diff options
| author | Toni Uhlig <matzeton@googlemail.com> | 2022-09-19 19:31:21 +0200 |
|---|---|---|
| committer | Toni Uhlig <matzeton@googlemail.com> | 2022-09-19 19:39:49 +0200 |
| commit | 08f263e40981483e96fab9d7c864722abe45df0d (patch) | |
| tree | 939dfce1c2f18a37cb355de5413f8b9852a220e7 /test/results/syncthing.pcap.out | |
| parent | 015a739efda638737adeed521ca5ba43708949f0 (diff) | |
nDPId: Reduced flow-updates for TCP flows to 1/4 of the timeout value.
* nDPId: Fixed broken validation tests.
* nDPId: Removed TICK_RESOLUTION, not required anymore.
* c-collectd: Improved total layer4 payload calculation/update handling.
* c-collectd: Updated RRD Graph script according to total layer4 payload changes.
* py-flow-info.py: Fixed several bugs and syntax errors.
* Python scripts: Added dirname(argv[0]) as search path for nDPIsrvd.py.
* nDPIsrvd&nDPId-test: Fixed missing EPOLLERR check.
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
Diffstat (limited to 'test/results/syncthing.pcap.out')
| -rw-r--r-- | test/results/syncthing.pcap.out | 19 |
1 files changed, 14 insertions, 5 deletions
diff --git a/test/results/syncthing.pcap.out b/test/results/syncthing.pcap.out index 70011400f..a5044afdc 100644 --- a/test/results/syncthing.pcap.out +++ b/test/results/syncthing.pcap.out @@ -1,4 +1,4 @@ -00475{"daemon_event_id":1,"daemon_event_name":"init","thread_id":0,"packet_id":0,"source":"syncthing.pcap","alias":"nDPId-test","max-flows-per-thread":2048,"max-idle-flows-per-thread":64,"tick-resolution":1000,"reader-thread-count":1,"flow-scan-interval":10000000,"generic-max-idle-time":600000000,"icmp-max-idle-time":120000000,"udp-max-idle-time":180000000,"tcp-max-idle-time":3265032704,"max-packets-per-flow-to-send":3,"max-packets-per-flow-to-process":32,"global_ts_usec":0} +00489{"daemon_event_id":1,"daemon_event_name":"init","thread_id":0,"packet_id":0,"source":"syncthing.pcap","alias":"nDPId-test","max-flows-per-thread":2048,"max-idle-flows-per-thread":64,"reader-thread-count":1,"flow-scan-interval":10000000,"generic-max-idle-time":600000000,"icmp-max-idle-time":120000000,"udp-max-idle-time":180000000,"tcp-max-idle-time":3265032704,"max-packets-per-flow-to-send":3,"max-packets-per-flow-to-process":32,"max-packets-per-flow-to-analyse":32,"global_ts_usec":0} 00552{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":1,"source":"syncthing.pcap","alias":"nDPId-test","packets-captured":1,"packets-processed":0,"total-skipped-flows":0,"total-l4-payload-len":0,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":0,"total-detection-updates":0,"total-updates":0,"current-active-flows":0,"total-active-flows":0,"total-idle-flows":0,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2,"global_ts_usec":1663058610822000} 00771{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1,"source":"syncthing.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1663058610822000,"flow_src_last_pkt_time":1663058610822000,"flow_dst_last_pkt_time":1663058610822000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":205,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":205,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":205,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1663058610822000,"l3_proto":"ip6","src_ip":"fe80::6238:e0ff:fec5:35a0","dst_ip":"ff12::8384","src_port":42370,"dst_port":21027,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00801{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1,"source":"syncthing.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":1,"flow_src_last_pkt_time":1663058610822000,"flow_dst_last_pkt_time":1663058610822000,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":267,"pkt_type":34525,"pkt_l3_offset":14,"pkt_l4_offset":54,"pkt_len":267,"pkt_l4_len":213,"thread_ts_usec":1663058610822000,"pkt":"MzMAAIOEYDjgxTWght1gAesUANURAf6AAAAAAAAAYjjg\/\/7FNaD\/EgAAAAAAAAAAAAAAAIOEpYJSIwDV+Zwup9kLCiCSt2JimWKUgl\/GzObPNHlCiCgtc7Xs3y3LKb\/UhMQtbxIZdGNwOi8vMTkyLjE2OC4yLjEwMDoyMjAwMBIXdGNwOi8vMTkyLjE2OC4wLjE6MjIwMDASF3RjcDovLzE5Mi4xNjguMy4xOjIyMDAwEhpxdWljOi8vMTkyLjE2OC4yLjEwMDoyMjAwMBIYcXVpYzovLzE5Mi4xNjguMC4xOjIyMDAwEhhxdWljOi8vMTkyLjE2OC4zLjE6MjIwMDAYzqG5+MLl+b1h"} @@ -12,11 +12,20 @@ 