Using autotools now
This commit is contained in:
parent
5cb91e3427
commit
7174b93511
|
@ -0,0 +1,674 @@
|
|||
GNU GENERAL PUBLIC LICENSE
|
||||
Version 3, 29 June 2007
|
||||
|
||||
Copyright (C) 2007 Free Software Foundation, Inc. <http://fsf.org/>
|
||||
Everyone is permitted to copy and distribute verbatim copies
|
||||
of this license document, but changing it is not allowed.
|
||||
|
||||
Preamble
|
||||
|
||||
The GNU General Public License is a free, copyleft license for
|
||||
software and other kinds of works.
|
||||
|
||||
The licenses for most software and other practical works are designed
|
||||
to take away your freedom to share and change the works. By contrast,
|
||||
the GNU General Public License is intended to guarantee your freedom to
|
||||
share and change all versions of a program--to make sure it remains free
|
||||
software for all its users. We, the Free Software Foundation, use the
|
||||
GNU General Public License for most of our software; it applies also to
|
||||
any other work released this way by its authors. You can apply it to
|
||||
your programs, too.
|
||||
|
||||
When we speak of free software, we are referring to freedom, not
|
||||
price. Our General Public Licenses are designed to make sure that you
|
||||
have the freedom to distribute copies of free software (and charge for
|
||||
them if you wish), that you receive source code or can get it if you
|
||||
want it, that you can change the software or use pieces of it in new
|
||||
free programs, and that you know you can do these things.
|
||||
|
||||
To protect your rights, we need to prevent others from denying you
|
||||
these rights or asking you to surrender the rights. Therefore, you have
|
||||
certain responsibilities if you distribute copies of the software, or if
|
||||
you modify it: responsibilities to respect the freedom of others.
|
||||
|
||||
For example, if you distribute copies of such a program, whether
|
||||
gratis or for a fee, you must pass on to the recipients the same
|
||||
freedoms that you received. You must make sure that they, too, receive
|
||||
or can get the source code. And you must show them these terms so they
|
||||
know their rights.
|
||||
|
||||
Developers that use the GNU GPL protect your rights with two steps:
|
||||
(1) assert copyright on the software, and (2) offer you this License
|
||||
giving you legal permission to copy, distribute and/or modify it.
|
||||
|
||||
For the developers' and authors' protection, the GPL clearly explains
|
||||
that there is no warranty for this free software. For both users' and
|
||||
authors' sake, the GPL requires that modified versions be marked as
|
||||
changed, so that their problems will not be attributed erroneously to
|
||||
authors of previous versions.
|
||||
|
||||
Some devices are designed to deny users access to install or run
|
||||
modified versions of the software inside them, although the manufacturer
|
||||
can do so. This is fundamentally incompatible with the aim of
|
||||
protecting users' freedom to change the software. The systematic
|
||||
pattern of such abuse occurs in the area of products for individuals to
|
||||
use, which is precisely where it is most unacceptable. Therefore, we
|
||||
have designed this version of the GPL to prohibit the practice for those
|
||||
products. If such problems arise substantially in other domains, we
|
||||
stand ready to extend this provision to those domains in future versions
|
||||
of the GPL, as needed to protect the freedom of users.
|
||||
|
||||
Finally, every program is threatened constantly by software patents.
|
||||
States should not allow patents to restrict development and use of
|
||||
software on general-purpose computers, but in those that do, we wish to
|
||||
avoid the special danger that patents applied to a free program could
|
||||
make it effectively proprietary. To prevent this, the GPL assures that
|
||||
patents cannot be used to render the program non-free.
|
||||
|
||||
The precise terms and conditions for copying, distribution and
|
||||
modification follow.
|
||||
|
||||
TERMS AND CONDITIONS
|
||||
|
||||
0. Definitions.
|
||||
|
||||
"This License" refers to version 3 of the GNU General Public License.
|
||||
|
||||
"Copyright" also means copyright-like laws that apply to other kinds of
|
||||
works, such as semiconductor masks.
|
||||
|
||||
"The Program" refers to any copyrightable work licensed under this
|
||||
License. Each licensee is addressed as "you". "Licensees" and
|
||||
"recipients" may be individuals or organizations.
|
||||
|
||||
To "modify" a work means to copy from or adapt all or part of the work
|
||||
in a fashion requiring copyright permission, other than the making of an
|
||||
exact copy. The resulting work is called a "modified version" of the
|
||||
earlier work or a work "based on" the earlier work.
|
||||
|
||||
A "covered work" means either the unmodified Program or a work based
|
||||
on the Program.
|
||||
|
||||
To "propagate" a work means to do anything with it that, without
|
||||
permission, would make you directly or secondarily liable for
|
||||
infringement under applicable copyright law, except executing it on a
|
||||
computer or modifying a private copy. Propagation includes copying,
|
||||
distribution (with or without modification), making available to the
|
||||
public, and in some countries other activities as well.
|
||||
|
||||
To "convey" a work means any kind of propagation that enables other
|
||||
parties to make or receive copies. Mere interaction with a user through
|
||||
a computer network, with no transfer of a copy, is not conveying.
|
||||
|
||||
An interactive user interface displays "Appropriate Legal Notices"
|
||||
to the extent that it includes a convenient and prominently visible
|
||||
feature that (1) displays an appropriate copyright notice, and (2)
|
||||
tells the user that there is no warranty for the work (except to the
|
||||
extent that warranties are provided), that licensees may convey the
|
||||
work under this License, and how to view a copy of this License. If
|
||||
the interface presents a list of user commands or options, such as a
|
||||
menu, a prominent item in the list meets this criterion.
|
||||
|
||||
1. Source Code.
|
||||
|
||||
The "source code" for a work means the preferred form of the work
|
||||
for making modifications to it. "Object code" means any non-source
|
||||
form of a work.
|
||||
|
||||
A "Standard Interface" means an interface that either is an official
|
||||
standard defined by a recognized standards body, or, in the case of
|
||||
interfaces specified for a particular programming language, one that
|
||||
is widely used among developers working in that language.
|
||||
|
||||
The "System Libraries" of an executable work include anything, other
|
||||
than the work as a whole, that (a) is included in the normal form of
|
||||
packaging a Major Component, but which is not part of that Major
|
||||
Component, and (b) serves only to enable use of the work with that
|
||||
Major Component, or to implement a Standard Interface for which an
|
||||
implementation is available to the public in source code form. A
|
||||
"Major Component", in this context, means a major essential component
|
||||
(kernel, window system, and so on) of the specific operating system
|
||||
(if any) on which the executable work runs, or a compiler used to
|
||||
produce the work, or an object code interpreter used to run it.
|
||||
|
||||
The "Corresponding Source" for a work in object code form means all
|
||||
the source code needed to generate, install, and (for an executable
|
||||
work) run the object code and to modify the work, including scripts to
|
||||
control those activities. However, it does not include the work's
|
||||
System Libraries, or general-purpose tools or generally available free
|
||||
programs which are used unmodified in performing those activities but
|
||||
which are not part of the work. For example, Corresponding Source
|
||||
includes interface definition files associated with source files for
|
||||
the work, and the source code for shared libraries and dynamically
|
||||
linked subprograms that the work is specifically designed to require,
|
||||
such as by intimate data communication or control flow between those
|
||||
subprograms and other parts of the work.
|
||||
|
||||
The Corresponding Source need not include anything that users
|
||||
can regenerate automatically from other parts of the Corresponding
|
||||
Source.
|
||||
|
||||
The Corresponding Source for a work in source code form is that
|
||||
same work.
|
||||
|
||||
2. Basic Permissions.
|
||||
|
||||
All rights granted under this License are granted for the term of
|
||||
copyright on the Program, and are irrevocable provided the stated
|
||||
conditions are met. This License explicitly affirms your unlimited
|
||||
permission to run the unmodified Program. The output from running a
|
||||
covered work is covered by this License only if the output, given its
|
||||
content, constitutes a covered work. This License acknowledges your
|
||||
rights of fair use or other equivalent, as provided by copyright law.
|
||||
|
||||
You may make, run and propagate covered works that you do not
|
||||
convey, without conditions so long as your license otherwise remains
|
||||
in force. You may convey covered works to others for the sole purpose
|
||||
of having them make modifications exclusively for you, or provide you
|
||||
with facilities for running those works, provided that you comply with
|
||||
the terms of this License in conveying all material for which you do
|
||||
not control copyright. Those thus making or running the covered works
|
||||
for you must do so exclusively on your behalf, under your direction
|
||||
and control, on terms that prohibit them from making any copies of
|
||||
your copyrighted material outside their relationship with you.
|
||||
|
||||
Conveying under any other circumstances is permitted solely under
|
||||
the conditions stated below. Sublicensing is not allowed; section 10
|
||||
makes it unnecessary.
|
||||
|
||||
3. Protecting Users' Legal Rights From Anti-Circumvention Law.
|
||||
|
||||
No covered work shall be deemed part of an effective technological
|
||||
measure under any applicable law fulfilling obligations under article
|
||||
11 of the WIPO copyright treaty adopted on 20 December 1996, or
|
||||
similar laws prohibiting or restricting circumvention of such
|
||||
measures.
|
||||
|
||||
When you convey a covered work, you waive any legal power to forbid
|
||||
circumvention of technological measures to the extent such circumvention
|
||||
is effected by exercising rights under this License with respect to
|
||||
the covered work, and you disclaim any intention to limit operation or
|
||||
modification of the work as a means of enforcing, against the work's
|
||||
users, your or third parties' legal rights to forbid circumvention of
|
||||
technological measures.
|
||||
|
||||
4. Conveying Verbatim Copies.
|
||||
|
||||
You may convey verbatim copies of the Program's source code as you
|
||||
receive it, in any medium, provided that you conspicuously and
|
||||
appropriately publish on each copy an appropriate copyright notice;
|
||||
keep intact all notices stating that this License and any
|
||||
non-permissive terms added in accord with section 7 apply to the code;
|
||||
keep intact all notices of the absence of any warranty; and give all
|
||||
recipients a copy of this License along with the Program.
|
||||
|
||||
You may charge any price or no price for each copy that you convey,
|
||||
and you may offer support or warranty protection for a fee.
|
||||
|
||||
5. Conveying Modified Source Versions.
|
||||
|
||||
You may convey a work based on the Program, or the modifications to
|
||||
produce it from the Program, in the form of source code under the
|
||||
terms of section 4, provided that you also meet all of these conditions:
|
||||
|
||||
a) The work must carry prominent notices stating that you modified
|
||||
it, and giving a relevant date.
|
||||
|
||||
b) The work must carry prominent notices stating that it is
|
||||
released under this License and any conditions added under section
|
||||
7. This requirement modifies the requirement in section 4 to
|
||||
"keep intact all notices".
|
||||
|
||||
c) You must license the entire work, as a whole, under this
|
||||
License to anyone who comes into possession of a copy. This
|
||||
License will therefore apply, along with any applicable section 7
|
||||
additional terms, to the whole of the work, and all its parts,
|
||||
regardless of how they are packaged. This License gives no
|
||||
permission to license the work in any other way, but it does not
|
||||
invalidate such permission if you have separately received it.
|
||||
|
||||
d) If the work has interactive user interfaces, each must display
|
||||
Appropriate Legal Notices; however, if the Program has interactive
|
||||
interfaces that do not display Appropriate Legal Notices, your
|
||||
work need not make them do so.
|
||||
|
||||
A compilation of a covered work with other separate and independent
|
||||
works, which are not by their nature extensions of the covered work,
|
||||
and which are not combined with it such as to form a larger program,
|
||||
in or on a volume of a storage or distribution medium, is called an
|
||||
"aggregate" if the compilation and its resulting copyright are not
|
||||
used to limit the access or legal rights of the compilation's users
|
||||
beyond what the individual works permit. Inclusion of a covered work
|
||||
in an aggregate does not cause this License to apply to the other
|
||||
parts of the aggregate.
|
||||
|
||||
6. Conveying Non-Source Forms.
|
||||
|
||||
You may convey a covered work in object code form under the terms
|
||||
of sections 4 and 5, provided that you also convey the
|
||||
machine-readable Corresponding Source under the terms of this License,
|
||||
in one of these ways:
|
||||
|
||||
a) Convey the object code in, or embodied in, a physical product
|
||||
(including a physical distribution medium), accompanied by the
|
||||
Corresponding Source fixed on a durable physical medium
|
||||
customarily used for software interchange.
|
||||
|
||||
b) Convey the object code in, or embodied in, a physical product
|
||||
(including a physical distribution medium), accompanied by a
|
||||
written offer, valid for at least three years and valid for as
|
||||
long as you offer spare parts or customer support for that product
|
||||
model, to give anyone who possesses the object code either (1) a
|
||||
copy of the Corresponding Source for all the software in the
|
||||
product that is covered by this License, on a durable physical
|
||||
medium customarily used for software interchange, for a price no
|
||||
more than your reasonable cost of physically performing this
|
||||
conveying of source, or (2) access to copy the
|
||||
Corresponding Source from a network server at no charge.
|
||||
|
||||
c) Convey individual copies of the object code with a copy of the
|
||||
written offer to provide the Corresponding Source. This
|
||||
alternative is allowed only occasionally and noncommercially, and
|
||||
only if you received the object code with such an offer, in accord
|
||||
with subsection 6b.
|
||||
|
||||
d) Convey the object code by offering access from a designated
|
||||
place (gratis or for a charge), and offer equivalent access to the
|
||||
Corresponding Source in the same way through the same place at no
|
||||
further charge. You need not require recipients to copy the
|
||||
Corresponding Source along with the object code. If the place to
|
||||
copy the object code is a network server, the Corresponding Source
|
||||
may be on a different server (operated by you or a third party)
|
||||
that supports equivalent copying facilities, provided you maintain
|
||||
clear directions next to the object code saying where to find the
|
||||
Corresponding Source. Regardless of what server hosts the
|
||||
Corresponding Source, you remain obligated to ensure that it is
|
||||
available for as long as needed to satisfy these requirements.
|
||||
|
||||
e) Convey the object code using peer-to-peer transmission, provided
|
||||
you inform other peers where the object code and Corresponding
|
||||
Source of the work are being offered to the general public at no
|
||||
charge under subsection 6d.
|
||||
|
||||
A separable portion of the object code, whose source code is excluded
|
||||
from the Corresponding Source as a System Library, need not be
|
||||
included in conveying the object code work.
|
||||
|
||||
A "User Product" is either (1) a "consumer product", which means any
|
||||
tangible personal property which is normally used for personal, family,
|
||||
or household purposes, or (2) anything designed or sold for incorporation
|
||||
into a dwelling. In determining whether a product is a consumer product,
|
||||
doubtful cases shall be resolved in favor of coverage. For a particular
|
||||
product received by a particular user, "normally used" refers to a
|
||||
typical or common use of that class of product, regardless of the status
|
||||
of the particular user or of the way in which the particular user
|
||||
actually uses, or expects or is expected to use, the product. A product
|
||||
is a consumer product regardless of whether the product has substantial
|
||||
commercial, industrial or non-consumer uses, unless such uses represent
|
||||
the only significant mode of use of the product.
|
||||
|
||||
"Installation Information" for a User Product means any methods,
|
||||
procedures, authorization keys, or other information required to install
|
||||
and execute modified versions of a covered work in that User Product from
|
||||
a modified version of its Corresponding Source. The information must
|
||||
suffice to ensure that the continued functioning of the modified object
|
||||
code is in no case prevented or interfered with solely because
|
||||
modification has been made.
|
||||
|
||||
If you convey an object code work under this section in, or with, or
|
||||
specifically for use in, a User Product, and the conveying occurs as
|
||||
part of a transaction in which the right of possession and use of the
|
||||
User Product is transferred to the recipient in perpetuity or for a
|
||||
fixed term (regardless of how the transaction is characterized), the
|
||||
Corresponding Source conveyed under this section must be accompanied
|
||||
by the Installation Information. But this requirement does not apply
|
||||
if neither you nor any third party retains the ability to install
|
||||
modified object code on the User Product (for example, the work has
|
||||
been installed in ROM).
|
||||
|
||||
The requirement to provide Installation Information does not include a
|
||||
requirement to continue to provide support service, warranty, or updates
|
||||
for a work that has been modified or installed by the recipient, or for
|
||||
the User Product in which it has been modified or installed. Access to a
|
||||
network may be denied when the modification itself materially and
|
||||
adversely affects the operation of the network or violates the rules and
|
||||
protocols for communication across the network.
|
||||
|
||||
Corresponding Source conveyed, and Installation Information provided,
|
||||
in accord with this section must be in a format that is publicly
|
||||
documented (and with an implementation available to the public in
|
||||
source code form), and must require no special password or key for
|
||||
unpacking, reading or copying.
|
||||
|
||||
7. Additional Terms.
|
||||
|
||||
"Additional permissions" are terms that supplement the terms of this
|
||||
License by making exceptions from one or more of its conditions.
|
||||
Additional permissions that are applicable to the entire Program shall
|
||||
be treated as though they were included in this License, to the extent
|
||||
that they are valid under applicable law. If additional permissions
|
||||
apply only to part of the Program, that part may be used separately
|
||||
under those permissions, but the entire Program remains governed by
|
||||
this License without regard to the additional permissions.
|
||||
|
||||
When you convey a copy of a covered work, you may at your option
|
||||
remove any additional permissions from that copy, or from any part of
|
||||
it. (Additional permissions may be written to require their own
|
||||
removal in certain cases when you modify the work.) You may place
|
||||
additional permissions on material, added by you to a covered work,
|
||||
for which you have or can give appropriate copyright permission.
|
||||
|
||||
Notwithstanding any other provision of this License, for material you
|
||||
add to a covered work, you may (if authorized by the copyright holders of
|
||||
that material) supplement the terms of this License with terms:
|
||||
|
||||
a) Disclaiming warranty or limiting liability differently from the
|
||||
terms of sections 15 and 16 of this License; or
|
||||
|
||||
b) Requiring preservation of specified reasonable legal notices or
|
||||
author attributions in that material or in the Appropriate Legal
|
||||
Notices displayed by works containing it; or
|
||||
|
||||
c) Prohibiting misrepresentation of the origin of that material, or
|
||||
requiring that modified versions of such material be marked in
|
||||
reasonable ways as different from the original version; or
|
||||
|
||||
d) Limiting the use for publicity purposes of names of licensors or
|
||||
authors of the material; or
|
||||
|
||||
e) Declining to grant rights under trademark law for use of some
|
||||
trade names, trademarks, or service marks; or
|
||||
|
||||
f) Requiring indemnification of licensors and authors of that
|
||||
material by anyone who conveys the material (or modified versions of
|
||||
it) with contractual assumptions of liability to the recipient, for
|
||||
any liability that these contractual assumptions directly impose on
|
||||
those licensors and authors.
|
||||
|
||||
All other non-permissive additional terms are considered "further
|
||||
restrictions" within the meaning of section 10. If the Program as you
|
||||
received it, or any part of it, contains a notice stating that it is
|
||||
governed by this License along with a term that is a further
|
||||
restriction, you may remove that term. If a license document contains
|
||||
a further restriction but permits relicensing or conveying under this
|
||||
License, you may add to a covered work material governed by the terms
|
||||
of that license document, provided that the further restriction does
|
||||
not survive such relicensing or conveying.
|
||||
|
||||
If you add terms to a covered work in accord with this section, you
|
||||
must place, in the relevant source files, a statement of the
|
||||
additional terms that apply to those files, or a notice indicating
|
||||
where to find the applicable terms.
|
||||
|
||||
Additional terms, permissive or non-permissive, may be stated in the
|
||||
form of a separately written license, or stated as exceptions;
|
||||
the above requirements apply either way.
|
||||
|
||||
8. Termination.
|
||||
|
||||
You may not propagate or modify a covered work except as expressly
|
||||
provided under this License. Any attempt otherwise to propagate or
|
||||
modify it is void, and will automatically terminate your rights under
|
||||
this License (including any patent licenses granted under the third
|
||||
paragraph of section 11).
|
||||
|
||||
However, if you cease all violation of this License, then your
|
||||
license from a particular copyright holder is reinstated (a)
|
||||
provisionally, unless and until the copyright holder explicitly and
|
||||
finally terminates your license, and (b) permanently, if the copyright
|
||||
holder fails to notify you of the violation by some reasonable means
|
||||
prior to 60 days after the cessation.
|
||||
|
||||
Moreover, your license from a particular copyright holder is
|
||||
reinstated permanently if the copyright holder notifies you of the
|
||||
violation by some reasonable means, this is the first time you have
|
||||
received notice of violation of this License (for any work) from that
|
||||
copyright holder, and you cure the violation prior to 30 days after
|
||||
your receipt of the notice.
|
||||
|
||||
Termination of your rights under this section does not terminate the
|
||||
licenses of parties who have received copies or rights from you under
|
||||
this License. If your rights have been terminated and not permanently
|
||||
reinstated, you do not qualify to receive new licenses for the same
|
||||
material under section 10.
|
||||
|
||||
9. Acceptance Not Required for Having Copies.
|
||||
|
||||
You are not required to accept this License in order to receive or
|
||||
run a copy of the Program. Ancillary propagation of a covered work
|
||||
occurring solely as a consequence of using peer-to-peer transmission
|
||||
to receive a copy likewise does not require acceptance. However,
|
||||
nothing other than this License grants you permission to propagate or
|
||||
modify any covered work. These actions infringe copyright if you do
|
||||
not accept this License. Therefore, by modifying or propagating a
|
||||
covered work, you indicate your acceptance of this License to do so.
|
||||
|
||||
10. Automatic Licensing of Downstream Recipients.
|
||||
|
||||
Each time you convey a covered work, the recipient automatically
|
||||
receives a license from the original licensors, to run, modify and
|
||||
propagate that work, subject to this License. You are not responsible
|
||||
for enforcing compliance by third parties with this License.
|
||||
|
||||
An "entity transaction" is a transaction transferring control of an
|
||||
organization, or substantially all assets of one, or subdividing an
|
||||
organization, or merging organizations. If propagation of a covered
|
||||
work results from an entity transaction, each party to that
|
||||
transaction who receives a copy of the work also receives whatever
|
||||
licenses to the work the party's predecessor in interest had or could
|
||||
give under the previous paragraph, plus a right to possession of the
|
||||
Corresponding Source of the work from the predecessor in interest, if
|
||||
the predecessor has it or can get it with reasonable efforts.
|
||||
|
||||
You may not impose any further restrictions on the exercise of the
|
||||
rights granted or affirmed under this License. For example, you may
|
||||
not impose a license fee, royalty, or other charge for exercise of
|
||||
rights granted under this License, and you may not initiate litigation
|
||||
(including a cross-claim or counterclaim in a lawsuit) alleging that
|
||||
any patent claim is infringed by making, using, selling, offering for
|
||||
sale, or importing the Program or any portion of it.
|
||||
|
||||
11. Patents.
|
||||
|
||||
A "contributor" is a copyright holder who authorizes use under this
|
||||
License of the Program or a work on which the Program is based. The
|
||||
work thus licensed is called the contributor's "contributor version".
|
||||
|
||||
A contributor's "essential patent claims" are all patent claims
|
||||
owned or controlled by the contributor, whether already acquired or
|
||||
hereafter acquired, that would be infringed by some manner, permitted
|
||||
by this License, of making, using, or selling its contributor version,
|
||||
but do not include claims that would be infringed only as a
|
||||
consequence of further modification of the contributor version. For
|
||||
purposes of this definition, "control" includes the right to grant
|
||||
patent sublicenses in a manner consistent with the requirements of
|
||||
this License.
|
||||
|
||||
Each contributor grants you a non-exclusive, worldwide, royalty-free
|
||||
patent license under the contributor's essential patent claims, to
|
||||
make, use, sell, offer for sale, import and otherwise run, modify and
|
||||
propagate the contents of its contributor version.
|
||||
|
||||
In the following three paragraphs, a "patent license" is any express
|
||||
agreement or commitment, however denominated, not to enforce a patent
|
||||
(such as an express permission to practice a patent or covenant not to
|
||||
sue for patent infringement). To "grant" such a patent license to a
|
||||
party means to make such an agreement or commitment not to enforce a
|
||||
patent against the party.
|
||||
|
||||
If you convey a covered work, knowingly relying on a patent license,
|
||||
and the Corresponding Source of the work is not available for anyone
|
||||
to copy, free of charge and under the terms of this License, through a
|
||||
publicly available network server or other readily accessible means,
|
||||
then you must either (1) cause the Corresponding Source to be so
|
||||
available, or (2) arrange to deprive yourself of the benefit of the
|
||||
patent license for this particular work, or (3) arrange, in a manner
|
||||
consistent with the requirements of this License, to extend the patent
|
||||
license to downstream recipients. "Knowingly relying" means you have
|
||||
actual knowledge that, but for the patent license, your conveying the
|
||||
covered work in a country, or your recipient's use of the covered work
|
||||
in a country, would infringe one or more identifiable patents in that
|
||||
country that you have reason to believe are valid.
|
||||
|
||||
If, pursuant to or in connection with a single transaction or
|
||||
arrangement, you convey, or propagate by procuring conveyance of, a
|
||||
covered work, and grant a patent license to some of the parties
|
||||
receiving the covered work authorizing them to use, propagate, modify
|
||||
or convey a specific copy of the covered work, then the patent license
|
||||
you grant is automatically extended to all recipients of the covered
|
||||
work and works based on it.
|
||||
|
||||
A patent license is "discriminatory" if it does not include within
|
||||
the scope of its coverage, prohibits the exercise of, or is
|
||||
conditioned on the non-exercise of one or more of the rights that are
|
||||
specifically granted under this License. You may not convey a covered
|
||||
work if you are a party to an arrangement with a third party that is
|
||||
in the business of distributing software, under which you make payment
|
||||
to the third party based on the extent of your activity of conveying
|
||||
the work, and under which the third party grants, to any of the
|
||||
parties who would receive the covered work from you, a discriminatory
|
||||
patent license (a) in connection with copies of the covered work
|
||||
conveyed by you (or copies made from those copies), or (b) primarily
|
||||
for and in connection with specific products or compilations that
|
||||
contain the covered work, unless you entered into that arrangement,
|
||||
or that patent license was granted, prior to 28 March 2007.
|
||||
|
||||
Nothing in this License shall be construed as excluding or limiting
|
||||
any implied license or other defenses to infringement that may
|
||||
otherwise be available to you under applicable patent law.
|
||||
|
||||
12. No Surrender of Others' Freedom.
|
||||
|
||||
If conditions are imposed on you (whether by court order, agreement or
|
||||
otherwise) that contradict the conditions of this License, they do not
|
||||
excuse you from the conditions of this License. If you cannot convey a
|
||||
covered work so as to satisfy simultaneously your obligations under this
|
||||
License and any other pertinent obligations, then as a consequence you may
|
||||
not convey it at all. For example, if you agree to terms that obligate you
|
||||
to collect a royalty for further conveying from those to whom you convey
|
||||
the Program, the only way you could satisfy both those terms and this
|
||||
License would be to refrain entirely from conveying the Program.
|
||||
|
||||
13. Use with the GNU Affero General Public License.
|
||||
|
||||
Notwithstanding any other provision of this License, you have
|
||||
permission to link or combine any covered work with a work licensed
|
||||
under version 3 of the GNU Affero General Public License into a single
|
||||
combined work, and to convey the resulting work. The terms of this
|
||||
License will continue to apply to the part which is the covered work,
|
||||
but the special requirements of the GNU Affero General Public License,
|
||||
section 13, concerning interaction through a network will apply to the
|
||||
combination as such.
|
||||
|
||||
14. Revised Versions of this License.
|
||||
|
||||
The Free Software Foundation may publish revised and/or new versions of
|
||||
the GNU General Public License from time to time. Such new versions will
|
||||
be similar in spirit to the present version, but may differ in detail to
|
||||
address new problems or concerns.
|
||||
|
||||
Each version is given a distinguishing version number. If the
|
||||
Program specifies that a certain numbered version of the GNU General
|
||||
Public License "or any later version" applies to it, you have the
|
||||
option of following the terms and conditions either of that numbered
|
||||
version or of any later version published by the Free Software
|
||||
Foundation. If the Program does not specify a version number of the
|
||||
GNU General Public License, you may choose any version ever published
|
||||
by the Free Software Foundation.
|
||||
|
||||
If the Program specifies that a proxy can decide which future
|
||||
versions of the GNU General Public License can be used, that proxy's
|
||||
public statement of acceptance of a version permanently authorizes you
|
||||
to choose that version for the Program.
|
||||
|
||||
Later license versions may give you additional or different
|
||||
permissions. However, no additional obligations are imposed on any
|
||||
author or copyright holder as a result of your choosing to follow a
|
||||
later version.
|
||||
|
||||
15. Disclaimer of Warranty.
|
||||
|
||||
THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY
|
||||
APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT
|
||||
HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY
|
||||
OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO,
|
||||
THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||
PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM
|
||||
IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF
|
||||
ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
|
||||
|
||||
16. Limitation of Liability.
|
||||
|
||||
IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
|
||||
WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS
|
||||
THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY
|
||||
GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE
|
||||
USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF
|
||||
DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD
|
||||
PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS),
|
||||
EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF
|
||||
SUCH DAMAGES.
|
||||
|
||||
17. Interpretation of Sections 15 and 16.
|
||||
|
||||
If the disclaimer of warranty and limitation of liability provided
|
||||
above cannot be given local legal effect according to their terms,
|
||||
reviewing courts shall apply local law that most closely approximates
|
||||
an absolute waiver of all civil liability in connection with the
|
||||
Program, unless a warranty or assumption of liability accompanies a
|
||||
copy of the Program in return for a fee.
|
||||
|
||||
END OF TERMS AND CONDITIONS
|
||||
|
||||
How to Apply These Terms to Your New Programs
|
||||
|
||||
If you develop a new program, and you want it to be of the greatest
|
||||
possible use to the public, the best way to achieve this is to make it
|
||||
free software which everyone can redistribute and change under these terms.
|
||||
|
||||
To do so, attach the following notices to the program. It is safest
|
||||
to attach them to the start of each source file to most effectively
|
||||
state the exclusion of warranty; and each file should have at least
|
||||
the "copyright" line and a pointer to where the full notice is found.
|
||||
|
||||
<one line to give the program's name and a brief idea of what it does.>
|
||||
Copyright (C) <year> <name of author>
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
|
||||
Also add information on how to contact you by electronic and paper mail.
|
||||
|
||||
If the program does terminal interaction, make it output a short
|
||||
notice like this when it starts in an interactive mode:
|
||||
|
||||
<program> Copyright (C) <year> <name of author>
|
||||
This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
|
||||
This is free software, and you are welcome to redistribute it
|
||||
under certain conditions; type `show c' for details.
|
||||
|
||||
The hypothetical commands `show w' and `show c' should show the appropriate
|
||||
parts of the General Public License. Of course, your program's commands
|
||||
might be different; for a GUI interface, you would use an "about box".
|
||||
|
||||
You should also get your employer (if you work as a programmer) or school,
|
||||
if any, to sign a "copyright disclaimer" for the program, if necessary.
|
||||
For more information on this, and how to apply and follow the GNU GPL, see
|
||||
<http://www.gnu.org/licenses/>.
|
||||
|
||||
The GNU General Public License does not permit incorporating your program
|
||||
into proprietary programs. If your program is a subroutine library, you
|
||||
may consider it more useful to permit linking proprietary applications with
|
||||
the library. If this is what you want to do, use the GNU Lesser General
|
||||
Public License instead of this License. But first, please read
|
||||
<http://www.gnu.org/philosophy/why-not-lgpl.html>.
|
|
@ -1,3 +1,6 @@
|
|||
2010-09-05 Fabio "BlackLight" Manganiello <blacklight@autistici.org>
|
||||
* all: Using autotools now
|
||||
|
||||
2010-09-04 Fabio "BlackLight" Manganiello <blacklight@autistici.org>
|
||||
* mysql.c: This file now only contains the functions for managing MySQL
|
||||
connections in the database wrapper
|
||||
|
|
|
@ -0,0 +1,30 @@
|
|||
## Process this file with automake for generating Makefile.in
|
||||
|
||||
AUTOMAKE_OPTIONS=foreign no-dependencies
|
||||
|
||||
libdir = ${exec_prefix}/lib/snort_dynamicpreprocessor
|
||||
lib_LTLIBRARIES = libsf_ai_preproc.la
|
||||
libsf_ai_preproc_la_CFLAGS = -D_XOPEN_SOURCE -D_GNU_SOURCE -DDYNAMIC_PLUGIN -DSUP_IP6 -fvisibility=hidden -fno-strict-aliasing -Wall -fstack-protector
|
||||
libsf_ai_preproc_la_LDFLAGS = -module -export-dynamic
|
||||
|
||||
BUILT_SOURCES = \
|
||||
include/sf_dynamic_preproc_lib.c \
|
||||
include/sfPolicyUserData.c
|
||||
|
||||
nodist_libsf_ai_preproc_la_SOURCES = \
|
||||
include/sf_dynamic_preproc_lib.c \
|
||||
include/sfPolicyUserData.c
|
||||
|
||||
libsf_ai_preproc_la_SOURCES = \
|
||||
alert_parser.c \
|
||||
cluster.c \
|
||||
db.c \
|
||||
mysql.c \
|
||||
regex.c \
|
||||
spp_ai.c \
|
||||
stream.c
|
||||
|
||||
ACLOCAL_AMFLAGS = -I m4
|
||||
# AM_CFLAGS = -DHAVE_CONFIG_H -DDYNAMIC_PLUGIN -DSUP_IP6 -fvisibility=hidden -fno-strict-aliasing -Wall -fstack-protector
|
||||
INCLUDES = -I./uthash -I./include
|
||||
|
|
@ -0,0 +1,722 @@
|
|||
# Makefile.in generated by automake 1.11.1 from Makefile.am.
|
||||
# @configure_input@
|
||||
|
||||
# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
|
||||
# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation,
|
||||
# Inc.
|
||||
# This Makefile.in is free software; the Free Software Foundation
|
||||
# gives unlimited permission to copy and/or distribute it,
|
||||
# with or without modifications, as long as this notice is preserved.
|
||||
|
||||
# This program is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
|
||||
# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
|
||||
# PARTICULAR PURPOSE.
|
||||
|
||||
@SET_MAKE@
|
||||
|
||||
VPATH = @srcdir@
|
||||
pkgdatadir = $(datadir)/@PACKAGE@
|
||||
pkgincludedir = $(includedir)/@PACKAGE@
|
||||
pkglibdir = $(libdir)/@PACKAGE@
|
||||
pkglibexecdir = $(libexecdir)/@PACKAGE@
|
||||
am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
|
||||
install_sh_DATA = $(install_sh) -c -m 644
|
||||
install_sh_PROGRAM = $(install_sh) -c
|
||||
install_sh_SCRIPT = $(install_sh) -c
|
||||
INSTALL_HEADER = $(INSTALL_DATA)
|
||||
transform = $(program_transform_name)
|
||||
NORMAL_INSTALL = :
|
||||
PRE_INSTALL = :
|
||||
POST_INSTALL = :
|
||||
NORMAL_UNINSTALL = :
|
||||
PRE_UNINSTALL = :
|
||||
POST_UNINSTALL = :
|
||||
build_triplet = @build@
|
||||
host_triplet = @host@
|
||||
subdir = .
|
||||
DIST_COMMON = README $(am__configure_deps) $(srcdir)/Makefile.am \
|
||||
$(srcdir)/Makefile.in $(srcdir)/config.h.in \
|
||||
$(top_srcdir)/configure AUTHORS COPYING ChangeLog INSTALL NEWS \
|
||||
TODO config.guess config.sub install-sh ltmain.sh missing
|
||||
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
|
||||
am__aclocal_m4_deps = $(top_srcdir)/configure.ac
|
||||
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
|
||||
$(ACLOCAL_M4)
|
||||
am__CONFIG_DISTCLEAN_FILES = config.status config.cache config.log \
|
||||
configure.lineno config.status.lineno
|
||||
mkinstalldirs = $(install_sh) -d
|
||||
CONFIG_HEADER = config.h
|
||||
CONFIG_CLEAN_FILES =
|
||||
CONFIG_CLEAN_VPATH_FILES =
|
||||
am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
|
||||
am__vpath_adj = case $$p in \
|
||||
$(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \
|
||||
*) f=$$p;; \
|
||||
esac;
|
||||
am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`;
|
||||
am__install_max = 40
|
||||
am__nobase_strip_setup = \
|
||||
srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'`
|
||||
am__nobase_strip = \
|
||||
for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||"
|
||||
am__nobase_list = $(am__nobase_strip_setup); \
|
||||
for p in $$list; do echo "$$p $$p"; done | \
|
||||
sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \
|
||||
$(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \
|
||||
if (++n[$$2] == $(am__install_max)) \
|
||||
{ print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \
|
||||
END { for (dir in files) print dir, files[dir] }'
|
||||
am__base_list = \
|
||||
sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
|
||||
sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
|
||||
am__installdirs = "$(DESTDIR)$(libdir)"
|
||||
LTLIBRARIES = $(lib_LTLIBRARIES)
|
||||
libsf_ai_preproc_la_LIBADD =
|
||||
am_libsf_ai_preproc_la_OBJECTS = libsf_ai_preproc_la-alert_parser.lo \
|
||||
libsf_ai_preproc_la-cluster.lo libsf_ai_preproc_la-db.lo \
|
||||
libsf_ai_preproc_la-mysql.lo libsf_ai_preproc_la-regex.lo \
|
||||
libsf_ai_preproc_la-spp_ai.lo libsf_ai_preproc_la-stream.lo
|
||||
nodist_libsf_ai_preproc_la_OBJECTS = \
|
||||
libsf_ai_preproc_la-sf_dynamic_preproc_lib.lo \
|
||||
libsf_ai_preproc_la-sfPolicyUserData.lo
|
||||
libsf_ai_preproc_la_OBJECTS = $(am_libsf_ai_preproc_la_OBJECTS) \
|
||||
$(nodist_libsf_ai_preproc_la_OBJECTS)
|
||||
libsf_ai_preproc_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \
|
||||
$(LIBTOOLFLAGS) --mode=link $(CCLD) \
|
||||
$(libsf_ai_preproc_la_CFLAGS) $(CFLAGS) \
|
||||
$(libsf_ai_preproc_la_LDFLAGS) $(LDFLAGS) -o $@
|
||||
DEFAULT_INCLUDES = -I.@am__isrc@
|
||||
depcomp =
|
||||
am__depfiles_maybe =
|
||||
COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
|
||||
$(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
|
||||
LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
|
||||
--mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \
|
||||
$(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
|
||||
CCLD = $(CC)
|
||||
LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
|
||||
--mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \
|
||||
$(LDFLAGS) -o $@
|
||||
SOURCES = $(libsf_ai_preproc_la_SOURCES) \
|
||||
$(nodist_libsf_ai_preproc_la_SOURCES)
|
||||
DIST_SOURCES = $(libsf_ai_preproc_la_SOURCES)
|
||||
ETAGS = etags
|
||||
CTAGS = ctags
|
||||
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
|
||||
distdir = $(PACKAGE)-$(VERSION)
|
||||
top_distdir = $(distdir)
|
||||
am__remove_distdir = \
|
||||
{ test ! -d "$(distdir)" \
|
||||
|| { find "$(distdir)" -type d ! -perm -200 -exec chmod u+w {} ';' \
|
||||
&& rm -fr "$(distdir)"; }; }
|
||||
DIST_ARCHIVES = $(distdir).tar.gz
|
||||
GZIP_ENV = --best
|
||||
distuninstallcheck_listfiles = find . -type f -print
|
||||
distcleancheck_listfiles = find . -type f -print
|
||||
ACLOCAL = @ACLOCAL@
|
||||
ALLOCA = @ALLOCA@
|
||||
AMTAR = @AMTAR@
|
||||
AR = @AR@
|
||||
AUTOCONF = @AUTOCONF@
|
||||
AUTOHEADER = @AUTOHEADER@
|
||||
AUTOMAKE = @AUTOMAKE@
|
||||
AWK = @AWK@
|
||||
CC = @CC@
|
||||
CCDEPMODE = @CCDEPMODE@
|
||||
CFLAGS = @CFLAGS@
|
||||
CPP = @CPP@
|
||||
CPPFLAGS = @CPPFLAGS@
|
||||
CYGPATH_W = @CYGPATH_W@
|
||||
DEFS = @DEFS@
|
||||
DEPDIR = @DEPDIR@
|
||||
DSYMUTIL = @DSYMUTIL@
|
||||
DUMPBIN = @DUMPBIN@
|
||||
ECHO_C = @ECHO_C@
|
||||
ECHO_N = @ECHO_N@
|
||||
ECHO_T = @ECHO_T@
|
||||
EGREP = @EGREP@
|
||||
EXEEXT = @EXEEXT@
|
||||
FGREP = @FGREP@
|
||||
GREP = @GREP@
|
||||
INSTALL = @INSTALL@
|
||||
INSTALL_DATA = @INSTALL_DATA@
|
||||
INSTALL_PROGRAM = @INSTALL_PROGRAM@
|
||||
INSTALL_SCRIPT = @INSTALL_SCRIPT@
|
||||
INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
|
||||
LD = @LD@
|
||||
LDFLAGS = @LDFLAGS@
|
||||
LIBOBJS = @LIBOBJS@
|
||||
LIBS = @LIBS@
|
||||
LIBTOOL = @LIBTOOL@
|
||||
LIPO = @LIPO@
|
||||
LN_S = @LN_S@
|
||||
LTLIBOBJS = @LTLIBOBJS@
|
||||
MAKEINFO = @MAKEINFO@
|
||||
MKDIR_P = @MKDIR_P@
|
||||
NM = @NM@
|
||||
NMEDIT = @NMEDIT@
|
||||
OBJDUMP = @OBJDUMP@
|
||||
OBJEXT = @OBJEXT@
|
||||
OTOOL = @OTOOL@
|
||||
OTOOL64 = @OTOOL64@
|
||||
PACKAGE = @PACKAGE@
|
||||
PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
|
||||
PACKAGE_NAME = @PACKAGE_NAME@
|
||||
PACKAGE_STRING = @PACKAGE_STRING@
|
||||
PACKAGE_TARNAME = @PACKAGE_TARNAME@
|
||||
PACKAGE_URL = @PACKAGE_URL@
|
||||
PACKAGE_VERSION = @PACKAGE_VERSION@
|
||||
PATH_SEPARATOR = @PATH_SEPARATOR@
|
||||
RANLIB = @RANLIB@
|
||||
SED = @SED@
|
||||
SET_MAKE = @SET_MAKE@
|
||||
SHELL = @SHELL@
|
||||
STRIP = @STRIP@
|
||||
VERSION = @VERSION@
|
||||
abs_builddir = @abs_builddir@
|
||||
abs_srcdir = @abs_srcdir@
|
||||
abs_top_builddir = @abs_top_builddir@
|
||||
abs_top_srcdir = @abs_top_srcdir@
|
||||
ac_ct_CC = @ac_ct_CC@
|
||||
ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
|
||||
am__include = @am__include@
|
||||
am__leading_dot = @am__leading_dot@
|
||||
am__quote = @am__quote@
|
||||
am__tar = @am__tar@
|
||||
am__untar = @am__untar@
|
||||
bindir = @bindir@
|
||||
build = @build@
|
||||
build_alias = @build_alias@
|
||||
build_cpu = @build_cpu@
|
||||
build_os = @build_os@
|
||||
build_vendor = @build_vendor@
|
||||
builddir = @builddir@
|
||||
datadir = @datadir@
|
||||
datarootdir = @datarootdir@
|
||||
docdir = @docdir@
|
||||
dvidir = @dvidir@
|
||||
exec_prefix = @exec_prefix@
|
||||
host = @host@
|
||||
host_alias = @host_alias@
|
||||
host_cpu = @host_cpu@
|
||||
host_os = @host_os@
|
||||
host_vendor = @host_vendor@
|
||||
htmldir = @htmldir@
|
||||
includedir = @includedir@
|
||||
infodir = @infodir@
|
||||
install_sh = @install_sh@
|
||||
libdir = ${exec_prefix}/lib/snort_dynamicpreprocessor
|
||||
libexecdir = @libexecdir@
|
||||
localedir = @localedir@
|
||||
localstatedir = @localstatedir@
|
||||
lt_ECHO = @lt_ECHO@
|
||||
mandir = @mandir@
|
||||
mkdir_p = @mkdir_p@
|
||||
oldincludedir = @oldincludedir@
|
||||
pdfdir = @pdfdir@
|
||||
prefix = @prefix@
|
||||
program_transform_name = @program_transform_name@
|
||||
psdir = @psdir@
|
||||
sbindir = @sbindir@
|
||||
sharedstatedir = @sharedstatedir@
|
||||
srcdir = @srcdir@
|
||||
sysconfdir = @sysconfdir@
|
||||
target_alias = @target_alias@
|
||||
top_build_prefix = @top_build_prefix@
|
||||
top_builddir = @top_builddir@
|
||||
top_srcdir = @top_srcdir@
|
||||
AUTOMAKE_OPTIONS = foreign no-dependencies
|
||||
lib_LTLIBRARIES = libsf_ai_preproc.la
|
||||
libsf_ai_preproc_la_CFLAGS = -D_XOPEN_SOURCE -D_GNU_SOURCE -DDYNAMIC_PLUGIN -DSUP_IP6 -fvisibility=hidden -fno-strict-aliasing -Wall -fstack-protector
|
||||
libsf_ai_preproc_la_LDFLAGS = -module -export-dynamic
|
||||
BUILT_SOURCES = \
|
||||
include/sf_dynamic_preproc_lib.c \
|
||||
include/sfPolicyUserData.c
|
||||
|
||||
nodist_libsf_ai_preproc_la_SOURCES = \
|
||||
include/sf_dynamic_preproc_lib.c \
|
||||
include/sfPolicyUserData.c
|
||||
|
||||
libsf_ai_preproc_la_SOURCES = \
|
||||
alert_parser.c \
|
||||
cluster.c \
|
||||
db.c \
|
||||
mysql.c \
|
||||
regex.c \
|
||||
spp_ai.c \
|
||||
stream.c
|
||||
|
||||
ACLOCAL_AMFLAGS = -I m4
|
||||
# AM_CFLAGS = -DHAVE_CONFIG_H -DDYNAMIC_PLUGIN -DSUP_IP6 -fvisibility=hidden -fno-strict-aliasing -Wall -fstack-protector
|
||||
INCLUDES = -I./uthash -I./include
|
||||
all: $(BUILT_SOURCES) config.h
|
||||
$(MAKE) $(AM_MAKEFLAGS) all-am
|
||||
|
||||
.SUFFIXES:
|
||||
.SUFFIXES: .c .lo .o .obj
|
||||
am--refresh:
|
||||
@:
|
||||
$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
|
||||
@for dep in $?; do \
|
||||
case '$(am__configure_deps)' in \
|
||||
*$$dep*) \
|
||||
echo ' cd $(srcdir) && $(AUTOMAKE) --foreign'; \
|
||||
$(am__cd) $(srcdir) && $(AUTOMAKE) --foreign \
|
||||
&& exit 0; \
|
||||
exit 1;; \
|
||||
esac; \
|
||||
done; \
|
||||
echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign Makefile'; \
|
||||
$(am__cd) $(top_srcdir) && \
|
||||
$(AUTOMAKE) --foreign Makefile
|
||||
.PRECIOUS: Makefile
|
||||
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
|
||||
@case '$?' in \
|
||||
*config.status*) \
|
||||
echo ' $(SHELL) ./config.status'; \
|
||||
$(SHELL) ./config.status;; \
|
||||
*) \
|
||||
echo ' cd $(top_builddir) && $(SHELL) ./config.status $@ $(am__depfiles_maybe)'; \
|
||||
cd $(top_builddir) && $(SHELL) ./config.status $@ $(am__depfiles_maybe);; \
|
||||
esac;
|
||||
|
||||
$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
|
||||
$(SHELL) ./config.status --recheck
|
||||
|
||||
$(top_srcdir)/configure: $(am__configure_deps)
|
||||
$(am__cd) $(srcdir) && $(AUTOCONF)
|
||||
$(ACLOCAL_M4): $(am__aclocal_m4_deps)
|
||||
$(am__cd) $(srcdir) && $(ACLOCAL) $(ACLOCAL_AMFLAGS)
|
||||
$(am__aclocal_m4_deps):
|
||||
|
||||
config.h: stamp-h1
|
||||
@if test ! -f $@; then \
|
||||
rm -f stamp-h1; \
|
||||
$(MAKE) $(AM_MAKEFLAGS) stamp-h1; \
|
||||
else :; fi
|
||||
|
||||
stamp-h1: $(srcdir)/config.h.in $(top_builddir)/config.status
|
||||
@rm -f stamp-h1
|
||||
cd $(top_builddir) && $(SHELL) ./config.status config.h
|
||||
$(srcdir)/config.h.in: $(am__configure_deps)
|
||||
($(am__cd) $(top_srcdir) && $(AUTOHEADER))
|
||||
rm -f stamp-h1
|
||||
touch $@
|
||||
|
||||
distclean-hdr:
|
||||
-rm -f config.h stamp-h1
|
||||
install-libLTLIBRARIES: $(lib_LTLIBRARIES)
|
||||
@$(NORMAL_INSTALL)
|
||||
test -z "$(libdir)" || $(MKDIR_P) "$(DESTDIR)$(libdir)"
|
||||
@list='$(lib_LTLIBRARIES)'; test -n "$(libdir)" || list=; \
|
||||
list2=; for p in $$list; do \
|
||||
if test -f $$p; then \
|
||||
list2="$$list2 $$p"; \
|
||||
else :; fi; \
|
||||
done; \
|
||||
test -z "$$list2" || { \
|
||||
echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 '$(DESTDIR)$(libdir)'"; \
|
||||
$(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 "$(DESTDIR)$(libdir)"; \
|
||||
}
|
||||
|
||||
uninstall-libLTLIBRARIES:
|
||||
@$(NORMAL_UNINSTALL)
|
||||
@list='$(lib_LTLIBRARIES)'; test -n "$(libdir)" || list=; \
|
||||
for p in $$list; do \
|
||||
$(am__strip_dir) \
|
||||
echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(libdir)/$$f'"; \
|
||||
$(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(libdir)/$$f"; \
|
||||
done
|
||||
|
||||
clean-libLTLIBRARIES:
|
||||
-test -z "$(lib_LTLIBRARIES)" || rm -f $(lib_LTLIBRARIES)
|
||||
@list='$(lib_LTLIBRARIES)'; for p in $$list; do \
|
||||
dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \
|
||||
test "$$dir" != "$$p" || dir=.; \
|
||||
echo "rm -f \"$${dir}/so_locations\""; \
|
||||
rm -f "$${dir}/so_locations"; \
|
||||
done
|
||||
libsf_ai_preproc.la: $(libsf_ai_preproc_la_OBJECTS) $(libsf_ai_preproc_la_DEPENDENCIES)
|
||||
$(libsf_ai_preproc_la_LINK) -rpath $(libdir) $(libsf_ai_preproc_la_OBJECTS) $(libsf_ai_preproc_la_LIBADD) $(LIBS)
|
||||
|
||||
mostlyclean-compile:
|
||||
-rm -f *.$(OBJEXT)
|
||||
|
||||
distclean-compile:
|
||||
-rm -f *.tab.c
|
||||
|
||||
.c.o:
|
||||
$(COMPILE) -c $<
|
||||
|
||||
.c.obj:
|
||||
$(COMPILE) -c `$(CYGPATH_W) '$<'`
|
||||
|
||||
.c.lo:
|
||||
$(LTCOMPILE) -c -o $@ $<
|
||||
|
||||
libsf_ai_preproc_la-alert_parser.lo: alert_parser.c
|
||||
$(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(libsf_ai_preproc_la_CFLAGS) $(CFLAGS) -c -o libsf_ai_preproc_la-alert_parser.lo `test -f 'alert_parser.c' || echo '$(srcdir)/'`alert_parser.c
|
||||
|
||||
libsf_ai_preproc_la-cluster.lo: cluster.c
|
||||
$(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(libsf_ai_preproc_la_CFLAGS) $(CFLAGS) -c -o libsf_ai_preproc_la-cluster.lo `test -f 'cluster.c' || echo '$(srcdir)/'`cluster.c
|
||||
|
||||
libsf_ai_preproc_la-db.lo: db.c
|
||||
$(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(libsf_ai_preproc_la_CFLAGS) $(CFLAGS) -c -o libsf_ai_preproc_la-db.lo `test -f 'db.c' || echo '$(srcdir)/'`db.c
|
||||
|
||||
libsf_ai_preproc_la-mysql.lo: mysql.c
|
||||
$(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(libsf_ai_preproc_la_CFLAGS) $(CFLAGS) -c -o libsf_ai_preproc_la-mysql.lo `test -f 'mysql.c' || echo '$(srcdir)/'`mysql.c
|
||||
|
||||
libsf_ai_preproc_la-regex.lo: regex.c
|
||||
$(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(libsf_ai_preproc_la_CFLAGS) $(CFLAGS) -c -o libsf_ai_preproc_la-regex.lo `test -f 'regex.c' || echo '$(srcdir)/'`regex.c
|
||||
|
||||
libsf_ai_preproc_la-spp_ai.lo: spp_ai.c
|
||||
$(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(libsf_ai_preproc_la_CFLAGS) $(CFLAGS) -c -o libsf_ai_preproc_la-spp_ai.lo `test -f 'spp_ai.c' || echo '$(srcdir)/'`spp_ai.c
|
||||
|
||||
libsf_ai_preproc_la-stream.lo: stream.c
|
||||
$(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(libsf_ai_preproc_la_CFLAGS) $(CFLAGS) -c -o libsf_ai_preproc_la-stream.lo `test -f 'stream.c' || echo '$(srcdir)/'`stream.c
|
||||
|
||||
libsf_ai_preproc_la-sf_dynamic_preproc_lib.lo: include/sf_dynamic_preproc_lib.c
|
||||
$(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(libsf_ai_preproc_la_CFLAGS) $(CFLAGS) -c -o libsf_ai_preproc_la-sf_dynamic_preproc_lib.lo `test -f 'include/sf_dynamic_preproc_lib.c' || echo '$(srcdir)/'`include/sf_dynamic_preproc_lib.c
|
||||
|
||||
libsf_ai_preproc_la-sfPolicyUserData.lo: include/sfPolicyUserData.c
|
||||
$(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(libsf_ai_preproc_la_CFLAGS) $(CFLAGS) -c -o libsf_ai_preproc_la-sfPolicyUserData.lo `test -f 'include/sfPolicyUserData.c' || echo '$(srcdir)/'`include/sfPolicyUserData.c
|
||||
|
||||
mostlyclean-libtool:
|
||||
-rm -f *.lo
|
||||
|
||||
clean-libtool:
|
||||
-rm -rf .libs _libs
|
||||
|
||||
distclean-libtool:
|
||||
-rm -f libtool config.lt
|
||||
|
||||
ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
|
||||
list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
|
||||
unique=`for i in $$list; do \
|
||||
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
|
||||
done | \
|
||||
$(AWK) '{ files[$$0] = 1; nonempty = 1; } \
|
||||
END { if (nonempty) { for (i in files) print i; }; }'`; \
|
||||
mkid -fID $$unique
|
||||
tags: TAGS
|
||||
|
||||
TAGS: $(HEADERS) $(SOURCES) config.h.in $(TAGS_DEPENDENCIES) \
|
||||
$(TAGS_FILES) $(LISP)
|
||||
set x; \
|
||||
here=`pwd`; \
|
||||
list='$(SOURCES) $(HEADERS) config.h.in $(LISP) $(TAGS_FILES)'; \
|
||||
unique=`for i in $$list; do \
|
||||
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
|
||||
done | \
|
||||
$(AWK) '{ files[$$0] = 1; nonempty = 1; } \
|
||||
END { if (nonempty) { for (i in files) print i; }; }'`; \
|
||||
shift; \
|
||||
if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \
|
||||
test -n "$$unique" || unique=$$empty_fix; \
|
||||
if test $$# -gt 0; then \
|
||||
$(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
|
||||
"$$@" $$unique; \
|
||||
else \
|
||||
$(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
|
||||
$$unique; \
|
||||
fi; \
|
||||
fi
|
||||
ctags: CTAGS
|
||||
CTAGS: $(HEADERS) $(SOURCES) config.h.in $(TAGS_DEPENDENCIES) \
|
||||
$(TAGS_FILES) $(LISP)
|
||||
list='$(SOURCES) $(HEADERS) config.h.in $(LISP) $(TAGS_FILES)'; \
|
||||
unique=`for i in $$list; do \
|
||||
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
|
||||
done | \
|
||||
$(AWK) '{ files[$$0] = 1; nonempty = 1; } \
|
||||
END { if (nonempty) { for (i in files) print i; }; }'`; \
|
||||
test -z "$(CTAGS_ARGS)$$unique" \
|
||||
|| $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
|
||||
$$unique
|
||||
|
||||
GTAGS:
|
||||
here=`$(am__cd) $(top_builddir) && pwd` \
|
||||
&& $(am__cd) $(top_srcdir) \
|
||||
&& gtags -i $(GTAGS_ARGS) "$$here"
|
||||
|
||||
distclean-tags:
|
||||
-rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
|
||||
|
||||
distdir: $(DISTFILES)
|
||||
$(am__remove_distdir)
|
||||
test -d "$(distdir)" || mkdir "$(distdir)"
|
||||
@srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
|
||||
topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
|
||||
list='$(DISTFILES)'; \
|
||||
dist_files=`for file in $$list; do echo $$file; done | \
|
||||
sed -e "s|^$$srcdirstrip/||;t" \
|
||||
-e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
|
||||
case $$dist_files in \
|
||||
*/*) $(MKDIR_P) `echo "$$dist_files" | \
|
||||
sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
|
||||
sort -u` ;; \
|
||||
esac; \
|
||||
for file in $$dist_files; do \
|
||||
if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
|
||||
if test -d $$d/$$file; then \
|
||||
dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
|
||||
if test -d "$(distdir)/$$file"; then \
|
||||
find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
|
||||
fi; \
|
||||
if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
|
||||
cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \
|
||||
find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
|
||||
fi; \
|
||||
cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \
|
||||
else \
|
||||
test -f "$(distdir)/$$file" \
|
||||
|| cp -p $$d/$$file "$(distdir)/$$file" \
|
||||
|| exit 1; \
|
||||
fi; \
|
||||
done
|
||||
-test -n "$(am__skip_mode_fix)" \
|
||||
|| find "$(distdir)" -type d ! -perm -755 \
|
||||
-exec chmod u+rwx,go+rx {} \; -o \
|
||||
! -type d ! -perm -444 -links 1 -exec chmod a+r {} \; -o \
|
||||
! -type d ! -perm -400 -exec chmod a+r {} \; -o \
|
||||
! -type d ! -perm -444 -exec $(install_sh) -c -m a+r {} {} \; \
|
||||
|| chmod -R a+r "$(distdir)"
|
||||
dist-gzip: distdir
|
||||
tardir=$(distdir) && $(am__tar) | GZIP=$(GZIP_ENV) gzip -c >$(distdir).tar.gz
|
||||
$(am__remove_distdir)
|
||||
|
||||
dist-bzip2: distdir
|
||||
tardir=$(distdir) && $(am__tar) | bzip2 -9 -c >$(distdir).tar.bz2
|
||||
$(am__remove_distdir)
|
||||
|
||||
dist-lzma: distdir
|
||||
tardir=$(distdir) && $(am__tar) | lzma -9 -c >$(distdir).tar.lzma
|
||||
$(am__remove_distdir)
|
||||
|
||||
dist-xz: distdir
|
||||
tardir=$(distdir) && $(am__tar) | xz -c >$(distdir).tar.xz
|
||||
$(am__remove_distdir)
|
||||
|
||||
dist-tarZ: distdir
|
||||
tardir=$(distdir) && $(am__tar) | compress -c >$(distdir).tar.Z
|
||||
$(am__remove_distdir)
|
||||
|
||||
dist-shar: distdir
|
||||
shar $(distdir) | GZIP=$(GZIP_ENV) gzip -c >$(distdir).shar.gz
|
||||
$(am__remove_distdir)
|
||||
|
||||
dist-zip: distdir
|
||||
-rm -f $(distdir).zip
|
||||
zip -rq $(distdir).zip $(distdir)
|
||||
$(am__remove_distdir)
|
||||
|
||||
dist dist-all: distdir
|
||||
tardir=$(distdir) && $(am__tar) | GZIP=$(GZIP_ENV) gzip -c >$(distdir).tar.gz
|
||||
$(am__remove_distdir)
|
||||
|
||||
# This target untars the dist file and tries a VPATH configuration. Then
|
||||
# it guarantees that the distribution is self-contained by making another
|
||||
# tarfile.
|
||||
distcheck: dist
|
||||
case '$(DIST_ARCHIVES)' in \
|
||||
*.tar.gz*) \
|
||||
GZIP=$(GZIP_ENV) gzip -dc $(distdir).tar.gz | $(am__untar) ;;\
|
||||
*.tar.bz2*) \
|
||||
bzip2 -dc $(distdir).tar.bz2 | $(am__untar) ;;\
|
||||
*.tar.lzma*) \
|
||||
lzma -dc $(distdir).tar.lzma | $(am__untar) ;;\
|
||||
*.tar.xz*) \
|
||||
xz -dc $(distdir).tar.xz | $(am__untar) ;;\
|
||||
*.tar.Z*) \
|
||||
uncompress -c $(distdir).tar.Z | $(am__untar) ;;\
|
||||
*.shar.gz*) \
|
||||
GZIP=$(GZIP_ENV) gzip -dc $(distdir).shar.gz | unshar ;;\
|
||||
*.zip*) \
|
||||
unzip $(distdir).zip ;;\
|
||||
esac
|
||||
chmod -R a-w $(distdir); chmod a+w $(distdir)
|
||||
mkdir $(distdir)/_build
|
||||
mkdir $(distdir)/_inst
|
||||
chmod a-w $(distdir)
|
||||
test -d $(distdir)/_build || exit 0; \
|
||||
dc_install_base=`$(am__cd) $(distdir)/_inst && pwd | sed -e 's,^[^:\\/]:[\\/],/,'` \
|
||||
&& dc_destdir="$${TMPDIR-/tmp}/am-dc-$$$$/" \
|
||||
&& am__cwd=`pwd` \
|
||||
&& $(am__cd) $(distdir)/_build \
|
||||
&& ../configure --srcdir=.. --prefix="$$dc_install_base" \
|
||||
$(DISTCHECK_CONFIGURE_FLAGS) \
|
||||
&& $(MAKE) $(AM_MAKEFLAGS) \
|
||||
&& $(MAKE) $(AM_MAKEFLAGS) dvi \
|
||||
&& $(MAKE) $(AM_MAKEFLAGS) check \
|
||||
&& $(MAKE) $(AM_MAKEFLAGS) install \
|
||||
&& $(MAKE) $(AM_MAKEFLAGS) installcheck \
|
||||
&& $(MAKE) $(AM_MAKEFLAGS) uninstall \
|
||||
&& $(MAKE) $(AM_MAKEFLAGS) distuninstallcheck_dir="$$dc_install_base" \
|
||||
distuninstallcheck \
|
||||
&& chmod -R a-w "$$dc_install_base" \
|
||||
&& ({ \
|
||||
(cd ../.. && umask 077 && mkdir "$$dc_destdir") \
|
||||
&& $(MAKE) $(AM_MAKEFLAGS) DESTDIR="$$dc_destdir" install \
|
||||
&& $(MAKE) $(AM_MAKEFLAGS) DESTDIR="$$dc_destdir" uninstall \
|
||||
&& $(MAKE) $(AM_MAKEFLAGS) DESTDIR="$$dc_destdir" \
|
||||
distuninstallcheck_dir="$$dc_destdir" distuninstallcheck; \
|
||||
} || { rm -rf "$$dc_destdir"; exit 1; }) \
|
||||
&& rm -rf "$$dc_destdir" \
|
||||
&& $(MAKE) $(AM_MAKEFLAGS) dist \
|
||||
&& rm -rf $(DIST_ARCHIVES) \
|
||||
&& $(MAKE) $(AM_MAKEFLAGS) distcleancheck \
|
||||
&& cd "$$am__cwd" \
|
||||
|| exit 1
|
||||
$(am__remove_distdir)
|
||||
@(echo "$(distdir) archives ready for distribution: "; \
|
||||
list='$(DIST_ARCHIVES)'; for i in $$list; do echo $$i; done) | \
|
||||
sed -e 1h -e 1s/./=/g -e 1p -e 1x -e '$$p' -e '$$x'
|
||||
distuninstallcheck:
|
||||
@$(am__cd) '$(distuninstallcheck_dir)' \
|
||||
&& test `$(distuninstallcheck_listfiles) | wc -l` -le 1 \
|
||||
|| { echo "ERROR: files left after uninstall:" ; \
|
||||
if test -n "$(DESTDIR)"; then \
|
||||
echo " (check DESTDIR support)"; \
|
||||
fi ; \
|
||||
$(distuninstallcheck_listfiles) ; \
|
||||
exit 1; } >&2
|
||||
distcleancheck: distclean
|
||||
@if test '$(srcdir)' = . ; then \
|
||||
echo "ERROR: distcleancheck can only run from a VPATH build" ; \
|
||||
exit 1 ; \
|
||||
fi
|
||||
@test `$(distcleancheck_listfiles) | wc -l` -eq 0 \
|
||||
|| { echo "ERROR: files left in build directory after distclean:" ; \
|
||||
$(distcleancheck_listfiles) ; \
|
||||
exit 1; } >&2
|
||||
check-am: all-am
|
||||
check: $(BUILT_SOURCES)
|
||||
$(MAKE) $(AM_MAKEFLAGS) check-am
|
||||
all-am: Makefile $(LTLIBRARIES) config.h
|
||||
installdirs:
|
||||
for dir in "$(DESTDIR)$(libdir)"; do \
|
||||
test -z "$$dir" || $(MKDIR_P) "$$dir"; \
|
||||
done
|
||||
install: $(BUILT_SOURCES)
|
||||
$(MAKE) $(AM_MAKEFLAGS) install-am
|
||||
install-exec: install-exec-am
|
||||
install-data: install-data-am
|
||||
uninstall: uninstall-am
|
||||
|
||||
install-am: all-am
|
||||
@$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
|
||||
|
||||
installcheck: installcheck-am
|
||||
install-strip:
|
||||
$(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
|
||||
install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
|
||||
`test -z '$(STRIP)' || \
|
||||
echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
|
||||
mostlyclean-generic:
|
||||
|
||||
clean-generic:
|
||||
|
||||
distclean-generic:
|
||||
-test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
|
||||
-test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES)
|
||||
|
||||
maintainer-clean-generic:
|
||||
@echo "This command is intended for maintainers to use"
|
||||
@echo "it deletes files that may require special tools to rebuild."
