vrr/nDPI
2
0
Fork 0
mirror of https://github.com/vel21ripn/nDPI.git synced 2026-04-29 15:39:42 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 6

Always compute nDPI fingerprint (#2950)

Browse source
This commit is contained in:
Ivan Nardi 2025-08-31 16:11:56 +02:00 committed by GitHub
parent f293851eee
commit 2531c2555e
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
112 changed files with 385 additions and 385 deletions
Download patch file Download diff file Expand all files Collapse all files

6
tests/cfgs/enable_payload_stat/result/1kxun.pcap.out
View file

@ -135,7 +135,7 @@ JA Host Stats:
36 TCP 192.168.2.126:49370 <-> 14.136.136.108:80 [flowId: 158][proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][1 pkts/580 bytes <-> 4 pkts/7749 bytes][Goodput ratio: 88/97][0.22 sec][Hostname/SNI: hkbn.content.1kxun.com][URL: hkbn.content.1kxun.com/manga-hant/images/project/cartoons/b057f5cd8fe013d2299b57f14faa5fa9.jpg][StatusCode: 200][Content-Type: image/jpeg][Server: openresty/1.9.7.4][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (AGET /manga)][Plen Bins: 0,0,0,0,0,0,0,0,20,0,0,0,0,0,0,0,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,40,0,20]
37 TCP 192.168.2.126:45422 <-> 161.117.13.29:80 [flowId: 150][proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 274/Alibaba][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 5][cat: Streaming/17][Breed: Fun][3 pkts/2139 bytes <-> 4 pkts/6060 bytes][Goodput ratio: 91/96][4.31 sec][Hostname/SNI: mangaweb.1kxun.mobi][bytes ratio: -0.478 (Download)][IAT c2s/s2c min/avg/max/stddev: 221/224 2062/1374 3902/3898 1841/1787][Pkt Len c2s/s2c min/avg/max/stddev: 502/1413 713/1515 819/1720 149/124][URL: mangaweb.1kxun.mobi/images/detail_revision/go_homepage.png][StatusCode: 200][Content-Type: image/png][Server: openresty/1.13.6.1][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /js/application.min.j)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,28,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,28,0,0,14,0,14]
38 TCP 192.168.2.126:60148 <-> 172.105.121.82:80 [flowId: 138][proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][2 pkts/536 bytes <-> 3 pkts/7066 bytes][Goodput ratio: 75/97][0.56 sec][Hostname/SNI: pic.1kxun.com][URL: pic.1kxun.com/video_kankan/images/icons/5-328e3cdf244c003df08754cca05fbc2f.png][StatusCode: 200][Content-Type: image/png][Server: openresty/1.13.6.1][User-Agent: okhttp/3.10.0][PLAIN TEXT (GET /video)][Plen Bins: 0,0,0,0,0,0,40,0,0,40,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,20]
39 TCP 119.235.235.84:443 <-> 192.168.5.16:53406 [flowId: 100][proto: 91/TLS][Stack: TLS][IP: 315/Line][Encrypted][Confidence: Match by port][FPC: 315/Line, Confidence: IP address][DPI packets: 18][cat: Web/5][Breed: Safe][13 pkts/6269 bytes <-> 10 pkts/1165 bytes][Goodput ratio: 88/51][18.02 sec][bytes ratio: 0.687 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/31 352/2546 3289/14274 980/4917][Pkt Len c2s/s2c min/avg/max/stddev: 60/60 482/116 1514/386 582/101][Plen Bins: 23,7,0,0,0,15,7,0,7,0,7,0,0,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,23,0,0]
39 TCP 119.235.235.84:443 <-> 192.168.5.16:53406 [flowId: 100][proto: 91/TLS][Stack: TLS][IP: 315/Line][Encrypted][Confidence: Match by port][FPC: 315/Line, Confidence: IP address][DPI packets: 18][cat: Web/5][Breed: Safe][13 pkts/6269 bytes <-> 10 pkts/1165 bytes][Goodput ratio: 88/51][18.02 sec][bytes ratio: 0.687 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/31 352/2546 3289/14274 980/4917][Pkt Len c2s/s2c min/avg/max/stddev: 60/60 482/116 1514/386 582/101][nDPI Fingerprint: d9b1e7338e475c535e75d9f1f452155e][Plen Bins: 23,7,0,0,0,15,7,0,7,0,7,0,0,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,23,0,0]
40 TCP 192.168.2.126:38314 <-> 172.105.121.82:80 [flowId: 169][proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][1 pkts/273 bytes <-> 4 pkts/6346 bytes][Goodput ratio: 76/96][0.33 sec][Hostname/SNI: pic.1kxun.com][URL: pic.1kxun.com/video_kankan/images/videos/40750-585645353a7a47615755b7714c611835.jpg][StatusCode: 200][Content-Type: image/jpeg][Server: openresty/1.13.6.1][User-Agent: okhttp/3.10.0][PLAIN TEXT (GET /video)][Plen Bins: 0,0,0,0,0,0,20,0,0,0,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,40,0,20]
