aboutsummaryrefslogtreecommitdiff
path: root/test/results/default/dnscrypt-v1-and-resolver-pings.pcap.out
diff options
context:
space:
mode:
Diffstat (limited to 'test/results/default/dnscrypt-v1-and-resolver-pings.pcap.out')
-rw-r--r--test/results/default/dnscrypt-v1-and-resolver-pings.pcap.out112
1 files changed, 56 insertions, 56 deletions
diff --git a/test/results/default/dnscrypt-v1-and-resolver-pings.pcap.out b/test/results/default/dnscrypt-v1-and-resolver-pings.pcap.out
index 85d0b74b4..e54e1a0d8 100644
--- a/test/results/default/dnscrypt-v1-and-resolver-pings.pcap.out
+++ b/test/results/default/dnscrypt-v1-and-resolver-pings.pcap.out
@@ -6,12 +6,12 @@
00796{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":2,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946735705348955,"flow_src_last_pkt_time":946735705348955,"flow_dst_last_pkt_time":946735705348955,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1472,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1472,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1472,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946735705348955,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"149.56.228.45","src_port":45722,"dst_port":443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
02497{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":2,"flow_packet_id":1,"flow_src_last_pkt_time":946735705348955,"flow_dst_last_pkt_time":946735705348955,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":1514,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1514,"pkt_l4_len":1480,"thread_ts_usec":946735705348955,"pkt":"REREREREZmZmZmZmCABFAAXcCgAgAL0Rk+4KAAABlTjkLbKaAbsGBGxVf0QBAAABAAAAAAABATINZG5zY3J5cHQtY2VydAhkbnNjcnlwdARjYS0yAAAQAAEAAAAAAAAAAAAFwgAMBb4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="}
00950{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":2,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946735705348955,"flow_src_last_pkt_time":946735705348955,"flow_dst_last_pkt_time":946735705348955,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1472,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1472,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1472,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946735705348955,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"149.56.228.45","src_port":45722,"dst_port":443,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"DNScrypt","proto_id":"208","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":14,"category":"Network"}}
-00333{"error_event_id":9,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":1,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946735705348966,"packet_id":3,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946735705348966}
+00333{"error_event_id":8,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":1,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946735705348966,"packet_id":3,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946735705348966}
00438{"packet_event_id":1,"packet_event_name":"packet","packet_id":3,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","pkt_datalink":1,"pkt_caplen":94,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":94,"pkt_l4_len":0,"thread_ts_usec":946735705348955,"pkt":"REREREREZmZmZmZmCABFAABQCgAAub0RuMEKAAABlTjkLQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
00796{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":4,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":3,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946735705348987,"flow_src_last_pkt_time":946735705348987,"flow_dst_last_pkt_time":946735705348987,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1472,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1472,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1472,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946735705348987,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"149.56.228.45","src_port":35495,"dst_port":443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
02497{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":4,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":3,"flow_packet_id":1,"flow_src_last_pkt_time":946735705348987,"flow_dst_last_pkt_time":946735705348987,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":1514,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1514,"pkt_l4_len":1480,"thread_ts_usec":946735705348987,"pkt":"REREREREZmZmZmZmCABFAAXcCgEgAL0Rk+0KAAABlTjkLYqnAbsGBJRGf0YBAAABAAAAAAABATINZG5zY3J5cHQtY2VydAhkbnNjcnlwdARjYS0yAAAQAAEAAAAAAAAAAAAFwgAMBb4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="}
00950{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":4,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":3,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946735705348987,"flow_src_last_pkt_time":946735705348987,"flow_dst_last_pkt_time":946735705348987,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1472,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1472,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1472,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946735705348987,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"149.56.228.45","src_port":35495,"dst_port":443,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"DNScrypt","proto_id":"208","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":14,"category":"Network"}}
-00333{"error_event_id":9,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":2,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946735705348993,"packet_id":5,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946735705348993}
+00333{"error_event_id":8,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":2,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946735705348993,"packet_id":5,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946735705348993}
00438{"packet_event_id":1,"packet_event_name":"packet","packet_id":5,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","pkt_datalink":1,"pkt_caplen":94,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":94,"pkt_l4_len":0,"thread_ts_usec":946735705348987,"pkt":"REREREREZmZmZmZmCABFAABQCgEAub0RuMAKAAABlTjkLQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
00793{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":6,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":4,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946735705349002,"flow_src_last_pkt_time":946735705349002,"flow_dst_last_pkt_time":946735705349002,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":512,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":512,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":512,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946735705349002,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"149.56.228.45","src_port":33565,"dst_port":443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
01214{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":6,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":4,"flow_packet_id":1,"flow_src_last_pkt_time":946735705349002,"flow_dst_last_pkt_time":946735705349002,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":554,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":554,"pkt_l4_len":520,"thread_ts_usec":946735705349002,"pkt":"REREREREZmZmZmZmCABFAAIcCgJAAL0Rd6wKAAABlTjkLYMdAbsCCDw8f0UBAAABAAAAAAABATINZG5zY3J5cHQtY2VydAhkbnNjcnlwdARjYS0yAAAQAAEAAAAAAAAAAAABxgAMAcIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="}
@@ -19,7 +19,7 @@
00796{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":7,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":5,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946735705349019,"flow_src_last_pkt_time":946735705349019,"flow_dst_last_pkt_time":946735705349019,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1472,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1472,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1472,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946735705349019,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"149.56.228.45","src_port":35228,"dst_port":443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
02497{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":7,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":5,"flow_packet_id":1,"flow_src_last_pkt_time":946735705349019,"flow_dst_last_pkt_time":946735705349019,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":1514,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1514,"pkt_l4_len":1480,"thread_ts_usec":946735705349019,"pkt":"REREREREZmZmZmZmCABFAAXcCgMgAL0Rk+sKAAABlTjkLYmcAbsGBJVVf0IBAAABAAAAAAABATINZG5zY3J5cHQtY2VydAhkbnNjcnlwdARjYS0yAAAQAAEAAAAAAAAAAAAFwgAMBb4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="}
00950{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":7,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":5,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946735705349019,"flow_src_last_pkt_time":946735705349019,"flow_dst_last_pkt_time":946735705349019,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1472,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1472,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1472,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946735705349019,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"149.56.228.45","src_port":35228,"dst_port":443,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"DNScrypt","proto_id":"208","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":14,"category":"Network"}}
-00333{"error_event_id":9,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":3,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946735705349026,"packet_id":8,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946735705349026}
+00333{"error_event_id":8,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":3,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946735705349026,"packet_id":8,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946735705349026}
00438{"packet_event_id":1,"packet_event_name":"packet","packet_id":8,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","pkt_datalink":1,"pkt_caplen":94,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":94,"pkt_l4_len":0,"thread_ts_usec":946735705349019,"pkt":"REREREREZmZmZmZmCABFAABQCgMAub0RuL4KAAABlTjkLQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
00793{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":9,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":6,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946735705349060,"flow_src_last_pkt_time":946735705349060,"flow_dst_last_pkt_time":946735705349060,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":512,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":512,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":512,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946735705349060,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"149.56.228.45","src_port":60301,"dst_port":443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
01214{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":9,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":6,"flow_packet_id":1,"flow_src_last_pkt_time":946735705349060,"flow_dst_last_pkt_time":946735705349060,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":554,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":554,"pkt_l4_len":520,"thread_ts_usec":946735705349060,"pkt":"REREREREZmZmZmZmCABFAAIcCgRAAL0Rd6oKAAABlTjkLeuNAbsCCDw8f0MBAAABAAAAAAABATINZG5zY3J5cHQtY2VydAhkbnNjcnlwdARjYS0yAAAQAAEAAAAAAAAAAAABxgAMAcIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="}
@@ -43,17 +43,17 @@
00799{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":19,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":10,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739299327323,"flow_src_last_pkt_time":946739299327323,"flow_dst_last_pkt_time":946739299327323,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1472,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1472,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1472,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739299327323,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"62.210.180.71","src_port":43748,"dst_port":1053,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
02499{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":19,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":10,"flow_packet_id":1,"flow_src_last_pkt_time":946739299327323,"flow_dst_last_pkt_time":946739299327323,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":1514,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1514,"pkt_l4_len":1480,"thread_ts_usec":946739299327323,"pkt":"REREREREZmZmZmZmCABFAAXcFy0gAL0RDQ4KAAABPtK0R6rkBB0GBCq4ByYBAAABAAAAAAABATINZG5zY3J5cHQtY2VydANuczIIaXJpc2VkZW4CZnIAABAAAQAAAAAAAAAAAAXAAAwFvAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="}
00953{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":19,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":10,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739299327323,"flow_src_last_pkt_time":946739299327323,"flow_dst_last_pkt_time":946739299327323,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1472,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1472,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1472,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739299327323,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"62.210.180.71","src_port":43748,"dst_port":1053,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"DNScrypt","proto_id":"208","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":14,"category":"Network"}}
-00334{"error_event_id":9,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":1,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739299327335,"packet_id":20,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739299327335}
+00334{"error_event_id":8,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":1,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739299327335,"packet_id":20,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739299327335}
00439{"packet_event_id":1,"packet_event_name":"packet","packet_id":20,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","pkt_datalink":1,"pkt_caplen":94,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":94,"pkt_l4_len":0,"thread_ts_usec":946739299327323,"pkt":"REREREREZmZmZmZmCABFAABQFy0Aub0RMeEKAAABPtK0RwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
00799{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":21,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":11,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739299327384,"flow_src_last_pkt_time":946739299327384,"flow_dst_last_pkt_time":946739299327384,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1472,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1472,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1472,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739299327384,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"62.210.180.71","src_port":57395,"dst_port":1053,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
02499{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":21,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":11,"flow_packet_id":1,"flow_src_last_pkt_time":946739299327384,"flow_dst_last_pkt_time":946739299327384,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":1514,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1514,"pkt_l4_len":1480,"thread_ts_usec":946739299327384,"pkt":"REREREREZmZmZmZmCABFAAXcFy4gAL0RDQ0KAAABPtK0R+AzBB0GBPVqByQBAAABAAAAAAABATINZG5zY3J5cHQtY2VydANuczIIaXJpc2VkZW4CZnIAABAAAQAAAAAAAAAAAAXAAAwFvAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="}
00953{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":21,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":11,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739299327384,"flow_src_last_pkt_time":946739299327384,"flow_dst_last_pkt_time":946739299327384,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1472,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1472,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1472,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739299327384,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"62.210.180.71","src_port":57395,"dst_port":1053,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"DNScrypt","proto_id":"208","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":14,"category":"Network"}}
-00334{"error_event_id":9,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":2,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739299327399,"packet_id":22,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739299327399}
+00334{"error_event_id":8,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":2,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739299327399,"packet_id":22,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739299327399}
00439{"packet_event_id":1,"packet_event_name":"packet","packet_id":22,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","pkt_datalink":1,"pkt_caplen":94,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":94,"pkt_l4_len":0,"thread_ts_usec":946739299327384,"pkt":"REREREREZmZmZmZmCABFAABQFy4Aub0RMeAKAAABPtK0RwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
00799{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":23,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":12,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739299327408,"flow_src_last_pkt_time":946739299327408,"flow_dst_last_pkt_time":946739299327408,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1472,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1472,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1472,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739299327408,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"62.210.180.71","src_port":53299,"dst_port":1053,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
02499{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":23,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":12,"flow_packet_id":1,"flow_src_last_pkt_time":946739299327408,"flow_dst_last_pkt_time":946739299327408,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":1514,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1514,"pkt_l4_len":1480,"thread_ts_usec":946739299327408,"pkt":"REREREREZmZmZmZmCABFAAXcFy8gAL0RDQwKAAABPtK0R9AzBB0GBAVtByIBAAABAAAAAAABATINZG5zY3J5cHQtY2VydANuczIIaXJpc2VkZW4CZnIAABAAAQAAAAAAAAAAAAXAAAwFvAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="}
00953{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":23,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":12,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739299327408,"flow_src_last_pkt_time":946739299327408,"flow_dst_last_pkt_time":946739299327408,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1472,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1472,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1472,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739299327408,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"62.210.180.71","src_port":53299,"dst_port":1053,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"DNScrypt","proto_id":"208","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":14,"category":"Network"}}
-00334{"error_event_id":9,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":3,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739299327438,"packet_id":24,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739299327438}
+00334{"error_event_id":8,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":3,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739299327438,"packet_id":24,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739299327438}
00439{"packet_event_id":1,"packet_event_name":"packet","packet_id":24,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","pkt_datalink":1,"pkt_caplen":94,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":94,"pkt_l4_len":0,"thread_ts_usec":946739299327408,"pkt":"REREREREZmZmZmZmCABFAABQFy8Aub0RMd8KAAABPtK0RwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
00779{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":25,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":7,"flow_packet_id":2,"flow_src_last_pkt_time":946739299327173,"flow_dst_last_pkt_time":946739299355250,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":228,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":228,"pkt_l4_len":194,"thread_ts_usec":946739299355250,"pkt":"ZmZmZmZmRERERERECABFAADWguYAADURTls+0rRHCgAAAQQdxzwAwvgJByeBgAABAAEAAAAAATINZG5zY3J5cHQtY2VydANuczIIaXJpc2VkZW4CZnIAABAAAcAMABAAAQAAAAAAfXxETlNDAAEAAD603DX03HFYUGSUUMZQ5AFHqQDCbcRbndp5mF3SVu19eScXuGrpg2nLc5WDzV06y+FJw+Dah4cv34QVXrvZ7Q8nY1y4iPNLnPDmhCiX6M9Qv8kZOhpPDs+tmijF9ICJLydjXLiI80ucXop2NF6KdjRga6m0"}
00779{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":26,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":8,"flow_packet_id":2,"flow_src_last_pkt_time":946739299327201,"flow_dst_last_pkt_time":946739299356160,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":228,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":228,"pkt_l4_len":194,"thread_ts_usec":946739299356160,"pkt":"ZmZmZmZmRERERERECABFAADWguUAADQRT1w+0rRHCgAAAQQdzZwAwvGtByOBgAABAAEAAAAAATINZG5zY3J5cHQtY2VydANuczIIaXJpc2VkZW4CZnIAABAAAcAMABAAAQAAAAAAfXxETlNDAAEAAD603DX03HFYUGSUUMZQ5AFHqQDCbcRbndp5mF3SVu19eScXuGrpg2nLc5WDzV06y+FJw+Dah4cv34QVXrvZ7Q8nY1y4iPNLnPDmhCiX6M9Qv8kZOhpPDs+tmijF9ICJLydjXLiI80ucXop2NF6KdjRga6m0"}
@@ -63,12 +63,12 @@
00797{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":28,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":14,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739304328460,"flow_src_last_pkt_time":946739304328460,"flow_dst_last_pkt_time":946739304328460,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":512,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":512,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":512,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739304328460,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"185.134.196.55","src_port":37413,"dst_port":8443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
01216{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":28,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":14,"flow_packet_id":1,"flow_src_last_pkt_time":946739304328460,"flow_dst_last_pkt_time":946739304328460,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":554,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":554,"pkt_l4_len":520,"thread_ts_usec":946739304328460,"pkt":"REREREREZmZmZmZmCABFAAIcHPpAAL0RYFwKAAABuYbEN5IlIPsCCECUfx8BAAABAAAAAAABATINZG5zY3J5cHQtY2VydARyZG5zBmZhZWxpeANuZXQAABAAAQAAAAAAAAAAAAHEAAwBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="}
00951{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":28,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":14,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739304328460,"flow_src_last_pkt_time":946739304328460,"flow_dst_last_pkt_time":946739304328460,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":512,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":512,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":512,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739304328460,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"185.134.196.55","src_port":37413,"dst_port":8443,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"DNScrypt","proto_id":"208","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":14,"category":"Network"}}
-00334{"error_event_id":9,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":4,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739304328481,"packet_id":29,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739304328481}
+00334{"error_event_id":8,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":4,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739304328481,"packet_id":29,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739304328481}
00439{"packet_event_id":1,"packet_event_name":"packet","packet_id":29,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","pkt_datalink":1,"pkt_caplen":94,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":94,"pkt_l4_len":0,"thread_ts_usec":946739304328460,"pkt":"REREREREZmZmZmZmCABFAABQHPkAub0RoXAKAAABuYbENwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
