summaryrefslogtreecommitdiff
path: root/test/results/xiaomi.pcap.out
blob: 48ae0657bcac004a57e8452e57b945ce2376fd17 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62

00457{"daemon_event_id":1,"daemon_event_name":"init","thread_id":0,"packet_id":0,"source":"xiaomi.pcap","alias":"nDPId-test","max-flows-per-thread":2048,"max-idle-flows-per-thread":64,"tick-resolution":1000,"reader-thread-count":1,"flow-scan-interval":10000,"generic-max-idle-time":600000,"icmp-max-idle-time":120000,"udp-max-idle-time":180000,"tcp-max-idle-time":7560000,"max-packets-per-flow-to-send":3,"max-packets-per-flow-to-process":32,"global_ts_msec":0}
00543{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":1,"source":"xiaomi.pcap","alias":"nDPId-test","packets-captured":1,"packets-processed":0,"total-skipped-flows":0,"total-l4-data-len":0,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":0,"total-detection-updates":0,"total-updates":0,"current-active-flows":0,"total-active-flows":0,"total-idle-flows":0,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2,"global_ts_msec":1639054136437}
00578{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1,"source":"xiaomi.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_packets_processed":1,"flow_first_seen":1639054136437,"flow_last_seen":1639054136437,"flow_idle_time":7580000,"flow_min_l4_payload_len":66,"flow_max_l4_payload_len":66,"flow_tot_l4_payload_len":66,"flow_avg_l4_payload_len":66,"midstream":1,"thread_ts_msec":1639054136437,"l3_proto":"ip4","src_ip":"47.241.7.88","dst_ip":"10.52.151.160","src_port":5222,"dst_port":39180,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3}
00562{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1,"source":"xiaomi.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":1,"flow_last_seen":1639054136437,"flow_idle_time":7580000,"pkt_oversize":false,"pkt_caplen":136,"pkt_type":2048,"pkt_l3_offset":18,"pkt_l4_offset":38,"pkt_len":136,"pkt_l4_len":98,"thread_ts_msec":1639054136437,"pkt":"AAAAAAAAAAIAAAAIgQAA0AgARRQAdj14QAAuBjXZL\/EHWAo0l6AUZpkMYD5IiLldMd2AGAA1w4IAAAEBCAqKynYNev32UML+AAUAAAA2AAIAFgAAABgIABoKeGlhb21pLmNvbSoEQ09OTkgACgo1Mzg2MzcwNzY5EgQ3ZjA0GgIIACIAfagLdw=="}
00635{"flow_event_id":6,"flow_event_name":"detected","thread_id":0,"packet_id":1,"source":"xiaomi.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_packets_processed":1,"flow_first_seen":1639054136437,"flow_last_seen":1639054136437,"flow_idle_time":7580000,"flow_min_l4_payload_len":66,"flow_max_l4_payload_len":66,"flow_tot_l4_payload_len":66,"flow_avg_l4_payload_len":66,"midstream":1,"thread_ts_msec":1639054136437,"l3_proto":"ip4","src_ip":"47.241.7.88","dst_ip":"10.52.151.160","src_port":5222,"dst_port":39180,"l4_proto":"tcp","ndpi": {"confidence": {"4":"DPI"},"proto":"Xiaomi","breed":"Acceptable","category":"Web"}}
00544{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":2,"source":"xiaomi.pcap","alias":"nDPId-test","packets-captured":2,"packets-processed":1,"total-skipped-flows":0,"total-l4-data-len":66,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":1,"total-detection-updates":0,"total-updates":0,"current-active-flows":1,"total-active-flows":1,"total-idle-flows":0,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":6,"global_ts_msec":1643625846975}
00579{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2,"source":"xiaomi.pcap","alias":"nDPId-test","flow_id":2,"flow_state":"info","flow_packets_processed":1,"flow_first_seen":1643625846975,"flow_last_seen":1643625846975,"flow_idle_time":7580000,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":0,"flow_tot_l4_payload_len":0,"flow_avg_l4_payload_len":0,"midstream":0,"thread_ts_msec":1643625846975,"l3_proto":"ip4","src_ip":"115.164.74.232","dst_ip":"192.168.244.219","src_port":5222,"dst_port":45904,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3}
00475{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2,"source":"xiaomi.pcap","alias":"nDPId-test","flow_id":2,"flow_packet_id":1,"flow_last_seen":1643625846975,"flow_idle_time":7580000,"pkt_oversize":false,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_msec":1643625846975,"pkt":"AAAAAAAAAA0AYH2pCABFFAA8AABAAC4G2JdzpErowKj02xRms1CUmJB5c0FIJ6ASaVAVsQAAAgQFUAQCCAri0mMlEWpVrAEDAwk="}
00714{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3,"source":"xiaomi.pcap","alias":"nDPId-test","flow_id":2,"flow_packet_id":2,"flow_last_seen":1643625847008,"flow_idle_time":7580000,"pkt_oversize":false,"pkt_caplen":250,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":250,"pkt_l4_len":216,"thread_ts_msec":1643625847008,"pkt":"AAAAAAAAAAoAtbdgCABFAADsPqBAAEAGh1vAqPTbc6RK6LNQFGZzQUgnlJiQeoAYAKxOqAAAAQEIChFqVg7i0mMlwv4ABQAAAKwAAgAWAAAAjggAGgp4aWFvbWkuY29tKgRDT05OSAAIahINUmVkbWkgTm90ZSA5UxoRVjEyLjUuMi4wLlJKV01JWE0iKmEtRDdBNUQ4QTlCNTM3NTI5Rjk2NkU0MjlEMDU4ODYyMDMyNEY2QzVFMigqMg9tb2JpbGUtbHRlLXRhaWY6ETQ3LjI0MS4zNS43Mzo1MjIyQhBhcl9FR18jdS1udS1sYXRuSgIYAFAebjssqA=="}
00641{"flow_event_id":6,"flow_event_name":"detected","thread_id":0,"packet_id":3,"source":"xiaomi.pcap","alias":"nDPId-test","flow_id":2,"flow_state":"info","flow_packets_processed":2,"flow_first_seen":1643625846975,"flow_last_seen":1643625847008,"flow_idle_time":7580000,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":184,"flow_tot_l4_payload_len":184,"flow_avg_l4_payload_len":92,"midstream":0,"thread_ts_msec":1643625847008,"l3_proto":"ip4","src_ip":"115.164.74.232","dst_ip":"192.168.244.219","src_port":5222,"dst_port":45904,"l4_proto":"tcp","ndpi": {"confidence": {"4":"DPI"},"proto":"Xiaomi","breed":"Acceptable","category":"Web"}}
00554{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":4,"source":"xiaomi.pcap","alias":"nDPId-test","flow_id":2,"flow_packet_id":3,"flow_last_seen":1643625847088,"flow_idle_time":7580000,"pkt_oversize":false,"pkt_caplen":132,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":132,"pkt_l4_len":98,"thread_ts_msec":1643625847088,"pkt":"AAAAAAAAAA0AYH2pCABFFAB28\/pAAC4G5GJzpErowKj02xRms1CUmJB6c0FI34AYADWHawAAAQEICuLSY5YRalYOwv4ABQAAADYAAgAWAAAAGAgAGgp4aWFvbWkuY29tKgRDT05OSAAKCjMyNjg2ODQ5MzMSBDQ1MzkaAggAIgB79gtJ"}
00578{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":7,"source":"xiaomi.pcap","alias":"nDPId-test","flow_id":3,"flow_state":"info","flow_packets_processed":1,"flow_first_seen":1643625848421,"flow_last_seen":1643625848421,"flow_idle_time":7580000,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":0,"flow_tot_l4_payload_len":0,"flow_avg_l4_payload_len":0,"midstream":0,"thread_ts_msec":1643625848421,"l3_proto":"ip4","src_ip":"115.164.74.232","dst_ip":"192.168.247.13","src_port":5222,"dst_port":38018,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3}
00477{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":7,"source":"xiaomi.pcap","alias":"nDPId-test","flow_id":3,"flow_packet_id":1,"flow_last_seen":1643625848421,"flow_idle_time":7580000,"pkt_oversize":false,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_msec":1643625848421,"pkt":"AAAAAAAAAAMAPY54CABFFAA8AABAAC8G1WVzpErowKj3DRRmlIK6\/lCi\/G71lqASaVAKjgAAAgQFUAQCCArZ9CR01bLjhQEDAwk="}
00678{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":8,"source":"xiaomi.pcap","alias":"nDPId-test","flow_id":3,"flow_packet_id":2,"flow_last_seen":1643625848472,"flow_idle_time":7580000,"pkt_oversize":false,"pkt_caplen":225,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":225,"pkt_l4_len":191,"thread_ts_msec":1643625848472,"pkt":"AAAAAAAAAAEAxKEDCABFAADTHaZAAD8GpzzAqPcNc6RK6JSCFGb8bvWWuv5Qo4AYAIDreAAAAQEICtWy5AnZ9CR0wv4ABQAAAJMAAgAWAAAAdQgAGgp4aWFvbWkuY29tKgRDT05OSAAIahIKTTIwMTBKMTlTRxoRVjEyLjAuOS4wLlFKUU1JWE0iKmEtQzVERjdDOEVDQ0ZGMzE3OEY5Mjk0REJDNzA1NzhCRUZDQTU5QTgzQygqMgR3aWZpOhE0Ny4yNDEuMzUuNzM6NTIyMkIFYXJfRUdKAhgAUB2r3iMF"}
