datasets: add 'dataset-remove' unix command

author Victor Julien <victor@inliniac.net>

Tue, 14 Apr 2020 12:21:31 +0000 (14:21 +0200)

committer Victor Julien <victor@inliniac.net>

Mon, 20 Apr 2020 11:57:28 +0000 (13:57 +0200)
author Victor Julien <victor@inliniac.net>
Tue, 14 Apr 2020 12:21:31 +0000 (14:21 +0200)
committer Victor Julien <victor@inliniac.net>
Mon, 20 Apr 2020 11:57:28 +0000 (13:57 +0200)
diff --git a/python/suricata/sc/specs.py b/python/suricata/sc/specs.py

index 269434d826519be33a8af45a35ddeb83739be7e4..9b42074169a44449c91efed31a7f5dac82683f97 100644 (file)
--- a/python/suricata/sc/specs.py
+++ b/python/suricata/sc/specs.py
@@ -180,4 +180,18 @@ argsd = {
              "required": 1,
          },
      ],
+    "dataset-remove": [
+        {
+            "name": "setname",
+            "required": 1,
+        },
+        {
+            "name": "settype",
+            "required": 1,
+        },
+        {
+            "name": "datavalue",
+            "required": 1,
+        },
+    ],
      }
diff --git a/python/suricata/sc/suricatasc.py b/python/suricata/sc/suricatasc.py

index 8381aa7ddae9c4128579b16c76c3530ee222c353..b5a8f4a3466e3968a8583fc7d8657cec36c0e70a 100644 (file)
--- a/python/suricata/sc/suricatasc.py
+++ b/python/suricata/sc/suricatasc.py
@@ -106,6 +106,7 @@ class SuricataSC:
                  "memcap-set",
                  "memcap-show",
                  "dataset-add",
+                "dataset-remove",
                  ]
          self.cmd_list = self.basic_commands + self.fn_commands
          self.sck_path = sck_path
diff --git a/src/runmode-unix-socket.c b/src/runmode-unix-socket.c

index 355d1305f45e60cf3b9c485b72fd8b67864ef4ae..656ebc1474405a9f6ce7d06e67f8e6d032b35542 100644 (file)
--- a/src/runmode-unix-socket.c
+++ b/src/runmode-unix-socket.c
@@ -691,6 +691,59 @@ TmEcode UnixSocketDatasetAdd(json_t *cmd, json_t* answer, void *data)
      }
  }
  
+TmEcode UnixSocketDatasetRemove(json_t *cmd, json_t* answer, void *data)
+{
+    /* 1 get dataset name */
+    json_t *narg = json_object_get(cmd, "setname");
+    if (!json_is_string(narg)) {
+        json_object_set_new(answer, "message", json_string("setname is not a string"));
+        return TM_ECODE_FAILED;
+    }
+    const char *set_name = json_string_value(narg);
+
+    /* 2 get the data type */
+    json_t *targ = json_object_get(cmd, "settype");
+    if (!json_is_string(targ)) {
+        json_object_set_new(answer, "message", json_string("settype is not a string"));
+        return TM_ECODE_FAILED;
+    }
+    const char *type = json_string_value(targ);
+
+    /* 3 get value */
+    json_t *varg = json_object_get(cmd, "datavalue");
+    if (!json_is_string(varg)) {
+        json_object_set_new(answer, "message", json_string("datavalue is not string"));
+        return TM_ECODE_FAILED;
+    }
+    const char *value = json_string_value(varg);
+
+    SCLogDebug("dataset-remove: %s type %s value %s", set_name, type, value);
+
+    enum DatasetTypes t = DatasetGetTypeFromString(type);
+    if (t == DATASET_TYPE_NOTSET) {
+        json_object_set_new(answer, "message", json_string("unknown settype"));
+        return TM_ECODE_FAILED;
+    }
+
+    Dataset *set = DatasetFind(set_name, t);
+    if (set == NULL) {
+        json_object_set_new(answer, "message", json_string("set not found or wrong type"));
+        return TM_ECODE_FAILED;
+    }
+
+    int r = DatasetRemoveSerialized(set, value);
+    if (r == 1) {
+        json_object_set_new(answer, "message", json_string("data removed"));
+        return TM_ECODE_OK;
+    } else if (r == 0) {
+        json_object_set_new(answer, "message", json_string("data is busy, try again"));
+        return TM_ECODE_OK;
+    } else {
+        json_object_set_new(answer, "message", json_string("failed to remove data"));
+        return TM_ECODE_FAILED;
+    }
+}
+
  /**
   * \brief Command to add a tenant handler
   *
diff --git a/src/runmode-unix-socket.h b/src/runmode-unix-socket.h

index 630246996c69f900598dfdc6f2672d69a2fcaf09..fc8ff8a3c83ef258ca7911f8d31b94f231a4766b 100644 (file)
--- a/src/runmode-unix-socket.h
+++ b/src/runmode-unix-socket.h
@@ -32,6 +32,7 @@ TmEcode UnixSocketPcapFile(TmEcode tm, struct timespec *last_processed);
  
  #ifdef BUILD_UNIX_SOCKET
  TmEcode UnixSocketDatasetAdd(json_t *cmd, json_t* answer, void *data);
+TmEcode UnixSocketDatasetRemove(json_t *cmd, json_t* answer, void *data);
  TmEcode UnixSocketRegisterTenantHandler(json_t *cmd, json_t* answer, void *data);
  TmEcode UnixSocketUnregisterTenantHandler(json_t *cmd, json_t* answer, void *data);
  TmEcode UnixSocketRegisterTenant(json_t *cmd, json_t* answer, void *data);
diff --git a/src/unix-manager.c b/src/unix-manager.c

index 6de2ecd14254728fc3d4b3f85912ccaedda61dad..bfa394b7a6736f3e0e1aca0533c2acf55b19b4db 100644 (file)
--- a/src/unix-manager.c
+++ b/src/unix-manager.c
@@ -1083,6 +1083,7 @@ int UnixManagerInit(void)
      UnixManagerRegisterCommand("memcap-list", UnixSocketShowAllMemcap, NULL, 0);
  
      UnixManagerRegisterCommand("dataset-add", UnixSocketDatasetAdd, &command, UNIX_CMD_TAKE_ARGS);
+    UnixManagerRegisterCommand("dataset-remove", UnixSocketDatasetRemove, &command, UNIX_CMD_TAKE_ARGS);
  
      return 0;
  }
author	Victor Julien <victor@inliniac.net>
	Tue, 14 Apr 2020 12:21:31 +0000 (14:21 +0200)
committer	Victor Julien <victor@inliniac.net>
	Mon, 20 Apr 2020 11:57:28 +0000 (13:57 +0200)
python/suricata/sc/specs.py		patch \| blob \| blame \| history
python/suricata/sc/suricatasc.py		patch \| blob \| blame \| history
src/runmode-unix-socket.c		patch \| blob \| blame \| history
src/runmode-unix-socket.h		patch \| blob \| blame \| history
src/unix-manager.c		patch \| blob \| blame \| history