|
||||
-test -z "$(BUILT_SOURCES)" || rm -f $(BUILT_SOURCES)
|
||||
clean: clean-am
|
||||
|
||||
clean-am: clean-generic clean-libLTLIBRARIES clean-libtool \
|
||||
mostlyclean-am
|
||||
|
||||
distclean: distclean-am
|
||||
-rm -f $(am__CONFIG_DISTCLEAN_FILES)
|
||||
-rm -f Makefile
|
||||
distclean-am: clean-am distclean-compile distclean-generic \
|
||||
distclean-hdr distclean-libtool distclean-tags
|
||||
|
||||
dvi: dvi-am
|
||||
|
||||
dvi-am:
|
||||
|
||||
html: html-am
|
||||
|
||||
html-am:
|
||||
|
||||
info: info-am
|
||||
|
||||
info-am:
|
||||
|
||||
install-data-am:
|
||||
|
||||
install-dvi: install-dvi-am
|
||||
|
||||
install-dvi-am:
|
||||
|
||||
install-exec-am: install-libLTLIBRARIES
|
||||
|
||||
install-html: install-html-am
|
||||
|
||||
install-html-am:
|
||||
|
||||
install-info: install-info-am
|
||||
|
||||
install-info-am:
|
||||
|
||||
install-man:
|
||||
|
||||
install-pdf: install-pdf-am
|
||||
|
||||
install-pdf-am:
|
||||
|
||||
install-ps: install-ps-am
|
||||
|
||||
install-ps-am:
|
||||
|
||||
installcheck-am:
|
||||
|
||||
maintainer-clean: maintainer-clean-am
|
||||
-rm -f $(am__CONFIG_DISTCLEAN_FILES)
|
||||
-rm -rf $(top_srcdir)/autom4te.cache
|
||||
-rm -f Makefile
|
||||
maintainer-clean-am: distclean-am maintainer-clean-generic
|
||||
|
||||
mostlyclean: mostlyclean-am
|
||||
|
||||
mostlyclean-am: mostlyclean-compile mostlyclean-generic \
|
||||
mostlyclean-libtool
|
||||
|
||||
pdf: pdf-am
|
||||
|
||||
pdf-am:
|
||||
|
||||
ps: ps-am
|
||||
|
||||
ps-am:
|
||||
|
||||
uninstall-am: uninstall-libLTLIBRARIES
|
||||
|
||||
.MAKE: all check install install-am install-strip
|
||||
|
||||
.PHONY: CTAGS GTAGS all all-am am--refresh check check-am clean \
|
||||
clean-generic clean-libLTLIBRARIES clean-libtool ctags dist \
|
||||
dist-all dist-bzip2 dist-gzip dist-lzma dist-shar dist-tarZ \
|
||||
dist-xz dist-zip distcheck distclean distclean-compile \
|
||||
distclean-generic distclean-hdr distclean-libtool \
|
||||
distclean-tags distcleancheck distdir distuninstallcheck dvi \
|
||||
dvi-am html html-am info info-am install install-am \
|
||||
install-data install-data-am install-dvi install-dvi-am \
|
||||
install-exec install-exec-am install-html install-html-am \
|
||||
install-info install-info-am install-libLTLIBRARIES \
|
||||
install-man install-pdf install-pdf-am install-ps \
|
||||
install-ps-am install-strip installcheck installcheck-am \
|
||||
installdirs maintainer-clean maintainer-clean-generic \
|
||||
mostlyclean mostlyclean-compile mostlyclean-generic \
|
||||
mostlyclean-libtool pdf pdf-am ps ps-am tags uninstall \
|
||||
uninstall-am uninstall-libLTLIBRARIES
|
||||
|
||||
|
||||
# Tell versions [3.59,3.63) of GNU make to not export all variables.
|
||||
# Otherwise a system limit (for SysV at least) may be exceeded.
|
||||
.NOEXPORT:
|
|
@ -1,5 +1,7 @@
|
|||
# Path to your Snort preprocess directory (default: /usr/lib/snort_dynamicpreprocessor)
|
||||
# CHANGE THIS LINE IF YOU INSTALLED SNORT SOMEWHERE ELSE!!!!!!!!!!
|
||||
# /bin/sh ./libtool --tag=CC --mode=compile gcc -DHAVE_CONFIG_H -I. -I./uthash -I./include -DDYNAMIC_PLUGIN -DSUP_IP6 -fvisibility=hidden -fno-strict-aliasing -Wall -fstack-protector -g -O2 -c -o alert_parser.lo alert_parser.c
|
||||
# /bin/sh ./libtool --tag=CC --mode=link gcc -DDYNAMIC_PLUGIN -DSUP_IP6 -fvisibility=hidden -fno-strict-aliasing -Wall -fstack-protector -g -O2 -module -export-dynamic -o libsf_ai_preproc.la -rpath /home/blacklight/local/snort/lib/snort_dynamicpreprocessor alert_parser.lo cluster.lo db.lo mysql.lo regex.lo spp_ai.lo stream.lo sf_dynamic_preproc_lib.lo sfPolicyUserData.lo -lpthread -lmysqlclient
|
||||
PREPROC_PATH=/home/blacklight/local/snort/lib/snort_dynamicpreprocessor
|
||||
|
||||
INCLUDES=-I. -I../../.. -I../include -I./uthash
|
File diff suppressed because it is too large
Load Diff
File diff suppressed because it is too large
Load Diff
File diff suppressed because it is too large
Load Diff
|
@ -0,0 +1,272 @@
|
|||
# This file was generated by Autom4te Tue Aug 3 21:06:07 PDT 2010.
|
||||
# It contains the lists of macros which have been traced.
|
||||
# It can be safely removed.
|
||||
|
||||
@request = (
|
||||
bless( [
|
||||
'0',
|
||||
1,
|
||||
[
|
||||
'/usr/share/autoconf'
|
||||
],
|
||||
[
|
||||
'/usr/share/autoconf/autoconf/autoconf.m4f',
|
||||
'/usr/share/aclocal/argz.m4',
|
||||
'/usr/share/aclocal/libtool.m4',
|
||||
'/usr/share/aclocal/ltdl.m4',
|
||||
'/usr/share/aclocal/ltoptions.m4',
|
||||
'/usr/share/aclocal/ltsugar.m4',
|
||||
'/usr/share/aclocal/ltversion.m4',
|
||||
'/usr/share/aclocal/lt~obsolete.m4',
|
||||
'/usr/share/aclocal-1.11/amversion.m4',
|
||||
'/usr/share/aclocal-1.11/auxdir.m4',
|
||||
'/usr/share/aclocal-1.11/cond.m4',
|
||||
'/usr/share/aclocal-1.11/depend.m4',
|
||||
'/usr/share/aclocal-1.11/depout.m4',
|
||||
'/usr/share/aclocal-1.11/init.m4',
|
||||
'/usr/share/aclocal-1.11/install-sh.m4',
|
||||
'/usr/share/aclocal-1.11/lead-dot.m4',
|
||||
'/usr/share/aclocal-1.11/make.m4',
|
||||
'/usr/share/aclocal-1.11/missing.m4',
|
||||
'/usr/share/aclocal-1.11/mkdirp.m4',
|
||||
'/usr/share/aclocal-1.11/options.m4',
|
||||
'/usr/share/aclocal-1.11/runlog.m4',
|
||||
'/usr/share/aclocal-1.11/sanity.m4',
|
||||
'/usr/share/aclocal-1.11/silent.m4',
|
||||
'/usr/share/aclocal-1.11/strip.m4',
|
||||
'/usr/share/aclocal-1.11/substnot.m4',
|
||||
'/usr/share/aclocal-1.11/tar.m4',
|
||||
'configure.ac'
|
||||
],
|
||||
{
|
||||
'AM_ENABLE_STATIC' => 1,
|
||||
'AC_LIBTOOL_LANG_RC_CONFIG' => 1,
|
||||
'_LT_AC_SHELL_INIT' => 1,
|
||||
'AC_DEFUN' => 1,
|
||||
'_LT_AC_LANG_CXX_CONFIG' => 1,
|
||||
'AC_PROG_LIBTOOL' => 1,
|
||||
'AM_PROG_MKDIR_P' => 1,
|
||||
'AM_AUTOMAKE_VERSION' => 1,
|
||||
'AM_SUBST_NOTMAKE' => 1,
|
||||
'AM_MISSING_PROG' => 1,
|
||||
'AC_LIBTOOL_PROG_LD_HARDCODE_LIBPATH' => 1,
|
||||
'_LT_AC_LANG_C_CONFIG' => 1,
|
||||
'AM_PROG_INSTALL_STRIP' => 1,
|
||||
'_m4_warn' => 1,
|
||||
'AC_LIBTOOL_OBJDIR' => 1,
|
||||
'gl_FUNC_ARGZ' => 1,
|
||||
'AM_SANITY_CHECK' => 1,
|
||||
'LTOBSOLETE_VERSION' => 1,
|
||||
'AC_LIBTOOL_LANG_GCJ_CONFIG' => 1,
|
||||
'AC_LIBTOOL_PROG_COMPILER_PIC' => 1,
|
||||
'LT_LIB_M' => 1,
|
||||
'_LT_AC_CHECK_DLFCN' => 1,
|
||||
'AC_LIBTOOL_SYS_GLOBAL_SYMBOL_PIPE' => 1,
|
||||
'LTSUGAR_VERSION' => 1,
|
||||
'_LT_PROG_LTMAIN' => 1,
|
||||
'LT_SYS_SYMBOL_USCORE' => 1,
|
||||
'_AM_PROG_TAR' => 1,
|
||||
'AC_LIBTOOL_GCJ' => 1,
|
||||
'LT_SYS_DLOPEN_DEPLIBS' => 1,
|
||||
'LT_FUNC_DLSYM_USCORE' => 1,
|
||||
'_LT_AC_LANG_F77' => 1,
|
||||
'AC_LIBTOOL_CONFIG' => 1,
|
||||
'AC_LTDL_DLLIB' => 1,
|
||||
'_AM_SUBST_NOTMAKE' => 1,
|
||||
'_AM_AUTOCONF_VERSION' => 1,
|
||||
'AM_DISABLE_SHARED' => 1,
|
||||
'_LTDL_SETUP' => 1,
|
||||
'AM_PROG_LIBTOOL' => 1,
|
||||
'_LT_AC_LANG_CXX' => 1,
|
||||
'AM_PROG_LD' => 1,
|
||||
'_LT_AC_FILE_LTDLL_C' => 1,
|
||||
'AC_LIB_LTDL' => 1,
|
||||
'AU_DEFUN' => 1,
|
||||
'AC_PROG_NM' => 1,
|
||||
'AC_LIBTOOL_DLOPEN' => 1,
|
||||
'AC_PROG_LD' => 1,
|
||||
'AC_PROG_LD_GNU' => 1,
|
||||
'AC_ENABLE_FAST_INSTALL' => 1,
|
||||
'AC_LIBTOOL_FC' => 1,
|
||||
'LTDL_CONVENIENCE' => 1,
|
||||
'_AM_SET_OPTION' => 1,
|
||||
'AC_LTDL_PREOPEN' => 1,
|
||||
'_LT_LINKER_BOILERPLATE' => 1,
|
||||
'AC_LIBTOOL_LANG_CXX_CONFIG' => 1,
|
||||
'AC_LIBTOOL_PROG_CC_C_O' => 1,
|
||||
'gl_PREREQ_ARGZ' => 1,
|
||||
'LT_SUPPORTED_TAG' => 1,
|
||||
'AM_OUTPUT_DEPENDENCY_COMMANDS' => 1,
|
||||
'LT_PROG_RC' => 1,
|
||||
'LT_SYS_MODULE_EXT' => 1,
|
||||
'AC_DEFUN_ONCE' => 1,
|
||||
'_LT_AC_LANG_GCJ' => 1,
|
||||
'AC_LTDL_OBJDIR' => 1,
|
||||
'_LT_PATH_TOOL_PREFIX' => 1,
|
||||
'AC_LIBTOOL_RC' => 1,
|
||||
'_LT_AC_PROG_ECHO_BACKSLASH' => 1,
|
||||
'AC_DISABLE_FAST_INSTALL' => 1,
|
||||
'AM_SILENT_RULES' => 1,
|
||||
'include' => 1,
|
||||
'_LT_AC_TRY_DLOPEN_SELF' => 1,
|
||||
'_LT_AC_SYS_LIBPATH_AIX' => 1,
|
||||
'LT_AC_PROG_SED' => 1,
|
||||
'AM_ENABLE_SHARED' => 1,
|
||||
'LTDL_INSTALLABLE' => 1,
|
||||
'_LT_AC_LANG_GCJ_CONFIG' => 1,
|
||||
'AC_ENABLE_SHARED' => 1,
|
||||
'AC_LIBTOOL_SYS_HARD_LINK_LOCKS' => 1,
|
||||
'AC_ENABLE_STATIC' => 1,
|
||||
'_LT_AC_TAGVAR' => 1,
|
||||
'AC_LIBTOOL_LANG_F77_CONFIG' => 1,
|
||||
'AM_CONDITIONAL' => 1,
|
||||
'LT_LIB_DLLOAD' => 1,
|
||||
'LTVERSION_VERSION' => 1,
|
||||
'LTDL_INIT' => 1,
|
||||
'm4_include' => 1,
|
||||
'AM_PROG_INSTALL_SH' => 1,
|
||||
'AC_PROG_EGREP' => 1,
|
||||
'AC_PATH_MAGIC' => 1,
|
||||
'_AC_AM_CONFIG_HEADER_HOOK' => 1,
|
||||
'AC_LTDL_SYSSEARCHPATH' => 1,
|
||||
'AM_MAKE_INCLUDE' => 1,
|
||||
'LT_CMD_MAX_LEN' => 1,
|
||||
'_LT_AC_TAGCONFIG' => 1,
|
||||
'm4_pattern_forbid' => 1,
|
||||
'_LT_LINKER_OPTION' => 1,
|
||||
'AC_LIBTOOL_COMPILER_OPTION' => 1,
|
||||
'AC_DISABLE_SHARED' => 1,
|
||||
'_LT_COMPILER_BOILERPLATE' => 1,
|
||||
'AC_LIBTOOL_WIN32_DLL' => 1,
|
||||
'AC_LIBTOOL_SETUP' => 1,
|
||||
'AC_PROG_LD_RELOAD_FLAG' => 1,
|
||||
'AC_LTDL_DLSYM_USCORE' => 1,
|
||||
'AM_MISSING_HAS_RUN' => 1,
|
||||
'LT_LANG' => 1,
|
||||
'LT_SYS_DLSEARCH_PATH' => 1,
|
||||
'LT_CONFIG_LTDL_DIR' => 1,
|
||||
'AC_LIBTOOL_DLOPEN_SELF' => 1,
|
||||
'LT_OUTPUT' => 1,
|
||||
'AC_LIBTOOL_PROG_LD_SHLIBS' => 1,
|
||||
'AC_WITH_LTDL' => 1,
|
||||
'AC_LIBTOOL_LINKER_OPTION' => 1,
|
||||
'LT_AC_PROG_RC' => 1,
|
||||
'AC_LIBTOOL_CXX' => 1,
|
||||
'LT_INIT' => 1,
|
||||
'LT_AC_PROG_GCJ' => 1,
|
||||
'LT_SYS_DLOPEN_SELF' => 1,
|
||||
'AM_DEP_TRACK' => 1,
|
||||
'AM_DISABLE_STATIC' => 1,
|
||||
'_AC_PROG_LIBTOOL' => 1,
|
||||
'_AM_IF_OPTION' => 1,
|
||||
'AC_PATH_TOOL_PREFIX' => 1,
|
||||
'm4_pattern_allow' => 1,
|
||||
'AC_LIBTOOL_F77' => 1,
|
||||
'AM_SET_LEADING_DOT' => 1,
|
||||
'LT_AC_PROG_EGREP' => 1,
|
||||
'_AM_DEPENDENCIES' => 1,
|
||||
'AC_LIBTOOL_LANG_C_CONFIG' => 1,
|
||||
'LTOPTIONS_VERSION' => 1,
|
||||
'_LT_AC_SYS_COMPILER' => 1,
|
||||
'AM_PROG_NM' => 1,
|
||||
'AC_LIBLTDL_CONVENIENCE' => 1,
|
||||
'AC_DEPLIBS_CHECK_METHOD' => 1,
|
||||
'AC_LIBLTDL_INSTALLABLE' => 1,
|
||||
'AM_SET_CURRENT_AUTOMAKE_VERSION' => 1,
|
||||
'AC_LTDL_ENABLE_INSTALL' => 1,
|
||||
'LT_PROG_GCJ' => 1,
|
||||
'AC_LIBTOOL_SYS_DYNAMIC_LINKER' => 1,
|
||||
'AM_INIT_AUTOMAKE' => 1,
|
||||
'AC_DISABLE_STATIC' => 1,
|
||||
'LT_PATH_NM' => 1,
|
||||
'AC_LTDL_SHLIBEXT' => 1,
|
||||
'_LT_AC_LOCK' => 1,
|
||||
'_LT_AC_LANG_RC_CONFIG' => 1,
|
||||
'LT_SYS_MODULE_PATH' => 1,
|
||||
'LT_WITH_LTDL' => 1,
|
||||
'AC_LIBTOOL_POSTDEP_PREDEP' => 1,
|
||||
'AC_LTDL_SHLIBPATH' => 1,
|
||||
'AM_AUX_DIR_EXPAND' => 1,
|
||||
'AC_LIBTOOL_PROG_COMPILER_NO_RTTI' => 1,
|
||||
'_LT_AC_LANG_F77_CONFIG' => 1,
|
||||
'_LT_COMPILER_OPTION' => 1,
|
||||
'_AM_SET_OPTIONS' => 1,
|
||||
'AM_RUN_LOG' => 1,
|
||||
'_AM_OUTPUT_DEPENDENCY_COMMANDS' => 1,
|
||||
'AC_LTDL_SYS_DLOPEN_DEPLIBS' => 1,
|
||||
'AC_LIBTOOL_SYS_OLD_ARCHIVE' => 1,
|
||||
'AC_LIBTOOL_PICMODE' => 1,
|
||||
'AC_CHECK_LIBM' => 1,
|
||||
'LT_PATH_LD' => 1,
|
||||
'AC_LIBTOOL_SYS_LIB_STRIP' => 1,
|
||||
'_AM_MANGLE_OPTION' => 1,
|
||||
'AC_LIBTOOL_SYS_MAX_CMD_LEN' => 1,
|
||||
'AC_LTDL_SYMBOL_USCORE' => 1,
|
||||
'AM_SET_DEPDIR' => 1,
|
||||
'_LT_CC_BASENAME' => 1,
|
||||
'_LT_LIBOBJ' => 1
|
||||
}
|
||||
], 'Autom4te::Request' ),
|
||||
bless( [
|
||||
'1',
|
||||
1,
|
||||
[
|
||||
'/usr/share/autoconf'
|
||||
],
|
||||
[
|
||||
'/usr/share/autoconf/autoconf/autoconf.m4f',
|
||||
'aclocal.m4',
|
||||
'configure.ac'
|
||||
],
|
||||
{
|
||||
'AM_PROG_F77_C_O' => 1,
|
||||
'_LT_AC_TAGCONFIG' => 1,
|
||||
'm4_pattern_forbid' => 1,
|
||||
'AC_INIT' => 1,
|
||||
'AC_CANONICAL_TARGET' => 1,
|
||||
'_AM_COND_IF' => 1,
|
||||
'AC_CONFIG_LIBOBJ_DIR' => 1,
|
||||
'AC_SUBST' => 1,
|
||||
'AC_CANONICAL_HOST' => 1,
|
||||
'AC_FC_SRCEXT' => 1,
|
||||
'AC_PROG_LIBTOOL' => 1,
|
||||
'AM_INIT_AUTOMAKE' => 1,
|
||||
'AC_CONFIG_SUBDIRS' => 1,
|
||||
'AM_AUTOMAKE_VERSION' => 1,
|
||||
'LT_CONFIG_LTDL_DIR' => 1,
|
||||
'AC_CONFIG_LINKS' => 1,
|
||||
'AC_REQUIRE_AUX_FILE' => 1,
|
||||
'LT_SUPPORTED_TAG' => 1,
|
||||
'm4_sinclude' => 1,
|
||||
'AM_MAINTAINER_MODE' => 1,
|
||||
'AM_GNU_GETTEXT_INTL_SUBDIR' => 1,
|
||||
'_m4_warn' => 1,
|
||||
'AM_PROG_CXX_C_O' => 1,
|
||||
'_AM_COND_ENDIF' => 1,
|
||||
'AM_ENABLE_MULTILIB' => 1,
|
||||
'AM_SILENT_RULES' => 1,
|
||||
'AC_CONFIG_FILES' => 1,
|
||||
'include' => 1,
|
||||
'LT_INIT' => 1,
|
||||
'AM_GNU_GETTEXT' => 1,
|
||||
'AC_LIBSOURCE' => 1,
|
||||
'AC_CANONICAL_BUILD' => 1,
|
||||
'AM_PROG_FC_C_O' => 1,
|
||||
'AC_FC_FREEFORM' => 1,
|
||||
'AH_OUTPUT' => 1,
|
||||
'AC_CONFIG_AUX_DIR' => 1,
|
||||
'_AM_SUBST_NOTMAKE' => 1,
|
||||
'AM_PROG_CC_C_O' => 1,
|
||||
'm4_pattern_allow' => 1,
|
||||
'sinclude' => 1,
|
||||
'AM_CONDITIONAL' => 1,
|
||||
'AC_CANONICAL_SYSTEM' => 1,
|
||||
'AC_CONFIG_HEADERS' => 1,
|
||||
'AC_DEFINE_TRACE_LITERAL' => 1,
|
||||
'm4_include' => 1,
|
||||
'_AM_COND_ELSE' => 1,
|
||||
'AC_SUBST_TRACE' => 1
|
||||
}
|
||||
], 'Autom4te::Request' )
|
||||
);
|
||||
|
File diff suppressed because it is too large
Load Diff
|
@ -0,0 +1,681 @@
|
|||
m4trace:configure.ac:5: -1- AC_INIT([Snort_AI_preproc], [0.1], [blacklight@autistici.org])
|
||||
m4trace:configure.ac:5: -1- m4_pattern_forbid([^_?A[CHUM]_])
|
||||
m4trace:configure.ac:5: -1- m4_pattern_forbid([_AC_])
|
||||
m4trace:configure.ac:5: -1- m4_pattern_forbid([^LIBOBJS$], [do not use LIBOBJS directly, use AC_LIBOBJ (see section `AC_LIBOBJ vs LIBOBJS'])
|
||||
m4trace:configure.ac:5: -1- m4_pattern_allow([^AS_FLAGS$])
|
||||
m4trace:configure.ac:5: -1- m4_pattern_forbid([^_?m4_])
|
||||
m4trace:configure.ac:5: -1- m4_pattern_forbid([^dnl$])
|
||||
m4trace:configure.ac:5: -1- m4_pattern_forbid([^_?AS_])
|
||||
m4trace:configure.ac:5: -1- AC_SUBST([SHELL])
|
||||
m4trace:configure.ac:5: -1- AC_SUBST_TRACE([SHELL])
|
||||
m4trace:configure.ac:5: -1- m4_pattern_allow([^SHELL$])
|
||||
m4trace:configure.ac:5: -1- AC_SUBST([PATH_SEPARATOR])
|
||||
m4trace:configure.ac:5: -1- AC_SUBST_TRACE([PATH_SEPARATOR])
|
||||
m4trace:configure.ac:5: -1- m4_pattern_allow([^PATH_SEPARATOR$])
|
||||
m4trace:configure.ac:5: -1- AC_SUBST([PACKAGE_NAME], [m4_ifdef([AC_PACKAGE_NAME], ['AC_PACKAGE_NAME'])])
|
||||
m4trace:configure.ac:5: -1- AC_SUBST_TRACE([PACKAGE_NAME])
|
||||
m4trace:configure.ac:5: -1- m4_pattern_allow([^PACKAGE_NAME$])
|
||||
m4trace:configure.ac:5: -1- AC_SUBST([PACKAGE_TARNAME], [m4_ifdef([AC_PACKAGE_TARNAME], ['AC_PACKAGE_TARNAME'])])
|
||||
m4trace:configure.ac:5: -1- AC_SUBST_TRACE([PACKAGE_TARNAME])
|
||||
m4trace:configure.ac:5: -1- m4_pattern_allow([^PACKAGE_TARNAME$])
|
||||
m4trace:configure.ac:5: -1- AC_SUBST([PACKAGE_VERSION], [m4_ifdef([AC_PACKAGE_VERSION], ['AC_PACKAGE_VERSION'])])
|
||||
m4trace:configure.ac:5: -1- AC_SUBST_TRACE([PACKAGE_VERSION])
|
||||
m4trace:configure.ac:5: -1- m4_pattern_allow([^PACKAGE_VERSION$])
|
||||
m4trace:configure.ac:5: -1- AC_SUBST([PACKAGE_STRING], [m4_ifdef([AC_PACKAGE_STRING], ['AC_PACKAGE_STRING'])])
|
||||
m4trace:configure.ac:5: -1- AC_SUBST_TRACE([PACKAGE_STRING])
|
||||
m4trace:configure.ac:5: -1- m4_pattern_allow([^PACKAGE_STRING$])
|
||||
m4trace:configure.ac:5: -1- AC_SUBST([PACKAGE_BUGREPORT], [m4_ifdef([AC_PACKAGE_BUGREPORT], ['AC_PACKAGE_BUGREPORT'])])
|
||||
m4trace:configure.ac:5: -1- AC_SUBST_TRACE([PACKAGE_BUGREPORT])
|
||||
m4trace:configure.ac:5: -1- m4_pattern_allow([^PACKAGE_BUGREPORT$])
|
||||
m4trace:configure.ac:5: -1- AC_SUBST([PACKAGE_URL], [m4_ifdef([AC_PACKAGE_URL], ['AC_PACKAGE_URL'])])
|
||||
m4trace:configure.ac:5: -1- AC_SUBST_TRACE([PACKAGE_URL])
|
||||
m4trace:configure.ac:5: -1- m4_pattern_allow([^PACKAGE_URL$])
|
||||
m4trace:configure.ac:5: -1- AC_SUBST([exec_prefix], [NONE])
|
||||
m4trace:configure.ac:5: -1- AC_SUBST_TRACE([exec_prefix])
|
||||
m4trace:configure.ac:5: -1- m4_pattern_allow([^exec_prefix$])
|
||||
m4trace:configure.ac:5: -1- AC_SUBST([prefix], [NONE])
|
||||
m4trace:configure.ac:5: -1- AC_SUBST_TRACE([prefix])
|
||||
m4trace:configure.ac:5: -1- m4_pattern_allow([^prefix$])
|
||||
m4trace:configure.ac:5: -1- AC_SUBST([program_transform_name], [s,x,x,])
|
||||
m4trace:configure.ac:5: -1- AC_SUBST_TRACE([program_transform_name])
|
||||
m4trace:configure.ac:5: -1- m4_pattern_allow([^program_transform_name$])
|
||||
m4trace:configure.ac:5: -1- AC_SUBST([bindir], ['${exec_prefix}/bin'])
|
||||
m4trace:configure.ac:5: -1- AC_SUBST_TRACE([bindir])
|
||||
m4trace:configure.ac:5: -1- m4_pattern_allow([^bindir$])
|
||||
m4trace:configure.ac:5: -1- AC_SUBST([sbindir], ['${exec_prefix}/sbin'])
|
||||
m4trace:configure.ac:5: -1- AC_SUBST_TRACE([sbindir])
|
||||
m4trace:configure.ac:5: -1- m4_pattern_allow([^sbindir$])
|
||||
m4trace:configure.ac:5: -1- AC_SUBST([libexecdir], ['${exec_prefix}/libexec'])
|
||||
m4trace:configure.ac:5: -1- AC_SUBST_TRACE([libexecdir])
|
||||
m4trace:configure.ac:5: -1- m4_pattern_allow([^libexecdir$])
|
||||
m4trace:configure.ac:5: -1- AC_SUBST([datarootdir], ['${prefix}/share'])
|
||||
m4trace:configure.ac:5: -1- AC_SUBST_TRACE([datarootdir])
|
||||
m4trace:configure.ac:5: -1- m4_pattern_allow([^datarootdir$])
|
||||
m4trace:configure.ac:5: -1- AC_SUBST([datadir], ['${datarootdir}'])
|
||||
m4trace:configure.ac:5: -1- AC_SUBST_TRACE([datadir])
|
||||
m4trace:configure.ac:5: -1- m4_pattern_allow([^datadir$])
|
||||
m4trace:configure.ac:5: -1- AC_SUBST([sysconfdir], ['${prefix}/etc'])
|
||||
m4trace:configure.ac:5: -1- AC_SUBST_TRACE([sysconfdir])
|
||||
m4trace:configure.ac:5: -1- m4_pattern_allow([^sysconfdir$])
|
||||
m4trace:configure.ac:5: -1- AC_SUBST([sharedstatedir], ['${prefix}/com'])
|
||||
m4trace:configure.ac:5: -1- AC_SUBST_TRACE([sharedstatedir])
|
||||
m4trace:configure.ac:5: -1- m4_pattern_allow([^sharedstatedir$])
|
||||
m4trace:configure.ac:5: -1- AC_SUBST([localstatedir], ['${prefix}/var'])
|
||||
m4trace:configure.ac:5: -1- AC_SUBST_TRACE([localstatedir])
|
||||
m4trace:configure.ac:5: -1- m4_pattern_allow([^localstatedir$])
|
||||
m4trace:configure.ac:5: -1- AC_SUBST([includedir], ['${prefix}/include'])
|
||||
m4trace:configure.ac:5: -1- AC_SUBST_TRACE([includedir])
|
||||
m4trace:configure.ac:5: -1- m4_pattern_allow([^includedir$])
|
||||
m4trace:configure.ac:5: -1- AC_SUBST([oldincludedir], ['/usr/include'])
|
||||
m4trace:configure.ac:5: -1- AC_SUBST_TRACE([oldincludedir])
|
||||
m4trace:configure.ac:5: -1- m4_pattern_allow([^oldincludedir$])
|
||||
m4trace:configure.ac:5: -1- AC_SUBST([docdir], [m4_ifset([AC_PACKAGE_TARNAME],
|
||||
['${datarootdir}/doc/${PACKAGE_TARNAME}'],
|
||||
['${datarootdir}/doc/${PACKAGE}'])])
|
||||
m4trace:configure.ac:5: -1- AC_SUBST_TRACE([docdir])
|
||||
m4trace:configure.ac:5: -1- m4_pattern_allow([^docdir$])
|
||||
m4trace:configure.ac:5: -1- AC_SUBST([infodir], ['${datarootdir}/info'])
|
||||
m4trace:configure.ac:5: -1- AC_SUBST_TRACE([infodir])
|
||||
m4trace:configure.ac:5: -1- m4_pattern_allow([^infodir$])
|
||||
m4trace:configure.ac:5: -1- AC_SUBST([htmldir], ['${docdir}'])
|
||||
m4trace:configure.ac:5: -1- AC_SUBST_TRACE([htmldir])
|
||||
m4trace:configure.ac:5: -1- m4_pattern_allow([^htmldir$])
|
||||
m4trace:configure.ac:5: -1- AC_SUBST([dvidir], ['${docdir}'])
|
||||
m4trace:configure.ac:5: -1- AC_SUBST_TRACE([dvidir])
|
||||
m4trace:configure.ac:5: -1- m4_pattern_allow([^dvidir$])
|
||||
m4trace:configure.ac:5: -1- AC_SUBST([pdfdir], ['${docdir}'])
|
||||
m4trace:configure.ac:5: -1- AC_SUBST_TRACE([pdfdir])
|
||||
m4trace:configure.ac:5: -1- m4_pattern_allow([^pdfdir$])
|
||||
m4trace:configure.ac:5: -1- AC_SUBST([psdir], ['${docdir}'])
|
||||
m4trace:configure.ac:5: -1- AC_SUBST_TRACE([psdir])
|
||||
m4trace:configure.ac:5: -1- m4_pattern_allow([^psdir$])
|
||||
m4trace:configure.ac:5: -1- AC_SUBST([libdir], ['${exec_prefix}/lib'])
|
||||
m4trace:configure.ac:5: -1- AC_SUBST_TRACE([libdir])
|
||||
m4trace:configure.ac:5: -1- m4_pattern_allow([^libdir$])
|
||||
m4trace:configure.ac:5: -1- AC_SUBST([localedir], ['${datarootdir}/locale'])
|
||||
m4trace:configure.ac:5: -1- AC_SUBST_TRACE([localedir])
|
||||
m4trace:configure.ac:5: -1- m4_pattern_allow([^localedir$])
|
||||
m4trace:configure.ac:5: -1- AC_SUBST([mandir], ['${datarootdir}/man'])
|
||||
m4trace:configure.ac:5: -1- AC_SUBST_TRACE([mandir])
|
||||
m4trace:configure.ac:5: -1- m4_pattern_allow([^mandir$])
|
||||
m4trace:configure.ac:5: -1- AC_DEFINE_TRACE_LITERAL([PACKAGE_NAME])
|
||||
m4trace:configure.ac:5: -1- m4_pattern_allow([^PACKAGE_NAME$])
|
||||
m4trace:configure.ac:5: -1- AH_OUTPUT([PACKAGE_NAME], [/* Define to the full name of this package. */
|
||||
@%:@undef PACKAGE_NAME])
|
||||
m4trace:configure.ac:5: -1- AC_DEFINE_TRACE_LITERAL([PACKAGE_TARNAME])
|
||||
m4trace:configure.ac:5: -1- m4_pattern_allow([^PACKAGE_TARNAME$])
|
||||
m4trace:configure.ac:5: -1- AH_OUTPUT([PACKAGE_TARNAME], [/* Define to the one symbol short name of this package. */
|
||||
@%:@undef PACKAGE_TARNAME])
|
||||
m4trace:configure.ac:5: -1- AC_DEFINE_TRACE_LITERAL([PACKAGE_VERSION])
|
||||
m4trace:configure.ac:5: -1- m4_pattern_allow([^PACKAGE_VERSION$])
|
||||
m4trace:configure.ac:5: -1- AH_OUTPUT([PACKAGE_VERSION], [/* Define to the version of this package. */
|
||||
@%:@undef PACKAGE_VERSION])
|
||||
m4trace:configure.ac:5: -1- AC_DEFINE_TRACE_LITERAL([PACKAGE_STRING])
|
||||
m4trace:configure.ac:5: -1- m4_pattern_allow([^PACKAGE_STRING$])
|
||||
m4trace:configure.ac:5: -1- AH_OUTPUT([PACKAGE_STRING], [/* Define to the full name and version of this package. */
|
||||
@%:@undef PACKAGE_STRING])
|
||||
m4trace:configure.ac:5: -1- AC_DEFINE_TRACE_LITERAL([PACKAGE_BUGREPORT])
|
||||
m4trace:configure.ac:5: -1- m4_pattern_allow([^PACKAGE_BUGREPORT$])
|
||||
m4trace:configure.ac:5: -1- AH_OUTPUT([PACKAGE_BUGREPORT], [/* Define to the address where bug reports for this package should be sent. */
|
||||
@%:@undef PACKAGE_BUGREPORT])
|
||||
m4trace:configure.ac:5: -1- AC_DEFINE_TRACE_LITERAL([PACKAGE_URL])
|
||||
m4trace:configure.ac:5: -1- m4_pattern_allow([^PACKAGE_URL$])
|
||||
m4trace:configure.ac:5: -1- AH_OUTPUT([PACKAGE_URL], [/* Define to the home page for this package. */
|
||||
@%:@undef PACKAGE_URL])
|
||||
m4trace:configure.ac:5: -1- AC_SUBST([DEFS])
|
||||
m4trace:configure.ac:5: -1- AC_SUBST_TRACE([DEFS])
|
||||
m4trace:configure.ac:5: -1- m4_pattern_allow([^DEFS$])
|
||||
m4trace:configure.ac:5: -1- AC_SUBST([ECHO_C])
|
||||
m4trace:configure.ac:5: -1- AC_SUBST_TRACE([ECHO_C])
|
||||
m4trace:configure.ac:5: -1- m4_pattern_allow([^ECHO_C$])
|
||||
m4trace:configure.ac:5: -1- AC_SUBST([ECHO_N])
|
||||
m4trace:configure.ac:5: -1- AC_SUBST_TRACE([ECHO_N])
|
||||
m4trace:configure.ac:5: -1- m4_pattern_allow([^ECHO_N$])
|
||||
m4trace:configure.ac:5: -1- AC_SUBST([ECHO_T])
|
||||
m4trace:configure.ac:5: -1- AC_SUBST_TRACE([ECHO_T])
|
||||
m4trace:configure.ac:5: -1- m4_pattern_allow([^ECHO_T$])
|
||||
m4trace:configure.ac:5: -1- AC_SUBST([LIBS])
|
||||
m4trace:configure.ac:5: -1- AC_SUBST_TRACE([LIBS])
|
||||
m4trace:configure.ac:5: -1- m4_pattern_allow([^LIBS$])
|
||||
m4trace:configure.ac:5: -1- AC_SUBST([build_alias])
|
||||
m4trace:configure.ac:5: -1- AC_SUBST_TRACE([build_alias])
|
||||
m4trace:configure.ac:5: -1- m4_pattern_allow([^build_alias$])
|
||||
m4trace:configure.ac:5: -1- AC_SUBST([host_alias])
|
||||
m4trace:configure.ac:5: -1- AC_SUBST_TRACE([host_alias])
|
||||
m4trace:configure.ac:5: -1- m4_pattern_allow([^host_alias$])
|
||||
m4trace:configure.ac:5: -1- AC_SUBST([target_alias])
|
||||
m4trace:configure.ac:5: -1- AC_SUBST_TRACE([target_alias])
|
||||
m4trace:configure.ac:5: -1- m4_pattern_allow([^target_alias$])
|
||||
m4trace:configure.ac:6: -1- AM_INIT_AUTOMAKE([1.10 -Wall no-define])
|
||||
m4trace:configure.ac:6: -1- m4_pattern_allow([^AM_[A-Z]+FLAGS$])
|
||||
m4trace:configure.ac:6: -1- AM_AUTOMAKE_VERSION([1.11.1])
|
||||
m4trace:configure.ac:6: -1- AC_REQUIRE_AUX_FILE([install-sh])
|
||||
m4trace:configure.ac:6: -1- AC_SUBST([INSTALL_PROGRAM])
|
||||
m4trace:configure.ac:6: -1- AC_SUBST_TRACE([INSTALL_PROGRAM])
|
||||
m4trace:configure.ac:6: -1- m4_pattern_allow([^INSTALL_PROGRAM$])
|
||||
m4trace:configure.ac:6: -1- AC_SUBST([INSTALL_SCRIPT])
|
||||
m4trace:configure.ac:6: -1- AC_SUBST_TRACE([INSTALL_SCRIPT])
|
||||
m4trace:configure.ac:6: -1- m4_pattern_allow([^INSTALL_SCRIPT$])
|
||||
m4trace:configure.ac:6: -1- AC_SUBST([INSTALL_DATA])
|
||||
m4trace:configure.ac:6: -1- AC_SUBST_TRACE([INSTALL_DATA])
|
||||
m4trace:configure.ac:6: -1- m4_pattern_allow([^INSTALL_DATA$])
|
||||
m4trace:configure.ac:6: -1- AC_SUBST([am__isrc], [' -I$(srcdir)'])
|
||||
m4trace:configure.ac:6: -1- AC_SUBST_TRACE([am__isrc])
|
||||
m4trace:configure.ac:6: -1- m4_pattern_allow([^am__isrc$])
|
||||
m4trace:configure.ac:6: -1- _AM_SUBST_NOTMAKE([am__isrc])
|
||||
m4trace:configure.ac:6: -1- AC_SUBST([CYGPATH_W])
|
||||
m4trace:configure.ac:6: -1- AC_SUBST_TRACE([CYGPATH_W])
|
||||
m4trace:configure.ac:6: -1- m4_pattern_allow([^CYGPATH_W$])
|
||||
m4trace:configure.ac:6: -1- AC_SUBST([PACKAGE], ['AC_PACKAGE_TARNAME'])
|
||||
m4trace:configure.ac:6: -1- AC_SUBST_TRACE([PACKAGE])
|
||||
m4trace:configure.ac:6: -1- m4_pattern_allow([^PACKAGE$])
|
||||
m4trace:configure.ac:6: -1- AC_SUBST([VERSION], ['AC_PACKAGE_VERSION'])
|
||||
m4trace:configure.ac:6: -1- AC_SUBST_TRACE([VERSION])
|
||||
m4trace:configure.ac:6: -1- m4_pattern_allow([^VERSION$])
|
||||
m4trace:configure.ac:6: -1- AC_REQUIRE_AUX_FILE([missing])
|
||||
m4trace:configure.ac:6: -1- AC_SUBST([ACLOCAL])
|
||||
m4trace:configure.ac:6: -1- AC_SUBST_TRACE([ACLOCAL])
|
||||
m4trace:configure.ac:6: -1- m4_pattern_allow([^ACLOCAL$])
|
||||
m4trace:configure.ac:6: -1- AC_SUBST([AUTOCONF])
|
||||
m4trace:configure.ac:6: -1- AC_SUBST_TRACE([AUTOCONF])
|
||||
m4trace:configure.ac:6: -1- m4_pattern_allow([^AUTOCONF$])
|
||||
m4trace:configure.ac:6: -1- AC_SUBST([AUTOMAKE])
|
||||
m4trace:configure.ac:6: -1- AC_SUBST_TRACE([AUTOMAKE])
|
||||
m4trace:configure.ac:6: -1- m4_pattern_allow([^AUTOMAKE$])
|
||||
m4trace:configure.ac:6: -1- AC_SUBST([AUTOHEADER])
|
||||
m4trace:configure.ac:6: -1- AC_SUBST_TRACE([AUTOHEADER])
|
||||
m4trace:configure.ac:6: -1- m4_pattern_allow([^AUTOHEADER$])
|
||||
m4trace:configure.ac:6: -1- AC_SUBST([MAKEINFO])
|
||||
m4trace:configure.ac:6: -1- AC_SUBST_TRACE([MAKEINFO])
|
||||
m4trace:configure.ac:6: -1- m4_pattern_allow([^MAKEINFO$])
|
||||
m4trace:configure.ac:6: -1- AC_SUBST([install_sh])
|
||||
m4trace:configure.ac:6: -1- AC_SUBST_TRACE([install_sh])
|
||||
m4trace:configure.ac:6: -1- m4_pattern_allow([^install_sh$])
|
||||
m4trace:configure.ac:6: -1- AC_SUBST([STRIP])
|
||||
m4trace:configure.ac:6: -1- AC_SUBST_TRACE([STRIP])
|
||||
m4trace:configure.ac:6: -1- m4_pattern_allow([^STRIP$])
|
||||
m4trace:configure.ac:6: -1- AC_SUBST([INSTALL_STRIP_PROGRAM])
|
||||
m4trace:configure.ac:6: -1- AC_SUBST_TRACE([INSTALL_STRIP_PROGRAM])
|
||||
m4trace:configure.ac:6: -1- m4_pattern_allow([^INSTALL_STRIP_PROGRAM$])
|
||||
m4trace:configure.ac:6: -1- AC_REQUIRE_AUX_FILE([install-sh])
|
||||
m4trace:configure.ac:6: -1- AC_SUBST([MKDIR_P])
|
||||
m4trace:configure.ac:6: -1- AC_SUBST_TRACE([MKDIR_P])
|
||||
m4trace:configure.ac:6: -1- m4_pattern_allow([^MKDIR_P$])
|
||||
m4trace:configure.ac:6: -1- AC_SUBST([mkdir_p], ["$MKDIR_P"])
|
||||
m4trace:configure.ac:6: -1- AC_SUBST_TRACE([mkdir_p])
|
||||
m4trace:configure.ac:6: -1- m4_pattern_allow([^mkdir_p$])
|
||||
m4trace:configure.ac:6: -1- AC_SUBST([AWK])
|
||||
m4trace:configure.ac:6: -1- AC_SUBST_TRACE([AWK])
|
||||
m4trace:configure.ac:6: -1- m4_pattern_allow([^AWK$])
|
||||
m4trace:configure.ac:6: -1- AC_SUBST([SET_MAKE])
|
||||
m4trace:configure.ac:6: -1- AC_SUBST_TRACE([SET_MAKE])
|
||||
m4trace:configure.ac:6: -1- m4_pattern_allow([^SET_MAKE$])
|
||||
m4trace:configure.ac:6: -1- AC_SUBST([am__leading_dot])
|
||||
m4trace:configure.ac:6: -1- AC_SUBST_TRACE([am__leading_dot])
|
||||
m4trace:configure.ac:6: -1- m4_pattern_allow([^am__leading_dot$])
|
||||
m4trace:configure.ac:6: -1- AC_SUBST([AMTAR])
|
||||
m4trace:configure.ac:6: -1- AC_SUBST_TRACE([AMTAR])
|
||||
m4trace:configure.ac:6: -1- m4_pattern_allow([^AMTAR$])
|
||||
m4trace:configure.ac:6: -1- AC_SUBST([am__tar])
|
||||
m4trace:configure.ac:6: -1- AC_SUBST_TRACE([am__tar])
|
||||
m4trace:configure.ac:6: -1- m4_pattern_allow([^am__tar$])
|
||||
m4trace:configure.ac:6: -1- AC_SUBST([am__untar])
|
||||
m4trace:configure.ac:6: -1- AC_SUBST_TRACE([am__untar])
|
||||
m4trace:configure.ac:6: -1- m4_pattern_allow([^am__untar$])
|
||||
m4trace:configure.ac:8: -1- AC_CONFIG_HEADERS([config.h])
|
||||
m4trace:configure.ac:10: -1- LT_INIT
|
||||
m4trace:configure.ac:10: -1- m4_pattern_forbid([^_?LT_[A-Z_]+$])
|
||||
m4trace:configure.ac:10: -1- m4_pattern_allow([^(_LT_EOF|LT_DLGLOBAL|LT_DLLAZY_OR_NOW|LT_MULTI_MODULE)$])
|
||||
m4trace:configure.ac:10: -1- AC_REQUIRE_AUX_FILE([ltmain.sh])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST([LIBTOOL])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST_TRACE([LIBTOOL])
|
||||
m4trace:configure.ac:10: -1- m4_pattern_allow([^LIBTOOL$])
|
||||
m4trace:configure.ac:10: -1- AC_CANONICAL_HOST
|
||||
m4trace:configure.ac:10: -1- AC_CANONICAL_BUILD
|
||||
m4trace:configure.ac:10: -1- AC_REQUIRE_AUX_FILE([config.sub])
|
||||
m4trace:configure.ac:10: -1- AC_REQUIRE_AUX_FILE([config.guess])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST([build], [$ac_cv_build])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST_TRACE([build])
|
||||
m4trace:configure.ac:10: -1- m4_pattern_allow([^build$])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST([build_cpu], [$[1]])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST_TRACE([build_cpu])
|
||||
m4trace:configure.ac:10: -1- m4_pattern_allow([^build_cpu$])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST([build_vendor], [$[2]])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST_TRACE([build_vendor])
|
||||
m4trace:configure.ac:10: -1- m4_pattern_allow([^build_vendor$])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST([build_os])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST_TRACE([build_os])
|
||||
m4trace:configure.ac:10: -1- m4_pattern_allow([^build_os$])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST([host], [$ac_cv_host])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST_TRACE([host])
|
||||
m4trace:configure.ac:10: -1- m4_pattern_allow([^host$])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST([host_cpu], [$[1]])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST_TRACE([host_cpu])
|
||||
m4trace:configure.ac:10: -1- m4_pattern_allow([^host_cpu$])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST([host_vendor], [$[2]])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST_TRACE([host_vendor])
|
||||
m4trace:configure.ac:10: -1- m4_pattern_allow([^host_vendor$])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST([host_os])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST_TRACE([host_os])
|
||||
m4trace:configure.ac:10: -1- m4_pattern_allow([^host_os$])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST([CC])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST_TRACE([CC])
|
||||
m4trace:configure.ac:10: -1- m4_pattern_allow([^CC$])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST([CFLAGS])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST_TRACE([CFLAGS])
|
||||
m4trace:configure.ac:10: -1- m4_pattern_allow([^CFLAGS$])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST([LDFLAGS])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST_TRACE([LDFLAGS])
|
||||
m4trace:configure.ac:10: -1- m4_pattern_allow([^LDFLAGS$])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST([LIBS])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST_TRACE([LIBS])
|
||||
m4trace:configure.ac:10: -1- m4_pattern_allow([^LIBS$])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST([CPPFLAGS])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST_TRACE([CPPFLAGS])
|
||||
m4trace:configure.ac:10: -1- m4_pattern_allow([^CPPFLAGS$])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST([CC])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST_TRACE([CC])
|
||||
m4trace:configure.ac:10: -1- m4_pattern_allow([^CC$])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST([CC])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST_TRACE([CC])
|
||||
m4trace:configure.ac:10: -1- m4_pattern_allow([^CC$])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST([CC])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST_TRACE([CC])
|
||||
m4trace:configure.ac:10: -1- m4_pattern_allow([^CC$])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST([CC])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST_TRACE([CC])
|
||||
m4trace:configure.ac:10: -1- m4_pattern_allow([^CC$])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST([ac_ct_CC])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST_TRACE([ac_ct_CC])
|
||||
m4trace:configure.ac:10: -1- m4_pattern_allow([^ac_ct_CC$])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST([EXEEXT], [$ac_cv_exeext])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST_TRACE([EXEEXT])
|
||||
m4trace:configure.ac:10: -1- m4_pattern_allow([^EXEEXT$])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST([OBJEXT], [$ac_cv_objext])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST_TRACE([OBJEXT])
|
||||
m4trace:configure.ac:10: -1- m4_pattern_allow([^OBJEXT$])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST([DEPDIR], ["${am__leading_dot}deps"])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST_TRACE([DEPDIR])
|
||||
m4trace:configure.ac:10: -1- m4_pattern_allow([^DEPDIR$])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST([am__include])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST_TRACE([am__include])
|
||||
m4trace:configure.ac:10: -1- m4_pattern_allow([^am__include$])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST([am__quote])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST_TRACE([am__quote])
|
||||
m4trace:configure.ac:10: -1- m4_pattern_allow([^am__quote$])
|
||||
m4trace:configure.ac:10: -1- AM_CONDITIONAL([AMDEP], [test "x$enable_dependency_tracking" != xno])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST([AMDEP_TRUE])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST_TRACE([AMDEP_TRUE])
|
||||
m4trace:configure.ac:10: -1- m4_pattern_allow([^AMDEP_TRUE$])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST([AMDEP_FALSE])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST_TRACE([AMDEP_FALSE])
|
||||
m4trace:configure.ac:10: -1- m4_pattern_allow([^AMDEP_FALSE$])
|
||||
m4trace:configure.ac:10: -1- _AM_SUBST_NOTMAKE([AMDEP_TRUE])
|
||||
m4trace:configure.ac:10: -1- _AM_SUBST_NOTMAKE([AMDEP_FALSE])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST([AMDEPBACKSLASH])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST_TRACE([AMDEPBACKSLASH])
|
||||
m4trace:configure.ac:10: -1- m4_pattern_allow([^AMDEPBACKSLASH$])
|
||||
m4trace:configure.ac:10: -1- _AM_SUBST_NOTMAKE([AMDEPBACKSLASH])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST([CCDEPMODE], [depmode=$am_cv_CC_dependencies_compiler_type])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST_TRACE([CCDEPMODE])
|
||||
m4trace:configure.ac:10: -1- m4_pattern_allow([^CCDEPMODE$])
|
||||
m4trace:configure.ac:10: -1- AM_CONDITIONAL([am__fastdepCC], [
|
||||
test "x$enable_dependency_tracking" != xno \
|
||||
&& test "$am_cv_CC_dependencies_compiler_type" = gcc3])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST([am__fastdepCC_TRUE])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST_TRACE([am__fastdepCC_TRUE])
|
||||
m4trace:configure.ac:10: -1- m4_pattern_allow([^am__fastdepCC_TRUE$])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST([am__fastdepCC_FALSE])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST_TRACE([am__fastdepCC_FALSE])
|
||||
m4trace:configure.ac:10: -1- m4_pattern_allow([^am__fastdepCC_FALSE$])
|
||||
m4trace:configure.ac:10: -1- _AM_SUBST_NOTMAKE([am__fastdepCC_TRUE])
|
||||
m4trace:configure.ac:10: -1- _AM_SUBST_NOTMAKE([am__fastdepCC_FALSE])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST([SED])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST_TRACE([SED])
|
||||
m4trace:configure.ac:10: -1- m4_pattern_allow([^SED$])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST([GREP])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST_TRACE([GREP])
|
||||
m4trace:configure.ac:10: -1- m4_pattern_allow([^GREP$])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST([EGREP])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST_TRACE([EGREP])
|
||||
m4trace:configure.ac:10: -1- m4_pattern_allow([^EGREP$])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST([FGREP])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST_TRACE([FGREP])
|
||||
m4trace:configure.ac:10: -1- m4_pattern_allow([^FGREP$])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST([GREP])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST_TRACE([GREP])
|
||||
m4trace:configure.ac:10: -1- m4_pattern_allow([^GREP$])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST([LD])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST_TRACE([LD])
|
||||
m4trace:configure.ac:10: -1- m4_pattern_allow([^LD$])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST([DUMPBIN])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST_TRACE([DUMPBIN])
|
||||
m4trace:configure.ac:10: -1- m4_pattern_allow([^DUMPBIN$])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST([ac_ct_DUMPBIN])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST_TRACE([ac_ct_DUMPBIN])
|
||||
m4trace:configure.ac:10: -1- m4_pattern_allow([^ac_ct_DUMPBIN$])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST([DUMPBIN])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST_TRACE([DUMPBIN])
|
||||
m4trace:configure.ac:10: -1- m4_pattern_allow([^DUMPBIN$])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST([NM])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST_TRACE([NM])
|
||||
m4trace:configure.ac:10: -1- m4_pattern_allow([^NM$])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST([LN_S], [$as_ln_s])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST_TRACE([LN_S])
|
||||
m4trace:configure.ac:10: -1- m4_pattern_allow([^LN_S$])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST([OBJDUMP])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST_TRACE([OBJDUMP])
|
||||
m4trace:configure.ac:10: -1- m4_pattern_allow([^OBJDUMP$])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST([OBJDUMP])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST_TRACE([OBJDUMP])
|
||||
m4trace:configure.ac:10: -1- m4_pattern_allow([^OBJDUMP$])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST([AR])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST_TRACE([AR])
|
||||
m4trace:configure.ac:10: -1- m4_pattern_allow([^AR$])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST([STRIP])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST_TRACE([STRIP])
|
||||
m4trace:configure.ac:10: -1- m4_pattern_allow([^STRIP$])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST([RANLIB])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST_TRACE([RANLIB])
|
||||
m4trace:configure.ac:10: -1- m4_pattern_allow([^RANLIB$])
|
||||
m4trace:configure.ac:10: -1- m4_pattern_allow([LT_OBJDIR])
|
||||
m4trace:configure.ac:10: -1- AC_DEFINE_TRACE_LITERAL([LT_OBJDIR])
|
||||
m4trace:configure.ac:10: -1- m4_pattern_allow([^LT_OBJDIR$])
|
||||
m4trace:configure.ac:10: -1- AH_OUTPUT([LT_OBJDIR], [/* Define to the sub-directory in which libtool stores uninstalled libraries.
|
||||
*/
|
||||
@%:@undef LT_OBJDIR])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST([lt_ECHO])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST_TRACE([lt_ECHO])
|
||||
m4trace:configure.ac:10: -1- m4_pattern_allow([^lt_ECHO$])
|
||||
m4trace:configure.ac:10: -1- LT_SUPPORTED_TAG([CC])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST([DSYMUTIL])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST_TRACE([DSYMUTIL])
|
||||
m4trace:configure.ac:10: -1- m4_pattern_allow([^DSYMUTIL$])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST([NMEDIT])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST_TRACE([NMEDIT])
|
||||
m4trace:configure.ac:10: -1- m4_pattern_allow([^NMEDIT$])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST([LIPO])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST_TRACE([LIPO])
|
||||
m4trace:configure.ac:10: -1- m4_pattern_allow([^LIPO$])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST([OTOOL])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST_TRACE([OTOOL])
|
||||
m4trace:configure.ac:10: -1- m4_pattern_allow([^OTOOL$])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST([OTOOL64])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST_TRACE([OTOOL64])
|
||||
m4trace:configure.ac:10: -1- m4_pattern_allow([^OTOOL64$])
|
||||
m4trace:configure.ac:10: -1- AH_OUTPUT([HAVE_DLFCN_H], [/* Define to 1 if you have the <dlfcn.h> header file. */
|
||||
@%:@undef HAVE_DLFCN_H])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST([CPP])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST_TRACE([CPP])
|
||||
m4trace:configure.ac:10: -1- m4_pattern_allow([^CPP$])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST([CPPFLAGS])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST_TRACE([CPPFLAGS])
|
||||
m4trace:configure.ac:10: -1- m4_pattern_allow([^CPPFLAGS$])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST([CPP])
|
||||
m4trace:configure.ac:10: -1- AC_SUBST_TRACE([CPP])
|
||||
m4trace:configure.ac:10: -1- m4_pattern_allow([^CPP$])
|
||||
m4trace:configure.ac:10: -1- AC_DEFINE_TRACE_LITERAL([STDC_HEADERS])
|
||||
m4trace:configure.ac:10: -1- m4_pattern_allow([^STDC_HEADERS$])
|
||||
m4trace:configure.ac:10: -1- AH_OUTPUT([STDC_HEADERS], [/* Define to 1 if you have the ANSI C header files. */
|
||||
@%:@undef STDC_HEADERS])
|
||||
m4trace:configure.ac:10: -1- AH_OUTPUT([HAVE_SYS_TYPES_H], [/* Define to 1 if you have the <sys/types.h> header file. */
|
||||
@%:@undef HAVE_SYS_TYPES_H])
|
||||
m4trace:configure.ac:10: -1- AH_OUTPUT([HAVE_SYS_STAT_H], [/* Define to 1 if you have the <sys/stat.h> header file. */
|
||||
@%:@undef HAVE_SYS_STAT_H])
|
||||
m4trace:configure.ac:10: -1- AH_OUTPUT([HAVE_STDLIB_H], [/* Define to 1 if you have the <stdlib.h> header file. */
|
||||
@%:@undef HAVE_STDLIB_H])
|
||||
m4trace:configure.ac:10: -1- AH_OUTPUT([HAVE_STRING_H], [/* Define to 1 if you have the <string.h> header file. */
|
||||
@%:@undef HAVE_STRING_H])
|
||||
m4trace:configure.ac:10: -1- AH_OUTPUT([HAVE_MEMORY_H], [/* Define to 1 if you have the <memory.h> header file. */
|
||||
@%:@undef HAVE_MEMORY_H])
|
||||
m4trace:configure.ac:10: -1- AH_OUTPUT([HAVE_STRINGS_H], [/* Define to 1 if you have the <strings.h> header file. */
|
||||
@%:@undef HAVE_STRINGS_H])
|
||||
m4trace:configure.ac:10: -1- AH_OUTPUT([HAVE_INTTYPES_H], [/* Define to 1 if you have the <inttypes.h> header file. */
|
||||
@%:@undef HAVE_INTTYPES_H])
|
||||
m4trace:configure.ac:10: -1- AH_OUTPUT([HAVE_STDINT_H], [/* Define to 1 if you have the <stdint.h> header file. */
|
||||
@%:@undef HAVE_STDINT_H])
|
||||
m4trace:configure.ac:10: -1- AH_OUTPUT([HAVE_UNISTD_H], [/* Define to 1 if you have the <unistd.h> header file. */
|
||||
@%:@undef HAVE_UNISTD_H])
|
||||
m4trace:configure.ac:10: -1- AC_DEFINE_TRACE_LITERAL([HAVE_DLFCN_H])
|
||||
m4trace:configure.ac:10: -1- m4_pattern_allow([^HAVE_DLFCN_H$])
|
||||
m4trace:configure.ac:13: -1- AC_SUBST([CC])
|
||||
m4trace:configure.ac:13: -1- AC_SUBST_TRACE([CC])
|
||||
m4trace:configure.ac:13: -1- m4_pattern_allow([^CC$])
|
||||
m4trace:configure.ac:13: -1- AC_SUBST([CFLAGS])
|
||||
m4trace:configure.ac:13: -1- AC_SUBST_TRACE([CFLAGS])
|
||||
m4trace:configure.ac:13: -1- m4_pattern_allow([^CFLAGS$])
|
||||
m4trace:configure.ac:13: -1- AC_SUBST([LDFLAGS])
|
||||
m4trace:configure.ac:13: -1- AC_SUBST_TRACE([LDFLAGS])
|
||||
m4trace:configure.ac:13: -1- m4_pattern_allow([^LDFLAGS$])
|
||||
m4trace:configure.ac:13: -1- AC_SUBST([LIBS])
|
||||
m4trace:configure.ac:13: -1- AC_SUBST_TRACE([LIBS])
|
||||
m4trace:configure.ac:13: -1- m4_pattern_allow([^LIBS$])
|
||||
m4trace:configure.ac:13: -1- AC_SUBST([CPPFLAGS])
|
||||
m4trace:configure.ac:13: -1- AC_SUBST_TRACE([CPPFLAGS])
|
||||
m4trace:configure.ac:13: -1- m4_pattern_allow([^CPPFLAGS$])
|
||||
m4trace:configure.ac:13: -1- AC_SUBST([CC])
|
||||
m4trace:configure.ac:13: -1- AC_SUBST_TRACE([CC])
|
||||
m4trace:configure.ac:13: -1- m4_pattern_allow([^CC$])
|
||||
m4trace:configure.ac:13: -1- AC_SUBST([CC])
|
||||
m4trace:configure.ac:13: -1- AC_SUBST_TRACE([CC])
|
||||
m4trace:configure.ac:13: -1- m4_pattern_allow([^CC$])
|
||||
m4trace:configure.ac:13: -1- AC_SUBST([CC])
|
||||
m4trace:configure.ac:13: -1- AC_SUBST_TRACE([CC])
|
||||
m4trace:configure.ac:13: -1- m4_pattern_allow([^CC$])
|
||||
m4trace:configure.ac:13: -1- AC_SUBST([CC])
|
||||
m4trace:configure.ac:13: -1- AC_SUBST_TRACE([CC])
|
||||
m4trace:configure.ac:13: -1- m4_pattern_allow([^CC$])
|
||||
m4trace:configure.ac:13: -1- AC_SUBST([ac_ct_CC])
|
||||
m4trace:configure.ac:13: -1- AC_SUBST_TRACE([ac_ct_CC])
|
||||
m4trace:configure.ac:13: -1- m4_pattern_allow([^ac_ct_CC$])
|
||||
m4trace:configure.ac:13: -1- AC_SUBST([CCDEPMODE], [depmode=$am_cv_CC_dependencies_compiler_type])
|
||||
m4trace:configure.ac:13: -1- AC_SUBST_TRACE([CCDEPMODE])
|
||||
m4trace:configure.ac:13: -1- m4_pattern_allow([^CCDEPMODE$])
|
||||
m4trace:configure.ac:13: -1- AM_CONDITIONAL([am__fastdepCC], [
|
||||
test "x$enable_dependency_tracking" != xno \
|
||||
&& test "$am_cv_CC_dependencies_compiler_type" = gcc3])
|
||||
m4trace:configure.ac:13: -1- AC_SUBST([am__fastdepCC_TRUE])
|
||||
m4trace:configure.ac:13: -1- AC_SUBST_TRACE([am__fastdepCC_TRUE])
|
||||
m4trace:configure.ac:13: -1- m4_pattern_allow([^am__fastdepCC_TRUE$])
|
||||
m4trace:configure.ac:13: -1- AC_SUBST([am__fastdepCC_FALSE])
|
||||
m4trace:configure.ac:13: -1- AC_SUBST_TRACE([am__fastdepCC_FALSE])
|
||||
m4trace:configure.ac:13: -1- m4_pattern_allow([^am__fastdepCC_FALSE$])
|
||||
m4trace:configure.ac:13: -1- _AM_SUBST_NOTMAKE([am__fastdepCC_TRUE])
|
||||
m4trace:configure.ac:13: -1- _AM_SUBST_NOTMAKE([am__fastdepCC_FALSE])
|
||||
m4trace:configure.ac:14: -1- AC_SUBST([LN_S], [$as_ln_s])
|
||||
m4trace:configure.ac:14: -1- AC_SUBST_TRACE([LN_S])
|
||||
m4trace:configure.ac:14: -1- m4_pattern_allow([^LN_S$])
|
||||
m4trace:configure.ac:15: -1- AC_SUBST([SET_MAKE])
|
||||
m4trace:configure.ac:15: -1- AC_SUBST_TRACE([SET_MAKE])
|
||||
m4trace:configure.ac:15: -1- m4_pattern_allow([^SET_MAKE$])
|
||||
m4trace:configure.ac:18: -1- AH_OUTPUT([HAVE_LIBMYSQLCLIENT], [/* Define to 1 if you have the `mysqlclient\' library (-lmysqlclient). */
|
||||
@%:@undef HAVE_LIBMYSQLCLIENT])
|
||||
m4trace:configure.ac:18: -1- AC_DEFINE_TRACE_LITERAL([HAVE_LIBMYSQLCLIENT])
|
||||
m4trace:configure.ac:18: -1- m4_pattern_allow([^HAVE_LIBMYSQLCLIENT$])
|
||||
m4trace:configure.ac:19: -1- AH_OUTPUT([HAVE_LIBPTHREAD], [/* Define to 1 if you have the `pthread\' library (-lpthread). */
|
||||
@%:@undef HAVE_LIBPTHREAD])
|
||||
m4trace:configure.ac:19: -1- AC_DEFINE_TRACE_LITERAL([HAVE_LIBPTHREAD])
|
||||
m4trace:configure.ac:19: -1- m4_pattern_allow([^HAVE_LIBPTHREAD$])
|
||||
m4trace:configure.ac:22: -1- AC_DEFINE_TRACE_LITERAL([HAVE_ALLOCA_H])
|
||||
m4trace:configure.ac:22: -1- m4_pattern_allow([^HAVE_ALLOCA_H$])
|
||||
m4trace:configure.ac:22: -1- AH_OUTPUT([HAVE_ALLOCA_H], [/* Define to 1 if you have <alloca.h> and it should be used (not on Ultrix).
|
||||
*/
|
||||
@%:@undef HAVE_ALLOCA_H])
|
||||
m4trace:configure.ac:22: -1- AC_DEFINE_TRACE_LITERAL([HAVE_ALLOCA])
|
||||
m4trace:configure.ac:22: -1- m4_pattern_allow([^HAVE_ALLOCA$])
|
||||
m4trace:configure.ac:22: -1- AH_OUTPUT([HAVE_ALLOCA], [/* Define to 1 if you have `alloca\', as a function or macro. */
|
||||
@%:@undef HAVE_ALLOCA])
|
||||
m4trace:configure.ac:22: -1- AC_LIBSOURCE([alloca.c])
|
||||
m4trace:configure.ac:22: -1- AC_SUBST([ALLOCA], [\${LIBOBJDIR}alloca.$ac_objext])
|
||||
m4trace:configure.ac:22: -1- AC_SUBST_TRACE([ALLOCA])
|
||||
m4trace:configure.ac:22: -1- m4_pattern_allow([^ALLOCA$])
|
||||
m4trace:configure.ac:22: -1- AC_DEFINE_TRACE_LITERAL([C_ALLOCA])
|
||||
m4trace:configure.ac:22: -1- m4_pattern_allow([^C_ALLOCA$])
|
||||
m4trace:configure.ac:22: -1- AH_OUTPUT([C_ALLOCA], [/* Define to 1 if using `alloca.c\'. */
|
||||
@%:@undef C_ALLOCA])
|
||||
m4trace:configure.ac:22: -1- AC_DEFINE_TRACE_LITERAL([CRAY_STACKSEG_END])
|
||||
m4trace:configure.ac:22: -1- m4_pattern_allow([^CRAY_STACKSEG_END$])
|
||||
m4trace:configure.ac:22: -1- AH_OUTPUT([CRAY_STACKSEG_END], [/* Define to one of `_getb67\', `GETB67\', `getb67\' for Cray-2 and Cray-YMP
|
||||
systems. This function is required for `alloca.c\' support on those systems.
|
||||
*/
|
||||
@%:@undef CRAY_STACKSEG_END])
|
||||
m4trace:configure.ac:22: -1- AH_OUTPUT([STACK_DIRECTION], [/* If using the C implementation of alloca, define if you know the
|
||||
direction of stack growth for your system; otherwise it will be
|
||||
automatically deduced at runtime.
|
||||
STACK_DIRECTION > 0 => grows toward higher addresses
|
||||
STACK_DIRECTION < 0 => grows toward lower addresses
|
||||
STACK_DIRECTION = 0 => direction of growth unknown */
|
||||
@%:@undef STACK_DIRECTION])
|
||||
m4trace:configure.ac:22: -1- AC_DEFINE_TRACE_LITERAL([STACK_DIRECTION])
|
||||
m4trace:configure.ac:22: -1- m4_pattern_allow([^STACK_DIRECTION$])
|
||||
m4trace:configure.ac:23: -1- AH_OUTPUT([HAVE_INTTYPES_H], [/* Define to 1 if you have the <inttypes.h> header file. */
|
||||
@%:@undef HAVE_INTTYPES_H])
|
||||
m4trace:configure.ac:23: -1- AH_OUTPUT([HAVE_LIMITS_H], [/* Define to 1 if you have the <limits.h> header file. */
|
||||
@%:@undef HAVE_LIMITS_H])
|
||||
m4trace:configure.ac:23: -1- AH_OUTPUT([HAVE_STDDEF_H], [/* Define to 1 if you have the <stddef.h> header file. */
|
||||
@%:@undef HAVE_STDDEF_H])
|
||||
m4trace:configure.ac:23: -1- AH_OUTPUT([HAVE_STDLIB_H], [/* Define to 1 if you have the <stdlib.h> header file. */
|
||||
@%:@undef HAVE_STDLIB_H])
|
||||
m4trace:configure.ac:23: -1- AH_OUTPUT([HAVE_STRING_H], [/* Define to 1 if you have the <string.h> header file. */
|
||||
@%:@undef HAVE_STRING_H])
|
||||
m4trace:configure.ac:23: -1- AH_OUTPUT([HAVE_UNISTD_H], [/* Define to 1 if you have the <unistd.h> header file. */
|
||||
@%:@undef HAVE_UNISTD_H])
|
||||
m4trace:configure.ac:26: -1- AC_DEFINE_TRACE_LITERAL([HAVE__BOOL])
|
||||
m4trace:configure.ac:26: -1- m4_pattern_allow([^HAVE__BOOL$])
|
||||
m4trace:configure.ac:26: -1- AH_OUTPUT([HAVE__BOOL], [/* Define to 1 if the system has the type `_Bool\'. */
|
||||
@%:@undef HAVE__BOOL])
|
||||
m4trace:configure.ac:26: -1- AC_DEFINE_TRACE_LITERAL([HAVE_STDBOOL_H])
|
||||
m4trace:configure.ac:26: -1- m4_pattern_allow([^HAVE_STDBOOL_H$])
|
||||
m4trace:configure.ac:26: -1- AH_OUTPUT([HAVE_STDBOOL_H], [/* Define to 1 if stdbool.h conforms to C99. */
|
||||
@%:@undef HAVE_STDBOOL_H])
|
||||
m4trace:configure.ac:27: -1- AC_DEFINE_TRACE_LITERAL([size_t])
|
||||
m4trace:configure.ac:27: -1- m4_pattern_allow([^size_t$])
|
||||
m4trace:configure.ac:27: -1- AH_OUTPUT([size_t], [/* Define to `unsigned int\' if <sys/types.h> does not define. */
|
||||
@%:@undef size_t])
|
||||
m4trace:configure.ac:28: -1- AC_DEFINE_TRACE_LITERAL([uint16_t])
|
||||
m4trace:configure.ac:28: -1- m4_pattern_allow([^uint16_t$])
|
||||
m4trace:configure.ac:28: -1- AH_OUTPUT([uint16_t], [/* Define to the type of an unsigned integer type of width exactly 16 bits if
|
||||
such a type exists and the standard includes do not define it. */
|
||||
@%:@undef uint16_t])
|
||||
m4trace:configure.ac:29: -1- AC_DEFINE_TRACE_LITERAL([_UINT32_T])
|
||||
m4trace:configure.ac:29: -1- m4_pattern_allow([^_UINT32_T$])
|
||||
m4trace:configure.ac:29: -1- AH_OUTPUT([_UINT32_T], [/* Define for Solaris 2.5.1 so the uint32_t typedef from <sys/synch.h>,
|
||||
<pthread.h>, or <semaphore.h> is not used. If the typedef were allowed, the
|
||||
@%:@define below would cause a syntax error. */
|
||||
@%:@undef _UINT32_T])
|
||||
m4trace:configure.ac:29: -1- AC_DEFINE_TRACE_LITERAL([uint32_t])
|
||||
m4trace:configure.ac:29: -1- m4_pattern_allow([^uint32_t$])
|
||||
m4trace:configure.ac:29: -1- AH_OUTPUT([uint32_t], [/* Define to the type of an unsigned integer type of width exactly 32 bits if
|
||||
such a type exists and the standard includes do not define it. */
|
||||
@%:@undef uint32_t])
|
||||
m4trace:configure.ac:30: -1- AC_DEFINE_TRACE_LITERAL([_UINT8_T])
|
||||
m4trace:configure.ac:30: -1- m4_pattern_allow([^_UINT8_T$])
|
||||
m4trace:configure.ac:30: -1- AH_OUTPUT([_UINT8_T], [/* Define for Solaris 2.5.1 so the uint8_t typedef from <sys/synch.h>,
|
||||
<pthread.h>, or <semaphore.h> is not used. If the typedef were allowed, the
|
||||
@%:@define below would cause a syntax error. */
|
||||
@%:@undef _UINT8_T])
|
||||
m4trace:configure.ac:30: -1- AC_DEFINE_TRACE_LITERAL([uint8_t])
|
||||
m4trace:configure.ac:30: -1- m4_pattern_allow([^uint8_t$])
|
||||
m4trace:configure.ac:30: -1- AH_OUTPUT([uint8_t], [/* Define to the type of an unsigned integer type of width exactly 8 bits if
|
||||
such a type exists and the standard includes do not define it. */
|
||||
@%:@undef uint8_t])
|
||||
m4trace:configure.ac:31: -1- AC_DEFINE_TRACE_LITERAL([HAVE_PTRDIFF_T])
|
||||
m4trace:configure.ac:31: -1- m4_pattern_allow([^HAVE_PTRDIFF_T$])
|
||||
m4trace:configure.ac:31: -1- AH_OUTPUT([HAVE_PTRDIFF_T], [/* Define to 1 if the system has the type `ptrdiff_t\'. */
|
||||
@%:@undef HAVE_PTRDIFF_T])
|
||||
m4trace:configure.ac:34: -1- AH_OUTPUT([HAVE_STDLIB_H], [/* Define to 1 if you have the <stdlib.h> header file. */
|
||||
@%:@undef HAVE_STDLIB_H])
|
||||
m4trace:configure.ac:34: -1- AC_DEFINE_TRACE_LITERAL([HAVE_STDLIB_H])
|
||||
m4trace:configure.ac:34: -1- m4_pattern_allow([^HAVE_STDLIB_H$])
|
||||
m4trace:configure.ac:34: -1- AC_DEFINE_TRACE_LITERAL([HAVE_MALLOC])
|
||||
m4trace:configure.ac:34: -1- m4_pattern_allow([^HAVE_MALLOC$])
|
||||
m4trace:configure.ac:34: -1- AH_OUTPUT([HAVE_MALLOC], [/* Define to 1 if your system has a GNU libc compatible `malloc\' function, and
|
||||
to 0 otherwise. */
|
||||
@%:@undef HAVE_MALLOC])
|
||||
m4trace:configure.ac:34: -1- AC_DEFINE_TRACE_LITERAL([HAVE_MALLOC])
|
||||
m4trace:configure.ac:34: -1- m4_pattern_allow([^HAVE_MALLOC$])
|
||||
m4trace:configure.ac:34: -1- AC_LIBSOURCE([malloc.c])
|
||||
m4trace:configure.ac:34: -1- AC_SUBST([LIB@&t@OBJS], ["$LIB@&t@OBJS malloc.$ac_objext"])
|
||||
m4trace:configure.ac:34: -1- AC_SUBST_TRACE([LIB@&t@OBJS])
|
||||
m4trace:configure.ac:34: -1- m4_pattern_allow([^LIB@&t@OBJS$])
|
||||
m4trace:configure.ac:34: -1- AC_DEFINE_TRACE_LITERAL([malloc])
|
||||
m4trace:configure.ac:34: -1- m4_pattern_allow([^malloc$])
|
||||
m4trace:configure.ac:34: -1- AH_OUTPUT([malloc], [/* Define to rpl_malloc if the replacement function should be used. */
|
||||
@%:@undef malloc])
|
||||
m4trace:configure.ac:35: -1- AC_DEFINE_TRACE_LITERAL([TIME_WITH_SYS_TIME])
|
||||
m4trace:configure.ac:35: -1- m4_pattern_allow([^TIME_WITH_SYS_TIME$])
|
||||
m4trace:configure.ac:35: -1- AH_OUTPUT([TIME_WITH_SYS_TIME], [/* Define to 1 if you can safely include both <sys/time.h> and <time.h>. */
|
||||
@%:@undef TIME_WITH_SYS_TIME])
|
||||
m4trace:configure.ac:35: -1- AH_OUTPUT([HAVE_SYS_TIME_H], [/* Define to 1 if you have the <sys/time.h> header file. */
|
||||
@%:@undef HAVE_SYS_TIME_H])
|
||||
m4trace:configure.ac:35: -1- AH_OUTPUT([HAVE_UNISTD_H], [/* Define to 1 if you have the <unistd.h> header file. */
|
||||
@%:@undef HAVE_UNISTD_H])
|
||||
m4trace:configure.ac:35: -1- AH_OUTPUT([HAVE_ALARM], [/* Define to 1 if you have the `alarm\' function. */
|
||||
@%:@undef HAVE_ALARM])
|
||||
m4trace:configure.ac:35: -1- AC_LIBSOURCE([mktime.c])
|
||||
m4trace:configure.ac:35: -1- AC_SUBST([LIB@&t@OBJS], ["$LIB@&t@OBJS mktime.$ac_objext"])
|
||||
m4trace:configure.ac:35: -1- AC_SUBST_TRACE([LIB@&t@OBJS])
|
||||
m4trace:configure.ac:35: -1- m4_pattern_allow([^LIB@&t@OBJS$])
|
||||
m4trace:configure.ac:36: -1- AH_OUTPUT([HAVE_STDLIB_H], [/* Define to 1 if you have the <stdlib.h> header file. */
|
||||
@%:@undef HAVE_STDLIB_H])
|
||||
m4trace:configure.ac:36: -1- AC_DEFINE_TRACE_LITERAL([HAVE_STDLIB_H])
|
||||
m4trace:configure.ac:36: -1- m4_pattern_allow([^HAVE_STDLIB_H$])
|
||||
m4trace:configure.ac:36: -1- AC_DEFINE_TRACE_LITERAL([HAVE_REALLOC])
|
||||
m4trace:configure.ac:36: -1- m4_pattern_allow([^HAVE_REALLOC$])
|
||||
m4trace:configure.ac:36: -1- AH_OUTPUT([HAVE_REALLOC], [/* Define to 1 if your system has a GNU libc compatible `realloc\' function,
|
||||
and to 0 otherwise. */
|
||||
@%:@undef HAVE_REALLOC])
|
||||
m4trace:configure.ac:36: -1- AC_DEFINE_TRACE_LITERAL([HAVE_REALLOC])
|
||||
m4trace:configure.ac:36: -1- m4_pattern_allow([^HAVE_REALLOC$])
|
||||
m4trace:configure.ac:36: -1- AC_LIBSOURCE([realloc.c])
|
||||
m4trace:configure.ac:36: -1- AC_SUBST([LIB@&t@OBJS], ["$LIB@&t@OBJS realloc.$ac_objext"])
|
||||
m4trace:configure.ac:36: -1- AC_SUBST_TRACE([LIB@&t@OBJS])
|
||||
m4trace:configure.ac:36: -1- m4_pattern_allow([^LIB@&t@OBJS$])
|
||||
m4trace:configure.ac:36: -1- AC_DEFINE_TRACE_LITERAL([realloc])
|
||||
m4trace:configure.ac:36: -1- m4_pattern_allow([^realloc$])
|
||||
m4trace:configure.ac:36: -1- AH_OUTPUT([realloc], [/* Define to rpl_realloc if the replacement function should be used. */
|
||||
@%:@undef realloc])
|
||||
m4trace:configure.ac:37: -1- AH_OUTPUT([HAVE_MEMMOVE], [/* Define to 1 if you have the `memmove\' function. */
|
||||
@%:@undef HAVE_MEMMOVE])
|
||||
m4trace:configure.ac:37: -1- AH_OUTPUT([HAVE_MEMSET], [/* Define to 1 if you have the `memset\' function. */
|
||||
@%:@undef HAVE_MEMSET])
|
||||
m4trace:configure.ac:37: -1- AH_OUTPUT([HAVE_REGCOMP], [/* Define to 1 if you have the `regcomp\' function. */
|
||||
@%:@undef HAVE_REGCOMP])
|
||||
m4trace:configure.ac:37: -1- AH_OUTPUT([HAVE_STRCASECMP], [/* Define to 1 if you have the `strcasecmp\' function. */
|
||||
@%:@undef HAVE_STRCASECMP])
|
||||
m4trace:configure.ac:37: -1- AH_OUTPUT([HAVE_STRDUP], [/* Define to 1 if you have the `strdup\' function. */
|
||||
@%:@undef HAVE_STRDUP])
|
||||
m4trace:configure.ac:37: -1- AH_OUTPUT([HAVE_STRSTR], [/* Define to 1 if you have the `strstr\' function. */
|
||||
@%:@undef HAVE_STRSTR])
|
||||
m4trace:configure.ac:37: -1- AH_OUTPUT([HAVE_STRTOL], [/* Define to 1 if you have the `strtol\' function. */
|
||||
@%:@undef HAVE_STRTOL])
|
||||
m4trace:configure.ac:37: -1- AH_OUTPUT([HAVE_STRTOUL], [/* Define to 1 if you have the `strtoul\' function. */
|
||||
@%:@undef HAVE_STRTOUL])
|
||||
m4trace:configure.ac:39: -1- AC_CONFIG_FILES([Makefile])
|
||||
m4trace:configure.ac:40: -1- AC_SUBST([LIB@&t@OBJS], [$ac_libobjs])
|
||||
m4trace:configure.ac:40: -1- AC_SUBST_TRACE([LIB@&t@OBJS])
|
||||
m4trace:configure.ac:40: -1- m4_pattern_allow([^LIB@&t@OBJS$])
|
||||
m4trace:configure.ac:40: -1- AC_SUBST([LTLIBOBJS], [$ac_ltlibobjs])
|
||||
m4trace:configure.ac:40: -1- AC_SUBST_TRACE([LTLIBOBJS])
|
||||
m4trace:configure.ac:40: -1- m4_pattern_allow([^LTLIBOBJS$])
|
||||
m4trace:configure.ac:40: -1- AM_CONDITIONAL([am__EXEEXT], [test -n "$EXEEXT"])
|
||||
m4trace:configure.ac:40: -1- AC_SUBST([am__EXEEXT_TRUE])
|
||||
m4trace:configure.ac:40: -1- AC_SUBST_TRACE([am__EXEEXT_TRUE])
|
||||
m4trace:configure.ac:40: -1- m4_pattern_allow([^am__EXEEXT_TRUE$])
|
||||
m4trace:configure.ac:40: -1- AC_SUBST([am__EXEEXT_FALSE])
|
||||
m4trace:configure.ac:40: -1- AC_SUBST_TRACE([am__EXEEXT_FALSE])
|
||||
m4trace:configure.ac:40: -1- m4_pattern_allow([^am__EXEEXT_FALSE$])
|
||||
m4trace:configure.ac:40: -1- _AM_SUBST_NOTMAKE([am__EXEEXT_TRUE])
|
||||
m4trace:configure.ac:40: -1- _AM_SUBST_NOTMAKE([am__EXEEXT_FALSE])
|
||||
m4trace:configure.ac:40: -1- AC_SUBST_TRACE([top_builddir])
|
||||
m4trace:configure.ac:40: -1- AC_SUBST_TRACE([top_build_prefix])
|
||||
m4trace:configure.ac:40: -1- AC_SUBST_TRACE([srcdir])
|
||||
m4trace:configure.ac:40: -1- AC_SUBST_TRACE([abs_srcdir])
|
||||
m4trace:configure.ac:40: -1- AC_SUBST_TRACE([top_srcdir])
|
||||
m4trace:configure.ac:40: -1- AC_SUBST_TRACE([abs_top_srcdir])
|
||||
m4trace:configure.ac:40: -1- AC_SUBST_TRACE([builddir])
|
||||
m4trace:configure.ac:40: -1- AC_SUBST_TRACE([abs_builddir])
|
||||
m4trace:configure.ac:40: -1- AC_SUBST_TRACE([abs_top_builddir])
|
||||
m4trace:configure.ac:40: -1- AC_SUBST_TRACE([INSTALL])
|
||||
m4trace:configure.ac:40: -1- AC_SUBST_TRACE([MKDIR_P])
|
||||
m4trace:configure.ac:40: -1- AC_REQUIRE_AUX_FILE([ltmain.sh])
|
File diff suppressed because it is too large
Load Diff
|
@ -0,0 +1,321 @@
|
|||
/* config.h. Generated from config.h.in by configure. */
|
||||
/* config.h.in. Generated from configure.in by autoheader. */
|
||||
|
||||
/* Define if building universal (internal helper macro) */
|
||||
/* #undef AC_APPLE_UNIVERSAL_BUILD */
|
||||
|
||||
/* Define if AIX */
|
||||
/* #undef AIX */
|
||||
|
||||
/* Define if broken SIOCGIFMTU */
|
||||
/* #undef BROKEN_SIOCGIFMTU */
|
||||
|
||||
/* Define if BSDi */
|
||||
/* #undef BSDI */
|
||||
|
||||
/* Don't close opened shared objects for valgrind leak testing of dynamic
|
||||
libraries */
|
||||
/* #undef DISABLE_DLCLOSE_FOR_VALGRIND_TESTING */
|
||||
|
||||
/* Define if errlist is predefined */
|
||||
#define ERRLIST_PREDEFINED 1
|
||||
|
||||
/* Define if FreeBSD */
|
||||
/* #undef FREEBSD */
|
||||
|
||||
/* Define to 1 if the system has the type `boolean'. */
|
||||
/* #undef HAVE_BOOLEAN */
|
||||
|
||||
/* Define to 1 if you have the <dlfcn.h> header file. */
|
||||
#define HAVE_DLFCN_H 1
|
||||
|
||||
/* Define to 1 if you have the <dnet.h> header file. */
|
||||
/* #undef HAVE_DNET_H */
|
||||
|
||||
/* Define to 1 if the system has the type `int16_t'. */
|
||||
#define HAVE_INT16_T 1
|
||||
|
||||
/* Define to 1 if the system has the type `int32_t'. */
|
||||
#define HAVE_INT32_T 1
|
||||
|
||||
/* Define to 1 if the system has the type `int64_t'. */
|
||||
#define HAVE_INT64_T 1
|
||||
|
||||
/* Define to 1 if the system has the type `int8_t'. */
|
||||
#define HAVE_INT8_T 1
|
||||
|
||||
/* Define to 1 if you have the <inttypes.h> header file. */
|
||||
#define HAVE_INTTYPES_H 1
|
||||
|
||||
/* Define to 1 if you have the `c' library (-lc). */
|
||||
/* #undef HAVE_LIBC */
|
||||
|
||||
/* Define to 1 if you have the `dl' library (-ldl). */
|
||||
#define HAVE_LIBDL 1
|
||||
|
||||
/* Define to 1 if you have the `dnet' library (-ldnet). */
|
||||
/* #undef HAVE_LIBDNET */
|
||||
|
||||
/* Define to 1 if you have the `ipq' library (-lipq). */
|
||||
/* #undef HAVE_LIBIPQ */
|
||||
|
||||
/* Define to 1 if you have the `m' library (-lm). */
|
||||
#define HAVE_LIBM 1
|
||||
|
||||
/* Define to 1 if you have the `net' library (-lnet). */
|
||||
/* #undef HAVE_LIBNET */
|
||||
|
||||
/* Define to 1 if you have the <libnet.h> header file. */
|
||||
/* #undef HAVE_LIBNET_H */
|
||||
|
||||
/* Define to 1 if you have the `nsl' library (-lnsl). */
|
||||
#define HAVE_LIBNSL 1
|
||||
|
||||
/* Define to 1 if you have the `pcap' library (-lpcap). */
|
||||
#define HAVE_LIBPCAP 1
|
||||
|
||||
/* Define to 1 if you have the `pcre' library (-lpcre). */
|
||||
#define HAVE_LIBPCRE 1
|
||||
|
||||
/* Define to 1 if you have the `pfring' library (-lpfring). */
|
||||
/* #undef HAVE_LIBPFRING */
|
||||
|
||||
/* Define to 1 if you have the `pq' library (-lpq). */
|
||||
/* #undef HAVE_LIBPQ */
|
||||
|
||||
/* Define whether Prelude support is enabled */
|
||||
/* #undef HAVE_LIBPRELUDE */
|
||||
|
||||
/* Define to 1 if you have the `rt' library (-lrt). */
|
||||
/* #undef HAVE_LIBRT */
|
||||
|
||||
/* Define to 1 if you have the `socket' library (-lsocket). */
|
||||
/* #undef HAVE_LIBSOCKET */
|
||||
|
||||
/* Define to 1 if you have the `z' library (-lz). */
|
||||
#define HAVE_LIBZ 1
|
||||
|
||||
/* Define whether linuxthreads is being used */
|
||||
/* #undef HAVE_LINUXTHREADS */
|
||||
|
||||
/* Define to 1 if you have the <math.h> header file. */
|
||||
#define HAVE_MATH_H 1
|
||||
|
||||
/* Define to 1 if you have the <memory.h> header file. */
|
||||
#define HAVE_MEMORY_H 1
|
||||
|
||||
/* Define to 1 if you have the <paths.h> header file. */
|
||||
#define HAVE_PATHS_H 1
|
||||
|
||||
/* Can cleanup lex buffer stack created by pcap bpf filter */
|
||||
/* #undef HAVE_PCAP_LEX_DESTROY */
|
||||
|
||||
/* Define to 1 if you have the <pcre.h> header file. */
|
||||
#define HAVE_PCRE_H 1
|
||||
|
||||
/* Define to 1 if you have the <pfring.h> header file. */
|
||||
/* #undef HAVE_PFRING_H */
|
||||
|
||||
/* Define to 1 if you have the `snprintf' function. */
|
||||
#define HAVE_SNPRINTF 1
|
||||
|
||||
/* Define to 1 if you have the <stdint.h> header file. */
|
||||
#define HAVE_STDINT_H 1
|
||||
|
||||
/* Define to 1 if you have the <stdlib.h> header file. */
|
||||
#define HAVE_STDLIB_H 1
|
||||
|
||||
/* Define to 1 if you have the `strerror' function. */
|
||||
#define HAVE_STRERROR 1
|
||||
|
||||
/* Define to 1 if you have the <strings.h> header file. */
|
||||
#define HAVE_STRINGS_H 1
|
||||
|
||||
/* Define to 1 if you have the <string.h> header file. */
|
||||
#define HAVE_STRING_H 1
|
||||
|
||||
/* Define to 1 if you have the `strlcat' function. */
|
||||
/* #undef HAVE_STRLCAT */
|
||||
|
||||
/* Define to 1 if you have the `strlcpy' function. */
|
||||
/* #undef HAVE_STRLCPY */
|
||||
|
||||
/* Define to 1 if you have the `strtoul' function. */
|
||||
/* #undef HAVE_STRTOUL */
|
||||
|
||||
/* Define to 1 if you have the <sys/sockio.h> header file. */
|
||||
/* #undef HAVE_SYS_SOCKIO_H */
|
||||
|
||||
/* Define to 1 if you have the <sys/stat.h> header file. */
|
||||
#define HAVE_SYS_STAT_H 1
|
||||
|
||||
/* Define to 1 if you have the <sys/types.h> header file. */
|
||||
#define HAVE_SYS_TYPES_H 1
|
||||
|
||||
/* Define to 1 if the system has the type `uint16_t'. */
|
||||
#define HAVE_UINT16_T 1
|
||||
|
||||
/* Define to 1 if the system has the type `uint32_t'. */
|
||||
#define HAVE_UINT32_T 1
|
||||
|
||||
/* Define to 1 if the system has the type `uint64_t'. */
|
||||
#define HAVE_UINT64_T 1
|
||||
|
||||
/* Define to 1 if the system has the type `uint8_t'. */
|
||||
#define HAVE_UINT8_T 1
|
||||
|
||||
/* Define to 1 if you have the <unistd.h> header file. */
|
||||
#define HAVE_UNISTD_H 1
|
||||
|
||||
/* Define to 1 if the system has the type `u_int16_t'. */
|
||||
#define HAVE_U_INT16_T 1
|
||||
|
||||
/* Define to 1 if the system has the type `u_int32_t'. */
|
||||
#define HAVE_U_INT32_T 1
|
||||
|
||||
/* Define to 1 if the system has the type `u_int64_t'. */
|
||||
#define HAVE_U_INT64_T 1
|
||||
|
||||
/* Define to 1 if the system has the type `u_int8_t'. */
|
||||
#define HAVE_U_INT8_T 1
|
||||
|
||||
/* Define if the compiler supports visibility declarations. */
|
||||
#define HAVE_VISIBILITY 1
|
||||
|
||||
/* Define to 1 if you have the `vsnprintf' function. */
|
||||
/* #undef HAVE_VSNPRINTF */
|
||||
|
||||
/* Define to 1 if you have the `vswprintf' function. */
|
||||
#define HAVE_VSWPRINTF 1
|
||||
|
||||
/* Define to 1 if you have the <wchar.h> header file. */
|
||||
#define HAVE_WCHAR_H 1
|
||||
|
||||
/* Define to 1 if you have the `wprintf' function. */
|
||||
#define HAVE_WPRINTF 1
|
||||
|
||||
/* Define whether yylex_destroy is supported in flex version */
|
||||
#define HAVE_YYLEX_DESTROY 1
|
||||
|
||||
/* Define to 1 if you have the <zlib.h> header file. */
|
||||
/* #undef HAVE_ZLIB_H */
|
||||
|
||||
/* Define if the compiler understands __FUNCTION__. */
|
||||
#define HAVE___FUNCTION__ 1
|
||||
|
||||
/* Define if the compiler understands __func__. */
|
||||
/* #undef HAVE___func__ */
|
||||
|
||||
/* Define if HP-UX 10 or 11 */
|
||||
/* #undef HPUX */
|
||||
|
||||
/* For INADDR_NONE definition */
|
||||
/* #undef INADDR_NONE */
|
||||
|
||||
/* Define if Irix 6 */
|
||||
/* #undef IRIX */
|
||||
|
||||
/* For libpcap versions that accumulate stats */
|
||||
#define LIBPCAP_ACCUMULATES 1
|
||||
|
||||
/* Define if Linux */
|
||||
#define LINUX 1
|
||||
|
||||
/* For Linux libpcap versions 0.9.0 to 0.9.4 */
|
||||
/* #undef LINUX_LIBPCAP_DOUBLES_STATS */
|
||||
|
||||
/* Define to the sub-directory in which libtool stores uninstalled libraries.
