1 files changed, 14 insertions, 12 deletions
diff --git a/test/results/flow-info/default/stun.pcap.out b/test/results/flow-info/default/stun.pcap.out
index 47265b1c3..0de2b76b4 100644
--- a/test/results/flow-info/default/stun.pcap.out
+++ b/test/results/flow-info/default/stun.pcap.out
@@ -6,8 +6,9 @@
      DAEMON-EVENT: [Processed: 15 pkts][ZLib][compressions: 0|diff: 0 / 0]
      DAEMON-EVENT: [Flows][active: 1 / 1|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
               new: [.....2] [ip6][..udp] [3516:bf0b:fc53:75e7:70af:f67f:8e49:f603][56880] -> [....2a38:e156:8167:a333:face:b00c::24d9][.3478] 
-              end: [.....1] [ip4][..tcp] [...10.77.110.51][41588] -> [..10.206.50.239][42000] [STUN.Skype_TeamsCall][Unknown][VoIP][Acceptable]
          detected: [.....2] [ip6][..udp] [3516:bf0b:fc53:75e7:70af:f67f:8e49:f603][56880] -> [....2a38:e156:8167:a333:face:b00c::24d9][.3478] [STUN][Unknown][Network][Acceptable][]
+                   RISK: Unidirectional Traffic
+              end: [.....1] [ip4][..tcp] [...10.77.110.51][41588] -> [..10.206.50.239][42000] [STUN.Skype_TeamsCall][Unknown][VoIP][Acceptable]
            update: [.....2] [ip6][..udp] [3516:bf0b:fc53:75e7:70af:f67f:8e49:f603][56880] -> [....2a38:e156:8167:a333:face:b00c::24d9][.3478] [STUN][Unknown][Network][Acceptable]
            update: [.....2] [ip6][..udp] [3516:bf0b:fc53:75e7:70af:f67f:8e49:f603][56880] -> [....2a38:e156:8167:a333:face:b00c::24d9][.3478] [STUN][Unknown][Network][Acceptable]
           analyse: [.....2] [ip6][..udp] [3516:bf0b:fc53:75e7:70af:f67f:8e49:f603][56880] -> [....2a38:e156:8167:a333:face:b00c::24d9][.3478] [STUN][Unknown][Network][Acceptable]
@@ -24,7 +25,9 @@
      DAEMON-EVENT: [Processed: 57 pkts][ZLib][compressions: 0|diff: 0 / 0]
      DAEMON-EVENT: [Flows][active: 1 / 2|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 3]
               new: [.....3] [ip4][..udp] [.192.168.12.169][38123] -> [....31.13.86.54][40003] 
-         detected: [.....3] [ip4][..udp] [.192.168.12.169][38123] -> [....31.13.86.54][40003] [STUN.FacebookVoip][Facebook][VoIP][Acceptable][turner.facebook]
+         detected: [.....3] [ip4][..udp] [.192.168.12.169][38123] -> [....31.13.86.54][40003] [STUN][Facebook][Network][Acceptable][]
+                   RISK: Known Proto on Non Std Port, Unidirectional Traffic
+ detection-update: [.....3] [ip4][..udp] [.192.168.12.169][38123] -> [....31.13.86.54][40003] [STUN.FacebookVoip][Facebook][VoIP][Acceptable][turner.facebook]
                    RISK: Known Proto on Non Std Port
           analyse: [.....3] [ip4][..udp] [.192.168.12.169][38123] -> [....31.13.86.54][40003] [STUN.FacebookVoip][Facebook][VoIP][Acceptable]
                                         min|      max|      avg|   stddev|       variance| entropy
@@ -38,19 +41,18 @@
                    [ENTROPIES...: 4.9,5.6,5.9,5.8,5.9,6.0,5.6,5.8,5.5,5.6,5.9,6.0,6.0,5.9,5.8,5.5,6.0,5.9,6.0,5.9,5.9,6.0,5.8,6.0,5.9,6.0,5.9,5.9,5.8,5.6,6.1,6.0]
              idle: [.....2] [ip6][..udp] [3516:bf0b:fc53:75e7:70af:f67f:8e49:f603][56880] -> [....2a38:e156:8167:a333:face:b00c::24d9][.3478] [STUN][Unknown][Network][Acceptable]
      DAEMON-EVENT: [Processed: 132 pkts][ZLib][compressions: 0|diff: 0 / 0]
-     DAEMON-EVENT: [Flows][active: 1 / 3|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 3]
+     DAEMON-EVENT: [Flows][active: 1 / 3|skipped: 0|!detected: 0|guessed: 0|detection-updates: 1|updates: 3]
               new: [.....4] [ip4][..tcp] [...87.47.100.17][.3478] -> [....54.1.57.155][37257] 
-         detected: [.....4] [ip4][..tcp] [...87.47.100.17][.3478] -> [....54.1.57.155][37257] [STUN][Unknown][Network][Acceptable][apps-host.com]
+         detected: [.....4] [ip4][..tcp] [...87.47.100.17][.3478] -> [....54.1.57.155][37257] [STUN][Unknown][Network][Acceptable][]
+ detection-update: [.....4] [ip4][..tcp] [...87.47.100.17][.3478] -> [....54.1.57.155][37257] [STUN][Unknown][Network][Acceptable][apps-host.com]
              idle: [.....3] [ip4][..udp] [.192.168.12.169][38123] -> [....31.13.86.54][40003] [STUN.FacebookVoip][Facebook][VoIP][Acceptable]
                    RISK: Known Proto on Non Std Port
      DAEMON-EVENT: [Processed: 152 pkts][ZLib][compressions: 0|diff: 0 / 0]
-     DAEMON-EVENT: [Flows][active: 1 / 4|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 3]
+     DAEMON-EVENT: [Flows][active: 1 / 4|skipped: 0|!detected: 0|guessed: 0|detection-updates: 2|updates: 3]
               new: [.....5] [ip4][..udp] [.192.168.12.169][49153] -> [..142.250.82.99][.3478] 
-         detected: [.....5] [ip4][..udp] [.192.168.12.169][49153] -> [..142.250.82.99][.3478] [DTLS][Google][Web][Safe]
-                   RISK: TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn
- detection-update: [.....5] [ip4][..udp] [.192.168.12.169][49153] -> [..142.250.82.99][.3478] [DTLS.GoogleHangoutDuo][Google][VoIP][Acceptable]
-                   RISK: Self-signed Cert, TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn
-          analyse: [.....5] [ip4][..udp] [.192.168.12.169][49153] -> [..142.250.82.99][.3478] [DTLS.GoogleHangoutDuo][Google][VoIP][Acceptable]
+         detected: [.....5] [ip4][..udp] [.192.168.12.169][49153] -> [..142.250.82.99][.3478] [STUN.GoogleHangoutDuo][Google][VoIP][Acceptable][]
+                   RISK: Unidirectional Traffic
+          analyse: [.....5] [ip4][..udp] [.192.168.12.169][49153] -> [..142.250.82.99][.3478] [STUN.GoogleHangoutDuo][Google][VoIP][Acceptable]
                                         min|      max|      avg|   stddev|       variance| entropy
                    [IAT.........:     0.000|    0.836|    0.131|    0.227|      51553.292|   3.400]
                    [PKTLEN......:    62.000| 1226.000|  179.200|  221.300|      48965.100|   4.400]
@@ -60,7 +62,7 @@
                    [IATS(ms)....: 22.9,25.6,18.8,27.0,9.0,16.5,8.2,0.0,96.0,9.4,96.1,13.9,9.7,14.0,0.0,0.0,28.4,12.0,233.2,17.4,835.9,625.3,352.7,699.8,203.7,550.7,72.1,9.0,20.6,28.1,14.7]
                    [PKTLENS.....: 136,120,181,140,1226,574,120,109,598,109,140,145,161,120,141,93,97,93,113,62,93,140,120,62,110,140,120,94,94,95,95,95]
                    [ENTROPIES...: 5.9,5.9,5.0,5.9,7.3,6.7,5.8,5.7,7.4,5.7,6.0,6.2,6.4,5.9,6.1,5.4,5.4,5.6,5.9,5.3,5.2,5.9,5.8,5.2,6.1,5.9,6.0,6.1,6.0,5.9,6.1,5.9]
-             idle: [.....5] [ip4][..udp] [.192.168.12.169][49153] -> [..142.250.82.99][.3478] [DTLS.GoogleHangoutDuo][Google][VoIP][Acceptable]
-                   RISK: Self-signed Cert, TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn
+             idle: [.....5] [ip4][..udp] [.192.168.12.169][49153] -> [..142.250.82.99][.3478] [STUN.GoogleHangoutDuo][Google][VoIP][Acceptable]
+                   RISK: Unidirectional Traffic
              idle: [.....4] [ip4][..tcp] [...87.47.100.17][.3478] -> [....54.1.57.155][37257] [STUN][Unknown][Network][Acceptable]
      DAEMON-EVENT: shutdown