flow-info.py: Command line arguments --no-color, --no-statusbar (both useful for tests/CI) and --print-analyse-results.

* run_tests.sh: Use flow-info.py for additional DIFF tests.

Signed-off-by: Toni Uhlig <matzeton@googlemail.com>

dependencies/nDPIsrvd.py

@@ -28,12 +28,12 @@ PKT_TYPE_ETH_IP6 = 0x86DD
 
 
 class TermColor:
-    HINT = '\033[33m'
+    HINT    = '\033[33m'
     WARNING = '\033[93m'
-    FAIL = '\033[91m'
+    FAIL    = '\033[91m'
-    BOLD = '\033[1m'
+    BOLD    = '\033[1m'
-    END = '\033[0m'
+    END     = '\033[0m'
-    BLINK = '\x1b[5m'
+    BLINK   = '\x1b[5m'
 
     if USE_COLORAMA is True:
         COLOR_TUPLES = [ (Fore.BLUE, [Back.RED, Back.MAGENTA, Back.WHITE]),
@@ -51,6 +51,17 @@ class TermColor:
                          (Fore.LIGHTWHITE_EX, [Back.LIGHTBLACK_EX, Back.BLACK]),
                          (Fore.LIGHTYELLOW_EX, [Back.LIGHTRED_EX, Back.RED]) ]
 
+    @staticmethod
+    def disableColor():
+        TermColor.HINT    = ''
+        TermColor.WARNING = ''
+        TermColor.FAIL    = ''
+        TermColor.BOLD    = ''
+        TermColor.END     = ''
+        TermColor.BLINK   = ''
+        global USE_COLORAMA
+        USE_COLORAMA      = False
+
     @staticmethod
     def calcColorHash(string):
         h = 0
@@ -68,6 +79,7 @@ class TermColor:
 
     @staticmethod
     def setColorByString(string):
+        global USE_COLORAMA
         if USE_COLORAMA is True:
             fg_color, bg_color = TermColor.getColorsByHash(string)
             color_hash = TermColor.calcColorHash(string)

examples/py-flow-info/flow-info.py

@@ -32,6 +32,7 @@ def set_attr_if_not_set(some_object, attr_name, value):
 class Stats:
 
     def __init__(self, nDPIsrvd_sock):
+        self.statusbar_enabled = True
         self.start_time = time.time()
         self.nsock = nDPIsrvd_sock
         self.last_status_length = 0
@@ -46,11 +47,14 @@ class Stats:
         self.json_lines    = 0
         self.spinner_state = 0
 
+    def disableStatusbar(self):
+        self.statusbar_enabled = False
+
     def updateSpinner(self):
         if self.current_time + 0.25 <= time.time():
             self.spinner_state += 1
 
-    def getSpinner(self):
+    def __getSpinner(self):
         #spinner_states = ['-', '\\', '|', '/']
         #spinner_states = ['▉', '▊', '▋', '▌', '▍', '▎', '▏', '▎', '▍', '▌', '▋', '▊', '▉']
         spinner_states = ['←', '↖', '↑', '↗', '→', '↘', '↓', '↙']
@@ -59,7 +63,7 @@ class Stats:
         #spinner_states = ['┤', '┘', '┴', '└', '├', '┌', '┬', '┐']
         return spinner_states[self.spinner_state % len(spinner_states)]
 
-    def getDataFromJson(self, json_dict, current_flow):
+    def __getDataFromJson(self, json_dict, current_flow):
         if current_flow is None:
             return
 
@@ -87,7 +91,7 @@ class Stats:
         self.json_lines += 1
         self.current_time = time.time()
         self.avg_xfer_json_bytes = self.nsock.received_bytes / (self.current_time - self.start_time)
-        self.getDataFromJson(json_dict, current_flow)
+        self.__getDataFromJson(json_dict, current_flow)
 
     def updateOnCleanup(self, current_flow):
         self.total_flows += 1
@@ -97,7 +101,7 @@ class Stats:
         self.guessed_flows += 1 if current_flow.guessed != 0 else 0
         self.not_detected_flows += 1 if current_flow.not_detected != 0 else 0
 
-    def getStatsFromFlowMgr(self):
+    def __getStatsFromFlowMgr(self):
         alias_count = 0
         source_count = 0
         flow_count = 0
@@ -138,13 +142,19 @@ class Stats:
         return '{:.2f} {}'.format(s, size_names[i])
 
     def resetStatus(self):
+        if self.statusbar_enabled is False:
+            return
+
         sys.stdout.write('\r' + str(' ' * self.last_status_length) + '\r')
         sys.stdout.flush()
 
     def printStatus(self):
+        if self.statusbar_enabled is False:
+            return
+
         alias_count, source_count, flow_count, \
         tot_l4_payload_len, \
-        risky, midstream, guessed, not_detected = self.getStatsFromFlowMgr()
+        risky, midstream, guessed, not_detected = self.__getStatsFromFlowMgr()
 
         out_str = '\r[n|tot|avg JSONs: {}|{}|{}/s] [tot l4: {}] ' \
             '[lss|srcs: {}|{}] ' \
@@ -160,7 +170,7 @@ class Stats:
                       midstream + self.midstream_flows,
                       not_detected + self.not_detected_flows,
                       guessed + self.guessed_flows,
-                      self.getSpinner())
+                      self.__getSpinner())
         self.last_status_length = len(out_str) - 1 # '\r'
 
         sys.stdout.write(out_str)
@@ -251,7 +261,7 @@ def onJsonLineRecvd(json_dict, instance, current_flow, global_user_data):
         basic_daemon_event_prefix += ' ' * 11
         if 'flow_first_seen' in json_dict:
             first_seen = '[' + prettifyTimediff(nDPIsrvd.toSeconds(json_dict['flow_first_seen']),
-                                                nDPIsrvd.toSeconds(json_dict['thread_ts_usec']) + ']')
+                                                nDPIsrvd.toSeconds(json_dict['thread_ts_usec'])) + ']'
 
     last_seen = ''
     if args.print_last_seen is True:
@@ -259,7 +269,7 @@ def onJsonLineRecvd(json_dict, instance, current_flow, global_user_data):
         if current_flow is not None:
             flow_last_seen = nDPIsrvd.FlowManager.getLastPacketTime(instance, current_flow.flow_id, json_dict)
             last_seen = '[' + prettifyTimediff(nDPIsrvd.toSeconds(flow_last_seen),
-                                               nDPIsrvd.toSeconds(json_dict['thread_ts_usec']) + ']')
+                                               nDPIsrvd.toSeconds(json_dict['thread_ts_usec'])) + ']'
 
     if 'daemon_event_id' in json_dict:
         if json_dict['daemon_event_name'] == 'status':
@@ -298,7 +308,7 @@ def onJsonLineRecvd(json_dict, instance, current_flow, global_user_data):
         return True
 
     ndpi_proto_categ_breed = ''
-    ndpi_frisk = ''
+    next_lines = []
 
     if 'ndpi' in json_dict:
         if 'proto' in json_dict['ndpi']:
@@ -314,8 +324,9 @@ def onJsonLineRecvd(json_dict, instance, current_flow, global_user_data):
             severity = 0
             cnt = 0
 
+            next_lines += ['']
             for key in json_dict['ndpi']['flow_risk']:
-                ndpi_frisk += str(json_dict['ndpi']['flow_risk'][key]['risk']) + ', '
+                next_lines[0] += str(json_dict['ndpi']['flow_risk'][key]['risk']) + ', '
                 if json_dict['ndpi']['flow_risk'][key]['severity'] == 'Low':
                     severity = max(severity, 1)
                 elif json_dict['ndpi']['flow_risk'][key]['severity'] == 'Medium':
@@ -337,7 +348,7 @@ def onJsonLineRecvd(json_dict, instance, current_flow, global_user_data):
             else:
                 color = ''
 
-            ndpi_frisk = '{}{}{}: {}'.format(color, 'RISK', TermColor.END, ndpi_frisk[:-2])
+            next_lines[0] = '{}{}{}: {}'.format(color, 'RISK', TermColor.END, next_lines[0][:-2])
 
     line_suffix = ''
     flow_event_name = ''
@@ -351,6 +362,44 @@ def onJsonLineRecvd(json_dict, instance, current_flow, global_user_data):
     elif json_dict['flow_event_name'] == 'analyse':
         flow_event_name += '{}{:>16}{}'.format(TermColor.WARNING,
                                                json_dict['flow_event_name'], TermColor.END)
+        if args.print_analyse_results is True:
+            next_lines = ['[min|max|avg|stddev]']
+            next_lines += ['[IAT(flow)...: {:>8.3f}|{:>8.3f}|{:>8.3f}|{:>8.3f}]'.format(
+                            nDPIsrvd.toSeconds(json_dict['data_analysis']['iat']['flow_min']),
+                            nDPIsrvd.toSeconds(json_dict['data_analysis']['iat']['flow_max']),
+                            nDPIsrvd.toSeconds(json_dict['data_analysis']['iat']['flow_avg']),
+                            nDPIsrvd.toSeconds(json_dict['data_analysis']['iat']['flow_stddev'])
+                          )]
+            next_lines += ['']
+            next_lines[-1] += '[IAT(c->s)...: {:>8.3f}|{:>8.3f}|{:>8.3f}|{:>8.3f}]'.format(
+                                    nDPIsrvd.toSeconds(json_dict['data_analysis']['iat']['c_to_s_min']),
+                                    nDPIsrvd.toSeconds(json_dict['data_analysis']['iat']['c_to_s_max']),
+                                    nDPIsrvd.toSeconds(json_dict['data_analysis']['iat']['c_to_s_avg']),
+                                    nDPIsrvd.toSeconds(json_dict['data_analysis']['iat']['c_to_s_stddev'])
+                              )
+            next_lines[-1] += '[IAT(s->c)...: {:>8.3f}|{:>8.3f}|{:>8.3f}|{:>8.3f}]'.format(
+                                    nDPIsrvd.toSeconds(json_dict['data_analysis']['iat']['s_to_c_min']),
+                                    nDPIsrvd.toSeconds(json_dict['data_analysis']['iat']['s_to_c_max']),
+                                    nDPIsrvd.toSeconds(json_dict['data_analysis']['iat']['s_to_c_avg']),
+                                    nDPIsrvd.toSeconds(json_dict['data_analysis']['iat']['s_to_c_stddev'])
+                              )
+            next_lines += ['']
+            next_lines[-1] += '[PKTLEN(c->s): {:>8.3f}|{:>8.3f}|{:>8.3f}|{:>8.3f}]'.format(
+                                  json_dict['data_analysis']['pktlen']['c_to_s_min'],
+                                  json_dict['data_analysis']['pktlen']['c_to_s_max'],
+                                  json_dict['data_analysis']['pktlen']['c_to_s_avg'],
+                                  json_dict['data_analysis']['pktlen']['c_to_s_stddev']
+                              )
+            next_lines[-1] += '[PKTLEN(s->c): {:>8.3f}|{:>8.3f}|{:>8.3f}|{:>8.3f}]'.format(
+                                  json_dict['data_analysis']['pktlen']['s_to_c_min'],
+                                  json_dict['data_analysis']['pktlen']['s_to_c_max'],
+                                  json_dict['data_analysis']['pktlen']['s_to_c_avg'],
+                                  json_dict['data_analysis']['pktlen']['s_to_c_stddev']
+                              )
+            next_lines += ['']
+            next_lines[-1] += '[BINS(c->s)..: {}]'.format(','.join([str(n) for n in json_dict['data_analysis']['bins']['c_to_s']]))
+            next_lines += ['']
+            next_lines[-1] += '[BINS(s->c)..: {}]'.format(','.join([str(n) for n in json_dict['data_analysis']['bins']['s_to_c']]))
     else:
         if json_dict['flow_event_name'] == 'new':
             line_suffix = ''
@@ -392,9 +441,9 @@ def onJsonLineRecvd(json_dict, instance, current_flow, global_user_data):
     else:
         raise RuntimeError('unsupported l3 protocol: {}'.format(json_dict['l3_proto']))
 
-    if len(ndpi_frisk) > 0:
+    for line in next_lines:
         print('{}{}{}{}{:>18}{}'.format(timestamp, first_seen, last_seen,
-                                        instance_and_source, '', ndpi_frisk))
+                                        instance_and_source, '', line))
 
     stats.printStatus()
 
@@ -402,6 +451,10 @@ def onJsonLineRecvd(json_dict, instance, current_flow, global_user_data):
 
 if __name__ == '__main__':
     argparser = nDPIsrvd.defaultArgumentParser('Prettify and print events using the nDPIsrvd Python interface.')
+    argparser.add_argument('--no-color', action='store_true', default=False,
+                           help='Disable all terminal colors.')
+    argparser.add_argument('--no-statusbar', action='store_true', default=False,
+                           help='Disable informational status bar.')
     argparser.add_argument('--hide-instance-info', action='store_true', default=False,
                            help='Hide instance Alias/Source prefixed every line.')
     argparser.add_argument('--print-timestamp', action='store_true', default=False,
@@ -423,8 +476,13 @@ if __name__ == '__main__':
     argparser.add_argument('--analyse',    action='store_true', default=False, help='Print only analyse flow events.')
     argparser.add_argument('--detection',  action='store_true', default=False, help='Print only detected/detection-update flow events.')
     argparser.add_argument('--ipwhois',    action='store_true', default=False, help='Use Python-IPWhois to print additional location information.')
+    argparser.add_argument('--print-analyse-results', action='store_true', default=False,
+                           help='Print detailed results of analyse events.')
     args = argparser.parse_args()
 
+    if args.no_color is True:
+        TermColor.disableColor()
+
     if args.ipwhois is True:
         import dns, ipwhois
         whois_db = dict()
@@ -439,6 +497,9 @@ if __name__ == '__main__':
     nsock.timeout(1.0)
     stats = Stats(nsock)
 
+    if args.no_statusbar is True:
+        stats.disableStatusbar()
+
     while True:
         try:
             nsock.loop(onJsonLineRecvd, onFlowCleanup, stats)

test/results/flow-info/1kxun.pcap.out

@@ -0,0 +1,841 @@
+     DAEMON-EVENT: init
+     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....1] [ip4][..udp] [...192.168.5.44][59571] -> [....224.0.0.252][.5355] 
+         detected: [.....1] [ip4][..udp] [...192.168.5.44][59571] -> [....224.0.0.252][.5355] [LLMNR][Network][Acceptable]
+              new: [.....2] [ip4][..udp] [...192.168.5.57][55809] -> [239.255.255.250][.1900] 
+         detected: [.....2] [ip4][..udp] [...192.168.5.57][55809] -> [239.255.255.250][.1900] [SSDP][System][Acceptable]
+              new: [.....3] [ip4][..udp] [...192.168.5.44][51389] -> [239.255.255.250][.1900] 
+         detected: [.....3] [ip4][..udp] [...192.168.5.44][51389] -> [239.255.255.250][.1900] [SSDP][System][Acceptable]
+              new: [.....4] [ip4][..udp] [..192.168.119.1][...67] -> [255.255.255.255][...68] 
+         detected: [.....4] [ip4][..udp] [..192.168.119.1][...67] -> [255.255.255.255][...68] [DHCP][Network][Acceptable]
+              new: [.....5] [ip4][..tcp] [...192.168.5.16][53605] -> [.68.233.253.133][...80] [MIDSTREAM] 
+              new: [.....6] [ip4][..udp] [...192.168.5.50][64674] -> [239.255.255.250][.1900] 
+         detected: [.....6] [ip4][..udp] [...192.168.5.50][64674] -> [239.255.255.250][.1900] [SSDP][System][Acceptable]
+              new: [.....7] [ip4][..udp] [...192.168.5.41][55312] -> [239.255.255.250][.1900] 
+         detected: [.....7] [ip4][..udp] [...192.168.5.41][55312] -> [239.255.255.250][.1900] [SSDP][System][Acceptable]
+              new: [.....8] [ip4][..udp] [........0.0.0.0][...68] -> [255.255.255.255][...67] 
+         detected: [.....8] [ip4][..udp] [........0.0.0.0][...68] -> [255.255.255.255][...67] [DHCP][Network][Acceptable]
+              new: [.....9] [ip6][..udp] [...............fe80::406:55a8:6453:25dd][..546] -> [..............................ff02::1:2][..547] 
+         detected: [.....9] [ip6][..udp] [...............fe80::406:55a8:6453:25dd][..546] -> [..............................ff02::1:2][..547] [DHCPV6][Network][Acceptable]
+              new: [....10] [ip6][..udp] [..............fe80::edf5:240a:c8c0:8312][61603] -> [..............................ff02::1:3][.5355] 
+         detected: [....10] [ip6][..udp] [..............fe80::edf5:240a:c8c0:8312][61603] -> [..............................ff02::1:3][.5355] [LLMNR][Network][Acceptable]
+              new: [....11] [ip4][..udp] [...192.168.5.47][61603] -> [....224.0.0.252][.5355] 
+         detected: [....11] [ip4][..udp] [...192.168.5.47][61603] -> [....224.0.0.252][.5355] [LLMNR][Network][Acceptable]
+              new: [....12] [ip4][..udp] [...192.168.5.47][60267] -> [239.255.255.250][.1900] 
+         detected: [....12] [ip4][..udp] [...192.168.5.47][60267] -> [239.255.255.250][.1900] [SSDP][System][Acceptable]
+              new: [....13] [ip4][..udp] [..192.168.115.8][51458] -> [....224.0.0.252][.5355] 
+         detected: [....13] [ip4][..udp] [..192.168.115.8][51458] -> [....224.0.0.252][.5355] [LLMNR][Network][Acceptable]
+              new: [....14] [ip4][..udp] [..192.168.115.8][51024] -> [........8.8.8.8][...53] 
+         detected: [....14] [ip4][..udp] [..192.168.115.8][51024] -> [........8.8.8.8][...53] [DNS.1kxun][Streaming][Fun]
+ detection-update: [....14] [ip4][..udp] [..192.168.115.8][51024] -> [........8.8.8.8][...53] [DNS.1kxun][Streaming][Fun]
+              new: [....15] [ip4][..tcp] [..192.168.115.8][49597] -> [.106.185.35.110][...80] 
+         detected: [....15] [ip4][..tcp] [..192.168.115.8][49597] -> [.106.185.35.110][...80] [HTTP.1kxun][Streaming][Fun]
+              new: [....16] [ip4][..udp] [..192.168.115.8][52723] -> [........8.8.8.8][...53] 
+         detected: [....16] [ip4][..udp] [..192.168.115.8][52723] -> [........8.8.8.8][...53] [DNS.1kxun][Streaming][Fun]
+              new: [....17] [ip4][..tcp] [...192.168.5.16][53622] -> [.192.168.115.75][..443] [MIDSTREAM] 
+              new: [....18] [ip4][..udp] [..192.168.115.8][..137] -> [192.168.255.255][..137] 
+         detected: [....18] [ip4][..udp] [..192.168.115.8][..137] -> [192.168.255.255][..137] [NetBIOS][System][Acceptable]
+              new: [....19] [ip6][..udp] [..............fe80::e98f:bae2:19f7:6b0f][58779] -> [..............................ff02::1:3][.5355] 
+         detected: [....19] [ip6][..udp] [..............fe80::e98f:bae2:19f7:6b0f][58779] -> [..............................ff02::1:3][.5355] [LLMNR][Network][Acceptable]
+              new: [....20] [ip4][..udp] [...192.168.3.95][58779] -> [....224.0.0.252][.5355] 
+         detected: [....20] [ip4][..udp] [...192.168.3.95][58779] -> [....224.0.0.252][.5355] [LLMNR][Network][Acceptable]
+              new: [....21] [ip4][..udp] [...192.168.3.95][59468] -> [239.255.255.250][.1900] 
+         detected: [....21] [ip4][..udp] [...192.168.3.95][59468] -> [239.255.255.250][.1900] [SSDP][System][Acceptable]
+              new: [....22] [ip4][..udp] [.192.168.125.30][62976] -> [255.255.255.255][62976] 
+              new: [....23] [ip6][..udp] [..2001:b030:214:100:c2a0:bbff:fe73:eb47][62976] -> [................................ff02::1][62976] 
+              new: [....24] [ip4][..udp] [..192.168.115.8][52723] -> [.....168.95.1.1][...53] 
+         detected: [....24] [ip4][..udp] [..192.168.115.8][52723] -> [.....168.95.1.1][...53] [DNS.1kxun][Streaming][Fun]
+ detection-update: [....24] [ip4][..udp] [..192.168.115.8][52723] -> [.....168.95.1.1][...53] [DNS.1kxun][Streaming][Fun]
+              new: [....25] [ip4][..tcp] [..192.168.115.8][49598] -> [.222.73.254.167][...80] 
+ detection-update: [....16] [ip4][..udp] [..192.168.115.8][52723] -> [........8.8.8.8][...53] [DNS.1kxun][Streaming][Fun]
+         detected: [....25] [ip4][..tcp] [..192.168.115.8][49598] -> [.222.73.254.167][...80] [HTTP.1kxun][Streaming][Fun]
+              new: [....26] [ip4][..udp] [..192.168.115.8][60724] -> [........8.8.8.8][...53] 
+         detected: [....26] [ip4][..udp] [..192.168.115.8][60724] -> [........8.8.8.8][...53] [DNS.1kxun][Streaming][Fun]
+ detection-update: [....26] [ip4][..udp] [..192.168.115.8][60724] -> [........8.8.8.8][...53] [DNS.1kxun][Streaming][Fun]
+              new: [....27] [ip4][..tcp] [..192.168.115.8][49599] -> [.106.187.35.246][...80] 
+              new: [....28] [ip4][..tcp] [..192.168.115.8][49600] -> [.106.187.35.246][...80] 
+              new: [....29] [ip4][..tcp] [..192.168.115.8][49601] -> [.106.187.35.246][...80] 
+              new: [....30] [ip4][..tcp] [..192.168.115.8][49602] -> [.106.187.35.246][...80] 
+              new: [....31] [ip4][..tcp] [..192.168.115.8][49603] -> [.106.187.35.246][...80] 
+              new: [....32] [ip4][..tcp] [..192.168.115.8][49604] -> [.106.187.35.246][...80] 
+              new: [....33] [ip6][..udp] [..............fe80::e98f:bae2:19f7:6b0f][54888] -> [..............................ff02::1:3][.5355] 
+         detected: [....33] [ip6][..udp] [..............fe80::e98f:bae2:19f7:6b0f][54888] -> [..............................ff02::1:3][.5355] [LLMNR][Network][Acceptable]
+              new: [....34] [ip4][..udp] [...192.168.3.95][54888] -> [....224.0.0.252][.5355] 
+         detected: [....34] [ip4][..udp] [...192.168.3.95][54888] -> [....224.0.0.252][.5355] [LLMNR][Network][Acceptable]
+         detected: [....28] [ip4][..tcp] [..192.168.115.8][49600] -> [.106.187.35.246][...80] [HTTP.1kxun][Streaming][Fun]
+         detected: [....27] [ip4][..tcp] [..192.168.115.8][49599] -> [.106.187.35.246][...80] [HTTP.1kxun][Streaming][Fun]
+         detected: [....32] [ip4][..tcp] [..192.168.115.8][49604] -> [.106.187.35.246][...80] [HTTP.1kxun][Streaming][Fun]
+         detected: [....29] [ip4][..tcp] [..192.168.115.8][49601] -> [.106.187.35.246][...80] [HTTP.1kxun][Streaming][Fun]
+         detected: [....30] [ip4][..tcp] [..192.168.115.8][49602] -> [.106.187.35.246][...80] [HTTP.1kxun][Streaming][Fun]
+         detected: [....31] [ip4][..tcp] [..192.168.115.8][49603] -> [.106.187.35.246][...80] [HTTP.1kxun][Streaming][Fun]
+          analyse: [....29] [ip4][..tcp] [..192.168.115.8][49601] -> [.106.187.35.246][...80] [HTTP.1kxun][Streaming][Fun]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|   0.056|   0.011|   0.020]
+                   [IAT(c->s)...:    0.000|   0.056|   0.019|   0.025][IAT(s->c)...:    0.000|   0.052|   0.008|   0.017]
+                   [PKTLEN(c->s):   54.000| 414.000| 128.400| 142.900][PKTLEN(s->c):   60.000|1314.000|1157.500| 397.500]
+                   [BINS(c->s)..: 8,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 2,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,19,0,0,0,0,0,0,0,0]
+          analyse: [....30] [ip4][..tcp] [..192.168.115.8][49602] -> [.106.187.35.246][...80] [HTTP.1kxun][Streaming][Fun]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|   0.066|   0.012|   0.024]
+                   [IAT(c->s)...:    0.000|   0.066|   0.017|   0.027][IAT(s->c)...:    0.000|   0.065|   0.010|   0.022]
+                   [PKTLEN(c->s):   54.000| 413.000| 115.800| 133.000][PKTLEN(s->c):   60.000|1314.000|1141.800| 413.700]
+                   [BINS(c->s)..: 10,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 2,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,17,0,0,0,0,0,0,0,0]
+          analyse: [....27] [ip4][..tcp] [..192.168.115.8][49599] -> [.106.187.35.246][...80] [HTTP.1kxun][Streaming][Fun]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|   0.067|   0.012|   0.023]
+                   [IAT(c->s)...:    0.000|   0.067|   0.017|   0.026][IAT(s->c)...:    0.000|   0.065|   0.010|   0.021]
+                   [PKTLEN(c->s):   54.000| 415.000| 116.200| 133.700][PKTLEN(s->c):   60.000|1314.000|1141.800| 413.700]
+                   [BINS(c->s)..: 10,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 2,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,17,0,0,0,0,0,0,0,0]
+          analyse: [....32] [ip4][..tcp] [..192.168.115.8][49604] -> [.106.187.35.246][...80] [HTTP.1kxun][Streaming][Fun]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|   0.096|   0.013|   0.026]
+                   [IAT(c->s)...:    0.000|   0.096|   0.023|   0.034][IAT(s->c)...:    0.000|   0.072|   0.008|   0.021]
+                   [PKTLEN(c->s):   54.000| 423.000| 202.200| 176.700][PKTLEN(s->c):   60.000|1314.000|1140.100| 398.700]
+                   [BINS(c->s)..: 6,0,0,0,0,0,0,0,0,0,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 2,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,18,0,0,0,0,0,0,0,0]
+          analyse: [....28] [ip4][..tcp] [..192.168.115.8][49600] -> [.106.187.35.246][...80] [HTTP.1kxun][Streaming][Fun]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|   0.142|   0.016|   0.032]
+                   [IAT(c->s)...:    0.000|   0.142|   0.027|   0.045][IAT(s->c)...:    0.000|   0.085|   0.011|   0.024]
+                   [PKTLEN(c->s):   54.000| 416.000| 128.800| 143.700][PKTLEN(s->c):   60.000|1314.000|1157.500| 397.500]
+                   [BINS(c->s)..: 8,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 2,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,19,0,0,0,0,0,0,0,0]
+              new: [....35] [ip4][..udp] [...192.168.5.67][..138] -> [192.168.255.255][..138] 
+         detected: [....35] [ip4][..udp] [...192.168.5.67][..138] -> [192.168.255.255][..138] [NetBIOS.SMBv1][System][Dangerous]
+                   RISK: Unsafe Protocol
+              new: [....36] [ip4][..tcp] [..192.168.115.8][49605] -> [.106.185.35.110][...80] 
+              new: [....37] [ip4][..tcp] [..192.168.115.8][49606] -> [.106.185.35.110][...80] 
+         detected: [....36] [ip4][..tcp] [..192.168.115.8][49605] -> [.106.185.35.110][...80] [HTTP.1kxun][Streaming][Fun]
+         detected: [....37] [ip4][..tcp] [..192.168.115.8][49606] -> [.106.185.35.110][...80] [HTTP.1kxun][Streaming][Fun]
+          analyse: [....37] [ip4][..tcp] [..192.168.115.8][49606] -> [.106.185.35.110][...80] [HTTP.1kxun][Streaming][Fun]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|   0.147|   0.015|   0.033]
+                   [IAT(c->s)...:    0.000|   0.147|   0.017|   0.040][IAT(s->c)...:    0.000|   0.110|   0.013|   0.027]
+                   [PKTLEN(c->s):   54.000| 411.000| 106.700| 124.300][PKTLEN(s->c):   60.000|1314.000|1175.000| 393.200]
+                   [BINS(c->s)..: 12,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,16,0,0,0,0,0,0,0,0]
+              new: [....38] [ip4][..tcp] [..192.168.115.8][49607] -> [218.244.135.170][.9099] 
+         detected: [....38] [ip4][..tcp] [..192.168.115.8][49607] -> [218.244.135.170][.9099] [HTTP][Web][Acceptable]
+                   RISK: Known Proto on Non Std Port, HTTP Numeric IP Address
+              new: [....39] [ip4][..udp] [..192.168.115.8][54420] -> [........8.8.8.8][...53] 
+         detected: [....39] [ip4][..udp] [..192.168.115.8][54420] -> [........8.8.8.8][...53] [DNS.QQ][Chat][Fun]
+ detection-update: [....39] [ip4][..udp] [..192.168.115.8][54420] -> [........8.8.8.8][...53] [DNS.QQ][Chat][Fun]
+              new: [....40] [ip4][..tcp] [..192.168.115.8][49608] -> [203.205.151.234][...80] 
+         detected: [....40] [ip4][..tcp] [..192.168.115.8][49608] -> [203.205.151.234][...80] [HTTP.QQ][Chat][Fun]
+              new: [....41] [ip4][..tcp] [..192.168.115.8][49609] -> [..42.120.51.152][.8080] 
+              new: [....42] [ip4][..udp] [.192.168.10.110][60480] -> [255.255.255.255][62976] 
+         detected: [....41] [ip4][..tcp] [..192.168.115.8][49609] -> [..42.120.51.152][.8080] [HTTP][Web][Acceptable]
+                   RISK: Known Proto on Non Std Port, HTTP Numeric IP Address
+              new: [....43] [ip4][..udp] [...192.168.5.37][56366] -> [....224.0.0.252][.5355] 
+         detected: [....43] [ip4][..udp] [...192.168.5.37][56366] -> [....224.0.0.252][.5355] [LLMNR][Network][Acceptable]
+              new: [....44] [ip4][..udp] [...192.168.5.37][57325] -> [239.255.255.250][.1900] 
+         detected: [....44] [ip4][..udp] [...192.168.5.37][57325] -> [239.255.255.250][.1900] [SSDP][System][Acceptable]
+              new: [....45] [ip4][..tcp] [...192.168.5.16][53623] -> [.192.168.115.75][..443] 
+         detected: [....45] [ip4][..tcp] [...192.168.5.16][53623] -> [.192.168.115.75][..443] [TLS][Web][Safe]
+                   RISK: TLS (probably) Not Carrying HTTPS
+ detection-update: [....45] [ip4][..tcp] [...192.168.5.16][53623] -> [.192.168.115.75][..443] [TLS][Web][Safe]
+                   RISK: Weak TLS Cipher, TLS (probably) Not Carrying HTTPS
+              new: [....46] [ip4][..tcp] [..192.168.115.8][49612] -> [.183.131.48.145][...80] 
+              new: [....47] [ip4][..udp] [.192.168.101.33][58456] -> [....224.0.0.252][.5355] 
+         detected: [....47] [ip4][..udp] [.192.168.101.33][58456] -> [....224.0.0.252][.5355] [LLMNR][Network][Acceptable]
+              new: [....48] [ip4][..udp] [....192.168.5.9][58456] -> [....224.0.0.252][.5355] 
+         detected: [....48] [ip4][..udp] [....192.168.5.9][58456] -> [....224.0.0.252][.5355] [LLMNR][Network][Acceptable]
+         detected: [....46] [ip4][..tcp] [..192.168.115.8][49612] -> [.183.131.48.145][...80] [HTTP][Web][Acceptable]
+                   RISK: HTTP Numeric IP Address
+              new: [....49] [ip4][..tcp] [..192.168.115.8][49613] -> [.183.131.48.144][...80] 
+          analyse: [....41] [ip4][..tcp] [..192.168.115.8][49609] -> [..42.120.51.152][.8080] [HTTP][Web][Acceptable]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|   0.399|   0.070|   0.104]
+                   [IAT(c->s)...:    0.000|   0.350|   0.066|   0.103][IAT(s->c)...:    0.000|   0.399|   0.076|   0.106]
+                   [PKTLEN(c->s):   54.000| 499.000| 245.400| 193.100][PKTLEN(s->c):   60.000|1314.000| 538.800| 555.700]
+                   [BINS(c->s)..: 9,0,0,0,0,0,0,4,0,0,0,0,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,4,0,0,0,0,0,0,0,0]
+         detected: [....49] [ip4][..tcp] [..192.168.115.8][49613] -> [.183.131.48.144][...80] [HTTP][Web][Acceptable]
+                   RISK: HTTP Numeric IP Address
+ detection-update: [....49] [ip4][..tcp] [..192.168.115.8][49613] -> [.183.131.48.144][...80] [HTTP][Media][Acceptable]
+                   RISK: HTTP Numeric IP Address
+              new: [....50] [ip4][..udp] [.192.168.101.33][55485] -> [239.255.255.250][.1900] 
+         detected: [....50] [ip4][..udp] [.192.168.101.33][55485] -> [239.255.255.250][.1900] [SSDP][System][Acceptable]
+              new: [....51] [ip4][..udp] [....192.168.5.9][55484] -> [239.255.255.250][.1900] 
+         detected: [....51] [ip4][..udp] [....192.168.5.9][55484] -> [239.255.255.250][.1900] [SSDP][System][Acceptable]
+              new: [....52] [ip6][..udp] [...............fe80::9bd:81dd:2fdc:5750][61548] -> [..............................ff02::1:3][.5355] 
+         detected: [....52] [ip6][..udp] [...............fe80::9bd:81dd:2fdc:5750][61548] -> [..............................ff02::1:3][.5355] [LLMNR][Network][Acceptable]
+              new: [....53] [ip4][..udp] [...192.168.5.49][61548] -> [....224.0.0.252][.5355] 
+         detected: [....53] [ip4][..udp] [...192.168.5.49][61548] -> [....224.0.0.252][.5355] [LLMNR][Network][Acceptable]
+              new: [....54] [ip4][..udp] [...192.168.5.49][51704] -> [239.255.255.250][.1900] 
+         detected: [....54] [ip4][..udp] [...192.168.5.49][51704] -> [239.255.255.250][.1900] [SSDP][System][Acceptable]
+              new: [....55] [ip4][..udp] [...192.168.5.16][...68] -> [..192.168.119.1][...67] 
+         detected: [....55] [ip4][..udp] [...192.168.5.16][...68] -> [..192.168.119.1][...67] [DHCP][Network][Acceptable]
+          analyse: [....49] [ip4][..tcp] [..192.168.115.8][49613] -> [.183.131.48.144][...80] [HTTP][Media][Acceptable]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|   0.863|   0.183|   0.253]
+                   [IAT(c->s)...:    0.000|   0.863|   0.155|   0.262][IAT(s->c)...:    0.000|   0.666|   0.228|   0.231]
+                   [PKTLEN(c->s):   54.000| 557.000| 105.500| 150.500][PKTLEN(s->c):   60.000|1078.000| 846.400| 406.300]
+                   [BINS(c->s)..: 18,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 2,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,9,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+              new: [....56] [ip4][..udp] [.59.120.208.218][50151] -> [255.255.255.255][.1947] 
+              new: [....57] [ip4][..tcp] [..192.168.115.8][49596] -> [..203.66.182.87][..443] [MIDSTREAM] 
+              new: [....58] [ip4][..tcp] [...192.168.5.16][53613] -> [.68.233.253.133][...80] [MIDSTREAM] 
+              new: [....59] [ip4][..tcp] [...192.168.5.16][53624] -> [.68.233.253.133][...80] 
+         detected: [....59] [ip4][..tcp] [...192.168.5.16][53624] -> [.68.233.253.133][...80] [HTTP][Web][Acceptable]
+              new: [....60] [ip6][..udp] [...............fe80::4e5e:cff:fe9a:ec54][.5678] -> [................................ff02::1][.5678] 
+              new: [....61] [ip4][..tcp] [..192.168.115.8][49581] -> [.64.233.189.128][...80] [MIDSTREAM] 
+              new: [....62] [ip6][..udp] [..............fe80::5d92:62a8:ebde:1319][63659] -> [..............................ff02::1:3][.5355] 
+         detected: [....62] [ip6][..udp] [..............fe80::5d92:62a8:ebde:1319][63659] -> [..............................ff02::1:3][.5355] [LLMNR][Network][Acceptable]
+              new: [....63] [ip4][..udp] [..192.168.3.236][51714] -> [....224.0.0.252][.5355] 
+         detected: [....63] [ip4][..udp] [..192.168.3.236][51714] -> [....224.0.0.252][.5355] [LLMNR][Network][Acceptable]
+              new: [....64] [ip4][..udp] [..192.168.3.236][..137] -> [192.168.255.255][..137] 
+         detected: [....64] [ip4][..udp] [..192.168.3.236][..137] -> [192.168.255.255][..137] [NetBIOS][System][Acceptable]
+              new: [....65] [ip4][..udp] [192.168.140.140][62976] -> [255.255.255.255][62976] 
+              new: [....66] [ip6][..udp] [.......2001:b020:6::c2a0:bbff:fe73:eb57][62976] -> [................................ff02::1][62976] 
+              new: [....67] [ip4][..udp] [...192.168.5.45][59789] -> [192.168.255.255][..137] 
+         detected: [....67] [ip4][..udp] [...192.168.5.45][59789] -> [192.168.255.255][..137] [NetBIOS][System][Acceptable]
+              new: [....68] [ip4][..udp] [...192.168.5.45][59461] -> [192.168.255.255][..137] 
+         detected: [....68] [ip4][..udp] [...192.168.5.45][59461] -> [192.168.255.255][..137] [NetBIOS][System][Acceptable]
+              new: [....69] [ip4][..udp] [...192.168.5.45][..137] -> [192.168.255.255][..137] 
+         detected: [....69] [ip4][..udp] [...192.168.5.45][..137] -> [192.168.255.255][..137] [NetBIOS][System][Acceptable]
+              new: [....70] [ip4][..udp] [...192.168.5.45][..138] -> [192.168.255.255][..138] 
+         detected: [....70] [ip4][..udp] [...192.168.5.45][..138] -> [192.168.255.255][..138] [NetBIOS.SMBv1][System][Dangerous]
+                   RISK: Unsafe Protocol
+              new: [....71] [ip4][..udp] [...192.168.10.7][62976] -> [255.255.255.255][62976] 
+              new: [....72] [ip6][..udp] [..............fe80::4568:efbc:40b1:1346][50194] -> [..............................ff02::1:3][.5355] 
+         detected: [....72] [ip6][..udp] [..............fe80::4568:efbc:40b1:1346][50194] -> [..............................ff02::1:3][.5355] [LLMNR][Network][Acceptable]
+              new: [....73] [ip4][..udp] [...192.168.5.41][54470] -> [....224.0.0.252][.5355] 
+         detected: [....73] [ip4][..udp] [...192.168.5.41][54470] -> [....224.0.0.252][.5355] [LLMNR][Network][Acceptable]
+              new: [....74] [ip4][..udp] [....192.168.5.9][...68] -> [255.255.255.255][...67] 
+         detected: [....74] [ip4][..udp] [....192.168.5.9][...68] -> [255.255.255.255][...67] [DHCP][Network][Acceptable]
+              new: [....75] [ip4][..udp] [...192.168.5.48][49701] -> [239.255.255.250][.1900] 
+         detected: [....75] [ip4][..udp] [...192.168.5.48][49701] -> [239.255.255.250][.1900] [SSDP][System][Acceptable]
+              new: [....76] [ip4][..udp] [...192.168.5.64][.5353] -> [....224.0.0.251][.5353] 
+         detected: [....76] [ip4][..udp] [...192.168.5.64][.5353] -> [....224.0.0.251][.5353] [MDNS][Network][Acceptable]
+              new: [....77] [ip4][..udp] [..192.168.2.186][32768] -> [255.255.255.255][.1947] 
+              new: [....78] [ip4][..udp] [...192.168.5.48][59797] -> [....224.0.0.252][.5355] 
+         detected: [....78] [ip4][..udp] [...192.168.5.48][59797] -> [....224.0.0.252][.5355] [LLMNR][Network][Acceptable]
+              new: [....79] [ip4][..udp] [..192.168.0.100][50925] -> [255.255.255.255][.5678] 
+              new: [....80] [ip4][..udp] [...192.168.5.57][65150] -> [....224.0.0.252][.5355] 
+         detected: [....80] [ip4][..udp] [...192.168.5.57][65150] -> [....224.0.0.252][.5355] [LLMNR][Network][Acceptable]
+              new: [....81] [ip6][..udp] [...............fe80::e034:7be:d8f9:6197][62756] -> [..............................ff02::1:3][.5355] 
+         detected: [....81] [ip6][..udp] [...............fe80::e034:7be:d8f9:6197][62756] -> [..............................ff02::1:3][.5355] [LLMNR][Network][Acceptable]
+              new: [....82] [ip4][..udp] [...192.168.5.50][62756] -> [....224.0.0.252][.5355] 
+         detected: [....82] [ip4][..udp] [...192.168.5.50][62756] -> [....224.0.0.252][.5355] [LLMNR][Network][Acceptable]
+              new: [....83] [ip4][..udp] [...192.168.5.49][.1900] -> [239.255.255.250][.1900] 
+         detected: [....83] [ip4][..udp] [...192.168.5.49][.1900] -> [239.255.255.250][.1900] [SSDP][System][Acceptable]
+              new: [....84] [ip6][..udp] [...............fe80::9bd:81dd:2fdc:5750][.1900] -> [................................ff02::c][.1900] 
+         detected: [....84] [ip6][..udp] [...............fe80::9bd:81dd:2fdc:5750][.1900] -> [................................ff02::c][.1900] [SSDP][System][Acceptable]
+              new: [....85] [ip4][..udp] [...192.168.5.50][50030] -> [....224.0.0.252][.5355] 
+         detected: [....85] [ip4][..udp] [...192.168.5.50][50030] -> [....224.0.0.252][.5355] [LLMNR][Network][Acceptable]
+              new: [....86] [ip4][..udp] [.59.120.208.212][32768] -> [255.255.255.255][.1947] 
+              new: [....87] [ip4][..tcp] [...192.168.5.16][53625] -> [.192.168.115.75][..443] 
+         detected: [....87] [ip4][..tcp] [...192.168.5.16][53625] -> [.192.168.115.75][..443] [TLS][Web][Safe]
+                   RISK: TLS (probably) Not Carrying HTTPS
+ detection-update: [....87] [ip4][..tcp] [...192.168.5.16][53625] -> [.192.168.115.75][..443] [TLS][Web][Safe]
+                   RISK: Weak TLS Cipher, TLS (probably) Not Carrying HTTPS
+              new: [....88] [ip4][..udp] [..192.168.119.1][56861] -> [255.255.255.255][.5678] 
+              new: [....89] [ip6][..udp] [................fe80::4e5e:cff:feea:365][.5678] -> [................................ff02::1][.5678] 
+              new: [....90] [ip6][..udp] [..............fe80::5d92:62a8:ebde:1319][49735] -> [..............................ff02::1:3][.5355] 
+         detected: [....90] [ip6][..udp] [..............fe80::5d92:62a8:ebde:1319][49735] -> [..............................ff02::1:3][.5355] [LLMNR][Network][Acceptable]
+              new: [....91] [ip4][..udp] [..192.168.3.236][62069] -> [....224.0.0.252][.5355] 
+         detected: [....91] [ip4][..udp] [..192.168.3.236][62069] -> [....224.0.0.252][.5355] [LLMNR][Network][Acceptable]
+              new: [....92] [ip4][..udp] [...192.168.5.44][58702] -> [....224.0.0.252][.5355] 
+         detected: [....92] [ip4][..udp] [...192.168.5.44][58702] -> [....224.0.0.252][.5355] [LLMNR][Network][Acceptable]
+              new: [....93] [ip6][..udp] [..............fe80::beee:7bff:fe0c:b3de][..546] -> [..............................ff02::1:2][..547] 
+         detected: [....93] [ip6][..udp] [..............fe80::beee:7bff:fe0c:b3de][..546] -> [..............................ff02::1:2][..547] [DHCPV6][Network][Acceptable]
+              new: [....94] [ip4][..udp] [..192.168.119.2][43786] -> [255.255.255.255][.5678] 
+              new: [....95] [ip6][..udp] [..............fe80::edf5:240a:c8c0:8312][53962] -> [..............................ff02::1:3][.5355] 
+         detected: [....95] [ip6][..udp] [..............fe80::edf5:240a:c8c0:8312][53962] -> [..............................ff02::1:3][.5355] [LLMNR][Network][Acceptable]
+              new: [....96] [ip4][..udp] [...192.168.5.47][53962] -> [....224.0.0.252][.5355] 
+         detected: [....96] [ip4][..udp] [...192.168.5.47][53962] -> [....224.0.0.252][.5355] [LLMNR][Network][Acceptable]
+              new: [....97] [ip6][..udp] [..............fe80::e98f:bae2:19f7:6b0f][51451] -> [..............................ff02::1:3][.5355] 
+         detected: [....97] [ip6][..udp] [..............fe80::e98f:bae2:19f7:6b0f][51451] -> [..............................ff02::1:3][.5355] [LLMNR][Network][Acceptable]
+              new: [....98] [ip4][..udp] [...192.168.3.95][51451] -> [....224.0.0.252][.5355] 
+         detected: [....98] [ip4][..udp] [...192.168.3.95][51451] -> [....224.0.0.252][.5355] [LLMNR][Network][Acceptable]
+              new: [....99] [ip6][..udp] [..............fe80::5d92:62a8:ebde:1319][53938] -> [..............................ff02::1:3][.5355] 
+         detected: [....99] [ip6][..udp] [..............fe80::5d92:62a8:ebde:1319][53938] -> [..............................ff02::1:3][.5355] [LLMNR][Network][Acceptable]
+              new: [...100] [ip4][..udp] [..192.168.3.236][56043] -> [....224.0.0.252][.5355] 
+         detected: [...100] [ip4][..udp] [..192.168.3.236][56043] -> [....224.0.0.252][.5355] [LLMNR][Network][Acceptable]
+              new: [...101] [ip4][..tcp] [.119.235.235.84][..443] -> [...192.168.5.16][53406] [MIDSTREAM] 
+              new: [...102] [ip4][..udp] [...192.168.5.37][54506] -> [....224.0.0.252][.5355] 
+         detected: [...102] [ip4][..udp] [...192.168.5.37][54506] -> [....224.0.0.252][.5355] [LLMNR][Network][Acceptable]
+              new: [...103] [ip6][..udp] [...............fe80::9bd:81dd:2fdc:5750][64568] -> [..............................ff02::1:3][.5355] 
+         detected: [...103] [ip6][..udp] [...............fe80::9bd:81dd:2fdc:5750][64568] -> [..............................ff02::1:3][.5355] [LLMNR][Network][Acceptable]
+              new: [...104] [ip4][..udp] [...192.168.5.49][64568] -> [....224.0.0.252][.5355] 
+         detected: [...104] [ip4][..udp] [...192.168.5.49][64568] -> [....224.0.0.252][.5355] [LLMNR][Network][Acceptable]
+              new: [...105] [ip4][..udp] [...192.168.5.41][...68] -> [255.255.255.255][...67] 
+         detected: [...105] [ip4][..udp] [...192.168.5.41][...68] -> [255.255.255.255][...67] [DHCP][Network][Acceptable]
+              new: [...106] [ip4][..tcp] [...192.168.5.16][53580] -> [....31.13.87.36][..443] [MIDSTREAM] 
+         detected: [...106] [ip4][..tcp] [...192.168.5.16][53580] -> [....31.13.87.36][..443] [TLS.Facebook][SocialNetwork][Fun]
+              new: [...107] [ip4][..tcp] [...192.168.5.16][53626] -> [.192.168.115.75][..443] 
+         detected: [...107] [ip4][..tcp] [...192.168.5.16][53626] -> [.192.168.115.75][..443] [TLS][Web][Safe]
+                   RISK: TLS (probably) Not Carrying HTTPS
+ detection-update: [...107] [ip4][..tcp] [...192.168.5.16][53626] -> [.192.168.115.75][..443] [TLS][Web][Safe]
+                   RISK: Weak TLS Cipher, TLS (probably) Not Carrying HTTPS
+              new: [...108] [ip4][..udp] [...192.168.5.16][63372] -> [.....168.95.1.1][...53] 
+         detected: [...108] [ip4][..udp] [...192.168.5.16][63372] -> [.....168.95.1.1][...53] [DNS][Network][Acceptable]
+ detection-update: [...108] [ip4][..udp] [...192.168.5.16][63372] -> [.....168.95.1.1][...53] [DNS][Network][Acceptable]
+              new: [...109] [ip4][..tcp] [...192.168.5.16][53627] -> [...203.69.81.73][...80] 
+              new: [...110] [ip4][..tcp] [...192.168.5.16][53628] -> [...203.69.81.73][...80] 
+         detected: [...110] [ip4][..tcp] [...192.168.5.16][53628] -> [...203.69.81.73][...80] [HTTP][Web][Acceptable]
+         detected: [...109] [ip4][..tcp] [...192.168.5.16][53627] -> [...203.69.81.73][...80] [HTTP][Web][Acceptable]
+              new: [...111] [ip4][..udp] [.192.168.101.33][62822] -> [....224.0.0.252][.5355] 
+         detected: [...111] [ip4][..udp] [.192.168.101.33][62822] -> [....224.0.0.252][.5355] [LLMNR][Network][Acceptable]
+              new: [...112] [ip4][..udp] [....192.168.5.9][62822] -> [....224.0.0.252][.5355] 
+         detected: [...112] [ip4][..udp] [....192.168.5.9][62822] -> [....224.0.0.252][.5355] [LLMNR][Network][Acceptable]
+              new: [...113] [ip4][..tcp] [.....31.13.87.1][..443] -> [...192.168.5.16][53578] [MIDSTREAM] 
+         detected: [...113] [ip4][..tcp] [.....31.13.87.1][..443] -> [...192.168.5.16][53578] [TLS.Facebook][SocialNetwork][Fun]
+              new: [...114] [ip6][..udp] [..............fe80::5d92:62a8:ebde:1319][61172] -> [..............................ff02::1:3][.5355] 
+         detected: [...114] [ip6][..udp] [..............fe80::5d92:62a8:ebde:1319][61172] -> [..............................ff02::1:3][.5355] [LLMNR][Network][Acceptable]
+              new: [...115] [ip4][..udp] [..192.168.3.236][59730] -> [....224.0.0.252][.5355] 
+         detected: [...115] [ip4][..udp] [..192.168.3.236][59730] -> [....224.0.0.252][.5355] [LLMNR][Network][Acceptable]
+              new: [...116] [ip6][..udp] [..............fe80::f65c:89ff:fe89:e607][..546] -> [..............................ff02::1:2][..547] 
+         detected: [...116] [ip6][..udp] [..............fe80::f65c:89ff:fe89:e607][..546] -> [..............................ff02::1:2][..547] [DHCPV6][Network][Acceptable]
+              new: [...117] [ip4][..tcp] [...192.168.5.16][53629] -> [.192.168.115.75][..443] 
+         detected: [...117] [ip4][..tcp] [...192.168.5.16][53629] -> [.192.168.115.75][..443] [TLS][Web][Safe]
+                   RISK: TLS (probably) Not Carrying HTTPS
+ detection-update: [...117] [ip4][..tcp] [...192.168.5.16][53629] -> [.192.168.115.75][..443] [TLS][Web][Safe]
+                   RISK: Weak TLS Cipher, TLS (probably) Not Carrying HTTPS
+           update: [.....7] [ip4][..udp] [...192.168.5.41][55312] -> [239.255.255.250][.1900] [SSDP][System][Acceptable]
+           update: [....14] [ip4][..udp] [..192.168.115.8][51024] -> [........8.8.8.8][...53] [DNS.1kxun][Streaming][Fun]
+           update: [....21] [ip4][..udp] [...192.168.3.95][59468] -> [239.255.255.250][.1900] [SSDP][System][Acceptable]
+           update: [.....8] [ip4][..udp] [........0.0.0.0][...68] -> [255.255.255.255][...67] [DHCP][Network][Acceptable]
+           update: [.....3] [ip4][..udp] [...192.168.5.44][51389] -> [239.255.255.250][.1900] [SSDP][System][Acceptable]
+           update: [.....4] [ip4][..udp] [..192.168.119.1][...67] -> [255.255.255.255][...68] [DHCP][Network][Acceptable]
+           update: [.....2] [ip4][..udp] [...192.168.5.57][55809] -> [239.255.255.250][.1900] [SSDP][System][Acceptable]
+           update: [....18] [ip4][..udp] [..192.168.115.8][..137] -> [192.168.255.255][..137] [NetBIOS][System][Acceptable]
+           update: [....12] [ip4][..udp] [...192.168.5.47][60267] -> [239.255.255.250][.1900] [SSDP][System][Acceptable]
+           update: [....20] [ip4][..udp] [...192.168.3.95][58779] -> [....224.0.0.252][.5355] [LLMNR][Network][Acceptable]
+           update: [.....6] [ip4][..udp] [...192.168.5.50][64674] -> [239.255.255.250][.1900] [SSDP][System][Acceptable]
+           update: [.....9] [ip6][..udp] [...............fe80::406:55a8:6453:25dd][..546] -> [..............................ff02::1:2][..547] [DHCPV6][Network][Acceptable]
+           update: [....19] [ip6][..udp] [..............fe80::e98f:bae2:19f7:6b0f][58779] -> [..............................ff02::1:3][.5355] [LLMNR][Network][Acceptable]
+           update: [....16] [ip4][..udp] [..192.168.115.8][52723] -> [........8.8.8.8][...53] [DNS.1kxun][Streaming][Fun]
+           update: [....11] [ip4][..udp] [...192.168.5.47][61603] -> [....224.0.0.252][.5355] [LLMNR][Network][Acceptable]
+           update: [.....1] [ip4][..udp] [...192.168.5.44][59571] -> [....224.0.0.252][.5355] [LLMNR][Network][Acceptable]
+           update: [....10] [ip6][..udp] [..............fe80::edf5:240a:c8c0:8312][61603] -> [..............................ff02::1:3][.5355] [LLMNR][Network][Acceptable]
+           update: [....13] [ip4][..udp] [..192.168.115.8][51458] -> [....224.0.0.252][.5355] [LLMNR][Network][Acceptable]
+          analyse: [....31] [ip4][..tcp] [..192.168.115.8][49603] -> [.106.187.35.246][...80] [HTTP.1kxun][Streaming][Fun]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|  45.001|   1.464|   7.949]
+                   [IAT(c->s)...:    0.000|  45.001|   4.519|  13.494][IAT(s->c)...:    0.000|   0.069|   0.009|   0.022]
+                   [PKTLEN(c->s):   54.000| 415.000| 121.900| 138.200][PKTLEN(s->c):   60.000|1314.000|1148.500| 404.800]
+                   [BINS(c->s)..: 9,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 2,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,17,0,0,0,0,0,0,0,0]
+              new: [...118] [ip4][..udp] [..192.168.0.104][..137] -> [192.168.255.255][..137] 
+         detected: [...118] [ip4][..udp] [..192.168.0.104][..137] -> [192.168.255.255][..137] [NetBIOS][System][Acceptable]
+              new: [...119] [ip4][..udp] [...192.168.5.16][..123] -> [..17.253.26.125][..123] 
+         detected: [...119] [ip4][..udp] [...192.168.5.16][..123] -> [..17.253.26.125][..123] [NTP][System][Acceptable]
+              new: [...120] [ip6][..udp] [..............fe80::4568:efbc:40b1:1346][57148] -> [..............................ff02::1:3][.5355] 
+         detected: [...120] [ip6][..udp] [..............fe80::4568:efbc:40b1:1346][57148] -> [..............................ff02::1:3][.5355] [LLMNR][Network][Acceptable]
+              new: [...121] [ip4][..udp] [...192.168.5.41][55593] -> [....224.0.0.252][.5355] 
+         detected: [...121] [ip4][..udp] [...192.168.5.41][55593] -> [....224.0.0.252][.5355] [LLMNR][Network][Acceptable]
+              new: [...122] [ip4][..udp] [...192.168.5.57][64428] -> [....224.0.0.252][.5355] 
+         detected: [...122] [ip4][..udp] [...192.168.5.57][64428] -> [....224.0.0.252][.5355] [LLMNR][Network][Acceptable]
+              new: [...123] [ip6][..udp] [...............fe80::e034:7be:d8f9:6197][57143] -> [..............................ff02::1:3][.5355] 
+         detected: [...123] [ip6][..udp] [...............fe80::e034:7be:d8f9:6197][57143] -> [..............................ff02::1:3][.5355] [LLMNR][Network][Acceptable]
+              new: [...124] [ip4][..udp] [...192.168.5.50][57143] -> [....224.0.0.252][.5355] 
+         detected: [...124] [ip4][..udp] [...192.168.5.50][57143] -> [....224.0.0.252][.5355] [LLMNR][Network][Acceptable]
+              new: [...125] [ip6][..udp] [...............fe80::e034:7be:d8f9:6197][49766] -> [..............................ff02::1:3][.5355] 
+         detected: [...125] [ip6][..udp] [...............fe80::e034:7be:d8f9:6197][49766] -> [..............................ff02::1:3][.5355] [LLMNR][Network][Acceptable]
+              new: [...126] [ip4][..udp] [...192.168.5.50][49766] -> [....224.0.0.252][.5355] 
+         detected: [...126] [ip4][..udp] [...192.168.5.50][49766] -> [....224.0.0.252][.5355] [LLMNR][Network][Acceptable]
+              new: [...127] [ip4][..udp] [...192.168.5.44][59062] -> [....224.0.0.252][.5355] 
+         detected: [...127] [ip4][..udp] [...192.168.5.44][59062] -> [....224.0.0.252][.5355] [LLMNR][Network][Acceptable]
+              new: [...128] [ip6][..udp] [..............fe80::5d92:62a8:ebde:1319][58468] -> [..............................ff02::1:3][.5355] 
+         detected: [...128] [ip6][..udp] [..............fe80::5d92:62a8:ebde:1319][58468] -> [..............................ff02::1:3][.5355] [LLMNR][Network][Acceptable]
+              new: [...129] [ip4][..udp] [..192.168.3.236][65496] -> [....224.0.0.252][.5355] 
+         detected: [...129] [ip4][..udp] [..192.168.3.236][65496] -> [....224.0.0.252][.5355] [LLMNR][Network][Acceptable]
+           update: [....44] [ip4][..udp] [...192.168.5.37][57325] -> [239.255.255.250][.1900] [SSDP][System][Acceptable]
+           update: [....51] [ip4][..udp] [....192.168.5.9][55484] -> [239.255.255.250][.1900] [SSDP][System][Acceptable]
+           update: [....50] [ip4][..udp] [.192.168.101.33][55485] -> [239.255.255.250][.1900] [SSDP][System][Acceptable]
+           update: [....23] [ip6][..udp] [..2001:b030:214:100:c2a0:bbff:fe73:eb47][62976] -> [................................ff02::1][62976] 
+           update: [....55] [ip4][..udp] [...192.168.5.16][...68] -> [..192.168.119.1][...67] [DHCP][Network][Acceptable]
+           update: [....54] [ip4][..udp] [...192.168.5.49][51704] -> [239.255.255.250][.1900] [SSDP][System][Acceptable]
+           update: [....35] [ip4][..udp] [...192.168.5.67][..138] -> [192.168.255.255][..138] [NetBIOS.SMBv1][System][Dangerous]
+                   RISK: Unsafe Protocol
+           update: [....43] [ip4][..udp] [...192.168.5.37][56366] -> [....224.0.0.252][.5355] [LLMNR][Network][Acceptable]
+           update: [....47] [ip4][..udp] [.192.168.101.33][58456] -> [....224.0.0.252][.5355] [LLMNR][Network][Acceptable]
+           update: [....48] [ip4][..udp] [....192.168.5.9][58456] -> [....224.0.0.252][.5355] [LLMNR][Network][Acceptable]
+           update: [....42] [ip4][..udp] [.192.168.10.110][60480] -> [255.255.255.255][62976] 
+           update: [....56] [ip4][..udp] [.59.120.208.218][50151] -> [255.255.255.255][.1947] 
+           update: [....22] [ip4][..udp] [.192.168.125.30][62976] -> [255.255.255.255][62976] 
+           update: [....34] [ip4][..udp] [...192.168.3.95][54888] -> [....224.0.0.252][.5355] [LLMNR][Network][Acceptable]
+           update: [....39] [ip4][..udp] [..192.168.115.8][54420] -> [........8.8.8.8][...53] [DNS.QQ][Chat][Fun]
+           update: [....26] [ip4][..udp] [..192.168.115.8][60724] -> [........8.8.8.8][...53] [DNS.1kxun][Streaming][Fun]
+           update: [....52] [ip6][..udp] [...............fe80::9bd:81dd:2fdc:5750][61548] -> [..............................ff02::1:3][.5355] [LLMNR][Network][Acceptable]
+           update: [....24] [ip4][..udp] [..192.168.115.8][52723] -> [.....168.95.1.1][...53] [DNS.1kxun][Streaming][Fun]
+           update: [....53] [ip4][..udp] [...192.168.5.49][61548] -> [....224.0.0.252][.5355] [LLMNR][Network][Acceptable]
+           update: [....33] [ip6][..udp] [..............fe80::e98f:bae2:19f7:6b0f][54888] -> [..............................ff02::1:3][.5355] [LLMNR][Network][Acceptable]
+     DAEMON-EVENT: [Processed: 1439 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 129 / 129|skipped: 0|!detected: 0|guessed: 0|detection-updates: 11|updates: 38]
+              new: [...130] [ip4][..tcp] [..192.168.2.126][60962] -> [..172.104.93.92][.1234] [MIDSTREAM] 
+         detected: [...130] [ip4][..tcp] [..192.168.2.126][60962] -> [..172.104.93.92][.1234] [HTTP.1kxun][Streaming][Fun]
+                   RISK: Known Proto on Non Std Port
+              new: [...131] [ip4][..tcp] [..192.168.2.126][60972] -> [..172.104.93.92][.1234] [MIDSTREAM] 
+         detected: [...131] [ip4][..tcp] [..192.168.2.126][60972] -> [..172.104.93.92][.1234] [HTTP.1kxun][Streaming][Fun]
+                   RISK: Known Proto on Non Std Port
+              new: [...132] [ip4][..tcp] [..192.168.2.126][60984] -> [..172.104.93.92][.1234] [MIDSTREAM] 
+         detected: [...132] [ip4][..tcp] [..192.168.2.126][60984] -> [..172.104.93.92][.1234] [HTTP.1kxun][Streaming][Fun]
+                   RISK: Known Proto on Non Std Port
+              new: [...133] [ip4][..tcp] [..192.168.2.126][47230] -> [..161.117.13.29][...80] [MIDSTREAM] 
+         detected: [...133] [ip4][..tcp] [..192.168.2.126][47230] -> [..161.117.13.29][...80] [HTTP.1kxun][Streaming][Fun]
+              new: [...134] [ip4][..tcp] [..192.168.2.126][41134] -> [.129.226.107.77][...80] [MIDSTREAM] 
+         detected: [...134] [ip4][..tcp] [..192.168.2.126][41134] -> [.129.226.107.77][...80] [HTTP.QQ][Chat][Fun]
+              new: [...135] [ip4][..tcp] [..192.168.2.126][47246] -> [..161.117.13.29][...80] [MIDSTREAM] 
+         detected: [...135] [ip4][..tcp] [..192.168.2.126][47246] -> [..161.117.13.29][...80] [HTTP.1kxun][Streaming][Fun]
+              new: [...136] [ip4][..tcp] [..192.168.2.126][47262] -> [..161.117.13.29][...80] [MIDSTREAM] 
+         detected: [...136] [ip4][..tcp] [..192.168.2.126][47262] -> [..161.117.13.29][...80] [HTTP.1kxun][Streaming][Fun]
+             idle: [....44] [ip4][..udp] [...192.168.5.37][57325] -> [239.255.255.250][.1900] [SSDP][System][Acceptable]
+             idle: [....78] [ip4][..udp] [...192.168.5.48][59797] -> [....224.0.0.252][.5355] [LLMNR][Network][Acceptable]
+             idle: [...108] [ip4][..udp] [...192.168.5.16][63372] -> [.....168.95.1.1][...53] [DNS][Network][Acceptable]
+             idle: [.....7] [ip4][..udp] [...192.168.5.41][55312] -> [239.255.255.250][.1900] [SSDP][System][Acceptable]
+             idle: [...125] [ip6][..udp] [...............fe80::e034:7be:d8f9:6197][49766] -> [..............................ff02::1:3][.5355] [LLMNR][Network][Acceptable]
+             idle: [...109] [ip4][..tcp] [...192.168.5.16][53627] -> [...203.69.81.73][...80] [HTTP][Web][Acceptable]
+             idle: [...110] [ip4][..tcp] [...192.168.5.16][53628] -> [...203.69.81.73][...80] [HTTP][Web][Acceptable]
+             idle: [....14] [ip4][..udp] [..192.168.115.8][51024] -> [........8.8.8.8][...53] [DNS.1kxun][Streaming][Fun]
+     not-detected: [....77] [ip4][..udp] [..192.168.2.186][32768] -> [255.255.255.255][.1947] [Unknown][Unrated]
+             idle: [....77] [ip4][..udp] [..192.168.2.186][32768] -> [255.255.255.255][.1947] 
+             idle: [....21] [ip4][..udp] [...192.168.3.95][59468] -> [239.255.255.250][.1900] [SSDP][System][Acceptable]
+             idle: [...120] [ip6][..udp] [..............fe80::4568:efbc:40b1:1346][57148] -> [..............................ff02::1:3][.5355] [LLMNR][Network][Acceptable]
+             idle: [.....8] [ip4][..udp] [........0.0.0.0][...68] -> [255.255.255.255][...67] [DHCP][Network][Acceptable]
+             idle: [....63] [ip4][..udp] [..192.168.3.236][51714] -> [....224.0.0.252][.5355] [LLMNR][Network][Acceptable]
+             idle: [....40] [ip4][..tcp] [..192.168.115.8][49608] -> [203.205.151.234][...80] [HTTP.QQ][Chat][Fun]
+             idle: [....51] [ip4][..udp] [....192.168.5.9][55484] -> [239.255.255.250][.1900] [SSDP][System][Acceptable]
+             idle: [....50] [ip4][..udp] [.192.168.101.33][55485] -> [239.255.255.250][.1900] [SSDP][System][Acceptable]
+             idle: [.....3] [ip4][..udp] [...192.168.5.44][51389] -> [239.255.255.250][.1900] [SSDP][System][Acceptable]
+             idle: [...113] [ip4][..tcp] [.....31.13.87.1][..443] -> [...192.168.5.16][53578] 
+             idle: [...106] [ip4][..tcp] [...192.168.5.16][53580] -> [....31.13.87.36][..443] 
+     not-detected: [....66] [ip6][..udp] [.......2001:b020:6::c2a0:bbff:fe73:eb57][62976] -> [................................ff02::1][62976] [Unknown][Unrated]
+             idle: [....66] [ip6][..udp] [.......2001:b020:6::c2a0:bbff:fe73:eb57][62976] -> [................................ff02::1][62976] 
+     not-detected: [....23] [ip6][..udp] [..2001:b030:214:100:c2a0:bbff:fe73:eb47][62976] -> [................................ff02::1][62976] [Unknown][Unrated]
+             idle: [....23] [ip6][..udp] [..2001:b030:214:100:c2a0:bbff:fe73:eb47][62976] -> [................................ff02::1][62976] 
+             idle: [...126] [ip4][..udp] [...192.168.5.50][49766] -> [....224.0.0.252][.5355] [LLMNR][Network][Acceptable]
+             idle: [....91] [ip4][..udp] [..192.168.3.236][62069] -> [....224.0.0.252][.5355] [LLMNR][Network][Acceptable]
+             idle: [...105] [ip4][..udp] [...192.168.5.41][...68] -> [255.255.255.255][...67] [DHCP][Network][Acceptable]
+             idle: [....74] [ip4][..udp] [....192.168.5.9][...68] -> [255.255.255.255][...67] [DHCP][Network][Acceptable]
+             idle: [.....4] [ip4][..udp] [..192.168.119.1][...67] -> [255.255.255.255][...68] [DHCP][Network][Acceptable]
+             idle: [....96] [ip4][..udp] [...192.168.5.47][53962] -> [....224.0.0.252][.5355] [LLMNR][Network][Acceptable]
+             idle: [...100] [ip4][..udp] [..192.168.3.236][56043] -> [....224.0.0.252][.5355] [LLMNR][Network][Acceptable]
+             idle: [....95] [ip6][..udp] [..............fe80::edf5:240a:c8c0:8312][53962] -> [..............................ff02::1:3][.5355] [LLMNR][Network][Acceptable]
+             idle: [....97] [ip6][..udp] [..............fe80::e98f:bae2:19f7:6b0f][51451] -> [..............................ff02::1:3][.5355] [LLMNR][Network][Acceptable]
+     not-detected: [....94] [ip4][..udp] [..192.168.119.2][43786] -> [255.255.255.255][.5678] [Unknown][Unrated]
+             idle: [....94] [ip4][..udp] [..192.168.119.2][43786] -> [255.255.255.255][.5678] 
+             idle: [....85] [ip4][..udp] [...192.168.5.50][50030] -> [....224.0.0.252][.5355] [LLMNR][Network][Acceptable]
+             idle: [....55] [ip4][..udp] [...192.168.5.16][...68] -> [..192.168.119.1][...67] [DHCP][Network][Acceptable]
+             idle: [....54] [ip4][..udp] [...192.168.5.49][51704] -> [239.255.255.250][.1900] [SSDP][System][Acceptable]
+             idle: [.....2] [ip4][..udp] [...192.168.5.57][55809] -> [239.255.255.250][.1900] [SSDP][System][Acceptable]
+             idle: [...103] [ip6][..udp] [...............fe80::9bd:81dd:2fdc:5750][64568] -> [..............................ff02::1:3][.5355] [LLMNR][Network][Acceptable]
+             idle: [...122] [ip4][..udp] [...192.168.5.57][64428] -> [....224.0.0.252][.5355] [LLMNR][Network][Acceptable]
+             idle: [....41] [ip4][..tcp] [..192.168.115.8][49609] -> [..42.120.51.152][.8080] [HTTP][Web][Acceptable]
+                   RISK: Known Proto on Non Std Port, HTTP Numeric IP Address
+             idle: [...114] [ip6][..udp] [..............fe80::5d92:62a8:ebde:1319][61172] -> [..............................ff02::1:3][.5355] [LLMNR][Network][Acceptable]
+             idle: [....75] [ip4][..udp] [...192.168.5.48][49701] -> [239.255.255.250][.1900] [SSDP][System][Acceptable]
+             idle: [....68] [ip4][..udp] [...192.168.5.45][59461] -> [192.168.255.255][..137] [NetBIOS][System][Acceptable]
+             idle: [...118] [ip4][..udp] [..192.168.0.104][..137] -> [192.168.255.255][..137] [NetBIOS][System][Acceptable]
+             idle: [....69] [ip4][..udp] [...192.168.5.45][..137] -> [192.168.255.255][..137] [NetBIOS][System][Acceptable]
+             idle: [....64] [ip4][..udp] [..192.168.3.236][..137] -> [192.168.255.255][..137] [NetBIOS][System][Acceptable]
+             idle: [....18] [ip4][..udp] [..192.168.115.8][..137] -> [192.168.255.255][..137] [NetBIOS][System][Acceptable]
+             idle: [....70] [ip4][..udp] [...192.168.5.45][..138] -> [192.168.255.255][..138] [NetBIOS.SMBv1][System][Dangerous]
+                   RISK: Unsafe Protocol
+             idle: [....35] [ip4][..udp] [...192.168.5.67][..138] -> [192.168.255.255][..138] [NetBIOS.SMBv1][System][Dangerous]
+                   RISK: Unsafe Protocol
+             idle: [....43] [ip4][..udp] [...192.168.5.37][56366] -> [....224.0.0.252][.5355] [LLMNR][Network][Acceptable]
+             idle: [...104] [ip4][..udp] [...192.168.5.49][64568] -> [....224.0.0.252][.5355] [LLMNR][Network][Acceptable]
+             idle: [....38] [ip4][..tcp] [..192.168.115.8][49607] -> [218.244.135.170][.9099] [HTTP][Web][Acceptable]
+                   RISK: Known Proto on Non Std Port, HTTP Numeric IP Address
+             idle: [....48] [ip4][..udp] [....192.168.5.9][58456] -> [....224.0.0.252][.5355] [LLMNR][Network][Acceptable]
+             idle: [....47] [ip4][..udp] [.192.168.101.33][58456] -> [....224.0.0.252][.5355] [LLMNR][Network][Acceptable]
+             idle: [....81] [ip6][..udp] [...............fe80::e034:7be:d8f9:6197][62756] -> [..............................ff02::1:3][.5355] [LLMNR][Network][Acceptable]
+     not-detected: [....42] [ip4][..udp] [.192.168.10.110][60480] -> [255.255.255.255][62976] [Unknown][Unrated]
+             idle: [....42] [ip4][..udp] [.192.168.10.110][60480] -> [255.255.255.255][62976] 
+             idle: [....73] [ip4][..udp] [...192.168.5.41][54470] -> [....224.0.0.252][.5355] [LLMNR][Network][Acceptable]
+             idle: [....76] [ip4][..udp] [...192.168.5.64][.5353] -> [....224.0.0.251][.5353] 
+             idle: [...102] [ip4][..udp] [...192.168.5.37][54506] -> [....224.0.0.252][.5355] [LLMNR][Network][Acceptable]
+             idle: [....12] [ip4][..udp] [...192.168.5.47][60267] -> [239.255.255.250][.1900] [SSDP][System][Acceptable]
+             idle: [....67] [ip4][..udp] [...192.168.5.45][59789] -> [192.168.255.255][..137] [NetBIOS][System][Acceptable]
+          guessed: [.....5] [ip4][..tcp] [...192.168.5.16][53605] -> [.68.233.253.133][...80] [HTTP][Web][Acceptable]
+              end: [.....5] [ip4][..tcp] [...192.168.5.16][53605] -> [.68.233.253.133][...80] 
+             idle: [....82] [ip4][..udp] [...192.168.5.50][62756] -> [....224.0.0.252][.5355] [LLMNR][Network][Acceptable]
+          guessed: [....58] [ip4][..tcp] [...192.168.5.16][53613] -> [.68.233.253.133][...80] [HTTP][Web][Acceptable]
+              end: [....58] [ip4][..tcp] [...192.168.5.16][53613] -> [.68.233.253.133][...80] 
+     not-detected: [....56] [ip4][..udp] [.59.120.208.218][50151] -> [255.255.255.255][.1947] [Unknown][Unrated]
+             idle: [....56] [ip4][..udp] [.59.120.208.218][50151] -> [255.255.255.255][.1947] 
+              end: [....59] [ip4][..tcp] [...192.168.5.16][53624] -> [.68.233.253.133][...80] [HTTP][Web][Acceptable]
+             idle: [....92] [ip4][..udp] [...192.168.5.44][58702] -> [....224.0.0.252][.5355] [LLMNR][Network][Acceptable]
+             idle: [....62] [ip6][..udp] [..............fe80::5d92:62a8:ebde:1319][63659] -> [..............................ff02::1:3][.5355] [LLMNR][Network][Acceptable]
+             idle: [...112] [ip4][..udp] [....192.168.5.9][62822] -> [....224.0.0.252][.5355] [LLMNR][Network][Acceptable]
+             idle: [...111] [ip4][..udp] [.192.168.101.33][62822] -> [....224.0.0.252][.5355] [LLMNR][Network][Acceptable]
+          guessed: [....61] [ip4][..tcp] [..192.168.115.8][49581] -> [.64.233.189.128][...80] [HTTP.Google][Web][Acceptable]
+             idle: [....61] [ip4][..tcp] [..192.168.115.8][49581] -> [.64.233.189.128][...80] 
+             idle: [....20] [ip4][..udp] [...192.168.3.95][58779] -> [....224.0.0.252][.5355] [LLMNR][Network][Acceptable]
+             idle: [....15] [ip4][..tcp] [..192.168.115.8][49597] -> [.106.185.35.110][...80] [HTTP.1kxun][Streaming][Fun]
+             idle: [....36] [ip4][..tcp] [..192.168.115.8][49605] -> [.106.185.35.110][...80] [HTTP.1kxun][Streaming][Fun]
+             idle: [....37] [ip4][..tcp] [..192.168.115.8][49606] -> [.106.185.35.110][...80] [HTTP.1kxun][Streaming][Fun]
+             idle: [....25] [ip4][..tcp] [..192.168.115.8][49598] -> [.222.73.254.167][...80] [HTTP.1kxun][Streaming][Fun]
+          guessed: [....17] [ip4][..tcp] [...192.168.5.16][53622] -> [.192.168.115.75][..443] [TLS][Web][Safe]
+              end: [....17] [ip4][..tcp] [...192.168.5.16][53622] -> [.192.168.115.75][..443] 
+              end: [....45] [ip4][..tcp] [...192.168.5.16][53623] -> [.192.168.115.75][..443] [TLS][Web][Safe]
+                   RISK: Weak TLS Cipher, TLS (probably) Not Carrying HTTPS
+              end: [....87] [ip4][..tcp] [...192.168.5.16][53625] -> [.192.168.115.75][..443] [TLS][Web][Safe]
+                   RISK: Weak TLS Cipher, TLS (probably) Not Carrying HTTPS
+              end: [...107] [ip4][..tcp] [...192.168.5.16][53626] -> [.192.168.115.75][..443] [TLS][Web][Safe]
+                   RISK: Weak TLS Cipher, TLS (probably) Not Carrying HTTPS
+              end: [...117] [ip4][..tcp] [...192.168.5.16][53629] -> [.192.168.115.75][..443] [TLS][Web][Safe]
+                   RISK: Weak TLS Cipher, TLS (probably) Not Carrying HTTPS
+             idle: [.....6] [ip4][..udp] [...192.168.5.50][64674] -> [239.255.255.250][.1900] [SSDP][System][Acceptable]
+     not-detected: [....65] [ip4][..udp] [192.168.140.140][62976] -> [255.255.255.255][62976] [Unknown][Unrated]
+             idle: [....65] [ip4][..udp] [192.168.140.140][62976] -> [255.255.255.255][62976] 
+     not-detected: [....71] [ip4][..udp] [...192.168.10.7][62976] -> [255.255.255.255][62976] [Unknown][Unrated]
+             idle: [....71] [ip4][..udp] [...192.168.10.7][62976] -> [255.255.255.255][62976] 
+     not-detected: [....22] [ip4][..udp] [.192.168.125.30][62976] -> [255.255.255.255][62976] [Unknown][Unrated]
+             idle: [....22] [ip4][..udp] [.192.168.125.30][62976] -> [255.255.255.255][62976] 
+             idle: [....34] [ip4][..udp] [...192.168.3.95][54888] -> [....224.0.0.252][.5355] [LLMNR][Network][Acceptable]
+             idle: [...123] [ip6][..udp] [...............fe80::e034:7be:d8f9:6197][57143] -> [..............................ff02::1:3][.5355] [LLMNR][Network][Acceptable]
+             idle: [....80] [ip4][..udp] [...192.168.5.57][65150] -> [....224.0.0.252][.5355] [LLMNR][Network][Acceptable]
+     not-detected: [....88] [ip4][..udp] [..192.168.119.1][56861] -> [255.255.255.255][.5678] [Unknown][Unrated]
+             idle: [....88] [ip4][..udp] [..192.168.119.1][56861] -> [255.255.255.255][.5678] 
+             idle: [...116] [ip6][..udp] [..............fe80::f65c:89ff:fe89:e607][..546] -> [..............................ff02::1:2][..547] [DHCPV6][Network][Acceptable]
+             idle: [....72] [ip6][..udp] [..............fe80::4568:efbc:40b1:1346][50194] -> [..............................ff02::1:3][.5355] [LLMNR][Network][Acceptable]
+             idle: [...127] [ip4][..udp] [...192.168.5.44][59062] -> [....224.0.0.252][.5355] [LLMNR][Network][Acceptable]
+             idle: [....90] [ip6][..udp] [..............fe80::5d92:62a8:ebde:1319][49735] -> [..............................ff02::1:3][.5355] [LLMNR][Network][Acceptable]
+             idle: [....39] [ip4][..udp] [..192.168.115.8][54420] -> [........8.8.8.8][...53] [DNS.QQ][Chat][Fun]
+             idle: [...124] [ip4][..udp] [...192.168.5.50][57143] -> [....224.0.0.252][.5355] [LLMNR][Network][Acceptable]
+     not-detected: [....79] [ip4][..udp] [..192.168.0.100][50925] -> [255.255.255.255][.5678] [Unknown][Unrated]
+             idle: [....79] [ip4][..udp] [..192.168.0.100][50925] -> [255.255.255.255][.5678] 
+             idle: [....99] [ip6][..udp] [..............fe80::5d92:62a8:ebde:1319][53938] -> [..............................ff02::1:3][.5355] [LLMNR][Network][Acceptable]
+             idle: [....27] [ip4][..tcp] [..192.168.115.8][49599] -> [.106.187.35.246][...80] [HTTP.1kxun][Streaming][Fun]
+             idle: [....28] [ip4][..tcp] [..192.168.115.8][49600] -> [.106.187.35.246][...80] [HTTP.1kxun][Streaming][Fun]
+             idle: [....29] [ip4][..tcp] [..192.168.115.8][49601] -> [.106.187.35.246][...80] [HTTP.1kxun][Streaming][Fun]
+             idle: [....30] [ip4][..tcp] [..192.168.115.8][49602] -> [.106.187.35.246][...80] [HTTP.1kxun][Streaming][Fun]
+             idle: [....26] [ip4][..udp] [..192.168.115.8][60724] -> [........8.8.8.8][...53] [DNS.1kxun][Streaming][Fun]
+             idle: [....31] [ip4][..tcp] [..192.168.115.8][49603] -> [.106.187.35.246][...80] [HTTP.1kxun][Streaming][Fun]
+             idle: [....32] [ip4][..tcp] [..192.168.115.8][49604] -> [.106.187.35.246][...80] [HTTP.1kxun][Streaming][Fun]
+             idle: [.....9] [ip6][..udp] [...............fe80::406:55a8:6453:25dd][..546] -> [..............................ff02::1:2][..547] [DHCPV6][Network][Acceptable]
+             idle: [....52] [ip6][..udp] [...............fe80::9bd:81dd:2fdc:5750][61548] -> [..............................ff02::1:3][.5355] [LLMNR][Network][Acceptable]
+             idle: [...129] [ip4][..udp] [..192.168.3.236][65496] -> [....224.0.0.252][.5355] [LLMNR][Network][Acceptable]
+             idle: [....19] [ip6][..udp] [..............fe80::e98f:bae2:19f7:6b0f][58779] -> [..............................ff02::1:3][.5355] [LLMNR][Network][Acceptable]
+          guessed: [...101] [ip4][..tcp] [.119.235.235.84][..443] -> [...192.168.5.16][53406] [TLS][Web][Safe]
+             idle: [...101] [ip4][..tcp] [.119.235.235.84][..443] -> [...192.168.5.16][53406] 
+              end: [....46] [ip4][..tcp] [..192.168.115.8][49612] -> [.183.131.48.145][...80] [HTTP][Web][Acceptable]
+                   RISK: HTTP Numeric IP Address
+             idle: [....49] [ip4][..tcp] [..192.168.115.8][49613] -> [.183.131.48.144][...80] [HTTP][Media][Acceptable]
+                   RISK: HTTP Numeric IP Address
+             idle: [....24] [ip4][..udp] [..192.168.115.8][52723] -> [.....168.95.1.1][...53] [DNS.1kxun][Streaming][Fun]
+     not-detected: [....89] [ip6][..udp] [................fe80::4e5e:cff:feea:365][.5678] -> [................................ff02::1][.5678] [Unknown][Unrated]
+             idle: [....89] [ip6][..udp] [................fe80::4e5e:cff:feea:365][.5678] -> [................................ff02::1][.5678] 
+     not-detected: [....60] [ip6][..udp] [...............fe80::4e5e:cff:fe9a:ec54][.5678] -> [................................ff02::1][.5678] [Unknown][Unrated]
+             idle: [....60] [ip6][..udp] [...............fe80::4e5e:cff:fe9a:ec54][.5678] -> [................................ff02::1][.5678] 
+             idle: [...119] [ip4][..udp] [...192.168.5.16][..123] -> [..17.253.26.125][..123] [NTP][System][Acceptable]
+             idle: [....16] [ip4][..udp] [..192.168.115.8][52723] -> [........8.8.8.8][...53] [DNS.1kxun][Streaming][Fun]
+          guessed: [....57] [ip4][..tcp] [..192.168.115.8][49596] -> [..203.66.182.87][..443] [TLS][Web][Safe]
+             idle: [....57] [ip4][..tcp] [..192.168.115.8][49596] -> [..203.66.182.87][..443] 
+             idle: [....53] [ip4][..udp] [...192.168.5.49][61548] -> [....224.0.0.252][.5355] [LLMNR][Network][Acceptable]
+             idle: [....93] [ip6][..udp] [..............fe80::beee:7bff:fe0c:b3de][..546] -> [..............................ff02::1:2][..547] [DHCPV6][Network][Acceptable]
+             idle: [....11] [ip4][..udp] [...192.168.5.47][61603] -> [....224.0.0.252][.5355] [LLMNR][Network][Acceptable]
+             idle: [....33] [ip6][..udp] [..............fe80::e98f:bae2:19f7:6b0f][54888] -> [..............................ff02::1:3][.5355] [LLMNR][Network][Acceptable]
+             idle: [.....1] [ip4][..udp] [...192.168.5.44][59571] -> [....224.0.0.252][.5355] [LLMNR][Network][Acceptable]
+             idle: [....10] [ip6][..udp] [..............fe80::edf5:240a:c8c0:8312][61603] -> [..............................ff02::1:3][.5355] [LLMNR][Network][Acceptable]
+             idle: [....98] [ip4][..udp] [...192.168.3.95][51451] -> [....224.0.0.252][.5355] [LLMNR][Network][Acceptable]
+             idle: [....83] [ip4][..udp] [...192.168.5.49][.1900] -> [239.255.255.250][.1900] [SSDP][System][Acceptable]
+             idle: [....13] [ip4][..udp] [..192.168.115.8][51458] -> [....224.0.0.252][.5355] [LLMNR][Network][Acceptable]
+             idle: [...128] [ip6][..udp] [..............fe80::5d92:62a8:ebde:1319][58468] -> [..............................ff02::1:3][.5355] [LLMNR][Network][Acceptable]
+             idle: [...121] [ip4][..udp] [...192.168.5.41][55593] -> [....224.0.0.252][.5355] [LLMNR][Network][Acceptable]
+     not-detected: [....86] [ip4][..udp] [.59.120.208.212][32768] -> [255.255.255.255][.1947] [Unknown][Unrated]
+             idle: [....86] [ip4][..udp] [.59.120.208.212][32768] -> [255.255.255.255][.1947] 
+             idle: [...115] [ip4][..udp] [..192.168.3.236][59730] -> [....224.0.0.252][.5355] [LLMNR][Network][Acceptable]
+             idle: [....84] [ip6][..udp] [...............fe80::9bd:81dd:2fdc:5750][.1900] -> [................................ff02::c][.1900] [SSDP][System][Acceptable]
+              new: [...137] [ip4][..tcp] [..192.168.2.126][47272] -> [..161.117.13.29][...80] [MIDSTREAM] 
+         detected: [...137] [ip4][..tcp] [..192.168.2.126][47272] -> [..161.117.13.29][...80] [HTTP.1kxun][Streaming][Fun]
+              new: [...138] [ip4][..tcp] [..192.168.2.126][38834] -> [..119.45.78.184][...80] [MIDSTREAM] 
+         detected: [...138] [ip4][..tcp] [..192.168.2.126][38834] -> [..119.45.78.184][...80] [HTTP.QQ][Chat][Fun]
+              new: [...139] [ip4][..tcp] [..192.168.2.126][60148] -> [.172.105.121.82][...80] [MIDSTREAM] 
+         detected: [...139] [ip4][..tcp] [..192.168.2.126][60148] -> [.172.105.121.82][...80] [HTTP.1kxun][Streaming][Fun]
+              new: [...140] [ip4][..tcp] [..192.168.2.126][49242] -> [.172.104.119.80][...80] [MIDSTREAM] 
+         detected: [...140] [ip4][..tcp] [..192.168.2.126][49242] -> [.172.104.119.80][...80] [HTTP.1kxun][Streaming][Fun]
+              new: [...141] [ip4][..tcp] [..192.168.2.126][46184] -> [.172.105.121.82][...80] [MIDSTREAM] 
+         detected: [...141] [ip4][..tcp] [..192.168.2.126][46184] -> [.172.105.121.82][...80] [HTTP.1kxun][Streaming][Fun]
+              new: [...142] [ip4][..tcp] [..192.168.2.126][46170] -> [.172.105.121.82][...80] [MIDSTREAM] 
+         detected: [...142] [ip4][..tcp] [..192.168.2.126][46170] -> [.172.105.121.82][...80] [HTTP.1kxun][Streaming][Fun]
+              new: [...143] [ip4][..tcp] [..192.168.2.126][46200] -> [.172.105.121.82][...80] [MIDSTREAM] 
+         detected: [...143] [ip4][..tcp] [..192.168.2.126][46200] -> [.172.105.121.82][...80] [HTTP.1kxun][Streaming][Fun]
+              new: [...144] [ip4][..tcp] [..192.168.2.126][46212] -> [.172.105.121.82][...80] [MIDSTREAM] 
+         detected: [...144] [ip4][..tcp] [..192.168.2.126][46212] -> [.172.105.121.82][...80] [HTTP.1kxun][Streaming][Fun]
+          analyse: [...142] [ip4][..tcp] [..192.168.2.126][46170] -> [.172.105.121.82][...80] [HTTP.1kxun][Streaming][Fun]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|   0.895|   0.074|   0.190]
+                   [IAT(c->s)...:    0.895|   0.895|   0.895|   0.000][IAT(s->c)...:    0.000|   0.372|   0.045|   0.111]
+                   [PKTLEN(c->s):  274.000| 278.000| 276.000|   2.000][PKTLEN(s->c):  387.000|21666.000|4833.000|5678.800]
+                   [BINS(c->s)..: 0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,11,0,16]
+          analyse: [...139] [ip4][..tcp] [..192.168.2.126][60148] -> [.172.105.121.82][...80] [HTTP.1kxun][Streaming][Fun]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|   4.661|   0.481|   1.215]
+                   [IAT(c->s)...:    0.217|   4.661|   1.520|   1.830][IAT(s->c)...:    0.000|   4.604|   0.292|   0.951]
+                   [PKTLEN(c->s):  268.000| 278.000| 273.800|   4.800][PKTLEN(s->c):  384.000|21666.000|5875.000|6417.900]
+                   [BINS(c->s)..: 0,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 0,0,0,0,0,0,0,0,0,2,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,5,0,17]
+          analyse: [...143] [ip4][..tcp] [..192.168.2.126][46200] -> [.172.105.121.82][...80] [HTTP.1kxun][Streaming][Fun]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|   0.892|   0.092|   0.200]
+                   [IAT(c->s)...:    0.892|   0.892|   0.892|   0.000][IAT(s->c)...:    0.000|   0.376|   0.061|   0.126]
+                   [PKTLEN(c->s):  278.000| 278.000| 278.000|   0.000][PKTLEN(s->c):  386.000|21666.000|7390.700|6768.700]
+                   [BINS(c->s)..: 0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,8,0,20]
+              new: [...145] [ip4][..tcp] [..192.168.2.126][35200] -> [...103.29.71.30][...80] [MIDSTREAM] 
+         detected: [...145] [ip4][..tcp] [..192.168.2.126][35200] -> [...103.29.71.30][...80] [HTTP.1kxun][Streaming][Fun]
+              new: [...146] [ip4][..tcp] [..192.168.2.126][45380] -> [..161.117.13.29][...80] [MIDSTREAM] 
+         detected: [...146] [ip4][..tcp] [..192.168.2.126][45380] -> [..161.117.13.29][...80] [HTTP.1kxun][Streaming][Fun]
+              new: [...147] [ip4][..tcp] [..192.168.2.126][45388] -> [..161.117.13.29][...80] [MIDSTREAM] 
+         detected: [...147] [ip4][..tcp] [..192.168.2.126][45388] -> [..161.117.13.29][...80] [HTTP.1kxun][Streaming][Fun]
+              new: [...148] [ip4][..tcp] [..192.168.2.126][45398] -> [..161.117.13.29][...80] [MIDSTREAM] 
+         detected: [...148] [ip4][..tcp] [..192.168.2.126][45398] -> [..161.117.13.29][...80] [HTTP.1kxun][Streaming][Fun]
+              new: [...149] [ip4][..tcp] [..192.168.2.126][45414] -> [..161.117.13.29][...80] [MIDSTREAM] 
+         detected: [...149] [ip4][..tcp] [..192.168.2.126][45414] -> [..161.117.13.29][...80] [HTTP.1kxun][Streaming][Fun]
+              new: [...150] [ip4][..tcp] [..192.168.2.126][45416] -> [..161.117.13.29][...80] [MIDSTREAM] 
+         detected: [...150] [ip4][..tcp] [..192.168.2.126][45416] -> [..161.117.13.29][...80] [HTTP.1kxun][Streaming][Fun]
+              new: [...151] [ip4][..tcp] [..192.168.2.126][45422] -> [..161.117.13.29][...80] [MIDSTREAM] 
+         detected: [...151] [ip4][..tcp] [..192.168.2.126][45422] -> [..161.117.13.29][...80] [HTTP.1kxun][Streaming][Fun]
+              new: [...152] [ip4][..tcp] [..192.168.2.126][45424] -> [..161.117.13.29][...80] [MIDSTREAM] 
+         detected: [...152] [ip4][..tcp] [..192.168.2.126][45424] -> [..161.117.13.29][...80] [HTTP][Streaming][Acceptable]
+ detection-update: [...151] [ip4][..tcp] [..192.168.2.126][45422] -> [..161.117.13.29][...80] [HTTP.1kxun][Streaming][Fun]
+              new: [...153] [ip4][..tcp] [..192.168.2.126][41390] -> [....18.64.79.37][...80] [MIDSTREAM] 
+         detected: [...153] [ip4][..tcp] [..192.168.2.126][41390] -> [....18.64.79.37][...80] [HTTP.Google][Web][Acceptable]
+          analyse: [...146] [ip4][..tcp] [..192.168.2.126][45380] -> [..161.117.13.29][...80] [HTTP.1kxun][Streaming][Fun]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|   0.409|   0.085|   0.132]
+                   [IAT(c->s)...:    0.380|   0.409|   0.394|   0.014][IAT(s->c)...:    0.000|   0.380|   0.064|   0.108]
+                   [PKTLEN(c->s):  490.000| 831.000| 607.700| 158.000][PKTLEN(s->c): 1267.000|8706.000|2823.700|2208.900]
+                   [BINS(c->s)..: 0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,16,0,12]
+              new: [...154] [ip4][..tcp] [..192.168.2.126][51888] -> [.119.28.164.143][...80] [MIDSTREAM] 
+         detected: [...154] [ip4][..tcp] [..192.168.2.126][51888] -> [.119.28.164.143][...80] [HTTP.Tencent][SocialNetwork][Acceptable]
+              new: [...155] [ip4][..tcp] [..192.168.2.126][38354] -> [.142.250.186.34][...80] [MIDSTREAM] 
+         detected: [...155] [ip4][..tcp] [..192.168.2.126][38354] -> [.142.250.186.34][...80] [HTTP.Google][Advertisement][Acceptable]
+ detection-update: [...155] [ip4][..tcp] [..192.168.2.126][38354] -> [.142.250.186.34][...80] [HTTP.Google][Advertisement][Acceptable]
+              new: [...156] [ip4][..tcp] [..192.168.2.126][36732] -> [142.250.186.174][...80] [MIDSTREAM] 
+         detected: [...156] [ip4][..tcp] [..192.168.2.126][36732] -> [142.250.186.174][...80] [HTTP.Google][Advertisement][Acceptable]
+              new: [...157] [ip4][..tcp] [..192.168.2.126][49354] -> [.14.136.136.108][...80] [MIDSTREAM] 
+         detected: [...157] [ip4][..tcp] [..192.168.2.126][49354] -> [.14.136.136.108][...80] [HTTP.1kxun][Streaming][Fun]
+              new: [...158] [ip4][..tcp] [..192.168.2.126][49372] -> [.14.136.136.108][...80] [MIDSTREAM] 
+         detected: [...158] [ip4][..tcp] [..192.168.2.126][49372] -> [.14.136.136.108][...80] [HTTP.1kxun][Streaming][Fun]
+              new: [...159] [ip4][..tcp] [..192.168.2.126][49370] -> [.14.136.136.108][...80] [MIDSTREAM] 
+         detected: [...159] [ip4][..tcp] [..192.168.2.126][49370] -> [.14.136.136.108][...80] [HTTP.1kxun][Streaming][Fun]
+              new: [...160] [ip4][..tcp] [..192.168.2.126][49380] -> [.14.136.136.108][...80] [MIDSTREAM] 
+         detected: [...160] [ip4][..tcp] [..192.168.2.126][49380] -> [.14.136.136.108][...80] [HTTP.1kxun][Streaming][Fun]
+              new: [...161] [ip4][..tcp] [..192.168.2.126][49412] -> [.14.136.136.108][...80] [MIDSTREAM] 
+         detected: [...161] [ip4][..tcp] [..192.168.2.126][49412] -> [.14.136.136.108][...80] [HTTP.1kxun][Streaming][Fun]
+              new: [...162] [ip4][..tcp] [..192.168.2.126][49396] -> [.14.136.136.108][...80] [MIDSTREAM] 
+         detected: [...162] [ip4][..tcp] [..192.168.2.126][49396] -> [.14.136.136.108][...80] [HTTP.1kxun][Streaming][Fun]
+          analyse: [...157] [ip4][..tcp] [..192.168.2.126][49354] -> [.14.136.136.108][...80] [HTTP.1kxun][Streaming][Fun]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|   0.832|   0.077|   0.179]
+                   [IAT(c->s)...:    0.832|   0.832|   0.832|   0.000][IAT(s->c)...:    0.000|   0.414|   0.048|   0.103]
+                   [PKTLEN(c->s):  592.000| 592.000| 592.000|   0.000][PKTLEN(s->c):  351.000|10146.000|3286.700|2484.500]
+                   [BINS(c->s)..: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,12,0,16]
+ detection-update: [...161] [ip4][..tcp] [..192.168.2.126][49412] -> [.14.136.136.108][...80] [HTTP.1kxun][Streaming][Fun]
+ detection-update: [...160] [ip4][..tcp] [..192.168.2.126][49380] -> [.14.136.136.108][...80] [HTTP.1kxun][Streaming][Fun]
+          analyse: [...159] [ip4][..tcp] [..192.168.2.126][49370] -> [.14.136.136.108][...80] [HTTP.1kxun][Streaming][Fun]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|   0.877|   0.084|   0.182]
+                   [IAT(c->s)...:    0.877|   0.877|   0.877|   0.000][IAT(s->c)...:    0.000|   0.237|   0.052|   0.091]
+                   [PKTLEN(c->s):  580.000| 592.000| 586.000|   6.000][PKTLEN(s->c):  351.000|15906.000|2906.900|3087.700]
+                   [BINS(c->s)..: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,17,0,10]
+          analyse: [...160] [ip4][..tcp] [..192.168.2.126][49380] -> [.14.136.136.108][...80] [HTTP.1kxun][Streaming][Fun]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|   0.887|   0.081|   0.181]
+                   [IAT(c->s)...:    0.887|   0.887|   0.887|   0.000][IAT(s->c)...:    0.000|   0.238|   0.050|   0.090]
+                   [PKTLEN(c->s):  580.000| 592.000| 586.000|   6.000][PKTLEN(s->c):  351.000|18786.000|3329.200|3784.500]
+                   [BINS(c->s)..: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,17,0,11]
+          analyse: [...158] [ip4][..tcp] [..192.168.2.126][49372] -> [.14.136.136.108][...80] [HTTP.1kxun][Streaming][Fun]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|   0.900|   0.119|   0.204]
+                   [IAT(c->s)...:    0.407|   0.900|   0.654|   0.246][IAT(s->c)...:    0.000|   0.372|   0.073|   0.113]
+                   [PKTLEN(c->s):  580.000| 592.000| 584.000|   5.700][PKTLEN(s->c):  351.000|18786.000|3984.800|4268.800]
+                   [BINS(c->s)..: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 0,0,0,0,0,0,0,0,3,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,11,0,14]
+              new: [...163] [ip4][..tcp] [..192.168.2.126][44368] -> [..172.217.18.98][...80] [MIDSTREAM] 
+         detected: [...163] [ip4][..tcp] [..192.168.2.126][44368] -> [..172.217.18.98][...80] [HTTP.GoogleServices][Web][Acceptable]
+              new: [...164] [ip4][..tcp] [..192.168.2.126][50140] -> [..161.117.13.29][...80] [MIDSTREAM] 
+         detected: [...164] [ip4][..tcp] [..192.168.2.126][50140] -> [..161.117.13.29][...80] [HTTP.1kxun][Streaming][Fun]
+              new: [...165] [ip4][..tcp] [..192.168.2.126][50148] -> [..161.117.13.29][...80] [MIDSTREAM] 
+         detected: [...165] [ip4][..tcp] [..192.168.2.126][50148] -> [..161.117.13.29][...80] [HTTP.1kxun][Streaming][Fun]
+              new: [...166] [ip4][..tcp] [..192.168.2.126][50164] -> [..161.117.13.29][...80] [MIDSTREAM] 
+         detected: [...166] [ip4][..tcp] [..192.168.2.126][50164] -> [..161.117.13.29][...80] [HTTP.1kxun][Streaming][Fun]
+              new: [...167] [ip4][..tcp] [..192.168.2.126][50166] -> [..161.117.13.29][...80] [MIDSTREAM] 
+         detected: [...167] [ip4][..tcp] [..192.168.2.126][50166] -> [..161.117.13.29][...80] [HTTP.1kxun][Streaming][Fun]
+              new: [...168] [ip4][..tcp] [..192.168.2.126][50176] -> [..161.117.13.29][...80] [MIDSTREAM] 
+         detected: [...168] [ip4][..tcp] [..192.168.2.126][50176] -> [..161.117.13.29][...80] [HTTP.1kxun][Streaming][Fun]
+          analyse: [...150] [ip4][..tcp] [..192.168.2.126][45416] -> [..161.117.13.29][...80] [HTTP.1kxun][Streaming][Fun]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|   6.045|   1.119|   2.029]
+                   [IAT(c->s)...:    0.186|   6.045|   2.305|   2.460][IAT(s->c)...:    0.000|   5.959|   0.742|   1.706]
+                   [PKTLEN(c->s):  500.000|1180.000| 900.200| 214.900][PKTLEN(s->c):  709.000|14466.000|3469.900|3207.100]
+                   [BINS(c->s)..: 0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,4,0,0,0,0,0,0,0,1,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,1,1,0,0,0,0,0,0,0,0,1,0,0,7,0,13]
+              new: [...169] [ip4][..tcp] [..192.168.2.126][38326] -> [.172.105.121.82][...80] [MIDSTREAM] 
+         detected: [...169] [ip4][..tcp] [..192.168.2.126][38326] -> [.172.105.121.82][...80] [HTTP.1kxun][Streaming][Fun]
+              new: [...170] [ip4][..tcp] [..192.168.2.126][38314] -> [.172.105.121.82][...80] [MIDSTREAM] 
+         detected: [...170] [ip4][..tcp] [..192.168.2.126][38314] -> [.172.105.121.82][...80] [HTTP.1kxun][Streaming][Fun]
+              new: [...171] [ip4][..tcp] [..192.168.2.126][38316] -> [.172.105.121.82][...80] [MIDSTREAM] 
+         detected: [...171] [ip4][..tcp] [..192.168.2.126][38316] -> [.172.105.121.82][...80] [HTTP.1kxun][Streaming][Fun]
+          analyse: [...141] [ip4][..tcp] [..192.168.2.126][46184] -> [.172.105.121.82][...80] [HTTP.1kxun][Streaming][Fun]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|  39.120|   3.011|  10.152]
+                   [IAT(c->s)...:    0.393|  39.120|  13.465|  18.142][IAT(s->c)...:    0.000|  38.675|   1.705|   7.710]
+                   [PKTLEN(c->s):  273.000| 278.000| 275.500|   2.500][PKTLEN(s->c):  386.000|23106.000|5905.000|6635.000]
+                   [BINS(c->s)..: 0,0,0,0,0,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 0,0,0,0,0,0,0,0,0,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,7,0,16]
+          analyse: [...170] [ip4][..tcp] [..192.168.2.126][38314] -> [.172.105.121.82][...80] [HTTP.1kxun][Streaming][Fun]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|   1.361|   0.129|   0.285]
+                   [IAT(c->s)...:    1.361|   1.361|   1.361|   0.000][IAT(s->c)...:    0.000|   0.401|   0.077|   0.136]
+                   [PKTLEN(c->s):  273.000| 273.000| 273.000|   0.000][PKTLEN(s->c):  388.000|15906.000|6429.300|5274.400]
+                   [BINS(c->s)..: 0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,7,0,21]
+              new: [...172] [ip4][..tcp] [..192.168.2.126][59324] -> [.104.117.221.10][...80] [MIDSTREAM] 
+         detected: [...172] [ip4][..tcp] [..192.168.2.126][59324] -> [.104.117.221.10][...80] [HTTP][Web][Acceptable]
+              new: [...173] [ip4][..tcp] [..192.168.2.126][56094] -> [....3.72.69.158][...80] [MIDSTREAM] 
+         detected: [...173] [ip4][..tcp] [..192.168.2.126][56094] -> [....3.72.69.158][...80] [HTTP.AmazonAWS][Cloud][Acceptable]
+              new: [...174] [ip4][..tcp] [..192.168.2.126][56098] -> [....3.72.69.158][...80] [MIDSTREAM] 
+         detected: [...174] [ip4][..tcp] [..192.168.2.126][56098] -> [....3.72.69.158][...80] [HTTP.AmazonAWS][Cloud][Acceptable]
+              new: [...175] [ip4][..tcp] [..192.168.2.126][56096] -> [....3.72.69.158][...80] [MIDSTREAM] 
+         detected: [...175] [ip4][..tcp] [..192.168.2.126][56096] -> [....3.72.69.158][...80] [HTTP.AmazonAWS][Cloud][Acceptable]
+              new: [...176] [ip4][..tcp] [..192.168.2.126][56104] -> [....3.72.69.158][...80] [MIDSTREAM] 
+         detected: [...176] [ip4][..tcp] [..192.168.2.126][56104] -> [....3.72.69.158][...80] [HTTP.AmazonAWS][Cloud][Acceptable]
+              new: [...177] [ip4][..tcp] [..192.168.2.126][43266] -> [....18.64.79.58][...80] [MIDSTREAM] 
+         detected: [...177] [ip4][..tcp] [..192.168.2.126][43266] -> [....18.64.79.58][...80] [HTTP.AmazonAWS][Cloud][Acceptable]
+              new: [...178] [ip4][..tcp] [..192.168.2.126][56826] -> [...8.209.97.107][...80] [MIDSTREAM] 
+         detected: [...178] [ip4][..tcp] [..192.168.2.126][56826] -> [...8.209.97.107][...80] [HTTP][Web][Acceptable]
+              new: [...179] [ip4][..tcp] [..192.168.2.126][43272] -> [....18.64.79.58][...80] [MIDSTREAM] 
+         detected: [...179] [ip4][..tcp] [..192.168.2.126][43272] -> [....18.64.79.58][...80] [HTTP.AmazonAWS][Cloud][Acceptable]
+              new: [...180] [ip4][..tcp] [..192.168.2.126][58758] -> [.202.153.196.53][...80] [MIDSTREAM] 
+         detected: [...180] [ip4][..tcp] [..192.168.2.126][58758] -> [.202.153.196.53][...80] [HTTP][Web][Acceptable]
+              new: [...181] [ip4][..tcp] [..192.168.2.126][58760] -> [.202.153.196.53][...80] [MIDSTREAM] 
+         detected: [...181] [ip4][..tcp] [..192.168.2.126][58760] -> [.202.153.196.53][...80] [HTTP][Web][Acceptable]
+              new: [...182] [ip4][..tcp] [..192.168.2.126][35664] -> [.....18.66.2.90][...80] [MIDSTREAM] 
+         detected: [...182] [ip4][..tcp] [..192.168.2.126][35664] -> [.....18.66.2.90][...80] [HTTP.AmazonAWS][Cloud][Acceptable]
+              new: [...183] [ip4][..tcp] [..192.168.2.126][35666] -> [.....18.66.2.90][...80] [MIDSTREAM] 
+         detected: [...183] [ip4][..tcp] [..192.168.2.126][35666] -> [.....18.66.2.90][...80] [HTTP.MpegDash][Media][Acceptable]
+              new: [...184] [ip4][..tcp] [..192.168.2.126][36636] -> [...18.64.103.30][...80] [MIDSTREAM] 
+         detected: [...184] [ip4][..tcp] [..192.168.2.126][36636] -> [...18.64.103.30][...80] [HTTP.AmazonAWS][Cloud][Acceptable]
+              new: [...185] [ip4][..tcp] [..192.168.2.126][36640] -> [...18.64.103.30][...80] [MIDSTREAM] 
+         detected: [...185] [ip4][..tcp] [..192.168.2.126][36640] -> [...18.64.103.30][...80] [HTTP.AmazonAWS][Cloud][Acceptable]
+              new: [...186] [ip4][..tcp] [..192.168.2.126][36654] -> [...18.64.103.30][...80] [MIDSTREAM] 
+         detected: [...186] [ip4][..tcp] [..192.168.2.126][36654] -> [...18.64.103.30][...80] [HTTP.AmazonAWS][Cloud][Acceptable]
+ detection-update: [...184] [ip4][..tcp] [..192.168.2.126][36636] -> [...18.64.103.30][...80] [HTTP.AmazonAWS][Cloud][Acceptable]
+ detection-update: [...185] [ip4][..tcp] [..192.168.2.126][36640] -> [...18.64.103.30][...80] [HTTP.AmazonAWS][Cloud][Acceptable]
+ detection-update: [...186] [ip4][..tcp] [..192.168.2.126][36654] -> [...18.64.103.30][...80] [HTTP.AmazonAWS][Cloud][Acceptable]
+              new: [...187] [ip4][..tcp] [..192.168.2.126][36660] -> [...18.64.103.30][...80] [MIDSTREAM] 
+         detected: [...187] [ip4][..tcp] [..192.168.2.126][36660] -> [...18.64.103.30][...80] [HTTP.AmazonAWS][Cloud][Acceptable]
+          analyse: [...182] [ip4][..tcp] [..192.168.2.126][35664] -> [.....18.66.2.90][...80] [HTTP.AmazonAWS][Cloud][Acceptable]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|   0.015|   0.003|   0.003]
+                   [IAT(c->s)...:    0.000|   0.000|   0.000|   0.000][IAT(s->c)...:    0.000|   0.015|   0.003|   0.003]
+                   [PKTLEN(c->s):  249.000| 249.000| 249.000|   0.000][PKTLEN(s->c):  797.000|7206.000|4235.400|1662.000]
+                   [BINS(c->s)..: 0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,3,0,0,27]
+ detection-update: [...187] [ip4][..tcp] [..192.168.2.126][36660] -> [...18.64.103.30][...80] [HTTP.AmazonAWS][Cloud][Acceptable]
+          analyse: [...185] [ip4][..tcp] [..192.168.2.126][36640] -> [...18.64.103.30][...80] [HTTP.AmazonAWS][Cloud][Acceptable]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|   0.021|   0.003|   0.005]
+                   [IAT(c->s)...:    0.000|   0.000|   0.000|   0.000][IAT(s->c)...:    0.000|   0.021|   0.003|   0.005]
+                   [PKTLEN(c->s):  563.000| 563.000| 563.000|   0.000][PKTLEN(s->c): 1494.000|5778.000|3566.900|1641.300]
+                   [BINS(c->s)..: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,9,0,1,21]
+              new: [...188] [ip4][..tcp] [..192.168.2.126][37100] -> [..52.29.177.177][...80] [MIDSTREAM] 
+         detected: [...188] [ip4][..tcp] [..192.168.2.126][37100] -> [..52.29.177.177][...80] [HTTP.AmazonAWS][Cloud][Acceptable]
+              new: [...189] [ip4][..tcp] [..192.168.2.126][42554] -> [...35.156.44.13][...80] [MIDSTREAM] 
+         detected: [...189] [ip4][..tcp] [..192.168.2.126][42554] -> [...35.156.44.13][...80] [HTTP.AmazonAWS][Cloud][Acceptable]
+              new: [...190] [ip4][..tcp] [..192.168.2.126][42566] -> [...35.156.44.13][...80] [MIDSTREAM] 
+         detected: [...190] [ip4][..tcp] [..192.168.2.126][42566] -> [...35.156.44.13][...80] [HTTP.AmazonAWS][Cloud][Acceptable]
+              new: [...191] [ip4][..tcp] [..192.168.2.126][41940] -> [....18.64.79.50][...80] [MIDSTREAM] 
+         detected: [...191] [ip4][..tcp] [..192.168.2.126][41940] -> [....18.64.79.50][...80] [HTTP.AmazonAWS][Cloud][Acceptable]
+ detection-update: [...190] [ip4][..tcp] [..192.168.2.126][42566] -> [...35.156.44.13][...80] [HTTP.AmazonAWS][Cloud][Acceptable]
+              new: [...192] [ip4][..tcp] [..192.168.2.126][54810] -> [..18.233.123.55][...80] [MIDSTREAM] 
+         detected: [...192] [ip4][..tcp] [..192.168.2.126][54810] -> [..18.233.123.55][...80] [HTTP.AmazonAWS][Cloud][Acceptable]
+              new: [...193] [ip4][..tcp] [..192.168.2.126][40204] -> [...18.235.204.9][...80] [MIDSTREAM] 
+         detected: [...193] [ip4][..tcp] [..192.168.2.126][40204] -> [...18.235.204.9][...80] [HTTP.AmazonAWS][Cloud][Acceptable]
+              new: [...194] [ip4][..tcp] [..192.168.2.126][53416] -> [.172.217.16.142][...80] [MIDSTREAM] 
+         detected: [...194] [ip4][..tcp] [..192.168.2.126][53416] -> [.172.217.16.142][...80] [HTTP.Google][Web][Acceptable]
+              new: [...195] [ip4][..tcp] [..192.168.2.126][33042] -> [...3.122.190.70][...80] [MIDSTREAM] 
+         detected: [...195] [ip4][..tcp] [..192.168.2.126][33042] -> [...3.122.190.70][...80] [HTTP.AmazonAWS][Cloud][Acceptable]
+              new: [...196] [ip4][..tcp] [..192.168.2.126][35426] -> [..8.209.112.118][...80] [MIDSTREAM] 
+         detected: [...196] [ip4][..tcp] [..192.168.2.126][35426] -> [..8.209.112.118][...80] [HTTP][Web][Acceptable]
+              new: [...197] [ip4][..tcp] [..192.168.2.126][51686] -> [....18.64.79.64][...80] [MIDSTREAM] 
+         detected: [...197] [ip4][..tcp] [..192.168.2.126][51686] -> [....18.64.79.64][...80] [HTTP.AmazonAWS][Cloud][Acceptable]
+             idle: [...147] [ip4][..tcp] [..192.168.2.126][45388] -> [..161.117.13.29][...80] [HTTP.1kxun][Streaming][Fun]
+             idle: [...148] [ip4][..tcp] [..192.168.2.126][45398] -> [..161.117.13.29][...80] [HTTP.1kxun][Streaming][Fun]
+             idle: [...163] [ip4][..tcp] [..192.168.2.126][44368] -> [..172.217.18.98][...80] [HTTP.GoogleServices][Web][Acceptable]
+             idle: [...178] [ip4][..tcp] [..192.168.2.126][56826] -> [...8.209.97.107][...80] [HTTP][Web][Acceptable]
+             idle: [...149] [ip4][..tcp] [..192.168.2.126][45414] -> [..161.117.13.29][...80] [HTTP.1kxun][Streaming][Fun]
+             idle: [...150] [ip4][..tcp] [..192.168.2.126][45416] -> [..161.117.13.29][...80] [HTTP.1kxun][Streaming][Fun]
+             idle: [...151] [ip4][..tcp] [..192.168.2.126][45422] -> [..161.117.13.29][...80] [HTTP.1kxun][Streaming][Fun]
+             idle: [...152] [ip4][..tcp] [..192.168.2.126][45424] -> [..161.117.13.29][...80] [HTTP][Streaming][Acceptable]
+             idle: [...154] [ip4][..tcp] [..192.168.2.126][51888] -> [.119.28.164.143][...80] 
+             idle: [...192] [ip4][..tcp] [..192.168.2.126][54810] -> [..18.233.123.55][...80] [HTTP.AmazonAWS][Cloud][Acceptable]
+             idle: [...184] [ip4][..tcp] [..192.168.2.126][36636] -> [...18.64.103.30][...80] [HTTP.AmazonAWS][Cloud][Acceptable]
+             idle: [...185] [ip4][..tcp] [..192.168.2.126][36640] -> [...18.64.103.30][...80] [HTTP.AmazonAWS][Cloud][Acceptable]
+             idle: [...186] [ip4][..tcp] [..192.168.2.126][36654] -> [...18.64.103.30][...80] [HTTP.AmazonAWS][Cloud][Acceptable]
+             idle: [...187] [ip4][..tcp] [..192.168.2.126][36660] -> [...18.64.103.30][...80] 
+             idle: [...180] [ip4][..tcp] [..192.168.2.126][58758] -> [.202.153.196.53][...80] [HTTP][Web][Acceptable]
+             idle: [...181] [ip4][..tcp] [..192.168.2.126][58760] -> [.202.153.196.53][...80] [HTTP][Web][Acceptable]
+             idle: [...170] [ip4][..tcp] [..192.168.2.126][38314] -> [.172.105.121.82][...80] [HTTP.1kxun][Streaming][Fun]
+             idle: [...171] [ip4][..tcp] [..192.168.2.126][38316] -> [.172.105.121.82][...80] [HTTP.1kxun][Streaming][Fun]
+             idle: [...169] [ip4][..tcp] [..192.168.2.126][38326] -> [.172.105.121.82][...80] [HTTP.1kxun][Streaming][Fun]
+             idle: [...193] [ip4][..tcp] [..192.168.2.126][40204] -> [...18.235.204.9][...80] [HTTP.AmazonAWS][Cloud][Acceptable]
+             idle: [...155] [ip4][..tcp] [..192.168.2.126][38354] -> [.142.250.186.34][...80] [HTTP.Google][Advertisement][Acceptable]
+             idle: [...157] [ip4][..tcp] [..192.168.2.126][49354] -> [.14.136.136.108][...80] [HTTP.1kxun][Streaming][Fun]
+             idle: [...159] [ip4][..tcp] [..192.168.2.126][49370] -> [.14.136.136.108][...80] [HTTP.1kxun][Streaming][Fun]
+             idle: [...158] [ip4][..tcp] [..192.168.2.126][49372] -> [.14.136.136.108][...80] [HTTP.1kxun][Streaming][Fun]
+             idle: [...160] [ip4][..tcp] [..192.168.2.126][49380] -> [.14.136.136.108][...80] [HTTP.1kxun][Streaming][Fun]
+             idle: [...162] [ip4][..tcp] [..192.168.2.126][49396] -> [.14.136.136.108][...80] [HTTP.1kxun][Streaming][Fun]
+             idle: [...140] [ip4][..tcp] [..192.168.2.126][49242] -> [.172.104.119.80][...80] [HTTP.1kxun][Streaming][Fun]
+             idle: [...161] [ip4][..tcp] [..192.168.2.126][49412] -> [.14.136.136.108][...80] [HTTP.1kxun][Streaming][Fun]
+             idle: [...177] [ip4][..tcp] [..192.168.2.126][43266] -> [....18.64.79.58][...80] 
+             idle: [...179] [ip4][..tcp] [..192.168.2.126][43272] -> [....18.64.79.58][...80] [HTTP.AmazonAWS][Cloud][Acceptable]
+             idle: [...164] [ip4][..tcp] [..192.168.2.126][50140] -> [..161.117.13.29][...80] [HTTP.1kxun][Streaming][Fun]
+             idle: [...165] [ip4][..tcp] [..192.168.2.126][50148] -> [..161.117.13.29][...80] [HTTP.1kxun][Streaming][Fun]
+             idle: [...166] [ip4][..tcp] [..192.168.2.126][50164] -> [..161.117.13.29][...80] [HTTP.1kxun][Streaming][Fun]
+             idle: [...167] [ip4][..tcp] [..192.168.2.126][50166] -> [..161.117.13.29][...80] [HTTP.1kxun][Streaming][Fun]
+             idle: [...168] [ip4][..tcp] [..192.168.2.126][50176] -> [..161.117.13.29][...80] [HTTP.1kxun][Streaming][Fun]
+             idle: [...153] [ip4][..tcp] [..192.168.2.126][41390] -> [....18.64.79.37][...80] [HTTP.Google][Web][Acceptable]
+             idle: [...197] [ip4][..tcp] [..192.168.2.126][51686] -> [....18.64.79.64][...80] [HTTP.AmazonAWS][Cloud][Acceptable]
+             idle: [...156] [ip4][..tcp] [..192.168.2.126][36732] -> [142.250.186.174][...80] [HTTP.Google][Advertisement][Acceptable]
+             idle: [...194] [ip4][..tcp] [..192.168.2.126][53416] -> [.172.217.16.142][...80] [HTTP.Google][Web][Acceptable]
+             idle: [...189] [ip4][..tcp] [..192.168.2.126][42554] -> [...35.156.44.13][...80] [HTTP.AmazonAWS][Cloud][Acceptable]
+             idle: [...190] [ip4][..tcp] [..192.168.2.126][42566] -> [...35.156.44.13][...80] [HTTP.AmazonAWS][Cloud][Acceptable]
+             idle: [...195] [ip4][..tcp] [..192.168.2.126][33042] -> [...3.122.190.70][...80] [HTTP.AmazonAWS][Cloud][Acceptable]
+             idle: [...173] [ip4][..tcp] [..192.168.2.126][56094] -> [....3.72.69.158][...80] [HTTP.AmazonAWS][Cloud][Acceptable]
+             idle: [...175] [ip4][..tcp] [..192.168.2.126][56096] -> [....3.72.69.158][...80] [HTTP.AmazonAWS][Cloud][Acceptable]
+             idle: [...174] [ip4][..tcp] [..192.168.2.126][56098] -> [....3.72.69.158][...80] [HTTP.AmazonAWS][Cloud][Acceptable]
+             idle: [...176] [ip4][..tcp] [..192.168.2.126][56104] -> [....3.72.69.158][...80] [HTTP.AmazonAWS][Cloud][Acceptable]
+             idle: [...134] [ip4][..tcp] [..192.168.2.126][41134] -> [.129.226.107.77][...80] [HTTP.QQ][Chat][Fun]
+             idle: [...130] [ip4][..tcp] [..192.168.2.126][60962] -> [..172.104.93.92][.1234] [HTTP.1kxun][Streaming][Fun]
+                   RISK: Known Proto on Non Std Port
+             idle: [...131] [ip4][..tcp] [..192.168.2.126][60972] -> [..172.104.93.92][.1234] [HTTP.1kxun][Streaming][Fun]
+                   RISK: Known Proto on Non Std Port
+             idle: [...132] [ip4][..tcp] [..192.168.2.126][60984] -> [..172.104.93.92][.1234] [HTTP.1kxun][Streaming][Fun]
+                   RISK: Known Proto on Non Std Port
+             idle: [...196] [ip4][..tcp] [..192.168.2.126][35426] -> [..8.209.112.118][...80] [HTTP][Web][Acceptable]
+             idle: [...191] [ip4][..tcp] [..192.168.2.126][41940] -> [....18.64.79.50][...80] [HTTP.AmazonAWS][Cloud][Acceptable]
+             idle: [...139] [ip4][..tcp] [..192.168.2.126][60148] -> [.172.105.121.82][...80] [HTTP.1kxun][Streaming][Fun]
+             idle: [...172] [ip4][..tcp] [..192.168.2.126][59324] -> [.104.117.221.10][...80] [HTTP][Web][Acceptable]
+             idle: [...138] [ip4][..tcp] [..192.168.2.126][38834] -> [..119.45.78.184][...80] [HTTP.QQ][Chat][Fun]
+             idle: [...182] [ip4][..tcp] [..192.168.2.126][35664] -> [.....18.66.2.90][...80] [HTTP.AmazonAWS][Cloud][Acceptable]
+             idle: [...183] [ip4][..tcp] [..192.168.2.126][35666] -> [.....18.66.2.90][...80] 
+             idle: [...142] [ip4][..tcp] [..192.168.2.126][46170] -> [.172.105.121.82][...80] [HTTP.1kxun][Streaming][Fun]
+             idle: [...141] [ip4][..tcp] [..192.168.2.126][46184] -> [.172.105.121.82][...80] [HTTP.1kxun][Streaming][Fun]
+             idle: [...133] [ip4][..tcp] [..192.168.2.126][47230] -> [..161.117.13.29][...80] [HTTP.1kxun][Streaming][Fun]
+             idle: [...188] [ip4][..tcp] [..192.168.2.126][37100] -> [..52.29.177.177][...80] [HTTP.AmazonAWS][Cloud][Acceptable]
+             idle: [...143] [ip4][..tcp] [..192.168.2.126][46200] -> [.172.105.121.82][...80] [HTTP.1kxun][Streaming][Fun]
+             idle: [...135] [ip4][..tcp] [..192.168.2.126][47246] -> [..161.117.13.29][...80] [HTTP.1kxun][Streaming][Fun]
+             idle: [...144] [ip4][..tcp] [..192.168.2.126][46212] -> [.172.105.121.82][...80] [HTTP.1kxun][Streaming][Fun]
+             idle: [...136] [ip4][..tcp] [..192.168.2.126][47262] -> [..161.117.13.29][...80] [HTTP.1kxun][Streaming][Fun]
+             idle: [...137] [ip4][..tcp] [..192.168.2.126][47272] -> [..161.117.13.29][...80] [HTTP.1kxun][Streaming][Fun]
+             idle: [...146] [ip4][..tcp] [..192.168.2.126][45380] -> [..161.117.13.29][...80] [HTTP.1kxun][Streaming][Fun]
+             idle: [...145] [ip4][..tcp] [..192.168.2.126][35200] -> [...103.29.71.30][...80] [HTTP.1kxun][Streaming][Fun]
+     DAEMON-EVENT: shutdown

