diff options
Diffstat (limited to 'test/results/flow-info/disable_protocols')
4 files changed, 64 insertions, 0 deletions
diff --git a/test/results/flow-info/disable_protocols/dns_long_domainname.pcap.out b/test/results/flow-info/disable_protocols/dns_long_domainname.pcap.out new file mode 100644 index 000000000..2edab1ef6 --- /dev/null +++ b/test/results/flow-info/disable_protocols/dns_long_domainname.pcap.out @@ -0,0 +1,10 @@ + DAEMON-EVENT: init + DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + new: [.....1] [ip4][..udp] [..192.168.1.168][65311] -> [........8.8.8.8][...53] + detected: [.....1] [ip4][..udp] [..192.168.1.168][65311] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][gmr02c.16.0.fhkfhsdkfhsk.tunnel.example.com] + detection-update: [.....1] [ip4][..udp] [..192.168.1.168][65311] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][gmr02c.16.0.fhkfhsdkfhsk.tunnel.example.com] + RISK: Error Code + idle: [.....1] [ip4][..udp] [..192.168.1.168][65311] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][gmr02c.16.0.fhkfhsdkfhsk.tunnel.example.com] + RISK: Error Code + DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/disable_protocols/pluralsight.pcap.out b/test/results/flow-info/disable_protocols/pluralsight.pcap.out new file mode 100644 index 000000000..740dd4d01 --- /dev/null +++ b/test/results/flow-info/disable_protocols/pluralsight.pcap.out @@ -0,0 +1,32 @@ + DAEMON-EVENT: init + DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + new: [.....1] [ip4][..tcp] [..192.168.1.128][42642] -> [...54.69.188.18][..443] + detected: [.....1] [ip4][..tcp] [..192.168.1.128][42642] -> [...54.69.188.18][..443] [TLS.Pluralsight][AmazonAWS][Streaming][Fun][pluralsight.com] + detection-update: [.....1] [ip4][..tcp] [..192.168.1.128][42642] -> [...54.69.188.18][..443] [TLS.Pluralsight][AmazonAWS][Streaming][Fun][pluralsight.com] + detection-update: [.....1] [ip4][..tcp] [..192.168.1.128][42642] -> [...54.69.188.18][..443] [TLS.Pluralsight][AmazonAWS][Streaming][Fun][pluralsight.com] + new: [.....2] [ip4][..tcp] [..192.168.1.128][42782] -> [..146.75.62.208][..443] + new: [.....3] [ip4][..tcp] [..192.168.1.128][42790] -> [..146.75.62.208][..443] + detected: [.....2] [ip4][..tcp] [..192.168.1.128][42782] -> [..146.75.62.208][..443] [TLS.Pluralsight][Unknown][Streaming][Fun][pluralsight2.imgix.net] + detected: [.....3] [ip4][..tcp] [..192.168.1.128][42790] -> [..146.75.62.208][..443] [TLS.Pluralsight][Unknown][Streaming][Fun][pluralsight.imgix.net] + detection-update: [.....2] [ip4][..tcp] [..192.168.1.128][42782] -> [..146.75.62.208][..443] [TLS.Pluralsight][Unknown][Streaming][Fun][pluralsight2.imgix.net] + detection-update: [.....2] [ip4][..tcp] [..192.168.1.128][42782] -> [..146.75.62.208][..443] [TLS.Pluralsight][Unknown][Streaming][Fun][pluralsight2.imgix.net] + detection-update: [.....3] [ip4][..tcp] [..192.168.1.128][42790] -> [..146.75.62.208][..443] [TLS.Pluralsight][Unknown][Streaming][Fun][pluralsight.imgix.net] + detection-update: [.....3] [ip4][..tcp] [..192.168.1.128][42790] -> [..146.75.62.208][..443] [TLS.Pluralsight][Unknown][Streaming][Fun][pluralsight.imgix.net] + new: [.....4] [ip4][..tcp] [..192.168.1.128][42618] -> [..18.203.201.56][..443] + detected: [.....4] [ip4][..tcp] [..192.168.1.128][42618] -> [..18.203.201.56][..443] [TLS.Pluralsight][AmazonAWS][Streaming][Fun][stt.pluralsight.com] + detection-update: [.....4] [ip4][..tcp] [..192.168.1.128][42618] -> [..18.203.201.56][..443] [TLS.Pluralsight][AmazonAWS][Streaming][Fun][stt.pluralsight.com] + detection-update: [.....4] [ip4][..tcp] [..192.168.1.128][42618] -> [..18.203.201.56][..443] [TLS.Pluralsight][AmazonAWS][Streaming][Fun][stt.pluralsight.com] + new: [.....5] [ip4][..tcp] [..192.168.1.128][48948] -> [.104.19.162.127][..443] + detected: [.....5] [ip4][..tcp] [..192.168.1.128][48948] -> [.104.19.162.127][..443] [TLS.Pluralsight][Cloudflare][Streaming][Fun][www.pluralsight.com] + detection-update: [.....5] [ip4][..tcp] [..192.168.1.128][48948] -> [.104.19.162.127][..443] [TLS.Pluralsight][Cloudflare][Streaming][Fun][www.pluralsight.com] + new: [.....6] [ip4][..tcp] [..192.168.1.128][44770] -> [.104.17.209.240][..443] + detected: [.....6] [ip4][..tcp] [..192.168.1.128][44770] -> [.104.17.209.240][..443] [TLS.Pluralsight][Cloudflare][Streaming][Fun][zn6qzq6caaucudesr-pluralsight.siteintercept.qualtrics.com] + detection-update: [.....6] [ip4][..tcp] [..192.168.1.128][44770] -> [.104.17.209.240][..443] [TLS.Pluralsight][Cloudflare][Streaming][Fun][zn6qzq6caaucudesr-pluralsight.siteintercept.qualtrics.com] + idle: [.....6] [ip4][..tcp] [..192.168.1.128][44770] -> [.104.17.209.240][..443] [TLS.Pluralsight][Cloudflare][Streaming][Fun] + idle: [.....4] [ip4][..tcp] [..192.168.1.128][42618] -> [..18.203.201.56][..443] [TLS.Pluralsight][AmazonAWS][Streaming][Fun] + idle: [.....5] [ip4][..tcp] [..192.168.1.128][48948] -> [.104.19.162.127][..443] [TLS.Pluralsight][Cloudflare][Streaming][Fun] + idle: [.....2] [ip4][..tcp] [..192.168.1.128][42782] -> [..146.75.62.208][..443] [TLS.Pluralsight][Unknown][Streaming][Fun] + idle: [.....3] [ip4][..tcp] [..192.168.1.128][42790] -> [..146.75.62.208][..443] [TLS.Pluralsight][Unknown][Streaming][Fun] + idle: [.....1] [ip4][..tcp] [..192.168.1.128][42642] -> [...54.69.188.18][..443] [TLS.Pluralsight][AmazonAWS][Streaming][Fun] + DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/disable_protocols/quic-mvfst-27.pcapng.out b/test/results/flow-info/disable_protocols/quic-mvfst-27.pcapng.out new file mode 100644 index 000000000..931bd10c9 --- /dev/null +++ b/test/results/flow-info/disable_protocols/quic-mvfst-27.pcapng.out @@ -0,0 +1,5 @@ + DAEMON-EVENT: init + new: [.....1] [ip4][..udp] [......10.0.2.15][35957] -> [..69.171.250.15][..443] + detected: [.....1] [ip4][..udp] [......10.0.2.15][35957] -> [..69.171.250.15][..443] [QUIC.Facebook][Facebook][SocialNetwork][Fun][graph.facebook.com] + idle: [.....1] [ip4][..udp] [......10.0.2.15][35957] -> [..69.171.250.15][..443] [QUIC.Facebook][Facebook][SocialNetwork][Fun][graph.facebook.com] + DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/disable_protocols/soap.pcap.out b/test/results/flow-info/disable_protocols/soap.pcap.out new file mode 100644 index 000000000..fa0eedb0c --- /dev/null +++ b/test/results/flow-info/disable_protocols/soap.pcap.out @@ -0,0 +1,17 @@ + DAEMON-EVENT: init + DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + new: [.....1] [ip4][..tcp] [..192.168.2.100][50100] -> [...23.2.213.165][...80] + new: [.....2] [ip4][..tcp] [..192.168.2.100][50100] -> [...23.2.213.165][.4176] [MIDSTREAM] + detected: [.....2] [ip4][..tcp] [..192.168.2.100][50100] -> [...23.2.213.165][.4176] [HTTP.SOAP][Unknown][Cloud][Acceptable][go.microsoft.com] + RISK: Known Proto on Non Std Port + DAEMON-EVENT: [Processed: 15 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 2 / 2|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + new: [.....3] [ip4][..tcp] [..185.32.192.30][...80] -> [.85.154.114.113][56028] + detected: [.....3] [ip4][..tcp] [..185.32.192.30][...80] -> [.85.154.114.113][56028] [SOAP][Unknown][RPC][Acceptable] + idle: [.....3] [ip4][..tcp] [..185.32.192.30][...80] -> [.85.154.114.113][56028] [SOAP][Unknown][RPC][Acceptable] + idle: [.....2] [ip4][..tcp] [..192.168.2.100][50100] -> [...23.2.213.165][.4176] [HTTP.SOAP][Unknown][Cloud][Acceptable] + RISK: Known Proto on Non Std Port + guessed: [.....1] [ip4][..tcp] [..192.168.2.100][50100] -> [...23.2.213.165][...80] [HTTP][Unknown][Web][Acceptable][] + end: [.....1] [ip4][..tcp] [..192.168.2.100][50100] -> [...23.2.213.165][...80] + DAEMON-EVENT: shutdown |