summaryrefslogtreecommitdiff
path: root/test/results/default/heuristic_tcp_ack_payload.pcap.out
diff options
context:
space:
mode:
Diffstat (limited to 'test/results/default/heuristic_tcp_ack_payload.pcap.out')
-rw-r--r--test/results/default/heuristic_tcp_ack_payload.pcap.out16
1 files changed, 8 insertions, 8 deletions
diff --git a/test/results/default/heuristic_tcp_ack_payload.pcap.out b/test/results/default/heuristic_tcp_ack_payload.pcap.out
index d68ed2f92..96d2f7d4f 100644
--- a/test/results/default/heuristic_tcp_ack_payload.pcap.out
+++ b/test/results/default/heuristic_tcp_ack_payload.pcap.out
@@ -1,5 +1,5 @@
-00581{"daemon_event_id":1,"daemon_event_name":"init","thread_id":0,"packet_id":0,"source":"cfgs\/default\/pcap\/heuristic_tcp_ack_payload.pcap","alias":"nDPId-test","version":"1.5.0","ndpi_version":"4.7.0-4260-1f693c3f","max-flows-per-thread":2048,"max-idle-flows-per-thread":64,"reader-thread-count":1,"flow-scan-interval":10000000,"generic-max-idle-time":600000000,"icmp-max-idle-time":120000000,"udp-max-idle-time":180000000,"tcp-max-idle-time":7560000000,"max-packets-per-flow-to-send":5,"max-packets-per-flow-to-process":32,"max-packets-per-flow-to-analyse":32,"global_ts_usec":0}
-00644{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":1,"source":"cfgs\/default\/pcap\/heuristic_tcp_ack_payload.pcap","alias":"nDPId-test","version":"1.5.0","ndpi_version":"4.7.0-4260-1f693c3f","packets-captured":1,"packets-processed":0,"total-skipped-flows":0,"total-l4-payload-len":0,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":0,"total-detection-updates":0,"total-updates":0,"current-active-flows":0,"total-active-flows":0,"total-idle-flows":0,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2,"global_ts_usec":1681478090730262}
+00581{"daemon_event_id":1,"daemon_event_name":"init","thread_id":0,"packet_id":0,"source":"cfgs\/default\/pcap\/heuristic_tcp_ack_payload.pcap","alias":"nDPId-test","version":"1.5.0","ndpi_version":"4.9.0-4361-0db12b13","max-flows-per-thread":2048,"max-idle-flows-per-thread":64,"reader-thread-count":1,"flow-scan-interval":10000000,"generic-max-idle-time":600000000,"icmp-max-idle-time":120000000,"udp-max-idle-time":180000000,"tcp-max-idle-time":7560000000,"max-packets-per-flow-to-send":5,"max-packets-per-flow-to-process":32,"max-packets-per-flow-to-analyse":32,"global_ts_usec":0}
+00644{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":1,"source":"cfgs\/default\/pcap\/heuristic_tcp_ack_payload.pcap","alias":"nDPId-test","version":"1.5.0","ndpi_version":"4.9.0-4361-0db12b13","packets-captured":1,"packets-processed":0,"total-skipped-flows":0,"total-l4-payload-len":0,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":0,"total-detection-updates":0,"total-updates":0,"current-active-flows":0,"total-active-flows":0,"total-idle-flows":0,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2,"global_ts_usec":1681478090730262}
00793{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1,"source":"cfgs\/default\/pcap\/heuristic_tcp_ack_payload.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1681478090730262,"flow_src_last_pkt_time":1681478090730262,"flow_dst_last_pkt_time":1681478090730262,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1681478090730262,"l3_proto":"ip4","src_ip":"194.226.199.21","dst_ip":"52.18.127.189","src_port":58155,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1,"source":"cfgs\/default\/pcap\/heuristic_tcp_ack_payload.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":1,"flow_src_last_pkt_time":1681478090730262,"flow_dst_last_pkt_time":1681478090730262,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1681478090730262,"pkt":"QHGDrEAwoDafLnO8CABFAAA0UOtAAH0GbxHC4scVNBJ\/veMrAbsAeoaaAAAAAIAC+vDKXAAAAgQFtAEDAwgBAQQC"}
00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2,"source":"cfgs\/default\/pcap\/heuristic_tcp_ack_payload.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":2,"flow_src_last_pkt_time":1681478090730262,"flow_dst_last_pkt_time":1681478090780521,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1681478090780521,"pkt":"oDafLnO8QHGDrEAwCABFAAA0AABAAOkGU\/w0En+9wuLHFQG74yuLkuWcAHqGm4ASaQPrCQAAAgQFtAEBBAIBAwMI"}
