summaryrefslogtreecommitdiff
path: root/test/results/threema.pcap.out
blob: 3f5f6f709a3bad50964f54b34f537c6d67b7d3ca (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57

00458{"daemon_event_id":1,"daemon_event_name":"init","thread_id":0,"packet_id":0,"source":"threema.pcap","alias":"nDPId-test","max-flows-per-thread":2048,"max-idle-flows-per-thread":64,"tick-resolution":1000,"reader-thread-count":1,"flow-scan-interval":10000,"generic-max-idle-time":600000,"icmp-max-idle-time":120000,"udp-max-idle-time":180000,"tcp-max-idle-time":7560000,"max-packets-per-flow-to-send":3,"max-packets-per-flow-to-process":32,"global_ts_msec":0}
00547{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":1,"source":"threema.pcap","alias":"nDPId-test","packets-captured":1,"packets-processed":0,"total-skipped-flows":0,"total-l4-payload-len":0,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":0,"total-detection-updates":0,"total-updates":0,"current-active-flows":0,"total-active-flows":0,"total-idle-flows":0,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2,"global_ts_msec":1655301424082}
00585{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1,"source":"threema.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1655301424082,"flow_last_seen":1655301424082,"flow_idle_time":7580000,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":0,"flow_tot_l4_payload_len":0,"midstream":0,"thread_ts_msec":1655301424082,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"185.88.236.110","src_port":50298,"dst_port":5222,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3}
00478{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1,"source":"threema.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":1,"flow_last_seen":1655301424082,"flow_idle_time":7580000,"pkt_oversize":false,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_msec":1655301424082,"pkt":"eJS0JASgYDjgxTWgCABFAAA8sOJAAD8GIgbAqAJkuVjsbsR6FGaFcI59AAAAAKAC\/\/+zrwAAAgQFtAQCCAoADj6fAAAAAAEDAwg="}
00479{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2,"source":"threema.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":2,"flow_last_seen":1655301424108,"flow_idle_time":7580000,"pkt_oversize":false,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_msec":1655301424108,"pkt":"YDjgxTWgeJS0JASgCABFAAA8AABAADgG2ei5WOxuwKgCZBRmxHpp4+23hXCOfqAS\/\/9\/CwAAAgQFrAEDAwYEAggK7ZTvbAAOPp8="}
00464{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3,"source":"threema.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":3,"flow_last_seen":1655301424111,"flow_idle_time":7580000,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_msec":1655301424111,"pkt":"eJS0JASgYDjgxTWgCABFAAA0sONAAD8GIg3AqAJkuVjsbsR6FGaFcI5+aePtuIAQAVescAAAAQEICgAOPqbtlO9s"}
00649{"flow_event_id":6,"flow_event_name":"detected","thread_id":0,"packet_id":10,"source":"threema.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":7,"flow_dst_packets_processed":3,"flow_first_seen":1655301424082,"flow_last_seen":1655301470737,"flow_idle_time":7580000,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":444,"flow_tot_l4_payload_len":817,"midstream":0,"thread_ts_msec":1655301470737,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"185.88.236.110","src_port":50298,"dst_port":5222,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"Threema","breed":"Acceptable","category":"Chat"}}
00586{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":16,"source":"threema.pcap","alias":"nDPId-test","flow_id":2,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1655301591783,"flow_last_seen":1655301591783,"flow_idle_time":7580000,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":0,"flow_tot_l4_payload_len":0,"midstream":0,"thread_ts_msec":1655301591783,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"185.88.236.110","src_port":50484,"dst_port":5222,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3}
00479{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":16,"source":"threema.pcap","alias":"nDPId-test","flow_id":2,"flow_packet_id":1,"flow_last_seen":1655301591783,"flow_idle_time":7580000,"pkt_oversize":false,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_msec":1655301591783,"pkt":"eJS0JASgYDjgxTWgCABFAAA89dRAAD8G3RPAqAJkuVjsbsU0FGbdvRewAAAAAKAC\/\/8tsAAAAgQFtAQCCAoADuJkAAAAAAEDAwg="}
