rust/flow: move flow support to its own file (cleanup)

Move the Rust Flow support from core.rs to flow.rs.

diff --git a/rust/src/applayer.rs b/rust/src/applayer.rs
index 4b786953262454bcac2de8b3a374d7b8a88c7768..4518ae9cf3c7d00d8aa66de647f57516dd4d7d9f 100644 (file)
--- a/rust/src/applayer.rs
+++ b/rust/src/applayer.rs
@@ -18,8 +18,9 @@
 //! Parser registration functions and common interface module.
 
 use std;
-use crate::core::{self,DetectEngineState,Flow,AppLayerEventType,AppProto,Direction};
+use crate::core::{self,DetectEngineState,AppLayerEventType,AppProto,Direction};
 use crate::filecontainer::FileContainer;
+use crate::flow::Flow;
 use std::os::raw::{c_void,c_char,c_int};
 use crate::core::SC;
 use std::ffi::CStr;

diff --git a/rust/src/applayertemplate/template.rs b/rust/src/applayertemplate/template.rs
index eebe7385db129cf81a50316a8cfa94229838cd68..9a23ee683f5ea09c3293782921ac45b377f8e568 100644 (file)
--- a/rust/src/applayertemplate/template.rs
+++ b/rust/src/applayertemplate/template.rs
@@ -18,7 +18,8 @@
 use super::parser;
 use crate::applayer::{self, *};
 use crate::conf::conf_get;
-use crate::core::{AppProto, Flow, ALPROTO_UNKNOWN, IPPROTO_TCP};
+use crate::core::{AppProto, ALPROTO_UNKNOWN, IPPROTO_TCP};
+use crate::flow::Flow;
 use nom7 as nom;
 use std;
 use std::collections::VecDeque;

diff --git a/rust/src/bittorrent_dht/bittorrent_dht.rs b/rust/src/bittorrent_dht/bittorrent_dht.rs
index f48cb3d2bf28cea330816b5f611a44f3eb001e65..82c267df372c082fd2349f7b9e3be678fa9ec103 100644 (file)
--- a/rust/src/bittorrent_dht/bittorrent_dht.rs
+++ b/rust/src/bittorrent_dht/bittorrent_dht.rs
@@ -19,7 +19,8 @@ use crate::applayer::{self, *};
 use crate::bittorrent_dht::parser::{
     parse_bittorrent_dht_packet, BitTorrentDHTError, BitTorrentDHTRequest, BitTorrentDHTResponse,
 };
-use crate::core::{AppProto, Flow, ALPROTO_UNKNOWN, IPPROTO_UDP, Direction};
+use crate::core::{AppProto, ALPROTO_UNKNOWN, IPPROTO_UDP, Direction};
+use crate::flow::Flow;
 use std::ffi::CString;
 use std::os::raw::c_char;
 

diff --git a/rust/src/core.rs b/rust/src/core.rs
index 8dafc73eec81e06d0637d8ffd3b23d9bea08648f..a6578b66add83895ff59b82e16ae15a57bcb486b 100644 (file)
--- a/rust/src/core.rs
+++ b/rust/src/core.rs
@@ -20,6 +20,7 @@
 use std;
 use crate::filecontainer::*;
 use crate::debug_validate_fail;
+use crate::flow::Flow;
 
 /// Opaque C types.
 pub enum DetectEngineState {}
@@ -131,9 +132,6 @@ macro_rules!BIT_U64 {
     ($x:expr) => (1 << $x);
 }
 
-// Flow flags
-pub const FLOW_DIR_REVERSED: u32 = BIT_U32!(26);
-
 // Defined in app-layer-protos.h
 /// cbindgen:ignore
 extern {
@@ -302,43 +300,6 @@ pub fn sc_app_layer_decoder_events_free_events(
     }
 }
 
-/// Opaque flow type (defined in C)
-pub enum Flow {}
-
-// Extern functions operating on Flow.
-/// cbindgen:ignore
-extern {
-    pub fn FlowGetLastTimeAsParts(flow: &Flow, secs: *mut u64, usecs: *mut u64);
-    pub fn FlowGetFlags(flow: &Flow) -> u32;
-    pub fn FlowGetSourcePort(flow: &Flow) -> u16;
-    pub fn FlowGetDestinationPort(flow: &Flow) -> u16;
-}
-
-/// Rust implementation of Flow.
-impl Flow {
-
-    /// Return the time of the last flow update as a `Duration`
-    /// since the epoch.
-    pub fn get_last_time(&mut self) -> std::time::Duration {
-        unsafe {
-            let mut secs: u64 = 0;
-            let mut usecs: u64 = 0;
-            FlowGetLastTimeAsParts(self, &mut secs, &mut usecs);
-            std::time::Duration::new(secs, usecs as u32 * 1000)
-        }
-    }
-
-    /// Return the flow flags.
-    pub fn get_flags(&self) -> u32 {
-        unsafe { FlowGetFlags(self) }
-    }
-
-    /// Return flow ports
-    pub fn get_ports(&self) -> (u16, u16) {
-        unsafe { (FlowGetSourcePort(self), FlowGetDestinationPort(self)) }
-    }
-}
-
 #[cfg(test)]
 mod test {
     use super::*;

diff --git a/rust/src/dcerpc/dcerpc.rs b/rust/src/dcerpc/dcerpc.rs
index 9253a2bde8e96f7c8563ae17db867df1b3fd271a..2a2db94a3bb8bbf37d85f12c3fa674130a04b253 100644 (file)
--- a/rust/src/dcerpc/dcerpc.rs
+++ b/rust/src/dcerpc/dcerpc.rs
@@ -18,6 +18,7 @@
 use crate::applayer::{self, *};
 use crate::core::{self, *};
 use crate::dcerpc::parser;
+use crate::flow::Flow;
 use nom7::error::{Error, ErrorKind};
 use nom7::number::Endianness;
 use nom7::{Err, IResult, Needed};
@@ -322,7 +323,7 @@ pub struct DCERPCState {
     pub tc_gap: bool,
     pub ts_ssn_gap: bool,
     pub tc_ssn_gap: bool,
-    pub flow: Option<*const core::Flow>,
+    pub flow: Option<*const Flow>,
     state_data: AppLayerStateData,
 }
 
