Add Paltalk protocol support (#2606)

2026-04-29 07:29:39 +00:00 · 2024-10-28 18:57:05 +03:00 · 2024-10-28 18:57:05 +03:00 · dc125dc2a8
commit dc125dc2a8
parent 7abe7c50ba
133 changed files with 256 additions and 125 deletions
--- a/tests/cfgs/default/pcap/paltalk.pcapng
+++ b/tests/cfgs/default/pcap/paltalk.pcapng
--- a/tests/cfgs/default/result/1kxun.pcap.out
+++ b/tests/cfgs/default/result/1kxun.pcap.out
@ -5,7 +5,7 @@ DPI Packets (UDP):	120	(1.21 pkts/flow)
 Confidence Unknown          : 14 (flows)
 Confidence Match by port    : 6 (flows)
 Confidence DPI              : 177 (flows)
-Num dissector calls: 5037 (25.57 diss/flow)
+Num dissector calls: 5040 (25.58 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/60/0 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/443-chrome.pcap.out
+++ b/tests/cfgs/default/result/443-chrome.pcap.out
@ -2,7 +2,7 @@ Guessed flow protos:	1

 DPI Packets (TCP):	1	(1.00 pkts/flow)
 Confidence Match by port    : 1 (flows)
-Num dissector calls: 156 (156.00 diss/flow)
+Num dissector calls: 157 (157.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/3/0 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/443-opvn.pcap.out
+++ b/tests/cfgs/default/result/443-opvn.pcap.out
@ -1,6 +1,6 @@
 DPI Packets (TCP):	6	(6.00 pkts/flow)
 Confidence DPI              : 1 (flows)
-Num dissector calls: 157 (157.00 diss/flow)
+Num dissector calls: 158 (158.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/KakaoTalk_chat.pcap.out
+++ b/tests/cfgs/default/result/KakaoTalk_chat.pcap.out
@ -5,7 +5,7 @@ DPI Packets (UDP):	36	(2.00 pkts/flow)
 DPI Packets (other):	1	(1.00 pkts/flow)
 Confidence Match by port    : 5 (flows)
 Confidence DPI              : 33 (flows)
-Num dissector calls: 554 (14.58 diss/flow)
+Num dissector calls: 556 (14.63 diss/flow)
 LRU cache ookla:      0/1/0 (insert/search/found)
 LRU cache bittorrent: 0/15/0 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/KakaoTalk_talk.pcap.out
+++ b/tests/cfgs/default/result/KakaoTalk_talk.pcap.out
@ -5,7 +5,7 @@ DPI Packets (UDP):	10	(2.00 pkts/flow)
 Confidence Match by port    : 8 (flows)
 Confidence DPI              : 11 (flows)
 Confidence Match by IP      : 1 (flows)
-Num dissector calls: 1238 (61.90 diss/flow)
+Num dissector calls: 1242 (62.10 diss/flow)
 LRU cache ookla:      0/2/0 (insert/search/found)
 LRU cache bittorrent: 0/27/0 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/Oscar.pcap.out
+++ b/tests/cfgs/default/result/Oscar.pcap.out
@ -2,7 +2,7 @@ Guessed flow protos:	1

 DPI Packets (TCP):	21	(21.00 pkts/flow)
 Confidence Match by port    : 1 (flows)
-Num dissector calls: 257 (257.00 diss/flow)
+Num dissector calls: 258 (258.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/3/0 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/alexa-app.pcapng.out
+++ b/tests/cfgs/default/result/alexa-app.pcapng.out
@ -5,7 +5,7 @@ DPI Packets (UDP):	64	(1.94 pkts/flow)
 DPI Packets (other):	6	(1.00 pkts/flow)
 Confidence Match by port    : 14 (flows)
 Confidence DPI              : 146 (flows)
-Num dissector calls: 570 (3.56 diss/flow)
+Num dissector calls: 571 (3.57 diss/flow)
 LRU cache ookla:      0/5/0 (insert/search/found)
 LRU cache bittorrent: 0/42/0 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/amqp.pcap.out
+++ b/tests/cfgs/default/result/amqp.pcap.out
@ -1,6 +1,6 @@
 DPI Packets (TCP):	9	(3.00 pkts/flow)
 Confidence DPI              : 3 (flows)
-Num dissector calls: 381 (127.00 diss/flow)
+Num dissector calls: 382 (127.33 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/anyconnect-vpn.pcap.out
+++ b/tests/cfgs/default/result/anyconnect-vpn.pcap.out
@ -6,7 +6,7 @@ DPI Packets (other):	10	(1.00 pkts/flow)
 Confidence Unknown          : 2 (flows)
 Confidence Match by port    : 6 (flows)
 Confidence DPI              : 61 (flows)
-Num dissector calls: 816 (11.83 diss/flow)
+Num dissector calls: 817 (11.84 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/24/0 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/bfcp.pcapng.out
+++ b/tests/cfgs/default/result/bfcp.pcapng.out
@ -1,7 +1,7 @@
 DPI Packets (TCP):	6	(6.00 pkts/flow)
 DPI Packets (UDP):	2	(2.00 pkts/flow)
 Confidence DPI              : 2 (flows)
-Num dissector calls: 338 (169.00 diss/flow)
+Num dissector calls: 339 (169.50 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/bittorrent_tcp_miss.pcapng.out
+++ b/tests/cfgs/default/result/bittorrent_tcp_miss.pcapng.out
@ -1,6 +1,6 @@
 DPI Packets (TCP):	10	(10.00 pkts/flow)
 Confidence DPI (cache)      : 1 (flows)
-Num dissector calls: 241 (241.00 diss/flow)
+Num dissector calls: 242 (242.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 10/1/1 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/cassandra.pcap.out
+++ b/tests/cfgs/default/result/cassandra.pcap.out
@ -1,6 +1,6 @@
 DPI Packets (TCP):	16	(5.33 pkts/flow)
 Confidence DPI              : 3 (flows)
-Num dissector calls: 315 (105.00 diss/flow)
+Num dissector calls: 317 (105.67 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/cloudflare-warp.pcap.out
+++ b/tests/cfgs/default/result/cloudflare-warp.pcap.out
@ -5,7 +5,7 @@ DPI Packets (UDP):	1	(1.00 pkts/flow)
 Confidence Match by port    : 2 (flows)
 Confidence DPI              : 6 (flows)
 Confidence Match by IP      : 1 (flows)
-Num dissector calls: 352 (39.11 diss/flow)
+Num dissector calls: 353 (39.22 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/9/0 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/codm.pcap.out
+++ b/tests/cfgs/default/result/codm.pcap.out
@ -1,7 +1,7 @@