00640{"flow_event_id":6,"flow_event_name":"detected","thread_id":0,"packet_id":8,"source":"xiaomi.pcap","alias":"nDPId-test","flow_id":3,"flow_state":"info","flow_packets_processed":2,"flow_first_seen":1643625848421,"flow_last_seen":1643625848472,"flow_idle_time":7580000,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":159,"flow_tot_l4_payload_len":159,"flow_avg_l4_payload_len":79,"midstream":0,"thread_ts_msec":1643625848472,"l3_proto":"ip4","src_ip":"115.164.74.232","dst_ip":"192.168.247.13","src_port":5222,"dst_port":38018,"l4_proto":"tcp","ndpi": {"confidence": {"4":"DPI"},"proto":"Xiaomi","breed":"Acceptable","category":"Web"}}
00555{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":9,"source":"xiaomi.pcap","alias":"nDPId-test","flow_id":3,"flow_packet_id":3,"flow_last_seen":1643625848565,"flow_idle_time":7580000,"pkt_oversize":false,"pkt_caplen":132,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":132,"pkt_l4_len":98,"thread_ts_msec":1643625848565,"pkt":"AAAAAAAAAAMAPY54CABFFAB2dEZAAC8GYOVzpErowKj3DRRmlIK6\/lCj\/G72NYAYADVuFAAAAQEICtn0JQPVsuQJwv4ABQAAADYAAgAWAAAAGAgAGgp4aWFvbWkuY29tKgRDT05OSAAKCjg0NDQ0MzU3NjcSBDcwOTgaAggAIgB8CwtM"}
00675{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":12,"source":"xiaomi.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"finished","flow_packets_processed":1,"flow_first_seen":1639054136437,"flow_last_seen":1639054136437,"flow_idle_time":7580000,"flow_min_l4_payload_len":66,"flow_max_l4_payload_len":66,"flow_tot_l4_payload_len":66,"flow_avg_l4_payload_len":66,"midstream":1,"thread_ts_msec":1643625848723,"l3_proto":"ip4","src_ip":"47.241.7.88","dst_ip":"10.52.151.160","src_port":5222,"dst_port":39180,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"4":"DPI"},"proto":"Xiaomi","breed":"Acceptable","category":"Web"}}
00577{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":12,"source":"xiaomi.pcap","alias":"nDPId-test","flow_id":4,"flow_state":"info","flow_packets_processed":1,"flow_first_seen":1643625858130,"flow_last_seen":1643625858130,"flow_idle_time":7580000,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":0,"flow_tot_l4_payload_len":0,"flow_avg_l4_payload_len":0,"midstream":0,"thread_ts_msec":1643625858130,"l3_proto":"ip4","src_ip":"97.39.119.172","dst_ip":"192.168.93.59","src_port":5222,"dst_port":51488,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3}
00476{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":12,"source":"xiaomi.pcap","alias":"nDPId-test","flow_id":4,"flow_packet_id":1,"flow_last_seen":1643625858130,"flow_idle_time":7580000,"pkt_oversize":false,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_msec":1643625858130,"pkt":"AAAAAAAAAAUARa2GCABFFAA8AABAAC0GVvFhJ3eswKhdOxRmySBqbHLib20O5qASaVBi5QAAAgQFUAQCCAoVb3OrFqysdQEDAwk="}
00696{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":13,"source":"xiaomi.pcap","alias":"nDPId-test","flow_id":4,"flow_packet_id":2,"flow_last_seen":1643625858163,"flow_idle_time":7580000,"pkt_oversize":false,"pkt_caplen":236,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":236,"pkt_l4_len":202,"thread_ts_msec":1643625858163,"pkt":"AAAAAAAAAAUARa2GCABFAADeXtNAAEAG5I\/AqF07YSd3rMkgFGZvbQ7mamxy44AYAVdX7gAAAQEIChasrOMVb3Orwv4ABQAAAJ4AAgAWAAAAgAgAGgp4aWFvbWkuY29tKgRDT05OSAAIahIJTTIxMDFLN0JHGhJWMTIuNS4xNS4wLlJLTE1JWE0iKmEtQUM5NDFEMkFEQUQ4RkVDNEJGODYzMTRDQzhDNTE2Q0I3NkY2OTUyQSguMg9tb2JpbGUtbHRlLXRhaWY6ETQ3LjI0MS41OS44Nzo1MjIyQgVhcl9FR0oCGABQHn0CJwc="}
