From 7e64d9f66d130d5c28dc230c47017e2ef3ea62e2 Mon Sep 17 00:00:00 2001
From: Ivan Nardi <12729895+IvanNardi@users.noreply.github.com>
Date: Fri, 23 Jun 2023 08:12:40 +0200
Subject: RTP: rework code (#2021)

Try avoiding false positives: look for 3 RTP packets before classifing
the flow as such.

Add a generic function `is_rtp_or_rtcp()` to identify RTP/RTCP packets also
in other dissectors (see 3608ab01b commit message for an example)
---
 tests/cfgs/default/result/EAQ.pcap.out | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'tests/cfgs/default/result/EAQ.pcap.out')

diff --git a/tests/cfgs/default/result/EAQ.pcap.out b/tests/cfgs/default/result/EAQ.pcap.out
index db1a13aa9..b8dd28d2c 100644
--- a/tests/cfgs/default/result/EAQ.pcap.out
+++ b/tests/cfgs/default/result/EAQ.pcap.out
@@ -3,7 +3,7 @@ Guessed flow protos:	0
 DPI Packets (TCP):	12	(6.00 pkts/flow)
 DPI Packets (UDP):	116	(4.00 pkts/flow)
 Confidence DPI              : 31 (flows)
-Num dissector calls: 4389 (141.58 diss/flow)
+Num dissector calls: 4397 (141.84 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
-- 
cgit v1.2.3