diff --git a/doc/protocols.rst b/doc/protocols.rst index 45e4126d61bd..bc819801aff0 100644 --- a/doc/protocols.rst +++ b/doc/protocols.rst @@ -166,3 +166,17 @@ References: `Protocol Specs: `_. Protocol Buffers (Protobuf) is a free and open-source cross-platform data format used to serialize structured data. References: `Encoding: `_. + + +.. _Proto 354: + +`NDPI_PROTOCOL_ETHEREUM` +======================= +Ethereum is a decentralized, open-source blockchain with smart contract functionality. + +References: `Main site `_. + + +Notes: + +- same as Bitcoin, not each crypto exchange is a mining, it could be a normal transaction, sending or receving or even blockchain exploration. \ No newline at end of file diff --git a/src/include/ndpi_protocol_ids.h b/src/include/ndpi_protocol_ids.h index 2e3827925b9e..278a6714d79b 100644 --- a/src/include/ndpi_protocol_ids.h +++ b/src/include/ndpi_protocol_ids.h @@ -382,6 +382,7 @@ typedef enum { NDPI_PROTOCOL_RMCP = 351, NDPI_PROTOCOL_CAN = 352, NDPI_PROTOCOL_PROTOBUF = 353, + NDPI_PROTOCOL_ETHEREUM = 354, #ifdef CUSTOM_NDPI_PROTOCOLS #include "../../../nDPI-custom/custom_ndpi_protocol_ids.h" diff --git a/src/include/ndpi_protocols.h b/src/include/ndpi_protocols.h index 53e401dedb75..da286f9257c6 100644 --- a/src/include/ndpi_protocols.h +++ b/src/include/ndpi_protocols.h @@ -249,6 +249,7 @@ void init_haproxy_dissector(struct ndpi_detection_module_struct *ndpi_struct, u_ void init_rmcp_dissector(struct ndpi_detection_module_struct *ndpi_struct, u_int32_t *id); void init_can_dissector(struct ndpi_detection_module_struct *ndpi_struct, u_int32_t *id); void init_protobuf_dissector(struct ndpi_detection_module_struct *ndpi_struct, u_int32_t *id); +void init_ethereum_dissector(struct ndpi_detection_module_struct *ndpi_struct, u_int32_t *id); /* ndpi_main.c */ extern u_int32_t ndpi_ip_port_hash_funct(u_int32_t ip, u_int16_t port); diff --git a/src/lib/inc_generated/ndpi_ethereum_match.c.inc b/src/lib/inc_generated/ndpi_ethereum_match.c.inc index eba1f4ef2ab3..d16e1cbe537e 100644 --- a/src/lib/inc_generated/ndpi_ethereum_match.c.inc +++ b/src/lib/inc_generated/ndpi_ethereum_match.c.inc @@ -20,25 +20,25 @@ /* ****************************************************** */ -static ndpi_network ndpi_protocol_mining_protocol_list[] = { - { 0x128A6C43 /* 18.138.108.67/32 */, 32, NDPI_PROTOCOL_MINING }, - { 0x03D12D4F /* 3.209.45.79/32 */, 32, NDPI_PROTOCOL_MINING }, - { 0x416C4665 /* 65.108.70.101/32 */, 32, NDPI_PROTOCOL_MINING }, - { 0x9D5A23A6 /* 157.90.35.166/32 */, 32, NDPI_PROTOCOL_MINING }, - { 0x92BE0D80 /* 146.190.13.128/32 */, 32, NDPI_PROTOCOL_MINING }, - { 0xB28088E9 /* 178.128.136.233/32 */, 32, NDPI_PROTOCOL_MINING }, - { 0x8AC533B5 /* 138.197.51.181/32 */, 32, NDPI_PROTOCOL_MINING }, - { 0x92BE0167 /* 146.190.1.103/32 */, 32, NDPI_PROTOCOL_MINING }, - { 0xAA40FA58 /* 170.64.250.88/32 */, 32, NDPI_PROTOCOL_MINING }, - { 0x8B3B31CE /* 139.59.49.206/32 */, 32, NDPI_PROTOCOL_MINING }, - { 0x8A447B98 /* 138.68.123.152/32 */, 32, NDPI_PROTOCOL_MINING }, - { 0x338D4E35 /* 51.141.78.53/32 */, 32, NDPI_PROTOCOL_MINING }, - { 0x0D5D3689 /* 13.93.54.137/32 */, 32, NDPI_PROTOCOL_MINING }, - { 0x5EED3672 /* 94.237.54.114/32 */, 32, NDPI_PROTOCOL_MINING }, - { 0x12DAFA42 /* 18.218.250.66/32 */, 32, NDPI_PROTOCOL_MINING }, - { 0x030B9343 /* 3.11.147.67/32 */, 32, NDPI_PROTOCOL_MINING }, - { 0x2E04637A /* 46.4.99.122/32 */, 32, NDPI_PROTOCOL_MINING }, - { 0x586346B6 /* 88.99.70.182/32 */, 32, NDPI_PROTOCOL_MINING }, +static ndpi_network ndpi_protocol_ethereum_protocol_list[] = { + { 0x128A6C43 /* 18.138.108.67/32 */, 32, NDPI_PROTOCOL_ETHEREUM }, + { 0x03D12D4F /* 3.209.45.79/32 */, 32, NDPI_PROTOCOL_ETHEREUM }, + { 0x416C4665 /* 65.108.70.101/32 */, 32, NDPI_PROTOCOL_ETHEREUM }, + { 0x9D5A23A6 /* 157.90.35.166/32 */, 32, NDPI_PROTOCOL_ETHEREUM }, + { 0x92BE0D80 /* 146.190.13.128/32 */, 32, NDPI_PROTOCOL_ETHEREUM }, + { 0xB28088E9 /* 178.128.136.233/32 */, 32, NDPI_PROTOCOL_ETHEREUM }, + { 0x8AC533B5 /* 138.197.51.181/32 */, 32, NDPI_PROTOCOL_ETHEREUM }, + { 0x92BE0167 /* 146.190.1.103/32 */, 32, NDPI_PROTOCOL_ETHEREUM }, + { 0xAA40FA58 /* 170.64.250.88/32 */, 32, NDPI_PROTOCOL_ETHEREUM }, + { 0x8B3B31CE /* 139.59.49.206/32 */, 32, NDPI_PROTOCOL_ETHEREUM }, + { 0x8A447B98 /* 138.68.123.152/32 */, 32, NDPI_PROTOCOL_ETHEREUM }, + { 0x338D4E35 /* 51.141.78.53/32 */, 32, NDPI_PROTOCOL_ETHEREUM }, + { 0x0D5D3689 /* 13.93.54.137/32 */, 32, NDPI_PROTOCOL_ETHEREUM }, + { 0x5EED3672 /* 94.237.54.114/32 */, 32, NDPI_PROTOCOL_ETHEREUM }, + { 0x12DAFA42 /* 18.218.250.66/32 */, 32, NDPI_PROTOCOL_ETHEREUM }, + { 0x030B9343 /* 3.11.147.67/32 */, 32, NDPI_PROTOCOL_ETHEREUM }, + { 0x2E04637A /* 46.4.99.122/32 */, 32, NDPI_PROTOCOL_ETHEREUM }, + { 0x586346B6 /* 88.99.70.182/32 */, 32, NDPI_PROTOCOL_ETHEREUM }, /* End */ { 0x0, 0, 0 } }; diff --git a/src/lib/ndpi_main.c b/src/lib/ndpi_main.c index fae3305cc58a..286b76dac609 100644 --- a/src/lib/ndpi_main.c +++ b/src/lib/ndpi_main.c @@ -1265,7 +1265,7 @@ static void ndpi_init_protocol_defaults(struct ndpi_detection_module_struct *ndp ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_str, 1 /* cleartext */, 1 /* app proto */, NDPI_PROTOCOL_UNSAFE, NDPI_PROTOCOL_MINING, "Mining", CUSTOM_CATEGORY_MINING, - ndpi_build_default_ports(ports_a, 30303, 0, 0, 0, 0) /* TCP */, + ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); ndpi_set_proto_defaults(ndpi_str, 1 /* cleartext */, 1 /* app proto */, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_NEST_LOG_SINK, "NestLogSink", NDPI_PROTOCOL_CATEGORY_CLOUD, @@ -2171,6 +2171,10 @@ static void ndpi_init_protocol_defaults(struct ndpi_detection_module_struct *ndp "Protobuf", NDPI_PROTOCOL_CATEGORY_NETWORK, ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */, ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); + ndpi_set_proto_defaults(ndpi_str, 1 /* cleartext */, 0 /* nw proto */, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_ETHEREUM, + "ETHEREUM", NDPI_PROTOCOL_CATEGORY_CRYPTO_CURRENCY, + ndpi_build_default_ports(ports_a, 30303, 0, 0, 0, 0) /* TCP */, + ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */); #ifdef CUSTOM_NDPI_PROTOCOLS #include "../../../nDPI-custom/custom_ndpi_main.c" @@ -2885,7 +2889,7 @@ struct ndpi_detection_module_struct *ndpi_init_detection_module(ndpi_init_prefs ndpi_init_ptree_ipv4(ndpi_str, ndpi_str->protocols_ptree, ndpi_protocol_amazon_aws_protocol_list); if(!(prefs & ndpi_dont_load_ethereum_list)) - ndpi_init_ptree_ipv4(ndpi_str, ndpi_str->protocols_ptree, ndpi_protocol_mining_protocol_list); + ndpi_init_ptree_ipv4(ndpi_str, ndpi_str->protocols_ptree, ndpi_protocol_ethereum_protocol_list); if(!(prefs & ndpi_dont_load_zoom_list)) ndpi_init_ptree_ipv4(ndpi_str, ndpi_str->protocols_ptree, ndpi_protocol_zoom_protocol_list); @@ -5257,6 +5261,9 @@ static int ndpi_callback_init(struct ndpi_detection_module_struct *ndpi_str) { /* Protobuf */ init_protobuf_dissector(ndpi_str, &a); + /* ETHEREUM */ + init_ethereum_dissector(ndpi_str, &a); + #ifdef CUSTOM_NDPI_PROTOCOLS #include "../../../nDPI-custom/custom_ndpi_main_init.c" #endif diff --git a/src/lib/protocols/ethereum.c b/src/lib/protocols/ethereum.c new file mode 100644 index 000000000000..88248bcc8488 --- /dev/null +++ b/src/lib/protocols/ethereum.c @@ -0,0 +1,158 @@ +/* + * ethereum.c + * + * Copyright (C) 2018-22 - ntop.org + * + * This file is part of nDPI, an open source deep packet inspection + * library based on the OpenDPI and PACE technology by ipoque GmbH + * + * nDPI is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * nDPI is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with nDPI. If not, see . + * + */ +#include "ndpi_protocol_ids.h" +#define NDPI_CURRENT_PROTO NDPI_PROTOCOL_ETHEREUM +#include "ndpi_api.h" + + +/* ************************************************************************** */ + +static u_int32_t ndpi_ether_make_lru_cache_key(struct ndpi_flow_struct *flow) { + u_int32_t key; + + /* network byte order */ + if(flow->is_ipv6) + key = ndpi_quick_hash(flow->c_address.v6, 16) + ndpi_quick_hash(flow->s_address.v6, 16); + else + key = flow->c_address.v4 + flow->s_address.v4; + + return key; +} + +/* ************************************************************************** */ + +static void ndpi_ether_cache_connection(struct ndpi_detection_module_struct *ndpi_struct, + struct ndpi_flow_struct *flow) { + if(ndpi_struct->mining_cache) + ndpi_lru_add_to_cache(ndpi_struct->mining_cache, ndpi_ether_make_lru_cache_key(flow), NDPI_PROTOCOL_ETHEREUM, ndpi_get_current_time(flow)); +} + +/* ************************************************************************** */ + +static void ndpi_search_ethereum_udp(struct ndpi_detection_module_struct *ndpi_struct, + struct ndpi_flow_struct *flow) { + struct ndpi_packet_struct *packet = &ndpi_struct->packet; + u_int16_t source = ntohs(packet->udp->source); + u_int16_t dest = ntohs(packet->udp->dest); + + NDPI_LOG_DBG(ndpi_struct, "search ETHEREUM UDP\n"); + + /* + Ethereum P2P Discovery Protocol + https://github.com/ConsenSys/ethereum-dissectors/blob/master/packet-ethereum-disc.c + */ + if((packet->payload_packet_len > 98) + && (packet->payload_packet_len < 1280) + && ((source == 30303) || (dest == 30303)) + && (packet->payload[97] <= 0x04 /* NODES */) + ) { + if((packet->iph) && ((ntohl(packet->iph->daddr) & 0xFF000000 /* 255.0.0.0 */) == 0xFF000000)) + ; + else if(packet->iphv6 && ntohl(packet->iphv6->ip6_dst.u6_addr.u6_addr32[0]) == 0xFF020000) + ; + else { + ndpi_snprintf(flow->protos.mining.currency, sizeof(flow->protos.mining.currency), "%s", "ETH"); + ndpi_set_detected_protocol(ndpi_struct, flow, NDPI_PROTOCOL_ETHEREUM, NDPI_PROTOCOL_UNKNOWN, NDPI_CONFIDENCE_DPI); + ndpi_ether_cache_connection(ndpi_struct, flow); + return; + } + } + + NDPI_EXCLUDE_PROTO(ndpi_struct, flow); +} + +/* ************************************************************************** */ + +static u_int8_t ndpi_is_ether_port(u_int16_t dport) { + return(((dport >= 30300) && (dport <= 30305)) ? 1 : 0); +} + +/* ************************************************************************** */ + +static void ndpi_search_ethereum_tcp(struct ndpi_detection_module_struct *ndpi_struct, + struct ndpi_flow_struct *flow) { + struct ndpi_packet_struct *packet = &ndpi_struct->packet; + + NDPI_LOG_DBG(ndpi_struct, "search ETHEREUM TCP\n"); + + /* Check connection over TCP */ + if(packet->payload_packet_len > 10) { + if((packet->payload_packet_len > 300) + && (packet->payload_packet_len < 600) + && (packet->payload[2] == 0x04)) { + if(ndpi_is_ether_port(ntohs(packet->tcp->dest)) /* Ethereum port */) { + ndpi_snprintf(flow->protos.mining.currency, sizeof(flow->protos.mining.currency), "%s", "ETH"); + ndpi_set_detected_protocol(ndpi_struct, flow, NDPI_PROTOCOL_ETHEREUM, NDPI_PROTOCOL_UNKNOWN, NDPI_CONFIDENCE_DPI); + ndpi_ether_cache_connection(ndpi_struct, flow); + return; + } + } else if(ndpi_strnstr((const char *)packet->payload, "{", packet->payload_packet_len) + && ( + ndpi_strnstr((const char *)packet->payload, "\"eth1.0\"", packet->payload_packet_len) + || ndpi_strnstr((const char *)packet->payload, "\"worker\":", packet->payload_packet_len) + /* || ndpi_strnstr((const char *)packet->payload, "\"id\":", packet->payload_packet_len) - Removed as too generic */ + )) { + /* + Ethereum + + {"worker": "eth1.0", "jsonrpc": "2.0", "params": ["0x0fccfff9e61a230ff380530c6827caf4759337c6.rig2", "x"], "id": 2, "method": "eth_submitLogin"} + { "id": 2, "jsonrpc":"2.0","result":true} + {"worker": "", "jsonrpc": "2.0", "params": [], "id": 3, "method": "eth_getWork"} + */ + ndpi_snprintf(flow->protos.mining.currency, sizeof(flow->protos.mining.currency), "%s", "ETH"); + ndpi_set_detected_protocol(ndpi_struct, flow, NDPI_PROTOCOL_ETHEREUM, NDPI_PROTOCOL_UNKNOWN, NDPI_CONFIDENCE_DPI); + ndpi_ether_cache_connection(ndpi_struct, flow); + return; + } + } + + NDPI_EXCLUDE_PROTO(ndpi_struct, flow); +} + +/* ************************************************************************** */ + +static void ndpi_search_ethereum(struct ndpi_detection_module_struct *ndpi_struct, + struct ndpi_flow_struct *flow) { + struct ndpi_packet_struct *packet = &ndpi_struct->packet; + + if(packet->tcp) + return ndpi_search_ethereum_tcp(ndpi_struct, flow); + return ndpi_search_ethereum_udp(ndpi_struct, flow); +} + + +/* ************************************************************************** */ + +void init_ethereum_dissector(struct ndpi_detection_module_struct *ndpi_struct, + u_int32_t *id) +{ + ndpi_set_bitmask_protocol_detection("Ethereum", ndpi_struct, *id, + NDPI_PROTOCOL_ETHEREUM, + ndpi_search_ethereum, + NDPI_SELECTION_BITMASK_PROTOCOL_V4_V6_TCP_OR_UDP_WITH_PAYLOAD_WITHOUT_RETRANSMISSION, + SAVE_DETECTION_BITMASK_AS_UNKNOWN, + ADD_TO_DETECTION_BITMASK); + + *id += 1; +} + diff --git a/src/lib/protocols/mining.c b/src/lib/protocols/mining.c index 02c7652160d9..060d20b74bab 100644 --- a/src/lib/protocols/mining.c +++ b/src/lib/protocols/mining.c @@ -1,5 +1,5 @@ /* - * mining.c [Bitcoin, Ethereum, ZCash, Monero] + * mining.c [ZCash, Monero] * * Copyright (C) 2018-22 - ntop.org * @@ -49,82 +49,14 @@ static void cacheMiningHostTwins(struct ndpi_detection_module_struct *ndpi_struc /* ************************************************************************** */ -static void ndpi_search_mining_udp(struct ndpi_detection_module_struct *ndpi_struct, - struct ndpi_flow_struct *flow) { - struct ndpi_packet_struct *packet = &ndpi_struct->packet; - u_int16_t source = ntohs(packet->udp->source); - u_int16_t dest = ntohs(packet->udp->dest); - - NDPI_LOG_DBG(ndpi_struct, "search MINING UDP\n"); - - // printf("==> %s()\n", __FUNCTION__); - /* - Ethereum P2P Discovery Protocol - https://github.com/ConsenSys/ethereum-dissectors/blob/master/packet-ethereum-disc.c - */ - if((packet->payload_packet_len > 98) - && (packet->payload_packet_len < 1280) - && ((source == 30303) || (dest == 30303)) - && (packet->payload[97] <= 0x04 /* NODES */) - ) { - if((packet->iph) && ((ntohl(packet->iph->daddr) & 0xFF000000 /* 255.0.0.0 */) == 0xFF000000)) - ; - else if(packet->iphv6 && ntohl(packet->iphv6->ip6_dst.u6_addr.u6_addr32[0]) == 0xFF020000) - ; - else { - ndpi_snprintf(flow->protos.mining.currency, sizeof(flow->protos.mining.currency), "%s", "ETH"); - ndpi_set_detected_protocol(ndpi_struct, flow, NDPI_PROTOCOL_MINING, NDPI_PROTOCOL_UNKNOWN, NDPI_CONFIDENCE_DPI); - cacheMiningHostTwins(ndpi_struct, flow); - return; - } - } - - NDPI_EXCLUDE_PROTO(ndpi_struct, flow); -} - -/* ************************************************************************** */ - -static u_int8_t isEthPort(u_int16_t dport) { - return(((dport >= 30300) && (dport <= 30305)) ? 1 : 0); -} - -/* ************************************************************************** */ - -static void ndpi_search_mining_tcp(struct ndpi_detection_module_struct *ndpi_struct, +static void ndpi_search_mining(struct ndpi_detection_module_struct *ndpi_struct, struct ndpi_flow_struct *flow) { struct ndpi_packet_struct *packet = &ndpi_struct->packet; - NDPI_LOG_DBG(ndpi_struct, "search MINING TCP\n"); + NDPI_LOG_DBG(ndpi_struct, "search MINING\n"); - /* Check connection over TCP */ if(packet->payload_packet_len > 10) { - if((packet->payload_packet_len > 300) - && (packet->payload_packet_len < 600) - && (packet->payload[2] == 0x04)) { - if(isEthPort(ntohs(packet->tcp->dest)) /* Ethereum port */) { - ndpi_snprintf(flow->protos.mining.currency, sizeof(flow->protos.mining.currency), "%s", "ETH"); - ndpi_set_detected_protocol(ndpi_struct, flow, NDPI_PROTOCOL_MINING, NDPI_PROTOCOL_UNKNOWN, NDPI_CONFIDENCE_DPI); - cacheMiningHostTwins(ndpi_struct, flow); - return; - } - } else if(ndpi_strnstr((const char *)packet->payload, "{", packet->payload_packet_len) - && ( - ndpi_strnstr((const char *)packet->payload, "\"eth1.0\"", packet->payload_packet_len) - || ndpi_strnstr((const char *)packet->payload, "\"worker\":", packet->payload_packet_len) - /* || ndpi_strnstr((const char *)packet->payload, "\"id\":", packet->payload_packet_len) - Removed as too generic */ - )) { - /* - Ethereum - - {"worker": "eth1.0", "jsonrpc": "2.0", "params": ["0x0fccfff9e61a230ff380530c6827caf4759337c6.rig2", "x"], "id": 2, "method": "eth_submitLogin"} - { "id": 2, "jsonrpc":"2.0","result":true} - {"worker": "", "jsonrpc": "2.0", "params": [], "id": 3, "method": "eth_getWork"} - */ - ndpi_snprintf(flow->protos.mining.currency, sizeof(flow->protos.mining.currency), "%s", "ETH"); - ndpi_set_detected_protocol(ndpi_struct, flow, NDPI_PROTOCOL_MINING, NDPI_PROTOCOL_UNKNOWN, NDPI_CONFIDENCE_DPI); - cacheMiningHostTwins(ndpi_struct, flow); - return; - } else if(ndpi_strnstr((const char *)packet->payload, "{", packet->payload_packet_len) + if(ndpi_strnstr((const char *)packet->payload, "{", packet->payload_packet_len) && (ndpi_strnstr((const char *)packet->payload, "\"method\":", packet->payload_packet_len) || ndpi_strnstr((const char *)packet->payload, "\"blob\":", packet->payload_packet_len) /* || ndpi_strnstr((const char *)packet->payload, "\"id\":", packet->payload_packet_len) - Removed as too generic */ @@ -153,18 +85,6 @@ static void ndpi_search_mining_tcp(struct ndpi_detection_module_struct *ndpi_str NDPI_EXCLUDE_PROTO(ndpi_struct, flow); } -/* ************************************************************************** */ - -static void ndpi_search_mining(struct ndpi_detection_module_struct *ndpi_struct, - struct ndpi_flow_struct *flow) { - struct ndpi_packet_struct *packet = &ndpi_struct->packet; - - if(packet->tcp) - return ndpi_search_mining_tcp(ndpi_struct, flow); - return ndpi_search_mining_udp(ndpi_struct, flow); -} - - /* ************************************************************************** */ void init_mining_dissector(struct ndpi_detection_module_struct *ndpi_struct, @@ -173,7 +93,7 @@ void init_mining_dissector(struct ndpi_detection_module_struct *ndpi_struct, ndpi_set_bitmask_protocol_detection("Mining", ndpi_struct, *id, NDPI_PROTOCOL_MINING, ndpi_search_mining, - NDPI_SELECTION_BITMASK_PROTOCOL_V4_V6_TCP_OR_UDP_WITH_PAYLOAD_WITHOUT_RETRANSMISSION, + NDPI_SELECTION_BITMASK_PROTOCOL_V4_V6_TCP_WITH_PAYLOAD_WITHOUT_RETRANSMISSION, SAVE_DETECTION_BITMASK_AS_UNKNOWN, ADD_TO_DETECTION_BITMASK); diff --git a/tests/cfgs/caches_cfg/result/ookla.pcap.out b/tests/cfgs/caches_cfg/result/ookla.pcap.out index e81a052300aa..03b5f2566b50 100644 --- a/tests/cfgs/caches_cfg/result/ookla.pcap.out +++ b/tests/cfgs/caches_cfg/result/ookla.pcap.out @@ -3,7 +3,7 @@ Guessed flow protos: 1 DPI Packets (TCP): 40 (6.67 pkts/flow) Confidence Match by port : 1 (flows) Confidence DPI : 5 (flows) -Num dissector calls: 507 (84.50 diss/flow) +Num dissector calls: 510 (85.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/3/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/1kxun.pcap.out b/tests/cfgs/default/result/1kxun.pcap.out index 6711fb97c0f3..0d4da995f44a 100644 --- a/tests/cfgs/default/result/1kxun.pcap.out +++ b/tests/cfgs/default/result/1kxun.pcap.out @@ -5,7 +5,7 @@ DPI Packets (UDP): 120 (1.21 pkts/flow) Confidence Unknown : 14 (flows) Confidence Match by port : 6 (flows) Confidence DPI : 177 (flows) -Num dissector calls: 4591 (23.30 diss/flow) +Num dissector calls: 4578 (23.24 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/60/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/443-chrome.pcap.out b/tests/cfgs/default/result/443-chrome.pcap.out index 50d68379bed1..057ca6cd2bb1 100644 --- a/tests/cfgs/default/result/443-chrome.pcap.out +++ b/tests/cfgs/default/result/443-chrome.pcap.out @@ -2,7 +2,7 @@ Guessed flow protos: 1 DPI Packets (TCP): 1 (1.00 pkts/flow) Confidence Match by port : 1 (flows) -Num dissector calls: 122 (122.00 diss/flow) +Num dissector calls: 123 (123.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/3/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/443-opvn.pcap.out b/tests/cfgs/default/result/443-opvn.pcap.out index e6f113fe81d9..f79db7086362 100644 --- a/tests/cfgs/default/result/443-opvn.pcap.out +++ b/tests/cfgs/default/result/443-opvn.pcap.out @@ -2,7 +2,7 @@ Guessed flow protos: 0 DPI Packets (TCP): 6 (6.00 pkts/flow) Confidence DPI : 1 (flows) -Num dissector calls: 123 (123.00 diss/flow) +Num dissector calls: 124 (124.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/KakaoTalk_chat.pcap.out b/tests/cfgs/default/result/KakaoTalk_chat.pcap.out index e2062ed3e4cb..025693c34cc2 100644 --- a/tests/cfgs/default/result/KakaoTalk_chat.pcap.out +++ b/tests/cfgs/default/result/KakaoTalk_chat.pcap.out @@ -5,7 +5,7 @@ DPI Packets (UDP): 36 (2.00 pkts/flow) DPI Packets (other): 1 (1.00 pkts/flow) Confidence Match by port : 5 (flows) Confidence DPI : 33 (flows) -Num dissector calls: 536 (14.11 diss/flow) +Num dissector calls: 538 (14.16 diss/flow) LRU cache ookla: 0/1/0 (insert/search/found) LRU cache bittorrent: 0/15/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/KakaoTalk_talk.pcap.out b/tests/cfgs/default/result/KakaoTalk_talk.pcap.out index 6a270943e51b..8ddbd6bb3e90 100644 --- a/tests/cfgs/default/result/KakaoTalk_talk.pcap.out +++ b/tests/cfgs/default/result/KakaoTalk_talk.pcap.out @@ -5,7 +5,7 @@ DPI Packets (UDP): 10 (2.00 pkts/flow) Confidence Match by port : 8 (flows) Confidence DPI : 11 (flows) Confidence Match by IP : 1 (flows) -Num dissector calls: 1095 (54.75 diss/flow) +Num dissector calls: 1097 (54.85 diss/flow) LRU cache ookla: 0/2/0 (insert/search/found) LRU cache bittorrent: 0/27/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/Oscar.pcap.out b/tests/cfgs/default/result/Oscar.pcap.out index f8d103d932c3..29e9a6eab71b 100644 --- a/tests/cfgs/default/result/Oscar.pcap.out +++ b/tests/cfgs/default/result/Oscar.pcap.out @@ -2,7 +2,7 @@ Guessed flow protos: 1 DPI Packets (TCP): 21 (21.00 pkts/flow) Confidence Match by port : 1 (flows) -Num dissector calls: 249 (249.00 diss/flow) +Num dissector calls: 250 (250.