nfsv2: implement and improve WRITE procedure support #14251
Conversation
of WRITE requests and responses. This enhances NFSv2 protocol coverage and prepares for further testing and validation. Fixes: OISF#4946
kaddujames501-ship-it
force-pushed
the
NFS22
branch
from
c7b133c to
42856ad
Compare
|
NOTE: This PR may contain new authors. |
Codecov Report❌ Patch coverage is Additional details and impacted files@@ Coverage Diff @@
## main #14251 +/- ##
==========================================
- Coverage 84.14% 84.14% -0.01%
==========================================
Files 1013 1013
Lines 262313 262539 +226
==========================================
+ Hits 220733 220910 +177
- Misses 41580 41629 +49
Flags with carried forward coverage won't be shown. Click here to find out more. 🚀 New features to boost your workflow:
|
| * 02110-1301, USA. | ||
| */ | ||
|
|
||
| /* RFC 1094, section '2.2 Server Procedures' */ |
There was a problem hiding this comment.
I think you should reuse #14178 commit and build on top of it
| match ctx { | ||
| DetectNfsProcedureData::VersionLiteral(ver) => { | ||
| if nfs_version < 4 { | ||
| if nfs_version == 2 { |
There was a problem hiding this comment.
Can he have nfs version 1 ?
| if state.nfs_version == 2 && tx.procedure == NFSPROC2_GETATTR { | ||
| return 1; | ||
| } | ||
| if state.nfs_version == 3 && tx.procedure == NFSPROC3_GETATTR { |
There was a problem hiding this comment.
What about NFSPROC4_GETATTR ?
| tx.is_file_closed = true; | ||
| sc_app_layer_parser_trigger_raw_stream_inspection(flow, Direction::ToClient as i32); | ||
| sc_app_layer_parser_trigger_raw_stream_inspection( | ||
| flow, |
There was a problem hiding this comment.
rustfmt should be its own commit
catenacyber
left a comment
catenacyber
left a comment
There was a problem hiding this comment.
I think commit history needs a bit of rework to split things
jufajardini
left a comment
jufajardini
left a comment
There was a problem hiding this comment.
On top of observing Philippe's comments, please ensure that you're following our commit guidelines, with your next iteration :)
https://docs.suricata.io/en/suricata-8.0.1/devguide/contributing/code-submission-process.html#commits
|
Hi there, considering this was a work started during the contribution phase, and that there are a few comments here unanswered for more than a week, I am closing this PR as stale. Thanks for your time and interest in contributing to our project! |
|
I wonder if we should take it over as this is an interesting work beginning... |
4 participants
Issue #4946
Make sure these boxes are checked accordingly before submitting your Pull Request -- thank you.
Contribution style:
https://docs.suricata.io/en/latest/devguide/contributing/contribution-process.html
Our Contribution agreements:
https://suricata.io/about/contribution-agreement/ (note: this is only required once)
Changes (if applicable):
https://redmine.openinfosecfoundation.org/projects/suricata/issues
Link to ticket: https://redmine.openinfosecfoundation.org/issues/4946
Describe changes:
This enables full NFSv2 WRITE support for file extraction and detection.
Provide values to any of the below to override the defaults.
link to the pull request in the respective
_BRANCHvariable.SV_REPO=
SV_BRANCH=OISF/suricata-verify#2736
SU_REPO=
SU_BRANCH=
James Kaddu: [email protected]