/* * Given a server configuration and a port number, we decide if the port is * in the POP server port list. * * @param port the port number to compare with the configuration * * @return integer * @retval 0 means that the port is not a server port * @retval !0 means that the port is a server port */ int POP_IsServer(uint16_t port) { if( isPortEnabled( pop_eval_config->ports, port ) ) return 1; return 0; }
static void registerPortsForReassembly( modbus_config_t *policy, int direction ) { uint32_t port; for ( port = 0; port < MAX_PORTS; port++ ) { if( isPortEnabled( policy->ports, port ) ) _dpd.streamAPI->register_reassembly_port( NULL, port, direction ); } }
static void registerPortsForDispatch( struct _SnortConfig *sc, modbus_config_t *policy ) { uint32_t port; for ( port = 0; port < MAX_PORTS; port++ ) { if( isPortEnabled( policy->ports, port ) ) _dpd.sessionAPI->enable_preproc_for_port( sc, PP_MODBUS, PROTO_BIT__TCP, port ); } }
static void registerPortsForDispatch( struct _SnortConfig *sc, GTPConfig *policy ) { int port; for ( port = 0; port < MAXPORTS; port++ ) { if( isPortEnabled( policy->ports, port ) ) _dpd.sessionAPI->enable_preproc_for_port( sc, PP_GTP, PROTO_BIT__UDP, port ); } }
static void registerPortsForDispatch( struct _SnortConfig *sc, SIPConfig *policy ) { if ( _dpd.isPreprocEnabled( sc, PP_APP_ID ) ) { _dpd.sessionAPI->enable_preproc_all_ports( sc, PP_SIP, PROTO_BIT__UDP | PROTO_BIT__TCP ); } else { int port; for ( port = 0; port < MAXPORTS; port++ ) { if( isPortEnabled( policy->ports, port ) ) _dpd.sessionAPI->enable_preproc_for_port( sc, PP_SIP, PROTO_BIT__UDP | PROTO_BIT__TCP, port ); } } }
void IMAP_PrintConfig(IMAPConfig *config) { int i; int j = 0; char buf[8192]; if (config == NULL) return; memset(&buf[0], 0, sizeof(buf)); _dpd.logMsg("IMAP Config:\n"); if(config->disabled) _dpd.logMsg(" IMAP: INACTIVE\n"); snprintf(buf, sizeof(buf) - 1, " Ports: "); for(i = 0; i < 65536; i++) { if( isPortEnabled( config->ports, i ) ) { j++; _dpd.printfappend(buf, sizeof(buf) - 1, "%d ", i); if(!(j%10)) _dpd.printfappend(buf, sizeof(buf) - 1, "\n "); } } _dpd.logMsg("%s\n", buf); _dpd.logMsg(" IMAP Memcap: %u\n", config->memcap); _dpd.logMsg(" MIME Max Mem: %d\n", config->decode_conf.max_mime_mem); if(config->decode_conf.b64_depth > -1) { _dpd.logMsg(" Base64 Decoding: %s\n", "Enabled"); switch(config->decode_conf.b64_depth) { case 0: _dpd.logMsg(" Base64 Decoding Depth: %s\n", "Unlimited"); break; default: _dpd.logMsg(" Base64 Decoding Depth: %d\n", config->decode_conf.b64_depth); break; } } else _dpd.logMsg(" Base64 Decoding: %s\n", "Disabled"); if(config->decode_conf.qp_depth > -1) { _dpd.logMsg(" Quoted-Printable Decoding: %s\n","Enabled"); switch(config->decode_conf.qp_depth) { case 0: _dpd.logMsg(" Quoted-Printable Decoding Depth: %s\n", "Unlimited"); break; default: _dpd.logMsg(" Quoted-Printable Decoding Depth: %d\n", config->decode_conf.qp_depth); break; } } else _dpd.logMsg(" Quoted-Printable Decoding: %s\n", "Disabled"); if(config->decode_conf.uu_depth > -1) { _dpd.logMsg(" Unix-to-Unix Decoding: %s\n","Enabled"); switch(config->decode_conf.uu_depth) { case 