return result;
}
-static int AlertDebugLogCondition(ThreadVars *tv, void *thread_data, const Packet *p)
+static bool AlertDebugLogCondition(ThreadVars *tv, void *thread_data, const Packet *p)
{
- return (p->alerts.cnt ? TRUE : FALSE);
+ return (p->alerts.cnt > 0);
}
static int AlertDebugLogLogger(ThreadVars *tv, void *thread_data, const Packet *p)
void AlertFastLogRegisterTests(void);
static void AlertFastLogDeInitCtx(OutputCtx *);
-int AlertFastLogCondition(ThreadVars *tv, void *thread_data, const Packet *p);
+static bool AlertFastLogCondition(ThreadVars *tv, void *thread_data, const Packet *p);
int AlertFastLogger(ThreadVars *tv, void *data, const Packet *p);
void AlertFastLogRegister(void)
LogFileCtx* file_ctx;
} AlertFastLogThread;
-int AlertFastLogCondition(ThreadVars *tv, void *thread_data, const Packet *p)
+static bool AlertFastLogCondition(ThreadVars *tv, void *thread_data, const Packet *p)
{
- return (p->alerts.cnt ? TRUE : FALSE);
+ return (p->alerts.cnt > 0);
}
static inline void AlertFastLogOutputAlert(AlertFastLogThread *aft, char *buffer,
return TM_ECODE_OK;
}
-static int AlertSyslogCondition(ThreadVars *tv, void *thread_data, const Packet *p)
+static bool AlertSyslogCondition(ThreadVars *tv, void *thread_data, const Packet *p)
{
- return (p->alerts.cnt > 0 ? TRUE : FALSE);
+ return (p->alerts.cnt > 0);
}
static int AlertSyslogLogger(ThreadVars *tv, void *thread_data, const Packet *p)
return 0;
}
-int SSHTxLogCondition(ThreadVars * tv, const Packet * p, void *state, void *tx, uint64_t tx_id)
+bool SSHTxLogCondition(ThreadVars *tv, const Packet *p, void *state, void *tx, uint64_t tx_id)
{
return rs_ssh_tx_get_log_condition(tx);
}
void RegisterSSHParsers(void);
void SSHParserRegisterTests(void);
-int SSHTxLogCondition(ThreadVars *, const Packet *, void *state, void *tx, uint64_t tx_id);
+bool SSHTxLogCondition(ThreadVars *, const Packet *, void *state, void *tx, uint64_t tx_id);
#endif /* __APP_LAYER_SSH_H__ */
static void PcapLogFileDeInitCtx(OutputCtx *);
static OutputInitResult PcapLogInitCtx(ConfNode *);
static void PcapLogProfilingDump(PcapLogData *);
-static int PcapLogCondition(ThreadVars *, void *, const Packet *);
+static bool PcapLogCondition(ThreadVars *, void *, const Packet *);
void PcapLogRegister(void)
{
(prof).total += (UtilCpuGetTicks() - pcaplog_profile_ticks); \
(prof).cnt++
-static int PcapLogCondition(ThreadVars *tv, void *thread_data, const Packet *p)
+static bool PcapLogCondition(ThreadVars *tv, void *thread_data, const Packet *p)
{
PcapLogThreadData *ptd = (PcapLogThreadData *)thread_data;
case LOGMODE_COND_ALL:
break;
case LOGMODE_COND_ALERTS:
- if (p->alerts.cnt || (p->flow && FlowHasAlerts(p->flow))) {
- return TRUE;
- } else {
- return FALSE;
- }
+ return (p->alerts.cnt || (p->flow && FlowHasAlerts(p->flow)));
break;
case LOGMODE_COND_TAG:
- if (p->flags & (PKT_HAS_TAG | PKT_FIRST_TAG)) {
- return TRUE;
- } else {
- return FALSE;
- }
+ return (p->flags & (PKT_HAS_TAG | PKT_FIRST_TAG));
break;
}
if (p->flags & PKT_PSEUDO_STREAM_END) {
- return FALSE;
+ return false;
}
if (IS_TUNNEL_PKT(p) && !IS_TUNNEL_ROOT_PKT(p)) {
- return FALSE;
+ return false;
}
- return TRUE;
+ return true;
}
/**
* \brief Condition function for TLS logger
* \retval bool true or false -- log now?
