summaryrefslogtreecommitdiff
path: root/test/results/whatsapp_login_chat.pcap.out
diff options
context:
space:
mode:
authorToni Uhlig <matzeton@googlemail.com>2022-01-25 11:16:41 +0100
committerToni Uhlig <matzeton@googlemail.com>2022-01-25 11:16:41 +0100
commit29a1b13e7ac8f20512b7a066c351bad614998f83 (patch)
treec4fa55710b91581ecf088c10d97ab62dae12f06b /test/results/whatsapp_login_chat.pcap.out
parent9e07a57566cc45bf92a845d8cee968d72e0f314e (diff)
Improved Plotly/Dash example. It is now somehow informative.
* TCP timeout after FIN/RST: switched back to the value from a35fc1d5ea8570609cc0c8cf6edadc81f8f5bb76 * py-flow-info: reset 'guessed' flag after detection/detection-update received Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
Diffstat (limited to 'test/results/whatsapp_login_chat.pcap.out')
-rw-r--r--test/results/whatsapp_login_chat.pcap.out6
1 files changed, 3 insertions, 3 deletions
diff --git a/test/results/whatsapp_login_chat.pcap.out b/test/results/whatsapp_login_chat.pcap.out
index b73aabbac..91b34f089 100644
--- a/test/results/whatsapp_login_chat.pcap.out
+++ b/test/results/whatsapp_login_chat.pcap.out
@@ -1,4 +1,4 @@
-00453{"daemon_event_id":1,"daemon_event_name":"init","thread_id":0,"packet_id":0,"source":"whatsapp_login_chat.pcap","alias":"nDPId-test","max-flows-per-thread":2048,"max-idle-flows-per-thread":256,"tick-resolution":1000,"reader-thread-count":1,"flow-scan-interval":10000,"generic-max-idle-time":600000,"icmp-max-idle-time":120000,"udp-max-idle-time":180000,"tcp-max-idle-time":7460000,"max-packets-per-flow-to-send":3,"max-packets-per-flow-to-process":255}
+00453{"daemon_event_id":1,"daemon_event_name":"init","thread_id":0,"packet_id":0,"source":"whatsapp_login_chat.pcap","alias":"nDPId-test","max-flows-per-thread":2048,"max-idle-flows-per-thread":256,"tick-resolution":1000,"reader-thread-count":1,"flow-scan-interval":10000,"generic-max-idle-time":600000,"icmp-max-idle-time":120000,"udp-max-idle-time":180000,"tcp-max-idle-time":7560000,"max-packets-per-flow-to-send":3,"max-packets-per-flow-to-process":255}
00564{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1,"source":"whatsapp_login_chat.pcap","alias":"nDPId-test","flow_id":1,"flow_packets_processed":1,"flow_first_seen":1432582377898,"flow_last_seen":1432582377898,"flow_idle_time":180000,"flow_min_l4_payload_len":44,"flow_max_l4_payload_len":44,"flow_tot_l4_payload_len":44,"flow_avg_l4_payload_len":44,"midstream":0,"ts_msec":1432582377898,"l3_proto":"ip4","src_ip":"192.168.2.1","dst_ip":"192.168.2.255","src_port":57621,"dst_port":57621,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3}
00505{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1,"source":"whatsapp_login_chat.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":1,"flow_last_seen":1432582377898,"flow_idle_time":180000,"pkt_oversize":false,"pkt_caplen":86,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":86,"pkt_l4_len":52,"ts_msec":1432582377898,"pkt":"\/\/\/\/\/\/\/\/xiwDYGpkCABFAABI56kAAEARDKvAqAIBwKgC\/+EV4RUANKgAU3BvdFVkcDCYJeGQmjjiDQABAARIlcID1NylhjSgAeWF26p2NNVFJFGe2SE="}
00598{"flow_event_id":6,"flow_event_name":"detected","thread_id":0,"packet_id":1,"source":"whatsapp_login_chat.pcap","alias":"nDPId-test","flow_id":1,"flow_packets_processed":1,"flow_first_seen":1432582377898,"flow_last_seen":1432582377898,"flow_idle_time":180000,"flow_min_l4_payload_len":44,"flow_max_l4_payload_len":44,"flow_tot_l4_payload_len":44,"flow_avg_l4_payload_len":44,"midstream":0,"ts_msec":1432582377898,"l3_proto":"ip4","src_ip":"192.168.2.1","dst_ip":"192.168.2.255","src_port":57621,"dst_port":57621,"l4_proto":"udp","ndpi": {"proto":"Spotify","breed":"Acceptable","category":"Music"}}
@@ -34,13 +34,13 @@
00605{"flow_event_id":6,"flow_event_name":"detected","thread_id":0,"packet_id":85,"source":"whatsapp_login_chat.pcap","alias":"nDPId-test","flow_id":9,"flow_packets_processed":1,"flow_first_seen":1432582411561,"flow_last_seen":1432582411561,"flow_idle_time":7440000,"flow_min_l4_payload_len":309,"flow_max_l4_payload_len":309,"flow_tot_l4_payload_len":309,"flow_avg_l4_payload_len":309,"midstream":1,"ts_msec":1432582411561,"l3_proto":"ip4","src_ip":"17.110.229.14","dst_ip":"192.168.2.4","src_port":5223,"dst_port":49193,"l4_proto":"tcp","ndpi": {"proto":"ApplePush.Apple","breed":"Safe","category":"Cloud"}}
00889{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":86,"source":"whatsapp_login_chat.pcap","alias":"nDPId-test","flow_id":9,"flow_packet_id":2,"flow_last_seen":1432582412221,"flow_idle_time":7440000,"pkt_oversize":false,"pkt_caplen":375,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":375,"pkt_l4_len":341,"ts_msec":1432582412221,"pkt":"APS5Jrv0xiwDYGpkCABFAAFpJu8AAC8GqncRbuUOwKgCBBRnwCnUixwguGhbLIAYAUlb7AAAAQEICm+JWZ8t\/BtwFwMBATAEtIuqVIsa2PHNKJeXP8xTjhoqWdhKZwOmK+i+hD5yD1M8ZM2np34aAKWtz8Bb1aOnbLJLQUe09gfoXrYrjNyw4Kz3tEhKuIJxuOR\/NLSkV4SGkIhMwiudLCMa+dHjOQ4E1rq3emNZqDFKuO5luZdltedNjC1Ni5FOba+q6FF8xJzIsSuI9Rh7dvtMvFQuN0jBEi2sNdUH+3VURleCkMaERRQQs2Fub+QUSLgkRAhefAGFzZxVCC52B4evzq7Cz7lW8fuDhUSEwqmRuVuaK7KmZTAj\/JcTRaXUVChFbQXi6T9DG8GOYrQ3cgORiCgEhtpuRfeKNmM1Ic+HX03yWe2oxtSVVy4N22M9Svs5SDcjT\/U2Guvq6M+RgrH5sh4Ew0i0LSm0dEuk7kx1gbhQeJQH"}
00889{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":87,"source":"whatsapp_login_chat.pcap","alias":"nDPId-test","flow_id":9,"flow_packet_id":3,"flow_last_seen":1432582413522,"flow_idle_time":7440000,"pkt_oversize":false,"pkt_caplen":375,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":375,"pkt_l4_len":341,"ts_msec":1432582413522,"pkt":"APS5Jrv0xiwDYGpkCABFAAFpJvAAAC8GqnYRbuUOwKgCBBRnwCnUixwguGhbLIAYAUlW0AAAAQEICm+JXrst\/BtwFwMBATAEtIuqVIsa2PHNKJeXP8xTjhoqWdhKZwOmK+i+hD5yD1M8ZM2np34aAKWtz8Bb1aOnbLJLQUe09gfoXrYrjNyw4Kz3tEhKuIJxuOR\/NLSkV4SGkIhMwiudLCMa+dHjOQ4E1rq3emNZqDFKuO5luZdltedNjC1Ni5FOba+q6FF8xJzIsSuI9Rh7dvtMvFQuN0jBEi2sNdUH+3VURleCkMaERRQQs2Fub+QUSLgkRAhefAGFzZxVCC52B4evzq7Cz7lW8fuDhUSEwqmRuVuaK7KmZTAj\/JcTRaXUVChFbQXi6T9DG8GOYrQ3cgORiCgEhtpuRfeKNmM1Ic+HX03yWe2oxtSVVy4N22M9Svs5SDcjT\/U2Guvq6M+RgrH5sh4Ew0i0LSm0dEuk7kx1gbhQeJQH"}
-00582{"flow_event_id":8,"flow_event_name":"not-detected","thread_id":0,"packet_id":91,"source":"whatsapp_login_chat.pcap","alias":"nDPId-test","flow_id":3,"flow_packets_processed":30,"flow_first_seen":1432582379591,"flow_last_seen":1432582399306,"flow_idle_time":7440000,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":201,"flow_tot_l4_payload_len":963,"flow_avg_l4_payload_len":32,"midstream":0,"ts_msec":1432582425196,"l3_proto":"ip4","src_ip":"192.168.2.4","dst_ip":"158.85.58.15","src_port":49206,"dst_port":5222,"l4_proto":"tcp","ndpi": {"proto":"Unknown","breed":"Unrated"}}
-00566{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":91,"source":"whatsapp_login_chat.pcap","alias":"nDPId-test","flow_id":3,"flow_packets_processed":30,"flow_first_seen":1432582379591,"flow_last_seen":1432582399306,"flow_idle_time":7440000,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":201,"flow_tot_l4_payload_len":963,"flow_avg_l4_payload_len":32,"midstream":0,"ts_msec":1432582425196,"l3_proto":"ip4","src_ip":"192.168.2.4","dst_ip":"158.85.58.15","src_port":49206,"dst_port":5222,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3}
01123{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":92,"source":"whatsapp_login_chat.pcap","alias":"nDPId-test","flow_id":5,"flow_packet_id":2,"flow_last_seen":1432582426553,"flow_idle_time":180000,"pkt_oversize":false,"pkt_caplen":544,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":544,"pkt_l4_len":510,"ts_msec":1432582426553,"pkt":"\/\/\/\/\/\/\/\/xiwDYGpkCABFAAISk3sAAEARXw\/AqAIBwKgC\/0RcRFwB\/jsJeyJob3N0X2ludCI6IDMzNzUzNTk1OTMsICJ2ZXJzaW9uIjogWzEsIDhdLCAiZGlzcGxheW5hbWUiOiAiIiwgInBvcnQiOiAxNzUwMCwgIm5hbWVzcGFjZXMiOiBbMTQ4MTkzMzcsIDE3NjA5OTYzLCAyMDY0OTM0OSwgMjg1MjE2MDcsIDU4MzQ0OTk2LCA2MDU5NDk4MywgNjQ0MzYwOTksIDk2ODUzMjI0LCA5OTQ2OTc3MywgMTAxMDQ3OTk2LCAxMDgxNTkxMDIsIDEyNTU0MDU2NiwgMTc2OTY0MzA3LCAyNDM2ODI5ODYsIDI0NzkyNTA4NSwgMjYwNDY1MjYxLCAyNzA0MDQ3NDIsIDI4Mzg2MTQ1NywgNDI0NTQwMTk3LCA0NDgzOTczOTMsIDQ1MTQ3MjY1OCwgNTExNzA2NjQyLCA1NjgzOTU4MzMsIDU5NDI0Njk1NCwgNTk4MDYxMDY2LCA2MTU5ODMzNzksIDcyMDA1ODM2MSwgNzM1MDUxODMwLCA3MzYzNDE1MjgsIDc0MTI1NTYxMywgNzc2MDg3MjQ3LCA3ODA4NzA1ODEsIDc4Mjk4MTk0OSwgNzg1MjY2MTc3LCA4MTg3NTI3MTAsIDg1NTY4MjM5MCwgODg0MTIwMTMyLCA5MDg5MTQ4NjhdfQ=="}
00563{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":93,"source":"whatsapp_login_chat.pcap","alias":"nDPId-test","flow_id":6,"flow_packets_processed":6,"flow_first_seen":1432582399902,"flow_last_seen":1432582425196,"flow_idle_time":180000,"flow_min_l4_payload_len":300,"flow_max_l4_payload_len":300,"flow_tot_l4_payload_len":1800,"flow_avg_l4_payload_len":300,"midstream":0,"ts_msec":1432582431565,"l3_proto":"ip4","src_ip":"0.0.0.0","dst_ip":"255.255.255.255","src_port":68,"dst_port":67,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3}
00572{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":93,"source":"whatsapp_login_chat.pcap","alias":"nDPId-test","flow_id":8,"flow_packets_processed":1,"flow_first_seen":1432582402667,"flow_last_seen":1432582402667,"flow_idle_time":180000,"flow_min_l4_payload_len":49,"flow_max_l4_payload_len":49,"flow_tot_l4_payload_len":49,"flow_avg_l4_payload_len":49,"midstream":0,"ts_msec":1432582431565,"l3_proto":"ip6","src_ip":"fe80::189c:c31b:1298:224","dst_ip":"ff02::fb","src_port":5353,"dst_port":5353,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3}
00571{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":93,"source":"whatsapp_login_chat.pcap","alias":"nDPId-test","flow_id":5,"flow_packets_processed":2,"flow_first_seen":1432582396509,"flow_last_seen":1432582426553,"flow_idle_time":180000,"flow_min_l4_payload_len":502,"flow_max_l4_payload_len":502,"flow_tot_l4_payload_len":1004,"flow_avg_l4_payload_len":502,"midstream":0,"ts_msec":1432582431565,"l3_proto":"ip4","src_ip":"192.168.2.1","dst_ip":"192.168.2.255","src_port":17500,"dst_port":17500,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3}
