From: Jason Ish Date: Fri, 17 Jan 2025 17:03:48 +0000 (-0600) Subject: rust/flow: move flow support to its own file (cleanup) X-Git-Tag: suricata-8.0.0-beta1~552 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=7ef4caf90e073cdd8d35d9d16932eb18d6502826;p=thirdparty%2Fsuricata.git rust/flow: move flow support to its own file (cleanup) Move the Rust Flow support from core.rs to flow.rs. --- diff --git a/rust/src/applayer.rs b/rust/src/applayer.rs index 4b78695326..4518ae9cf3 100644 --- a/rust/src/applayer.rs +++ b/rust/src/applayer.rs @@ -18,8 +18,9 @@ //! Parser registration functions and common interface module. use std; -use crate::core::{self,DetectEngineState,Flow,AppLayerEventType,AppProto,Direction}; +use crate::core::{self,DetectEngineState,AppLayerEventType,AppProto,Direction}; use crate::filecontainer::FileContainer; +use crate::flow::Flow; use std::os::raw::{c_void,c_char,c_int}; use crate::core::SC; use std::ffi::CStr; diff --git a/rust/src/applayertemplate/template.rs b/rust/src/applayertemplate/template.rs index eebe7385db..9a23ee683f 100644 --- a/rust/src/applayertemplate/template.rs +++ b/rust/src/applayertemplate/template.rs @@ -18,7 +18,8 @@ use super::parser; use crate::applayer::{self, *}; use crate::conf::conf_get; -use crate::core::{AppProto, Flow, ALPROTO_UNKNOWN, IPPROTO_TCP}; +use crate::core::{AppProto, ALPROTO_UNKNOWN, IPPROTO_TCP}; +use crate::flow::Flow; use nom7 as nom; use std; use std::collections::VecDeque; diff --git a/rust/src/bittorrent_dht/bittorrent_dht.rs b/rust/src/bittorrent_dht/bittorrent_dht.rs index f48cb3d2bf..82c267df37 100644 --- a/rust/src/bittorrent_dht/bittorrent_dht.rs +++ b/rust/src/bittorrent_dht/bittorrent_dht.rs @@ -19,7 +19,8 @@ use crate::applayer::{self, *}; use crate::bittorrent_dht::parser::{ parse_bittorrent_dht_packet, BitTorrentDHTError, BitTorrentDHTRequest, BitTorrentDHTResponse, }; -use crate::core::{AppProto, Flow, ALPROTO_UNKNOWN, IPPROTO_UDP, Direction}; +use crate::core::{AppProto, ALPROTO_UNKNOWN, IPPROTO_UDP, Direction}; +use crate::flow::Flow; use std::ffi::CString; use std::os::raw::c_char; diff --git a/rust/src/core.rs b/rust/src/core.rs index 8dafc73eec..a6578b66ad 100644 --- a/rust/src/core.rs +++ b/rust/src/core.rs @@ -20,6 +20,7 @@ use std; use crate::filecontainer::*; use crate::debug_validate_fail; +use crate::flow::Flow; /// Opaque C types. pub enum DetectEngineState {} @@ -131,9 +132,6 @@ macro_rules!BIT_U64 { ($x:expr) => (1 << $x); } -// Flow flags -pub const FLOW_DIR_REVERSED: u32 = BIT_U32!(26); - // Defined in app-layer-protos.h /// cbindgen:ignore extern { @@ -302,43 +300,6 @@ pub fn sc_app_layer_decoder_events_free_events( } } -/// Opaque flow type (defined in C) -pub enum Flow {} - -// Extern functions operating on Flow. -/// cbindgen:ignore -extern { - pub fn FlowGetLastTimeAsParts(flow: &Flow, secs: *mut u64, usecs: *mut u64); - pub fn FlowGetFlags(flow: &Flow) -> u32; - pub fn FlowGetSourcePort(flow: &Flow) -> u16; - pub fn FlowGetDestinationPort(flow: &Flow) -> u16; -} - -/// Rust implementation of Flow. -impl Flow { - - /// Return the time of the last flow update as a `Duration` - /// since the epoch. - pub fn get_last_time(&mut self) -> std::time::Duration { - unsafe { - let mut secs: u64 = 0; - let mut usecs: u64 = 0; - FlowGetLastTimeAsParts(self, &mut secs, &mut usecs); - std::time::Duration::new(secs, usecs as u32 * 1000) - } - } - - /// Return the flow flags. - pub fn get_flags(&self) -> u32 { - unsafe { FlowGetFlags(self) } - } - - /// Return flow ports - pub fn get_ports(&self) -> (u16, u16) { - unsafe { (FlowGetSourcePort(self), FlowGetDestinationPort(self)) } - } -} - #[cfg(test)] mod test { use super::*; diff --git a/rust/src/dcerpc/dcerpc.rs b/rust/src/dcerpc/dcerpc.rs index 9253a2bde8..2a2db94a3b 100644 --- a/rust/src/dcerpc/dcerpc.rs +++ b/rust/src/dcerpc/dcerpc.rs @@ -18,6 +18,7 @@ use crate::applayer::{self, *}; use crate::core::{self, *}; use crate::dcerpc::parser; +use crate::flow::Flow; use nom7::error::{Error, ErrorKind}; use nom7::number::Endianness; use nom7::{Err, IResult, Needed}; @@ -322,7 +323,7 @@ pub struct DCERPCState { pub tc_gap: bool, pub ts_ssn_gap: bool, pub tc_ssn_gap: bool, - pub flow: Option<*const core::Flow>, + pub flow: Option<*const Flow>, state_data: AppLayerStateData, } @@ -1129,7 +1130,7 @@ pub extern "C" fn rs_parse_dcerpc_response_gap( #[no_mangle] pub unsafe extern "C" fn rs_dcerpc_parse_request( - flow: *const core::Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void, + flow: *const Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void, stream_slice: StreamSlice, _data: *const std::os::raw::c_void, ) -> AppLayerResult { @@ -1154,7 +1155,7 @@ pub unsafe extern "C" fn rs_dcerpc_parse_request( #[no_mangle] pub unsafe extern "C" fn rs_dcerpc_parse_response( - flow: *const core::Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void, + flow: *const Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void, stream_slice: StreamSlice, _data: *const std::os::raw::c_void, ) -> AppLayerResult { @@ -1269,7 +1270,7 @@ fn probe(input: &[u8]) -> (bool, bool) { } } -pub unsafe extern "C" fn rs_dcerpc_probe_tcp(_f: *const core::Flow, direction: u8, input: *const u8, +pub unsafe extern "C" fn rs_dcerpc_probe_tcp(_f: *const Flow, direction: u8, input: *const u8, len: u32, rdir: *mut u8) -> AppProto { SCLogDebug!("Probing packet for DCERPC"); diff --git a/rust/src/dcerpc/dcerpc_udp.rs b/rust/src/dcerpc/dcerpc_udp.rs index fee460f9b3..f890f10ace 100644 --- a/rust/src/dcerpc/dcerpc_udp.rs +++ b/rust/src/dcerpc/dcerpc_udp.rs @@ -21,6 +21,7 @@ use crate::dcerpc::dcerpc::{ DCERPCTransaction, DCERPC_MAX_TX, DCERPC_TYPE_REQUEST, DCERPC_TYPE_RESPONSE, PFCL1_FRAG, PFCL1_LASTFRAG, rs_dcerpc_get_alstate_progress, ALPROTO_DCERPC, PARSER_NAME, }; +use crate::flow::Flow; use nom7::Err; use std; use std::ffi::CString; @@ -233,7 +234,7 @@ impl DCERPCUDPState { #[no_mangle] pub unsafe extern "C" fn rs_dcerpc_udp_parse( - _flow: *const core::Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void, + _flow: *const Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void, stream_slice: StreamSlice, _data: *const std::os::raw::c_void, ) -> AppLayerResult { @@ -310,7 +311,7 @@ fn probe(input: &[u8]) -> (bool, bool) { } } -pub unsafe extern "C" fn rs_dcerpc_probe_udp(_f: *const core::Flow, direction: u8, input: *const u8, +pub unsafe extern "C" fn rs_dcerpc_probe_udp(_f: *const Flow, direction: u8, input: *const u8, len: u32, rdir: *mut u8) -> core::AppProto { SCLogDebug!("Probing the packet for DCERPC/UDP"); diff --git a/rust/src/dhcp/dhcp.rs b/rust/src/dhcp/dhcp.rs index 5b6f4b4a08..28f6f26137 100644 --- a/rust/src/dhcp/dhcp.rs +++ b/rust/src/dhcp/dhcp.rs @@ -16,9 +16,9 @@ */ use crate::applayer::{self, *}; -use crate::core; -use crate::core::{ALPROTO_UNKNOWN, AppProto, Flow, IPPROTO_UDP}; +use crate::core::{ALPROTO_UNKNOWN, AppProto, IPPROTO_UDP}; use crate::dhcp::parser::*; +use crate::flow::Flow; use std; use std::ffi::CString; @@ -227,7 +227,7 @@ pub unsafe extern "C" fn rs_dhcp_state_get_tx_count(state: *mut std::os::raw::c_ } #[no_mangle] -pub unsafe extern "C" fn rs_dhcp_parse(_flow: *const core::Flow, +pub unsafe extern "C" fn rs_dhcp_parse(_flow: *const Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void, stream_slice: StreamSlice, diff --git a/rust/src/dns/dns.rs b/rust/src/dns/dns.rs index b96956ba0a..6cf2e35ecf 100644 --- a/rust/src/dns/dns.rs +++ b/rust/src/dns/dns.rs @@ -23,6 +23,7 @@ use std::ffi::CString; use crate::applayer::*; use crate::core::{self, *}; use crate::dns::parser; +use crate::flow::Flow; use crate::frames::Frame; use