bool Converter::empty_args = false;
bool Converter::convert_rules_mult_files = true;
bool Converter::convert_conf_mult_files = true;
-bool Converter::bind_wizard = false;
+bool Converter::bind_wizard = true;
+bool Converter::bind_port = false;
bool Converter::convert_max_session = true;
Converter::Converter() :
// vector::clear()'s ordering isn't deterministic but this is
// keep in place for stable regressions
std::stable_sort(binders.rbegin(), binders.rend());
+ for (auto it = binders.begin(); it != binders.end();)
+ {
+ if ( (*it)->has_ports() )
+ it = binders.erase(it);
+ else
+ ++it;
+ }
while ( !binders.empty() )
binders.pop_back();
}
inline static bool get_bind_wizard()
{ return bind_wizard; }
+ inline static void set_bind_port(bool val)
+ { bind_port = val; }
+
+ inline static bool get_bind_port()
+ { return bind_port; }
+
static void unset_convert_max_session()
{ convert_max_session = false; }
static bool convert_conf_mult_files;
static bool empty_args;
static bool bind_wizard;
+ static bool bind_port;
static bool convert_max_session;
bool ftp_data_is_added = false;
static void bind_wizard(const char* /*key*/, const char* /*val*/)
{ Converter::set_bind_wizard(true); }
+static void bind_port(const char* /*key*/, const char* /*val*/)
+{
+ Converter::set_bind_port(true);
+ Converter::set_bind_wizard(false);
+}
+
static void print_all(const char* /*key*/, const char* /*val*/)
{ DataApi::set_default_print(); }
{ "bind-wizard", bind_wizard, "",
"Add default wizard to bindings" },
+ { "bind-port", bind_port, "",
+ "Convert port bindings" },
+
{ "conf-file", parse_config_file, "",
"Same as '-c'. A Snort <snort_conf> file which will be converted" },
table_api.open_top_level_table("binder");
table_api.open_table(true);
- table_api.open_table("when", true);
+ if (use_type != "wizard")
+ {
+ table_api.open_table("when", true);
- //FIXIT-M this needs to be split out into ips, network, and inspection
- if ( has_ips_policy_id() )
- table_api.add_option("ips_policy_id", when_ips_policy_id);
+ //FIXIT-M this needs to be split out into ips, network, and inspection
+ if ( has_ips_policy_id() )
+ table_api.add_option("ips_policy_id", when_ips_policy_id);
- for ( const auto& s : vlans )
- table_api.add_list("vlans", s);
+ for ( const auto& s : vlans )
+ table_api.add_list("vlans", s);
- if ( has_service() )
- table_api.add_option("service", when_service);
+ if ( has_service() )
+ table_api.add_option("service", when_service);
- for ( const auto& n : src_nets )
- table_api.add_list("src_nets", n);
+ for ( const auto& n : src_nets )
+ table_api.add_list("src_nets", n);
- for ( const auto& n : dst_nets )
- table_api.add_list("dst_nets", n);
+ for ( const auto& n : dst_nets )
+ table_api.add_list("dst_nets", n);
- for ( const auto& n : nets )
- table_api.add_list("nets", n);
+ for ( const auto& n : nets )
+ table_api.add_list("nets", n);
- for ( const auto& p : src_ports )
- table_api.add_list("src_ports", p);
+ for ( const auto& p : src_ports )
+ table_api.add_list("src_ports", p);
- for ( const auto& p : dst_ports )
- table_api.add_list("dst_ports", p);
+ for ( const auto& p : dst_ports )
+ table_api.add_list("dst_ports", p);
- for ( const auto& p : ports )
- table_api.add_list("ports", p);
+ for ( const auto& p : ports )
+ table_api.add_list("ports", p);
- for ( const auto& p : when_src_zone )
- table_api.add_list("src_zone", p);
+ for ( const auto& p : when_src_zone )
+ table_api.add_list("src_zone", p);
- for ( const auto& p : when_dst_zone )
- table_api.add_list("dst_zone", p);
+ for ( const auto& p : when_dst_zone )
+ table_api.add_list("dst_zone", p);
- for ( const auto& p : zones )
- table_api.add_list("zones", p);
+ for ( const auto& p : zones )
+ table_api.add_list("zones", p);
- if ( has_proto() )
- table_api.add_option("proto", when_proto);
+ if ( has_proto() )
