From: Jeff Lucovsky Date: Thu, 23 Apr 2020 14:07:18 +0000 (-0400) Subject: decode/erspan: Warn on ERSPAN Type I config X-Git-Tag: suricata-6.0.0-beta1~459 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=fa082d04dc5109dfe138c2472467d195f92df5e7;p=thirdparty%2Fsuricata.git decode/erspan: Warn on ERSPAN Type I config This commit checks whether pre-6.x settings for ERSPAN Type I are present. ERSPAN Type I is no longer enabled/disabled through a configuration setting -- it's always enabled. When a setting exists to enable/disable ERSPAN Type I decoding, a warning message is logged. Enabling/disabling ERSPAN Type I decode has been deprecated in 6.x --- diff --git a/src/decode-erspan.c b/src/decode-erspan.c index 2df6a5573d..c70b1a32aa 100644 --- a/src/decode-erspan.c +++ b/src/decode-erspan.c @@ -43,6 +43,21 @@ * \brief Functions to decode ERSPAN Type I and II packets */ +/* + * \brief ERSPAN Type I was configurable in 5.0.x but is no longer configurable. + * + * Issue a warning if a configuration setting is found. + */ +void DecodeERSPANConfig(void) +{ + int enabled = 0; + if (ConfGetBool("decoder.erspan.typeI.enabled", &enabled) == 1) { + SCLogWarning(SC_WARN_ERSPAN_CONFIG, + "ERSPAN Type I is no longer configurable and it is always" + " enabled; ignoring configuration setting."); + } +} + /** * \brief ERSPAN Type I */ diff --git a/src/decode-erspan.h b/src/decode-erspan.h index 2f81d1e4a3..5b4af04ea8 100644 --- a/src/decode-erspan.h +++ b/src/decode-erspan.h @@ -34,4 +34,5 @@ typedef struct ErspanHdr_ { uint32_t padding; } __attribute__((__packed__)) ErspanHdr; +void DecodeERSPANConfig(void); #endif /* __DECODE_ERSPAN_H__ */ diff --git a/src/decode.c b/src/decode.c index 323679d3a9..fdf5cb095c 100644 --- a/src/decode.c +++ b/src/decode.c @@ -733,6 +733,7 @@ void DecodeGlobalConfig(void) { DecodeTeredoConfig(); DecodeVXLANConfig(); + DecodeERSPANConfig(); } /**