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/3/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/activision.pcap.out b/tests/cfgs/default/result/activision.pcap.out index b8718b44ec79..1cd3ef7bc1ec 100644 --- a/tests/cfgs/default/result/activision.pcap.out +++ b/tests/cfgs/default/result/activision.pcap.out @@ -2,7 +2,7 @@ Guessed flow protos: 0 DPI Packets (UDP): 4 (1.00 pkts/flow) Confidence DPI : 4 (flows) -Num dissector calls: 380 (95.00 diss/flow) +Num dissector calls: 376 (94.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/agora-sd-rtn.pcap.out b/tests/cfgs/default/result/agora-sd-rtn.pcap.out index fb8ef028f02d..dd979f6bdb1d 100644 --- a/tests/cfgs/default/result/agora-sd-rtn.pcap.out +++ b/tests/cfgs/default/result/agora-sd-rtn.pcap.out @@ -2,7 +2,7 @@ Guessed flow protos: 0 DPI Packets (UDP): 26 (1.00 pkts/flow) Confidence DPI : 26 (flows) -Num dissector calls: 2288 (88.00 diss/flow) +Num dissector calls: 2262 (87.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/alexa-app.pcapng.out b/tests/cfgs/default/result/alexa-app.pcapng.out index 9d46390471f3..e3b76b3dbe8b 100644 --- a/tests/cfgs/default/result/alexa-app.pcapng.out +++ b/tests/cfgs/default/result/alexa-app.pcapng.out @@ -5,7 +5,7 @@ DPI Packets (UDP): 64 (1.94 pkts/flow) DPI Packets (other): 6 (1.00 pkts/flow) Confidence Match by port : 14 (flows) Confidence DPI : 146 (flows) -Num dissector calls: 498 (3.11 diss/flow) +Num dissector calls: 499 (3.12 diss/flow) LRU cache ookla: 0/5/0 (insert/search/found) LRU cache bittorrent: 0/42/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/amqp.pcap.out b/tests/cfgs/default/result/amqp.pcap.out index 9c5e1512d685..4602b3eab22f 100644 --- a/tests/cfgs/default/result/amqp.pcap.out +++ b/tests/cfgs/default/result/amqp.pcap.out @@ -2,7 +2,7 @@ Guessed flow protos: 0 DPI Packets (TCP): 9 (3.00 pkts/flow) Confidence DPI : 3 (flows) -Num dissector calls: 372 (124.00 diss/flow) +Num dissector calls: 373 (124.33 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/android.pcap.out b/tests/cfgs/default/result/android.pcap.out index 3494308b721b..ce5b40a1cac6 100644 --- a/tests/cfgs/default/result/android.pcap.out +++ b/tests/cfgs/default/result/android.pcap.out @@ -6,7 +6,7 @@ DPI Packets (other): 4 (1.00 pkts/flow) Confidence Match by port : 2 (flows) Confidence DPI : 60 (flows) Confidence Match by IP : 1 (flows) -Num dissector calls: 260 (4.13 diss/flow) +Num dissector calls: 256 (4.06 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/9/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/anyconnect-vpn.pcap.out b/tests/cfgs/default/result/anyconnect-vpn.pcap.out index f040d7a0cb62..7db07e077c88 100644 --- a/tests/cfgs/default/result/anyconnect-vpn.pcap.out +++ b/tests/cfgs/default/result/anyconnect-vpn.pcap.out @@ -6,7 +6,7 @@ DPI Packets (other): 10 (1.00 pkts/flow) Confidence Unknown : 2 (flows) Confidence Match by port : 6 (flows) Confidence DPI : 61 (flows) -Num dissector calls: 866 (12.55 diss/flow) +Num dissector calls: 858 (12.43 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/24/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/avast_securedns.pcapng.out b/tests/cfgs/default/result/avast_securedns.pcapng.out index 6e9b6073ea40..28e31c1cf3a3 100644 --- a/tests/cfgs/default/result/avast_securedns.pcapng.out +++ b/tests/cfgs/default/result/avast_securedns.pcapng.out @@ -2,7 +2,7 @@ Guessed flow protos: 0 DPI Packets (UDP): 39 (1.00 pkts/flow) Confidence DPI : 39 (flows) -Num dissector calls: 3315 (85.00 diss/flow) +Num dissector calls: 3276 (84.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/117/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/bittorrent_tcp_miss.pcapng.out b/tests/cfgs/default/result/bittorrent_tcp_miss.pcapng.out index 3a1373e24c4a..3ffb38fc2d1e 100644 --- a/tests/cfgs/default/result/bittorrent_tcp_miss.pcapng.out +++ b/tests/cfgs/default/result/bittorrent_tcp_miss.pcapng.out @@ -2,7 +2,7 @@ Guessed flow protos: 0 DPI Packets (TCP): 10 (10.00 pkts/flow) Confidence DPI : 1 (flows) -Num dissector calls: 224 (224.00 diss/flow) +Num dissector calls: 225 (225.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 5/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/bittorrent_utp.pcap.out b/tests/cfgs/default/result/bittorrent_utp.pcap.out index a3256c681b38..e3dc033d009c 100644 --- a/tests/cfgs/default/result/bittorrent_utp.pcap.out +++ b/tests/cfgs/default/result/bittorrent_utp.pcap.out @@ -2,7 +2,7 @@ Guessed flow protos: 0 DPI Packets (UDP): 4 (4.00 pkts/flow) Confidence DPI : 1 (flows) -Num dissector calls: 75 (75.00 diss/flow) +Num dissector calls: 74 (74.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 5/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/can.pcap.out b/tests/cfgs/default/result/can.pcap.out index 8b6dc1faed69..2869f733e849 100644 --- a/tests/cfgs/default/result/can.pcap.out +++ b/tests/cfgs/default/result/can.pcap.out @@ -2,7 +2,7 @@ Guessed flow protos: 0 DPI Packets (UDP): 8 (1.00 pkts/flow) Confidence DPI : 8 (flows) -Num dissector calls: 912 (114.00 diss/flow) +Num dissector calls: 904 (113.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/3/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/cassandra.pcap.out b/tests/cfgs/default/result/cassandra.pcap.out index 39184493801d..dc557b9d86c9 100644 --- a/tests/cfgs/default/result/cassandra.pcap.out +++ b/tests/cfgs/default/result/cassandra.pcap.out @@ -2,7 +2,7 @@ Guessed flow protos: 0 DPI Packets (TCP): 18 (9.00 pkts/flow) Confidence DPI : 2 (flows) -Num dissector calls: 340 (170.00 diss/flow) +Num dissector calls: 342 (171.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/cloudflare-warp.pcap.out b/tests/cfgs/default/result/cloudflare-warp.pcap.out index 495e16ea7081..e5ec2bf2128c 100644 --- a/tests/cfgs/default/result/cloudflare-warp.pcap.out +++ b/tests/cfgs/default/result/cloudflare-warp.pcap.out @@ -4,7 +4,7 @@ DPI Packets (TCP): 41 (5.12 pkts/flow) Confidence Match by port : 2 (flows) Confidence DPI : 5 (flows) Confidence Match by IP : 1 (flows) -Num dissector calls: 180 (22.50 diss/flow) +Num dissector calls: 181 (22.62 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/9/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/crynet.pcap.out b/tests/cfgs/default/result/crynet.pcap.out index a7e1f02d07d8..b611bb17231a 100644 --- a/tests/cfgs/default/result/crynet.pcap.out +++ b/tests/cfgs/default/result/crynet.pcap.out @@ -2,7 +2,7 @@ Guessed flow protos: 0 DPI Packets (UDP): 7 (1.00 pkts/flow) Confidence DPI : 7 (flows) -Num dissector calls: 700 (100.00 diss/flow) +Num dissector calls: 693 (99.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/custom_rules_same-ip_multiple_ports.pcapng.out b/tests/cfgs/default/result/custom_rules_same-ip_multiple_ports.pcapng.out index f82588b1b38d..cd62cef0e7b1 100644 --- a/tests/cfgs/default/result/custom_rules_same-ip_multiple_ports.pcapng.out +++ b/tests/cfgs/default/result/custom_rules_same-ip_multiple_ports.pcapng.out @@ -24,6 +24,6 @@ CustomProtocolA 3 222 1 CustomProtocolB 2 148 1 Unknown 3 222 1 - 1 TCP 192.168.1.245:56866 -> 3.3.3.3:443 [proto: 91.360/TLS.CustomProtocolA][IP: 360/CustomProtocolA][Encrypted][Confidence: Unknown][DPI packets: 1][cat: Web/5][3 pkts/222 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][3.05 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 2 TCP 192.168.1.245:58288 -> 3.3.3.3:446 [proto: 400/CustomProtocolC][IP: 362/Unknown][Encrypted][Confidence: Unknown][DPI packets: 1][3 pkts/222 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][3.04 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 3 TCP 192.168.1.245:59682 -> 3.3.3.3:444 [proto: 361/CustomProtocolB][IP: 361/CustomProtocolB][ClearText][Confidence: Unknown][DPI packets: 1][2 pkts/148 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][1.02 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 1 TCP 192.168.1.245:56866 -> 3.3.3.3:443 [proto: 91.361/TLS.CustomProtocolA][IP: 361/CustomProtocolA][Encrypted][Confidence: Unknown][DPI packets: 1][cat: Web/5][3 pkts/222 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][3.05 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 2 TCP 192.168.1.245:58288 -> 3.3.3.3:446 [proto: 400/CustomProtocolC][IP: 363/Unknown][Encrypted][Confidence: Unknown][DPI packets: 1][3 pkts/222 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][3.04 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 3 TCP 192.168.1.245:59682 -> 3.3.3.3:444 [proto: 362/CustomProtocolB][IP: 362/CustomProtocolB][ClearText][Confidence: Unknown][DPI packets: 1][2 pkts/148 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][1.02 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] diff --git a/tests/cfgs/default/result/dcerpc.pcap.out b/tests/cfgs/default/result/dcerpc.pcap.out index 5b1e6881ec7c..d89a2ba3f891 100644 --- a/tests/cfgs/default/result/dcerpc.pcap.out +++ b/tests/cfgs/default/result/dcerpc.pcap.out @@ -2,7 +2,7 @@ Guessed flow protos: 0 DPI Packets (UDP): 4 (1.00 pkts/flow) Confidence DPI : 4 (flows) -Num dissector calls: 196 (49.00 diss/flow) +Num dissector calls: 192 (48.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/discord.pcap.out b/tests/cfgs/default/result/discord.pcap.out index 751fa8a1d587..81c4065d9d36 100644 --- a/tests/cfgs/default/result/discord.pcap.out +++ b/tests/cfgs/default/result/discord.pcap.out @@ -3,7 +3,7 @@ Guessed flow protos: 0 DPI Packets (TCP): 5 (5.00 pkts/flow) DPI Packets (UDP): 60 (1.82 pkts/flow) Confidence DPI : 34 (flows) -Num dissector calls: 4141 (121.79 diss/flow) +Num dissector calls: 4135 (121.62 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/dnscrypt-v1-and-resolver-pings.pcap.out b/tests/cfgs/default/result/dnscrypt-v1-and-resolver-pings.pcap.out index 056dfe7a5d6f..60db2fe6a591 100644 --- a/tests/cfgs/default/result/dnscrypt-v1-and-resolver-pings.pcap.out +++ b/tests/cfgs/default/result/dnscrypt-v1-and-resolver-pings.pcap.out @@ -2,7 +2,7 @@ Guessed flow protos: 0 DPI Packets (UDP): 256 (1.04 pkts/flow) Confidence DPI : 245 (flows) -Num dissector calls: 20624 (84.18 diss/flow) +Num dissector calls: 20390 (83.22 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/513/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/doq.pcapng.out b/tests/cfgs/default/result/doq.pcapng.out index c945cc666bad..60c3ea92dcaa 100644 --- a/tests/cfgs/default/result/doq.pcapng.out +++ b/tests/cfgs/default/result/doq.pcapng.out @@ -3,7 +3,7 @@ Guessed flow protos: 0 DPI Packets (UDP): 1 (1.00 pkts/flow) DPI Packets (other): 1 (1.00 pkts/flow) Confidence DPI : 2 (flows) -Num dissector calls: 60 (30.00 diss/flow) +Num dissector calls: 59 (29.50 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/doq_adguard.pcapng.out b/tests/cfgs/default/result/doq_adguard.pcapng.out index a54bf0e193f4..4486b130fbe9 100644 --- a/tests/cfgs/default/result/doq_adguard.pcapng.out +++ b/tests/cfgs/default/result/doq_adguard.pcapng.out @@ -2,7 +2,7 @@ Guessed flow protos: 0 DPI Packets (UDP): 1 (1.00 pkts/flow) Confidence DPI : 1 (flows) -Num dissector calls: 61 (61.00 diss/flow) +Num dissector calls: 60 (60.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/edonkey.pcap.out b/tests/cfgs/default/result/edonkey.pcap.out index 5d1c27b6172a..728d3600cb33 100644 --- a/tests/cfgs/default/result/edonkey.pcap.out +++ b/tests/cfgs/default/result/edonkey.pcap.out @@ -2,7 +2,7 @@ Guessed flow protos: 0 DPI Packets (TCP): 5 (5.00 pkts/flow) Confidence DPI : 1 (flows) -Num dissector calls: 125 (125.00 diss/flow) +Num dissector calls: 126 (126.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/emotet.pcap.out b/tests/cfgs/default/result/emotet.pcap.out index 6388a0e9e46a..9229b8ca6219 100644 --- a/tests/cfgs/default/result/emotet.pcap.out +++ b/tests/cfgs/default/result/emotet.pcap.out @@ -2,7 +2,7 @@ Guessed flow protos: 0 DPI Packets (TCP): 48 (8.00 pkts/flow) Confidence DPI : 6 (flows) -Num dissector calls: 191 (31.83 diss/flow) +Num dissector calls: 192 (32.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/ethereum.pcap.out b/tests/cfgs/default/result/ethereum.pcap.out index 39b6a6d0257d..f6aad0349dc8 100644 --- a/tests/cfgs/default/result/ethereum.pcap.out +++ b/tests/cfgs/default/result/ethereum.pcap.out @@ -4,7 +4,7 @@ DPI Packets (TCP): 217 (3.88 pkts/flow) DPI Packets (UDP): 18 (1.00 pkts/flow) Confidence Match by port : 3 (flows) Confidence DPI : 71 (flows) -Num dissector calls: 539 (7.28 diss/flow) +Num dissector calls: 2123 (28.69 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/9/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) @@ -22,79 +22,79 @@ Patricia risk mask: 42/0 (search/found) Patricia risk: 0/0 (search/found) Patricia protocols: 124/29 (search/found) -Mining 2000 216111 74 +ETHEREUM 2000 216111 74 - 1 TCP 192.168.1.184:56626 <-> 178.128.195.220:30303 [proto: 42/Mining][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 4][cat: Mining/99][32 pkts/3294 bytes <-> 37 pkts/3156 bytes][Goodput ratio: 36/21][0.16 sec][currency: ETH][bytes ratio: 0.021 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 2/4 42/62 8/14][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 103/85 612/470 105/69][Risk: ** Unsafe Protocol **][Risk Score: 10][Plen Bins: 62,21,0,3,3,0,0,0,3,0,0,0,3,0,0,0,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 2 TCP 192.168.1.184:56638 <-> 209.250.240.205:30303 [proto: 42/Mining][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 4][cat: Mining/99][34 pkts/3347 bytes <-> 28 pkts/2774 bytes][Goodput ratio: 34/32][0.15 sec][currency: ETH][bytes ratio: 0.094 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 5/3 43/41 12/10][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 98/99 481/560 79/95][Risk: ** Unsafe Protocol **][Risk Score: 10][Plen Bins: 43,29,0,14,3,3,0,0,0,0,0,0,3,0,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 3 TCP 192.168.1.184:56660 <-> 51.161.23.12:30303 [proto: 42/Mining][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 4][cat: Mining/99][36 pkts/3241 bytes <-> 29 pkts/2723 bytes][Goodput ratio: 29/31][0.57 sec][currency: ETH][bytes ratio: 0.087 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 10/9 147/141 36/34][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 90/94 639/487 96/81][Risk: ** Unsafe Protocol **][Risk Score: 10][Plen Bins: 63,21,3,3,3,0,0,0,0,0,0,0,0,3,0,0,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 4 TCP 192.168.1.184:56658 <-> 157.230.152.87:30303 [proto: 42/Mining][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 4][cat: Mining/99][37 pkts/3341 bytes <-> 27 pkts/2583 bytes][Goodput ratio: 28/32][0.72 sec][currency: ETH][bytes ratio: 0.128 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 17/22 182/184 53/59][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 90/96 649/457 96/79][Risk: ** Unsafe Protocol **][Risk Score: 10][Plen Bins: 63,21,3,3,0,3,0,0,0,0,0,0,3,0,0,0,0,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 5 TCP 192.168.1.184:56645 <-> 185.219.133.62:30303 [proto: 42/Mining][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 4][cat: Mining/99][34 pkts/3018 bytes <-> 27 pkts/2540 bytes][Goodput ratio: 25/31][0.20 sec][currency: ETH][bytes ratio: 0.086 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 4/8 51/49 13/17][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 89/94 476/448 71/77][Risk: ** Unsafe Protocol **][Risk Score: 10][Plen Bins: 61,23,3,3,3,0,0,0,0,0,0,3,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 6 TCP 192.168.1.184:56650 <-> 35.228.250.140:30303 [proto: 42/Mining][IP: 284/GoogleCloud][ClearText][Confidence: DPI][DPI packets: 4][cat: Mining/99][30 pkts/2806 bytes <-> 24 pkts/2380 bytes][Goodput ratio: 29/35][0.23 sec][currency: ETH][bytes ratio: 0.082 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 7/6 57/56 18/17][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 94/99 528/508 84/92][Risk: ** Unsafe Protocol **][Risk Score: 10][PLAIN TEXT (J/hy@y)][Plen Bins: 52,31,3,3,3,0,0,0,0,0,0,0,0,3,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 7 TCP 192.168.1.184:56646 <-> 172.105.94.62:30303 [proto: 42/Mining][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 4][cat: Mining/99][28 pkts/2738 bytes <-> 24 pkts/2370 bytes][Goodput ratio: 32/36][0.22 sec][currency: ETH][bytes ratio: 0.072 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 7/15 116/91 24/28][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 98/99 540/398 89/89][Risk: ** Unsafe Protocol **][Risk Score: 10][Plen Bins: 56,20,4,4,0,0,4,4,0,0,4,0,0,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 8 TCP 192.168.1.184:56661 <-> 52.9.128.68:30303 [proto: 42/Mining][IP: 265/AmazonAWS][ClearText][Confidence: DPI][DPI packets: 4][cat: Mining/99][30 pkts/2768 bytes <-> 23 pkts/2318 bytes][Goodput ratio: 30/36][0.76 sec][currency: ETH][bytes ratio: 0.088 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 23/18 194/193 61/55][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 92/101 538/494 87/90][Risk: ** Unsafe Protocol **][Risk Score: 10][Plen Bins: 56,27,3,3,3,0,0,0,0,0,0,0,0,3,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 9 TCP 192.168.1.184:56674 <-> 94.68.55.162:30303 [proto: 42/Mining][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 4][cat: Mining/99][29 pkts/2801 bytes <-> 21 pkts/2262 bytes][Goodput ratio: 32/40][0.29 sec][currency: ETH][bytes ratio: 0.106 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 9/8 74/75 24/22][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 97/108 613/570 101/109][Risk: ** Unsafe Protocol **][Risk Score: 10][Plen Bins: 48,32,4,4,4,0,0,0,0,0,0,0,0,0,0,4,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 10 TCP 192.168.1.184:56671 <-> 86.107.243.62:30303 [proto: 42/Mining][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 4][cat: Mining/99][28 pkts/2804 bytes <-> 20 pkts/2138 bytes][Goodput ratio: 34/41][0.18 sec][currency: ETH][bytes ratio: 0.135 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 6/8 39/38 13/15][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 100/107 606/430 100/101][Risk: ** Unsafe Protocol **][Risk Score: 10][Plen Bins: 56,20,4,4,0,0,4,4,0,0,0,4,0,0,0,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 11 TCP 192.168.1.184:56643 <-> 178.62.29.183:30303 [proto: 42/Mining][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 4][cat: Mining/99][31 pkts/2879 bytes <-> 23 pkts/2042 bytes][Goodput ratio: 29/27][0.18 sec][currency: ETH][bytes ratio: 0.170 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 5/8 48/47 14/17][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 93/89 535/384 84/68][Risk: ** Unsafe Protocol **][Risk Score: 10][Plen Bins: 63,22,0,7,0,0,0,0,0,3,0,0,0,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 12 TCP 192.168.1.184:56673 <-> 78.47.147.155:30303 [proto: 42/Mining][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 4][cat: Mining/99][28 pkts/2855 bytes <-> 9 pkts/1461 bytes][Goodput ratio: 34/59][0.41 sec][currency: ETH][bytes ratio: 0.323 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 15/65 285/246 57/92][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 102/162 633/413 105/126][Risk: ** Unsafe Protocol **][Risk Score: 10][Plen Bins: 56,20,4,4,0,0,4,4,0,0,4,0,0,0,0,0,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 13 TCP 192.168.1.184:56634 <-> 159.203.84.31:30303 [proto: 42/Mining][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 4][cat: Mining/99][21 pkts/2209 bytes <-> 23 pkts/2019 bytes][Goodput ratio: 37/29][0.33 sec][currency: ETH][bytes ratio: 0.045 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 12/18 109/109 34/41][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 105/88 637/579 122/105][Risk: ** Unsafe Protocol **][Risk Score: 10][Plen Bins: 66,17,0,5,0,0,0,0,0,0,0,0,0,0,0,0,5,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 14 TCP 192.168.1.184:56610 <-> 165.22.107.33:30303 [proto: 42/Mining][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 4][cat: Mining/99][21 pkts/2212 bytes <-> 24 pkts/1962 bytes][Goodput ratio: 37/23][0.92 sec][currency: ETH][bytes ratio: 0.060 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 35/58 339/287 99/115][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 105/82 640/462 123/80][Risk: ** Unsafe Protocol **][Risk Score: 10][Plen Bins: 66,17,0,5,0,0,0,0,0,0,0,0,5,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 15 TCP 192.168.1.184:56621 <-> 52.187.207.27:30303 [proto: 42/Mining][IP: 