add IPv6 to lpi_data_t struct

[elnappo]

I added this to categorizes traffic after IPv4 and IPv6 addresses.

[salcock]

I'm not convinced this change adds anything of value.

The point of the lpi_data_t structure is to store information about the flow that can be used by the protocol classification modules. Currently there are no modules that use the IPv6 address to make classification decisions, so all this will do is increase the size of the lpi_data_t struct by 32 bytes.

[elnappo]

My goal is to match flows with networks to detect e.g. netflix traffic.

[salcock]

That is not a feature that I feel belongs in libprotoident, because

1. libprotoident is often used in situations where the IP addresses have been anonymised, so using the networks to classify traffic will lead to errors.
2. networks can change owners or be re-purposed. For example, address space that was solely used for YouTube 5 years ago can now be used for any Google service and vice versa.
3. duplicating IPv6 addresses inside the lpi_data_t structure means that libprotoident has a much larger memory footprint and goes against the principle of lightweight packet inspection.

If you still want to do network-based matching in your application, I would suggest you look at the source and dest networks after getting a base classification from libprotoident and override the original classification accordingly. This would also mean you can get the IP addresses from your flow management code (such as libflowmanager) rather than duplicating them inside the lpi_data_t structure.

[elnappo]

Okay, thank you for your feedback!