+ table_api.add_option("proto", when_proto);
- if ( has_role() )
- table_api.add_option("role", when_role);
+ if ( has_role() )
+ table_api.add_option("role", when_role);
- table_api.close_table(); // "when"
+ table_api.close_table(); // "when"
+ }
table_api.open_table("use", true);
std::string transport[5] = { "smb", "tcp", "udp", "http_proxy", "http_server" };
-std::map <std::string, std::vector<uint16_t> > default_ports
+std::map <std::string, std::string> default_bindings
{
- { "smb", { 139, 445 }
+ { "smb", "netbios-ssn"
},
- { "tcp", { 135 }
+ { "tcp", "dcerpc"
},
- { "udp", { 135 }
+ { "udp", "dcerpc"
},
- { "http_proxy", { 80 }
+ { "http_proxy", "dce_http_proxy"
},
- { "http_server", { 593 }
+ { "http_server", "dce_http_server"
}
};
{
for (const auto& type: transport)
{
- detect_ports_set[type] = false;
+ default_binding[type] = true;
}
}
return tmpval;
}
-void DcerpcServer::add_default_ports(const std::string& type, std::map<std::string,Binder*> bind)
+void DcerpcServer::add_default_binding(const std::string& type, std::map<std::string,Binder*> bind)
{
- for (auto port : default_ports[type])
- {
- bind[type]->add_when_port(std::to_string(port));
- }
+ bind[type]->set_when_service(default_bindings[type]);
}
// add single port / range
}
}
- detect_ports_set[type] = true;
+ default_binding[type] = false;
return true;
}
{
if (is_detect)
{
- detect_ports_set[transport_type] = true;
bind[transport_type]->print_binding(false);
}
}
add_deleted_comment_to_table(table_api, table_name[type], "autodetect");
continue;
}
-
- // remove '[',']'
- ports.erase(std::remove(ports.begin(), ports.end(), '['), ports.end());
- ports.erase(std::remove(ports.begin(), ports.end(), ']'), ports.end());
- // remove extra spaces
- ports.erase(remove_if(ports.begin(), ports.end(), isspace), ports.end());
-
- if (!parse_and_add_ports(ports, type, bind, bind_port_to_tcp))
+ if (cv.get_bind_port())
{
- return false;
+ // remove '[',']'
+ ports.erase(std::remove(ports.begin(), ports.end(), '['), ports.end());
+ ports.erase(std::remove(ports.begin(), ports.end(), ']'), ports.end());
+ // remove extra spaces
+ ports.erase(remove_if(ports.begin(), ports.end(), isspace), ports.end());
+
+ if (!parse_and_add_ports(ports, type, bind, bind_port_to_tcp))
+ {
+ return false;
+ }
}
}
break;
// FIXIT-M add when there is a way to make this play with http_inspect bindings
// port 80 should not be added by default. If explicitly configured and conflicting
// with other bindings, punt to wizard
- bind["http_proxy"]->print_binding(false);
+ if ( cv.get_bind_port() )
+ bind["http_proxy"]->print_binding(false);
+ bool bind_port = cv.get_bind_port();
for (const auto& type : transport)
{
- bind[type]->set_when_proto("tcp");
+ if ( bind_port )
+ bind[type]->set_when_proto("tcp");
bind[type]->set_use_type("dce_" + type);
}
bind["udp"]->set_when_proto("udp");
- bind["tcp"]->set_when_service("dce_tcp");
+ bind["tcp"]->set_when_proto("tcp");
+ if ( bind_port )
+ bind["tcp"]->set_when_service("dce_tcp");
if (!(data_stream >> keyword))
return false;
for (const auto& type : transport)
{
- if (!detect_ports_set[type])
+ if (default_binding[type])
{
- add_default_ports(type, bind);
+ add_default_binding(type, bind);
}
}
bool parse_smb_file_inspection(std::istringstream& data_stream);
bool parse_detect(std::istringstream& data_stream, std::map<std::string, Binder*> bind, bool
is_detect);
- void add_default_ports(const std::string& type, std::map<std::string, Binder*> bind);
+ void add_default_binding(const std::string& type, std::map<std::string, Binder*> bind);
bool parse_and_add_ports(const std::string& ports, const std::string& type, std::map<std::string,
Binder*> bind, bool bind_port_to_tcp);
bool init_net_created_table();
bool parse_nets(std::istringstream& data_stream, std::map<std::string,
Binder*> bind);
bool add_option_to_transports(const std::string& option, const std::string& value, bool co_only);
- std::map<std::string, bool> detect_ports_set;
- std::map<std::string, bool> autodetect_ports_set;
+ std::map<std::string, bool> default_binding;
std::map<std::string, std::string> table_name;
static int binding_id;
};
if (converted_args)
return;
- auto& tcp_bind = cv.make_binder();
- tcp_bind.set_when_proto("tcp");
- tcp_bind.add_when_port("20000");
- tcp_bind.set_use_type("dnp3");
+ if (!cv.get_bind_port())
+ {
+ auto& bind = cv.make_binder();
+ bind.set_when_service("dnp3");
+ bind.set_use_type("dnp3");
+ }
+ else
+ {
+ auto& tcp_bind = cv.make_binder();
+ tcp_bind.set_when_proto("tcp");
+ tcp_bind.add_when_port("20000");
+ tcp_bind.set_use_type("dnp3");
- auto& udp_bind = cv.make_binder();
- udp_bind.set_when_proto("udp");
- udp_bind.add_when_port("20000");
- udp_bind.set_use_type("dnp3");
+ auto& udp_bind = cv.make_binder();
+ udp_bind.set_when_proto("udp");
+ udp_bind.add_when_port("20000");
+ udp_bind.set_use_type("dnp3");
+ }
table_api.open_table("dnp3");
table_api.close_table();
}
{
std::string keyword;
bool retval = true;
- bool ports_set = false;
- auto& tcp_bind = cv.make_binder();
- auto& udp_bind = cv.make_binder();
+ bool default_binding = true;
converted_args = true;
- tcp_bind.set_when_proto("tcp");
- tcp_bind.set_use_type("dnp3");
- udp_bind.set_when_proto("udp");
- udp_bind.set_use_type("dnp3");
-
table_api.open_table("dnp3");
// parse the file configuration
}
else if (keyword == "ports")
{
- table_api.add_diff_option_comment("ports", "bindings");
-
- if ((data_stream >> keyword) && keyword == "{")
+ if (!cv.get_bind_port())
+ default_binding = parse_bracketed_unsupported_list("ports", data_stream);
+ else
{
- while (data_stream >> keyword && keyword != "}")
+ table_api.add_diff_option_comment("ports", "bindings");
+
+ if ((data_stream >> keyword) && keyword == "{")
{
- ports_set = true;
- tcp_bind.add_when_port(keyword);
- udp_bind.add_when_port(keyword);
+ auto& tcp_bind = cv.make_binder();
+ auto& udp_bind = cv.make_binder();
+ tcp_bind.set_when_proto("tcp");
+ tcp_bind.set_use_type("dnp3");
+ udp_bind.set_when_proto("udp");
+ udp_bind.set_use_type("dnp3");
+ while (data_stream >> keyword && keyword != "}")
+ {
+ default_binding = false;
+ tcp_bind.add_when_port(keyword);
+ udp_bind.add_when_port(keyword);
+ }
+ }
+ else
+ {
+ data_api.failed_conversion(data_stream, "ports <bracketed_port_list>");
+ retval = false;
}
- }
- else
- {
- data_api.failed_conversion(data_stream, "ports <bracketed_port_list>");
- retval = false;
}
}
else
}
}
- if (!ports_set)
+ if (default_binding)
{
- tcp_bind.add_when_port("20000");
- udp_bind.add_when_port("20000");
+ auto& bind = cv.make_binder();
+ bind.set_when_service("dnp3");
+ bind.set_use_type("dnp3");
}
return retval;
std::string keyword;
bool retval = true;
bool ports_set = false;
- auto& bind = cv.make_binder();
- bind.set_when_proto("tcp");
- bind.set_use_type("dns");
+ auto& tcp_bind = cv.make_binder();
+ tcp_bind.set_when_proto("tcp");
+ tcp_bind.set_use_type("dns");
+
+ auto& udp_bind = cv.make_binder();
+ udp_bind.set_when_proto("udp");
+ udp_bind.set_use_type("dns");
table_api.open_table("dns");
while (data_stream >> keyword && keyword != "}")
{
ports_set = true;
- bind.set_when_role("server");
- bind.add_when_port(keyword);
+ tcp_bind.set_when_role("server");
+ tcp_bind.add_when_port(keyword);
+ udp_bind.set_when_role("server");
+ udp_bind.add_when_port(keyword);
}
}
else
if (!ports_set)
{
- bind.set_when_role("server");
- bind.add_when_port("53");
+ tcp_bind.set_when_role("server");
+ tcp_bind.add_when_port("53");
+ udp_bind.set_when_role("server");
+ udp_bind.add_when_port("53");
}
return retval;
{
std::string keyword;
bool retval = true;
- bool ports_set = false;
+ bool default_binding = true;
// Set up ftp_data whenever we have ftp_server configured.
