Merge pull request #1133 in SNORT/snort3 from snort_namespace to master

Squashed commit of the following:

commit 4ec0021598a62a6aa193ea9d1d7159e62a5123a6
Author: davis mcpherson <davmcphe.cisco.com>
Date:   Mon Mar 5 14:53:32 2018 -0500

    snort: wrap snort SO_PUBLIC APIs (classes, functions exported public from snort) in the 'snort' namespace

diff --git a/extra/src/codecs/cd_eapol/cd_eapol.cc b/extra/src/codecs/cd_eapol/cd_eapol.cc
index 7cca1b7f01af484ab1d3cee4a35aa69c8849bbe7..4ad67ca2d2d72842029e65868071db88877949c8 100644 (file)
--- a/extra/src/codecs/cd_eapol/cd_eapol.cc
+++ b/extra/src/codecs/cd_eapol/cd_eapol.cc
@@ -24,6 +24,8 @@
 #define CD_EAPOL_NAME "eapol"
 #define CD_EAPOL_HELP "support for extensible authentication protocol over LAN"
 
+using namespace snort;
+
 namespace
 {
 static const RuleMap eapol_rules[] =

diff --git a/extra/src/codecs/cd_linux_sll/cd_linux_sll.cc b/extra/src/codecs/cd_linux_sll/cd_linux_sll.cc
index acc717aa3cb3d3a820b2d77afe4e146acd257bbb..88f359be03a5e3cf88edcf2c3aca4c40d52ca7c1 100644 (file)
--- a/extra/src/codecs/cd_linux_sll/cd_linux_sll.cc
+++ b/extra/src/codecs/cd_linux_sll/cd_linux_sll.cc
@@ -26,6 +26,8 @@
 #define CD_LINUX_SLL_HELP_STR "support for Linux SLL"
 #define CD_LINUX_SLL_HELP ADD_DLT(CD_LINUX_SLL_HELP_STR, DLT_LINUX_SLL)
 
+using namespace snort;
+
 namespace
 {
 class LinuxSllCodec : public Codec

diff --git a/extra/src/codecs/cd_null/cd_null.cc b/extra/src/codecs/cd_null/cd_null.cc
index 8ffc4349eb2d168a552ccc7581a9f32e50191d4b..001ad3e75a7c56f553523b114c46fbb58c1fa0e8 100644 (file)
--- a/extra/src/codecs/cd_null/cd_null.cc
+++ b/extra/src/codecs/cd_null/cd_null.cc
@@ -25,6 +25,8 @@
 #define CD_NULL_HELP_STR "support for null encapsulation"
 #define CD_NULL_HELP ADD_DLT(CD_NULL_HELP_STR, DLT_NULL)
 
+using namespace snort;
+
 namespace
 {
 class NullCodec : public Codec

diff --git a/extra/src/codecs/cd_pbb/cd_pbb.cc b/extra/src/codecs/cd_pbb/cd_pbb.cc
index 7412325e4072e68eefdabef1c92db38e172b083f..c9f7143ca18a6eb7e58bd7c5a41979d5e1415e0f 100644 (file)
--- a/extra/src/codecs/cd_pbb/cd_pbb.cc
+++ b/extra/src/codecs/cd_pbb/cd_pbb.cc
@@ -30,6 +30,8 @@
 #include "main/snort_config.h"
 #include "protocols/packet_manager.h"
 
+using namespace snort;
+
 #define CD_PBB_NAME "pbb"
 #define CD_PBB_HELP "support for 802.1ah protocol"
 

diff --git a/extra/src/codecs/cd_pflog/cd_pflog.cc b/extra/src/codecs/cd_pflog/cd_pflog.cc
index 1cae4319fd990bc27a0e5cce78fb358170ed59c0..926e8356cc148eab8ddc0f4d7b337c0abb4f5750 100644 (file)
--- a/extra/src/codecs/cd_pflog/cd_pflog.cc
+++ b/extra/src/codecs/cd_pflog/cd_pflog.cc
@@ -22,6 +22,8 @@
 
 #include "framework/codec.h"
 
+using namespace snort;
+
 #define PFLOG_NAME "pflog"
 #define PFLOG_HELP_STR "support for OpenBSD PF log"
 

diff --git a/extra/src/codecs/cd_ppp/cd_ppp.cc b/extra/src/codecs/cd_ppp/cd_ppp.cc
index c253b39ed8e6e06967287ae51931bd045bab63c3..8098d7072f0f39339baeb97d2a1985b4268a4c15 100644 (file)
--- a/extra/src/codecs/cd_ppp/cd_ppp.cc
+++ b/extra/src/codecs/cd_ppp/cd_ppp.cc
@@ -21,6 +21,8 @@
 
 #include "framework/codec.h"
 
+using namespace snort;
+
 #define PPP_NAME "ppp"
 #define PPP_HELP_STR "support for point-to-point encapsulation"
 #define PPP_HELP ADD_DLT(PPP_HELP_STR, DLT_PPP)

diff --git a/extra/src/codecs/cd_raw4/cd_raw4.cc b/extra/src/codecs/cd_raw4/cd_raw4.cc
index 050c447af2fb052d15edfe4cb5e0d4e7c4aff588..d996cf73a0ae2c3afd402530fece33b915bc1ecd 100644 (file)
--- a/extra/src/codecs/cd_raw4/cd_raw4.cc
+++ b/extra/src/codecs/cd_raw4/cd_raw4.cc
@@ -21,6 +21,8 @@
 
