/* ******************************************************************** * Function: DisplayReputationConfig * * Display the configuration for the Reputation preprocessor. * * Arguments: * * ReputationConfig *config: Reputation preprocessor configuration. * * RETURNS: Nothing. *********************************************************************/ static void DisplayReputationConfig(ReputationConfig *config) { if (config == NULL) return; _dpd.logMsg(" Memcap: %d %s \n", config->memcap, config->memcap == REPUTATION_DEFAULT_MEMCAP ? "(Default) M bytes" : "M bytes" ); _dpd.logMsg(" Total number of entries used: %d \n", sfrt_num_entries(config->iplist)); _dpd.logMsg(" Total memory allocated: %d bytes\n", sfrt_usage(config->iplist)); _dpd.logMsg(" Scan local network: %s\n", config->scanlocal ? "ENABLED":"DISABLED (Default)"); _dpd.logMsg(" Reputation priority: %s \n", config->priority == WHITELISTED? REPUTATION_WHITELIST_KEYWORD "(Default)" : REPUTATION_BLACKLIST_KEYWORD ); _dpd.logMsg(" Nested IP: %s %s \n", NestedIPKeyword[config->nestedIP], config->nestedIP == INNER? "(Default)" : "" ); _dpd.logMsg("\n"); }
static int DCE2_ReloadVerifyPolicy( tSfPolicyUserContextId config, tSfPolicyId policyId, void* pData ) { DCE2_Config *swap_config = (DCE2_Config *)pData; DCE2_Config *current_config = (DCE2_Config *)sfPolicyUserDataGet(dce2_config, policyId); DCE2_ServerConfig *dconfig; //do any housekeeping before freeing DCE2_Config if ( swap_config == NULL || swap_config->gconfig->disabled ) return 0; if (!_dpd.isPreprocEnabled(PP_STREAM5)) { DCE2_Die("%s(%d) \"%s\" configuration: " "Stream5 must be enabled with TCP and UDP tracking.", *_dpd.config_file, *_dpd.config_line, DCE2_GNAME); } dconfig = swap_config->dconfig; if (dconfig == NULL) DCE2_CreateDefaultServerConfig(swap_config, policyId); #ifdef TARGET_BASED if (!_dpd.isAdaptiveConfigured(policyId, 1)) #endif { DCE2_ScCheckTransports(swap_config); } #ifdef ENABLE_PAF DCE2_AddPortsToPaf(swap_config, policyId); #endif /* Register routing table memory */ if (swap_config->sconfigs != NULL) DCE2_RegMem(sfrt_usage(swap_config->sconfigs), DCE2_MEM_TYPE__RT); if (current_config == NULL) return 0; if (swap_config->gconfig->memcap != current_config->gconfig->memcap) { _dpd.errMsg("dcerpc2 reload: Changing the memcap requires a restart.\n"); DCE2_FreeConfigs(dce2_swap_config); dce2_swap_config = NULL; return -1; } return 0; }
static int DCE2_CheckConfigPolicy( tSfPolicyUserContextId config, tSfPolicyId policyId, void* pData ) { DCE2_Config *pPolicyConfig = (DCE2_Config *)pData; DCE2_ServerConfig *dconfig; if ( pPolicyConfig->gconfig->disabled ) return 0; _dpd.setParserPolicy(policyId); // config_file/config_line are not set here if (!_dpd.isPreprocEnabled(PP_STREAM5)) { DCE2_Die("Stream5 must be enabled with TCP and UDP tracking."); } dconfig = pPolicyConfig->dconfig; if (dconfig == NULL) DCE2_CreateDefaultServerConfig(pPolicyConfig, policyId); #ifdef TARGET_BASED if (!_dpd.isAdaptiveConfigured(policyId, 1)) #endif { DCE2_ScCheckTransports(pPolicyConfig); } #ifdef ENABLE_PAF DCE2_AddPortsToPaf(pPolicyConfig, policyId); #endif /* Register routing table memory */ if (pPolicyConfig->sconfigs != NULL) DCE2_RegMem(sfrt_usage(pPolicyConfig->sconfigs), DCE2_MEM_TYPE__RT); return 0; }
static int AddIPtoList(sfip_t *ipAddr, void *info, ReputationConfig *config) { int iRet; int iFinalRet = IP_INSERT_SUCCESS; /*This variable is used to check whether a more generic address * overrides specific address */ uint32_t usageBeforeAdd; uint32_t usageAfterAdd; #ifndef SUP_IP6 if (ipAddr->family == AF_INET6) { return RT_INSERT_FAILURE; } #endif if (ipAddr->family == AF_INET) { ipAddr->ip32[0] = ntohl(ipAddr->ip32[0]); } else if (ipAddr->family == AF_INET6) { int i; for(i = 0; i < 4 ; i++) ipAddr->ip32[i] = ntohl(ipAddr->ip32[i]); } #ifdef DEBUG_MSGS if (NULL != sfrt_lookup((void *)ipAddr, config->iplist)) { DebugMessage(DEBUG_REPUTATION, "Find address before insert: %s \n",sfip_to_str(ipAddr) ); } else { DebugMessage(DEBUG_REPUTATION, "Can't find address before insert: %s \n",sfip_to_str(ipAddr) ); } #endif usageBeforeAdd = sfrt_usage(config->iplist); /*Check whether the same or more generic address is already in the table*/ if (NULL != sfrt_lookup((void *)ipAddr, config->iplist)) { iFinalRet = IP_INSERT_DUPLICATE; } #ifdef SUP_IP6 iRet = sfrt_insert((void *)ipAddr, (unsigned char)ipAddr->bits, (void *)info, RT_FAVOR_TIME, config->iplist); #else iRet = sfrt_insert((void *)&(ipAddr->ip.u6_addr32[0]), (unsigned char)ipAddr->bits, (void *)info, RT_FAVOR_TIME, config->iplist); #endif if (RT_SUCCESS == iRet) { totalNumEntries++; #ifdef DEBUG_MSGS DebugMessage(DEBUG_REPUTATION, "Number of entries input: %d, in table: %d \n", totalNumEntries,sfrt_num_entries(config->iplist) ); DebugMessage(DEBUG_REPUTATION, "Memory allocated: %d \n",sfrt_usage(config->iplist) ); if (NULL != sfrt_lookup((void *)ipAddr, config->iplist)) { DebugMessage(DEBUG_REPUTATION, "Find address after insert: %s \n",sfip_to_str(ipAddr) ); } #endif } else if (MEM_ALLOC_FAILURE == iRet) { iFinalRet = IP_MEM_ALLOC_FAILURE; DEBUG_WRAP( DebugMessage(DEBUG_REPUTATION, "Insert error: %d for address: %s \n",iRet, sfip_to_str(ipAddr) ););