HTTP: fix classification (#1692)

If we have a valid HTTP sessions, we should ignore `flow->guessed_protocol_id` field (i.e. classification "by-port") altogheter. The attached trace was classified as "SIP/HTTP" only because the *client* port was 5060... As a general rule, having a classification such as "XXXX/HTTP" is *extremely* suspicious.
author: Ivan Nardi <12729895+IvanNardi@users.noreply.github.com> 2022-07-30 22:57:20 +0200
committer: GitHub <noreply@github.com> 2022-07-30 22:57:20 +0200
commit: 2a596c79e6df7f78dea6ee3b581b4ed99d48bd7b (patch)
tree: 9479d3fa6c0be8761f091a57b11fe323ab02b2c8 /tests/pcap
parent: 8b6a00f84bff9c998643d823502ae9f924fce528 (diff)
1 files changed, 0 insertions, 0 deletions
diff --git a/tests/pcap/http_on_sip_port.pcap b/tests/pcap/http_on_sip_port.pcap
new file mode 100644
index 000000000..dc08d99b5
--- /dev/null
+++ b/tests/pcap/http_on_sip_port.pcap
author	Ivan Nardi <12729895+IvanNardi@users.noreply.github.com>	2022-07-30 22:57:20 +0200
committer	GitHub <noreply@github.com>	2022-07-30 22:57:20 +0200
commit	2a596c79e6df7f78dea6ee3b581b4ed99d48bd7b (patch)
tree	9479d3fa6c0be8761f091a57b11fe323ab02b2c8 /tests/pcap
parent	8b6a00f84bff9c998643d823502ae9f924fce528 (diff)