/* ******************************************************************** * Function: DisplayReputationConfig * * Display the configuration for the Reputation preprocessor. * * Arguments: * * ReputationConfig *config: Reputation preprocessor configuration. * * RETURNS: Nothing. *********************************************************************/ static void DisplayReputationConfig(ReputationConfig *config) { if (config == NULL) return; _dpd.logMsg(" Memcap: %d %s \n", config->memcap, config->memcap == REPUTATION_DEFAULT_MEMCAP ? "(Default) M bytes" : "M bytes" ); _dpd.logMsg(" Total number of entries used: %d \n", sfrt_num_entries(config->iplist)); _dpd.logMsg(" Total memory allocated: %d bytes\n", sfrt_usage(config->iplist)); _dpd.logMsg(" Scan local network: %s\n", config->scanlocal ? "ENABLED":"DISABLED (Default)"); _dpd.logMsg(" Reputation priority: %s \n", config->priority == WHITELISTED? REPUTATION_WHITELIST_KEYWORD "(Default)" : REPUTATION_BLACKLIST_KEYWORD ); _dpd.logMsg(" Nested IP: %s %s \n", NestedIPKeyword[config->nestedIP], config->nestedIP == INNER? "(Default)" : "" ); _dpd.logMsg("\n"); }
uint32_t SFAT_NumberOfHosts(void) { tTargetBasedPolicyConfig *pConfig = &targetBasedPolicyConfig; if (pConfig->curr.lookupTable) { return sfrt_num_entries(pConfig->curr.lookupTable); } return 0; }
static int AddIPtoList(sfip_t *ipAddr, void *info, ReputationConfig *config) { int iRet; int iFinalRet = IP_INSERT_SUCCESS; /*This variable is used to check whether a more generic address * overrides specific address */ uint32_t usageBeforeAdd; uint32_t usageAfterAdd; #ifndef SUP_IP6 if (ipAddr->family == AF_INET6) { return RT_INSERT_FAILURE; } #endif if (ipAddr->family == AF_INET) { ipAddr->ip32[0] = ntohl(ipAddr->ip32[0]); } else if (ipAddr->family == AF_INET6) { int i; for(i = 0; i < 4 ; i++) ipAddr->ip32[i] = ntohl(ipAddr->ip32[i]); } #ifdef DEBUG_MSGS if (NULL != sfrt_lookup((void *)ipAddr, config->iplist)) { DebugMessage(DEBUG_REPUTATION, "Find address before insert: %s \n",sfip_to_str(ipAddr) ); } else { DebugMessage(DEBUG_REPUTATION, "Can't find address before insert: %s \n",sfip_to_str(ipAddr) ); } #endif usageBeforeAdd = sfrt_usage(config->iplist); /*Check whether the same or more generic address is already in the table*/ if (NULL != sfrt_lookup((void *)ipAddr, config->iplist)) { iFinalRet = IP_INSERT_DUPLICATE; } #ifdef SUP_IP6 iRet = sfrt_insert((void *)ipAddr, (unsigned char)ipAddr->bits, (void *)info, RT_FAVOR_TIME, config->iplist); #else iRet = sfrt_insert((void *)&(ipAddr->ip.u6_addr32[0]), (unsigned char)ipAddr->bits, (void *)info, RT_FAVOR_TIME, config->iplist); #endif if (RT_SUCCESS == iRet) { totalNumEntries++; #ifdef DEBUG_MSGS DebugMessage(DEBUG_REPUTATION, "Number of entries input: %d, in table: %d \n", totalNumEntries,sfrt_num_entries(config->iplist) ); DebugMessage(DEBUG_REPUTATION, "Memory allocated: %d \n",sfrt_usage(config->iplist) ); if (NULL != sfrt_lookup((void *)ipAddr, config->iplist)) { DebugMessage(DEBUG_REPUTATION, "Find address after insert: %s \n",sfip_to_str(ipAddr) ); } #endif } else if (MEM_ALLOC_FAILURE == iRet) { iFinalRet = IP_MEM_ALLOC_FAILURE; DEBUG_WRAP( DebugMessage(DEBUG_REPUTATION, "Insert error: %d for address: %s \n",iRet, sfip_to_str(ipAddr) ););