dst_last_pkt_time":1648032354253306,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":138,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":138,"pkt_l4_len":104,"thread_ts_usec":1648032354253306,"pkt":"mt9Y+uvcCL6sCxduCABFAAB8kp1AADYReetdJA1zwKgMqYpBn8oAaCMkAAEATCESpEJIcTZVWmxodDUwUysABgAJU3VVMzpsL3djAAAAwFcABAADA4SAKQAIAAAAAAAAAAAAJAAEbn8fAAAIABQBRhbWlQ7rMVy3PFduS9dj7gJsXoAoAARM5ARh"}
 00637{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":664,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/telegram_videocall.pcapng","alias":"nDPId-test","flow_id":27,"flow_packet_id":4,"flow_src_last_pkt_time":1648032354255084,"flow_dst_last_pkt_time":1648032354253306,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":106,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":106,"pkt_l4_len":72,"thread_ts_usec":1648032354255084,"pkt":"CL6sCxdumt9Y+uvcCABFAABcq61AAEARVvvAqAypXSQNc5\/KikEASJBeAQEALCESpEJIcTZVWmxodDUwUysAIAAIAAGrU3w2qTEACAAUOSToq9gxyjIfvqnLxYFg75erULqAKAAEpWnpWQ=="}
 00686{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":670,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/telegram_videocall.pcapng","alias":"nDPId-test","flow_id":24,"flow_packet_id":2,"flow_src_last_pkt_time":1648032354274610,"flow_dst_last_pkt_time":1648032353980549,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":142,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":142,"pkt_l4_len":108,"thread_ts_usec":1648032354274610,"pkt":"CL6sCxdumt9Y+uvcCABFAACA3npAAEARHKvAqAypCi5nyKWlpjoAbOFzAAEAUCESpEJtdnE4djNMTnl3dk0ABgAJbC93YzpTdVUzAAAAwFcABAADAAqAKgAIAAAAAAAAAAAAJQAAACQABG5\/HwAACAAUDInqNRBWk8dEJqTJc6HmCvGSZlqAKAAEY6GN3A=="}
-01315{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":670,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/telegram_videocall.pcapng","alias":"nDPId-test","flow_id":24,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":1648032353980549,"flow_src_last_pkt_time":1648032354274610,"flow_dst_last_pkt_time":1648032353980549,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":100,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":100,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":200,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1648032354274610,"l3_proto":"ip4","src_ip":"192.168.12.169","dst_ip":"10.46.103.200","src_port":42405,"dst_port":42554,"l4_proto":"udp","ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":160,"client":140,"server":20}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"5":"DPI (cache)"},"proto":"STUN.TelegramVoip","proto_id":"78.355","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":10,"category":"VoIP","hostname":"","domainame":"","stun": {"multimedia_flow_types":"Unknown"}}}
 00688{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":682,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/telegram_videocall.pcapng","alias":"nDPId-test","flow_id":25,"flow_packet_id":2,"flow_src_last_pkt_time":1648032354323453,"flow_dst_last_pkt_time":1648032354029382,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":142,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":142,"pkt_l4_len":108,"thread_ts_usec":1648032354323453,"pkt":"CL6sCxdumt9Y+uvcCABFAACA3n5AAEARHKfAqAypCi5nyJ\/KpjoAbLNZAAEAUCESpEJFbzlBWnVtb3doY3gABgAJbC93YzpTdVUzAAAAwFcABAADAAqAKgAIAAAAAAAAAAAAJQAAACQABG5\/HwAACAAUhaAVye4hAtQKKUN05sPT8bSFgCSAKAAEE\/ftBA=="}
-01315{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":682,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/telegram_videocall.pcapng","alias":"nDPId-test","flow_id":25,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":1648032354029382,"flow_src_last_pkt_time":1648032354323453,"flow_dst_last_pkt_time":1648032354029382,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":100,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":100,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":200,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1648032354323453,"l3_proto":"ip4","src_ip":"192.168.12.169","dst_ip":"10.46.103.200","src_port":40906,"dst_port":42554,"l4_proto":"udp","ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":160,"client":140,"server":20}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"5":"DPI (cache)"},"proto":"STUN.TelegramVoip","proto_id":"78.355","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":10,"category":"VoIP","hostname":"","domainame":"","stun": {"multimedia_flow_types":"Unknown"}}}