00639{"flow_event_id":6,"flow_event_name":"detected","thread_id":0,"packet_id":13,"source":"xiaomi.pcap","alias":"nDPId-test","flow_id":4,"flow_state":"info","flow_packets_processed":2,"flow_first_seen":1643625858130,"flow_last_seen":1643625858163,"flow_idle_time":7580000,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":170,"flow_tot_l4_payload_len":170,"flow_avg_l4_payload_len":85,"midstream":0,"thread_ts_msec":1643625858163,"l3_proto":"ip4","src_ip":"97.39.119.172","dst_ip":"192.168.93.59","src_port":5222,"dst_port":51488,"l4_proto":"tcp","ndpi": {"confidence": {"4":"DPI"},"proto":"Xiaomi","breed":"Acceptable","category":"Web"}}
00554{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":14,"source":"xiaomi.pcap","alias":"nDPId-test","flow_id":4,"flow_packet_id":3,"flow_last_seen":1643625858251,"flow_idle_time":7580000,"pkt_oversize":false,"pkt_caplen":132,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":132,"pkt_l4_len":98,"thread_ts_msec":1643625858251,"pkt":"AAAAAAAAAAUARa2GCABFFAB2BwBAAC0GT7dhJ3eswKhdOxRmySBqbHLjb20PkIAYADWSLgAAAQEIChVvdCQWrKzjwv4ABQAAADYAAgAWAAAAGAgAGgp4aWFvbWkuY29tKgRDT05OSAAKCjkyODQzNjUzNzESBGQzOGMaAggAIgB+7gui"}
00550{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":19,"source":"xiaomi.pcap","alias":"nDPId-test","packets-captured":19,"packets-processed":18,"total-skipped-flows":0,"total-l4-data-len":3907,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":4,"total-detection-updates":0,"total-updates":0,"current-active-flows":3,"total-active-flows":4,"total-idle-flows":1,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":23,"global_ts_msec":1649839944752}
00576{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":19,"source":"xiaomi.pcap","alias":"nDPId-test","flow_id":5,"flow_state":"info","flow_packets_processed":1,"flow_first_seen":1649839944752,"flow_last_seen":1649839944752,"flow_idle_time":7580000,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":0,"flow_tot_l4_payload_len":0,"flow_avg_l4_payload_len":0,"midstream":0,"thread_ts_msec":1649839944752,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"3.127.176.74","src_port":37708,"dst_port":5222,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3}
00478{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":19,"source":"xiaomi.pcap","alias":"nDPId-test","flow_id":5,"flow_packet_id":1,"flow_last_seen":1649839944752,"flow_idle_time":7580000,"pkt_oversize":false,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_msec":1649839944752,"pkt":"eJS0JASgYDjgxTWgCABFAAA8MLBAAD8GlDbAqAJkA3+wSpNMFGaY8mRiAAAAAKAC\/\/+SoQAAAgQFtAQCCAodPXxCAAAAAAEDAwk="}
00476{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":20,"source":"xiaomi.pcap","alias":"nDPId-test","flow_id":5,"flow_packet_id":2,"flow_last_seen":1649839944776,"flow_idle_time":7580000,"pkt_oversize":false,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_msec":1649839944776,"pkt":"YDjgxTWgeJS0JASgCABFAAA8AABAAPMGEOYDf7BKwKgCZBRmk0xMrReHmPJkY6ASaN+IpwAAAgQFrAQCCAr78kDrHT18QgEDAwg="}
00465{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":21,"source":"xiaomi.pcap","alias":"nDPId-test","flow_id":5,"flow_packet_id":3,"flow_last_seen":1649839944780,"flow_idle_time":7580000,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_msec":1649839944780,"pkt":"eJS0JASgYDjgxTWgCABFAAA0MLFAAD8GlD3AqAJkA3+wSpNMFGaY8mRjTK0XiIAQAKwfgwAAAQEICh09fF\/78kDr"}
00638{"flow_event_id":6,"flow_event_name":"detected","thread_id":0,"packet_id":22,"source":"xiaomi.pcap","alias":"nDPId-test","flow_id":5,"flow_state":"info","flow_packets_processed":4,"flow_first_seen":1649839944752,"flow_last_seen":1649839944782,"flow_idle_time":7580000,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":225,"flow_tot_l4_payload_len":225,"flow_avg_l4_payload_len":56,"midstream":0,"thread_ts_msec":1649839944782,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"3.127.176.74","src_port":37708,"dst_port":5222,"l4_proto":"tcp","ndpi": {"confidence": {"4":"DPI"},"proto":"Xiaomi","breed":"Acceptable","category":"Web"}}