if(!cv.added_ftp_data())
auto& bind = cv.make_binder();
bind.set_use_type("ftp_server");
- bind.set_when_proto("tcp");
if (data_stream >> keyword)
{
}
else if (keyword == "ports")
{
- table_api.add_diff_option_comment("ports", "bindings");
- table_api.add_comment("check bindings table for port information");
-
- if ((data_stream >> keyword) && keyword == "{")
+ if (!cv.get_bind_port())
+ default_binding = parse_bracketed_unsupported_list("ports", data_stream);
+ else
{
- while (data_stream >> keyword && keyword != "}")
+ table_api.add_diff_option_comment("ports", "bindings");
+ table_api.add_comment("check bindings table for port information");
+
+ if ((data_stream >> keyword) && keyword == "{")
+ {
+ bind.set_when_proto("tcp");
+ while (data_stream >> keyword && keyword != "}")
+ {
+ default_binding = false;
+ bind.add_when_port(keyword);
+ }
+ }
+ else
{
- bind.add_when_port(keyword);
- ports_set = true;
+ tmpval = false;
}
}
- else
- {
- tmpval = false;
- }
}
else
{
table_api.close_table();
}
- if (!ports_set)
- bind.add_when_port("21");
+ if (default_binding)
+ bind.set_when_service("ftp");
return retval;
}
bool Telnet::convert(std::istringstream& data_stream)
{
std::string keyword;
- bool ports_set = false;
+ bool default_binding = true;
bool retval = true;
auto& bind = cv.make_binder();
- bind.set_when_proto("tcp");
bind.set_use_type("telnet");
table_api.open_table("telnet");
}
else if (keyword == "ports")
{
- table_api.add_diff_option_comment("ports", "bindings");
- table_api.add_comment("check bindings table for port information");
-
- // adding ports to the binding.
- if ((data_stream >> keyword) && keyword == "{")
+ if (!cv.get_bind_port())
+ default_binding = parse_bracketed_unsupported_list("ports", data_stream);
+ else
{
- while (data_stream >> keyword && keyword != "}")
+ table_api.add_diff_option_comment("ports", "bindings");
+ table_api.add_comment("check bindings table for port information");
+
+ // adding ports to the binding.
+ if ((data_stream >> keyword) && keyword == "{")
+ {
+ bind.set_when_proto("tcp");
+ while (data_stream >> keyword && keyword != "}")
+ {
+ default_binding = false;
+ bind.add_when_port(keyword);
+ }
+ }
+ else
{
- ports_set = true;
- bind.add_when_port(keyword);
+ data_api.failed_conversion(data_stream, "ports - invalid port list");
+ retval = false;
}
}
- else
- {
- data_api.failed_conversion(data_stream, "ports - invalid port list");
- retval = false;
- }
}
else
{
}
}
- // adding the default port.
- if (!ports_set)
- bind.add_when_port("23");
+ // adding the default service binding.