 00687{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":687,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/telegram_videocall.pcapng","alias":"nDPId-test","flow_id":24,"flow_packet_id":3,"flow_src_last_pkt_time":1648032354372109,"flow_dst_last_pkt_time":1648032353980549,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":142,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":142,"pkt_l4_len":108,"thread_ts_usec":1648032354372109,"pkt":"CL6sCxdumt9Y+uvcCABFAACA3oFAAEARHKTAqAypCi5nyKWlpjoAbMtbAAEAUCESpEJTRTZGa284cW1DQmIABgAJbC93YzpTdVUzAAAAwFcABAADAAqAKgAIAAAAAAAAAAAAJQAAACQABG5\/HwAACAAUzYBYKBlzlZ6Eaa\/nFMVbWPeH8RSAKAAER59Heg=="}
 00687{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":691,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/telegram_videocall.pcapng","alias":"nDPId-test","flow_id":25,"flow_packet_id":3,"flow_src_last_pkt_time":1648032354421706,"flow_dst_last_pkt_time":1648032354029382,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":142,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":142,"pkt_l4_len":108,"thread_ts_usec":1648032354421706,"pkt":"CL6sCxdumt9Y+uvcCABFAACA3oNAAEARHKLAqAypCi5nyJ\/KpjoAbNnMAAEAUCESpEJkVUE4UWRoMit2dFIABgAJbC93YzpTdVUzAAAAwFcABAADAAqAKgAIAAAAAAAAAAAAJQAAACQABG5\/HwAACAAU9E6Knx5J8q4IYolGkKVYGZzVeFSAKAAEDziXvg=="}
 00790{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":707,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/telegram_videocall.pcapng","alias":"nDPId-test","flow_id":28,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1648032354824070,"flow_src_last_pkt_time":1648032354824070,"flow_dst_last_pkt_time":1648032354824070,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":16,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":16,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":16,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1648032354824070,"l3_proto":"ip6","src_ip":"fe80::abe:acff:fe0b:176e","dst_ip":"ff02::2","l4_proto":"icmp6","flow_datalink":1,"flow_max_packets":5}
@@ -175,6 +173,8 @@
 00579{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":808,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/telegram_videocall.pcapng","alias":"nDPId-test","flow_id":30,"flow_packet_id":2,"flow_src_last_pkt_time":1648032359090868,"flow_dst_last_pkt_time":1648032359106963,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1648032359106963,"pkt":"mt9Y+uvcCL6sCxduCABFAAA0p+FAAOsG1D00OhIZwKgMqRRmnwbmakAqdp6QO4AQAHIM9gAAAQEICk97b0RBLHTp"}
 00595{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":809,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/telegram_videocall.pcapng","alias":"nDPId-test","flow_id":30,"flow_packet_id":3,"flow_src_last_pkt_time":1648032359090868,"flow_dst_last_pkt_time":1648032359107008,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":78,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":78,"pkt_l4_len":44,"thread_ts_usec":1648032359107008,"pkt":"mt9Y+uvcCL6sCxduCABFAABAp+JAAOsG1DA0OhIZwKgMqRRmnwbmakAqdp6QO4AYAHI69AAAAQEICk97b0VBLHTpwv4ABQAAAAANIwHG"}
 00579{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":810,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/telegram_videocall.pcapng","alias":"nDPId-test","flow_id":30,"flow_packet_id":4,"flow_src_last_pkt_time":1648032359108251,"flow_dst_last_pkt_time":1648032359107008,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1648032359108251,"pkt":"CL6sCxdumt9Y+uvcCABFAAA0S0pAAEAG29XAqAypNDoSGZ8GFGZ2npA75mpANoAQAKwMngAAAQEICkEsdPpPe29F"}
+01315{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":811,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/telegram_videocall.pcapng","alias":"nDPId-test","flow_id":24,"flow_state":"info","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":1648032353980549,"flow_src_last_pkt_time":1648032359482052,"flow_dst_last_pkt_time":1648032353980549,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":100,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":100,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":700,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1648032359482052,"l3_proto":"ip4","src_ip":"192.168.12.169","dst_ip":"10.46.103.200","src_port":42405,"dst_port":42554,"l4_proto":"udp","ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":160,"client":140,"server":20}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"5":"DPI (cache)"},"proto":"STUN.TelegramVoip","proto_id":"78.355","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":10,"category":"VoIP","hostname":"","domainame":"","stun": {"multimedia_flow_types":"Unknown"}}}
