From 7e64d9f66d130d5c28dc230c47017e2ef3ea62e2 Mon Sep 17 00:00:00 2001
From: Ivan Nardi <12729895+IvanNardi@users.noreply.github.com>
Date: Fri, 23 Jun 2023 08:12:40 +0200
Subject: RTP: rework code (#2021)

Try avoiding false positives: look for 3 RTP packets before classifing
the flow as such.

Add a generic function `is_rtp_or_rtcp()` to identify RTP/RTCP packets also
in other dissectors (see 3608ab01b commit message for an example)
---
 tests/cfgs/default/result/zoom2.pcap.out | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'tests/cfgs/default/result/zoom2.pcap.out')

diff --git a/tests/cfgs/default/result/zoom2.pcap.out b/tests/cfgs/default/result/zoom2.pcap.out
index b8f891598..574ac6e88 100644
--- a/tests/cfgs/default/result/zoom2.pcap.out
+++ b/tests/cfgs/default/result/zoom2.pcap.out
@@ -4,7 +4,7 @@ DPI Packets (TCP):	8	(8.00 pkts/flow)
 DPI Packets (UDP):	15	(5.00 pkts/flow)
 DPI Packets (other):	1	(1.00 pkts/flow)
 Confidence DPI              : 5 (flows)
-Num dissector calls: 491 (98.20 diss/flow)
+Num dissector calls: 494 (98.80 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache zoom:       1/0/0 (insert/search/found)
-- 
cgit v1.2.3