 #include "framework/codec.h"
 
+using namespace snort;
+
 #define CD_RAW4_NAME "raw4"
 #define CD_RAW4_HELP_STR "support for unencapsulated IPv4"
 #define CD_RAW4_HELP ADD_DLT(ADD_DLT(CD_RAW4_HELP_STR, DLT_RAW), DLT_IPV4)

diff --git a/extra/src/codecs/cd_raw6/cd_raw6.cc b/extra/src/codecs/cd_raw6/cd_raw6.cc
index 7157896e5082073c026e318d35ef06650fde796d..cca2454196dd2cf7539f2c27f2128cf8af62f22f 100644 (file)
--- a/extra/src/codecs/cd_raw6/cd_raw6.cc
+++ b/extra/src/codecs/cd_raw6/cd_raw6.cc
@@ -21,6 +21,8 @@
 
 #include "framework/codec.h"
 
+using namespace snort;
+
 #define CD_RAW6_NAME "raw6"
 #define CD_RAW6_HELP_STR "support for unencapsulated IPv6"
 #define CD_RAW6_HELP ADD_DLT(CD_RAW6_HELP_STR, DLT_IPV6)

diff --git a/extra/src/codecs/cd_slip/cd_slip.cc b/extra/src/codecs/cd_slip/cd_slip.cc
index 69956a436114b8173d3da0b6afa7f3015ce71b8e..ed4b013fcdb733effa4ffeec14e6bd99b32c9f7b 100644 (file)
--- a/extra/src/codecs/cd_slip/cd_slip.cc
+++ b/extra/src/codecs/cd_slip/cd_slip.cc
@@ -21,6 +21,8 @@
 
 #include "framework/codec.h"
 
+using namespace snort;
+
 #define CD_SLIP_NAME "slip"
 #define CD_SLIP_HELP_STR "support for slip protocol"
 #define CD_SLIP_HELP ADD_DLT(CD_SLIP_HELP_STR, DLT_SLIP)

diff --git a/extra/src/codecs/cd_token_ring/cd_token_ring.cc b/extra/src/codecs/cd_token_ring/cd_token_ring.cc
index 5b7048386003a71159e2a79d3a08feb6e7149fa6..e9b99fb69191fe153a5097db383394ec237f52f6 100644 (file)
--- a/extra/src/codecs/cd_token_ring/cd_token_ring.cc
+++ b/extra/src/codecs/cd_token_ring/cd_token_ring.cc
@@ -25,6 +25,8 @@
 #include "framework/codec.h"
 #include "protocols/token_ring.h"
 
+using namespace snort;
+
 namespace
 {
 #define TR_NAME "token_ring"

diff --git a/extra/src/codecs/cd_wlan/cd_wlan.cc b/extra/src/codecs/cd_wlan/cd_wlan.cc
index 3a7879d3000256da149b3fe5945df10d29dbe06c..d70e912b3b7d1cabebe6397ebc34619a0e66767a 100644 (file)
--- a/extra/src/codecs/cd_wlan/cd_wlan.cc
+++ b/extra/src/codecs/cd_wlan/cd_wlan.cc
@@ -25,6 +25,8 @@
 #include "log/text_log.h"
 #include "protocols/wlan.h"
 
+using namespace snort;
+
 #define CD_WLAN_NAME "wlan"
 #define CD_WLAN_HELP_STR "support for wireless local area network protocol"
 #define CD_WLAN_HELP ADD_DLT(CD_WLAN_HELP_STR, DLT_IEEE802_11)

diff --git a/extra/src/inspectors/data_log/data_log.cc b/extra/src/inspectors/data_log/data_log.cc
index caf6a39b2c3d3e1318c404112b40ddac9cd6c20e..f5944dfd0c19f81f68a25f45347b93087e1b694d 100644 (file)
--- a/extra/src/inspectors/data_log/data_log.cc
+++ b/extra/src/inspectors/data_log/data_log.cc
@@ -28,6 +28,8 @@
 #include "pub_sub/http_events.h"
 #include "time/packet_time.h"
 
+using namespace snort;
+
 static const char* s_name = "data_log";
 static const char* s_help = "log selected published data to data.log";
 

diff --git a/extra/src/inspectors/dpx/dpx.cc b/extra/src/inspectors/dpx/dpx.cc
index ca82b1f105249cb1d97f52e98f86d0d36ae36b27..028cc2fbd0fefd9a928db0f73ac0ae5a7c5fb048 100644 (file)
--- a/extra/src/inspectors/dpx/dpx.cc
+++ b/extra/src/inspectors/dpx/dpx.cc
@@ -25,6 +25,8 @@
 #include "profiler/profiler.h"
 #include "protocols/packet.h"
 
+using namespace snort;
+
 #define DPX_GID 256
 #define DPX_SID 1
 

diff --git a/extra/src/inspectors/reg_test/reg_test.cc b/extra/src/inspectors/reg_test/reg_test.cc
index 941435e1cae207f8dcb8fc3a9076cfc6238c3953..14a8d59b72b8e202579f51a18089896ee16b2439 100644 (file)
--- a/extra/src/inspectors/reg_test/reg_test.cc
+++ b/extra/src/inspectors/reg_test/reg_test.cc
@@ -30,6 +30,8 @@
 #include "time/packet_time.h"
 #include "utils/util_cstring.h"
 
