Add Radmin protocol dissector (#2283)

* Add Radmin protocol dissector * Update test results
2026-05-05 02:16:47 +00:00 · 2024-01-25 10:10:29 +03:00 · 2024-01-25 10:10:29 +03:00 · 4e712e3ab5
commit 4e712e3ab5
parent d577508727
102 changed files with 1691 additions and 1540 deletions
--- a/tests/cfgs/default/result/1kxun.pcap.out
+++ b/tests/cfgs/default/result/1kxun.pcap.out
@ -5,7 +5,7 @@ DPI Packets (UDP):	120	(1.21 pkts/flow)
 Confidence Unknown          : 14 (flows)
 Confidence Match by port    : 6 (flows)
 Confidence DPI              : 177 (flows)
-Num dissector calls: 4927 (25.01 diss/flow)
+Num dissector calls: 4930 (25.03 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/60/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/443-chrome.pcap.out
+++ b/tests/cfgs/default/result/443-chrome.pcap.out
@ -2,7 +2,7 @@ Guessed flow protos:	1

 DPI Packets (TCP):	1	(1.00 pkts/flow)
 Confidence Match by port    : 1 (flows)
-Num dissector calls: 140 (140.00 diss/flow)
+Num dissector calls: 141 (141.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/3/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/443-opvn.pcap.out
+++ b/tests/cfgs/default/result/443-opvn.pcap.out
@ -1,6 +1,6 @@
 DPI Packets (TCP):	6	(6.00 pkts/flow)
 Confidence DPI              : 1 (flows)
-Num dissector calls: 141 (141.00 diss/flow)
+Num dissector calls: 142 (142.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/KakaoTalk_chat.pcap.out
+++ b/tests/cfgs/default/result/KakaoTalk_chat.pcap.out
@ -5,7 +5,7 @@ DPI Packets (UDP):	36	(2.00 pkts/flow)
 DPI Packets (other):	1	(1.00 pkts/flow)
 Confidence Match by port    : 5 (flows)
 Confidence DPI              : 33 (flows)
-Num dissector calls: 567 (14.92 diss/flow)
+Num dissector calls: 569 (14.97 diss/flow)
 LRU cache ookla:      0/1/0 (insert/search/found)
 LRU cache bittorrent: 0/15/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/KakaoTalk_talk.pcap.out
+++ b/tests/cfgs/default/result/KakaoTalk_talk.pcap.out
@ -5,7 +5,7 @@ DPI Packets (UDP):	10	(2.00 pkts/flow)
 Confidence Match by port    : 8 (flows)
 Confidence DPI              : 11 (flows)
 Confidence Match by IP      : 1 (flows)
-Num dissector calls: 1188 (59.40 diss/flow)
+Num dissector calls: 1192 (59.60 diss/flow)
 LRU cache ookla:      0/2/0 (insert/search/found)
 LRU cache bittorrent: 0/27/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/Oscar.pcap.out
+++ b/tests/cfgs/default/result/Oscar.pcap.out
@ -2,7 +2,7 @@ Guessed flow protos:	1

 DPI Packets (TCP):	21	(21.00 pkts/flow)
 Confidence Match by port    : 1 (flows)
-Num dissector calls: 260 (260.00 diss/flow)
+Num dissector calls: 261 (261.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/3/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/alexa-app.pcapng.out
+++ b/tests/cfgs/default/result/alexa-app.pcapng.out
@ -5,7 +5,7 @@ DPI Packets (UDP):	64	(1.94 pkts/flow)
 DPI Packets (other):	6	(1.00 pkts/flow)
 Confidence Match by port    : 14 (flows)
 Confidence DPI              : 146 (flows)
-Num dissector calls: 554 (3.46 diss/flow)
+Num dissector calls: 555 (3.47 diss/flow)
 LRU cache ookla:      0/5/0 (insert/search/found)
 LRU cache bittorrent: 0/42/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/amqp.pcap.out
+++ b/tests/cfgs/default/result/amqp.pcap.out
@ -1,6 +1,6 @@
 DPI Packets (TCP):	9	(3.00 pkts/flow)
 Confidence DPI              : 3 (flows)
-Num dissector calls: 384 (128.00 diss/flow)
+Num dissector calls: 385 (128.33 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/anyconnect-vpn.pcap.out
+++ b/tests/cfgs/default/result/anyconnect-vpn.pcap.out
@ -6,7 +6,7 @@ DPI Packets (other):	10	(1.00 pkts/flow)
 Confidence Unknown          : 2 (flows)
 Confidence Match by port    : 6 (flows)
 Confidence DPI              : 61 (flows)
-Num dissector calls: 864 (12.52 diss/flow)
+Num dissector calls: 865 (12.54 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/24/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/bittorrent_tcp_miss.pcapng.out
+++ b/tests/cfgs/default/result/bittorrent_tcp_miss.pcapng.out
@ -1,6 +1,6 @@
 DPI Packets (TCP):	10	(10.00 pkts/flow)
 Confidence DPI              : 1 (flows)
-Num dissector calls: 240 (240.00 diss/flow)
+Num dissector calls: 241 (241.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 5/0/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/cassandra.pcap.out
+++ b/tests/cfgs/default/result/cassandra.pcap.out
@ -1,6 +1,6 @@
 DPI Packets (TCP):	16	(5.33 pkts/flow)
 Confidence DPI              : 3 (flows)
-Num dissector calls: 283 (94.33 diss/flow)
+Num dissector calls: 285 (95.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/cloudflare-warp.pcap.out
+++ b/tests/cfgs/default/result/cloudflare-warp.pcap.out
@ -4,7 +4,7 @@ DPI Packets (TCP):	41	(5.12 pkts/flow)
 Confidence Match by port    : 2 (flows)
 Confidence DPI              : 5 (flows)
 Confidence Match by IP      : 1 (flows)
-Num dissector calls: 197 (24.62 diss/flow)
+Num dissector calls: 198 (24.75 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/9/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/custom_rules_same-ip_multiple_ports.pcapng.out
+++ b/tests/cfgs/default/result/custom_rules_same-ip_multiple_ports.pcapng.out
@ -27,6 +27,6 @@ CustomProtocolC	3	222	1

 Acceptable                       8 592           3            

-	1	TCP 192.168.1.245:56866 -> 3.3.3.3:443 [proto: 91.397/TLS.CustomProtocolA][IP: 397/CustomProtocolA][Encrypted][Confidence: Match by custom rule][DPI packets: 1][cat: Web/5][3 pkts/222 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][3.05 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+	1	TCP 192.168.1.245:56866 -> 3.3.3.3:443 [proto: 91.398/TLS.CustomProtocolA][IP: 398/CustomProtocolA][Encrypted][Confidence: Match by custom rule][DPI packets: 1][cat: Web/5][3 pkts/222 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][3.05 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
 	2	TCP 192.168.1.245:58288 -> 3.3.3.3:446 [proto: 800/CustomProtocolC][IP: 800/CustomProtocolC][ClearText][Confidence: Match by custom rule][DPI packets: 1][3 pkts/222 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][3.04 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
-	3	TCP 192.168.1.245:59682 -> 3.3.3.3:444 [proto: 398/CustomProtocolB][IP: 398/CustomProtocolB][ClearText][Confidence: Match by custom rule][DPI packets: 1][2 pkts/148 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][1.02 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+	3	TCP 192.168.1.245:59682 -> 3.3.3.3:444 [proto: 399/CustomProtocolB][IP: 399/CustomProtocolB][ClearText][Confidence: Match by custom rule][DPI packets: 1][2 pkts/148 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][1.02 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
--- a/tests/cfgs/default/result/edonkey.pcap.out
+++ b/tests/cfgs/default/result/edonkey.pcap.out
@ -1,6 +1,6 @@
 DPI Packets (TCP):	5	(5.00 pkts/flow)
 Confidence DPI              : 1 (flows)
-Num dissector calls: 143 (143.00 diss/flow)
+Num dissector calls: 144 (144.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/emotet.pcap.out
+++ b/tests/cfgs/default/result/emotet.pcap.out
@ -1,6 +1,6 @@
 DPI Packets (TCP):	48	(8.00 pkts/flow)
 Confidence DPI              : 6 (flows)
-Num dissector calls: 215 (35.83 diss/flow)
+Num dissector calls: 216 (36.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/fastcgi.pcap.out
+++ b/tests/cfgs/default/result/fastcgi.pcap.out
@ -1,6 +1,6 @@
 DPI Packets (TCP):	6	(6.00 pkts/flow)
 Confidence DPI              : 1 (flows)
-Num dissector calls: 166 (166.00 diss/flow)
+Num dissector calls: 167 (167.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/ftp-start-tls.pcap.out
+++ b/tests/cfgs/default/result/ftp-start-tls.pcap.out
@ -1,6 +1,6 @@
 DPI Packets (TCP):	17	(17.00 pkts/flow)
 Confidence DPI              : 1 (flows)
-Num dissector calls: 168 (168.00 diss/flow)
+Num dissector calls: 169 (169.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/ftp.pcap.out
+++ b/tests/cfgs/default/result/ftp.pcap.out
@ -1,7 +1,7 @@
 DPI Packets (TCP):	39	(13.00 pkts/flow)
 Confidence Unknown          : 1 (flows)
 Confidence DPI              : 2 (flows)
-Num dissector calls: 537 (179.00 diss/flow)
+Num dissector calls: 539 (179.67 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/3/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/ftp_failed.pcap.out
+++ b/tests/cfgs/default/result/ftp_failed.pcap.out
@ -1,6 +1,6 @@
 DPI Packets (TCP):	8	(8.00 pkts/flow)
 Confidence DPI              : 1 (flows)
-Num dissector calls: 167 (167.00 diss/flow)
+Num dissector calls: 168 (168.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/fuzz-2006-06-26-2594.pcap.out
+++ b/tests/cfgs/default/result/fuzz-2006-06-26-2594.pcap.out
@ -6,7 +6,7 @@ DPI Packets (other):	5	(1.00 pkts/flow)
 Confidence Unknown          : 34 (flows)
 Confidence Match by port    : 27 (flows)