@@ -1129,7 +1130,7 @@ pub extern "C" fn rs_parse_dcerpc_response_gap(
 
 #[no_mangle]
 pub unsafe extern "C" fn rs_dcerpc_parse_request(
-    flow: *const core::Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void,
+    flow: *const Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void,
     stream_slice: StreamSlice,
     _data: *const std::os::raw::c_void,
 ) -> AppLayerResult {
@@ -1154,7 +1155,7 @@ pub unsafe extern "C" fn rs_dcerpc_parse_request(
 
 #[no_mangle]
 pub unsafe extern "C" fn rs_dcerpc_parse_response(
-    flow: *const core::Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void,
+    flow: *const Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void,
     stream_slice: StreamSlice,
     _data: *const std::os::raw::c_void,
 ) -> AppLayerResult {
@@ -1269,7 +1270,7 @@ fn probe(input: &[u8]) -> (bool, bool) {
     }
 }
 
-pub unsafe extern "C" fn rs_dcerpc_probe_tcp(_f: *const core::Flow, direction: u8, input: *const u8,
+pub unsafe extern "C" fn rs_dcerpc_probe_tcp(_f: *const Flow, direction: u8, input: *const u8,
                                       len: u32, rdir: *mut u8) -> AppProto
 {
     SCLogDebug!("Probing packet for DCERPC");

diff --git a/rust/src/dcerpc/dcerpc_udp.rs b/rust/src/dcerpc/dcerpc_udp.rs
index fee460f9b3e02def4f21effbdce4a4886d3ec6c6..f890f10acea3bc47283b5b2774fc875836349f61 100644 (file)
--- a/rust/src/dcerpc/dcerpc_udp.rs
+++ b/rust/src/dcerpc/dcerpc_udp.rs
@@ -21,6 +21,7 @@ use crate::dcerpc::dcerpc::{
     DCERPCTransaction, DCERPC_MAX_TX, DCERPC_TYPE_REQUEST, DCERPC_TYPE_RESPONSE, PFCL1_FRAG, PFCL1_LASTFRAG,
     rs_dcerpc_get_alstate_progress, ALPROTO_DCERPC, PARSER_NAME,
 };
+use crate::flow::Flow;
 use nom7::Err;
 use std;
 use std::ffi::CString;
@@ -233,7 +234,7 @@ impl DCERPCUDPState {
 
 #[no_mangle]
 pub unsafe extern "C" fn rs_dcerpc_udp_parse(
-    _flow: *const core::Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void,
+    _flow: *const Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void,
     stream_slice: StreamSlice,
     _data: *const std::os::raw::c_void,
 ) -> AppLayerResult {
@@ -310,7 +311,7 @@ fn probe(input: &[u8]) -> (bool, bool) {
     }
 }
 
-pub unsafe extern "C" fn rs_dcerpc_probe_udp(_f: *const core::Flow, direction: u8, input: *const u8,
+pub unsafe extern "C" fn rs_dcerpc_probe_udp(_f: *const Flow, direction: u8, input: *const u8,
                                       len: u32, rdir: *mut u8) -> core::AppProto
 {
     SCLogDebug!("Probing the packet for DCERPC/UDP");

diff --git a/rust/src/dhcp/dhcp.rs b/rust/src/dhcp/dhcp.rs
index 5b6f4b4a085ae9c401ee606bcfcb7aae5cfc359a..28f6f2613797a8f7b77366d6fd6d11a1434c5ef7 100644 (file)
--- a/rust/src/dhcp/dhcp.rs
+++ b/rust/src/dhcp/dhcp.rs
@@ -16,9 +16,9 @@
  */
 
 use crate::applayer::{self, *};
-use crate::core;
-use crate::core::{ALPROTO_UNKNOWN, AppProto, Flow, IPPROTO_UDP};
+use crate::core::{ALPROTO_UNKNOWN, AppProto, IPPROTO_UDP};
 use crate::dhcp::parser::*;
+use crate::flow::Flow;
 use std;
 use std::ffi::CString;
 
@@ -227,7 +227,7 @@ pub unsafe extern "C" fn rs_dhcp_state_get_tx_count(state: *mut std::os::raw::c_
 }
 
 #[no_mangle]
-pub unsafe extern "C" fn rs_dhcp_parse(_flow: *const core::Flow,
+pub unsafe extern "C" fn rs_dhcp_parse(_flow: *const Flow,
                                 state: *mut std::os::raw::c_void,
                                 _pstate: *mut std::os::raw::c_void,
                                 stream_slice: StreamSlice,

diff --git a/rust/src/dns/dns.rs b/rust/src/dns/dns.rs
index b96956ba0a812e022894740f862eab7afca416e2..6cf2e35ecf6d84084038a3edf181063dc24bc65b 100644 (file)
--- a/rust/src/dns/dns.rs
+++ b/rust/src/dns/dns.rs
@@ -23,6 +23,7 @@ use std::ffi::CString;
 use crate::applayer::*;
 use crate::core::{self, *};
 use crate::dns::parser;
+use crate::flow::Flow;
 use crate::frames::Frame;
 
 use nom7::number::streaming::be_u16;
@@ -549,7 +550,7 @@ impl DNSState {
     }
 
     fn parse_request(
-        &mut self, input: &[u8], is_tcp: bool, frame: Option<Frame>, flow: *const core::Flow,
+        &mut self, input: &[u8], is_tcp: bool, frame: Option<Frame>, flow: *const Flow,
     ) -> bool {
         match dns_parse_request(input) {
             Ok(mut tx) => {
@@ -581,7 +582,7 @@ impl DNSState {
         }
     }
 