+using namespace snort;
+
 static const char* s_name = "reg_test";
 static const char* s_help = "The regression test inspector (rti) is used when special packet handling is required for a reg test";
 

diff --git a/extra/src/ips_options/ips_mss/ips_mss.cc b/extra/src/ips_options/ips_mss/ips_mss.cc
index 50e1b2bb26e985199a36e301a144a46b727ba439..12d0cd1918582e9b02c57ee2879c91ce143c94b6 100644 (file)
--- a/extra/src/ips_options/ips_mss/ips_mss.cc
+++ b/extra/src/ips_options/ips_mss/ips_mss.cc
@@ -27,6 +27,8 @@
 #include "protocols/tcp.h"
 #include "protocols/tcp_options.h"
 
+using namespace snort;
+
 static const char* s_name = "mss";
 static const char* s_help = "detection for TCP maximum segment size";
 

diff --git a/extra/src/ips_options/ips_pkt_num/ips_pkt_num.cc b/extra/src/ips_options/ips_pkt_num/ips_pkt_num.cc
index 3074ba2798ec23022df3c608e91832d48f62fea7..5c5b179d79e81c76598398ae24962808a42cdc5e 100644 (file)
--- a/extra/src/ips_options/ips_pkt_num/ips_pkt_num.cc
+++ b/extra/src/ips_options/ips_pkt_num/ips_pkt_num.cc
@@ -25,6 +25,8 @@
 #include "hash/hashfcn.h"
 #include "profiler/profiler.h"
 
+using namespace snort;
+
 static const char* s_name = "pkt_num";
 static const char* s_help = "alert on raw packet number";
 

diff --git a/extra/src/ips_options/ips_urg/ips_urg.cc b/extra/src/ips_options/ips_urg/ips_urg.cc
index 8108c7ba223baa0caa95e1906384fe00c7cec1e3..65235a8c45cfb37c92d1144f0e85b81141bacbd6 100644 (file)
--- a/extra/src/ips_options/ips_urg/ips_urg.cc
+++ b/extra/src/ips_options/ips_urg/ips_urg.cc
@@ -26,6 +26,8 @@
 #include "protocols/packet.h"
 #include "protocols/tcp.h"
 
+using namespace snort;
+
 static const char* s_name = "urg";
 static const char* s_help = "detection for TCP urgent pointer";
 

diff --git a/extra/src/ips_options/ips_wscale/ips_wscale.cc b/extra/src/ips_options/ips_wscale/ips_wscale.cc
index 7944fdb8d5e42317a9fb9ecf8a6aa5cd11afb96d..c0ed74fb5d74eda4e86333a703af6684d2dafb29 100644 (file)
--- a/extra/src/ips_options/ips_wscale/ips_wscale.cc
+++ b/extra/src/ips_options/ips_wscale/ips_wscale.cc
@@ -27,6 +27,8 @@
 #include "protocols/tcp.h"
 #include "protocols/tcp_options.h"
 
+using namespace snort;
+
 static const char* s_name = "wscale";
 static const char* s_help = "detection for TCP window scale";
 

diff --git a/extra/src/loggers/alert_ex/alert_ex.cc b/extra/src/loggers/alert_ex/alert_ex.cc
index 10a855ee7f52f175cabac26ba3ccb3102e74c8b1..613cb6da9576694829d1f833467e988a49457ea6 100644 (file)
--- a/extra/src/loggers/alert_ex/alert_ex.cc
+++ b/extra/src/loggers/alert_ex/alert_ex.cc
@@ -26,6 +26,7 @@
 #include "framework/logger.h"
 #include "framework/module.h"
 
+using namespace snort;
 using namespace std;
 
 static const char* s_name = "alert_ex";

diff --git a/extra/src/loggers/alert_json/alert_json.cc b/extra/src/loggers/alert_json/alert_json.cc
index 9ac71497792b7a06c754dc7f7d2d9fd898b83811..e247b4eac4e8dd083f6a7d56e9c502a477027b25 100644 (file)
--- a/extra/src/loggers/alert_json/alert_json.cc
+++ b/extra/src/loggers/alert_json/alert_json.cc
@@ -49,6 +49,7 @@
 #include "protocols/vlan.h"
 #include "utils/stats.h"
 
+using namespace snort;
 using namespace std;
 
 #define LOG_BUFFER (4*K_BYTES)

diff --git a/extra/src/loggers/alert_unixsock/alert_unixsock.cc b/extra/src/loggers/alert_unixsock/alert_unixsock.cc
index 461d9bc05a07111f2b9faf8401c90986e6ebd68e..fd93325aedf75de5de808718b6f64c8849b16d13 100644 (file)
--- a/extra/src/loggers/alert_unixsock/alert_unixsock.cc
+++ b/extra/src/loggers/alert_unixsock/alert_unixsock.cc
@@ -29,6 +29,8 @@
 #include "protocols/packet.h"
 #include "utils/util.h"
 
+using namespace snort;
+
 #define UNSOCK_FILE "snort_alert"
 
