summaryrefslogtreecommitdiff
path: root/test/results/quic_frags_ch_in_multiple_packets.pcapng.out
blob: ff423d459ac37e21e60e7b134dcda99de98b4d3b (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25

00486{"daemon_event_id":1,"daemon_event_name":"init","thread_id":0,"packet_id":0,"source":"quic_frags_ch_in_multiple_packets.pcapng","alias":"nDPId-test","max-flows-per-thread":2048,"max-idle-flows-per-thread":64,"tick-resolution":1000,"reader-thread-count":1,"flow-scan-interval":10000,"generic-max-idle-time":600000,"icmp-max-idle-time":120000,"udp-max-idle-time":180000,"tcp-max-idle-time":7560000,"max-packets-per-flow-to-send":3,"max-packets-per-flow-to-process":32,"global_ts_msec":0}
00572{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":1,"source":"quic_frags_ch_in_multiple_packets.pcapng","alias":"nDPId-test","packets-captured":1,"packets-processed":0,"total-skipped-flows":0,"total-l4-data-len":0,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":0,"total-detection-updates":0,"total-updates":0,"current-active-flows":0,"total-active-flows":0,"total-idle-flows":0,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2,"global_ts_msec":1616775370814}
00596{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1,"source":"quic_frags_ch_in_multiple_packets.pcapng","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_packets_processed":1,"flow_first_seen":1616775370814,"flow_last_seen":1616775370814,"flow_idle_time":180000,"flow_min_l4_payload_len":1232,"flow_max_l4_payload_len":1232,"flow_tot_l4_payload_len":1232,"flow_avg_l4_payload_len":1232,"midstream":0,"thread_ts_msec":1616775370814,"l3_proto":"ip6","src_ip":"::1","dst_ip":"::1","src_port":58822,"dst_port":4443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3}
02168{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1,"source":"quic_frags_ch_in_multiple_packets.pcapng","alias":"nDPId-test","flow_id":1,"flow_packet_id":1,"flow_last_seen":1616775370814,"flow_idle_time":180000,"pkt_oversize":false,"pkt_caplen":1294,"pkt_type":34525,"pkt_l3_offset":14,"pkt_l4_offset":54,"pkt_len":1294,"pkt_l4_len":1240,"thread_ts_msec":1616775370814,"pkt":"AAAAAAAAAAAAAAAAht1gIK6gBNgRQAAAAAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAB5cYRWwTYBOvDAAAAAQjg6gfRBF\/f3whbtLKZy53KxABEtrnM4d\/0kI3t2T5FO3RTETvA3HGhmrbwnQma+SPYPn8iYYuHdKaQW8SovX0+V4dnPseYO+4VTSZldeifgT8VNQQB04ta3cEyZMDpKRtegW4dekko5HPUbEiidNmSQOuP3pH\/8SoL9x7tTBQzg2OL3UpCqjAnX16pFAdQ+V\/RbqJ1eyzWFdbwBQd2HuCx\/Ij151BRRI2Xn\/z+ADB4rVF4WDOutzm10O8sh2ssLFe2YyMKEeSFhkO2WxMcAatNA2lQ4qJXI32K2kygG4WC7Q8Bb0hTFMG\/mywEn7y4151OST4nZUDKvDlYcVWjuF+qTVspa\/iH7c2UuyPhpTYvIjH0QeZUxZzZhSTFej2LWwFlP2YFzpGwiJSwBaiLMY+5\/70DioAlmqyVC7SFNLAm4+7fUc\/CJsf0f8FDbPGjMEF4r4f5+0LVZH94Uy4Wd0tsSsAOmIxjxwMYhgLVVmrVt7TBRxZotLsMMAE5KgY4C37J7AKCvvh04vXJj1z3UQVYGJh48Z9j2DH62a8\/DQXS74cUeasgoXI\/\/fcqyqG\/+dEnkEyyQl9f50ViwTzUzqhBwr01HZapB8dBBIdSdOLcU\/xu7325B4gE6MbrZr6w6DY7ChrOgc2VWwoxehsZo41rWBZsOQNIyPzLv9J0BRip+w7GJmYxc+3ube6gxdaz9W+Sn43CsbRIQrhbCgHGaXLfLG33YcaU4X+6lhZpZDIRrpfHlieNk0E4HHfvmW6nTXkwcpHKUc\/LWt5+WouHWvxMn4x+ldQDvX1+1587CV3XMwwBZM2RazatEhHW1RJ3OT+xC3gie6tmmnMQduXseFmc+V2JaT5\/q6MRU\/TlwY0Rq7EtJ8+ZbzGXqIuu4jxCx9oMmi66z65uXw3qINNOeUxHXJycpAWw5De4VzaVR4lwygzKGqlnx4L3JUveIj+oObyh7F56NqTe5C4UVw0rXOK5vqDKafrSODvkieITTgx03B2pUNKW9RLu1PhtbXUZuY0giPngPfKgjMEWwbgah5IvyTnveaL6sEqf9jfr3kFrsy+GNW\/OyorkDnRpI8RofzGw1tLxiDlPgh1n9rHyR1pRdby9Bnf\/rDHEeTaxotP0WhApggHCHa\/yFJECzVqs9aS7i2yWDcJfS40AFynUP1UGKhJe\/uUxXih7qXtheQ7FXxIkAhVv3cPoCRA71Cfs2E\/Eey1fVKRW5lMJW9PriJc7GoWtyx70pOdZsK8HXiQEPiYKJaSioN0cr28BDrpMUfunJRWn8PiLmXUmTtuIMIbhFyGy+EQ6xhnD+A\/0hLJNWNHMXLu\/kfUBoupAJQTCcfsChogaeqgD6e5eSYCN5PT9+XpGN3+Gf4PxJfDsTjsRYy9pJctfaPC3hqhyOjQKfCx2rbpvgC9PMRVByJjtLJxGnkJUAuG3l6UFakUVvosZ+5M63lUcs39+r3quiDA5yu7NAJ8A\/i87lBxkG+y1mdyDXsaBDCfcK3ZxP\/soZcY4r+0QCaSKYxK3TnciTbuVT2emgJe6oE17JFaMKL\/+oNqA3ly+Sny53LHt3DnGVzfWQGnSJpT2w1xGiily9lTfAyLsd+fvmBtuH20lp8Prs7ZgVUIGMd\/pWSRV\/g=="}
00802{"flow_event_id":6,"flow_event_name":"detected","thread_id":0,"packet_id":1,"source":"quic_frags_ch_in_multiple_packets.pcapng","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_packets_processed":1,"flow_first_seen":1616775370814,"flow_last_seen":1616775370814,"flow_idle_time":180000,"flow_min_l4_payload_len":1232,"flow_max_l4_payload_len":1232,"flow_tot_l4_payload_len":1232,"flow_avg_l4_payload_len":1232,"midstream":0,"thread_ts_msec":1616775370814,"l3_proto":"ip6","src_ip":"::1","dst_ip":"::1","src_port":58822,"dst_port":4443,"l4_proto":"udp","ndpi": {"flow_risk": {"5": {"risk":"Known Protocol on Non Standard Port","severity":"Medium","risk_score": {"total":260,"client":230,"server":30}}},"confidence": {"4":"DPI"},"proto":"QUIC","breed":"Acceptable","category":"Web"},"quic": {}}
02181{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2,"source":"quic_frags_ch_in_multiple_packets.pcapng","alias":"nDPId-test","flow_id":1,"flow_packet_id":2,"flow_last_seen":1616775370814,"flow_idle_time":180000,"pkt_oversize":false,"pkt_caplen":1294,"pkt_type":34525,"pkt_l3_offset":14,"pkt_l4_offset":54,"pkt_len":1294,"pkt_l4_len":1240,"thread_ts_msec":1616775370814,"pkt":"AAAAAAAAAAAAAAAAht1gIK6gBNgRQAAAAAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAB5cYRWwTYBOvIAAAAAQjg6gfRBF\/f3whbtLKZy53KxABEtnQ\/+pwGuyRXXtCPS4nq7SX6grDxLfue\/EWjBDnFsaHC\/vCyPJupYn95B94uIc35RQAXJzdsabL2pMXT5Sg\/JFun6HAUw7sNlvetq5pdG5oKE3vK\/9SDzJXTzgevEg9XCLK53vmKKNkAp8pIPL5uP852yCxWDuffTSDh3jvmocyuqPyR7wKy2amWQmRTLcjhYY1mtN\/AJ7QgugkmRPkVO\/SoOHb8vfwVTlN5QBI31Pgn0V++7rQ\/hjHjrgDqH59C7UvU4Nu\/9qoDxnTOmBoHcK94LPoI1\/y4+hexZ8e1eBwahcRgYxrP7dWTWrR+JwPD9iUpUFvxo8SIgmgVWi\/abM6MNwKmYTCNLXo60x4HtaN\/BCJP7I1SX\/LShf0cye1Of1imuBKSreuS8hR5\/tpYaSzuPld82ydSmvszAQ0GryqOJ\/ZU+jrxR3Tt\/AaRw5XB7LAQ5igi24rk0VHa8niUCDbHqUASsZJvejkDDbY6MmPqlfYaICmikKWML4UMFuk7sfDyY0i\/p8vLuvuadwwdvnNfiwmeiSJzrvtn4jKJUdczJeqQoEAINkoOw1bVBZDJVR+EUBqhm7abaUZnOPU0klsCmtzptRhvGdjGICwe3xiagqEEKgFQwB\/\/vebz12DECZEBQUukhbsCExHpl8HueAXvKSAyA62DZTnPjBbFDRoGUnmsN1w6rv\/EkKmT98KOnW\/ka23T8HpQyGW03QC+qJdzK2gggcKfOwsz6hd9z3KPjD06UASEHqfcZ0u3Yb5\/MLumpY8Low4YAuz4j1rPsR+y\/EQkWeHaYLF\/80wJp9yb7\/2p+rbsZa7D\/Pz9wdYYj0cnrXYhrg9HYHuPZ9wKDfGS5vYIihZYRGMbEMbGcFgLdOANlbTrqep7qeYaIu5bs42rtv9xGYAL49yzxTkJJj7obpk0WDg3hmOo0G0GKuMN5D3DLsd6CAekttgc\/RyQGGWPf1OdBrGOZ886sVlSYfVI53O8wLp1YwCY1QmFzdPpSevtizJ2XYvFJ+Yw3zir1qwBxD4bhntoDg+aEGwqIyiNyXgHCI13JOQpJXthbpRAj68Wk4NuVBdRmms6tJsRF69JML\/Y+B\/BUH3oVmSCNLicSWHjivNwSDG\/d7QepAS1wNYGwNmTzWQ\/PCj5j9Cdw66mm6RDZWarxDm\/oSk9NEMFrY7xKK7IeubvrPWd6WDDdJ9Bovp5NzhHiKuwVSSx\/d0e1A6bU1Fi5dfUEcrY4mCVrLQtrrzL\/UquhZSdn1pyiOy0MI0Y\/bnbB4K6J04rXZ6nEtp1EU\/NkSSyz++QGuwa8v++mBZgyRRdHXky\/yOSrTGxbmNikQP\/BXOaO3nlrxeU7SquOho6ofMGkAD9m9nnD04JBpXDbsymnBuGkTUgApPRp+NHNg+aAhwX0QXv21nT1GOJGkgZ\/kOk29raa5UerzxHP43\/ZNnwqcVGS2ek0xFdawyoi7pyvj0GVa4CngTmUuJHLHSgXXYFgoXLIzPy5xMdEYkZFlxKRT4P6vvGmfHBlL7ZZl80WmHAnvVLA4inP9N6NQ6gpEuafQMHiBC8RZ7r7p\/7NgSW8\/N+dUhCD7Bp0uOQmBUbYktydmi2FFhvERfbJQ=="}
01189{"flow_event_id":7,"flow_event_name":"detection-update","thread_id":0,"packet_id":2,"source":"quic_frags_ch_in_multiple_packets.pcapng","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_packets_processed":2,"flow_first_seen":1616775370814,"flow_last_seen":1616775370814,"flow_idle_time":180000,"flow_min_l4_payload_len":1232,"flow_max_l4_payload_len":1232,"flow_tot_l4_payload_len":2464,"flow_avg_l4_payload_len":1232,"midstream":0,"thread_ts_msec":1616775370814,"l3_proto":"ip6","src_ip":"::1","dst_ip":"::1","src_port":58822,"dst_port":4443,"l4_proto":"udp","ndpi": {"flow_risk": {"5": {"risk":"Known Protocol on Non Standard Port","severity":"Medium","risk_score": {"total":260,"client":230,"server":30}},"24": {"risk":"Missing SNI TLS Extension","severity":"Medium","risk_score": {"total":500,"client":350,"server":150}}},"confidence": {"4":"DPI"},"proto":"QUIC","breed":"Acceptable","category":"Web"},"quic": {"version":"TLSv1.3","alpn":"h3-34,hq-34,h3-33,hq-33,h3-32,hq-32,h3-31,hq-31,h3-29,hq-29,h3-30,hq-30,h3-28,hq-28,h3-27,hq-27,h3,hq-interop","ja3":"0299b052ace53a14c3a04aceb5efd247","tls_supported_versions":"TLSv1.3,TLSv1.3 (draft),TLSv1.3 (draft),TLSv1.3 (draft)"}}
