#include "flow/flow_key.h"
#include "log/messages.h"
#include "trace/trace_api.h"
+#include "utils/util.h"
#include "appid_config.h"
#include "appid_module.h"
if (!( log_all_sessions or
( info.proto_match(protocol) and
( (info.port_match(port1, port2) and info.ip_match(ip1, ip2)) or
- (info.port_match(port2, port1) and info.ip_match(ip2, ip1)) ) ) ))
+ (info.port_match(port2, port1) and info.ip_match(ip2, ip1)) ) and
+ info.tenant_match(tenant_id) ) ))
{
active = false;
return;
info = *constraints;
info.sip.ntop(sipstr, sizeof(sipstr));
info.dip.ntop(dipstr, sizeof(dipstr));
- appid_log(nullptr, TRACE_INFO_LEVEL, "Debugging %s with %s-%hu and %s-%hu %hhu\n", desc,
- sipstr, info.sport, dipstr, info.dport, static_cast<uint8_t>(info.protocol));
+
+ appid_log(nullptr, TRACE_INFO_LEVEL, "Debugging %s with %s-%hu and %s-%hu %hhu and tenants:%s\n", desc,
+ sipstr, info.sport, dipstr, info.dport, static_cast<uint8_t>(info.protocol),
+ IntVectorToStr(info.tenants).c_str());
enabled = true;
}
uint16_t sport;
uint16_t dport;
IpProtocol protocol = IpProtocol::PROTO_NOT_SET;
+ std::vector<uint32_t> tenants;
bool proto_match(IpProtocol proto) const
{
return (protocol == IpProtocol::PROTO_NOT_SET or protocol == proto);
((!sip_flag or !memcmp(sip.get_ip6_ptr(), ip1, sizeof(snort::ip::snort_in6_addr))) and
(!dip_flag or !memcmp(dip.get_ip6_ptr(), ip2, sizeof(snort::ip::snort_in6_addr))));
}
+ bool tenant_match(uint32_t tenant_id) const
+ {
+ if (tenant_id && !tenants.empty())
+ {
+ auto it = std::find_if(tenants.cbegin(), tenants.cend(),
+ [tenant_id](uint32_t t){ return t == tenant_id; });
+
+ if (it == tenants.cend())
+ return false;
+ }
+ return true;
+ }
};
class AppIdDebug
int sport = luaL_optint(L, 3, 0);
const char* dipstr = luaL_optstring(L, 4, nullptr);
int dport = luaL_optint(L, 5, 0);
+ const char *tenantsstr = luaL_optstring(L, 6, nullptr);
AppIdDebugSessionConstraints constraints = { };
if (sipstr)
constraints.sport = sport;
constraints.dport = dport;
+ if (tenantsstr)
+ StrToIntVector(tenantsstr, ',', constraints.tenants);
+
AppIdDebugLogEvent event(&constraints, "AppIdDbg");
DataBus::publish(AppIdInspector::get_pub_id(), AppIdEventIds::DEBUG_LOG, event);
{ "src_port", Parameter::PT_INT, nullptr, nullptr, "source port filter" },
{ "dst_ip", Parameter::PT_STRING, nullptr, nullptr, "destination IP address filter" },
{ "dst_port", Parameter::PT_INT, nullptr, nullptr, "destination port filter" },
+ { "tenants", Parameter::PT_STRING, nullptr, nullptr, "tenants filter" },
{ nullptr, Parameter::PT_MAX, nullptr, nullptr, nullptr }
};
uint8_t TraceApi::get_constraints_generation() { return 0; }
}
+std::string IntVectorToStr(const std::vector<uint32_t>& elems, char delim) { return ""; }
+
THREAD_LOCAL const snort::Trace* appid_trace;
void ApplicationDescriptor::set_id(const Packet&, AppIdSession&, AppidSessionDirection, AppId, AppidChangeBits&) { }
constraints.src_ip.ntop(sipstr, sizeof(sipstr));
constraints.dst_ip.ntop(dipstr, sizeof(dipstr));
- std::string tenants = "none";
- if (constraints.tenants.size())
- {
- std::ostringstream oss;
- for (size_t i = 0; i < constraints.tenants.size(); ++i)
- {
- oss << constraints.tenants[i];
- if (i < constraints.tenants.size() - 1)
- oss << ",";
- }
- tenants = oss.str();
- }
-
LogMessage("Debugging packet tracer with %s-%hu and %s-%hu %hhu and tenants:%s\n",
sipstr, constraints.src_port, dipstr, constraints.dst_port,
- static_cast<uint8_t>(constraints.ip_proto), tenants.c_str());
+ static_cast<uint8_t>(constraints.ip_proto), IntVectorToStr(constraints.tenants).c_str());
shell_enabled = true;
#include "main/snort_config.h"
#include "profiler/profiler.h"
#include "sfip/sf_ip.h"
+#include "utils/util.h"
#include "packet_tracer.h"
using namespace snort;
-static void StrToVector(const std::string& s,
- char delim,
- std::vector<uint32_t>& elems)
-{
- std::istringstream ss(s);
- std::string item;
- while (std::getline(ss, item, delim))
- {
- size_t pos;
- uint32_t i = std::stoul(item, &pos);
- elems.push_back(i);
- }
-}
-
static int enable(lua_State*);
static int disable(lua_State*);
PacketConstraints constraints = {};
if (tenantsstr)
- StrToVector(tenantsstr, ',', constraints.tenants);
+ StrToIntVector(tenantsstr, ',', constraints.tenants);
if (proto and (IpProtocol)proto < IpProtocol::PROTO_NOT_SET)
{
return true;
}
+void StrToIntVector(const std::string& s, char delim, std::vector<uint32_t>& elems)
+{
+ std::istringstream ss(s);
+ std::string item;
+ while (std::getline(ss, item, delim))
+ {
+ size_t pos;
+ uint32_t i = std::stoul(item, &pos);
+ elems.push_back(i);
+ }
+}
+
+std::string IntVectorToStr(const std::vector<uint32_t>& elems, char delim)
+{
+ std::string str = "none";
+ if (elems.size())
+ {
+ std::ostringstream oss;
+ for (size_t i = 0; i < elems.size(); ++i)
+ {
+ oss << elems[i];
+ if (i < elems.size() - 1)
+ oss << delim;
+ }
+ str = oss.str();
+ }
+
+ return str;
+}
+
#if defined(NOCOREFILE)
void SetNoCores()
{
#include <cstdlib>
#include <cstring>
#include <string>
+#include <vector>
#include "main/snort_types.h"
void InitProtoNames();
unsigned int get_random_seed();
bool get_file_size(const std::string&, size_t&);
+void StrToIntVector(const std::string& s, char delim, std::vector<uint32_t>& elems);
+std::string IntVectorToStr(const std::vector<uint32_t>& elems, char delim = ',');
#if defined(NOCOREFILE)
void SetNoCores();
projects / thirdparty / snort3.git / commitdiff
