summaryrefslogtreecommitdiff
path: root/test/results/default/http_ipv6.pcap.out
diff options
context:
space:
mode:
Diffstat (limited to 'test/results/default/http_ipv6.pcap.out')
-rw-r--r--test/results/default/http_ipv6.pcap.out10
1 files changed, 5 insertions, 5 deletions
diff --git a/test/results/default/http_ipv6.pcap.out b/test/results/default/http_ipv6.pcap.out
index c44fb1f4e..7a0d18cc4 100644
--- a/test/results/default/http_ipv6.pcap.out
+++ b/test/results/default/http_ipv6.pcap.out
@@ -26,7 +26,7 @@
00813{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":32,"source":"cfgs\/default\/pcap\/http_ipv6.pcap","alias":"nDPId-test","flow_id":5,"flow_packet_id":1,"flow_src_last_pkt_time":1448269127960079,"flow_dst_last_pkt_time":1448269127960079,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":260,"pkt_type":34525,"pkt_l3_offset":14,"pkt_l4_offset":54,"pkt_len":260,"pkt_l4_len":206,"thread_ts_usec":1448269127960079,"pkt":"UMWNrEEBeKzApw1Mht1gAAAAAM4RQCoADUAAAQADeqzA\/\/6nDUwqABRQQAsMAgAAAAAAAABf12kBuwDOCoAMj5N114hr41MJBd7sKG9JfODv2KzX0uexKi4OUzkr936AyksmjfKzejWhR1IllABVz6\/Nd8+DDPRvVbNJa4sAljMB\/byd9EnDrnASdvNnincHpyqVPP90d4TSxj+ARZa\/L622T2LNfPxOM6m\/si1ZmPjMCf2wR7DzkfTBciJe2oZugnMhbWbTFVoln8LtSZhpET4oRj3Jk\/IY0Vhm0AHAVNXjHBEt89UVS7Gr6h9OBH5HRJ1TIdTk4GJ40SQl9lgo1l4eCx0="}
00654{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":33,"source":"cfgs\/default\/pcap\/http_ipv6.pcap","alias":"nDPId-test","flow_id":5,"flow_packet_id":2,"flow_src_last_pkt_time":1448269127960079,"flow_dst_last_pkt_time":1448269128003411,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":143,"pkt_type":34525,"pkt_l3_offset":14,"pkt_l4_offset":54,"pkt_len":143,"pkt_l4_len":89,"thread_ts_usec":1448269128003411,"pkt":"eKzApw1M9LUv\/K\/Cht1gAAAAAFkRMyoAFFBACwwCAAAAAAAAAF8qAA1AAAEAA3qswP\/+pw1MAbvXaQBZLuIAB1nnejc74Zg5YssedTReRP0KRIf1hcs3Aafoe+Tuwy6JT\/77UOdg9PcT9s8XDyyGEBG\/Mph8KZAg9aAfxnp6BrSLMfMbzThg3fGY8Pw0dHA="}
00589{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":34,"source":"cfgs\/default\/pcap\/http_ipv6.pcap","alias":"nDPId-test","flow_id":5,"flow_packet_id":3,"flow_src_last_pkt_time":1448269128028795,"flow_dst_last_pkt_time":1448269128003411,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":99,"pkt_type":34525,"pkt_l3_offset":14,"pkt_l4_offset":54,"pkt_len":99,"pkt_l4_len":45,"thread_ts_usec":1448269128028795,"pkt":"UMWNrEEBeKzApw1Mht1gAAAAAC0RQCoADUAAAQADeqzA\/\/6nDUwqABRQQAsMAgAAAAAAAABf12kBuwAtCd8Mj5N114hr41MKZOnBWgR9A+MJ4bypcpF9U29vj07q+fvNp9EO"}
-02259{"flow_event_id":5,"flow_event_name":"analyse","thread_id":0,"packet_id":53,"source":"cfgs\/default\/pcap\/http_ipv6.pcap","alias":"nDPId-test","flow_id":3,"flow_state":"finished","flow_src_packets_processed":17,"flow_dst_packets_processed":15,"flow_first_seen":1448269127400446,"flow_src_last_pkt_time":1448269137275811,"flow_dst_last_pkt_time":1448269136257808,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":37,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1350,"flow_dst_max_l4_payload_len":1350,"flow_src_tot_l4_payload_len":4058,"flow_dst_tot_l4_payload_len":4856,"midstream":0,"thread_ts_usec":1448269137275811,"l3_proto":"ip6","src_ip":"2a00:d40:1:3:7aac:c0ff:fea7:d4c","dst_ip":"2a00:1450:4001:803::1017","src_port":45931,"dst_port":443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"data_analysis": {"iat": {"min":1512,"avg":604281.6,"max":6008829,"stddev":1486148.8,"var":2208638173184.0,"ent":2.8,"data": [25363,26190,172445,219452,15689,87208,38758,110203,47003,1512,26672,45844,1752482,1778725,6798,78256,246614,318052,6008829,6008710,4760,76866,102599,174483,2367,73860,70885,142482,2922,74310,992388]},"pktlen": {"min":77,"avg":326.6,"max":1398,"stddev":376.2,"var":141514.9,"ent":4.3,"data": [1398