dns: add dns.rcode keyword v2

[hadiqaalamdar]

Feature #6621

• I have read the contributing guide lines at https://docs.suricata.io/en/latest/devguide/codebase/contributing/contribution-process.html
• I have signed the Open Information Security Foundation contribution agreement at https://suricata.io/about/contribution-agreement/
• I have updated the user guide (in doc/userguide/) to reflect the changes made (if applicable)

Link to redmine ticket: https://redmine.openinfosecfoundation.org/issues/6621

Previous PR: #10087

Describe changes:

• added the dns.rcode field
• made the suggested changes from previous PR
• successfully ran the cargo clippy --all-features command as recommended.

SV_BRANCH=OISF/suricata-verify#1567

[inashivb]

Good work, Hadiqa!
Are you able to see s-v failures locally too?

[hadiqaalamdar]

Good work, Hadiqa! Are you able to see s-v failures locally too?

yes, so the SV tests for rcode seem to all be failing.

[inashivb]

yes, so the SV tests for rcode seem to all be failing.

I see. Do you need help with that? Could you please share if you have an idea why it might be happening?

[jufajardini]

As Shivani has indicated, could you go over the CI failures and share with us if you have an idea of why are the tests failing?

I've also left a review on the SV PR that may add insights on this.

For this PR, for now, just some nit comments inline.

[jufajardini]

Nit: once the code-related changes are done, we'll need to populate the documentation section mentioned in this line ;)

[jufajardini]

Nit: year 2024

[jufajardini]

Nit year 2024, now :P

[hadiqaalamdar]

As Shivani has indicated, could you go over the CI failures and share with us if you have an idea of why are the tests failing?

I've also left a review on the SV PR that may add insights on this.

For this PR, for now, just some nit comments inline.

I don't really know why the failures are happening. I didn't see any errors when I ran the code locally. I'll create a new PR and see if the continue to happen.

[jufajardini]

As Shivani has indicated, could you go over the CI failures and share with us if you have an idea of why are the tests failing?
I've also left a review on the SV PR that may add insights on this.
For this PR, for now, just some nit comments inline.

I don't really know why the failures are happening. I didn't see any errors when I ran the code locally. I'll create a new PR and see if the continue to happen.

Can you run the suricata verify tests locally and see what is the output in the eve.json logs? If the checks are failing, comparing what is on the checks with what the logs actually looks like is one of the first things I do, if there are no errors, to debug a failing test.

[hadiqaalamdar]

New PR: #10126