 Confidence DPI              : 190 (flows)
-Num dissector calls: 7112 (28.33 diss/flow)
+Num dissector calls: 7124 (28.38 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/189/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/fuzz-2006-09-29-28586.pcap.out
+++ b/tests/cfgs/default/result/fuzz-2006-09-29-28586.pcap.out
@ -5,7 +5,7 @@ DPI Packets (other):	1	(1.00 pkts/flow)
 Confidence Unknown          : 3 (flows)
 Confidence Match by port    : 26 (flows)
 Confidence DPI              : 11 (flows)
-Num dissector calls: 1095 (27.38 diss/flow)
+Num dissector calls: 1101 (27.52 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/87/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/fuzz-2021-10-13.pcap.out
+++ b/tests/cfgs/default/result/fuzz-2021-10-13.pcap.out
@ -1,6 +1,6 @@
 DPI Packets (TCP):	1	(1.00 pkts/flow)
 Confidence Unknown          : 1 (flows)
-Num dissector calls: 139 (139.00 diss/flow)
+Num dissector calls: 140 (140.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/3/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/google_ssl.pcap.out
+++ b/tests/cfgs/default/result/google_ssl.pcap.out
@ -2,7 +2,7 @@ Guessed flow protos:	1

 DPI Packets (TCP):	24	(24.00 pkts/flow)
 Confidence Match by port    : 1 (flows)
-Num dissector calls: 204 (204.00 diss/flow)
+Num dissector calls: 205 (205.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/3/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/http_guessed_host_and_guessed.pcapng.out
+++ b/tests/cfgs/default/result/http_guessed_host_and_guessed.pcapng.out
@ -2,7 +2,7 @@ Guessed flow protos:	1

 DPI Packets (TCP):	1	(1.00 pkts/flow)
 Confidence Match by port    : 1 (flows)
-Num dissector calls: 140 (140.00 diss/flow)
+Num dissector calls: 141 (141.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/3/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/imap-starttls.pcap.out
+++ b/tests/cfgs/default/result/imap-starttls.pcap.out
@ -1,6 +1,6 @@
 DPI Packets (TCP):	19	(19.00 pkts/flow)
 Confidence DPI              : 1 (flows)
-Num dissector calls: 216 (216.00 diss/flow)
+Num dissector calls: 217 (217.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/imap.pcap.out
+++ b/tests/cfgs/default/result/imap.pcap.out
@ -1,6 +1,6 @@
 DPI Packets (TCP):	11	(11.00 pkts/flow)
 Confidence DPI              : 1 (flows)
-Num dissector calls: 216 (216.00 diss/flow)
+Num dissector calls: 217 (217.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/instagram.pcap.out
+++ b/tests/cfgs/default/result/instagram.pcap.out
@ -6,7 +6,7 @@ DPI Packets (other):	1	(1.00 pkts/flow)
 Confidence Unknown          : 1 (flows)
 Confidence Match by port    : 7 (flows)
 Confidence DPI              : 30 (flows)
-Num dissector calls: 1405 (36.97 diss/flow)
+Num dissector calls: 1409 (37.08 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/24/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/irc.pcap.out
+++ b/tests/cfgs/default/result/irc.pcap.out
@ -1,6 +1,6 @@
 DPI Packets (TCP):	7	(7.00 pkts/flow)
 Confidence DPI              : 1 (flows)
-Num dissector calls: 172 (172.00 diss/flow)
+Num dissector calls: 173 (173.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/iso9506-1-mms.pcap.out
+++ b/tests/cfgs/default/result/iso9506-1-mms.pcap.out
@ -1,6 +1,6 @@
 DPI Packets (TCP):	7	(7.00 pkts/flow)
 Confidence DPI              : 1 (flows)
-Num dissector calls: 189 (189.00 diss/flow)
+Num dissector calls: 190 (190.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/jabber.pcap.out
+++ b/tests/cfgs/default/result/jabber.pcap.out
@ -1,6 +1,6 @@
 DPI Packets (TCP):	74	(6.17 pkts/flow)
 Confidence DPI              : 12 (flows)
-Num dissector calls: 1562 (130.17 diss/flow)
+Num dissector calls: 1571 (130.92 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/kerberos.pcap.out
+++ b/tests/cfgs/default/result/kerberos.pcap.out
@ -4,7 +4,7 @@ DPI Packets (TCP):	77	(2.14 pkts/flow)
 Confidence Unknown          : 2 (flows)
 Confidence Match by port    : 23 (flows)
 Confidence DPI              : 11 (flows)
-Num dissector calls: 4304 (119.56 diss/flow)
+Num dissector calls: 4329 (120.25 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/75/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/log4j-webapp-exploit.pcap.out
+++ b/tests/cfgs/default/result/log4j-webapp-exploit.pcap.out
@ -1,7 +1,7 @@
 DPI Packets (TCP):	56	(8.00 pkts/flow)
 Confidence Unknown          : 2 (flows)
 Confidence DPI              : 5 (flows)
-Num dissector calls: 358 (51.14 diss/flow)
+Num dissector calls: 359 (51.29 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/6/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/memcached.cap.out
+++ b/tests/cfgs/default/result/memcached.cap.out
@ -1,6 +1,6 @@
 DPI Packets (TCP):	6	(6.00 pkts/flow)
 Confidence DPI              : 1 (flows)
-Num dissector calls: 141 (141.00 diss/flow)
+Num dissector calls: 142 (142.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/mongo_false_positive.pcapng.out
+++ b/tests/cfgs/default/result/mongo_false_positive.pcapng.out
@ -2,7 +2,7 @@ Guessed flow protos:	1

 DPI Packets (TCP):	14	(14.00 pkts/flow)
 Confidence Match by port    : 1 (flows)
-Num dissector calls: 273 (273.00 diss/flow)
+Num dissector calls: 274 (274.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/3/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/mssql_tds.pcap.out
+++ b/tests/cfgs/default/result/mssql_tds.pcap.out
@ -3,7 +3,7 @@ Guessed flow protos:	1
 DPI Packets (TCP):	18	(1.50 pkts/flow)
 Confidence Match by port    : 1 (flows)
 Confidence DPI              : 11 (flows)
-Num dissector calls: 278 (23.17 diss/flow)
+Num dissector calls: 279 (23.25 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/3/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/nest_log_sink.pcap.out
+++ b/tests/cfgs/default/result/nest_log_sink.pcap.out
@ -4,7 +4,7 @@ DPI Packets (TCP):	130	(10.00 pkts/flow)
 DPI Packets (UDP):	2	(2.00 pkts/flow)
 Confidence Match by port    : 1 (flows)
 Confidence DPI              : 13 (flows)
-Num dissector calls: 2041 (145.79 diss/flow)
+Num dissector calls: 2053 (146.64 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/3/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/netbios.pcap.out
+++ b/tests/cfgs/default/result/netbios.pcap.out
@ -4,7 +4,7 @@ DPI Packets (TCP):	2	(2.00 pkts/flow)
 DPI Packets (UDP):	14	(1.00 pkts/flow)
 Confidence Match by port    : 1 (flows)
 Confidence DPI              : 14 (flows)
-Num dissector calls: 154 (10.27 diss/flow)
+Num dissector calls: 155 (10.33 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/3/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/nntp.pcap.out
+++ b/tests/cfgs/default/result/nntp.pcap.out
@ -1,6 +1,6 @@
 DPI Packets (TCP):	6	(6.00 pkts/flow)
 Confidence DPI              : 1 (flows)
-Num dissector calls: 147 (147.00 diss/flow)
+Num dissector calls: 148 (148.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/ookla.pcap.out
+++ b/tests/cfgs/default/result/ookla.pcap.out
@ -4,7 +4,7 @@ DPI Packets (TCP):	40	(6.67 pkts/flow)
 Confidence DPI (partial cache): 1 (flows)
 Confidence DPI              : 4 (flows)
 Confidence DPI (aggressive) : 1 (flows)
-Num dissector calls: 556 (92.67 diss/flow)
+Num dissector calls: 559 (93.17 diss/flow)
 LRU cache ookla:      4/2/2 (insert/search/found)
 LRU cache bittorrent: 0/3/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/openvpn.pcap.out
+++ b/tests/cfgs/default/result/openvpn.pcap.out
@ -1,7 +1,7 @@
 DPI Packets (TCP):	24	(8.00 pkts/flow)
 DPI Packets (UDP):	15	(3.00 pkts/flow)
 Confidence DPI              : 8 (flows)
-Num dissector calls: 1288 (161.00 diss/flow)
+Num dissector calls: 1291 (161.38 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/6/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/openvpn_nohmac_tcp.pcapng.out
+++ b/tests/cfgs/default/result/openvpn_nohmac_tcp.pcapng.out
@ -1,6 +1,6 @@
 DPI Packets (TCP):	6	(6.00 pkts/flow)
 Confidence DPI              : 1 (flows)
-Num dissector calls: 141 (141.00 diss/flow)
+Num dissector calls: 142 (142.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/oracle12.pcapng.out
+++ b/tests/cfgs/default/result/oracle12.pcapng.out
@ -2,7 +2,7 @@ Guessed flow protos:	1

 DPI Packets (TCP):	20	(20.00 pkts/flow)
 Confidence Match by port    : 1 (flows)
-Num dissector calls: 265 (265.00 diss/flow)
+Num dissector calls: 266 (266.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/3/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/ossfuzz_seed_fake_traces_1.pcapng.out
+++ b/tests/cfgs/default/result/ossfuzz_seed_fake_traces_1.pcapng.out
@ -2,7 +2,7 @@ DPI Packets (TCP):	8	(1.33 pkts/flow)
 DPI Packets (UDP):	9	(2.25 pkts/flow)
 Confidence Unknown          : 1 (flows)
 Confidence DPI              : 9 (flows)
-Num dissector calls: 772 (77.20 diss/flow)
+Num dissector calls: 774 (77.40 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/6/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/ossfuzz_seed_fake_traces_2.pcapng.out
