Fix RESP detection (#2289)

* Rename redis_net.c to resp.c * Fix RESP detection
author: Vladimir Gavrilov <105977161+0xA50C1A1@users.noreply.github.com> 2024-01-27 23:19:34 +0300
committer: GitHub <noreply@github.com> 2024-01-27 21:19:34 +0100
commit: c807d84054f605202bd9633092b16627a8a5e790 (patch)
tree: 0c8d1633c61f474ce24ea9480653d03d22d8dfe3
parent: 8e562c4ecda06d9da9d394453e5ade54c0344d90 (diff)
82 files changed, 196 insertions, 176 deletions
diff --git a/doc/protocols.rst b/doc/protocols.rst
index 5dfef92a7..68e731af2 100644
--- a/doc/protocols.rst
+++ b/doc/protocols.rst
@@ -32,6 +32,14 @@ A Remote Procedure Call protocol over HTTP from Microsoft.
 References: `Protocol Specs: <https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-rpch/c0f4c9c5-1a61-4d10-b8e2-005378d1d212`_
 
 
+.. _Proto 182:
+
+`NDPI_PROTOCOL_RESP`
+=======================
+Redis Serialization Protocol
+
+References: `Protocol Specs: <https://redis.io/docs/reference/protocol-spec/`_
+
 .. _Proto 201:
 
 `NDPI_PROTOCOL_GOOGLE_MEET`
diff --git a/src/include/ndpi_private.h b/src/include/ndpi_private.h
index 8802421d6..ecb4dae04 100644
--- a/src/include/ndpi_private.h
+++ b/src/include/ndpi_private.h
@@ -565,7 +565,7 @@ void init_quake_dissector(struct ndpi_detection_module_struct *ndpi_struct, u_in
 void init_quic_dissector(struct ndpi_detection_module_struct *ndpi_struct, u_int32_t *id);
 void init_radius_dissector(struct ndpi_detection_module_struct *ndpi_struct, u_int32_t *id);
 void init_rdp_dissector(struct ndpi_detection_module_struct *ndpi_struct, u_int32_t *id);
-void init_redis_dissector(struct ndpi_detection_module_struct *ndpi_struct, u_int32_t *id);
+void init_resp_dissector(struct ndpi_detection_module_struct *ndpi_struct, u_int32_t *id);
 void init_rsync_dissector(struct ndpi_detection_module_struct *ndpi_struct, u_int32_t *id);
 void init_rtcp_dissector(struct ndpi_detection_module_struct *ndpi_struct, u_int32_t *id);
 void init_rtmp_dissector(struct ndpi_detection_module_struct *ndpi_struct, u_int32_t *id);
diff --git a/src/include/ndpi_protocol_ids.h b/src/include/ndpi_protocol_ids.h
index cd3729994..d614c5297 100644
--- a/src/include/ndpi_protocol_ids.h
+++ b/src/include/ndpi_protocol_ids.h
@@ -210,7 +210,7 @@ typedef enum {
   NDPI_PROTOCOL_EBAY                  = 179,
   NDPI_PROTOCOL_CNN                   = 180,
   NDPI_PROTOCOL_MEGACO                = 181,
-  NDPI_PROTOCOL_REDIS                 = 182,
+  NDPI_PROTOCOL_RESP                  = 182,
   NDPI_PROTOCOL_PINTEREST             = 183,
   NDPI_PROTOCOL_VHUA                  = 184,
   NDPI_PROTOCOL_TELEGRAM              = 185,
diff --git a/src/include/ndpi_typedefs.h b/src/include/ndpi_typedefs.h
index 06adf1f55..72e2cd704 100644
--- a/src/include/ndpi_typedefs.h
+++ b/src/include/ndpi_typedefs.h
@@ -1413,9 +1413,6 @@ struct ndpi_flow_struct {
 
   ndpi_protocol_category_t category;
 
-  /* NDPI_PROTOCOL_REDIS */
-  u_int8_t redis_s2d_first_char, redis_d2s_first_char;
-
   /* Only packets with L5 data (ie no TCP SYN, pure ACKs, ...) */
   u_int16_t packet_counter;		      // can be 0 - 65000
   u_int16_t packet_direction_counter[2];
diff --git a/src/lib/ndpi_main.c b/src/lib/ndpi_main.c
index df70e26ab..0ecf3b6a3 100644
--- a/src/lib/ndpi_main.c
+++ b/src/lib/ndpi_main.c
@@ -1682,8 +1682,8 @@ static void ndpi_init_protocol_defaults(struct ndpi_detection_module_struct *ndp
 			  "Megaco", NDPI_PROTOCOL_CATEGORY_VOIP,
 			  ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0),     /* TCP */
 			  ndpi_build_default_ports(ports_b, 2944, 0, 0, 0, 0)); /* UDP */
-  ndpi_set_proto_defaults(ndpi_str, 1 /* cleartext */, 0 /* nw proto */, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_REDIS,
-			  "Redis", NDPI_PROTOCOL_CATEGORY_DATABASE,
+  ndpi_set_proto_defaults(ndpi_str, 1 /* cleartext */, 0 /* nw proto */, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_RESP,
+			  "RESP", NDPI_PROTOCOL_CATEGORY_DATABASE,
 			  ndpi_build_default_ports(ports_a, 6379, 0, 0, 0, 0), /* TCP */
 			  ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0));   /* UDP */
   ndpi_set_proto_defaults(ndpi_str, 1 /* cleartext */, 0 /* nw proto */, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_ZMQ,
@@ -5511,8 +5511,8 @@ static int ndpi_callback_init(struct ndpi_detection_module_struct *ndpi_str) {
   /* MEGACO */
   init_megaco_dissector(ndpi_str, &a);
 
-  /* REDIS */
-  init_redis_dissector(ndpi_str, &a);
+  /* RESP */
+  init_resp_dissector(ndpi_str, &a);
 
   /* VHUA */
   init_vhua_dissector(ndpi_str, &a);
diff --git a/src/lib/protocols/redis_net.c b/src/lib/protocols/redis_net.c
deleted file mode 100644
index a25d72f0c..000000000
--- a/src/lib/protocols/redis_net.c
+++ /dev/null
@@ -1,94 +0,0 @@
-/*
- * redis.c
- *
- * Copyright (C) 2011-22 - ntop.org
- *
- * nDPI is free software: you can redistribute it and/or modify
- * it under the terms of the GNU Lesser General Public License as published by
- * the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.
- *
- * nDPI is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public License
- * along with nDPI.  If not, see <http://www.gnu.org/licenses/>.
- * 
- */
-
-#include "ndpi_protocol_ids.h"
-
-#define NDPI_CURRENT_PROTO NDPI_PROTOCOL_REDIS
-
-#include "ndpi_api.h"
-#include "ndpi_private.h"
-
-
-static void ndpi_int_redis_add_connection(struct ndpi_detection_module_struct *ndpi_struct, struct ndpi_flow_struct *flow) {
-  ndpi_set_detected_protocol(ndpi_struct, flow, NDPI_PROTOCOL_REDIS, NDPI_PROTOCOL_UNKNOWN, NDPI_CONFIDENCE_DPI);
-}
-
-
-static void ndpi_check_redis(struct ndpi_detection_module_struct *ndpi_struct, struct ndpi_flow_struct *flow) {
-  struct ndpi_packet_struct *packet = &ndpi_struct->packet;
-  
-  /* Break after 10 packets. */
-  if(flow->packet_counter > 10) {
-    NDPI_EXCLUDE_PROTO(ndpi_struct, flow);
-    return;
-  }
-
-  if(packet->packet_direction == 0)
-    flow->redis_s2d_first_char = packet->payload[0];
-  else
-    flow->redis_d2s_first_char = packet->payload[0];
-
-  if((flow->redis_s2d_first_char != '\0') && (flow->redis_d2s_first_char != '\0')) {
-    /*
-     *1
-     $4
-     PING
-     +PONG
-     *3
-     $3
-     SET
-     $19
-     dns.cache.127.0.0.1
-     $9
-     localhost
-     +OK
-    */
-
-    if(((flow->redis_s2d_first_char == '*') 
-	&& ((flow->redis_d2s_first_char == '+') || (flow->redis_d2s_first_char == ':')))
-       || ((flow->redis_d2s_first_char == '*') 
-	   && ((flow->redis_s2d_first_char == '+') || (flow->redis_s2d_first_char == ':')))) {
-      NDPI_LOG_INFO(ndpi_struct, "Found Redis\n");
-      ndpi_int_redis_add_connection(ndpi_struct, flow);
-    } else {
-      NDPI_EXCLUDE_PROTO(ndpi_struct, flow);
-    }
-  } else
-    return; /* Too early */
-}
-
-static void ndpi_search_redis(struct ndpi_detection_module_struct *ndpi_struct, struct ndpi_flow_struct *flow) {
-  NDPI_LOG_DBG(ndpi_struct, "search Redis\n");
-
-  ndpi_check_redis(ndpi_struct, flow);
-}
-
-
-void init_redis_dissector(struct ndpi_detection_module_struct *ndpi_struct, u_int32_t *id)
-{
-  ndpi_set_bitmask_protocol_detection("Redis", ndpi_struct, *id,
-				      NDPI_PROTOCOL_REDIS,
-				      ndpi_search_redis,
-				      NDPI_SELECTION_BITMASK_PROTOCOL_V4_V6_TCP_WITH_PAYLOAD_WITHOUT_RETRANSMISSION,
-				      SAVE_DETECTION_BITMASK_AS_UNKNOWN,
-				      ADD_TO_DETECTION_BITMASK);
-
-  *id += 1;
-}
diff --git a/src/lib/protocols/resp.c b/src/lib/protocols/resp.c
new file mode 100644
index 000000000..330124bea
--- /dev/null
+++ b/src/lib/protocols/resp.c
@@ -0,0 +1,81 @@
+/*
+ * resp.c
+ *
+ * Redis Serialization Protocol
+ * 
+ * Copyright (C) 2024 - ntop.org
+ * Copyright (C) 2024 - V.G <jacendi@protonmail.com>
+ *
+ * This file is part of nDPI, an open source deep packet inspection
+ * library based on the OpenDPI and PACE technology by ipoque GmbH
+ *
+ * nDPI is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * nDPI is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with nDPI.  If not, see <http://www.gnu.org/licenses/>.
+ * 
+ */
+
+#include "ndpi_protocol_ids.h"
+
+#define NDPI_CURRENT_PROTO NDPI_PROTOCOL_RESP
+
+#include "ndpi_api.h"
+#include "ndpi_private.h"
+
+static void ndpi_search_resp(struct ndpi_detection_module_struct *ndpi_struct,
+                             struct ndpi_flow_struct *flow)
+{
+  struct ndpi_packet_struct const * const packet = &ndpi_struct->packet;
+
+  NDPI_LOG_DBG(ndpi_struct, "search RESP\n");
+  
+  if (packet->payload_packet_len < 10)
+    goto exclude;
+
+  switch(packet->payload[0])
+  {
+    case '*':
+    case '$':
+    case '~':
+      break;
+    default:
+      goto exclude;
+  }
+
+  u_int8_t offset = 1;
+  while (offset < 4 && packet->payload[offset] != '\r')
+  {
+    if (!ndpi_isdigit(packet->payload[offset]))
+      goto exclude;
+    offset++;
+  }
+
+  if (memcmp(&packet->payload[offset], "\r\n", 2) == 0) {
+    NDPI_LOG_INFO(ndpi_struct, "found RESP\n");
+    ndpi_set_detected_protocol(ndpi_struct, flow, NDPI_PROTOCOL_RESP,
+                               NDPI_PROTOCOL_UNKNOWN, NDPI_CONFIDENCE_DPI);
+  }
+
+exclude:
+  NDPI_EXCLUDE_PROTO(ndpi_struct, flow);
+}
+
+void init_resp_dissector(struct ndpi_detection_module_struct *ndpi_struct, u_int32_t *id)
+{
+  ndpi_set_bitmask_protocol_detection("RESP", ndpi_struct, *id,
+				      NDPI_PROTOCOL_RESP,
+				      ndpi_search_resp,
+				      NDPI_SELECTION_BITMASK_PROTOCOL_V4_V6_TCP_WITH_PAYLOAD_WITHOUT_RETRANSMISSION,
+				      SAVE_DETECTION_BITMASK_AS_UNKNOWN,
+				      ADD_TO_DETECTION_BITMASK);
+  *id += 1;
+}
diff --git a/tests/cfgs/caches_cfg/result/ookla.pcap.out b/tests/cfgs/caches_cfg/result/ookla.pcap.out
index 538cacab9..7367c6f04 100644
--- a/tests/cfgs/caches_cfg/result/ookla.pcap.out
+++ b/tests/cfgs/caches_cfg/result/ookla.pcap.out
@@ -3,7 +3,7 @@ Guessed flow protos:	1
 DPI Packets (TCP):	40	(6.67 pkts/flow)
 Confidence Match by port    : 1 (flows)
 Confidence DPI              : 5 (flows)
-Num dissector calls: 562 (93.67 diss/flow)
+Num dissector calls: 559 (93.17 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/3/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
diff --git a/tests/cfgs/caches_cfg/result/teams.pcap.out b/tests/cfgs/caches_cfg/result/teams.pcap.out
index 9ce096c21..6a16cb21c 100644
--- a/tests/cfgs/caches_cfg/result/teams.pcap.out
+++ b/tests/cfgs/caches_cfg/result/teams.pcap.out
@@ -6,7 +6,7 @@ DPI Packets (other):	1	(1.00 pkts/flow)
 Confidence Unknown          : 1 (flows)
 Confidence Match by port    : 2 (flows)
 Confidence DPI              : 80 (flows)
-Num dissector calls: 530 (6.39 diss/flow)
+Num dissector calls: 529 (6.37 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/9/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
diff --git a/tests/cfgs/default/pcap/resp.pcap b/tests/cfgs/default/pcap/resp.pcap
new file mode 100644
index 000000000..b49c172ce
--- /dev/null
+++ b/tests/cfgs/default/pcap/resp.pcap
diff --git a/tests/cfgs/default/result/1kxun.pcap.out b/tests/cfgs/default/result/1kxun.pcap.out
index afc63273b..bccc4df43 100644
--- a/tests/cfgs/default/result/1kxun.pcap.out
+++ b/tests/cfgs/default/result/1kxun.pcap.out
@@ -5,7 +5,7 @@ DPI Packets (UDP):	120	(1.21 pkts/flow)
 Confidence Unknown          : 14 (flows)
 Confidence Match by port    : 6 (flows)
 Confidence DPI              : 177 (flows)
-Num dissector calls: 4933 (25.04 diss/flow)
+Num dissector calls: 4925 (25.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/60/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
diff --git a/tests/cfgs/default/result/KakaoTalk_chat.pcap.out b/tests/cfgs/default/result/KakaoTalk_chat.pcap.out
index 49ac805d9..8fdd9323f 100644
--- a/tests/cfgs/default/result/KakaoTalk_chat.pcap.out
+++ b/tests/cfgs/default/result/KakaoTalk_chat.pcap.out
@@ -5,7 +5,7 @@ DPI Packets (UDP):	36	(2.00 pkts/flow)
 DPI Packets (other):	1	(1.00 pkts/flow)
 Confidence Match by port    : 5 (flows)
 Confidence DPI              : 33 (flows)
