static void get_alert_pkt(
Packet* p, const char* msg, const Event& event)
{
- DebugMessage(DEBUG_LOG, "Logging Alert data!\n");
-
// FIXIT-L minimize or eliminate memset
memset((char*)&us.alert,0,sizeof(us.alert));
if (hlen < ip::IP4_HEADER_LEN)
{
- DebugFormat(DEBUG_DECODE,
- "Bogus IP header length of %i bytes\n", hlen);
-
codec_event(codec, DECODE_IPV4_INVALID_HEADER_LEN);
return false;
}
if (ip_len > raw.len)
{
- DebugFormat(DEBUG_DECODE,
- "IP Len field is %u bytes bigger than captured length.\n"
- " (ip.len: %u, cap.len: %u)\n",
- ip_len - raw.len, ip_len, raw.len);
-
codec_event(codec, DECODE_IPV4_DGRAM_GT_CAPLEN);
// FIXIT-L we should decode this layer if possible instead of stopping now
// ip6 etc may have similar issues
if (ip_len < hlen)
{
- DebugFormat(DEBUG_DECODE,
- "IP dgm len (%u bytes) < IP hdr "
- "len (%hu bytes), packet discarded\n", ip_len, hlen);
-
codec_event(codec, DECODE_IPV4_DGRAM_LT_IPHDR);
return false;
}
#endif
#include "framework/codec.h"
-#include "main/snort_debug.h"
using namespace snort;
{
uint16_t protocol;
- DebugMessage(DEBUG_DECODE, "PPP Packet!\n");
-
if (raw.len < 2)
return false;
constexpr uint16_t PPPOE_HEADER_LEN = 6;
-/* PPPoE types */
-constexpr uint16_t PPPoE_CODE_SESS = 0x00; /* PPPoE session */
-constexpr uint16_t PPPoE_CODE_PADI = 0x09; /* PPPoE Active Discovery Initiation */
-constexpr uint16_t PPPoE_CODE_PADO = 0x07; /* PPPoE Active Discovery Offer */
-constexpr uint16_t PPPoE_CODE_PADR = 0x19; /* PPPoE Active Discovery Request */
-constexpr uint16_t PPPoE_CODE_PADS = 0x65; /* PPPoE Active Discovery Session-confirmation */
-constexpr uint16_t PPPoE_CODE_PADT = 0xa7; /* PPPoE Active Discovery Terminate */
-
-#if 0
-/* PPPoE tag types - currently not used*/
-constexpr uint16_t PPPoE_TAG_END_OF_LIST = 0x0000;
-constexpr uint16_t PPPoE_TAG_SERVICE_NAME = 0x0101;
-constexpr uint16_t PPPoE_TAG_AC_NAME = 0x0102;
-constexpr uint16_t PPPoE_TAG_HOST_UNIQ = 0x0103;
-constexpr uint16_t PPPoE_TAG_AC_COOKIE = 0x0104;
-constexpr uint16_t PPPoE_TAG_VENDOR_SPECIFIC = 0x0105;
-constexpr uint16_t PPPoE_TAG_RELAY_SESSION_ID = 0x0110;
-constexpr uint16_t PPPoE_TAG_SERVICE_NAME_ERROR = 0x0201;
-const uint16_t PPPoE_TAG_AC_SYSTEM_ERROR = 0x0202;
-constexpr uint16_t PPPoE_TAG_GENERIC_ERROR = 0x0203;
-#endif
-
bool PPPoECodec::decode(const RawData& raw,
CodecData& codec,
DecodeData&)
return false;
}
- /* lay the PPP over ethernet structure over the packet data */
- const PPPoEHdr* const pppoeh = reinterpret_cast<const PPPoEHdr*>(raw.data);
-
- /* grab out the network type */
- switch (ppp_type)
- {
- case PppoepktType::DISCOVERY:
- DebugMessage(DEBUG_DECODE, "(PPPOE Discovery) ");
- break;
-
- case PppoepktType::SESSION:
- DebugMessage(DEBUG_DECODE, "(PPPOE Session) ");
- break;
- }
-
-#ifdef DEBUG_MSGS
- switch (pppoeh->code)
- {
- case PPPoE_CODE_PADI:
- /* The Host sends the PADI packet with the DESTINATION_ADDR set
- * to the broadcast address. The CODE field is set to 0x09 and
- * the SESSION_ID MUST be set to 0x0000.
- *
- * The PADI packet MUST contain exactly one TAG of TAG_TYPE
- * Service-Name, indicating the service the Host is requesting,
- * and any number of other TAG types. An entire PADI packet
- * (including the PPPoE header) MUST NOT exceed 1484 octets so
- * as to leave sufficient room for a relay agent to add a
- * Relay-Session-Id TAG.
- */
- DebugMessage(DEBUG_DECODE, "Active Discovery Initiation (PADI)\n");
- break;
-
- case PPPoE_CODE_PADO:
- /* When the Access Concentrator receives a PADI that it can
- * serve, it replies by sending a PADO packet. The
- * DESTINATION_ADDR is the unicast address of the Host that
- * sent the PADI. The CODE field is set to 0x07 and the
- * SESSION_ID MUST be set to 0x0000.
- *
- * The PADO packet MUST contain one AC-Name TAG containing the
- * Access Concentrator's name, a Service-Name TAG identical to
- * the one in the PADI, and any number of other Service-Name
- * TAGs indicating other services that the Access Concentrator
- * offers. If the Access Concentrator can not serve the PADI
- * it MUST NOT respond with a PADO.
- */
- DebugMessage(DEBUG_DECODE, "Active Discovery Offer (PADO)\n");
- break;
-
- case PPPoE_CODE_PADR:
- /* Since the PADI was broadcast, the Host may receive more than
- * one PADO. The Host looks through the PADO packets it receives
- * and chooses one. The choice can be based on the AC-Name or
- * the Services offered. The Host then sends one PADR packet
- * to the Access Concentrator that it has chosen. The
- * DESTINATION_ADDR field is set to the unicast Ethernet address
- * of the Access Concentrator that sent the PADO. The CODE
- * field is set to 0x19 and the SESSION_ID MUST be set to 0x0000.
- *
- * The PADR packet MUST contain exactly one TAG of TAG_TYPE
- * Service-Name, indicating the service the Host is requesting,
- * and any number of other TAG types.
- */
- DebugMessage(DEBUG_DECODE, "Active Discovery Request (PADR)\n");
- break;
-
- case PPPoE_CODE_PADS:
- /* When the Access Concentrator receives a PADR packet, it
- * prepares to begin a PPP session. It generates a unique
- * SESSION_ID for the PPPoE session and replies to the Host with
- * a PADS packet. The DESTINATION_ADDR field is the unicast
- * Ethernet address of the Host that sent the PADR. The CODE
- * field is set to 0x65 and the SESSION_ID MUST be set to the
- * unique value generated for this PPPoE session.
- *
- * The PADS packet contains exactly one TAG of TAG_TYPE
- * Service-Name, indicating the service under which Access
- * Concentrator has accepted the PPPoE session, and any number
- * of other TAG types.
- *
- * If the Access Concentrator does not like the Service-Name in
- * the PADR, then it MUST reply with a PADS containing a TAG of
- * TAG_TYPE Service-Name-Error (and any number of other TAG
- * types). In this case the SESSION_ID MUST be set to 0x0000.
- */
- DebugMessage(DEBUG_DECODE, "Active Discovery "
- "Session-confirmation (PADS)\n");
- break;
-
- case PPPoE_CODE_PADT:
- /* This packet may be sent anytime after a session is established
- * to indicate that a PPPoE session has been terminated. It may
- * be sent by either the Host or the Access Concentrator. The
- * DESTINATION_ADDR field is a unicast Ethernet address, the
- * CODE field is set to 0xa7 and the SESSION_ID MUST be set to
- * indicate which session is to be terminated. No TAGs are
- * required.
- *
- * When a PADT is received, no further PPP traffic is allowed to
- * be sent using that session. Even normal PPP termination
- * packets MUST NOT be sent after sending or receiving a PADT.
- * A PPP peer SHOULD use the PPP protocol itself to bring down a
- * PPPoE session, but the PADT MAY be used when PPP can not be
- * used.
- */
- DebugMessage(DEBUG_DECODE, "Active Discovery Terminate (PADT)\n");
- break;
-
- case PPPoE_CODE_SESS:
- DebugMessage(DEBUG_DECODE, "Session Packet (SESS)\n");
- break;
-
- default:
- DebugMessage(DEBUG_DECODE, "(Unknown)\n");
- break;
- }
-#else
- UNUSED(pppoeh);
- UNUSED(PPPoE_CODE_SESS);
- UNUSED(PPPoE_CODE_PADI);
- UNUSED(PPPoE_CODE_PADO);
- UNUSED(PPPoE_CODE_PADR);
- UNUSED(PPPoE_CODE_PADS);
- UNUSED(PPPoE_CODE_PADT);
-#endif
-
if (ppp_type == PppoepktType::DISCOVERY)
{
- DebugMessage(DEBUG_DECODE, "Returning early on PPPOE discovery packet\n");
return true;
}
switch (version)
{
case 0: /*GTP v0*/
- DebugMessage(DEBUG_DECODE, "GTP v0 packets.\n");
-
len = GTP_V0_HEADER_LEN;
if (raw.len < len)
{
if (raw.len != ((unsigned int)ntohs(hdr->length) + len))
{
- DebugFormat(DEBUG_DECODE, "Calculated length %u != %hu in header.\n",
- raw.len - len, ntohs(hdr->length));
codec_event(codec, DECODE_GTP_BAD_LEN);
return false;
}
break;
case 1: /*GTP v1*/
- DebugMessage(DEBUG_DECODE, "GTP v1 packets.\n");
-
/*Check the length based on optional fields and extension header*/
if (hdr->flag & 0x07)
{
if (raw.len != ((unsigned int)ntohs(hdr->length) + GTP_MIN_LEN))
{
- DebugFormat(DEBUG_DECODE, "Calculated length %u != %hu in header.\n",
- raw.len - GTP_MIN_LEN, ntohs(hdr->length));
codec_event(codec, DECODE_GTP_BAD_LEN);
return false;
}
break;
default:
- DebugMessage(DEBUG_DECODE, "Unknown protocol version.\n");
return false;
}
#include "file_connector.h"
-#include "main/snort_debug.h"
#include "profiler/profiler_defs.h"
#include "side_channel/side_channel.h"
FileConnectorMsgHandle::FileConnectorMsgHandle(const uint32_t length)
{
- DebugMessage(DEBUG_CONNECTORS,"FileConnectorMsgHandle::FileConnectorMsgHandle()\n");
-
connector_msg.length = length;
connector_msg.data = new uint8_t[length];
}
FileConnector::FileConnector(FileConnectorConfig* file_connector_config)
{
- DebugMessage(DEBUG_CONNECTORS,"FileConnector::FileConnector()\n");
config = file_connector_config;
}
-FileConnector::~FileConnector()
-{
- DebugMessage(DEBUG_CONNECTORS,"FileConnector::~FileConnector()\n");
-}
-
ConnectorMsgHandle* FileConnector::alloc_message(const uint32_t length, const uint8_t** data)
{
- DebugMessage(DEBUG_CONNECTORS,"FileConnector::alloc_message()\n");
FileConnectorMsgHandle* msg = new FileConnectorMsgHandle(length);
*data = (uint8_t*)msg->connector_msg.data;
void FileConnector::discard_message(ConnectorMsgHandle* msg)
{
- DebugMessage(DEBUG_CONNECTORS,"FileConnector::discard_message()\n");
FileConnectorMsgHandle* fmsg = (FileConnectorMsgHandle*)msg;
delete fmsg;
}
bool FileConnector::transmit_message(ConnectorMsgHandle* msg)
{
- DebugMessage(DEBUG_CONNECTORS,"FileConnector::transmit_message()\n");
FileConnectorMsgHandle* fmsg = (FileConnectorMsgHandle*)msg;
const FileConnectorConfig* cfg = (const FileConnectorConfig*)config;
// or it does not.