 DPI Packets (TCP):	7	(7.00 pkts/flow)
 DPI Packets (UDP):	5	(2.50 pkts/flow)
 Confidence DPI              : 3 (flows)
-Num dissector calls: 480 (160.00 diss/flow)
+Num dissector calls: 481 (160.33 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/custom_rules_same-ip_multiple_ports.pcapng.out
+++ b/tests/cfgs/default/result/custom_rules_same-ip_multiple_ports.pcapng.out
@ -26,6 +26,6 @@ CustomProtocolC	3	222	1

 Acceptable                       8 592           3            

-	1	TCP 192.168.1.245:56866 -> 3.3.3.3:443 [proto: 91.438/TLS.CustomProtocolA][IP: 438/CustomProtocolA][Encrypted][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Web/5][3 pkts/222 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][3.05 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+	1	TCP 192.168.1.245:56866 -> 3.3.3.3:443 [proto: 91.439/TLS.CustomProtocolA][IP: 439/CustomProtocolA][Encrypted][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Web/5][3 pkts/222 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][3.05 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
 	2	TCP 192.168.1.245:58288 -> 3.3.3.3:446 [proto: 800/CustomProtocolC][IP: 800/CustomProtocolC][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][3 pkts/222 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][3.04 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
-	3	TCP 192.168.1.245:59682 -> 3.3.3.3:444 [proto: 439/CustomProtocolB][IP: 439/CustomProtocolB][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][2 pkts/148 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][1.02 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+	3	TCP 192.168.1.245:59682 -> 3.3.3.3:444 [proto: 440/CustomProtocolB][IP: 440/CustomProtocolB][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][2 pkts/148 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][1.02 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
--- a/tests/cfgs/default/result/dingtalk.pcap.out
+++ b/tests/cfgs/default/result/dingtalk.pcap.out
@ -1,6 +1,6 @@
 DPI Packets (TCP):	11	(5.50 pkts/flow)
 Confidence DPI              : 2 (flows)
-Num dissector calls: 313 (156.50 diss/flow)
+Num dissector calls: 314 (157.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/elf.pcap.out
+++ b/tests/cfgs/default/result/elf.pcap.out
@ -1,7 +1,7 @@
 DPI Packets (TCP):	10	(10.00 pkts/flow)
 DPI Packets (UDP):	2	(2.00 pkts/flow)
 Confidence Unknown          : 2 (flows)
-Num dissector calls: 341 (170.50 diss/flow)
+Num dissector calls: 342 (171.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/6/0 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/emotet.pcap.out
+++ b/tests/cfgs/default/result/emotet.pcap.out
@ -1,6 +1,6 @@
 DPI Packets (TCP):	48	(8.00 pkts/flow)
 Confidence DPI              : 6 (flows)
-Num dissector calls: 227 (37.83 diss/flow)
+Num dissector calls: 228 (38.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/fastcgi.pcap.out
+++ b/tests/cfgs/default/result/fastcgi.pcap.out
@ -1,6 +1,6 @@
 DPI Packets (TCP):	6	(6.00 pkts/flow)
 Confidence DPI              : 1 (flows)
-Num dissector calls: 177 (177.00 diss/flow)
+Num dissector calls: 178 (178.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/ftp-start-tls.pcap.out
+++ b/tests/cfgs/default/result/ftp-start-tls.pcap.out
@ -1,6 +1,6 @@
 DPI Packets (TCP):	17	(17.00 pkts/flow)
 Confidence DPI              : 1 (flows)
-Num dissector calls: 180 (180.00 diss/flow)
+Num dissector calls: 181 (181.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/ftp.pcap.out
+++ b/tests/cfgs/default/result/ftp.pcap.out
@ -1,7 +1,7 @@
 DPI Packets (TCP):	39	(13.00 pkts/flow)
 Confidence Unknown          : 1 (flows)
 Confidence DPI              : 2 (flows)
-Num dissector calls: 548 (182.67 diss/flow)
+Num dissector calls: 550 (183.33 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/3/0 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/ftp_failed.pcap.out
+++ b/tests/cfgs/default/result/ftp_failed.pcap.out
@ -1,6 +1,6 @@
 DPI Packets (TCP):	8	(8.00 pkts/flow)
 Confidence DPI              : 1 (flows)
-Num dissector calls: 178 (178.00 diss/flow)
+Num dissector calls: 179 (179.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/fuzz-2006-06-26-2594.pcap.out
+++ b/tests/cfgs/default/result/fuzz-2006-06-26-2594.pcap.out
@ -6,7 +6,7 @@ DPI Packets (other):	5	(1.00 pkts/flow)
 Confidence Unknown          : 33 (flows)
 Confidence Match by port    : 28 (flows)
 Confidence DPI              : 185 (flows)
-Num dissector calls: 7884 (32.05 diss/flow)
+Num dissector calls: 7897 (32.10 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/189/0 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/fuzz-2006-09-29-28586.pcap.out
+++ b/tests/cfgs/default/result/fuzz-2006-09-29-28586.pcap.out
@ -5,7 +5,7 @@ DPI Packets (other):	1	(1.00 pkts/flow)
 Confidence Unknown          : 3 (flows)
 Confidence Match by port    : 23 (flows)
 Confidence DPI              : 13 (flows)
-Num dissector calls: 976 (25.03 diss/flow)
+Num dissector calls: 981 (25.15 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/78/0 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/fuzz-2021-10-13.pcap.out
+++ b/tests/cfgs/default/result/fuzz-2021-10-13.pcap.out
@ -1,6 +1,6 @@
 DPI Packets (TCP):	1	(1.00 pkts/flow)
 Confidence Unknown          : 1 (flows)
-Num dissector calls: 154 (154.00 diss/flow)
+Num dissector calls: 155 (155.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/3/0 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/gaijin_mobile_mixed.pcap.out
+++ b/tests/cfgs/default/result/gaijin_mobile_mixed.pcap.out