0: _dpd.logMsg(" Unix-to-Unix Decoding Depth: %s\n", "Unlimited"); break; default: _dpd.logMsg(" Unix-to-Unix Decoding Depth: %d\n", config->decode_conf.uu_depth); break; } } else _dpd.logMsg(" Unix-to-Unix Decoding: %s\n", "Disabled"); if(config->decode_conf.bitenc_depth > -1) { _dpd.logMsg(" Non-Encoded MIME attachment Extraction: %s\n","Enabled"); switch(config->decode_conf.bitenc_depth) { case 0: _dpd.logMsg(" Non-Encoded MIME attachment Extraction Depth: %s\n", "Unlimited"); break; default: _dpd.logMsg(" Non-Encoded MIME attachment Extraction Depth: %d\n", config->decode_conf.bitenc_depth); break; } } else _dpd.logMsg(" Non-Encoded MIME attachment Extraction: %s\n", "Disabled"); }
void SMTP_PrintConfig(SMTPConfig *config) { int i; const SMTPToken *cmd; char buf[8192]; if (config == NULL) return; memset(&buf[0], 0, sizeof(buf)); _dpd.logMsg("SMTP Config:\n"); if(config->disabled) { _dpd.logMsg(" SMTP: INACTIVE\n"); } snprintf(buf, sizeof(buf) - 1, " Ports: "); for(i = 0; i < 65536; i++) { if( isPortEnabled( config->ports, i ) ) { _dpd.printfappend(buf, sizeof(buf) - 1, "%d ", i); } } _dpd.logMsg("%s\n", buf); _dpd.logMsg(" Inspection Type: %s\n", config->inspection_type ? "Stateful" : "Stateless"); snprintf(buf, sizeof(buf) - 1, " Normalize: "); switch (config->normalize) { case NORMALIZE_ALL: _dpd.printfappend(buf, sizeof(buf) - 1, "all"); break; case NORMALIZE_NONE: _dpd.printfappend(buf, sizeof(buf) - 1, "none"); break; case NORMALIZE_CMDS: if (config->print_cmds) { for (cmd = config->cmds; cmd->name != NULL; cmd++) { if (config->cmd_config[cmd->search_id].normalize) { _dpd.printfappend(buf, sizeof(buf) - 1, "%s ", cmd->name); } } } else { _dpd.printfappend(buf, sizeof(buf) - 1, "cmds"); } break; } _dpd.logMsg("%s\n", buf); _dpd.logMsg(" Ignore Data: %s\n", config->decode_conf.ignore_data ? "Yes" : "No"); _dpd.logMsg(" Ignore TLS Data: %s\n", config->ignore_tls_data ? "Yes" : "No"); _dpd.logMsg(" Ignore SMTP Alerts: %s\n", config->no_alerts ? "Yes" : "No"); if (!config->no_alerts) { snprintf(buf, sizeof(buf) - 1, " Max Command Line Length: "); if (config->max_command_line_len == 0) _dpd.printfappend(buf, sizeof(buf) - 1, "Unlimited"); else _dpd.printfappend(buf, sizeof(buf) - 1, "%d", config->max_command_line_len); _dpd.logMsg("%s\n", buf); if (config->print_cmds) { int max_line_len_count = 0; int max_line_len = 0; snprintf(buf, sizeof(buf) - 1, " Max Specific Command Line Length: "); for (cmd = config->cmds; cmd->name != NULL; cmd++) { max_line_len = config->cmd_config[cmd->search_id].max_line_len; if (max_line_len != 0) { if (max_line_len_count % 5 == 0) { _dpd.logMsg("%s\n", buf); snprintf(buf, sizeof(buf) - 1, " %s:%d ", cmd->name, max_line_len); } else { _dpd.printfappend(buf, sizeof(buf) - 1, "%s:%d ", cmd->name, max_line_len); } max_line_len_count++; } } if (max_line_len_count == 0) _dpd.logMsg("%sNone\n", buf); else _dpd.logMsg("%s\n", buf); } snprintf(buf, sizeof(buf) - 1, " Max Header Line Length: "); if (config->max_header_line_len == 0) _dpd.logMsg("%sUnlimited\n", buf); else _dpd.logMsg("%s%d\n", buf, config->max_header_line_len); snprintf(buf, sizeof(buf) - 