static inline void ModbusOneTimeInit()
{
/* context creation & error checking */
modbus_context_id = sfPolicyConfigCreate();
if (modbus_context_id == NULL)
{
_dpd.fatalMsg("%s(%d) Failed to allocate memory for "
"Modbus config.\n", *_dpd.config_file, *_dpd.config_line);
}
if (_dpd.streamAPI == NULL)
{
_dpd.fatalMsg("%s(%d) SetupModbus(): The Stream preprocessor "
"must be enabled.\n", *_dpd.config_file, *_dpd.config_line);
}
/* callback registration */
_dpd.addPreprocConfCheck(ModbusCheckConfig);
_dpd.addPreprocExit(ModbusCleanExit, NULL, PRIORITY_LAST, PP_MODBUS);
#ifdef PERF_PROFILING
_dpd.addPreprocProfileFunc("modbus", (void *)&modbusPerfStats, 0, _dpd.totalPerfStats);
#endif
/* Set up target-based app id */
#ifdef TARGET_BASED
modbus_app_id = _dpd.findProtocolReference("modbus");
if (modbus_app_id == SFTARGET_UNKNOWN_PROTOCOL)
modbus_app_id = _dpd.addProtocolReference("modbus");
#endif
}
/* Almost like ModbusInit, but not quite. */
static void ModbusReload(char *args)
{
modbus_config_t *modbus_policy = NULL;
if (modbus_swap_context_id == NULL)
{
modbus_swap_context_id = sfPolicyConfigCreate();
if (modbus_swap_context_id == NULL)
{
_dpd.fatalMsg("Failed to allocate memory "
"for Modbus config.\n");
}
if (_dpd.streamAPI == NULL)
{
_dpd.fatalMsg("SetupModbus(): The Stream preprocessor "
"must be enabled.\n");
}
}
modbus_policy = ModbusPerPolicyInit(modbus_swap_context_id);
ParseModbusArgs(modbus_policy, args);
/* Can't add ports until they've been parsed... */
ModbusAddPortsToPaf(modbus_policy, _dpd.getParserPolicy());
ModbusPrintConfig(modbus_policy);
_dpd.addPreprocReloadVerify(ModbusReloadVerify);
}
/* Almost like DNP3Init, but not quite. */
static void DNP3Reload(struct _SnortConfig *sc, char *args, void **new_config)
{
tSfPolicyUserContextId dnp3_swap_context_id = (tSfPolicyUserContextId)*new_config;
dnp3_config_t *dnp3_policy = NULL;
if (dnp3_swap_context_id == NULL)
{
dnp3_swap_context_id = sfPolicyConfigCreate();
if (dnp3_swap_context_id == NULL)
{
DynamicPreprocessorFatalMessage("Failed to allocate memory "
"for DNP3 config.\n");
}
if (_dpd.streamAPI == NULL)
{
DynamicPreprocessorFatalMessage("SetupDNP3(): The Stream preprocessor "
"must be enabled.\n");
}
*new_config = (void *)dnp3_swap_context_id;
}
dnp3_policy = DNP3PerPolicyInit(sc, dnp3_swap_context_id);
ParseDNP3Args(sc, dnp3_policy, args);
PrintDNP3Config(dnp3_policy);
DNP3RegisterPerPolicyCallbacks(sc, dnp3_policy);
}
/* Almost like ModbusInit, but not quite. */
static void ModbusReload(struct _SnortConfig *sc, char *args, void **new_config)
{
tSfPolicyUserContextId modbus_swap_context_id = (tSfPolicyUserContextId)*new_config;
modbus_config_t *modbus_policy = NULL;
if (modbus_swap_context_id == NULL)
{
modbus_swap_context_id = sfPolicyConfigCreate();
if (modbus_swap_context_id == NULL)
{
_dpd.fatalMsg("Failed to allocate memory "
"for Modbus config.\n");
}
if (_dpd.streamAPI == NULL)
{
_dpd.fatalMsg("SetupModbus(): The Stream preprocessor "
"must be enabled.\n");
}
*new_config = (void *)modbus_swap_context_id;
}
modbus_policy = ModbusPerPolicyInit(sc, modbus_swap_context_id);
ParseModbusArgs(modbus_policy, args);
/* Can't add ports until they've been parsed... */
ModbusAddPortsToPaf(sc, modbus_policy, _dpd.getParserPolicy(sc));
ModbusPrintConfig(modbus_policy);
}
static inline void DNP3OneTimeInit(struct _SnortConfig *sc)
{
/* context creation & error checking */
dnp3_context_id = sfPolicyConfigCreate();
if (dnp3_context_id == NULL)
{
DynamicPreprocessorFatalMessage("Failed to allocate memory for "
"DNP3 config.\n");
}
if (_dpd.streamAPI == NULL)
{
DynamicPreprocessorFatalMessage("SetupDNP3(): The Stream preprocessor "
"must be enabled.\n");
}
/* callback registration */
_dpd.addPreprocConfCheck(sc, DNP3CheckConfig);
_dpd.addPreprocExit(DNP3CleanExit, NULL, PRIORITY_LAST, PP_DNP3);
#ifdef PERF_PROFILING
_dpd.addPreprocProfileFunc("dnp3", (void *)&dnp3PerfStats, 0, _dpd.totalPerfStats);
#endif
/* Set up target-based app id */
#ifdef TARGET_BASED
dnp3_app_id = _dpd.findProtocolReference("dnp3");
if (dnp3_app_id == SFTARGET_UNKNOWN_PROTOCOL)
dnp3_app_id = _dpd.addProtocolReference("dnp3");
#endif
}
static void SIPReload(struct _SnortConfig *sc, char *args, void **new_config)
{
tSfPolicyUserContextId sip_swap_config = (tSfPolicyUserContextId)*new_config;
tSfPolicyId policy_id = _dpd.getParserPolicy(sc);
SIPConfig * pPolicyConfig = NULL;
if (sip_swap_config == NULL)
{
//create a context
sip_swap_config = sfPolicyConfigCreate();
if (sip_swap_config == NULL)
{
DynamicPreprocessorFatalMessage("Failed to allocate memory for SIP config.\n");
}
*new_config = (void *)sip_swap_config;
}
sfPolicyUserPolicySet (sip_swap_config, policy_id);
pPolicyConfig = (SIPConfig *)sfPolicyUserDataGetCurrent(sip_swap_config);
if (pPolicyConfig != NULL)
{
DynamicPreprocessorFatalMessage("SIP preprocessor can only be configured once.\n");
}
pPolicyConfig = (SIPConfig *)calloc(1, sizeof(SIPConfig));
if (!pPolicyConfig)
{
DynamicPreprocessorFatalMessage("Could not allocate memory for "
"SIP preprocessor configuration.\n");
}
sfPolicyUserDataSetCurrent(sip_swap_config, pPolicyConfig);
SIP_RegRuleOptions(sc);
ParseSIPArgs(pPolicyConfig, (u_char *)args);
}
/* Initializes the SIP preprocessor module and registers
* it in the preprocessor list.
