summaryrefslogtreecommitdiff
path: root/test/results/tls_2_reasms.pcapng.out
blob: 9a0d447d3a5a1ddfd1f0ae2f9480e618013ddcc4 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25

00494{"daemon_event_id":1,"daemon_event_name":"init","thread_id":0,"packet_id":0,"source":"tls_2_reasms.pcapng","alias":"nDPId-test","max-flows-per-thread":2048,"max-idle-flows-per-thread":64,"reader-thread-count":1,"flow-scan-interval":10000000,"generic-max-idle-time":600000000,"icmp-max-idle-time":120000000,"udp-max-idle-time":180000000,"tcp-max-idle-time":3265032704,"max-packets-per-flow-to-send":3,"max-packets-per-flow-to-process":32,"max-packets-per-flow-to-analyse":32,"global_ts_usec":0}
00557{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":1,"source":"tls_2_reasms.pcapng","alias":"nDPId-test","packets-captured":1,"packets-processed":0,"total-skipped-flows":0,"total-l4-payload-len":0,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":0,"total-detection-updates":0,"total-updates":0,"current-active-flows":0,"total-active-flows":0,"total-idle-flows":0,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2,"global_ts_usec":1639052958270296}
00760{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1,"source":"tls_2_reasms.pcapng","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1639052958270296,"flow_src_last_pkt_time":1639052958270296,"flow_dst_last_pkt_time":1639052958270296,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1639052958270296,"l3_proto":"ip4","src_ip":"192.91.186.174","dst_ip":"25.137.80.32","src_port":443,"dst_port":38134,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3}
00544{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1,"source":"tls_2_reasms.pcapng","alias":"nDPId-test","flow_id":1,"flow_packet_id":1,"flow_src_last_pkt_time":1639052958270296,"flow_dst_last_pkt_time":1639052958270296,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1639052958270296,"pkt":"AAAAAAAAAAgAHsfjCABFAAA8AABAAFkGPQnAW7quGYlQIAG7lPYStl7aMwcmoaAS\/\/+mFwAAAgQFcAQCCAqXmyQsjJgTHgEDAwg="}
01076{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2,"source":"tls_2_reasms.pcapng","alias":"nDPId-test","flow_id":1,"flow_packet_id":2,"flow_src_last_pkt_time":1639052958270296,"flow_dst_last_pkt_time":1639052958421275,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":470,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":470,"pkt_l4_len":436,"thread_ts_usec":1639052958421275,"pkt":"AAAAAAAAAAQAaxhhCABFAAHI7AFAAD8GaXsZiVAgwFu6rpT2AbszByahErZe24AYAVd0fQAAAQEICoyYE\/2XmyQsFgMBAY8BAAGLAwMAlXJSyLbTWNrF02NSj28hHamky0L5wCYQnHUCL\/6z3iD5LhfBzVNFGwCCqzHgNKOymBfZ7K0vIQElpPRSPY852QAGEwETAhMDAQABPAArAAUEAwT7GgAKAAYABAAdABcAMwAmACQAHQAgECxpEscXa0pzp0dwcj2NsRSDz0wt8A5bNiy0soe+2RYADQAKAAgEAwUDBgMIBAAAABQAEgAAD2kuaW5zdGFncmFtLmNvbQAQABQAEgJoMgVoMi1mYghodHRwLzEuMQAtAAMCAQAAKgAAACkAsgCNAIeEDo4Sq5aYEoWVI9gb5X7lsbxoLQQbqHnFpnF8aI1WLwAAAADufwuTcgHc7lYZ8SVlha1U3Zkr0Vd9xmvbgpohpkFSNMLDIZ8FmR2pTMB4b2CxLJGFEpspmoijBCvKQSfpFOQOBLhObW1gKrl6AV8Y7rEcYgAxc577AZrXxt9LdTNXMRicjW5cSz1JACEgle78vT7B+RG\/cD3MjAcV8pXx7rRg8Vriehdr1EpDdxs="}
01121{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2,"source":"tls_2_reasms.pcapng","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1639052958270296,"flow_src_last_pkt_time":1639052958270296,"flow_dst_last_pkt_time":1639052958421275,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":404,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":404,"midstream":0,"thread_ts_usec":1639052958421275,"l3_proto":"ip4","src_ip":"192.91.186.174","dst_ip":"25.137.80.32","src_port":443,"dst_port":38134,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Instagram","proto_id":"91.211","encrypted":1,"breed":"Fun","category_id":6,"category":"SocialNetwork","hostname":"i.instagram.com","tls": {"version":"TLSv1.2","ja3":"44dab16d680ef93487bc16ad23b3ffb1","ja3s":"","unsafe_cipher":0,"cipher":"TLS_NULL_WITH_NULL_NULL","alpn":"h2,h2-fb,http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.3 (Fizz)"}}}
02364{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3,"source":"tls_2_reasms.pcapng","alias":"nDPId-test","flow_id":1,"flow_packet_id":3,"flow_src_last_pkt_time":1639052958270296,"flow_dst_last_pkt_time":1639052958436332,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":1414,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1414,"pkt_l4_len":1380,"thread_ts_usec":1639052958436332,"pkt":"AAAAAAAAAAQAaxhhCABFAAV47AJAAD8GZcoZiVAgwFu6rpT2AbszByg1ErZe24AQAVepZAAAAQEICoyYFAKXmyQsFAMDAAEBFwMDB1O1YvAjmAVvFYPaIz9rOWdMaG6+gx7Iqcu3ciBuQrL7wU6zVYSD2azoYGbl1kCIMEXgSIQDQ\/uKW3p++axDcf7O6xXEY9PnUcyYeZEoSBPJcHy\/kHoxV+BATYToX008kaB6yckdAEy8rCGzF9oWhDc9vIuadxTlf17oP6tHEM1VholXosfHCNm0IuiTMOZSNZyCOUwcS8y5Zr5NOEEmfj\/RQRrxAuWdtlkg4mTMEJAxEInXlWdtEyMHhzIViIZhHCJto\/WcWHy8S\/UwAjTmzUFzro2LhnAffuLyvY1Ia4Cgq0O0SXECLa0gpkerElFHOqANB0gRjKEcTGVdVwudVKtcyKJuLavDs7jhmNPiVZrU7Rr+LpHa+UbMRWLe9Od0e7uCURWI2udH8cobA1i2uTE4PC0vq\/c49tTe6m1Z64XBvIf5Y5ZtK5Azk5WARq6J5UcG7GMfN3rqLeXQZcsuyQBF2F4\/JXW7YZbVv6cv5jF8aOpJxliTwHdpcuzO+iuEDn\/hDjXRobfqGfc9c+oecKiE59ZYclMNc67j0Kc5N4JTEbiaw988SjsW\/Nd+8RMo1+q87OtvjtSIGN7qEA5L8Sbb+I0Z2ncJzEPIUYHALorxagYGfrtIDZtDN\/q7vfCPB3QjT5njGmmzlSqYpPaCR3Ui79E6K0FO+Dv495jFoAworuP4R7kpMSpCKmydSF\/NWiAptGPRjD4RJk8X0Sjgv01EZqTDsUK1lyxRxA5nwUxACFDiTaJ\/\/IG5IReccY0YjMbDlq9WvDpjVFlp1iqxzRUoF1lsfih3w9Bm1L5e1f2QLCz9CqVy5p7ixAjH+UGSJS3uol8WB\/4Y2RjILC5UFgvJHyhg+lgMuC5bQuDo420um\/ZIazWaPioGzFA1moJiQ6zfp5iSh\/gMVOAFMWulxj58w5jD5W41vtacLuH6rAaHW6hnGOyWEVpQJR0VdY\/dK\/ch+R\/vEWwAqQHvk0WZyOd2Mc73bhGmnbSwAJeiqrkIGivSeWGMygzhCMcdXj92wOeorl5iiyRG2RB7i4uAz09YI+ZO\/3zQ10aUKwiXePbkhzOyWRlMTnsyXHvm3yluSfYMYjQVxAG0bsEIJc+iBkakJClFruqIMzdU+FwLPlzK7UMX1ddJFgMnURlTMSo40rTETmPiRxqBCIz9kL6HQjPsD0vQMWQ1IR2ugdMM+OGoGPbVTfnp2pi0EBuOBbWxeJ494BT60CtOgkfHM8oOT36\/i+H6wplklBFpReKeNG821t0cc4iBiXiI9IqWa6C9ZGD1sZ1f7NDLzfGMchhGIW+\/Aj4gQxnr+rNjFr5DbP4ERmjlhCa+PvBjn5UHOy\/PYrlxIsvfO7072\/itk0ywNjyLXfsQcHEfSqV81O9NUP33dUoQPSA1Gc6nSrYIa0ysYqhg5LJu\/bQG4cGD+E9h6fdmOkmWaZjArX3F7bag30oGMFWKWs4GGdTZxQg0Eyy+ChnFBtEO+VzpK+2RcLvPcIg\/nlicthUP8MljQOvTQ0x48AswmIpzX6sktS3FVU6IZCXi3Ctm0h8w1kQ0dS7nwxt+Kyx1\/lM9vblmQ3R5FE4dlvrkQVtm8vhWW6O9EtewzqzuLWNHi7CJbLjnsq3eueLEvf0uEsodJBQg+R5NSwb615AoGG2YZ80D08zVyD8vJ9NX8RH1KkW08+ZOd28NIz9psJrqsV\/kuZ208vVJBYnAtY7WBhRT3rMQLmQHXapWIfUguC1SVplU1nrQE1BZSXNd2SdKAQcyWC3XPm2H1g0HZo1UhbN7TB2oww=="}
01173{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":4,"source":"tls_2_reasms.pcapng","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":1639052958270296,"flow_src_last_pkt_time":1639052958440022,"flow_dst_last_pkt_time":1639052958436332,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":216,"flow_dst_max_l4_payload_len":1348,"flow_src_tot_l4_payload_len":216,"flow_dst_tot_l4_payload_len":1752,"midstream":0,"thread_ts_usec":1639052958440022,"l3_proto":"ip4","src_ip":"192.91.186.174","dst_ip":"25.137.80.32","src_port":443,"dst_port":38134,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Instagram","proto_id":"91.211","encrypted":1,"breed":"Fun","category_id":6,"category":"SocialNetwork","hostname":"i.instagram.com","tls": {"version":"TLSv1.3 (Fizz)","ja3":"44dab16d680ef93487bc16ad23b3ffb1","ja3s":"fcb2d4d0991292272fcb1e464eedfd43","unsafe_cipher":0,"cipher":"TLS_AES_128_GCM_SHA256","alpn":"h2,h2-fb,http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.3 (Fizz)"}}}
00930{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":14,"source":"tls_2_reasms.pcapng","alias":"nDPId-test","flow_id":1,"flow_state":"finished","flow_src_packets_processed":11,"flow_dst_packets_processed":3,"flow_first_seen":1639052958270296,"flow_src_last_pkt_time":1639052959221756,"flow_dst_last_pkt_time":1639052958885962,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1348,"flow_dst_max_l4_payload_len":1348,"flow_src_tot_l4_payload_len":3685,"flow_dst_tot_l4_payload_len":2290,"midstream":0,"thread_ts_usec":1639052959221756,"l3_proto":"ip4","src_ip":"192.91.186.174","dst_ip":"25.137.80.32","src_port":443,"dst_port":38134,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Instagram","proto_id":"91.211","encrypted":1,"breed":"Fun","category_id":6,"category":"SocialNetwork"}}
00566{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":14,"source":"tls_2_reasms.pcapng","alias":"nDPId-test","packets-captured":14,"packets-processed":14,"total-skipped-flows":0,"total-l4-payload-len":5975,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":1,"total-detection-updates":1,"total-updates":0,"current-active-flows":0,"total-active-flows":1,"total-idle-flows":1,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":10,"global_ts_usec":1639052959221756}
~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~
~~ packets captured/processed: 14/14
~~ skipped flows.............: 0
~~ total layer4 data length..: 5975 bytes
~~ total detected protocols..: 1
~~ total active/idle flows...: 1/1
~~ total timeout flows.......: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~ total memory allocated....: 6040320 bytes
~~ total memory freed........: 6040320 bytes
~~ total allocations/frees...: 121506/121506
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~ json string min len.......: 499 chars
~~ json string max len.......: 2369 chars
~~ json string avg len.......: 1391 chars
Powered by cgit, Themed by Ted Yin.