00562{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3,"source":"quic_frags_ch_in_multiple_packets.pcapng","alias":"nDPId-test","flow_id":1,"flow_packet_id":3,"flow_last_seen":1616775370815,"flow_idle_time":180000,"pkt_oversize":false,"pkt_caplen":116,"pkt_type":34525,"pkt_l3_offset":14,"pkt_l4_offset":54,"pkt_len":116,"pkt_l4_len":62,"thread_ts_msec":1616775370815,"pkt":"AAAAAAAAAAAAAAAAht1gJDKmAD4RQAAAAAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAABEVvlxgA+AFHEAAAAAQhbtLKZy53KxAjsAiiM0e27twBAHLMBaZzti3E68kx9gE3ZXKGXRNRnGzCRKG8UNXw="}
00944{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":4,"source":"quic_frags_ch_in_multiple_packets.pcapng","alias":"nDPId-test","flow_id":1,"flow_state":"finished","flow_packets_processed":4,"flow_first_seen":1616775370814,"flow_last_seen":1616775370828,"flow_idle_time":180000,"flow_min_l4_payload_len":54,"flow_max_l4_payload_len":1232,"flow_tot_l4_payload_len":3750,"flow_avg_l4_payload_len":937,"midstream":0,"thread_ts_msec":1616775370828,"l3_proto":"ip6","src_ip":"::1","dst_ip":"::1","src_port":58822,"dst_port":4443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"5": {"risk":"Known Protocol on Non Standard Port","severity":"Medium","risk_score": {"total":260,"client":230,"server":30}},"24": {"risk":"Missing SNI TLS Extension","severity":"Medium","risk_score": {"total":500,"client":350,"server":150}}},"confidence": {"4":"DPI"},"proto":"QUIC","breed":"Acceptable","category":"Web"}}
00578{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":4,"source":"quic_frags_ch_in_multiple_packets.pcapng","alias":"nDPId-test","packets-captured":4,"packets-processed":4,"total-skipped-flows":0,"total-l4-data-len":3750,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":1,"total-detection-updates":1,"total-updates":0,"current-active-flows":0,"total-active-flows":1,"total-idle-flows":1,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":10,"global_ts_msec":1616775370828}
~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~
~~ packets captured/processed: 4/4
~~ skipped flows.............: 0
~~ total layer4 data length..: 3750 bytes
~~ total detected protocols..: 1
~~ total active/idle flows...: 1/1
~~ total timeout flows.......: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~ total memory allocated....: 5125839 bytes
~~ total memory freed........: 5125839 bytes
~~ total allocations/frees...: 113359/113359
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~ json string min len.......: 491 chars
~~ json string max len.......: 2186 chars
~~ json string avg len.......: 1331 chars
Powered by cgit, Themed by Ted Yin.