+01315{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":812,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/telegram_videocall.pcapng","alias":"nDPId-test","flow_id":25,"flow_state":"info","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":1648032354029382,"flow_src_last_pkt_time":1648032359983144,"flow_dst_last_pkt_time":1648032354029382,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":100,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":100,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":700,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1648032359983144,"l3_proto":"ip4","src_ip":"192.168.12.169","dst_ip":"10.46.103.200","src_port":40906,"dst_port":42554,"l4_proto":"udp","ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":160,"client":140,"server":20}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"5":"DPI (cache)"},"proto":"STUN.TelegramVoip","proto_id":"78.355","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":10,"category":"VoIP","hostname":"","domainame":"","stun": {"multimedia_flow_types":"Unknown"}}}
 00575{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":819,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/telegram_videocall.pcapng","alias":"nDPId-test","flow_id":12,"flow_packet_id":3,"flow_src_last_pkt_time":1648032363557266,"flow_dst_last_pkt_time":1648032353554802,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":62,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":62,"pkt_l4_len":28,"thread_ts_usec":1648032363557266,"pkt":"CL6sCxdumt9Y+uvcCABFAAAwWxxAAEARrcDAqAypW2wJI5\/KBXgAHJMEAAEAACESpEJKWGZZVmEzZGpzK04="}
 01314{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":819,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/telegram_videocall.pcapng","alias":"nDPId-test","flow_id":12,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":1,"flow_first_seen":1648032353524693,"flow_src_last_pkt_time":1648032363557266,"flow_dst_last_pkt_time":1648032353554802,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":20,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":20,"flow_dst_max_l4_payload_len":84,"flow_src_tot_l4_payload_len":40,"flow_dst_tot_l4_payload_len":84,"midstream":0,"thread_ts_usec":1648032363557266,"l3_proto":"ip4","src_ip":"192.168.12.169","dst_ip":"91.108.9.35","src_port":40906,"dst_port":1400,"l4_proto":"udp","ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":160,"client":140,"server":20}}},"confidence": {"5":"DPI (cache)"},"proto":"STUN.TelegramVoip","proto_id":"78.355","proto_by_ip":"Telegram","proto_by_ip_id":185,"encrypted":0,"breed":"Acceptable","category_id":10,"category":"VoIP","hostname":"","domainame":"","stun": {"mapped_address":"93.47.225.70:11616","response_origin":"91.108.9.35:1400","other_address":"10.67.66.99:1401","multimedia_flow_types":"Unknown"}}}
 00575{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":820,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/telegram_videocall.pcapng","alias":"nDPId-test","flow_id":15,"flow_packet_id":3,"flow_src_last_pkt_time":1648032363557512,"flow_dst_last_pkt_time":1648032353554820,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":62,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":62,"pkt_l4_len":28,"thread_ts_usec":1648032363557512,"pkt":"CL6sCxdumt9Y+uvcCABFAAAwWx1AAEARrb\/AqAypW2wJI6TVBXgAHEc2AAEAACESpEJaT3lOZUhRVUNaSWY="}
@@ -255,7 +255,7 @@
 01139{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":889,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/telegram_videocall.pcapng","alias":"nDPId-test","flow_id":5,"flow_state":"finished","flow_src_packets_processed":11,"flow_dst_packets_processed":8,"flow_first_seen":1648032336020865,"flow_src_last_pkt_time":1648032346150156,"flow_dst_last_pkt_time":1648032346134942,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":386,"flow_dst_max_l4_payload_len":604,"flow_src_tot_l4_payload_len":1229,"flow_dst_tot_l4_payload_len":2022,"midstream":0,"thread_ts_usec":1648032378336597,"l3_proto":"ip4","src_ip":"192.168.12.169","dst_ip":"149.154.167.51","src_port":46862,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"35": {"risk":"Susp Entropy","severity":"Low","risk_score": {"total":210,"client":165,"server":45}}},"confidence": {"7":"Match by IP"},"proto":"Telegram","proto_id":"185","proto_by_ip":"Telegram","proto_by_ip_id":185,"encrypted":1,"breed":"Acceptable","category_id":9,"category":"Chat"}}