00481{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":17,"source":"threema.pcap","alias":"nDPId-test","flow_id":2,"flow_packet_id":2,"flow_last_seen":1655301591807,"flow_idle_time":7580000,"pkt_oversize":false,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_msec":1655301591807,"pkt":"YDjgxTWgeJS0JASgCABFAAA8AABAADgG2ei5WOxuwKgCZBRmxTS\/ZrJg3b0XsaAS\/\/\/aLAAAAgQFrAEDAwYEAggKjwRSsAAO4mQ="}
00465{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":18,"source":"threema.pcap","alias":"nDPId-test","flow_id":2,"flow_packet_id":3,"flow_last_seen":1655301591810,"flow_idle_time":7580000,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_msec":1655301591810,"pkt":"eJS0JASgYDjgxTWgCABFAAA09dVAAD8G3RrAqAJkuVjsbsU0FGbdvRexv2ayYYAQAVcHkgAAAQEICgAO4muPBFKw"}
00649{"flow_event_id":6,"flow_event_name":"detected","thread_id":0,"packet_id":25,"source":"threema.pcap","alias":"nDPId-test","flow_id":2,"flow_state":"info","flow_src_packets_processed":7,"flow_dst_packets_processed":3,"flow_first_seen":1655301591783,"flow_last_seen":1655301594185,"flow_idle_time":7580000,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":468,"flow_tot_l4_payload_len":825,"midstream":0,"thread_ts_msec":1655301594185,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"185.88.236.110","src_port":50484,"dst_port":5222,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"Threema","breed":"Acceptable","category":"Chat"}}
00586{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":31,"source":"threema.pcap","alias":"nDPId-test","flow_id":3,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1655301676958,"flow_last_seen":1655301676958,"flow_idle_time":7580000,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":0,"flow_tot_l4_payload_len":0,"midstream":0,"thread_ts_msec":1655301676958,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"185.88.236.110","src_port":50500,"dst_port":5222,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3}
00479{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":31,"source":"threema.pcap","alias":"nDPId-test","flow_id":3,"flow_packet_id":1,"flow_last_seen":1655301676958,"flow_idle_time":7580000,"pkt_oversize":false,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_msec":1655301676958,"pkt":"eJS0JASgYDjgxTWgCABFAAA8OhtAAD8GmM3AqAJkuVjsbsVEFGa+1hz1AAAAAKAC\/\/8CuAAAAgQFtAQCCAoADybuAAAAAAEDAwg="}
00479{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":32,"source":"threema.pcap","alias":"nDPId-test","flow_id":3,"flow_packet_id":2,"flow_last_seen":1655301676985,"flow_idle_time":7580000,"pkt_oversize":false,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_msec":1655301676985,"pkt":"YDjgxTWgeJS0JASgCABFAAA8AABAADgG2ei5WOxuwKgCZBRmxUQ+t0LhvtYc9qAS\/\/88cwAAAgQFrAEDAwYEAggKDbs26gAPJu4="}
00465{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":33,"source":"threema.pcap","alias":"nDPId-test","flow_id":3,"flow_packet_id":3,"flow_last_seen":1655301676988,"flow_idle_time":7580000,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_msec":1655301676988,"pkt":"eJS0JASgYDjgxTWgCABFAAA0OhxAAD8GmNTAqAJkuVjsbsVEFGa+1hz2PrdC4oAQAVdp2AAAAQEICgAPJvUNuzbq"}
00649{"flow_event_id":6,"flow_event_name":"detected","thread_id":0,"packet_id":40,"source":"threema.pcap","alias":"nDPId-test","flow_id":3,"flow_state":"info","flow_src_packets_processed":7,"flow_dst_packets_processed":3,"flow_first_seen":1655301676958,"flow_last_seen":1655301678700,"flow_idle_time":7580000,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":324,"flow_tot_l4_payload_len":681,"midstream":0,"thread_ts_msec":1655301678700,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"185.88.236.110","src_port":50500,"dst_port":5222,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"Threema","breed":"Acceptable","category":"Chat"}}
00554{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":43,"source":"threema.pcap","alias":"nDPId-test","packets-captured":43,"packets-processed":42,"total-skipped-flows":0,"total-l4-payload-len":4306,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":3,"total-detection-updates":0,"total-updates":0,"current-active-flows":3,"total-active-flows":3,"total-idle-flows":0,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":18,"global_ts_msec":1655304039977}