@@ -7,7 +7,7 @@
01244{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":4,"source":"cfgs\/default\/pcap\/heuristic_tcp_ack_payload.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":4,"flow_src_last_pkt_time":1681478090781920,"flow_dst_last_pkt_time":1681478090780521,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":571,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":571,"pkt_l4_len":537,"thread_ts_usec":1681478090781920,"pkt":"QHGDrEAwoDafLnO8CABFAAItUO1AAH0GbRbC4scVNBJ\/veMrAbsAeoabi5LlnVAYAgHa5QAAFgMBAgABAAH8AwO2b8k+LCOftweDZWjvdeyR90vCYVJRMgT0j8Pik75VmCBg6yWVhOtcb9ut7Hy59sTpKH6uJec\/kZz0GzKsEDEcaAAgmpoTARMCEwPAK8AvwCzAMMypzKjAE8AUAJwAnQAvADUBAAGTenoAAAAbAAMCAAIAIwBp+6R1+qIJHZG7jowoeY3hRbjOQoOBSjubfpFQW9nxqfD0S5qRCzYtZk0T2UZ7jb\/+pwGkVmJwdmFtm3YHm6ODfcntPcAS93\/vLSJrkHutEM1HolLRM4QVmCnTlceE8Q\/R5iQVvIN9NJOjABIAAAALAAIBAAAKAAoACIqKAB0AFwAYADMAKwApiooAAQAAHQAg0bBrRvkzsBdk4f0tRyz\/mG183djoFkcSb2nq6iq3WmBEaQAFAAMCaDIAEAAOAAwCaDIIaHR0cC8xLjH\/AQABAAAFAAUBAAAAAAAtAAIBAQAXAAAAAAAQAA4AAAtiaXRyaXguaW5mbwANABIAEAQDCAQEAQUDCAUFAQgGBgEAKwAHBnp6AwQDA7q6AAEAABUAYwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
00550{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":5,"source":"cfgs\/default\/pcap\/heuristic_tcp_ack_payload.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":5,"flow_src_last_pkt_time":1681478090781920,"flow_dst_last_pkt_time":1681478090832249,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":60,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":60,"pkt_l4_len":26,"thread_ts_usec":1681478090832249,"pkt":"oDafLnO8QHGDrEAwCABFAAAuXV1AAOkG9qQ0En+9wuLHFQG74yuLkuWdAHqIoFAQAG6SZwAAAAAAAAAA"}
01988{"flow_event_id":5,"flow_event_name":"analyse","thread_id":0,"packet_id":32,"source":"cfgs\/default\/pcap\/heuristic_tcp_ack_payload.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":15,"flow_dst_packets_processed":17,"flow_first_seen":1681478090730262,"flow_src_last_pkt_time":1681478119542351,"flow_dst_last_pkt_time":1681478119592875,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1085,"flow_dst_max_l4_payload_len":2920,"flow_src_tot_l4_payload_len":2972,"flow_dst_tot_l4_payload_len":5602,"midstream":0,"thread_ts_usec":1681478119592875,"l3_proto":"ip4","src_ip":"194.226.199.21","dst_ip":"52.18.127.189","src_port":58155,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"data_analysis": {"iat": {"min":0,"avg":1860474.4,"max":28647677,"stddev":7030273.0,"var":49424738811904.0,"ent":1.1,"data": [50259,51105,553,51728,128,0,97,51293,1354,0,1851,500,202,193,0,51721,0,48,140,50129,407,8135,0,8098,85064,28647677,19,62,28613926,13,0]},"pktlen": {"min":42,"avg":308.7,"max":2960,"stddev":576.0,"var":331721.9,"ent":3.6,"data": [52,52,42,557,46,153,1500,2960,42,378,49,42,166,145,502,550,160,91,118,46,42,78,439,78,42,46,113,86,1125,46,46,86]},"bins": {"c_to_s": [6,2,1,2,0,0,0,0,0,0,0,0,0,0,1,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"s_to_c": [7,3,1,2,0,0,0,0,0,0,1,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,1]},"directions": [0,1,0,0,1,1,1,1,0,1,1,0,0,0,0,0,1,1,1,1,0,0,1,1,0,1,0,0,0,1,1,1],"entropies": [4.700937748,4.839770317,4.678030014,5.790879726,4.390829086,5.801830769,7.220153809,7.298819065,4.678030014,7.385129929,4.797285557,4.725648880,6.228291035,6.284518242,7.567343235,7.646277905,6.609186172,5.432500839,6.074527264,4.434307575,4.678030014,5.448187351,7.460664272,5.370555878,4.678030014,4.477785587,5.985470772,5.565127373,7.818080425,4.434307575,4.477785587,5.465760708]}}
-00652{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":64,"source":"cfgs\/default\/pcap\/heuristic_tcp_ack_payload.pcap","alias":"nDPId-test","version":"1.5.0","ndpi_version":"4.7.0-4260-1f693c3f","packets-captured":64,"packets-processed":63,"total-skipped-flows":0,"total-l4-payload-len":12346,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":0,"total-detection-updates":0,"total-updates":0,"current-active-flows":1,"total-active-flows":1,"total-idle-flows":0,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":10,"global_ts_usec":1681887368538349}
