-
Notifications
You must be signed in to change notification settings - Fork 1.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
rust/ldap: udp and frames support v2 #11535
Conversation
This permits to parse and log ldap over udp traffic.
This adds a pdu frame for both request and response, and removes invalid returns in SCLdapParseRequest and SCLdapParseResponse.
ERROR: ERROR: QA failed on ASAN_TLPR1_suri. Pipeline 21667 |
|
With a protocol like dns, yaml looks like this: dns:
tcp:
enabled: yes
detection-ports:
dp: 53
udp:
enabled: yes
detection-ports:
dp: 53 Why is this not similar for ldap here? |
This configuration seems to be used only for DNS, whereas other protocols (such as SIP and KRB) are not. |
Is there a way to reproduce this issue? |
I don't have a reproducer to share, sorry. Private data. |
I think we need the dns approach. |
Yep, already implemented that approach. PR coming. |
Replaced with #11558 |
Make sure these boxes are signed before submitting your Pull Request -- thank you.
https://docs.suricata.io/en/latest/devguide/contributing/contribution-process.html
https://suricata.io/about/contribution-agreement/ (note: this is only required once)
https://redmine.openinfosecfoundation.org/projects/suricata/issues
(if applicable)
Link to ticket: https://redmine.openinfosecfoundation.org/issues/1199
Describe changes:
SV_BRANCH=OISF/suricata-verify#1984