00800{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":30,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":15,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739304328494,"flow_src_last_pkt_time":946739304328494,"flow_dst_last_pkt_time":946739304328494,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1472,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1472,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1472,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739304328494,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"185.134.196.55","src_port":35005,"dst_port":8443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
02499{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":30,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":15,"flow_packet_id":1,"flow_src_last_pkt_time":946739304328494,"flow_dst_last_pkt_time":946739304328494,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":1514,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1514,"pkt_l4_len":1480,"thread_ts_usec":946739304328494,"pkt":"REREREREZmZmZmZmCABFAAXcHPsgAL0RfJsKAAABuYbEN4i9IPsGBFEJfxwBAAABAAAAAAABATINZG5zY3J5cHQtY2VydARyZG5zBmZhZWxpeANuZXQAABAAAQAAAAAAAAAAAAXAAAwFvAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="}
00954{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":30,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":15,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739304328494,"flow_src_last_pkt_time":946739304328494,"flow_dst_last_pkt_time":946739304328494,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1472,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1472,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1472,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739304328494,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"185.134.196.55","src_port":35005,"dst_port":8443,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"DNScrypt","proto_id":"208","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":14,"category":"Network"}}
-00334{"error_event_id":9,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":5,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739304328516,"packet_id":31,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739304328516}
+00334{"error_event_id":8,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":5,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739304328516,"packet_id":31,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739304328516}
00439{"packet_event_id":1,"packet_event_name":"packet","packet_id":31,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","pkt_datalink":1,"pkt_caplen":94,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":94,"pkt_l4_len":0,"thread_ts_usec":946739304328494,"pkt":"REREREREZmZmZmZmCABFAABQHPsAub0RoW4KAAABuYbENwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
00797{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":32,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":16,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739304328530,"flow_src_last_pkt_time":946739304328530,"flow_dst_last_pkt_time":946739304328530,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":512,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":512,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":512,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739304328530,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"185.134.196.55","src_port":59405,"dst_port":8443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
01216{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":32,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":16,"flow_packet_id":1,"flow_src_last_pkt_time":946739304328530,"flow_dst_last_pkt_time":946739304328530,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":554,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":554,"pkt_l4_len":520,"thread_ts_usec":946739304328530,"pkt":"REREREREZmZmZmZmCABFAAIcHPxAAL0RYFoKAAABuYbEN+gNIPsCCECUfx0BAAABAAAAAAABATINZG5zY3J5cHQtY2VydARyZG5zBmZhZWxpeANuZXQAABAAAQAAAAAAAAAAAAHEAAwBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="}
@@ -79,7 +79,7 @@
00800{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":34,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":18,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739304328639,"flow_src_last_pkt_time":946739304328639,"flow_dst_last_pkt_time":946739304328639,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1472,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1472,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1472,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739304328639,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"185.134.196.55","src_port":55123,"dst_port":8443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
02499{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":34,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":18,"flow_packet_id":1,"flow_src_last_pkt_time":946739304328639,"flow_dst_last_pkt_time":946739304328639,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":1514,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1514,"pkt_l4_len":1480,"thread_ts_usec":946739304328639,"pkt":"REREREREZmZmZmZmCABFAAXcHP4gAL0RfJgKAAABuYbEN9dTIPsGBAJxfx4BAAABAAAAAAABATINZG5zY3J5cHQtY2VydARyZG5zBmZhZWxpeANuZXQAABAAAQAAAAAAAAAAAAXAAAwFvAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="}
00954{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":34,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":18,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739304328639,"flow_src_last_pkt_time":946739304328639,"flow_dst_last_pkt_time":946739304328639,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1472,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1472,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1472,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739304328639,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"185.134.196.55","src_port":55123,"dst_port":8443,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"DNScrypt","proto_id":"208","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":14,"category":"Network"}}
-00334{"error_event_id":9,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":6,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739304328653,"packet_id":35,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739304328653}
+00334{"error_event_id":8,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":6,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739304328653,"packet_id":35,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739304328653}
00439{"packet_event_id":1,"packet_event_name":"packet","packet_id":35,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","pkt_datalink":1,"pkt_caplen":94,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":94,"pkt_l4_len":0,"thread_ts_usec":946739304328639,"pkt":"REREREREZmZmZmZmCABFAABQHP4Aub0RoWsKAAABuYbENwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
00784{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":36,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":17,"flow_packet_id":2,"flow_src_last_pkt_time":946739304328621,"flow_dst_last_pkt_time":946739304360382,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":228,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":228,"pkt_l4_len":194,"thread_ts_usec":946739304360382,"pkt":"ZmZmZmZmRERERERECABFAADWmUJAADQRblq5hsQ3CgAAASD7xQMAwuTIfxuAAAABAAEAAAAAATINZG5zY3J5cHQtY2VydARyZG5zBmZhZWxpeANuZXQAABAAAcAMABAAAQAADhAAfXxETlNDAAEAADn5TxO0FAodB0MfyNII\/q4yfvBzna8lha8rHqMZH6brB0hzmteXf96oRMNtUVCp592lxf62HHwuDSbhBbtGtQcalorpuHO8PTt\/PSXI1nToKeQ\/\/4xUAF+WFp6Iz9p9KhqWium4c7w9AAAAAV7URQBxousA"}
00784{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":37,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":14,"flow_packet_id":2,"flow_src_last_pkt_time":946739304328460,"flow_dst_last_pkt_time":946739304361228,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":228,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":228,"pkt_l4_len":194,"thread_ts_usec":946739304361228,"pkt":"ZmZmZmZmRERERERECABFAADWmUFAADQRblu5hsQ3CgAAASD7kiUAwhejfx+AAAABAAEAAAAAATINZG5zY3J5cHQtY2VydARyZG5zBmZhZWxpeANuZXQAABAAAcAMABAAAQAADhAAfXxETlNDAAEAADn5TxO0FAodB0MfyNII\/q4yfvBzna8lha8rHqMZH6brB0hzmteXf96oRMNtUVCp592lxf62HHwuDSbhBbtGtQcalorpuHO8PTt\/PSXI1nToKeQ\/\/4xUAF+WFp6Iz9p9KhqWium4c7w9AAAAAV7URQBxousA"}
@@ -91,7 +91,7 @@
00800{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":41,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":20,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739304363260,"flow_src_last_pkt_time":946739304363260,"flow_dst_last_pkt_time":946739304363260,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1472,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1472,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1472,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739304363260,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"104.238.186.192","src_port":56997,"dst_port":443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
02499{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":41,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":20,"flow_packet_id":1,"flow_src_last_pkt_time":946739304363260,"flow_dst_last_pkt_time":946739304363260,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":1514,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1514,"pkt_l4_len":1480,"thread_ts_usec":946739304363260,"pkt":"REREREREZmZmZmZmCABFAAXcylIgAL0RKVMKAAABaO66wN6lAbsGBMqkZFUBAAABAAAAAAABATINZG5zY3J5cHQtY2VydAF2CGRuc2NyeXB0AnVrAAAQAAEAAAAAAAAAAAAFwgAMBb4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="}
00954{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":41,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":20,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739304363260,"flow_src_last_pkt_time":946739304363260,"flow_dst_last_pkt_time":946739304363260,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1472,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1472,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1472,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739304363260,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"104.238.186.192","src_port":56997,"dst_port":443,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"DNScrypt","proto_id":"208","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":14,"category":"Network"}}
-00334{"error_event_id":9,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":7,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739304363265,"packet_id":42,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739304363265}
+00334{"error_event_id":8,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":7,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739304363265,"packet_id":42,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739304363265}
00439{"packet_event_id":1,"packet_event_name":"packet","packet_id":42,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","pkt_datalink":1,"pkt_caplen":94,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":94,"pkt_l4_len":0,"thread_ts_usec":946739304363260,"pkt":"REREREREZmZmZmZmCABFAABQylIAub0RTiYKAAABaO66wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
00797{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":43,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":21,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739304363274,"flow_src_last_pkt_time":946739304363274,"flow_dst_last_pkt_time":946739304363274,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":512,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":512,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":512,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739304363274,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"104.238.186.192","src_port":39655,"dst_port":443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
01216{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":43,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":21,"flow_packet_id":1,"flow_src_last_pkt_time":946739304363274,"flow_dst_last_pkt_time":946739304363274,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":554,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":554,"pkt_l4_len":520,"thread_ts_usec":946739304363274,"pkt":"REREREREZmZmZmZmCABFAAIcylNAAL0RDRIKAAABaO66wJrnAbsCCOaEZFYBAAABAAAAAAABATINZG5zY3J5cHQtY2VydAF2CGRuc2NyeXB0AnVrAAAQAAEAAAAAAAAAAAABxgAMAcIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="}
@@ -105,9 +105,9 @@
00800{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":46,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":24,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739304363284,"flow_src_last_pkt_time":946739304363284,"flow_dst_last_pkt_time":946739304363284,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1472,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1472,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1472,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739304363284,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"104.238.186.192","src_port":44491,"dst_port":443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
02499{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":46,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":24,"flow_packet_id":1,"flow_src_last_pkt_time":946739304363284,"flow_dst_last_pkt_time":946739304363284,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":1514,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1514,"pkt_l4_len":1480,"thread_ts_usec":946739304363284,"pkt":"REREREREZmZmZmZmCABFAAXcylQgAL0RKVEKAAABaO66wK3LAbsGBPuAZFMBAAABAAAAAAABATINZG5zY3J5cHQtY2VydAF2CGRuc2NyeXB0AnVrAAAQAAEAAAAAAAAAAAAFwgAMBb4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="}
00954{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":46,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":24,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739304363284,"flow_src_last_pkt_time":946739304363284,"flow_dst_last_pkt_time":946739304363284,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1472,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1472,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1472,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739304363284,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"104.238.186.192","src_port":44491,"dst_port":443,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"DNScrypt","proto_id":"208","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":14,"category":"Network"}}
-00334{"error_event_id":9,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":8,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739304363288,"packet_id":47,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739304363288}
+00334{"error_event_id":8,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":8,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739304363288,"packet_id":47,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739304363288}
00439{"packet_event_id":1,"packet_event_name":"packet","packet_id":47,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","pkt_datalink":1,"pkt_caplen":94,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":94,"pkt_l4_len":0,"thread_ts_usec":946739304363284,"pkt":"REREREREZmZmZmZmCABFAABQylQAub0RTiQKAAABaO66wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
-00334{"error_event_id":9,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":9,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739304363289,"packet_id":48,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739304363289}
+00334{"error_event_id":8,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":9,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739304363289,"packet_id":48,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739304363289}
00439{"packet_event_id":1,"packet_event_name":"packet","packet_id":48,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","pkt_datalink":1,"pkt_caplen":94,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":94,"pkt_l4_len":0,"thread_ts_usec":946739304363284,"pkt":"REREREREZmZmZmZmCABFAABQylYAub0RTiIKAAABaO66wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
00784{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":49,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":16,"flow_packet_id":2,"flow_src_last_pkt_time":946739304328530,"flow_dst_last_pkt_time":946739304367875,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":228,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":228,"pkt_l4_len":194,"thread_ts_usec":946739304367875,"pkt":"ZmZmZmZmRERERERECABFAADWmUVAADQRble5hsQ3CgAAASD76A0AwsG8fx2AAAABAAEAAAAAATINZG5zY3J5cHQtY2VydARyZG5zBmZhZWxpeANuZXQAABAAAcAMABAAAQAADhAAfXxETlNDAAEAADn5TxO0FAodB0MfyNII\/q4yfvBzna8lha8rHqMZH6brB0hzmteXf96oRMNtUVCp592lxf62HHwuDSbhBbtGtQcalorpuHO8PTt\/PSXI1nToKeQ\/\/4xUAF+WFp6Iz9p9KhqWium4c7w9AAAAAV7URQBxousA"}
00784{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":50,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":18,"flow_packet_id":2,"flow_src_last_pkt_time":946739304328639,"flow_dst_last_pkt_time":946739304369837,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":228,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":228,"pkt_l4_len":194,"thread_ts_usec":946739304369837,"pkt":"ZmZmZmZmRERERERECABFAADWmUZAADQRbla5hsQ3CgAAASD711MAwtJ1fx6AAAABAAEAAAAAATINZG5zY3J5cHQtY2VydARyZG5zBmZhZWxpeANuZXQAABAAAcAMABAAAQAADhAAfXxETlNDAAEAADn5TxO0FAodB0MfyNII\/q4yfvBzna8lha8rHqMZH6brB0hzmteXf96oRMNtUVCp592lxf62HHwuDSbhBbtGtQcalorpuHO8PTt\/PSXI1nToKeQ\/\/4xUAF+WFp6Iz9p9KhqWium4c7w9AAAAAV7URQBxousA"}
@@ -123,12 +123,12 @@
00799{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":58,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":26,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739304599740,"flow_src_last_pkt_time":946739304599740,"flow_dst_last_pkt_time":946739304599740,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1472,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1472,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1472,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739304599740,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"209.250.241.25","src_port":56035,"dst_port":443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
02499{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":58,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":26,"flow_packet_id":1,"flow_src_last_pkt_time":946739304599740,"flow_dst_last_pkt_time":946739304599740,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":1514,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1514,"pkt_l4_len":1480,"thread_ts_usec":946739304599740,"pkt":"REREREREZmZmZmZmCABFAAXcZhQgAL0R7isKAAAB0frxGdrjAbsGBM5Z8VQBAAABAAAAAAABATINZG5zY3J5cHQtY2VydAhtZWdhbmVyZAAAEAABAAAAAAAAAAAABccADAXDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="}
00953{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":58,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":26,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739304599740,"flow_src_last_pkt_time":946739304599740,"flow_dst_last_pkt_time":946739304599740,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1472,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1472,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1472,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739304599740,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"209.250.241.25","src_port":56035,"dst_port":443,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"DNScrypt","proto_id":"208","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":14,"category":"Network"}}
-00335{"error_event_id":9,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":10,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739304599754,"packet_id":59,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739304599754}
+00335{"error_event_id":8,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":10,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739304599754,"packet_id":59,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739304599754}
00439{"packet_event_id":1,"packet_event_name":"packet","packet_id":59,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","pkt_datalink":1,"pkt_caplen":94,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":94,"pkt_l4_len":0,"thread_ts_usec":946739304599740,"pkt":"REREREREZmZmZmZmCABFAABQZhQAub0REv8KAAAB0frxGQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
00799{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":60,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":27,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739304599762,"flow_src_last_pkt_time":946739304599762,"flow_dst_last_pkt_time":946739304599762,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1472,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1472,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1472,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739304599762,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"209.250.241.25","src_port":37123,"dst_port":443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
02499{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":60,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":27,"flow_packet_id":1,"flow_src_last_pkt_time":946739304599762,"flow_dst_last_pkt_time":946739304599762,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":1514,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1514,"pkt_l4_len":1480,"thread_ts_usec":946739304599762,"pkt":"REREREREZmZmZmZmCABFAAXcZhUgAL0R7ioKAAAB0frxGZEDAbsGBBg48VYBAAABAAAAAAABATINZG5zY3J5cHQtY2VydAhtZWdhbmVyZAAAEAABAAAAAAAAAAAABccADAXDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="}
00953{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":60,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":27,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739304599762,"flow_src_last_pkt_time":946739304599762,"flow_dst_last_pkt_time":946739304599762,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1472,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1472,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1472,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739304599762,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"209.250.241.25","src_port":37123,"dst_port":443,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"DNScrypt","proto_id":"208","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":14,"category":"Network"}}
-00335{"error_event_id":9,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":11,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739304599775,"packet_id":61,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739304599775}
+00335{"error_event_id":8,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":11,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739304599775,"packet_id":61,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739304599775}
00439{"packet_event_id":1,"packet_event_name":"packet","packet_id":61,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","pkt_datalink":1,"pkt_caplen":94,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":94,"pkt_l4_len":0,"thread_ts_usec":946739304599762,"pkt":"REREREREZmZmZmZmCABFAABQZhUAub0REv4KAAAB0frxGQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
00796{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":62,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":28,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739304599857,"flow_src_last_pkt_time":946739304599857,"flow_dst_last_pkt_time":946739304599857,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":512,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":512,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":512,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739304599857,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"209.250.241.25","src_port":37950,"dst_port":443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
01216{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":62,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":28,"flow_packet_id":1,"flow_src_last_pkt_time":946739304599857,"flow_dst_last_pkt_time":946739304599857,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":554,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":554,"pkt_l4_len":520,"thread_ts_usec":946739304599857,"pkt":"REREREREZmZmZmZmCABFAAIcZhZAAL0R0ekKAAAB0frxGZQ+AbsCCIXq8VUBAAABAAAAAAABATINZG5zY3J5cHQtY2VydAhtZWdhbmVyZAAAEAABAAAAAAAAAAAAAcsADAHHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="}
@@ -139,7 +139,7 @@
00799{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":64,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":30,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739304599889,"flow_src_last_pkt_time":946739304599889,"flow_dst_last_pkt_time":946739304599889,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1472,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1472,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1472,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739304599889,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"209.250.241.25","src_port":59367,"dst_port":443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
02499{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":64,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":30,"flow_packet_id":1,"flow_src_last_pkt_time":946739304599889,"flow_dst_last_pkt_time":946739304599889,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":1514,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1514,"pkt_l4_len":1480,"thread_ts_usec":946739304599889,"pkt":"REREREREZmZmZmZmCABFAAXcZhggAL0R7icKAAAB0frxGefnAbsGBMFR8VgBAAABAAAAAAABATINZG5zY3J5cHQtY2VydAhtZWdhbmVyZAAAEAABAAAAAAAAAAAABccADAXDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="}
00953{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":64,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":30,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739304599889,"flow_src_last_pkt_time":946739304599889,"flow_dst_last_pkt_time":946739304599889,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1472,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1472,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1472,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739304599889,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"209.250.241.25","src_port":59367,"dst_port":443,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"DNScrypt","proto_id":"208","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":14,"category":"Network"}}
-00335{"error_event_id":9,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":12,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739304599904,"packet_id":65,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739304599904}
+00335{"error_event_id":8,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":12,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739304599904,"packet_id":65,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739304599904}
00439{"packet_event_id":1,"packet_event_name":"packet","packet_id":65,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","pkt_datalink":1,"pkt_caplen":94,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":94,"pkt_l4_len":0,"thread_ts_usec":946739304599889,"pkt":"REREREREZmZmZmZmCABFAABQZhgAub0REvsKAAAB0frxGQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
00772{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":66,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":25,"flow_packet_id":2,"flow_src_last_pkt_time":946739304599728,"flow_dst_last_pkt_time":946739304626301,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":221,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":221,"pkt_l4_len":187,"thread_ts_usec":946739304626301,"pkt":"ZmZmZmZmRERERERECABFAADPni1AADcRISDR+vEZCgAAAQG7gBkAu2Pi8VmBgAABAAEAAAAAATINZG5zY3J5cHQtY2VydAhtZWdhbmVyZAAAEAABwAwAEAABAABwgAB9fEROU0MAAgAAfYAKepZwtScVP1uN5sT5N32akeuKSAV4oXU5Dhs9DYGIJJAdGKfXtNXiElvsQvm00KyC1gH3yBcsV0UHMhcHDXsbONUID12Y3+IJuxI0oT3pvizj3NQWIv0z50xYMyIaexs41QgPXZgAAAABX1N8A19UzYM="}
00773{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":67,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":26,"flow_packet_id":2,"flow_src_last_pkt_time":946739304599740,"flow_dst_last_pkt_time":946739304626439,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":221,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":221,"pkt_l4_len":187,"thread_ts_usec":946739304626439,"pkt":"ZmZmZmZmRERERERECABFAADPni5AADcRIR\/R+vEZCgAAAQG72uMAuwkd8VSBgAABAAEAAAAAATINZG5zY3J5cHQtY2VydAhtZWdhbmVyZAAAEAABwAwAEAABAABwgAB9fEROU0MAAgAAfYAKepZwtScVP1uN5sT5N32akeuKSAV4oXU5Dhs9DYGIJJAdGKfXtNXiElvsQvm00KyC1gH3yBcsV0UHMhcHDXsbONUID12Y3+IJuxI0oT3pvizj3NQWIv0z50xYMyIaexs41QgPXZgAAAABX1N8A19UzYM="}
@@ -151,9 +151,9 @@
00796{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":71,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":32,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739304628383,"flow_src_last_pkt_time":946739304628383,"flow_dst_last_pkt_time":946739304628383,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1472,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1472,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1472,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739304628383,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"41.79.69.13","src_port":46229,"dst_port":443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
02499{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":71,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":32,"flow_packet_id":1,"flow_src_last_pkt_time":946739304628383,"flow_dst_last_pkt_time":946739304628383,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":1514,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1514,"pkt_l4_len":1480,"thread_ts_usec":946739304628383,"pkt":"REREREREZmZmZmZmCABFAAXcpRogAL0RA94KAAABKU9FDbSVAbsGBIFBBsIBAAABAAAAAAABATINZG5zY3J5cHQtY2VydAJ0egRkMHduA2JpegAAEAABAAAAAAAAAAAABcQADAXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="}
00950{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":71,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":32,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739304628383,"flow_src_last_pkt_time":946739304628383,"flow_dst_last_pkt_time":946739304628383,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1472,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1472,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1472,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739304628383,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"41.79.69.13","src_port":46229,"dst_port":443,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"DNScrypt","proto_id":"208","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":14,"category":"Network"}}
-00335{"error_event_id":9,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":13,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739304628389,"packet_id":72,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739304628389}
+00335{"error_event_id":8,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":13,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739304628389,"packet_id":72,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739304628389}
00439{"packet_event_id":1,"packet_event_name":"packet","packet_id":72,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","pkt_datalink":1,"pkt_caplen":94,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":94,"pkt_l4_len":0,"thread_ts_usec":946739304628383,"pkt":"REREREREZmZmZmZmCABFAABQpRkAub0RKLIKAAABKU9FDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
-00335{"error_event_id":9,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":14,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739304628405,"packet_id":73,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739304628405}
+00335{"error_event_id":8,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":14,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739304628405,"packet_id":73,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739304628405}
00439{"packet_event_id":1,"packet_event_name":"packet","packet_id":73,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","pkt_datalink":1,"pkt_caplen":94,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":94,"pkt_l4_len":0,"thread_ts_usec":946739304628383,"pkt":"REREREREZmZmZmZmCABFAABQpRoAub0RKLEKAAABKU9FDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
00796{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":74,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":33,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739304628422,"flow_src_last_pkt_time":946739304628422,"flow_dst_last_pkt_time":946739304628422,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1472,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1472,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1472,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739304628422,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"41.79.69.13","src_port":56043,"dst_port":443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
02499{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":74,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":33,"flow_packet_id":1,"flow_src_last_pkt_time":946739304628422,"flow_dst_last_pkt_time":946739304628422,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":1514,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1514,"pkt_l4_len":1480,"thread_ts_usec":946739304628422,"pkt":"REREREREZmZmZmZmCABFAAXcpRsgAL0RA90KAAABKU9FDdrrAbsGBFrpBsQBAAABAAAAAAABATINZG5zY3J5cHQtY2VydAJ0egRkMHduA2JpegAAEAABAAAAAAAAAAAABcQADAXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="}
@@ -161,7 +161,7 @@
00793{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":75,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":34,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739304628431,"flow_src_last_pkt_time":946739304628431,"flow_dst_last_pkt_time":946739304628431,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":512,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":512,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":512,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739304628431,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"41.79.69.13","src_port":38136,"dst_port":443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
01216{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":75,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":34,"flow_packet_id":1,"flow_src_last_pkt_time":946739304628431,"flow_dst_last_pkt_time":946739304628431,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":554,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":554,"pkt_l4_len":520,"thread_ts_usec":946739304628431,"pkt":"REREREREZmZmZmZmCABFAAIcpRxAAL0R55sKAAABKU9FDZT4AbsCCDEyBsMBAAABAAAAAAABATINZG5zY3J5cHQtY2VydAJ0egRkMHduA2JpegAAEAABAAAAAAAAAAAAAcgADAHEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="}
00947{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":75,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":34,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739304628431,"flow_src_last_pkt_time":946739304628431,"flow_dst_last_pkt_time":946739304628431,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":512,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":512,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":512,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739304628431,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"41.79.69.13","src_port":38136,"dst_port":443,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"DNScrypt","proto_id":"208","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":14,"category":"Network"}}
-00335{"error_event_id":9,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":15,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739304628442,"packet_id":76,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739304628442}
+00335{"error_event_id":8,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":15,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739304628442,"packet_id":76,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739304628442}
00439{"packet_event_id":1,"packet_event_name":"packet","packet_id":76,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","pkt_datalink":1,"pkt_caplen":94,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":94,"pkt_l4_len":0,"thread_ts_usec":946739304628431,"pkt":"REREREREZmZmZmZmCABFAABQpRsAub0RKLAKAAABKU9FDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
00793{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":77,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":35,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739304628531,"flow_src_last_pkt_time":946739304628531,"flow_dst_last_pkt_time":946739304628531,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":512,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":512,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":512,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739304628531,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"41.79.69.13","src_port":56177,"dst_port":443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
01216{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":77,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":35,"flow_packet_id":1,"flow_src_last_pkt_time":946739304628531,"flow_dst_last_pkt_time":946739304628531,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":554,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":554,"pkt_l4_len":520,"thread_ts_usec":946739304628531,"pkt":"REREREREZmZmZmZmCABFAAIcpR1AAL0R55oKAAABKU9FDdtxAbsCCDEyBsEBAAABAAAAAAABATINZG5zY3J5cHQtY2VydAJ0egRkMHduA2JpegAAEAABAAAAAAAAAAAAAcgADAHEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="}
@@ -178,7 +178,7 @@
00798{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":83,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":38,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739304789547,"flow_src_last_pkt_time":946739304789547,"flow_dst_last_pkt_time":946739304789547,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1472,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1472,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1472,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739304789547,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"51.15.122.250","src_port":38867,"dst_port":443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
02499{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":83,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":38,"flow_packet_id":1,"flow_src_last_pkt_time":946739304789547,"flow_dst_last_pkt_time":946739304789547,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":1514,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1514,"pkt_l4_len":1480,"thread_ts_usec":946739304789547,"pkt":"REREREREZmZmZmZmCABFAAXc6z8gAL0RfgsKAAABMw96+pfTAbsGBFECxkYBAAABAAAAAAABATINZG5zY3J5cHQtY2VydAxzY2FsZXdheS1hbXMAABAAAQAAAAAAAAAAAAXDAAwFvwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="}
00952{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":83,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":38,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739304789547,"flow_src_last_pkt_time":946739304789547,"flow_dst_last_pkt_time":946739304789547,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1472,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1472,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1472,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739304789547,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"51.15.122.250","src_port":38867,"dst_port":443,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"DNScrypt","proto_id":"208","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":14,"category":"Network"}}
-00335{"error_event_id":9,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":16,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739304789570,"packet_id":84,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739304789570}
+00335{"error_event_id":8,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":16,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739304789570,"packet_id":84,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739304789570}
00439{"packet_event_id":1,"packet_event_name":"packet","packet_id":84,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","pkt_datalink":1,"pkt_caplen":94,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":94,"pkt_l4_len":0,"thread_ts_usec":946739304789547,"pkt":"REREREREZmZmZmZmCABFAABQ6z8Aub0Rot4KAAABMw96+gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
00798{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":85,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":39,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739304789691,"flow_src_last_pkt_time":946739304789691,"flow_dst_last_pkt_time":946739304789691,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1472,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1472,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1472,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739304789691,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"51.15.122.250","src_port":59709,"dst_port":443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
02499{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":85,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":39,"flow_packet_id":1,"flow_src_last_pkt_time":946739304789691,"flow_dst_last_pkt_time":946739304789691,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":1514,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1514,"pkt_l4_len":1480,"thread_ts_usec":946739304789691,"pkt":"REREREREZmZmZmZmCABFAAXc60AgAL0RfgoKAAABMw96+uk9AbsGBP+VxkgBAAABAAAAAAABATINZG5zY3J5cHQtY2VydAxzY2FsZXdheS1hbXMAABAAAQAAAAAAAAAAAAXDAAwFvwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="}
@@ -655,7 +655,7 @@
00801{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":384,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":152,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739337048428,"flow_src_last_pkt_time":946739337048428,"flow_dst_last_pkt_time":946739337048428,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1472,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1472,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1472,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739337048428,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"51.15.124.208","src_port":49975,"dst_port":4343,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
02501{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":384,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":152,"flow_packet_id":1,"flow_src_last_pkt_time":946739337048428,"flow_dst_last_pkt_time":946739337048428,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":1514,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1514,"pkt_l4_len":1480,"thread_ts_usec":946739337048428,"pkt":"REREREREZmZmZmZmCABFAAXc+L0gAL0RbrcKAAABMw980MM3EPcGBKwyaUIBAAABAAAAAAABATINZG5zY3J5cHQtY2VydA9hbXMtZG5zY3J5cHQtbmwAABAAAQAAAAAAAAAAAAXAAAwFvAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="}
00955{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":384,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":152,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739337048428,"flow_src_last_pkt_time":946739337048428,"flow_dst_last_pkt_time":946739337048428,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1472,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1472,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1472,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739337048428,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"51.15.124.208","src_port":49975,"dst_port":4343,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"DNScrypt","proto_id":"208","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":14,"category":"Network"}}
-00335{"error_event_id":9,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":1,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739337048442,"packet_id":385,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739337048442}
+00335{"error_event_id":8,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":1,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739337048442,"packet_id":385,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739337048442}
00440{"packet_event_id":1,"packet_event_name":"packet","packet_id":385,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","pkt_datalink":1,"pkt_caplen":94,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":94,"pkt_l4_len":0,"thread_ts_usec":946739337048428,"pkt":"REREREREZmZmZmZmCABFAABQ+L0Aub0Rk4oKAAABMw980AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
00801{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":386,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":153,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739337048478,"flow_src_last_pkt_time":946739337048478,"flow_dst_last_pkt_time":946739337048478,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1472,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1472,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1472,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739337048478,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"51.15.124.208","src_port":38310,"dst_port":4343,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
02501{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":386,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":153,"flow_packet_id":1,"flow_src_last_pkt_time":946739337048478,"flow_dst_last_pkt_time":946739337048478,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":1514,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1514,"pkt_l4_len":1480,"thread_ts_usec":946739337048478,"pkt":"REREREREZmZmZmZmCABFAAXc+L4gAL0RbrYKAAABMw980JWmEPcGBNnFaUABAAABAAAAAAABATINZG5zY3J5cHQtY2VydA9hbXMtZG5zY3J5cHQtbmwAABAAAQAAAAAAAAAAAAXAAAwFvAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="}
@@ -663,12 +663,12 @@
00798{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":387,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":154,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739337048481,"flow_src_last_pkt_time":946739337048481,"flow_dst_last_pkt_time":946739337048481,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":512,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":512,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":512,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739337048481,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"51.15.124.208","src_port":55768,"dst_port":4343,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
01218{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":387,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":154,"flow_packet_id":1,"flow_src_last_pkt_time":946739337048481,"flow_dst_last_pkt_time":946739337048481,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":554,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":554,"pkt_l4_len":520,"thread_ts_usec":946739337048481,"pkt":"REREREREZmZmZmZmCABFAAIc+L9AAL0RUnUKAAABMw980NnYEPcCCHK1aUMBAAABAAAAAAABATINZG5zY3J5cHQtY2VydA9hbXMtZG5zY3J5cHQtbmwAABAAAQAAAAAAAAAAAAHEAAwBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="}
00952{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":387,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":154,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739337048481,"flow_src_last_pkt_time":946739337048481,"flow_dst_last_pkt_time":946739337048481,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":512,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":512,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":512,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739337048481,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"51.15.124.208","src_port":55768,"dst_port":4343,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"DNScrypt","proto_id":"208","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":14,"category":"Network"}}
-00335{"error_event_id":9,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":2,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739337048490,"packet_id":388,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739337048490}
+00335{"error_event_id":8,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":2,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739337048490,"packet_id":388,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739337048490}
00440{"packet_event_id":1,"packet_event_name":"packet","packet_id":388,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","pkt_datalink":1,"pkt_caplen":94,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":94,"pkt_l4_len":0,"thread_ts_usec":946739337048481,"pkt":"REREREREZmZmZmZmCABFAABQ+L4Aub0Rk4kKAAABMw980AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