|
||||
*/
|
||||
#define LT_OBJDIR ".libs/"
|
||||
|
||||
/* Define if MacOS */
|
||||
/* #undef MACOS */
|
||||
|
||||
/* For MySQL versions 5.0.13 and greater */
|
||||
#define MYSQL_HAS_OPT_RECONNECT 1
|
||||
|
||||
/* For MySQL versions 5.0.13 to 5.0.18 */
|
||||
/* #undef MYSQL_HAS_OPT_RECONNECT_BUG */
|
||||
|
||||
/* Define if OpenBSD < 2.3 */
|
||||
/* #undef OPENBSD */
|
||||
|
||||
/* Define if Tru64 */
|
||||
/* #undef OSF1 */
|
||||
|
||||
/* Name of package */
|
||||
#define PACKAGE "snort"
|
||||
|
||||
/* Define to the address where bug reports for this package should be sent. */
|
||||
#define PACKAGE_BUGREPORT ""
|
||||
|
||||
/* Define to the full name of this package. */
|
||||
#define PACKAGE_NAME ""
|
||||
|
||||
/* Define to the full name and version of this package. */
|
||||
#define PACKAGE_STRING ""
|
||||
|
||||
/* Define to the one symbol short name of this package. */
|
||||
#define PACKAGE_TARNAME ""
|
||||
|
||||
/* Define to the home page for this package. */
|
||||
#define PACKAGE_URL ""
|
||||
|
||||
/* Define to the version of this package. */
|
||||
#define PACKAGE_VERSION ""
|
||||
|
||||
/* Define if pcap timeout is ignored */
|
||||
#define PCAP_TIMEOUT_IGNORED 1
|
||||
|
||||
/* The size of `char', as computed by sizeof. */
|
||||
#define SIZEOF_CHAR 1
|
||||
|
||||
/* The size of `int', as computed by sizeof. */
|
||||
#define SIZEOF_INT 4
|
||||
|
||||
/* The size of `long int', as computed by sizeof. */
|
||||
#define SIZEOF_LONG_INT 4
|
||||
|
||||
/* The size of `long long int', as computed by sizeof. */
|
||||
#define SIZEOF_LONG_LONG_INT 8
|
||||
|
||||
/* The size of `short', as computed by sizeof. */
|
||||
#define SIZEOF_SHORT 2
|
||||
|
||||
/* The size of `unsigned int', as computed by sizeof. */
|
||||
#define SIZEOF_UNSIGNED_INT 4
|
||||
|
||||
/* The size of `unsigned long int', as computed by sizeof. */
|
||||
#define SIZEOF_UNSIGNED_LONG_INT 4
|
||||
|
||||
/* The size of `unsigned long long int', as computed by sizeof. */
|
||||
#define SIZEOF_UNSIGNED_LONG_LONG_INT 8
|
||||
|
||||
/* Define if Solaris */
|
||||
/* #undef SOLARIS */
|
||||
|
||||
/* For sparc v9 with %time register */
|
||||
/* #undef SPARCV9 */
|
||||
|
||||
/* Define to 1 if you have the ANSI C header files. */
|
||||
#define STDC_HEADERS 1
|
||||
|
||||
/* Define if SunOS */
|
||||
/* #undef SUNOS */
|
||||
|
||||
/* Version number of package */
|
||||
#define VERSION "2.8.6.1"
|
||||
|
||||
/* Define if words are big endian */
|
||||
/* #undef WORDS_BIGENDIAN */
|
||||
|
||||
/* Define if words must align */
|
||||
/* #undef WORDS_MUSTALIGN */
|
||||
|
||||
/* Define __FUNCTION__ as required. */
|
||||
/* #undef __FUNCTION__ */
|
||||
|
||||
#ifndef ENABLE_MYSQL
|
||||
#define ENABLE_MYSQL 1
|
||||
#endif
|
||||
|
File diff suppressed because it is too large
Load Diff
File diff suppressed because it is too large
Load Diff
File diff suppressed because it is too large
Load Diff
|
@ -0,0 +1,41 @@
|
|||
# -*- Autoconf -*-
|
||||
# Process this file with autoconf to produce a configure script.
|
||||
|
||||
AC_PREREQ([2.67])
|
||||
AC_INIT([Snort_AI_preproc], [0.1], [blacklight@autistici.org])
|
||||
AM_INIT_AUTOMAKE([1.10 -Wall no-define])
|
||||
AC_CONFIG_SRCDIR([config.h.in])
|
||||
AC_CONFIG_HEADERS([config.h])
|
||||
AC_CONFIG_MACRO_DIR([m4])
|
||||
LT_INIT
|
||||
|
||||
# Checks for programs.
|
||||
AC_PROG_CC
|
||||
AC_PROG_LN_S
|
||||
AC_PROG_MAKE_SET
|
||||
|
||||
# Checks for libraries.
|
||||
AC_CHECK_LIB([mysqlclient], [mysql_query])
|
||||
AC_CHECK_LIB([pthread], [pthread_create])
|
||||
|
||||
# Checks for header files.
|
||||
AC_FUNC_ALLOCA
|
||||
AC_CHECK_HEADERS([inttypes.h limits.h stddef.h stdlib.h string.h unistd.h])
|
||||
|
||||
# Checks for typedefs, structures, and compiler characteristics.
|
||||
AC_HEADER_STDBOOL
|
||||
AC_TYPE_SIZE_T
|
||||
AC_TYPE_UINT16_T
|
||||
AC_TYPE_UINT32_T
|
||||
AC_TYPE_UINT8_T
|
||||
AC_CHECK_TYPES([ptrdiff_t])
|
||||
|
||||
# Checks for library functions.
|
||||
AC_FUNC_MALLOC
|
||||
AC_FUNC_MKTIME
|
||||
AC_FUNC_REALLOC
|
||||
AC_CHECK_FUNCS([memmove memset regcomp strcasecmp strdup strstr strtol strtoul])
|
||||
|
||||
AC_CONFIG_FILES([Makefile])
|
||||
AC_OUTPUT
|
||||
|
|
@ -0,0 +1,42 @@
|
|||
/*
|
||||
** $Id$
|
||||
**
|
||||
** bitopt.c
|
||||
**
|
||||
** Copyright (C) 2002-2010 Sourcefire, Inc.
|
||||
** Dan Roelker <droelker@sourcefire.com>
|
||||
** Marc Norton <mnorton@sourcefire.com>
|
||||
**
|
||||
** This program is free software; you can redistribute it and/or modify
|
||||
** it under the terms of the GNU General Public License Version 2 as
|
||||
** published by the Free Software Foundation. You may not use, modify or
|
||||
** distribute this program under any other version of the GNU General
|
||||
** Public License.
|
||||
**
|
||||
** This program is distributed in the hope that it will be useful,
|
||||
** but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
** MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
** GNU General Public License for more details.
|
||||
**
|
||||
** You should have received a copy of the GNU General Public License
|
||||
** along with this program; if not, write to the Free Software
|
||||
** Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
|
||||
**
|
||||
** NOTES
|
||||
** 5.15.02 - Initial Source Code. Norton/Roelker
|
||||
** 5.23.02 - Moved bitop functions to bitop.h to inline. Norton/Roelker
|
||||
** 1.21.04 - Added static initialization. Roelker
|
||||
** 9.13.05 - Separated type and inline func definitions. Sturges
|
||||
**
|
||||
*/
|
||||
|
||||
#ifndef _BITOP_H
|
||||
#define _BITOP_H
|
||||
|
||||
typedef struct _BITOP {
|
||||
unsigned char *pucBitBuffer;
|
||||
unsigned int uiBitBufferSize;
|
||||
unsigned int uiMaxBits;
|
||||
} BITOP;
|
||||
|
||||
#endif /* _BITOP_H */
|
|
@ -0,0 +1,182 @@
|
|||
#ifndef _BOUNDS_H
|
||||
#define _BOUNDS_H
|
||||
/*
|
||||
** Copyright (C) 2003-2010 Sourcefire, Inc.
|
||||
** Chris Green <cmg@sourcefire.com>
|
||||
**
|
||||
** This program is free software; you can redistribute it and/or modify
|
||||
** it under the terms of the GNU General Public License Version 2 as
|
||||
** published by the Free Software Foundation. You may not use, modify or
|
||||
** distribute this program under any other version of the GNU General
|
||||
** Public License.
|
||||
**
|
||||
** This program is distributed in the hope that it will be useful,
|
||||
** but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
** MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
** GNU General Public License for more details.
|
||||
**
|
||||
** You should have received a copy of the GNU General Public License
|
||||
** along with this program; if not, write to the Free Software
|
||||
** Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
|
||||
**
|
||||
*/
|
||||
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
#include "config.h"
|
||||
#endif
|
||||
|
||||
#ifdef OSF1
|
||||
#include <sys/bitypes.h>
|
||||
#endif
|
||||
|
||||
#include <string.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <sys/types.h>
|
||||
#include <assert.h>
|
||||
#include <unistd.h>
|
||||
|
||||
#define SAFEMEM_ERROR 0
|
||||
#define SAFEMEM_SUCCESS 1
|
||||
|
||||
#include "debug.h"
|
||||
#ifndef DEBUG
|
||||
#define ERRORRET return SAFEMEM_ERROR;
|
||||
#else
|
||||
#define ERRORRET assert(0==1)
|
||||
#endif /* DEBUG */
|
||||
|
||||
#include "sf_types.h"
|
||||
|
||||
|
||||
/*
|
||||
* Check to make sure that p is less than or equal to the ptr range
|
||||
* pointers
|
||||
*
|
||||
* 1 means it's in bounds, 0 means it's not
|
||||
*/
|
||||
static INLINE int inBounds(const uint8_t *start, const uint8_t *end, const uint8_t *p)
|
||||
{
|
||||
if ((p >= start) && (p < end))
|
||||
return 1;
|
||||
return 0;
|
||||
}
|
||||
|
||||
static INLINE int SafeMemCheck(void *dst, size_t n,
|
||||
const void *start, const void *end)
|
||||
{
|
||||
void *tmp;
|
||||
|
||||
if (n < 1)
|
||||
return SAFEMEM_ERROR;
|
||||
|
||||
if ((dst == NULL) || (start == NULL) || (end == NULL))
|
||||
return SAFEMEM_ERROR;
|
||||
|
||||
tmp = ((uint8_t *)dst) + (n - 1);
|
||||
if (tmp < dst)
|
||||
return SAFEMEM_ERROR;
|
||||
|
||||
if (!inBounds(start, end, dst) || !inBounds(start, end, tmp))
|
||||
return SAFEMEM_ERROR;
|
||||
|
||||
return SAFEMEM_SUCCESS;
|
||||
}
|
||||
|
||||
/**
|
||||
* A Safer Memcpy
|
||||
*
|
||||
* @param dst where to copy to
|
||||
* @param src where to copy from
|
||||
* @param n number of bytes to copy
|
||||
* @param start start of the dest buffer
|
||||
* @param end end of the dst buffer
|
||||
*
|
||||
* @return SAFEMEM_ERROR on failure, SAFEMEM_SUCCESS on success
|
||||
*/
|
||||
static INLINE int SafeMemcpy(void *dst, const void *src, size_t n, const void *start, const void *end)
|
||||
{
|
||||
if (SafeMemCheck(dst, n, start, end) != SAFEMEM_SUCCESS)
|
||||
ERRORRET;
|
||||
if (src == NULL)
|
||||
ERRORRET;
|
||||
memcpy(dst, src, n);
|
||||
return SAFEMEM_SUCCESS;
|
||||
}
|
||||
|
||||
/**
|
||||
* A Safer Memmove
|
||||
* dst and src can be in the same buffer
|
||||
*
|
||||
* @param dst where to copy to
|
||||
* @param src where to copy from
|
||||
* @param n number of bytes to copy
|
||||
* @param start start of the dest buffer
|
||||
* @param end end of the dst buffer
|
||||
*
|
||||
* @return SAFEMEM_ERROR on failure, SAFEMEM_SUCCESS on success
|
||||
*/
|
||||
static INLINE int SafeMemmove(void *dst, const void *src, size_t n, const void *start, const void *end)
|
||||
{
|
||||
if (SafeMemCheck(dst, n, start, end) != SAFEMEM_SUCCESS)
|
||||
ERRORRET;
|
||||
if (src == NULL)
|
||||
ERRORRET;
|
||||
memmove(dst, src, n);
|
||||
return SAFEMEM_SUCCESS;
|
||||
}
|
||||
|
||||
/**
|
||||
* A Safer Memset
|
||||
* dst and src can be in the same buffer
|
||||
*
|
||||
* @param dst where to copy to
|
||||
* @param c character to set memory with
|
||||
* @param n number of bytes to set
|
||||
* @param start start of the dst buffer
|
||||
* @param end end of the dst buffer
|
||||
*
|
||||
* @return SAFEMEM_ERROR on failure, SAFEMEM_SUCCESS on success
|
||||
*/
|
||||
static INLINE int SafeMemset(void *dst, uint8_t c, size_t n, const void *start, const void *end)
|
||||
{
|
||||
if (SafeMemCheck(dst, n, start, end) != SAFEMEM_SUCCESS)
|
||||
ERRORRET;
|
||||
memset(dst, c, n);
|
||||
return SAFEMEM_SUCCESS;
|
||||
}
|
||||
|
||||
/**
|
||||
* A Safer *a = *b
|
||||
*
|
||||
* @param start start of the dst buffer
|
||||
* @param end end of the dst buffer
|
||||
* @param dst the location to write to
|
||||
* @param src the source to read from
|
||||
*
|
||||
* @return 0 on failure, 1 on success
|
||||
*/
|
||||
static INLINE int SafeWrite(uint8_t *start, uint8_t *end, uint8_t *dst, uint8_t *src)
|
||||
{
|
||||
if(!inBounds(start, end, dst))
|
||||
{
|
||||
ERRORRET;
|
||||
}
|
||||
|
||||
*dst = *src;
|
||||
return 1;
|
||||
}
|
||||
|
||||
static INLINE int SafeRead(uint8_t *start, uint8_t *end, uint8_t *src, uint8_t *read)
|
||||
{
|
||||
if(!inBounds(start,end, src))
|
||||
{
|
||||
ERRORRET;
|
||||
}
|
||||
|
||||
*read = *start;
|
||||
return 1;
|
||||
}
|
||||
|
||||
#endif /* _BOUNDS_H */
|
|
@ -0,0 +1,135 @@
|
|||
/*
|
||||
** Copyright (C) 2006-2010 Sourcefire, Inc.
|
||||
**
|
||||
** This program is free software; you can redistribute it and/or modify
|
||||
** it under the terms of the GNU General Public License Version 2 as
|
||||
** published by the Free Software Foundation. You may not use, modify or
|
||||
** distribute this program under any other version of the GNU General
|
||||
** Public License.
|
||||
**
|
||||
** This program is distributed in the hope that it will be useful,
|
||||
** but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
** MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
** GNU General Public License for more details.
|
||||
**
|
||||
** You should have received a copy of the GNU General Public License
|
||||
** along with this program; if not, write to the Free Software
|
||||
** Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
|
||||
*/
|
||||
|
||||
#ifndef CPU_CLOCK_TICKS_H
|
||||
#define CPU_CLOCK_TICKS_H
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
#include "config.h"
|
||||
#endif
|
||||
|
||||
#include "debug.h"
|
||||
#include "sf_types.h" /* for uint64_t */
|
||||
|
||||
/* Assembly to find clock ticks. */
|
||||
#ifdef WIN32
|
||||
#include <windows.h>
|
||||
|
||||
/* INTEL WINDOWS */
|
||||
__inline void __cputicks_msc(uint64_t *val)
|
||||
{
|
||||
__int64 t;
|
||||
__asm
|
||||
{
|
||||
rdtsc;
|
||||
mov dword PTR [t],eax;
|
||||
mov dword PTR [t+4],edx;
|
||||
}
|
||||
*val = (uint64_t)t;
|
||||
}
|
||||
#define get_clockticks(val) __cputicks_msc(&val)
|
||||
|
||||
/*
|
||||
#define get_clockticks(val) \
|
||||
QueryPerformanceCounter((PLARGE_INTEGER)&val)
|
||||
*/
|
||||
|
||||
|
||||
#else
|
||||
#include <unistd.h>
|
||||
|
||||
/* INTEL LINUX/BSD/.. */
|
||||
#if (defined(__i386) || defined(__amd64) || defined(__x86_64__))
|
||||
#define get_clockticks(val) \
|
||||
{ \
|
||||
uint32_t a, d; \
|
||||
__asm__ __volatile__ ("rdtsc" : "=a" (a), "=d" (d)); \
|
||||
val = ((uint64_t)a) | (((uint64_t)d) << 32); \
|
||||
}
|
||||
#else
|
||||
#if (defined(__ia64) && defined(__GNUC__) )
|
||||
#define get_clockticks(val) \
|
||||
{ \
|
||||
__asm__ __volatile__ ("mov %0=ar.itc" : "=r"(val)); \
|
||||
}
|
||||
#else
|
||||
#if (defined(__ia64) && defined(__hpux))
|
||||
#include <machine/sys/inline.h>
|
||||
#define get_clockticks(val) \
|
||||
{ \
|
||||
val = _Asm_mov_from_ar (_AREG_ITC); \
|
||||
}
|
||||
#else
|
||||
/* POWER PC */
|
||||
#if (defined(__GNUC__) && (defined(__powerpc__) || (defined(__ppc__))))
|
||||
#define get_clockticks(val) \
|
||||
{ \
|
||||
uint32_t tbu0, tbu1, tbl; \
|
||||
do \
|
||||
{ \
|
||||
__asm__ __volatile__ ("mftbu %0" : "=r"(tbu0)); \
|
||||
__asm__ __volatile__ ("mftb %0" : "=r"(tbl)); \
|
||||
__asm__ __volatile__ ("mftbu %0" : "=r"(tbu1)); \
|
||||
} while (tbu0 != tbu1); \
|
||||
val = ((uint64_t)tbl) | (((uint64_t)tbu0) << 32); \
|
||||
}
|
||||
#else
|
||||
/* SPARC */
|
||||
#ifdef SPARCV9
|
||||
#ifdef _LP64
|
||||
#define get_clockticks(val) \
|
||||
{ \
|
||||
__asm__ __volatile__("rd %%tick, %0" : "=r"(val)); \
|
||||
}
|
||||
#else
|
||||
#define get_clockticks(val) \
|
||||
{ \
|
||||
uint32_t a, b; \
|
||||
__asm__ __volatile__("rd %%tick, %0\n" \
|
||||
"srlx %0, 32, %1" \
|
||||
: "=r"(a), "=r"(b)); \
|
||||
val = ((uint64_t)a) | (((uint64_t)b) << 32); \
|
||||
}
|
||||
#endif /* _LP64 */
|
||||
#else
|
||||
#define get_clockticks(val)
|
||||
#endif /* SPARC */
|
||||
#endif /* POWERPC || PPC */
|
||||
#endif /* IA64 && HPUX */
|
||||
#endif /* IA64 && GNUC */
|
||||
#endif /* I386 || AMD64 || X86_64 */
|
||||
#endif /* WIN32 */
|
||||
|
||||
static INLINE double get_ticks_per_usec (void)
|
||||
{
|
||||
uint64_t start = 0, end = 0;
|
||||
get_clockticks(start);
|
||||
|
||||
#ifdef WIN32
|
||||
Sleep(1000);
|
||||
#else
|
||||
sleep(1);
|
||||
#endif
|
||||
get_clockticks(end);
|
||||
|
||||
return (double)(end-start)/1e6;
|
||||
}
|
||||
|
||||
|
||||
#endif /* CPU_CLOCK_TICKS_H */
|
|
@ -0,0 +1,120 @@
|
|||
/* $Id$ */
|
||||
/*
|
||||
** Copyright (C) 2002-2010 Sourcefire, Inc.
|
||||
** Copyright (C) 1998-2002 Martin Roesch <roesch@sourcefire.com>
|
||||
**
|
||||
** This program is free software; you can redistribute it and/or modify
|
||||
** it under the terms of the GNU General Public License Version 2 as
|
||||
** published by the Free Software Foundation. You may not use, modify or
|
||||
** distribute this program under any other version of the GNU General
|
||||
** Public License.
|
||||
**
|
||||
** This program is distributed in the hope that it will be useful,
|
||||
** but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
** MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
** GNU General Public License for more details.
|
||||
**
|
||||
** You should have received a copy of the GNU General Public License
|
||||
** along with this program; if not, write to the Free Software
|
||||
** Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
|
||||
*/
|
||||
|
||||
|
||||
#ifndef DEBUG_H
|
||||
#define DEBUG_H
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
#include "config.h"
|
||||
#endif
|
||||
|
||||
#if !defined(INLINE)
|
||||
#ifdef WIN32
|
||||
#define INLINE __inline
|
||||
#else /* WIN32 */
|
||||
#define INLINE inline
|
||||
#endif /* WIN32 */
|
||||
#endif /* !def INLINE */
|
||||
|
||||
#include <ctype.h>
|
||||
#ifdef HAVE_WCHAR_H
|
||||
/* ISOC99 is defined to get required prototypes */
|
||||
#ifndef __USE_ISOC99
|
||||
#define __USE_ISOC99
|
||||
#endif
|
||||
#include <wchar.h>
|
||||
#endif
|
||||
|
||||
#define DEBUG_VARIABLE "SNORT_DEBUG"
|
||||
|
||||
#define DEBUG_ALL 0xffffffff /* 4294967295 */
|
||||
#define DEBUG_INIT 0x00000001 /* 1 */
|
||||
#define DEBUG_CONFIGRULES 0x00000002 /* 2 */
|
||||
#define DEBUG_PLUGIN 0x00000004 /* 4 */
|
||||
#define DEBUG_DATALINK 0x00000008 /* 8 */
|
||||
//#define DEBUG_IP 0x00000010 /* 16 */
|
||||
//#define DEBUG_TCPUDP 0x00000020 /* 32 */
|
||||
#define DEBUG_DECODE 0x00000040 /* 64 */
|
||||
#define DEBUG_LOG 0x00000080 /* 128 */
|
||||
#define DEBUG_MSTRING 0x00000100 /* 256 */
|
||||
#define DEBUG_PARSER 0x00000200 /* 512 */
|
||||
#define DEBUG_PLUGBASE 0x00000400 /* 1024 */
|
||||
#define DEBUG_RULES 0x00000800 /* 2048 */
|
||||
#define DEBUG_FLOW 0x00001000 /* 4096 */
|
||||
#define DEBUG_STREAM 0x00002000 /* 8192 */
|
||||
#define DEBUG_PATTERN_MATCH 0x00004000 /* 16384 */
|
||||
#define DEBUG_DETECT 0x00008000 /* 32768 */
|
||||
#define DEBUG_SKYPE 0x00010000 /* 65536 */
|
||||
#define DEBUG_FRAG 0x00020000 /* 131072 */
|
||||
#define DEBUG_HTTP_DECODE 0x00040000 /* 262144 */
|
||||
//#define DEBUG_PORTSCAN2 0x00080000 /* 524288 / (+ conv2 ) 589824 */
|
||||
#define DEBUG_RPC 0x00100000 /* 1048576 */
|
||||
//#define DEBUG_FLOWSYS 0x00200000 /* 2097152 */
|
||||
#define DEBUG_HTTPINSPECT 0x00400000 /* 4194304 */
|
||||
#define DEBUG_STREAM_STATE 0x00800000 /* 8388608 */
|
||||
#define DEBUG_ASN1 0x01000000 /* 16777216 */
|
||||
#define DEBUG_FTPTELNET 0x02000000 /* 33554432 */
|
||||
#define DEBUG_SMTP 0x04000000 /* 67108864 */
|
||||
#define DEBUG_DCERPC 0x08000000 /* 134217728 */
|
||||
#define DEBUG_DNS 0x10000000 /* 268435456 */
|
||||
#define DEBUG_ATTRIBUTE 0x20000000 /* 536870912 */
|
||||
#define DEBUG_PORTLISTS 0x40000000 /* 1073741824 */
|
||||
#define DEBUG_SSL 0x80000000 /* 2147483648 */
|
||||
|
||||
void DebugMessageFunc(int dbg,char *fmt, ...);
|
||||
#ifdef HAVE_WCHAR_H
|
||||
void DebugWideMessageFunc(int dbg,wchar_t *fmt, ...);
|
||||
#endif
|
||||
|
||||
#ifdef DEBUG
|
||||
|
||||
extern char *DebugMessageFile;
|
||||
extern int DebugMessageLine;
|
||||
|
||||
#define DebugMessage *_dpd.debugMsgFile = __FILE__; *_dpd.debugMsgLine = __LINE__; _dpd.debugMsg
|
||||
#define DebugWideMessage *_dpd.debugMsgFile = __FILE__; *_dpd.debugMsgLine = __LINE__; _dpd.debugWideMsg
|
||||
|
||||
int GetDebugLevel (void);
|
||||
int DebugThis(int level);
|
||||
#else
|
||||
|
||||
#ifdef WIN32
|
||||
/* Visual C++ uses the keyword "__inline" rather than "__inline__" */
|
||||
#define __inline__ __inline
|
||||
#endif
|
||||
|
||||
#endif /* DEBUG */
|
||||
|
||||
|
||||
#ifdef DEBUG
|
||||
#define DEBUG_WRAP(code) code
|
||||
void DebugMessageFunc(int dbg,char *fmt, ...);
|
||||
#ifdef HAVE_WCHAR_H
|
||||
void DebugWideMessageFunc(int dbg,wchar_t *fmt, ...);
|
||||
#endif
|
||||
#else
|
||||
#define DEBUG_WRAP(code)
|
||||
/* I would use DebugMessage(dbt,fmt...) but that only works with GCC */
|
||||
|
||||
#endif
|
||||
|
||||
#endif /* DEBUG_H */
|
|
@ -0,0 +1,120 @@
|
|||
/* $Id$ */
|
||||
/*
|
||||
** Copyright (C) 2002-2010 Sourcefire, Inc.
|
||||
** Copyright (C) 1998-2002 Martin Roesch <roesch@sourcefire.com>
|
||||
**
|
||||
** This program is free software; you can redistribute it and/or modify
|
||||
** it under the terms of the GNU General Public License Version 2 as
|
||||
** published by the Free Software Foundation. You may not use, modify or
|
||||
** distribute this program under any other version of the GNU General
|
||||
** Public License.
|
||||
**
|
||||
** This program is distributed in the hope that it will be useful,
|
||||
** but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
** MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
** GNU General Public License for more details.
|
||||
**
|
||||
** You should have received a copy of the GNU General Public License
|
||||
** along with this program; if not, write to the Free Software
|
||||
** Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
|
||||
*/
|
||||
|
||||
|
||||
#ifndef DEBUG_H
|
||||
#define DEBUG_H
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
#include "config.h"
|
||||
#endif
|
||||
|
||||
#if !defined(INLINE)
|
||||
#ifdef WIN32
|
||||
#define INLINE __inline
|
||||
#else /* WIN32 */
|
||||
#define INLINE inline
|
||||
#endif /* WIN32 */
|
||||
#endif /* !def INLINE */
|
||||
|
||||
#include <ctype.h>
|
||||
#ifdef HAVE_WCHAR_H
|
||||
/* ISOC99 is defined to get required prototypes */
|
||||
#ifndef __USE_ISOC99
|
||||
#define __USE_ISOC99
|
||||
#endif
|
||||
#include <wchar.h>
|
||||
#endif
|
||||
|
||||
#define DEBUG_VARIABLE "SNORT_DEBUG"
|
||||
|
||||
#define DEBUG_ALL 0xffffffff /* 4294967295 */
|
||||
#define DEBUG_INIT 0x00000001 /* 1 */
|
||||
#define DEBUG_CONFIGRULES 0x00000002 /* 2 */
|
||||
#define DEBUG_PLUGIN 0x00000004 /* 4 */
|
||||
#define DEBUG_DATALINK 0x00000008 /* 8 */
|
||||
//#define DEBUG_IP 0x00000010 /* 16 */
|
||||
//#define DEBUG_TCPUDP 0x00000020 /* 32 */
|
||||
#define DEBUG_DECODE 0x00000040 /* 64 */
|
||||
#define DEBUG_LOG 0x00000080 /* 128 */
|
||||
#define DEBUG_MSTRING 0x00000100 /* 256 */
|
||||
#define DEBUG_PARSER 0x00000200 /* 512 */
|
||||
#define DEBUG_PLUGBASE 0x00000400 /* 1024 */
|
||||
#define DEBUG_RULES 0x00000800 /* 2048 */
|
||||
#define DEBUG_FLOW 0x00001000 /* 4096 */
|
||||
#define DEBUG_STREAM 0x00002000 /* 8192 */
|
||||
#define DEBUG_PATTERN_MATCH 0x00004000 /* 16384 */
|
||||
#define DEBUG_DETECT 0x00008000 /* 32768 */
|
||||
#define DEBUG_SKYPE 0x00010000 /* 65536 */
|
||||
#define DEBUG_FRAG 0x00020000 /* 131072 */
|
||||
#define DEBUG_HTTP_DECODE 0x00040000 /* 262144 */
|
||||
//#define DEBUG_PORTSCAN2 0x00080000 /* 524288 / (+ conv2 ) 589824 */
|
||||
#define DEBUG_RPC 0x00100000 /* 1048576 */
|
||||
//#define DEBUG_FLOWSYS 0x00200000 /* 2097152 */
|
||||
#define DEBUG_HTTPINSPECT 0x00400000 /* 4194304 */
|
||||
#define DEBUG_STREAM_STATE 0x00800000 /* 8388608 */
|
||||
#define DEBUG_ASN1 0x01000000 /* 16777216 */
|
||||
#define DEBUG_FTPTELNET 0x02000000 /* 33554432 */
|
||||
#define DEBUG_SMTP 0x04000000 /* 67108864 */
|
||||
#define DEBUG_DCERPC 0x08000000 /* 134217728 */
|
||||
#define DEBUG_DNS 0x10000000 /* 268435456 */
|
||||
#define DEBUG_ATTRIBUTE 0x20000000 /* 536870912 */
|
||||
#define DEBUG_PORTLISTS 0x40000000 /* 1073741824 */
|
||||
#define DEBUG_SSL 0x80000000 /* 2147483648 */
|
||||
|
||||
void DebugMessageFunc(int dbg,char *fmt, ...);
|
||||
#ifdef HAVE_WCHAR_H
|
||||
void DebugWideMessageFunc(int dbg,wchar_t *fmt, ...);
|
||||
#endif
|
||||
|
||||
#ifdef DEBUG
|
||||
|
||||
extern char *DebugMessageFile;
|
||||
extern int DebugMessageLine;
|
||||
|
||||
#define DebugMessage DebugMessageFile = __FILE__; DebugMessageLine = __LINE__; DebugMessageFunc
|
||||
#define DebugWideMessage DebugMessageFile = __FILE__; DebugMessageLine = __LINE__; DebugWideMessageFunc
|
||||
|
||||
int GetDebugLevel (void);
|
||||
int DebugThis(int level);
|
||||
#else
|
||||
|
||||
#ifdef WIN32
|
||||
/* Visual C++ uses the keyword "__inline" rather than "__inline__" */
|
||||
#define __inline__ __inline
|
||||
#endif
|
||||
|
||||
#endif /* DEBUG */
|
||||
|
||||
|
||||
#ifdef DEBUG
|
||||
#define DEBUG_WRAP(code) code
|
||||
void DebugMessageFunc(int dbg,char *fmt, ...);
|
||||
#ifdef HAVE_WCHAR_H
|
||||
void DebugWideMessageFunc(int dbg,wchar_t *fmt, ...);
|
||||
#endif
|
||||
#else
|
||||
#define DEBUG_WRAP(code)
|
||||
/* I would use DebugMessage(dbt,fmt...) but that only works with GCC */
|
||||
|
||||
#endif
|
||||
|
||||
#endif /* DEBUG_H */
|
|
@ -0,0 +1,76 @@
|
|||
/* $Id$ */
|
||||
/*
|
||||
** Copyright (C) 2002-2010 Sourcefire, Inc.
|
||||
** Copyright (C) 1998-2002 Martin Roesch <roesch@sourcefire.com>
|
||||
**
|
||||
** This program is free software; you can redistribute it and/or modify
|
||||
** it under the terms of the GNU General Public License Version 2 as
|
||||
** published by the Free Software Foundation. You may not use, modify or
|
||||
** distribute this program under any other version of the GNU General
|
||||
** Public License.
|
||||
**
|
||||
** This program is distributed in the hope that it will be useful,
|
||||
** but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
** MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
** GNU General Public License for more details.
|
||||
**
|
||||
** You should have received a copy of the GNU General Public License
|
||||
** along with this program; if not, write to the Free Software
|
||||
** Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
|
||||
*/
|
||||
|
||||
/* D E F I N E S ************************************************************/
|
||||
#ifndef __EVENT_H__
|
||||
#define __EVENT_H__
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
#include "config.h"
|
||||
#endif
|
||||
|
||||
#ifdef OSF1
|
||||
#include <sys/bitypes.h>
|
||||
#endif
|
||||
|
||||
#include <sys/types.h>
|
||||
#ifndef WIN32
|
||||
#include <sys/time.h>
|
||||
#endif
|
||||
|
||||
#include "pcap_pkthdr32.h"
|
||||
|
||||
typedef struct _Event
|
||||
{
|
||||
uint32_t sig_generator; /* which part of snort generated the alert? */
|
||||
uint32_t sig_id; /* sig id for this generator */
|
||||
uint32_t sig_rev; /* sig revision for this id */
|
||||
uint32_t classification; /* event classification */
|
||||
uint32_t priority; /* event priority */
|
||||
uint32_t event_id; /* event ID */
|
||||
uint32_t event_reference; /* reference to other events that have gone off,
|
||||
* such as in the case of tagged packets...
|
||||
*/
|
||||
struct sf_timeval32 ref_time; /* reference time for the event reference */
|
||||
|
||||
/* Don't add to this structure because this is the serialized data
|
||||
* struct for unified logging.
|
||||
*/
|
||||
} Event;
|
||||
|
||||
#if 0
|
||||
typedef struct _EventID
|
||||
{
|
||||
uint32_t sequence;
|
||||
uint32_t seconds;
|
||||
} EventID;
|
||||
|
||||
typedef struct _Event
|
||||
{
|
||||
EventID id;
|
||||
uint32_t uSeconds;
|
||||
SigInfo sigInfo;
|
||||
} Event;
|
||||
|
||||
#endif
|
||||
|
||||
|
||||
#endif /* __EVENT_H__ */
|
|
@ -0,0 +1,204 @@
|
|||
/*
|
||||
** Copyright (C) 2007-2010 Sourcefire, Inc.
|
||||
**
|
||||
** This program is free software; you can redistribute it and/or modify
|
||||
** it under the terms of the GNU General Public License Version 2 as
|
||||
** published by the Free Software Foundation. You may not use, modify or
|
||||
** distribute this program under any other version of the GNU General
|
||||
** Public License.
|
||||
**
|
||||
** This program is distributed in the hope that it will be useful,
|
||||
** but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
** MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
** GNU General Public License for more details.
|
||||
**
|
||||
** You should have received a copy of the GNU General Public License
|
||||
** along with this program; if not, write to the Free Software
|
||||
** Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
|
||||
*/
|
||||
|
||||
#ifndef IPV6_PORT_H
|
||||
#define IPV6_PORT_H
|
||||
|
||||
#include "sf_types.h"
|
||||
#include "debug.h"
|
||||
|
||||
///////////////////
|
||||
/* IPv6 and IPv4 */
|
||||
#ifdef SUP_IP6
|
||||
|
||||
#include "sf_ip.h"
|
||||
|
||||
typedef sfip_t snort_ip;
|
||||
typedef sfip_t *snort_ip_p;
|
||||
|
||||
#define IpAddrNode sfip_node_t
|
||||
#define IpAddrSet sfip_var_t
|
||||
#define IpAddrSetContains(x,y) sfvar_ip_in(x, y)
|
||||
#define IpAddrSetPrint sfvar_print
|
||||
|
||||
#ifdef inet_ntoa
|
||||
#undef inet_ntoa
|
||||
#endif
|
||||
#define inet_ntoa sfip_ntoa
|
||||
|
||||
#define GET_SRC_IP(p) (p->iph_api->iph_ret_src(p))
|
||||
#define GET_DST_IP(p) (p->iph_api->iph_ret_dst(p))
|
||||
|
||||
#define GET_ORIG_SRC(p) (p->orig_ipv4h_api->orig_iph_ret_src(p))
|
||||
#define GET_ORIG_DST(p) (p->orig_ipv4h_api->orig_iph_ret_dst(p))
|
||||
|
||||
/* These are here for backwards compatibility */
|
||||
#define GET_SRC_ADDR(x) GET_SRC_IP(x)
|
||||
#define GET_DST_ADDR(x) GET_DST_IP(x)
|
||||
|
||||
#define IP_EQUALITY(x,y) (sfip_compare(x,y) == SFIP_EQUAL)
|
||||
#define IP_EQUALITY_UNSET(x,y) (sfip_compare_unset(x,y) == SFIP_EQUAL)
|
||||
#define IP_LESSER(x,y) (sfip_compare(x,y) == SFIP_LESSER)
|
||||
#define IP_GREATER(x,y) (sfip_compare(x,y) == SFIP_GREATER)
|
||||
|
||||
#define GET_IPH_TOS(p) p->iph_api->iph_ret_tos(p)
|
||||
#define GET_IPH_LEN(p) p->iph_api->iph_ret_len(p)
|
||||
#define GET_IPH_TTL(p) p->iph_api->iph_ret_ttl(p)
|
||||
#define GET_IPH_ID(p) p->iph_api->iph_ret_id(p)
|
||||
#define GET_IPH_OFF(p) p->iph_api->iph_ret_off(p)
|
||||
#define GET_IPH_VER(p) p->iph_api->iph_ret_ver(p)
|
||||
#define GET_IPH_PROTO(p) p->iph_api->iph_ret_proto(p)
|
||||
|
||||
#define GET_ORIG_IPH_PROTO(p) p->orig_ipv4h_api->orig_iph_ret_proto(p)
|
||||
#define GET_ORIG_IPH_VER(p) p->orig_ipv4h_api->orig_iph_ret_ver(p)
|
||||
#define GET_ORIG_IPH_LEN(p) p->orig_ipv4h_api->orig_iph_ret_len(p)
|
||||
#define GET_ORIG_IPH_OFF(p) p->orig_ipv4h_api->orig_iph_ret_off(p)
|
||||
#define GET_ORIG_IPH_PROTO(p) p->orig_ipv4h_api->orig_iph_ret_proto(p)
|
||||
|
||||
#define IS_IP4(x) (x->family == AF_INET)
|
||||
#define IS_IP6(x) (x->family == AF_INET6)
|
||||
/* XXX make sure these aren't getting confused with sfip_is_valid within the code */
|
||||
#define IPH_IS_VALID(p) iph_is_valid(p)
|
||||
|
||||
#define IP_CLEAR(x) x.bits = x.family = x.ip32[0] = x.ip32[1] = x.ip32[2] = x.ip32[3] = 0;
|
||||
|
||||
#define IS_SET(x) sfip_is_set(&x)
|
||||
|
||||
/* This loop trickery is intentional. If each copy is performed
|
||||
* individually on each field, then the following expression gets broken:
|
||||
*
|
||||
* if(conditional) IP_COPY_VALUE(a,b);
|
||||
*
|
||||
* If the macro is instead enclosed in braces, then having a semicolon
|
||||
* trailing the macro causes compile breakage.
|
||||
* So: use loop. */
|
||||
#define IP_COPY_VALUE(x,y) \
|
||||
do { \
|
||||
x.bits = y->bits; \
|
||||
x.family = y->family; \
|
||||
x.ip32[0] = y->ip32[0]; \
|
||||
x.ip32[1] = y->ip32[1]; \
|
||||
x.ip32[2] = y->ip32[2]; \
|
||||
x.ip32[3] = y->ip32[3]; \
|
||||
} while(0)
|
||||
|
||||
#define GET_IPH_HLEN(p) (p->iph_api->iph_ret_hlen(p))
|
||||
#define SET_IPH_HLEN(p, val)
|
||||
|
||||
#define GET_IP_DGMLEN(p) IS_IP6(p) ? (ntohs(GET_IPH_LEN(p)) + (GET_IPH_HLEN(p) << 2)) : ntohs(GET_IPH_LEN(p))
|
||||
#define GET_IP_PAYLEN(p) IS_IP6(p) ? ntohs(GET_IPH_LEN(p)) : (ntohs(GET_IPH_LEN(p)) - (GET_IPH_HLEN(p) << 2))
|
||||
|
||||
#define IP_ARG(ipt) (&ipt)
|
||||
#define IP_PTR(ipp) (ipp)
|
||||
#define IP_VAL(ipt) (*ipt)
|
||||
#define IP_SIZE(ipp) (sfip_size(ipp))
|
||||
|
||||
static INLINE int sfip_equal (snort_ip* ip1, snort_ip* ip2)
|
||||
{
|
||||
if ( ip1->family != ip2->family )
|
||||
{
|
||||
return 0;
|
||||
}
|
||||
if ( ip1->family == AF_INET )
|
||||
{
|
||||
return _ip4_cmp(ip1->ip32[0], ip2->ip32[0]) == SFIP_EQUAL;
|
||||
}
|
||||
if ( ip1->family == AF_INET6 )
|
||||
{
|
||||
return _ip6_cmp(ip1, ip2) == SFIP_EQUAL;
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
|
||||
#else
|
||||
///////////////
|
||||
/* IPv4 only */
|
||||
#include <sys/types.h>
|
||||
#ifdef HAVE_CONFIG_H
|
||||
#include <config.h>
|
||||
#endif
|
||||
|
||||
typedef u_int32_t snort_ip; /* 32 bits only -- don't use unsigned long */
|
||||
typedef u_int32_t snort_ip_p; /* 32 bits only -- don't use unsigned long */
|
||||
|
||||
#define IP_SRC_EQUALITY(x,y) (x->ip_addr == (y->ip4_header->source.s_addr & x->netmask))
|
||||
#define IP_DST_EQUALITY(x,y) (x->ip_addr == (y->ip4_header->destination.s_addr & x->netmask))
|
||||
|
||||
#define GET_SRC_IP(x) x->ip4_header->source.s_addr
|
||||
#define GET_DST_IP(x) x->ip4_header->destination.s_addr
|
||||
|
||||
#define GET_ORIG_SRC(p) (p->orig_ipv4h->ip_src.s_addr)
|
||||
#define GET_ORIG_DST(p) (p->orig_ipv4h->ip_dst.s_addr)
|
||||
|
||||
#define GET_SRC_ADDR(x) x->ip4_header->source
|
||||
#define GET_DST_ADDR(x) x->ip4_header->destination
|
||||
|
||||
#define IP_CLEAR_SRC(x) x->ip4_header->source.s_addr = 0
|
||||
#define IP_CLEAR_DST(x) x->ip4_header->destination.s_addr = 0
|
||||
|
||||
#define IP_EQUALITY(x,y) (x == y)
|
||||
#define IP_EQUALITY_UNSET(x,y) (x == y)
|
||||
#define IP_LESSER(x,y) (x < y)
|
||||
#define IP_GREATER(x,y) (x > y)
|
||||
|
||||
#define GET_IPH_PROTO(p) p->ip4_header->proto
|
||||
#define GET_IPH_TOS(p) p->ip4_header->type_service
|
||||
#define GET_IPH_LEN(p) p->ip4_header->data_length
|
||||
#define GET_IPH_TTL(p) p->ip4_header->time_to_live
|
||||
#define GET_IPH_VER(p) ((p->ip4_header->version_headerlength & 0xf0) >> 4)
|
||||
#define GET_IPH_ID(p) p->ip4_header->identifier
|
||||
#define GET_IPH_OFF(p) p->ip4_header->offset
|
||||
|
||||
#define GET_ORIG_IPH_VER(p) IP_VER(p->orig_ipv4h)
|
||||
#define GET_ORIG_IPH_LEN(p) p->orig_ipv4h->data_length
|
||||
#define GET_ORIG_IPH_OFF(p) p->orig_ipv4h->offset
|
||||
#define GET_ORIG_IPH_PROTO(p) p->orig_ipv4h->proto
|
||||
|
||||
#define IS_IP4(x) 1
|
||||
#define IS_IP6(x) 0
|
||||
#define IPH_IS_VALID(p) p->ip4_header
|
||||
|
||||
#define IP_CLEAR(x) x = 0;
|
||||
#define IS_SET(x) x
|
||||
|
||||
#define IP_COPY_VALUE(x,y) x = y
|
||||
|
||||
#define GET_IPH_HLEN(p) ((p)->ip4_header->version_headerlength & 0x0f)
|
||||
#define SET_IPH_HLEN(p, val) (((IPHdr *)(p)->iph)->version_headerlength = (unsigned char)(((p)->ip4_header->ip_verhl & 0xf0) | ((val) & 0x0f)))
|
||||
|
||||
#define GET_IP_DGMLEN(p) ntohs(GET_IPH_LEN(p))
|
||||
#define GET_IP_PAYLEN(p) ntohs(GET_IPH_LEN(p)) - (GET_IPH_HLEN(p) << 2)
|
||||
|
||||
#define IP_ARG(ipt) (ipt)
|
||||
#define IP_PTR(ipp) (&ipp)
|
||||
#define IP_VAL(ipt) (ipt)
|
||||
#define IP_SIZE(ipp) (sizeof(ipp))
|
||||
|
||||
static INLINE int sfip_equal (snort_ip ip1, snort_ip ip2)
|
||||
{
|
||||
return IP_EQUALITY(ip1, ip2);
|
||||
}
|
||||
|
||||
#endif /* SUP_IP6 */
|
||||
|
||||
#if !defined(IPPROTO_IPIP) && defined(WIN32) /* Needed for some Win32 */
|
||||
#define IPPROTO_IPIP 4
|
||||
#endif
|
||||
|
||||
#endif /* IPV6_PORT_H */
|
|
@ -0,0 +1,204 @@
|
|||
/*
|
||||
** Copyright (C) 2007-2010 Sourcefire, Inc.
|
||||
**
|
||||
** This program is free software; you can redistribute it and/or modify
|
||||
** it under the terms of the GNU General Public License Version 2 as
|
||||
** published by the Free Software Foundation. You may not use, modify or
|
||||
** distribute this program under any other version of the GNU General
|
||||
** Public License.
|
||||
**
|
||||
** This program is distributed in the hope that it will be useful,
|
||||
** but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
** MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
** GNU General Public License for more details.
|
||||
**
|
||||
** You should have received a copy of the GNU General Public License
|
||||
** along with this program; if not, write to the Free Software
|
||||
** Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
|
||||
*/
|
||||
|
||||
#ifndef IPV6_PORT_H
|
||||
#define IPV6_PORT_H
|
||||
|
||||
#include "sf_types.h"
|
||||
#include "debug.h"
|
||||
|
||||
///////////////////
|
||||
/* IPv6 and IPv4 */
|
||||
#ifdef SUP_IP6
|
||||
|
||||
#include "sf_ip.h"
|
||||
|
||||
typedef sfip_t snort_ip;
|
||||
typedef sfip_t *snort_ip_p;
|
||||
|
||||
#define IpAddrNode sfip_node_t
|
||||
#define IpAddrSet sfip_var_t
|
||||
#define IpAddrSetContains(x,y) sfvar_ip_in(x, y)
|
||||
#define IpAddrSetPrint sfvar_print
|
||||
|
||||
#ifdef inet_ntoa
|
||||
#undef inet_ntoa
|
||||
#endif
|
||||
#define inet_ntoa sfip_ntoa
|
||||
|
||||
#define GET_SRC_IP(p) (p->iph_api->iph_ret_src(p))
|
||||
#define GET_DST_IP(p) (p->iph_api->iph_ret_dst(p))
|
||||
|
||||
#define GET_ORIG_SRC(p) (p->orig_iph_api->orig_iph_ret_src(p))
|
||||
#define GET_ORIG_DST(p) (p->orig_iph_api->orig_iph_ret_dst(p))
|
||||
|
||||
/* These are here for backwards compatibility */
|
||||
#define GET_SRC_ADDR(x) GET_SRC_IP(x)
|
||||
#define GET_DST_ADDR(x) GET_DST_IP(x)
|
||||
|
||||
#define IP_EQUALITY(x,y) (sfip_compare(x,y) == SFIP_EQUAL)
|
||||
#define IP_EQUALITY_UNSET(x,y) (sfip_compare_unset(x,y) == SFIP_EQUAL)
|
||||
#define IP_LESSER(x,y) (sfip_compare(x,y) == SFIP_LESSER)
|
||||
#define IP_GREATER(x,y) (sfip_compare(x,y) == SFIP_GREATER)
|
||||
|
||||
#define GET_IPH_TOS(p) p->iph_api->iph_ret_tos(p)
|
||||
#define GET_IPH_LEN(p) p->iph_api->iph_ret_len(p)
|
||||
#define GET_IPH_TTL(p) p->iph_api->iph_ret_ttl(p)
|
||||
#define GET_IPH_ID(p) p->iph_api->iph_ret_id(p)
|
||||
#define GET_IPH_OFF(p) p->iph_api->iph_ret_off(p)
|
||||
#define GET_IPH_VER(p) p->iph_api->iph_ret_ver(p)
|
||||
#define GET_IPH_PROTO(p) p->iph_api->iph_ret_proto(p)
|
||||
|
||||
#define GET_ORIG_IPH_PROTO(p) p->orig_iph_api->orig_iph_ret_proto(p)
|
||||
#define GET_ORIG_IPH_VER(p) p->orig_iph_api->orig_iph_ret_ver(p)
|
||||
#define GET_ORIG_IPH_LEN(p) p->orig_iph_api->orig_iph_ret_len(p)
|
||||
#define GET_ORIG_IPH_OFF(p) p->orig_iph_api->orig_iph_ret_off(p)
|
||||
#define GET_ORIG_IPH_PROTO(p) p->orig_iph_api->orig_iph_ret_proto(p)
|
||||
|
||||
#define IS_IP4(x) (x->family == AF_INET)
|
||||
#define IS_IP6(x) (x->family == AF_INET6)
|
||||
/* XXX make sure these aren't getting confused with sfip_is_valid within the code */
|
||||
#define IPH_IS_VALID(p) iph_is_valid(p)
|
||||
|
||||
#define IP_CLEAR(x) x.bits = x.family = x.ip32[0] = x.ip32[1] = x.ip32[2] = x.ip32[3] = 0;
|
||||
|
||||
#define IS_SET(x) sfip_is_set(&x)
|
||||
|
||||
/* This loop trickery is intentional. If each copy is performed
|
||||
* individually on each field, then the following expression gets broken:
|
||||
*
|
||||
* if(conditional) IP_COPY_VALUE(a,b);
|
||||
*
|
||||
* If the macro is instead enclosed in braces, then having a semicolon
|
||||
* trailing the macro causes compile breakage.
|
||||
* So: use loop. */
|
||||
#define IP_COPY_VALUE(x,y) \
|
||||
do { \
|
||||
x.bits = y->bits; \
|
||||
x.family = y->family; \
|
||||
x.ip32[0] = y->ip32[0]; \
|
||||
x.ip32[1] = y->ip32[1]; \
|
||||
x.ip32[2] = y->ip32[2]; \
|
||||
x.ip32[3] = y->ip32[3]; \
|
||||
} while(0)
|
||||
|
||||
#define GET_IPH_HLEN(p) (p->iph_api->iph_ret_hlen(p))
|
||||
#define SET_IPH_HLEN(p, val)
|
||||
|
||||
#define GET_IP_DGMLEN(p) IS_IP6(p) ? (ntohs(GET_IPH_LEN(p)) + (GET_IPH_HLEN(p) << 2)) : ntohs(GET_IPH_LEN(p))
|
||||
#define GET_IP_PAYLEN(p) IS_IP6(p) ? ntohs(GET_IPH_LEN(p)) : (ntohs(GET_IPH_LEN(p)) - (GET_IPH_HLEN(p) << 2))
|
||||
|
||||
#define IP_ARG(ipt) (&ipt)
|
||||
#define IP_PTR(ipp) (ipp)
|
||||
#define IP_VAL(ipt) (*ipt)
|
||||
#define IP_SIZE(ipp) (sfip_size(ipp))
|
||||
|
||||
static INLINE int sfip_equal (snort_ip* ip1, snort_ip* ip2)
|
||||
{
|
||||
if ( ip1->family != ip2->family )
|
||||
{
|
||||
return 0;
|
||||
}
|
||||
if ( ip1->family == AF_INET )
|
||||
{
|
||||
return _ip4_cmp(ip1->ip32[0], ip2->ip32[0]) == SFIP_EQUAL;
|
||||
}
|
||||
if ( ip1->family == AF_INET6 )
|
||||
{
|
||||
return _ip6_cmp(ip1, ip2) == SFIP_EQUAL;
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
|
||||
#else
|
||||
///////////////
|
||||
/* IPv4 only */
|
||||
#include <sys/types.h>
|
||||
#ifdef HAVE_CONFIG_H
|
||||
#include <config.h>
|
||||
#endif
|
||||
|
||||
typedef u_int32_t snort_ip; /* 32 bits only -- don't use unsigned long */
|
||||
typedef u_int32_t snort_ip_p; /* 32 bits only -- don't use unsigned long */
|
||||
|
||||
#define IP_SRC_EQUALITY(x,y) (x->ip_addr == (y->iph->ip_src.s_addr & x->netmask))
|
||||
#define IP_DST_EQUALITY(x,y) (x->ip_addr == (y->iph->ip_dst.s_addr & x->netmask))
|
||||
|
||||
#define GET_SRC_IP(x) x->iph->ip_src.s_addr
|
||||
#define GET_DST_IP(x) x->iph->ip_dst.s_addr
|
||||
|
||||
#define GET_ORIG_SRC(p) (p->orig_iph->ip_src.s_addr)
|
||||
#define GET_ORIG_DST(p) (p->orig_iph->ip_dst.s_addr)
|
||||
|
||||
#define GET_SRC_ADDR(x) x->iph->ip_src
|
||||
#define GET_DST_ADDR(x) x->iph->ip_dst
|
||||
|
||||
#define IP_CLEAR_SRC(x) x->iph->ip_src.s_addr = 0
|
||||
#define IP_CLEAR_DST(x) x->iph->ip_dst.s_addr = 0
|
||||
|
||||
#define IP_EQUALITY(x,y) (x == y)
|
||||
#define IP_EQUALITY_UNSET(x,y) (x == y)
|
||||
#define IP_LESSER(x,y) (x < y)
|
||||
#define IP_GREATER(x,y) (x > y)
|
||||
|
||||
#define GET_IPH_PROTO(p) p->iph->ip_proto
|
||||
#define GET_IPH_TOS(p) p->iph->ip_tos
|
||||
#define GET_IPH_LEN(p) p->iph->ip_len
|
||||
#define GET_IPH_TTL(p) p->iph->ip_ttl
|
||||
#define GET_IPH_VER(p) ((p->iph->ip_verhl & 0xf0) >> 4)
|
||||
#define GET_IPH_ID(p) p->iph->ip_id
|
||||
#define GET_IPH_OFF(p) p->iph->ip_off
|
||||
|
||||
#define GET_ORIG_IPH_VER(p) IP_VER(p->orig_iph)
|
||||
#define GET_ORIG_IPH_LEN(p) p->orig_iph->ip_len
|
||||
#define GET_ORIG_IPH_OFF(p) p->orig_iph->ip_off
|
||||
#define GET_ORIG_IPH_PROTO(p) p->orig_iph->ip_proto
|
||||
|
||||
#define IS_IP4(x) 1
|
||||
#define IS_IP6(x) 0
|
||||
#define IPH_IS_VALID(p) p->iph
|
||||
|
||||
#define IP_CLEAR(x) x = 0;
|
||||
#define IS_SET(x) x
|
||||
|
||||
#define IP_COPY_VALUE(x,y) x = y
|
||||
|
||||
#define GET_IPH_HLEN(p) ((p)->iph->ip_verhl & 0x0f)
|
||||
#define SET_IPH_HLEN(p, val) (((IPHdr *)(p)->iph)->ip_verhl = (unsigned char)(((p)->iph->ip_verhl & 0xf0) | ((val) & 0x0f)))
|
||||
|
||||
#define GET_IP_DGMLEN(p) ntohs(GET_IPH_LEN(p))
|
||||
#define GET_IP_PAYLEN(p) ntohs(GET_IPH_LEN(p)) - (GET_IPH_HLEN(p) << 2)
|
||||
|
||||
#define IP_ARG(ipt) (ipt)
|
||||
#define IP_PTR(ipp) (&ipp)
|
||||
#define IP_VAL(ipt) (ipt)
|
||||
#define IP_SIZE(ipp) (sizeof(ipp))
|
||||
|
||||
static INLINE int sfip_equal (snort_ip ip1, snort_ip ip2)
|
||||
{
|
||||
return IP_EQUALITY(ip1, ip2);
|
||||
}
|
||||
|
||||
#endif /* SUP_IP6 */
|
||||
|
||||
#if !defined(IPPROTO_IPIP) && defined(WIN32) /* Needed for some Win32 */
|
||||
#define IPPROTO_IPIP 4
|
||||
#endif
|
||||
|
||||
#endif /* IPV6_PORT_H */
|
|
@ -0,0 +1,272 @@
|
|||
/******************************************************************************
|
||||
* Copyright (C) 2009-2010 Sourcefire, Inc.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License Version 2 as
|
||||
* published by the Free Software Foundation. You may not use, modify or
|
||||
* distribute this program under any other version of the GNU General
|
||||
* Public License.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program; if not, write to the Free Software
|
||||
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
|
||||
*
|
||||
******************************************************************************/
|
||||
|
||||
#ifndef __OBFUSCATION_H__
|
||||
#define __OBFUSCATION_H__
|
||||
|
||||
#include "sf_types.h"
|
||||
#include "sf_snort_packet.h"
|
||||
#include <pcap.h>
|
||||
|
||||
|
||||
/*******************************************************************************
|
||||
* Macros
|
||||
******************************************************************************/
|
||||
/* This should be defined to be greater than or equal to the maximum
|
||||
* amount of data expected to be obfuscated */
|
||||
#define OB_LENGTH_MAX UINT16_MAX
|
||||
|
||||
|
||||
/*******************************************************************************
|
||||
* Types
|
||||
******************************************************************************/
|
||||
typedef uint8_t ob_char_t;
|
||||
typedef uint16_t ob_size_t;
|
||||
|
||||
typedef enum _ObRet
|
||||
{
|
||||
OB_RET_SUCCESS,
|
||||
OB_RET_ERROR,
|
||||
OB_RET_OVERFLOW
|
||||
|
||||
} ObRet;
|
||||
|
||||
|
||||
/*******************************************************************************
|
||||
* Callback to use for obfuscating payload or stream segments - see API below.
|
||||
*
|
||||
* The first chunk of a payload or stream segment whether needing obfuscation
|
||||
* or not will pass a valid pcap_pkthdr struct. Subsequent calls will pass NULL
|
||||
* for this structure. This is useful, especially for the stream segment API
|
||||
* call to know when a new segment begins. Any new "payload" will have a valid
|
||||
* pcap_pkthdr struct.
|
||||
*
|
||||
* If the slice sent in has a non-NULL packet data pointer, the data should *NOT*
|
||||
* be obfuscated.
|
||||
*
|
||||
* If the chunk sent in has a NULL packet data pointer, then that chunk of data
|
||||
* should be obfuscated with the obfuscation character.
|
||||
*
|
||||
* The length passed in is the amount of data that should be copied from the
|
||||
* packet data pointer or the amount of data that should be written with the
|
||||
* obfuscation character.
|
||||
*
|
||||
* Arguments
|
||||
* struct pcap_pkthdr *pkth
|
||||
* The pcap header that contains the packet caplen and timestamps
|
||||
* uint8_t *packet_data
|
||||
* A pointer to the current offset into the packet data. NULL if
|
||||
* obfuscation of the payload slice is required.
|
||||
* ob_char_t ob_char
|
||||
* The obfuscation character to use if packet_data is NULL.
|
||||
* ob_size_t length
|
||||
* The amount of data to be logged or obfuscated.
|
||||
* void *user_data
|
||||
* The user data passed in to the API functions obfuscatePayload() or
|
||||
* obfuscateStreamSegments below.
|
||||
*
|
||||
* Returns
|
||||
* OB_RET_SUCCESS if all is good
|
||||
* OB_RET_ERROR if the rest of the obfuscation should not be done
|
||||
*
|
||||
******************************************************************************/
|
||||
typedef ObRet (*ObfuscationCallback)
|
||||
(
|
||||
const struct pcap_pkthdr *pkth,
|
||||
const uint8_t *packet_data,
|
||||
ob_size_t length,
|
||||
ob_char_t ob_char,
|
||||
void *user_data
|
||||
);
|
||||
|
||||
|
||||
/*******************************************************************************
|
||||
* Obfuscation API
|
||||
******************************************************************************/
|
||||
typedef struct _ObfuscationApi
|
||||
{
|
||||
/*
|
||||
* Resets/clears any entries that have been added
|
||||
* Should be done per packet aquisition
|
||||
*
|
||||
* Arguments
|
||||
* None
|
||||
*
|
||||
* Returns
|
||||
* None
|
||||
*/
|
||||
|
||||
void (*resetObfuscationEntries)(void);
|
||||
|
||||
|
||||
/*
|
||||
* Adds an obfuscation entry to the queue
|
||||
*
|
||||
* Arguments
|
||||
* SFSnortPacket *p
|
||||
* The SFSnortPacket struct that has the payload data that should be obfuscated
|
||||
* ob_size_t offset
|
||||
* The offset from the beginning of the payload to start obfuscation
|
||||
* ob_size_t length
|
||||
* The amount of data to obfuscate
|
||||
* ob_char_t ob_char
|
||||
* The character to use when obfuscating
|
||||
*
|
||||
* There are two types of entries that can be added. A slice entry that
|
||||
* has an offset and length less than OB_LENGTH_MAX and an entry with
|
||||
* length OB_LENGTH_MAX that implies obfuscating from offset to the end
|
||||
* of the packet data.
|
||||
*
|
||||
* NOTE --
|
||||
* There is a fixed size of slice entries and OB_LENGTH_MAX entries.
|
||||
* If OB_RET_OVERFLOW is returned when attempting to add a slice entry,
|
||||
* a second call can be made to add an OB_LENGTH_MAX entry. Only one
|
||||
* OB_LENGTH_MAX entry can be associated with each Packet. If there is
|
||||
* already an OB_LENGTH_MAX entry for the packet, the lower of the two
|
||||
* offsets will be used. Although you should check for OB_RET_OVERFLOW
|
||||
* when attempting to add an OB_LENGTH_MAX entry, the fixed size should
|
||||
* be more than enough space to store an entry for each possible packet
|
||||
* that could be in the system at the time.
|
||||
*
|
||||
* Returns
|
||||
* OB_RET_SUCCESS on sucess
|
||||
* OB_RET_ERROR on error
|
||||
* OB_RET_OVERFLOW if there is no space left to add an entry
|
||||
*/
|
||||
|
||||
ObRet (*addObfuscationEntry)(SFSnortPacket *p, ob_size_t offset,
|
||||
ob_size_t length, ob_char_t ob_char);
|
||||
|
||||
|
||||
/*
|
||||
* Determines if there are any obfuscation entries associated with
|
||||
* the given Packet
|
||||
*
|
||||
* Arguments
|
||||
* SFSnortPacket *
|
||||
* The SFSnortPacket to check
|
||||
*
|
||||
* Returns
|
||||
* 1 if the packet requires obfuscation
|
||||
* 0 if it doesn't
|
||||
*/
|
||||
|
||||
int (*payloadObfuscationRequired)(SFSnortPacket *p);
|
||||
|
||||
|
||||
/*
|
||||
* Obfuscate the payload associated with the Packet. Mainly for use by the
|
||||
* output system to print or log an obfuscated payload. The callback will
|
||||
* be called for both payload segments that need obfuscation and those that
|
||||
* don't. See comment on ObfuscationCallback above.
|
||||
*
|
||||
* Arguments
|
||||
* SFSnortPacket *
|
||||
* The SFSnortPacket whose payload should be obfuscated
|
||||
* ObfuscationCallback
|
||||
* The function that will be called for each obfuscated and
|
||||
* non-obfuscated segment in the payload
|
||||
* void *
|
||||
* User data that will be passed to the callback
|
||||
*
|
||||
* Returns
|
||||
* OB_RET_SUCCESS on sucess
|
||||
* OB_RET_ERROR on error
|
||||
*/
|
||||
|
||||
ObRet (*obfuscatePacket)(SFSnortPacket *p,
|
||||
ObfuscationCallback callback, void *user_data);
|
||||
|
||||
|
||||
/*
|
||||
* Obfuscate the stream segments associated with the Packet. Mainly for use
|
||||
* by the output system to print or log the stream segments associated with
|
||||
* a SFSnortPacket that have been marked as needing obfuscation. The callback will
|
||||
* be called for both stream segments that need obfuscation and those that
|
||||
* don't. It will be called for all stream segments. See comment on
|
||||
* ObfuscationCallback above.
|
||||
*
|
||||
* Arguments
|
||||
* SFSnortPacket *
|
||||
* The SFSnortPacket whose stream segments should be obfuscated
|
||||
* ObfuscationCallback
|
||||
* The function that will be called for each obfuscated and
|
||||
* non-obfuscated part of the stream segments.
|
||||
* void *
|
||||
* User data that will be passed to the callback
|
||||
*
|
||||
* Returns
|
||||
* OB_RET_SUCCESS on sucess
|
||||
* OB_RET_ERROR on error
|
||||
*/
|
||||
|
||||
ObRet (*obfuscatePacketStreamSegments)(SFSnortPacket *p,
|
||||
ObfuscationCallback callback, void *user_data);
|
||||
|
||||
|
||||
/*
|
||||
* Obfuscates the SFSnortPacket payload and returns payload and payload length
|
||||
* in parameters
|
||||
*
|
||||
* NOTE
|
||||
* *payload will be set to NULL, so don't pass in an already
|
||||
* allocated pointer.
|
||||
* *payload_len will be zeroed.
|
||||
*
|
||||
* The payload returned is dynamically allocated and MUST be free'd.
|
||||
*
|
||||
* Arguments
|
||||
* SFSnortPacket *
|
||||
* The SFSnortPacket whose payload should be obfuscated
|
||||
* uint8_t **payload
|
||||
* A pointer to a payload pointer so it can be allocated, returned
|
||||
* and accessed.
