Merge in SNORT/snort3 from ~OSTEPANO/snort3:binder_service to master
Squashed commit of the following:
commit
14207b6c9c45c1eac1494a04589a3891195d3a3d
Author: Oleksandr Stepanov <ostepano@cisco.com>
Date: Wed Sep 18 13:04:28 2024 -0400
binder: change binding to have single service
"use the given configuration on one or any end of a session" },
{ "service", Parameter::PT_STRING, nullptr, nullptr,
- "space separated list of services" },
+ "name of service to match" },
{ nullptr, Parameter::PT_MAX, nullptr, nullptr, nullptr }
};
// both
if ( !strcmp(fqn, "binder.when.service") )
{
- binding.when.parse_service(v.get_string());
+ binding.when.svc = v.get_string();
binding.when.add_criteria(BindWhen::Criteria::BWC_SVC);
}
else if ( !strcmp(fqn, "binder.use.service") )
void BinderModule::add(const char* svc, const char* type)
{
binding.clear();
- binding.when.parse_service(svc);
+ binding.when.svc = svc;
binding.when.add_criteria(BindWhen::Criteria::BWC_SVC);
binding.use.type = type;
binding.use.name = type;
}
if (bw.has_criteria(BindWhen::Criteria::BWC_SVC))
- when += " service = " + bw.get_service_list() + ",";
+ when += " service = " + bw.svc + ",";
if (bw.has_criteria(BindWhen::Criteria::BWC_SPLIT_NETS))
{
when.ips_id_user = 0;
when.protos = PROTO_BIT__ANY_TYPE;
when.role = BindWhen::BR_EITHER;
- when.svc_list.clear();
+ when.svc.clear();
if (when.src_nets)
{
if (!flow.service)
return false;
- return when.svc_list.find(flow.service) != when.svc_list.end();
+ return when.svc == flow.service;
}
inline bool Binding::check_service(const char* service) const
if (!when.has_criteria(BindWhen::Criteria::BWC_SVC))
return false;
- return when.svc_list.find(service) != when.svc_list.end();
+ return when.svc == service;
}
inline bool Binding::check_service() const
#define BINDING_H
#include <string>
-#include <sstream>
#include "main/policy.h"
#include "sfip/sf_ipvar.h"
unsigned ips_id_user;
unsigned protos;
Role role;
+ std::string svc;
sfip_var_t* src_nets;
sfip_var_t* dst_nets;
PortBitSet src_ports;
PortBitSet dst_ports;
- std::unordered_set<std::string> svc_list;
-
std::unordered_set<int32_t> src_intfs;
std::unordered_set<int32_t> dst_intfs;
{ criteria_flags |= flags; }
bool has_criteria(uint16_t flags) const
{ return (criteria_flags & flags) == flags; }
-
- void parse_service(const std::string& service)
- {
- if (service.find(" ") == std::string::npos)
- {
- svc_list.emplace(service);
- return;
- }
-
- std::string buf;
- std::stringstream ss(service);
- while(getline(ss, buf, ' '))
- svc_list.emplace(buf);
- }
-
- std::string get_service_list() const
- {
- std::string res;
- for(const auto& entry : svc_list)
- res += entry;
- return res;
- }
};
struct BindUse
projects / thirdparty / snort3.git / commitdiff
