aboutsummaryrefslogtreecommitdiff
path: root/test/results/default/signal_videocall.pcapng.out
blob: 7bf2b9d36bc50b0f7b07dd79f9874318ff679819 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49

00623{"daemon_event_id":1,"daemon_event_name":"init","thread_id":0,"packet_id":0,"source":"cfgs\/default\/pcap\/signal_videocall.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"max-flows-per-thread":32768,"max-idle-flows-per-thread":1024,"reader-thread-count":1,"flow-scan-interval":10000000,"generic-max-idle-time":600000000,"icmp-max-idle-time":120000000,"udp-max-idle-time":180000000,"tcp-max-idle-time":7560000000,"max-packets-per-flow-to-send":5,"max-packets-per-flow-to-process":32,"max-packets-per-flow-to-analyse":32,"global_ts_usec":0}
00844{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":1,"source":"cfgs\/default\/pcap\/signal_videocall.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":1,"packets-processed":0,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":0,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":0,"total-detection-updates":0,"total-updates":0,"current-active-flows":0,"total-active-flows":0,"total-idle-flows":0,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2,"global_ts_usec":1732024431954625}
00789{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1,"source":"cfgs\/default\/pcap\/signal_videocall.pcapng","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1732024431954625,"flow_src_last_pkt_time":1732024431954625,"flow_dst_last_pkt_time":1732024431954625,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":20,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":20,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":20,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1732024431954625,"l3_proto":"ip4","src_ip":"192.168.12.67","dst_ip":"35.216.234.234","src_port":47926,"dst_port":3478,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
00547{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1,"source":"cfgs\/default\/pcap\/signal_videocall.pcapng","alias":"nDPId-test","flow_id":1,"flow_packet_id":1,"flow_src_last_pkt_time":1732024431954625,"flow_dst_last_pkt_time":1732024431954625,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":62,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":62,"pkt_l4_len":28,"thread_ts_usec":1732024431954625,"pkt":"dNo47VMyYhO2esBpCABFAAAwZxZAAEAR9\/jAqAxDI9jq6rs2DZYAHHvlAAEAACESpEJQQm9QWFIrVWRPcnY="}
01017{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1,"source":"cfgs\/default\/pcap\/signal_videocall.pcapng","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1732024431954625,"flow_src_last_pkt_time":1732024431954625,"flow_dst_last_pkt_time":1732024431954625,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":20,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":20,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":20,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1732024431954625,"l3_proto":"ip4","src_ip":"192.168.12.67","dst_ip":"35.216.234.234","src_port":47926,"dst_port":3478,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"STUN","proto_id":"78","proto_by_ip":"GoogleCloud","proto_by_ip_id":284,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network","hostname":"","domainame":"","stun": {"multimedia_flow_types":"Unknown"}}}
00789{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2,"source":"cfgs\/default\/pcap\/signal_videocall.pcapng","alias":"nDPId-test","flow_id":2,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1732024431955912,"flow_src_last_pkt_time":1732024431955912,"flow_dst_last_pkt_time":1732024431955912,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":20,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":20,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":20,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1732024431955912,"l3_proto":"ip4","src_ip":"192.168.12.67","dst_ip":"35.219.252.146","src_port":47926,"dst_port":3478,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
