]> git.ipfire.org Git - thirdparty/suricata.git/commitdiff
projects / thirdparty / suricata.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 07669cd)
mqtt: move sub/unsub limits into app-layer config
authorVictor Julien <victor@inliniac.net>
Mon, 21 Jun 2021 19:10:55 +0000 (21:10 +0200)
committerVictor Julien <victor@inliniac.net>
Fri, 25 Jun 2021 15:11:00 +0000 (17:11 +0200)
(cherry picked from commit 3c1cc1e345bc9f78988411efa8461351d24efe98)

src/detect-mqtt-subscribe-topic.c patch | blob | blame | history
src/detect-mqtt-unsubscribe-topic.c patch | blob | blame | history
suricata.yaml.in patch | blob | blame | history

diff --git a/src/detect-mqtt-subscribe-topic.c b/src/detect-mqtt-subscribe-topic.c
index daedf77a91bd69d6018c19230c5354d8d9633608..7132cad2bd52149f037c08c647ed6ad0a014078e 100644 (file)
--- a/src/detect-mqtt-subscribe-topic.c
+++ b/src/detect-mqtt-subscribe-topic.c
@@ -205,7 +205,7 @@ void DetectMQTTSubscribeTopicRegister (void)
     sigmatch_table[DETECT_AL_MQTT_SUBSCRIBE_TOPIC].flags |= SIGMATCH_INFO_STICKY_BUFFER;
 
     intmax_t val = 0;
-    if (ConfGetInt("mqtt.subscribe-topic-match-limit", &val)) {
+    if (ConfGetInt("app-layer.protocols.mqtt.subscribe-topic-match-limit", &val)) {
         subscribe_topic_match_limit = val;
     }
     if (subscribe_topic_match_limit <= 0) {
diff --git a/src/detect-mqtt-unsubscribe-topic.c b/src/detect-mqtt-unsubscribe-topic.c
index 2c218029be08734770e8a1e19f5602d59a3b7114..dc69a4652ae288b4dc190ea0dfd4809dea917e50 100644 (file)
--- a/src/detect-mqtt-unsubscribe-topic.c
+++ b/src/detect-mqtt-unsubscribe-topic.c
@@ -205,7 +205,7 @@ void DetectMQTTUnsubscribeTopicRegister (void)
     sigmatch_table[DETECT_AL_MQTT_UNSUBSCRIBE_TOPIC].flags |= SIGMATCH_INFO_STICKY_BUFFER;
 
     intmax_t val = 0;
-    if (ConfGetInt("mqtt.unsubscribe-topic-match-limit", &val)) {
+    if (ConfGetInt("app-layer.protocols.mqtt.unsubscribe-topic-match-limit", &val)) {
         unsubscribe_topic_match_limit = val;
     }
     if (unsubscribe_topic_match_limit <= 0) {
diff --git a/suricata.yaml.in b/suricata.yaml.in
index 7aa29b12dc4db3e908e54f2c13e25fad080e76aa..0148c178aa2014a23ee869f67dd021833eacd50a 100644 (file)
--- a/suricata.yaml.in
+++ b/suricata.yaml.in
@@ -722,6 +722,8 @@ app-layer:
     mqtt:
       # enabled: no
       # max-msg-length: 1mb
+      # subscribe-topic-match-limit: 100
+      # unsubscribe-topic-match-limit: 100
     krb5:
       enabled: yes
     snmp:
@@ -1111,11 +1113,6 @@ pcre:
   match-limit: 3500
   match-limit-recursion: 1500
 
-# MQTT topic detection depth
-#mqtt:
-#  subscribe-topic-match-limit: 100
-#  unsubscribe-topic-match-limit: 100
-
 ##
 ## Advanced Traffic Tracking and Reconstruction Settings
 ##
Mirror of https://github.com/OISF/suricata.git