+++ b/tests/cfgs/default/result/ossfuzz_seed_fake_traces_2.pcapng.out
@ -4,7 +4,7 @@ DPI Packets (TCP):	30	(7.50 pkts/flow)
 DPI Packets (UDP):	4	(2.00 pkts/flow)
 Confidence Match by port    : 1 (flows)
 Confidence DPI              : 5 (flows)
-Num dissector calls: 939 (156.50 diss/flow)
+Num dissector calls: 943 (157.17 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/3/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/pgsql.pcap.out
+++ b/tests/cfgs/default/result/pgsql.pcap.out
@ -1,6 +1,6 @@
 DPI Packets (TCP):	36	(6.00 pkts/flow)
 Confidence DPI              : 6 (flows)
-Num dissector calls: 846 (141.00 diss/flow)
+Num dissector calls: 852 (142.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/pop3.pcap.out
+++ b/tests/cfgs/default/result/pop3.pcap.out
@ -1,6 +1,6 @@
 DPI Packets (TCP):	83	(13.83 pkts/flow)
 Confidence DPI              : 6 (flows)
-Num dissector calls: 1230 (205.00 diss/flow)
+Num dissector calls: 1236 (206.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/pop3_stls.pcap.out
+++ b/tests/cfgs/default/result/pop3_stls.pcap.out
@ -1,6 +1,6 @@
 DPI Packets (TCP):	18	(18.00 pkts/flow)
 Confidence DPI              : 1 (flows)
-Num dissector calls: 204 (204.00 diss/flow)
+Num dissector calls: 205 (205.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/protobuf.pcap.out
+++ b/tests/cfgs/default/result/protobuf.pcap.out
@ -1,6 +1,6 @@
 DPI Packets (TCP):	26	(5.20 pkts/flow)
 Confidence DPI              : 5 (flows)
-Num dissector calls: 702 (140.40 diss/flow)
+Num dissector calls: 703 (140.60 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/radmin3.pcapng.out
+++ b/tests/cfgs/default/result/radmin3.pcapng.out
@ -0,0 +1,29 @@
+DPI Packets (TCP):	12	(6.00 pkts/flow)
+Confidence DPI              : 2 (flows)
+Num dissector calls: 284 (142.00 diss/flow)
+LRU cache ookla:      0/0/0 (insert/search/found)
+LRU cache bittorrent: 0/0/0 (insert/search/found)
+LRU cache zoom:       0/0/0 (insert/search/found)
+LRU cache stun:       0/0/0 (insert/search/found)
+LRU cache tls_cert:   0/0/0 (insert/search/found)
+LRU cache mining:     0/0/0 (insert/search/found)
+LRU cache msteams:    0/0/0 (insert/search/found)
+LRU cache stun_zoom:  0/0/0 (insert/search/found)
+Automa host:          0/0 (search/found)
+Automa domain:        0/0 (search/found)
+Automa tls cert:      0/0 (search/found)
+Automa risk mask:     0/0 (search/found)
+Automa common alpns:  0/0 (search/found)
+Patricia risk mask:   0/0 (search/found)
+Patricia risk mask IPv6: 0/0 (search/found)
+Patricia risk:        0/0 (search/found)
+Patricia risk IPv6:   0/0 (search/found)
+Patricia protocols:   4/0 (search/found)
+Patricia protocols IPv6: 0/0 (search/found)
+
+Radmin	17	1074	2
+
+Acceptable                      17 1074          2            
+
+	1	TCP 192.168.88.208:49736 <-> 192.168.88.197:4899 [proto: 391/Radmin][IP: 0/Unknown][Encrypted][Confidence: DPI][DPI packets: 6][cat: RemoteAccess/12][6 pkts/346 bytes <-> 5 pkts/346 bytes][Goodput ratio: 3/13][0.77 sec][bytes ratio: 0.000 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/51 153/228 457/405 193/177][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 58/69 66/100 5/16][Risk: ** Desktop/File Sharing **][Risk Score: 10][Risk Info: Found Radmin][Plen Bins: 50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+	2	TCP 192.168.88.208:49739 <-> 192.168.88.197:4899 [proto: 391/Radmin][IP: 0/Unknown][Encrypted][Confidence: DPI][DPI packets: 6][cat: RemoteAccess/12][3 pkts/188 bytes <-> 3 pkts/194 bytes][Goodput ratio: 7/7][0.40 sec][bytes ratio: -0.016 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/51 0/201 0/351 0/150][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 63/65 68/68 6/3][Risk: ** Desktop/File Sharing **][Risk Score: 10][Risk Info: Found Radmin][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
--- a/tests/cfgs/default/result/reasm_crash_anon.pcapng.out
+++ b/tests/cfgs/default/result/reasm_crash_anon.pcapng.out
@ -1,6 +1,6 @@
 DPI Packets (TCP):	23	(23.00 pkts/flow)
 Confidence Unknown          : 1 (flows)
-Num dissector calls: 254 (254.00 diss/flow)
+Num dissector calls: 255 (255.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/3/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/reasm_segv_anon.pcapng.out
+++ b/tests/cfgs/default/result/reasm_segv_anon.pcapng.out
@ -2,7 +2,7 @@ Guessed flow protos:	1

 DPI Packets (TCP):	21	(21.00 pkts/flow)
 Confidence Match by port    : 1 (flows)
-Num dissector calls: 205 (205.00 diss/flow)
+Num dissector calls: 206 (206.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/3/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/riot.pcapng.out
+++ b/tests/cfgs/default/result/riot.pcapng.out
@ -3,7 +3,7 @@ Guessed flow protos:	1
 DPI Packets (TCP):	7	(3.50 pkts/flow)
 Confidence Match by port    : 1 (flows)
 Confidence DPI              : 1 (flows)
-Num dissector calls: 198 (99.00 diss/flow)
+Num dissector calls: 199 (99.50 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/3/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/rsh.pcap.out
+++ b/tests/cfgs/default/result/rsh.pcap.out
@ -1,6 +1,6 @@
 DPI Packets (TCP):	12	(6.00 pkts/flow)
 Confidence DPI              : 2 (flows)
-Num dissector calls: 326 (163.00 diss/flow)
+Num dissector calls: 328 (164.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/rtmp.pcap.out
+++ b/tests/cfgs/default/result/rtmp.pcap.out
@ -1,6 +1,6 @@
 DPI Packets (TCP):	8	(8.00 pkts/flow)
 Confidence DPI              : 1 (flows)
-Num dissector calls: 170 (170.00 diss/flow)
+Num dissector calls: 171 (171.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/s7comm-plus.pcap.out
+++ b/tests/cfgs/default/result/s7comm-plus.pcap.out
@ -1,6 +1,6 @@
 DPI Packets (TCP):	9	(9.00 pkts/flow)
 Confidence DPI              : 1 (flows)
-Num dissector calls: 183 (183.00 diss/flow)
+Num dissector calls: 184 (184.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/s7comm.pcap.out
+++ b/tests/cfgs/default/result/s7comm.pcap.out
@ -1,6 +1,6 @@
 DPI Packets (TCP):	3	(3.00 pkts/flow)
 Confidence DPI              : 1 (flows)
-Num dissector calls: 185 (185.00 diss/flow)
+Num dissector calls: 186 (186.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/shadowsocks.pcap.out
+++ b/tests/cfgs/default/result/shadowsocks.pcap.out
@ -1,7 +1,7 @@
 DPI Packets (TCP):	21	(10.50 pkts/flow)
 Confidence Unknown          : 1 (flows)
 Confidence DPI              : 1 (flows)
-Num dissector calls: 360 (180.00 diss/flow)
+Num dissector calls: 362 (181.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/3/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/skype.pcap.out
+++ b/tests/cfgs/default/result/skype.pcap.out
@ -6,7 +6,7 @@ DPI Packets (other):	5	(1.00 pkts/flow)
 Confidence Unknown          : 59 (flows)
 Confidence Match by port    : 28 (flows)
 Confidence DPI              : 206 (flows)
-Num dissector calls: 28054 (95.75 diss/flow)
+Num dissector calls: 28140 (96.04 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/261/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/skype_no_unknown.pcap.out
+++ b/tests/cfgs/default/result/skype_no_unknown.pcap.out
@ -6,7 +6,7 @@ DPI Packets (other):	5	(1.00 pkts/flow)
 Confidence Unknown          : 44 (flows)
 Confidence Match by port    : 22 (flows)
 Confidence DPI              : 201 (flows)
-Num dissector calls: 23281 (87.19 diss/flow)
+Num dissector calls: 23345 (87.43 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/198/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/smb_frags.pcap.out
+++ b/tests/cfgs/default/result/smb_frags.pcap.out
@ -1,6 +1,6 @@
 DPI Packets (TCP):	5	(5.00 pkts/flow)
 Confidence DPI              : 1 (flows)
-Num dissector calls: 169 (169.00 diss/flow)
+Num dissector calls: 170 (170.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/smbv1.pcap.out
+++ b/tests/cfgs/default/result/smbv1.pcap.out
@ -1,6 +1,6 @@
 DPI Packets (TCP):	3	(3.00 pkts/flow)
 Confidence DPI              : 1 (flows)
-Num dissector calls: 171 (171.00 diss/flow)
+Num dissector calls: 172 (172.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/smtp-starttls.pcap.out
+++ b/tests/cfgs/default/result/smtp-starttls.pcap.out
@ -1,6 +1,6 @@
 DPI Packets (TCP):	26	(13.00 pkts/flow)
 Confidence DPI              : 2 (flows)
-Num dissector calls: 167 (83.50 diss/flow)
+Num dissector calls: 168 (84.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/smtp.pcap.out
+++ b/tests/cfgs/default/result/smtp.pcap.out
@ -1,6 +1,6 @@
 DPI Packets (TCP):	11	(11.00 pkts/flow)
 Confidence DPI              : 1 (flows)
-Num dissector calls: 210 (210.00 diss/flow)
+Num dissector calls: 211 (211.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/soap.pcap.out
+++ b/tests/cfgs/default/result/soap.pcap.out
@ -3,7 +3,7 @@ Guessed flow protos:	1
 DPI Packets (TCP):	20	(6.67 pkts/flow)
 Confidence Match by port    : 1 (flows)
 Confidence DPI              : 2 (flows)
-Num dissector calls: 406 (135.33 diss/flow)
+Num dissector calls: 408 (136.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/3/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/socks.pcap.out
+++ b/tests/cfgs/default/result/socks.pcap.out
@ -1,6 +1,6 @@
 DPI Packets (TCP):	23	(5.75 pkts/flow)
 Confidence DPI              : 4 (flows)
-Num dissector calls: 566 (141.50 diss/flow)
+Num dissector calls: 570 (142.50 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/starcraft_battle.pcap.out
+++ b/tests/cfgs/default/result/starcraft_battle.pcap.out
@ -6,7 +6,7 @@ DPI Packets (other):	1	(1.00 pkts/flow)
 Confidence Match by port    : 12 (flows)
 Confidence DPI              : 39 (flows)
 Confidence Match by IP      : 1 (flows)
-Num dissector calls: 1631 (31.37 diss/flow)
+Num dissector calls: 1634 (31.42 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/39/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/synscan.pcap.out
+++ b/tests/cfgs/default/result/synscan.pcap.out
--- a/tests/cfgs/default/result/teams.pcap.out
+++ b/tests/cfgs/default/result/teams.pcap.out
@ -7,7 +7,7 @@ Confidence Unknown          : 1 (flows)
 Confidence Match by port    : 2 (flows)
 Confidence DPI (partial)    : 4 (flows)
 Confidence DPI              : 76 (flows)
-Num dissector calls: 528 (6.36 diss/flow)
+Num dissector calls: 529 (6.37 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/9/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/telegram_videocall.pcapng.out
+++ b/tests/cfgs/default/result/telegram_videocall.pcapng.out
@ -7,7 +7,7 @@ Confidence Match by port    : 8 (flows)
 Confidence DPI (cache)      : 10 (flows)
 Confidence DPI              : 15 (flows)
 Confidence Match by IP      : 1 (flows)
-Num dissector calls: 1972 (58.00 diss/flow)
+Num dissector calls: 1980 (58.24 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/27/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/telnet.pcap.out
+++ b/tests/cfgs/default/result/telnet.pcap.out
@ -1,6 +1,6 @@
 DPI Packets (TCP):	33	(33.00 pkts/flow)
 Confidence DPI              : 1 (flows)
-Num dissector calls: 167 (167.00 diss/flow)
+Num dissector calls: 168 (168.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/threema.pcap.out
+++ b/tests/cfgs/default/result/threema.pcap.out
@ -3,7 +3,7 @@ Guessed flow protos:	2
 DPI Packets (TCP):	66	(11.00 pkts/flow)
 Confidence DPI              : 4 (flows)
 Confidence Match by IP      : 2 (flows)
-Num dissector calls: 1322 (220.33 diss/flow)
+Num dissector calls: 1328 (221.33 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/6/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/tinc.pcap.out
+++ b/tests/cfgs/default/result/tinc.pcap.out
@ -2,7 +2,7 @@ DPI Packets (TCP):	19	(9.50 pkts/flow)
 DPI Packets (UDP):	2	(1.00 pkts/flow)
 Confidence DPI (cache)      : 2 (flows)
 Confidence DPI              : 2 (flows)
-Num dissector calls: 529 (132.25 diss/flow)
+Num dissector calls: 531 (132.75 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/tls-appdata.pcap.out
+++ b/tests/cfgs/default/result/tls-appdata.pcap.out
@ -1,6 +1,6 @@
 DPI Packets (TCP):	17	(8.50 pkts/flow)
 Confidence DPI              : 2 (flows)
-Num dissector calls: 142 (71.00 diss/flow)
+Num dissector calls: 143 (71.50 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/tls_certificate_too_long.pcap.out
+++ b/tests/cfgs/default/result/tls_certificate_too_long.pcap.out
@ -6,7 +6,7 @@ DPI Packets (other):	2	(1.00 pkts/flow)
 Confidence Unknown          : 1 (flows)
 Confidence Match by port    : 1 (flows)
 Confidence DPI              : 33 (flows)
-Num dissector calls: 629 (17.97 diss/flow)
+Num dissector calls: 632 (18.06 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/6/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/tls_false_positives.pcapng.out
+++ b/tests/cfgs/default/result/tls_false_positives.pcapng.out
@ -1,6 +1,6 @@
 DPI Packets (TCP):	13	(13.00 pkts/flow)
 Confidence Unknown          : 1 (flows)
-Num dissector calls: 260 (260.00 diss/flow)
+Num dissector calls: 261 (261.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/3/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/tls_invalid_reads.pcap.out
+++ b/tests/cfgs/default/result/tls_invalid_reads.pcap.out
@ -3,7 +3,7 @@ Guessed flow protos:	1
 DPI Packets (TCP):	10	(3.33 pkts/flow)
 Confidence Match by port    : 1 (flows)
 Confidence DPI              : 2 (flows)