-    fn parse_request_udp(&mut self, flow: *const core::Flow, stream_slice: StreamSlice) -> bool {
+    fn parse_request_udp(&mut self, flow: *const Flow, stream_slice: StreamSlice) -> bool {
         let input = stream_slice.as_slice();
         let frame = Frame::new(
             flow,
@@ -594,7 +595,7 @@ impl DNSState {
         self.parse_request(input, false, frame, flow)
     }
 
-    fn parse_response_udp(&mut self, flow: *const core::Flow, stream_slice: StreamSlice) -> bool {
+    fn parse_response_udp(&mut self, flow: *const Flow, stream_slice: StreamSlice) -> bool {
         let input = stream_slice.as_slice();
         let frame = Frame::new(
             flow,
@@ -608,7 +609,7 @@ impl DNSState {
     }
 
     fn parse_response(
-        &mut self, input: &[u8], is_tcp: bool, frame: Option<Frame>, flow: *const core::Flow,
+        &mut self, input: &[u8], is_tcp: bool, frame: Option<Frame>, flow: *const Flow,
     ) -> bool {
         match dns_parse_response(input) {
             Ok(mut tx) => {
@@ -644,7 +645,7 @@ impl DNSState {
     ///
     /// Returns the number of messages parsed.
     fn parse_request_tcp(
-        &mut self, flow: *const core::Flow, stream_slice: StreamSlice,
+        &mut self, flow: *const Flow, stream_slice: StreamSlice,
     ) -> AppLayerResult {
         let input = stream_slice.as_slice();
         if self.gap {
@@ -708,7 +709,7 @@ impl DNSState {
     ///
     /// Returns the number of messages parsed.
     fn parse_response_tcp(
-        &mut self, flow: *const core::Flow, stream_slice: StreamSlice,
+        &mut self, flow: *const Flow, stream_slice: StreamSlice,
     ) -> AppLayerResult {
         let input = stream_slice.as_slice();
         if self.gap {
@@ -879,7 +880,7 @@ unsafe extern "C" fn state_tx_free(state: *mut std::os::raw::c_void, tx_id: u64)
 
 /// C binding parse a DNS request. Returns 1 on success, -1 on failure.
 unsafe extern "C" fn parse_request(
-    flow: *const core::Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void,
+    flow: *const Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void,
     stream_slice: StreamSlice, _data: *const std::os::raw::c_void,
 ) -> AppLayerResult {
     let state = cast_pointer!(state, DNSState);
@@ -888,7 +889,7 @@ unsafe extern "C" fn parse_request(
 }
 
 unsafe extern "C" fn parse_response(
-    flow: *const core::Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void,
+    flow: *const Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void,
     stream_slice: StreamSlice, _data: *const std::os::raw::c_void,
 ) -> AppLayerResult {
     let state = cast_pointer!(state, DNSState);
@@ -898,7 +899,7 @@ unsafe extern "C" fn parse_response(
 
 /// C binding parse a DNS request. Returns 1 on success, -1 on failure.
 unsafe extern "C" fn parse_request_tcp(
-    flow: *const core::Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void,
+    flow: *const Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void,
     stream_slice: StreamSlice, _data: *const std::os::raw::c_void,
 ) -> AppLayerResult {
     let state = cast_pointer!(state, DNSState);
@@ -911,7 +912,7 @@ unsafe extern "C" fn parse_request_tcp(
 }
 
 unsafe extern "C" fn parse_response_tcp(
-    flow: *const core::Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void,
+    flow: *const Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void,
     stream_slice: StreamSlice, _data: *const std::os::raw::c_void,
 ) -> AppLayerResult {
     let state = cast_pointer!(state, DNSState);
@@ -1028,7 +1029,7 @@ pub extern "C" fn SCDnsTxGetResponseFlags(tx: &mut DNSTransaction) -> u16 {
 }
 
 unsafe extern "C" fn probe_udp(
-    _flow: *const core::Flow, _dir: u8, input: *const u8, len: u32, rdir: *mut u8,
+    _flow: *const Flow, _dir: u8, input: *const u8, len: u32, rdir: *mut u8,
 ) -> AppProto {
     if input.is_null() || len < std::mem::size_of::<DNSHeader>() as u32 {
         return core::ALPROTO_UNKNOWN;
@@ -1048,7 +1049,7 @@ unsafe extern "C" fn probe_udp(
 }
 
 unsafe extern "C" fn c_probe_tcp(
-    _flow: *const core::Flow, direction: u8, input: *const u8, len: u32, rdir: *mut u8,
+    _flow: *const Flow, direction: u8, input: *const u8, len: u32, rdir: *mut u8,
 ) -> AppProto {
     if input.is_null() || len < std::mem::size_of::<DNSHeader>() as u32 + 2 {
         return core::ALPROTO_UNKNOWN;

diff --git a/rust/src/enip/enip.rs b/rust/src/enip/enip.rs
index 18e728122641d47414442c0b12b1c846c36fddaa..6b99992f1247ede41ba2e851a6508f510fbea099 100644 (file)
--- a/rust/src/enip/enip.rs
+++ b/rust/src/enip/enip.rs
@@ -20,10 +20,11 @@ use super::parser;
 use crate::applayer::{self, *};
 use crate::conf::conf_get;
 use crate::core::{
-    AppProto, Direction, Flow, ALPROTO_FAILED, ALPROTO_UNKNOWN, IPPROTO_TCP, IPPROTO_UDP,
+    AppProto, Direction, ALPROTO_FAILED, ALPROTO_UNKNOWN, IPPROTO_TCP, IPPROTO_UDP,
     STREAM_TOCLIENT, STREAM_TOSERVER,
 };
 use crate::detect::EnumString;
+use crate::flow::Flow;
 use crate::frames::Frame;
 use nom7 as nom;
 use std;

