/* ********************************************************************
* Function: DisplayReputationConfig
*
* Display the configuration for the Reputation preprocessor.
*
* Arguments:
*
* ReputationConfig *config: Reputation preprocessor configuration.
*
* RETURNS: Nothing.
*********************************************************************/
static void DisplayReputationConfig(ReputationConfig *config)
{
if (config == NULL)
return;
_dpd.logMsg(" Memcap: %d %s \n",
config->memcap,
config->memcap
== REPUTATION_DEFAULT_MEMCAP ?
"(Default) M bytes" : "M bytes" );
_dpd.logMsg(" Total number of entries used: %d \n",
sfrt_num_entries(config->iplist));
_dpd.logMsg(" Total memory allocated: %d bytes\n",
sfrt_usage(config->iplist));
_dpd.logMsg(" Scan local network: %s\n",
config->scanlocal ?
"ENABLED":"DISABLED (Default)");
_dpd.logMsg(" Reputation priority: %s \n",
config->priority
== WHITELISTED?
REPUTATION_WHITELIST_KEYWORD "(Default)" : REPUTATION_BLACKLIST_KEYWORD );
_dpd.logMsg(" Nested IP: %s %s \n",
NestedIPKeyword[config->nestedIP],
config->nestedIP
== INNER?
"(Default)" : "" );
_dpd.logMsg("\n");
}
static int DCE2_ReloadVerifyPolicy(
tSfPolicyUserContextId config,
tSfPolicyId policyId,
void* pData
)
{
DCE2_Config *swap_config = (DCE2_Config *)pData;
DCE2_Config *current_config = (DCE2_Config *)sfPolicyUserDataGet(dce2_config, policyId);
DCE2_ServerConfig *dconfig;
//do any housekeeping before freeing DCE2_Config
if ( swap_config == NULL || swap_config->gconfig->disabled )
return 0;
if (!_dpd.isPreprocEnabled(PP_STREAM5))
{
DCE2_Die("%s(%d) \"%s\" configuration: "
"Stream5 must be enabled with TCP and UDP tracking.",
*_dpd.config_file, *_dpd.config_line, DCE2_GNAME);
}
dconfig = swap_config->dconfig;
if (dconfig == NULL)
DCE2_CreateDefaultServerConfig(swap_config, policyId);
#ifdef TARGET_BASED
if (!_dpd.isAdaptiveConfigured(policyId, 1))
#endif
{
DCE2_ScCheckTransports(swap_config);
}
#ifdef ENABLE_PAF
DCE2_AddPortsToPaf(swap_config, policyId);
#endif
/* Register routing table memory */
if (swap_config->sconfigs != NULL)
DCE2_RegMem(sfrt_usage(swap_config->sconfigs), DCE2_MEM_TYPE__RT);
if (current_config == NULL)
return 0;
if (swap_config->gconfig->memcap != current_config->gconfig->memcap)
{
_dpd.errMsg("dcerpc2 reload: Changing the memcap requires a restart.\n");
DCE2_FreeConfigs(dce2_swap_config);
dce2_swap_config = NULL;
return -1;
}
return 0;
}
static int DCE2_CheckConfigPolicy(
tSfPolicyUserContextId config,
tSfPolicyId policyId,
void* pData
)
{
DCE2_Config *pPolicyConfig = (DCE2_Config *)pData;
DCE2_ServerConfig *dconfig;
if ( pPolicyConfig->gconfig->disabled )
return 0;
_dpd.setParserPolicy(policyId);
// config_file/config_line are not set here
if (!_dpd.isPreprocEnabled(PP_STREAM5))
{
DCE2_Die("Stream5 must be enabled with TCP and UDP tracking.");
}
dconfig = pPolicyConfig->dconfig;
if (dconfig == NULL)
DCE2_CreateDefaultServerConfig(pPolicyConfig, policyId);
#ifdef TARGET_BASED
if (!_dpd.isAdaptiveConfigured(policyId, 1))
#endif
{
DCE2_ScCheckTransports(pPolicyConfig);
}
#ifdef ENABLE_PAF
DCE2_AddPortsToPaf(pPolicyConfig, policyId);
#endif
/* Register routing table memory */
if (pPolicyConfig->sconfigs != NULL)
DCE2_RegMem(sfrt_usage(pPolicyConfig->sconfigs), DCE2_MEM_TYPE__RT);
return 0;
}
static int AddIPtoList(sfip_t *ipAddr, void *info, ReputationConfig *config)
{
int iRet;
int iFinalRet = IP_INSERT_SUCCESS;
/*This variable is used to check whether a more generic address
* overrides specific address
*/
uint32_t usageBeforeAdd;
uint32_t usageAfterAdd;
#ifndef SUP_IP6
if (ipAddr->family == AF_INET6)
{
return RT_INSERT_FAILURE;
}
#endif
if (ipAddr->family == AF_INET)
{
ipAddr->ip32[0] = ntohl(ipAddr->ip32[0]);
}
else if (ipAddr->family == AF_INET6)
{
int i;
for(i = 0; i < 4 ; i++)
ipAddr->ip32[i] = ntohl(ipAddr->ip32[i]);
}
#ifdef DEBUG_MSGS
if (NULL != sfrt_lookup((void *)ipAddr, config->iplist))
{
DebugMessage(DEBUG_REPUTATION, "Find address before insert: %s \n",sfip_to_str(ipAddr) );
}
else
{
DebugMessage(DEBUG_REPUTATION, "Can't find address before insert: %s \n",sfip_to_str(ipAddr) );
}
#endif
usageBeforeAdd = sfrt_usage(config->iplist);
/*Check whether the same or more generic address is already in the table*/
if (NULL != sfrt_lookup((void *)ipAddr, config->iplist))
{
iFinalRet = IP_INSERT_DUPLICATE;
}
#ifdef SUP_IP6
iRet = sfrt_insert((void *)ipAddr, (unsigned char)ipAddr->bits, (void *)info, RT_FAVOR_TIME, config->iplist);
#else
iRet = sfrt_insert((void *)&(ipAddr->ip.u6_addr32[0]), (unsigned char)ipAddr->bits, (void *)info, RT_FAVOR_TIME, config->iplist);
#endif
if (RT_SUCCESS == iRet)
{
totalNumEntries++;
#ifdef DEBUG_MSGS
DebugMessage(DEBUG_REPUTATION, "Number of entries input: %d, in table: %d \n",
totalNumEntries,sfrt_num_entries(config->iplist) );
DebugMessage(DEBUG_REPUTATION, "Memory allocated: %d \n",sfrt_usage(config->iplist) );
if (NULL != sfrt_lookup((void *)ipAddr, config->iplist))
{
DebugMessage(DEBUG_REPUTATION, "Find address after insert: %s \n",sfip_to_str(ipAddr) );
}
#endif
}
else if (MEM_ALLOC_FAILURE == iRet)
{
iFinalRet = IP_MEM_ALLOC_FAILURE;
DEBUG_WRAP( DebugMessage(DEBUG_REPUTATION, "Insert error: %d for address: %s \n",iRet, sfip_to_str(ipAddr) ););