00586{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":43,"source":"threema.pcap","alias":"nDPId-test","flow_id":4,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1655304039977,"flow_last_seen":1655304039977,"flow_idle_time":7580000,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":0,"flow_tot_l4_payload_len":0,"midstream":0,"thread_ts_msec":1655304039977,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"185.88.236.110","src_port":50618,"dst_port":5222,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3}
00481{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":43,"source":"threema.pcap","alias":"nDPId-test","flow_id":4,"flow_packet_id":1,"flow_last_seen":1655304039977,"flow_idle_time":7580000,"pkt_oversize":false,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_msec":1655304039977,"pkt":"eJS0JASgYDjgxTWgCABFAAA8D\/ZAAD8GwvLAqAJkuVjsbsW6FGZ91skoAAAAAKAC\/\/\/3HAAAAgQFtAQCCAoAEMbeAAAAAAEDAwg="}
00479{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":44,"source":"threema.pcap","alias":"nDPId-test","flow_id":4,"flow_packet_id":2,"flow_last_seen":1655304040001,"flow_idle_time":7580000,"pkt_oversize":false,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_msec":1655304040001,"pkt":"YDjgxTWgeJS0JASgCABFAAA8AABAADgG2ei5WOxuwKgCZBRmxbp03BGqfdbJKaAS\/\/+2UQAAAgQFrAEDAwYEAggKO2t+0gAQxt4="}
00466{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":45,"source":"threema.pcap","alias":"nDPId-test","flow_id":4,"flow_packet_id":3,"flow_last_seen":1655304040004,"flow_idle_time":7580000,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_msec":1655304040004,"pkt":"eJS0JASgYDjgxTWgCABFAAA0D\/dAAD8GwvnAqAJkuVjsbsW6FGZ91skpdNwRq4AQAVfjtgAAAQEICgAQxuU7a37S"}
00649{"flow_event_id":6,"flow_event_name":"detected","thread_id":0,"packet_id":52,"source":"threema.pcap","alias":"nDPId-test","flow_id":4,"flow_state":"info","flow_src_packets_processed":7,"flow_dst_packets_processed":3,"flow_first_seen":1655304039977,"flow_last_seen":1655304040312,"flow_idle_time":7580000,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":595,"flow_tot_l4_payload_len":952,"midstream":0,"thread_ts_msec":1655304040312,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"185.88.236.110","src_port":50618,"dst_port":5222,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"Threema","breed":"Acceptable","category":"Chat"}}
00687{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":58,"source":"threema.pcap","alias":"nDPId-test","flow_id":3,"flow_state":"finished","flow_src_packets_processed":8,"flow_dst_packets_processed":4,"flow_first_seen":1655301676958,"flow_last_seen":1655301738438,"flow_idle_time":7580000,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":324,"flow_tot_l4_payload_len":681,"midstream":0,"thread_ts_msec":1655304045367,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"185.88.236.110","src_port":50500,"dst_port":5222,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"Threema","breed":"Acceptable","category":"Chat"}}
00554{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":58,"source":"threema.pcap","alias":"nDPId-test","packets-captured":58,"packets-processed":57,"total-skipped-flows":0,"total-l4-payload-len":5258,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":4,"total-detection-updates":0,"total-updates":0,"current-active-flows":3,"total-active-flows":4,"total-idle-flows":1,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":25,"global_ts_msec":1655306704436}
00586{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":58,"source":"threema.pcap","alias":"nDPId-test","flow_id":5,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1655306704436,"flow_last_seen":1655306704436,"flow_idle_time":7580000,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":0,"flow_tot_l4_payload_len":0,"midstream":0,"thread_ts_msec":1655306704436,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"185.88.236.110","src_port":50718,"dst_port":5222,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3}
00479{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":58,"source":"threema.pcap","alias":"nDPId-test","flow_id":5,"flow_packet_id":1,"flow_last_seen":1655306704436,"flow_idle_time":7580000,"pkt_oversize":false,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_msec":1655306704436,"pkt":"eJS0JASgYDjgxTWgCABFAAA8W4NAAD8Gd2XAqAJkuVjsbsYeFGbGZSToAAAAAKAC\/\/+Z2wAAAgQFtAQCCAoAEn9rAAAAAAEDAwg="}