,1398,85,1202,80,660,88,238,80,88,567,88,77,243,80,623,91,88,80,248,77,575,91,249,80,572,88,250,80,547,88,251]},"bins": {"c_to_s": [0,9,0,0,0,1,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,1,0,0,0,0,0],"s_to_c": [2,6,0,0,0,0,0,0,0,0,0,0,0,0,0,1,3,1,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0]},"directions": [0,1,0,0,1,1,0,0,1,0,1,0,1,0,1,1,0,0,1,0,1,1,0,0,1,1,0,0,1,1,0,0],"entropies": [4.737460136,7.856492996,5.340356827,7.783504963,5.237494946,7.640817642,5.426836967,6.897242546,5.228057861,5.435415268,7.531185150,5.426837444,4.923079967,6.917997837,5.187493324,7.660722733,5.627426147,5.458142281,5.212494373,6.952660084,4.934730053,7.572426796,5.495558739,6.882013798,5.262493610,7.594254971,5.480869293,6.910377979,5.237494469,7.573482990,5.374089718,6.950065613]},"ndpi": {"confidence": {"6":"DPI"},"proto":"QUIC.Google","proto_id":"188.126","proto_by_ip":"Google","proto_by_ip_id":126,"encrypted":1,"breed":"Acceptable","category_id":5,"category":"Web"}}
+02286{"flow_event_id":5,"flow_event_name":"analyse","thread_id":0,"packet_id":53,"source":"cfgs\/default\/pcap\/http_ipv6.pcap","alias":"nDPId-test","flow_id":3,"flow_state":"finished","flow_src_packets_processed":17,"flow_dst_packets_processed":15,"flow_first_seen":1448269127400446,"flow_src_last_pkt_time":1448269137275811,"flow_dst_last_pkt_time":1448269136257808,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":37,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1350,"flow_dst_max_l4_payload_len":1350,"flow_src_tot_l4_payload_len":4058,"flow_dst_tot_l4_payload_len":4856,"midstream":0,"thread_ts_usec":1448269137275811,"l3_proto":"ip6","src_ip":"2a00:d40:1:3:7aac:c0ff:fea7:d4c","dst_ip":"2a00:1450:4001:803::1017","src_port":45931,"dst_port":443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"data_analysis": {"iat": {"min":1512,"avg":604281.6,"max":6008829,"stddev":1486148.8,"var":2208638173184.0,"ent":2.8,"data": [25363,26190,172445,219452,15689,87208,38758,110203,47003,1512,26672,45844,1752482,1778725,6798,78256,246614,318052,6008829,6008710,4760,76866,102599,174483,2367,73860,70885,142482,2922,74310,992388]},"pktlen": {"min":77,"avg":326.6,"max":1398,"stddev":376.2,"var":141514.9,"ent":4.3,"data": [1398,1398,85,1202,80,660,88,238,80,88,567,88,77,243,80,623,91,88,80,248,77,575,91,249,80,572,88,250,80,547,88,251]},"bins": {"c_to_s": [0,9,0,0,0,1,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,1,0,0,0,0,0],"s_to_c": [2,6,0,0,0,0,0,0,0,0,0,0,0,0,0,1,3,1,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0]},"directions": [0,1,0,0,1,1,0,0,1,0,1,0,1,0,1,1,0,0,1,0,1,1,0,0,1,1,0,0,1,1,0,0],"entropies": [4.737460136,7.856492996,5.340356827,7.783504963,5.237494946,7.640817642,5.426836967,6.897242546,5.228057861,5.435415268,7.531185150,5.426837444,4.923079967,6.917997837,5.187493324,7.660722733,5.627426147,5.458142281,5.212494373,6.952660084,4.934730053,7.572426796,5.495558739,6.882013798,5.262493610,7.594254971,5.480869293,6.910377979,5.237494469,7.573482990,5.374089718,6.950065613]},"ndpi": {"confidence": {"6":"DPI"},"proto":"QUIC.Google","proto_id":"188.126","proto_by_ip":"Google","proto_by_ip_id":126,"encrypted":1,"breed":"Acceptable","category_id":5,"category":"Web","hostname":"www.google.it"}}
