template: dynamic buffer

author Victor Julien <victor@inliniac.net>

Mon, 12 Dec 2016 11:03:46 +0000 (12:03 +0100)

committer Victor Julien <victor@inliniac.net>

Thu, 16 Feb 2017 09:35:40 +0000 (10:35 +0100)
author Victor Julien <victor@inliniac.net>
Mon, 12 Dec 2016 11:03:46 +0000 (12:03 +0100)
committer Victor Julien <victor@inliniac.net>
Thu, 16 Feb 2017 09:35:40 +0000 (10:35 +0100)
diff --git a/src/detect-engine.c b/src/detect-engine.c

index d49cd24649b327bf1df2f7a050457996a5ef574c..b0941fe8427b3557d5e82ea1384cdffd4e8f54df 100644 (file)
--- a/src/detect-engine.c
+++ b/src/detect-engine.c
@@ -2808,9 +2808,6 @@ const char *DetectSigmatchListEnumToString(enum DetectSigmatchListEnum type)
          case DETECT_SM_LIST_BASE64_DATA:
              return "base64_data";
  
-        case DETECT_SM_LIST_TEMPLATE_BUFFER_MATCH:
-            return "template_buffer";
-
          case DETECT_SM_LIST_POSTMATCH:
              return "post-match";
  
@@ -2819,6 +2816,7 @@ const char *DetectSigmatchListEnumToString(enum DetectSigmatchListEnum type)
          case DETECT_SM_LIST_THRESHOLD:
              return "threshold";
  
+        case DETECT_SM_LIST_BUILTIN_MAX:
          case DETECT_SM_LIST_MAX:
              return "max (internal)";
          case DETECT_SM_LIST_NOTSET:
diff --git a/src/detect-parse.c b/src/detect-parse.c

index c4bb73395803427489223867cf08ac6be34f11c2..5f59ba6b14c771de3d4c99716f490ecaf606557c 100644 (file)
--- a/src/detect-parse.c
+++ b/src/detect-parse.c
@@ -144,7 +144,6 @@ const char *DetectListToHumanString(int list)
          CASE_CODE_STRING(DETECT_SM_LIST_AMATCH, "app-layer");
          CASE_CODE_STRING(DETECT_SM_LIST_DMATCH, "dcerpc");
          CASE_CODE_STRING(DETECT_SM_LIST_TMATCH, "tag");
-        CASE_CODE_STRING(DETECT_SM_LIST_TEMPLATE_BUFFER_MATCH, "template");
          CASE_CODE_STRING(DETECT_SM_LIST_POSTMATCH, "postmatch");
          CASE_CODE_STRING(DETECT_SM_LIST_SUPPRESS, "suppress");
          CASE_CODE_STRING(DETECT_SM_LIST_THRESHOLD, "threshold");
@@ -164,7 +163,6 @@ const char *DetectListToString(int list)
          CASE_CODE(DETECT_SM_LIST_AMATCH);
          CASE_CODE(DETECT_SM_LIST_DMATCH);
          CASE_CODE(DETECT_SM_LIST_TMATCH);
-        CASE_CODE(DETECT_SM_LIST_TEMPLATE_BUFFER_MATCH);
          CASE_CODE(DETECT_SM_LIST_POSTMATCH);
          CASE_CODE(DETECT_SM_LIST_SUPPRESS);
          CASE_CODE(DETECT_SM_LIST_THRESHOLD);
diff --git a/src/detect-template-buffer.c b/src/detect-template-buffer.c

index 866e717abebdeb5c0dbbf6eae363b45f5e553c0e..929153fd0907c718f21bd80d4732cf4b1a636669 100644 (file)
--- a/src/detect-template-buffer.c
+++ b/src/detect-template-buffer.c
@@ -39,6 +39,7 @@
  
  static int DetectTemplateBufferSetup(DetectEngineCtx *, Signature *, char *);
  static void DetectTemplateBufferRegisterTests(void);
+static int g_template_buffer_id = 0;
  
  void DetectTemplateBufferRegister(void)
  {
@@ -58,20 +59,22 @@ void DetectTemplateBufferRegister(void)
      sigmatch_table[DETECT_AL_TEMPLATE_BUFFER].flags |= SIGMATCH_PAYLOAD;
  
      /* register inspect engines */
-    DetectAppLayerInspectEngineRegister(ALPROTO_TEMPLATE, SIG_FLAG_TOSERVER,
-            DETECT_SM_LIST_TEMPLATE_BUFFER_MATCH,
+    DetectAppLayerInspectEngineRegister2("template_buffer",
+            ALPROTO_TEMPLATE, SIG_FLAG_TOSERVER,
              DetectEngineInspectTemplateBuffer);
-    DetectAppLayerInspectEngineRegister(ALPROTO_TEMPLATE, SIG_FLAG_TOCLIENT,
-            DETECT_SM_LIST_TEMPLATE_BUFFER_MATCH,
+    DetectAppLayerInspectEngineRegister2("template_buffer",
+            ALPROTO_TEMPLATE, SIG_FLAG_TOCLIENT,
              DetectEngineInspectTemplateBuffer);
  
+    g_template_buffer_id = DetectBufferTypeGetByName("template_buffer");
+
      SCLogNotice("Template application layer detect registered.");
  }
  
  static int DetectTemplateBufferSetup(DetectEngineCtx *de_ctx, Signature *s,
      char *str)
  {
-    s->init_data->list = DETECT_SM_LIST_TEMPLATE_BUFFER_MATCH;
+    s->init_data->list = g_template_buffer_id;
      s->alproto = ALPROTO_TEMPLATE;
      return 0;
  }
diff --git a/src/detect.h b/src/detect.h

index 5cb5ec379a1b03a8f8ac04b43a907e57b80c83db..e7f6a5765d449774b6abd3e0f45a2b6f63a27666 100644 (file)
--- a/src/detect.h
+++ b/src/detect.h
@@ -115,8 +115,6 @@ enum DetectSigmatchListEnum {
  
      DETECT_SM_LIST_BUILTIN_MAX,
  
-    DETECT_SM_LIST_TEMPLATE_BUFFER_MATCH = DETECT_SM_LIST_BUILTIN_MAX,
-
      DETECT_SM_LIST_MAX,
  
  };
author	Victor Julien <victor@inliniac.net>
	Mon, 12 Dec 2016 11:03:46 +0000 (12:03 +0100)
committer	Victor Julien <victor@inliniac.net>
	Thu, 16 Feb 2017 09:35:40 +0000 (10:35 +0100)
src/detect-engine.c		patch \| blob \| blame \| history
src/detect-parse.c		patch \| blob \| blame \| history
src/detect-template-buffer.c		patch \| blob \| blame \| history
src/detect.h		patch \| blob \| blame \| history