9 Commits (85b1a8ff26a0a8ba1e3f0a0c9e92f6fb08c2733d)

Author	SHA1	Message	Date
Victor Julien	61cdd9be6b	dns: detect case of request flooding ... In the case where DNS requests are sent over the same flow w/o a reply being received, we now set an event in the flow and refuse to add more transactions to the state. This protects the DNS handling from getting overloaded slowing down everything. A new option to configure this behaviour was added: app-layer: protocols: dnsudp: enabled: yes detection-ports: udp: toserver: 53 request-flood: 750 The request-flood parameter can be 0 (disabling this feature) or a positive integer. It defaults to 500. This means that if 500 unreplied requests are seen in a row an event is set. Rule 2240007 was added to dns-events.rules to match on this.	12 years ago
Anoop Saldanha	5e2d9dbdc3	Add and use EventGetInfo for getting info on an event. ... Also update existing parsers and app-layer-event Setup to use this.	12 years ago
Victor Julien	1c371da46d	DNS: better handle TX' with lost replies	13 years ago
Victor Julien	1367074c75	App layer: clean up TX before lowest active one ... Update DNS to handle cleaning up this way.	13 years ago
Victor Julien	ebab9aee83	DNS: move internal tx id tracking to u64	13 years ago
Victor Julien	e8ad876b48	App layer: add 'StateHasEvents' API call ... Per TX decoder events resulted in significant overhead to the detection engine, as it walked all TX' all the time to check if decoder events were available. This commit introduces a new API call StateHasEvents, which speeds up this process, at the expense of keeping a counter in the state. Implement this for DNS as well.	13 years ago
Victor Julien	571b8ac186	DNS: add support for per TX decoder events.	13 years ago
Victor Julien	6674f4892c	DNS: add per tx internal id ... Add per TX id. Rename transaction_cnt to transaction_max (id) and increment it on tx creation.	13 years ago
Victor Julien	8e01cba85d	DNS TCP and UDP parser and DNS response logger	13 years ago