C++ (Cpp) acsmSearch Beispiele

Beispiel #1

0

Datei anzeigen

Datei: main_orig.c Projekt: lc2705/speculation

void* SearchThread(void* args)
{
	unsigned int rank = (unsigned int)args;
	int iline = 0,state;
    unsigned int index,index_end,len,vlen;
    unsigned char active; // used by validation stage

	while(iline < line - 1)
	{	
		state = 0;
        active = 1;
		vlen = 0;
		len = strlen(text[iline]) - 1;
		index = len/thread_num * rank;
		if(rank != thread_num - 1)
			index_end = index + len/thread_num;
		else
			index_end = len;
		for( ;index < index_end; index++)
	    {   
	        acsmSearch(acsm,&text[iline][index],&state,rank,PrintMatch);
	        history[index] = state;
	        vlen++;
	    }
        
        pthread_barrier_wait(&barrier_validation);
		
        if(rank != thread_num-1 )
	 	{
	        vlen = 0;
	 		while(active)
	 		{
				acsmSearch(acsm,&text[iline][index],&state,rank,PrintMatch); 
	 			if(history[index] == state || index == len - 1)
	 				active = 0;
				else
				{
					history[index] = state;
					index++;
	                vlen++;
				}		
			}
	 	}
		valid_len_array[rank] += vlen;	
		pthread_barrier_wait(&barrier_thread);
        iline++;
	}   
}

Beispiel #2

0

Datei anzeigen

Datei: acsmx.c Projekt: shengxinking/xxx

  int
main (int argc, char **argv) 
{
  int i, nocase = 0;
  ACSM_STRUCT * acsm;
  if (argc < 3)
    
    {
      fprintf (stderr,
        "Usage: acsmx pattern word-1 word-2 ... word-n  -nocase\n");
      exit (0);
    }
  acsm = acsmNew ();
  strcpy (text, argv[1]);
  for (i = 1; i < argc; i++)
    if (strcmp (argv[i], "-nocase") == 0)
      nocase = 1;
  for (i = 2; i < argc; i++)
    
    {
      if (argv[i][0] == '-')
    continue;
      acsmAddPattern (acsm, argv[i], strlen (argv[i]), nocase, 0, 0,
            argv[i], i - 2);
    }
  acsmCompile (acsm);
  acsmSearch (acsm, text, strlen (text), MatchFound, (void *) 0);
  acsmFree (acsm);
  printf ("normal pgm end\n");
  return (0);
}

Beispiel #3

0

Datei anzeigen

Datei: mpse.c Projekt: eqmcc/snort

int mpseSearch( void *pvoid, const unsigned char * T, int n,
                int ( *action )(void* id, void * tree, int index, void *data, void *neg_list),
                void * data, int* current_state )
{
  MPSE * p = (MPSE*)pvoid;
  int ret;
  PROFILE_VARS;

  PREPROC_PROFILE_START(mpsePerfStats);

  p->bcnt += n;

  if(p->inc_global_counter)
    s_bcnt += n;

  switch( p->method )
   {
     case MPSE_AC_BNFA:
     case MPSE_AC_BNFA_Q:
      /* return is actually the state */
      ret = bnfaSearch((bnfa_struct_t*) p->obj, (unsigned char *)T, n,
                       action, data, 0 /* start-state */, current_state );
      PREPROC_PROFILE_END(mpsePerfStats);
      return ret;

     case MPSE_AC:
      ret = acsmSearch( (ACSM_STRUCT*) p->obj, (unsigned char *)T, n, action, data, current_state );
      PREPROC_PROFILE_END(mpsePerfStats);
      return ret;

     case MPSE_ACF:
     case MPSE_ACF_Q:
     case MPSE_ACS:
     case MPSE_ACB:
     case MPSE_ACSB:
      ret = acsmSearch2( (ACSM_STRUCT2*) p->obj, (unsigned char *)T, n, action, data, current_state );
      PREPROC_PROFILE_END(mpsePerfStats);
      return ret;

     case MPSE_LOWMEM:
     case MPSE_LOWMEM_Q:
        ret = KTrieSearch( (KTRIE_STRUCT *)p->obj, (unsigned char *)T, n, action, data);
        *current_state = 0;
        PREPROC_PROFILE_END(mpsePerfStats);
        return ret;

#ifdef INTEL_SOFT_CPM
     case MPSE_INTEL_CPM:
        ret = IntelPmSearch((IntelPm *)p->obj, (unsigned char *)T, n, action, data);
        *current_state = 0;
        PREPROC_PROFILE_END(mpsePerfStats);
        return ret;
#endif

     default:
       PREPROC_PROFILE_END(mpsePerfStats);
       return 1;
   }

}

Beispiel #4

0

Datei anzeigen

Datei: entry.c Projekt: mydecember/job

int main (int argc, char **argv) 
{
	int i, nocase = 0;
	FILE *fd;
	char filename[20];
	ACSM_STRUCT * acsm;

	if (argc < 3)
	{
		fprintf (stderr,"Usage: acsmx filename pattern1 pattern2 ...  -nocase\n");
		exit (0);
	}

	acsm = acsmNew ();

	strcpy (filename, argv[1]);
	fd = fopen(filename,"r");
	if(fd == NULL)
	{
		fprintf(stderr,"Open file error!\n");
		exit(1);
	}

	for (i = 1; i < argc; i++)
		if (strcmp (argv[i], "-nocase") == 0)
			nocase = 1;
	for (i = 2; i < argc; i++)
	{
		if (argv[i][0] == '-')
			continue;
		printf("%s,%d\n",argv[i],strlen (argv[i]));
		acsmAddPattern (acsm, argv[i], strlen (argv[i]), nocase,1);
	}
fgets(text,MAXLEN,fd);
	/* Generate GtoTo Table and Fail Table */
	acsmCompile (acsm);
printf("--------------------------------\n");
	NS_TIME(time);
NS_TIME_START(time);
	/*Search Pattern*/
	//while ( fgets(text,MAXLEN,fd) )
	//{
		acsmSearch (acsm, text, strlen (text), PrintMatch);
	//	nline++;
	//}
NS_TIME_END(time);

	PrintSummary(acsm->acsmPatterns);
int a[10]={45,45,45,4,1};
#ifdef __HAVE__LOAD__
printf("-------%d\n", getSummary (acsm->acsmPatterns,a));
#endif

	acsmFree (acsm);

	printf ("\n### AC Match Finished ###\n");
//	system("pause");

	return (0);
}

Beispiel #5

0

Datei anzeigen

int mpseSearch( void *pv, unsigned char * T, int n, 
    int ( *action )(unsigned id, int index, void *data), 
    void * data ) 
{
  MPSE * p = (MPSE*)pv;

  s_bcnt += n;
  
  switch( p->method )
   {
     case MPSE_AC:
      return acsmSearch( (ACSM_STRUCT*) p->obj, T, n, action, data );
     break;
     case MPSE_AUTO:
     case MPSE_MWM:
      return mwmSearch( p->obj, T, n, action, data );
     break;
     case MPSE_KTBM:
     case MPSE_LOWMEM:
       return  KTrieSearch( (KTRIE_STRUCT *)p->obj, T, n, action, data );
     break; 
     default:
       return 1;
     break; 
   }

}

Beispiel #6

0

Datei anzeigen

Datei: entry.cpp Projekt: tuyu/alo_ac

int main(int argc, char **argv)
{
	int i, nocase = 0;
	FILE *fd;
	char filename[20];
	ACSM_STRUCT * acsm;

//	if (argc < 3)
//	{
//		fprintf(stderr, "Usage: acsmx filename pattern1 pattern2 ...  -nocase\n");
//		exit(0);
//	}

	acsm = acsmNew();

	strcpy_s(filename, "test.txt");
	fd = fopen(filename, "r");
	if (fd == NULL)
	{
		fprintf(stderr, "Open file error!\n");
		exit(1);
	}

	for (i = 1; i < argc; i++)
	if (strcmp(argv[i], "-nocase") == 0)
		nocase = 1;
	
	char a[] = { "test" };
	acsmAddPattern(acsm, (unsigned char *)a, strlen(a), nocase);

	/* Generate GtoTo Table and Fail Table */
	acsmCompile(acsm);

	/*Search Pattern*/
	while (fgets(( char*)text, MAXLEN, fd))
	{
		acsmSearch(acsm, text, strlen((char*)text), PrintMatch);
		nline++;
	}

	PrintSummary(acsm->acsmPatterns);

	acsmFree(acsm);

	printf("\n### AC Match Finished ###\n");
	system("pause");

	return (0);
}

Beispiel #7

0

Datei anzeigen

Datei: main.c Projekt: mydecember/job

int main (int argc, char **argv) 
{
	int i, nocase = 0;
	
	char filename[20];
	ACSM_STRUCT * acsm;	

	acsm = acsmNew ();
	memset(text,'a',200);
	strcat(text,"http");
	strcat(text,"ut");
	strcat(text,"get");	

	//nocase = 0;
	for(i=0;i<1;++i)
	acsmAddPattern (acsm, pro_patern[i], strlen (pro_patern[i]), nocase,1);


	/* Generate GtoTo Table and Fail Table */
	acsmCompile (acsm);
printf("--------------------------------\n");
	int textlen=strlen (text);
	NS_TIME(time);
NS_TIME_START(time);
	/*Search Pattern*/
	//while ( fgets(text,MAXLEN,fd) )
	//{
		int n=10000;
		while(n>0)
		{
		n--;
		acsmSearch (acsm, text, textlen, PrintMatch);
		}
	//	nline++;
	//}
NS_TIME_END(time);

	//PrintSummary(acsm->acsmPatterns);
	ACSM_PATTERN * mlist = acsm->acsmPatterns;
	printf("\n### Summary ###\n");
	for (;mlist!=NULL;mlist=mlist->next)
	{
		if(mlist->nocase)
			printf("%12s : %5d\n",mlist->patrn,mlist->nmatch);
		else
			printf("%12s : %5d\n",mlist->casepatrn,mlist->nmatch);
mlist->nmatch=0;
	}
mlist = acsm->acsmPatterns;

for (;mlist!=NULL;mlist=mlist->next)
	{
		if(mlist->nocase)
			printf("%12s : %5d\n",mlist->patrn,mlist->nmatch);
		else
			printf("%12s : %5d\n",mlist->casepatrn,mlist->nmatch);
mlist->nmatch=0;
	}

	acsmFree (acsm);

	printf ("\n### AC Match Finished ###\n");
//	system("pause");

	return (0);
}

Beispiel #8

0

Datei anzeigen

Datei: call-ac-nothread3.c Projekt: mydecember/job

void my_callback(u_char *useless,const struct pcap_pkthdr* pkthdr,const u_char*
        packet)
{
	packet_num++;
	packet_len+=pkthdr->caplen;

    	static   int count = 0;
	//static int nn=0;
	static int i;
	static unsigned short eth_type;
	static int vlan_flag=0;
		//sem_getvalue(&shmp[i]->sem,&semnum);
		//printf("sem:%d\n",semnum);		
	//usleep(1000);
	static int semnum;
//	sem_getvalue(&bin_sem,&semnum);
	//	printf("sem:%d\n",semnum);
		//printf("mmmmmmmmmmmmmm\n");
		if(exitflag)
		{
			/*for(i=0;i<snortnum;++i)
			{
				memcpy(shmp[i]->data[shmp[i]->tail],"########",strlen("########"));
				shmp[i]->tail=(shmp[i]->tail+1)%shmp[i]->looplen;
				my_lock_release(shmp[i]);
			}
		
				sleep(4);

			for(i=0;i<snortnum;++i)
			{
				destroy_loop(shmp[i]);
				DeleteShm(shmid[i]);
			}*/
			for(i=0;i<PRO_MAX+2;++i)
			{
	
				printf("%s:%lld\n",pro_map[i],pronum[i]);
		  	 }
		   	printf("losepacket=%lld\n",losepacket);
			//sem_post(&bin_sem);
			 NS_TIME_END(time);
	
			speed1(NS_GET_TIMEP(time),packet_num,packet_len);

			printf("count=%d,\nfind_pro=%lld\n",count,find_pro);
	
				printf("exit\n");
			del_HB(&hb);
		
			acsmFree (acsm);
		//	exitflag=0;
			exit(0);
		} 
//return;
		 mac=(struct ether_header*)packet;
		 eth_type=ntohs(mac->ether_type);
		
		 if((eth_type==0x8100))
		 {
		 	vlan_flag=1;
		 	//msg("W:****0X%04X\n",eth_type);
		 	eth_type=(packet[16])*256+packet[17];
		 }
		 else
		 	vlan_flag=0;
		
		// msg("W:0X%04X\n",eth_type);
		 if((eth_type!=0x0800))//不是ip数据报
		       	return;
		 if(vlan_flag)
		 	ip=(struct ip*)(packet+size_mac+4);
	 	 else
 			ip=(struct ip*)(packet+size_mac);

		
		/*char ipdotdecs[20]={0};
	       char ipdotdecc[20]={0};
		inet_ntop(AF_INET,(void*)&(ip->ip_src),ipdotdecs,16);
			inet_ntop(AF_INET,(void*)&(ip->ip_dst),ipdotdecc,16);*/
//printf("%s-->%s: len:%d\n",ipdotdecs,ipdotdecc,pkthdr->caplen);

			
		if((ip->ip_p==6))//tcp
		{
		//	msg("EIStcp\n");
			//tcp=(struct fniff_tcp*)(packet+size_mac+size_ip);
			tcp=(struct fniff_tcp*)((char*)ip+size_ip);
			sd.b_ip=(ip->ip_src.s_addr);
			sd.l_ip=(ip->ip_dst.s_addr);
			if(sd.b_ip>sd.l_ip)
			{
				sd.b_port=ntohs(tcp->th_sport);
				sd.l_port=ntohs(tcp->th_dport);
			}
			else
			{
				sd.b_ip^=sd.l_ip;
				sd.l_ip^=sd.b_ip;
				sd.b_ip^=sd.l_ip;
			
				sd.b_port=ntohs(tcp->th_dport);
				sd.l_port=ntohs(tcp->th_sport);					
			}			
			hash=hash_HB(sd.b_ip,sd.b_port,sd.l_ip,sd.l_port);
		
			tcplen=ntohs(ip->ip_len)-(ip->ip_hl*4)-(tcp->th_off*4);
	
		//	msg("EIStcp11111111111\n");
		//	printf("ntohs(ip->ip_len)=%d\n",ntohs(ip->ip_len)+14);
			// packet.tcp_URG=tcp->th_flags&TH_URG;
			  ack=tcp->th_flags&TH_ACK;
			 // packet.tcp_PSH=tcp->th_flags&TH_PUSH;
			  rst=tcp->th_flags&TH_RST;
			  syn=tcp->th_flags&TH_SYN;
			  fin=tcp->th_flags&TH_FIN;
			 datalen=pkthdr->caplen;
		   
			ptcp=(unsigned char*)tcp+(tcp->th_off*4);     	

			temp=find_node(hb[hash].virtual_sn,&sd);  
		  
			if(temp==NULL&&syn&&!ack&&tcplen==0)//not find
		      	{
		      		//msg("E no\n");
		      		SN* q=get_node();
		      		q->sdipport=sd;
		      		q->state=1;
				insert_node(&(hb[hash].virtual_sn),q);
				hb[hash].virtual_sn_num++;
				//msg("**********=%ld\n",hb[hash].virtual_sn_num);
				#if 0				
				if(sd.b_port==21||sd.l_port==21)
				{
					q->state=10;			
					pronum[FTP]++;
				}
				else if(sd.b_port==80||sd.l_port==80)
				{
					q->state=10;
					pronum[HTTP]++;
				}
				memcpy(fortest,packet,pkthdr->caplen);
				#endif
		
		      	}
		      	else if(temp!=NULL)
		      	{
		      		// printf("state:%d\n",temp->state);
		      	
		      		if((temp->state==1)&&syn&&ack&&(tcplen==0))
		      		{
		      			//msg("W:my ooooooooooooooooooo\n");
		      			temp->state=2;
		      		}
		      		else if(temp->state==2&&ack&&!syn&&tcplen==0)
		      		{
		      			temp->state=3;
		      			//msg("W:its ===============================static\n");
		      				//msg("W:my hash:%u\n",hash);
		      		}
		      		else if(temp->state>=3&&temp->state<9)
		      		{
		      			//if(tcplen==0)
		      			//	return;
		      			//msg("W:my hash:%u\n",hash);
		      			//msg("+++++\n");
					//msg("ttttttttttttt\n");
		      			p=get_BC_node();
					//msg("mmmmmmmmm\n");
					if(p==NULL)
						{msg("EISget bc node error\n");exit(0);}
		      			
		      			p->datalen=pkthdr->caplen;
		      			p->tcplen=tcplen;
					//msg("tcplen=%d,pkthdr->caplen=%d\n",tcplen,pkthdr->caplen);
					if(tcplen<0)
					{
						msg("EIS tcp<0\n");
						exit(0);
					}				
		      			p->next=NULL;
		      			memcpy(p->buf,packet,pkthdr->caplen);
					p->ptcp=(unsigned char*)(p->buf)+(tcp->th_off*4)+((unsigned char*)tcp-(unsigned char*)mac);//ptcp;
		      			temp->tcp_content_len+=tcplen;			
		      			if(temp->bc_head==NULL)
		      			{
		      				temp->bc_head=temp->bc_tail=p;
		      			}
		      			else
		      			{
		      				temp->bc_tail->next=p;
		      				temp->bc_tail=p;
		      			}
		      			temp->state++;
		      			if((temp->state==9)||rst||fin||(temp->tcp_content_len>150))
		      			{
		      				//msg("EIS static\n");
						#if 0
		      				p=temp->bc_head;
		      				while(p!=NULL)
		      				{				
							if(p->tcplen!=0)
							acsmSearch(acsm,p->ptcp,p->tcplen,PrintMatch);
		      					p=p->next;
		      				}
						#else
						acSearch(acsm,temp->bc_head);
		      				acSearch(acsm,temp->bc_head);
						#endif
		      				i=getSummary(acsm->acsmPatterns,feature_num); 
						    		
		      				pronum[i]++;
						temp->proto=i;
		      				if(rst||fin)
		      				{
							temp->state=10;
							resume_BC_node(temp->bc_head);
		      					resume_node(temp);
		      					hb[hash].virtual_sn_num--;
		      					
							//msg("*********=%ld\n",hb[hash].virtual_sn_num);
							if(hb[hash].virtual_sn_num==0)
								hb[hash].virtual_sn=NULL;
		      					return;
		      				}
		      				temp->state=10;
		      				resume_BC_node(temp->bc_head);
			      			temp->bc_head=NULL;
			      			temp->bc_tail=NULL;
		      			}
		      			
		      		}
		      		else if(temp->state>=10)
		      		{	

		      			if(rst||fin)
					{
						//resume_node(temp);
						move_node(&(hb[hash].virtual_sn),temp);
						hb[hash].virtual_sn_num--;
						//msg("**************=%ld\n",hb[hash].virtual_sn_num);
						if(hb[hash].virtual_sn_num==0)
							hb[hash].virtual_sn=NULL;
						return;
					}
		      		} 
				else
				{
					msg("ggggggggggg\n");
				}
		      		
		      	}     	
			
			    
	     }//tcp
	     else if(ip->ip_p==1)//icmp
	     {
		//printf("2222\n");
	     	//static char pro_map[PRO_MAX+2][20]={"HTTP","FTP","POP3","SMTP","UNKOWN","UDP","ICMP"};
	 	pronum[PRO_MAX+1]++;
	    }
	    else if(ip->ip_p==17)//udp
	    	{
			//printf("1111111\n");
	    		pronum[PRO_MAX]++;
	    	}   
		else
		{
			printf("no\n");
		}
}