void SetupStream5()
{
RegisterPreprocessor("stream5_global", Stream5GlobalInit);
RegisterPreprocessor("stream5_tcp", Stream5PolicyInitTcp);
RegisterPreprocessor("stream5_udp", Stream5PolicyInitUdp);
RegisterPreprocessor("stream5_icmp", Stream5PolicyInitIcmp);
DEBUG_WRAP(DebugMessage(DEBUG_STREAM, "Preprocessor stream5 is setup\n"););
/**
** This function initializes HttpInspect as a Snort preprocessor.
**
** It registers the preprocessor keyword for use in the snort.conf
** and sets up the initialization module for the preprocessor, in
** case it is configured.
**
** This function must be called in InitPreprocessors() in plugbase.c
** in order to be recognized by Snort.
**
** @param none
**
** @return void
*/
void SetupHttpInspect()
{
RegisterPreprocessor(GLOBAL_KEYWORD, HttpInspectInit);
RegisterPreprocessor(SERVER_KEYWORD, HttpInspectInit);
AddFuncToConfigCheckList(HttpInspectCheckConfig);
DEBUG_WRAP(DebugMessage(DEBUG_HTTPINSPECT, "Preprocessor: HttpInspect is "
"setup . . .\n"););
/*
* Function: SetupRpcDecode()
*
* Purpose: Registers the preprocessor keyword and initialization
* function into the preprocessor list.
*
* Arguments: None.
*
* Returns: void function
*
*/
void SetupRpcDecode(void)
{
/* link the preprocessor keyword to the init function in
the preproc list */
#ifndef SNORT_RELOAD
RegisterPreprocessor("rpc_decode", RpcDecodeInit);
#else
RegisterPreprocessor("rpc_decode", RpcDecodeInit, RpcDecodeReload,
RpcDecodeReloadSwap, RpcDecodeReloadSwapFree);
#endif
DEBUG_WRAP(DebugMessage(DEBUG_RPC,"Preprocessor: RpcDecode in setup...\n"););
void SetupEntropy(void)
{
/* link the preprocessor keyword to the init function in
the preproc list */
#ifndef SNORT_RELOAD
RegisterPreprocessor("entropy", EntropyInit);
#else
RegisterPreprocessor("entropy", EntropyInit, EntropyReload, NULL, EntropyReloadSwap, EntropyReloadSwapFree);
#endif
DEBUG_WRAP(DebugMessage(DEBUG_PLUGIN,
"Preprocessor: High Entropy Flows Detection\n"););
/*
* Function: SetupPerfMonitor()
*
* Purpose: Registers the preprocessor keyword and initialization
* function into the preprocessor list. This is the function that
* gets called from InitPreprocessors() in plugbase.c.
*
* Arguments: None.
*
* Returns: void function
*
*/
void SetupPerfMonitor(void)
{
/* link the preprocessor keyword to the init function in
the preproc list */
#ifndef SNORT_RELOAD
RegisterPreprocessor("PerfMonitor", PerfMonitorInit);
#else
RegisterPreprocessor("PerfMonitor", PerfMonitorInit, PerfMonitorReload,
PerfMonitorReloadSwap, PerfMonitorReloadSwapFree);
#endif
DEBUG_WRAP(DebugMessage(DEBUG_PLUGIN,"Preprocessor: PerfMonitor is setup...\n"););
void SetupARPspoof(void)
{
#ifndef SNORT_RELOAD
RegisterPreprocessor("arpspoof", ARPspoofInit);
RegisterPreprocessor("arpspoof_detect_host", ARPspoofHostInit);
#else
RegisterPreprocessor("arpspoof", ARPspoofInit, ARPspoofReload,
ARPspoofReloadSwap, ARPspoofReloadSwapFree);
RegisterPreprocessor("arpspoof_detect_host", ARPspoofHostInit,
ARPspoofReloadHost, NULL, NULL);
#endif
DEBUG_WRAP(DebugMessage(DEBUG_INIT,
"Preprocessor: ARPspoof is setup...\n"););
/*
* Function: SetupBo()
*
* Purpose: Registers the preprocessor keyword and initialization
* function into the preprocessor list.
*
* Arguments: None.
*
* Returns: void function
*
*/
void SetupBo()
{
/* link the preprocessor keyword to the init function in
the preproc list */
RegisterPreprocessor("bo", BoInit);
DEBUG_WRAP(DebugMessage(DEBUG_PLUGIN,
"Preprocessor: Back Orifice is setup...\n"););
/*
* Function: SetupPerfMonitor()
*
* Purpose: Registers the preprocessor keyword and initialization
* function into the preprocessor list. This is the function that
* gets called from InitPreprocessors() in plugbase.c.
*
* Arguments: None.
*
* Returns: void function
*
*/
void SetupPerfMonitor()
{
/* link the preprocessor keyword to the init function in
the preproc list */
RegisterPreprocessor("PerfMonitor", PerfMonitorInit);
DEBUG_WRAP(DebugMessage(DEBUG_PLUGIN,"Preprocessor: PerfMonitor is setup...\n"););
/*
* Function: SetupTemplate()
*
* Purpose: Registers the preprocessor keyword and initialization
* function into the preprocessor list. This is the function that
* gets called from InitPreprocessors() in plugbase.c.
*
* Arguments: None.
*
* Returns: void function
*
*/
void SetupTemplate()
{
/* link the preprocessor keyword to the init function in
the preproc list */
RegisterPreprocessor("keyword", TemplateInit);
DebugMessage(DEBUG_PLUGIN,"Preprocessor: Template is setup...\n");
}
/**
* Add the Flow Preprocessor to the list of things that snort can
* configure.
*
*/
void SetupFlow(void)
{
/* we should really create some set of structure's that we can go
* register as config editors */
RegisterPreprocessor("flow", FlowInit);
/* setup the portscan preprocessor */
SetupFlowPS();
}
/*
* Function: SetupHttpDecode()
*
* Purpose: Registers the preprocessor keyword and initialization
* function into the preprocessor list.
*
* Arguments: None.
*
* Returns: void function
*
*/
void SetupHttpDecode()
{
/* link the preprocessor keyword to the init function in
the preproc list */
RegisterPreprocessor("http_decode", HttpDecodeInit);
#ifdef DEBUG
printf("Preprocessor: HttpDecode in setup...\n");
#endif
}
void SetupFlowPS(void)
{
RegisterPreprocessor("flow-portscan", FlowPSInit);
}