276/Azure][ClearText][Confidence: DPI][DPI packets: 4][cat: Mining/99][21 pkts/2163 bytes <-> 21 pkts/1843 bytes][Goodput ratio: 35/28][0.99 sec][currency: ETH][bytes ratio: 0.080 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 37/53 354/316 105/118][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 103/88 591/517 112/96][Risk: ** Unsafe Protocol **][Risk Score: 10][Plen Bins: 66,17,0,5,0,0,0,0,0,0,0,0,0,0,5,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 16 TCP 192.168.1.184:56620 <-> 191.234.162.198:30303 [proto: 42/Mining][IP: 276/Azure][ClearText][Confidence: DPI][DPI packets: 4][cat: Mining/99][21 pkts/2150 bytes <-> 21 pkts/1845 bytes][Goodput ratio: 35/28][0.70 sec][currency: ETH][bytes ratio: 0.076 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 27/37 263/221 76/82][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 102/88 578/525 110/98][Risk: ** Unsafe Protocol **][Risk Score: 10][Plen Bins: 66,17,0,5,0,0,0,0,0,0,0,0,0,0,5,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 17 TCP 192.168.1.184:56611 <-> 104.42.217.25:30303 [proto: 42/Mining][IP: 276/Azure][ClearText][Confidence: DPI][DPI packets: 4][cat: Mining/99][21 pkts/2128 bytes <-> 21 pkts/1859 bytes][Goodput ratio: 34/29][0.57 sec][currency: ETH][bytes ratio: 0.067 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 22/34 201/202 62/75][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 101/89 556/533 105/100][Risk: ** Unsafe Protocol **][Risk Score: 10][Plen Bins: 66,17,0,5,0,0,0,0,0,0,0,0,0,0,5,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 18 TCP 192.168.1.184:56623 <-> 18.138.81.28:30303 [proto: 42/Mining][IP: 265/AmazonAWS][ClearText][Confidence: DPI][DPI packets: 4][cat: Mining/99][21 pkts/2109 bytes <-> 22 pkts/1874 bytes][Goodput ratio: 34/26][0.83 sec][currency: ETH][bytes ratio: 0.059 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 32/44 308/260 89/97][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 100/85 537/488 101/88][Risk: ** Unsafe Protocol **][Risk Score: 10][Plen Bins: 66,17,0,5,0,0,0,0,0,0,0,0,0,5,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 19 TCP 192.168.1.184:56615 <-> 35.158.244.151:30303 [proto: 42/Mining][IP: 265/AmazonAWS][ClearText][Confidence: DPI][DPI packets: 4][cat: Mining/99][21 pkts/2133 bytes <-> 21 pkts/1834 bytes][Goodput ratio: 34/28][0.14 sec][currency: ETH][bytes ratio: 0.075 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 6/10 62/63 17/23][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 102/87 561/514 106/96][Risk: ** Unsafe Protocol **][Risk Score: 10][Plen Bins: 66,17,0,5,0,0,0,0,0,0,0,0,0,0,5,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 20 TCP 192.168.1.184:56618 <-> 52.231.165.108:30303 [proto: 42/Mining][IP: 276/Azure][ClearText][Confidence: DPI][DPI packets: 4][cat: Mining/99][21 pkts/2088 bytes <-> 21 pkts/1845 bytes][Goodput ratio: 33/28][0.70 sec][currency: ETH][bytes ratio: 0.062 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 27/37 261/222 76/83][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 99/88 516/519 97/97][Risk: ** Unsafe Protocol **][Risk Score: 10][PLAIN TEXT (XMOZOS)][Plen Bins: 65,17,0,5,0,0,0,0,0,0,0,0,0,0,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 21 TCP 192.168.1.184:56628 <-> 3.209.45.79:30303 [proto: 42/Mining][IP: 42/Mining][ClearText][Confidence: DPI][DPI packets: 4][cat: Mining/99][21 pkts/2033 bytes <-> 21 pkts/1862 bytes][Goodput ratio: 31/29][0.41 sec][currency: ETH][bytes ratio: 0.044 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 17/27 163/164 47/61][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 97/89 461/536 86/100][Risk: ** Unsafe Protocol **][Risk Score: 10][Plen Bins: 66,17,0,5,0,0,0,0,0,0,0,0,5,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 22 TCP 192.168.1.184:56632 <-> 51.38.81.180:30303 [proto: 42/Mining][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 4][cat: Mining/99][21 pkts/2117 bytes <-> 20 pkts/1765 bytes][Goodput ratio: 34/28][0.22 sec][currency: ETH][bytes ratio: 0.091 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 8/13 78/78 23/29][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 101/88 545/505 103/96][Risk: ** Unsafe Protocol **][Risk Score: 10][Plen Bins: 66,17,0,5,0,0,0,0,0,0,0,0,0,5,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 23 TCP 192.168.1.184:56627 <-> 34.255.23.113:30303 [proto: 42/Mining][IP: 265/AmazonAWS][ClearText][Confidence: DPI][DPI packets: 4][cat: Mining/99][21 pkts/2150 bytes <-> 20 pkts/1728 bytes][Goodput ratio: 35/27][0.20 sec][currency: ETH][bytes ratio: 0.109 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 4/11 70/62 16/23][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 102/86 578/468 110/88][Risk: ** Unsafe Protocol **][Risk Score: 10][Plen Bins: 66,17,0,5,0,0,0,0,0,0,0,0,5,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 24 TCP 192.168.1.184:56622 <-> 18.138.108.67:30303 [proto: 42/Mining][IP: 42/Mining][ClearText][Confidence: DPI][DPI packets: 4][cat: Mining/99][21 pkts/2169 bytes <-> 21 pkts/1704 bytes][Goodput ratio: 36/22][0.81 sec][currency: ETH][bytes ratio: 0.120 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 31/42 300/253 87/94][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 103/81 597/384 114/68][Risk: ** Unsafe Protocol **][Risk Score: 10][Plen Bins: 66,17,0,5,0,0,0,0,0,5,0,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 25 TCP 192.168.1.184:56639 <-> 18.219.167.159:30303 [proto: 42/Mining][IP: 265/AmazonAWS][ClearText][Confidence: DPI][DPI packets: 4][cat: Mining/99][20 pkts/2093 bytes <-> 19 pkts/1750 bytes][Goodput ratio: 36/32][0.38 sec][currency: ETH][bytes ratio: 0.089 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 15/25 130/122 41/49][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 105/92 587/556 114/110][Risk: ** Unsafe Protocol **][Risk Score: 10][Plen Bins: 63,18,0,6,0,0,0,0,0,0,0,0,0,0,0,6,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 26 UDP 192.168.1.184:30303 <-> 52.231.165.108:30303 [proto: 42/Mining][IP: 276/Azure][ClearText][Confidence: DPI][DPI packets: 1][cat: Mining/99][2 pkts/426 bytes <-> 4 pkts/3132 bytes][Goodput ratio: 80/95][0.27 sec][currency: ETH][bytes ratio: -0.761 (Download)][IAT c2s/s2c min/avg/max/stddev: 40/0 40/6 40/19 0/9][Pkt Len c2s/s2c min/avg/max/stddev: 213/467 213/783 213/1099 0/316][Risk: ** Unsafe Protocol **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,0,33,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 27 TCP 192.168.1.184:56635 <-> 162.228.29.160:30303 [proto: 42/Mining][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 4][cat: Mining/99][21 pkts/2051 bytes <-> 16 pkts/1497 bytes][Goodput ratio: 32/31][0.47 sec][currency: ETH][bytes ratio: 0.156 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 18/32 159/152 50/60][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 98/94 479/471 89/98][Risk: ** Unsafe Protocol **][Risk Score: 10][Plen Bins: 65,17,0,5,0,0,0,0,0,0,0,0,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 28 TCP 192.168.1.184:56629 <-> 51.38.60.79:30303 [proto: 42/Mining][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 4][cat: Mining/99][19 pkts/1927 bytes <-> 19 pkts/1600 bytes][Goodput ratio: 34/25][0.16 sec][currency: ETH][bytes ratio: 0.093 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 2/9 36/43 9/17][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 101/84 487/406 95/77][Risk: ** Unsafe Protocol **][Risk Score: 10][Plen Bins: 63,18,0,6,0,0,0,0,0,0,6,0,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 29 TCP 192.168.1.184:56652 <-> 176.9.136.209:30303 [proto: 42/Mining][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 4][cat: Mining/99][18 pkts/1971 bytes <-> 17 pkts/1556 bytes][Goodput ratio: 39/32][0.10 sec][currency: ETH][bytes ratio: 0.118 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 4/9 34/33 11/14][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 110/92 597/494 122/101][Risk: ** Unsafe Protocol **][Risk Score: 10][Plen Bins: 61,20,0,6,0,0,0,0,0,0,0,0,0,6,0,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 30 TCP 192.168.1.184:56654 <-> 85.214.108.52:30303 [proto: 42/Mining][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 4][cat: Mining/99][17 pkts/1930 bytes <-> 14 pkts/1529 bytes][Goodput ratio: 41/42][0.14 sec][currency: ETH][bytes ratio: 0.116 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 7/12 35/36 14/17][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 114/109 574/401 119/103][Risk: ** Unsafe Protocol **][Risk Score: 10][Plen Bins: 42,21,7,7,0,0,0,7,0,0,7,0,0,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 31 TCP 192.168.1.184:56657 <-> 138.75.171.190:30303 [proto: 42/Mining][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 4][cat: Mining/99][17 pkts/1913 bytes <-> 16 pkts/1521 bytes][Goodput ratio: 41/34][0.79 sec][currency: ETH][bytes ratio: 0.114 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 37/88 263/261 91/122][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 113/95 605/525 126/112][Risk: ** Unsafe Protocol **][Risk Score: 10][Plen Bins: 50,28,0,7,0,0,0,0,0,0,0,0,0,0,7,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 32 TCP 192.168.1.184:56630 <-> 40.67.144.128:30303 [proto: 42/Mining][IP: 276/Azure][ClearText][Confidence: DPI][DPI packets: 4][cat: Mining/99][18 pkts/1871 bytes <-> 17 pkts/1551 bytes][Goodput ratio: 36/31][0.38 sec][currency: ETH][bytes ratio: 0.094 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 18/28 158/112 46/48][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 104/91 497/489 99/100][Risk: ** Unsafe Protocol **][Risk Score: 10][PLAIN TEXT (t ZZUM)][Plen Bins: 60,20,0,6,0,0,0,0,0,0,0,0,0,13,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 33 TCP 192.168.1.184:56624 <-> 89.38.99.34:30303 [proto: 42/Mining][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 4][cat: Mining/99][17 pkts/1895 bytes <-> 13 pkts/1495 bytes][Goodput ratio: 40/45][0.22 sec][currency: ETH][bytes ratio: 0.118 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 11/22 65/66 22/31][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 111/115 539/433 111/113][Risk: ** Unsafe Protocol **][Risk Score: 10][Plen Bins: 42,21,7,7,0,0,0,7,0,0,0,7,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 34 TCP 192.168.1.184:56651 <-> 138.201.12.87:30303 [proto: 42/Mining][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 4][cat: Mining/99][18 pkts/1857 bytes <-> 18 pkts/1521 bytes][Goodput ratio: 35/26][0.10 sec][currency: ETH][bytes ratio: 0.099 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 5/9 36/33 12/14][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 103/84 483/393 96/76][Risk: ** Unsafe Protocol **][Risk Score: 10][Plen Bins: 61,20,0,6,0,0,0,0,0,0,6,0,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 35 TCP 192.168.1.184:56672 <-> 139.162.255.210:30303 [proto: 42/Mining][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 4][cat: Mining/99][18 pkts/1826 bytes <-> 18 pkts/1550 bytes][Goodput ratio: 34/27][0.13 sec][currency: ETH][bytes ratio: 0.082 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 6/11 42/42 14/18][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 101/86 452/422 90/82][Risk: ** Unsafe Protocol **][Risk Score: 10][Plen Bins: 61,20,0,6,0,0,0,0,0,0,0,6,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 36 TCP 192.168.1.184:56675 <-> 35.235.37.216:30303 [proto: 42/Mining][IP: 284/GoogleCloud][ClearText][Confidence: DPI][DPI packets: 4][cat: Mining/99][17 pkts/1892 bytes <-> 13 pkts/1450 bytes][Goodput ratio: 41/43][0.10 sec][currency: ETH][bytes ratio: 0.132 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/1 5/13 25/25 10/12][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 111/112 596/420 125/106][Risk: ** Unsafe Protocol **][Risk Score: 10][Plen Bins: 50,14,7,7,0,0,7,0,0,0,0,7,0,0,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 37 TCP 192.168.1.184:56641 <-> 144.91.120.135:30303 [proto: 42/Mining][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 4][cat: Mining/99][17 pkts/1914 bytes <-> 14 pkts/1422 bytes][Goodput ratio: 41/37][0.12 sec][currency: ETH][bytes ratio: 0.147 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 6/10 30/29 11/13][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 113/102 606/390 127/97][Risk: ** Unsafe Protocol **][Risk Score: 10][Plen Bins: 55,15,0,7,0,0,7,0,0,0,7,0,0,0,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 38 TCP 192.168.1.184:56681 <-> 207.180.206.216:30303 [proto: 42/Mining][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 4][cat: Mining/99][17 pkts/1864 bytes <-> 13 pkts/1420 bytes][Goodput ratio: 40/42][0.16 sec][currency: ETH][bytes ratio: 0.135 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 8/10 40/40 16/17][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 110/109 568/384 118/98][Risk: ** Unsafe Protocol **][Risk Score: 10][Plen Bins: 50,14,7,7,0,0,7,0,0,7,0,0,0,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 39 TCP 192.168.1.184:56617 <-> 34.97.172.22:30303 [proto: 42/Mining][IP: 284/GoogleCloud][ClearText][Confidence: DPI][DPI packets: 4][cat: Mining/99][17 pkts/1834 bytes <-> 12 pkts/1437 bytes][Goodput ratio: 39/46][1.13 sec][currency: ETH][bytes ratio: 0.121 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 62/68 318/271 118/117][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 108/120 538/461 111/119][Risk: ** Unsafe Protocol **][Risk Score: 10][Plen Bins: 50,14,7,7,0,0,7,0,0,0,0,0,7,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 40 TCP 192.168.1.184:56613 <-> 162.243.160.83:30303 [proto: 42/Mining][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 4][cat: Mining/99][17 pkts/1832 bytes <-> 14 pkts/1433 bytes][Goodput ratio: 38/38][0.51 sec][currency: ETH][bytes ratio: 0.122 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 28/52 154/153 55/71][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 108/102 524/401 108/99][Risk: ** Unsafe Protocol **][Risk Score: 10][PLAIN TEXT (fOZarJ)][Plen Bins: 55,15,0,7,0,0,7,0,0,0,7,0,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 41 TCP 192.168.1.184:56633 <-> 82.145.220.249:30303 [proto: 42/Mining][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 4][cat: Mining/99][17 pkts/1816 bytes <-> 15 pkts/1418 bytes][Goodput ratio: 38/34][0.20 sec][currency: ETH][bytes ratio: 0.123 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 11/38 76/77 26/38][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 107/95 508/488 104/106][Risk: ** Unsafe Protocol **][Risk Score: 10][Plen Bins: 50,28,0,7,0,0,0,0,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 42 TCP 192.168.1.184:56679 <-> 35.228.158.52:30303 [proto: 42/Mining][IP: 284/GoogleCloud][ClearText][Confidence: DPI][DPI packets: 4][cat: Mining/99][17 pkts/1748 bytes <-> 13 pkts/1472 bytes][Goodput ratio: 36/44][0.23 sec][currency: ETH][bytes ratio: 0.086 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 12/20 59/60 23/28][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 103/113 452/436 92/109][Risk: ** Unsafe Protocol **][Risk Score: 10][Plen Bins: 50,14,7,7,0,0,7,0,0,0,0,7,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 43 TCP 192.168.1.184:56670 <-> 167.86.122.50:30303 [proto: 42/Mining][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 4][cat: Mining/99][17 pkts/1751 bytes <-> 13 pkts/1439 bytes][Goodput ratio: 36/42][0.16 sec][currency: ETH][bytes ratio: 0.098 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 9/13 43/38 16/18][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 103/111 455/403 93/102][Risk: ** Unsafe Protocol **][Risk Score: 10][Plen Bins: 50,14,7,7,0,0,7,0,0,0,7,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 44 TCP 192.168.1.184:56642 <-> 178.62.10.218:30303 [proto: 42/Mining][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 4][cat: Mining/99][17 pkts/1777 bytes <-> 12 pkts/1369 bytes][Goodput ratio: 37/44][0.17 sec][currency: ETH][bytes ratio: 0.130 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/2 9/22 43/42 17/20][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 105/114 481/399 99/104][Risk: ** Unsafe Protocol **][Risk Score: 10][Plen Bins: 50,14,7,7,0,0,7,0,0,0,7,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 45 TCP 192.168.1.184:56684 <-> 51.83.237.44:30303 [proto: 42/Mining][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 4][cat: Mining/99][17 pkts/1923 bytes <-> 7 pkts/1108 bytes][Goodput ratio: 42/58][0.13 sec][currency: ETH][bytes ratio: 0.269 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 9/14 43/42 17/20][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 113/158 627/432 132/132][Risk: ** Unsafe Protocol **][Risk Score: 10][Plen Bins: 50,14,7,7,0,0,7,0,0,0,0,7,0,0,0,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 46 TCP 192.168.1.184:56655 <-> 202.112.28.106:30303 [proto: 42/Mining][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 4][cat: Mining/99][18 pkts/1982 bytes <-> 6 pkts/948 bytes][Goodput ratio: 39/57][0.88 sec][currency: ETH][bytes ratio: 0.353 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 58/110 436/438 148/190][Pkt Len c2s/s2c min/avg/max/stddev: 66/67 110/158 560/434 113/130][Risk: ** Unsafe Protocol **][Risk Score: 10][Plen Bins: 50,25,0,12,0,0,0,0,0,0,0,6,0,0,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 47 TCP 192.168.1.184:56662 <-> 35.229.232.19:30303 [proto: 42/Mining][IP: 284/GoogleCloud][ClearText][Confidence: DPI][DPI packets: 4][cat: Mining/99][21 pkts/1833 bytes <-> 9 pkts/1016 bytes][Goodput ratio: 37/49][0.59 sec][currency: ETH][bytes ratio: 0.287 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 33/48 298/288 92/107][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 87/113 489/487 94/133][Risk: ** Unsafe Protocol **][Risk Score: 10][Plen Bins: 65,17,0,5,0,0,0,0,0,0,0,0,0,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 48 TCP 192.168.1.184:56663 <-> 124.217.235.180:30303 [proto: 42/Mining][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 4][cat: Mining/99][17 pkts/1919 bytes <-> 5 pkts/730 bytes][Goodput ratio: 41/54][0.77 sec][currency: ETH][bytes ratio: 0.449 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 55/127 388/377 134/177][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 113/146 611/394 128/125][Risk: ** Unsafe Protocol **][Risk Score: 10][Plen Bins: 50,28,0,7,0,0,0,0,0,0,7,0,0,0,0,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 49 UDP 192.168.1.184:30303 <-> 18.219.167.159:30303 [proto: 42/Mining][IP: 265/AmazonAWS][ClearText][Confidence: DPI][DPI packets: 1][cat: Mining/99][3 pkts/575 bytes <-> 4 pkts/1928 bytes][Goodput ratio: 78/91][0.75 sec][currency: ETH][bytes ratio: -0.541 (Download)][IAT c2s/s2c min/avg/max/stddev: 127/0 314/209 501/626 187/295][Pkt Len c2s/s2c min/avg/max/stddev: 170/170 192/482 213/1099 18/375][Risk: ** Unsafe Protocol **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,57,14,0,0,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 50 TCP 192.168.1.184:56647 <-> 182.162.161.61:30303 [proto: 42/Mining][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 4][cat: Mining/99][11 pkts/1520 bytes <-> 5 pkts/842 bytes][Goodput ratio: 46/60][0.75 sec][currency: ETH][bytes ratio: 0.287 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 83/124 372/371 154/175][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 138/168 588/554 147/193][Risk: ** Unsafe Protocol **][Risk Score: 10][Plen Bins: 51,12,0,12,0,0,0,0,0,0,0,0,0,0,0,12,12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 51 TCP 192.168.1.184:56685 <-> 88.99.93.219:30303 [proto: 42/Mining][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 4][cat: Mining/99][9 pkts/1362 bytes <-> 3 pkts/603 bytes][Goodput ratio: 55/66][0.08 sec][currency: ETH][bytes ratio: 0.386 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/3 11/20 41/38 18/18][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 151/201 646/463 179/185][Risk: ** Unsafe Protocol **][Risk Score: 10][Plen Bins: 42,14,0,14,0,0,0,0,0,0,0,0,14,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 52 UDP 192.168.1.184:30303 <-> 18.138.108.67:30303 [proto: 42/Mining][IP: 42/Mining][ClearText][Confidence: DPI][DPI packets: 1][cat: Mining/99][1 pkts/213 bytes <-> 2 pkts/1566 bytes][Goodput ratio: 80/95][0.27 sec][currency: ETH][Risk: ** Unsafe Protocol **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,0,33,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 53 UDP 192.168.1.184:30303 <-> 35.180.246.169:30301 [proto: 42/Mining][IP: 265/AmazonAWS][ClearText][Confidence: DPI][DPI packets: 1][cat: Mining/99][1 pkts/213 bytes <-> 2 pkts/1566 bytes][Goodput ratio: 80/95][0.03 sec][currency: ETH][Risk: ** Unsafe Protocol **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,0,33,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 54 UDP 192.168.1.184:30303 <-> 3.209.45.79:30303 [proto: 42/Mining][IP: 42/Mining][ClearText][Confidence: DPI][DPI packets: 1][cat: Mining/99][1 pkts/213 bytes <-> 2 pkts/1564 bytes][Goodput ratio: 80/95][0.14 sec][currency: ETH][Risk: ** Unsafe Protocol **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,0,33,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 55 UDP 192.168.1.184:30303 <-> 34.97.172.22:30303 [proto: 42/Mining][IP: 284/GoogleCloud][ClearText][Confidence: DPI][DPI packets: 1][cat: Mining/99][1 pkts/213 bytes <-> 2 pkts/1564 bytes][Goodput ratio: 80/95][0.27 sec][currency: ETH][Risk: ** Unsafe Protocol **][Risk Score: 10][Risk Info: No server to client traffic][PLAIN TEXT (PbEvGi)][Plen Bins: 0,0,0,0,0,33,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0] - 56 UDP 192.168.1.184:30303 <-> 54.36.160.211:30303 [proto: 42/Mining][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 1][cat: Mining/99][1 pkts/213 bytes <-> 2 pkts/1564 bytes][Goodput ratio: 80/95][0.08 sec][currency: ETH][Risk: ** Unsafe Protocol **][Risk Score: 10][Risk Info: No server to client traffic][PLAIN TEXT (PbEvGi)][Plen Bins: 0,0,0,0,0,33,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0] - 57 UDP 192.168.1.184:30303 <-> 128.0.51.140:30303 [proto: 42/Mining][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 1][cat: Mining/99][1 pkts/213 bytes <-> 2 pkts/1564 bytes][Goodput ratio: 80/95][0.08 sec][currency: ETH][Risk: ** Unsafe Protocol **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,0,33,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 58 TCP 192.168.1.184:56612 <-> 66.42.82.246:30303 [proto: 42/Mining][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 4][cat: Mining/99][3 pkts/639 bytes <-> 2 pkts/140 bytes][Goodput ratio: 67/0][0.32 sec][currency: ETH][Risk: ** Unsafe Protocol **][Risk Score: 10][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 59 TCP 192.168.1.184:56680 <-> 138.59.17.58:30303 [proto: 42/Mining][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 4][cat: Mining/99][3 pkts/657 bytes <-> 1 pkts/74 bytes][Goodput ratio: 68/0][0.20 sec][currency: ETH][Risk: ** Unsafe Protocol **][Risk Score: 10][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 60 UDP 183.129.242.164:1024 <-> 192.168.1.184:30303 [proto: 42/Mining][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 1][cat: Mining/99][2 pkts/360 bytes <-> 2 pkts/362 bytes][Goodput ratio: 76/77][0.38 sec][currency: ETH][Risk: ** Unsafe Protocol **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 61 TCP 192.168.1.184:56686 <-> 206.189.107.35:30303 [proto: 42/Mining][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 4][cat: Mining/99][3 pkts/617 bytes <-> 1 pkts/74 bytes][Goodput ratio: 66/0][0.05 sec][currency: ETH][Risk: ** Unsafe Protocol **][Risk Score: 10][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 62 TCP 192.168.1.184:56678 <-> 13.251.14.199:30303 [proto: 42/Mining][IP: 265/AmazonAWS][ClearText][Confidence: DPI][DPI packets: 4][cat: Mining/99][3 pkts/614 bytes <-> 1 pkts/74 bytes][Goodput ratio: 66/0][0.25 sec][currency: ETH][Risk: ** Unsafe Protocol **][Risk Score: 10][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 63 UDP 192.168.1.184:30303 <-> 66.42.82.246:30303 [proto: 42/Mining][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 1][cat: Mining/99][2 pkts/383 bytes <-> 1 pkts/191 bytes][Goodput ratio: 78/78][0.64 sec][currency: ETH][Risk: ** Unsafe Protocol **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,66,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 64 UDP 87.14.222.25:56693 -> 192.168.1.184:30303 [proto: 42/Mining][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 1][cat: Mining/99][2 pkts/383 bytes -> 0 pkts/0 bytes][Goodput ratio: 78/0][1.06 sec][currency: ETH][Risk: ** Unsafe Protocol **** Unidirectional Traffic **][Risk Score: 20][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 65 UDP 192.168.1.184:30303 -> 111.229.0.180:20182 [proto: 42/Mining][IP: 285/Tencent][ClearText][Confidence: DPI][DPI packets: 1][cat: Mining/99][2 pkts/383 bytes -> 0 pkts/0 bytes][Goodput ratio: 78/0][1.00 sec][currency: ETH][Risk: ** Unsafe Protocol **** Unidirectional Traffic **][Risk Score: 20][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 66 UDP 192.168.1.184:30303 -> 209.97.143.1:50000 [proto: 42/Mining][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 1][cat: Mining/99][2 pkts/383 bytes -> 0 pkts/0 bytes][Goodput ratio: 78/0][1.00 sec][currency: ETH][Risk: ** Unsafe Protocol **** Unidirectional Traffic **][Risk Score: 20][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 67 UDP 192.168.1.184:30303 <-> 202.112.28.106:30303 [proto: 42/Mining][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 1][cat: Mining/99][1 pkts/170 bytes <-> 1 pkts/191 bytes][Goodput ratio: 75/78][0.44 sec][currency: ETH][Risk: ** Unsafe Protocol **][Risk Score: 10][Risk Info: No server to client traffic][PLAIN TEXT (0/XoR/Q)][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 68 UDP 192.168.1.184:30303 <-> 167.86.122.50:30303 [proto: 42/Mining][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 1][cat: Mining/99][1 pkts/170 bytes <-> 1 pkts/189 bytes][Goodput ratio: 75/77][0.03 sec][currency: ETH][Risk: ** Unsafe Protocol **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 69 UDP 3.112.138.57:25516 -> 192.168.1.184:30303 [proto: 42/Mining][IP: 265/AmazonAWS][ClearText][Confidence: DPI][DPI packets: 1][cat: Mining/99][1 pkts/181 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][currency: ETH][Risk: ** Unsafe Protocol **** Unidirectional Traffic **][Risk Score: 20][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 70 UDP 60.191.32.71:30303 -> 192.168.1.184:30303 [proto: 42/Mining][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 1][cat: Mining/99][1 pkts/171 bytes -> 0 pkts/0 bytes][Goodput ratio: 75/0][< 1 sec][currency: ETH][Risk: ** Unsafe Protocol **** Unidirectional Traffic **][Risk Score: 20][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 71 UDP 192.168.1.184:30303 -> 106.12.39.168:30333 [proto: 42/Mining][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 1][cat: Mining/99][1 pkts/170 bytes -> 0 pkts/0 bytes][Goodput ratio: 75/0][< 1 sec][currency: ETH][Risk: ** Unsafe Protocol **** Unidirectional Traffic **][Risk Score: 20][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 72 TCP 192.168.1.184:56625 -> 5.1.83.226:30303 [proto: 42/Mining][IP: 0/Unknown][ClearText][Confidence: Match by port][DPI packets: 2][cat: Mining/99][2 pkts/156 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][1.10 sec][Risk: ** Unsafe Protocol **** Unidirectional Traffic **][Risk Score: 20][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 73 TCP 192.168.1.184:56637 -> 35.233.197.131:30303 [proto: 42/Mining][IP: 284/GoogleCloud][ClearText][Confidence: Match by port][DPI packets: 2][cat: Mining/99][2 pkts/156 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][1.11 sec][Risk: ** Unsafe Protocol **** Unidirectional Traffic **][Risk Score: 20][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 74 TCP 192.168.1.184:56644 -> 13.230.108.42:30303 [proto: 42/Mining][IP: 265/AmazonAWS][ClearText][Confidence: Match by port][DPI packets: 1][cat: Mining/99][1 pkts/78 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unsafe Protocol **** Unidirectional Traffic **][Risk Score: 20][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 1 TCP 192.168.1.184:56626 <-> 178.128.195.220:30303 [proto: 354/ETHEREUM][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 4][cat: Crypto_Currency/106][32 pkts/3294 bytes <-> 37 pkts/3156 bytes][Goodput ratio: 36/21][0.16 sec][bytes ratio: 0.021 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 2/4 42/62 8/14][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 103/85 612/470 105/69][Plen Bins: 62,21,0,3,3,0,0,0,3,0,0,0,3,0,0,0,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 2 TCP 192.168.1.184:56638 <-> 209.250.240.205:30303 [proto: 354/ETHEREUM][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 4][cat: Crypto_Currency/106][34 pkts/3347 bytes <-> 28 pkts/2774 bytes][Goodput ratio: 34/32][0.15 sec][bytes ratio: 0.094 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 5/3 43/41 12/10][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 98/99 481/560 79/95][Plen Bins: 43,29,0,14,3,3,0,0,0,0,0,0,3,0,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 3 TCP 192.168.1.184:56660 <-> 51.161.23.12:30303 [proto: 354/ETHEREUM][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 4][cat: Crypto_Currency/106][36 pkts/3241 bytes <-> 29 pkts/2723 bytes][Goodput ratio: 29/31][0.57 sec][bytes ratio: 0.087 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 10/9 147/141 36/34][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 90/94 639/487 96/81][Plen Bins: 63,21,3,3,3,0,0,0,0,0,0,0,0,3,0,0,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 4 TCP 192.168.1.184:56658 <-> 157.230.152.87:30303 [proto: 354/ETHEREUM][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 4][cat: Crypto_Currency/106][37 pkts/3341 bytes <-> 27 pkts/2583 bytes][Goodput ratio: 28/32][0.72 sec][bytes ratio: 0.128 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 17/22 182/184 53/59][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 90/96 649/457 96/79][Plen Bins: 63,21,3,3,0,3,0,0,0,0,0,0,3,0,0,0,0,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 5 TCP 192.168.1.184:56645 <-> 185.219.133.62:30303 [proto: 354/ETHEREUM][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 4][cat: Crypto_Currency/106][34 pkts/3018 bytes <-> 27 pkts/2540 bytes][Goodput ratio: 25/31][0.20 sec][bytes ratio: 0.086 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 4/8 51/49 13/17][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 89/94 476/448 71/77][Plen Bins: 61,23,3,3,3,0,0,0,0,0,0,3,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 6 TCP 192.168.1.184:56650 <-> 35.228.250.140:30303 [proto: 354/ETHEREUM][IP: 284/GoogleCloud][ClearText][Confidence: DPI][DPI packets: 4][cat: Crypto_Currency/106][30 pkts/2806 bytes <-> 24 pkts/2380 bytes][Goodput ratio: 29/35][0.23 sec][bytes ratio: 0.082 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 7/6 57/56 18/17][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 94/99 528/508 84/92][PLAIN TEXT (J/hy@y)][Plen Bins: 52,31,3,3,3,0,0,0,0,0,0,0,0,3,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 7 TCP 192.168.1.184:56646 <-> 172.105.94.62:30303 [proto: 354/ETHEREUM][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 4][cat: Crypto_Currency/106][28 pkts/2738 bytes <-> 24 pkts/2370 bytes][Goodput ratio: 32/36][0.22 sec][bytes ratio: 0.072 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 7/15 116/91 24/28][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 98/99 540/398 89/89][Plen Bins: 56,20,4,4,0,0,4,4,0,0,4,0,0,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 8 TCP 192.168.1.184:56661 <-> 52.9.128.68:30303 [proto: 354/ETHEREUM][IP: 265/AmazonAWS][ClearText][Confidence: DPI][DPI packets: 4][cat: Crypto_Currency/106][30 pkts/2768 bytes <-> 23 pkts/2318 bytes][Goodput ratio: 30/36][0.76 sec][bytes ratio: 0.088 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 23/18 194/193 61/55][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 92/101 538/494 87/90][Plen Bins: 56,27,3,3,3,0,0,0,0,0,0,0,0,3,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 9 TCP 192.168.1.184:56674 <-> 94.68.55.162:30303 [proto: 354/ETHEREUM][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 4][cat: Crypto_Currency/106][29 pkts/2801 bytes <-> 21 pkts/2262 bytes][Goodput ratio: 32/40][0.29 sec][bytes ratio: 0.106 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 9/8 74/75 24/22][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 97/108 613/570 101/109][Plen Bins: 48,32,4,4,4,0,0,0,0,0,0,0,0,0,0,4,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 10 TCP 192.168.1.184:56671 <-> 86.107.243.62:30303 [proto: 354/ETHEREUM][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 4][cat: Crypto_Currency/106][28 pkts/2804 bytes <-> 20 pkts/2138 bytes][Goodput ratio: 34/41][0.18 sec][bytes ratio: 0.135 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 6/8 39/38 13/15][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 100/107 606/430 100/101][Plen Bins: 56,20,4,4,0,0,4,4,0,0,0,4,0,0,0,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 11 TCP 192.168.1.184:56643 <-> 178.62.29.183:30303 [proto: 354/ETHEREUM][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 4][cat: Crypto_Currency/106][31 pkts/2879 bytes <-> 23 pkts/2042 bytes][Goodput ratio: 29/27][0.18 sec][bytes ratio: 0.170 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 5/8 48/47 14/17][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 93/89 535/384 84/68][Plen Bins: 63,22,0,7,0,0,0,0,0,3,0,0,0,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 12 TCP 192.168.1.184:56673 <-> 78.47.147.155:30303 [proto: 354/ETHEREUM][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 4][cat: Crypto_Currency/106][28 pkts/2855 bytes <-> 9 pkts/1461 bytes][Goodput ratio: 34/59][0.41 sec][bytes ratio: 0.323 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 15/65 285/246 57/92][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 102/162 633/413 105/126][Plen Bins: 56,20,4,4,0,0,4,4,0,0,4,0,0,0,0,0,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 13 TCP 192.168.1.184:56634 <-> 159.203.84.31:30303 [proto: 354/ETHEREUM][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 4][cat: Crypto_Currency/106][21 pkts/2209 bytes <-> 23 pkts/2019 bytes][Goodput ratio: 37/29][0.33 sec][bytes ratio: 0.045 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 12/18 109/109 34/41][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 105/88 637/579 122/105][Plen Bins: 66,17,0,5,0,0,0,0,0,0,0,0,0,0,0,0,5,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 14 TCP 192.168.1.184:56610 <-> 165.22.107.33:30303 [proto: 354/ETHEREUM][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 4][cat: Crypto_Currency/106][21 pkts/2212 bytes <-> 24 pkts/1962 bytes][Goodput ratio: 37/23][0.92 sec][bytes ratio: 0.060 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 35/58 339/287 99/115][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 105/82 640/462 123/80][Plen Bins: 66,17,0,5,0,0,0,0,0,0,0,0,5,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 15 TCP 192.168.1.184:56621 <-> 52.187.207.27:30303 [proto: 354/ETHEREUM][IP: 276/Azure][ClearText][Confidence: DPI][DPI packets: 4][cat: Crypto_Currency/106][21 pkts/2163 bytes <-> 21 pkts/1843 bytes][Goodput ratio: 35/28][0.99 sec][bytes ratio: 0.080 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 37/53 354/316 105/118][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 103/88 591/517 112/96][Plen Bins: 66,17,0,5,0,0,0,0,0,0,0,0,0,0,5,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 16 TCP 192.168.1.184:56620 <-> 191.234.162.198:30303 [proto: 354/ETHEREUM][IP: 276/Azure][ClearText][Confidence: DPI][DPI packets: 4][cat: Crypto_Currency/106][21 pkts/2150 bytes <-> 21 pkts/1845 bytes][Goodput ratio: 35/28][0.70 sec][bytes ratio: 0.076 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 27/37 263/221 76/82][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 102/88 578/525 110/98][Plen Bins: 66,17,0,5,0,0,0,0,0,0,0,0,0,0,5,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 17 TCP 192.168.1.184:56611 <-> 104.42.217.25:30303 [proto: 354/ETHEREUM][IP: 276/Azure][ClearText][Confidence: DPI][DPI packets: 4][cat: Crypto_Currency/106][21 pkts/2128 bytes <-> 21 pkts/1859 bytes][Goodput ratio: 34/29][0.57 sec][bytes ratio: 0.067 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 22/34 201/202 62/75][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 101/89 556/533 105/100][Plen Bins: 66,17,0,5,0,0,0,0,0,0,0,0,0,0,5,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 18 TCP 192.168.1.184:56623 <-> 18.138.81.28:30303 [proto: 354/ETHEREUM][IP: 265/AmazonAWS][ClearText][Confidence: DPI][DPI packets: 4][cat: Crypto_Currency/106][21 pkts/2109 bytes <-> 22 pkts/1874 bytes][Goodput ratio: 34/26][0.83 sec][bytes ratio: 0.059 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 32/44 308/260 89/97][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 100/85 537/488 101/88][Plen Bins: 66,17,0,5,0,0,0,0,0,0,0,0,0,5,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 19 TCP 192.168.1.184:56615 <-> 35.158.244.151:30303 [proto: 354/ETHEREUM][IP: 265/AmazonAWS][ClearText][Confidence: DPI][DPI packets: 4][cat: Crypto_Currency/106][21 pkts/2133 bytes <-> 21 pkts/1834 bytes][Goodput ratio: 34/28][0.14 sec][bytes ratio: 0.075 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 6/10 62/63 17/23][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 102/87 561/514 106/96][Plen Bins: 66,17,0,5,0,0,0,0,0,0,0,0,0,0,5,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 20 TCP 192.168.1.184:56618 <-> 52.231.165.108:30303 [proto: 354/ETHEREUM][IP: 276/Azure][ClearText][Confidence: DPI][DPI packets: 4][cat: Crypto_Currency/106][21 pkts/2088 bytes <-> 21 pkts/1845 bytes][Goodput ratio: 33/28][0.70 sec][bytes ratio: 0.062 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 27/37 261/222 76/83][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 99/88 516/519 97/97][PLAIN TEXT (XMOZOS)][Plen Bins: 65,17,0,5,0,0,0,0,0,0,0,0,0,0,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 21 TCP 192.168.1.184:56628 <-> 3.209.45.79:30303 [proto: 354/ETHEREUM][IP: 354/ETHEREUM][ClearText][Confidence: DPI][DPI packets: 4][cat: Crypto_Currency/106][21 pkts/2033 bytes <-> 21 pkts/1862 bytes][Goodput ratio: 31/29][0.41 sec][bytes ratio: 0.044 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 17/27 163/164 47/61][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 97/89 461/536 86/100][Plen Bins: 66,17,0,5,0,0,0,0,0,0,0,0,5,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 22 TCP 192.168.1.184:56632 <-> 51.38.81.180:30303 [proto: 354/ETHEREUM][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 4][cat: Crypto_Currency/106][21 pkts/2117 bytes <-> 20 pkts/1765 bytes][Goodput ratio: 34/28][0.22 sec][bytes ratio: 0.091 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 8/13 78/78 23/29][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 101/88 545/505 103/96][Plen Bins: 66,17,0,5,0,0,0,0,0,0,0,0,0,5,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 23 TCP 192.168.1.184:56627 <-> 34.255.23.113:30303 [proto: 354/ETHEREUM][IP: 265/AmazonAWS][ClearText][Confidence: DPI][DPI packets: 4][cat: Crypto_Currency/106][21 pkts/2150 bytes <-> 20 pkts/1728 bytes][Goodput ratio: 35/27][0.20 sec][bytes ratio: 0.109 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 4/11 70/62 16/23][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 102/86 578/468 110/88][Plen Bins: 66,17,0,5,0,0,0,0,0,0,0,0,5,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 24 TCP 192.168.1.184:56622 <-> 18.138.108.67:30303 [proto: 354/ETHEREUM][IP: 354/ETHEREUM][ClearText][Confidence: DPI][DPI packets: 4][cat: Crypto_Currency/106][21 pkts/2169 bytes <-> 21 pkts/1704 bytes][Goodput ratio: 36/22][0.81 sec][bytes ratio: 0.120 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 31/42 300/253 87/94][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 103/81 597/384 114/68][Plen Bins: 66,17,0,5,0,0,0,0,0,5,0,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 25 TCP 192.168.1.184:56639 <-> 18.219.167.159:30303 [proto: 354/ETHEREUM][IP: 265/AmazonAWS][ClearText][Confidence: DPI][DPI packets: 4][cat: Crypto_Currency/106][20 pkts/2093 bytes <-> 19 pkts/1750 bytes][Goodput ratio: 36/32][0.38 sec][bytes ratio: 0.089 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 15/25 130/122 41/49][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 105/92 587/556 114/110][Plen Bins: 63,18,0,6,0,0,0,0,0,0,0,0,0,0,0,6,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 26 UDP 192.168.1.184:30303 <-> 52.231.165.108:30303 [proto: 354/ETHEREUM][IP: 276/Azure][ClearText][Confidence: DPI][DPI packets: 1][cat: Crypto_Currency/106][2 pkts/426 bytes <-> 4 pkts/3132 bytes][Goodput ratio: 80/95][0.27 sec][bytes ratio: -0.761 (Download)][IAT c2s/s2c min/avg/max/stddev: 40/0 40/6 40/19 0/9][Pkt Len c2s/s2c min/avg/max/stddev: 213/467 213/783 213/1099 0/316][Plen Bins: 0,0,0,0,0,33,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 27 TCP 192.168.1.184:56635 <-> 162.228.29.160:30303 [proto: 354/ETHEREUM][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 4][cat: Crypto_Currency/106][21 pkts/2051 bytes <-> 16 pkts/1497 bytes][Goodput ratio: 32/31][0.47 sec][bytes ratio: 0.156 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 18/32 159/152 50/60][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 98/94 479/471 89/98][Plen Bins: 65,17,0,5,0,0,0,0,0,0,0,0,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 28 TCP 192.168.1.184:56629 <-> 51.38.60.79:30303 [proto: 354/ETHEREUM][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 4][cat: Crypto_Currency/106][19 pkts/1927 bytes <-> 19 pkts/1600 bytes][Goodput ratio: 34/25][0.16 sec][bytes ratio: 0.093 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 2/9 36/43 9/17][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 101/84 487/406 95/77][Plen Bins: 63,18,0,6,0,0,0,0,0,0,6,0,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 29 TCP 192.168.1.184:56652 <-> 176.9.136.209:30303 [proto: 354/ETHEREUM][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 4][cat: Crypto_Currency/106][18 pkts/1971 bytes <-> 17 pkts/1556 bytes][Goodput ratio: 39/32][0.10 sec][bytes ratio: 0.118 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 4/9 34/33 11/14][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 110/92 597/494 122/101][Plen Bins: 61,20,0,6,0,0,0,0,0,0,0,0,0,6,0,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 30 TCP 192.168.1.184:56654 <-> 85.214.108.52:30303 [proto: 354/ETHEREUM][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 4][cat: Crypto_Currency/106][17 pkts/1930 bytes <-> 14 pkts/1529 bytes][Goodput ratio: 41/42][0.14 sec][bytes ratio: 0.116 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 7/12 35/36 14/17][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 114/109 574/401 119/103][Plen Bins: 42,21,7,7,0,0,0,7,0,0,7,0,0,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 31 TCP 192.168.1.184:56657 <-> 138.75.171.190:30303 [proto: 354/ETHEREUM][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 4][cat: Crypto_Currency/106][17 pkts/1913 bytes <-> 16 pkts/1521 bytes][Goodput ratio: 41/34][0.79 sec][bytes ratio: 0.114 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 37/88 263/261 91/122][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 113/95 605/525 126/112][Plen Bins: 50,28,0,7,0,0,0,0,0,0,0,0,0,0,7,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 32 TCP 192.168.1.184:56630 <-> 40.67.144.128:30303 [proto: 354/ETHEREUM][IP: 276/Azure][ClearText][Confidence: DPI][DPI packets: 4][cat: Crypto_Currency/106][18 pkts/1871 bytes <-> 17 pkts/1551 bytes][Goodput ratio: 36/31][0.38 sec][bytes ratio: 0.094 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 18/28 158/112 46/48][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 104/91 497/489 99/100][PLAIN TEXT (t ZZUM)][Plen Bins: 60,20,0,6,0,0,0,0,0,0,0,0,0,13,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 33 TCP 192.168.1.184:56624 <-> 89.38.99.34:30303 [proto: 354/ETHEREUM][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 4][cat: Crypto_Currency/106][17 pkts/1895 bytes <-> 13 pkts/1495 bytes][Goodput ratio: 40/45][0.22 sec][bytes ratio: 0.118 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 11/22 65/66 22/31][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 111/115 539/433 111/113][Plen Bins: 42,21,7,7,0,0,0,7,0,0,0,7,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 34 TCP 192.168.1.184:56651 <-> 138.201.12.87:30303 [proto: 354/ETHEREUM][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 4][cat: Crypto_Currency/106][18 pkts/1857 bytes <-> 18 pkts/1521 bytes][Goodput ratio: 35/26][0.10 sec][bytes ratio: 0.099 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 5/9 36/33 12/14][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 103/84 483/393 96/76][Plen Bins: 61,20,0,6,0,0,0,0,0,0,6,0,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 35 TCP 192.168.1.184:56672 <-> 139.162.255.210:30303 [proto: 354/ETHEREUM][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 4][cat: Crypto_Currency/106][18 pkts/1826 bytes <-> 18 pkts/1550 bytes][Goodput ratio: 34/27][0.13 sec][bytes ratio: 0.082 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 6/11 42/42 14/18][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 101/86 452/422 90/82][Plen Bins: 61,20,0,6,0,0,0,0,0,0,0,6,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 36 TCP 192.168.1.184:56675 <-> 35.235.37.216:30303 [proto: 354/ETHEREUM][IP: 284/GoogleCloud][ClearText][Confidence: DPI][DPI packets: 4][cat: Crypto_Currency/106][17 pkts/1892 bytes <-> 13 pkts/1450 bytes][Goodput ratio: 41/43][0.10 sec][bytes ratio: 0.132 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/1 5/13 25/25 10/12][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 111/112 596/420 125/106][Plen Bins: 50,14,7,7,0,0,7,0,0,0,0,7,0,0,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 37 TCP 192.168.1.184:56641 <-> 144.91.120.135:30303 [proto: 354/ETHEREUM][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 4][cat: Crypto_Currency/106][17 pkts/1914 bytes <-> 14 pkts/1422 bytes][Goodput ratio: 41/37][0.12 sec][bytes ratio: 0.147 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 6/10 30/29 11/13][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 113/102 606/390 127/97][Plen Bins: 55,15,0,7,0,0,7,0,0,0,7,0,0,0,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 38 TCP 192.168.1.184:56681 <-> 207.180.206.216:30303 [proto: 354/ETHEREUM][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 4][cat: Crypto_Currency/106][17 pkts/1864 bytes <-> 13 pkts/1420 bytes][Goodput ratio: 40/42][0.16 sec][bytes ratio: 0.135 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 8/10 40/40 16/17][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 110/109 568/384 118/98][Plen Bins: 50,14,7,7,0,0,7,0,0,7,0,0,0,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 39 TCP 192.168.1.184:56617 <-> 34.97.172.22:30303 [proto: 354/ETHEREUM][IP: 284/GoogleCloud][ClearText][Confidence: DPI][DPI packets: 4][cat: Crypto_Currency/106][17 pkts/1834 bytes <-> 12 pkts/1437 bytes][Goodput ratio: 39/46][1.13 sec][bytes ratio: 0.121 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 62/68 318/271 118/117][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 108/120 538/461 111/119][Plen Bins: 50,14,7,7,0,0,7,0,0,0,0,0,7,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 40 TCP 192.168.1.184:56613 <-> 162.243.160.83:30303 [proto: 354/ETHEREUM][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 4][cat: Crypto_Currency/106][17 pkts/1832 bytes <-> 14 pkts/1433 bytes][Goodput ratio: 38/38][0.51 sec][bytes ratio: 0.122 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 28/52 154/153 55/71][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 108/102 524/401 108/99][PLAIN TEXT (fOZarJ)][Plen Bins: 55,15,0,7,0,0,7,0,0,0,7,0,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 41 TCP 192.168.1.184:56633 <-> 82.145.220.249:30303 [proto: 354/ETHEREUM][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 4][cat: Crypto_Currency/106][17 pkts/1816 bytes <-> 15 pkts/1418 bytes][Goodput ratio: 38/34][0.20 sec][bytes ratio: 0.123 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 11/38 76/77 26/38][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 107/95 508/488 104/106][Plen Bins: 50,28,0,7,0,0,0,0,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 42 TCP 192.168.1.184:56679 <-> 35.228.158.52:30303 [proto: 354/ETHEREUM][IP: 284/GoogleCloud][ClearText][Confidence: DPI][DPI packets: 4][cat: Crypto_Currency/106][17 pkts/1748 bytes <-> 13 pkts/1472 bytes][Goodput ratio: 36/44][0.23 sec][bytes ratio: 0.086 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 12/20 59/60 23/28][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 103/113 452/436 92/109][Plen Bins: 50,14,7,7,0,0,7,0,0,0,0,7,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 43 TCP 192.168.1.184:56670 <-> 167.86.122.50:30303 [proto: 354/ETHEREUM][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 4][cat: Crypto_Currency/106][17 pkts/1751 bytes <-> 13 pkts/1439 bytes][Goodput ratio: 36/42][0.16 sec][bytes ratio: 0.098 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 9/13 43/38 16/18][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 103/111 455/403 93/102][Plen Bins: 50,14,7,7,0,0,7,0,0,0,7,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 44 TCP 192.168.1.184:56642 <-> 178.62.10.218:30303 [proto: 354/ETHEREUM][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 4][cat: Crypto_Currency/106][17 pkts/1777 bytes <-> 12 pkts/1369 bytes][Goodput ratio: 37/44][0.17 sec][bytes ratio: 0.130 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/2 9/22 43/42 17/20][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 105/114 481/399 99/104][Plen Bins: 50,14,7,7,0,0,7,0,0,0,7,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 45 TCP 192.168.1.184:56684 <-> 51.83.237.44:30303 [proto: 354/ETHEREUM][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 4][cat: Crypto_Currency/106][17 pkts/1923 bytes <-> 7 pkts/1108 bytes][Goodput ratio: 42/58][0.13 sec][bytes ratio: 0.269 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 9/14 43/42 17/20][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 113/158 627/432 132/132][Plen Bins: 50,14,7,7,0,0,7,0,0,0,0,7,0,0,0,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 46 TCP 192.168.1.184:56655 <-> 202.112.28.106:30303 [proto: 354/ETHEREUM][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 4][cat: Crypto_Currency/106][18 pkts/1982 bytes <-> 6 pkts/948 bytes][Goodput ratio: 39/57][0.88 sec][bytes ratio: 0.353 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 58/110 436/438 148/190][Pkt Len c2s/s2c min/avg/max/stddev: 66/67 110/158 560/434 113/130][Plen Bins: 50,25,0,12,0,0,0,0,0,0,0,6,0,0,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 47 TCP 192.168.1.184:56662 <-> 35.229.232.19:30303 [proto: 354/ETHEREUM][IP: 284/GoogleCloud][ClearText][Confidence: DPI][DPI packets: 4][cat: Crypto_Currency/106][21 pkts/1833 bytes <-> 9 pkts/1016 bytes][Goodput ratio: 37/49][0.59 sec][bytes ratio: 0.287 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 33/48 298/288 92/107][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 87/113 489/487 94/133][Plen Bins: 65,17,0,5,0,0,0,0,0,0,0,0,0,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 48 TCP 192.168.1.184:56663 <-> 124.217.235.180:30303 [proto: 354/ETHEREUM][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 4][cat: Crypto_Currency/106][17 pkts/1919 bytes <-> 5 pkts/730 bytes][Goodput ratio: 41/54][0.77 sec][bytes ratio: 0.449 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 55/127 388/377 134/177][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 113/146 611/394 128/125][Plen Bins: 50,28,0,7,0,0,0,0,0,0,7,0,0,0,0,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 49 UDP 192.168.1.184:30303 <-> 18.219.167.159:30303 [proto: 354/ETHEREUM][IP: 265/AmazonAWS][ClearText][Confidence: DPI][DPI packets: 1][cat: Crypto_Currency/106][3 pkts/575 bytes <-> 4 pkts/1928 bytes][Goodput ratio: 78/91][0.75 sec][bytes ratio: -0.541 (Download)][IAT c2s/s2c min/avg/max/stddev: 127/0 314/209 501/626 187/295][Pkt Len c2s/s2c min/avg/max/stddev: 170/170 192/482 213/1099 18/375][Plen Bins: 0,0,0,0,57,14,0,0,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 50 TCP 192.168.1.184:56647 <-> 182.162.161.61:30303 [proto: 354/ETHEREUM][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 4][cat: Crypto_Currency/106][11 pkts/1520 bytes <-> 5 pkts/842 bytes][Goodput ratio: 46/60][0.75 sec][bytes ratio: 0.287 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 83/124 372/371 154/175][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 138/168 588/554 147/193][Plen Bins: 51,12,0,12,0,0,0,0,0,0,0,0,0,0,0,12,12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 51 TCP 192.168.1.184:56685 <-> 88.99.93.219:30303 [proto: 354/ETHEREUM][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 4][cat: Crypto_Currency/106][9 pkts/1362 bytes <-> 3 pkts/603 bytes][Goodput ratio: 55/66][0.08 sec][bytes ratio: 0.386 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/3 11/20 41/38 18/18][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 151/201 646/463 179/185][Plen Bins: 42,14,0,14,0,0,0,0,0,0,0,0,14,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 52 UDP 192.168.1.184:30303 <-> 18.138.108.67:30303 [proto: 354/ETHEREUM][IP: 354/ETHEREUM][ClearText][Confidence: DPI][DPI packets: 1][cat: Crypto_Currency/106][1 pkts/213 bytes <-> 2 pkts/1566 bytes][Goodput ratio: 80/95][0.27 sec][Plen Bins: 0,0,0,0,0,33,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 53 UDP 192.168.1.184:30303 <-> 35.180.246.169:30301 [proto: 354/ETHEREUM][IP: 265/AmazonAWS][ClearText][Confidence: DPI][DPI packets: 1][cat: Crypto_Currency/106][1 pkts/213 bytes <-> 2 pkts/1566 bytes][Goodput ratio: 80/95][0.03 sec][Plen Bins: 0,0,0,0,0,33,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 54 UDP 192.168.1.184:30303 <-> 3.209.45.79:30303 [proto: 354/ETHEREUM][IP: 354/ETHEREUM][ClearText][Confidence: DPI][DPI packets: 1][cat: Crypto_Currency/106][1 pkts/213 bytes <-> 2 pkts/1564 bytes][Goodput ratio: 80/95][0.14 sec][Plen Bins: 0,0,0,0,0,33,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 55 UDP 192.168.1.184:30303 <-> 34.97.172.22:30303 [proto: 354/ETHEREUM][IP: 284/GoogleCloud][ClearText][Confidence: DPI][DPI packets: 1][cat: Crypto_Currency/106][1 pkts/213 bytes <-> 2 pkts/1564 bytes][Goodput ratio: 80/95][0.27 sec][PLAIN TEXT (PbEvGi)][Plen Bins: 0,0,0,0,0,33,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0] + 56 UDP 192.168.1.184:30303 <-> 54.36.160.211:30303 [proto: 354/ETHEREUM][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 1][cat: Crypto_Currency/106][1 pkts/213 bytes <-> 2 pkts/1564 bytes][Goodput ratio: 80/95][0.08 sec][PLAIN TEXT (PbEvGi)][Plen Bins: 0,0,0,0,0,33,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0] + 57 UDP 192.168.1.184:30303 <-> 128.0.51.140:30303 [proto: 354/ETHEREUM][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 1][cat: Crypto_Currency/106][1 pkts/213 bytes <-> 2 pkts/1564 bytes][Goodput ratio: 80/95][0.08 sec][Plen Bins: 0,0,0,0,0,33,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 58 TCP 192.168.1.184:56612 <-> 66.42.82.246:30303 [proto: 354/ETHEREUM][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 4][cat: Crypto_Currency/106][3 pkts/639 bytes <-> 2 pkts/140 bytes][Goodput ratio: 67/0][0.32 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 59 TCP 192.168.1.184:56680 <-> 138.59.17.58:30303 [proto: 354/ETHEREUM][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 4][cat: Crypto_Currency/106][3 pkts/657 bytes <-> 1 pkts/74 bytes][Goodput ratio: 68/0][0.20 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 60 UDP 183.129.242.164:1024 <-> 192.168.1.184:30303 [proto: 354/ETHEREUM][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 1][cat: Crypto_Currency/106][2 pkts/360 bytes <-> 2 pkts/362 bytes][Goodput ratio: 76/77][0.38 sec][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 61 TCP 192.168.1.184:56686 <-> 206.189.107.35:30303 [proto: 354/ETHEREUM][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 4][cat: Crypto_Currency/106][3 pkts/617 bytes <-> 1 pkts/74 bytes][Goodput ratio: 66/0][0.05 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 62 TCP 192.168.1.184:56678 <-> 13.251.14.199:30303 [proto: 354/ETHEREUM][IP: 265/AmazonAWS][ClearText][Confidence: DPI][DPI packets: 4][cat: Crypto_Currency/106][3 pkts/614 bytes <-> 1 pkts/74 bytes][Goodput ratio: 66/0][0.25 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 63 UDP 192.168.1.184:30303 <-> 66.42.82.246:30303 [proto: 354/ETHEREUM][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 1][cat: Crypto_Currency/106][2 pkts/383 bytes <-> 1 pkts/191 bytes][Goodput ratio: 78/78][0.64 sec][Plen Bins: 0,0,0,0,66,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 64 UDP 87.14.222.25:56693 -> 192.168.1.184:30303 [proto: 354/ETHEREUM][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 1][cat: Crypto_Currency/106][2 pkts/383 bytes -> 0 pkts/0 bytes][Goodput ratio: 78/0][1.06 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 65 UDP 192.168.1.184:30303 -> 111.229.0.180:20182 [proto: 354/ETHEREUM][IP: 285/Tencent][ClearText][Confidence: DPI][DPI packets: 1][cat: Crypto_Currency/106][2 pkts/383 bytes -> 0 pkts/0 bytes][Goodput ratio: 78/0][1.00 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 66 UDP 192.168.1.184:30303 -> 209.97.143.1:50000 [proto: 354/ETHEREUM][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 1][cat: Crypto_Currency/106][2 pkts/383 bytes -> 0 pkts/0 bytes][Goodput ratio: 78/0][1.00 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 67 UDP 192.168.1.184:30303 <-> 202.112.28.106:30303 [proto: 354/ETHEREUM][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 1][cat: Crypto_Currency/106][1 pkts/170 bytes <-> 1 pkts/191 bytes][Goodput ratio: 75/78][0.44 sec][PLAIN TEXT (0/XoR/Q)][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 68 UDP 192.168.1.184:30303 <-> 167.86.122.50:30303 [proto: 354/ETHEREUM][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 1][cat: Crypto_Currency/106][1 pkts/170 bytes <-> 1 pkts/189 bytes][Goodput ratio: 75/77][0.03 sec][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 69 UDP 3.112.138.57:25516 -> 192.168.1.184:30303 [proto: 354/ETHEREUM][IP: 265/AmazonAWS][ClearText][Confidence: DPI][DPI packets: 1][cat: Crypto_Currency/106][1 pkts/181 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 70 UDP 60.191.32.71:30303 -> 192.168.1.184:30303 [proto: 354/ETHEREUM][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 1][cat: Crypto_Currency/106][1 pkts/171 bytes -> 0 pkts/0 bytes][Goodput ratio: 75/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 71 UDP 192.168.1.184:30303 -> 106.12.39.168:30333 [proto: 354/ETHEREUM][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 1][cat: Crypto_Currency/106][1 pkts/170 bytes -> 0 pkts/0 bytes][Goodput ratio: 75/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 72 TCP 192.168.1.184:56625 -> 5.1.83.226:30303 [proto: 354/ETHEREUM][IP: 0/Unknown][ClearText][Confidence: Match by port][DPI packets: 2][cat: Crypto_Currency/106][2 pkts/156 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][1.10 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 73 TCP 192.168.1.184:56637 -> 35.233.197.131:30303 [proto: 354/ETHEREUM][IP: 284/GoogleCloud][ClearText][Confidence: Match by port][DPI packets: 2][cat: Crypto_Currency/106][2 pkts/156 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][1.11 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 74 TCP 192.168.1.184:56644 -> 13.230.108.42:30303 [proto: 354/ETHEREUM][IP: 265/AmazonAWS][ClearText][Confidence: Match by port][DPI packets: 1][cat: Crypto_Currency/106][1 pkts/78 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] diff --git a/tests/cfgs/default/result/fastcgi.pcap.out b/tests/cfgs/default/result/fastcgi.pcap.out index b01fa0db2565..0fe96a921b35 100644 --- a/tests/cfgs/default/result/fastcgi.pcap.out +++ b/tests/cfgs/default/result/fastcgi.pcap.out @@ -2,7 +2,7 @@ Guessed flow protos: 0 DPI Packets (TCP): 6 (6.00 pkts/flow) Confidence DPI : 1 (flows) -Num dissector calls: 151 (151.00 diss/flow) +Num dissector calls: 152 (152.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/ftp-start-tls.pcap.out b/tests/cfgs/default/result/ftp-start-tls.pcap.out index 111bac033b5b..8e96ba1effb8 100644 --- a/tests/cfgs/default/result/ftp-start-tls.pcap.out +++ b/tests/cfgs/default/result/ftp-start-tls.pcap.out @@ -2,7 +2,7 @@ Guessed flow protos: 0 DPI Packets (TCP): 17 (17.00 pkts/flow) Confidence DPI : 1 (flows) -Num dissector calls: 150 (150.00 diss/flow) +Num dissector calls: 151 (151.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/ftp.pcap.out b/tests/cfgs/default/result/ftp.pcap.out index 34b531413237..e5da95df4846 100644 --- a/tests/cfgs/default/result/ftp.pcap.out +++ b/tests/cfgs/default/result/ftp.pcap.out @@ -3,7 +3,7 @@ Guessed flow protos: 1 DPI Packets (TCP): 39 (13.00 pkts/flow) Confidence Unknown : 1 (flows) Confidence DPI : 2 (flows) -Num dissector calls: 516 (172.00 diss/flow) +Num dissector calls: 518 (172.67 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/3/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/ftp_failed.pcap.out b/tests/cfgs/default/result/ftp_failed.pcap.out index 0b3bcf9f4a7f..30601b065938 100644 --- a/tests/cfgs/default/result/ftp_failed.pcap.out +++ b/tests/cfgs/default/result/ftp_failed.pcap.out @@ -2,7 +2,7 @@ Guessed flow protos: 0 DPI Packets (TCP): 8 (8.00 pkts/flow) Confidence DPI : 1 (flows) -Num dissector calls: 150 (150.00 diss/flow) +Num dissector calls: 151 (151.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/fuzz-2006-06-26-2594.pcap.out b/tests/cfgs/default/result/fuzz-2006-06-26-2594.pcap.out index 49efcee247d5..c4a778e5ea59 100644 --- a/tests/cfgs/default/result/fuzz-2006-06-26-2594.pcap.out +++ b/tests/cfgs/default/result/fuzz-2006-06-26-2594.pcap.out @@ -6,7 +6,7 @@ DPI Packets (other): 5 (1.00 pkts/flow) Confidence Unknown : 34 (flows) Confidence Match by port : 28 (flows) Confidence DPI : 189 (flows) -Num dissector calls: 6300 (25.10 diss/flow) +Num dissector calls: 6313 (25.15 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/192/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/fuzz-2006-09-29-28586.pcap.out b/tests/cfgs/default/result/fuzz-2006-09-29-28586.pcap.out index 286ad9c7d6c8..d616a84ad928 100644 --- a/tests/cfgs/default/result/fuzz-2006-09-29-28586.pcap.out +++ b/tests/cfgs/default/result/fuzz-2006-09-29-28586.pcap.out @@ -5,7 +5,7 @@ DPI Packets (other): 1 (1.00 pkts/flow) Confidence Unknown : 3 (flows) Confidence Match by port : 26 (flows) Confidence DPI : 11 (flows) -Num dissector calls: 970 (24.25 diss/flow) +Num dissector calls: 976 (24.40 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/87/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/fuzz-2021-10-13.pcap.out b/tests/cfgs/default/result/fuzz-2021-10-13.pcap.out index 57d09dcc8b61..b96809e93ba6 100644 --- a/tests/cfgs/default/result/fuzz-2021-10-13.pcap.out +++ b/tests/cfgs/default/result/fuzz-2021-10-13.pcap.out @@ -2,7 +2,7 @@ Guessed flow protos: 1 DPI Packets (TCP): 1 (1.00 pkts/flow) Confidence Unknown : 1 (flows) -Num dissector calls: 121 (121.00 diss/flow) +Num dissector calls: 122 (122.