From e1edb08f06c0ed153167cfe0f43a17247d3b0c2c Mon Sep 17 00:00:00 2001
From: Nardi Ivan <nardi.ivan@gmail.com>
Date: Mon, 18 Jul 2022 16:31:32 +0200
Subject: SKYPE: fix detection over UDP

Commit ba6a48c9 is completely bogus: we can't set extra dissection
without having set a proper classification.

The idea behind that commit seems to be that we need to look for 2
(consecutives?) packets with the same crc/pattern: try to implement this
logic in a saner way.
---
 tests/result/dnscrypt_skype_false_positive.pcapng.out | 2 +-
 tests/result/skype_udp.pcap.out                       | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

(limited to 'tests')

diff --git a/tests/result/dnscrypt_skype_false_positive.pcapng.out b/tests/result/dnscrypt_skype_false_positive.pcapng.out
index 394f29792..97e47edca 100644
--- a/tests/result/dnscrypt_skype_false_positive.pcapng.out
+++ b/tests/result/dnscrypt_skype_false_positive.pcapng.out
@@ -1,6 +1,6 @@
 Guessed flow protos:	0
 
-DPI Packets (UDP):	4	(4.00 pkts/flow)
+DPI Packets (UDP):	2	(2.00 pkts/flow)
 Confidence DPI              : 1 (flows)
 Num dissector calls: 118 (118.00 diss/flow)
 
diff --git a/tests/result/skype_udp.pcap.out b/tests/result/skype_udp.pcap.out
index c3971d04d..6016d74f0 100644
--- a/tests/result/skype_udp.pcap.out
+++ b/tests/result/skype_udp.pcap.out
@@ -2,7 +2,7 @@ Guessed flow protos:	0
 
 DPI Packets (UDP):	2	(2.00 pkts/flow)
 Confidence DPI              : 1 (flows)
-Num dissector calls: 99 (99.00 diss/flow)
+Num dissector calls: 117 (117.00 diss/flow)
 
 Skype_Teams	5	339	1
 
-- 
cgit v1.2.3