nom7::number::streaming::be_u16; @@ -549,7 +550,7 @@ impl DNSState { } fn parse_request( - &mut self, input: &[u8], is_tcp: bool, frame: Option, flow: *const core::Flow, + &mut self, input: &[u8], is_tcp: bool, frame: Option, flow: *const Flow, ) -> bool { match dns_parse_request(input) { Ok(mut tx) => { @@ -581,7 +582,7 @@ impl DNSState { } } - fn parse_request_udp(&mut self, flow: *const core::Flow, stream_slice: StreamSlice) -> bool { + fn parse_request_udp(&mut self, flow: *const Flow, stream_slice: StreamSlice) -> bool { let input = stream_slice.as_slice(); let frame = Frame::new( flow, @@ -594,7 +595,7 @@ impl DNSState { self.parse_request(input, false, frame, flow) } - fn parse_response_udp(&mut self, flow: *const core::Flow, stream_slice: StreamSlice) -> bool { + fn parse_response_udp(&mut self, flow: *const Flow, stream_slice: StreamSlice) -> bool { let input = stream_slice.as_slice(); let frame = Frame::new( flow, @@ -608,7 +609,7 @@ impl DNSState { } fn parse_response( - &mut self, input: &[u8], is_tcp: bool, frame: Option, flow: *const core::Flow, + &mut self, input: &[u8], is_tcp: bool, frame: Option, flow: *const Flow, ) -> bool { match dns_parse_response(input) { Ok(mut tx) => { @@ -644,7 +645,7 @@ impl DNSState { /// /// Returns the number of messages parsed. fn parse_request_tcp( - &mut self, flow: *const core::Flow, stream_slice: StreamSlice, + &mut self, flow: *const Flow, stream_slice: StreamSlice, ) -> AppLayerResult { let input = stream_slice.as_slice(); if self.gap { @@ -708,7 +709,7 @@ impl DNSState { /// /// Returns the number of messages parsed. fn parse_response_tcp( - &mut self, flow: *const core::Flow, stream_slice: StreamSlice, + &mut self, flow: *const Flow, stream_slice: StreamSlice, ) -> AppLayerResult { let input = stream_slice.as_slice(); if self.gap { @@ -879,7 +880,7 @@ unsafe extern "C" fn state_tx_free(state: *mut std::os::raw::c_void, tx_id: u64) /// C binding parse a DNS request. Returns 1 on success, -1 on failure. unsafe extern "C" fn parse_request( - flow: *const core::Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void, + flow: *const Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void, stream_slice: StreamSlice, _data: *const std::os::raw::c_void, ) -> AppLayerResult { let state = cast_pointer!(state, DNSState); @@ -888,7 +889,7 @@ unsafe extern "C" fn parse_request( } unsafe extern "C" fn parse_response( - flow: *const core::Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void, + flow: *const Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void, stream_slice: StreamSlice, _data: *const std::os::raw::c_void, ) -> AppLayerResult { let state = cast_pointer!(state, DNSState); @@ -898,7 +899,7 @@ unsafe extern "C" fn parse_response( /// C binding parse a DNS request. Returns 1 on success, -1 on failure. unsafe extern "C" fn parse_request_tcp( - flow: *const core::Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void, + flow: *const Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void, stream_slice: StreamSlice, _data: *const std::os::raw::c_void, ) -> AppLayerResult { let state = cast_pointer!(state, DNSState); @@ -911,7 +912,7 @@ unsafe extern "C" fn parse_request_tcp( } unsafe extern "C" fn parse_response_tcp( - flow: *const core::Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void, + flow: *const Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void, stream_slice: StreamSlice, _data: *const std::os::raw::c_void, ) -> AppLayerResult { let state = cast_pointer!(state, DNSState); @@ -1028,7 +1029,7 @@ pub extern "C" fn SCDnsTxGetResponseFlags(tx: &mut DNSTransaction) -> u16 { } unsafe extern "C" fn probe_udp( - _flow: *const core::Flow, _dir: u8, input: *const u8, len: u32, rdir: *mut u8, + _flow: *const Flow, _dir: u8, input: *const u8, len: u32, rdir: *mut u8, ) -> AppProto { if input.is_null() || len < std::mem::size_of::() as u32 { return core::ALPROTO_UNKNOWN; @@ -1048,7 +1049,7 @@ unsafe extern "C" fn probe_udp( } unsafe extern "C" fn c_probe_tcp( - _flow: *const core::Flow, direction: u8, input: *const u8, len: u32, rdir: *mut u8, + _flow: *const Flow, direction: u8, input: *const u8, len: u32, rdir: *mut u8, ) -> AppProto { if input.is_null() || len < std::mem::size_of::() as u32 + 2 { return core::ALPROTO_UNKNOWN; diff --git a/rust/src/enip/enip.rs b/rust/src/enip/enip.rs index 18e7281226..6b99992f12 100644 --- a/rust/src/enip/enip.rs +++ b/rust/src/enip/enip.rs @@ -20,10 +20,11 @@ use super::parser; use crate::applayer::{self, *}; use crate::conf::conf_get; use crate::core::{ - AppProto, Direction, Flow, ALPROTO_FAILED, ALPROTO_UNKNOWN, IPPROTO_TCP, IPPROTO_UDP, + AppProto, Direction, ALPROTO_FAILED, ALPROTO_UNKNOWN, IPPROTO_TCP, IPPROTO_UDP, STREAM_TOCLIENT, STREAM_TOSERVER, }; use crate::detect::EnumString; +use crate::flow::Flow; use crate::frames::Frame; use nom7 as nom; use std; diff --git a/rust/src/flow.rs b/rust/src/flow.rs new file mode 100644 index 0000000000..27c4d658f5 --- /dev/null +++ b/rust/src/flow.rs @@ -0,0 +1,55 @@ +/* Copyright (C) 2017-2025 Open Information Security Foundation + * + * You can copy, redistribute or modify this Program under the terms of + * the GNU General Public License version 2 as published by the Free + * Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * version 2 along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + * 02110-1301, USA. + */ + +/// Flow API from C. +/// cbindgen:ignore +extern "C" { + fn FlowGetLastTimeAsParts(flow: &Flow, secs: *mut u64, usecs: *mut u64); + fn FlowGetFlags(flow: &Flow) -> u32; + fn FlowGetSourcePort(flow: &Flow) -> u16; + fn FlowGetDestinationPort(flow: &Flow) -> u16; +} + +// Flow flags +pub const FLOW_DIR_REVERSED: u32 = BIT_U32!(26); + +/// Opaque flow type (defined in C) +pub enum Flow {} + +/// Rust implementation of Flow. +impl Flow { + /// Return the time of the last flow update as a `Duration` + /// since the epoch. + pub fn get_last_time(&mut self) -> std::time::Duration { + unsafe { + let mut secs: u64 = 0; + let mut usecs: u64 = 0; + FlowGetLastTimeAsParts(self, &mut secs, &mut usecs); + std::time::Duration::new(secs, usecs as u32 * 1000) + } + } + + /// Return the flow flags. + pub fn get_flags(&self) -> u32 { + unsafe { FlowGetFlags(self) } + } + + /// Return flow ports + pub fn get_ports(&self) -> (u16, u16) { + unsafe { (FlowGetSourcePort(self), FlowGetDestinationPort(self)) } + } +} diff --git a/rust/src/frames.rs b/rust/src/frames.rs index 2380a51594..ac78358438 100644 --- a/rust/src/frames.rs +++ b/rust/src/frames.rs @@ -18,7 +18,7 @@ //! Module for bindings to the Suricata C frame API. use crate::applayer::StreamSlice; -use crate::core::Flow; +use crate::flow::Flow; #[cfg(not(test))] use crate::core::STREAM_TOSERVER; use crate::core::Direction; diff --git a/rust/src/http2/http2.rs b/rust/src/http2/http2.rs index 98214ff1a6..4934c9e023 100644 --- a/rust/src/http2/http2.rs +++ b/rust/src/http2/http2.rs @@ -25,6 +25,7 @@ use crate::conf::conf_get; use crate::core::*; use crate::filecontainer::*; use crate::filetracker::*; +use crate::flow::Flow; use crate::frames::Frame; use crate::dns::dns::{dns_parse_request, dns_parse_response, DNSTransaction}; diff --git a/rust/src/http2/range.rs b/rust/src/http2/range.rs index 71c22a7b5d..0749cc0bc5 100644 --- a/rust/src/http2/range.rs +++ b/rust/src/http2/range.rs @@ -17,8 +17,9 @@ use super::detect; use crate::core::{ - Direction, Flow, HttpRangeContainerBlock, StreamingBufferConfig, SuricataFileContext, SC, + Direction, HttpRangeContainerBlock, StreamingBufferConfig, SuricataFileContext, SC, }; +use crate::flow::Flow; use crate::http2::http2::HTTP2Transaction; use crate::http2::http2::SURICATA_HTTP2_FILE_CONFIG; diff --git a/rust/src/ike/ike.rs b/rust/src/ike/ike.rs index df62c19cb4..81e10af24e 100644 --- a/rust/src/ike/ike.rs +++ b/rust/src/ike/ike.rs @@ -23,6 +23,7 @@ use self::ipsec_parser::*; use crate::applayer; use crate::applayer::*; use crate::core::{self, *}; +use crate::flow::Flow; use crate::ike::ikev1::{handle_ikev1, IkeV1Header, Ikev1Container}; use crate::ike::ikev2::{handle_ikev2, Ikev2Container}; use crate::ike::parser::*; diff --git a/rust/src/krb/krb5.rs b/rust/src/krb/krb5.rs index 51b215ca30..b322c7b172 100644 --- a/rust/src/krb/krb5.rs +++ b/rust/src/krb/krb5.rs @@ -28,7 +28,8 @@ use kerberos_parser::krb5::{EncryptionType,ErrorCode,MessageType,PrincipalName,R use asn1_rs::FromDer; use crate::applayer::{self, *}; use crate::core; -use crate::core::{AppProto,Flow,ALPROTO_FAILED,ALPROTO_UNKNOWN,Direction, IPPROTO_TCP, IPPROTO_UDP}; +use crate::core::{AppProto,ALPROTO_FAILED,ALPROTO_UNKNOWN,Direction, IPPROTO_TCP, IPPROTO_UDP}; +use crate::flow::Flow; #[derive(AppLayerEvent)] pub enum KRB5Event { @@ -428,7 +429,7 @@ pub unsafe extern "C" fn rs_krb5_probing_parser_tcp(_flow: *const Flow, } #[no_mangle] -pub unsafe extern "C" fn rs_krb5_parse_request(_flow: *const core::Flow, +pub unsafe extern "C" fn rs_krb5_parse_request(_flow: *const Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void, stream_slice: StreamSlice, @@ -443,7 +444,7 @@ pub unsafe extern "C" fn rs_krb5_parse_request(_flow: *const core::Flow, } #[no_mangle] -pub unsafe extern "C" fn rs_krb5_parse_response(_flow: *const core::Flow, +pub unsafe extern "C" fn rs_krb5_parse_response(_flow: *const Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void, stream_slice: StreamSlice, @@ -458,7 +459,7 @@ pub unsafe extern "C" fn rs_krb5_parse_response(_flow: *const core::Flow, } #[no_mangle] -pub unsafe extern "C" fn rs_krb5_parse_request_tcp(_flow: *const core::Flow, +pub unsafe extern "C" fn rs_krb5_parse_request_tcp(_flow: *const Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void, stream_slice: StreamSlice, @@ -516,7 +517,7 @@ pub unsafe extern "C" fn rs_krb5_parse_request_tcp(_flow: *const core::Flow, } #[no_mangle] -pub unsafe extern "C" fn rs_krb5_parse_response_tcp(_flow: *const core::Flow, +pub unsafe extern "C" fn rs_krb5_parse_response_tcp(_flow: *const Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void, stream_slice: StreamSlice, diff --git a/rust/src/ldap/ldap.rs b/rust/src/ldap/ldap.rs index 44c4eeedc3..c17de7f991 100644 --- a/rust/src/ldap/ldap.rs +++ b/rust/src/ldap/ldap.rs @@ -19,7 +19,8 @@ use crate::applayer::{self, *}; use crate::conf::conf_get; -use crate::core::{Flow, *}; +use crate::core::*; +use crate::flow::Flow; use crate::frames::*; use nom7 as nom; use std; diff --git a/rust/src/lib.rs b/rust/src/lib.rs index bea7854f10..9d2b7990f6 100644 --- a/rust/src/lib.rs +++ b/rust/src/lib.rs @@ -139,6 +139,7 @@ pub mod ffi; pub mod feature; pub mod sdp; pub mod ldap; +pub mod flow; #[allow(unused_imports)] pub use suricata_lua_sys; diff --git a/rust/src/modbus/modbus.rs b/rust/src/modbus/modbus.rs index 56f9e6f1f5..33cb9787c4 100644 --- a/rust/src/modbus/modbus.rs +++ b/rust/src/modbus/modbus.rs @@ -15,7 +15,8 @@ * 02110-1301, USA. */ use crate::applayer::{self, *}; -use crate::core::{self, AppProto, ALPROTO_FAILED, ALPROTO_UNKNOWN, IPPROTO_TCP}; +use crate::core::{AppProto, ALPROTO_FAILED, ALPROTO_UNKNOWN, IPPROTO_TCP}; +use crate::flow::Flow; use std::ffi::CString; @@ -280,7 +281,7 @@ impl ModbusState { /// Probe input to see if it looks like Modbus. #[no_mangle] pub extern "C" fn rs_modbus_probe( - _flow: *const core::Flow, _direction: u8, input: *const u8, len: u32, _rdir: *mut u8, + _flow: *const Flow, _direction: u8, input: *const u8, len: u32, _rdir: *mut u8, ) -> AppProto { if input.is_null() { return