@ -1,7 +1,7 @@
 DPI Packets (TCP):	13	(6.50 pkts/flow)
 DPI Packets (UDP):	1	(1.00 pkts/flow)
 Confidence DPI              : 3 (flows)
-Num dissector calls: 159 (53.00 diss/flow)
+Num dissector calls: 160 (53.33 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/google_ssl.pcap.out
+++ b/tests/cfgs/default/result/google_ssl.pcap.out
@ -2,7 +2,7 @@ Guessed flow protos:	1

 DPI Packets (TCP):	24	(24.00 pkts/flow)
 Confidence Match by port    : 1 (flows)
-Num dissector calls: 240 (240.00 diss/flow)
+Num dissector calls: 241 (241.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/3/0 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/http_guessed_host_and_guessed.pcapng.out
+++ b/tests/cfgs/default/result/http_guessed_host_and_guessed.pcapng.out
@ -2,7 +2,7 @@ Guessed flow protos:	1

 DPI Packets (TCP):	1	(1.00 pkts/flow)
 Confidence Match by port    : 1 (flows)
-Num dissector calls: 156 (156.00 diss/flow)
+Num dissector calls: 157 (157.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/3/0 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/imap-starttls.pcap.out
+++ b/tests/cfgs/default/result/imap-starttls.pcap.out
@ -1,6 +1,6 @@
 DPI Packets (TCP):	19	(19.00 pkts/flow)
 Confidence DPI              : 1 (flows)
-Num dissector calls: 224 (224.00 diss/flow)
+Num dissector calls: 225 (225.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/imap.pcap.out
+++ b/tests/cfgs/default/result/imap.pcap.out
@ -1,6 +1,6 @@
 DPI Packets (TCP):	11	(11.00 pkts/flow)
 Confidence DPI              : 1 (flows)
-Num dissector calls: 224 (224.00 diss/flow)
+Num dissector calls: 225 (225.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/instagram.pcap.out
+++ b/tests/cfgs/default/result/instagram.pcap.out
@ -6,7 +6,7 @@ DPI Packets (other):	1	(1.00 pkts/flow)
 Confidence Unknown          : 1 (flows)
 Confidence Match by port    : 7 (flows)
 Confidence DPI              : 30 (flows)
-Num dissector calls: 1336 (35.16 diss/flow)
+Num dissector calls: 1340 (35.26 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/24/0 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/irc.pcap.out
+++ b/tests/cfgs/default/result/irc.pcap.out
@ -1,6 +1,6 @@
 DPI Packets (TCP):	7	(7.00 pkts/flow)
 Confidence DPI              : 1 (flows)
-Num dissector calls: 185 (185.00 diss/flow)
+Num dissector calls: 186 (186.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/iso9506-1-mms.pcap.out
+++ b/tests/cfgs/default/result/iso9506-1-mms.pcap.out
@ -1,6 +1,6 @@
 DPI Packets (TCP):	7	(7.00 pkts/flow)
 Confidence DPI              : 1 (flows)
-Num dissector calls: 198 (198.00 diss/flow)
+Num dissector calls: 199 (199.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/jabber.pcap.out
+++ b/tests/cfgs/default/result/jabber.pcap.out
@ -1,6 +1,6 @@
 DPI Packets (TCP):	74	(6.17 pkts/flow)
 Confidence DPI              : 12 (flows)
-Num dissector calls: 1690 (140.83 diss/flow)
+Num dissector calls: 1699 (141.58 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/kafka.pcapng.out
+++ b/tests/cfgs/default/result/kafka.pcapng.out
@ -3,7 +3,7 @@ Guessed flow protos:	1
 DPI Packets (TCP):	16	(1.78 pkts/flow)
 Confidence Match by port    : 1 (flows)
 Confidence DPI              : 8 (flows)
-Num dissector calls: 226 (25.11 diss/flow)
+Num dissector calls: 227 (25.22 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/3/0 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/kerberos.pcap.out
+++ b/tests/cfgs/default/result/kerberos.pcap.out
@ -4,7 +4,7 @@ DPI Packets (TCP):	77	(2.14 pkts/flow)
 Confidence Unknown          : 2 (flows)
 Confidence Match by port    : 23 (flows)
 Confidence DPI              : 11 (flows)
-Num dissector calls: 4571 (126.97 diss/flow)
+Num dissector calls: 4596 (127.67 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/75/0 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/log4j-webapp-exploit.pcap.out
+++ b/tests/cfgs/default/result/log4j-webapp-exploit.pcap.out
@ -1,7 +1,7 @@
 DPI Packets (TCP):	56	(8.00 pkts/flow)
 Confidence Unknown          : 2 (flows)
 Confidence DPI              : 5 (flows)
-Num dissector calls: 356 (50.86 diss/flow)
+Num dissector calls: 357 (51.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/6/0 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/memcached.cap.out
+++ b/tests/cfgs/default/result/memcached.cap.out
@ -1,6 +1,6 @@
 DPI Packets (TCP):	6	(6.00 pkts/flow)
 Confidence DPI              : 1 (flows)
-Num dissector calls: 157 (157.00 diss/flow)
+Num dissector calls: 158 (158.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/mongo_false_positive.pcapng.out
+++ b/tests/cfgs/default/result/mongo_false_positive.pcapng.out
@ -2,7 +2,7 @@ Guessed flow protos:	1

 DPI Packets (TCP):	14	(14.00 pkts/flow)
 Confidence Match by port    : 1 (flows)
-Num dissector calls: 269 (269.00 diss/flow)
+Num dissector calls: 270 (270.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/3/0 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/mssql_tds.pcap.out
+++ b/tests/cfgs/default/result/mssql_tds.pcap.out
@ -3,7 +3,7 @@ Guessed flow protos:	1
 DPI Packets (TCP):	18	(1.50 pkts/flow)
 Confidence Match by port    : 1 (flows)
 Confidence DPI              : 11 (flows)
-Num dissector calls: 268 (22.33 diss/flow)
+Num dissector calls: 269 (22.42 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/3/0 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/nest_log_sink.pcap.out
+++ b/tests/cfgs/default/result/nest_log_sink.pcap.out
@ -4,7 +4,7 @@ DPI Packets (TCP):	129	(9.92 pkts/flow)
 DPI Packets (UDP):	2	(2.00 pkts/flow)
