dns: support detect flags

diff --git a/src/app-layer-dns-common.c b/src/app-layer-dns-common.c
index 07c9e4557218d41cffecd42a1650c2ed9efdfe9c..bc6821092c6296327497e531bded30bab44af479 100644 (file)
--- a/src/app-layer-dns-common.c
+++ b/src/app-layer-dns-common.c
@@ -248,6 +248,26 @@ LoggerId DNSGetTxLogged(void *alstate, void *tx)
     return dns_tx->logged;
 }
 
+uint64_t DNSGetTxDetectFlags(void *vtx, uint8_t dir)
+{
+    DNSTransaction *tx = (DNSTransaction *)vtx;
+    if (dir & STREAM_TOSERVER) {
+        return tx->detect_flags_ts;
+    } else {
+        return tx->detect_flags_tc;
+    }
+}
+
+void DNSSetTxDetectFlags(void *vtx, uint8_t dir, uint64_t detect_flags)
+{
+    DNSTransaction *tx = (DNSTransaction *)vtx;
+    if (dir & STREAM_TOSERVER) {
+        tx->detect_flags_ts = detect_flags;
+    } else {
+        tx->detect_flags_tc = detect_flags;
+    }
+}
+
 /** \brief get value for 'complete' status in DNS
  *
  *  For DNS we use a simple bool. 1 means done.

diff --git a/src/app-layer-dns-common.h b/src/app-layer-dns-common.h
index 6b11477183747ba4a49fdd39b03ecc3bbf33bd79..fffaccd3603e2afce243fc9b60e46225cbeecf4d 100644 (file)
--- a/src/app-layer-dns-common.h
+++ b/src/app-layer-dns-common.h
@@ -202,6 +202,10 @@ typedef struct DNSTransaction_ {
     uint8_t rcode;                                  /**< response code (e.g. "no error" / "no such name") */
     uint8_t recursion_desired;                      /**< server said "recursion desired" */
 
+    /** detection engine flags */
+    uint64_t detect_flags_ts;
+    uint64_t detect_flags_tc;
+
     TAILQ_HEAD(, DNSQueryEntry_) query_list;        /**< list for query/queries */
     TAILQ_HEAD(, DNSAnswerEntry_) answer_list;      /**< list for answers */
     TAILQ_HEAD(, DNSAnswerEntry_) authority_list;   /**< list for authority records */
@@ -278,6 +282,8 @@ DNSTransaction *DNSTransactionFindByTxId(const DNSState *dns_state, const uint16
 int DNSStateHasTxDetectState(void *alstate);
 DetectEngineState *DNSGetTxDetectState(void *vtx);
 int DNSSetTxDetectState(void *alstate, void *vtx, DetectEngineState *s);
+uint64_t DNSGetTxDetectFlags(void *vtx, uint8_t dir);
+void DNSSetTxDetectFlags(void *vtx, uint8_t dir, uint64_t detect_flags);
 
 void DNSSetEvent(DNSState *s, uint8_t e);
 void *DNSStateAlloc(void);

diff --git a/src/app-layer-dns-tcp.c b/src/app-layer-dns-tcp.c
index b352144b19f1456576709f7d84388df427829380..e595fae5cef81db909f32e3d00e63836fed5e4af 100644 (file)
--- a/src/app-layer-dns-tcp.c
+++ b/src/app-layer-dns-tcp.c
@@ -752,6 +752,8 @@ void RegisterDNSTCPParsers(void)
         AppLayerParserRegisterDetectStateFuncs(IPPROTO_TCP, ALPROTO_DNS,
                                                DNSStateHasTxDetectState,
                                                DNSGetTxDetectState, DNSSetTxDetectState);
+        AppLayerParserRegisterDetectFlagsFuncs(IPPROTO_TCP, ALPROTO_DNS,
+                                               DNSGetTxDetectFlags, DNSSetTxDetectFlags);
 
         AppLayerParserRegisterGetTx(IPPROTO_TCP, ALPROTO_DNS, DNSGetTx);
         AppLayerParserRegisterGetTxCnt(IPPROTO_TCP, ALPROTO_DNS, DNSGetTxCnt);

diff --git a/src/app-layer-dns-udp.c b/src/app-layer-dns-udp.c
index a31abf21cc347c347a50d951dcf6395c512c2a2f..9f1ec9d092e2320528246cd296cafcbbb5ff0807 100644 (file)
--- a/src/app-layer-dns-udp.c
+++ b/src/app-layer-dns-udp.c
@@ -445,6 +445,8 @@ void RegisterDNSUDPParsers(void)
         AppLayerParserRegisterDetectStateFuncs(IPPROTO_UDP, ALPROTO_DNS,
                                                DNSStateHasTxDetectState,
                                                DNSGetTxDetectState, DNSSetTxDetectState);
+        AppLayerParserRegisterDetectFlagsFuncs(IPPROTO_UDP, ALPROTO_DNS,
+                                               DNSGetTxDetectFlags, DNSSetTxDetectFlags);
 
         AppLayerParserRegisterGetTx(IPPROTO_UDP, ALPROTO_DNS,
                                     DNSGetTx);