test/results/flow-info/443-chrome.pcap.out

@@ -0,0 +1,7 @@
+     DAEMON-EVENT: init
+     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....1] [ip4][..tcp] [.178.62.197.130][..443] -> [...192.168.1.13][53059] [MIDSTREAM] 
+          guessed: [.....1] [ip4][..tcp] [.178.62.197.130][..443] -> [...192.168.1.13][53059] [TLS][Web][Safe]
+             idle: [.....1] [ip4][..tcp] [.178.62.197.130][..443] -> [...192.168.1.13][53059] 
+     DAEMON-EVENT: shutdown

test/results/flow-info/443-curl.pcap.out

@@ -0,0 +1,16 @@
+     DAEMON-EVENT: init
+     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....1] [ip4][..tcp] [...192.168.1.13][55523] -> [.178.62.197.130][..443] 
+         detected: [.....1] [ip4][..tcp] [...192.168.1.13][55523] -> [.178.62.197.130][..443] [TLS.ntop][Network][Safe]
+ detection-update: [.....1] [ip4][..tcp] [...192.168.1.13][55523] -> [.178.62.197.130][..443] [TLS.ntop][Network][Safe]
+ detection-update: [.....1] [ip4][..tcp] [...192.168.1.13][55523] -> [.178.62.197.130][..443] [TLS.ntop][Network][Safe]
+          analyse: [.....1] [ip4][..tcp] [...192.168.1.13][55523] -> [.178.62.197.130][..443] [TLS.ntop][Network][Safe]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|   0.784|   0.063|   0.190]
+                   [IAT(c->s)...:    0.000|   0.784|   0.061|   0.188][IAT(s->c)...:    0.000|   0.784|   0.065|   0.193]
+                   [PKTLEN(c->s):   66.000| 583.000| 119.600| 120.800][PKTLEN(s->c):   66.000|1506.000| 741.700| 666.100]
+                   [BINS(c->s)..: 10,4,1,1,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 3,3,0,0,1,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,6,0,0]
+              end: [.....1] [ip4][..tcp] [...192.168.1.13][55523] -> [.178.62.197.130][..443] [TLS.ntop][Network][Safe]
+     DAEMON-EVENT: shutdown

test/results/flow-info/443-firefox.pcap.out

@@ -0,0 +1,16 @@
+     DAEMON-EVENT: init
+     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....1] [ip4][..tcp] [...192.168.1.13][53096] -> [.178.62.197.130][..443] 
+         detected: [.....1] [ip4][..tcp] [...192.168.1.13][53096] -> [.178.62.197.130][..443] [TLS.ntop][Network][Safe]
+ detection-update: [.....1] [ip4][..tcp] [...192.168.1.13][53096] -> [.178.62.197.130][..443] [TLS.ntop][Network][Safe]
+ detection-update: [.....1] [ip4][..tcp] [...192.168.1.13][53096] -> [.178.62.197.130][..443] [TLS.ntop][Network][Safe]
+          analyse: [.....1] [ip4][..tcp] [...192.168.1.13][53096] -> [.178.62.197.130][..443] [TLS.ntop][Network][Safe]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|   1.656|   0.130|   0.404]
+                   [IAT(c->s)...:    0.000|   1.656|   0.144|   0.422][IAT(s->c)...:    0.000|   1.656|   0.119|   0.388]
+                   [PKTLEN(c->s):   66.000| 583.000| 136.600| 139.000][PKTLEN(s->c):   66.000|1506.000| 882.200| 650.900]
+                   [BINS(c->s)..: 11,0,1,0,0,1,0,1,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 4,1,1,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,8,0,0]
+              end: [.....1] [ip4][..tcp] [...192.168.1.13][53096] -> [.178.62.197.130][..443] [TLS.ntop][Network][Safe]
+     DAEMON-EVENT: shutdown

test/results/flow-info/443-git.pcap.out

@@ -0,0 +1,16 @@
+     DAEMON-EVENT: init
+     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....1] [ip4][..tcp] [...192.168.1.13][55744] -> [...140.82.114.4][..443] 
+         detected: [.....1] [ip4][..tcp] [...192.168.1.13][55744] -> [...140.82.114.4][..443] [TLS.Github][Collaborative][Acceptable]
+ detection-update: [.....1] [ip4][..tcp] [...192.168.1.13][55744] -> [...140.82.114.4][..443] [TLS.Github][Collaborative][Acceptable]
+ detection-update: [.....1] [ip4][..tcp] [...192.168.1.13][55744] -> [...140.82.114.4][..443] [TLS.Github][Collaborative][Acceptable]
+          analyse: [.....1] [ip4][..tcp] [...192.168.1.13][55744] -> [...140.82.114.4][..443] [TLS.Github][Collaborative][Acceptable]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|   0.144|   0.033|   0.053]
+                   [IAT(c->s)...:    0.000|   0.143|   0.032|   0.051][IAT(s->c)...:    0.000|   0.144|   0.034|   0.055]
+                   [PKTLEN(c->s):   66.000| 583.000| 116.700| 128.900][PKTLEN(s->c):   74.000|1490.000| 618.300| 554.700]
+                   [BINS(c->s)..: 14,0,0,1,0,0,1,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 1,3,1,1,0,0,0,0,0,1,0,1,0,1,0,0,0,1,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,2,0,0,0]
+              end: [.....1] [ip4][..tcp] [...192.168.1.13][55744] -> [...140.82.114.4][..443] [TLS.Github][Collaborative][Acceptable]
+     DAEMON-EVENT: shutdown

test/results/flow-info/443-opvn.pcap.out

@@ -0,0 +1,14 @@
+     DAEMON-EVENT: init
+     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....1] [ip4][..tcp] [...192.168.1.84][52973] -> [.192.12.192.103][.1194] 
+         detected: [.....1] [ip4][..tcp] [...192.168.1.84][52973] -> [.192.12.192.103][.1194] [OpenVPN][VPN][Acceptable]
+          analyse: [.....1] [ip4][..tcp] [...192.168.1.84][52973] -> [.192.12.192.103][.1194] [OpenVPN][VPN][Acceptable]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|   1.161|   0.158|   0.364]
+                   [IAT(c->s)...:    0.000|   1.161|   0.153|   0.362][IAT(s->c)...:    0.000|   1.123|   0.164|   0.367]
+                   [PKTLEN(c->s):   66.000|1506.000| 269.600| 378.300][PKTLEN(s->c):   66.000|1506.000| 279.600| 438.000]
+                   [BINS(c->s)..: 7,5,1,0,0,0,0,0,0,0,1,0,0,0,0,0,0,1,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0]
+                   [BINS(s->c)..: 8,3,0,1,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,1,0,0]
+              end: [.....1] [ip4][..tcp] [...192.168.1.84][52973] -> [.192.12.192.103][.1194] [OpenVPN][VPN][Acceptable]
+     DAEMON-EVENT: shutdown

test/results/flow-info/443-safari.pcap.out

@@ -0,0 +1,16 @@
+     DAEMON-EVENT: init
+     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....1] [ip4][..tcp] [...192.168.1.13][53031] -> [.178.62.197.130][..443] 
+         detected: [.....1] [ip4][..tcp] [...192.168.1.13][53031] -> [.178.62.197.130][..443] [TLS.ntop][Network][Safe]
+ detection-update: [.....1] [ip4][..tcp] [...192.168.1.13][53031] -> [.178.62.197.130][..443] [TLS.ntop][Network][Safe]
+ detection-update: [.....1] [ip4][..tcp] [...192.168.1.13][53031] -> [.178.62.197.130][..443] [TLS.ntop][Network][Safe]
+          analyse: [.....1] [ip4][..tcp] [...192.168.1.13][53031] -> [.178.62.197.130][..443] [TLS.ntop][Network][Safe]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|   0.696|   0.070|   0.175]
+                   [IAT(c->s)...:    0.000|   0.696|   0.068|   0.171][IAT(s->c)...:    0.000|   0.696|   0.073|   0.179]
+                   [PKTLEN(c->s):   66.000| 394.000| 113.600|  89.600][PKTLEN(s->c):   66.000|1506.000| 721.700| 680.000]
+                   [BINS(c->s)..: 11,3,1,0,0,0,0,1,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 5,2,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,6,0,0]
+             idle: [.....1] [ip4][..tcp] [...192.168.1.13][53031] -> [.178.62.197.130][..443] [TLS.ntop][Network][Safe]
+     DAEMON-EVENT: shutdown

test/results/flow-info/4in4tunnel.pcap.out

@@ -0,0 +1,17 @@
+     DAEMON-EVENT: init
+     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+      ERROR-EVENT: Unknown packet type
+     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+      ERROR-EVENT: Unknown packet type
+     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+      ERROR-EVENT: Unknown packet type
+     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+      ERROR-EVENT: Unknown packet type
+     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+      ERROR-EVENT: Unknown packet type
+     DAEMON-EVENT: shutdown

test/results/flow-info/4in6tunnel.pcap.out

@@ -0,0 +1,7 @@
+     DAEMON-EVENT: init
+     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....1] [ip6][....4] [22e0:1685:eda7:38cc:58bd:f3f1:aa3f:22d8] -> [................344a:ba94:152a:ac34::2a] 
+         detected: [.....1] [ip6][....4] [22e0:1685:eda7:38cc:58bd:f3f1:aa3f:22d8] -> [................344a:ba94:152a:ac34::2a] [IP_in_IP][Network][Acceptable]
+             idle: [.....1] [ip6][....4] [22e0:1685:eda7:38cc:58bd:f3f1:aa3f:22d8] -> [................344a:ba94:152a:ac34::2a] [IP_in_IP][Network][Acceptable]
+     DAEMON-EVENT: shutdown

test/results/flow-info/6in4tunnel.pcap.out

@@ -0,0 +1,14 @@
+     DAEMON-EVENT: init
+     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....1] [ip4][...41] [....174.3.73.24] -> [.184.105.255.26] 
+          analyse: [.....1] [ip4][...41] [....174.3.73.24] -> [.184.105.255.26] 
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|   1.005|   0.495|   0.455]
+                   [IAT(c->s)...:    0.000|   1.002|   0.452|   0.445][IAT(s->c)...:    0.000|   1.005|   0.548|   0.461]
+                   [PKTLEN(c->s):  106.000| 310.000| 152.200|  53.200][PKTLEN(s->c):  106.000|1911.000| 376.600| 550.800]
+                   [BINS(c->s)..: 0,0,4,11,0,1,0,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 0,0,2,8,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,1]
+     not-detected: [.....1] [ip4][...41] [....174.3.73.24] -> [.184.105.255.26] [Unknown][Unrated]
+             idle: [.....1] [ip4][...41] [....174.3.73.24] -> [.184.105.255.26] [Unknown][Unrated]
+     DAEMON-EVENT: shutdown

test/results/flow-info/6in6tunnel.pcap.out

@@ -0,0 +1,10 @@
+     DAEMON-EVENT: init
+     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....1] [ip6][...41] [........2001:4f8:4:7:2e0:81ff:fe52:ffff] -> [........2001:4f8:4:7:2e0:81ff:fe52:9a6b] 
+              new: [.....2] [ip6][...41] [.............................feed::beef] -> [.............................feed::cafe] 
+     not-detected: [.....1] [ip6][...41] [........2001:4f8:4:7:2e0:81ff:fe52:ffff] -> [........2001:4f8:4:7:2e0:81ff:fe52:9a6b] [Unknown][Unrated]
+             idle: [.....1] [ip6][...41] [........2001:4f8:4:7:2e0:81ff:fe52:ffff] -> [........2001:4f8:4:7:2e0:81ff:fe52:9a6b] 
+     not-detected: [.....2] [ip6][...41] [.............................feed::beef] -> [.............................feed::cafe] [Unknown][Unrated]
+             idle: [.....2] [ip6][...41] [.............................feed::beef] -> [.............................feed::cafe] 
+     DAEMON-EVENT: shutdown

test/results/flow-info/BGP_Cisco_hdlc_slarp.pcap.out

@@ -0,0 +1,7 @@
+     DAEMON-EVENT: init
+     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....1] [ip4][..tcp] [.....100.16.1.2][18324] -> [.....100.16.1.1][..179] 
+         detected: [.....1] [ip4][..tcp] [.....100.16.1.2][18324] -> [.....100.16.1.1][..179] [BGP][Network][Acceptable]
+             idle: [.....1] [ip4][..tcp] [.....100.16.1.2][18324] -> [.....100.16.1.1][..179] [BGP][Network][Acceptable]
+     DAEMON-EVENT: shutdown

test/results/flow-info/BGP_redist.pcap.out

@@ -0,0 +1,8 @@
+     DAEMON-EVENT: init
+     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+      ERROR-EVENT: Unknown L3 protocol
+              new: [.....1] [ip4][..tcp] [........2.2.2.2][..179] -> [........5.5.5.5][49433] [MIDSTREAM] 
+         detected: [.....1] [ip4][..tcp] [........2.2.2.2][..179] -> [........5.5.5.5][49433] [BGP][Network][Acceptable]
+             idle: [.....1] [ip4][..tcp] [........2.2.2.2][..179] -> [........5.5.5.5][49433] [BGP][Network][Acceptable]
+     DAEMON-EVENT: shutdown

test/results/flow-info/EAQ.pcap.out

@@ -0,0 +1,130 @@
+     DAEMON-EVENT: init
+     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....1] [ip4][..tcp] [.......10.8.0.1][53497] -> [.173.194.119.48][...80] 
+         detected: [.....1] [ip4][..tcp] [.......10.8.0.1][53497] -> [.173.194.119.48][...80] [HTTP.Google][Web][Acceptable]
+                   RISK: HTTP Suspicious User-Agent
+              new: [.....2] [ip4][..tcp] [.......10.8.0.1][40467] -> [.173.194.119.24][...80] 
+         detected: [.....2] [ip4][..tcp] [.......10.8.0.1][40467] -> [.173.194.119.24][...80] [HTTP.Google][Web][Acceptable]
+                   RISK: HTTP Suspicious User-Agent
+              new: [.....3] [ip4][..udp] [.......10.8.0.1][52257] -> [200.185.138.146][.6000] 
+              new: [.....4] [ip4][..udp] [.......10.8.0.1][48890] -> [200.185.125.226][.6000] 
+              new: [.....5] [ip4][..udp] [.......10.8.0.1][51569] -> [.200.194.148.67][.6000] 
+              new: [.....6] [ip4][..udp] [.......10.8.0.1][41438] -> [.200.194.141.66][.6000] 
+              new: [.....7] [ip4][..udp] [.......10.8.0.1][42620] -> [.200.194.148.66][.6000] 
+              new: [.....8] [ip4][..udp] [.......10.8.0.1][43641] -> [.200.194.148.68][.6000] 
+              new: [.....9] [ip4][..udp] [.......10.8.0.1][34687] -> [.200.194.141.68][.6000] 
+              new: [....10] [ip4][..udp] [.......10.8.0.1][39221] -> [.200.194.137.67][.6000] 
+              new: [....11] [ip4][..udp] [.......10.8.0.1][53354] -> [.200.194.137.66][.6000] 
+              new: [....12] [ip4][..udp] [.......10.8.0.1][59959] -> [.200.194.137.68][.6000] 
+              new: [....13] [ip4][..udp] [.......10.8.0.1][37985] -> [.200.194.129.67][.6000] 
+              new: [....14] [ip4][..udp] [.......10.8.0.1][48666] -> [.200.194.129.66][.6000] 
+              new: [....15] [ip4][..udp] [.......10.8.0.1][47714] -> [.200.194.129.68][.6000] 
+              new: [....16] [ip4][..udp] [.......10.8.0.1][43979] -> [.200.194.132.66][.6000] 
+              new: [....17] [ip4][..udp] [.......10.8.0.1][48563] -> [.200.194.141.67][.6000] 
+              new: [....18] [ip4][..udp] [.......10.8.0.1][39185] -> [.200.194.132.67][.6000] 
+              new: [....19] [ip4][..udp] [.......10.8.0.1][52726] -> [.200.194.132.68][.6000] 
+              new: [....20] [ip4][..udp] [.......10.8.0.1][56128] -> [.200.194.133.66][.6000] 
+              new: [....21] [ip4][..udp] [.......10.8.0.1][57004] -> [.200.194.133.67][.6000] 
+              new: [....22] [ip4][..udp] [.......10.8.0.1][53059] -> [.200.194.133.68][.6000] 
+              new: [....23] [ip4][..udp] [.......10.8.0.1][36552] -> [.200.194.136.66][.6000] 
+              new: [....24] [ip4][..udp] [.......10.8.0.1][43934] -> [.200.194.136.68][.6000] 
+              new: [....25] [ip4][..udp] [.......10.8.0.1][47346] -> [.200.194.134.66][.6000] 
+              new: [....26] [ip4][..udp] [.......10.8.0.1][59098] -> [.200.194.134.68][.6000] 
+              new: [....27] [ip4][..udp] [.......10.8.0.1][50175] -> [.200.194.149.67][.6000] 
+              new: [....28] [ip4][..udp] [.......10.8.0.1][36577] -> [.200.194.149.68][.6000] 
+              new: [....29] [ip4][..udp] [.......10.8.0.1][60013] -> [.200.194.136.67][.6000] 
+              new: [....30] [ip4][..udp] [.......10.8.0.1][33356] -> [.200.194.149.66][.6000] 
+              new: [....31] [ip4][..udp] [.......10.8.0.1][40058] -> [.200.194.134.67][.6000] 
+         detected: [.....3] [ip4][..udp] [.......10.8.0.1][52257] -> [200.185.138.146][.6000] [EAQ][Network][Acceptable]
+         detected: [.....4] [ip4][..udp] [.......10.8.0.1][48890] -> [200.185.125.226][.6000] [EAQ][Network][Acceptable]
+         detected: [.....5] [ip4][..udp] [.......10.8.0.1][51569] -> [.200.194.148.67][.6000] [EAQ][Network][Acceptable]
+         detected: [.....7] [ip4][..udp] [.......10.8.0.1][42620] -> [.200.194.148.66][.6000] [EAQ][Network][Acceptable]
+         detected: [.....8] [ip4][..udp] [.......10.8.0.1][43641] -> [.200.194.148.68][.6000] [EAQ][Network][Acceptable]
+         detected: [....16] [ip4][..udp] [.......10.8.0.1][43979] -> [.200.194.132.66][.6000] [EAQ][Network][Acceptable]
+         detected: [....18] [ip4][..udp] [.......10.8.0.1][39185] -> [.200.194.132.67][.6000] [EAQ][Network][Acceptable]
+         detected: [....19] [ip4][..udp] [.......10.8.0.1][52726] -> [.200.194.132.68][.6000] [EAQ][Network][Acceptable]
+           update: [.....4] [ip4][..udp] [.......10.8.0.1][48890] -> [200.185.125.226][.6000] [EAQ][Network][Acceptable]
+           update: [.....7] [ip4][..udp] [.......10.8.0.1][42620] -> [.200.194.148.66][.6000] [EAQ][Network][Acceptable]
+           update: [.....9] [ip4][..udp] [.......10.8.0.1][34687] -> [.200.194.141.68][.6000] 
+           update: [....11] [ip4][..udp] [.......10.8.0.1][53354] -> [.200.194.137.66][.6000] 
+           update: [....10] [ip4][..udp] [.......10.8.0.1][39221] -> [.200.194.137.67][.6000] 
+           update: [.....5] [ip4][..udp] [.......10.8.0.1][51569] -> [.200.194.148.67][.6000] [EAQ][Network][Acceptable]
+           update: [.....6] [ip4][..udp] [.......10.8.0.1][41438] -> [.200.194.141.66][.6000] 
+           update: [....12] [ip4][..udp] [.......10.8.0.1][59959] -> [.200.194.137.68][.6000] 
+           update: [.....8] [ip4][..udp] [.......10.8.0.1][43641] -> [.200.194.148.68][.6000] [EAQ][Network][Acceptable]
+           update: [.....3] [ip4][..udp] [.......10.8.0.1][52257] -> [200.185.138.146][.6000] [EAQ][Network][Acceptable]
+           update: [....17] [ip4][..udp] [.......10.8.0.1][48563] -> [.200.194.141.67][.6000] 
+           update: [....19] [ip4][..udp] [.......10.8.0.1][52726] -> [.200.194.132.68][.6000] [EAQ][Network][Acceptable]
+           update: [....14] [ip4][..udp] [.......10.8.0.1][48666] -> [.200.194.129.66][.6000] 
+           update: [....21] [ip4][..udp] [.......10.8.0.1][57004] -> [.200.194.133.67][.6000] 
+           update: [....23] [ip4][..udp] [.......10.8.0.1][36552] -> [.200.194.136.66][.6000] 
+           update: [....22] [ip4][..udp] [.......10.8.0.1][53059] -> [.200.194.133.68][.6000] 
+           update: [....25] [ip4][..udp] [.......10.8.0.1][47346] -> [.200.194.134.66][.6000] 
+           update: [....18] [ip4][..udp] [.......10.8.0.1][39185] -> [.200.194.132.67][.6000] [EAQ][Network][Acceptable]
+           update: [....15] [ip4][..udp] [.......10.8.0.1][47714] -> [.200.194.129.68][.6000] 
+           update: [....20] [ip4][..udp] [.......10.8.0.1][56128] -> [.200.194.133.66][.6000] 
+           update: [....24] [ip4][..udp] [.......10.8.0.1][43934] -> [.200.194.136.68][.6000] 
+           update: [....16] [ip4][..udp] [.......10.8.0.1][43979] -> [.200.194.132.66][.6000] [EAQ][Network][Acceptable]
+           update: [....13] [ip4][..udp] [.......10.8.0.1][37985] -> [.200.194.129.67][.6000] 
+         detected: [.....6] [ip4][..udp] [.......10.8.0.1][41438] -> [.200.194.141.66][.6000] [EAQ][Network][Acceptable]
+         detected: [.....9] [ip4][..udp] [.......10.8.0.1][34687] -> [.200.194.141.68][.6000] [EAQ][Network][Acceptable]
+         detected: [....10] [ip4][..udp] [.......10.8.0.1][39221] -> [.200.194.137.67][.6000] [EAQ][Network][Acceptable]
+         detected: [....11] [ip4][..udp] [.......10.8.0.1][53354] -> [.200.194.137.66][.6000] [EAQ][Network][Acceptable]
+         detected: [....12] [ip4][..udp] [.......10.8.0.1][59959] -> [.200.194.137.68][.6000] [EAQ][Network][Acceptable]
+         detected: [....13] [ip4][..udp] [.......10.8.0.1][37985] -> [.200.194.129.67][.6000] [EAQ][Network][Acceptable]
+           update: [....26] [ip4][..udp] [.......10.8.0.1][59098] -> [.200.194.134.68][.6000] 
+           update: [....28] [ip4][..udp] [.......10.8.0.1][36577] -> [.200.194.149.68][.6000] 
+           update: [....30] [ip4][..udp] [.......10.8.0.1][33356] -> [.200.194.149.66][.6000] 
+           update: [....29] [ip4][..udp] [.......10.8.0.1][60013] -> [.200.194.136.67][.6000] 
+           update: [....27] [ip4][..udp] [.......10.8.0.1][50175] -> [.200.194.149.67][.6000] 
+           update: [....31] [ip4][..udp] [.......10.8.0.1][40058] -> [.200.194.134.67][.6000] 
+         detected: [....14] [ip4][..udp] [.......10.8.0.1][48666] -> [.200.194.129.66][.6000] [EAQ][Network][Acceptable]
+         detected: [....15] [ip4][..udp] [.......10.8.0.1][47714] -> [.200.194.129.68][.6000] [EAQ][Network][Acceptable]
+         detected: [....17] [ip4][..udp] [.......10.8.0.1][48563] -> [.200.194.141.67][.6000] [EAQ][Network][Acceptable]
+         detected: [....20] [ip4][..udp] [.......10.8.0.1][56128] -> [.200.194.133.66][.6000] [EAQ][Network][Acceptable]
+         detected: [....21] [ip4][..udp] [.......10.8.0.1][57004] -> [.200.194.133.67][.6000] [EAQ][Network][Acceptable]
+         detected: [....23] [ip4][..udp] [.......10.8.0.1][36552] -> [.200.194.136.66][.6000] [EAQ][Network][Acceptable]
+         detected: [....22] [ip4][..udp] [.......10.8.0.1][53059] -> [.200.194.133.68][.6000] [EAQ][Network][Acceptable]
+         detected: [....24] [ip4][..udp] [.......10.8.0.1][43934] -> [.200.194.136.68][.6000] [EAQ][Network][Acceptable]
+         detected: [....25] [ip4][..udp] [.......10.8.0.1][47346] -> [.200.194.134.66][.6000] [EAQ][Network][Acceptable]
+         detected: [....26] [ip4][..udp] [.......10.8.0.1][59098] -> [.200.194.134.68][.6000] [EAQ][Network][Acceptable]
+         detected: [....27] [ip4][..udp] [.......10.8.0.1][50175] -> [.200.194.149.67][.6000] [EAQ][Network][Acceptable]
+         detected: [....28] [ip4][..udp] [.......10.8.0.1][36577] -> [.200.194.149.68][.6000] [EAQ][Network][Acceptable]
+         detected: [....29] [ip4][..udp] [.......10.8.0.1][60013] -> [.200.194.136.67][.6000] [EAQ][Network][Acceptable]
+         detected: [....30] [ip4][..udp] [.......10.8.0.1][33356] -> [.200.194.149.66][.6000] [EAQ][Network][Acceptable]
+         detected: [....31] [ip4][..udp] [.......10.8.0.1][40058] -> [.200.194.134.67][.6000] [EAQ][Network][Acceptable]
+             idle: [....17] [ip4][..udp] [.......10.8.0.1][48563] -> [.200.194.141.67][.6000] [EAQ][Network][Acceptable]
+             idle: [....19] [ip4][..udp] [.......10.8.0.1][52726] -> [.200.194.132.68][.6000] [EAQ][Network][Acceptable]
+             idle: [.....4] [ip4][..udp] [.......10.8.0.1][48890] -> [200.185.125.226][.6000] [EAQ][Network][Acceptable]
+             idle: [....14] [ip4][..udp] [.......10.8.0.1][48666] -> [.200.194.129.66][.6000] [EAQ][Network][Acceptable]
+             idle: [.....7] [ip4][..udp] [.......10.8.0.1][42620] -> [.200.194.148.66][.6000] [EAQ][Network][Acceptable]
+             idle: [....21] [ip4][..udp] [.......10.8.0.1][57004] -> [.200.194.133.67][.6000] [EAQ][Network][Acceptable]
+             idle: [....23] [ip4][..udp] [.......10.8.0.1][36552] -> [.200.194.136.66][.6000] [EAQ][Network][Acceptable]
+              end: [.....2] [ip4][..tcp] [.......10.8.0.1][40467] -> [.173.194.119.24][...80] [HTTP.Google][Web][Acceptable]
+                   RISK: HTTP Suspicious User-Agent
+             idle: [....26] [ip4][..udp] [.......10.8.0.1][59098] -> [.200.194.134.68][.6000] [EAQ][Network][Acceptable]
+             idle: [....28] [ip4][..udp] [.......10.8.0.1][36577] -> [.200.194.149.68][.6000] [EAQ][Network][Acceptable]
+             idle: [....22] [ip4][..udp] [.......10.8.0.1][53059] -> [.200.194.133.68][.6000] [EAQ][Network][Acceptable]
+             idle: [.....9] [ip4][..udp] [.......10.8.0.1][34687] -> [.200.194.141.68][.6000] [EAQ][Network][Acceptable]
+             idle: [....11] [ip4][..udp] [.......10.8.0.1][53354] -> [.200.194.137.66][.6000] [EAQ][Network][Acceptable]
+             idle: [....25] [ip4][..udp] [.......10.8.0.1][47346] -> [.200.194.134.66][.6000] [EAQ][Network][Acceptable]
+             idle: [....18] [ip4][..udp] [.......10.8.0.1][39185] -> [.200.194.132.67][.6000] [EAQ][Network][Acceptable]
+             idle: [....10] [ip4][..udp] [.......10.8.0.1][39221] -> [.200.194.137.67][.6000] [EAQ][Network][Acceptable]
+             idle: [.....5] [ip4][..udp] [.......10.8.0.1][51569] -> [.200.194.148.67][.6000] [EAQ][Network][Acceptable]
+              end: [.....1] [ip4][..tcp] [.......10.8.0.1][53497] -> [.173.194.119.48][...80] [HTTP.Google][Web][Acceptable]
+                   RISK: HTTP Suspicious User-Agent
+             idle: [.....6] [ip4][..udp] [.......10.8.0.1][41438] -> [.200.194.141.66][.6000] [EAQ][Network][Acceptable]
+             idle: [....12] [ip4][..udp] [.......10.8.0.1][59959] -> [.200.194.137.68][.6000] [EAQ][Network][Acceptable]
+             idle: [....30] [ip4][..udp] [.......10.8.0.1][33356] -> [.200.194.149.66][.6000] [EAQ][Network][Acceptable]
+             idle: [....15] [ip4][..udp] [.......10.8.0.1][47714] -> [.200.194.129.68][.6000] [EAQ][Network][Acceptable]
+             idle: [....29] [ip4][..udp] [.......10.8.0.1][60013] -> [.200.194.136.67][.6000] [EAQ][Network][Acceptable]
+             idle: [.....8] [ip4][..udp] [.......10.8.0.1][43641] -> [.200.194.148.68][.6000] [EAQ][Network][Acceptable]
+             idle: [.....3] [ip4][..udp] [.......10.8.0.1][52257] -> [200.185.138.146][.6000] [EAQ][Network][Acceptable]
+             idle: [....20] [ip4][..udp] [.......10.8.0.1][56128] -> [.200.194.133.66][.6000] [EAQ][Network][Acceptable]
+             idle: [....24] [ip4][..udp] [.......10.8.0.1][43934] -> [.200.194.136.68][.6000] [EAQ][Network][Acceptable]
+             idle: [....16] [ip4][..udp] [.......10.8.0.1][43979] -> [.200.194.132.66][.6000] [EAQ][Network][Acceptable]
+             idle: [....27] [ip4][..udp] [.......10.8.0.1][50175] -> [.200.194.149.67][.6000] [EAQ][Network][Acceptable]
+             idle: [....13] [ip4][..udp] [.......10.8.0.1][37985] -> [.200.194.129.67][.6000] [EAQ][Network][Acceptable]
+             idle: [....31] [ip4][..udp] [.......10.8.0.1][40058] -> [.200.194.134.67][.6000] [EAQ][Network][Acceptable]
+     DAEMON-EVENT: shutdown