 /* this is equivalent to the 32-bit pcap pkthdr struct

diff --git a/extra/src/loggers/log_null/log_null.cc b/extra/src/loggers/log_null/log_null.cc
index 066cd9889b9a9708933b2e7bdf8ce0a34122df2b..ba090701057ec6803ea0910d949ad09343fedf9c 100644 (file)
--- a/extra/src/loggers/log_null/log_null.cc
+++ b/extra/src/loggers/log_null/log_null.cc
@@ -26,6 +26,8 @@
 #include "framework/logger.h"
 #include "framework/module.h"
 
+using namespace snort;
+
 #define s_name "log_null"
 #define s_help "disable logging of packets"
 

diff --git a/extra/src/search_engines/lowmem/lowmem.cc b/extra/src/search_engines/lowmem/lowmem.cc
index bf29646fc629199718c9438341bd6fa92070de54..ab656ae24949e5c5d966ad14eb5052b14599d8c0 100644 (file)
--- a/extra/src/search_engines/lowmem/lowmem.cc
+++ b/extra/src/search_engines/lowmem/lowmem.cc
@@ -33,6 +33,8 @@
 
 #include "sfksearch.h"
 
+using namespace snort;
+
 //-------------------------------------------------------------------------
 // "lowmem"
 //-------------------------------------------------------------------------

diff --git a/extra/src/search_engines/lowmem/sfksearch.cc b/extra/src/search_engines/lowmem/sfksearch.cc
index 219aee336425773c032a2733848bd523cd126bef..3dd25d83e4f8eaf470e33c63f14c749072458f33 100644 (file)
--- a/extra/src/search_engines/lowmem/sfksearch.cc
+++ b/extra/src/search_engines/lowmem/sfksearch.cc
@@ -422,7 +422,7 @@ static void Build_Bad_Character_Shifts(KTRIE_STRUCT* kt)
 }
 
 static int KTrieBuildMatchStateNode(
-    SnortConfig* sc, KTRIENODE* root, KTRIE_STRUCT* ts)
+    snort::SnortConfig* sc, KTRIENODE* root, KTRIE_STRUCT* ts)
 {
     int cnt = 0;
     KTRIEPATTERN* p;
@@ -470,7 +470,7 @@ static int KTrieBuildMatchStateNode(
     return cnt;
 }
 
-static int KTrieBuildMatchStateTrees(SnortConfig* sc, KTRIE_STRUCT* ts)
+static int KTrieBuildMatchStateTrees(snort::SnortConfig* sc, KTRIE_STRUCT* ts)
 {
     int cnt = 0;
 
@@ -522,7 +522,7 @@ static inline int _KTrieCompile(KTRIE_STRUCT* ts)
     return 0;
 }
 
-int KTrieCompile(SnortConfig* sc, KTRIE_STRUCT* ts)
+int KTrieCompile(snort::SnortConfig* sc, KTRIE_STRUCT* ts)
 {
     int rval;
 

diff --git a/extra/src/search_engines/lowmem/sfksearch.h b/extra/src/search_engines/lowmem/sfksearch.h
index 617030fff41b7c77da7ffab6dda4e7ef366dabff..7be57f797694a29548fa16425edd5bf4679f0a16 100644 (file)
--- a/extra/src/search_engines/lowmem/sfksearch.h
+++ b/extra/src/search_engines/lowmem/sfksearch.h
@@ -26,6 +26,11 @@
 #include <cstdint>
 #include "search_engines/search_common.h"
 
+namespace snort
+{
+struct SnortConfig;
+}
+
 struct KTRIEPATTERN
 {
     KTRIEPATTERN* next; /* global list of all patterns*/
@@ -81,7 +86,7 @@ int KTrieAddPattern(
     KTRIE_STRUCT*, const uint8_t* P, unsigned n,
     bool nocase, bool negative, void* id);
 
-int KTrieCompile(struct SnortConfig*, KTRIE_STRUCT*);
+int KTrieCompile(snort::SnortConfig*, KTRIE_STRUCT*);
 
 int KTrieSearch(KTRIE_STRUCT*, const uint8_t* T,  int n, MpseMatch, void* context);
 

diff --git a/extra/src/search_engines/lowmem/trie_api.cc b/extra/src/search_engines/lowmem/trie_api.cc
index ed7b44aea72c1721d35fb8b333c6e38ca928c27e..2d671cd7aee71c17b15ed7f7cd950ac9ad8c2015 100644 (file)
--- a/extra/src/search_engines/lowmem/trie_api.cc
+++ b/extra/src/search_engines/lowmem/trie_api.cc
@@ -21,9 +21,9 @@
 #include "framework/base_api.h"
 #include "main/snort_types.h"
 
-extern const BaseApi* se_lowmem;
+extern const snort::BaseApi* se_lowmem;
 
-SO_PUBLIC const BaseApi* snort_plugins[] =
+SO_PUBLIC const snort::BaseApi* snort_plugins[] =
 {
     se_lowmem,
     nullptr

diff --git a/extra/src/so_rules/sid_18758/sid_18758.cc b/extra/src/so_rules/sid_18758/sid_18758.cc
index 962e848e4a41ae1bcd7b28e90a5608d9a3bae856..8b3471951d68bac38513aeb05322e0ac7de4d7b6 100644 (file)
--- a/extra/src/so_rules/sid_18758/sid_18758.cc
+++ b/extra/src/so_rules/sid_18758/sid_18758.cc
@@ -21,6 +21,8 @@
 