ConnectorMsgHandle* FileConnector::receive_message(bool)
{
- DebugMessage(DEBUG_CONNECTORS,"FileConnector::receive_message()\n");
-
if ( !file.is_open() )
return nullptr;
else
static Module* mod_ctor()
{
- DebugMessage(DEBUG_CONNECTORS,"file_connector:mod_ctor()\n");
return new FileConnectorModule;
}
static void mod_dtor(Module* m)
{
delete m;
- DebugMessage(DEBUG_CONNECTORS,"file_connector:mod_dtor(Module*)\n");
}
static Connector* file_connector_tinit_transmit(std::string filename,
file_connector->file.open(pathname,
(std::ios::out | (cfg->text_format ? (std::ios::openmode)0 : std::ios::binary)) );
- DebugFormat(DEBUG_CONNECTORS,"file_connector:file_connector_tinit_transmit(): pathname: %s\n",
- pathname.c_str());
-
return file_connector;
}
(void)get_instance_file(pathname, filename.c_str());
file_connector->file.open(pathname, (std::ios::in | std::ios::binary) );
- DebugFormat(DEBUG_CONNECTORS,"file_connector:file_connector_tinit_receive(): pathname: %s\n",
- pathname.c_str());
-
return file_connector;
}
// Create a per-thread object
static Connector* file_connector_tinit(ConnectorConfig* config)
{
- DebugMessage(DEBUG_CONNECTORS,"file_connector:file_connector_tinit()\n");
FileConnectorConfig* cfg = (FileConnectorConfig*)config;
std::string filename = FILE_CONNECTOR_NAME;
static void file_connector_tterm(Connector* connector)
{
- DebugMessage(DEBUG_CONNECTORS,"file_connector:file_connector_tterm()\n");
FileConnector* file_connector = (FileConnector*)connector;
file_connector->file.close();
static ConnectorCommon* file_connector_ctor(Module* m)
{
- DebugMessage(DEBUG_CONNECTORS,"file_connector:file_connector_ctor(Module*)\n");
FileConnectorModule* mod = (FileConnectorModule*)m;
FileConnectorCommon* file_connector_common = new FileConnectorCommon(
mod->get_and_clear_config());
static void file_connector_dtor(ConnectorCommon* c)
{
- DebugMessage(DEBUG_CONNECTORS,"file_connector:file_connector_dtor(ConnectorCommon*)\n");
FileConnectorCommon* fc = (FileConnectorCommon*)c;
delete fc;
}
{
public:
FileConnector(FileConnectorConfig*);
- ~FileConnector() override;
snort::ConnectorMsgHandle* alloc_message(const uint32_t, const uint8_t**) override;
void discard_message(snort::ConnectorMsgHandle*) override;
bool transmit_message(snort::ConnectorMsgHandle*) override;
#include "file_connector_module.h"
-#include "main/snort_debug.h"
-
using namespace snort;
static const Parameter file_connector_params[] =
FileConnectorModule::FileConnectorModule() :
Module(FILE_CONNECTOR_NAME, FILE_CONNECTOR_HELP, file_connector_params)
{
- DebugMessage(DEBUG_CONNECTORS,"FileConnectorModule::FileConnectorModule()\n");
config = nullptr;
config_set = new FileConnectorConfig::FileConnectorConfigSet;
}
FileConnectorModule::~FileConnectorModule()
{
- DebugMessage(DEBUG_CONNECTORS,"FileConnectorModule::~FileConnectorModule()\n");
if ( config )
delete config;
if ( config_set )
ProfileStats* FileConnectorModule::get_profile() const
{ return &file_connector_perfstats; }
-bool FileConnectorModule::set(const char* fqn, Value& v, SnortConfig*)
+bool FileConnectorModule::set(const char*, Value& v, SnortConfig*)
{
-#ifdef DEBUG_MSGS
- DebugFormat(DEBUG_CONNECTORS,"FileConnectorModule::set(): %s, %s\n", fqn, v.get_name());
-#else
- UNUSED(fqn);
-#endif
-
if ( v.is("connector") )
config->connector_name = v.get_string();
// clear my working config and hand-over the compiled list to the caller
FileConnectorConfig::FileConnectorConfigSet* FileConnectorModule::get_and_clear_config()
{
- DebugMessage(DEBUG_CONNECTORS,"FileConnectorModule::get_and_clear_config()\n");
FileConnectorConfig::FileConnectorConfigSet* temp_config = config_set;
config = nullptr;
config_set = nullptr;
return temp_config;
}
-bool FileConnectorModule::begin(const char* fqn, int idx, SnortConfig*)
+bool FileConnectorModule::begin(const char*, int, SnortConfig*)
{
-#ifdef DEBUG_MSGS
- DebugFormat(DEBUG_CONNECTORS,"FileConnectorModule::begin(): %s, %d\n", fqn, idx);
-#else
- UNUSED(fqn);
- UNUSED(idx);
-#endif
if ( !config )
{
config = new FileConnectorConfig;
return true;
}
-bool FileConnectorModule::end(const char* fqn, int idx, SnortConfig*)
+bool FileConnectorModule::end(const char*, int idx, SnortConfig*)
{
-#ifdef DEBUG_MSGS
- DebugFormat(DEBUG_CONNECTORS,"FileConnectorModule::end(): %s, %d\n", fqn, idx);
-#else
- UNUSED(fqn);
-#endif
-
if (idx != 0)
{
config_set->push_back(config);
void show_stats(PegCount*, const PegInfo*, IndexVec&, const char*) { }
void show_stats(PegCount*, const PegInfo*, IndexVec&, const char*, FILE*) { }
-#ifdef DEBUG_MSGS
-void Debug::print(const char*, int, uint64_t, const char*, ...) { }
-#endif
-
char* snort_strdup(const char* s)
{ return strdup(s); }
const char* get_instance_file(std::string& file, const char* name)
{ file += name; return nullptr; }
-#ifdef DEBUG_MSGS
-void Debug::print(const char*, int, uint64_t, const char*, ...) { }
-#endif
-
FileConnectorModule::FileConnectorModule() :
Module("FC", "FC Help", nullptr)
{ }
#include <unistd.h>
#include "log/messages.h"
-#include "main/snort_debug.h"
#include "main/thread.h"
#include "profiler/profiler_defs.h"
TcpConnectorMsgHandle::TcpConnectorMsgHandle(const uint32_t length)
{
- DebugMessage(DEBUG_CONNECTORS,"TcpConnectorMsgHandle::TcpConnectorMsgHandle()\n");
-
connector_msg.length = length;
connector_msg.data = new uint8_t[length];
}
TcpConnector::TcpConnector(TcpConnectorConfig* tcp_connector_config, int sfd)
{
- DebugMessage(DEBUG_CONNECTORS,"TcpConnector::TcpConnector()\n");
receive_thread = nullptr;
config = tcp_connector_config;
receive_ring = new ReceiveRing(50);
TcpConnector::~TcpConnector()
{
- DebugMessage(DEBUG_CONNECTORS,"TcpConnector::~TcpConnector()\n");
stop_receive_thread();
delete receive_ring;
close(sock_fd);
ConnectorMsgHandle* TcpConnector::alloc_message(const uint32_t length, const uint8_t** data)
{
- DebugMessage(DEBUG_CONNECTORS,"TcpConnector::alloc_message()\n");
TcpConnectorMsgHandle* msg = new TcpConnectorMsgHandle(length);
*data = (uint8_t*)msg->connector_msg.data;
void TcpConnector::discard_message(ConnectorMsgHandle* msg)
{
- DebugMessage(DEBUG_CONNECTORS,"TcpConnector::discard_message()\n");
TcpConnectorMsgHandle* tmsg = (TcpConnectorMsgHandle*)msg;
delete tmsg;
}
bool TcpConnector::transmit_message(ConnectorMsgHandle* msg)
{
- DebugMessage(DEBUG_CONNECTORS,"TcpConnector::transmit_message()\n");
TcpConnectorMsgHandle* tmsg = (TcpConnectorMsgHandle*)msg;
if ( sock_fd < 0 )
static Module* mod_ctor()
{
- DebugMessage(DEBUG_CONNECTORS,"tcp_connector:mod_ctor()\n");
return new TcpConnectorModule;
}
static void mod_dtor(Module* m)
{
delete m;
- DebugMessage(DEBUG_CONNECTORS,"tcp_connector:mod_dtor(Module*)\n");
}
static TcpConnector* tcp_connector_tinit_call(TcpConnectorConfig* cfg, const char* port)
// Create a per-thread object
static Connector* tcp_connector_tinit(ConnectorConfig* config)
{
- DebugMessage(DEBUG_CONNECTORS,"tcp_connector:tcp_connector_tinit()\n");
TcpConnectorConfig* cfg = (TcpConnectorConfig*)config;
uint16_t instance = (uint16_t)get_instance_id();
static void tcp_connector_tterm(Connector* connector)
{
- DebugMessage(DEBUG_CONNECTORS,"tcp_connector:tcp_connector_tterm()\n");
TcpConnector* tcp_connector = (TcpConnector*)connector;
delete tcp_connector;
static ConnectorCommon* tcp_connector_ctor(Module* m)
{
- DebugMessage(DEBUG_CONNECTORS,"tcp_connector:tcp_connector_ctor(Module*)\n");
TcpConnectorModule* mod = (TcpConnectorModule*)m;
TcpConnectorCommon* tcp_connector_common = new TcpConnectorCommon(
mod->get_and_clear_config());
static void tcp_connector_dtor(ConnectorCommon* c)
{
- DebugMessage(DEBUG_CONNECTORS,"tcp_connector:tcp_connector_dtor(ConnectorCommon*)\n");
TcpConnectorCommon* fc = (TcpConnectorCommon*)c;
delete fc;
}
#include "tcp_connector_module.h"
-#include "main/snort_debug.h"
-
using namespace snort;
static const Parameter tcp_connector_params[] =
TcpConnectorModule::TcpConnectorModule() :
Module(TCP_CONNECTOR_NAME, TCP_CONNECTOR_HELP, tcp_connector_params)
{
- DebugMessage(DEBUG_CONNECTORS,"TcpConnectorModule::TcpConnectorModule()\n");
config = nullptr;
config_set = new TcpConnectorConfig::TcpConnectorConfigSet;
}
TcpConnectorModule::~TcpConnectorModule()
{
- DebugMessage(DEBUG_CONNECTORS,"TcpConnectorModule::~TcpConnectorModule()\n");
if ( config )
delete config;
if ( config_set )
ProfileStats* TcpConnectorModule::get_profile() const
{ return &tcp_connector_perfstats; }
-bool TcpConnectorModule::set(const char* fqn, Value& v, SnortConfig*)
+bool TcpConnectorModule::set(const char*, Value& v, SnortConfig*)
{
-#ifdef DEBUG_MSGS
- DebugFormat(DEBUG_CONNECTORS,"TcpConnectorModule::set(): %s, %s\n", fqn, v.get_name());
-#else
- UNUSED(fqn);
-#endif
-
if ( v.is("connector") )
config->connector_name = v.get_string();
// clear my working config and hand-over the compiled list to the caller
TcpConnectorConfig::TcpConnectorConfigSet* TcpConnectorModule::get_and_clear_config()
{
- DebugMessage(DEBUG_CONNECTORS,"TcpConnectorModule::get_and_clear_config()\n");
TcpConnectorConfig::TcpConnectorConfigSet* temp_config = config_set;
config = nullptr;
config_set = nullptr;
return temp_config;
}
-bool TcpConnectorModule::begin(const char* fqn, int idx, SnortConfig*)
+bool TcpConnectorModule::begin(const char*, int, SnortConfig*)
{
-#ifdef DEBUG_MSGS
- DebugFormat(DEBUG_CONNECTORS,"TcpConnectorModule::begin(): %s, %d\n", fqn, idx);
-#else
- UNUSED(fqn);
- UNUSED(idx);
-#endif
if ( !config )
{
config = new TcpConnectorConfig;
return true;
}
-bool TcpConnectorModule::end(const char* fqn, int idx, SnortConfig*)
+bool TcpConnectorModule::end(const char*, int idx, SnortConfig*)
{
-#ifdef DEBUG_MSGS
- DebugFormat(DEBUG_CONNECTORS,"TcpConnectorModule::end(): %s, %d\n", fqn, idx);
-#else
- UNUSED(fqn);
-#endif
-
if (idx != 0)
{
config_set->push_back(config);
void show_stats(PegCount*, const PegInfo*, IndexVec&, const char*) { }
void show_stats(PegCount*, const PegInfo*, IndexVec&, const char*, FILE*) { }
-#ifdef DEBUG_MSGS
-void Debug::print(const char*, int, uint64_t, const char*, ...) { }
-#endif
-
char* snort_strdup(const char* s)
{ return strdup(s); }
unsigned get_instance_id()
{ return s_instance; }
-#ifdef DEBUG_MSGS
-void Debug::print(const char*, int, uint64_t, const char*, ...) { }
-#endif
void ErrorMessage(const char*, ...) { }
void LogMessage(const char*, ...) { }
#include "hash/xhash.h"
#include "log/messages.h"
#include "main/snort_config.h"
-#include "main/snort_debug.h"
#include "main/thread_config.h"
#include "packet_io/active.h"
#include "time/packet_time.h"
if (!xhash_count(fileHash))
{
- DebugMessage(DEBUG_FILE, "No expected sessions\n");
return nullptr;
}
return nullptr;
}
- DebugMessage(DEBUG_FILE, "Found resumed file\n");
time_t now = packet_time();
if (node->expires && now > node->expires)
{
- DebugMessage(DEBUG_FILE, "File expired\n");
xhash_free_node(fileHash, hash_node);
return nullptr;
}
if (file_found)
{
- DebugMessage(DEBUG_FILE, "Found resumed file\n");
/*Query the file policy in case verdict has been changed*/
verdict = check_verdict(flow, file_found, policy);
apply_verdict(flow, file_found, verdict, true, policy);
if (fileBlock == nullptr)
{
- FILE_DEBUG_MSGS("Failed to get file capture memory!\n");
file_counts.file_memcap_failures_total++;
return nullptr;
}
if ( data_size + (int64_t)capture_size > max_size)
{
- FILE_DEBUG_MSGS("Exceeding max file capture size!\n");
file_counts.file_size_max++;
capture_state = FILE_CAPTURE_MAX;
return FILE_CAPTURE_MAX;
#define FREE_MAGIC 0x2525252525252525
typedef uint64_t MagicType;
-#ifdef DEBUG_MSGS
-void FileMemPool::verify()
-{
- uint64_t free_size;
- uint64_t release_size;
-
- free_size = cbuffer_used(free_list);
- release_size = cbuffer_used(released_list);
-
- if (free_size > cbuffer_size(free_list))
- {
- DebugMessage(DEBUG_FILE, "file_mempool: failed to verify free list!\n");
- }
-
- if (release_size > cbuffer_size(released_list))
- {
- DebugMessage(DEBUG_FILE, "file_mempool: failed to verify release list!\n");
- }
-
- /* The free mempool and size of release mempool should be smaller than
- * or equal to the size of mempool
- */
- if (free_size + release_size > total)
- {
- DebugMessage(DEBUG_FILE, "file_mempool: failed to verify mempool size!\n");
- }
-}
-
-#endif
void FileMemPool::free_pools()
{
free_list = cbuffer_init(num_objects);
if (!free_list)
{
- DebugMessage(DEBUG_FILE, "file_mempool: Failed to init free list\n");
free_pools();
return;
}
released_list = cbuffer_init(num_objects);
if (!released_list)
{
- DebugMessage(DEBUG_FILE, "file_mempool: Failed to init release list\n");
free_pools();
return;
}
if (cbuffer_write(free_list, data))
{
- DebugMessage(DEBUG_FILE, "file_mempool: Failed to add to free list\n");
free_pools();
return;
}
}
}
- if (*(MagicType*)b != FREE_MAGIC)
- {
- DebugMessage(DEBUG_FILE, "file_mempool_alloc(): Allocation errors!\n");
- }
-
- DEBUG_WRAP(verify(); );
-
return b;
}
if (*(MagicType*)obj == FREE_MAGIC)
{
- DebugMessage(DEBUG_FILE, "file_mempool_remove(): Double free!\n");
return FILE_MEM_FAIL;
}
int ret = remove(free_list, obj);
- DEBUG_WRAP(verify(); );
return ret;
}
/*A writer that might from different thread*/
int ret = remove(released_list, obj);
- DEBUG_WRAP(verify(); );
return ret;
}
extern THREAD_LOCAL FileCounts file_counts;
extern THREAD_LOCAL FileStats* file_stats;
-#define FILE_DEBUG_MSGS(msg) DebugMessage(DEBUG_FILE, msg)
-
void file_stats_init();
void file_stats_term();
#include "hash/zhash.h"
#include "helpers/flag_context.h"
#include "ips_options/ips_flowbits.h"
-#include "main/snort_debug.h"
#include "packet_io/active.h"
#include "time/packet_time.h"
#include "utils/stats.h"
if ( flow->last_data_seen + config.pruning_timeout >= thetime )
break;
- DebugMessage(DEBUG_STREAM, "pruning stale flow\n");
flow->ssn_state.session_flags |= SSNFLAG_TIMEDOUT;
release(flow, PruneReason::IDLE);
++pruned;
flow->ssn_state.session_flags |= SSNFLAG_PRUNED;
release(flow, reason, do_cleanup);
-#ifdef DEBUG_MSGS
- const char* s =
- (reason == PruneReason::MEMCAP) ? "memcap" :
- (reason == PruneReason::PREEMPTIVE) ? "preemptive" :
- "other";
-
- DebugFormat(DEBUG_MEMORY, "prune one for reason %s\n", s);
-#endif
-
return true;
}
continue;
}
- DebugMessage(DEBUG_STREAM, "retiring stale flow\n");
flow->ssn_state.session_flags |= SSNFLAG_TIMEDOUT;
release(flow, PruneReason::IDLE);
#include "framework/counts.h"
#include "log/messages.h"
-#include "main/snort_debug.h"
#include "profiler/profiler_defs.h"
#include "stream/stream.h"
#include "time/packet_time.h"
FlowHAClient::FlowHAClient(uint8_t length, bool session_client)
{
- DebugMessage(DEBUG_HA,"FlowHAClient::FlowHAClient()\n");
if ( !s_client_map )
return;
{
assert((*s_client_map)[i]);
length += ((*s_client_map)[i]->get_message_size() + sizeof(HAClientHeader));
- DebugFormat(DEBUG_HA,
- "HighAvailability::calculate_update_msg_content_length(): length: %d\n", length);
}
}
HighAvailability::HighAvailability(PortBitSet* ports, bool)
{
using namespace std::placeholders;
- DebugMessage(DEBUG_HA,"HighAvailability::HighAvailability()\n");
// If we have ports, configure the side channel
if ( ports != nullptr )
HighAvailability::~HighAvailability()
{
- DebugMessage(DEBUG_HA,"HighAvailability::~HighAvailability()\n");
-
if ( sc )
{
sc->unregister_receive_handler();
{
assert(sc_msg);
- DebugFormat(DEBUG_HA,"HighAvailability::receive_handler: port: %hu, length: %u\n",
- sc_msg->hdr->port, sc_msg->content_length);
-
// SC received messages must have reference back to SideChannel object
assert(sc_msg->sc);
void HighAvailability::process_update(Flow* flow, const DAQ_PktHdr_t* pkthdr)
{
- DebugMessage(DEBUG_HA,"HighAvailability::process_update()\n");
-
// Only looking for side channel processing - FIXIT-H
UNUSED(pkthdr); // until we add DAQ communications channel
if ( !sc || !flow )
void HighAvailability::process_deletion(Flow* flow)
{
- DebugMessage(DEBUG_HA,"HighAvailability::process_deletion()\n");
-
// No need to send message if we already have, we are in standby, or
// we have just been created and haven't yet sent an update
if ( flow->ha_state->check_any(FlowHAState::NEW |
bool HighAvailabilityManager::instantiate(PortBitSet* mod_ports, bool mod_use_daq_channel,
struct timeval* min_session_lifetime, struct timeval* min_sync_interval)
{
- DebugMessage(DEBUG_HA,"HighAvailabilityManager::instantiate()\n");
ports = mod_ports;
FlowHAState::config_timers(*min_session_lifetime, *min_sync_interval);
use_daq_channel = mod_use_daq_channel;
// Called prior to the starts of configuration in the main thread.
void HighAvailabilityManager::pre_config_init()
{
- DebugFormat(DEBUG_HA,"HighAvailabilityManager::pre_config_init(): key size: %zu\n",
- sizeof(FlowKey));
ports = nullptr;
}
// Called within the packet thread prior to packet processing
void HighAvailabilityManager::thread_init()
{
- DebugMessage(DEBUG_HA,"HighAvailabilityManager::thread_init()\n");
// create a a thread local instance iff we are configured to operate.
if ( (ports != nullptr) || use_daq_channel )
ha = new HighAvailability(ports,use_daq_channel);
// Called in the packet thread at run-down
void HighAvailabilityManager::thread_term()
{
- DebugMessage(DEBUG_HA,"HighAvailabilityManager::thread_term()\n");
if ( ha != nullptr )
{
delete ha;
HighAvailabilityModule::HighAvailabilityModule() :
Module(HA_NAME, HA_HELP, ha_params)
{
- DebugMessage(DEBUG_HA,"HighAvailabilityModule::HighAvailabilityModule()\n");
config.enabled = false;
config.daq_channel = false;
config.ports = nullptr;
HighAvailabilityModule::~HighAvailabilityModule()
{
- DebugMessage(DEBUG_HA,"HighAvailabilityModule::~HighAvailabilityModule()\n");
delete config.ports;
}
ProfileStats* HighAvailabilityModule::get_profile() const
{ return &ha_perf_stats; }
-bool HighAvailabilityModule::set(const char* fqn, Value& v, SnortConfig*)
+bool HighAvailabilityModule::set(const char*, Value& v, SnortConfig*)
{
-#ifdef DEBUG_MSGS
- DebugFormat(DEBUG_HA,"HighAvailabilityModule::set(): %s %s\n", fqn, v.get_name());
-#else
- UNUSED(fqn);
-#endif
-
if ( v.is("enable") )
config.enabled = v.get_bool();
return true;
}
-bool HighAvailabilityModule::begin(const char* fqn, int idx, SnortConfig*)
+bool HighAvailabilityModule::begin(const char*, int, SnortConfig*)
{
-#ifdef DEBUG_MSGS
- DebugFormat(DEBUG_HA,"HighAvailabilityModule::begin(): %s %d\n", fqn, idx);
-#else
- UNUSED(fqn);
- UNUSED(idx);
-#endif
-
return true;
}
-bool HighAvailabilityModule::end(const char* fqn, int idx, SnortConfig*)
+bool HighAvailabilityModule::end(const char*, int, SnortConfig*)
{
-#ifdef DEBUG_MSGS
- DebugFormat(DEBUG_HA,"HighAvailabilityModule::end(): %s %d\n", fqn, idx);
-#else
- UNUSED(fqn);
- UNUSED(idx);
-#endif
-
if ( config.enabled &&
!HighAvailabilityManager::instantiate(config.ports, config.daq_channel,
&config.min_session_lifetime, &config.min_sync_interval) )
char* snort_strdup(const char* str) { return strdup(str); }
-#ifdef DEBUG_MSGS
-void Debug::print(const char*, int, uint64_t, const char*, ...) { }
-#endif
-
static bool s_port_1_set = false;
static bool s_use_daq = false;
static bool s_instantiate_called = false;
void ErrorMessage(const char*,...) { }
void LogMessage(const char*,...) { }
-#ifdef DEBUG_MSGS
-void Debug::print(const char*, int, uint64_t, const char*, ...) { }
-#endif
-
void packet_gettimeofday(struct timeval* tv)
{ *tv = s_packet_time; }
SideChannel* SideChannelManager::get_side_channel(SCPort)
{ return &s_side_channel; }
-SideChannel::~SideChannel() = default;
-
SideChannel::SideChannel() = default;
Connector::Direction SideChannel::get_direction()
#include <mutex>
-#include "main/snort_debug.h"
#include "protocols/packet.h"
#include "protocols/tcp.h"
#include "utils/util.h"
std::string name;
const char* filename = get_instance_file(name, filearg);
- DebugFormat(DEBUG_INIT,"Opening alert file: %s\n", filename);
-
if ((file = fopen(filename, "a")) == nullptr)
{
FatalError("OpenAlertFile() => fopen() alert file %s: %s\n",
SnortSnprintf(newname, sizeof(newname)-1, "%s.%lu", oldname, (unsigned long)now);
- DebugFormat(DEBUG_INIT,"Rolling alert file: %s\n", newname);
if ( rename(oldname, newname) )
{
TextLog_NewLine(full_log);
}
- DebugMessage(DEBUG_LOG, "Logging Alert data!\n");
-
LogTimeStamp(full_log, p);
TextLog_Putc(full_log, ' ');
{
logheader.event_id = htonl(event->event_reference);
logheader.event_second = htonl(event->ref_time.tv_sec);
-
- DebugMessage(DEBUG_LOG, "------------\n");
}
else
{
#include "main/shell.h"
#include "main/snort.h"
#include "main/snort_config.h"
-#include "main/snort_debug.h"
#include "main/snort_module.h"
#include "main/swapper.h"
#include "main/thread_config.h"
orphan_commands.push(ac);
return false;
}
-
-#ifdef DEBUG_MSGS
- unsigned ac_ref_count = ac->get();
- DebugFormat(DEBUG_ANALYZER, "[%u] Queuing command %s for execution (refcount %u)\n",
- idx, ac->stringify(), ac_ref_count);
-#else
ac->get();
-#endif
analyzer->execute(ac);
return true;
}
unsigned ac_ref_count = ac->put();
if (ac_ref_count == 0)
{
- DebugFormat(DEBUG_ANALYZER, "[%u] Destroying completed command %s\n",
- idx, ac->stringify());
delete ac;
}
-#ifdef DEBUG_MSGS
- else
- DebugFormat(DEBUG_ANALYZER, "[%u] Reaped ongoing command %s (refcount %u)\n",
- idx, ac->stringify(), ac_ref_count);
-#endif
}
void Pig::reap_commands()
{
unsigned dispatched = 0;
- DebugFormat(DEBUG_ANALYZER, "Broadcasting %s command\n", ac->stringify());
-
for (unsigned idx = 0; idx < max_pigs; ++idx)
{
if (pigs[idx].queue_command(ac))
{
AnalyzerCommand* ac = orphan_commands.front();
orphan_commands.pop();
- DebugFormat(DEBUG_ANALYZER, "Destroying orphan command %s\n", ac->stringify());
delete ac;
}
}
#include "analyzer_command.h"
#include "snort.h"
-#include "snort_debug.h"
#include "thread.h"
using namespace snort;
exit_requested = true;
}
set_state(State::STARTED);
- DebugMessage(DEBUG_ANALYZER, "Handled START command\n");
}
void Analyzer::run(bool paused)
set_state(State::PAUSED);
else
set_state(State::RUNNING);
- DebugMessage(DEBUG_ANALYZER, "Handled RUN command\n");
}
void Analyzer::stop()
{
exit_requested = true;
- DebugMessage(DEBUG_ANALYZER, "Handled STOP command\n");
}
void Analyzer::pause()
{
if (daq_instance)
daq_instance->reload();
- DebugMessage(DEBUG_ANALYZER, "Handled RELOAD command\n");
}
{
if (enabled)
{
- DebugMessage(DEBUG_INIT, "Daemon mode flag set\n");
run_flags |= RUN_FLAG__DAEMON;
}
else
{
if (enabled)
{
- DebugMessage(DEBUG_INIT, "Decode DLL set\n");
output_flags |= OUTPUT_FLAG__SHOW_DATA_LINK;
}
else
if (enabled)
{
/* dump the application layer as text only */
- DebugMessage(DEBUG_INIT, "Character payload dump set\n");
output_flags |= OUTPUT_FLAG__CHAR_DATA;
}
else
if (enabled)
{
/* dump the application layer */
- DebugMessage(DEBUG_INIT, "Payload dump set\n");
output_flags |= OUTPUT_FLAG__APP_DATA;
}
else
{
if (enabled)
{
- DebugMessage(DEBUG_INIT, "Verbose packet bytecode dumps enabled\n");
output_flags |= OUTPUT_FLAG__VERBOSE_DUMP;
}
else
if (!mask)
return;
- DebugFormat(DEBUG_INIT, "Got obfus data: %s\n", mask);
-
output_flags |= OUTPUT_FLAG__OBFUSCATE;
obfuscation_net.set(mask);
if (group_id == -1 && pw->pw_gid != getgid())
group_id = (int) pw->pw_gid;
- DebugFormat(DEBUG_INIT, "UserID: %d GroupID: %d.\n", user_id, group_id);
}
void SnortConfig::set_show_year(bool enabled)
if (enabled)
{
output_flags |= OUTPUT_FLAG__INCLUDE_YEAR;
- DebugMessage(DEBUG_INIT, "Enabled year in timestamp\n");
}
else
output_flags &= ~OUTPUT_FLAG__INCLUDE_YEAR;
if (enabled)
{
logging_flags |= LOGGING_FLAG__VERBOSE;
- DebugMessage(DEBUG_INIT, "Verbose Flag active\n");
}
else
logging_flags &= ~LOGGING_FLAG__VERBOSE;
#include "snort_config.h"
-bool Debug::init = false;
-uint64_t Debug::mask = 0;
-
-bool Debug::enabled(uint64_t flag)
-{
- if ( !init )
- {
- const char* b = getenv(DEBUG_BUILTIN);
- const char* p = getenv(DEBUG_PLUGIN);
-
- mask = (p ? strtoul(p, nullptr, 0) : 0);
- mask <<= 32;
- mask |= (b ? strtoul(b, nullptr, 0) : 0);
-
- init = true;
- }
-
- return (mask & flag) != 0;
-}
-
-void Debug::print(
- const char* file, int line, uint64_t dbg, const char* fmt, ...)