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/3/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/genshin-impact.pcap.out b/tests/cfgs/default/result/genshin-impact.pcap.out index 35ed58a605a1..2adc227f2000 100644 --- a/tests/cfgs/default/result/genshin-impact.pcap.out +++ b/tests/cfgs/default/result/genshin-impact.pcap.out @@ -3,7 +3,7 @@ Guessed flow protos: 0 DPI Packets (TCP): 12 (4.00 pkts/flow) DPI Packets (UDP): 3 (1.00 pkts/flow) Confidence DPI : 6 (flows) -Num dissector calls: 466 (77.67 diss/flow) +Num dissector calls: 464 (77.33 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/gnutella.pcap.out b/tests/cfgs/default/result/gnutella.pcap.out index 112bbb156841..46a1e6b9479b 100644 --- a/tests/cfgs/default/result/gnutella.pcap.out +++ b/tests/cfgs/default/result/gnutella.pcap.out @@ -6,7 +6,7 @@ DPI Packets (other): 10 (1.00 pkts/flow) Confidence Unknown : 389 (flows) Confidence Match by port : 1 (flows) Confidence DPI : 370 (flows) -Num dissector calls: 43806 (57.64 diss/flow) +Num dissector calls: 43797 (57.63 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/1170/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/google_ssl.pcap.out b/tests/cfgs/default/result/google_ssl.pcap.out index 9571fbf183ec..b50f34810b2f 100644 --- a/tests/cfgs/default/result/google_ssl.pcap.out +++ b/tests/cfgs/default/result/google_ssl.pcap.out @@ -2,7 +2,7 @@ Guessed flow protos: 1 DPI Packets (TCP): 24 (24.00 pkts/flow) Confidence Match by port : 1 (flows) -Num dissector calls: 187 (187.00 diss/flow) +Num dissector calls: 188 (188.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/3/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/gtp_prime.pcapng.out b/tests/cfgs/default/result/gtp_prime.pcapng.out index 4a071fc1322b..5183979c4ae7 100644 --- a/tests/cfgs/default/result/gtp_prime.pcapng.out +++ b/tests/cfgs/default/result/gtp_prime.pcapng.out @@ -2,7 +2,7 @@ Guessed flow protos: 0 DPI Packets (UDP): 1 (1.00 pkts/flow) Confidence DPI : 1 (flows) -Num dissector calls: 47 (47.00 diss/flow) +Num dissector calls: 46 (46.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/h323.pcap.out b/tests/cfgs/default/result/h323.pcap.out index b71855b7f7dd..f76157cb8bba 100644 --- a/tests/cfgs/default/result/h323.pcap.out +++ b/tests/cfgs/default/result/h323.pcap.out @@ -3,7 +3,7 @@ Guessed flow protos: 0 DPI Packets (TCP): 2 (2.00 pkts/flow) DPI Packets (UDP): 2 (2.00 pkts/flow) Confidence DPI : 2 (flows) -Num dissector calls: 239 (119.50 diss/flow) +Num dissector calls: 240 (120.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/hots.pcapng.out b/tests/cfgs/default/result/hots.pcapng.out index 6ee4441bec42..3456f0d72b23 100644 --- a/tests/cfgs/default/result/hots.pcapng.out +++ b/tests/cfgs/default/result/hots.pcapng.out @@ -2,7 +2,7 @@ Guessed flow protos: 0 DPI Packets (UDP): 3 (1.00 pkts/flow) Confidence DPI : 3 (flows) -Num dissector calls: 327 (109.00 diss/flow) +Num dissector calls: 324 (108.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/hsrp2_ipv6.pcapng.out b/tests/cfgs/default/result/hsrp2_ipv6.pcapng.out index d064988e10f4..453717419faa 100644 --- a/tests/cfgs/default/result/hsrp2_ipv6.pcapng.out +++ b/tests/cfgs/default/result/hsrp2_ipv6.pcapng.out @@ -2,7 +2,7 @@ Guessed flow protos: 0 DPI Packets (UDP): 2 (1.00 pkts/flow) Confidence DPI : 2 (flows) -Num dissector calls: 92 (46.00 diss/flow) +Num dissector calls: 90 (45.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/http_guessed_host_and_guessed.pcapng.out b/tests/cfgs/default/result/http_guessed_host_and_guessed.pcapng.out index 80f47b952561..1c0a5dfd83da 100644 --- a/tests/cfgs/default/result/http_guessed_host_and_guessed.pcapng.out +++ b/tests/cfgs/default/result/http_guessed_host_and_guessed.pcapng.out @@ -2,7 +2,7 @@ Guessed flow protos: 1 DPI Packets (TCP): 1 (1.00 pkts/flow) Confidence Match by port : 1 (flows) -Num dissector calls: 122 (122.00 diss/flow) +Num dissector calls: 123 (123.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/3/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/i3d.pcap.out b/tests/cfgs/default/result/i3d.pcap.out index 1988d5bb70ac..5e748214b879 100644 --- a/tests/cfgs/default/result/i3d.pcap.out +++ b/tests/cfgs/default/result/i3d.pcap.out @@ -2,7 +2,7 @@ Guessed flow protos: 0 DPI Packets (UDP): 4 (1.00 pkts/flow) Confidence DPI : 4 (flows) -Num dissector calls: 368 (92.00 diss/flow) +Num dissector calls: 364 (91.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/imap-starttls.pcap.out b/tests/cfgs/default/result/imap-starttls.pcap.out index e7128a9cf00d..dafc33ec6adb 100644 --- a/tests/cfgs/default/result/imap-starttls.pcap.out +++ b/tests/cfgs/default/result/imap-starttls.pcap.out @@ -2,7 +2,7 @@ Guessed flow protos: 0 DPI Packets (TCP): 19 (19.00 pkts/flow) Confidence DPI : 1 (flows) -Num dissector calls: 199 (199.00 diss/flow) +Num dissector calls: 200 (200.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/imap.pcap.out b/tests/cfgs/default/result/imap.pcap.out index 52894837946e..b035018d3f7e 100644 --- a/tests/cfgs/default/result/imap.pcap.out +++ b/tests/cfgs/default/result/imap.pcap.out @@ -2,7 +2,7 @@ Guessed flow protos: 0 DPI Packets (TCP): 11 (11.00 pkts/flow) Confidence DPI : 1 (flows) -Num dissector calls: 199 (199.00 diss/flow) +Num dissector calls: 200 (200.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/instagram.pcap.out b/tests/cfgs/default/result/instagram.pcap.out index 438deaa05c72..4b4a9ee031a1 100644 --- a/tests/cfgs/default/result/instagram.pcap.out +++ b/tests/cfgs/default/result/instagram.pcap.out @@ -6,7 +6,7 @@ DPI Packets (other): 1 (1.00 pkts/flow) Confidence Unknown : 1 (flows) Confidence Match by port : 7 (flows) Confidence DPI : 30 (flows) -Num dissector calls: 1347 (35.45 diss/flow) +Num dissector calls: 1351 (35.55 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/24/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/iphone.pcap.out b/tests/cfgs/default/result/iphone.pcap.out index 8485527eb505..3a3afc7aabfa 100644 --- a/tests/cfgs/default/result/iphone.pcap.out +++ b/tests/cfgs/default/result/iphone.pcap.out @@ -5,7 +5,7 @@ DPI Packets (UDP): 55 (1.77 pkts/flow) DPI Packets (other): 5 (1.00 pkts/flow) Confidence Match by port : 1 (flows) Confidence DPI : 50 (flows) -Num dissector calls: 355 (6.96 diss/flow) +Num dissector calls: 352 (6.90 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/3/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/irc.pcap.out b/tests/cfgs/default/result/irc.pcap.out index da4c5564705d..76c296a42bcd 100644 --- a/tests/cfgs/default/result/irc.pcap.out +++ b/tests/cfgs/default/result/irc.pcap.out @@ -2,7 +2,7 @@ Guessed flow protos: 0 DPI Packets (TCP): 7 (7.00 pkts/flow) Confidence DPI : 1 (flows) -Num dissector calls: 156 (156.00 diss/flow) +Num dissector calls: 157 (157.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/jabber.pcap.out b/tests/cfgs/default/result/jabber.pcap.out index 21f316725d65..cd4583a090fc 100644 --- a/tests/cfgs/default/result/jabber.pcap.out +++ b/tests/cfgs/default/result/jabber.pcap.out @@ -2,7 +2,7 @@ Guessed flow protos: 0 DPI Packets (TCP): 74 (6.17 pkts/flow) Confidence DPI : 12 (flows) -Num dissector calls: 1403 (116.92 diss/flow) +Num dissector calls: 1412 (117.67 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/kerberos.pcap.out b/tests/cfgs/default/result/kerberos.pcap.out index 8e5fcfb0e08b..48daf369e63a 100644 --- a/tests/cfgs/default/result/kerberos.pcap.out +++ b/tests/cfgs/default/result/kerberos.pcap.out @@ -4,7 +4,7 @@ DPI Packets (TCP): 77 (2.14 pkts/flow) Confidence Unknown : 2 (flows) Confidence Match by port : 23 (flows) Confidence DPI : 11 (flows) -Num dissector calls: 3870 (107.50 diss/flow) +Num dissector calls: 3895 (108.19 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/75/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/kontiki.pcap.out b/tests/cfgs/default/result/kontiki.pcap.out index 1ab70afbecd4..edfca580785e 100644 --- a/tests/cfgs/default/result/kontiki.pcap.out +++ b/tests/cfgs/default/result/kontiki.pcap.out @@ -4,7 +4,7 @@ DPI Packets (UDP): 6 (1.50 pkts/flow) DPI Packets (other): 4 (1.00 pkts/flow) Confidence Unknown : 2 (flows) Confidence DPI : 6 (flows) -Num dissector calls: 333 (41.62 diss/flow) +Num dissector calls: 331 (41.38 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/6/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/line.pcap.out b/tests/cfgs/default/result/line.pcap.out index 7e7732fceddc..6c8e95138791 100644 --- a/tests/cfgs/default/result/line.pcap.out +++ b/tests/cfgs/default/result/line.pcap.out @@ -3,7 +3,7 @@ Guessed flow protos: 0 DPI Packets (TCP): 13 (6.50 pkts/flow) DPI Packets (UDP): 3 (1.00 pkts/flow) Confidence DPI : 5 (flows) -Num dissector calls: 305 (61.00 diss/flow) +Num dissector calls: 302 (60.40 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/log4j-webapp-exploit.pcap.out b/tests/cfgs/default/result/log4j-webapp-exploit.pcap.out index 6631b560dc8f..7547ee55b9fd 100644 --- a/tests/cfgs/default/result/log4j-webapp-exploit.pcap.out +++ b/tests/cfgs/default/result/log4j-webapp-exploit.pcap.out @@ -3,7 +3,7 @@ Guessed flow protos: 2 DPI Packets (TCP): 56 (8.00 pkts/flow) Confidence Unknown : 2 (flows) Confidence DPI : 5 (flows) -Num dissector calls: 353 (50.43 diss/flow) +Num dissector calls: 354 (50.57 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/6/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/lru_ipv6_caches.pcapng.out b/tests/cfgs/default/result/lru_ipv6_caches.pcapng.out index 8ddae74613ba..9b267b688bb2 100644 --- a/tests/cfgs/default/result/lru_ipv6_caches.pcapng.out +++ b/tests/cfgs/default/result/lru_ipv6_caches.pcapng.out @@ -4,7 +4,7 @@ DPI Packets (TCP): 9 (3.00 pkts/flow) DPI Packets (UDP): 39 (4.33 pkts/flow) Confidence DPI (cache) : 6 (flows) Confidence DPI : 6 (flows) -Num dissector calls: 774 (64.50 diss/flow) +Num dissector calls: 771 (64.25 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 25/12/4 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/memcached.cap.out b/tests/cfgs/default/result/memcached.cap.out index 884b1968aaaa..b7c94194ab4c 100644 --- a/tests/cfgs/default/result/memcached.cap.out +++ b/tests/cfgs/default/result/memcached.cap.out @@ -2,7 +2,7 @@ Guessed flow protos: 0 DPI Packets (TCP): 6 (6.00 pkts/flow) Confidence DPI : 1 (flows) -Num dissector calls: 123 (123.00 diss/flow) +Num dissector calls: 124 (124.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/merakicloud.pcapng.out b/tests/cfgs/default/result/merakicloud.pcapng.out index c6576c5d6d19..e3bbb1c40af4 100644 --- a/tests/cfgs/default/result/merakicloud.pcapng.out +++ b/tests/cfgs/default/result/merakicloud.pcapng.out @@ -2,7 +2,7 @@ Guessed flow protos: 0 DPI Packets (UDP): 1 (1.00 pkts/flow) Confidence DPI : 1 (flows) -Num dissector calls: 104 (104.00 diss/flow) +Num dissector calls: 103 (103.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/monero.pcap.out b/tests/cfgs/default/result/monero.pcap.out index 2397b641847b..ed954ad2bb47 100644 --- a/tests/cfgs/default/result/monero.pcap.out +++ b/tests/cfgs/default/result/monero.pcap.out @@ -22,5 +22,5 @@ Patricia protocols: 4/0 (search/found) Mining 319 166676 2 - 1 TCP 192.168.2.148:46838 <-> 94.23.199.191:3333 [proto: 42/Mining][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 4][cat: Mining/99][159 pkts/143155 bytes <-> 113 pkts/13204 bytes][Goodput ratio: 93/43][1091.42 sec][currency: ZCash/Monero][bytes ratio: 0.831 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 7234/8131 71734/71815 15224/15291][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 900/117 1514/376 709/99][Risk: ** Known Proto on Non Std Port **** Unsafe Protocol **][Risk Score: 60][PLAIN TEXT (method)][Plen Bins: 28,2,0,1,0,0,0,0,0,8,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,29,29,0,0] - 2 TCP 192.168.2.148:53846 <-> 116.211.167.195:3333 [proto: 42/Mining][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 4][cat: Mining/99][24 pkts/4455 bytes <-> 23 pkts/5862 bytes][Goodput ratio: 70/78][1065.16 sec][currency: ZCash/Monero][bytes ratio: -0.136 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 46166/51528 195463/195463 61020/65306][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 186/255 1498/364 395/138][Risk: ** Known Proto on Non Std Port **** Unsafe Protocol **][Risk Score: 60][PLAIN TEXT (method)][Plen Bins: 4,13,4,8,0,0,0,0,0,61,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,4,4,0,0] + 1 TCP 192.168.2.148:46838 <-> 94.23.199.191:3333 [proto: 42/Mining][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 4][cat: Mining/99][159 pkts/143155 bytes <-> 113 pkts/13204 bytes][Goodput ratio: 93/43][1091.42 sec][currency: ZCash/Monero][bytes ratio: 0.831 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 7234/8131 71734/71815 15224/15291][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 900/117 1514/376 709/99][Risk: ** Unsafe Protocol **][Risk Score: 10][PLAIN TEXT (method)][Plen Bins: 28,2,0,1,0,0,0,0,0,8,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,29,29,0,0] + 2 TCP 192.168.2.148:53846 <-> 116.211.167.195:3333 [proto: 42/Mining][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 4][cat: Mining/99][24 pkts/4455 bytes <-> 23 pkts/5862 bytes][Goodput ratio: 70/78][1065.16 sec][currency: ZCash/Monero][bytes ratio: -0.136 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 46166/51528 195463/195463 61020/65306][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 186/255 1498/364 395/138][Risk: ** Unsafe Protocol **][Risk Score: 10][PLAIN TEXT (method)][Plen Bins: 4,13,4,8,0,0,0,0,0,61,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,4,4,0,0] diff --git a/tests/cfgs/default/result/mongo_false_positive.pcapng.out b/tests/cfgs/default/result/mongo_false_positive.pcapng.out index 48636d07f137..b6ba3f615014 100644 --- a/tests/cfgs/default/result/mongo_false_positive.pcapng.out +++ b/tests/cfgs/default/result/mongo_false_positive.pcapng.out @@ -2,7 +2,7 @@ Guessed flow protos: 1 DPI Packets (TCP): 14 (14.00 pkts/flow) Confidence Match by port : 1 (flows) -Num dissector calls: 263 (263.00 diss/flow) +Num dissector calls: 264 (264.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/3/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/mpegts.pcap.out b/tests/cfgs/default/result/mpegts.pcap.out index b82d315a6e17..57dcda83cb12 100644 --- a/tests/cfgs/default/result/mpegts.pcap.out +++ b/tests/cfgs/default/result/mpegts.pcap.out @@ -2,7 +2,7 @@ Guessed flow protos: 0 DPI Packets (UDP): 1 (1.00 pkts/flow) Confidence DPI : 1 (flows) -Num dissector calls: 64 (64.00 diss/flow) +Num dissector calls: 63 (63.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/mssql_tds.pcap.out b/tests/cfgs/default/result/mssql_tds.pcap.out index cf5e227a9ef2..6aa93fc60a4e 100644 --- a/tests/cfgs/default/result/mssql_tds.pcap.out +++ b/tests/cfgs/default/result/mssql_tds.pcap.out @@ -3,7 +3,7 @@ Guessed flow protos: 1 DPI Packets (TCP): 18 (1.50 pkts/flow) Confidence Match by port : 1 (flows) Confidence DPI : 11 (flows) -Num dissector calls: 268 (22.33 diss/flow) +Num dissector calls: 269 (22.42 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/3/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/nest_log_sink.pcap.out b/tests/cfgs/default/result/nest_log_sink.pcap.out index 85cacb2f250f..54c4d041442d 100644 --- a/tests/cfgs/default/result/nest_log_sink.pcap.out +++ b/tests/cfgs/default/result/nest_log_sink.pcap.out @@ -4,7 +4,7 @@ DPI Packets (TCP): 130 (10.00 pkts/flow) DPI Packets (UDP): 2 (2.00 pkts/flow) Confidence Match by port : 1 (flows) Confidence DPI : 13 (flows) -Num dissector calls: 1832 (130.86 diss/flow) +Num dissector calls: 1844 (131.71 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/3/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/netbios.pcap.out b/tests/cfgs/default/result/netbios.pcap.out index 9fabd58cea68..ca4f4bca0cf4 100644 --- a/tests/cfgs/default/result/netbios.pcap.out +++ b/tests/cfgs/default/result/netbios.pcap.out @@ -4,7 +4,7 @@ DPI Packets (TCP): 2 (2.00 pkts/flow) DPI Packets (UDP): 14 (1.00 pkts/flow) Confidence Match by port : 1 (flows) Confidence DPI : 14 (flows) -Num dissector calls: 136 (9.07 diss/flow) +Num dissector calls: 137 (9.13 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/3/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/netflix.pcap.out b/tests/cfgs/default/result/netflix.pcap.out index 7e88fee53498..4568efbc23e9 100644 --- a/tests/cfgs/default/result/netflix.pcap.out +++ b/tests/cfgs/default/result/netflix.pcap.out @@ -5,7 +5,7 @@ DPI Packets (UDP): 27 (2.08 pkts/flow) DPI Packets (other): 1 (1.00 pkts/flow) Confidence Match by port : 1 (flows) Confidence DPI : 60 (flows) -Num dissector calls: 401 (6.57 diss/flow) +Num dissector calls: 400 (6.56 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/3/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/netflowv9.pcap.out b/tests/cfgs/default/result/netflowv9.pcap.out index fe6fed7b8ee5..199ab258ef72 100644 --- a/tests/cfgs/default/result/netflowv9.pcap.out +++ b/tests/cfgs/default/result/netflowv9.pcap.out @@ -2,7 +2,7 @@ Guessed flow protos: 0 DPI Packets (UDP): 1 (1.00 pkts/flow) Confidence DPI : 1 (flows) -Num dissector calls: 50 (50.00 diss/flow) +Num dissector calls: 49 (49.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/nfsv2.pcap.out b/tests/cfgs/default/result/nfsv2.pcap.out index b740d5900a4a..8c414649e6fc 100644 --- a/tests/cfgs/default/result/nfsv2.pcap.out +++ b/tests/cfgs/default/result/nfsv2.pcap.out @@ -2,7 +2,7 @@ Guessed flow protos: 0 DPI Packets (UDP): 7 (1.00 pkts/flow) Confidence DPI : 7 (flows) -Num dissector calls: 147 (21.00 diss/flow) +Num dissector calls: 142 (20.29 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/nfsv3.pcap.out b/tests/cfgs/default/result/nfsv3.pcap.out index 3cb506989e02..59afe26e25dc 100644 --- a/tests/cfgs/default/result/nfsv3.pcap.out +++ b/tests/cfgs/default/result/nfsv3.pcap.out @@ -2,7 +2,7 @@ Guessed flow protos: 0 DPI Packets (UDP): 8 (1.00 pkts/flow) Confidence DPI : 8 (flows) -Num dissector calls: 176 (22.00 diss/flow) +Num dissector calls: 170 (21.25 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/nintendo.pcap.out b/tests/cfgs/default/result/nintendo.pcap.out index eaffbfc0688c..88739ba32686 100644 --- a/tests/cfgs/default/result/nintendo.pcap.out +++ b/tests/cfgs/default/result/nintendo.pcap.out @@ -6,7 +6,7 @@ DPI Packets (other): 2 (1.00 pkts/flow) Confidence Match by port : 1 (flows) Confidence DPI : 15 (flows) Confidence Match by IP : 5 (flows) -Num dissector calls: 1273 (60.62 diss/flow) +Num dissector calls: 1266 (60.29 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/18/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/nntp.pcap.out b/tests/cfgs/default/result/nntp.pcap.out index 6a684d4f0c53..406f86a09d7e 100644 --- a/tests/cfgs/default/result/nntp.pcap.out +++ b/tests/cfgs/default/result/nntp.pcap.out @@ -2,7 +2,7 @@ Guessed flow protos: 0 DPI Packets (TCP): 6 (6.00 pkts/flow) Confidence DPI : 1 (flows) -Num dissector calls: 129 (129.00 diss/flow) +Num dissector calls: 130 (130.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/ookla.pcap.out b/tests/cfgs/default/result/ookla.pcap.out index 60e20a721d1f..e29a0f54b20f 100644 --- a/tests/cfgs/default/result/ookla.pcap.out +++ b/tests/cfgs/default/result/ookla.pcap.out @@ -4,7 +4,7 @@ DPI Packets (TCP): 40 (6.67 pkts/flow) Confidence DPI (partial cache): 1 (flows) Confidence DPI : 4 (flows) Confidence DPI (aggressive) : 1 (flows) -Num dissector calls: 507 (84.50 diss/flow) +Num dissector calls: 510 (85.00 diss/flow) LRU cache ookla: 4/2/2 (insert/search/found) LRU cache bittorrent: 0/3/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/openvpn.pcap.out b/tests/cfgs/default/result/openvpn.pcap.out index fb8137fc1de2..270319ecc76c 100644 --- a/tests/cfgs/default/result/openvpn.pcap.out +++ b/tests/cfgs/default/result/openvpn.pcap.out @@ -3,7 +3,7 @@ Guessed flow protos: 0 DPI Packets (TCP): 6 (6.00 pkts/flow) DPI Packets (UDP): 5 (2.50 pkts/flow) Confidence DPI : 3 (flows) -Num dissector calls: 408 (136.00 diss/flow) +Num dissector calls: 409 (136.33 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/oracle12.pcapng.out b/tests/cfgs/default/result/oracle12.pcapng.out index ba324d5651b0..8097bad983ea 100644 --- a/tests/cfgs/default/result/oracle12.pcapng.out +++ b/tests/cfgs/default/result/oracle12.pcapng.out @@ -2,7 +2,7 @@ Guessed flow protos: 1 DPI Packets (TCP): 20 (20.00 pkts/flow) Confidence Match by port : 1 (flows) -Num dissector calls: 257 (257.00 diss/flow) +Num dissector calls: 258 (258.