suricata
suricata copied to clipboard
OISF
decode/vlan: Extend VLAN encapsulation support to 3 levels.
This is a draft PR; Git hygiene to applied to separate commits properly.
This PR extends Suricata's support for VLANs from 2 to 3 levels. There is no standard for 3 levels of VLANs but 3 levels are not uncommon in some environments.
Describe changes:
- Increase VLAN level support to 3 levels
- List all VLAN levels in output.
- Add "Q-in-Q-in-Q" unittest.
suricata-verify-pr: 902 #suricata-verify-repo: #suricata-verify-branch: #suricata-update-pr: #suricata-update-repo: #suricata-update-branch: #libhtp-pr: #libhtp-repo: #libhtp-branch:
Codecov Report
Merging #7700 (f159d32) into master (f3d3274) will increase coverage by
0.10%. The diff coverage is89.65%.
@@ Coverage Diff @@
## master #7700 +/- ##
==========================================
+ Coverage 75.88% 75.98% +0.10%
==========================================
Files 659 659
Lines 185668 185691 +23
==========================================
+ Hits 140893 141099 +206
+ Misses 44775 44592 -183
| Flag | Coverage Δ | |
|---|---|---|
| fuzzcorpus | 60.67% <82.92%> (+0.07%) |
:arrow_up: |
| suricata-verify | 52.56% <80.48%> (-0.03%) |
:arrow_down: |
| unittests | 60.72% <47.36%> (+0.01%) |
:arrow_up: |
Flags with carried forward coverage won't be shown. Click here to find out more.
![codecov[bot] avatar](https://avatars.githubusercontent.com/in/254?v=4 "Published by a pub.dev verified publisher"){kind=small}
WARNING:
| field | test | baseline | % |
|---|---|---|---|
| generic_stats_chk | |||
| .capture.kernel_drops | 5359243 | 5654519 | 94.78% |
| .flow.end.tcp_state.syn_sent | 233 | 183 | 127.32% |
| .flow.end.tcp_state.syn_recv | 63 | 52 | 121.15% |
| .tcp.segment_memcap_drop | 29257 | 11729 | 249.44% |
| .tcp.insert_data_normal_fail | 28863 | 11358 | 254.12% |
| .app_layer.error.http.parser | 39 | 55 | 70.91% |
| .app_layer.error.smtp.gap | 81 | 61 | 132.79% |
Pipeline 8733 WARNING: THERE IS A KNOWN BAD BASELINE WITH PACKET DROPS. bE MINDFUL OF ANY RESULTS.
