decode/erspan: Warn on ERSPAN Type I config

This commit checks whether pre-6.x settings for ERSPAN Type I are
present. ERSPAN Type I is no longer enabled/disabled through a
configuration setting -- it's always enabled.

When a setting exists to enable/disable ERSPAN Type I decoding, a
warning message is logged.

Enabling/disabling ERSPAN Type I decode has been deprecated in 6.x

diff --git a/src/decode-erspan.c b/src/decode-erspan.c
index 2df6a5573d9d1e73f4ae08a36deaa5308b5c3b06..c70b1a32aa160ce40b2c538347cef5a1925753c0 100644 (file)
--- a/src/decode-erspan.c
+++ b/src/decode-erspan.c
@@ -43,6 +43,21 @@
  * \brief Functions to decode ERSPAN Type I and II packets
  */
 
+/*
+ * \brief ERSPAN Type I was configurable in 5.0.x but is no longer configurable.
+ *
+ * Issue a warning if a configuration setting is found.
+ */
+void DecodeERSPANConfig(void)
+{
+    int enabled = 0;
+    if (ConfGetBool("decoder.erspan.typeI.enabled", &enabled) == 1) {
+        SCLogWarning(SC_WARN_ERSPAN_CONFIG,
+                     "ERSPAN Type I is no longer configurable and it is always"
+                     " enabled; ignoring configuration setting.");
+    }
+}
+
 /**
  * \brief ERSPAN Type I
  */

diff --git a/src/decode-erspan.h b/src/decode-erspan.h
index 2f81d1e4a384f8a7ca3c3d5338e2568b25809315..5b4af04ea89ae8e5f32cbddaf36e501dd98b1e72 100644 (file)
--- a/src/decode-erspan.h
+++ b/src/decode-erspan.h
@@ -34,4 +34,5 @@ typedef struct ErspanHdr_ {
     uint32_t padding;
 } __attribute__((__packed__)) ErspanHdr;
 
+void DecodeERSPANConfig(void);
 #endif /* __DECODE_ERSPAN_H__ */

diff --git a/src/decode.c b/src/decode.c
index 323679d3a9a5414452e57f4e4af12acaa96849fd..fdf5cb095cc7c1e6d2c0ee7ec88648cbb663bbc4 100644 (file)
--- a/src/decode.c
+++ b/src/decode.c
@@ -733,6 +733,7 @@ void DecodeGlobalConfig(void)
 {
     DecodeTeredoConfig();
     DecodeVXLANConfig();
+    DecodeERSPANConfig();
 }
 
 /**