*/
-static int LogTlsStoreCondition(ThreadVars *tv, const Packet *p, void *state,
- void *tx, uint64_t tx_id)
+static bool LogTlsStoreCondition(
+ ThreadVars *tv, const Packet *p, void *state, void *tx, uint64_t tx_id)
{
if (p->flow == NULL) {
- return FALSE;
+ return false;
}
if (!(PKT_IS_TCP(p))) {
- return FALSE;
+ return false;
}
SSLState *ssl_state = (SSLState *)state;
ssl_state->server_connp.cert0_subject == NULL)
goto dontlog;
- return TRUE;
+ return true;
dontlog:
- return FALSE;
+ return false;
}
static int LogTlsStoreLogger(ThreadVars *tv, void *thread_data, const Packet *p,
* \param data Pointer to the EveStreamLogThread struct
* \param p Pointer the packet which is being logged
*
- * \retval 0 on succes
+ * \retval 0 on success
*/
static int EveStreamLogger(ThreadVars *tv, void *thread_data, const Packet *p)
{
* \param tv Pointer the current thread variables
* \param p Pointer the packet which is tested
*
- * \retval bool TRUE or FALSE
+ * \retval bool true or false
*/
-static int EveStreamLogCondition(ThreadVars *tv, void *data, const Packet *p)
+static bool EveStreamLogCondition(ThreadVars *tv, void *data, const Packet *p)
{
EveStreamLogThread *td = data;
EveStreamOutputCtx *ctx = td->stream_ctx;
return 0;
}
-static int JsonAlertLogCondition(ThreadVars *tv, void *thread_data, const Packet *p)
+static bool JsonAlertLogCondition(ThreadVars *tv, void *thread_data, const Packet *p)
{
- if (p->alerts.cnt || (p->flags & PKT_HAS_TAG)) {
- return TRUE;
- }
- return FALSE;
+ return (p->alerts.cnt || (p->flags & PKT_HAS_TAG));
}
static TmEcode JsonAlertLogThreadInit(ThreadVars *t, const void *initdata, void **data)
return AnomalyJson(tv, aft, p);
}
-static int JsonAnomalyLogCondition(ThreadVars *tv, void *thread_data, const Packet *p)
+static bool JsonAnomalyLogCondition(ThreadVars *tv, void *thread_data, const Packet *p)
{
return p->events.cnt > 0 ||
(p->app_layer_events && p->app_layer_events->cnt > 0) ||
return 0;
}
-
/**
* \brief Check if we need to drop-log this packet
*
* \param tv Pointer the current thread variables
* \param p Pointer the packet which is tested
*
- * \retval bool TRUE or FALSE
+ * \retval bool true or false
*/
-static int JsonDropLogCondition(ThreadVars *tv, void *data, const Packet *p)
+static bool JsonDropLogCondition(ThreadVars *tv, void *data, const Packet *p)
{
if (!EngineModeIsIPS()) {
SCLogDebug("engine is not running in inline mode, so returning");
- return FALSE;
+ return false;
}
if (PKT_IS_PSEUDOPKT(p)) {
SCLogDebug("drop log doesn't log pseudo packets");
- return FALSE;
+ return false;
}
if (!(PacketCheckAction(p, ACTION_DROP))) {
- return FALSE;
+ return false;
}
if (g_droplog_flows_start && p->flow != NULL) {
- int ret = FALSE;
+ bool ret = false;
/* for a flow that will be dropped fully, log just once per direction */
if (p->flow->flags & FLOW_ACTION_DROP) {
if (PKT_IS_TOSERVER(p) && !(p->flow->flags & FLOW_TOSERVER_DROP_LOGGED))
- ret = TRUE;
+ ret = true;
else if (PKT_IS_TOCLIENT(p) && !(p->flow->flags & FLOW_TOCLIENT_DROP_LOGGED))
- ret = TRUE;
+ ret = true;
}
/* if drop is caused by signature, log anyway */
if (p->alerts.drop.action != 0)
- ret = TRUE;
+ ret = true;
return ret;
}
- return TRUE;
+ return true;
}
void JsonDropLogRegister (void)
return FrameJson(tv, aft, p);
}
-static int JsonFrameLogCondition(ThreadVars *tv, void *thread_data, const Packet *p)
+static bool JsonFrameLogCondition(ThreadVars *tv, void *thread_data, const Packet *p)