00805{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":84,"source":"cfgs\/default\/pcap\/http_ipv6.pcap","alias":"nDPId-test","flow_id":6,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1448269138575377,"flow_src_last_pkt_time":1448269138575377,"flow_dst_last_pkt_time":1448269138575377,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1448269138575377,"l3_proto":"ip6","src_ip":"2a00:d40:1:3:7aac:c0ff:fea7:d4c","dst_ip":"2a03:b0c0:3:d0::70:1001","src_port":37486,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00586{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":84,"source":"cfgs\/default\/pcap\/http_ipv6.pcap","alias":"nDPId-test","flow_id":6,"flow_packet_id":1,"flow_src_last_pkt_time":1448269138575377,"flow_dst_last_pkt_time":1448269138575377,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":94,"pkt_type":34525,"pkt_l3_offset":14,"pkt_l4_offset":54,"pkt_len":94,"pkt_l4_len":40,"thread_ts_usec":1448269138575377,"pkt":"UMWNrEEBeKzApw1Mht1gAAAAACgGQCoADUAAAQADeqzA\/\/6nDUwqA7DAAAMA0AAAAAAAcBABkm4Bu5jVbXIAAAAAoAJwgGsaAAACBAWgBAIIChINdycAAAAAAQMDBw=="}
00805{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":85,"source":"cfgs\/default\/pcap\/http_ipv6.pcap","alias":"nDPId-test","flow_id":7,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1448269138575474,"flow_src_last_pkt_time":1448269138575474,"flow_dst_last_pkt_time":1448269138575474,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1448269138575474,"l3_proto":"ip6","src_ip":"2a00:d40:1:3:7aac:c0ff:fea7:d4c","dst_ip":"2a03:b0c0:3:d0::70:1001","src_port":37488,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
@@ -95,7 +95,7 @@
01009{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":193,"source":"cfgs\/default\/pcap\/http_ipv6.pcap","alias":"nDPId-test","flow_id":14,"flow_state":"info","flow_src_packets_processed":7,"flow_dst_packets_processed":5,"flow_first_seen":1448269146905115,"flow_src_last_pkt_time":1448269146970056,"flow_dst_last_pkt_time":1448269146931566,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":224,"flow_dst_max_l4_payload_len":2856,"flow_src_tot_l4_payload_len":350,"flow_dst_tot_l4_payload_len":3789,"midstream":0,"thread_ts_usec":1448269146970056,"l3_proto":"ip6","src_ip":"2a00:d40:1:3:7aac:c0ff:fea7:d4c","dst_ip":"2a02:26f0:ad:197::236","src_port":53132,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Facebook","proto_id":"91.119","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Fun","category_id":6,"category":"SocialNetwork"}}
01009{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":193,"source":"cfgs\/default\/pcap\/http_ipv6.pcap","alias":"nDPId-test","flow_id":15,"flow_state":"info","flow_src_packets_processed":6,"flow_dst_packets_processed":4,"flow_first_seen":1448269146905214,"flow_src_last_pkt_time":1448269146966054,"flow_dst_last_pkt_time":1448269146929757,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":224,"flow_dst_max_l4_payload_len":3547,"flow_src_tot_l4_payload_len":350,"flow_dst_tot_l4_payload_len":3789,"midstream":0,"thread_ts_usec":1448269146970056,"l3_proto":"ip6","src_ip":"2a00:d40:1:3:7aac:c0ff:fea7:d4c","dst_ip":"2a02:26f0:ad:197::236","src_port":53134,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Facebook","proto_id":"91.119","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Fun","category_id":6,"category":"SocialNetwork"}}
00988{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":193,"source":"cfgs\/default\/pcap\/http_ipv6.pcap","alias":"nDPId-test","flow_id":2,"flow_state":"info","flow_src_packets_processed":7,"flow_dst_packets_processed":7,"flow_first_seen":1448269127395120,"flow_src_last_pkt_time":1448269127450459,"flow_dst_last_pkt_time":1448269127510990,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":182,"flow_dst_max_l4_payload_len":506,"flow_src_tot_l4_payload_len":258,"flow_dst_tot_l4_payload_len":751,"midstream":1,"thread_ts_usec":1448269146970056,"l3_proto":"ip6","src_ip":"2a00:d40:1:3:7aac:c0ff:fea7:d4c","dst_ip":"2a00:1450:4001:803::1017","src_port":41776,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS","proto_id":"91","proto_by_ip":"Google","proto_by_ip_id":126,"encrypted":1,"breed":"Safe","category_id":5,"category":"Web"}}