ALPROTO_UNKNOWN; @@ -313,7 +314,7 @@ pub unsafe extern "C" fn rs_modbus_state_tx_free(state: *mut std::os::raw::c_voi #[no_mangle] pub unsafe extern "C" fn rs_modbus_parse_request( - _flow: *const core::Flow, state: *mut std::os::raw::c_void, pstate: *mut std::os::raw::c_void, + _flow: *const Flow, state: *mut std::os::raw::c_void, pstate: *mut std::os::raw::c_void, stream_slice: StreamSlice, _data: *const std::os::raw::c_void, ) -> AppLayerResult { @@ -332,7 +333,7 @@ pub unsafe extern "C" fn rs_modbus_parse_request( #[no_mangle] pub unsafe extern "C" fn rs_modbus_parse_response( - _flow: *const core::Flow, state: *mut std::os::raw::c_void, pstate: *mut std::os::raw::c_void, + _flow: *const Flow, state: *mut std::os::raw::c_void, pstate: *mut std::os::raw::c_void, stream_slice: StreamSlice, _data: *const std::os::raw::c_void, ) -> AppLayerResult { diff --git a/rust/src/mqtt/mqtt.rs b/rust/src/mqtt/mqtt.rs index e2905a4c60..d4ee6cced3 100644 --- a/rust/src/mqtt/mqtt.rs +++ b/rust/src/mqtt/mqtt.rs @@ -23,6 +23,7 @@ use crate::applayer::*; use crate::applayer::{self, LoggerFlags}; use crate::conf::{conf_get, get_memval}; use crate::core::*; +use crate::flow::Flow; use crate::frames::*; use nom7::Err; use std; diff --git a/rust/src/nfs/nfs.rs b/rust/src/nfs/nfs.rs index 15effa4f66..04c205aabf 100644 --- a/rust/src/nfs/nfs.rs +++ b/rust/src/nfs/nfs.rs @@ -26,6 +26,7 @@ use nom7::{Err, Needed}; use crate::applayer; use crate::applayer::*; +use crate::flow::Flow; use crate::frames::*; use crate::core::*; use crate::conf::*; diff --git a/rust/src/ntp/ntp.rs b/rust/src/ntp/ntp.rs index e17648c4c9..d4c3d8b41b 100644 --- a/rust/src/ntp/ntp.rs +++ b/rust/src/ntp/ntp.rs @@ -20,8 +20,9 @@ extern crate ntp_parser; use self::ntp_parser::*; use crate::core; -use crate::core::{AppProto,Flow,ALPROTO_UNKNOWN,ALPROTO_FAILED,Direction}; +use crate::core::{AppProto,ALPROTO_UNKNOWN,ALPROTO_FAILED,Direction}; use crate::applayer::{self, *}; +use crate::flow::Flow; use std; use std::ffi::CString; @@ -174,7 +175,7 @@ pub extern "C" fn rs_ntp_state_free(state: *mut std::os::raw::c_void) { } #[no_mangle] -pub unsafe extern "C" fn rs_ntp_parse_request(_flow: *const core::Flow, +pub unsafe extern "C" fn rs_ntp_parse_request(_flow: *const Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void, stream_slice: StreamSlice, @@ -188,7 +189,7 @@ pub unsafe extern "C" fn rs_ntp_parse_request(_flow: *const core::Flow, } #[no_mangle] -pub unsafe extern "C" fn rs_ntp_parse_response(_flow: *const core::Flow, +pub unsafe extern "C" fn rs_ntp_parse_response(_flow: *const Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void, stream_slice: StreamSlice, diff --git a/rust/src/pgsql/pgsql.rs b/rust/src/pgsql/pgsql.rs index ad57590b3a..af6799118e 100644 --- a/rust/src/pgsql/pgsql.rs +++ b/rust/src/pgsql/pgsql.rs @@ -22,7 +22,8 @@ use super::parser::{self, ConsolidatedDataRowPacket, PgsqlBEMessage, PgsqlFEMessage}; use crate::applayer::*; use crate::conf::*; -use crate::core::{AppProto, Direction, Flow, ALPROTO_FAILED, ALPROTO_UNKNOWN, IPPROTO_TCP, *}; +use crate::core::{AppProto, Direction, ALPROTO_FAILED, ALPROTO_UNKNOWN, IPPROTO_TCP, *}; +use crate::flow::Flow; use nom7::{Err, IResult}; use std; use std::collections::VecDeque; diff --git a/rust/src/quic/quic.rs b/rust/src/quic/quic.rs index bc58afe219..54ebc05688 100644 --- a/rust/src/quic/quic.rs +++ b/rust/src/quic/quic.rs @@ -21,8 +21,8 @@ use super::{ frames::{Frame, QuicTlsExtension, StreamTag}, parser::{quic_pkt_num, QuicData, QuicHeader, QuicType}, }; -use crate::applayer::{self, *}; -use crate::core::{AppProto, Direction, Flow, ALPROTO_FAILED, ALPROTO_UNKNOWN, IPPROTO_UDP}; +use crate::{applayer::{self, *}, flow::Flow}; +use crate::core::{AppProto, Direction, ALPROTO_FAILED, ALPROTO_UNKNOWN, IPPROTO_UDP}; use std::collections::VecDeque; use