+00652{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":64,"source":"cfgs\/default\/pcap\/heuristic_tcp_ack_payload.pcap","alias":"nDPId-test","version":"1.5.0","ndpi_version":"4.9.0-4361-0db12b13","packets-captured":64,"packets-processed":63,"total-skipped-flows":0,"total-l4-payload-len":12346,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":0,"total-detection-updates":0,"total-updates":0,"current-active-flows":1,"total-active-flows":1,"total-idle-flows":0,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":10,"global_ts_usec":1681887368538349}
00794{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":64,"source":"cfgs\/default\/pcap\/heuristic_tcp_ack_payload.pcap","alias":"nDPId-test","flow_id":2,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1681887368538349,"flow_src_last_pkt_time":1681887368538349,"flow_dst_last_pkt_time":1681887368538349,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1681887368538349,"l3_proto":"ip4","src_ip":"194.226.199.226","dst_ip":"8.247.226.126","src_port":34101,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":64,"source":"cfgs\/default\/pcap\/heuristic_tcp_ack_payload.pcap","alias":"nDPId-test","flow_id":2,"flow_packet_id":1,"flow_src_last_pkt_time":1681887368538349,"flow_dst_last_pkt_time":1681887368538349,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1681887368538349,"pkt":"QHGDrEAwoDafLnO8CABFAAA0sahAAEAGEuHC4sfiCPfifoU1AFBr1P3sAAAAAIAC+vAOnwAAAgQFtAEBBAIBAwMH"}
00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":65,"source":"cfgs\/default\/pcap\/heuristic_tcp_ack_payload.pcap","alias":"nDPId-test","flow_id":2,"flow_packet_id":2,"flow_src_last_pkt_time":1681887368538349,"flow_dst_last_pkt_time":1681887368549865,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1681887368549865,"pkt":"oDafLnO8QHGDrEAwCABFAAA0+VoAADkGEi8I9+J+wuLH4gBQhTVLutKfa9T97YASpWRFuwAAAgQFtAEBBAIBAwMM"}
@@ -25,7 +25,7 @@
01987{"flow_event_id":5,"flow_event_name":"analyse","thread_id":0,"packet_id":114,"source":"cfgs\/default\/pcap\/heuristic_tcp_ack_payload.pcap","alias":"nDPId-test","flow_id":3,"flow_state":"info","flow_src_packets_processed":16,"flow_dst_packets_processed":16,"flow_first_seen":1681887518918488,"flow_src_last_pkt_time":1681887519032454,"flow_dst_last_pkt_time":1681887519031452,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":321,"flow_dst_max_l4_payload_len":2824,"flow_src_tot_l4_payload_len":867,"flow_dst_tot_l4_payload_len":19359,"midstream":0,"thread_ts_usec":1681887519032454,"l3_proto":"ip4","src_ip":"194.226.199.61","dst_ip":"35.241.9.150","src_port":27453,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"data_analysis": {"iat": {"min":0,"avg":7320.3,"max":29949,"stddev":11049.8,"var":122098208.0,"ent":3.5,"data": [24068,24393,353,24974,2405,0,38,27411,305,4695,29949,0,24556,1245,0,54,26487,9,288,44,25578,893,503,1582,287,1013,999,1290,1231,1003,1277]},"pktlen": {"min":42,"avg":672.8,"max":2864,"stddev":1000.3,"var":1000640.1,"ent":3.7,"data": [52,52,42,258,46,2088,2088,462,42,42,133,318,109,42,217,361,78,46,78,364,1452,42,1452,2864,42,42,2864,42,2864,42,2864,42]},"bins": {"c_to_s": [11,1,1,0,0,1,1,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"s_to_c": [3,1,1,0,0,0,0,0,1,0,1,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,6]},"directions": [0,1,0,0,1,1,1,1,0,0,0,1,1,0,0,0,0,1,1,1,1,0,1,1,0,0,1,0,1,0,1,0],"entropies": [4.585552692,5.017560482,4.686327934,5.680439472,4.505982876,7.413378239,7.563780785,7.408977032,4.733946800,4.686327934,5.833590031,7.044709682,5.829442978,4.715973377,6.852140903,7.372029781,5.280656338,4.505982876,5.229373932,7.303534985,7.876083851,4.582791805,7.885684490,7.924335957,4.733946800,4.781565666,7.928474426,4.781565666,7.931355953,4.781565666,7.921189308,4.638709068]}}