00801{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":5,"source":"syncthing.pcap","alias":"nDPId-test","flow_id":3,"flow_packet_id":1,"flow_src_last_pkt_time":1663058647185000,"flow_dst_last_pkt_time":1663058647185000,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":267,"pkt_type":34525,"pkt_l3_offset":14,"pkt_l4_offset":54,"pkt_len":267,"pkt_l4_len":213,"thread_ts_usec":1663058647185000,"pkt":"MzMAAIOEYDjgxTWght1gCiUnANURAf6AAAAAAAAAYjjg\/\/7FNaD\/EgAAAAAAAAAAAAAAAIOEt+VSIwDV+Zwup9kLCiCSt2JimWKUgl\/GzObPNHlCiCgtc7Xs3y3LKb\/UhMQtbxIZdGNwOi8vMTkyLjE2OC4yLjEwMDoyMjAwMBIXdGNwOi8vMTkyLjE2OC4wLjE6MjIwMDASF3RjcDovLzE5Mi4xNjguMy4xOjIyMDAwEhpxdWljOi8vMTkyLjE2OC4yLjEwMDoyMjAwMBIYcXVpYzovLzE5Mi4xNjguMC4xOjIyMDAwEhhxdWljOi8vMTkyLjE2OC4zLjE6MjIwMDAYhe3z3eP5+ttH"} 00883{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":5,"source":"syncthing.pcap","alias":"nDPId-test","flow_id":3,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1663058647185000,"flow_src_last_pkt_time":1663058647185000,"flow_dst_last_pkt_time":1663058647185000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":205,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":205,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":205,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1663058647185000,"l3_proto":"ip6","src_ip":"fe80::6238:e0ff:fec5:35a0","dst_ip":"ff12::8384","src_port":47077,"dst_port":21027,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Syncthing","proto_id":"313","encrypted":1,"breed":"Acceptable","category_id":7,"category":"Download"}} 00838{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":6,"source":"syncthing.pcap","alias":"nDPId-test","flow_id":3,"flow_packet_id":2,"flow_src_last_pkt_time":1663058677179000,"flow_dst_last_pkt_time":1663058647185000,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":293,"pkt_type":34525,"pkt_l3_offset":14,"pkt_l4_offset":54,"pkt_len":293,"pkt_l4_len":239,"thread_ts_usec":1663058677179000,"pkt":"MzMAAIOEYDjgxTWght1gCiUnAO8RAf6AAAAAAAAAYjjg\/\/7FNaD\/EgAAAAAAAAAAAAAAAIOEt+VSIwDv+bYup9kLCiCSt2JimWKUgl\/GzObPNHlCiCgtc7Xs3y3LKb\/UhMQtbxIacXVpYzovLzE5Mi4xNjguMi4xMDA6MjIwMDASGHF1aWM6Ly8xOTIuMTY4LjAuMToyMjAwMBIYcXVpYzovLzE5Mi4xNjguMy4xOjIyMDAwEhhxdWljOi8vMi4yMDMuMjM0LjQ6MjIwMDASGXRjcDovLzE5Mi4xNjguMi4xMDA6MjIwMDASF3RjcDovLzE5Mi4xNjguMC4xOjIyMDAwEhd0Y3A6Ly8xOTIuMTY4LjMuMToyMjAwMBiF7fPd4\/n620c="} +00924{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":7,"source":"syncthing.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":1663058610822000,"flow_src_last_pkt_time":1663058640812000,"flow_dst_last_pkt_time":1663058610822000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":205,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":231,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":436,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1663058677179000,"l3_proto":"ip6","src_ip":"fe80::6238:e0ff:fec5:35a0","dst_ip":"ff12::8384","src_port":42370,"dst_port":21027,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"Syncthing","proto_id":"313","encrypted":1,"breed":"Acceptable","category_id":7,"category":"Download"}} 01155{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":7,"source":"syncthing.pcap","alias":"nDPId-test","flow_id":3,"flow_packet_id":3,"flow_src_last_pkt_time":1663058707175000,"flow_dst_last_pkt_time":1663058647185000,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":530,"pkt_type":34525,"pkt_l3_offset":14,"pkt_l4_offset":54,"pkt_len":530,"pkt_l4_len":476,"thread_ts_usec":1663058707175000,"pkt":"MzMAAIOEYDjgxTWght1gCiUnAdwRAf6AAAAAAAAAYjjg\/\/7FNaD\/EgAAAAAAAAAAAAAAAIOEt+VSIwHc+qMup9kLCiCSt2JimWKUgl\/GzObPNHlCiCgtc7Xs3y3LKb\/UhMQtbxLqAXJlbGF5Oi8vMTUxLjgwLjQzLjE2NzoyMjA2Ny8\/Z2xvYmFsTGltaXRCcHM9MCZpZD1RWkpGWU9TLUJKUEE0VU8tWVBBWENOVS1QRUdPUFY0LVg1NklJT1otM0lHSkQyUC1INVk1QUNJLTRGTUNOQU4mbmV0d29ya1RpbWVvdXQ9Mm0wcyZwaW5nSW50ZXJ2YWw9MW0wcyZwcm92aWRlZEJ5PWh0dHBzJTNBJTJGJTJGa2V5YmFzZS5pbyUyRm1vdml1cm8mc2Vzc2lvbkxpbWl0QnBzPTAmc3RhdHVzQWRkcj0lM0EyMjA3MBIacXVpYzovLzE5Mi4xNjguMi4xMDA6MjIwMDASGHF1aWM6Ly8xOTIuMTY4LjAuMToyMjAwMBIYcXVpYzovLzE5Mi4xNjguMy4xOjIyMDAwEhhxdWljOi8vMi4yMDMuMjM0LjQ6MjIwMDASGXRjcDovLzE5Mi4xNjguMi4xMDA6MjIwMDASF3RjcDovLzE5Mi4xNjguMC4xOjIyMDAwEhd0Y3A6Ly8xOTIuMTY4LjMuMToyMjAwMBiF7fPd4\/n620c="} +00915{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":8,"source":"syncthing.pcap","alias":"nDPId-test","flow_id":2,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":1663058640812000,"flow_src_last_pkt_time":1663058640818000,"flow_dst_last_pkt_time":1663058640812000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":205,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":231,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":436,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1663058707175000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"192.168.2.255","src_port":33927,"dst_port":21027,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"Syncthing","proto_id":"313","encrypted":1,"breed":"Acceptable","category_id":7,"category":"Download"}} +00924{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":8,"source":"syncthing.pcap","alias":"nDPId-test","flow_id":3,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":1663058647185000,"flow_src_last_pkt_time":1663058707175000,"flow_dst_last_pkt_time":1663058647185000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":205,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":468,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":904,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1663058707175000,"l3_proto":"ip6","src_ip":"fe80::6238:e0ff:fec5:35a0","dst_ip":"ff12::8384","src_port":47077,"dst_port":21027,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"Syncthing","proto_id":"313","encrypted":1,"breed":"Acceptable","category_id":7,"category":"Download"}} +00924{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":9,"source":"syncthing.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":1663058610822000,"flow_src_last_pkt_time":1663058640812000,"flow_dst_last_pkt_time":1663058610822000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":205,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":231,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":436,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1663058737177000,"l3_proto":"ip6","src_ip":"fe80::6238:e0ff:fec5:35a0","dst_ip":"ff12::8384","src_port":42370,"dst_port":21027,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"Syncthing","proto_id":"313","encrypted":1,"breed":"Acceptable","category_id":7,"category":"Download"}} +00916{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":10,"source":"syncthing.pcap","alias":"nDPId-test","flow_id":2,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":1663058640812000,"flow_src_last_pkt_time":1663058640818000,"flow_dst_last_pkt_time":1663058640812000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":205,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":231,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":436,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1663058767175000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"192.168.2.255","src_port":33927,"dst_port":21027,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"Syncthing","proto_id":"313","encrypted":1,"breed":"Acceptable","category_id":7,"category":"Download"}} +00926{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":10,"source":"syncthing.pcap","alias":"nDPId-test","flow_id":3,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":0,"flow_first_seen":1663058647185000,"flow_src_last_pkt_time":1663058767175000,"flow_dst_last_pkt_time":1663058647185000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":205,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":468,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1840,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1663058767175000,"l3_proto":"ip6","src_ip":"fe80::6238:e0ff:fec5:35a0","dst_ip":"ff12::8384","src_port":47077,"dst_port":21027,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"Syncthing","proto_id":"313","encrypted":1,"breed":"Acceptable","category_id":7,"category":"Download"}} 00925{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":11,"source":"syncthing.