static int SIPCheckPolicyConfig(struct _SnortConfig *sc, tSfPolicyUserContextId config, tSfPolicyId policy_id, void* pData)
{
SIPConfig *sip_policy = ( SIPConfig * ) pData;
if ( sip_policy->disabled )
return 0;
if (!_dpd.isPreprocEnabled(sc, PP_STREAM))
{
_dpd.errMsg("SIPCheckPolicyConfig(): The Stream preprocessor must be enabled.\n");
return -1;
}
if (policy_id != 0)
{
SIPConfig *default_sip_policy = ( SIPConfig * ) sfPolicyUserDataGetDefault( config );
if(default_sip_policy == NULL)
{
_dpd.errMsg("SIPCheckPolicyConfig(): SIP default policy must be configured\n");
return -1;
}
sip_policy->maxNumSessions = default_sip_policy->maxNumSessions;
}
_dpd.setParserPolicy( sc, policy_id );
_dpd.addPreproc( sc, SIPmain, PRIORITY_APPLICATION, PP_SIP, PROTO_BIT__UDP|PROTO_BIT__TCP );
// register ports with session and stream
registerPortsForDispatch( sc, sip_policy );
registerPortsForReassembly( sip_policy, SSN_DIR_FROM_SERVER | SSN_DIR_FROM_CLIENT );
_addPortsToStreamFilter(sc, sip_policy, policy_id);
#ifdef TARGET_BASED
_addServicesToStreamFilter(sc, policy_id);
#endif
return 0;
}
/* Allocate memory for preprocessor config, parse the args, set up callbacks */
static void ModbusInit(struct _SnortConfig *sc, char *argp)
{
modbus_config_t *modbus_policy = NULL;
if (modbus_context_id == NULL)
{
ModbusOneTimeInit(sc);
}
modbus_policy = ModbusPerPolicyInit(sc, modbus_context_id);
ParseModbusArgs(modbus_policy, argp);
/* Can't add ports until they've been parsed... */
ModbusAddPortsToPaf(sc, modbus_policy, _dpd.getParserPolicy(sc));
#ifdef TARGET_BASED
ModbusAddServiceToPaf(sc, modbus_app_id, _dpd.getParserPolicy(sc));
#endif
// register ports with session and stream
registerPortsForDispatch( sc, modbus_policy );
registerPortsForReassembly( modbus_policy, SSN_DIR_FROM_SERVER | SSN_DIR_FROM_CLIENT );
ModbusPrintConfig(modbus_policy);
}
void SSLReload(struct _SnortConfig *sc, char *args, void **new_config)
{
tSfPolicyUserContextId ssl_swap_config = (tSfPolicyUserContextId)*new_config;
tSfPolicyId policy_id = _dpd.getParserPolicy(sc);
SSLPP_config_t * pPolicyConfig = NULL;
if (ssl_swap_config == NULL)
{
//create a context
ssl_swap_config = sfPolicyConfigCreate();
if (ssl_swap_config == NULL)
{
DynamicPreprocessorFatalMessage("Could not allocate memory for the "
"SSL preprocessor configuration.\n");
}
if (_dpd.streamAPI == NULL)
{
DynamicPreprocessorFatalMessage(
"SSLPP_init(): The Stream preprocessor must be enabled.\n");
}
*new_config = (void *)ssl_swap_config;
}
sfPolicyUserPolicySet (ssl_swap_config, policy_id);
pPolicyConfig = (SSLPP_config_t *)sfPolicyUserDataGetCurrent(ssl_swap_config);
if (pPolicyConfig != NULL)
{
DynamicPreprocessorFatalMessage("SSL preprocessor can only be "
"configured once.\n");
}
pPolicyConfig = (SSLPP_config_t *)calloc(1, sizeof(SSLPP_config_t));
if (pPolicyConfig == NULL)
{
DynamicPreprocessorFatalMessage("Could not allocate memory for the "
"SSL preprocessor configuration.\n");
}
sfPolicyUserDataSetCurrent(ssl_swap_config, pPolicyConfig);
SSLPP_init_config(pPolicyConfig);
SSLPP_config(pPolicyConfig, args);
SSLPP_print_config(pPolicyConfig);
_dpd.preprocOptRegister(sc, "ssl_state", SSLPP_state_init, SSLPP_rule_eval,
free, NULL, NULL, NULL, NULL);
_dpd.preprocOptRegister(sc, "ssl_version", SSLPP_ver_init, SSLPP_rule_eval,
free, NULL, NULL, NULL, NULL);
_dpd.addPreproc(sc, SSLPP_process, PRIORITY_APPLICATION, PP_SSL, PROTO_BIT__TCP);
registerPortsForDispatch( sc, pPolicyConfig );
registerPortsForReassembly( pPolicyConfig, SSN_DIR_FROM_SERVER | SSN_DIR_FROM_CLIENT );
_addPortsToStream5Filter(sc, pPolicyConfig, policy_id);
#ifdef TARGET_BASED
_addServicesToStream5Filter(sc, policy_id);
#endif
}
void SSLPP_init(struct _SnortConfig *sc, char *args)
{
tSfPolicyId policy_id = _dpd.getParserPolicy(sc);
SSLPP_config_t *pPolicyConfig = NULL;
if (ssl_config == NULL)
{
//create a context
ssl_config = sfPolicyConfigCreate();
if (ssl_config == NULL)
{
DynamicPreprocessorFatalMessage("Could not allocate memory for the "
"SSL preprocessor configuration.\n");
}
if (_dpd.streamAPI == NULL)
{
DynamicPreprocessorFatalMessage(
"SSLPP_init(): The Stream preprocessor must be enabled.\n");
}
SSL_InitGlobals();
_dpd.registerPreprocStats("ssl", SSLPP_drop_stats);
_dpd.addPreprocConfCheck(sc, SSLPP_CheckConfig);
_dpd.addPreprocExit(SSLCleanExit, NULL, PRIORITY_LAST, PP_SSL);
_dpd.addPreprocResetStats(SSLResetStats, NULL, PRIORITY_LAST, PP_SSL);
#ifdef PERF_PROFILING
_dpd.addPreprocProfileFunc("ssl", (void *)&sslpp_perf_stats, 0, _dpd.totalPerfStats);
#endif
#ifdef ENABLE_HA
_dpd.addFuncToPostConfigList(sc, SSLHAPostConfigInit, NULL);
#endif
#ifdef TARGET_BASED
ssl_app_id = _dpd.findProtocolReference("ssl");
if (ssl_app_id == SFTARGET_UNKNOWN_PROTOCOL)
{
ssl_app_id = _dpd.addProtocolReference("ssl");
}
_dpd.sessionAPI->register_service_handler( PP_SSL, ssl_app_id );
#endif
}
sfPolicyUserPolicySet (ssl_config, policy_id);
pPolicyConfig = (SSLPP_config_t *)sfPolicyUserDataGetCurrent(ssl_config);
if (pPolicyConfig != NULL)
{
DynamicPreprocessorFatalMessage("SSL preprocessor can only be "
"configured once.\n");
}
pPolicyConfig = (SSLPP_config_t *)calloc(1, sizeof(SSLPP_config_t));
if (pPolicyConfig == NULL)
{
DynamicPreprocessorFatalMessage("Could not allocate memory for the "
"SSL preprocessor configuration.\n");
}
sfPolicyUserDataSetCurrent(ssl_config, pPolicyConfig);
SSLPP_init_config(pPolicyConfig);
SSLPP_config(pPolicyConfig, args);
SSLPP_print_config(pPolicyConfig);
_dpd.preprocOptRegister(sc, "ssl_state", SSLPP_state_init, SSLPP_rule_eval,
free, NULL, NULL, NULL, NULL);
_dpd.preprocOptRegister(sc, "ssl_version", SSLPP_ver_init, SSLPP_rule_eval,
free, NULL, NULL, NULL, NULL);
_dpd.addPreproc( sc, SSLPP_process, PRIORITY_APPLICATION, PP_SSL, PROTO_BIT__TCP );
registerPortsForDispatch( sc, pPolicyConfig );
registerPortsForReassembly( pPolicyConfig, SSN_DIR_FROM_SERVER | SSN_DIR_FROM_CLIENT );
_addPortsToStream5Filter(sc, pPolicyConfig, policy_id);
#ifdef TARGET_BASED
_addServicesToStream5Filter(sc, policy_id);
#endif
}
/* Initializes the GTP preprocessor module and registers
* it in the preprocessor list.
*
* PARAMETERS:
*
* argp: Pointer to argument string to process for config data.
*
* RETURNS: Nothing.
*/
static void GTPInit(struct _SnortConfig *sc, char *argp)
{
tSfPolicyId policy_id = _dpd.getParserPolicy(sc);
GTPConfig *pDefaultPolicyConfig = NULL;
GTPConfig *pPolicyConfig = NULL;
if (gtp_config == NULL)
{
/*create a context*/
gtp_config = sfPolicyConfigCreate();
if (gtp_config == NULL)
{
DynamicPreprocessorFatalMessage("Failed to allocate memory "
"for GTP config.\n");
}
_dpd.addPreprocConfCheck(sc, GTPCheckConfig);
_dpd.registerPreprocStats(GTP_NAME, GTP_PrintStats);
_dpd.addPreprocExit(GTPCleanExit, NULL, PRIORITY_LAST, PP_GTP);
#ifdef PERF_PROFILING
_dpd.addPreprocProfileFunc("gtp", (void *)>pPerfStats, 0, _dpd.totalPerfStats, NULL);
#endif
#ifdef TARGET_BASED
gtp_app_id = _dpd.findProtocolReference("gtp");
if (gtp_app_id == SFTARGET_UNKNOWN_PROTOCOL)
gtp_app_id = _dpd.addProtocolReference("gtp");
// register with session to handle applications
_dpd.sessionAPI->register_service_handler( PP_GTP, gtp_app_id );
#endif
}
sfPolicyUserPolicySet (gtp_config, policy_id);
pDefaultPolicyConfig = (GTPConfig *)sfPolicyUserDataGetDefault(gtp_config);
pPolicyConfig = (GTPConfig *)sfPolicyUserDataGetCurrent(gtp_config);
if ((pPolicyConfig != NULL) && (pDefaultPolicyConfig == NULL))
{
DynamicPreprocessorFatalMessage("GTP preprocessor can only be "
"configured once.\n");
}
pPolicyConfig = (GTPConfig *)calloc(1, sizeof(GTPConfig));
if (!pPolicyConfig)
{
DynamicPreprocessorFatalMessage("Could not allocate memory for "
"GTP preprocessor configuration.\n");
}
sfPolicyUserDataSetCurrent(gtp_config, pPolicyConfig);
GTP_RegRuleOptions(sc);
ParseGTPArgs(pPolicyConfig, (u_char *)argp);
if (_dpd.streamAPI == NULL)
{
DynamicPreprocessorFatalMessage("SetupGTP(): The Stream preprocessor must be enabled.\n");
}
_dpd.addPreproc( sc, GTPmain, PRIORITY_APPLICATION, PP_GTP, PROTO_BIT__UDP );
// register ports with session and stream
registerPortsForDispatch( sc, pPolicyConfig );
registerPortsForReassembly( pPolicyConfig, SSN_DIR_FROM_SERVER | SSN_DIR_FROM_CLIENT );
_addPortsToStreamFilter(sc, pPolicyConfig, policy_id);
#ifdef TARGET_BASED
_addServicesToStreamFilter(sc, policy_id);
#endif
}
