Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[draft] flow callbacks, thread callbacks, user thread storage; eve callbacks; ndpi stub plugin - v3 #11944

Draft
wants to merge 5 commits into
base: master
Choose a base branch
from
Draft

[draft] flow callbacks, thread callbacks, user thread storage; eve callbacks; ndpi stub plugin - v3 #11944

wants to merge 5 commits into from
+962 −58

Conversation

jasonish
Copy link
Member

#11942, but with EVE callback.

I think this gives what is required to make nDPI a plugin, still draft as it has a stub plugin for example purposes.

@jasonish
flow: add callbacks for flow init and flow updates
785ffc0 
Adds user registerable callbacks for flow initialization, flow
update and flow finish.

Some plugins, such as other DPI libraries like nDPI need a way to hook
into these flow lifecycle events.

Ticket: OISF#7319
Ticket: OISF#7320
@jasonish
threads: add storage api, based on thread storage
eeab764
@jasonish
threads: add initialization callbacks
a9c3874 
For library users and plugins that need to hook into the thread life
cycle, perhaps to initialize some thread storage.
@codecov Codecov
Copy link

codecov bot commented Oct 11, 2024
edited
Loading

Codecov Report

Attention: Patch coverage is 65.66524% with 80 lines in your changes missing coverage. Please review.

Project coverage is 82.72%. Comparing base (58556b7) to head (6607ef3).

Additional details and impacted files 
@@            Coverage Diff             @@
##           master   #11944      +/-   ##
==========================================
- Coverage   82.74%   82.72%   -0.02%     
==========================================
  Files         912      915       +3     
  Lines      249102   249290     +188     
==========================================
+ Hits       206117   206235     +118     
- Misses      42985    43055      +70
Flag Coverage Δ
fuzzcorpus 60.77% <28.57%> (+0.04%) ⬆️
livemode 18.87% <14.96%> (+0.01%) ⬆️
pcap 44.08% <28.57%> (-0.03%) ⬇️
suricata-verify 62.15% <40.13%> (-0.03%) ⬇️
unittests 58.99% <42.91%> (-0.01%) ⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

@jasonish
eve: user callbacks for adding additional data
fa7a531 
Provide a way for library/plugin users to register a callback that
will be called prior to an EVE record being closed. The callback will
be passed ThreadVars, Packet, and Flow pointers if available, as well
as private user data.
@jasonish
plugins/ndpi: stub in dummy ndpi plugin
6607ef3 
This plugin stub shows how a plugin like nDPI might be use the flow
init and flow update callbacks to do its work. Also shows usage of
FlowStorage to avoid modifying the Flow struct directly.
@jasonish jasonish mentioned this pull request Oct 11, 2024
Open
3 tasks
@suricata-qa
Copy link

Information: QA ran without warnings.

Pipeline 23092

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@victorjulien victorjulien Awaiting requested review from victorjulien victorjulien will be requested when the pull request is marked ready for review victorjulien is a code owner

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@jasonish @suricata-qa