nDPId-test: mimic full nDPId lifecycle

* generate DAEMON_EVENT_INIT as well as DAEMON_EVENT_SHUTDOWN * process remaining flows before shutdown (and generate events) Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
author: Toni Uhlig <matzeton@googlemail.com> 2021-04-09 14:33:34 +0200
committer: Toni Uhlig <matzeton@googlemail.com> 2021-04-09 14:43:28 +0200
commit: ba586e1ecf848937a612cf35bed6275578dad088 (patch)
tree: 954884ee118dcb05ff17a61165ecaf853b37a387 /test/results/whatsapp_login_chat.pcap.out
parent: 4e583cd4dedd6467f300eea5947a4f6bb2c036f2 (diff)
1 files changed, 10 insertions, 0 deletions
diff --git a/test/results/whatsapp_login_chat.pcap.out b/test/results/whatsapp_login_chat.pcap.out
index 6b39dec27..ba8a2cd96 100644
--- a/test/results/whatsapp_login_chat.pcap.out
+++ b/test/results/whatsapp_login_chat.pcap.out
@@ -1,3 +1,4 @@
+00396{"daemon_event_id":1,"daemon_event_name":"init","thread_id":0,"packet_id":0,"source":"whatsapp_login_chat.pcap","alias":"nDPId-test","max-flows-per-thread":2048,"max-idle-flows-per-thread":256,"tick-resolution":1000,"reader-thread-count":1,"idle-scan-period":10000,"max-idle-time":600000,"tcp-max-post-end-flow-time":60000,"max-packets-per-flow-to-send":15,"max-packets-per-flow-to-process":255}
 00485{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1,"source":"whatsapp_login_chat.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":1,"flow_first_seen":1432582377898,"flow_last_seen":0,"flow_tot_l4_data_len":52,"flow_min_l4_data_len":52,"flow_max_l4_data_len":52,"flow_avg_l4_data_len":52,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.2.1","dst_ip":"192.168.2.255","src_port":57621,"dst_port":57621,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15}
 00471{"flow_id":1,"flow_packet_id":1,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1,"source":"whatsapp_login_chat.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1432582377,"pkt_ts_usec":898864,"pkt_caplen":86,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":86,"pkt_l4_len":52,"pkt":"\/\/\/\/\/\/\/\/xiwDYGpkCABFAABI56kAAEARDKvAqAIBwKgC\/+EV4RUANKgAU3BvdFVkcDCYJeGQmjjiDQABAARIlcID1NylhjSgAeWF26p2NNVFJFGe2SE="}
 00518{"flow_event_id":5,"flow_event_name":"detected","thread_id":0,"packet_id":1,"source":"whatsapp_login_chat.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":1,"flow_first_seen":1432582377898,"flow_last_seen":0,"flow_tot_l4_data_len":52,"flow_min_l4_data_len":52,"flow_max_l4_data_len":52,"flow_avg_l4_data_len":52,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.2.1","dst_ip":"192.168.2.255","src_port":57621,"dst_port":57621,"l4_proto":"udp","ndpi": {"proto":"Spotify","breed":"Acceptable","category":"Music"}}
@@ -70,3 +71,12 @@
