Beispiel #1
0
/*
 * Function: ftpp_ui_client_lookup_add(CLIENT_LOOKUP *ClientLookup,
 *                                 char *ip, int len, 
 *                                 FTP_CLIENT_PROTO_CONF *ClientConf)
 * 
 * Purpose: Add a client configuration to the list.
 *          We add these keys like you would normally think to add
 *          them, because on low endian machines the least significant
 *          byte is compared first.  This is what we want to compare
 *          IPs backward, doesn't work on high endian machines, but oh
 *          well.  Our platform is Intel.
 *
 * Arguments: ClientLookup => a pointer to the lookup structure
 *            IP           => the ftp client address
 *            len          => Length of the address 
 *            ClientConf   => a pointer to the client configuration structure
 *
 * Returns: int => return code indicating error or success
 *
 */
int ftpp_ui_client_lookup_add(CLIENT_LOOKUP *ClientLookup, unsigned long Ip,
                            FTP_CLIENT_PROTO_CONF *ClientConf)
{
    int iRet;

    if(!ClientLookup || !ClientConf)
    {
        return FTPP_INVALID_ARG;
    }

    if((iRet = KMapAdd(ClientLookup, (void *)&Ip, 4, (void *)ClientConf)))
    {
        /*
         * This means the key has already been added.
         */
        if(iRet == 1)
        {
            return FTPP_NONFATAL_ERR;
        }
        else
        {
            return FTPP_MEM_ALLOC_FAIL;
        }
    }

    return FTPP_SUCCESS;
}
Beispiel #2
0
/*
 * Function: ftp_bounce_lookup_add(BOUNCE_LOOKUP *BounceLookup,
 *                                 char *ip, int len, 
 *                                 FTP_BOUNCE_TO *BounceTo)
 * 
 * Purpose: Add a bounce configuration to the list.  IP is stored
 *          in dot notation order.  When the lookup happens, we
 *          compare up to len bytes of the address.
 *
 * Arguments: BounceLookup => a pointer to the lookup structure
 *            IP           => the ftp bounce address 
 *            BounceTo     => a pointer to the bounce configuration structure
 *
 * Returns: int => return code indicating error or success
 *
 */
int ftp_bounce_lookup_add(BOUNCE_LOOKUP *BounceLookup, 
		snort_ip_p Ip, FTP_BOUNCE_TO *BounceTo)
{
    int iRet;

    if(!BounceLookup || !BounceTo)
    {
        return FTPP_INVALID_ARG;
    }

    iRet = KMapAdd(BounceLookup, (void*)IP_PTR(Ip), IP_SIZE(Ip), (void*)BounceTo);

    if (iRet)
    {
        /*
         * This means the key has already been added.
        */
        if(iRet == 1)
        {
            return FTPP_NONFATAL_ERR;
        }
        else
        {
            return FTPP_MEM_ALLOC_FAIL;
        }
    }

    return FTPP_SUCCESS;
}
Beispiel #3
0
/*
 * Function: ftp_cmd_lookup_add(CMD_LOOKUP *CmdLookup,
 *                                 char *ip, int len,
 *                                 FTP_CMD_CONF *FTPCmd)
 *
 * Purpose: Add a cmd configuration to the list.
 *          We add these keys like you would normally think to add
 *          them, because on low endian machines the least significant
 *          byte is compared first.  This is what we want to compare
 *          IPs backward, doesn't work on high endian machines, but oh
 *          well.  Our platform is Intel.
 *
 * Arguments: CmdLookup    => a pointer to the lookup structure
 *            cmd          => the ftp cmd
 *            len          => Length of the cmd
 *            FTPCmd       => a pointer to the cmd configuration structure
 *
 * Returns: int => return code indicating error or success
 *
 */
int ftp_cmd_lookup_add(CMD_LOOKUP *CmdLookup, char *cmd, int len,
                            FTP_CMD_CONF *FTPCmd)
{
    int iRet;

    if(!CmdLookup || !FTPCmd)
    {
        return FTPP_INVALID_ARG;
    }

    iRet = KMapAdd(CmdLookup, (void *)cmd, len, (void *)FTPCmd);
    if (iRet)
    {
        /*
         * This means the key has already been added.
         */
        if(iRet == 1)
        {
            return FTPP_NONFATAL_ERR;
        }
        else
        {
            return FTPP_MEM_ALLOC_FAIL;
        }
    }

    return FTPP_SUCCESS;
}
Beispiel #4
0
/*
 * Function: http_cmd_lookup_add(CMD_LOOKUP *CmdLookup,
 *                                 char *ip, int len,
 *                                 HTTP_CMD_CONF *HTTPCmd)
 *
 * Purpose: Add a cmd configuration to the list.
 *          We add these keys like you would normally think to add
 *          them, because on low endian machines the least significant
 *          byte is compared first.  This is what we want to compare
 *          IPs backward, doesn't work on high endian machines, but oh
 *          well.  Our platform is Intel.
 *
 * Arguments: CmdLookup    => a pointer to the lookup structure
 *            cmd          => the http cmd
 *            len          => Length of the cmd
 *            HTTPCmd       => a pointer to the cmd configuration structure
 *
 * Returns: int => return code indicating error or success
 *
 */
int http_cmd_lookup_add(CMD_LOOKUP *CmdLookup, char *cmd, int len,
                            HTTP_CMD_CONF *HTTPCmd)
{
    int iRet;

    if(!CmdLookup || !HTTPCmd)
    {
        return -1;
    }

    iRet = KMapAdd(CmdLookup, (void *)cmd, len, (void *)HTTPCmd);
    if (iRet)
    {
        /*
         * This means the key has already been added.
         */
        if(iRet == 1)
        {
            return -1;
        }
        else
        {
            return -1;
        }
    }

    return 0;
}
/**
**  Add a server configuration to the list.
**
**  We add these keys like you would normally think to add them, because
**  on low endian machines the least significant byte is compared first.
**  This is what we want to compare IPs backward, doesn't work on high
**  endian machines, but oh well.  Our platform is Intel.
**
**  @param ServerLookup a pointer to the lookup structure
**  @param Ip           the IP address of the server (the key)
**  @param ServerConf   a pointer to the server configuration
**
**  @return integer
**
**  @retval HI_SUCCESS        function successful
**  @retval HI_INVALID_ARG    invalid argument, most likely NULL pointer 
**  @retval HI_MEM_ALLOC_FAIL memory allocation failed 
**  @retval HI_NONFATAL_ERR   key is already in table, don't overwrite
**                            configuration.
*/
int hi_ui_server_lookup_add(SERVER_LOOKUP *ServerLookup, unsigned long Ip,
                            HTTPINSPECT_CONF *ServerConf)
{
    int iRet;

    if(!ServerLookup || !ServerConf)
    {
        return HI_INVALID_ARG;
    }

    iRet = KMapAdd(ServerLookup, (void *)&Ip, 4, (void *)ServerConf);
    if (iRet)
    {
        /*
        **  This means the key has already been added.
        */
        if(iRet == 1)
        {
            return HI_NONFATAL_ERR;
        }
        else
        {
            return HI_MEM_ALLOC_FAIL;
        }
    }

    return HI_SUCCESS;
}
Beispiel #6
0
int main( int argc, char ** argv )
{
    int    i,n=10;
    KMAP * km;
    char * p;
    char   str[80];

    printf("usage: kmap nkeys (default=10)\n\n");

    km = KMapNew( free );  /* use 'free' to free 'userdata' */

    KMapSetNoCase(km,1);  //need to add xlat....

    if( argc > 1 )
    {
        n = atoi(argv[1]);
    }

    for(i=1;i<=n;i++)
    {
        SnortSnprintf(str, sizeof(str), "KeyWord%d",i);
        KMapAdd( km, str, 0 /* strlen(str) */, strupr(strdup(str)) );
        printf("Adding Key=%s\n",str);
    }
    printf("xmem: %u bytes, %d chars\n",xmalloc_bytes(),km->nchars);

    printf("\nKey Find test...\n");
    for(i=1;i<=n;i++)
    {
        SnortSnprintf(str, sizeof(str), "KeyWord%d",i);
        p = (char*) KMapFind( km, str,  0 /*strlen(str) */ );
        if(p)printf("key=%s, data=%*s\n",str,strlen(str),p);
        else printf("'%s' NOT found.\n",str);
    }

    KMapSetNoCase(km,0);  // this should fail all key searches
    printf("\nKey Find test2...\n");
    for(i=1;i<=n;i++)
    {
        SnortSnprintf(str, sizeof(str), "KeyWord%d",i);
        p = (char*) KMapFind( km, str,  0 /*strlen(str) */ );
        if(p)printf("key=%s, data=%*s\n",str,strlen(str),p);
        else printf("'%s' NOT found.\n",str);
    }

    printf("\nKey FindFirst/Next test...\n");
    for(p = (char*) KMapFindFirst(km); p; p=(char*)KMapFindNext(km) )
        printf("data=%s\n",p);

    printf("\nKey FindFirst/Next test done.\n");

    KMapDelete( km );

    printf("xmem: %u bytes\n",xmalloc_bytes());

    printf("normal pgm finish.\n");

    return 0;
}