summaryrefslogtreecommitdiff
path: root/test/results/s7comm.pcap.out
diff options
context:
space:
mode:
Diffstat (limited to 'test/results/s7comm.pcap.out')
-rw-r--r--test/results/s7comm.pcap.out41
1 files changed, 15 insertions, 26 deletions
diff --git a/test/results/s7comm.pcap.out b/test/results/s7comm.pcap.out
index d4df92dd4..1f1a68693 100644
--- a/test/results/s7comm.pcap.out
+++ b/test/results/s7comm.pcap.out
@@ -1,34 +1,23 @@
-00474{"daemon_event_id":1,"daemon_event_name":"init","thread_id":0,"packet_id":0,"source":"s7comm.pcap","alias":"nDPId-test","max-flows-per-thread":2048,"max-idle-flows-per-thread":256,"tick-resolution":1000,"reader-thread-count":1,"idle-scan-period":10000,"generic-max-idle-time":600000,"icmp-max-idle-time":10000,"udp-max-idle-time":180000,"tcp-max-idle-time":7440000,"tcp-max-post-end-flow-time":120000,"max-packets-per-flow-to-send":15,"max-packets-per-flow-to-process":255}
-00493{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1,"source":"s7comm.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":1,"flow_first_seen":1408528803880,"flow_last_seen":1408528803880,"flow_min_l4_payload_len":22,"flow_max_l4_payload_len":22,"flow_tot_l4_payload_len":22,"flow_avg_l4_payload_len":22,"midstream":1,"l3_proto":"ip4","src_ip":"192.168.1.10","dst_ip":"192.168.1.40","src_port":4185,"dst_port":102,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15}
-00437{"flow_id":1,"flow_packet_id":1,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1,"source":"s7comm.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1408528803,"pkt_ts_usec":880679,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"pkt":"ABsbI+s7kOa6hF5BCABFAAA+LUtAAIAGAADAqAEKwKgBKBBZAGaQRN2iAAL7EFAY+vCDswAAAwAAFhHgAAAABwDBAgEAwgIBAsABCg=="}
-00527{"flow_event_id":5,"flow_event_name":"detected","thread_id":0,"packet_id":1,"source":"s7comm.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":1,"flow_first_seen":1408528803880,"flow_last_seen":1408528803880,"flow_min_l4_payload_len":22,"flow_max_l4_payload_len":22,"flow_tot_l4_payload_len":22,"flow_avg_l4_payload_len":22,"midstream":1,"l3_proto":"ip4","src_ip":"192.168.1.10","dst_ip":"192.168.1.40","src_port":4185,"dst_port":102,"l4_proto":"tcp","ndpi": {"proto":"s7comm","breed":"Acceptable","category":"Network"}}
-00437{"flow_id":1,"flow_packet_id":2,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2,"source":"s7comm.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1408528803,"pkt_ts_usec":884414,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"pkt":"kOa6hF5BABsbI+s7CABFAAA+AM4AAB4GGGrAqAEowKgBCgBmEFkAAvsQkETduFAYEAAGowAAAwAAFhHQAAcAAwDAAQrBAgEAwgIBAg=="}
-00441{"flow_id":1,"flow_packet_id":3,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3,"source":"s7comm.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1408528803,"pkt_ts_usec":884562,"pkt_caplen":79,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":79,"pkt_l4_len":45,"pkt":"ABsbI+s7kOa6hF5BCABFAABBLUxAAIAGAADAqAEKwKgBKBBZAGaQRN24AAL7JlAY+tqDtgAAAwAAGQLwgDIBAAACAAAIAADwAAABAAEB4A=="}
-00441{"flow_id":1,"flow_packet_id":4,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":4,"source":"s7comm.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1408528803,"pkt_ts_usec":887528,"pkt_caplen":81,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":81,"pkt_l4_len":47,"pkt":"kOa6hF5BABsbI+s7CABFAABDAM8AAB4GGGTAqAEowKgBCgBmEFkAAvsmkETd0VAYEAAeAAAAAwAAGwLwgDIDAAACAAAIAAAAAPAAAAEAAQDw"}
-00417{"flow_id":1,"flow_packet_id":5,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":5,"source":"s7comm.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1408528803,"pkt_ts_usec":887617,"pkt_caplen":61,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":61,"pkt_l4_len":27,"pkt":"ABsbI+s7kOa6hF5BCABFAAAvLU1AAIAGAADAqAEKwKgBKBBZAGaQRN3RAAL7QVAY+r+DpAAAAwAABwLwAA=="}
-00449{"flow_id":1,"flow_packet_id":6,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":6,"source":"s7comm.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1408528803,"pkt_ts_usec":887683,"pkt_caplen":87,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":87,"pkt_l4_len":53,"pkt":"ABsbI+s7kOa6hF5BCABFAABJLU5AAIAGAADAqAEKwKgBKBBZAGaQRN3YAAL7QVAY+r+DvgAAAwAAIQLwgDIHAAADAAAIAAgAARIEEUQBAP8JAAQBMgAE"}
-00517{"flow_id":1,"flow_packet_id":7,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":7,"source":"s7comm.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1408528803,"pkt_ts_usec":894509,"pkt_caplen":135,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":135,"pkt_l4_len":101,"pkt":"kOa6hF5BABsbI+s7CABFAAB5ANAAAB4GGC3AqAEowKgBCgBmEFkAAvtBkETd+VAYEAACRQAAAwAAUQLwgDIHAAADAAAMADQAARIIEoQBAQAAAAD\/CQAwATIABAAoAAEABAABAAAAAQACAAAAAFZWvASj1RQACXICAAAAAAAAAAAAAAAAAAAA"}
-00417{"flow_id":1,"flow_packet_id":8,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":8,"source":"s7comm.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1408528803,"pkt_ts_usec":894610,"pkt_caplen":61,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":61,"pkt_l4_len":27,"pkt":"ABsbI+s7kOa6hF5BCABFAAAvLU9AAIAGAADAqAEKwKgBKBBZAGaQRN35AAL7klAY+m6DpAAAAwAABwLwAA=="}
-00449{"flow_id":1,"flow_packet_id":9,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":9,"source":"s7comm.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1408528803,"pkt_ts_usec":899252,"pkt_caplen":87,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":87,"pkt_l4_len":53,"pkt":"ABsbI+s7kOa6hF5BCABFAABJLVBAAIAGAADAqAEKwKgBKBBZAGaQRN4AAAL7klAY+m6DvgAAAwAAIQLwgDIHAAAEAAAIAAgAARIEEUQBAP8JAAQBMgAC"}
-00519{"flow_id":1,"flow_packet_id":10,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":10,"source":"s7comm.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1408528803,"pkt_ts_usec":903498,"pkt_caplen":135,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":135,"pkt_l4_len":101,"pkt":"kOa6hF5BABsbI+s7CABFAAB5ANEAAB4GGCzAqAEowKgBCgBmEFkAAvuSkETeIVAYEACdkgAAAwAAUQLwgDIHAAAEAAAMADQAARIIEoQBAQAAAAD\/CQAwATIAAgAoAAEAAgAAAAAAAAAOAAAAAAYBCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"}
-00419{"flow_id":1,"flow_packet_id":11,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":11,"source":"s7comm.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1408528803,"pkt_ts_usec":903637,"pkt_caplen":61,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":61,"pkt_l4_len":27,"pkt":"ABsbI+s7kOa6hF5BCABFAAAvLVFAAIAGAADAqAEKwKgBKBBZAGaQRN4hAAL741AY+h2DpAAAAwAABwLwAA=="}
-00451{"flow_id":1,"flow_packet_id":12,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":12,"source":"s7comm.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1408528803,"pkt_ts_usec":904205,"pkt_caplen":87,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":87,"pkt_l4_len":53,"pkt":"ABsbI+s7kOa6hF5BCABFAABJLVJAAIAGAADAqAEKwKgBKBBZAGaQRN4oAAL741AY+h2DvgAAAwAAIQLwgDIHAAAFAAAIAAgAARIEEUQBAP8JAAQAEwAA"}
-00708{"flow_id":1,"flow_packet_id":13,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":13,"source":"s7comm.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1408528803,"pkt_ts_usec":910535,"pkt_caplen":275,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":275,"pkt_l4_len":241,"pkt":"kOa6hF5BABsbI+s7CABFAAEFANIAAB4GF5\/AqAEowKgBCgBmEFkAAvvjkETeSVAYEADS7gAAAwAA3QLwgDIHAAAFAAAMAMAAARIIEoQBAQAAAAD\/CQC8ABMAAAAkAAUAAQABAAMAAAARAAAAAwAAAAABYAAAAAAAAAAAAAAAAAAAAAAAAgABAAAAAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwACAAIAAAACAAAAAAAAAAAAAAAAAAAAAgAAAAATKgAAAAAABAACAIAAAAACAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAABQACAAAFAAACAAAAAAAAAAAAAAAAAAAAAAUAAAAAIAAAAAA="}
-00419{"flow_id":1,"flow_packet_id":14,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":14,"source":"s7comm.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1408528803,"pkt_ts_usec":910642,"pkt_caplen":61,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":61,"pkt_l4_len":27,"pkt":"ABsbI+s7kOa6hF5BCABFAAAvLVNAAIAGAADAqAEKwKgBKBBZAGaQRN5JAAL8wFAY+UCDpAAAAwAABwLwAA=="}
-00451{"flow_id":1,"flow_packet_id":15,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":15,"source":"s7comm.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1408528803,"pkt_ts_usec":910913,"pkt_caplen":87,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":87,"pkt_l4_len":53,"pkt":"ABsbI+s7kOa6hF5BCABFAABJLVRAAIAGAADAqAEKwKgBKBBZAGaQRN5QAAL8wFAY+UCDvgAAAwAAIQLwgDIHAAAGAAAIAAgAARIEEUQBAP8JAAQBMQAE"}
-00498{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":55,"source":"s7comm.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":55,"flow_first_seen":1408528803880,"flow_last_seen":1408528804016,"flow_min_l4_payload_len":7,"flow_max_l4_payload_len":247,"flow_tot_l4_payload_len":2290,"flow_avg_l4_payload_len":41,"midstream":1,"l3_proto":"ip4","src_ip":"192.168.1.10","dst_ip":"192.168.1.40","src_port":4185,"dst_port":102,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":15}
-00126{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":55,"source":"s7comm.pcap","alias":"nDPId-test"}
+00440{"daemon_event_id":1,"daemon_event_name":"init","thread_id":0,"packet_id":0,"source":"s7comm.pcap","alias":"nDPId-test","max-flows-per-thread":2048,"max-idle-flows-per-thread":256,"tick-resolution":1000,"reader-thread-count":1,"flow-scan-interval":10000,"generic-max-idle-time":600000,"icmp-max-idle-time":120000,"udp-max-idle-time":180000,"tcp-max-idle-time":7460000,"max-packets-per-flow-to-send":3,"max-packets-per-flow-to-process":255}
+00549{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1,"source":"s7comm.pcap","alias":"nDPId-test","flow_id":1,"flow_packets_processed":1,"flow_first_seen":1408528803880,"flow_last_seen":1408528803880,"flow_idle_time":7440000,"flow_min_l4_payload_len":22,"flow_max_l4_payload_len":22,"flow_tot_l4_payload_len":22,"flow_avg_l4_payload_len":22,"midstream":1,"ts_msec":1408528803880,"l3_proto":"ip4","src_ip":"192.168.1.10","dst_ip":"192.168.1.40","src_port":4185,"dst_port":102,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3}
