aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

smb: suppress notice messages

Browse Source
pull/3291/head
Victor Julien 8 years ago
parent 576b8ef722
commit ea1e13cb00
9 changed files with 18 additions and 18 deletions
Show Stats Download Patch File Download Diff File

4
rust/src/smb/auth.rs
Unescape Escape View File

@ -173,10 +173,10 @@ fn parse_secblob_spnego(blob: &[u8]) -> Option<SpnegoRequest>
"1.2.840.113554.1.2.2.3" => { SCLogDebug!("krb5-user-to-user-mech"); },
"1.3.6.1.4.1.311.2.2.10" => { SCLogDebug!("NTLMSSP"); have_ntlmssp = true; },
"1.3.6.1.4.1.311.2.2.30" => { SCLogDebug!("NegoEx"); },
_ => { SCLogNotice!("unexpected OID {:?}", oid); },
_ => { SCLogDebug!("unexpected OID {:?}", oid); },
}
},
_ => { SCLogNotice!("expected OID, got {:?}", se); },
_ => { SCLogDebug!("expected OID, got {:?}", se); },
}
}
},

6
rust/src/smb/dcerpc.rs
Unescape Escape View File

@ -415,7 +415,7 @@ fn smb_read_dcerpc_record_error(state: &mut SMBState,
true
},
None => {
SCLogNotice!("NOT found");
SCLogDebug!("NOT found");
false
},
};
@ -453,7 +453,7 @@ pub fn smb_read_dcerpc_record<'b>(state: &mut SMBState,
let mut malformed = false;
if data.len() == 0 {
SCLogNotice!("weird: no DCERPC data"); // TODO
SCLogDebug!("weird: no DCERPC data"); // TODO
// TODO set event?
return false;
@ -499,7 +499,7 @@ pub fn smb_read_dcerpc_record<'b>(state: &mut SMBState,
let tx = match state.get_dcerpc_tx(&hdr, &vercmd, dcer.call_id) {
Some(tx) => tx,
None => {
SCLogNotice!("no tx");
SCLogDebug!("no tx");
return false; },
};

2
rust/src/smb/detect.rs
Unescape Escape View File

@ -117,7 +117,7 @@ pub extern "C" fn rs_smb_tx_get_dce_opnum(tx: &mut SMBTransaction,
opnum: *mut libc::uint16_t)
-> libc::uint8_t
{
SCLogNotice!("rs_smb_tx_get_dce_opnum: start");
SCLogDebug!("rs_smb_tx_get_dce_opnum: start");
match tx.type_data {
Some(SMBTransactionTypeData::DCERPC(ref x)) => {
if x.req_cmd == 1 { // REQUEST

2
rust/src/smb/files.rs
Unescape Escape View File

@ -209,7 +209,7 @@ impl SMBState {
}
},
None => {
SCLogNotice!("not found for handle {:?}", file_handle);
SCLogDebug!("not found for handle {:?}", file_handle);
0 },
};

6
rust/src/smb/smb.rs
Unescape Escape View File

@ -392,7 +392,7 @@ impl SMBState {
tx.request_done = true;
tx.response_done = self.tc_trunc; // no response expected if tc is truncated
SCLogNotice!("SMB: TX RENAME created: ID {}", tx.id);
SCLogDebug!("SMB: TX RENAME created: ID {}", tx.id);
self.transactions.push(tx);
let tx_ref = self.transactions.last_mut();
return tx_ref.unwrap();
@ -1053,7 +1053,7 @@ impl SMBState {
Ok("samr") => ("samr", true),
Err(_) => ("MALFORMED", false),
Ok(&_) => {
SCLogNotice!("don't know {}", String::from_utf8_lossy(&n));
SCLogDebug!("don't know {}", String::from_utf8_lossy(&n));
("UNKNOWN", false)
},
}
@ -1082,7 +1082,7 @@ impl SMBState {
None => (false, 0),
};
if last_done && id > 0 {
SCLogNotice!("check_gap_resync2: TX {} is done post-GAP, mark all older ones complete", id);
SCLogDebug!("check_gap_resync2: TX {} is done post-GAP, mark all older ones complete", id);
self.ts_ssn_gap = false;
self.tc_ssn_gap = false;
self.close_non_file_txs(prior_max_id);