|
||||
* ob_size_t *payload_len
|
||||
* A pointer to an ob_size_t so the length can be returned.
|
||||
*
|
||||
* Returns
|
||||
* OB_RET_ERROR if the payload could not be obfuscated
|
||||
* the pointers to payload and payload_len will not be valid
|
||||
* OB_RET_SUCCESS if the payload was obfuscated
|
||||
* the pointers to payload and payload_len will be valid
|
||||
*/
|
||||
|
||||
ObRet (*getObfuscatedPayload)(SFSnortPacket *p, uint8_t **payload,
|
||||
ob_size_t *payload_len);
|
||||
|
||||
/*
|
||||
* Prints the current obfuscation entries.
|
||||
*
|
||||
* Arguments
|
||||
* int sorted
|
||||
* Print the sorted entries and sort if necessary.
|
||||
*
|
||||
* Returns
|
||||
* None
|
||||
*/
|
||||
|
||||
void (*printObfuscationEntries)(int sorted);
|
||||
|
||||
} ObfuscationApi;
|
||||
|
||||
/* For access when including header */
|
||||
extern ObfuscationApi *obApi;
|
||||
|
||||
#endif /* __OBFUSCATION_H__ */
|
|
@ -0,0 +1,272 @@
|
|||
/******************************************************************************
|
||||
* Copyright (C) 2009-2010 Sourcefire, Inc.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License Version 2 as
|
||||
* published by the Free Software Foundation. You may not use, modify or
|
||||
* distribute this program under any other version of the GNU General
|
||||
* Public License.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program; if not, write to the Free Software
|
||||
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
|
||||
*
|
||||
******************************************************************************/
|
||||
|
||||
#ifndef __OBFUSCATION_H__
|
||||
#define __OBFUSCATION_H__
|
||||
|
||||
#include "sf_types.h"
|
||||
#include "decode.h"
|
||||
#include <pcap.h>
|
||||
|
||||
|
||||
/*******************************************************************************
|
||||
* Macros
|
||||
******************************************************************************/
|
||||
/* This should be defined to be greater than or equal to the maximum
|
||||
* amount of data expected to be obfuscated */
|
||||
#define OB_LENGTH_MAX UINT16_MAX
|
||||
|
||||
|
||||
/*******************************************************************************
|
||||
* Types
|
||||
******************************************************************************/
|
||||
typedef uint8_t ob_char_t;
|
||||
typedef uint16_t ob_size_t;
|
||||
|
||||
typedef enum _ObRet
|
||||
{
|
||||
OB_RET_SUCCESS,
|
||||
OB_RET_ERROR,
|
||||
OB_RET_OVERFLOW
|
||||
|
||||
} ObRet;
|
||||
|
||||
|
||||
/*******************************************************************************
|
||||
* Callback to use for obfuscating payload or stream segments - see API below.
|
||||
*
|
||||
* The first chunk of a payload or stream segment whether needing obfuscation
|
||||
* or not will pass a valid pcap_pkthdr struct. Subsequent calls will pass NULL
|
||||
* for this structure. This is useful, especially for the stream segment API
|
||||
* call to know when a new segment begins. Any new "payload" will have a valid
|
||||
* pcap_pkthdr struct.
|
||||
*
|
||||
* If the slice sent in has a non-NULL packet data pointer, the data should *NOT*
|
||||
* be obfuscated.
|
||||
*
|
||||
* If the chunk sent in has a NULL packet data pointer, then that chunk of data
|
||||
* should be obfuscated with the obfuscation character.
|
||||
*
|
||||
* The length passed in is the amount of data that should be copied from the
|
||||
* packet data pointer or the amount of data that should be written with the
|
||||
* obfuscation character.
|
||||
*
|
||||
* Arguments
|
||||
* struct pcap_pkthdr *pkth
|
||||
* The pcap header that contains the packet caplen and timestamps
|
||||
* uint8_t *packet_data
|
||||
* A pointer to the current offset into the packet data. NULL if
|
||||
* obfuscation of the payload slice is required.
|
||||
* ob_char_t ob_char
|
||||
* The obfuscation character to use if packet_data is NULL.
|
||||
* ob_size_t length
|
||||
* The amount of data to be logged or obfuscated.
|
||||
* void *user_data
|
||||
* The user data passed in to the API functions obfuscatePayload() or
|
||||
* obfuscateStreamSegments below.
|
||||
*
|
||||
* Returns
|
||||
* OB_RET_SUCCESS if all is good
|
||||
* OB_RET_ERROR if the rest of the obfuscation should not be done
|
||||
*
|
||||
******************************************************************************/
|
||||
typedef ObRet (*ObfuscationCallback)
|
||||
(
|
||||
const struct pcap_pkthdr *pkth,
|
||||
const uint8_t *packet_data,
|
||||
ob_size_t length,
|
||||
ob_char_t ob_char,
|
||||
void *user_data
|
||||
);
|
||||
|
||||
|
||||
/*******************************************************************************
|
||||
* Obfuscation API
|
||||
******************************************************************************/
|
||||
typedef struct _ObfuscationApi
|
||||
{
|
||||
/*
|
||||
* Resets/clears any entries that have been added
|
||||
* Should be done per packet aquisition
|
||||
*
|
||||
* Arguments
|
||||
* None
|
||||
*
|
||||
* Returns
|
||||
* None
|
||||
*/
|
||||
|
||||
void (*resetObfuscationEntries)(void);
|
||||
|
||||
|
||||
/*
|
||||
* Adds an obfuscation entry to the queue
|
||||
*
|
||||
* Arguments
|
||||
* Packet *p
|
||||
* The Packet struct that has the payload data that should be obfuscated
|
||||
* ob_size_t offset
|
||||
* The offset from the beginning of the payload to start obfuscation
|
||||
* ob_size_t length
|
||||
* The amount of data to obfuscate
|
||||
* ob_char_t ob_char
|
||||
* The character to use when obfuscating
|
||||
*
|
||||
* There are two types of entries that can be added. A slice entry that
|
||||
* has an offset and length less than OB_LENGTH_MAX and an entry with
|
||||
* length OB_LENGTH_MAX that implies obfuscating from offset to the end
|
||||
* of the packet data.
|
||||
*
|
||||
* NOTE --
|
||||
* There is a fixed size of slice entries and OB_LENGTH_MAX entries.
|
||||
* If OB_RET_OVERFLOW is returned when attempting to add a slice entry,
|
||||
* a second call can be made to add an OB_LENGTH_MAX entry. Only one
|
||||
* OB_LENGTH_MAX entry can be associated with each Packet. If there is
|
||||
* already an OB_LENGTH_MAX entry for the packet, the lower of the two
|
||||
* offsets will be used. Although you should check for OB_RET_OVERFLOW
|
||||
* when attempting to add an OB_LENGTH_MAX entry, the fixed size should
|
||||
* be more than enough space to store an entry for each possible packet
|
||||
* that could be in the system at the time.
|
||||
*
|
||||
* Returns
|
||||
* OB_RET_SUCCESS on sucess
|
||||
* OB_RET_ERROR on error
|
||||
* OB_RET_OVERFLOW if there is no space left to add an entry
|
||||
*/
|
||||
|
||||
ObRet (*addObfuscationEntry)(Packet *p, ob_size_t offset,
|
||||
ob_size_t length, ob_char_t ob_char);
|
||||
|
||||
|
||||
/*
|
||||
* Determines if there are any obfuscation entries associated with
|
||||
* the given Packet
|
||||
*
|
||||
* Arguments
|
||||
* Packet *
|
||||
* The Packet to check
|
||||
*
|
||||
* Returns
|
||||
* 1 if the packet requires obfuscation
|
||||
* 0 if it doesn't
|
||||
*/
|
||||
|
||||
int (*payloadObfuscationRequired)(Packet *p);
|
||||
|
||||
|
||||
/*
|
||||
* Obfuscate the payload associated with the Packet. Mainly for use by the
|
||||
* output system to print or log an obfuscated payload. The callback will
|
||||
* be called for both payload segments that need obfuscation and those that
|
||||
* don't. See comment on ObfuscationCallback above.
|
||||
*
|
||||
* Arguments
|
||||
* Packet *
|
||||
* The Packet whose payload should be obfuscated
|
||||
* ObfuscationCallback
|
||||
* The function that will be called for each obfuscated and
|
||||
* non-obfuscated segment in the payload
|
||||
* void *
|
||||
* User data that will be passed to the callback
|
||||
*
|
||||
* Returns
|
||||
* OB_RET_SUCCESS on sucess
|
||||
* OB_RET_ERROR on error
|
||||
*/
|
||||
|
||||
ObRet (*obfuscatePacket)(Packet *p,
|
||||
ObfuscationCallback callback, void *user_data);
|
||||
|
||||
|
||||
/*
|
||||
* Obfuscate the stream segments associated with the Packet. Mainly for use
|
||||
* by the output system to print or log the stream segments associated with
|
||||
* a Packet that have been marked as needing obfuscation. The callback will
|
||||
* be called for both stream segments that need obfuscation and those that
|
||||
* don't. It will be called for all stream segments. See comment on
|
||||
* ObfuscationCallback above.
|
||||
*
|
||||
* Arguments
|
||||
* Packet *
|
||||
* The Packet whose stream segments should be obfuscated
|
||||
* ObfuscationCallback
|
||||
* The function that will be called for each obfuscated and
|
||||
* non-obfuscated part of the stream segments.
|
||||
* void *
|
||||
* User data that will be passed to the callback
|
||||
*
|
||||
* Returns
|
||||
* OB_RET_SUCCESS on sucess
|
||||
* OB_RET_ERROR on error
|
||||
*/
|
||||
|
||||
ObRet (*obfuscatePacketStreamSegments)(Packet *p,
|
||||
ObfuscationCallback callback, void *user_data);
|
||||
|
||||
|
||||
/*
|
||||
* Obfuscates the Packet payload and returns payload and payload length
|
||||
* in parameters
|
||||
*
|
||||
* NOTE
|
||||
* *payload will be set to NULL, so don't pass in an already
|
||||
* allocated pointer.
|
||||
* *payload_len will be zeroed.
|
||||
*
|
||||
* The payload returned is dynamically allocated and MUST be free'd.
|
||||
*
|
||||
* Arguments
|
||||
* Packet *
|
||||
* The Packet whose payload should be obfuscated
|
||||
* uint8_t **payload
|
||||
* A pointer to a payload pointer so it can be allocated, returned
|
||||
* and accessed.
|
||||
* ob_size_t *payload_len
|
||||
* A pointer to an ob_size_t so the length can be returned.
|
||||
*
|
||||
* Returns
|
||||
* OB_RET_ERROR if the payload could not be obfuscated
|
||||
* the pointers to payload and payload_len will not be valid
|
||||
* OB_RET_SUCCESS if the payload was obfuscated
|
||||
* the pointers to payload and payload_len will be valid
|
||||
*/
|
||||
|
||||
ObRet (*getObfuscatedPayload)(Packet *p, uint8_t **payload,
|
||||
ob_size_t *payload_len);
|
||||
|
||||
/*
|
||||
* Prints the current obfuscation entries.
|
||||
*
|
||||
* Arguments
|
||||
* int sorted
|
||||
* Print the sorted entries and sort if necessary.
|
||||
*
|
||||
* Returns
|
||||
* None
|
||||
*/
|
||||
|
||||
void (*printObfuscationEntries)(int sorted);
|
||||
|
||||
} ObfuscationApi;
|
||||
|
||||
/* For access when including header */
|
||||
extern ObfuscationApi *obApi;
|
||||
|
||||
#endif /* __OBFUSCATION_H__ */
|
|
@ -0,0 +1,61 @@
|
|||
/*
|
||||
** Copyright (C) 2007-2010 Sourcefire, Inc.
|
||||
**
|
||||
** This program is free software; you can redistribute it and/or modify
|
||||
** it under the terms of the GNU General Public License Version 2 as
|
||||
** published by the Free Software Foundation. You may not use, modify or
|
||||
** distribute this program under any other version of the GNU General
|
||||
** Public License.
|
||||
**
|
||||
** This program is distributed in the hope that it will be useful,
|
||||
** but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
** MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
** GNU General Public License for more details.
|
||||
**
|
||||
** You should have received a copy of the GNU General Public License
|
||||
** along with this program; if not, write to the Free Software
|
||||
** Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
|
||||
*/
|
||||
|
||||
#ifndef __PCAP_PKTHDR32_H__
|
||||
#define __PCAP_PKTHDR32_H__
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
#include "config.h"
|
||||
#endif
|
||||
|
||||
#ifdef WIN32
|
||||
#include <winsock2.h>
|
||||
#else
|
||||
#include <sys/time.h>
|
||||
#endif
|
||||
|
||||
#include <stdlib.h>
|
||||
#include <time.h>
|
||||
#include <sys/types.h>
|
||||
|
||||
#include "sf_types.h"
|
||||
|
||||
|
||||
/* we must use fixed size of 32 bits, because on-disk
|
||||
* format of savefiles uses 32-bit tv_sec (and tv_usec)
|
||||
*/
|
||||
struct sf_timeval32
|
||||
{
|
||||
uint32_t tv_sec; /* seconds */
|
||||
uint32_t tv_usec; /* microseconds */
|
||||
};
|
||||
|
||||
/* this is equivalent to the pcap pkthdr struct, but we need
|
||||
* a 32 bit one for unified output
|
||||
*/
|
||||
struct pcap_pkthdr32
|
||||
{
|
||||
struct sf_timeval32 ts; /* packet timestamp */
|
||||
uint32_t caplen; /* packet capture length */
|
||||
uint32_t pktlen; /* packet "real" length */
|
||||
};
|
||||
|
||||
|
||||
#endif // __PCAP_PKTHDR32_H__
|
||||
|
|
@ -0,0 +1,67 @@
|
|||
/* $Id$ */
|
||||
/****************************************************************************
|
||||
*
|
||||
* Copyright (C) 2003-2010 Sourcefire, Inc.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License Version 2 as
|
||||
* published by the Free Software Foundation. You may not use, modify or
|
||||
* distribute this program under any other version of the GNU General
|
||||
* Public License.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program; if not, write to the Free Software
|
||||
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
|
||||
*
|
||||
****************************************************************************/
|
||||
|
||||
/*
|
||||
Purpose: Enumerate all the various detection plugins entries for
|
||||
otn->ds_list[]
|
||||
|
||||
No more grepping to make your own plugin!
|
||||
*/
|
||||
|
||||
#ifndef _PLUGIN_ENUM_H
|
||||
#define _PLUGIN_ENUM_H
|
||||
|
||||
enum {
|
||||
PLUGIN_CLIENTSERVER,
|
||||
PLUGIN_DSIZE_CHECK,
|
||||
PLUGIN_FRAG_BITS,
|
||||
PLUGIN_FRAG_OFFSET,
|
||||
PLUGIN_ICMP_CODE,
|
||||
PLUGIN_ICMP_ID_CHECK,
|
||||
PLUGIN_ICMP_SEQ_CHECK,
|
||||
PLUGIN_ICMP_TYPE,
|
||||
PLUGIN_IPOPTION_CHECK,
|
||||
PLUGIN_IP_ID_CHECK,
|
||||
PLUGIN_IP_PROTO_CHECK,
|
||||
PLUGIN_IP_SAME_CHECK,
|
||||
PLUGIN_IP_TOS_CHECK,
|
||||
PLUGIN_PATTERN_MATCH, /* AND match */
|
||||
PLUGIN_PATTERN_MATCH_OR,
|
||||
PLUGIN_PATTERN_MATCH_URI,
|
||||
PLUGIN_RESPOND,
|
||||
PLUGIN_RPC_CHECK,
|
||||
PLUGIN_SESSION,
|
||||
PLUGIN_TCP_ACK_CHECK,
|
||||
PLUGIN_TCP_FLAG_CHECK,
|
||||
PLUGIN_TCP_SEQ_CHECK,
|
||||
PLUGIN_TCP_WIN_CHECK,
|
||||
PLUGIN_TTL_CHECK,
|
||||
PLUGIN_BYTE_TEST,
|
||||
PLUGIN_PCRE,
|
||||
PLUGIN_URILEN_CHECK,
|
||||
PLUGIN_DYNAMIC,
|
||||
PLUGIN_FLOWBIT,
|
||||
PLUGIN_MAX /* sentinel value */
|
||||
};
|
||||
|
||||
#endif /* _PLUGIN_ENUM_H */
|
||||
|
|
@ -0,0 +1,90 @@
|
|||
/****************************************************************************
|
||||
*
|
||||
* Copyright (C) 2005-2010 Sourcefire, Inc.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License Version 2 as
|
||||
* published by the Free Software Foundation. You may not use, modify or
|
||||
* distribute this program under any other version of the GNU General
|
||||
* Public License.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program; if not, write to the Free Software
|
||||
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
|
||||
*
|
||||
****************************************************************************/
|
||||
|
||||
#ifndef _PREPROC_IDS_H
|
||||
#define _PREPROC_IDS_H
|
||||
|
||||
/*
|
||||
** Preprocessor Communication Defines
|
||||
** ----------------------------------
|
||||
** These defines allow preprocessors to be turned
|
||||
** on and off for each packet. Preprocessors can be
|
||||
** turned off and on before preprocessing occurs and
|
||||
** during preprocessing.
|
||||
**
|
||||
** Currently, the order in which the preprocessors are
|
||||
** placed in the snort.conf determine the order of
|
||||
** evaluation. So if one module wants to turn off
|
||||
** another module, it must come first in the order.
|
||||
*/
|
||||
|
||||
#define PP_BO 0
|
||||
#define PP_DCERPC 1
|
||||
#define PP_DNS 2
|
||||
#define PP_FRAG3 3
|
||||
#define PP_FTPTELNET 4
|
||||
#define PP_HTTPINSPECT 5
|
||||
#define PP_PERFMONITOR 6
|
||||
#define PP_RPCDECODE 7
|
||||
#define PP_RULES 8
|
||||
#define PP_SFPORTSCAN 9
|
||||
#define PP_SMTP 10
|
||||
#define PP_SSH 11
|
||||
#define PP_SSL 12
|
||||
#define PP_STREAM5 13
|
||||
#define PP_TELNET 14
|
||||
#define PP_ARPSPOOF 15
|
||||
#define PP_DCE2 16
|
||||
#define PP_SDF 17
|
||||
|
||||
// used externally
|
||||
#define PP_ISAKMP 18
|
||||
#define PP_SKYPE 19
|
||||
|
||||
// currently 32 bits (preprocessors)
|
||||
// are available. most of these can
|
||||
// be deleted:
|
||||
#if 0
|
||||
#define PP_ASN1DECODE 17
|
||||
#define PP_CONVERSATION 18
|
||||
#define PP_FLOW 19
|
||||
#define PP_FRAG2 20
|
||||
#define PP_FNORD 21
|
||||
#define PP_HTTPFLOW 22
|
||||
#define PP_LOADBALANCING 24
|
||||
#define PP_PORTSCAN 25
|
||||
#define PP_PORTSCAN2 26
|
||||
#define PP_PORTSCAN_IGNORE_HOSTS 27
|
||||
#endif
|
||||
|
||||
#define PP_ALL_ON 0xFFFFFFFF
|
||||
#define PP_ALL_OFF 0x00000000
|
||||
|
||||
#define PRIORITY_FIRST 0x0
|
||||
#define PRIORITY_NETWORK 0x10
|
||||
#define PRIORITY_TRANSPORT 0x100
|
||||
#define PRIORITY_TUNNEL 0x105
|
||||
#define PRIORITY_SCANNER 0x110
|
||||
#define PRIORITY_APPLICATION 0x200
|
||||
#define PRIORITY_LAST 0xffff
|
||||
|
||||
#endif /* _PREPROC_IDS_H */
|
||||
|
|
@ -0,0 +1,183 @@
|
|||
/*
|
||||
** Copyright (C) 2005-2010 Sourcefire, Inc.
|
||||
** Author: Steven Sturges <ssturges@sourcefire.com>
|
||||
**
|
||||
** This program is free software; you can redistribute it and/or modify
|
||||
** it under the terms of the GNU General Public License Version 2 as
|
||||
** published by the Free Software Foundation. You may not use, modify or
|
||||
** distribute this program under any other version of the GNU General
|
||||
** Public License.
|
||||
**
|
||||
** This program is distributed in the hope that it will be useful,
|
||||
** but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
** MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
** GNU General Public License for more details.
|
||||
**
|
||||
** You should have received a copy of the GNU General Public License
|
||||
** along with this program; if not, write to the Free Software
|
||||
** Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
|
||||
*/
|
||||
|
||||
/* $Id$ */
|
||||
|
||||
#ifndef __PROFILER_H__
|
||||
#define __PROFILER_H__
|
||||
|
||||
#ifdef PERF_PROFILING
|
||||
|
||||
#include "sf_types.h"
|
||||
#include "cpuclock.h"
|
||||
|
||||
/* Sort preferences for rule profiling */
|
||||
#define PROFILE_SORT_CHECKS 1
|
||||
#define PROFILE_SORT_MATCHES 2
|
||||
#define PROFILE_SORT_NOMATCHES 3
|
||||
#define PROFILE_SORT_AVG_TICKS 4
|
||||
#define PROFILE_SORT_AVG_TICKS_PER_MATCH 5
|
||||
#define PROFILE_SORT_AVG_TICKS_PER_NOMATCH 6
|
||||
#define PROFILE_SORT_TOTAL_TICKS 7
|
||||
|
||||
/* MACROS that handle profiling of rules and preprocessors */
|
||||
#define PROFILE_VARS uint64_t ticks_start = 0, ticks_end = 0, ticks_delta = 0
|
||||
|
||||
#define PROFILE_START \
|
||||
get_clockticks(ticks_start);
|
||||
|
||||
#define PROFILE_END \
|
||||
get_clockticks(ticks_end); \
|
||||
ticks_delta = ticks_end - ticks_start;
|
||||
|
||||
#ifndef PROFILING_RULES
|
||||
#define PROFILING_RULES ScProfileRules()
|
||||
#endif
|
||||
|
||||
#define NODE_PROFILE_VARS uint64_t ticks_start = 0, ticks_end = 0, ticks_delta = 0, node_deltas = 0
|
||||
|
||||
#define NODE_PROFILE_START(node) \
|
||||
if (PROFILING_RULES) { \
|
||||
node->checks++; \
|
||||
PROFILE_START; \
|
||||
}
|
||||
|
||||
#define NODE_PROFILE_END_MATCH(node) \
|
||||
if (PROFILING_RULES) { \
|
||||
PROFILE_END; \
|
||||
node->ticks += ticks_delta + node_deltas; \
|
||||
node->ticks_match += ticks_delta + node_deltas; \
|
||||
}
|
||||
|
||||
#define NODE_PROFILE_END_NOMATCH(node) \
|
||||
if (PROFILING_RULES) { \
|
||||
PROFILE_END; \
|
||||
node->ticks += ticks_delta + node_deltas; \
|
||||
node->ticks_no_match += ticks_delta + node_deltas; \
|
||||
}
|
||||
|
||||
#define NODE_PROFILE_TMPSTART(node) \
|
||||
if (PROFILING_RULES) { \
|
||||
PROFILE_START; \
|
||||
}
|
||||
|
||||
#define NODE_PROFILE_TMPEND(node) \
|
||||
if (PROFILING_RULES) { \
|
||||
PROFILE_END; \
|
||||
node_deltas += ticks_delta; \
|
||||
}
|
||||
|
||||
#define OTN_PROFILE_ALERT(otn) otn->alerts++;
|
||||
|
||||
#ifndef PROFILING_PREPROCS
|
||||
#define PROFILING_PREPROCS ScProfilePreprocs()
|
||||
#endif
|
||||
|
||||
#define PREPROC_PROFILE_START(ppstat) \
|
||||
if (PROFILING_PREPROCS) { \
|
||||
ppstat.checks++; \
|
||||
PROFILE_START; \
|
||||
ppstat.ticks_start = ticks_start; \
|
||||
}
|
||||
|
||||
#define PREPROC_PROFILE_REENTER_START(ppstat) \
|
||||
if (PROFILING_PREPROCS) { \
|
||||
PROFILE_START; \
|
||||
ppstat.ticks_start = ticks_start; \
|
||||
}
|
||||
|
||||
#define PREPROC_PROFILE_TMPSTART(ppstat) \
|
||||
if (PROFILING_PREPROCS) { \
|
||||
PROFILE_START; \
|
||||
ppstat.ticks_start = ticks_start; \
|
||||
}
|
||||
|
||||
#define PREPROC_PROFILE_END(ppstat) \
|
||||
if (PROFILING_PREPROCS) { \
|
||||
PROFILE_END; \
|
||||
ppstat.exits++; \
|
||||
ppstat.ticks += ticks_end - ppstat.ticks_start; \
|
||||
}
|
||||
|
||||
#define PREPROC_PROFILE_REENTER_END(ppstat) \
|
||||
if (PROFILING_PREPROCS) { \
|
||||
PROFILE_END; \
|
||||
ppstat.ticks += ticks_end - ppstat.ticks_start; \
|
||||
}
|
||||
|
||||
#define PREPROC_PROFILE_TMPEND(ppstat) \
|
||||
if (PROFILING_PREPROCS) { \
|
||||
PROFILE_END; \
|
||||
ppstat.ticks += ticks_end - ppstat.ticks_start; \
|
||||
}
|
||||
|
||||
/************** Profiling API ******************/
|
||||
void ShowRuleProfiles(void);
|
||||
|
||||
/* Preprocessor stats info */
|
||||
typedef struct _PreprocStats
|
||||
{
|
||||
uint64_t ticks, ticks_start;
|
||||
uint64_t checks;
|
||||
uint64_t exits;
|
||||
} PreprocStats;
|
||||
|
||||
typedef struct _PreprocStatsNode
|
||||
{
|
||||
PreprocStats *stats;
|
||||
char *name;
|
||||
int layer;
|
||||
PreprocStats *parent;
|
||||
struct _PreprocStatsNode *next;
|
||||
} PreprocStatsNode;
|
||||
|
||||
typedef struct _ProfileConfig
|
||||
{
|
||||
int num;
|
||||
int sort;
|
||||
int append;
|
||||
char *filename;
|
||||
|
||||
} ProfileConfig;
|
||||
|
||||
void RegisterPreprocessorProfile(char *keyword, PreprocStats *stats, int layer, PreprocStats *parent);
|
||||
void ShowPreprocProfiles(void);
|
||||
void ResetRuleProfiling(void);
|
||||
void ResetPreprocProfiling(void);
|
||||
void CleanupPreprocStatsNodeList(void);
|
||||
extern PreprocStats totalPerfStats;
|
||||
#else
|
||||
#define PROFILE_VARS
|
||||
#define NODE_PROFILE_VARS
|
||||
#define NODE_PROFILE_START(node)
|
||||
#define NODE_PROFILE_END_MATCH(node)
|
||||
#define NODE_PROFILE_END_NOMATCH(node)
|
||||
#define NODE_PROFILE_TMPSTART(node)
|
||||
#define NODE_PROFILE_TMPEND(node)
|
||||
#define OTN_PROFILE_ALERT(otn)
|
||||
#define PREPROC_PROFILE_START(ppstat)
|
||||
#define PREPROC_PROFILE_REENTER_START(ppstat)
|
||||
#define PREPROC_PROFILE_TMPSTART(ppstat)
|
||||
#define PREPROC_PROFILE_END(ppstat)
|
||||
#define PREPROC_PROFILE_REENTER_END(ppstat)
|
||||
#define PREPROC_PROFILE_TMPEND(ppstat)
|
||||
#endif
|
||||
|
||||
#endif /* __PROFILER_H__ */
|
|
@ -0,0 +1,72 @@
|
|||
/****************************************************************************
|
||||
* Copyright (C) 2008-2010 Sourcefire, Inc.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License Version 2 as
|
||||
* published by the Free Software Foundation. You may not use, modify or
|
||||
* distribute this program under any other version of the GNU General
|
||||
* Public License.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program; if not, write to the Free Software
|
||||
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
|
||||
*
|
||||
****************************************************************************/
|
||||
#ifndef RULE_OPTION_TYPES__H
|
||||
#define RULE_OPTION_TYPES__H
|
||||
|
||||
typedef enum _option_type_t
|
||||
{
|
||||
RULE_OPTION_TYPE_LEAF_NODE,
|
||||
RULE_OPTION_TYPE_ASN1,
|
||||
RULE_OPTION_TYPE_BYTE_TEST,
|
||||
RULE_OPTION_TYPE_BYTE_JUMP,
|
||||
RULE_OPTION_TYPE_FLOW,
|
||||
RULE_OPTION_TYPE_CVS,
|
||||
RULE_OPTION_TYPE_DSIZE,
|
||||
RULE_OPTION_TYPE_FLOWBIT,
|
||||
RULE_OPTION_TYPE_FTPBOUNCE,
|
||||
RULE_OPTION_TYPE_ICMP_CODE,
|
||||
RULE_OPTION_TYPE_ICMP_ID,
|
||||
RULE_OPTION_TYPE_ICMP_SEQ,
|
||||
RULE_OPTION_TYPE_ICMP_TYPE,
|
||||
RULE_OPTION_TYPE_IP_FRAGBITS,
|
||||
RULE_OPTION_TYPE_IP_FRAG_OFFSET,
|
||||
RULE_OPTION_TYPE_IP_ID,
|
||||
RULE_OPTION_TYPE_IP_OPTION,
|
||||
RULE_OPTION_TYPE_IP_PROTO,
|
||||
RULE_OPTION_TYPE_IP_SAME,
|
||||
RULE_OPTION_TYPE_IP_TOS,
|
||||
RULE_OPTION_TYPE_IS_DATA_AT,
|
||||
RULE_OPTION_TYPE_FILE_DATA,
|
||||
RULE_OPTION_TYPE_CONTENT,
|
||||
RULE_OPTION_TYPE_CONTENT_URI,
|
||||
RULE_OPTION_TYPE_PCRE,
|
||||
#ifdef ENABLE_REACT
|
||||
RULE_OPTION_TYPE_REACT,
|
||||
#endif
|
||||
#ifdef ENABLE_RESPOND
|
||||
RULE_OPTION_TYPE_RESPOND,
|
||||
#endif
|
||||
RULE_OPTION_TYPE_RPC_CHECK,
|
||||
RULE_OPTION_TYPE_SESSION,
|
||||
RULE_OPTION_TYPE_TCP_ACK,
|
||||
RULE_OPTION_TYPE_TCP_FLAG,
|
||||
RULE_OPTION_TYPE_TCP_SEQ,
|
||||
RULE_OPTION_TYPE_TCP_WIN,
|
||||
RULE_OPTION_TYPE_TTL,
|
||||
RULE_OPTION_TYPE_URILEN
|
||||
#ifdef DYNAMIC_PLUGIN
|
||||
,
|
||||
RULE_OPTION_TYPE_HDR_OPT_CHECK,
|
||||
RULE_OPTION_TYPE_PREPROCESSOR,
|
||||
RULE_OPTION_TYPE_DYNAMIC
|
||||
#endif
|
||||
} option_type_t;
|
||||
|
||||
#endif /* RULE_OPTION_TYPES__H */
|
|
@ -0,0 +1,164 @@
|
|||
/****************************************************************************
|
||||
* Copyright (C) 2008-2010 Sourcefire, Inc.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License Version 2 as
|
||||
* published by the Free Software Foundation. You may not use, modify or
|
||||
* distribute this program under any other version of the GNU General
|
||||
* Public License.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program; if not, write to the Free Software
|
||||
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
|
||||
*
|
||||
****************************************************************************/
|
||||
|
||||
#ifndef _SF_POLICY_H_
|
||||
#define _SF_POLICY_H_
|
||||
|
||||
#include "sf_ip.h"
|
||||
#include "ipv6_port.h"
|
||||
#include "sfrt.h"
|
||||
#include "debug.h"
|
||||
|
||||
/**Number of additional policies allocated with each re-alloc operation. */
|
||||
#define POLICY_ALLOCATION_CHUNK 10
|
||||
#define SF_VLAN_BINDING_MAX 4096
|
||||
#define SF_NETWORK_BINDING_MAX 4096
|
||||
#define SF_VLAN_UNBOUND 0xffffffff
|
||||
|
||||
|
||||
//vlan id or address range is reduced to policy id. and subsequent processing is done using policy id only.
|
||||
|
||||
typedef struct
|
||||
{
|
||||
/**number of vlans which are member of this group. When membership falls to 0, then this group should be deleted.
|
||||
*/
|
||||
unsigned int refCount;
|
||||
char *filename;
|
||||
unsigned int isConfigProcessed:1;
|
||||
|
||||
} tSfPolicy;
|
||||
|
||||
typedef enum {
|
||||
SF_BINDING_TYPE_VLAN,
|
||||
SF_BINDING_TYPE_NETWORK,
|
||||
SF_BINDING_TYPE_UNKNOWN
|
||||
} tSF_BINDING_TYPE;
|
||||
|
||||
typedef unsigned int tSfPolicyId;
|
||||
|
||||
typedef struct
|
||||
{
|
||||
/**group id assigned to each file name. The groupId is an abstract concept
|
||||
* to tie multiple vlans into one group. */
|
||||
tSfPolicy **ppPolicies;
|
||||
tSfPolicyId defaultPolicyId;
|
||||
/**policy id of configuration file or packet being processed. */
|
||||
tSfPolicyId numAllocatedPolicies;
|
||||
unsigned int numActivePolicies;
|
||||
/**vlan to policyId bindings. */
|
||||
tSfPolicyId vlanBindings[SF_VLAN_BINDING_MAX];
|
||||
/**Network to policyId bindings. */
|
||||
table_t *netBindTable;
|
||||
|
||||
} tSfPolicyConfig;
|
||||
|
||||
|
||||
extern tSfPolicyId runtimePolicyId;
|
||||
extern tSfPolicyId parserPolicyId;
|
||||
|
||||
tSfPolicyConfig * sfPolicyInit(
|
||||
void
|
||||
);
|
||||
void sfPolicyFini(
|
||||
tSfPolicyConfig *
|
||||
);
|
||||
int sfPolicyAdd(
|
||||
tSfPolicyConfig *,
|
||||
char *
|
||||
);
|
||||
void sfPolicyDelete(
|
||||
tSfPolicyConfig *,
|
||||
tSfPolicyId
|
||||
);
|
||||
char * sfPolicyGet(
|
||||
tSfPolicyConfig *,
|
||||
tSfPolicyId
|
||||
);
|
||||
int sfVlanAddBinding(
|
||||
tSfPolicyConfig *,
|
||||
int,
|
||||
char *
|
||||
);
|
||||
tSfPolicyId sfVlanGetBinding(
|
||||
tSfPolicyConfig *,
|
||||
int
|
||||
);
|
||||
void sfVlanDeleteBinding(
|
||||
tSfPolicyConfig *,
|
||||
int
|
||||
);
|
||||
unsigned int sfGetApplicablePolicyId(
|
||||
tSfPolicyConfig *,
|
||||
int,
|
||||
snort_ip_p,
|
||||
snort_ip_p
|
||||
);
|
||||
int sfNetworkAddBinding(
|
||||
tSfPolicyConfig *,
|
||||
sfip_t *,
|
||||
char *
|
||||
);
|
||||
unsigned int sfNetworkGetBinding(
|
||||
tSfPolicyConfig *,
|
||||
snort_ip_p
|
||||
);
|
||||
void sfNetworkDeleteBinding(
|
||||
tSfPolicyConfig *,
|
||||
snort_ip_p
|
||||
);
|
||||
|
||||
static INLINE tSfPolicyId sfGetDefaultPolicy(
|
||||
tSfPolicyConfig *config
|
||||
)
|
||||
{
|
||||
if (config == NULL)
|
||||
return 0;
|
||||
|
||||
return config->defaultPolicyId;
|
||||
}
|
||||
|
||||
static INLINE void sfSetDefaultPolicy(
|
||||
tSfPolicyConfig *config,
|
||||
tSfPolicyId policyId
|
||||
)
|
||||
{
|
||||
if ((config == NULL) || (policyId >= config->numAllocatedPolicies))
|
||||
return;
|
||||
|
||||
config->defaultPolicyId = policyId;
|
||||
}
|
||||
|
||||
static INLINE tSfPolicyId sfPolicyNumAllocated(
|
||||
tSfPolicyConfig *config
|
||||
)
|
||||
{
|
||||
if (config == NULL)
|
||||
return 0;
|
||||
|
||||
return config->numAllocatedPolicies;
|
||||
}
|
||||
|
||||
//dynamic array functions
|
||||
int sfDynArrayCheckBounds (
|
||||
void ** dynArray,
|
||||
unsigned int index,
|
||||
unsigned int *maxElements
|
||||
);
|
||||
#endif
|
|
@ -0,0 +1,144 @@
|
|||
/****************************************************************************
|
||||
* Copyright (C) 2008-2010 Sourcefire, Inc.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License Version 2 as
|
||||
* published by the Free Software Foundation. You may not use, modify or
|
||||
* distribute this program under any other version of the GNU General
|
||||
* Public License.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program; if not, write to the Free Software
|
||||
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
|
||||
*
|
||||
****************************************************************************/
|
||||
|
||||
#ifndef _SF_POLICY_USER_DATA_H_
|
||||
#define _SF_POLICY_USER_DATA_H_
|
||||
|
||||
#include "sf_ip.h"
|
||||
#include "ipv6_port.h"
|
||||
#include "sfPolicy.h"
|
||||
#include "sf_dynamic_preprocessor.h"
|
||||
extern DynamicPreprocessorData _dpd;
|
||||
|
||||
typedef struct
|
||||
{
|
||||
/**policy id of configuration file or packet being processed.
|
||||
*/
|
||||
tSfPolicyId currentPolicyId;
|
||||
|
||||
/**Number of policies currently allocated.
|
||||
*/
|
||||
unsigned int numAllocatedPolicies;
|
||||
|
||||
/**Number of policies active. Since we use an array of policy pointers,
|
||||
* number of allocated policies may be more than active policies. */
|
||||
unsigned int numActivePolicies;
|
||||
|
||||
/**user configuration for a policy. This is a pointer to an array of pointers
|
||||
* to user configuration.
|
||||
*/
|
||||
void **userConfig;
|
||||
|
||||
} tSfPolicyUserContext;
|
||||
|
||||
typedef tSfPolicyUserContext * tSfPolicyUserContextId;
|
||||
|
||||
|
||||
tSfPolicyUserContextId sfPolicyConfigCreate(
|
||||
void
|
||||
);
|
||||
|
||||
void sfPolicyConfigDelete(
|
||||
tSfPolicyUserContextId pContext
|
||||
);
|
||||
|
||||
//Functions for setting, getting and clearing policy ids
|
||||
static INLINE void sfPolicyUserPolicySet (
|
||||
tSfPolicyUserContextId pContext,
|
||||
tSfPolicyId policyId
|
||||
)
|
||||
{
|
||||
pContext->currentPolicyId = policyId;
|
||||
}
|
||||
|
||||
static INLINE tSfPolicyId sfPolicyUserPolicyGet (
|
||||
tSfPolicyUserContextId pContext
|
||||
)
|
||||
{
|
||||
return pContext->currentPolicyId;
|
||||
}
|
||||
|
||||
static INLINE unsigned int sfPolicyUserPolicyGetActive (
|
||||
tSfPolicyUserContextId pContext
|
||||
)
|
||||
{
|
||||
return (pContext->numActivePolicies);
|
||||
}
|
||||
|
||||
//Functions for setting, getting and clearing user data specific to policies.
|
||||
int sfPolicyUserDataSet (
|
||||
tSfPolicyUserContextId pContext,
|
||||
tSfPolicyId policyId,
|
||||
void *config
|
||||
);
|
||||
static INLINE void * sfPolicyUserDataGet (
|
||||
tSfPolicyUserContextId pContext,
|
||||
tSfPolicyId policyId
|
||||
)
|
||||
{
|
||||
if ((pContext != NULL) && (policyId < pContext->numAllocatedPolicies))
|
||||
{
|
||||
return pContext->userConfig[policyId];
|
||||
}
|
||||
|
||||
return NULL;
|
||||
}
|
||||
|
||||
static INLINE int sfPolicyUserDataSetDefault (
|
||||
tSfPolicyUserContextId pContext,
|
||||
void *config
|
||||
)
|
||||
{
|
||||
return sfPolicyUserDataSet (pContext, _dpd.getDefaultPolicy(), config);
|
||||
}
|
||||
|
||||
static INLINE void * sfPolicyUserDataGetDefault (
|
||||
tSfPolicyUserContextId pContext
|
||||
)
|
||||
{
|
||||
return sfPolicyUserDataGet (pContext, _dpd.getDefaultPolicy());
|
||||
}
|
||||
|
||||
static INLINE int sfPolicyUserDataSetCurrent (
|
||||
tSfPolicyUserContextId pContext,
|
||||
void *config
|
||||
)
|
||||
{
|
||||
return sfPolicyUserDataSet (pContext, pContext->currentPolicyId, config);
|
||||
}
|
||||
static INLINE void * sfPolicyUserDataGetCurrent (
|
||||
tSfPolicyUserContextId pContext
|
||||
)
|
||||
{
|
||||
return sfPolicyUserDataGet (pContext, pContext->currentPolicyId);
|
||||
}
|
||||
|
||||
void * sfPolicyUserDataClear (
|
||||
tSfPolicyUserContextId pContext,
|
||||
tSfPolicyId policyId
|
||||
);
|
||||
|
||||
int sfPolicyUserDataIterate (
|
||||
tSfPolicyUserContextId pContext,
|
||||
int (*callback)(tSfPolicyUserContextId pContext, tSfPolicyId policyId, void* config)
|
||||
);
|
||||
|
||||
|
||||
#endif
|
|
@ -0,0 +1,58 @@
|
|||
/*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License Version 2 as
|
||||
* published by the Free Software Foundation. You may not use, modify or
|
||||
* distribute this program under any other version of the GNU General
|
||||
* Public License.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program; if not, write to the Free Software
|
||||
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
|
||||
*
|
||||
* Copyright (C) 2005-2010 Sourcefire, Inc.
|
||||
*
|
||||
*/
|
||||
#ifndef _SF_DYNAMIC_COMMON_H_
|
||||
#define _SF_DYNAMIC_COMMON_H_
|
||||
|
||||
#ifndef WIN32
|
||||
#include <sys/types.h>
|
||||
#else
|
||||
#include <stdint.h>
|
||||
#endif
|
||||
|
||||
typedef void (*LogMsgFunc)(const char *, ...);
|
||||
typedef void (*DebugMsgFunc)(int, char *, ...);
|
||||
#ifdef HAVE_WCHAR_H
|
||||
typedef void (*DebugWideMsgFunc)(int, wchar_t *, ...);
|
||||
#endif
|
||||
|
||||
#define STD_BUF 1024
|
||||
|
||||
#define MAX_URIINFOS 10
|
||||
|
||||
#define HTTP_BUFFER_URI 0
|
||||
#define HTTP_BUFFER_RAW_URI 1
|
||||
#define HTTP_BUFFER_HEADER 2
|
||||
#define HTTP_BUFFER_RAW_HEADER 3
|
||||
#define HTTP_BUFFER_CLIENT_BODY 4
|
||||
#define HTTP_BUFFER_METHOD 5
|
||||
#define HTTP_BUFFER_COOKIE 6
|
||||
#define HTTP_BUFFER_RAW_COOKIE 7
|
||||
#define HTTP_BUFFER_STAT_CODE 8
|
||||
#define HTTP_BUFFER_STAT_MSG 9
|
||||
|
||||
typedef struct _UriInfo
|
||||
{
|
||||
uint8_t *uriBuffer;
|
||||
uint16_t uriLength;
|
||||
uint32_t uriDecodeFlags;
|
||||
|
||||
} UriInfo;
|
||||
|
||||
#endif /* _SF_DYNAMIC_COMMON_H_ */
|
|
@ -0,0 +1,87 @@
|
|||
/*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License Version 2 as
|
||||
* published by the Free Software Foundation. You may not use, modify or
|
||||
* distribute this program under any other version of the GNU General
|
||||
* Public License.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program; if not, write to the Free Software
|
||||
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
|
||||
*
|
||||
* Copyright (C) 2007-2010 Sourcefire, Inc.
|
||||
*
|
||||
* Author: Russ Combs
|
||||
*
|
||||
* #defines required by the dynamic engine. These were factored out of
|
||||
* sf_snort_plugin_api.h because they are required by fpcreate.c. They
|
||||
* could have been placed in sf_dynamic_engine.h but that would have
|
||||
* caused all the sf_engine/examples/ *.c to depend on that file.
|
||||
*/
|
||||
#ifndef _SF_DYNAMIC_DEFINE_H_
|
||||
#define _SF_DYNAMIC_DEFINE_H_
|
||||
|
||||
/* the OPTION_TYPE_* and FLOW_* values
|
||||
* are used as args to the hasFunc()
|
||||
* which replaces the prior has*Func()s.
|
||||
*/
|
||||
typedef enum {
|
||||
OPTION_TYPE_PREPROCESSOR,
|
||||
OPTION_TYPE_CONTENT,
|
||||
OPTION_TYPE_PCRE,
|
||||
OPTION_TYPE_FLOWBIT,
|
||||
OPTION_TYPE_FLOWFLAGS,
|
||||
OPTION_TYPE_ASN1,
|
||||
OPTION_TYPE_CURSOR,
|
||||
OPTION_TYPE_HDR_CHECK,
|
||||
OPTION_TYPE_BYTE_TEST,
|
||||
OPTION_TYPE_BYTE_JUMP,
|
||||
OPTION_TYPE_BYTE_EXTRACT,
|
||||
OPTION_TYPE_SET_CURSOR,
|
||||
OPTION_TYPE_LOOP,
|
||||
OPTION_TYPE_MAX
|
||||
} DynamicOptionType;
|
||||
|
||||
#define FLOW_ESTABLISHED 0x0010
|
||||
#define FLOW_FR_SERVER 0x0040
|
||||
#define FLOW_TO_CLIENT 0x0040 /* Just for convenience */
|
||||
#define FLOW_TO_SERVER 0x0080
|
||||
#define FLOW_FR_CLIENT 0x0080 /* Just for convenience */
|
||||
#define FLOW_IGNORE_REASSEMBLED 0x1000
|
||||
#define FLOW_ONLY_REASSEMBLED 0x2000
|
||||
#define FLOW_ONLY_REASSMBLED FLOW_ONLY_REASSEMBLED
|
||||
|
||||
#define SNORT_PCRE_OVERRIDE_MATCH_LIMIT 0x8000000
|
||||
|
||||
#if defined _WIN32 || defined __CYGWIN__
|
||||
# if defined SF_SNORT_ENGINE_DLL || defined SF_SNORT_DETECTION_DLL || defined SF_SNORT_PREPROC_DLL
|
||||
# ifdef __GNUC__
|
||||
# define SO_PUBLIC __attribute__((dllexport))
|
||||
# else
|
||||
# define SO_PUBLIC __declspec(dllexport)
|
||||
# endif
|
||||
# else
|
||||
# ifdef __GNUC__
|
||||
# define SO_PUBLIC __attribute__((dllimport))
|
||||
# else
|
||||
# define SO_PUBLIC __declspec(dllimport)
|
||||
# endif
|
||||
# endif
|
||||
# define DLL_LOCAL
|
||||
#else
|
||||
# ifdef HAVE_VISIBILITY
|
||||
# define SO_PUBLIC __attribute__ ((visibility("default")))
|
||||
# define SO_PRIVATE __attribute__ ((visibility("hidden")))
|
||||
# else
|
||||
# define SO_PUBLIC
|
||||
# define SO_PRIVATE
|
||||
# endif
|
||||
#endif
|
||||
|
||||
#endif /* _SF_DYNAMIC_DEFINE_H_ */
|
||||
|
|
@ -0,0 +1,206 @@
|
|||
/*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License Version 2 as
|
||||
* published by the Free Software Foundation. You may not use, modify or
|
||||
* distribute this program under any other version of the GNU General
|
||||
* Public License.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program; if not, write to the Free Software
|
||||
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
|
||||
*
|
||||
* Copyright (C) 2005-2010 Sourcefire, Inc.
|
||||
*
|
||||
* Author: Steven Sturges
|
||||
*
|
||||
* Dynamic Library Loading for Snort
|
||||
*
|
||||
*/
|
||||
#ifndef _SF_DYNAMIC_ENGINE_H_
|
||||
#define _SF_DYNAMIC_ENGINE_H_
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
#include <config.h>
|
||||
#endif
|
||||
|
||||
#ifndef WIN32
|
||||
#include <sys/types.h>
|
||||
#else
|
||||
#include <stdint.h>
|
||||
#endif
|
||||
|
||||
#include "sf_dynamic_define.h"
|
||||
#include "sf_dynamic_meta.h"
|
||||
#include "sf_types.h"
|
||||
|
||||
/* specifies that a function does not return
|
||||
* used for quieting Visual Studio warnings
|
||||
*/
|
||||
#ifdef WIN32
|
||||
#if _MSC_VER >= 1400
|
||||
#define NORETURN __declspec(noreturn)
|
||||
#else
|
||||
#define NORETURN
|
||||
#endif
|
||||
#else
|
||||
#define NORETURN
|
||||
#endif
|
||||
|
||||
/* Function prototype used to evaluate a special OTN */
|
||||
typedef int (*OTNCheckFunction)(void* pPacket, void* pRule);
|
||||
|
||||
/* flowFlag is FLOW_*; check flowFlag iff non-zero */
|
||||
typedef int (*OTNHasFunction)(void* pRule, DynamicOptionType, int flowFlag);
|
||||
|
||||
/* Data struct & function prototype used to get list of
|
||||
* Fast Pattern Content information. */
|
||||
typedef struct _FPContentInfo
|
||||
{
|
||||
char *content;
|
||||
int length;
|
||||
int offset;
|
||||
int depth;
|
||||
char noCaseFlag;
|
||||
char exception_flag;
|
||||
char is_relative;
|
||||
char fp;
|
||||
char fp_only;
|
||||
u_int16_t fp_offset;
|
||||
u_int16_t fp_length;
|
||||
struct _FPContentInfo *next;
|
||||
|
||||
} FPContentInfo;
|
||||
|
||||
/* Parameters are rule info pointer, int to indicate URI or NORM,
|
||||
* and list pointer */
|
||||
#define CONTENT_NORMAL 0x01
|
||||
#define CONTENT_HTTP_URI 0x02
|
||||
#define CONTENT_HTTP_HEADER 0x04
|
||||
#define CONTENT_HTTP_CLIENT_BODY 0x08
|
||||
#define CONTENT_HTTP_METHOD 0x10
|
||||
#define CONTENT_HTTP (CONTENT_HTTP_URI|CONTENT_HTTP_HEADER|\
|
||||
CONTENT_HTTP_CLIENT_BODY|CONTENT_HTTP_METHOD)
|
||||
typedef int (*GetDynamicContentsFunction)(void *, int, FPContentInfo **);
|
||||
typedef int (*GetDynamicPreprocOptFpContentsFunc)(void *, FPContentInfo **);
|
||||
typedef void (*RuleFreeFunc)(void *);
|
||||
|
||||
/* ruleInfo is passed to OTNCheckFunction when the fast pattern matches. */
|
||||
typedef int (*RegisterRule)(
|
||||
u_int32_t, u_int32_t, void *,
|
||||
OTNCheckFunction, OTNHasFunction,
|
||||
int, GetDynamicContentsFunction, RuleFreeFunc,
|
||||
GetDynamicPreprocOptFpContentsFunc
|
||||
);
|
||||
typedef u_int32_t (*RegisterBit)(char *, int);
|
||||
typedef int (*CheckFlowbit)(void *, int, u_int32_t);
|
||||
typedef int (*DetectAsn1)(void *, void *, const u_int8_t *);
|
||||
typedef int (*PreprocOptionEval)(void *p, const u_int8_t **cursor, void *dataPtr);
|
||||
typedef int (*PreprocOptionInit)(char *, char *, void **dataPtr);
|
||||
typedef void (*PreprocOptionCleanup)(void *dataPtr);
|
||||
#define PREPROC_OPT_EQUAL 0
|
||||
#define PREPROC_OPT_NOT_EQUAL 1
|
||||
typedef u_int32_t (*PreprocOptionHash)(void *);
|
||||
typedef int (*PreprocOptionKeyCompare)(void *, void *);
|
||||
/* Function prototype for rule options that want to add patterns to the
|
||||
* fast pattern matcher */
|
||||
typedef int (*PreprocOptionFastPatternFunc)
|
||||
(void *rule_opt_data, int protocol, int direction, FPContentInfo **info);
|
||||
typedef int (*PreprocOptionOtnHandler)(void *);
|
||||
|
||||
typedef int (*RegisterPreprocRuleOpt)(
|
||||
char *, PreprocOptionInit, PreprocOptionEval,
|
||||
PreprocOptionCleanup, PreprocOptionHash, PreprocOptionKeyCompare,
|
||||
PreprocOptionOtnHandler, PreprocOptionFastPatternFunc);
|
||||
typedef int (*PreprocRuleOptInit)(void *);
|
||||
|
||||
typedef void (*SetRuleData)(void *, void *);
|
||||
typedef void *(*GetRuleData)(void *);
|
||||
|
||||
/* Info Data passed to dynamic engine plugin must include:
|
||||
* version
|
||||
* Pointer to AltDecodeBuffer
|
||||
* Pointer to HTTP URI Buffers
|
||||
* Pointer to function to register C Rule
|
||||
* Pointer to function to register C Rule flowbits
|
||||
* Pointer to function to check flowbit
|
||||
* Pointer to function to do ASN1 Detection
|
||||
* Pointer to functions to log Messages, Errors, Fatal Errors
|
||||
* Directory path
|
||||
*/
|
||||
#include "sf_dynamic_common.h"
|
||||
|
||||
#define ENGINE_DATA_VERSION 5
|
||||
|
||||
typedef void *(*PCRECompileFunc)(const char *, int, const char **, int *, const unsigned char *);
|
||||
typedef void *(*PCREStudyFunc)(const void *, int, const char **);
|
||||
typedef int (*PCREExecFunc)(const void *, const void *, const char *, int, int, int, int *, int);
|
||||
|
||||
typedef struct _DynamicEngineData
|
||||
{
|
||||
int version;
|
||||
u_int8_t *altBuffer;
|
||||
UriInfo *uriBuffers[MAX_URIINFOS];
|
||||
RegisterRule ruleRegister;
|
||||
RegisterBit flowbitRegister;
|
||||
CheckFlowbit flowbitCheck;
|
||||
DetectAsn1 asn1Detect;
|
||||
LogMsgFunc logMsg;
|
||||
LogMsgFunc errMsg;
|
||||
LogMsgFunc fatalMsg;
|
||||
char *dataDumpDirectory;
|
||||
|
||||
PreprocRuleOptInit preprocRuleOptInit;
|
||||
|
||||
SetRuleData setRuleData;
|
||||
GetRuleData getRuleData;
|
||||
|
||||
DebugMsgFunc debugMsg;
|
||||
#ifdef HAVE_WCHAR_H
|
||||
DebugWideMsgFunc debugWideMsg;
|
||||
#endif
|
||||
|
||||
char **debugMsgFile;
|
||||
int *debugMsgLine;
|
||||
|
||||
PCRECompileFunc pcreCompile;
|
||||
PCREStudyFunc pcreStudy;
|
||||
PCREExecFunc pcreExec;
|
||||
|
||||
} DynamicEngineData;
|
||||
|
||||
/* Function prototypes for Dynamic Engine Plugins */
|
||||
void CloseDynamicEngineLibs(void);
|
||||
void LoadAllDynamicEngineLibs(char *path);
|
||||
int LoadDynamicEngineLib(char *library_name, int indent);
|
||||
typedef int (*InitEngineLibFunc)(DynamicEngineData *);
|
||||
typedef int (*CompatibilityFunc)(DynamicPluginMeta *meta, DynamicPluginMeta *lib);
|
||||
|
||||
int InitDynamicEngines(char *);
|
||||
void RemoveDuplicateEngines(void);
|
||||
int DumpDetectionLibRules(void);
|
||||
int ValidateDynamicEngines(void);
|
||||
|
||||
/* This was necessary because of static code analysis not recognizing that
|
||||
* fatalMsg did not return - use instead of fatalMsg
|
||||
*/
|
||||
NORETURN void DynamicEngineFatalMessage(const char *format, ...);
|
||||
|
||||
typedef struct _PreprocessorOptionInfo
|
||||
{
|
||||
PreprocOptionInit optionInit;
|
||||
PreprocOptionEval optionEval;
|
||||
PreprocOptionCleanup optionCleanup;
|
||||
void *data;
|
||||
PreprocOptionHash optionHash;
|
||||
PreprocOptionKeyCompare optionKeyCompare;
|
||||
PreprocOptionOtnHandler otnHandler;
|
||||
PreprocOptionFastPatternFunc optionFpFunc;
|
||||
|
||||
} PreprocessorOptionInfo;
|
||||
|
||||
#endif /* _SF_DYNAMIC_ENGINE_H_ */
|
|
@ -0,0 +1,45 @@
|
|||
/*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License Version 2 as
|
||||
* published by the Free Software Foundation. You may not use, modify or
|
||||
* distribute this program under any other version of the GNU General
|
||||
* Public License.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program; if not, write to the Free Software
|
||||
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
|
||||
*
|
||||
* Copyright (C) 2005-2010 Sourcefire, Inc.
|
||||
*
|
||||
* Author: Steven Sturges
|
||||
*
|
||||
* Dynamic Library Loading for Snort
|
||||
*
|
||||
*/
|
||||
#ifndef _SF_DYNAMIC_META_H_
|
||||
#define _SF_DYNAMIC_META_H_
|
||||
|
||||
#define MAX_NAME_LEN 1024
|
||||
|
||||
#define TYPE_ENGINE 0x01
|
||||
#define TYPE_DETECTION 0x02
|
||||
#define TYPE_PREPROCESSOR 0x04
|
||||
|
||||
typedef struct _DynamicPluginMeta
|
||||
{
|
||||
int type;
|
||||
int major;
|
||||
int minor;
|
||||
int build;
|
||||
char uniqueName[MAX_NAME_LEN];
|
||||
char *libraryPath;
|
||||
} DynamicPluginMeta;
|
||||
|
||||
typedef int (*LibVersionFunc)(DynamicPluginMeta *);
|
||||
|
||||
#endif /* _SF_DYNAMIC_META_H_ */
|
|
@ -0,0 +1,39 @@
|
|||
/*
|
||||
** Copyright (C) 2005-2010 Sourcefire, Inc.
|
||||
** Author: Steven Sturges
|
||||
**
|
||||
** This program is free software; you can redistribute it and/or modify
|
||||
** it under the terms of the GNU General Public License Version 2 as
|
||||
** published by the Free Software Foundation. You may not use, modify or
|
||||
** distribute this program under any other version of the GNU General
|
||||
** Public License.
|
||||
**
|
||||
** This program is distributed in the hope that it will be useful,
|
||||
** but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
** MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
** GNU General Public License for more details.
|
||||
**
|
||||
** You should have received a copy of the GNU General Public License
|
||||
** along with this program; if not, write to the Free Software
|
||||
** Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
|
||||
*/
|
||||
|
||||
/* $Id$ */
|
||||
|
||||
/* Snort Dynamic Preprocessor */
|
||||
|
||||
#ifndef __SF_DYNAMIC_PREPROC_LIB_H_
|
||||
#define __SF_DYNAMIC_PREPROC_LIB_H_
|
||||
|
||||
#ifdef WIN32
|
||||
#ifdef SF_SNORT_PREPROC_DLL
|
||||
#define BUILDING_SO
|
||||
#define PREPROC_LINKAGE SO_PUBLIC
|
||||
#else
|
||||
#define PREPROC_LINKAGE
|
||||
#endif
|
||||
#else /* WIN32 */
|
||||
#define PREPROC_LINKAGE SO_PUBLIC
|
||||
#endif
|
||||
|
||||
#endif /* __SF_DYNAMIC_PREPROC_LIB_H_ */
|
|
@ -0,0 +1,271 @@
|
|||
/*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License Version 2 as
|
||||
* published by the Free Software Foundation. You may not use, modify or
|
||||
* distribute this program under any other version of the GNU General
|
||||
* Public License.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program; if not, write to the Free Software
|
||||
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
|
||||
*
|
||||
* Copyright (C) 2005-2010 Sourcefire, Inc.
|
||||
*
|
||||
* Author: Steven Sturges
|
||||
*
|
||||
* Dynamic Library Loading for Snort
|
||||
*
|
||||
*/
|
||||
#ifndef _SF_DYNAMIC_PREPROCESSOR_H_
|
||||
#define _SF_DYNAMIC_PREPROCESSOR_H_
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
#include "config.h"
|
||||
#endif
|
||||
|
||||
#include <ctype.h>
|
||||
#ifdef HAVE_WCHAR_H
|
||||
#include <wchar.h>
|
||||
#endif
|
||||
#include "sf_dynamic_meta.h"
|
||||
#include "ipv6_port.h"
|
||||
#include "sf_types.h"
|
||||
|
||||
/* specifies that a function does not return
|
||||
* used for quieting Visual Studio warnings
|
||||
*/
|
||||
#ifdef WIN32
|
||||
#if _MSC_VER >= 1400
|
||||
#define NORETURN __declspec(noreturn)
|
||||
#else
|
||||
#define NORETURN
|
||||
#endif
|
||||
#else
|
||||
#define NORETURN
|
||||
#endif
|
||||
|
||||
#ifdef PERF_PROFILING
|
||||
#ifndef PROFILE_PREPROCS_NOREDEF /* Don't redefine this from the main area */
|
||||
#ifdef PROFILING_PREPROCS
|
||||
#undef PROFILING_PREPROCS
|
||||
#endif
|
||||
#define PROFILING_PREPROCS _dpd.profilingPreprocsFunc()
|
||||
#endif
|
||||
#endif
|
||||
|
||||
#define PREPROCESSOR_DATA_VERSION 5
|
||||
|
||||
#include "sf_dynamic_common.h"
|
||||
#include "sf_dynamic_engine.h"
|
||||
#include "stream_api.h"
|
||||
#include "str_search.h"
|
||||
#include "obfuscation.h"
|
||||
|
||||
#define MINIMUM_DYNAMIC_PREPROC_ID 10000
|
||||
typedef void (*PreprocessorInitFunc)(char *);
|
||||
typedef void * (*AddPreprocFunc)(void (*func)(void *, void *), u_int16_t, u_int32_t, u_int32_t);
|
||||
typedef void (*AddPreprocExit)(void (*func) (int, void *), void *arg, u_int16_t, u_int32_t);
|
||||
typedef void (*AddPreprocRestart)(void (*func) (int, void *), void *arg, u_int16_t, u_int32_t);
|
||||
typedef void (*AddPreprocConfCheck)(void (*func) (void));
|
||||
typedef int (*AlertQueueAdd)(unsigned int, unsigned int, unsigned int,
|
||||
unsigned int, unsigned int, char *, void *);
|
||||
typedef uint32_t (*GenSnortEvent)(SFSnortPacket *p, uint32_t gid, uint32_t sid, uint32_t rev,
|
||||
uint32_t classification, uint32_t priority, char *msg);
|
||||
#ifdef SNORT_RELOAD
|
||||
typedef void (*PreprocessorReloadFunc)(char *);
|
||||
typedef int (*PreprocessorReloadVerifyFunc)(void);
|
||||
typedef void * (*PreprocessorReloadSwapFunc)(void);
|
||||
typedef void (*PreprocessorReloadSwapFreeFunc)(void *);
|
||||
#endif
|
||||
|
||||
#ifndef SNORT_RELOAD
|
||||
typedef void (*PreprocRegisterFunc)(char *, PreprocessorInitFunc);
|
||||
#else
|
||||
typedef void (*PreprocRegisterFunc)(char *, PreprocessorInitFunc,
|
||||
PreprocessorReloadFunc,
|
||||
PreprocessorReloadSwapFunc,
|
||||
PreprocessorReloadSwapFreeFunc);
|
||||
|
||||
typedef void (*AddPreprocReloadVerifyFunc)(PreprocessorReloadVerifyFunc);
|
||||
#endif
|
||||
typedef int (*ThresholdCheckFunc)(unsigned int, unsigned int, snort_ip_p, snort_ip_p, long);
|
||||
typedef int (*InlineDropFunc)(void *);
|
||||
typedef void (*DisableDetectFunc)(void *);
|
||||
typedef int (*SetPreprocBitFunc)(void *, u_int32_t);
|
||||
typedef int (*DetectFunc)(void *);
|
||||
typedef void *(*GetRuleInfoByNameFunc)(char *);
|
||||
typedef void *(*GetRuleInfoByIdFunc)(int);
|
||||
typedef int (*printfappendfunc)(char *, int, const char *, ...);
|
||||
typedef char ** (*TokenSplitFunc)(const char *, const char *, const int, int *, const char);
|
||||
typedef void (*TokenFreeFunc)(char ***, int);
|
||||
typedef void (*AddPreprocProfileFunc)(char *, void *, int, void *);
|
||||
typedef int (*ProfilingFunc)(void);
|
||||
typedef int (*PreprocessFunc)(void *);
|
||||
typedef void (*PreprocStatsRegisterFunc)(char *, void (*func)(int));
|
||||
typedef void (*AddPreprocReset)(void (*func) (int, void *), void *arg, u_int16_t, u_int32_t);
|
||||
typedef void (*AddPreprocResetStats)(void (*func) (int, void *), void *arg, u_int16_t, u_int32_t);
|
||||
typedef void (*AddPreprocReassemblyPktFunc)(void * (*func)(void), u_int32_t);
|
||||
typedef int (*SetPreprocReassemblyPktBitFunc)(void *, u_int32_t);
|
||||
typedef void (*DisablePreprocessorsFunc)(void *);
|
||||
#ifdef TARGET_BASED
|
||||
typedef int16_t (*FindProtocolReferenceFunc)(char *);
|
||||
typedef int16_t (*AddProtocolReferenceFunc)(char *);
|
||||
typedef int (*IsAdaptiveConfiguredFunc)(tSfPolicyId, int);
|
||||
#endif
|
||||
#ifdef SUP_IP6
|
||||
typedef void (*IP6BuildFunc)(void *, const void *, int);
|
||||
#define SET_CALLBACK_IP 0
|
||||
#define SET_CALLBACK_ICMP_ORIG 1
|
||||
typedef void (*IP6SetCallbacksFunc)(void *, int, char);
|
||||
#endif
|
||||
typedef void (*AddKeywordOverrideFunc)(char *, char *, PreprocOptionInit,
|
||||
PreprocOptionEval, PreprocOptionCleanup, PreprocOptionHash,
|
||||
PreprocOptionKeyCompare, PreprocOptionOtnHandler,
|
||||
PreprocOptionFastPatternFunc);
|
||||
|
||||
typedef int (*IsPreprocEnabledFunc)(u_int32_t);
|
||||
|
||||
typedef char * (*PortArrayFunc)(char *, void *, int *);
|
||||
|
||||
typedef int (*AlertQueueLog)(void *);
|
||||
typedef void (*AlertQueueControl)(void); // reset, push, and pop
|
||||
typedef tSfPolicyId (*GetPolicyFunc)(void);
|
||||
typedef void (*SetPolicyFunc)(tSfPolicyId);
|
||||
typedef int (*GetInlineMode)(void);
|
||||
typedef void (*SetFileDataPtrFunc)(const u_char *);
|
||||
typedef long (*DynamicStrtol)(const char *, char **, int);
|
||||
typedef unsigned long(*DynamicStrtoul)(const char *, char **, int);
|
||||
|
||||
typedef int (*EvalRTNFunc)(void *rtn, void *p, int check_ports);
|
||||
|
||||
/* Info Data passed to dynamic preprocessor plugin must include:
|
||||
* version
|
||||
* Pointer to AltDecodeBuffer
|
||||
* Pointer to HTTP URI Buffers
|
||||
* Pointer to functions to log Messages, Errors, Fatal Errors
|
||||
* Pointer to function to add preprocessor to list of configure Preprocs
|
||||
* Pointer to function to regsiter preprocessor configuration keyword
|
||||
* Pointer to function to create preprocessor alert
|
||||
*/
|
||||
typedef struct _DynamicPreprocessorData
|
||||
{
|
||||
int version;
|
||||
int size;
|
||||
|
||||
u_int8_t *altBuffer;
|
||||
unsigned int altBufferLen;
|
||||
UriInfo *uriBuffers[MAX_URIINFOS];
|
||||
LogMsgFunc logMsg;
|
||||
LogMsgFunc errMsg;
|
||||
LogMsgFunc fatalMsg;
|
||||
DebugMsgFunc debugMsg;
|
||||
|
||||
PreprocRegisterFunc registerPreproc;
|
||||
AddPreprocFunc addPreproc;
|
||||
AddPreprocRestart addPreprocRestart;
|
||||
AddPreprocExit addPreprocExit;
|
||||
AddPreprocConfCheck addPreprocConfCheck;
|
||||
RegisterPreprocRuleOpt preprocOptRegister;
|
||||
AddPreprocProfileFunc addPreprocProfileFunc;
|
||||
ProfilingFunc profilingPreprocsFunc;
|
||||
void *totalPerfStats;
|
||||
|
||||
AlertQueueAdd alertAdd;
|
||||
GenSnortEvent genSnortEvent;
|
||||
ThresholdCheckFunc thresholdCheck;
|
||||
|
||||
GetInlineMode inlineMode;
|
||||
InlineDropFunc inlineDrop;
|
||||
|
||||
DetectFunc detect;
|
||||
DisableDetectFunc disableDetect;
|
||||
DisableDetectFunc disableAllDetect;
|
||||
|
||||
SetPreprocBitFunc setPreprocBit;
|
||||
|
||||
StreamAPI *streamAPI;
|
||||
SearchAPI *searchAPI;
|
||||
|
||||
char **config_file;
|
||||
int *config_line;
|
||||
printfappendfunc printfappend;
|
||||
TokenSplitFunc tokenSplit;
|
||||
TokenFreeFunc tokenFree;
|
||||
|
||||
GetRuleInfoByNameFunc getRuleInfoByName;
|
||||
GetRuleInfoByIdFunc getRuleInfoById;
|
||||
#ifdef HAVE_WCHAR_H
|
||||
DebugWideMsgFunc debugWideMsg;
|
||||
#endif
|
||||
|
||||
PreprocessFunc preprocess;
|
||||
|
||||
char **debugMsgFile;
|
||||
int *debugMsgLine;
|
||||
|
||||
PreprocStatsRegisterFunc registerPreprocStats;
|
||||
AddPreprocReset addPreprocReset;
|
||||
AddPreprocResetStats addPreprocResetStats;
|
||||
AddPreprocReassemblyPktFunc addPreprocReassemblyPkt;
|
||||
SetPreprocReassemblyPktBitFunc setPreprocReassemblyPktBit;
|
||||
|
||||
DisablePreprocessorsFunc disablePreprocessors;
|
||||
|
||||
#ifdef SUP_IP6
|
||||
IP6BuildFunc ip6Build;
|
||||
IP6SetCallbacksFunc ip6SetCallbacks;
|
||||
#endif
|
||||
|
||||
AlertQueueLog logAlerts;
|
||||
AlertQueueControl resetAlerts;
|
||||
AlertQueueControl pushAlerts;
|
||||
AlertQueueControl popAlerts;
|
||||
|
||||
#ifdef TARGET_BASED
|
||||
FindProtocolReferenceFunc findProtocolReference;
|
||||
AddProtocolReferenceFunc addProtocolReference;
|
||||
IsAdaptiveConfiguredFunc isAdaptiveConfigured;
|
||||
#endif
|
||||
|
||||
AddKeywordOverrideFunc preprocOptOverrideKeyword;
|
||||
IsPreprocEnabledFunc isPreprocEnabled;
|
||||
|
||||
#ifdef SNORT_RELOAD
|
||||
AddPreprocReloadVerifyFunc addPreprocReloadVerify;
|
||||
#endif
|
||||
|
||||
PortArrayFunc portObjectCharPortArray;
|
||||
|
||||
GetPolicyFunc getRuntimePolicy;
|
||||
GetPolicyFunc getParserPolicy;
|
||||
GetPolicyFunc getDefaultPolicy;
|
||||
SetPolicyFunc setParserPolicy;
|
||||
SetFileDataPtrFunc setFileDataPtr;
|
||||
DynamicStrtol SnortStrtol;
|
||||
DynamicStrtoul SnortStrtoul;
|
||||
EvalRTNFunc fpEvalRTN;
|
||||
|
||||
ObfuscationApi *obApi;
|
||||
|
||||
} DynamicPreprocessorData;
|
||||
|
||||
/* Function prototypes for Dynamic Preprocessor Plugins */
|
||||
void CloseDynamicPreprocessorLibs(void);
|
||||
int LoadDynamicPreprocessor(char *library_name, int indent);
|
||||
void LoadAllDynamicPreprocessors(char *path);
|
||||
typedef int (*InitPreprocessorLibFunc)(DynamicPreprocessorData *);
|
||||
|
||||
int InitDynamicPreprocessors(void);
|
||||
void RemoveDuplicatePreprocessorPlugins(void);
|
||||
|
||||
/* This was necessary because of static code analysis not recognizing that
|
||||
* fatalMsg did not return - use instead of fatalMsg
|
||||
*/
|
||||
NORETURN void DynamicPreprocessorFatalMessage(const char *format, ...);
|
||||
|
||||
#endif /* _SF_DYNAMIC_PREPROCESSOR_H_ */
|
|
@ -0,0 +1,272 @@
|
|||
/*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License Version 2 as
|
||||
* published by the Free Software Foundation. You may not use, modify or
|
||||
* distribute this program under any other version of the GNU General
|
||||
* Public License.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program; if not, write to the Free Software
|
||||
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
|
||||
*
|
||||
* Copyright (C) 2005-2010 Sourcefire, Inc.
|
||||
*
|
||||
* Author: Steven Sturges
|
||||
*
|
||||
* Dynamic Library Loading for Snort
|
||||
*
|
||||
*/
|
||||
#ifndef _SF_DYNAMIC_PREPROCESSOR_H_
|
||||
#define _SF_DYNAMIC_PREPROCESSOR_H_
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
#include "config.h"
|
||||
#endif
|
||||
|
||||
#include <ctype.h>
|
||||
#ifdef HAVE_WCHAR_H
|
||||
#include <wchar.h>
|
||||
#endif
|
||||
#include "sf_dynamic_meta.h"
|
||||
#include "ipv6_port.h"
|
||||
#include "sf_types.h"
|
||||
|
||||
/* specifies that a function does not return
|
||||
* used for quieting Visual Studio warnings
|
||||
*/
|
||||
#ifdef WIN32
|
||||
#if _MSC_VER >= 1400
|
||||
#define NORETURN __declspec(noreturn)
|
||||
#else
|
||||
#define NORETURN
|
||||
#endif
|
||||
#else
|
||||
#define NORETURN
|
||||
#endif
|
||||
|
||||
#ifdef PERF_PROFILING
|
||||
#ifndef PROFILE_PREPROCS_NOREDEF /* Don't redefine this from the main area */
|
||||
#ifdef PROFILING_PREPROCS
|
||||
#undef PROFILING_PREPROCS
|
||||
#endif
|
||||
#define PROFILING_PREPROCS _dpd.profilingPreprocsFunc()
|
||||
#endif
|
||||
#endif
|
||||
|
||||
#define PREPROCESSOR_DATA_VERSION 5
|
||||
|
||||
#include "sf_dynamic_common.h"
|
||||
#include "sf_dynamic_engine.h"
|
||||
#include "stream_api.h"
|
||||
#include "str_search.h"
|
||||
#include "obfuscation.h"
|
||||
#include "sfportobject.h"
|
||||
|
||||
#define MINIMUM_DYNAMIC_PREPROC_ID 10000
|
||||
typedef void (*PreprocessorInitFunc)(char *);
|
||||
typedef void * (*AddPreprocFunc)(void (*func)(void *, void *), u_int16_t, u_int32_t, u_int32_t);
|
||||
typedef void (*AddPreprocExit)(void (*func) (int, void *), void *arg, u_int16_t, u_int32_t);
|
||||
typedef void (*AddPreprocRestart)(void (*func) (int, void *), void *arg, u_int16_t, u_int32_t);
|
||||
typedef void (*AddPreprocConfCheck)(void (*func) (void));
|
||||
typedef int (*AlertQueueAdd)(unsigned int, unsigned int, unsigned int,
|
||||
unsigned int, unsigned int, char *, void *);
|
||||
typedef uint32_t (*GenSnortEvent)(Packet *p, uint32_t gid, uint32_t sid, uint32_t rev,
|
||||
uint32_t classification, uint32_t priority, char *msg);
|
||||
#ifdef SNORT_RELOAD
|
||||
typedef void (*PreprocessorReloadFunc)(char *);
|
||||
typedef int (*PreprocessorReloadVerifyFunc)(void);
|
||||
typedef void * (*PreprocessorReloadSwapFunc)(void);
|
||||
typedef void (*PreprocessorReloadSwapFreeFunc)(void *);
|
||||
#endif
|
||||
|
||||
#ifndef SNORT_RELOAD
|
||||
typedef void (*PreprocRegisterFunc)(char *, PreprocessorInitFunc);
|
||||
#else
|
||||
typedef void (*PreprocRegisterFunc)(char *, PreprocessorInitFunc,
|
||||
PreprocessorReloadFunc,
|
||||
PreprocessorReloadSwapFunc,
|
||||
PreprocessorReloadSwapFreeFunc);
|
||||
|
||||
typedef void (*AddPreprocReloadVerifyFunc)(PreprocessorReloadVerifyFunc);
|
||||
#endif
|
||||
typedef int (*ThresholdCheckFunc)(unsigned int, unsigned int, snort_ip_p, snort_ip_p, long);
|
||||
typedef int (*InlineDropFunc)(void *);
|
||||
typedef void (*DisableDetectFunc)(void *);
|
||||
typedef int (*SetPreprocBitFunc)(void *, u_int32_t);
|
||||
typedef int (*DetectFunc)(void *);
|
||||
typedef void *(*GetRuleInfoByNameFunc)(char *);
|
||||
typedef void *(*GetRuleInfoByIdFunc)(int);
|
||||
typedef int (*printfappendfunc)(char *, int, const char *, ...);
|
||||
typedef char ** (*TokenSplitFunc)(const char *, const char *, const int, int *, const char);
|
||||
typedef void (*TokenFreeFunc)(char ***, int);
|
||||
typedef void (*AddPreprocProfileFunc)(char *, void *, int, void *);
|
||||
typedef int (*ProfilingFunc)(void);
|
||||
typedef int (*PreprocessFunc)(void *);
|
||||
typedef void (*PreprocStatsRegisterFunc)(char *, void (*func)(int));
|
||||
typedef void (*AddPreprocReset)(void (*func) (int, void *), void *arg, u_int16_t, u_int32_t);
|
||||
typedef void (*AddPreprocResetStats)(void (*func) (int, void *), void *arg, u_int16_t, u_int32_t);
|
||||
typedef void (*AddPreprocReassemblyPktFunc)(void * (*func)(void), u_int32_t);
|
||||
typedef int (*SetPreprocReassemblyPktBitFunc)(void *, u_int32_t);
|
||||
typedef void (*DisablePreprocessorsFunc)(void *);
|
||||
#ifdef TARGET_BASED
|
||||
typedef int16_t (*FindProtocolReferenceFunc)(char *);
|
||||
typedef int16_t (*AddProtocolReferenceFunc)(char *);
|
||||
typedef int (*IsAdaptiveConfiguredFunc)(tSfPolicyId, int);
|
||||
#endif
|
||||
#ifdef SUP_IP6
|
||||
typedef void (*IP6BuildFunc)(void *, const void *, int);
|
||||
#define SET_CALLBACK_IP 0
|
||||
#define SET_CALLBACK_ICMP_ORIG 1
|
||||
typedef void (*IP6SetCallbacksFunc)(void *, int, char);
|
||||
#endif
|
||||
typedef void (*AddKeywordOverrideFunc)(char *, char *, PreprocOptionInit,
|
||||
PreprocOptionEval, PreprocOptionCleanup, PreprocOptionHash,
|
||||
PreprocOptionKeyCompare, PreprocOptionOtnHandler,
|
||||
PreprocOptionFastPatternFunc);
|
||||
|
||||
typedef int (*IsPreprocEnabledFunc)(u_int32_t);
|
||||
|
||||
typedef char * (*PortArrayFunc)(char *, PortObject *, int *);
|
||||
|
||||
typedef int (*AlertQueueLog)(void *);
|
||||
typedef void (*AlertQueueControl)(void); // reset, push, and pop
|
||||
typedef tSfPolicyId (*GetPolicyFunc)(void);
|
||||
typedef void (*SetPolicyFunc)(tSfPolicyId);
|
||||
typedef int (*GetInlineMode)(void);
|
||||
typedef void (*SetFileDataPtrFunc)(const u_char *);
|
||||
typedef long (*DynamicStrtol)(const char *, char **, int);
|
||||
typedef unsigned long(*DynamicStrtoul)(const char *, char **, int);
|
||||
|
||||
typedef int (*EvalRTNFunc)(void *rtn, void *p, int check_ports);
|
||||
|
||||
/* Info Data passed to dynamic preprocessor plugin must include:
|
||||
* version
|
||||
* Pointer to AltDecodeBuffer
|
||||
* Pointer to HTTP URI Buffers
|
||||
* Pointer to functions to log Messages, Errors, Fatal Errors
|
||||
* Pointer to function to add preprocessor to list of configure Preprocs
|
||||
* Pointer to function to regsiter preprocessor configuration keyword
|
||||
* Pointer to function to create preprocessor alert
|
||||
*/
|
||||
typedef struct _DynamicPreprocessorData
|
||||
{
|
||||
int version;
|
||||
int size;
|
||||
|
||||
u_int8_t *altBuffer;
|
||||
unsigned int altBufferLen;
|
||||
UriInfo *uriBuffers[MAX_URIINFOS];
|
||||
LogMsgFunc logMsg;
|
||||
LogMsgFunc errMsg;
|
||||
LogMsgFunc fatalMsg;
|
||||
DebugMsgFunc debugMsg;
|
||||
|
||||
PreprocRegisterFunc registerPreproc;
|
||||
AddPreprocFunc addPreproc;
|
||||
AddPreprocRestart addPreprocRestart;
|
||||
AddPreprocExit addPreprocExit;
|
||||
AddPreprocConfCheck addPreprocConfCheck;
|
||||
RegisterPreprocRuleOpt preprocOptRegister;
|
||||
AddPreprocProfileFunc addPreprocProfileFunc;
|
||||
ProfilingFunc profilingPreprocsFunc;
|
||||
void *totalPerfStats;
|
||||
|
||||
AlertQueueAdd alertAdd;
|
||||
GenSnortEvent genSnortEvent;
|
||||
ThresholdCheckFunc thresholdCheck;
|
||||
|
||||
GetInlineMode inlineMode;
|
||||
InlineDropFunc inlineDrop;
|
||||
|
||||
DetectFunc detect;
|
||||
DisableDetectFunc disableDetect;
|
||||
DisableDetectFunc disableAllDetect;
|
||||
|
||||
SetPreprocBitFunc setPreprocBit;
|
||||
|
||||
StreamAPI *streamAPI;
|
||||
SearchAPI *searchAPI;
|
||||
|
||||
char **config_file;
|
||||
int *config_line;
|
||||
printfappendfunc printfappend;
|
||||
TokenSplitFunc tokenSplit;
|
||||
TokenFreeFunc tokenFree;
|
||||
|
||||
GetRuleInfoByNameFunc getRuleInfoByName;
|
||||
GetRuleInfoByIdFunc getRuleInfoById;
|
||||
#ifdef HAVE_WCHAR_H
|
||||
DebugWideMsgFunc debugWideMsg;
|
||||
#endif
|
||||
|
||||
PreprocessFunc preprocess;
|
||||
|
||||
char **debugMsgFile;
|
||||
int *debugMsgLine;
|
||||
|
||||
PreprocStatsRegisterFunc registerPreprocStats;
|
||||
AddPreprocReset addPreprocReset;
|
||||
AddPreprocResetStats addPreprocResetStats;
|
||||
AddPreprocReassemblyPktFunc addPreprocReassemblyPkt;
|
||||
SetPreprocReassemblyPktBitFunc setPreprocReassemblyPktBit;
|
||||
|
||||
DisablePreprocessorsFunc disablePreprocessors;
|
||||
|
||||
#ifdef SUP_IP6
|
||||
IP6BuildFunc ip6Build;
|
||||
IP6SetCallbacksFunc ip6SetCallbacks;
|
||||
#endif
|
||||
|
||||
AlertQueueLog logAlerts;
|
||||
AlertQueueControl resetAlerts;
|
||||
AlertQueueControl pushAlerts;
|
||||
AlertQueueControl popAlerts;
|
||||
|
||||
#ifdef TARGET_BASED
|
||||
FindProtocolReferenceFunc findProtocolReference;
|
||||
AddProtocolReferenceFunc addProtocolReference;
|
||||
IsAdaptiveConfiguredFunc isAdaptiveConfigured;
|
||||
#endif
|
||||
|
||||
AddKeywordOverrideFunc preprocOptOverrideKeyword;
|
||||
IsPreprocEnabledFunc isPreprocEnabled;
|
||||
|
||||
#ifdef SNORT_RELOAD
|
||||
AddPreprocReloadVerifyFunc addPreprocReloadVerify;
|
||||
#endif
|
||||
|
||||
PortArrayFunc portObjectCharPortArray;
|
||||
|
||||
GetPolicyFunc getRuntimePolicy;
|
||||
GetPolicyFunc getParserPolicy;
|
||||
GetPolicyFunc getDefaultPolicy;
|
||||
SetPolicyFunc setParserPolicy;
|
||||
SetFileDataPtrFunc setFileDataPtr;
|
||||
DynamicStrtol SnortStrtol;
|
||||
DynamicStrtoul SnortStrtoul;
|
||||
EvalRTNFunc fpEvalRTN;
|
||||
|
||||
ObfuscationApi *obApi;
|
||||
|
||||
} DynamicPreprocessorData;
|
||||
|
||||
/* Function prototypes for Dynamic Preprocessor Plugins */
|
||||
void CloseDynamicPreprocessorLibs(void);
|
||||
int LoadDynamicPreprocessor(char *library_name, int indent);
|
||||
void LoadAllDynamicPreprocessors(char *path);
|
||||
typedef int (*InitPreprocessorLibFunc)(DynamicPreprocessorData *);
|
||||
|
||||
int InitDynamicPreprocessors(void);
|
||||
void RemoveDuplicatePreprocessorPlugins(void);
|
||||
|
||||
/* This was necessary because of static code analysis not recognizing that
|
||||
* fatalMsg did not return - use instead of fatalMsg
|
||||
*/
|
||||
NORETURN void DynamicPreprocessorFatalMessage(const char *format, ...);
|
||||
|
||||
#endif /* _SF_DYNAMIC_PREPROCESSOR_H_ */
|
|
@ -0,0 +1,577 @@
|
|||
/*
|
||||
** Copyright (C) 1998-2010 Sourcefire, Inc.
|
||||
** Adam Keeton
|
||||
** Kevin Liu <kliu@sourcefire.com>
|
||||
**
|
||||
** $Id$
|
||||
** This program is free software; you can redistribute it and/or modify
|
||||
** it under the terms of the GNU General Public License Version 2 as
|
||||
** published by the Free Software Foundation. You may not use, modify or
|
||||
** distribute this program under any other version of the GNU General
|
||||
** Public License.
|
||||
**
|
||||
** This program is distributed in the hope that it will be useful,
|
||||
** but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
** MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
** GNU General Public License for more details.
|
||||
**
|
||||
** You should have received a copy of the GNU General Public License
|
||||
** along with this program; if not, write to the Free Software
|
||||
** Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
|
||||
*/
|
||||
|
||||
/*
|
||||
* Adam Keeton
|
||||
* sf_ip.c
|
||||
* 11/17/06
|
||||
*
|
||||
* Library for managing IP addresses of either v6 or v4 families.
|
||||
*/
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
#include "config.h"
|
||||
#endif
|
||||
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <ctype.h>
|
||||
#include <math.h> /* For ceil */
|
||||
#include "sf_ip.h"
|
||||
|
||||
/* For inet_pton */
|
||||
#ifndef WIN32
|
||||
#include <sys/types.h>
|
||||
#include <sys/socket.h>
|
||||
#include <arpa/inet.h>
|
||||
#endif /* WIN32 */
|
||||
|
||||
#if 0
|
||||
/* Support function .. but could see some external uses */
|
||||
static INLINE int sfip_length(sfip_t *ip) {
|
||||
ARG_CHECK1(ip, 0);
|
||||
|
||||
if(sfip_family(ip) == AF_INET) return 4;
|
||||
return 16;
|
||||
}
|
||||
#endif
|
||||
|
||||
/* Support function */
|
||||
// note that an ip6 address may have a trailing dotted quad form
|
||||
// but that it always has at least 2 ':'s; furthermore there is
|
||||
// no valid ip4 format (including mask) with 2 ':'s
|
||||
// we don't have to figure out if the format is entirely legal
|
||||
// we just have to be able to tell correct formats apart
|
||||
static INLINE int sfip_str_to_fam(const char *str) {
|
||||
const char* s;
|
||||
ARG_CHECK1(str, 0);
|
||||
s = strchr(str, (int)':');
|
||||
if ( s && strchr(s+1, (int)':') ) return AF_INET6;
|
||||
if ( strchr(str, (int)'.') ) return AF_INET;
|
||||
return AF_UNSPEC;
|
||||
}
|
||||
|
||||
/* Place-holder allocation incase we want to do something more indepth later */
|
||||
static INLINE sfip_t *_sfip_alloc() {
|
||||
/* Note: using calloc here instead of SnortAlloc since the dynamic libs
|
||||
* can't presently resolve SnortAlloc */
|
||||
return (sfip_t*)calloc(sizeof(sfip_t), 1);
|
||||
}
|
||||
|
||||
/* Masks off 'val' bits from the IP contained within 'ip' */
|
||||
static INLINE int sfip_cidr_mask(sfip_t *ip, int val) {
|
||||
int i;
|
||||
unsigned int mask = 0;
|
||||
unsigned int *p;
|
||||
int index = (int)ceil(val / 32.0) - 1;
|
||||
|
||||
ARG_CHECK1(ip, SFIP_ARG_ERR);
|
||||
|
||||
p = ip->ip32;
|
||||
|
||||
if( val < 0 ||
|
||||
((sfip_family(ip) == AF_INET6) && val > 128) ||
|
||||
((sfip_family(ip) == AF_INET) && val > 32) ) {
|
||||
return SFIP_ARG_ERR;
|
||||
}
|
||||
|
||||
/* Build the netmask by converting "val" into
|
||||
* the corresponding number of bits that are set */
|
||||
for(i = 0; i < 32- (val - (index * 32)); i++)
|
||||
mask = (mask<<1) + 1;
|
||||
|
||||
p[index] = htonl((ntohl(p[index]) & ~mask));
|
||||
|
||||
index++;
|
||||
|
||||
/* 0 off the rest of the IP */
|
||||
for( ; index<4; index++) p[index] = 0;
|
||||
|
||||
return SFIP_SUCCESS;
|
||||
}
|
||||
|
||||
/* Allocate IP address from a character array describing the IP */
|
||||
sfip_t *sfip_alloc(const char *ip, SFIP_RET *status) {
|
||||
SFIP_RET tmp;
|
||||
sfip_t *ret;
|
||||
|
||||
if(!ip) {
|
||||
if(status)
|
||||
*status = SFIP_ARG_ERR;
|
||||
return NULL;
|
||||
}
|
||||
|
||||
if((ret = _sfip_alloc()) == NULL) {
|
||||
if(status)
|
||||
*status = SFIP_ALLOC_ERR;
|
||||
return NULL;
|
||||
}
|
||||
|
||||
if( (tmp = sfip_pton(ip, ret)) != SFIP_SUCCESS) {
|
||||
if(status)
|
||||
*status = tmp;
|
||||
|
||||
sfip_free(ret);
|
||||
return NULL;
|
||||
}
|
||||
|
||||
if(status)
|
||||
*status = SFIP_SUCCESS;
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
/* Allocate IP address from an array of 8 byte integers */
|
||||
sfip_t *sfip_alloc_raw(void *ip, int family, SFIP_RET *status) {
|
||||
sfip_t *ret;
|
||||
|
||||
if(!ip) {
|
||||
if(status)
|
||||
*status = SFIP_ARG_ERR;
|
||||
return NULL;
|
||||
}
|
||||
|
||||
if((ret = _sfip_alloc()) == NULL) {
|
||||
if(status)
|
||||
*status = SFIP_ALLOC_ERR;
|
||||
return NULL;
|
||||
}
|
||||
|
||||
ret->bits = (family==AF_INET?32:128);
|
||||
ret->family = family;
|
||||
/* XXX Replace with appropriate "high speed" copy */
|
||||
memcpy(ret->ip8, ip, ret->bits/8);
|
||||
|
||||
if(status)
|
||||
*status = SFIP_SUCCESS;
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
/* Support function for _netmask_str_to_bit_count */
|
||||
static INLINE int _count_bits(unsigned int val) {
|
||||
unsigned int count;
|
||||
|
||||
for (count = 0; val; count++) {
|
||||
val &= val - 1;
|
||||
}
|
||||
|
||||
return count;
|
||||
}
|
||||
|
||||
/* Support function for sfip_pton. Used for converting a netmask string
|
||||
* into a number of bits to mask off */
|
||||
static INLINE int _netmask_str_to_bit_count(char *mask, int family) {
|
||||
u_int32_t buf[4];
|
||||
int bits, i, nBits, nBytes;
|
||||
u_int8_t* bytes = (u_int8_t*)buf;
|
||||
|
||||
/* XXX
|
||||
* Mask not validated.
|
||||
* Only sfip_pton should be using this function, and using it safely.
|
||||
* XXX */
|
||||
|
||||
if(inet_pton(family, mask, buf) < 1)
|
||||
return -1;
|
||||
|
||||
bits = _count_bits(buf[0]);
|
||||
|
||||
if(family == AF_INET6) {
|
||||
bits += _count_bits(buf[1]);
|
||||
bits += _count_bits(buf[2]);
|
||||
bits += _count_bits(buf[3]);
|
||||
nBytes = 16;
|
||||
} else {
|
||||
nBytes = 4;
|
||||
}
|
||||
|
||||
// now make sure that only the most significant bits are set
|
||||
nBits = bits;
|
||||
for ( i = 0; i < nBytes; i++ ) {
|
||||
if ( nBits >= 8 ) {
|
||||
if ( bytes[i] != 0xff ) return -1;
|
||||
nBits -= 8;
|
||||
|
||||
} else if ( nBits == 0 ) {
|
||||
if ( bytes[i] != 0x00 ) return -1;
|
||||
|
||||
} else {
|
||||
if ( bytes[i] != ((0xff00 >> nBits) & 0xff) ) return -1;
|
||||
nBits = 0;
|
||||
}
|
||||
}
|
||||
return bits;
|
||||
}
|
||||
|
||||
/* Parses "src" and stores results in "dst" */
|
||||
SFIP_RET sfip_pton(const char *src, sfip_t *dst) {
|
||||
char *mask;
|
||||
char *sfip_buf;
|
||||
char *ip;
|
||||
int bits;
|
||||
|
||||
if(!dst || !src)
|
||||
return SFIP_ARG_ERR;
|
||||
|
||||
if((sfip_buf = strdup(src)) == NULL)
|
||||
return SFIP_ALLOC_ERR;
|
||||
|
||||
ip = sfip_buf;
|
||||
dst->family = sfip_str_to_fam(src);
|
||||
|
||||
/* skip whitespace or opening bracket */
|
||||
while(isspace((int)*ip) || (*ip == '[')) ip++;
|
||||
|
||||
/* check for and extract a mask in CIDR form */
|
||||
if( (mask = strchr(ip, (int)'/')) != NULL ) {
|
||||
/* NULL out this character so inet_pton will see the
|
||||
* correct ending to the IP string */
|
||||
char* end = mask++;
|
||||
while ( (end > ip) && isspace((int)end[-1]) ) end--;
|
||||
*end = 0;
|
||||
|
||||
while(isspace((int)*mask)) mask++;
|
||||
|
||||
/* verify a leading digit */
|
||||
if(((dst->family == AF_INET6) && !isxdigit((int)*mask)) ||
|
||||
((dst->family == AF_INET) && !isdigit((int)*mask))) {
|
||||
free(sfip_buf);
|
||||
return SFIP_CIDR_ERR;
|
||||
}
|
||||
|
||||
/* Check if there's a netmask here instead of the number of bits */
|
||||
if(strchr(mask, (int)'.') || strchr(mask, (int)':'))
|
||||
bits = _netmask_str_to_bit_count(mask, sfip_str_to_fam(mask));
|
||||
else
|
||||
bits = atoi(mask);
|
||||
}
|
||||
else if(
|
||||
/* If this is IPv4, ia ':' may used specified to indicate a netmask */
|
||||
((dst->family == AF_INET) && (mask = strchr(ip, (int)':')) != NULL) ||
|
||||
|
||||
/* We've already skipped the leading whitespace, if there is more
|
||||
* whitespace, then there's probably a netmask specified after it. */
|
||||
(mask = strchr(ip, (int)' ')) != NULL
|
||||
) {
|
||||
char* end = mask++;
|
||||
while ( (end > ip) && isspace((int)end[-1]) ) end--;
|
||||
*end = 0; /* Now the IP will end at this point */
|
||||
|
||||
/* skip whitespace */
|
||||
while(isspace((int)*mask)) mask++;
|
||||
|
||||
/* Make sure we're either looking at a valid digit, or a leading
|
||||
* colon, such as can be the case with IPv6 */
|
||||
if(((dst->family == AF_INET) && isdigit((int)*mask)) ||
|
||||
((dst->family == AF_INET6) && (isxdigit((int)*mask) || *mask == ':'))) {
|
||||
bits = _netmask_str_to_bit_count(mask, sfip_str_to_fam(mask));
|
||||
}
|
||||
/* No netmask */
|
||||
else {
|
||||
if(dst->family == AF_INET) bits = 32;
|
||||
else bits = 128;
|
||||
}
|
||||
}
|
||||
/* No netmask */
|
||||
else {
|
||||
if(dst->family == AF_INET) bits = 32;
|
||||
else bits = 128;
|
||||
}
|
||||
|
||||
if(inet_pton(dst->family, ip, dst->ip8) < 1) {
|
||||
free(sfip_buf);
|
||||
return SFIP_INET_PARSE_ERR;
|
||||
}
|
||||
|
||||
/* Store mask */
|
||||
dst->bits = bits;
|
||||
|
||||
/* Apply mask */
|
||||
if(sfip_cidr_mask(dst, bits) != SFIP_SUCCESS) {
|
||||
free(sfip_buf);
|
||||
return SFIP_INVALID_MASK;
|
||||
}
|
||||
|
||||
free(sfip_buf);
|
||||
return SFIP_SUCCESS;
|
||||
}
|
||||
|
||||
/* Sets existing IP, "dst", to be source IP, "src" */
|
||||
SFIP_RET sfip_set_raw(sfip_t *dst, void *src, int family) {
|
||||
|
||||
ARG_CHECK3(dst, src, dst->ip32, SFIP_ARG_ERR);
|
||||
|
||||
dst->family = family;
|
||||
|
||||
if(family == AF_INET) {
|
||||
dst->ip32[0] = *(u_int32_t*)src;
|
||||
memset(&dst->ip32[1], 0, 12);
|
||||
dst->bits = 32;
|
||||
} else if(family == AF_INET6) {
|
||||
memcpy(dst->ip8, src, 16);
|
||||
dst->bits = 128;
|
||||
} else {
|
||||
return SFIP_ARG_ERR;
|
||||
}
|
||||
|
||||
return SFIP_SUCCESS;
|
||||
}
|
||||
|
||||
/* Sets existing IP, "dst", to be source IP, "src" */
|
||||
SFIP_RET sfip_set_ip(sfip_t *dst, sfip_t *src) {
|
||||
ARG_CHECK2(dst, src, SFIP_ARG_ERR);
|
||||
|
||||
dst->family = src->family;
|
||||
dst->bits = src->bits;
|
||||
dst->ip32[0] = src->ip32[0];
|
||||
dst->ip32[1] = src->ip32[1];
|
||||
dst->ip32[2] = src->ip32[2];
|
||||
dst->ip32[3] = src->ip32[3];
|
||||
|
||||
return SFIP_SUCCESS;
|
||||
}
|
||||
|
||||
/* Obfuscates an IP
|
||||
* Makes 'ip': ob | (ip & mask) */
|
||||
void sfip_obfuscate(sfip_t *ob, sfip_t *ip) {
|
||||
unsigned int *ob_p, *ip_p;
|
||||
int index, i;
|
||||
unsigned int mask = 0;
|
||||
|
||||
if(!ob || !ip)
|
||||
return;
|
||||
|
||||
ob_p = ob->ip32;
|
||||
ip_p = ip->ip32;
|
||||
|
||||
/* Build the netmask by converting "val" into
|
||||
* the corresponding number of bits that are set */
|
||||
index = (int)ceil(ob->bits / 32.0) - 1;
|
||||
|
||||
for(i = 0; i < 32- (ob->bits - (index * 32)); i++)
|
||||
mask = (mask<<1) + 1;
|
||||
|
||||
/* Note: The old-Snort obfuscation code uses !mask for masking.
|
||||
* hence, this code uses the same algorithm as sfip_cidr_mask
|
||||
* except the mask below is not negated. */
|
||||
ip_p[index] = htonl((ntohl(ip_p[index]) & mask));
|
||||
|
||||
/* 0 off the start of the IP */
|
||||
while ( index > 0 ) ip_p[--index] = 0;
|
||||
|
||||
/* OR remaining pieces */
|
||||
ip_p[0] |= ob_p[0];
|
||||
ip_p[1] |= ob_p[1];
|
||||
ip_p[2] |= ob_p[2];
|
||||
ip_p[3] |= ob_p[3];
|
||||
}
|
||||
|
||||
|
||||
/* Check if ip is contained within the network specified by net */
|
||||
/* Returns SFIP_EQUAL if so.
|
||||
* XXX sfip_contains assumes that "ip" is
|
||||
* not less-specific than "net" XXX
|
||||
*/
|
||||
SFIP_RET sfip_contains(sfip_t *net, sfip_t *ip) {
|
||||
unsigned int bits, mask, temp, i;
|
||||
int net_fam, ip_fam;
|
||||
unsigned int *p1, *p2;
|
||||
|
||||
/* SFIP_CONTAINS is returned here due to how IpAddrSetContains
|
||||
* handles zero'ed IPs" */
|
||||
ARG_CHECK2(net, ip, SFIP_CONTAINS);
|
||||
|
||||
bits = sfip_bits(net);
|
||||
net_fam = sfip_family(net);
|
||||
ip_fam = sfip_family(ip);
|
||||
|
||||
/* If the families are mismatched, check if we're really comparing
|
||||
* an IPv4 with a mapped IPv4 (in IPv6) address. */
|
||||
if(net_fam != ip_fam) {
|
||||
if((net_fam != AF_INET) || !sfip_ismapped(ip))
|
||||
return SFIP_ARG_ERR;
|
||||
|
||||
/* Both are really IPv4. Only compare last 4 bytes of 'ip'*/
|
||||
p1 = net->ip32;
|
||||
p2 = &ip->ip32[3];
|
||||
|
||||
/* Mask off bits */
|
||||
bits = 32 - bits;
|
||||
temp = (ntohl(*p2) >> bits) << bits;
|
||||
|
||||
if(ntohl(*p1) == temp) return SFIP_CONTAINS;
|
||||
|
||||
return SFIP_NOT_CONTAINS;
|
||||
}
|
||||
|
||||
p1 = net->ip32;
|
||||
p2 = ip->ip32;
|
||||
|
||||
/* Iterate over each 32 bit segment */
|
||||
for(i=0; i < bits/32 && i < 3; i++, p1++, p2++) {
|
||||
if(*p1 != *p2)
|
||||
return SFIP_NOT_CONTAINS;
|
||||
}
|
||||
|
||||
mask = 32 - (bits - 32*i);
|
||||
if ( mask == 32 ) return SFIP_CONTAINS;
|
||||
|
||||
/* At this point, there are some number of remaining bits to check.
|
||||
* Mask the bits we don't care about off of "ip" so we can compare
|
||||
* the ints directly */
|
||||
temp = ntohl(*p2);
|
||||
temp = (temp >> mask) << mask;
|
||||
|
||||
/* If p1 was setup correctly through this library, there is no need to
|
||||
* mask off any bits of its own. */
|
||||
if(ntohl(*p1) == temp)
|
||||
return SFIP_CONTAINS;
|
||||
|
||||
return SFIP_NOT_CONTAINS;
|
||||
|
||||
}
|
||||
|
||||
void sfip_raw_ntop(int family, const void *ip_raw, char *buf, int bufsize) {
|
||||
int i;
|
||||
|
||||
if(!ip_raw || !buf || !bufsize ||
|
||||
(family != AF_INET && family != AF_INET6) ||
|
||||
/* Make sure if it's IPv6 that the buf is large enough. */
|
||||
/* Need atleast a max of 8 fields of 4 bytes plus 7 for colons in
|
||||
* between. Need 1 more byte for null. */
|
||||
(family == AF_INET6 && bufsize < 8*4 + 7 + 1) ||
|
||||
/* Make sure if it's IPv4 that the buf is large enough. */
|
||||
/* 4 fields of 3 numbers, plus 3 dots and a null byte */
|
||||
(family == AF_INET && bufsize < 3*4 + 4) )
|
||||
{
|
||||
if(buf && bufsize > 0) buf[0] = 0;
|
||||
return;
|
||||
}
|
||||
|
||||
/* 4 fields of at most 3 characters each */
|
||||
if(family == AF_INET) {
|
||||
u_int8_t *p = (u_int8_t*)ip_raw;
|
||||
|
||||
for(i=0; p < ((u_int8_t*)ip_raw) + 4; p++) {
|
||||
i += sprintf(&buf[i], "%d", *p);
|
||||
|
||||
/* If this is the last iteration, this could technically cause one
|
||||
* extra byte to be written past the end. */
|
||||
if(i < bufsize && ((p + 1) < ((u_int8_t*)ip_raw+4)))
|
||||
buf[i] = '.';
|
||||
|
||||
i++;
|
||||
}
|
||||
|
||||
/* Check if this is really just an IPv4 address represented as 6,
|
||||
* in compatible format */
|
||||
#if 0
|
||||
}
|
||||
else if(!field[0] && !field[1] && !field[2]) {
|
||||
unsigned char *p = (unsigned char *)(&ip->ip[12]);
|
||||
|
||||
for(i=0; p < &ip->ip[16]; p++)
|
||||
i += sprintf(&buf[i], "%d.", *p);
|
||||
#endif
|
||||
}
|
||||
else {
|
||||
u_int16_t *p = (u_int16_t*)ip_raw;
|
||||
|
||||
for(i=0; p < ((u_int16_t*)ip_raw) + 8; p++) {
|
||||
i += sprintf(&buf[i], "%04x", ntohs(*p));
|
||||
|
||||
/* If this is the last iteration, this could technically cause one
|
||||
* extra byte to be written past the end. */
|
||||
if(i < bufsize && ((p + 1) < ((u_int16_t*)ip_raw) + 8))
|
||||
buf[i] = ':';
|
||||
|
||||
i++;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/* Uses a static buffer to return a string representation of the IP */
|
||||
char *sfip_to_str(const sfip_t *ip) {
|
||||
/* IPv6 addresses will be at most 8 fields, of 4 characters each,
|
||||
* with 7 colons inbetween, one NULL, and one fudge byte for sloppy use
|
||||
* in sfip_to_strbuf */
|
||||
static char buf[8*4 + 7 + 1 + 1];
|
||||
|
||||
if(!ip)
|
||||
return NULL;
|
||||
|
||||
sfip_raw_ntop(sfip_family(ip), ip->ip32, buf, sizeof(buf));
|
||||
|
||||
return buf;
|
||||
}
|
||||
|
||||
void sfip_free(sfip_t *ip) {
|
||||
if(ip) free(ip);
|
||||
}
|
||||
|
||||
/* Returns 1 if the IP is non-zero. 0 otherwise */
|
||||
int sfip_is_loopback(sfip_t *ip) {
|
||||
unsigned int *p;
|
||||
|
||||
ARG_CHECK1(ip, 0);
|
||||
|
||||
if(sfip_family(ip) == AF_INET) {
|
||||
// 127.0.0.0/8 is IPv4 loopback
|
||||
return (ip->ip8[0] == 0x7f);
|
||||
}
|
||||
|
||||
p = ip->ip32;
|
||||
|
||||
/* Check the first 64 bits in an IPv6 address, and */
|
||||
/* verify they're zero. If not, it's not a loopback */
|
||||
if(p[0] || p[1]) return 0;
|
||||
|
||||
/* Check if the 3rd 32-bit int is zero */
|
||||
if ( p[2] == 0 ) {
|
||||
/* ::7f00:0/104 is ipv4 compatible ipv6 */
|
||||
/* ::1 is the IPv6 loopback */
|
||||
return ( (ip->ip8[12] == 0x7f) || (ntohl(p[3]) == 0x1) );
|
||||
}
|
||||
/* Check the 3rd 32-bit int for a mapped IPv4 address */
|
||||
if ( ntohl(p[2]) == 0xffff ) {
|
||||
/* ::ffff:127.0.0.0/104 is IPv4 loopback mapped over IPv6 */
|
||||
return ( ip->ip8[12] == 0x7f );
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
|
||||
int sfip_ismapped(sfip_t *ip) {
|
||||
unsigned int *p;
|
||||
|
||||
ARG_CHECK1(ip, 0);
|
||||
|
||||
if(sfip_family(ip) == AF_INET)
|
||||
return 0;
|
||||
|
||||
p = ip->ip32;
|
||||
|
||||
if(p[0] || p[1] || (ntohl(p[2]) != 0xffff && p[2] != 0)) return 0;
|
||||
|
||||
return 1;
|
||||
}
|
||||
|
|
@ -0,0 +1,431 @@
|
|||
/*
|
||||
** Copyright (C) 1998-2010 Sourcefire, Inc.
|
||||
** Adam Keeton
|
||||
** Kevin Liu <kliu@sourcefire.com>
|
||||
*
|
||||
** $ID: $
|
||||
**
|
||||
** This program is free software; you can redistribute it and/or modify
|
||||
** it under the terms of the GNU General Public License Version 2 as
|
||||
** published by the Free Software Foundation. You may not use, modify or
|
||||
** distribute this program under any other version of the GNU General
|
||||
** Public License.
|
||||
**
|
||||
** This program is distributed in the hope that it will be useful,
|
||||
** but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
** MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
** GNU General Public License for more details.
|
||||
**
|
||||
** You should have received a copy of the GNU General Public License
|
||||
** along with this program; if not, write to the Free Software
|
||||
** Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
|
||||
*/
|
||||
|
||||
/*
|
||||
* Adam Keeton
|
||||
* sf_ip.h
|
||||
* 11/17/06
|
||||
*/
|
||||
|
||||
#ifndef SF_IP_H
|
||||
#define SF_IP_H
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
#include "config.h"
|
||||
#endif
|
||||
|
||||
#ifndef WIN32
|
||||
#include <sys/types.h>
|
||||
#include <sys/socket.h>
|
||||
#include <arpa/inet.h>
|
||||
#endif
|
||||
|
||||
#ifdef SF_IP_TEST
|
||||
#define INLINE inline
|
||||
#else
|
||||
#include "debug.h" /* for INLINE definition */
|
||||
#endif
|
||||
|
||||
#include "sf_types.h"
|
||||
|
||||
/* define SFIP_ROBUST to check pointers passed into the sfip libs.
|
||||
* Robustification should not be enabled if the client code is trustworthy.
|
||||
* Namely, if pointers are checked once in the client, or are pointers to
|
||||
* data allocated on the stack, there's no need to check them again here.
|
||||
* The intention is to prevent the same stack-allocated variable from being
|
||||
* checked a dozen different times. */
|
||||
#define SFIP_ROBUST
|
||||
|
||||
#ifdef SFIP_ROBUST
|
||||
|
||||
#define ARG_CHECK1(a, z) if(!a) return z;
|
||||
#define ARG_CHECK2(a, b, z) if(!a || !b) return z;
|
||||
#define ARG_CHECK3(a, b, c, z) if(!a || !b || !c) return z;
|
||||
|
||||
#elif defined(DEBUG)
|
||||
|
||||
#define ARG_CHECK1(a, z) assert(a);
|
||||
#define ARG_CHECK2(a, b, z) assert(a); assert(b);
|
||||
#define ARG_CHECK3(a, b, c, z) assert(a); assert(b); assert(c);
|
||||
|
||||
#else
|
||||
|
||||
#define ARG_CHECK1(a, z)
|
||||
#define ARG_CHECK2(a, b, z)
|
||||
#define ARG_CHECK3(a, b, c, z)
|
||||
|
||||
#endif
|
||||
|
||||
typedef struct _ip {
|
||||
int family;
|
||||
int bits;
|
||||
|
||||
/* see sfip_size(): these address bytes
|
||||
* must be the last field in this struct */
|
||||
union
|
||||
{
|
||||
u_int8_t u6_addr8[16];
|
||||
u_int16_t u6_addr16[8];
|
||||
u_int32_t u6_addr32[4];
|
||||
// u_int64_t u6_addr64[2];
|
||||
} ip;
|
||||
#define ip8 ip.u6_addr8
|
||||
#define ip16 ip.u6_addr16
|
||||
#define ip32 ip.u6_addr32
|
||||
// #define ip64 ip.u6_addr64
|
||||
} sfip_t;
|
||||
|
||||
typedef enum _return_values {
|
||||
SFIP_SUCCESS=0,
|
||||
SFIP_FAILURE,
|
||||
SFIP_LESSER,
|
||||
SFIP_GREATER,
|
||||
SFIP_EQUAL,
|
||||
SFIP_ARG_ERR,
|
||||
SFIP_CIDR_ERR,
|
||||
SFIP_INET_PARSE_ERR,
|
||||
SFIP_INVALID_MASK,
|
||||
SFIP_ALLOC_ERR,
|
||||
SFIP_CONTAINS,
|
||||
SFIP_NOT_CONTAINS,
|
||||
SFIP_DUPLICATE, /* Tried to add a duplicate variable name to table */
|
||||
SFIP_LOOKUP_FAILURE, /* Failed to lookup a variable from the table */
|
||||
SFIP_UNMATCHED_BRACKET, /* IP lists that are missing a closing bracket */
|
||||
SFIP_NOT_ANY, /* For !any */
|
||||
SFIP_CONFLICT /* For IP conflicts in IP lists */
|
||||
} SFIP_RET;
|
||||
|
||||
|
||||
/* IP allocations and setting ******************************************/
|
||||
|
||||
/* Parses "src" and stores results in "dst" */
|
||||
/* If the conversion is invalid, returns SFIP_FAILURE */
|
||||
SFIP_RET sfip_pton(const char *src, sfip_t *dst);
|
||||
|
||||
/* Allocate IP address from a character array describing the IP */
|
||||
sfip_t *sfip_alloc(const char *ip, SFIP_RET *status);
|
||||
|
||||
/* Frees an sfip_t */
|
||||
void sfip_free(sfip_t *ip);
|
||||
|
||||
/* Allocate IP address from an array of integers. The array better be
|
||||
* long enough for the given family! */
|
||||
sfip_t *sfip_alloc_raw(void *ip, int family, SFIP_RET *status);
|
||||
|
||||
/* Sets existing IP, "dst", to a raw source IP (4 or 16 bytes,
|
||||
* according to family) */
|
||||
SFIP_RET sfip_set_raw(sfip_t *dst, void *src, int src_family);
|
||||
|
||||
/* Sets existing IP, "dst", to be source IP, "src" */
|
||||
SFIP_RET sfip_set_ip(sfip_t *dst, sfip_t *src);
|
||||
|
||||
/* Obfuscates an IP */
|
||||
void sfip_obfuscate(sfip_t *ob, sfip_t *ip);
|
||||
|
||||
/* return required size (eg for hashing)
|
||||
* requires that address bytes be the last field in sfip_t */
|
||||
static INLINE unsigned int sfip_size(sfip_t* ipt)
|
||||
{
|
||||
if ( ipt->family == AF_INET6 ) return sizeof(*ipt);
|
||||
return (unsigned int)((ipt->ip.u6_addr8+4) - (u_int8_t*)ipt);
|
||||
}
|
||||
|
||||
/* Member-access *******************************************************/
|
||||
|
||||
/* Returns the family of "ip", either AF_INET or AF_INET6 */
|
||||
/* XXX This is a performance critical function,
|
||||
* need to determine if it's safe to not check these pointers */
|
||||
// ARG_CHECK1(ip, 0);
|
||||
#define sfip_family(ip) ip->family
|
||||
|
||||
/* Returns the number of bits used for masking "ip" */
|
||||
static INLINE unsigned char sfip_bits(sfip_t *ip) {
|
||||
ARG_CHECK1(ip, 0);
|
||||
return (unsigned char)ip->bits;
|
||||
}
|
||||
|
||||
static INLINE void sfip_set_bits(sfip_t *p, int bits) {
|
||||
|
||||
if(!p)
|
||||
return;
|
||||
|
||||
if(bits < 0 || bits > 128) return;
|
||||
|
||||
p->bits = bits;
|
||||
}
|
||||
|
||||
/* Returns the raw IP address as an in6_addr */
|
||||
//inline struct in6_addr sfip_to_raw(sfip_t *);
|
||||
|
||||
|
||||
|
||||
/* IP Comparisons ******************************************************/
|
||||
|
||||
/* Check if ip is contained within the network specified by net */
|
||||
/* Returns SFIP_EQUAL if so */
|
||||
SFIP_RET sfip_contains(sfip_t *net, sfip_t *ip);
|
||||
|
||||
/* Returns 1 if the IP is non-zero. 0 otherwise */
|
||||
/* XXX This is a performance critical function, \
|
||||
* need to determine if it's safe to not check these pointers */\
|
||||
static INLINE int sfip_is_set(sfip_t *ip) {
|
||||
// ARG_CHECK1(ip, -1);
|
||||
return ip->ip32[0] ||
|
||||
( (ip->family == AF_INET6) &&
|
||||
(ip->ip32[1] ||
|
||||
ip->ip32[2] ||
|
||||
ip->ip32[3] || ip->bits != 128)) || ((ip->family == AF_INET) && ip->bits != 32) ;
|
||||
}
|
||||
|
||||
/* Return 1 if the IP is a loopback IP */
|
||||
int sfip_is_loopback(sfip_t *ip);
|
||||
|
||||
/* Returns 1 if the IPv6 address appears mapped. 0 otherwise. */
|
||||
int sfip_ismapped(sfip_t *ip);
|
||||
|
||||
/* Support function for sfip_compare */
|
||||
static INLINE SFIP_RET _ip4_cmp(u_int32_t ip1, u_int32_t ip2) {
|
||||
u_int32_t hip1 = htonl(ip1);
|
||||
u_int32_t hip2 = htonl(ip2);
|
||||
if(hip1 < hip2) return SFIP_LESSER;
|
||||
if(hip1 > hip2) return SFIP_GREATER;
|
||||
return SFIP_EQUAL;
|
||||
}
|
||||
|
||||
/* Support function for sfip_compare */
|
||||
static INLINE SFIP_RET _ip6_cmp(sfip_t *ip1, sfip_t *ip2) {
|
||||
SFIP_RET ret;
|
||||
u_int32_t *p1, *p2;
|
||||
|
||||
/* XXX
|
||||
* Argument are assumed trusted!
|
||||
* This function is presently only called by sfip_compare
|
||||
* on validated pointers.
|
||||
* XXX */
|
||||
|
||||
p1 = ip1->ip32;
|
||||
p2 = ip2->ip32;
|
||||
|
||||
if( (ret = _ip4_cmp(p1[0], p2[0])) != SFIP_EQUAL) return ret;
|
||||
if( (ret = _ip4_cmp(p1[1], p2[1])) != SFIP_EQUAL) return ret;
|
||||
if( (ret = _ip4_cmp(p1[2], p2[2])) != SFIP_EQUAL) return ret;
|
||||
if( (ret = _ip4_cmp(p1[3], p2[3])) != SFIP_EQUAL) return ret;
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
/* Compares two IPs
|
||||
* Returns SFIP_LESSER, SFIP_EQUAL, SFIP_GREATER, if ip1 is less than, equal to,
|
||||
* or greater than ip2 In the case of mismatched families, the IPv4 address
|
||||
* is converted to an IPv6 representation. */
|
||||
/* XXX-IPv6 Should add version of sfip_compare that just tests equality */
|
||||
static INLINE SFIP_RET sfip_compare(sfip_t *ip1, sfip_t *ip2) {
|
||||
int f1,f2;
|
||||
|
||||
ARG_CHECK2(ip1, ip2, SFIP_ARG_ERR);
|
||||
|
||||
/* This is being done because at some points in the existing Snort code,
|
||||
* an unset IP is considered to match anything. Thus, if either IP is not
|
||||
* set here, it's considered equal. */
|
||||
if(!sfip_is_set(ip1) || !sfip_is_set(ip2)) return SFIP_EQUAL;
|
||||
|
||||
f1 = sfip_family(ip1);
|
||||
f2 = sfip_family(ip2);
|
||||
|
||||
if(f1 == AF_INET && f2 == AF_INET) {
|
||||
return _ip4_cmp(*ip1->ip32, *ip2->ip32);
|
||||
}
|
||||
/* Mixed families not presently supported */
|
||||
#if 0
|
||||
else if(f1 == AF_INET && f2 == AF_INET6) {
|
||||
conv = sfip_4to6(ip1);
|
||||
return _ip6_cmp(&conv, ip2);
|
||||
} else if(f1 == AF_INET6 && f2 == AF_INET) {
|
||||
conv = sfip_4to6(ip2);
|
||||
return _ip6_cmp(ip1, &conv);
|
||||
}
|
||||
else {
|
||||
return _ip6_cmp(ip1, ip2);
|
||||
}
|
||||
#endif
|
||||
else if(f1 == AF_INET6 && f2 == AF_INET6) {
|
||||
return _ip6_cmp(ip1, ip2);
|
||||
}
|
||||
|
||||
return SFIP_FAILURE;
|
||||
}
|
||||
|
||||
/* Compares two IPs
|
||||
* Returns SFIP_LESSER, SFIP_EQUAL, SFIP_GREATER, if ip1 is less than, equal to,
|
||||
* or greater than ip2 In the case of mismatched families, the IPv4 address
|
||||
* is converted to an IPv6 representation. */
|
||||
/* XXX-IPv6 Should add version of sfip_compare that just tests equality */
|
||||
static INLINE SFIP_RET sfip_compare_unset(sfip_t *ip1, sfip_t *ip2) {
|
||||
int f1,f2;
|
||||
|
||||
ARG_CHECK2(ip1, ip2, SFIP_ARG_ERR);
|
||||
|
||||
/* This is to handle the special case when one of the values being
|
||||
* unset is considered to match nothing. This is the opposite of
|
||||
* sfip_compare(), defined above. Thus, if either IP is not
|
||||
* set here, it's considered not equal. */
|
||||
if(!sfip_is_set(ip1) || !sfip_is_set(ip2)) return SFIP_FAILURE;
|
||||
|
||||
f1 = sfip_family(ip1);
|
||||
f2 = sfip_family(ip2);
|
||||
|
||||
if(f1 == AF_INET && f2 == AF_INET) {
|
||||
return _ip4_cmp(*ip1->ip32, *ip2->ip32);
|
||||
}
|
||||
/* Mixed families not presently supported */
|
||||
#if 0
|
||||
else if(f1 == AF_INET && f2 == AF_INET6) {
|
||||
conv = sfip_4to6(ip1);
|
||||
return _ip6_cmp(&conv, ip2);
|
||||
} else if(f1 == AF_INET6 && f2 == AF_INET) {
|
||||
conv = sfip_4to6(ip2);
|
||||
return _ip6_cmp(ip1, &conv);
|
||||
}
|
||||
else {
|
||||
return _ip6_cmp(ip1, ip2);
|
||||
}
|
||||
#endif
|
||||
else if(f1 == AF_INET6 && f2 == AF_INET6) {
|
||||
return _ip6_cmp(ip1, ip2);
|
||||
}
|
||||
|
||||
return SFIP_FAILURE;
|
||||
}
|
||||
|
||||
static INLINE int sfip_fast_lt4(sfip_t *ip1, sfip_t *ip2) {
|
||||
return *ip1->ip32 < *ip2->ip32;
|
||||
}
|
||||
static INLINE int sfip_fast_gt4(sfip_t *ip1, sfip_t *ip2) {
|
||||
return *ip1->ip32 > *ip2->ip32;
|
||||
}
|
||||
static INLINE int sfip_fast_eq4(sfip_t *ip1, sfip_t *ip2) {
|
||||
return *ip1->ip32 == *ip2->ip32;
|
||||
}
|
||||
|
||||
static INLINE int sfip_fast_lt6(sfip_t *ip1, sfip_t *ip2) {
|
||||
u_int32_t *p1, *p2;
|
||||
|
||||
p1 = ip1->ip32;
|
||||
p2 = ip2->ip32;
|
||||
|
||||
if(*p1 < *p2) return 1;
|
||||
else if(*p1 > *p2) return 0;
|
||||
|
||||
if(p1[1] < p2[1]) return 1;
|
||||
else if(p1[1] > p2[1]) return 0;
|
||||
|
||||
if(p1[2] < p2[2]) return 1;
|
||||
else if(p1[2] > p2[2]) return 0;
|
||||
|
||||
if(p1[3] < p2[3]) return 1;
|
||||
else if(p1[3] > p2[3]) return 0;
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
static INLINE int sfip_fast_gt6(sfip_t *ip1, sfip_t *ip2) {
|
||||
u_int32_t *p1, *p2;
|
||||
|
||||
p1 = ip1->ip32;
|
||||
p2 = ip2->ip32;
|
||||
|
||||
if(*p1 > *p2) return 1;
|
||||
else if(*p1 < *p2) return 0;
|
||||
|
||||
if(p1[1] > p2[1]) return 1;
|
||||
else if(p1[1] < p2[1]) return 0;
|
||||
|
||||
if(p1[2] > p2[2]) return 1;
|
||||
else if(p1[2] < p2[2]) return 0;
|
||||
|
||||
if(p1[3] > p2[3]) return 1;
|
||||
else if(p1[3] < p2[3]) return 0;
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
static INLINE int sfip_fast_eq6(sfip_t *ip1, sfip_t *ip2) {
|
||||
u_int32_t *p1, *p2;
|
||||
|
||||
p1 = ip1->ip32;
|
||||
p2 = ip2->ip32;
|
||||
|
||||
if(*p1 != *p2) return 0;
|
||||
if(p1[1] != p2[1]) return 0;
|
||||
if(p1[2] != p2[2]) return 0;
|
||||
if(p1[3] != p2[3]) return 0;
|
||||
|
||||
return 1;
|
||||
}
|
||||
|
||||
/* Checks if ip2 is equal to ip1 or contained within the CIDR ip1 */
|
||||
static INLINE int sfip_fast_cont4(sfip_t *ip1, sfip_t *ip2) {
|
||||
u_int32_t shift = 32 - sfip_bits(ip1);
|
||||
u_int32_t ip = ntohl(*ip2->ip32);
|
||||
|
||||
ip >>= shift;
|
||||
ip <<= shift;
|
||||
|
||||
return ntohl(*ip1->ip32) == ip;
|
||||
}
|
||||
|
||||
/* Checks if ip2 is equal to ip1 or contained within the CIDR ip1 */
|
||||
static INLINE int sfip_fast_cont6(sfip_t *ip1, sfip_t *ip2) {
|
||||
u_int32_t ip;
|
||||
int i, bits = sfip_bits(ip1);
|
||||
int words = bits / 32;
|
||||
bits = 32 - (bits % 32);
|
||||
|
||||
for ( i = 0; i < words; i++ ) {
|
||||
if ( ip1->ip32[i] != ip2->ip32[i] )
|
||||
return 0;
|
||||
}
|
||||
|
||||
if ( bits == 32 ) return 1;
|
||||
|
||||
ip = ntohl(ip2->ip32[i]);
|
||||
|
||||
ip >>= bits;
|
||||
ip <<= bits;
|
||||
|
||||
return ntohl(ip1->ip32[i]) == ip;
|
||||
}
|
||||
|
||||
#define sfip_equals(x,y) (sfip_compare(&x, &y) == SFIP_EQUAL)
|
||||
#define sfip_not_equals !sfip_equals
|
||||
#define sfip_clear(x) memset(x, 0, 16)
|
||||
|
||||
/* Printing ************************************************************/
|
||||
|
||||
/* Uses a static buffer to return a string representation of the IP */
|
||||
char *sfip_to_str(const sfip_t *ip);
|
||||
#define sfip_ntoa(x) sfip_to_str(x)
|
||||
void sfip_raw_ntop(int family, const void *ip_raw, char *buf, int bufsize);
|
||||
|
||||
#endif // SF_IP_H
|
||||
|
|
@ -0,0 +1,138 @@
|
|||
/*
|
||||
** Copyright (C) 1998-2010 Sourcefire, Inc.
|
||||
**
|
||||
** This program is free software; you can redistribute it and/or modify
|
||||
** it under the terms of the GNU General Public License Version 2 as
|
||||
** published by the Free Software Foundation. You may not use, modify or
|
||||
** distribute this program under any other version of the GNU General
|
||||
** Public License.
|
||||
**
|
||||
** This program is distributed in the hope that it will be useful,
|
||||
** but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
** MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
** GNU General Public License for more details.
|
||||
**
|
||||
** You should have received a copy of the GNU General Public License
|
||||
** along with this program; if not, write to the Free Software
|
||||
** Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
|
||||
*/
|
||||
|
||||
/*
|
||||
* Adam Keeton
|
||||
* sf_ipvar.h
|
||||
* 11/17/06
|
||||
*/
|
||||
|
||||
|
||||
#ifndef SF_IPVAR_H
|
||||
#define SF_IPVAR_H
|
||||
|
||||
/* Flags */
|
||||
#define SFIP_NEGATED 1
|
||||
#define SFIP_ANY 2
|
||||
|
||||
#include <stdio.h>
|
||||
#include "sf_ip.h"
|
||||
|
||||
/* Selects which mode a given variable is using to
|
||||
* store and lookup IP addresses */
|
||||
typedef enum _modes {
|
||||
SFIP_LIST,
|
||||
SFIP_TABLE
|
||||
} MODES;
|
||||
|
||||
/* Used by the "list" mode. A doubly linked list of sfip_t objects. */
|
||||
typedef struct _ip_node {
|
||||
sfip_t *ip;
|
||||
#ifdef SUP_IP6
|
||||
#define ip_addr ip; /* To ease porting Snort */
|
||||
#endif
|
||||
struct _ip_node *next;
|
||||
int flags;
|
||||
// XXX
|
||||
int addr_flags; /* Flags used exlusively by Snort */
|
||||
/* Keeping these variables seperate keeps
|
||||
* this from stepping on Snort's toes. */
|
||||
/* Should merge them later */
|
||||
} sfip_node_t;
|
||||
|
||||
/* An IP variable onkect */
|
||||
typedef struct _var_t {
|
||||
/* Selects whether or not to use the list, the table,
|
||||
* or any other method added later */
|
||||
MODES mode;
|
||||
|
||||
/* Linked lists. Switch to something faster later */
|
||||
sfip_node_t *head;
|
||||
sfip_node_t *neg_head;
|
||||
|
||||
/* The mode above will select whether to use the sfip_node_t linked list
|
||||
* or the IP routing table */
|
||||
// sfrt rt;
|
||||
|
||||
/* Linked list of IP variables for the variable table */
|
||||
struct _var_t *next;
|
||||
|
||||
uint32_t id;
|
||||
char *name;
|
||||
} sfip_var_t;
|
||||
|
||||
/* A variable table for storing and looking up variables */
|
||||
/* Expand later to use a faster data structure */
|
||||
typedef struct _vartable_t {
|
||||
sfip_var_t *head;
|
||||
uint32_t id;
|
||||
} vartable_t;
|
||||
|
||||
/* Creates a new variable that is an alias of another variable
|
||||
* Does a "deep" copy so it owns it's own pointers */
|
||||
sfip_var_t * sfvar_create_alias(const sfip_var_t *alias_from, const char *alias_to);
|
||||
|
||||
/* Returns 1 if the two variables are aliases of each other, 0 otherwise */
|
||||
int sfvar_is_alias(const sfip_var_t *one, const sfip_var_t *two);
|
||||
|
||||
/* Allocates a new variable as according to "str" */
|
||||
sfip_var_t *sfvar_alloc(vartable_t *table, char *str, SFIP_RET *status);
|
||||
|
||||
/* Makes sure there are no IP address conflicts in the variable */
|
||||
/* Returns SFIP_CONFLICT if so */
|
||||
SFIP_RET sfvar_validate(sfip_var_t *var);
|
||||
|
||||
/* Parses an IP list described by 'str' and saves the results in 'var'. */
|
||||
SFIP_RET sfvar_parse_iplist(vartable_t *table, sfip_var_t *var,
|
||||
char *str, int negation);
|
||||
|
||||
/* Allocaties and returns an IP node described by 'str' */
|
||||
sfip_node_t *sfipnode_alloc(char *str, SFIP_RET *status);
|
||||
|
||||
/* Adds a deep copy of src to dst */
|
||||
/* Ordering is not necessarily preserved */
|
||||
SFIP_RET sfvar_add(sfip_var_t *dst, sfip_var_t *src);
|
||||
|
||||
/* Adds the nodes in 'src' to the variable 'dst' */
|
||||
/* The mismatch of types is for ease-of-supporting Snort4 and
|
||||
* Snort6 simultaneously */
|
||||
SFIP_RET sfvar_add_node(sfip_var_t *dst, sfip_node_t *src, int negated);
|
||||
|
||||
/* Compares two variables. Necessary when building RTN structure */
|
||||
SFIP_RET sfvar_compare(const sfip_var_t *one, const sfip_var_t *two);
|
||||
|
||||
/* Deep copy. Returns identical, new, linked list of sfipnodes. */
|
||||
sfip_var_t *sfvar_deep_copy(const sfip_var_t *src);
|
||||
|
||||
/* Free an allocated variable */
|
||||
void sfvar_free(sfip_var_t *var);
|
||||
|
||||
/* Returns non-zero if ip is contained in 'var', 0 otherwise */
|
||||
/* If either argument is NULL, 0 is returned. */
|
||||
int sfvar_ip_in(sfip_var_t *var, sfip_t *ip);
|
||||
|
||||
/* Prints the variable "var" to the file descriptor 'f' */
|
||||
void sfvar_print(FILE *f, sfip_var_t *var);
|
||||
|
||||
void sfip_set_print(FILE *f, sfip_node_t *head);
|
||||
|
||||
/* Returns the node's flags */
|
||||
int sfvar_flags(sfip_node_t *node);
|
||||
|
||||
#endif
|
|
@ -0,0 +1,666 @@
|
|||
/*
|
||||
* sf_snort_packet.h
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License Version 2 as
|
||||
* published by the Free Software Foundation. You may not use, modify or
|
||||
* distribute this program under any other version of the GNU General
|
||||
* Public License.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program; if not, write to the Free Software
|
||||
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
|
||||
*
|
||||
* Copyright (C) 2005-2010 Sourcefire, Inc.
|
||||
*
|
||||
* Author: Steve Sturges
|
||||
* Andy Mullican
|
||||
*
|
||||
* Date: 5/2005
|
||||
*
|
||||
* Sourcefire Black-box Plugin API for rules
|
||||
*
|
||||
*/
|
||||
|
||||
#ifndef _SF_SNORT_PACKET_H_
|
||||
#define _SF_SNORT_PACKET_H_
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
#include <config.h>
|
||||
#endif
|
||||
|
||||
#ifndef WIN32
|
||||
#include <sys/types.h>
|
||||
#include <netinet/in.h>
|
||||
#else
|
||||
#include <winsock2.h>
|
||||
#include <windows.h>
|
||||
#endif
|
||||
|
||||
#include "sf_ip.h"
|
||||
|
||||
#define VLAN_HDR_LEN 4
|
||||
|
||||
typedef struct _VlanHeader
|
||||
{
|
||||
u_int16_t vth_pri_cfi_vlan;
|
||||
u_int16_t vth_proto; /* protocol field... */
|
||||
|
||||
} VlanHeader;
|
||||
|
||||
//#define NO_NON_ETHER_DECODER
|
||||
#define ETHER_HDR_LEN 14
|
||||
#define ETHERNET_TYPE_IP 0x0800
|
||||
#define ETHERNET_TYPE_8021Q 0x8100
|
||||
|
||||
typedef struct _EtherHeader
|
||||
{
|
||||
u_int8_t ether_destination[6];
|
||||
u_int8_t ether_source[6];
|
||||
u_int16_t ethernet_type;
|
||||
|
||||
} EtherHeader;
|
||||
|
||||
/* We must twiddle to align the offset the ethernet header and align
|
||||
* the IP header on solaris -- maybe this will work on HPUX too.
|
||||
*/
|
||||
#if defined (SOLARIS) || defined (SUNOS) || defined (__sparc__) || defined(__sparc64__) || defined (HPUX)
|
||||
#define SUN_SPARC_TWIDDLE 2
|
||||
#else
|
||||
#define SUN_SPARC_TWIDDLE 0
|
||||
#endif
|
||||
|
||||
#define IP_RESBIT 0x8000
|
||||
#ifdef IP_DONTFRAG
|
||||
#undef IP_DONTFRAG
|
||||
#endif
|
||||
#define IP_DONTFRAG 0x4000
|
||||
#define IP_MOREFRAGS 0x2000
|
||||
|
||||
#ifndef IP_MAXPKT
|
||||
#define IP_MAXPKT 65535 /* maximum packet size */
|
||||
#endif /* IP_MAXPACKET */
|
||||
|
||||
#define IP_HDR_LEN 20
|
||||
|
||||
typedef struct _IPV4Header
|
||||
{
|
||||
u_int8_t version_headerlength;
|
||||
u_int8_t type_service;
|
||||
u_int16_t data_length;
|
||||
u_int16_t identifier;
|
||||
u_int16_t offset;
|
||||
u_int8_t time_to_live;
|
||||
u_int8_t proto;
|
||||
u_int16_t checksum;
|
||||
struct in_addr source;
|
||||
struct in_addr destination;
|
||||
} IPV4Header;
|
||||
|
||||
#define MAX_IP_OPTIONS 40
|
||||
#define MAX_IP6_EXTENSIONS 40
|
||||
/* ip option codes */
|
||||
#define IPOPTION_EOL 0x00
|
||||
#define IPOPTION_NOP 0x01
|
||||
#define IPOPTION_RR 0x07
|
||||
#define IPOPTION_RTRALT 0x94
|
||||
#define IPOPTION_TS 0x44
|
||||
#define IPOPTION_SECURITY 0x82
|
||||
#define IPOPTION_LSRR 0x83
|
||||
#define IPOPTION_LSRR_E 0x84
|
||||
#define IPOPTION_SATID 0x88
|
||||
#define IPOPTION_SSRR 0x89
|
||||
|
||||
typedef struct _IPOptions
|
||||
{
|
||||
u_int8_t option_code;
|
||||
u_int8_t length;
|
||||
u_int8_t *option_data;
|
||||
} IPOptions;
|
||||
|
||||
|
||||
#define TCP_HDR_LEN 20
|
||||
|
||||
typedef struct _TCPHeader
|
||||
{
|
||||
u_int16_t source_port;
|
||||
u_int16_t destination_port;
|
||||
u_int32_t sequence;
|
||||
u_int32_t acknowledgement;
|
||||
u_int8_t offset_reserved;
|
||||
u_int8_t flags;
|
||||
u_int16_t window;
|
||||
u_int16_t checksum;
|
||||
u_int16_t urgent_pointer;
|
||||
} TCPHeader;
|
||||
|
||||
#define TCPHEADER_FIN 0x01
|
||||
#define TCPHEADER_SYN 0x02
|
||||
#define TCPHEADER_RST 0x04
|
||||
#define TCPHEADER_PUSH 0x08
|
||||
#define TCPHEADER_ACK 0x10
|
||||
#define TCPHEADER_URG 0x20
|
||||
#define TCPHEADER_RES2 0x40
|
||||
#define TCPHEADER_RES1 0x80
|
||||
#define TCPHEADER_NORESERVED (TCPHEADER_FIN|TCPHEADER_SYN|TCPHEADER_RST \
|
||||
|TCPHEADER_PUSH|TCPHEADER_ACK|TCPHEADER_URG)
|
||||
|
||||
#define MAX_TCP_OPTIONS 40
|
||||
/* tcp option codes */
|
||||
#define TCPOPT_EOL 0x00
|
||||
#define TCPOPT_NOP 0x01
|
||||
#define TCPOPT_MSS 0x02
|
||||
#define TCPOPT_WSCALE 0x03 /* window scale factor (rfc1072) */
|
||||
#define TCPOPT_SACKOK 0x04 /* selective ack ok (rfc1072) */
|
||||
#define TCPOPT_SACK 0x05 /* selective ack (rfc1072) */
|
||||
#define TCPOPT_ECHO 0x06 /* echo (rfc1072) */
|
||||
#define TCPOPT_ECHOREPLY 0x07 /* echo (rfc1072) */
|
||||
#define TCPOPT_TIMESTAMP 0x08 /* timestamps (rfc1323) */
|
||||
#define TCPOPT_CC 0x11 /* T/TCP CC options (rfc1644) */
|
||||
#define TCPOPT_CCNEW 0x12 /* T/TCP CC options (rfc1644) */
|
||||
#define TCPOPT_CCECHO 0x13 /* T/TCP CC options (rfc1644) */
|
||||
|
||||
typedef IPOptions TCPOptions;
|
||||
|
||||
#define UDP_HDR_LEN 8
|
||||
|
||||
typedef struct _UDPHeader
|
||||
{
|
||||
u_int16_t source_port;
|
||||
u_int16_t destination_port;
|
||||
u_int16_t data_length;
|
||||
u_int16_t checksum;
|
||||
} UDPHeader;
|
||||
|
||||
typedef struct _ICMPSequenceID
|
||||
{
|
||||
u_int16_t id;
|
||||
u_int16_t seq;
|
||||
} ICMPSequenceID;
|
||||
|
||||
typedef struct _ICMPHeader
|
||||
{
|
||||
u_int8_t type;
|
||||
u_int8_t code;
|
||||
u_int16_t checksum;
|
||||
|
||||
union
|
||||
{
|
||||
/* type 12 */
|
||||
u_int8_t parameter_problem_ptr;
|
||||
|
||||
/* type 5 */
|
||||
struct in_addr gateway_addr;
|
||||
|
||||
/* type 8, 0 */
|
||||
ICMPSequenceID echo;
|
||||
|
||||
/* type 13, 14 */
|
||||
ICMPSequenceID timestamp;
|
||||
|
||||
/* type 15, 16 */
|
||||
ICMPSequenceID info;
|
||||
|
||||
int voidInfo;
|
||||
|
||||
/* type 3/code=4 (Path MTU, RFC 1191) */
|
||||
struct path_mtu
|
||||
{
|
||||
u_int16_t voidInfo;
|
||||
u_int16_t next_mtu;
|
||||
} path_mtu;
|
||||
|
||||
/* type 9 */
|
||||
struct router_advertisement
|
||||
{
|
||||
u_int8_t number_addrs;
|
||||
u_int8_t entry_size;
|
||||
u_int16_t lifetime;
|
||||
} router_advertisement;
|
||||
} icmp_header_union;
|
||||
|
||||
#define icmp_parameter_ptr icmp_header_union.parameter_problem_ptr
|
||||
#define icmp_gateway_addr icmp_header_union.gateway_waddr
|
||||
#define icmp_echo_id icmp_header_union.echo.id
|
||||
#define icmp_echo_seq icmp_header_union.echo.seq
|
||||
#define icmp_timestamp_id icmp_header_union.timestamp.id
|
||||
#define icmp_timestamp_seq icmp_header_union.timestamp.seq
|
||||
#define icmp_info_id icmp_header_union.info.id
|
||||
#define icmp_info_seq icmp_header_union.info.seq
|
||||
#define icmp_void icmp_header_union.void
|
||||
#define icmp_nextmtu icmp_header_union.path_mtu.nextmtu
|
||||
#define icmp_ra_num_addrs icmp_header_union.router_advertisement.number_addrs
|
||||
#define icmp_ra_entry_size icmp_header_union.router_advertisement.entry_size
|
||||
#define icmp_ra_lifetime icmp_header_union.router_advertisement.lifetime
|
||||
|
||||
union
|
||||
{
|
||||
/* timestamp */
|
||||
struct timestamp
|
||||
{
|
||||
u_int32_t orig;
|
||||
u_int32_t receive;
|
||||
u_int32_t transmit;
|
||||
} timestamp;
|
||||
|
||||
/* IP header for unreach */
|
||||
struct ipv4_header
|
||||
{
|
||||
IPV4Header *ip;
|
||||
/* options and then 64 bits of data */
|
||||
} ipv4_header;
|
||||
|
||||
/* Router Advertisement */
|
||||
struct router_address
|
||||
{
|
||||
u_int32_t addr;
|
||||
u_int32_t preference;
|
||||
} router_address;
|
||||
|
||||
/* type 17, 18 */
|
||||
u_int32_t mask;
|
||||
|
||||
char data[1];
|
||||
|
||||
} icmp_data_union;
|
||||
#define icmp_orig_timestamp icmp_data_union.timestamp.orig
|
||||
#define icmp_recv_timestamp icmp_data_union.timestamp.receive
|
||||
#define icmp_xmit_timestamp icmp_data_union.timestamp.transmit
|
||||
#define icmp_ipheader icmp_data_union.ip_header
|
||||
#define icmp_ra_addr0 icmp_data_union.router_address
|
||||
#define icmp_mask icmp_data_union.mask
|
||||
#define icmp_data icmp_data_union.data
|
||||
} ICMPHeader;
|
||||
|
||||
#define ICMP_ECHO_REPLY 0 /* Echo Reply */
|
||||
#define ICMP_DEST_UNREACHABLE 3 /* Destination Unreachable */
|
||||
#define ICMP_SOURCE_QUENCH 4 /* Source Quench */
|
||||
#define ICMP_REDIRECT 5 /* Redirect (change route) */
|
||||
#define ICMP_ECHO_REQUEST 8 /* Echo Request */
|
||||
#define ICMP_ROUTER_ADVERTISEMENT 9 /* Router Advertisement */
|
||||
#define ICMP_ROUTER_SOLICITATION 10 /* Router Solicitation */
|
||||
#define ICMP_TIME_EXCEEDED 11 /* Time Exceeded */
|
||||
#define ICMP_PARAMETER_PROBLEM 12 /* Parameter Problem */
|
||||
#define ICMP_TIMESTAMP_REQUEST 13 /* Timestamp Request */
|
||||
#define ICMP_TIMESTAMP_REPLY 14 /* Timestamp Reply */
|
||||
#define ICMP_INFO_REQUEST 15 /* Information Request */
|
||||
#define ICMP_INFO_REPLY 16 /* Information Reply */
|
||||
#define ICMP_ADDRESS_REQUEST 17 /* Address Mask Request */
|
||||
#define ICMP_ADDRESS_REPLY 18 /* Address Mask Reply */
|
||||
|
||||
#define CHECKSUM_INVALID_IP 0x01
|
||||
#define CHECKSUM_INVALID_TCP 0x02
|
||||
#define CHECKSUM_INVALID_UDP 0x04
|
||||
#define CHECKSUM_INVALID_ICMP 0x08
|
||||
#define CHECKSUM_INVALID_IGMP 0x10
|
||||
|
||||
typedef struct _IPv6Extension
|
||||
{
|
||||
u_int8_t option_type;
|
||||
const u_int8_t *option_data;
|
||||
} IP6Extension;
|
||||
|
||||
typedef struct _IPv4Hdr
|
||||
{
|
||||
u_int8_t ip_verhl; /* version & header length */
|
||||
u_int8_t ip_tos; /* type of service */
|
||||
u_int16_t ip_len; /* datagram length */
|
||||
u_int16_t ip_id; /* identification */
|
||||
u_int16_t ip_off; /* fragment offset */
|
||||
u_int8_t ip_ttl; /* time to live field */
|
||||
u_int8_t ip_proto; /* datagram protocol */
|
||||
u_int16_t ip_csum; /* checksum */
|
||||
sfip_t ip_src; /* source IP */
|
||||
sfip_t ip_dst; /* dest IP */
|
||||
} IP4Hdr;
|
||||
|
||||
typedef struct _IPv6Hdr
|
||||
{
|
||||
u_int32_t vcl; /* version, class, and label */
|
||||
u_int16_t len; /* length of the payload */
|
||||
u_int8_t next; /* next header
|
||||
* Uses the same flags as
|
||||
* the IPv4 protocol field */
|
||||
u_int8_t hop_lmt; /* hop limit */
|
||||
sfip_t ip_src;
|
||||
sfip_t ip_dst;
|
||||
} IP6Hdr;
|
||||
|
||||
typedef struct _IP6FragHdr
|
||||
{
|
||||
u_int8_t ip6f_nxt; /* next header */
|
||||
u_int8_t ip6f_reserved; /* reserved field */
|
||||
u_int16_t ip6f_offlg; /* offset, reserved, and flag */
|
||||
u_int32_t ip6f_ident; /* identification */
|
||||
} IP6FragHdr;
|
||||
|
||||
typedef struct _ICMP6
|
||||
{
|
||||
u_int8_t type;
|
||||
u_int8_t code;
|
||||
u_int16_t csum;
|
||||
|
||||
} ICMP6Hdr;
|
||||
|
||||
#define ICMP6_UNREACH 1
|
||||
#define ICMP6_BIG 2
|
||||
#define ICMP6_TIME 3
|
||||
#define ICMP6_PARAMS 4
|
||||
#define ICMP6_ECHO 128
|
||||
#define ICMP6_REPLY 129
|
||||
|
||||
/* Minus 1 due to the 'body' field */
|
||||
#define ICMP6_MIN_HEADER_LEN (sizeof(ICMP6Hdr) )
|
||||
|
||||
struct _SFSnortPacket;
|
||||
|
||||
|
||||
/* IPHeader access calls */
|
||||
sfip_t * ip4_ret_src(struct _SFSnortPacket *);
|
||||
sfip_t * ip4_ret_dst(struct _SFSnortPacket *);
|
||||
u_int16_t ip4_ret_tos(struct _SFSnortPacket *);
|
||||
u_int8_t ip4_ret_ttl(struct _SFSnortPacket *);
|
||||
u_int16_t ip4_ret_len(struct _SFSnortPacket *);
|
||||
u_int32_t ip4_ret_id(struct _SFSnortPacket *);
|
||||
u_int8_t ip4_ret_proto(struct _SFSnortPacket *);
|
||||
u_int16_t ip4_ret_off(struct _SFSnortPacket *);
|
||||
u_int8_t ip4_ret_ver(struct _SFSnortPacket *);
|
||||
u_int8_t ip4_ret_hlen(struct _SFSnortPacket *);
|
||||
|
||||
sfip_t * orig_ip4_ret_src(struct _SFSnortPacket *);
|
||||
sfip_t * orig_ip4_ret_dst(struct _SFSnortPacket *);
|
||||
u_int16_t orig_ip4_ret_tos(struct _SFSnortPacket *);
|
||||
u_int8_t orig_ip4_ret_ttl(struct _SFSnortPacket *);
|
||||
u_int16_t orig_ip4_ret_len(struct _SFSnortPacket *);
|
||||
u_int32_t orig_ip4_ret_id(struct _SFSnortPacket *);
|
||||
u_int8_t orig_ip4_ret_proto(struct _SFSnortPacket *);
|
||||
u_int16_t orig_ip4_ret_off(struct _SFSnortPacket *);
|
||||
u_int8_t orig_ip4_ret_ver(struct _SFSnortPacket *);
|
||||
u_int8_t orig_ip4_ret_hlen(struct _SFSnortPacket *);
|
||||
|
||||
sfip_t * ip6_ret_src(struct _SFSnortPacket *);
|
||||
sfip_t * ip6_ret_dst(struct _SFSnortPacket *);
|
||||
u_int16_t ip6_ret_toc(struct _SFSnortPacket *);
|
||||
u_int8_t ip6_ret_hops(struct _SFSnortPacket *);
|
||||
u_int16_t ip6_ret_len(struct _SFSnortPacket *);
|
||||
u_int32_t ip6_ret_id(struct _SFSnortPacket *);
|
||||
u_int8_t ip6_ret_next(struct _SFSnortPacket *);
|
||||
u_int16_t ip6_ret_off(struct _SFSnortPacket *);
|
||||
u_int8_t ip6_ret_ver(struct _SFSnortPacket *);
|
||||
u_int8_t ip6_ret_hlen(struct _SFSnortPacket *);
|
||||
|
||||
sfip_t * orig_ip6_ret_src(struct _SFSnortPacket *);
|
||||
sfip_t * orig_ip6_ret_dst(struct _SFSnortPacket *);
|
||||
u_int16_t orig_ip6_ret_toc(struct _SFSnortPacket *);
|
||||
u_int8_t orig_ip6_ret_hops(struct _SFSnortPacket *);
|
||||
u_int16_t orig_ip6_ret_len(struct _SFSnortPacket *);
|
||||
u_int32_t orig_ip6_ret_id(struct _SFSnortPacket *);
|
||||
u_int8_t orig_ip6_ret_next(struct _SFSnortPacket *);
|
||||
u_int16_t orig_ip6_ret_off(struct _SFSnortPacket *);
|
||||
u_int8_t orig_ip6_ret_ver(struct _SFSnortPacket *);
|
||||
u_int8_t orig_ip6_ret_hlen(struct _SFSnortPacket *);
|
||||
|
||||
typedef struct _IPH_API
|
||||
{
|
||||
sfip_t * (*iph_ret_src)(struct _SFSnortPacket *);
|
||||
sfip_t * (*iph_ret_dst)(struct _SFSnortPacket *);
|
||||
u_int16_t (*iph_ret_tos)(struct _SFSnortPacket *);
|
||||
u_int8_t (*iph_ret_ttl)(struct _SFSnortPacket *);
|
||||
u_int16_t (*iph_ret_len)(struct _SFSnortPacket *);
|
||||
u_int32_t (*iph_ret_id)(struct _SFSnortPacket *);
|
||||
u_int8_t (*iph_ret_proto)(struct _SFSnortPacket *);
|
||||
u_int16_t (*iph_ret_off)(struct _SFSnortPacket *);
|
||||
u_int8_t (*iph_ret_ver)(struct _SFSnortPacket *);
|
||||
u_int8_t (*iph_ret_hlen)(struct _SFSnortPacket *);
|
||||
|
||||
sfip_t * (*orig_iph_ret_src)(struct _SFSnortPacket *);
|
||||
sfip_t * (*orig_iph_ret_dst)(struct _SFSnortPacket *);
|
||||
u_int16_t (*orig_iph_ret_tos)(struct _SFSnortPacket *);
|
||||
u_int8_t (*orig_iph_ret_ttl)(struct _SFSnortPacket *);
|
||||
u_int16_t (*orig_iph_ret_len)(struct _SFSnortPacket *);
|
||||
u_int16_t (*orig_iph_ret_id)(struct _SFSnortPacket *);
|
||||
u_int8_t (*orig_iph_ret_proto)(struct _SFSnortPacket *);
|
||||
u_int16_t (*orig_iph_ret_off)(struct _SFSnortPacket *);
|
||||
u_int8_t (*orig_iph_ret_ver)(struct _SFSnortPacket *);
|
||||
u_int8_t (*orig_iph_ret_hlen)(struct _SFSnortPacket *);
|
||||
char version;
|
||||
} IPH_API;
|
||||
|
||||
#ifdef SUP_IP6
|
||||
|
||||
#include "ipv6_port.h"
|
||||
|
||||
#define IP6_HEADER_LEN 40
|
||||
|
||||
#define IPH_API_V4 4
|
||||
#define IPH_API_V6 6
|
||||
|
||||
extern IPH_API ip4;
|
||||
extern IPH_API ip6;
|
||||
|
||||
#define iph_is_valid(p) (p->family != NO_IP)
|
||||
|
||||
#define NO_IP 0
|
||||
|
||||
#define IP6_HDR_LEN 40
|
||||
#endif
|
||||
|
||||
typedef struct _MplsHdr
|
||||
{
|
||||
u_int32_t label;
|
||||
u_int8_t exp;
|
||||
u_int8_t bos;
|
||||
u_int8_t ttl;
|
||||
} MplsHdr;
|
||||
|
||||
typedef struct _SFSnortPacket
|
||||
{
|
||||
const struct pcap_pkthdr *pcap_header; /* Is this GPF'd? */
|
||||
const u_int8_t *pkt_data;
|
||||
|
||||
void *ether_arp_header;
|
||||
const EtherHeader *ether_header;
|
||||
const void *vlan_tag_header;
|
||||
void *ether_header_llc;
|
||||
void *ether_header_other;
|
||||
const void *gre_header;
|
||||
u_int32_t *mpls;
|
||||
|
||||
const IPV4Header *ip4_header, *orig_ip4_header;
|
||||
const IPV4Header *inner_ip4_header;
|
||||
const IPV4Header *outer_ip4_header;
|
||||
const TCPHeader *tcp_header, *orig_tcp_header;
|
||||
const UDPHeader *udp_header, *orig_udp_header;
|
||||
const ICMPHeader *icmp_header, *orig_icmp_header;
|
||||
|
||||
const u_int8_t *payload;
|
||||
const u_int8_t *ip_payload;
|
||||
const u_int8_t *outer_ip_payload;
|
||||
const u_int8_t *ip_frag_start;
|
||||
const u_int8_t *ip4_options_data;
|
||||
const u_int8_t *tcp_options_data;
|
||||
|
||||
void *stream_session_ptr;
|
||||
void *fragmentation_tracking_ptr;
|
||||
void *flow_ptr;
|
||||
void *stream_ptr;
|
||||
|
||||
IP4Hdr *ip4h, *orig_ip4h;
|
||||
IP6Hdr *ip6h, *orig_ip6h;
|
||||
ICMP6Hdr *icmp6h, *orig_icmp6h;
|
||||
|
||||
IPH_API* iph_api;
|
||||
IPH_API* orig_iph_api;
|
||||
IPH_API* outer_iph_api;
|
||||
IPH_API* outer_orig_iph_api;
|
||||
|
||||
IP4Hdr inner_ip4h, inner_orig_ip4h;
|
||||
IP6Hdr inner_ip6h, inner_orig_ip6h;
|
||||
IP4Hdr outer_ip4h, outer_orig_ip4h;
|
||||
IP6Hdr outer_ip6h, outer_orig_ip6h;
|
||||
|
||||
MplsHdr mplsHdr;
|
||||
|
||||
int family;
|
||||
int orig_family;
|
||||
int outer_family;
|
||||
int number_bytes_to_check;
|
||||
|
||||
//int ip_payload_length;
|
||||
//int ip_payload_offset;
|
||||
|
||||
u_int32_t preprocessor_bit_mask;
|
||||
u_int32_t preproc_reassembly_pkt_bit_mask;
|
||||
|
||||
u_int32_t pcap_cap_len;
|
||||
u_int32_t http_pipeline_count;
|
||||
u_int32_t flags;
|
||||
u_int16_t proto_bits;
|
||||
u_int16_t data_flags;
|
||||
|
||||
u_int16_t payload_size;
|
||||
u_int16_t ip_payload_size;
|
||||
u_int16_t normalized_payload_size;
|
||||
u_int16_t actual_ip_length;
|
||||
u_int16_t outer_ip_payload_size;
|
||||
|
||||
u_int16_t ip_fragment_offset;
|
||||
u_int16_t ip_frag_length;
|
||||
u_int16_t ip4_options_length;
|
||||
u_int16_t tcp_options_length;
|
||||
|
||||
u_int16_t src_port;
|
||||
u_int16_t dst_port;
|
||||
u_int16_t orig_src_port;
|
||||
u_int16_t orig_dst_port;
|
||||
|
||||
int16_t application_protocol_ordinal;
|
||||
|
||||
u_int8_t ip_fragmented;
|
||||
u_int8_t ip_more_fragments;
|
||||
u_int8_t ip_dont_fragment;
|
||||
u_int8_t ip_reserved;
|
||||
|
||||
u_int8_t num_uris;
|
||||
u_int8_t checksums_invalid;
|
||||
u_int8_t encapsulated;
|
||||
|
||||
u_int8_t num_ip_options;
|
||||
u_int8_t num_tcp_options;
|
||||
u_int8_t num_ip6_extensions;
|
||||
u_int8_t ip6_frag_extension;
|
||||
|
||||
u_char ip_last_option_invalid_flag;
|
||||
u_char tcp_last_option_invalid_flag;
|
||||
|
||||
#ifndef NO_NON_ETHER_DECODER
|
||||
const void *fddi_header;
|
||||
void *fddi_saps;
|
||||
void *fddi_sna;
|
||||
void *fddi_iparp;
|
||||
void *fddi_other;
|
||||
|
||||
const void *tokenring_header;
|
||||
void *tokenring_header_llc;
|
||||
void *tokenring_header_mr;
|
||||
|
||||
void *pflog1_header;
|
||||
void *pflog2_header;
|
||||
void *pflog3_header;
|
||||
|
||||
const void *sll_header;
|
||||
const void *wifi_header;
|
||||
const void *ppp_over_ether_header;
|
||||
|
||||
const void *ether_eapol_header;
|
||||
const void *eapol_headear;
|
||||
const u_int8_t *eapol_type;
|
||||
void *eapol_key;
|
||||
#endif
|
||||
|
||||
IPOptions ip_options[MAX_IP_OPTIONS];
|
||||
TCPOptions tcp_options[MAX_TCP_OPTIONS];
|
||||
IP6Extension ip6_extensions[MAX_IP6_EXTENSIONS];
|
||||
|
||||
/**policyId provided in configuration file. Used for correlating configuration
|
||||
* with event output
|
||||
*/
|
||||
uint16_t config_policy_id;
|
||||
|
||||
} SFSnortPacket;
|
||||
|
||||
#define PKT_ZERO_LEN offsetof(SFSnortPacket, ip_options)
|
||||
|
||||
#define PROTO_BIT__IP 0x0001
|
||||
#define PROTO_BIT__ARP 0x0002
|
||||
#define PROTO_BIT__TCP 0x0004
|
||||
#define PROTO_BIT__UDP 0x0008
|
||||
#define PROTO_BIT__ICMP 0x0010
|
||||
#define PROTO_BIT__ALL 0xffff
|
||||
|
||||
#define DATA_FLAGS_GZIP 0x0002
|
||||
|
||||
#define IsIP(p) (IPH_IS_VALID(p))
|
||||
#define IsTCP(p) (IsIP(p) && (GET_IPH_PROTO(p) == IPPROTO_TCP))
|
||||
#define IsUDP(p) (IsIP(p) && (GET_IPH_PROTO(p) == IPPROTO_UDP))
|
||||
#define IsICMP(p) (IsIP(p) && (GET_IPH_PROTO(p) == IPPROTO_ICMP))
|
||||
|
||||
#define SET_IP4_VER(ip_header, value) \
|
||||
((ip_header)->version_headerlength = \
|
||||
(unsigned char)(((ip_header)->version_headerlength & 0x0f) | (value << 4)))
|
||||
#define SET_IP4_HLEN(ip_header, value) \
|
||||
((ip_header)->version_headerlength = \
|
||||
(unsigned char)(((ip_header)->version_headerlength & 0xf0) | (value & 0x0f)))
|
||||
|
||||
#define SET_TCP_HDR_OFFSET(tcp_header, value) \
|
||||
((tcp_header)->offset_reserved = \
|
||||
(unsigned char)(((tcp_header)->offset_reserved & 0x0f) | (value << 4)))
|
||||
|
||||
#define FLAG_REBUILT_FRAG 0x00000001
|
||||
#define FLAG_REBUILT_STREAM 0x00000002
|
||||
#define FLAG_STREAM_UNEST_UNI 0x00000004
|
||||
#define FLAG_STREAM_UNEST_BI 0x00000008
|
||||
#define FLAG_STREAM_EST 0x00000010
|
||||
#define FLAG_FROM_SERVER 0x00000040
|
||||
#define FLAG_FROM_CLIENT 0x00000080
|
||||
#define FLAG_HTTP_DECODE 0x00000100
|
||||
#define FLAG_STREAM_INSERT 0x00000400
|
||||
#define FLAG_ALT_DECODE 0x00000800
|
||||
#define FLAG_STREAM_TWH 0x00001000
|
||||
#define FLAG_IGNORE_PORT 0x00002000 /* this packet should be ignored, based on port */
|
||||
#define FLAG_PASS_RULE 0x00004000 /* this packet has matched a pass rule */
|
||||
#define FLAG_NO_DETECT 0x00008000 /* this packet should not be preprocessed */
|
||||
#define FLAG_PREPROC_RPKT 0x00010000 /* set in original packet to indicate a preprocessor
|
||||
* has a reassembled packet */
|
||||
#define FLAG_DCE_RPKT 0x00020000 /* this is a DCE/RPC reassembled packet */
|
||||
#define FLAG_IP_RULE 0x00040000 /* this packet being evaluated against an ip rule */
|
||||
#define FLAG_IP_RULE_2ND 0x00080000 /* this packet is being evaluated against an IP rule */
|
||||
|
||||
#define FLAG_SMB_SEG 0x00100000 /* this is an SMB desegmented packet */
|
||||
#define FLAG_DCE_SEG 0x00200000 /* this is a DCE/RPC desegmented packet */
|
||||
#define FLAG_DCE_FRAG 0x00400000 /* this is a DCE/RPC defragmented packet */
|
||||
#define FLAG_SMB_TRANS 0x00800000 /* this is an SMB Transact reassembled packet */
|
||||
#define FLAG_DCE_PKT 0x01000000 /* this is a DCE packet processed by DCE/RPC preprocessor */
|
||||
#define FLAG_RPC_PKT 0x02000000 /* this is an ONC RPC packet processed by rpc decode preprocessor */
|
||||
|
||||
#define FLAG_HTTP_RESP_BODY 0x04000000 /* this packet contains non-zipped HTTP response Body */
|
||||
|
||||
#define FLAG_STATELESS 0x10000000 /* Packet has matched a stateless rule */
|
||||
#define FLAG_INLINE_DROP 0x20000000
|
||||
#define FLAG_OBFUSCATED 0x40000000 /* this packet has been obfuscated */
|
||||
#define FLAG_LOGGED 0x80000000 /* this packet has been logged */
|
||||
|
||||
#define SFTARGET_UNKNOWN_PROTOCOL -1
|
||||
|
||||
/* Only include application layer reassembled data
|
||||
* flags here - no PKT_REBUILT_FRAG */
|
||||
#define REASSEMBLED_PACKET_FLAGS \
|
||||
(FLAG_REBUILT_STREAM|FLAG_SMB_SEG|FLAG_DCE_SEG|FLAG_DCE_FRAG|FLAG_SMB_TRANS)
|
||||
|
||||
#endif /* _SF_SNORT_PACKET_H_ */
|
||||
|
|
@ -0,0 +1,423 @@
|
|||
/*
|
||||
* sf_snort_plugin.h
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License Version 2 as
|
||||
* published by the Free Software Foundation. You may not use, modify or
|
||||
* distribute this program under any other version of the GNU General
|
||||
* Public License.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program; if not, write to the Free Software
|
||||
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
|
||||
*
|
||||
* Copyright (C) 2005-2010 Sourcefire, Inc.
