/* Setup function */
void SetupByteExtract(void)
{
RegisterRuleOption("byte_extract", ByteExtractInit, NULL, OPT_TYPE_DETECTION, NULL);
AddFuncToCleanExitList(ByteExtractCleanup, NULL);
#ifdef PERF_PROFILING
RegisterPreprocessorProfile("byte_extract", &byteExtractPerfStats, 3, &ruleOTNEvalPerfStats);
#endif
}
/*
* Function: TemplateInit(u_char *)
*
* Purpose: Calls the argument parsing function, performs final setup on data
* structs, links the preproc function into the function list.
*
* Arguments: args => ptr to argument string
*
* Returns: void function
*
*/
void TemplateInit(u_char *args)
{
DebugMessage(DEBUG_PLUGIN,"Preprocessor: Template Initialized\n");
/* parse the argument list from the rules file */
ParseTemplateArgs(args);
/* Set the preprocessor function into the function list */
AddFuncToPreprocList(PreprocFunction);
AddFuncToCleanExitList(PreprocCleanExitFunction);
AddFuncToRestartList(PreprocRestartFunction);
}
/*
* Function: TemplateInit(u_char *)
*
* Purpose: Calls the argument parsing function, performs final setup on data
* structs, links the preproc function into the function list.
*
* Arguments: args => ptr to argument string
*
* Returns: void function
*
*/
static void TemplateInit(u_char *args)
{
DebugMessage(DEBUG_PLUGIN,"Preprocessor: Template Initialized\n");
/*
* parse the argument list from the rules file
*/
ParseTemplateArgs(args);
/*
* perform any other initialization functions that are required here
*/
/*
* Set the preprocessor function into the function list
*/
AddFuncToPreprocList(PreprocFunction);
AddFuncToCleanExitList(PreprocCleanExitFunction, NULL);
AddFuncToRestartList(PreprocRestartFunction, NULL);
}
/*
* init the output plugin, process any arguments, link the functions to
* the output functional node
*/
void OpSyslog_Init(char *args)
{
OpSyslog_Data *syslogContext;
if( args == NULL)
{
/* For later use...
ErrorMessage("OpSyslog_Init(): Invoked with NULL arguments....\n");
return 1;
*/
FatalError("OpSyslog_Init(): Invoked with NULL arguments....\n");
}
if( (syslogContext = OpSyslog_ParseArgs(args)) == NULL)
{
FatalError("OpSyslog_Init(): Error parsing output plugin arguments, bailing.\n");
}
AddFuncToCleanExitList(OpSyslog_Exit,(void *)syslogContext);
AddFuncToShutdownList(OpSyslog_Exit,(void *)syslogContext);
switch(SyslogLogContext)
{
case OUTPUT_TYPE_FLAG__LOG:
switch(syslogContext->operation_mode)
{
case 1:
AddFuncToOutputList(OpSyslog_Log, OUTPUT_TYPE__LOG, (void *)syslogContext);
break;
case 0:
default:
LogMessage("[%s()]: OUTPUT_TYPE__LOG was selected but operation_mode is set to \"default\", using defaut logging hook \n",
__FUNCTION__);
AddFuncToOutputList(OpSyslog_Alert, OUTPUT_TYPE__ALERT, (void *)syslogContext);
break;
}
case OUTPUT_TYPE_FLAG__ALERT:
AddFuncToOutputList(OpSyslog_Alert, OUTPUT_TYPE__ALERT, (void *)syslogContext);
break;
default:
FatalError("OpSyslog_Init(): Unknown operation mode...\n");
break;
}
/* Since we are in init phase */
syslogContext->socket = -1;
if(NetConnect(syslogContext))
{
FatalError("OpSyslog_Init(): Failed to connect to host: [%s] %s:%u\n",
db_proto[syslogContext->proto],
syslogContext->server,
syslogContext->port);
return;
}
if( (syslogContext->payload = malloc(SYSLOG_MAX_QUERY_SIZE)) == NULL)
{
FatalError("OpSyslog_Init(): Can't allocate payload memory, bailling \n");
}
memset(syslogContext->payload,'\0',(SYSLOG_MAX_QUERY_SIZE));
if( (syslogContext->formatBuffer = malloc(SYSLOG_MAX_QUERY_SIZE)) == NULL)
{
FatalError("OpSyslog_Init(): Can't allocate payload memory, bailling \n");
}
memset(syslogContext->formatBuffer,'\0',(SYSLOG_MAX_QUERY_SIZE));
OpSyslog_LogConfig(syslogContext);
return;
}
