Flow detection

I discovered NDPI doesn't actually recognize flows and we have to do it ourselfves ‒ it only tells us the protocol. So this branch looks into the packets and sort them into separate flows.

This one should be quite tame, code-wise.

Also, this brings the output on the unix socket quite close to the real thing (we shall terminate the TCP flows sooner and detect the protocols, domain names, etc…, but the flows are now real flows and can be aggregated).