1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
|
DAEMON-EVENT: init
DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
new: [.....1] [ip4][..tcp] [....172.16.0.62][57094] -> [...172.16.1.138][.5222]
detected: [.....1] [ip4][..tcp] [....172.16.0.62][57094] -> [...172.16.1.138][.5222] [Jabber][Web][Acceptable]
analyse: [.....1] [ip4][..tcp] [....172.16.0.62][57094] -> [...172.16.1.138][.5222] [Jabber][Web][Acceptable]
[min|max|avg|stddev]
[IAT(flow)...: 0.000| 0.338| 0.039| 0.084]
[IAT(c->s)...: 0.000| 0.338| 0.038| 0.084][IAT(s->c)...: 0.000| 0.337| 0.040| 0.085]
[PKTLEN(c->s): 66.000| 404.000| 121.400| 88.700][PKTLEN(s->c): 66.000| 445.000| 165.500| 115.600]
[BINS(c->s)..: 11,1,0,3,0,1,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 7,1,0,1,1,3,0,0,1,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
new: [.....2] [ip4][..tcp] [....172.16.0.62][57122] -> [...172.16.1.138][.5222]
detected: [.....2] [ip4][..tcp] [....172.16.0.62][57122] -> [...172.16.1.138][.5222] [Jabber][Web][Acceptable]
analyse: [.....2] [ip4][..tcp] [....172.16.0.62][57122] -> [...172.16.1.138][.5222] [Jabber][Web][Acceptable]
[min|max|avg|stddev]
[IAT(flow)...: 0.000| 0.337| 0.038| 0.085]
[IAT(c->s)...: 0.000| 0.337| 0.037| 0.085][IAT(s->c)...: 0.000| 0.336| 0.039| 0.085]
[PKTLEN(c->s): 66.000| 404.000| 121.400| 88.700][PKTLEN(s->c): 66.000| 445.000| 165.400| 115.500]
[BINS(c->s)..: 11,1,0,3,0,1,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 7,1,0,1,1,3,0,0,1,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
new: [.....3] [ip4][..tcp] [....172.16.0.62][57126] -> [...172.16.1.138][.5222] [MIDSTREAM]
detected: [.....3] [ip4][..tcp] [....172.16.0.62][57126] -> [...172.16.1.138][.5222] [Jabber][Web][Acceptable]
new: [.....4] [ip4][..tcp] [....172.16.0.62][57129] -> [...172.16.1.138][.5222] [MIDSTREAM]
detected: [.....4] [ip4][..tcp] [....172.16.0.62][57129] -> [...172.16.1.138][.5222] [Jabber][Web][Acceptable]
DAEMON-EVENT: [Processed: 189 pkts][ZLib][compressions: 0|diff: 0 / 0]
DAEMON-EVENT: [Flows][active: 4 / 4|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
end: [.....3] [ip4][..tcp] [....172.16.0.62][57126] -> [...172.16.1.138][.5222] [Jabber][Web][Acceptable]
new: [.....5] [ip4][..tcp] [....172.16.0.62][57147] -> [...172.16.1.138][.5222]
detected: [.....5] [ip4][..tcp] [....172.16.0.62][57147] -> [...172.16.1.138][.5222] [Jabber][Web][Acceptable]
new: [.....6] [ip4][..tcp] [....172.16.0.62][57149] -> [...172.16.1.138][.5222] [MIDSTREAM]
detected: [.....6] [ip4][..tcp] [....172.16.0.62][57149] -> [...172.16.1.138][.5222] [Jabber][Web][Acceptable]
end: [.....5] [ip4][..tcp] [....172.16.0.62][57147] -> [...172.16.1.138][.5222] [Jabber][Web][Acceptable]
DAEMON-EVENT: [Processed: 243 pkts][ZLib][compressions: 0|diff: 0 / 0]
DAEMON-EVENT: [Flows][active: 4 / 6|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
analyse: [.....6] [ip4][..tcp] [....172.16.0.62][57149] -> [...172.16.1.138][.5222] [Jabber][Web][Acceptable]
[min|max|avg|stddev]
[IAT(flow)...: 0.000| 600.488| 42.007| 147.105]
[IAT(c->s)...: 0.000| 600.484| 38.300| 140.969][IAT(s->c)...: 0.000| 600.488| 46.510| 154.108]
[PKTLEN(c->s): 66.000| 305.000| 126.300| 77.600][PKTLEN(s->c): 66.000| 529.000| 214.300| 140.200]
