int output_log_xml_init(struct output *o) {
struct output_log_xml_priv *priv = log_xml_init();
if (!priv)
return POM_ERR;
priv->p_source = ptype_alloc("string");
if (!priv->p_source)
goto err;
output_set_priv(o, priv);
struct registry_instance *inst = output_get_reg_instance(o);
priv->perf_events = registry_instance_add_perf(inst, "events", registry_perf_type_counter, "Number of events process", "events");
if (!priv->perf_events)
goto err;
struct registry_param *p = registry_new_param("filename", "log.xml", priv->p_filename, "XML log file", 0);
if (registry_instance_add_param(inst, p) != POM_OK)
goto err;
p = registry_new_param("source", "", priv->p_source, "Define the type of event being logged", 0);
if (registry_instance_add_param(inst, p) != POM_OK)
goto err;
return POM_OK;
err:
output_log_xml_cleanup(priv);
return POM_ERR;
}
static int proto_udp_init(struct proto *proto, struct registry_instance *i) {
proto_dns = proto_get("dns");
proto_tftp = proto_get("tftp");
param_conntrack_timeout = ptype_alloc_unit("uint32", "seconds");
if (!param_conntrack_timeout)
return POM_ERR;
struct registry_param *p = registry_new_param("conntrack_timeout", "600", param_conntrack_timeout, "Timeout for UDP connections", 0);
if (!p)
goto err;
if (registry_instance_add_param(i, p) != POM_OK)
goto err;
return POM_OK;
err:
if (p)
registry_cleanup_param(p);
if (param_conntrack_timeout) {
ptype_cleanup(param_conntrack_timeout);
param_conntrack_timeout = NULL;
}
return POM_ERR;
}
static int proto_ipv4_init(struct proto *proto, struct registry_instance *i) {
if (proto_number_register("ethernet", 0x0800, proto) != POM_OK ||
proto_number_register("ip", IPPROTO_IPIP, proto) != POM_OK ||
proto_number_register("ppp", 0x21, proto) != POM_OK)
return POM_ERR;
perf_frags = registry_instance_add_perf(i, "fragments", registry_perf_type_counter, "Number of fragments received", "pkts");
perf_frags_dropped = registry_instance_add_perf(i, "dropped_fragments", registry_perf_type_counter, "Number of fragments dropped", "pkts");
perf_reassembled_pkts = registry_instance_add_perf(i, "reassembled_pkts", registry_perf_type_counter, "Number of reassembled packets", "pkts");
if (!perf_frags || !perf_frags_dropped || !perf_reassembled_pkts)
return POM_ERR;
param_frag_timeout = ptype_alloc_unit("uint32", "seconds");
if (!param_frag_timeout)
return POM_ERR;
param_conntrack_timeout = ptype_alloc_unit("uint32", "seconds");
if (!param_conntrack_timeout)
return POM_ERR;
struct registry_param *p = registry_new_param("fragment_timeout", "60", param_frag_timeout, "Timeout for incomplete ipv4 fragments", 0);
if (registry_instance_add_param(i, p) != POM_OK)
goto err;
p = registry_new_param("conntrack_timeout", "7200", param_conntrack_timeout, "Timeout for ipv4 connections", 0);
if (registry_instance_add_param(i, p) != POM_OK)
goto err;
return POM_OK;
err:
if (param_frag_timeout) {
ptype_cleanup(param_frag_timeout);
param_frag_timeout = NULL;
}
if (param_conntrack_timeout) {
ptype_cleanup(param_conntrack_timeout);
param_conntrack_timeout = NULL;
}
return POM_ERR;
}
static int registry_uid_add(struct registry_instance *instance, uint32_t uid) {
// Add the uid to the instance
struct ptype *uid_ptype = ptype_alloc("uint32");
if (!uid_ptype)
return POM_ERR;
PTYPE_UINT32_SETVAL(uid_ptype, uid);
struct registry_param* uid_param = registry_new_param("uid", NULL, uid_ptype, "Unique ID", REGISTRY_PARAM_FLAG_CLEANUP_VAL | REGISTRY_PARAM_FLAG_IMMUTABLE);
if (!uid_param) {
ptype_cleanup(uid_ptype);
return POM_ERR;
}
// Add the new uid to the table
registry_uid_table_size++;
uint32_t *new_uid_table = realloc(registry_uid_table, sizeof(uint32_t) * registry_uid_table_size);
if (!new_uid_table) {
pom_oom(sizeof(uint32_t) * registry_uid_table_size);
ptype_cleanup(uid_ptype);
return POM_ERR;
}
registry_uid_table = new_uid_table;
registry_uid_table[registry_uid_table_size - 1] = uid;
if (registry_instance_add_param(instance, uid_param) != POM_OK) {
registry_cleanup_param(uid_param);
ptype_cleanup(uid_ptype);
registry_uid_table_size--;
return POM_ERR;
}
return POM_OK;
}
int output_instance_add(char *type, char *name) {
struct output_reg *reg;
for (reg = output_reg_head; reg && strcmp(reg->reg_info->name, type); reg = reg->next);
if (!reg) {
pomlog(POMLOG_ERR "Output type %s does not exists", type);
return POM_ERR;
}
struct output *res = malloc(sizeof(struct output));
if (!res) {
pom_oom(sizeof(struct output));
return POM_ERR;
}
memset(res, 0, sizeof(struct output));
res->info = reg;
res->name = strdup(name);
if (!res->name) {
pom_oom(strlen(name) + 1);
goto err;
}
res->reg_instance = registry_add_instance(output_registry_class, name);
if (!res->reg_instance)
goto err;
res->reg_instance->priv = res;
res->perf_runtime = registry_instance_add_perf(res->reg_instance, "runtime", registry_perf_type_timeticks, "Runtime", NULL);
if (!res->perf_runtime)
goto err;
struct ptype *param_running_val = ptype_alloc("bool");
if (!param_running_val)
goto err;
struct registry_param *param_running = registry_new_param("running", "no", param_running_val, "Running state of the output", REGISTRY_PARAM_FLAG_CLEANUP_VAL);
if (!param_running) {
ptype_cleanup(param_running_val);
goto err;
}
if (registry_param_set_callbacks(param_running, res, NULL, output_instance_start_stop_handler) != POM_OK) {
registry_cleanup_param(param_running);
ptype_cleanup(param_running_val);
goto err;
}
if (registry_instance_add_param(res->reg_instance, param_running) != POM_OK) {
registry_cleanup_param(param_running);
ptype_cleanup(param_running_val);
goto err;
}
struct ptype *output_type = ptype_alloc("string");
if (!output_type)
goto err;
struct registry_param *type_param = registry_new_param("type", type, output_type, "Type of the output", REGISTRY_PARAM_FLAG_CLEANUP_VAL | REGISTRY_PARAM_FLAG_IMMUTABLE);
if (!type_param) {
ptype_cleanup(output_type);
goto err;
}
if (registry_instance_add_param(res->reg_instance, type_param) != POM_OK) {
registry_cleanup_param(type_param);
ptype_cleanup(output_type);
goto err;
}
if (registry_uid_create(res->reg_instance) != POM_OK)
goto err;
if (reg->reg_info->init) {
if (reg->reg_info->init(res) != POM_OK) {
pomlog(POMLOG_ERR "Error while initializing the output %s", name);
goto err;
}
}
res->next = output_head;
if (res->next)
res->next->prev = res;
output_head = res;
return POM_OK;
err:
if (res->reg_instance) {
registry_remove_instance(res->reg_instance);
} else {
if (res->name)
free(res->name);
free(res);
}
return POM_ERR;
}
static int proto_eap_init(struct proto *proto, struct registry_instance *i) {
if (proto_number_register("8021x", 0x0, proto) != POM_OK ||
proto_number_register("ppp", 0xc227, proto) != POM_OK)
return POM_ERR;
struct proto_eap_priv *priv = malloc(sizeof(struct proto_eap_priv));
if (!priv) {
pom_oom(sizeof(struct proto_eap_priv));
return POM_ERR;
}
memset(priv, 0, sizeof(struct proto_eap_priv));
proto_set_priv(proto, priv);
priv->p_timeout = ptype_alloc_unit("uint32", "seconds");
if (!priv->p_timeout)
goto err;
struct registry_param *p = registry_new_param("timeout", "60", priv->p_timeout, "Transaction timeout", 0);
if (registry_instance_add_param(i, p) != POM_OK) {
registry_cleanup_param(p);
goto err;
}