00546{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2,"source":"cfgs\/default\/pcap\/signal_videocall.pcapng","alias":"nDPId-test","flow_id":2,"flow_packet_id":1,"flow_src_last_pkt_time":1732024431955912,"flow_dst_last_pkt_time":1732024431955912,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":62,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":62,"pkt_l4_len":28,"thread_ts_usec":1732024431955912,"pkt":"dNo47VMyYhO2esBpCABFAAAwtSNAAEARmEDAqAxDI9v8krs2DZYAHF30AAEAACESpEJKdmo2eHhiZEdrT1E="}
01017{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2,"source":"cfgs\/default\/pcap\/signal_videocall.pcapng","alias":"nDPId-test","flow_id":2,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1732024431955912,"flow_src_last_pkt_time":1732024431955912,"flow_dst_last_pkt_time":1732024431955912,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":20,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":20,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":20,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1732024431955912,"l3_proto":"ip4","src_ip":"192.168.12.67","dst_ip":"35.219.252.146","src_port":47926,"dst_port":3478,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"STUN","proto_id":"78","proto_by_ip":"GoogleCloud","proto_by_ip_id":284,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network","hostname":"","domainame":"","stun": {"multimedia_flow_types":"Unknown"}}}
00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3,"source":"cfgs\/default\/pcap\/signal_videocall.pcapng","alias":"nDPId-test","flow_id":2,"flow_packet_id":2,"flow_src_last_pkt_time":1732024431956045,"flow_dst_last_pkt_time":1732024431955912,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":70,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":70,"pkt_l4_len":36,"thread_ts_usec":1732024431956045,"pkt":"dNo47VMyYhO2esBpCABFAAA4tSRAAEARmDfAqAxDI9v8krs2DZYAJHj9AAMACCESpEJGT0RzSVBnV3VDSVgAGQAEEQAAAA=="}
01150{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":3,"source":"cfgs\/default\/pcap\/signal_videocall.pcapng","alias":"nDPId-test","flow_id":2,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":1732024431955912,"flow_src_last_pkt_time":1732024431956045,"flow_dst_last_pkt_time":1732024431955912,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":20,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1732024431956045,"l3_proto":"ip4","src_ip":"192.168.12.67","dst_ip":"35.219.252.146","src_port":47926,"dst_port":3478,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"STUN","proto_id":"78","proto_by_ip":"GoogleCloud","proto_by_ip_id":284,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network","hostname":"","domainame":"","stun": {"multimedia_flow_types":"Unknown"}}}
00592{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":4,"source":"cfgs\/default\/pcap\/signal_videocall.pcapng","alias":"nDPId-test","flow_id":2,"flow_packet_id":3,"flow_src_last_pkt_time":1732024431956045,"flow_dst_last_pkt_time":1732024431959193,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":94,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":94,"pkt_l4_len":60,"thread_ts_usec":1732024431959193,"pkt":"YhO2esBpdNo47VMyCABFAABQi8xAADkRyHcj2\/ySwKgMQw2WuzYAPLQBAQEAICESpEJKdmo2eHhiZEdrT1EAIAAIAAGRw3wxDFwAAQAIAAGw0V0jqB6AKAAE\/+dX5g=="}
