Pull request #4062: appid: Lua log function with appiddebug check

author Oleksandr Stepanov -X (ostepano - SOFTSERVE INC at Cisco) <ostepano@cisco.com>

Wed, 25 Oct 2023 18:50:43 +0000 (18:50 +0000)

committer Chris Sherwin (chsherwi) <chsherwi@cisco.com>

Wed, 25 Oct 2023 18:50:43 +0000 (18:50 +0000)
author Oleksandr Stepanov -X (ostepano - SOFTSERVE INC at Cisco) <ostepano@cisco.com>
Wed, 25 Oct 2023 18:50:43 +0000 (18:50 +0000)
committer Chris Sherwin (chsherwi) <chsherwi@cisco.com>
Wed, 25 Oct 2023 18:50:43 +0000 (18:50 +0000)
diff --git a/src/network_inspectors/appid/appid_config.cc b/src/network_inspectors/appid/appid_config.cc

index f34d307897292fc5eb11f508dbe66bf76d89267a..0a0e16a5b47062668b302097c0e395e2e989a96f 100644 (file)
--- a/src/network_inspectors/appid/appid_config.cc
+++ b/src/network_inspectors/appid/appid_config.cc
@@ -97,17 +97,17 @@ void AppIdConfig::show() const
  
  void AppIdContext::pterm()
  {
-    if (odp_ctxt)
-    {
-        odp_ctxt->get_app_info_mgr().cleanup_appid_info_table();
-        delete odp_ctxt;
-    }
-
      if (odp_thread_local_ctxt)
      {
          delete odp_thread_local_ctxt;
          odp_thread_local_ctxt = nullptr;
      }
+
+    if (odp_ctxt)
+    {
+        odp_ctxt->get_app_info_mgr().cleanup_appid_info_table();
+        delete odp_ctxt;
+    }
  }
  
  bool AppIdContext::init_appid(SnortConfig* sc, AppIdInspector& inspector)
@@ -126,6 +126,12 @@ bool AppIdContext::init_appid(SnortConfig* sc, AppIdInspector& inspector)
          odp_ctxt->get_service_disco_mgr().initialize(inspector);
          odp_ctxt->set_client_and_service_detectors();
  
+        if (!appidDebug)
+        {
+            appidDebug = new AppIdDebug();
+            appidDebug->set_enabled(config.log_all_sessions);
+        }
+
          odp_thread_local_ctxt->initialize(sc, *this, true);
          odp_ctxt->initialize(inspector);
  
diff --git a/src/network_inspectors/appid/appid_inspector.cc b/src/network_inspectors/appid/appid_inspector.cc

index 59b0fb1566cbda17b0a4415fc3ed52db458d6a1a..3d547ba41fbdee8fd74bfd32b8528e2ddbfe3089 100644 (file)
--- a/src/network_inspectors/appid/appid_inspector.cc
+++ b/src/network_inspectors/appid/appid_inspector.cc
@@ -269,7 +269,8 @@ static void appid_inspector_pterm()
  static void appid_inspector_tinit()
  {
      AppIdPegCounts::init_pegs();
-    appidDebug = new AppIdDebug();
+    if (!appidDebug)
+        appidDebug = new AppIdDebug();
  }
  
  static void appid_inspector_tterm()
@@ -279,6 +280,7 @@ static void appid_inspector_tterm()
      AppIdPegCounts::cleanup_pegs();
      AppIdServiceState::clean();
      delete appidDebug;
+    appidDebug = nullptr;
  }
  
  static Inspector* appid_inspector_ctor(Module* m)
diff --git a/src/network_inspectors/appid/lua_detector_api.cc b/src/network_inspectors/appid/lua_detector_api.cc

index 355bad87a41fdb814e93f0a1e3760b50d2258e7e..a73f489d630a2415bfe5361a922db9e25972c15f 100644 (file)
--- a/src/network_inspectors/appid/lua_detector_api.cc
+++ b/src/network_inspectors/appid/lua_detector_api.cc
@@ -348,6 +348,45 @@ static int detector_log_message(lua_State* L)
      return 0;
  }
  
+static int detector_log_snort_message(lua_State* L)
+{
+    const auto& name = (*UserData<LuaObject>::check(L, DETECTOR, 1))->get_detector()->get_name();
+
+    unsigned int level = lua_tonumber(L, 2);
+    const char* message = lua_tostring(L, 3);
+
+    switch (level)
+    {
+    case LUA_LOG_CRITICAL:
+        appid_log(nullptr, TRACE_CRITICAL_LEVEL, "%s:%s\n", name.c_str(), message);
+        break;
+
+    case LUA_LOG_ERR:
+        appid_log(nullptr, TRACE_ERROR_LEVEL, "%s:%s\n", name.c_str(), message);
+        break;
+
+    case LUA_LOG_WARN:
+        appid_log(nullptr, TRACE_WARNING_LEVEL, "%s:%s\n", name.c_str(), message);
+        break;
+
+    case LUA_LOG_NOTICE:
+    case LUA_LOG_INFO:
+        if ( !appidDebug or !appidDebug->is_enabled() )
+            return 0;
+        appid_log(nullptr, TRACE_INFO_LEVEL, "AppIdDbg %s:%s\n", name.c_str(), message);
+        break;
+
+    case LUA_LOG_TRACE:
+        appid_log(init(L) ? nullptr : CURRENT_PACKET, TRACE_DEBUG_LEVEL, "%s:%s\n", name.c_str(), message);
+        break;
+
+    default:
+        break;
+    }
+
+    return 0;
+}
+
  /** Add a netbios domain
   *  lua params:
   *    1 - the netbios domain
@@ -3158,6 +3197,7 @@ static const luaL_Reg detector_methods[] =
      { "htons",                    detector_htons },
      { "htonl",                    detector_htonl },
      { "log",                      detector_log_message },
+    { "cLog",                     detector_log_snort_message},
      { "addHttpPattern",           detector_add_http_pattern },
      { "addAppUrl",                detector_add_url_application },
      { "addRTMPUrl",               detector_add_rtmp_url },
author	Oleksandr Stepanov -X (ostepano - SOFTSERVE INC at Cisco) <ostepano@cisco.com>
	Wed, 25 Oct 2023 18:50:43 +0000 (18:50 +0000)
committer	Chris Sherwin (chsherwi) <chsherwi@cisco.com>
	Wed, 25 Oct 2023 18:50:43 +0000 (18:50 +0000)
src/network_inspectors/appid/appid_config.cc		patch \| blob \| blame \| history
src/network_inspectors/appid/appid_inspector.cc		patch \| blob \| blame \| history
src/network_inspectors/appid/lua_detector_api.cc		patch \| blob \| blame \| history