Ticket #744.
# Stream reassembly size for modbus, default is 0
stream-depth: 0
+Decoder
+-------
+
+Teredo
+~~~~~~
+
+The Teredo decoder can be disabled. It is enabled by default.
+
+::
+
+ decoder:
+ # Teredo decoder is known to not be completely accurate
+ # it will sometimes detect non-teredo as teredo.
+ teredo:
+ enabled: true
+
+
Advanced Options
----------------
#include "decode-ipv6.h"
#include "decode-teredo.h"
#include "util-debug.h"
+#include "conf.h"
#define TEREDO_ORIG_INDICATION_LENGTH 8
+static bool g_teredo_enabled = true;
+
+void DecodeTeredoConfig(void)
+{
+ int enabled = 0;
+ if (ConfGetBool("decoder.teredo.enabled", &enabled) == 1) {
+ if (enabled) {
+ g_teredo_enabled = true;
+ } else {
+ g_teredo_enabled = false;
+ }
+ }
+}
+
/**
* \brief Function to decode Teredo packets
*
*/
int DecodeTeredo(ThreadVars *tv, DecodeThreadVars *dtv, Packet *p, uint8_t *pkt, uint16_t len, PacketQueue *pq)
{
+ if (!g_teredo_enabled)
+ return TM_ECODE_FAILED;
uint8_t *start = pkt;
* 02110-1301, USA.
*/
+#ifndef __DECODE_TEREDO_H__
+#define __DECODE_TEREDO_H__
+
int DecodeTeredo(ThreadVars *tv, DecodeThreadVars *dtv, Packet *p,
uint8_t *pkt, uint16_t len, PacketQueue *pq);
+void DecodeTeredoConfig(void);
+
+#endif
#include "suricata.h"
#include "conf.h"
#include "decode.h"
+#include "decode-teredo.h"
#include "util-debug.h"
#include "util-mem.h"
#include "app-layer-detect-proto.h"
s->counter_ips_replaced = StatsRegisterCounter("ips.replaced", tv);
}
+void DecodeGlobalConfig(void)
+{
+ DecodeTeredoConfig();
+}
+
/**
* @}
*/
int DecoderParseDataFromFile(char *filename, DecoderFunc Decoder);
int DecoderParseDataFromFileSerie(char *fileprefix, DecoderFunc Decoder);
#endif
+void DecodeGlobalConfig(void);
/** \brief Set the No payload inspection Flag for the packet.
*
CoredumpLoadConfig();
+ DecodeGlobalConfig();
+
PreRunInit(suri->run_mode);
SCReturnInt(TM_ECODE_OK);
# prealloc: 1000
# memcap: 32mb
+# Decoder settings
+
+decoder:
+ # Teredo decoder is known to not be completely accurate
+ # it will sometimes detect non-teredo as teredo.
+ teredo:
+ enabled: true
+
##
## Performance tuning and profiling
projects / thirdparty / suricata.git / commitdiff