+00472{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1,"source":"s7comm.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":1,"flow_last_seen":1408528803880,"flow_idle_time":7440000,"pkt_oversize":false,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"ts_msec":1408528803880,"pkt":"ABsbI+s7kOa6hF5BCABFAAA+LUtAAIAGAADAqAEKwKgBKBBZAGaQRN2iAAL7EFAY+vCDswAAAwAAFhHgAAAABwDBAgEAwgIBAsABCg=="}
+00584{"flow_event_id":6,"flow_event_name":"detected","thread_id":0,"packet_id":1,"source":"s7comm.pcap","alias":"nDPId-test","flow_id":1,"flow_packets_processed":1,"flow_first_seen":1408528803880,"flow_last_seen":1408528803880,"flow_idle_time":7440000,"flow_min_l4_payload_len":22,"flow_max_l4_payload_len":22,"flow_tot_l4_payload_len":22,"flow_avg_l4_payload_len":22,"midstream":1,"ts_msec":1408528803880,"l3_proto":"ip4","src_ip":"192.168.1.10","dst_ip":"192.168.1.40","src_port":4185,"dst_port":102,"l4_proto":"tcp","ndpi": {"proto":"s7comm","breed":"Acceptable","category":"Network"}}
+00472{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2,"source":"s7comm.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":2,"flow_last_seen":1408528803884,"flow_idle_time":7440000,"pkt_oversize":false,"pkt_caplen":76,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":76,"pkt_l4_len":42,"ts_msec":1408528803884,"pkt":"kOa6hF5BABsbI+s7CABFAAA+AM4AAB4GGGrAqAEowKgBCgBmEFkAAvsQkETduFAYEAAGowAAAwAAFhHQAAcAAwDAAQrBAgEAwgIBAg=="}
+00476{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3,"source":"s7comm.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":3,"flow_last_seen":1408528803884,"flow_idle_time":7440000,"pkt_oversize":false,"pkt_caplen":79,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":79,"pkt_l4_len":45,"ts_msec":1408528803884,"pkt":"ABsbI+s7kOa6hF5BCABFAABBLUxAAIAGAADAqAEKwKgBKBBZAGaQRN24AAL7JlAY+tqDtgAAAwAAGQLwgDIBAAACAAAIAADwAAABAAEB4A=="}
+00554{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":55,"source":"s7comm.pcap","alias":"nDPId-test","flow_id":1,"flow_packets_processed":55,"flow_first_seen":1408528803880,"flow_last_seen":1408528804016,"flow_idle_time":7440000,"flow_min_l4_payload_len":7,"flow_max_l4_payload_len":247,"flow_tot_l4_payload_len":2290,"flow_avg_l4_payload_len":41,"midstream":1,"ts_msec":1408528804016,"l3_proto":"ip4","src_ip":"192.168.1.10","dst_ip":"192.168.1.40","src_port":4185,"dst_port":102,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3}
+00154{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":55,"source":"s7comm.pcap","alias":"nDPId-test","total-events-serialized":8}
~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~
~~ packets captured/processed: 55/55
~~ skipped flows.............: 0
-~~ total layer4 data length..: 3390 bytes
+~~ total layer4 data length..: 2290 bytes
~~ total detected protocols..: 1
~~ total active/idle flows...: 1/1
+~~ total timeout flows.......: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-~~ total memory allocated....: 1929663 bytes
-~~ total memory freed........: 1929663 bytes
+~~ total memory allocated....: 1929719 bytes
+~~ total memory freed........: 1929719 bytes
~~ total allocations/frees...: 35393/35393
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-~~ json string min len.......: 131 chars
-~~ json string max len.......: 713 chars
-~~ json string avg len.......: 491 chars
+~~ json string min len.......: 159 chars
+~~ json string max len.......: 589 chars
+~~ json string avg len.......: 442 chars
Powered by cgit, Themed by Ted Yin.