test/results/flow-info/FAX-Call-t38-CA-TDM-SIP-FB-1.pcap.out

@@ -0,0 +1,46 @@
+     DAEMON-EVENT: init
+     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....1] [ip4][..udp] [....10.35.40.22][.2944] -> [.....10.23.1.42][.2944] 
+         detected: [.....1] [ip4][..udp] [....10.35.40.22][.2944] -> [.....10.23.1.42][.2944] [Megaco][VoIP][Acceptable]
+              new: [.....2] [ip4][..udp] [....10.35.60.72][.5060] -> [...10.35.60.100][.5060] 
+         detected: [.....2] [ip4][..udp] [....10.35.60.72][.5060] -> [...10.35.60.100][.5060] [SIP][VoIP][Acceptable]
+              new: [.....3] [ip4][..udp] [....10.35.40.25][.5060] -> [...10.35.40.200][.5060] 
+         detected: [.....3] [ip4][..udp] [....10.35.40.25][.5060] -> [...10.35.40.200][.5060] [SIP][VoIP][Acceptable]
+              new: [.....4] [ip4][..udp] [138.132.169.101][.5060] -> [192.168.100.219][.5060] 
+         detected: [.....4] [ip4][..udp] [138.132.169.101][.5060] -> [192.168.100.219][.5060] [SIP][VoIP][Acceptable]
+          analyse: [.....1] [ip4][..udp] [....10.35.40.22][.2944] -> [.....10.23.1.42][.2944] [Megaco][VoIP][Acceptable]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|   4.370|   1.692|   2.031]
+                   [IAT(c->s)...:    0.000|   4.370|   1.748|   2.040][IAT(s->c)...:    0.000|   4.370|   1.639|   2.022]
+                   [PKTLEN(c->s):   87.000| 376.000| 105.800|  69.800][PKTLEN(s->c):  101.000| 414.000| 231.900|  82.100]
+                   [BINS(c->s)..: 0,15,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 0,1,0,7,0,0,0,7,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+              new: [.....5] [ip4][..udp] [...10.35.60.100][15580] -> [.....10.23.1.52][16756] 
+         detected: [.....5] [ip4][..udp] [...10.35.60.100][15580] -> [.....10.23.1.52][16756] [RTP][Media][Acceptable]
+          analyse: [.....5] [ip4][..udp] [...10.35.60.100][15580] -> [.....10.23.1.52][16756] [RTP][Media][Acceptable]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.001|   0.040|   0.020|   0.005]
+                   [IAT(c->s)...:    0.001|   0.040|   0.020|   0.005][IAT(s->c)...:    0.000|   0.000|   0.000|   0.000]
+                   [PKTLEN(c->s):  214.000| 214.000| 214.000|   0.000][PKTLEN(s->c):    0.000|   0.000|   0.000|   0.000]
+                   [BINS(c->s)..: 0,0,0,0,0,32,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+           update: [.....1] [ip4][..udp] [....10.35.40.22][.2944] -> [.....10.23.1.42][.2944] [Megaco][VoIP][Acceptable]
+          analyse: [.....3] [ip4][..udp] [....10.35.40.25][.5060] -> [...10.35.40.200][.5060] [SIP][VoIP][Acceptable]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|  27.628|   2.809|   6.896]
+                   [IAT(c->s)...:    0.000|  27.628|   2.903|   7.003][IAT(s->c)...:    0.000|  27.585|   2.721|   6.792]
+                   [PKTLEN(c->s):  425.000| 923.000| 658.800| 215.100][PKTLEN(s->c):  304.000| 894.000| 551.900| 194.400]
+                   [BINS(c->s)..: 0,0,0,0,0,0,0,0,0,0,0,2,4,2,0,0,0,0,0,0,0,0,0,2,0,2,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 0,0,0,0,0,0,0,0,2,0,2,0,0,4,2,0,2,0,0,0,0,0,0,0,2,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+           update: [.....4] [ip4][..udp] [138.132.169.101][.5060] -> [192.168.100.219][.5060] [SIP][VoIP][Acceptable]
+           update: [.....2] [ip4][..udp] [....10.35.60.72][.5060] -> [...10.35.60.100][.5060] [SIP][VoIP][Acceptable]
+           update: [.....3] [ip4][..udp] [....10.35.40.25][.5060] -> [...10.35.40.200][.5060] [SIP][VoIP][Acceptable]
+           update: [.....5] [ip4][..udp] [...10.35.60.100][15580] -> [.....10.23.1.52][16756] [RTP][Media][Acceptable]
+           update: [.....1] [ip4][..udp] [....10.35.40.22][.2944] -> [.....10.23.1.42][.2944] [Megaco][VoIP][Acceptable]
+             idle: [.....5] [ip4][..udp] [...10.35.60.100][15580] -> [.....10.23.1.52][16756] [RTP][Media][Acceptable]
+             idle: [.....1] [ip4][..udp] [....10.35.40.22][.2944] -> [.....10.23.1.42][.2944] [Megaco][VoIP][Acceptable]
+             idle: [.....4] [ip4][..udp] [138.132.169.101][.5060] -> [192.168.100.219][.5060] [SIP][VoIP][Acceptable]
+             idle: [.....3] [ip4][..udp] [....10.35.40.25][.5060] -> [...10.35.40.200][.5060] [SIP][VoIP][Acceptable]
+             idle: [.....2] [ip4][..udp] [....10.35.60.72][.5060] -> [...10.35.60.100][.5060] [SIP][VoIP][Acceptable]
+     DAEMON-EVENT: shutdown

test/results/flow-info/IEC104.pcap.out

@@ -0,0 +1,10 @@
+     DAEMON-EVENT: init
+     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....1] [ip4][..tcp] [...10.175.211.1][.2404] -> [..10.119.105.26][54768] [MIDSTREAM] 
+              new: [.....2] [ip4][..tcp] [...10.175.211.3][.2404] -> [..10.119.105.26][54769] [MIDSTREAM] 
+         detected: [.....1] [ip4][..tcp] [...10.175.211.1][.2404] -> [..10.119.105.26][54768] [IEC60870][IoT-Scada][Acceptable]
+         detected: [.....2] [ip4][..tcp] [...10.175.211.3][.2404] -> [..10.119.105.26][54769] [IEC60870][IoT-Scada][Acceptable]
+             idle: [.....1] [ip4][..tcp] [...10.175.211.1][.2404] -> [..10.119.105.26][54768] [IEC60870][IoT-Scada][Acceptable]
+             idle: [.....2] [ip4][..tcp] [...10.175.211.3][.2404] -> [..10.119.105.26][54769] [IEC60870][IoT-Scada][Acceptable]
+     DAEMON-EVENT: shutdown

test/results/flow-info/KakaoTalk_chat.pcap.out

@@ -0,0 +1,201 @@
+     DAEMON-EVENT: init
+     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....1] [ip4][..udp] [...10.24.82.188][38448] -> [.....10.188.1.1][...53] 
+         detected: [.....1] [ip4][..udp] [...10.24.82.188][38448] -> [.....10.188.1.1][...53] [DNS.KakaoTalk][Chat][Acceptable]
+              new: [.....2] [ip4][..udp] [...10.24.82.188][35603] -> [.....10.188.1.1][...53] 
+         detected: [.....2] [ip4][..udp] [...10.24.82.188][35603] -> [.....10.188.1.1][...53] [DNS.KakaoTalk][Chat][Acceptable]
+              new: [.....3] [ip4][..udp] [...10.24.82.188][57816] -> [.....10.188.1.1][...53] 
+         detected: [.....3] [ip4][..udp] [...10.24.82.188][57816] -> [.....10.188.1.1][...53] [DNS.KakaoTalk][Chat][Acceptable]
+ detection-update: [.....2] [ip4][..udp] [...10.24.82.188][35603] -> [.....10.188.1.1][...53] [DNS.KakaoTalk][Chat][Acceptable]
+ detection-update: [.....1] [ip4][..udp] [...10.24.82.188][38448] -> [.....10.188.1.1][...53] [DNS.KakaoTalk][Chat][Acceptable]
+ detection-update: [.....3] [ip4][..udp] [...10.24.82.188][57816] -> [.....10.188.1.1][...53] [DNS.KakaoTalk][Chat][Acceptable]
+              new: [.....4] [ip4][..udp] [...10.24.82.188][41909] -> [.....10.188.1.1][...53] 
+         detected: [.....4] [ip4][..udp] [...10.24.82.188][41909] -> [.....10.188.1.1][...53] [DNS.KakaoTalk][Chat][Acceptable]
+              new: [.....5] [ip4][..udp] [...10.24.82.188][12908] -> [.....10.188.1.1][...53] 
+         detected: [.....5] [ip4][..udp] [...10.24.82.188][12908] -> [.....10.188.1.1][...53] [DNS.KakaoTalk][Chat][Acceptable]
+              new: [.....6] [ip4][..udp] [...10.24.82.188][58810] -> [.....10.188.1.1][...53] 
+         detected: [.....6] [ip4][..udp] [...10.24.82.188][58810] -> [.....10.188.1.1][...53] [DNS.KakaoTalk][Chat][Acceptable]
+ detection-update: [.....6] [ip4][..udp] [...10.24.82.188][58810] -> [.....10.188.1.1][...53] [DNS.KakaoTalk][Chat][Acceptable]
+ detection-update: [.....5] [ip4][..udp] [...10.24.82.188][12908] -> [.....10.188.1.1][...53] [DNS.KakaoTalk][Chat][Acceptable]
+ detection-update: [.....4] [ip4][..udp] [...10.24.82.188][41909] -> [.....10.188.1.1][...53] [DNS.KakaoTalk][Chat][Acceptable]
+              new: [.....7] [ip4][..udp] [...10.24.82.188][.5929] -> [.....10.188.1.1][...53] 
+         detected: [.....7] [ip4][..udp] [...10.24.82.188][.5929] -> [.....10.188.1.1][...53] [DNS.KakaoTalk][Chat][Acceptable]
+              new: [.....8] [ip4][..udp] [...10.24.82.188][.9094] -> [.....10.188.1.1][...53] 
+         detected: [.....8] [ip4][..udp] [...10.24.82.188][.9094] -> [.....10.188.1.1][...53] [DNS.KakaoTalk][Chat][Acceptable]
+              new: [.....9] [ip4][..udp] [...10.24.82.188][56820] -> [.....10.188.1.1][...53] 
+         detected: [.....9] [ip4][..udp] [...10.24.82.188][56820] -> [.....10.188.1.1][...53] [DNS.KakaoTalk][Chat][Acceptable]
+ detection-update: [.....7] [ip4][..udp] [...10.24.82.188][.5929] -> [.....10.188.1.1][...53] [DNS.KakaoTalk][Chat][Acceptable]
+ detection-update: [.....8] [ip4][..udp] [...10.24.82.188][.9094] -> [.....10.188.1.1][...53] [DNS.KakaoTalk][Chat][Acceptable]
+ detection-update: [.....9] [ip4][..udp] [...10.24.82.188][56820] -> [.....10.188.1.1][...53] [DNS.KakaoTalk][Chat][Acceptable]
+              new: [....10] [ip4][..udp] [...10.24.82.188][29029] -> [.....10.188.1.1][...53] 
+         detected: [....10] [ip4][..udp] [...10.24.82.188][29029] -> [.....10.188.1.1][...53] [DNS.KakaoTalk][Chat][Acceptable]
+              new: [....11] [ip4][..udp] [...10.24.82.188][25117] -> [.....10.188.1.1][...53] 
+         detected: [....11] [ip4][..udp] [...10.24.82.188][25117] -> [.....10.188.1.1][...53] [DNS.KakaoTalk][Chat][Acceptable]
+              new: [....12] [ip4][..udp] [...10.24.82.188][43077] -> [.....10.188.1.1][...53] 
+         detected: [....12] [ip4][..udp] [...10.24.82.188][43077] -> [.....10.188.1.1][...53] [DNS.KakaoTalk][Chat][Acceptable]
+ detection-update: [....10] [ip4][..udp] [...10.24.82.188][29029] -> [.....10.188.1.1][...53] [DNS.KakaoTalk][Chat][Acceptable]
+ detection-update: [....12] [ip4][..udp] [...10.24.82.188][43077] -> [.....10.188.1.1][...53] [DNS.KakaoTalk][Chat][Acceptable]
+ detection-update: [....11] [ip4][..udp] [...10.24.82.188][25117] -> [.....10.188.1.1][...53] [DNS.KakaoTalk][Chat][Acceptable]
+              new: [....13] [ip4][..tcp] [...10.24.82.188][51021] -> [.103.246.57.251][.8080] 
+              new: [....14] [ip4][..tcp] [..216.58.221.10][...80] -> [...10.24.82.188][35922] [MIDSTREAM] 
+              new: [....15] [ip4][..tcp] [...10.24.82.188][35503] -> [...173.252.97.2][..443] 
+         detected: [....15] [ip4][..tcp] [...10.24.82.188][35503] -> [...173.252.97.2][..443] [TLS.Facebook][SocialNetwork][Fun]
+                   RISK: Obsolete TLS (v1.1 or older)
+              new: [....16] [ip4][..tcp] [..120.28.26.242][...80] -> [...10.24.82.188][34503] [MIDSTREAM] 
+              new: [....17] [ip4][..udp] [...10.24.82.188][61011] -> [.....10.188.1.1][...53] 
+         detected: [....17] [ip4][..udp] [...10.24.82.188][61011] -> [.....10.188.1.1][...53] [DNS.KakaoTalk][Chat][Acceptable]
+              new: [....18] [ip4][..udp] [...10.24.82.188][61011] -> [...10.188.191.1][...53] 
+         detected: [....18] [ip4][..udp] [...10.24.82.188][61011] -> [...10.188.191.1][...53] [DNS.KakaoTalk][Chat][Acceptable]
+ detection-update: [....17] [ip4][..udp] [...10.24.82.188][61011] -> [.....10.188.1.1][...53] [DNS.KakaoTalk][Chat][Acceptable]
+ detection-update: [....18] [ip4][..udp] [...10.24.82.188][61011] -> [...10.188.191.1][...53] [DNS.KakaoTalk][Chat][Acceptable]
+              new: [....19] [ip4][.icmp] [...10.24.82.188] -> [...10.188.191.1] 
+         detected: [....19] [ip4][.icmp] [...10.24.82.188] -> [...10.188.191.1] [ICMP][Network][Acceptable]
+              new: [....20] [ip4][..tcp] [...10.24.82.188][37821] -> [.210.103.240.15][..443] 
+         detected: [....20] [ip4][..tcp] [...10.24.82.188][37821] -> [.210.103.240.15][..443] [TLS][Web][Safe]
+                   RISK: Obsolete TLS (v1.1 or older)
+ detection-update: [....20] [ip4][..tcp] [...10.24.82.188][37821] -> [.210.103.240.15][..443] [TLS][Web][Safe]
+                   RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher
+ detection-update: [....20] [ip4][..tcp] [...10.24.82.188][37821] -> [.210.103.240.15][..443] [TLS.KakaoTalk][Chat][Acceptable]
+                   RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher
+              new: [....21] [ip4][..tcp] [...10.24.82.188][37553] -> [....31.13.68.84][...80] 
+              new: [....22] [ip4][..tcp] [....31.13.68.73][..443] -> [...10.24.82.188][47007] [MIDSTREAM] 
+         detected: [....22] [ip4][..tcp] [....31.13.68.73][..443] -> [...10.24.82.188][47007] [TLS.Facebook][SocialNetwork][Fun]
+         detected: [....21] [ip4][..tcp] [...10.24.82.188][37553] -> [....31.13.68.84][...80] [HTTP.Facebook][SocialNetwork][Fun]
+              new: [....23] [ip4][..udp] [...10.24.82.188][24596] -> [.....10.188.1.1][...53] 
+         detected: [....23] [ip4][..udp] [...10.24.82.188][24596] -> [.....10.188.1.1][...53] [DNS.Facebook][SocialNetwork][Fun]
+ detection-update: [....15] [ip4][..tcp] [...10.24.82.188][35503] -> [...173.252.97.2][..443] [TLS.Facebook][SocialNetwork][Fun]
+                   RISK: Obsolete TLS (v1.1 or older)
+ detection-update: [....15] [ip4][..tcp] [...10.24.82.188][35503] -> [...173.252.97.2][..443] [TLS.Facebook][SocialNetwork][Fun]
+                   RISK: Obsolete TLS (v1.1 or older)
+ detection-update: [....23] [ip4][..udp] [...10.24.82.188][24596] -> [.....10.188.1.1][...53] [DNS.Facebook][SocialNetwork][Fun]
+              new: [....24] [ip4][..tcp] [...10.24.82.188][45209] -> [....31.13.68.84][..443] 
+         detected: [....24] [ip4][..tcp] [...10.24.82.188][45209] -> [....31.13.68.84][..443] [TLS.Facebook][SocialNetwork][Fun]
+                   RISK: TLS (probably) Not Carrying HTTPS
+              new: [....25] [ip4][..udp] [...10.24.82.188][19582] -> [.....10.188.1.1][...53] 
+         detected: [....25] [ip4][..udp] [...10.24.82.188][19582] -> [.....10.188.1.1][...53] [DNS.Facebook][SocialNetwork][Fun]
+ detection-update: [....24] [ip4][..tcp] [...10.24.82.188][45209] -> [....31.13.68.84][..443] [TLS.Facebook][SocialNetwork][Fun]
+                   RISK: TLS (probably) Not Carrying HTTPS
+ detection-update: [....24] [ip4][..tcp] [...10.24.82.188][45209] -> [....31.13.68.84][..443] [TLS.Facebook][SocialNetwork][Fun]
+                   RISK: TLS (probably) Not Carrying HTTPS
+ detection-update: [....25] [ip4][..udp] [...10.24.82.188][19582] -> [.....10.188.1.1][...53] [DNS.Facebook][SocialNetwork][Fun]
+              new: [....26] [ip4][..tcp] [...10.24.82.188][43581] -> [....31.13.68.70][..443] 
+         detected: [....26] [ip4][..tcp] [...10.24.82.188][43581] -> [....31.13.68.70][..443] [TLS.Facebook][SocialNetwork][Fun]
+                   RISK: TLS (probably) Not Carrying HTTPS
+              new: [....27] [ip4][..udp] [...10.24.82.188][.4017] -> [.....10.188.1.1][...53] 
+         detected: [....27] [ip4][..udp] [...10.24.82.188][.4017] -> [.....10.188.1.1][...53] [DNS.Facebook][SocialNetwork][Fun]
+ detection-update: [....26] [ip4][..tcp] [...10.24.82.188][43581] -> [....31.13.68.70][..443] [TLS.Facebook][SocialNetwork][Fun]
+                   RISK: TLS (probably) Not Carrying HTTPS
+ detection-update: [....26] [ip4][..tcp] [...10.24.82.188][43581] -> [....31.13.68.70][..443] [TLS.Facebook][SocialNetwork][Fun]
+                   RISK: TLS (probably) Not Carrying HTTPS
+ detection-update: [....27] [ip4][..udp] [...10.24.82.188][.4017] -> [.....10.188.1.1][...53] [DNS.Facebook][SocialNetwork][Fun]
+              new: [....28] [ip4][..udp] [...10.24.82.188][14650] -> [.....10.188.1.1][...53] 
+         detected: [....28] [ip4][..udp] [...10.24.82.188][14650] -> [.....10.188.1.1][...53] [DNS][Network][Acceptable]
+              new: [....29] [ip4][..tcp] [...10.24.82.188][45211] -> [....31.13.68.84][..443] 
+ detection-update: [....28] [ip4][..udp] [...10.24.82.188][14650] -> [.....10.188.1.1][...53] [DNS][Network][Acceptable]
+         detected: [....29] [ip4][..tcp] [...10.24.82.188][45211] -> [....31.13.68.84][..443] [TLS.Facebook][SocialNetwork][Fun]
+                   RISK: TLS (probably) Not Carrying HTTPS
+ detection-update: [....29] [ip4][..tcp] [...10.24.82.188][45211] -> [....31.13.68.84][..443] [TLS.Facebook][SocialNetwork][Fun]
+                   RISK: TLS (probably) Not Carrying HTTPS
+ detection-update: [....29] [ip4][..tcp] [...10.24.82.188][45211] -> [....31.13.68.84][..443] [TLS.Facebook][SocialNetwork][Fun]
+                   RISK: TLS (probably) Not Carrying HTTPS
+              new: [....30] [ip4][..tcp] [...10.24.82.188][58927] -> [.54.255.253.199][.5223] [MIDSTREAM] 
+         detected: [....30] [ip4][..tcp] [...10.24.82.188][58927] -> [.54.255.253.199][.5223] [TLS.AmazonAWS][Cloud][Acceptable]
+                   RISK: Known Proto on Non Std Port
+          analyse: [....26] [ip4][..tcp] [...10.24.82.188][43581] -> [....31.13.68.70][..443] [TLS.Facebook][SocialNetwork][Fun]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|   0.174|   0.038|   0.043]
+                   [IAT(c->s)...:    0.000|   0.124|   0.033|   0.039][IAT(s->c)...:    0.001|   0.174|   0.042|   0.047]
+                   [PKTLEN(c->s):   56.000|1053.000| 212.800| 311.300][PKTLEN(s->c):   56.000|1336.000| 331.300| 442.100]
+                   [BINS(c->s)..: 10,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,1,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 7,3,0,1,0,0,0,0,1,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0]
+              new: [....31] [ip4][..tcp] [...10.24.82.188][42332] -> [.210.103.240.15][..443] [MIDSTREAM] 
+              new: [....32] [ip4][..tcp] [...10.24.82.188][37557] -> [....31.13.68.84][...80] 
+         detected: [....32] [ip4][..tcp] [...10.24.82.188][37557] -> [....31.13.68.84][...80] [HTTP.Facebook][SocialNetwork][Fun]
+              new: [....33] [ip4][..tcp] [...10.24.82.188][45213] -> [....31.13.68.84][..443] 
+         detected: [....33] [ip4][..tcp] [...10.24.82.188][45213] -> [....31.13.68.84][..443] [TLS.Facebook][SocialNetwork][Fun]
+                   RISK: Obsolete TLS (v1.1 or older)
+          analyse: [....15] [ip4][..tcp] [...10.24.82.188][35503] -> [...173.252.97.2][..443] 
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.004|   3.803|   0.501|   0.832]
+                   [IAT(c->s)...:    0.004|   3.803|   0.567|   0.983][IAT(s->c)...:    0.004|   2.320|   0.421|   0.590]
+                   [PKTLEN(c->s):   56.000| 710.000| 152.100| 160.300][PKTLEN(s->c):   56.000|1336.000| 318.700| 484.700]
+                   [BINS(c->s)..: 11,0,1,1,1,2,0,0,0,1,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 9,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0]
+ detection-update: [....15] [ip4][..tcp] [...10.24.82.188][35503] -> [...173.252.97.2][..443] [TLS.Facebook][SocialNetwork][Fun]
+                   RISK: Obsolete TLS (v1.1 or older)
+              new: [....34] [ip4][..tcp] [...10.24.82.188][35511] -> [...173.252.97.2][..443] 
+         detected: [....34] [ip4][..tcp] [...10.24.82.188][35511] -> [...173.252.97.2][..443] [TLS.Facebook][SocialNetwork][Fun]
+                   RISK: Obsolete TLS (v1.1 or older)
+ detection-update: [....33] [ip4][..tcp] [...10.24.82.188][45213] -> [....31.13.68.84][..443] [TLS.Facebook][SocialNetwork][Fun]
+                   RISK: Obsolete TLS (v1.1 or older)
+ detection-update: [....33] [ip4][..tcp] [...10.24.82.188][45213] -> [....31.13.68.84][..443] [TLS.Facebook][SocialNetwork][Fun]
+                   RISK: Obsolete TLS (v1.1 or older)
+ detection-update: [....34] [ip4][..tcp] [...10.24.82.188][35511] -> [...173.252.97.2][..443] [TLS.Facebook][SocialNetwork][Fun]
+                   RISK: Obsolete TLS (v1.1 or older)
+ detection-update: [....34] [ip4][..tcp] [...10.24.82.188][35511] -> [...173.252.97.2][..443] [TLS.Facebook][SocialNetwork][Fun]
+                   RISK: Obsolete TLS (v1.1 or older)
+              new: [....35] [ip4][..tcp] [..139.150.0.125][..443] -> [...10.24.82.188][46947] [MIDSTREAM] 
+              new: [....36] [ip4][..tcp] [...10.24.82.188][34686] -> [.173.194.72.188][.5228] [MIDSTREAM] 
+         detected: [....36] [ip4][..tcp] [...10.24.82.188][34686] -> [.173.194.72.188][.5228] [TLS.Google][Web][Acceptable]
+                   RISK: Known Proto on Non Std Port
+              new: [....37] [ip4][..tcp] [...10.24.82.188][49217] -> [.216.58.220.174][..443] [MIDSTREAM] 
+         detected: [....37] [ip4][..tcp] [...10.24.82.188][49217] -> [.216.58.220.174][..443] [TLS.Google][Web][Acceptable]
+          analyse: [....34] [ip4][..tcp] [...10.24.82.188][35511] -> [...173.252.97.2][..443] [TLS.Facebook][SocialNetwork][Fun]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|  27.031|   1.853|   6.601]
+                   [IAT(c->s)...:    0.000|  26.938|   1.913|   6.690][IAT(s->c)...:    0.000|  27.031|   1.796|   6.517]
+                   [PKTLEN(c->s):   56.000| 578.000| 142.400| 138.700][PKTLEN(s->c):   56.000|1336.000| 287.100| 461.100]
+                   [BINS(c->s)..: 10,0,1,1,1,1,0,0,1,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 11,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0]
+           update: [....19] [ip4][.icmp] [...10.24.82.188] -> [...10.188.191.1] [ICMP][Network][Acceptable]
+              new: [....38] [ip4][..tcp] [...10.24.82.188][58964] -> [.54.255.253.199][.5223] 
+         detected: [....38] [ip4][..tcp] [...10.24.82.188][58964] -> [.54.255.253.199][.5223] [TLS.AmazonAWS][Cloud][Acceptable]
+                   RISK: Known Proto on Non Std Port, Obsolete TLS (v1.1 or older)
+             idle: [.....4] [ip4][..udp] [...10.24.82.188][41909] -> [.....10.188.1.1][...53] [DNS.KakaoTalk][Chat][Acceptable]
+              end: [....21] [ip4][..tcp] [...10.24.82.188][37553] -> [....31.13.68.84][...80] [HTTP.Facebook][SocialNetwork][Fun]
+              end: [....32] [ip4][..tcp] [...10.24.82.188][37557] -> [....31.13.68.84][...80] [HTTP.Facebook][SocialNetwork][Fun]
+             idle: [....25] [ip4][..udp] [...10.24.82.188][19582] -> [.....10.188.1.1][...53] [DNS.Facebook][SocialNetwork][Fun]
+             idle: [....26] [ip4][..tcp] [...10.24.82.188][43581] -> [....31.13.68.70][..443] [TLS.Facebook][SocialNetwork][Fun]
+                   RISK: TLS (probably) Not Carrying HTTPS
+             idle: [....15] [ip4][..tcp] [...10.24.82.188][35503] -> [...173.252.97.2][..443] [TLS.Facebook][SocialNetwork][Fun]
+                   RISK: Obsolete TLS (v1.1 or older)
+             idle: [....34] [ip4][..tcp] [...10.24.82.188][35511] -> [...173.252.97.2][..443] [TLS.Facebook][SocialNetwork][Fun]
+                   RISK: Obsolete TLS (v1.1 or older)
+              end: [....30] [ip4][..tcp] [...10.24.82.188][58927] -> [.54.255.253.199][.5223] 
+             idle: [....38] [ip4][..tcp] [...10.24.82.188][58964] -> [.54.255.253.199][.5223] 
+             idle: [.....6] [ip4][..udp] [...10.24.82.188][58810] -> [.....10.188.1.1][...53] [DNS.KakaoTalk][Chat][Acceptable]
+             idle: [.....9] [ip4][..udp] [...10.24.82.188][56820] -> [.....10.188.1.1][...53] [DNS.KakaoTalk][Chat][Acceptable]
+             idle: [.....1] [ip4][..udp] [...10.24.82.188][38448] -> [.....10.188.1.1][...53] [DNS.KakaoTalk][Chat][Acceptable]
+             idle: [....18] [ip4][..udp] [...10.24.82.188][61011] -> [...10.188.191.1][...53] [DNS.KakaoTalk][Chat][Acceptable]
+             idle: [....17] [ip4][..udp] [...10.24.82.188][61011] -> [.....10.188.1.1][...53] [DNS.KakaoTalk][Chat][Acceptable]
+             idle: [.....7] [ip4][..udp] [...10.24.82.188][.5929] -> [.....10.188.1.1][...53] [DNS.KakaoTalk][Chat][Acceptable]
+          guessed: [....16] [ip4][..tcp] [..120.28.26.242][...80] -> [...10.24.82.188][34503] [HTTP][Web][Acceptable]
+              end: [....16] [ip4][..tcp] [..120.28.26.242][...80] -> [...10.24.82.188][34503] 
+             idle: [....27] [ip4][..udp] [...10.24.82.188][.4017] -> [.....10.188.1.1][...53] [DNS.Facebook][SocialNetwork][Fun]
+             idle: [....19] [ip4][.icmp] [...10.24.82.188] -> [...10.188.191.1] [ICMP][Network][Acceptable]
+             idle: [....23] [ip4][..udp] [...10.24.82.188][24596] -> [.....10.188.1.1][...53] [DNS.Facebook][SocialNetwork][Fun]
+             idle: [....12] [ip4][..udp] [...10.24.82.188][43077] -> [.....10.188.1.1][...53] [DNS.KakaoTalk][Chat][Acceptable]
+             idle: [....37] [ip4][..tcp] [...10.24.82.188][49217] -> [.216.58.220.174][..443] [TLS.Google][Web][Acceptable]
+          guessed: [....13] [ip4][..tcp] [...10.24.82.188][51021] -> [.103.246.57.251][.8080] [HTTP_Proxy][Web][Acceptable]
+             idle: [....13] [ip4][..tcp] [...10.24.82.188][51021] -> [.103.246.57.251][.8080] 
+              end: [....20] [ip4][..tcp] [...10.24.82.188][37821] -> [.210.103.240.15][..443] 
+             idle: [....28] [ip4][..udp] [...10.24.82.188][14650] -> [.....10.188.1.1][...53] [DNS][Network][Acceptable]
+             idle: [....10] [ip4][..udp] [...10.24.82.188][29029] -> [.....10.188.1.1][...53] [DNS.KakaoTalk][Chat][Acceptable]
+             idle: [.....3] [ip4][..udp] [...10.24.82.188][57816] -> [.....10.188.1.1][...53] [DNS.KakaoTalk][Chat][Acceptable]
+             idle: [....11] [ip4][..udp] [...10.24.82.188][25117] -> [.....10.188.1.1][...53] [DNS.KakaoTalk][Chat][Acceptable]
+              end: [....22] [ip4][..tcp] [....31.13.68.73][..443] -> [...10.24.82.188][47007] [TLS.Facebook][SocialNetwork][Fun]
+             idle: [....36] [ip4][..tcp] [...10.24.82.188][34686] -> [.173.194.72.188][.5228] 
+             idle: [.....5] [ip4][..udp] [...10.24.82.188][12908] -> [.....10.188.1.1][...53] [DNS.KakaoTalk][Chat][Acceptable]
+          guessed: [....31] [ip4][..tcp] [...10.24.82.188][42332] -> [.210.103.240.15][..443] [TLS][Web][Safe]
+              end: [....31] [ip4][..tcp] [...10.24.82.188][42332] -> [.210.103.240.15][..443] 
+             idle: [.....2] [ip4][..udp] [...10.24.82.188][35603] -> [.....10.188.1.1][...53] [DNS.KakaoTalk][Chat][Acceptable]
+             idle: [....24] [ip4][..tcp] [...10.24.82.188][45209] -> [....31.13.68.84][..443] 
+             idle: [....29] [ip4][..tcp] [...10.24.82.188][45211] -> [....31.13.68.84][..443] 
+             idle: [....33] [ip4][..tcp] [...10.24.82.188][45213] -> [....31.13.68.84][..443] 
+          guessed: [....14] [ip4][..tcp] [..216.58.221.10][...80] -> [...10.24.82.188][35922] [HTTP.Google][Web][Acceptable]
+              end: [....14] [ip4][..tcp] [..216.58.221.10][...80] -> [...10.24.82.188][35922] 
+          guessed: [....35] [ip4][..tcp] [..139.150.0.125][..443] -> [...10.24.82.188][46947] [TLS][Web][Safe]
+             idle: [....35] [ip4][..tcp] [..139.150.0.125][..443] -> [...10.24.82.188][46947] 
+             idle: [.....8] [ip4][..udp] [...10.24.82.188][.9094] -> [.....10.188.1.1][...53] [DNS.KakaoTalk][Chat][Acceptable]
+     DAEMON-EVENT: shutdown

test/results/flow-info/KakaoTalk_talk.pcap.out

@@ -0,0 +1,110 @@
+     DAEMON-EVENT: init
+     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....1] [ip4][..tcp] [...10.24.82.188][51021] -> [.103.246.57.251][.8080] [MIDSTREAM] 
+              new: [.....2] [ip4][..tcp] [..120.28.26.242][...80] -> [...10.24.82.188][34533] [MIDSTREAM] 
+              new: [.....3] [ip4][..tcp] [...10.24.82.188][58916] -> [.54.255.185.236][.5222] [MIDSTREAM] 
+              new: [.....4] [ip4][..tcp] [...10.24.82.188][48489] -> [203.205.147.215][...80] 
+              new: [.....5] [ip4][..tcp] [.216.58.220.161][..443] -> [...10.24.82.188][56697] [MIDSTREAM] 
+         detected: [.....4] [ip4][..tcp] [...10.24.82.188][48489] -> [203.205.147.215][...80] [HTTP_Proxy.QQ][Chat][Fun]
+                   RISK: Known Proto on Non Std Port
+ detection-update: [.....4] [ip4][..tcp] [...10.24.82.188][48489] -> [203.205.147.215][...80] [HTTP_Proxy.QQ][Download][Fun]
+                   RISK: Binary App Transfer, Known Proto on Non Std Port
+              new: [.....6] [ip4][..tcp] [...10.24.82.188][32968] -> [..110.76.143.50][.8080] 
+         detected: [.....6] [ip4][..tcp] [...10.24.82.188][32968] -> [..110.76.143.50][.8080] [TLS][Web][Safe]
+                   RISK: Known Proto on Non Std Port, Obsolete TLS (v1.1 or older)
+ detection-update: [.....6] [ip4][..tcp] [...10.24.82.188][32968] -> [..110.76.143.50][.8080] [TLS.KakaoTalk][Chat][Acceptable]
+                   RISK: Known Proto on Non Std Port, Self-signed Cert, Obsolete TLS (v1.1 or older), Weak TLS Cipher
+              new: [.....7] [ip4][..tcp] [..139.150.0.125][..443] -> [...10.24.82.188][46947] [MIDSTREAM] 
+              new: [.....8] [ip4][..tcp] [...10.24.82.188][58857] -> [..110.76.143.50][.9001] 
+         detected: [.....8] [ip4][..tcp] [...10.24.82.188][58857] -> [..110.76.143.50][.9001] [TLS][Web][Safe]
+                   RISK: Known Proto on Non Std Port, Obsolete TLS (v1.1 or older)
+ detection-update: [.....8] [ip4][..tcp] [...10.24.82.188][58857] -> [..110.76.143.50][.9001] [TLS.KakaoTalk][Chat][Acceptable]
+                   RISK: Known Proto on Non Std Port, Self-signed Cert, Obsolete TLS (v1.1 or older), Weak TLS Cipher
+              new: [.....9] [ip4][..tcp] [...10.24.82.188][34686] -> [.173.194.72.188][.5228] [MIDSTREAM] 
+         detected: [.....9] [ip4][..tcp] [...10.24.82.188][34686] -> [.173.194.72.188][.5228] [TLS.Google][Web][Acceptable]
+                   RISK: Known Proto on Non Std Port
+              new: [....10] [ip4][..udp] [...10.24.82.188][11321] -> [....1.201.1.174][23045] 
+         detected: [....10] [ip4][..udp] [...10.24.82.188][11321] -> [....1.201.1.174][23045] [KakaoTalk_Voice][VoIP][Acceptable]
+              new: [....11] [ip4][..udp] [...10.24.82.188][10269] -> [....1.201.1.174][23047] 
+         detected: [....11] [ip4][..udp] [...10.24.82.188][10269] -> [....1.201.1.174][23047] [KakaoTalk_Voice][VoIP][Acceptable]
+              new: [....12] [ip4][..udp] [...10.24.82.188][11320] -> [....1.201.1.174][23044] 
+         detected: [....12] [ip4][..udp] [...10.24.82.188][11320] -> [....1.201.1.174][23044] [RTP][Media][Acceptable]
+              new: [....13] [ip4][..udp] [...10.24.82.188][10268] -> [....1.201.1.174][23046] 
+         detected: [....13] [ip4][..udp] [...10.24.82.188][10268] -> [....1.201.1.174][23046] [RTP][Media][Acceptable]
+          analyse: [....12] [ip4][..udp] [...10.24.82.188][11320] -> [....1.201.1.174][23044] [RTP][Media][Acceptable]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|   0.389|   0.067|   0.073]
+                   [IAT(c->s)...:    0.000|   0.104|   0.052|   0.049][IAT(s->c)...:    0.016|   0.389|   0.090|   0.095]
+                   [PKTLEN(c->s):   99.000| 100.000|  99.100|   0.200][PKTLEN(s->c):   99.000| 192.000| 110.100|  25.800]
+                   [BINS(c->s)..: 0,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 0,9,2,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+          analyse: [....13] [ip4][..udp] [...10.24.82.188][10268] -> [....1.201.1.174][23046] [RTP][Media][Acceptable]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.004|   0.144|   0.063|   0.038]
+                   [IAT(c->s)...:    0.032|   0.102|   0.057|   0.022][IAT(s->c)...:    0.004|   0.144|   0.071|   0.050]
+                   [PKTLEN(c->s):   99.000| 192.000| 112.400|  26.300][PKTLEN(s->c):   99.000|  99.000|  99.000|   0.000]
+                   [BINS(c->s)..: 0,13,2,2,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+              new: [....14] [ip4][..tcp] [...10.24.82.188][49217] -> [.216.58.220.174][..443] [MIDSTREAM] 
+         detected: [....14] [ip4][..tcp] [...10.24.82.188][49217] -> [.216.58.220.174][..443] [TLS.Google][Web][Acceptable]
+              new: [....15] [ip4][..tcp] [..173.252.122.1][..443] -> [...10.24.82.188][52123] [MIDSTREAM] 
+              new: [....16] [ip4][..tcp] [...10.24.82.188][53974] -> [203.205.151.233][.8080] [MIDSTREAM] 
+          analyse: [.....6] [ip4][..tcp] [...10.24.82.188][32968] -> [..110.76.143.50][.8080] [TLS.KakaoTalk][Chat][Acceptable]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.002|  20.337|   1.801|   4.155]
+                   [IAT(c->s)...:    0.002|  20.337|   2.259|   5.063][IAT(s->c)...:    0.005|   8.676|   1.245|   2.556]
+                   [PKTLEN(c->s):   68.000| 814.000| 204.700| 177.400][PKTLEN(s->c):   68.000| 920.000| 288.900| 276.500]
+                   [BINS(c->s)..: 8,0,0,0,1,7,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 7,0,0,0,0,1,0,1,0,2,0,0,0,0,0,1,0,0,0,0,0,0,1,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+          analyse: [.....8] [ip4][..tcp] [...10.24.82.188][58857] -> [..110.76.143.50][.9001] [TLS.KakaoTalk][Chat][Acceptable]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|  21.237|   2.444|   5.342]
+                   [IAT(c->s)...:    0.000|  20.472|   2.198|   5.070][IAT(s->c)...:    0.000|  21.237|   2.744|   5.641]
+                   [PKTLEN(c->s):   68.000| 862.000| 226.300| 229.600][PKTLEN(s->c):   68.000| 920.000| 319.400| 299.200]
+                   [BINS(c->s)..: 9,0,0,0,1,5,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,1,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 7,0,0,0,0,0,0,1,0,2,0,1,0,0,0,0,0,0,0,0,1,0,0,0,1,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+              new: [....17] [ip4][..tcp] [173.194.117.229][..443] -> [...10.24.82.188][38380] [MIDSTREAM] 
+              new: [....18] [ip4][..tcp] [.173.252.88.128][..443] -> [...10.24.82.188][59912] [MIDSTREAM] 
+              new: [....19] [ip4][..tcp] [...10.24.82.188][59954] -> [.173.252.88.128][..443] 
+              new: [....20] [ip4][..udp] [...10.24.82.188][25223] -> [.....10.188.1.1][...53] 
+         detected: [....20] [ip4][..udp] [...10.24.82.188][25223] -> [.....10.188.1.1][...53] [DNS.Facebook][SocialNetwork][Fun]
+         detected: [....19] [ip4][..tcp] [...10.24.82.188][59954] -> [.173.252.88.128][..443] [TLS.Facebook][SocialNetwork][Fun]
+                   RISK: Obsolete TLS (v1.1 or older)
+ detection-update: [....20] [ip4][..udp] [...10.24.82.188][25223] -> [.....10.188.1.1][...53] [DNS.Facebook][SocialNetwork][Fun]
+ detection-update: [....19] [ip4][..tcp] [...10.24.82.188][59954] -> [.173.252.88.128][..443] [TLS.Facebook][SocialNetwork][Fun]
+                   RISK: Obsolete TLS (v1.1 or older)
+          guessed: [....16] [ip4][..tcp] [...10.24.82.188][53974] -> [203.205.151.233][.8080] [HTTP_Proxy][Web][Acceptable]
+             idle: [....16] [ip4][..tcp] [...10.24.82.188][53974] -> [203.205.151.233][.8080] 
+          guessed: [....18] [ip4][..tcp] [.173.252.88.128][..443] -> [...10.24.82.188][59912] [TLS.Facebook][SocialNetwork][Fun]
+              end: [....18] [ip4][..tcp] [.173.252.88.128][..443] -> [...10.24.82.188][59912] 
+             idle: [....19] [ip4][..tcp] [...10.24.82.188][59954] -> [.173.252.88.128][..443] [TLS.Facebook][SocialNetwork][Fun]
+                   RISK: Obsolete TLS (v1.1 or older)
+          guessed: [.....3] [ip4][..tcp] [...10.24.82.188][58916] -> [.54.255.185.236][.5222] [AmazonAWS][Cloud][Acceptable]
+             idle: [.....3] [ip4][..tcp] [...10.24.82.188][58916] -> [.54.255.185.236][.5222] 
+          guessed: [....15] [ip4][..tcp] [..173.252.122.1][..443] -> [...10.24.82.188][52123] [TLS.Facebook][SocialNetwork][Fun]
+              end: [....15] [ip4][..tcp] [..173.252.122.1][..443] -> [...10.24.82.188][52123] 
+          guessed: [.....5] [ip4][..tcp] [.216.58.220.161][..443] -> [...10.24.82.188][56697] [TLS.Google][Web][Acceptable]
+              end: [.....5] [ip4][..tcp] [.216.58.220.161][..443] -> [...10.24.82.188][56697] 
+          guessed: [....17] [ip4][..tcp] [173.194.117.229][..443] -> [...10.24.82.188][38380] [TLS.Google][Web][Acceptable]
+              end: [....17] [ip4][..tcp] [173.194.117.229][..443] -> [...10.24.82.188][38380] 
+             idle: [....13] [ip4][..udp] [...10.24.82.188][10268] -> [....1.201.1.174][23046] [RTP][Media][Acceptable]
+             idle: [....11] [ip4][..udp] [...10.24.82.188][10269] -> [....1.201.1.174][23047] [KakaoTalk_Voice][VoIP][Acceptable]
+              end: [.....4] [ip4][..tcp] [...10.24.82.188][48489] -> [203.205.147.215][...80] [HTTP_Proxy.QQ][Download][Fun]
+                   RISK: Binary App Transfer, Known Proto on Non Std Port
+          guessed: [.....2] [ip4][..tcp] [..120.28.26.242][...80] -> [...10.24.82.188][34533] [HTTP][Web][Acceptable]
+              end: [.....2] [ip4][..tcp] [..120.28.26.242][...80] -> [...10.24.82.188][34533] 
+             idle: [.....6] [ip4][..tcp] [...10.24.82.188][32968] -> [..110.76.143.50][.8080] [TLS.KakaoTalk][Chat][Acceptable]
+                   RISK: Known Proto on Non Std Port, Self-signed Cert, Obsolete TLS (v1.1 or older), Weak TLS Cipher
+             idle: [....14] [ip4][..tcp] [...10.24.82.188][49217] -> [.216.58.220.174][..443] [TLS.Google][Web][Acceptable]
+          guessed: [.....1] [ip4][..tcp] [...10.24.82.188][51021] -> [.103.246.57.251][.8080] [HTTP_Proxy][Web][Acceptable]
+             idle: [.....1] [ip4][..tcp] [...10.24.82.188][51021] -> [.103.246.57.251][.8080] 
+             idle: [.....8] [ip4][..tcp] [...10.24.82.188][58857] -> [..110.76.143.50][.9001] [TLS.KakaoTalk][Chat][Acceptable]
+                   RISK: Known Proto on Non Std Port, Self-signed Cert, Obsolete TLS (v1.1 or older), Weak TLS Cipher
+             idle: [.....9] [ip4][..tcp] [...10.24.82.188][34686] -> [.173.194.72.188][.5228] 
+             idle: [....20] [ip4][..udp] [...10.24.82.188][25223] -> [.....10.188.1.1][...53] [DNS.Facebook][SocialNetwork][Fun]
+             idle: [....12] [ip4][..udp] [...10.24.82.188][11320] -> [....1.201.1.174][23044] [RTP][Media][Acceptable]
+             idle: [....10] [ip4][..udp] [...10.24.82.188][11321] -> [....1.201.1.174][23045] [KakaoTalk_Voice][VoIP][Acceptable]
+          guessed: [.....7] [ip4][..tcp] [..139.150.0.125][..443] -> [...10.24.82.188][46947] [TLS][Web][Safe]
+             idle: [.....7] [ip4][..tcp] [..139.150.0.125][..443] -> [...10.24.82.188][46947] 
+     DAEMON-EVENT: shutdown

test/results/flow-info/NTPv2.pcap.out

@@ -0,0 +1,7 @@
+     DAEMON-EVENT: init
+     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....1] [ip4][..udp] [..208.104.95.10][..123] -> [.....78.46.76.2][...80] 
+         detected: [.....1] [ip4][..udp] [..208.104.95.10][..123] -> [.....78.46.76.2][...80] [NTP][System][Acceptable]
+             idle: [.....1] [ip4][..udp] [..208.104.95.10][..123] -> [.....78.46.76.2][...80] [NTP][System][Acceptable]
+     DAEMON-EVENT: shutdown

test/results/flow-info/NTPv3.pcap.out

@@ -0,0 +1,7 @@
+     DAEMON-EVENT: init
+     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....1] [ip4][..udp] [.175.144.140.29][..123] -> [.....78.46.76.2][...80] 
+         detected: [.....1] [ip4][..udp] [.175.144.140.29][..123] -> [.....78.46.76.2][...80] [NTP][System][Acceptable]
+             idle: [.....1] [ip4][..udp] [.175.144.140.29][..123] -> [.....78.46.76.2][...80] [NTP][System][Acceptable]
+     DAEMON-EVENT: shutdown

test/results/flow-info/NTPv4.pcap.out

@@ -0,0 +1,7 @@
+     DAEMON-EVENT: init
+     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....1] [ip4][..udp] [...85.22.62.120][..123] -> [....78.46.76.11][..123] 
+         detected: [.....1] [ip4][..udp] [...85.22.62.120][..123] -> [....78.46.76.11][..123] [NTP][System][Acceptable]
+             idle: [.....1] [ip4][..udp] [...85.22.62.120][..123] -> [....78.46.76.11][..123] [NTP][System][Acceptable]
+     DAEMON-EVENT: shutdown

test/results/flow-info/Oscar.pcap.out

@@ -0,0 +1,15 @@
+     DAEMON-EVENT: init
+     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....1] [ip4][..tcp] [.....10.30.29.3][63357] -> [.178.237.24.249][..443] 
+          analyse: [.....1] [ip4][..tcp] [.....10.30.29.3][63357] -> [.178.237.24.249][..443] 
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|  58.215|   3.883|  14.268]
+                   [IAT(c->s)...:    0.000|  58.176|   3.357|  13.300][IAT(s->c)...:    0.000|  58.215|   4.612|  15.479]
+                   [PKTLEN(c->s):   54.000| 369.000| 115.200|  97.600][PKTLEN(s->c):   60.000|1414.000| 290.700| 372.100]
+                   [BINS(c->s)..: 11,4,0,1,0,0,1,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 6,1,1,0,0,0,0,1,0,1,0,0,0,0,1,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0]
+          guessed: [.....1] [ip4][..tcp] [.....10.30.29.3][63357] -> [.178.237.24.249][..443] [TLS][Web][Safe]
+         detected: [.....1] [ip4][..tcp] [.....10.30.29.3][63357] -> [.178.237.24.249][..443] [TLS][Web][Safe]
+             idle: [.....1] [ip4][..tcp] [.....10.30.29.3][63357] -> [.178.237.24.249][..443] [TLS][Web][Safe]
+     DAEMON-EVENT: shutdown

test/results/flow-info/TivoDVR.pcap.out

@@ -0,0 +1,7 @@
+     DAEMON-EVENT: init
+     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....1] [ip4][..udp] [..98.245.242.69][.2190] -> [255.255.255.255][.2190] 
+         detected: [.....1] [ip4][..udp] [..98.245.242.69][.2190] -> [255.255.255.255][.2190] [TiVoConnect][Network][Safe]
+             idle: [.....1] [ip4][..udp] [..98.245.242.69][.2190] -> [255.255.255.255][.2190] [TiVoConnect][Network][Safe]
+     DAEMON-EVENT: shutdown

test/results/flow-info/WebattackSQLinj.pcap.out

@@ -0,0 +1,49 @@
+     DAEMON-EVENT: init
+     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....1] [ip4][..tcp] [.....172.16.0.1][36196] -> [..192.168.10.50][...80] 
+         detected: [.....1] [ip4][..tcp] [.....172.16.0.1][36196] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable]
+                   RISK: HTTP Numeric IP Address
+              new: [.....2] [ip4][..tcp] [.....172.16.0.1][36198] -> [..192.168.10.50][...80] 
+         detected: [.....2] [ip4][..tcp] [.....172.16.0.1][36198] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable]
+                   RISK: HTTP Numeric IP Address
+              new: [.....3] [ip4][..tcp] [.....172.16.0.1][36200] -> [..192.168.10.50][...80] 
+         detected: [.....3] [ip4][..tcp] [.....172.16.0.1][36200] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable]
+                   RISK: HTTP Numeric IP Address
+              new: [.....4] [ip4][..tcp] [.....172.16.0.1][36202] -> [..192.168.10.50][...80] 
+         detected: [.....4] [ip4][..tcp] [.....172.16.0.1][36202] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable]
+                   RISK: HTTP Numeric IP Address
+              new: [.....5] [ip4][..tcp] [.....172.16.0.1][36204] -> [..192.168.10.50][...80] 
+         detected: [.....5] [ip4][..tcp] [.....172.16.0.1][36204] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable]
+                   RISK: HTTP Numeric IP Address
+              new: [.....6] [ip4][..tcp] [.....172.16.0.1][36206] -> [..192.168.10.50][...80] 
+         detected: [.....6] [ip4][..tcp] [.....172.16.0.1][36206] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable]
+                   RISK: HTTP Numeric IP Address
+              new: [.....7] [ip4][..tcp] [.....172.16.0.1][36208] -> [..192.168.10.50][...80] 
+         detected: [.....7] [ip4][..tcp] [.....172.16.0.1][36208] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable]
+                   RISK: HTTP Numeric IP Address
+              new: [.....8] [ip4][..tcp] [.....172.16.0.1][36210] -> [..192.168.10.50][...80] 
+         detected: [.....8] [ip4][..tcp] [.....172.16.0.1][36210] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable]
+                   RISK: HTTP Numeric IP Address
+              new: [.....9] [ip4][..tcp] [.....172.16.0.1][36212] -> [..192.168.10.50][...80] 
+         detected: [.....9] [ip4][..tcp] [.....172.16.0.1][36212] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable]
+                   RISK: HTTP Numeric IP Address
+              end: [.....1] [ip4][..tcp] [.....172.16.0.1][36196] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable]
+                   RISK: HTTP Numeric IP Address
+              end: [.....2] [ip4][..tcp] [.....172.16.0.1][36198] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable]
+                   RISK: SQL Injection, HTTP Numeric IP Address
+              end: [.....3] [ip4][..tcp] [.....172.16.0.1][36200] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable]
+                   RISK: SQL Injection, HTTP Numeric IP Address
+              end: [.....4] [ip4][..tcp] [.....172.16.0.1][36202] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable]
+                   RISK: SQL Injection, HTTP Numeric IP Address
+              end: [.....5] [ip4][..tcp] [.....172.16.0.1][36204] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable]
+                   RISK: SQL Injection, HTTP Numeric IP Address
+              end: [.....6] [ip4][..tcp] [.....172.16.0.1][36206] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable]
+                   RISK: HTTP Numeric IP Address
+              end: [.....7] [ip4][..tcp] [.....172.16.0.1][36208] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable]
+                   RISK: SQL Injection, HTTP Numeric IP Address
+              end: [.....8] [ip4][..tcp] [.....172.16.0.1][36210] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable]
+                   RISK: SQL Injection, HTTP Numeric IP Address
+              end: [.....9] [ip4][..tcp] [.....172.16.0.1][36212] -> [..192.168.10.50][...80] [HTTP][Web][Acceptable]
+                   RISK: SQL Injection, HTTP Numeric IP Address
+     DAEMON-EVENT: shutdown

test/results/flow-info/activision.pcap.out

@@ -0,0 +1,21 @@
+     DAEMON-EVENT: init
+     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....1] [ip4][..udp] [..192.168.2.100][.3074] -> [..108.61.235.31][33441] 
+         detected: [.....1] [ip4][..udp] [..192.168.2.100][.3074] -> [..108.61.235.31][33441] [Activision][Game][Fun]
+              new: [.....2] [ip4][..udp] [..192.168.2.100][.3074] -> [...45.63.112.54][34741] 
+         detected: [.....2] [ip4][..udp] [..192.168.2.100][.3074] -> [...45.63.112.54][34741] [Activision][Game][Fun]
+           update: [.....1] [ip4][..udp] [..192.168.2.100][.3074] -> [..108.61.235.31][33441] [Activision][Game][Fun]
+     DAEMON-EVENT: [Processed: 30 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 2 / 2|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 1]
+              new: [.....3] [ip4][..udp] [..192.168.2.100][.3074] -> [.148.72.173.162][34311] 
+         detected: [.....3] [ip4][..udp] [..192.168.2.100][.3074] -> [.148.72.173.162][34311] [Activision][Game][Fun]
+             idle: [.....2] [ip4][..udp] [..192.168.2.100][.3074] -> [...45.63.112.54][34741] [Activision][Game][Fun]
+             idle: [.....1] [ip4][..udp] [..192.168.2.100][.3074] -> [..108.61.235.31][33441] [Activision][Game][Fun]
+     DAEMON-EVENT: [Processed: 45 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 1 / 3|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 1]
+              new: [.....4] [ip4][..udp] [..192.168.2.100][.3074] -> [...173.199.67.5][37081] 
+         detected: [.....4] [ip4][..udp] [..192.168.2.100][.3074] -> [...173.199.67.5][37081] [Activision][Game][Fun]
+             idle: [.....3] [ip4][..udp] [..192.168.2.100][.3074] -> [.148.72.173.162][34311] [Activision][Game][Fun]
+             idle: [.....4] [ip4][..udp] [..192.168.2.100][.3074] -> [...173.199.67.5][37081] [Activision][Game][Fun]
+     DAEMON-EVENT: shutdown

test/results/flow-info/afp.pcap.out

@@ -0,0 +1,7 @@
+     DAEMON-EVENT: init
+     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....1] [ip4][..tcp] [..192.168.27.57][64987] -> [.192.168.27.139][..548] [MIDSTREAM] 
+         detected: [.....1] [ip4][..tcp] [..192.168.27.57][64987] -> [.192.168.27.139][..548] [AFP][DataTransfer][Acceptable]
+             idle: [.....1] [ip4][..tcp] [..192.168.27.57][64987] -> [.192.168.27.139][..548] [AFP][DataTransfer][Acceptable]
+     DAEMON-EVENT: shutdown

test/results/flow-info/agora-sd-rtn.pcap.out

@@ -0,0 +1,113 @@
+     DAEMON-EVENT: init
+     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....1] [ip4][..udp] [..192.168.2.100][35778] -> [.23.248.186.179][.8130] 
+         detected: [.....1] [ip4][..udp] [..192.168.2.100][35778] -> [.23.248.186.179][.8130] [SD-RTN][Media][Acceptable]
+              new: [.....2] [ip4][..udp] [..192.168.2.100][35778] -> [.104.166.161.75][.8130] 
+         detected: [.....2] [ip4][..udp] [..192.168.2.100][35778] -> [.104.166.161.75][.8130] [SD-RTN][Media][Acceptable]
+              new: [.....3] [ip4][..udp] [..192.168.2.100][44131] -> [.104.166.161.75][.8130] 
+         detected: [.....3] [ip4][..udp] [..192.168.2.100][44131] -> [.104.166.161.75][.8130] [SD-RTN][Media][Acceptable]
+              new: [.....4] [ip4][..udp] [..192.168.2.100][44131] -> [.104.166.161.19][.8130] 
+         detected: [.....4] [ip4][..udp] [..192.168.2.100][44131] -> [.104.166.161.19][.8130] [SD-RTN][Media][Acceptable]
+           update: [.....2] [ip4][..udp] [..192.168.2.100][35778] -> [.104.166.161.75][.8130] [SD-RTN][Media][Acceptable]
+           update: [.....1] [ip4][..udp] [..192.168.2.100][35778] -> [.23.248.186.179][.8130] [SD-RTN][Media][Acceptable]
+              new: [.....5] [ip4][..udp] [..192.168.2.100][44131] -> [....128.1.77.66][.8130] 
+         detected: [.....5] [ip4][..udp] [..192.168.2.100][44131] -> [....128.1.77.66][.8130] [SD-RTN][Media][Acceptable]
+              new: [.....6] [ip4][..udp] [..192.168.2.100][44131] -> [.23.248.186.179][.8130] 
+         detected: [.....6] [ip4][..udp] [..192.168.2.100][44131] -> [.23.248.186.179][.8130] [SD-RTN][Media][Acceptable]
+              new: [.....7] [ip4][..udp] [..192.168.2.100][46798] -> [.23.248.186.179][.8130] 
+         detected: [.....7] [ip4][..udp] [..192.168.2.100][46798] -> [.23.248.186.179][.8130] [SD-RTN][Media][Acceptable]
+           update: [.....2] [ip4][..udp] [..192.168.2.100][35778] -> [.104.166.161.75][.8130] [SD-RTN][Media][Acceptable]
+           update: [.....3] [ip4][..udp] [..192.168.2.100][44131] -> [.104.166.161.75][.8130] [SD-RTN][Media][Acceptable]
+           update: [.....4] [ip4][..udp] [..192.168.2.100][44131] -> [.104.166.161.19][.8130] [SD-RTN][Media][Acceptable]
+           update: [.....1] [ip4][..udp] [..192.168.2.100][35778] -> [.23.248.186.179][.8130] [SD-RTN][Media][Acceptable]
+           update: [.....5] [ip4][..udp] [..192.168.2.100][44131] -> [....128.1.77.66][.8130] [SD-RTN][Media][Acceptable]
+              new: [.....8] [ip4][..udp] [..192.168.2.100][44131] -> [.23.248.186.180][.8130] 
+         detected: [.....8] [ip4][..udp] [..192.168.2.100][44131] -> [.23.248.186.180][.8130] [SD-RTN][Media][Acceptable]
+             idle: [.....2] [ip4][..udp] [..192.168.2.100][35778] -> [.104.166.161.75][.8130] [SD-RTN][Media][Acceptable]
+             idle: [.....1] [ip4][..udp] [..192.168.2.100][35778] -> [.23.248.186.179][.8130] [SD-RTN][Media][Acceptable]
+           update: [.....3] [ip4][..udp] [..192.168.2.100][44131] -> [.104.166.161.75][.8130] [SD-RTN][Media][Acceptable]
+           update: [.....4] [ip4][..udp] [..192.168.2.100][44131] -> [.104.166.161.19][.8130] [SD-RTN][Media][Acceptable]
+           update: [.....6] [ip4][..udp] [..192.168.2.100][44131] -> [.23.248.186.179][.8130] [SD-RTN][Media][Acceptable]
+           update: [.....5] [ip4][..udp] [..192.168.2.100][44131] -> [....128.1.77.66][.8130] [SD-RTN][Media][Acceptable]
+           update: [.....7] [ip4][..udp] [..192.168.2.100][46798] -> [.23.248.186.179][.8130] [SD-RTN][Media][Acceptable]
+     DAEMON-EVENT: [Processed: 120 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 6 / 8|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 12]
+              new: [.....9] [ip4][..udp] [..192.168.2.100][40393] -> [.23.248.186.179][.8130] 
+         detected: [.....9] [ip4][..udp] [..192.168.2.100][40393] -> [.23.248.186.179][.8130] [SD-RTN][Media][Acceptable]
+              new: [....10] [ip4][..udp] [..192.168.2.100][47453] -> [.23.248.186.179][.8130] 
+         detected: [....10] [ip4][..udp] [..192.168.2.100][47453] -> [.23.248.186.179][.8130] [SD-RTN][Media][Acceptable]
+              new: [....11] [ip4][..udp] [..192.168.2.100][40393] -> [.104.166.161.75][.8130] 
+         detected: [....11] [ip4][..udp] [..192.168.2.100][40393] -> [.104.166.161.75][.8130] [SD-RTN][Media][Acceptable]
+             idle: [.....4] [ip4][..udp] [..192.168.2.100][44131] -> [.104.166.161.19][.8130] [SD-RTN][Media][Acceptable]
+             idle: [.....3] [ip4][..udp] [..192.168.2.100][44131] -> [.104.166.161.75][.8130] [SD-RTN][Media][Acceptable]
+             idle: [.....8] [ip4][..udp] [..192.168.2.100][44131] -> [.23.248.186.180][.8130] [SD-RTN][Media][Acceptable]
+             idle: [.....6] [ip4][..udp] [..192.168.2.100][44131] -> [.23.248.186.179][.8130] [SD-RTN][Media][Acceptable]
+             idle: [.....5] [ip4][..udp] [..192.168.2.100][44131] -> [....128.1.77.66][.8130] [SD-RTN][Media][Acceptable]
+             idle: [.....7] [ip4][..udp] [..192.168.2.100][46798] -> [.23.248.186.179][.8130] [SD-RTN][Media][Acceptable]
+              new: [....12] [ip4][..udp] [..192.168.2.100][55322] -> [.104.166.161.75][.8130] 
+         detected: [....12] [ip4][..udp] [..192.168.2.100][55322] -> [.104.166.161.75][.8130] [SD-RTN][Media][Acceptable]
+              new: [....13] [ip4][..udp] [..192.168.2.100][55322] -> [..128.1.233.218][.8130] 
+         detected: [....13] [ip4][..udp] [..192.168.2.100][55322] -> [..128.1.233.218][.8130] [SD-RTN][Media][Acceptable]
+              new: [....14] [ip4][..udp] [..192.168.2.100][55322] -> [.193.118.52.182][.8130] 
+         detected: [....14] [ip4][..udp] [..192.168.2.100][55322] -> [.193.118.52.182][.8130] [SD-RTN][Media][Acceptable]
+           update: [....10] [ip4][..udp] [..192.168.2.100][47453] -> [.23.248.186.179][.8130] [SD-RTN][Media][Acceptable]
+           update: [....11] [ip4][..udp] [..192.168.2.100][40393] -> [.104.166.161.75][.8130] [SD-RTN][Media][Acceptable]
+           update: [.....9] [ip4][..udp] [..192.168.2.100][40393] -> [.23.248.186.179][.8130] [SD-RTN][Media][Acceptable]
+     DAEMON-EVENT: [Processed: 210 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 6 / 14|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 15]
+             idle: [....10] [ip4][..udp] [..192.168.2.100][47453] -> [.23.248.186.179][.8130] [SD-RTN][Media][Acceptable]
+             idle: [....13] [ip4][..udp] [..192.168.2.100][55322] -> [..128.1.233.218][.8130] [SD-RTN][Media][Acceptable]
+             idle: [....11] [ip4][..udp] [..192.168.2.100][40393] -> [.104.166.161.75][.8130] [SD-RTN][Media][Acceptable]
+             idle: [.....9] [ip4][..udp] [..192.168.2.100][40393] -> [.23.248.186.179][.8130] [SD-RTN][Media][Acceptable]
+             idle: [....14] [ip4][..udp] [..192.168.2.100][55322] -> [.193.118.52.182][.8130] [SD-RTN][Media][Acceptable]
+           update: [....12] [ip4][..udp] [..192.168.2.100][55322] -> [.104.166.161.75][.8130] [SD-RTN][Media][Acceptable]
+              new: [....15] [ip4][..udp] [..192.168.2.100][55322] -> [..128.1.193.223][.8130] 
+         detected: [....15] [ip4][..udp] [..192.168.2.100][55322] -> [..128.1.193.223][.8130] [SD-RTN][Media][Acceptable]
+              new: [....16] [ip4][..udp] [..192.168.2.100][55322] -> [.23.248.186.180][.8130] 
+         detected: [....16] [ip4][..udp] [..192.168.2.100][55322] -> [.23.248.186.180][.8130] [SD-RTN][Media][Acceptable]
+           update: [....12] [ip4][..udp] [..192.168.2.100][55322] -> [.104.166.161.75][.8130] [SD-RTN][Media][Acceptable]
+              new: [....17] [ip4][..udp] [..192.168.2.100][55322] -> [..128.1.193.224][.8130] 
+         detected: [....17] [ip4][..udp] [..192.168.2.100][55322] -> [..128.1.193.224][.8130] [SD-RTN][Media][Acceptable]
+           update: [....15] [ip4][..udp] [..192.168.2.100][55322] -> [..128.1.193.223][.8130] [SD-RTN][Media][Acceptable]
+              new: [....18] [ip4][..udp] [..192.168.2.100][55322] -> [.23.248.186.179][.8130] 
+         detected: [....18] [ip4][..udp] [..192.168.2.100][55322] -> [.23.248.186.179][.8130] [SD-RTN][Media][Acceptable]
+             idle: [....16] [ip4][..udp] [..192.168.2.100][55322] -> [.23.248.186.180][.8130] [SD-RTN][Media][Acceptable]
+             idle: [....15] [ip4][..udp] [..192.168.2.100][55322] -> [..128.1.193.223][.8130] [SD-RTN][Media][Acceptable]
+             idle: [....12] [ip4][..udp] [..192.168.2.100][55322] -> [.104.166.161.75][.8130] [SD-RTN][Media][Acceptable]
+           update: [....17] [ip4][..udp] [..192.168.2.100][55322] -> [..128.1.193.224][.8130] [SD-RTN][Media][Acceptable]
+     DAEMON-EVENT: [Processed: 285 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 2 / 18|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 19]
+              new: [....19] [ip4][..udp] [..192.168.2.100][47805] -> [..128.1.193.223][.8130] 
+         detected: [....19] [ip4][..udp] [..192.168.2.100][47805] -> [..128.1.193.223][.8130] [SD-RTN][Media][Acceptable]
+              new: [....20] [ip4][..udp] [..192.168.2.100][47805] -> [.202.226.25.166][.8130] 
+         detected: [....20] [ip4][..udp] [..192.168.2.100][47805] -> [.202.226.25.166][.8130] [SD-RTN][Media][Acceptable]
+             idle: [....18] [ip4][..udp] [..192.168.2.100][55322] -> [.23.248.186.179][.8130] [SD-RTN][Media][Acceptable]
+             idle: [....17] [ip4][..udp] [..192.168.2.100][55322] -> [..128.1.193.224][.8130] [SD-RTN][Media][Acceptable]
+              new: [....21] [ip4][..udp] [..192.168.2.100][47805] -> [103.104.168.244][.8130] 
+         detected: [....21] [ip4][..udp] [..192.168.2.100][47805] -> [103.104.168.244][.8130] [SD-RTN][Media][Acceptable]
+              new: [....22] [ip4][..udp] [..192.168.2.100][47805] -> [.199.190.44.135][.8130] 
+         detected: [....22] [ip4][..udp] [..192.168.2.100][47805] -> [.199.190.44.135][.8130] [SD-RTN][Media][Acceptable]
+              new: [....23] [ip4][..udp] [..192.168.2.100][47805] -> [..128.1.193.224][.8130] 
+         detected: [....23] [ip4][..udp] [..192.168.2.100][47805] -> [..128.1.193.224][.8130] [SD-RTN][Media][Acceptable]
+              new: [....24] [ip4][..udp] [..192.168.2.100][47805] -> [.23.248.186.179][.8130] 
+         detected: [....24] [ip4][..udp] [..192.168.2.100][47805] -> [.23.248.186.179][.8130] [SD-RTN][Media][Acceptable]
+              new: [....25] [ip4][..udp] [..192.168.2.100][55094] -> [..128.1.193.223][.8130] 
+         detected: [....25] [ip4][..udp] [..192.168.2.100][55094] -> [..128.1.193.223][.8130] [SD-RTN][Media][Acceptable]
+           update: [....22] [ip4][..udp] [..192.168.2.100][47805] -> [.199.190.44.135][.8130] [SD-RTN][Media][Acceptable]
+           update: [....21] [ip4][..udp] [..192.168.2.100][47805] -> [103.104.168.244][.8130] [SD-RTN][Media][Acceptable]
+           update: [....19] [ip4][..udp] [..192.168.2.100][47805] -> [..128.1.193.223][.8130] [SD-RTN][Media][Acceptable]
+           update: [....20] [ip4][..udp] [..192.168.2.100][47805] -> [.202.226.25.166][.8130] [SD-RTN][Media][Acceptable]
+              new: [....26] [ip4][..udp] [..192.168.2.100][47805] -> [.23.248.186.180][.8130] 
+         detected: [....26] [ip4][..udp] [..192.168.2.100][47805] -> [.23.248.186.180][.8130] [SD-RTN][Media][Acceptable]
+     DAEMON-EVENT: [Processed: 400 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 8 / 26|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 23]
+             idle: [....25] [ip4][..udp] [..192.168.2.100][55094] -> [..128.1.193.223][.8130] [SD-RTN][Media][Acceptable]
+             idle: [....22] [ip4][..udp] [..192.168.2.100][47805] -> [.199.190.44.135][.8130] [SD-RTN][Media][Acceptable]
+             idle: [....26] [ip4][..udp] [..192.168.2.100][47805] -> [.23.248.186.180][.8130] [SD-RTN][Media][Acceptable]
+             idle: [....24] [ip4][..udp] [..192.168.2.100][47805] -> [.23.248.186.179][.8130] [SD-RTN][Media][Acceptable]
+             idle: [....21] [ip4][..udp] [..192.168.2.100][47805] -> [103.104.168.244][.8130] [SD-RTN][Media][Acceptable]
+             idle: [....23] [ip4][..udp] [..192.168.2.100][47805] -> [..128.1.193.224][.8130] [SD-RTN][Media][Acceptable]
+             idle: [....19] [ip4][..udp] [..192.168.2.100][47805] -> [..128.1.193.223][.8130] [SD-RTN][Media][Acceptable]
+             idle: [....20] [ip4][..udp] [..192.168.2.100][47805] -> [.202.226.25.166][.8130] [SD-RTN][Media][Acceptable]
+     DAEMON-EVENT: shutdown

