/* * Function: ftpp_ui_client_lookup_add(CLIENT_LOOKUP *ClientLookup, * char *ip, int len, * FTP_CLIENT_PROTO_CONF *ClientConf) * * Purpose: Add a client configuration to the list. * We add these keys like you would normally think to add * them, because on low endian machines the least significant * byte is compared first. This is what we want to compare * IPs backward, doesn't work on high endian machines, but oh * well. Our platform is Intel. * * Arguments: ClientLookup => a pointer to the lookup structure * IP => the ftp client address * len => Length of the address * ClientConf => a pointer to the client configuration structure * * Returns: int => return code indicating error or success * */ int ftpp_ui_client_lookup_add(CLIENT_LOOKUP *ClientLookup, unsigned long Ip, FTP_CLIENT_PROTO_CONF *ClientConf) { int iRet; if(!ClientLookup || !ClientConf) { return FTPP_INVALID_ARG; } if((iRet = KMapAdd(ClientLookup, (void *)&Ip, 4, (void *)ClientConf))) { /* * This means the key has already been added. */ if(iRet == 1) { return FTPP_NONFATAL_ERR; } else { return FTPP_MEM_ALLOC_FAIL; } } return FTPP_SUCCESS; }
/* * Function: ftp_bounce_lookup_add(BOUNCE_LOOKUP *BounceLookup, * char *ip, int len, * FTP_BOUNCE_TO *BounceTo) * * Purpose: Add a bounce configuration to the list. IP is stored * in dot notation order. When the lookup happens, we * compare up to len bytes of the address. * * Arguments: BounceLookup => a pointer to the lookup structure * IP => the ftp bounce address * BounceTo => a pointer to the bounce configuration structure * * Returns: int => return code indicating error or success * */ int ftp_bounce_lookup_add(BOUNCE_LOOKUP *BounceLookup, snort_ip_p Ip, FTP_BOUNCE_TO *BounceTo) { int iRet; if(!BounceLookup || !BounceTo) { return FTPP_INVALID_ARG; } iRet = KMapAdd(BounceLookup, (void*)IP_PTR(Ip), IP_SIZE(Ip), (void*)BounceTo); if (iRet) { /* * This means the key has already been added. */ if(iRet == 1) { return FTPP_NONFATAL_ERR; } else { return FTPP_MEM_ALLOC_FAIL; } } return FTPP_SUCCESS; }
/* * Function: ftp_cmd_lookup_add(CMD_LOOKUP *CmdLookup, * char *ip, int len, * FTP_CMD_CONF *FTPCmd) * * Purpose: Add a cmd configuration to the list. * We add these keys like you would normally think to add * them, because on low endian machines the least significant * byte is compared first. This is what we want to compare * IPs backward, doesn't work on high endian machines, but oh * well. Our platform is Intel. * * Arguments: CmdLookup => a pointer to the lookup structure * cmd => the ftp cmd * len => Length of the cmd * FTPCmd => a pointer to the cmd configuration structure * * Returns: int => return code indicating error or success * */ int ftp_cmd_lookup_add(CMD_LOOKUP *CmdLookup, char *cmd, int len, FTP_CMD_CONF *FTPCmd) { int iRet; if(!CmdLookup || !FTPCmd) { return FTPP_INVALID_ARG; } iRet = KMapAdd(CmdLookup, (void *)cmd, len, (void *)FTPCmd); if (iRet) { /* * This means the key has already been added. */ if(iRet == 1) { return FTPP_NONFATAL_ERR; } else { return FTPP_MEM_ALLOC_FAIL; } } return FTPP_SUCCESS; }
