return nullptr;
}
- sprintf(port_string, "%5d", (cfg->base_port + instance));
+ snprintf(port_string, sizeof(port_string), "%5hu", static_cast<uint16_t>(cfg->base_port + instance));
TcpConnector* tcp_connector;
if ( EventTrace_IsEnabled() )
EventTrace_Log(p, otn, action);
- PacketTracer::log("Event: %d:%d:%d, Action %s\n",
+ PacketTracer::log("Event: %u:%u:%u, Action %s\n",
otn->sigInfo.gid, otn->sigInfo.sid, otn->sigInfo.rev,
get_action_string((RuleType)action));
va_list ap;
va_start(ap, format);
- WriteLogMessage(fh, fh != stdout, format, ap);
+ WriteLogMessage(fh, (fh != stdout && fh != stderr), format, ap);
va_end(ap);
}
}
}
-void log_safec_error(const char* msg, void*, int e)
+NORETURN_ASSERT void log_safec_error(const char* msg, void*, int e)
{
static THREAD_LOCAL unsigned safec_errors = 0;
// FIXIT-M do not call FatalError() during runtime
[[noreturn]] SO_PUBLIC void FatalError(const char*, ...) __attribute__((format (printf, 1, 2)));
-[[noreturn]] void log_safec_error(const char*, void*, int);
+NORETURN_ASSERT void log_safec_error(const char*, void*, int);
class Dumper
{
p->ptrs.ip_api.get_src()->ntop(sipstr, sizeof(sipstr));
p->ptrs.ip_api.get_dst()->ntop(dipstr, sizeof(dipstr));
- log("%s:%u -> %s:%u proto %u\n",
+ log("%s:%hu -> %s:%hu proto %u\n",
sipstr, p->ptrs.sp, dipstr, p->ptrs.dp, (unsigned)p->ptrs.ip_api.proto());
log("Packet: %s", p->get_type());
if (p->type() == PktType::TCP)
string Shell::fatal;
-int Shell::panic(lua_State* L)
+[[noreturn]] int Shell::panic(lua_State* L)
{
fatal = lua_tostring(L, -1);
throw runtime_error(fatal);
{ return loaded; }
private:
- static int panic(lua_State*);
+ [[noreturn]] static int panic(lua_State*);
static std::string fatal;
private:
int inject = 0;
verdict = update_verdict(verdict, inject);
- PacketTracer::log("NAP id %d, IPS id %d, Verdict %s\n",
+ PacketTracer::log("NAP id %u, IPS id %u, Verdict %s\n",
get_network_policy()->policy_id, get_ips_policy()->policy_id,
SFDAQ::verdict_to_string(verdict));
#define UNUSED(x) (void)(x)
+#ifdef NDEBUG
+#define NORETURN_ASSERT
+#else
+#define NORETURN_ASSERT [[noreturn]]
+#endif
+
#ifndef SO_PUBLIC
#if defined _WIN32 || defined __CYGWIN__
# ifdef __GNUC__
// metadata
// -----------------------------------------------------------------------------
-struct Metadata
+// NOTE: This structure must be aligned to max_align_t as long as we are prepending
+// it to memory allocations so that the returned memory is also aligned.
+struct alignas(max_align_t) Metadata
{
#if defined(REG_TEST) || defined(UNIT_TEST)
static constexpr size_t SANITY_CHECK_VALUE = 0xabcdef;
delete appid_peg_counts;
}
-void AppIdPegCounts::init_detector_peg_info(std::string& app_name, std::string name_suffix,
- std::string help_suffix)
+void AppIdPegCounts::init_detector_peg_info(const std::string& app_name, const std::string& name_suffix,
+ const std::string& help_suffix)
{
std::string name = app_name + name_suffix;
std::string help = "count of ";
static std::vector<PegInfo> appid_pegs;
static THREAD_LOCAL std::vector<PegCount>* appid_peg_counts;
- static void init_detector_peg_info(std::string& app_name, std::string name_suffix,
- std::string help_suffix);
+ static void init_detector_peg_info(const std::string& app_name, const std::string& name_suffix,
+ const std::string& help_suffix);
};
#endif
// number of normalization functions is odd or even, the initial buffer is chosen so that the
// final normalization leaves the normalized header value in norm_value.
- uint8_t* const norm_value = new uint8_t[buffer_length];
- uint8_t* const temp_space = new uint8_t[buffer_length];
- memset(norm_value, 0, buffer_length);
- memset(temp_space, 0, buffer_length);
+ uint8_t* const norm_value = new uint8_t[buffer_length]();
+ uint8_t* const temp_space = new uint8_t[buffer_length]();
uint8_t* const norm_start = (num_normalizers%2 == 0) ? norm_value : temp_space;
uint8_t* working = norm_start;
int32_t data_length = 0;
{
if (HttpTestManager::use_test_output())
{
- fprintf(HttpTestManager::get_output_file(), "Sent to detection %u octets\n\n",
+ fprintf(HttpTestManager::get_output_file(), "Sent to detection %hu octets\n\n",
p->dsize);
fflush(HttpTestManager::get_output_file());
}
#include "sf_ipvar.h"
-#include <assert.h>
+#include <cassert>
#include "utils/util.h"
#include "sf_cidr.h"
#ifdef UNIT_TEST
#include "catch/catch.hpp"
+#include "utils/util_cstring.h"
#endif
+
#define LIST_OPEN '['
#define LIST_CLOSE ']'
#ifdef UNIT_TEST
#define SFIPVAR_TEST_BUFF_LEN 512
static char sfipvar_test_buff[SFIPVAR_TEST_BUFF_LEN];
-extern int safe_snprintf(char* s, size_t n, const char* format, ... );
-void print_var_list(sfip_node_t* var_list, bool print_bits = false)
+static void print_var_list(sfip_node_t* var_list, bool print_bits = false)
{
int n = 0;
for(sfip_node_t* p = var_list; p; p = p->next)
StreamFile(bool b)
{ config.upload = b; }
- void eval(Packet*) override;
+ NORETURN_ASSERT void eval(Packet*) override;
StreamFileConfig config;
};
-void StreamFile::eval(Packet*)
+NORETURN_ASSERT void StreamFile::eval(Packet*)
{
// session::process() instead
assert(false);
~StreamIcmp();
void show(SnortConfig*) override;
- void eval(Packet*) override;
+ NORETURN_ASSERT void eval(Packet*) override;
private:
StreamIcmpConfig* config;
icmp_show(config);
}
-void StreamIcmp::eval(Packet*)
+NORETURN_ASSERT void StreamIcmp::eval(Packet*)
{
// session::process() instead
assert(false);
bool configure(SnortConfig*) override;
void show(SnortConfig*) override;
- void eval(Packet*) override;
+ NORETURN_ASSERT void eval(Packet*) override;
public:
StreamIpConfig* config;
defrag->show(sc);
}
-void StreamIp::eval(Packet*)
+NORETURN_ASSERT void StreamIp::eval(Packet*)
{
// session::process() instead
assert(false);
void tinit() override;
void tterm() override;
- void eval(Packet*) override;
+ NORETURN_ASSERT void eval(Packet*) override;
public:
TcpStreamConfig* config;
TcpHAManager::tterm();
}
-void StreamTcp::eval(Packet*)
+NORETURN_ASSERT void StreamTcp::eval(Packet*)
{
// uses session::process() instead
assert(false);
~StreamUdp();
void show(SnortConfig*);
- void eval(Packet*);
+ NORETURN_ASSERT void eval(Packet*);
public:
StreamUdpConfig* config;
udp_show(config);
}
-void StreamUdp::eval(Packet*)
+NORETURN_ASSERT void StreamUdp::eval(Packet*)
{
// session::process() instead
assert(false);
void show(SnortConfig*) override;
- void eval(Packet*) override;
+ NORETURN_ASSERT void eval(Packet*) override;
public:
StreamUserConfig* config;
user_show(config);
}
-void StreamUser::eval(Packet*)
+NORETURN_ASSERT void StreamUser::eval(Packet*)
{
// session::process() instead
assert(false);
<< "-t: Tail mode for reading live files\n";
}
-static void error(string e)
+static void error(const string& e)
{
if( done )
return;
virtual bool convert(std::istringstream& data_stream);
template<typename T>
- bool add_or_append(const std::string opt_name, T val)
+ bool add_or_append(const std::string& opt_name, T val)
{
if ( table_api.option_exists(opt_name) )
{
}
template<typename T>
- bool append_if_exists(const std::string opt_name, T val)
+ bool append_if_exists(const std::string& opt_name, T val)
{
if ( table_api.option_exists(opt_name) )
{
return false;
}
- inline bool parse_string_option(std::string opt_name,
+ inline bool parse_string_option(const std::string& opt_name,
std::istringstream& stream)
{
std::string val;
return true;
}
- table_api.add_comment("snort.conf missing argument for: " + opt_name + " <int>");
+ table_api.add_comment("snort.conf missing argument for: " + opt_name + " <string>");
return false;
}
- inline bool parse_int_option(std::string opt_name,
+ inline bool parse_int_option(const std::string& opt_name,
std::istringstream& stream, bool append)
{
int val;
}
// parse and add a curly bracketed list to the table
- inline bool parse_curly_bracket_list(std::string list_name, std::istringstream& stream)
+ inline bool parse_curly_bracket_list(const std::string& list_name, std::istringstream& stream)
{
std::string elem;
bool retval = true;
}
// parse and add a yes/no boolean option.