 #include "framework/so_rule.h"
 
+using namespace snort;
+
 static IpsOption::EvalStatus eval(void*, Cursor&, Packet*)
 {
     return IpsOption::MATCH;

diff --git a/src/actions/act_react.cc b/src/actions/act_react.cc
index 7d9245cb34a8be3035e3ee5c75341f3cb377ac5e..10bda0f0719089306ea7d244db9482a4c96c97a0 100644 (file)
--- a/src/actions/act_react.cc
+++ b/src/actions/act_react.cc
@@ -55,6 +55,8 @@
 #include "utils/util.h"
 #include "utils/util_cstring.h"
 
+using namespace snort;
+
 #define s_name "react"
 
 #define s_help \

diff --git a/src/actions/act_reject.cc b/src/actions/act_reject.cc
index bad595fc49e424f70f5cee6815e77a71714d0cf3..652b9c0148349cb6ce24c01222af28af0e20dba1 100644 (file)
--- a/src/actions/act_reject.cc
+++ b/src/actions/act_reject.cc
@@ -53,6 +53,8 @@
 #include "packet_io/active.h"
 #include "profiler/profiler.h"
 
+using namespace snort;
+
 #define REJ_RST_SRC  0x01
 #define REJ_RST_DST  0x02
 #define REJ_UNR_NET  0x04
@@ -111,13 +113,13 @@ void RejectAction::send(Packet* p)
         Active::send_reset(p, ENC_FLAG_FWD);
 
     if ( flags & REJ_UNR_NET )
-        Active::send_unreach(p, UnreachResponse::NET);
+        Active::send_unreach(p, snort::UnreachResponse::NET);
 
     if ( flags & REJ_UNR_HOST )
-        Active::send_unreach(p, UnreachResponse::HOST);
+        Active::send_unreach(p, snort::UnreachResponse::HOST);
 
     if ( flags & REJ_UNR_PORT )
-        Active::send_unreach(p, UnreachResponse::PORT);
+        Active::send_unreach(p, snort::UnreachResponse::PORT);
 }
 
 //-------------------------------------------------------------------------

diff --git a/src/actions/act_replace.cc b/src/actions/act_replace.cc
index 57bdc1a507c1c4440dab36dd446eedd7d81871b9..0a41211d2c20189578fcd3b8173df58fb297b05b 100644 (file)
--- a/src/actions/act_replace.cc
+++ b/src/actions/act_replace.cc
@@ -28,6 +28,8 @@
 #include "packet_io/active.h"
 #include "protocols/packet.h"
 
+using namespace snort;
+
 #define s_name "rewrite"
 
 #define s_help \

diff --git a/src/actions/act_replace.h b/src/actions/act_replace.h
index f57d428b6600703f8f631fa33d2a29a7d97eefb2..5b5cd82d9fcb04c9d0ccee4332f174b2ab91e6ab 100644 (file)
--- a/src/actions/act_replace.h
+++ b/src/actions/act_replace.h
@@ -21,8 +21,6 @@
 
 #include <string>
 
-struct Packet;
-
 // FIXIT-M these prevent dynamic ips replace option and action
 void Replace_ResetQueue();
 void Replace_QueueChange(const std::string&, unsigned);

diff --git a/src/actions/actions.cc b/src/actions/actions.cc
index 6be845efe76999bf57dab0bf1bc8e576b15a7211..96fb7e78688771637cb727cdd3f3ac0968c331ee 100644 (file)
--- a/src/actions/actions.cc
+++ b/src/actions/actions.cc
@@ -28,6 +28,8 @@
 #include "parser/parser.h"
 #include "utils/stats.h"
 
+using namespace snort;
+
 static void pass()
 {
     pc.pass_pkts++;

diff --git a/src/actions/actions.h b/src/actions/actions.h
index 28fc910abe12e6637c02f2f59cc5615e92357698..c3dfff3d1c8e0ccd60a9c1dc255a4628999bfa03 100644 (file)
--- a/src/actions/actions.h
+++ b/src/actions/actions.h
@@ -25,9 +25,12 @@
 
 #include "main/snort_types.h"
 
-struct Packet;
 struct OptTreeNode;
 
+namespace snort
+{
+struct Packet;
+
 class SO_PUBLIC Actions
 {
 public:
@@ -46,5 +49,6 @@ public:
     static inline bool is_pass(Type a)
     { return ( a == PASS ); }
 };
+}
 #endif
 

diff --git a/src/actions/ips_actions.cc b/src/actions/ips_actions.cc
index 209e067507cb9741a9ab6c91683c084e085534b4..b3fdd82d4de9f58a9a243023359fe24ab7b6d88b 100644 (file)
--- a/src/actions/ips_actions.cc
+++ b/src/actions/ips_actions.cc
@@ -26,10 +26,10 @@
 #include "managers/plugin_manager.h"
 