test/results/flow-info/ah.pcapng.out

@@ -0,0 +1,10 @@
+     DAEMON-EVENT: init
+     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....1] [ip4][..udp] [.......10.2.3.2][..500] -> [.......10.3.4.4][..500] 
+         detected: [.....1] [ip4][..udp] [.......10.2.3.2][..500] -> [.......10.3.4.4][..500] [IPSec][VPN][Safe]
+              new: [.....2] [ip4][...51] [.......10.2.3.2] -> [.......10.3.4.4] 
+         detected: [.....2] [ip4][...51] [.......10.2.3.2] -> [.......10.3.4.4] [IPSec][VPN][Safe]
+             idle: [.....1] [ip4][..udp] [.......10.2.3.2][..500] -> [.......10.3.4.4][..500] [IPSec][VPN][Safe]
+             idle: [.....2] [ip4][...51] [.......10.2.3.2] -> [.......10.3.4.4] [IPSec][VPN][Safe]
+     DAEMON-EVENT: shutdown

test/results/flow-info/aimini-http.pcap.out

@@ -0,0 +1,23 @@
+     DAEMON-EVENT: init
+     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....1] [ip4][..tcp] [.....10.101.0.2][28501] -> [.....10.102.0.2][...80] 
+         detected: [.....1] [ip4][..tcp] [.....10.101.0.2][28501] -> [.....10.102.0.2][...80] [HTTP.Aimini][Download][Fun]
+              new: [.....2] [ip4][..tcp] [.....10.101.0.2][28502] -> [.....10.102.0.2][...80] 
+         detected: [.....2] [ip4][..tcp] [.....10.101.0.2][28502] -> [.....10.102.0.2][...80] [HTTP.Aimini][Download][Fun]
+          analyse: [.....1] [ip4][..tcp] [.....10.101.0.2][28501] -> [.....10.102.0.2][...80] [HTTP.Aimini][Download][Fun]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|   0.001|   0.000|   0.000]
+                   [IAT(c->s)...:    0.000|   0.001|   0.000|   0.000][IAT(s->c)...:    0.000|   0.001|   0.000|   0.000]
+                   [PKTLEN(c->s):   60.000|1514.000| 352.100| 516.000][PKTLEN(s->c):   62.000|1514.000|1216.700| 558.800]
+                   [BINS(c->s)..: 10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0]
+                   [BINS(s->c)..: 2,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,14,0,0]
+              new: [.....3] [ip4][..tcp] [.....10.101.0.2][28503] -> [.....10.102.0.2][...80] 
+         detected: [.....3] [ip4][..tcp] [.....10.101.0.2][28503] -> [.....10.102.0.2][...80] [HTTP.Aimini][Download][Fun]
+              new: [.....4] [ip4][..tcp] [.....10.101.0.2][28504] -> [.....10.102.0.2][...80] 
+         detected: [.....4] [ip4][..tcp] [.....10.101.0.2][28504] -> [.....10.102.0.2][...80] [HTTP.Aimini][Download][Fun]
+              end: [.....1] [ip4][..tcp] [.....10.101.0.2][28501] -> [.....10.102.0.2][...80] [HTTP.Aimini][Download][Fun]
+              end: [.....2] [ip4][..tcp] [.....10.101.0.2][28502] -> [.....10.102.0.2][...80] [HTTP.Aimini][Download][Fun]
+              end: [.....3] [ip4][..tcp] [.....10.101.0.2][28503] -> [.....10.102.0.2][...80] [HTTP.Aimini][Download][Fun]
+              end: [.....4] [ip4][..tcp] [.....10.101.0.2][28504] -> [.....10.102.0.2][...80] [HTTP.Aimini][Download][Fun]
+     DAEMON-EVENT: shutdown

test/results/flow-info/ajp.pcap.out

@@ -0,0 +1,22 @@
+     DAEMON-EVENT: init
+     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....1] [ip4][..tcp] [...172.29.9.146][38856] -> [...172.29.9.147][.8009] 
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+         detected: [.....1] [ip4][..tcp] [...172.29.9.146][38856] -> [...172.29.9.147][.8009] [AJP][Web][Acceptable]
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+              new: [.....2] [ip4][..tcp] [...172.29.9.146][38856] -> [...172.29.9.147][.8010] 
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+         detected: [.....2] [ip4][..tcp] [...172.29.9.146][38856] -> [...172.29.9.147][.8010] [AJP][Web][Acceptable]
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+             idle: [.....1] [ip4][..tcp] [...172.29.9.146][38856] -> [...172.29.9.147][.8009] [AJP][Web][Acceptable]
+             idle: [.....2] [ip4][..tcp] [...172.29.9.146][38856] -> [...172.29.9.147][.8010] [AJP][Web][Acceptable]
+     DAEMON-EVENT: shutdown

test/results/flow-info/alicloud.pcap.out

@@ -0,0 +1,73 @@
+     DAEMON-EVENT: init
+     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....1] [ip4][..tcp] [..192.168.2.100][39018] -> [...8.209.104.12][.8999] 
+         detected: [.....1] [ip4][..tcp] [..192.168.2.100][39018] -> [...8.209.104.12][.8999] [AliCloud][Cloud][Acceptable]
+     DAEMON-EVENT: [Processed: 15 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 1 / 1|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....2] [ip4][..tcp] [..192.168.2.100][41056] -> [...8.209.73.197][.8999] 
+         detected: [.....2] [ip4][..tcp] [..192.168.2.100][41056] -> [...8.209.73.197][.8999] [AliCloud][Cloud][Acceptable]
+             idle: [.....1] [ip4][..tcp] [..192.168.2.100][39018] -> [...8.209.104.12][.8999] [AliCloud][Cloud][Acceptable]
+     DAEMON-EVENT: [Processed: 30 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 1 / 2|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....3] [ip4][..tcp] [..192.168.2.100][38094] -> [..8.209.104.159][.8999] 
+         detected: [.....3] [ip4][..tcp] [..192.168.2.100][38094] -> [..8.209.104.159][.8999] [AliCloud][Cloud][Acceptable]
+             idle: [.....2] [ip4][..tcp] [..192.168.2.100][41056] -> [...8.209.73.197][.8999] [AliCloud][Cloud][Acceptable]
+              new: [.....4] [ip4][..tcp] [..192.168.2.100][45078] -> [..8.209.105.125][.8999] 
+         detected: [.....4] [ip4][..tcp] [..192.168.2.100][45078] -> [..8.209.105.125][.8999] [AliCloud][Cloud][Acceptable]
+              new: [.....5] [ip4][..tcp] [..192.168.2.100][42430] -> [..8.209.104.130][.8999] 
+         detected: [.....5] [ip4][..tcp] [..192.168.2.100][42430] -> [..8.209.104.130][.8999] [AliCloud][Cloud][Acceptable]
+     DAEMON-EVENT: [Processed: 75 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 3 / 5|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....6] [ip4][..tcp] [..192.168.2.100][55484] -> [..8.209.107.157][.8999] 
+         detected: [.....6] [ip4][..tcp] [..192.168.2.100][55484] -> [..8.209.107.157][.8999] [AliCloud][Cloud][Acceptable]
+             idle: [.....3] [ip4][..tcp] [..192.168.2.100][38094] -> [..8.209.104.159][.8999] [AliCloud][Cloud][Acceptable]
+             idle: [.....5] [ip4][..tcp] [..192.168.2.100][42430] -> [..8.209.104.130][.8999] [AliCloud][Cloud][Acceptable]
+             idle: [.....4] [ip4][..tcp] [..192.168.2.100][45078] -> [..8.209.105.125][.8999] [AliCloud][Cloud][Acceptable]
+     DAEMON-EVENT: [Processed: 90 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 1 / 6|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....7] [ip4][..tcp] [..192.168.2.100][40154] -> [..8.209.104.159][.8999] 
+         detected: [.....7] [ip4][..tcp] [..192.168.2.100][40154] -> [..8.209.104.159][.8999] [AliCloud][Cloud][Acceptable]
+             idle: [.....6] [ip4][..tcp] [..192.168.2.100][55484] -> [..8.209.107.157][.8999] [AliCloud][Cloud][Acceptable]
+     DAEMON-EVENT: [Processed: 105 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 1 / 7|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....8] [ip4][..tcp] [..192.168.2.100][42600] -> [..8.209.105.125][.8999] 
+         detected: [.....8] [ip4][..tcp] [..192.168.2.100][42600] -> [..8.209.105.125][.8999] [AliCloud][Cloud][Acceptable]
+             idle: [.....7] [ip4][..tcp] [..192.168.2.100][40154] -> [..8.209.104.159][.8999] [AliCloud][Cloud][Acceptable]
+     DAEMON-EVENT: [Processed: 120 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 1 / 8|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....9] [ip4][..tcp] [..192.168.2.100][51682] -> [...8.209.73.197][.8999] 
+         detected: [.....9] [ip4][..tcp] [..192.168.2.100][51682] -> [...8.209.73.197][.8999] [AliCloud][Cloud][Acceptable]
+             idle: [.....8] [ip4][..tcp] [..192.168.2.100][42600] -> [..8.209.105.125][.8999] [AliCloud][Cloud][Acceptable]
+     DAEMON-EVENT: [Processed: 135 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 1 / 9|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [....10] [ip4][..tcp] [..192.168.2.100][52228] -> [...8.209.73.197][.8999] 
+         detected: [....10] [ip4][..tcp] [..192.168.2.100][52228] -> [...8.209.73.197][.8999] [AliCloud][Cloud][Acceptable]
+     DAEMON-EVENT: [Processed: 150 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 2 / 10|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [....11] [ip4][..tcp] [..192.168.2.100][44388] -> [..8.209.107.125][.8999] 
+         detected: [....11] [ip4][..tcp] [..192.168.2.100][44388] -> [..8.209.107.125][.8999] [AliCloud][Cloud][Acceptable]
+             idle: [....10] [ip4][..tcp] [..192.168.2.100][52228] -> [...8.209.73.197][.8999] [AliCloud][Cloud][Acceptable]
+             idle: [.....9] [ip4][..tcp] [..192.168.2.100][51682] -> [...8.209.73.197][.8999] [AliCloud][Cloud][Acceptable]
+     DAEMON-EVENT: [Processed: 165 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 1 / 11|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [....12] [ip4][..tcp] [..192.168.2.100][37160] -> [..8.209.107.125][.8999] 
+         detected: [....12] [ip4][..tcp] [..192.168.2.100][37160] -> [..8.209.107.125][.8999] [AliCloud][Cloud][Acceptable]
+             idle: [....11] [ip4][..tcp] [..192.168.2.100][44388] -> [..8.209.107.125][.8999] [AliCloud][Cloud][Acceptable]
+     DAEMON-EVENT: [Processed: 180 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 1 / 12|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [....13] [ip4][..tcp] [..192.168.2.100][45094] -> [...8.209.76.194][.8999] 
+         detected: [....13] [ip4][..tcp] [..192.168.2.100][45094] -> [...8.209.76.194][.8999] [AliCloud][Cloud][Acceptable]
+             idle: [....12] [ip4][..tcp] [..192.168.2.100][37160] -> [..8.209.107.125][.8999] [AliCloud][Cloud][Acceptable]
+     DAEMON-EVENT: [Processed: 195 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 1 / 13|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [....14] [ip4][..tcp] [..192.168.2.100][57322] -> [..8.209.107.122][.8999] 
+         detected: [....14] [ip4][..tcp] [..192.168.2.100][57322] -> [..8.209.107.122][.8999] [AliCloud][Cloud][Acceptable]
+             idle: [....13] [ip4][..tcp] [..192.168.2.100][45094] -> [...8.209.76.194][.8999] [AliCloud][Cloud][Acceptable]
+     DAEMON-EVENT: [Processed: 210 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 1 / 14|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [....15] [ip4][..tcp] [..192.168.2.100][51774] -> [....8.209.77.36][.8999] 
+         detected: [....15] [ip4][..tcp] [..192.168.2.100][51774] -> [....8.209.77.36][.8999] [AliCloud][Cloud][Acceptable]
+             idle: [....14] [ip4][..tcp] [..192.168.2.100][57322] -> [..8.209.107.122][.8999] [AliCloud][Cloud][Acceptable]
+             idle: [....15] [ip4][..tcp] [..192.168.2.100][51774] -> [....8.209.77.36][.8999] [AliCloud][Cloud][Acceptable]
+     DAEMON-EVENT: shutdown

test/results/flow-info/among_us.pcap.out

@@ -0,0 +1,7 @@
+     DAEMON-EVENT: init
+     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....1] [ip4][..udp] [.......10.0.0.1][64260] -> [172.105.251.170][22023] 
+         detected: [.....1] [ip4][..udp] [.......10.0.0.1][64260] -> [172.105.251.170][22023] [AmongUs][Game][Fun]
+             idle: [.....1] [ip4][..udp] [.......10.0.0.1][64260] -> [172.105.251.170][22023] [AmongUs][Game][Fun]
+     DAEMON-EVENT: shutdown

test/results/flow-info/amqp.pcap.out

@@ -0,0 +1,20 @@
+     DAEMON-EVENT: init
+     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....1] [ip4][..tcp] [......127.0.0.1][44205] -> [......127.0.1.1][.5672] [MIDSTREAM] 
+         detected: [.....1] [ip4][..tcp] [......127.0.0.1][44205] -> [......127.0.1.1][.5672] [AMQP][RPC][Acceptable]
+              new: [.....2] [ip4][..tcp] [......127.0.1.1][.5672] -> [......127.0.0.1][44204] [MIDSTREAM] 
+              new: [.....3] [ip4][..tcp] [......127.0.0.1][44206] -> [......127.0.1.1][.5672] [MIDSTREAM] 
+         detected: [.....3] [ip4][..tcp] [......127.0.0.1][44206] -> [......127.0.1.1][.5672] [AMQP][RPC][Acceptable]
+         detected: [.....2] [ip4][..tcp] [......127.0.1.1][.5672] -> [......127.0.0.1][44204] [AMQP][RPC][Acceptable]
+          analyse: [.....1] [ip4][..tcp] [......127.0.0.1][44205] -> [......127.0.1.1][.5672] [AMQP][RPC][Acceptable]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|   2.002|   0.224|   0.537]
+                   [IAT(c->s)...:    0.000|   2.002|   0.232|   0.544][IAT(s->c)...:    0.000|   2.002|   0.217|   0.530]
+                   [PKTLEN(c->s):  103.000| 395.000| 198.100| 105.200][PKTLEN(s->c):   66.000|  66.000|  66.000|   0.000]
+                   [BINS(c->s)..: 0,6,0,5,0,0,1,0,1,2,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+             idle: [.....2] [ip4][..tcp] [......127.0.1.1][.5672] -> [......127.0.0.1][44204] [AMQP][RPC][Acceptable]
+             idle: [.....1] [ip4][..tcp] [......127.0.0.1][44205] -> [......127.0.1.1][.5672] [AMQP][RPC][Acceptable]
+             idle: [.....3] [ip4][..tcp] [......127.0.0.1][44206] -> [......127.0.1.1][.5672] [AMQP][RPC][Acceptable]
+     DAEMON-EVENT: shutdown

test/results/flow-info/android.pcap.out

@@ -0,0 +1,257 @@
+     DAEMON-EVENT: init
+     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....1] [ip4][..tcp] [...95.101.24.53][..443] -> [...192.168.2.17][50677] [MIDSTREAM] 
+         detected: [.....1] [ip4][..tcp] [...95.101.24.53][..443] -> [...192.168.2.17][50677] [TLS][Web][Safe]
+              new: [.....2] [ip4][..tcp] [..17.248.176.75][..443] -> [...192.168.2.17][50584] [MIDSTREAM] 
+         detected: [.....2] [ip4][..tcp] [..17.248.176.75][..443] -> [...192.168.2.17][50584] [TLS.Apple][Web][Safe]
+              new: [.....3] [ip4][..tcp] [..17.248.176.75][..443] -> [...192.168.2.17][50580] [MIDSTREAM] 
+         detected: [.....3] [ip4][..tcp] [..17.248.176.75][..443] -> [...192.168.2.17][50580] [TLS.Apple][Web][Safe]
+              new: [.....4] [ip4][..udp] [........0.0.0.0][...68] -> [255.255.255.255][...67] 
+         detected: [.....4] [ip4][..udp] [........0.0.0.0][...68] -> [255.255.255.255][...67] [DHCP][Network][Acceptable]
+              new: [.....5] [ip4][..tcp] [..17.248.185.10][..443] -> [...192.168.2.17][50702] [MIDSTREAM] 
+         detected: [.....5] [ip4][..tcp] [..17.248.185.10][..443] -> [...192.168.2.17][50702] [TLS.Apple][Web][Safe]
+              new: [.....6] [ip4][..udp] [....192.168.2.1][17500] -> [..192.168.2.255][17500] 
+         detected: [.....6] [ip4][..udp] [....192.168.2.1][17500] -> [..192.168.2.255][17500] [Dropbox][Cloud][Acceptable]
+              new: [.....7] [ip4][..udp] [....192.168.2.1][57621] -> [..192.168.2.255][57621] 
+         detected: [.....7] [ip4][..udp] [....192.168.2.1][57621] -> [..192.168.2.255][57621] [Spotify][Music][Acceptable]
+              new: [.....8] [ip4][..udp] [169.254.225.216][.5353] -> [....224.0.0.251][.5353] 
+         detected: [.....8] [ip4][..udp] [169.254.225.216][.5353] -> [....224.0.0.251][.5353] [MDNS][Network][Acceptable]
+              new: [.....9] [ip4][..udp] [....192.168.2.1][.5353] -> [....224.0.0.251][.5353] 
+         detected: [.....9] [ip4][..udp] [....192.168.2.1][.5353] -> [....224.0.0.251][.5353] [MDNS][Network][Acceptable]
+              new: [....10] [ip4][..udp] [169.254.225.216][60538] -> [239.255.255.250][.1900] 
+         detected: [....10] [ip4][..udp] [169.254.225.216][60538] -> [239.255.255.250][.1900] [SSDP][System][Acceptable]
+              new: [....11] [ip4][..udp] [....192.168.2.1][51411] -> [239.255.255.250][.1900] 
+         detected: [....11] [ip4][..udp] [....192.168.2.1][51411] -> [239.255.255.250][.1900] [SSDP][System][Acceptable]
+           update: [.....4] [ip4][..udp] [........0.0.0.0][...68] -> [255.255.255.255][...67] [DHCP][Network][Acceptable]
+           update: [.....6] [ip4][..udp] [....192.168.2.1][17500] -> [..192.168.2.255][17500] [Dropbox][Cloud][Acceptable]
+           update: [.....7] [ip4][..udp] [....192.168.2.1][57621] -> [..192.168.2.255][57621] [Spotify][Music][Acceptable]
+              new: [....12] [ip6][icmp6] [.....................................::] -> [......................ff02::1:ff9f:f627] 
+         detected: [....12] [ip6][icmp6] [.....................................::] -> [......................ff02::1:ff9f:f627] [ICMPV6][Network][Acceptable]
+              new: [....13] [ip6][icmp6] [.....................................::] -> [...............................ff02::16] 
+         detected: [....13] [ip6][icmp6] [.....................................::] -> [...............................ff02::16] [ICMPV6][Network][Acceptable]
+              new: [....14] [ip4][..udp] [....192.168.2.1][...67] -> [...192.168.2.16][...68] 
+         detected: [....14] [ip4][..udp] [....192.168.2.1][...67] -> [...192.168.2.16][...68] [DHCP][Network][Acceptable]
+              new: [....15] [ip6][..udp] [..............fe80::4e6a:f6ff:fe9f:f627][..546] -> [..............................ff02::1:2][..547] 
+         detected: [....15] [ip6][..udp] [..............fe80::4e6a:f6ff:fe9f:f627][..546] -> [..............................ff02::1:2][..547] [DHCPV6][Network][Acceptable]
+              new: [....16] [ip6][icmp6] [..............fe80::4e6a:f6ff:fe9f:f627] -> [...............................ff02::16] 
+         detected: [....16] [ip6][icmp6] [..............fe80::4e6a:f6ff:fe9f:f627] -> [...............................ff02::16] [ICMPV6][Network][Acceptable]
+              new: [....17] [ip6][icmp6] [..............fe80::4e6a:f6ff:fe9f:f627] -> [................................ff02::2] 
+         detected: [....17] [ip6][icmp6] [..............fe80::4e6a:f6ff:fe9f:f627] -> [................................ff02::2] [ICMPV6][Network][Acceptable]
+              new: [....18] [ip4][..udp] [...192.168.2.16][52953] -> [....192.168.2.1][...53] 
+         detected: [....18] [ip4][..udp] [...192.168.2.16][52953] -> [....192.168.2.1][...53] [DNS][ConnCheck][Acceptable]
+ detection-update: [....18] [ip4][..udp] [...192.168.2.16][52953] -> [....192.168.2.1][...53] [DNS.Apple][ConnCheck][Safe]
+              new: [....19] [ip4][..tcp] [...192.168.2.16][58338] -> [..17.253.53.201][...80] 
+         detected: [....19] [ip4][..tcp] [...192.168.2.16][58338] -> [..17.253.53.201][...80] [HTTP.Apple][ConnCheck][Safe]
+              new: [....20] [ip4][..udp] [...192.168.2.16][35825] -> [....192.168.2.1][...53] 
+         detected: [....20] [ip4][..udp] [...192.168.2.16][35825] -> [....192.168.2.1][...53] [DNS][Network][Acceptable]
+ detection-update: [....20] [ip4][..udp] [...192.168.2.16][35825] -> [....192.168.2.1][...53] [DNS][Network][Acceptable]
+              new: [....21] [ip4][..udp] [...192.168.2.16][45863] -> [...216.239.35.8][..123] 
+         detected: [....21] [ip4][..udp] [...192.168.2.16][45863] -> [...216.239.35.8][..123] [NTP][System][Acceptable]
+              new: [....22] [ip4][..udp] [...192.168.2.16][34540] -> [....192.168.2.1][...53] 
+         detected: [....22] [ip4][..udp] [...192.168.2.16][34540] -> [....192.168.2.1][...53] [DNS.Google][Web][Acceptable]
+ detection-update: [....22] [ip4][..udp] [...192.168.2.16][34540] -> [....192.168.2.1][...53] [DNS.Google][Web][Acceptable]
+              new: [....23] [ip4][..tcp] [...192.168.2.16][32974] -> [.216.239.38.120][..443] 
+              new: [....24] [ip4][..udp] [...192.168.2.16][54837] -> [....192.168.2.1][...53] 
+         detected: [....24] [ip4][..udp] [...192.168.2.16][54837] -> [....192.168.2.1][...53] [DNS.GoogleServices][Web][Acceptable]
+         detected: [....23] [ip4][..tcp] [...192.168.2.16][32974] -> [.216.239.38.120][..443] [TLS.Google][Web][Acceptable]
+                   RISK: TLS (probably) Not Carrying HTTPS
+ detection-update: [....24] [ip4][..udp] [...192.168.2.16][54837] -> [....192.168.2.1][...53] [DNS.GoogleServices][Web][Acceptable]
+ detection-update: [....23] [ip4][..tcp] [...192.168.2.16][32974] -> [.216.239.38.120][..443] [TLS.Google][Web][Acceptable]
+                   RISK: TLS (probably) Not Carrying HTTPS
+ detection-update: [....23] [ip4][..tcp] [...192.168.2.16][32974] -> [.216.239.38.120][..443] [TLS.Google][Web][Acceptable]
+                   RISK: TLS (probably) Not Carrying HTTPS
+              new: [....25] [ip4][..tcp] [...192.168.2.16][52486] -> [..172.217.20.74][..443] 
+         detected: [....25] [ip4][..tcp] [...192.168.2.16][52486] -> [..172.217.20.74][..443] [TLS.GoogleServices][Web][Acceptable]
+              new: [....26] [ip4][..udp] [...192.168.2.16][47081] -> [....192.168.2.1][...53] 
+         detected: [....26] [ip4][..udp] [...192.168.2.16][47081] -> [....192.168.2.1][...53] [DNS][ConnCheck][Acceptable]
+ detection-update: [....25] [ip4][..tcp] [...192.168.2.16][52486] -> [..172.217.20.74][..443] [TLS.GoogleServices][Web][Acceptable]
+ detection-update: [....25] [ip4][..tcp] [...192.168.2.16][52486] -> [..172.217.20.74][..443] [TLS.GoogleServices][Web][Acceptable]
+ detection-update: [....26] [ip4][..udp] [...192.168.2.16][47081] -> [....192.168.2.1][...53] [DNS.Google][ConnCheck][Acceptable]
+              new: [....27] [ip4][..tcp] [...192.168.2.16][36888] -> [...172.217.18.3][..443] 
+              new: [....28] [ip4][..tcp] [...192.168.2.16][36890] -> [...172.217.18.3][..443] 
+         detected: [....28] [ip4][..tcp] [...192.168.2.16][36890] -> [...172.217.18.3][..443] [TLS.Google][ConnCheck][Acceptable]
+              new: [....29] [ip4][..udp] [...192.168.2.16][51430] -> [....192.168.2.1][...53] 
+         detected: [....29] [ip4][..udp] [...192.168.2.16][51430] -> [....192.168.2.1][...53] [DNS][Network][Acceptable]
+ detection-update: [....29] [ip4][..udp] [...192.168.2.16][51430] -> [....192.168.2.1][...53] [DNS][Network][Acceptable]
+ detection-update: [....28] [ip4][..tcp] [...192.168.2.16][36890] -> [...172.217.18.3][..443] [TLS.Google][ConnCheck][Acceptable]
+ detection-update: [....28] [ip4][..tcp] [...192.168.2.16][36890] -> [...172.217.18.3][..443] [TLS.Google][ConnCheck][Acceptable]
+         detected: [....27] [ip4][..tcp] [...192.168.2.16][36888] -> [...172.217.18.3][..443] [TLS.Google][ConnCheck][Acceptable]
+ detection-update: [....27] [ip4][..tcp] [...192.168.2.16][36888] -> [...172.217.18.3][..443] [TLS.Google][ConnCheck][Acceptable]
+              new: [....30] [ip4][..udp] [...192.168.2.16][39008] -> [....192.168.2.1][...53] 
+         detected: [....30] [ip4][..udp] [...192.168.2.16][39008] -> [....192.168.2.1][...53] [DNS.GoogleServices][Web][Acceptable]
+ detection-update: [....30] [ip4][..udp] [...192.168.2.16][39008] -> [....192.168.2.1][...53] [DNS.GoogleServices][Web][Acceptable]
+              new: [....31] [ip4][..tcp] [...192.168.2.16][50384] -> [172.217.168.206][..443] 
+         detected: [....31] [ip4][..tcp] [...192.168.2.16][50384] -> [172.217.168.206][..443] [TLS.Google][Web][Acceptable]
+              new: [....32] [ip4][..tcp] [...192.168.2.16][49510] -> [.216.239.38.120][.5228] 
+ detection-update: [....31] [ip4][..tcp] [...192.168.2.16][50384] -> [172.217.168.206][..443] [TLS.Google][Web][Acceptable]
+ detection-update: [....31] [ip4][..tcp] [...192.168.2.16][50384] -> [172.217.168.206][..443] [TLS.Google][Advertisement][Acceptable]
+              new: [....33] [ip4][..udp] [...192.168.2.16][36613] -> [....192.168.2.1][...53] 
+         detected: [....33] [ip4][..udp] [...192.168.2.16][36613] -> [....192.168.2.1][...53] [DNS.PlayStore][SoftwareUpdate][Safe]
+ detection-update: [....33] [ip4][..udp] [...192.168.2.16][36613] -> [....192.168.2.1][...53] [DNS.PlayStore][SoftwareUpdate][Safe]
+              new: [....34] [ip4][..tcp] [...192.168.2.16][32986] -> [.216.239.38.120][..443] 
+              new: [....35] [ip4][..udp] [...192.168.2.16][32412] -> [....192.168.2.1][...53] 
+         detected: [....35] [ip4][..udp] [...192.168.2.16][32412] -> [....192.168.2.1][...53] [DNS.DataSaver][Web][Fun]
+              new: [....36] [ip4][..udp] [...192.168.2.16][.7660] -> [....192.168.2.1][...53] 
+         detected: [....36] [ip4][..udp] [...192.168.2.16][.7660] -> [....192.168.2.1][...53] [DNS.DataSaver][Web][Fun]
+              new: [....37] [ip4][..tcp] [...192.168.2.16][32988] -> [.216.239.38.120][..443] 
+              new: [....38] [ip4][..tcp] [...192.168.2.16][32990] -> [.216.239.38.120][..443] 
+ detection-update: [....35] [ip4][..udp] [...192.168.2.16][32412] -> [....192.168.2.1][...53] [DNS.DataSaver][Web][Fun]
+              new: [....39] [ip4][..tcp] [...192.168.2.16][36834] -> [.173.194.79.114][...80] 
+ detection-update: [....36] [ip4][..udp] [...192.168.2.16][.7660] -> [....192.168.2.1][...53] [DNS.DataSaver][Web][Fun]
+              new: [....40] [ip4][..tcp] [...192.168.2.16][51928] -> [.172.217.21.202][..443] 
+         detected: [....38] [ip4][..tcp] [...192.168.2.16][32990] -> [.216.239.38.120][..443] [TLS.PlayStore][SoftwareUpdate][Safe]
+                   RISK: TLS (probably) Not Carrying HTTPS
+         detected: [....34] [ip4][..tcp] [...192.168.2.16][32986] -> [.216.239.38.120][..443] [TLS.PlayStore][SoftwareUpdate][Safe]
+                   RISK: TLS (probably) Not Carrying HTTPS
+              new: [....41] [ip4][..udp] [...192.168.2.16][40580] -> [....192.168.2.1][...53] 
+         detected: [....41] [ip4][..udp] [...192.168.2.16][40580] -> [....192.168.2.1][...53] [DNS.Google][Web][Acceptable]
+ detection-update: [....41] [ip4][..udp] [...192.168.2.16][40580] -> [....192.168.2.1][...53] [DNS.Google][Web][Acceptable]
+         detected: [....39] [ip4][..tcp] [...192.168.2.16][36834] -> [.173.194.79.114][...80] [HTTP.DataSaver][Web][Fun]
+ detection-update: [....38] [ip4][..tcp] [...192.168.2.16][32990] -> [.216.239.38.120][..443] [TLS.PlayStore][SoftwareUpdate][Safe]
+                   RISK: TLS (probably) Not Carrying HTTPS
+ detection-update: [....34] [ip4][..tcp] [...192.168.2.16][32986] -> [.216.239.38.120][..443] [TLS.PlayStore][SoftwareUpdate][Safe]
+                   RISK: TLS (probably) Not Carrying HTTPS
+         detected: [....40] [ip4][..tcp] [...192.168.2.16][51928] -> [.172.217.21.202][..443] [TLS.DataSaver][Web][Fun]
+              new: [....42] [ip4][..tcp] [...192.168.2.16][32996] -> [.216.239.38.120][..443] 
+ detection-update: [....40] [ip4][..tcp] [...192.168.2.16][51928] -> [.172.217.21.202][..443] [TLS.DataSaver][Web][Fun]
+         detected: [....42] [ip4][..tcp] [...192.168.2.16][32996] -> [.216.239.38.120][..443] [TLS.Google][Web][Acceptable]
+         detected: [....37] [ip4][..tcp] [...192.168.2.16][32988] -> [.216.239.38.120][..443] [TLS.PlayStore][SoftwareUpdate][Safe]
+                   RISK: TLS (probably) Not Carrying HTTPS
+ detection-update: [....42] [ip4][..tcp] [...192.168.2.16][32996] -> [.216.239.38.120][..443] [TLS.Google][Web][Acceptable]
+ detection-update: [....42] [ip4][..tcp] [...192.168.2.16][32996] -> [.216.239.38.120][..443] [TLS.Google][Web][Acceptable]
+ detection-update: [....37] [ip4][..tcp] [...192.168.2.16][32988] -> [.216.239.38.120][..443] [TLS.PlayStore][SoftwareUpdate][Safe]
+                   RISK: TLS (probably) Not Carrying HTTPS
+              new: [....43] [ip4][..udp] [...192.168.2.16][46359] -> [....192.168.2.1][...53] 
+         detected: [....43] [ip4][..udp] [...192.168.2.16][46359] -> [....192.168.2.1][...53] [DNS.Google][Web][Acceptable]
+ detection-update: [....43] [ip4][..udp] [...192.168.2.16][46359] -> [....192.168.2.1][...53] [DNS.Google][Web][Acceptable]
+              new: [....44] [ip4][..tcp] [...192.168.2.16][32998] -> [.216.239.38.120][..443] 
+         detected: [....44] [ip4][..tcp] [...192.168.2.16][32998] -> [.216.239.38.120][..443] [TLS.Google][Web][Acceptable]
+              new: [....45] [ip4][..udp] [...192.168.2.16][35689] -> [....192.168.2.1][...53] 
+         detected: [....45] [ip4][..udp] [...192.168.2.16][35689] -> [....192.168.2.1][...53] [DNS.GoogleServices][Web][Acceptable]
+ detection-update: [....44] [ip4][..tcp] [...192.168.2.16][32998] -> [.216.239.38.120][..443] [TLS.Google][Web][Acceptable]
+ detection-update: [....45] [ip4][..udp] [...192.168.2.16][35689] -> [....192.168.2.1][...53] [DNS.GoogleServices][Web][Acceptable]
+              new: [....46] [ip4][..udp] [...192.168.2.16][22850] -> [....192.168.2.1][...53] 
+         detected: [....46] [ip4][..udp] [...192.168.2.16][22850] -> [....192.168.2.1][...53] [DNS.DataSaver][Web][Fun]
+ detection-update: [....46] [ip4][..udp] [...192.168.2.16][22850] -> [....192.168.2.1][...53] [DNS.DataSaver][Web][Fun]
+              new: [....47] [ip4][..tcp] [...192.168.2.16][43634] -> [..172.217.20.76][..443] 
+              new: [....48] [ip4][..udp] [...192.168.2.16][58892] -> [....192.168.2.1][...53] 
+         detected: [....48] [ip4][..udp] [...192.168.2.16][58892] -> [....192.168.2.1][...53] [DNS.Google][Web][Acceptable]
+ detection-update: [....48] [ip4][..udp] [...192.168.2.16][58892] -> [....192.168.2.1][...53] [DNS.Google][Web][Acceptable]
+         detected: [....47] [ip4][..tcp] [...192.168.2.16][43634] -> [..172.217.20.76][..443] [TLS.DataSaver][Web][Fun]
+              new: [....49] [ip4][..tcp] [...192.168.2.16][33002] -> [.216.239.38.120][..443] 
+ detection-update: [....47] [ip4][..tcp] [...192.168.2.16][43634] -> [..172.217.20.76][..443] [TLS.DataSaver][Web][Fun]
+         detected: [....49] [ip4][..tcp] [...192.168.2.16][33002] -> [.216.239.38.120][..443] [TLS.Google][Web][Acceptable]
+              new: [....50] [ip4][..udp] [...192.168.2.16][33240] -> [....192.168.2.1][...53] 
+         detected: [....50] [ip4][..udp] [...192.168.2.16][33240] -> [....192.168.2.1][...53] [DNS.DataSaver][Web][Fun]
+ detection-update: [....50] [ip4][..udp] [...192.168.2.16][33240] -> [....192.168.2.1][...53] [DNS.DataSaver][Web][Fun]
+ detection-update: [....49] [ip4][..tcp] [...192.168.2.16][33002] -> [.216.239.38.120][..443] [TLS.Google][Web][Acceptable]
+              new: [....51] [ip4][..tcp] [...192.168.2.16][52514] -> [..172.217.20.74][..443] 
+              new: [....52] [ip4][..tcp] [...192.168.2.16][36848] -> [.173.194.79.114][...80] 
+              new: [....53] [ip4][..tcp] [...192.168.2.16][36850] -> [.173.194.79.114][...80] 
+              new: [....54] [ip4][..udp] [...192.168.2.16][18379] -> [....192.168.2.1][...53] 
+         detected: [....54] [ip4][..udp] [...192.168.2.16][18379] -> [....192.168.2.1][...53] [DNS.DataSaver][Web][Fun]
+ detection-update: [....54] [ip4][..udp] [...192.168.2.16][18379] -> [....192.168.2.1][...53] [DNS.DataSaver][Web][Fun]
+              new: [....55] [ip4][..tcp] [...192.168.2.16][51944] -> [.172.217.21.202][..443] 
+         detected: [....52] [ip4][..tcp] [...192.168.2.16][36848] -> [.173.194.79.114][...80] [HTTP.DataSaver][Web][Fun]
+              new: [....56] [ip4][..udp] [...192.168.2.16][10677] -> [....192.168.2.1][...53] 
+         detected: [....56] [ip4][..udp] [...192.168.2.16][10677] -> [....192.168.2.1][...53] [DNS.DataSaver][Web][Fun]
+ detection-update: [....56] [ip4][..udp] [...192.168.2.16][10677] -> [....192.168.2.1][...53] [DNS.DataSaver][Web][Fun]
+              new: [....57] [ip4][..udp] [...192.168.2.16][32832] -> [....192.168.2.1][...53] 
+         detected: [....57] [ip4][..udp] [...192.168.2.16][32832] -> [....192.168.2.1][...53] [DNS.Google][Web][Acceptable]
+ detection-update: [....57] [ip4][..udp] [...192.168.2.16][32832] -> [....192.168.2.1][...53] [DNS.Google][Web][Acceptable]
+              new: [....58] [ip4][..tcp] [...192.168.2.16][43646] -> [..172.217.20.76][..443] 
+              new: [....59] [ip4][..tcp] [...192.168.2.16][33014] -> [.216.239.38.120][..443] 
+         detected: [....55] [ip4][..tcp] [...192.168.2.16][51944] -> [.172.217.21.202][..443] [TLS.DataSaver][Web][Fun]
+         detected: [....59] [ip4][..tcp] [...192.168.2.16][33014] -> [.216.239.38.120][..443] [TLS.Google][Web][Acceptable]
+              new: [....60] [ip4][..udp] [...192.168.2.16][39760] -> [....192.168.2.1][...53] 
+         detected: [....60] [ip4][..udp] [...192.168.2.16][39760] -> [....192.168.2.1][...53] [DNS.GoogleServices][Web][Acceptable]
+         detected: [....58] [ip4][..tcp] [...192.168.2.16][43646] -> [..172.217.20.76][..443] [TLS.DataSaver][Web][Fun]
+          analyse: [....42] [ip4][..tcp] [...192.168.2.16][32996] -> [.216.239.38.120][..443] [TLS.Google][Web][Acceptable]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|   0.405|   0.048|   0.104]
+                   [IAT(c->s)...:    0.000|   0.387|   0.047|   0.099][IAT(s->c)...:    0.000|   0.405|   0.050|   0.109]
+                   [PKTLEN(c->s):   66.000| 578.000| 114.600| 124.700][PKTLEN(s->c):   66.000|1484.000| 788.400| 626.900]
+                   [BINS(c->s)..: 13,1,1,0,0,1,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 4,1,0,0,0,0,0,0,0,1,1,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,1,0,5,0,0,0]
+ detection-update: [....59] [ip4][..tcp] [...192.168.2.16][33014] -> [.216.239.38.120][..443] [TLS.Google][Web][Acceptable]
+ detection-update: [....55] [ip4][..tcp] [...192.168.2.16][51944] -> [.172.217.21.202][..443] [TLS.DataSaver][Web][Fun]
+ detection-update: [....60] [ip4][..udp] [...192.168.2.16][39760] -> [....192.168.2.1][...53] [DNS.GoogleServices][Web][Acceptable]
+ detection-update: [....58] [ip4][..tcp] [...192.168.2.16][43646] -> [..172.217.20.76][..443] [TLS.DataSaver][Web][Fun]
+              new: [....61] [ip4][..tcp] [...192.168.2.16][44374] -> [..172.217.22.10][..443] 
+         detected: [....61] [ip4][..tcp] [...192.168.2.16][44374] -> [..172.217.22.10][..443] [TLS.GoogleServices][Web][Acceptable]
+                   RISK: TLS (probably) Not Carrying HTTPS
+         detected: [....51] [ip4][..tcp] [...192.168.2.16][52514] -> [..172.217.20.74][..443] [TLS.GoogleServices][Web][Acceptable]
+              new: [....62] [ip4][..udp] [...192.168.2.16][56312] -> [....192.168.2.1][...53] 
+         detected: [....62] [ip4][..udp] [...192.168.2.16][56312] -> [....192.168.2.1][...53] [DNS.DataSaver][Web][Fun]
+ detection-update: [....62] [ip4][..udp] [...192.168.2.16][56312] -> [....192.168.2.1][...53] [DNS.DataSaver][Web][Fun]
+              new: [....63] [ip4][..tcp] [...192.168.2.16][43652] -> [..172.217.20.76][..443] 
+ detection-update: [....61] [ip4][..tcp] [...192.168.2.16][44374] -> [..172.217.22.10][..443] [TLS.GoogleServices][Web][Acceptable]
+                   RISK: TLS (probably) Not Carrying HTTPS
+              end: [.....3] [ip4][..tcp] [..17.248.176.75][..443] -> [...192.168.2.17][50580] [TLS.Apple][Web][Safe]
+              end: [.....2] [ip4][..tcp] [..17.248.176.75][..443] -> [...192.168.2.17][50584] [TLS.Apple][Web][Safe]
+             idle: [....41] [ip4][..udp] [...192.168.2.16][40580] -> [....192.168.2.1][...53] [DNS.Google][Web][Acceptable]
+             idle: [....35] [ip4][..udp] [...192.168.2.16][32412] -> [....192.168.2.1][...53] [DNS.DataSaver][Web][Fun]
+             idle: [.....4] [ip4][..udp] [........0.0.0.0][...68] -> [255.255.255.255][...67] [DHCP][Network][Acceptable]
+             idle: [....18] [ip4][..udp] [...192.168.2.16][52953] -> [....192.168.2.1][...53] [DNS.Apple][ConnCheck][Safe]
+              end: [.....5] [ip4][..tcp] [..17.248.185.10][..443] -> [...192.168.2.17][50702] [TLS.Apple][Web][Safe]
+             idle: [....22] [ip4][..udp] [...192.168.2.16][34540] -> [....192.168.2.1][...53] [DNS.Google][Web][Acceptable]
+             idle: [....33] [ip4][..udp] [...192.168.2.16][36613] -> [....192.168.2.1][...53] [DNS.PlayStore][SoftwareUpdate][Safe]
+             idle: [....31] [ip4][..tcp] [...192.168.2.16][50384] -> [172.217.168.206][..443] 
+             idle: [....11] [ip4][..udp] [....192.168.2.1][51411] -> [239.255.255.250][.1900] [SSDP][System][Acceptable]
+             idle: [....25] [ip4][..tcp] [...192.168.2.16][52486] -> [..172.217.20.74][..443] 
+             idle: [....51] [ip4][..tcp] [...192.168.2.16][52514] -> [..172.217.20.74][..443] 
+             idle: [.....8] [ip4][..udp] [169.254.225.216][.5353] -> [....224.0.0.251][.5353] 
+             idle: [....61] [ip4][..tcp] [...192.168.2.16][44374] -> [..172.217.22.10][..443] 
+             idle: [....54] [ip4][..udp] [...192.168.2.16][18379] -> [....192.168.2.1][...53] [DNS.DataSaver][Web][Fun]
+             idle: [....26] [ip4][..udp] [...192.168.2.16][47081] -> [....192.168.2.1][...53] [DNS.Google][ConnCheck][Acceptable]
+             idle: [....57] [ip4][..udp] [...192.168.2.16][32832] -> [....192.168.2.1][...53] [DNS.Google][Web][Acceptable]
+              end: [....19] [ip4][..tcp] [...192.168.2.16][58338] -> [..17.253.53.201][...80] [HTTP.Apple][ConnCheck][Safe]
+             idle: [....14] [ip4][..udp] [....192.168.2.1][...67] -> [...192.168.2.16][...68] [DHCP][Network][Acceptable]
+             idle: [....30] [ip4][..udp] [...192.168.2.16][39008] -> [....192.168.2.1][...53] [DNS.GoogleServices][Web][Acceptable]
+             idle: [.....6] [ip4][..udp] [....192.168.2.1][17500] -> [..192.168.2.255][17500] [Dropbox][Cloud][Acceptable]
+             idle: [....10] [ip4][..udp] [169.254.225.216][60538] -> [239.255.255.250][.1900] [SSDP][System][Acceptable]
+             idle: [....15] [ip6][..udp] [..............fe80::4e6a:f6ff:fe9f:f627][..546] -> [..............................ff02::1:2][..547] [DHCPV6][Network][Acceptable]
+             idle: [....29] [ip4][..udp] [...192.168.2.16][51430] -> [....192.168.2.1][...53] [DNS][Network][Acceptable]
+             idle: [....46] [ip4][..udp] [...192.168.2.16][22850] -> [....192.168.2.1][...53] [DNS.DataSaver][Web][Fun]
+              end: [....23] [ip4][..tcp] [...192.168.2.16][32974] -> [.216.239.38.120][..443] 
+             idle: [....34] [ip4][..tcp] [...192.168.2.16][32986] -> [.216.239.38.120][..443] 
+             idle: [....37] [ip4][..tcp] [...192.168.2.16][32988] -> [.216.239.38.120][..443] 
+             idle: [....38] [ip4][..tcp] [...192.168.2.16][32990] -> [.216.239.38.120][..443] 
+             idle: [....13] [ip6][icmp6] [.....................................::] -> [...............................ff02::16] [ICMPV6][Network][Acceptable]
+             idle: [....12] [ip6][icmp6] [.....................................::] -> [......................ff02::1:ff9f:f627] [ICMPV6][Network][Acceptable]
+             idle: [....42] [ip4][..tcp] [...192.168.2.16][32996] -> [.216.239.38.120][..443] [TLS.Google][Web][Acceptable]
+              end: [....44] [ip4][..tcp] [...192.168.2.16][32998] -> [.216.239.38.120][..443] 
+             idle: [....49] [ip4][..tcp] [...192.168.2.16][33002] -> [.216.239.38.120][..443] [TLS.Google][Web][Acceptable]
+             idle: [....59] [ip4][..tcp] [...192.168.2.16][33014] -> [.216.239.38.120][..443] 
+             idle: [....56] [ip4][..udp] [...192.168.2.16][10677] -> [....192.168.2.1][...53] [DNS.DataSaver][Web][Fun]
+             idle: [.....9] [ip4][..udp] [....192.168.2.1][.5353] -> [....224.0.0.251][.5353] 
+             idle: [....50] [ip4][..udp] [...192.168.2.16][33240] -> [....192.168.2.1][...53] [DNS.DataSaver][Web][Fun]
+              end: [....39] [ip4][..tcp] [...192.168.2.16][36834] -> [.173.194.79.114][...80] [HTTP.DataSaver][Web][Fun]
+             idle: [....52] [ip4][..tcp] [...192.168.2.16][36848] -> [.173.194.79.114][...80] [HTTP.DataSaver][Web][Fun]
+          guessed: [....53] [ip4][..tcp] [...192.168.2.16][36850] -> [.173.194.79.114][...80] [HTTP.Google][Web][Acceptable]
+             idle: [....53] [ip4][..tcp] [...192.168.2.16][36850] -> [.173.194.79.114][...80] 
+             idle: [.....7] [ip4][..udp] [....192.168.2.1][57621] -> [..192.168.2.255][57621] [Spotify][Music][Acceptable]
+             idle: [....27] [ip4][..tcp] [...192.168.2.16][36888] -> [...172.217.18.3][..443] [TLS.Google][ConnCheck][Acceptable]
+             idle: [....28] [ip4][..tcp] [...192.168.2.16][36890] -> [...172.217.18.3][..443] 
+             idle: [....21] [ip4][..udp] [...192.168.2.16][45863] -> [...216.239.35.8][..123] [NTP][System][Acceptable]
+             idle: [....60] [ip4][..udp] [...192.168.2.16][39760] -> [....192.168.2.1][...53] [DNS.GoogleServices][Web][Acceptable]
+             idle: [....45] [ip4][..udp] [...192.168.2.16][35689] -> [....192.168.2.1][...53] [DNS.GoogleServices][Web][Acceptable]
+             idle: [....20] [ip4][..udp] [...192.168.2.16][35825] -> [....192.168.2.1][...53] [DNS][Network][Acceptable]
+             idle: [....62] [ip4][..udp] [...192.168.2.16][56312] -> [....192.168.2.1][...53] [DNS.DataSaver][Web][Fun]
+             idle: [.....1] [ip4][..tcp] [...95.101.24.53][..443] -> [...192.168.2.17][50677] 
+          guessed: [....32] [ip4][..tcp] [...192.168.2.16][49510] -> [.216.239.38.120][.5228] [Google][Web][Acceptable]
+             idle: [....32] [ip4][..tcp] [...192.168.2.16][49510] -> [.216.239.38.120][.5228] 
+             idle: [....17] [ip6][icmp6] [..............fe80::4e6a:f6ff:fe9f:f627] -> [................................ff02::2] [ICMPV6][Network][Acceptable]
+             idle: [....16] [ip6][icmp6] [..............fe80::4e6a:f6ff:fe9f:f627] -> [...............................ff02::16] [ICMPV6][Network][Acceptable]
+              end: [....47] [ip4][..tcp] [...192.168.2.16][43634] -> [..172.217.20.76][..443] 
+              end: [....58] [ip4][..tcp] [...192.168.2.16][43646] -> [..172.217.20.76][..443] 
+          guessed: [....63] [ip4][..tcp] [...192.168.2.16][43652] -> [..172.217.20.76][..443] [TLS.Google][Web][Acceptable]
+             idle: [....63] [ip4][..tcp] [...192.168.2.16][43652] -> [..172.217.20.76][..443] 
+             idle: [....43] [ip4][..udp] [...192.168.2.16][46359] -> [....192.168.2.1][...53] [DNS.Google][Web][Acceptable]
+             idle: [....40] [ip4][..tcp] [...192.168.2.16][51928] -> [.172.217.21.202][..443] [TLS.DataSaver][Web][Fun]
+             idle: [....55] [ip4][..tcp] [...192.168.2.16][51944] -> [.172.217.21.202][..443] [TLS.DataSaver][Web][Fun]
+             idle: [....36] [ip4][..udp] [...192.168.2.16][.7660] -> [....192.168.2.1][...53] [DNS.DataSaver][Web][Fun]
+             idle: [....48] [ip4][..udp] [...192.168.2.16][58892] -> [....192.168.2.1][...53] [DNS.Google][Web][Acceptable]
+             idle: [....24] [ip4][..udp] [...192.168.2.16][54837] -> [....192.168.2.1][...53] [DNS.GoogleServices][Web][Acceptable]
+     DAEMON-EVENT: shutdown

test/results/flow-info/anyconnect-vpn.pcap.out

@@ -0,0 +1,305 @@
+     DAEMON-EVENT: init
+     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....1] [ip4][..tcp] [.....10.0.0.227][56885] -> [...184.25.56.53][...80] [MIDSTREAM] 
+              new: [.....2] [ip4][..tcp] [.....10.0.0.227][56916] -> [.....10.0.0.151][.8009] 
+              new: [.....3] [ip4][..tcp] [.....10.0.0.227][56320] -> [.....10.0.0.149][.8009] [MIDSTREAM] 
+         detected: [.....3] [ip4][..tcp] [.....10.0.0.227][56320] -> [.....10.0.0.149][.8009] [TLS][Web][Safe]
+                   RISK: Known Proto on Non Std Port
+              new: [.....4] [ip4][....2] [.......10.0.0.1] -> [......224.0.0.1] 
+         detected: [.....4] [ip4][....2] [.......10.0.0.1] -> [......224.0.0.1] [IGMP][Network][Acceptable]
+              new: [.....5] [ip6][icmp6] [..............fe80::2e7e:81ff:feb0:4aa1] -> [................................ff02::1] 
+         detected: [.....5] [ip6][icmp6] [..............fe80::2e7e:81ff:feb0:4aa1] -> [................................ff02::1] [ICMPV6][Network][Acceptable]
+              new: [.....6] [ip4][....2] [.....10.0.0.149] -> [....224.0.0.251] 
+         detected: [.....6] [ip4][....2] [.....10.0.0.149] -> [....224.0.0.251] [IGMP][Network][Acceptable]
+              new: [.....7] [ip4][....2] [.....10.0.0.149] -> [...239.255.3.22] 
+         detected: [.....7] [ip4][....2] [.....10.0.0.149] -> [...239.255.3.22] [IGMP][Network][Acceptable]
+              new: [.....8] [ip4][....2] [.....10.0.0.149] -> [239.255.255.250] 
+         detected: [.....8] [ip4][....2] [.....10.0.0.149] -> [239.255.255.250] [IGMP][Network][Acceptable]
+              new: [.....9] [ip4][..udp] [.....10.0.0.227][52879] -> [....75.75.76.76][...53] 
+         detected: [.....9] [ip4][..udp] [.....10.0.0.227][52879] -> [....75.75.76.76][...53] [DNS][Network][Acceptable]
+ detection-update: [.....9] [ip4][..udp] [.....10.0.0.227][52879] -> [....75.75.76.76][...53] [DNS][Network][Acceptable]
+              new: [....10] [ip4][..udp] [.....10.0.0.227][61387] -> [....75.75.75.75][...53] 
+         detected: [....10] [ip4][..udp] [.....10.0.0.227][61387] -> [....75.75.75.75][...53] [DNS][Network][Acceptable]
+ detection-update: [....10] [ip4][..udp] [.....10.0.0.227][61387] -> [....75.75.75.75][...53] [DNS][Network][Acceptable]
+              new: [....11] [ip4][..udp] [.....10.0.0.227][62322] -> [....75.75.76.76][...53] 
+         detected: [....11] [ip4][..udp] [.....10.0.0.227][62322] -> [....75.75.76.76][...53] [DNS][Network][Acceptable]
+ detection-update: [....11] [ip4][..udp] [.....10.0.0.227][62322] -> [....75.75.76.76][...53] [DNS][Network][Acceptable]
+              new: [....12] [ip4][..tcp] [.....10.0.0.227][56918] -> [....8.37.102.91][..443] 
+         detected: [....12] [ip4][..tcp] [.....10.0.0.227][56918] -> [....8.37.102.91][..443] [TLS][Web][Safe]
+                   RISK: Missing SNI TLS Extn
+ detection-update: [....12] [ip4][..tcp] [.....10.0.0.227][56918] -> [....8.37.102.91][..443] [TLS][Web][Safe]
+                   RISK: Weak TLS Cipher, Missing SNI TLS Extn
+ detection-update: [....12] [ip4][..tcp] [.....10.0.0.227][56918] -> [....8.37.102.91][..443] [TLS][Web][Safe]
+                   RISK: Weak TLS Cipher, Missing SNI TLS Extn
+              new: [....13] [ip4][..tcp] [.....10.0.0.227][56915] -> [..52.37.243.173][..443] [MIDSTREAM] 
+         detected: [....13] [ip4][..tcp] [.....10.0.0.227][56915] -> [..52.37.243.173][..443] [TLS.AmazonAWS][Cloud][Acceptable]
+              new: [....14] [ip4][..tcp] [.....10.0.0.227][56914] -> [..52.37.243.173][..443] [MIDSTREAM] 
+         detected: [....14] [ip4][..tcp] [.....10.0.0.227][56914] -> [..52.37.243.173][..443] [TLS.AmazonAWS][Cloud][Acceptable]
+              new: [....15] [ip4][..tcp] [.....10.0.0.227][56919] -> [....8.37.102.91][..443] 
+         detected: [....15] [ip4][..tcp] [.....10.0.0.227][56919] -> [....8.37.102.91][..443] [TLS][Web][Safe]
+                   RISK: Missing SNI TLS Extn
+ detection-update: [....15] [ip4][..tcp] [.....10.0.0.227][56919] -> [....8.37.102.91][..443] [TLS][Web][Safe]
+                   RISK: Weak TLS Cipher, Missing SNI TLS Extn
+ detection-update: [....15] [ip4][..tcp] [.....10.0.0.227][56919] -> [....8.37.102.91][..443] [TLS][Web][Safe]
+                   RISK: Weak TLS Cipher, Missing SNI TLS Extn
+          analyse: [....15] [ip4][..tcp] [.....10.0.0.227][56919] -> [....8.37.102.91][..443] 
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|   0.072|   0.022|   0.022]
+                   [IAT(c->s)...:    0.000|   0.045|   0.023|   0.020][IAT(s->c)...:    0.000|   0.072|   0.021|   0.023]
+                   [PKTLEN(c->s):   66.000|1514.000| 422.600| 556.700][PKTLEN(s->c):   66.000|1514.000| 597.800| 627.100]
+                   [BINS(c->s)..: 11,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,1,0,0,0,0,0,2,0,0]
+                   [BINS(s->c)..: 6,1,1,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,4,0,0]
+ detection-update: [....15] [ip4][..tcp] [.....10.0.0.227][56919] -> [....8.37.102.91][..443] [TLS][Web][Safe]
+                   RISK: Weak TLS Cipher, Missing SNI TLS Extn
+              new: [....16] [ip4][..udp] [.....10.0.0.227][63107] -> [....75.75.76.76][...53] 
+         detected: [....16] [ip4][..udp] [.....10.0.0.227][63107] -> [....75.75.76.76][...53] [DNS][Network][Acceptable]
+ detection-update: [....16] [ip4][..udp] [.....10.0.0.227][63107] -> [....75.75.76.76][...53] [DNS][Network][Acceptable]
+              new: [....17] [ip4][.icmp] [.....10.0.0.227] -> [....75.75.76.76] 
+         detected: [....17] [ip4][.icmp] [.....10.0.0.227] -> [....75.75.76.76] [ICMP][Network][Acceptable]
+              new: [....18] [ip4][..udp] [.....10.0.0.213][.5353] -> [....224.0.0.251][.5353] 
+         detected: [....18] [ip4][..udp] [.....10.0.0.213][.5353] -> [....224.0.0.251][.5353] [MDNS][Network][Acceptable]
+              new: [....19] [ip6][..udp] [...............fe80::408:3e45:3abc:1552][.5353] -> [...............................ff02::fb][.5353] 
+         detected: [....19] [ip6][..udp] [...............fe80::408:3e45:3abc:1552][.5353] -> [...............................ff02::fb][.5353] [MDNS][Network][Acceptable]
+              new: [....20] [ip4][....2] [.....10.0.0.213] -> [......224.0.0.2] 
+         detected: [....20] [ip4][....2] [.....10.0.0.213] -> [......224.0.0.2] [IGMP][Network][Acceptable]
+              new: [....21] [ip4][....2] [.....10.0.0.213] -> [....224.0.0.251] 
+         detected: [....21] [ip4][....2] [.....10.0.0.213] -> [....224.0.0.251] [IGMP][Network][Acceptable]
+              new: [....22] [ip4][..udp] [.....10.0.0.227][.5353] -> [.....10.0.0.213][.5353] 
+         detected: [....22] [ip4][..udp] [.....10.0.0.227][.5353] -> [.....10.0.0.213][.5353] [MDNS][Network][Acceptable]
+              new: [....23] [ip6][icmp6] [...............fe80::408:3e45:3abc:1552] -> [...............................ff02::16] 
+         detected: [....23] [ip6][icmp6] [...............fe80::408:3e45:3abc:1552] -> [...............................ff02::16] [ICMPV6][Network][Acceptable]
+              new: [....24] [ip4][..tcp] [.....10.0.0.227][56917] -> [...184.25.56.77][...80] [MIDSTREAM] 
+              new: [....25] [ip4][..tcp] [.....10.0.0.227][56884] -> [...184.25.56.77][...80] [MIDSTREAM] 
+              new: [....26] [ip4][..udp] [.....10.0.0.227][54851] -> [....75.75.76.76][...53] 
+         detected: [....26] [ip4][..udp] [.....10.0.0.227][54851] -> [....75.75.76.76][...53] [DNS][Network][Acceptable]
+ detection-update: [....26] [ip4][..udp] [.....10.0.0.227][54851] -> [....75.75.76.76][...53] [DNS][Network][Acceptable]
+              new: [....27] [ip4][..udp] [.....10.0.0.227][58155] -> [....75.75.76.76][...53] 
+         detected: [....27] [ip4][..udp] [.....10.0.0.227][58155] -> [....75.75.76.76][...53] [DNS.Slack][Collaborative][Acceptable]
+ detection-update: [....27] [ip4][..udp] [.....10.0.0.227][58155] -> [....75.75.76.76][...53] [DNS.Slack][Collaborative][Acceptable]
+              new: [....28] [ip4][..tcp] [.....10.0.0.227][56920] -> [...99.86.34.156][..443] 
+         detected: [....28] [ip4][..tcp] [.....10.0.0.227][56920] -> [...99.86.34.156][..443] [TLS.Slack][Collaborative][Acceptable]
+ detection-update: [....28] [ip4][..tcp] [.....10.0.0.227][56920] -> [...99.86.34.156][..443] [TLS.Slack][Collaborative][Acceptable]
+              new: [....29] [ip4][..tcp] [.....10.0.0.227][56910] -> [...35.201.124.9][..443] [MIDSTREAM] 
+         detected: [....29] [ip4][..tcp] [.....10.0.0.227][56910] -> [...35.201.124.9][..443] [TLS.GoogleCloud][Cloud][Acceptable]
+              new: [....30] [ip4][..tcp] [.....10.0.0.227][56921] -> [....8.37.96.194][.4287] 
+         detected: [....30] [ip4][..tcp] [.....10.0.0.227][56921] -> [....8.37.96.194][.4287] [TLS][Web][Safe]
+                   RISK: Known Proto on Non Std Port, TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn
+ detection-update: [....30] [ip4][..tcp] [.....10.0.0.227][56921] -> [....8.37.96.194][.4287] [TLS][Web][Safe]
+                   RISK: Known Proto on Non Std Port, Self-signed Cert, TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn
+              new: [....31] [ip4][..udp] [.....10.0.0.227][64972] -> [....75.75.75.75][...53] 
+         detected: [....31] [ip4][..udp] [.....10.0.0.227][64972] -> [....75.75.75.75][...53] [DNS][Network][Acceptable]
+              new: [....32] [ip4][..udp] [.....10.0.0.227][61613] -> [....75.75.75.75][...53] 
+         detected: [....32] [ip4][..udp] [.....10.0.0.227][61613] -> [....75.75.75.75][...53] [DNS][Network][Acceptable]
+ detection-update: [....31] [ip4][..udp] [.....10.0.0.227][64972] -> [....75.75.75.75][...53] [DNS][Network][Acceptable]
+ detection-update: [....32] [ip4][..udp] [.....10.0.0.227][61613] -> [....75.75.75.75][...53] [DNS][Network][Acceptable]
+              new: [....33] [ip4][..udp] [.....10.0.0.227][57261] -> [....75.75.75.75][...53] 
+         detected: [....33] [ip4][..udp] [.....10.0.0.227][57261] -> [....75.75.75.75][...53] [DNS][Network][Acceptable]
+              new: [....34] [ip4][..udp] [.....10.0.0.227][52879] -> [....75.75.75.75][...53] 
+         detected: [....34] [ip4][..udp] [.....10.0.0.227][52879] -> [....75.75.75.75][...53] [DNS][Network][Acceptable]
+ detection-update: [....33] [ip4][..udp] [.....10.0.0.227][57261] -> [....75.75.75.75][...53] [DNS][Network][Acceptable]
+ detection-update: [....34] [ip4][..udp] [.....10.0.0.227][52879] -> [....75.75.75.75][...53] [DNS][Network][Acceptable]
+ detection-update: [....18] [ip4][..udp] [.....10.0.0.213][.5353] -> [....224.0.0.251][.5353] [MDNS][Network][Acceptable]
+ detection-update: [....19] [ip6][..udp] [...............fe80::408:3e45:3abc:1552][.5353] -> [...............................ff02::fb][.5353] [MDNS][Network][Acceptable]
+              new: [....35] [ip4][..udp] [.....10.0.0.227][59222] -> [....75.75.75.75][...53] 
+         detected: [....35] [ip4][..udp] [.....10.0.0.227][59222] -> [....75.75.75.75][...53] [DNS][Network][Acceptable]
+              new: [....36] [ip4][..udp] [.....10.0.0.227][57017] -> [....75.75.75.75][...53] 
+         detected: [....36] [ip4][..udp] [.....10.0.0.227][57017] -> [....75.75.75.75][...53] [DNS][Network][Acceptable]
+ detection-update: [....35] [ip4][..udp] [.....10.0.0.227][59222] -> [....75.75.75.75][...53] [DNS][Network][Acceptable]
+ detection-update: [....36] [ip4][..udp] [.....10.0.0.227][57017] -> [....75.75.75.75][...53] [DNS][Network][Acceptable]
+          analyse: [....30] [ip4][..tcp] [.....10.0.0.227][56921] -> [....8.37.96.194][.4287] [TLS][Web][Safe]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|   0.385|   0.079|   0.122]
+                   [IAT(c->s)...:    0.000|   0.358|   0.081|   0.117][IAT(s->c)...:    0.002|   0.385|   0.078|   0.126]
+                   [PKTLEN(c->s):   66.000|1261.000| 250.700| 328.900][PKTLEN(s->c):   66.000|1434.000| 347.300| 483.300]
+                   [BINS(c->s)..: 9,2,0,0,1,0,0,0,0,1,0,0,0,1,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 8,2,1,1,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,1,0,1,0,0,0,0,0]
+              new: [....37] [ip4][..tcp] [.....10.0.0.227][56881] -> [.162.222.43.153][..443] [MIDSTREAM] 
+              new: [....38] [ip4][..tcp] [.....10.0.0.227][56929] -> [....8.37.102.91][..443] 
+         detected: [....38] [ip4][..tcp] [.....10.0.0.227][56929] -> [....8.37.102.91][..443] [TLS][Web][Safe]
+                   RISK: TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn
+ detection-update: [....38] [ip4][..tcp] [.....10.0.0.227][56929] -> [....8.37.102.91][..443] [TLS][Web][Safe]
+                   RISK: Weak TLS Cipher, TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn
+ detection-update: [....38] [ip4][..tcp] [.....10.0.0.227][56929] -> [....8.37.102.91][..443] [TLS][Web][Safe]
+                   RISK: Weak TLS Cipher, TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn
+          analyse: [....38] [ip4][..tcp] [.....10.0.0.227][56929] -> [....8.37.102.91][..443] 
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|   0.138|   0.027|   0.033]
+                   [IAT(c->s)...:    0.000|   0.097|   0.033|   0.029][IAT(s->c)...:    0.000|   0.138|   0.022|   0.035]
+                   [PKTLEN(c->s):   66.000|1031.000| 164.900| 249.400][PKTLEN(s->c):   66.000|1514.000| 854.600| 666.400]
+                   [BINS(c->s)..: 12,0,0,0,1,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 3,0,1,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,8,0,0]
+ detection-update: [....38] [ip4][..tcp] [.....10.0.0.227][56929] -> [....8.37.102.91][..443] [TLS][Web][Safe]
+                   RISK: Weak TLS Cipher, TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn
+              new: [....39] [ip4][..tcp] [.....10.0.0.227][56865] -> [.....10.0.0.149][.8008] [MIDSTREAM] 
+              new: [....40] [ip4][..tcp] [.....10.0.0.227][56866] -> [.....10.0.0.151][.8060] [MIDSTREAM] 
+              new: [....41] [ip4][..udp] [.....10.0.0.227][57253] -> [....75.75.75.75][...53] 
+         detected: [....41] [ip4][..udp] [.....10.0.0.227][57253] -> [....75.75.75.75][...53] [DNS][Network][Acceptable]
+              new: [....42] [ip4][..udp] [.....10.0.0.227][62427] -> [....75.75.75.75][...53] 
+         detected: [....42] [ip4][..udp] [.....10.0.0.227][62427] -> [....75.75.75.75][...53] [DNS][ConnCheck][Acceptable]
+         detected: [....25] [ip4][..tcp] [.....10.0.0.227][56884] -> [...184.25.56.77][...80] [HTTP][ConnCheck][Acceptable]
+         detected: [....24] [ip4][..tcp] [.....10.0.0.227][56917] -> [...184.25.56.77][...80] [HTTP][ConnCheck][Acceptable]
+ detection-update: [....41] [ip4][..udp] [.....10.0.0.227][57253] -> [....75.75.75.75][...53] [DNS][Network][Acceptable]
+ detection-update: [....42] [ip4][..udp] [.....10.0.0.227][62427] -> [....75.75.75.75][...53] [DNS][ConnCheck][Acceptable]
+              new: [....43] [ip4][..tcp] [.....10.0.0.227][56879] -> [..52.10.115.210][..443] [MIDSTREAM] 
+         detected: [....43] [ip4][..tcp] [.....10.0.0.227][56879] -> [..52.10.115.210][..443] [TLS.AmazonAWS][Cloud][Acceptable]
+              new: [....44] [ip4][..tcp] [.....10.0.0.227][56886] -> [..17.57.144.116][.5223] [MIDSTREAM] 
+              new: [....45] [ip4][..udp] [.....10.0.0.227][60341] -> [....75.75.75.75][...53] 
+         detected: [....45] [ip4][..udp] [.....10.0.0.227][60341] -> [....75.75.75.75][...53] [DNS.Apple][Web][Safe]
+              new: [....46] [ip4][..udp] [.....10.0.0.227][51060] -> [....75.75.75.75][...53] 
+         detected: [....46] [ip4][..udp] [.....10.0.0.227][51060] -> [....75.75.75.75][...53] [DNS.ApplePush][Cloud][Acceptable]
+              new: [....47] [ip4][..udp] [.....10.0.0.227][59582] -> [....75.75.75.75][...53] 
+         detected: [....47] [ip4][..udp] [.....10.0.0.227][59582] -> [....75.75.75.75][...53] [DNS.ApplePush][Cloud][Acceptable]
+              new: [....48] [ip4][..udp] [.....10.0.0.227][64193] -> [....75.75.75.75][...53] 
+         detected: [....48] [ip4][..udp] [.....10.0.0.227][64193] -> [....75.75.75.75][...53] [DNS.ApplePush][Cloud][Acceptable]
+              new: [....49] [ip4][..udp] [.....10.0.0.227][51990] -> [....75.75.75.75][...53] 
+         detected: [....49] [ip4][..udp] [.....10.0.0.227][51990] -> [....75.75.75.75][...53] [DNS][Network][Acceptable]
+ detection-update: [....45] [ip4][..udp] [.....10.0.0.227][60341] -> [....75.75.75.75][...53] [DNS.Apple][Web][Safe]
+ detection-update: [....47] [ip4][..udp] [.....10.0.0.227][59582] -> [....75.75.75.75][...53] [DNS.ApplePush][Cloud][Acceptable]
+ detection-update: [....46] [ip4][..udp] [.....10.0.0.227][51060] -> [....75.75.75.75][...53] [DNS.ApplePush][Cloud][Acceptable]
+         detected: [....44] [ip4][..tcp] [.....10.0.0.227][56886] -> [..17.57.144.116][.5223] [TLS.Apple][Web][Safe]
+                   RISK: Known Proto on Non Std Port
+ detection-update: [....48] [ip4][..udp] [.....10.0.0.227][64193] -> [....75.75.75.75][...53] [DNS.ApplePush][Cloud][Acceptable]
+              new: [....50] [ip4][..udp] [.....10.0.0.227][49781] -> [....75.75.75.75][...53] 
+         detected: [....50] [ip4][..udp] [.....10.0.0.227][49781] -> [....75.75.75.75][...53] [DNS][Network][Acceptable]
+              new: [....51] [ip4][..tcp] [.....10.0.0.227][56871] -> [...8.37.103.196][..443] [MIDSTREAM] 
+ detection-update: [....50] [ip4][..udp] [.....10.0.0.227][49781] -> [....75.75.75.75][...53] [DNS][Network][Acceptable]
+ detection-update: [....49] [ip4][..udp] [.....10.0.0.227][51990] -> [....75.75.75.75][...53] [DNS][Network][Acceptable]
+              new: [....52] [ip4][..udp] [.....10.0.0.227][58074] -> [....75.75.75.75][...53] 
+         detected: [....52] [ip4][..udp] [.....10.0.0.227][58074] -> [....75.75.75.75][...53] [DNS][Network][Acceptable]
+ detection-update: [....52] [ip4][..udp] [.....10.0.0.227][58074] -> [....75.75.75.75][...53] [DNS][Network][Acceptable]
+              new: [....53] [ip4][..tcp] [.....10.0.0.227][56874] -> [.74.125.197.188][..443] [MIDSTREAM] 
+              new: [....54] [ip4][..udp] [.....10.0.0.227][61328] -> [239.255.255.250][.1900] 
+         detected: [....54] [ip4][..udp] [.....10.0.0.227][61328] -> [239.255.255.250][.1900] [SSDP][System][Acceptable]
+              new: [....55] [ip4][..udp] [.....10.0.0.149][38616] -> [.....10.0.0.227][61328] 
+         detected: [....55] [ip4][..udp] [.....10.0.0.149][38616] -> [.....10.0.0.227][61328] [SSDP][System][Acceptable]
+              new: [....56] [ip4][..udp] [.....10.0.0.151][.1900] -> [.....10.0.0.227][61328] 
+         detected: [....56] [ip4][..udp] [.....10.0.0.151][.1900] -> [.....10.0.0.227][61328] [SSDP][System][Acceptable]
+              new: [....57] [ip4][..udp] [.....10.0.0.227][57547] -> [239.255.255.250][.1900] 
+         detected: [....57] [ip4][..udp] [.....10.0.0.227][57547] -> [239.255.255.250][.1900] [SSDP][System][Acceptable]
+              new: [....58] [ip4][..udp] [.....10.0.0.227][54107] -> [....8.37.102.91][..443] 
+         detected: [....58] [ip4][..udp] [.....10.0.0.227][54107] -> [....8.37.102.91][..443] [DTLS][Web][Safe]
+                   RISK: Obsolete TLS (v1.1 or older)
+              new: [....59] [ip4][..udp] [.....10.0.0.149][50081] -> [.....10.0.0.227][57547] 
+         detected: [....59] [ip4][..udp] [.....10.0.0.149][50081] -> [.....10.0.0.227][57547] [SSDP][System][Acceptable]
+ detection-update: [....58] [ip4][..udp] [.....10.0.0.227][54107] -> [....8.37.102.91][..443] [DTLS][Web][Safe]
+                   RISK: Obsolete TLS (v1.1 or older)
+          analyse: [....58] [ip4][..udp] [.....10.0.0.227][54107] -> [....8.37.102.91][..443] [DTLS][Web][Safe]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|   0.047|   0.016|   0.019]
+                   [IAT(c->s)...:    0.000|   0.047|   0.016|   0.018][IAT(s->c)...:    0.000|   0.047|   0.015|   0.019]
+                   [PKTLEN(c->s):  135.000| 199.000| 168.000|  16.800][PKTLEN(s->c):   90.000| 407.000| 258.100|  75.200]
+                   [BINS(c->s)..: 0,0,1,11,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 0,1,0,0,2,5,1,2,2,2,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+              new: [....60] [ip4][..udp] [.....10.0.0.227][52595] -> [.......10.0.0.1][..192] 
+              new: [....61] [ip4][..udp] [.....10.0.0.151][.1900] -> [.....10.0.0.227][57547] 
+         detected: [....61] [ip4][..udp] [.....10.0.0.151][.1900] -> [.....10.0.0.227][57547] [SSDP][System][Acceptable]
+              new: [....62] [ip4][..tcp] [.....10.0.0.227][56954] -> [.....10.0.0.149][.8008] 
+              new: [....63] [ip4][..tcp] [.....10.0.0.227][56955] -> [.....10.0.0.151][.8060] 
+         detected: [....62] [ip4][..tcp] [.....10.0.0.227][56954] -> [.....10.0.0.149][.8008] [HTTP][Web][Acceptable]
+                   RISK: Known Proto on Non Std Port, HTTP Numeric IP Address
+         detected: [....63] [ip4][..tcp] [.....10.0.0.227][56955] -> [.....10.0.0.151][.8060] [HTTP][Web][Acceptable]
+                   RISK: Known Proto on Non Std Port, HTTP Numeric IP Address
+              new: [....64] [ip4][..udp] [.....10.0.0.149][49816] -> [.....10.0.0.227][57547] 
+         detected: [....64] [ip4][..udp] [.....10.0.0.149][49816] -> [.....10.0.0.227][57547] [SSDP][System][Acceptable]
+              new: [....65] [ip4][..udp] [.....10.0.0.149][48166] -> [.....10.0.0.227][57547] 
+         detected: [....65] [ip4][..udp] [.....10.0.0.149][48166] -> [.....10.0.0.227][57547] [SSDP][System][Acceptable]
+              new: [....66] [ip4][..udp] [.....10.0.0.149][51382] -> [.....10.0.0.227][57547] 
+         detected: [....66] [ip4][..udp] [.....10.0.0.149][51382] -> [.....10.0.0.227][57547] [SSDP][System][Acceptable]
+              new: [....67] [ip4][..udp] [.....10.0.0.227][..137] -> [.....10.0.0.255][..137] 
+         detected: [....67] [ip4][..udp] [.....10.0.0.227][..137] -> [.....10.0.0.255][..137] [NetBIOS][System][Acceptable]
+           update: [.....5] [ip6][icmp6] [..............fe80::2e7e:81ff:feb0:4aa1] -> [................................ff02::1] [ICMPV6][Network][Acceptable]
+           update: [....17] [ip4][.icmp] [.....10.0.0.227] -> [....75.75.76.76] [ICMP][Network][Acceptable]
+           update: [....23] [ip6][icmp6] [...............fe80::408:3e45:3abc:1552] -> [...............................ff02::16] [ICMPV6][Network][Acceptable]
+              new: [....68] [ip4][..udp] [.....10.0.0.149][.5353] -> [....224.0.0.251][.5353] 
+         detected: [....68] [ip4][..udp] [.....10.0.0.149][.5353] -> [....224.0.0.251][.5353] [MDNS][Network][Acceptable]
+ detection-update: [....68] [ip4][..udp] [.....10.0.0.149][.5353] -> [....224.0.0.251][.5353] [MDNS][Network][Acceptable]
+ detection-update: [....68] [ip4][..udp] [.....10.0.0.149][.5353] -> [....224.0.0.251][.5353] [MDNS][Network][Acceptable]
+              new: [....69] [ip4][.icmp] [.......10.0.0.1] -> [......224.0.0.1] 
+         detected: [....69] [ip4][.icmp] [.......10.0.0.1] -> [......224.0.0.1] [ICMP][Network][Acceptable]
+             idle: [....57] [ip4][..udp] [.....10.0.0.227][57547] -> [239.255.255.250][.1900] [SSDP][System][Acceptable]
+             idle: [....25] [ip4][..tcp] [.....10.0.0.227][56884] -> [...184.25.56.77][...80] [HTTP][ConnCheck][Acceptable]
+          guessed: [.....1] [ip4][..tcp] [.....10.0.0.227][56885] -> [...184.25.56.53][...80] [HTTP][Web][Acceptable]
+              end: [.....1] [ip4][..tcp] [.....10.0.0.227][56885] -> [...184.25.56.53][...80] 
+             idle: [....61] [ip4][..udp] [.....10.0.0.151][.1900] -> [.....10.0.0.227][57547] [SSDP][System][Acceptable]
+             idle: [....24] [ip4][..tcp] [.....10.0.0.227][56917] -> [...184.25.56.77][...80] [HTTP][ConnCheck][Acceptable]
+             idle: [....69] [ip4][.icmp] [.......10.0.0.1] -> [......224.0.0.1] [ICMP][Network][Acceptable]
+             idle: [....21] [ip4][....2] [.....10.0.0.213] -> [....224.0.0.251] [IGMP][Network][Acceptable]
+             idle: [....20] [ip4][....2] [.....10.0.0.213] -> [......224.0.0.2] [IGMP][Network][Acceptable]
+             idle: [.....6] [ip4][....2] [.....10.0.0.149] -> [....224.0.0.251] [IGMP][Network][Acceptable]
+             idle: [.....4] [ip4][....2] [.......10.0.0.1] -> [......224.0.0.1] [IGMP][Network][Acceptable]
+             idle: [....67] [ip4][..udp] [.....10.0.0.227][..137] -> [.....10.0.0.255][..137] [NetBIOS][System][Acceptable]
+             idle: [....29] [ip4][..tcp] [.....10.0.0.227][56910] -> [...35.201.124.9][..443] 
+             idle: [....31] [ip4][..udp] [.....10.0.0.227][64972] -> [....75.75.75.75][...53] 
+             idle: [....66] [ip4][..udp] [.....10.0.0.149][51382] -> [.....10.0.0.227][57547] [SSDP][System][Acceptable]
+             idle: [....26] [ip4][..udp] [.....10.0.0.227][54851] -> [....75.75.76.76][...53] [DNS][Network][Acceptable]
+             idle: [....22] [ip4][..udp] [.....10.0.0.227][.5353] -> [.....10.0.0.213][.5353] [MDNS][Network][Acceptable]
+             idle: [....16] [ip4][..udp] [.....10.0.0.227][63107] -> [....75.75.76.76][...53] [DNS][Network][Acceptable]
+             idle: [....34] [ip4][..udp] [.....10.0.0.227][52879] -> [....75.75.75.75][...53] [DNS][Network][Acceptable]
+             idle: [.....9] [ip4][..udp] [.....10.0.0.227][52879] -> [....75.75.76.76][...53] [DNS][Network][Acceptable]
+             idle: [....43] [ip4][..tcp] [.....10.0.0.227][56879] -> [..52.10.115.210][..443] 
+             idle: [....58] [ip4][..udp] [.....10.0.0.227][54107] -> [....8.37.102.91][..443] [DTLS][Web][Safe]
+                   RISK: Obsolete TLS (v1.1 or older)
+             idle: [....36] [ip4][..udp] [.....10.0.0.227][57017] -> [....75.75.75.75][...53] [DNS][Network][Acceptable]
+             idle: [.....5] [ip6][icmp6] [..............fe80::2e7e:81ff:feb0:4aa1] -> [................................ff02::1] [ICMPV6][Network][Acceptable]
+             idle: [....68] [ip4][..udp] [.....10.0.0.149][.5353] -> [....224.0.0.251][.5353] [MDNS][Network][Acceptable]
+             idle: [....18] [ip4][..udp] [.....10.0.0.213][.5353] -> [....224.0.0.251][.5353] [MDNS][Network][Acceptable]
+             idle: [....35] [ip4][..udp] [.....10.0.0.227][59222] -> [....75.75.75.75][...53] [DNS][Network][Acceptable]
+             idle: [....46] [ip4][..udp] [.....10.0.0.227][51060] -> [....75.75.75.75][...53] [DNS.ApplePush][Cloud][Acceptable]
+             idle: [....41] [ip4][..udp] [.....10.0.0.227][57253] -> [....75.75.75.75][...53] [DNS][Network][Acceptable]
+             idle: [....33] [ip4][..udp] [.....10.0.0.227][57261] -> [....75.75.75.75][...53] [DNS][Network][Acceptable]
+             idle: [....17] [ip4][.icmp] [.....10.0.0.227] -> [....75.75.76.76] [ICMP][Network][Acceptable]
+             idle: [.....3] [ip4][..tcp] [.....10.0.0.227][56320] -> [.....10.0.0.149][.8009] [TLS][Web][Safe]
+                   RISK: Known Proto on Non Std Port
+             idle: [....10] [ip4][..udp] [.....10.0.0.227][61387] -> [....75.75.75.75][...53] [DNS][Network][Acceptable]
+             idle: [....64] [ip4][..udp] [.....10.0.0.149][49816] -> [.....10.0.0.227][57547] [SSDP][System][Acceptable]
+              end: [....44] [ip4][..tcp] [.....10.0.0.227][56886] -> [..17.57.144.116][.5223] [TLS.Apple][Web][Safe]
+                   RISK: Known Proto on Non Std Port
+             idle: [....30] [ip4][..tcp] [.....10.0.0.227][56921] -> [....8.37.96.194][.4287] [TLS][Web][Safe]
+                   RISK: Known Proto on Non Std Port, Self-signed Cert, TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn
+             idle: [....23] [ip6][icmp6] [...............fe80::408:3e45:3abc:1552] -> [...............................ff02::16] [ICMPV6][Network][Acceptable]
+             idle: [....32] [ip4][..udp] [.....10.0.0.227][61613] -> [....75.75.75.75][...53] 
+             idle: [....47] [ip4][..udp] [.....10.0.0.227][59582] -> [....75.75.75.75][...53] [DNS.ApplePush][Cloud][Acceptable]
+             idle: [....59] [ip4][..udp] [.....10.0.0.149][50081] -> [.....10.0.0.227][57547] [SSDP][System][Acceptable]
+          guessed: [....51] [ip4][..tcp] [.....10.0.0.227][56871] -> [...8.37.103.196][..443] [TLS][Web][Safe]
+              end: [....51] [ip4][..tcp] [.....10.0.0.227][56871] -> [...8.37.103.196][..443] 
+             idle: [....65] [ip4][..udp] [.....10.0.0.149][48166] -> [.....10.0.0.227][57547] [SSDP][System][Acceptable]
+              end: [....12] [ip4][..tcp] [.....10.0.0.227][56918] -> [....8.37.102.91][..443] 
+              end: [....15] [ip4][..tcp] [.....10.0.0.227][56919] -> [....8.37.102.91][..443] [TLS][Web][Safe]
+                   RISK: Weak TLS Cipher, Missing SNI TLS Extn
+             idle: [....38] [ip4][..tcp] [.....10.0.0.227][56929] -> [....8.37.102.91][..443] [TLS][Web][Safe]
+                   RISK: Weak TLS Cipher, TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn
+          guessed: [....53] [ip4][..tcp] [.....10.0.0.227][56874] -> [.74.125.197.188][..443] [TLS.Google][Web][Acceptable]
+              end: [....53] [ip4][..tcp] [.....10.0.0.227][56874] -> [.74.125.197.188][..443] 
+             idle: [....14] [ip4][..tcp] [.....10.0.0.227][56914] -> [..52.37.243.173][..443] 
+             idle: [....13] [ip4][..tcp] [.....10.0.0.227][56915] -> [..52.37.243.173][..443] 
+          guessed: [....39] [ip4][..tcp] [.....10.0.0.227][56865] -> [.....10.0.0.149][.8008] [CiscoVPN][VPN][Acceptable]
+              end: [....39] [ip4][..tcp] [.....10.0.0.227][56865] -> [.....10.0.0.149][.8008] 
+          guessed: [.....2] [ip4][..tcp] [.....10.0.0.227][56916] -> [.....10.0.0.151][.8009] [AJP][Web][Acceptable]
+             idle: [.....2] [ip4][..tcp] [.....10.0.0.227][56916] -> [.....10.0.0.151][.8009] 
+     not-detected: [....40] [ip4][..tcp] [.....10.0.0.227][56866] -> [.....10.0.0.151][.8060] [Unknown][Unrated]
+              end: [....40] [ip4][..tcp] [.....10.0.0.227][56866] -> [.....10.0.0.151][.8060] 
+             idle: [....62] [ip4][..tcp] [.....10.0.0.227][56954] -> [.....10.0.0.149][.8008] [HTTP][Web][Acceptable]
+                   RISK: Known Proto on Non Std Port, HTTP Numeric IP Address
+             idle: [....19] [ip6][..udp] [...............fe80::408:3e45:3abc:1552][.5353] -> [...............................ff02::fb][.5353] [MDNS][Network][Acceptable]
+             idle: [....50] [ip4][..udp] [.....10.0.0.227][49781] -> [....75.75.75.75][...53] [DNS][Network][Acceptable]
+              end: [....63] [ip4][..tcp] [.....10.0.0.227][56955] -> [.....10.0.0.151][.8060] [HTTP][Web][Acceptable]
+                   RISK: Known Proto on Non Std Port, HTTP Numeric IP Address
+     not-detected: [....60] [ip4][..udp] [.....10.0.0.227][52595] -> [.......10.0.0.1][..192] [Unknown][Unrated]
+             idle: [....60] [ip4][..udp] [.....10.0.0.227][52595] -> [.......10.0.0.1][..192] 
+             idle: [....48] [ip4][..udp] [.....10.0.0.227][64193] -> [....75.75.75.75][...53] [DNS.ApplePush][Cloud][Acceptable]
+             idle: [....52] [ip4][..udp] [.....10.0.0.227][58074] -> [....75.75.75.75][...53] [DNS][Network][Acceptable]
+              end: [....28] [ip4][..tcp] [.....10.0.0.227][56920] -> [...99.86.34.156][..443] [TLS.Slack][Collaborative][Acceptable]
+             idle: [....55] [ip4][..udp] [.....10.0.0.149][38616] -> [.....10.0.0.227][61328] [SSDP][System][Acceptable]
+          guessed: [....37] [ip4][..tcp] [.....10.0.0.227][56881] -> [.162.222.43.153][..443] [TLS][Web][Safe]
+             idle: [....37] [ip4][..tcp] [.....10.0.0.227][56881] -> [.162.222.43.153][..443] 
+             idle: [....49] [ip4][..udp] [.....10.0.0.227][51990] -> [....75.75.75.75][...53] [DNS][Network][Acceptable]
+             idle: [....27] [ip4][..udp] [.....10.0.0.227][58155] -> [....75.75.76.76][...53] [DNS.Slack][Collaborative][Acceptable]
+             idle: [....54] [ip4][..udp] [.....10.0.0.227][61328] -> [239.255.255.250][.1900] [SSDP][System][Acceptable]
+             idle: [....11] [ip4][..udp] [.....10.0.0.227][62322] -> [....75.75.76.76][...53] [DNS][Network][Acceptable]
+             idle: [....56] [ip4][..udp] [.....10.0.0.151][.1900] -> [.....10.0.0.227][61328] [SSDP][System][Acceptable]
+             idle: [....45] [ip4][..udp] [.....10.0.0.227][60341] -> [....75.75.75.75][...53] [DNS.Apple][Web][Safe]
+             idle: [....42] [ip4][..udp] [.....10.0.0.227][62427] -> [....75.75.75.75][...53] [DNS][ConnCheck][Acceptable]
+             idle: [.....8] [ip4][....2] [.....10.0.0.149] -> [239.255.255.250] [IGMP][Network][Acceptable]
+             idle: [.....7] [ip4][....2] [.....10.0.0.149] -> [...239.255.3.22] [IGMP][Network][Acceptable]
+     DAEMON-EVENT: shutdown

test/results/flow-info/anydesk.pcapng.out

@@ -0,0 +1,75 @@
+     DAEMON-EVENT: init
+     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....1] [ip4][..tcp] [192.168.149.129][36351] -> [..51.83.239.144][...80] [MIDSTREAM] 
+         detected: [.....1] [ip4][..tcp] [192.168.149.129][36351] -> [..51.83.239.144][...80] [TLS.AnyDesk][RemoteAccess][Acceptable]
+                   RISK: Known Proto on Non Std Port, Desktop/File Sharing
+              new: [.....2] [ip4][..tcp] [192.168.149.129][43535] -> [..51.83.238.219][...80] 
+         detected: [.....2] [ip4][..tcp] [192.168.149.129][43535] -> [..51.83.238.219][...80] [TLS.AnyDesk][RemoteAccess][Acceptable]
+                   RISK: Known Proto on Non Std Port, TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn, Desktop/File Sharing
+ detection-update: [.....2] [ip4][..tcp] [192.168.149.129][43535] -> [..51.83.238.219][...80] [TLS.AnyDesk][RemoteAccess][Acceptable]
+                   RISK: Known Proto on Non Std Port, TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn, Desktop/File Sharing
+ detection-update: [.....2] [ip4][..tcp] [192.168.149.129][43535] -> [..51.83.238.219][...80] [TLS.AnyDesk][RemoteAccess][Acceptable]
+                   RISK: Known Proto on Non Std Port, TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn, Desktop/File Sharing
+          analyse: [.....2] [ip4][..tcp] [192.168.149.129][43535] -> [..51.83.238.219][...80] 
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|   1.603|   0.177|   0.394]
+                   [IAT(c->s)...:    0.000|   1.216|   0.138|   0.310][IAT(s->c)...:    0.000|   1.603|   0.208|   0.450]
+                   [PKTLEN(c->s):   54.000|1514.000| 435.100| 567.000][PKTLEN(s->c):   60.000|1514.000| 381.600| 543.300]
+                   [BINS(c->s)..: 8,0,1,0,1,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,1,0,0,0,0,0,0,0,2,0,0]
+                   [BINS(s->c)..: 9,2,1,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,2,0,0,0,0,1,0,0]
+ detection-update: [.....2] [ip4][..tcp] [192.168.149.129][43535] -> [..51.83.238.219][...80] [TLS.AnyDesk][RemoteAccess][Acceptable]
+                   RISK: Known Proto on Non Std Port, TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn, Desktop/File Sharing
+     DAEMON-EVENT: [Processed: 6963 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 2 / 2|skipped: 0|!detected: 0|guessed: 0|detection-updates: 3|updates: 0]
+              new: [.....3] [ip4][..udp] [..192.168.1.187][59511] -> [....192.168.1.1][...53] 
+         detected: [.....3] [ip4][..udp] [..192.168.1.187][59511] -> [....192.168.1.1][...53] [DNS.AnyDesk][RemoteAccess][Acceptable]
+ detection-update: [.....3] [ip4][..udp] [..192.168.1.187][59511] -> [....192.168.1.1][...53] [DNS.AnyDesk][RemoteAccess][Acceptable]
+              new: [.....4] [ip4][..udp] [..192.168.1.187][55376] -> [....192.168.1.1][...53] 
+         detected: [.....4] [ip4][..udp] [..192.168.1.187][55376] -> [....192.168.1.1][...53] [DNS.AnyDesk][RemoteAccess][Acceptable]
+ detection-update: [.....4] [ip4][..udp] [..192.168.1.187][55376] -> [....192.168.1.1][...53] [DNS.AnyDesk][RemoteAccess][Acceptable]
+             idle: [.....1] [ip4][..tcp] [192.168.149.129][36351] -> [..51.83.239.144][...80] [TLS.AnyDesk][RemoteAccess][Acceptable]
+                   RISK: Known Proto on Non Std Port, Desktop/File Sharing
+             idle: [.....2] [ip4][..tcp] [192.168.149.129][43535] -> [..51.83.238.219][...80] [TLS.AnyDesk][RemoteAccess][Acceptable]
+                   RISK: Known Proto on Non Std Port, TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn, Desktop/File Sharing
+              new: [.....5] [ip4][..tcp] [..192.168.1.187][54164] -> [..192.168.1.178][.7070] 
+         detected: [.....5] [ip4][..tcp] [..192.168.1.187][54164] -> [..192.168.1.178][.7070] [TLS][Web][Safe]
+                   RISK: Known Proto on Non Std Port, TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn
+ detection-update: [.....5] [ip4][..tcp] [..192.168.1.187][54164] -> [..192.168.1.178][.7070] [TLS.AnyDesk][RemoteAccess][Acceptable]
+                   RISK: Known Proto on Non Std Port, TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn, Desktop/File Sharing
+              new: [.....6] [ip4][..tcp] [..192.168.1.178][52039] -> [..192.168.1.187][.7070] 
+         detected: [.....6] [ip4][..tcp] [..192.168.1.178][52039] -> [..192.168.1.187][.7070] [TLS][Web][Safe]
+                   RISK: Known Proto on Non Std Port, TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn
+ detection-update: [.....6] [ip4][..tcp] [..192.168.1.178][52039] -> [..192.168.1.187][.7070] [TLS.AnyDesk][RemoteAccess][Acceptable]
+                   RISK: Known Proto on Non Std Port, Weak TLS Cipher, TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn, Desktop/File Sharing
+          analyse: [.....5] [ip4][..tcp] [..192.168.1.187][54164] -> [..192.168.1.178][.7070] [TLS.AnyDesk][RemoteAccess][Acceptable]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|   3.022|   0.471|   0.869]
+                   [IAT(c->s)...:    0.000|   2.967|   0.489|   0.871][IAT(s->c)...:    0.000|   3.022|   0.454|   0.866]
+                   [PKTLEN(c->s):   54.000|3980.000| 462.900|1028.200][PKTLEN(s->c):   60.000|1514.000| 209.500| 377.600]
+                   [BINS(c->s)..: 6,4,1,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,1]
+                   [BINS(s->c)..: 11,3,0,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0]
+     DAEMON-EVENT: [Processed: 9484 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 4 / 6|skipped: 0|!detected: 0|guessed: 0|detection-updates: 7|updates: 0]
+              new: [.....7] [ip4][..tcp] [..192.168.1.128][48260] -> [195.181.174.176][..443] 
+         detected: [.....7] [ip4][..tcp] [..192.168.1.128][48260] -> [195.181.174.176][..443] [TLS][Web][Safe]
+                   RISK: Missing SNI TLS Extn
+ detection-update: [.....7] [ip4][..tcp] [..192.168.1.128][48260] -> [195.181.174.176][..443] [TLS][Web][Safe]
+                   RISK: Missing SNI TLS Extn
+ detection-update: [.....7] [ip4][..tcp] [..192.168.1.128][48260] -> [195.181.174.176][..443] [TLS.AnyDesk][RemoteAccess][Acceptable]
+                   RISK: Missing SNI TLS Extn, Desktop/File Sharing
+          analyse: [.....7] [ip4][..tcp] [..192.168.1.128][48260] -> [195.181.174.176][..443] [TLS.AnyDesk][RemoteAccess][Acceptable]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|   8.445|   0.583|   2.064]
+                   [IAT(c->s)...:    0.000|   8.428|   0.592|   2.095][IAT(s->c)...:    0.000|   8.445|   0.575|   2.034]
+                   [PKTLEN(c->s):   66.000|1514.000| 430.100| 552.300][PKTLEN(s->c):   66.000|1514.000| 255.800| 413.300]
+                   [BINS(c->s)..: 8,0,2,0,1,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,1,0,0,0,0,0,0,2,0,0]
+                   [BINS(s->c)..: 7,4,2,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,1,0,0]
+              end: [.....6] [ip4][..tcp] [..192.168.1.178][52039] -> [..192.168.1.187][.7070] 
+             idle: [.....5] [ip4][..tcp] [..192.168.1.187][54164] -> [..192.168.1.178][.7070] [TLS.AnyDesk][RemoteAccess][Acceptable]
+                   RISK: Known Proto on Non Std Port, TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn, Desktop/File Sharing
+             idle: [.....4] [ip4][..udp] [..192.168.1.187][55376] -> [....192.168.1.1][...53] [DNS.AnyDesk][RemoteAccess][Acceptable]
+             idle: [.....3] [ip4][..udp] [..192.168.1.187][59511] -> [....192.168.1.1][...53] [DNS.AnyDesk][RemoteAccess][Acceptable]
+             idle: [.....7] [ip4][..tcp] [..192.168.1.128][48260] -> [195.181.174.176][..443] [TLS.AnyDesk][RemoteAccess][Acceptable]
+                   RISK: Missing SNI TLS Extn, Desktop/File Sharing
+     DAEMON-EVENT: shutdown

test/results/flow-info/avast.pcap.out

@@ -0,0 +1,70 @@
+     DAEMON-EVENT: init
+     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....1] [ip4][..tcp] [..192.168.2.100][64357] -> [.....5.62.54.29][...80] 
+         detected: [.....1] [ip4][..tcp] [..192.168.2.100][64357] -> [.....5.62.54.29][...80] [AVAST][Network][Safe]
+     DAEMON-EVENT: [Processed: 13 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 1 / 1|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+     DAEMON-EVENT: [Processed: 15 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 1 / 1|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....2] [ip4][..tcp] [..192.168.2.100][64701] -> [.....5.62.53.53][...80] 
+         detected: [.....2] [ip4][..tcp] [..192.168.2.100][64701] -> [.....5.62.53.53][...80] [AVAST][Network][Safe]
+             idle: [.....1] [ip4][..tcp] [..192.168.2.100][64357] -> [.....5.62.54.29][...80] [AVAST][Network][Safe]
+     DAEMON-EVENT: [Processed: 28 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 1 / 2|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+     DAEMON-EVENT: [Processed: 30 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 1 / 2|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....3] [ip4][..tcp] [..192.168.2.100][64903] -> [.....5.62.53.53][...80] 
+         detected: [.....3] [ip4][..tcp] [..192.168.2.100][64903] -> [.....5.62.53.53][...80] [AVAST][Network][Safe]
+             idle: [.....2] [ip4][..tcp] [..192.168.2.100][64701] -> [.....5.62.53.53][...80] [AVAST][Network][Safe]
+     DAEMON-EVENT: [Processed: 39 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 1 / 3|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+     DAEMON-EVENT: [Processed: 43 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 1 / 3|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+     DAEMON-EVENT: [Processed: 45 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 1 / 3|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....4] [ip4][..tcp] [..192.168.2.100][58030] -> [.....5.62.54.89][...80] 
+         detected: [.....4] [ip4][..tcp] [..192.168.2.100][58030] -> [.....5.62.54.89][...80] [AVAST][Network][Safe]
+             idle: [.....3] [ip4][..tcp] [..192.168.2.100][64903] -> [.....5.62.53.53][...80] [AVAST][Network][Safe]
+     DAEMON-EVENT: [Processed: 56 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 1 / 4|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+     DAEMON-EVENT: [Processed: 60 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 1 / 4|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....5] [ip4][..tcp] [..192.168.2.100][49758] -> [.....5.62.53.53][...80] 
+         detected: [.....5] [ip4][..tcp] [..192.168.2.100][49758] -> [.....5.62.53.53][...80] [AVAST][Network][Safe]
+             idle: [.....4] [ip4][..tcp] [..192.168.2.100][58030] -> [.....5.62.54.89][...80] [AVAST][Network][Safe]
+     DAEMON-EVENT: [Processed: 69 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 1 / 5|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+     DAEMON-EVENT: [Processed: 73 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 1 / 5|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+     DAEMON-EVENT: [Processed: 75 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 1 / 5|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....6] [ip4][..tcp] [..192.168.2.100][49532] -> [.....5.62.54.89][...80] 
+         detected: [.....6] [ip4][..tcp] [..192.168.2.100][49532] -> [.....5.62.54.89][...80] [AVAST][Network][Safe]
+             idle: [.....5] [ip4][..tcp] [..192.168.2.100][49758] -> [.....5.62.53.53][...80] [AVAST][Network][Safe]
+     DAEMON-EVENT: [Processed: 88 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 1 / 6|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+     DAEMON-EVENT: [Processed: 90 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 1 / 6|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....7] [ip4][..tcp] [..192.168.2.100][58412] -> [.....5.62.54.29][...80] 
+         detected: [.....7] [ip4][..tcp] [..192.168.2.100][58412] -> [.....5.62.54.29][...80] [AVAST][Network][Safe]
+             idle: [.....6] [ip4][..tcp] [..192.168.2.100][49532] -> [.....5.62.54.89][...80] [AVAST][Network][Safe]
+              new: [.....8] [ip4][..tcp] [..192.168.2.100][54405] -> [.....5.62.54.89][...80] 
+         detected: [.....8] [ip4][..tcp] [..192.168.2.100][54405] -> [.....5.62.54.89][...80] [AVAST][Network][Safe]
+     DAEMON-EVENT: [Processed: 109 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 2 / 8|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              end: [.....7] [ip4][..tcp] [..192.168.2.100][58412] -> [.....5.62.54.29][...80] [AVAST][Network][Safe]
+     DAEMON-EVENT: [Processed: 112 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 1 / 8|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....9] [ip4][..tcp] [..192.168.2.100][57727] -> [.....5.62.54.29][...80] 
+         detected: [.....9] [ip4][..tcp] [..192.168.2.100][57727] -> [.....5.62.54.29][...80] [AVAST][Network][Safe]
+              end: [.....8] [ip4][..tcp] [..192.168.2.100][54405] -> [.....5.62.54.89][...80] [AVAST][Network][Safe]
+     DAEMON-EVENT: [Processed: 123 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 1 / 9|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+     DAEMON-EVENT: [Processed: 127 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 1 / 9|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [....10] [ip4][..tcp] [..192.168.2.100][62741] -> [....5.62.53.131][...80] 
+         detected: [....10] [ip4][..tcp] [..192.168.2.100][62741] -> [....5.62.53.131][...80] [AVAST][Network][Safe]
+             idle: [.....9] [ip4][..tcp] [..192.168.2.100][57727] -> [.....5.62.54.29][...80] [AVAST][Network][Safe]
+             idle: [....10] [ip4][..tcp] [..192.168.2.100][62741] -> [....5.62.53.131][...80] [AVAST][Network][Safe]
+     DAEMON-EVENT: shutdown

test/results/flow-info/avast_securedns.pcapng.out

@@ -0,0 +1,154 @@
+     DAEMON-EVENT: init
+     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....1] [ip4][..udp] [..192.168.2.100][57970] -> [.181.214.35.149][..443] 
+         detected: [.....1] [ip4][..udp] [..192.168.2.100][57970] -> [.181.214.35.149][..443] [AVASTSecureDNS][Network][Safe]
+     DAEMON-EVENT: [Processed: 2 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 1 / 1|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....2] [ip4][..udp] [..192.168.2.100][61201] -> [.181.214.35.149][..443] 
+         detected: [.....2] [ip4][..udp] [..192.168.2.100][61201] -> [.181.214.35.149][..443] [AVASTSecureDNS][Network][Safe]
+              new: [.....3] [ip4][..udp] [..192.168.2.100][60835] -> [.181.214.35.149][..443] 
+         detected: [.....3] [ip4][..udp] [..192.168.2.100][60835] -> [.181.214.35.149][..443] [AVASTSecureDNS][Network][Safe]
+             idle: [.....1] [ip4][..udp] [..192.168.2.100][57970] -> [.181.214.35.149][..443] [AVASTSecureDNS][Network][Safe]
+              new: [.....4] [ip4][..udp] [..192.168.2.100][62775] -> [.181.214.35.149][..443] 
+         detected: [.....4] [ip4][..udp] [..192.168.2.100][62775] -> [.181.214.35.149][..443] [AVASTSecureDNS][Network][Safe]
+     DAEMON-EVENT: [Processed: 8 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 3 / 4|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....5] [ip4][..udp] [..192.168.2.100][56581] -> [.181.214.35.149][..443] 
+         detected: [.....5] [ip4][..udp] [..192.168.2.100][56581] -> [.181.214.35.149][..443] [AVASTSecureDNS][Network][Safe]
+              new: [.....6] [ip4][..udp] [..192.168.2.100][56765] -> [.181.214.35.149][..443] 
+         detected: [.....6] [ip4][..udp] [..192.168.2.100][56765] -> [.181.214.35.149][..443] [AVASTSecureDNS][Network][Safe]
+             idle: [.....2] [ip4][..udp] [..192.168.2.100][61201] -> [.181.214.35.149][..443] [AVASTSecureDNS][Network][Safe]
+             idle: [.....4] [ip4][..udp] [..192.168.2.100][62775] -> [.181.214.35.149][..443] [AVASTSecureDNS][Network][Safe]
+             idle: [.....3] [ip4][..udp] [..192.168.2.100][60835] -> [.181.214.35.149][..443] [AVASTSecureDNS][Network][Safe]
+     DAEMON-EVENT: [Processed: 12 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 2 / 6|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....7] [ip4][..udp] [..192.168.2.100][50581] -> [.181.214.35.149][..443] 
+         detected: [.....7] [ip4][..udp] [..192.168.2.100][50581] -> [.181.214.35.149][..443] [AVASTSecureDNS][Network][Safe]
+              new: [.....8] [ip4][..udp] [..192.168.2.100][61107] -> [.181.214.35.149][..443] 
+         detected: [.....8] [ip4][..udp] [..192.168.2.100][61107] -> [.181.214.35.149][..443] [AVASTSecureDNS][Network][Safe]
+             idle: [.....5] [ip4][..udp] [..192.168.2.100][56581] -> [.181.214.35.149][..443] [AVASTSecureDNS][Network][Safe]
+             idle: [.....6] [ip4][..udp] [..192.168.2.100][56765] -> [.181.214.35.149][..443] [AVASTSecureDNS][Network][Safe]
+     DAEMON-EVENT: [Processed: 16 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 2 / 8|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....9] [ip4][..udp] [..192.168.2.100][64954] -> [.181.214.35.149][..443] 
+         detected: [.....9] [ip4][..udp] [..192.168.2.100][64954] -> [.181.214.35.149][..443] [AVASTSecureDNS][Network][Safe]
+              new: [....10] [ip4][..udp] [..192.168.2.100][59621] -> [.181.214.35.149][..443] 
+         detected: [....10] [ip4][..udp] [..192.168.2.100][59621] -> [.181.214.35.149][..443] [AVASTSecureDNS][Network][Safe]
+             idle: [.....7] [ip4][..udp] [..192.168.2.100][50581] -> [.181.214.35.149][..443] [AVASTSecureDNS][Network][Safe]
+             idle: [.....8] [ip4][..udp] [..192.168.2.100][61107] -> [.181.214.35.149][..443] [AVASTSecureDNS][Network][Safe]
+     DAEMON-EVENT: [Processed: 20 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 2 / 10|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [....11] [ip4][..udp] [..192.168.2.100][52485] -> [.181.214.35.149][..443] 
+         detected: [....11] [ip4][..udp] [..192.168.2.100][52485] -> [.181.214.35.149][..443] [AVASTSecureDNS][Network][Safe]
+              new: [....12] [ip4][..udp] [..192.168.2.100][54938] -> [.181.214.35.149][..443] 
+         detected: [....12] [ip4][..udp] [..192.168.2.100][54938] -> [.181.214.35.149][..443] [AVASTSecureDNS][Network][Safe]
+             idle: [....10] [ip4][..udp] [..192.168.2.100][59621] -> [.181.214.35.149][..443] [AVASTSecureDNS][Network][Safe]
+             idle: [.....9] [ip4][..udp] [..192.168.2.100][64954] -> [.181.214.35.149][..443] [AVASTSecureDNS][Network][Safe]
+     DAEMON-EVENT: [Processed: 24 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 2 / 12|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [....13] [ip4][..udp] [..192.168.2.100][56839] -> [.181.214.35.149][..443] 
+         detected: [....13] [ip4][..udp] [..192.168.2.100][56839] -> [.181.214.35.149][..443] [AVASTSecureDNS][Network][Safe]
+             idle: [....11] [ip4][..udp] [..192.168.2.100][52485] -> [.181.214.35.149][..443] [AVASTSecureDNS][Network][Safe]
+             idle: [....12] [ip4][..udp] [..192.168.2.100][54938] -> [.181.214.35.149][..443] [AVASTSecureDNS][Network][Safe]
+     DAEMON-EVENT: [Processed: 26 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 1 / 13|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [....14] [ip4][..udp] [..192.168.2.100][58155] -> [.181.214.35.149][..443] 
+         detected: [....14] [ip4][..udp] [..192.168.2.100][58155] -> [.181.214.35.149][..443] [AVASTSecureDNS][Network][Safe]
+              new: [....15] [ip4][..udp] [..192.168.2.100][64487] -> [.181.214.35.149][..443] 
+         detected: [....15] [ip4][..udp] [..192.168.2.100][64487] -> [.181.214.35.149][..443] [AVASTSecureDNS][Network][Safe]
+              new: [....16] [ip4][..udp] [..192.168.2.100][49704] -> [.181.214.35.149][..443] 
+         detected: [....16] [ip4][..udp] [..192.168.2.100][49704] -> [.181.214.35.149][..443] [AVASTSecureDNS][Network][Safe]
+             idle: [....13] [ip4][..udp] [..192.168.2.100][56839] -> [.181.214.35.149][..443] [AVASTSecureDNS][Network][Safe]
+              new: [....17] [ip4][..udp] [..192.168.2.100][55311] -> [.181.214.35.149][..443] 
+         detected: [....17] [ip4][..udp] [..192.168.2.100][55311] -> [.181.214.35.149][..443] [AVASTSecureDNS][Network][Safe]
+              new: [....18] [ip4][..udp] [..192.168.2.100][56111] -> [.181.214.35.149][..443] 
+         detected: [....18] [ip4][..udp] [..192.168.2.100][56111] -> [.181.214.35.149][..443] [AVASTSecureDNS][Network][Safe]
+     DAEMON-EVENT: [Processed: 36 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 5 / 18|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [....19] [ip4][..udp] [..192.168.2.100][64494] -> [.181.214.35.149][..443] 
+         detected: [....19] [ip4][..udp] [..192.168.2.100][64494] -> [.181.214.35.149][..443] [AVASTSecureDNS][Network][Safe]
+              new: [....20] [ip4][..udp] [..192.168.2.100][51415] -> [.181.214.35.149][..443] 
+         detected: [....20] [ip4][..udp] [..192.168.2.100][51415] -> [.181.214.35.149][..443] [AVASTSecureDNS][Network][Safe]
+             idle: [....17] [ip4][..udp] [..192.168.2.100][55311] -> [.181.214.35.149][..443] [AVASTSecureDNS][Network][Safe]
+             idle: [....16] [ip4][..udp] [..192.168.2.100][49704] -> [.181.214.35.149][..443] [AVASTSecureDNS][Network][Safe]
+             idle: [....14] [ip4][..udp] [..192.168.2.100][58155] -> [.181.214.35.149][..443] [AVASTSecureDNS][Network][Safe]
+             idle: [....18] [ip4][..udp] [..192.168.2.100][56111] -> [.181.214.35.149][..443] [AVASTSecureDNS][Network][Safe]
+             idle: [....15] [ip4][..udp] [..192.168.2.100][64487] -> [.181.214.35.149][..443] [AVASTSecureDNS][Network][Safe]
+              new: [....21] [ip4][..udp] [..192.168.2.100][63776] -> [.181.214.35.149][..443] 
+         detected: [....21] [ip4][..udp] [..192.168.2.100][63776] -> [.181.214.35.149][..443] [AVASTSecureDNS][Network][Safe]
+              new: [....22] [ip4][..udp] [..192.168.2.100][50008] -> [.181.214.35.149][..443] 
+         detected: [....22] [ip4][..udp] [..192.168.2.100][50008] -> [.181.214.35.149][..443] [AVASTSecureDNS][Network][Safe]
+              new: [....23] [ip4][..udp] [..192.168.2.100][49737] -> [.181.214.35.149][..443] 
+         detected: [....23] [ip4][..udp] [..192.168.2.100][49737] -> [.181.214.35.149][..443] [AVASTSecureDNS][Network][Safe]
+           update: [....20] [ip4][..udp] [..192.168.2.100][51415] -> [.181.214.35.149][..443] [AVASTSecureDNS][Network][Safe]
+           update: [....19] [ip4][..udp] [..192.168.2.100][64494] -> [.181.214.35.149][..443] [AVASTSecureDNS][Network][Safe]
+              new: [....24] [ip4][..udp] [..192.168.2.100][51887] -> [.181.214.35.149][..443] 
+         detected: [....24] [ip4][..udp] [..192.168.2.100][51887] -> [.181.214.35.149][..443] [AVASTSecureDNS][Network][Safe]
+              new: [....25] [ip4][..udp] [..192.168.2.100][60127] -> [.181.214.35.149][..443] 
+         detected: [....25] [ip4][..udp] [..192.168.2.100][60127] -> [.181.214.35.149][..443] [AVASTSecureDNS][Network][Safe]
+              new: [....26] [ip4][..udp] [..192.168.2.100][54546] -> [.181.214.35.149][..443] 
+         detected: [....26] [ip4][..udp] [..192.168.2.100][54546] -> [.181.214.35.149][..443] [AVASTSecureDNS][Network][Safe]
+           update: [....20] [ip4][..udp] [..192.168.2.100][51415] -> [.181.214.35.149][..443] [AVASTSecureDNS][Network][Safe]
+           update: [....21] [ip4][..udp] [..192.168.2.100][63776] -> [.181.214.35.149][..443] [AVASTSecureDNS][Network][Safe]
+           update: [....23] [ip4][..udp] [..192.168.2.100][49737] -> [.181.214.35.149][..443] [AVASTSecureDNS][Network][Safe]
+           update: [....22] [ip4][..udp] [..192.168.2.100][50008] -> [.181.214.35.149][..443] [AVASTSecureDNS][Network][Safe]
+           update: [....19] [ip4][..udp] [..192.168.2.100][64494] -> [.181.214.35.149][..443] [AVASTSecureDNS][Network][Safe]
+     DAEMON-EVENT: [Processed: 52 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 8 / 26|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 7]
+              new: [....27] [ip4][..udp] [..192.168.2.100][64432] -> [.181.214.35.149][..443] 
+         detected: [....27] [ip4][..udp] [..192.168.2.100][64432] -> [.181.214.35.149][..443] [AVASTSecureDNS][Network][Safe]
+             idle: [....20] [ip4][..udp] [..192.168.2.100][51415] -> [.181.214.35.149][..443] [AVASTSecureDNS][Network][Safe]
+             idle: [....21] [ip4][..udp] [..192.168.2.100][63776] -> [.181.214.35.149][..443] [AVASTSecureDNS][Network][Safe]
+             idle: [....23] [ip4][..udp] [..192.168.2.100][49737] -> [.181.214.35.149][..443] [AVASTSecureDNS][Network][Safe]
+             idle: [....24] [ip4][..udp] [..192.168.2.100][51887] -> [.181.214.35.149][..443] [AVASTSecureDNS][Network][Safe]
+             idle: [....25] [ip4][..udp] [..192.168.2.100][60127] -> [.181.214.35.149][..443] [AVASTSecureDNS][Network][Safe]
+             idle: [....22] [ip4][..udp] [..192.168.2.100][50008] -> [.181.214.35.149][..443] [AVASTSecureDNS][Network][Safe]
+             idle: [....19] [ip4][..udp] [..192.168.2.100][64494] -> [.181.214.35.149][..443] [AVASTSecureDNS][Network][Safe]
+             idle: [....26] [ip4][..udp] [..192.168.2.100][54546] -> [.181.214.35.149][..443] [AVASTSecureDNS][Network][Safe]
+              new: [....28] [ip4][..udp] [..192.168.2.100][59613] -> [.181.214.35.149][..443] 
+         detected: [....28] [ip4][..udp] [..192.168.2.100][59613] -> [.181.214.35.149][..443] [AVASTSecureDNS][Network][Safe]
+              new: [....29] [ip4][..udp] [..192.168.2.100][65063] -> [.181.214.35.149][..443] 
+         detected: [....29] [ip4][..udp] [..192.168.2.100][65063] -> [.181.214.35.149][..443] [AVASTSecureDNS][Network][Safe]
+              new: [....30] [ip4][..udp] [..192.168.2.100][51929] -> [.181.214.35.149][..443] 
+         detected: [....30] [ip4][..udp] [..192.168.2.100][51929] -> [.181.214.35.149][..443] [AVASTSecureDNS][Network][Safe]
+              new: [....31] [ip4][..udp] [..192.168.2.100][52417] -> [.181.214.35.149][..443] 
+         detected: [....31] [ip4][..udp] [..192.168.2.100][52417] -> [.181.214.35.149][..443] [AVASTSecureDNS][Network][Safe]
+           update: [....28] [ip4][..udp] [..192.168.2.100][59613] -> [.181.214.35.149][..443] [AVASTSecureDNS][Network][Safe]
+           update: [....27] [ip4][..udp] [..192.168.2.100][64432] -> [.181.214.35.149][..443] [AVASTSecureDNS][Network][Safe]
+     DAEMON-EVENT: [Processed: 62 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 5 / 31|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 9]
+              new: [....32] [ip4][..udp] [..192.168.2.100][59474] -> [.181.214.35.149][..443] 
+         detected: [....32] [ip4][..udp] [..192.168.2.100][59474] -> [.181.214.35.149][..443] [AVASTSecureDNS][Network][Safe]
+              new: [....33] [ip4][..udp] [..192.168.2.100][53839] -> [.181.214.35.149][..443] 
+         detected: [....33] [ip4][..udp] [..192.168.2.100][53839] -> [.181.214.35.149][..443] [AVASTSecureDNS][Network][Safe]
+             idle: [....28] [ip4][..udp] [..192.168.2.100][59613] -> [.181.214.35.149][..443] [AVASTSecureDNS][Network][Safe]
+             idle: [....30] [ip4][..udp] [..192.168.2.100][51929] -> [.181.214.35.149][..443] [AVASTSecureDNS][Network][Safe]
+             idle: [....27] [ip4][..udp] [..192.168.2.100][64432] -> [.181.214.35.149][..443] [AVASTSecureDNS][Network][Safe]
+             idle: [....31] [ip4][..udp] [..192.168.2.100][52417] -> [.181.214.35.149][..443] [AVASTSecureDNS][Network][Safe]
+             idle: [....29] [ip4][..udp] [..192.168.2.100][65063] -> [.181.214.35.149][..443] [AVASTSecureDNS][Network][Safe]
+     DAEMON-EVENT: [Processed: 66 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 2 / 33|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 9]
+              new: [....34] [ip4][..udp] [..192.168.2.100][55948] -> [.181.214.35.149][..443] 
+         detected: [....34] [ip4][..udp] [..192.168.2.100][55948] -> [.181.214.35.149][..443] [AVASTSecureDNS][Network][Safe]
+              new: [....35] [ip4][..udp] [..192.168.2.100][51383] -> [.181.214.35.149][..443] 
+         detected: [....35] [ip4][..udp] [..192.168.2.100][51383] -> [.181.214.35.149][..443] [AVASTSecureDNS][Network][Safe]
+             idle: [....32] [ip4][..udp] [..192.168.2.100][59474] -> [.181.214.35.149][..443] [AVASTSecureDNS][Network][Safe]
+             idle: [....33] [ip4][..udp] [..192.168.2.100][53839] -> [.181.214.35.149][..443] [AVASTSecureDNS][Network][Safe]
+              new: [....36] [ip4][..udp] [..192.168.2.100][64700] -> [.181.214.35.149][..443] 
+         detected: [....36] [ip4][..udp] [..192.168.2.100][64700] -> [.181.214.35.149][..443] [AVASTSecureDNS][Network][Safe]
+              new: [....37] [ip4][..udp] [..192.168.2.100][54549] -> [.181.214.35.149][..443] 
+         detected: [....37] [ip4][..udp] [..192.168.2.100][54549] -> [.181.214.35.149][..443] [AVASTSecureDNS][Network][Safe]
+     DAEMON-EVENT: [Processed: 73 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 4 / 37|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 9]
+              new: [....38] [ip4][..udp] [..192.168.2.100][54760] -> [.181.214.35.149][..443] 
+         detected: [....38] [ip4][..udp] [..192.168.2.100][54760] -> [.181.214.35.149][..443] [AVASTSecureDNS][Network][Safe]
+              new: [....39] [ip4][..udp] [..192.168.2.100][49152] -> [.181.214.35.149][..443] 
+         detected: [....39] [ip4][..udp] [..192.168.2.100][49152] -> [.181.214.35.149][..443] [AVASTSecureDNS][Network][Safe]
+             idle: [....39] [ip4][..udp] [..192.168.2.100][49152] -> [.181.214.35.149][..443] [AVASTSecureDNS][Network][Safe]
+             idle: [....35] [ip4][..udp] [..192.168.2.100][51383] -> [.181.214.35.149][..443] [AVASTSecureDNS][Network][Safe]
+             idle: [....34] [ip4][..udp] [..192.168.2.100][55948] -> [.181.214.35.149][..443] [AVASTSecureDNS][Network][Safe]
+             idle: [....36] [ip4][..udp] [..192.168.2.100][64700] -> [.181.214.35.149][..443] [AVASTSecureDNS][Network][Safe]
+             idle: [....37] [ip4][..udp] [..192.168.2.100][54549] -> [.181.214.35.149][..443] [AVASTSecureDNS][Network][Safe]
+             idle: [....38] [ip4][..udp] [..192.168.2.100][54760] -> [.181.214.35.149][..443] [AVASTSecureDNS][Network][Safe]
+     DAEMON-EVENT: shutdown

test/results/flow-info/bad-dns-traffic.pcap.out

@@ -0,0 +1,48 @@
+     DAEMON-EVENT: init
+     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....1] [ip4][..udp] [..192.168.43.91][35966] -> [........4.2.2.4][...53] 
+         detected: [.....1] [ip4][..udp] [..192.168.43.91][35966] -> [........4.2.2.4][...53] [DNS][Network][Acceptable]
+                   RISK: Suspicious DGA Domain name
+ detection-update: [.....1] [ip4][..udp] [..192.168.43.91][35966] -> [........4.2.2.4][...53] [DNS][Network][Acceptable]
+                   RISK: Suspicious DGA Domain name
+ detection-update: [.....1] [ip4][..udp] [..192.168.43.91][35966] -> [........4.2.2.4][...53] [DNS][Network][Acceptable]
+                   RISK: Suspicious DGA Domain name, Risky Domain Name
+              new: [.....2] [ip4][..udp] [..192.168.43.91][56354] -> [........4.2.2.4][...53] 
+         detected: [.....2] [ip4][..udp] [..192.168.43.91][56354] -> [........4.2.2.4][...53] [DNS][Network][Acceptable]
+                   RISK: Suspicious DGA Domain name
+ detection-update: [.....2] [ip4][..udp] [..192.168.43.91][56354] -> [........4.2.2.4][...53] [DNS][Network][Acceptable]
+                   RISK: Suspicious DGA Domain name
+ detection-update: [.....2] [ip4][..udp] [..192.168.43.91][56354] -> [........4.2.2.4][...53] [DNS][Network][Acceptable]
+                   RISK: Suspicious DGA Domain name
+ detection-update: [.....2] [ip4][..udp] [..192.168.43.91][56354] -> [........4.2.2.4][...53] [DNS][Network][Acceptable]
+                   RISK: Suspicious DGA Domain name
+ detection-update: [.....2] [ip4][..udp] [..192.168.43.91][56354] -> [........4.2.2.4][...53] [DNS][Network][Acceptable]
+                   RISK: Suspicious DGA Domain name
+ detection-update: [.....2] [ip4][..udp] [..192.168.43.91][56354] -> [........4.2.2.4][...53] [DNS][Network][Acceptable]
+                   RISK: Suspicious DGA Domain name, Risky Domain Name
+          analyse: [.....2] [ip4][..udp] [..192.168.43.91][56354] -> [........4.2.2.4][...53] [DNS][Network][Acceptable]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.063|   4.102|   1.074|   0.689]
+                   [IAT(c->s)...:    0.073|   1.042|   0.918|   0.283][IAT(s->c)...:    0.063|   4.102|   1.290|   0.970]
+                   [PKTLEN(c->s):   95.000| 290.000| 115.300|  44.400][PKTLEN(s->c):  126.000| 323.000| 149.500|  52.200]
+                   [BINS(c->s)..: 0,13,5,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 0,0,10,1,1,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+           update: [.....1] [ip4][..udp] [..192.168.43.91][35966] -> [........4.2.2.4][...53] [DNS][Network][Acceptable]
+                   RISK: Suspicious DGA Domain name, Risky Domain Name
+           update: [.....2] [ip4][..udp] [..192.168.43.91][56354] -> [........4.2.2.4][...53] [DNS][Network][Acceptable]
+                   RISK: Suspicious DGA Domain name, Risky Domain Name
+           update: [.....1] [ip4][..udp] [..192.168.43.91][35966] -> [........4.2.2.4][...53] [DNS][Network][Acceptable]
+                   RISK: Suspicious DGA Domain name, Risky Domain Name
+              new: [.....3] [ip4][..udp] [..192.168.43.91][46961] -> [........4.2.2.4][...53] 
+         detected: [.....3] [ip4][..udp] [..192.168.43.91][46961] -> [........4.2.2.4][...53] [DNS][Network][Acceptable]
+                   RISK: Suspicious DGA Domain name
+ detection-update: [.....3] [ip4][..udp] [..192.168.43.91][46961] -> [........4.2.2.4][...53] [DNS][Network][Acceptable]
+                   RISK: Suspicious DGA Domain name, Risky Domain Name
+             idle: [.....3] [ip4][..udp] [..192.168.43.91][46961] -> [........4.2.2.4][...53] [DNS][Network][Acceptable]
+                   RISK: Suspicious DGA Domain name, Risky Domain Name
+             idle: [.....2] [ip4][..udp] [..192.168.43.91][56354] -> [........4.2.2.4][...53] [DNS][Network][Acceptable]
+                   RISK: Suspicious DGA Domain name, Risky Domain Name
+             idle: [.....1] [ip4][..udp] [..192.168.43.91][35966] -> [........4.2.2.4][...53] [DNS][Network][Acceptable]
+                   RISK: Suspicious DGA Domain name, Risky Domain Name
+     DAEMON-EVENT: shutdown

test/results/flow-info/badpackets.pcap.out

@@ -0,0 +1,106 @@
+     DAEMON-EVENT: init
+     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: Captured packet size is smaller than expected packet size
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: Captured packet size is smaller than expected packet size
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: Captured packet size is smaller than expected packet size
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: Captured packet size is smaller than expected packet size
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: Captured packet size is smaller than expected packet size
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: Captured packet size is smaller than expected packet size
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: Captured packet size is smaller than expected packet size
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+     DAEMON-EVENT: shutdown

test/results/flow-info/bitcoin.pcap.out

@@ -0,0 +1,68 @@
+     DAEMON-EVENT: init
+     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....1] [ip4][..tcp] [..192.168.1.142][55317] -> [188.165.213.169][.8333] [MIDSTREAM] 
+         detected: [.....1] [ip4][..tcp] [..192.168.1.142][55317] -> [188.165.213.169][.8333] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+              new: [.....2] [ip4][..tcp] [..192.168.1.142][55328] -> [..69.118.54.122][.8333] [MIDSTREAM] 
+         detected: [.....2] [ip4][..tcp] [..192.168.1.142][55328] -> [..69.118.54.122][.8333] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+          analyse: [.....2] [ip4][..tcp] [..192.168.1.142][55328] -> [..69.118.54.122][.8333] [Mining][Mining][Unsafe]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000| 141.657|   9.231|  28.185]
+                   [IAT(c->s)...:  141.657| 141.657| 141.657|   0.000][IAT(s->c)...:    0.000|  71.060|   4.817|  14.725]
+                   [PKTLEN(c->s):  110.000| 171.000| 140.500|  30.500][PKTLEN(s->c):   86.000|1514.000|1267.100| 517.100]
+                   [BINS(c->s)..: 0,1,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 1,3,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,24,0,0]
+              new: [.....3] [ip4][..tcp] [..192.168.1.142][55348] -> [..74.89.181.229][.8333] [MIDSTREAM] 
+         detected: [.....3] [ip4][..tcp] [..192.168.1.142][55348] -> [..74.89.181.229][.8333] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+          analyse: [.....3] [ip4][..tcp] [..192.168.1.142][55348] -> [..74.89.181.229][.8333] [Mining][Mining][Unsafe]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000| 100.111|   6.495|  19.445]
+                   [IAT(c->s)...:    0.312| 100.111|  50.211|  49.900][IAT(s->c)...:    0.000|  39.766|   3.480|   9.569]
+                   [PKTLEN(c->s):  110.000| 171.000| 134.000|  26.500][PKTLEN(s->c):   86.000|1514.000|1276.400| 520.700]
+                   [BINS(c->s)..: 0,2,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 1,2,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,24,0,0]
+              new: [.....4] [ip4][..tcp] [..192.168.1.142][55383] -> [....66.68.83.22][.8333] [MIDSTREAM] 
+         detected: [.....4] [ip4][..tcp] [..192.168.1.142][55383] -> [....66.68.83.22][.8333] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+     DAEMON-EVENT: [Processed: 214 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 4 / 4|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+          analyse: [.....4] [ip4][..tcp] [..192.168.1.142][55383] -> [....66.68.83.22][.8333] [Mining][Mining][Unsafe]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000| 134.322|   8.966|  25.482]
+                   [IAT(c->s)...:    0.000| 134.322|  16.848|  44.401][IAT(s->c)...:    0.000|  45.583|   6.224|  12.662]
+                   [PKTLEN(c->s):  110.000|1514.000|1077.300| 619.900][PKTLEN(s->c):   86.000|1514.000|1094.400| 634.600]
+                   [BINS(c->s)..: 0,1,0,1,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,6,0,0]
+                   [BINS(s->c)..: 1,4,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,16,0,0]
+              new: [.....5] [ip4][..tcp] [..192.168.1.142][55400] -> [.195.218.16.178][.8333] [MIDSTREAM] 
+         detected: [.....5] [ip4][..tcp] [..192.168.1.142][55400] -> [.195.218.16.178][.8333] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+          analyse: [.....5] [ip4][..tcp] [..192.168.1.142][55400] -> [.195.218.16.178][.8333] [Mining][Mining][Unsafe]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|  41.186|   2.780|   7.976]
+                   [IAT(c->s)...:    0.000|  41.186|   8.435|  16.376][IAT(s->c)...:    0.002|  17.195|   1.693|   4.116]
+                   [PKTLEN(c->s):  110.000|1514.000|1037.000| 635.500][PKTLEN(s->c):   86.000|1514.000|1139.800| 616.700]
+                   [BINS(c->s)..: 0,1,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,3,0,0]
+                   [BINS(s->c)..: 1,5,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,19,0,0]
+     DAEMON-EVENT: [Processed: 494 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 5 / 5|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....6] [ip4][..tcp] [..192.168.1.142][55487] -> [.184.58.165.119][.8333] [MIDSTREAM] 
+         detected: [.....6] [ip4][..tcp] [..192.168.1.142][55487] -> [.184.58.165.119][.8333] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+     DAEMON-EVENT: [Processed: 621 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 6 / 6|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+             idle: [.....3] [ip4][..tcp] [..192.168.1.142][55348] -> [..74.89.181.229][.8333] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+             idle: [.....5] [ip4][..tcp] [..192.168.1.142][55400] -> [.195.218.16.178][.8333] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+             idle: [.....6] [ip4][..tcp] [..192.168.1.142][55487] -> [.184.58.165.119][.8333] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+             idle: [.....4] [ip4][..tcp] [..192.168.1.142][55383] -> [....66.68.83.22][.8333] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+             idle: [.....1] [ip4][..tcp] [..192.168.1.142][55317] -> [188.165.213.169][.8333] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+             idle: [.....2] [ip4][..tcp] [..192.168.1.142][55328] -> [..69.118.54.122][.8333] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+     DAEMON-EVENT: shutdown

test/results/flow-info/bittorrent.pcap.out

@@ -0,0 +1,127 @@
+     DAEMON-EVENT: init
+     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....1] [ip4][..tcp] [....192.168.1.3][52888] -> [..82.58.216.115][38305] [MIDSTREAM] 
+         detected: [.....1] [ip4][..tcp] [....192.168.1.3][52888] -> [..82.58.216.115][38305] [BitTorrent][Download][Acceptable]
+                   RISK: Known Proto on Non Std Port
+              new: [.....2] [ip4][..tcp] [....192.168.1.3][52887] -> [....82.57.97.83][53137] [MIDSTREAM] 
+         detected: [.....2] [ip4][..tcp] [....192.168.1.3][52887] -> [....82.57.97.83][53137] [BitTorrent][Download][Acceptable]
+                   RISK: Known Proto on Non Std Port
+              new: [.....3] [ip4][..tcp] [....192.168.1.3][52895] -> [.83.216.184.241][51413] [MIDSTREAM] 
+         detected: [.....3] [ip4][..tcp] [....192.168.1.3][52895] -> [.83.216.184.241][51413] [BitTorrent][Download][Acceptable]
+              new: [.....4] [ip4][..tcp] [....192.168.1.3][52896] -> [....79.53.228.2][14627] [MIDSTREAM] 
+         detected: [.....4] [ip4][..tcp] [....192.168.1.3][52896] -> [....79.53.228.2][14627] [BitTorrent][Download][Acceptable]
+                   RISK: Known Proto on Non Std Port
+              new: [.....5] [ip4][..tcp] [....192.168.1.3][52894] -> [..120.62.33.241][39332] [MIDSTREAM] 
+         detected: [.....5] [ip4][..tcp] [....192.168.1.3][52894] -> [..120.62.33.241][39332] [BitTorrent][Download][Acceptable]
+                   RISK: Known Proto on Non Std Port
+              new: [.....6] [ip4][..tcp] [....192.168.1.3][52897] -> [...151.26.95.30][22673] [MIDSTREAM] 
+         detected: [.....6] [ip4][..tcp] [....192.168.1.3][52897] -> [...151.26.95.30][22673] [BitTorrent][Download][Acceptable]
+                   RISK: Known Proto on Non Std Port
+              new: [.....7] [ip4][..tcp] [....192.168.1.3][52893] -> [...79.55.129.22][12097] [MIDSTREAM] 
+         detected: [.....7] [ip4][..tcp] [....192.168.1.3][52893] -> [...79.55.129.22][12097] [BitTorrent][Download][Acceptable]
+                   RISK: Known Proto on Non Std Port
+              new: [.....8] [ip4][..tcp] [....192.168.1.3][52903] -> [..198.100.146.9][60163] [MIDSTREAM] 
+         detected: [.....8] [ip4][..tcp] [....192.168.1.3][52903] -> [..198.100.146.9][60163] [BitTorrent][Download][Acceptable]
+                   RISK: Known Proto on Non Std Port
+              new: [.....9] [ip4][..tcp] [....192.168.1.3][52902] -> [.190.103.195.56][46633] [MIDSTREAM] 
+         detected: [.....9] [ip4][..tcp] [....192.168.1.3][52902] -> [.190.103.195.56][46633] [BitTorrent][Download][Acceptable]
+                   RISK: Known Proto on Non Std Port
+              new: [....10] [ip4][..tcp] [....192.168.1.3][52907] -> [..82.58.216.115][38305] [MIDSTREAM] 
+         detected: [....10] [ip4][..tcp] [....192.168.1.3][52907] -> [..82.58.216.115][38305] [BitTorrent][Download][Acceptable]
+                   RISK: Known Proto on Non Std Port
+              new: [....11] [ip4][..tcp] [....192.168.1.3][52906] -> [....82.57.97.83][53137] [MIDSTREAM] 
+         detected: [....11] [ip4][..tcp] [....192.168.1.3][52906] -> [....82.57.97.83][53137] [BitTorrent][Download][Acceptable]
+                   RISK: Known Proto on Non Std Port
+              new: [....12] [ip4][..tcp] [....192.168.1.3][52911] -> [...151.26.95.30][22673] [MIDSTREAM] 
+         detected: [....12] [ip4][..tcp] [....192.168.1.3][52911] -> [...151.26.95.30][22673] [BitTorrent][Download][Acceptable]
+                   RISK: Known Proto on Non Std Port
+              new: [....13] [ip4][..tcp] [....192.168.1.3][52912] -> [.151.72.255.163][59928] [MIDSTREAM] 
+         detected: [....13] [ip4][..tcp] [....192.168.1.3][52912] -> [.151.72.255.163][59928] [BitTorrent][Download][Acceptable]
+                   RISK: Known Proto on Non Std Port
+              new: [....14] [ip4][..tcp] [....192.168.1.3][52909] -> [....79.53.228.2][14627] [MIDSTREAM] 
+         detected: [....14] [ip4][..tcp] [....192.168.1.3][52909] -> [....79.53.228.2][14627] [BitTorrent][Download][Acceptable]
+                   RISK: Known Proto on Non Std Port
+              new: [....15] [ip4][..tcp] [....192.168.1.3][52910] -> [..120.62.33.241][39332] [MIDSTREAM] 
+         detected: [....15] [ip4][..tcp] [....192.168.1.3][52910] -> [..120.62.33.241][39332] [BitTorrent][Download][Acceptable]
+                   RISK: Known Proto on Non Std Port
+              new: [....16] [ip4][..tcp] [....192.168.1.3][52908] -> [...79.55.129.22][12097] [MIDSTREAM] 
+         detected: [....16] [ip4][..tcp] [....192.168.1.3][52908] -> [...79.55.129.22][12097] [BitTorrent][Download][Acceptable]
+                   RISK: Known Proto on Non Std Port
+              new: [....17] [ip4][..tcp] [....192.168.1.3][52915] -> [..198.100.146.9][60163] [MIDSTREAM] 
+         detected: [....17] [ip4][..tcp] [....192.168.1.3][52915] -> [..198.100.146.9][60163] [BitTorrent][Download][Acceptable]
+                   RISK: Known Proto on Non Std Port
+              new: [....18] [ip4][..tcp] [....192.168.1.3][52914] -> [.190.103.195.56][46633] [MIDSTREAM] 
+         detected: [....18] [ip4][..tcp] [....192.168.1.3][52914] -> [.190.103.195.56][46633] [BitTorrent][Download][Acceptable]
+                   RISK: Known Proto on Non Std Port
+              new: [....19] [ip4][..tcp] [....192.168.1.3][52917] -> [..151.15.48.189][47001] [MIDSTREAM] 
+         detected: [....19] [ip4][..tcp] [....192.168.1.3][52917] -> [..151.15.48.189][47001] [BitTorrent][Download][Acceptable]
+                   RISK: Known Proto on Non Std Port
+              new: [....20] [ip4][..tcp] [....192.168.1.3][52921] -> [..95.234.159.16][41205] [MIDSTREAM] 
+         detected: [....20] [ip4][..tcp] [....192.168.1.3][52921] -> [..95.234.159.16][41205] [BitTorrent][Download][Acceptable]
+                   RISK: Known Proto on Non Std Port
+              new: [....21] [ip4][..tcp] [....192.168.1.3][52922] -> [..95.237.193.34][11321] [MIDSTREAM] 
+         detected: [....21] [ip4][..tcp] [....192.168.1.3][52922] -> [..95.237.193.34][11321] [BitTorrent][Download][Acceptable]
+                   RISK: Known Proto on Non Std Port
+          analyse: [....17] [ip4][..tcp] [....192.168.1.3][52915] -> [..198.100.146.9][60163] [BitTorrent][Download][Acceptable]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.012|   0.920|   0.247|   0.229]
+                   [IAT(c->s)...:    0.012|   0.780|   0.345|   0.226][IAT(s->c)...:    0.013|   0.920|   0.193|   0.212]
+                   [PKTLEN(c->s):   83.000| 242.000| 142.300|  59.300][PKTLEN(s->c):   80.000|1506.000|1092.800| 551.900]
+                   [BINS(c->s)..: 5,1,1,1,3,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 1,1,1,0,0,0,0,0,0,0,1,0,0,0,0,0,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,12,0,0]
+              new: [....22] [ip4][..tcp] [....192.168.1.3][52927] -> [.83.216.184.241][51413] [MIDSTREAM] 
+         detected: [....22] [ip4][..tcp] [....192.168.1.3][52927] -> [.83.216.184.241][51413] [BitTorrent][Download][Acceptable]
+              new: [....23] [ip4][..tcp] [....192.168.1.3][52926] -> [..93.65.249.100][31336] [MIDSTREAM] 
+         detected: [....23] [ip4][..tcp] [....192.168.1.3][52926] -> [..93.65.249.100][31336] [BitTorrent][Download][Acceptable]
+                   RISK: Known Proto on Non Std Port
+              new: [....24] [ip4][..tcp] [....192.168.1.3][52925] -> [..93.65.227.100][19116] [MIDSTREAM] 
+         detected: [....24] [ip4][..tcp] [....192.168.1.3][52925] -> [..93.65.227.100][19116] [BitTorrent][Download][Acceptable]
+                   RISK: Known Proto on Non Std Port
+              end: [.....2] [ip4][..tcp] [....192.168.1.3][52887] -> [....82.57.97.83][53137] [BitTorrent][Download][Acceptable]
+                   RISK: Known Proto on Non Std Port
+              end: [....11] [ip4][..tcp] [....192.168.1.3][52906] -> [....82.57.97.83][53137] [BitTorrent][Download][Acceptable]
+                   RISK: Known Proto on Non Std Port
+              end: [.....3] [ip4][..tcp] [....192.168.1.3][52895] -> [.83.216.184.241][51413] [BitTorrent][Download][Acceptable]
+             idle: [....22] [ip4][..tcp] [....192.168.1.3][52927] -> [.83.216.184.241][51413] [BitTorrent][Download][Acceptable]
+              end: [....21] [ip4][..tcp] [....192.168.1.3][52922] -> [..95.237.193.34][11321] [BitTorrent][Download][Acceptable]
+                   RISK: Known Proto on Non Std Port
+              end: [....13] [ip4][..tcp] [....192.168.1.3][52912] -> [.151.72.255.163][59928] [BitTorrent][Download][Acceptable]
+                   RISK: Known Proto on Non Std Port
+             idle: [.....6] [ip4][..tcp] [....192.168.1.3][52897] -> [...151.26.95.30][22673] [BitTorrent][Download][Acceptable]
+                   RISK: Known Proto on Non Std Port
+             idle: [....12] [ip4][..tcp] [....192.168.1.3][52911] -> [...151.26.95.30][22673] [BitTorrent][Download][Acceptable]
+                   RISK: Known Proto on Non Std Port
+              end: [....20] [ip4][..tcp] [....192.168.1.3][52921] -> [..95.234.159.16][41205] [BitTorrent][Download][Acceptable]
+                   RISK: Known Proto on Non Std Port
+              end: [....23] [ip4][..tcp] [....192.168.1.3][52926] -> [..93.65.249.100][31336] [BitTorrent][Download][Acceptable]
+                   RISK: Known Proto on Non Std Port
+             idle: [....24] [ip4][..tcp] [....192.168.1.3][52925] -> [..93.65.227.100][19116] [BitTorrent][Download][Acceptable]
+                   RISK: Known Proto on Non Std Port
+              end: [.....9] [ip4][..tcp] [....192.168.1.3][52902] -> [.190.103.195.56][46633] [BitTorrent][Download][Acceptable]
+                   RISK: Known Proto on Non Std Port
+             idle: [....18] [ip4][..tcp] [....192.168.1.3][52914] -> [.190.103.195.56][46633] [BitTorrent][Download][Acceptable]
+                   RISK: Known Proto on Non Std Port
+              end: [.....4] [ip4][..tcp] [....192.168.1.3][52896] -> [....79.53.228.2][14627] [BitTorrent][Download][Acceptable]
+                   RISK: Known Proto on Non Std Port
+             idle: [....14] [ip4][..tcp] [....192.168.1.3][52909] -> [....79.53.228.2][14627] [BitTorrent][Download][Acceptable]
+                   RISK: Known Proto on Non Std Port
+             idle: [.....7] [ip4][..tcp] [....192.168.1.3][52893] -> [...79.55.129.22][12097] [BitTorrent][Download][Acceptable]
+                   RISK: Known Proto on Non Std Port
+             idle: [....16] [ip4][..tcp] [....192.168.1.3][52908] -> [...79.55.129.22][12097] [BitTorrent][Download][Acceptable]
+                   RISK: Known Proto on Non Std Port
+              end: [....19] [ip4][..tcp] [....192.168.1.3][52917] -> [..151.15.48.189][47001] [BitTorrent][Download][Acceptable]
+                   RISK: Known Proto on Non Std Port
+             idle: [.....8] [ip4][..tcp] [....192.168.1.3][52903] -> [..198.100.146.9][60163] [BitTorrent][Download][Acceptable]
+                   RISK: Known Proto on Non Std Port
+             idle: [....17] [ip4][..tcp] [....192.168.1.3][52915] -> [..198.100.146.9][60163] [BitTorrent][Download][Acceptable]
+                   RISK: Known Proto on Non Std Port
+              end: [.....1] [ip4][..tcp] [....192.168.1.3][52888] -> [..82.58.216.115][38305] [BitTorrent][Download][Acceptable]
+                   RISK: Known Proto on Non Std Port
+             idle: [....10] [ip4][..tcp] [....192.168.1.3][52907] -> [..82.58.216.115][38305] [BitTorrent][Download][Acceptable]
+                   RISK: Known Proto on Non Std Port
+             idle: [.....5] [ip4][..tcp] [....192.168.1.3][52894] -> [..120.62.33.241][39332] [BitTorrent][Download][Acceptable]
+                   RISK: Known Proto on Non Std Port
+             idle: [....15] [ip4][..tcp] [....192.168.1.3][52910] -> [..120.62.33.241][39332] [BitTorrent][Download][Acceptable]
+                   RISK: Known Proto on Non Std Port
+     DAEMON-EVENT: shutdown