- inline bool parse_yn_bool_option(std::string opt_name, std::istringstream& stream, bool append)
+ inline bool parse_yn_bool_option(const std::string& opt_name, std::istringstream& stream, bool append, const char* yes = "yes", const char* no = "no")
{
std::string val;
if (!(stream >> val))
return false;
- else if (!val.compare("yes"))
+ else if (!val.compare(yes))
{
if (append)
{
else
return table_api.add_option(opt_name, true);
}
- else if (!val.compare("no"))
+ else if (!val.compare(no))
{
if (append)
{
}
// parse a curly bracketed bit and add it to the table
- inline bool parse_bracketed_byte_list(std::string list_name, std::istringstream& stream)
+ inline bool parse_bracketed_byte_list(const std::string& list_name, std::istringstream& stream)
{
std::string elem;
bool retval = true;
}
// parse and add a curly bracket list '{...}' which is currently unsupported in Snort++
- inline bool parse_bracketed_unsupported_list(std::string list_name, std::istringstream& stream)
+ inline bool parse_bracketed_unsupported_list(const std::string& list_name, std::istringstream& stream)
{
std::string tmp = "";
std::string elem;
return table_api.add_option("--" + list_name, tmp);
}
- inline bool parse_deleted_option(std::string opt_name,
+ inline bool parse_deleted_option(const std::string& opt_name,
std::istringstream& stream)
{
std::string val;
#include "data/data_types/dt_include.h"
-Include::Include(std::string include_name) : file_name(include_name) { }
+Include::Include(const std::string& include_name) : file_name(include_name) { }
Include::~Include() { }
// overloading operators
{
public:
- Include(std::string file_name);
+ Include(const std::string& file_name);
virtual ~Include();
// overloading operators
}
}
-Option::Option(std::string n, int val, int d)
+Option::Option(const std::string& n, int val, int d)
{
this->name = n;
this->value = std::to_string(val);
this->type = OptionType::INT;
}
-Option::Option(std::string n, bool v, int d)
+Option::Option(const std::string& n, bool v, int d)
{
this->name = n;
this->value = (v) ? "true" : "false";
this->type = OptionType::BOOL;
}
-Option::Option(std::string opt_name, std::string val, int d)
+Option::Option(const std::string& opt_name, std::string val, int d)
{
this->name = opt_name;
this->depth = d;
{
public:
Option(std::string val, int depth);
- Option(std::string name, int val, int depth);
- Option(std::string name, bool val, int depth);
- Option(std::string name, std::string val, int depth);
+ Option(const std::string& name, int val, int depth);
+ Option(const std::string& name, bool val, int depth);
+ Option(const std::string& name, std::string val, int depth);
virtual ~Option();
- inline std::string get_name()
+ inline const std::string& get_name()
{ return name; }
- inline std::string get_value()
+ inline const std::string& get_value()
{ return value; }
void set_print_whitespace(bool w)
delete ro;
}
-bool Rule::add_hdr_data(std::string data)
+bool Rule::add_hdr_data(const std::string& data)
{
if (num_hdr_data < hdr_data.size())
{
}
}
-void Rule::update_rule_action(std::string new_type)
+void Rule::update_rule_action(const std::string& new_type)
{ hdr_data[0] = new_type; }
void Rule::bad_rule()
{ is_bad_rule = true; }
-void Rule::add_comment(std::string new_comment)
+void Rule::add_comment(const std::string& new_comment)
{ comments.push_back("# " + new_comment); }
void Rule::make_comment()
{ is_comment = true; }
-void Rule::add_option(std::string keyword)
+void Rule::add_option(const std::string& keyword)
{
RuleOption* r = new RuleOption(keyword);
options.push_back(r);
}
-void Rule::add_option(std::string keyword, std::string data)
+void Rule::add_option(const std::string& keyword, const std::string& data)
{
RuleOption* r = new RuleOption(keyword, data);
options.push_back(r);
}
-void Rule::add_suboption(std::string keyword)
+void Rule::add_suboption(const std::string& keyword)
{ options.back()->add_suboption(keyword); }
-void Rule::add_suboption(std::string keyword, std::string val)
+void Rule::add_suboption(const std::string& keyword, const std::string& val)
{ options.back()->add_suboption(keyword, val); }
-void Rule::set_curr_options_buffer(std::string new_buffer, bool add_option)
+void Rule::set_curr_options_buffer(const std::string& new_buffer, bool add_option)
{
/* set the buffer if
* 1) No buffer has been set and this is not the default "pkt_data" buffer
Rule();
virtual ~Rule();
- bool add_hdr_data(std::string data);
- void add_option(std::string keyword);
- void add_option(std::string keyword, std::string data);
- void add_suboption(std::string keyword);
- void add_suboption(std::string keyword, std::string val);
- void set_curr_options_buffer(std::string buffer, bool add_option);
- void update_rule_action(std::string);
-
- void add_comment(std::string comment);
+ bool add_hdr_data(const std::string& data);
+ void add_option(const std::string& keyword);
+ void add_option(const std::string& keyword, const std::string& data);
+ void add_suboption(const std::string& keyword);
+ void add_suboption(const std::string& keyword, const std::string& val);
+ void set_curr_options_buffer(const std::string& buffer, bool add_option);
+ void update_rule_action(const std::string&);
+
+ void add_comment(const std::string& comment);
void bad_rule();
void make_comment();
#include "data/data_types/dt_rule_option.h"
#include "data/data_types/dt_rule_suboption.h"
-RuleOption::RuleOption(std::string n) :
+RuleOption::RuleOption(const std::string& n) :
name(n),
value(std::string())
{ }
-RuleOption::RuleOption(std::string n, std::string v)
+RuleOption::RuleOption(const std::string& n, const std::string& v)
: name(n),
value(v)
{ }
delete rso;
}
-bool RuleOption::add_suboption(std::string subopt_name)
+bool RuleOption::add_suboption(const std::string& subopt_name)
{
RuleSubOption* subopt = new RuleSubOption(subopt_name);
sub_options.push_back(subopt);
return true;
}
-bool RuleOption::add_suboption(std::string subopt_name,
- std::string val)
+bool RuleOption::add_suboption(const std::string& subopt_name,
+ const std::string& val)
{
RuleSubOption* subopt = new RuleSubOption(subopt_name, val);
sub_options.push_back(subopt);
class RuleOption
{
public:
- RuleOption(std::string name);
- RuleOption(std::string name, std::string val);
+ RuleOption(const std::string& name);
+ RuleOption(const std::string& name, const std::string& val);
virtual ~RuleOption();
- inline std::string get_name() { return name; }
+ inline const std::string& get_name() { return name; }
- bool add_suboption(std::string name);
- bool add_suboption(std::string name, std::string val);
+ bool add_suboption(const std::string& name);
+ bool add_suboption(const std::string& name, const std::string& val);
// overloading operators
friend std::ostream& operator<<(std::ostream&, const RuleOption&);
#include <string>
#include "data/data_types/dt_rule_suboption.h"
-RuleSubOption::RuleSubOption(std::string n)
+RuleSubOption::RuleSubOption(const std::string& n)
: name(n),
value(std::string())
{
}
-RuleSubOption::RuleSubOption(std::string n, std::string v)
+RuleSubOption::RuleSubOption(const std::string& n, const std::string& v)
: name(n),
value(v)
{
class RuleSubOption
{
public:
- RuleSubOption(std::string name);
- RuleSubOption(std::string name, std::string val);
+ RuleSubOption(const std::string& name);
+ RuleSubOption(const std::string& name, const std::string& val);
