Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

output: Add linktype name #11994

Closed
wants to merge 3 commits into from
Closed

output: Add linktype name #11994

wants to merge 3 commits into from

Conversation

jlucovsky
Copy link
Contributor

Continuation of #11670

Issue: 6954

This commit adds the linktype name to the output stream. The name is determined from a Rust linktype-to-name function.

Link to ticket: https://redmine.openinfosecfoundation.org/issues/6954

Describe changes:

  • Include the linktype name alongside linktype
  • Update the schema with linktype_name

Updates:

  • Custom linktype to name function in Rust.

Provide values to any of the below to override the defaults.

SV_BRANCH=OISF/suricata-verify#2023

Copy link

codecov bot commented Oct 19, 2024

Codecov Report

Attention: Patch coverage is 87.87879% with 8 lines in your changes missing coverage. Please review.

Project coverage is 83.23%. Comparing base (55b922c) to head (29d5eea).
Report is 79 commits behind head on master.

Additional details and impacted files
@@            Coverage Diff             @@
##           master   #11994      +/-   ##
==========================================
+ Coverage   82.75%   83.23%   +0.48%     
==========================================
  Files         910      912       +2     
  Lines      249016   258234    +9218     
==========================================
+ Hits       206069   214945    +8876     
- Misses      42947    43289     +342     
Flag Coverage Δ
fuzzcorpus 61.40% <77.27%> (+0.58%) ⬆️
livemode 19.41% <72.72%> (+0.70%) ⬆️
pcap 44.54% <71.21%> (+0.42%) ⬆️
suricata-verify 62.76% <86.36%> (+0.47%) ⬆️
unittests 59.29% <62.12%> (+0.28%) ⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

---- 🚨 Try these New Features:

Issue: 6954

Add Rust based logic that maintains a hash map of link type values and
their associated output names.
Use the hasmap to gather linktype display names.

Issue: 6954
Issue: 6954

This commit adds the linktype name to the output stream. The name is
determined from the pcap utility function pcap_datalink_val_to_name
@suricata-qa
Copy link

Information: QA ran without warnings.

Pipeline 23138

@suricata-qa
Copy link

Information: QA ran without warnings.

Pipeline 23139

@victorjulien
Copy link
Member

Passed my QA. Ran this PR with SV PR OISF/suricata-verify#2023. Local pipeline 5099, run 613.

@jlucovsky jlucovsky marked this pull request as ready for review October 25, 2024 12:59
@jlucovsky jlucovsky requested review from jasonish, victorjulien and a team as code owners October 25, 2024 12:59
@catenacyber
Copy link
Contributor

This looks ok to me, but you are aware that a DLT_RAW created on openBSD and read elsewhere will not show as such, right ?

@jlucovsky
Copy link
Contributor Author

Continued in #12142

@jlucovsky jlucovsky closed this Nov 22, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Development

Successfully merging this pull request may close these issues.

4 participants