-{
- if ( !enabled(dbg) )
- return;
-
- va_list ap;
- va_start(ap, fmt);
-
- if ( snort::SnortConfig::get_conf() and snort::SnortConfig::log_syslog() )
- {
- char buf[STD_BUF];
- int buf_len = sizeof(buf);
- char* buf_ptr = buf;
-
- buf[buf_len - 1] = '\0';
-
- /* filename and line number information */
- if ( file )
- {
- snprintf(buf, buf_len - 1, "%s:%d: ", file, line);
- buf_ptr += strlen(buf);
- buf_len -= strlen(buf);
- }
-
- vsnprintf(buf_ptr, buf_len - 1, fmt, ap);
- syslog(LOG_DAEMON | LOG_DEBUG, "%s", buf);
- }
- else
- {
- if ( file )
- printf("%s:%d: ", file, line);
- vprintf(fmt, ap);
- }
-
- va_end(ap);
-}
-
bool trace_enabled(Trace mask, Trace flags)
{ return mask & flags; }
#ifndef SNORT_DEBUG_H
#define SNORT_DEBUG_H
-// this provides a set of flags that can be set by environment variable to
+// this provides a module trace capabilty that can be set by config to
// turn on the output of specific debug messages.
//
-// FIXIT-M debug flags needs to be replaced with a module facility.
#include <cstdarg>
#include "main/snort_types.h"
-// this env var uses the lower 32 bits of the flags:
-#define DEBUG_BUILTIN "SNORT_DEBUG"
-
-#define DEBUG_INIT 0x0000000000000001LL
-#define DEBUG_PORTLISTS 0x0000000000000004LL
-#define DEBUG_ATTRIBUTE 0x0000000000000008LL
-#define DEBUG_DECODE 0x0000000000000010LL
-#define DEBUG_CONFIGRULES 0x0000000000000020LL
-#define DEBUG_PATTERN_MATCH 0x0000000000000080LL
-#define DEBUG_LOG 0x0000000000000200LL
-#define DEBUG_FILE 0x0000000000000800LL
-#define DEBUG_MEMORY 0x0000000000001000LL
-// FIXIT-L latency doesn't use any debug messages
-#define DEBUG_LATENCY 0x0000000000002000LL
-#define DEBUG_SIDE_CHANNEL 0x0000000000004000LL
-#define DEBUG_CONNECTORS 0x0000000000008000LL
-#define DEBUG_HA 0x0000000000010000LL
-#define DEBUG_ANALYZER 0x0000000000020000LL
-
-// this env var uses the upper 32 bits of the flags:
-#define DEBUG_PLUGIN "SNORT_PP_DEBUG"
-
-#define DEBUG_STREAM 0x0000000200000000LL
-
-#define DEBUG_CODEC 0x0001000000000000LL
-#define DEBUG_IPS_ACTION 0x0004000000000000LL
-#define DEBUG_MPSE 0x0010000000000000LL
-#define DEBUG_SO_RULE 0x0020000000000000LL
-#define DEBUG_LOGGER 0x0040000000000000LL
-
-#ifdef PIGLET
-#define DEBUG_PIGLET 0x0800000000000000LL
-#endif
-
typedef uint64_t Trace;
bool trace_enabled(Trace mask);
#define trace_debugf(tracer, ...) \
trace_printf(#tracer, tracer##_trace, __FILE__, __LINE__, __VA_ARGS__)
-class SO_PUBLIC Debug
-{
-public:
- static bool enabled(uint64_t flag);
-
- static void print(const char* file, int line, uint64_t dbg, const char* fmt,
- ...) __attribute__((format (printf, 4, 5)));
-
-private:
- static bool init;
- static uint64_t mask;
-};
-
-#define DebugFormat(dbg, fmt, ...) \
- Debug::print(__FILE__, __LINE__, dbg, fmt, __VA_ARGS__)
-
-#define DebugFormatNoFileLine(dbg, fmt, ...) \
- Debug::print(nullptr, 0, dbg, fmt, __VA_ARGS__)
-
-#define DebugMessage(dbg, msg) DebugFormat(dbg, "%s", msg)
-
-#define DEBUG_WRAP(code) code
-
#else
#define trace_log(tracer, ...)
#define trace_log_wo_name(tracer, ...)
#define trace_debug(tracer, ...)
#define trace_debugf(tracer, ...)
-#define DebugFormat(dbg, fmt, ...)
-#define DebugFormatNoFileLine(dbg, fmt, ...)
-#define DebugMessage(dbg, msg)
-#define DEBUG_WRAP(code)
#endif
#endif
#include "framework/connector.h"
#include "log/messages.h"
-#include "main/snort_debug.h"
#include "utils/util.h"
using namespace snort;
void ConnectorManager::add_plugin(const ConnectorApi* api)
{
- DebugMessage(DEBUG_SIDE_CHANNEL, "ConnectorManager::add_plugin()\n");
-
if ( api->pinit )
api->pinit();
}
void ConnectorManager::dump_plugins()
{
- DebugMessage(DEBUG_SIDE_CHANNEL, "ConnectorManager::dump_plugins()\n");
Dumper d("Connectors");
for ( auto& sc : s_connector_commons )
void ConnectorManager::release_plugins()
{
- DebugMessage(DEBUG_SIDE_CHANNEL, "ConnectorManager::release_plugins()\n");
for ( auto& sc : s_connector_commons )
{
if ( sc.api->dtor )
Connector* ConnectorManager::get_connector(const std::string& connector_name)
{
- DebugFormat(DEBUG_SIDE_CHANNEL, "ConnectorManager::get_connector(): name: %s\n",
- connector_name.c_str());
for ( auto& sc : s_connector_commons )
{
pid_t tid = gettid();
void ConnectorManager::thread_init()
{
- DebugMessage(DEBUG_SIDE_CHANNEL,"ConnectorManager::thread_init()\n");
pid_t tid = gettid();
for ( auto& sc : s_connector_commons )
{
for ( auto& conn : sc.connectors )
{
- DebugFormat(DEBUG_SIDE_CHANNEL,"ConnectorManager::thread_init(): tinit: %s\n",
- conn.first.c_str());
-
/* There must NOT be a connector for this thread present. */
assert(conn.second->thread_connectors.count(tid) == 0);
void ConnectorManager::thread_term()
{
- DebugMessage(DEBUG_SIDE_CHANNEL,"ConnectorManager::thread_term()\n");
pid_t tid = gettid();
for ( auto& sc : s_connector_commons )
{
for ( auto& conn : sc.connectors )
{
- DebugFormat(DEBUG_SIDE_CHANNEL,"ConnectorManager::thread_term(): term: %s\n",
- conn.first.c_str());
-
/* There must be a connector for this thread present. */
assert(conn.second->thread_connectors.count(tid) != 0);
void ConnectorManager::instantiate(const ConnectorApi* api, Module* mod, SnortConfig*)
{
- DebugMessage(DEBUG_SIDE_CHANNEL,"ConnectorManager::instantiate()\n");
assert(mod);
ConnectorCommonElem c(api);
// iterate through the config_set and create the connector entries
for ( auto cfg : *config_set )
{
- DebugFormat(DEBUG_SIDE_CHANNEL,"ConnectorManager::instantiate(): %s\n",
- cfg->connector_name.c_str());
-
ConnectorElem* connector_elem = new ConnectorElem;
connector_elem->config = &*cfg;
std::pair<std::string, ConnectorElem*> element (cfg->connector_name, std::move(connector_elem));
{
if ( requested > cap )
{
- DebugFormat(
- DEBUG_MEMORY,
- "Requested memory (%zu bytes) > cap (%zu bytes)\n",
- requested, cap);
-
return false;
}
if (store_boundary(data_info, data))
{
/* End of boundary, move to MIME_PAF_FOUND_BOUNDARY_STATE*/
- DebugFormat(DEBUG_FILE, "Create boundary string: %s\n", data_info->boundary);
data_info->data_state = MIME_PAF_FOUND_BOUNDARY_STATE;
}
break;
if (check_boundary(data_info, data))
{
/* End of boundary, move to MIME_PAF_FOUND_BOUNDARY_STATE*/
- DebugFormat(DEBUG_FILE, "Found boundary string: %s\n", data_info->boundary);
return true;
}
break;
if (data_state == STATE_DATA_HEADER)
{
-#ifdef DEBUG_MSGS
- if (data_state == STATE_DATA_HEADER)
- {
- DEBUG_WRAP(DebugMessage(DEBUG_FILE, "DATA HEADER STATE ~~~~~~~~~~~~~~~~~~~~~~\n"); );
- }
- else
- {
- DEBUG_WRAP(DebugMessage(DEBUG_FILE, "DATA UNKNOWN STATE ~~~~~~~~~~~~~~~~~~~~~\n"); );
- }
-#endif
-
start = process_mime_header(start, end);
if (start == nullptr)
return nullptr;
switch (data_state)
{
case STATE_MIME_HEADER:
- DEBUG_WRAP(DebugMessage(DEBUG_FILE, "MIME HEADER STATE ~~~~~~~~~~~~~~~~~~~~~~\n"); );
start = process_mime_header(start, end);
break;
case STATE_DATA_BODY:
- DEBUG_WRAP(DebugMessage(DEBUG_FILE, "DATA BODY STATE ~~~~~~~~~~~~~~~~~~~~~~~~\n"); );
start = process_mime_body(start, end, isFileEnd(position) );
break;
}
#include <string>
-#ifdef DEBUG_MSGS
-void Debug::print(const char*, int, uint64_t, const char*, ...) { }
-#endif
-
struct AddAppData
{
AppId client_id = 0;
va_end(ap);
}
-// void Debug::print(const char*, int, uint64_t, const char*, ...) { }
-
#endif
AppIdModuleConfig::~AppIdModuleConfig() { }
-#ifdef DEBUG_MSGS
-void Debug::print(const char*, int, uint64_t, const char*, ...) { }
-#endif
-
TEST_GROUP(tp_lib_handler)
{
};
#include "log/messages.h"
#include "main/policy.h"
-#include "main/snort_debug.h"
#include "sfip/sf_ipvar.h"
#include "sfip/sf_vartable.h"
#include "utils/util.h"
ip_vartable = snort::get_ips_policy()->ip_vartable;
- DebugFormat(DEBUG_CONFIGRULES,"Got address string: %s\n", addr);
-
ret = (sfip_var_t*)snort_calloc(sizeof(sfip_var_t));
if ((ret_code = sfvt_add_to_var(ip_vartable, ret, addr)) != SFIP_SUCCESS)
#include "parse_ports.h"
-#include "main/snort_debug.h"
#include "protocols/packet.h"
#include "utils/util.h"
pop->slen--;
pop->s++;
pop->pos++;
- DebugFormat(DEBUG_PORTLISTS,"GetChar: %c, %d bytes left\n",c, pop->slen);
return c;
}
return 0;