*
* PARAMETERS:
*
* argp: Pointer to argument string to process for config
* data.
*
* RETURNS: Nothing.
*/
static void SIPInit(struct _SnortConfig *sc, char *argp)
{
tSfPolicyId policy_id = _dpd.getParserPolicy(sc);
SIPConfig *pDefaultPolicyConfig = NULL;
SIPConfig *pPolicyConfig = NULL;
if (sip_config == NULL)
{
//create a context
sip_config = sfPolicyConfigCreate();
if (sip_config == NULL)
{
DynamicPreprocessorFatalMessage("Failed to allocate memory "
"for SIP config.\n");
}
_dpd.addPreprocConfCheck(sc, SIPCheckConfig);
_dpd.registerPreprocStats(SIP_NAME, SIP_PrintStats);
_dpd.addPreprocExit(SIPCleanExit, NULL, PRIORITY_LAST, PP_SIP);
#ifdef PERF_PROFILING
_dpd.addPreprocProfileFunc("sip", (void *)&sipPerfStats, 0, _dpd.totalPerfStats, NULL);
#endif
#ifdef TARGET_BASED
sip_app_id = _dpd.findProtocolReference("sip");
if (sip_app_id == SFTARGET_UNKNOWN_PROTOCOL)
sip_app_id = _dpd.addProtocolReference("sip");
// register with session to handle applications
_dpd.sessionAPI->register_service_handler( PP_SIP, sip_app_id );
#endif
}
sfPolicyUserPolicySet (sip_config, policy_id);
pDefaultPolicyConfig = (SIPConfig *)sfPolicyUserDataGetDefault(sip_config);
pPolicyConfig = (SIPConfig *)sfPolicyUserDataGetCurrent(sip_config);
if ((pPolicyConfig != NULL) && (pDefaultPolicyConfig == NULL))
{
DynamicPreprocessorFatalMessage("SIP preprocessor can only be "
"configured once.\n");
}
pPolicyConfig = (SIPConfig *)calloc(1, sizeof(SIPConfig));
if (!pPolicyConfig)
{
DynamicPreprocessorFatalMessage("Could not allocate memory for "
"SIP preprocessor configuration.\n");
}
sfPolicyUserDataSetCurrent(sip_config, pPolicyConfig);
SIP_RegRuleOptions(sc);
ParseSIPArgs(pPolicyConfig, (u_char *)argp);
}
static void SIPReload(char *args)
{
tSfPolicyId policy_id = _dpd.getParserPolicy();
SIPConfig * pPolicyConfig = NULL;
if (sip_swap_config == NULL)
{
//create a context
sip_swap_config = sfPolicyConfigCreate();
if (sip_swap_config == NULL)
{
DynamicPreprocessorFatalMessage("Failed to allocate memory "
"for SIP config.\n");
}
}
sfPolicyUserPolicySet (sip_swap_config, policy_id);
pPolicyConfig = (SIPConfig *)sfPolicyUserDataGetCurrent(sip_swap_config);
if (pPolicyConfig != NULL)
{
DynamicPreprocessorFatalMessage("SIP preprocessor can only be "
"configured once.\n");
}
pPolicyConfig = (SIPConfig *)calloc(1, sizeof(SIPConfig));
if (!pPolicyConfig)
{
DynamicPreprocessorFatalMessage("Could not allocate memory for "
"SIP preprocessor configuration.\n");
}
sfPolicyUserDataSetCurrent(sip_swap_config, pPolicyConfig);
SIP_RegRuleOptions();
ParseSIPArgs(pPolicyConfig, (u_char *)args);
if( pPolicyConfig->disabled )
return;
if (_dpd.streamAPI == NULL)
{
DynamicPreprocessorFatalMessage("SetupSIP(): The Stream preprocessor must be enabled.\n");
}
_dpd.addPreproc( SIPmain, PRIORITY_APPLICATION, PP_SIP, PROTO_BIT__UDP|PROTO_BIT__TCP );
_dpd.addPreprocReloadVerify(SIPReloadVerify);
_addPortsToStream5Filter(pPolicyConfig, policy_id);
#ifdef TARGET_BASED
_addServicesToStream5Filter(policy_id);
#endif
}
static void SSHReload(struct _SnortConfig *sc, char *args, void **new_config)
{
tSfPolicyUserContextId ssh_swap_config = (tSfPolicyUserContextId)*new_config;
tSfPolicyId policy_id = _dpd.getParserPolicy(sc);
SSHConfig * pPolicyConfig = NULL;
if (ssh_swap_config == NULL)
{
//create a context
ssh_swap_config = sfPolicyConfigCreate();
if (ssh_swap_config == NULL)
{
DynamicPreprocessorFatalMessage("Failed to allocate memory "
"for SSH config.\n");
}
if (_dpd.streamAPI == NULL)
{
DynamicPreprocessorFatalMessage("SetupSSH(): The Stream preprocessor must be enabled.\n");
}
*new_config = (void *)ssh_swap_config;
}
sfPolicyUserPolicySet (ssh_swap_config, policy_id);
pPolicyConfig = (SSHConfig *)sfPolicyUserDataGetCurrent(ssh_swap_config);
if (pPolicyConfig != NULL)
{
DynamicPreprocessorFatalMessage("SSH preprocessor can only be "
"configured once.\n");
}
pPolicyConfig = (SSHConfig *)calloc(1, sizeof(SSHConfig));
if (!pPolicyConfig)
{
DynamicPreprocessorFatalMessage("Could not allocate memory for "
"SSH preprocessor configuration.\n");
}
sfPolicyUserDataSetCurrent(ssh_swap_config, pPolicyConfig);
ParseSSHArgs(pPolicyConfig, (u_char *)args);
_dpd.addPreproc( sc, ProcessSSH, PRIORITY_APPLICATION, PP_SSH, PROTO_BIT__TCP );
_addPortsToStream5Filter(sc, pPolicyConfig, policy_id);
#ifdef TARGET_BASED
_addServicesToStream5Filter(sc, policy_id);
#endif
}
/* Initializes the File preprocessor module and registers
* it in the preprocessor list.
*
* PARAMETERS:
*
* argp: Pointer to argument string to process for config
* data.
*
* RETURNS: Nothing.
*/
static void FileInit(struct _SnortConfig *sc, char *argp)
{
tSfPolicyId policy_id = _dpd.getParserPolicy(sc);
FileInspectConf *pPolicyConfig = NULL;
if (file_config == NULL)
{
/*create a context*/
file_config = sfPolicyConfigCreate();
if (file_config == NULL)
{
DynamicPreprocessorFatalMessage("Failed to allocate memory "
"for File config.\n");
}
if (_dpd.streamAPI == NULL)
{
DynamicPreprocessorFatalMessage("SetupFile(): The Stream preprocessor must be enabled.\n");
}
_dpd.addPreprocConfCheck(sc, FileCheckConfig);
_dpd.registerPreprocStats(FILE_PREPROC_NAME, print_file_stats);
_dpd.addPreprocExit(FileCleanExit, NULL, PRIORITY_LAST, PP_FILE_INSPECT);
}
sfPolicyUserPolicySet (file_config, policy_id);
pPolicyConfig = (FileInspectConf *)sfPolicyUserDataGetCurrent(file_config);
if (pPolicyConfig != NULL)
{
DynamicPreprocessorFatalMessage("File preprocessor can only be "
"configured once.\n");
}
pPolicyConfig = (FileInspectConf *)calloc(1, sizeof(FileInspectConf));
if (!pPolicyConfig)
{
DynamicPreprocessorFatalMessage("Could not allocate memory for "
"File preprocessor configuration.\n");
}
sfPolicyUserDataSetCurrent(file_config, pPolicyConfig);
file_config_parse(pPolicyConfig, (u_char *)argp);
FileUpdateConfig(pPolicyConfig, file_config);
file_agent_init(pPolicyConfig);
_dpd.addPostConfigFunc(sc, file_agent_thread_init, pPolicyConfig);
}
static void FileReload(struct _SnortConfig *sc, char *args, void **new_config)
{
tSfPolicyUserContextId file_swap_config = (tSfPolicyUserContextId)*new_config;
tSfPolicyId policy_id = _dpd.getParserPolicy(sc);
FileInspectConf * pPolicyConfig = NULL;
if (file_swap_config == NULL)
{
//create a context
file_swap_config = sfPolicyConfigCreate();
if (file_swap_config == NULL)
{
DynamicPreprocessorFatalMessage("Failed to allocate memory "
"for File config.\n");
}
if (_dpd.streamAPI == NULL)
{
DynamicPreprocessorFatalMessage("SetupFile(): The Stream preprocessor must be enabled.\n");
}
*new_config = (void *)file_swap_config;
}
sfPolicyUserPolicySet (file_swap_config, policy_id);
pPolicyConfig = (FileInspectConf *)sfPolicyUserDataGetCurrent(file_swap_config);
if (pPolicyConfig != NULL)
{
DynamicPreprocessorFatalMessage("File preprocessor can only be "
"configured once.\n");
}
pPolicyConfig = (FileInspectConf *)calloc(1, sizeof(FileInspectConf));
if (!pPolicyConfig)
{
DynamicPreprocessorFatalMessage("Could not allocate memory for "
"File preprocessor configuration.\n");
}
sfPolicyUserDataSetCurrent(file_swap_config, pPolicyConfig);
file_config_parse(pPolicyConfig, (u_char *)args);
FileUpdateConfig(pPolicyConfig, file_config);
}
/*
* Function: SMTPInit(char *)
*
* Purpose: Calls the argument parsing function, performs final setup on data
* structs, links the preproc function into the function list.
*
* Arguments: args => ptr to argument string
*
* Returns: void function
*
*/
static void SMTPInit(struct _SnortConfig *sc, char *args)
{
SMTPToken *tmp;
tSfPolicyId policy_id = _dpd.getParserPolicy(sc);
SMTPConfig * pPolicyConfig = NULL;
if (smtp_config == NULL)
{
//create a context
smtp_config = sfPolicyConfigCreate();
if (smtp_config == NULL)
{
DynamicPreprocessorFatalMessage("Not enough memory to create SMTP "
"configuration.\n");
}
/* Initialize the searches not dependent on configuration.
* headers, reponsed, data, mime boundary regular expression */
SMTP_SearchInit();
/* zero out static SMTP global used for stateless SMTP or if there
* is no session pointer */
memset(&smtp_no_session, 0, sizeof(SMTP));
/* Put the preprocessor function into the function list */
/* _dpd.addPreproc(SMTPDetect, PRIORITY_APPLICATION, PP_SMTP, PROTO_BIT__TCP);*/
_dpd.addPreprocExit(SMTPCleanExitFunction, NULL, PRIORITY_LAST, PP_SMTP);
_dpd.addPreprocReset(SMTPResetFunction, NULL, PRIORITY_LAST, PP_SMTP);
_dpd.registerPreprocStats(SMTP_PROTO_REF_STR, SMTP_PrintStats);
_dpd.addPreprocResetStats(SMTPResetStatsFunction, NULL, PRIORITY_LAST, PP_SMTP);
_dpd.addPreprocConfCheck(sc, SMTPCheckConfig);
#ifdef TARGET_BASED
smtp_proto_id = _dpd.findProtocolReference(SMTP_PROTO_REF_STR);
if (smtp_proto_id == SFTARGET_UNKNOWN_PROTOCOL)
smtp_proto_id = _dpd.addProtocolReference(SMTP_PROTO_REF_STR);
// register with session to handle applications
_dpd.sessionAPI->register_service_handler( PP_SMTP, smtp_proto_id );
DEBUG_WRAP(DebugMessage(DEBUG_SMTP,"SMTP: Target-based: Proto id for %s: %u.\n",
SMTP_PROTO_REF_STR, smtp_proto_id););
/*
* Function: IMAPInit(char *)
*
* Purpose: Calls the argument parsing function, performs final setup on data
* structs, links the preproc function into the function list.
*
* Arguments: args => ptr to argument string
*
* Returns: void function
*
*/
static void IMAPInit(char *args)
{
IMAPToken *tmp;
tSfPolicyId policy_id = _dpd.getParserPolicy();
IMAPConfig * pPolicyConfig = NULL;
if (imap_config == NULL)
{
//create a context
imap_config = sfPolicyConfigCreate();
if (imap_config == NULL)
{
DynamicPreprocessorFatalMessage("Not enough memory to create IMAP "
"configuration.\n");
}
/* Initialize the searches not dependent on configuration.
* headers, reponsed, data, mime boundary regular expression */
IMAP_SearchInit();
/* zero out static IMAP global used for stateless IMAP or if there
* is no session pointer */
memset(&imap_no_session, 0, sizeof(IMAP));
/* Put the preprocessor function into the function list */
/* _dpd.addPreproc(IMAPDetect, PRIORITY_APPLICATION, PP_IMAP, PROTO_BIT__TCP);*/
_dpd.addPreprocExit(IMAPCleanExitFunction, NULL, PRIORITY_LAST, PP_IMAP);
_dpd.addPreprocReset(IMAPResetFunction, NULL, PRIORITY_LAST, PP_IMAP);
_dpd.addPreprocResetStats(IMAPResetStatsFunction, NULL, PRIORITY_LAST, PP_IMAP);
_dpd.addPreprocConfCheck(IMAPCheckConfig);
#ifdef TARGET_BASED
imap_proto_id = _dpd.findProtocolReference(IMAP_PROTO_REF_STR);
if (imap_proto_id == SFTARGET_UNKNOWN_PROTOCOL)
imap_proto_id = _dpd.addProtocolReference(IMAP_PROTO_REF_STR);
DEBUG_WRAP(DebugMessage(DEBUG_IMAP,"IMAP: Target-based: Proto id for %s: %u.\n",
IMAP_PROTO_REF_STR, imap_proto_id););
static void FTPTelnetInit(struct _SnortConfig *sc, char *args)
{
char *pcToken;
char ErrorString[ERRSTRLEN];
int iErrStrLen = ERRSTRLEN;
int iRet = 0;
tSfPolicyId policy_id = _dpd.getParserPolicy(sc);
FTPTELNET_GLOBAL_CONF *pPolicyConfig = NULL;
ErrorString[0] = '\0';
if ((args == NULL) || (strlen(args) == 0))
{
DynamicPreprocessorFatalMessage("%s(%d) No arguments to FtpTelnet "
"configuration.\n", *_dpd.config_file, *_dpd.config_line);
}
/* Find out what is getting configured */
maxToken = args + strlen(args);
pcToken = mystrtok(args, CONF_SEPARATORS);
if (pcToken == NULL)
{
DynamicPreprocessorFatalMessage("%s(%d)mystrtok returned NULL when it "
"should not.", __FILE__, __LINE__);
}
if (ftp_telnet_config == NULL)
{
//create a context
ftp_telnet_config = sfPolicyConfigCreate();
if (ftp_telnet_config == NULL)
{
DynamicPreprocessorFatalMessage("No memory to allocate "
"FTP/Telnet configuration.\n");
}
_dpd.addPreprocExit(FTPTelnetCleanExit, NULL, PRIORITY_APPLICATION, PP_FTPTELNET);
_dpd.addPreprocReset(FTPTelnetReset, NULL, PRIORITY_APPLICATION, PP_FTPTELNET);
_dpd.addPreprocResetStats(FTPTelnetResetStats, NULL, PRIORITY_APPLICATION, PP_FTPTELNET);
_dpd.addPreprocConfCheck(sc, FTPConfigCheck);
#ifdef PERF_PROFILING
_dpd.addPreprocProfileFunc("ftptelnet_ftp", (void*)&ftpPerfStats, 0, _dpd.totalPerfStats);
_dpd.addPreprocProfileFunc("ftptelnet_telnet", (void*)&telnetPerfStats, 0, _dpd.totalPerfStats);
_dpd.addPreprocProfileFunc("ftptelnet_ftpdata", (void*)&ftpdataPerfStats, 0, _dpd.totalPerfStats);
#endif
#ifdef TARGET_BASED
if (_dpd.streamAPI != NULL)
{
/* Find and store the application ID for FTP & Telnet */
ftp_app_id = _dpd.addProtocolReference("ftp");
ftp_data_app_id = _dpd.addProtocolReference("ftp-data");
telnet_app_id = _dpd.addProtocolReference("telnet");
}
// register with session to handle applications
_dpd.sessionAPI->register_service_handler( PP_FTPTELNET, ftp_app_id );
_dpd.sessionAPI->register_service_handler( PP_FTPTELNET, ftp_data_app_id );
_dpd.sessionAPI->register_service_handler( PP_FTPTELNET, telnet_app_id );
#endif
}
/*
* Global Configuration Processing
* We only process the global configuration once, but always check for
* user mistakes, like configuring more than once. That's why we
* still check for the global token even if it's been checked.
*/
sfPolicyUserPolicySet (ftp_telnet_config, policy_id);
pPolicyConfig = (FTPTELNET_GLOBAL_CONF *)sfPolicyUserDataGetCurrent(ftp_telnet_config);
if (pPolicyConfig == NULL)
{
if (strcasecmp(pcToken, GLOBAL) != 0)
{
DynamicPreprocessorFatalMessage("%s(%d) Must configure the "
"ftptelnet global configuration first.\n",
*_dpd.config_file, *_dpd.config_line);
}
pPolicyConfig =
(FTPTELNET_GLOBAL_CONF *)calloc(1, sizeof(FTPTELNET_GLOBAL_CONF));
if (pPolicyConfig == NULL)
{
DynamicPreprocessorFatalMessage("No memory to allocate "
"FTP/Telnet configuration.\n");
}
sfPolicyUserDataSetCurrent(ftp_telnet_config, pPolicyConfig);
iRet = FtpTelnetInitGlobalConfig(pPolicyConfig,
ErrorString, iErrStrLen);
if (iRet == 0)
{
iRet = ProcessFTPGlobalConf(pPolicyConfig,
ErrorString, iErrStrLen);
if (iRet == 0)
{
PrintFTPGlobalConf(pPolicyConfig);
_dpd.preprocOptRegister(sc, "ftp.bounce", &FTPPBounceInit, &FTPPBounceEval,
NULL, NULL, NULL, NULL, NULL);
#ifdef TARGET_BASED
if (_dpd.streamAPI != NULL)
{
_dpd.streamAPI->set_service_filter_status
(sc, ftp_app_id, PORT_MONITOR_SESSION, policy_id, 1);
_dpd.streamAPI->set_service_filter_status
(sc, telnet_app_id, PORT_MONITOR_SESSION, policy_id, 1);
}
#endif
}
}
}
else if (strcasecmp(pcToken, TELNET) == 0)
{
iRet = ProcessTelnetConf(pPolicyConfig, ErrorString, iErrStrLen);
enableFtpTelnetPortStreamServices( sc, &pPolicyConfig->telnet_config->proto_ports, NULL,
SSN_DIR_FROM_SERVER | SSN_DIR_FROM_CLIENT );
}
else if (strcasecmp(pcToken, FTP) == 0)
{
pcToken = NextToken(CONF_SEPARATORS);
if ( !pcToken )
{
DynamicPreprocessorFatalMessage(
"%s(%d) Missing ftp_telnet ftp keyword.\n",
*(_dpd.config_file), *(_dpd.config_line));
}
else if (strcasecmp(pcToken, SERVER) == 0)
{
iRet = ProcessFTPServerConf(sc, pPolicyConfig, ErrorString, iErrStrLen);
}
else if (strcasecmp(pcToken, CLIENT) == 0)
{
iRet = ProcessFTPClientConf(sc, pPolicyConfig, ErrorString, iErrStrLen);
}
else
{
DynamicPreprocessorFatalMessage("%s(%d) Invalid ftp_telnet ftp keyword.\n",
*(_dpd.config_file), *(_dpd.config_line));
}
}
else
{
DynamicPreprocessorFatalMessage("%s(%d) Invalid ftp_telnet keyword.\n",
*(_dpd.config_file), *(_dpd.config_line));
}
if (iRet)
{
if(iRet > 0)
{
/*
* Non-fatal Error
*/
if(*ErrorString)
{
_dpd.errMsg("WARNING: %s(%d) => %s\n",
*(_dpd.config_file), *(_dpd.config_line), ErrorString);
}
}
else
{
/*
* Fatal Error, log error and exit.