+ if (default_binding)
+ bind.set_when_service("telnet");
return retval;
}
{
std::string keyword;
bool retval = true;
- bool ports_set = false;
+ bool default_binding = true;
bool simplify = false;
bool slash_dir_set = false;
auto& bind = cv.make_binder();
- bind.set_when_proto("tcp");
bind.set_use_type("http_inspect");
if (!(data_stream >> keyword) || keyword != "server")
else if (keyword == "ports")
{
- table_api.add_diff_option_comment("ports", "bindings");
-
- if ((data_stream >> keyword) && keyword == "{")
+ if (!cv.get_bind_port())
+ default_binding = parse_bracketed_unsupported_list("ports", data_stream);
+ else
{
- while (data_stream >> keyword && keyword != "}")
+ table_api.add_diff_option_comment("ports", "bindings");
+
+ if ((data_stream >> keyword) && keyword == "{")
{
- ports_set = true;
- bind.set_when_role("server");
- bind.add_when_port(keyword);
+ bind.set_when_proto("tcp");
+ while (data_stream >> keyword && keyword != "}")
+ {
+ default_binding = false;
+ bind.set_when_role("server");
+ bind.add_when_port(keyword);
+ }
+ }
+ else
+ {
+ data_api.failed_conversion(data_stream, "ports <bracketed_port_list>");
+ retval = false;
}
- }
- else
- {
- data_api.failed_conversion(data_stream, "ports <bracketed_port_list>");
- retval = false;
}
}
else if (keyword == "small_chunk_length")
}
}
- if (!ports_set)
+ if (default_binding)
{
- bind.set_when_role("server");
- bind.add_when_port("80");
+ bind.set_when_service("http");
}
return retval;
}
{
std::string keyword;
bool retval = true;
- bool ports_set = false;
+ bool default_binding = true;
auto& bind = cv.make_binder();
- bind.set_when_proto("tcp");
bind.set_use_type("imap");
table_api.open_table("imap");
else if (keyword == "ports")
{
- table_api.add_diff_option_comment("ports", "bindings");
-
- if ((data_stream >> keyword) && keyword == "{")
+ if (!cv.get_bind_port())
+ default_binding = parse_bracketed_unsupported_list("ports", data_stream);
+ else
{
- while (data_stream >> keyword && keyword != "}")
+ table_api.add_diff_option_comment("ports", "bindings");
+
+ if ((data_stream >> keyword) && keyword == "{")
{
- ports_set = true;
- bind.add_when_port(keyword);
+ bind.set_when_proto("tcp");
+ while (data_stream >> keyword && keyword != "}")
+ {
+ default_binding = false;;
+ bind.add_when_port(keyword);
+ }
+ }
+ else
+ {
+ data_api.failed_conversion(data_stream, "ports <bracketed_port_list>");
+ retval = false;
}
- }
- else
- {
- data_api.failed_conversion(data_stream, "ports <bracketed_port_list>");
- retval = false;
}
}
}
}
- if (!ports_set)
- bind.add_when_port("143");
+ if (default_binding)
+ {
+ bind.set_when_service("imap");
+ }
return retval;
}
{
std::string keyword;
bool retval = true;
- bool ports_set = false;
+ bool default_binding = true;
auto& bind = cv.make_binder();
- bind.set_when_proto("tcp");
bind.set_use_type("pop");
table_api.open_table("pop");
else if (keyword == "ports")
{
- table_api.add_diff_option_comment("ports", "bindings");
-
- if ((data_stream >> keyword) && keyword == "{")
+ if (!cv.get_bind_port())
+ default_binding = parse_bracketed_unsupported_list("ports", data_stream);
+ else
{
- while (data_stream >> keyword && keyword != "}")
+ table_api.add_diff_option_comment("ports", "bindings");
+
+ if ((data_stream >> keyword) && keyword == "{")
{
- ports_set = true;
- bind.add_when_port(keyword);
+ bind.set_when_proto("tcp");
+ while (data_stream >> keyword && keyword != "}")
+ {
+ default_binding = false;
+ bind.add_when_port(keyword);
+ }
+ }
+ else
+ {
+ data_api.failed_conversion(data_stream, "ports <bracketed_port_list>");
+ retval = false;
}
- }
- else
- {
