{ "--rule", Parameter::PT_STRING, nullptr, nullptr,
"<rules> to be added to configuration; may be repeated" },
+ { "--rule-path", Parameter::PT_STRING, nullptr, nullptr,
+ "<path> where to find rules files" },
+
{ "--rule-to-hex", Parameter::PT_IMPLIED, nullptr, nullptr,
"output so rule header to stdout for text rule on stdin" },
else if ( v.is("--rule") )
parser_append_rules(v.get_string());
+ else if ( v.is("--rule-path") )
+ parser_append_includes(v.get_string());
+
else if ( v.is("--rule-to-hex") )
dump_rule_hex(sc, v.get_string());
#include "filters/sfthreshold.h"
#include "hash/hashfcn.h"
#include "hash/xhash.h"
+#include "helpers/directory.h"
#include "log/messages.h"
#include "main/shell.h"
#include "main/snort_config.h"
static std::string s_aux_rules;
-void parser_append_rules(const char* s)
-{
- s_aux_rules += s;
- s_aux_rules += "\n";
-}
-
//-------------------------------------------------------------------------
// private / implementation methods
//-------------------------------------------------------------------------
-void parser_init()
-{
- parse_rule_init();
-
- ruleIndexMap = RuleIndexMapCreate();
-
- if ( !ruleIndexMap )
- ParseAbort("failed to create rule index map.");
-}
-
-void parser_term(SnortConfig* sc)
-{
- parse_rule_term();
- RuleIndexMapFree(ruleIndexMap);
- ruleIndexMap = nullptr;
- sc->free_rule_state_list();
-}
-
static void CreateDefaultRules(SnortConfig* sc)
{
CreateRuleType(sc, Actions::get_string(Actions::LOG), Actions::LOG);
// public methods
//-------------------------------------------------------------------------
-/****************************************************************************
- * Function: ParseSnortConf()
- *
- * Read the rules file a line at a time and send each rule to the rule parser
- * This is the first pass of the configuration file. It parses everything
- * except the rules.
- *
- * Arguments: None
- *
- * Returns:
- * SnortConfig *
- * An initialized and configured snort configuration struct.
- * This struct should be passed on the second pass of the
- * configuration file to parse the rules.
- *
- ***************************************************************************/
+void parser_init()
+{
+ parse_rule_init();
+
+ ruleIndexMap = RuleIndexMapCreate();
+
+ if ( !ruleIndexMap )
+ ParseAbort("failed to create rule index map.");
+}
+
+void parser_term(SnortConfig* sc)
+{
+ parse_rule_term();
+ RuleIndexMapFree(ruleIndexMap);
+ ruleIndexMap = nullptr;
+ sc->free_rule_state_list();
+}
+
SnortConfig* ParseSnortConf(const SnortConfig* boot_conf, const char* fname)
{
SnortConfig* sc = new SnortConfig(SnortConfig::get_conf()->proto_ref);
return RuleIndexMapAdd(ruleIndexMap, gid, sid);
}
+void parser_append_rules(const char* s)
+{
+ s_aux_rules += s;
+ s_aux_rules += "\n";
+}
+
+void parser_append_includes(const char* d)
+{
+ Directory dir(d);
+ const char* f;
+
+ while ( (f = dir.next()) )
+ {
+ std::string s = "include ";
+ s += f;
+ parser_append_rules(s.c_str());
+ }
+}
+
projects / thirdparty / snort3.git / commitdiff
