Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

next/466/20240604/v1 #11236

Merged
merged 14 commits into from
Jun 5, 2024
Merged

next/466/20240604/v1 #11236

merged 14 commits into from
Jun 5, 2024

Conversation

victorjulien
Copy link
Member

catenacyber and others added 14 commits June 4, 2024 22:05
@catenacyber @victorjulien
dns: remove unneeded mut in logger
7fb1067
@catenacyber @victorjulien
dns: adds missing NS field in json schema
9332bc2
@victorjulien
app-layer: minor code clarification
e6c1b9d 
'dir' was too generic, so indicate it's about the app-layer update direction.
@victorjulien
stream: minor code clarification
2435878 
'dir' was too generic, so indicate it's about the app-layer update direction.
@victorjulien
frames: fix bounds check
c7402d2
@victorjulien
frames: add FrameGetLastOpenByType
803e8dd 
Getter for the most recent frame with unknown length (-1).
@victorjulien
app-layer/frames: add by type getter
2e5e349 
AppLayerFrameGetLastOpenByType: Returns the most recent frame with a type
with unknown length (-1).

Check if type is globally enabled first.
@victorjulien
detect/frames: avoid IPS rescanning
683363b 
Make sure to only scan the data when the app layer has been updated
as well.

Ticket: OISF#6718.
@victorjulien
app-layer: flag flow for next packet in other dir
866c128 
Add new flags to trigger FLOW_TS_APP_UPDATED/FLOW_TC_APP_UPDATED flags
to be set for the next packet in the relevant direction.

This allows for app relevant work to be done in the next packet in our
direction.
@victorjulien
detect/frames: inspect frames only in correct direction
a9dd157 
Inspect frames in the correct direction after they have been created.
@victorjulien
stream: process ASYNC in packet dir
c17df00 
There will generally not be an opposing direction to handle
the app update.
@victorjulien
flow-worker: debug output about updates
2cebc83
@victorjulien
smtp/frames: initial frame support
306fd79 
Adds the following frames:

  command_line
  data
  response_line

The *_line frames are per line, so in multi-line responses each line
will have it's own frame.

Ticket: OISF#4905.
@victorjulien
doc/userguide: add documentation for SMTP frames
8781e93
@codecov Codecov
Copy link

codecov bot commented Jun 4, 2024

Codecov Report

Attention: Patch coverage is 97.94521% with 3 lines in your changes missing coverage. Please review.

Project coverage is 82.99%. Comparing base (a10c1f1) to head (8781e93).

Additional details and impacted files 
@@            Coverage Diff             @@
##           master   #11236      +/-   ##
==========================================
+ Coverage   82.96%   82.99%   +0.02%     
==========================================
  Files         942      942              
  Lines      249246   249358     +112     
==========================================
+ Hits       206789   206951     +162     
+ Misses      42457    42407      -50
Flag Coverage Δ
fuzzcorpus 61.10% <69.86%> (+<0.01%) ⬆️
livemode 18.84% <7.58%> (+0.03%) ⬆️
pcap 44.31% <74.48%> (+0.03%) ⬆️
suricata-verify 61.67% <97.24%> (+0.04%) ⬆️
unittests 60.50% <41.09%> (-0.02%) ⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

@suricata-qa
Copy link

Information: QA ran without warnings.

Pipeline 20951

inashivb
inashivb reviewed Jun 5, 2024
View reviewed changes
doc/userguide/rules/smtp-keywords.rst
line. Lines part of the SMTP DATA transfer are excluded.

.. container:: example fule
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There's a typo in the name of the CSS container. These rules may not render as intended. It should be example-rule.

@victorjulien victorjulien merged commit 8781e93 into OISF:master Jun 5, 2024
51 checks passed
This was referenced Jun 5, 2024
Closed
Closed
@victorjulien victorjulien deleted the next/466/20240604/v1 branch June 5, 2024 04:41
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@inashivb inashivb inashivb left review comments

@jasonish jasonish jasonish approved these changes

@jufajardini jufajardini Awaiting requested review from jufajardini jufajardini is a code owner

Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@victorjulien @suricata-qa @jasonish @inashivb @catenacyber