Skip to content

Smb hashmap/v6 #12028

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
victorjulien wants to merge 10 commits into from
Closed

Smb hashmap/v6 #12028

victorjulien wants to merge 10 commits into from

Conversation

@victorjulien
Copy link
Member

@victorjulien victorjulien commented Oct 24, 2024

#11786 with all hashmaps turned to lru

@victorjulien
smb2: use if let for read/write parsing
4b3a444
@victorjulien
smb: update to GAP handling
b1da6d0 
Don't tag the session as gap'd when the GAP is in a precise location:

1. in "skip" data, where the GAP just fits the skip data

2. in file data, where we pass the GAP on to the file

This reduces load of GAP post-processing that is unnecessary in these
case.
@victorjulien
smb2: remove filename on close
95c3019 
Ticket: OISF#5672.
@victorjulien
smb1: remove name on close
4cdb24b 
Ticket: OISF#5672.
@victorjulien
smb: use lru for guid2name map
c3945bf 
Use `lru` crate.

Add `app-layer.protocols.smb.max-guid-cache-size` to control the max
size of the LRU cache.
@victorjulien
WIP ssn2vecoffset_map lru
f6855b8
@victorjulien
SQUASH
196789e
@victorjulien
WIP ssn2tree lru
b59ca81
@victorjulien
WIP smb: ssnguid2vec_map lru
bb220cd
@victorjulien
WIP smb: ssn2vec_map lru
b510f43
@victorjulien victorjulien mentioned this pull request Oct 24, 2024
Closed
5 tasks
@codecov
Copy link

codecov bot commented Oct 24, 2024
edited
Loading

Codecov Report

Attention: Patch coverage is 86.19529% with 41 lines in your changes missing coverage. Please review.

Project coverage is 83.25%. Comparing base (1860aa8) to head (b510f43).
Report is 17 commits behind head on master.

Additional details and impacted files 
@@           Coverage Diff           @@
##           master   #12028   +/-   ##
=======================================
  Coverage   83.24%   83.25%           
=======================================
  Files         910      910           
  Lines      258136   258165   +29     
=======================================
+ Hits       214895   214928   +33     
+ Misses      43241    43237    -4
Flag Coverage Δ
fuzzcorpus 61.54% <85.85%> (+0.04%) ⬆️
livemode 19.39% <3.36%> (+<0.01%) ⬆️
pcap 44.37% <71.38%> (-0.06%) ⬇️
suricata-verify 62.70% <73.73%> (-0.04%) ⬇️
unittests 59.28% <15.82%> (-0.01%) ⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

@suricata-qa
Copy link

suricata-qa commented Oct 24, 2024

Information: QA ran without warnings.

Pipeline 23175

victorjulien
victorjulien commented Oct 24, 2024
View reviewed changes
rust/src/smb/smb.rs
SCLogError!("Invalid max-dcerpc-frag-cache-size value");
}
}
let retval = conf_get("app-layer.protocols.smb.max-ssn2vec-cache-size");
Copy link
Member Author

@victorjulien victorjulien Oct 24, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this is a bit of a multi purpose store for mapping ssn id to various things, hard to come up with a good name

Copy link
Member

@jasonish jasonish Oct 24, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Also seems a bit of a low level tuneable. I wonder if such items should be left out of our default configuration file and well documented in an SMB chapter of the user guide.

Copy link
Member Author

@victorjulien victorjulien Oct 24, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

yeah probably, but still need a reasonable name :)

@victorjulien victorjulien mentioned this pull request Oct 25, 2024
Closed
@victorjulien
Copy link
Member Author

victorjulien commented Oct 25, 2024

replaced by #12036

@victorjulien victorjulien deleted the smb-hashmap/v6 branch January 15, 2025 08:01
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jasonish jasonish jasonish left review comments

Assignees

No one assigned

Labels

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@victorjulien @suricata-qa @jasonish