diff --git a/rust/src/flow.rs b/rust/src/flow.rs
new file mode 100644 (file)
index 0000000..27c4d65
--- /dev/null
+++ b/rust/src/flow.rs
@@ -0,0 +1,55 @@
+/* Copyright (C) 2017-2025 Open Information Security Foundation
+ *
+ * You can copy, redistribute or modify this Program under the terms of
+ * the GNU General Public License version 2 as published by the Free
+ * Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * version 2 along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301, USA.
+ */
+
+/// Flow API from C.
+/// cbindgen:ignore
+extern "C" {
+    fn FlowGetLastTimeAsParts(flow: &Flow, secs: *mut u64, usecs: *mut u64);
+    fn FlowGetFlags(flow: &Flow) -> u32;
+    fn FlowGetSourcePort(flow: &Flow) -> u16;
+    fn FlowGetDestinationPort(flow: &Flow) -> u16;
+}
+
+// Flow flags
+pub const FLOW_DIR_REVERSED: u32 = BIT_U32!(26);
+
+/// Opaque flow type (defined in C)
+pub enum Flow {}
+
+/// Rust implementation of Flow.
+impl Flow {
+    /// Return the time of the last flow update as a `Duration`
+    /// since the epoch.
+    pub fn get_last_time(&mut self) -> std::time::Duration {
+        unsafe {
+            let mut secs: u64 = 0;
+            let mut usecs: u64 = 0;
+            FlowGetLastTimeAsParts(self, &mut secs, &mut usecs);
+            std::time::Duration::new(secs, usecs as u32 * 1000)
+        }
+    }
+
+    /// Return the flow flags.
+    pub fn get_flags(&self) -> u32 {
+        unsafe { FlowGetFlags(self) }
+    }
+
+    /// Return flow ports
+    pub fn get_ports(&self) -> (u16, u16) {
+        unsafe { (FlowGetSourcePort(self), FlowGetDestinationPort(self)) }
+    }
+}

diff --git a/rust/src/frames.rs b/rust/src/frames.rs
index 2380a51594da27513ab0122037ab72c1835fa21b..ac7835843848504c362819e7fb83ab9f02e8524b 100644 (file)
--- a/rust/src/frames.rs
+++ b/rust/src/frames.rs
@@ -18,7 +18,7 @@
 //! Module for bindings to the Suricata C frame API.
 
 use crate::applayer::StreamSlice;
-use crate::core::Flow;
+use crate::flow::Flow;
 #[cfg(not(test))]
 use crate::core::STREAM_TOSERVER;
 use crate::core::Direction;

diff --git a/rust/src/http2/http2.rs b/rust/src/http2/http2.rs
index 98214ff1a6e976a1c6b16ba1b91dbf0b0066a98d..4934c9e0230a78a2c71c7738ee2550a086beb0d2 100644 (file)
--- a/rust/src/http2/http2.rs
+++ b/rust/src/http2/http2.rs
@@ -25,6 +25,7 @@ use crate::conf::conf_get;
 use crate::core::*;
 use crate::filecontainer::*;
 use crate::filetracker::*;
+use crate::flow::Flow;
 use crate::frames::Frame;
 
 use crate::dns::dns::{dns_parse_request, dns_parse_response, DNSTransaction};

diff --git a/rust/src/http2/range.rs b/rust/src/http2/range.rs
index 71c22a7b5d01c2b09449bfd70c28987ba5982e45..0749cc0bc52fed0d48c9fdabd0e95693d4054631 100644 (file)
--- a/rust/src/http2/range.rs
+++ b/rust/src/http2/range.rs
@@ -17,8 +17,9 @@
 
 use super::detect;
 use crate::core::{
-    Direction, Flow, HttpRangeContainerBlock, StreamingBufferConfig, SuricataFileContext, SC,
+    Direction, HttpRangeContainerBlock, StreamingBufferConfig, SuricataFileContext, SC,
 };
+use crate::flow::Flow;
 use crate::http2::http2::HTTP2Transaction;
 use crate::http2::http2::SURICATA_HTTP2_FILE_CONFIG;
 

diff --git a/rust/src/ike/ike.rs b/rust/src/ike/ike.rs
index df62c19cb4ffd241583bba58d6f8eecf80def2db..81e10af24e17e6530a3580ced0a857ba6176d1c4 100644 (file)
--- a/rust/src/ike/ike.rs
+++ b/rust/src/ike/ike.rs
@@ -23,6 +23,7 @@ use self::ipsec_parser::*;
 use crate::applayer;
 use crate::applayer::*;
 use crate::core::{self, *};
+use crate::flow::Flow;
 use crate::ike::ikev1::{handle_ikev1, IkeV1Header, Ikev1Container};
 use crate::ike::ikev2::{handle_ikev2, Ikev2Container};
 use crate::ike::parser::*;

diff --git a/rust/src/krb/krb5.rs b/rust/src/krb/krb5.rs
index 51b215ca30d1317898a4880518bb140245bec7ed..b322c7b1726ba985ea4c81d301f032d600521dfa 100644 (file)
--- a/rust/src/krb/krb5.rs
+++ b/rust/src/krb/krb5.rs
@@ -28,7 +28,8 @@ use kerberos_parser::krb5::{EncryptionType,ErrorCode,MessageType,PrincipalName,R
 use asn1_rs::FromDer;
 use crate::applayer::{self, *};
 use crate::core;
-use crate::core::{AppProto,Flow,ALPROTO_FAILED,ALPROTO_UNKNOWN,Direction, IPPROTO_TCP, IPPROTO_UDP};
+use crate::core::{AppProto,ALPROTO_FAILED,ALPROTO_UNKNOWN,Direction, IPPROTO_TCP, IPPROTO_UDP};
+use crate::flow::Flow;
 