- data_api.failed_conversion(data_stream, "ports <bracketed_port_list>");
- retval = false;
}
}
}
}
- if (!ports_set)
- bind.add_when_port("110");
+ if (default_binding)
+ bind.set_when_service("pop3");
return retval;
}
{
std::string keyword;
bool retval = true;
- bool ports_set = false;
+ bool default_binding = true;
auto& bind = cv.make_binder();
bind.set_use_type("sip");
else if (keyword == "ports")
{
- table_api.add_diff_option_comment("ports", "bindings");
-
- if ((arg_stream >> keyword) && keyword == "{")
+ if (!cv.get_bind_port())
+ default_binding = parse_bracketed_unsupported_list("ports", arg_stream);
+ else
{
- while (arg_stream >> keyword && keyword != "}")
+ table_api.add_diff_option_comment("ports", "bindings");
+
+ if ((arg_stream >> keyword) && keyword == "{")
{
- ports_set = true;
- bind.add_when_port(keyword);
+ while (arg_stream >> keyword && keyword != "}")
+ {
+ default_binding = false;
+ bind.add_when_port(keyword);
+ }
+ }
+ else
+ {
+ data_api.failed_conversion(arg_stream, "ports <bracketed_port_list>");
+ retval = false;
}
- }
- else
- {
- data_api.failed_conversion(arg_stream, "ports <bracketed_port_list>");
- retval = false;
}
}
}
}
- if (!ports_set)
- {
- bind.add_when_port("5060");
- bind.add_when_port("5061");
- bind.add_when_port("5600");
- }
+ if (default_binding)
+ bind.set_when_service("sip");
return retval;
}
{
std::string keyword;
bool retval = true;
- bool ports_set = false;
+ bool default_binding = true;
auto& bind = cv.make_binder();
- bind.set_when_proto("tcp");
bind.set_use_type("smtp");
table_api.open_table("smtp");
}
else if (keyword == "ports")
{
- table_api.add_diff_option_comment("ports", "bindings");
-
- if ((data_stream >> keyword) && keyword == "{")
+ if (!cv.get_bind_port())
+ default_binding = parse_bracketed_unsupported_list("ports", data_stream);
+ else
{
- while (data_stream >> keyword && keyword != "}")
+
+ table_api.add_diff_option_comment("ports", "bindings");
+
+ if ((data_stream >> keyword) && keyword == "{")
{
- ports_set = true;
- bind.add_when_port(keyword);
+ bind.set_when_proto("tcp");
+ while (data_stream >> keyword && keyword != "}")
+ {
+ default_binding = false;
+ bind.add_when_port(keyword);
+ }
+ }
+ else
+ {
+ data_api.failed_conversion(data_stream, "ports <bracketed_port_list>");
+ retval = false;
}
- }
- else
- {
- data_api.failed_conversion(data_stream, "ports <bracketed_port_list>");
- retval = false;
}
}
else
table_api.close_table();
}
- if (!ports_set)
- bind.add_when_port("25");
- bind.add_when_port("465");
- bind.add_when_port("587");
- bind.add_when_port("691");
+ if (default_binding)
+ bind.set_when_service("smtp");
return retval;
}
{
std::string keyword;
bool retval = true;
- bool ports_set = false;
+ bool default_binding = true;
auto& bind = cv.make_binder();
- bind.set_when_proto("tcp");
bind.set_use_type("ssh");
table_api.open_table("ssh");
else if (keyword == "server_ports")
{
- table_api.add_diff_option_comment("server_ports", "bindings");
-
- if ((data_stream >> keyword) && keyword == "{")
+ if (!cv.get_bind_port())
+ default_binding = parse_bracketed_unsupported_list("server_ports", data_stream);
+ else
{
- while (data_stream >> keyword && keyword != "}")
+ table_api.add_diff_option_comment("server_ports", "bindings");
+
+ if ((data_stream >> keyword) && keyword == "{")
{
- ports_set = true;
- bind.add_when_port(keyword);
+ bind.set_when_proto("tcp");
+ while (data_stream >> keyword && keyword != "}")
+ {
+ default_binding = false;
+ bind.add_when_port(keyword);
+ }
+ }
+ else
+ {
+ data_api.failed_conversion(data_stream, "server_ports <bracketed_port_list>");
+ retval = false;
}
- }
- else
- {