-Num dissector calls: 142 (47.33 diss/flow)
+Num dissector calls: 143 (47.67 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/3/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/tls_missing_ch_frag.pcap.out
+++ b/tests/cfgs/default/result/tls_missing_ch_frag.pcap.out
@ -1,6 +1,6 @@
 DPI Packets (TCP):	3	(3.00 pkts/flow)
 Confidence DPI              : 1 (flows)
-Num dissector calls: 141 (141.00 diss/flow)
+Num dissector calls: 142 (142.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/viber.pcap.out
+++ b/tests/cfgs/default/result/viber.pcap.out
@ -5,7 +5,7 @@ DPI Packets (UDP):	27	(1.93 pkts/flow)
 DPI Packets (other):	2	(1.00 pkts/flow)
 Confidence Match by port    : 4 (flows)
 Confidence DPI              : 25 (flows)
-Num dissector calls: 459 (15.83 diss/flow)
+Num dissector calls: 460 (15.86 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/12/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/vnc.pcap.out
+++ b/tests/cfgs/default/result/vnc.pcap.out
@ -1,6 +1,6 @@
 DPI Packets (TCP):	10	(5.00 pkts/flow)
 Confidence DPI              : 2 (flows)
-Num dissector calls: 292 (146.00 diss/flow)
+Num dissector calls: 294 (147.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/wa_video.pcap.out
+++ b/tests/cfgs/default/result/wa_video.pcap.out
@ -5,7 +5,7 @@ DPI Packets (UDP):	13	(1.00 pkts/flow)
 Confidence DPI (cache)      : 2 (flows)
 Confidence DPI              : 11 (flows)
 Confidence Match by IP      : 1 (flows)
-Num dissector calls: 401 (28.64 diss/flow)
+Num dissector calls: 402 (28.71 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/3/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/waze.pcap.out
+++ b/tests/cfgs/default/result/waze.pcap.out
@ -5,7 +5,7 @@ DPI Packets (UDP):	1	(1.00 pkts/flow)
 Confidence Unknown          : 1 (flows)
 Confidence Match by port    : 9 (flows)
 Confidence DPI              : 23 (flows)
-Num dissector calls: 382 (11.58 diss/flow)
+Num dissector calls: 383 (11.61 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/30/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/wechat.pcap.out
+++ b/tests/cfgs/default/result/wechat.pcap.out
@ -6,7 +6,7 @@ DPI Packets (other):	7	(1.00 pkts/flow)
 Confidence Match by port    : 24 (flows)
 Confidence DPI              : 78 (flows)
 Confidence Match by IP      : 1 (flows)
-Num dissector calls: 323 (3.14 diss/flow)
+Num dissector calls: 324 (3.15 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/75/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/whatsapp.pcap.out
+++ b/tests/cfgs/default/result/whatsapp.pcap.out
@ -1,6 +1,6 @@
 DPI Packets (TCP):	344	(4.00 pkts/flow)
 Confidence DPI              : 86 (flows)
-Num dissector calls: 13588 (158.00 diss/flow)
+Num dissector calls: 13674 (159.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/whatsapp_login_chat.pcap.out
+++ b/tests/cfgs/default/result/whatsapp_login_chat.pcap.out
@ -1,7 +1,7 @@
 DPI Packets (TCP):	17	(5.67 pkts/flow)
 DPI Packets (UDP):	7	(1.17 pkts/flow)
 Confidence DPI              : 9 (flows)
-Num dissector calls: 295 (32.78 diss/flow)
+Num dissector calls: 296 (32.89 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/whois.pcapng.out
+++ b/tests/cfgs/default/result/whois.pcapng.out
@ -3,7 +3,7 @@ Guessed flow protos:	1
 DPI Packets (TCP):	16	(5.33 pkts/flow)
 Confidence Match by port    : 1 (flows)
 Confidence DPI              : 2 (flows)
-Num dissector calls: 199 (66.33 diss/flow)
+Num dissector calls: 200 (66.67 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/3/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/z3950.pcapng.out
+++ b/tests/cfgs/default/result/z3950.pcapng.out
@ -3,7 +3,7 @@ Guessed flow protos:	1
 DPI Packets (TCP):	26	(13.00 pkts/flow)
 Confidence Match by port    : 1 (flows)
 Confidence DPI              : 1 (flows)
-Num dissector calls: 474 (237.00 diss/flow)
+Num dissector calls: 476 (238.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/3/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/zoom.pcap.out
+++ b/tests/cfgs/default/result/zoom.pcap.out
@ -5,7 +5,7 @@ DPI Packets (UDP):	28	(1.56 pkts/flow)
 DPI Packets (other):	2	(1.00 pkts/flow)
 Confidence Match by port    : 2 (flows)
 Confidence DPI              : 32 (flows)
-Num dissector calls: 866 (25.47 diss/flow)
+Num dissector calls: 868 (25.53 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/6/0 (insert/search/found)
 LRU cache zoom:       7/0/0 (insert/search/found)