aboutsummaryrefslogtreecommitdiff
path: root/test/results/default/stun_signal_tcp.pcapng.out
blob: 8b08eceb791adf0bff3372e9ef0e45e8b27ed153 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28

00622{"daemon_event_id":1,"daemon_event_name":"init","thread_id":0,"packet_id":0,"source":"cfgs\/default\/pcap\/stun_signal_tcp.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"max-flows-per-thread":32768,"max-idle-flows-per-thread":1024,"reader-thread-count":1,"flow-scan-interval":10000000,"generic-max-idle-time":600000000,"icmp-max-idle-time":120000000,"udp-max-idle-time":180000000,"tcp-max-idle-time":7560000000,"max-packets-per-flow-to-send":5,"max-packets-per-flow-to-process":32,"max-packets-per-flow-to-analyse":32,"global_ts_usec":0}
00843{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":1,"source":"cfgs\/default\/pcap\/stun_signal_tcp.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":1,"packets-processed":0,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":0,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":0,"total-detection-updates":0,"total-updates":0,"current-active-flows":0,"total-active-flows":0,"total-idle-flows":0,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2,"global_ts_usec":1733247378288841}
00784{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1,"source":"cfgs\/default\/pcap\/stun_signal_tcp.pcapng","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1733247378288841,"flow_src_last_pkt_time":1733247378288841,"flow_dst_last_pkt_time":1733247378288841,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1733247378288841,"l3_proto":"ip4","src_ip":"192.168.1.117","dst_ip":"35.219.252.146","src_port":51296,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00550{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1,"source":"cfgs\/default\/pcap\/stun_signal_tcp.pcapng","alias":"nDPId-test","flow_id":1,"flow_packet_id":1,"flow_src_last_pkt_time":1733247378288841,"flow_dst_last_pkt_time":1733247378288841,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1733247378288841,"pkt":"ILAB4IZiSKRyNpegCABFAAA0B4lAAIAGELDAqAF1I9v8kshgAFBbKS1nAAAAAIAC+vBAUwAAAgQFtAEDAwgBAQQC"}
00551{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2,"source":"cfgs\/default\/pcap\/stun_signal_tcp.pcapng","alias":"nDPId-test","flow_id":1,"flow_packet_id":2,"flow_src_last_pkt_time":1733247378288841,"flow_dst_last_pkt_time":1733247378293937,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1733247378293937,"pkt":"SKRyNpegILAB4IZiCABFAAA0AABAADoGXjkj2\/ySwKgBdQBQyGCXmzc3WyktaIASf5Ts8QAAAgQFjAEBBAIBAwMK"}
00534{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3,"source":"cfgs\/default\/pcap\/stun_signal_tcp.pcapng","alias":"nDPId-test","flow_id":1,"flow_packet_id":3,"flow_src_last_pkt_time":1733247378294067,"flow_dst_last_pkt_time":1733247378293937,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":1733247378294067,"pkt":"ILAB4IZiSKRyNpegCABFAAAoB4xAAIAGELnAqAF1I9v8kshgAFBbKS1ol5s3OFAQAgOrMAAA"}
00574{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":4,"source":"cfgs\/default\/pcap\/stun_signal_tcp.pcapng","alias":"nDPId-test","flow_id":1,"flow_packet_id":4,"flow_src_last_pkt_time":1733247378295356,"flow_dst_last_pkt_time":1733247378293937,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":82,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":82,"pkt_l4_len":48,"thread_ts_usec":1733247378295356,"pkt":"ILAB4IZiSKRyNpegCABFAABEB49AAIAGEJrAqAF1I9v8kshgAFBbKS1ol5s3OFAYAgMlbwAAAAMACCESpEJKbERKTE9Ea0ZJSWYAGQAEEQAAAA=="}
01014{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":4,"source":"cfgs\/default\/pcap\/stun_signal_tcp.pcapng","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":1733247378288841,"flow_src_last_pkt_time":1733247378295356,"flow_dst_last_pkt_time":1733247378293937,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1733247378295356,"l3_proto":"ip4","src_ip":"192.168.1.117","dst_ip":"35.219.252.146","src_port":51296,"dst_port":80,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"STUN","proto_id":"78","proto_by_ip":"GoogleCloud","proto_by_ip_id":284,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network","hostname":"","domainame":"","stun": {"multimedia_flow_types":"Unknown"}}}
00543{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":5,"source":"cfgs\/default\/pcap\/stun_signal_tcp.pcapng","alias":"nDPId-test","flow_id":1,"flow_packet_id":5,"flow_src_last_pkt_time":1733247378295356,"flow_dst_last_pkt_time":1733247378300425,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":60,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":60,"pkt_l4_len":20,"thread_ts_usec":1733247378300425,"pkt":"SKRyNpegILAB4IZiCABFAAAoHURAADoGQQEj2\/ySwKgBdQBQyGCXmzc4WykthFAQACCs9wAAAAAAAAAA"}
