Feature #2673
openSplit out DNS parser to be reusable
Description
Suricata has a built-in DHCP parser written in Rust, https://github.com/OISF/suricata/tree/master/rust/src/dns
Splitting this out into a dedicated crate can allow leverage/collaboration between Suricata and other projects.
Updated by Ed Page almost 6 years ago
Looks like there are a couple of existing DNS parsers that I've not evaluated
Updated by Andreas Herz over 5 years ago
- Assignee set to Community Ticket
- Target version set to TBD
Updated by Jason Ish over 4 years ago
I'm not sure I would want to break out the DNS parser into its own repo, as that as extra overhead to the development process. But something possibly worth considering is breaking out some stuff, within the repo to their own crates. A while back I did this with the DHCP parser. It breaks out just the parsing, as the other parts of the DHCP module are pretty Suricata specific. The commit is now stale, but it still gets the idea across:
https://github.com/OISF/suricata/pull/4129/commits/fda42f73257e8a9f2703a2db24d5894731ece19f
API stability also needs to be considered, as now we are free to refactor as needed. Publishing it as a reusable component may imply some level of stability, and we don't exactly follow semver. However, Cargo does make it easy to specify specific versions.