 #[derive(AppLayerEvent)]
 pub enum KRB5Event {
@@ -428,7 +429,7 @@ pub unsafe extern "C" fn rs_krb5_probing_parser_tcp(_flow: *const Flow,
 }
 
 #[no_mangle]
-pub unsafe extern "C" fn rs_krb5_parse_request(_flow: *const core::Flow,
+pub unsafe extern "C" fn rs_krb5_parse_request(_flow: *const Flow,
                                        state: *mut std::os::raw::c_void,
                                        _pstate: *mut std::os::raw::c_void,
                                        stream_slice: StreamSlice,
@@ -443,7 +444,7 @@ pub unsafe extern "C" fn rs_krb5_parse_request(_flow: *const core::Flow,
 }
 
 #[no_mangle]
-pub unsafe extern "C" fn rs_krb5_parse_response(_flow: *const core::Flow,
+pub unsafe extern "C" fn rs_krb5_parse_response(_flow: *const Flow,
                                        state: *mut std::os::raw::c_void,
                                        _pstate: *mut std::os::raw::c_void,
                                        stream_slice: StreamSlice,
@@ -458,7 +459,7 @@ pub unsafe extern "C" fn rs_krb5_parse_response(_flow: *const core::Flow,
 }
 
 #[no_mangle]
-pub unsafe extern "C" fn rs_krb5_parse_request_tcp(_flow: *const core::Flow,
+pub unsafe extern "C" fn rs_krb5_parse_request_tcp(_flow: *const Flow,
                                        state: *mut std::os::raw::c_void,
                                        _pstate: *mut std::os::raw::c_void,
                                        stream_slice: StreamSlice,
@@ -516,7 +517,7 @@ pub unsafe extern "C" fn rs_krb5_parse_request_tcp(_flow: *const core::Flow,
 }
 
 #[no_mangle]
-pub unsafe extern "C" fn rs_krb5_parse_response_tcp(_flow: *const core::Flow,
+pub unsafe extern "C" fn rs_krb5_parse_response_tcp(_flow: *const Flow,
                                        state: *mut std::os::raw::c_void,
                                        _pstate: *mut std::os::raw::c_void,
                                        stream_slice: StreamSlice,

diff --git a/rust/src/ldap/ldap.rs b/rust/src/ldap/ldap.rs
index 44c4eeedc3aadffd3c847d561be1b5d4d4d5dac5..c17de7f991a5c2e80ac37ecc278a2e7b5d159be7 100644 (file)
--- a/rust/src/ldap/ldap.rs
+++ b/rust/src/ldap/ldap.rs
@@ -19,7 +19,8 @@
 
 use crate::applayer::{self, *};
 use crate::conf::conf_get;
-use crate::core::{Flow, *};
+use crate::core::*;
+use crate::flow::Flow;
 use crate::frames::*;
 use nom7 as nom;
 use std;

diff --git a/rust/src/lib.rs b/rust/src/lib.rs
index bea7854f107e4051366641b356c63b5f1231d53b..9d2b7990f601e568f7df44d35aa6e473aeddaa32 100644 (file)
--- a/rust/src/lib.rs
+++ b/rust/src/lib.rs
@@ -139,6 +139,7 @@ pub mod ffi;
 pub mod feature;
 pub mod sdp;
 pub mod ldap;
+pub mod flow;
 
 #[allow(unused_imports)]
 pub use suricata_lua_sys;

diff --git a/rust/src/modbus/modbus.rs b/rust/src/modbus/modbus.rs
index 56f9e6f1f567cc1fe8bce75c3e78670e20062327..33cb9787c47efefdd9da307a379f8bb907d5dd33 100644 (file)
--- a/rust/src/modbus/modbus.rs
+++ b/rust/src/modbus/modbus.rs
@@ -15,7 +15,8 @@
 * 02110-1301, USA.
 */
 use crate::applayer::{self, *};
-use crate::core::{self, AppProto, ALPROTO_FAILED, ALPROTO_UNKNOWN, IPPROTO_TCP};
+use crate::core::{AppProto, ALPROTO_FAILED, ALPROTO_UNKNOWN, IPPROTO_TCP};
+use crate::flow::Flow;
 
 use std::ffi::CString;
 
@@ -280,7 +281,7 @@ impl ModbusState {
 /// Probe input to see if it looks like Modbus.
 #[no_mangle]
 pub extern "C" fn rs_modbus_probe(
-    _flow: *const core::Flow, _direction: u8, input: *const u8, len: u32, _rdir: *mut u8,
+    _flow: *const Flow, _direction: u8, input: *const u8, len: u32, _rdir: *mut u8,
 ) -> AppProto {
     if input.is_null() {
         return ALPROTO_UNKNOWN;
@@ -313,7 +314,7 @@ pub unsafe extern "C" fn rs_modbus_state_tx_free(state: *mut std::os::raw::c_voi
 
 #[no_mangle]
 pub unsafe extern "C" fn rs_modbus_parse_request(
-    _flow: *const core::Flow, state: *mut std::os::raw::c_void, pstate: *mut std::os::raw::c_void,
+    _flow: *const Flow, state: *mut std::os::raw::c_void, pstate: *mut std::os::raw::c_void,
     stream_slice: StreamSlice,
     _data: *const std::os::raw::c_void,
 ) -> AppLayerResult {
@@ -332,7 +333,7 @@ pub unsafe extern "C" fn rs_modbus_parse_request(
 
