Improve/add several protocols (#1383)

Improve Microsoft, GMail, Likee, Whatsapp, DisneyPlus and Tiktok detection. Add Vimeo, Fuze, Alibaba and Firebase Crashlytics detection. Try to differentiate between Messenger/Signal standard flows (i.e chat) and their VOIP (video)calls (like we already do for Whatsapp and Snapchat). Add a partial list of some ADS/Tracking stuff. Fix Cassandra, Radius and GTP false positives. Fix DNS, Syslog and SIP false negatives. Improve GTP (sub)classification: differentiate among GTP-U, GTP_C and GTP_PRIME. Fix 3 LGTM warnings.
author: Ivan Nardi <12729895+IvanNardi@users.noreply.github.com> 2021-12-18 13:24:51 +0100
committer: GitHub <noreply@github.com> 2021-12-18 13:24:51 +0100
commit: 7153b8933ca6a3df3f6de7d47cbb25e66a8970d4 (patch)
tree: 1c85b93b96cb78648ec60628afe5a728a5a1d43b /tests/result/dns_invert_query.pcapng.out
parent: 58b33dcb2d60faf3d0fa8f7a482752b4664c5344 (diff)
1 files changed, 7 insertions, 0 deletions
diff --git a/tests/result/dns_invert_query.pcapng.out b/tests/result/dns_invert_query.pcapng.out
new file mode 100644
index 000000000..38ad2d712
--- /dev/null
+++ b/tests/result/dns_invert_query.pcapng.out
@@ -0,0 +1,7 @@
+Guessed flow protos:	1
+
+DPI Packets (UDP):	2	(2.00 pkts/flow)
+
+DNS	2	134	1
+
+	1	UDP 173.147.108.174:18427 <-> 244.187.95.1:53 [proto: 5/DNS][ClearText][cat: Network/14][1 pkts/78 bytes <-> 1 pkts/56 bytes][Goodput ratio: 46/21][0.00 sec][Hostname/SNI: 216.58.202.4][::][Plen Bins: 50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
author	Ivan Nardi <12729895+IvanNardi@users.noreply.github.com>	2021-12-18 13:24:51 +0100
committer	GitHub <noreply@github.com>	2021-12-18 13:24:51 +0100
commit	7153b8933ca6a3df3f6de7d47cbb25e66a8970d4 (patch)
tree	1c85b93b96cb78648ec60628afe5a728a5a1d43b /tests/result/dns_invert_query.pcapng.out
parent	58b33dcb2d60faf3d0fa8f7a482752b4664c5344 (diff)