dns: cleanup: remove unused events

Removed events that are no longer used since the Rust
implementation of DNS:
- UnsolicitedResponse
- StateMemCapReached
- Flooded

diff --git a/rules/dns-events.rules b/rules/dns-events.rules
index 388e8665553d6b5cd93eab5a5d9d98ea14b4daf0..0e34dae139d05d689520a349d7475f445f8a0384 100644 (file)
--- a/rules/dns-events.rules
+++ b/rules/dns-events.rules
@@ -1,5 +1,3 @@
-# Response (answer) we didn't see a Request for. Could be packet loss.
-alert dns any any -> any any (msg:"SURICATA DNS Unsolicited response"; flow:to_client; app-layer-event:dns.unsollicited_response; classtype:protocol-command-decode; sid:2240001; rev:2;)
 # Malformed data in request. Malformed means length fields are wrong, etc.
 alert dns any any -> any any (msg:"SURICATA DNS malformed request data"; flow:to_server; app-layer-event:dns.malformed_data; classtype:protocol-command-decode; sid:2240002; rev:2;)
 alert dns any any -> any any (msg:"SURICATA DNS malformed response data"; flow:to_client; app-layer-event:dns.malformed_data; classtype:protocol-command-decode; sid:2240003; rev:2;)
@@ -9,7 +7,3 @@ alert dns any any -> any any (msg:"SURICATA DNS Not a request"; flow:to_server;
 alert dns any any -> any any (msg:"SURICATA DNS Not a response"; flow:to_client; app-layer-event:dns.not_a_response; classtype:protocol-command-decode; sid:2240005; rev:2;)
 # Z flag (reserved) not 0
 alert dns any any -> any any (msg:"SURICATA DNS Z flag set"; app-layer-event:dns.z_flag_set; classtype:protocol-command-decode; sid:2240006; rev:2;)
-# Request Flood Detected
-alert dns any any -> any any (msg:"SURICATA DNS request flood detected"; flow:to_server; app-layer-event:dns.flooded; classtype:protocol-command-decode; sid:2240007; rev:2;)
-# Per-flow (state) memcap reached. Relates to the app-layer.protocols.dns.state-memcap setting.
-alert dns any any -> any any (msg:"SURICATA DNS flow memcap reached"; flow:to_server; app-layer-event:dns.state_memcap_reached; classtype:protocol-command-decode; sid:2240008; rev:3;)

diff --git a/rust/src/dns/dns.rs b/rust/src/dns/dns.rs
index 2a7825459e6216a565905cc777f05611724a76a4..3626f5b4422ac07817a8aee8b28adcd7deee734f 100644 (file)
--- a/rust/src/dns/dns.rs
+++ b/rust/src/dns/dns.rs
@@ -127,13 +127,10 @@ const MAX_TRANSACTIONS: usize = 32;
 
 #[repr(u32)]
 pub enum DNSEvent {
-    UnsolicitedResponse = 0,
     MalformedData,
     NotRequest,
     NotResponse,
     ZFlagSet,
-    Flooded,
-    StateMemCapReached,
 }
 
 #[derive(Debug,PartialEq)]

diff --git a/src/app-layer-dns-common.c b/src/app-layer-dns-common.c
index ccdf305c28bafb51e7b117cd7e6161aa16c1f86b..7d1b4072e074c1c5ee0b7fc854f6ef220489c11b 100644 (file)
--- a/src/app-layer-dns-common.c
+++ b/src/app-layer-dns-common.c
@@ -25,13 +25,10 @@
 #include "app-layer-dns-common.h"
 
 SCEnumCharMap dns_decoder_event_table[ ] = {
-    { "UNSOLLICITED_RESPONSE",      DNS_DECODER_EVENT_UNSOLLICITED_RESPONSE, },
     { "MALFORMED_DATA",             DNS_DECODER_EVENT_MALFORMED_DATA, },
     { "NOT_A_REQUEST",              DNS_DECODER_EVENT_NOT_A_REQUEST, },
     { "NOT_A_RESPONSE",             DNS_DECODER_EVENT_NOT_A_RESPONSE, },
     { "Z_FLAG_SET",                 DNS_DECODER_EVENT_Z_FLAG_SET, },
-    { "FLOODED",                    DNS_DECODER_EVENT_FLOODED, },
-    { "STATE_MEMCAP_REACHED",       DNS_DECODER_EVENT_STATE_MEMCAP_REACHED, },
 
     { NULL,                         -1 },
 };

diff --git a/src/app-layer-dns-common.h b/src/app-layer-dns-common.h
index 8930dfc397edad8bb58950720c2622e1a5f05150..1f3e7e122b4feede6da155423235d40d63f490f0 100644 (file)
--- a/src/app-layer-dns-common.h
+++ b/src/app-layer-dns-common.h
@@ -28,13 +28,10 @@
 #include "app-layer-parser.h"
 
 enum {
-    DNS_DECODER_EVENT_UNSOLLICITED_RESPONSE,
     DNS_DECODER_EVENT_MALFORMED_DATA,
     DNS_DECODER_EVENT_NOT_A_REQUEST,
     DNS_DECODER_EVENT_NOT_A_RESPONSE,
     DNS_DECODER_EVENT_Z_FLAG_SET,
-    DNS_DECODER_EVENT_FLOODED,
-    DNS_DECODER_EVENT_STATE_MEMCAP_REACHED,
 };
 
 /** Opaque Rust types. */