|
||||
*
|
||||
* Author: Steve Sturges
|
||||
* Andy Mullican
|
||||
*
|
||||
* Date: 5/2005
|
||||
*
|
||||
* Sourcefire Black-box Plugin API for rules
|
||||
*
|
||||
*/
|
||||
#ifndef SF_SNORT_PLUGIN_API_H_
|
||||
#define SF_SNORT_PLUGIN_API_H_
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
#include <config.h>
|
||||
#endif
|
||||
|
||||
#include "pcre.h"
|
||||
#include "stdio.h"
|
||||
|
||||
#ifndef WIN32
|
||||
#include <netinet/in.h>
|
||||
#include <sys/types.h>
|
||||
#else
|
||||
#include <winsock2.h>
|
||||
#include <windows.h>
|
||||
#endif
|
||||
|
||||
#include "sf_dynamic_define.h"
|
||||
#include "sf_dynamic_engine.h"
|
||||
|
||||
#define ANY_NET "any"
|
||||
#define HOME_NET "$HOME_NET"
|
||||
#define EXTERNAL_NET "$EXTERNAL_NET"
|
||||
#define ANY_PORT "any"
|
||||
#define HTTP_SERVERS "$HTTP_SERVERS"
|
||||
#define HTTP_PORTS "$HTTP_PORTS"
|
||||
#define SMTP_SERVERS "$SMTP_SERVERS"
|
||||
|
||||
#ifdef WIN32
|
||||
# ifdef SF_SNORT_ENGINE_DLL
|
||||
# define ENGINE_LINKAGE SO_PUBLIC
|
||||
# else
|
||||
# define ENGINE_LINKAGE
|
||||
# endif
|
||||
#else /* WIN32 */
|
||||
# define ENGINE_LINKAGE SO_PUBLIC
|
||||
#endif
|
||||
|
||||
#define RULE_MATCH 1
|
||||
#define RULE_NOMATCH 0
|
||||
|
||||
#define RULE_DIRECTIONAL 0
|
||||
#define RULE_BIDIRECTIONAL 1
|
||||
|
||||
#define CONTENT_MATCH 1
|
||||
#define CONTENT_NOMATCH 0
|
||||
#define CONTENT_TYPE_MISMATCH -1
|
||||
#define CONTENT_TYPE_MISSING -2
|
||||
#define CONTENT_CURSOR_ERROR -3
|
||||
#define CURSOR_IN_BOUNDS 1
|
||||
#define CURSOR_OUT_OF_BOUNDS 0
|
||||
|
||||
/* Defined in sf_dynamic_define.h */
|
||||
//#define SNORT_PCRE_OVERRIDE_MATCH_LIMIT 0x80000000
|
||||
|
||||
#define CONTENT_NOCASE 0x01
|
||||
#define CONTENT_RELATIVE 0x02
|
||||
#define CONTENT_UNICODE2BYTE 0x04
|
||||
#define CONTENT_UNICODE4BYTE 0x08
|
||||
#define CONTENT_FAST_PATTERN 0x10
|
||||
#define CONTENT_END_BUFFER 0x20
|
||||
|
||||
#define CONTENT_BUF_NORMALIZED 0x100
|
||||
#define CONTENT_BUF_RAW 0x200
|
||||
#define CONTENT_BUF_URI 0x400
|
||||
#define CONTENT_BUF_POST 0x800
|
||||
#define CONTENT_BUF_HEADER 0x2000
|
||||
#define CONTENT_BUF_METHOD 0x4000
|
||||
#define CONTENT_BUF_COOKIE 0x8000
|
||||
#define CONTENT_BUF_RAW_URI 0x10000
|
||||
#define CONTENT_BUF_RAW_HEADER 0x20000
|
||||
#define CONTENT_BUF_RAW_COOKIE 0x40000
|
||||
#define CONTENT_BUF_STAT_CODE 0x80000
|
||||
#define CONTENT_BUF_STAT_MSG 0x100000
|
||||
|
||||
/* This option implies the fast pattern flag */
|
||||
#define CONTENT_FAST_PATTERN_ONLY 0x200000
|
||||
|
||||
#define BYTE_LITTLE_ENDIAN 0x0000
|
||||
#define BYTE_BIG_ENDIAN 0x1000
|
||||
|
||||
#define EXTRACT_AS_BYTE 0x010000
|
||||
#define EXTRACT_AS_STRING 0x020000
|
||||
#define EXTRACT_AS_DEC 0x100000
|
||||
#define EXTRACT_AS_OCT 0x200000
|
||||
#define EXTRACT_AS_HEX 0x400000
|
||||
#define EXTRACT_AS_BIN 0x800000
|
||||
|
||||
#define JUMP_FROM_BEGINNING 0x01000000
|
||||
#define JUMP_ALIGN 0x02000000
|
||||
|
||||
#define NOT_FLAG 0x10000000
|
||||
|
||||
#define CHECK_EQ 0
|
||||
#define CHECK_NEQ 1
|
||||
#define CHECK_LT 2
|
||||
#define CHECK_GT 3
|
||||
#define CHECK_LTE 4
|
||||
#define CHECK_GTE 5
|
||||
#define CHECK_AND 6
|
||||
#define CHECK_XOR 7
|
||||
#define CHECK_ALL 8
|
||||
#define CHECK_ATLEASTONE 9
|
||||
#define CHECK_NONE 10
|
||||
|
||||
#define NORMAL_CONTENT_BUFS ( CONTENT_BUF_NORMALIZED | CONTENT_BUF_RAW )
|
||||
#define URI_CONTENT_BUFS ( CONTENT_BUF_URI | CONTENT_BUF_POST \
|
||||
| CONTENT_BUF_COOKIE | CONTENT_BUF_HEADER | CONTENT_BUF_METHOD \
|
||||
| CONTENT_BUF_RAW_URI | CONTENT_BUF_RAW_HEADER | CONTENT_BUF_RAW_COOKIE \
|
||||
| CONTENT_BUF_STAT_CODE | CONTENT_BUF_STAT_MSG )
|
||||
#define URI_FAST_PATTERN_BUFS ( CONTENT_BUF_URI | CONTENT_BUF_METHOD \
|
||||
| CONTENT_BUF_HEADER | CONTENT_BUF_POST )
|
||||
|
||||
typedef struct _ContentInfo
|
||||
{
|
||||
const u_int8_t *pattern;
|
||||
u_int32_t depth;
|
||||
int32_t offset;
|
||||
u_int32_t flags; /* must include a CONTENT_BUF_X */
|
||||
void *boyer_ptr;
|
||||
u_int8_t *patternByteForm;
|
||||
u_int32_t patternByteFormLength;
|
||||
u_int32_t incrementLength;
|
||||
u_int16_t fp_offset;
|
||||
u_int16_t fp_length;
|
||||
u_int8_t fp_only;
|
||||
} ContentInfo;
|
||||
|
||||
typedef struct _CursorInfo
|
||||
{
|
||||
int32_t offset;
|
||||
u_int32_t flags; /* specify one of CONTENT_BUF_X */
|
||||
} CursorInfo;
|
||||
|
||||
/*
|
||||
pcre.h provides flags:
|
||||
|
||||
PCRE_CASELESS
|
||||
PCRE_MULTILINE
|
||||
PCRE_DOTALL
|
||||
PCRE_EXTENDED
|
||||
PCRE_ANCHORED
|
||||
PCRE_DOLLAR_ENDONLY
|
||||
PCRE_UNGREEDY
|
||||
*/
|
||||
|
||||
typedef struct _PCREInfo
|
||||
{
|
||||
char *expr;
|
||||
void *compiled_expr;
|
||||
void *compiled_extra;
|
||||
u_int32_t compile_flags;
|
||||
u_int32_t flags; /* must include a CONTENT_BUF_X */
|
||||
int32_t offset;
|
||||
} PCREInfo;
|
||||
|
||||
#define FLOWBIT_SET 0x01
|
||||
#define FLOWBIT_UNSET 0x02
|
||||
#define FLOWBIT_TOGGLE 0x04
|
||||
#define FLOWBIT_ISSET 0x08
|
||||
#define FLOWBIT_ISNOTSET 0x10
|
||||
#define FLOWBIT_RESET 0x20
|
||||
#define FLOWBIT_NOALERT 0x40
|
||||
|
||||
typedef struct _FlowBitsInfo
|
||||
{
|
||||
char *flowBitsName;
|
||||
u_int8_t operation;
|
||||
u_int32_t id;
|
||||
u_int32_t flags;
|
||||
} FlowBitsInfo;
|
||||
|
||||
typedef struct _ByteData
|
||||
{
|
||||
u_int32_t bytes; /* Number of bytes to extract */
|
||||
u_int32_t op; /* Type of byte comparison, for checkValue */
|
||||
u_int32_t value; /* Value to compare value against, for checkValue, or extracted value */
|
||||
int32_t offset; /* Offset from cursor */
|
||||
u_int32_t multiplier; /* Used for byte jump -- 32bits is MORE than enough */
|
||||
u_int32_t flags; /* must include a CONTENT_BUF_X */
|
||||
int32_t post_offset;/* Use for byte jump -- adjust cusor by this much after the jump */
|
||||
} ByteData;
|
||||
|
||||
typedef struct _ByteExtract
|
||||
{
|
||||
u_int32_t bytes; /* Number of bytes to extract */
|
||||
int32_t offset; /* Offset from cursor */
|
||||
u_int32_t multiplier; /* Multiply value by this (similar to byte jump) */
|
||||
u_int32_t flags; /* must include a CONTENT_BUF_X */
|
||||
char *refId; /* To match up with a DynamicElement refId */
|
||||
void *memoryLocation; /* Location to store the data extracted */
|
||||
} ByteExtract;
|
||||
|
||||
typedef struct _FlowFlags
|
||||
{
|
||||
u_int32_t flags; /* FLOW_* values */
|
||||
} FlowFlags;
|
||||
|
||||
|
||||
#define ASN1_ABS_OFFSET 1
|
||||
#define ASN1_REL_OFFSET 2
|
||||
|
||||
typedef struct _Asn1Context
|
||||
{
|
||||
int bs_overflow;
|
||||
int double_overflow;
|
||||
int print;
|
||||
int length;
|
||||
unsigned int max_length;
|
||||
int offset;
|
||||
int offset_type;
|
||||
u_int32_t flags;
|
||||
} Asn1Context;
|
||||
|
||||
#define IP_HDR_ID 0x0001 /* IP Header ID */
|
||||
#define IP_HDR_PROTO 0x0002 /* IP Protocol */
|
||||
#define IP_HDR_FRAGBITS 0x0003 /* Frag Flags set in IP Header */
|
||||
#define IP_HDR_FRAGOFFSET 0x0004 /* Frag Offset set in IP Header */
|
||||
#define IP_HDR_OPTIONS 0x0005 /* IP Options -- is option xx included */
|
||||
#define IP_HDR_TTL 0x0006 /* IP Time to live */
|
||||
#define IP_HDR_TOS 0x0007 /* IP Type of Service */
|
||||
#define IP_HDR_OPTCHECK_MASK 0x000f
|
||||
|
||||
#define TCP_HDR_ACK 0x0010 /* TCP Ack Value */
|
||||
#define TCP_HDR_SEQ 0x0020 /* TCP Seq Value */
|
||||
#define TCP_HDR_FLAGS 0x0030 /* Flags set in TCP Header */
|
||||
#define TCP_HDR_OPTIONS 0x0040 /* TCP Options -- is option xx included */
|
||||
#define TCP_HDR_WIN 0x0050 /* TCP Window */
|
||||
#define TCP_HDR_OPTCHECK_MASK 0x00f0
|
||||
|
||||
#define ICMP_HDR_CODE 0x1000 /* ICMP Header Code */
|
||||
#define ICMP_HDR_TYPE 0x2000 /* ICMP Header Type */
|
||||
#define ICMP_HDR_ID 0x3000 /* ICMP ID for ICMP_ECHO/ICMP_ECHO_REPLY */
|
||||
#define ICMP_HDR_SEQ 0x4000 /* ICMP ID for ICMP_ECHO/ICMP_ECHO_REPLY */
|
||||
#define ICMP_HDR_OPTCHECK_MASK 0xf000
|
||||
|
||||
typedef struct _HdrOptCheck
|
||||
{
|
||||
u_int16_t hdrField; /* Field to check */
|
||||
u_int32_t op; /* Type of comparison */
|
||||
u_int32_t value; /* Value to compare value against */
|
||||
u_int32_t mask_value; /* bits of value to ignore */
|
||||
u_int32_t flags;
|
||||
} HdrOptCheck;
|
||||
|
||||
#define DYNAMIC_TYPE_INT_STATIC 1
|
||||
#define DYNAMIC_TYPE_INT_REF 2
|
||||
|
||||
typedef struct _DynamicElement
|
||||
{
|
||||
char dynamicType; /* type of this field - static or reference */
|
||||
char *refId; /* reference ID (NULL if static) */
|
||||
union
|
||||
{
|
||||
void *voidPtr; /* Holder */
|
||||
int32_t staticInt; /* Value of static */
|
||||
int32_t *dynamicInt; /* Pointer to value of dynamic */
|
||||
} data;
|
||||
} DynamicElement;
|
||||
|
||||
typedef struct _LoopInfo
|
||||
{
|
||||
DynamicElement *start; /* Starting value of FOR loop (i=start) */
|
||||
DynamicElement *end; /* Ending value of FOR loop (i OP end) */
|
||||
DynamicElement *increment; /* Increment value of FOR loop (i+= increment) */
|
||||
u_int32_t op; /* Type of comparison for loop termination */
|
||||
CursorInfo *cursorAdjust; /* How to move cursor each iteration of loop */
|
||||
struct _Rule *subRule; /* Pointer to SubRule & options to evaluate within
|
||||
* the loop */
|
||||
u_int8_t initialized; /* Loop initialized properly (safeguard) */
|
||||
u_int32_t flags; /* can be used to negate loop results, specifies
|
||||
* relative. */
|
||||
} LoopInfo;
|
||||
|
||||
typedef struct _PreprocessorOption
|
||||
{
|
||||
const char *optionName;
|
||||
const char *optionParameters;
|
||||
u_int32_t flags;
|
||||
PreprocOptionInit optionInit;
|
||||
PreprocOptionEval optionEval;
|
||||
void *dataPtr;
|
||||
PreprocOptionFastPatternFunc optionFpFunc;
|
||||
} PreprocessorOption;
|
||||
|
||||
typedef struct _RuleOption
|
||||
{
|
||||
DynamicOptionType optionType;
|
||||
union
|
||||
{
|
||||
void *ptr;
|
||||
ContentInfo *content;
|
||||
CursorInfo *cursor;
|
||||
PCREInfo *pcre;
|
||||
FlowBitsInfo *flowBit;
|
||||
ByteData *byte;
|
||||
ByteExtract *byteExtract;
|
||||
FlowFlags *flowFlags;
|
||||
Asn1Context *asn1;
|
||||
HdrOptCheck *hdrData;
|
||||
LoopInfo *loop;
|
||||
PreprocessorOption *preprocOpt;
|
||||
} option_u;
|
||||
} RuleOption;
|
||||
|
||||
typedef struct _IPInfo
|
||||
{
|
||||
u_int8_t protocol;
|
||||
char * src_addr;
|
||||
char * src_port; /* 0 for non TCP/UDP */
|
||||
char direction; /* non-zero is bi-directional */
|
||||
char * dst_addr;
|
||||
char * dst_port; /* 0 for non TCP/UDP */
|
||||
} IPInfo;
|
||||
|
||||
typedef struct _RuleReference
|
||||
{
|
||||
char *systemName;
|
||||
char *refIdentifier;
|
||||
} RuleReference;
|
||||
|
||||
#define REGISTER_RULE 1
|
||||
#define DONT_REGISTER_RULE 0
|
||||
|
||||
typedef struct _RuleMetaData {
|
||||
char *data;
|
||||
} RuleMetaData;
|
||||
|
||||
typedef struct _RuleInformation
|
||||
{
|
||||
u_int32_t genID;
|
||||
u_int32_t sigID;
|
||||
u_int32_t revision;
|
||||
char *classification; /* String format of classification name */
|
||||
u_int32_t priority;
|
||||
char *message;
|
||||
RuleReference **references; /* NULL terminated array of references */
|
||||
RuleMetaData **meta; /* NULL terminated array of references */
|
||||
} RuleInformation;
|
||||
|
||||
typedef int (*ruleEvalFunc)(void *);
|
||||
|
||||
typedef struct _Rule
|
||||
{
|
||||
IPInfo ip;
|
||||
RuleInformation info;
|
||||
|
||||
RuleOption **options; /* NULL terminated array of RuleOption union */
|
||||
|
||||
ruleEvalFunc evalFunc;
|
||||
|
||||
char initialized; /* Rule Initialized, used internally */
|
||||
u_int32_t numOptions; /* Rule option count, used internally */
|
||||
char noAlert; /* Flag with no alert, used internally */
|
||||
void *ruleData; /* Hash table for dynamic data pointers */
|
||||
|
||||
} Rule;
|
||||
|
||||
|
||||
ENGINE_LINKAGE int RegisterRules(Rule **rules);
|
||||
ENGINE_LINKAGE int DumpRules(char *rulesFileName, Rule **rules);
|
||||
|
||||
ENGINE_LINKAGE int contentMatch(void *p, ContentInfo* content, const u_int8_t **cursor);
|
||||
ENGINE_LINKAGE int checkFlow(void *p, FlowFlags *flowFlags);
|
||||
ENGINE_LINKAGE int extractValue(void *p, ByteExtract *byteExtract, const u_int8_t *cursor);
|
||||
ENGINE_LINKAGE int processFlowbits(void *p, FlowBitsInfo *flowBits);
|
||||
ENGINE_LINKAGE int getBuffer(void *p, int flags, const u_int8_t **start, const u_int8_t **end);
|
||||
ENGINE_LINKAGE int setCursor(void *p, CursorInfo *cursorInfo, const u_int8_t **cursor);
|
||||
ENGINE_LINKAGE int checkCursor(void *p, CursorInfo *cursorInfo, const u_int8_t *cursor);
|
||||
ENGINE_LINKAGE int checkValue(void *p, ByteData *byteData, u_int32_t value, const u_int8_t *cursor);
|
||||
/* Same as extractValue plus checkValue */
|
||||
ENGINE_LINKAGE int byteTest(void *p, ByteData *byteData, const u_int8_t *cursor);
|
||||
/* Same as extractValue plus setCursor */
|
||||
ENGINE_LINKAGE int byteJump(void *p, ByteData *byteData, const u_int8_t **cursor);
|
||||
ENGINE_LINKAGE int pcreMatch(void *p, PCREInfo* pcre, const u_int8_t **cursor);
|
||||
ENGINE_LINKAGE int detectAsn1(void *p, Asn1Context* asn1, const u_int8_t *cursor);
|
||||
ENGINE_LINKAGE int checkHdrOpt(void *p, HdrOptCheck *optData);
|
||||
ENGINE_LINKAGE int loopEval(void *p, LoopInfo *loop, const u_int8_t **cursor);
|
||||
ENGINE_LINKAGE int preprocOptionEval(void *p, PreprocessorOption *preprocOpt, const u_int8_t **cursor);
|
||||
ENGINE_LINKAGE void setTempCursor(const u_int8_t **temp_cursor, const u_int8_t **cursor);
|
||||
ENGINE_LINKAGE void revertTempCursor(const u_int8_t **temp_cursor, const u_int8_t **cursor);
|
||||
ENGINE_LINKAGE int ruleMatch(void *p, Rule *rule);
|
||||
ENGINE_LINKAGE int MatchDecryptedRC4(
|
||||
const u_int8_t *key, u_int16_t keylen, const u_int8_t *encrypted_data,
|
||||
u_int8_t *plain_data, u_int16_t datalen
|
||||
);
|
||||
ENGINE_LINKAGE void storeRuleData(void *p, void *rule_data);
|
||||
ENGINE_LINKAGE void *getRuleData(void *p);
|
||||
|
||||
ENGINE_LINKAGE int pcreExecWrapper(const PCREInfo *pcre_info, const char *buf, int len, int start_offset,
|
||||
int options, int *ovector, int ovecsize);
|
||||
|
||||
#endif /* SF_SNORT_PLUGIN_API_H_ */
|
||||
|
|
@ -0,0 +1,182 @@
|
|||
/*
|
||||
** Copyright (C) 2007-2010 Sourcefire, Inc.
|
||||
**
|
||||
** This program is free software; you can redistribute it and/or modify
|
||||
** it under the terms of the GNU General Public License Version 2 as
|
||||
** published by the Free Software Foundation. You may not use, modify or
|
||||
** distribute this program under any other version of the GNU General
|
||||
** Public License.
|
||||
**
|
||||
** This program is distributed in the hope that it will be useful,
|
||||
** but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
** MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
** GNU General Public License for more details.
|
||||
**
|
||||
** You should have received a copy of the GNU General Public License
|
||||
** along with this program; if not, write to the Free Software
|
||||
** Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
|
||||
*/
|
||||
|
||||
#ifndef __SF_TYPES_H__
|
||||
#define __SF_TYPES_H__
|
||||
|
||||
#include <sys/types.h>
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
#include "config.h"
|
||||
|
||||
#ifdef WIN32
|
||||
# include "stdint.h"
|
||||
# include "inttypes.h"
|
||||
#else
|
||||
/* Autoconf uses <sys/types.h>, <inttypes.h> and <stdint.h> as standard includes for
|
||||
* determining if these exist so there shouldn't be any typedef conflicts with
|
||||
* including <sys/types.h>, <inttypes.h> or <stdint.h> since these would be
|
||||
* defined already */
|
||||
# if !defined(HAVE_UINT8_T) || !defined(HAVE_U_INT8_T)
|
||||
# if !defined(HAVE_UINT8_T) && !defined(HAVE_U_INT8_T)
|
||||
typedef unsigned char u_int8_t;
|
||||
typedef unsigned char uint8_t;
|
||||
# elif defined(HAVE_UINT8_T)
|
||||
typedef uint8_t u_int8_t;
|
||||
# else
|
||||
typedef u_int8_t uint8_t;
|
||||
# endif /* !defined(HAVE_UINT8_T) && !defined(HAVE_U_INT8_T) */
|
||||
# endif /* !defined(HAVE_UINT8_T) || !defined(HAVE_U_INT8_T) */
|
||||
# if !defined(HAVE_UINT16_T) || !defined(HAVE_U_INT16_T)
|
||||
# if !defined(HAVE_UINT16_T) && !defined(HAVE_U_INT16_T)
|
||||
typedef unsigned short u_int16_t;
|
||||
typedef unsigned short uint16_t;
|
||||
# elif defined(HAVE_UINT16_T)
|
||||
typedef uint16_t u_int16_t;
|
||||
# else
|
||||
typedef u_int16_t uint16_t;
|
||||
# endif /* !defined(HAVE_UINT16_T) && !defined(HAVE_U_INT16_T) */
|
||||
# endif /* !defined(HAVE_UINT16_T) || !defined(HAVE_U_INT16_T) */
|
||||
# if !defined(HAVE_UINT32_T) || !defined(HAVE_U_INT32_T)
|
||||
# if !defined(HAVE_UINT32_T) && !defined(HAVE_U_INT32_T)
|
||||
# if SIZEOF_UNSIGNED_LONG_INT == 4
|
||||
typedef unsigned long int u_int32_t;
|
||||
typedef unsigned long int uint32_t;
|
||||
# elif SIZEOF_UNSIGNED_INT == 4
|
||||
typedef unsigned int u_int32_t;
|
||||
typedef unsigned int uint32_t;
|
||||
# endif /* SIZEOF_UNSIGNED_LONG_INT == 4 */
|
||||
# elif defined(HAVE_UINT32_T)
|
||||
typedef uint32_t u_int32_t;
|
||||
# else
|
||||
typedef u_int32_t uint32_t;
|
||||
# endif /* !defined(HAVE_UINT32_T) && !defined(HAVE_U_INT32_T) */
|
||||
# endif /* !defined(HAVE_UINT32_T) || !defined(HAVE_U_INT32_T) */
|
||||
# if !defined(HAVE_UINT64_T) || !defined(HAVE_U_INT64_T)
|
||||
# if !defined(HAVE_UINT64_T) && !defined(HAVE_U_INT64_T)
|
||||
# if SIZEOF_UNSIGNED_LONG_LONG_INT == 8
|
||||
typedef unsigned long long int u_int64_t;
|
||||
typedef unsigned long long int uint64_t;
|
||||
# elif SIZEOF_UNSIGNED_LONG_INT == 8
|
||||
typedef unsigned long int u_int64_t;
|
||||
typedef unsigned long int uint64_t;
|
||||
# endif
|
||||
# elif defined(HAVE_UINT64_T)
|
||||
typedef uint64_t u_int64_t;
|
||||
# else
|
||||
typedef u_int64_t uint64_t;
|
||||
# endif /* !defined(HAVE_UINT64_T) && !defined(HAVE_U_INT64_T) */
|
||||
# endif /* !defined(HAVE_UINT64_T) || !defined(HAVE_U_INT64_T) */
|
||||
# ifndef HAVE_INT8_T
|
||||
typedef char int8_t;
|
||||
# endif
|
||||
# ifndef HAVE_INT16_T
|
||||
typedef short int16_t;
|
||||
# endif
|
||||
# ifndef HAVE_INT32_T
|
||||
# if SIZEOF_LONG_INT == 4
|
||||
typedef long int int32_t;
|
||||
# else
|
||||
typedef int int32_t;
|
||||
# endif
|
||||
# endif
|
||||
# ifndef HAVE_INT64_T
|
||||
# if SIZEOF_LONG_LONG_INT == 8
|
||||
typedef long long int int64_t;
|
||||
# else
|
||||
typedef long int int64_t;
|
||||
# endif
|
||||
# endif
|
||||
# ifndef WIN32
|
||||
# ifdef HAVE_INTTYPES_H
|
||||
/* <inttypes.h> includes <stdint.h> */
|
||||
# include <inttypes.h>
|
||||
# elif HAVE_STDINT_H
|
||||
# include <stdint.h>
|
||||
# else
|
||||
/* Solaris - if inttypes.h is present, it should bring this in */
|
||||
# ifndef SYS_INT_TYPES_H
|
||||
# if defined(_LP64) || defined(_I32LPx)
|
||||
typedef long int intptr_t;
|
||||
typedef unsigned long int uintptr_t;
|
||||
# else
|
||||
typedef int intptr_t;
|
||||
typedef unsigned int uintptr_t;
|
||||
# endif /* defined(_LP64) || defined(_I32LPx) */
|
||||
# endif /* SYS_INT_TYPES_H */
|
||||
# endif /* HAVE_INTTYPES_H elseif HAVE_STDINT_H */
|
||||
# endif
|
||||
#endif /* WIN32 */
|
||||
#endif /* HAVE_CONFIG_H */
|
||||
|
||||
/* if PRIu64 isn't in <inttypes.h>
|
||||
* we define it and similar here */
|
||||
#ifndef PRIu64
|
||||
# if SIZEOF_UNSIGNED_LONG_INT == 8
|
||||
# define _SF_PREFIX "l"
|
||||
# else
|
||||
# define _SF_PREFIX "ll"
|
||||
# endif /* SIZEOF_UNSIGNED_LONG_INT == 8 */
|
||||
# define PRIu64 _SF_PREFIX "u"
|
||||
# define PRIi64 _SF_PREFIX "i"
|
||||
#endif /* PRIu64 */
|
||||
|
||||
/* use these macros (and those in <inttypes.h>)
|
||||
* for 64 bit format portability
|
||||
*/
|
||||
#define STDu64 "%" PRIu64
|
||||
#define CSVu64 STDu64 ","
|
||||
#define FMTu64(fmt) "%" fmt PRIu64
|
||||
|
||||
#define STDi64 "%" PRIi64
|
||||
#define CSVi64 STDi64 ","
|
||||
#define FMTi64(fmt) "%" fmt PRIi64
|
||||
|
||||
#ifndef UINT8_MAX
|
||||
# define UINT8_MAX 0xff
|
||||
#endif
|
||||
#ifndef USHRT_MAX
|
||||
# define USHRT_MAX 0xffff
|
||||
#endif
|
||||
#ifndef UINT16_MAX
|
||||
# define UINT16_MAX 0xffff
|
||||
#endif
|
||||
#ifndef UINT32_MAX
|
||||
# define UINT32_MAX (4294967295U)
|
||||
#endif
|
||||
#ifndef UINT64_MAX
|
||||
# if SIZEOF_UNSIGNED_LONG_INT == 8
|
||||
# define UINT64_MAX (18446744073709551615UL)
|
||||
# else
|
||||
# define UINT64_MAX (18446744073709551615ULL)
|
||||
# endif /* SIZEOF_UNSIGNED_LONG_INT == 8 */
|
||||
#endif /* UINT64_MAX */
|
||||
|
||||
/* Somewhat arbitrary, but should be enough for this application
|
||||
* since files shouldn't be buried too deep. This provides about
|
||||
* 15 levels of 255 character path components */
|
||||
#ifndef PATH_MAX
|
||||
# define PATH_MAX 4096
|
||||
#endif
|
||||
|
||||
#define MAXPORTS 65536
|
||||
#define MAXPORTS_STORAGE 8192
|
||||
|
||||
#endif /* __SF_TYPES_H__ */
|
||||
|
|
@ -0,0 +1,53 @@
|
|||
/*
|
||||
** Copyright (C) 1998-2010 Sourcefire, Inc.
|
||||
**
|
||||
** This program is free software; you can redistribute it and/or modify
|
||||
** it under the terms of the GNU General Public License Version 2 as
|
||||
** published by the Free Software Foundation. You may not use, modify or
|
||||
** distribute this program under any other version of the GNU General
|
||||
** Public License.
|
||||
**
|
||||
** This program is distributed in the hope that it will be useful,
|
||||
** but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
** MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
** GNU General Public License for more details.
|
||||
**
|
||||
** You should have received a copy of the GNU General Public License
|
||||
** along with this program; if not, write to the Free Software
|
||||
** Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
|
||||
*/
|
||||
|
||||
/*
|
||||
* Adam Keeton
|
||||
* sf_vartable.h
|
||||
* 11/17/06
|
||||
*
|
||||
* Library for implementing a variable table.
|
||||
* All API calls have the prefix "sfvt".
|
||||
*/
|
||||
|
||||
#ifndef SF_VARTABLE_H
|
||||
#define SF_VARTABLE_H
|
||||
|
||||
#include "ipv6_port.h"
|
||||
#include "sf_ipvar.h"
|
||||
|
||||
/* Allocates new variable table */
|
||||
vartable_t * sfvt_alloc_table(void);
|
||||
void sfvt_free_table(vartable_t *table);
|
||||
|
||||
/* Adds the variable described by "str" to the table "table" */
|
||||
SFIP_RET sfvt_add_str(vartable_t *table, char *str);
|
||||
SFIP_RET sfvt_define(vartable_t *table, char *name, char *value);
|
||||
|
||||
/* Adds the variable described by "str" to the variable "dst",
|
||||
* using the vartable for looking variables used within "str" */
|
||||
SFIP_RET sfvt_add_to_var(vartable_t *table, sfip_var_t *dst, char *src);
|
||||
|
||||
/* Looks up a variable from the table using the name as the key */
|
||||
sfip_var_t *sfvt_lookup_var(vartable_t *table, char *name);
|
||||
|
||||
/* Prints a table's contents */
|
||||
void sfvt_print(FILE *f, vartable_t *table);
|
||||
|
||||
#endif
|
|
@ -0,0 +1,115 @@
|
|||
/****************************************************************************
|
||||
*
|
||||
* Copyright (C) 2003-2010 Sourcefire, Inc.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License Version 2 as
|
||||
* published by the Free Software Foundation. You may not use, modify or
|
||||
* distribute this program under any other version of the GNU General
|
||||
* Public License.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program; if not, write to the Free Software
|
||||
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
|
||||
*
|
||||
****************************************************************************/
|
||||
|
||||
/*
|
||||
*
|
||||
* sfghash.h
|
||||
*
|
||||
* generic hash table - stores and maps key + data pairs
|
||||
*
|
||||
* Author: Marc Norton
|
||||
*
|
||||
*/
|
||||
|
||||
#ifndef _SFGHASH_
|
||||
#define _SFGHASH_
|
||||
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <time.h>
|
||||
|
||||
#include "sfhashfcn.h"
|
||||
|
||||
/*
|
||||
* ERROR DEFINES
|
||||
*/
|
||||
#define SFGHASH_NOMEM -2
|
||||
#define SFGHASH_ERR -1
|
||||
#define SFGHASH_OK 0
|
||||
#define SFGHASH_INTABLE 1
|
||||
|
||||
/*
|
||||
* Flags for ghash_new: userkeys
|
||||
*/
|
||||
#define GH_COPYKEYS 0
|
||||
#define GH_USERKEYS 1
|
||||
|
||||
/*
|
||||
* Generic HASH NODE
|
||||
*/
|
||||
typedef struct _sfghash_node
|
||||
{
|
||||
struct _sfghash_node * next, * prev;
|
||||
|
||||
void * key; /* Copy of, or Pointer to, the Users key */
|
||||
void * data; /* Pointer to the users data, this is never copied! */
|
||||
|
||||
} SFGHASH_NODE;
|
||||
|
||||
/*
|
||||
* Generic HASH table
|
||||
*/
|
||||
typedef struct _sfghash
|
||||
{
|
||||
SFHASHFCN * sfhashfcn;
|
||||
int keysize; /* bytes in key, if < 0 -> keys are strings */
|
||||
int userkey; /* user owns the key */
|
||||
|
||||
SFGHASH_NODE ** table; /* array of node ptr's */
|
||||
int nrows; /* # rows int the hash table use a prime number 211, 9871 */
|
||||
|
||||
unsigned count; /* total # nodes in table */
|
||||
|
||||
void (*userfree)( void * );
|
||||
|
||||
int crow; // findfirst/next row in table
|
||||
SFGHASH_NODE * cnode; // findfirst/next node ptr
|
||||
|
||||
int splay;
|
||||
|
||||
} SFGHASH, SFDICT;
|
||||
|
||||
|
||||
/*
|
||||
* HASH PROTOTYPES
|
||||
*/
|
||||
SFGHASH * sfghash_new( int nrows, int keysize, int userkeys, void (*userfree)(void*p) );
|
||||
void sfghash_delete( SFGHASH * h );
|
||||
int sfghash_add ( SFGHASH * h, void * key, void * data );
|
||||
int sfghash_remove( SFGHASH * h, void * key);
|
||||
int sfghash_count( SFGHASH * h);
|
||||
void * sfghash_find( SFGHASH * h, void * key );
|
||||
int sfghash_find2(SFGHASH *, void *, void **);
|
||||
SFGHASH_NODE * sfghash_findfirst( SFGHASH * h );
|
||||
SFGHASH_NODE * sfghash_findnext ( SFGHASH * h );
|
||||
void sfghash_splaymode( SFGHASH * t, int n );
|
||||
|
||||
int sfghash_set_keyops( SFGHASH *h ,
|
||||
unsigned (*hash_fcn)( SFHASHFCN * p,
|
||||
unsigned char *d,
|
||||
int n),
|
||||
int (*keycmp_fcn)( const void *s1,
|
||||
const void *s2,
|
||||
size_t n));
|
||||
|
||||
|
||||
#endif
|
||||
|
|
@ -0,0 +1,85 @@
|
|||
/****************************************************************************
|
||||
*
|
||||
* Copyright (C) 2003-2010 Sourcefire, Inc.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License Version 2 as
|
||||
* published by the Free Software Foundation. You may not use, modify or
|
||||
* distribute this program under any other version of the GNU General
|
||||
* Public License.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program; if not, write to the Free Software
|
||||
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
|
||||
*
|
||||
****************************************************************************/
|
||||
|
||||
/*
|
||||
sfhashfcn.h
|
||||
*/
|
||||
#ifndef SFHASHFCN_INCLUDE
|
||||
#define SFHASHFCN_INCLUDE
|
||||
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <stdio.h>
|
||||
#include <time.h>
|
||||
|
||||
#define rot(x,k) (((x)<<(k)) | ((x)>>(32-(k))))
|
||||
|
||||
#define mix(a,b,c) \
|
||||
{ \
|
||||
a -= c; a ^= rot(c, 4); c += b; \
|
||||
b -= a; b ^= rot(a, 6); a += c; \
|
||||
c -= b; c ^= rot(b, 8); b += a; \
|
||||
a -= c; a ^= rot(c,16); c += b; \
|
||||
b -= a; b ^= rot(a,19); a += c; \
|
||||
c -= b; c ^= rot(b, 4); b += a; \
|
||||
}
|
||||
|
||||
#define final(a,b,c) \
|
||||
{ \
|
||||
c ^= b; c -= rot(b,14); \
|
||||
a ^= c; a -= rot(c,11); \
|
||||
b ^= a; b -= rot(a,25); \
|
||||
c ^= b; c -= rot(b,16); \
|
||||
a ^= c; a -= rot(c,4); \
|
||||
b ^= a; b -= rot(a,14); \
|
||||
c ^= b; c -= rot(b,24); \
|
||||
}
|
||||
|
||||
typedef struct _SFHASHFCN {
|
||||
|
||||
unsigned seed;
|
||||
unsigned scale;
|
||||
unsigned hardener;
|
||||
unsigned (*hash_fcn)(struct _SFHASHFCN * p,
|
||||
unsigned char *d,
|
||||
int n );
|
||||
int (*keycmp_fcn)( const void *s1,
|
||||
const void *s2,
|
||||
size_t n);
|
||||
} SFHASHFCN;
|
||||
|
||||
SFHASHFCN * sfhashfcn_new( int nrows );
|
||||
void sfhashfcn_free( SFHASHFCN * p );
|
||||
void sfhashfcn_static( SFHASHFCN * p );
|
||||
|
||||
unsigned sfhashfcn_hash( SFHASHFCN * p, unsigned char *d, int n );
|
||||
|
||||
int sfhashfcn_set_keyops( SFHASHFCN * p,
|
||||
unsigned (*hash_fcn)( SFHASHFCN * p,
|
||||
unsigned char *d,
|
||||
int n),
|
||||
int (*keycmp_fcn)( const void *s1,
|
||||
const void *s2,
|
||||
size_t n));
|
||||
|
||||
|
||||
|
||||
#endif
|
|
@ -0,0 +1,720 @@
|
|||
/****************************************************************************
|
||||
*
|
||||
* Copyright (C) 2006-2010 Sourcefire, Inc.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License Version 2 as
|
||||
* published by the Free Software Foundation. You may not use, modify or
|
||||
* distribute this program under any other version of the GNU General
|
||||
* Public License.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program; if not, write to the Free Software
|
||||
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
|
||||
*
|
||||
****************************************************************************/
|
||||
|
||||
/*
|
||||
* @file sfrt.c
|
||||
* @author Adam Keeton <akeeton@sourcefire.com>
|
||||
* @date Thu July 20 10:16:26 EDT 2006
|
||||
*
|
||||
* Route implements two different routing table lookup mechanisms. The table
|
||||
* lookups have been adapted to return a void pointer so any information can
|
||||
* be associated with each CIDR block.
|
||||
*
|
||||
* As of this writing, the two methods used are Stefan Nilsson and Gunnar
|
||||
* Karlsson's LC-trie, and a multibit-trie method similar to Gupta et-al.'s
|
||||
* DIR-n-m. Presently, the LC-trie is used primarily for testing purposes as
|
||||
* the current implementation does not allow for fast dynamic inserts.
|
||||
*
|
||||
* The intended use is for a user to optionally specify large IP blocks and
|
||||
* then more specific information will be written into the routing tables
|
||||
* from RNA. Ideally, information will only move from less specific to more
|
||||
* specific. If a more general information is to overwrite existing entries,
|
||||
* the table should be free'ed and rebuilt.
|
||||
*
|
||||
*
|
||||
* Implementation:
|
||||
*
|
||||
* The routing tables associate an index into a "data" table with each CIDR.
|
||||
* Each entry in the data table stores a pointer to actual data. This
|
||||
* implementation was chosen so each routing entry only needs one word to
|
||||
* either index the data array, or point to another table.
|
||||
*
|
||||
* Inserts are performed by specifying a CIDR and a pointer to its associated
|
||||
* data. Since a new routing table entry may overwrite previous entries,
|
||||
* a flag selects whether the insert favors the most recent or favors the most
|
||||
* specific. Favoring most specific should be the default behvior. If
|
||||
* the user wishes to overwrite routing entries with more general data, the
|
||||
* table should be flushed, rather than using favor-most-recent.
|
||||
*
|
||||
* Before modifying the routing or data tables, the insert function performs a
|
||||
* lookup on the CIDR-to-be-insertted. If no entry or an entry *of differing
|
||||
* bit length* is found, the data is insertted into the data table, and its
|
||||
* index is used for the new routing table entry. If an entry is found that
|
||||
* is as specific as the new CIDR, the index stored points to where the new
|
||||
* data is written into the data table.
|
||||
*
|
||||
* If more specific CIDR blocks overwrote the data table, then the more
|
||||
* general routing table entries that were not overwritten will be referencing
|
||||
* the wrong data. Alternatively, less specific entries can only overwrite
|
||||
* existing routing table entries if favor-most-recent inserts are used.
|
||||
*
|
||||
* Because there is no quick way to clean the data-table if a user wishes to
|
||||
* use a favor-most-recent insert for more general data, the user should flush
|
||||
* the table with sfrt_free and create one anew. Alternatively, a small
|
||||
* memory leak occurs with the data table, as it will be storing pointers that
|
||||
* no routing table entry cares about.
|
||||
*
|
||||
*
|
||||
* The API calls that should be used are:
|
||||
* sfrt_new - create new table
|
||||
* sfrt_insert - insert entry
|
||||
* sfrt_lookup - lookup entry
|
||||
* sfrt_free - free table
|
||||
*/
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
#include "config.h"
|
||||
#endif
|
||||
|
||||
#include "sfrt.h"
|
||||
|
||||
char *rt_error_messages[] =
|
||||
{
|
||||
"Success",
|
||||
"Insert Failure",
|
||||
"Policy Table Exceeded",
|
||||
"Dir Insert Failure",
|
||||
"Dir Lookup Failure",
|
||||
"Memory Allocation Failure"
|
||||
#ifdef SUPPORT_LCTRIE
|
||||
,
|
||||
"LC Trie Compile Failure",
|
||||
"LC Trie Insert Failure",
|
||||
"LC Trie Lookup Failure"
|
||||
#endif
|
||||
};
|
||||
|
||||
/* Create new lookup table
|
||||
* @param table_type Type of table. Uses the types enumeration in route.h
|
||||
* @param ip_type IPv4 or IPv6. Uses the types enumeration in route.h
|
||||
* @param data_size Max number of unique data entries
|
||||
*
|
||||
* Returns the new table. */
|
||||
table_t *sfrt_new(char table_type, char ip_type, long data_size, uint32_t mem_cap)
|
||||
{
|
||||
table_t *table = (table_t*)malloc(sizeof(table_t));
|
||||
|
||||
if(!table)
|
||||
{
|
||||
return NULL;
|
||||
}
|
||||
|
||||
#ifndef SUP_IP6
|
||||
/* IPv6 is not supported */
|
||||
if(ip_type == IPv6)
|
||||
{
|
||||
free(table);
|
||||
return NULL;
|
||||
}
|
||||
#endif
|
||||
|
||||
/* If this limit is exceeded, there will be no way to distinguish
|
||||
* between pointers and indeces into the data table. Only
|
||||
* applies to DIR-n-m. */
|
||||
#ifdef SUPPORT_LCTRIE
|
||||
#if SIZEOF_LONG_INT == 8
|
||||
if(data_size >= 0x800000000000000 && table_type == LCT)
|
||||
#else
|
||||
if(data_size >= 0x8000000 && table_type != LCT)
|
||||
#endif
|
||||
#else /* SUPPORT_LCTRIE */
|
||||
#if SIZEOF_LONG_INT == 8
|
||||
if(data_size >= 0x800000000000000)
|
||||
#else
|
||||
if(data_size >= 0x8000000)
|
||||
#endif
|
||||
#endif
|
||||
{
|
||||
free(table);
|
||||
return NULL;
|
||||
}
|
||||
|
||||
/* mem_cap is specified in megabytes, but internally uses bytes. Convert */
|
||||
mem_cap *= 1024*1024;
|
||||
|
||||
/* Maximum allowable number of stored entries */
|
||||
table->max_size = data_size;
|
||||
|
||||
table->data = (GENERIC*)calloc(sizeof(GENERIC) * table->max_size, 1);
|
||||
|
||||
if(!table->data)
|
||||
{
|
||||
free(table);
|
||||
return NULL;
|
||||
}
|
||||
|
||||
table->allocated = sizeof(table_t) + sizeof(GENERIC) * table->max_size;
|
||||
|
||||
table->ip_type = ip_type;
|
||||
table->table_type = table_type;
|
||||
|
||||
/* This will point to the actual table lookup algorithm */
|
||||
table->rt = NULL;
|
||||
#ifdef SUP_IP6
|
||||
table->rt6 = NULL;
|
||||
#endif
|
||||
|
||||
/* index 0 will be used for failed lookups, so set this to 1 */
|
||||
table->num_ent = 1;
|
||||
|
||||
switch(table_type)
|
||||
{
|
||||
#ifdef SUPPORT_LCTRIE
|
||||
/* Setup LC-trie table */
|
||||
case LCT:
|
||||
/* LC trie is presently not allowed */
|
||||
table->insert = sfrt_lct_insert;
|
||||
table->lookup = sfrt_lct_lookup;
|
||||
table->free = sfrt_lct_free;
|
||||
table->usage = sfrt_lct_usage;
|
||||
table->rt = sfrt_lct_new(data_size);
|
||||
free(table->data);
|
||||
free(table);
|
||||
return NULL;
|
||||
|
||||
break;
|
||||
#endif
|
||||
/* Setup DIR-n-m table */
|
||||
case DIR_24_8:
|
||||
case DIR_16x2:
|
||||
case DIR_16_8x2:
|
||||
case DIR_16_4x4:
|
||||
case DIR_8x4:
|
||||
case DIR_4x8:
|
||||
case DIR_2x16:
|
||||
#ifdef SUP_IP6
|
||||
case DIR_16_4x4_16x5_4x4:
|
||||
case DIR_16x7_4x4:
|
||||
case DIR_16x8:
|
||||
case DIR_8x16:
|
||||
#endif
|
||||
table->insert = sfrt_dir_insert;
|
||||
table->lookup = sfrt_dir_lookup;
|
||||
table->free = sfrt_dir_free;
|
||||
table->usage = sfrt_dir_usage;
|
||||
|
||||
break;
|
||||
|
||||
default:
|
||||
free(table->data);
|
||||
free(table);
|
||||
return NULL;
|
||||
};
|
||||
|
||||
/* Allocate the user-specified DIR-n-m table */
|
||||
switch(table_type)
|
||||
{
|
||||
case DIR_24_8:
|
||||
table->rt = sfrt_dir_new(mem_cap, 2, 24,8);
|
||||
break;
|
||||
case DIR_16x2:
|
||||
table->rt = sfrt_dir_new(mem_cap, 2, 16,16);
|
||||
break;
|
||||
case DIR_16_8x2:
|
||||
table->rt = sfrt_dir_new(mem_cap, 3, 16,8,8);
|
||||
break;
|
||||
case DIR_16_4x4:
|
||||
table->rt = sfrt_dir_new(mem_cap, 5, 16,4,4,4,4);
|
||||
break;
|
||||
case DIR_8x4:
|
||||
table->rt = sfrt_dir_new(mem_cap, 4, 8,8,8,8);
|
||||
break;
|
||||
/* There is no reason to use 4x8 except for benchmarking and
|
||||
* comparison purposes. */
|
||||
case DIR_4x8:
|
||||
table->rt = sfrt_dir_new(mem_cap, 8, 4,4,4,4,4,4,4,4);
|
||||
break;
|
||||
/* There is no reason to use 2x16 except for benchmarking and
|
||||
* comparison purposes. */
|
||||
case DIR_2x16:
|
||||
table->rt = sfrt_dir_new(mem_cap, 16,
|
||||
2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2);
|
||||
break;
|
||||
#ifdef SUP_IP6
|
||||
case DIR_16_4x4_16x5_4x4:
|
||||
table->rt = sfrt_dir_new(mem_cap, 5, 16,4,4,4,4);
|
||||
table->rt6 = sfrt_dir_new(mem_cap, 14, 16,4,4,4,4,16,16,16,16,16,4,4,4,4);
|
||||
break;
|
||||
case DIR_16x7_4x4:
|
||||
table->rt = sfrt_dir_new(mem_cap, 5, 16,4,4,4,4);
|
||||
table->rt6 = sfrt_dir_new(mem_cap, 11, 16,16,16,16,16,16,16,4,4,4,4);
|
||||
break;
|
||||
case DIR_16x8:
|
||||
table->rt = sfrt_dir_new(mem_cap, 2, 16,16);
|
||||
table->rt6 = sfrt_dir_new(mem_cap, 8, 16,16,16,16,16,16,16,16);
|
||||
break;
|
||||
case DIR_8x16:
|
||||
table->rt = sfrt_dir_new(mem_cap, 4, 8,8,8,8);
|
||||
table->rt6 = sfrt_dir_new(mem_cap, 16,
|
||||
8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8);
|
||||
break;
|
||||
#endif
|
||||
};
|
||||
|
||||
if(!table->rt)
|
||||
{
|
||||
free(table->data);
|
||||
free(table);
|
||||
return NULL;
|
||||
}
|
||||
|
||||
#ifdef SUP_IP6
|
||||
if (!table->rt6)
|
||||
{
|
||||
table->free( table->rt );
|
||||
free(table->data);
|
||||
free(table);
|
||||
}
|
||||
#endif
|
||||
|
||||
return table;
|
||||
}
|
||||
|
||||
/* Free lookup table */
|
||||
void sfrt_free(table_t *table)
|
||||
{
|
||||
if(!table)
|
||||
{
|
||||
/* What are you calling me for? */
|
||||
return;
|
||||
}
|
||||
|
||||
if(!table->data)
|
||||
{
|
||||
/* This really really should not have happened */
|
||||
}
|
||||
else
|
||||
{
|
||||
free(table->data);
|
||||
}
|
||||
|
||||
if(!table->rt)
|
||||
{
|
||||
/* This should not have happened either */
|
||||
}
|
||||
else
|
||||
{
|
||||
table->free( table->rt );
|
||||
}
|
||||
|
||||
#ifdef SUP_IP6
|
||||
if(!table->rt6)
|
||||
{
|
||||
/* This should not have happened either */
|
||||
}
|
||||
else
|
||||
{
|
||||
table->free( table->rt6 );
|
||||
}
|
||||
#endif
|
||||
|
||||
free(table);
|
||||
}
|
||||
|
||||
/* Perform a lookup on value contained in "ip" */
|
||||
GENERIC sfrt_lookup(void *adr, table_t* table)
|
||||
{
|
||||
tuple_t tuple;
|
||||
#ifdef SUP_IP6
|
||||
sfip_t *ip;
|
||||
#else
|
||||
uint32_t ip;
|
||||
#endif
|
||||
void *rt = NULL;
|
||||
|
||||
if(!adr)
|
||||
{
|
||||
return NULL;
|
||||
}
|
||||
|
||||
if(!table || !table->lookup)
|
||||
{
|
||||
return NULL;
|
||||
}
|
||||
|
||||
#ifdef SUP_IP6
|
||||
ip = adr;
|
||||
if (ip->family == AF_INET)
|
||||
{
|
||||
rt = table->rt;
|
||||
}
|
||||
else if (ip->family == AF_INET6)
|
||||
{
|
||||
rt = table->rt6;
|
||||
}
|
||||
#else
|
||||
/* IPv6 not yet supported */
|
||||
if(table->ip_type == IPv6)
|
||||
{
|
||||
return NULL;
|
||||
}
|
||||
|
||||
ip = *(uint32_t*)adr;
|
||||
rt = table->rt;
|
||||
#endif
|
||||
|
||||
if (!rt)
|
||||
{
|
||||
return NULL;
|
||||
}
|
||||
|
||||
tuple = table->lookup(ip, rt);
|
||||
|
||||
if(tuple.index >= table->num_ent)
|
||||
{
|
||||
return NULL;
|
||||
}
|
||||
|
||||
return table->data[tuple.index];
|
||||
}
|
||||
|
||||
void sfrt_iterate(table_t* table, sfrt_iterator_callback userfunc)
|
||||
{
|
||||
uint32_t index;
|
||||
if (!table)
|
||||
return;
|
||||
|
||||
for (index = 0; index < table->num_ent; index++)
|
||||
{
|
||||
if (table->data[index])
|
||||
userfunc(table->data[index]);
|
||||
}
|
||||
|
||||
return;
|
||||
}
|
||||
|
||||
int sfrt_iterate2(table_t* table, sfrt_iterator_callback3 userfunc)
|
||||
{
|
||||
uint32_t index;
|
||||
if (!table)
|
||||
return 0;
|
||||
|
||||
for (index = 0; index < table->num_ent; index++)
|
||||
{
|
||||
if (table->data[index])
|
||||
{
|
||||
int ret = userfunc(table->data[index]);
|
||||
if (ret != 0)
|
||||
return ret;
|
||||
}
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
void sfrt_cleanup2(
|
||||
table_t* table,
|
||||
sfrt_iterator_callback2 cleanup_func,
|
||||
void *data
|
||||
)
|
||||
{
|
||||
uint32_t index;
|
||||
if (!table)
|
||||
return;
|
||||
|
||||
for (index = 0; index < table->num_ent; index++)
|
||||
{
|
||||
if (table->data[index])
|
||||
cleanup_func(table->data[index], data);
|
||||
|
||||
/* cleanup_func is supposed to free memory associated with this
|
||||
* table->data[index]. Set that to NULL.
|
||||
*/
|
||||
table->data[index] = NULL;
|
||||
}
|
||||
}
|
||||
|
||||
void sfrt_cleanup(table_t* table, sfrt_iterator_callback cleanup_func)
|
||||
{
|
||||
uint32_t index;
|
||||
if (!table)
|
||||
return;
|
||||
|
||||
for (index = 0; index < table->num_ent; index++)
|
||||
{
|
||||
if (table->data[index])
|
||||
cleanup_func(table->data[index]);
|
||||
|
||||
/* cleanup_func is supposed to free memory associated with this
|
||||
* table->data[index]. Set that to NULL.
|
||||
*/
|
||||
table->data[index] = NULL;
|
||||
}
|
||||
|
||||
return;
|
||||
}
|
||||
|
||||
GENERIC sfrt_search(void *adr, unsigned char len, table_t *table)
|
||||
{
|
||||
#ifdef SUP_IP6
|
||||
sfip_t *ip;
|
||||
#else
|
||||
uint32_t ip;
|
||||
#endif
|
||||
tuple_t tuple;
|
||||
void *rt = NULL;
|
||||
|
||||
if ((adr == NULL) || (table == NULL) || (len == 0))
|
||||
return NULL;
|
||||
|
||||
#ifdef SUP_IP6
|
||||
ip = adr;
|
||||
if (ip->family == AF_INET)
|
||||
{
|
||||
rt = table->rt;
|
||||
}
|
||||
else if (ip->family == AF_INET6)
|
||||
{
|
||||
rt = table->rt6;
|
||||
}
|
||||
#else
|
||||
/* IPv6 not yet supported */
|
||||
if(table->ip_type == IPv6)
|
||||
{
|
||||
return NULL;
|
||||
}
|
||||
|
||||
ip = *(uint32_t*)adr;
|
||||
rt = table->rt;
|
||||
#endif
|
||||
/* IPv6 not yet supported */
|
||||
if (table->ip_type == IPv6)
|
||||
return NULL;
|
||||
|
||||
if( (table->ip_type == IPv4 && len > 32) ||
|
||||
(table->ip_type == IPv6 && len > 128) )
|
||||
{
|
||||
return NULL;
|
||||
}
|
||||
|
||||
#ifdef SUP_IP6
|
||||
ip = adr;
|
||||
#else
|
||||
ip = *(uint32_t*)adr;
|
||||
#endif
|
||||
|
||||
tuple = table->lookup(ip, rt);
|
||||
|
||||
if (tuple.length != len)
|
||||
return NULL;
|
||||
|
||||
return table->data[tuple.index];
|
||||
}
|
||||
|
||||
/* Insert "ip", of length "len", into "table", and have it point to "ptr" */
|
||||
/* Insert "ip", of length "len", into "table", and have it point to "ptr" */
|
||||
int sfrt_insert(void *adr, unsigned char len, GENERIC ptr,
|
||||
int behavior, table_t *table)
|
||||
{
|
||||
int index;
|
||||
int res;
|
||||
#ifdef SUP_IP6
|
||||
sfip_t *ip;
|
||||
#else
|
||||
uint32_t ip;
|
||||
#endif
|
||||
tuple_t tuple;
|
||||
void *rt = NULL;
|
||||
|
||||
if(!adr)
|
||||
{
|
||||
return RT_INSERT_FAILURE;
|
||||
}
|
||||
|
||||
if (len == 0)
|
||||
return RT_INSERT_FAILURE;
|
||||
|
||||
if(!table || !table->insert || !table->data || !table->lookup)
|
||||
{
|
||||
return RT_INSERT_FAILURE;
|
||||
}
|
||||
|
||||
if( (table->ip_type == IPv4 && len > 32) ||
|
||||
(table->ip_type == IPv6 && len > 128) )
|
||||
{
|
||||
return RT_INSERT_FAILURE;
|
||||
}
|
||||
|
||||
#ifdef SUP_IP6
|
||||
ip = adr;
|
||||
#else
|
||||
ip = *(uint32_t*)adr;
|
||||
#endif
|
||||
|
||||
/* Check if we can reuse an existing data table entry by
|
||||
* seeing if there is an existing entry with the same length. */
|
||||
/* Only perform this if the table is not an LC-trie */
|
||||
#ifdef SUPPORT_LCTRIE
|
||||
if(table->table_type != LCT)
|
||||
{
|
||||
#endif
|
||||
|
||||
#ifdef SUP_IP6
|
||||
if (ip->family == AF_INET)
|
||||
{
|
||||
rt = table->rt;
|
||||
}
|
||||
else if (ip->family == AF_INET6)
|
||||
{
|
||||
rt = table->rt6;
|
||||
}
|
||||
#else
|
||||
rt = table->rt;
|
||||
#endif
|
||||
if (!rt)
|
||||
{
|
||||
return RT_INSERT_FAILURE;
|
||||
}
|
||||
|
||||
tuple = table->lookup(ip, table->rt);
|
||||
|
||||
#ifdef SUPPORT_LCTRIE
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef SUPPORT_LCTRIE
|
||||
if(table->table_type == LCT || tuple.length != len)
|
||||
{
|
||||
#else
|
||||
if(tuple.length != len)
|
||||
{
|
||||
#endif
|
||||
if( table->num_ent >= table->max_size)
|
||||
{
|
||||
return RT_POLICY_TABLE_EXCEEDED;
|
||||
}
|
||||
|
||||
index = table->num_ent;
|
||||
table->num_ent++;
|
||||
}
|
||||
else
|
||||
{
|
||||
index = tuple.index;
|
||||
}
|
||||
|
||||
/* Insert value into policy table */
|
||||
table->data[ index ] = ptr;
|
||||
|
||||
/* The actual value that is looked-up is an index
|
||||
* into the data table. */
|
||||
res = table->insert(ip, len, index, behavior, rt);
|
||||
|
||||
/* Check if we ran out of memory. If so, need to decrement
|
||||
* table->num_ent */
|
||||
if(res == MEM_ALLOC_FAILURE)
|
||||
{
|
||||
/* From the control flow above, it's possible table->num_ent was not
|
||||
* incremented. It should be safe to decrement here, because the only
|
||||
* time it will be incremented above is when we are potentially
|
||||
* mallocing one or more new entries (It's not incremented when we
|
||||
* overwrite an existing entry). */
|
||||
table->num_ent--;
|
||||
}
|
||||
|
||||
return res;
|
||||
}
|
||||
|
||||
uint32_t sfrt_num_entries(table_t *table)
|
||||
{
|
||||
if(!table || !table->rt || !table->allocated)
|
||||
{
|
||||
return 0;
|
||||
}
|
||||
|
||||
/* There is always a root node, so subtract 1 for it */
|
||||
return table->num_ent - 1;
|
||||
}
|
||||
|
||||
uint32_t sfrt_usage(table_t *table)
|
||||
{
|
||||
uint32_t usage;
|
||||
if(!table || !table->rt || !table->allocated || !table->usage)
|
||||
{
|
||||
return 0;
|
||||
}
|
||||
|
||||
usage = table->allocated + table->usage( table->rt );
|
||||
|
||||
#ifdef SUP_IP6
|
||||
if (table->rt6)
|
||||
{
|
||||
usage += table->usage( table->rt6 );
|
||||
}
|
||||
#endif
|
||||
|
||||
return usage;
|
||||
}
|
||||
|
||||
#ifdef DEBUG_SFRT
|
||||
|
||||
#define NUM_IPS 32
|
||||
#define NUM_DATA 4
|
||||
|
||||
int main()
|
||||
{
|
||||
table_t *dir;
|
||||
uint32_t ip_list[NUM_IPS]; /* entirely arbitrary */
|
||||
char data[NUM_DATA]; /* also entirely arbitrary */
|
||||
uint32_t index, val;
|
||||
|
||||
for(index=0; index<NUM_IPS; index++)
|
||||
{
|
||||
ip_list[index] = (uint32_t)rand()%NUM_IPS;
|
||||
data[index%NUM_DATA] = index%26 + 65; /* Random letter */
|
||||
}
|
||||
|
||||
dir = sfrt_new(DIR_16x2, IPv4, NUM_IPS, 20);
|
||||
|
||||
if(!dir)
|
||||
{
|
||||
printf("Failed to create DIR\n");
|
||||
return 1;
|
||||
}
|
||||
|
||||
for(index=0; index < NUM_IPS; index++)
|
||||
{
|
||||
if(sfrt_insert(&ip_list[index], 32, &data[index%NUM_DATA],
|
||||
RT_FAVOR_SPECIFIC, dir) != RT_SUCCESS)
|
||||
{
|
||||
printf("DIR Insertion failure\n");
|
||||
return 1;
|
||||
}
|
||||
|
||||
printf("%d\t %x: %c -> %c\n", index, ip_list[index],
|
||||
data[index%NUM_DATA], *(uint32_t*)sfrt_lookup(&ip_list[index], dir));
|
||||
|
||||
}
|
||||
|
||||
for(index=0; index < NUM_IPS; index++)
|
||||
{
|
||||
val = *(uint32_t*)sfrt_lookup(&ip_list[index], dir);
|
||||
printf("\t@%d\t%x: %c. originally:\t%c\n",
|
||||
index, ip_list[index], val, data[index%NUM_DATA]);
|
||||
}
|
||||
|
||||
printf("Usage: %d bytes\n", ((dir_table_t*)(dir->rt))->allocated);
|
||||
|
||||
sfrt_free(dir);
|
||||
return 0;
|
||||
}
|
||||
|
||||
#endif /* DEBUG_SFRT */
|
||||
|
|
@ -0,0 +1,216 @@
|
|||
/****************************************************************************
|
||||
*
|
||||
* Copyright (C) 2006-2010 Sourcefire, Inc.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License Version 2 as
|
||||
* published by the Free Software Foundation. You may not use, modify or
|
||||
* distribute this program under any other version of the GNU General
|
||||
* Public License.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program; if not, write to the Free Software
|
||||
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
|
||||
*
|
||||
****************************************************************************/
|
||||
|
||||
/*
|
||||
* @file sfrt.h
|
||||
* @author Adam Keeton <akeeton@sourcefire.com>
|
||||
* @date Thu July 20 10:16:26 EDT 2006
|
||||
*
|
||||
* SFRT implements two different routing table lookup methods that have been
|
||||
* adapted to return a void pointers. Any generic information may be
|
||||
* associated with a given IP or CIDR block.
