Closed bbannier closed 1 year ago
Mohan-Dhawan
commented
1 year ago I tried the patch to implement only one instance of the child analyzer via protocol_handle_get_or_create (so that I can maintain state information via %context) and it worked. Thanks!
Mohan-Dhawan
commented
1 year ago Is the protocol_handle_get_or_create tied to a connection context (it seems likely by looking at the code edits, so just confirming)? Further, if it is tied to the connection context, then why do we need protocol_handle_close? Will it not be automatically cleaned up once the connection context is no longer relevant? I tried replacing all instances of protocol_begin with protocol_handle_get_or_create (and commented out all protocol_end's with no protocol_handle_close) but the logs showed some missing fields that were earlier populated. I still have to dig deep but wanted to understand the semantics and how it differs from protocol_begin. Also, which of the three is the fastest - protocol_handle_get_or_create, protocol_begin with an argument, or protocol_begin without an argument (i.e., the DPD case)?
Closes #198.