}
}
- DebugFormat(DEBUG_PORTLISTS,">>> POParserName : %s\n",pop->token);
-
return snort_strdup(pop->token);
}
return 0;
}
- DebugFormat(DEBUG_PORTLISTS,"GetUNumber: %d\n",c);
-
return c;
}
{
PortObject* po, * potmp;
- DebugFormat(DEBUG_PORTLISTS,"PortObjectParseString: %s\n",s);
-
POParserInit(pop, s, pvTable);
po = PortObjectNew();
#include "hash/xhash.h"
#include "log/messages.h"
#include "main/snort_config.h"
-#include "main/snort_debug.h"
#include "main/thread_config.h"
#include "managers/ips_manager.h"
#include "managers/module_manager.h"
/* Count rules with both src and dst specific ports */
if (!(rtn->flags & ANY_DST_PORT) && !(rtn->flags & ANY_SRC_PORT))
{
- DebugFormat(DEBUG_PORTLISTS,
- "***\n***Info: src & dst ports are both specific"
- " >> gid=%u sid=%u\n***\n",
- otn->sigInfo.gid, otn->sigInfo.sid);
-
prc->both++;
}
* to those protocols. All IP rules should have any-any port descriptors
* and fall into this test. IP rules that are not tcp/udp/icmp go only into the
* IP table */
- DebugFormat(DEBUG_PORTLISTS,
- "Finishing IP any-any rule %u:%u\n",
- otn->sigInfo.gid, otn->sigInfo.sid);
-
switch ( otn->snort_protocol_id )
{
case SNORT_PROTO_IP: /* Add to all ip proto any port tables */
if (!(rtn->flags & ANY_DST_PORT))
{
prc->dst++;
- DebugMessage(DEBUG_PORTLISTS, "Finishing rule: dst port rule\n");
/* find the proper port object */
PortObject* pox = PortTableFindInputPortObjectPorts(dstTable, rtn->dst_portobject);
/*||isalpha(port_str[0])*/ /*TODO: interferes with protocol names for ports*/
const char* name = port_str + 1;
- DebugFormat(DEBUG_PORTLISTS,"PortVarTableFind: finding '%s'\n", port_str);
-
/* look it up in the port var table */
portobject = PortVarTableFind(pvt, name);
if ( !portobject )
ParseAbort("***PortVar Lookup failed on '%s'.", port_str);
- DebugFormat(DEBUG_PORTLISTS,"PortVarTableFind: '%s' found!\n", port_str);
}
/* 3rd - and finally process a raw port list */
else
/* port list = [p,p,p:p,p,...] or p or p:p , no embedded spaces due to tokenizer */
PortObject* pox;
- DebugFormat(DEBUG_PORTLISTS,
- "parser.c->PortObjectParseString: parsing '%s'\n",port_str);
-
portobject = PortObjectParseString(pvt, &poparser, nullptr, port_str, 0);
- DebugFormat(DEBUG_PORTLISTS,
- "parser.c->PortObjectParseString: '%s' done.\n",port_str);
-
if ( !portobject )
{
const char* errstr = PortObjectParseError(&poparser);
pox = PortTableFindInputPortObjectPorts(noname, portobject);
if ( pox )
{
- DebugFormat(DEBUG_PORTLISTS,
- "parser.c: already have '%s' as a PortObject - "
- "calling PortObjectFree(portobject)\n", port_str);
PortObjectFree(portobject);
portobject = pox;
}
else
{
- DebugFormat(DEBUG_PORTLISTS,
- "parser.c: adding '%s' as a PortObject\n",port_str);
/* Add to the un-named port var table */
if (PortTableAddObject(noname, portobject))
{
}
}
- DebugFormat(DEBUG_PORTLISTS,"Rule-PortVar Parsed: %s \n",port_str);
-
/* !ports - port lists can be mixed 80:90,!82,
* so the old NOT flag is deprecated for port lists
*/
int (* rfunc)(Packet*, RuleTreeNode*, struct RuleFpList*, int),
RuleTreeNode* rtn)
{
- DebugMessage(DEBUG_CONFIGRULES,"Adding new rule to list\n");
RuleFpList* idx = rtn->rule_func;
if ( !idx )
case SRC:
if ((rtn->flags & ANY_SRC_IP) == 0)
{
- DebugMessage(DEBUG_CONFIGRULES,"CheckSrcIP -> ");
AddRuleFuncToList(CheckSrcIP, rtn);
}
break;
case DST:
if ((rtn->flags & ANY_DST_IP) == 0)
{
- DebugMessage(DEBUG_CONFIGRULES,"CheckDstIP -> ");
AddRuleFuncToList(CheckDstIP, rtn);
}
break;
switch (mode)
{
case SRC:
- DebugMessage(DEBUG_CONFIGRULES,"CheckSrcPortNotEq -> ");
AddRuleFuncToList(CheckSrcPortNotEq, rtn);
break;
case DST:
- DebugMessage(DEBUG_CONFIGRULES,"CheckDstPortNotEq -> ");
AddRuleFuncToList(CheckDstPortNotEq, rtn);
break;
}
switch (mode)
{
case SRC:
- DebugMessage(DEBUG_CONFIGRULES,"CheckSrcPortEqual -> ");
AddRuleFuncToList(CheckSrcPortEqual, rtn);
break;
case DST:
- DebugMessage(DEBUG_CONFIGRULES,"CheckDstPortEqual -> ");
AddRuleFuncToList(CheckDstPortEqual, rtn);
break;
}
// functions (addrs and ports)
static void SetupRTNFuncList(RuleTreeNode* rtn)
{
- DebugMessage(DEBUG_CONFIGRULES,"Initializing RTN function list!\n");
- DebugMessage(DEBUG_CONFIGRULES,"Functions: ");
-
if (rtn->flags & BIDIRECTIONAL)
{
- DebugMessage(DEBUG_CONFIGRULES,"CheckBidirectional->\n");
AddRuleFuncToList(CheckBidirectional, rtn);
}
else
AddrToFunc(rtn, DST);
}
- DebugMessage(DEBUG_CONFIGRULES,"RuleListEnd\n");
-
/* tack the end (success) function to the list */
AddRuleFuncToList(RuleListEnd, rtn);
}
* stick it at the end of the list */
if ( !rtn )
{
- DebugMessage(DEBUG_CONFIGRULES,"Building New Chain head node\n");
head_count++;
rtn = (RuleTreeNode*)snort_calloc(sizeof(RuleTreeNode));
/* add link to parent listhead */
rtn->listhead = list;
- DebugFormat(DEBUG_CONFIGRULES,
- "New Chain head flags = 0x%X\n", rtn->flags);
}
else
{
#include "log/messages.h"
#include "main/snort_config.h"
-#include "main/snort_debug.h"
#include "sfip/sf_ipvar.h"
#include "utils/util.h"
#include "utils/util_cstring.h"
}
}
- DebugFormat(DEBUG_PORTLISTS,
- "VarDefine: name=%s value=%s\n",name,value);
-
/* Check to see if this variable is just being aliased */
if (var_table != nullptr)
{
ParseAbort("could not expand var('%s').", name);
}
- DebugFormat(DEBUG_PORTLISTS,
- "VarDefine: name=%s value=%s (expanded)\n",name,value);
-
DisallowCrossTableDuplicateVars(sc, name, VAR_TYPE__DEFAULT);
if (var_table == nullptr)
int i = 0, j = 0;
int l_string = strlen(string);
- DebugFormat(DEBUG_CONFIGRULES, "ExpandVars, Before: %s\n", string);
while (i < l_string && j < (int)sizeof(estring) - 1)
{
}
}
- DebugFormat(DEBUG_CONFIGRULES, "ExpandVars, After: %s\n", estring);
return estring;
}
//TODO: snort.cfg and rules should use PortVar instead ...this allows compatibility for now.
if (strstr(name, "_PORT") || strstr(name, "PORT_"))
{
- DebugMessage(DEBUG_CONFIGRULES,"PortVar\n");
PortVarDefine(sc, name, value);
}
else
#include "port_object.h"
#include "log/messages.h"
-#include "main/snort_debug.h"
#include "parser/parser.h"
#include "utils/util.h"
#include "utils/util_cstring.h"
assert(pv);
PortObject* po = (PortObject*)pv;
- DEBUG_WRAP(static int pof_cnt = 0; pof_cnt++; );
- DebugFormat(DEBUG_PORTLISTS, "PortObjectFree-Cnt: %d ptr=%p\n", pof_cnt, (void*)po);
-
if ( po->name )
snort_free(po->name);
#include "hash/hashfcn.h"
#include "log/messages.h"
-#include "main/snort_debug.h"
#include "parser/parser.h"
#include "utils/util.h"
#include "utils/util_cstring.h"
void PortObject2Free(PortObject2* po)
{
- DEBUG_WRAP(static int pof2_cnt = 0; pof2_cnt++; );
- DebugFormat(DEBUG_PORTLISTS, "PortObjectFree2-Cnt: %d ptr=%p\n", pof2_cnt, (void*)po);
-
if ( !po )
return;
snort_free(p);
}
-#ifdef DEBUG_MSGS
-static void plx_print(plx_t* p)
-{
- DEBUG_WRAP
- (
- DebugFormat(DEBUG_PORTLISTS, "plx-n=%d\n", p->n);
- for ( int i = 0; i < p->n; i++ )
- DebugFormat(DEBUG_PORTLISTS, "plx[%d]=%p\n", i, p->p[i]);
- );
-}
-#endif
-
static unsigned plx_hash(HashFnc* p, const unsigned char* d, int)
{
unsigned hash = p->seed;
/*
* Check for the merged port object in the plx table
*/
- DebugFormat(DEBUG_PORTLISTS, "++++n=%d ghash_find-mhashx\n", pol_cnt);
ponew = (PortObject2*)ghash_find(mhashx, &plx);
if ( ponew )
{
- DebugFormat(DEBUG_PORTLISTS, "n=%d ponew found in mhashx\n", pol_cnt);
return ponew;
}
- DebugFormat(DEBUG_PORTLISTS, "n=%d posnew not found in mhashx\n", pol_cnt);
/*
* Merge the port objects together - ports and rules
{
for ( int i = 1; i < pol_cnt; i++ )
{
- DebugFormat(DEBUG_PORTLISTS, "*** %u rules in object %d\n",
- ((PortObject*)pol[i])->rule_list->count, i);
PortObjectAppendEx2(ponew, (PortObject*)pol[i]);
- DebugFormat(DEBUG_PORTLISTS, "*** merged port-object[%d], %u rules\n",
- i, ponew->rule_hash->count);
}
PortObjectNormalize( (PortObject*)ponew);
}
- DebugFormat(DEBUG_PORTLISTS, "*** merged %d port objects, %u rules\n",
- pol_cnt, ponew->rule_hash->count);
- DebugMessage(DEBUG_PORTLISTS, "*** merged ponew - follows: \n");
// PortObjectPrint2(ponew);
/*
* Add the Merged PortObject2 to the PortObject2 hash table
* keyed by ports.