-01017{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":193,"source":"cfgs\/default\/pcap\/http_ipv6.pcap","alias":"nDPId-test","flow_id":3,"flow_state":"finished","flow_src_packets_processed":33,"flow_dst_packets_processed":29,"flow_first_seen":1448269127400446,"flow_src_last_pkt_time":1448269138520009,"flow_dst_last_pkt_time":1448269138494637,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":37,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1350,"flow_dst_max_l4_payload_len":1350,"flow_src_tot_l4_payload_len":5695,"flow_dst_tot_l4_payload_len":6438,"midstream":0,"thread_ts_usec":1448269146970056,"l3_proto":"ip6","src_ip":"2a00:d40:1:3:7aac:c0ff:fea7:d4c","dst_ip":"2a00:1450:4001:803::1017","src_port":45931,"dst_port":443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"QUIC.Google","proto_id":"188.126","proto_by_ip":"Google","proto_by_ip_id":126,"encrypted":1,"breed":"Acceptable","category_id":5,"category":"Web"}}
+01044{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":193,"source":"cfgs\/default\/pcap\/http_ipv6.pcap","alias":"nDPId-test","flow_id":3,"flow_state":"finished","flow_src_packets_processed":33,"flow_dst_packets_processed":29,"flow_first_seen":1448269127400446,"flow_src_last_pkt_time":1448269138520009,"flow_dst_last_pkt_time":1448269138494637,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":37,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1350,"flow_dst_max_l4_payload_len":1350,"flow_src_tot_l4_payload_len":5695,"flow_dst_tot_l4_payload_len":6438,"midstream":0,"thread_ts_usec":1448269146970056,"l3_proto":"ip6","src_ip":"2a00:d40:1:3:7aac:c0ff:fea7:d4c","dst_ip":"2a00:1450:4001:803::1017","src_port":45931,"dst_port":443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"QUIC.Google","proto_id":"188.126","proto_by_ip":"Google","proto_by_ip_id":126,"encrypted":1,"breed":"Acceptable","category_id":5,"category":"Web","hostname":"www.google.it"}}
00950{"flow_event_id":6,"flow_event_name":"guessed","thread_id":0,"packet_id":193,"source":"cfgs\/default\/pcap\/http_ipv6.pcap","alias":"nDPId-test","flow_id":9,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1448269139314022,"flow_src_last_pkt_time":1448269139314022,"flow_dst_last_pkt_time":1448269139321037,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1448269146970056,"l3_proto":"ip6","src_ip":"2a00:d40:1:3:7aac:c0ff:fea7:d4c","dst_ip":"2a02:26f0:ad:1a1::eed","src_port":60124,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"1":"Match by port"},"proto":"TLS","proto_id":"91","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Safe","category_id":5,"category":"Web"}}
00805{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":193,"source":"cfgs\/default\/pcap\/http_ipv6.pcap","alias":"nDPId-test","flow_id":9,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1448269139314022,"flow_src_last_pkt_time":1448269139314022,"flow_dst_last_pkt_time":1448269139321037,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1448269146970056,"l3_proto":"ip6","src_ip":"2a00:d40:1:3:7aac:c0ff:fea7:d4c","dst_ip":"2a02:26f0:ad:1a1::eed","src_port":60124,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00954{"flow_event_id":6,"flow_event_name":"guessed","thread_id":0,"packet_id":193,"source":"cfgs\/default\/pcap\/http_ipv6.pcap","alias":"nDPId-test","flow_id":4,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1448269127922059,"flow_src_last_pkt_time":1448269127922059,"flow_dst_last_pkt_time":1448269127940031,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1448269146970056,"l3_proto":"ip6","src_ip":"2a00:d40:1:3:7aac:c0ff:fea7:d4c","dst_ip":"2a00:1450:4006:803::2008","src_port":58660,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"1":"Match by port"},"proto":"TLS","proto_id":"91","proto_by_ip":"Google","proto_by_ip_id":126,"encrypted":1,"breed":"Safe","category_id":5,"category":"Web"}}
