Next 20160930 v5 #2319
Merged
Next 20160930 v5 #2319
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Add support for the ENIP/CIP Industrial protocol This is an app layer implementation which uses the "enip" protocol and "cip_service" and "enip_command" keywords Implements AFL entry points
Remove printf, remove \n from SCLogDebug. Add SCLogError for rule parsing issues. Fix various style issues
detect-cipservice.c:161:29: warning: Assigned value is garbage or undefined
cipserviced->cipservice = input[0];
^ ~~~~~~~~
detect-cipservice.c:162:27: warning: Assigned value is garbage or undefined
cipserviced->cipclass = input[1];
^ ~~~~~~~~
detect-cipservice.c:163:31: warning: Assigned value is garbage or undefined
cipserviced->cipattribute = input[2];
^ ~~~~~~~~
3 warnings generated.
This permits to set a stream depth value for each app-layer. By default, the stream depth specified for tcp is set, then it's possible to specify a own value into the app-layer module with a proper API.
Some protocol like modbus requires a infinite stream depth because session are kept open and we want to analyze everything. Since we have a stream reassembly depth per stream, we can also set a stream reassembly depth per proto.
This calls StreamTcpSetReassemblyDepth to set the stream depth specified for the protocol.
When a rules match and fired filestore we may want to increase the stream reassembly depth for this specific. This add the 'depth' setting in file-store config, which permits to specify how much data we want to reassemble into a stream.
Use flags for modes to support using multiple modes at the same time.
Add keyword to check if TLS certificate is expired.
Add keyword to check if TLS certificate is valid.
Remove locks, unnecessary function calls and conditional statements.
This was referenced Sep 30, 2016
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
#2312 with lots of cleanups
#2315
#2299 with valgrind/asan fixes
Flow manager counter registration fix a3a1757
Prscript: