Replace hardcoded IP_PROTO map with IANA protocol numbers resource

[NotYuSheng]

Problem

TsharkEnrichmentService.java contains a hardcoded Map<String, String> IP_PROTO with 12 IP protocol number → name entries (ICMP, IGMP, TCP, UDP, GRE, ESP, AH, ICMPv6, OSPF, PIM, VRRP, SCTP). The IANA IP Protocol Numbers registry defines 146 assigned values. Any number outside this 12-entry list silently goes unnamed.

Research findings

No well-maintained Maven library provides IP protocol number → name mapping as a standalone dependency without dragging in a full networking stack:

• Netty IpProtocol (in netty-codec): covers all 255 values but uses different name strings than what tshark/nDPI emit (e.g. IANA says "IPv6-ICMP" and "OSPFIGP"; the codebase and TRANSPORT_LAYER set use "ICMPv6" and "OSPF"). Adding netty-codec just for an enum is not justified.
• pcap4j IpNumber: similar mismatch, not in pom.xml, adds ~1 MB transitive deps.
• commons-net: does not provide IP protocol number lookup at all.

Proposed Solution

Bundle the IANA IP Protocol Numbers CSV as a classpath resource and parse it at startup, with a small override map to normalise the two names that differ from what tshark/nDPI emit.

IANA publishes the authoritative registry at:

https://www.iana.org/assignments/protocol-numbers/protocol-numbers.csv

CSV format:

Decimal,Keyword,Protocol,IPv6 Extension Header,Reference
1,ICMP,Internet Control Message,,[RFC792]
6,TCP,Transmission Control,,[RFC793]
17,UDP,User Datagram,,[RFC768]
58,IPv6-ICMP,ICMP for IPv6,,[RFC8200]      ← needs override → "ICMPv6"
89,OSPFIGP,OSPF,,[RFC1583]                  ← needs override → "OSPF"

Implementation

1. Download the CSV once at dev time and commit to src/main/resources/iana/protocol-numbers.csv
2. Parse at class load, apply a small override map for name normalisation:

private static final Map<String, String> KEYWORD_OVERRIDES = Map.of(
    "IPv6-ICMP", "ICMPv6",
    "OSPFIGP",   "OSPF"
);

private static final Map<String, String> IP_PROTO = loadIanaProtocolNumbers();

private static Map<String, String> loadIanaProtocolNumbers() {
    Map<String, String> map = new HashMap<>();
    try (InputStream is = TsharkEnrichmentService.class
            .getResourceAsStream("/iana/protocol-numbers.csv");
         BufferedReader br = new BufferedReader(new InputStreamReader(is))) {
        br.readLine(); // skip header
        String line;
        while ((line = br.readLine()) != null) {
            String[] cols = line.split(",", 3);
            if (cols.length < 2 || cols[1].isBlank()) continue;
            String keyword = KEYWORD_OVERRIDES.getOrDefault(cols[1].trim(), cols[1].trim().toUpperCase());
            map.put(cols[0].trim(), keyword);
        }
    } catch (Exception e) {
        log.warn("Could not load IANA protocol numbers: {}", e.getMessage());
    }
    return Collections.unmodifiableMap(map);
}

The resource file can be refreshed periodically; IANA protocol number assignments are very stable (new assignments are rare).

Files to Change

• backend/src/main/java/com/tracepcap/analysis/service/TsharkEnrichmentService.java
• backend/src/main/resources/iana/protocol-numbers.csv (new — download from IANA)

Acceptance Criteria

• IP_PROTO static Map.ofEntries(...) removed
• IANA CSV committed to resources (~350 lines)
• Name overrides applied for IPv6-ICMP→ICMPv6 and OSPFIGP→OSPF
• All 12 existing entries resolve to the same names as before
• Unknown protocol numbers degrade gracefully (null / raw number string)
• Unusual protocols (e.g. GRE=47, ESP=50, SCTP=132) resolve correctly