4
rust/src/smb/smb1.rs
Unescape Escape View File

@ -693,7 +693,7 @@ pub fn get_service_for_nameslice(nameslice: &[u8]) -> (&'static str, bool)
Ok("\\PIPE\\") => ("PIPE", true), // TODO not sure if this is true
Err(_) => ("MALFORMED", false),
Ok(&_) => {
SCLogNotice!("don't know \"{}\"", String::from_utf8_lossy(&name));
SCLogDebug!("don't know \"{}\"", String::from_utf8_lossy(&name));
("UNKNOWN", false)
},
}
@ -885,7 +885,7 @@ pub fn smb1_read_response_record<'b>(state: &mut SMBState, r: &SmbRecord<'b>)
let (offset, file_fid) = match state.ssn2vecoffset_map.remove(&fid_key) {
Some(o) => (o.offset, o.guid),
None => {
SCLogNotice!("SMBv1 READ response: reply to unknown request: left {} {:?}",
SCLogDebug!("SMBv1 READ response: reply to unknown request: left {} {:?}",
rd.len - rd.data.len() as u32, rd);
state.skip_tc = rd.len - rd.data.len() as u32;
return;

8
rust/src/smb/smb2.rs
Unescape Escape View File

@ -333,7 +333,7 @@ pub fn smb2_request_record<'b>(state: &mut SMBState, r: &Smb2Record<'b>)
let found = match state.get_negotiate_tx(2) {
Some(_) => {
SCLogNotice!("WEIRD, should not have NEGOTIATE tx!");
SCLogDebug!("WEIRD, should not have NEGOTIATE tx!");
true
},
None => { false },
@ -536,7 +536,7 @@ pub fn smb2_response_record<'b>(state: &mut SMBState, r: &Smb2Record<'b>)
let file_guid = match state.ssn2vecoffset_map.remove(&guid_key) {
Some(o) => o.guid,
_ => {
SCLogNotice!("SMBv2 READ response: reply to unknown request");
SCLogDebug!("SMBv2 READ response: reply to unknown request");
Vec::new()
},
};
@ -558,7 +558,7 @@ pub fn smb2_response_record<'b>(state: &mut SMBState, r: &Smb2Record<'b>)
}
false
} else {
SCLogNotice!("SMBv2 READ: status {}", &smb_ntstatus_string(r.nt_status));
SCLogDebug!("SMBv2 READ: status {}", &smb_ntstatus_string(r.nt_status));
false
}
},
@ -721,7 +721,7 @@ pub fn smb2_response_record<'b>(state: &mut SMBState, r: &Smb2Record<'b>)
true
},
_ => {
SCLogNotice!("no tx found for {:?}", r);
SCLogDebug!("no tx found for {:?}", r);
false
},
};

2
rust/src/smb/smb2_ioctl.rs
Unescape Escape View File

@ -101,7 +101,7 @@ pub fn smb2_ioctl_response_record<'b>(state: &mut SMBState, r: &Smb2Record<'b>)
let hdr = SMBCommonHdr::new(SMBHDR_TYPE_HEADER,
r.session_id, 0, r.message_id);
let vercmd = SMBVerCmdStat::new2_with_ntstatus(SMB2_COMMAND_IOCTL, r.nt_status);
SCLogNotice!("TODO passing empty GUID");
SCLogDebug!("TODO passing empty GUID");
smb_read_dcerpc_record(state, vercmd, hdr, &[],rd.data);
} else {
let tx_key = SMBCommonHdr::new(SMBHDR_TYPE_HEADER,

2
rust/src/smb/smb2_session.rs
Unescape Escape View File

@ -76,7 +76,7 @@ pub fn smb2_session_setup_response(state: &mut SMBState, r: &Smb2Record)
SCLogDebug!("smb2_session_setup_response: tx {:?}", tx);
},
None => {
SCLogNotice!("smb2_session_setup_response: tx not found for {:?}", r);
SCLogDebug!("smb2_session_setup_response: tx not found for {:?}", r);
},
}
}

Write Preview
Loading…
Cancel
Save