static int task_run_callback(void *data, void *param)
{
channel_t *channel = (channel_t *)data;
rec_driver_t *driver = (rec_driver_t *)channel->rec_driver;
start_record_info_t info;
int dev_type = ((driver_t *)channel->pdriver)->type;
/*
syslog(LOG_DEBUG, "[REC TASK] %s %d %d %d", channel->rec_name,
is_applied(channel->rec_state),
is_logined(channel->rec_state),
is_record(channel->rec_state));
*/
if (!is_applied(channel->rec_state)) {
if (rmd_sessmgr_play_by_rec(channel) != 0)
return -1;
set_applied(channel->rec_state);
}
if (is_logined(channel->rec_state)) {
if (channel->rec_error == 1) {
syslog(LOG_DEBUG, "interrupt cause record error [%s]",
channel->rec_name);
rec_state_reset(channel);
#ifdef RMD_HAS_UDS
notify_rec_stat(channel->rec_name, REC_FAILED);
#endif
} else if ((get_runtime() - channel->last_data_time) >
INTERRUPT_TIMEOUT) {
syslog(LOG_DEBUG, "interrupt cause camera error [%s]",
channel->rec_name);
rec_state_reset(channel);
#ifdef RMD_HAS_UDS
notify_rec_stat(channel->rec_name, REC_FAILED);
#endif
}
}
if (channel->camera_state == 0)
return -1; /* no action, until camera become OK */
if (!is_logined(channel->rec_state)) {
channel->rec_loginid = single_login(sl, login_storage,
channel->storage_ip, channel->storage_port,
channel->storage_user, channel->storage_pwd,
(void *)channel);
if (channel->rec_loginid == -1)
return -1;
set_logined(channel->rec_state);
}
if (!is_record(channel->rec_state)) {
if (channel->hdr_buff && channel->hdr_length == 0)
return -1; /* the media header not coming yet */
info.login_id = channel->rec_loginid;
snprintf(info.record_name, sizeof(info.record_name),
channel->rec_name);
snprintf(info.record_alias, sizeof(info.record_alias),
channel->rec_name);
info.record_type = record_type;
info.disk_no = channel->storage_disk;
if (channel->hdr_length > 0) {
info.hdr_len = channel->hdr_length;
memcpy(info.hdr_buff, channel->hdr_buff,
channel->hdr_length);
} else {
/* if the device have no media header, put device type
* at the begin (4 bytes). */
info.hdr_len = 4;
sprintf(info.hdr_buff, "%04d", dev_type);
}
snprintf(info.desc, sizeof(info.desc), channel->rec_name);
channel->rec_handle = driver->rmd_di_rec_start_record(&info);
if (channel->rec_handle == -1) {
syslog(LOG_DEBUG, "start_record [%s] error: %lu",
channel->rec_name,
driver->rmd_di_rec_geterror());
rec_state_reset(channel);
return -1;
}
syslog(LOG_DEBUG, "[REC START] %s", channel->rec_name);
set_record(channel->rec_state);
channel->end_time = time(NULL);
channel->rec_error = 0;
channel->last_data_time = get_runtime();
#ifdef RMD_HAS_UDS
notify_rec_stat(channel->rec_name, REC_SUCC);
#endif
}
return 0;
}
/*
* Arguments:
* buffer - record buffer
* buflen - record buffer length
* searray - an array of standard events
* nse - number of elements in searray.
* handle - pointer to internal state information intialized in *_init()
* Return Value:
* On success, it returns the number of records filled in searray,
* which may be zero if partial record is received.
* On failure, returns -1 in case of internal error.
* Description:
* Record parser routine.
*/
int
fwstub_input(const u_int8_t *buffer, u_int32_t buflen,
struct _std_event *searray, u_int32_t nse, void *handle)
{
char *cptr = (char *)buffer;
u_int16_t parse_rec = 0;
int i;
struct _std_event *ev_ptr = NULL;
struct _iplist *drop_ip = NULL;
if(buffer==NULL || searray==NULL){
printf("crstub_input: buffer is null or searray not initialized.\n");
return 0;
}
// ev_ptr = &searray[parse_rec];
ev_ptr = searray + parse_rec;
// memset(ev_ptr,0,sizeof(struct _std_event));
i = next_to_char(cptr, '\0');
memcpy(&(ev_ptr->device.device_name), cptr, i+1);
cptr += 16;
i = next_to_char(cptr, '>');
cptr +=i;
//printf("crstub: Source IP Address : %s\n",ev_ptr->device.device_name);
// lookup for ip_fw_map for given ipaddress and find out _firewall_info send it to set_record fn.
//
strcpy(ev_ptr->log.raw_log,cptr);
HASH_FIND_STR(g_ip_fwtype_map_hash , ev_ptr->device.device_name, found_ip_fwtype_map);
if(found_ip_fwtype_map){
//printf("string sent to set_record -%s-\n",cptr);
strcpy(ev_ptr->device.device_id,ev_ptr->device.device_name);
strncat(ev_ptr->device.device_id,found_ip_fwtype_map->fw->fw_name,10);
if(set_record(ev_ptr,cptr,found_ip_fwtype_map->fw)>0){
parse_rec++;
}else{
memset(ev_ptr,0,sizeof(struct _std_event));
}
}
else{
#ifdef ENABLE_FWSTUB_ALLOW_ALL
strcpy(ev_ptr->device.device_id,ev_ptr->device.device_name);
strncat(ev_ptr->device.device_id,default_fw->fw_name,10);
if(set_record(ev_ptr,cptr,default_fw)>0){
parse_rec++;
}else{
memset(ev_ptr,0,sizeof(struct _std_event));
}
#else
HASH_FIND_STR(drop_ip_map , ev_ptr->device.device_name , drop_ip);
if(!drop_ip){ // Ip not found in drop list either
ev_ptr->gr_data.action = (u_int8_t)2;
if (strstr(cptr, "device_name=\"CR")) {
struct _firewall_info *default_fw = get_firewall_info_by_name("cyberoam");
if(set_record(ev_ptr,cptr,default_fw)>0){
struct _ip_fwtype_map * temp;
printf("this is Cyberoam%s = %s\n", ev_ptr->device.device_name, ev_ptr->device.device_id);
//ev_ptr->gr_data.action = (u_int8_t)3;
if (!(temp=is_this_reg_appliance(ev_ptr->device.device_id))) {
goto new_appliances;
}
if (!update_ip_fwtype_map(ev_ptr->device.device_name, temp)) {
goto new_appliances;
}
ev_ptr->gr_data.action = (u_int8_t)4;
printf("Marked exiting appliances for device discovery list with action %d\n",ev_ptr->gr_data.action );
parse_rec++;
goto safe_exit;
}else{
memset(ev_ptr,0,sizeof(struct _std_event));
}
}
new_appliances:
drop_ip= (struct _iplist *) calloc (1,sizeof (struct _iplist));
strcpy(drop_ip->ip,ev_ptr->device.device_name);
strcpy(ev_ptr->device.device_id,"new");
HASH_ADD_STR(drop_ip_map , ip,drop_ip);
printf("Added new IP to drop list \n");
//ev_ptr->gr_data.action = (u_int8_t)SE_ACTION_NEWDEV_ALERT;
printf("Marked new IP for device discovery list with action %d\n",ev_ptr->gr_data.action );
parse_rec++;
}else{
printf ("Could not find fw mapping for ip address --%s-- So dropping the log\n",ev_ptr->device.device_name);
}
#endif
/* Temporary code
* need to deleted once we finalize ip address based device discovery
*/
}
safe_exit:
return parse_rec;
}
void init_map() {
set_record(SECTION_MACHINE, IMAGE_FILE_MACHINE_UNKNOWN , "Machine unknown");
set_record(SECTION_MACHINE, IMAGE_FILE_MACHINE_AM33 , "Machine i386");
set_record(SECTION_MACHINE, IMAGE_FILE_MACHINE_AMD64 , "Machine amd64");
set_record(SECTION_MACHINE, IMAGE_FILE_MACHINE_ARM , "Machine arm");
set_record(SECTION_MACHINE, IMAGE_FILE_MACHINE_EBC , "Machine ebc");
set_record(SECTION_MACHINE, IMAGE_FILE_MACHINE_I386 , "Machine i386");
set_record(SECTION_MACHINE, IMAGE_FILE_MACHINE_IA64 , "Machine ia64");
set_record(SECTION_MACHINE, IMAGE_FILE_MACHINE_M32R , "Machine m32r");
set_record(SECTION_MACHINE, IMAGE_FILE_MACHINE_MIPS16 , "Machine mips16");
set_record(SECTION_MACHINE, IMAGE_FILE_MACHINE_MIPSFPU , "Machine mipsfpu");
set_record(SECTION_MACHINE, IMAGE_FILE_MACHINE_MIPSFPU16, "Machine mipsfpu16");
set_record(SECTION_MACHINE, IMAGE_FILE_MACHINE_POWERPC , "Machine powerpc");
set_record(SECTION_MACHINE, IMAGE_FILE_MACHINE_POWERPCFP, "Machine powerpcfp");
set_record(SECTION_MACHINE, IMAGE_FILE_MACHINE_R4000 , "Machine r4000");
set_record(SECTION_MACHINE, IMAGE_FILE_MACHINE_SH3 , "Machine sh3");
set_record(SECTION_MACHINE, IMAGE_FILE_MACHINE_SH3DSP , "Machine sh3dsp");
set_record(SECTION_MACHINE, IMAGE_FILE_MACHINE_SH4 , "Machine sh4");
set_record(SECTION_MACHINE, IMAGE_FILE_MACHINE_SH5 , "Machine sh5");
set_record(SECTION_MACHINE, IMAGE_FILE_MACHINE_THUMB , "Machine thumb");
set_record(SECTION_MACHINE, IMAGE_FILE_MACHINE_WCEMIPSV2, "Machine wcemipsv2");
set_record(SECTION_CHARACTERISTICS, IMAGE_FILE_RELOCS_STRIPPED , "Relocations stripped");
set_record(SECTION_CHARACTERISTICS, IMAGE_FILE_EXECUTABLE_IMAGE , "Executable image");
set_record(SECTION_CHARACTERISTICS, IMAGE_FILE_LINE_NUMS_STRIPPED , "Line numbers stripped (deprecated)");
set_record(SECTION_CHARACTERISTICS, IMAGE_FILE_LOCAL_SYMS_STRIPPED , "Local symbols stripped (deprecated)");
set_record(SECTION_CHARACTERISTICS, IMAGE_FILE_AGGRESIVE_WS_TRIM , "Agressive working set trim (obsolete)");
set_record(SECTION_CHARACTERISTICS, IMAGE_FILE_LARGE_ADDRESS_AWARE , "Can handle large addresses");
set_record(SECTION_CHARACTERISTICS, IMAGE_FILE_BYTES_REVERSED_LO , "Little endian (deprecated)");
set_record(SECTION_CHARACTERISTICS, IMAGE_FILE_32BIT_MACHINE , "32bit");
set_record(SECTION_CHARACTERISTICS, IMAGE_FILE_DEBUG_STRIPPED , "Debug info stripped");
set_record(SECTION_CHARACTERISTICS, IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP , "Can run from SWAP - Removable media");
set_record(SECTION_CHARACTERISTICS, IMAGE_FILE_NET_RUN_FROM_SWAP , "Can run from SWAP - Network");
set_record(SECTION_CHARACTERISTICS, IMAGE_FILE_SYSTEM , "System file");
set_record(SECTION_CHARACTERISTICS, IMAGE_FILE_DLL , "DLL");
set_record(SECTION_CHARACTERISTICS, IMAGE_FILE_UP_SYSTEM_ONLY , "Only uniprocessor machine");
set_record(SECTION_CHARACTERISTICS, IMAGE_FILE_BYTES_REVERSED_HI , "Big endian (deprecated)");
set_record(SECTION_MAGIC, IMAGE_NT_OPTIONAL_HDR32_MAGIC , "PE32");
set_record(SECTION_MAGIC, IMAGE_NT_OPTIONAL_HDR64_MAGIC , "PE32+");
set_record(SECTION_SUBSYSTEM, IMAGE_SUBSYSTEM_UNKNOWN , "Unknown system");
set_record(SECTION_SUBSYSTEM, IMAGE_SUBSYSTEM_NATIVE , "Device driver/Native Windows process");
set_record(SECTION_SUBSYSTEM, IMAGE_SUBSYSTEM_WINDOWS_GUI , "Windows GUI");
set_record(SECTION_SUBSYSTEM, IMAGE_SUBSYSTEM_WINDOWS_CUI , "Windows CUI");
set_record(SECTION_SUBSYSTEM, IMAGE_SUBSYSTEM_POSIX_CUI , "Posix CUI");
set_record(SECTION_SUBSYSTEM, IMAGE_SUBSYSTEM_WINDOWS_CE_GUI , "Windows CE");
set_record(SECTION_SUBSYSTEM, IMAGE_SUBSYSTEM_EFI_APPLICATION , "EFI application");
set_record(SECTION_SUBSYSTEM, IMAGE_SUBSYSTEM_EFI_BOOT_SERVICE_DRIVER , "EFI driver w/ boot service");
set_record(SECTION_SUBSYSTEM, IMAGE_SUBSYSTEM_EFI_RUNTIME_DRIVER , "EFI driver w/ runtime service");
set_record(SECTION_SUBSYSTEM, IMAGE_SUBSYSTEM_EFI_ROM , "EFI ROM");
set_record(SECTION_SUBSYSTEM, IMAGE_SUBSYSTEM_XBOX , "XBOX");
set_record(SECTION_DLL_CHARACTERISICS, IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE , "Can be relocated at load time");
set_record(SECTION_DLL_CHARACTERISICS, IMAGE_DLLCHARACTERISTICS_FORCE_INTEGRITY , "Code Integrity checks are enforced");
set_record(SECTION_DLL_CHARACTERISICS, IMAGE_DLLCHARACTERISTICS_NX_COMPAT , "Image is NX compatible");
set_record(SECTION_DLL_CHARACTERISICS, IMAGE_DLLCHARACTERISTICS_NO_ISOLATION , "Do not isolate the image");
set_record(SECTION_DLL_CHARACTERISICS, IMAGE_DLLCHARACTERISTICS_NO_SEH , "No SE handler called");
set_record(SECTION_DLL_CHARACTERISICS, IMAGE_DLLCHARACTERISTICS_NO_BIND , "Do not bind the image");
set_record(SECTION_DLL_CHARACTERISICS, IMAGE_DLLCHARACTERISTICS_WDM_DRIVER , "WDM driver");
set_record(SECTION_DLL_CHARACTERISICS, IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE , "Terminal Server aware");
set_record(SECTION_DATA_DIRECTORY, IMAGE_DIRECTORY_ENTRY_EXPORT , "Export Table");
set_record(SECTION_DATA_DIRECTORY, IMAGE_DIRECTORY_ENTRY_IMPORT , "Import Table");
set_record(SECTION_DATA_DIRECTORY, IMAGE_DIRECTORY_ENTRY_RESOURCE , "Resource Table");
set_record(SECTION_DATA_DIRECTORY, IMAGE_DIRECTORY_ENTRY_EXCEPTION , "Exception Table");
set_record(SECTION_DATA_DIRECTORY, IMAGE_DIRECTORY_ENTRY_SECURITY , "Certificate Table");
set_record(SECTION_DATA_DIRECTORY, IMAGE_DIRECTORY_ENTRY_BASERELOC , "Base Relocation Table");
set_record(SECTION_DATA_DIRECTORY, IMAGE_DIRECTORY_ENTRY_DEBUG , "Debug");
