mirror of
https://github.com/vel21ripn/nDPI.git
synced 2026-05-02 17:00:16 +00:00
de16fd35aa
We already performed exactly these lookups in the generic code to populate `flow->guessed_protocol_id_by_ip`: use it! This code probably needs a deeper review, since it is basicaly a simple matching on ip + port.
24 lines
1.4 KiB
Text
24 lines
1.4 KiB
Text
Guessed flow protos: 0
|
|
|
|
DPI Packets (UDP): 1 (1.00 pkts/flow)
|
|
Confidence DPI : 1 (flows)
|
|
Num dissector calls: 74 (74.00 diss/flow)
|
|
LRU cache ookla: 0/0/0 (insert/search/found)
|
|
LRU cache bittorrent: 0/0/0 (insert/search/found)
|
|
LRU cache zoom: 0/0/0 (insert/search/found)
|
|
LRU cache stun: 1/2/0 (insert/search/found)
|
|
LRU cache tls_cert: 0/0/0 (insert/search/found)
|
|
LRU cache mining: 0/0/0 (insert/search/found)
|
|
LRU cache msteams: 0/0/0 (insert/search/found)
|
|
Automa host: 0/0 (search/found)
|
|
Automa domain: 0/0 (search/found)
|
|
Automa tls cert: 0/0 (search/found)
|
|
Automa risk mask: 0/0 (search/found)
|
|
Automa common alpns: 0/0 (search/found)
|
|
Patricia risk mask: 2/0 (search/found)
|
|
Patricia risk: 0/0 (search/found)
|
|
Patricia protocols: 2/1 (search/found)
|
|
|
|
GoogleHangoutDuo 19 2774 1
|
|
|
|
1 UDP 74.125.134.127:19305 -> 10.89.61.13:56406 [proto: 78.201/STUN.GoogleHangoutDuo][IP: 126/Google][ClearText][Confidence: DPI][cat: VoIP/10][19 pkts/2774 bytes -> 0 pkts/0 bytes][Goodput ratio: 71/0][18.02 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 993/0 1000/0 1010/0 5/0][Pkt Len c2s/s2c min/avg/max/stddev: 146/0 146/0 146/0 0/0][Risk: ** Known Proto on Non Std Port **** Unidirectional Traffic **][Risk Score: 60][Risk Info: No client to server traffic][PLAIN TEXT (sdiKGkw)][Plen Bins: 0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
|