Improve/add several protocols (#1383)

Improve Microsoft, GMail, Likee, Whatsapp, DisneyPlus and Tiktok
detection.
Add Vimeo, Fuze, Alibaba and Firebase Crashlytics detection.

Try to differentiate between Messenger/Signal standard flows (i.e chat)
and their VOIP (video)calls (like we already do for Whatsapp and
Snapchat).

Add a partial list of some ADS/Tracking stuff.

Fix Cassandra, Radius and GTP false positives.
Fix DNS, Syslog and SIP false negatives.

Improve GTP (sub)classification: differentiate among GTP-U, GTP_C and
GTP_PRIME.

Fix 3 LGTM warnings.

1 files changed, 2 insertions, 2 deletions

diff --git a/tests/result/youtube_quic.pcap.out b/tests/result/youtube_quic.pcap.out
index bfc687908..ac6106c59 100644
--- a/tests/result/youtube_quic.pcap.out
+++ b/tests/result/youtube_quic.pcap.out
@@ -6,5 +6,5 @@ YouTube	258	178495	1
 Google	31	13144	2
 
 	1	UDP 192.168.1.7:56074 <-> 216.58.198.33:443 [proto: 188.124/QUIC.YouTube][Encrypted][cat: Media/1][113 pkts/16111 bytes <-> 145 pkts/162384 bytes][Goodput ratio: 71/96][3.12 sec][Hostname/SNI: yt3.ggpht.com][bytes ratio: -0.819 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 9/5 70/69 15/12][Pkt Len c2s/s2c min/avg/max/stddev: 77/73 143/1120 1392/1392 176/437][User-Agent: beta Chrome/57.0.2987.98 Intel Mac OS X 10_12_3][PLAIN TEXT (yt3.ggpht.com)][Plen Bins: 0,31,1,12,8,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,1,0,0,0,1,0,0,0,0,0,0,0,0,0,0,1,1,0,0,41,0,0,0,0,0]
-	2	UDP 192.168.1.7:53859 <-> 216.58.205.66:443 [proto: 188.126/QUIC.Google][Encrypted][cat: Web/5][9 pkts/3929 bytes <-> 9 pkts/4736 bytes][Goodput ratio: 90/92][0.44 sec][Hostname/SNI: googleads.g.doubleclick.net][bytes ratio: -0.093 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/5 36/37 114/158 48/52][Pkt Len c2s/s2c min/avg/max/stddev: 80/69 437/526 1392/1392 524/546][User-Agent: beta Chrome/57.0.2987.98 Intel Mac OS X 10_12_3][PLAIN TEXT (googleads.g.doubleclick.net)][Plen Bins: 16,39,0,0,0,0,0,0,0,5,5,0,0,0,0,0,0,0,0,0,5,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,22,0,0,0,0,0]
-	3	UDP 192.168.1.7:54997 <-> 216.58.205.66:443 [proto: 188.126/QUIC.Google][Encrypted][cat: Web/5][7 pkts/2312 bytes <-> 6 pkts/2167 bytes][Goodput ratio: 87/88][0.56 sec][Hostname/SNI: pagead2.googlesyndication.com][bytes ratio: 0.032 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/8 40/17 89/44 35/17][Pkt Len c2s/s2c min/avg/max/stddev: 80/72 330/361 1392/1392 449/479][User-Agent: beta Chrome/57.0.2987.98 Intel Mac OS X 10_12_3][PLAIN TEXT (pagead2.googlesyndication.com)][Plen Bins: 23,30,7,0,7,0,0,0,0,0,0,0,15,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,15,0,0,0,0,0]
+	2	UDP 192.168.1.7:53859 <-> 216.58.205.66:443 [proto: 188.126/QUIC.Google][Encrypted][cat: Advertisement/101][9 pkts/3929 bytes <-> 9 pkts/4736 bytes][Goodput ratio: 90/92][0.44 sec][Hostname/SNI: googleads.g.doubleclick.net][bytes ratio: -0.093 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/5 36/37 114/158 48/52][Pkt Len c2s/s2c min/avg/max/stddev: 80/69 437/526 1392/1392 524/546][User-Agent: beta Chrome/57.0.2987.98 Intel Mac OS X 10_12_3][PLAIN TEXT (googleads.g.doubleclick.net)][Plen Bins: 16,39,0,0,0,0,0,0,0,5,5,0,0,0,0,0,0,0,0,0,5,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,22,0,0,0,0,0]
+	3	UDP 192.168.1.7:54997 <-> 216.58.205.66:443 [proto: 188.126/QUIC.Google][Encrypted][cat: Advertisement/101][7 pkts/2312 bytes <-> 6 pkts/2167 bytes][Goodput ratio: 87/88][0.56 sec][Hostname/SNI: pagead2.googlesyndication.com][bytes ratio: 0.032 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/8 40/17 89/44 35/17][Pkt Len c2s/s2c min/avg/max/stddev: 80/72 330/361 1392/1392 449/479][User-Agent: beta Chrome/57.0.2987.98 Intel Mac OS X 10_12_3][PLAIN TEXT (pagead2.googlesyndication.com)][Plen Bins: 23,30,7,0,7,0,0,0,0,0,0,0,15,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,15,0,0,0,0,0]