mirror of
https://github.com/BlackLight/Snort_AIPreproc.git
synced 2024-11-14 12:47:16 +01:00
164 lines
3.9 KiB
C
164 lines
3.9 KiB
C
/****************************************************************************
|
|
* Copyright (C) 2008-2010 Sourcefire, Inc.
|
|
*
|
|
* This program is free software; you can redistribute it and/or modify
|
|
* it under the terms of the GNU General Public License Version 2 as
|
|
* published by the Free Software Foundation. You may not use, modify or
|
|
* distribute this program under any other version of the GNU General
|
|
* Public License.
|
|
*
|
|
* This program is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
* GNU General Public License for more details.
|
|
*
|
|
* You should have received a copy of the GNU General Public License
|
|
* along with this program; if not, write to the Free Software
|
|
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
|
|
*
|
|
****************************************************************************/
|
|
|
|
#ifndef _SF_POLICY_H_
|
|
#define _SF_POLICY_H_
|
|
|
|
#include "sf_ip.h"
|
|
#include "ipv6_port.h"
|
|
#include "sfrt.h"
|
|
#include "debug.h"
|
|
|
|
/**Number of additional policies allocated with each re-alloc operation. */
|
|
#define POLICY_ALLOCATION_CHUNK 10
|
|
#define SF_VLAN_BINDING_MAX 4096
|
|
#define SF_NETWORK_BINDING_MAX 4096
|
|
#define SF_VLAN_UNBOUND 0xffffffff
|
|
|
|
|
|
/* vlan id or address range is reduced to policy id. and subsequent processing is done using policy id only. */
|
|
|
|
typedef struct
|
|
{
|
|
/**number of vlans which are member of this group. When membership falls to 0, then this group should be deleted.
|
|
*/
|
|
unsigned int refCount;
|
|
char *filename;
|
|
unsigned int isConfigProcessed:1;
|
|
|
|
} tSfPolicy;
|
|
|
|
typedef enum {
|
|
SF_BINDING_TYPE_VLAN,
|
|
SF_BINDING_TYPE_NETWORK,
|
|
SF_BINDING_TYPE_UNKNOWN
|
|
} tSF_BINDING_TYPE;
|
|
|
|
typedef unsigned int tSfPolicyId;
|
|
|
|
typedef struct
|
|
{
|
|
/**group id assigned to each file name. The groupId is an abstract concept
|
|
* to tie multiple vlans into one group. */
|
|
tSfPolicy **ppPolicies;
|
|
tSfPolicyId defaultPolicyId;
|
|
/**policy id of configuration file or packet being processed. */
|
|
tSfPolicyId numAllocatedPolicies;
|
|
unsigned int numActivePolicies;
|
|
/**vlan to policyId bindings. */
|
|
tSfPolicyId vlanBindings[SF_VLAN_BINDING_MAX];
|
|
/**Network to policyId bindings. */
|
|
table_t *netBindTable;
|
|
|
|
} tSfPolicyConfig;
|
|
|
|
|
|
extern tSfPolicyId runtimePolicyId;
|
|
extern tSfPolicyId parserPolicyId;
|
|
|
|
tSfPolicyConfig * sfPolicyInit(
|
|
void
|
|
);
|
|
void sfPolicyFini(
|
|
tSfPolicyConfig *
|
|
);
|
|
int sfPolicyAdd(
|
|
tSfPolicyConfig *,
|
|
char *
|
|
);
|
|
void sfPolicyDelete(
|
|
tSfPolicyConfig *,
|
|
tSfPolicyId
|
|
);
|
|
char * sfPolicyGet(
|
|
tSfPolicyConfig *,
|
|
tSfPolicyId
|
|
);
|
|
int sfVlanAddBinding(
|
|
tSfPolicyConfig *,
|
|
int,
|
|
char *
|
|
);
|
|
tSfPolicyId sfVlanGetBinding(
|
|
tSfPolicyConfig *,
|
|
int
|
|
);
|
|
void sfVlanDeleteBinding(
|
|
tSfPolicyConfig *,
|
|
int
|
|
);
|
|
unsigned int sfGetApplicablePolicyId(
|
|
tSfPolicyConfig *,
|
|
int,
|
|
snort_ip_p,
|
|
snort_ip_p
|
|
);
|
|
int sfNetworkAddBinding(
|
|
tSfPolicyConfig *,
|
|
sfip_t *,
|
|
char *
|
|
);
|
|
unsigned int sfNetworkGetBinding(
|
|
tSfPolicyConfig *,
|
|
snort_ip_p
|
|
);
|
|
void sfNetworkDeleteBinding(
|
|
tSfPolicyConfig *,
|
|
snort_ip_p
|
|
);
|
|
|
|
static INLINE tSfPolicyId sfGetDefaultPolicy(
|
|
tSfPolicyConfig *config
|
|
)
|
|
{
|
|
if (config == NULL)
|
|
return 0;
|
|
|
|
return config->defaultPolicyId;
|
|
}
|
|
|
|
static INLINE void sfSetDefaultPolicy(
|
|
tSfPolicyConfig *config,
|
|
tSfPolicyId policyId
|
|
)
|
|
{
|
|
if ((config == NULL) || (policyId >= config->numAllocatedPolicies))
|
|
return;
|
|
|
|
config->defaultPolicyId = policyId;
|
|
}
|
|
|
|
static INLINE tSfPolicyId sfPolicyNumAllocated(
|
|
tSfPolicyConfig *config
|
|
)
|
|
{
|
|
if (config == NULL)
|
|
return 0;
|
|
|
|
return config->numAllocatedPolicies;
|
|
}
|
|
|
|
/* dynamic array functions */
|
|
int sfDynArrayCheckBounds (
|
|
void ** dynArray,
|
|
unsigned int index,
|
|
unsigned int *maxElements
|
|
);
|
|
#endif
|