summaryrefslogtreecommitdiff
path: root/test/results/quic-34.pcap.out
blob: 863bda71a57a3e19f314ef347678282c26303636 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24

00458{"daemon_event_id":1,"daemon_event_name":"init","thread_id":0,"packet_id":0,"source":"quic-34.pcap","alias":"nDPId-test","max-flows-per-thread":2048,"max-idle-flows-per-thread":64,"tick-resolution":1000,"reader-thread-count":1,"flow-scan-interval":10000,"generic-max-idle-time":600000,"icmp-max-idle-time":120000,"udp-max-idle-time":180000,"tcp-max-idle-time":7560000,"max-packets-per-flow-to-send":3,"max-packets-per-flow-to-process":32,"global_ts_msec":0}
00544{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":1,"source":"quic-34.pcap","alias":"nDPId-test","packets-captured":1,"packets-processed":0,"total-skipped-flows":0,"total-l4-data-len":0,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":0,"total-detection-updates":0,"total-updates":0,"current-active-flows":0,"total-active-flows":0,"total-idle-flows":0,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2,"global_ts_msec":1646827637244}
00588{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1,"source":"quic-34.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_packets_processed":1,"flow_first_seen":1646827637244,"flow_last_seen":1646827637244,"flow_idle_time":180000,"flow_min_l4_payload_len":1252,"flow_max_l4_payload_len":1252,"flow_tot_l4_payload_len":1252,"flow_avg_l4_payload_len":1252,"midstream":0,"thread_ts_msec":1646827637244,"l3_proto":"ip4","src_ip":"192.168.56.1","dst_ip":"192.168.56.198","src_port":55880,"dst_port":4443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3}
02137{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1,"source":"quic-34.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":1,"flow_last_seen":1646827637244,"flow_idle_time":180000,"pkt_oversize":false,"pkt_caplen":1294,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1294,"pkt_l4_len":1260,"thread_ts_msec":1646827637244,"pkt":"CAAnfrFjCgAnAAAACABFAgUATWVAAEAR9m3AqDgBwKg4xtpIEVsE7ChNxv8AACIIoSj95jI1XLcIjUy3QAcovkkARMqtPUg7uXRSK4kMXX53Es5onLzxtRemVGyuMExaFbMut6vDuqB2U\/DpzOfUlq0FvRt9rUJpjW6yDtUJ\/70ztz+CDYIV8VpKhQLQtYfPD3mmkKn2FxkrrQO4KafazVucb4cvV7T4N0u43AnJcMtc4d\/GXnMaac4VfAlfHe4y11Dgg0O+0aKijzEWoPXxyRR4t51aC7Nkbv\/0J5dgWKDBQk9w37dytb5zwjbfQHpRVluNBzZHs5I4DMZ\/JnNB+PrUyuyBmXrp0gR2XnwVjzQ3flNPFgcQgu2\/JTVF0L13Ckxt\/+QZlc9B3wBoysEquMpFluVCxlhpsJNoFK7jPg3r2c+uxRQG0p8pcZpnvTksWL+f8WqFT5coLPPdZlZwBn02RKfGTA+uAZ0LaE0O1ka34WEpgqpoVc8fayaTadrjLyO\/JlS+dq\/Kdd3y9KPe38jjexcirOrW1+qlPzhwIx8piSprhOCyEQY2+fljrQNCpUoPKvzdasj+8Y\/vgOi4aANXTAspd+NPZCshlwQpGBYQdC7CEZbf5QlwUnySFyecnPIsokfcy7EJCJxGVFXATop39f5agqqDgJBBxbV7Vy06FK1qkx\/0u8uhGfVjqVKRKmprwi9X1kSSqhXt2GH8bZxjiM01oC4BQV78N199Rg9tYJupRv8l6yvhDS9rct08zWWNVxr58lebQUaKNYadQRmZaFtRmnN0sxjkvcxweUxbZooL7E4GGIqIljR4ZhLlzlK3E7B66OJGtQAC7VyR46GafnwhTxp3HrOyLyoZp0Rw7xcWItz9Tv6lT2BoA4Y0DSNY9olTp+DPyrMnUG0vqRxzRhJ8374jg6MVKZMEa\/87MY2irhA8kK8hZoC3M19FTaOnneltuWAhMrf+Q8t8BAlD7kUkH6oHx9vkYnEZiK9+\/sfx6Qq8taGMG\/mcWDWaYEb3NXAZqmf41FHteU\/OwdmlZSqoqDS5DlVhB2wq7tLwmLKxoxTkhjVXaunTU\/kfczBDm1AwklxFw3Hw5J5l+LHrwOolcProF6qLDBkbDOvOptyE1ll3vB0t4SH06Wr36sHzRz1uCQR21A9SHZvKyJK\/SCg1uApsLqdmJZ1f\/+1id8zTEwjq1qmsHED38lQ4CrlbWfoLvOR3f3s\/z\/QkitvfGtHhVZt0j0WepakKe07\/NGHX1V0dM0mTgqZKJh2Io3kvFvctAo6sUjbANXF0S8wxlOujZbFzW1LOki1CXDYWdPlq+SJtyeBxUEDNzFZ71VrbnwsnJNOpHvvMzPqdRV+ndVLZfpyQXSEsFc65QVoQNOu0MGerIkZa7wLe0y4mX0pnI8L\/R\/y1JTawqiJeeUx8r1l44ku\/g3ZE2uSVEJxuuTdY8TSHXRMxr7nqZuOWpvSIaUcGS3Q1TZnsiOTFYcvBWzEbQ72OmSRWUJzCCABBzidjiDpGWzPkhe8\/ROyjlc\/5TRQg67rXC2fAj53uXQRWw3a6jszT4xodZsJKooKIos5G3CpYzzQSJCrtOeOr5\/ce4c+q3Hx2rzKhdgv5WRhVAr2UV23TNUJd0OkmVeoZzs9v+FDb0PtPPYVDKHvjJqHAzOy1dUyjTbdc+UjRQ\/Xh3vEMPhsnnFc+0+ln6b2hntZL0z9eF8yMJK4KNw=="}
01173{"flow_event_id":6,"flow_event_name":"detected","thread_id":0,"packet_id":1,"source":"quic-34.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_packets_processed":1,"flow_first_seen":1646827637244,"flow_last_seen":1646827637244,"flow_idle_time":180000,"flow_min_l4_payload_len":1252,"flow_max_l4_payload_len":1252,"flow_tot_l4_payload_len":1252,"flow_avg_l4_payload_len":1252,"midstream":0,"thread_ts_msec":1646827637244,"l3_proto":"ip4","src_ip":"192.168.56.1","dst_ip":"192.168.56.198","src_port":55880,"dst_port":4443,"l4_proto":"udp","ndpi": {"flow_risk": {"5": {"risk":"Known Protocol on Non Standard Port","severity":"Medium","risk_score": {"total":260,"client":230,"server":30}},"24": {"risk":"Missing SNI TLS Extension","severity":"Medium","risk_score": {"total":500,"client":350,"server":150}}},"confidence": {"4":"DPI"},"proto":"QUIC","breed":"Acceptable","category":"Web"},"quic": {"version":"TLSv1.3","alpn":"h3-34,hq-34,h3-33,hq-33,h3-32,hq-32,h3-31,hq-31,h3-29,hq-29,h3-30,hq-30,h3-28,hq-28,h3-27,hq-27,h3,hq-interop","ja3":"0299b052ace53a14c3a04aceb5efd247","tls_supported_versions":"TLSv1.3,TLSv1.3 (draft),TLSv1.3 (draft),TLSv1.3 (draft)"}}
