/* Free the loginfo structure */
void Free_Eventinfo(Eventinfo *lf)
{
if (!lf) {
merror("%s: Trying to free NULL event. Inconsistent..", ARGV0);
return;
}
if (lf->comment)
free(lf->comment);
if (lf->full_log) {
free(lf->full_log);
}
if (lf->agent_id) {
free(lf->agent_id);
}
if (lf->location) {
free(lf->location);
}
if (lf->srcip) {
free(lf->srcip);
}
if(lf->srcgeoip) {
free(lf->srcgeoip);
lf->srcgeoip = NULL;
}
if (lf->dstip) {
free(lf->dstip);
}
if(lf->dstgeoip) {
free(lf->dstgeoip);
lf->dstgeoip = NULL;
}
if (lf->srcport) {
free(lf->srcport);
}
if (lf->dstport) {
free(lf->dstport);
}
if (lf->protocol) {
free(lf->protocol);
}
if (lf->action) {
free(lf->action);
}
if (lf->status) {
free(lf->status);
}
if (lf->srcuser) {
free(lf->srcuser);
}
if (lf->dstuser) {
free(lf->dstuser);
}
if (lf->id) {
free(lf->id);
}
if (lf->command) {
free(lf->command);
}
if (lf->url) {
free(lf->url);
}
if (lf->data) {
free(lf->data);
}
if (lf->systemname) {
free(lf->systemname);
}
if (lf->fields) {
int i;
for (i = 0; i < lf->nfields; i++)
free(lf->fields[i].value);
free(lf->fields);
}
if (lf->filename) {
free(lf->filename);
}
if (lf->md5_before) {
free(lf->md5_before);
}
if (lf->md5_after) {
free(lf->md5_after);
}
if (lf->sha1_before) {
free(lf->sha1_before);
}
if (lf->sha1_after) {
free(lf->sha1_after);
}
if (lf->size_before) {
free(lf->size_before);
}
if (lf->size_after) {
free(lf->size_after);
}
if (lf->owner_before) {
free(lf->owner_before);
}
if (lf->owner_after) {
free(lf->owner_after);
}
if (lf->gowner_before) {
free(lf->gowner_before);
}
if (lf->gowner_after) {
free(lf->gowner_after);
}
if (lf->uname_before) {
free(lf->uname_before);
}
if (lf->uname_after) {
free(lf->uname_after);
}
if (lf->gname_before) {
free(lf->gname_before);
}
if (lf->gname_after) {
free(lf->gname_after);
}
if (lf->diff) {
free(lf->diff);
}
/* Free node to delete */
if (lf->sid_node_to_delete) {
OSList_DeleteThisNode(lf->generated_rule->sid_prev_matched,
lf->sid_node_to_delete);
} else if (lf->generated_rule && lf->generated_rule->group_prev_matched) {
unsigned int i = 0;
while (i < lf->generated_rule->group_prev_matched_sz) {
OSList_DeleteOldestNode(lf->generated_rule->group_prev_matched[i]);
i++;
}
}
/* We dont need to free:
* fts
* comment
*/
free(lf);
lf = NULL;
return;
}
/* Free the loginfo structure */
void Free_Eventinfo(Eventinfo *lf)
{
if(!lf)
{
merror("%s: Trying to free NULL event. Inconsistent..",ARGV0);
return;
}
if(lf->full_log)
free(lf->full_log);
if(lf->location)
free(lf->location);
if(lf->srcip)
free(lf->srcip);
if(lf->dstip)
free(lf->dstip);
if(lf->srcport)
free(lf->srcport);
if(lf->dstport)
free(lf->dstport);
if(lf->protocol)
free(lf->protocol);
if(lf->action)
free(lf->action);
if(lf->status)
free(lf->status);
if(lf->srcuser)
free(lf->srcuser);
if(lf->dstuser)
free(lf->dstuser);
if(lf->id)
free(lf->id);
if(lf->command)
free(lf->command);
if(lf->url)
free(lf->url);
if(lf->data)
free(lf->data);
if(lf->systemname)
free(lf->systemname);
#ifdef PRELUDE
if(lf->filename)
free(lf->filename);
if (lf->md5_before)
free(lf->md5_before);
if (lf->md5_after)
free(lf->md5_after);
if (lf->sha1_before)
free(lf->sha1_before);
if (lf->sha1_after)
free(lf->sha1_after);
if (lf->size_before)
free(lf->size_before);
if (lf->size_after)
free(lf->size_after);
if (lf->owner_before)
free(lf->owner_before);
if (lf->owner_after)
free(lf->owner_after);
if (lf->gowner_before)
free(lf->gowner_before);
if (lf->gowner_after)
free(lf->gowner_after);
#endif
/* Freeing node to delete */
if(lf->sid_node_to_delete)
{
OSList_DeleteThisNode(lf->generated_rule->sid_prev_matched,
lf->sid_node_to_delete);
}
else if(lf->generated_rule && lf->generated_rule->group_prev_matched)
{
int i = 0;
while(i < lf->generated_rule->group_prev_matched_sz)
{
OSList_DeleteOldestNode(lf->generated_rule->group_prev_matched[i]);
i++;
}
}
/* We dont need to free:
* fts
* comment
*/
free(lf);
lf = NULL;
return;
}
