Next/20200904/v7 #5361
Merged
Next/20200904/v7 #5361
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Represent rdata as `DNSRData` enum variants instead of `Vec<u8>`. This will allow parsing/logging of more complex formats like SOA.
Using nom's `rest` combinator eliminates the need to call the do_parse macro for parsing a single element.
Added `dns_parse_rdata_soa` to parse SOA fields into an `DNSRDataSOA` struct. Added logging for answer and authority SOA records in both version 1 & 2, as well as grouped formats.
Documentation of additional fields for soa and sshfp. Also some minor doc fixes and updates.
These changes are in response to feature request 3063. Geneve is very similar to VXLAN, but uses a slightly different encapsulation scheme.
This is just a slight refactor to make analagous decoding/encapsulation schemes - Geneve, Teredo, and VXLAN - be implemented as similarly as possible.
This is just a slight refactor to make analagous decoding/encapsulation schemes - Geneve, Teredo, and VXLAN - be implemented as similarly as possible.
Also enables -Wshadow and rust-strict to cover those cases from Travis. Redmine issue: https://redmine.openinfosecfoundation.org/issues/3868
Adds a test that builds and tests Suricata without nss/nspr to replace the similar test on Travis-CI. Redmine issue: https://redmine.openinfosecfoundation.org/issues/3869
To cover Travis-CI test that builds with -NDEBUG. Redmine issue: https://redmine.openinfosecfoundation.org/issues/3869
Migration of similar test from Travis-CI. Redmine issue: https://redmine.openinfosecfoundation.org/issues/3869
Choose Rust 1.39.0 as a known version of Rust that we build against to see in CI if we build with this version, but fail with latest. This is to cover a similar test from Travis CI.
This is to cover a test from Travis CI where we make sure that ./configure fails if libjansson is not available.
This commit corrects a minor grammar issue in address/port error messages.
Closed
This was referenced Sep 4, 2020
Closed
jasonish
added a commit
to jasonish/suricata
that referenced
this pull request
May 11, 2022
Rules that look like they should be IP-only but contain a negated rule address are now marked with an LIKE_IPONLY flag. This is so they are treated like IPONLY rules with respect to flow action, but don't interfere with other IPONLY processing like using the radix tree. Ticket: OISF#5361
jasonish
added a commit
to jasonish/suricata
that referenced
this pull request
Jun 1, 2022
Rules that look like they should be IP-only but contain a negated rule address are now marked with an LIKE_IPONLY flag. This is so they are treated like IPONLY rules with respect to flow action, but don't interfere with other IPONLY processing like using the radix tree. Ticket: OISF#5361
jasonish
added a commit
to jasonish/suricata
that referenced
this pull request
Jun 1, 2022
Rules that look like they should be IP-only but contain a negated rule address are now marked with an LIKE_IPONLY flag. This is so they are treated like IPONLY rules with respect to flow action, but don't interfere with other IPONLY processing like using the radix tree. Ticket: OISF#5361
victorjulien
pushed a commit
to victorjulien/suricata
that referenced
this pull request
Jun 2, 2022
Rules that look like they should be IP-only but contain a negated rule address are now marked with an LIKE_IPONLY flag. This is so they are treated like IPONLY rules with respect to flow action, but don't interfere with other IPONLY processing like using the radix tree. Ticket: OISF#5361
victorjulien
pushed a commit
to victorjulien/suricata
that referenced
this pull request
Jun 7, 2022
Rules that look like they should be IP-only but contain a negated rule address are now marked with an LIKE_IPONLY flag. This is so they are treated like IPONLY rules with respect to flow action, but don't interfere with other IPONLY processing like using the radix tree. Ticket: OISF#5361 (cherry picked from commit c8a5207)
jasonish
added a commit
to jasonish/suricata
that referenced
this pull request
Oct 5, 2022
Rules that look like they should be IP-only but contain a negated rule address are now marked with an LIKE_IPONLY flag. This is so they are treated like IPONLY rules with respect to flow action, but don't interfere with other IPONLY processing like using the radix tree. Ticket: OISF#5361 (cherry picked from commit c8a5207)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
#5360 with adjustments to satisfy new formatting requirements.
#5277 #5357 #5331 #5332
minor other fixes
PRScript output (if applicable):
Passed