*/
if(*ErrorString)
{
DynamicPreprocessorFatalMessage("%s(%d) => %s\n",
*(_dpd.config_file), *(_dpd.config_line), ErrorString);
}
else
{
/*
* Check if ErrorString is undefined.
*/
if(iRet == -2)
{
DynamicPreprocessorFatalMessage("%s(%d) => ErrorString is undefined.\n",
*(_dpd.config_file), *(_dpd.config_line));
}
else
{
DynamicPreprocessorFatalMessage("%s(%d) => Undefined Error.\n",
*(_dpd.config_file), *(_dpd.config_line));
}
}
}
}
}
/*********************************************************************
* Function: DCE2_InitGlobal()
*
* Purpose: Initializes the global DCE/RPC preprocessor config.
*
* Arguments: snort.conf argument line for the DCE/RPC preprocessor.
*
* Returns: None
*
*********************************************************************/
static void DCE2_InitGlobal(char *args)
{
tSfPolicyId policy_id = _dpd.getParserPolicy();
DCE2_Config *pDefaultPolicyConfig = NULL;
DCE2_Config *pCurrentPolicyConfig = NULL;
if ((_dpd.streamAPI == NULL) || (_dpd.streamAPI->version != STREAM_API_VERSION5))
{
DCE2_Die("%s(%d) \"%s\" configuration: "
"Stream5 must be enabled with TCP and UDP tracking.",
*_dpd.config_file, *_dpd.config_line, DCE2_GNAME);
}
if (dce2_config == NULL)
{
dce2_config = sfPolicyConfigCreate();
if (dce2_config == NULL)
{
DCE2_Die("%s(%d) \"%s\" configuration: Could not allocate memory "
"configuration.\n",
*_dpd.config_file, *_dpd.config_line, DCE2_GNAME);
}
DCE2_MemInit();
DCE2_StatsInit();
DCE2_EventsInit();
/* Initialize reassembly packet */
DCE2_InitRpkts();
DCE2_SmbInitGlobals();
_dpd.addPreprocConfCheck(DCE2_CheckConfig);
_dpd.registerPreprocStats(DCE2_GNAME, DCE2_PrintStats);
_dpd.addPreprocReset(DCE2_Reset, NULL, PRIORITY_LAST, PP_DCE2);
_dpd.addPreprocResetStats(DCE2_ResetStats, NULL, PRIORITY_LAST, PP_DCE2);
_dpd.addPreprocExit(DCE2_CleanExit, NULL, PRIORITY_LAST, PP_DCE2);
#ifdef PERF_PROFILING
_dpd.addPreprocProfileFunc(DCE2_PSTAT__MAIN, &dce2_pstat_main, 0, _dpd.totalPerfStats);
_dpd.addPreprocProfileFunc(DCE2_PSTAT__SESSION, &dce2_pstat_session, 1, &dce2_pstat_main);
_dpd.addPreprocProfileFunc(DCE2_PSTAT__NEW_SESSION, &dce2_pstat_new_session, 2, &dce2_pstat_session);
_dpd.addPreprocProfileFunc(DCE2_PSTAT__SSN_STATE, &dce2_pstat_session_state, 2, &dce2_pstat_session);
_dpd.addPreprocProfileFunc(DCE2_PSTAT__LOG, &dce2_pstat_log, 1, &dce2_pstat_main);
_dpd.addPreprocProfileFunc(DCE2_PSTAT__DETECT, &dce2_pstat_detect, 1, &dce2_pstat_main);
_dpd.addPreprocProfileFunc(DCE2_PSTAT__SMB_SEG, &dce2_pstat_smb_seg, 1, &dce2_pstat_main);
_dpd.addPreprocProfileFunc(DCE2_PSTAT__SMB_REQ, &dce2_pstat_smb_req, 1, &dce2_pstat_main);
_dpd.addPreprocProfileFunc(DCE2_PSTAT__SMB_UID, &dce2_pstat_smb_uid, 1, &dce2_pstat_main);
_dpd.addPreprocProfileFunc(DCE2_PSTAT__SMB_TID, &dce2_pstat_smb_tid, 1, &dce2_pstat_main);
_dpd.addPreprocProfileFunc(DCE2_PSTAT__SMB_FID, &dce2_pstat_smb_fid, 1, &dce2_pstat_main);
_dpd.addPreprocProfileFunc(DCE2_PSTAT__SMB_FP, &dce2_pstat_smb_fingerprint, 1, &dce2_pstat_main);
_dpd.addPreprocProfileFunc(DCE2_PSTAT__SMB_NEG, &dce2_pstat_smb_negotiate, 1, &dce2_pstat_main);
_dpd.addPreprocProfileFunc(DCE2_PSTAT__CO_SEG, &dce2_pstat_co_seg, 1, &dce2_pstat_main);
_dpd.addPreprocProfileFunc(DCE2_PSTAT__CO_FRAG, &dce2_pstat_co_frag, 1, &dce2_pstat_main);
_dpd.addPreprocProfileFunc(DCE2_PSTAT__CO_REASS, &dce2_pstat_co_reass, 1, &dce2_pstat_main);
_dpd.addPreprocProfileFunc(DCE2_PSTAT__CO_CTX, &dce2_pstat_co_ctx, 1, &dce2_pstat_main);
_dpd.addPreprocProfileFunc(DCE2_PSTAT__CL_ACTS, &dce2_pstat_cl_acts, 1, &dce2_pstat_main);
_dpd.addPreprocProfileFunc(DCE2_PSTAT__CL_FRAG, &dce2_pstat_cl_frag, 1, &dce2_pstat_main);
_dpd.addPreprocProfileFunc(DCE2_PSTAT__CL_REASS, &dce2_pstat_cl_reass, 1, &dce2_pstat_main);
#endif
#ifdef TARGET_BASED
dce2_proto_ids.dcerpc = _dpd.findProtocolReference(DCE2_PROTO_REF_STR__DCERPC);
if (dce2_proto_ids.dcerpc == SFTARGET_UNKNOWN_PROTOCOL)
dce2_proto_ids.dcerpc = _dpd.addProtocolReference(DCE2_PROTO_REF_STR__DCERPC);