 #ifdef STATIC_IPS_ACTIONS
-extern const BaseApi* act_react[];
-extern const BaseApi* act_reject[];
+extern const snort::BaseApi* act_react[];
+extern const snort::BaseApi* act_reject[];
 #endif
-extern const BaseApi* act_replace[];
+extern const snort::BaseApi* act_replace[];
 
 void load_actions()
 {

diff --git a/src/catch/snort_catch.h b/src/catch/snort_catch.h
index 7b5b3d8d8034bdd7d7c1b40b4b1ff3a91baae3a5..9ed75941d34337813185c9c5fa0d858f2b6e8fda 100644 (file)
--- a/src/catch/snort_catch.h
+++ b/src/catch/snort_catch.h
@@ -34,6 +34,8 @@
 
 #include "main/snort_types.h"
 
+namespace snort
+{
 class TestCaseInstaller
 {
 public:
@@ -57,10 +59,11 @@ public:
 */
 #define MAKE_SNORT_TEST_CASE(fun, ...) \
     static void fun(); \
-    static TestCaseInstaller INTERNAL_CATCH_UNIQUE_NAME(test_case_installer)(fun, __VA_ARGS__); \
+    static snort::TestCaseInstaller INTERNAL_CATCH_UNIQUE_NAME(test_case_installer)(fun, __VA_ARGS__); \
     static void fun()
 
 #undef TEST_CASE
 #define TEST_CASE(...) MAKE_SNORT_TEST_CASE(INTERNAL_CATCH_UNIQUE_NAME(snort_test), __VA_ARGS__)
+}
 
 #endif

diff --git a/src/catch/unit_test.cc b/src/catch/unit_test.cc
index 861a796b765d28980684ac595632b2bb947e22b0..6e541d24358ac9b49d594c746b8cc53ab8ab74f8 100644 (file)
--- a/src/catch/unit_test.cc
+++ b/src/catch/unit_test.cc
@@ -26,6 +26,8 @@
 #define CATCH_CONFIG_RUNNER
 #include "snort_catch.h"
 
+using namespace snort;
+
 static bool s_catch = false;
 static std::vector<std::string> test_tags;
 

diff --git a/src/codecs/codec_api.cc b/src/codecs/codec_api.cc
index f6b15059be96678a4c85fade15a899245739f58b..f4fcdf7157224380f3e3d13fb8e349c604c1921c 100644 (file)
--- a/src/codecs/codec_api.cc
+++ b/src/codecs/codec_api.cc
@@ -26,6 +26,8 @@
 #include "framework/codec.h"
 #include "managers/plugin_manager.h"
 
+using namespace snort;
+
 extern const BaseApi* cd_ipv4[];    // static due to dependence on fpdetect
 extern const BaseApi* cd_hopopts[]; // static to ensure the symbols CheckIPV6HopOptions
                                     // and CheckIPv6ExtensionOrder the final executable.

diff --git a/src/codecs/codec_module.cc b/src/codecs/codec_module.cc
index 65cb94e68c96a13982f462b6f173974486dd154e..80d18fa65b74b6b8bc6639c3beac8d871f789ffc 100644 (file)
--- a/src/codecs/codec_module.cc
+++ b/src/codecs/codec_module.cc
@@ -23,6 +23,8 @@
 
 #include "codecs/codec_module.h"
 
+using namespace snort;
+
 #define codec_module_help \
     "general decoder rules"
 

diff --git a/src/codecs/codec_module.h b/src/codecs/codec_module.h
index 9313df8fa568cb5c9c196768470a971a2c2aa20f..a49e7b966fa6f454c3291403859a7bbc52cf1ad8 100644 (file)
--- a/src/codecs/codec_module.h
+++ b/src/codecs/codec_module.h
@@ -26,6 +26,8 @@
 #include "framework/module.h"
 #include "main/snort_types.h"
 
+namespace snort
+{
 constexpr int GID_DECODE = 116;
 
 //-----------------------------------------------------
@@ -236,6 +238,6 @@ public:
     Usage get_usage() const override
     { return CONTEXT; }
 };
-
+}
 #endif
 

diff --git a/src/codecs/ip/cd_auth.cc b/src/codecs/ip/cd_auth.cc
index 82aefaf0066fb92f4e5e6dab41a55918c669d6e5..ac0ca99ff3d3ec840859a3c95239cdeb94d9c3d9 100644 (file)
--- a/src/codecs/ip/cd_auth.cc
+++ b/src/codecs/ip/cd_auth.cc
@@ -25,6 +25,8 @@
 #include "framework/codec.h"
 #include "main/snort_config.h"
 
+using namespace snort;
+
 #define CD_AUTH_NAME "auth"
 #define CD_AUTH_HELP "support for IP authentication header"
 

diff --git a/src/codecs/ip/cd_bad_proto.cc b/src/codecs/ip/cd_bad_proto.cc
index 21e6d265d8a550d01745b63c948f86ee60733699..731ebd434812f1e33f1521d76a28757f86736d04 100644 (file)
--- a/src/codecs/ip/cd_bad_proto.cc
+++ b/src/codecs/ip/cd_bad_proto.cc
@@ -24,6 +24,8 @@
 #include "codecs/codec_module.h"
 #include "framework/codec.h"
 
+using namespace snort;
+
 #define CD_BAD_PROTO_NAME "bad_proto"
 #define CD_BAD_PROTO_HELP "bad protocol id"
 

diff --git a/src/codecs/ip/cd_dst_opts.cc b/src/codecs/ip/cd_dst_opts.cc
index f1958e787dd93958f5151645def86057d4108198..6719e3a90a8d0b6893d98bffe9daeb83479f8a9b 100644 (file)
--- a/src/codecs/ip/cd_dst_opts.cc
+++ b/src/codecs/ip/cd_dst_opts.cc
@@ -25,6 +25,8 @@
 #include "framework/codec.h"
 #include "main/snort_config.h"
 