00479{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":59,"source":"threema.pcap","alias":"nDPId-test","flow_id":5,"flow_packet_id":2,"flow_last_seen":1655306704460,"flow_idle_time":7580000,"pkt_oversize":false,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_msec":1655306704460,"pkt":"YDjgxTWgeJS0JASgCABFAAA8AABAADgG2ei5WOxuwKgCZBRmxh4tYXzzxmUk6aAS\/\/9+tQAAAgQFrAEDAwYEAggKd2P5ZgASf2s="}
00466{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":60,"source":"threema.pcap","alias":"nDPId-test","flow_id":5,"flow_packet_id":3,"flow_last_seen":1655306704463,"flow_idle_time":7580000,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_msec":1655306704463,"pkt":"eJS0JASgYDjgxTWgCABFAAA0W4RAAD8Gd2zAqAJkuVjsbsYeFGbGZSTpLWF89IAQAVesGwAAAQEICgASf3F3Y\/lm"}
00687{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":67,"source":"threema.pcap","alias":"nDPId-test","flow_id":4,"flow_state":"finished","flow_src_packets_processed":9,"flow_dst_packets_processed":6,"flow_first_seen":1655304039977,"flow_last_seen":1655304045367,"flow_idle_time":7580000,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":595,"flow_tot_l4_payload_len":952,"midstream":0,"thread_ts_msec":1655306704559,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"185.88.236.110","src_port":50618,"dst_port":5222,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"Threema","breed":"Acceptable","category":"Chat"}}
00554{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":71,"source":"threema.pcap","alias":"nDPId-test","packets-captured":71,"packets-processed":70,"total-skipped-flows":0,"total-l4-payload-len":5631,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":4,"total-detection-updates":0,"total-updates":0,"current-active-flows":3,"total-active-flows":5,"total-idle-flows":2,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":31,"global_ts_msec":1655307958972}
00586{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":71,"source":"threema.pcap","alias":"nDPId-test","flow_id":6,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1655307958972,"flow_last_seen":1655307958972,"flow_idle_time":7580000,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":0,"flow_tot_l4_payload_len":0,"midstream":0,"thread_ts_msec":1655307958972,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"185.88.236.110","src_port":50860,"dst_port":5222,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3}
00481{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":71,"source":"threema.pcap","alias":"nDPId-test","flow_id":6,"flow_packet_id":1,"flow_last_seen":1655307958972,"flow_idle_time":7580000,"pkt_oversize":false,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_msec":1655307958972,"pkt":"eJS0JASgYDjgxTWgCABFAAA80XZAAD8GAXLAqAJkuVjsbsasFGYhOI\/mAAAAAKAC\/\/\/0UwAAAgQFtAQCCAoAFl6QAAAAAAEDAwg="}
00481{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":72,"source":"threema.pcap","alias":"nDPId-test","flow_id":6,"flow_packet_id":2,"flow_last_seen":1655307958996,"flow_idle_time":7580000,"pkt_oversize":false,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_msec":1655307958996,"pkt":"YDjgxTWgeJS0JASgCABFAAA8AABAADgG2ei5WOxuwKgCZBRmxqxr+FC1ITiP56AS\/\/\/D1gAAAgQFrAEDAwYEAggK\/JV3MgAWXpA="}
00467{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":73,"source":"threema.pcap","alias":"nDPId-test","flow_id":6,"flow_packet_id":3,"flow_last_seen":1655307958999,"flow_idle_time":7580000,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_msec":1655307958999,"pkt":"eJS0JASgYDjgxTWgCABFAAA00XdAAD8GAXnAqAJkuVjsbsasFGYhOI\/na\/hQtoAQAVfxOwAAAQEICgAWXpf8lXcy"}
00656{"flow_event_id":5,"flow_event_name":"guessed","thread_id":0,"packet_id":80,"source":"threema.pcap","alias":"nDPId-test","flow_id":5,"flow_state":"info","flow_src_packets_processed":8,"flow_dst_packets_processed":5,"flow_first_seen":1655306704436,"flow_last_seen":1655306777863,"flow_idle_time":7580000,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":191,"flow_tot_l4_payload_len":373,"midstream":0,"thread_ts_msec":1655307959100,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"185.88.236.110","src_port":50718,"dst_port":5222,"l4_proto":"tcp","ndpi": {"confidence": {"2":"Match by IP"},"proto":"Threema","breed":"Acceptable","category":"Chat"}}