{
if (p->flow == NULL || p->flow->alproto == ALPROTO_UNKNOWN)
- return FALSE;
+ return false;
if ((p->proto == IPPROTO_TCP || p->proto == IPPROTO_UDP) && p->flow->alparser != NULL) {
FramesContainer *frames_container = AppLayerFramesGetContainer(p->flow);
if (frames_container == NULL)
- return FALSE;
+ return false;
Frames *frames;
if (PKT_IS_TOSERVER(p)) {
}
return (frames->cnt != 0);
}
- return FALSE;
+ return false;
}
static TmEcode JsonFrameLogThreadInit(ThreadVars *t, const void *initdata, void **data)
return MetadataJson(tv, aft, p);
}
-static int JsonMetadataLogCondition(ThreadVars *tv, void *data, const Packet *p)
+static bool JsonMetadataLogCondition(ThreadVars *tv, void *data, const Packet *p)
{
- if (p->pktvar) {
- return TRUE;
- }
- return FALSE;
+ return p->pktvar != NULL;
}
void JsonMetadataLogRegister (void)
*
* A single call to this function will run one script for a single
* packet. If it is called, it means that the registered condition
- * function has returned TRUE.
+ * function has returned true.
*
* The script is called once for each alert stored in the packet.
*
SCReturnInt(0);
}
-static int LuaPacketConditionAlerts(ThreadVars *tv, void *data, const Packet *p)
+static bool LuaPacketConditionAlerts(ThreadVars *tv, void *data, const Packet *p)
{
- if (p->alerts.cnt > 0)
- return TRUE;
- return FALSE;
+ return (p->alerts.cnt > 0);
}
/** \internal
*
* A single call to this function will run one script for a single
* packet. If it is called, it means that the registered condition
- * function has returned TRUE.
+ * function has returned true.
*
* The script is called once for each packet.
*
SCReturnInt(0);
}
-static int LuaPacketCondition(ThreadVars *tv, void *data, const Packet *p)
+static bool LuaPacketCondition(ThreadVars *tv, void *data, const Packet *p)
{
- return TRUE;
+ return true;
}
/** \internal
while (logger && store) {
DEBUG_VALIDATE_BUG_ON(logger->LogFunc == NULL || logger->ConditionFunc == NULL);
- if ((logger->ConditionFunc(tv, store->thread_data, (const Packet *)p)) == TRUE) {
+ if (logger->ConditionFunc(tv, store->thread_data, (const Packet *)p)) {
PACKET_PROFILING_LOGGER_START(p, logger->logger_id);
logger->LogFunc(tv, store->thread_data, (const Packet *)p);
PACKET_PROFILING_LOGGER_END(p, logger->logger_id);
/** packet logger condition function pointer type,
* must return true for packets that should be logged
*/
-typedef int (*PacketLogCondition)(ThreadVars *, void *thread_data, const Packet *);
+typedef bool (*PacketLogCondition)(ThreadVars *, void *thread_data, const Packet *);
int OutputRegisterPacketLogger(LoggerId logger_id, const char *name,
PacketLogger LogFunc, PacketLogCondition ConditionFunc, OutputCtx *,
SCLogDebug("EOF, so log now");
} else {
if (logger->LogCondition) {
- int r = logger->LogCondition(tv, p, alstate, tx, tx_id);
- if (r == FALSE) {
+ if (!logger->LogCondition(tv, p, alstate, tx, tx_id)) {
SCLogDebug("conditions not met, not logging");
goto next_logger;
}
/** tx logger condition function pointer type,
* must return true for tx that should be logged
*/
-typedef int (*TxLoggerCondition)(ThreadVars *, const Packet *, void *state, void *tx, uint64_t tx_id);
+typedef bool (*TxLoggerCondition)(
+ ThreadVars *, const Packet *, void *state, void *tx, uint64_t tx_id);
int OutputRegisterTxLogger(LoggerId id, const char *name, AppProto alproto,
TxLogger LogFunc,
projects / thirdparty / suricata.git / commitdiff