00683{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":32,"source":"xiaomi.pcap","alias":"nDPId-test","flow_id":2,"flow_state":"finished","flow_packets_processed":5,"flow_first_seen":1643625846975,"flow_last_seen":1643625847231,"flow_idle_time":7580000,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":928,"flow_tot_l4_payload_len":1284,"flow_avg_l4_payload_len":256,"midstream":0,"thread_ts_msec":1649839946492,"l3_proto":"ip4","src_ip":"115.164.74.232","dst_ip":"192.168.244.219","src_port":5222,"dst_port":45904,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"4":"DPI"},"proto":"Xiaomi","breed":"Acceptable","category":"Web"}}
00680{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":32,"source":"xiaomi.pcap","alias":"nDPId-test","flow_id":4,"flow_state":"finished","flow_packets_processed":5,"flow_first_seen":1643625858130,"flow_last_seen":1643625858384,"flow_idle_time":7580000,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":947,"flow_tot_l4_payload_len":1288,"flow_avg_l4_payload_len":257,"midstream":0,"thread_ts_msec":1649839946492,"l3_proto":"ip4","src_ip":"97.39.119.172","dst_ip":"192.168.93.59","src_port":5222,"dst_port":51488,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"4":"DPI"},"proto":"Xiaomi","breed":"Acceptable","category":"Web"}}
00682{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":32,"source":"xiaomi.pcap","alias":"nDPId-test","flow_id":3,"flow_state":"finished","flow_packets_processed":7,"flow_first_seen":1643625848421,"flow_last_seen":1643625997739,"flow_idle_time":7580000,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":914,"flow_tot_l4_payload_len":1269,"flow_avg_l4_payload_len":181,"midstream":0,"thread_ts_msec":1649839946492,"l3_proto":"ip4","src_ip":"115.164.74.232","dst_ip":"192.168.247.13","src_port":5222,"dst_port":38018,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"4":"DPI"},"proto":"Xiaomi","breed":"Acceptable","category":"Web"}}
00550{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":34,"source":"xiaomi.pcap","alias":"nDPId-test","packets-captured":34,"packets-processed":33,"total-skipped-flows":0,"total-l4-data-len":5525,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":5,"total-detection-updates":0,"total-updates":0,"current-active-flows":1,"total-active-flows":5,"total-idle-flows":4,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":32,"global_ts_msec":1649853179269}
00578{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":34,"source":"xiaomi.pcap","alias":"nDPId-test","flow_id":6,"flow_state":"info","flow_packets_processed":1,"flow_first_seen":1649853179269,"flow_last_seen":1649853179269,"flow_idle_time":7580000,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":0,"flow_tot_l4_payload_len":0,"flow_avg_l4_payload_len":0,"midstream":0,"thread_ts_msec":1649853179269,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"18.193.233.122","src_port":45106,"dst_port":5222,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3}
00478{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":34,"source":"xiaomi.pcap","alias":"nDPId-test","flow_id":6,"flow_packet_id":1,"flow_last_seen":1649853179269,"flow_idle_time":7580000,"pkt_oversize":false,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_msec":1649853179269,"pkt":"eJS0JASgYDjgxTWgCABFAAA82XxAAD8GovfAqAJkEsHperAyFGbKjahPAAAAAKAC\/\/8SCgAAAgQFtAQCCAp5z8VmAAAAAAEDAwk="}
