static void SIPReload(char *args)
{
tSfPolicyId policy_id = _dpd.getParserPolicy();
SIPConfig * pPolicyConfig = NULL;
if (sip_swap_config == NULL)
{
//create a context
sip_swap_config = sfPolicyConfigCreate();
if (sip_swap_config == NULL)
{
DynamicPreprocessorFatalMessage("Failed to allocate memory "
"for SIP config.\n");
}
}
sfPolicyUserPolicySet (sip_swap_config, policy_id);
pPolicyConfig = (SIPConfig *)sfPolicyUserDataGetCurrent(sip_swap_config);
if (pPolicyConfig != NULL)
{
DynamicPreprocessorFatalMessage("SIP preprocessor can only be "
"configured once.\n");
}
pPolicyConfig = (SIPConfig *)calloc(1, sizeof(SIPConfig));
if (!pPolicyConfig)
{
DynamicPreprocessorFatalMessage("Could not allocate memory for "
"SIP preprocessor configuration.\n");
}
sfPolicyUserDataSetCurrent(sip_swap_config, pPolicyConfig);
SIP_RegRuleOptions();
ParseSIPArgs(pPolicyConfig, (u_char *)args);
if( pPolicyConfig->disabled )
return;
if (_dpd.streamAPI == NULL)
{
DynamicPreprocessorFatalMessage("SetupSIP(): The Stream preprocessor must be enabled.\n");
}
_dpd.addPreproc( SIPmain, PRIORITY_APPLICATION, PP_SIP, PROTO_BIT__UDP|PROTO_BIT__TCP );
_dpd.addPreprocReloadVerify(SIPReloadVerify);
_addPortsToStream5Filter(pPolicyConfig, policy_id);
#ifdef TARGET_BASED
_addServicesToStream5Filter(policy_id);
#endif
}
static void SSHReload(struct _SnortConfig *sc, char *args, void **new_config)
{
tSfPolicyUserContextId ssh_swap_config = (tSfPolicyUserContextId)*new_config;
tSfPolicyId policy_id = _dpd.getParserPolicy(sc);
SSHConfig * pPolicyConfig = NULL;
if (ssh_swap_config == NULL)
{
//create a context
ssh_swap_config = sfPolicyConfigCreate();
if (ssh_swap_config == NULL)
{
DynamicPreprocessorFatalMessage("Failed to allocate memory "
"for SSH config.\n");
}
if (_dpd.streamAPI == NULL)
{
DynamicPreprocessorFatalMessage("SetupSSH(): The Stream preprocessor must be enabled.\n");
}
*new_config = (void *)ssh_swap_config;
}
sfPolicyUserPolicySet (ssh_swap_config, policy_id);
pPolicyConfig = (SSHConfig *)sfPolicyUserDataGetCurrent(ssh_swap_config);
if (pPolicyConfig != NULL)
{
DynamicPreprocessorFatalMessage("SSH preprocessor can only be "
"configured once.\n");
}
pPolicyConfig = (SSHConfig *)calloc(1, sizeof(SSHConfig));
if (!pPolicyConfig)
{
DynamicPreprocessorFatalMessage("Could not allocate memory for "
"SSH preprocessor configuration.\n");
}
sfPolicyUserDataSetCurrent(ssh_swap_config, pPolicyConfig);
ParseSSHArgs(pPolicyConfig, (u_char *)args);
_dpd.addPreproc( sc, ProcessSSH, PRIORITY_APPLICATION, PP_SSH, PROTO_BIT__TCP );
_addPortsToStream5Filter(sc, pPolicyConfig, policy_id);
#ifdef TARGET_BASED
_addServicesToStream5Filter(sc, policy_id);
#endif
}
static void DNP3RegisterPerPolicyCallbacks(struct _SnortConfig *sc, dnp3_config_t *dnp3_policy)
