Merge in SNORT/snort3 from ~RDEMPSTE/snort3:idle_event to master
Squashed commit of the following:
commit
bd6b74533e1b6880a21fcdcc70d2464505360d1d
Author: Ron Dempster (rdempste) <rdempste@cisco.com>
Date: Fri Mar 29 09:35:52 2024 -0400
anaylzer, framework: add a data bus method to publish to all network policies and use it for idle
publish(pid, eid, e, f);
}
+void DataBus::publish_to_all_network_policies(unsigned pub_id, unsigned evt_id)
+{
+ BareDataEvent e;
+
+ const SnortConfig* sc = SnortConfig::get_conf();
+ sc->global_dbus->_publish(pub_id, evt_id, e, nullptr);
+
+ NetworkPolicy* current_np = get_network_policy();
+ InspectionPolicy* current_ip = get_inspection_policy();
+
+ for ( unsigned nidx = 0; nidx < sc->policy_map->network_policy_count(); ++nidx )
+ {
+ NetworkPolicy* np = sc->policy_map->get_network_policy(nidx);
+ assert(np);
+ set_network_policy(np);
+ InspectionPolicy* ip = np->get_inspection_policy(0);
+ assert(ip);
+ set_inspection_policy(ip);
+ np->dbus._publish(pub_id, evt_id, e, nullptr);
+ ip->dbus._publish(pub_id, evt_id, e, nullptr);
+ }
+ set_inspection_policy(current_ip);
+ set_network_policy(current_np);
+}
+
//--------------------------------------------------------------------------
// private methods
//--------------------------------------------------------------------------
// convenience methods
static void publish(unsigned pub_id, unsigned evt_id, const uint8_t*, unsigned, Flow* = nullptr);
static void publish(unsigned pub_id, unsigned evt_id, Packet*, Flow* = nullptr);
+ static void publish_to_all_network_policies(unsigned pub_id, unsigned evt_id);
private:
void _subscribe(unsigned pub_id, unsigned evt_id, DataHandler*);
(InspectionPolicy*)mock().getData("my_inspection_policy").getObjectPointer();
return my_inspection_policy;
}
+void set_network_policy(NetworkPolicy*)
+{ }
+void set_inspection_policy(InspectionPolicy*)
+{ }
THREAD_LOCAL PacketCount pc;
}
timeradd(&now, &increment, &now);
packet_time_update(&now);
- DataBus::publish(intrinsic_pub_id, IntrinsicEventIds::THREAD_IDLE, nullptr);
+ DataBus::publish_to_all_network_policies(intrinsic_pub_id, IntrinsicEventIds::THREAD_IDLE);
// Service the retry queue with the new packet time.
process_retry_queue();
IpsPolicy* get_ips_policy() { return nullptr; }
void DataBus::publish(unsigned, unsigned, Packet*, Flow*) { }
void DataBus::publish(unsigned, unsigned, DataEvent&, Flow*) { }
+void DataBus::publish_to_all_network_policies(unsigned int, unsigned int) { }
SFDAQInstance::SFDAQInstance(const char*, unsigned, const SFDAQConfig*) { }
SFDAQInstance::~SFDAQInstance() = default;
void SFDAQInstance::reload() { }
pnd.analyze_flow_udp(event.get_packet());
}
-void RnaIdleEventHandler::handle(DataEvent& event, Flow*)
+void RnaIdleEventHandler::handle(DataEvent&, Flow*)
{
// cppcheck-suppress unreadVariable
Profile profile(rna_perf_stats);
++rna_stats.change_host_update;
- update_rna_pkt_stats(event);
pnd.generate_change_host_update();
}
projects / thirdparty / snort3.git / commitdiff