*/
- DebugFormat(DEBUG_PORTLISTS, "n=%d ghash_add-mhash\n", pol_cnt);
stat =ghash_add(mhash, &ponew, ponew);
if ( stat != GHASH_OK )
{
/* This is possible since PLX hash on a different key */
if ( stat == GHASH_INTABLE )
{
- DebugFormat(DEBUG_PORTLISTS, "n=%d ghash_add-mhash ponew in table\n", pol_cnt);
- DebugFormat(DEBUG_PORTLISTS, "n=%d ghash_find-mhash ponew\n", pol_cnt);
pox = (PortObject2*)ghash_find(mhash, &ponew);
if ( pox )
{
PortObject2AppendPortObject2(pox, ponew);
- DebugMessage(DEBUG_PORTLISTS, "sfportobject.c: merge_N_pol() GHASH_INTABLE\n");
PortObject2Free(ponew);
ponew = pox;
- DebugFormat(DEBUG_PORTLISTS,
- "n=%d ghash_find-mhash ponew found, new rules merged\n", pol_cnt);
}
else
{
}
}
- DebugFormat(DEBUG_PORTLISTS, "***%d ports merged object added to mhash table\n", pol_cnt);
/*
* Create a plx node and add it to plx table
/*
* Add the plx node to the PLX hash table
*/
- DebugFormat(DEBUG_PORTLISTS, "n=%d ghash_add-mhashx\n", pol_cnt);
stat = ghash_add(mhashx, &plx_tmp, ponew);
if ( stat != GHASH_OK )
{
}
}
- DebugFormat(DEBUG_PORTLISTS, "Added-%d Merged Rule Groups to PLX HASH\n", pol_cnt);
/*
* Validate hash table entry
}
}
- DebugFormat(DEBUG_PORTLISTS,
- "*** %d small rule groups, %d large rule groups\n", nsmall, nlarge);
-
/*
* Sort the pointers to the input port objects so
* we always get them in the same order for key comparisons
if ( nsmall > 1 )
qsort(posmall, nsmall, sizeof(void*), p_keycmp);
- DEBUG_WRAP
- (
- for ( int i = 0; i < nsmall; i++ )
- DebugFormat(DEBUG_PORTLISTS, "posmall[%d]=%p\n", i, posmall[i]);
-
- for ( int i = 0; i < nlarge; i++)
- DebugFormat(DEBUG_PORTLISTS, "polarge[%d]=%p\n", i, polarge[i]);
- );
-
/*
* Setup plx_t representation of port list pointers
*/
plx_large.n = nlarge;
plx_large.p = (void**)&polarge[0];
-#ifdef DEBUG_MSGS
- if ( nlarge )
- {
- DebugMessage(DEBUG_PORTLISTS, "large ");
- plx_print(&plx_large);
- }
- if ( nsmall )
- {
- DebugMessage(DEBUG_PORTLISTS, "small ");
- plx_print(&plx_small);
- }
-#endif
-
PortObject2* ponew = nullptr;
PortObject2* posnew = nullptr;
*/
if ( nlarge )
{
- DebugFormat(DEBUG_PORTLISTS, "***nlarge=%d \n", nlarge);
ponew = _merge_N_pol(mhash, mhashx, plx_list, polarge, nlarge, &plx_large);
}
*/
if ( nsmall )
{
- DebugFormat(DEBUG_PORTLISTS, "***nsmall=%d \n", nsmall);
posnew = _merge_N_pol(mhash, mhashx, plx_list, posmall, nsmall, &plx_small);
}
/*
*/
if ( nlarge && nsmall )
{
- DebugMessage(DEBUG_PORTLISTS, "*** appending small rules to larger rule group\n");
if (ponew != posnew)
{
/* Append small port object, just the rules */
PortObjectRemovePorts( (PortObject*)posnew, (PortObject*)ponew);
}
- DebugMessage(DEBUG_PORTLISTS, "*** final - using small+large rule group \n");
}
else if ( nsmall )
{
/* Only a small port object */
ponew = posnew;
- DebugMessage(DEBUG_PORTLISTS, "*** final - using small rule group only \n");
}
else if ( nlarge )
{
static int PortTableCompileMergePortObjects(PortTable* p)
{
- DebugMessage(DEBUG_PORTLISTS, "***\n***Merging PortObjects->PortObjects2\n***\n");
-
std::unique_ptr<PortObject*[]> upA(new PortObject*[SFPO_MAX_LPORTS]);
PortObject** pol = upA.get();
p->pt_mpxo_hash = mhashx;
- DebugFormat(DEBUG_PORTLISTS,
- "***\n*** PortList-Merging, Large Rule groups must have %d rules\n", p->pt_lrc);
-
SF_LIST* plx_list = sflist_new();
SF_LIST** optimized_pl = create_port_lists(p);
continue;
}
- DEBUG_WRAP(DebugFormat(DEBUG_PORTLISTS,
- "*** merging list for port[%d] \n", i); fflush(stdout); );
-
/* merge the rules into an optimal port object */
p->pt_port_object[i] =
PortTableCompileMergePortObjectList2(
/* give the new compiled port object an id of its own */
p->pt_port_object[i]->id = id++;
- DEBUG_WRAP(DebugMessage(DEBUG_PORTLISTS, "\n"); fflush(stdout); );
}
delete_port_lists(optimized_pl);
/* set the new list - this is a list of port items for this port object */
po->item_list = plist;
- DebugFormat(DEBUG_PORTLISTS, "port-object id = %d, port cnt = %d\n", po->id,
- po->port_cnt);
}
sflist_free_all(plx_list, plx_free);
if ( !po )
{
- DebugMessage(DEBUG_PORTLISTS, "PortObject consistency Check failed, hash table problem\n");
return false;
}
{
if ( parray[i] )
{
- DebugFormat(DEBUG_PORTLISTS, "PortTableCompile: failed consistency check, "
- "multiple objects reference port %d\n", i);
return false;
}
parray[i] = 1;
{
if ( _po2_include_po_rules(p->pt_port_object[i], ipo) )
{
- DebugMessage(DEBUG_PORTLISTS,
- "InputPortObject<->CompositePortObject consistency Check II failed\n");
return false;
}
lastpo = p->pt_port_object[i];
if ( !p->pt_optimize )
return 0;
- DebugMessage(DEBUG_PORTLISTS, "#PortTableCompile: Compiling Port Array Lists\n");
-
if ( PortTableCompileMergePortObjects(p) )
{
FatalError("Could not create PortArryayLists\n");
}
- DEBUG_WRAP(DebugMessage(DEBUG_PORTLISTS, "Done\n"); fflush(stdout); );
#ifdef DEBUG
assert(PortTableConsistencyCheck(p));
assert(PortTableConsistencyCheck2(p));
#endif
-#ifdef DEBUG_MSGS
- if ( Debug::enabled(DEBUG_PORTLISTS) )
- PortTablePrintPortGroups(p);
-#endif
-
return 0;
}
#include "detection/detection_engine.h"
#include "log/text_log.h"
#include "main/snort_config.h"
-#include "main/snort_debug.h"
#include "packet_io/active.h"
#include "packet_io/sfdaq.h"
#include "profiler/profiler_defs.h"
// loop until the protocol id is no longer valid
while (CodecManager::s_protocols[mapped_prot]->decode(raw, codec_data, p->ptrs))
{
- DebugFormat(DEBUG_DECODE, "Codec %s (protocol_id: %hu:"
- "ip header starts at: %p, length is %d\n",
- CodecManager::s_protocols[mapped_prot]->get_name(),
- static_cast<uint16_t>(codec_data.next_prot_id), pkt, codec_data.lyr_len);
-
if ( codec_data.codec_flags & CODEC_ETHER_NEXT )
{
if ( codec_data.next_prot_id < ProtocolId::ETHERTYPE_MINIMUM )
codec_data.proto_bits = 0;
}
- DebugFormat(DEBUG_DECODE, "Codec %s (protocol_id: %hu: ip header"
- " starts at: %p, length is %lu\n",
- CodecManager::s_protocols[mapped_prot]->get_name(),
- static_cast<uint16_t>(prev_prot_id), pkt, (unsigned long)codec_data.lyr_len);
-
if ( p->num_layers > 0 )
s_stats[mapped_prot + stat_offset]++;
#include <cassert>
#include "framework/counts.h"
-#include "main/snort_debug.h"
#include "managers/connector_manager.h"
#include "profiler/profiler_defs.h"
{
if ( ( port <= scm->ports.size() ) && ( scm->ports.test(port) ) )
{
- DebugFormat(DEBUG_SIDE_CHANNEL,"SideChannelManager::get_side_channel: port: %u\n",
- (uint32_t)port);
return scm->sc;
}
}
SideChannel::SideChannel()
{
- DebugMessage(DEBUG_SIDE_CHANNEL,"SideChannel::SideChannel()\n");
sequence = 0;
default_port = 0;
connector_receive = nullptr;
receive_handler = nullptr;
}
-SideChannel::~SideChannel()
-{
- DebugMessage(DEBUG_SIDE_CHANNEL,"SideChannel::~SideChannel()\n");
-}
-
void SideChannel::set_message_port(SCMessage* msg, SCPort port)
{
assert ( msg );
void SideChannelManager::instantiate(const SCConnectors* connectors, const PortBitSet* ports)
{
- DebugMessage(DEBUG_SIDE_CHANNEL, "SideChannelManager::instantiate()\n");
-
SideChannelMapping* scm = new SideChannelMapping;
scm->sc = nullptr;
// Initialize state to be ready to accept configuration
void SideChannelManager::pre_config_init()
{
- DebugMessage(DEBUG_SIDE_CHANNEL,"SideChannelManager::pre_config_init()\n");
s_maps.clear();
}
// Within each thread, instantiate the connectors, etc.
void SideChannelManager::thread_init()
{
- DebugMessage(DEBUG_SIDE_CHANNEL,"SideChannelManager::thread_init()\n");
// First startup the connectors
ConnectorManager::thread_init();
if ( connector->get_connector_direction() == Connector::CONN_DUPLEX )
{
- DebugFormat(DEBUG_SIDE_CHANNEL,
- "SideChannelManager::thread_init(): DUPLEX: %s\n", conn_name.c_str());
sc->connector_receive = connector;
sc->connector_transmit = connector;
}
if ( connector->get_connector_direction() == Connector::CONN_RECEIVE )
{
- DebugFormat(DEBUG_SIDE_CHANNEL,
- "SideChannelManager::thread_init(): RECEIVE: %s\n", conn_name.c_str());
sc->connector_receive = connector;
}
if ( connector->get_connector_direction() == Connector::CONN_TRANSMIT )
{
- DebugFormat(DEBUG_SIDE_CHANNEL,
- "SideChannelManager::thread_init(): TRANSMIT: %s\n", conn_name.c_str());
sc->connector_transmit = connector;
}
}
// Within each thread, shutdown the sidechannel
void SideChannelManager::thread_term()
{
- DebugMessage(DEBUG_SIDE_CHANNEL,"SideChannelManager::thread_term()\n");
// First shutdown the connectors
ConnectorManager::thread_term();
// return true iff we received any messages.
