Project

General

Profile

Actions

Feature #2673

open

Split out DNS parser to be reusable

Added by Ed Page almost 3 years ago. Updated over 1 year ago.

Status:
New
Priority:
Normal
Target version:
Effort:
Difficulty:
Label:

Description

Suricata has a built-in DHCP parser written in Rust, https://github.com/OISF/suricata/tree/master/rust/src/dns

Splitting this out into a dedicated crate can allow leverage/collaboration between Suricata and other projects.

Actions #1

Updated by Ed Page almost 3 years ago

Looks like there are a couple of existing DNS parsers that I've not evaluated

Actions #2

Updated by Andreas Herz over 2 years ago

  • Assignee set to Community Ticket
  • Target version set to TBD
Actions #3

Updated by Jason Ish over 1 year ago

I'm not sure I would want to break out the DNS parser into its own repo, as that as extra overhead to the development process. But something possibly worth considering is breaking out some stuff, within the repo to their own crates. A while back I did this with the DHCP parser. It breaks out just the parsing, as the other parts of the DHCP module are pretty Suricata specific. The commit is now stale, but it still gets the idea across:

https://github.com/OISF/suricata/pull/4129/commits/fda42f73257e8a9f2703a2db24d5894731ece19f

API stability also needs to be considered, as now we are free to refactor as needed. Publishing it as a reusable component may imply some level of stability, and we don't exactly follow semver. However, Cargo does make it easy to specify specific versions.

Actions

Also available in: Atom PDF