02137{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2,"source":"quic-34.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":2,"flow_last_seen":1646827637247,"flow_idle_time":180000,"pkt_oversize":false,"pkt_caplen":1294,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1294,"pkt_l4_len":1260,"thread_ts_msec":1646827637247,"pkt":"CgAnAAAACAAnfrFjCABFAgUAqq4AAEAR2STAqDjGwKg4ARFb2kgE7EgDif8AACIIjUy3QAcovkkIkbyxu2YmbzcAQJwuFyenENUqJ+JAUUd0pzPM6YfLXJbr4Ls6WaBQnpeEVYscLYmqST86NZIZE4bUhuMV7nVVeeqYe8GuuwtatPAGGTW6q7p5GlzaMgwDpbi8BdNdLtW13Hqdt9WnjpqVBlTPXGjJKFNPYUL1p5wtvsDZQ4TlC3npqKXhES1sS6J094lDKZtXU+v7T8eCFSNuI7Td4nHjGGqNqUKgJSus\/wAAIgiNTLdAByi+SQiRvLG7ZiZvN0QVSPjoxHY6BY1VSgy5etewIoW+11THSEpbinUyFsFkXsGASC8punYhUcJKCOC4rBIzaCstKMtMJHeFT+sUXNNib04LBnzYQKYceojlYPsGe5Ro3OtptLvx4kbgnpc62cqQ1nxvDHT\/fJKWJpgJvoU08oiVUiGs3B1bAvXl\/Wd+wkAF\/wAEMtHf7gZ1kaIq4RaPvn5a9A7UzqeEBuYGDShEpWXMe8q8vuDy24QsQNetariaa4kyNHYl4QdNhygXx\/G6ImAU3U1WThFZHC7AGd0gIgLIGzJf\/9m58rpSdM8Ie6D0sH7LUz+QS+Z4XNqqQcfZPaTaAVOFR6VUyiMeaj3F8bkj\/3MFBH1Z7mXRy8N0qVksEG1OlaU1eLaFjqcM9ZlnatIXhDVNsU98jz1VfTd5sFlnZuyyy7JoZ94aXeRH\/zazdoWlaXePukQ+pl9yYFQPdkgJYi+xKQurw0sw\/SIjNt6qV1Kt0\/FKxwfio1WQ7xlNXzsikFbr81oDdnzQYE6rGMYuxy0RnbfRhLVdsGTc9\/tp7zhIS4DV21JLjrv9UwKPcwJ4JD\/1Rxmkn3Jgw\/xQKXSa6JKSiLv0t\/weF0kbZssWUTcVDcUkDhsJSAH0njJoT2cFwm4lWcM5\/27nvncmYaxDvQXBfFPVW+m3Kwufpk8Xq\/eZbeo\/gSSLUYZOuQu+1ySiHDi5lLzsrpugFKrtUw8ayavMdKrm7oT2ZHXYsRczEGy\/6j7hln+rc24EWxZc0x2eirzNMVxjgu\/0CooTXqD4vghqN1FykIiDm0ZniCVUNexnbGWB7jTgFGcio0\/OnikmQ4dYt56aiM9sIGNcOvsTnFVh+cqJS5HY98vC1U2OBDew6qoIOHDQ21GKLwwRZV1T6U5f6o+37jaPoC1trLLadI2tORnFYqRZm7glwbD9lNFVr+PbofAndUgCf6Zk2CDaE686Awtk3d4hYhQQ3WNznovhVpr8uhbkmAY+WL7y023sNxtRIBnWlXFZPHQuiB37VW1mvmc13p6ljSnKt94wjvyH1FOprPa3tga3zWcYEvWdg5Xqw1ju7gmEzi+VGOvWFAXTzHEhgyFz4BPL84om6p0ALU6sMz8ZdCVqy3kojlACSWsh5\/A6tV3eZJDcnfn7IV6RS+dpvmNwYoFMJn6YSfH1ddeM9mWwCcbnxFV4aWagX1z8fcqVLI6IMYAb37L0\/zdSO2uZe\/h4kSA2SLJTWfPj+TnqT2qI8MlPDZYgXs2XiIdxOOzSUnZDmRgGIMADHBZPrEl6WERC1eVKU\/qCzCib8\/Q0YyKXEfqbm+ia9lXh1\/rbg1B\/\/CXdzCHVzZc3ir8TnofN+5SG6M6PapINQPVY7HwnTlqNqDNVMVGtlLYsPe7LMJnAoGEI2aKSrQZRaA=="}
01412{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3,"source":"quic-34.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":3,"flow_last_seen":1646827637247,"flow_idle_time":180000,"pkt_oversize":false,"pkt_caplen":766,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":766,"pkt_l4_len":732,"thread_ts_msec":1646827637247,"pkt":"CgAnAAAACAAnfrFjCABFAgLwqq8AAEAR2zPAqDjGwKg4ARFb2kgC3Huyr\/8AACIIjUy3QAcovkkIkbyxu2YmbzdBBIfexsm7espBXzGKaZrAS7pggZDUUIfbdQ\/09SYdxmJiPOboVA5GNyIN0WKEZEb2ChDB1GilmJgW7Qp24EMucpJ8B17AVuDTPfEx7nyxUZnDxLnOV1NZxSPDEwEtlJluh20qRikrub3PX5DmXIcRaHLRejZJ9hsaCYWsq6n5Gfas0GF7MLGzHn117Y0pGUO2eqVFiwenMssI9+ug1E1aDiNVvZMQKSFdyDe9LiLFeCdes2+kAlg73TsTCPbewTMdEgVZBgLZaqO0un1mix5Qt6BKTBkVA8VSZ95v+EfSMYEwA9xZi0jAFqqTGyp+ZP95tU0r4nGCl85tIQDBKXfcBXQge764C41Mt0AHKL5JAwe7