01056{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":6,"source":"cfgs\/default\/pcap\/stun_signal_tcp.pcapng","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":1733247378288841,"flow_src_last_pkt_time":1733247378295356,"flow_dst_last_pkt_time":1733247378307859,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":84,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":84,"midstream":0,"thread_ts_usec":1733247378307859,"l3_proto":"ip4","src_ip":"192.168.1.117","dst_ip":"35.219.252.146","src_port":51296,"dst_port":80,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"STUN.SignalVoip","proto_id":"78.269","proto_by_ip":"GoogleCloud","proto_by_ip_id":284,"encrypted":0,"breed":"Acceptable","category_id":10,"category":"VoIP","hostname":"signal.org","domainame":"signal.org","stun": {"multimedia_flow_types":"Unknown"}}}
02212{"flow_event_id":5,"flow_event_name":"analyse","thread_id":0,"packet_id":32,"source":"cfgs\/default\/pcap\/stun_signal_tcp.pcapng","alias":"nDPId-test","flow_id":1,"flow_state":"finished","flow_src_packets_processed":17,"flow_dst_packets_processed":15,"flow_first_seen":1733247378288841,"flow_src_last_pkt_time":1733247378757373,"flow_dst_last_pkt_time":1733247378756881,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":132,"flow_dst_max_l4_payload_len":248,"flow_src_tot_l4_payload_len":1352,"flow_dst_tot_l4_payload_len":880,"midstream":0,"thread_ts_usec":1733247378757373,"l3_proto":"ip4","src_ip":"192.168.1.117","dst_ip":"35.219.252.146","src_port":51296,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"data_analysis": {"iat": {"min":0,"avg":30212.0,"max":286751,"stddev":67983.4,"var":4621743104.0,"ent":3.1,"data": [5096,5226,1289,6488,7434,14695,6967,5300,207,220,218,169,5360,2561,0,6632,276631,286751,49627,44757,3676,9298,19816,40131,25233,48588,51212,0,2689,9892,409]},"pktlen": {"min":40,"avg":111.6,"max":288,"stddev":62.1,"var":3852.6,"ent":4.8,"data": [52,52,40,68,46,124,156,124,40,160,160,160,160,92,92,144,40,172,46,172,46,288,140,46,172,46,172,148,46,188,40,140]},"bins": {"c_to_s": [6,0,0,7,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"s_to_c": [7,2,2,2,1,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]},"directions": [0,1,0,0,1,1,0,1,0,0,0,0,0,1,1,1,0,0,1,0,1,1,0,1,0,1,0,1,1,1,0,0],"entropies": [4.662476063,4.931210041,4.834183693,5.192451000,4.390829086,5.849559307,5.878578663,5.821106911,4.611769199,5.746960163,5.817604542,5.914802551,5.855510235,5.723954678,5.775637627,6.138474941,4.834183693,6.134611607,4.772925377,6.067693710,4.729446888,6.405649662,5.903401375,4.816403389,6.032229424,4.772924900,6.072082520,5.918906689,4.756514549,5.916465759,4.784183979,5.873402596]},"ndpi": {"confidence": {"6":"DPI"},"proto":"STUN.SignalVoip","proto_id":"78.269","proto_by_ip":"GoogleCloud","proto_by_ip_id":284,"encrypted":0,"breed":"Acceptable","category_id":10,"category":"VoIP","hostname":"signal.org"}}
01034{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":500,"source":"cfgs\/default\/pcap\/stun_signal_tcp.pcapng","alias":"nDPId-test","flow_id":1,"flow_state":"finished","flow_src_packets_processed":226,"flow_dst_packets_processed":274,"flow_first_seen":1733247378288841,"flow_src_last_pkt_time":1733247395709690,"flow_dst_last_pkt_time":1733247395702394,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1188,"flow_dst_max_l4_payload_len":1420,"flow_src_tot_l4_payload_len":58588,"flow_dst_tot_l4_payload_len":27476,"midstream":0,"thread_ts_usec":1733247395709690,"l3_proto":"ip4","src_ip":"192.168.1.117","dst_ip":"35.219.252.146","src_port":51296,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"STUN.SignalVoip","proto_id":"78.269","proto_by_ip":"GoogleCloud","proto_by_ip_id":284,"encrypted":0,"breed":"Acceptable","category_id":10,"category":"VoIP","hostname":"signal.org"}}
00856{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":500,"source":"cfgs\/default\/pcap\/stun_signal_tcp.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":500,"packets-processed":500,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":86064,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":1,"total-detection-updates":1,"total-updates":0,"current-active-flows":0,"total-active-flows":1,"total-idle-flows":1,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":13,"global_ts_usec":1733247395709690}
~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~
~~ packets captured/processed: 500/500
~~ skipped flows.............: 0
~~ total layer4 data length..: 86064 bytes
~~ total detected protocols..: 1
~~ total active/idle flows...: 1/1
~~ total timeout flows.......: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~ total memory allocated....: 8439029 bytes
~~ total memory freed........: 8439029 bytes
~~ total allocations/frees...: 145232/145232
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~ json message min len.......: 539 chars
~~ json message max len.......: 2217 chars
~~ json message avg len.......: 1303 chars
Powered by cgit, Themed by Ted Yin.