|
||||
*
|
||||
* As of this writing, the two methods used are Stefan Nilsson and Gunnar
|
||||
* Karlsson's LC-trie, and a multibit-trie method similar to Gupta et-al.'s
|
||||
* DIR-n-m. Presently, the LC-trie is used for testing purposes as the
|
||||
* current implementation does not allow for fast, dynamic inserts.
|
||||
*
|
||||
* The intended use is to associate large IP blocks with specific information;
|
||||
* such as what may be written into the table by RNA.
|
||||
*
|
||||
* NOTE: information should only move from less specific to more specific, ie:
|
||||
*
|
||||
* First insert: 1.1.0.0/16 -> some data
|
||||
* Second insert: 1.1.2.3 -> some other data
|
||||
*
|
||||
* As opposed to:
|
||||
*
|
||||
* First insert: 1.1.2.3 -> some other data
|
||||
* Second insert: 1.1.0.0/16 -> some data
|
||||
*
|
||||
* If more general information is to overwrite existing entries, the table
|
||||
* should be free'ed and rebuilt. This is due to the difficulty of cleaning
|
||||
* out stale entries with the current implementation. At runtime, this won't
|
||||
* be a significant issue since inserts should apply to specific IP addresses
|
||||
* and not entire blocks of IPs.
|
||||
*
|
||||
*
|
||||
* Implementation:
|
||||
*
|
||||
* The routing tables associate an index into a "data" table with each CIDR.
|
||||
* Each entry in the data table stores a pointer to actual data. This
|
||||
* implementation was chosen so each routing entry only needs one word to
|
||||
* either index the data array, or point to another table.
|
||||
*
|
||||
* Inserts are performed by specifying a CIDR and a pointer to its associated
|
||||
* data. Since a new routing table entry may overwrite previous entries,
|
||||
* a flag selects whether the insert favors the most recent or favors the most
|
||||
* specific. Favoring most specific should be the default behvior. If
|
||||
* the user wishes to overwrite routing entries with more general data, the
|
||||
* table should be flushed, rather than using favor-most-recent.
|
||||
*
|
||||
* Before modifying the routing or data tables, the insert function performs a
|
||||
* lookup on the CIDR-to-be-insertted. If no entry or an entry *of differing
|
||||
* bit length* is found, the data is insertted into the data table, and its
|
||||
* index is used for the new routing table entry. If an entry is found that
|
||||
* is as specific as the new CIDR, the index stored points to where the new
|
||||
* data is written into the data table.
|
||||
*
|
||||
* If more specific CIDR blocks overwrote the data table, then the more
|
||||
* general routing table entries that were not overwritten will be referencing
|
||||
* the wrong data. Alternatively, less specific entries can only overwrite
|
||||
* existing routing table entries if favor-most-recent inserts are used.
|
||||
*
|
||||
* Because there is no quick way to clean the data-table if a user wishes to
|
||||
* use a favor-most-recent insert for more general data, the user should flush
|
||||
* the table with sfrt_free and create one anew. Alternatively, a small
|
||||
* memory leak occurs with the data table, as it will be storing pointers that
|
||||
* no routing table entry cares about.
|
||||
*
|
||||
*
|
||||
* The API calls that should be used are:
|
||||
* sfrt_new - create new table
|
||||
* sfrt_insert - insert entry
|
||||
* sfrt_lookup - lookup entry
|
||||
* sfrt_free - free table
|
||||
*/
|
||||
|
||||
#ifndef _SFRT_H_
|
||||
#define _SFRT_H_
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
#include "config.h"
|
||||
#endif
|
||||
|
||||
#include <stdlib.h>
|
||||
#include <sys/types.h>
|
||||
#include "sfrt_trie.h"
|
||||
#include "debug.h"
|
||||
#include "ipv6_port.h"
|
||||
|
||||
#ifdef SUP_IP6
|
||||
typedef sfip_t *IP;
|
||||
#else
|
||||
typedef uint32_t IP;
|
||||
#endif
|
||||
typedef void* GENERIC; /* To be replaced with a pointer to a policy */
|
||||
typedef struct
|
||||
{
|
||||
word index;
|
||||
word length;
|
||||
} tuple_t;
|
||||
|
||||
|
||||
#include "sfrt_dir.h"
|
||||
//#define SUPPORT_LCTRIE
|
||||
#ifdef SUPPORT_LCTRIE
|
||||
#include "sfrt_lctrie.h"
|
||||
#endif
|
||||
|
||||
enum types
|
||||
{
|
||||
#ifdef SUPPORT_LCTRIE
|
||||
LCT,
|
||||
#endif
|
||||
DIR_24_8,
|
||||
DIR_16x2,
|
||||
DIR_16_8x2,
|
||||
DIR_16_4x4,
|
||||
DIR_8x4,
|
||||
DIR_4x8,
|
||||
DIR_2x16,
|
||||
#ifdef SUP_IP6
|
||||
DIR_16_4x4_16x5_4x4,
|
||||
DIR_16x7_4x4,
|
||||
DIR_16x8,
|
||||
DIR_8x16,
|
||||
#endif
|
||||
IPv4,
|
||||
IPv6
|
||||
};
|
||||
|
||||
enum return_codes
|
||||
{
|
||||
RT_SUCCESS=0,
|
||||
RT_INSERT_FAILURE,
|
||||
RT_POLICY_TABLE_EXCEEDED,
|
||||
DIR_INSERT_FAILURE,
|
||||
DIR_LOOKUP_FAILURE,
|
||||
MEM_ALLOC_FAILURE
|
||||
#ifdef SUPPORT_LCTRIE
|
||||
,
|
||||
LCT_COMPILE_FAILURE,
|
||||
LCT_INSERT_FAILURE,
|
||||
LCT_LOOKUP_FAILURE
|
||||
#endif
|
||||
};
|
||||
|
||||
/* Defined in sfrt.c */
|
||||
extern char *rt_error_messages[];
|
||||
|
||||
enum
|
||||
{
|
||||
RT_FAVOR_TIME,
|
||||
RT_FAVOR_SPECIFIC
|
||||
};
|
||||
|
||||
/*******************************************************************/
|
||||
/* Master table struct. Abstracts DIR and LC-trie methods */
|
||||
typedef struct
|
||||
{
|
||||
GENERIC *data; /* data table. Each IP points to an entry here */
|
||||
uint32_t num_ent; /* Number of entries in the policy table */
|
||||
uint32_t max_size; /* Max size of policies array */
|
||||
char ip_type; /* Only IPs of this family will be used */
|
||||
char table_type;
|
||||
uint32_t allocated;
|
||||
|
||||
void *rt; /* Actual "routing" table */
|
||||
#ifdef SUP_IP6
|
||||
void *rt6; /* Actual "routing" table */
|
||||
#endif
|
||||
|
||||
tuple_t (*lookup)(IP ip, GENERIC);
|
||||
int (*insert)(IP ip, int len, word index, int behavior, GENERIC);
|
||||
void (*free)(void *);
|
||||
uint32_t (*usage)(void *);
|
||||
} table_t;
|
||||
/*******************************************************************/
|
||||
|
||||
/* Abstracted routing table API */
|
||||
table_t * sfrt_new(char type, char ip_type, long data_size, uint32_t mem_cap);
|
||||
void sfrt_free(table_t *table);
|
||||
GENERIC sfrt_lookup(void *adr, table_t* table);
|
||||
GENERIC sfrt_search(void *adr, unsigned char len, table_t *table);
|
||||
typedef void (*sfrt_iterator_callback)(void *);
|
||||
typedef void (*sfrt_iterator_callback2)(void *, void *);
|
||||
typedef int (*sfrt_iterator_callback3)(void *);
|
||||
void sfrt_iterate(table_t* table, sfrt_iterator_callback userfunc);
|
||||
int sfrt_iterate2(table_t* table, sfrt_iterator_callback3 userfunc);
|
||||
void sfrt_cleanup(table_t* table, sfrt_iterator_callback userfunc);
|
||||
void sfrt_cleanup2(table_t*, sfrt_iterator_callback2, void *);
|
||||
int sfrt_insert(void *adr, unsigned char len, GENERIC ptr,
|
||||
int behavior, table_t *table);
|
||||
uint32_t sfrt_usage(table_t *table);
|
||||
uint32_t sfrt_num_entries(table_t *table);
|
||||
|
||||
#endif
|
||||
|
|
@ -0,0 +1,551 @@
|
|||
/****************************************************************************
|
||||
*
|
||||
* Copyright (C) 2006-2010 Sourcefire, Inc.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License Version 2 as
|
||||
* published by the Free Software Foundation. You may not use, modify or
|
||||
* distribute this program under any other version of the GNU General
|
||||
* Public License.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program; if not, write to the Free Software
|
||||
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
|
||||
*
|
||||
****************************************************************************/
|
||||
|
||||
/*
|
||||
* @file sfdir.c
|
||||
* @author Adam Keeton <akeeton@sourcefire.com>
|
||||
* @date Thu July 20 10:16:26 EDT 2006
|
||||
*
|
||||
* The implementation uses an multibit-trie that is similar to Gupta et-al's
|
||||
* DIR-n-m.
|
||||
*/
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
#include "config.h"
|
||||
#endif
|
||||
|
||||
#include <stdarg.h> /* For variadic */
|
||||
#include <stdio.h>
|
||||
#include <string.h> /* For memset */
|
||||
#include "sfrt.h"
|
||||
#include "sfrt_dir.h"
|
||||
|
||||
#if SIZEOF_UNSIGNED_LONG_INT == 8
|
||||
#define ARCH_WIDTH 64
|
||||
#else
|
||||
#define ARCH_WIDTH 32
|
||||
#endif
|
||||
|
||||
#ifdef SUP_IP6
|
||||
typedef struct {
|
||||
IP ip;
|
||||
int bits;
|
||||
} IPLOOKUP;
|
||||
#else
|
||||
typedef IP IPLOOKUP;
|
||||
#endif
|
||||
|
||||
/* Create new "sub" table of 2^width entries */
|
||||
static dir_sub_table_t *_sub_table_new(dir_table_t *root, uint32_t dimension,
|
||||
uint32_t prefill, uint32_t bit_length)
|
||||
{
|
||||
|
||||
int width = root->dimensions[dimension];
|
||||
int len = 1 << width;
|
||||
int index;
|
||||
dir_sub_table_t *sub;
|
||||
|
||||
/* Check if creating this node will exceed the memory cap.
|
||||
* The symbols in the conditional (other than cap), come from the
|
||||
* allocs below. */
|
||||
if( root->mem_cap < ( root->allocated +
|
||||
sizeof(dir_sub_table_t) +
|
||||
sizeof(word) * len + len ) ||
|
||||
bit_length > 128)
|
||||
{
|
||||
return NULL;
|
||||
}
|
||||
|
||||
/* Set up the initial prefilled "sub table" */
|
||||
sub = (dir_sub_table_t*)malloc(sizeof(dir_sub_table_t));
|
||||
|
||||
if(!sub)
|
||||
{
|
||||
return NULL;
|
||||
}
|
||||
|
||||
/* This keeps the width readily available rather than recalculating it
|
||||
* from the number of entries during an insert or lookup */
|
||||
sub->width = width;
|
||||
|
||||
/* need 2^sub->width entries */
|
||||
sub->num_entries = len;
|
||||
|
||||
sub->entries = (word*)malloc(sizeof(word) * sub->num_entries);
|
||||
|
||||
if(!sub->entries)
|
||||
{
|
||||
free(sub);
|
||||
return NULL;
|
||||
}
|
||||
|
||||
/* A "length" needs to be stored with each entry above. The length refers
|
||||
* to how specific the insertion that set the entry was. It is necessary
|
||||
* so that the entry is not overwritten by less general routing
|
||||
* information if "RT_FAVOR_SPECIFIC" insertions are being performed. */
|
||||
sub->lengths = (char*)malloc(sub->num_entries);
|
||||
|
||||
if(!sub->lengths)
|
||||
{
|
||||
free(sub->entries);
|
||||
free(sub);
|
||||
return NULL;
|
||||
}
|
||||
|
||||
/* Can't use memset here since prefill is multibyte */
|
||||
for(index = 0; index < sub->num_entries; index++)
|
||||
{
|
||||
sub->entries[index] = prefill;
|
||||
sub->lengths[index] = (char)bit_length;
|
||||
}
|
||||
|
||||
sub->cur_num = 0;
|
||||
|
||||
root->allocated += sizeof(dir_sub_table_t) + sizeof(word) * sub->num_entries;
|
||||
|
||||
root->cur_num++;
|
||||
|
||||
return sub;
|
||||
}
|
||||
|
||||
/* Create new dir-n-m root table with 'count' depth */
|
||||
dir_table_t *sfrt_dir_new(uint32_t mem_cap, int count,...)
|
||||
{
|
||||
va_list ap;
|
||||
uint32_t val;
|
||||
int index;
|
||||
|
||||
dir_table_t* table = (dir_table_t*)malloc(sizeof(dir_table_t));
|
||||
|
||||
if(!table)
|
||||
{
|
||||
return NULL;
|
||||
}
|
||||
|
||||
table->allocated = 0;
|
||||
|
||||
table->dimensions = (int*)malloc(sizeof(int)*count);
|
||||
|
||||
if(!table->dimensions)
|
||||
{
|
||||
free(table);
|
||||
return NULL;
|
||||
}
|
||||
|
||||
table->dim_size = count;
|
||||
|
||||
va_start(ap, count);
|
||||
|
||||
for(index=0; index < count; index++)
|
||||
{
|
||||
val = va_arg(ap, int);
|
||||
table->dimensions[index] = val;
|
||||
}
|
||||
|
||||
va_end(ap);
|
||||
|
||||
table->mem_cap = mem_cap;
|
||||
|
||||
table->cur_num = 0;
|
||||
|
||||
table->sub_table = _sub_table_new(table, 0, 0, 0);
|
||||
|
||||
if(!table->sub_table)
|
||||
{
|
||||
free(table->dimensions);
|
||||
free(table);
|
||||
return NULL;
|
||||
}
|
||||
|
||||
table->allocated += sizeof(dir_table_t) + sizeof(int)*count;
|
||||
|
||||
return table;
|
||||
}
|
||||
|
||||
/* Traverse "sub" tables, freeing each */
|
||||
static void _sub_table_free(uint32_t *allocated, dir_sub_table_t *sub)
|
||||
{
|
||||
int index;
|
||||
|
||||
sub->cur_num--;
|
||||
|
||||
for(index=0; index < sub->num_entries; index++)
|
||||
{
|
||||
/* The following condition will only be true if
|
||||
* this entry is a pointer */
|
||||
if( !sub->lengths[index] && sub->entries[index] )
|
||||
{
|
||||
_sub_table_free( allocated, (dir_sub_table_t*) sub->entries[index]);
|
||||
}
|
||||
}
|
||||
|
||||
if(sub->entries)
|
||||
{
|
||||
/* This probably does not need to be checked
|
||||
* since if it was not allocated, we would have errored out
|
||||
* in _sub_table_new */
|
||||
free(sub->entries);
|
||||
|
||||
*allocated -= sizeof(word) * sub->num_entries;
|
||||
}
|
||||
|
||||
if(sub->lengths)
|
||||
{
|
||||
/* This probably does not need to be checked
|
||||
* since if it was not allocated, we would have errored out
|
||||
* in _sub_table_new */
|
||||
free(sub->lengths);
|
||||
|
||||
*allocated -= sub->num_entries;
|
||||
}
|
||||
|
||||
free(sub);
|
||||
|
||||
*allocated -= sizeof(dir_sub_table_t);
|
||||
}
|
||||
|
||||
/* Free the DIR-n-m structure */
|
||||
void sfrt_dir_free(void *tbl)
|
||||
{
|
||||
dir_table_t *table = (dir_table_t*)tbl;
|
||||
|
||||
if(!table)
|
||||
{
|
||||
return;
|
||||
}
|
||||
|
||||
if(table->sub_table)
|
||||
{
|
||||
_sub_table_free(&table->allocated, table->sub_table);
|
||||
}
|
||||
|
||||
if(table->dimensions)
|
||||
{
|
||||
free(table->dimensions);
|
||||
}
|
||||
|
||||
free(table);
|
||||
}
|
||||
|
||||
static INLINE void _dir_fill_all(uint32_t *allocated, uint32_t index, uint32_t fill,
|
||||
word length, uint32_t val, dir_sub_table_t *table)
|
||||
{
|
||||
|
||||
/* Fill entries */
|
||||
for(; index < fill; index++)
|
||||
{
|
||||
/* Before overwriting this entry, verify there's not an existing
|
||||
* pointer ... otherwise free it to avoid a huge memory leak. */
|
||||
if( table->entries[index] && !table->lengths[index])
|
||||
{
|
||||
_sub_table_free(allocated, (dir_sub_table_t*)table->entries[index]);
|
||||
}
|
||||
|
||||
table->entries[index] = val;
|
||||
table->lengths[index] = (char)length;
|
||||
}
|
||||
}
|
||||
|
||||
static INLINE void _dir_fill_less_specific(int index, int fill,
|
||||
word length, uint32_t val, dir_sub_table_t *table)
|
||||
{
|
||||
|
||||
/* Fill entries */
|
||||
for(; index < fill; index++)
|
||||
{
|
||||
/* If we encounter a pointer, and we're inserting at this level, we
|
||||
* automatically know that this entry refers to more specific
|
||||
* information. However, there might only be one more specific entry
|
||||
* in the entire block, meaning the rest must be filled.
|
||||
*
|
||||
* For instance, imagine a 24-8 with 1.2.3/24 -> A and 1.2.3.4/32 -> B
|
||||
* There will be a pointer at 1.2.3 in the first table. The second
|
||||
* table needs to have 255 entries pointing A, and 1 entry pointing to
|
||||
* B.
|
||||
*
|
||||
* Therefore, recurse to this next level. */
|
||||
|
||||
if( !table->lengths[index] && table->entries[index])
|
||||
{
|
||||
dir_sub_table_t *next = (dir_sub_table_t*)table->entries[index];
|
||||
_dir_fill_less_specific(0, 1 << next->width, length, val, next);
|
||||
}
|
||||
else if(length >= (word)table->lengths[index])
|
||||
{
|
||||
table->entries[index] = val;
|
||||
table->lengths[index] = (char)length;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/* Sub table insertion
|
||||
* This is called by dir_insert and recursively to find the the sub table
|
||||
* that should house the value "ptr"
|
||||
* @param ip IP address structure
|
||||
* @param cur_len Number of bits of the IP left at this depth
|
||||
* @param length Number of bits of the IP used to specify this CIDR
|
||||
* @param ptr Information to be associated with this IP range
|
||||
* @param master_table The table that describes all, returned by dir_new */
|
||||
static int _dir_sub_insert(IPLOOKUP *ip, int length, int cur_len, GENERIC ptr,
|
||||
int current_depth, int behavior,
|
||||
dir_sub_table_t *sub_table, dir_table_t *root_table)
|
||||
{
|
||||
|
||||
word index;
|
||||
uint32_t fill;
|
||||
#ifdef SUP_IP6
|
||||
{
|
||||
uint32_t local_index, i;
|
||||
/* need to handle bits usage across multiple 32bit vals within IPv6. */
|
||||
if (ip->ip->family == AF_INET)
|
||||
{
|
||||
i=0;
|
||||
}
|
||||
else if (ip->ip->family == AF_INET6)
|
||||
{
|
||||
if (ip->bits < 32 )
|
||||
{
|
||||
i=0;
|
||||
}
|
||||
else if (ip->bits < 64)
|
||||
{
|
||||
i=1;
|
||||
}
|
||||
else if (ip->bits < 96)
|
||||
{
|
||||
i=2;
|
||||
}
|
||||
else
|
||||
{
|
||||
i=3;
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
return RT_INSERT_FAILURE;
|
||||
}
|
||||
local_index = ip->ip->ip32[i] << (ip->bits %32);
|
||||
index = local_index >> (ARCH_WIDTH - sub_table->width);
|
||||
}
|
||||
#else
|
||||
IPLOOKUP iplu;
|
||||
/* Index is determined by the highest 'len' bits in 'ip' */
|
||||
index = *ip >> (ARCH_WIDTH - sub_table->width);
|
||||
#endif
|
||||
|
||||
/* Check if this is the last table to traverse to */
|
||||
if(sub_table->width >= cur_len)
|
||||
{
|
||||
/* Calculate how many entries need to be filled
|
||||
* in this table. If the table is 24 bits wide, and the entry
|
||||
* is 20 bytes long, 2^4 entries need to be filled. */
|
||||
fill = 1 << (sub_table->width - cur_len);
|
||||
|
||||
index = (index >> (sub_table->width - cur_len)) <<
|
||||
(sub_table->width - cur_len);
|
||||
|
||||
fill += index;
|
||||
|
||||
/* Favor most recent CIDR */
|
||||
if(behavior == RT_FAVOR_TIME)
|
||||
{
|
||||
_dir_fill_all(&root_table->allocated, index, fill, length,
|
||||
(word)ptr, sub_table);
|
||||
}
|
||||
/* Fill over less specific CIDR */
|
||||
else
|
||||
{
|
||||
_dir_fill_less_specific(index, fill, length, (word)ptr, sub_table);
|
||||
}
|
||||
}
|
||||
/* Need to traverse to a sub-table */
|
||||
else
|
||||
{
|
||||
dir_sub_table_t *next_sub =
|
||||
(dir_sub_table_t *)sub_table->entries[index];
|
||||
|
||||
/* Check if we need to alloc a new sub table.
|
||||
* If next_sub was 0/NULL, there's no entry at this index
|
||||
* If the length is non-zero, there is an entry */
|
||||
if(!next_sub || sub_table->lengths[index])
|
||||
{
|
||||
if( root_table->dim_size <= current_depth )
|
||||
{
|
||||
return RT_INSERT_FAILURE;
|
||||
}
|
||||
|
||||
sub_table->entries[index] =
|
||||
(word) _sub_table_new(root_table, current_depth+1,
|
||||
(word) next_sub, sub_table->lengths[index]);
|
||||
|
||||
sub_table->cur_num++;
|
||||
|
||||
sub_table->lengths[index] = 0;
|
||||
|
||||
next_sub = (dir_sub_table_t *)sub_table->entries[index];
|
||||
|
||||
if(!next_sub)
|
||||
{
|
||||
return MEM_ALLOC_FAILURE;
|
||||
}
|
||||
}
|
||||
/* Recurse to next level. Rightshift off appropriate number of
|
||||
* bits and update the length accordingly. */
|
||||
#ifdef SUP_IP6
|
||||
ip->bits += sub_table->width;
|
||||
_dir_sub_insert(ip, length,
|
||||
cur_len - sub_table->width, ptr, current_depth+1,
|
||||
behavior, next_sub, root_table);
|
||||
#else
|
||||
iplu = *ip << sub_table->width;
|
||||
_dir_sub_insert(&iplu, length,
|
||||
cur_len - sub_table->width, ptr, current_depth+1,
|
||||
behavior, next_sub, root_table);
|
||||
#endif
|
||||
}
|
||||
|
||||
return RT_SUCCESS;
|
||||
}
|
||||
|
||||
/* Insert entry into DIR-n-m tables
|
||||
* @param ip IP address structure
|
||||
* @param len Number of bits of the IP used for lookup
|
||||
* @param ptr Information to be associated with this IP range
|
||||
* @param master_table The table that describes all, returned by dir_new */
|
||||
int sfrt_dir_insert(IP ip, int len, word data_index,
|
||||
int behavior, void *table)
|
||||
{
|
||||
dir_table_t *root = (dir_table_t*)table;
|
||||
#ifdef SUP_IP6
|
||||
IPLOOKUP iplu;
|
||||
iplu.ip = ip;
|
||||
iplu.bits = 0;
|
||||
#else
|
||||
IPLOOKUP iplu = ip;
|
||||
#endif
|
||||
|
||||
/* Validate arguments */
|
||||
if(!root || !root->sub_table)
|
||||
{
|
||||
return DIR_INSERT_FAILURE;
|
||||
}
|
||||
|
||||
/* Find the sub table in which to insert */
|
||||
return _dir_sub_insert(&iplu, len, len, (GENERIC)data_index,
|
||||
0, behavior, root->sub_table, root);
|
||||
}
|
||||
|
||||
/* Traverse sub tables looking for match */
|
||||
/* Called by dir_lookup and recursively */
|
||||
static tuple_t _dir_sub_lookup(IPLOOKUP *ip, dir_sub_table_t *table)
|
||||
{
|
||||
word index;
|
||||
#ifdef SUP_IP6
|
||||
{
|
||||
uint32_t local_index, i;
|
||||
/* need to handle bits usage across multiple 32bit vals within IPv6. */
|
||||
if (ip->ip->family == AF_INET)
|
||||
{
|
||||
i=0;
|
||||
}
|
||||
else if (ip->ip->family == AF_INET6)
|
||||
{
|
||||
if (ip->bits < 32 )
|
||||
{
|
||||
i=0;
|
||||
}
|
||||
else if (ip->bits < 64)
|
||||
{
|
||||
i=1;
|
||||
}
|
||||
else if (ip->bits < 96)
|
||||
{
|
||||
i=2;
|
||||
}
|
||||
else
|
||||
{
|
||||
i=3;
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
tuple_t ret = { 0, 0 };
|
||||
return ret;
|
||||
}
|
||||
local_index = ip->ip->ip32[i] << (ip->bits %32);
|
||||
index = local_index >> (ARCH_WIDTH - table->width);
|
||||
}
|
||||
#else
|
||||
IPLOOKUP iplu;
|
||||
index = *ip >> (ARCH_WIDTH - table->width);
|
||||
#endif
|
||||
|
||||
if( !table->entries[index] || table->lengths[index] )
|
||||
{
|
||||
tuple_t ret;
|
||||
ret.index = table->entries[index];
|
||||
ret.length = (word)table->lengths[index];
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
#ifdef SUP_IP6
|
||||
ip->bits += table->width;
|
||||
return _dir_sub_lookup( ip, (dir_sub_table_t *)table->entries[index]);
|
||||
#else
|
||||
iplu = *ip << table->width;
|
||||
return _dir_sub_lookup( &iplu, (dir_sub_table_t *)table->entries[index]);
|
||||
#endif
|
||||
}
|
||||
|
||||
/* Lookup information associated with the value "ip" */
|
||||
tuple_t sfrt_dir_lookup(IP ip, void *tbl)
|
||||
{
|
||||
dir_table_t *root = (dir_table_t*)tbl;
|
||||
#ifdef SUP_IP6
|
||||
IPLOOKUP iplu;
|
||||
iplu.ip = ip;
|
||||
iplu.bits = 0;
|
||||
#else
|
||||
IPLOOKUP iplu = ip;
|
||||
#endif
|
||||
|
||||
if(!root || !root->sub_table)
|
||||
{
|
||||
tuple_t ret = { 0, 0 };
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
return _dir_sub_lookup(&iplu, root->sub_table);
|
||||
}
|
||||
|
||||
|
||||
uint32_t sfrt_dir_usage(void *table)
|
||||
{
|
||||
if(!table)
|
||||
{
|
||||
return 0;
|
||||
}
|
||||
|
||||
return ((dir_table_t*)(table))->allocated;
|
||||
}
|
||||
|
|
@ -0,0 +1,81 @@
|
|||
/****************************************************************************
|
||||
*
|
||||
* Copyright (C) 2006-2010 Sourcefire, Inc.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License Version 2 as
|
||||
* published by the Free Software Foundation. You may not use, modify or
|
||||
* distribute this program under any other version of the GNU General
|
||||
* Public License.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program; if not, write to the Free Software
|
||||
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
|
||||
*
|
||||
****************************************************************************/
|
||||
|
||||
/*
|
||||
* @file sfdir.h
|
||||
* @author Adam Keeton <akeeton@sourcefire.com>
|
||||
* @date Thu July 20 10:16:26 EDT 2006
|
||||
*
|
||||
* The implementation uses an multibit-trie that is similar to Gupta et-al's
|
||||
* DIR-n-m.
|
||||
*/
|
||||
|
||||
#ifndef SFRT_DIR_H_
|
||||
#define SFRT_DIR_H_
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
#include "config.h"
|
||||
#endif
|
||||
/*******************************************************************/
|
||||
/* DIR-n-m data structures
|
||||
* Each table in the DIR-n-m method is represented by a
|
||||
* dir_sub_table_t. They are managed by a dir_table_t. */
|
||||
typedef struct
|
||||
{
|
||||
word *entries;
|
||||
char *lengths;
|
||||
int num_entries; /* Number of entries in this table */
|
||||
int width; /* width of this table. */
|
||||
/* While one determines the other, this way fewer
|
||||
* calculations are needed at runtime, since both
|
||||
* are used. */
|
||||
int cur_num; /* Present number of used nodes */
|
||||
} dir_sub_table_t;
|
||||
|
||||
/* Master data structure for the DIR-n-m derivative */
|
||||
typedef struct
|
||||
{
|
||||
int *dimensions; /* DIR-n-m will consist of any number of arbitrarily
|
||||
* long tables. This variable keeps track of the
|
||||
* dimensions */
|
||||
int dim_size; /* And this variable keeps track of 'dimensions''s
|
||||
* dimensions! */
|
||||
uint32_t mem_cap; /* User-defined maximum memory that can be allocated
|
||||
* for the DIR-n-m derivative */
|
||||
|
||||
int cur_num; /* Present number of used nodes */
|
||||
|
||||
uint32_t allocated;
|
||||
|
||||
dir_sub_table_t *sub_table;
|
||||
} dir_table_t;
|
||||
|
||||
/*******************************************************************/
|
||||
/* DIR-n-m functions, these are not intended to be called directly */
|
||||
dir_table_t * sfrt_dir_new(uint32_t mem_cap, int count,...);
|
||||
void sfrt_dir_free(void *);
|
||||
tuple_t sfrt_dir_lookup(IP ip, void *table);
|
||||
int sfrt_dir_insert(IP ip, int len, word data_index,
|
||||
int behavior, void *table);
|
||||
uint32_t sfrt_dir_usage(void *table);
|
||||
|
||||
#endif /* SFRT_DIR_H_ */
|
||||
|
|
@ -0,0 +1,167 @@
|
|||
/****************************************************************************
|
||||
*
|
||||
* Copyright (C) 2006-2010 Sourcefire, Inc.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License Version 2 as
|
||||
* published by the Free Software Foundation. You may not use, modify or
|
||||
* distribute this program under any other version of the GNU General
|
||||
* Public License.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program; if not, write to the Free Software
|
||||
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
|
||||
*
|
||||
****************************************************************************/
|
||||
|
||||
/*
|
||||
trie.h
|
||||
|
||||
A routing table for wordsized (32bits) bitstrings implemented as a
|
||||
static level- and pathcompressed trie. For details please consult
|
||||
|
||||
Stefan Nilsson and Gunnar Karlsson. Fast Address Look-Up
|
||||
for Internet Routers. International Conference of Broadband
|
||||
Communications (BC'97).
|
||||
|
||||
http://www.hut.fi/~sni/papers/router/router.html
|
||||
|
||||
The code presented in this file has been tested with care but is
|
||||
not guaranteed for any purpose. The writer does not offer any
|
||||
warranties nor does he accept any liabilities with respect to
|
||||
the code.
|
||||
|
||||
Stefan Nilsson, 4 nov 1997.
|
||||
|
||||
Laboratory of Information Processing Science
|
||||
Helsinki University of Technology
|
||||
Stefan.Nilsson@hut.fi
|
||||
*/
|
||||
|
||||
/*
|
||||
The trie is represented by an array and each node consists of an
|
||||
unsigned word. The first 5 bits (31-27) indicate the logarithm
|
||||
of the branching factor. The next 5 bits (26-22) indicate the
|
||||
skip value. The final 22 (21-0) bits is an adress, either to
|
||||
another internal node, or the base vector.
|
||||
The maximum capacity is 2^21 strings (or a few more). The trie
|
||||
is prefixfree. All strings that are prefixes of another string
|
||||
are stored separately.
|
||||
*/
|
||||
|
||||
#ifndef RT_TRIE_H
|
||||
#define RT_TRIE_H
|
||||
|
||||
#define ADRSIZE 32 /* the number of bits in an address */
|
||||
|
||||
/* A 32-bit word is used to hold the bit patterns of
|
||||
the addresses. In IPv6 this should be 128 bits.
|
||||
The following typedef is machine dependent.
|
||||
A word must be 32 bits long! */
|
||||
typedef unsigned long word;
|
||||
|
||||
/* The trie is represented by an array and each node in
|
||||
the trie is compactly represented using only 32 bits:
|
||||
5 + 5 + 22 = branch + skip + adr */
|
||||
typedef word node_t;
|
||||
|
||||
#define NOPRE -1 /* an empty prefix pointer */
|
||||
|
||||
#define SETBRANCH(branch) ((branch)<<27)
|
||||
#define GETBRANCH(node) ((node)>>27)
|
||||
#define SETSKIP(skip) ((skip)<<22)
|
||||
#define GETSKIP(node) ((node)>>22 & 037)
|
||||
#define SETADR(adr) (adr)
|
||||
#define GETADR(node) ((node) & 017777777)
|
||||
|
||||
/* extract n bits from str starting at position p */
|
||||
#define EXTRACT(p, n, str) ((str)<<(p)>>(32-(n)))
|
||||
|
||||
/* remove the first p bits from string */
|
||||
#define REMOVE(p, str) ((str)<<(p)>>(p))
|
||||
|
||||
/* A next-hop table entry is a 32 bit string */
|
||||
|
||||
typedef word policy_t;
|
||||
|
||||
/* The routing table entries are initially stored in
|
||||
a simple array */
|
||||
|
||||
typedef struct entryrec *entry_t;
|
||||
struct entryrec {
|
||||
word data; /* the routing entry */
|
||||
int len; /* and its length */
|
||||
policy_t policy; /* the corresponding next-hop */
|
||||
int pre; /* this auxiliary variable is used in the */
|
||||
}; /* construction of the final data structure */
|
||||
|
||||
/* base vector */
|
||||
|
||||
typedef struct baserec *base_t;
|
||||
struct baserec {
|
||||
word str; /* the routing entry */
|
||||
int len; /* and its length */
|
||||
int pre; /* pointer to prefix table, -1 if no prefix */
|
||||
int policy; /* pointer to next-hop table */
|
||||
};
|
||||
|
||||
typedef struct { /* compact version of above */
|
||||
word str;
|
||||
int len;
|
||||
int pre;
|
||||
int policy;
|
||||
} comp_base_t;
|
||||
|
||||
/* prefix vector */
|
||||
|
||||
typedef struct prerec *pre_t;
|
||||
struct prerec {
|
||||
int len; /* the length of the prefix */
|
||||
int pre; /* pointer to prefix, -1 if no prefix */
|
||||
int policy; /* pointer to policy table */
|
||||
};
|
||||
|
||||
typedef struct { /* compact version of above */
|
||||
int len;
|
||||
int pre;
|
||||
int policy;
|
||||
} comp_pre_t;
|
||||
|
||||
/* The complete routing table data structure consists of
|
||||
a trie, a base vector, a prefix vector, and a next-hop table. */
|
||||
|
||||
typedef struct routtablerec *routtable_t;
|
||||
struct routtablerec {
|
||||
node_t *trie; /* the main trie search structure */
|
||||
int triesize;
|
||||
comp_base_t *base; /* the base vector */
|
||||
int basesize;
|
||||
comp_pre_t *pre; /* the prefix vector */
|
||||
int presize;
|
||||
policy_t *policy; /* the next-hop table */
|
||||
int policysize;
|
||||
|
||||
int dirty; /* Whether or not the table needs to be rebuilt */
|
||||
};
|
||||
|
||||
/* utilities */
|
||||
#ifndef boolean
|
||||
#ifndef HAVE_BOOLEAN
|
||||
typedef unsigned char boolean;
|
||||
#endif
|
||||
#endif
|
||||
|
||||
#ifndef TRUE
|
||||
# define TRUE 1
|
||||
#endif
|
||||
|
||||
#ifndef FALSE
|
||||
# define FALSE 0
|
||||
#endif
|
||||
|
||||
#endif
|
|
@ -0,0 +1,41 @@
|
|||
|
||||
#include "sf_snort_plugin_api.h"
|
||||
#include "sf_dynamic_meta.h"
|
||||
#include "detection_lib_meta.h"
|
||||
#include "stdio.h"
|
||||
#include "string.h"
|
||||
#include "sfsnort_dynamic_detection_lib.h"
|
||||
|
||||
extern Rule *rules[];
|
||||
|
||||
DETECTION_LINKAGE int InitializeDetection()
|
||||
{
|
||||
return RegisterRules(rules);
|
||||
}
|
||||
|
||||
DETECTION_LINKAGE int DumpSkeletonRules()
|
||||
{
|
||||
return DumpRules(DETECTION_LIB_NAME, rules);
|
||||
}
|
||||
|
||||
|
||||
DETECTION_LINKAGE int LibVersion(DynamicPluginMeta *dpm)
|
||||
{
|
||||
dpm->type = TYPE_DETECTION;
|
||||
dpm->major = DETECTION_LIB_MAJOR;
|
||||
dpm->minor = DETECTION_LIB_MINOR;
|
||||
dpm->build = DETECTION_LIB_BUILD;
|
||||
strncpy(dpm->uniqueName, DETECTION_LIB_NAME, MAX_NAME_LEN);
|
||||
return 0;
|
||||
}
|
||||
|
||||
DETECTION_LINKAGE int EngineVersion(DynamicPluginMeta *dpm)
|
||||
{
|
||||
|
||||
dpm->type = TYPE_ENGINE;
|
||||
dpm->major = REQ_ENGINE_LIB_MAJOR;
|
||||
dpm->minor = REQ_ENGINE_LIB_MINOR;
|
||||
dpm->build = 0;
|
||||
strncpy(dpm->uniqueName, REQ_ENGINE_LIB_NAME, MAX_NAME_LEN);
|
||||
return 0;
|
||||
}
|
|
@ -0,0 +1,15 @@
|
|||
#ifndef SFSNORT_DYNAMIC_DETECTION_LIB_H_
|
||||
#define SFSNORT_DYNAMIC_DETECTION_LIB_H_
|
||||
|
||||
#ifdef WIN32
|
||||
#ifdef SF_SNORT_DETECTION_DLL
|
||||
#define DETECTION_LINKAGE __declspec(dllexport)
|
||||
#else
|
||||
#define DETECTION_LINKAGE __declspec(dllimport)
|
||||
#endif
|
||||
#else /* WIN32 */
|
||||
#define DETECTION_LINKAGE
|
||||
#endif /* WIN32 */
|
||||
|
||||
#endif /* SFSNORT_DYNAMIC_DETECTION_LIB_H_ */
|
||||
|
|
@ -0,0 +1,142 @@
|
|||
/* $Id$ */
|
||||
/*
|
||||
** Copyright (C) 2002-2010 Sourcefire, Inc.
|
||||
** Author(s): Andrew R. Baker <andrewb@sourcefire.com>
|
||||
**
|
||||
** This program is free software; you can redistribute it and/or modify
|
||||
** it under the terms of the GNU General Public License Version 2 as
|
||||
** published by the Free Software Foundation. You may not use, modify or
|
||||
** distribute this program under any other version of the GNU General
|
||||
** Public License.
|
||||
**
|
||||
** This program is distributed in the hope that it will be useful,
|
||||
** but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
** MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
** GNU General Public License for more details.
|
||||
**
|
||||
** You should have received a copy of the GNU General Public License
|
||||
** along with this program; if not, write to the Free Software
|
||||
** Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
|
||||
*/
|
||||
#ifndef __SIGNATURE_H__
|
||||
#define __SIGNATURE_H__
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
#include "config.h"
|
||||
#endif
|
||||
#ifdef OSF1
|
||||
#include <sys/bitypes.h>
|
||||
#endif
|
||||
|
||||
#include <sys/types.h>
|
||||
#include <stdio.h>
|
||||
|
||||
|
||||
struct _OptTreeNode;
|
||||
struct _SnortConfig;
|
||||
struct _RuleTreeNode;
|
||||
|
||||
/* this contains a list of the URLs for various reference systems */
|
||||
typedef struct _ReferenceSystemNode
|
||||
{
|
||||
char *name;
|
||||
char *url;
|
||||
struct _ReferenceSystemNode *next;
|
||||
|
||||
} ReferenceSystemNode;
|
||||
|
||||
ReferenceSystemNode * ReferenceSystemAdd(ReferenceSystemNode **, char *, char *);
|
||||
ReferenceSystemNode * ReferenceSystemLookup(ReferenceSystemNode *, char *);
|
||||
void ParseReferenceSystemConfig(char *args);
|
||||
|
||||
|
||||
/* XXX: update to point to the ReferenceURLNode in the referenceURL list */
|
||||
typedef struct _ReferenceNode
|
||||
{
|
||||
char *id;
|
||||
ReferenceSystemNode *system;
|
||||
struct _ReferenceNode *next;
|
||||
|
||||
} ReferenceNode;
|
||||
|
||||
ReferenceNode * AddReference(struct _SnortConfig *, ReferenceNode **, char *, char *);
|
||||
void FPrintReference(FILE *, ReferenceNode *);
|
||||
|
||||
/* struct for rule classification */
|
||||
typedef struct _ClassType
|
||||
{
|
||||
char *type; /* classification type */
|
||||
int id; /* classification id */
|
||||
char *name; /* "pretty" classification name */
|
||||
int priority; /* priority */
|
||||
struct _ClassType *next;
|
||||
} ClassType;
|
||||
|
||||
void ParseClassificationConfig(char *);
|
||||
|
||||
/* NOTE: These lookups can only be done during parse time */
|
||||
ClassType * ClassTypeLookupByType(struct _SnortConfig *, char *);
|
||||
ClassType * ClassTypeLookupById(struct _SnortConfig *, int);
|
||||
|
||||
/*
|
||||
* sid-gid -> otn mapping
|
||||
*/
|
||||
typedef struct _OtnKey
|
||||
{
|
||||
uint32_t gid;
|
||||
uint32_t sid;
|
||||
|
||||
} OtnKey;
|
||||
|
||||
#define SI_RULE_FLUSHING_OFF 0
|
||||
#define SI_RULE_FLUSHING_ON 1
|
||||
|
||||
#define SI_RULE_TYPE_DETECT 0
|
||||
#define SI_RULE_TYPE_DECODE 1
|
||||
#define SI_RULE_TYPE_PREPROC 2
|
||||
|
||||
#ifdef TARGET_BASED
|
||||
typedef struct _ServiceInfo
|
||||
{
|
||||
char *service;
|
||||
int16_t service_ordinal;
|
||||
} ServiceInfo;
|
||||
#endif
|
||||
|
||||
typedef struct _SigInfo
|
||||
{
|
||||
uint32_t generator;
|
||||
uint32_t id;
|
||||
uint32_t rev;
|
||||
uint32_t class_id;
|
||||
ClassType *classType;
|
||||
uint32_t priority;
|
||||
char *message;
|
||||
ReferenceNode *refs;
|
||||
int shared; /* shared object rule */
|
||||
int rule_type; /* 0-std rule, 1-decoder, rule, 3 preprocessor rule */
|
||||
int rule_flushing; /* 0-disabled, 1-enabled */
|
||||
OtnKey otnKey;
|
||||
#ifdef TARGET_BASED
|
||||
unsigned int num_services;
|
||||
ServiceInfo *services;
|
||||
char *os;
|
||||
#endif
|
||||
} SigInfo;
|
||||
|
||||
void * SoRuleOtnLookupNew(void);
|
||||
void SoRuleOtnLookupAdd(void *, struct _OptTreeNode *);
|
||||
struct _OptTreeNode * SoRuleOtnLookup(void *, uint32_t gid, uint32_t sid);
|
||||
struct _OptTreeNode * SoRuleOtnLookupNext(uint32_t gid, uint32_t sid);
|
||||
void SoRuleOtnLookupFree(void *);
|
||||
|
||||
void * OtnLookupNew(void);
|
||||
void OtnLookupAdd(void *, struct _OptTreeNode *);
|
||||
struct _OptTreeNode * OtnLookup(void *, uint32_t gid, uint32_t sid);
|
||||
void OtnLookupFree(void *);
|
||||
|
||||
void OtnRemove(void *, void *, struct _OptTreeNode *);
|
||||
void OtnDeleteData(void *data);
|
||||
void OtnFree(void *data);
|
||||
|
||||
#endif /* SIGNATURE */
|
|
@ -0,0 +1,144 @@
|
|||
/* $Id$ */
|
||||
/*
|
||||
** Copyright (C) 2002-2010 Sourcefire, Inc.
|
||||
** Author(s): Andrew R. Baker <andrewb@sourcefire.com>
|
||||
**
|
||||
** This program is free software; you can redistribute it and/or modify
|
||||
** it under the terms of the GNU General Public License Version 2 as
|
||||
** published by the Free Software Foundation. You may not use, modify or
|
||||
** distribute this program under any other version of the GNU General
|
||||
** Public License.
|
||||
**
|
||||
** This program is distributed in the hope that it will be useful,
|
||||
** but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
** MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
** GNU General Public License for more details.
|
||||
**
|
||||
** You should have received a copy of the GNU General Public License
|
||||
** along with this program; if not, write to the Free Software
|
||||
** Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
|
||||
*/
|
||||
#ifndef __SIGNATURE_H__
|
||||
#define __SIGNATURE_H__
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
#include "config.h"
|
||||
#endif
|
||||
#ifdef OSF1
|
||||
#include <sys/bitypes.h>
|
||||
#endif
|
||||
|
||||
#include <sys/types.h>
|
||||
#include <stdio.h>
|
||||
|
||||
#include "sfutil/sfghash.h"
|
||||
#include "sf_types.h"
|
||||
|
||||
struct _OptTreeNode;
|
||||
struct _SnortConfig;
|
||||
struct _RuleTreeNode;
|
||||
|
||||
/* this contains a list of the URLs for various reference systems */
|
||||
typedef struct _ReferenceSystemNode
|
||||
{
|
||||
char *name;
|
||||
char *url;
|
||||
struct _ReferenceSystemNode *next;
|
||||
|
||||
} ReferenceSystemNode;
|
||||
|
||||
ReferenceSystemNode * ReferenceSystemAdd(ReferenceSystemNode **, char *, char *);
|
||||
ReferenceSystemNode * ReferenceSystemLookup(ReferenceSystemNode *, char *);
|
||||
void ParseReferenceSystemConfig(char *args);
|
||||
|
||||
|
||||
/* XXX: update to point to the ReferenceURLNode in the referenceURL list */
|
||||
typedef struct _ReferenceNode
|
||||
{
|
||||
char *id;
|
||||
ReferenceSystemNode *system;
|
||||
struct _ReferenceNode *next;
|
||||
|
||||
} ReferenceNode;
|
||||
|
||||
ReferenceNode * AddReference(struct _SnortConfig *, ReferenceNode **, char *, char *);
|
||||
void FPrintReference(FILE *, ReferenceNode *);
|
||||
|
||||
/* struct for rule classification */
|
||||
typedef struct _ClassType
|
||||
{
|
||||
char *type; /* classification type */
|
||||
int id; /* classification id */
|
||||
char *name; /* "pretty" classification name */
|
||||
int priority; /* priority */
|
||||
struct _ClassType *next;
|
||||
} ClassType;
|
||||
|
||||
void ParseClassificationConfig(char *);
|
||||
|
||||
/* NOTE: These lookups can only be done during parse time */
|
||||
ClassType * ClassTypeLookupByType(struct _SnortConfig *, char *);
|
||||
ClassType * ClassTypeLookupById(struct _SnortConfig *, int);
|
||||
|
||||
/*
|
||||
* sid-gid -> otn mapping
|
||||
*/
|
||||
typedef struct _OtnKey
|
||||
{
|
||||
uint32_t gid;
|
||||
uint32_t sid;
|
||||
|
||||
} OtnKey;
|
||||
|
||||
#define SI_RULE_FLUSHING_OFF 0
|
||||
#define SI_RULE_FLUSHING_ON 1
|
||||
|
||||
#define SI_RULE_TYPE_DETECT 0
|
||||
#define SI_RULE_TYPE_DECODE 1
|
||||
#define SI_RULE_TYPE_PREPROC 2
|
||||
|
||||
#ifdef TARGET_BASED
|
||||
typedef struct _ServiceInfo
|
||||
{
|
||||
char *service;
|
||||
int16_t service_ordinal;
|
||||
} ServiceInfo;
|
||||
#endif
|
||||
|
||||
typedef struct _SigInfo
|
||||
{
|
||||
uint32_t generator;
|
||||
uint32_t id;
|
||||
uint32_t rev;
|
||||
uint32_t class_id;
|
||||
ClassType *classType;
|
||||
uint32_t priority;
|
||||
char *message;
|
||||
ReferenceNode *refs;
|
||||
int shared; /* shared object rule */
|
||||
int rule_type; /* 0-std rule, 1-decoder, rule, 3 preprocessor rule */
|
||||
int rule_flushing; /* 0-disabled, 1-enabled */
|
||||
OtnKey otnKey;
|
||||
#ifdef TARGET_BASED
|
||||
unsigned int num_services;
|
||||
ServiceInfo *services;
|
||||
char *os;
|
||||
#endif
|
||||
} SigInfo;
|
||||
|
||||
SFGHASH * SoRuleOtnLookupNew(void);
|
||||
void SoRuleOtnLookupAdd(SFGHASH *, struct _OptTreeNode *);
|
||||
struct _OptTreeNode * SoRuleOtnLookup(SFGHASH *, uint32_t gid, uint32_t sid);
|
||||
struct _OptTreeNode * SoRuleOtnLookupNext(uint32_t gid, uint32_t sid);
|
||||
void SoRuleOtnLookupFree(SFGHASH *);
|
||||
|
||||
SFGHASH * OtnLookupNew(void);
|
||||
void OtnLookupAdd(SFGHASH *, struct _OptTreeNode *);
|
||||
struct _OptTreeNode * OtnLookup(SFGHASH *, uint32_t gid, uint32_t sid);
|
||||
void OtnLookupFree(SFGHASH *);
|
||||
|
||||
void OtnRemove(SFGHASH *, SFGHASH *, struct _OptTreeNode *);
|
||||
void OtnDeleteData(void *data);
|
||||
void OtnFree(void *data);
|
||||
|
||||
#endif /* SIGNATURE */
|
|
@ -0,0 +1,77 @@
|
|||
/****************************************************************************
|
||||
*
|
||||
* Copyright (C) 2005-2010 Sourcefire, Inc.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License Version 2 as
|
||||
* published by the Free Software Foundation. You may not use, modify or
|
||||
* distribute this program under any other version of the GNU General
|
||||
* Public License.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program; if not, write to the Free Software
|
||||
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
|
||||
*
|
||||
****************************************************************************/
|
||||
|
||||
|
||||
#ifndef __STR_SEARCH_H__
|
||||
#define __STR_SEARCH_H__
|
||||
|
||||
/* Function prototypes */
|
||||
typedef int (*MatchFunction)(void *, void *, int, void *, void *);
|
||||
|
||||
int SearchInit(unsigned int num);
|
||||
int SearchGetHandle(void);
|
||||
int SearchPutHandle(unsigned int id);
|
||||
int SearchReInit(unsigned int i);
|
||||
void SearchFree(void);
|
||||
void SearchFreeId(unsigned id);
|
||||
void SearchAdd(unsigned int mpse_id, const char *pat, unsigned int pat_len, int id);
|
||||
void SearchPrepPatterns(unsigned int mpse_id);
|
||||
int SearchFindString(unsigned int mpse_id, const char *str, unsigned int str_len, int confine, MatchFunction);
|
||||
|
||||
|
||||
void * SearchInstanceNew( void );
|
||||
void SearchInstanceFree( void * insance );
|
||||
void SearchInstanceAdd( void * instance, const char *pat, unsigned int pat_len, int id);
|
||||
void SearchInstancePrepPatterns( void * instance );
|
||||
int SearchInstanceFindString( void * instance, const char *str, unsigned int str_len, int confine, MatchFunction);
|
||||
|
||||
typedef struct _search_api
|
||||
{
|
||||
int (*search_init)(unsigned int);
|
||||
|
||||
int (*search_reinit)(unsigned int);
|
||||
|
||||
void (*search_free)(void);
|
||||
|
||||
void (*search_add)(unsigned int, const char *, unsigned int, int);
|
||||
|
||||
void (*search_prep)(unsigned int);
|
||||
|
||||
int (*search_find)(unsigned int, const char *, unsigned int, int, MatchFunction);
|
||||
|
||||
/* 6/1/06*/
|
||||
void (*search_free_id)(unsigned id);
|
||||
|
||||
int (*search_get_handle)(void);
|
||||
int (*search_put_handle)(unsigned int);
|
||||
|
||||
void * (*search_instance_new)(void);
|
||||
void (*search_instance_free)(void * instance);
|
||||
void (*search_instance_add) (void * instance, const char *s, unsigned int s_len, int s_id);
|
||||
void (*search_instance_prep)(void * instance );
|
||||
int (*search_instance_find)(void * instance, const char *s, unsigned int s_len, int confine, MatchFunction);
|
||||
|
||||
} SearchAPI;
|
||||
|
||||
extern SearchAPI *search_api;
|
||||
|
||||
#endif /* __STR_SEARCH_H__ */
|
||||
|
|
@ -0,0 +1,77 @@
|
|||
/****************************************************************************
|
||||
*
|
||||
* Copyright (C) 2005-2010 Sourcefire, Inc.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License Version 2 as
|
||||
* published by the Free Software Foundation. You may not use, modify or
|
||||
* distribute this program under any other version of the GNU General
|
||||
* Public License.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program; if not, write to the Free Software
|
||||
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
|
||||
*
|
||||
****************************************************************************/
|
||||
|
||||
|
||||
#ifndef __STR_SEARCH_H__
|
||||
#define __STR_SEARCH_H__
|
||||
|
||||
/* Function prototypes */
|
||||
typedef int (*MatchFunction)(void *, void *, int, void *, void *);
|
||||
|
||||
int SearchInit(unsigned int num);
|
||||
int SearchGetHandle(void);
|
||||
int SearchPutHandle(unsigned int id);
|
||||
int SearchReInit(unsigned int i);
|
||||
void SearchFree(void);
|
||||
void SearchFreeId(unsigned id);
|
||||
void SearchAdd(unsigned int mpse_id, const char *pat, unsigned int pat_len, int id);
|
||||
void SearchPrepPatterns(unsigned int mpse_id);
|
||||
int SearchFindString(unsigned int mpse_id, const char *str, unsigned int str_len, int confine, MatchFunction);
|
||||
|
||||
|
||||
void * SearchInstanceNew( void );
|
||||
void SearchInstanceFree( void * insance );
|
||||
void SearchInstanceAdd( void * instance, const char *pat, unsigned int pat_len, int id);
|
||||
void SearchInstancePrepPatterns( void * instance );
|
||||
int SearchInstanceFindString( void * instance, const char *str, unsigned int str_len, int confine, MatchFunction);
|
||||
|
||||
typedef struct _search_api
|
||||
{
|
||||
int (*search_init)(unsigned int);
|
||||
|
||||
int (*search_reinit)(unsigned int);
|
||||
|
||||
void (*search_free)(void);
|
||||
|
||||
void (*search_add)(unsigned int, const char *, unsigned int, int);
|
||||
|
||||
void (*search_prep)(unsigned int);
|
||||
|
||||
int (*search_find)(unsigned int, const char *, unsigned int, int, MatchFunction);
|
||||
|
||||
/* 6/1/06*/
|
||||
void (*search_free_id)(unsigned id);
|
||||
|
||||
int (*search_get_handle)(void);
|
||||
int (*search_put_handle)(unsigned int);
|
||||
|
||||
void * (*search_instance_new)(void);
|
||||
void (*search_instance_free)(void * instance);
|
||||
void (*search_instance_add) (void * instance, const char *s, unsigned int s_len, int s_id);
|
||||
void (*search_instance_prep)(void * instance );
|
||||
int (*search_instance_find)(void * instance, const char *s, unsigned int s_len, int confine, MatchFunction);
|
||||
|
||||
} SearchAPI;
|
||||
|
||||
extern SearchAPI *search_api;
|
||||
|
||||
#endif /* __STR_SEARCH_H__ */
|
||||
|
|
@ -0,0 +1,516 @@
|
|||
/* $Id$ */
|
||||
|
||||
/*
|
||||
* ** Copyright (C) 2005-2010 Sourcefire, Inc.
|
||||
* ** AUTHOR: Steven Sturges
|
||||
* **
|
||||
* ** This program is free software; you can redistribute it and/or modify
|
||||
* ** it under the terms of the GNU General Public License Version 2 as
|
||||
* ** published by the Free Software Foundation. You may not use, modify or
|
||||
* ** distribute this program under any other version of the GNU General
|
||||
* ** Public License.
|
||||
* **
|
||||
* ** This program is distributed in the hope that it will be useful,
|
||||
* ** but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* ** MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* ** GNU General Public License for more details.
|
||||
* **
|
||||
* ** You should have received a copy of the GNU General Public License
|
||||
* ** along with this program; if not, write to the Free Software
|
||||
* ** Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
|
||||
* */
|
||||
|
||||
/* stream_api.h
|
||||
*
|
||||
* Purpose: Definition of the StreamAPI. To be used as a common interface
|
||||
* for TCP (and later UDP & ICMP) Stream access for other
|
||||
* preprocessors and detection plugins.
|
||||
*
|
||||
* Arguments:
|
||||
*
|
||||
* Effect:
|
||||
*
|
||||
* Comments:
|
||||
*
|
||||
* Any comments?
|
||||
*
|
||||
*/
|
||||
|
||||
#ifndef STREAM_API_H_
|
||||
#define STREAM_API_H_
|
||||
|
||||
#include <sys/types.h>
|
||||
|
||||
#include "ipv6_port.h"
|
||||
#include "preprocids.h" /* IDs are used when setting preproc specific data */
|
||||
#include "bitop.h"
|
||||
#include "sf_snort_packet.h"
|
||||
#include "sfPolicy.h"
|
||||
|
||||
#define IGNORE_FLAG_ALWAYS 0x01
|
||||
|
||||
#define SSN_MISSING_NONE 0x00
|
||||
#define SSN_MISSING_BEFORE 0x01
|
||||
#define SSN_MISSING_AFTER 0x02
|
||||
#define SSN_MISSING_BOTH (SSN_MISSING_BEFORE | SSN_MISSING_AFTER)
|
||||
|
||||
#define SSN_DIR_NONE 0x0
|
||||
#define SSN_DIR_CLIENT 0x1
|
||||
#define SSN_DIR_SENDER 0x1
|
||||
#define SSN_DIR_SERVER 0x2
|
||||
#define SSN_DIR_RESPONDER 0x2
|
||||
#define SSN_DIR_BOTH 0x03
|
||||
|
||||
#define SSNFLAG_SEEN_CLIENT 0x00000001
|
||||
#define SSNFLAG_SEEN_SENDER 0x00000001
|
||||
#define SSNFLAG_SEEN_SERVER 0x00000002
|
||||
#define SSNFLAG_SEEN_RESPONDER 0x00000002
|
||||
#define SSNFLAG_ESTABLISHED 0x00000004
|
||||
#define SSNFLAG_NMAP 0x00000008
|
||||
#define SSNFLAG_ECN_CLIENT_QUERY 0x00000010
|
||||
#define SSNFLAG_ECN_SERVER_REPLY 0x00000020
|
||||
#define SSNFLAG_HTTP_1_1 0x00000040 /* has stream seen HTTP 1.1? */
|
||||
#define SSNFLAG_SEEN_PMATCH 0x00000080 /* seen pattern match? */
|
||||
#define SSNFLAG_MIDSTREAM 0x00000100 /* picked up midstream */
|
||||
#define SSNFLAG_CLIENT_FIN 0x00000200 /* server sent fin */
|
||||
#define SSNFLAG_SERVER_FIN 0x00000400 /* client sent fin */
|
||||
#define SSNFLAG_CLIENT_PKT 0x00000800 /* packet is from the client */
|
||||
#define SSNFLAG_SERVER_PKT 0x00001000 /* packet is from the server */
|
||||
#define SSNFLAG_COUNTED_INITIALIZE 0x00002000
|
||||
#define SSNFLAG_COUNTED_ESTABLISH 0x00004000
|
||||
#define SSNFLAG_COUNTED_CLOSING 0x00008000
|
||||
#define SSNFLAG_TIMEDOUT 0x00010000
|
||||
#define SSNFLAG_PRUNED 0x00020000
|
||||
#define SSNFLAG_RESET 0x00040000
|
||||
#define SSNFLAG_DROP_CLIENT 0x00080000
|
||||
#define SSNFLAG_DROP_SERVER 0x00100000
|
||||
#define SSNFLAG_LOGGED_QUEUE_FULL 0x00200000
|
||||
#define SSNFLAG_ALL 0xFFFFFFFF /* all that and a bag of chips */
|
||||
#define SSNFLAG_NONE 0x00000000 /* nothing, an MT bag of chips */
|
||||
|
||||
#define STREAM_FLPOLICY_NONE 0x00
|
||||
#define STREAM_FLPOLICY_FOOTPRINT 0x01 /* size-based footprint flush */
|
||||
#define STREAM_FLPOLICY_LOGICAL 0x02 /* queued bytes-based flush */
|
||||
#define STREAM_FLPOLICY_RESPONSE 0x03 /* flush when we see response */
|
||||
#define STREAM_FLPOLICY_SLIDING_WINDOW 0x04 /* flush on sliding window */
|
||||
#if 0
|
||||
#define STREAM_FLPOLICY_CONSUMED 0x05 /* purge consumed bytes */
|
||||
#endif
|
||||
#define STREAM_FLPOLICY_IGNORE 0x06 /* ignore this traffic */
|
||||
|
||||
#define STREAM_FLPOLICY_MAX STREAM_FLPOLICY_IGNORE
|
||||
|
||||
#define STREAM_FLPOLICY_SET_ABSOLUTE 0x01
|
||||
#define STREAM_FLPOLICY_SET_APPEND 0x02
|
||||
|
||||
#define UNKNOWN_PORT 0
|
||||
|
||||
#define STREAM_API_VERSION5 5
|
||||
|
||||
typedef void (*StreamAppDataFree)(void *);
|
||||
typedef int (*PacketIterator)
|
||||
(
|
||||
struct pcap_pkthdr *,
|
||||
uint8_t *, /* pkt pointer */
|
||||
void * /* user-defined data pointer */
|
||||
);
|
||||
|
||||
typedef int (*StreamSegmentIterator)
|
||||
(
|
||||
struct pcap_pkthdr *,
|
||||
uint8_t *, /* pkt pointer */
|
||||
uint8_t *, /* payload pointer */
|
||||
uint32_t, /* sequence number */
|
||||
void * /* user-defined data pointer */
|
||||
);
|
||||
|
||||
typedef struct _StreamFlowData
|
||||
{
|
||||
BITOP boFlowbits;
|
||||
unsigned char flowb[1];
|
||||
} StreamFlowData;
|
||||
|
||||
typedef struct _stream_api
|
||||
{
|
||||
int version;
|
||||
|
||||
/*
|
||||
* Drop on Inline Alerts for Midstream pickups
|
||||
*
|
||||
* Parameters
|
||||
*,
|
||||
* Returns
|
||||
* 0 if not alerting
|
||||
* !0 if alerting
|
||||
*/
|
||||
int (*alert_inline_midstream_drops)(void);
|
||||
|
||||
/* Set direction of session
|
||||
*
|
||||
* Parameters:
|
||||
* Session Ptr
|
||||
* New Direction
|
||||
* IP
|
||||
* Port
|
||||
*/
|
||||
void (*update_direction)(void *, char, snort_ip_p, uint16_t );
|
||||
|
||||
/* Get direction of packet
|
||||
*
|
||||
* Parameters:
|
||||
* Packet
|
||||
*/
|
||||
uint32_t (*get_packet_direction)(SFSnortPacket *);
|
||||
|
||||
/* Stop inspection for session, up to count bytes (-1 to ignore
|
||||
* for life or until resume).
|
||||
*
|
||||
* If response flag is set, automatically resume inspection up to
|
||||
* count bytes when a data packet in the other direction is seen.
|
||||
*
|
||||
* Also marks the packet to be ignored
|
||||
*
|
||||
* Parameters
|
||||
* Session Ptr
|
||||
* Packet
|
||||
* Direction
|
||||
* Bytes
|
||||
* Response Flag
|
||||
*/
|
||||
void (*stop_inspection)(void *, SFSnortPacket *, char, int32_t, int);
|
||||
|
||||
/* Turn off inspection for potential session.
|
||||
* Adds session identifiers to a hash table.
|
||||
* TCP only.
|
||||
*
|
||||
* Parameters
|
||||
* IP addr #1
|
||||
* Port #1
|
||||
* IP addr #2
|
||||
* Port #2
|
||||
* Protocol
|
||||
* Direction
|
||||
* Flags (permanent)
|
||||
*
|
||||
* Returns
|
||||
* 0 on success
|
||||
* -1 on failure
|
||||
*/
|
||||
int (*ignore_session)(snort_ip_p, uint16_t, snort_ip_p, uint16_t,
|
||||
char, char, char);
|
||||
|
||||
/* Resume inspection for session.
|
||||
*
|
||||
* Parameters
|
||||
* Session Ptr
|
||||
* Direction
|
||||
*/
|
||||
void (*resume_inspection)(void *, char);
|
||||
|
||||
/* Drop traffic arriving on session.
|
||||
*
|
||||
* Parameters
|
||||
* Session Ptr
|
||||
* Direction
|
||||
*/
|
||||
void (*drop_traffic)(void *, char);
|
||||
|
||||
/* Drop retransmitted packet arriving on session.
|
||||
*
|
||||
* Parameters
|
||||
* Packet
|
||||
*/
|
||||
void (*drop_packet)(SFSnortPacket *);
|
||||
|
||||
/* Set a reference to application data for a session
|
||||
*
|
||||
* Parameters
|
||||
* Session Ptr
|
||||
* Application Protocol
|
||||
* Application Data reference (pointer)
|
||||
* Application Data free function
|
||||
*/
|
||||
void (*set_application_data)(void *, uint32_t, void *, StreamAppDataFree);
|
||||
|
||||
/* Set a reference to application data for a session
|
||||
*
|
||||
* Parameters
|
||||
* Session Ptr
|
||||
* Application Protocol
|
||||
*
|
||||
* Returns
|
||||
* Application Data reference (pointer)
|
||||
*/
|
||||
void *(*get_application_data)(void *, uint32_t);
|
||||
|
||||
/* Sets the flags for a session
|
||||
* This ORs the supplied flags with the previous values
|
||||
*
|
||||
* Parameters
|
||||
* Session Ptr
|
||||
* Flags
|
||||
*
|
||||
* Returns
|
||||
* New Flags
|
||||
*/
|
||||
uint32_t (*set_session_flags)(void *, uint32_t);
|
||||
|
||||
/* Gets the flags for a session
|
||||
*
|
||||
* Parameters
|
||||
* Session Ptr
|
||||
*/
|
||||
uint32_t (*get_session_flags)(void *);
|
||||
|
||||
/* Flushes the stream on an alert
|
||||
* Side that is flushed is the same as the packet.
|
||||
*
|
||||
* Parameters
|
||||
* Packet
|
||||
*/
|
||||
int (*alert_flush_stream)(SFSnortPacket *);
|
||||
|
||||
/* Flushes the stream on arrival of another packet
|
||||
* Side that is flushed is the opposite of the packet.
|
||||
*
|
||||
* Parameters
|
||||
* Packet
|
||||
*/
|
||||
int (*response_flush_stream)(SFSnortPacket *);
|
||||
|
||||
/* Calls user-provided callback function for each packet of
|
||||
* a reassembled stream. If the callback function returns non-zero,
|
||||
* iteration ends.
|
||||
*
|
||||
* Parameters
|
||||
* Packet
|
||||
* SFSnortPacket Iterator Function (called for each packet in the stream)
|
||||
* user data (may be NULL)
|
||||
*
|
||||
* Returns
|
||||
* number of packets
|
||||
*/
|
||||
int (*traverse_reassembled)(SFSnortPacket *, PacketIterator, void *userdata);
|
||||
|
||||
/* Calls user-provided callback function for each segment of
|
||||
* a reassembled stream. If the callback function returns non-zero,
|
||||
* iteration ends.
|
||||
*
|
||||
* Parameters
|
||||
* Packet
|
||||
* StreamSegmentIterator Function (called for each packet in the stream)
|
||||
* user data (may be NULL)
|
||||
*
|
||||
* Returns
|
||||
* number of packets
|
||||
*/
|
||||
int (*traverse_stream_segments)(SFSnortPacket *, StreamSegmentIterator, void *userdata);
|
||||
|
||||
/* Add session alert
|
||||
*
|
||||
* Parameters
|
||||
* Session Ptr
|
||||
* gen ID
|
||||
* sig ID
|
||||
*
|
||||
* Returns
|
||||
* 0 success
|
||||
* -1 failure (max alerts reached)
|
||||
*
|
||||
*/
|
||||
int (*add_session_alert)(void *, SFSnortPacket *p, uint32_t, uint32_t);
|
||||
|
||||
/* Check session alert
|
||||
*
|
||||
* Parameters
|
||||
* Session Ptr
|
||||
* Packet
|
||||
* gen ID
|
||||
* sig ID
|
||||
*
|
||||
* Returns
|
||||
* 0 if not previously alerted
|
||||
* !0 if previously alerted
|
||||
*/
|
||||
int (*check_session_alerted)(void *, SFSnortPacket *p, uint32_t, uint32_t);
|
||||
|
||||
/* Get Flowbits data
|
||||
*
|
||||
* Parameters
|
||||
* Packet
|
||||
*
|
||||
* Returns
|
||||
* Ptr to Flowbits Data
|
||||
*/
|
||||
StreamFlowData *(*get_flow_data)(SFSnortPacket *p);
|
||||
|
||||
/* Set reassembly flush policy/direction for given session
|
||||
*
|
||||
* Parameters
|
||||
* Session Ptr
|
||||
* Flush Policy
|
||||
* Direction(s)
|
||||
* Flags
|
||||
*
|
||||
* Returns
|
||||
* direction(s) of reassembly for session
|
||||
*/
|
||||
char (*set_reassembly)(void *, uint8_t, char, char);
|
||||
|
||||
/* Get reassembly direction for given session
|
||||
*
|
||||
* Parameters
|
||||
* Session Ptr
|
||||
*
|
||||
* Returns
|
||||
* direction(s) of reassembly for session
|
||||
*/
|
||||
char (*get_reassembly_direction)(void *);
|
||||
|
||||
/* Get reassembly flush_policy for given session
|
||||
*
|
||||
* Parameters
|
||||
* Session Ptr
|
||||
* Direction
|
||||
*
|
||||
* Returns
|
||||
* flush policy for specified direction
|
||||
*/
|
||||
char (*get_reassembly_flush_policy)(void *, char);
|
||||
|
||||
/* Get true/false as to whether stream data is in
|
||||
* sequence or packets are missing
|
||||
*
|
||||
* Parameters
|
||||
* Session Ptr
|
||||
* Direction
|
||||
*
|
||||
* Returns
|
||||
* true/false
|
||||
*/
|
||||
char (*is_stream_sequenced)(void *, char);
|
||||
|
||||
/* Get whether there are missing packets before, after or
|
||||
* before and after reassembled buffer
|
||||
*
|
||||
* Parameters
|
||||
* Session Ptr
|
||||
* Direction
|
||||
*
|
||||
* Returns
|
||||
* SSN_MISSING_BOTH if missing before and after
|
||||
* SSN_MISSING_BEFORE if missing before
|
||||
* SSN_MISSING_AFTER if missing after
|
||||
* SSN_MISSING_NONE if none missing
|
||||
*/
|
||||
int (*missing_in_reassembled)(void *, char);
|
||||
|
||||
/* Get true/false as to whether packets were missed on
|
||||
* the stream
|
||||
*
|
||||
* Parameters
|
||||
* Session Ptr
|
||||
* Direction
|
||||
*
|
||||
* Returns
|
||||
* true/false
|
||||
*/
|
||||
char (*missed_packets)(void *, char);
|
||||
|
||||
#ifdef TARGET_BASED
|
||||
/* Get the protocol identifier from a stream
|
||||
*
|
||||
* Parameters
|
||||
* Session Ptr
|
||||
*
|
||||
* Returns
|
||||
* integer protocol identifier
|
||||
*/
|
||||
int16_t (*get_application_protocol_id)(void *);
|
||||
|
||||
/* Set the protocol identifier for a stream
|
||||
*
|
||||
* Parameters
|
||||
* Session Ptr
|
||||
* ID
|
||||
*
|
||||
* Returns
|
||||
* integer protocol identifier
|
||||
*/
|
||||
int16_t (*set_application_protocol_id)(void *, int16_t);
|
||||
|
||||
/** Set service to either ignore, inspect or maintain session state.
|
||||
* If this is called during parsing a preprocessor configuration, make
|
||||
* sure to set the parsing argument to 1.
|
||||
*/
|
||||
void (*set_service_filter_status)(int service, int status, tSfPolicyId policyId, int parsing);
|
||||
#endif
|
||||
|
||||
/** Set port to either ignore, inspect or maintain session state.
|
||||
* If this is called during parsing a preprocessor configuration, make
|
||||
* sure to set the parsing argument to 1.
|
||||
*/
|
||||
void (*set_port_filter_status)(int protocol, uint16_t port, int status, tSfPolicyId policyId, int parsing);
|
||||
|
||||
/* Get the current flush point
|
||||
*
|
||||
* Arguments
|
||||
* void * - session pointer
|
||||
* char - direction
|
||||
*
|
||||
* Returns
|
||||
* Current flush point for session
|
||||
*/
|
||||
uint32_t (*get_flush_point)(void *, char);
|
||||
|
||||
/* Set the next flush point
|
||||
*
|
||||
* Arguments
|
||||
* void * - session pointer
|
||||
* char - direction
|
||||
* uint32_t - flush point size
|
||||
*/
|
||||
void (*set_flush_point)(void *, char, uint32_t);
|
||||
|
||||
#ifdef TARGET_BASED
|
||||
/* Turn off inspection for potential session.
