int DissecRegist(const char *file_cfg)
{
proto_heury_dep hdep;
pei_cmpt peic;
char cfg[TCP_GRB_FILENAME_PATH_SIZE];
memset(&hdep, 0, sizeof(proto_heury_dep));
memset(&peic, 0, sizeof(pei_cmpt));
/* protocol name */
ProtName("TCP garbage", "tcp-grb");
/* dep: tcp */
hdep.name = "tcp";
hdep.ProtCheck = TcpGrbCheck;
ProtHeuDep(&hdep);
/* PEI components */
peic.abbrev = "l7prot";
peic.desc = "L7 protocol march";
ProtPeiComponent(&peic);
peic.abbrev = "txt";
peic.desc = "Text file";
ProtPeiComponent(&peic);
peic.abbrev = "size";
peic.desc = "Flow total size";
ProtPeiComponent(&peic);
peic.abbrev = "file";
peic.desc = "File extracted";
ProtPeiComponent(&peic);
peic.abbrev = "ftype";
peic.desc = "File type";
ProtPeiComponent(&peic);
dig_type_dim = 0;
dig_tbl = NULL;
#if GRB_DIG_ENABLE
enable_dig = TRUE;
#else
enable_dig = FALSE;
#endif
/* load config file data */
if (CfgParamStr(file_cfg, TCP_GRB_CFG_FILE, cfg, TCP_GRB_FILENAME_PATH_SIZE) == 0)
TcpGrbCfg(cfg);
if (CfgParamInt(file_cfg, TCP_GRB_PKT_LIMIT_CFG, &limit_pkts) != 0)
limit_pkts = TCP_GRB_PKT_LIMIT;
if (enable_dig == FALSE)
dig_type_dim = 0;
/* dissectors subdissectors registration */
ProtDissectors(NULL, TcpGrbDissector, NULL, NULL);
return 0;
}
int DissecRegist(const char *file_cfg)
{
proto_heury_dep hdep;
pei_cmpt peic;
long tmp;
pthrs_dim = TCP_CA_DEFUALT_PARAL_THR;
grpdis = TRUE;
memset(&hdep, 0, sizeof(proto_heury_dep));
memset(&peic, 0, sizeof(pei_cmpt));
/* threads parallel */
if (file_cfg != NULL) {
if (CfgParamInt(file_cfg, TCP_CA_CFG_PARAL_THR, &tmp) == 0) {
if (tmp > 0)
pthrs_dim = tmp;
else
grpdis = FALSE;
}
}
/* protocol name */
ProtName("TCP Analysis", "tcp-ca");
/* dep: tcp */
hdep.name = "tcp";
if (grpdis == TRUE)
hdep.ProtCheck = TcpCaCheckGrp;
else
hdep.ProtCheck = TcpCaCheck;
ProtHeuDep(&hdep);
/* PEI components */
peic.abbrev = "ip.src";
peic.desc = "IP source";
ProtPeiComponent(&peic);
peic.abbrev = "ip.dst";
peic.desc = "IP destination";
ProtPeiComponent(&peic);
peic.abbrev = "dns";
peic.desc = "dns name request";
ProtPeiComponent(&peic);
peic.abbrev = "port.src";
peic.desc = "Port source";
ProtPeiComponent(&peic);
peic.abbrev = "port.dst";
peic.desc = "Port destination";
ProtPeiComponent(&peic);
peic.abbrev = "l7prot";
peic.desc = "L7 protocol march";
ProtPeiComponent(&peic);
peic.abbrev = "lat";
peic.desc = "Latitude";
ProtPeiComponent(&peic);
peic.abbrev = "long";
peic.desc = "Longitude";
ProtPeiComponent(&peic);
peic.abbrev = "country_code";
peic.desc = "Country Code";
ProtPeiComponent(&peic);
peic.abbrev = "byte.sent";
peic.desc = "Byte sent";
ProtPeiComponent(&peic);
peic.abbrev = "byte.receiv";
peic.desc = "Byte received";
ProtPeiComponent(&peic);
peic.abbrev = "byte.lost.sent";
peic.desc = "Lost bytes sent";
ProtPeiComponent(&peic);
peic.abbrev = "byte.lost.receiv";
peic.desc = "Lost bytes received";
ProtPeiComponent(&peic);
peic.abbrev = "pkt.sent";
peic.desc = "Packet sent";
ProtPeiComponent(&peic);
peic.abbrev = "pkt.receiv";
peic.desc = "Packet received";
ProtPeiComponent(&peic);
peic.abbrev = "trace.sent";
peic.desc = "Trace sent";
ProtPeiComponent(&peic);
peic.abbrev = "trace.receiv";
peic.desc = "Trace recived";
ProtPeiComponent(&peic);
peic.abbrev = "trace.img";
peic.desc = "Trace the bytes with an image";
ProtPeiComponent(&peic);
peic.abbrev = "metadata";
peic.desc = "Metadata: JSON file with metadata";
ProtPeiComponent(&peic);
limit_pkts = TCP_CA_PKT_LIMIT;
/* dissectors subdissectors registration */
if (grpdis == TRUE) {
ProtDissectors(NULL, TcpCaDissectorGrp, NULL, NULL);
}
else {
ProtDissectors(NULL, TcpCaDissector, NULL, NULL);
}
return 0;
}