00983{"flow_event_id":6,"flow_event_name":"guessed","thread_id":0,"packet_id":146,"source":"cfgs\/default\/pcap\/heuristic_tcp_ack_payload.pcap","alias":"nDPId-test","flow_id":2,"flow_state":"info","flow_src_packets_processed":7,"flow_dst_packets_processed":12,"flow_first_seen":1681887368538349,"flow_src_last_pkt_time":1681887368574945,"flow_dst_last_pkt_time":1681887368574890,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":496,"flow_dst_max_l4_payload_len":1022,"flow_src_tot_l4_payload_len":506,"flow_dst_tot_l4_payload_len":1082,"midstream":0,"thread_ts_usec":1681887519714799,"l3_proto":"ip4","src_ip":"194.226.199.226","dst_ip":"8.247.226.126","src_port":34101,"dst_port":80,"l4_proto":"tcp","ndpi": {"confidence": {"1":"Match by port"},"proto":"HTTP","proto_id":"7","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":5,"category":"Web","hostname":"","http": {}}}
00806{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":146,"source":"cfgs\/default\/pcap\/heuristic_tcp_ack_payload.pcap","alias":"nDPId-test","flow_id":2,"flow_state":"info","flow_src_packets_processed":7,"flow_dst_packets_processed":12,"flow_first_seen":1681887368538349,"flow_src_last_pkt_time":1681887368574945,"flow_dst_last_pkt_time":1681887368574890,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":496,"flow_dst_max_l4_payload_len":1022,"flow_src_tot_l4_payload_len":506,"flow_dst_tot_l4_payload_len":1082,"midstream":0,"thread_ts_usec":1681887519714799,"l3_proto":"ip4","src_ip":"194.226.199.226","dst_ip":"8.247.226.126","src_port":34101,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
-00655{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":161,"source":"cfgs\/default\/pcap\/heuristic_tcp_ack_payload.pcap","alias":"nDPId-test","version":"1.5.0","ndpi_version":"4.7.0-4260-1f693c3f","packets-captured":161,"packets-processed":160,"total-skipped-flows":0,"total-l4-payload-len":50505,"total-not-detected-flows":0,"total-guessed-flows":2,"total-detected-flows":0,"total-detection-updates":0,"total-updates":0,"current-active-flows":1,"total-active-flows":3,"total-idle-flows":2,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":28,"global_ts_usec":1682070081976502}
+00655{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":161,"source":"cfgs\/default\/pcap\/heuristic_tcp_ack_payload.pcap","alias":"nDPId-test","version":"1.5.0","ndpi_version":"4.9.0-4361-0db12b13","packets-captured":161,"packets-processed":160,"total-skipped-flows":0,"total-l4-payload-len":50505,"total-not-detected-flows":0,"total-guessed-flows":2,"total-detected-flows":0,"total-detection-updates":0,"total-updates":0,"current-active-flows":1,"total-active-flows":3,"total-idle-flows":2,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":28,"global_ts_usec":1682070081976502}
00794{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":161,"source":"cfgs\/default\/pcap\/heuristic_tcp_ack_payload.pcap","alias":"nDPId-test","flow_id":4,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1682070081976502,"flow_src_last_pkt_time":1682070081976502,"flow_dst_last_pkt_time":1682070081976502,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1682070081976502,"l3_proto":"ip4","src_ip":"194.226.199.9","dst_ip":"92.223.106.21","src_port":49756,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00560{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":161,"source":"cfgs\/default\/pcap\/heuristic_tcp_ack_payload.pcap","alias":"nDPId-test","flow_id":4,"flow_packet_id":1,"flow_src_last_pkt_time":1682070081976502,"flow_dst_last_pkt_time":1682070081976502,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1682070081976502,"pkt":"QHGDrEAwoDafLnO8CABFAAA01rdAAH4G1SvC4scJXN9qFcJcAbti0BbiAAAAAIAC+vDldAAAAgQFtAEDAwgBAQQC"}
00560{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":162,"source":"cfgs\/default\/pcap\/heuristic_tcp_ack_payload.pcap","alias":"nDPId-test","flow_id":4,"flow_packet_id":2,"flow_src_last_pkt_time":1682070081976502,"flow_dst_last_pkt_time":1682070081986323,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1682070081986323,"pkt":"oDafLnO8QHGDrEAwCABFoAA0AABAADsG7kNc32oVwuLHCQG7wlyvphSeYtAW44ASpWR2qgAAAgQFtAEBBAIBAwMJ"}
@@ -54,7 +54,7 @@