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":1663058610822000,"flow_src_last_pkt_time":1663058640812000,"flow_dst_last_pkt_time":1663058610822000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":205,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":231,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":436,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1663058797176000,"l3_proto":"ip6","src_ip":"fe80::6238:e0ff:fec5:35a0","dst_ip":"ff12::8384","src_port":42370,"dst_port":21027,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"Syncthing","proto_id":"313","encrypted":1,"breed":"Acceptable","category_id":7,"category":"Download"}} 00914{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":12,"source":"syncthing.pcap","alias":"nDPId-test","flow_id":2,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":1663058640812000,"flow_src_last_pkt_time":1663058640818000,"flow_dst_last_pkt_time":1663058640812000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":205,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":231,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":436,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1663058827180000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"192.168.2.255","src_port":33927,"dst_port":21027,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"Syncthing","proto_id":"313","encrypted":1,"breed":"Acceptable","category_id":7,"category":"Download"}} 00923{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":12,"source":"syncthing.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":1663058610822000,"flow_src_last_pkt_time":1663058640812000,"flow_dst_last_pkt_time":1663058610822000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":205,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":231,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":436,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1663058827180000,"l3_proto":"ip6","src_ip":"fe80::6238:e0ff:fec5:35a0","dst_ip":"ff12::8384","src_port":42370,"dst_port":21027,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"Syncthing","proto_id":"313","encrypted":1,"breed":"Acceptable","category_id":7,"category":"Download"}} -00926{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":13,"source":"syncthing.pcap","alias":"nDPId-test","flow_id":3,"flow_state":"finished","flow_src_packets_processed":8,"flow_dst_packets_processed":0,"flow_first_seen":1663058647185000,"flow_src_last_pkt_time":1663058857180000,"flow_dst_last_pkt_time":1663058647185000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":205,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":468,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":3244,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1663058857180000,"l3_proto":"ip6","src_ip":"fe80::6238:e0ff:fec5:35a0","dst_ip":"ff12::8384","src_port":47077,"dst_port":21027,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"Syncthing","proto_id":"313","encrypted":1,"breed":"Acceptable","category_id":7,"category":"Download"}} +00926{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":12,"source":"syncthing.pcap","alias":"nDPId-test","flow_id":3,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":1663058647185000,"flow_src_last_pkt_time":1663058827180000,"flow_dst_last_pkt_time":1663058647185000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":205,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":468,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":2776,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1663058827180000,"l3_proto":"ip6","src_ip":"fe80::6238:e0ff:fec5:35a0","dst_ip":"ff12::8384","src_port":47077,"dst_port":21027,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"Syncthing","proto_id":"313","encrypted":1,"breed":"Acceptable","category_id":7,"category":"Download"}} +00926{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":14,"source":"syncthing.pcap","alias":"nDPId-test","flow_id":3,"flow_state":"finished","flow_src_packets_processed":9,"flow_dst_packets_processed":0,"flow_first_seen":1663058647185000,"flow_src_last_pkt_time":1663058887181000,"flow_dst_last_pkt_time":1663058647185000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":205,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":468,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":3712,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