std::map<std::string, std::map<std::string, bool>> TraceParser::s_configured_trace_options;
-TraceParser::TraceParser(TraceConfig* tc)
+TraceParser::TraceParser(TraceConfig& tc)
: trace_config(tc)
{
- assert(trace_config);
-
// Will be initialized only once when first TraceParser instance created
if ( s_configured_trace_options.empty() )
init_configured_trace_options();
reset_configured_trace_options();
}
-bool TraceParser::set_traces(const std::string& option_name, const Value& val)
+bool TraceParser::set_traces(const std::string& module_name, const Value& val)
{
- if ( !s_configured_trace_options.count(option_name)
- and option_name != DEFAULT_TRACE_OPTION_NAME )
+ if ( !s_configured_trace_options.count(module_name)
+ and module_name != DEFAULT_TRACE_OPTION_NAME )
return false;
- if ( option_name == DEFAULT_TRACE_OPTION_NAME )
+ if ( module_name == DEFAULT_TRACE_OPTION_NAME )
{
for ( const auto& trace_options : s_configured_trace_options )
{
for ( const auto& trace_option : trace_options.second )
{
if ( !trace_option.second )
- trace_config->set_trace(trace_options.first, trace_option.first,
+ trace_config.set_trace(trace_options.first, trace_option.first,
val.get_uint8());
}
}
}
else if ( val.is(DEFAULT_TRACE_OPTION_NAME) )
{
- auto& trace_options = s_configured_trace_options[option_name];
+ auto& trace_options = s_configured_trace_options[module_name];
for ( const auto& trace_option : trace_options )
{
if ( !trace_option.second )
- trace_config->set_trace(option_name, trace_option.first, val.get_uint8());
+ trace_config.set_trace(module_name, trace_option.first, val.get_uint8());
}
trace_options[DEFAULT_TRACE_OPTION_NAME] = true;
}
else
{
- bool res = trace_config->set_trace(option_name, val.get_name(), val.get_uint8());
- s_configured_trace_options[option_name][val.get_name()] = res;
+ bool res = trace_config.set_trace(module_name, val.get_name(), val.get_uint8());
+ s_configured_trace_options[module_name][val.get_name()] = res;
return res;
}
}
void TraceParser::finalize_constraints()
{
if ( !parsed_constraints.match or parsed_constraints.set_bits )
- trace_config->constraints = new PacketConstraints(parsed_constraints);
+ trace_config.constraints = new PacketConstraints(parsed_constraints);
}
void TraceParser::clear_traces()
-{ trace_config->clear_traces(); }
+{ trace_config.clear_traces(); }
void TraceParser::clear_constraints()
{
- delete trace_config->constraints;
- trace_config->constraints = nullptr;
+ delete trace_config.constraints;
+ trace_config.constraints = nullptr;
}
void TraceParser::reset_configured_trace_options()
for ( const auto* module : trace_modules )
{
const TraceOption* trace_options = module->get_trace_options();
- if ( trace_options )
- {
- auto& module_trace_options = s_configured_trace_options[module->get_name()];
+ if ( !trace_options )
+ continue;
- module_trace_options[DEFAULT_TRACE_OPTION_NAME] = false;
- while ( trace_options->name )
- {
- module_trace_options[trace_options->name] = false;
- ++trace_options;
- }
+ auto& module_trace_options = s_configured_trace_options[module->get_name()];
+
+ module_trace_options[DEFAULT_TRACE_OPTION_NAME] = false;
+ while ( trace_options->name )
+ {
+ module_trace_options[trace_options->name] = false;
+ ++trace_options;
}
}
}
#include <catch/snort_catch.h>
-TEST_CASE("packet constraints", "[TraceParser]")
+#include "main/snort_config.h"
+