00804{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":303,"source":"cfgs\/default\/pcap\/heuristic_tcp_ack_payload.pcap","alias":"nDPId-test","flow_id":4,"flow_state":"info","flow_src_packets_processed":9,"flow_dst_packets_processed":8,"flow_first_seen":1682070081976502,"flow_src_last_pkt_time":1682070082251822,"flow_dst_last_pkt_time":1682070082232484,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":2636,"flow_src_tot_l4_payload_len":618,"flow_dst_tot_l4_payload_len":4888,"midstream":0,"thread_ts_usec":1682070140596749,"l3_proto":"ip4","src_ip":"194.226.199.9","dst_ip":"92.223.106.21","src_port":49756,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00955{"flow_event_id":6,"flow_event_name":"guessed","thread_id":0,"packet_id":303,"source":"cfgs\/default\/pcap\/heuristic_tcp_ack_payload.pcap","alias":"nDPId-test","flow_id":5,"flow_state":"info","flow_src_packets_processed":22,"flow_dst_packets_processed":16,"flow_first_seen":1682070088015038,"flow_src_last_pkt_time":1682070095296597,"flow_dst_last_pkt_time":1682070095295909,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":569,"flow_dst_max_l4_payload_len":2843,"flow_src_tot_l4_payload_len":1480,"flow_dst_tot_l4_payload_len":9570,"midstream":0,"thread_ts_usec":1682070140596749,"l3_proto":"ip4","src_ip":"194.226.199.103","dst_ip":"217.69.139.59","src_port":62580,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"1":"Match by port"},"proto":"TLS","proto_id":"91","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Safe","category_id":5,"category":"Web"}}
00809{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":303,"source":"cfgs\/default\/pcap\/heuristic_tcp_ack_payload.pcap","alias":"nDPId-test","flow_id":5,"flow_state":"info","flow_src_packets_processed":22,"flow_dst_packets_processed":16,"flow_first_seen":1682070088015038,"flow_src_last_pkt_time":1682070095296597,"flow_dst_last_pkt_time":1682070095295909,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":569,"flow_dst_max_l4_payload_len":2843,"flow_src_tot_l4_payload_len":1480,"flow_dst_tot_l4_payload_len":9570,"midstream":0,"thread_ts_usec":1682070140596749,"l3_proto":"ip4","src_ip":"194.226.199.103","dst_ip":"217.69.139.59","src_port":62580,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
-00657{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":303,"source":"cfgs\/default\/pcap\/heuristic_tcp_ack_payload.pcap","alias":"nDPId-test","version":"1.5.0","ndpi_version":"4.7.0-4260-1f693c3f","packets-captured":303,"packets-processed":303,"total-skipped-flows":0,"total-l4-payload-len":96601,"total-not-detected-flows":0,"total-guessed-flows":6,"total-detected-flows":0,"total-detection-updates":0,"total-updates":0,"current-active-flows":0,"total-active-flows":6,"total-idle-flows":6,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":57,"global_ts_usec":1682070140596749}
+00657{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":303,"source":"cfgs\/default\/pcap\/heuristic_tcp_ack_payload.pcap","alias":"nDPId-test","version":"1.5.0","ndpi_version":"4.9.0-4361-0db12b13","packets-captured":303,"packets-processed":303,"total-skipped-flows":0,"total-l4-payload-len":96601,"total-not-detected-flows":0,"total-guessed-flows":6,"total-detected-flows":0,"total-detection-updates":0,"total-updates":0,"current-active-flows":0,"total-active-flows":6,"total-idle-flows":6,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":57,"global_ts_usec":1682070140596749}
~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~
~~ packets captured/processed: 303/303
~~ skipped flows.............: 0
@@ -63,9 +63,9 @@
~~ total active/idle flows...: 6/6
~~ total timeout flows.......: 2
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-~~ total memory allocated....: 7798652 bytes
-~~ total memory freed........: 7798652 bytes
-~~ total allocations/frees...: 146738/146738
+~~ total memory allocated....: 11507191 bytes
+~~ total memory freed........: 11507191 bytes
+~~ total allocations/frees...: 216992/216992
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~ json string min len.......: 552 chars
~~ json string max len.......: 2021 chars
Powered by cgit, Themed by Ted Yin.