{
tSfPolicyId policy_id = _dpd.getParserPolicy(sc);
/* Callbacks should be avoided if the preproc is disabled. */
if (dnp3_policy->disabled)
return;
_dpd.addPreproc(sc, ProcessDNP3, PRIORITY_APPLICATION, PP_DNP3, PROTO_BIT__TCP|PROTO_BIT__UDP);
_addPortsToStream5Filter(sc, dnp3_policy, policy_id);
#ifdef TARGET_BASED
_addServicesToStream5Filter(sc, policy_id);
DNP3AddServiceToPaf(sc, dnp3_app_id, policy_id);
#endif
DNP3AddPortsToPaf(sc, dnp3_policy, policy_id);
_dpd.preprocOptRegister(sc, DNP3_FUNC_NAME, DNP3FuncInit, DNP3FuncEval, free, NULL, NULL, NULL, NULL);
_dpd.preprocOptRegister(sc, DNP3_OBJ_NAME, DNP3ObjInit, DNP3ObjEval, free, NULL, NULL, NULL, NULL);
_dpd.preprocOptRegister(sc, DNP3_IND_NAME, DNP3IndInit, DNP3IndEval, free, NULL, NULL, NULL, NULL);
_dpd.preprocOptRegister(sc, DNP3_DATA_NAME, DNP3DataInit, DNP3DataEval, free, NULL, NULL, NULL, NULL);
}
/* Responsible for allocating a Modbus policy. Never returns NULL. */
static inline modbus_config_t * ModbusPerPolicyInit(tSfPolicyUserContextId context_id)
{
tSfPolicyId policy_id = _dpd.getParserPolicy();
modbus_config_t *modbus_policy = NULL;
/* Check for existing policy & bail if found */
sfPolicyUserPolicySet(context_id, policy_id);
modbus_policy = (modbus_config_t *)sfPolicyUserDataGetCurrent(context_id);
if (modbus_policy != NULL)
{
_dpd.fatalMsg("%s(%d) Modbus preprocessor can only be "
"configured once.\n", *_dpd.config_file, *_dpd.config_line);
}
/* Allocate new policy */
modbus_policy = (modbus_config_t *)calloc(1, sizeof(modbus_config_t));
if (!modbus_policy)
{
_dpd.fatalMsg("%s(%d) Could not allocate memory for "
"modbus preprocessor configuration.\n"
, *_dpd.config_file, *_dpd.config_line);
}
sfPolicyUserDataSetCurrent(context_id, modbus_policy);
/* Register callbacks that are done for each policy */
_dpd.addPreproc(ProcessModbus, PRIORITY_APPLICATION, PP_MODBUS, PROTO_BIT__TCP);
_addPortsToStream5Filter(modbus_policy, policy_id);
#ifdef TARGET_BASED
_addServicesToStream5Filter(policy_id);
#endif
/* Add preprocessor rule options here */
/* _dpd.preprocOptRegister("foo_bar", FOO_init, FOO_rule_eval, free, NULL, NULL, NULL, NULL); */
_dpd.preprocOptRegister("modbus_func", ModbusFuncInit, ModbusRuleEval, free, NULL, NULL, NULL, NULL);
_dpd.preprocOptRegister("modbus_unit", ModbusUnitInit, ModbusRuleEval, free, NULL, NULL, NULL, NULL);
_dpd.preprocOptRegister("modbus_data", ModbusDataInit, ModbusRuleEval, free, NULL, NULL, NULL, NULL);
return modbus_policy;
}
/* Initializes the SIP preprocessor module and registers
* it in the preprocessor list.
*
* PARAMETERS:
*
* argp: Pointer to argument string to process for config
* data.
*
* RETURNS: Nothing.
*/
static void SIPInit(char *argp)
{
tSfPolicyId policy_id = _dpd.getParserPolicy();
SIPConfig *pDefaultPolicyConfig = NULL;
SIPConfig *pPolicyConfig = NULL;
if (sip_config == NULL)
{
//create a context
sip_config = sfPolicyConfigCreate();
if (sip_config == NULL)
{
DynamicPreprocessorFatalMessage("Failed to allocate memory "
"for SIP config.\n");
}
_dpd.addPreprocConfCheck(SIPCheckConfig);
_dpd.registerPreprocStats(SIP_NAME, SIP_PrintStats);
_dpd.addPreprocExit(SIPCleanExit, NULL, PRIORITY_LAST, PP_SIP);
#ifdef PERF_PROFILING
_dpd.addPreprocProfileFunc("sip", (void *)&sipPerfStats, 0, _dpd.totalPerfStats);
#endif
#ifdef TARGET_BASED
sip_app_id = _dpd.findProtocolReference("sip");
if (sip_app_id == SFTARGET_UNKNOWN_PROTOCOL)
sip_app_id = _dpd.addProtocolReference("sip");
#endif
}
sfPolicyUserPolicySet (sip_config, policy_id);
pDefaultPolicyConfig = (SIPConfig *)sfPolicyUserDataGetDefault(sip_config);
pPolicyConfig = (SIPConfig *)sfPolicyUserDataGetCurrent(sip_config);
if ((pPolicyConfig != NULL) && (pDefaultPolicyConfig == NULL))
{
DynamicPreprocessorFatalMessage("SIP preprocessor can only be "
"configured once.\n");
}
pPolicyConfig = (SIPConfig *)calloc(1, sizeof(SIPConfig));
if (!pPolicyConfig)
{
DynamicPreprocessorFatalMessage("Could not allocate memory for "
"SIP preprocessor configuration.\n");
}
sfPolicyUserDataSetCurrent(sip_config, pPolicyConfig);
SIP_RegRuleOptions();
ParseSIPArgs(pPolicyConfig, (u_char *)argp);
if (policy_id != 0)
pPolicyConfig->maxNumSessions = pDefaultPolicyConfig->maxNumSessions;
if ( pPolicyConfig->disabled )
return;
if (_dpd.streamAPI == NULL)
{
DynamicPreprocessorFatalMessage("SetupSIP(): The Stream preprocessor must be enabled.\n");
}
_dpd.addPreproc( SIPmain, PRIORITY_APPLICATION, PP_SIP, PROTO_BIT__UDP|PROTO_BIT__TCP );
_addPortsToStream5Filter(pPolicyConfig, policy_id);
#ifdef TARGET_BASED
_addServicesToStream5Filter(policy_id);
#endif
}
/* Initializes the SSH preprocessor module and registers
* it in the preprocessor list.
*
* PARAMETERS:
*
* argp: Pointer to argument string to process for config
* data.
*
* RETURNS: Nothing.
*/
static void SSHInit(char *argp)
{
tSfPolicyId policy_id = _dpd.getParserPolicy();
SSHConfig *pPolicyConfig = NULL;
if (ssh_config == NULL)
{
//create a context
ssh_config = sfPolicyConfigCreate();
if (ssh_config == NULL)
{
DynamicPreprocessorFatalMessage("Failed to allocate memory "
"for SSH config.\n");
}
if (_dpd.streamAPI == NULL)
{
DynamicPreprocessorFatalMessage("SetupSSH(): The Stream preprocessor must be enabled.\n");
}
_dpd.addPreprocConfCheck(SSHCheckConfig);
_dpd.addPreprocExit(SSHCleanExit, NULL, PRIORITY_LAST, PP_SSH);
#ifdef PERF_PROFILING
_dpd.addPreprocProfileFunc("ssh", (void *)&sshPerfStats, 0, _dpd.totalPerfStats);
#endif
#ifdef TARGET_BASED
ssh_app_id = _dpd.findProtocolReference("ssh");
if (ssh_app_id == SFTARGET_UNKNOWN_PROTOCOL)
ssh_app_id = _dpd.addProtocolReference("ssh");
#endif
}
sfPolicyUserPolicySet (ssh_config, policy_id);
pPolicyConfig = (SSHConfig *)sfPolicyUserDataGetCurrent(ssh_config);
if (pPolicyConfig != NULL)
{
DynamicPreprocessorFatalMessage("SSH preprocessor can only be "
"configured once.\n");
}
pPolicyConfig = (SSHConfig *)calloc(1, sizeof(SSHConfig));
if (!pPolicyConfig)
{