00801{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":389,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":155,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739337048494,"flow_src_last_pkt_time":946739337048494,"flow_dst_last_pkt_time":946739337048494,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1472,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1472,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1472,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739337048494,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"51.15.124.208","src_port":39910,"dst_port":4343,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
02501{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":389,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":155,"flow_packet_id":1,"flow_src_last_pkt_time":946739337048494,"flow_dst_last_pkt_time":946739337048494,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":1514,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1514,"pkt_l4_len":1480,"thread_ts_usec":946739337048494,"pkt":"REREREREZmZmZmZmCABFAAXc+MAgAL0RbrQKAAABMw980JvmEPcGBNOBaUQBAAABAAAAAAABATINZG5zY3J5cHQtY2VydA9hbXMtZG5zY3J5cHQtbmwAABAAAQAAAAAAAAAAAAXAAAwFvAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="}
00955{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":389,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":155,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739337048494,"flow_src_last_pkt_time":946739337048494,"flow_dst_last_pkt_time":946739337048494,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1472,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1472,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1472,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739337048494,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"51.15.124.208","src_port":39910,"dst_port":4343,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"DNScrypt","proto_id":"208","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":14,"category":"Network"}}
-00335{"error_event_id":9,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":3,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739337048503,"packet_id":390,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739337048503}
+00335{"error_event_id":8,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":3,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739337048503,"packet_id":390,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739337048503}
00440{"packet_event_id":1,"packet_event_name":"packet","packet_id":390,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","pkt_datalink":1,"pkt_caplen":94,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":94,"pkt_l4_len":0,"thread_ts_usec":946739337048494,"pkt":"REREREREZmZmZmZmCABFAABQ+MAAub0Rk4cKAAABMw980AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
00798{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":391,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":156,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739337048530,"flow_src_last_pkt_time":946739337048530,"flow_dst_last_pkt_time":946739337048530,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":512,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":512,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":512,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739337048530,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"51.15.124.208","src_port":53887,"dst_port":4343,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
01219{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":391,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":156,"flow_packet_id":1,"flow_src_last_pkt_time":946739337048530,"flow_dst_last_pkt_time":946739337048530,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":554,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":554,"pkt_l4_len":520,"thread_ts_usec":946739337048530,"pkt":"REREREREZmZmZmZmCABFAAIc+MFAAL0RUnMKAAABMw980NJ\/EPcCCHK1aUEBAAABAAAAAAABATINZG5zY3J5cHQtY2VydA9hbXMtZG5zY3J5cHQtbmwAABAAAQAAAAAAAAAAAAHEAAwBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="}
@@ -682,7 +682,7 @@
00802{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":396,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":158,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739337078124,"flow_src_last_pkt_time":946739337078124,"flow_dst_last_pkt_time":946739337078124,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1472,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1472,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1472,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739337078124,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"167.114.220.125","src_port":38508,"dst_port":443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
02502{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":396,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":158,"flow_packet_id":1,"flow_src_last_pkt_time":946739337078124,"flow_dst_last_pkt_time":946739337078124,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":1514,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1514,"pkt_l4_len":1480,"thread_ts_usec":946739337078124,"pkt":"REREREREZmZmZmZmCABFAAXc\/ckgAL0RlZoKAAABp3LcfZZsAbsGBGHYm2YBAAABAAAAAAABATINZG5zY3J5cHQtY2VydAhkbnNjcnlwdARjYS0xAAAQAAEAAAAAAAAAAAAFwgAMBb4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="}
00956{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":396,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":158,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739337078124,"flow_src_last_pkt_time":946739337078124,"flow_dst_last_pkt_time":946739337078124,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1472,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1472,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1472,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739337078124,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"167.114.220.125","src_port":38508,"dst_port":443,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"DNScrypt","proto_id":"208","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":14,"category":"Network"}}
-00335{"error_event_id":9,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":4,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739337078136,"packet_id":397,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739337078136}
+00335{"error_event_id":8,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":4,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739337078136,"packet_id":397,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739337078136}
00441{"packet_event_id":1,"packet_event_name":"packet","packet_id":397,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","pkt_datalink":1,"pkt_caplen":94,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":94,"pkt_l4_len":0,"thread_ts_usec":946739337078124,"pkt":"REREREREZmZmZmZmCABFAABQ\/ckAub0Rum0KAAABp3LcfQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
00799{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":398,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":159,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739337078188,"flow_src_last_pkt_time":946739337078188,"flow_dst_last_pkt_time":946739337078188,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":512,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":512,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":512,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739337078188,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"167.114.220.125","src_port":39816,"dst_port":443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
01219{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":398,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":159,"flow_packet_id":1,"flow_src_last_pkt_time":946739337078188,"flow_dst_last_pkt_time":946739337078188,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":554,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":554,"pkt_l4_len":520,"thread_ts_usec":946739337078188,"pkt":"REREREREZmZmZmZmCABFAAIc\/cpAAL0ReVkKAAABp3LcfZuIAbsCCEbGm2cBAAABAAAAAAABATINZG5zY3J5cHQtY2VydAhkbnNjcnlwdARjYS0xAAAQAAEAAAAAAAAAAAABxgAMAcIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="}
@@ -690,12 +690,12 @@
00802{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":399,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":160,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739337078192,"flow_src_last_pkt_time":946739337078192,"flow_dst_last_pkt_time":946739337078192,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1472,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1472,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1472,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739337078192,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"167.114.220.125","src_port":45613,"dst_port":443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
02502{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":399,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":160,"flow_packet_id":1,"flow_src_last_pkt_time":946739337078192,"flow_dst_last_pkt_time":946739337078192,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":1514,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1514,"pkt_l4_len":1480,"thread_ts_usec":946739337078192,"pkt":"REREREREZmZmZmZmCABFAAXc\/csgAL0RlZgKAAABp3LcfbItAbsGBEYVm2gBAAABAAAAAAABATINZG5zY3J5cHQtY2VydAhkbnNjcnlwdARjYS0xAAAQAAEAAAAAAAAAAAAFwgAMBb4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="}
00956{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":399,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":160,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739337078192,"flow_src_last_pkt_time":946739337078192,"flow_dst_last_pkt_time":946739337078192,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1472,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1472,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1472,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739337078192,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"167.114.220.125","src_port":45613,"dst_port":443,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"DNScrypt","proto_id":"208","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":14,"category":"Network"}}
-00335{"error_event_id":9,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":5,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739337078199,"packet_id":400,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739337078199}
+00335{"error_event_id":8,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":5,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739337078199,"packet_id":400,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739337078199}
00441{"packet_event_id":1,"packet_event_name":"packet","packet_id":400,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","pkt_datalink":1,"pkt_caplen":94,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":94,"pkt_l4_len":0,"thread_ts_usec":946739337078192,"pkt":"REREREREZmZmZmZmCABFAABQ\/csAub0RumsKAAABp3LcfQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
00802{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":401,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":161,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739337078205,"flow_src_last_pkt_time":946739337078205,"flow_dst_last_pkt_time":946739337078205,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1472,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1472,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1472,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739337078205,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"167.114.220.125","src_port":59589,"dst_port":443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
02502{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":401,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":161,"flow_packet_id":1,"flow_src_last_pkt_time":946739337078205,"flow_dst_last_pkt_time":946739337078205,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":1514,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1514,"pkt_l4_len":1480,"thread_ts_usec":946739337078205,"pkt":"REREREREZmZmZmZmCABFAAXc\/cwgAL0RlZcKAAABp3LcfejFAbsGBA+Bm2QBAAABAAAAAAABATINZG5zY3J5cHQtY2VydAhkbnNjcnlwdARjYS0xAAAQAAEAAAAAAAAAAAAFwgAMBb4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="}
00956{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":401,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":161,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739337078205,"flow_src_last_pkt_time":946739337078205,"flow_dst_last_pkt_time":946739337078205,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1472,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1472,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1472,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739337078205,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"167.114.220.125","src_port":59589,"dst_port":443,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"DNScrypt","proto_id":"208","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":14,"category":"Network"}}
-00335{"error_event_id":9,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":6,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739337078218,"packet_id":402,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739337078218}
+00335{"error_event_id":8,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":6,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739337078218,"packet_id":402,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739337078218}
00441{"packet_event_id":1,"packet_event_name":"packet","packet_id":402,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","pkt_datalink":1,"pkt_caplen":94,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":94,"pkt_l4_len":0,"thread_ts_usec":946739337078205,"pkt":"REREREREZmZmZmZmCABFAABQ\/cwAub0RumoKAAABp3LcfQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
00799{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":403,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":162,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739337078271,"flow_src_last_pkt_time":946739337078271,"flow_dst_last_pkt_time":946739337078271,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":512,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":512,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":512,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739337078271,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"167.114.220.125","src_port":45747,"dst_port":443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
01219{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":403,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":162,"flow_packet_id":1,"flow_src_last_pkt_time":946739337078271,"flow_dst_last_pkt_time":946739337078271,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":554,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":554,"pkt_l4_len":520,"thread_ts_usec":946739337078271,"pkt":"REREREREZmZmZmZmCABFAAIc\/c1AAL0ReVYKAAABp3LcfbKzAbsCCEbGm2UBAAABAAAAAAABATINZG5zY3J5cHQtY2VydAhkbnNjcnlwdARjYS0xAAAQAAEAAAAAAAAAAAABxgAMAcIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="}
@@ -715,7 +715,7 @@
00800{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":412,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":165,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739337184850,"flow_src_last_pkt_time":946739337184850,"flow_dst_last_pkt_time":946739337184850,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1472,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1472,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1472,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739337184850,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"5.189.170.196","src_port":58104,"dst_port":465,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
02501{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":412,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":165,"flow_packet_id":1,"flow_src_last_pkt_time":946739337184850,"flow_dst_last_pkt_time":946739337184850,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":1514,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1514,"pkt_l4_len":1480,"thread_ts_usec":946739337184850,"pkt":"REREREREZmZmZmZmCABFAAXcw6sgAL0RoycKAAABBb2qxOL4AdEGBCbssn4BAAABAAAAAAABATINZG5zY3J5cHQtY2VydARuczE2AmRlA2RucwdvcGVubmljBGdsdWUAABAAAQAAAAAAAAAAAAW3AAwFswAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="}
00954{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":412,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":165,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739337184850,"flow_src_last_pkt_time":946739337184850,"flow_dst_last_pkt_time":946739337184850,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1472,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1472,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1472,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739337184850,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"5.189.170.196","src_port":58104,"dst_port":465,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"DNScrypt","proto_id":"208","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":14,"category":"Network"}}
-00335{"error_event_id":9,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":7,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739337184865,"packet_id":413,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739337184865}
+00335{"error_event_id":8,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":7,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739337184865,"packet_id":413,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739337184865}
00441{"packet_event_id":1,"packet_event_name":"packet","packet_id":413,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","pkt_datalink":1,"pkt_caplen":94,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":94,"pkt_l4_len":0,"thread_ts_usec":946739337184850,"pkt":"REREREREZmZmZmZmCABFAABQw6sAub0Rx\/oKAAABBb2qxAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
00797{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":414,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":166,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739337184926,"flow_src_last_pkt_time":946739337184926,"flow_dst_last_pkt_time":946739337184926,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":512,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":512,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":512,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739337184926,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"5.189.170.196","src_port":40748,"dst_port":465,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
01218{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":414,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":166,"flow_packet_id":1,"flow_src_last_pkt_time":946739337184926,"flow_dst_last_pkt_time":946739337184926,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":554,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":554,"pkt_l4_len":520,"thread_ts_usec":946739337184926,"pkt":"REREREREZmZmZmZmCABFAAIcw6xAAL0RhuYKAAABBb2qxJ8sAdECCHNXsoEBAAABAAAAAAABATINZG5zY3J5cHQtY2VydARuczE2AmRlA2RucwdvcGVubmljBGdsdWUAABAAAQAAAAAAAAAAAAG7AAwBtwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="}
@@ -726,9 +726,9 @@
00800{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":416,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":168,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739337184962,"flow_src_last_pkt_time":946739337184962,"flow_dst_last_pkt_time":946739337184962,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1472,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1472,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1472,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739337184962,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"5.189.170.196","src_port":59749,"dst_port":465,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
02501{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":416,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":168,"flow_packet_id":1,"flow_src_last_pkt_time":946739337184962,"flow_dst_last_pkt_time":946739337184962,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":1514,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1514,"pkt_l4_len":1480,"thread_ts_usec":946739337184962,"pkt":"REREREREZmZmZmZmCABFAAXcw64gAL0RoyQKAAABBb2qxOllAdEGBCB7soIBAAABAAAAAAABATINZG5zY3J5cHQtY2VydARuczE2AmRlA2RucwdvcGVubmljBGdsdWUAABAAAQAAAAAAAAAAAAW3AAwFswAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="}
00954{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":416,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":168,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739337184962,"flow_src_last_pkt_time":946739337184962,"flow_dst_last_pkt_time":946739337184962,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1472,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1472,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1472,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739337184962,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"5.189.170.196","src_port":59749,"dst_port":465,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"DNScrypt","proto_id":"208","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":14,"category":"Network"}}
-00335{"error_event_id":9,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":8,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739337184974,"packet_id":417,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739337184974}
+00335{"error_event_id":8,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":8,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739337184974,"packet_id":417,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739337184974}
00441{"packet_event_id":1,"packet_event_name":"packet","packet_id":417,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","pkt_datalink":1,"pkt_caplen":94,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":94,"pkt_l4_len":0,"thread_ts_usec":946739337184962,"pkt":"REREREREZmZmZmZmCABFAABQw60Aub0Rx\/gKAAABBb2qxAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
-00335{"error_event_id":9,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":9,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739337184975,"packet_id":418,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739337184975}
+00335{"error_event_id":8,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":9,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739337184975,"packet_id":418,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739337184975}
00441{"packet_event_id":1,"packet_event_name":"packet","packet_id":418,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","pkt_datalink":1,"pkt_caplen":94,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":94,"pkt_l4_len":0,"thread_ts_usec":946739337184962,"pkt":"REREREREZmZmZmZmCABFAABQw64Aub0Rx\/cKAAABBb2qxAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
00783{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":419,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":160,"flow_packet_id":2,"flow_src_last_pkt_time":946739337078192,"flow_dst_last_pkt_time":946739337186682,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":226,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":226,"pkt_l4_len":192,"thread_ts_usec":946739337186682,"pkt":"ZmZmZmZmRERERERECABFAADU4rgAADMRX7Snctx9CgAAAQG7si0AwMTum2iBgAABAAEAAAAAATINZG5zY3J5cHQtY2VydAhkbnNjcnlwdARjYS0xAAAQAAHADAAQAAEAAAAAAH18RE5TQwACAACtvTpPmuzdARCZdHINGnm84Rta+Q9yZkJOIOBZH1xDWjyTETMesMGOqAFTeyjt37OaMFtfnU1CukJNcbLtFisLiXsfUndKvm3+Vr\/KkwQySWxBEvG+JEE+3LVi8Tb5u3eKex9Sd0q+bV9TqoVfU6qFX1T8BQ=="}
00783{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":420,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":161,"flow_packet_id":2,"flow_src_last_pkt_time":946739337078205,"flow_dst_last_pkt_time":946739337188595,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":226,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":226,"pkt_l4_len":192,"thread_ts_usec":946739337188595,"pkt":"ZmZmZmZmRERERERECABFAADU4rkAADMRX7Onctx9CgAAAQG76MUAwI5am2SBgAABAAEAAAAAATINZG5zY3J5cHQtY2VydAhkbnNjcnlwdARjYS0xAAAQAAHADAAQAAEAAAAAAH18RE5TQwACAACtvTpPmuzdARCZdHINGnm84Rta+Q9yZkJOIOBZH1xDWjyTETMesMGOqAFTeyjt37OaMFtfnU1CukJNcbLtFisLiXsfUndKvm3+Vr\/KkwQySWxBEvG+JEE+3LVi8Tb5u3eKex9Sd0q+bV9TqoVfU6qFX1T8BQ=="}