 Confidence Match by port    : 1 (flows)
 Confidence DPI              : 13 (flows)
-Num dissector calls: 2173 (155.21 diss/flow)
+Num dissector calls: 2185 (156.07 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/3/0 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/netbios.pcap.out
+++ b/tests/cfgs/default/result/netbios.pcap.out
@ -4,7 +4,7 @@ DPI Packets (TCP):	3	(1.50 pkts/flow)
 DPI Packets (UDP):	14	(1.00 pkts/flow)
 Confidence Match by port    : 1 (flows)
 Confidence DPI              : 15 (flows)
-Num dissector calls: 171 (10.69 diss/flow)
+Num dissector calls: 172 (10.75 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/3/0 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/nntp.pcap.out
+++ b/tests/cfgs/default/result/nntp.pcap.out
@ -1,6 +1,6 @@
 DPI Packets (TCP):	6	(6.00 pkts/flow)
 Confidence DPI              : 1 (flows)
-Num dissector calls: 164 (164.00 diss/flow)
+Num dissector calls: 165 (165.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/ookla.pcap.out
+++ b/tests/cfgs/default/result/ookla.pcap.out
@ -4,7 +4,7 @@ DPI Packets (TCP):	40	(6.67 pkts/flow)
 Confidence DPI (partial cache): 1 (flows)
 Confidence DPI              : 4 (flows)
 Confidence DPI (aggressive) : 1 (flows)
-Num dissector calls: 583 (97.17 diss/flow)
+Num dissector calls: 586 (97.67 diss/flow)
 LRU cache ookla:      4/2/2 (insert/search/found)
 LRU cache bittorrent: 0/3/0 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/openvpn.pcap.out
+++ b/tests/cfgs/default/result/openvpn.pcap.out
@ -1,7 +1,7 @@
 DPI Packets (TCP):	24	(8.00 pkts/flow)
 DPI Packets (UDP):	24	(3.43 pkts/flow)
 Confidence DPI              : 10 (flows)
-Num dissector calls: 1765 (176.50 diss/flow)
+Num dissector calls: 1768 (176.80 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/9/0 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/openvpn_nohmac_tcp.pcapng.out
+++ b/tests/cfgs/default/result/openvpn_nohmac_tcp.pcapng.out
@ -1,6 +1,6 @@
 DPI Packets (TCP):	6	(6.00 pkts/flow)
 Confidence DPI              : 1 (flows)
-Num dissector calls: 157 (157.00 diss/flow)
+Num dissector calls: 158 (158.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/openvpn_obfuscated.pcapng.out
+++ b/tests/cfgs/default/result/openvpn_obfuscated.pcapng.out
@ -4,7 +4,7 @@ DPI Packets (TCP):	38	(19.00 pkts/flow)
 DPI Packets (UDP):	9	(9.00 pkts/flow)
 Confidence Match by port    : 2 (flows)
 Confidence Match by IP      : 1 (flows)
-Num dissector calls: 711 (237.00 diss/flow)
+Num dissector calls: 713 (237.67 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/9/0 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/ossfuzz_seed_fake_traces_1.pcapng.out
+++ b/tests/cfgs/default/result/ossfuzz_seed_fake_traces_1.pcapng.out
@ -2,7 +2,7 @@ DPI Packets (TCP):	8	(1.33 pkts/flow)
 DPI Packets (UDP):	9	(2.25 pkts/flow)
 Confidence Unknown          : 2 (flows)
 Confidence DPI              : 8 (flows)
-Num dissector calls: 974 (97.40 diss/flow)
+Num dissector calls: 976 (97.60 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/9/0 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/ossfuzz_seed_fake_traces_2.pcapng.out
+++ b/tests/cfgs/default/result/ossfuzz_seed_fake_traces_2.pcapng.out
@ -4,7 +4,7 @@ DPI Packets (TCP):	38	(6.33 pkts/flow)
 DPI Packets (UDP):	4	(2.00 pkts/flow)
 Confidence Match by port    : 1 (flows)
 Confidence DPI              : 7 (flows)
-Num dissector calls: 1048 (131.00 diss/flow)
+Num dissector calls: 1052 (131.50 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/3/0 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/paltalk.pcapng.out
+++ b/tests/cfgs/default/result/paltalk.pcapng.out
@ -0,0 +1,35 @@
+DPI Packets (TCP):	17	(4.25 pkts/flow)
+Confidence DPI              : 4 (flows)
+Num dissector calls: 330 (82.50 diss/flow)
+LRU cache ookla:      0/0/0 (insert/search/found)
+LRU cache bittorrent: 0/0/0 (insert/search/found)
+LRU cache stun:       0/0/0 (insert/search/found)
+LRU cache tls_cert:   0/0/0 (insert/search/found)
+LRU cache mining:     0/0/0 (insert/search/found)
+LRU cache msteams:    0/0/0 (insert/search/found)
+LRU cache fpc_dns:    0/4/0 (insert/search/found)
+Automa host:          2/2 (search/found)
+Automa domain:        2/0 (search/found)
+Automa tls cert:      0/0 (search/found)
+Automa risk mask:     0/0 (search/found)
+Automa common alpns:  0/0 (search/found)
+Patricia risk mask:   0/0 (search/found)
+Patricia risk mask IPv6: 0/0 (search/found)
+Patricia risk:        0/0 (search/found)
+Patricia risk IPv6:   0/0 (search/found)
+Patricia protocols:   6/2 (search/found)
+Patricia protocols IPv6: 0/0 (search/found)
+
+Paltalk	17	3511	4
+
+Acceptable                      17 3511          4            
+
+JA3 Host Stats: 
+		 IP Address                  	 # JA3C     
+	1	 192.168.88.208           	 1      
+
+
+	1	TCP 192.168.88.208:51807 <-> 3.162.112.93:443 [proto: 91.432/TLS.Paltalk][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 6][cat: Chat/9][3 pkts/356 bytes <-> 3 pkts/1620 bytes][Goodput ratio: 51/89][0.25 sec][Hostname/SNI: paltalk.com][bytes ratio: -0.640 (Download)][IAT c2s/s2c min/avg/max/stddev: 19/0 66/66 112/132 46/66][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 119/540 236/1494 83/675][Risk: ** TLS (probably) Not Carrying HTTPS **][Risk Score: 10][Risk Info: No ALPN][TCP Fingerprint: 2_128_64240_6bb88f5575fd/Windows][TLSv1.2][JA3C: ce5f3254611a8c095a3d821d44539877][JA4: t12d210800_76e208dd3e22_7af1ed941c26][JA3S: 7da0ae90f9693272ed42e89898421495][Firefox][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0]