41 TCP 192.168.2.126:45414 <-> 161.117.13.29:80 [flowId: 148][proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 274/Alibaba][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][3 pkts/2118 bytes <-> 3 pkts/3518 bytes][Goodput ratio: 91/94][4.32 sec][Hostname/SNI: mangaweb.1kxun.mobi][bytes ratio: -0.248 (Download)][IAT c2s/s2c min/avg/max/stddev: 215/216 2066/2066 3917/3916 1851/1850][Pkt Len c2s/s2c min/avg/max/stddev: 482/758 706/1173 819/1456 158/300][URL: mangaweb.1kxun.mobi/js/fb-sdk.js][StatusCode: 200][Content-Type: application/javascript][Server: openresty/1.13.6.1][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /js/fb)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,16,0,0,0,0,0,0,0,16,0,34,0,0,0,0,0,0,0,0,0,0,0,0,0,0,16,0,0,0,0,16,0,0,0,0]
42 TCP 192.168.2.126:47246 <-> 161.117.13.29:80 [flowId: 134][proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 274/Alibaba][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][2 pkts/1872 bytes <-> 2 pkts/3374 bytes][Goodput ratio: 93/96][1.30 sec][Hostname/SNI: kankan.1kxun.com][URL: kankan.1kxun.com/video_kankan_tags/v2/api/homePageVideoCollections/HomePageBanners?_brand=Google&_model=sdk_gphone_x86&_ov=Android11&_cpu=i686&_resolution=1080%2C1794&_package=com.sceneway.kankan&_v=2.8.2.1&_channel=1kxun&_carrier=310260&_android_id=b9e28][StatusCode: 200][Content-Type: application/json][Server: openresty/1.13.6.1][User-Agent: okhttp/3.10.0][PLAIN TEXT (GET /video)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25,0,0,0,0,0,0,0,0,0,0,25,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25]
@ -212,7 +212,7 @@ JA Host Stats:
113 UDP [fe80::406:55a8:6453:25dd]:546 -> [ff02::1:2]:547 [flowId: 8][proto: 103/DHCPV6][Stack: DHCPV6][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 103/DHCPV6, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][5 pkts/490 bytes -> 0 pkts/0 bytes][Goodput ratio: 37/0][15.56 sec][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
114 UDP [fe80::beee:7bff:fe0c:b3de]:546 -> [ff02::1:2]:547 [flowId: 92][proto: 103/DHCPV6][Stack: DHCPV6][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 103/DHCPV6, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][4 pkts/392 bytes -> 0 pkts/0 bytes][Goodput ratio: 37/0][14.54 sec][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
115 UDP 192.168.5.16:63372 <-> 168.95.1.1:53 [flowId: 107][proto: 5/DNS][Stack: DNS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 5/DNS, Confidence: DPI][DPI packets: 2][cat: Network/14][Breed: Acceptable][1 pkts/89 bytes <-> 1 pkts/289 bytes][Goodput ratio: 52/85][0.01 sec][Hostname/SNI: dl-obs.official.line.naver.jp][203.69.81.73][DNS Id: 0x6d8c][PLAIN TEXT (official)][Plen Bins: 0,50,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
116 TCP 192.168.115.8:49596 <-> 203.66.182.87:443 [flowId: 56][proto: 91/TLS][Stack: TLS][IP: 0/Unknown][Encrypted][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Web/5][Breed: Safe][4 pkts/220 bytes <-> 2 pkts/132 bytes][Goodput ratio: 2/0][45.01 sec][bytes ratio: 0.250 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/45002 14999/45002 44996/45002 21211/0][Pkt Len c2s/s2c min/avg/max/stddev: 55/66 55/66 55/66 0/0][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
116 TCP 192.168.115.8:49596 <-> 203.66.182.87:443 [flowId: 56][proto: 91/TLS][Stack: TLS][IP: 0/Unknown][Encrypted][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Web/5][Breed: Safe][4 pkts/220 bytes <-> 2 pkts/132 bytes][Goodput ratio: 2/0][45.01 sec][bytes ratio: 0.250 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/45002 14999/45002 44996/45002 21211/0][Pkt Len c2s/s2c min/avg/max/stddev: 55/66 55/66 55/66 0/0][nDPI Fingerprint: d9b1e7338e475c535e75d9f1f452155e][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
117 UDP 192.168.5.9:68 -> 255.255.255.255:67 [flowId: 73][proto: 18/DHCP][Stack: DHCP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 18/DHCP, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][1 pkts/342 bytes -> 0 pkts/0 bytes][Goodput ratio: 87/0][< 1 sec][Hostname/SNI: joanna-pc][DHCP Fingerprint: 1,15,3,6,44,46,47,31,33,121,249,43,252][DHCP Class Ident: MSFT 5.0][PLAIN TEXT (Joanna)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