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/3/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/ossfuzz_seed_fake_traces_1.pcapng.out b/tests/cfgs/default/result/ossfuzz_seed_fake_traces_1.pcapng.out index 2a693ec87c24..46513248c698 100644 --- a/tests/cfgs/default/result/ossfuzz_seed_fake_traces_1.pcapng.out +++ b/tests/cfgs/default/result/ossfuzz_seed_fake_traces_1.pcapng.out @@ -3,7 +3,7 @@ Guessed flow protos: 0 DPI Packets (TCP): 8 (1.33 pkts/flow) DPI Packets (UDP): 13 (3.25 pkts/flow) Confidence DPI : 10 (flows) -Num dissector calls: 719 (71.90 diss/flow) +Num dissector calls: 721 (72.10 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/9/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/ossfuzz_seed_fake_traces_2.pcapng.out b/tests/cfgs/default/result/ossfuzz_seed_fake_traces_2.pcapng.out index 4b5dcebe28f2..bc40b8fafdb7 100644 --- a/tests/cfgs/default/result/ossfuzz_seed_fake_traces_2.pcapng.out +++ b/tests/cfgs/default/result/ossfuzz_seed_fake_traces_2.pcapng.out @@ -4,7 +4,7 @@ DPI Packets (TCP): 18 (6.00 pkts/flow) DPI Packets (UDP): 4 (2.00 pkts/flow) Confidence Match by port : 1 (flows) Confidence DPI : 4 (flows) -Num dissector calls: 631 (126.20 diss/flow) +Num dissector calls: 634 (126.80 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/3/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/pgsql.pcap.out b/tests/cfgs/default/result/pgsql.pcap.out index 917559f5172b..7a8c40e52302 100644 --- a/tests/cfgs/default/result/pgsql.pcap.out +++ b/tests/cfgs/default/result/pgsql.pcap.out @@ -2,7 +2,7 @@ Guessed flow protos: 0 DPI Packets (TCP): 36 (6.00 pkts/flow) Confidence DPI : 6 (flows) -Num dissector calls: 738 (123.00 diss/flow) +Num dissector calls: 744 (124.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/pop3.pcap.out b/tests/cfgs/default/result/pop3.pcap.out index d2d0642794bb..c09ce4b55a81 100644 --- a/tests/cfgs/default/result/pop3.pcap.out +++ b/tests/cfgs/default/result/pop3.pcap.out @@ -2,7 +2,7 @@ Guessed flow protos: 2 DPI Packets (TCP): 83 (13.83 pkts/flow) Confidence DPI : 6 (flows) -Num dissector calls: 1134 (189.00 diss/flow) +Num dissector calls: 1140 (190.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/pop3_stls.pcap.out b/tests/cfgs/default/result/pop3_stls.pcap.out index 02839ded5d90..6bde854b9014 100644 --- a/tests/cfgs/default/result/pop3_stls.pcap.out +++ b/tests/cfgs/default/result/pop3_stls.pcap.out @@ -2,7 +2,7 @@ Guessed flow protos: 0 DPI Packets (TCP): 18 (18.00 pkts/flow) Confidence DPI : 1 (flows) -Num dissector calls: 191 (191.00 diss/flow) +Num dissector calls: 192 (192.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/pps.pcap.out b/tests/cfgs/default/result/pps.pcap.out index 451613a4cb58..c21ef162b756 100644 --- a/tests/cfgs/default/result/pps.pcap.out +++ b/tests/cfgs/default/result/pps.pcap.out @@ -5,7 +5,7 @@ DPI Packets (UDP): 136 (3.09 pkts/flow) Confidence Unknown : 29 (flows) Confidence Match by port : 2 (flows) Confidence DPI : 76 (flows) -Num dissector calls: 5562 (51.98 diss/flow) +Num dissector calls: 5552 (51.89 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/93/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/protobuf.pcap.out b/tests/cfgs/default/result/protobuf.pcap.out index f7b6e1c5f402..5940b778c93b 100644 --- a/tests/cfgs/default/result/protobuf.pcap.out +++ b/tests/cfgs/default/result/protobuf.pcap.out @@ -2,7 +2,7 @@ Guessed flow protos: 0 DPI Packets (TCP): 22 (5.50 pkts/flow) Confidence DPI : 4 (flows) -Num dissector calls: 571 (142.75 diss/flow) +Num dissector calls: 572 (143.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/quic-33.pcapng.out b/tests/cfgs/default/result/quic-33.pcapng.out index 361a0ccc86d9..25ffcd63f395 100644 --- a/tests/cfgs/default/result/quic-33.pcapng.out +++ b/tests/cfgs/default/result/quic-33.pcapng.out @@ -2,7 +2,7 @@ Guessed flow protos: 0 DPI Packets (UDP): 1 (1.00 pkts/flow) Confidence DPI : 1 (flows) -Num dissector calls: 59 (59.00 diss/flow) +Num dissector calls: 58 (58.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/quic-34.pcap.out b/tests/cfgs/default/result/quic-34.pcap.out index ec46db8f24bd..393f235ea3ae 100644 --- a/tests/cfgs/default/result/quic-34.pcap.out +++ b/tests/cfgs/default/result/quic-34.pcap.out @@ -2,7 +2,7 @@ Guessed flow protos: 0 DPI Packets (UDP): 1 (1.00 pkts/flow) Confidence DPI : 1 (flows) -Num dissector calls: 61 (61.00 diss/flow) +Num dissector calls: 60 (60.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/quic-forcing-vn-with-data.pcapng.out b/tests/cfgs/default/result/quic-forcing-vn-with-data.pcapng.out index 55f936368fec..b7e949c6d98a 100644 --- a/tests/cfgs/default/result/quic-forcing-vn-with-data.pcapng.out +++ b/tests/cfgs/default/result/quic-forcing-vn-with-data.pcapng.out @@ -2,7 +2,7 @@ Guessed flow protos: 0 DPI Packets (UDP): 3 (3.00 pkts/flow) Confidence DPI : 1 (flows) -Num dissector calls: 61 (61.00 diss/flow) +Num dissector calls: 60 (60.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/quic-fuzz-overflow.pcapng.out b/tests/cfgs/default/result/quic-fuzz-overflow.pcapng.out index dd991262a6f9..c0d4ee961152 100644 --- a/tests/cfgs/default/result/quic-fuzz-overflow.pcapng.out +++ b/tests/cfgs/default/result/quic-fuzz-overflow.pcapng.out @@ -2,7 +2,7 @@ Guessed flow protos: 0 DPI Packets (UDP): 1 (1.00 pkts/flow) Confidence DPI : 1 (flows) -Num dissector calls: 61 (61.00 diss/flow) +Num dissector calls: 60 (60.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/quic-v2.pcapng.out b/tests/cfgs/default/result/quic-v2.pcapng.out index 172d00ece851..6cf5efc13d19 100644 --- a/tests/cfgs/default/result/quic-v2.pcapng.out +++ b/tests/cfgs/default/result/quic-v2.pcapng.out @@ -2,7 +2,7 @@ Guessed flow protos: 0 DPI Packets (UDP): 1 (1.00 pkts/flow) Confidence DPI : 1 (flows) -Num dissector calls: 59 (59.00 diss/flow) +Num dissector calls: 58 (58.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/quic.pcap.out b/tests/cfgs/default/result/quic.pcap.out index bf0b7f063b4e..8cdb5b632171 100644 --- a/tests/cfgs/default/result/quic.pcap.out +++ b/tests/cfgs/default/result/quic.pcap.out @@ -3,7 +3,7 @@ Guessed flow protos: 1 DPI Packets (UDP): 12 (1.20 pkts/flow) Confidence Match by port : 1 (flows) Confidence DPI : 9 (flows) -Num dissector calls: 218 (21.80 diss/flow) +Num dissector calls: 217 (21.70 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/3/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/quic_0RTT.pcap.out b/tests/cfgs/default/result/quic_0RTT.pcap.out index 06630eebf715..3cae02840ebc 100644 --- a/tests/cfgs/default/result/quic_0RTT.pcap.out +++ b/tests/cfgs/default/result/quic_0RTT.pcap.out @@ -2,7 +2,7 @@ Guessed flow protos: 0 DPI Packets (UDP): 4 (2.00 pkts/flow) Confidence DPI : 2 (flows) -Num dissector calls: 193 (96.50 diss/flow) +Num dissector calls: 192 (96.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/3/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/quic_frags_ch_in_multiple_packets.pcapng.out b/tests/cfgs/default/result/quic_frags_ch_in_multiple_packets.pcapng.out index 3bb0594a6b86..0a4161ff1df6 100644 --- a/tests/cfgs/default/result/quic_frags_ch_in_multiple_packets.pcapng.out +++ b/tests/cfgs/default/result/quic_frags_ch_in_multiple_packets.pcapng.out @@ -2,7 +2,7 @@ Guessed flow protos: 0 DPI Packets (UDP): 2 (2.00 pkts/flow) Confidence DPI : 1 (flows) -Num dissector calls: 59 (59.00 diss/flow) +Num dissector calls: 58 (58.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/quic_interop_V.pcapng.out b/tests/cfgs/default/result/quic_interop_V.pcapng.out index cefab7c2034b..11c874426ada 100644 --- a/tests/cfgs/default/result/quic_interop_V.pcapng.out +++ b/tests/cfgs/default/result/quic_interop_V.pcapng.out @@ -3,7 +3,7 @@ Guessed flow protos: 33 DPI Packets (UDP): 113 (1.79 pkts/flow) DPI Packets (other): 14 (1.00 pkts/flow) Confidence DPI : 77 (flows) -Num dissector calls: 2557 (33.21 diss/flow) +Num dissector calls: 2515 (32.66 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/raknet.pcap.out b/tests/cfgs/default/result/raknet.pcap.out index 81e900815fdb..b7a61b4d5616 100644 --- a/tests/cfgs/default/result/raknet.pcap.out +++ b/tests/cfgs/default/result/raknet.pcap.out @@ -2,7 +2,7 @@ Guessed flow protos: 0 DPI Packets (UDP): 24 (2.00 pkts/flow) Confidence DPI : 12 (flows) -Num dissector calls: 1444 (120.33 diss/flow) +Num dissector calls: 1438 (119.83 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/reasm_crash_anon.pcapng.out b/tests/cfgs/default/result/reasm_crash_anon.pcapng.out index 620b2c9ff3ff..48ef75fda624 100644 --- a/tests/cfgs/default/result/reasm_crash_anon.pcapng.out +++ b/tests/cfgs/default/result/reasm_crash_anon.pcapng.out @@ -2,7 +2,7 @@ Guessed flow protos: 1 DPI Packets (TCP): 23 (23.00 pkts/flow) Confidence Unknown : 1 (flows) -Num dissector calls: 243 (243.00 diss/flow) +Num dissector calls: 244 (244.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/3/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/reasm_segv_anon.pcapng.out b/tests/cfgs/default/result/reasm_segv_anon.pcapng.out index 797bc59e1b29..189c91a9c59e 100644 --- a/tests/cfgs/default/result/reasm_segv_anon.pcapng.out +++ b/tests/cfgs/default/result/reasm_segv_anon.pcapng.out @@ -2,7 +2,7 @@ Guessed flow protos: 1 DPI Packets (TCP): 21 (21.00 pkts/flow) Confidence Match by port : 1 (flows) -Num dissector calls: 193 (193.00 diss/flow) +Num dissector calls: 194 (194.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/3/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/riot.pcapng.out b/tests/cfgs/default/result/riot.pcapng.out index e32c2aaa4364..67305939c1cd 100644 --- a/tests/cfgs/default/result/riot.pcapng.out +++ b/tests/cfgs/default/result/riot.pcapng.out @@ -3,7 +3,7 @@ Guessed flow protos: 1 DPI Packets (TCP): 7 (3.50 pkts/flow) Confidence Match by port : 1 (flows) Confidence DPI : 1 (flows) -Num dissector calls: 180 (90.00 diss/flow) +Num dissector calls: 181 (90.50 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/3/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/riotgames.pcap.out b/tests/cfgs/default/result/riotgames.pcap.out index 780a28d6c0a6..0ed8ed365f12 100644 --- a/tests/cfgs/default/result/riotgames.pcap.out +++ b/tests/cfgs/default/result/riotgames.pcap.out @@ -2,7 +2,7 @@ Guessed flow protos: 0 DPI Packets (UDP): 9 (1.00 pkts/flow) Confidence DPI : 9 (flows) -Num dissector calls: 843 (93.67 diss/flow) +Num dissector calls: 834 (92.67 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/roblox.pcapng.out b/tests/cfgs/default/result/roblox.pcapng.out index a32f16f767f6..46983ddf5902 100644 --- a/tests/cfgs/default/result/roblox.pcapng.out +++ b/tests/cfgs/default/result/roblox.pcapng.out @@ -3,7 +3,7 @@ Guessed flow protos: 0 DPI Packets (TCP): 5 (5.00 pkts/flow) DPI Packets (UDP): 3 (1.00 pkts/flow) Confidence DPI : 4 (flows) -Num dissector calls: 268 (67.00 diss/flow) +Num dissector calls: 265 (66.25 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/rsh.pcap.out b/tests/cfgs/default/result/rsh.pcap.out index b22341f74122..667e64232e38 100644 --- a/tests/cfgs/default/result/rsh.pcap.out +++ b/tests/cfgs/default/result/rsh.pcap.out @@ -2,7 +2,7 @@ Guessed flow protos: 0 DPI Packets (TCP): 12 (6.00 pkts/flow) Confidence DPI : 2 (flows) -Num dissector calls: 296 (148.00 diss/flow) +Num dissector calls: 298 (149.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/rtcp_multiple_pkts_in_the_same_datagram.pcap.out b/tests/cfgs/default/result/rtcp_multiple_pkts_in_the_same_datagram.pcap.out index 7526012db512..2c245a9928e2 100644 --- a/tests/cfgs/default/result/rtcp_multiple_pkts_in_the_same_datagram.pcap.out +++ b/tests/cfgs/default/result/rtcp_multiple_pkts_in_the_same_datagram.pcap.out @@ -2,7 +2,7 @@ Guessed flow protos: 0 DPI Packets (UDP): 1 (1.00 pkts/flow) Confidence DPI : 1 (flows) -Num dissector calls: 57 (57.00 diss/flow) +Num dissector calls: 56 (56.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/rtmp.pcap.out b/tests/cfgs/default/result/rtmp.pcap.out index 21acfcfa1707..318ae38e2e2b 100644 --- a/tests/cfgs/default/result/rtmp.pcap.out +++ b/tests/cfgs/default/result/rtmp.pcap.out @@ -2,7 +2,7 @@ Guessed flow protos: 0 DPI Packets (TCP): 8 (8.00 pkts/flow) Confidence DPI : 1 (flows) -Num dissector calls: 151 (151.00 diss/flow) +Num dissector calls: 152 (152.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/shadowsocks.pcap.out b/tests/cfgs/default/result/shadowsocks.pcap.out index ab5f40c5cee5..bd8fd0e74168 100644 --- a/tests/cfgs/default/result/shadowsocks.pcap.out +++ b/tests/cfgs/default/result/shadowsocks.pcap.out @@ -3,7 +3,7 @@ Guessed flow protos: 1 DPI Packets (TCP): 21 (10.50 pkts/flow) Confidence Unknown : 1 (flows) Confidence DPI : 1 (flows) -Num dissector calls: 326 (163.00 diss/flow) +Num dissector calls: 328 (164.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/3/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/sip.pcap.out b/tests/cfgs/default/result/sip.pcap.out index 67fda864a890..2b9916411896 100644 --- a/tests/cfgs/default/result/sip.pcap.out +++ b/tests/cfgs/default/result/sip.pcap.out @@ -2,7 +2,7 @@ Guessed flow protos: 0 DPI Packets (UDP): 6 (1.50 pkts/flow) Confidence DPI : 4 (flows) -Num dissector calls: 194 (48.50 diss/flow) +Num dissector calls: 193 (48.25 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/skype.pcap.out b/tests/cfgs/default/result/skype.pcap.out index 95bbd292ab49..806693383c63 100644 --- a/tests/cfgs/default/result/skype.pcap.out +++ b/tests/cfgs/default/result/skype.pcap.out @@ -6,7 +6,7 @@ DPI Packets (other): 5 (1.00 pkts/flow) Confidence Unknown : 59 (flows) Confidence Match by port : 28 (flows) Confidence DPI : 206 (flows) -Num dissector calls: 26808 (91.49 diss/flow) +Num dissector calls: 26743 (91.27 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/261/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/skype_no_unknown.pcap.out b/tests/cfgs/default/result/skype_no_unknown.pcap.out index cd926541d424..bc41dd42be37 100644 --- a/tests/cfgs/default/result/skype_no_unknown.pcap.out +++ b/tests/cfgs/default/result/skype_no_unknown.pcap.out @@ -6,7 +6,7 @@ DPI Packets (other): 5 (1.00 pkts/flow) Confidence Unknown : 44 (flows) Confidence Match by port : 22 (flows) Confidence DPI : 201 (flows) -Num dissector calls: 22381 (83.82 diss/flow) +Num dissector calls: 22296 (83.51 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/198/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/smb_frags.pcap.out b/tests/cfgs/default/result/smb_frags.pcap.out index 70ae37d251b8..a0f8d3c8f8fc 100644 --- a/tests/cfgs/default/result/smb_frags.pcap.out +++ b/tests/cfgs/default/result/smb_frags.pcap.out @@ -2,7 +2,7 @@ Guessed flow protos: 0 DPI Packets (TCP): 5 (5.00 pkts/flow) Confidence DPI : 1 (flows) -Num dissector calls: 151 (151.00 diss/flow) +Num dissector calls: 152 (152.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/smbv1.pcap.out b/tests/cfgs/default/result/smbv1.pcap.out index dfed45b58f6b..3ccf423276e1 100644 --- a/tests/cfgs/default/result/smbv1.pcap.out +++ b/tests/cfgs/default/result/smbv1.pcap.out @@ -2,7 +2,7 @@ Guessed flow protos: 0 DPI Packets (TCP): 3 (3.00 pkts/flow) Confidence DPI : 1 (flows) -Num dissector calls: 153 (153.00 diss/flow) +Num dissector calls: 154 (154.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/smtp-starttls.pcap.out b/tests/cfgs/default/result/smtp-starttls.pcap.out index 785d99f4bb97..4132fcedc210 100644 --- a/tests/cfgs/default/result/smtp-starttls.pcap.out +++ b/tests/cfgs/default/result/smtp-starttls.pcap.out @@ -2,7 +2,7 @@ Guessed flow protos: 0 DPI Packets (TCP): 26 (13.00 pkts/flow) Confidence DPI : 2 (flows) -Num dissector calls: 150 (75.00 diss/flow) +Num dissector calls: 151 (75.50 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/smtp.pcap.out b/tests/cfgs/default/result/smtp.pcap.out index 1301740bc2a5..b1b12c610590 100644 --- a/tests/cfgs/default/result/smtp.pcap.out +++ b/tests/cfgs/default/result/smtp.pcap.out @@ -2,7 +2,7 @@ Guessed flow protos: 0 DPI Packets (TCP): 11 (11.00 pkts/flow) Confidence DPI : 1 (flows) -Num dissector calls: 192 (192.00 diss/flow) +Num dissector calls: 193 (193.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/soap.pcap.out b/tests/cfgs/default/result/soap.pcap.out index 0d10d2fe4ace..42d8fa2542d6 100644 --- a/tests/cfgs/default/result/soap.pcap.out +++ b/tests/cfgs/default/result/soap.pcap.out @@ -3,7 +3,7 @@ Guessed flow protos: 2 DPI Packets (TCP): 20 (6.67 pkts/flow) Confidence Match by port : 1 (flows) Confidence DPI : 2 (flows) -Num dissector calls: 371 (123.67 diss/flow) +Num dissector calls: 373 (124.33 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/3/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/socks.pcap.out b/tests/cfgs/default/result/socks.pcap.out index a8f8e8b566aa..5b857cf6f755 100644 --- a/tests/cfgs/default/result/socks.pcap.out +++ b/tests/cfgs/default/result/socks.pcap.out @@ -2,7 +2,7 @@ Guessed flow protos: 0 DPI Packets (TCP): 23 (5.75 pkts/flow) Confidence DPI : 4 (flows) -Num dissector calls: 494 (123.50 diss/flow) +Num dissector calls: 498 (124.50 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/softether.pcap.out b/tests/cfgs/default/result/softether.pcap.out index 29512a2d564b..ddb57af90b0c 100644 --- a/tests/cfgs/default/result/softether.pcap.out +++ b/tests/cfgs/default/result/softether.pcap.out @@ -3,7 +3,7 @@ Guessed flow protos: 1 DPI Packets (TCP): 4 (4.00 pkts/flow) DPI Packets (UDP): 31 (10.33 pkts/flow) Confidence DPI : 4 (flows) -Num dissector calls: 379 (94.75 diss/flow) +Num dissector calls: 378 (94.50 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/someip-tp.pcap.out b/tests/cfgs/default/result/someip-tp.pcap.out index 2e1420fe5e7d..0bd55c1b4884 100644 --- a/tests/cfgs/default/result/someip-tp.pcap.out +++ b/tests/cfgs/default/result/someip-tp.pcap.out @@ -2,7 +2,7 @@ Guessed flow protos: 0 DPI Packets (UDP): 1 (1.00 pkts/flow) Confidence DPI : 1 (flows) -Num dissector calls: 67 (67.00 diss/flow) +Num dissector calls: 66 (66.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/someip-udp-method-call.pcapng.out b/tests/cfgs/default/result/someip-udp-method-call.pcapng.out index 6c8e9ca6695f..0e66bbe5b2f8 100644 --- a/tests/cfgs/default/result/someip-udp-method-call.pcapng.out +++ b/tests/cfgs/default/result/someip-udp-method-call.pcapng.out @@ -2,7 +2,7 @@ Guessed flow protos: 0 DPI Packets (UDP): 2 (1.00 pkts/flow) Confidence DPI : 2 (flows) -Num dissector calls: 134 (67.00 diss/flow) +Num dissector calls: 132 (66.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/ssdp-m-search-ua.pcap.out b/tests/cfgs/default/result/ssdp-m-search-ua.pcap.out index fb631ccc3438..4d64e2c1c77f 100644 --- a/tests/cfgs/default/result/ssdp-m-search-ua.pcap.out +++ b/tests/cfgs/default/result/ssdp-m-search-ua.pcap.out @@ -2,7 +2,7 @@ Guessed flow protos: 0 DPI Packets (UDP): 1 (1.00 pkts/flow) Confidence DPI : 1 (flows) -Num dissector calls: 30 (30.00 diss/flow) +Num dissector calls: 29 (29.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/ssdp-m-search.pcap.out b/tests/cfgs/default/result/ssdp-m-search.pcap.out index 7d0a94ffa55d..e7d7690646a9 100644 --- a/tests/cfgs/default/result/ssdp-m-search.pcap.out +++ b/tests/cfgs/default/result/ssdp-m-search.pcap.out @@ -2,7 +2,7 @@ Guessed flow protos: 0 DPI Packets (UDP): 1 (1.00 pkts/flow) Confidence DPI : 1 (flows) -Num dissector calls: 30 (30.00 diss/flow) +Num dissector calls: 29 (29.