Skip to content

Commit

Permalink
ldap: add port 3268 (used by Active Directory)
Browse files Browse the repository at this point in the history
  • Loading branch information
@chifflier @victorjulien
chifflier authored and victorjulien committed Nov 26, 2024
1 parent c26cb9a commit 3341907
Show file tree
Hide file tree
Showing 2 changed files with 4 additions and 4 deletions.
4 changes: 2 additions & 2 deletions rust/src/ldap/ldap.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -617,7 +617,7 @@ const PARSER_NAME: &[u8] = b"ldap\0";

#[no_mangle]
pub unsafe extern "C" fn SCRegisterLdapTcpParser() {
let default_port = CString::new("389").unwrap();
let default_port = CString::new("[389, 3268]").unwrap();
let parser = RustParser {
name: PARSER_NAME.as_ptr() as *const c_char,
default_port: default_port.as_ptr(),
Expand Down Expand Up @@ -674,7 +674,7 @@ pub unsafe extern "C" fn SCRegisterLdapTcpParser() {

#[no_mangle]
pub unsafe extern "C" fn SCRegisterLdapUdpParser() {
let default_port = CString::new("389").unwrap();
let default_port = CString::new("[389, 3268]").unwrap();
let parser = RustParser {
name: PARSER_NAME.as_ptr() as *const c_char,
default_port: default_port.as_ptr(),
Expand Down
4 changes: 2 additions & 2 deletions suricata.yaml.in
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1188,11 +1188,11 @@ app-layer:
tcp:
enabled: yes
detection-ports:
dp: 389
dp: 389, 3268
udp:
enabled: yes
detection-ports:
dp: 389
dp: 389, 3268
# Maximum number of live LDAP transactions per flow
# max-tx: 1024

Expand Down

0 comments on commit 3341907

Please sign in to comment.