+#define CONFIG_OPTION(name, value, type, range) \
+ const Parameter name##_param( \
+ #name, type, range, nullptr, #name " test"); \
+ Value name(false); \
+ name.set(&name##_param); \
+ name.set(value);
+
+#define MODULE_OPTION(name, value) \
+ CONFIG_OPTION(name, value, Parameter::PT_INT, "0:255")
+
+#define PROTO_OPTION(name, value) \
+ CONFIG_OPTION(name, value, Parameter::PT_INT, "0:255")
+
+#define ADDR_OPTION(name, value) \
+ CONFIG_OPTION(name, value, Parameter::PT_STRING, nullptr)
+
+#define PORT_OPTION(name, value) \
+ CONFIG_OPTION(name, value, Parameter::PT_INT, "0:65535")
+
+enum { OPT_1, OPT_2 };
+
+static const TraceOption trace_options[] =
{
- TraceConfig tc;
- TraceParser tp(&tc);
+ { "option1", OPT_1, "test option 1" },
+ { "option2", OPT_2, "test option 2" },
+ { nullptr, 0, nullptr }
+};
- SECTION("ip_proto")
- {
- const Parameter ip_proto_param("ip_proto", Parameter::PT_INT, "0:255", nullptr,
- "test ip_proto param");
+static Trace *m1_trace, *m2_trace;
- Value val(false);
- val.set(&ip_proto_param);
+class Module1 : public Module
+{
+public:
+ Module1() : Module("mod_1", "testing trace parser module 1") { }
+ void set_trace(const Trace* t) const override { m1_trace = (Trace*)t; }
+ const TraceOption* get_trace_options() const override { return trace_options; }
- val.set(6l);
- CHECK( tp.set_constraints(val) );
- }
- SECTION("src_ip")
- {
- const Parameter src_ip_param("src_ip", Parameter::PT_STRING, nullptr, nullptr,
- "test src_ip param");
+};
+
+class Module2 : public Module
+{
+public:
+ Module2() : Module("mod_2", "testing trace parser module 2") { }
+ void set_trace(const Trace* t) const override { m2_trace = (Trace*)t; }
+ const TraceOption* get_trace_options() const override { return trace_options; }
+
+};
- Value val(false);
- val.set(&src_ip_param);
+TEST_CASE("modules traces", "[TraceParser]")
+{
+ static bool once = []()
+ {
+ ModuleManager::add_module(new Module1);
+ ModuleManager::add_module(new Module2);
+ return true;
+ } ();
+ (void)once;
- val.set("10.1.2.3");
- CHECK( tp.set_constraints(val) );
+ TraceConfig tc;
+ TraceParser tp(tc);
+ tc.setup_module_trace();
- val.set("10.1.2.300");
- CHECK( !tp.set_constraints(val) );
+ SECTION("invalid module")
+ {
+ MODULE_OPTION(all, 10l);
+ CHECK(!tp.set_traces("invalid_module", all));
}
- SECTION("src_port")
+
+ SECTION("invalid option")
{
- const Parameter src_port_param("src_port", Parameter::PT_INT, "0:65535", nullptr,
- "test src_port param");
+ MODULE_OPTION(invalid_option, 10l);
+ CHECK(!tp.set_traces("mod_1", invalid_option));
+ }
- Value val(false);
- val.set(&src_port_param);
+ SECTION("unset")
+ {
+ REQUIRE(m1_trace != nullptr);
+ REQUIRE(m2_trace != nullptr);
- val.set(100l);
- CHECK( tp.set_constraints(val) );
+ CHECK(!m1_trace->enabled(OPT_1));
+ CHECK(!m1_trace->enabled(OPT_2));
+ CHECK(!m2_trace->enabled(OPT_1));
+ CHECK(!m2_trace->enabled(OPT_2));
}
- SECTION("dst_ip")
+
+ SECTION("all modules")
{
- const Parameter dst_ip_param("dst_ip", Parameter::PT_STRING, nullptr, nullptr,
- "test dst_ip param");
+ MODULE_OPTION(all, 3l);
+ CHECK(tp.set_traces("all", all));
- Value val(false);
- val.set(&dst_ip_param);
+ REQUIRE(m1_trace != nullptr);
+ REQUIRE(m2_trace != nullptr);
- val.set("10.3.2.1");
- CHECK( tp.set_constraints(val) );
+ CHECK(m1_trace->enabled(OPT_1, 3));
+ CHECK(m1_trace->enabled(OPT_2, 3));
+ CHECK(m2_trace->enabled(OPT_1, 3));