@@ -103,7 +103,7 @@
01122{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":193,"source":"cfgs\/default\/pcap\/http_ipv6.pcap","alias":"nDPId-test","flow_id":6,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":8,"flow_first_seen":1448269138575377,"flow_src_last_pkt_time":1448269138746011,"flow_dst_last_pkt_time":1448269138745943,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":212,"flow_dst_max_l4_payload_len":1428,"flow_src_tot_l4_payload_len":338,"flow_dst_tot_l4_payload_len":5026,"midstream":0,"thread_ts_usec":1448269146970056,"l3_proto":"ip6","src_ip":"2a00:d40:1:3:7aac:c0ff:fea7:d4c","dst_ip":"2a03:b0c0:3:d0::70:1001","src_port":37486,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"10": {"risk":"TLS Cert Mismatch","severity":"High","risk_score": {"total":300,"client":270,"server":30}}},"confidence": {"6":"DPI"},"proto":"TLS.ntop","proto_id":"91.26","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Safe","category_id":14,"category":"Network"}}
01122{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":193,"source":"cfgs\/default\/pcap\/http_ipv6.pcap","alias":"nDPId-test","flow_id":7,"flow_state":"info","flow_src_packets_processed":10,"flow_dst_packets_processed":7,"flow_first_seen":1448269138575474,"flow_src_last_pkt_time":1448269138746157,"flow_dst_last_pkt_time":1448269138746120,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":212,"flow_dst_max_l4_payload_len":2668,"flow_src_tot_l4_payload_len":338,"flow_dst_tot_l4_payload_len":5026,"midstream":0,"thread_ts_usec":1448269146970056,"l3_proto":"ip6","src_ip":"2a00:d40:1:3:7aac:c0ff:fea7:d4c","dst_ip":"2a03:b0c0:3:d0::70:1001","src_port":37488,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"10": {"risk":"TLS Cert Mismatch","severity":"High","risk_score": {"total":300,"client":270,"server":30}}},"confidence": {"6":"DPI"},"proto":"TLS.ntop","proto_id":"91.26","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Safe","category_id":14,"category":"Network"}}
01122{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":193,"source":"cfgs\/default\/pcap\/http_ipv6.pcap","alias":"nDPId-test","flow_id":8,"flow_state":"info","flow_src_packets_processed":10,"flow_dst_packets_processed":8,"flow_first_seen":1448269139219031,"flow_src_last_pkt_time":1448269139339552,"flow_dst_last_pkt_time":1448269139339485,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":212,"flow_dst_max_l4_payload_len":1428,"flow_src_tot_l4_payload_len":338,"flow_dst_tot_l4_payload_len":5026,"midstream":0,"thread_ts_usec":1448269146970056,"l3_proto":"ip6","src_ip":"2a00:d40:1:3:7aac:c0ff:fea7:d4c","dst_ip":"2a03:b0c0:3:d0::70:1001","src_port":37494,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"10": {"risk":"TLS Cert Mismatch","severity":"High","risk_score": {"total":300,"client":270,"server":30}}},"confidence": {"6":"DPI"},"proto":"TLS.ntop","proto_id":"91.26","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Safe","category_id":14,"category":"Network"}}
-01131{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":193,"source":"cfgs\/default\/pcap\/http_ipv6.pcap","alias":"nDPId-test","flow_id":12,"flow_state":"finished","flow_src_packets_processed":14,"flow_dst_packets_processed":12,"flow_first_seen":1448269144450926,"flow_src_last_pkt_time":1448269144884783,"flow_dst_last_pkt_time":1448269144884725,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":833,"flow_dst_max_l4_payload_len":1428,"flow_src_tot_l4_payload_len":2757,"flow_dst_tot_l4_payload_len":10608,"midstream":0,"thread_ts_usec":1448269146970056,"l3_proto":"ip6","src_ip":"2a00:d40:1:3:7aac:c0ff:fea7:d4c","dst_ip":"2a03:b0c0:3:d0::70:1001","src_port":37506,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"10": {"risk":"TLS Cert Mismatch","severity":"High","risk_score": {"total":300,"client":270,"server":30}}},"confidence": {"6":"DPI"},"proto":"TLS.ntop","proto_id":"91.26","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Safe","category_id":14,"category":"Network"}}
