Pull request #3222: appid: update appid api to include ssh in the list of service...

author Shravan Rangarajuvenkata (shrarang) <shrarang@cisco.com>

Fri, 17 Dec 2021 00:44:13 +0000 (00:44 +0000)

committer Shravan Rangarajuvenkata (shrarang) <shrarang@cisco.com>

Fri, 17 Dec 2021 00:44:13 +0000 (00:44 +0000)
author Shravan Rangarajuvenkata (shrarang) <shrarang@cisco.com>
Fri, 17 Dec 2021 00:44:13 +0000 (00:44 +0000)
committer Shravan Rangarajuvenkata (shrarang) <shrarang@cisco.com>
Fri, 17 Dec 2021 00:44:13 +0000 (00:44 +0000)
diff --git a/src/network_inspectors/appid/appid_api.cc b/src/network_inspectors/appid/appid_api.cc

index 47f03e696152e17eedc66f22613128bf15f52fb0..a6b93faa422eb4360d7be84499c74e261ff3f9b4 100644 (file)
--- a/src/network_inspectors/appid/appid_api.cc
+++ b/src/network_inspectors/appid/appid_api.cc
@@ -255,9 +255,12 @@ bool AppIdApi::is_inspection_needed(const Inspector& inspector) const
      AppIdInspector* appid_inspector = (AppIdInspector*) InspectorManager::get_inspector(MOD_NAME,
          true);
  
-    if (appid_inspector and
-        (inspector.get_service() ==
-            appid_inspector->get_ctxt().config.snort_proto_ids[PROTO_INDEX_HTTP2]))
+    if (!appid_inspector)
+        return false;
+
+    SnortProtocolId id = inspector.get_service();
+    AppIdConfig& config = appid_inspector->get_ctxt().config;
+    if (id == config.snort_proto_ids[PROTO_INDEX_HTTP2] or id == config.snort_proto_ids[PROTO_INDEX_SSH])
          return true;
  
      return false;
diff --git a/src/network_inspectors/appid/appid_config.cc b/src/network_inspectors/appid/appid_config.cc

index 9db516646e2868d6be720ab6ceb8bc0ee020ac89..8bcca664a010fc7d5e07f75c02a140fc33d452da 100644 (file)
--- a/src/network_inspectors/appid/appid_config.cc
+++ b/src/network_inspectors/appid/appid_config.cc
@@ -62,6 +62,7 @@ static void map_app_names_to_snort_ids(SnortConfig* sc, AppIdConfig& config)
      config.snort_proto_ids[PROTO_INDEX_SUNRPC] = sc->proto_ref->add("sunrpc");
      config.snort_proto_ids[PROTO_INDEX_TFTP] = sc->proto_ref->add("tftp");
      config.snort_proto_ids[PROTO_INDEX_SIP] = sc->proto_ref->add("sip");
+    config.snort_proto_ids[PROTO_INDEX_SSH] = sc->proto_ref->add("ssh");
  }
  
  AppIdConfig::~AppIdConfig()
diff --git a/src/network_inspectors/appid/appid_config.h b/src/network_inspectors/appid/appid_config.h

index 10bcae24acc35040af1e8bfdfd3851f85dc71c60..f44c06e5aa5802c26878befa1f8ee11adb163c6f 100644 (file)
--- a/src/network_inspectors/appid/appid_config.h
+++ b/src/network_inspectors/appid/appid_config.h
@@ -61,6 +61,7 @@ enum SnortProtoIdIndex
      PROTO_INDEX_SUNRPC,
      PROTO_INDEX_TFTP,
      PROTO_INDEX_SIP,
+    PROTO_INDEX_SSH,
  
      PROTO_INDEX_MAX
  };
author	Shravan Rangarajuvenkata (shrarang) <shrarang@cisco.com>
	Fri, 17 Dec 2021 00:44:13 +0000 (00:44 +0000)
committer	Shravan Rangarajuvenkata (shrarang) <shrarang@cisco.com>
	Fri, 17 Dec 2021 00:44:13 +0000 (00:44 +0000)
src/network_inspectors/appid/appid_api.cc		patch \| blob \| blame \| history
src/network_inspectors/appid/appid_config.cc		patch \| blob \| blame \| history
src/network_inspectors/appid/appid_config.h		patch \| blob \| blame \| history