 #[no_mangle]
 pub unsafe extern "C" fn rs_modbus_parse_response(
-    _flow: *const core::Flow, state: *mut std::os::raw::c_void, pstate: *mut std::os::raw::c_void,
+    _flow: *const Flow, state: *mut std::os::raw::c_void, pstate: *mut std::os::raw::c_void,
     stream_slice: StreamSlice,
     _data: *const std::os::raw::c_void,
 ) -> AppLayerResult {

diff --git a/rust/src/mqtt/mqtt.rs b/rust/src/mqtt/mqtt.rs
index e2905a4c603b81aa8f2d50194f478ebe488512c7..d4ee6cced3cc5a5dc3f698f553a6de4a9551dd08 100644 (file)
--- a/rust/src/mqtt/mqtt.rs
+++ b/rust/src/mqtt/mqtt.rs
@@ -23,6 +23,7 @@ use crate::applayer::*;
 use crate::applayer::{self, LoggerFlags};
 use crate::conf::{conf_get, get_memval};
 use crate::core::*;
+use crate::flow::Flow;
 use crate::frames::*;
 use nom7::Err;
 use std;

diff --git a/rust/src/nfs/nfs.rs b/rust/src/nfs/nfs.rs
index 15effa4f66f1ae09bb3279dcb2256bef0025efa7..04c205aabf9be58db21ab1d938dfe2b31b6a548c 100644 (file)
--- a/rust/src/nfs/nfs.rs
+++ b/rust/src/nfs/nfs.rs
@@ -26,6 +26,7 @@ use nom7::{Err, Needed};
 
 use crate::applayer;
 use crate::applayer::*;
+use crate::flow::Flow;
 use crate::frames::*;
 use crate::core::*;
 use crate::conf::*;

diff --git a/rust/src/ntp/ntp.rs b/rust/src/ntp/ntp.rs
index e17648c4c960368f08eb4a6789e06f4026912db4..d4c3d8b41b9887467bec242971058621862872c3 100644 (file)
--- a/rust/src/ntp/ntp.rs
+++ b/rust/src/ntp/ntp.rs
@@ -20,8 +20,9 @@
 extern crate ntp_parser;
 use self::ntp_parser::*;
 use crate::core;
-use crate::core::{AppProto,Flow,ALPROTO_UNKNOWN,ALPROTO_FAILED,Direction};
+use crate::core::{AppProto,ALPROTO_UNKNOWN,ALPROTO_FAILED,Direction};
 use crate::applayer::{self, *};
+use crate::flow::Flow;
 use std;
 use std::ffi::CString;
 
@@ -174,7 +175,7 @@ pub extern "C" fn rs_ntp_state_free(state: *mut std::os::raw::c_void) {
 }
 
 #[no_mangle]
-pub unsafe extern "C" fn rs_ntp_parse_request(_flow: *const core::Flow,
+pub unsafe extern "C" fn rs_ntp_parse_request(_flow: *const Flow,
                                        state: *mut std::os::raw::c_void,
                                        _pstate: *mut std::os::raw::c_void,
                                        stream_slice: StreamSlice,
@@ -188,7 +189,7 @@ pub unsafe extern "C" fn rs_ntp_parse_request(_flow: *const core::Flow,
 }
 
 #[no_mangle]
-pub unsafe extern "C" fn rs_ntp_parse_response(_flow: *const core::Flow,
+pub unsafe extern "C" fn rs_ntp_parse_response(_flow: *const Flow,
                                        state: *mut std::os::raw::c_void,
                                        _pstate: *mut std::os::raw::c_void,
                                        stream_slice: StreamSlice,

diff --git a/rust/src/pgsql/pgsql.rs b/rust/src/pgsql/pgsql.rs
index ad57590b3a36cf9ef3e3d62b18da6065a7068563..af6799118e48c41718952661b73127a6e7f6bdfc 100644 (file)
--- a/rust/src/pgsql/pgsql.rs
+++ b/rust/src/pgsql/pgsql.rs
@@ -22,7 +22,8 @@
 use super::parser::{self, ConsolidatedDataRowPacket, PgsqlBEMessage, PgsqlFEMessage};
 use crate::applayer::*;
 use crate::conf::*;
-use crate::core::{AppProto, Direction, Flow, ALPROTO_FAILED, ALPROTO_UNKNOWN, IPPROTO_TCP, *};
+use crate::core::{AppProto, Direction, ALPROTO_FAILED, ALPROTO_UNKNOWN, IPPROTO_TCP, *};
+use crate::flow::Flow;
 use nom7::{Err, IResult};
 use std;
 use std::collections::VecDeque;

diff --git a/rust/src/quic/quic.rs b/rust/src/quic/quic.rs
index bc58afe21974524a992b62468b45d09f1644b764..54ebc056883dbb747ae80b344be1f7366584a371 100644 (file)
--- a/rust/src/quic/quic.rs
+++ b/rust/src/quic/quic.rs
@@ -21,8 +21,8 @@ use super::{
     frames::{Frame, QuicTlsExtension, StreamTag},
     parser::{quic_pkt_num, QuicData, QuicHeader, QuicType},
 };
-use crate::applayer::{self, *};
-use crate::core::{AppProto, Direction, Flow, ALPROTO_FAILED, ALPROTO_UNKNOWN, IPPROTO_UDP};
+use crate::{applayer::{self, *}, flow::Flow};
+use crate::core::{AppProto, Direction, ALPROTO_FAILED, ALPROTO_UNKNOWN, IPPROTO_UDP};
 use std::collections::VecDeque;
 use std::ffi::CString;
 use tls_parser::TlsExtensionType;