00477{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":35,"source":"xiaomi.pcap","alias":"nDPId-test","flow_id":6,"flow_packet_id":2,"flow_last_seen":1649853179291,"flow_idle_time":7580000,"pkt_oversize":false,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_msec":1649853179291,"pkt":"YDjgxTWgeJS0JASgCABFAAA8AABAAPUGxnMSwel6wKgCZBRmsDIvdwKjyo2oUKASaN9j8wAAAgQFrAQCCAqcy3ZJec\/FZgEDAwg="}
00464{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":36,"source":"xiaomi.pcap","alias":"nDPId-test","flow_id":6,"flow_packet_id":3,"flow_last_seen":1649853179293,"flow_idle_time":7580000,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_msec":1649853179293,"pkt":"eJS0JASgYDjgxTWgCABFAAA02X1AAD8Gov7AqAJkEsHperAyFGbKjahQL3cCpIAQAKz61AAAAQEICnnPxX2cy3ZJ"}
00640{"flow_event_id":6,"flow_event_name":"detected","thread_id":0,"packet_id":37,"source":"xiaomi.pcap","alias":"nDPId-test","flow_id":6,"flow_state":"info","flow_packets_processed":4,"flow_first_seen":1649853179269,"flow_last_seen":1649853179315,"flow_idle_time":7580000,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":217,"flow_tot_l4_payload_len":217,"flow_avg_l4_payload_len":54,"midstream":0,"thread_ts_msec":1649853179315,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"18.193.233.122","src_port":45106,"dst_port":5222,"l4_proto":"tcp","ndpi": {"confidence": {"4":"DPI"},"proto":"Xiaomi","breed":"Acceptable","category":"Web"}}
00680{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":48,"source":"xiaomi.pcap","alias":"nDPId-test","flow_id":5,"flow_state":"finished","flow_packets_processed":15,"flow_first_seen":1649839944752,"flow_last_seen":1649840399901,"flow_idle_time":7580000,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":933,"flow_tot_l4_payload_len":1618,"flow_avg_l4_payload_len":107,"midstream":0,"thread_ts_msec":1649853179854,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"3.127.176.74","src_port":37708,"dst_port":5222,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"4":"DPI"},"proto":"Xiaomi","breed":"Acceptable","category":"Web"}}
00550{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":49,"source":"xiaomi.pcap","alias":"nDPId-test","packets-captured":49,"packets-processed":48,"total-skipped-flows":0,"total-l4-data-len":7643,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":6,"total-detection-updates":0,"total-updates":0,"current-active-flows":1,"total-active-flows":6,"total-idle-flows":5,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":39,"global_ts_msec":1650283578710}
00574{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":49,"source":"xiaomi.pcap","alias":"nDPId-test","flow_id":7,"flow_state":"info","flow_packets_processed":1,"flow_first_seen":1650283578710,"flow_last_seen":1650283578710,"flow_idle_time":7580000,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":0,"flow_tot_l4_payload_len":0,"flow_avg_l4_payload_len":0,"midstream":0,"thread_ts_msec":1650283578710,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"203.107.1.65","src_port":48698,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3}
00478{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":49,"source":"xiaomi.pcap","alias":"nDPId-test","flow_id":7,"flow_packet_id":1,"flow_last_seen":1650283578710,"flow_idle_time":7580000,"pkt_oversize":false,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_msec":1650283578710,"pkt":"eJS0JASgYDjgxTWgCABFAAA8DvVAAD8GnQ7AqAJky2sBQb46AFChwP+pAAAAAKAC\/\/8meQAAAgQFtAQCCArLcGZmAAAAAAEDAwk="}
00465{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":50,"source":"xiaomi.pcap","alias":"nDPId-test","flow_id":7,"flow_packet_id":2,"flow_last_seen":1650283579013,"flow_idle_time":7580000,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_msec":1650283579013,"pkt":"YDjgxTWgeJS0JASgCABFAAA0AABAACkGwgvLawFBwKgCZABQvjrJa8kHocD\/qoASchB61gAAAgQFrAEBBAIBAwMH"}