01065{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":4,"source":"cfgs\/default\/pcap\/signal_videocall.pcapng","alias":"nDPId-test","flow_id":2,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":1,"flow_first_seen":1732024431955912,"flow_src_last_pkt_time":1732024431956045,"flow_dst_last_pkt_time":1732024431959193,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":20,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":52,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":52,"midstream":0,"thread_ts_usec":1732024431959193,"l3_proto":"ip4","src_ip":"192.168.12.67","dst_ip":"35.219.252.146","src_port":47926,"dst_port":3478,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"STUN","proto_id":"78","proto_by_ip":"GoogleCloud","proto_by_ip_id":284,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network","hostname":"","domainame":"","stun": {"mapped_address":"93.35.168.30:45265","multimedia_flow_types":"Unknown"}}}
00633{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":5,"source":"cfgs\/default\/pcap\/signal_videocall.pcapng","alias":"nDPId-test","flow_id":2,"flow_packet_id":4,"flow_src_last_pkt_time":1732024431956045,"flow_dst_last_pkt_time":1732024431959746,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":126,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":126,"pkt_l4_len":92,"thread_ts_usec":1732024431959746,"pkt":"YhO2esBpdNo47VMyCABFAABwi81AADkRyFYj2\/ySwKgMQw2WuzYAXM1WARMAQCESpEJGT0RzSVBnV3VDSVgACQAQAAAEAVVuYXV0aG9yaXplZAAVABA3MWRlZDFjNTBiN2Q0NGFmABQACnNpZ25hbC5vcmcAAIAoAAR7NBQ3"}
01098{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":5,"source":"cfgs\/default\/pcap\/signal_videocall.pcapng","alias":"nDPId-test","flow_id":2,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":1732024431955912,"flow_src_last_pkt_time":1732024431956045,"flow_dst_last_pkt_time":1732024431959746,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":20,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":84,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":136,"midstream":0,"thread_ts_usec":1732024431959746,"l3_proto":"ip4","src_ip":"192.168.12.67","dst_ip":"35.219.252.146","src_port":47926,"dst_port":3478,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"STUN.SignalVoip","proto_id":"78.269","proto_by_ip":"GoogleCloud","proto_by_ip_id":284,"encrypted":0,"breed":"Acceptable","category_id":10,"category":"VoIP","hostname":"signal.org","domainame":"signal.org","stun": {"mapped_address":"93.35.168.30:45265","multimedia_flow_types":"Unknown"}}}
00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":6,"source":"cfgs\/default\/pcap\/signal_videocall.pcapng","alias":"nDPId-test","flow_id":1,"flow_packet_id":2,"flow_src_last_pkt_time":1732024431959841,"flow_dst_last_pkt_time":1732024431954625,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":70,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":70,"pkt_l4_len":36,"thread_ts_usec":1732024431959841,"pkt":"dNo47VMyYhO2esBpCABFAAA4ZxdAAEAR9+\/AqAxDI9jq6rs2DZYAJF1+AAMACCESpEJoc3FkNDJvUEJsZ2kAGQAEEQAAAA=="}
01170{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":6,"source":"cfgs\/default\/pcap\/signal_videocall.pcapng","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":1732024431954625,"flow_src_last_pkt_time":1732024431959841,"flow_dst_last_pkt_time":1732024431954625,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":20,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1732024431959841,"l3_proto":"ip4","src_ip":"192.168.12.67","dst_ip":"35.216.234.234","src_port":47926,"dst_port":3478,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"5":"DPI (cache)"},"proto":"STUN.SignalVoip","proto_id":"78.269","proto_by_ip":"GoogleCloud","proto_by_ip_id":284,"encrypted":0,"breed":"Acceptable","category_id":10,"category":"VoIP","hostname":"","domainame":"","stun": {"multimedia_flow_types":"Unknown"}}}
00677{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":7,"source":"cfgs\/default\/pcap\/signal_videocall.pcapng","alias":"nDPId-test","flow_id":2,"flow_packet_id":5,"flow_src_last_pkt_time":1732024431962384,"flow_dst_last_pkt_time":1732024431959746,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":158,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":158,"pkt_l4_len":124,"thread_ts_usec":1732024431962384,"pkt":"dNo47VMyYhO2esBpCABFAACQtSVAAEARl97AqAxDI9v8krs2DZYAfNU1AAMAYCESpEJLZGY0aGpCR2VDNmwAGQAEEQAAAAAGABcxNzMyMTEwODMzOjg5NTYwMTIyMyMwMQAAFAAKc2lnbmFsLm9yZwAAABUAEDcxZGVkMWM1MGI3ZDQ0YWYACAAUgVqrAzIcqrmsvPu1c7hMsgoikGk="}
00590{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":8,"source":"cfgs\/default\/pcap\/signal_videocall.pcapng","alias":"nDPId-test","flow_id":1,"flow_packet_id":3,"flow_src_last_pkt_time":1732024431959841,"flow_dst_last_pkt_time":1732024431962820,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":94,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":94,"pkt_l4_len":60,"thread_ts_usec":1732024431962820,"pkt":"YhO2esBpdNo47VMyCABFYABQmTNAADkRzFsj2OrqwKgMQw2WuzYAPPTfAQEAICESpEJQQm9QWFIrVWRPcnYAIAAIAAGRw3wxDFwAAQAIAAGw0V0jqB6AKAAELCkIuA=="}
01085{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":8,"source":"cfgs\/default\/pcap\/signal_videocall.pcapng","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":1,"flow_first_seen":1732024431954625,"flow_src_last_pkt_time":1732024431959841,"flow_dst_last_pkt_time":1732024431962820,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":20,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":52,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":52,"midstream":0,"thread_ts_usec":1732024431962820,"l3_proto":"ip4","src_ip":"192.168.12.67","dst_ip":"35.216.234.234","src_port":47926,"dst_port":3478,"l4_proto":"udp","ndpi": {"confidence": {"5":"DPI (cache)"},"proto":"STUN.SignalVoip","proto_id":"78.269","proto_by_ip":"GoogleCloud","proto_by_ip_id":284,"encrypted":0,"breed":"Acceptable","category_id":10,"category":"VoIP","hostname":"","domainame":"","stun": {"mapped_address":"93.35.168.30:45265","multimedia_flow_types":"Unknown"}}}
00633{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":10,"source":"cfgs\/default\/pcap\/signal_videocall.pcapng","alias":"nDPId-test","flow_id":1,"flow_packet_id":4,"flow_src_last_pkt_time":1732024431959841,"flow_dst_last_pkt_time":1732024431967507,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":126,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":126,"pkt_l4_len":92,"thread_ts_usec":1732024431967507,"pkt":"YhO2esBpdNo47VMyCABFYABwmTdAADkRzDcj2OrqwKgMQw2WuzYAXIRlARMAQCESpEJoc3FkNDJvUEJsZ2kACQAQAAAEAVVuYXV0aG9yaXplZAAVABAyMzlmNWI0MDIzNmE0ZmIyABQACnNpZ25hbC5vcmcAAIAoAAR3etFo"}
01107{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":10,"source":"cfgs\/default\/pcap\/signal_videocall.pcapng","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":1732024431954625,"flow_src_last_pkt_time":1732024431959841,"flow_dst_last_pkt_time":1732024431967507,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":20,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":84,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":136,"midstream":0,"thread_ts_usec":1732024431967507,"l3_proto":"ip4","src_ip":"192.168.12.67","dst_ip":"35.216.234.234","src_port":47926,"dst_port":3478,"l4_proto":"udp","ndpi": {"confidence": {"5":"DPI (cache)"},"proto":"STUN.SignalVoip","proto_id":"78.269","proto_by_ip":"GoogleCloud","proto_by_ip_id":284,"encrypted":0,"breed":"Acceptable","category_id":10,"category":"VoIP","hostname":"signal.org","domainame":"signal.org","stun": {"mapped_address":"93.35.168.30:45265","multimedia_flow_types":"Unknown"}}}
