====== Incomplete List of PAN-OS Decoders ======
I got this list by monitoring the Dynamic Update release emails from Palo Alto Networks.

Remember a "decoder" is effectivly a "base protocol". You can also detect these within the App-ID database as any application that does not have a "depends on" or "implicily uses". However, if we take this definition then the following list is wrong. In the list below we list some dependencies.

Listed as a decoder by the dynamic update emails and we have an App-ID for it.
  * asterisk-iax
  * bacnet
  * cip-ethernet-ip
  * corba
  * cotp
  * dhcp
  * dicom
  * dns
  * ed137
  * ftp
  * gds-db
  * gtp
  * hp-data-protector
  * icmp
  * iec-60870-5-104
  * igmp
  * ike
  * imap
  * ipsec-esp-udp
  * ldap
  * llmnr
  * lpd
  * mms-ics
  * modbus
  * msrpc
  * mssql-db
  * mysql
  * netbios-ss
  * ntp
  * oracle
  * pop3
  * postgres
  * radius
  * rpc
  * rtsp
  * sip
  * smtp
  * ssh
  * ssl
  * stun
  * teamviewer
  * tftp
  * vnc
  * unknown-tcp
  * unknown-udp
  * unknown-p2p
  
  
Listed as a decoder by the dynamic update emails and we have no App-ID for it.
  * ftp-data
  * functions
  * generic
  * http
  * http2
  * medical
  * scada
  * sctp
  * smb
  * smb-8-1
  
Listed as a decoder by the dynamic update emails and we have an App-ID for it but it implicitly uses another App-ID. Thus, is it actually a decoder?
  * kerberos - implicitly uses rpc  
  * vmware - implicitly uses ssl and web-browsing
  
Listed as a decoder by the dynamic update emails and we have an App-ID for it but it depends on another App-ID. Thus, is it actually a decoder?
  * open-vpn - depends on ssl and web-browsing
  * sccp - depends on  tftp

Also remember, there are 147 members of the "ip-protocol" list in Application Filters in August 2020. This includes all the IPv6 stuff.