00448{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":51,"source":"xiaomi.pcap","alias":"nDPId-test","flow_id":7,"flow_packet_id":3,"flow_last_seen":1650283579202,"flow_idle_time":7580000,"pkt_oversize":false,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_msec":1650283579202,"pkt":"eJS0JASgYDjgxTWgCABFAAAoDvZAAD8GnSHAqAJky2sBQb46AFChwP+qyWvJCFAQAKwtBQAA"}
01121{"flow_event_id":6,"flow_event_name":"detected","thread_id":0,"packet_id":52,"source":"xiaomi.pcap","alias":"nDPId-test","flow_id":7,"flow_state":"info","flow_packets_processed":4,"flow_first_seen":1650283578710,"flow_last_seen":1650283579202,"flow_idle_time":7580000,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":348,"flow_tot_l4_payload_len":348,"flow_avg_l4_payload_len":87,"midstream":0,"thread_ts_msec":1650283579202,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"203.107.1.65","src_port":48698,"dst_port":80,"l4_proto":"tcp","ndpi": {"flow_risk": {"12": {"risk":"HTTP Numeric IP Address","severity":"Low","risk_score": {"total":500,"client":450,"server":50}}},"confidence": {"4":"DPI"},"proto":"HTTP.Xiaomi","breed":"Acceptable","category":"Web"},"http": {"hostname":"203.107.1.65","url":"203.107.1.65\/164566\/sign_d?host=appmarket.micloud.xiaomi.net&sdk=android_1.3.3&t=1650284179&s=762f2c07cf9262c61753f45b4117c232&sid=jccM7PF4XY0T&net=wifi&bssid=02%3A00%3A00%3A00%3A00%3A00","code":0,"content_type":"","user_agent":"Dalvik\/2.1.0 (Linux; U; Android 10; Redmi Note 9 Pro MIUI\/V12.0.3.0.QJZMIXM)"}}
00580{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":52,"source":"xiaomi.pcap","alias":"nDPId-test","flow_id":7,"flow_state":"info","flow_packets_processed":4,"flow_first_seen":1650283578710,"flow_last_seen":1650283579202,"flow_idle_time":7580000,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":348,"flow_tot_l4_payload_len":348,"flow_avg_l4_payload_len":87,"midstream":0,"thread_ts_msec":1650283579202,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"203.107.1.65","src_port":48698,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3}
00682{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":52,"source":"xiaomi.pcap","alias":"nDPId-test","flow_id":6,"flow_state":"finished","flow_packets_processed":15,"flow_first_seen":1649853179269,"flow_last_seen":1649853538407,"flow_idle_time":7580000,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":948,"flow_tot_l4_payload_len":2118,"flow_avg_l4_payload_len":141,"midstream":0,"thread_ts_msec":1650283579202,"l3_proto":"ip4","src_ip":"192.168.2.100","dst_ip":"18.193.233.122","src_port":45106,"dst_port":5222,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"4":"DPI"},"proto":"Xiaomi","breed":"Acceptable","category":"Web"}}
00552{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":52,"source":"xiaomi.pcap","alias":"nDPId-test","packets-captured":52,"packets-processed":52,"total-skipped-flows":0,"total-l4-data-len":7991,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":7,"total-detection-updates":0,"total-updates":0,"current-active-flows":0,"total-active-flows":7,"total-idle-flows":7,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":47,"global_ts_msec":1650283579202}
~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~
~~ packets captured/processed: 52/52
~~ skipped flows.............: 0
~~ total layer4 data length..: 7991 bytes
~~ total detected protocols..: 7
~~ total active/idle flows...: 7/7
~~ total timeout flows.......: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~ total memory allocated....: 5889678 bytes
~~ total memory freed........: 5889678 bytes
~~ total allocations/frees...: 118193/118193
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~ json string min len.......: 453 chars
~~ json string max len.......: 1126 chars
~~ json string avg len.......: 776 chars
Powered by cgit, Themed by Ted Yin.