+ CHECK(m2_trace->enabled(OPT_2, 3));
- val.set("10.300.2.1");
- CHECK( !tp.set_constraints(val) );
+ CHECK(!m1_trace->enabled(OPT_1, 4));
+ CHECK(!m1_trace->enabled(OPT_2, 4));
+ CHECK(!m2_trace->enabled(OPT_1, 4));
+ CHECK(!m2_trace->enabled(OPT_2, 4));
}
- SECTION("dst_port")
+
+ SECTION("module all")
{
- const Parameter dst_port_param("dst_port", Parameter::PT_INT, "0:65535", nullptr,
- "test dst_port param");
+ MODULE_OPTION(all, 3l);
+ CHECK(tp.set_traces("mod_1", all));
- Value val(false);
- val.set(&dst_port_param);
+ REQUIRE(m1_trace != nullptr);
+ REQUIRE(m2_trace != nullptr);
- val.set(200l);
- CHECK( tp.set_constraints(val) );
+ CHECK(m1_trace->enabled(OPT_1, 3));
+ CHECK(m1_trace->enabled(OPT_2, 3));
+ CHECK(!m2_trace->enabled(OPT_1, 3));
+ CHECK(!m2_trace->enabled(OPT_2, 3));
}
- SECTION("invalid_param")
- {
- const Parameter invalid_param("invalid_param", Parameter::PT_INT, "0:8", nullptr,
- "test invalid param");
- Value val(false);
- val.set(&invalid_param);
+ SECTION("options")
+ {
+ MODULE_OPTION(option1, 1l);
+ MODULE_OPTION(option2, 5l);
+ CHECK(tp.set_traces("mod_1", option1));
+ CHECK(tp.set_traces("mod_1", option2));
+ CHECK(tp.set_traces("mod_2", option1));
+ CHECK(tp.set_traces("mod_2", option2));
+
+ REQUIRE(m1_trace != nullptr);
+ REQUIRE(m2_trace != nullptr);
+
+ CHECK(m1_trace->enabled(OPT_1, 1));
+ CHECK(m1_trace->enabled(OPT_2, 1));
+ CHECK(m2_trace->enabled(OPT_1, 1));
+ CHECK(m2_trace->enabled(OPT_2, 1));
+
+ CHECK(!m1_trace->enabled(OPT_1, 5));
+ CHECK(m1_trace->enabled(OPT_2, 5));
+ CHECK(!m2_trace->enabled(OPT_1, 5));
+ CHECK(m2_trace->enabled(OPT_2, 5));
+ }
- val.set(5l);
- CHECK( !tp.set_constraints(val) );
+ SECTION("override all modules")
+ {
+ MODULE_OPTION(option1, 1l);
+ MODULE_OPTION(option2, 2l);
+ MODULE_OPTION(all, 3l);
+ CHECK(tp.set_traces("mod_1", option1));
+ CHECK(tp.set_traces("mod_2", option2));
+ CHECK(tp.set_traces("all", all));
+
+ REQUIRE(m1_trace != nullptr);
+ REQUIRE(m2_trace != nullptr);
+
+ CHECK(m1_trace->enabled(OPT_1, 1));
+ CHECK(m1_trace->enabled(OPT_2, 1));
+ CHECK(m2_trace->enabled(OPT_1, 1));
+ CHECK(m2_trace->enabled(OPT_2, 1));
+
+ CHECK(!m1_trace->enabled(OPT_1, 2));
+ CHECK(m1_trace->enabled(OPT_2, 2));
+ CHECK(m2_trace->enabled(OPT_1, 2));
+ CHECK(m2_trace->enabled(OPT_2, 2));
+
+ CHECK(!m1_trace->enabled(OPT_1, 3));
+ CHECK(m1_trace->enabled(OPT_2, 3));
+ CHECK(m2_trace->enabled(OPT_1, 3));
+ CHECK(!m2_trace->enabled(OPT_2, 3));
}
+
+ auto sc = SnortConfig::get_conf();
+ if (sc and sc->trace_config)
+ sc->trace_config->setup_module_trace();
}
-TEST_CASE("modules traces", "[TraceParser]")
+TEST_CASE("packet constraints", "[TraceParser]")
{
TraceConfig tc;
- TraceParser tp(&tc);
+ TraceParser tp(tc);
- SECTION("set_option")
+ SECTION("ip_proto")
{
- const Parameter detection_rule_eval("rule_eval", Parameter::PT_INT, "0:255", nullptr,
- "test detection_rule_eval param");
+ PROTO_OPTION(ip_proto, 6l);
+ const PacketConstraints exp = { IpProtocol::TCP, 0, 0,
+ SfIp(), SfIp(), PacketConstraints::IP_PROTO };
- const Parameter detection_detect_engine("detect_engine", Parameter::PT_INT, "0:255", nullptr,
- "test detection_detect_engine param");
+ CHECK(tp.set_constraints(ip_proto));
+ tp.finalize_constraints();
- Value val_opt1(false);
- Value val_opt2(false);
- val_opt1.set(&detection_rule_eval);
- val_opt2.set(&detection_detect_engine);