+01157{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":193,"source":"cfgs\/default\/pcap\/http_ipv6.pcap","alias":"nDPId-test","flow_id":12,"flow_state":"finished","flow_src_packets_processed":14,"flow_dst_packets_processed":12,"flow_first_seen":1448269144450926,"flow_src_last_pkt_time":1448269144884783,"flow_dst_last_pkt_time":1448269144884725,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":833,"flow_dst_max_l4_payload_len":1428,"flow_src_tot_l4_payload_len":2757,"flow_dst_tot_l4_payload_len":10608,"midstream":0,"thread_ts_usec":1448269146970056,"l3_proto":"ip6","src_ip":"2a00:d40:1:3:7aac:c0ff:fea7:d4c","dst_ip":"2a03:b0c0:3:d0::70:1001","src_port":37506,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"10": {"risk":"TLS Cert Mismatch","severity":"High","risk_score": {"total":300,"client":270,"server":30}}},"confidence": {"6":"DPI"},"proto":"TLS.ntop","proto_id":"91.26","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Safe","category_id":14,"category":"Network","hostname":"www.ntop.org"}}
00954{"flow_event_id":6,"flow_event_name":"guessed","thread_id":0,"packet_id":193,"source":"cfgs\/default\/pcap\/http_ipv6.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1448269123954061,"flow_src_last_pkt_time":1448269123954061,"flow_dst_last_pkt_time":1448269123971846,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1448269146970056,"l3_proto":"ip6","src_ip":"2a00:d40:1:3:7aac:c0ff:fea7:d4c","dst_ip":"2a00:1450:4006:804::200e","src_port":40526,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"1":"Match by port"},"proto":"TLS","proto_id":"91","proto_by_ip":"Google","proto_by_ip_id":126,"encrypted":1,"breed":"Safe","category_id":5,"category":"Web"}}
00808{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":193,"source":"cfgs\/default\/pcap\/http_ipv6.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1448269123954061,"flow_src_last_pkt_time":1448269123954061,"flow_dst_last_pkt_time":1448269123971846,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1448269146970056,"l3_proto":"ip6","src_ip":"2a00:d40:1:3:7aac:c0ff:fea7:d4c","dst_ip":"2a00:1450:4006:804::200e","src_port":40526,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00968{"flow_event_id":6,"flow_event_name":"guessed","thread_id":0,"packet_id":193,"source":"cfgs\/default\/pcap\/http_ipv6.pcap","alias":"nDPId-test","flow_id":10,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1448269143410021,"flow_src_last_pkt_time":1448269143410021,"flow_dst_last_pkt_time":1448269143539406,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1448269146970056,"l3_proto":"ip6","src_ip":"2a00:d40:1:3:7aac:c0ff:fea7:d4c","dst_ip":"2a03:2880:1010:3f20:face:b00c::25de","src_port":40308,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"1":"Match by port"},"proto":"TLS","proto_id":"91","proto_by_ip":"Facebook","proto_by_ip_id":119,"encrypted":1,"breed":"Safe","category_id":5,"category":"Web"}}
@@ -123,8 +123,8 @@
~~ total active/idle flows...: 15/15
~~ total timeout flows.......: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-~~ total memory allocated....: 6763707 bytes
-~~ total memory freed........: 6763707 bytes
+~~ total memory allocated....: 6763827 bytes
+~~ total memory freed........: 6763827 bytes
~~ total allocations/frees...: 114447/114447
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~ json message min len.......: 570 chars
Powered by cgit, Themed by Ted Yin.