virtual ~RuleSubOption();
// overloading operators
#include "data/data_types/dt_var.h"
#include "data/data_types/dt_comment.h"
-static inline Table* find_table(std::vector<Table*> vec, std::string name)
+static inline Table* find_table(std::vector<Table*> vec, const std::string& name)
{
if (name.empty())
return nullptr;
Comments::CommentType::SINGLE_LINE);
}
-Table::Table(std::string table_name, int d)
+Table::Table(const std::string& table_name, int d)
{
this->name = table_name;
this->depth = d;
return t;
}
-Table* Table::open_table(std::string table_name)
+Table* Table::open_table(const std::string& table_name)
{
Table* t = find_table(tables, table_name);
return t;
}
-bool Table::add_option(std::string value)
+bool Table::add_option(const std::string& value)
{
Option* o = new Option(value, depth + 1);
options.push_back(o);
return true;
}
-bool Table::add_option(std::string opt_name, int value)
+bool Table::add_option(const std::string& opt_name, int value)
{
if (has_option(opt_name, value))
return true;
return true;
}
-bool Table::add_option(std::string opt_name, bool value)
+bool Table::add_option(const std::string& opt_name, bool value)
{
if (has_option(opt_name, value))
return true;
return true;
}
-bool Table::add_option(std::string opt_name, std::string value)
+bool Table::add_option(const std::string& opt_name, const std::string& value)
{
if (has_option(opt_name, value))
return true;
return true;
}
-void Table::append_option(std::string opt_name, int value)
+void Table::append_option(const std::string& opt_name, int value)
{
if (!has_option(opt_name, value))
{
}
}
-void Table::append_option(std::string opt_name, bool value)
+void Table::append_option(const std::string& opt_name, bool value)
{
if (!has_option(opt_name, value))
{
}
}
-void Table::append_option(std::string opt_name, std::string value)
+void Table::append_option(const std::string& opt_name, const std::string& value)
{
if (!has_option(opt_name, value))
{
}
}
-bool Table::add_list(std::string list_name, std::string next_elem)
+bool Table::add_list(const std::string& list_name, const std::string& next_elem)
{
for (auto l : lists)
if (l->get_name() == list_name)
return var->add_value(next_elem);
}
-bool Table::has_option(const std::string opt_name)
+bool Table::has_option(const std::string& opt_name)
{
for (Option* o : options)
if (!opt_name.compare(o->get_name()))
return false;
}
-bool Table::get_option(const std::string opt_name, std::string& value)
+bool Table::get_option(const std::string& opt_name, std::string& value)
{
for (Option* o : options)
if (!opt_name.compare(o->get_name()))
return false;
}
-bool Table::has_option(Option opt)
+bool Table::has_option(const Option& opt)
{
for (Option* o : options)
if ( (*o) == opt)
return false;
}
-bool Table::has_option(std::string opt_name, int val)
+bool Table::has_option(const std::string& opt_name, int val)
{
Option opt(opt_name, val, depth + 1);
return has_option(opt);
}
-bool Table::has_option(std::string opt_name, bool val)
+bool Table::has_option(const std::string& opt_name, bool val)
{
Option opt(opt_name, val, depth + 1);
return has_option(opt);
}
-bool Table::has_option(std::string opt_name, std::string val)
+bool Table::has_option(const std::string& opt_name, const std::string& val)
{
Option opt(opt_name, val, depth + 1);
return has_option(opt);
}
-void Table::add_comment(std::string c)
+void Table::add_comment(const std::string& c)
{
comments->add_sorted_text(c);
}
{
public:
Table(int depth);
- Table(std::string name, int depth);
+ Table(const std::string& name, int depth);
virtual ~Table();
- inline std::string get_name() { return name; }
+ inline const std::string& get_name() { return name; }
void set_one_line(bool o) { one_line = o; }
void set_print_whitespace(bool w) { print_whitespace = w; }
bool has_differences();
Table* open_table();
- Table* open_table(std::string);
- bool add_option(std::string val);
- bool add_option(std::string, int val);
- bool add_option(std::string, bool val);
- bool add_option(std::string, std::string val);
- bool add_list(std::string, std::string next_elem);
- void add_comment(std::string comment);
- bool has_option(const std::string);
- bool get_option(const std::string opt_name, std::string& value);
+ Table* open_table(const std::string&);
+ bool add_option(const std::string& val);
+ bool add_option(const std::string&, int val);
+ bool add_option(const std::string&, bool val);
+ bool add_option(const std::string&, const std::string& val);
+ bool add_list(const std::string&, const std::string& next_elem);
+ void add_comment(const std::string& comment);
+ bool has_option(const std::string&);
+ bool get_option(const std::string& opt_name, std::string& value);
/* emit options after table has finished printing.
These options will be appended to the previous table as supposed
to overwriting the entire table */
- void append_option(std::string opt_name, int val);
- void append_option(std::string opt_name, bool val);
- void append_option(std::string opt_name, std::string val);
+ void append_option(const std::string& opt_name, int val);
+ void append_option(const std::string& opt_name, bool val);
+ void append_option(const std::string& opt_name, const std::string& val);
friend std::ostream& operator<<(std::ostream&, const Table&);
std::vector<Variable*> lists;
std::vector<Option*> append_options;
- bool has_option(std::string name, int val);
- bool has_option(std::string name, bool val);
- bool has_option(std::string name, std::string val);
- bool has_option(Option o);
+ bool has_option(const std::string& name, int val);
+ bool has_option(const std::string& name, bool val);
+ bool has_option(const std::string& name, const std::string& val);
+ bool has_option(const Option& o);
};
#endif
#include "data/dt_data.h"
#include "helpers/s2l_util.h"
-Variable::Variable(std::string name, int depth)
+Variable::Variable(const std::string& name, int depth)
{
this->name = name;
this->depth = depth;
}
-Variable::Variable(std::string name)
+Variable::Variable(const std::string& name)
{
this->name = name;
this->depth = 0;
static inline void print_newline(std::ostream& out,
std::size_t& count,
- std::string whitespace)
+ const std::string& whitespace)
{
out << "\n" << whitespace;
count = whitespace.size();
class Variable
{
public:
- Variable(std::string name, int depth);
- Variable(std::string name);
+ Variable(const std::string& name, int depth);
+ Variable(const std::string& name);
virtual ~Variable();
- inline std::string get_name() { return name; }
+ inline const std::string& get_name() { return name; }
std::string get_value(DataApi*);
bool add_value(std::string);
char varmodifier;
const char* varcontents;
std::size_t varname_completed, i, j, iv, jv, l_string, name_only;
- char c;
int quote_toggle = 0;
if (string.empty() || string.rfind('$') == std::string::npos)
while (i < l_string && j < std::string::npos)
{
- c = string[i++];
+ char c = string[i++];
if (c == '"')
{
return error_string;
}
-void DataApi::error(const std::string error)
+void DataApi::error(const std::string& error)
{
errors->add_text(error);
errors_count++;
}
-void DataApi::failed_conversion(const std::istringstream& stream, const std::string unknown_option)
+void DataApi::failed_conversion(const std::istringstream& stream, const std::string& unknown_option)
{
// we only need to go through this once.