DynamicPreprocessorFatalMessage("Could not allocate memory for "
"SSH preprocessor configuration.\n");
}
sfPolicyUserDataSetCurrent(ssh_config, pPolicyConfig);
ParseSSHArgs(pPolicyConfig, (u_char *)argp);
_dpd.addPreproc( ProcessSSH, PRIORITY_APPLICATION, PP_SSH, PROTO_BIT__TCP );
_addPortsToStream5Filter(pPolicyConfig, policy_id);
#ifdef TARGET_BASED
_addServicesToStream5Filter(policy_id);
#endif
}
void SSLReload(struct _SnortConfig *sc, char *args, void **new_config)
{
tSfPolicyUserContextId ssl_swap_config = (tSfPolicyUserContextId)*new_config;
tSfPolicyId policy_id = _dpd.getParserPolicy(sc);
SSLPP_config_t * pPolicyConfig = NULL;
if (ssl_swap_config == NULL)
{
//create a context
ssl_swap_config = sfPolicyConfigCreate();
if (ssl_swap_config == NULL)
{
DynamicPreprocessorFatalMessage("Could not allocate memory for the "
"SSL preprocessor configuration.\n");
}
if (_dpd.streamAPI == NULL)
{
DynamicPreprocessorFatalMessage(
"SSLPP_init(): The Stream preprocessor must be enabled.\n");
}
*new_config = (void *)ssl_swap_config;
}
sfPolicyUserPolicySet (ssl_swap_config, policy_id);
pPolicyConfig = (SSLPP_config_t *)sfPolicyUserDataGetCurrent(ssl_swap_config);
if (pPolicyConfig != NULL)
{
DynamicPreprocessorFatalMessage("SSL preprocessor can only be "
"configured once.\n");
}
pPolicyConfig = (SSLPP_config_t *)calloc(1, sizeof(SSLPP_config_t));
if (pPolicyConfig == NULL)
{
DynamicPreprocessorFatalMessage("Could not allocate memory for the "
"SSL preprocessor configuration.\n");
}
sfPolicyUserDataSetCurrent(ssl_swap_config, pPolicyConfig);
SSLPP_init_config(pPolicyConfig);
SSLPP_config(pPolicyConfig, args);
SSLPP_print_config(pPolicyConfig);
_dpd.preprocOptRegister(sc, "ssl_state", SSLPP_state_init, SSLPP_rule_eval,
free, NULL, NULL, NULL, NULL);
_dpd.preprocOptRegister(sc, "ssl_version", SSLPP_ver_init, SSLPP_rule_eval,
free, NULL, NULL, NULL, NULL);
_dpd.addPreproc(sc, SSLPP_process, PRIORITY_APPLICATION, PP_SSL, PROTO_BIT__TCP);
registerPortsForDispatch( sc, pPolicyConfig );
registerPortsForReassembly( pPolicyConfig, SSN_DIR_FROM_SERVER | SSN_DIR_FROM_CLIENT );
_addPortsToStream5Filter(sc, pPolicyConfig, policy_id);
#ifdef TARGET_BASED
_addServicesToStream5Filter(sc, policy_id);
#endif
}
void SSLPP_init(struct _SnortConfig *sc, char *args)
{
tSfPolicyId policy_id = _dpd.getParserPolicy(sc);
SSLPP_config_t *pPolicyConfig = NULL;
if (ssl_config == NULL)
{
//create a context
ssl_config = sfPolicyConfigCreate();
if (ssl_config == NULL)
{
DynamicPreprocessorFatalMessage("Could not allocate memory for the "
"SSL preprocessor configuration.\n");
}
if (_dpd.streamAPI == NULL)
{
DynamicPreprocessorFatalMessage(
"SSLPP_init(): The Stream preprocessor must be enabled.\n");
}
SSL_InitGlobals();
_dpd.registerPreprocStats("ssl", SSLPP_drop_stats);
_dpd.addPreprocConfCheck(sc, SSLPP_CheckConfig);
_dpd.addPreprocExit(SSLCleanExit, NULL, PRIORITY_LAST, PP_SSL);
_dpd.addPreprocResetStats(SSLResetStats, NULL, PRIORITY_LAST, PP_SSL);
#ifdef PERF_PROFILING
_dpd.addPreprocProfileFunc("ssl", (void *)&sslpp_perf_stats, 0, _dpd.totalPerfStats);
#endif
#ifdef ENABLE_HA
_dpd.addFuncToPostConfigList(sc, SSLHAPostConfigInit, NULL);
#endif
#ifdef TARGET_BASED
ssl_app_id = _dpd.findProtocolReference("ssl");
if (ssl_app_id == SFTARGET_UNKNOWN_PROTOCOL)