diff --git a/rust/src/rdp/rdp.rs b/rust/src/rdp/rdp.rs
index 25b5ee381a63bb1a0a71619707ac79f737547ecf..732f246c09bbf1fef37108fa11b292eee8198ce5 100644 (file)
--- a/rust/src/rdp/rdp.rs
+++ b/rust/src/rdp/rdp.rs
@@ -20,7 +20,8 @@
 //! RDP application layer
 
 use crate::applayer::{self, *};
-use crate::core::{AppProto, Flow, ALPROTO_UNKNOWN, IPPROTO_TCP};
+use crate::core::{AppProto, ALPROTO_UNKNOWN, IPPROTO_TCP};
+use crate::flow::Flow;
 use crate::rdp::parser::*;
 use nom7::Err;
 use std;

diff --git a/rust/src/rfb/rfb.rs b/rust/src/rfb/rfb.rs
index 5c226af3ab200455b1fc291c0ef97fed02ff3bef..d7fcdd235417c48d5c82101f1c1e550b8fdbee43 100644 (file)
--- a/rust/src/rfb/rfb.rs
+++ b/rust/src/rfb/rfb.rs
@@ -21,7 +21,8 @@
 use super::parser;
 use crate::applayer;
 use crate::applayer::*;
-use crate::core::{AppProto, Flow, ALPROTO_UNKNOWN, IPPROTO_TCP};
+use crate::core::{AppProto, ALPROTO_UNKNOWN, IPPROTO_TCP};
+use crate::flow::Flow;
 use crate::frames::*;
 use nom7::Err;
 use std;

diff --git a/rust/src/sip/sip.rs b/rust/src/sip/sip.rs
index 5f52e0c8db079d3a7e54f78a2eed931d6d4e8d4b..010da975ca7e7c5fb93b57a874914a100627577c 100755 (executable)
--- a/rust/src/sip/sip.rs
+++ b/rust/src/sip/sip.rs
@@ -20,6 +20,7 @@
 use crate::applayer::{self, *};
 use crate::core;
 use crate::core::{AppProto, ALPROTO_UNKNOWN, IPPROTO_TCP, IPPROTO_UDP};
+use crate::flow::Flow;
 use crate::frames::*;
 use crate::sip::parser::*;
 use nom7::Err;
@@ -113,7 +114,7 @@ impl SIPState {
     }
 
     // app-layer-frame-documentation tag start: parse_request
-    fn parse_request(&mut self, flow: *const core::Flow, stream_slice: StreamSlice) -> bool {
+    fn parse_request(&mut self, flow: *const Flow, stream_slice: StreamSlice) -> bool {
         let input = stream_slice.as_slice();
         let _pdu = Frame::new(
             flow,
@@ -149,7 +150,7 @@ impl SIPState {
     }
 
     fn parse_request_tcp(
-        &mut self, flow: *const core::Flow, stream_slice: StreamSlice,
+        &mut self, flow: *const Flow, stream_slice: StreamSlice,
     ) -> AppLayerResult {
         let input = stream_slice.as_slice();
         if input.is_empty() {
@@ -209,7 +210,7 @@ impl SIPState {
         return AppLayerResult::ok();
     }
 
-    fn parse_response(&mut self, flow: *const core::Flow, stream_slice: StreamSlice) -> bool {
+    fn parse_response(&mut self, flow: *const Flow, stream_slice: StreamSlice) -> bool {
         let input = stream_slice.as_slice();
         let _pdu = Frame::new(
             flow,
@@ -244,7 +245,7 @@ impl SIPState {
     }
 
     fn parse_response_tcp(
-        &mut self, flow: *const core::Flow, stream_slice: StreamSlice,
+        &mut self, flow: *const Flow, stream_slice: StreamSlice,
     ) -> AppLayerResult {
         let input = stream_slice.as_slice();
         if input.is_empty() {
@@ -319,7 +320,7 @@ impl SIPTransaction {
 }
 
 // app-layer-frame-documentation tag start: function to add frames
-fn sip_frames_ts(flow: *const core::Flow, stream_slice: &StreamSlice, r: &Request, tx_id: u64) {
+fn sip_frames_ts(flow: *const Flow, stream_slice: &StreamSlice, r: &Request, tx_id: u64) {
     let oi = stream_slice.as_slice();
     let _f = Frame::new(
         flow,
@@ -355,7 +356,7 @@ fn sip_frames_ts(flow: *const core::Flow, stream_slice: &StreamSlice, r: &Reques
 }
 // app-layer-frame-documentation tag end: function to add frames
 
-fn sip_frames_tc(flow: *const core::Flow, stream_slice: &StreamSlice, r: &Response, tx_id: u64) {
+fn sip_frames_tc(flow: *const Flow, stream_slice: &StreamSlice, r: &Response, tx_id: u64) {
     let oi = stream_slice.as_slice();
     let _f = Frame::new(
         flow,
@@ -439,7 +440,7 @@ pub static mut ALPROTO_SIP: AppProto = ALPROTO_UNKNOWN;
 
 #[no_mangle]
 pub unsafe extern "C" fn rs_sip_parse_request(
-    flow: *const core::Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void,
+    flow: *const Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void,
     stream_slice: StreamSlice, _data: *const std::os::raw::c_void,
 ) -> AppLayerResult {
     let state = cast_pointer!(state, SIPState);
@@ -448,7 +449,7 @@ pub unsafe extern "C" fn rs_sip_parse_request(
 
 #[no_mangle]
 pub unsafe extern "C" fn rs_sip_parse_request_tcp(
-    flow: *const core::Flow, state: *mut std::os::raw::c_void, pstate: *mut std::os::raw::c_void,
+    flow: *const Flow, state: *mut std::os::raw::c_void, pstate: *mut std::os::raw::c_void,
     stream_slice: StreamSlice, _data: *const std::os::raw::c_void,
 ) -> AppLayerResult {
     if stream_slice.is_empty() {
@@ -465,7 +466,7 @@ pub unsafe extern "C" fn rs_sip_parse_request_tcp(
 