00679{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":11,"source":"cfgs\/default\/pcap\/signal_videocall.pcapng","alias":"nDPId-test","flow_id":1,"flow_packet_id":5,"flow_src_last_pkt_time":1732024431970453,"flow_dst_last_pkt_time":1732024431967507,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":158,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":158,"pkt_l4_len":124,"thread_ts_usec":1732024431970453,"pkt":"dNo47VMyYhO2esBpCABFAACQZxlAAEAR95XAqAxDI9jq6rs2DZYAfJ\/eAAMAYCESpEJtY0MxU2RsRTVSTFIAGQAEEQAAAAAGABcxNzMyMTEwODMzOjg5NTYwMTIyMyMwMQAAFAAKc2lnbmFsLm9yZwAAABUAEDIzOWY1YjQwMjM2YTRmYjIACAAUWuhe5DwiuoVslYdnHO9VLKb1KDk="}
00791{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":24,"source":"cfgs\/default\/pcap\/signal_videocall.pcapng","alias":"nDPId-test","flow_id":3,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1732024434112285,"flow_src_last_pkt_time":1732024434112285,"flow_dst_last_pkt_time":1732024434112285,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":96,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":96,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":96,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1732024434112285,"l3_proto":"ip4","src_ip":"192.168.12.67","dst_ip":"35.219.252.146","src_port":47926,"dst_port":56377,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
00653{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":24,"source":"cfgs\/default\/pcap\/signal_videocall.pcapng","alias":"nDPId-test","flow_id":3,"flow_packet_id":1,"flow_src_last_pkt_time":1732024434112285,"flow_dst_last_pkt_time":1732024434112285,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":138,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":138,"pkt_l4_len":104,"thread_ts_usec":1732024434112285,"pkt":"dNo47VMyYhO2esBpCABFAAB8tZtAAEARl3zAqAxDI9v8krs23DkAaDzbAAEATCESpEJvVmpOd0IwS3IzMTcABgAJKzRmSDpxcDhzAAAAwFcABAADAAqAKgAItCq\/i7rPSYsAJAAEbn8e\/wAIABQsPdFbp2Mty9aiJruZ\/Hgd1SZ9SYAoAAQ0snQG"}
01171{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":24,"source":"cfgs\/default\/pcap\/signal_videocall.pcapng","alias":"nDPId-test","flow_id":3,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1732024434112285,"flow_src_last_pkt_time":1732024434112285,"flow_dst_last_pkt_time":1732024434112285,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":96,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":96,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":96,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1732024434112285,"l3_proto":"ip4","src_ip":"192.168.12.67","dst_ip":"35.219.252.146","src_port":47926,"dst_port":56377,"l4_proto":"udp","ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":160,"client":140,"server":20}}},"confidence": {"5":"DPI (cache)"},"proto":"STUN.SignalVoip","proto_id":"78.269","proto_by_ip":"GoogleCloud","proto_by_ip_id":284,"encrypted":0,"breed":"Acceptable","category_id":10,"category":"VoIP","hostname":"","domainame":"","stun": {"multimedia_flow_types":"Unknown"}}}
00611{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":26,"source":"cfgs\/default\/pcap\/signal_videocall.pcapng","alias":"nDPId-test","flow_id":3,"flow_packet_id":2,"flow_src_last_pkt_time":1732024434112285,"flow_dst_last_pkt_time":1732024434178241,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":106,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":106,"pkt_l4_len":72,"thread_ts_usec":1732024434178241,"pkt":"YhO2esBpdNo47VMyCABFYABcj7BAADIRyycj2\/ySwKgMQ9w5uzYASCrcAQEALCESpEJvVmpOd0IwS3IzMTcAIAAIAAGRwHwxDFwACAAUzCtdmPFLOE2hrfqThQbG\/WfenmGAKAAE+56MVw=="}
00665{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":27,"source":"cfgs\/default\/pcap\/signal_videocall.pcapng","alias":"nDPId-test","flow_id":3,"flow_packet_id":3,"flow_src_last_pkt_time":1732024434208184,"flow_dst_last_pkt_time":1732024434178241,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":146,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":146,"pkt_l4_len":112,"thread_ts_usec":1732024434208184,"pkt":"dNo47VMyYhO2esBpCABFAACEtaBAAEARl2\/AqAxDI9v8krs23DkAcJ01AAEAVCESpEJ5YkVGeHg2Vm54cEwABgAJKzRmSDpxcDhzAAAAwFcABAADAAqAKgAItCq\/i7rPSYvAAQAEAAAAAQAkAARufx7\/AAgAFBR40kD7fQkz6Qg731KFxeC3zkjNgCgABDObOGE="}