static struct data_item_reg evt_identity_data_items[PROTO_EAP_EVT_IDENTITY_DATA_COUNT] = { { 0 } };
evt_identity_data_items[evt_eap_common_identifier].name = "identifier";
evt_identity_data_items[evt_eap_common_identifier].value_type = ptype_get_type("uint8");
evt_identity_data_items[evt_eap_common_code].name = "code";
evt_identity_data_items[evt_eap_common_code].value_type = ptype_get_type("uint8");
evt_identity_data_items[evt_eap_identity_identity].name = "identity";
evt_identity_data_items[evt_eap_identity_identity].value_type = ptype_get_type("string");
static struct data_reg evt_eap_identity_data = {
.items = evt_identity_data_items,
.data_count = PROTO_EAP_EVT_IDENTITY_DATA_COUNT
};
static struct event_reg_info proto_eap_identity = { 0 };
proto_eap_identity.source_name = "proto_eap";
proto_eap_identity.source_obj = priv;
proto_eap_identity.name = "eap_identity";
proto_eap_identity.description = "EAP Identity";
proto_eap_identity.data_reg = &evt_eap_identity_data;
priv->evt_identity = event_register(&proto_eap_identity);
if (!priv->evt_identity)
goto err;
static struct data_item_reg evt_md5_challenge_data_items[PROTO_EAP_EVT_MD5_CHALLENGE_DATA_COUNT] = { { 0 } };
evt_md5_challenge_data_items[evt_eap_common_identifier].name = "identifier";
evt_md5_challenge_data_items[evt_eap_common_identifier].value_type = ptype_get_type("uint8");
evt_md5_challenge_data_items[evt_eap_common_code].name = "code";
evt_md5_challenge_data_items[evt_eap_common_code].value_type = ptype_get_type("uint8");
evt_md5_challenge_data_items[evt_eap_md5_challenge_value].name = "value";
evt_md5_challenge_data_items[evt_eap_md5_challenge_value].value_type = ptype_get_type("bytes");
evt_md5_challenge_data_items[evt_eap_md5_challenge_name].name = "name";
evt_md5_challenge_data_items[evt_eap_md5_challenge_name].value_type = ptype_get_type("string");
static struct data_reg evt_eap_md5_challenge_data = {
.items = evt_md5_challenge_data_items,
.data_count = PROTO_EAP_EVT_MD5_CHALLENGE_DATA_COUNT
};
static struct event_reg_info proto_eap_md5_challenge = { 0 };
proto_eap_md5_challenge.source_name = "proto_eap";
proto_eap_md5_challenge.source_obj = priv;
proto_eap_md5_challenge.name = "eap_md5_challenge";
proto_eap_md5_challenge.description = "EAP MD5-Challenge";
proto_eap_md5_challenge.data_reg = &evt_eap_md5_challenge_data;
priv->evt_md5_challenge = event_register(&proto_eap_md5_challenge);
if (!priv->evt_md5_challenge)
goto err;
static struct data_item_reg evt_success_failure_data_items[PROTO_EAP_EVT_SUCCESS_FAILURE_DATA_COUNT] = { { 0 } };
evt_success_failure_data_items[evt_eap_common_identifier].name = "identifier";
evt_success_failure_data_items[evt_eap_common_identifier].value_type = ptype_get_type("uint8");
evt_success_failure_data_items[evt_eap_success_failure_success].name = "success";
evt_success_failure_data_items[evt_eap_success_failure_success].value_type = ptype_get_type("bool");
static struct data_reg evt_eap_success_failure_data = {
.items = evt_success_failure_data_items,
.data_count = PROTO_EAP_EVT_SUCCESS_FAILURE_DATA_COUNT
};
static struct event_reg_info proto_eap_success_failure = { 0 };
proto_eap_success_failure.source_name = "proto_eap";
proto_eap_success_failure.source_obj = priv;
proto_eap_success_failure.name = "eap_success_failure";
proto_eap_success_failure.description = "EAP Success/Failure";
proto_eap_success_failure.data_reg = &evt_eap_success_failure_data;
priv->evt_success_failure = event_register(&proto_eap_success_failure);
if (!priv->evt_success_failure)
goto err;
return POM_OK;
err:
proto_eap_cleanup(priv);
return POM_ERR;
}
