/// TOSERVER probe function
#[no_mangle]
-pub extern "C" fn rs_nfs_probe(input: *const libc::uint8_t, len: libc::uint32_t)
+pub extern "C" fn rs_nfs_probe_ts(input: *const libc::uint8_t, len: libc::uint32_t)
-> libc::int8_t
{
let slice: &[u8] = unsafe {
std::slice::from_raw_parts(input as *mut u8, len as usize)
};
return nfs3_probe(slice, STREAM_TOSERVER);
-/*
- match parse_rpc(slice) {
- IResult::Done(_, ref rpc_hdr) => {
- if rpc_hdr.progver == 3 && rpc_hdr.program == 100003 {
- return 1;
- } else {
- return -1;
- }
- },
- IResult::Incomplete(_) => {
- return 0;
- },
- IResult::Error(_) => {
- return -1;
- },
- }
-*/
}
+/// TOCLIENT probe function
+#[no_mangle]
+pub extern "C" fn rs_nfs_probe_tc(input: *const libc::uint8_t, len: libc::uint32_t)
+ -> libc::int8_t
+{
+ let slice: &[u8] = unsafe {
+ std::slice::from_raw_parts(input as *mut u8, len as usize)
+ };
+ return nfs3_probe(slice, STREAM_TOCLIENT);
+}
+
#[no_mangle]
pub extern "C" fn rs_nfs3_getfiles(direction: u8, ptr: *mut NFS3State) -> * mut FileContainer {
* \retval ALPROTO_NFS3 if it looks like echo, otherwise
* ALPROTO_UNKNOWN.
*/
-static AppProto NFS3ProbingParser(uint8_t *input, uint32_t input_len,
+static AppProto NFS3ProbingParserTS(uint8_t *input, uint32_t input_len,
uint32_t *offset)
{
if (input_len < NFS3_MIN_FRAME_LEN) {
return ALPROTO_UNKNOWN;
}
- int8_t r = rs_nfs_probe(input, input_len);
+ int8_t r = rs_nfs_probe_ts(input, input_len);
+ if (r == 1) {
+ return ALPROTO_NFS3;
+ } else if (r == -1) {
+ return ALPROTO_FAILED;
+ }
+
+ SCLogDebug("Protocol not detected as ALPROTO_NFS3.");
+ return ALPROTO_UNKNOWN;
+}
+
+static AppProto NFS3ProbingParserTC(uint8_t *input, uint32_t input_len,
+ uint32_t *offset)
+{
+ if (input_len < NFS3_MIN_FRAME_LEN) {
+ return ALPROTO_UNKNOWN;
+ }
+
+ int8_t r = rs_nfs_probe_tc(input, input_len);
if (r == 1) {
return ALPROTO_NFS3;
} else if (r == -1) {
SCLogDebug("Unittest mode, registering default configuration.");
AppLayerProtoDetectPPRegister(IPPROTO_TCP, NFS3_DEFAULT_PORT,
ALPROTO_NFS3, 0, NFS3_MIN_FRAME_LEN, STREAM_TOSERVER,
- NFS3ProbingParser, NULL);
+ NFS3ProbingParserTS, NFS3ProbingParserTC);
}
else {
if (!AppLayerProtoDetectPPParseConfPorts("tcp", IPPROTO_TCP,
proto_name, ALPROTO_NFS3, 0, NFS3_MIN_FRAME_LEN,
- NFS3ProbingParser, NULL)) {
+ NFS3ProbingParserTS, NFS3ProbingParserTC)) {
SCLogDebug("No NFS3 app-layer configuration, enabling NFS3"
" detection TCP detection on port %s.",
NFS3_DEFAULT_PORT);
AppLayerProtoDetectPPRegister(IPPROTO_TCP,
NFS3_DEFAULT_PORT, ALPROTO_NFS3, 0,
NFS3_MIN_FRAME_LEN, STREAM_TOSERVER,
- NFS3ProbingParser, NULL);
+ NFS3ProbingParserTS, NFS3ProbingParserTC);
}
}
projects / thirdparty / suricata.git / commitdiff