00590{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":80,"source":"threema.pcap","alias":"nDPId-test","flow_id":5,"flow_state":"info","flow_src_packets_processed":8,"flow_dst_packets_processed":5,"flow_first_seen":1655306704436,"flow_last_seen":1655306777863,"flow_idle_time":7580000,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":191,"flow_tot_l4_payload_len":373,"midstream":0,"thread_ts_msec":1655307959100,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"185.88.236.110","src_port":50718,"dst_port":5222,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3}
00690{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":83,"source":"threema.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"finished","flow_src_packets_processed":10,"flow_dst_packets_processed":5,"flow_first_seen":1655301424082,"flow_last_seen":1655301470813,"flow_idle_time":7580000,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":444,"flow_tot_l4_payload_len":1567,"midstream":0,"thread_ts_msec":1655308018973,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"185.88.236.110","src_port":50298,"dst_port":5222,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"Threema","breed":"Acceptable","category":"Chat"}}
00689{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":83,"source":"threema.pcap","alias":"nDPId-test","flow_id":2,"flow_state":"finished","flow_src_packets_processed":9,"flow_dst_packets_processed":6,"flow_first_seen":1655301591783,"flow_last_seen":1655301622013,"flow_idle_time":7580000,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":735,"flow_tot_l4_payload_len":2058,"midstream":0,"thread_ts_msec":1655308018973,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"185.88.236.110","src_port":50484,"dst_port":5222,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"Threema","breed":"Acceptable","category":"Chat"}}
00656{"flow_event_id":5,"flow_event_name":"guessed","thread_id":0,"packet_id":83,"source":"threema.pcap","alias":"nDPId-test","flow_id":6,"flow_state":"info","flow_src_packets_processed":8,"flow_dst_packets_processed":5,"flow_first_seen":1655307958972,"flow_last_seen":1655308018973,"flow_idle_time":7580000,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":191,"flow_tot_l4_payload_len":373,"midstream":0,"thread_ts_msec":1655308018973,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"185.88.236.110","src_port":50860,"dst_port":5222,"l4_proto":"tcp","ndpi": {"confidence": {"2":"Match by IP"},"proto":"Threema","breed":"Acceptable","category":"Chat"}}
00590{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":83,"source":"threema.pcap","alias":"nDPId-test","flow_id":6,"flow_state":"info","flow_src_packets_processed":8,"flow_dst_packets_processed":5,"flow_first_seen":1655307958972,"flow_last_seen":1655308018973,"flow_idle_time":7580000,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":191,"flow_tot_l4_payload_len":373,"midstream":0,"thread_ts_msec":1655308018973,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"185.88.236.110","src_port":50860,"dst_port":5222,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3}
00556{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":83,"source":"threema.pcap","alias":"nDPId-test","packets-captured":83,"packets-processed":83,"total-skipped-flows":0,"total-l4-payload-len":6004,"total-not-detected-flows":0,"total-guessed-flows":2,"total-detected-flows":4,"total-detection-updates":0,"total-updates":0,"current-active-flows":0,"total-active-flows":6,"total-idle-flows":6,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":42,"global_ts_msec":1655308018973}
~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~
~~ packets captured/processed: 83/83
~~ skipped flows.............: 0
~~ total layer4 data length..: 6004 bytes
~~ total detected protocols..: 4
~~ total active/idle flows...: 6/6
~~ total timeout flows.......: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~ total memory allocated....: 6023120 bytes
~~ total memory freed........: 6023120 bytes
~~ total allocations/frees...: 120985/120985
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~ json string min len.......: 463 chars
~~ json string max len.......: 695 chars
~~ json string avg len.......: 578 chars
Powered by cgit, Themed by Ted Yin.