 #[no_mangle]
 pub unsafe extern "C" fn rs_sip_parse_response(
-    flow: *const core::Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void,
+    flow: *const Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void,
     stream_slice: StreamSlice, _data: *const std::os::raw::c_void,
 ) -> AppLayerResult {
     let state = cast_pointer!(state, SIPState);
@@ -474,7 +475,7 @@ pub unsafe extern "C" fn rs_sip_parse_response(
 
 #[no_mangle]
 pub unsafe extern "C" fn rs_sip_parse_response_tcp(
-    flow: *const core::Flow, state: *mut std::os::raw::c_void, pstate: *mut std::os::raw::c_void,
+    flow: *const Flow, state: *mut std::os::raw::c_void, pstate: *mut std::os::raw::c_void,
     stream_slice: StreamSlice, _data: *const std::os::raw::c_void,
 ) -> AppLayerResult {
     if stream_slice.is_empty() {

diff --git a/rust/src/smb/smb.rs b/rust/src/smb/smb.rs
index 6c7e7b67701b38361cc7b4b2fb83ccc31dd59a36..9cc5c83ec1783fb9be83e9dca175cad85a778312 100644 (file)
--- a/rust/src/smb/smb.rs
+++ b/rust/src/smb/smb.rs
@@ -39,6 +39,7 @@ use std::num::NonZeroUsize;
 use crate::core::*;
 use crate::applayer;
 use crate::applayer::*;
+use crate::flow::{Flow, FLOW_DIR_REVERSED};
 use crate::frames::*;
 use crate::conf::*;
 use crate::applayer::{AppLayerResult, AppLayerTxData, AppLayerEvent};

diff --git a/rust/src/snmp/snmp.rs b/rust/src/snmp/snmp.rs
index c0a121d13a45c88f7359334d285d0b762f296757..d31e0a26bffdd49a540b4d8299cbe9f78ae52fa3 100644 (file)
--- a/rust/src/snmp/snmp.rs
+++ b/rust/src/snmp/snmp.rs
@@ -17,6 +17,7 @@
 
 // written by Pierre Chifflier  <chifflier@wzdftpd.net>
 
+use crate::flow::Flow;
 use crate::snmp::snmp_parser::*;
 use crate::core::{self, *};
 use crate::applayer::{self, *};
@@ -265,7 +266,7 @@ pub extern "C" fn rs_snmp_state_free(state: *mut std::os::raw::c_void) {
 }
 
 #[no_mangle]
-pub unsafe extern "C" fn rs_snmp_parse_request(_flow: *const core::Flow,
+pub unsafe extern "C" fn rs_snmp_parse_request(_flow: *const Flow,
                                        state: *mut std::os::raw::c_void,
                                        _pstate: *mut std::os::raw::c_void,
                                        stream_slice: StreamSlice,
@@ -276,7 +277,7 @@ pub unsafe extern "C" fn rs_snmp_parse_request(_flow: *const core::Flow,
 }
 
 #[no_mangle]
-pub unsafe extern "C" fn rs_snmp_parse_response(_flow: *const core::Flow,
+pub unsafe extern "C" fn rs_snmp_parse_response(_flow: *const Flow,
                                        state: *mut std::os::raw::c_void,
                                        _pstate: *mut std::os::raw::c_void,
                                        stream_slice: StreamSlice,

diff --git a/rust/src/ssh/ssh.rs b/rust/src/ssh/ssh.rs
index 99c88c9d7cf5c8bb8dc91fdb54ab80a866eddd1f..c75d56f6e422a0dc2eda595d24d63220792addaa 100644 (file)
--- a/rust/src/ssh/ssh.rs
+++ b/rust/src/ssh/ssh.rs
@@ -18,6 +18,7 @@
 use super::parser;
 use crate::applayer::*;
 use crate::core::*;
+use crate::flow::Flow;
 use nom7::Err;
 use std::ffi::CString;
 use std::sync::atomic::{AtomicBool, Ordering};

diff --git a/rust/src/telnet/telnet.rs b/rust/src/telnet/telnet.rs
index 29b02a9b7f417e1b829d50a15460fbd059c3a69c..1d67059bcb5d4faa843db3deae778cbc7f270878 100644 (file)
--- a/rust/src/telnet/telnet.rs
+++ b/rust/src/telnet/telnet.rs
@@ -16,8 +16,9 @@
  */
 
 use std;
-use crate::core::{ALPROTO_UNKNOWN, AppProto, Flow, IPPROTO_TCP};
+use crate::core::{ALPROTO_UNKNOWN, AppProto, IPPROTO_TCP};
 use crate::applayer::{self, *};
+use crate::flow::Flow;
 use crate::frames::*;
 use std::ffi::CString;
 use nom7::IResult;

diff --git a/rust/src/websocket/websocket.rs b/rust/src/websocket/websocket.rs
index f686ad471b4284e04e64366a0afb892963d10c27..0a3f92525cd6be849c7e0a34017995da0ed6df30 100644 (file)
--- a/rust/src/websocket/websocket.rs
+++ b/rust/src/websocket/websocket.rs
@@ -18,7 +18,8 @@
 use super::parser;
 use crate::applayer::{self, *};
 use crate::conf::conf_get;
-use crate::core::{AppProto, Direction, Flow, ALPROTO_FAILED, ALPROTO_UNKNOWN, IPPROTO_TCP};
+use crate::core::{AppProto, Direction, ALPROTO_FAILED, ALPROTO_UNKNOWN, IPPROTO_TCP};
+use crate::flow::Flow;
 use crate::frames::Frame;
 
 use nom7 as nom;