-Num dissector calls: 571 (15.03 diss/flow)
+Num dissector calls: 568 (14.95 diss/flow)
 LRU cache ookla:      0/1/0 (insert/search/found)
 LRU cache bittorrent: 0/15/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
diff --git a/tests/cfgs/default/result/KakaoTalk_talk.pcap.out b/tests/cfgs/default/result/KakaoTalk_talk.pcap.out
index 84fb1676f..24f6f6225 100644
--- a/tests/cfgs/default/result/KakaoTalk_talk.pcap.out
+++ b/tests/cfgs/default/result/KakaoTalk_talk.pcap.out
@@ -5,7 +5,7 @@ DPI Packets (UDP):	10	(2.00 pkts/flow)
 Confidence Match by port    : 8 (flows)
 Confidence DPI              : 11 (flows)
 Confidence Match by IP      : 1 (flows)
-Num dissector calls: 1196 (59.80 diss/flow)
+Num dissector calls: 1192 (59.60 diss/flow)
 LRU cache ookla:      0/2/0 (insert/search/found)
 LRU cache bittorrent: 0/27/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
diff --git a/tests/cfgs/default/result/Oscar.pcap.out b/tests/cfgs/default/result/Oscar.pcap.out
index bb608bdf3..ccf34a077 100644
--- a/tests/cfgs/default/result/Oscar.pcap.out
+++ b/tests/cfgs/default/result/Oscar.pcap.out
@@ -2,7 +2,7 @@ Guessed flow protos:	1
 
 DPI Packets (TCP):	21	(21.00 pkts/flow)
 Confidence Match by port    : 1 (flows)
-Num dissector calls: 262 (262.00 diss/flow)
+Num dissector calls: 261 (261.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/3/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
diff --git a/tests/cfgs/default/result/amqp.pcap.out b/tests/cfgs/default/result/amqp.pcap.out
index ade7a1253..91aecd194 100644
--- a/tests/cfgs/default/result/amqp.pcap.out
+++ b/tests/cfgs/default/result/amqp.pcap.out
@@ -1,6 +1,6 @@
 DPI Packets (TCP):	9	(3.00 pkts/flow)
 Confidence DPI              : 3 (flows)
-Num dissector calls: 386 (128.67 diss/flow)
+Num dissector calls: 383 (127.67 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
diff --git a/tests/cfgs/default/result/anyconnect-vpn.pcap.out b/tests/cfgs/default/result/anyconnect-vpn.pcap.out
index d0c42fd9e..e68955e7e 100644
--- a/tests/cfgs/default/result/anyconnect-vpn.pcap.out
+++ b/tests/cfgs/default/result/anyconnect-vpn.pcap.out
@@ -6,7 +6,7 @@ DPI Packets (other):	10	(1.00 pkts/flow)
 Confidence Unknown          : 2 (flows)
 Confidence Match by port    : 6 (flows)
 Confidence DPI              : 61 (flows)
-Num dissector calls: 866 (12.55 diss/flow)
+Num dissector calls: 861 (12.48 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/24/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
diff --git a/tests/cfgs/default/result/bittorrent_tcp_miss.pcapng.out b/tests/cfgs/default/result/bittorrent_tcp_miss.pcapng.out
index a865a13cd..a741e7e44 100644
--- a/tests/cfgs/default/result/bittorrent_tcp_miss.pcapng.out
+++ b/tests/cfgs/default/result/bittorrent_tcp_miss.pcapng.out
@@ -1,6 +1,6 @@
 DPI Packets (TCP):	10	(10.00 pkts/flow)
 Confidence DPI              : 1 (flows)
-Num dissector calls: 242 (242.00 diss/flow)
+Num dissector calls: 241 (241.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 5/0/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
diff --git a/tests/cfgs/default/result/cloudflare-warp.pcap.out b/tests/cfgs/default/result/cloudflare-warp.pcap.out
index 03f09cb82..4cf53f0fb 100644
--- a/tests/cfgs/default/result/cloudflare-warp.pcap.out
+++ b/tests/cfgs/default/result/cloudflare-warp.pcap.out
@@ -4,7 +4,7 @@ DPI Packets (TCP):	41	(5.12 pkts/flow)
 Confidence Match by port    : 2 (flows)
 Confidence DPI              : 5 (flows)
 Confidence Match by IP      : 1 (flows)
-Num dissector calls: 199 (24.88 diss/flow)
+Num dissector calls: 198 (24.75 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/9/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
diff --git a/tests/cfgs/default/result/emotet.pcap.out b/tests/cfgs/default/result/emotet.pcap.out
index 298fded32..e524b6157 100644
--- a/tests/cfgs/default/result/emotet.pcap.out
+++ b/tests/cfgs/default/result/emotet.pcap.out
@@ -1,6 +1,6 @@
 DPI Packets (TCP):	48	(8.00 pkts/flow)
 Confidence DPI              : 6 (flows)
-Num dissector calls: 217 (36.17 diss/flow)
+Num dissector calls: 216 (36.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
diff --git a/tests/cfgs/default/result/fastcgi.pcap.out b/tests/cfgs/default/result/fastcgi.pcap.out
index 458b94b86..810923d4a 100644
--- a/tests/cfgs/default/result/fastcgi.pcap.out
+++ b/tests/cfgs/default/result/fastcgi.pcap.out
@@ -1,6 +1,6 @@
 DPI Packets (TCP):	6	(6.00 pkts/flow)
 Confidence DPI              : 1 (flows)
-Num dissector calls: 168 (168.00 diss/flow)
+Num dissector calls: 167 (167.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
diff --git a/tests/cfgs/default/result/ftp-start-tls.pcap.out b/tests/cfgs/default/result/ftp-start-tls.pcap.out
index 0b2725877..2dcdbba55 100644
--- a/tests/cfgs/default/result/ftp-start-tls.pcap.out
+++ b/tests/cfgs/default/result/ftp-start-tls.pcap.out
@@ -1,6 +1,6 @@
 DPI Packets (TCP):	17	(17.00 pkts/flow)
 Confidence DPI              : 1 (flows)
-Num dissector calls: 170 (170.00 diss/flow)
+Num dissector calls: 169 (169.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
diff --git a/tests/cfgs/default/result/ftp.pcap.out b/tests/cfgs/default/result/ftp.pcap.out
index 96e57e2e4..58a39857c 100644
--- a/tests/cfgs/default/result/ftp.pcap.out
+++ b/tests/cfgs/default/result/ftp.pcap.out
@@ -1,7 +1,7 @@
 DPI Packets (TCP):	39	(13.00 pkts/flow)
 Confidence Unknown          : 1 (flows)
 Confidence DPI              : 2 (flows)
-Num dissector calls: 541 (180.33 diss/flow)
+Num dissector calls: 531 (177.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/3/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
diff --git a/tests/cfgs/default/result/ftp_failed.pcap.out b/tests/cfgs/default/result/ftp_failed.pcap.out
index 4d903f2af..afbc98257 100644
--- a/tests/cfgs/default/result/ftp_failed.pcap.out
+++ b/tests/cfgs/default/result/ftp_failed.pcap.out
@@ -1,6 +1,6 @@
 DPI Packets (TCP):	8	(8.00 pkts/flow)
 Confidence DPI              : 1 (flows)
-Num dissector calls: 169 (169.00 diss/flow)
+Num dissector calls: 168 (168.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
diff --git a/tests/cfgs/default/result/fuzz-2006-06-26-2594.pcap.out b/tests/cfgs/default/result/fuzz-2006-06-26-2594.pcap.out
index 8edf6c69f..3da5b4e95 100644
--- a/tests/cfgs/default/result/fuzz-2006-06-26-2594.pcap.out
+++ b/tests/cfgs/default/result/fuzz-2006-06-26-2594.pcap.out
@@ -6,7 +6,7 @@ DPI Packets (other):	5	(1.00 pkts/flow)
 Confidence Unknown          : 34 (flows)
 Confidence Match by port    : 27 (flows)
 Confidence DPI              : 190 (flows)
-Num dissector calls: 7136 (28.43 diss/flow)
+Num dissector calls: 7135 (28.43 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/189/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
diff --git a/tests/cfgs/default/result/fuzz-2006-09-29-28586.pcap.out b/tests/cfgs/default/result/fuzz-2006-09-29-28586.pcap.out
index 71f3ddc19..655910b35 100644
--- a/tests/cfgs/default/result/fuzz-2006-09-29-28586.pcap.out
+++ b/tests/cfgs/default/result/fuzz-2006-09-29-28586.pcap.out
@@ -5,7 +5,7 @@ DPI Packets (other):	1	(1.00 pkts/flow)
 Confidence Unknown          : 3 (flows)
 Confidence Match by port    : 26 (flows)
 Confidence DPI              : 11 (flows)
-Num dissector calls: 1107 (27.67 diss/flow)
+Num dissector calls: 1103 (27.58 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/87/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
diff --git a/tests/cfgs/default/result/google_ssl.pcap.out b/tests/cfgs/default/result/google_ssl.pcap.out
index 5a3a2ce4d..7e929f53e 100644
--- a/tests/cfgs/default/result/google_ssl.pcap.out
+++ b/tests/cfgs/default/result/google_ssl.pcap.out
@@ -2,7 +2,7 @@ Guessed flow protos:	1
 
 DPI Packets (TCP):	24	(24.00 pkts/flow)
 Confidence Match by port    : 1 (flows)
-Num dissector calls: 206 (206.00 diss/flow)
+Num dissector calls: 205 (205.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/3/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
diff --git a/tests/cfgs/default/result/imap-starttls.pcap.out b/tests/cfgs/default/result/imap-starttls.pcap.out
index 8bdc8ff1e..0c35f2604 100644
--- a/tests/cfgs/default/result/imap-starttls.pcap.out
+++ b/tests/cfgs/default/result/imap-starttls.pcap.out
@@ -1,6 +1,6 @@
 DPI Packets (TCP):	19	(19.00 pkts/flow)
 Confidence DPI              : 1 (flows)
-Num dissector calls: 218 (218.00 diss/flow)
+Num dissector calls: 217 (217.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
diff --git a/tests/cfgs/default/result/imap.pcap.out b/tests/cfgs/default/result/imap.pcap.out
index be131215a..2599401d2 100644
--- a/tests/cfgs/default/result/imap.pcap.out
+++ b/tests/cfgs/default/result/imap.pcap.out
@@ -1,6 +1,6 @@
 DPI Packets (TCP):	11	(11.00 pkts/flow)
 Confidence DPI              : 1 (flows)
-Num dissector calls: 218 (218.00 diss/flow)
+Num dissector calls: 217 (217.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
diff --git a/tests/cfgs/default/result/instagram.pcap.out b/tests/cfgs/default/result/instagram.pcap.out
index 29e71c320..85fe6e17e 100644
--- a/tests/cfgs/default/result/instagram.pcap.out
+++ b/tests/cfgs/default/result/instagram.pcap.out
@@ -6,7 +6,7 @@ DPI Packets (other):	1	(1.00 pkts/flow)
 Confidence Unknown          : 1 (flows)
 Confidence Match by port    : 7 (flows)
 Confidence DPI              : 30 (flows)
-Num dissector calls: 1413 (37.18 diss/flow)
+Num dissector calls: 1373 (36.13 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/24/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
diff --git a/tests/cfgs/default/result/irc.pcap.out b/tests/cfgs/default/result/irc.pcap.out
index 9c9460312..e8b22ea9c 100644
--- a/tests/cfgs/default/result/irc.pcap.out
+++ b/tests/cfgs/default/result/irc.pcap.out
@@ -1,6 +1,6 @@
 DPI Packets (TCP):	7	(7.00 pkts/flow)
 Confidence DPI              : 1 (flows)
-Num dissector calls: 174 (174.00 diss/flow)
+Num dissector calls: 173 (173.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
diff --git a/tests/cfgs/default/result/iso9506-1-mms.pcap.out b/tests/cfgs/default/result/iso9506-1-mms.pcap.out
index 0b27da5bc..28ea8ca15 100644
--- a/tests/cfgs/default/result/iso9506-1-mms.pcap.out
+++ b/tests/cfgs/default/result/iso9506-1-mms.pcap.out
@@ -1,6 +1,6 @@
 DPI Packets (TCP):	7	(7.00 pkts/flow)
 Confidence DPI              : 1 (flows)
-Num dissector calls: 191 (191.00 diss/flow)
+Num dissector calls: 190 (190.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
diff --git a/tests/cfgs/default/result/jabber.pcap.out b/tests/cfgs/default/result/jabber.pcap.out
index 95e99aecd..10364f8ce 100644
--- a/tests/cfgs/default/result/jabber.pcap.out
+++ b/tests/cfgs/default/result/jabber.pcap.out
@@ -1,6 +1,6 @@
 DPI Packets (TCP):	74	(6.17 pkts/flow)
 Confidence DPI              : 12 (flows)
-Num dissector calls: 1580 (131.67 diss/flow)
+Num dissector calls: 1575 (131.25 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
diff --git a/tests/cfgs/default/result/kerberos.pcap.out b/tests/cfgs/default/result/kerberos.pcap.out
index 7f2fcd129..6e2f2aa58 100644
--- a/tests/cfgs/default/result/kerberos.pcap.out
+++ b/tests/cfgs/default/result/kerberos.pcap.out
@@ -4,7 +4,7 @@ DPI Packets (TCP):	77	(2.14 pkts/flow)
 Confidence Unknown          : 2 (flows)
 Confidence Match by port    : 23 (flows)
 Confidence DPI              : 11 (flows)
-Num dissector calls: 4354 (120.94 diss/flow)
+Num dissector calls: 4329 (120.25 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/75/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
diff --git a/tests/cfgs/default/result/log4j-webapp-exploit.pcap.out b/tests/cfgs/default/result/log4j-webapp-exploit.pcap.out
index e64986170..eb53d047c 100644
--- a/tests/cfgs/default/result/log4j-webapp-exploit.pcap.out
+++ b/tests/cfgs/default/result/log4j-webapp-exploit.pcap.out
@@ -1,7 +1,7 @@
 DPI Packets (TCP):	56	(8.00 pkts/flow)
 Confidence Unknown          : 2 (flows)
 Confidence DPI              : 5 (flows)
-Num dissector calls: 360 (51.43 diss/flow)
+Num dissector calls: 359 (51.29 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/6/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
diff --git a/tests/cfgs/default/result/mongo_false_positive.pcapng.out b/tests/cfgs/default/result/mongo_false_positive.pcapng.out
index b40fce87d..92e35e230 100644
--- a/tests/cfgs/default/result/mongo_false_positive.pcapng.out
+++ b/tests/cfgs/default/result/mongo_false_positive.pcapng.out
@@ -2,7 +2,7 @@ Guessed flow protos:	1
 
 DPI Packets (TCP):	14	(14.00 pkts/flow)
 Confidence Match by port    : 1 (flows)
-Num dissector calls: 275 (275.00 diss/flow)
+Num dissector calls: 274 (274.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/3/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
diff --git a/tests/cfgs/default/result/mssql_tds.pcap.out b/tests/cfgs/default/result/mssql_tds.pcap.out
index c5203b4d9..b75ea7c04 100644
--- a/tests/cfgs/default/result/mssql_tds.pcap.out
+++ b/tests/cfgs/default/result/mssql_tds.pcap.out
@@ -3,7 +3,7 @@ Guessed flow protos:	1
 DPI Packets (TCP):	18	(1.50 pkts/flow)
 Confidence Match by port    : 1 (flows)
 Confidence DPI              : 11 (flows)
-Num dissector calls: 280 (23.33 diss/flow)
+Num dissector calls: 274 (22.83 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/3/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
diff --git a/tests/cfgs/default/result/nest_log_sink.pcap.out b/tests/cfgs/default/result/nest_log_sink.pcap.out
index 9ffa4a091..68918ad60 100644
--- a/tests/cfgs/default/result/nest_log_sink.pcap.out