if (!curr_data_bad)
return true;
}
-void DataApi::developer_error(std::string error_string)
+void DataApi::developer_error(const std::string& error_string)
{
dev_warnings++;
inline static bool is_difference_mode() { return mode == PrintMode::DIFFERENCES; }
// For problems with the Snort2Lua code, NOT with the snort configuration
- static void developer_error(std::string comment);
+ static void developer_error(const std::string& comment);
// given a Snort-style string, replace all of the variables with their values.
std::string expand_vars(const std::string&);
// Call when failed to convert a line.
// stream == the stringstream object which failed to convert
// unknown_option is the specific option which caused the failure.
- void failed_conversion(const std::istringstream& stream, const std::string unkown_option = "");
- void error(const std::string);
+ void failed_conversion(const std::istringstream& stream, const std::string& unkown_option = "");
+ void error(const std::string&);
- void set_current_file(std::string& file)
+ void set_current_file(const std::string& file)
{ current_file = &file; }
void set_current_line(unsigned line)
Comments* unsupported;
bool curr_data_bad; // keep track whether current 'conversion' is already bad
- std::string* current_file;
+ const std::string* current_file;
unsigned current_line;
std::string get_file_line();
curr_rule->make_comment();
}
-void RuleApi::bad_rule(std::istringstream& stream, std::string bad_option)
+void RuleApi::bad_rule(std::istringstream& stream, const std::string& bad_option)
{
if (!curr_rule)
begin_rule();
bad_rules->add_text("^^^^ unknown_option=" + bad_option);
}
-void RuleApi::include_rule_file(std::string file_name)
+void RuleApi::include_rule_file(const std::string& file_name)
{
if (curr_rule)
{
}
}
-void RuleApi::add_hdr_data(std::string data)
+void RuleApi::add_hdr_data(const std::string& data)
{
if (!curr_rule)
begin_rule();
curr_rule->add_hdr_data(data);
}
-void RuleApi::update_rule_action(std::string new_type)
+void RuleApi::update_rule_action(const std::string& new_type)
{
if (!curr_rule)
{
}
}
-void RuleApi::add_option(std::string opt_name)
+void RuleApi::add_option(const std::string& opt_name)
{
if (!curr_rule)
begin_rule();
curr_rule->add_option(opt_name);
}
-void RuleApi::add_option(std::string opt_name, std::string val)
+void RuleApi::add_option(const std::string& opt_name, const std::string& val)
{
if (!curr_rule)
begin_rule();
curr_rule->add_option(opt_name, val);
}
-void RuleApi::add_suboption(std::string keyword)
+void RuleApi::add_suboption(const std::string& keyword)
{
if (curr_rule)
curr_rule->add_suboption(keyword);
DataApi::developer_error("Add some header data before adding content!!");
}
-void RuleApi::add_suboption(std::string keyword,
- std::string val)
+void RuleApi::add_suboption(const std::string& keyword,
+ const std::string& val)
{
if (curr_rule)
curr_rule->add_suboption(keyword, val);
DataApi::developer_error("Add some header data before adding content!!");
}
-void RuleApi::set_curr_options_buffer(std::string buffer, bool add_option)
+void RuleApi::set_curr_options_buffer(const std::string& buffer, bool add_option)
{
if (curr_rule)
curr_rule->set_curr_options_buffer(buffer, add_option);
DataApi::developer_error("Add some header data before adding content!!");
}
-void RuleApi::add_comment(std::string comment)
+void RuleApi::add_comment(const std::string& comment)
{
if (!curr_rule)
begin_rule();
void swap_rules(std::vector<Rule*>&); // FIXIT-L ?
// include a snort-style rule file!
- void include_rule_file(std::string file_name);
+ void include_rule_file(const std::string& file_name);
// Create a given rule
- void add_hdr_data(std::string data);
- void update_rule_action(std::string new_type);
- void add_option(std::string keyword);
- void add_option(std::string keyword, std::string val);
- void add_suboption(std::string keyword);
- void add_suboption(std::string keyword, std::string val);
- void set_curr_options_buffer(std::string buffer, bool add_option=false);
-
- void add_comment(std::string coment);
+ void add_hdr_data(const std::string& data);
+ void update_rule_action(const std::string& new_type);
+ void add_option(const std::string& keyword);
+ void add_option(const std::string& keyword, const std::string& val);
+ void add_suboption(const std::string& keyword);
+ void add_suboption(const std::string& keyword, const std::string& val);
+ void set_curr_options_buffer(const std::string& buffer, bool add_option=false);
+
+ void add_comment(const std::string& comment);
void make_rule_a_comment();
- void bad_rule(std::istringstream& stream, std::string bad_option);
+ void bad_rule(std::istringstream& stream, const std::string& bad_option);
private:
static std::size_t error_count;
}
template<typename T>
-bool TableApi::do_add_option(const std::string opt_name, T val, const std::string s_val)
+bool TableApi::do_add_option(const std::string& opt_name, T val, const std::string& s_val)
{
if ( should_delegate() )
return delegate->add_option(opt_name, val);
return true;
}
-bool TableApi::add_option(const std::string val)
+bool TableApi::add_option(const std::string& val)
{
if ( should_delegate() )
return delegate->add_option(val);
return true;
}
-bool TableApi::add_option(const std::string option_name, const std::string val)
+bool TableApi::add_option(const std::string& option_name, const std::string& val)
{ return do_add_option(option_name, val, val); }
-bool TableApi::add_option(const std::string option_name, const int val)
+bool TableApi::add_option(const std::string& option_name, const int val)
{ return do_add_option(option_name, val, std::to_string(val)); }
-bool TableApi::add_option(const std::string option_name, const bool val)
+bool TableApi::add_option(const std::string& option_name, const bool val)
{ return do_add_option(option_name, val, std::to_string(val)); }
// compilers are fickle and dangerous creatures. Ensure a literal gets
bool TableApi::add_option(const char* const v)
{ return add_option(std::string(v)); }
-bool TableApi::add_option(const std::string name, const char* const v)
+bool TableApi::add_option(const std::string& name, const char* const v)
{ return add_option(name, std::string(v)); }
void TableApi::create_append_data(std::string& fqn, Table*& t)
}
template<typename T>
-void TableApi::do_append_option(const std::string option_name, const T val, const std::string s_val)
+void TableApi::do_append_option(const std::string& option_name, const T val, const std::string& s_val)
{
if ( should_delegate() )
{
+ option_name + " = " + s_val);
}
-void TableApi::append_option(const std::string option_name, const std::string val)
+void TableApi::append_option(const std::string& option_name, const std::string& val)
{ do_append_option(option_name, val, val); }
-void TableApi::append_option(const std::string option_name, const int val)
+void TableApi::append_option(const std::string& option_name, const int val)
{ do_append_option(option_name, val, std::to_string(val)); }
-void TableApi::append_option(const std::string option_name, const bool val)
+void TableApi::append_option(const std::string& option_name, const bool val)
{ do_append_option(option_name, val, std::to_string(val)); }
-void TableApi::append_option(const std::string name, const char* const v)
+void TableApi::append_option(const std::string& name, const char* const v)
{ append_option(name, std::string(v)); }
bool TableApi::add_list(std::string list_name, std::string next_elem)
return true;
}
-bool TableApi::option_exists(const std::string name)
+bool TableApi::option_exists(const std::string& name)
{
if ( should_delegate() )
return delegate->option_exists(name);
tables.swap(new_tables);
}
-bool TableApi::get_option_value(const std::string name, std::string& value)
+bool TableApi::get_option_value(const std::string& name, std::string& value)
{
if ( should_delegate() )
return delegate->get_option_value(name, value);
* The add_option variants without an option name are used to add "anonymous" options
* for the purpose of creating arrays.