{
ssl_app_id = _dpd.addProtocolReference("ssl");
}
_dpd.sessionAPI->register_service_handler( PP_SSL, ssl_app_id );
#endif
}
sfPolicyUserPolicySet (ssl_config, policy_id);
pPolicyConfig = (SSLPP_config_t *)sfPolicyUserDataGetCurrent(ssl_config);
if (pPolicyConfig != NULL)
{
DynamicPreprocessorFatalMessage("SSL preprocessor can only be "
"configured once.\n");
}
pPolicyConfig = (SSLPP_config_t *)calloc(1, sizeof(SSLPP_config_t));
if (pPolicyConfig == NULL)
{
DynamicPreprocessorFatalMessage("Could not allocate memory for the "
"SSL preprocessor configuration.\n");
}
sfPolicyUserDataSetCurrent(ssl_config, pPolicyConfig);
SSLPP_init_config(pPolicyConfig);
SSLPP_config(pPolicyConfig, args);
SSLPP_print_config(pPolicyConfig);
_dpd.preprocOptRegister(sc, "ssl_state", SSLPP_state_init, SSLPP_rule_eval,
free, NULL, NULL, NULL, NULL);
_dpd.preprocOptRegister(sc, "ssl_version", SSLPP_ver_init, SSLPP_rule_eval,
free, NULL, NULL, NULL, NULL);
_dpd.addPreproc( sc, SSLPP_process, PRIORITY_APPLICATION, PP_SSL, PROTO_BIT__TCP );
registerPortsForDispatch( sc, pPolicyConfig );
registerPortsForReassembly( pPolicyConfig, SSN_DIR_FROM_SERVER | SSN_DIR_FROM_CLIENT );
_addPortsToStream5Filter(sc, pPolicyConfig, policy_id);
#ifdef TARGET_BASED
_addServicesToStream5Filter(sc, policy_id);
#endif
}
/* Initializes the GTP preprocessor module and registers
* it in the preprocessor list.
*
* PARAMETERS:
*
* argp: Pointer to argument string to process for config data.
*
* RETURNS: Nothing.
*/
static void GTPInit(char *argp)
{
tSfPolicyId policy_id = _dpd.getParserPolicy();
GTPConfig *pDefaultPolicyConfig = NULL;
GTPConfig *pPolicyConfig = NULL;
if (gtp_config == NULL)
{
/*create a context*/
gtp_config = sfPolicyConfigCreate();
if (gtp_config == NULL)
{
DynamicPreprocessorFatalMessage("Failed to allocate memory "
"for GTP config.\n");
}
_dpd.addPreprocConfCheck(GTPCheckConfig);
_dpd.registerPreprocStats(GTP_NAME, GTP_PrintStats);
_dpd.addPreprocExit(GTPCleanExit, NULL, PRIORITY_LAST, PP_GTP);
#ifdef PERF_PROFILING
_dpd.addPreprocProfileFunc("gtp", (void *)>pPerfStats, 0, _dpd.totalPerfStats);
#endif
#ifdef TARGET_BASED
gtp_app_id = _dpd.findProtocolReference("gtp");
if (gtp_app_id == SFTARGET_UNKNOWN_PROTOCOL)
gtp_app_id = _dpd.addProtocolReference("gtp");
#endif
}
sfPolicyUserPolicySet (gtp_config, policy_id);
pDefaultPolicyConfig = (GTPConfig *)sfPolicyUserDataGetDefault(gtp_config);
pPolicyConfig = (GTPConfig *)sfPolicyUserDataGetCurrent(gtp_config);
if ((pPolicyConfig != NULL) && (pDefaultPolicyConfig == NULL))
{
DynamicPreprocessorFatalMessage("GTP preprocessor can only be "
"configured once.\n");
}
pPolicyConfig = (GTPConfig *)calloc(1, sizeof(GTPConfig));
if (!pPolicyConfig)
{
DynamicPreprocessorFatalMessage("Could not allocate memory for "
"GTP preprocessor configuration.\n");
}
sfPolicyUserDataSetCurrent(gtp_config, pPolicyConfig);
GTP_RegRuleOptions();
ParseGTPArgs(pPolicyConfig, (u_char *)argp);
if (_dpd.streamAPI == NULL)
{
DynamicPreprocessorFatalMessage("SetupGTP(): The Stream preprocessor must be enabled.\n");
}
_dpd.addPreproc( GTPmain, PRIORITY_APPLICATION, PP_GTP, PROTO_BIT__UDP );
_addPortsToStream5Filter(pPolicyConfig, policy_id);
#ifdef TARGET_BASED
_addServicesToStream5Filter(policy_id);
#endif
}