/* * Function: http_cmd_lookup_add(CMD_LOOKUP *CmdLookup, * char *ip, int len, * HTTP_CMD_CONF *HTTPCmd) * * Purpose: Add a cmd configuration to the list. * We add these keys like you would normally think to add * them, because on low endian machines the least significant * byte is compared first. This is what we want to compare * IPs backward, doesn't work on high endian machines, but oh * well. Our platform is Intel. * * Arguments: CmdLookup => a pointer to the lookup structure * cmd => the http cmd * len => Length of the cmd * HTTPCmd => a pointer to the cmd configuration structure * * Returns: int => return code indicating error or success * */ int http_cmd_lookup_add(CMD_LOOKUP *CmdLookup, char *cmd, int len, HTTP_CMD_CONF *HTTPCmd) { int iRet; if(!CmdLookup || !HTTPCmd) { return -1; } iRet = KMapAdd(CmdLookup, (void *)cmd, len, (void *)HTTPCmd); if (iRet) { /* * This means the key has already been added. */ if(iRet == 1) { return -1; } else { return -1; } } return 0; }
/** ** Add a server configuration to the list. ** ** We add these keys like you would normally think to add them, because ** on low endian machines the least significant byte is compared first. ** This is what we want to compare IPs backward, doesn't work on high ** endian machines, but oh well. Our platform is Intel. ** ** @param ServerLookup a pointer to the lookup structure ** @param Ip the IP address of the server (the key) ** @param ServerConf a pointer to the server configuration ** ** @return integer ** ** @retval HI_SUCCESS function successful ** @retval HI_INVALID_ARG invalid argument, most likely NULL pointer ** @retval HI_MEM_ALLOC_FAIL memory allocation failed ** @retval HI_NONFATAL_ERR key is already in table, don't overwrite ** configuration. */ int hi_ui_server_lookup_add(SERVER_LOOKUP *ServerLookup, unsigned long Ip, HTTPINSPECT_CONF *ServerConf) { int iRet; if(!ServerLookup || !ServerConf) { return HI_INVALID_ARG; } iRet = KMapAdd(ServerLookup, (void *)&Ip, 4, (void *)ServerConf); if (iRet) { /* ** This means the key has already been added. */ if(iRet == 1) { return HI_NONFATAL_ERR; } else { return HI_MEM_ALLOC_FAIL; } } return HI_SUCCESS; }
int main( int argc, char ** argv ) { int i,n=10; KMAP * km; char * p; char str[80]; printf("usage: kmap nkeys (default=10)\n\n"); km = KMapNew( free ); /* use 'free' to free 'userdata' */ KMapSetNoCase(km,1); //need to add xlat.... if( argc > 1 ) { n = atoi(argv[1]); } for(i=1;i<=n;i++) { SnortSnprintf(str, sizeof(str), "KeyWord%d",i); KMapAdd( km, str, 0 /* strlen(str) */, strupr(strdup(str)) ); printf("Adding Key=%s\n",str); } printf("xmem: %u bytes, %d chars\n",xmalloc_bytes(),km->nchars); printf("\nKey Find test...\n"); for(i=1;i<=n;i++) { SnortSnprintf(str, sizeof(str), "KeyWord%d",i); p = (char*) KMapFind( km, str, 0 /*strlen(str) */ ); if(p)printf("key=%s, data=%*s\n",str,strlen(str),p); else printf("'%s' NOT found.\n",str); } KMapSetNoCase(km,0); // this should fail all key searches printf("\nKey Find test2...\n"); for(i=1;i<=n;i++) { SnortSnprintf(str, sizeof(str), "KeyWord%d",i); p = (char*) KMapFind( km, str, 0 /*strlen(str) */ ); if(p)printf("key=%s, data=%*s\n",str,strlen(str),p); else printf("'%s' NOT found.\n",str); } printf("\nKey FindFirst/Next test...\n"); for(p = (char*) KMapFindFirst(km); p; p=(char*)KMapFindNext(km) ) printf("data=%s\n",p); printf("\nKey FindFirst/Next test done.\n"); KMapDelete( km ); printf("xmem: %u bytes\n",xmalloc_bytes()); printf("normal pgm finish.\n"); return 0; }