]> git.ipfire.org Git - thirdparty/suricata.git/commit
projects / thirdparty / suricata.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: e62c7d7) | patch
app-layer: track modified/processed txs
authorPhilippe Antoine <pantoine@oisf.net>
Fri, 31 May 2024 08:39:16 +0000 (10:39 +0200)
committerVictor Julien <victor@inliniac.net>
Tue, 10 Dec 2024 13:40:04 +0000 (14:40 +0100)
commitb02557ac7dd6b55187309cee93f849ee2917d0cb
treeae8df28f047fdebd71dc5cfd2ba99ce3dcd40130tree
parente62c7d733b94ca9380e24bd4c85825c1a2cef3c7commit | diff
app-layer: track modified/processed txs

To optimize detection, and logging, to avoid going through
all the live transactions when only a few were modified.

Two boolean fields are added to the tx data: updated_tc and ts
The app-layer parsers are now responsible to set these when
needed, and the logging and detection uses them to skip
transactions that were not updated.

There may some more optimization remaining by when we set
both updated_tc and updated_ts in functions returning
a mutable transaction, by checking if all the callers
are called in one direction only (request or response)

Ticket: 7087
25 files changed:
rust/src/applayer.rs diff | blob | blame | history
rust/src/applayertemplate/template.rs diff | blob | blame | history
rust/src/dcerpc/dcerpc.rs diff | blob | blame | history
rust/src/dcerpc/dcerpc_udp.rs diff | blob | blame | history
rust/src/enip/enip.rs diff | blob | blame | history
rust/src/http2/http2.rs diff | blob | blame | history
rust/src/ldap/ldap.rs diff | blob | blame | history
rust/src/modbus/modbus.rs diff | blob | blame | history
rust/src/mqtt/mqtt.rs diff | blob | blame | history
rust/src/nfs/nfs.rs diff | blob | blame | history
rust/src/pgsql/pgsql.rs diff | blob | blame | history
rust/src/rfb/rfb.rs diff | blob | blame | history
rust/src/smb/dcerpc.rs diff | blob | blame | history
rust/src/smb/files.rs diff | blob | blame | history
rust/src/smb/session.rs diff | blob | blame | history
rust/src/smb/smb.rs diff | blob | blame | history
rust/src/ssh/ssh.rs diff | blob | blame | history
src/app-layer-dnp3.c diff | blob | blame | history
src/app-layer-ftp.c diff | blob | blame | history
src/app-layer-htp.c diff | blob | blame | history
src/app-layer-parser.c diff | blob | blame | history
src/app-layer-smtp.c diff | blob | blame | history
src/app-layer-ssl.c diff | blob | blame | history
src/detect.c diff | blob | blame | history
src/output-tx.c diff | blob | blame | history
Mirror of https://github.com/OISF/suricata.git