C++ (Cpp) _addServicesToStreamFilterの例

コード例 #1

ファイル: spp_modbus.c プロジェクト: GumpChan/blackcat

/* Responsible for allocating a Modbus policy. Never returns NULL. */
static inline modbus_config_t * ModbusPerPolicyInit(struct _SnortConfig *sc, tSfPolicyUserContextId context_id)
{
    tSfPolicyId policy_id = _dpd.getParserPolicy(sc);
    modbus_config_t *modbus_policy = NULL;

    /* Check for existing policy & bail if found */
    sfPolicyUserPolicySet(context_id, policy_id);
    modbus_policy = (modbus_config_t *)sfPolicyUserDataGetCurrent(context_id);
    if (modbus_policy != NULL)
    {
        _dpd.fatalMsg("%s(%d) Modbus preprocessor can only be "
                      "configured once.\n", *_dpd.config_file, *_dpd.config_line);
    }

    /* Allocate new policy */
    modbus_policy = (modbus_config_t *)calloc(1, sizeof(modbus_config_t));
    if (!modbus_policy)
    {
        _dpd.fatalMsg("%s(%d) Could not allocate memory for "
                      "modbus preprocessor configuration.\n"
                      , *_dpd.config_file, *_dpd.config_line);
    }

    sfPolicyUserDataSetCurrent(context_id, modbus_policy);

    /* Register callbacks that are done for each policy */
    _dpd.addPreproc(sc, ProcessModbus, PRIORITY_APPLICATION, PP_MODBUS, PROTO_BIT__TCP);
   _addPortsToStreamFilter(sc, modbus_policy, policy_id);
#ifdef TARGET_BASED
    _addServicesToStreamFilter(sc, policy_id);
#endif

    /* Add preprocessor rule options here */
    /* _dpd.preprocOptRegister("foo_bar", FOO_init, FOO_rule_eval, free, NULL, NULL, NULL, NULL); */
    _dpd.preprocOptRegister(sc, "modbus_func", ModbusFuncInit, ModbusRuleEval, free, NULL, NULL, NULL, NULL);
    _dpd.preprocOptRegister(sc, "modbus_unit", ModbusUnitInit, ModbusRuleEval, free, NULL, NULL, NULL, NULL);
    _dpd.preprocOptRegister(sc, "modbus_data", ModbusDataInit, ModbusRuleEval, free, NULL, NULL, NULL, NULL);

    return modbus_policy;
}

コード例 #2

ファイル: spp_sip.c プロジェクト: BMNLabs/snort

static int SIPCheckPolicyConfig(struct _SnortConfig *sc, tSfPolicyUserContextId config, tSfPolicyId policy_id, void* pData)
{
    SIPConfig *sip_policy = ( SIPConfig * ) pData;

    if ( sip_policy->disabled )
        return 0;

    if (!_dpd.isPreprocEnabled(sc, PP_STREAM))
    {
        _dpd.errMsg("SIPCheckPolicyConfig(): The Stream preprocessor must be enabled.\n");
        return -1;
    }

    if (policy_id != 0)
    {
        SIPConfig *default_sip_policy = ( SIPConfig * ) sfPolicyUserDataGetDefault( config );
        if(default_sip_policy == NULL)
        {
            _dpd.errMsg("SIPCheckPolicyConfig(): SIP default policy must be configured\n");
            return -1;
        }

        sip_policy->maxNumSessions = default_sip_policy->maxNumSessions;
     }
    
    _dpd.setParserPolicy( sc, policy_id );
    _dpd.addPreproc( sc, SIPmain, PRIORITY_APPLICATION, PP_SIP, PROTO_BIT__UDP|PROTO_BIT__TCP );

    // register ports with session and stream
    registerPortsForDispatch( sc, sip_policy );
    registerPortsForReassembly( sip_policy, SSN_DIR_FROM_SERVER | SSN_DIR_FROM_CLIENT );
    _addPortsToStreamFilter(sc, sip_policy, policy_id);

#ifdef TARGET_BASED
    _addServicesToStreamFilter(sc, policy_id);
#endif

    return 0;
}

コード例 #3

ファイル: spp_gtp.c プロジェクト: BMNLabs/snort

/* Initializes the GTP preprocessor module and registers
 * it in the preprocessor list.
 *
 * PARAMETERS:
 *
 * argp:        Pointer to argument string to process for config data.
 *
 * RETURNS:     Nothing.
 */
static void GTPInit(struct _SnortConfig *sc, char *argp)
{
    tSfPolicyId policy_id = _dpd.getParserPolicy(sc);
    GTPConfig *pDefaultPolicyConfig = NULL;
    GTPConfig *pPolicyConfig = NULL;


    if (gtp_config == NULL)
    {
        /*create a context*/
        gtp_config = sfPolicyConfigCreate();
        if (gtp_config == NULL)
        {
            DynamicPreprocessorFatalMessage("Failed to allocate memory "
                    "for GTP config.\n");
        }

        _dpd.addPreprocConfCheck(sc, GTPCheckConfig);
        _dpd.registerPreprocStats(GTP_NAME, GTP_PrintStats);
        _dpd.addPreprocExit(GTPCleanExit, NULL, PRIORITY_LAST, PP_GTP);

#ifdef PERF_PROFILING
        _dpd.addPreprocProfileFunc("gtp", (void *)&gtpPerfStats, 0, _dpd.totalPerfStats, NULL);
#endif

#ifdef TARGET_BASED
        gtp_app_id = _dpd.findProtocolReference("gtp");
        if (gtp_app_id == SFTARGET_UNKNOWN_PROTOCOL)
            gtp_app_id = _dpd.addProtocolReference("gtp");

        // register with session to handle applications
        _dpd.sessionAPI->register_service_handler( PP_GTP, gtp_app_id );
#endif
    }

    sfPolicyUserPolicySet (gtp_config, policy_id);
    pDefaultPolicyConfig = (GTPConfig *)sfPolicyUserDataGetDefault(gtp_config);
    pPolicyConfig = (GTPConfig *)sfPolicyUserDataGetCurrent(gtp_config);
    if ((pPolicyConfig != NULL) && (pDefaultPolicyConfig == NULL))
    {
        DynamicPreprocessorFatalMessage("GTP preprocessor can only be "
                "configured once.\n");
    }

    pPolicyConfig = (GTPConfig *)calloc(1, sizeof(GTPConfig));
    if (!pPolicyConfig)
    {
        DynamicPreprocessorFatalMessage("Could not allocate memory for "
                "GTP preprocessor configuration.\n");
    }

    sfPolicyUserDataSetCurrent(gtp_config, pPolicyConfig);

    GTP_RegRuleOptions(sc);

    ParseGTPArgs(pPolicyConfig, (u_char *)argp);


    if (_dpd.streamAPI == NULL)
    {
        DynamicPreprocessorFatalMessage("SetupGTP(): The Stream preprocessor must be enabled.\n");
    }

    _dpd.addPreproc( sc, GTPmain, PRIORITY_APPLICATION, PP_GTP, PROTO_BIT__UDP );

    // register ports with session and stream
    registerPortsForDispatch( sc, pPolicyConfig );
    registerPortsForReassembly( pPolicyConfig, SSN_DIR_FROM_SERVER | SSN_DIR_FROM_CLIENT );
    _addPortsToStreamFilter(sc, pPolicyConfig, policy_id);

#ifdef TARGET_BASED
    _addServicesToStreamFilter(sc, policy_id);
#endif
}