|
||||
* Adds session identifiers to a hash table.
|
||||
* TCP only.
|
||||
*
|
||||
* Parameters
|
||||
* IP addr #1
|
||||
* Port #1
|
||||
* IP addr #2
|
||||
* Port #2
|
||||
* Protocol
|
||||
* ID
|
||||
*
|
||||
* Returns
|
||||
* 0 on success
|
||||
* -1 on failure
|
||||
*/
|
||||
int (*set_application_protocol_id_expected)(snort_ip_p, uint16_t, snort_ip_p, uint16_t,
|
||||
char, int16_t);
|
||||
#endif
|
||||
} StreamAPI;
|
||||
|
||||
/* To be set by Stream5 (or Stream4) */
|
||||
extern StreamAPI *stream_api;
|
||||
|
||||
/**Port Inspection States. Port can be either ignored,
|
||||
* or inspected or session tracked. The values are bitmasks.
|
||||
*/
|
||||
typedef enum {
|
||||
/**Dont monitor the port. */
|
||||
PORT_MONITOR_NONE = 0x00,
|
||||
|
||||
/**Inspect the port. */
|
||||
PORT_MONITOR_INSPECT = 0x01,
|
||||
|
||||
/**perform session tracking on the port. */
|
||||
PORT_MONITOR_SESSION = 0x02
|
||||
|
||||
} PortMonitorStates;
|
||||
|
||||
#endif /* STREAM_API_H_ */
|
||||
|
|
@ -0,0 +1,516 @@
|
|||
/* $Id$ */
|
||||
|
||||
/*
|
||||
* ** Copyright (C) 2005-2010 Sourcefire, Inc.
|
||||
* ** AUTHOR: Steven Sturges
|
||||
* **
|
||||
* ** This program is free software; you can redistribute it and/or modify
|
||||
* ** it under the terms of the GNU General Public License Version 2 as
|
||||
* ** published by the Free Software Foundation. You may not use, modify or
|
||||
* ** distribute this program under any other version of the GNU General
|
||||
* ** Public License.
|
||||
* **
|
||||
* ** This program is distributed in the hope that it will be useful,
|
||||
* ** but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* ** MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* ** GNU General Public License for more details.
|
||||
* **
|
||||
* ** You should have received a copy of the GNU General Public License
|
||||
* ** along with this program; if not, write to the Free Software
|
||||
* ** Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
|
||||
* */
|
||||
|
||||
/* stream_api.h
|
||||
*
|
||||
* Purpose: Definition of the StreamAPI. To be used as a common interface
|
||||
* for TCP (and later UDP & ICMP) Stream access for other
|
||||
* preprocessors and detection plugins.
|
||||
*
|
||||
* Arguments:
|
||||
*
|
||||
* Effect:
|
||||
*
|
||||
* Comments:
|
||||
*
|
||||
* Any comments?
|
||||
*
|
||||
*/
|
||||
|
||||
#ifndef STREAM_API_H_
|
||||
#define STREAM_API_H_
|
||||
|
||||
#include <sys/types.h>
|
||||
|
||||
#include "ipv6_port.h"
|
||||
#include "preprocids.h" /* IDs are used when setting preproc specific data */
|
||||
#include "bitop.h"
|
||||
#include "decode.h"
|
||||
#include "sfPolicy.h"
|
||||
|
||||
#define IGNORE_FLAG_ALWAYS 0x01
|
||||
|
||||
#define SSN_MISSING_NONE 0x00
|
||||
#define SSN_MISSING_BEFORE 0x01
|
||||
#define SSN_MISSING_AFTER 0x02
|
||||
#define SSN_MISSING_BOTH (SSN_MISSING_BEFORE | SSN_MISSING_AFTER)
|
||||
|
||||
#define SSN_DIR_NONE 0x0
|
||||
#define SSN_DIR_CLIENT 0x1
|
||||
#define SSN_DIR_SENDER 0x1
|
||||
#define SSN_DIR_SERVER 0x2
|
||||
#define SSN_DIR_RESPONDER 0x2
|
||||
#define SSN_DIR_BOTH 0x03
|
||||
|
||||
#define SSNFLAG_SEEN_CLIENT 0x00000001
|
||||
#define SSNFLAG_SEEN_SENDER 0x00000001
|
||||
#define SSNFLAG_SEEN_SERVER 0x00000002
|
||||
#define SSNFLAG_SEEN_RESPONDER 0x00000002
|
||||
#define SSNFLAG_ESTABLISHED 0x00000004
|
||||
#define SSNFLAG_NMAP 0x00000008
|
||||
#define SSNFLAG_ECN_CLIENT_QUERY 0x00000010
|
||||
#define SSNFLAG_ECN_SERVER_REPLY 0x00000020
|
||||
#define SSNFLAG_HTTP_1_1 0x00000040 /* has stream seen HTTP 1.1? */
|
||||
#define SSNFLAG_SEEN_PMATCH 0x00000080 /* seen pattern match? */
|
||||
#define SSNFLAG_MIDSTREAM 0x00000100 /* picked up midstream */
|
||||
#define SSNFLAG_CLIENT_FIN 0x00000200 /* server sent fin */
|
||||
#define SSNFLAG_SERVER_FIN 0x00000400 /* client sent fin */
|
||||
#define SSNFLAG_CLIENT_PKT 0x00000800 /* packet is from the client */
|
||||
#define SSNFLAG_SERVER_PKT 0x00001000 /* packet is from the server */
|
||||
#define SSNFLAG_COUNTED_INITIALIZE 0x00002000
|
||||
#define SSNFLAG_COUNTED_ESTABLISH 0x00004000
|
||||
#define SSNFLAG_COUNTED_CLOSING 0x00008000
|
||||
#define SSNFLAG_TIMEDOUT 0x00010000
|
||||
#define SSNFLAG_PRUNED 0x00020000
|
||||
#define SSNFLAG_RESET 0x00040000
|
||||
#define SSNFLAG_DROP_CLIENT 0x00080000
|
||||
#define SSNFLAG_DROP_SERVER 0x00100000
|
||||
#define SSNFLAG_LOGGED_QUEUE_FULL 0x00200000
|
||||
#define SSNFLAG_ALL 0xFFFFFFFF /* all that and a bag of chips */
|
||||
#define SSNFLAG_NONE 0x00000000 /* nothing, an MT bag of chips */
|
||||
|
||||
#define STREAM_FLPOLICY_NONE 0x00
|
||||
#define STREAM_FLPOLICY_FOOTPRINT 0x01 /* size-based footprint flush */
|
||||
#define STREAM_FLPOLICY_LOGICAL 0x02 /* queued bytes-based flush */
|
||||
#define STREAM_FLPOLICY_RESPONSE 0x03 /* flush when we see response */
|
||||
#define STREAM_FLPOLICY_SLIDING_WINDOW 0x04 /* flush on sliding window */
|
||||
#if 0
|
||||
#define STREAM_FLPOLICY_CONSUMED 0x05 /* purge consumed bytes */
|
||||
#endif
|
||||
#define STREAM_FLPOLICY_IGNORE 0x06 /* ignore this traffic */
|
||||
|
||||
#define STREAM_FLPOLICY_MAX STREAM_FLPOLICY_IGNORE
|
||||
|
||||
#define STREAM_FLPOLICY_SET_ABSOLUTE 0x01
|
||||
#define STREAM_FLPOLICY_SET_APPEND 0x02
|
||||
|
||||
#define UNKNOWN_PORT 0
|
||||
|
||||
#define STREAM_API_VERSION5 5
|
||||
|
||||
typedef void (*StreamAppDataFree)(void *);
|
||||
typedef int (*PacketIterator)
|
||||
(
|
||||
struct pcap_pkthdr *,
|
||||
uint8_t *, /* pkt pointer */
|
||||
void * /* user-defined data pointer */
|
||||
);
|
||||
|
||||
typedef int (*StreamSegmentIterator)
|
||||
(
|
||||
struct pcap_pkthdr *,
|
||||
uint8_t *, /* pkt pointer */
|
||||
uint8_t *, /* payload pointer */
|
||||
uint32_t, /* sequence number */
|
||||
void * /* user-defined data pointer */
|
||||
);
|
||||
|
||||
typedef struct _StreamFlowData
|
||||
{
|
||||
BITOP boFlowbits;
|
||||
unsigned char flowb[1];
|
||||
} StreamFlowData;
|
||||
|
||||
typedef struct _stream_api
|
||||
{
|
||||
int version;
|
||||
|
||||
/*
|
||||
* Drop on Inline Alerts for Midstream pickups
|
||||
*
|
||||
* Parameters
|
||||
*,
|
||||
* Returns
|
||||
* 0 if not alerting
|
||||
* !0 if alerting
|
||||
*/
|
||||
int (*alert_inline_midstream_drops)(void);
|
||||
|
||||
/* Set direction of session
|
||||
*
|
||||
* Parameters:
|
||||
* Session Ptr
|
||||
* New Direction
|
||||
* IP
|
||||
* Port
|
||||
*/
|
||||
void (*update_direction)(void *, char, snort_ip_p, uint16_t );
|
||||
|
||||
/* Get direction of packet
|
||||
*
|
||||
* Parameters:
|
||||
* Packet
|
||||
*/
|
||||
uint32_t (*get_packet_direction)(Packet *);
|
||||
|
||||
/* Stop inspection for session, up to count bytes (-1 to ignore
|
||||
* for life or until resume).
|
||||
*
|
||||
* If response flag is set, automatically resume inspection up to
|
||||
* count bytes when a data packet in the other direction is seen.
|
||||
*
|
||||
* Also marks the packet to be ignored
|
||||
*
|
||||
* Parameters
|
||||
* Session Ptr
|
||||
* Packet
|
||||
* Direction
|
||||
* Bytes
|
||||
* Response Flag
|
||||
*/
|
||||
void (*stop_inspection)(void *, Packet *, char, int32_t, int);
|
||||
|
||||
/* Turn off inspection for potential session.
|
||||
* Adds session identifiers to a hash table.
|
||||
* TCP only.
|
||||
*
|
||||
* Parameters
|
||||
* IP addr #1
|
||||
* Port #1
|
||||
* IP addr #2
|
||||
* Port #2
|
||||
* Protocol
|
||||
* Direction
|
||||
* Flags (permanent)
|
||||
*
|
||||
* Returns
|
||||
* 0 on success
|
||||
* -1 on failure
|
||||
*/
|
||||
int (*ignore_session)(snort_ip_p, uint16_t, snort_ip_p, uint16_t,
|
||||
char, char, char);
|
||||
|
||||
/* Resume inspection for session.
|
||||
*
|
||||
* Parameters
|
||||
* Session Ptr
|
||||
* Direction
|
||||
*/
|
||||
void (*resume_inspection)(void *, char);
|
||||
|
||||
/* Drop traffic arriving on session.
|
||||
*
|
||||
* Parameters
|
||||
* Session Ptr
|
||||
* Direction
|
||||
*/
|
||||
void (*drop_traffic)(void *, char);
|
||||
|
||||
/* Drop retransmitted packet arriving on session.
|
||||
*
|
||||
* Parameters
|
||||
* Packet
|
||||
*/
|
||||
void (*drop_packet)(Packet *);
|
||||
|
||||
/* Set a reference to application data for a session
|
||||
*
|
||||
* Parameters
|
||||
* Session Ptr
|
||||
* Application Protocol
|
||||
* Application Data reference (pointer)
|
||||
* Application Data free function
|
||||
*/
|
||||
void (*set_application_data)(void *, uint32_t, void *, StreamAppDataFree);
|
||||
|
||||
/* Set a reference to application data for a session
|
||||
*
|
||||
* Parameters
|
||||
* Session Ptr
|
||||
* Application Protocol
|
||||
*
|
||||
* Returns
|
||||
* Application Data reference (pointer)
|
||||
*/
|
||||
void *(*get_application_data)(void *, uint32_t);
|
||||
|
||||
/* Sets the flags for a session
|
||||
* This ORs the supplied flags with the previous values
|
||||
*
|
||||
* Parameters
|
||||
* Session Ptr
|
||||
* Flags
|
||||
*
|
||||
* Returns
|
||||
* New Flags
|
||||
*/
|
||||
uint32_t (*set_session_flags)(void *, uint32_t);
|
||||
|
||||
/* Gets the flags for a session
|
||||
*
|
||||
* Parameters
|
||||
* Session Ptr
|
||||
*/
|
||||
uint32_t (*get_session_flags)(void *);
|
||||
|
||||
/* Flushes the stream on an alert
|
||||
* Side that is flushed is the same as the packet.
|
||||
*
|
||||
* Parameters
|
||||
* Packet
|
||||
*/
|
||||
int (*alert_flush_stream)(Packet *);
|
||||
|
||||
/* Flushes the stream on arrival of another packet
|
||||
* Side that is flushed is the opposite of the packet.
|
||||
*
|
||||
* Parameters
|
||||
* Packet
|
||||
*/
|
||||
int (*response_flush_stream)(Packet *);
|
||||
|
||||
/* Calls user-provided callback function for each packet of
|
||||
* a reassembled stream. If the callback function returns non-zero,
|
||||
* iteration ends.
|
||||
*
|
||||
* Parameters
|
||||
* Packet
|
||||
* Packet Iterator Function (called for each packet in the stream)
|
||||
* user data (may be NULL)
|
||||
*
|
||||
* Returns
|
||||
* number of packets
|
||||
*/
|
||||
int (*traverse_reassembled)(Packet *, PacketIterator, void *userdata);
|
||||
|
||||
/* Calls user-provided callback function for each segment of
|
||||
* a reassembled stream. If the callback function returns non-zero,
|
||||
* iteration ends.
|
||||
*
|
||||
* Parameters
|
||||
* Packet
|
||||
* StreamSegmentIterator Function (called for each packet in the stream)
|
||||
* user data (may be NULL)
|
||||
*
|
||||
* Returns
|
||||
* number of packets
|
||||
*/
|
||||
int (*traverse_stream_segments)(Packet *, StreamSegmentIterator, void *userdata);
|
||||
|
||||
/* Add session alert
|
||||
*
|
||||
* Parameters
|
||||
* Session Ptr
|
||||
* gen ID
|
||||
* sig ID
|
||||
*
|
||||
* Returns
|
||||
* 0 success
|
||||
* -1 failure (max alerts reached)
|
||||
*
|
||||
*/
|
||||
int (*add_session_alert)(void *, Packet *p, uint32_t, uint32_t);
|
||||
|
||||
/* Check session alert
|
||||
*
|
||||
* Parameters
|
||||
* Session Ptr
|
||||
* Packet
|
||||
* gen ID
|
||||
* sig ID
|
||||
*
|
||||
* Returns
|
||||
* 0 if not previously alerted
|
||||
* !0 if previously alerted
|
||||
*/
|
||||
int (*check_session_alerted)(void *, Packet *p, uint32_t, uint32_t);
|
||||
|
||||
/* Get Flowbits data
|
||||
*
|
||||
* Parameters
|
||||
* Packet
|
||||
*
|
||||
* Returns
|
||||
* Ptr to Flowbits Data
|
||||
*/
|
||||
StreamFlowData *(*get_flow_data)(Packet *p);
|
||||
|
||||
/* Set reassembly flush policy/direction for given session
|
||||
*
|
||||
* Parameters
|
||||
* Session Ptr
|
||||
* Flush Policy
|
||||
* Direction(s)
|
||||
* Flags
|
||||
*
|
||||
* Returns
|
||||
* direction(s) of reassembly for session
|
||||
*/
|
||||
char (*set_reassembly)(void *, uint8_t, char, char);
|
||||
|
||||
/* Get reassembly direction for given session
|
||||
*
|
||||
* Parameters
|
||||
* Session Ptr
|
||||
*
|
||||
* Returns
|
||||
* direction(s) of reassembly for session
|
||||
*/
|
||||
char (*get_reassembly_direction)(void *);
|
||||
|
||||
/* Get reassembly flush_policy for given session
|
||||
*
|
||||
* Parameters
|
||||
* Session Ptr
|
||||
* Direction
|
||||
*
|
||||
* Returns
|
||||
* flush policy for specified direction
|
||||
*/
|
||||
char (*get_reassembly_flush_policy)(void *, char);
|
||||
|
||||
/* Get true/false as to whether stream data is in
|
||||
* sequence or packets are missing
|
||||
*
|
||||
* Parameters
|
||||
* Session Ptr
|
||||
* Direction
|
||||
*
|
||||
* Returns
|
||||
* true/false
|
||||
*/
|
||||
char (*is_stream_sequenced)(void *, char);
|
||||
|
||||
/* Get whether there are missing packets before, after or
|
||||
* before and after reassembled buffer
|
||||
*
|
||||
* Parameters
|
||||
* Session Ptr
|
||||
* Direction
|
||||
*
|
||||
* Returns
|
||||
* SSN_MISSING_BOTH if missing before and after
|
||||
* SSN_MISSING_BEFORE if missing before
|
||||
* SSN_MISSING_AFTER if missing after
|
||||
* SSN_MISSING_NONE if none missing
|
||||
*/
|
||||
int (*missing_in_reassembled)(void *, char);
|
||||
|
||||
/* Get true/false as to whether packets were missed on
|
||||
* the stream
|
||||
*
|
||||
* Parameters
|
||||
* Session Ptr
|
||||
* Direction
|
||||
*
|
||||
* Returns
|
||||
* true/false
|
||||
*/
|
||||
char (*missed_packets)(void *, char);
|
||||
|
||||
#ifdef TARGET_BASED
|
||||
/* Get the protocol identifier from a stream
|
||||
*
|
||||
* Parameters
|
||||
* Session Ptr
|
||||
*
|
||||
* Returns
|
||||
* integer protocol identifier
|
||||
*/
|
||||
int16_t (*get_application_protocol_id)(void *);
|
||||
|
||||
/* Set the protocol identifier for a stream
|
||||
*
|
||||
* Parameters
|
||||
* Session Ptr
|
||||
* ID
|
||||
*
|
||||
* Returns
|
||||
* integer protocol identifier
|
||||
*/
|
||||
int16_t (*set_application_protocol_id)(void *, int16_t);
|
||||
|
||||
/** Set service to either ignore, inspect or maintain session state.
|
||||
* If this is called during parsing a preprocessor configuration, make
|
||||
* sure to set the parsing argument to 1.
|
||||
*/
|
||||
void (*set_service_filter_status)(int service, int status, tSfPolicyId policyId, int parsing);
|
||||
#endif
|
||||
|
||||
/** Set port to either ignore, inspect or maintain session state.
|
||||
* If this is called during parsing a preprocessor configuration, make
|
||||
* sure to set the parsing argument to 1.
|
||||
*/
|
||||
void (*set_port_filter_status)(int protocol, uint16_t port, int status, tSfPolicyId policyId, int parsing);
|
||||
|
||||
/* Get the current flush point
|
||||
*
|
||||
* Arguments
|
||||
* void * - session pointer
|
||||
* char - direction
|
||||
*
|
||||
* Returns
|
||||
* Current flush point for session
|
||||
*/
|
||||
uint32_t (*get_flush_point)(void *, char);
|
||||
|
||||
/* Set the next flush point
|
||||
*
|
||||
* Arguments
|
||||
* void * - session pointer
|
||||
* char - direction
|
||||
* uint32_t - flush point size
|
||||
*/
|
||||
void (*set_flush_point)(void *, char, uint32_t);
|
||||
|
||||
#ifdef TARGET_BASED
|
||||
/* Turn off inspection for potential session.
|
||||
* Adds session identifiers to a hash table.
|
||||
* TCP only.
|
||||
*
|
||||
* Parameters
|
||||
* IP addr #1
|
||||
* Port #1
|
||||
* IP addr #2
|
||||
* Port #2
|
||||
* Protocol
|
||||
* ID
|
||||
*
|
||||
* Returns
|
||||
* 0 on success
|
||||
* -1 on failure
|
||||
*/
|
||||
int (*set_application_protocol_id_expected)(snort_ip_p, uint16_t, snort_ip_p, uint16_t,
|
||||
char, int16_t);
|
||||
#endif
|
||||
} StreamAPI;
|
||||
|
||||
/* To be set by Stream5 (or Stream4) */
|
||||
extern StreamAPI *stream_api;
|
||||
|
||||
/**Port Inspection States. Port can be either ignored,
|
||||
* or inspected or session tracked. The values are bitmasks.
|
||||
*/
|
||||
typedef enum {
|
||||
/**Dont monitor the port. */
|
||||
PORT_MONITOR_NONE = 0x00,
|
||||
|
||||
/**Inspect the port. */
|
||||
PORT_MONITOR_INSPECT = 0x01,
|
||||
|
||||
/**perform session tracking on the port. */
|
||||
PORT_MONITOR_SESSION = 0x02
|
||||
|
||||
} PortMonitorStates;
|
||||
|
||||
#endif /* STREAM_API_H_ */
|
||||
|
|
@ -0,0 +1,193 @@
|
|||
/****************************************************************************
|
||||
* Copyright (C) 2008-2010 Sourcefire, Inc.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License Version 2 as
|
||||
* published by the Free Software Foundation. You may not use, modify or
|
||||
* distribute this program under any other version of the GNU General
|
||||
* Public License.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program; if not, write to the Free Software
|
||||
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
|
||||
*
|
||||
****************************************************************************/
|
||||
|
||||
/* We moved the OptTreeNode and RuleTreeNode here to make them easier to
|
||||
include in dynamic preprocessors. */
|
||||
|
||||
#ifndef TREENODES_H
|
||||
#define TREENODES_H
|
||||
|
||||
#include "signature.h"
|
||||
#include "sf_snort_packet.h"
|
||||
#include "event.h"
|
||||
#include "plugin_enum.h"
|
||||
#include "rule_option_types.h"
|
||||
|
||||
struct _OptTreeNode; /* forward declaration of OTN data struct */
|
||||
struct _RuleTreeNode; /* forward declaration of RTN data struct */
|
||||
|
||||
/* same as the rule header FP list */
|
||||
typedef struct _OptFpList
|
||||
{
|
||||
/* context data for this test */
|
||||
void *context;
|
||||
|
||||
int (*OptTestFunc)(void *option_data, SFSnortPacket *p);
|
||||
|
||||
struct _OptFpList *next;
|
||||
|
||||
unsigned char isRelative;
|
||||
option_type_t type;
|
||||
|
||||
} OptFpList;
|
||||
|
||||
typedef struct _OptTreeNode
|
||||
{
|
||||
/* plugin/detection functions go here */
|
||||
OptFpList *opt_func;
|
||||
void *rsp_func; /* response functions */
|
||||
void *outputFuncs; /* per sid enabled output functions */
|
||||
|
||||
/* the ds_list is absolutely essential for the plugin system to work,
|
||||
it allows the plugin authors to associate "dynamic" data structures
|
||||
with the rule system, letting them link anything they can come up
|
||||
with to the rules list */
|
||||
void *ds_list[PLUGIN_MAX]; /* list of plugin data struct pointers */
|
||||
|
||||
int chain_node_number;
|
||||
|
||||
int evalIndex; /* where this rule sits in the evaluation sets */
|
||||
|
||||
int proto; /* protocol, added for integrity checks
|
||||
during rule parsing */
|
||||
|
||||
int session_flag; /* record session data */
|
||||
|
||||
char *logto; /* log file in which to write packets which
|
||||
match this rule*/
|
||||
/* metadata about signature */
|
||||
SigInfo sigInfo;
|
||||
|
||||
uint8_t stateless; /* this rule can fire regardless of session state */
|
||||
uint8_t established; /* this rule can only fire if it is established */
|
||||
uint8_t unestablished;
|
||||
|
||||
Event event_data;
|
||||
|
||||
void* detection_filter; /* if present, evaluated last, after header checks */
|
||||
void *tag;
|
||||
|
||||
/* stuff for dynamic rules activation/deactivation */
|
||||
int active_flag;
|
||||
int activation_counter;
|
||||
int countdown;
|
||||
int activates;
|
||||
int activated_by;
|
||||
|
||||
struct _OptTreeNode *OTN_activation_ptr;
|
||||
struct _RuleTreeNode *RTN_activation_ptr;
|
||||
|
||||
struct _OptTreeNode *next;
|
||||
|
||||
struct _OptTreeNode *nextSoid;
|
||||
|
||||
/* ptr to list of RTNs (head part) */
|
||||
struct _RuleTreeNode **proto_nodes;
|
||||
|
||||
/**number of proto_nodes. */
|
||||
unsigned short proto_node_num;
|
||||
|
||||
uint8_t failedCheckBits;
|
||||
|
||||
int rule_state; /* Enabled or Disabled */
|
||||
|
||||
#ifdef PERF_PROFILING
|
||||
uint64_t ticks;
|
||||
uint64_t ticks_match;
|
||||
uint64_t ticks_no_match;
|
||||
uint64_t checks;
|
||||
uint64_t matches;
|
||||
uint64_t alerts;
|
||||
uint8_t noalerts;
|
||||
#endif
|
||||
|
||||
int pcre_flag; /* PPM */
|
||||
uint64_t ppm_suspend_time; /* PPM */
|
||||
uint64_t ppm_disable_cnt; /*PPM */
|
||||
|
||||
char generated;
|
||||
uint32_t num_detection_opts;
|
||||
|
||||
/**unique index generated in ruleIndexMap.
|
||||
*/
|
||||
int ruleIndex;
|
||||
|
||||
/* List of preprocessor registered fast pattern contents */
|
||||
void *preproc_fp_list;
|
||||
|
||||
} OptTreeNode;
|
||||
|
||||
/* function pointer list for rule head nodes */
|
||||
typedef struct _RuleFpList
|
||||
{
|
||||
/* context data for this test */
|
||||
void *context;
|
||||
|
||||
/* rule check function pointer */
|
||||
int (*RuleHeadFunc)(SFSnortPacket *, struct _RuleTreeNode *, struct _RuleFpList *, int);
|
||||
|
||||
/* pointer to the next rule function node */
|
||||
struct _RuleFpList *next;
|
||||
} RuleFpList;
|
||||
|
||||
typedef struct _RuleTreeNode
|
||||
{
|
||||
RuleFpList *rule_func; /* match functions.. (Bidirectional etc.. ) */
|
||||
|
||||
int head_node_number;
|
||||
|
||||
int type;
|
||||
|
||||
void *sip;
|
||||
void *dip;
|
||||
|
||||
int proto;
|
||||
|
||||
void * src_portobject;
|
||||
void * dst_portobject;
|
||||
|
||||
uint32_t flags; /* control flags */
|
||||
|
||||
/* stuff for dynamic rules activation/deactivation */
|
||||
int active_flag;
|
||||
int activation_counter;
|
||||
int countdown;
|
||||
void *activate_list;
|
||||
|
||||
#if 0
|
||||
struct _RuleTreeNode *right; /* ptr to the next RTN in the list */
|
||||
|
||||
/** list of rule options to associate with this rule node */
|
||||
OptTreeNode *down;
|
||||
#endif
|
||||
|
||||
/**points to global parent RTN list (Drop/Alert) which contains this
|
||||
* RTN.
|
||||
*/
|
||||
void *listhead;
|
||||
|
||||
/**reference count from otn. Multiple OTNs can reference this RTN with the same
|
||||
* policy.
|
||||
*/
|
||||
unsigned int otnRefCount;
|
||||
|
||||
} RuleTreeNode;
|
||||
|
||||
#endif /* TREENODES_H */
|
|
@ -0,0 +1,191 @@
|
|||
/****************************************************************************
|
||||
* Copyright (C) 2008-2010 Sourcefire, Inc.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License Version 2 as
|
||||
* published by the Free Software Foundation. You may not use, modify or
|
||||
* distribute this program under any other version of the GNU General
|
||||
* Public License.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program; if not, write to the Free Software
|
||||
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
|
||||
*
|
||||
****************************************************************************/
|
||||
|
||||
/* We moved the OptTreeNode and RuleTreeNode here to make them easier to
|
||||
include in dynamic preprocessors. */
|
||||
|
||||
#ifndef TREENODES_H
|
||||
#define TREENODES_H
|
||||
|
||||
#include "rules.h"
|
||||
#include "plugin_enum.h"
|
||||
#include "rule_option_types.h"
|
||||
|
||||
struct _OptTreeNode; /* forward declaration of OTN data struct */
|
||||
struct _RuleTreeNode; /* forward declaration of RTN data struct */
|
||||
|
||||
/* same as the rule header FP list */
|
||||
typedef struct _OptFpList
|
||||
{
|
||||
/* context data for this test */
|
||||
void *context;
|
||||
|
||||
int (*OptTestFunc)(void *option_data, Packet *p);
|
||||
|
||||
struct _OptFpList *next;
|
||||
|
||||
unsigned char isRelative;
|
||||
option_type_t type;
|
||||
|
||||
} OptFpList;
|
||||
|
||||
typedef struct _OptTreeNode
|
||||
{
|
||||
/* plugin/detection functions go here */
|
||||
OptFpList *opt_func;
|
||||
RspFpList *rsp_func; /* response functions */
|
||||
OutputFuncNode *outputFuncs; /* per sid enabled output functions */
|
||||
|
||||
/* the ds_list is absolutely essential for the plugin system to work,
|
||||
it allows the plugin authors to associate "dynamic" data structures
|
||||
with the rule system, letting them link anything they can come up
|
||||
with to the rules list */
|
||||
void *ds_list[PLUGIN_MAX]; /* list of plugin data struct pointers */
|
||||
|
||||
int chain_node_number;
|
||||
|
||||
int evalIndex; /* where this rule sits in the evaluation sets */
|
||||
|
||||
int proto; /* protocol, added for integrity checks
|
||||
during rule parsing */
|
||||
|
||||
int session_flag; /* record session data */
|
||||
|
||||
char *logto; /* log file in which to write packets which
|
||||
match this rule*/
|
||||
/* metadata about signature */
|
||||
SigInfo sigInfo;
|
||||
|
||||
uint8_t stateless; /* this rule can fire regardless of session state */
|
||||
uint8_t established; /* this rule can only fire if it is established */
|
||||
uint8_t unestablished;
|
||||
|
||||
Event event_data;
|
||||
|
||||
void* detection_filter; /* if present, evaluated last, after header checks */
|
||||
TagData *tag;
|
||||
|
||||
/* stuff for dynamic rules activation/deactivation */
|
||||
int active_flag;
|
||||
int activation_counter;
|
||||
int countdown;
|
||||
int activates;
|
||||
int activated_by;
|
||||
|
||||
struct _OptTreeNode *OTN_activation_ptr;
|
||||
struct _RuleTreeNode *RTN_activation_ptr;
|
||||
|
||||
struct _OptTreeNode *next;
|
||||
|
||||
struct _OptTreeNode *nextSoid;
|
||||
|
||||
/* ptr to list of RTNs (head part) */
|
||||
struct _RuleTreeNode **proto_nodes;
|
||||
|
||||
/**number of proto_nodes. */
|
||||
unsigned short proto_node_num;
|
||||
|
||||
uint8_t failedCheckBits;
|
||||
|
||||
int rule_state; /* Enabled or Disabled */
|
||||
|
||||
#ifdef PERF_PROFILING
|
||||
uint64_t ticks;
|
||||
uint64_t ticks_match;
|
||||
uint64_t ticks_no_match;
|
||||
uint64_t checks;
|
||||
uint64_t matches;
|
||||
uint64_t alerts;
|
||||
uint8_t noalerts;
|
||||
#endif
|
||||
|
||||
int pcre_flag; /* PPM */
|
||||
uint64_t ppm_suspend_time; /* PPM */
|
||||
uint64_t ppm_disable_cnt; /*PPM */
|
||||
|
||||
char generated;
|
||||
uint32_t num_detection_opts;
|
||||
|
||||
/**unique index generated in ruleIndexMap.
|
||||
*/
|
||||
int ruleIndex;
|
||||
|
||||
/* List of preprocessor registered fast pattern contents */
|
||||
void *preproc_fp_list;
|
||||
|
||||
} OptTreeNode;
|
||||
|
||||
/* function pointer list for rule head nodes */
|
||||
typedef struct _RuleFpList
|
||||
{
|
||||
/* context data for this test */
|
||||
void *context;
|
||||
|
||||
/* rule check function pointer */
|
||||
int (*RuleHeadFunc)(Packet *, struct _RuleTreeNode *, struct _RuleFpList *, int);
|
||||
|
||||
/* pointer to the next rule function node */
|
||||
struct _RuleFpList *next;
|
||||
} RuleFpList;
|
||||
|
||||
typedef struct _RuleTreeNode
|
||||
{
|
||||
RuleFpList *rule_func; /* match functions.. (Bidirectional etc.. ) */
|
||||
|
||||
int head_node_number;
|
||||
|
||||
RuleType type;
|
||||
|
||||
IpAddrSet *sip;
|
||||
IpAddrSet *dip;
|
||||
|
||||
int proto;
|
||||
|
||||
PortObject * src_portobject;
|
||||
PortObject * dst_portobject;
|
||||
|
||||
uint32_t flags; /* control flags */
|
||||
|
||||
/* stuff for dynamic rules activation/deactivation */
|
||||
int active_flag;
|
||||
int activation_counter;
|
||||
int countdown;
|
||||
ActivateListNode *activate_list;
|
||||
|
||||
#if 0
|
||||
struct _RuleTreeNode *right; /* ptr to the next RTN in the list */
|
||||
|
||||
/** list of rule options to associate with this rule node */
|
||||
OptTreeNode *down;
|
||||
#endif
|
||||
|
||||
/**points to global parent RTN list (Drop/Alert) which contains this
|
||||
* RTN.
|
||||
*/
|
||||
struct _ListHead *listhead;
|
||||
|
||||
/**reference count from otn. Multiple OTNs can reference this RTN with the same
|
||||
* policy.
|
||||
*/
|
||||
unsigned int otnRefCount;
|
||||
|
||||
} RuleTreeNode;
|
||||
|
||||
#endif /* TREENODES_H */
|
|
@ -0,0 +1,520 @@
|
|||
#!/bin/sh
|
||||
# install - install a program, script, or datafile
|
||||
|
||||
scriptversion=2009-04-28.21; # UTC
|
||||
|
||||
# This originates from X11R5 (mit/util/scripts/install.sh), which was
|
||||
# later released in X11R6 (xc/config/util/install.sh) with the
|
||||
# following copyright and license.
|
||||
#
|
||||
# Copyright (C) 1994 X Consortium
|
||||
#
|
||||
# Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||
# of this software and associated documentation files (the "Software"), to
|
||||
# deal in the Software without restriction, including without limitation the
|
||||
# rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
|
||||
# sell copies of the Software, and to permit persons to whom the Software is
|
||||
# furnished to do so, subject to the following conditions:
|
||||
#
|
||||
# The above copyright notice and this permission notice shall be included in
|
||||
# all copies or substantial portions of the Software.
|
||||
#
|
||||
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||
# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
||||
# X CONSORTIUM BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN
|
||||
# AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNEC-
|
||||
# TION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
||||
#
|
||||
# Except as contained in this notice, the name of the X Consortium shall not
|
||||
# be used in advertising or otherwise to promote the sale, use or other deal-
|
||||
# ings in this Software without prior written authorization from the X Consor-
|
||||
# tium.
|
||||
#
|
||||
#
|
||||
# FSF changes to this file are in the public domain.
|
||||
#
|
||||
# Calling this script install-sh is preferred over install.sh, to prevent
|
||||
# `make' implicit rules from creating a file called install from it
|
||||
# when there is no Makefile.
|
||||
#
|
||||
# This script is compatible with the BSD install script, but was written
|
||||
# from scratch.
|
||||
|
||||
nl='
|
||||
'
|
||||
IFS=" "" $nl"
|
||||
|
||||
# set DOITPROG to echo to test this script
|
||||
|
||||
# Don't use :- since 4.3BSD and earlier shells don't like it.
|
||||
doit=${DOITPROG-}
|
||||
if test -z "$doit"; then
|
||||
doit_exec=exec
|
||||
else
|
||||
doit_exec=$doit
|
||||
fi
|
||||
|
||||
# Put in absolute file names if you don't have them in your path;
|
||||
# or use environment vars.
|
||||
|
||||
chgrpprog=${CHGRPPROG-chgrp}
|
||||
chmodprog=${CHMODPROG-chmod}
|
||||
chownprog=${CHOWNPROG-chown}
|
||||
cmpprog=${CMPPROG-cmp}
|
||||
cpprog=${CPPROG-cp}
|
||||
mkdirprog=${MKDIRPROG-mkdir}
|
||||
mvprog=${MVPROG-mv}
|
||||
rmprog=${RMPROG-rm}
|
||||
stripprog=${STRIPPROG-strip}
|
||||
|
||||
posix_glob='?'
|
||||
initialize_posix_glob='
|
||||
test "$posix_glob" != "?" || {
|
||||
if (set -f) 2>/dev/null; then
|
||||
posix_glob=
|
||||
else
|
||||
posix_glob=:
|
||||
fi
|
||||
}
|
||||
'
|
||||
|
||||
posix_mkdir=
|
||||
|
||||
# Desired mode of installed file.
|
||||
mode=0755
|
||||
|
||||
chgrpcmd=
|
||||
chmodcmd=$chmodprog
|
||||
chowncmd=
|
||||
mvcmd=$mvprog
|
||||
rmcmd="$rmprog -f"
|
||||
stripcmd=
|
||||
|
||||
src=
|
||||
dst=
|
||||
dir_arg=
|
||||
dst_arg=
|
||||
|
||||
copy_on_change=false
|
||||
no_target_directory=
|
||||
|
||||
usage="\
|
||||
Usage: $0 [OPTION]... [-T] SRCFILE DSTFILE
|
||||
or: $0 [OPTION]... SRCFILES... DIRECTORY
|
||||
or: $0 [OPTION]... -t DIRECTORY SRCFILES...
|
||||
or: $0 [OPTION]... -d DIRECTORIES...
|
||||
|
||||
In the 1st form, copy SRCFILE to DSTFILE.
|
||||
In the 2nd and 3rd, copy all SRCFILES to DIRECTORY.
|
||||
In the 4th, create DIRECTORIES.
|
||||
|
||||
Options:
|
||||
--help display this help and exit.
|
||||
--version display version info and exit.
|
||||
|
||||
-c (ignored)
|
||||
-C install only if different (preserve the last data modification time)
|
||||
-d create directories instead of installing files.
|
||||
-g GROUP $chgrpprog installed files to GROUP.
|
||||
-m MODE $chmodprog installed files to MODE.
|
||||
-o USER $chownprog installed files to USER.
|
||||
-s $stripprog installed files.
|
||||
-t DIRECTORY install into DIRECTORY.
|
||||
-T report an error if DSTFILE is a directory.
|
||||
|
||||
Environment variables override the default commands:
|
||||
CHGRPPROG CHMODPROG CHOWNPROG CMPPROG CPPROG MKDIRPROG MVPROG
|
||||
RMPROG STRIPPROG
|
||||
"
|
||||
|
||||
while test $# -ne 0; do
|
||||
case $1 in
|
||||
-c) ;;
|
||||
|
||||
-C) copy_on_change=true;;
|
||||
|
||||
-d) dir_arg=true;;
|
||||
|
||||
-g) chgrpcmd="$chgrpprog $2"
|
||||
shift;;
|
||||
|
||||
--help) echo "$usage"; exit $?;;
|
||||
|
||||
-m) mode=$2
|
||||
case $mode in
|
||||
*' '* | *' '* | *'
|
||||
'* | *'*'* | *'?'* | *'['*)
|
||||
echo "$0: invalid mode: $mode" >&2
|
||||
exit 1;;
|
||||
esac
|
||||
shift;;
|
||||
|
||||
-o) chowncmd="$chownprog $2"
|
||||
shift;;
|
||||
|
||||
-s) stripcmd=$stripprog;;
|
||||
|
||||
-t) dst_arg=$2
|
||||
shift;;
|
||||
|
||||
-T) no_target_directory=true;;
|
||||
|
||||
--version) echo "$0 $scriptversion"; exit $?;;
|
||||
|
||||
--) shift
|
||||
break;;
|
||||
|
||||
-*) echo "$0: invalid option: $1" >&2
|
||||
exit 1;;
|
||||
|
||||
*) break;;
|
||||
esac
|
||||
shift
|
||||
done
|
||||
|
||||
if test $# -ne 0 && test -z "$dir_arg$dst_arg"; then
|
||||
# When -d is used, all remaining arguments are directories to create.
|
||||
# When -t is used, the destination is already specified.
|
||||
# Otherwise, the last argument is the destination. Remove it from $@.
|
||||
for arg
|
||||
do
|
||||
if test -n "$dst_arg"; then
|
||||
# $@ is not empty: it contains at least $arg.
|
||||
set fnord "$@" "$dst_arg"
|
||||
shift # fnord
|
||||
fi
|
||||
shift # arg
|
||||
dst_arg=$arg
|
||||
done
|
||||
fi
|
||||
|
||||
if test $# -eq 0; then
|
||||
if test -z "$dir_arg"; then
|
||||
echo "$0: no input file specified." >&2
|
||||
exit 1
|
||||
fi
|
||||
# It's OK to call `install-sh -d' without argument.
|
||||
# This can happen when creating conditional directories.
|
||||
exit 0
|
||||
fi
|
||||
|
||||
if test -z "$dir_arg"; then
|
||||
trap '(exit $?); exit' 1 2 13 15
|
||||
|
||||
# Set umask so as not to create temps with too-generous modes.
|
||||
# However, 'strip' requires both read and write access to temps.
|
||||
case $mode in
|
||||
# Optimize common cases.
|
||||
*644) cp_umask=133;;
|
||||
*755) cp_umask=22;;
|
||||
|
||||
*[0-7])
|
||||
if test -z "$stripcmd"; then
|
||||
u_plus_rw=
|
||||
else
|
||||
u_plus_rw='% 200'
|
||||
fi
|
||||
cp_umask=`expr '(' 777 - $mode % 1000 ')' $u_plus_rw`;;
|
||||
*)
|
||||
if test -z "$stripcmd"; then
|
||||
u_plus_rw=
|
||||
else
|
||||
u_plus_rw=,u+rw
|
||||
fi
|
||||
cp_umask=$mode$u_plus_rw;;
|
||||
esac
|
||||
fi
|
||||
|
||||
for src
|
||||
do
|
||||
# Protect names starting with `-'.
|
||||
case $src in
|
||||
-*) src=./$src;;
|
||||
esac
|
||||
|
||||
if test -n "$dir_arg"; then
|
||||
dst=$src
|
||||
dstdir=$dst
|
||||
test -d "$dstdir"
|
||||
dstdir_status=$?
|
||||
else
|
||||
|
||||
# Waiting for this to be detected by the "$cpprog $src $dsttmp" command
|
||||
# might cause directories to be created, which would be especially bad
|
||||
# if $src (and thus $dsttmp) contains '*'.
|
||||
if test ! -f "$src" && test ! -d "$src"; then
|
||||
echo "$0: $src does not exist." >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
if test -z "$dst_arg"; then
|
||||
echo "$0: no destination specified." >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
dst=$dst_arg
|
||||
# Protect names starting with `-'.
|
||||
case $dst in
|
||||
-*) dst=./$dst;;
|
||||
esac
|
||||
|
||||
# If destination is a directory, append the input filename; won't work
|
||||
# if double slashes aren't ignored.
|
||||
if test -d "$dst"; then
|
||||
if test -n "$no_target_directory"; then
|
||||
echo "$0: $dst_arg: Is a directory" >&2
|
||||
exit 1
|
||||
fi
|
||||
dstdir=$dst
|
||||
dst=$dstdir/`basename "$src"`
|
||||
dstdir_status=0
|
||||
else
|
||||
# Prefer dirname, but fall back on a substitute if dirname fails.
|
||||
dstdir=`
|
||||
(dirname "$dst") 2>/dev/null ||
|
||||
expr X"$dst" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
|
||||
X"$dst" : 'X\(//\)[^/]' \| \
|
||||
X"$dst" : 'X\(//\)$' \| \
|
||||
X"$dst" : 'X\(/\)' \| . 2>/dev/null ||
|
||||
echo X"$dst" |
|
||||
sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{
|
||||
s//\1/
|
||||
q
|
||||
}
|
||||
/^X\(\/\/\)[^/].*/{
|
||||
s//\1/
|
||||
q
|
||||
}
|
||||
/^X\(\/\/\)$/{
|
||||
s//\1/
|
||||
q
|
||||
}
|
||||
/^X\(\/\).*/{
|
||||
s//\1/
|
||||
q
|
||||
}
|
||||
s/.*/./; q'
|
||||
`
|
||||
|
||||
test -d "$dstdir"
|
||||
dstdir_status=$?
|
||||
fi
|
||||
fi
|
||||
|
||||
obsolete_mkdir_used=false
|
||||
|
||||
if test $dstdir_status != 0; then
|
||||
case $posix_mkdir in
|
||||
'')
|
||||
# Create intermediate dirs using mode 755 as modified by the umask.
|
||||
# This is like FreeBSD 'install' as of 1997-10-28.
|
||||
umask=`umask`
|
||||
case $stripcmd.$umask in
|
||||
# Optimize common cases.
|
||||
*[2367][2367]) mkdir_umask=$umask;;
|
||||
.*0[02][02] | .[02][02] | .[02]) mkdir_umask=22;;
|
||||
|
||||
*[0-7])
|
||||
mkdir_umask=`expr $umask + 22 \
|
||||
- $umask % 100 % 40 + $umask % 20 \
|
||||
- $umask % 10 % 4 + $umask % 2
|
||||
`;;
|
||||
*) mkdir_umask=$umask,go-w;;
|
||||
esac
|
||||
|
||||
# With -d, create the new directory with the user-specified mode.
|
||||
# Otherwise, rely on $mkdir_umask.
|
||||
if test -n "$dir_arg"; then
|
||||
mkdir_mode=-m$mode
|
||||
else
|
||||
mkdir_mode=
|
||||
fi
|
||||
|
||||
posix_mkdir=false
|
||||
case $umask in
|
||||
*[123567][0-7][0-7])
|
||||
# POSIX mkdir -p sets u+wx bits regardless of umask, which
|
||||
# is incompatible with FreeBSD 'install' when (umask & 300) != 0.
|
||||
;;
|
||||
*)
|
||||
tmpdir=${TMPDIR-/tmp}/ins$RANDOM-$$
|
||||
trap 'ret=$?; rmdir "$tmpdir/d" "$tmpdir" 2>/dev/null; exit $ret' 0
|
||||
|
||||
if (umask $mkdir_umask &&
|
||||
exec $mkdirprog $mkdir_mode -p -- "$tmpdir/d") >/dev/null 2>&1
|
||||
then
|
||||
if test -z "$dir_arg" || {
|
||||
# Check for POSIX incompatibilities with -m.
|
||||
# HP-UX 11.23 and IRIX 6.5 mkdir -m -p sets group- or
|
||||
# other-writeable bit of parent directory when it shouldn't.
|
||||
# FreeBSD 6.1 mkdir -m -p sets mode of existing directory.
|
||||
ls_ld_tmpdir=`ls -ld "$tmpdir"`
|
||||
case $ls_ld_tmpdir in
|
||||
d????-?r-*) different_mode=700;;
|
||||
d????-?--*) different_mode=755;;
|
||||
*) false;;
|
||||
esac &&
|
||||
$mkdirprog -m$different_mode -p -- "$tmpdir" && {
|
||||
ls_ld_tmpdir_1=`ls -ld "$tmpdir"`
|
||||
test "$ls_ld_tmpdir" = "$ls_ld_tmpdir_1"
|
||||
}
|
||||
}
|
||||
then posix_mkdir=:
|
||||
fi
|
||||
rmdir "$tmpdir/d" "$tmpdir"
|
||||
else
|
||||
# Remove any dirs left behind by ancient mkdir implementations.
|
||||
rmdir ./$mkdir_mode ./-p ./-- 2>/dev/null
|
||||
fi
|
||||
trap '' 0;;
|
||||
esac;;
|
||||
esac
|
||||
|
||||
if
|
||||
$posix_mkdir && (
|
||||
umask $mkdir_umask &&
|
||||
$doit_exec $mkdirprog $mkdir_mode -p -- "$dstdir"
|
||||
)
|
||||
then :
|
||||
else
|
||||
|
||||
# The umask is ridiculous, or mkdir does not conform to POSIX,
|
||||
# or it failed possibly due to a race condition. Create the
|
||||
# directory the slow way, step by step, checking for races as we go.
|
||||
|
||||
case $dstdir in
|
||||
/*) prefix='/';;
|
||||
-*) prefix='./';;
|
||||
*) prefix='';;
|
||||
esac
|
||||
|
||||
eval "$initialize_posix_glob"
|
||||
|
||||
oIFS=$IFS
|
||||
IFS=/
|
||||
$posix_glob set -f
|
||||
set fnord $dstdir
|
||||
shift
|
||||
$posix_glob set +f
|
||||
IFS=$oIFS
|
||||
|
||||
prefixes=
|
||||
|
||||
for d
|
||||
do
|
||||
test -z "$d" && continue
|
||||
|
||||
prefix=$prefix$d
|
||||
if test -d "$prefix"; then
|
||||
prefixes=
|
||||
else
|
||||
if $posix_mkdir; then
|
||||
(umask=$mkdir_umask &&
|
||||
$doit_exec $mkdirprog $mkdir_mode -p -- "$dstdir") && break
|
||||
# Don't fail if two instances are running concurrently.
|
||||
test -d "$prefix" || exit 1
|
||||
else
|
||||
case $prefix in
|
||||
*\'*) qprefix=`echo "$prefix" | sed "s/'/'\\\\\\\\''/g"`;;
|
||||
*) qprefix=$prefix;;
|
||||
esac
|
||||
prefixes="$prefixes '$qprefix'"
|
||||
fi
|
||||
fi
|
||||
prefix=$prefix/
|
||||
done
|
||||
|
||||
if test -n "$prefixes"; then
|
||||
# Don't fail if two instances are running concurrently.
|
||||
(umask $mkdir_umask &&
|
||||
eval "\$doit_exec \$mkdirprog $prefixes") ||
|
||||
test -d "$dstdir" || exit 1
|
||||
obsolete_mkdir_used=true
|
||||
fi
|
||||
fi
|
||||
fi
|
||||
|
||||
if test -n "$dir_arg"; then
|
||||
{ test -z "$chowncmd" || $doit $chowncmd "$dst"; } &&
|
||||
{ test -z "$chgrpcmd" || $doit $chgrpcmd "$dst"; } &&
|
||||
{ test "$obsolete_mkdir_used$chowncmd$chgrpcmd" = false ||
|
||||
test -z "$chmodcmd" || $doit $chmodcmd $mode "$dst"; } || exit 1
|
||||
else
|
||||
|
||||
# Make a couple of temp file names in the proper directory.
|
||||
dsttmp=$dstdir/_inst.$$_
|
||||
rmtmp=$dstdir/_rm.$$_
|
||||
|
||||
# Trap to clean up those temp files at exit.
|
||||
trap 'ret=$?; rm -f "$dsttmp" "$rmtmp" && exit $ret' 0
|
||||
|
||||
# Copy the file name to the temp name.
|
||||
(umask $cp_umask && $doit_exec $cpprog "$src" "$dsttmp") &&
|
||||
|
||||
# and set any options; do chmod last to preserve setuid bits.
|
||||
#
|
||||
# If any of these fail, we abort the whole thing. If we want to
|
||||
# ignore errors from any of these, just make sure not to ignore
|
||||
# errors from the above "$doit $cpprog $src $dsttmp" command.
|
||||
#
|
||||
{ test -z "$chowncmd" || $doit $chowncmd "$dsttmp"; } &&
|
||||
{ test -z "$chgrpcmd" || $doit $chgrpcmd "$dsttmp"; } &&
|
||||
{ test -z "$stripcmd" || $doit $stripcmd "$dsttmp"; } &&
|
||||
{ test -z "$chmodcmd" || $doit $chmodcmd $mode "$dsttmp"; } &&
|
||||
|
||||
# If -C, don't bother to copy if it wouldn't change the file.
|
||||
if $copy_on_change &&
|
||||
old=`LC_ALL=C ls -dlL "$dst" 2>/dev/null` &&
|
||||
new=`LC_ALL=C ls -dlL "$dsttmp" 2>/dev/null` &&
|
||||
|
||||
eval "$initialize_posix_glob" &&
|
||||
$posix_glob set -f &&
|
||||
set X $old && old=:$2:$4:$5:$6 &&
|
||||
set X $new && new=:$2:$4:$5:$6 &&
|
||||
$posix_glob set +f &&
|
||||
|
||||
test "$old" = "$new" &&
|
||||
$cmpprog "$dst" "$dsttmp" >/dev/null 2>&1
|
||||
then
|
||||
rm -f "$dsttmp"
|
||||
else
|
||||
# Rename the file to the real destination.
|
||||
$doit $mvcmd -f "$dsttmp" "$dst" 2>/dev/null ||
|
||||
|
||||
# The rename failed, perhaps because mv can't rename something else
|
||||
# to itself, or perhaps because mv is so ancient that it does not
|
||||
# support -f.
|
||||
{
|
||||
# Now remove or move aside any old file at destination location.
|
||||
# We try this two ways since rm can't unlink itself on some
|
||||
# systems and the destination file might be busy for other
|
||||
# reasons. In this case, the final cleanup might fail but the new
|
||||
# file should still install successfully.
|
||||
{
|
||||
test ! -f "$dst" ||
|
||||
$doit $rmcmd -f "$dst" 2>/dev/null ||
|
||||
{ $doit $mvcmd -f "$dst" "$rmtmp" 2>/dev/null &&
|
||||
{ $doit $rmcmd -f "$rmtmp" 2>/dev/null; :; }
|
||||
} ||
|
||||
{ echo "$0: cannot unlink or rename $dst" >&2
|
||||
(exit 1); exit 1
|
||||
}
|
||||
} &&
|
||||
|
||||
# Now rename the file to the real destination.
|
||||
$doit $mvcmd "$dsttmp" "$dst"
|
||||
}
|
||||
fi || exit 1
|
||||
|
||||
trap '' 0
|
||||
fi
|
||||
done
|
||||
|
||||
# Local variables:
|
||||
# eval: (add-hook 'write-file-hooks 'time-stamp)
|
||||
# time-stamp-start: "scriptversion="
|
||||
# time-stamp-format: "%:y-%02m-%02d.%02H"
|
||||
# time-stamp-time-zone: "UTC"
|
||||
# time-stamp-end: "; # UTC"
|
||||
# End:
|
27
libtool
27
libtool
|
@ -1,7 +1,7 @@
|
|||
#! /bin/sh
|
||||
|
||||
# libtool - Provide generalized library-building support services.
|
||||
# Generated automatically by config.status (snort) 2.8.6.1
|
||||
# Generated automatically by config.status (snort_ai_preproc) 0.1
|
||||
# Libtool was configured on host wintermute:
|
||||
# NOTE: Changes made to this file will be lost: look at ltmain.sh.
|
||||
#
|
||||
|
@ -132,7 +132,7 @@ old_postuninstall_cmds=""
|
|||
LTCC="gcc"
|
||||
|
||||
# LTCC compiler flags.
|
||||
LTCFLAGS="-g -O2 -fvisibility=hidden -fno-strict-aliasing -Wall"
|
||||
LTCFLAGS="-g -O2"
|
||||
|
||||
# Take the output of nm and produce a listing of raw symbols and C names.
|
||||
global_symbol_pipe="sed -n -e 's/^.*[ ]\\([ABCDGIRSTW][ABCDGIRSTW]*\\)[ ][ ]*\\([_A-Za-z][_A-Za-z0-9]*\\)\$/\\1 \\2 \\2/p'"
|
||||
|
@ -237,7 +237,7 @@ hardcode_into_libs=yes
|
|||
sys_lib_search_path_spec="/usr/lib/gcc/i486-linux-gnu/4.4.4 /usr/lib /lib /usr/lib/i486-linux-gnu"
|
||||
|
||||
# Run-time system search path for libraries.
|
||||
sys_lib_dlsearch_path_spec="/lib64 /usr/lib64 /lib /usr/lib /usr/lib/atlas /lib/i486-linux-gnu /usr/lib/i486-linux-gnu /usr/local/lib "
|
||||
sys_lib_dlsearch_path_spec="/lib /usr/lib /usr/lib/atlas /lib/i486-linux-gnu /usr/lib/i486-linux-gnu /usr/local/lib "
|
||||
|
||||
# Whether dlopen is supported.
|
||||
dlopen_support=unknown
|
||||
|
@ -361,7 +361,7 @@ hardcode_automatic=no
|
|||
inherit_rpath=no
|
||||
|
||||
# Whether libtool must link a program against all its dependency libraries.
|
||||
link_all_deplibs=unknown
|
||||
link_all_deplibs=no
|
||||
|
||||
# Fix the shell variable $srcfile for the compiler.
|
||||
fix_srcfile_path=""
|
||||
|
@ -456,7 +456,7 @@ hardcode_action=immediate
|
|||
# compiler: $LTCC
|
||||
# compiler flags: $LTCFLAGS
|
||||
# linker: $LD (gnu? $with_gnu_ld)
|
||||
# $progname: (GNU libtool) 2.2.6b
|
||||
# $progname: (GNU libtool) 2.2.6b Debian-2.2.6b-2
|
||||
# automake: $automake_version
|
||||
# autoconf: $autoconf_version
|
||||
#
|
||||
|
@ -464,7 +464,7 @@ hardcode_action=immediate
|
|||
|
||||
PROGRAM=ltmain.sh
|
||||
PACKAGE=libtool
|
||||
VERSION=2.2.6b
|
||||
VERSION="2.2.6b Debian-2.2.6b-2"
|
||||
TIMESTAMP=""
|
||||
package_revision=1.3017
|
||||
|
||||
|
@ -5520,7 +5520,10 @@ func_mode_link ()
|
|||
case $pass in
|
||||
dlopen) libs="$dlfiles" ;;
|
||||
dlpreopen) libs="$dlprefiles" ;;
|
||||
link) libs="$deplibs %DEPLIBS% $dependency_libs" ;;
|
||||
link)
|
||||
libs="$deplibs %DEPLIBS%"
|
||||
test "X$link_all_deplibs" != Xno && libs="$libs $dependency_libs"
|
||||
;;
|
||||
esac
|
||||
fi
|
||||
if test "$linkmode,$pass" = "lib,dlpreopen"; then
|
||||
|
@ -5831,9 +5834,6 @@ func_mode_link ()
|
|||
# It is a libtool convenience library, so add in its objects.
|
||||
convenience="$convenience $ladir/$objdir/$old_library"
|
||||
old_convenience="$old_convenience $ladir/$objdir/$old_library"
|
||||
elif test "$linkmode" != prog && test "$linkmode" != lib; then
|
||||
func_fatal_error "\`$lib' is not a convenience library"
|
||||
fi
|
||||
tmp_libs=
|
||||
for deplib in $dependency_libs; do
|
||||
deplibs="$deplib $deplibs"
|
||||
|
@ -5844,6 +5844,9 @@ func_mode_link ()
|
|||
fi
|
||||
tmp_libs="$tmp_libs $deplib"
|
||||
done
|
||||
elif test "$linkmode" != prog && test "$linkmode" != lib; then
|
||||
func_fatal_error "\`$lib' is not a convenience library"
|
||||
fi
|
||||
continue
|
||||
fi # $pass = conv
|
||||
|
||||
|
@ -6380,6 +6383,7 @@ func_mode_link ()
|
|||
if test "$link_all_deplibs" != no; then
|
||||
# Add the search paths of all dependency libraries
|
||||
for deplib in $dependency_libs; do
|
||||
path=
|
||||
case $deplib in
|
||||
-L*) path="$deplib" ;;
|
||||
*.la)
|
||||
|
@ -6693,6 +6697,9 @@ func_mode_link ()
|
|||
revision="$number_minor"
|
||||
lt_irix_increment=no
|
||||
;;
|
||||
*)
|
||||
func_fatal_configuration "$modename: unknown library version type \`$version_type'"
|
||||
;;
|
||||
esac
|
||||
;;
|
||||
no)
|
||||
|
|
|
@ -0,0 +1 @@
|
|||
/usr/share/aclocal/libtool.m4
|
|
@ -0,0 +1 @@
|
|||
/usr/share/aclocal/ltoptions.m4
|
|
@ -0,0 +1 @@
|
|||
/usr/share/aclocal/ltsugar.m4
|
|
@ -0,0 +1 @@
|
|||
/usr/share/aclocal/ltversion.m4
|
|
@ -0,0 +1 @@
|
|||
/usr/share/aclocal/lt~obsolete.m4
|
|
@ -0,0 +1,376 @@
|
|||
#! /bin/sh
|
||||
# Common stub for a few missing GNU programs while installing.
|
||||
|
||||
scriptversion=2009-04-28.21; # UTC
|
||||
|
||||
# Copyright (C) 1996, 1997, 1999, 2000, 2002, 2003, 2004, 2005, 2006,
|
||||
# 2008, 2009 Free Software Foundation, Inc.
|
||||
# Originally by Fran,cois Pinard <pinard@iro.umontreal.ca>, 1996.
|
||||
|
||||
# This program is free software; you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation; either version 2, or (at your option)
|
||||
# any later version.
|
||||
|
||||
# This program is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
|
||||
# As a special exception to the GNU General Public License, if you
|
||||
# distribute this file as part of a program that contains a
|
||||
# configuration script generated by Autoconf, you may include it under
|
||||
# the same distribution terms that you use for the rest of that program.
|
||||
|
||||
if test $# -eq 0; then
|
||||
echo 1>&2 "Try \`$0 --help' for more information"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
run=:
|
||||
sed_output='s/.* --output[ =]\([^ ]*\).*/\1/p'
|
||||
sed_minuso='s/.* -o \([^ ]*\).*/\1/p'
|
||||
|
||||
# In the cases where this matters, `missing' is being run in the
|
||||
# srcdir already.
|
||||
if test -f configure.ac; then
|
||||
configure_ac=configure.ac
|
||||
else
|
||||
configure_ac=configure.in
|
||||
fi
|
||||
|
||||
msg="missing on your system"
|
||||
|
||||
case $1 in
|
||||
--run)
|
||||
# Try to run requested program, and just exit if it succeeds.
|
||||
run=
|
||||
shift
|
||||
"$@" && exit 0
|
||||
# Exit code 63 means version mismatch. This often happens
|
||||
# when the user try to use an ancient version of a tool on
|
||||
# a file that requires a minimum version. In this case we
|
||||
# we should proceed has if the program had been absent, or
|
||||
# if --run hadn't been passed.
|
||||
if test $? = 63; then
|
||||
run=:
|
||||
msg="probably too old"
|
||||
fi
|
||||
;;
|
||||
|
||||
-h|--h|--he|--hel|--help)
|
||||
echo "\
|
||||
$0 [OPTION]... PROGRAM [ARGUMENT]...
|
||||
|
||||
Handle \`PROGRAM [ARGUMENT]...' for when PROGRAM is missing, or return an
|
||||
error status if there is no known handling for PROGRAM.
|
||||
|
||||
Options:
|
||||
-h, --help display this help and exit
|
||||
-v, --version output version information and exit
|
||||
--run try to run the given command, and emulate it if it fails
|
||||
|
||||
Supported PROGRAM values:
|
||||
aclocal touch file \`aclocal.m4'
|
||||
autoconf touch file \`configure'
|
||||
autoheader touch file \`config.h.in'
|
||||
autom4te touch the output file, or create a stub one
|
||||
automake touch all \`Makefile.in' files
|
||||
bison create \`y.tab.[ch]', if possible, from existing .[ch]
|
||||
flex create \`lex.yy.c', if possible, from existing .c
|
||||
help2man touch the output file
|
||||
lex create \`lex.yy.c', if possible, from existing .c
|
||||
makeinfo touch the output file
|
||||
tar try tar, gnutar, gtar, then tar without non-portable flags
|
||||
yacc create \`y.tab.[ch]', if possible, from existing .[ch]
|
||||
|
||||
Version suffixes to PROGRAM as well as the prefixes \`gnu-', \`gnu', and
|
||||
\`g' are ignored when checking the name.
|
||||
|
||||
Send bug reports to <bug-automake@gnu.org>."
|
||||
exit $?
|
||||
;;
|
||||
|
||||
-v|--v|--ve|--ver|--vers|--versi|--versio|--version)
|
||||
echo "missing $scriptversion (GNU Automake)"
|
||||
exit $?
|
||||
;;
|
||||
|
||||
-*)
|
||||
echo 1>&2 "$0: Unknown \`$1' option"
|
||||
echo 1>&2 "Try \`$0 --help' for more information"
|
||||
exit 1
|
||||
;;
|
||||
|
||||
esac
|
||||
|
||||
# normalize program name to check for.
|
||||
program=`echo "$1" | sed '
|
||||
s/^gnu-//; t
|
||||
s/^gnu//; t
|
||||
s/^g//; t'`
|
||||
|
||||
# Now exit if we have it, but it failed. Also exit now if we
|
||||
# don't have it and --version was passed (most likely to detect
|
||||
# the program). This is about non-GNU programs, so use $1 not
|
||||
# $program.
|
||||
case $1 in
|
||||
lex*|yacc*)
|
||||
# Not GNU programs, they don't have --version.
|
||||
;;
|
||||
|
||||
tar*)
|
||||
if test -n "$run"; then
|
||||
echo 1>&2 "ERROR: \`tar' requires --run"
|
||||
exit 1
|
||||
elif test "x$2" = "x--version" || test "x$2" = "x--help"; then
|
||||
exit 1
|
||||
fi
|
||||
;;
|
||||
|
||||
*)
|
||||
if test -z "$run" && ($1 --version) > /dev/null 2>&1; then
|
||||
# We have it, but it failed.
|
||||
exit 1
|
||||
elif test "x$2" = "x--version" || test "x$2" = "x--help"; then
|
||||
# Could not run --version or --help. This is probably someone
|
||||
# running `$TOOL --version' or `$TOOL --help' to check whether
|
||||
# $TOOL exists and not knowing $TOOL uses missing.
|
||||
exit 1
|
||||
fi
|
||||
;;
|
||||
esac
|
||||
|
||||
# If it does not exist, or fails to run (possibly an outdated version),
|
||||
# try to emulate it.
|
||||
case $program in
|
||||
aclocal*)
|
||||
echo 1>&2 "\
|
||||
WARNING: \`$1' is $msg. You should only need it if
|
||||
you modified \`acinclude.m4' or \`${configure_ac}'. You might want
|
||||
to install the \`Automake' and \`Perl' packages. Grab them from
|
||||
any GNU archive site."
|
||||
touch aclocal.m4
|
||||
;;
|
||||
|
||||
autoconf*)
|
||||
echo 1>&2 "\
|
||||
WARNING: \`$1' is $msg. You should only need it if
|
||||
you modified \`${configure_ac}'. You might want to install the
|
||||
\`Autoconf' and \`GNU m4' packages. Grab them from any GNU
|
||||
archive site."
|
||||
touch configure
|
||||
;;
|
||||
|
||||
autoheader*)
|
||||
echo 1>&2 "\
|
||||
WARNING: \`$1' is $msg. You should only need it if
|
||||
you modified \`acconfig.h' or \`${configure_ac}'. You might want
|
||||
to install the \`Autoconf' and \`GNU m4' packages. Grab them
|
||||
from any GNU archive site."
|
||||
files=`sed -n 's/^[ ]*A[CM]_CONFIG_HEADER(\([^)]*\)).*/\1/p' ${configure_ac}`
|
||||
test -z "$files" && files="config.h"
|
||||
touch_files=
|
||||
for f in $files; do
|
||||
case $f in
|
||||
*:*) touch_files="$touch_files "`echo "$f" |
|
||||
sed -e 's/^[^:]*://' -e 's/:.*//'`;;
|
||||
*) touch_files="$touch_files $f.in";;
|
||||
esac
|
||||
done
|
||||
touch $touch_files
|
||||
;;
|
||||
|
||||
automake*)
|
||||
echo 1>&2 "\
|
||||
WARNING: \`$1' is $msg. You should only need it if
|
||||
you modified \`Makefile.am', \`acinclude.m4' or \`${configure_ac}'.
|
||||
You might want to install the \`Automake' and \`Perl' packages.
|
||||
Grab them from any GNU archive site."
|
||||
find . -type f -name Makefile.am -print |
|
||||
sed 's/\.am$/.in/' |
|
||||
while read f; do touch "$f"; done
|
||||
;;
|
||||
|
||||
autom4te*)
|
||||
echo 1>&2 "\
|
||||
WARNING: \`$1' is needed, but is $msg.
|
||||
You might have modified some files without having the
|
||||
proper tools for further handling them.
|
||||
You can get \`$1' as part of \`Autoconf' from any GNU
|
||||
archive site."
|
||||
|
||||
file=`echo "$*" | sed -n "$sed_output"`
|
||||
test -z "$file" && file=`echo "$*" | sed -n "$sed_minuso"`
|
||||
if test -f "$file"; then
|
||||
touch $file
|
||||
else
|
||||
test -z "$file" || exec >$file
|
||||
echo "#! /bin/sh"
|
||||
echo "# Created by GNU Automake missing as a replacement of"
|
||||
echo "# $ $@"
|
||||
echo "exit 0"
|
||||
chmod +x $file
|
||||
exit 1
|
||||
fi
|
||||
;;
|
||||
|
||||
bison*|yacc*)
|
||||
echo 1>&2 "\
|
||||
WARNING: \`$1' $msg. You should only need it if
|
||||
you modified a \`.y' file. You may need the \`Bison' package
|
||||
in order for those modifications to take effect. You can get
|
||||
\`Bison' from any GNU archive site."
|
||||
rm -f y.tab.c y.tab.h
|
||||
if test $# -ne 1; then
|
||||
eval LASTARG="\${$#}"
|
||||
case $LASTARG in
|
||||
*.y)
|
||||
SRCFILE=`echo "$LASTARG" | sed 's/y$/c/'`
|
||||
if test -f "$SRCFILE"; then
|
||||
cp "$SRCFILE" y.tab.c
|
||||
fi
|
||||
SRCFILE=`echo "$LASTARG" | sed 's/y$/h/'`
|
||||
if test -f "$SRCFILE"; then
|
||||
cp "$SRCFILE" y.tab.h
|
||||
fi
|
||||
;;
|
||||
esac
|
||||
fi
|
||||
if test ! -f y.tab.h; then
|
||||
echo >y.tab.h
|
||||
fi
|
||||
if test ! -f y.tab.c; then
|
||||
echo 'main() { return 0; }' >y.tab.c
|
||||
fi
|
||||
;;
|
||||
|
||||
lex*|flex*)
|
||||
echo 1>&2 "\
|
||||
WARNING: \`$1' is $msg. You should only need it if
|
||||
you modified a \`.l' file. You may need the \`Flex' package
|
||||
in order for those modifications to take effect. You can get
|
||||
\`Flex' from any GNU archive site."
|
||||
rm -f lex.yy.c
|
||||
if test $# -ne 1; then
|
||||
eval LASTARG="\${$#}"
|
||||
case $LASTARG in
|
||||
*.l)
|
||||
SRCFILE=`echo "$LASTARG" | sed 's/l$/c/'`
|
||||
if test -f "$SRCFILE"; then
|
||||
cp "$SRCFILE" lex.yy.c
|
||||
fi
|
||||
;;
|
||||
esac
|
||||
fi
|
||||
if test ! -f lex.yy.c; then
|
||||
echo 'main() { return 0; }' >lex.yy.c
|
||||
fi
|
||||
;;
|
||||
|
||||
help2man*)
|
||||
echo 1>&2 "\
|
||||
WARNING: \`$1' is $msg. You should only need it if
|
||||
you modified a dependency of a manual page. You may need the
|
||||
\`Help2man' package in order for those modifications to take
|
||||
effect. You can get \`Help2man' from any GNU archive site."
|
||||
|
||||
file=`echo "$*" | sed -n "$sed_output"`
|
||||
test -z "$file" && file=`echo "$*" | sed -n "$sed_minuso"`
|
||||
if test -f "$file"; then
|
||||
touch $file
|
||||
else
|
||||
test -z "$file" || exec >$file
|
||||
echo ".ab help2man is required to generate this page"
|
||||
exit $?
|
||||
fi
|
||||
;;
|
||||
|
||||
makeinfo*)
|
||||
echo 1>&2 "\
|
||||
WARNING: \`$1' is $msg. You should only need it if
|
||||
you modified a \`.texi' or \`.texinfo' file, or any other file
|
||||
indirectly affecting the aspect of the manual. The spurious
|
||||
call might also be the consequence of using a buggy \`make' (AIX,
|
||||
DU, IRIX). You might want to install the \`Texinfo' package or
|
||||
the \`GNU make' package. Grab either from any GNU archive site."
|
||||
# The file to touch is that specified with -o ...
|
||||
file=`echo "$*" | sed -n "$sed_output"`
|
||||
test -z "$file" && file=`echo "$*" | sed -n "$sed_minuso"`
|
||||
if test -z "$file"; then
|
||||
# ... or it is the one specified with @setfilename ...
|
||||
infile=`echo "$*" | sed 's/.* \([^ ]*\) *$/\1/'`
|
||||
file=`sed -n '
|
||||
/^@setfilename/{
|
||||
s/.* \([^ ]*\) *$/\1/
|
||||
p
|
||||
q
|
||||
}' $infile`
|
||||
# ... or it is derived from the source name (dir/f.texi becomes f.info)
|
||||
test -z "$file" && file=`echo "$infile" | sed 's,.*/,,;s,.[^.]*$,,'`.info
|
||||
fi
|
||||
# If the file does not exist, the user really needs makeinfo;
|
||||
# let's fail without touching anything.
|
||||
test -f $file || exit 1
|
||||
touch $file
|
||||
;;
|
||||
|
||||
tar*)
|
||||
shift
|
||||
|
||||
# We have already tried tar in the generic part.
|
||||
# Look for gnutar/gtar before invocation to avoid ugly error
|
||||
# messages.
|
||||
if (gnutar --version > /dev/null 2>&1); then
|
||||
gnutar "$@" && exit 0
|
||||
fi
|
||||
if (gtar --version > /dev/null 2>&1); then
|
||||
gtar "$@" && exit 0
|
||||
fi
|
||||
firstarg="$1"
|
||||
if shift; then
|
||||
case $firstarg in
|
||||
*o*)
|
||||
firstarg=`echo "$firstarg" | sed s/o//`
|
||||
tar "$firstarg" "$@" && exit 0
|
||||
;;
|
||||
esac
|
||||
case $firstarg in
|
||||
*h*)
|
||||
firstarg=`echo "$firstarg" | sed s/h//`
|
||||
tar "$firstarg" "$@" && exit 0
|
||||
;;
|
||||
esac
|
||||
fi
|
||||
|
||||
echo 1>&2 "\
|
||||
WARNING: I can't seem to be able to run \`tar' with the given arguments.
|
||||
You may want to install GNU tar or Free paxutils, or check the
|
||||
command line arguments."
|
||||
exit 1
|
||||
;;
|
||||
|
||||
*)
|
||||
echo 1>&2 "\
|
||||
WARNING: \`$1' is needed, and is $msg.
|
||||
You might have modified some files without having the
|
||||
proper tools for further handling them. Check the \`README' file,
|
||||
it often tells you about the needed prerequisites for installing
|
||||
this package. You may also peek at any GNU archive site, in case
|
||||
some other package would contain this missing \`$1' program."
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
|
||||
exit 0
|
||||
|
||||
# Local variables:
|
||||
# eval: (add-hook 'write-file-hooks 'time-stamp)
|
||||
# time-stamp-start: "scriptversion="
|
||||
# time-stamp-format: "%:y-%02m-%02d.%02H"
|
||||
# time-stamp-time-zone: "UTC"
|
||||
# time-stamp-end: "; # UTC"
|
||||
# End:
|
|
@ -1,9 +1,10 @@
|
|||
#ifndef SF_PREPROC_INFO_H_
|
||||
#define SF_PREPROC_INFO_H_
|
||||
|
||||
#define MAJOR_VERSION 1
|
||||
#define MINOR_VERSION 0
|
||||
#define BUILD_VERSION 1
|
||||
// #define VERSION "0.1.0"
|
||||
#define MAJOR_VERSION 0
|
||||
#define MINOR_VERSION 1
|
||||
#define BUILD_VERSION 0
|
||||
#define PREPROC_NAME "SF_AI"
|
||||
|
||||
#define DYNAMIC_PREPROC_SETUP AI_setup
|
||||
|
|
Loading…
Reference in New Issue