test/results/flow-info/bittorrent_utp.pcap.out

@@ -0,0 +1,16 @@
+     DAEMON-EVENT: init
+     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....1] [ip4][..udp] [..82.243.113.43][64969] -> [....192.168.1.5][40959] 
+         detected: [.....1] [ip4][..udp] [..82.243.113.43][64969] -> [....192.168.1.5][40959] [BitTorrent][Download][Acceptable]
+                   RISK: Known Proto on Non Std Port
+          analyse: [.....1] [ip4][..udp] [..82.243.113.43][64969] -> [....192.168.1.5][40959] [BitTorrent][Download][Acceptable]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.001|   5.430|   0.412|   1.202]
+                   [IAT(c->s)...:    0.001|   4.392|   0.378|   1.031][IAT(s->c)...:    0.012|   5.430|   0.453|   1.381]
+                   [PKTLEN(c->s):   62.000|1514.000| 827.700| 634.300][PKTLEN(s->c):   62.000| 519.000| 104.300| 116.000]
+                   [BINS(c->s)..: 3,0,0,3,0,0,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,7,0]
+                   [BINS(s->c)..: 11,1,1,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+             idle: [.....1] [ip4][..udp] [..82.243.113.43][64969] -> [....192.168.1.5][40959] [BitTorrent][Download][Acceptable]
+                   RISK: Known Proto on Non Std Port
+     DAEMON-EVENT: shutdown

test/results/flow-info/bjnp.pcap.out

@@ -0,0 +1,34 @@
+     DAEMON-EVENT: init
+     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....1] [ip4][..udp] [192.168.185.141][50087] -> [...192.168.1.17][.8612] 
+         detected: [.....1] [ip4][..udp] [192.168.185.141][50087] -> [...192.168.1.17][.8612] [BJNP][System][Acceptable]
+              new: [.....2] [ip4][..udp] [192.168.185.141][50089] -> [....192.168.1.1][.8612] 
+         detected: [.....2] [ip4][..udp] [192.168.185.141][50089] -> [....192.168.1.1][.8612] [BJNP][System][Acceptable]
+              new: [.....3] [ip4][..udp] [192.168.185.141][50089] -> [....192.168.1.2][.8612] 
+         detected: [.....3] [ip4][..udp] [192.168.185.141][50089] -> [....192.168.1.2][.8612] [BJNP][System][Acceptable]
+              new: [.....4] [ip4][..udp] [192.168.185.141][50089] -> [....192.168.1.3][.8612] 
+         detected: [.....4] [ip4][..udp] [192.168.185.141][50089] -> [....192.168.1.3][.8612] [BJNP][System][Acceptable]
+              new: [.....5] [ip4][..udp] [192.168.185.141][50089] -> [....192.168.1.4][.8612] 
+         detected: [.....5] [ip4][..udp] [192.168.185.141][50089] -> [....192.168.1.4][.8612] [BJNP][System][Acceptable]
+              new: [.....6] [ip4][..udp] [192.168.185.141][50089] -> [....192.168.1.5][.8612] 
+         detected: [.....6] [ip4][..udp] [192.168.185.141][50089] -> [....192.168.1.5][.8612] [BJNP][System][Acceptable]
+              new: [.....7] [ip4][..udp] [192.168.185.141][50089] -> [....192.168.1.6][.8612] 
+         detected: [.....7] [ip4][..udp] [192.168.185.141][50089] -> [....192.168.1.6][.8612] [BJNP][System][Acceptable]
+              new: [.....8] [ip4][..udp] [192.168.185.141][50089] -> [....192.168.1.7][.8612] 
+         detected: [.....8] [ip4][..udp] [192.168.185.141][50089] -> [....192.168.1.7][.8612] [BJNP][System][Acceptable]
+              new: [.....9] [ip4][..udp] [192.168.185.141][50089] -> [....192.168.1.8][.8612] 
+         detected: [.....9] [ip4][..udp] [192.168.185.141][50089] -> [....192.168.1.8][.8612] [BJNP][System][Acceptable]
+              new: [....10] [ip4][..udp] [192.168.185.141][50089] -> [....192.168.1.9][.8612] 
+         detected: [....10] [ip4][..udp] [192.168.185.141][50089] -> [....192.168.1.9][.8612] [BJNP][System][Acceptable]
+             idle: [.....1] [ip4][..udp] [192.168.185.141][50087] -> [...192.168.1.17][.8612] [BJNP][System][Acceptable]
+             idle: [....10] [ip4][..udp] [192.168.185.141][50089] -> [....192.168.1.9][.8612] [BJNP][System][Acceptable]
+             idle: [.....9] [ip4][..udp] [192.168.185.141][50089] -> [....192.168.1.8][.8612] [BJNP][System][Acceptable]
+             idle: [.....8] [ip4][..udp] [192.168.185.141][50089] -> [....192.168.1.7][.8612] [BJNP][System][Acceptable]
+             idle: [.....7] [ip4][..udp] [192.168.185.141][50089] -> [....192.168.1.6][.8612] [BJNP][System][Acceptable]
+             idle: [.....6] [ip4][..udp] [192.168.185.141][50089] -> [....192.168.1.5][.8612] [BJNP][System][Acceptable]
+             idle: [.....5] [ip4][..udp] [192.168.185.141][50089] -> [....192.168.1.4][.8612] [BJNP][System][Acceptable]
+             idle: [.....4] [ip4][..udp] [192.168.185.141][50089] -> [....192.168.1.3][.8612] [BJNP][System][Acceptable]
+             idle: [.....3] [ip4][..udp] [192.168.185.141][50089] -> [....192.168.1.2][.8612] [BJNP][System][Acceptable]
+             idle: [.....2] [ip4][..udp] [192.168.185.141][50089] -> [....192.168.1.1][.8612] [BJNP][System][Acceptable]
+     DAEMON-EVENT: shutdown

test/results/flow-info/bot.pcap.out

@@ -0,0 +1,14 @@
+     DAEMON-EVENT: init
+     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....1] [ip4][..tcp] [...40.77.167.36][64768] -> [...89.31.72.220][...80] 
+         detected: [.....1] [ip4][..tcp] [...40.77.167.36][64768] -> [...89.31.72.220][...80] [HTTP.Azure][Cloud][Acceptable]
+          analyse: [.....1] [ip4][..tcp] [...40.77.167.36][64768] -> [...89.31.72.220][...80] [HTTP.Azure][Cloud][Acceptable]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|   0.114|   0.014|   0.036]
+                   [IAT(c->s)...:    0.000|   0.114|   0.037|   0.052][IAT(s->c)...:    0.000|   0.107|   0.009|   0.029]
+                   [PKTLEN(c->s):   64.000| 374.000| 108.600| 108.400][PKTLEN(s->c):   64.000|1498.000|1383.400| 388.800]
+                   [BINS(c->s)..: 6,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,23,0,0]
+              end: [.....1] [ip4][..tcp] [...40.77.167.36][64768] -> [...89.31.72.220][...80] [HTTP.Azure][Cloud][Acceptable]
+     DAEMON-EVENT: shutdown

test/results/flow-info/bt_search.pcap.out

@@ -0,0 +1,7 @@
+     DAEMON-EVENT: init
+     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....1] [ip4][..udp] [..192.168.0.102][.6771] -> [239.192.152.143][.6771] 
+         detected: [.....1] [ip4][..udp] [..192.168.0.102][.6771] -> [239.192.152.143][.6771] [BitTorrent][Download][Acceptable]
+             idle: [.....1] [ip4][..udp] [..192.168.0.102][.6771] -> [239.192.152.143][.6771] 
+     DAEMON-EVENT: shutdown

test/results/flow-info/cachefly.pcapng.out

@@ -0,0 +1,9 @@
+     DAEMON-EVENT: init
+     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....1] [ip4][..tcp] [.....10.10.10.1][..443] -> [....192.168.0.1][43766] 
+         detected: [.....1] [ip4][..tcp] [.....10.10.10.1][..443] -> [....192.168.0.1][43766] [TLS][Web][Safe]
+ detection-update: [.....1] [ip4][..tcp] [.....10.10.10.1][..443] -> [....192.168.0.1][43766] [TLS][Web][Safe]
+ detection-update: [.....1] [ip4][..tcp] [.....10.10.10.1][..443] -> [....192.168.0.1][43766] [TLS.Cachefly][Cloud][Acceptable]
+             idle: [.....1] [ip4][..tcp] [.....10.10.10.1][..443] -> [....192.168.0.1][43766] 
+     DAEMON-EVENT: shutdown

test/results/flow-info/capwap.pcap.out

@@ -0,0 +1,57 @@
+     DAEMON-EVENT: init
+     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....1] [ip4][..udp] [...192.168.10.9][.5246] -> [..192.168.10.10][12379] 
+         detected: [.....1] [ip4][..udp] [...192.168.10.9][.5246] -> [..192.168.10.10][12379] [CAPWAP][Network][Acceptable]
+              new: [.....2] [ip4][..udp] [..192.168.10.10][49259] -> [255.255.255.255][...53] 
+         detected: [.....2] [ip4][..udp] [..192.168.10.10][49259] -> [255.255.255.255][...53] [DNS][Network][Acceptable]
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+              new: [.....3] [ip4][..udp] [..192.168.10.10][12380] -> [255.255.255.255][.5246] 
+         detected: [.....3] [ip4][..udp] [..192.168.10.10][12380] -> [255.255.255.255][.5246] [CAPWAP][Network][Acceptable]
+              new: [.....4] [ip4][..udp] [...192.168.10.9][.5246] -> [..192.168.10.10][12380] 
+         detected: [.....4] [ip4][..udp] [...192.168.10.9][.5246] -> [..192.168.10.10][12380] [CAPWAP][Network][Acceptable]
+           update: [.....1] [ip4][..udp] [...192.168.10.9][.5246] -> [..192.168.10.10][12379] [CAPWAP][Network][Acceptable]
+          analyse: [.....4] [ip4][..udp] [...192.168.10.9][.5246] -> [..192.168.10.10][12380] [CAPWAP][Network][Acceptable]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|  10.093|   0.751|   2.532]
+                   [IAT(c->s)...:    0.000|  10.093|   0.681|   2.432][IAT(s->c)...:    0.000|   9.998|   0.838|   2.646]
+                   [PKTLEN(c->s):  106.000|1499.000| 546.600| 501.400][PKTLEN(s->c):  115.000|1499.000| 473.200| 463.600]
+                   [BINS(c->s)..: 0,0,5,3,0,0,0,0,0,1,0,0,0,1,0,0,0,2,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,2,0,0]
+                   [BINS(s->c)..: 0,0,1,6,1,0,0,0,1,0,0,1,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,1,1,0,0]
+              new: [.....5] [ip4][..udp] [..192.168.10.10][12380] -> [...192.168.10.9][.5247] 
+         detected: [.....5] [ip4][..udp] [..192.168.10.10][12380] -> [...192.168.10.9][.5247] [CAPWAP][Network][Acceptable]
+           update: [.....2] [ip4][..udp] [..192.168.10.10][49259] -> [255.255.255.255][...53] 
+      ERROR-EVENT: Unknown packet type
+          analyse: [.....5] [ip4][..udp] [..192.168.10.10][12380] -> [...192.168.10.9][.5247] [CAPWAP][Network][Acceptable]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.500|   4.000|   1.016|   0.875]
+                   [IAT(c->s)...:    0.500|   4.000|   1.016|   0.875][IAT(s->c)...:    0.000|   0.000|   0.000|   0.000]
+                   [PKTLEN(c->s):  122.000| 325.000| 195.400|  58.400][PKTLEN(s->c):    0.000|   0.000|   0.000|   0.000]
+                   [BINS(c->s)..: 0,0,6,7,2,9,2,5,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+           update: [.....3] [ip4][..udp] [..192.168.10.10][12380] -> [255.255.255.255][.5246] [CAPWAP][Network][Acceptable]
+           update: [.....1] [ip4][..udp] [...192.168.10.9][.5246] -> [..192.168.10.10][12379] [CAPWAP][Network][Acceptable]
+           update: [.....4] [ip4][..udp] [...192.168.10.9][.5246] -> [..192.168.10.10][12380] [CAPWAP][Network][Acceptable]
+           update: [.....5] [ip4][..udp] [..192.168.10.10][12380] -> [...192.168.10.9][.5247] [CAPWAP][Network][Acceptable]
+           update: [.....2] [ip4][..udp] [..192.168.10.10][49259] -> [255.255.255.255][...53] 
+      ERROR-EVENT: Unknown packet type
+           update: [.....3] [ip4][..udp] [..192.168.10.10][12380] -> [255.255.255.255][.5246] [CAPWAP][Network][Acceptable]
+           update: [.....1] [ip4][..udp] [...192.168.10.9][.5246] -> [..192.168.10.10][12379] [CAPWAP][Network][Acceptable]
+           update: [.....4] [ip4][..udp] [...192.168.10.9][.5246] -> [..192.168.10.10][12380] [CAPWAP][Network][Acceptable]
+           update: [.....5] [ip4][..udp] [..192.168.10.10][12380] -> [...192.168.10.9][.5247] [CAPWAP][Network][Acceptable]
+           update: [.....2] [ip4][..udp] [..192.168.10.10][49259] -> [255.255.255.255][...53] 
+      ERROR-EVENT: Unknown packet type
+             idle: [.....1] [ip4][..udp] [...192.168.10.9][.5246] -> [..192.168.10.10][12379] [CAPWAP][Network][Acceptable]
+             idle: [.....2] [ip4][..udp] [..192.168.10.10][49259] -> [255.255.255.255][...53] 
+           update: [.....3] [ip4][..udp] [..192.168.10.10][12380] -> [255.255.255.255][.5246] [CAPWAP][Network][Acceptable]
+           update: [.....4] [ip4][..udp] [...192.168.10.9][.5246] -> [..192.168.10.10][12380] [CAPWAP][Network][Acceptable]
+           update: [.....5] [ip4][..udp] [..192.168.10.10][12380] -> [...192.168.10.9][.5247] [CAPWAP][Network][Acceptable]
+             idle: [.....3] [ip4][..udp] [..192.168.10.10][12380] -> [255.255.255.255][.5246] [CAPWAP][Network][Acceptable]
+             idle: [.....4] [ip4][..udp] [...192.168.10.9][.5246] -> [..192.168.10.10][12380] [CAPWAP][Network][Acceptable]
+             idle: [.....5] [ip4][..udp] [..192.168.10.10][12380] -> [...192.168.10.9][.5247] [CAPWAP][Network][Acceptable]
+     DAEMON-EVENT: shutdown

test/results/flow-info/cassandra.pcap.out

@@ -0,0 +1,24 @@
+     DAEMON-EVENT: init
+     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....1] [ip4][..tcp] [......127.0.0.1][46536] -> [......127.0.0.1][.9042] 
+         detected: [.....1] [ip4][..tcp] [......127.0.0.1][46536] -> [......127.0.0.1][.9042] [Cassandra][Database][Acceptable]
+              new: [.....2] [ip4][..tcp] [......127.0.0.1][46537] -> [......127.0.0.1][.9042] 
+         detected: [.....2] [ip4][..tcp] [......127.0.0.1][46537] -> [......127.0.0.1][.9042] [Cassandra][Database][Acceptable]
+          analyse: [.....1] [ip4][..tcp] [......127.0.0.1][46536] -> [......127.0.0.1][.9042] [Cassandra][Database][Acceptable]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|  26.002|   1.755|   6.369]
+                   [IAT(c->s)...:    0.000|  26.002|   1.700|   6.281][IAT(s->c)...:    0.000|  25.963|   1.813|   6.461]
+                   [PKTLEN(c->s):   66.000| 387.000| 121.600|  77.900][PKTLEN(s->c):   66.000|25214.000|4025.500|8138.300]
+                   [BINS(c->s)..: 9,2,3,2,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 4,2,2,1,0,1,0,0,0,1,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,3]
+          analyse: [.....2] [ip4][..tcp] [......127.0.0.1][46537] -> [......127.0.0.1][.9042] [Cassandra][Database][Acceptable]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|  25.937|   2.293|   6.507]
+                   [IAT(c->s)...:    0.000|  25.897|   2.200|   6.235][IAT(s->c)...:    0.000|  25.937|   2.407|   6.821]
+                   [PKTLEN(c->s):   66.000| 291.000| 110.600|  58.800][PKTLEN(s->c):   66.000|11512.000| 923.800|2937.200]
+                   [BINS(c->s)..: 10,2,4,0,1,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 8,2,2,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1]
+              end: [.....1] [ip4][..tcp] [......127.0.0.1][46536] -> [......127.0.0.1][.9042] [Cassandra][Database][Acceptable]
+              end: [.....2] [ip4][..tcp] [......127.0.0.1][46537] -> [......127.0.0.1][.9042] [Cassandra][Database][Acceptable]
+     DAEMON-EVENT: shutdown

test/results/flow-info/check_mk_new.pcap.out

@@ -0,0 +1,14 @@
+     DAEMON-EVENT: init
+     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....1] [ip4][..tcp] [.192.168.100.22][58998] -> [.192.168.100.50][.6556] 
+         detected: [.....1] [ip4][..tcp] [.192.168.100.22][58998] -> [.192.168.100.50][.6556] [CHECKMK][DataTransfer][Acceptable]
+          analyse: [.....1] [ip4][..tcp] [.192.168.100.22][58998] -> [.192.168.100.50][.6556] [CHECKMK][DataTransfer][Acceptable]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|   0.002|   0.001|   0.001]
+                   [IAT(c->s)...:    0.000|   0.002|   0.001|   0.001][IAT(s->c)...:    0.000|   0.002|   0.001|   0.001]
+                   [PKTLEN(c->s):   66.000|  74.000|  66.500|   1.900][PKTLEN(s->c):   67.000| 568.000| 152.500| 153.600]
+                   [BINS(c->s)..: 16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 12,0,1,0,0,0,0,0,1,0,0,0,1,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+              end: [.....1] [ip4][..tcp] [.192.168.100.22][58998] -> [.192.168.100.50][.6556] [CHECKMK][DataTransfer][Acceptable]
+     DAEMON-EVENT: shutdown

test/results/flow-info/chrome.pcap.out

@@ -0,0 +1,75 @@
+     DAEMON-EVENT: init
+     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....1] [ip4][..tcp] [..192.168.1.178][64393] -> [...146.48.58.18][..443] 
+         detected: [.....1] [ip4][..tcp] [..192.168.1.178][64393] -> [...146.48.58.18][..443] [TLS][Web][Safe]
+ detection-update: [.....1] [ip4][..tcp] [..192.168.1.178][64393] -> [...146.48.58.18][..443] [TLS][Web][Safe]
+              new: [.....2] [ip4][..tcp] [..192.168.1.178][64394] -> [...146.48.58.18][..443] 
+         detected: [.....2] [ip4][..tcp] [..192.168.1.178][64394] -> [...146.48.58.18][..443] [TLS][Web][Safe]
+          analyse: [.....1] [ip4][..tcp] [..192.168.1.178][64393] -> [...146.48.58.18][..443] [TLS][Web][Safe]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|   0.629|   0.057|   0.154]
+                   [IAT(c->s)...:    0.000|   0.629|   0.067|   0.166][IAT(s->c)...:    0.000|   0.628|   0.050|   0.145]
+                   [PKTLEN(c->s):   66.000| 816.000| 209.600| 263.400][PKTLEN(s->c):   66.000|1506.000| 938.200| 652.600]
+                   [BINS(c->s)..: 10,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,1,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 5,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,9,0,0]
+ detection-update: [.....2] [ip4][..tcp] [..192.168.1.178][64394] -> [...146.48.58.18][..443] [TLS][Web][Safe]
+              new: [.....3] [ip4][..tcp] [..192.168.1.178][64408] -> [...146.48.58.18][..443] 
+              new: [.....4] [ip4][..tcp] [..192.168.1.178][64409] -> [...146.48.58.18][..443] 
+              new: [.....5] [ip4][..tcp] [..192.168.1.178][64410] -> [...146.48.58.18][..443] 
+              new: [.....6] [ip4][..tcp] [..192.168.1.178][64411] -> [...146.48.58.18][..443] 
+         detected: [.....4] [ip4][..tcp] [..192.168.1.178][64409] -> [...146.48.58.18][..443] [TLS][Web][Safe]
+         detected: [.....3] [ip4][..tcp] [..192.168.1.178][64408] -> [...146.48.58.18][..443] [TLS][Web][Safe]
+         detected: [.....5] [ip4][..tcp] [..192.168.1.178][64410] -> [...146.48.58.18][..443] [TLS][Web][Safe]
+         detected: [.....6] [ip4][..tcp] [..192.168.1.178][64411] -> [...146.48.58.18][..443] [TLS][Web][Safe]
+          analyse: [.....2] [ip4][..tcp] [..192.168.1.178][64394] -> [...146.48.58.18][..443] 
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|   0.469|   0.038|   0.110]
+                   [IAT(c->s)...:    0.000|   0.442|   0.042|   0.112][IAT(s->c)...:    0.000|   0.469|   0.035|   0.109]
+                   [PKTLEN(c->s):   66.000| 783.000| 209.200| 272.300][PKTLEN(s->c):   66.000|1506.000|1003.300| 636.500]
+                   [BINS(c->s)..: 11,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 4,0,0,0,0,0,0,0,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,10,0,0]
+ detection-update: [.....2] [ip4][..tcp] [..192.168.1.178][64394] -> [...146.48.58.18][..443] [TLS][Web][Safe]
+ detection-update: [.....4] [ip4][..tcp] [..192.168.1.178][64409] -> [...146.48.58.18][..443] [TLS][Web][Safe]
+ detection-update: [.....3] [ip4][..tcp] [..192.168.1.178][64408] -> [...146.48.58.18][..443] [TLS][Web][Safe]
+ detection-update: [.....6] [ip4][..tcp] [..192.168.1.178][64411] -> [...146.48.58.18][..443] [TLS][Web][Safe]
+ detection-update: [.....5] [ip4][..tcp] [..192.168.1.178][64410] -> [...146.48.58.18][..443] [TLS][Web][Safe]
+          analyse: [.....6] [ip4][..tcp] [..192.168.1.178][64411] -> [...146.48.58.18][..443] 
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|   0.035|   0.006|   0.011]
+                   [IAT(c->s)...:    0.000|   0.035|   0.006|   0.012][IAT(s->c)...:    0.000|   0.028|   0.006|   0.011]
+                   [PKTLEN(c->s):   66.000| 820.000| 195.300| 259.000][PKTLEN(s->c):   66.000|1506.000| 890.100| 638.500]
+                   [BINS(c->s)..: 12,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 4,0,0,0,0,0,0,0,0,2,1,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,8,0,0]
+ detection-update: [.....6] [ip4][..tcp] [..192.168.1.178][64411] -> [...146.48.58.18][..443] [TLS][Web][Safe]
+          analyse: [.....4] [ip4][..tcp] [..192.168.1.178][64409] -> [...146.48.58.18][..443] 
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|   0.031|   0.008|   0.012]
+                   [IAT(c->s)...:    0.000|   0.031|   0.010|   0.013][IAT(s->c)...:    0.000|   0.029|   0.006|   0.011]
+                   [PKTLEN(c->s):   66.000| 772.000| 176.200| 240.200][PKTLEN(s->c):   66.000|1506.000|1081.300| 629.500]
+                   [BINS(c->s)..: 10,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 4,0,0,0,0,0,0,0,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,13,0,0]
+ detection-update: [.....4] [ip4][..tcp] [..192.168.1.178][64409] -> [...146.48.58.18][..443] [TLS][Web][Safe]
+          analyse: [.....5] [ip4][..tcp] [..192.168.1.178][64410] -> [...146.48.58.18][..443] 
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|   0.038|   0.007|   0.012]
+                   [IAT(c->s)...:    0.000|   0.038|   0.008|   0.013][IAT(s->c)...:    0.000|   0.030|   0.007|   0.011]
+                   [PKTLEN(c->s):   66.000| 772.000| 159.900| 215.300][PKTLEN(s->c):   66.000|1506.000|1019.300| 629.500]
+                   [BINS(c->s)..: 11,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 4,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,11,0,0]
+ detection-update: [.....5] [ip4][..tcp] [..192.168.1.178][64410] -> [...146.48.58.18][..443] [TLS][Web][Safe]
+          analyse: [.....3] [ip4][..tcp] [..192.168.1.178][64408] -> [...146.48.58.18][..443] 
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|   0.032|   0.008|   0.013]
+                   [IAT(c->s)...:    0.000|   0.031|   0.009|   0.013][IAT(s->c)...:    0.000|   0.032|   0.007|   0.013]
+                   [PKTLEN(c->s):   66.000| 775.000| 208.800| 271.400][PKTLEN(s->c):   66.000|1506.000| 989.800| 638.300]
+                   [BINS(c->s)..: 11,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 4,0,0,0,0,0,0,0,1,1,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,10,0,0]
+ detection-update: [.....3] [ip4][..tcp] [..192.168.1.178][64408] -> [...146.48.58.18][..443] [TLS][Web][Safe]
+              end: [.....1] [ip4][..tcp] [..192.168.1.178][64393] -> [...146.48.58.18][..443] [TLS][Web][Safe]
+              end: [.....2] [ip4][..tcp] [..192.168.1.178][64394] -> [...146.48.58.18][..443] [TLS][Web][Safe]
+              end: [.....3] [ip4][..tcp] [..192.168.1.178][64408] -> [...146.48.58.18][..443] [TLS][Web][Safe]
+              end: [.....4] [ip4][..tcp] [..192.168.1.178][64409] -> [...146.48.58.18][..443] [TLS][Web][Safe]
+              end: [.....5] [ip4][..tcp] [..192.168.1.178][64410] -> [...146.48.58.18][..443] [TLS][Web][Safe]
+              end: [.....6] [ip4][..tcp] [..192.168.1.178][64411] -> [...146.48.58.18][..443] [TLS][Web][Safe]
+     DAEMON-EVENT: shutdown

test/results/flow-info/citrix.pcap.out

@@ -0,0 +1,12 @@
+     DAEMON-EVENT: init
+              new: [.....1] [ip4][..tcp] [.......21.0.0.8][45225] -> [.......22.0.0.7][.1494] 
+         detected: [.....1] [ip4][..tcp] [.......21.0.0.8][45225] -> [.......22.0.0.7][.1494] [Citrix][Network][Acceptable]
+          analyse: [.....1] [ip4][..tcp] [.......21.0.0.8][45225] -> [.......22.0.0.7][.1494] [Citrix][Network][Acceptable]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|   0.056|   0.005|   0.012]
+                   [IAT(c->s)...:    0.000|   0.046|   0.003|   0.009][IAT(s->c)...:    0.002|   0.056|   0.015|   0.021]
+                   [PKTLEN(c->s):   64.000| 401.000| 120.300|  66.300][PKTLEN(s->c):   64.000| 142.000|  82.000|  30.400]
+                   [BINS(c->s)..: 5,18,1,0,1,1,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 4,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+             idle: [.....1] [ip4][..tcp] [.......21.0.0.8][45225] -> [.......22.0.0.7][.1494] [Citrix][Network][Acceptable]
+     DAEMON-EVENT: shutdown

test/results/flow-info/cloudflare-warp.pcap.out

@@ -0,0 +1,33 @@
+     DAEMON-EVENT: init
+     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....1] [ip4][..tcp] [..10.158.134.93][55512] -> [.142.251.42.106][..443] [MIDSTREAM] 
+              new: [.....2] [ip4][..tcp] [.......10.8.0.1][42344] -> [..159.138.85.48][.5223] 
+         detected: [.....2] [ip4][..tcp] [.......10.8.0.1][42344] -> [..159.138.85.48][.5223] [Jabber][Web][Acceptable]
+              new: [.....3] [ip4][..tcp] [.......10.8.0.1][40214] -> [..157.240.16.32][..443] 
+         detected: [.....3] [ip4][..tcp] [.......10.8.0.1][40214] -> [..157.240.16.32][..443] [TLS.Messenger][Chat][Acceptable]
+                   RISK: TLS (probably) Not Carrying HTTPS
+ detection-update: [.....3] [ip4][..tcp] [.......10.8.0.1][40214] -> [..157.240.16.32][..443] [TLS.Messenger][Chat][Acceptable]
+                   RISK: TLS (probably) Not Carrying HTTPS
+              new: [.....4] [ip4][..tcp] [..10.158.134.93][40454] -> [..216.58.196.68][..443] [MIDSTREAM] 
+              new: [.....5] [ip4][..tcp] [.......10.8.0.1][45606] -> [..104.18.47.234][..443] 
+         detected: [.....5] [ip4][..tcp] [.......10.8.0.1][45606] -> [..104.18.47.234][..443] [TLS.CloudflareWarp][VPN][Acceptable]
+              new: [.....6] [ip4][..tcp] [.......10.8.0.1][45610] -> [..104.18.47.234][..443] 
+         detected: [.....6] [ip4][..tcp] [.......10.8.0.1][45610] -> [..104.18.47.234][..443] [TLS.CloudflareWarp][VPN][Acceptable]
+ detection-update: [.....5] [ip4][..tcp] [.......10.8.0.1][45606] -> [..104.18.47.234][..443] [TLS.CloudflareWarp][VPN][Acceptable]
+              new: [.....7] [ip4][..tcp] [.......10.8.0.1][51296] -> [142.250.183.163][..443] 
+         detected: [.....7] [ip4][..tcp] [.......10.8.0.1][51296] -> [142.250.183.163][..443] [TLS.GoogleServices][Web][Acceptable]
+ detection-update: [.....6] [ip4][..tcp] [.......10.8.0.1][45610] -> [..104.18.47.234][..443] [TLS.CloudflareWarp][VPN][Acceptable]
+              new: [.....8] [ip4][..tcp] [.......10.8.0.1][43600] -> [172.217.194.188][.5228] 
+          guessed: [.....8] [ip4][..tcp] [.......10.8.0.1][43600] -> [172.217.194.188][.5228] [Google][Web][Acceptable]
+             idle: [.....8] [ip4][..tcp] [.......10.8.0.1][43600] -> [172.217.194.188][.5228] 
+          guessed: [.....4] [ip4][..tcp] [..10.158.134.93][40454] -> [..216.58.196.68][..443] [TLS.Google][Web][Acceptable]
+              end: [.....4] [ip4][..tcp] [..10.158.134.93][40454] -> [..216.58.196.68][..443] 
+          guessed: [.....1] [ip4][..tcp] [..10.158.134.93][55512] -> [.142.251.42.106][..443] [TLS.Google][Web][Acceptable]
+              end: [.....1] [ip4][..tcp] [..10.158.134.93][55512] -> [.142.251.42.106][..443] 
+             idle: [.....2] [ip4][..tcp] [.......10.8.0.1][42344] -> [..159.138.85.48][.5223] [Jabber][Web][Acceptable]
+             idle: [.....7] [ip4][..tcp] [.......10.8.0.1][51296] -> [142.250.183.163][..443] 
+             idle: [.....5] [ip4][..tcp] [.......10.8.0.1][45606] -> [..104.18.47.234][..443] 
+             idle: [.....6] [ip4][..tcp] [.......10.8.0.1][45610] -> [..104.18.47.234][..443] 
+             idle: [.....3] [ip4][..tcp] [.......10.8.0.1][40214] -> [..157.240.16.32][..443] 
+     DAEMON-EVENT: shutdown

test/results/flow-info/coap_mqtt.pcap.out

@@ -0,0 +1,122 @@
+     DAEMON-EVENT: init
+     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....1] [ip6][..udp] [..2001:da8:215:1171:a10b:cb48:8f83:57f6][61043] -> [....................2001:620:8:35d9::10][.5683] 
+         detected: [.....1] [ip6][..udp] [..2001:da8:215:1171:a10b:cb48:8f83:57f6][61043] -> [....................2001:620:8:35d9::10][.5683] [COAP][RPC][Safe]
+              new: [.....2] [ip6][..udp] [..2001:da8:215:1171:a10b:cb48:8f83:57f6][61044] -> [....................2001:620:8:35d9::10][.5683] 
+         detected: [.....2] [ip6][..udp] [..2001:da8:215:1171:a10b:cb48:8f83:57f6][61044] -> [....................2001:620:8:35d9::10][.5683] [COAP][RPC][Safe]
+              new: [.....3] [ip6][..udp] [..2001:da8:215:1171:a10b:cb48:8f83:57f6][61045] -> [....................2001:620:8:35d9::10][.5683] 
+         detected: [.....3] [ip6][..udp] [..2001:da8:215:1171:a10b:cb48:8f83:57f6][61045] -> [....................2001:620:8:35d9::10][.5683] [COAP][RPC][Safe]
+              new: [.....4] [ip6][..udp] [..2001:da8:215:1171:a10b:cb48:8f83:57f6][61046] -> [....................2001:620:8:35d9::10][.5683] 
+         detected: [.....4] [ip6][..udp] [..2001:da8:215:1171:a10b:cb48:8f83:57f6][61046] -> [....................2001:620:8:35d9::10][.5683] [COAP][RPC][Safe]
+              new: [.....5] [ip6][..udp] [..2001:da8:215:1171:a10b:cb48:8f83:57f6][61047] -> [....................2001:620:8:35d9::10][.5683] 
+         detected: [.....5] [ip6][..udp] [..2001:da8:215:1171:a10b:cb48:8f83:57f6][61047] -> [....................2001:620:8:35d9::10][.5683] [COAP][RPC][Safe]
+     DAEMON-EVENT: [Processed: 5 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 5 / 5|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....6] [ip6][..udp] [................................bbbb::1][33499] -> [................................bbbb::3][.5683] 
+         detected: [.....6] [ip6][..udp] [................................bbbb::1][33499] -> [................................bbbb::3][.5683] [COAP][RPC][Safe]
+             idle: [.....1] [ip6][..udp] [..2001:da8:215:1171:a10b:cb48:8f83:57f6][61043] -> [....................2001:620:8:35d9::10][.5683] [COAP][RPC][Safe]
+             idle: [.....2] [ip6][..udp] [..2001:da8:215:1171:a10b:cb48:8f83:57f6][61044] -> [....................2001:620:8:35d9::10][.5683] [COAP][RPC][Safe]
+             idle: [.....3] [ip6][..udp] [..2001:da8:215:1171:a10b:cb48:8f83:57f6][61045] -> [....................2001:620:8:35d9::10][.5683] [COAP][RPC][Safe]
+             idle: [.....4] [ip6][..udp] [..2001:da8:215:1171:a10b:cb48:8f83:57f6][61046] -> [....................2001:620:8:35d9::10][.5683] [COAP][RPC][Safe]
+             idle: [.....5] [ip6][..udp] [..2001:da8:215:1171:a10b:cb48:8f83:57f6][61047] -> [....................2001:620:8:35d9::10][.5683] [COAP][RPC][Safe]
+              new: [.....7] [ip6][..udp] [................................bbbb::1][50250] -> [................................bbbb::3][.5683] 
+         detected: [.....7] [ip6][..udp] [................................bbbb::1][50250] -> [................................bbbb::3][.5683] [COAP][RPC][Safe]
+              new: [.....8] [ip6][..udp] [................................bbbb::1][46819] -> [................................bbbb::3][.5683] 
+         detected: [.....8] [ip6][..udp] [................................bbbb::1][46819] -> [................................bbbb::3][.5683] [COAP][RPC][Safe]
+             idle: [.....6] [ip6][..udp] [................................bbbb::1][33499] -> [................................bbbb::3][.5683] [COAP][RPC][Safe]
+           update: [.....7] [ip6][..udp] [................................bbbb::1][50250] -> [................................bbbb::3][.5683] [COAP][RPC][Safe]
+           update: [.....8] [ip6][..udp] [................................bbbb::1][46819] -> [................................bbbb::3][.5683] [COAP][RPC][Safe]
+     DAEMON-EVENT: [Processed: 19 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 2 / 8|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 2]
+              new: [.....9] [ip4][..tcp] [...192.168.56.1][53522] -> [.192.168.56.101][17501] [MIDSTREAM] 
+         detected: [.....9] [ip4][..tcp] [...192.168.56.1][53522] -> [.192.168.56.101][17501] [MQTT][RPC][Acceptable]
+                   RISK: Known Proto on Non Std Port
+             idle: [.....7] [ip6][..udp] [................................bbbb::1][50250] -> [................................bbbb::3][.5683] [COAP][RPC][Safe]
+             idle: [.....8] [ip6][..udp] [................................bbbb::1][46819] -> [................................bbbb::3][.5683] [COAP][RPC][Safe]
+              new: [....10] [ip4][..tcp] [...192.168.56.1][53523] -> [.192.168.56.101][17501] [MIDSTREAM] 
+         detected: [....10] [ip4][..tcp] [...192.168.56.1][53523] -> [.192.168.56.101][17501] [MQTT][RPC][Acceptable]
+                   RISK: Known Proto on Non Std Port
+              new: [....11] [ip4][..tcp] [...192.168.56.1][53528] -> [.192.168.56.101][17501] 
+         detected: [....11] [ip4][..tcp] [...192.168.56.1][53528] -> [.192.168.56.101][17501] [MQTT][RPC][Acceptable]
+                   RISK: Known Proto on Non Std Port
+              new: [....12] [ip4][..udp] [...192.168.56.1][50311] -> [.192.168.56.101][17500] 
+         detected: [....12] [ip4][..udp] [...192.168.56.1][50311] -> [.192.168.56.101][17500] [Dropbox][Cloud][Acceptable]
+              new: [....13] [ip4][..tcp] [.192.168.56.101][17501] -> [...192.168.56.1][53524] [MIDSTREAM] 
+         detected: [....13] [ip4][..tcp] [.192.168.56.101][17501] -> [...192.168.56.1][53524] [MQTT][RPC][Acceptable]
+                   RISK: Known Proto on Non Std Port
+          analyse: [....11] [ip4][..tcp] [...192.168.56.1][53528] -> [.192.168.56.101][17501] [MQTT][RPC][Acceptable]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|   4.439|   0.304|   1.061]
+                   [IAT(c->s)...:    0.000|   4.242|   0.335|   1.085][IAT(s->c)...:    0.000|   4.439|   0.278|   1.040]
+                   [PKTLEN(c->s):   60.000| 114.000|  76.300|  23.100][PKTLEN(s->c):   54.000| 140.000|  76.300|  35.200]
+                   [BINS(c->s)..: 11,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 13,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+          analyse: [.....9] [ip4][..tcp] [...192.168.56.1][53522] -> [.192.168.56.101][17501] [MQTT][RPC][Acceptable]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|  27.506|   1.802|   6.725]
+                   [IAT(c->s)...:    0.001|  27.310|   2.149|   7.264][IAT(s->c)...:    0.000|  27.506|   1.552|   6.295]
+                   [PKTLEN(c->s):   60.000| 114.000|  75.400|  24.400][PKTLEN(s->c):   54.000| 140.000|  78.900|  37.900]
+                   [BINS(c->s)..: 10,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 13,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+          analyse: [....10] [ip4][..tcp] [...192.168.56.1][53523] -> [.192.168.56.101][17501] [MQTT][RPC][Acceptable]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|  13.151|   0.876|   3.198]
+                   [IAT(c->s)...:    0.001|  12.952|   1.045|   3.438][IAT(s->c)...:    0.000|  13.151|   0.755|   3.007]
+                   [PKTLEN(c->s):   60.000| 114.000|  75.400|  24.400][PKTLEN(s->c):   54.000| 140.000|  78.900|  37.900]
+                   [BINS(c->s)..: 10,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 13,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+          analyse: [....13] [ip4][..tcp] [.192.168.56.101][17501] -> [...192.168.56.1][53524] [MQTT][RPC][Acceptable]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|   0.074|   0.031|   0.027]
+                   [IAT(c->s)...:    0.000|   0.067|   0.028|   0.026][IAT(s->c)...:    0.001|   0.074|   0.034|   0.027]
+                   [PKTLEN(c->s):   54.000| 140.000|  78.800|  38.000][PKTLEN(s->c):   60.000| 114.000|  79.300|  25.900]
+                   [BINS(c->s)..: 13,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 9,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+              new: [....14] [ip4][..udp] [...192.168.56.1][50318] -> [.192.168.56.101][17500] 
+         detected: [....14] [ip4][..udp] [...192.168.56.1][50318] -> [.192.168.56.101][17500] [Dropbox][Cloud][Acceptable]
+          analyse: [....12] [ip4][..udp] [...192.168.56.1][50311] -> [.192.168.56.101][17500] [Dropbox][Cloud][Acceptable]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.002|   0.118|   0.106|   0.019]
+                   [IAT(c->s)...:    0.104|   0.118|   0.110|   0.003][IAT(s->c)...:    0.002|   0.116|   0.103|   0.026]
+                   [PKTLEN(c->s):  136.000| 143.000| 138.100|   2.100][PKTLEN(s->c):   59.000|  66.000|  61.100|   2.100]
+                   [BINS(c->s)..: 0,0,8,8,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+              new: [....15] [ip4][..udp] [...192.168.56.1][50312] -> [.192.168.56.101][17500] 
+         detected: [....15] [ip4][..udp] [...192.168.56.1][50312] -> [.192.168.56.101][17500] [Dropbox][Cloud][Acceptable]
+          analyse: [....14] [ip4][..udp] [...192.168.56.1][50318] -> [.192.168.56.101][17500] [Dropbox][Cloud][Acceptable]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.002|   0.128|   0.112|   0.021]
+                   [IAT(c->s)...:    0.106|   0.128|   0.115|   0.006][IAT(s->c)...:    0.002|   0.126|   0.108|   0.028]
+                   [PKTLEN(c->s):  137.000| 142.000| 139.000|   1.800][PKTLEN(s->c):   60.000|  65.000|  62.000|   1.800]
+                   [BINS(c->s)..: 0,0,6,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+              new: [....16] [ip4][..udp] [...192.168.56.1][50319] -> [.192.168.56.101][17500] 
+         detected: [....16] [ip4][..udp] [...192.168.56.1][50319] -> [.192.168.56.101][17500] [Dropbox][Cloud][Acceptable]
+          analyse: [....15] [ip4][..udp] [...192.168.56.1][50312] -> [.192.168.56.101][17500] [Dropbox][Cloud][Acceptable]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.001|   0.131|   0.117|   0.022]
+                   [IAT(c->s)...:    0.105|   0.131|   0.121|   0.008][IAT(s->c)...:    0.001|   0.131|   0.113|   0.030]
+                   [PKTLEN(c->s):  137.000| 143.000| 139.800|   1.800][PKTLEN(s->c):   60.000|  66.000|  62.800|   1.800]
+                   [BINS(c->s)..: 0,0,3,13,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+          analyse: [....16] [ip4][..udp] [...192.168.56.1][50319] -> [.192.168.56.101][17500] [Dropbox][Cloud][Acceptable]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.005|   0.172|   0.127|   0.026]
+                   [IAT(c->s)...:    0.107|   0.172|   0.131|   0.015][IAT(s->c)...:    0.005|   0.165|   0.123|   0.033]
+                   [PKTLEN(c->s):  136.000| 143.000| 139.600|   2.200][PKTLEN(s->c):   59.000|  66.000|  62.600|   2.200]
+                   [BINS(c->s)..: 0,0,4,12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+             idle: [....12] [ip4][..udp] [...192.168.56.1][50311] -> [.192.168.56.101][17500] [Dropbox][Cloud][Acceptable]
+             idle: [....15] [ip4][..udp] [...192.168.56.1][50312] -> [.192.168.56.101][17500] [Dropbox][Cloud][Acceptable]
+             idle: [....14] [ip4][..udp] [...192.168.56.1][50318] -> [.192.168.56.101][17500] [Dropbox][Cloud][Acceptable]
+             idle: [....16] [ip4][..udp] [...192.168.56.1][50319] -> [.192.168.56.101][17500] [Dropbox][Cloud][Acceptable]
+             idle: [.....9] [ip4][..tcp] [...192.168.56.1][53522] -> [.192.168.56.101][17501] [MQTT][RPC][Acceptable]
+                   RISK: Known Proto on Non Std Port
+             idle: [....10] [ip4][..tcp] [...192.168.56.1][53523] -> [.192.168.56.101][17501] [MQTT][RPC][Acceptable]
+                   RISK: Known Proto on Non Std Port
+             idle: [....13] [ip4][..tcp] [.192.168.56.101][17501] -> [...192.168.56.1][53524] [MQTT][RPC][Acceptable]
+                   RISK: Known Proto on Non Std Port
+             idle: [....11] [ip4][..tcp] [...192.168.56.1][53528] -> [.192.168.56.101][17501] [MQTT][RPC][Acceptable]
+                   RISK: Known Proto on Non Std Port
+     DAEMON-EVENT: shutdown

test/results/flow-info/collectd.pcap.out

@@ -0,0 +1,59 @@
+     DAEMON-EVENT: init
+     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....1] [ip4][..udp] [......127.0.0.1][36576] -> [......127.0.0.1][25826] 
+         detected: [.....1] [ip4][..udp] [......127.0.0.1][36576] -> [......127.0.0.1][25826] [collectd][System][Acceptable]
+              new: [.....2] [ip4][..udp] [......127.0.0.1][36320] -> [......127.0.0.1][25826] 
+              new: [.....3] [ip4][..udp] [......127.0.0.1][36064] -> [......127.0.0.1][25826] 
+         detected: [.....3] [ip4][..udp] [......127.0.0.1][36064] -> [......127.0.0.1][25826] [collectd][System][Acceptable]
+     DAEMON-EVENT: [Processed: 3 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 3 / 3|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....4] [ip4][..udp] [.192.168.178.35][39576] -> [..239.192.74.66][25826] 
+              new: [.....5] [ip4][..udp] [.192.168.178.35][39577] -> [..239.192.74.66][25826] 
+             idle: [.....3] [ip4][..udp] [......127.0.0.1][36064] -> [......127.0.0.1][25826] [collectd][System][Acceptable]
+          guessed: [.....2] [ip4][..udp] [......127.0.0.1][36320] -> [......127.0.0.1][25826] [collectd][System][Acceptable]
+             idle: [.....2] [ip4][..udp] [......127.0.0.1][36320] -> [......127.0.0.1][25826] 
+             idle: [.....1] [ip4][..udp] [......127.0.0.1][36576] -> [......127.0.0.1][25826] [collectd][System][Acceptable]
+     DAEMON-EVENT: [Processed: 5 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 2 / 5|skipped: 0|!detected: 0|guessed: 1|detection-updates: 0|updates: 0]
+              new: [.....6] [ip4][..udp] [......127.0.0.1][54138] -> [......127.0.0.1][25826] 
+         detected: [.....6] [ip4][..udp] [......127.0.0.1][54138] -> [......127.0.0.1][25826] [collectd][System][Acceptable]
+          guessed: [.....4] [ip4][..udp] [.192.168.178.35][39576] -> [..239.192.74.66][25826] [collectd][System][Acceptable]
+             idle: [.....4] [ip4][..udp] [.192.168.178.35][39576] -> [..239.192.74.66][25826] 
+          guessed: [.....5] [ip4][..udp] [.192.168.178.35][39577] -> [..239.192.74.66][25826] [collectd][System][Acceptable]
+             idle: [.....5] [ip4][..udp] [.192.168.178.35][39577] -> [..239.192.74.66][25826] 
+              new: [.....7] [ip4][..udp] [......127.0.0.1][35988] -> [......127.0.0.1][25826] 
+         detected: [.....7] [ip4][..udp] [......127.0.0.1][35988] -> [......127.0.0.1][25826] [collectd][System][Acceptable]
+           update: [.....6] [ip4][..udp] [......127.0.0.1][54138] -> [......127.0.0.1][25826] [collectd][System][Acceptable]
+           update: [.....7] [ip4][..udp] [......127.0.0.1][35988] -> [......127.0.0.1][25826] [collectd][System][Acceptable]
+           update: [.....6] [ip4][..udp] [......127.0.0.1][54138] -> [......127.0.0.1][25826] [collectd][System][Acceptable]
+           update: [.....7] [ip4][..udp] [......127.0.0.1][35988] -> [......127.0.0.1][25826] [collectd][System][Acceptable]
+           update: [.....6] [ip4][..udp] [......127.0.0.1][54138] -> [......127.0.0.1][25826] [collectd][System][Acceptable]
+             idle: [.....6] [ip4][..udp] [......127.0.0.1][54138] -> [......127.0.0.1][25826] [collectd][System][Acceptable]
+           update: [.....7] [ip4][..udp] [......127.0.0.1][35988] -> [......127.0.0.1][25826] [collectd][System][Acceptable]
+           update: [.....7] [ip4][..udp] [......127.0.0.1][35988] -> [......127.0.0.1][25826] [collectd][System][Acceptable]
+           update: [.....7] [ip4][..udp] [......127.0.0.1][35988] -> [......127.0.0.1][25826] [collectd][System][Acceptable]
+          analyse: [.....7] [ip4][..udp] [......127.0.0.1][35988] -> [......127.0.0.1][25826] [collectd][System][Acceptable]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|  10.000|   8.710|   3.352]
+                   [IAT(c->s)...:    0.000|  10.000|   8.710|   3.352][IAT(s->c)...:    0.000|   0.000|   0.000|   0.000]
+                   [PKTLEN(c->s): 1353.000|1388.000|1371.600|  10.800][PKTLEN(s->c):    0.000|   0.000|   0.000|   0.000]
+                   [BINS(c->s)..: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,26,4,0,0,0,0,0]
+                   [BINS(s->c)..: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+           update: [.....7] [ip4][..udp] [......127.0.0.1][35988] -> [......127.0.0.1][25826] [collectd][System][Acceptable]
+           update: [.....7] [ip4][..udp] [......127.0.0.1][35988] -> [......127.0.0.1][25826] [collectd][System][Acceptable]
+              new: [.....8] [ip4][..udp] [......127.0.0.1][36832] -> [......127.0.0.1][25826] 
+         detected: [.....8] [ip4][..udp] [......127.0.0.1][36832] -> [......127.0.0.1][25826] [collectd][System][Acceptable]
+           update: [.....7] [ip4][..udp] [......127.0.0.1][35988] -> [......127.0.0.1][25826] [collectd][System][Acceptable]
+           update: [.....8] [ip4][..udp] [......127.0.0.1][36832] -> [......127.0.0.1][25826] [collectd][System][Acceptable]
+           update: [.....7] [ip4][..udp] [......127.0.0.1][35988] -> [......127.0.0.1][25826] [collectd][System][Acceptable]
+     DAEMON-EVENT: [Processed: 69 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 2 / 8|skipped: 0|!detected: 0|guessed: 3|detection-updates: 0|updates: 13]
+           update: [.....8] [ip4][..udp] [......127.0.0.1][36832] -> [......127.0.0.1][25826] [collectd][System][Acceptable]
+           update: [.....7] [ip4][..udp] [......127.0.0.1][35988] -> [......127.0.0.1][25826] [collectd][System][Acceptable]
+              new: [.....9] [ip4][..udp] [.192.168.178.35][39576] -> [..239.192.74.66][25826] 
+         detected: [.....9] [ip4][..udp] [.192.168.178.35][39576] -> [..239.192.74.66][25826] [collectd][System][Acceptable]
+             idle: [.....7] [ip4][..udp] [......127.0.0.1][35988] -> [......127.0.0.1][25826] [collectd][System][Acceptable]
+             idle: [.....8] [ip4][..udp] [......127.0.0.1][36832] -> [......127.0.0.1][25826] [collectd][System][Acceptable]
+             idle: [.....9] [ip4][..udp] [.192.168.178.35][39576] -> [..239.192.74.66][25826] [collectd][System][Acceptable]
+     DAEMON-EVENT: shutdown

test/results/flow-info/corba.pcap.out

@@ -0,0 +1,13 @@
+     DAEMON-EVENT: init
+     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....1] [ip4][..tcp] [.....10.101.0.2][.8726] -> [.....10.102.0.2][..900] 
+         detected: [.....1] [ip4][..tcp] [.....10.101.0.2][.8726] -> [.....10.102.0.2][..900] [Corba][RPC][Acceptable]
+              new: [.....2] [ip4][..tcp] [.....10.101.0.2][.8727] -> [.....10.102.0.2][.1049] 
+         detected: [.....2] [ip4][..tcp] [.....10.101.0.2][.8727] -> [.....10.102.0.2][.1049] [Corba][RPC][Acceptable]
+              new: [.....3] [ip4][..tcp] [.....10.101.0.2][.8728] -> [.....10.102.0.2][61191] 
+         detected: [.....3] [ip4][..tcp] [.....10.101.0.2][.8728] -> [.....10.102.0.2][61191] [Corba][RPC][Acceptable]
+              end: [.....1] [ip4][..tcp] [.....10.101.0.2][.8726] -> [.....10.102.0.2][..900] [Corba][RPC][Acceptable]
+              end: [.....2] [ip4][..tcp] [.....10.101.0.2][.8727] -> [.....10.102.0.2][.1049] [Corba][RPC][Acceptable]
+              end: [.....3] [ip4][..tcp] [.....10.101.0.2][.8728] -> [.....10.102.0.2][61191] [Corba][RPC][Acceptable]
+     DAEMON-EVENT: shutdown

test/results/flow-info/cpha.pcap.out

@@ -0,0 +1,7 @@
+     DAEMON-EVENT: init
+     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....1] [ip4][..udp] [........0.0.0.0][.8116] -> [.....172.21.3.0][.8116] 
+         detected: [.....1] [ip4][..udp] [........0.0.0.0][.8116] -> [.....172.21.3.0][.8116] [CPHA][Network][Fun]
+             idle: [.....1] [ip4][..udp] [........0.0.0.0][.8116] -> [.....172.21.3.0][.8116] [CPHA][Network][Fun]
+     DAEMON-EVENT: shutdown

test/results/flow-info/crynet.pcap.out

@@ -0,0 +1,22 @@
+     DAEMON-EVENT: init
+     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....1] [ip4][..udp] [..192.168.2.100][61837] -> [..78.159.118.97][25383] 
+         detected: [.....1] [ip4][..udp] [..192.168.2.100][61837] -> [..78.159.118.97][25383] [CryNetwork][Game][Safe]
+     DAEMON-EVENT: [Processed: 15 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 1 / 1|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....2] [ip4][..udp] [..192.168.2.100][56333] -> [...37.58.56.245][20250] 
+         detected: [.....2] [ip4][..udp] [..192.168.2.100][56333] -> [...37.58.56.245][20250] [CryNetwork][Game][Safe]
+             idle: [.....1] [ip4][..udp] [..192.168.2.100][61837] -> [..78.159.118.97][25383] [CryNetwork][Game][Safe]
+     DAEMON-EVENT: [Processed: 30 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 1 / 2|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....3] [ip4][..udp] [..192.168.2.100][56970] -> [..84.16.230.222][28665] 
+         detected: [.....3] [ip4][..udp] [..192.168.2.100][56970] -> [..84.16.230.222][28665] [CryNetwork][Game][Safe]
+             idle: [.....2] [ip4][..udp] [..192.168.2.100][56333] -> [...37.58.56.245][20250] [CryNetwork][Game][Safe]
+     DAEMON-EVENT: [Processed: 45 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 1 / 3|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....4] [ip4][..udp] [..192.168.2.100][55645] -> [...78.159.98.94][28375] 
+         detected: [.....4] [ip4][..udp] [..192.168.2.100][55645] -> [...78.159.98.94][28375] [CryNetwork][Game][Safe]
+             idle: [.....4] [ip4][..udp] [..192.168.2.100][55645] -> [...78.159.98.94][28375] [CryNetwork][Game][Safe]
+             idle: [.....3] [ip4][..udp] [..192.168.2.100][56970] -> [..84.16.230.222][28665] [CryNetwork][Game][Safe]
+     DAEMON-EVENT: shutdown

test/results/flow-info/dazn.pcapng.out

@@ -0,0 +1,16 @@
+     DAEMON-EVENT: init
+     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....1] [ip4][..tcp] [..192.168.1.128][54020] -> [...52.84.223.58][..443] 
+         detected: [.....1] [ip4][..tcp] [..192.168.1.128][54020] -> [...52.84.223.58][..443] [TLS.Dazn][Streaming][Fun]
+ detection-update: [.....1] [ip4][..tcp] [..192.168.1.128][54020] -> [...52.84.223.58][..443] [TLS.Dazn][Streaming][Fun]
+              new: [.....2] [ip4][..tcp] [..192.168.1.128][46036] -> [..13.226.244.27][..443] 
+         detected: [.....2] [ip4][..tcp] [..192.168.1.128][46036] -> [..13.226.244.27][..443] [TLS.Dazn][Streaming][Fun]
+ detection-update: [.....2] [ip4][..tcp] [..192.168.1.128][46036] -> [..13.226.244.27][..443] [TLS.Dazn][Streaming][Fun]
+              new: [.....3] [ip4][..tcp] [..192.168.1.128][40882] -> [..13.226.244.30][..443] 
+         detected: [.....3] [ip4][..tcp] [..192.168.1.128][40882] -> [..13.226.244.30][..443] [TLS.Dazn][Streaming][Fun]
+ detection-update: [.....3] [ip4][..tcp] [..192.168.1.128][40882] -> [..13.226.244.30][..443] [TLS.Dazn][Streaming][Fun]
+             idle: [.....2] [ip4][..tcp] [..192.168.1.128][46036] -> [..13.226.244.27][..443] 
+             idle: [.....1] [ip4][..tcp] [..192.168.1.128][54020] -> [...52.84.223.58][..443] 
+             idle: [.....3] [ip4][..tcp] [..192.168.1.128][40882] -> [..13.226.244.30][..443] 
+     DAEMON-EVENT: shutdown

test/results/flow-info/dcerpc.pcap.out

@@ -0,0 +1,16 @@
+     DAEMON-EVENT: init
+     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....1] [ip4][..udp] [...192.168.1.11][49155] -> [...192.168.1.20][34964] 
+         detected: [.....1] [ip4][..udp] [...192.168.1.11][49155] -> [...192.168.1.20][34964] [RPC][RPC][Acceptable]
+              new: [.....2] [ip4][..udp] [...192.168.1.20][49161] -> [...192.168.1.11][49155] 
+         detected: [.....2] [ip4][..udp] [...192.168.1.20][49161] -> [...192.168.1.11][49155] [RPC][RPC][Acceptable]
+              new: [.....3] [ip4][..udp] [...192.168.1.20][49162] -> [...192.168.1.11][34964] 
+         detected: [.....3] [ip4][..udp] [...192.168.1.20][49162] -> [...192.168.1.11][34964] [RPC][RPC][Acceptable]
+              new: [.....4] [ip4][..udp] [...192.168.1.11][49154] -> [...192.168.1.20][49162] 
+         detected: [.....4] [ip4][..udp] [...192.168.1.11][49154] -> [...192.168.1.20][49162] [RPC][RPC][Acceptable]
+             idle: [.....4] [ip4][..udp] [...192.168.1.11][49154] -> [...192.168.1.20][49162] [RPC][RPC][Acceptable]
+             idle: [.....2] [ip4][..udp] [...192.168.1.20][49161] -> [...192.168.1.11][49155] [RPC][RPC][Acceptable]
+             idle: [.....1] [ip4][..udp] [...192.168.1.11][49155] -> [...192.168.1.20][34964] [RPC][RPC][Acceptable]
+             idle: [.....3] [ip4][..udp] [...192.168.1.20][49162] -> [...192.168.1.11][34964] [RPC][RPC][Acceptable]
+     DAEMON-EVENT: shutdown

test/results/flow-info/dhcp-fuzz.pcapng.out

@@ -0,0 +1,7 @@
+     DAEMON-EVENT: init
+     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....1] [ip4][..udp] [192.168.155.104][...68] -> [255.255.255.255][...67] 
+          guessed: [.....1] [ip4][..udp] [192.168.155.104][...68] -> [255.255.255.255][...67] [DHCP][Network][Acceptable]
+             idle: [.....1] [ip4][..udp] [192.168.155.104][...68] -> [255.255.255.255][...67] 
+     DAEMON-EVENT: shutdown

test/results/flow-info/diameter.pcap.out

@@ -0,0 +1,7 @@
+     DAEMON-EVENT: init
+     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....1] [ip4][..tcp] [...10.201.9.245][50957] -> [....10.201.9.11][.3868] [MIDSTREAM] 
+         detected: [.....1] [ip4][..tcp] [...10.201.9.245][50957] -> [....10.201.9.11][.3868] [Diameter][Network][Acceptable]
+             idle: [.....1] [ip4][..tcp] [...10.201.9.245][50957] -> [....10.201.9.11][.3868] [Diameter][Network][Acceptable]
+     DAEMON-EVENT: shutdown

test/results/flow-info/discord.pcap.out

@@ -0,0 +1,172 @@
+     DAEMON-EVENT: init
+              new: [.....1] [ip4][..tcp] [......10.0.2.15][42834] -> [162.159.128.233][..443] 
+         detected: [.....1] [ip4][..tcp] [......10.0.2.15][42834] -> [162.159.128.233][..443] [TLS.Discord][Collaborative][Fun]
+ detection-update: [.....1] [ip4][..tcp] [......10.0.2.15][42834] -> [162.159.128.233][..443] [TLS.Discord][Collaborative][Fun]
+ detection-update: [.....1] [ip4][..tcp] [......10.0.2.15][42834] -> [162.159.128.233][..443] [TLS.Discord][Collaborative][Fun]
+                   RISK: TLS Cert Expired
+     DAEMON-EVENT: [Processed: 7 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 1 / 1|skipped: 0|!detected: 0|guessed: 0|detection-updates: 2|updates: 0]
+              new: [.....2] [ip4][..udp] [..192.168.2.100][56271] -> [..66.22.244.154][50004] 
+         detected: [.....2] [ip4][..udp] [..192.168.2.100][56271] -> [..66.22.244.154][50004] [Discord][Collaborative][Fun]
+              new: [.....3] [ip4][..udp] [..192.168.2.100][56271] -> [..66.22.244.139][50004] 
+         detected: [.....3] [ip4][..udp] [..192.168.2.100][56271] -> [..66.22.244.139][50004] [Discord][Collaborative][Fun]
+              new: [.....4] [ip4][..udp] [..192.168.2.100][56271] -> [..66.22.237.138][50004] 
+         detected: [.....4] [ip4][..udp] [..192.168.2.100][56271] -> [..66.22.237.138][50004] [Discord][Collaborative][Fun]
+              new: [.....5] [ip4][..udp] [..192.168.2.100][56271] -> [....66.22.241.7][50004] 
+         detected: [.....5] [ip4][..udp] [..192.168.2.100][56271] -> [....66.22.241.7][50004] [Discord][Collaborative][Fun]
+              new: [.....6] [ip4][..udp] [..192.168.2.100][56271] -> [....66.22.241.5][50004] 
+         detected: [.....6] [ip4][..udp] [..192.168.2.100][56271] -> [....66.22.241.5][50004] [Discord][Collaborative][Fun]
+              new: [.....7] [ip4][..udp] [..192.168.2.100][56271] -> [...66.22.237.11][50004] 
+         detected: [.....7] [ip4][..udp] [..192.168.2.100][56271] -> [...66.22.237.11][50004] [Discord][Collaborative][Fun]
+             idle: [.....1] [ip4][..tcp] [......10.0.2.15][42834] -> [162.159.128.233][..443] 
+     DAEMON-EVENT: [Processed: 19 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 6 / 7|skipped: 0|!detected: 0|guessed: 0|detection-updates: 2|updates: 0]
+              new: [.....8] [ip4][..udp] [..192.168.2.100][57955] -> [..66.22.196.173][50004] 
+         detected: [.....8] [ip4][..udp] [..192.168.2.100][57955] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+             idle: [.....7] [ip4][..udp] [..192.168.2.100][56271] -> [...66.22.237.11][50004] [Discord][Collaborative][Fun]
+             idle: [.....6] [ip4][..udp] [..192.168.2.100][56271] -> [....66.22.241.5][50004] [Discord][Collaborative][Fun]
+             idle: [.....5] [ip4][..udp] [..192.168.2.100][56271] -> [....66.22.241.7][50004] [Discord][Collaborative][Fun]
+             idle: [.....4] [ip4][..udp] [..192.168.2.100][56271] -> [..66.22.237.138][50004] [Discord][Collaborative][Fun]
+             idle: [.....3] [ip4][..udp] [..192.168.2.100][56271] -> [..66.22.244.139][50004] [Discord][Collaborative][Fun]
+             idle: [.....2] [ip4][..udp] [..192.168.2.100][56271] -> [..66.22.244.154][50004] [Discord][Collaborative][Fun]
+              new: [.....9] [ip4][..udp] [..192.168.2.100][64837] -> [.35.214.238.161][50001] 
+         detected: [.....9] [ip4][..udp] [..192.168.2.100][64837] -> [.35.214.238.161][50001] [Discord][Collaborative][Fun]
+              new: [....10] [ip4][..udp] [..192.168.2.100][55085] -> [..66.22.196.173][50004] 
+         detected: [....10] [ip4][..udp] [..192.168.2.100][55085] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+           update: [.....8] [ip4][..udp] [..192.168.2.100][57955] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+              new: [....11] [ip4][..udp] [..192.168.2.100][52283] -> [..66.22.196.173][50004] 
+         detected: [....11] [ip4][..udp] [..192.168.2.100][52283] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+           update: [....10] [ip4][..udp] [..192.168.2.100][55085] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+           update: [.....8] [ip4][..udp] [..192.168.2.100][57955] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+           update: [.....9] [ip4][..udp] [..192.168.2.100][64837] -> [.35.214.238.161][50001] [Discord][Collaborative][Fun]
+              new: [....12] [ip4][..udp] [..192.168.2.100][50199] -> [..66.22.196.173][50004] 
+         detected: [....12] [ip4][..udp] [..192.168.2.100][50199] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+              new: [....13] [ip4][..udp] [..192.168.2.100][57956] -> [..66.22.196.173][50004] 
+         detected: [....13] [ip4][..udp] [..192.168.2.100][57956] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+           update: [....10] [ip4][..udp] [..192.168.2.100][55085] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+           update: [.....8] [ip4][..udp] [..192.168.2.100][57955] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+           update: [....11] [ip4][..udp] [..192.168.2.100][52283] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+           update: [.....9] [ip4][..udp] [..192.168.2.100][64837] -> [.35.214.238.161][50001] [Discord][Collaborative][Fun]
+              new: [....14] [ip4][..udp] [..192.168.2.100][53459] -> [..66.22.196.173][50004] 
+         detected: [....14] [ip4][..udp] [..192.168.2.100][53459] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+             idle: [....10] [ip4][..udp] [..192.168.2.100][55085] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+             idle: [.....8] [ip4][..udp] [..192.168.2.100][57955] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+             idle: [.....9] [ip4][..udp] [..192.168.2.100][64837] -> [.35.214.238.161][50001] [Discord][Collaborative][Fun]
+           update: [....13] [ip4][..udp] [..192.168.2.100][57956] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+           update: [....12] [ip4][..udp] [..192.168.2.100][50199] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+           update: [....11] [ip4][..udp] [..192.168.2.100][52283] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+              new: [....15] [ip4][..udp] [..192.168.2.100][61435] -> [..66.22.196.173][50004] 
+         detected: [....15] [ip4][..udp] [..192.168.2.100][61435] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+             idle: [....11] [ip4][..udp] [..192.168.2.100][52283] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+           update: [....14] [ip4][..udp] [..192.168.2.100][53459] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+           update: [....13] [ip4][..udp] [..192.168.2.100][57956] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+           update: [....12] [ip4][..udp] [..192.168.2.100][50199] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+              new: [....16] [ip4][..udp] [..192.168.2.100][58322] -> [..66.22.196.173][50004] 
+         detected: [....16] [ip4][..udp] [..192.168.2.100][58322] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+             idle: [....13] [ip4][..udp] [..192.168.2.100][57956] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+             idle: [....12] [ip4][..udp] [..192.168.2.100][50199] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+           update: [....15] [ip4][..udp] [..192.168.2.100][61435] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+           update: [....14] [ip4][..udp] [..192.168.2.100][53459] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+              new: [....17] [ip4][..udp] [..192.168.2.100][61392] -> [..66.22.196.173][50004] 
+         detected: [....17] [ip4][..udp] [..192.168.2.100][61392] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+           update: [....15] [ip4][..udp] [..192.168.2.100][61435] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+           update: [....14] [ip4][..udp] [..192.168.2.100][53459] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+           update: [....16] [ip4][..udp] [..192.168.2.100][58322] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+              new: [....18] [ip4][..udp] [..192.168.2.100][63362] -> [..66.22.196.173][50004] 
+         detected: [....18] [ip4][..udp] [..192.168.2.100][63362] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+             idle: [....14] [ip4][..udp] [..192.168.2.100][53459] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+           update: [....17] [ip4][..udp] [..192.168.2.100][61392] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+           update: [....15] [ip4][..udp] [..192.168.2.100][61435] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+           update: [....16] [ip4][..udp] [..192.168.2.100][58322] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+              new: [....19] [ip4][..udp] [..192.168.2.100][50335] -> [..66.22.196.173][50004] 
+         detected: [....19] [ip4][..udp] [..192.168.2.100][50335] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+             idle: [....15] [ip4][..udp] [..192.168.2.100][61435] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+           update: [....18] [ip4][..udp] [..192.168.2.100][63362] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+           update: [....17] [ip4][..udp] [..192.168.2.100][61392] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+           update: [....16] [ip4][..udp] [..192.168.2.100][58322] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+     DAEMON-EVENT: [Processed: 186 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 4 / 19|skipped: 0|!detected: 0|guessed: 0|detection-updates: 2|updates: 25]
+              new: [....20] [ip4][..udp] [..192.168.2.100][62379] -> [..66.22.196.173][50004] 
+         detected: [....20] [ip4][..udp] [..192.168.2.100][62379] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+             idle: [....17] [ip4][..udp] [..192.168.2.100][61392] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+             idle: [....16] [ip4][..udp] [..192.168.2.100][58322] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+           update: [....18] [ip4][..udp] [..192.168.2.100][63362] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+           update: [....19] [ip4][..udp] [..192.168.2.100][50335] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+              new: [....21] [ip4][..udp] [..192.168.2.100][62844] -> [..66.22.196.173][50004] 
+         detected: [....21] [ip4][..udp] [..192.168.2.100][62844] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+             idle: [....18] [ip4][..udp] [..192.168.2.100][63362] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+           update: [....20] [ip4][..udp] [..192.168.2.100][62379] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+           update: [....19] [ip4][..udp] [..192.168.2.100][50335] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+              new: [....22] [ip4][..udp] [..192.168.2.100][59891] -> [..66.22.196.173][50004] 
+         detected: [....22] [ip4][..udp] [..192.168.2.100][59891] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+             idle: [....19] [ip4][..udp] [..192.168.2.100][50335] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+           update: [....20] [ip4][..udp] [..192.168.2.100][62379] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+           update: [....21] [ip4][..udp] [..192.168.2.100][62844] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+              new: [....23] [ip4][..udp] [..192.168.2.100][61985] -> [..66.22.196.173][50004] 
+         detected: [....23] [ip4][..udp] [..192.168.2.100][61985] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+           update: [....22] [ip4][..udp] [..192.168.2.100][59891] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+           update: [....20] [ip4][..udp] [..192.168.2.100][62379] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+           update: [....21] [ip4][..udp] [..192.168.2.100][62844] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+              new: [....24] [ip4][..udp] [..192.168.2.100][57764] -> [..66.22.196.173][50004] 
+         detected: [....24] [ip4][..udp] [..192.168.2.100][57764] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+             idle: [....20] [ip4][..udp] [..192.168.2.100][62379] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+             idle: [....21] [ip4][..udp] [..192.168.2.100][62844] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+           update: [....22] [ip4][..udp] [..192.168.2.100][59891] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+           update: [....23] [ip4][..udp] [..192.168.2.100][61985] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+              new: [....25] [ip4][..udp] [..192.168.2.100][55432] -> [..66.22.196.173][50004] 
+         detected: [....25] [ip4][..udp] [..192.168.2.100][55432] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+           update: [....24] [ip4][..udp] [..192.168.2.100][57764] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+           update: [....22] [ip4][..udp] [..192.168.2.100][59891] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+           update: [....23] [ip4][..udp] [..192.168.2.100][61985] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+              new: [....26] [ip4][..udp] [..192.168.2.100][61060] -> [..66.22.196.173][50004] 
+         detected: [....26] [ip4][..udp] [..192.168.2.100][61060] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+             idle: [....22] [ip4][..udp] [..192.168.2.100][59891] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+             idle: [....23] [ip4][..udp] [..192.168.2.100][61985] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+           update: [....25] [ip4][..udp] [..192.168.2.100][55432] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+           update: [....24] [ip4][..udp] [..192.168.2.100][57764] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+              new: [....27] [ip4][..udp] [..192.168.2.100][63893] -> [..66.22.196.173][50004] 
+         detected: [....27] [ip4][..udp] [..192.168.2.100][63893] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+           update: [....26] [ip4][..udp] [..192.168.2.100][61060] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+           update: [....25] [ip4][..udp] [..192.168.2.100][55432] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+           update: [....24] [ip4][..udp] [..192.168.2.100][57764] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+              new: [....28] [ip4][..udp] [..192.168.2.100][52323] -> [..66.22.196.173][50004] 
+         detected: [....28] [ip4][..udp] [..192.168.2.100][52323] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+             idle: [....25] [ip4][..udp] [..192.168.2.100][55432] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+             idle: [....24] [ip4][..udp] [..192.168.2.100][57764] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+           update: [....26] [ip4][..udp] [..192.168.2.100][61060] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+           update: [....27] [ip4][..udp] [..192.168.2.100][63893] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+              new: [....29] [ip4][..udp] [..192.168.2.100][58753] -> [..66.22.196.173][50004] 
+         detected: [....29] [ip4][..udp] [..192.168.2.100][58753] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+             idle: [....26] [ip4][..udp] [..192.168.2.100][61060] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+           update: [....27] [ip4][..udp] [..192.168.2.100][63893] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+           update: [....28] [ip4][..udp] [..192.168.2.100][52323] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+     DAEMON-EVENT: [Processed: 336 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 3 / 29|skipped: 0|!detected: 0|guessed: 0|detection-updates: 2|updates: 48]
+              new: [....30] [ip4][..udp] [..192.168.2.100][65053] -> [..66.22.196.173][50004] 
+         detected: [....30] [ip4][..udp] [..192.168.2.100][65053] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+             idle: [....27] [ip4][..udp] [..192.168.2.100][63893] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+           update: [....28] [ip4][..udp] [..192.168.2.100][52323] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+           update: [....29] [ip4][..udp] [..192.168.2.100][58753] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+              new: [....31] [ip4][..udp] [..192.168.2.100][49648] -> [..66.22.196.173][50004] 
+         detected: [....31] [ip4][..udp] [..192.168.2.100][49648] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+           update: [....30] [ip4][..udp] [..192.168.2.100][65053] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+           update: [....28] [ip4][..udp] [..192.168.2.100][52323] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+           update: [....29] [ip4][..udp] [..192.168.2.100][58753] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+              new: [....32] [ip4][..udp] [..192.168.2.100][54950] -> [..66.22.196.173][50004] 
+         detected: [....32] [ip4][..udp] [..192.168.2.100][54950] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+             idle: [....28] [ip4][..udp] [..192.168.2.100][52323] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+             idle: [....29] [ip4][..udp] [..192.168.2.100][58753] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+           update: [....30] [ip4][..udp] [..192.168.2.100][65053] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+           update: [....31] [ip4][..udp] [..192.168.2.100][49648] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+              new: [....33] [ip4][..udp] [..192.168.2.100][59240] -> [..66.22.196.173][50004] 
+         detected: [....33] [ip4][..udp] [..192.168.2.100][59240] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+             idle: [....30] [ip4][..udp] [..192.168.2.100][65053] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+           update: [....32] [ip4][..udp] [..192.168.2.100][54950] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+           update: [....31] [ip4][..udp] [..192.168.2.100][49648] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+              new: [....34] [ip4][..udp] [..192.168.2.100][62481] -> [..66.22.196.173][50004] 
+         detected: [....34] [ip4][..udp] [..192.168.2.100][62481] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+             idle: [....32] [ip4][..udp] [..192.168.2.100][54950] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+             idle: [....33] [ip4][..udp] [..192.168.2.100][59240] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+             idle: [....31] [ip4][..udp] [..192.168.2.100][49648] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+             idle: [....34] [ip4][..udp] [..192.168.2.100][62481] -> [..66.22.196.173][50004] [Discord][Collaborative][Fun]
+     DAEMON-EVENT: shutdown