 01138{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":889,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/telegram_videocall.pcapng","alias":"nDPId-test","flow_id":6,"flow_state":"finished","flow_src_packets_processed":9,"flow_dst_packets_processed":6,"flow_first_seen":1648032336039036,"flow_src_last_pkt_time":1648032346150274,"flow_dst_last_pkt_time":1648032346134975,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":370,"flow_dst_max_l4_payload_len":773,"flow_src_tot_l4_payload_len":1277,"flow_dst_tot_l4_payload_len":1418,"midstream":0,"thread_ts_usec":1648032378336597,"l3_proto":"ip4","src_ip":"192.168.12.169","dst_ip":"149.154.167.51","src_port":46866,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"35": {"risk":"Susp Entropy","severity":"Low","risk_score": {"total":210,"client":165,"server":45}}},"confidence": {"7":"Match by IP"},"proto":"Telegram","proto_id":"185","proto_by_ip":"Telegram","proto_by_ip_id":185,"encrypted":1,"breed":"Acceptable","category_id":9,"category":"Chat"}}
 01171{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":889,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/telegram_videocall.pcapng","alias":"nDPId-test","flow_id":26,"flow_state":"finished","flow_src_packets_processed":59,"flow_dst_packets_processed":55,"flow_first_seen":1648032354077734,"flow_src_last_pkt_time":1648032356099058,"flow_dst_last_pkt_time":1648032356073261,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":23,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1112,"flow_dst_max_l4_payload_len":393,"flow_src_tot_l4_payload_len":15509,"flow_dst_tot_l4_payload_len":6792,"midstream":0,"thread_ts_usec":1648032378336597,"l3_proto":"ip4","src_ip":"192.168.12.169","dst_ip":"93.36.13.115","src_port":42405,"dst_port":35393,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":160,"client":140,"server":20}}},"confidence": {"5":"DPI (cache)"},"proto":"STUN.TelegramVoip","proto_id":"78.355","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":10,"category":"VoIP"}}
-00888{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":889,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/telegram_videocall.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":889,"packets-processed":887,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":330235,"total-not-detected-flows":0,"total-guessed-flows":2,"total-detected-flows":32,"total-detection-updates":14,"total-updates":1,"current-active-flows":0,"total-active-flows":34,"total-idle-flows":34,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":258,"global_ts_usec":1648032378336597}
+00888{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":889,"source":"cfgs\/stun_only_peer_address_enabled\/pcap\/telegram_videocall.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.15.0-5258-f8869cd","ndpi_api_version":12317,"size_per_flow":1384,"packets-captured":889,"packets-processed":887,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":330235,"total-not-detected-flows":0,"total-guessed-flows":2,"total-detected-flows":32,"total-detection-updates":14,"total-updates":1,"current-active-flows":0,"total-active-flows":34,"total-idle-flows":34,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":258,"global_ts_usec":1648032378336597}
 ~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~
 ~~ packets captured/processed: 889/887
 ~~ skipped flows.............: 0
@@ -264,9 +264,9 @@
 ~~ total active/idle flows...: 34/34
 ~~ total timeout flows.......: 0
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-~~ total memory allocated....: 8546279 bytes
-~~ total memory freed........: 8546279 bytes
-~~ total allocations/frees...: 146022/146022
+~~ total memory allocated....: 9327532 bytes
+~~ total memory freed........: 9327532 bytes
+~~ total allocations/frees...: 151043/151043
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 ~~ json message min len.......: 566 chars
 ~~ json message max len.......: 2376 chars