1663058887181000,"l3_proto":"ip6","src_ip":"fe80::6238:e0ff:fec5:35a0","dst_ip":"ff12::8384","src_port":47077,"dst_port":21027,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"Syncthing","proto_id":"313","encrypted":1,"breed":"Acceptable","category_id":7,"category":"Download"}} +00927{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":16,"source":"syncthing.pcap","alias":"nDPId-test","flow_id":3,"flow_state":"finished","flow_src_packets_processed":11,"flow_dst_packets_processed":0,"flow_first_seen":1663058647185000,"flow_src_last_pkt_time":1663058947176000,"flow_dst_last_pkt_time":1663058647185000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":205,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":468,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":4648,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1663058947176000,"l3_proto":"ip6","src_ip":"fe80::6238:e0ff:fec5:35a0","dst_ip":"ff12::8384","src_port":47077,"dst_port":21027,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"Syncthing","proto_id":"313","encrypted":1,"breed":"Acceptable","category_id":7,"category":"Download"}} +00927{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":18,"source":"syncthing.pcap","alias":"nDPId-test","flow_id":3,"flow_state":"finished","flow_src_packets_processed":13,"flow_dst_packets_processed":0,"flow_first_seen":1663058647185000,"flow_src_last_pkt_time":1663059007180000,"flow_dst_last_pkt_time":1663058647185000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":205,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":468,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":5584,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1663059007180000,"l3_proto":"ip6","src_ip":"fe80::6238:e0ff:fec5:35a0","dst_ip":"ff12::8384","src_port":47077,"dst_port":21027,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"Syncthing","proto_id":"313","encrypted":1,"breed":"Acceptable","category_id":7,"category":"Download"}} 00763{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":20,"source":"syncthing.pcap","alias":"nDPId-test","flow_id":4,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1663059067177000,"flow_src_last_pkt_time":1663059067177000,"flow_dst_last_pkt_time":1663059067177000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":205,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":205,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":205,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1663059067177000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"192.168.2.255","src_port":54977,"dst_port":21027,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00783{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":20,"source":"syncthing.pcap","alias":"nDPId-test","flow_id":4,"flow_packet_id":1,"flow_src_last_pkt_time":1663059067177000,"flow_dst_last_pkt_time":1663059067177000,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":247,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":247,"pkt_l4_len":213,"thread_ts_usec":1663059067177000,"pkt":"\/\/\/\/\/\/\/\/YDjgxTWgCABFAADpN15AAKQRF\/LAqAJkwKgC\/9bBUiMA1YeaLqfZCwogkrdiYplilIJfxszmzzR5QogoLXO17N8tyym\/1ITELW8SGXRjcDovLzE5Mi4xNjguMi4xMDA6MjIwMDASF3RjcDovLzE5Mi4xNjguMC4xOjIyMDAwEhd0Y3A6Ly8xOTIuMTY4LjMuMToyMjAwMBIacXVpYzovLzE5Mi4xNjguMi4xMDA6MjIwMDASGHF1aWM6Ly8xOTIuMTY4LjAuMToyMjAwMBIYcXVpYzovLzE5Mi4xNjguMy4xOjIyMDAwGLW8mYfcq7zvcw=="} 00875{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":20,"source":"syncthing.pcap","alias":"nDPId-test","flow_id":4,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1663059067177000,"flow_src_last_pkt_time":1663059067177000,"flow_dst_last_pkt_time":1663059067177000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":205,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":205,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":205,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1663059067177000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"192.168.2.255","src_port":54977,"dst_port":21027,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"Syncthing","proto_id":"313","encrypted":1,"breed":"Acceptable","category_id":7,"category":"Download"}} @@ -24,7 +33,7 @@ 