*/
- bool add_option(const std::string val);
+ bool add_option(const std::string& val);
bool add_option(const char* const v);
- bool add_option(const std::string opt_name, const std::string val);
- bool add_option(const std::string opt_name, const int val);
- bool add_option(const std::string opt_name, const bool val);
- bool add_option(const std::string opt_name, const char* const v);
+ bool add_option(const std::string& opt_name, const std::string& val);
+ bool add_option(const std::string& opt_name, const int val);
+ bool add_option(const std::string& opt_name, const bool val);
+ bool add_option(const std::string& opt_name, const char* const v);
// sometimes, you may need to create a default option, before overwriting that
// option later. For instance, if you have a default table, and then you
// need to overwrite a single option in that default table, you can use these
// methods to overwrite that option.
- void append_option(const std::string opt_name, const std::string val);
- void append_option(const std::string opt_name, const int val);
- void append_option(const std::string opt_name, const bool val);
- void append_option(const std::string opt_name, const char* const v);
+ void append_option(const std::string& opt_name, const std::string& val);
+ void append_option(const std::string& opt_name, const int val);
+ void append_option(const std::string& opt_name, const bool val);
+ void append_option(const std::string& opt_name, const char* const v);
// add an option with a list of variables --> table = { name = 'elem1 elem2 ...' }
// corresponds to Parameter::PT_MULTI
bool add_unsupported_comment(std::string unsupported_var);
// return true if this name exists as an option name for the selected table
- bool option_exists(const std::string name);
+ bool option_exists(const std::string& name);
// return true if this name exists as an option name for the selected table
// and value updated successfully
- bool get_option_value(const std::string name, std::string& value);
+ bool get_option_value(const std::string& name, std::string& value);
private:
template<typename T>
- bool do_add_option(const std::string opt_name, const T val, const std::string s_val);
+ bool do_add_option(const std::string& opt_name, const T val, const std::string& s_val);
template<typename T>
- void do_append_option(const std::string opt_name, const T val, const std::string s_val);
+ void do_append_option(const std::string& opt_name, const T val, const std::string& s_val);
void create_append_data(std::string& fqn, Table*& t);
bool should_delegate() const;
bool Converter::convert_conf_mult_files = true;
Converter::Converter()
- : state(nullptr),
- table_api(&top_table_api, table_delegation),
+ : table_api(&top_table_api, table_delegation),
+ state(nullptr),
error(false),
multiline_state(false)
{
rule_api.reset_state();
}
-int Converter::parse_include_file(std::string input_file)
+int Converter::parse_include_file(const std::string& input_file)
{
std::vector<Variable*> vars;
std::vector<Table*> tables;
return rc;
}
-int Converter::parse_file(std::string input_file, bool reset)
+int Converter::parse_file(const std::string& input_file, bool reset)
{
std::ifstream in;
std::string orig_text;
binders.pop_back();
}
-int Converter::convert(std::string input,
- std::string output_file,
+int Converter::convert(const std::string& input,
+ const std::string& output_file,
std::string rule_file,
std::string error_file)
{
Binder& make_binder();
Binder& make_pending_binder(int ips_policy_id);
- int convert(std::string input,
- std::string output,
+ int convert(const std::string& input,
+ const std::string& output,
std::string rules, // defaults to output_file
std::string errors); // defaults to output_file
// parse a file without creating an entirely new Lua configuration
- int parse_include_file(std::string input_file);
+ int parse_include_file(const std::string& input_file);
// set the next parsing state.
void set_state(ConversionState* c, bool delete_old = true);
// reset the current parsing state
void reset_state();
// parse an include file. Use this function to ensure all set options are properly
- int parse_file(std::string file, bool reset = true);
+ int parse_file(const std::string& file, bool reset = true);
bool failed_conversions() const
{ return data_api.failed_conversions() || rule_api.failed_conversions(); }
return s;
}
-std::size_t get_substr_length(std::string str, std::size_t max_length)
+std::size_t get_substr_length(const std::string& str, std::size_t max_length)
{
std::size_t str_len;
bool get_string(std::istringstream& stream,
std::string& option,
- const std::string delimiters)
+ const std::string& delimiters)
{
if (delimiters.empty() || !stream.good())
{
}
std::string rule_option_find_val(std::istringstream& data_stream,
- std::string opt_name)
+ const std::string& opt_name)
{
std::string rule_keyword;
std::string val = std::string();
*/
bool get_string(std::istringstream& data_stream,
std::string& option,
- const std::string delimiters);
+ const std::string& delimiters);
/*
* Returns the rest of the data_streams data as one argument.
*
*/
std::string rule_option_find_val(std::istringstream& data_stream,
- std::string opt_name);
+ const std::string& opt_name);
// remove any ']]' and double spaces from this string.
std::string& sanitize_lua_string(std::string& s);
// find the location of the first space before max_str_length.