+++ b/tests/cfgs/default/result/nest_log_sink.pcap.out
@@ -4,7 +4,7 @@ DPI Packets (TCP):	130	(10.00 pkts/flow)
 DPI Packets (UDP):	2	(2.00 pkts/flow)
 Confidence Match by port    : 1 (flows)
 Confidence DPI              : 13 (flows)
-Num dissector calls: 2065 (147.50 diss/flow)
+Num dissector calls: 2053 (146.64 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/3/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
diff --git a/tests/cfgs/default/result/ookla.pcap.out b/tests/cfgs/default/result/ookla.pcap.out
index b06b31fe8..6cc0458e4 100644
--- a/tests/cfgs/default/result/ookla.pcap.out
+++ b/tests/cfgs/default/result/ookla.pcap.out
@@ -4,7 +4,7 @@ DPI Packets (TCP):	40	(6.67 pkts/flow)
 Confidence DPI (partial cache): 1 (flows)
 Confidence DPI              : 4 (flows)
 Confidence DPI (aggressive) : 1 (flows)
-Num dissector calls: 562 (93.67 diss/flow)
+Num dissector calls: 559 (93.17 diss/flow)
 LRU cache ookla:      4/2/2 (insert/search/found)
 LRU cache bittorrent: 0/3/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
diff --git a/tests/cfgs/default/result/openvpn.pcap.out b/tests/cfgs/default/result/openvpn.pcap.out
index bee49dc64..169f5df69 100644
--- a/tests/cfgs/default/result/openvpn.pcap.out
+++ b/tests/cfgs/default/result/openvpn.pcap.out
@@ -1,7 +1,7 @@
 DPI Packets (TCP):	24	(8.00 pkts/flow)
 DPI Packets (UDP):	15	(3.00 pkts/flow)
 Confidence DPI              : 8 (flows)
-Num dissector calls: 1294 (161.75 diss/flow)
+Num dissector calls: 1291 (161.38 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/6/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
diff --git a/tests/cfgs/default/result/oracle12.pcapng.out b/tests/cfgs/default/result/oracle12.pcapng.out
index 235ee10b0..ad5160df3 100644
--- a/tests/cfgs/default/result/oracle12.pcapng.out
+++ b/tests/cfgs/default/result/oracle12.pcapng.out
@@ -2,7 +2,7 @@ Guessed flow protos:	1
 
 DPI Packets (TCP):	20	(20.00 pkts/flow)
 Confidence Match by port    : 1 (flows)
-Num dissector calls: 267 (267.00 diss/flow)
+Num dissector calls: 257 (257.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/3/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
diff --git a/tests/cfgs/default/result/ossfuzz_seed_fake_traces_2.pcapng.out b/tests/cfgs/default/result/ossfuzz_seed_fake_traces_2.pcapng.out
index 5100a36c3..90ed730e5 100644
--- a/tests/cfgs/default/result/ossfuzz_seed_fake_traces_2.pcapng.out
+++ b/tests/cfgs/default/result/ossfuzz_seed_fake_traces_2.pcapng.out
@@ -4,7 +4,7 @@ DPI Packets (TCP):	30	(7.50 pkts/flow)
 DPI Packets (UDP):	4	(2.00 pkts/flow)
 Confidence Match by port    : 1 (flows)
 Confidence DPI              : 5 (flows)
-Num dissector calls: 947 (157.83 diss/flow)
+Num dissector calls: 944 (157.33 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/3/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
diff --git a/tests/cfgs/default/result/pop3.pcap.out b/tests/cfgs/default/result/pop3.pcap.out
index cd21c97cb..19bdf0142 100644
--- a/tests/cfgs/default/result/pop3.pcap.out
+++ b/tests/cfgs/default/result/pop3.pcap.out
@@ -1,6 +1,6 @@
 DPI Packets (TCP):	83	(13.83 pkts/flow)
 Confidence DPI              : 6 (flows)
-Num dissector calls: 1242 (207.00 diss/flow)
+Num dissector calls: 1236 (206.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
diff --git a/tests/cfgs/default/result/pop3_stls.pcap.out b/tests/cfgs/default/result/pop3_stls.pcap.out
index bad75a4e3..64b934b65 100644
--- a/tests/cfgs/default/result/pop3_stls.pcap.out
+++ b/tests/cfgs/default/result/pop3_stls.pcap.out
@@ -1,6 +1,6 @@
 DPI Packets (TCP):	18	(18.00 pkts/flow)
 Confidence DPI              : 1 (flows)
-Num dissector calls: 206 (206.00 diss/flow)
+Num dissector calls: 205 (205.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
diff --git a/tests/cfgs/default/result/protobuf.pcap.out b/tests/cfgs/default/result/protobuf.pcap.out
index 980a2776d..a8ae3cde8 100644
--- a/tests/cfgs/default/result/protobuf.pcap.out
+++ b/tests/cfgs/default/result/protobuf.pcap.out
@@ -1,6 +1,6 @@
 DPI Packets (TCP):	26	(5.20 pkts/flow)
 Confidence DPI              : 5 (flows)
-Num dissector calls: 704 (140.80 diss/flow)
+Num dissector calls: 701 (140.20 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
diff --git a/tests/cfgs/default/result/raft.pcap.out b/tests/cfgs/default/result/raft.pcap.out
index 0442dce11..aa1336f3c 100644
--- a/tests/cfgs/default/result/raft.pcap.out
+++ b/tests/cfgs/default/result/raft.pcap.out
@@ -1,6 +1,6 @@
 DPI Packets (TCP):	12	(6.00 pkts/flow)
 Confidence DPI              : 2 (flows)
-Num dissector calls: 340 (170.00 diss/flow)
+Num dissector calls: 338 (169.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
diff --git a/tests/cfgs/default/result/reasm_crash_anon.pcapng.out b/tests/cfgs/default/result/reasm_crash_anon.pcapng.out
index 47a439b3d..95d9ab67e 100644
--- a/tests/cfgs/default/result/reasm_crash_anon.pcapng.out
+++ b/tests/cfgs/default/result/reasm_crash_anon.pcapng.out
@@ -1,6 +1,6 @@
 DPI Packets (TCP):	23	(23.00 pkts/flow)
 Confidence Unknown          : 1 (flows)
-Num dissector calls: 256 (256.00 diss/flow)
+Num dissector calls: 254 (254.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/3/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
diff --git a/tests/cfgs/default/result/reasm_segv_anon.pcapng.out b/tests/cfgs/default/result/reasm_segv_anon.pcapng.out
index 826a2eb76..d3ed72f1b 100644
--- a/tests/cfgs/default/result/reasm_segv_anon.pcapng.out
+++ b/tests/cfgs/default/result/reasm_segv_anon.pcapng.out
@@ -2,7 +2,7 @@ Guessed flow protos:	1
 
 DPI Packets (TCP):	21	(21.00 pkts/flow)
 Confidence Match by port    : 1 (flows)
-Num dissector calls: 207 (207.00 diss/flow)
+Num dissector calls: 202 (202.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/3/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
diff --git a/tests/cfgs/default/result/resp.pcap.out b/tests/cfgs/default/result/resp.pcap.out
new file mode 100644
index 000000000..a8e5bb060
--- /dev/null
+++ b/tests/cfgs/default/result/resp.pcap.out
@@ -0,0 +1,28 @@
+DPI Packets (TCP):	4	(4.00 pkts/flow)
+Confidence DPI              : 1 (flows)
+Num dissector calls: 1 (1.00 diss/flow)
+LRU cache ookla:      0/0/0 (insert/search/found)
+LRU cache bittorrent: 0/0/0 (insert/search/found)
+LRU cache zoom:       0/0/0 (insert/search/found)
+LRU cache stun:       0/0/0 (insert/search/found)
+LRU cache tls_cert:   0/0/0 (insert/search/found)
+LRU cache mining:     0/0/0 (insert/search/found)
+LRU cache msteams:    0/0/0 (insert/search/found)
+LRU cache stun_zoom:  0/0/0 (insert/search/found)
+Automa host:          0/0 (search/found)
+Automa domain:        0/0 (search/found)
+Automa tls cert:      0/0 (search/found)
+Automa risk mask:     0/0 (search/found)
+Automa common alpns:  0/0 (search/found)