118 UDP 192.168.5.41:68 -> 255.255.255.255:67 [flowId: 104][proto: 18/DHCP][Stack: DHCP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 18/DHCP, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][1 pkts/342 bytes -> 0 pkts/0 bytes][Goodput ratio: 87/0][< 1 sec][Hostname/SNI: kevin-pc][DHCP Fingerprint: 1,15,3,6,44,46,47,31,33,121,249,43,252][DHCP Class Ident: MSFT 5.0][PLAIN TEXT (MSFT 5.07)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
119 TCP 192.168.2.126:35666 -> 18.66.2.90:80 [flowId: 182][proto: 7.291/HTTP.MpegDash][Stack: HTTP.MpegDash][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7.291/HTTP.MpegDash, Confidence: DPI][DPI packets: 1][cat: Media/1][Breed: Fun][1 pkts/299 bytes -> 0 pkts/0 bytes][Goodput ratio: 78/0][< 1 sec][Hostname/SNI: cdn.liftoff.io][URL: cdn.liftoff.io/customers/45d4b09eba/videos/mobile/fd5692dd53042b199e03.mp4][User-Agent: Dalvik/2.1.0 (Linux; U; Android 11; sdk_gphone_x86 Build/RSR1.201013.001)][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][PLAIN TEXT (GET /customers/45)][Plen Bins: 0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
@ -272,7 +272,7 @@ JA Host Stats:
173 UDP 192.168.5.47:53962 -> 224.0.0.252:5355 [flowId: 95][proto: 154/LLMNR][Stack: LLMNR][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 154/LLMNR, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][2 pkts/132 bytes -> 0 pkts/0 bytes][Goodput ratio: 36/0][0.41 sec][Hostname/SNI: ro_x1c][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
174 UDP 192.168.5.47:61603 -> 224.0.0.252:5355 [flowId: 10][proto: 154/LLMNR][Stack: LLMNR][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 154/LLMNR, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][2 pkts/132 bytes -> 0 pkts/0 bytes][Goodput ratio: 36/0][0.41 sec][Hostname/SNI: ro_x1c][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
175 TCP 192.168.5.16:53605 -> 68.233.253.133:80 [flowId: 4][proto: 7/HTTP][Stack: HTTP][IP: 0/Unknown][ClearText][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 2][cat: Web/5][Breed: Acceptable][2 pkts/126 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][22.90 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
176 TCP 192.168.5.16:53622 <-> 192.168.115.75:443 [flowId: 16][proto: 91/TLS][Stack: TLS][IP: 0/Unknown][Encrypted][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 2][cat: Web/5][Breed: Safe][1 pkts/60 bytes <-> 1 pkts/60 bytes][Goodput ratio: 0/0][0.00 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
176 TCP 192.168.5.16:53622 <-> 192.168.115.75:443 [flowId: 16][proto: 91/TLS][Stack: TLS][IP: 0/Unknown][Encrypted][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 2][cat: Web/5][Breed: Safe][1 pkts/60 bytes <-> 1 pkts/60 bytes][Goodput ratio: 0/0][0.00 sec][nDPI Fingerprint: d9b1e7338e475c535e75d9f1f452155e][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
177 UDP [fe80::f65c:89ff:fe89:e607]:546 -> [ff02::1:2]:547 [flowId: 115][proto: 103/DHCPV6][Stack: DHCPV6][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 103/DHCPV6, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][1 pkts/98 bytes -> 0 pkts/0 bytes][Goodput ratio: 36/0][< 1 sec][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
178 UDP 192.168.5.45:59461 -> 192.168.255.255:137 [flowId: 67][proto: 10/NetBIOS][Stack: NetBIOS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 10/NetBIOS, Confidence: DPI][DPI packets: 1][cat: System/18][Breed: Acceptable][1 pkts/92 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][< 1 sec][Hostname/SNI: gfile][PLAIN TEXT ( EHEGEJEMEFCACACACACACACACACACA)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
179 UDP 192.168.5.45:59789 -> 192.168.255.255:137 [flowId: 66][proto: 10/NetBIOS][Stack: NetBIOS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 10/NetBIOS, Confidence: DPI][DPI packets: 1][cat: System/18][Breed: Acceptable][1 pkts/92 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][< 1 sec][Hostname/SNI: sanji-lifebook-][PLAIN TEXT ( FDEBEOEKEJ)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]