/*
* Function: TelnetStatelessSessionInspection(Packet *p,
* FTPTELNET_GLOBAL_CONF *GlobalConf,
* TELNET_SESSION **TelnetSession,
* FTPP_SI_INPUT *SiInput)
*
* Purpose: Initialize the session and server configurations for this
* packet/stream. It is important to note in stateless mode that
* we assume no knowledge of the state of a connection, other
* than the knowledge that we can glean from an individual packet.
* So in essence, each packet is it's own session and there
* is no knowledge retained from one packet to another. If you
* want to track a telnet session for real, use stateful mode.
*
* In this function, we set the Session pointer (which includes
* the correct server configuration). The actual processing to
* find which IP is the server and which is the client, is done in
* the InitServerConf() function.
*
* Arguments: p => pointer to the packet/stream
* GlobalConf => pointer to the global configuration
* Session => double pointer to the Session structure
* SiInput => pointer to the session information
*
* Returns: int => return code indicating error or success
*
*/
static int TelnetStatelessSessionInspection(SFSnortPacket *p,
FTPTELNET_GLOBAL_CONF *GlobalConf,
TELNET_SESSION **Session,
FTPP_SI_INPUT *SiInput)
{
static TELNET_SESSION StaticSession;
TelnetResetSession(&StaticSession);
StaticSession.telnet_conf = &GlobalConf->global_telnet;
StaticSession.global_conf = GlobalConf;
*Session = &StaticSession;
return FTPP_SUCCESS;
}
/*
* Function: TelnetStatelessSessionInspection(Packet *p,
* FTPTELNET_GLOBAL_CONF *GlobalConf,
* TELNET_SESSION **TelnetSession,
* FTPP_SI_INPUT *SiInput)
*
* Purpose: Initialize the session and server configurations for this
* packet/stream. It is important to note in stateless mode that
* we assume no knowledge of the state of a connection, other
* than the knowledge that we can glean from an individual packet.
* So in essence, each packet is it's own session and there
* is no knowledge retained from one packet to another. If you
* want to track a telnet session for real, use stateful mode.
*
* In this function, we set the Session pointer (which includes
* the correct server configuration). The actual processing to
* find which IP is the server and which is the client, is done in
* the InitServerConf() function.
*
* Arguments: p => pointer to the packet/stream
* GlobalConf => pointer to the global configuration
* Session => double pointer to the Session structure
* SiInput => pointer to the session information
*
* Returns: int => return code indicating error or success
*
*/
static int TelnetStatelessSessionInspection(SFSnortPacket *p,
FTPTELNET_GLOBAL_CONF *GlobalConf,
TELNET_SESSION **Session,
FTPP_SI_INPUT *SiInput)
{
static TELNET_SESSION TelnetStaticSession;
TelnetResetSession(&TelnetStaticSession);
SiInput->pproto = FTPP_SI_PROTO_TELNET;
TelnetStaticSession.telnet_conf = GlobalConf->telnet_config;
TelnetStaticSession.global_conf = ftp_telnet_config;
*Session = &TelnetStaticSession;
return FTPP_SUCCESS;
}
/*
* Function: TelnetStatefulSessionInspection(Packet *p,
* FTPTELNET_GLOBAL_CONF *GlobalConf,
* TELNET_SESSION **TelnetSession,
* FTPP_SI_INPUT *SiInput)
*
* Purpose: Initialize the session and server configurations for
* this packet/stream. In this function, we set the Session
* pointer (which includes the correct server configuration).
* The actual processing to find which IP is the server and
* which is the client, is done in the InitServerConf() function.
*
* Arguments: p => pointer to the packet/stream
* GlobalConf => pointer to the global configuration
* Session => double pointer to the Session structure
* SiInput => pointer to the session information
*
* Returns: int => return code indicating error or success
*
*/
static int TelnetStatefulSessionInspection(SFSnortPacket *p,
FTPTELNET_GLOBAL_CONF *GlobalConf,
TELNET_SESSION **TelnetSession,
FTPP_SI_INPUT *SiInput)
{
TELNET_SESSION *NewSession;
/*
* First, check if there is already a session pointer.
*/
if (p->stream_session_ptr)
{
*TelnetSession =
_dpd.streamAPI->get_application_data(p->stream_session_ptr, PP_TELNET);
if (*TelnetSession)
return FTPP_SUCCESS;
}
/*
* If not, create a new one, and initialize it.
*/
NewSession = (TELNET_SESSION *)calloc(1, sizeof(TELNET_SESSION));
if (NewSession == NULL)
{
DynamicPreprocessorFatalMessage("%s(%d) => Failed to allocate memory for new Telnet session\n",
*(_dpd.config_file), *(_dpd.config_line));
}
TelnetResetSession(NewSession);
NewSession->telnet_conf = &GlobalConf->global_telnet;
NewSession->global_conf = GlobalConf;
*TelnetSession = NewSession;
return FTPP_SUCCESS;
}
/*
* Function: TelnetStatefulSessionInspection(Packet *p,
* FTPTELNET_GLOBAL_CONF *GlobalConf,
* TELNET_SESSION **TelnetSession,
* FTPP_SI_INPUT *SiInput)
*
* Purpose: Initialize the session and server configurations for
* this packet/stream. In this function, we set the Session
* pointer (which includes the correct server configuration).
* The actual processing to find which IP is the server and
* which is the client, is done in the InitServerConf() function.
*
* Arguments: p => pointer to the packet/stream
* GlobalConf => pointer to the global configuration
* Session => double pointer to the Session structure
* SiInput => pointer to the session information
*
* Returns: int => return code indicating error or success
*
*/
static int TelnetStatefulSessionInspection(SFSnortPacket *p,
FTPTELNET_GLOBAL_CONF *GlobalConf,
TELNET_SESSION **TelnetSession,
FTPP_SI_INPUT *SiInput)
{
if (p->stream_session_ptr)
{
TELNET_SESSION *NewSession = (TELNET_SESSION *)calloc(1, sizeof(TELNET_SESSION));
tSfPolicyId policy_id = _dpd.getRuntimePolicy();
if (NewSession == NULL)
{
DynamicPreprocessorFatalMessage("Failed to allocate memory for "
"new Telnet session.\n");
}
TelnetResetSession(NewSession);
NewSession->ft_ssn.proto = FTPP_SI_PROTO_TELNET;
NewSession->telnet_conf = GlobalConf->telnet_config;
NewSession->global_conf = ftp_telnet_config;
NewSession->policy_id = policy_id;
GlobalConf->ref_count++;
SiInput->pproto = FTPP_SI_PROTO_TELNET;
_dpd.streamAPI->set_application_data(p->stream_session_ptr,
PP_FTPTELNET, NewSession, &TelnetFreeSession);
*TelnetSession = NewSession;
return FTPP_SUCCESS;
}
return FTPP_NONFATAL_ERR;
}
