template app-layer: disable if not in config file (default)

Unlike other app-layer protocols which are enabled by default,
disable this one by default as it likely shouldn't be enabled
in production use of Suricata.

diff --git a/src/app-layer-template.c b/src/app-layer-template.c
index 87b64b732f76dbeddf363912eac76656e581284e..5eafa67e1ae514ea53c152db493459b023371225 100644 (file)
--- a/src/app-layer-template.c
+++ b/src/app-layer-template.c
@@ -25,6 +25,7 @@
 
 #include "suricata-common.h"
 #include "stream.h"
+#include "conf.h"
 
 #include "util-unittest.h"
 
@@ -428,6 +429,12 @@ void RegisterTemplateParsers(void)
 {
     char *proto_name = "template";
 
+    /* TEMPLATE_START_REMOVE */
+    if (ConfGetNode("app-layer.protocols.template") == NULL) {
+        return;
+    }
+    /* TEMPLATE_END_REMOVE */
+
     /* Check if Template TCP detection is enabled. If it does not exist in
      * the configuration file then it will be enabled by default. */
     if (AppLayerProtoDetectConfProtoDetectionEnabled("tcp", proto_name)) {
@@ -481,8 +488,8 @@ void RegisterTemplateParsers(void)
             STREAM_TOSERVER, TemplateParseRequest);
 
         /* Register response parser for parsing frames from server to client. */
-        AppLayerParserRegisterParser(IPPROTO_TCP, ALPROTO_TEMPLATE, STREAM_TOCLIENT,
-            TemplateParseResponse);
+        AppLayerParserRegisterParser(IPPROTO_TCP, ALPROTO_TEMPLATE,
+            STREAM_TOCLIENT, TemplateParseResponse);
 
         /* Register a function to be called by the application layer
          * when a transaction is to be freed. */
@@ -490,7 +497,8 @@ void RegisterTemplateParsers(void)
             TemplateStateTxFree);
 
         /* Register a function to return the current transaction count. */
-        AppLayerParserRegisterGetTxCnt(IPPROTO_TCP, ALPROTO_TEMPLATE, TemplateGetTxCnt);
+        AppLayerParserRegisterGetTxCnt(IPPROTO_TCP, ALPROTO_TEMPLATE,
+            TemplateGetTxCnt);
 
         /* Transaction handling. */
         AppLayerParserRegisterGetStateProgressCompletionStatus(IPPROTO_TCP,

diff --git a/src/detect-template-buffer.c b/src/detect-template-buffer.c
index 64f948c2b45b97e65f0b95a583045ffd0f637d8a..d9f9aa67ce55d34f20156f2591513ca5480b947d 100644 (file)
--- a/src/detect-template-buffer.c
+++ b/src/detect-template-buffer.c
@@ -21,6 +21,7 @@
  */
 
 #include "suricata-common.h"
+#include "conf.h"
 #include "detect.h"
 #include "app-layer-template.h"
 
@@ -29,6 +30,10 @@ static void DetectTemplateBufferRegisterTests(void);
 
 void DetectTemplateBufferRegister(void)
 {
+    if (ConfGetNode("app-layer.protocols.template") == NULL) {
+        return;
+    }
+
     sigmatch_table[DETECT_AL_TEMPLATE_BUFFER].name = "template_buffer";
     sigmatch_table[DETECT_AL_TEMPLATE_BUFFER].desc =
         "Template content modififier to match on the template buffers";

diff --git a/src/output-json-template.c b/src/output-json-template.c
index ca4a937837bae5aa3a6f97fb0372432ca2b9aeb5..d360e6746c777e83c9d68382b002b1120d13d7fb 100644 (file)
--- a/src/output-json-template.c
+++ b/src/output-json-template.c
@@ -180,6 +180,10 @@ static TmEcode JsonTemplateLogThreadDeinit(ThreadVars *t, void *data)
 
 void TmModuleJsonTemplateLogRegister(void)
 {
+    if (ConfGetNode("app-layer.protocols.template") == NULL) {
+        return;
+    }
+
     tmm_modules[TMM_JSONTEMPLATELOG].name = "JsonTemplateLog";
     tmm_modules[TMM_JSONTEMPLATELOG].ThreadInit = JsonTemplateLogThreadInit;
     tmm_modules[TMM_JSONTEMPLATELOG].ThreadDeinit = JsonTemplateLogThreadDeinit;