Next/20220304/v1 #7112
Merged
Next/20220304/v1 #7112
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
These tests are reimplemented in Suricata Verify Task: 4911
As these functions can be probed, having output there results in misleading output.
Ticket: 4972 Otherwise, it makes no sense to look for a tx...
The bits were being parsed in the order they're displayed in Wireshark, rather than the order they were being seen on the wire, resulting in direction and async being 0 more often than they should be. Instead of bits, take the 4 bytes as an le_u32 and just use bit masks to extract what we need into a struct, I think its easier to reason about this way when comparing to the Microsoft documentation.
Adds `.is_request()` and `.is_reply()` to check if a SMB record flags say the message is a request or a reply.
If an SMB record is seen in the wrong direction, set an event on the PDU frame and don't process the record in the state. No error is returned, so the next record will be processed.
Ticket: 4516
Ticket: 4516
Ticket: 4516
Ticket: 4516
Ticket: 4516
Ticket: 4516
Improve nfs4_res_open() parser to reflect other file-delegation types Reflect the changes on test_nfs4_response_open() unittest
Also add test_nfs4_response_exchangeid() unittest
Also add respective response/request unittests test_nfs4_request_create_session() test_nfs4_response_create_session()
Also add respective response/request unittests test_nfs4_response_layoutget() test_nfs4_request_layoutget()
Also add respective response/request unittests test_nfs4_response_getdevinfo() test_nfs4_request_getdevinfo()
Also add respective request unittest test_nfs4_request_layoutreturn()
Also add respective request unittest test_nfs4_request_destroy_session()
Add creds_len field to rpc_record needed for rpc.creds frame length calculation
Feature OISF#4872 Frames: - RPC Frames: Generic over TCP/UDP - rpc.pdu - rpc.hdr - rpc.data - rpc.creds -- for rpc calls - NFSv2, NFSv3 - nfs.pdu - nfs.status -- for nfs responses - NFSv4 Only Frames - nfs4.pdu - nfs4.hdr - nfs4.ops -- for compound request/response operations - nfs4.status -- for nfs4 responses RPC tcp/udp frames created with separate registeration functions e.g: add_rpc_tcp_tc_frames() add_rpc_udp_tc_frames()
Codecov Report
@@ Coverage Diff @@
## master #7112 +/- ##
==========================================
- Coverage 78.01% 77.99% -0.03%
==========================================
Files 628 628
Lines 185402 185266 -136
==========================================
- Hits 144637 144491 -146
- Misses 40765 40775 +10
Flags with carried forward coverage won't be shown. Click here to find out more. |
|
Information: QA ran without warnings. Pipeline 6476 |
This was referenced Mar 6, 2022
Closed
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Staging: