/*
* Initialize key for dynamic channel and call daq api method to notify firmware
* of the expected dynamic channel.
*/
void DAQ_Add_Dynamic_Protocol_Channel(const Packet *ctrlPkt, snort_ip_p cliIP, uint16_t cliPort,
snort_ip_p srvIP, uint16_t srvPort, uint8_t protocol )
{
DAQ_DP_key_t dp_key;
dp_key.af = cliIP->family;
if( dp_key.af == AF_INET )
{
memcpy( &dp_key.sa.src_ip4, &cliIP->ip32[0], 4 );
memcpy( &dp_key.da.dst_ip4, &srvIP->ip32[0], 4 );
}
else
{
memcpy( &dp_key.sa.src_ip6, &cliIP->ip32[0], sizeof( u_int32_t ) * 4 );
memcpy( &dp_key.da.dst_ip6, &srvIP->ip32[0], sizeof( u_int32_t ) * 4 );
}
dp_key.protocol = protocol;
dp_key.src_port = cliPort;
dp_key.dst_port = srvPort;
dp_key.vlan_cnots = 1;
if( ctrlPkt->vh )
dp_key.vlan_id = VTH_VLAN( ctrlPkt->vh );
else
dp_key.vlan_id = 0xFFFF;
if( ctrlPkt->GTPencapsulated )
dp_key.tunnel_type = DAQ_DP_TUNNEL_TYPE_GTP_TUNNEL;
else if ( ctrlPkt->encapsulated )
dp_key.tunnel_type = DAQ_DP_TUNNEL_TYPE_OTHER_TUNNEL;
else
dp_key.tunnel_type = DAQ_DP_TUNNEL_TYPE_NON_TUNNEL;
// notify the firmware to add expected flow for this dynamic channel
daq_dp_add_dc( daq_mod, daq_hand, ctrlPkt->pkth, &dp_key, ctrlPkt->pkt );
}
/*
* Initialize key for dynamic channel and call daq api method to notify firmware
* of the expected dynamic channel.
*/
void DAQ_Add_Dynamic_Protocol_Channel(const Packet *ctrlPkt, sfaddr_t* cliIP, uint16_t cliPort,
sfaddr_t* srvIP, uint16_t srvPort, uint8_t protocol,
DAQ_DC_Params* params)
{
DAQ_DP_key_t dp_key;
#ifdef HAVE_DAQ_DATA_CHANNEL_SEPARATE_IP_VERSIONS
dp_key.src_af = sfaddr_family(cliIP);
if (AF_INET == dp_key.src_af)
{
dp_key.sa.src_ip4.s_addr = sfaddr_get_ip4_value(cliIP);
}
else
{
memcpy(&dp_key.sa.src_ip6, sfaddr_get_ip6_ptr(cliIP), sizeof(dp_key.sa.src_ip6));
}
dp_key.dst_af = sfaddr_family(srvIP);
if (AF_INET == dp_key.dst_af)
{
dp_key.da.dst_ip4.s_addr = sfaddr_get_ip4_value(srvIP);
}
else
{
memcpy(&dp_key.da.dst_ip6, sfaddr_get_ip6_ptr(srvIP), sizeof(dp_key.da.dst_ip6));
}
#else
dp_key.af = sfaddr_family(cliIP);
if( dp_key.af == AF_INET )
{
dp_key.sa.src_ip4.s_addr = sfaddr_get_ip4_value(cliIP);
dp_key.da.dst_ip4.s_addr = sfaddr_get_ip4_value(srvIP);
}
else
{
memcpy( &dp_key.sa.src_ip6, sfaddr_get_ip6_ptr(cliIP), sizeof( dp_key.sa.src_ip6 ) );
memcpy( &dp_key.da.dst_ip6, sfaddr_get_ip6_ptr(srvIP), sizeof( dp_key.da.dst_ip6 ) );
}
#endif
dp_key.protocol = protocol;
dp_key.src_port = cliPort;
dp_key.dst_port = srvPort;
dp_key.vlan_cnots = 1;
if( ctrlPkt->vh )
dp_key.vlan_id = VTH_VLAN( ctrlPkt->vh );
else
dp_key.vlan_id = 0xFFFF;
if( ctrlPkt->GTPencapsulated )
dp_key.tunnel_type = DAQ_DP_TUNNEL_TYPE_GTP_TUNNEL;
#ifdef DAQ_DP_TUNNEL_TYPE_MPLS_TUNNEL
else if ( ctrlPkt->mpls )
dp_key.tunnel_type = DAQ_DP_TUNNEL_TYPE_MPLS_TUNNEL;
#endif
else if ( ctrlPkt->encapsulated )
dp_key.tunnel_type = DAQ_DP_TUNNEL_TYPE_OTHER_TUNNEL;
else
dp_key.tunnel_type = DAQ_DP_TUNNEL_TYPE_NON_TUNNEL;
// notify the firmware to add expected flow for this dynamic channel
#ifdef HAVE_DAQ_DATA_CHANNEL_PARAMS
{
DAQ_Data_Channel_Params_t daq_params;
memset(&daq_params, 0, sizeof(daq_params));
daq_params.timeout_ms = params->timeout_ms;
if (params->flags & DAQ_DC_FLOAT)
daq_params.flags |= DAQ_DATA_CHANNEL_FLOAT;
if (params->flags & DAQ_DC_ALLOW_MULTIPLE)
daq_params.flags |= DAQ_DATA_CHANNEL_ALLOW_MULTIPLE;
if (params->flags & DAQ_DC_PERSIST)
daq_params.flags |= DAQ_DATA_CHANNEL_PERSIST;
daq_dp_add_dc(daq_mod, daq_hand, ctrlPkt->pkth, &dp_key, ctrlPkt->pkt,
&daq_params);
}
#else
daq_dp_add_dc( daq_mod, daq_hand, ctrlPkt->pkth, &dp_key, ctrlPkt->pkt );
#endif
}