/* smb and netbios-ssn refer to the same thing */
dce2_proto_ids.nbss = _dpd.findProtocolReference(DCE2_PROTO_REF_STR__NBSS);
if (dce2_proto_ids.nbss == SFTARGET_UNKNOWN_PROTOCOL)
dce2_proto_ids.nbss = _dpd.addProtocolReference(DCE2_PROTO_REF_STR__NBSS);
#endif
}
sfPolicyUserPolicySet(dce2_config, policy_id);
pDefaultPolicyConfig = (DCE2_Config *)sfPolicyUserDataGetDefault(dce2_config);
pCurrentPolicyConfig = (DCE2_Config *)sfPolicyUserDataGetCurrent(dce2_config);
if ((policy_id != 0) && (pDefaultPolicyConfig == NULL))
{
DCE2_Die("%s(%d) \"%s\" configuration: Must configure default policy "
"if other policies are to be configured.\n",
*_dpd.config_file, *_dpd.config_line, DCE2_GNAME);
}
/* Can only do one global configuration */
if (pCurrentPolicyConfig != NULL)
{
DCE2_Die("%s(%d) \"%s\" configuration: Only one global configuration can be specified.",
*_dpd.config_file, *_dpd.config_line, DCE2_GNAME);
}
DCE2_RegRuleOptions();
pCurrentPolicyConfig = (DCE2_Config *)DCE2_Alloc(sizeof(DCE2_Config), DCE2_MEM_TYPE__CONFIG);
sfPolicyUserDataSetCurrent(dce2_config, pCurrentPolicyConfig);
/* Parse configuration args */
DCE2_GlobalConfigure(pCurrentPolicyConfig, args);
if (policy_id != 0)
pCurrentPolicyConfig->gconfig->memcap = pDefaultPolicyConfig->gconfig->memcap;
if ( pCurrentPolicyConfig->gconfig->disabled )
return;
/* Register callbacks */
_dpd.addPreproc(DCE2_Main, PRIORITY_APPLICATION,
PP_DCE2, PROTO_BIT__TCP | PROTO_BIT__UDP);
#ifdef TARGET_BASED
_dpd.streamAPI->set_service_filter_status
(dce2_proto_ids.dcerpc, PORT_MONITOR_SESSION, policy_id, 1);
_dpd.streamAPI->set_service_filter_status
(dce2_proto_ids.nbss, PORT_MONITOR_SESSION, policy_id, 1);
#endif
}
/* Initializes the SIP preprocessor module and registers
* it in the preprocessor list.
*
* PARAMETERS:
*
* argp: Pointer to argument string to process for config
* data.
*
* RETURNS: Nothing.
*/
static void SIPInit(char *argp)
{
tSfPolicyId policy_id = _dpd.getParserPolicy();
SIPConfig *pDefaultPolicyConfig = NULL;
SIPConfig *pPolicyConfig = NULL;
if (sip_config == NULL)
{
//create a context
sip_config = sfPolicyConfigCreate();
if (sip_config == NULL)
{
DynamicPreprocessorFatalMessage("Failed to allocate memory "
"for SIP config.\n");
}
_dpd.addPreprocConfCheck(SIPCheckConfig);
_dpd.registerPreprocStats(SIP_NAME, SIP_PrintStats);
_dpd.addPreprocExit(SIPCleanExit, NULL, PRIORITY_LAST, PP_SIP);
#ifdef PERF_PROFILING
_dpd.addPreprocProfileFunc("sip", (void *)&sipPerfStats, 0, _dpd.totalPerfStats);
#endif
#ifdef TARGET_BASED
sip_app_id = _dpd.findProtocolReference("sip");
if (sip_app_id == SFTARGET_UNKNOWN_PROTOCOL)
sip_app_id = _dpd.addProtocolReference("sip");
#endif
}
sfPolicyUserPolicySet (sip_config, policy_id);
pDefaultPolicyConfig = (SIPConfig *)sfPolicyUserDataGetDefault(sip_config);
pPolicyConfig = (SIPConfig *)sfPolicyUserDataGetCurrent(sip_config);
if ((pPolicyConfig != NULL) && (pDefaultPolicyConfig == NULL))
{
DynamicPreprocessorFatalMessage("SIP preprocessor can only be "
"configured once.\n");
}
pPolicyConfig = (SIPConfig *)calloc(1, sizeof(SIPConfig));
if (!pPolicyConfig)
{
DynamicPreprocessorFatalMessage("Could not allocate memory for "
"SIP preprocessor configuration.\n");
}
sfPolicyUserDataSetCurrent(sip_config, pPolicyConfig);
SIP_RegRuleOptions();
ParseSIPArgs(pPolicyConfig, (u_char *)argp);
if (policy_id != 0)
pPolicyConfig->maxNumSessions = pDefaultPolicyConfig->maxNumSessions;
if ( pPolicyConfig->disabled )
return;
if (_dpd.streamAPI == NULL)
{
DynamicPreprocessorFatalMessage("SetupSIP(): The Stream preprocessor must be enabled.\n");
}
_dpd.addPreproc( SIPmain, PRIORITY_APPLICATION, PP_SIP, PROTO_BIT__UDP|PROTO_BIT__TCP );
_addPortsToStream5Filter(pPolicyConfig, policy_id);
#ifdef TARGET_BASED
_addServicesToStream5Filter(policy_id);
#endif
}
/* Initializes the SSH preprocessor module and registers
* it in the preprocessor list.
*
* PARAMETERS:
*
* argp: Pointer to argument string to process for config
* data.
*
* RETURNS: Nothing.