test/results/flow-info/dlt_ppp.pcap.out

@@ -0,0 +1,3 @@
+     DAEMON-EVENT: init
+      ERROR-EVENT: Unknown L3 protocol
+     DAEMON-EVENT: shutdown

test/results/flow-info/dnp3.pcap.out

@@ -0,0 +1,92 @@
+     DAEMON-EVENT: init
+     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....1] [ip4][..tcp] [.......10.0.0.8][.2789] -> [.......10.0.0.3][20000] 
+         detected: [.....1] [ip4][..tcp] [.......10.0.0.8][.2789] -> [.......10.0.0.3][20000] [DNP3][IoT-Scada][Acceptable]
+          analyse: [.....1] [ip4][..tcp] [.......10.0.0.8][.2789] -> [.......10.0.0.3][20000] [DNP3][IoT-Scada][Acceptable]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000| 120.146|  12.647|  35.851]
+                   [IAT(c->s)...:    0.000| 120.146|  20.567|  44.545][IAT(s->c)...:    0.000|   3.043|   0.767|   1.314]
+                   [PKTLEN(c->s):   60.000|  79.000|  66.300|   7.700][PKTLEN(s->c):   60.000|  71.000|  66.000|   5.000]
+                   [BINS(c->s)..: 20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+     DAEMON-EVENT: [Processed: 39 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 1 / 1|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....2] [ip4][..tcp] [.......10.0.0.8][.2803] -> [.......10.0.0.3][20000] 
+         detected: [.....2] [ip4][..tcp] [.......10.0.0.8][.2803] -> [.......10.0.0.3][20000] [DNP3][IoT-Scada][Acceptable]
+          analyse: [.....2] [ip4][..tcp] [.......10.0.0.8][.2803] -> [.......10.0.0.3][20000] [DNP3][IoT-Scada][Acceptable]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|  17.487|   5.095|   6.400]
+                   [IAT(c->s)...:    0.000|  17.203|   5.095|   6.326][IAT(s->c)...:    0.000|  17.487|   5.095|   6.474]
+                   [PKTLEN(c->s):   60.000|  78.000|  66.300|   8.300][PKTLEN(s->c):   60.000|  71.000|  62.800|   4.400]
+                   [BINS(c->s)..: 18,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+     DAEMON-EVENT: [Processed: 78 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 2 / 2|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....3] [ip4][..tcp] [.......10.0.0.8][.2828] -> [.......10.0.0.3][20000] 
+         detected: [.....3] [ip4][..tcp] [.......10.0.0.8][.2828] -> [.......10.0.0.3][20000] [DNP3][IoT-Scada][Acceptable]
+              end: [.....2] [ip4][..tcp] [.......10.0.0.8][.2803] -> [.......10.0.0.3][20000] [DNP3][IoT-Scada][Acceptable]
+          analyse: [.....3] [ip4][..tcp] [.......10.0.0.8][.2828] -> [.......10.0.0.3][20000] [DNP3][IoT-Scada][Acceptable]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|  82.989|   8.549|  24.817]
+                   [IAT(c->s)...:    0.000|  82.989|  14.056|  30.830][IAT(s->c)...:    0.000|   1.141|   0.288|   0.493]
+                   [PKTLEN(c->s):   60.000|  79.000|  66.300|   7.700][PKTLEN(s->c):   60.000|  71.000|  66.000|   5.000]
+                   [BINS(c->s)..: 20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+     DAEMON-EVENT: [Processed: 216 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 2 / 3|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....4] [ip4][..tcp] [.......10.0.0.9][.1080] -> [.......10.0.0.3][20000] 
+             idle: [.....1] [ip4][..tcp] [.......10.0.0.8][.2789] -> [.......10.0.0.3][20000] [DNP3][IoT-Scada][Acceptable]
+         detected: [.....4] [ip4][..tcp] [.......10.0.0.9][.1080] -> [.......10.0.0.3][20000] [DNP3][IoT-Scada][Acceptable]
+          analyse: [.....4] [ip4][..tcp] [.......10.0.0.9][.1080] -> [.......10.0.0.3][20000] [DNP3][IoT-Scada][Acceptable]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|  75.076|  22.122|  29.810]
+                   [IAT(c->s)...:    0.000|  75.029|  22.114|  29.776][IAT(s->c)...:    0.000|  75.076|  22.129|  29.843]
+                   [PKTLEN(c->s):   60.000|  72.000|  63.800|   4.800][PKTLEN(s->c):   62.000|  77.000|  70.400|   5.000]
+                   [BINS(c->s)..: 18,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+     DAEMON-EVENT: [Processed: 351 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 2 / 4|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....5] [ip4][..tcp] [.......10.0.0.8][.1086] -> [.......10.0.0.3][20000] 
+         detected: [.....5] [ip4][..tcp] [.......10.0.0.8][.1086] -> [.......10.0.0.3][20000] [DNP3][IoT-Scada][Acceptable]
+          analyse: [.....5] [ip4][..tcp] [.......10.0.0.8][.1086] -> [.......10.0.0.3][20000] [DNP3][IoT-Scada][Acceptable]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|   2.639|   0.563|   1.000]
+                   [IAT(c->s)...:    0.000|   2.471|   0.481|   0.894][IAT(s->c)...:    0.000|   2.639|   0.685|   1.129]
+                   [PKTLEN(c->s):   60.000|  79.000|  66.200|   7.600][PKTLEN(s->c):   60.000|  71.000|  66.000|   5.000]
+                   [BINS(c->s)..: 20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+             idle: [.....3] [ip4][..tcp] [.......10.0.0.8][.2828] -> [.......10.0.0.3][20000] [DNP3][IoT-Scada][Acceptable]
+     DAEMON-EVENT: [Processed: 444 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 2 / 5|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....6] [ip4][..tcp] [.......10.0.0.8][.1159] -> [.......10.0.0.3][20000] 
+         detected: [.....6] [ip4][..tcp] [.......10.0.0.8][.1159] -> [.......10.0.0.3][20000] [DNP3][IoT-Scada][Acceptable]
+             idle: [.....4] [ip4][..tcp] [.......10.0.0.9][.1080] -> [.......10.0.0.3][20000] [DNP3][IoT-Scada][Acceptable]
+           update: [.....5] [ip4][..tcp] [.......10.0.0.8][.1086] -> [.......10.0.0.3][20000] [DNP3][IoT-Scada][Acceptable]
+     DAEMON-EVENT: [Processed: 471 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 2 / 6|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 1]
+              new: [.....7] [ip4][..tcp] [.......10.0.0.8][.1184] -> [.......10.0.0.3][20000] 
+         detected: [.....7] [ip4][..tcp] [.......10.0.0.8][.1184] -> [.......10.0.0.3][20000] [DNP3][IoT-Scada][Acceptable]
+             idle: [.....5] [ip4][..tcp] [.......10.0.0.8][.1086] -> [.......10.0.0.3][20000] [DNP3][IoT-Scada][Acceptable]
+          analyse: [.....7] [ip4][..tcp] [.......10.0.0.8][.1184] -> [.......10.0.0.3][20000] [DNP3][IoT-Scada][Acceptable]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|   9.488|   2.471|   3.592]
+                   [IAT(c->s)...:    0.000|   9.227|   2.069|   3.330][IAT(s->c)...:    0.000|   9.488|   3.076|   3.876]
+                   [PKTLEN(c->s):   60.000|  78.000|  65.700|   8.100][PKTLEN(s->c):   62.000|  71.000|  68.800|   3.900]
+                   [BINS(c->s)..: 20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+     DAEMON-EVENT: [Processed: 504 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 2 / 7|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 1]
+              new: [.....8] [ip4][..tcp] [.......10.0.0.9][.1084] -> [.......10.0.0.3][20000] 
+         detected: [.....8] [ip4][..tcp] [.......10.0.0.9][.1084] -> [.......10.0.0.3][20000] [DNP3][IoT-Scada][Acceptable]
+          analyse: [.....8] [ip4][..tcp] [.......10.0.0.9][.1084] -> [.......10.0.0.3][20000] [DNP3][IoT-Scada][Acceptable]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|   3.963|   1.541|   1.422]
+                   [IAT(c->s)...:    0.000|   3.672|   1.541|   1.367][IAT(s->c)...:    0.000|   3.963|   1.541|   1.475]
+                   [PKTLEN(c->s):   60.000|  78.000|  66.300|   8.300][PKTLEN(s->c):   60.000|  71.000|  62.800|   4.400]
+                   [BINS(c->s)..: 18,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+              end: [.....8] [ip4][..tcp] [.......10.0.0.9][.1084] -> [.......10.0.0.3][20000] [DNP3][IoT-Scada][Acceptable]
+             idle: [.....6] [ip4][..tcp] [.......10.0.0.8][.1159] -> [.......10.0.0.3][20000] [DNP3][IoT-Scada][Acceptable]
+             idle: [.....7] [ip4][..tcp] [.......10.0.0.8][.1184] -> [.......10.0.0.3][20000] [DNP3][IoT-Scada][Acceptable]
+     DAEMON-EVENT: shutdown

test/results/flow-info/dns-invalid-chars.pcap.out

@@ -0,0 +1,8 @@
+     DAEMON-EVENT: init
+     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....1] [ip4][..udp] [......127.0.0.1][35980] -> [......127.0.0.1][...53] 
+         detected: [.....1] [ip4][..udp] [......127.0.0.1][35980] -> [......127.0.0.1][...53] [DNS][Network][Acceptable]
+ detection-update: [.....1] [ip4][..udp] [......127.0.0.1][35980] -> [......127.0.0.1][...53] [DNS][Network][Acceptable]
+             idle: [.....1] [ip4][..udp] [......127.0.0.1][35980] -> [......127.0.0.1][...53] [DNS][Network][Acceptable]
+     DAEMON-EVENT: shutdown

test/results/flow-info/dns-tunnel-iodine.pcap.out

@@ -0,0 +1,17 @@
+     DAEMON-EVENT: init
+     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....1] [ip4][..udp] [......10.0.2.30][44639] -> [......10.0.2.20][...53] 
+         detected: [.....1] [ip4][..udp] [......10.0.2.30][44639] -> [......10.0.2.20][...53] [DNS][Network][Acceptable]
+ detection-update: [.....1] [ip4][..udp] [......10.0.2.30][44639] -> [......10.0.2.20][...53] [DNS][Network][Acceptable]
+                   RISK: Suspicious DNS Traffic
+          analyse: [.....1] [ip4][..udp] [......10.0.2.30][44639] -> [......10.0.2.20][...53] [DNS][Network][Acceptable]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|   1.003|   0.162|   0.368]
+                   [IAT(c->s)...:    0.000|   1.003|   0.279|   0.449][IAT(s->c)...:    0.000|   0.006|   0.001|   0.001]
+                   [PKTLEN(c->s):   82.000| 323.000| 198.200| 107.600][PKTLEN(s->c):   93.000|1476.000| 317.400| 420.400]
+                   [BINS(c->s)..: 0,6,4,1,0,0,0,0,8,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 0,4,1,3,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0]
+             idle: [.....1] [ip4][..udp] [......10.0.2.30][44639] -> [......10.0.2.20][...53] [DNS][Network][Acceptable]
+                   RISK: Suspicious DNS Traffic
+     DAEMON-EVENT: shutdown

test/results/flow-info/dns_ambiguous_names.pcap.out

@@ -0,0 +1,44 @@
+     DAEMON-EVENT: init
+     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....1] [ip4][..udp] [....10.200.2.11][48375] -> [........8.8.8.8][...53] 
+         detected: [.....1] [ip4][..udp] [....10.200.2.11][48375] -> [........8.8.8.8][...53] [DNS.ApplePush][Cloud][Acceptable]
+ detection-update: [.....1] [ip4][..udp] [....10.200.2.11][48375] -> [........8.8.8.8][...53] [DNS.ApplePush][Cloud][Acceptable]
+              new: [.....2] [ip4][..udp] [....10.200.2.11][57290] -> [........8.8.8.8][...53] 
+         detected: [.....2] [ip4][..udp] [....10.200.2.11][57290] -> [........8.8.8.8][...53] [DNS.Teams][Collaborative][Safe]
+ detection-update: [.....2] [ip4][..udp] [....10.200.2.11][57290] -> [........8.8.8.8][...53] [DNS.Teams][Collaborative][Safe]
+              new: [.....3] [ip4][..udp] [....10.200.2.11][57051] -> [........8.8.8.8][...53] 
+         detected: [.....3] [ip4][..udp] [....10.200.2.11][57051] -> [........8.8.8.8][...53] [DNS.Teams][Collaborative][Safe]
+ detection-update: [.....3] [ip4][..udp] [....10.200.2.11][57051] -> [........8.8.8.8][...53] [DNS.Teams][Collaborative][Safe]
+              new: [.....4] [ip4][..udp] [....10.200.2.11][46134] -> [........8.8.8.8][...53] 
+         detected: [.....4] [ip4][..udp] [....10.200.2.11][46134] -> [........8.8.8.8][...53] [DNS.GoogleServices][Web][Acceptable]
+ detection-update: [.....4] [ip4][..udp] [....10.200.2.11][46134] -> [........8.8.8.8][...53] [DNS.GoogleServices][Web][Acceptable]
+              new: [.....5] [ip4][..udp] [....10.200.2.11][57632] -> [........8.8.8.8][...53] 
+         detected: [.....5] [ip4][..udp] [....10.200.2.11][57632] -> [........8.8.8.8][...53] [DNS.PlayStore][SoftwareUpdate][Safe]
+ detection-update: [.....5] [ip4][..udp] [....10.200.2.11][57632] -> [........8.8.8.8][...53] [DNS.PlayStore][SoftwareUpdate][Safe]
+              new: [.....6] [ip4][..udp] [....10.200.2.11][42790] -> [........8.8.8.8][...53] 
+         detected: [.....6] [ip4][..udp] [....10.200.2.11][42790] -> [........8.8.8.8][...53] [DNS.Teams][Collaborative][Safe]
+ detection-update: [.....6] [ip4][..udp] [....10.200.2.11][42790] -> [........8.8.8.8][...53] [DNS.Teams][Collaborative][Safe]
+              new: [.....7] [ip4][..udp] [....10.200.2.11][44198] -> [........8.8.8.8][...53] 
+         detected: [.....7] [ip4][..udp] [....10.200.2.11][44198] -> [........8.8.8.8][...53] [DNS.Google][Web][Acceptable]
+ detection-update: [.....7] [ip4][..udp] [....10.200.2.11][44198] -> [........8.8.8.8][...53] [DNS.Google][Web][Acceptable]
+              new: [.....8] [ip4][..udp] [....10.200.2.11][52541] -> [........8.8.8.8][...53] 
+         detected: [.....8] [ip4][..udp] [....10.200.2.11][52541] -> [........8.8.8.8][...53] [DNS.AppleSiri][VirtAssistant][Acceptable]
+ detection-update: [.....8] [ip4][..udp] [....10.200.2.11][52541] -> [........8.8.8.8][...53] [DNS.AppleSiri][VirtAssistant][Acceptable]
+              new: [.....9] [ip4][..udp] [....10.200.2.11][53951] -> [........8.8.8.8][...53] 
+         detected: [.....9] [ip4][..udp] [....10.200.2.11][53951] -> [........8.8.8.8][...53] [DNS.QQ][Chat][Fun]
+ detection-update: [.....9] [ip4][..udp] [....10.200.2.11][53951] -> [........8.8.8.8][...53] [DNS.QQ][Chat][Fun]
+              new: [....10] [ip4][..udp] [....10.200.2.11][44883] -> [........8.8.8.8][...53] 
+         detected: [....10] [ip4][..udp] [....10.200.2.11][44883] -> [........8.8.8.8][...53] [DNS.Instagram][SocialNetwork][Fun]
+ detection-update: [....10] [ip4][..udp] [....10.200.2.11][44883] -> [........8.8.8.8][...53] [DNS.Instagram][SocialNetwork][Fun]
+             idle: [.....2] [ip4][..udp] [....10.200.2.11][57290] -> [........8.8.8.8][...53] [DNS.Teams][Collaborative][Safe]
+             idle: [.....5] [ip4][..udp] [....10.200.2.11][57632] -> [........8.8.8.8][...53] [DNS.PlayStore][SoftwareUpdate][Safe]
+             idle: [.....9] [ip4][..udp] [....10.200.2.11][53951] -> [........8.8.8.8][...53] [DNS.QQ][Chat][Fun]
+             idle: [.....4] [ip4][..udp] [....10.200.2.11][46134] -> [........8.8.8.8][...53] [DNS.GoogleServices][Web][Acceptable]
+             idle: [.....7] [ip4][..udp] [....10.200.2.11][44198] -> [........8.8.8.8][...53] [DNS.Google][Web][Acceptable]
+             idle: [.....1] [ip4][..udp] [....10.200.2.11][48375] -> [........8.8.8.8][...53] [DNS.ApplePush][Cloud][Acceptable]
+             idle: [.....8] [ip4][..udp] [....10.200.2.11][52541] -> [........8.8.8.8][...53] [DNS.AppleSiri][VirtAssistant][Acceptable]
+             idle: [.....3] [ip4][..udp] [....10.200.2.11][57051] -> [........8.8.8.8][...53] [DNS.Teams][Collaborative][Safe]
+             idle: [.....6] [ip4][..udp] [....10.200.2.11][42790] -> [........8.8.8.8][...53] [DNS.Teams][Collaborative][Safe]
+             idle: [....10] [ip4][..udp] [....10.200.2.11][44883] -> [........8.8.8.8][...53] [DNS.Instagram][SocialNetwork][Fun]
+     DAEMON-EVENT: shutdown

test/results/flow-info/dns_doh.pcap.out

@@ -0,0 +1,15 @@
+     DAEMON-EVENT: init
+     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....1] [ip4][..tcp] [....172.20.10.4][49877] -> [.104.16.248.249][..443] 
+         detected: [.....1] [ip4][..tcp] [....172.20.10.4][49877] -> [.104.16.248.249][..443] [TLS.DoH_DoT][Network][Fun]
+ detection-update: [.....1] [ip4][..tcp] [....172.20.10.4][49877] -> [.104.16.248.249][..443] [TLS.DoH_DoT][Network][Fun]
+          analyse: [.....1] [ip4][..tcp] [....172.20.10.4][49877] -> [.104.16.248.249][..443] [TLS.DoH_DoT][Network][Fun]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|   0.535|   0.064|   0.132]
+                   [IAT(c->s)...:    0.000|   0.535|   0.058|   0.128][IAT(s->c)...:    0.000|   0.525|   0.070|   0.135]
+                   [PKTLEN(c->s):   54.000| 571.000| 134.400| 124.200][PKTLEN(s->c):   54.000|1354.000| 355.000| 444.600]
+                   [BINS(c->s)..: 9,2,3,1,0,1,0,1,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 8,0,0,0,0,0,1,0,0,0,1,0,0,0,1,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0]
+             idle: [.....1] [ip4][..tcp] [....172.20.10.4][49877] -> [.104.16.248.249][..443] [TLS.DoH_DoT][Network][Fun]
+     DAEMON-EVENT: shutdown

test/results/flow-info/dns_dot.pcap.out

@@ -0,0 +1,10 @@
+     DAEMON-EVENT: init
+     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....1] [ip4][..tcp] [..192.168.1.185][58290] -> [........8.8.8.8][..853] 
+         detected: [.....1] [ip4][..tcp] [..192.168.1.185][58290] -> [........8.8.8.8][..853] [TLS.Google][Web][Acceptable]
+                   RISK: Known Proto on Non Std Port, TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn
+ detection-update: [.....1] [ip4][..tcp] [..192.168.1.185][58290] -> [........8.8.8.8][..853] [TLS.DoH_DoT][Network][Fun]
+                   RISK: Known Proto on Non Std Port, TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn
+             idle: [.....1] [ip4][..tcp] [..192.168.1.185][58290] -> [........8.8.8.8][..853] 
+     DAEMON-EVENT: shutdown

test/results/flow-info/dns_exfiltration.pcap.out

@@ -0,0 +1,20 @@
+     DAEMON-EVENT: init
+     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....1] [ip4][..udp] [.192.168.220.56][56373] -> [192.168.203.167][...53] 
+         detected: [.....1] [ip4][..udp] [.192.168.220.56][56373] -> [192.168.203.167][...53] [DNS][Network][Acceptable]
+                   RISK: Suspicious DGA Domain name
+ detection-update: [.....1] [ip4][..udp] [.192.168.220.56][56373] -> [192.168.203.167][...53] [DNS][Network][Acceptable]
+                   RISK: Suspicious DGA Domain name, Risky Domain Name
+          analyse: [.....1] [ip4][..udp] [.192.168.220.56][56373] -> [192.168.203.167][...53] [DNS][Network][Acceptable]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.004|   1.036|   0.914|   0.282]
+                   [IAT(c->s)...:    0.005|   1.036|   0.944|   0.251][IAT(s->c)...:    0.004|   1.016|   0.885|   0.305]
+                   [PKTLEN(c->s):  101.000| 215.000| 114.400|  31.200][PKTLEN(s->c):  148.000| 386.000| 178.400|  63.000]
+                   [BINS(c->s)..: 0,13,1,1,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 0,0,0,13,1,0,0,1,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+           update: [.....1] [ip4][..udp] [.192.168.220.56][56373] -> [192.168.203.167][...53] [DNS][Network][Acceptable]
+                   RISK: Suspicious DGA Domain name, Risky Domain Name
+             idle: [.....1] [ip4][..udp] [.192.168.220.56][56373] -> [192.168.203.167][...53] [DNS][Network][Acceptable]
+                   RISK: Suspicious DGA Domain name, Risky Domain Name
+     DAEMON-EVENT: shutdown

test/results/flow-info/dns_fragmented.pcap.out

@@ -0,0 +1,99 @@
+     DAEMON-EVENT: init
+     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....1] [ip4][..udp] [..172.217.40.76][56680] -> [.193.24.227.238][...53] 
+         detected: [.....1] [ip4][..udp] [..172.217.40.76][56680] -> [.193.24.227.238][...53] [DNS.Google][Web][Acceptable]
+ detection-update: [.....1] [ip4][..udp] [..172.217.40.76][56680] -> [.193.24.227.238][...53] [DNS.Google][Web][Acceptable]
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+              new: [.....2] [ip6][..udp] [................2a00:1450:4013:c03::10a][46433] -> [..................2001:470:765b::a25:53][...53] 
+         detected: [.....2] [ip6][..udp] [................2a00:1450:4013:c03::10a][46433] -> [..................2001:470:765b::a25:53][...53] [DNS][Network][Acceptable]
+ detection-update: [.....2] [ip6][..udp] [................2a00:1450:4013:c03::10a][46433] -> [..................2001:470:765b::a25:53][...53] [DNS][Network][Acceptable]
+      ERROR-EVENT: nDPI IPv6/L4 payload detection failed
+              new: [.....3] [ip6][..udp] [................2a00:1450:4013:c06::105][63369] -> [..................2001:470:765b::a25:53][...53] 
+         detected: [.....3] [ip6][..udp] [................2a00:1450:4013:c06::105][63369] -> [..................2001:470:765b::a25:53][...53] [DNS][Network][Acceptable]
+ detection-update: [.....3] [ip6][..udp] [................2a00:1450:4013:c06::105][63369] -> [..................2001:470:765b::a25:53][...53] [DNS][Network][Acceptable]
+      ERROR-EVENT: nDPI IPv6/L4 payload detection failed
+              new: [.....4] [ip4][..udp] [173.194.169.104][59464] -> [.193.24.227.238][...53] 
+         detected: [.....4] [ip4][..udp] [173.194.169.104][59464] -> [.193.24.227.238][...53] [DNS.Google][Web][Acceptable]
+ detection-update: [.....4] [ip4][..udp] [173.194.169.104][59464] -> [.193.24.227.238][...53] [DNS.Google][Web][Acceptable]
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+              new: [.....5] [ip6][..udp] [................2a00:1450:400c:c00::106][54430] -> [..................2001:470:765b::a25:53][...53] 
+         detected: [.....5] [ip6][..udp] [................2a00:1450:400c:c00::106][54430] -> [..................2001:470:765b::a25:53][...53] [DNS][Network][Acceptable]
+ detection-update: [.....5] [ip6][..udp] [................2a00:1450:400c:c00::106][54430] -> [..................2001:470:765b::a25:53][...53] [DNS][Network][Acceptable]
+              new: [.....6] [ip4][..udp] [..74.125.47.136][59330] -> [.193.24.227.238][...53] 
+         detected: [.....6] [ip4][..udp] [..74.125.47.136][59330] -> [.193.24.227.238][...53] [DNS.Google][Web][Acceptable]
+ detection-update: [.....6] [ip4][..udp] [..74.125.47.136][59330] -> [.193.24.227.238][...53] [DNS.Google][Web][Acceptable]
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+              new: [.....7] [ip6][..udp] [................2a00:1450:4013:c05::10e][34944] -> [..................2001:470:765b::a25:53][...53] 
+         detected: [.....7] [ip6][..udp] [................2a00:1450:4013:c05::10e][34944] -> [..................2001:470:765b::a25:53][...53] [DNS][Network][Acceptable]
+ detection-update: [.....7] [ip6][..udp] [................2a00:1450:4013:c05::10e][34944] -> [..................2001:470:765b::a25:53][...53] [DNS][Network][Acceptable]
+     DAEMON-EVENT: [Processed: 14 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 7 / 7|skipped: 0|!detected: 0|guessed: 0|detection-updates: 7|updates: 0]
+              new: [.....8] [ip6][..udp] [..2001:470:1f0b:16b0:20c:29ff:fe7c:a4cb][47634] -> [..................2001:470:765b::a25:53][...53] 
+         detected: [.....8] [ip6][..udp] [..2001:470:1f0b:16b0:20c:29ff:fe7c:a4cb][47634] -> [..................2001:470:765b::a25:53][...53] [DNS][Network][Acceptable]
+ detection-update: [.....8] [ip6][..udp] [..2001:470:1f0b:16b0:20c:29ff:fe7c:a4cb][47634] -> [..................2001:470:765b::a25:53][...53] [DNS][Network][Acceptable]
+              new: [.....9] [ip6][..udp] [..2001:470:1f0b:16b0:20c:29ff:fe7c:a4cb][33592] -> [..................2001:470:765b::a25:53][...53] 
+         detected: [.....9] [ip6][..udp] [..2001:470:1f0b:16b0:20c:29ff:fe7c:a4cb][33592] -> [..................2001:470:765b::a25:53][...53] [DNS][Network][Acceptable]
+ detection-update: [.....9] [ip6][..udp] [..2001:470:1f0b:16b0:20c:29ff:fe7c:a4cb][33592] -> [..................2001:470:765b::a25:53][...53] [DNS][Network][Acceptable]
+              new: [....10] [ip6][..udp] [..2001:470:1f0b:16b0:20c:29ff:fe7c:a4cb][46316] -> [..................2001:470:765b::a25:53][...53] 
+         detected: [....10] [ip6][..udp] [..2001:470:1f0b:16b0:20c:29ff:fe7c:a4cb][46316] -> [..................2001:470:765b::a25:53][...53] [DNS][Network][Acceptable]
+ detection-update: [....10] [ip6][..udp] [..2001:470:1f0b:16b0:20c:29ff:fe7c:a4cb][46316] -> [..................2001:470:765b::a25:53][...53] [DNS][Network][Acceptable]
+              new: [....11] [ip6][..udp] [..2001:470:1f0b:16b0:20c:29ff:fe7c:a4cb][46440] -> [..................2001:470:765b::a25:53][...53] 
+         detected: [....11] [ip6][..udp] [..2001:470:1f0b:16b0:20c:29ff:fe7c:a4cb][46440] -> [..................2001:470:765b::a25:53][...53] [DNS][Network][Acceptable]
+ detection-update: [....11] [ip6][..udp] [..2001:470:1f0b:16b0:20c:29ff:fe7c:a4cb][46440] -> [..................2001:470:765b::a25:53][...53] [DNS][Network][Acceptable]
+             idle: [.....1] [ip4][..udp] [..172.217.40.76][56680] -> [.193.24.227.238][...53] [DNS.Google][Web][Acceptable]
+             idle: [.....3] [ip6][..udp] [................2a00:1450:4013:c06::105][63369] -> [..................2001:470:765b::a25:53][...53] [DNS][Network][Acceptable]
+             idle: [.....7] [ip6][..udp] [................2a00:1450:4013:c05::10e][34944] -> [..................2001:470:765b::a25:53][...53] [DNS][Network][Acceptable]
+             idle: [.....4] [ip4][..udp] [173.194.169.104][59464] -> [.193.24.227.238][...53] [DNS.Google][Web][Acceptable]
+             idle: [.....6] [ip4][..udp] [..74.125.47.136][59330] -> [.193.24.227.238][...53] [DNS.Google][Web][Acceptable]
+             idle: [.....5] [ip6][..udp] [................2a00:1450:400c:c00::106][54430] -> [..................2001:470:765b::a25:53][...53] [DNS][Network][Acceptable]
+             idle: [.....2] [ip6][..udp] [................2a00:1450:4013:c03::10a][46433] -> [..................2001:470:765b::a25:53][...53] [DNS][Network][Acceptable]
+     DAEMON-EVENT: [Processed: 22 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 4 / 11|skipped: 0|!detected: 0|guessed: 0|detection-updates: 11|updates: 0]
+              new: [....12] [ip6][..udp] [..2001:470:1f0b:16b0:20c:29ff:fe7c:a4cb][48758] -> [...................2606:4700:4700::1111][...53] 
+         detected: [....12] [ip6][..udp] [..2001:470:1f0b:16b0:20c:29ff:fe7c:a4cb][48758] -> [...................2606:4700:4700::1111][...53] [DNS][Network][Acceptable]
+ detection-update: [....12] [ip6][..udp] [..2001:470:1f0b:16b0:20c:29ff:fe7c:a4cb][48758] -> [...................2606:4700:4700::1111][...53] [DNS][Network][Acceptable]
+              new: [....13] [ip6][..udp] [..2001:470:1f0b:16b0:20c:29ff:fe7c:a4cb][52814] -> [...................2606:4700:4700::1111][...53] 
+         detected: [....13] [ip6][..udp] [..2001:470:1f0b:16b0:20c:29ff:fe7c:a4cb][52814] -> [...................2606:4700:4700::1111][...53] [DNS][Network][Acceptable]
+ detection-update: [....13] [ip6][..udp] [..2001:470:1f0b:16b0:20c:29ff:fe7c:a4cb][52814] -> [...................2606:4700:4700::1111][...53] [DNS][Network][Acceptable]
+              new: [....14] [ip6][..udp] [..2001:470:1f0b:16b0:20c:29ff:fe7c:a4cb][42344] -> [............................2620:fe::fe][...53] 
+         detected: [....14] [ip6][..udp] [..2001:470:1f0b:16b0:20c:29ff:fe7c:a4cb][42344] -> [............................2620:fe::fe][...53] [DNS][Network][Acceptable]
+ detection-update: [....14] [ip6][..udp] [..2001:470:1f0b:16b0:20c:29ff:fe7c:a4cb][42344] -> [............................2620:fe::fe][...53] [DNS][Network][Acceptable]
+             idle: [.....8] [ip6][..udp] [..2001:470:1f0b:16b0:20c:29ff:fe7c:a4cb][47634] -> [..................2001:470:765b::a25:53][...53] [DNS][Network][Acceptable]
+             idle: [.....9] [ip6][..udp] [..2001:470:1f0b:16b0:20c:29ff:fe7c:a4cb][33592] -> [..................2001:470:765b::a25:53][...53] [DNS][Network][Acceptable]
+             idle: [....10] [ip6][..udp] [..2001:470:1f0b:16b0:20c:29ff:fe7c:a4cb][46316] -> [..................2001:470:765b::a25:53][...53] [DNS][Network][Acceptable]
+             idle: [....11] [ip6][..udp] [..2001:470:1f0b:16b0:20c:29ff:fe7c:a4cb][46440] -> [..................2001:470:765b::a25:53][...53] [DNS][Network][Acceptable]
+              new: [....15] [ip6][..udp] [..2001:470:1f0b:16b0:20c:29ff:fe7c:a4cb][46709] -> [............................2620:fe::fe][...53] 
+         detected: [....15] [ip6][..udp] [..2001:470:1f0b:16b0:20c:29ff:fe7c:a4cb][46709] -> [............................2620:fe::fe][...53] [DNS][Network][Acceptable]
+ detection-update: [....15] [ip6][..udp] [..2001:470:1f0b:16b0:20c:29ff:fe7c:a4cb][46709] -> [............................2620:fe::fe][...53] [DNS][Network][Acceptable]
+              new: [....16] [ip6][..udp] [..2001:470:1f0b:16b0:20c:29ff:fe7c:a4cb][55729] -> [..................2001:470:765b::a25:53][...53] 
+         detected: [....16] [ip6][..udp] [..2001:470:1f0b:16b0:20c:29ff:fe7c:a4cb][55729] -> [..................2001:470:765b::a25:53][...53] [DNS][Network][Acceptable]
+ detection-update: [....16] [ip6][..udp] [..2001:470:1f0b:16b0:20c:29ff:fe7c:a4cb][55729] -> [..................2001:470:765b::a25:53][...53] [DNS][Network][Acceptable]
+      ERROR-EVENT: nDPI IPv6/L4 payload detection failed
+              new: [....17] [ip4][..udp] [....194.247.5.6][51791] -> [.193.24.227.238][...53] 
+         detected: [....17] [ip4][..udp] [....194.247.5.6][51791] -> [.193.24.227.238][...53] [DNS][Network][Acceptable]
+ detection-update: [....17] [ip4][..udp] [....194.247.5.6][51791] -> [.193.24.227.238][...53] [DNS][Network][Acceptable]
+      ERROR-EVENT: nDPI IPv4/L4 payload detection failed
+              new: [....18] [ip6][..udp] [..2001:470:1f0b:16b0:20c:29ff:fe7c:a4cb][60550] -> [...................2606:4700:4700::1111][...53] 
+         detected: [....18] [ip6][..udp] [..2001:470:1f0b:16b0:20c:29ff:fe7c:a4cb][60550] -> [...................2606:4700:4700::1111][...53] [DNS][Network][Acceptable]
+ detection-update: [....18] [ip6][..udp] [..2001:470:1f0b:16b0:20c:29ff:fe7c:a4cb][60550] -> [...................2606:4700:4700::1111][...53] [DNS][Network][Acceptable]
+              new: [....19] [ip6][..tcp] [..2001:470:1f0b:16b0:20c:29ff:fe7c:a4cb][57089] -> [.............2001:470:1f0b:16b0::a26:53][...53] 
+         detected: [....19] [ip6][..tcp] [..2001:470:1f0b:16b0:20c:29ff:fe7c:a4cb][57089] -> [.............2001:470:1f0b:16b0::a26:53][...53] [DNS][Network][Acceptable]
+ detection-update: [....19] [ip6][..tcp] [..2001:470:1f0b:16b0:20c:29ff:fe7c:a4cb][57089] -> [.............2001:470:1f0b:16b0::a26:53][...53] [DNS][Network][Acceptable]
+              new: [....20] [ip6][..udp] [..2001:470:1f0b:16b0:20c:29ff:fe7c:a4cb][54590] -> [...................2606:4700:4700::1111][...53] 
+         detected: [....20] [ip6][..udp] [..2001:470:1f0b:16b0:20c:29ff:fe7c:a4cb][54590] -> [...................2606:4700:4700::1111][...53] [DNS][Network][Acceptable]
+ detection-update: [....20] [ip6][..udp] [..2001:470:1f0b:16b0:20c:29ff:fe7c:a4cb][54590] -> [...................2606:4700:4700::1111][...53] [DNS][Network][Acceptable]
+              new: [....21] [ip4][..tcp] [....194.247.5.6][39005] -> [...194.247.5.14][...53] 
+         detected: [....21] [ip4][..tcp] [....194.247.5.6][39005] -> [...194.247.5.14][...53] [DNS][Network][Acceptable]
+ detection-update: [....21] [ip4][..tcp] [....194.247.5.6][39005] -> [...194.247.5.14][...53] [DNS][Network][Acceptable]
+             idle: [....18] [ip6][..udp] [..2001:470:1f0b:16b0:20c:29ff:fe7c:a4cb][60550] -> [...................2606:4700:4700::1111][...53] [DNS][Network][Acceptable]
+              end: [....21] [ip4][..tcp] [....194.247.5.6][39005] -> [...194.247.5.14][...53] [DNS][Network][Acceptable]
+             idle: [....16] [ip6][..udp] [..2001:470:1f0b:16b0:20c:29ff:fe7c:a4cb][55729] -> [..................2001:470:765b::a25:53][...53] [DNS][Network][Acceptable]
+             idle: [....20] [ip6][..udp] [..2001:470:1f0b:16b0:20c:29ff:fe7c:a4cb][54590] -> [...................2606:4700:4700::1111][...53] [DNS][Network][Acceptable]
+             idle: [....13] [ip6][..udp] [..2001:470:1f0b:16b0:20c:29ff:fe7c:a4cb][52814] -> [...................2606:4700:4700::1111][...53] 
+             idle: [....12] [ip6][..udp] [..2001:470:1f0b:16b0:20c:29ff:fe7c:a4cb][48758] -> [...................2606:4700:4700::1111][...53] [DNS][Network][Acceptable]
+             idle: [....14] [ip6][..udp] [..2001:470:1f0b:16b0:20c:29ff:fe7c:a4cb][42344] -> [............................2620:fe::fe][...53] [DNS][Network][Acceptable]
+             idle: [....17] [ip4][..udp] [....194.247.5.6][51791] -> [.193.24.227.238][...53] [DNS][Network][Acceptable]
+             idle: [....15] [ip6][..udp] [..2001:470:1f0b:16b0:20c:29ff:fe7c:a4cb][46709] -> [............................2620:fe::fe][...53] [DNS][Network][Acceptable]
+              end: [....19] [ip6][..tcp] [..2001:470:1f0b:16b0:20c:29ff:fe7c:a4cb][57089] -> [.............2001:470:1f0b:16b0::a26:53][...53] [DNS][Network][Acceptable]
+     DAEMON-EVENT: shutdown

test/results/flow-info/dns_invert_query.pcapng.out

@@ -0,0 +1,7 @@
+     DAEMON-EVENT: init
+     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....1] [ip4][..udp] [173.147.108.174][18427] -> [...244.187.95.1][...53] 
+         detected: [.....1] [ip4][..udp] [173.147.108.174][18427] -> [...244.187.95.1][...53] [DNS][Network][Acceptable]
+             idle: [.....1] [ip4][..udp] [173.147.108.174][18427] -> [...244.187.95.1][...53] 
+     DAEMON-EVENT: shutdown

test/results/flow-info/dns_long_domainname.pcap.out

@@ -0,0 +1,8 @@
+     DAEMON-EVENT: init
+     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....1] [ip4][..udp] [..192.168.1.168][65311] -> [........8.8.8.8][...53] 
+         detected: [.....1] [ip4][..udp] [..192.168.1.168][65311] -> [........8.8.8.8][...53] [DNS.Google][Web][Acceptable]
+ detection-update: [.....1] [ip4][..udp] [..192.168.1.168][65311] -> [........8.8.8.8][...53] [DNS.Google][Web][Acceptable]
+             idle: [.....1] [ip4][..udp] [..192.168.1.168][65311] -> [........8.8.8.8][...53] [DNS.Google][Web][Acceptable]
+     DAEMON-EVENT: shutdown

test/results/flow-info/dnscrypt-v2-doh.pcap.out

@@ -0,0 +1,157 @@
+     DAEMON-EVENT: init
+     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....1] [ip4][..tcp] [.......10.0.0.1][53674] -> [..139.99.222.72][..443] [MIDSTREAM] 
+         detected: [.....1] [ip4][..tcp] [.......10.0.0.1][53674] -> [..139.99.222.72][..443] [TLS.DoH_DoT][Network][Fun]
+ detection-update: [.....1] [ip4][..tcp] [.......10.0.0.1][53674] -> [..139.99.222.72][..443] [TLS.DoH_DoT][Network][Fun]
+              new: [.....2] [ip4][..tcp] [.......10.0.0.1][53676] -> [..139.99.222.72][..443] [MIDSTREAM] 
+         detected: [.....2] [ip4][..tcp] [.......10.0.0.1][53676] -> [..139.99.222.72][..443] [TLS.DoH_DoT][Network][Fun]
+ detection-update: [.....2] [ip4][..tcp] [.......10.0.0.1][53676] -> [..139.99.222.72][..443] [TLS.DoH_DoT][Network][Fun]
+              new: [.....3] [ip4][..tcp] [.......10.0.0.1][50614] -> [..185.95.218.42][..443] [MIDSTREAM] 
+         detected: [.....3] [ip4][..tcp] [.......10.0.0.1][50614] -> [..185.95.218.42][..443] [TLS.DoH_DoT][Network][Fun]
+ detection-update: [.....3] [ip4][..tcp] [.......10.0.0.1][50614] -> [..185.95.218.42][..443] [TLS.DoH_DoT][Network][Fun]
+              new: [.....4] [ip4][..tcp] [.......10.0.0.1][55962] -> [..51.158.147.50][..443] [MIDSTREAM] 
+         detected: [.....4] [ip4][..tcp] [.......10.0.0.1][55962] -> [..51.158.147.50][..443] [TLS.DoH_DoT][Network][Fun]
+ detection-update: [.....4] [ip4][..tcp] [.......10.0.0.1][55962] -> [..51.158.147.50][..443] [TLS.DoH_DoT][Network][Fun]
+              new: [.....5] [ip4][..tcp] [.......10.0.0.1][59404] -> [.185.253.154.66][..443] [MIDSTREAM] 
+         detected: [.....5] [ip4][..tcp] [.......10.0.0.1][59404] -> [.185.253.154.66][..443] [TLS.DoH_DoT][Network][Fun]
+ detection-update: [.....5] [ip4][..tcp] [.......10.0.0.1][59404] -> [.185.253.154.66][..443] [TLS.DoH_DoT][Network][Fun]
+              new: [.....6] [ip4][..tcp] [.......10.0.0.1][40938] -> [..172.104.93.80][..443] [MIDSTREAM] 
+         detected: [.....6] [ip4][..tcp] [.......10.0.0.1][40938] -> [..172.104.93.80][..443] [TLS.DoH_DoT][Network][Fun]
+ detection-update: [.....6] [ip4][..tcp] [.......10.0.0.1][40938] -> [..172.104.93.80][..443] [TLS.DoH_DoT][Network][Fun]
+              new: [.....7] [ip4][..tcp] [.......10.0.0.1][37530] -> [167.114.220.125][..453] [MIDSTREAM] 
+         detected: [.....7] [ip4][..tcp] [.......10.0.0.1][37530] -> [167.114.220.125][..453] [TLS.DoH_DoT][Network][Fun]
+                   RISK: Known Proto on Non Std Port
+ detection-update: [.....7] [ip4][..tcp] [.......10.0.0.1][37530] -> [167.114.220.125][..453] [TLS.DoH_DoT][Network][Fun]
+                   RISK: Known Proto on Non Std Port
+              new: [.....8] [ip4][..tcp] [.......10.0.0.1][38186] -> [...185.43.135.1][..443] [MIDSTREAM] 
+         detected: [.....8] [ip4][..tcp] [.......10.0.0.1][38186] -> [...185.43.135.1][..443] [TLS.DoH_DoT][Network][Fun]
+ detection-update: [.....8] [ip4][..tcp] [.......10.0.0.1][38186] -> [...185.43.135.1][..443] [TLS.DoH_DoT][Network][Fun]
+                   RISK: TLS Cert Expired
+              new: [.....9] [ip4][..tcp] [.......10.0.0.1][51770] -> [.......9.9.9.10][..443] [MIDSTREAM] 
+         detected: [.....9] [ip4][..tcp] [.......10.0.0.1][51770] -> [.......9.9.9.10][..443] [TLS.DoH_DoT][Network][Fun]
+ detection-update: [.....9] [ip4][..tcp] [.......10.0.0.1][51770] -> [.......9.9.9.10][..443] [TLS.DoH_DoT][Network][Fun]
+              new: [....10] [ip4][..tcp] [.......10.0.0.1][55322] -> [.185.134.196.55][..443] [MIDSTREAM] 
+         detected: [....10] [ip4][..tcp] [.......10.0.0.1][55322] -> [.185.134.196.55][..443] [TLS.DoH_DoT][Network][Fun]
+ detection-update: [....10] [ip4][..tcp] [.......10.0.0.1][55322] -> [.185.134.196.55][..443] [TLS.DoH_DoT][Network][Fun]
+              new: [....11] [ip4][..tcp] [.......10.0.0.1][52386] -> [..51.15.124.208][..443] [MIDSTREAM] 
+         detected: [....11] [ip4][..tcp] [.......10.0.0.1][52386] -> [..51.15.124.208][..443] [TLS.DoH_DoT][Network][Fun]
+ detection-update: [....11] [ip4][..tcp] [.......10.0.0.1][52386] -> [..51.15.124.208][..443] [TLS.DoH_DoT][Network][Fun]
+              new: [....12] [ip4][..tcp] [.......10.0.0.1][41720] -> [116.203.179.248][..443] [MIDSTREAM] 
+         detected: [....12] [ip4][..tcp] [.......10.0.0.1][41720] -> [116.203.179.248][..443] [TLS.DoH_DoT][Network][Fun]
+ detection-update: [....12] [ip4][..tcp] [.......10.0.0.1][41720] -> [116.203.179.248][..443] [TLS.DoH_DoT][Network][Fun]
+              new: [....13] [ip4][..tcp] [.......10.0.0.1][60026] -> [...195.30.94.28][..443] [MIDSTREAM] 
+         detected: [....13] [ip4][..tcp] [.......10.0.0.1][60026] -> [...195.30.94.28][..443] [TLS.DoH_DoT][Network][Fun]
+ detection-update: [....13] [ip4][..tcp] [.......10.0.0.1][60026] -> [...195.30.94.28][..443] [TLS.DoH_DoT][Network][Fun]
+              new: [....14] [ip4][..tcp] [.......10.0.0.1][46658] -> [185.233.106.232][..443] [MIDSTREAM] 
+         detected: [....14] [ip4][..tcp] [.......10.0.0.1][46658] -> [185.233.106.232][..443] [TLS.DoH_DoT][Network][Fun]
+ detection-update: [....14] [ip4][..tcp] [.......10.0.0.1][46658] -> [185.233.106.232][..443] [TLS.DoH_DoT][Network][Fun]
+              new: [....15] [ip4][..tcp] [.......10.0.0.1][36012] -> [..149.56.228.45][..453] [MIDSTREAM] 
+         detected: [....15] [ip4][..tcp] [.......10.0.0.1][36012] -> [..149.56.228.45][..453] [TLS.DoH_DoT][Network][Fun]
+                   RISK: Known Proto on Non Std Port
+ detection-update: [....15] [ip4][..tcp] [.......10.0.0.1][36012] -> [..149.56.228.45][..453] [TLS.DoH_DoT][Network][Fun]
+                   RISK: Known Proto on Non Std Port
+              new: [....16] [ip4][..tcp] [.......10.0.0.1][38018] -> [..45.153.187.96][..443] [MIDSTREAM] 
+         detected: [....16] [ip4][..tcp] [.......10.0.0.1][38018] -> [..45.153.187.96][..443] [TLS.DoH_DoT][Network][Fun]
+ detection-update: [....16] [ip4][..tcp] [.......10.0.0.1][38018] -> [..45.153.187.96][..443] [TLS.DoH_DoT][Network][Fun]
+              new: [....17] [ip4][..tcp] [.......10.0.0.1][44640] -> [...185.235.81.1][..443] [MIDSTREAM] 
+         detected: [....17] [ip4][..tcp] [.......10.0.0.1][44640] -> [...185.235.81.1][..443] [TLS.DoH_DoT][Network][Fun]
+ detection-update: [....17] [ip4][..tcp] [.......10.0.0.1][44640] -> [...185.235.81.1][..443] [TLS.DoH_DoT][Network][Fun]
+              new: [....18] [ip4][..tcp] [.......10.0.0.1][43106] -> [.116.202.176.26][..443] [MIDSTREAM] 
+         detected: [....18] [ip4][..tcp] [.......10.0.0.1][43106] -> [.116.202.176.26][..443] [TLS.DoH_DoT][Network][Fun]
+ detection-update: [....18] [ip4][..tcp] [.......10.0.0.1][43106] -> [.116.202.176.26][..443] [TLS.DoH_DoT][Network][Fun]
+              new: [....19] [ip4][..tcp] [.......10.0.0.1][59026] -> [....85.5.93.230][..443] [MIDSTREAM] 
+         detected: [....19] [ip4][..tcp] [.......10.0.0.1][59026] -> [....85.5.93.230][..443] [TLS.DoH_DoT][Network][Fun]
+ detection-update: [....19] [ip4][..tcp] [.......10.0.0.1][59026] -> [....85.5.93.230][..443] [TLS.DoH_DoT][Network][Fun]
+              new: [....20] [ip4][..tcp] [.......10.0.0.1][33724] -> [...104.28.28.34][..443] [MIDSTREAM] 
+         detected: [....20] [ip4][..tcp] [.......10.0.0.1][33724] -> [...104.28.28.34][..443] [TLS.DoH_DoT][Network][Fun]
+ detection-update: [....20] [ip4][..tcp] [.......10.0.0.1][33724] -> [...104.28.28.34][..443] [TLS.DoH_DoT][Network][Fun]
+              new: [....21] [ip4][..tcp] [.......10.0.0.1][53802] -> [........1.0.0.1][..443] [MIDSTREAM] 
+         detected: [....21] [ip4][..tcp] [.......10.0.0.1][53802] -> [........1.0.0.1][..443] [TLS.DoH_DoT][Network][Fun]
+ detection-update: [....21] [ip4][..tcp] [.......10.0.0.1][53802] -> [........1.0.0.1][..443] [TLS.DoH_DoT][Network][Fun]
+              new: [....22] [ip4][..tcp] [.......10.0.0.1][33338] -> [.....45.90.28.0][..443] [MIDSTREAM] 
+         detected: [....22] [ip4][..tcp] [.......10.0.0.1][33338] -> [.....45.90.28.0][..443] [TLS.DoH_DoT][Network][Fun]
+ detection-update: [....22] [ip4][..tcp] [.......10.0.0.1][33338] -> [.....45.90.28.0][..443] [TLS.DoH_DoT][Network][Fun]
+              new: [....23] [ip4][..tcp] [.......10.0.0.1][52176] -> [136.144.215.158][..443] [MIDSTREAM] 
+         detected: [....23] [ip4][..tcp] [.......10.0.0.1][52176] -> [136.144.215.158][..443] [TLS.DoH_DoT][Network][Fun]
+ detection-update: [....23] [ip4][..tcp] [.......10.0.0.1][52176] -> [136.144.215.158][..443] [TLS.DoH_DoT][Network][Fun]
+              new: [....24] [ip4][..tcp] [.......10.0.0.1][39214] -> [...104.28.0.106][..443] [MIDSTREAM] 
+         detected: [....24] [ip4][..tcp] [.......10.0.0.1][39214] -> [...104.28.0.106][..443] [TLS.DoH_DoT][Network][Fun]
+ detection-update: [....24] [ip4][..tcp] [.......10.0.0.1][39214] -> [...104.28.0.106][..443] [TLS.DoH_DoT][Network][Fun]
+              new: [....25] [ip4][..tcp] [.......10.0.0.1][52028] -> [...45.76.113.31][.8443] [MIDSTREAM] 
+         detected: [....25] [ip4][..tcp] [.......10.0.0.1][52028] -> [...45.76.113.31][.8443] [TLS.DoH_DoT][Network][Fun]
+                   RISK: Known Proto on Non Std Port
+ detection-update: [....25] [ip4][..tcp] [.......10.0.0.1][52028] -> [...45.76.113.31][.8443] [TLS.DoH_DoT][Network][Fun]
+                   RISK: Known Proto on Non Std Port
+              new: [....26] [ip4][..tcp] [.......10.0.0.1][34036] -> [..217.169.20.23][..443] [MIDSTREAM] 
+         detected: [....26] [ip4][..tcp] [.......10.0.0.1][34036] -> [..217.169.20.23][..443] [TLS.DoH_DoT][Network][Fun]
+ detection-update: [....26] [ip4][..tcp] [.......10.0.0.1][34036] -> [..217.169.20.23][..443] [TLS.DoH_DoT][Network][Fun]
+              new: [....27] [ip4][..tcp] [.......10.0.0.1][43718] -> [..146.255.56.98][..443] [MIDSTREAM] 
+         detected: [....27] [ip4][..tcp] [.......10.0.0.1][43718] -> [..146.255.56.98][..443] [TLS.DoH_DoT][Network][Fun]
+ detection-update: [....27] [ip4][..tcp] [.......10.0.0.1][43718] -> [..146.255.56.98][..443] [TLS.DoH_DoT][Network][Fun]
+              new: [....28] [ip4][..tcp] [.......10.0.0.1][54164] -> [...193.70.85.11][..443] [MIDSTREAM] 
+         detected: [....28] [ip4][..tcp] [.......10.0.0.1][54164] -> [...193.70.85.11][..443] [TLS.DoH_DoT][Network][Fun]
+ detection-update: [....28] [ip4][..tcp] [.......10.0.0.1][54164] -> [...193.70.85.11][..443] [TLS.DoH_DoT][Network][Fun]
+              new: [....29] [ip4][..tcp] [.......10.0.0.1][35714] -> [.209.250.241.25][..443] [MIDSTREAM] 
+         detected: [....29] [ip4][..tcp] [.......10.0.0.1][35714] -> [.209.250.241.25][..443] [TLS.DoH_DoT][Network][Fun]
+ detection-update: [....29] [ip4][..tcp] [.......10.0.0.1][35714] -> [.209.250.241.25][..443] [TLS.DoH_DoT][Network][Fun]
+ detection-update: [....29] [ip4][..tcp] [.......10.0.0.1][35714] -> [.209.250.241.25][..443] [TLS.DoH_DoT][Network][Fun]
+                   RISK: TLS Cert Expired
+              new: [....30] [ip4][..tcp] [.......10.0.0.1][43888] -> [.95.216.229.153][..443] [MIDSTREAM] 
+         detected: [....30] [ip4][..tcp] [.......10.0.0.1][43888] -> [.95.216.229.153][..443] [TLS.DoH_DoT][Network][Fun]
+ detection-update: [....30] [ip4][..tcp] [.......10.0.0.1][43888] -> [.95.216.229.153][..443] [TLS.DoH_DoT][Network][Fun]
+              new: [....31] [ip4][..tcp] [.......10.0.0.1][57058] -> [..46.227.200.54][..443] [MIDSTREAM] 
+         detected: [....31] [ip4][..tcp] [.......10.0.0.1][57058] -> [..46.227.200.54][..443] [TLS.DoH_DoT][Network][Fun]
+ detection-update: [....31] [ip4][..tcp] [.......10.0.0.1][57058] -> [..46.227.200.54][..443] [TLS.DoH_DoT][Network][Fun]
+              new: [....32] [ip4][..tcp] [.......10.0.0.1][51846] -> [.......9.9.9.10][..443] [MIDSTREAM] 
+         detected: [....32] [ip4][..tcp] [.......10.0.0.1][51846] -> [.......9.9.9.10][..443] [TLS.DoH_DoT][Network][Fun]
+ detection-update: [....32] [ip4][..tcp] [.......10.0.0.1][51846] -> [.......9.9.9.10][..443] [TLS.DoH_DoT][Network][Fun]
+              new: [....33] [ip4][..tcp] [.......10.0.0.1][44704] -> [...185.235.81.1][..443] [MIDSTREAM] 
+         detected: [....33] [ip4][..tcp] [.......10.0.0.1][44704] -> [...185.235.81.1][..443] [TLS.DoH_DoT][Network][Fun]
+ detection-update: [....33] [ip4][..tcp] [.......10.0.0.1][44704] -> [...185.235.81.1][..443] [TLS.DoH_DoT][Network][Fun]
+              new: [....34] [ip4][..tcp] [.......10.0.0.1][35742] -> [.209.250.241.25][..443] [MIDSTREAM] 
+         detected: [....34] [ip4][..tcp] [.......10.0.0.1][35742] -> [.209.250.241.25][..443] [TLS.DoH_DoT][Network][Fun]
+ detection-update: [....34] [ip4][..tcp] [.......10.0.0.1][35742] -> [.209.250.241.25][..443] [TLS.DoH_DoT][Network][Fun]
+ detection-update: [....34] [ip4][..tcp] [.......10.0.0.1][35742] -> [.209.250.241.25][..443] [TLS.DoH_DoT][Network][Fun]
+                   RISK: TLS Cert Expired
+             idle: [....29] [ip4][..tcp] [.......10.0.0.1][35714] -> [.209.250.241.25][..443] [TLS.DoH_DoT][Network][Fun]
+                   RISK: TLS Cert Expired
+             idle: [....12] [ip4][..tcp] [.......10.0.0.1][41720] -> [116.203.179.248][..443] [TLS.DoH_DoT][Network][Fun]
+             idle: [....34] [ip4][..tcp] [.......10.0.0.1][35742] -> [.209.250.241.25][..443] [TLS.DoH_DoT][Network][Fun]
+                   RISK: TLS Cert Expired
+             idle: [....25] [ip4][..tcp] [.......10.0.0.1][52028] -> [...45.76.113.31][.8443] [TLS.DoH_DoT][Network][Fun]
+                   RISK: Known Proto on Non Std Port
+             idle: [....26] [ip4][..tcp] [.......10.0.0.1][34036] -> [..217.169.20.23][..443] [TLS.DoH_DoT][Network][Fun]
+             idle: [....10] [ip4][..tcp] [.......10.0.0.1][55322] -> [.185.134.196.55][..443] [TLS.DoH_DoT][Network][Fun]
+             idle: [....14] [ip4][..tcp] [.......10.0.0.1][46658] -> [185.233.106.232][..443] [TLS.DoH_DoT][Network][Fun]
+             idle: [....20] [ip4][..tcp] [.......10.0.0.1][33724] -> [...104.28.28.34][..443] [TLS.DoH_DoT][Network][Fun]
+             idle: [.....6] [ip4][..tcp] [.......10.0.0.1][40938] -> [..172.104.93.80][..443] [TLS.DoH_DoT][Network][Fun]
+             idle: [.....4] [ip4][..tcp] [.......10.0.0.1][55962] -> [..51.158.147.50][..443] [TLS.DoH_DoT][Network][Fun]
+             idle: [.....8] [ip4][..tcp] [.......10.0.0.1][38186] -> [...185.43.135.1][..443] [TLS.DoH_DoT][Network][Fun]
+                   RISK: TLS Cert Expired
+             idle: [....13] [ip4][..tcp] [.......10.0.0.1][60026] -> [...195.30.94.28][..443] [TLS.DoH_DoT][Network][Fun]
+             idle: [....31] [ip4][..tcp] [.......10.0.0.1][57058] -> [..46.227.200.54][..443] [TLS.DoH_DoT][Network][Fun]
+             idle: [....17] [ip4][..tcp] [.......10.0.0.1][44640] -> [...185.235.81.1][..443] [TLS.DoH_DoT][Network][Fun]
+             idle: [....21] [ip4][..tcp] [.......10.0.0.1][53802] -> [........1.0.0.1][..443] [TLS.DoH_DoT][Network][Fun]
+             idle: [....28] [ip4][..tcp] [.......10.0.0.1][54164] -> [...193.70.85.11][..443] [TLS.DoH_DoT][Network][Fun]
+             idle: [....27] [ip4][..tcp] [.......10.0.0.1][43718] -> [..146.255.56.98][..443] [TLS.DoH_DoT][Network][Fun]
+             idle: [....33] [ip4][..tcp] [.......10.0.0.1][44704] -> [...185.235.81.1][..443] [TLS.DoH_DoT][Network][Fun]
+             idle: [....18] [ip4][..tcp] [.......10.0.0.1][43106] -> [.116.202.176.26][..443] [TLS.DoH_DoT][Network][Fun]
+             idle: [.....9] [ip4][..tcp] [.......10.0.0.1][51770] -> [.......9.9.9.10][..443] [TLS.DoH_DoT][Network][Fun]
+             idle: [....32] [ip4][..tcp] [.......10.0.0.1][51846] -> [.......9.9.9.10][..443] [TLS.DoH_DoT][Network][Fun]
+             idle: [....30] [ip4][..tcp] [.......10.0.0.1][43888] -> [.95.216.229.153][..443] [TLS.DoH_DoT][Network][Fun]
+             idle: [....11] [ip4][..tcp] [.......10.0.0.1][52386] -> [..51.15.124.208][..443] [TLS.DoH_DoT][Network][Fun]
+             idle: [....19] [ip4][..tcp] [.......10.0.0.1][59026] -> [....85.5.93.230][..443] [TLS.DoH_DoT][Network][Fun]
+             idle: [....23] [ip4][..tcp] [.......10.0.0.1][52176] -> [136.144.215.158][..443] [TLS.DoH_DoT][Network][Fun]
+             idle: [....22] [ip4][..tcp] [.......10.0.0.1][33338] -> [.....45.90.28.0][..443] [TLS.DoH_DoT][Network][Fun]
+             idle: [.....1] [ip4][..tcp] [.......10.0.0.1][53674] -> [..139.99.222.72][..443] 
+             idle: [.....2] [ip4][..tcp] [.......10.0.0.1][53676] -> [..139.99.222.72][..443] 
+             idle: [....15] [ip4][..tcp] [.......10.0.0.1][36012] -> [..149.56.228.45][..453] [TLS.DoH_DoT][Network][Fun]
+                   RISK: Known Proto on Non Std Port
+             idle: [.....7] [ip4][..tcp] [.......10.0.0.1][37530] -> [167.114.220.125][..453] [TLS.DoH_DoT][Network][Fun]
+                   RISK: Known Proto on Non Std Port
+             idle: [.....3] [ip4][..tcp] [.......10.0.0.1][50614] -> [..185.95.218.42][..443] [TLS.DoH_DoT][Network][Fun]
+             idle: [....24] [ip4][..tcp] [.......10.0.0.1][39214] -> [...104.28.0.106][..443] [TLS.DoH_DoT][Network][Fun]
+             idle: [....16] [ip4][..tcp] [.......10.0.0.1][38018] -> [..45.153.187.96][..443] [TLS.DoH_DoT][Network][Fun]
+             idle: [.....5] [ip4][..tcp] [.......10.0.0.1][59404] -> [.185.253.154.66][..443] [TLS.DoH_DoT][Network][Fun]
+     DAEMON-EVENT: shutdown

test/results/flow-info/dnscrypt-v2.pcap.out

@@ -0,0 +1,13 @@
+     DAEMON-EVENT: init
+     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....1] [ip4][..udp] [......127.0.0.1][38650] -> [......127.0.0.2][.5353] 
+         detected: [.....1] [ip4][..udp] [......127.0.0.1][38650] -> [......127.0.0.2][.5353] [DNScrypt][Network][Safe]
+              new: [.....2] [ip4][..udp] [......127.0.0.1][42883] -> [......127.0.0.2][.5353] 
+         detected: [.....2] [ip4][..udp] [......127.0.0.1][42883] -> [......127.0.0.2][.5353] [DNScrypt][Network][Safe]
+              new: [.....3] [ip4][..udp] [......127.0.0.1][50893] -> [......127.0.0.2][.5353] 
+         detected: [.....3] [ip4][..udp] [......127.0.0.1][50893] -> [......127.0.0.2][.5353] [DNScrypt][Network][Safe]
+             idle: [.....3] [ip4][..udp] [......127.0.0.1][50893] -> [......127.0.0.2][.5353] [DNScrypt][Network][Safe]
+             idle: [.....1] [ip4][..udp] [......127.0.0.1][38650] -> [......127.0.0.2][.5353] [DNScrypt][Network][Safe]
+             idle: [.....2] [ip4][..udp] [......127.0.0.1][42883] -> [......127.0.0.2][.5353] [DNScrypt][Network][Safe]
+     DAEMON-EVENT: shutdown

test/results/flow-info/dnscrypt_skype_false_positive.pcapng.out

@@ -0,0 +1,10 @@
+     DAEMON-EVENT: init
+     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....1] [ip4][..udp] [..192.168.2.100][46858] -> [.212.47.228.136][..443] 
+         detected: [.....1] [ip4][..udp] [..192.168.2.100][46858] -> [.212.47.228.136][..443] [DNScrypt][Network][Safe]
+     DAEMON-EVENT: [Processed: 2 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 1 / 1|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+           update: [.....1] [ip4][..udp] [..192.168.2.100][46858] -> [.212.47.228.136][..443] [DNScrypt][Network][Safe]
+             idle: [.....1] [ip4][..udp] [..192.168.2.100][46858] -> [.212.47.228.136][..443] [DNScrypt][Network][Safe]
+     DAEMON-EVENT: shutdown

test/results/flow-info/doq.pcapng.out

@@ -0,0 +1,12 @@
+     DAEMON-EVENT: init
+     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....1] [ip6][..udp] [....................................::1][47826] -> [....................................::1][..784] 
+         detected: [.....1] [ip6][..udp] [....................................::1][47826] -> [....................................::1][..784] [QUIC.DoH_DoT][Network][Fun]
+                   RISK: Missing SNI TLS Extn
+              new: [.....2] [ip6][icmp6] [....................................::1] -> [....................................::1] 
+         detected: [.....2] [ip6][icmp6] [....................................::1] -> [....................................::1] [ICMPV6][Network][Acceptable]
+             idle: [.....2] [ip6][icmp6] [....................................::1] -> [....................................::1] [ICMPV6][Network][Acceptable]
+             idle: [.....1] [ip6][..udp] [....................................::1][47826] -> [....................................::1][..784] [QUIC.DoH_DoT][Network][Fun]
+                   RISK: Missing SNI TLS Extn
+     DAEMON-EVENT: shutdown

test/results/flow-info/doq_adguard.pcapng.out

@@ -0,0 +1,14 @@
+     DAEMON-EVENT: init
+     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....1] [ip4][..udp] [.192.168.12.169][41070] -> [...94.140.14.14][..784] 
+         detected: [.....1] [ip4][..udp] [.192.168.12.169][41070] -> [...94.140.14.14][..784] [QUIC.DoH_DoT][Network][Fun]
+          analyse: [.....1] [ip4][..udp] [.192.168.12.169][41070] -> [...94.140.14.14][..784] [QUIC.DoH_DoT][Network][Fun]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|   1.885|   0.161|   0.453]
+                   [IAT(c->s)...:    0.000|   1.830|   0.165|   0.456][IAT(s->c)...:    0.000|   1.885|   0.157|   0.450]
+                   [PKTLEN(c->s):   73.000|1274.000| 253.800| 388.300][PKTLEN(s->c):   83.000|1294.000| 659.900| 560.000]
+                   [BINS(c->s)..: 4,8,0,1,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 0,5,0,0,2,0,0,0,1,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,5,2,0,0,0,0,0,0,0,0]
+             idle: [.....1] [ip4][..udp] [.192.168.12.169][41070] -> [...94.140.14.14][..784] [QUIC.DoH_DoT][Network][Fun]
+     DAEMON-EVENT: shutdown

test/results/flow-info/dos_win98_smb_netbeui.pcap.out

@@ -0,0 +1,193 @@
+     DAEMON-EVENT: init
+     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+              new: [.....1] [ip4][..udp] [192.168.239.129][..137] -> [..192.168.239.2][..137] 
+         detected: [.....1] [ip4][..udp] [192.168.239.129][..137] -> [..192.168.239.2][..137] [NetBIOS][System][Acceptable]
+              new: [.....2] [ip4][.icmp] [192.168.239.129] -> [......224.0.0.2] 
+         detected: [.....2] [ip4][.icmp] [192.168.239.129] -> [......224.0.0.2] [ICMP][Network][Acceptable]
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+              new: [.....3] [ip4][..udp] [192.168.239.129][..137] -> [192.168.239.255][..137] 
+         detected: [.....3] [ip4][..udp] [192.168.239.129][..137] -> [192.168.239.255][..137] [NetBIOS][System][Acceptable]
+      ERROR-EVENT: Unknown packet type
+              new: [.....4] [ip4][..udp] [192.168.239.129][..138] -> [192.168.239.255][..138] 
+         detected: [.....4] [ip4][..udp] [192.168.239.129][..138] -> [192.168.239.255][..138] [NetBIOS.SMBv1][System][Dangerous]
+                   RISK: Unsafe Protocol
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+           update: [.....2] [ip4][.icmp] [192.168.239.129] -> [......224.0.0.2] [ICMP][Network][Acceptable]
+           update: [.....1] [ip4][..udp] [192.168.239.129][..137] -> [..192.168.239.2][..137] [NetBIOS][System][Acceptable]
+           update: [.....3] [ip4][..udp] [192.168.239.129][..137] -> [192.168.239.255][..137] [NetBIOS][System][Acceptable]
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+           update: [.....4] [ip4][..udp] [192.168.239.129][..138] -> [192.168.239.255][..138] [NetBIOS.SMBv1][System][Dangerous]
+                   RISK: Unsafe Protocol
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+           update: [.....2] [ip4][.icmp] [192.168.239.129] -> [......224.0.0.2] [ICMP][Network][Acceptable]
+           update: [.....1] [ip4][..udp] [192.168.239.129][..137] -> [..192.168.239.2][..137] [NetBIOS][System][Acceptable]
+           update: [.....3] [ip4][..udp] [192.168.239.129][..137] -> [192.168.239.255][..137] [NetBIOS][System][Acceptable]
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+           update: [.....4] [ip4][..udp] [192.168.239.129][..138] -> [192.168.239.255][..138] [NetBIOS.SMBv1][System][Dangerous]
+                   RISK: Unsafe Protocol
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+      ERROR-EVENT: Unknown packet type
+          analyse: [.....3] [ip4][..udp] [192.168.239.129][..137] -> [192.168.239.255][..137] [NetBIOS][System][Acceptable]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|  96.434|   4.235|  17.262]
+                   [IAT(c->s)...:    0.000|  96.434|   4.235|  17.262][IAT(s->c)...:    0.000|   0.000|   0.000|   0.000]
+                   [PKTLEN(c->s):  110.000| 110.000| 110.000|   0.000][PKTLEN(s->c):    0.000|   0.000|   0.000|   0.000]
+                   [BINS(c->s)..: 0,0,32,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+             idle: [.....2] [ip4][.icmp] [192.168.239.129] -> [......224.0.0.2] [ICMP][Network][Acceptable]
+             idle: [.....3] [ip4][..udp] [192.168.239.129][..137] -> [192.168.239.255][..137] [NetBIOS][System][Acceptable]
+             idle: [.....1] [ip4][..udp] [192.168.239.129][..137] -> [..192.168.239.2][..137] [NetBIOS][System][Acceptable]
+             idle: [.....4] [ip4][..udp] [192.168.239.129][..138] -> [192.168.239.255][..138] [NetBIOS.SMBv1][System][Dangerous]
+                   RISK: Unsafe Protocol
+     DAEMON-EVENT: shutdown

test/results/flow-info/drda_db2.pcap.out

@@ -0,0 +1,14 @@
+     DAEMON-EVENT: init
+     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....1] [ip4][..tcp] [..192.168.106.1][.4847] -> [192.168.106.128][50000] 
+         detected: [.....1] [ip4][..tcp] [..192.168.106.1][.4847] -> [192.168.106.128][50000] [DRDA][Database][Acceptable]
+          analyse: [.....1] [ip4][..tcp] [..192.168.106.1][.4847] -> [192.168.106.128][50000] [DRDA][Database][Acceptable]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|  17.986|   1.315|   4.366]
+                   [IAT(c->s)...:    0.001|  17.828|   1.279|   4.282][IAT(s->c)...:    0.000|  17.986|   1.354|   4.454]
+                   [PKTLEN(c->s):   54.000| 717.000| 176.300| 177.000][PKTLEN(s->c):   54.000| 684.000| 220.400| 202.400]
+                   [BINS(c->s)..: 10,0,1,0,0,1,0,1,2,0,1,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 5,4,0,1,0,0,0,1,0,0,0,0,2,0,1,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+              end: [.....1] [ip4][..tcp] [..192.168.106.1][.4847] -> [192.168.106.128][50000] [DRDA][Database][Acceptable]
+     DAEMON-EVENT: shutdown

