Optimization #2780
open
- Related to Task #2778: tracking: port app-layer parsers to Rust added
- Target version changed from 5.0beta1 to TBD
- Tracker changed from Bug to Optimization
- Assignee set to Community Ticket
We are working on a rust parser for DNP3 so I wouldn't mind taking on this ticket.
The move/implementation would be similar to modbus (https://github.com/OISF/suricata/pull/5810) once that code review is finalized.
Implementation Steps
- Move app-layer parser for DNP3 from C to Rust, leaving C tests as much as possible.
- Move detection module for DNP3 from C to Rust, leaving C tests as much as possible.
- Move tests from C to rust.
Out of Scope
Should we move eve json logging for DNP3 to rust or is this out of scope?
Once the transaction objects are Rust, I think its only natural to have the logging in Rust as well, otherwise there will be a lot of getter's or unecessary restrictions keeping the structs C compatible. The C code uses the same input to generate the loggers as it does the parser.
Have you taked a look at https://github.com/rust-bakery/nom-derive? I thought something like that, or inspired by it might help with a migration of DNP3 to Rust.
Haven't heard of `nom-derive`. Thank you for the info.
Also available in: Atom
PDF