*/
static void SSHInit(char *argp)
{
tSfPolicyId policy_id = _dpd.getParserPolicy();
SSHConfig *pPolicyConfig = NULL;
if (ssh_config == NULL)
{
//create a context
ssh_config = sfPolicyConfigCreate();
if (ssh_config == NULL)
{
DynamicPreprocessorFatalMessage("Failed to allocate memory "
"for SSH config.\n");
}
if (_dpd.streamAPI == NULL)
{
DynamicPreprocessorFatalMessage("SetupSSH(): The Stream preprocessor must be enabled.\n");
}
_dpd.addPreprocConfCheck(SSHCheckConfig);
_dpd.addPreprocExit(SSHCleanExit, NULL, PRIORITY_LAST, PP_SSH);
#ifdef PERF_PROFILING
_dpd.addPreprocProfileFunc("ssh", (void *)&sshPerfStats, 0, _dpd.totalPerfStats);
#endif
#ifdef TARGET_BASED
ssh_app_id = _dpd.findProtocolReference("ssh");
if (ssh_app_id == SFTARGET_UNKNOWN_PROTOCOL)
ssh_app_id = _dpd.addProtocolReference("ssh");
#endif
}
sfPolicyUserPolicySet (ssh_config, policy_id);
pPolicyConfig = (SSHConfig *)sfPolicyUserDataGetCurrent(ssh_config);
if (pPolicyConfig != NULL)
{
DynamicPreprocessorFatalMessage("SSH preprocessor can only be "
"configured once.\n");
}
pPolicyConfig = (SSHConfig *)calloc(1, sizeof(SSHConfig));
if (!pPolicyConfig)
{
DynamicPreprocessorFatalMessage("Could not allocate memory for "
"SSH preprocessor configuration.\n");
}
sfPolicyUserDataSetCurrent(ssh_config, pPolicyConfig);
ParseSSHArgs(pPolicyConfig, (u_char *)argp);
_dpd.addPreproc( ProcessSSH, PRIORITY_APPLICATION, PP_SSH, PROTO_BIT__TCP );
_addPortsToStream5Filter(pPolicyConfig, policy_id);
#ifdef TARGET_BASED
_addServicesToStream5Filter(policy_id);
#endif
}
void SSLReload(struct _SnortConfig *sc, char *args, void **new_config)
{
tSfPolicyUserContextId ssl_swap_config = (tSfPolicyUserContextId)*new_config;
tSfPolicyId policy_id = _dpd.getParserPolicy(sc);
SSLPP_config_t * pPolicyConfig = NULL;
if (ssl_swap_config == NULL)
{
//create a context
ssl_swap_config = sfPolicyConfigCreate();
if (ssl_swap_config == NULL)
{
DynamicPreprocessorFatalMessage("Could not allocate memory for the "
"SSL preprocessor configuration.\n");
}
if (_dpd.streamAPI == NULL)
{
DynamicPreprocessorFatalMessage(
"SSLPP_init(): The Stream preprocessor must be enabled.\n");
}
*new_config = (void *)ssl_swap_config;
}
sfPolicyUserPolicySet (ssl_swap_config, policy_id);
pPolicyConfig = (SSLPP_config_t *)sfPolicyUserDataGetCurrent(ssl_swap_config);
if (pPolicyConfig != NULL)
{
DynamicPreprocessorFatalMessage("SSL preprocessor can only be "
"configured once.\n");
}
pPolicyConfig = (SSLPP_config_t *)calloc(1, sizeof(SSLPP_config_t));
if (pPolicyConfig == NULL)
{
DynamicPreprocessorFatalMessage("Could not allocate memory for the "
"SSL preprocessor configuration.\n");
}
sfPolicyUserDataSetCurrent(ssl_swap_config, pPolicyConfig);
SSLPP_init_config(pPolicyConfig);
SSLPP_config(pPolicyConfig, args);
SSLPP_print_config(pPolicyConfig);
_dpd.preprocOptRegister(sc, "ssl_state", SSLPP_state_init, SSLPP_rule_eval,
free, NULL, NULL, NULL, NULL);
_dpd.preprocOptRegister(sc, "ssl_version", SSLPP_ver_init, SSLPP_rule_eval,
free, NULL, NULL, NULL, NULL);
_dpd.addPreproc(sc, SSLPP_process, PRIORITY_APPLICATION, PP_SSL, PROTO_BIT__TCP);
registerPortsForDispatch( sc, pPolicyConfig );
registerPortsForReassembly( pPolicyConfig, SSN_DIR_FROM_SERVER | SSN_DIR_FROM_CLIENT );
_addPortsToStream5Filter(sc, pPolicyConfig, policy_id);
#ifdef TARGET_BASED
_addServicesToStream5Filter(sc, policy_id);
#endif
}
void SSLPP_init(struct _SnortConfig *sc, char *args)
{
tSfPolicyId policy_id = _dpd.getParserPolicy(sc);
SSLPP_config_t *pPolicyConfig = NULL;
if (ssl_config == NULL)
{
//create a context
ssl_config = sfPolicyConfigCreate();
if (ssl_config == NULL)
{
DynamicPreprocessorFatalMessage("Could not allocate memory for the "
"SSL preprocessor configuration.\n");
}
if (_dpd.streamAPI == NULL)
{
DynamicPreprocessorFatalMessage(
"SSLPP_init(): The Stream preprocessor must be enabled.\n");
}
SSL_InitGlobals();
_dpd.registerPreprocStats("ssl", SSLPP_drop_stats);
_dpd.addPreprocConfCheck(sc, SSLPP_CheckConfig);
_dpd.addPreprocExit(SSLCleanExit, NULL, PRIORITY_LAST, PP_SSL);
_dpd.addPreprocResetStats(SSLResetStats, NULL, PRIORITY_LAST, PP_SSL);
#ifdef PERF_PROFILING
_dpd.addPreprocProfileFunc("ssl", (void *)&sslpp_perf_stats, 0, _dpd.totalPerfStats);
#endif
#ifdef ENABLE_HA
_dpd.addFuncToPostConfigList(sc, SSLHAPostConfigInit, NULL);
#endif
#ifdef TARGET_BASED
ssl_app_id = _dpd.findProtocolReference("ssl");
if (ssl_app_id == SFTARGET_UNKNOWN_PROTOCOL)
{
ssl_app_id = _dpd.addProtocolReference("ssl");
}
_dpd.sessionAPI->register_service_handler( PP_SSL, ssl_app_id );
#endif
}
sfPolicyUserPolicySet (ssl_config, policy_id);
pPolicyConfig = (SSLPP_config_t *)sfPolicyUserDataGetCurrent(ssl_config);
if (pPolicyConfig != NULL)
{
DynamicPreprocessorFatalMessage("SSL preprocessor can only be "
"configured once.\n");
}
pPolicyConfig = (SSLPP_config_t *)calloc(1, sizeof(SSLPP_config_t));
if (pPolicyConfig == NULL)
{
DynamicPreprocessorFatalMessage("Could not allocate memory for the "
"SSL preprocessor configuration.\n");
}
sfPolicyUserDataSetCurrent(ssl_config, pPolicyConfig);
SSLPP_init_config(pPolicyConfig);
SSLPP_config(pPolicyConfig, args);
SSLPP_print_config(pPolicyConfig);
_dpd.preprocOptRegister(sc, "ssl_state", SSLPP_state_init, SSLPP_rule_eval,
free, NULL, NULL, NULL, NULL);
_dpd.preprocOptRegister(sc, "ssl_version", SSLPP_ver_init, SSLPP_rule_eval,
free, NULL, NULL, NULL, NULL);
_dpd.addPreproc( sc, SSLPP_process, PRIORITY_APPLICATION, PP_SSL, PROTO_BIT__TCP );
registerPortsForDispatch( sc, pPolicyConfig );
registerPortsForReassembly( pPolicyConfig, SSN_DIR_FROM_SERVER | SSN_DIR_FROM_CLIENT );
_addPortsToStream5Filter(sc, pPolicyConfig, policy_id);
#ifdef TARGET_BASED
_addServicesToStream5Filter(sc, policy_id);
#endif
}
/*********************************************************************
* Function: DCE2_ReloadGlobal()
*
* Purpose: Creates a new global DCE/RPC preprocessor config.