bool SideChannel::process(int max_messages)
{
- DebugMessage(DEBUG_SIDE_CHANNEL,"SideChannelManager::process()\n");
bool received_message = false;
while (true)
void SideChannel::register_receive_handler(const SCProcessMsgFunc& handler)
{
- DebugMessage(DEBUG_SIDE_CHANNEL,"SideChannelManager::register_receive_handler()\n");
receive_handler = handler;
}
void SideChannel::unregister_receive_handler()
{
- DebugMessage(DEBUG_SIDE_CHANNEL,"SideChannelManager::unregister_receive_handler()\n");
receive_handler = nullptr;
}
SCMessage* SideChannel::alloc_transmit_message(uint32_t content_length)
{
- DebugMessage(DEBUG_SIDE_CHANNEL,"SideChannelManager::alloc_transmit_message()\n");
SCMessage* msg = new SCMessage;
msg->handle = connector_transmit->alloc_message((content_length + sizeof(SCMsgHdr)),
(const uint8_t**)&(msg->hdr));
bool SideChannel::transmit_message(SCMessage* msg)
{
- DebugMessage(DEBUG_SIDE_CHANNEL,"SideChannelManager::transmit_message()\n");
bool return_value = false;
if ( connector_transmit && msg->handle )
delete msg;
}
- DebugFormat(DEBUG_SIDE_CHANNEL,"SideChannelManager::transmit_message(): return: %d\n",
- (int)return_value);
return return_value;
}
{
public:
SideChannel();
- ~SideChannel();
void register_receive_handler(const SCProcessMsgFunc& handler);
void unregister_receive_handler();
}
SideChannelModule::SideChannelModule() :
- Module(SIDECHANNEL_NAME, SIDECHANNEL_HELP, sc_params)
-{
- DebugMessage(DEBUG_SIDE_CHANNEL,"SideChannelModule::SideChannelModule()\n");
-}
-
-SideChannelModule::~SideChannelModule()
-{
- DebugMessage(DEBUG_SIDE_CHANNEL,"SideChannelModule::~SideChannelModule()\n");
-}
+ Module(SIDECHANNEL_NAME, SIDECHANNEL_HELP, sc_params){}
ProfileStats* SideChannelModule::get_profile() const
{ return &sc_perf_stats; }
-bool SideChannelModule::set(const char* fqn, Value& v, SnortConfig*)
+bool SideChannelModule::set(const char*, Value& v, SnortConfig*)
{
-#ifdef DEBUG_MSGS
- DebugFormat(DEBUG_SIDE_CHANNEL,"SideChannelModule::set(): %s %s\n", fqn, v.get_name());
-#else
- UNUSED(fqn);
-#endif
-
assert(config);
if ( v.is("connector") )
return true;
}
-bool SideChannelModule::begin(const char* fqn, int idx, SnortConfig*)
+bool SideChannelModule::begin(const char*, int, SnortConfig*)
{
-#ifdef DEBUG_MSGS
- DebugFormat(DEBUG_SIDE_CHANNEL,"SideChannelModule::begin(): %s %d\n", fqn, idx);
-#else
- UNUSED(fqn);
- UNUSED(idx);
-#endif
if ( !config )
{
config = new SideChannelConfig;
bool SideChannelModule::end(const char* fqn, int idx, SnortConfig*)
{
-#ifdef DEBUG_MSGS
- DebugFormat(DEBUG_SIDE_CHANNEL,"SideChannelModule::end(): %s %d\n", fqn, idx);
-#else
- UNUSED(fqn);
-#endif
-
if ( (idx == 0) || (strcmp(fqn, "side_channel.connectors") == 0 ) )
return true;
{
public:
SideChannelModule();
- ~SideChannelModule() override;
bool set(const char*, snort::Value&, snort::SnortConfig*) override;
bool begin(const char*, int, snort::SnortConfig*) override;
void ParseWarning(WarningGroup, const char*, ...) { }
-#ifdef DEBUG_MSGS
-void Debug::print(const char*, int, uint64_t, const char*, ...) { }
-#endif
-
char* snort_strdup(const char* s)
{ return strdup(s); }
void ParseWarning(WarningGroup, const char*, ...) { }
-#ifdef DEBUG_MSGS
-void Debug::print(const char*, int, uint64_t, const char*, ...) { }
-#endif
-
TEST_GROUP(side_channel)
{
void setup() override
#include "log/messages.h"
#include "main/snort_config.h"
-#include "main/snort_debug.h"
#include "protocols/packet.h"
#include "sfrt/sfrt.h"
#include "utils/stats.h"
static void FreeApplicationEntry(ApplicationEntry* app)
{
- DebugFormat(DEBUG_ATTRIBUTE, "Freeing ApplicationEntry: 0x%p\n", (void*) app);
snort_free(app);
}
if (!host)
return;
- DebugFormat(DEBUG_ATTRIBUTE, "Freeing HostEntry: 0x%p\n", (void*) host);
/* Free the service list */
if (host->services)
#endif
-#ifdef DEBUG_MSGS
-static void PrintHostAttributeEntry(HostAttributeEntry* host)
-{
- ApplicationEntry* app;
- int i = 0;
-
- if (!host)
- return;
-
- SfIpString ip_str;
- DebugFormat(DEBUG_ATTRIBUTE, "Host IP: %s/%d\n",
- host->ipAddr.ntop(ip_str),
- host->ipAddr.get_bits());
-
- DebugFormat(DEBUG_ATTRIBUTE,
- "\tPolicy Information: frag:%s (%hhu) stream: %s (%hhu)\n",
- "look-me-up", host->hostInfo.fragPolicy,
- "look-me-up", host->hostInfo.streamPolicy);
-
- DebugMessage(DEBUG_ATTRIBUTE, "\tServices:\n");
-
- for (i=0, app = host->services; app; app = app->next,i++)
- {
- DebugFormat(DEBUG_ATTRIBUTE, "\tService #%d:\n", i);
- DebugFormat(DEBUG_ATTRIBUTE, "\t\tIPProtocol: %d\tPort: %d\tSnortProtocolId %hu\n",
- app->ipproto, app->port, app->snort_protocol_id);
- }
- if (i==0)
- DebugMessage(DEBUG_ATTRIBUTE, "\t\tNone\n");
-
- DebugMessage(DEBUG_ATTRIBUTE, "\tClients:\n");
- for (i=0, app = host->clients; app; app = app->next,i++)
- {
- DebugFormat(DEBUG_ATTRIBUTE, "\tClient #%d:\n", i);
- DebugFormat(DEBUG_ATTRIBUTE, "\t\tIPProtocol: %d\tSnortProtocolId %hu\n",
- app->ipproto, app->snort_protocol_id);
-
- if (app->fields & APPLICATION_ENTRY_PORT)
- {
- DebugFormat(DEBUG_ATTRIBUTE, "\t\tPort: %d\n", app->port);
- }
- }
- if (i==0)
- {
- DebugMessage(DEBUG_ATTRIBUTE, "\t\tNone\n");
- }
-}
-
-#endif
int SFAT_AddHost(HostAttributeEntry* host)
{
int ret;
SfCidr* ipAddr;
- DEBUG_WRAP(PrintHostAttributeEntry(host); );
-
ipAddr = &host->ipAddr;
assert(ipAddr);
#include <algorithm>
#include "log/messages.h"
-#include "main/snort_debug.h"
#include "protocols/packet.h"
#include "utils/util.h"
#include "utils/util_cstring.h"
auto protocol_ref = ref_table.find(protocol);
if ( protocol_ref != ref_table.end() )
{
- DebugFormat(DEBUG_ATTRIBUTE, "Protocol Reference for %s exists as %d\n",
- protocol, protocol_ref->second);
-
return protocol_ref->second;
}
auto protocol_ref = ref_table.find(protocol);
if ( protocol_ref != ref_table.end() )
{
- DebugFormat(DEBUG_ATTRIBUTE, "Protocol Reference for %s exists as %d\n",
- protocol, protocol_ref->second);
-
return protocol_ref->second;
}
using namespace snort;
-void Debug::print(const char*, int, uint64_t, const char*, ...) { }
-
TEST_GROUP(protocol_reference)
{};
#include "boyer_moore.h"
-#include "main/snort_debug.h"
-
#include "util.h"
/****************************************************************
int mSearch(
const char* buf, int blen, const char* ptrn, int plen, const int* skip, const int* shift)
{
- DebugFormat(DEBUG_PATTERN_MATCH,"buf: %p blen: %d ptrn: %p "
- "plen: %d\n", buf, blen, ptrn, plen);
-
if (plen == 0)
return -1;
#include "log/messages.h"
#include "main/build.h"
#include "main/snort_config.h"
-#include "main/snort_debug.h"
#include "packet_io/sfdaq.h"
#include "protocols/packet.h" // For NUM_IP_PROTOS
return false;
}
PathBuf pwd;
- DebugFormat(DEBUG_INIT, "EnterChroot: %s\n", CurrentWorkingDir(pwd));
PathBuf abs_log_dir;
if ( !GetAbsolutePath(log_dir.c_str(), abs_log_dir) )
return false;
}
size_t abs_root_dir_len = strlen(abs_root_dir);
- DebugFormat(DEBUG_INIT, "ABS: %s %zu\n", abs_root_dir, abs_root_dir_len);
if (strncmp(abs_root_dir, abs_log_dir, abs_root_dir_len))
{
return false;
}
- DebugFormat(DEBUG_INIT,"chroot success (%s ->", abs_root_dir);
- DebugFormat(DEBUG_INIT,"%s)\n ", CurrentWorkingDir(pwd));
/* Immediately change to the root directory of the jail. */
if (chdir("/") < 0)
return false;
}
- DebugFormat(DEBUG_INIT,"chdir success (%s)\n", CurrentWorkingDir(pwd));
if (abs_root_dir_len >= strlen(abs_log_dir))
log_dir = "/";
else
log_dir = abs_log_dir + abs_root_dir_len;
- DebugFormat(DEBUG_INIT,"new logdir from %s to %s\n", abs_log_dir, log_dir.c_str());
LogMessage("Chroot directory = %s\n", root_dir.c_str());
projects / thirdparty / snort3.git / commitdiff
