custom rules: try to have a coherent behaviour

Custom rules with *new* protocols are checked "first": if there is a match, the first packet of the flow provides a complete and final classification. The same logic should apply to custom rules with "existing" protocols: if there is match, nDPI shouldn't do anything else. Remove the `tcp:3000@ntop` custom rule. Fix the default port for ElasticSearch (in the protocol file)
author: Ivan Nardi <nardi.ivan@gmail.com> 2025-03-04 16:08:48 +0100
committer: Ivan Nardi <12729895+IvanNardi@users.noreply.github.com> 2025-03-04 18:15:00 +0100
commit: fbb7b8c5784f4c9a4cb47c2d411bf906cc7271d4 (patch)
tree: b9b6abf4ddb302006b3ab48624558ff266b55534 /example
parent: 85fb7eb2e5e352acf772c8513bd1e48d54093d68 (diff)
1 files changed, 1 insertions, 2 deletions
diff --git a/example/protos.txt b/example/protos.txt
index 810ea1911..8da9ca0b9 100644
--- a/example/protos.txt
+++ b/example/protos.txt
@@ -4,8 +4,7 @@
 tcp:81,tcp:8181@HTTP
 udp:5062@SIP
 tcp:860,udp:860,tcp:3260,udp:3260@iSCSI
-tcp:3000@ntop
-tcp:9002@Elasticsearch
+tcp:9200@Elasticsearch
 tcp:5601@Kibana
 tcp:65535@TestProto
author	Ivan Nardi <nardi.ivan@gmail.com>	2025-03-04 16:08:48 +0100
committer	Ivan Nardi <12729895+IvanNardi@users.noreply.github.com>	2025-03-04 18:15:00 +0100
commit	fbb7b8c5784f4c9a4cb47c2d411bf906cc7271d4 (patch)
tree	b9b6abf4ddb302006b3ab48624558ff266b55534 /example
parent	85fb7eb2e5e352acf772c8513bd1e48d54093d68 (diff)