Merge pull request #2202 in SNORT/snort3 from ~BJANDHYA/snort3:feature/smb2 to master
Squashed commit of the following:
commit
cbba5e98aa31048ffbfac913d9cde0a0e7bb7238
Author: Bhargava Jandhyala <bjandhya@cisco.com>
Date: Tue Jan 21 04:07:25 2020 -0500
smb: adding support for multiple smbv2 session for same tcp connection
1. introduced new structures to process multiple smbv2 sessions parallely.
2. SMB Session Data (SSD): The session data corresponds to a single TCP session and it holds all the flow related information. This differenciats the SMB version and segegates the processing. There can be multiple SMB sessions in a single TCP connection, hence this holds a list of session trackers.
3. Session Tracker : Session tracker uniqly tracks a single SMB session. This is identified by the uniq session_id and this holds the mount points named as Tree Trackers
4. smbv2 session will be stored in global LRU cache as well as in locally in SSD with session id.
5. Tree Tracker : Tree tracker accounts the mount points in a share and this holds the file trackers for individual file transfers
6. File Tracker : file tracker is responsible for identifying a file transfer and track it from start to end. This manages all the information related to file in transit.
6. Request trackers: Request trackers are needed to track the activity of various requests. There are 2 types of request being tracked by trackers named the create request trackers and read request trackers
7. Storage abstraction: A storage abstraction is used to store all of the trackers. Currently the underlying storage is unordered map, but can be modified as needed.
projects / thirdparty / snort3.git / commit