00665{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":28,"source":"cfgs\/default\/pcap\/signal_videocall.pcapng","alias":"nDPId-test","flow_id":3,"flow_packet_id":4,"flow_src_last_pkt_time":1732024434257371,"flow_dst_last_pkt_time":1732024434178241,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":146,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":146,"pkt_l4_len":112,"thread_ts_usec":1732024434257371,"pkt":"dNo47VMyYhO2esBpCABFAACEtaNAAEARl2zAqAxDI9v8krs23DkAcLCLAAEAVCESpEIvVzZEb0YxN3VBZ04ABgAJKzRmSDpxcDhzAAAAwFcABAADAAqAKgAItCq\/i7rPSYvAAQAEAAAAAQAkAARufx7\/AAgAFB0q7oEahdIgYLDgT\/FjacmxOl1HgCgABEHzBpk="}
00610{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":29,"source":"cfgs\/default\/pcap\/signal_videocall.pcapng","alias":"nDPId-test","flow_id":3,"flow_packet_id":5,"flow_src_last_pkt_time":1732024434257371,"flow_dst_last_pkt_time":1732024434268071,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":106,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":106,"pkt_l4_len":72,"thread_ts_usec":1732024434268071,"pkt":"YhO2esBpdNo47VMyCABFYABcj9ZAADIRywEj2\/ySwKgMQ9w5uzYASIPeAQEALCESpEJ5YkVGeHg2Vm54cEwAIAAIAAGRwHwxDFwACAAULNk0SsQGD73EexLHOWxlLf1+DQiAKAAEShdJ1g=="}
02382{"flow_event_id":5,"flow_event_name":"analyse","thread_id":0,"packet_id":64,"source":"cfgs\/default\/pcap\/signal_videocall.pcapng","alias":"nDPId-test","flow_id":3,"flow_state":"finished","flow_src_packets_processed":15,"flow_dst_packets_processed":17,"flow_first_seen":1732024434112285,"flow_src_last_pkt_time":1732024441333397,"flow_dst_last_pkt_time":1732024441541595,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":104,"flow_dst_max_l4_payload_len":96,"flow_src_tot_l4_payload_len":1156,"flow_dst_tot_l4_payload_len":1232,"midstream":0,"thread_ts_usec":1732024441541595,"l3_proto":"ip4","src_ip":"192.168.12.67","dst_ip":"35.219.252.146","src_port":47926,"dst_port":56377,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"data_analysis": {"iat": {"min":7924,"avg":472594.2,"max":2449226,"stddev":710703.9,"var":505100075008.0,"ent":3.7,"data": [65956,95899,49187,89830,51983,7924,75804,92201,90821,45764,45926,841819,964746,88146,209352,700416,8800,797762,169039,140771,9988,132129,62705,2295091,2449226,43943,201199,880503,2304788,1490835,147869]},"pktlen": {"min":56,"avg":102.6,"max":132,"stddev":22.3,"var":496.6,"ent":5.0,"data": [124,92,132,132,92,92,124,92,124,92,124,92,124,92,124,92,56,84,124,92,84,56,124,92,124,92,124,92,56,124,92,124]},"bins": {"c_to_s": [1,1,6,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"s_to_c": [2,1,7,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]},"directions": [0,1,0,0,1,1,1,0,1,0,1,0,0,1,1,0,1,1,0,1,0,0,1,0,0,1,1,0,1,0,1,1],"entropies": [5.976831913,5.915143967,5.742778778,5.854558945,5.733025551,5.885198593,5.998001575,5.797378063,6.024171352,5.726989746,5.921308994,5.664066315,5.913927555,5.841720104,5.901226997,5.802705288,5.235924244,5.790773869,5.923968792,5.811777592,5.734168530,5.119329453,5.946332932,5.906072140,5.847799778,5.811777115,5.940245152,5.748729706,5.115301609,5.849411488,5.828187466,5.968549728]},"ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":160,"client":140,"server":20}}},"confidence": {"5":"DPI (cache)"},"proto":"STUN.SignalVoip","proto_id":"78.269","proto_by_ip":"GoogleCloud","proto_by_ip_id":284,"encrypted":0,"breed":"Acceptable","category_id":10,"category":"VoIP"}}
01153{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":334,"source":"cfgs\/default\/pcap\/signal_videocall.pcapng","alias":"nDPId-test","flow_id":3,"flow_state":"finished","flow_src_packets_processed":167,"flow_dst_packets_processed":131,"flow_first_seen":1732024434112285,"flow_src_last_pkt_time":1732024444819796,"flow_dst_last_pkt_time":1732024444862357,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1181,"flow_dst_max_l4_payload_len":858,"flow_src_tot_l4_payload_len":80551,"flow_dst_tot_l4_payload_len":26428,"midstream":0,"thread_ts_usec":1732024444862357,"l3_proto":"ip4","src_ip":"192.168.12.67","dst_ip":"35.219.252.146","src_port":47926,"dst_port":56377,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":160,"client":140,"server":20}}},"confidence": {"5":"DPI (cache)"},"proto":"STUN.SignalVoip","proto_id":"78.269","proto_by_ip":"GoogleCloud","proto_by_ip_id":284,"encrypted":0,"breed":"Acceptable","category_id":10,"category":"VoIP"}}
01034{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":334,"source":"cfgs\/default\/pcap\/signal_videocall.pcapng","alias":"nDPId-test","flow_id":1,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":1732024431954625,"flow_src_last_pkt_time":1732024441970315,"flow_dst_last_pkt_time":1732024441977780,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":20,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":116,"flow_dst_max_l4_payload_len":84,"flow_src_tot_l4_payload_len":300,"flow_dst_tot_l4_payload_len":332,"midstream":0,"thread_ts_usec":1732024444862357,"l3_proto":"ip4","src_ip":"192.168.12.67","dst_ip":"35.216.234.234","src_port":47926,"dst_port":3478,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"5":"DPI (cache)"},"proto":"STUN.SignalVoip","proto_id":"78.269","proto_by_ip":"GoogleCloud","proto_by_ip_id":284,"encrypted":0,"breed":"Acceptable","category_id":10,"category":"VoIP","hostname":"signal.org"}}
01028{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":334,"source":"cfgs\/default\/pcap\/signal_videocall.pcapng","alias":"nDPId-test","flow_id":2,"flow_state":"finished","flow_src_packets_processed":13,"flow_dst_packets_processed":13,"flow_first_seen":1732024431955912,"flow_src_last_pkt_time":1732024441965798,"flow_dst_last_pkt_time":1732024441969357,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":20,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":120,"flow_dst_max_l4_payload_len":84,"flow_src_tot_l4_payload_len":712,"flow_dst_tot_l4_payload_len":908,"midstream":0,"thread_ts_usec":1732024444862357,"l3_proto":"ip4","src_ip":"192.168.12.67","dst_ip":"35.219.252.146","src_port":47926,"dst_port":3478,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"STUN.SignalVoip","proto_id":"78.269","proto_by_ip":"GoogleCloud","proto_by_ip_id":284,"encrypted":0,"breed":"Acceptable","category_id":10,"category":"VoIP","hostname":"signal.org"}}
00858{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":334,"source":"cfgs\/default\/pcap\/signal_videocall.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":334,"packets-processed":334,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":109231,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":3,"total-detection-updates":6,"total-updates":0,"current-active-flows":0,"total-active-flows":3,"total-idle-flows":3,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":34,"global_ts_usec":1732024444862357}
~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~
~~ packets captured/processed: 334/334
~~ skipped flows.............: 0
~~ total layer4 data length..: 109231 bytes
~~ total detected protocols..: 3
~~ total active/idle flows...: 3/3
~~ total timeout flows.......: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~ total memory allocated....: 8436996 bytes
~~ total memory freed........: 8436996 bytes
~~ total allocations/frees...: 145089/145089
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~ json message min len.......: 551 chars
~~ json message max len.......: 2387 chars
~~ json message avg len.......: 1450 chars
Powered by cgit, Themed by Ted Yin.