From d80ea84d2ebebe29761f3727fbc5295ba3cb81b8 Mon Sep 17 00:00:00 2001 From: Toni Uhlig Date: Wed, 8 Nov 2023 01:27:42 +0100 Subject: Reset `Unidirectional Traffc` risk if packets from both directions processed. * Fixed risk hash value calculation, which was only done lower 32 bits. * Reduced default reader threads count to two if cross compiling. Signed-off-by: Toni Uhlig --- test/results/flow-info/default/genshin-impact.pcap.out | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) (limited to 'test/results/flow-info/default/genshin-impact.pcap.out') diff --git a/test/results/flow-info/default/genshin-impact.pcap.out b/test/results/flow-info/default/genshin-impact.pcap.out index 8b1a512a1..8bafaf619 100644 --- a/test/results/flow-info/default/genshin-impact.pcap.out +++ b/test/results/flow-info/default/genshin-impact.pcap.out @@ -10,20 +10,19 @@ detected: [.....2] [ip4][..udp] [..192.168.2.100][59145] -> [.47.254.169.109][22102] [GenshinImpact][Alibaba][Game][Fun] RISK: Unidirectional Traffic idle: [.....1] [ip4][..udp] [..192.168.2.100][58766] -> [..47.245.143.85][22101] [GenshinImpact][Alibaba][Game][Fun] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port DAEMON-EVENT: [Processed: 30 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 2|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....3] [ip4][..udp] [..192.168.2.100][52575] -> [...8.209.69.191][22101] detected: [.....3] [ip4][..udp] [..192.168.2.100][52575] -> [...8.209.69.191][22101] [GenshinImpact][Alibaba][Game][Fun] RISK: Known Proto on Non Std Port, Unidirectional Traffic idle: [.....2] [ip4][..udp] [..192.168.2.100][59145] -> [.47.254.169.109][22102] [GenshinImpact][Alibaba][Game][Fun] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 45 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 3|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....4] [ip4][..tcp] [..192.168.2.100][39822] -> [..49.51.190.178][...80] detected: [.....4] [ip4][..tcp] [..192.168.2.100][39822] -> [..49.51.190.178][...80] [GenshinImpact][Tencent][Game][Fun] idle: [.....3] [ip4][..udp] [..192.168.2.100][52575] -> [...8.209.69.191][22101] [GenshinImpact][Alibaba][Game][Fun] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port DAEMON-EVENT: [Processed: 60 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 4|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....5] [ip4][..tcp] [..192.168.2.100][39686] -> [..49.51.181.168][...80] -- cgit v1.2.3