From: Jason Ish <ish@unx.ca>
Date: Thu, 8 Oct 2015 20:54:57 +0000 (-0600)
Subject: template app-layer: disable if not in config file (default)
X-Git-Tag: suricata-3.0RC1~62
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=9697a09d219ca8abe9bb948df9120338646f23ca;p=thirdparty%2Fsuricata.git

template app-layer: disable if not in config file (default)

Unlike other app-layer protocols which are enabled by default,
disable this one by default as it likely shouldn't be enabled
in production use of Suricata.
---

diff --git a/src/app-layer-template.c b/src/app-layer-template.c
index 87b64b732f..5eafa67e1a 100644
--- a/src/app-layer-template.c
+++ b/src/app-layer-template.c
@@ -25,6 +25,7 @@
 
 #include "suricata-common.h"
 #include "stream.h"
+#include "conf.h"
 
 #include "util-unittest.h"
 
@@ -428,6 +429,12 @@ void RegisterTemplateParsers(void)
 {
     char *proto_name = "template";
 
+    /* TEMPLATE_START_REMOVE */
+    if (ConfGetNode("app-layer.protocols.template") == NULL) {
+        return;
+    }
+    /* TEMPLATE_END_REMOVE */
+
     /* Check if Template TCP detection is enabled. If it does not exist in
      * the configuration file then it will be enabled by default. */
     if (AppLayerProtoDetectConfProtoDetectionEnabled("tcp", proto_name)) {
@@ -481,8 +488,8 @@ void RegisterTemplateParsers(void)
             STREAM_TOSERVER, TemplateParseRequest);
 
         /* Register response parser for parsing frames from server to client. */
-        AppLayerParserRegisterParser(IPPROTO_TCP, ALPROTO_TEMPLATE, STREAM_TOCLIENT,
-            TemplateParseResponse);
+        AppLayerParserRegisterParser(IPPROTO_TCP, ALPROTO_TEMPLATE,
+            STREAM_TOCLIENT, TemplateParseResponse);
 
         /* Register a function to be called by the application layer
          * when a transaction is to be freed. */
@@ -490,7 +497,8 @@ void RegisterTemplateParsers(void)
             TemplateStateTxFree);
 
         /* Register a function to return the current transaction count. */
-        AppLayerParserRegisterGetTxCnt(IPPROTO_TCP, ALPROTO_TEMPLATE, TemplateGetTxCnt);
+        AppLayerParserRegisterGetTxCnt(IPPROTO_TCP, ALPROTO_TEMPLATE,
+            TemplateGetTxCnt);
 
         /* Transaction handling. */
         AppLayerParserRegisterGetStateProgressCompletionStatus(IPPROTO_TCP,
diff --git a/src/detect-template-buffer.c b/src/detect-template-buffer.c
index 64f948c2b4..d9f9aa67ce 100644
--- a/src/detect-template-buffer.c
+++ b/src/detect-template-buffer.c
@@ -21,6 +21,7 @@
  */
 
 #include "suricata-common.h"
+#include "conf.h"
 #include "detect.h"
 #include "app-layer-template.h"
 
@@ -29,6 +30,10 @@ static void DetectTemplateBufferRegisterTests(void);
 
 void DetectTemplateBufferRegister(void)
 {
+    if (ConfGetNode("app-layer.protocols.template") == NULL) {
+        return;
+    }
+
     sigmatch_table[DETECT_AL_TEMPLATE_BUFFER].name = "template_buffer";
     sigmatch_table[DETECT_AL_TEMPLATE_BUFFER].desc =
         "Template content modififier to match on the template buffers";
diff --git a/src/output-json-template.c b/src/output-json-template.c
index ca4a937837..d360e6746c 100644
--- a/src/output-json-template.c
+++ b/src/output-json-template.c
@@ -180,6 +180,10 @@ static TmEcode JsonTemplateLogThreadDeinit(ThreadVars *t, void *data)
 
 void TmModuleJsonTemplateLogRegister(void)
 {
+    if (ConfGetNode("app-layer.protocols.template") == NULL) {
+        return;
+    }
+
     tmm_modules[TMM_JSONTEMPLATELOG].name = "JsonTemplateLog";
     tmm_modules[TMM_JSONTEMPLATELOG].ThreadInit = JsonTemplateLogThreadInit;
     tmm_modules[TMM_JSONTEMPLATELOG].ThreadDeinit = JsonTemplateLogThreadDeinit;