+	2	TCP 192.168.88.208:51825 <-> 44.194.181.195:80 [proto: 7.432/HTTP.Paltalk][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 4][cat: Chat/9][3 pkts/1017 bytes <-> 1 pkts/66 bytes][Goodput ratio: 83/0][< 1 sec][Hostname/SNI: qos.paltalkconnect.com][URL: qos.paltalkconnect.com//qos/client][Req Content-Type: application/json][User-Agent: PaltalkQOS][TCP Fingerprint: 2_128_64240_6bb88f5575fd/Windows][PLAIN TEXT (POST //qos/client HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+	3	TCP 192.168.88.208:50728 <-> 84.17.44.229:7970 [proto: 432/Paltalk][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 4][cat: Chat/9][3 pkts/196 bytes <-> 1 pkts/66 bytes][Goodput ratio: 11/0][0.17 sec][TCP Fingerprint: 2_128_64240_6bb88f5575fd/Windows][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+	4	TCP 158.69.169.104:6845 <-> 192.168.88.208:51887 [proto: 432/Paltalk][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 3][cat: Chat/9][1 pkts/62 bytes <-> 2 pkts/128 bytes][Goodput ratio: 0/16][< 1 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
--- a/tests/cfgs/default/result/pgsql.pcap.out
+++ b/tests/cfgs/default/result/pgsql.pcap.out
@ -1,6 +1,6 @@
 DPI Packets (TCP):	36	(6.00 pkts/flow)
 Confidence DPI              : 6 (flows)
-Num dissector calls: 942 (157.00 diss/flow)
+Num dissector calls: 948 (158.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/pgsql2.pcapng.out
+++ b/tests/cfgs/default/result/pgsql2.pcapng.out
@ -1,6 +1,6 @@
 DPI Packets (TCP):	6	(6.00 pkts/flow)
 Confidence DPI              : 1 (flows)
-Num dissector calls: 163 (163.00 diss/flow)
+Num dissector calls: 164 (164.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/pop3.pcap.out
+++ b/tests/cfgs/default/result/pop3.pcap.out
@ -1,6 +1,6 @@
 DPI Packets (TCP):	83	(13.83 pkts/flow)
 Confidence DPI              : 6 (flows)
-Num dissector calls: 1276 (212.67 diss/flow)
+Num dissector calls: 1282 (213.67 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/pop3_stls.pcap.out
+++ b/tests/cfgs/default/result/pop3_stls.pcap.out
@ -1,6 +1,6 @@
 DPI Packets (TCP):	18	(18.00 pkts/flow)
 Confidence DPI              : 1 (flows)
-Num dissector calls: 211 (211.00 diss/flow)
+Num dissector calls: 212 (212.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/portable_executable.pcap.out
+++ b/tests/cfgs/default/result/portable_executable.pcap.out
@ -3,7 +3,7 @@ Guessed flow protos:	1
 DPI Packets (TCP):	30	(15.00 pkts/flow)
 Confidence Unknown          : 1 (flows)
 Confidence Match by port    : 1 (flows)
-Num dissector calls: 477 (238.50 diss/flow)
+Num dissector calls: 479 (239.50 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/6/0 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/protobuf.pcap.out
+++ b/tests/cfgs/default/result/protobuf.pcap.out
@ -1,6 +1,6 @@
 DPI Packets (TCP):	26	(5.20 pkts/flow)
 Confidence DPI              : 5 (flows)
-Num dissector calls: 700 (140.00 diss/flow)
+Num dissector calls: 701 (140.20 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/radmin3.pcapng.out
+++ b/tests/cfgs/default/result/radmin3.pcapng.out
@ -1,6 +1,6 @@
 DPI Packets (TCP):	12	(6.00 pkts/flow)
 Confidence DPI              : 2 (flows)
-Num dissector calls: 314 (157.00 diss/flow)
+Num dissector calls: 316 (158.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/raft.pcap.out
+++ b/tests/cfgs/default/result/raft.pcap.out
@ -1,6 +1,6 @@
 DPI Packets (TCP):	12	(6.00 pkts/flow)
 Confidence DPI              : 2 (flows)
-Num dissector calls: 358 (179.00 diss/flow)
+Num dissector calls: 360 (180.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/reasm_crash_anon.pcapng.out
+++ b/tests/cfgs/default/result/reasm_crash_anon.pcapng.out
@ -1,6 +1,6 @@
 DPI Packets (TCP):	23	(23.00 pkts/flow)
 Confidence Unknown          : 1 (flows)
-Num dissector calls: 246 (246.00 diss/flow)
+Num dissector calls: 247 (247.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/3/0 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/reasm_segv_anon.pcapng.out
+++ b/tests/cfgs/default/result/reasm_segv_anon.pcapng.out
@ -2,7 +2,7 @@ Guessed flow protos:	1

 DPI Packets (TCP):	17	(17.00 pkts/flow)
 Confidence Match by port    : 1 (flows)
-Num dissector calls: 205 (205.00 diss/flow)
+Num dissector calls: 206 (206.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/3/0 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/riot.pcapng.out
+++ b/tests/cfgs/default/result/riot.pcapng.out
@ -3,7 +3,7 @@ Guessed flow protos:	1
 DPI Packets (TCP):	7	(3.50 pkts/flow)
 Confidence Match by port    : 1 (flows)
 Confidence DPI              : 1 (flows)
-Num dissector calls: 204 (102.00 diss/flow)
+Num dissector calls: 205 (102.50 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/3/0 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/rsh.pcap.out
+++ b/tests/cfgs/default/result/rsh.pcap.out
@ -1,6 +1,6 @@
 DPI Packets (TCP):	12	(6.00 pkts/flow)
 Confidence DPI              : 2 (flows)
-Num dissector calls: 350 (175.00 diss/flow)
+Num dissector calls: 352 (176.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/rtmp.pcap.out
+++ b/tests/cfgs/default/result/rtmp.pcap.out
@ -1,6 +1,6 @@
 DPI Packets (TCP):	18	(6.00 pkts/flow)
 Confidence DPI              : 3 (flows)
-Num dissector calls: 554 (184.67 diss/flow)
+Num dissector calls: 557 (185.67 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/rtp.pcapng.out
+++ b/tests/cfgs/default/result/rtp.pcapng.out
@ -1,7 +1,7 @@
 DPI Packets (TCP):	8	(8.00 pkts/flow)
 DPI Packets (UDP):	9	(3.00 pkts/flow)
 Confidence DPI              : 4 (flows)