// if no space exists before max_str_length, return the first space
// after max_length. Otherwise, return std::string::npos
-std::size_t get_substr_length(std::string s, std::size_t max_length);
+std::size_t get_substr_length(const std::string& s, std::size_t max_length);
bool case_compare(std::string, std::string);
bool is_regular_file(std::string& path);
"hosts.tcp_policy = hpux11");
table_api.add_option("tcp_policy", "hpux11");
}
- else if (!policy.compare("macos"))
- table_api.add_option("tcp_policy", "macos");
else if (!policy.compare("unknown"))
table_api.add_deleted_comment("<STREAM_POLICY>unknown</STREAM_POLICY>");
class Filter : public ConversionState
{
public:
- Filter(Converter& c, std::string s) : ConversionState(c), type(s) { }
+ Filter(Converter& c, const std::string& s) : ConversionState(c), type(s) { }
virtual ~Filter() { }
virtual bool convert(std::istringstream& data_stream);
// with this program; if not, write to the Free Software Foundation, Inc.,
// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
//--------------------------------------------------------------------------
-// out_sfunified2.cc author Carter Waxman <cwaxman@cisco.com>
+// out_sfunified2.cc author Michael Altizer <mialtize@cisco.com>
#include <sstream>
{
namespace
{
- //FIXIT-L add when available
- static std::string header = "output sf_unified2: ";
-
- template<std::string* header_text>
- static ConversionState* unified2_ctor(Converter& c)
- { return new UnsupportedState<header_text>(c); }
+ class SfUnified2 : public ConversionState
+ {
+ public:
+ SfUnified2(Converter& c) : ConversionState(c) { }
+ virtual ~SfUnified2() { }
+ virtual bool convert(std::istringstream& data_stream);
+ };
} // namespace
+
+ bool SfUnified2::convert(std::istringstream& data_stream)
+ {
+ std::string args;
+ bool retval = true;
+
+ table_api.open_table("firewall_logging");
+
+ while (std::getline(data_stream, args, ','))
+ {
+ bool tmpval = true;
+ std::string keyword;
+
+ std::istringstream arg_stream(args);
+ arg_stream >> keyword;
+
+ if (keyword.empty())
+ continue;
+
+ else if (!keyword.compare("nostamp"))
+ tmpval = table_api.add_option("no_timestamp", true);
+
+ else if (!keyword.compare("mpls_event_types"))
+ tmpval = table_api.add_option("mpls_event_types", true);
+
+ else if (!keyword.compare("vlan_event_types"))
+ tmpval = table_api.add_option("vlan_event_types", true);
+
+ else if (!keyword.compare("filename"))
+ tmpval = parse_string_option("filename", arg_stream);
+
+ else if (!keyword.compare("limit"))
+ tmpval = parse_int_option("file_size_limit", arg_stream, false);
+
+ else
+ tmpval = false;
+
+ if (retval)
+ retval = tmpval;
+ }
+
+ return retval;
+ }
+
/**************************
******* A P I ***********
**************************/
- static const ConvertMap unified2_api =
+ static ConversionState* ctor(Converter& c)
+ {
+ c.get_table_api().open_top_level_table("firewall_logging"); // in case there are no arguments
+ c.get_table_api().close_table();
+ return new SfUnified2(c);
+ }
+
+ static const ConvertMap sfunified2_api =
{
"sf_unified2",
- unified2_ctor<&header>,
+ ctor,
};
- const ConvertMap* sfunified2_map = &unified2_api;
+ const ConvertMap* sfunified2_map = &sfunified2_api;
} // output namespace
table_api.add_diff_option_comment("log_auth", "facility = auth");
tmpval = table_api.add_option("facility", "auth");
}
- else if (!keyword.compare("log_auth"))
- {
- table_api.add_diff_option_comment("log_auth", "facility = auth");
- tmpval = table_api.add_option("facility", "auth");
- }
else if (!keyword.compare("log_authpriv"))
{
table_api.add_diff_option_comment("log_authpriv", "facility = authpriv");
std::string keyword;
std::string args = std::string();
bool retval = true;
- std::string units;
table_api.open_top_level_table("alert_test");
virtual bool convert(std::istringstream& data);
private:
- bool add_deleted_comment_to_defaults(std::string option);
- bool add_option_to_all(std::string option, const bool val, bool co_only);
- bool add_option_to_all(std::string option, const int val, bool co_only);
- bool add_option_to_type(std::string type, std::string option, std::string value);
- bool add_option_to_type(std::string type, std::string option);
- bool parse_int_and_add_to_all(std::string opt_name, std::istringstream& stream, bool co_only);
- bool parse_string_and_add_to_type(std::string type, std::string opt_name,
+ bool add_deleted_comment_to_defaults(const std::string& option);
+ bool add_option_to_all(const std::string& option, const bool val, bool co_only);
+ bool add_option_to_all(const std::string& option, const int val, bool co_only);
+ bool add_option_to_type(const std::string& type, const std::string& option, const std::string& value);
+ bool add_option_to_type(const std::string& type, const std::string& option);
+ bool parse_int_and_add_to_all(const std::string& opt_name, std::istringstream& stream, bool co_only);
+ bool parse_string_and_add_to_type(const std::string& type, const std::string& opt_name,
std::istringstream& stream);
};
-bool Dcerpc::add_option_to_all(std::string option, const bool val, bool co_only)
+bool Dcerpc::add_option_to_all(const std::string& option, const bool val, bool co_only)
{
bool tmpval = true;
return tmpval;
}
-bool Dcerpc::add_option_to_all(std::string option, const int val, bool co_only)
+bool Dcerpc::add_option_to_all(const std::string& option, const int val, bool co_only)
{
bool tmpval = true;
return tmpval;
}
-bool Dcerpc::add_option_to_type(std::string type, std::string option, const std::string val)
+bool Dcerpc::add_option_to_type(const std::string& type, const std::string& option, const std::string& val)
{
- bool tmpval = true;
-
- tmpval = add_option_to_table(table_api, "dce_" + type, option, val);
+ bool tmpval = add_option_to_table(table_api, "dce_" + type, option, val);
for (int i=0; i < DcerpcServer::get_binding_id(); i++)
{
tmpval = add_option_to_table(table_api, "dce_" + type + std::to_string(i), option, val) &&
return tmpval;
}
-bool Dcerpc::add_option_to_type(std::string type, std::string option)
+bool Dcerpc::add_option_to_type(const std::string& type, const std::string& option)
{
bool tmpval = add_option_to_table(table_api, "dce_" + type, option, true);
for (int i=0; i < DcerpcServer::get_binding_id(); i++)
return tmpval;
}
-bool Dcerpc::add_deleted_comment_to_defaults(std::string option)
+bool Dcerpc::add_deleted_comment_to_defaults(const std::string& option)
{
bool tmpval = true;
return tmpval;
}
-bool Dcerpc::parse_int_and_add_to_all(std::string opt_name, std::istringstream& stream, bool
+bool Dcerpc::parse_int_and_add_to_all(const std::string& opt_name, std::istringstream& stream, bool
co_only)
{
int val;
return false;
}
-bool Dcerpc::parse_string_and_add_to_type(std::string type, std::string opt_name,
+bool Dcerpc::parse_string_and_add_to_type(const std::string& type, const std::string& opt_name,
std::istringstream& stream)
{
std::string val;
// Utility functions
////////////////////////
-bool add_option_to_table(TableApi& table_api,std::string table_name, std::string
- option, const std::string val)
+bool add_option_to_table(TableApi& table_api, const std::string& table_name,
+ const std::string& option, const std::string& val)
{
table_api.open_table(table_name);
bool tmpval = table_api.add_option(option, val);
return tmpval;
}
-bool add_option_to_table(TableApi& table_api,std::string table_name, std::string
- option, const int val)
+bool add_option_to_table(TableApi& table_api, const std::string& table_name,
+ const std::string& option, const int val)
{
table_api.open_table(table_name);