@@ -745,7 +745,7 @@
00799{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":427,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":171,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739348756596,"flow_src_last_pkt_time":946739348756596,"flow_dst_last_pkt_time":946739348756596,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":512,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":512,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":512,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739348756596,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"185.253.154.66","src_port":45815,"dst_port":4343,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
01218{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":427,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":171,"flow_packet_id":1,"flow_src_last_pkt_time":946739348756596,"flow_dst_last_pkt_time":946739348756596,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":554,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":554,"pkt_l4_len":520,"thread_ts_usec":946739348756596,"pkt":"REREREREZmZmZmZmCABFAAIcwiZAAL0R5K0KAAABuf2aQrL3EPcCCBcWY0sBAAABAAAAAAABATINZG5zY3J5cHQtY2VydAxiY24tZG5zY3J5cHQAABAAAQAAAAAAAAAAAAHHAAwBwwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="}
00953{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":427,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":171,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739348756596,"flow_src_last_pkt_time":946739348756596,"flow_dst_last_pkt_time":946739348756596,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":512,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":512,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":512,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739348756596,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"185.253.154.66","src_port":45815,"dst_port":4343,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"DNScrypt","proto_id":"208","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":14,"category":"Network"}}
-00335{"error_event_id":9,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":1,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739348756609,"packet_id":428,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739348756609}
+00335{"error_event_id":8,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":1,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739348756609,"packet_id":428,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739348756609}
00440{"packet_event_id":1,"packet_event_name":"packet","packet_id":428,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","pkt_datalink":1,"pkt_caplen":94,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":94,"pkt_l4_len":0,"thread_ts_usec":946739348756596,"pkt":"REREREREZmZmZmZmCABFAABQwiUAub0RJcIKAAABuf2aQgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
00799{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":429,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":172,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739348756620,"flow_src_last_pkt_time":946739348756620,"flow_dst_last_pkt_time":946739348756620,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":512,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":512,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":512,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739348756620,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"185.253.154.66","src_port":43540,"dst_port":4343,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
01218{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":429,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":172,"flow_packet_id":1,"flow_src_last_pkt_time":946739348756620,"flow_dst_last_pkt_time":946739348756620,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":554,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":554,"pkt_l4_len":520,"thread_ts_usec":946739348756620,"pkt":"REREREREZmZmZmZmCABFAAIcwidAAL0R5KwKAAABuf2aQqoUEPcCCBcWY0kBAAABAAAAAAABATINZG5zY3J5cHQtY2VydAxiY24tZG5zY3J5cHQAABAAAQAAAAAAAAAAAAHHAAwBwwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="}
@@ -753,12 +753,12 @@
00802{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":430,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":173,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739348756689,"flow_src_last_pkt_time":946739348756689,"flow_dst_last_pkt_time":946739348756689,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1472,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1472,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1472,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739348756689,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"185.253.154.66","src_port":48159,"dst_port":4343,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
02501{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":430,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":173,"flow_packet_id":1,"flow_src_last_pkt_time":946739348756689,"flow_dst_last_pkt_time":946739348756689,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":1514,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1514,"pkt_l4_len":1480,"thread_ts_usec":946739348756689,"pkt":"REREREREZmZmZmZmCABFAAXcwiggAL0RAOwKAAABuf2aQrwfEPcGBB7tY0gBAAABAAAAAAABATINZG5zY3J5cHQtY2VydAxiY24tZG5zY3J5cHQAABAAAQAAAAAAAAAAAAXDAAwFvwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="}
00956{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":430,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":173,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739348756689,"flow_src_last_pkt_time":946739348756689,"flow_dst_last_pkt_time":946739348756689,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1472,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1472,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1472,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739348756689,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"185.253.154.66","src_port":48159,"dst_port":4343,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"DNScrypt","proto_id":"208","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":14,"category":"Network"}}
-00335{"error_event_id":9,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":2,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739348756709,"packet_id":431,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739348756709}
+00335{"error_event_id":8,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":2,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739348756709,"packet_id":431,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739348756709}
00440{"packet_event_id":1,"packet_event_name":"packet","packet_id":431,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","pkt_datalink":1,"pkt_caplen":94,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":94,"pkt_l4_len":0,"thread_ts_usec":946739348756689,"pkt":"REREREREZmZmZmZmCABFAABQwigAub0RJb8KAAABuf2aQgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
00802{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":432,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":174,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739348756792,"flow_src_last_pkt_time":946739348756792,"flow_dst_last_pkt_time":946739348756792,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1472,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1472,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1472,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739348756792,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"185.253.154.66","src_port":38482,"dst_port":4343,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
02501{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":432,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":174,"flow_packet_id":1,"flow_src_last_pkt_time":946739348756792,"flow_dst_last_pkt_time":946739348756792,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":1514,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1514,"pkt_l4_len":1480,"thread_ts_usec":946739348756792,"pkt":"REREREREZmZmZmZmCABFAAXcwikgAL0RAOsKAAABuf2aQpZSEPcGBES4Y0oBAAABAAAAAAABATINZG5zY3J5cHQtY2VydAxiY24tZG5zY3J5cHQAABAAAQAAAAAAAAAAAAXDAAwFvwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="}
00956{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":432,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":174,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739348756792,"flow_src_last_pkt_time":946739348756792,"flow_dst_last_pkt_time":946739348756792,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1472,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1472,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1472,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739348756792,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"185.253.154.66","src_port":38482,"dst_port":4343,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"DNScrypt","proto_id":"208","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":14,"category":"Network"}}
-00335{"error_event_id":9,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":3,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739348756812,"packet_id":433,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739348756812}
+00335{"error_event_id":8,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":3,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739348756812,"packet_id":433,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739348756812}
00440{"packet_event_id":1,"packet_event_name":"packet","packet_id":433,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","pkt_datalink":1,"pkt_caplen":94,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":94,"pkt_l4_len":0,"thread_ts_usec":946739348756792,"pkt":"REREREREZmZmZmZmCABFAABQwikAub0RJb4KAAABuf2aQgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
00783{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":434,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":171,"flow_packet_id":2,"flow_src_last_pkt_time":946739348756596,"flow_dst_last_pkt_time":946739348800047,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":225,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":225,"pkt_l4_len":191,"thread_ts_usec":946739348800047,"pkt":"ZmZmZmZmRERERERECABFAADTW7dAADkR0Ga5\/ZpCCgAAARD3svcAv+AkY0uBgAABAAEAAAAAATINZG5zY3J5cHQtY2VydAxiY24tZG5zY3J5cHQAABAAAcAMABAAAQAAcIAAfXxETlNDAAIAAPzOPvxAqRNc7Q72GZx6clSW\/rILjCJS5AVCUtIfh\/knKqjuiGnU\/ySlMpkdSKAUBEzuxnQcAR\/n3q9w6kY3ZQBbAAtR8Cvhyf4swkJ5CXEM5Flzvf2K4fhPC+UgsGecNlsAC1HwK+HJAAAAAV9TdNFfVMZR"}
00784{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":435,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":169,"flow_packet_id":2,"flow_src_last_pkt_time":946739348756593,"flow_dst_last_pkt_time":946739348800211,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":225,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":225,"pkt_l4_len":191,"thread_ts_usec":946739348800211,"pkt":"ZmZmZmZmRERERERECABFAADTW7hAADkR0GW5\/ZpCCgAAARD3lzUAv\/vqY0eBgAABAAEAAAAAATINZG5zY3J5cHQtY2VydAxiY24tZG5zY3J5cHQAABAAAcAMABAAAQAAcIAAfXxETlNDAAIAAPzOPvxAqRNc7Q72GZx6clSW\/rILjCJS5AVCUtIfh\/knKqjuiGnU\/ySlMpkdSKAUBEzuxnQcAR\/n3q9w6kY3ZQBbAAtR8Cvhyf4swkJ5CXEM5Flzvf2K4fhPC+UgsGecNlsAC1HwK+HJAAAAAV9TdNFfVMZR"}
@@ -775,7 +775,7 @@
00797{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":442,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":177,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739348805774,"flow_src_last_pkt_time":946739348805774,"flow_dst_last_pkt_time":946739348805774,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":512,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":512,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":512,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739348805774,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"142.4.204.111","src_port":41895,"dst_port":443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
01218{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":442,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":177,"flow_packet_id":1,"flow_src_last_pkt_time":946739348805774,"flow_dst_last_pkt_time":946739348805774,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":554,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":554,"pkt_l4_len":520,"thread_ts_usec":946739348805774,"pkt":"REREREREZmZmZmZmCABFAAIclaZAAL0RCvoKAAABjgTMb6OnAbsCCB1KEX0BAAABAAAAAAABATINZG5zY3J5cHQtY2VydANuczMCY2EFbHVnZ3MCY28AABAAAQAAAAAAAAAAAAHEAAwBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="}
00951{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":442,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":177,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739348805774,"flow_src_last_pkt_time":946739348805774,"flow_dst_last_pkt_time":946739348805774,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":512,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":512,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":512,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739348805774,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"142.4.204.111","src_port":41895,"dst_port":443,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"DNScrypt","proto_id":"208","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":14,"category":"Network"}}
-00335{"error_event_id":9,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":4,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739348805778,"packet_id":443,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739348805778}
+00335{"error_event_id":8,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":4,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739348805778,"packet_id":443,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739348805778}
00440{"packet_event_id":1,"packet_event_name":"packet","packet_id":443,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","pkt_datalink":1,"pkt_caplen":94,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":94,"pkt_l4_len":0,"thread_ts_usec":946739348805774,"pkt":"REREREREZmZmZmZmCABFAABQlaUAub0RTA4KAAABjgTMbwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
00797{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":444,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":178,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739348805808,"flow_src_last_pkt_time":946739348805808,"flow_dst_last_pkt_time":946739348805808,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":512,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":512,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":512,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739348805808,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"142.4.204.111","src_port":46363,"dst_port":443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
01218{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":444,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":178,"flow_packet_id":1,"flow_src_last_pkt_time":946739348805808,"flow_dst_last_pkt_time":946739348805808,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":554,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":554,"pkt_l4_len":520,"thread_ts_usec":946739348805808,"pkt":"REREREREZmZmZmZmCABFAAIcladAAL0RCvkKAAABjgTMb7UbAbsCCB1KEXsBAAABAAAAAAABATINZG5zY3J5cHQtY2VydANuczMCY2EFbHVnZ3MCY28AABAAAQAAAAAAAAAAAAHEAAwBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="}
@@ -783,12 +783,12 @@
00800{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":445,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":179,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739348805827,"flow_src_last_pkt_time":946739348805827,"flow_dst_last_pkt_time":946739348805827,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1472,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1472,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1472,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739348805827,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"142.4.204.111","src_port":57180,"dst_port":443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
02501{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":445,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":179,"flow_packet_id":1,"flow_src_last_pkt_time":946739348805827,"flow_dst_last_pkt_time":946739348805827,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":1514,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1514,"pkt_l4_len":1480,"thread_ts_usec":946739348805827,"pkt":"REREREREZmZmZmZmCABFAAXclaggAL0RJzgKAAABjgTMb99cAbsGBKBJEX4BAAABAAAAAAABATINZG5zY3J5cHQtY2VydANuczMCY2EFbHVnZ3MCY28AABAAAQAAAAAAAAAAAAXAAAwFvAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="}
00954{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":445,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":179,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739348805827,"flow_src_last_pkt_time":946739348805827,"flow_dst_last_pkt_time":946739348805827,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1472,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1472,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1472,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739348805827,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"142.4.204.111","src_port":57180,"dst_port":443,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"DNScrypt","proto_id":"208","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":14,"category":"Network"}}
-00335{"error_event_id":9,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":5,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739348805843,"packet_id":446,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739348805843}
+00335{"error_event_id":8,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":5,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739348805843,"packet_id":446,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739348805843}
00440{"packet_event_id":1,"packet_event_name":"packet","packet_id":446,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","pkt_datalink":1,"pkt_caplen":94,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":94,"pkt_l4_len":0,"thread_ts_usec":946739348805827,"pkt":"REREREREZmZmZmZmCABFAABQlagAub0RTAsKAAABjgTMbwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
00800{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":447,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":180,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739348805857,"flow_src_last_pkt_time":946739348805857,"flow_dst_last_pkt_time":946739348805857,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1472,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1472,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1472,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739348805857,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"142.4.204.111","src_port":47621,"dst_port":443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
02501{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":447,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":180,"flow_packet_id":1,"flow_src_last_pkt_time":946739348805857,"flow_dst_last_pkt_time":946739348805857,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":1514,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1514,"pkt_l4_len":1480,"thread_ts_usec":946739348805857,"pkt":"REREREREZmZmZmZmCABFAAXclakgAL0RJzcKAAABjgTMb7oFAbsGBMWkEXoBAAABAAAAAAABATINZG5zY3J5cHQtY2VydANuczMCY2EFbHVnZ3MCY28AABAAAQAAAAAAAAAAAAXAAAwFvAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="}
00954{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":447,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":180,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739348805857,"flow_src_last_pkt_time":946739348805857,"flow_dst_last_pkt_time":946739348805857,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1472,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1472,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1472,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739348805857,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"142.4.204.111","src_port":47621,"dst_port":443,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"DNScrypt","proto_id":"208","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":14,"category":"Network"}}
-00335{"error_event_id":9,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":6,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739348805876,"packet_id":448,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739348805876}
+00335{"error_event_id":8,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":6,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739348805876,"packet_id":448,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739348805876}
00440{"packet_event_id":1,"packet_event_name":"packet","packet_id":448,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","pkt_datalink":1,"pkt_caplen":94,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":94,"pkt_l4_len":0,"thread_ts_usec":946739348805857,"pkt":"REREREREZmZmZmZmCABFAABQlakAub0RTAoKAAABjgTMbwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
00785{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":449,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":177,"flow_packet_id":2,"flow_src_last_pkt_time":946739348805774,"flow_dst_last_pkt_time":946739348912043,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":228,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":228,"pkt_l4_len":194,"thread_ts_usec":946739348912043,"pkt":"ZmZmZmZmRERERERECABFAADWoIMAADQRymOOBMxvCgAAAQG7o6cAwiYzEX2BgAABAAEAAAAAATINZG5zY3J5cHQtY2VydANuczMCY2EFbHVnZ3MCY28AABAAAcAMABAAAQAAAAAAfXxETlNDAAEAAG0rJMeHQmadAAjPo7oVfCGn+vVnYNn+3VnMSzQY0rAkl3fyY6FeDYzevPOP9Wx6CFjMcHM\/npT74\/JxSlg\/ZQ+xYYapuSWJmSy0bkM5eaAYWq1iOjOwzrlApye0OOzsPbFhhqm5JYmZWX62h1l+todsSrmH"}
00785{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":450,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":176,"flow_packet_id":2,"flow_src_last_pkt_time":946739348805763,"flow_dst_last_pkt_time":946739348913796,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":228,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":228,"pkt_l4_len":194,"thread_ts_usec":946739348913796,"pkt":"ZmZmZmZmRERERERECABFAADWoIUAADQRymGOBMxvCgAAAQG751gAwuKCEXyBgAABAAEAAAAAATINZG5zY3J5cHQtY2VydANuczMCY2EFbHVnZ3MCY28AABAAAcAMABAAAQAAAAAAfXxETlNDAAEAAG0rJMeHQmadAAjPo7oVfCGn+vVnYNn+3VnMSzQY0rAkl3fyY6FeDYzevPOP9Wx6CFjMcHM\/npT74\/JxSlg\/ZQ+xYYapuSWJmSy0bkM5eaAYWq1iOjOwzrlApye0OOzsPbFhhqm5JYmZWX62h1l+todsSrmH"}
@@ -811,7 +811,7 @@
00798{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":457,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":183,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739380804529,"flow_src_last_pkt_time":946739380804529,"flow_dst_last_pkt_time":946739380804529,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":512,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":512,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":512,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739380804529,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"212.47.228.136","src_port":52056,"dst_port":443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
01220{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":457,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":183,"flow_packet_id":1,"flow_src_last_pkt_time":946739380804529,"flow_dst_last_pkt_time":946739380804529,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":554,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":554,"pkt_l4_len":520,"thread_ts_usec":946739380804529,"pkt":"REREREREZmZmZmZmCABFAAIc\/YdAAH4Rg9QKAAAB1C\/kiMtYAbsCCHuObeIBAAABAAAAAAABATINZG5zY3J5cHQtY2VydAJmcghkbnNjcnlwdANvcmcAABAAAQAAAAAAAAAAAAHEAAwBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="}
00952{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":457,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":183,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739380804529,"flow_src_last_pkt_time":946739380804529,"flow_dst_last_pkt_time":946739380804529,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":512,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":512,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":512,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739380804529,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"212.47.228.136","src_port":52056,"dst_port":443,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"DNScrypt","proto_id":"208","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":14,"category":"Network"}}
