From d3468d88b049857a9aa15c55abe73bb8cd18298f Mon Sep 17 00:00:00 2001
From: Anoop Saldanha <poonaatsoc@gmail.com>
Date: Sun, 27 Nov 2011 14:30:25 +0530
Subject: [PATCH] app layer udp cleanup + update dcerpc udp todo

---
 src/app-layer-dcerpc-udp.c |  4 ++++
 src/app-layer.c            | 11 ++---------
 2 files changed, 6 insertions(+), 9 deletions(-)

diff --git a/src/app-layer-dcerpc-udp.c b/src/app-layer-dcerpc-udp.c
index 25585ba2dd..889f9cc002 100644
--- a/src/app-layer-dcerpc-udp.c
+++ b/src/app-layer-dcerpc-udp.c
@@ -2,7 +2,11 @@
  * Copyright (c) 2009, 2010 Open Information Security Foundation
  *
  * \author Kirby Kuehl <kkuehl@gmail.com>
+ *
+ * \todo Updated by AS: Inspect the possibilities of sending junk start at the
+ *       start of udp session to avoid alproto detection.
  */
+
 #include "suricata-common.h"
 #include "suricata.h"
 
diff --git a/src/app-layer.c b/src/app-layer.c
index 768ce032e3..dfec655e3c 100644
--- a/src/app-layer.c
+++ b/src/app-layer.c
@@ -307,10 +307,6 @@ int AppLayerHandleUdp(AlpProtoDetectThreadCtx *dp_ctx, Flow *f, Packet *p)
         SCLogDebug("Detecting AL proto on udp mesg (len %" PRIu32 ")",
                     p->payload_len);
 
-        //printf("=> Init Stream Data -- start\n");
-        //PrintRawDataFp(stdout, smsg->init.data, smsg->init.data_len);
-        //printf("=> Init Stream Data -- end\n");
-
         f->alproto = AppLayerDetectGetProto(&alp_proto_ctx, dp_ctx, f,
                         p->payload, p->payload_len, flags, IPPROTO_UDP);
         if (f->alproto != ALPROTO_UNKNOWN) {
@@ -326,17 +322,14 @@ int AppLayerHandleUdp(AlpProtoDetectThreadCtx *dp_ctx, Flow *f, Packet *p)
         SCLogDebug("stream data (len %" PRIu32 " ), alproto "
                   "%"PRIu16" (flow %p)", p->payload_len, f->alproto, f);
 
-        //printf("=> Stream Data -- start\n");
-        //PrintRawDataFp(stdout, smsg->data.data, smsg->data.data_len);
-        //printf("=> Stream Data -- end\n");
-
         /* if we don't have a data object here we are not getting it
          * a start msg should have gotten us one */
         if (f->alproto != ALPROTO_UNKNOWN) {
             r = AppLayerParse(f, f->alproto, flags,
                         p->payload, p->payload_len);
         } else {
-            SCLogDebug(" udp session not start, but no l7 data? Weird");
+            SCLogDebug("udp session has started, but failed to detect alproto "
+                       "for l7");
         }
     }