-Num dissector calls: 675 (168.75 diss/flow)
+Num dissector calls: 676 (169.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/s7comm-plus.pcap.out
+++ b/tests/cfgs/default/result/s7comm-plus.pcap.out
@ -1,6 +1,6 @@
 DPI Packets (TCP):	9	(9.00 pkts/flow)
 Confidence DPI              : 1 (flows)
-Num dissector calls: 193 (193.00 diss/flow)
+Num dissector calls: 194 (194.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/s7comm.pcap.out
+++ b/tests/cfgs/default/result/s7comm.pcap.out
@ -1,6 +1,6 @@
 DPI Packets (TCP):	3	(3.00 pkts/flow)
 Confidence DPI              : 1 (flows)
-Num dissector calls: 192 (192.00 diss/flow)
+Num dissector calls: 193 (193.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/shadowsocks.pcap.out
+++ b/tests/cfgs/default/result/shadowsocks.pcap.out
@ -1,7 +1,7 @@
 DPI Packets (TCP):	21	(10.50 pkts/flow)
 Confidence Unknown          : 1 (flows)
 Confidence DPI              : 1 (flows)
-Num dissector calls: 379 (189.50 diss/flow)
+Num dissector calls: 381 (190.50 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/3/0 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/shell.pcap.out
+++ b/tests/cfgs/default/result/shell.pcap.out
@ -1,7 +1,7 @@
 DPI Packets (TCP):	16	(8.00 pkts/flow)
 DPI Packets (UDP):	2	(1.00 pkts/flow)
 Confidence Unknown          : 4 (flows)
-Num dissector calls: 604 (151.00 diss/flow)
+Num dissector calls: 606 (151.50 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/12/0 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/smb_frags.pcap.out
+++ b/tests/cfgs/default/result/smb_frags.pcap.out
@ -1,6 +1,6 @@
 DPI Packets (TCP):	5	(5.00 pkts/flow)
 Confidence DPI              : 1 (flows)
-Num dissector calls: 180 (180.00 diss/flow)
+Num dissector calls: 181 (181.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/smbv1.pcap.out
+++ b/tests/cfgs/default/result/smbv1.pcap.out
@ -1,6 +1,6 @@
 DPI Packets (TCP):	3	(3.00 pkts/flow)
 Confidence DPI              : 1 (flows)
-Num dissector calls: 182 (182.00 diss/flow)
+Num dissector calls: 183 (183.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/smtp-starttls.pcap.out
+++ b/tests/cfgs/default/result/smtp-starttls.pcap.out
@ -1,6 +1,6 @@
 DPI Packets (TCP):	26	(13.00 pkts/flow)
 Confidence DPI              : 2 (flows)
-Num dissector calls: 178 (89.00 diss/flow)
+Num dissector calls: 179 (89.50 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/smtp.pcap.out
+++ b/tests/cfgs/default/result/smtp.pcap.out
@ -1,6 +1,6 @@
 DPI Packets (TCP):	11	(11.00 pkts/flow)
 Confidence DPI              : 1 (flows)
-Num dissector calls: 218 (218.00 diss/flow)
+Num dissector calls: 219 (219.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/soap.pcap.out
+++ b/tests/cfgs/default/result/soap.pcap.out
@ -1,6 +1,6 @@
 DPI Packets (TCP):	11	(3.67 pkts/flow)
 Confidence DPI              : 3 (flows)
-Num dissector calls: 415 (138.33 diss/flow)
+Num dissector calls: 417 (139.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/socks.pcap.out
+++ b/tests/cfgs/default/result/socks.pcap.out
@ -1,6 +1,6 @@
 DPI Packets (TCP):	23	(5.75 pkts/flow)
 Confidence DPI              : 4 (flows)
-Num dissector calls: 631 (157.75 diss/flow)
+Num dissector calls: 635 (158.75 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/starcraft_battle.pcap.out
+++ b/tests/cfgs/default/result/starcraft_battle.pcap.out
@ -6,7 +6,7 @@ DPI Packets (other):	1	(1.00 pkts/flow)
 Confidence Match by port    : 12 (flows)
 Confidence DPI              : 39 (flows)
 Confidence Match by IP      : 1 (flows)
-Num dissector calls: 1711 (32.90 diss/flow)
+Num dissector calls: 1714 (32.96 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/39/0 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/synscan.pcap.out
+++ b/tests/cfgs/default/result/synscan.pcap.out
@ -145,7 +145,7 @@ Unrated                       1848 107192        1844
 	48	TCP 172.16.0.8:36050 -> 64.13.134.52:2605 [proto: 13/BGP][IP: 0/Unknown][ClearText][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Network/14][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
 	49	TCP 172.16.0.8:36050 -> 64.13.134.52:3000 [proto: 26/ntop][IP: 0/Unknown][ClearText][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Network/14][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
 	50	TCP 172.16.0.8:36050 -> 64.13.134.52:3128 [proto: 131/HTTP_Proxy][IP: 0/Unknown][ClearText][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Web/5][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
-	51	TCP 172.16.0.8:36050 -> 64.13.134.52:3260 [proto: 432/iSCSI][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+	51	TCP 172.16.0.8:36050 -> 64.13.134.52:3260 [proto: 433/iSCSI][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
 	52	TCP 172.16.0.8:36050 -> 64.13.134.52:3300 [proto: 381/Ceph][IP: 0/Unknown][ClearText][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: DataTransfer/4][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
 	53	TCP 172.16.0.8:36050 -> 64.13.134.52:3306 [proto: 20/MySQL][IP: 0/Unknown][ClearText][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Database/11][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
 	54	TCP 172.16.0.8:36050 -> 64.13.134.52:3389 [proto: 88/RDP][IP: 0/Unknown][ClearText][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: RemoteAccess/12][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Desktop/File Sharing **** Unidirectional Traffic **][Risk Score: 20][Risk Info: No server to client traffic / Found RDP][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
@ -218,7 +218,7 @@ Unrated                       1848 107192        1844
 	121	TCP 172.16.0.8:36051 -> 64.13.134.52:2605 [proto: 13/BGP][IP: 0/Unknown][ClearText][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Network/14][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
 	122	TCP 172.16.0.8:36051 -> 64.13.134.52:3000 [proto: 26/ntop][IP: 0/Unknown][ClearText][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Network/14][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
 	123	TCP 172.16.0.8:36051 -> 64.13.134.52:3128 [proto: 131/HTTP_Proxy][IP: 0/Unknown][ClearText][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Web/5][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
-	124	TCP 172.16.0.8:36051 -> 64.13.134.52:3260 [proto: 432/iSCSI][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+	124	TCP 172.16.0.8:36051 -> 64.13.134.52:3260 [proto: 433/iSCSI][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
 	125	TCP 172.16.0.8:36051 -> 64.13.134.52:3300 [proto: 381/Ceph][IP: 0/Unknown][ClearText][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: DataTransfer/4][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
 	126	TCP 172.16.0.8:36051 -> 64.13.134.52:3306 [proto: 20/MySQL][IP: 0/Unknown][ClearText][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Database/11][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
 	127	TCP 172.16.0.8:36051 -> 64.13.134.52:3389 [proto: 88/RDP][IP: 0/Unknown][ClearText][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: RemoteAccess/12][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Desktop/File Sharing **** Unidirectional Traffic **][Risk Score: 20][Risk Info: No server to client traffic / Found RDP][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
--- a/tests/cfgs/default/result/teams.pcap.out
+++ b/tests/cfgs/default/result/teams.pcap.out
@ -7,7 +7,7 @@ Confidence Unknown          : 1 (flows)
 Confidence Match by port    : 1 (flows)
 Confidence DPI (partial)    : 5 (flows)
 Confidence DPI              : 76 (flows)
-Num dissector calls: 524 (6.31 diss/flow)
+Num dissector calls: 525 (6.33 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/9/0 (insert/search/found)
 LRU cache stun:       30/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/telegram_videocall.pcapng.out
+++ b/tests/cfgs/default/result/telegram_videocall.pcapng.out
@ -7,7 +7,7 @@ Confidence DPI (partial)    : 1 (flows)
 Confidence DPI (cache)      : 10 (flows)
 Confidence DPI              : 15 (flows)
 Confidence Match by IP      : 8 (flows)
-Num dissector calls: 762 (22.41 diss/flow)
+Num dissector calls: 763 (22.44 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/6/0 (insert/search/found)
 LRU cache stun:       38/49/10 (insert/search/found)
--- a/tests/cfgs/default/result/telnet.pcap.out
+++ b/tests/cfgs/default/result/telnet.pcap.out
@ -1,6 +1,6 @@
 DPI Packets (TCP):	32	(32.00 pkts/flow)
 Confidence DPI              : 1 (flows)
-Num dissector calls: 178 (178.00 diss/flow)
+Num dissector calls: 179 (179.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/threema.pcap.out
+++ b/tests/cfgs/default/result/threema.pcap.out
@ -3,7 +3,7 @@ Guessed flow protos:	2
 DPI Packets (TCP):	66	(11.00 pkts/flow)
 Confidence DPI              : 4 (flows)
 Confidence Match by IP      : 2 (flows)
-Num dissector calls: 1338 (223.00 diss/flow)
+Num dissector calls: 1344 (224.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/6/0 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/tinc.pcap.out
+++ b/tests/cfgs/default/result/tinc.pcap.out
@ -2,7 +2,7 @@ DPI Packets (TCP):	19	(9.50 pkts/flow)
 DPI Packets (UDP):	2	(1.00 pkts/flow)
 Confidence DPI (cache)      : 2 (flows)
 Confidence DPI              : 2 (flows)
-Num dissector calls: 537 (134.25 diss/flow)
+Num dissector calls: 539 (134.75 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/tls-appdata.pcap.out
+++ b/tests/cfgs/default/result/tls-appdata.pcap.out
@ -1,6 +1,6 @@
 DPI Packets (TCP):	17	(8.50 pkts/flow)
 Confidence DPI              : 2 (flows)
-Num dissector calls: 158 (79.00 diss/flow)
+Num dissector calls: 159 (79.50 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/tls_certificate_too_long.pcap.out
+++ b/tests/cfgs/default/result/tls_certificate_too_long.pcap.out
@ -6,7 +6,7 @@ DPI Packets (other):	2	(1.00 pkts/flow)
 Confidence Unknown          : 1 (flows)
 Confidence Match by port    : 1 (flows)
 Confidence DPI              : 33 (flows)
-Num dissector calls: 656 (18.74 diss/flow)
+Num dissector calls: 659 (18.83 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/6/0 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/tls_false_positives.pcapng.out
+++ b/tests/cfgs/default/result/tls_false_positives.pcapng.out
@ -1,6 +1,6 @@
 DPI Packets (TCP):	13	(13.00 pkts/flow)
 Confidence Unknown          : 1 (flows)
-Num dissector calls: 248 (248.00 diss/flow)
+Num dissector calls: 249 (249.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/3/0 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/tls_heur__shadowsocks-tcp.pcapng.out
+++ b/tests/cfgs/default/result/tls_heur__shadowsocks-tcp.pcapng.out
@ -2,7 +2,7 @@ DPI Packets (TCP):	34	(11.33 pkts/flow)
 DPI Packets (UDP):	3	(3.00 pkts/flow)
 Confidence Unknown          : 1 (flows)
 Confidence DPI              : 3 (flows)
-Num dissector calls: 415 (103.75 diss/flow)
+Num dissector calls: 417 (104.25 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/3/0 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/tls_heur__trojan-tcp-tls.pcapng.out