set_record(SECTION_DATA_DIRECTORY, IMAGE_DIRECTORY_ENTRY_ARCHITECTURE , "Architecture");
set_record(SECTION_DATA_DIRECTORY, IMAGE_DIRECTORY_ENTRY_GLOBALPTR , "Global Ptr");
set_record(SECTION_DATA_DIRECTORY, IMAGE_DIRECTORY_ENTRY_TLS , "TLS Table");
set_record(SECTION_DATA_DIRECTORY, IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG , "Load Config Table");
set_record(SECTION_DATA_DIRECTORY, IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT , "Bound Import");
set_record(SECTION_DATA_DIRECTORY, IMAGE_DIRECTORY_ENTRY_IAT , "IAT");
set_record(SECTION_DATA_DIRECTORY, IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT , "Delay Import Descriptor");
set_record(SECTION_DATA_DIRECTORY, IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR , "CLR Runtime Header");
set_record(SECTION_DATA_DIRECTORY, IMAGE_DIRECTORY_ENTRY_RESERVED , "Reserved, must be zero");
// set_record(SECTION_SECTION_CHARACTERISTICS, IMAGE_SCN_TYPE_REG , "Reserved for future use");
// set_record(SECTION_SECTION_CHARACTERISTICS, IMAGE_SCN_TYPE_DSECT , "Reserved for future use");
// set_record(SECTION_SECTION_CHARACTERISTICS, IMAGE_SCN_TYPE_NOLOAD , "Reserved for future use");
// set_record(SECTION_SECTION_CHARACTERISTICS, IMAGE_SCN_TYPE_GROUP , "Reserved for future use");
set_record(SECTION_SECTION_CHARACTERISTICS, IMAGE_SCN_TYPE_NO_PAD , "Not padded (obsolete)");
// set_record(SECTION_SECTION_CHARACTERISTICS, IMAGE_SCN_TYPE_COPY , "Reserved for future use");
set_record(SECTION_SECTION_CHARACTERISTICS, IMAGE_SCN_CNT_CODE , "Contains executable code");
set_record(SECTION_SECTION_CHARACTERISTICS, IMAGE_SCN_CNT_INITIALIZED_DATA , "Contains initialized data");
set_record(SECTION_SECTION_CHARACTERISTICS, IMAGE_SCN_CNT_UNINITIALIZED_DATA, "Contains uninitialized data");
// set_record(SECTION_SECTION_CHARACTERISTICS, IMAGE_SCN_LNK_OTHER , "Reserved for future use");
set_record(SECTION_SECTION_CHARACTERISTICS, IMAGE_SCN_LNK_INFO , "Contains comments or other info");
// set_record(SECTION_SECTION_CHARACTERISTICS, IMAGE_SCN_TYPE_OVER , "Reserved for future use");
set_record(SECTION_SECTION_CHARACTERISTICS, IMAGE_SCN_LNK_REMOVE , "Will not be part of the image");
set_record(SECTION_SECTION_CHARACTERISTICS, IMAGE_SCN_LNK_COMDAT , "Contains COMDAT data");
set_record(SECTION_SECTION_CHARACTERISTICS, IMAGE_SCN_GPREL , "Contains data referenced throught Global Pointer");
// set_record(SECTION_SECTION_CHARACTERISTICS, IMAGE_SCN_MEM_FARDATA , "Reserved for future use");
// set_record(SECTION_SECTION_CHARACTERISTICS, IMAGE_SCN_MEM_PURGEABLE , "Reserved for future use");
set_record(SECTION_SECTION_CHARACTERISTICS, IMAGE_SCN_MEM_16BIT , "ARM: Contains Thumb code /Others: Reserved for future use");
// set_record(SECTION_SECTION_CHARACTERISTICS, IMAGE_SCN_MEM_LOCKED , "Reserved for future use");
// set_record(SECTION_SECTION_CHARACTERISTICS, IMAGE_SCN_MEM_PRELOAD , "Reserved for future use");
