Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

next/400/70x/20240416/v1 #10861

Merged
merged 6 commits into from Apr 16, 2024
Merged

next/400/70x/20240416/v1 #10861

merged 6 commits into from Apr 16, 2024

Conversation

victorjulien
Copy link
Member

victorjulien and others added 6 commits April 16, 2024 15:19
@victorjulien
defrag: match up v4 and v6 packet setup
8404a7f 
v4 was doing redundant recursion level setup.

v6 was missing PKT_REBUILT_FRAGMENT flag.

(cherry picked from commit af97316)
@victorjulien
defrag: fix wrong datalink being logged
6210b82 
Eve's packet_info.linktype should correctly indicated what the `packet`
field contains. Until now it was using DLT_RAW even if Ethernet or other
L2+ headers were present.

This commit records the datalink of the packet creating the first
fragment, which can include the L2+ header data.

Bug: OISF#6887.
(cherry picked from commit 49c67b2)
@victorjulien
pcap: support LINKTYPE_IPV6 (229)
b146068 
This is just another variant of DLT_RAW.

Ticket: OISF#6943.
(cherry picked from commit 7632236)
@awelzel @victorjulien
stats: Fix non-worker stats missing
fc8a360 
Commit b8b8aa6 used tm_name of the
first StatsRecord of a thread block as key for the "threads" object.
However, depending on the type of thread, tm_name can be NULL and would
result in no entry being included for that thread at all. This caused
non-worker metrics to vanish from the "threads" object in the
dump-counters output.

This patch fixes this by remembering the first occurrence of a valid
tm_name within the per-thread block and adds another unittest to
cover this scenario.

(cherry picked from commit f172041)
@awelzel @victorjulien
schema: Add stats.capture and in_iface properties
ba46f2f 
New suricata-verify test listens on loopback interface, resulting
in the capture and in_iface fields in the stats and event objects.

(cherry picked from commit f9cf87a)
@jlucovsky @victorjulien
flow/inject: Select thread_id by flow flag
6be6d53 
Issue: 6957

Rather than selecting the thread_id index by packets traveling to the
server, use the flow flags. If the flow has been reversed, the second
slot is represents the thread id to be used.

(cherry picked from commit c305ed1)
@victorjulien victorjulien requested a review from a team as a code owner April 16, 2024 15:52
jasonish
jasonish approved these changes Apr 16, 2024
View reviewed changes
Copy link
Member

@jasonish jasonish left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks like the fuzz workflow isn't fixed in this branch?

@victorjulien
Copy link
Member Author

Looks like the fuzz workflow isn't fixed in this branch?

Probably needs 365a66a

@victorjulien victorjulien merged commit 6be6d53 into OISF:main-7.0.x Apr 16, 2024
41 of 42 checks passed
This was referenced Apr 16, 2024
Closed
Closed
Closed
@victorjulien victorjulien deleted the next/400/70x/20240416/v1 branch April 16, 2024 17:41
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jasonish jasonish jasonish approved these changes

Assignees
No one assigned
Labels
None yet
Milestone
No milestone
4 participants
@victorjulien @jasonish @awelzel @jlucovsky