detect: initialize detection engine by prefix

Initalize detection engine by configuration prefix.

    DetectEngineCtxInitWithPrefix(const char *prefix)

Takes the detection engine configuration from:
<prefix>.<config>

If prefix is NULL the regular config will be used.

Update sure that DetectLoadCompleteSigPath considers the prefix when
retrieving the configuration.

diff --git a/src/detect-engine.c b/src/detect-engine.c
index e42e8961747256f3cfae169ee2a305ab206cefbe..688c41961584a5aaa5a19afefb117d458123d4cd 100644 (file)
--- a/src/detect-engine.c
+++ b/src/detect-engine.c
@@ -647,7 +647,7 @@ static int DetectEngineReloadThreads(DetectEngineCtx *new_de_ctx)
     return -1;
 }
 
-static DetectEngineCtx *DetectEngineCtxInitReal(int minimal)
+static DetectEngineCtx *DetectEngineCtxInitReal(int minimal, const char *prefix)
 {
     DetectEngineCtx *de_ctx;
 
@@ -668,6 +668,10 @@ static DetectEngineCtx *DetectEngineCtxInitReal(int minimal)
         return de_ctx;
     }
 
+    if (prefix != NULL) {
+        strlcpy(de_ctx->config_prefix, prefix, sizeof(de_ctx->config_prefix));
+    }
+
     if (ConfGetBool("engine.init-failure-fatal", (int *)&(de_ctx->failure_fatal)) != 1) {
         SCLogDebug("ConfGetBool could not load the value.");
     }
@@ -747,12 +751,17 @@ error:
 
 DetectEngineCtx *DetectEngineCtxInitMinimal(void)
 {
-    return DetectEngineCtxInitReal(1);
+    return DetectEngineCtxInitReal(1, NULL);
 }
 
 DetectEngineCtx *DetectEngineCtxInit(void)
 {
-    return DetectEngineCtxInitReal(0);
+    return DetectEngineCtxInitReal(0, NULL);
+}
+
+DetectEngineCtx *DetectEngineCtxInitWithPrefix(const char *prefix)
+{
+    return DetectEngineCtxInitReal(0, prefix);
 }
 
 static void DetectEngineCtxFreeThreadKeywordData(DetectEngineCtx *de_ctx)

diff --git a/src/detect-engine.h b/src/detect-engine.h
index b95f509ebb254355df33b40678b02f7f0191d60a..c664f50e2638c67f2695b6aa2e1cc5585f725f13 100644 (file)
--- a/src/detect-engine.h
+++ b/src/detect-engine.h
@@ -55,6 +55,7 @@ extern DetectEngineAppInspectionEngine *app_inspection_engine[FLOW_PROTO_DEFAULT
 
 /* prototypes */
 void DetectEngineRegisterAppInspectionEngines(void);
+DetectEngineCtx *DetectEngineCtxInitWithPrefix(const char *prefix);
 DetectEngineCtx *DetectEngineCtxInit(void);
 DetectEngineCtx *DetectEngineCtxInitMinimal(void);
 void DetectEngineCtxFree(DetectEngineCtx *);

diff --git a/src/detect-filemd5.c b/src/detect-filemd5.c
index 1bb0cf3ac88b420f2fcffbb19ce17d1d4dd39efb..87f3f35e9b34e9b6b57f2bda4236cedda93637b1 100644 (file)
--- a/src/detect-filemd5.c
+++ b/src/detect-filemd5.c
@@ -211,7 +211,7 @@ static int DetectFileMd5Match (ThreadVars *t, DetectEngineThreadCtx *det_ctx,
  * \retval filemd5 pointer to DetectFileMd5Data on success
  * \retval NULL on failure
  */
-static DetectFileMd5Data *DetectFileMd5Parse (char *str)
+static DetectFileMd5Data *DetectFileMd5Parse (const DetectEngineCtx *de_ctx, char *str)
 {
     DetectFileMd5Data *filemd5 = NULL;
     FILE *fp = NULL;
@@ -235,7 +235,7 @@ static DetectFileMd5Data *DetectFileMd5Parse (char *str)
     }
 
     /* get full filename */
-    filename = DetectLoadCompleteSigPath(str);
+    filename = DetectLoadCompleteSigPath(de_ctx, str);
     if (filename == NULL) {
         goto error;
     }
@@ -309,7 +309,7 @@ static int DetectFileMd5Setup (DetectEngineCtx *de_ctx, Signature *s, char *str)
     DetectFileMd5Data *filemd5 = NULL;
     SigMatch *sm = NULL;
 
-    filemd5 = DetectFileMd5Parse(str);
+    filemd5 = DetectFileMd5Parse(de_ctx, str);
     if (filemd5 == NULL)
         goto error;
 

diff --git a/src/detect-lua.c b/src/detect-lua.c
index 8d2b35abe4fb22c733c917811d0357996a84745f..8a957ccac901ce34307a7d23144e4bbd77c7a964 100644 (file)
--- a/src/detect-lua.c
+++ b/src/detect-lua.c
@@ -713,7 +713,7 @@ static void DetectLuaThreadFree(void *ctx)
  * \retval luajit pointer to DetectLuaData on success
  * \retval NULL on failure
  */
-static DetectLuaData *DetectLuaParse (char *str)
+static DetectLuaData *DetectLuaParse (const DetectEngineCtx *de_ctx, char *str)
 {
     DetectLuaData *luajit = NULL;
 
@@ -730,7 +730,7 @@ static DetectLuaData *DetectLuaParse (char *str)
     }
 
     /* get full filename */
-    luajit->filename = DetectLoadCompleteSigPath(str);
+    luajit->filename = DetectLoadCompleteSigPath(de_ctx, str);
     if (luajit->filename == NULL) {
         goto error;
     }
@@ -987,7 +987,7 @@ static int DetectLuaSetup (DetectEngineCtx *de_ctx, Signature *s, char *str)
     DetectLuaData *luajit = NULL;
     SigMatch *sm = NULL;
 
-    luajit = DetectLuaParse(str);
+    luajit = DetectLuaParse(de_ctx, str);
     if (luajit == NULL)
         goto error;
 

diff --git a/src/detect.c b/src/detect.c
index 2d5ff982242502b9e8800ad2fd822ab9edec31c5..53953d4f2a9be970f167af68377449a60097bab6 100644 (file)
--- a/src/detect.c
+++ b/src/detect.c
@@ -239,14 +239,20 @@ void DetectExitPrintStats(ThreadVars *tv, void *data)
  *  \param sig_file The name of the file
  *  \retval str Pointer to the string path + sig_file
  */
-char *DetectLoadCompleteSigPath(char *sig_file)
+char *DetectLoadCompleteSigPath(const DetectEngineCtx *de_ctx, char *sig_file)
 {
     char *defaultpath = NULL;
     char *path = NULL;
+    char varname[128] = "default-rule-path";
+
+    if (strlen(de_ctx->config_prefix) > 0) {
+        snprintf(varname, sizeof(varname), "%s.default-rule-path",
+                de_ctx->config_prefix);
+    }
 
     /* Path not specified */
     if (PathIsRelative(sig_file)) {
-        if (ConfGet("default-rule-path", &defaultpath) == 1) {
+        if (ConfGet(varname, &defaultpath) == 1) {
             SCLogDebug("Default path: %s", defaultpath);
             size_t path_len = sizeof(char) * (strlen(defaultpath) +
                           strlen(sig_file) + 2);
@@ -396,6 +402,13 @@ int SigLoadSignatures(DetectEngineCtx *de_ctx, char *sig_file, int sig_file_excl
     int goodtotal = 0;
     int badtotal = 0;
 
+    char varname[128] = "rule-files";
+
+    if (strlen(de_ctx->config_prefix) > 0) {
+        snprintf(varname, sizeof(varname), "%s.rule-files",
+                de_ctx->config_prefix);
+    }
+
     if (RunmodeGetCurrent() == RUNMODE_ENGINE_ANALYSIS) {
         fp_engine_analysis_set = SetupFPAnalyzer();
         rule_engine_analysis_set = SetupRuleAnalyzer();
@@ -403,7 +416,7 @@ int SigLoadSignatures(DetectEngineCtx *de_ctx, char *sig_file, int sig_file_excl
 
     /* ok, let's load signature files from the general config */
     if (!(sig_file != NULL && sig_file_exclusive == TRUE)) {
-        rule_files = ConfGetNode("rule-files");
+        rule_files = ConfGetNode(varname);
         if (rule_files != NULL) {
             if (!ConfNodeIsSequence(rule_files)) {
                 SCLogWarning(SC_ERR_INVALID_ARGUMENT,
@@ -412,7 +425,7 @@ int SigLoadSignatures(DetectEngineCtx *de_ctx, char *sig_file, int sig_file_excl
             }
             else {
                 TAILQ_FOREACH(file, &rule_files->head, next) {
-                    sfile = DetectLoadCompleteSigPath(file->val);
+                    sfile = DetectLoadCompleteSigPath(de_ctx, file->val);
                     SCLogDebug("Loading rule file: %s", sfile);
 
                     cntf++;

diff --git a/src/detect.h b/src/detect.h
index 5d87616137ec2d70d5648aa3508c85b2e6683e70..973f7f87cf50c8475dab4f2fdb87c7277527c7ea 100644 (file)
--- a/src/detect.h
+++ b/src/detect.h
@@ -732,6 +732,8 @@ typedef struct DetectEngineCtx_ {
     struct SCProfileKeywordDetectCtx_ *profile_keyword_ctx_per_list[DETECT_SM_LIST_MAX];
 #endif
 
+    char config_prefix[64];
+
     /** minimal: essentially a stub */
     int minimal;
 
@@ -1202,7 +1204,7 @@ int SigGroupBuild(DetectEngineCtx *);
 int SigGroupCleanup (DetectEngineCtx *de_ctx);
 void SigAddressPrepareBidirectionals (DetectEngineCtx *);
 
-char *DetectLoadCompleteSigPath(char *sig_file);
+char *DetectLoadCompleteSigPath(const DetectEngineCtx *, char *sig_file);
 int SigLoadSignatures (DetectEngineCtx *, char *, int);
 void SigTableList(const char *keyword);
 void SigTableSetup(void);