+++ b/tests/cfgs/default/result/tls_heur__trojan-tcp-tls.pcapng.out
@ -1,7 +1,7 @@
 DPI Packets (TCP):	18	(6.00 pkts/flow)
 DPI Packets (UDP):	15	(2.14 pkts/flow)
 Confidence DPI              : 10 (flows)
-Num dissector calls: 168 (16.80 diss/flow)
+Num dissector calls: 169 (16.90 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/tls_heur__vmess-tcp-tls.pcapng.out
+++ b/tests/cfgs/default/result/tls_heur__vmess-tcp-tls.pcapng.out
@ -1,7 +1,7 @@
 DPI Packets (TCP):	18	(6.00 pkts/flow)
 DPI Packets (UDP):	15	(2.14 pkts/flow)
 Confidence DPI              : 10 (flows)
-Num dissector calls: 168 (16.80 diss/flow)
+Num dissector calls: 169 (16.90 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/tls_heur__vmess-tcp.pcapng.out
+++ b/tests/cfgs/default/result/tls_heur__vmess-tcp.pcapng.out
@ -2,7 +2,7 @@ DPI Packets (TCP):	38	(12.67 pkts/flow)
 DPI Packets (UDP):	3	(3.00 pkts/flow)
 Confidence Unknown          : 1 (flows)
 Confidence DPI              : 3 (flows)
-Num dissector calls: 418 (104.50 diss/flow)
+Num dissector calls: 420 (105.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/3/0 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/tls_heur__vmess-websocket.pcapng.out
+++ b/tests/cfgs/default/result/tls_heur__vmess-websocket.pcapng.out
@ -1,7 +1,7 @@
 DPI Packets (TCP):	18	(6.00 pkts/flow)
 DPI Packets (UDP):	2	(2.00 pkts/flow)
 Confidence DPI              : 4 (flows)
-Num dissector calls: 174 (43.50 diss/flow)
+Num dissector calls: 175 (43.75 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/tls_invalid_reads.pcap.out
+++ b/tests/cfgs/default/result/tls_invalid_reads.pcap.out
@ -3,7 +3,7 @@ Guessed flow protos:	1
 DPI Packets (TCP):	10	(3.33 pkts/flow)
 Confidence Match by port    : 1 (flows)
 Confidence DPI              : 2 (flows)
-Num dissector calls: 158 (52.67 diss/flow)
+Num dissector calls: 159 (53.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/3/0 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/tls_missing_ch_frag.pcap.out
+++ b/tests/cfgs/default/result/tls_missing_ch_frag.pcap.out
@ -1,6 +1,6 @@
 DPI Packets (TCP):	14	(14.00 pkts/flow)
 Confidence DPI              : 1 (flows)
-Num dissector calls: 157 (157.00 diss/flow)
+Num dissector calls: 158 (158.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/tls_unidirectional.pcap.out
+++ b/tests/cfgs/default/result/tls_unidirectional.pcap.out
@ -2,7 +2,7 @@ Guessed flow protos:	1

 DPI Packets (TCP):	8	(8.00 pkts/flow)
 Confidence Match by port    : 1 (flows)
-Num dissector calls: 156 (156.00 diss/flow)
+Num dissector calls: 157 (157.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/3/0 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/tls_with_huge_ch.pcapng.out
+++ b/tests/cfgs/default/result/tls_with_huge_ch.pcapng.out
@ -1,6 +1,6 @@
 DPI Packets (TCP):	32	(32.00 pkts/flow)
 Confidence DPI              : 1 (flows)
-Num dissector calls: 285 (285.00 diss/flow)
+Num dissector calls: 286 (286.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/3/0 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/viber.pcap.out
+++ b/tests/cfgs/default/result/viber.pcap.out
@ -5,7 +5,7 @@ DPI Packets (UDP):	34	(2.27 pkts/flow)
 DPI Packets (other):	2	(1.00 pkts/flow)
 Confidence Match by port    : 4 (flows)
 Confidence DPI              : 26 (flows)
-Num dissector calls: 465 (15.50 diss/flow)
+Num dissector calls: 466 (15.53 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/12/0 (insert/search/found)
 LRU cache stun:       3/6/0 (insert/search/found)
--- a/tests/cfgs/default/result/vnc.pcap.out
+++ b/tests/cfgs/default/result/vnc.pcap.out
@ -1,6 +1,6 @@
 DPI Packets (TCP):	10	(5.00 pkts/flow)
 Confidence DPI              : 2 (flows)
-Num dissector calls: 326 (163.00 diss/flow)
+Num dissector calls: 328 (164.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/wa_video.pcap.out
+++ b/tests/cfgs/default/result/wa_video.pcap.out
@ -5,7 +5,7 @@ DPI Packets (UDP):	44	(3.38 pkts/flow)
 Confidence DPI (cache)      : 2 (flows)
 Confidence DPI              : 11 (flows)
 Confidence Match by IP      : 1 (flows)
-Num dissector calls: 373 (26.64 diss/flow)
+Num dissector calls: 374 (26.71 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/3/0 (insert/search/found)
 LRU cache stun:       14/2/2 (insert/search/found)
--- a/tests/cfgs/default/result/waze.pcap.out
+++ b/tests/cfgs/default/result/waze.pcap.out
@ -5,7 +5,7 @@ DPI Packets (UDP):	1	(1.00 pkts/flow)
 Confidence Unknown          : 1 (flows)
 Confidence Match by port    : 9 (flows)
 Confidence DPI              : 23 (flows)
-Num dissector calls: 391 (11.85 diss/flow)
+Num dissector calls: 392 (11.88 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/30/0 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/wechat.pcap.out
+++ b/tests/cfgs/default/result/wechat.pcap.out
@ -6,7 +6,7 @@ DPI Packets (other):	7	(1.00 pkts/flow)
 Confidence Match by port    : 24 (flows)
 Confidence DPI              : 78 (flows)
 Confidence Match by IP      : 1 (flows)
-Num dissector calls: 329 (3.19 diss/flow)
+Num dissector calls: 330 (3.20 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/75/0 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)
--- a/tests/cfgs/default/result/whatsapp.pcap.out
+++ b/tests/cfgs/default/result/whatsapp.pcap.out
@ -1,6 +1,6 @@
 DPI Packets (TCP):	344	(4.00 pkts/flow)
 Confidence DPI              : 86 (flows)
-Num dissector calls: 14620 (170.00 diss/flow)
+Num dissector calls: 14706 (171.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache stun:       0/0/0 (insert/search/found)
--- a/Show more
+++ b/Show more