+using namespace snort;
+
 #define CD_DSTOPTS_NAME "ipv6_dst_opts"
 #define CD_DSTOPTS_HELP "support for ipv6 destination options"
 

diff --git a/src/codecs/ip/cd_esp.cc b/src/codecs/ip/cd_esp.cc
index 6e30cd89db47a4bb338363f37f63f847bfc5800e..f7f862d79ffafbbccff380b2d809b1c70a717902 100644 (file)
--- a/src/codecs/ip/cd_esp.cc
+++ b/src/codecs/ip/cd_esp.cc
@@ -26,6 +26,8 @@
 #include "framework/codec.h"
 #include "main/snort_config.h"
 
+using namespace snort;
+
 #define CD_ESP_NAME "esp"
 #define CD_ESP_HELP "support for encapsulating security payload"
 

diff --git a/src/codecs/ip/cd_frag.cc b/src/codecs/ip/cd_frag.cc
index 340f115c0a6edac6f4c71c60dff0e4ddf5ba2ba4..2383e6688a16c5019b73834d16734434605f3981 100644 (file)
--- a/src/codecs/ip/cd_frag.cc
+++ b/src/codecs/ip/cd_frag.cc
@@ -26,6 +26,8 @@
 #include "log/text_log.h"
 #include "main/snort_config.h"
 
+using namespace snort;
+
 #define CD_IPV6_FRAG_NAME "ipv6_frag"
 #define CD_IPV6_FRAG_HELP "support for IPv6 fragment decoding"
 

diff --git a/src/codecs/ip/cd_gre.cc b/src/codecs/ip/cd_gre.cc
index a2a768d4c04549170d610e829a2483192a73e0c3..dfb383261741f308356872ecbdf985aa45278b7e 100644 (file)
--- a/src/codecs/ip/cd_gre.cc
+++ b/src/codecs/ip/cd_gre.cc
@@ -29,6 +29,8 @@
 #include "packet_io/active.h"
 #include "protocols/gre.h"
 
+using namespace snort;
+
 #define CD_GRE_NAME "gre"
 #define CD_GRE_HELP "support for generic routing encapsulation"
 

diff --git a/src/codecs/ip/cd_hop_opts.cc b/src/codecs/ip/cd_hop_opts.cc
index 04dae8369ce8008d26aa5ece0bbc4bd270399205..7c8537fb802d880d6111509ca4eca2d01ea27954 100644 (file)
--- a/src/codecs/ip/cd_hop_opts.cc
+++ b/src/codecs/ip/cd_hop_opts.cc
@@ -25,6 +25,8 @@
 #include "framework/codec.h"
 #include "main/snort_config.h"
 
+using namespace snort;
+
 #define CD_HOPOPTS_NAME "ipv6_hop_opts"
 #define CD_HOPOPTS_HELP "support for IPv6 hop options"
 

diff --git a/src/codecs/ip/cd_icmp4.cc b/src/codecs/ip/cd_icmp4.cc
index fe75caf6365b37ea3d7cf3eb99bc1f138f251d08..00fc184cdec215dfa1750ba5b1908f24925e8dfc 100644 (file)
--- a/src/codecs/ip/cd_icmp4.cc
+++ b/src/codecs/ip/cd_icmp4.cc
@@ -30,6 +30,8 @@
 
 #include "checksum.h"
 
+using namespace snort;
+
 #define CD_ICMP4_NAME "icmp4"
 #define CD_ICMP4_HELP "support for Internet control message protocol v4"
 

diff --git a/src/codecs/ip/cd_icmp6.cc b/src/codecs/ip/cd_icmp6.cc
index 4cc7abbe77fd06918bcabe787e99ef0a3565679e..716d4a7c1ba4622b12b6ccd6f8d5c0ff0f2a1895 100644 (file)
--- a/src/codecs/ip/cd_icmp6.cc
+++ b/src/codecs/ip/cd_icmp6.cc
@@ -32,6 +32,8 @@
 
 #include "checksum.h"
 
+using namespace snort;
+
 #define CD_ICMP6_NAME "icmp6"
 #define CD_ICMP6_HELP "support for Internet control message protocol v6"
 

diff --git a/src/codecs/ip/cd_igmp.cc b/src/codecs/ip/cd_igmp.cc
index b8aae2ee2070fe74ee55034db3f2e784bd026376..8973073f48113af663a9a5872bdab5afa72e87f7 100644 (file)
--- a/src/codecs/ip/cd_igmp.cc
+++ b/src/codecs/ip/cd_igmp.cc
@@ -24,6 +24,8 @@
 #include "framework/codec.h"
 #include "codecs/codec_module.h"
 
+using namespace snort;
+
 #define CD_IGMP_NAME "igmp"
 #define CD_IGMP_HELP "support for Internet group management protocol"
 

diff --git a/src/codecs/ip/cd_ipv4.cc b/src/codecs/ip/cd_ipv4.cc
index 4f435db5a10336596c3008ad5be1a933045547f2..39607c6041163b79a4e8ff111ee87dd699d6b863 100644 (file)
--- a/src/codecs/ip/cd_ipv4.cc
+++ b/src/codecs/ip/cd_ipv4.cc
@@ -37,6 +37,8 @@
 
