From: Jason Ish Date: Tue, 2 Jun 2020 16:16:17 +0000 (-0600) Subject: rdp: enable by default X-Git-Tag: suricata-6.0.0-beta1~362 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=6ce9b2972bcb1aa6c071c129cc4bb833f8560af8;p=thirdparty%2Fsuricata.git rdp: enable by default Redmine issue: https://redmine.openinfosecfoundation.org/issues/3255 --- diff --git a/rust/src/rdp/rdp.rs b/rust/src/rdp/rdp.rs index 80c70ac343..603504c82a 100644 --- a/rust/src/rdp/rdp.rs +++ b/rust/src/rdp/rdp.rs @@ -22,7 +22,6 @@ use crate::core::{ self, AppProto, DetectEngineState, Flow, ALPROTO_UNKNOWN, IPPROTO_TCP, }; -use crate::conf; use nom; use crate::applayer::*; use crate::rdp::parser::*; @@ -537,12 +536,6 @@ pub unsafe extern "C" fn rs_rdp_register_parser() { set_tx_detect_flags: None, }; - /* For 5.0 we want this disabled by default, so check that it - * has been explicitly enabled. */ - if !conf::conf_get_bool("app-layer.protocols.rdp.enabled") { - return; - } - let ip_proto_str = std::ffi::CString::new("tcp").unwrap(); if AppLayerProtoDetectConfProtoDetectionEnabled( diff --git a/src/output-json-rdp.c b/src/output-json-rdp.c index bb80464378..d28336ce11 100644 --- a/src/output-json-rdp.c +++ b/src/output-json-rdp.c @@ -156,9 +156,6 @@ static TmEcode JsonRdpLogThreadDeinit(ThreadVars *t, void *data) void JsonRdpLogRegister(void) { - if (ConfGetNode("app-layer.protocols.rdp") == NULL) { - return; - } /* Register as an eve sub-module. */ OutputRegisterTxSubModule( LOGGER_JSON_RDP, diff --git a/suricata.yaml.in b/suricata.yaml.in index 16cfa150de..f0897a1539 100644 --- a/suricata.yaml.in +++ b/suricata.yaml.in @@ -257,7 +257,7 @@ outputs: #- dnp3 - ftp - #- rdp + - rdp - nfs - smb - tftp @@ -745,9 +745,8 @@ app-layer: ftp: enabled: yes # memcap: 64mb - # RDP, disabled by default. rdp: - #enabled: no + #enabled: yes ssh: enabled: yes smtp: