#include "main/snort_config.h"
#include "managers/inspector_manager.h"
#include "packet_io/active.h"
-#include "packet_io/intf.h"
#include "packet_io/sfdaq.h"
#include "service_inspectors/http_inspect/http_enum.h"
event.sig_info->gid, event.sig_info->sid, event.sig_info->rev);
if (SnortConfig::alert_interface())
- TextLog_Print(fast_log, " <%s> ", PRINT_INTERFACE(SFDAQ::get_interface_spec()));
+ TextLog_Print(fast_log, " <%s> ", SFDAQ::get_interface_spec());
if ( msg )
TextLog_Puts(fast_log, msg);
#include "log/log_text.h"
#include "log/text_log.h"
#include "main/snort_config.h"
-#include "packet_io/intf.h"
#include "packet_io/sfdaq.h"
#include "protocols/packet.h"
if (SnortConfig::alert_interface())
{
- const char* iface = PRINT_INTERFACE(SFDAQ::get_interface_spec());
+ const char* iface = SFDAQ::get_interface_spec();
TextLog_Print(full_log, " <%s> ", iface);
}
#include "framework/module.h"
#include "log/messages.h"
#include "main/snort_config.h"
-#include "packet_io/intf.h"
#include "packet_io/sfdaq.h"
#include "protocols/packet.h"
#include "utils/util.h"
if (SnortConfig::alert_interface())
{
SnortSnprintfAppend(event_string, sizeof(event_string),
- "<%s> ", PRINT_INTERFACE(SFDAQ::get_interface_spec()));
+ "<%s> ", SFDAQ::get_interface_spec());
}
}
if ((p != nullptr) && p->ptrs.ip_api.is_ip())
#include "managers/plugin_manager.h"
#include "managers/script_manager.h"
#include "managers/so_manager.h"
-#include "packet_io/intf.h"
#include "packet_io/sfdaq.h"
#include "utils/util.h"
exit(0);
}
-[[noreturn]] void list_interfaces(SnortConfig*)
-{
- PrintAllInterfaces();
- exit(0);
-}
-
[[noreturn]] void list_modules(SnortConfig* sc, const char* val)
{
show_help(sc, val, HT_LST);
[[noreturn]] void list_modules(snort::SnortConfig* sc, const char*);
[[noreturn]] void list_plugins(snort::SnortConfig* sc, const char*);
-[[noreturn]] void list_interfaces(snort::SnortConfig*);
[[noreturn]] void list_daqs(snort::SnortConfig* sc);
[[noreturn]] void dump_defaults(snort::SnortConfig* sc, const char*);
// users aren't used to seeing the standard help format for command line
// args so the few cases where there is a default, we include it in the
// help as well.
+//
+// command line options can be specified in Lua instead by doing e.g.
+//
+// snort = { }; snort["-z"] = 2
+//
+// so a default value can't be provided for args that kick off optional
+// run modes such as --rule-to-text because the program will do strange
+// things like waiting on stdin for input that won't be coming. in these
+// cases the default must only be indicated in the help.
//-------------------------------------------------------------------------
static const Parameter s_params[] =
{ "-v", Parameter::PT_IMPLIED, nullptr, nullptr,
"be verbose" },
- { "-W", Parameter::PT_IMPLIED, nullptr, nullptr,
- "lists available interfaces" },
-
{ "-X", Parameter::PT_IMPLIED, nullptr, nullptr,
"dump the raw packet data starting at the link layer" },
{ "--rule-to-hex", Parameter::PT_IMPLIED, nullptr, nullptr,
"output so rule header to stdout for text rule on stdin" },
- { "--rule-to-text", Parameter::PT_STRING, "16", "[SnortFoo]",
- "output plain so rule header to stdout for text rule on stdin" },
+ { "--rule-to-text", Parameter::PT_STRING, "16", nullptr,
+ "output plain so rule header to stdout for text rule on stdin "
+ "(specify delimiter or [Snort_SO_Rule] will be used)" },
{ "--run-prefix", Parameter::PT_STRING, nullptr, nullptr,
"<pfx> prepend this to each output file" },
else if ( v.is("-v") )
sc->set_verbose(true);
- else if ( v.is("-W") )
- list_interfaces(sc);
-
else if ( v.is("-X") )
sc->set_dump_payload_verbose(true);
void InspectorManager::thread_term(SnortConfig*)
{
+ // FIXIT-L this check required if startup failed in
+ // Analyzer::analyze before thread_init is called eg
+ // Can't start DAQ (-1) - socket: Operation not permitted
+ // ideally thread_term not called w/o calling thread_init
+ if ( !s_tl_handlers )
+ return;
+
// Call tterm for every inspector plugin ever configured during the lifetime of this thread
for ( PHGlobal& phg : *s_tl_handlers )
{
add_library (packet_io OBJECT
active.cc
active.h
- intf.cc
- intf.h
sfdaq.cc
sfdaq.h
sfdaq_config.cc
+++ /dev/null
-//--------------------------------------------------------------------------
-// Copyright (C) 2014-2018 Cisco and/or its affiliates. All rights reserved.