std::ffi::CString; use tls_parser::TlsExtensionType; diff --git a/rust/src/rdp/rdp.rs b/rust/src/rdp/rdp.rs index 25b5ee381a..732f246c09 100644 --- a/rust/src/rdp/rdp.rs +++ b/rust/src/rdp/rdp.rs @@ -20,7 +20,8 @@ //! RDP application layer use crate::applayer::{self, *}; -use crate::core::{AppProto, Flow, ALPROTO_UNKNOWN, IPPROTO_TCP}; +use crate::core::{AppProto, ALPROTO_UNKNOWN, IPPROTO_TCP}; +use crate::flow::Flow; use crate::rdp::parser::*; use nom7::Err; use std; diff --git a/rust/src/rfb/rfb.rs b/rust/src/rfb/rfb.rs index 5c226af3ab..d7fcdd2354 100644 --- a/rust/src/rfb/rfb.rs +++ b/rust/src/rfb/rfb.rs @@ -21,7 +21,8 @@ use super::parser; use crate::applayer; use crate::applayer::*; -use crate::core::{AppProto, Flow, ALPROTO_UNKNOWN, IPPROTO_TCP}; +use crate::core::{AppProto, ALPROTO_UNKNOWN, IPPROTO_TCP}; +use crate::flow::Flow; use crate::frames::*; use nom7::Err; use std; diff --git a/rust/src/sip/sip.rs b/rust/src/sip/sip.rs index 5f52e0c8db..010da975ca 100755 --- a/rust/src/sip/sip.rs +++ b/rust/src/sip/sip.rs @@ -20,6 +20,7 @@ use crate::applayer::{self, *}; use crate::core; use crate::core::{AppProto, ALPROTO_UNKNOWN, IPPROTO_TCP, IPPROTO_UDP}; +use crate::flow::Flow; use crate::frames::*; use crate::sip::parser::*; use nom7::Err; @@ -113,7 +114,7 @@ impl SIPState { } // app-layer-frame-documentation tag start: parse_request - fn parse_request(&mut self, flow: *const core::Flow, stream_slice: StreamSlice) -> bool { + fn parse_request(&mut self, flow: *const Flow, stream_slice: StreamSlice) -> bool { let input = stream_slice.as_slice(); let _pdu = Frame::new( flow, @@ -149,7 +150,7 @@ impl SIPState { } fn parse_request_tcp( - &mut self, flow: *const core::Flow, stream_slice: StreamSlice, + &mut self, flow: *const Flow, stream_slice: StreamSlice, ) -> AppLayerResult { let input = stream_slice.as_slice(); if input.is_empty() { @@ -209,7 +210,7 @@ impl SIPState { return AppLayerResult::ok(); } - fn parse_response(&mut self, flow: *const core::Flow, stream_slice: StreamSlice) -> bool { + fn parse_response(&mut self, flow: *const Flow, stream_slice: StreamSlice) -> bool { let input = stream_slice.as_slice(); let _pdu = Frame::new( flow, @@ -244,7 +245,7 @@ impl SIPState { } fn parse_response_tcp( - &mut self, flow: *const core::Flow, stream_slice: StreamSlice, + &mut self, flow: *const Flow, stream_slice: StreamSlice, ) -> AppLayerResult { let input = stream_slice.as_slice(); if input.is_empty() { @@ -319,7 +320,7 @@ impl SIPTransaction { } // app-layer-frame-documentation tag start: function to add frames -fn sip_frames_ts(flow: *const core::Flow, stream_slice: &StreamSlice, r: &Request, tx_id: u64) { +fn sip_frames_ts(flow: *const Flow, stream_slice: &StreamSlice, r: &Request, tx_id: u64) { let oi = stream_slice.as_slice(); let _f = Frame::new( flow, @@ -355,7 +356,7 @@ fn sip_frames_ts(flow: *const core::Flow, stream_slice: &StreamSlice, r: &Reques } // app-layer-frame-documentation tag end: function to add frames -fn sip_frames_tc(flow: *const core::Flow, stream_slice: &StreamSlice, r: &Response, tx_id: u64) { +fn sip_frames_tc(flow: *const Flow, stream_slice: &StreamSlice, r: &Response, tx_id: u64) { let oi = stream_slice.as_slice(); let _f = Frame::new( flow, @@ -439,7 +440,7 @@ pub static mut ALPROTO_SIP: AppProto = ALPROTO_UNKNOWN; #[no_mangle] pub unsafe extern "C" fn rs_sip_parse_request( - flow: *const core::Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void, + flow: *const Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void, stream_slice: StreamSlice, _data: *const std::os::raw::c_void, ) -> AppLayerResult { let state = cast_pointer!(state, SIPState); @@ -448,7 +449,7 @@ pub unsafe extern "C" fn rs_sip_parse_request( #[no_mangle] pub unsafe extern "C" fn rs_sip_parse_request_tcp( - flow: *const core::Flow, state: *mut std::os::raw::c_void, pstate: *mut std::os::raw::c_void, + flow: *const Flow, state: *mut std::os::raw::c_void, pstate: *mut std::os::raw::c_void, stream_slice: StreamSlice, _data: *const std::os::raw::c_void, ) -> AppLayerResult { if stream_slice.is_empty() { @@ -465,7 +466,7 @@ pub unsafe extern "C" fn rs_sip_parse_request_tcp( #[no_mangle] pub unsafe extern "C" fn rs_sip_parse_response( - flow: *const core::Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void, + flow: *const Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void, stream_slice: StreamSlice, _data: *const std::os::raw::c_void, ) -> AppLayerResult { let state = cast_pointer!(state, SIPState); @@ -474,7 +475,7 @@ pub unsafe extern "C" fn rs_sip_parse_response( #[no_mangle] pub unsafe extern "C" fn rs_sip_parse_response_tcp( - flow: *const core::Flow, state: *mut std::os::raw::c_void, pstate: *mut std::os::raw::c_void, + flow: *const Flow, state: *mut std::os::raw::c_void, pstate: *mut std::os::raw::c_void, stream_slice: StreamSlice, _data: *const std::os::raw::c_void, ) -> AppLayerResult { if stream_slice.is_empty() { diff --git a/rust/src/smb/smb.rs b/rust/src/smb/smb.rs index 6c7e7b6770..9cc5c83ec1 100644 --- a/rust/src/smb/smb.rs +++ b/rust/src/smb/smb.rs @@ -39,6 +39,7 @@ use std::num::NonZeroUsize; use crate::core::*; use crate::applayer; use crate::applayer::*; +use crate::flow::{Flow, FLOW_DIR_REVERSED}; use crate::frames::*; use crate::conf::*; use crate::applayer::{AppLayerResult, AppLayerTxData, AppLayerEvent}; diff --git a/rust/src/snmp/snmp.rs b/rust/src/snmp/snmp.rs index c0a121d13a..d31e0a26bf 100644 --- a/rust/src/snmp/snmp.rs +++ b/rust/src/snmp/snmp.rs @@ -17,6 +17,7 @@ // written by Pierre Chifflier +use crate::flow::Flow; use crate::snmp::snmp_parser::*; use crate::core::{self, *}; use crate::applayer::{self, *}; @@ -265,7 +266,7 @@ pub extern "C" fn rs_snmp_state_free(state: *mut std::os::raw::c_void) { } #[no_mangle] -pub unsafe extern "C" fn rs_snmp_parse_request(_flow: *const core::Flow, +pub unsafe extern "C" fn rs_snmp_parse_request(_flow: *const Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void, stream_slice: StreamSlice, @@ -276,7 +277,7 @@ pub unsafe extern "C" fn rs_snmp_parse_request(_flow: *const core::Flow, } #[no_mangle] -pub unsafe extern "C" fn rs_snmp_parse_response(_flow: *const core::Flow, +pub unsafe extern "C" fn rs_snmp_parse_response(_flow: *const Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void, stream_slice: StreamSlice, diff --git a/rust/src/ssh/ssh.rs b/rust/src/ssh/ssh.rs index 99c88c9d7c..c75d56f6e4 100644 --- a/rust/src/ssh/ssh.rs +++ b/rust/src/ssh/ssh.rs @@ -18,6 +18,7 @@ use super::parser; use crate::applayer::*; use crate::core::*; +use crate::flow::Flow; use nom7::Err; use std::ffi::CString; use std::sync::atomic::{AtomicBool, Ordering}; diff --git a/rust/src/telnet/telnet.rs b/rust/src/telnet/telnet.rs index 29b02a9b7f..1d67059bcb 100644 --- a/rust/src/telnet/telnet.rs +++ b/rust/src/telnet/telnet.rs @@ -16,8 +16,9 @@ */ use std; -use crate::core::{ALPROTO_UNKNOWN, AppProto, Flow, IPPROTO_TCP}; +use crate::core::{ALPROTO_UNKNOWN, AppProto, IPPROTO_TCP}; use crate::applayer::{self, *}; +use crate::flow::Flow; use crate::frames::*; use std::ffi::CString; use nom7::IResult; diff --git a/rust/src/websocket/websocket.rs b/rust/src/websocket/websocket.rs index f686ad471b..0a3f92525c 100644 --- a/rust/src/websocket/websocket.rs +++ b/rust/src/websocket/websocket.rs @@ -18,7 +18,8 @@ use super::parser; use crate::applayer::{self, *}; use crate::conf::conf_get; -use crate::core::{AppProto, Direction, Flow, ALPROTO_FAILED, ALPROTO_UNKNOWN, IPPROTO_TCP}; +use crate::core::{AppProto, Direction, ALPROTO_FAILED, ALPROTO_UNKNOWN, IPPROTO_TCP}; +use crate::flow::Flow; use crate::frames::Frame; use nom7 as nom;