-00335{"error_event_id":9,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":1,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739380804545,"packet_id":458,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739380804545}
+00335{"error_event_id":8,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":1,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739380804545,"packet_id":458,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739380804545}
00441{"packet_event_id":1,"packet_event_name":"packet","packet_id":458,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","pkt_datalink":1,"pkt_caplen":94,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":94,"pkt_l4_len":0,"thread_ts_usec":946739380804529,"pkt":"REREREREZmZmZmZmCABFAABQIEwAuX4RoiMKAAAB1C\/kiAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
00798{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":459,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":184,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739380805007,"flow_src_last_pkt_time":946739380805007,"flow_dst_last_pkt_time":946739380805007,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":512,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":512,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":512,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739380805007,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"212.47.228.136","src_port":40775,"dst_port":443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
01220{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":459,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":184,"flow_packet_id":1,"flow_src_last_pkt_time":946739380805007,"flow_dst_last_pkt_time":946739380805007,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":554,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":554,"pkt_l4_len":520,"thread_ts_usec":946739380805007,"pkt":"REREREREZmZmZmZmCABFAAIc\/YhAAH4Rg9MKAAAB1C\/kiJ9HAbsCCHuObeABAAABAAAAAAABATINZG5zY3J5cHQtY2VydAJmcghkbnNjcnlwdANvcmcAABAAAQAAAAAAAAAAAAHEAAwBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="}
@@ -819,12 +819,12 @@
00801{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":460,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":185,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739380805259,"flow_src_last_pkt_time":946739380805259,"flow_dst_last_pkt_time":946739380805259,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1472,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1472,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1472,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739380805259,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"212.47.228.136","src_port":56335,"dst_port":443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
02503{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":460,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":185,"flow_packet_id":1,"flow_src_last_pkt_time":946739380805259,"flow_dst_last_pkt_time":946739380805259,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":1514,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1514,"pkt_l4_len":1480,"thread_ts_usec":946739380805259,"pkt":"REREREREZmZmZmZmCABFAAXc\/YkgAH4RoBIKAAAB1C\/kiNwPAbsGBMhCbeEBAAABAAAAAAABATINZG5zY3J5cHQtY2VydAJmcghkbnNjcnlwdANvcmcAABAAAQAAAAAAAAAAAAXAAAwFvAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="}
00955{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":460,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":185,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739380805259,"flow_src_last_pkt_time":946739380805259,"flow_dst_last_pkt_time":946739380805259,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1472,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1472,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1472,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739380805259,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"212.47.228.136","src_port":56335,"dst_port":443,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"DNScrypt","proto_id":"208","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":14,"category":"Network"}}
-00335{"error_event_id":9,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":2,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739380805278,"packet_id":461,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739380805278}
+00335{"error_event_id":8,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":2,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739380805278,"packet_id":461,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739380805278}
00442{"packet_event_id":1,"packet_event_name":"packet","packet_id":461,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","pkt_datalink":1,"pkt_caplen":94,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":94,"pkt_l4_len":0,"thread_ts_usec":946739380805259,"pkt":"REREREREZmZmZmZmCABFAABQ\/YkAuX4RxOUKAAAB1C\/kiAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
00801{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":462,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":186,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739380805613,"flow_src_last_pkt_time":946739380805613,"flow_dst_last_pkt_time":946739380805613,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1472,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1472,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1472,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739380805613,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"212.47.228.136","src_port":60885,"dst_port":443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
02503{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":462,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":186,"flow_packet_id":1,"flow_src_last_pkt_time":946739380805613,"flow_dst_last_pkt_time":946739380805613,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":1514,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1514,"pkt_l4_len":1480,"thread_ts_usec":946739380805613,"pkt":"REREREREZmZmZmZmCABFAAXc\/YogAH4RoBEKAAAB1C\/kiO3VAbsGBLZ+bd8BAAABAAAAAAABATINZG5zY3J5cHQtY2VydAJmcghkbnNjcnlwdANvcmcAABAAAQAAAAAAAAAAAAXAAAwFvAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="}
00955{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":462,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":186,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739380805613,"flow_src_last_pkt_time":946739380805613,"flow_dst_last_pkt_time":946739380805613,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1472,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1472,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1472,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739380805613,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"212.47.228.136","src_port":60885,"dst_port":443,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"DNScrypt","proto_id":"208","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":14,"category":"Network"}}
-00335{"error_event_id":9,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":3,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739380805632,"packet_id":463,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739380805632}
+00335{"error_event_id":8,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":3,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739380805632,"packet_id":463,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739380805632}
00442{"packet_event_id":1,"packet_event_name":"packet","packet_id":463,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","pkt_datalink":1,"pkt_caplen":94,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":94,"pkt_l4_len":0,"thread_ts_usec":946739380805613,"pkt":"REREREREZmZmZmZmCABFAABQ\/YoAuX4RxOQKAAAB1C\/kiAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
00783{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":464,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":181,"flow_packet_id":2,"flow_src_last_pkt_time":946739380804527,"flow_dst_last_pkt_time":946739380832369,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":228,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":228,"pkt_l4_len":194,"thread_ts_usec":946739380832369,"pkt":"ZmZmZmZmRERERERECABFAADWpUBAADIRKWLUL+SICgAAAQG7leMAwtNqbd6BgAABAAEAAAAAATINZG5zY3J5cHQtY2VydAJmcghkbnNjcnlwdANvcmcAABAAAcAMABAAAQAAcIAAfXxETlNDAAIAAAGnqbCRK7WvFnA0fqnvTaP0TkhGLYlM337fP\/M0VQi0o3wTy7gpqyMQZFkjfrWn031Ofm4JJLwM1X8FbNxmrQCWUcFQ8RQkVXWSFLecisgk5xXaKVbLy2ZX6VNRztvrCJZRwVDxFCRVAAAAAV9ToghfVPOI"}
00783{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":465,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":182,"flow_packet_id":2,"flow_src_last_pkt_time":946739380804527,"flow_dst_last_pkt_time":946739380834573,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":228,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":228,"pkt_l4_len":194,"thread_ts_usec":946739380834573,"pkt":"ZmZmZmZmRERERERECABFAADWpUJAADIRKWDUL+SICgAAAQG7hbQAwuOabd2BgAABAAEAAAAAATINZG5zY3J5cHQtY2VydAJmcghkbnNjcnlwdANvcmcAABAAAcAMABAAAQAAcIAAfXxETlNDAAIAAAGnqbCRK7WvFnA0fqnvTaP0TkhGLYlM337fP\/M0VQi0o3wTy7gpqyMQZFkjfrWn031Ofm4JJLwM1X8FbNxmrQCWUcFQ8RQkVXWSFLecisgk5xXaKVbLy2ZX6VNRztvrCJZRwVDxFCRVAAAAAV9ToghfVPOI"}
@@ -844,7 +844,7 @@
00799{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":473,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":190,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739380984007,"flow_src_last_pkt_time":946739380984007,"flow_dst_last_pkt_time":946739380984007,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1472,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1472,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1472,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739380984007,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"85.5.93.230","src_port":57090,"dst_port":8443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
02501{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":473,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":190,"flow_packet_id":1,"flow_src_last_pkt_time":946739380984007,"flow_dst_last_pkt_time":946739380984007,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":1514,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1514,"pkt_l4_len":1480,"thread_ts_usec":946739380984007,"pkt":"REREREREZmZmZmZmCABFAAXcVMcgAH4RTqIKAAABVQVd5t8CIPsGBKCC4+8BAAABAAAAAAABATINZG5zY3J5cHQtY2VydAhpYmtzdHVybQAAEAABAAAAAAAAAAAABccADAXDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="}
00953{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":473,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":190,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739380984007,"flow_src_last_pkt_time":946739380984007,"flow_dst_last_pkt_time":946739380984007,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1472,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1472,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1472,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739380984007,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"85.5.93.230","src_port":57090,"dst_port":8443,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"DNScrypt","proto_id":"208","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":14,"category":"Network"}}
-00335{"error_event_id":9,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":4,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739380984034,"packet_id":474,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739380984034}
+00335{"error_event_id":8,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":4,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739380984034,"packet_id":474,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739380984034}
00440{"packet_event_id":1,"packet_event_name":"packet","packet_id":474,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","pkt_datalink":1,"pkt_caplen":94,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":94,"pkt_l4_len":0,"thread_ts_usec":946739380984007,"pkt":"REREREREZmZmZmZmCABFAABQVMcAuX4Rc3UKAAABVQVd5gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
00799{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":475,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":191,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739380984041,"flow_src_last_pkt_time":946739380984041,"flow_dst_last_pkt_time":946739380984041,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1472,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1472,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1472,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739380984041,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"85.5.93.230","src_port":51826,"dst_port":8443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
02502{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":475,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":191,"flow_packet_id":1,"flow_src_last_pkt_time":946739380984041,"flow_dst_last_pkt_time":946739380984041,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":1514,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1514,"pkt_l4_len":1480,"thread_ts_usec":946739380984041,"pkt":"REREREREZmZmZmZmCABFAAXcVMkgAH4RTqAKAAABVQVd5spyIPsGBLUQ4\/EBAAABAAAAAAABATINZG5zY3J5cHQtY2VydAhpYmtzdHVybQAAEAABAAAAAAAAAAAABccADAXDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="}
@@ -852,9 +852,9 @@
00799{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":476,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":192,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739380984041,"flow_src_last_pkt_time":946739380984041,"flow_dst_last_pkt_time":946739380984041,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1472,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1472,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1472,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739380984041,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"85.5.93.230","src_port":39259,"dst_port":8443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
02501{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":476,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":192,"flow_packet_id":1,"flow_src_last_pkt_time":946739380984041,"flow_dst_last_pkt_time":946739380984041,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":1514,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1514,"pkt_l4_len":1480,"thread_ts_usec":946739380984041,"pkt":"REREREREZmZmZmZmCABFAAXcVMggAH4RTqEKAAABVQVd5plbIPsGBOYr4+0BAAABAAAAAAABATINZG5zY3J5cHQtY2VydAhpYmtzdHVybQAAEAABAAAAAAAAAAAABccADAXDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="}
00953{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":476,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":192,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739380984041,"flow_src_last_pkt_time":946739380984041,"flow_dst_last_pkt_time":946739380984041,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1472,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1472,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1472,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739380984041,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"85.5.93.230","src_port":39259,"dst_port":8443,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"DNScrypt","proto_id":"208","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":14,"category":"Network"}}
-00335{"error_event_id":9,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":5,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739380984057,"packet_id":477,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739380984057}
+00335{"error_event_id":8,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":5,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739380984057,"packet_id":477,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739380984057}
00440{"packet_event_id":1,"packet_event_name":"packet","packet_id":477,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","pkt_datalink":1,"pkt_caplen":94,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":94,"pkt_l4_len":0,"thread_ts_usec":946739380984041,"pkt":"REREREREZmZmZmZmCABFAABQVMgAuX4Rc3QKAAABVQVd5gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
-00335{"error_event_id":9,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":6,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739380984062,"packet_id":478,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739380984062}
+00335{"error_event_id":8,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":6,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739380984062,"packet_id":478,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739380984062}
00440{"packet_event_id":1,"packet_event_name":"packet","packet_id":478,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","pkt_datalink":1,"pkt_caplen":94,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":94,"pkt_l4_len":0,"thread_ts_usec":946739380984041,"pkt":"REREREREZmZmZmZmCABFAABQVMkAuX4Rc3MKAAABVQVd5gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
00775{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":479,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":189,"flow_packet_id":2,"flow_src_last_pkt_time":946739380983957,"flow_dst_last_pkt_time":946739381015839,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":221,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":221,"pkt_l4_len":187,"thread_ts_usec":946739381015839,"pkt":"ZmZmZmZmRERERERECABFAADPeUtAADQRWStVBV3mCgAAASD7tjYAu6OI4+6BgAABAAEAAAAAATINZG5zY3J5cHQtY2VydAhpYmtzdHVybQAAEAABwAwAEAABAABwgAB9fEROU0MAAgAAQmF4jrNkSB0NiNqctWCLsz9Hoe15aS6mrwyMq15DMDKxowa47TLEyU+dCwefDt3RvbYdetUltVlZd+8gb8kmCcgRT\/L7wkmA5gU0xv13eDWtHcb4jTpxlTH+X73K1n94yBFP8vvCSYAAAAABX1Nm5l9UuGY="}
00776{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":480,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":187,"flow_packet_id":2,"flow_src_last_pkt_time":946739380983948,"flow_dst_last_pkt_time":946739381016027,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":221,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":221,"pkt_l4_len":187,"thread_ts_usec":946739381016027,"pkt":"ZmZmZmZmRERERERECABFAADPeUlAADQRWS1VBV3mCgAAASD75kQAu3N24\/KBgAABAAEAAAAAATINZG5zY3J5cHQtY2VydAhpYmtzdHVybQAAEAABwAwAEAABAABwgAB9fEROU0MAAgAAQmF4jrNkSB0NiNqctWCLsz9Hoe15aS6mrwyMq15DMDKxowa47TLEyU+dCwefDt3RvbYdetUltVlZd+8gb8kmCcgRT\/L7wkmA5gU0xv13eDWtHcb4jTpxlTH+X73K1n94yBFP8vvCSYAAAAABX1Nm5l9UuGY="}
@@ -1015,12 +1015,12 @@
00801{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":487,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":195,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739391046811,"flow_src_last_pkt_time":946739391046811,"flow_dst_last_pkt_time":946739391046811,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1472,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1472,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1472,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739391046811,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"139.99.222.72","src_port":51509,"dst_port":8443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
02501{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":487,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":195,"flow_packet_id":1,"flow_src_last_pkt_time":946739391046811,"flow_dst_last_pkt_time":946739391046811,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":1514,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1514,"pkt_l4_len":1480,"thread_ts_usec":946739391046811,"pkt":"REREREREZmZmZmZmCABFAAXcBYcgAH4R5yEKAAABi2PeSMk1IPsGBMVRmlYBAAABAAAAAAABATINZG5zY3J5cHQtY2VydANkbnMEc2VieQJpbwAAEAABAAAAAAAAAAAABcQADAXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="}
00955{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":487,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":195,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739391046811,"flow_src_last_pkt_time":946739391046811,"flow_dst_last_pkt_time":946739391046811,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1472,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1472,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1472,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739391046811,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"139.99.222.72","src_port":51509,"dst_port":8443,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"DNScrypt","proto_id":"208","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":14,"category":"Network"}}
-00335{"error_event_id":9,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":1,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739391046819,"packet_id":488,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739391046819}
+00335{"error_event_id":8,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":1,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739391046819,"packet_id":488,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739391046819}
00441{"packet_event_id":1,"packet_event_name":"packet","packet_id":488,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","pkt_datalink":1,"pkt_caplen":94,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":94,"pkt_l4_len":0,"thread_ts_usec":946739391046811,"pkt":"REREREREZmZmZmZmCABFAABQBYYAuX4RC\/YKAAABi2PeSAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
00798{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":489,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":196,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739391046818,"flow_src_last_pkt_time":946739391046818,"flow_dst_last_pkt_time":946739391046818,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":512,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":512,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":512,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739391046818,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"139.99.222.72","src_port":45682,"dst_port":8443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
01218{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":489,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":196,"flow_packet_id":1,"flow_src_last_pkt_time":946739391046818,"flow_dst_last_pkt_time":946739391046818,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":554,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":554,"pkt_l4_len":520,"thread_ts_usec":946739391046818,"pkt":"REREREREZmZmZmZmCABFAAIcBYhAAH4RyuAKAAABi2PeSLJyIPsCCCyCmlcBAAABAAAAAAABATINZG5zY3J5cHQtY2VydANkbnMEc2VieQJpbwAAEAABAAAAAAAAAAAAAcgADAHEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="}
00952{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":489,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":196,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739391046818,"flow_src_last_pkt_time":946739391046818,"flow_dst_last_pkt_time":946739391046818,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":512,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":512,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":512,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739391046818,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"139.99.222.72","src_port":45682,"dst_port":8443,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"DNScrypt","proto_id":"208","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":14,"category":"Network"}}
-00335{"error_event_id":9,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":2,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739391046826,"packet_id":490,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739391046826}
+00335{"error_event_id":8,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":2,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739391046826,"packet_id":490,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739391046826}
00441{"packet_event_id":1,"packet_event_name":"packet","packet_id":490,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","pkt_datalink":1,"pkt_caplen":94,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":94,"pkt_l4_len":0,"thread_ts_usec":946739391046818,"pkt":"REREREREZmZmZmZmCABFAABQBYcAuX4RC\/UKAAABi2PeSAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
00798{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":491,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":197,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739391046859,"flow_src_last_pkt_time":946739391046859,"flow_dst_last_pkt_time":946739391046859,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":512,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":512,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":512,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739391046859,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"139.99.222.72","src_port":59400,"dst_port":8443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
01218{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":491,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":197,"flow_packet_id":1,"flow_src_last_pkt_time":946739391046859,"flow_dst_last_pkt_time":946739391046859,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":554,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":554,"pkt_l4_len":520,"thread_ts_usec":946739391046859,"pkt":"REREREREZmZmZmZmCABFAAIcBYlAAH4Ryt8KAAABi2PeSOgIIPsCCCyCmlUBAAABAAAAAAABATINZG5zY3J5cHQtY2VydANkbnMEc2VieQJpbwAAEAABAAAAAAAAAAAAAcgADAHEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="}
@@ -1028,7 +1028,7 @@
00801{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":492,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":198,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739391046881,"flow_src_last_pkt_time":946739391046881,"flow_dst_last_pkt_time":946739391046881,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1472,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1472,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1472,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739391046881,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"139.99.222.72","src_port":49796,"dst_port":8443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
02501{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":492,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":198,"flow_packet_id":1,"flow_src_last_pkt_time":946739391046881,"flow_dst_last_pkt_time":946739391046881,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":1514,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1514,"pkt_l4_len":1480,"thread_ts_usec":946739391046881,"pkt":"REREREREZmZmZmZmCABFAAXcBYogAH4R5x4KAAABi2PeSMKEIPsGBMwAmlgBAAABAAAAAAABATINZG5zY3J5cHQtY2VydANkbnMEc2VieQJpbwAAEAABAAAAAAAAAAAABcQADAXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="}
00955{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":492,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":198,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739391046881,"flow_src_last_pkt_time":946739391046881,"flow_dst_last_pkt_time":946739391046881,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1472,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1472,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1472,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739391046881,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"139.99.222.72","src_port":49796,"dst_port":8443,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"DNScrypt","proto_id":"208","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":14,"category":"Network"}}
-00335{"error_event_id":9,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":3,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739391046903,"packet_id":493,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739391046903}
+00335{"error_event_id":8,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":3,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739391046903,"packet_id":493,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739391046903}
00441{"packet_event_id":1,"packet_event_name":"packet","packet_id":493,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","pkt_datalink":1,"pkt_caplen":94,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":94,"pkt_l4_len":0,"thread_ts_usec":946739391046881,"pkt":"REREREREZmZmZmZmCABFAABQBYoAuX4RC\/IKAAABi2PeSAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
00783{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":494,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":196,"flow_packet_id":2,"flow_src_last_pkt_time":946739391046818,"flow_dst_last_pkt_time":946739391306378,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":224,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":224,"pkt_l4_len":190,"thread_ts_usec":946739391306378,"pkt":"ZmZmZmZmRERERERECABFAADSWtFAACoRyuGLY95ICgAAASD7snIAvm5FmleBgAABAAEAAAAAATINZG5zY3J5cHQtY2VydANkbnMEc2VieQJpbwAAEAABwAwAEAABAABwgAB9fEROU0MAAgAAAR0hTbelwStbUvrsyN4TMcjd6ciaJLWS\/+lAjdb\/qhY\/GqLYEoO6rv\/+JZlrPe5rwefrjN2pIualeqx6XQ1AD9Zj2kPVDPuO2VaFeIl38Qe5+u3sSCCBiqzaCgrP\/G5+1mPaQ9UM+44AAAABX1NQIl9UoaI="}
00783{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":495,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":193,"flow_packet_id":2,"flow_src_last_pkt_time":946739391046803,"flow_dst_last_pkt_time":946739391308620,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":224,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":224,"pkt_l4_len":190,"thread_ts_usec":946739391308620,"pkt":"ZmZmZmZmRERERERECABFAADSWtNAACoRyt+LY95ICgAAASD7xakAvlsMmlmBgAABAAEAAAAAATINZG5zY3J5cHQtY2VydANkbnMEc2VieQJpbwAAEAABwAwAEAABAABwgAB9fEROU0MAAgAAAR0hTbelwStbUvrsyN4TMcjd6ciaJLWS\/+lAjdb\/qhY\/GqLYEoO6rv\/+JZlrPe5rwefrjN2pIualeqx6XQ1AD9Zj2kPVDPuO2VaFeIl38Qe5+u3sSCCBiqzaCgrP\/G5+1mPaQ9UM+44AAAABX1NQIl9UoaI="}
@@ -1039,12 +1039,12 @@
00801{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":498,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":200,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739396047802,"flow_src_last_pkt_time":946739396047802,"flow_dst_last_pkt_time":946739396047802,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1472,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1472,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1472,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739396047802,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"144.91.106.227","src_port":41108,"dst_port":443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
02501{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":498,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":200,"flow_packet_id":1,"flow_src_last_pkt_time":946739396047802,"flow_dst_last_pkt_time":946739396047802,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":1514,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1514,"pkt_l4_len":1480,"thread_ts_usec":946739396047802,"pkt":"REREREREZmZmZmZmCABFAAXclEMgAH4RxtIKAAABkFtq46CUAbsGBGABZlsBAAABAAAAAAABATINZG5zY3J5cHQtY2VydAhkbnNjcnlwdANvbmUAABAAAQAAAAAAAAAAAAXDAAwFvwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="}
00955{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":498,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":200,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739396047802,"flow_src_last_pkt_time":946739396047802,"flow_dst_last_pkt_time":946739396047802,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1472,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1472,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1472,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739396047802,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"144.91.106.227","src_port":41108,"dst_port":443,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"DNScrypt","proto_id":"208","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":14,"category":"Network"}}
-00335{"error_event_id":9,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":4,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739396047813,"packet_id":499,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739396047813}
+00335{"error_event_id":8,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":4,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739396047813,"packet_id":499,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739396047813}
00440{"packet_event_id":1,"packet_event_name":"packet","packet_id":499,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","pkt_datalink":1,"pkt_caplen":94,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":94,"pkt_l4_len":0,"thread_ts_usec":946739396047802,"pkt":"REREREREZmZmZmZmCABFAABQlEMAuX4R66UKAAABkFtq4wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
00801{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":500,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":201,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739396047817,"flow_src_last_pkt_time":946739396047817,"flow_dst_last_pkt_time":946739396047817,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1472,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1472,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1472,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739396047817,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"144.91.106.227","src_port":48237,"dst_port":443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
02501{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":500,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":201,"flow_packet_id":1,"flow_src_last_pkt_time":946739396047817,"flow_dst_last_pkt_time":946739396047817,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":1514,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1514,"pkt_l4_len":1480,"thread_ts_usec":946739396047817,"pkt":"REREREREZmZmZmZmCABFAAXclEQgAH4RxtEKAAABkFtq47xtAbsGBEQqZlkBAAABAAAAAAABATINZG5zY3J5cHQtY2VydAhkbnNjcnlwdANvbmUAABAAAQAAAAAAAAAAAAXDAAwFvwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="}
00955{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":500,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":201,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739396047817,"flow_src_last_pkt_time":946739396047817,"flow_dst_last_pkt_time":946739396047817,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1472,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1472,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1472,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739396047817,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"144.91.106.227","src_port":48237,"dst_port":443,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"DNScrypt","proto_id":"208","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":14,"category":"Network"}}
-00335{"error_event_id":9,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":5,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739396047828,"packet_id":501,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739396047828}
+00335{"error_event_id":8,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":5,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739396047828,"packet_id":501,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739396047828}
00440{"packet_event_id":1,"packet_event_name":"packet","packet_id":501,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","pkt_datalink":1,"pkt_caplen":94,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":94,"pkt_l4_len":0,"thread_ts_usec":946739396047817,"pkt":"REREREREZmZmZmZmCABFAABQlEQAuX4R66QKAAABkFtq4wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
00798{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":502,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":202,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739396047867,"flow_src_last_pkt_time":946739396047867,"flow_dst_last_pkt_time":946739396047867,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":512,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":512,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":512,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739396047867,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"144.91.106.227","src_port":54305,"dst_port":443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
01218{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":502,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":202,"flow_packet_id":1,"flow_src_last_pkt_time":946739396047867,"flow_dst_last_pkt_time":946739396047867,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":554,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":554,"pkt_l4_len":520,"thread_ts_usec":946739396047867,"pkt":"REREREREZmZmZmZmCABFAAIclEVAAH4RqpAKAAABkFtq49QhAbsCCL4UZloBAAABAAAAAAABATINZG5zY3J5cHQtY2VydAhkbnNjcnlwdANvbmUAABAAAQAAAAAAAAAAAAHHAAwBwwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="}
@@ -1055,7 +1055,7 @@
00801{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":504,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":204,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739396047885,"flow_src_last_pkt_time":946739396047885,"flow_dst_last_pkt_time":946739396047885,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1472,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1472,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1472,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739396047885,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"144.91.106.227","src_port":54204,"dst_port":443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
02501{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":504,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":204,"flow_packet_id":1,"flow_src_last_pkt_time":946739396047885,"flow_dst_last_pkt_time":946739396047885,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":1514,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1514,"pkt_l4_len":1480,"thread_ts_usec":946739396047885,"pkt":"REREREREZmZmZmZmCABFAAXclEcgAH4Rxs4KAAABkFtq49O8AbsGBCzXZl0BAAABAAAAAAABATINZG5zY3J5cHQtY2VydAhkbnNjcnlwdANvbmUAABAAAQAAAAAAAAAAAAXDAAwFvwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="}
00955{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":504,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":204,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739396047885,"flow_src_last_pkt_time":946739396047885,"flow_dst_last_pkt_time":946739396047885,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1472,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1472,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1472,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739396047885,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"144.91.106.227","src_port":54204,"dst_port":443,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"DNScrypt","proto_id":"208","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":14,"category":"Network"}}
-00335{"error_event_id":9,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":6,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739396047896,"packet_id":505,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739396047896}
+00335{"error_event_id":8,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":6,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739396047896,"packet_id":505,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739396047896}
00440{"packet_event_id":1,"packet_event_name":"packet","packet_id":505,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","pkt_datalink":1,"pkt_caplen":94,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":94,"pkt_l4_len":0,"thread_ts_usec":946739396047885,"pkt":"REREREREZmZmZmZmCABFAABQlEcAuX4R66EKAAABkFtq4wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
00778{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":506,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":200,"flow_packet_id":2,"flow_src_last_pkt_time":946739396047802,"flow_dst_last_pkt_time":946739396069636,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":225,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":225,"pkt_l4_len":191,"thread_ts_usec":946739396069636,"pkt":"ZmZmZmZmRERERERECABFAADTkQZAADcR9hiQW2rjCgAAAQG7oJQAvzbjZluBgAABAAEAAAAAATINZG5zY3J5cHQtY2VydAhkbnNjcnlwdANvbmUAABAAAcAMABAAAQAAcIAAfXxETlNDAAIAALkTa3PmYOnbKVsenPA+dUbqb7bPdeethm+r51VaewMcP0sfe1RtTAHcc8Uvs8bFQylZgA4Na3Yk4xgl2KWmKw4bPctGhBgarq2J2ya3ifLfvYsxbqqez8iaBEin48TCXxs9y0aEGBquAAAAAV9TgfdfVNN3"}
00798{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":507,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":205,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739396070457,"flow_src_last_pkt_time":946739396070457,"flow_dst_last_pkt_time":946739396070457,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":512,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":512,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":512,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739396070457,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"46.227.200.55","src_port":33293,"dst_port":8443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
@@ -1067,9 +1067,9 @@
00801{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":509,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":207,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739396070525,"flow_src_last_pkt_time":946739396070525,"flow_dst_last_pkt_time":946739396070525,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1472,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1472,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1472,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739396070525,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"46.227.200.55","src_port":33246,"dst_port":8443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
02501{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":509,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":207,"flow_packet_id":1,"flow_src_last_pkt_time":946739396070525,"flow_dst_last_pkt_time":946739396070525,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":1514,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1514,"pkt_l4_len":1480,"thread_ts_usec":946739396070525,"pkt":"REREREREZmZmZmZmCABFAAXcSFogAH4RFuAKAAABLuPIN4HeIPsGBEfaFc4BAAABAAAAAAABATINZG5zY3J5cHQtY2VydARyZG5zBmZhZWxpeANuZXQAABAAAQAAAAAAAAAAAAXAAAwFvAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="}
00955{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":509,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":207,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739396070525,"flow_src_last_pkt_time":946739396070525,"flow_dst_last_pkt_time":946739396070525,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1472,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1472,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1472,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739396070525,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"46.227.200.55","src_port":33246,"dst_port":8443,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"DNScrypt","proto_id":"208","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":14,"category":"Network"}}
-00335{"error_event_id":9,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":7,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739396070529,"packet_id":510,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739396070529}
+00335{"error_event_id":8,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":7,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739396070529,"packet_id":510,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739396070529}
00440{"packet_event_id":1,"packet_event_name":"packet","packet_id":510,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","pkt_datalink":1,"pkt_caplen":94,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":94,"pkt_l4_len":0,"thread_ts_usec":946739396070525,"pkt":"REREREREZmZmZmZmCABFAABQSFkAuX4RO7QKAAABLuPINwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
-00335{"error_event_id":9,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":8,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739396070534,"packet_id":511,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739396070534}
+00335{"error_event_id":8,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":8,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739396070534,"packet_id":511,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739396070534}
00440{"packet_event_id":1,"packet_event_name":"packet","packet_id":511,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","pkt_datalink":1,"pkt_caplen":94,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":94,"pkt_l4_len":0,"thread_ts_usec":946739396070525,"pkt":"REREREREZmZmZmZmCABFAABQSFoAuX4RO7MKAAABLuPINwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
00798{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":512,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":208,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739396070539,"flow_src_last_pkt_time":946739396070539,"flow_dst_last_pkt_time":946739396070539,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":512,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":512,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":512,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739396070539,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"46.227.200.55","src_port":50277,"dst_port":8443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
01218{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":512,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":208,"flow_packet_id":1,"flow_src_last_pkt_time":946739396070539,"flow_dst_last_pkt_time":946739396070539,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":554,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":554,"pkt_l4_len":520,"thread_ts_usec":946739396070539,"pkt":"REREREREZmZmZmZmCABFAAIcSFtAAH4R+p4KAAABLuPIN8RlIPsCCLnwFdEBAAABAAAAAAABATINZG5zY3J5cHQtY2VydARyZG5zBmZhZWxpeANuZXQAABAAAQAAAAAAAAAAAAHEAAwBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="}
@@ -1077,7 +1077,7 @@
00801{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":513,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":209,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739396070548,"flow_src_last_pkt_time":946739396070548,"flow_dst_last_pkt_time":946739396070548,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1472,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1472,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1472,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739396070548,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"46.227.200.55","src_port":44161,"dst_port":8443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
02501{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":513,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":209,"flow_packet_id":1,"flow_src_last_pkt_time":946739396070548,"flow_dst_last_pkt_time":946739396070548,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":1514,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1514,"pkt_l4_len":1480,"thread_ts_usec":946739396070548,"pkt":"REREREREZmZmZmZmCABFAAXcSFwgAH4RFt4KAAABLuPIN6yBIPsGBB0zFdIBAAABAAAAAAABATINZG5zY3J5cHQtY2VydARyZG5zBmZhZWxpeANuZXQAABAAAQAAAAAAAAAAAAXAAAwFvAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="}
00955{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":513,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":209,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739396070548,"flow_src_last_pkt_time":946739396070548,"flow_dst_last_pkt_time":946739396070548,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1472,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1472,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1472,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739396070548,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"46.227.200.55","src_port":44161,"dst_port":8443,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"DNScrypt","proto_id":"208","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":14,"category":"Network"}}
-00335{"error_event_id":9,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":9,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739396070559,"packet_id":514,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739396070559}
+00335{"error_event_id":8,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":9,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739396070559,"packet_id":514,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739396070559}
