Update unit tests results (ntop#2466)

IvanNardi · Jun 5, 2024 · 7be482f · 7be482f
1 parent 85587a8
commit 7be482f
Show file tree

Hide file tree

Showing 3 changed files with 17 additions and 20 deletions.
diff --git a/tests/cfgs/default/result/nest_log_sink.pcap.out b/tests/cfgs/default/result/nest_log_sink.pcap.out
@@ -1,6 +1,6 @@
 Guessed flow protos:	1
 
-DPI Packets (TCP):	130	(10.00 pkts/flow)
+DPI Packets (TCP):	129	(9.92 pkts/flow)
 DPI Packets (UDP):	2	(2.00 pkts/flow)
 Confidence Match by port    : 1 (flows)
 Confidence DPI              : 13 (flows)
@@ -38,7 +38,7 @@ Acceptable                     774 118460        14
 	7	TCP 192.168.242.15:63346 <-> 35.174.82.237:11095 [proto: 43/NestLogSink][IP: 265/AmazonAWS][ClearText][Confidence: DPI][DPI packets: 8][cat: Cloud/13][41 pkts/4409 bytes <-> 37 pkts/3907 bytes][Goodput ratio: 45/49][1042.88 sec][bytes ratio: 0.060 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 1/15 27924/26022 60088/60136 29301/29455][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 108/106 585/731 114/151][PLAIN TEXT (05CA02AC4414028)][Plen Bins: 0,25,0,6,6,31,0,0,0,6,0,0,6,0,0,0,6,0,0,6,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
 	8	TCP 192.168.242.15:63349 <-> 35.174.82.237:11095 [proto: 43/NestLogSink][IP: 265/AmazonAWS][ClearText][Confidence: DPI][DPI packets: 8][cat: Cloud/13][28 pkts/3254 bytes <-> 24 pkts/3040 bytes][Goodput ratio: 50/57][602.97 sec][bytes ratio: 0.034 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 4/14 24649/24894 60122/60151 29303/29368][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 116/127 584/732 117/181][PLAIN TEXT (05CA02AC4414028)][Plen Bins: 0,28,0,7,7,21,7,0,0,7,0,0,0,0,0,0,7,0,0,7,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
 	9	TCP 192.168.242.15:63350 <-> 35.174.82.237:11095 [proto: 43/NestLogSink][IP: 265/AmazonAWS][ClearText][Confidence: DPI][DPI packets: 8][cat: Cloud/13][18 pkts/2655 bytes <-> 14 pkts/2499 bytes][Goodput ratio: 61/70][153.64 sec][bytes ratio: 0.030 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 7/15 10960/13629 60124/60155 21488/24847][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 148/178 585/731 137/222][PLAIN TEXT (05CA02AC4414028)][Plen Bins: 0,28,0,7,7,21,7,0,0,7,0,0,0,0,0,0,7,0,0,7,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
-	10	TCP 192.168.242.15:63340 <-> 35.174.82.237:11095 [proto: 43/NestLogSink][IP: 265/AmazonAWS][ClearText][Confidence: Match by port][DPI packets: 33][cat: Cloud/13][42 pkts/2576 bytes <-> 41 pkts/2214 bytes][Goodput ratio: 2/0][1615.16 sec][bytes ratio: 0.076 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 1/143 39827/40755 60071/60122 27934/27880][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 61/54 116/54 9/0][Risk: ** Probing attempt **][Risk Score: 50][Risk Info: TCP connection with unidirectional traffic][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+	10	TCP 192.168.242.15:63340 <-> 35.174.82.237:11095 [proto: 43/NestLogSink][IP: 265/AmazonAWS][ClearText][Confidence: Match by port][DPI packets: 32][cat: Cloud/13][42 pkts/2576 bytes <-> 41 pkts/2214 bytes][Goodput ratio: 2/0][1615.16 sec][bytes ratio: 0.076 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 1/143 39827/40755 60071/60122 27934/27880][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 61/54 116/54 9/0][Risk: ** Probing attempt **][Risk Score: 50][Risk Info: TCP connection with unidirectional traffic][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
 	11	TCP 192.168.242.15:63344 <-> 35.188.154.186:11095 [proto: 43/NestLogSink][IP: 284/GoogleCloud][ClearText][Confidence: DPI][DPI packets: 9][cat: Cloud/13][11 pkts/2565 bytes <-> 10 pkts/1389 bytes][Goodput ratio: 76/61][5.29 sec][bytes ratio: 0.297 (Upload)][IAT c2s/s2c min/avg/max/stddev: 61/0 640/729 2711/3410 865/1202][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 233/139 584/732 217/199][PLAIN TEXT (05CA02AC4414028)][Plen Bins: 0,40,10,0,0,0,0,0,0,10,0,0,0,0,10,0,20,0,0,0,0,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
 	12	TCP 192.168.242.15:63347 <-> 35.188.154.186:11095 [proto: 43/NestLogSink][IP: 284/GoogleCloud][ClearText][Confidence: DPI][DPI packets: 8][cat: Cloud/13][10 pkts/1983 bytes <-> 10 pkts/1390 bytes][Goodput ratio: 71/61][2.81 sec][bytes ratio: 0.176 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 63/0 342/349 1182/1489 363/517][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 198/139 586/733 195/200][PLAIN TEXT (05CA02AC4414028)][Plen Bins: 0,44,11,0,0,0,0,0,0,11,0,0,0,0,11,0,11,0,0,0,0,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
 	13	TCP 192.168.242.15:63353 <-> 35.188.154.186:11095 [proto: 43/NestLogSink][IP: 284/GoogleCloud][ClearText][Confidence: DPI][DPI packets: 8][cat: Cloud/13][10 pkts/1983 bytes <-> 10 pkts/1389 bytes][Goodput ratio: 71/61][2.65 sec][bytes ratio: 0.176 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 70/0 321/348 1162/1502 366/527][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 198/139 586/732 195/199][PLAIN TEXT (05CA02AC4414028)][Plen Bins: 0,44,11,0,0,0,0,0,0,11,0,0,0,0,11,0,11,0,0,0,0,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]

diff --git a/tests/cfgs/default/result/telnet.pcap.out b/tests/cfgs/default/result/telnet.pcap.out
@@ -1,4 +1,4 @@
-DPI Packets (TCP):	33	(33.00 pkts/flow)
+DPI Packets (TCP):	32	(32.00 pkts/flow)
 Confidence DPI              : 1 (flows)
 Num dissector calls: 172 (172.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
@@ -24,4 +24,4 @@ Telnet	87	7418	1
 
 Unsafe                          87 7418          1            
 
-	1	TCP 192.168.0.2:1550 <-> 192.168.0.1:23 [proto: 77/Telnet][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 33][cat: RemoteAccess/12][43 pkts/3135 bytes <-> 44 pkts/4283 bytes][Goodput ratio: 9/32][39.57 sec][Username: fake][bytes ratio: -0.155 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 1130/544 14699/8799 2838/1502][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 73/97 151/554 17/76][Risk: ** Unsafe Protocol **][Risk Score: 10][PLAIN TEXT (bam.zing.org)][Plen Bins: 70,6,19,0,2,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+	1	TCP 192.168.0.2:1550 <-> 192.168.0.1:23 [proto: 77/Telnet][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 32][cat: RemoteAccess/12][43 pkts/3135 bytes <-> 44 pkts/4283 bytes][Goodput ratio: 9/32][39.57 sec][Username: fake][bytes ratio: -0.155 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 1130/544 14699/8799 2838/1502][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 73/97 151/554 17/76][Risk: ** Unsafe Protocol **][Risk Score: 10][PLAIN TEXT (bam.zing.org)][Plen Bins: 70,6,19,0,2,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
diff --git a/tests/cfgs/packets_limit_per_flow/result/tls_verylong_certificate.pcap.out b/tests/cfgs/packets_limit_per_flow/result/tls_verylong_certificate.pcap.out
@@ -1,32 +1,29 @@
-DPI Packets (TCP):	5	(5.00 pkts/flow)
-Confidence DPI              : 1 (flows)
-Num dissector calls: 1 (1.00 diss/flow)
+Guessed flow protos:	1
+
+DPI Packets (TCP):	4	(4.00 pkts/flow)
+Confidence Match by port    : 1 (flows)
+Num dissector calls: 0 (0.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
-LRU cache bittorrent: 0/0/0 (insert/search/found)
+LRU cache bittorrent: 0/3/0 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)
 LRU cache tls_cert:   0/0/0 (insert/search/found)
-LRU cache mining:     0/0/0 (insert/search/found)
+LRU cache mining:     0/1/0 (insert/search/found)
 LRU cache msteams:    0/0/0 (insert/search/found)
 LRU cache stun_zoom:  0/0/0 (insert/search/found)
-Automa host:          1/1 (search/found)
-Automa domain:        1/0 (search/found)
+Automa host:          0/0 (search/found)
+Automa domain:        0/0 (search/found)
 Automa tls cert:      0/0 (search/found)
 Automa risk mask:     0/0 (search/found)
-Automa common alpns:  1/1 (search/found)
-Patricia risk mask:   0/0 (search/found)
+Automa common alpns:  0/0 (search/found)
+Patricia risk mask:   2/0 (search/found)
 Patricia risk mask IPv6: 0/0 (search/found)
 Patricia risk:        0/0 (search/found)
 Patricia risk IPv6:   0/0 (search/found)
 Patricia protocols:   2/0 (search/found)
 Patricia protocols IPv6: 0/0 (search/found)
 
-Cybersec	48	22229	1
+TLS	48	22229	1
 
 Safe                            48 22229         1            
 
-JA3 Host Stats: 
-		 IP Address                  	 # JA3C     
-	1	 192.168.1.160            	 1      
-
-
-	1	TCP 192.168.1.160:54804 <-> 151.101.66.49:443 [proto: 91.283/TLS.Cybersec][IP: 0/Unknown][Encrypted][Confidence: DPI][DPI packets: 5][cat: Cybersecurity/33][24 pkts/2404 bytes <-> 24 pkts/19825 bytes][Goodput ratio: 35/92][0.09 sec][Hostname/SNI: feodotracker.abuse.ch][(Advertised) ALPNs: http/1.1][bytes ratio: -0.784 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 4/4 15/21 5/7][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 100/826 583/1434 109/662][TLSv1.2][JA3C: 2a26b1a62e40d25d4de3babc9d532f30][JA4: t12d6707ht_2955a3196ffa_c83f907a73d3][Firefox][Plen Bins: 12,16,0,4,0,4,4,0,0,0,0,0,0,0,0,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,55,0,0,0,0,0]
+	1	TCP 192.168.1.160:54804 <-> 151.101.66.49:443 [proto: 91/TLS][IP: 0/Unknown][Encrypted][Confidence: Match by port][DPI packets: 4][cat: Web/5][24 pkts/2404 bytes <-> 24 pkts/19825 bytes][Goodput ratio: 35/92][0.09 sec][bytes ratio: -0.784 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 4/4 15/21 5/7][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 100/826 583/1434 109/662][Risk: ** Probing attempt **][Risk Score: 50][Risk Info: TCP connection with unidirectional traffic][Plen Bins: 12,16,0,4,0,4,4,0,0,0,0,0,0,0,0,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,55,0,0,0,0,0]