 01090{"flow_id":10,"flow_packet_id":1,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":92,"source":"whatsapp_login_chat.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1432582426,"pkt_ts_usec":553706,"pkt_caplen":544,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":544,"pkt_l4_len":510,"pkt":"\/\/\/\/\/\/\/\/xiwDYGpkCABFAAISk3sAAEARXw\/AqAIBwKgC\/0RcRFwB\/jsJeyJob3N0X2ludCI6IDMzNzUzNTk1OTMsICJ2ZXJzaW9uIjogWzEsIDhdLCAiZGlzcGxheW5hbWUiOiAiIiwgInBvcnQiOiAxNzUwMCwgIm5hbWVzcGFjZXMiOiBbMTQ4MTkzMzcsIDE3NjA5OTYzLCAyMDY0OTM0OSwgMjg1MjE2MDcsIDU4MzQ0OTk2LCA2MDU5NDk4MywgNjQ0MzYwOTksIDk2ODUzMjI0LCA5OTQ2OTc3MywgMTAxMDQ3OTk2LCAxMDgxNTkxMDIsIDEyNTU0MDU2NiwgMTc2OTY0MzA3LCAyNDM2ODI5ODYsIDI0NzkyNTA4NSwgMjYwNDY1MjYxLCAyNzA0MDQ3NDIsIDI4Mzg2MTQ1NywgNDI0NTQwMTk3LCA0NDgzOTczOTMsIDQ1MTQ3MjY1OCwgNTExNzA2NjQyLCA1NjgzOTU4MzMsIDU5NDI0Njk1NCwgNTk4MDYxMDY2LCA2MTU5ODMzNzksIDcyMDA1ODM2MSwgNzM1MDUxODMwLCA3MzYzNDE1MjgsIDc0MTI1NTYxMywgNzc2MDg3MjQ3LCA3ODA4NzA1ODEsIDc4Mjk4MTk0OSwgNzg1MjY2MTc3LCA4MTg3NTI3MTAsIDg1NTY4MjM5MCwgODg0MTIwMTMyLCA5MDg5MTQ4NjhdfQ=="}
 00524{"flow_event_id":5,"flow_event_name":"detected","thread_id":0,"packet_id":92,"source":"whatsapp_login_chat.pcap","alias":"nDPId-test","flow_id":10,"flow_packet_id":1,"flow_first_seen":1432582426553,"flow_last_seen":0,"flow_tot_l4_data_len":510,"flow_min_l4_data_len":510,"flow_max_l4_data_len":510,"flow_avg_l4_data_len":510,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.2.1","dst_ip":"192.168.2.255","src_port":17500,"dst_port":17500,"l4_proto":"udp","ndpi": {"proto":"Dropbox","breed":"Acceptable","category":"Cloud"}}
 00650{"flow_id":9,"flow_packet_id":6,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":93,"source":"whatsapp_login_chat.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1432582431,"pkt_ts_usec":565397,"pkt_caplen":220,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":220,"pkt_l4_len":186,"pkt":"APS5Jrv0xiwDYGpkCABFAADOJvMAAC8Gqw4RbuUOwKgCBBRnwCnUix1VuGhbLIAZAUnUJAAAAQEICm+JpTEt\/BtwFwMBAHDYSydR01U4MXShqjjP\/e6ozSqHDVuZ8Us7t5fLSxg\/JTSqTU1rbh5BP52nKbmElzpUYdGkXfEnn2PaHKB1t4LzV\/pkQ5JZxi+qRHMWxqelxwlH4daQC2wVBaO6VgWkkLBvXyNAW3gXtTuKympv3KY2FQMBACAIXcm+uxec4nsB2p08pVk5ZiggKezrR8Gc5wbiqdSlnQ=="}
+00496{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":93,"source":"whatsapp_login_chat.pcap","alias":"nDPId-test","flow_id":6,"flow_packet_id":6,"flow_first_seen":1432582399902,"flow_last_seen":1432582425196,"flow_tot_l4_data_len":1848,"flow_min_l4_data_len":308,"flow_max_l4_data_len":308,"flow_avg_l4_data_len":308,"midstream":0,"l3_proto":"ip4","src_ip":"0.0.0.0","dst_ip":"255.255.255.255","src_port":68,"dst_port":67,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15}
+00492{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":93,"source":"whatsapp_login_chat.pcap","alias":"nDPId-test","flow_id":10,"flow_packet_id":1,"flow_first_seen":1432582426553,"flow_last_seen":0,"flow_tot_l4_data_len":510,"flow_min_l4_data_len":510,"flow_max_l4_data_len":510,"flow_avg_l4_data_len":510,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.2.1","dst_ip":"192.168.2.255","src_port":17500,"dst_port":17500,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15}
+00497{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":93,"source":"whatsapp_login_chat.pcap","alias":"nDPId-test","flow_id":2,"flow_packet_id":2,"flow_first_seen":1432582379543,"flow_last_seen":1432582379571,"flow_tot_l4_data_len":212,"flow_min_l4_data_len":42,"flow_max_l4_data_len":170,"flow_avg_l4_data_len":106,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.2.4","dst_ip":"192.168.2.1","src_port":61697,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":15}