+Patricia risk mask:   0/0 (search/found)
+Patricia risk mask IPv6: 0/0 (search/found)
+Patricia risk:        0/0 (search/found)
+Patricia risk IPv6:   0/0 (search/found)
+Patricia protocols:   2/0 (search/found)
+Patricia protocols IPv6: 0/0 (search/found)
+
+RESP	39	92898	1
+
+Acceptable                      39 92898         1            
+
+	1	TCP 192.168.88.221:51882 <-> 192.168.88.231:6379 [proto: 182/RESP][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 4][cat: Database/11][22 pkts/1556 bytes <-> 17 pkts/91342 bytes][Goodput ratio: 6/99][28.51 sec][bytes ratio: -0.967 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 1413/1863 15066/15069 3554/4207][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 71/5373 108/20338 10/5879][PLAIN TEXT (COMMAND)][Plen Bins: 35,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,59]
diff --git a/tests/cfgs/default/result/riot.pcapng.out b/tests/cfgs/default/result/riot.pcapng.out
index 829237351..0180eee9e 100644
--- a/tests/cfgs/default/result/riot.pcapng.out
+++ b/tests/cfgs/default/result/riot.pcapng.out
@@ -3,7 +3,7 @@ Guessed flow protos:	1
 DPI Packets (TCP):	7	(3.50 pkts/flow)
 Confidence Match by port    : 1 (flows)
 Confidence DPI              : 1 (flows)
-Num dissector calls: 200 (100.00 diss/flow)
+Num dissector calls: 198 (99.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/3/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
diff --git a/tests/cfgs/default/result/rsh.pcap.out b/tests/cfgs/default/result/rsh.pcap.out
index 0f0a672e9..47b389f31 100644
--- a/tests/cfgs/default/result/rsh.pcap.out
+++ b/tests/cfgs/default/result/rsh.pcap.out
@@ -1,6 +1,6 @@
 DPI Packets (TCP):	12	(6.00 pkts/flow)
 Confidence DPI              : 2 (flows)
-Num dissector calls: 330 (165.00 diss/flow)
+Num dissector calls: 328 (164.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
diff --git a/tests/cfgs/default/result/rtmp.pcap.out b/tests/cfgs/default/result/rtmp.pcap.out
index b611aa1d6..bce58fa2c 100644
--- a/tests/cfgs/default/result/rtmp.pcap.out
+++ b/tests/cfgs/default/result/rtmp.pcap.out
@@ -1,6 +1,6 @@
 DPI Packets (TCP):	8	(8.00 pkts/flow)
 Confidence DPI              : 1 (flows)
-Num dissector calls: 172 (172.00 diss/flow)
+Num dissector calls: 171 (171.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
diff --git a/tests/cfgs/default/result/s7comm-plus.pcap.out b/tests/cfgs/default/result/s7comm-plus.pcap.out
index f2b1619bf..c3f634268 100644
--- a/tests/cfgs/default/result/s7comm-plus.pcap.out
+++ b/tests/cfgs/default/result/s7comm-plus.pcap.out
@@ -1,6 +1,6 @@
 DPI Packets (TCP):	9	(9.00 pkts/flow)
 Confidence DPI              : 1 (flows)
-Num dissector calls: 185 (185.00 diss/flow)
+Num dissector calls: 184 (184.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
diff --git a/tests/cfgs/default/result/s7comm.pcap.out b/tests/cfgs/default/result/s7comm.pcap.out
index f9c6e557f..692a2aa9b 100644
--- a/tests/cfgs/default/result/s7comm.pcap.out
+++ b/tests/cfgs/default/result/s7comm.pcap.out
@@ -1,6 +1,6 @@
 DPI Packets (TCP):	3	(3.00 pkts/flow)
 Confidence DPI              : 1 (flows)
-Num dissector calls: 187 (187.00 diss/flow)
+Num dissector calls: 186 (186.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
diff --git a/tests/cfgs/default/result/shadowsocks.pcap.out b/tests/cfgs/default/result/shadowsocks.pcap.out
index c5dcd9a14..4c5da7b87 100644
--- a/tests/cfgs/default/result/shadowsocks.pcap.out
+++ b/tests/cfgs/default/result/shadowsocks.pcap.out
@@ -1,7 +1,7 @@
 DPI Packets (TCP):	21	(10.50 pkts/flow)
 Confidence Unknown          : 1 (flows)
 Confidence DPI              : 1 (flows)
-Num dissector calls: 364 (182.00 diss/flow)
+Num dissector calls: 363 (181.50 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/3/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
diff --git a/tests/cfgs/default/result/skype.pcap.out b/tests/cfgs/default/result/skype.pcap.out
index f0e10d37f..33e0cf65f 100644
--- a/tests/cfgs/default/result/skype.pcap.out
+++ b/tests/cfgs/default/result/skype.pcap.out
@@ -6,7 +6,7 @@ DPI Packets (other):	5	(1.00 pkts/flow)
 Confidence Unknown          : 59 (flows)
 Confidence Match by port    : 28 (flows)
 Confidence DPI              : 206 (flows)
-Num dissector calls: 28226 (96.33 diss/flow)
+Num dissector calls: 28119 (95.97 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/261/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
diff --git a/tests/cfgs/default/result/skype_no_unknown.pcap.out b/tests/cfgs/default/result/skype_no_unknown.pcap.out
index 7281316e8..f6132321e 100644
--- a/tests/cfgs/default/result/skype_no_unknown.pcap.out
+++ b/tests/cfgs/default/result/skype_no_unknown.pcap.out
@@ -6,7 +6,7 @@ DPI Packets (other):	5	(1.00 pkts/flow)
 Confidence Unknown          : 44 (flows)
 Confidence Match by port    : 22 (flows)
 Confidence DPI              : 201 (flows)
-Num dissector calls: 23409 (87.67 diss/flow)
+Num dissector calls: 23333 (87.39 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/198/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
diff --git a/tests/cfgs/default/result/smb_frags.pcap.out b/tests/cfgs/default/result/smb_frags.pcap.out
index f91415398..66446cf57 100644
--- a/tests/cfgs/default/result/smb_frags.pcap.out
+++ b/tests/cfgs/default/result/smb_frags.pcap.out
@@ -1,6 +1,6 @@
 DPI Packets (TCP):	5	(5.00 pkts/flow)
 Confidence DPI              : 1 (flows)
-Num dissector calls: 171 (171.00 diss/flow)
+Num dissector calls: 170 (170.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
diff --git a/tests/cfgs/default/result/smbv1.pcap.out b/tests/cfgs/default/result/smbv1.pcap.out
index 0f2a8953b..b25820354 100644
--- a/tests/cfgs/default/result/smbv1.pcap.out
+++ b/tests/cfgs/default/result/smbv1.pcap.out
@@ -1,6 +1,6 @@
 DPI Packets (TCP):	3	(3.00 pkts/flow)
 Confidence DPI              : 1 (flows)
-Num dissector calls: 173 (173.00 diss/flow)
+Num dissector calls: 172 (172.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
diff --git a/tests/cfgs/default/result/smtp-starttls.pcap.out b/tests/cfgs/default/result/smtp-starttls.pcap.out
index 61bd3fd7f..83cd1b0d7 100644
--- a/tests/cfgs/default/result/smtp-starttls.pcap.out
+++ b/tests/cfgs/default/result/smtp-starttls.pcap.out
@@ -1,6 +1,6 @@
 DPI Packets (TCP):	26	(13.00 pkts/flow)
 Confidence DPI              : 2 (flows)
-Num dissector calls: 169 (84.50 diss/flow)
+Num dissector calls: 168 (84.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
diff --git a/tests/cfgs/default/result/smtp.pcap.out b/tests/cfgs/default/result/smtp.pcap.out
index a9d95fb46..31567fa32 100644
--- a/tests/cfgs/default/result/smtp.pcap.out
+++ b/tests/cfgs/default/result/smtp.pcap.out
@@ -1,6 +1,6 @@
 DPI Packets (TCP):	11	(11.00 pkts/flow)
 Confidence DPI              : 1 (flows)
-Num dissector calls: 212 (212.00 diss/flow)
+Num dissector calls: 211 (211.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
diff --git a/tests/cfgs/default/result/soap.pcap.out b/tests/cfgs/default/result/soap.pcap.out
index 072810230..8af81ea02 100644
--- a/tests/cfgs/default/result/soap.pcap.out
+++ b/tests/cfgs/default/result/soap.pcap.out
@@ -3,7 +3,7 @@ Guessed flow protos:	1
 DPI Packets (TCP):	20	(6.67 pkts/flow)
 Confidence Match by port    : 1 (flows)
 Confidence DPI              : 2 (flows)
-Num dissector calls: 410 (136.67 diss/flow)
+Num dissector calls: 407 (135.67 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/3/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
diff --git a/tests/cfgs/default/result/starcraft_battle.pcap.out b/tests/cfgs/default/result/starcraft_battle.pcap.out
index dcc79c9d7..c5fe5ae2a 100644
--- a/tests/cfgs/default/result/starcraft_battle.pcap.out
+++ b/tests/cfgs/default/result/starcraft_battle.pcap.out
@@ -6,7 +6,7 @@ DPI Packets (other):	1	(1.00 pkts/flow)
 Confidence Match by port    : 12 (flows)
 Confidence DPI              : 39 (flows)
 Confidence Match by IP      : 1 (flows)
-Num dissector calls: 1637 (31.48 diss/flow)
+Num dissector calls: 1635 (31.44 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/39/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
diff --git a/tests/cfgs/default/result/teams.pcap.out b/tests/cfgs/default/result/teams.pcap.out
index 31e9aa49c..5fca8dfad 100644
--- a/tests/cfgs/default/result/teams.pcap.out
+++ b/tests/cfgs/default/result/teams.pcap.out
@@ -7,7 +7,7 @@ Confidence Unknown          : 1 (flows)
 Confidence Match by port    : 2 (flows)
 Confidence DPI (partial)    : 4 (flows)
 Confidence DPI              : 76 (flows)
-Num dissector calls: 530 (6.39 diss/flow)
+Num dissector calls: 529 (6.37 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/9/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
diff --git a/tests/cfgs/default/result/telegram_videocall.pcapng.out b/tests/cfgs/default/result/telegram_videocall.pcapng.out
index 561ec1551..24ba87309 100644
--- a/tests/cfgs/default/result/telegram_videocall.pcapng.out
+++ b/tests/cfgs/default/result/telegram_videocall.pcapng.out
@@ -7,7 +7,7 @@ Confidence Match by port    : 8 (flows)
 Confidence DPI (cache)      : 10 (flows)
 Confidence DPI              : 15 (flows)
 Confidence Match by IP      : 1 (flows)
-Num dissector calls: 1988 (58.47 diss/flow)
+Num dissector calls: 1979 (58.21 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/27/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
diff --git a/tests/cfgs/default/result/telnet.pcap.out b/tests/cfgs/default/result/telnet.pcap.out
index 2fb173661..655b93c9d 100644
--- a/tests/cfgs/default/result/telnet.pcap.out
+++ b/tests/cfgs/default/result/telnet.pcap.out
@@ -1,6 +1,6 @@
 DPI Packets (TCP):	33	(33.00 pkts/flow)
 Confidence DPI              : 1 (flows)
-Num dissector calls: 169 (169.00 diss/flow)
+Num dissector calls: 168 (168.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
diff --git a/tests/cfgs/default/result/threema.pcap.out b/tests/cfgs/default/result/threema.pcap.out
index 3b75b3484..ae14d56ee 100644
--- a/tests/cfgs/default/result/threema.pcap.out
+++ b/tests/cfgs/default/result/threema.pcap.out
@@ -3,7 +3,7 @@ Guessed flow protos:	2
 DPI Packets (TCP):	66	(11.00 pkts/flow)
 Confidence DPI              : 4 (flows)
 Confidence Match by IP      : 2 (flows)
-Num dissector calls: 1334 (222.33 diss/flow)
+Num dissector calls: 1328 (221.33 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/6/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
diff --git a/tests/cfgs/default/result/tinc.pcap.out b/tests/cfgs/default/result/tinc.pcap.out
index 7fa19929a..0abe06d3a 100644
--- a/tests/cfgs/default/result/tinc.pcap.out
+++ b/tests/cfgs/default/result/tinc.pcap.out
@@ -2,7 +2,7 @@ DPI Packets (TCP):	19	(9.50 pkts/flow)
 DPI Packets (UDP):	2	(1.00 pkts/flow)
 Confidence DPI (cache)      : 2 (flows)
 Confidence DPI              : 2 (flows)
-Num dissector calls: 533 (133.25 diss/flow)
+Num dissector calls: 531 (132.75 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
diff --git a/tests/cfgs/default/result/tls_certificate_too_long.pcap.out b/tests/cfgs/default/result/tls_certificate_too_long.pcap.out
index 4bf005a66..1dc5f4e0f 100644
--- a/tests/cfgs/default/result/tls_certificate_too_long.pcap.out
+++ b/tests/cfgs/default/result/tls_certificate_too_long.pcap.out
@@ -6,7 +6,7 @@ DPI Packets (other):	2	(1.00 pkts/flow)
 Confidence Unknown          : 1 (flows)
 Confidence Match by port    : 1 (flows)
 Confidence DPI              : 33 (flows)
-Num dissector calls: 635 (18.14 diss/flow)
+Num dissector calls: 633 (18.09 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/6/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
diff --git a/tests/cfgs/default/result/tls_false_positives.pcapng.out b/tests/cfgs/default/result/tls_false_positives.pcapng.out
index e27bce02c..16ccf258a 100644
--- a/tests/cfgs/default/result/tls_false_positives.pcapng.out
+++ b/tests/cfgs/default/result/tls_false_positives.pcapng.out
@@ -1,6 +1,6 @@
 DPI Packets (TCP):	13	(13.00 pkts/flow)
 Confidence Unknown          : 1 (flows)
-Num dissector calls: 262 (262.00 diss/flow)
+Num dissector calls: 261 (261.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/3/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
diff --git a/tests/cfgs/default/result/viber.pcap.out b/tests/cfgs/default/result/viber.pcap.out
index 2140f767c..3b8a4a3a9 100644
--- a/tests/cfgs/default/result/viber.pcap.out
+++ b/tests/cfgs/default/result/viber.pcap.out
@@ -5,7 +5,7 @@ DPI Packets (UDP):	27	(1.93 pkts/flow)
 DPI Packets (other):	2	(1.00 pkts/flow)
 Confidence Match by port    : 4 (flows)
 Confidence DPI              : 25 (flows)
-Num dissector calls: 461 (15.90 diss/flow)
+Num dissector calls: 459 (15.83 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/12/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
diff --git a/tests/cfgs/default/result/wa_video.pcap.out b/tests/cfgs/default/result/wa_video.pcap.out
index 16430f8b4..af212d2bd 100644
--- a/tests/cfgs/default/result/wa_video.pcap.out
+++ b/tests/cfgs/default/result/wa_video.pcap.out
@@ -5,7 +5,7 @@ DPI Packets (UDP):	13	(1.00 pkts/flow)
 Confidence DPI (cache)      : 2 (flows)
 Confidence DPI              : 11 (flows)
 Confidence Match by IP      : 1 (flows)
-Num dissector calls: 403 (28.79 diss/flow)
+Num dissector calls: 395 (28.21 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/3/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
diff --git a/tests/cfgs/default/result/waze.pcap.out b/tests/cfgs/default/result/waze.pcap.out
index bd8376226..21a9869bf 100644
--- a/tests/cfgs/default/result/waze.pcap.out
+++ b/tests/cfgs/default/result/waze.pcap.out