// set_record(SECTION_SECTION_CHARACTERISTICS, IMAGE_SCN_ALIGN_1BYTES , "Align data 1-byte boundary (object)");
// set_record(SECTION_SECTION_CHARACTERISTICS, IMAGE_SCN_ALIGN_2BYTES , "Align data 2-byte boundary (object)");
// set_record(SECTION_SECTION_CHARACTERISTICS, IMAGE_SCN_ALIGN_4BYTES , "Align data 4-byte boundary (object)");
// set_record(SECTION_SECTION_CHARACTERISTICS, IMAGE_SCN_ALIGN_8BYTES , "Align data 8-byte boundary (object)");
// set_record(SECTION_SECTION_CHARACTERISTICS, IMAGE_SCN_ALIGN_16BYTES , "Align data 16-byte boundary (object)");
// set_record(SECTION_SECTION_CHARACTERISTICS, IMAGE_SCN_ALIGN_32BYTES , "Align data 32-byte boundary (object)");
// set_record(SECTION_SECTION_CHARACTERISTICS, IMAGE_SCN_ALIGN_64BYTES , "Align data 64-byte boundary (object)");
// set_record(SECTION_SECTION_CHARACTERISTICS, IMAGE_SCN_ALIGN_128BYTES , "Align data 128-byte boundary (object)");
// set_record(SECTION_SECTION_CHARACTERISTICS, IMAGE_SCN_ALIGN_256BYTES , "Align data 256-byte boundary (object)");
// set_record(SECTION_SECTION_CHARACTERISTICS, IMAGE_SCN_ALIGN_512BYTES , "Align data 512-byte boundary (object)");
// set_record(SECTION_SECTION_CHARACTERISTICS, IMAGE_SCN_ALIGN_1024BYTES , "Align data 1024-byte boundary (object)");
// set_record(SECTION_SECTION_CHARACTERISTICS, IMAGE_SCN_ALIGN_2048BYTES , "Align data 2048-byte boundary (object)");
// set_record(SECTION_SECTION_CHARACTERISTICS, IMAGE_SCN_ALIGN_4096BYTES , "Align data 4096-byte boundary (object)");
// set_record(SECTION_SECTION_CHARACTERISTICS, IMAGE_SCN_ALIGN_8192BYTES , "Align data 8192-byte boundary (object)");
set_record(SECTION_SECTION_CHARACTERISTICS, IMAGE_SCN_LNK_NRELOC_OVFL , "Contains extented relocation");
set_record(SECTION_SECTION_CHARACTERISTICS, IMAGE_SCN_MEM_DISCARDABLE , "Can be discarded");
set_record(SECTION_SECTION_CHARACTERISTICS, IMAGE_SCN_MEM_NOT_CACHED , "Cannot be cached");
set_record(SECTION_SECTION_CHARACTERISTICS, IMAGE_SCN_MEM_NOT_PAGED , "Not pageable");
set_record(SECTION_SECTION_CHARACTERISTICS, IMAGE_SCN_MEM_SHARED , "Can be shared in memory");
set_record(SECTION_SECTION_CHARACTERISTICS, IMAGE_SCN_MEM_EXECUTE , "Can be executed as code");
set_record(SECTION_SECTION_CHARACTERISTICS, IMAGE_SCN_MEM_READ , "Readable");
set_record(SECTION_SECTION_CHARACTERISTICS, IMAGE_SCN_MEM_WRITE , "Writable");
set_record(SECTION_RELOC, IMAGE_REL_BASED_ABSOLUTE , "ABSOLUTE");
set_record(SECTION_RELOC, IMAGE_REL_BASED_HIGH , "HIGH");
set_record(SECTION_RELOC, IMAGE_REL_BASED_LOW , "LOW");
set_record(SECTION_RELOC, IMAGE_REL_BASED_HIGHLOW , "HIGHLOW");
set_record(SECTION_RELOC, IMAGE_REL_BASED_HIGHADJ , "Not understood");
set_record(SECTION_RELOC, IMAGE_REL_BASED_MIPS_JMPADDR , "Not understood");
set_record(SECTION_RELOC, IMAGE_REL_BASED_DIR64 , "HIGHLOW64");
}