- data_api.failed_conversion(data_stream, "server_ports <bracketed_port_list>");
- retval = false;
}
}
}
}
- if (!ports_set)
- bind.add_when_port("22");
+ if (default_binding)
+ bind.set_when_service("ssh");
return retval;
}
{
std::string keyword;
bool retval = true;
- bool ports_set = false;
+ bool default_binding = true;
auto& bind = cv.make_binder();
- bind.set_when_proto("tcp");
bind.set_use_type("ssl");
table_api.open_table("ssl");
}
else if (keyword == "ports")
{
- table_api.add_diff_option_comment("ports", "bindings");
-
- if (arg_stream >> keyword)
+ if (!cv.get_bind_port())
+ default_binding = parse_bracketed_unsupported_list("ports", arg_stream);
+ else
{
- if (keyword == "{")
+ table_api.add_diff_option_comment("ports", "bindings");
+
+ if (arg_stream >> keyword)
{
- while (arg_stream >> keyword && keyword != "}")
+ if (keyword == "{")
{
- ports_set = true;
- bind.add_when_port(keyword);
+ bind.set_when_proto("tcp");
+ while (arg_stream >> keyword && keyword != "}")
+ {
+ default_binding = false;
+ bind.add_when_port(keyword);
+ }
+ }
+ else
+ {
+ data_api.failed_conversion(arg_stream, "ports <bracketed_port_list>");
+ retval = false;
}
- }
- else
- {
- data_api.failed_conversion(arg_stream, "ports <bracketed_port_list>");
- retval = false;
}
}
}
}
}
- if (!ports_set)
- {
- bind.add_when_port("443");
- bind.add_when_port("465");
- bind.add_when_port("563");
- bind.add_when_port("639");
- bind.add_when_port("989");
- bind.add_when_port("992");
- bind.add_when_port("993");
- bind.add_when_port("994");
- bind.add_when_port("995");
- bind.add_when_port("7801");
- bind.add_when_port("7802");
- bind.add_when_port("7900");
- bind.add_when_port("7901");
- bind.add_when_port("7902");
- bind.add_when_port("7903");
- bind.add_when_port("7904");
- bind.add_when_port("7905");
- bind.add_when_port("7906");
- bind.add_when_port("7907");
- bind.add_when_port("7908");
- bind.add_when_port("7909");
- bind.add_when_port("7910");
- bind.add_when_port("7911");
- bind.add_when_port("7912");
- bind.add_when_port("7913");
- bind.add_when_port("7914");
- bind.add_when_port("7915");
- bind.add_when_port("7916");
- bind.add_when_port("7917");
- bind.add_when_port("7918");
- bind.add_when_port("7919");
- bind.add_when_port("7920");
- }
+ if (default_binding)
+ bind.set_when_service("ssl");
return retval;
}
}
}
+ if (!cv.get_bind_port())
+ {
+ bind_any->print_binding(false);
+ bind_client->print_binding(false);
+ bind_server->print_binding(false);
+ }
+
return true;
}
while (arg_stream >> protocol);
}
}
+ if (!cv.get_bind_port())
+ {
+ bind_any->print_binding(false);
+ bind_client->print_binding(false);
+ bind_server->print_binding(false);
+ }
return true;
}
if (!ports_set)
{
- const std::vector<std::string> default_ports = { "21", "23", "25", "42",
- "53", "80", "110", "111", "135", "136",
- "137", "139", "143", "445",
- "513", "514", "1433", "1521", "2401",
- "3306" };
-
- for (const std::string& s : default_ports)
- bind_default->add_when_port(s);
+ if ( cv.get_bind_port() )
+ {
+ const std::vector<std::string> default_ports = { "21", "23", "25", "42",
+ "53", "80", "110", "111", "135", "136",
+ "137", "139", "143", "445",
+ "513", "514", "1433", "1521", "2401",
+ "3306" };
+
+ for (const std::string& s : default_ports)
+ bind_default->add_when_port(s);
+ }
+ else
+ bind_default->print_binding(false);
}
// Add the port bindings separately from the protocol bindings since
cv.make_binder(any);
any.clear_ports();
- if (!protos_set)
+ if (!protos_set and cv.get_bind_port())
{
const std::vector<std::string> default_protos =
{ "ftp", "telnet", "smtp", "nameserver", "dns", "http",
projects / thirdparty / snort3.git / commitdiff
