Conversation
|
Questions about this draft :
TODOs : cf output.c There are more protocols which currently miss this (beyond template, ftp and tftp being fixed here) : pgsql, dcerpc, dhcp, krb5 |
|
ERROR: ERROR: QA failed on ASAN_TLPR1_suri. Pipeline 13735 |
ad55572 to
b476ba2
Compare
Especially fix setup-app-layer script to not forget this part
b476ba2 to
33e61d2
Compare
I guess tickets should be created for these (including ftp and tftp) |
|
ERROR: ERROR: QA failed on ASAN_TLPR1_suri. Pipeline 13737 |
|
@jasonish what do you think about the Check Rust failure ? |
Codecov Report
Additional details and impacted files@@ Coverage Diff @@
## master #8864 +/- ##
==========================================
- Coverage 82.28% 82.28% -0.01%
==========================================
Files 969 969
Lines 273210 273114 -96
==========================================
- Hits 224807 224720 -87
+ Misses 48403 48394 -9
Flags with carried forward coverage won't be shown. Click here to find out more. |
|
WARNING:
Pipeline 13738 |
|
Also, one next step is to have Only difficulty there is to know if we have TCP or UDP or both for OutputGenericLogInitSub |
Looks like GitHub changed the format the code is checked out, in such a way we can no longer use git tools like |
Ok, but I also do not get anything locally running And this PR is only removing some lines of rust code... |
|
Fix: #8866 |
By this do you mean that there is not a 1:1 relation between protocol and name and objects logged? |
Yes there is. I mean to ask : should these cases be handled in the generic fashion proposed in this PR ? Or just have some separate logic.. |
I think some separate logic may make the initial versions of this PR easier to reason about? We're shooting for post 7.0 stuff here right? |
Not necessarily : this is code simplification, a fix for the script to setup an app layer, and it is leading to adding missing features (adding ftp metadata to alerts) |
|
Need to rebase after #8867 to get CI green |
|
Replaced by #8872 |
Perhaps, I wasn't looking at it in that frame of mind as the issue is targetted for 8.0. |
Link to redmine ticket:
None, preliminary work for https://redmine.openinfosecfoundation.org/issues/5053 and app-layer plugins
Continuation of #8772
Describe changes: