frames: add --list-app-layer-frames option

Lists frames per ip proto and app-layer proto.

Ticket: #8174.
(cherry picked from commit 7ac5d7428e)

src/runmodes.h

@@ -46,6 +46,7 @@ typedef enum SCRunModes {
     RUNMODE_LIST_KEYWORDS,
     RUNMODE_LIST_APP_LAYERS,
     RUNMODE_LIST_APP_LAYER_HOOKS,
+    RUNMODE_LIST_APP_LAYER_FRAMES,
     RUNMODE_LIST_RUNMODES,
     RUNMODE_PRINT_VERSION,
     RUNMODE_PRINT_BUILDINFO,

src/suricata.c

@@ -719,6 +719,8 @@ static void PrintUsage(const char *progname)
     printf("\t--list-app-layer-protos              : list supported app layer protocols\n");
     printf("\t--list-app-layer-hooks               : list supported app layer hooks for use in "
            "rules\n");
+    printf("\t--list-app-layer-frames              : list supported app layer frames for use with "
+           "'frame' keyword\n");
     printf("\t--dump-config                        : show the running configuration\n");
     printf("\t--dump-features                      : display provided features\n");
     printf("\t--build-info                         : display build information\n");
@@ -1375,6 +1377,7 @@ TmEcode SCParseCommandLine(int argc, char **argv)
     int dump_features = 0;
     int list_app_layer_protocols = 0;
     int list_app_layer_hooks = 0;
+    int list_app_layer_frames = 0;
     int list_unittests = 0;
     int list_runmodes = 0;
     int list_keywords = 0;
@@ -1424,6 +1427,7 @@ TmEcode SCParseCommandLine(int argc, char **argv)
         {"unittest-filter", required_argument, 0, 'U'},
         {"list-app-layer-protos", 0, &list_app_layer_protocols, 1},
         {"list-app-layer-hooks", 0, &list_app_layer_hooks, 1},
+        {"list-app-layer-frames", 0, &list_app_layer_frames, 1},
         {"list-unittests", 0, &list_unittests, 1},
         {"list-runmodes", 0, &list_runmodes, 1},
         {"list-keywords", optional_argument, &list_keywords, 1},
@@ -2123,6 +2127,8 @@ TmEcode SCParseCommandLine(int argc, char **argv)
         suri->run_mode = RUNMODE_LIST_APP_LAYERS;
     if (list_app_layer_hooks)
         suri->run_mode = RUNMODE_LIST_APP_LAYER_HOOKS;
+    if (list_app_layer_frames)
+        suri->run_mode = RUNMODE_LIST_APP_LAYER_FRAMES;
     if (list_keywords)
         suri->run_mode = RUNMODE_LIST_KEYWORDS;
     if (list_unittests)
@@ -2405,6 +2411,12 @@ int SCStartInternalRunMode(int argc, char **argv)
             } else {
                 return ListAppLayerHooks(DEFAULT_CONF_FILE);
             }
+        case RUNMODE_LIST_APP_LAYER_FRAMES:
+            if (suri->conf_filename != NULL) {
+                return ListAppLayerFrames(suri->conf_filename);
+            } else {
+                return ListAppLayerFrames(DEFAULT_CONF_FILE);
+            }
         case RUNMODE_PRINT_VERSION:
             PrintVersion();
             return TM_ECODE_DONE;

src/util-running-modes.c

@@ -115,3 +115,46 @@ int ListAppLayerHooks(const char *conf_filename)
     }
     return TM_ECODE_DONE;
 }
+
+int ListAppLayerFrames(const char *conf_filename)
+{
+    EngineModeSetIDS();
+    if (SCConfYamlLoadFile(conf_filename) != -1)
+        SCLogLoadConfig(0, 0, 0, 0);
+    MpmTableSetup();
+    SpmTableSetup();
+    AppLayerSetup();
+
+    AppProto alprotos[g_alproto_max];
+    AppLayerProtoDetectSupportedAppProtocols(alprotos);
+
+    printf("=========Supported App Layer Frames=========\n");
+    for (AppProto a = 0; a < g_alproto_max; a++) {
+        if (alprotos[a] != 1)
+            continue;
+
+        const char *alproto_name = AppProtoToString(a);
+        if (strcmp(alproto_name, "http") == 0)
+            alproto_name = "http1";
+        SCLogDebug("alproto %u/%s", a, alproto_name);
+
+        bool tcp_stream_once = false;
+        for (uint32_t i = 0; i < 255; i++) {
+            const char *name = AppLayerParserGetFrameNameById(IPPROTO_TCP, a, (uint8_t)i);
+            if (name == NULL)
+                break;
+            if (!tcp_stream_once) {
+                printf("tcp: %s.stream\n", alproto_name);
+                tcp_stream_once = true;
+            }
+            printf("tcp: %s.%s\n", alproto_name, name);
+        }
+        for (uint32_t i = 0; i < 255; i++) {
+            const char *name = AppLayerParserGetFrameNameById(IPPROTO_UDP, a, (uint8_t)i);
+            if (name == NULL)
+                break;
+            printf("udp: %s.%s\n", alproto_name, name);
+        }
+    }
+    return TM_ECODE_DONE;
+}

src/util-running-modes.h

@@ -26,5 +26,6 @@
 int ListKeywords(const char *keyword_info);
 int ListAppLayerProtocols(const char *conf_filename);
 int ListAppLayerHooks(const char *conf_filename);
+int ListAppLayerFrames(const char *conf_filename);
 
 #endif /* SURICATA_UTIL_RUNNING_MODES_H */