Extend protocols support (#1422)

Add detection of AccuWeather site/app and Google Classroom. Improve detection of Azure, Zattoo, Whatsapp, MQTT and LDAP. Fix some RX false positives. Fix some "Uncommon TLS ALPN"-risk false positives. Fix "confidence" value for some Zoom/Torrent classifications. Minor fix in Lua script for Wireshark extcap. Update .gitignore file. Let GitHub correctly detect the language type of *.inc files. Zattoo example has been provided by @subhajit-cdot in #1148.
author: Ivan Nardi <12729895+IvanNardi@users.noreply.github.com> 2022-01-29 09:19:26 +0100
committer: GitHub <noreply@github.com> 2022-01-29 09:19:26 +0100
commit: 513e386959e0d52c4b37cb704f6b0b7a128cc0e4 (patch)
tree: d46f9bb6b85a1b36ab846ffd150e02971c0d8fd5 /wireshark
parent: 9b8679a320c3c210d9e3fda2c1ee8049d2b6c79f (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/wireshark/ndpi.lua b/wireshark/ndpi.lua
index d7cebb969..ff6c255d0 100644
--- a/wireshark/ndpi.lua
+++ b/wireshark/ndpi.lua
@@ -82,7 +82,7 @@ flow_risks[40] = ProtoField.bool("ndpi.flow_risk.possible_exploit", "Possible Ex
 flow_risks[41] = ProtoField.bool("ndpi.flow_risk.cert_about_to_expire", "TLS cert about to expire", num_bits_flow_risks, nil, bit(9), "nDPI Flow Risk: TLS certificate about to expire")
 
 -- Last one: keep in sync the bitmask when adding new risks!!
-flow_risks[64] = ProtoField.new("Unused", "ndpi.flow_risk.unused", ftypes.UINT32, nil, base.HEX, bit(32) - bit(8))
+flow_risks[64] = ProtoField.new("Unused", "ndpi.flow_risk.unused", ftypes.UINT32, nil, base.HEX, bit(32) - bit(10))
 
 for _,v in pairs(flow_risks) do
   ndpi_fds[#ndpi_fds + 1] = v
author	Ivan Nardi <12729895+IvanNardi@users.noreply.github.com>	2022-01-29 09:19:26 +0100
committer	GitHub <noreply@github.com>	2022-01-29 09:19:26 +0100
commit	513e386959e0d52c4b37cb704f6b0b7a128cc0e4 (patch)
tree	d46f9bb6b85a1b36ab846ffd150e02971c0d8fd5 /wireshark
parent	9b8679a320c3c210d9e3fda2c1ee8049d2b6c79f (diff)