00563{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":93,"source":"whatsapp_login_chat.pcap","alias":"nDPId-test","flow_id":2,"flow_packets_processed":2,"flow_first_seen":1432582379543,"flow_last_seen":1432582379571,"flow_idle_time":180000,"flow_min_l4_payload_len":34,"flow_max_l4_payload_len":162,"flow_tot_l4_payload_len":196,"flow_avg_l4_payload_len":98,"midstream":0,"ts_msec":1432582431565,"l3_proto":"ip4","src_ip":"192.168.2.4","dst_ip":"192.168.2.1","src_port":61697,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3}
+00582{"flow_event_id":8,"flow_event_name":"not-detected","thread_id":0,"packet_id":93,"source":"whatsapp_login_chat.pcap","alias":"nDPId-test","flow_id":3,"flow_packets_processed":30,"flow_first_seen":1432582379591,"flow_last_seen":1432582399306,"flow_idle_time":7440000,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":201,"flow_tot_l4_payload_len":963,"flow_avg_l4_payload_len":32,"midstream":0,"ts_msec":1432582431565,"l3_proto":"ip4","src_ip":"192.168.2.4","dst_ip":"158.85.58.15","src_port":49206,"dst_port":5222,"l4_proto":"tcp","ndpi": {"proto":"Unknown","breed":"Unrated"}}
+00566{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":93,"source":"whatsapp_login_chat.pcap","alias":"nDPId-test","flow_id":3,"flow_packets_processed":30,"flow_first_seen":1432582379591,"flow_last_seen":1432582399306,"flow_idle_time":7440000,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":201,"flow_tot_l4_payload_len":963,"flow_avg_l4_payload_len":32,"midstream":0,"ts_msec":1432582431565,"l3_proto":"ip4","src_ip":"192.168.2.4","dst_ip":"158.85.58.15","src_port":49206,"dst_port":5222,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3}
00570{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":93,"source":"whatsapp_login_chat.pcap","alias":"nDPId-test","flow_id":9,"flow_packets_processed":6,"flow_first_seen":1432582411561,"flow_last_seen":1432582431565,"flow_idle_time":7440000,"flow_min_l4_payload_len":154,"flow_max_l4_payload_len":309,"flow_tot_l4_payload_len":1699,"flow_avg_l4_payload_len":283,"midstream":1,"ts_msec":1432582431565,"l3_proto":"ip4","src_ip":"17.110.229.14","dst_ip":"192.168.2.4","src_port":5223,"dst_port":49193,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3}
00562{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":93,"source":"whatsapp_login_chat.pcap","alias":"nDPId-test","flow_id":7,"flow_packets_processed":1,"flow_first_seen":1432582402666,"flow_last_seen":1432582402666,"flow_idle_time":180000,"flow_min_l4_payload_len":49,"flow_max_l4_payload_len":49,"flow_tot_l4_payload_len":49,"flow_avg_l4_payload_len":49,"midstream":0,"ts_msec":1432582431565,"l3_proto":"ip4","src_ip":"192.168.2.4","dst_ip":"224.0.0.251","src_port":5353,"dst_port":5353,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3}
00566{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":93,"source":"whatsapp_login_chat.pcap","alias":"nDPId-test","flow_id":1,"flow_packets_processed":1,"flow_first_seen":1432582377898,"flow_last_seen":1432582377898,"flow_idle_time":180000,"flow_min_l4_payload_len":44,"flow_max_l4_payload_len":44,"flow_tot_l4_payload_len":44,"flow_avg_l4_payload_len":44,"midstream":0,"ts_msec":1432582431565,"l3_proto":"ip4","src_ip":"192.168.2.1","dst_ip":"192.168.2.255","src_port":57621,"dst_port":57621,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3}
Powered by cgit, Themed by Ted Yin.