test/results/flow-info/dropbox.pcap.out

@@ -0,0 +1,91 @@
+     DAEMON-EVENT: init
+     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....1] [ip4][..udp] [...192.168.56.1][50311] -> [.192.168.56.101][17500] 
+         detected: [.....1] [ip4][..udp] [...192.168.56.1][50311] -> [.192.168.56.101][17500] [Dropbox][Cloud][Acceptable]
+              new: [.....2] [ip4][..udp] [...192.168.56.1][50318] -> [.192.168.56.101][17500] 
+         detected: [.....2] [ip4][..udp] [...192.168.56.1][50318] -> [.192.168.56.101][17500] [Dropbox][Cloud][Acceptable]
+          analyse: [.....1] [ip4][..udp] [...192.168.56.1][50311] -> [.192.168.56.101][17500] [Dropbox][Cloud][Acceptable]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.002|   0.118|   0.106|   0.019]
+                   [IAT(c->s)...:    0.104|   0.118|   0.110|   0.003][IAT(s->c)...:    0.002|   0.116|   0.103|   0.026]
+                   [PKTLEN(c->s):  136.000| 143.000| 138.100|   2.100][PKTLEN(s->c):   59.000|  66.000|  61.100|   2.100]
+                   [BINS(c->s)..: 0,0,8,8,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+              new: [.....3] [ip4][..udp] [...192.168.56.1][50312] -> [.192.168.56.101][17500] 
+         detected: [.....3] [ip4][..udp] [...192.168.56.1][50312] -> [.192.168.56.101][17500] [Dropbox][Cloud][Acceptable]
+          analyse: [.....2] [ip4][..udp] [...192.168.56.1][50318] -> [.192.168.56.101][17500] [Dropbox][Cloud][Acceptable]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.002|   0.128|   0.112|   0.021]
+                   [IAT(c->s)...:    0.106|   0.128|   0.115|   0.006][IAT(s->c)...:    0.002|   0.126|   0.108|   0.028]
+                   [PKTLEN(c->s):  137.000| 142.000| 139.000|   1.800][PKTLEN(s->c):   60.000|  65.000|  62.000|   1.800]
+                   [BINS(c->s)..: 0,0,6,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+              new: [.....4] [ip4][..udp] [...192.168.56.1][50319] -> [.192.168.56.101][17500] 
+         detected: [.....4] [ip4][..udp] [...192.168.56.1][50319] -> [.192.168.56.101][17500] [Dropbox][Cloud][Acceptable]
+          analyse: [.....3] [ip4][..udp] [...192.168.56.1][50312] -> [.192.168.56.101][17500] [Dropbox][Cloud][Acceptable]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.001|   0.131|   0.117|   0.022]
+                   [IAT(c->s)...:    0.105|   0.131|   0.121|   0.008][IAT(s->c)...:    0.001|   0.131|   0.113|   0.030]
+                   [PKTLEN(c->s):  137.000| 143.000| 139.800|   1.800][PKTLEN(s->c):   60.000|  66.000|  62.800|   1.800]
+                   [BINS(c->s)..: 0,0,3,13,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+          analyse: [.....4] [ip4][..udp] [...192.168.56.1][50319] -> [.192.168.56.101][17500] [Dropbox][Cloud][Acceptable]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.005|   0.172|   0.127|   0.026]
+                   [IAT(c->s)...:    0.107|   0.172|   0.131|   0.015][IAT(s->c)...:    0.005|   0.165|   0.123|   0.033]
+                   [PKTLEN(c->s):  136.000| 143.000| 139.600|   2.200][PKTLEN(s->c):   59.000|  66.000|  62.600|   2.200]
+                   [BINS(c->s)..: 0,0,4,12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+     DAEMON-EVENT: [Processed: 800 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 4 / 4|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....5] [ip4][..udp] [..192.168.1.105][55407] -> [..192.168.1.254][...53] 
+         detected: [.....5] [ip4][..udp] [..192.168.1.105][55407] -> [..192.168.1.254][...53] [DNS.Dropbox][Cloud][Acceptable]
+ detection-update: [.....5] [ip4][..udp] [..192.168.1.105][55407] -> [..192.168.1.254][...53] [DNS.Dropbox][Cloud][Acceptable]
+              new: [.....6] [ip4][..udp] [..192.168.1.105][49112] -> [..192.168.1.254][...53] 
+         detected: [.....6] [ip4][..udp] [..192.168.1.105][49112] -> [..192.168.1.254][...53] [DNS.Dropbox][Cloud][Acceptable]
+              new: [.....7] [ip4][..udp] [..192.168.1.105][50789] -> [..192.168.1.254][...53] 
+         detected: [.....7] [ip4][..udp] [..192.168.1.105][50789] -> [..192.168.1.254][...53] [DNS.Dropbox][Cloud][Acceptable]
+ detection-update: [.....6] [ip4][..udp] [..192.168.1.105][49112] -> [..192.168.1.254][...53] [DNS.Dropbox][Cloud][Acceptable]
+ detection-update: [.....7] [ip4][..udp] [..192.168.1.105][50789] -> [..192.168.1.254][...53] [DNS.Dropbox][Cloud][Acceptable]
+             idle: [.....1] [ip4][..udp] [...192.168.56.1][50311] -> [.192.168.56.101][17500] [Dropbox][Cloud][Acceptable]
+             idle: [.....3] [ip4][..udp] [...192.168.56.1][50312] -> [.192.168.56.101][17500] [Dropbox][Cloud][Acceptable]
+             idle: [.....2] [ip4][..udp] [...192.168.56.1][50318] -> [.192.168.56.101][17500] [Dropbox][Cloud][Acceptable]
+             idle: [.....4] [ip4][..udp] [...192.168.56.1][50319] -> [.192.168.56.101][17500] [Dropbox][Cloud][Acceptable]
+              new: [.....8] [ip4][..udp] [..192.168.1.105][36173] -> [..192.168.1.254][...53] 
+         detected: [.....8] [ip4][..udp] [..192.168.1.105][36173] -> [..192.168.1.254][...53] [DNS.Dropbox][Cloud][Acceptable]
+ detection-update: [.....8] [ip4][..udp] [..192.168.1.105][36173] -> [..192.168.1.254][...53] [DNS.Dropbox][Cloud][Acceptable]
+ detection-update: [.....8] [ip4][..udp] [..192.168.1.105][36173] -> [..192.168.1.254][...53] [DNS.Dropbox][Cloud][Acceptable]
+              new: [.....9] [ip4][..udp] [..192.168.1.105][17500] -> [255.255.255.255][17500] 
+         detected: [.....9] [ip4][..udp] [..192.168.1.105][17500] -> [255.255.255.255][17500] [Dropbox][Cloud][Acceptable]
+              new: [....10] [ip4][..udp] [..192.168.1.105][17500] -> [..192.168.1.255][17500] 
+         detected: [....10] [ip4][..udp] [..192.168.1.105][17500] -> [..192.168.1.255][17500] [Dropbox][Cloud][Acceptable]
+              new: [....11] [ip4][..udp] [..192.168.1.105][33189] -> [..192.168.1.254][...53] 
+         detected: [....11] [ip4][..udp] [..192.168.1.105][33189] -> [..192.168.1.254][...53] [DNS.Dropbox][Cloud][Acceptable]
+ detection-update: [....11] [ip4][..udp] [..192.168.1.105][33189] -> [..192.168.1.254][...53] [DNS.Dropbox][Cloud][Acceptable]
+     DAEMON-EVENT: [Processed: 836 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 7 / 11|skipped: 0|!detected: 0|guessed: 0|detection-updates: 6|updates: 0]
+              new: [....12] [ip4][..udp] [....192.168.1.6][17500] -> [255.255.255.255][17500] 
+         detected: [....12] [ip4][..udp] [....192.168.1.6][17500] -> [255.255.255.255][17500] [Dropbox][Cloud][Acceptable]
+              new: [....13] [ip4][..udp] [....192.168.1.6][17500] -> [..192.168.1.255][17500] 
+         detected: [....13] [ip4][..udp] [....192.168.1.6][17500] -> [..192.168.1.255][17500] [Dropbox][Cloud][Acceptable]
+             idle: [.....7] [ip4][..udp] [..192.168.1.105][50789] -> [..192.168.1.254][...53] [DNS.Dropbox][Cloud][Acceptable]
+             idle: [.....9] [ip4][..udp] [..192.168.1.105][17500] -> [255.255.255.255][17500] [Dropbox][Cloud][Acceptable]
+             idle: [.....6] [ip4][..udp] [..192.168.1.105][49112] -> [..192.168.1.254][...53] [DNS.Dropbox][Cloud][Acceptable]
+             idle: [.....5] [ip4][..udp] [..192.168.1.105][55407] -> [..192.168.1.254][...53] [DNS.Dropbox][Cloud][Acceptable]
+             idle: [....10] [ip4][..udp] [..192.168.1.105][17500] -> [..192.168.1.255][17500] [Dropbox][Cloud][Acceptable]
+             idle: [....11] [ip4][..udp] [..192.168.1.105][33189] -> [..192.168.1.254][...53] [DNS.Dropbox][Cloud][Acceptable]
+             idle: [.....8] [ip4][..udp] [..192.168.1.105][36173] -> [..192.168.1.254][...53] [DNS.Dropbox][Cloud][Acceptable]
+           update: [....12] [ip4][..udp] [....192.168.1.6][17500] -> [255.255.255.255][17500] [Dropbox][Cloud][Acceptable]
+           update: [....13] [ip4][..udp] [....192.168.1.6][17500] -> [..192.168.1.255][17500] [Dropbox][Cloud][Acceptable]
+              new: [....14] [ip4][..udp] [...192.168.1.64][17500] -> [255.255.255.255][17500] 
+         detected: [....14] [ip4][..udp] [...192.168.1.64][17500] -> [255.255.255.255][17500] [Dropbox][Cloud][Acceptable]
+              new: [....15] [ip4][..udp] [...192.168.1.64][17500] -> [..192.168.1.255][17500] 
+         detected: [....15] [ip4][..udp] [...192.168.1.64][17500] -> [..192.168.1.255][17500] [Dropbox][Cloud][Acceptable]
+           update: [....12] [ip4][..udp] [....192.168.1.6][17500] -> [255.255.255.255][17500] [Dropbox][Cloud][Acceptable]
+           update: [....13] [ip4][..udp] [....192.168.1.6][17500] -> [..192.168.1.255][17500] [Dropbox][Cloud][Acceptable]
+             idle: [....14] [ip4][..udp] [...192.168.1.64][17500] -> [255.255.255.255][17500] [Dropbox][Cloud][Acceptable]
+             idle: [....12] [ip4][..udp] [....192.168.1.6][17500] -> [255.255.255.255][17500] [Dropbox][Cloud][Acceptable]
+             idle: [....15] [ip4][..udp] [...192.168.1.64][17500] -> [..192.168.1.255][17500] [Dropbox][Cloud][Acceptable]
+             idle: [....13] [ip4][..udp] [....192.168.1.6][17500] -> [..192.168.1.255][17500] [Dropbox][Cloud][Acceptable]
+     DAEMON-EVENT: shutdown

test/results/flow-info/dtls.pcap.out

@@ -0,0 +1,8 @@
+     DAEMON-EVENT: init
+     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....1] [ip4][..udp] [.192.168.13.203][40739] -> [..192.168.13.57][56515] 
+         detected: [.....1] [ip4][..udp] [.192.168.13.203][40739] -> [..192.168.13.57][56515] [DTLS][Web][Safe]
+                   RISK: TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn
+             idle: [.....1] [ip4][..udp] [.192.168.13.203][40739] -> [..192.168.13.57][56515] 
+     DAEMON-EVENT: shutdown

test/results/flow-info/dtls2.pcap.out

@@ -0,0 +1,21 @@
+     DAEMON-EVENT: init
+     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....1] [ip4][..udp] [..61.68.110.153][53045] -> [..212.32.214.39][61457] 
+         detected: [.....1] [ip4][..udp] [..61.68.110.153][53045] -> [..212.32.214.39][61457] [DTLS][Web][Safe]
+                   RISK: TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn
+ detection-update: [.....1] [ip4][..udp] [..61.68.110.153][53045] -> [..212.32.214.39][61457] [DTLS][Web][Safe]
+                   RISK: Weak TLS Cipher, TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn
+           update: [.....1] [ip4][..udp] [..61.68.110.153][53045] -> [..212.32.214.39][61457] [DTLS][Web][Safe]
+                   RISK: Weak TLS Cipher, TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn
+           update: [.....1] [ip4][..udp] [..61.68.110.153][53045] -> [..212.32.214.39][61457] [DTLS][Web][Safe]
+                   RISK: Weak TLS Cipher, TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn
+           update: [.....1] [ip4][..udp] [..61.68.110.153][53045] -> [..212.32.214.39][61457] [DTLS][Web][Safe]
+                   RISK: Weak TLS Cipher, TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn
+           update: [.....1] [ip4][..udp] [..61.68.110.153][53045] -> [..212.32.214.39][61457] [DTLS][Web][Safe]
+                   RISK: Weak TLS Cipher, TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn
+           update: [.....1] [ip4][..udp] [..61.68.110.153][53045] -> [..212.32.214.39][61457] [DTLS][Web][Safe]
+                   RISK: Weak TLS Cipher, TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn
+             idle: [.....1] [ip4][..udp] [..61.68.110.153][53045] -> [..212.32.214.39][61457] [DTLS][Web][Safe]
+                   RISK: Weak TLS Cipher, TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn
+     DAEMON-EVENT: shutdown

test/results/flow-info/dtls_certificate.pcapng.out

@@ -0,0 +1,9 @@
+     DAEMON-EVENT: init
+     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....1] [ip4][..udp] [..191.62.60.190][..443] -> [.163.205.15.180][38876] 
+         detected: [.....1] [ip4][..udp] [..191.62.60.190][..443] -> [.163.205.15.180][38876] [DTLS.WindowsUpdate][SoftwareUpdate][Safe]
+                   RISK: TLS Cert Expired
+             idle: [.....1] [ip4][..udp] [..191.62.60.190][..443] -> [.163.205.15.180][38876] [DTLS.WindowsUpdate][SoftwareUpdate][Safe]
+                   RISK: TLS Cert Expired
+     DAEMON-EVENT: shutdown

test/results/flow-info/dtls_certificate_fragments.pcap.out

@@ -0,0 +1,11 @@
+     DAEMON-EVENT: init
+     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....1] [ip4][..udp] [.10.186.198.149][39347] -> [..35.210.59.134][44443] 
+         detected: [.....1] [ip4][..udp] [.10.186.198.149][39347] -> [..35.210.59.134][44443] [DTLS.GoogleCloud][Cloud][Acceptable]
+                   RISK: TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn
+ detection-update: [.....1] [ip4][..udp] [.10.186.198.149][39347] -> [..35.210.59.134][44443] [DTLS.GoogleCloud][Cloud][Acceptable]
+                   RISK: Weak TLS Cipher, TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn
+             idle: [.....1] [ip4][..udp] [.10.186.198.149][39347] -> [..35.210.59.134][44443] [DTLS.GoogleCloud][Cloud][Acceptable]
+                   RISK: Weak TLS Cipher, TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn
+     DAEMON-EVENT: shutdown

test/results/flow-info/dtls_mid_sessions.pcapng.out

@@ -0,0 +1,16 @@
+     DAEMON-EVENT: init
+     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....1] [ip4][..udp] [..53.214.238.65][53558] -> [199.186.151.155][..443] 
+         detected: [.....1] [ip4][..udp] [..53.214.238.65][53558] -> [199.186.151.155][..443] [DTLS][Web][Safe]
+              new: [.....2] [ip4][..udp] [.135.215.56.198][..443] -> [..124.73.140.89][61189] 
+         detected: [.....2] [ip4][..udp] [.135.215.56.198][..443] -> [..124.73.140.89][61189] [DTLS][Web][Safe]
+              new: [.....3] [ip4][..udp] [170.151.105.215][..443] -> [121.152.255.238][.8460] 
+         detected: [.....3] [ip4][..udp] [170.151.105.215][..443] -> [121.152.255.238][.8460] [DTLS][Web][Safe]
+              new: [.....4] [ip4][..udp] [170.151.105.215][..443] -> [.72.102.179.218][62811] 
+         detected: [.....4] [ip4][..udp] [170.151.105.215][..443] -> [.72.102.179.218][62811] [DTLS][Web][Safe]
+             idle: [.....2] [ip4][..udp] [.135.215.56.198][..443] -> [..124.73.140.89][61189] [DTLS][Web][Safe]
+             idle: [.....3] [ip4][..udp] [170.151.105.215][..443] -> [121.152.255.238][.8460] [DTLS][Web][Safe]
+             idle: [.....1] [ip4][..udp] [..53.214.238.65][53558] -> [199.186.151.155][..443] [DTLS][Web][Safe]
+             idle: [.....4] [ip4][..udp] [170.151.105.215][..443] -> [.72.102.179.218][62811] [DTLS][Web][Safe]
+     DAEMON-EVENT: shutdown

test/results/flow-info/dtls_old_version.pcapng.out

@@ -0,0 +1,11 @@
+     DAEMON-EVENT: init
+     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....1] [ip4][..udp] [...37.188.4.115][56453] -> [....70.66.6.128][..443] 
+         detected: [.....1] [ip4][..udp] [...37.188.4.115][56453] -> [....70.66.6.128][..443] [DTLS][Web][Safe]
+                   RISK: Obsolete TLS (v1.1 or older)
+ detection-update: [.....1] [ip4][..udp] [...37.188.4.115][56453] -> [....70.66.6.128][..443] [DTLS][Web][Safe]
+                   RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher
+             idle: [.....1] [ip4][..udp] [...37.188.4.115][56453] -> [....70.66.6.128][..443] [DTLS][Web][Safe]
+                   RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher
+     DAEMON-EVENT: shutdown

test/results/flow-info/dtls_session_id_and_coockie_both.pcap.out

@@ -0,0 +1,11 @@
+     DAEMON-EVENT: init
+     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....1] [ip4][..udp] [185.196.113.239][50257] -> [223.116.105.247][44443] 
+         detected: [.....1] [ip4][..udp] [185.196.113.239][50257] -> [223.116.105.247][44443] [DTLS][Web][Safe]
+                   RISK: TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn
+ detection-update: [.....1] [ip4][..udp] [185.196.113.239][50257] -> [223.116.105.247][44443] [DTLS][Web][Safe]
+                   RISK: TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn
+             idle: [.....1] [ip4][..udp] [185.196.113.239][50257] -> [223.116.105.247][44443] [DTLS][Web][Safe]
+                   RISK: TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn
+     DAEMON-EVENT: shutdown

test/results/flow-info/emotet.pcap.out

@@ -0,0 +1,80 @@
+     DAEMON-EVENT: init
+     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....1] [ip4][..tcp] [....10.2.25.102][57309] -> [..193.252.22.84][..587] 
+         detected: [.....1] [ip4][..tcp] [....10.2.25.102][57309] -> [..193.252.22.84][..587] [SMTP][Email][Acceptable]
+          analyse: [.....1] [ip4][..tcp] [....10.2.25.102][57309] -> [..193.252.22.84][..587] [SMTP][Email][Acceptable]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|   3.056|   0.539|   0.774]
+                   [IAT(c->s)...:    0.000|   3.056|   0.696|   0.816][IAT(s->c)...:    0.000|   3.055|   0.439|   0.729]
+                   [PKTLEN(c->s):   54.000| 752.000| 124.000| 181.800][PKTLEN(s->c):   54.000| 214.000|  74.800|  37.700]
+                   [BINS(c->s)..: 8,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 14,4,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+     DAEMON-EVENT: [Processed: 626 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 1 / 1|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....2] [ip4][..tcp] [....10.3.29.101][56309] -> [.104.161.127.22][...80] 
+         detected: [.....2] [ip4][..tcp] [....10.3.29.101][56309] -> [.104.161.127.22][...80] [HTTP][Web][Acceptable]
+          analyse: [.....2] [ip4][..tcp] [....10.3.29.101][56309] -> [.104.161.127.22][...80] [HTTP][Web][Acceptable]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|   0.204|   0.029|   0.060]
+                   [IAT(c->s)...:    0.000|   0.204|   0.041|   0.068][IAT(s->c)...:    0.000|   0.204|   0.022|   0.054]
+                   [PKTLEN(c->s):   54.000| 500.000|  92.200| 123.000][PKTLEN(s->c):   54.000|1415.000|1279.100| 407.700]
+                   [BINS(c->s)..: 11,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,18,0,0,0,0,0]
+              end: [.....1] [ip4][..tcp] [....10.2.25.102][57309] -> [..193.252.22.84][..587] [SMTP][Email][Acceptable]
+     DAEMON-EVENT: [Processed: 834 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 1 / 2|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....3] [ip4][..tcp] [....10.4.20.102][54319] -> [107.161.178.210][...80] 
+         detected: [.....3] [ip4][..tcp] [....10.4.20.102][54319] -> [107.161.178.210][...80] [HTTP][Web][Acceptable]
+ detection-update: [.....3] [ip4][..tcp] [....10.4.20.102][54319] -> [107.161.178.210][...80] [HTTP][Web][Acceptable]
+                   RISK: Binary App Transfer
+          analyse: [.....3] [ip4][..tcp] [....10.4.20.102][54319] -> [107.161.178.210][...80] [HTTP][Web][Acceptable]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|   0.261|   0.031|   0.066]
+                   [IAT(c->s)...:    0.000|   0.260|   0.030|   0.065][IAT(s->c)...:    0.000|   0.261|   0.032|   0.067]
+                   [PKTLEN(c->s):   60.000| 279.000|  73.200|  51.500][PKTLEN(s->c):   62.000|1442.000|1350.000| 344.200]
+                   [BINS(c->s)..: 16,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,14,0,0,0,0]
+              end: [.....2] [ip4][..tcp] [....10.3.29.101][56309] -> [.104.161.127.22][...80] [HTTP][Web][Acceptable]
+     DAEMON-EVENT: [Processed: 1663 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 1 / 3|skipped: 0|!detected: 0|guessed: 0|detection-updates: 1|updates: 0]
+              new: [.....4] [ip4][..tcp] [....10.4.25.101][49797] -> [..77.105.36.156][...80] 
+         detected: [.....4] [ip4][..tcp] [....10.4.25.101][49797] -> [..77.105.36.156][...80] [HTTP][Web][Acceptable]
+                   RISK: HTTP Suspicious User-Agent
+ detection-update: [.....4] [ip4][..tcp] [....10.4.25.101][49797] -> [..77.105.36.156][...80] [HTTP][Download][Acceptable]
+                   RISK: Binary App Transfer, HTTP Suspicious User-Agent
+          analyse: [.....4] [ip4][..tcp] [....10.4.25.101][49797] -> [..77.105.36.156][...80] [HTTP][Download][Acceptable]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|   0.292|   0.042|   0.080]
+                   [IAT(c->s)...:    0.000|   0.292|   0.073|   0.105][IAT(s->c)...:    0.000|   0.184|   0.030|   0.062]
+                   [PKTLEN(c->s):   60.000| 206.000|  75.200|  43.600][PKTLEN(s->c):   60.000|1442.000|1264.600| 420.200]
+                   [BINS(c->s)..: 9,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,18,0,0,0,0]
+              end: [.....3] [ip4][..tcp] [....10.4.20.102][54319] -> [107.161.178.210][...80] [HTTP][Web][Acceptable]
+                   RISK: Binary App Transfer
+              new: [.....5] [ip4][..tcp] [....10.4.25.101][49803] -> [138.197.147.101][..443] 
+         detected: [.....5] [ip4][..tcp] [....10.4.25.101][49803] -> [138.197.147.101][..443] [TLS][Web][Safe]
+                   RISK: TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn
+ detection-update: [.....5] [ip4][..tcp] [....10.4.25.101][49803] -> [138.197.147.101][..443] [TLS][Web][Safe]
+                   RISK: Self-signed Cert, TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn
+          analyse: [.....5] [ip4][..tcp] [....10.4.25.101][49803] -> [138.197.147.101][..443] 
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|   1.263|   0.117|   0.292]
+                   [IAT(c->s)...:    0.000|   1.263|   0.146|   0.340][IAT(s->c)...:    0.000|   1.117|   0.097|   0.253]
+                   [PKTLEN(c->s):   60.000| 534.000| 115.100| 122.800][PKTLEN(s->c):   60.000|1442.000|1147.800| 551.200]
+                   [BINS(c->s)..: 11,0,1,0,1,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 3,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,14,0,0,0,0]
+ detection-update: [.....5] [ip4][..tcp] [....10.4.25.101][49803] -> [138.197.147.101][..443] [TLS][Web][Safe]
+                   RISK: Self-signed Cert, TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn
+              new: [.....6] [ip4][..tcp] [....10.4.25.101][49804] -> [138.197.147.101][..443] 
+         detected: [.....6] [ip4][..tcp] [....10.4.25.101][49804] -> [138.197.147.101][..443] [TLS][Web][Safe]
+                   RISK: TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn
+ detection-update: [.....6] [ip4][..tcp] [....10.4.25.101][49804] -> [138.197.147.101][..443] [TLS][Web][Safe]
+                   RISK: TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn
+              end: [.....4] [ip4][..tcp] [....10.4.25.101][49797] -> [..77.105.36.156][...80] [HTTP][Download][Acceptable]
+                   RISK: Binary App Transfer, HTTP Suspicious User-Agent
+              end: [.....5] [ip4][..tcp] [....10.4.25.101][49803] -> [138.197.147.101][..443] [TLS][Web][Safe]
+                   RISK: Self-signed Cert, TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn
+              end: [.....6] [ip4][..tcp] [....10.4.25.101][49804] -> [138.197.147.101][..443] [TLS][Web][Safe]
+                   RISK: TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn
+     DAEMON-EVENT: shutdown

test/results/flow-info/encrypted_sni.pcap.out

@@ -0,0 +1,13 @@
+     DAEMON-EVENT: init
+     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....1] [ip4][..tcp] [...192.168.1.12][49886] -> [..104.27.129.77][..443] [MIDSTREAM] 
+         detected: [.....1] [ip4][..tcp] [...192.168.1.12][49886] -> [..104.27.129.77][..443] [TLS.Cloudflare][Web][Acceptable]
+              new: [.....2] [ip4][..tcp] [...192.168.1.12][49887] -> [.104.16.125.175][..443] [MIDSTREAM] 
+         detected: [.....2] [ip4][..tcp] [...192.168.1.12][49887] -> [.104.16.125.175][..443] [TLS.Cloudflare][Web][Acceptable]
+              new: [.....3] [ip4][..tcp] [...192.168.1.12][49897] -> [..104.22.71.197][..443] [MIDSTREAM] 
+         detected: [.....3] [ip4][..tcp] [...192.168.1.12][49897] -> [..104.22.71.197][..443] [TLS.Cloudflare][Web][Acceptable]
+             idle: [.....1] [ip4][..tcp] [...192.168.1.12][49886] -> [..104.27.129.77][..443] 
+             idle: [.....3] [ip4][..tcp] [...192.168.1.12][49897] -> [..104.22.71.197][..443] 
+             idle: [.....2] [ip4][..tcp] [...192.168.1.12][49887] -> [.104.16.125.175][..443] 
+     DAEMON-EVENT: shutdown

test/results/flow-info/esp.pcapng.out

@@ -0,0 +1,10 @@
+     DAEMON-EVENT: init
+     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....1] [ip4][..udp] [.......10.2.3.2][..500] -> [.......10.3.4.4][..500] 
+         detected: [.....1] [ip4][..udp] [.......10.2.3.2][..500] -> [.......10.3.4.4][..500] [IPSec][VPN][Safe]
+              new: [.....2] [ip4][...50] [.......10.2.3.2] -> [.......10.3.4.4] 
+         detected: [.....2] [ip4][...50] [.......10.2.3.2] -> [.......10.3.4.4] [IPSec][VPN][Safe]
+             idle: [.....1] [ip4][..udp] [.......10.2.3.2][..500] -> [.......10.3.4.4][..500] [IPSec][VPN][Safe]
+             idle: [.....2] [ip4][...50] [.......10.2.3.2] -> [.......10.3.4.4] [IPSec][VPN][Safe]
+     DAEMON-EVENT: shutdown

test/results/flow-info/ethereum.pcap.out

@@ -0,0 +1,600 @@
+     DAEMON-EVENT: init
+     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....1] [ip4][..udp] [...87.14.222.25][56693] -> [..192.168.1.184][30303] 
+         detected: [.....1] [ip4][..udp] [...87.14.222.25][56693] -> [..192.168.1.184][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+              new: [.....2] [ip4][..udp] [...60.191.32.71][30303] -> [..192.168.1.184][30303] 
+         detected: [.....2] [ip4][..udp] [...60.191.32.71][30303] -> [..192.168.1.184][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+              new: [.....3] [ip4][..udp] [...3.112.138.57][25516] -> [..192.168.1.184][30303] 
+         detected: [.....3] [ip4][..udp] [...3.112.138.57][25516] -> [..192.168.1.184][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+              new: [.....4] [ip4][..udp] [..192.168.1.184][30303] -> [....3.209.45.79][30303] 
+         detected: [.....4] [ip4][..udp] [..192.168.1.184][30303] -> [....3.209.45.79][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+              new: [.....5] [ip4][..udp] [..192.168.1.184][30303] -> [.52.231.165.108][30303] 
+         detected: [.....5] [ip4][..udp] [..192.168.1.184][30303] -> [.52.231.165.108][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+              new: [.....6] [ip4][..udp] [..192.168.1.184][30303] -> [..18.138.108.67][30303] 
+         detected: [.....6] [ip4][..udp] [..192.168.1.184][30303] -> [..18.138.108.67][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+              new: [.....7] [ip4][..udp] [..192.168.1.184][30303] -> [...34.97.172.22][30303] 
+         detected: [.....7] [ip4][..udp] [..192.168.1.184][30303] -> [...34.97.172.22][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+              new: [.....8] [ip4][..udp] [..192.168.1.184][30303] -> [...66.42.82.246][30303] 
+         detected: [.....8] [ip4][..udp] [..192.168.1.184][30303] -> [...66.42.82.246][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+              new: [.....9] [ip4][..tcp] [..192.168.1.184][56612] -> [...66.42.82.246][30303] 
+              new: [....10] [ip4][..tcp] [..192.168.1.184][56610] -> [..165.22.107.33][30303] 
+              new: [....11] [ip4][..tcp] [..192.168.1.184][56611] -> [..104.42.217.25][30303] 
+              new: [....12] [ip4][..tcp] [..192.168.1.184][56613] -> [.162.243.160.83][30303] 
+              new: [....13] [ip4][..tcp] [..192.168.1.184][56615] -> [.35.158.244.151][30303] 
+              new: [....14] [ip4][..tcp] [..192.168.1.184][56617] -> [...34.97.172.22][30303] 
+              new: [....15] [ip4][..tcp] [..192.168.1.184][56618] -> [.52.231.165.108][30303] 
+              new: [....16] [ip4][..tcp] [..192.168.1.184][56620] -> [191.234.162.198][30303] 
+              new: [....17] [ip4][..tcp] [..192.168.1.184][56621] -> [..52.187.207.27][30303] 
+              new: [....18] [ip4][..tcp] [..192.168.1.184][56622] -> [..18.138.108.67][30303] 
+              new: [....19] [ip4][..tcp] [..192.168.1.184][56623] -> [...18.138.81.28][30303] 
+              new: [....20] [ip4][..tcp] [..192.168.1.184][56624] -> [....89.38.99.34][30303] 
+              new: [....21] [ip4][..tcp] [..192.168.1.184][56625] -> [.....5.1.83.226][30303] 
+              new: [....22] [ip4][..tcp] [..192.168.1.184][56626] -> [178.128.195.220][30303] 
+              new: [....23] [ip4][..tcp] [..192.168.1.184][56627] -> [..34.255.23.113][30303] 
+              new: [....24] [ip4][..tcp] [..192.168.1.184][56628] -> [....3.209.45.79][30303] 
+         detected: [....13] [ip4][..tcp] [..192.168.1.184][56615] -> [.35.158.244.151][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+         detected: [....22] [ip4][..tcp] [..192.168.1.184][56626] -> [178.128.195.220][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+         detected: [....20] [ip4][..tcp] [..192.168.1.184][56624] -> [....89.38.99.34][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+         detected: [....23] [ip4][..tcp] [..192.168.1.184][56627] -> [..34.255.23.113][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+              new: [....25] [ip4][..tcp] [..192.168.1.184][56629] -> [....51.38.60.79][30303] 
+         detected: [....12] [ip4][..tcp] [..192.168.1.184][56613] -> [.162.243.160.83][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+              new: [....26] [ip4][..udp] [..192.168.1.184][30303] -> [...128.0.51.140][30303] 
+         detected: [....26] [ip4][..udp] [..192.168.1.184][30303] -> [...128.0.51.140][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+          analyse: [....13] [ip4][..tcp] [..192.168.1.184][56615] -> [.35.158.244.151][30303] [Mining][Mining][Unsafe]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|   0.063|   0.008|   0.018]
+                   [IAT(c->s)...:    0.000|   0.062|   0.005|   0.016][IAT(s->c)...:    0.000|   0.063|   0.012|   0.021]
+                   [PKTLEN(c->s):   66.000| 561.000| 101.600| 106.200][PKTLEN(s->c):   60.000| 514.000| 112.200| 127.500]
+                   [BINS(c->s)..: 17,2,0,1,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 9,1,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+              new: [....27] [ip4][..tcp] [..192.168.1.184][56630] -> [..40.67.144.128][30303] 
+         detected: [....24] [ip4][..tcp] [..192.168.1.184][56628] -> [....3.209.45.79][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+          analyse: [....22] [ip4][..tcp] [..192.168.1.184][56626] -> [178.128.195.220][30303] [Mining][Mining][Unsafe]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|   0.063|   0.009|   0.019]
+                   [IAT(c->s)...:    0.000|   0.063|   0.007|   0.017][IAT(s->c)...:    0.000|   0.063|   0.012|   0.021]
+                   [PKTLEN(c->s):   66.000| 612.000| 121.900| 128.500][PKTLEN(s->c):   66.000| 470.000| 121.700| 112.700]
+                   [BINS(c->s)..: 14,3,0,1,0,0,0,0,1,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 9,1,0,0,1,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+         detected: [.....9] [ip4][..tcp] [..192.168.1.184][56612] -> [...66.42.82.246][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+         detected: [....25] [ip4][..tcp] [..192.168.1.184][56629] -> [....51.38.60.79][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+              new: [....28] [ip4][..tcp] [..192.168.1.184][56632] -> [...51.38.81.180][30303] 
+              new: [....29] [ip4][..udp] [..192.168.1.184][30303] -> [..54.36.160.211][30303] 
+         detected: [....29] [ip4][..udp] [..192.168.1.184][30303] -> [..54.36.160.211][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+              new: [....30] [ip4][..tcp] [..192.168.1.184][56633] -> [.82.145.220.249][30303] 
+         detected: [....11] [ip4][..tcp] [..192.168.1.184][56611] -> [..104.42.217.25][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+          analyse: [....23] [ip4][..tcp] [..192.168.1.184][56627] -> [..34.255.23.113][30303] [Mining][Mining][Unsafe]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|   0.070|   0.011|   0.024]
+                   [IAT(c->s)...:    0.000|   0.070|   0.007|   0.020][IAT(s->c)...:    0.000|   0.070|   0.018|   0.029]
+                   [PKTLEN(c->s):   66.000| 578.000| 102.400| 109.700][PKTLEN(s->c):   60.000| 468.000| 108.000| 114.300]
+                   [BINS(c->s)..: 17,2,0,1,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 9,1,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+              new: [....31] [ip4][..udp] [..192.168.1.184][30303] -> [..111.229.0.180][20182] 
+         detected: [....31] [ip4][..udp] [..192.168.1.184][30303] -> [..111.229.0.180][20182] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+         detected: [....28] [ip4][..tcp] [..192.168.1.184][56632] -> [...51.38.81.180][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+              new: [....32] [ip4][..udp] [..192.168.1.184][30303] -> [...209.97.143.1][50000] 
+         detected: [....32] [ip4][..udp] [..192.168.1.184][30303] -> [...209.97.143.1][50000] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+         detected: [....15] [ip4][..tcp] [..192.168.1.184][56618] -> [.52.231.165.108][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+          analyse: [....25] [ip4][..tcp] [..192.168.1.184][56629] -> [....51.38.60.79][30303] [Mining][Mining][Unsafe]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|   0.073|   0.008|   0.018]
+                   [IAT(c->s)...:    0.000|   0.043|   0.005|   0.013][IAT(s->c)...:    0.000|   0.073|   0.012|   0.023]
+                   [PKTLEN(c->s):   66.000| 487.000| 101.400|  95.100][PKTLEN(s->c):   60.000| 406.000|  95.400|  90.500]
+                   [BINS(c->s)..: 15,2,0,1,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 11,1,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+         detected: [....16] [ip4][..tcp] [..192.168.1.184][56620] -> [191.234.162.198][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+         detected: [....30] [ip4][..tcp] [..192.168.1.184][56633] -> [.82.145.220.249][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+         detected: [....27] [ip4][..tcp] [..192.168.1.184][56630] -> [..40.67.144.128][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+              new: [....33] [ip4][..tcp] [..192.168.1.184][56634] -> [..159.203.84.31][30303] 
+         detected: [....18] [ip4][..tcp] [..192.168.1.184][56622] -> [..18.138.108.67][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+              new: [....34] [ip4][..tcp] [..192.168.1.184][56635] -> [.162.228.29.160][30303] 
+         detected: [....19] [ip4][..tcp] [..192.168.1.184][56623] -> [...18.138.81.28][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+         detected: [....14] [ip4][..tcp] [..192.168.1.184][56617] -> [...34.97.172.22][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+         detected: [....10] [ip4][..tcp] [..192.168.1.184][56610] -> [..165.22.107.33][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+         detected: [....17] [ip4][..tcp] [..192.168.1.184][56621] -> [..52.187.207.27][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+          analyse: [....28] [ip4][..tcp] [..192.168.1.184][56632] -> [...51.38.81.180][30303] [Mining][Mining][Unsafe]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|   0.079|   0.012|   0.027]
+                   [IAT(c->s)...:    0.000|   0.079|   0.007|   0.022][IAT(s->c)...:    0.000|   0.078|   0.020|   0.032]
+                   [PKTLEN(c->s):   66.000| 545.000| 100.800| 102.900][PKTLEN(s->c):   60.000| 505.000| 111.400| 124.900]
+                   [BINS(c->s)..: 17,2,0,1,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 9,1,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+          analyse: [....30] [ip4][..tcp] [..192.168.1.184][56633] -> [.82.145.220.249][30303] [Mining][Mining][Unsafe]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|   0.077|   0.012|   0.026]
+                   [IAT(c->s)...:    0.000|   0.076|   0.010|   0.025][IAT(s->c)...:    0.000|   0.077|   0.014|   0.028]
+                   [PKTLEN(c->s):   66.000| 508.000| 106.800| 104.400][PKTLEN(s->c):   60.000| 488.000|  94.500| 105.900]
+                   [BINS(c->s)..: 13,2,0,1,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 12,2,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+              new: [....35] [ip4][..tcp] [..192.168.1.184][56637] -> [.35.233.197.131][30303] 
+              new: [....36] [ip4][..tcp] [..192.168.1.184][56638] -> [209.250.240.205][30303] 
+              new: [....37] [ip4][..udp] [..192.168.1.184][30303] -> [.35.180.246.169][30301] 
+         detected: [....37] [ip4][..udp] [..192.168.1.184][30303] -> [.35.180.246.169][30301] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+              new: [....38] [ip4][..tcp] [..192.168.1.184][56639] -> [.18.219.167.159][30303] 
+         detected: [....33] [ip4][..tcp] [..192.168.1.184][56634] -> [..159.203.84.31][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+          analyse: [....24] [ip4][..tcp] [..192.168.1.184][56628] -> [....3.209.45.79][30303] [Mining][Mining][Unsafe]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|   0.164|   0.023|   0.053]
+                   [IAT(c->s)...:    0.000|   0.163|   0.015|   0.045][IAT(s->c)...:    0.000|   0.164|   0.038|   0.062]
+                   [PKTLEN(c->s):   66.000| 461.000|  96.800|  85.700][PKTLEN(s->c):   60.000| 536.000| 114.700| 133.600]
+                   [BINS(c->s)..: 17,2,0,1,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 9,1,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+         detected: [....36] [ip4][..tcp] [..192.168.1.184][56638] -> [209.250.240.205][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+         detected: [....34] [ip4][..tcp] [..192.168.1.184][56635] -> [.162.228.29.160][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+              new: [....39] [ip4][..tcp] [..192.168.1.184][56641] -> [.144.91.120.135][30303] 
+              new: [....40] [ip4][..tcp] [..192.168.1.184][56642] -> [..178.62.10.218][30303] 
+              new: [....41] [ip4][..tcp] [..192.168.1.184][56643] -> [..178.62.29.183][30303] 
+          analyse: [....36] [ip4][..tcp] [..192.168.1.184][56638] -> [209.250.240.205][30303] [Mining][Mining][Unsafe]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|   0.043|   0.007|   0.014]
+                   [IAT(c->s)...:    0.000|   0.043|   0.006|   0.013][IAT(s->c)...:    0.000|   0.041|   0.009|   0.015]
+                   [PKTLEN(c->s):   66.000| 481.000| 115.300|  95.500][PKTLEN(s->c):   66.000| 560.000| 127.800| 135.600]
+                   [BINS(c->s)..: 13,3,0,2,0,1,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 9,1,0,0,1,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+              new: [....42] [ip4][..tcp] [..192.168.1.184][56644] -> [..13.230.108.42][30303] 
+         detected: [....39] [ip4][..tcp] [..192.168.1.184][56641] -> [.144.91.120.135][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+          analyse: [....27] [ip4][..tcp] [..192.168.1.184][56630] -> [..40.67.144.128][30303] [Mining][Mining][Unsafe]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|   0.158|   0.021|   0.049]
+                   [IAT(c->s)...:    0.000|   0.158|   0.016|   0.044][IAT(s->c)...:    0.000|   0.158|   0.027|   0.053]
+                   [PKTLEN(c->s):   66.000| 497.000| 103.900|  99.500][PKTLEN(s->c):   60.000| 489.000|  97.900| 109.100]
+                   [BINS(c->s)..: 14,2,0,1,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 12,1,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+              new: [....43] [ip4][..tcp] [..192.168.1.184][56645] -> [.185.219.133.62][30303] 
+         detected: [....38] [ip4][..tcp] [..192.168.1.184][56639] -> [.18.219.167.159][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+         detected: [....40] [ip4][..tcp] [..192.168.1.184][56642] -> [..178.62.10.218][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+         detected: [....41] [ip4][..tcp] [..192.168.1.184][56643] -> [..178.62.29.183][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+              new: [....44] [ip4][..tcp] [..192.168.1.184][56646] -> [..172.105.94.62][30303] 
+         detected: [....43] [ip4][..tcp] [..192.168.1.184][56645] -> [.185.219.133.62][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+              new: [....45] [ip4][..tcp] [..192.168.1.184][56647] -> [.182.162.161.61][30303] 
+          analyse: [....11] [ip4][..tcp] [..192.168.1.184][56611] -> [..104.42.217.25][30303] [Mining][Mining][Unsafe]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|   0.202|   0.031|   0.071]
+                   [IAT(c->s)...:    0.000|   0.201|   0.020|   0.059][IAT(s->c)...:    0.000|   0.202|   0.052|   0.085]
+                   [PKTLEN(c->s):   66.000| 556.000| 101.300| 105.100][PKTLEN(s->c):   60.000| 533.000| 114.500| 132.700]
+                   [BINS(c->s)..: 17,2,0,1,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 9,1,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+         detected: [....44] [ip4][..tcp] [..192.168.1.184][56646] -> [..172.105.94.62][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+          analyse: [....33] [ip4][..tcp] [..192.168.1.184][56634] -> [..159.203.84.31][30303] [Mining][Mining][Unsafe]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|   0.109|   0.018|   0.040]
+                   [IAT(c->s)...:    0.000|   0.109|   0.011|   0.033][IAT(s->c)...:    0.000|   0.109|   0.030|   0.048]
+                   [PKTLEN(c->s):   66.000| 637.000| 105.200| 121.900][PKTLEN(s->c):   60.000| 579.000| 118.100| 146.100]
+                   [BINS(c->s)..: 17,2,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 9,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+              new: [....46] [ip4][..tcp] [..192.168.1.184][56650] -> [.35.228.250.140][30303] 
+              new: [....47] [ip4][..tcp] [..192.168.1.184][56651] -> [..138.201.12.87][30303] 
+          analyse: [....41] [ip4][..tcp] [..192.168.1.184][56643] -> [..178.62.29.183][30303] [Mining][Mining][Unsafe]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|   0.049|   0.009|   0.018]
+                   [IAT(c->s)...:    0.000|   0.049|   0.007|   0.017][IAT(s->c)...:    0.000|   0.047|   0.012|   0.019]
+                   [PKTLEN(c->s):   66.000| 535.000| 104.400| 102.700][PKTLEN(s->c):   66.000| 384.000| 110.900|  88.900]
+                   [BINS(c->s)..: 15,3,0,1,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 8,2,0,1,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+              new: [....48] [ip4][..tcp] [..192.168.1.184][56652] -> [..176.9.136.209][30303] 
+         detected: [....47] [ip4][..tcp] [..192.168.1.184][56651] -> [..138.201.12.87][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+              new: [....49] [ip4][..tcp] [..192.168.1.184][56654] -> [..85.214.108.52][30303] 
+              new: [....50] [ip4][..udp] [..192.168.1.184][30303] -> [.18.219.167.159][30303] 
+         detected: [....50] [ip4][..udp] [..192.168.1.184][30303] -> [.18.219.167.159][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+          analyse: [....43] [ip4][..tcp] [..192.168.1.184][56645] -> [.185.219.133.62][30303] [Mining][Mining][Unsafe]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|   0.052|   0.010|   0.019]
+                   [IAT(c->s)...:    0.000|   0.052|   0.008|   0.018][IAT(s->c)...:    0.000|   0.050|   0.012|   0.020]
+                   [PKTLEN(c->s):   66.000| 476.000| 101.500|  90.400][PKTLEN(s->c):   66.000| 448.000| 118.600| 107.800]
+                   [BINS(c->s)..: 15,3,0,1,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 8,2,0,0,1,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+              new: [....51] [ip4][..tcp] [..192.168.1.184][56655] -> [.202.112.28.106][30303] 
+         detected: [....48] [ip4][..tcp] [..192.168.1.184][56652] -> [..176.9.136.209][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+         detected: [....46] [ip4][..tcp] [..192.168.1.184][56650] -> [.35.228.250.140][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+          analyse: [....15] [ip4][..tcp] [..192.168.1.184][56618] -> [.52.231.165.108][30303] [Mining][Mining][Unsafe]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|   0.262|   0.038|   0.087]
+                   [IAT(c->s)...:    0.000|   0.262|   0.024|   0.073][IAT(s->c)...:    0.000|   0.262|   0.063|   0.104]
+                   [PKTLEN(c->s):   66.000| 516.000|  99.400|  96.900][PKTLEN(s->c):   60.000| 519.000| 113.200| 128.700]
+                   [BINS(c->s)..: 17,2,0,1,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 9,1,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+          analyse: [....16] [ip4][..tcp] [..192.168.1.184][56620] -> [191.234.162.198][30303] [Mining][Mining][Unsafe]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|   0.263|   0.038|   0.087]
+                   [IAT(c->s)...:    0.000|   0.263|   0.024|   0.073][IAT(s->c)...:    0.000|   0.263|   0.063|   0.104]
+                   [PKTLEN(c->s):   66.000| 578.000| 102.400| 109.700][PKTLEN(s->c):   60.000| 525.000| 113.200| 130.700]
+                   [BINS(c->s)..: 17,2,0,1,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 9,1,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+         detected: [....49] [ip4][..tcp] [..192.168.1.184][56654] -> [..85.214.108.52][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+              new: [....52] [ip4][..tcp] [..192.168.1.184][56657] -> [.138.75.171.190][30303] 
+              new: [....53] [ip4][..tcp] [..192.168.1.184][56658] -> [.157.230.152.87][30303] 
+          analyse: [....47] [ip4][..tcp] [..192.168.1.184][56651] -> [..138.201.12.87][30303] [Mining][Mining][Unsafe]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|   0.037|   0.006|   0.012]
+                   [IAT(c->s)...:    0.000|   0.037|   0.004|   0.011][IAT(s->c)...:    0.000|   0.034|   0.007|   0.013]
+                   [PKTLEN(c->s):   66.000| 483.000| 103.200|  96.400][PKTLEN(s->c):   60.000| 393.000|  91.500|  84.400]
+                   [BINS(c->s)..: 14,2,0,1,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 12,1,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+          analyse: [....44] [ip4][..tcp] [..192.168.1.184][56646] -> [..172.105.94.62][30303] [Mining][Mining][Unsafe]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|   0.116|   0.012|   0.026]
+                   [IAT(c->s)...:    0.000|   0.116|   0.010|   0.026][IAT(s->c)...:    0.000|   0.091|   0.016|   0.025]
+                   [PKTLEN(c->s):   66.000| 540.000| 107.100| 103.100][PKTLEN(s->c):   66.000| 398.000| 131.700| 115.300]
+                   [BINS(c->s)..: 14,4,0,1,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 9,0,0,0,0,0,1,1,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+          analyse: [....48] [ip4][..tcp] [..192.168.1.184][56652] -> [..176.9.136.209][30303] [Mining][Mining][Unsafe]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|   0.035|   0.006|   0.012]
+                   [IAT(c->s)...:    0.000|   0.035|   0.004|   0.011][IAT(s->c)...:    0.000|   0.034|   0.007|   0.013]
+                   [PKTLEN(c->s):   66.000| 597.000| 109.500| 121.600][PKTLEN(s->c):   60.000| 494.000|  98.300| 110.300]
+                   [BINS(c->s)..: 14,2,0,1,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 12,1,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+              new: [....54] [ip4][..tcp] [..192.168.1.184][56660] -> [...51.161.23.12][30303] 
+              new: [....55] [ip4][..tcp] [..192.168.1.184][56661] -> [....52.9.128.68][30303] 
+              new: [....56] [ip4][..tcp] [..192.168.1.184][56662] -> [..35.229.232.19][30303] 
+              new: [....57] [ip4][..tcp] [..192.168.1.184][56663] -> [124.217.235.180][30303] 
+          analyse: [....34] [ip4][..tcp] [..192.168.1.184][56635] -> [.162.228.29.160][30303] [Mining][Mining][Unsafe]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|   0.159|   0.026|   0.057]
+                   [IAT(c->s)...:    0.000|   0.159|   0.016|   0.048][IAT(s->c)...:    0.000|   0.158|   0.043|   0.068]
+                   [PKTLEN(c->s):   66.000| 479.000|  97.700|  89.400][PKTLEN(s->c):   60.000| 471.000| 108.800| 115.000]
+                   [BINS(c->s)..: 17,2,0,1,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 9,1,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+          analyse: [....38] [ip4][..tcp] [..192.168.1.184][56639] -> [.18.219.167.159][30303] [Mining][Mining][Unsafe]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|   0.131|   0.020|   0.046]
+                   [IAT(c->s)...:    0.000|   0.131|   0.013|   0.039][IAT(s->c)...:    0.000|   0.131|   0.031|   0.054]
+                   [PKTLEN(c->s):   66.000| 587.000| 104.700| 114.000][PKTLEN(s->c):   60.000| 556.000| 110.800| 134.700]
+                   [BINS(c->s)..: 16,2,0,1,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 10,1,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+          analyse: [....46] [ip4][..tcp] [..192.168.1.184][56650] -> [.35.228.250.140][30303] [Mining][Mining][Unsafe]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|   0.057|   0.011|   0.022]
+                   [IAT(c->s)...:    0.000|   0.057|   0.009|   0.021][IAT(s->c)...:    0.000|   0.057|   0.015|   0.024]
+                   [PKTLEN(c->s):   66.000| 528.000| 104.100| 101.300][PKTLEN(s->c):   66.000| 508.000| 131.500| 120.500]
+                   [BINS(c->s)..: 15,3,0,1,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 7,2,1,0,1,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+          analyse: [....18] [ip4][..tcp] [..192.168.1.184][56622] -> [..18.138.108.67][30303] [Mining][Mining][Unsafe]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|   0.300|   0.044|   0.100]
+                   [IAT(c->s)...:    0.000|   0.300|   0.028|   0.083][IAT(s->c)...:    0.000|   0.300|   0.073|   0.120]
+                   [PKTLEN(c->s):   66.000| 597.000| 103.300| 113.600][PKTLEN(s->c):   60.000| 384.000| 100.400|  90.300]
+                   [BINS(c->s)..: 17,2,0,1,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 9,1,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+          analyse: [....19] [ip4][..tcp] [..192.168.1.184][56623] -> [...18.138.81.28][30303] [Mining][Mining][Unsafe]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|   0.308|   0.045|   0.103]
+                   [IAT(c->s)...:    0.000|   0.308|   0.029|   0.085][IAT(s->c)...:    0.000|   0.308|   0.075|   0.123]
+                   [PKTLEN(c->s):   66.000| 537.000| 100.400| 101.200][PKTLEN(s->c):   60.000| 488.000| 110.400| 119.800]
+                   [BINS(c->s)..: 17,2,0,1,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 9,1,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+              new: [....58] [ip4][..udp] [183.129.242.164][.1024] -> [..192.168.1.184][30303] 
+         detected: [....58] [ip4][..udp] [183.129.242.164][.1024] -> [..192.168.1.184][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+         detected: [....54] [ip4][..tcp] [..192.168.1.184][56660] -> [...51.161.23.12][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+         detected: [....53] [ip4][..tcp] [..192.168.1.184][56658] -> [.157.230.152.87][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+          analyse: [....10] [ip4][..tcp] [..192.168.1.184][56610] -> [..165.22.107.33][30303] [Mining][Mining][Unsafe]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|   0.339|   0.050|   0.114]
+                   [IAT(c->s)...:    0.000|   0.339|   0.032|   0.094][IAT(s->c)...:    0.000|   0.339|   0.083|   0.136]
+                   [PKTLEN(c->s):   66.000| 640.000| 105.300| 122.500][PKTLEN(s->c):   60.000| 462.000| 107.500| 112.600]
+                   [BINS(c->s)..: 17,2,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 9,1,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+         detected: [....55] [ip4][..tcp] [..192.168.1.184][56661] -> [....52.9.128.68][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+              new: [....59] [ip4][..udp] [..192.168.1.184][30303] -> [.202.112.28.106][30303] 
+         detected: [....59] [ip4][..udp] [..192.168.1.184][30303] -> [.202.112.28.106][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+         detected: [....45] [ip4][..tcp] [..192.168.1.184][56647] -> [.182.162.161.61][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+         detected: [....52] [ip4][..tcp] [..192.168.1.184][56657] -> [.138.75.171.190][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+          analyse: [....17] [ip4][..tcp] [..192.168.1.184][56621] -> [..52.187.207.27][30303] [Mining][Mining][Unsafe]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|   0.355|   0.054|   0.122]
+                   [IAT(c->s)...:    0.000|   0.355|   0.034|   0.101][IAT(s->c)...:    0.000|   0.355|   0.090|   0.146]
+                   [PKTLEN(c->s):   66.000| 591.000| 103.000| 112.400][PKTLEN(s->c):   60.000| 517.000| 113.000| 128.200]
+                   [BINS(c->s)..: 17,2,0,1,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 9,1,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+              new: [....60] [ip4][..udp] [..192.168.1.184][30303] -> [..106.12.39.168][30333] 
+         detected: [....60] [ip4][..udp] [..192.168.1.184][30303] -> [..106.12.39.168][30333] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+              new: [....61] [ip4][..tcp] [..192.168.1.184][56670] -> [..167.86.122.50][30303] 
+              new: [....62] [ip4][..tcp] [..192.168.1.184][56671] -> [..86.107.243.62][30303] 
+         detected: [....56] [ip4][..tcp] [..192.168.1.184][56662] -> [..35.229.232.19][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+         detected: [....51] [ip4][..tcp] [..192.168.1.184][56655] -> [.202.112.28.106][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+         detected: [....62] [ip4][..tcp] [..192.168.1.184][56671] -> [..86.107.243.62][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+         detected: [....61] [ip4][..tcp] [..192.168.1.184][56670] -> [..167.86.122.50][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+         detected: [....57] [ip4][..tcp] [..192.168.1.184][56663] -> [124.217.235.180][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+          analyse: [....54] [ip4][..tcp] [..192.168.1.184][56660] -> [...51.161.23.12][30303] [Mining][Mining][Unsafe]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|   0.147|   0.028|   0.054]
+                   [IAT(c->s)...:    0.000|   0.147|   0.022|   0.051][IAT(s->c)...:    0.000|   0.142|   0.036|   0.059]
+                   [PKTLEN(c->s):   66.000| 639.000| 109.700| 124.700][PKTLEN(s->c):   66.000| 487.000| 121.800| 117.200]
+                   [BINS(c->s)..: 15,3,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 8,2,0,0,1,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+              new: [....63] [ip4][..tcp] [..192.168.1.184][56672] -> [139.162.255.210][30303] 
+              new: [....64] [ip4][..tcp] [..192.168.1.184][56673] -> [..78.47.147.155][30303] 
+          analyse: [....62] [ip4][..tcp] [..192.168.1.184][56671] -> [..86.107.243.62][30303] [Mining][Mining][Unsafe]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|   0.039|   0.010|   0.016]
+                   [IAT(c->s)...:    0.000|   0.039|   0.006|   0.014][IAT(s->c)...:    0.000|   0.039|   0.019|   0.018]
+                   [PKTLEN(c->s):   66.000| 606.000| 105.200| 107.600][PKTLEN(s->c):   66.000| 430.000| 168.500| 136.600]
+                   [BINS(c->s)..: 17,5,0,1,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 5,0,0,0,0,0,1,1,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+              new: [....65] [ip4][..tcp] [..192.168.1.184][56674] -> [...94.68.55.162][30303] 
+         detected: [....63] [ip4][..tcp] [..192.168.1.184][56672] -> [139.162.255.210][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+              new: [....66] [ip4][..tcp] [..192.168.1.184][56675] -> [..35.235.37.216][30303] 
+         detected: [....64] [ip4][..tcp] [..192.168.1.184][56673] -> [..78.47.147.155][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+         detected: [....66] [ip4][..tcp] [..192.168.1.184][56675] -> [..35.235.37.216][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+          analyse: [....53] [ip4][..tcp] [..192.168.1.184][56658] -> [.157.230.152.87][30303] [Mining][Mining][Unsafe]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|   0.184|   0.035|   0.071]
+                   [IAT(c->s)...:    0.000|   0.183|   0.029|   0.066][IAT(s->c)...:    0.000|   0.184|   0.045|   0.078]
+                   [PKTLEN(c->s):   66.000| 649.000| 110.200| 127.000][PKTLEN(s->c):   66.000| 457.000| 120.700| 110.100]
+                   [BINS(c->s)..: 15,3,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 8,2,0,0,0,1,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+         detected: [....65] [ip4][..tcp] [..192.168.1.184][56674] -> [...94.68.55.162][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+              new: [....67] [ip4][..tcp] [..192.168.1.184][56678] -> [..13.251.14.199][30303] 
+          analyse: [....63] [ip4][..tcp] [..192.168.1.184][56672] -> [139.162.255.210][30303] [Mining][Mining][Unsafe]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|   0.042|   0.007|   0.015]
+                   [IAT(c->s)...:    0.000|   0.042|   0.005|   0.013][IAT(s->c)...:    0.000|   0.042|   0.009|   0.017]
+                   [PKTLEN(c->s):   66.000| 452.000| 101.400|  89.600][PKTLEN(s->c):   60.000| 422.000|  93.600|  91.800]
+                   [BINS(c->s)..: 14,2,0,1,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 12,1,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+              new: [....68] [ip4][..tcp] [..192.168.1.184][56679] -> [..35.228.158.52][30303] 
+          analyse: [....55] [ip4][..tcp] [..192.168.1.184][56661] -> [....52.9.128.68][30303] [Mining][Mining][Unsafe]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|   0.194|   0.037|   0.074]
+                   [IAT(c->s)...:    0.000|   0.194|   0.030|   0.069][IAT(s->c)...:    0.000|   0.194|   0.048|   0.082]
+                   [PKTLEN(c->s):   66.000| 538.000| 104.600| 103.300][PKTLEN(s->c):   66.000| 494.000| 130.300| 116.000]
+                   [BINS(c->s)..: 15,3,0,1,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 7,2,1,0,1,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+              new: [....69] [ip4][..tcp] [..192.168.1.184][56680] -> [...138.59.17.58][30303] 
+              new: [....70] [ip4][..tcp] [..192.168.1.184][56681] -> [207.180.206.216][30303] 
+         detected: [....68] [ip4][..tcp] [..192.168.1.184][56679] -> [..35.228.158.52][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+              new: [....71] [ip4][..udp] [..192.168.1.184][30303] -> [..167.86.122.50][30303] 
+         detected: [....71] [ip4][..udp] [..192.168.1.184][30303] -> [..167.86.122.50][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+         detected: [....70] [ip4][..tcp] [..192.168.1.184][56681] -> [207.180.206.216][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+          analyse: [....65] [ip4][..tcp] [..192.168.1.184][56674] -> [...94.68.55.162][30303] [Mining][Mining][Unsafe]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|   0.075|   0.014|   0.028]
+                   [IAT(c->s)...:    0.000|   0.075|   0.012|   0.026][IAT(s->c)...:    0.000|   0.075|   0.018|   0.031]
+                   [PKTLEN(c->s):   66.000| 613.000| 108.300| 119.200][PKTLEN(s->c):   66.000| 570.000| 136.700| 136.800]
+                   [BINS(c->s)..: 15,3,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 7,2,1,0,1,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+              new: [....72] [ip4][..tcp] [..192.168.1.184][56684] -> [...51.83.237.44][30303] 
+          analyse: [....52] [ip4][..tcp] [..192.168.1.184][56657] -> [.138.75.171.190][30303] [Mining][Mining][Unsafe]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|   0.263|   0.042|   0.096]
+                   [IAT(c->s)...:    0.000|   0.263|   0.033|   0.086][IAT(s->c)...:    0.000|   0.261|   0.052|   0.104]
+                   [PKTLEN(c->s):   66.000| 605.000| 112.500| 126.500][PKTLEN(s->c):   60.000| 525.000|  97.400| 115.000]
+                   [BINS(c->s)..: 13,2,0,1,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 12,2,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+              new: [....73] [ip4][..tcp] [..192.168.1.184][56685] -> [...88.99.93.219][30303] 
+         detected: [....72] [ip4][..tcp] [..192.168.1.184][56684] -> [...51.83.237.44][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+         detected: [....69] [ip4][..tcp] [..192.168.1.184][56680] -> [...138.59.17.58][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+         detected: [....73] [ip4][..tcp] [..192.168.1.184][56685] -> [...88.99.93.219][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+              new: [....74] [ip4][..tcp] [..192.168.1.184][56686] -> [.206.189.107.35][30303] 
+         detected: [....67] [ip4][..tcp] [..192.168.1.184][56678] -> [..13.251.14.199][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+         detected: [....74] [ip4][..tcp] [..192.168.1.184][56686] -> [.206.189.107.35][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+          analyse: [....64] [ip4][..tcp] [..192.168.1.184][56673] -> [..78.47.147.155][30303] [Mining][Mining][Unsafe]
+                   [min|max|avg|stddev]
+                   [IAT(flow)...:    0.000|   0.286|   0.027|   0.065]
+                   [IAT(c->s)...:    0.000|   0.286|   0.019|   0.060][IAT(s->c)...:    0.000|   0.247|   0.046|   0.073]
+                   [PKTLEN(c->s):   66.000| 633.000| 108.400| 114.800][PKTLEN(s->c):   66.000| 413.000| 162.300| 125.600]
+                   [BINS(c->s)..: 16,5,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+                   [BINS(s->c)..: 5,0,1,0,0,0,1,1,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+              end: [....52] [ip4][..tcp] [..192.168.1.184][56657] -> [.138.75.171.190][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+             idle: [....69] [ip4][..tcp] [..192.168.1.184][56680] -> [...138.59.17.58][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+              end: [....43] [ip4][..tcp] [..192.168.1.184][56645] -> [.185.219.133.62][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+              end: [....46] [ip4][..tcp] [..192.168.1.184][56650] -> [.35.228.250.140][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+             idle: [....50] [ip4][..udp] [..192.168.1.184][30303] -> [.18.219.167.159][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+              end: [....68] [ip4][..tcp] [..192.168.1.184][56679] -> [..35.228.158.52][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+              end: [....65] [ip4][..tcp] [..192.168.1.184][56674] -> [...94.68.55.162][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+              end: [....34] [ip4][..tcp] [..192.168.1.184][56635] -> [.162.228.29.160][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+              end: [....70] [ip4][..tcp] [..192.168.1.184][56681] -> [207.180.206.216][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+              end: [....56] [ip4][..tcp] [..192.168.1.184][56662] -> [..35.229.232.19][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+             idle: [....37] [ip4][..udp] [..192.168.1.184][30303] -> [.35.180.246.169][30301] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+             idle: [....29] [ip4][..udp] [..192.168.1.184][30303] -> [..54.36.160.211][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+             idle: [....60] [ip4][..udp] [..192.168.1.184][30303] -> [..106.12.39.168][30333] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+             idle: [....74] [ip4][..tcp] [..192.168.1.184][56686] -> [.206.189.107.35][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+              end: [....13] [ip4][..tcp] [..192.168.1.184][56615] -> [.35.158.244.151][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+          guessed: [....42] [ip4][..tcp] [..192.168.1.184][56644] -> [..13.230.108.42][30303] [Mining.AmazonAWS][Cloud][Acceptable]
+             idle: [....42] [ip4][..tcp] [..192.168.1.184][56644] -> [..13.230.108.42][30303] 
+              end: [....25] [ip4][..tcp] [..192.168.1.184][56629] -> [....51.38.60.79][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+              end: [....28] [ip4][..tcp] [..192.168.1.184][56632] -> [...51.38.81.180][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+              end: [....20] [ip4][..tcp] [..192.168.1.184][56624] -> [....89.38.99.34][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+              end: [....49] [ip4][..tcp] [..192.168.1.184][56654] -> [..85.214.108.52][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+             idle: [.....3] [ip4][..udp] [...3.112.138.57][25516] -> [..192.168.1.184][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+              end: [....10] [ip4][..tcp] [..192.168.1.184][56610] -> [..165.22.107.33][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+             idle: [.....1] [ip4][..udp] [...87.14.222.25][56693] -> [..192.168.1.184][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+              end: [....53] [ip4][..tcp] [..192.168.1.184][56658] -> [.157.230.152.87][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+              end: [....40] [ip4][..tcp] [..192.168.1.184][56642] -> [..178.62.10.218][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+              end: [....41] [ip4][..tcp] [..192.168.1.184][56643] -> [..178.62.29.183][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+              end: [....61] [ip4][..tcp] [..192.168.1.184][56670] -> [..167.86.122.50][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+             idle: [....31] [ip4][..udp] [..192.168.1.184][30303] -> [..111.229.0.180][20182] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+              end: [....23] [ip4][..tcp] [..192.168.1.184][56627] -> [..34.255.23.113][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+              end: [....15] [ip4][..tcp] [..192.168.1.184][56618] -> [.52.231.165.108][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+              end: [....64] [ip4][..tcp] [..192.168.1.184][56673] -> [..78.47.147.155][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+             idle: [....71] [ip4][..udp] [..192.168.1.184][30303] -> [..167.86.122.50][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+             idle: [....32] [ip4][..udp] [..192.168.1.184][30303] -> [...209.97.143.1][50000] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+             idle: [.....5] [ip4][..udp] [..192.168.1.184][30303] -> [.52.231.165.108][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+             idle: [.....2] [ip4][..udp] [...60.191.32.71][30303] -> [..192.168.1.184][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+             idle: [....58] [ip4][..udp] [183.129.242.164][.1024] -> [..192.168.1.184][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+              end: [....22] [ip4][..tcp] [..192.168.1.184][56626] -> [178.128.195.220][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+             idle: [....51] [ip4][..tcp] [..192.168.1.184][56655] -> [.202.112.28.106][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+          guessed: [....21] [ip4][..tcp] [..192.168.1.184][56625] -> [.....5.1.83.226][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+             idle: [....21] [ip4][..tcp] [..192.168.1.184][56625] -> [.....5.1.83.226][30303] 
+              end: [....24] [ip4][..tcp] [..192.168.1.184][56628] -> [....3.209.45.79][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+              end: [....14] [ip4][..tcp] [..192.168.1.184][56617] -> [...34.97.172.22][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+          guessed: [....35] [ip4][..tcp] [..192.168.1.184][56637] -> [.35.233.197.131][30303] [Mining.GoogleCloud][Cloud][Acceptable]
+             idle: [....35] [ip4][..tcp] [..192.168.1.184][56637] -> [.35.233.197.131][30303] 
+              end: [....54] [ip4][..tcp] [..192.168.1.184][56660] -> [...51.161.23.12][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+              end: [....55] [ip4][..tcp] [..192.168.1.184][56661] -> [....52.9.128.68][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+              end: [....30] [ip4][..tcp] [..192.168.1.184][56633] -> [.82.145.220.249][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+              end: [....57] [ip4][..tcp] [..192.168.1.184][56663] -> [124.217.235.180][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+              end: [....47] [ip4][..tcp] [..192.168.1.184][56651] -> [..138.201.12.87][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+             idle: [....26] [ip4][..udp] [..192.168.1.184][30303] -> [...128.0.51.140][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+              end: [....44] [ip4][..tcp] [..192.168.1.184][56646] -> [..172.105.94.62][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+              end: [....48] [ip4][..tcp] [..192.168.1.184][56652] -> [..176.9.136.209][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+             idle: [....59] [ip4][..udp] [..192.168.1.184][30303] -> [.202.112.28.106][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+              end: [....18] [ip4][..tcp] [..192.168.1.184][56622] -> [..18.138.108.67][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+              end: [....19] [ip4][..tcp] [..192.168.1.184][56623] -> [...18.138.81.28][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+             idle: [.....9] [ip4][..tcp] [..192.168.1.184][56612] -> [...66.42.82.246][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+             idle: [.....4] [ip4][..udp] [..192.168.1.184][30303] -> [....3.209.45.79][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+              end: [....11] [ip4][..tcp] [..192.168.1.184][56611] -> [..104.42.217.25][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+             idle: [.....7] [ip4][..udp] [..192.168.1.184][30303] -> [...34.97.172.22][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+              end: [....63] [ip4][..tcp] [..192.168.1.184][56672] -> [139.162.255.210][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+              end: [....16] [ip4][..tcp] [..192.168.1.184][56620] -> [191.234.162.198][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+              end: [....45] [ip4][..tcp] [..192.168.1.184][56647] -> [.182.162.161.61][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+              end: [....36] [ip4][..tcp] [..192.168.1.184][56638] -> [209.250.240.205][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+              end: [....38] [ip4][..tcp] [..192.168.1.184][56639] -> [.18.219.167.159][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+              end: [....27] [ip4][..tcp] [..192.168.1.184][56630] -> [..40.67.144.128][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+              end: [....17] [ip4][..tcp] [..192.168.1.184][56621] -> [..52.187.207.27][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+             idle: [....67] [ip4][..tcp] [..192.168.1.184][56678] -> [..13.251.14.199][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+             idle: [.....6] [ip4][..udp] [..192.168.1.184][30303] -> [..18.138.108.67][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+              end: [....66] [ip4][..tcp] [..192.168.1.184][56675] -> [..35.235.37.216][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+              end: [....72] [ip4][..tcp] [..192.168.1.184][56684] -> [...51.83.237.44][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+             idle: [.....8] [ip4][..udp] [..192.168.1.184][30303] -> [...66.42.82.246][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+              end: [....62] [ip4][..tcp] [..192.168.1.184][56671] -> [..86.107.243.62][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+             idle: [....73] [ip4][..tcp] [..192.168.1.184][56685] -> [...88.99.93.219][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+              end: [....12] [ip4][..tcp] [..192.168.1.184][56613] -> [.162.243.160.83][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+              end: [....39] [ip4][..tcp] [..192.168.1.184][56641] -> [.144.91.120.135][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+              end: [....33] [ip4][..tcp] [..192.168.1.184][56634] -> [..159.203.84.31][30303] [Mining][Mining][Unsafe]
+                   RISK: Unsafe Protocol
+     DAEMON-EVENT: shutdown

test/results/flow-info/ethernetIP.pcap.out

@@ -0,0 +1,16 @@
+     DAEMON-EVENT: init
+     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+              new: [.....1] [ip4][..tcp] [....141.81.0.10][50275] -> [....141.81.0.83][44818] [MIDSTREAM] 
+         detected: [.....1] [ip4][..tcp] [....141.81.0.10][50275] -> [....141.81.0.83][44818] [EthernetIP][Network][Acceptable]
+              new: [.....2] [ip4][..tcp] [....141.81.0.63][44818] -> [....141.81.0.10][52593] [MIDSTREAM] 
+         detected: [.....2] [ip4][..tcp] [....141.81.0.63][44818] -> [....141.81.0.10][52593] [EthernetIP][Network][Acceptable]
+              new: [.....3] [ip4][..tcp] [....141.81.0.10][52594] -> [....141.81.0.43][44818] [MIDSTREAM] 
+         detected: [.....3] [ip4][..tcp] [....141.81.0.10][52594] -> [....141.81.0.43][44818] [EthernetIP][Network][Acceptable]
+              new: [.....4] [ip4][..tcp] [....141.81.0.10][62717] -> [....141.81.0.23][44818] [MIDSTREAM] 
+         detected: [.....4] [ip4][..tcp] [....141.81.0.10][62717] -> [....141.81.0.23][44818] [EthernetIP][Network][Acceptable]
+             idle: [.....1] [ip4][..tcp] [....141.81.0.10][50275] -> [....141.81.0.83][44818] [EthernetIP][Network][Acceptable]
+             idle: [.....4] [ip4][..tcp] [....141.81.0.10][62717] -> [....141.81.0.23][44818] [EthernetIP][Network][Acceptable]
+             idle: [.....2] [ip4][..tcp] [....141.81.0.63][44818] -> [....141.81.0.10][52593] [EthernetIP][Network][Acceptable]
+             idle: [.....3] [ip4][..tcp] [....141.81.0.10][52594] -> [....141.81.0.43][44818] [EthernetIP][Network][Acceptable]
+     DAEMON-EVENT: shutdown