bool tmpval = table_api.add_option(option, val);
return tmpval;
}
-bool add_option_to_table(TableApi& table_api,std::string table_name, std::string
- option, const bool val)
+bool add_option_to_table(TableApi& table_api, const std::string& table_name,
+ const std::string& option, const bool val)
{
table_api.open_table(table_name);
bool tmpval = table_api.add_option(option, val);
return tmpval;
}
-bool add_deleted_comment_to_table(TableApi& table_api, std::string table_name, std::string option)
+bool add_deleted_comment_to_table(TableApi& table_api, const std::string& table_name,
+ const std::string& option)
{
table_api.open_table(table_name);
bool tmpval = table_api.add_deleted_comment(option);
return tmpval;
}
-void DcerpcServer::add_default_ports(std::string type, std::map<std::string,Binder*> bind)
+void DcerpcServer::add_default_ports(const std::string& type, std::map<std::string,Binder*> bind)
{
for (auto port : default_ports[type])
{
}
// add single port / range
-bool DcerpcServer::parse_and_add_ports(std::string ports, std::string type, std::map<std::string,
+bool DcerpcServer::parse_and_add_ports(const std::string& ports, const std::string& type, std::map<std::string,
Binder*> bind, bool bind_port_to_tcp)
{
if (ports.empty())
case DCE_DETECT_LIST_STATE__PORTS_END:
{
- char c;
-
if (one_type)
{
return true;
}
else // wait for list terminator or item separator
{
+ char c;
+
if (!data_stream.get(c))
return false;
return true;
}
-bool DcerpcServer::add_option_to_transports(std::string option, std::string value, bool co_only)
+bool DcerpcServer::add_option_to_transports(const std::string& option, const std::string& value, bool co_only)
{
bool retval = true;
bool parse_smb_file_inspection(std::istringstream& data_stream);
bool parse_detect(std::istringstream& data_stream, std::map<std::string, Binder*> bind, bool
is_detect);
- void add_default_ports(std::string type, std::map<std::string, Binder*> bind);
- bool parse_and_add_ports(std::string ports, std::string type, std::map<std::string,
+ void add_default_ports(const std::string& type, std::map<std::string, Binder*> bind);
+ bool parse_and_add_ports(const std::string& ports, const std::string& type, std::map<std::string,
Binder*> bind, bool bind_port_to_tcp);
bool init_net_created_table();
bool init_new_tables(bool is_default);
bool parse_nets(std::istringstream& data_stream, std::map<std::string,
Binder*> bind);
- bool add_option_to_transports(std::string option, std::string value, bool co_only);
+ bool add_option_to_transports(const std::string& option, const std::string& value, bool co_only);
std::map<std::string, bool> detect_ports_set;
std::map<std::string, bool> autodetect_ports_set;
std::map<std::string, std::string> table_name;
};
bool add_option_to_table(
- TableApi&, std::string table_name, std::string option, const std::string val);
+ TableApi&, const std::string& table_name, const std::string& option, const std::string& val);
bool add_option_to_table(
- TableApi&, std::string table_name, std::string option, const int val);
+ TableApi&, const std::string& table_name, const std::string& option, const int val);
bool add_option_to_table(
- TableApi&, std::string table_name, std::string option, const bool val);
+ TableApi&, const std::string& table_name, const std::string& option, const bool val);
bool add_deleted_comment_to_table(
- TableApi&, std::string table_name, std::string option);
+ TableApi&, const std::string& table_name, const std::string& option);
} // namespace dce
} // namespace preprocessors
}
else if (!keyword.compare("ports"))
{
- std::string tmp = "";
table_api.add_diff_option_comment("ports", "bindings");
if ((data_stream >> keyword) && !keyword.compare("{"))
else if (!keyword.compare("ports"))
{
- std::string tmp = "";
table_api.add_diff_option_comment("ports", "bindings");
if ((data_stream >> keyword) && !keyword.compare("{"))
// with this program; if not, write to the Free Software Foundation, Inc.,
// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
//--------------------------------------------------------------------------
-// pps_firewall.cc author Carter Waxman <cwaxman@cisco.com>
+// pps_firewall.cc author Michael Altizer <mialtize@cisco.com>
#include <sstream>
#include <vector>
namespace preprocessors
{
+ namespace
+ {
+ class Firewall : public ConversionState
+ {
+ public:
+ Firewall(Converter& c) : ConversionState(c) { }
+ ~Firewall() { }
+ bool convert(std::istringstream& data) override;
+ };
+ } // namespace
-//FIXIT-L add when supported
-static std::string header = "preprocessor firewall: ";
+ bool Firewall::convert(std::istringstream& data_stream)
+ {
+ bool retval = true;
-static ConversionState* ctor(Converter& c)
-{ return new UnsupportedState<&header>(c); }
+ table_api.open_table("firewall");
-static const ConvertMap firewall_api =
-{
- "firewall",
- ctor,
-};
+ std::string keyword;
+ while (data_stream >> keyword)
+ {
+ bool tmpval = true;
+
+ if (!keyword.compare("fw_rule_path"))
+ tmpval = parse_string_option("fw_rule_path", data_stream);
+ else if (!keyword.compare("qos_rule_path"))
+ tmpval = parse_string_option("qos_rule_path", data_stream);
+ else if (!keyword.compare("dns_rule_path"))
+ tmpval = parse_string_option("dns_rule_path", data_stream);
+ else if (!keyword.compare("url_rule_path"))
+ tmpval = parse_string_option("url_rule_path", data_stream);
+ else if (!keyword.compare("file_rule_path"))
+ // FIXIT-L This is currently just not implemented, not actually deleted
+ tmpval = parse_deleted_option("file_rule_path", data_stream);
+ else if (!keyword.compare("whitelist"))
+ tmpval = parse_string_option("whitelist_path", data_stream);
+ else if (!keyword.compare("blacklist"))
+ tmpval = parse_string_option("blacklist_path", data_stream);
+ else if (!keyword.compare("fw_log_name"))
+ tmpval = parse_deleted_option("fw_log_name", data_stream);
+ else if (!keyword.compare("fw_log_time"))
+ tmpval = parse_int_option("fw_roll_log_interval", data_stream, false);
+ else if (!keyword.compare("fw_log_size"))
+ tmpval = parse_int_option("max_log_file_size", data_stream, false);
+ else if (!keyword.compare("fw_log_dns"))
+ tmpval = table_api.add_option("dns_log_enabled", true);
+ else if (!keyword.compare("fw_log_url"))
+ tmpval = table_api.add_option("url_log_enabled", true);
+ else if (!keyword.compare("fw_url_file"))
+ tmpval = parse_deleted_option("fw_url_file", data_stream);
+ else if (!keyword.compare("fw_url_perf"))
+ tmpval = parse_string_option("url_perf_filename", data_stream);
+ else if (!keyword.compare("fw_url_len"))
+ tmpval = parse_int_option("max_url_log_len", data_stream, false);
+ else if (!keyword.compare("enable_url_cache_miss"))
+ tmpval = table_api.add_option("url_cache_miss_enabled", true);
+ else if (!keyword.compare("fw_user_stats"))
+ tmpval = parse_string_option("user_stats_filename", data_stream);
+ else if (!keyword.compare("fw_app_stats"))
+ tmpval = parse_string_option("app_stats_filename", data_stream);
+ else if (!keyword.compare("fw_qos_rule_stats"))
+ tmpval = parse_string_option("qos_rule_stats_filename", data_stream);
+ else if (!keyword.compare("fw_intf_stats"))
+ tmpval = parse_string_option("intf_stats_filename", data_stream);
+ else if (!keyword.compare("fw_stats_time"))
+ tmpval = parse_int_option("fw_stats_interval", data_stream, false);
+ else if (!keyword.compare("fw_urlq_memcap"))
+ tmpval = parse_int_option("url_queue_memcap", data_stream, false);
+ else if (!keyword.compare("fw_urlc_memcap"))
+ tmpval = parse_int_option("url_cache_memcap", data_stream, false);
+ else if (!keyword.compare("fw_usrq_memcap"))
+ tmpval = parse_int_option("user_queue_memcap", data_stream, false);
+ else if (!keyword.compare("fw_usrc_memcap"))
+ tmpval = parse_int_option("user_cache_memcap", data_stream, false);
+ else if (!keyword.compare("fw_malwq_memcap"))
+ tmpval = parse_int_option("malware_queue_memcap", data_stream, false);
+ else if (!keyword.compare("fw_malwc_memcap"))
+ tmpval = parse_int_option("malware_cache_memcap", data_stream, false);
+ else if (!keyword.compare("fw_archiveq_memcap"))
+ tmpval = parse_int_option("archive_queue_memcap", data_stream, false);
+ else if (!keyword.compare("fw_archivec_memcap"))
+ tmpval = parse_int_option("archive_cache_memcap", data_stream, false);
+ else if (!keyword.compare("fw_log_iprep"))
+ tmpval = parse_yn_bool_option("iprep_logging_enabled", data_stream, false, "enable", "disable");
+ else if (!keyword.compare("fw_log_file_id"))
+ tmpval = parse_deleted_option("fw_log_file_id", data_stream);
+ else if (!keyword.compare("fw_skip_cert"))
+ tmpval = table_api.add_option("skip_https_cert", true);
+ else if (!keyword.compare("fw_log_host"))
+ tmpval = table_api.add_option("log_host_only", true);
+ else if (!keyword.compare("fw_ips_classic"))
+ tmpval = table_api.add_option("log_orig_ips", true);
+ else if (!keyword.compare("fw_required"))
+ tmpval = table_api.add_option("externally_required", true);
+ else if (!keyword.compare("ha_http"))
+ tmpval = parse_int_option("ha_http_len", data_stream, false);
+ else if (!keyword.compare("fw_bypass_time"))
+ tmpval = parse_int_option("bypass_timeout", data_stream, false);
+ else if (!keyword.compare("fw_file_memcap"))
+ tmpval = parse_int_option("file_queue_memcap", data_stream, false);
+ else if (!keyword.compare("fw_file_geo4map"))
+ tmpval = parse_string_option("geo_ipv4_map_path", data_stream);
+ else if (!keyword.compare("fw_file_geo6map"))
+ tmpval = parse_string_option("geo_ipv6_map_path", data_stream);
+ else if (!keyword.compare("fw_file_storage_path"))
+ tmpval = parse_string_option("file_storage_path", data_stream);
+ else if (!keyword.compare("fw_file_extraction_mode"))
+ tmpval = parse_int_option("file_extraction_mode", data_stream, false);
+ else if (!keyword.compare("file_sandbox_min"))
+ tmpval = parse_int_option("file_sandbox_min", data_stream, false);
+ else if (!keyword.compare("file_sandbox_max"))
+ tmpval = parse_int_option("file_sandbox_max", data_stream, false);
+ else if (!keyword.compare("file_cache_test"))
+ tmpval = table_api.add_option("file_cache_test_enabled", true);
+ else if (!keyword.compare("fw_file_perf"))
+ tmpval = parse_string_option("file_perf_filename", data_stream);
+ else if (!keyword.compare("capture_missed_disp"))
+ tmpval = table_api.add_option("capture_missed_disp", true);
+ else if (!keyword.compare("debug_future_date"))
+ tmpval = table_api.add_option("future_date_debug_enabled", true);
+ else if (!keyword.compare("identity_rule_path"))
+ tmpval = parse_string_option("identity_rule_path", data_stream);
+ else if (!keyword.compare("interface_ip_map_path"))
+ tmpval = parse_string_option("intf_ip_map_path", data_stream);
+ else if (!keyword.compare("daqif_path"))
+ tmpval = parse_string_option("daq_intf_path", data_stream);
+ else if (!keyword.compare("running_config_network_path"))
+ tmpval = parse_string_option("running_network_config_path", data_stream);
+ else
+ tmpval = false;
+
+ if (!tmpval)
+ {
+ data_api.failed_conversion(data_stream, keyword);
+ retval = false;
+ }
+ }
+
+ return retval;
+ }
+
+ /**************************
+ ******* A P I ***********
+ **************************/
+
+ static ConversionState* ctor(Converter& c)
+ {
+ return new Firewall(c);
+ }
+
+ static const ConvertMap firewall_api =
+ {
+ "firewall",
+ ctor,
+ };
-const ConvertMap* firewall_map = &firewall_api;
+ const ConvertMap* firewall_map = &firewall_api;
} // namespace preprocessors
{
int len;
std::string elem;
- std::string format = std::string();
if (!(stream >> len))
return false;
if (!keyword.compare("ports"))
{
- std::string tmp = "";
table_api.add_diff_option_comment("ports", "bindings");
if ((data_stream >> keyword) && !keyword.compare("{"))
else if (!keyword.compare("ports"))
{
- std::string tmp = "";
table_api.add_diff_option_comment("ports", "bindings");
if ((data_stream >> keyword) && !keyword.compare("{"))
else if (!keyword.compare("ports"))
{
- std::string tmp = "";
table_api.add_diff_option_comment("ports", "bindings");
if ((data_stream >> keyword) && !keyword.compare("{"))
if (!keyword.compare("ports"))
{
- std::string tmp = "";
table_api.add_diff_option_comment("ports", "bindings");
if ((data_stream >> keyword) && !keyword.compare("{"))
else if (!keyword.compare("ports"))
{
- std::string tmp = "";
table_api.add_diff_option_comment("ports", "bindings");
if ((data_stream >> keyword) && !keyword.compare("{"))
else if (!keyword.compare("ports"))
{
- std::string tmp = "";
table_api.add_diff_option_comment("ports", "bindings");
if ((arg_stream >> keyword) && !keyword.compare("{"))
{
int len;
std::string elem;
- std::string format = std::string();
if (!(stream >> len))
return false;
}
else if (!keyword.compare("ports"))
{
- std::string tmp = "";
table_api.add_diff_option_comment("ports", "bindings");
if ((data_stream >> keyword) && !keyword.compare("{"))
else if (!keyword.compare("server_ports"))
{
- std::string tmp = "";
table_api.add_diff_option_comment("server_ports", "bindings");
if ((data_stream >> keyword) && !keyword.compare("{"))
}
else if (!keyword.compare("ports"))
{
- std::string tmp = "";
table_api.add_diff_option_comment("ports", "bindings");
if (arg_stream >> keyword)
tmpval = parse_int_option("max_sessions", arg_stream, false);
table_api.close_table();
}
- else if (!keyword.compare("max_tcp"))
- {
- table_api.open_table("tcp_cache");
- tmpval = parse_int_option("max_sessions", arg_stream, false);
- table_api.close_table();
- }
else if (!keyword.compare("tcp_cache_nominal_timeout"))
{
table_api.open_table("tcp_cache");
bool StreamTcp::parse_protocol(std::istringstream& arg_stream)
{
std::string dir;
- std::string lua_dir;
std::string protocol;
std::vector<std::string>* protocols;
Binder* bind;
while ( extract_payload(arg_stream, keyword) )
{
std::istringstream opts(keyword);
- std::string tmp_str;
val = "";
opts >> keyword; // guaranteed to work since get_string is true
bool HttpEncode::convert(std::istringstream& data_stream)
{
- std::string tmp;
rule_api.add_comment("option deleted: http_encode");
- tmp = util::get_rule_option_args(data_stream);
+ util::get_rule_option_args(data_stream);
return set_next_rule_state(data_stream);
}
std::string args;
std::string value;
std::string type;
- int seconds = 0;
- int bytes = 0;
- int packets = 0;
- bool is_host = false;
- bool valid = true;
args = util::get_rule_option_args(data_stream);
std::istringstream arg_stream(args);
}
else
{
+ int seconds = 0;
+ int bytes = 0;
+ int packets = 0;
+ bool is_host = false;
+ bool valid = true;
+
if (!value.compare("host"))
is_host = true;
{
opt_val = std::stoi(value);
}
- catch (std::exception e)
+ catch (std::exception &e)
{
rule_api.bad_rule(data_stream, "can't convert " + value + ":" + e.what());
valid = false;
************** MAIN FILES *****************
*********************************************/
-static void print_line(std::string s)
+static void print_line(const std::string& s)
{
if (!DataApi::is_quiet_mode())
std::cout << s << std::endl;
}
if ((output_file = fopen(output_filename, "w")) == NULL)
{
+ fclose(input_file);
fprintf(stderr, "Unable to open/create file: %s\n", output_filename);
return FAILURE;
}
projects / thirdparty / snort3.git / commitdiff