*
* Arguments: snort.conf argument line for the DCE/RPC preprocessor.
*
* Returns: None
*
*********************************************************************/
static void DCE2_ReloadGlobal(char *args)
{
tSfPolicyId policy_id = _dpd.getParserPolicy();
DCE2_Config *pDefaultPolicyConfig = NULL;
DCE2_Config *pCurrentPolicyConfig = NULL;
if ((_dpd.streamAPI == NULL) || (_dpd.streamAPI->version != STREAM_API_VERSION5))
{
DCE2_Die("%s(%d) \"%s\" configuration: "
"Stream5 must be enabled with TCP and UDP tracking.",
*_dpd.config_file, *_dpd.config_line, DCE2_GNAME);
}
if (dce2_swap_config == NULL)
{
//create a context
dce2_swap_config = sfPolicyConfigCreate();
if (dce2_swap_config == NULL)
{
DCE2_Die("%s(%d) \"%s\" configuration: Could not allocate memory "
"configuration.\n",
*_dpd.config_file, *_dpd.config_line, DCE2_GNAME);
}
_dpd.addPreprocReloadVerify(DCE2_ReloadVerify);
}
sfPolicyUserPolicySet(dce2_swap_config, policy_id);
pDefaultPolicyConfig = (DCE2_Config *)sfPolicyUserDataGetDefault(dce2_swap_config);
pCurrentPolicyConfig = (DCE2_Config *)sfPolicyUserDataGetCurrent(dce2_swap_config);
if ((policy_id != 0) && (pDefaultPolicyConfig == NULL))
{
DCE2_Die("%s(%d) \"%s\" configuration: Must configure default policy "
"if other policies are to be configured.\n",
*_dpd.config_file, *_dpd.config_line, DCE2_GNAME);
}
/* Can only do one global configuration */
if (pCurrentPolicyConfig != NULL)
{
DCE2_Die("%s(%d) \"%s\" configuration: Only one global configuration can be specified.",
*_dpd.config_file, *_dpd.config_line, DCE2_GNAME);
}
DCE2_RegRuleOptions();
pCurrentPolicyConfig = (DCE2_Config *)DCE2_Alloc(sizeof(DCE2_Config),
DCE2_MEM_TYPE__CONFIG);
sfPolicyUserDataSetCurrent(dce2_swap_config, pCurrentPolicyConfig);
/* Parse configuration args */
DCE2_GlobalConfigure(pCurrentPolicyConfig, args);
if ( pCurrentPolicyConfig->gconfig->disabled )
return;
_dpd.addPreproc(DCE2_Main, PRIORITY_APPLICATION, PP_DCE2,
PROTO_BIT__TCP | PROTO_BIT__UDP);
#ifdef TARGET_BASED
_dpd.streamAPI->set_service_filter_status
(dce2_proto_ids.dcerpc, PORT_MONITOR_SESSION, policy_id, 1);
_dpd.streamAPI->set_service_filter_status
(dce2_proto_ids.nbss, PORT_MONITOR_SESSION, policy_id, 1);
#endif
if (policy_id != 0)
pCurrentPolicyConfig->gconfig->memcap = pDefaultPolicyConfig->gconfig->memcap;
}
/* Initializes the GTP preprocessor module and registers
* it in the preprocessor list.
*
* PARAMETERS:
*
* argp: Pointer to argument string to process for config data.
*
* RETURNS: Nothing.
*/
static void GTPInit(char *argp)
{
tSfPolicyId policy_id = _dpd.getParserPolicy();
GTPConfig *pDefaultPolicyConfig = NULL;
GTPConfig *pPolicyConfig = NULL;
if (gtp_config == NULL)
{
/*create a context*/
gtp_config = sfPolicyConfigCreate();
if (gtp_config == NULL)
{
DynamicPreprocessorFatalMessage("Failed to allocate memory "
"for GTP config.\n");
}
_dpd.addPreprocConfCheck(GTPCheckConfig);
_dpd.registerPreprocStats(GTP_NAME, GTP_PrintStats);
_dpd.addPreprocExit(GTPCleanExit, NULL, PRIORITY_LAST, PP_GTP);
#ifdef PERF_PROFILING
_dpd.addPreprocProfileFunc("gtp", (void *)>pPerfStats, 0, _dpd.totalPerfStats);
#endif
#ifdef TARGET_BASED
gtp_app_id = _dpd.findProtocolReference("gtp");
if (gtp_app_id == SFTARGET_UNKNOWN_PROTOCOL)
gtp_app_id = _dpd.addProtocolReference("gtp");
#endif
}
sfPolicyUserPolicySet (gtp_config, policy_id);
pDefaultPolicyConfig = (GTPConfig *)sfPolicyUserDataGetDefault(gtp_config);
pPolicyConfig = (GTPConfig *)sfPolicyUserDataGetCurrent(gtp_config);
if ((pPolicyConfig != NULL) && (pDefaultPolicyConfig == NULL))
{
DynamicPreprocessorFatalMessage("GTP preprocessor can only be "
"configured once.\n");
}
pPolicyConfig = (GTPConfig *)calloc(1, sizeof(GTPConfig));
if (!pPolicyConfig)
{
DynamicPreprocessorFatalMessage("Could not allocate memory for "
"GTP preprocessor configuration.\n");
}
sfPolicyUserDataSetCurrent(gtp_config, pPolicyConfig);
GTP_RegRuleOptions();
ParseGTPArgs(pPolicyConfig, (u_char *)argp);
if (_dpd.streamAPI == NULL)
{
DynamicPreprocessorFatalMessage("SetupGTP(): The Stream preprocessor must be enabled.\n");
}
_dpd.addPreproc( GTPmain, PRIORITY_APPLICATION, PP_GTP, PROTO_BIT__UDP );
_addPortsToStream5Filter(pPolicyConfig, policy_id);
#ifdef TARGET_BASED
_addServicesToStream5Filter(policy_id);
#endif
}