1, " Max Response Line Length: "); if (config->max_response_line_len == 0) _dpd.logMsg("%sUnlimited\n", buf); else _dpd.logMsg("%s%d\n", buf, config->max_response_line_len); } _dpd.logMsg(" X-Link2State Alert: %s\n", config->alert_xlink2state ? "Yes" : "No"); if (config->alert_xlink2state) { _dpd.logMsg(" Drop on X-Link2State Alert: %s\n", config->drop_xlink2state ? "Yes" : "No"); } if (config->print_cmds && !config->no_alerts) { int alert_count = 0; snprintf(buf, sizeof(buf) - 1, " Alert on commands: "); for (cmd = config->cmds; cmd->name != NULL; cmd++) { if (config->cmd_config[cmd->search_id].alert) { _dpd.printfappend(buf, sizeof(buf) - 1, "%s ", cmd->name); alert_count++; } } if (alert_count == 0) { _dpd.logMsg("%sNone\n", buf); } else { _dpd.logMsg("%s\n", buf); } } _dpd.logMsg(" Alert on unknown commands: %s\n", config->alert_unknown_cmds ? "Yes" : "No"); _dpd.logMsg(" SMTP Memcap: %u\n", config->memcap); _dpd.logMsg(" MIME Max Mem: %d\n", config->decode_conf.max_mime_mem); if(config->decode_conf.b64_depth > -1) { _dpd.logMsg(" Base64 Decoding: %s\n", "Enabled"); switch(config->decode_conf.b64_depth) { case 0: _dpd.logMsg(" Base64 Decoding Depth: %s\n", "Unlimited"); break; default: _dpd.logMsg(" Base64 Decoding Depth: %d\n", config->decode_conf.b64_depth); break; } } else _dpd.logMsg(" Base64 Decoding: %s\n", "Disabled"); if(config->decode_conf.qp_depth > -1) { _dpd.logMsg(" Quoted-Printable Decoding: %s\n","Enabled"); switch(config->decode_conf.qp_depth) { case 0: _dpd.logMsg(" Quoted-Printable Decoding Depth: %s\n", "Unlimited"); break; default: _dpd.logMsg(" Quoted-Printable Decoding Depth: %d\n", config->decode_conf.qp_depth); break; } } else _dpd.logMsg(" Quoted-Printable Decoding: %s\n", "Disabled"); if(config->decode_conf.uu_depth > -1) { _dpd.logMsg(" Unix-to-Unix Decoding: %s\n","Enabled"); switch(config->decode_conf.uu_depth) { case 0: _dpd.logMsg(" Unix-to-Unix Decoding Depth: %s\n", "Unlimited"); break; default: _dpd.logMsg(" Unix-to-Unix Decoding Depth: %d\n", config->decode_conf.uu_depth); break; } } else _dpd.logMsg(" Unix-to-Unix Decoding: %s\n", "Disabled"); if(config->decode_conf.bitenc_depth > -1) { _dpd.logMsg(" Non-Encoded MIME attachment Extraction: %s\n","Enabled"); switch(config->decode_conf.bitenc_depth) { case 0: _dpd.logMsg(" Non-Encoded MIME attachment Extraction Depth: %s\n", "Unlimited"); break; default: _dpd.logMsg(" Non-Encoded MIME attachment Extraction Depth: %d\n", config->decode_conf.bitenc_depth); break; } } else _dpd.logMsg(" Non-Encoded MIME attachment Extraction/text: %s\n", "Disabled"); _dpd.logMsg(" Log Attachment filename: %s\n", config->log_config.log_filename ? "Enabled" : "Not Enabled"); _dpd.logMsg(" Log MAIL FROM Address: %s\n", config->log_config.log_mailfrom ? "Enabled" : "Not Enabled"); _dpd.logMsg(" Log RCPT TO Addresses: %s\n", config->log_config.log_rcptto ? "Enabled" : "Not Enabled"); _dpd.logMsg(" Log Email Headers: %s\n", config->log_config.log_email_hdrs ? "Enabled" : "Not Enabled"); if(config->log_config.log_email_hdrs) { _dpd.logMsg(" Email Hdrs Log Depth: %u\n", config->log_config.email_hdrs_log_depth); } }