00440{"packet_event_id":1,"packet_event_name":"packet","packet_id":514,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","pkt_datalink":1,"pkt_caplen":94,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":94,"pkt_l4_len":0,"thread_ts_usec":946739396070548,"pkt":"REREREREZmZmZmZmCABFAABQSFwAuX4RO7EKAAABLuPINwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
00798{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":515,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":210,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739396070559,"flow_src_last_pkt_time":946739396070559,"flow_dst_last_pkt_time":946739396070559,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":512,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":512,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":512,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739396070559,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"46.227.200.55","src_port":49177,"dst_port":8443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
01218{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":515,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":210,"flow_packet_id":1,"flow_src_last_pkt_time":946739396070559,"flow_dst_last_pkt_time":946739396070559,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":554,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":554,"pkt_l4_len":520,"thread_ts_usec":946739396070559,"pkt":"REREREREZmZmZmZmCABFAAIcSF1AAH4R+pwKAAABLuPIN8AZIPsCCLnwFc8BAAABAAAAAAABATINZG5zY3J5cHQtY2VydARyZG5zBmZhZWxpeANuZXQAABAAAQAAAAAAAAAAAAHEAAwBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="}
@@ -1098,7 +1098,7 @@
00800{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":527,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":212,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739396111010,"flow_src_last_pkt_time":946739396111010,"flow_dst_last_pkt_time":946739396111010,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1472,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1472,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1472,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739396111010,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"107.170.57.34","src_port":55185,"dst_port":443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
02501{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":527,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":212,"flow_packet_id":1,"flow_src_last_pkt_time":946739396111010,"flow_dst_last_pkt_time":946739396111010,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":1514,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1514,"pkt_l4_len":1480,"thread_ts_usec":946739396111010,"pkt":"REREREREZmZmZmZmCABFAAXcKekgAH4Rh58KAAABa6o5IteRAbsGBOOGsy4BAAABAAAAAAABATINZG5zY3J5cHQtY2VydAhkbnNjcnlwdAl2ZW50cmljbGUCdXMAABAAAQAAAAAAAAAAAAW6AAwFtgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="}
00961{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":527,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":212,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739396111010,"flow_src_last_pkt_time":946739396111010,"flow_dst_last_pkt_time":946739396111010,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1472,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1472,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1472,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739396111010,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"107.170.57.34","src_port":55185,"dst_port":443,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"DNScrypt","proto_id":"208","proto_by_ip":"DigitalOcean","proto_by_ip_id":442,"encrypted":1,"breed":"Acceptable","category_id":14,"category":"Network"}}
-00336{"error_event_id":9,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":10,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739396111023,"packet_id":528,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739396111023}
+00336{"error_event_id":8,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":10,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739396111023,"packet_id":528,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739396111023}
00440{"packet_event_id":1,"packet_event_name":"packet","packet_id":528,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","pkt_datalink":1,"pkt_caplen":94,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":94,"pkt_l4_len":0,"thread_ts_usec":946739396111010,"pkt":"REREREREZmZmZmZmCABFAABQKekAuX4RrHIKAAABa6o5IgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
00797{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":529,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":213,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739396111084,"flow_src_last_pkt_time":946739396111084,"flow_dst_last_pkt_time":946739396111084,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":512,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":512,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":512,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739396111084,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"107.170.57.34","src_port":36335,"dst_port":443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
01218{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":529,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":213,"flow_packet_id":1,"flow_src_last_pkt_time":946739396111084,"flow_dst_last_pkt_time":946739396111084,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":554,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":554,"pkt_l4_len":520,"thread_ts_usec":946739396111084,"pkt":"REREREREZmZmZmZmCABFAAIcKepAAH4Ra14KAAABa6o5Io3vAbsCCGeisy8BAAABAAAAAAABATINZG5zY3J5cHQtY2VydAhkbnNjcnlwdAl2ZW50cmljbGUCdXMAABAAAQAAAAAAAAAAAAG+AAwBugAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="}
@@ -1112,9 +1112,9 @@
00800{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":532,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":216,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739396111164,"flow_src_last_pkt_time":946739396111164,"flow_dst_last_pkt_time":946739396111164,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1472,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1472,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1472,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739396111164,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"107.170.57.34","src_port":42141,"dst_port":443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
02501{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":532,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":216,"flow_packet_id":1,"flow_src_last_pkt_time":946739396111164,"flow_dst_last_pkt_time":946739396111164,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":1514,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1514,"pkt_l4_len":1480,"thread_ts_usec":946739396111164,"pkt":"REREREREZmZmZmZmCABFAAXcKe0gAH4Rh5sKAAABa6o5IqSdAbsGBBZ5szABAAABAAAAAAABATINZG5zY3J5cHQtY2VydAhkbnNjcnlwdAl2ZW50cmljbGUCdXMAABAAAQAAAAAAAAAAAAW6AAwFtgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="}
00961{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":532,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":216,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739396111164,"flow_src_last_pkt_time":946739396111164,"flow_dst_last_pkt_time":946739396111164,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1472,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1472,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1472,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739396111164,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"107.170.57.34","src_port":42141,"dst_port":443,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"DNScrypt","proto_id":"208","proto_by_ip":"DigitalOcean","proto_by_ip_id":442,"encrypted":1,"breed":"Acceptable","category_id":14,"category":"Network"}}
-00336{"error_event_id":9,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":11,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739396111169,"packet_id":533,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739396111169}
+00336{"error_event_id":8,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":11,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739396111169,"packet_id":533,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739396111169}
00440{"packet_event_id":1,"packet_event_name":"packet","packet_id":533,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","pkt_datalink":1,"pkt_caplen":94,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":94,"pkt_l4_len":0,"thread_ts_usec":946739396111164,"pkt":"REREREREZmZmZmZmCABFAABQKewAuX4RrG8KAAABa6o5IgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
-00336{"error_event_id":9,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":12,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739396111181,"packet_id":534,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739396111181}
+00336{"error_event_id":8,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":12,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739396111181,"packet_id":534,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739396111181}
00440{"packet_event_id":1,"packet_event_name":"packet","packet_id":534,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","pkt_datalink":1,"pkt_caplen":94,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":94,"pkt_l4_len":0,"thread_ts_usec":946739396111164,"pkt":"REREREREZmZmZmZmCABFAABQKe0AuX4RrG4KAAABa6o5IgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
00786{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":535,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":210,"flow_packet_id":2,"flow_src_last_pkt_time":946739396070559,"flow_dst_last_pkt_time":946739396113592,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":228,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":228,"pkt_l4_len":194,"thread_ts_usec":946739396113592,"pkt":"ZmZmZmZmRERERERECABFAADWzDBAADcRvw8u48g3CgAAASD7wBkAwtmiFc+AAAABAAEAAAAAATINZG5zY3J5cHQtY2VydARyZG5zBmZhZWxpeANuZXQAABAAAcAMABAAAQAADhAAfXxETlNDAAEAADn5TxO0FAodB0MfyNII\/q4yfvBzna8lha8rHqMZH6brB0hzmteXf96oRMNtUVCp592lxf62HHwuDSbhBbtGtQcalorpuHO8PTt\/PSXI1nToKeQ\/\/4xUAF+WFp6Iz9p9KhqWium4c7w9AAAAAV7URQBxousA"}
00792{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":536,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":211,"flow_packet_id":2,"flow_src_last_pkt_time":946739396111009,"flow_dst_last_pkt_time":946739396210662,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":234,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":234,"pkt_l4_len":200,"thread_ts_usec":946739396210662,"pkt":"ZmZmZmZmRERERERECABFAADcvzUAADQRYVNrqjkiCgAAAQG71GcAyMwVszGBgAABAAEAAAAAATINZG5zY3J5cHQtY2VydAhkbnNjcnlwdAl2ZW50cmljbGUCdXMAABAAAcAMABAAAQAAAAAAfXxETlNDAAIAAI\/a1gzqXBRkeMMNLdByUsrCAeXq9pAoSIZvWZO078wHKN5t9zokYno4cH1X8DUwDBTmKYZNXI496f2ZPTyfGw7EiDsrhQ4a28OXE48fibQ4VcAHxN0Yn+p8BQ7Bz9i\/KcWIOyuFDhrbX1Oowl9TqMJfVPpC"}
@@ -1135,7 +1135,7 @@
00802{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":545,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":220,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739400460524,"flow_src_last_pkt_time":946739400460524,"flow_dst_last_pkt_time":946739400460524,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1472,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1472,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1472,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739400460524,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"185.193.127.244","src_port":54920,"dst_port":443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
02503{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":545,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":220,"flow_packet_id":1,"flow_src_last_pkt_time":946739400460524,"flow_dst_last_pkt_time":946739400460524,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":1514,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1514,"pkt_l4_len":1480,"thread_ts_usec":946739400460524,"pkt":"REREREREZmZmZmZmCABFAAXcPTYgAH4R32gKAAABucF\/9NaIAbsGBKQ8\/IwBAAABAAAAAAABATINZG5zY3J5cHQtY2VydAl5b2Zpamktc2UAABAAAQAAAAAAAAAAAAXGAAwFwgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="}
00956{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":545,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":220,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739400460524,"flow_src_last_pkt_time":946739400460524,"flow_dst_last_pkt_time":946739400460524,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1472,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1472,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1472,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739400460524,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"185.193.127.244","src_port":54920,"dst_port":443,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"DNScrypt","proto_id":"208","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":14,"category":"Network"}}
-00336{"error_event_id":9,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":13,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739400460543,"packet_id":546,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739400460543}
+00336{"error_event_id":8,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":13,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739400460543,"packet_id":546,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739400460543}
00441{"packet_event_id":1,"packet_event_name":"packet","packet_id":546,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","pkt_datalink":1,"pkt_caplen":94,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":94,"pkt_l4_len":0,"thread_ts_usec":946739400460524,"pkt":"REREREREZmZmZmZmCABFAABQPTYAuX4RBDwKAAABucF\/9AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
00802{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":547,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":221,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739400460550,"flow_src_last_pkt_time":946739400460550,"flow_dst_last_pkt_time":946739400460550,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1472,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1472,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1472,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739400460550,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"185.193.127.244","src_port":46314,"dst_port":443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
02503{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":547,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":221,"flow_packet_id":1,"flow_src_last_pkt_time":946739400460550,"flow_dst_last_pkt_time":946739400460550,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":1514,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1514,"pkt_l4_len":1480,"thread_ts_usec":946739400460550,"pkt":"REREREREZmZmZmZmCABFAAXcPTggAH4R32YKAAABucF\/9LTqAbsGBMXY\/I4BAAABAAAAAAABATINZG5zY3J5cHQtY2VydAl5b2Zpamktc2UAABAAAQAAAAAAAAAAAAXGAAwFwgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="}
@@ -1143,9 +1143,9 @@
00802{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":548,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":222,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739400460551,"flow_src_last_pkt_time":946739400460551,"flow_dst_last_pkt_time":946739400460551,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1472,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1472,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1472,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739400460551,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"185.193.127.244","src_port":47971,"dst_port":443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
02503{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":548,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":222,"flow_packet_id":1,"flow_src_last_pkt_time":946739400460551,"flow_dst_last_pkt_time":946739400460551,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":1514,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1514,"pkt_l4_len":1480,"thread_ts_usec":946739400460551,"pkt":"REREREREZmZmZmZmCABFAAXcPTcgAH4R32cKAAABucF\/9LtjAbsGBL9j\/IoBAAABAAAAAAABATINZG5zY3J5cHQtY2VydAl5b2Zpamktc2UAABAAAQAAAAAAAAAAAAXGAAwFwgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="}
00956{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":548,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":222,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739400460551,"flow_src_last_pkt_time":946739400460551,"flow_dst_last_pkt_time":946739400460551,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1472,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1472,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1472,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739400460551,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"185.193.127.244","src_port":47971,"dst_port":443,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"DNScrypt","proto_id":"208","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":14,"category":"Network"}}
-00336{"error_event_id":9,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":14,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739400460564,"packet_id":549,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739400460564}
+00336{"error_event_id":8,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":14,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739400460564,"packet_id":549,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739400460564}
00441{"packet_event_id":1,"packet_event_name":"packet","packet_id":549,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","pkt_datalink":1,"pkt_caplen":94,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":94,"pkt_l4_len":0,"thread_ts_usec":946739400460551,"pkt":"REREREREZmZmZmZmCABFAABQPTcAuX4RBDsKAAABucF\/9AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
-00336{"error_event_id":9,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":15,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739400460566,"packet_id":550,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739400460566}
+00336{"error_event_id":8,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":15,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739400460566,"packet_id":550,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739400460566}
00441{"packet_event_id":1,"packet_event_name":"packet","packet_id":550,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","pkt_datalink":1,"pkt_caplen":94,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":94,"pkt_l4_len":0,"thread_ts_usec":946739400460551,"pkt":"REREREREZmZmZmZmCABFAABQPTgAuX4RBDoKAAABucF\/9AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
00776{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":551,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":217,"flow_packet_id":2,"flow_src_last_pkt_time":946739400460375,"flow_dst_last_pkt_time":946739400518584,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":222,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":222,"pkt_l4_len":188,"thread_ts_usec":946739400518584,"pkt":"ZmZmZmZmRERERERECABFAADQoahAADYRqAK5wX\/0CgAAAQG73pwAvLKe\/I+BgAABAAEAAAAAATINZG5zY3J5cHQtY2VydAl5b2Zpamktc2UAABAAAcAMABAAAQAAcIAAfXxETlNDAAIAANT+QyCeqOpvY3ek9vOTVGrWy3oc27D9SS491oCJRe7RQWKb3q0aPb33Ziq0RP9PPCzRMBy1lW3l6rz74jWgmwszJtIbCS+4i64Fme9c0vB4hxz+sKp41i8d9KRbhVFMbjMm0hsJL7iLAAAAAV9TV8BfVKlA"}
00776{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":552,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":219,"flow_packet_id":2,"flow_src_last_pkt_time":946739400460415,"flow_dst_last_pkt_time":946739400519484,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":222,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":222,"pkt_l4_len":188,"thread_ts_usec":946739400519484,"pkt":"ZmZmZmZmRERERERECABFAADQoapAADYRqAC5wX\/0CgAAAQG759oAvKli\/I2BgAABAAEAAAAAATINZG5zY3J5cHQtY2VydAl5b2Zpamktc2UAABAAAcAMABAAAQAAcIAAfXxETlNDAAIAANT+QyCeqOpvY3ek9vOTVGrWy3oc27D9SS491oCJRe7RQWKb3q0aPb33Ziq0RP9PPCzRMBy1lW3l6rz74jWgmwszJtIbCS+4i64Fme9c0vB4hxz+sKp41i8d9KRbhVFMbjMm0hsJL7iLAAAAAV9TV8BfVKlA"}
@@ -1164,7 +1164,7 @@
00796{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":559,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":226,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739400522601,"flow_src_last_pkt_time":946739400522601,"flow_dst_last_pkt_time":946739400522601,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":512,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":512,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":512,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739400522601,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"77.66.84.233","src_port":49732,"dst_port":443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
01218{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":559,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":226,"flow_packet_id":1,"flow_src_last_pkt_time":946739400522601,"flow_dst_last_pkt_time":946739400522601,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":554,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":554,"pkt_l4_len":520,"thread_ts_usec":946739400522601,"pkt":"REREREREZmZmZmZmCABFAAIcaQtAAH4RLt4KAAABTUJU6cJEAbsCCGUBspwBAAABAAAAAAABATINZG5zY3J5cHQtY2VydAlyZXNvbHZlcjIIZG5zY3J5cHQCZXUAABAAAQAAAAAAAAAAAAG+AAwBugAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="}
00950{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":559,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":226,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739400522601,"flow_src_last_pkt_time":946739400522601,"flow_dst_last_pkt_time":946739400522601,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":512,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":512,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":512,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739400522601,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"77.66.84.233","src_port":49732,"dst_port":443,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"DNScrypt","proto_id":"208","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":14,"category":"Network"}}
-00336{"error_event_id":9,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":16,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739400522616,"packet_id":560,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739400522616}
+00336{"error_event_id":8,"error_event_name":"nDPI IPv4\/L4 payload detection failed","threshold_n":16,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":946739400522616,"packet_id":560,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","l4_data_len":60,"global_ts_usec":946739400522616}
00441{"packet_event_id":1,"packet_event_name":"packet","packet_id":560,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","pkt_datalink":1,"pkt_caplen":94,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":94,"pkt_l4_len":0,"thread_ts_usec":946739400522601,"pkt":"REREREREZmZmZmZmCABFAABQaQoAuX4Rb\/IKAAABTUJU6QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
00799{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":561,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":227,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":946739400522616,"flow_src_last_pkt_time":946739400522616,"flow_dst_last_pkt_time":946739400522616,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1472,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1472,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1472,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":946739400522616,"l3_proto":"ip4","src_ip":"10.0.0.1","dst_ip":"77.66.84.233","src_port":50757,"dst_port":443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
02501{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":561,"source":"cfgs\/default\/pcap\/dnscrypt-v1-and-resolver-pings.pcap","alias":"nDPId-test","flow_id":227,"flow_packet_id":1,"flow_src_last_pkt_time":946739400522616,"flow_dst_last_pkt_time":946739400522616,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":1514,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1514,"pkt_l4_len":1480,"thread_ts_usec":946739400522616,"pkt":"REREREREZmZmZmZmCABFAAXcaQwgAH4RSx0KAAABTUJU6cZFAbsGBGDUspsBAAABAAAAAAABATINZG5zY3J5cHQtY2VydAlyZXNvbHZlcjIIZG5zY3J5cHQCZXUAABAAAQAAAAAAAAAAAAW6AAwFtgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="}
Powered by cgit, Themed by Ted Yin.