01132{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":22,"source":"syncthing.pcap","alias":"nDPId-test","flow_id":4,"flow_packet_id":3,"flow_src_last_pkt_time":1663059067177000,"flow_dst_last_pkt_time":1663059067177000,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":510,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":510,"pkt_l4_len":476,"thread_ts_usec":1663059067177000,"pkt":"\/\/\/\/\/\/\/\/YDjgxTWgCABFAAHwQ6NAALER\/aXAqAJkwKgC\/9bBUiMB3IihLqfZCwogkrdiYplilIJfxszmzzR5QogoLXO17N8tyym\/1ITELW8SGXRjcDovLzE5Mi4xNjguMi4xMDA6MjIwMDASF3RjcDovLzE5Mi4xNjguMC4xOjIyMDAwEhd0Y3A6Ly8xOTIuMTY4LjMuMToyMjAwMBLqAXJlbGF5Oi8vMTUxLjgwLjQzLjE2NzoyMjA2Ny8\/Z2xvYmFsTGltaXRCcHM9MCZpZD1RWkpGWU9TLUJKUEE0VU8tWVBBWENOVS1QRUdPUFY0LVg1NklJT1otM0lHSkQyUC1INVk1QUNJLTRGTUNOQU4mbmV0d29ya1RpbWVvdXQ9Mm0wcyZwaW5nSW50ZXJ2YWw9MW0wcyZwcm92aWRlZEJ5PWh0dHBzJTNBJTJGJTJGa2V5YmFzZS5pbyUyRm1vdml1cm8mc2Vzc2lvbkxpbWl0QnBzPTAmc3RhdHVzQWRkcj0lM0EyMjA3MBIacXVpYzovLzE5Mi4xNjguMi4xMDA6MjIwMDASGHF1aWM6Ly8xOTIuMTY4LjAuMToyMjAwMBIYcXVpYzovLzE5Mi4xNjguMy4xOjIyMDAwEhhxdWljOi8vMi4yMDMuMjM0LjQ6MjIwMDAYtbyZh9yrvO9z"} 00916{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":34,"source":"syncthing.pcap","alias":"nDPId-test","flow_id":4,"flow_state":"finished","flow_src_packets_processed":15,"flow_dst_packets_processed":0,"flow_first_seen":1663059067177000,"flow_src_last_pkt_time":1663059067179000,"flow_dst_last_pkt_time":1663059067177000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":205,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":468,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":6520,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1663059067179000,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"192.168.2.255","src_port":54977,"dst_port":21027,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"Syncthing","proto_id":"313","encrypted":1,"breed":"Acceptable","category_id":7,"category":"Download"}} 00925{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":34,"source":"syncthing.pcap","alias":"nDPId-test","flow_id":3,"flow_state":"finished","flow_src_packets_processed":15,"flow_dst_packets_processed":0,"flow_first_seen":1663058647185000,"flow_src_last_pkt_time":1663059067177000,"flow_dst_last_pkt_time":1663058647185000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":205,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":468,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":6520,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1663059067179000,"l3_proto":"ip6","src_ip":"fe80::6238:e0ff:fec5:35a0","dst_ip":"ff12::8384","src_port":47077,"dst_port":21027,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"Syncthing","proto_id":"313","encrypted":1,"breed":"Acceptable","category_id":7,"category":"Download"}} -00562{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":34,"source":"syncthing.pcap","alias":"nDPId-test","packets-captured":34,"packets-processed":34,"total-skipped-flows":0,"total-l4-payload-len":13912,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":4,"total-detection-updates":0,"total-updates":2,"current-active-flows":0,"total-active-flows":4,"total-idle-flows":4,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":27,"global_ts_usec":1663059067179000} +00563{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":34,"source":"syncthing.pcap","alias":"nDPId-test","packets-captured":34,"packets-processed":34,"total-skipped-flows":0,"total-l4-payload-len":13912,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":4,"total-detection-updates":0,"total-updates":11,"current-active-flows":0,"total-active-flows":4,"total-idle-flows":4,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":36,"global_ts_usec":1663059067179000} ~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ ~~ packets captured/processed: 34/34 ~~ skipped flows.............: 0 @@ -37,6 +46,6 @@ ~~ total memory freed........: 6043259 bytes ~~ total allocations/frees...: 121555/121555 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ json string min len.......: 480 chars +~~ json string min len.......: 494 chars ~~ json string max len.......: 1160 chars -~~ json string avg len.......: 819 chars +~~ json string avg len.......: 826 chars |