1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
|
DAEMON-EVENT: init
DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
new: [.....1] [ip4][..udp] [....192.168.1.2][.5060] -> [..212.242.33.35][.5060]
detected: [.....1] [ip4][..udp] [....192.168.1.2][.5060] -> [..212.242.33.35][.5060] [SIP][VoIP][Acceptable]
update: [.....1] [ip4][..udp] [....192.168.1.2][.5060] -> [..212.242.33.35][.5060] [SIP][VoIP][Acceptable]
update: [.....1] [ip4][..udp] [....192.168.1.2][.5060] -> [..212.242.33.35][.5060] [SIP][VoIP][Acceptable]
update: [.....1] [ip4][..udp] [....192.168.1.2][.5060] -> [..212.242.33.35][.5060] [SIP][VoIP][Acceptable]
update: [.....1] [ip4][..udp] [....192.168.1.2][.5060] -> [..212.242.33.35][.5060] [SIP][VoIP][Acceptable]
new: [.....2] [ip4][..udp] [....192.168.1.2][.5060] -> [..200.68.120.81][.5060]
detected: [.....2] [ip4][..udp] [....192.168.1.2][.5060] -> [..200.68.120.81][.5060] [SIP][VoIP][Acceptable]
update: [.....1] [ip4][..udp] [....192.168.1.2][.5060] -> [..212.242.33.35][.5060] [SIP][VoIP][Acceptable]
update: [.....1] [ip4][..udp] [....192.168.1.2][.5060] -> [..212.242.33.35][.5060] [SIP][VoIP][Acceptable]
update: [.....2] [ip4][..udp] [....192.168.1.2][.5060] -> [..200.68.120.81][.5060] [SIP][VoIP][Acceptable]
update: [.....1] [ip4][..udp] [....192.168.1.2][.5060] -> [..212.242.33.35][.5060] [SIP][VoIP][Acceptable]
update: [.....2] [ip4][..udp] [....192.168.1.2][.5060] -> [..200.68.120.81][.5060] [SIP][VoIP][Acceptable]
DAEMON-EVENT: [Processed: 43 pkts][ZLib][compressions: 0|diff: 0 / 0]
DAEMON-EVENT: [Flows][active: 2 / 2|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 9]
update: [.....1] [ip4][..udp] [....192.168.1.2][.5060] -> [..212.242.33.35][.5060] [SIP][VoIP][Acceptable]
update: [.....2] [ip4][..udp] [....192.168.1.2][.5060] -> [..200.68.120.81][.5060] [SIP][VoIP][Acceptable]
analyse: [.....1] [ip4][..udp] [....192.168.1.2][.5060] -> [..212.242.33.35][.5060] [SIP][VoIP][Acceptable]
[min|max|avg|stddev|variance|entropy]
[IAT.........: 0.026| 279.042| 42.751| 57.874|3349363405.357| 0.000]
[PKTLEN......: 47.000| 867.000| 429.300| 273.000|74531.700| 4.600]
[BINS(c->s)..: 9,0,0,0,0,0,0,0,0,0,1,0,0,0,4,0,0,0,0,0,0,4,0,0,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 0,0,0,0,0,0,0,0,0,2,1,0,0,0,1,6,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[DIRECTIONS..: 0,1,0,1,1,0,1,0,1,0,1,0,1,0,1,0,1,1,0,0,0,0,0,0,0,0,0,0,0,0,1,0]
[IATS........: 136757,17415627,17424961,49834,89928591,89874891,17280679,17290428,150200040,150188219,17325180,17335822,73916043,73902652,17325038,17333170,25935,17724998,29031776,29092737,34118166,34119076,29272359,29031830,29031631,29031476,17104967,497671,1001842,279041814,227102,0]
[PKTLENS.....: 509,528,722,348,388,509,528,722,533,509,528,722,533,509,528,722,348,512,47,47,47,47,47,47,47,47,47,867,867,867,635,382]
update: [.....1] [ip4][..udp] [....192.168.1.2][.5060] -> [..212.242.33.35][.5060] [SIP][VoIP][Acceptable]
update: [.....2] [ip4][..udp] [....192.168.1.2][.5060] -> [..200.68.120.81][.5060] [SIP][VoIP][Acceptable]
idle: [.....2] [ip4][..udp] [....192.168.1.2][.5060] -> [..200.68.120.81][.5060] [SIP][VoIP][Acceptable]
update: [.....1] [ip4][..udp] [....192.168.1.2][.5060] -> [..212.242.33.35][.5060] [SIP][VoIP][Acceptable]
update: [.....1] [ip4][..udp] [....192.168.1.2][.5060] -> [..212.242.33.35][.5060] [SIP][VoIP][Acceptable]
update: [.....1] [ip4][..udp] [....192.168.1.2][.5060] -> [..212.242.33.35][.5060] [SIP][VoIP][Acceptable]
update: [.....1] [ip4][..udp] [....192.168.1.2][.5060] -> [..212.242.33.35][.5060] [SIP][VoIP][Acceptable]
DAEMON-EVENT: [Processed: 68 pkts][ZLib][compressions: 0|diff: 0 / 0]
DAEMON-EVENT: [Flows][active: 1 / 2|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 17]
update: [.....1] [ip4][..udp] [....192.168.1.2][.5060] -> [..212.242.33.35][.5060] [SIP][VoIP][Acceptable]
update: [.....1] [ip4][..udp] [....192.168.1.2][.5060] -> [..212.242.33.35][.5060] [SIP][VoIP][Acceptable]
update: [.....1] [ip4][..udp] [....192.168.1.2][.5060] -> [..212.242.33.35][.5060] [SIP][VoIP][Acceptable]
update: [.....1] [ip4][..udp] [....192.168.1.2][.5060] -> [..212.242.33.35][.5060] [SIP][VoIP][Acceptable]
new: [.....3] [ip4][..udp] [....192.168.1.2][30000] -> [..212.242.33.36][40392]
detected: [.....3] [ip4][..udp] [....192.168.1.2][30000] -> [..212.242.33.36][40392] [RTP][Media][Acceptable]
new: [.....4] [ip4][..udp] [....192.168.1.2][30001] -> [..212.242.33.36][40393]
detected: [.....4] [ip4][..udp] [....192.168.1.2][30001] -> [..212.242.33.36][40393] [RTCP][VoIP][Acceptable]
update: [.....1] [ip4][..udp] [....192.168.1.2][.5060] -> [..212.242.33.35][.5060] [SIP][VoIP][Acceptable]
update: [.....3] [ip4][..udp] [....192.168.1.2][30000] -> [..212.242.33.36][40392] [RTP][Media][Acceptable]
update: [.....4] [ip4][..udp] [....192.168.1.2][30001] -> [..212.242.33.36][40393] [RTCP][VoIP][Acceptable]
update: [.....1] [ip4][..udp] [....192.168.1.2][.5060] -> [..212.242.33.35][.5060] [SIP][VoIP][Acceptable]
idle: [.....1] [ip4][..udp] [....192.168.1.2][.5060] -> [..212.242.33.35][.5060] [SIP][VoIP][Acceptable]
idle: [.....3] [ip4][..udp] [....192.168.1.2][30000] -> [..212.242.33.36][40392] [RTP][Media][Acceptable]
idle: [.....4] [ip4][..udp] [....192.168.1.2][30001] -> [..212.242.33.36][40393] [RTCP][VoIP][Acceptable]
DAEMON-EVENT: shutdown
|