-// Copyright (C) 2013-2013 Sourcefire, Inc.
-//
-// This program is free software; you can redistribute it and/or modify it
-// under the terms of the GNU General Public License Version 2 as published
-// by the Free Software Foundation. You may not use, modify or distribute
-// this program under any other version of the GNU General Public License.
-//
-// This program is distributed in the hope that it will be useful, but
-// WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-// General Public License for more details.
-//
-// You should have received a copy of the GNU General Public License along
-// with this program; if not, write to the Free Software Foundation, Inc.,
-// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
-//--------------------------------------------------------------------------
-
-#ifdef HAVE_CONFIG_H
-#include "config.h"
-#endif
-
-#include "intf.h"
-
-#include <netinet/in.h>
-#include <pcap.h>
-
-#include "log/messages.h"
-#include "sfip/sf_ip.h"
-
-//------------------------------------------------------------------------------
-// interface stuff
-//------------------------------------------------------------------------------
-
-void PrintAllInterfaces()
-{
- char errorbuf[PCAP_ERRBUF_SIZE];
- pcap_if_t* alldevs;
- pcap_if_t* dev;
- int j = 1;
-
- if (pcap_findalldevs(&alldevs, errorbuf) == -1)
- snort::FatalError("Could not get device list: %s.", errorbuf);
-
- printf("Index\tDevice\tPhysical Address\tIP Address\tDescription\n");
- printf("-----\t------\t----------------\t----------\t-----------\n");
-
- for (dev = alldevs; dev != nullptr; dev = dev->next, j++)
- {
- printf("%5d", j);
- printf("\t%s", dev->name);
- printf("\t00:00:00:00:00:00");
-
- if (dev->addresses)
- {
- struct sockaddr_in* saddr = (struct sockaddr_in*)dev->addresses->addr;
- if ((saddr->sin_family == AF_INET) || (saddr->sin_family == AF_INET6))
- {
- snort::SfIp dev_ip;
- dev_ip.set(&saddr->sin_addr, saddr->sin_family);
-
- snort::SfIpString ip;
- printf("\t%s", dev_ip.ntop(ip));
- }
- else
- printf("\tdisabled");
- }
- else
- printf("\tdisabled");
-
- printf("\t%s\n", dev->description);
- }
- pcap_freealldevs(alldevs);
-}
-
+++ /dev/null
-//--------------------------------------------------------------------------
-// Copyright (C) 2014-2018 Cisco and/or its affiliates. All rights reserved.
-// Copyright (C) 2013-2013 Sourcefire, Inc.
-//
-// This program is free software; you can redistribute it and/or modify it
-// under the terms of the GNU General Public License Version 2 as published
-// by the Free Software Foundation. You may not use, modify or distribute
-// this program under any other version of the GNU General Public License.
-//
-// This program is distributed in the hope that it will be useful, but
-// WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-// General Public License for more details.
-//
-// You should have received a copy of the GNU General Public License along
-// with this program; if not, write to the Free Software Foundation, Inc.,
-// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
-//--------------------------------------------------------------------------
-
-#ifndef INTF_H
-#define INTF_H
-
-/* This macro helps to simplify the differences between Win32 and
- non-Win32 code when printing out the name of the interface */
-#define PRINT_INTERFACE(i) ((i) ? (i) : "NULL")
-
-void PrintAllInterfaces();
-
-#endif
-
#include <sfbpf_dlt.h>
}
+#include <cassert>
#include <mutex>
#include "log/messages.h"
const char* SFDAQ::get_interface_spec()
{
+ assert(local_instance->get_interface_spec());
return local_instance->get_interface_spec();
}
projects / thirdparty / snort3.git / commitdiff