+ REQUIRE(tc.constraints != nullptr);
+ CHECK(tc.constraints->set_bits == exp.set_bits);
+ CHECK(tc.constraints->ip_proto == exp.ip_proto);
+ CHECK(*tc.constraints == exp);
+ }
- val_opt1.set(1l);
- CHECK( tp.set_traces("detection", val_opt1) );
+ SECTION("src_ip")
+ {
+ ADDR_OPTION(src_ip, "10.1.2.3");
+ const uint32_t exp_ip = 0x0302010a;
+ const PacketConstraints exp = { IpProtocol::PROTO_NOT_SET, 0, 0,
+ SfIp(&exp_ip, AF_INET), SfIp(), PacketConstraints::SRC_IP };
+
+ CHECK(tp.set_constraints(src_ip));
+ tp.finalize_constraints();
+
+ REQUIRE(tc.constraints != nullptr);
+ CHECK(tc.constraints->set_bits == exp.set_bits);
+ CHECK(tc.constraints->src_ip == exp.src_ip);
+ CHECK(*tc.constraints == exp);
+ }
- val_opt2.set(1l);
- CHECK( tp.set_traces("detection", val_opt2) );
+ SECTION("invalid src_ip")
+ {
+ ADDR_OPTION(src_ip, "10.1.2.300");
+ CHECK(!tp.set_constraints(src_ip));
}
- SECTION("set_all")
+
+ SECTION("src_port")
{
- const Parameter decode_all(DEFAULT_TRACE_OPTION_NAME, Parameter::PT_INT, "0:255", nullptr,
- "test decode_all param");
+ const PacketConstraints exp = { IpProtocol::PROTO_NOT_SET, 100, 0,
+ SfIp(), SfIp(), PacketConstraints::SRC_PORT };
+ PORT_OPTION(src_port, 100l);
- Value val_all(false);
- val_all.set(&decode_all);
+ CHECK(tp.set_constraints(src_port));
+ tp.finalize_constraints();
- val_all.set(1l);
- CHECK( tp.set_traces("decode", val_all) );
- CHECK( tp.set_traces("detection", val_all) );
+ REQUIRE(tc.constraints != nullptr);
+ CHECK(tc.constraints->set_bits == exp.set_bits);
+ CHECK(tc.constraints->src_port == exp.src_port);
+ CHECK(*tc.constraints == exp);
}
- SECTION("set_invalid_option")
- {
- const Parameter invalid_param("invalid_opt", Parameter::PT_INT, "0:255", nullptr,
- "test invalid param");
- Value invalid_val(false);
- invalid_val.set(&invalid_param);
+ SECTION("dst_ip")
+ {
+ ADDR_OPTION(dst_ip, "10.3.2.1");
+ const uint32_t exp_ip = 0x0102030a;
+ const PacketConstraints exp = { IpProtocol::PROTO_NOT_SET, 0, 0,
+ SfIp(), SfIp(&exp_ip, AF_INET), PacketConstraints::DST_IP };
+
+ CHECK(tp.set_constraints(dst_ip));
+ tp.finalize_constraints();
+
+ REQUIRE(tc.constraints != nullptr);
+ CHECK(tc.constraints->set_bits == exp.set_bits);
+ CHECK(tc.constraints->dst_ip == exp.dst_ip);
+ CHECK(*tc.constraints == exp);
+ }
- invalid_val.set(1l);
- CHECK( !tp.set_traces("detection", invalid_val) );
+ SECTION("invalid dst_ip")
+ {
+ ADDR_OPTION(dst_ip, "10.300.2.1");
+ CHECK(!tp.set_constraints(dst_ip));
}
- SECTION("set_invalid_module")
+
+ SECTION("dst_port")
{
- const Parameter all_param(DEFAULT_TRACE_OPTION_NAME, Parameter::PT_INT, "0:255", nullptr,
- "test all param");
+ PORT_OPTION(dst_port, 200l);
+ const PacketConstraints exp = { IpProtocol::PROTO_NOT_SET, 0, 200,
+ SfIp(), SfIp(), PacketConstraints::DST_PORT };
- Value val(false);
- val.set(&all_param);
+ CHECK(tp.set_constraints(dst_port));
+ tp.finalize_constraints();
- val.set(1l);
- CHECK( !tp.set_traces("invalid_module", val) );
+ REQUIRE(tc.constraints != nullptr);
+ CHECK(tc.constraints->set_bits == exp.set_bits);
+ CHECK(tc.constraints->dst_port == exp.dst_port);
+ CHECK(*tc.constraints == exp);
+ }
+
+ SECTION("invalid option")
+ {
+ CONFIG_OPTION(invalid_option, 5l, Parameter::PT_INT, "0:8");
+ CHECK(!tp.set_constraints(invalid_option));
}
}
#endif // UNIT_TEST
-
projects / thirdparty / snort3.git / commitdiff