[BINS(c->s)..: 9,4,0,0,2,2,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 4,0,0,5,0,0,3,0,0,0,0,0,1,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
DAEMON-EVENT: [Processed: 270 pkts][ZLib][compressions: 0|diff: 0 / 0]
DAEMON-EVENT: [Flows][active: 4 / 6|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
new: [.....7] [ip4][..tcp] [...192.168.58.1][53460] -> [.192.168.58.153][.5222]
detected: [.....7] [ip4][..tcp] [...192.168.58.1][53460] -> [.192.168.58.153][.5222] [Jabber][Web][Acceptable]
idle: [.....1] [ip4][..tcp] [....172.16.0.62][57094] -> [...172.16.1.138][.5222] [Jabber][Web][Acceptable]
idle: [.....2] [ip4][..tcp] [....172.16.0.62][57122] -> [...172.16.1.138][.5222] [Jabber][Web][Acceptable]
idle: [.....4] [ip4][..tcp] [....172.16.0.62][57129] -> [...172.16.1.138][.5222] [Jabber][Web][Acceptable]
idle: [.....6] [ip4][..tcp] [....172.16.0.62][57149] -> [...172.16.1.138][.5222] [Jabber][Web][Acceptable]
DAEMON-EVENT: [Processed: 283 pkts][ZLib][compressions: 0|diff: 0 / 0]
DAEMON-EVENT: [Flows][active: 1 / 7|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
new: [.....8] [ip4][..tcp] [..192.168.2.100][34218] -> [.160.44.201.102][.5223]
detected: [.....8] [ip4][..tcp] [..192.168.2.100][34218] -> [.160.44.201.102][.5223] [Jabber][Web][Acceptable]
end: [.....7] [ip4][..tcp] [...192.168.58.1][53460] -> [.192.168.58.153][.5222] [Jabber][Web][Acceptable]
DAEMON-EVENT: [Processed: 298 pkts][ZLib][compressions: 0|diff: 0 / 0]
DAEMON-EVENT: [Flows][active: 1 / 8|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
new: [.....9] [ip4][..tcp] [..192.168.2.100][37614] -> [.160.44.201.102][.5223]
detected: [.....9] [ip4][..tcp] [..192.168.2.100][37614] -> [.160.44.201.102][.5223] [Jabber][Web][Acceptable]
idle: [.....8] [ip4][..tcp] [..192.168.2.100][34218] -> [.160.44.201.102][.5223] [Jabber][Web][Acceptable]
DAEMON-EVENT: [Processed: 313 pkts][ZLib][compressions: 0|diff: 0 / 0]
DAEMON-EVENT: [Flows][active: 1 / 9|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
new: [....10] [ip4][..tcp] [..192.168.2.100][58388] -> [.160.44.201.102][.5223]
detected: [....10] [ip4][..tcp] [..192.168.2.100][58388] -> [.160.44.201.102][.5223] [Jabber][Web][Acceptable]
idle: [.....9] [ip4][..tcp] [..192.168.2.100][37614] -> [.160.44.201.102][.5223] [Jabber][Web][Acceptable]
DAEMON-EVENT: [Processed: 328 pkts][ZLib][compressions: 0|diff: 0 / 0]
DAEMON-EVENT: [Flows][active: 1 / 10|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
new: [....11] [ip4][..tcp] [..192.168.2.100][41420] -> [.160.44.201.102][.5223]
detected: [....11] [ip4][..tcp] [..192.168.2.100][41420] -> [.160.44.201.102][.5223] [Jabber][Web][Acceptable]
idle: [....10] [ip4][..tcp] [..192.168.2.100][58388] -> [.160.44.201.102][.5223] [Jabber][Web][Acceptable]
DAEMON-EVENT: [Processed: 343 pkts][ZLib][compressions: 0|diff: 0 / 0]
DAEMON-EVENT: [Flows][active: 1 / 11|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
new: [....12] [ip4][..tcp] [..192.168.2.100][34070] -> [.160.44.201.102][.5223]
detected: [....12] [ip4][..tcp] [..192.168.2.100][34070] -> [.160.44.201.102][.5223] [Jabber][Web][Acceptable]
idle: [....11] [ip4][..tcp] [..192.168.2.100][41420] -> [.160.44.201.102][.5223] [Jabber][Web][Acceptable]
idle: [....12] [ip4][..tcp] [..192.168.2.100][34070] -> [.160.44.201.102][.5223] [Jabber][Web][Acceptable]
DAEMON-EVENT: shutdown
|