F8jwhPqhtghmuHu5o5uyPLm0TwLbmCTREzsDZ3DsGt5qVRU9QIvOhWBrh4V4uljh\/BtTxVptxRkCktu+NWT04G8qsIYXDgRKJUfYMbGUdCKTsE7gC0FAzqopaBfgolmLGZhX7ZxOjTG5NpEGFq+sEmPjGPlDauhq8NTECzVYfToMEehRp8C3bVLHR8m\/W+k90FLQ1TlaEbOqjuZyM\/9ouIFSCmQMPUymc3wxlPi0V28D1yaErAIjX4TP0GolGAZO78ybzC72YMWFqgmnosw3ju1DxFOnMm4S5978OZU\/wmbSWd91srzQp2fOyLvD3wvvNCgP73nEBs88atgYEK5VcrbDFNBrhyEvYixxRMTIqYTLkuWudZVMFEpbA6nhu6WPpaKYD3hORyKUUBLP\/t\/DIvXUYAsZ4s7fmfApFG7wJnzGak9JU7Tkzy0XAM9yEGedigZBltqQA4wPLvuXascBjTXzqxcRPwVbbiOpsQwIpMGnMJz4+XgHNI2WaH8iPl9H\/sYwWUugeEAk511PGx++JwUxDqTYxBlG36Eym55D9c1vN\/8RDw+9AAMguw=="}
00938{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":4,"source":"quic-34.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"finished","flow_packets_processed":4,"flow_first_seen":1646827637244,"flow_last_seen":1646827637247,"flow_idle_time":180000,"flow_min_l4_payload_len":724,"flow_max_l4_payload_len":1440,"flow_tot_l4_payload_len":4668,"flow_avg_l4_payload_len":1167,"midstream":0,"thread_ts_msec":1646827637247,"l3_proto":"ip4","src_ip":"192.168.56.1","dst_ip":"192.168.56.198","src_port":55880,"dst_port":4443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"5": {"risk":"Known Protocol on Non Standard Port","severity":"Medium","risk_score": {"total":260,"client":230,"server":30}},"24": {"risk":"Missing SNI TLS Extension","severity":"Medium","risk_score": {"total":500,"client":350,"server":150}}},"confidence": {"4":"DPI"},"proto":"QUIC","breed":"Acceptable","category":"Web"}}
00549{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":4,"source":"quic-34.pcap","alias":"nDPId-test","packets-captured":4,"packets-processed":4,"total-skipped-flows":0,"total-l4-data-len":4668,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":1,"total-detection-updates":0,"total-updates":0,"current-active-flows":0,"total-active-flows":1,"total-idle-flows":1,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":9,"global_ts_msec":1646827637247}
~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~
~~ packets captured/processed: 4/4
~~ skipped flows.............: 0
~~ total layer4 data length..: 4668 bytes
~~ total detected protocols..: 1
~~ total active/idle flows...: 1/1
~~ total timeout flows.......: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~ total memory allocated....: 5111201 bytes
~~ total memory freed........: 5111201 bytes
~~ total allocations/frees...: 113338/113338
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~ json string min len.......: 463 chars
~~ json string max len.......: 2142 chars
~~ json string avg len.......: 1288 chars
Powered by cgit, Themed by Ted Yin.