+00515{"flow_event_id":7,"flow_event_name":"not-detected","thread_id":0,"packet_id":93,"source":"whatsapp_login_chat.pcap","alias":"nDPId-test","flow_id":3,"flow_packet_id":30,"flow_first_seen":1432582379591,"flow_last_seen":1432582399306,"flow_tot_l4_data_len":1943,"flow_min_l4_data_len":32,"flow_max_l4_data_len":233,"flow_avg_l4_data_len":64,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.2.4","dst_ip":"158.85.58.15","src_port":49206,"dst_port":5222,"l4_proto":"tcp","ndpi": {"proto":"Unknown","breed":"Unrated"}}
+00500{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":93,"source":"whatsapp_login_chat.pcap","alias":"nDPId-test","flow_id":3,"flow_packet_id":30,"flow_first_seen":1432582379591,"flow_last_seen":1432582399306,"flow_tot_l4_data_len":1943,"flow_min_l4_data_len":32,"flow_max_l4_data_len":233,"flow_avg_l4_data_len":64,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.2.4","dst_ip":"158.85.58.15","src_port":49206,"dst_port":5222,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15}
+00502{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":93,"source":"whatsapp_login_chat.pcap","alias":"nDPId-test","flow_id":9,"flow_packet_id":6,"flow_first_seen":1432582411561,"flow_last_seen":1432582431565,"flow_tot_l4_data_len":1891,"flow_min_l4_data_len":186,"flow_max_l4_data_len":341,"flow_avg_l4_data_len":315,"midstream":1,"l3_proto":"ip4","src_ip":"17.110.229.14","dst_ip":"192.168.2.4","src_port":5223,"dst_port":49193,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15}
+00529{"flow_event_id":4,"flow_event_name":"guessed","thread_id":0,"packet_id":93,"source":"whatsapp_login_chat.pcap","alias":"nDPId-test","flow_id":4,"flow_packet_id":44,"flow_first_seen":1432582381179,"flow_last_seen":1432582385071,"flow_tot_l4_data_len":19875,"flow_min_l4_data_len":20,"flow_max_l4_data_len":1460,"flow_avg_l4_data_len":451,"midstream":1,"l3_proto":"ip4","src_ip":"192.168.2.4","dst_ip":"17.173.66.102","src_port":49205,"dst_port":443,"l4_proto":"tcp","ndpi": {"proto":"TLS.Apple","breed":"Safe","category":"Web"}}
+00504{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":93,"source":"whatsapp_login_chat.pcap","alias":"nDPId-test","flow_id":4,"flow_packet_id":44,"flow_first_seen":1432582381179,"flow_last_seen":1432582385071,"flow_tot_l4_data_len":19875,"flow_min_l4_data_len":20,"flow_max_l4_data_len":1460,"flow_avg_l4_data_len":451,"midstream":1,"l3_proto":"ip4","src_ip":"192.168.2.4","dst_ip":"17.173.66.102","src_port":49205,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15}
+00139{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":93,"source":"whatsapp_login_chat.pcap","alias":"nDPId-test"}
author	Toni Uhlig <matzeton@googlemail.com>	2021-04-09 14:33:34 +0200
committer	Toni Uhlig <matzeton@googlemail.com>	2021-04-09 14:43:28 +0200
commit	ba586e1ecf848937a612cf35bed6275578dad088 (patch)
tree	954884ee118dcb05ff17a61165ecaf853b37a387 /test/results/whatsapp_login_chat.pcap.out
parent	4e583cd4dedd6467f300eea5947a4f6bb2c036f2 (diff)