From: Victor Julien <victor@inliniac.net>
Date: Thu, 13 Feb 2014 14:53:08 +0000 (+0100)
Subject: dns: if no (valid) config is found, use defaults
X-Git-Tag: suricata-2.0rc2~75
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=refs%2Fpull%2F841%2Fhead;p=thirdparty%2Fsuricata.git

dns: if no (valid) config is found, use defaults

This patch will set up probing parsers if no (valid) config is
found.

Add a warning in those cases.
---

diff --git a/src/app-layer-dns-tcp.c b/src/app-layer-dns-tcp.c
index 52982bbbea..cc6dec5b4d 100644
--- a/src/app-layer-dns-tcp.c
+++ b/src/app-layer-dns-tcp.c
@@ -605,10 +605,19 @@ void RegisterDNSTCPParsers(void) {
                                           STREAM_TOSERVER,
                                           DNSTcpProbingParser);
         } else {
-            AppLayerProtoDetectPPParseConfPorts("tcp", IPPROTO_TCP,
+            int have_cfg = AppLayerProtoDetectPPParseConfPorts("tcp", IPPROTO_TCP,
                                                 proto_name, ALPROTO_DNS,
                                                 0, sizeof(DNSTcpHeader),
                                                 DNSTcpProbingParser);
+            /* if we have no config, we enable the default port 53 */
+            if (!have_cfg) {
+                SCLogWarning(SC_ERR_DNS_CONFIG, "no DNS TCP config found, "
+                                                "enabling DNS detection on "
+                                                "port 53.");
+                AppLayerProtoDetectPPRegister(IPPROTO_TCP, "53",
+                                   ALPROTO_DNS, 0, sizeof(DNSTcpHeader),
+                                   STREAM_TOSERVER, DNSTcpProbingParser);
+            }
         }
     } else {
         SCLogInfo("Protocol detection and parser disabled for %s protocol.",
diff --git a/src/app-layer-dns-udp.c b/src/app-layer-dns-udp.c
index 6a9e1cf50d..1d293c32b9 100644
--- a/src/app-layer-dns-udp.c
+++ b/src/app-layer-dns-udp.c
@@ -364,10 +364,19 @@ void RegisterDNSUDPParsers(void) {
                                           STREAM_TOSERVER,
                                           DNSUdpProbingParser);
         } else {
-            AppLayerProtoDetectPPParseConfPorts("udp", IPPROTO_UDP,
+            int have_cfg = AppLayerProtoDetectPPParseConfPorts("udp", IPPROTO_UDP,
                                                 proto_name, ALPROTO_DNS,
                                                 0, sizeof(DNSHeader),
                                                 DNSUdpProbingParser);
+            /* if we have no config, we enable the default port 53 */
+            if (!have_cfg) {
+                SCLogWarning(SC_ERR_DNS_CONFIG, "no DNS UDP config found, "
+                                                "enabling DNS detection on "
+                                                "port 53.");
+                AppLayerProtoDetectPPRegister(IPPROTO_UDP, "53",
+                                   ALPROTO_DNS, 0, sizeof(DNSHeader),
+                                   STREAM_TOSERVER, DNSUdpProbingParser);
+            }
         }
     } else {
         SCLogInfo("Protocol detection and parser disabled for %s protocol.",