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/starcraft_battle.pcap.out b/tests/cfgs/default/result/starcraft_battle.pcap.out index 5a5534ab58e6..40adce37adba 100644 --- a/tests/cfgs/default/result/starcraft_battle.pcap.out +++ b/tests/cfgs/default/result/starcraft_battle.pcap.out @@ -6,7 +6,7 @@ DPI Packets (other): 1 (1.00 pkts/flow) Confidence Match by port : 12 (flows) Confidence DPI : 39 (flows) Confidence Match by IP : 1 (flows) -Num dissector calls: 1487 (28.60 diss/flow) +Num dissector calls: 1489 (28.63 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/39/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/stun.pcap.out b/tests/cfgs/default/result/stun.pcap.out index 291d774cd898..6739b039fb23 100644 --- a/tests/cfgs/default/result/stun.pcap.out +++ b/tests/cfgs/default/result/stun.pcap.out @@ -3,7 +3,7 @@ Guessed flow protos: 0 DPI Packets (TCP): 7 (3.50 pkts/flow) DPI Packets (UDP): 18 (6.00 pkts/flow) Confidence DPI : 5 (flows) -Num dissector calls: 591 (118.20 diss/flow) +Num dissector calls: 592 (118.40 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/3/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/syncthing.pcap.out b/tests/cfgs/default/result/syncthing.pcap.out index 9f9767b7e562..2089197cfc87 100644 --- a/tests/cfgs/default/result/syncthing.pcap.out +++ b/tests/cfgs/default/result/syncthing.pcap.out @@ -2,7 +2,7 @@ Guessed flow protos: 0 DPI Packets (UDP): 4 (1.00 pkts/flow) Confidence DPI : 4 (flows) -Num dissector calls: 390 (97.50 diss/flow) +Num dissector calls: 386 (96.50 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/synscan.pcap.out b/tests/cfgs/default/result/synscan.pcap.out index 51df9b670c37..c265f9402a22 100644 --- a/tests/cfgs/default/result/synscan.pcap.out +++ b/tests/cfgs/default/result/synscan.pcap.out @@ -126,7 +126,7 @@ iSCSI 2 116 2 45 TCP 172.16.0.8:36050 -> 64.13.134.52:2605 [proto: 13/BGP][IP: 0/Unknown][ClearText][Confidence: Match by port][DPI packets: 1][cat: Network/14][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] 46 TCP 172.16.0.8:36050 -> 64.13.134.52:3000 [proto: 26/ntop][IP: 0/Unknown][ClearText][Confidence: Match by port][DPI packets: 1][cat: Network/14][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] 47 TCP 172.16.0.8:36050 -> 64.13.134.52:3128 [proto: 131/HTTP_Proxy][IP: 0/Unknown][ClearText][Confidence: Match by port][DPI packets: 1][cat: Web/5][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 48 TCP 172.16.0.8:36050 -> 64.13.134.52:3260 [proto: 354/iSCSI][IP: 0/Unknown][ClearText][Confidence: Match by port][DPI packets: 1][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 48 TCP 172.16.0.8:36050 -> 64.13.134.52:3260 [proto: 355/iSCSI][IP: 0/Unknown][ClearText][Confidence: Match by port][DPI packets: 1][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] 49 TCP 172.16.0.8:36050 -> 64.13.134.52:3306 [proto: 20/MySQL][IP: 0/Unknown][ClearText][Confidence: Match by port][DPI packets: 1][cat: Database/11][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] 50 TCP 172.16.0.8:36050 -> 64.13.134.52:3389 [proto: 88/RDP][IP: 0/Unknown][ClearText][Confidence: Match by port][DPI packets: 1][cat: RemoteAccess/12][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Desktop/File Sharing **** Unidirectional Traffic **][Risk Score: 20][Risk Info: No server to client traffic / Found RDP][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] 51 TCP 172.16.0.8:36050 -> 64.13.134.52:4343 [proto: 170/Whois-DAS][IP: 0/Unknown][ClearText][Confidence: Match by port][DPI packets: 1][cat: Network/14][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] @@ -191,7 +191,7 @@ iSCSI 2 116 2 110 TCP 172.16.0.8:36051 -> 64.13.134.52:2605 [proto: 13/BGP][IP: 0/Unknown][ClearText][Confidence: Match by port][DPI packets: 1][cat: Network/14][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] 111 TCP 172.16.0.8:36051 -> 64.13.134.52:3000 [proto: 26/ntop][IP: 0/Unknown][ClearText][Confidence: Match by port][DPI packets: 1][cat: Network/14][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] 112 TCP 172.16.0.8:36051 -> 64.13.134.52:3128 [proto: 131/HTTP_Proxy][IP: 0/Unknown][ClearText][Confidence: Match by port][DPI packets: 1][cat: Web/5][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 113 TCP 172.16.0.8:36051 -> 64.13.134.52:3260 [proto: 354/iSCSI][IP: 0/Unknown][ClearText][Confidence: Match by port][DPI packets: 1][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 113 TCP 172.16.0.8:36051 -> 64.13.134.52:3260 [proto: 355/iSCSI][IP: 0/Unknown][ClearText][Confidence: Match by port][DPI packets: 1][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] 114 TCP 172.16.0.8:36051 -> 64.13.134.52:3306 [proto: 20/MySQL][IP: 0/Unknown][ClearText][Confidence: Match by port][DPI packets: 1][cat: Database/11][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] 115 TCP 172.16.0.8:36051 -> 64.13.134.52:3389 [proto: 88/RDP][IP: 0/Unknown][ClearText][Confidence: Match by port][DPI packets: 1][cat: RemoteAccess/12][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Desktop/File Sharing **** Unidirectional Traffic **][Risk Score: 20][Risk Info: No server to client traffic / Found RDP][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] 116 TCP 172.16.0.8:36051 -> 64.13.134.52:4343 [proto: 170/Whois-DAS][IP: 0/Unknown][ClearText][Confidence: Match by port][DPI packets: 1][cat: Network/14][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] diff --git a/tests/cfgs/default/result/targusdataspeed_false_positives.pcap.out b/tests/cfgs/default/result/targusdataspeed_false_positives.pcap.out index 3c9090901682..46bbaafe21cb 100644 --- a/tests/cfgs/default/result/targusdataspeed_false_positives.pcap.out +++ b/tests/cfgs/default/result/targusdataspeed_false_positives.pcap.out @@ -2,7 +2,7 @@ Guessed flow protos: 2 DPI Packets (UDP): 4 (2.00 pkts/flow) Confidence DPI : 2 (flows) -Num dissector calls: 150 (75.00 diss/flow) +Num dissector calls: 148 (74.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 10/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/teamspeak3.pcap.out b/tests/cfgs/default/result/teamspeak3.pcap.out index cb09c7cb6d44..a34ce368f7e2 100644 --- a/tests/cfgs/default/result/teamspeak3.pcap.out +++ b/tests/cfgs/default/result/teamspeak3.pcap.out @@ -2,7 +2,7 @@ Guessed flow protos: 0 DPI Packets (UDP): 4 (2.00 pkts/flow) Confidence DPI : 2 (flows) -Num dissector calls: 204 (102.00 diss/flow) +Num dissector calls: 203 (101.50 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/telegram.pcap.out b/tests/cfgs/default/result/telegram.pcap.out index 21b94b3e70d3..4727e328b4d3 100644 --- a/tests/cfgs/default/result/telegram.pcap.out +++ b/tests/cfgs/default/result/telegram.pcap.out @@ -3,7 +3,7 @@ Guessed flow protos: 5 DPI Packets (UDP): 81 (1.69 pkts/flow) Confidence Unknown : 2 (flows) Confidence DPI : 46 (flows) -Num dissector calls: 1494 (31.12 diss/flow) +Num dissector calls: 1474 (30.71 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/6/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/telnet.pcap.out b/tests/cfgs/default/result/telnet.pcap.out index 1df271fa0970..f08f52405161 100644 --- a/tests/cfgs/default/result/telnet.pcap.out +++ b/tests/cfgs/default/result/telnet.pcap.out @@ -2,7 +2,7 @@ Guessed flow protos: 0 DPI Packets (TCP): 33 (33.00 pkts/flow) Confidence DPI : 1 (flows) -Num dissector calls: 150 (150.00 diss/flow) +Num dissector calls: 151 (151.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/threema.pcap.out b/tests/cfgs/default/result/threema.pcap.out index 1c2ceae383b3..35e19aba2e4a 100644 --- a/tests/cfgs/default/result/threema.pcap.out +++ b/tests/cfgs/default/result/threema.pcap.out @@ -3,7 +3,7 @@ Guessed flow protos: 2 DPI Packets (TCP): 66 (11.00 pkts/flow) Confidence DPI : 4 (flows) Confidence Match by IP : 2 (flows) -Num dissector calls: 1218 (203.00 diss/flow) +Num dissector calls: 1224 (204.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/6/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/thrift.pcap.out b/tests/cfgs/default/result/thrift.pcap.out index 88a08b0969b8..c686ed1c0792 100644 --- a/tests/cfgs/default/result/thrift.pcap.out +++ b/tests/cfgs/default/result/thrift.pcap.out @@ -3,7 +3,7 @@ Guessed flow protos: 0 DPI Packets (TCP): 4 (4.00 pkts/flow) DPI Packets (UDP): 1 (1.00 pkts/flow) Confidence DPI : 2 (flows) -Num dissector calls: 228 (114.00 diss/flow) +Num dissector calls: 227 (113.50 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/tls-appdata.pcap.out b/tests/cfgs/default/result/tls-appdata.pcap.out index d43c05357621..f76612c1f53f 100644 --- a/tests/cfgs/default/result/tls-appdata.pcap.out +++ b/tests/cfgs/default/result/tls-appdata.pcap.out @@ -2,7 +2,7 @@ Guessed flow protos: 1 DPI Packets (TCP): 17 (8.50 pkts/flow) Confidence DPI : 2 (flows) -Num dissector calls: 124 (62.00 diss/flow) +Num dissector calls: 125 (62.50 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/tls_certificate_too_long.pcap.out b/tests/cfgs/default/result/tls_certificate_too_long.pcap.out index d96774e1e236..6ef6f681c02c 100644 --- a/tests/cfgs/default/result/tls_certificate_too_long.pcap.out +++ b/tests/cfgs/default/result/tls_certificate_too_long.pcap.out @@ -6,7 +6,7 @@ DPI Packets (other): 2 (1.00 pkts/flow) Confidence Unknown : 1 (flows) Confidence Match by port : 1 (flows) Confidence DPI : 33 (flows) -Num dissector calls: 577 (16.49 diss/flow) +Num dissector calls: 580 (16.57 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/6/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/tls_false_positives.pcapng.out b/tests/cfgs/default/result/tls_false_positives.pcapng.out index 1978de7692cb..0c5ce251334d 100644 --- a/tests/cfgs/default/result/tls_false_positives.pcapng.out +++ b/tests/cfgs/default/result/tls_false_positives.pcapng.out @@ -2,7 +2,7 @@ Guessed flow protos: 1 DPI Packets (TCP): 13 (13.00 pkts/flow) Confidence Unknown : 1 (flows) -Num dissector calls: 251 (251.00 diss/flow) +Num dissector calls: 252 (252.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/3/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/tls_invalid_reads.pcap.out b/tests/cfgs/default/result/tls_invalid_reads.pcap.out index f1d1bc24d720..1b0ab5d693ae 100644 --- a/tests/cfgs/default/result/tls_invalid_reads.pcap.out +++ b/tests/cfgs/default/result/tls_invalid_reads.pcap.out @@ -3,7 +3,7 @@ Guessed flow protos: 2 DPI Packets (TCP): 10 (3.33 pkts/flow) Confidence Match by port : 1 (flows) Confidence DPI : 2 (flows) -Num dissector calls: 124 (41.33 diss/flow) +Num dissector calls: 125 (41.67 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/3/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/tls_missing_ch_frag.pcap.out b/tests/cfgs/default/result/tls_missing_ch_frag.pcap.out index 48046024fcc8..6755dd5ec613 100644 --- a/tests/cfgs/default/result/tls_missing_ch_frag.pcap.out +++ b/tests/cfgs/default/result/tls_missing_ch_frag.pcap.out @@ -2,7 +2,7 @@ Guessed flow protos: 0 DPI Packets (TCP): 3 (3.00 pkts/flow) Confidence DPI : 1 (flows) -Num dissector calls: 123 (123.00 diss/flow) +Num dissector calls: 124 (124.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/tor.pcap.out b/tests/cfgs/default/result/tor.pcap.out index e63a6f37a9da..ffe386f9130e 100644 --- a/tests/cfgs/default/result/tor.pcap.out +++ b/tests/cfgs/default/result/tor.pcap.out @@ -4,7 +4,7 @@ DPI Packets (TCP): 43 (5.38 pkts/flow) DPI Packets (UDP): 3 (1.00 pkts/flow) Confidence Match by port : 1 (flows) Confidence DPI : 10 (flows) -Num dissector calls: 48 (4.36 diss/flow) +Num dissector calls: 47 (4.27 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/3/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/viber.pcap.out b/tests/cfgs/default/result/viber.pcap.out index 3b625ed0a3a1..4b04c98f181a 100644 --- a/tests/cfgs/default/result/viber.pcap.out +++ b/tests/cfgs/default/result/viber.pcap.out @@ -5,7 +5,7 @@ DPI Packets (UDP): 27 (1.93 pkts/flow) DPI Packets (other): 2 (1.00 pkts/flow) Confidence Match by port : 4 (flows) Confidence DPI : 25 (flows) -Num dissector calls: 446 (15.38 diss/flow) +Num dissector calls: 447 (15.41 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/12/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/vnc.pcap.out b/tests/cfgs/default/result/vnc.pcap.out index ae833b3c5afc..caad82e80e91 100644 --- a/tests/cfgs/default/result/vnc.pcap.out +++ b/tests/cfgs/default/result/vnc.pcap.out @@ -2,7 +2,7 @@ Guessed flow protos: 0 DPI Packets (TCP): 10 (5.00 pkts/flow) Confidence DPI : 2 (flows) -Num dissector calls: 256 (128.00 diss/flow) +Num dissector calls: 258 (129.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/wa_video.pcap.out b/tests/cfgs/default/result/wa_video.pcap.out index 6985bc457eda..a2bf1bece5d1 100644 --- a/tests/cfgs/default/result/wa_video.pcap.out +++ b/tests/cfgs/default/result/wa_video.pcap.out @@ -4,7 +4,7 @@ DPI Packets (TCP): 22 (22.00 pkts/flow) DPI Packets (UDP): 13 (1.00 pkts/flow) Confidence DPI : 13 (flows) Confidence Match by IP : 1 (flows) -Num dissector calls: 397 (28.36 diss/flow) +Num dissector calls: 394 (28.14 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/3/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/wa_voice.pcap.out b/tests/cfgs/default/result/wa_voice.pcap.out index 7de3d4f1bb25..a8bc65ed7bf1 100644 --- a/tests/cfgs/default/result/wa_voice.pcap.out +++ b/tests/cfgs/default/result/wa_voice.pcap.out @@ -5,7 +5,7 @@ DPI Packets (UDP): 33 (1.57 pkts/flow) DPI Packets (other): 1 (1.00 pkts/flow) Confidence Unknown : 1 (flows) Confidence DPI : 27 (flows) -Num dissector calls: 401 (14.32 diss/flow) +Num dissector calls: 395 (14.11 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/3/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/waze.pcap.out b/tests/cfgs/default/result/waze.pcap.out index ebb864f13606..b7a5abfa18e4 100644 --- a/tests/cfgs/default/result/waze.pcap.out +++ b/tests/cfgs/default/result/waze.pcap.out @@ -5,7 +5,7 @@ DPI Packets (UDP): 1 (1.00 pkts/flow) Confidence Unknown : 1 (flows) Confidence Match by port : 9 (flows) Confidence DPI : 23 (flows) -Num dissector calls: 351 (10.64 diss/flow) +Num dissector calls: 352 (10.67 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/30/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/wechat.pcap.out b/tests/cfgs/default/result/wechat.pcap.out index f2d102ec1417..4478add92be9 100644 --- a/tests/cfgs/default/result/wechat.pcap.out +++ b/tests/cfgs/default/result/wechat.pcap.out @@ -6,7 +6,7 @@ DPI Packets (other): 7 (1.00 pkts/flow) Confidence Match by port : 24 (flows) Confidence DPI : 78 (flows) Confidence Match by IP : 1 (flows) -Num dissector calls: 315 (3.06 diss/flow) +Num dissector calls: 316 (3.07 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/75/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/whatsapp.pcap.out b/tests/cfgs/default/result/whatsapp.pcap.out index fe91d64e479d..0c3847f7bb32 100644 --- a/tests/cfgs/default/result/whatsapp.pcap.out +++ b/tests/cfgs/default/result/whatsapp.pcap.out @@ -2,7 +2,7 @@ Guessed flow protos: 0 DPI Packets (TCP): 344 (4.00 pkts/flow) Confidence DPI : 86 (flows) -Num dissector calls: 12298 (143.00 diss/flow) +Num dissector calls: 12384 (144.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/whatsapp_login_call.pcap.out b/tests/cfgs/default/result/whatsapp_login_call.pcap.out index 8085a8bcdad1..c83d471c6e33 100644 --- a/tests/cfgs/default/result/whatsapp_login_call.pcap.out +++ b/tests/cfgs/default/result/whatsapp_login_call.pcap.out @@ -5,7 +5,7 @@ DPI Packets (UDP): 35 (1.21 pkts/flow) DPI Packets (other): 1 (1.00 pkts/flow) Confidence Match by port : 20 (flows) Confidence DPI : 37 (flows) -Num dissector calls: 301 (5.28 diss/flow) +Num dissector calls: 300 (5.26 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/60/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/whois.pcapng.out b/tests/cfgs/default/result/whois.pcapng.out index 5371ad3cd9e6..74ac42347be5 100644 --- a/tests/cfgs/default/result/whois.pcapng.out +++ b/tests/cfgs/default/result/whois.pcapng.out @@ -3,7 +3,7 @@ Guessed flow protos: 1 DPI Packets (TCP): 16 (5.33 pkts/flow) Confidence Match by port : 1 (flows) Confidence DPI : 2 (flows) -Num dissector calls: 181 (60.33 diss/flow) +Num dissector calls: 182 (60.67 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/3/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/z3950.pcapng.out b/tests/cfgs/default/result/z3950.pcapng.out index de8ad89e5cf0..3269e28f713f 100644 --- a/tests/cfgs/default/result/z3950.pcapng.out +++ b/tests/cfgs/default/result/z3950.pcapng.out @@ -3,7 +3,7 @@ Guessed flow protos: 1 DPI Packets (TCP): 26 (13.00 pkts/flow) Confidence Match by port : 1 (flows) Confidence DPI : 1 (flows) -Num dissector calls: 446 (223.00 diss/flow) +Num dissector calls: 448 (224.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/3/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/default/result/zcash.pcap.out b/tests/cfgs/default/result/zcash.pcap.out index 193e485fa638..8f5d80df9792 100644 --- a/tests/cfgs/default/result/zcash.pcap.out +++ b/tests/cfgs/default/result/zcash.pcap.out @@ -22,4 +22,4 @@ Patricia protocols: 2/0 (search/found) Mining 145 20644 1 - 1 TCP 192.168.2.92:55190 <-> 178.32.196.217:9050 [proto: 42/Mining][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 4][cat: Mining/99][83 pkts/11785 bytes <-> 62 pkts/8859 bytes][Goodput ratio: 53/53][1154.54 sec][currency: ZCash/Monero][bytes ratio: 0.142 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 15953/19141 60205/60205 20621/20751][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 142/143 326/369 91/88][Risk: ** Known Proto on Non Std Port **** Unsafe Protocol **][Risk Score: 60][PLAIN TEXT (method)][Plen Bins: 0,40,0,0,0,44,0,13,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 1 TCP 192.168.2.92:55190 <-> 178.32.196.217:9050 [proto: 42/Mining][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 4][cat: Mining/99][83 pkts/11785 bytes <-> 62 pkts/8859 bytes][Goodput ratio: 53/53][1154.54 sec][currency: ZCash/Monero][bytes ratio: 0.142 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 15953/19141 60205/60205 20621/20751][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 142/143 326/369 91/88][Risk: ** Unsafe Protocol **][Risk Score: 10][PLAIN TEXT (method)][Plen Bins: 0,40,0,0,0,44,0,13,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] diff --git a/tests/cfgs/default/result/zoom.pcap.out b/tests/cfgs/default/result/zoom.pcap.out index b314af2b196c..6a28e140c385 100644 --- a/tests/cfgs/default/result/zoom.pcap.out +++ b/tests/cfgs/default/result/zoom.pcap.out @@ -5,7 +5,7 @@ DPI Packets (UDP): 23 (1.35 pkts/flow) DPI Packets (other): 2 (1.00 pkts/flow) Confidence Match by port : 2 (flows) Confidence DPI : 31 (flows) -Num dissector calls: 659 (19.97 diss/flow) +Num dissector calls: 656 (19.88 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/6/0 (insert/search/found) LRU cache zoom: 7/0/0 (insert/search/found) diff --git a/tests/cfgs/disable_aggressiveness/result/ookla.pcap.out b/tests/cfgs/disable_aggressiveness/result/ookla.pcap.out index d9c873dd88cb..417e45103e5a 100644 --- a/tests/cfgs/disable_aggressiveness/result/ookla.pcap.out +++ b/tests/cfgs/disable_aggressiveness/result/ookla.pcap.out @@ -3,7 +3,7 @@ Guessed flow protos: 1 DPI Packets (TCP): 40 (6.67 pkts/flow) Confidence DPI (partial cache): 1 (flows) Confidence DPI : 5 (flows) -Num dissector calls: 507 (84.50 diss/flow) +Num dissector calls: 510 (85.00 diss/flow) LRU cache ookla: 4/1/1 (insert/search/found) LRU cache bittorrent: 0/3/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/disable_protocols/result/soap.pcap.out b/tests/cfgs/disable_protocols/result/soap.pcap.out index ceb7a34ae6a9..1dac9671b1a1 100644 --- a/tests/cfgs/disable_protocols/result/soap.pcap.out +++ b/tests/cfgs/disable_protocols/result/soap.pcap.out @@ -3,7 +3,7 @@ Guessed flow protos: 3 DPI Packets (TCP): 20 (6.67 pkts/flow) Confidence Match by port : 2 (flows) Confidence DPI : 1 (flows) -Num dissector calls: 360 (120.00 diss/flow) +Num dissector calls: 362 (120.67 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/6/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/disable_stun_monitoring/result/lru_ipv6_caches.pcapng.out b/tests/cfgs/disable_stun_monitoring/result/lru_ipv6_caches.pcapng.out index 11b33cea8a71..40979affd9b6 100644 --- a/tests/cfgs/disable_stun_monitoring/result/lru_ipv6_caches.pcapng.out +++ b/tests/cfgs/disable_stun_monitoring/result/lru_ipv6_caches.pcapng.out @@ -4,7 +4,7 @@ DPI Packets (TCP): 9 (3.00 pkts/flow) DPI Packets (UDP): 35 (3.89 pkts/flow) Confidence DPI (cache) : 6 (flows) Confidence DPI : 6 (flows) -Num dissector calls: 774 (64.50 diss/flow) +Num dissector calls: 771 (64.25 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 25/12/4 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/enable_payload_stat/result/1kxun.pcap.out b/tests/cfgs/enable_payload_stat/result/1kxun.pcap.out index 7f66a8e2183e..b9b11fc9552a 100644 --- a/tests/cfgs/enable_payload_stat/result/1kxun.pcap.out +++ b/tests/cfgs/enable_payload_stat/result/1kxun.pcap.out @@ -5,7 +5,7 @@ DPI Packets (UDP): 120 (1.21 pkts/flow) Confidence Unknown : 14 (flows) Confidence Match by port : 6 (flows) Confidence DPI : 177 (flows) -Num dissector calls: 4591 (23.30 diss/flow) +Num dissector calls: 4578 (23.24 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/60/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/tests/cfgs/enable_stun_monitoring_with_subproto/result/wa_voice.pcap.out b/tests/cfgs/enable_stun_monitoring_with_subproto/result/wa_voice.pcap.out index 6158e6b1b639..58bc20e72546 100644 --- a/tests/cfgs/enable_stun_monitoring_with_subproto/result/wa_voice.pcap.out +++ b/tests/cfgs/enable_stun_monitoring_with_subproto/result/wa_voice.pcap.out @@ -5,7 +5,7 @@ DPI Packets (UDP): 102 (4.86 pkts/flow) DPI Packets (other): 1 (1.00 pkts/flow) Confidence Unknown : 1 (flows) Confidence DPI : 27 (flows) -Num dissector calls: 401 (14.32 diss/flow) +Num dissector calls: 395 (14.11 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/3/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) diff --git a/utils/ethereum_ip_addresses_download.sh b/utils/ethereum_ip_addresses_download.sh index 172c656d7238..076b24359edf 100755 --- a/utils/ethereum_ip_addresses_download.sh +++ b/utils/ethereum_ip_addresses_download.sh @@ -20,9 +20,9 @@ echo "(2) Processing IP addresses..." grep 'enode' $TMP | grep -v '^/' | grep ':' | cut -d '@' -f 2 | cut -d ':' -f 1 > $LIST is_file_empty "${LIST}" -./ipaddr2list.py $LIST NDPI_PROTOCOL_MINING > $DEST +./ipaddr2list.py $LIST NDPI_PROTOCOL_ETHEREUM > $DEST rm -f $TMP $LIST is_file_empty "${DEST}" -echo "(3) Ethereum/Mining IPs are available in $DEST" +echo "(3) Ethereum IPs are available in $DEST" exit 0 diff --git a/windows/nDPI.vcxproj b/windows/nDPI.vcxproj index 21ff333aa49d..e2a5259400b5 100644 --- a/windows/nDPI.vcxproj +++ b/windows/nDPI.vcxproj @@ -162,6 +162,7 @@ + diff --git a/windows/nDPI.vcxproj.filters b/windows/nDPI.vcxproj.filters index 2931112a4353..42c98425f89e 100644 --- a/windows/nDPI.vcxproj.filters +++ b/windows/nDPI.vcxproj.filters @@ -23,6 +23,7 @@ +