@@ -5,7 +5,7 @@ DPI Packets (UDP):	1	(1.00 pkts/flow)
 Confidence Unknown          : 1 (flows)
 Confidence Match by port    : 9 (flows)
 Confidence DPI              : 23 (flows)
-Num dissector calls: 384 (11.64 diss/flow)
+Num dissector calls: 383 (11.61 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/30/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
diff --git a/tests/cfgs/default/result/whatsapp.pcap.out b/tests/cfgs/default/result/whatsapp.pcap.out
index 6495f9306..19b12a7df 100644
--- a/tests/cfgs/default/result/whatsapp.pcap.out
+++ b/tests/cfgs/default/result/whatsapp.pcap.out
@@ -1,6 +1,6 @@
 DPI Packets (TCP):	344	(4.00 pkts/flow)
 Confidence DPI              : 86 (flows)
-Num dissector calls: 13760 (160.00 diss/flow)
+Num dissector calls: 13674 (159.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
diff --git a/tests/cfgs/default/result/whois.pcapng.out b/tests/cfgs/default/result/whois.pcapng.out
index ad134c9d6..4b60f0fa2 100644
--- a/tests/cfgs/default/result/whois.pcapng.out
+++ b/tests/cfgs/default/result/whois.pcapng.out
@@ -3,7 +3,7 @@ Guessed flow protos:	1
 DPI Packets (TCP):	16	(5.33 pkts/flow)
 Confidence Match by port    : 1 (flows)
 Confidence DPI              : 2 (flows)
-Num dissector calls: 201 (67.00 diss/flow)
+Num dissector calls: 199 (66.33 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/3/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
diff --git a/tests/cfgs/default/result/z3950.pcapng.out b/tests/cfgs/default/result/z3950.pcapng.out
index fb95aa1c2..f1ce704c4 100644
--- a/tests/cfgs/default/result/z3950.pcapng.out
+++ b/tests/cfgs/default/result/z3950.pcapng.out
@@ -3,7 +3,7 @@ Guessed flow protos:	1
 DPI Packets (TCP):	26	(13.00 pkts/flow)
 Confidence Match by port    : 1 (flows)
 Confidence DPI              : 1 (flows)
-Num dissector calls: 478 (239.00 diss/flow)
+Num dissector calls: 476 (238.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/3/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
diff --git a/tests/cfgs/default/result/zoom.pcap.out b/tests/cfgs/default/result/zoom.pcap.out
index f79603f9c..bb04161c3 100644
--- a/tests/cfgs/default/result/zoom.pcap.out
+++ b/tests/cfgs/default/result/zoom.pcap.out
@@ -5,7 +5,7 @@ DPI Packets (UDP):	28	(1.56 pkts/flow)
 DPI Packets (other):	2	(1.00 pkts/flow)
 Confidence Match by port    : 2 (flows)
 Confidence DPI              : 32 (flows)
-Num dissector calls: 870 (25.59 diss/flow)
+Num dissector calls: 869 (25.56 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/6/0 (insert/search/found)
 LRU cache zoom:       7/0/0 (insert/search/found)
diff --git a/tests/cfgs/disable_aggressiveness/result/ookla.pcap.out b/tests/cfgs/disable_aggressiveness/result/ookla.pcap.out
index d7b99fee4..b13a55f2a 100644
--- a/tests/cfgs/disable_aggressiveness/result/ookla.pcap.out
+++ b/tests/cfgs/disable_aggressiveness/result/ookla.pcap.out
@@ -3,7 +3,7 @@ Guessed flow protos:	1
 DPI Packets (TCP):	40	(6.67 pkts/flow)
 Confidence DPI (partial cache): 1 (flows)
 Confidence DPI              : 5 (flows)
-Num dissector calls: 562 (93.67 diss/flow)
+Num dissector calls: 559 (93.17 diss/flow)
 LRU cache ookla:      4/1/1 (insert/search/found)
 LRU cache bittorrent: 0/3/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
diff --git a/tests/cfgs/disable_protocols/result/soap.pcap.out b/tests/cfgs/disable_protocols/result/soap.pcap.out
index b43b4ea1c..7bab5ebe7 100644
--- a/tests/cfgs/disable_protocols/result/soap.pcap.out
+++ b/tests/cfgs/disable_protocols/result/soap.pcap.out
@@ -3,7 +3,7 @@ Guessed flow protos:	2
 DPI Packets (TCP):	20	(6.67 pkts/flow)
 Confidence Match by port    : 2 (flows)
 Confidence DPI              : 1 (flows)
-Num dissector calls: 401 (133.67 diss/flow)
+Num dissector calls: 398 (132.67 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/6/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
diff --git a/tests/cfgs/enable_payload_stat/result/1kxun.pcap.out b/tests/cfgs/enable_payload_stat/result/1kxun.pcap.out
index 88133999e..beccb2c17 100644
--- a/tests/cfgs/enable_payload_stat/result/1kxun.pcap.out
+++ b/tests/cfgs/enable_payload_stat/result/1kxun.pcap.out
@@ -5,7 +5,7 @@ DPI Packets (UDP):	120	(1.21 pkts/flow)
 Confidence Unknown          : 14 (flows)
 Confidence Match by port    : 6 (flows)
 Confidence DPI              : 177 (flows)
-Num dissector calls: 4933 (25.04 diss/flow)
+Num dissector calls: 4925 (25.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/60/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
diff --git a/tests/cfgs/ip_lists_disable/result/1kxun.pcap.out b/tests/cfgs/ip_lists_disable/result/1kxun.pcap.out
index 66e349e05..a96984c29 100644
--- a/tests/cfgs/ip_lists_disable/result/1kxun.pcap.out
+++ b/tests/cfgs/ip_lists_disable/result/1kxun.pcap.out
@@ -5,7 +5,7 @@ DPI Packets (UDP):	120	(1.21 pkts/flow)
 Confidence Unknown          : 14 (flows)
 Confidence Match by port    : 6 (flows)
 Confidence DPI              : 177 (flows)
-Num dissector calls: 4933 (25.04 diss/flow)
+Num dissector calls: 4925 (25.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/60/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
diff --git a/windows/nDPI.vcxproj b/windows/nDPI.vcxproj
index bc10f7897..c6f333019 100644
--- a/windows/nDPI.vcxproj
+++ b/windows/nDPI.vcxproj
@@ -285,7 +285,7 @@
     <ClCompile Include="..\src\lib\protocols\radius.c" />
     <ClCompile Include="..\src\lib\protocols\raft.c" />
     <ClCompile Include="..\src\lib\protocols\rdp.c" />
-    <ClCompile Include="..\src\lib\protocols\redis_net.c" />
+    <ClCompile Include="..\src\lib\protocols\resp.c" />
     <ClCompile Include="..\src\lib\protocols\rmcp.c" />
     <ClCompile Include="..\src\lib\protocols\roughtime.c" />
     <ClCompile Include="..\src\lib\protocols\rsync.c" />
diff --git a/windows/nDPI.vcxproj.filters b/windows/nDPI.vcxproj.filters
index 6f9cec9b2..dfb72857d 100644
--- a/windows/nDPI.vcxproj.filters
+++ b/windows/nDPI.vcxproj.filters
@@ -68,7 +68,7 @@
     <ClCompile Include="..\src\lib\protocols\quic.c" />
     <ClCompile Include="..\src\lib\protocols\radius.c" />
     <ClCompile Include="..\src\lib\protocols\rdp.c" />
-    <ClCompile Include="..\src\lib\protocols\redis_net.c" />
+    <ClCompile Include="..\src\lib\protocols\resp.c" />
     <ClCompile Include="..\src\lib\protocols\rsync.c" />
     <ClCompile Include="..\src\lib\protocols\rtcp.c" />
     <ClCompile Include="..\src\lib\protocols\rtmp.c" />
author	Vladimir Gavrilov <105977161+0xA50C1A1@users.noreply.github.com>	2024-01-27 23:19:34 +0300
committer	GitHub <noreply@github.com>	2024-01-27 21:19:34 +0100
commit	c807d84054f605202bd9633092b16627a8a5e790 (patch)
tree	0c8d1633c61f474ce24ea9480653d03d22d8dfe3
parent	8e562c4ecda06d9da9d394453e5ade54c0344d90 (diff)