 #include "checksum.h"
 
+using namespace snort;
+
 #define CD_IPV4_NAME "ipv4"
 #define CD_IPV4_HELP "support for Internet protocol v4"
 
@@ -112,8 +114,8 @@ public:
     void format(bool reverse, uint8_t* raw_pkt, DecodeData& snort) override;
 
 private:
-    void IP4AddrTests(const IP4Hdr*, const CodecData&, DecodeData&);
-    void IPMiscTests(const IP4Hdr* const ip4h, const CodecData& codec, uint16_t len);
+    void IP4AddrTests(const ip::IP4Hdr*, const CodecData&, DecodeData&);
+    void IPMiscTests(const ip::IP4Hdr* const ip4h, const CodecData& codec, uint16_t len);
     void DecodeIPOptions(const uint8_t* start, uint8_t& o_len, CodecData& data);
 };
 
@@ -143,7 +145,7 @@ bool Ipv4Codec::decode(const RawData& raw, CodecData& codec, DecodeData& snort)
         return false;
     }
 
-    if ( SnortConfig::get_conf()->hit_ip_maxlayers(codec.ip_layer_cnt) )
+    if ( snort::SnortConfig::get_conf()->hit_ip_maxlayers(codec.ip_layer_cnt) )
     {
         codec_event(codec, DECODE_IP_MULTIPLE_ENCAPSULATION);
         return false;
@@ -151,7 +153,7 @@ bool Ipv4Codec::decode(const RawData& raw, CodecData& codec, DecodeData& snort)
 
     ++codec.ip_layer_cnt;
     /* lay the IP struct over the raw data */
-    const IP4Hdr* const iph = reinterpret_cast<const IP4Hdr*>(raw.data);
+    const ip::IP4Hdr* const iph = reinterpret_cast<const ip::IP4Hdr*>(raw.data);
 
     /*
      * with datalink DLT_RAW it's impossible to differ ARP datagrams from IP.
@@ -212,7 +214,7 @@ bool Ipv4Codec::decode(const RawData& raw, CodecData& codec, DecodeData& snort)
         /* If the previous layer was not IP-in-IP, this is not a 4-in-6 tunnel */
         if ( codec.codec_flags & CODEC_NON_IP_TUNNEL )
             codec.codec_flags &= ~CODEC_NON_IP_TUNNEL;
-        else if ( SnortConfig::tunnel_bypass_enabled(TUNNEL_4IN6) )
+        else if ( snort::SnortConfig::tunnel_bypass_enabled(TUNNEL_4IN6) )
             Active::set_tunnel_bypass();
     }
     else if (snort.ip_api.is_ip4())
@@ -220,7 +222,7 @@ bool Ipv4Codec::decode(const RawData& raw, CodecData& codec, DecodeData& snort)
         /* If the previous layer was not IP-in-IP, this is not a 4-in-4 tunnel */
         if ( codec.codec_flags & CODEC_NON_IP_TUNNEL )
             codec.codec_flags &= ~CODEC_NON_IP_TUNNEL;
-        else if (SnortConfig::tunnel_bypass_enabled(TUNNEL_4IN4))
+        else if (snort::SnortConfig::tunnel_bypass_enabled(TUNNEL_4IN4))
             Active::set_tunnel_bypass();
     }
 
@@ -243,7 +245,7 @@ bool Ipv4Codec::decode(const RawData& raw, CodecData& codec, DecodeData& snort)
      */
     IP4AddrTests(iph, codec, snort);
 
-    if (SnortConfig::ip_checksums())
+    if (snort::SnortConfig::ip_checksums())
     {
         /* routers drop packets with bad IP checksums, we don't really
          * need to check them (should make this a command line/config
@@ -345,7 +347,7 @@ bool Ipv4Codec::decode(const RawData& raw, CodecData& codec, DecodeData& snort)
 }
 
 void Ipv4Codec::IP4AddrTests(
-    const IP4Hdr* iph, const CodecData& codec, DecodeData& snort)
+    const ip::IP4Hdr* iph, const CodecData& codec, DecodeData& snort)
 {
     uint8_t msb_src, msb_dst;
 
@@ -398,7 +400,7 @@ void Ipv4Codec::IP4AddrTests(
 }
 
 /* IPv4-layer decoder rules */
-void Ipv4Codec::IPMiscTests(const IP4Hdr* const ip4h, const CodecData& codec, uint16_t len)
+void Ipv4Codec::IPMiscTests(const ip::IP4Hdr* const ip4h, const CodecData& codec, uint16_t len)
 {
     /* Yes, it's an ICMP-related vuln in IP options. */
     int cnt = 0;
@@ -553,10 +555,10 @@ struct ip4_addr
 void Ipv4Codec::log(TextLog* const text_log, const uint8_t* raw_pkt,
     const uint16_t lyr_len)
 {
-    const IP4Hdr* const ip4h = reinterpret_cast<const IP4Hdr*>(raw_pkt);
+    const ip::IP4Hdr* const ip4h = reinterpret_cast<const ip::IP4Hdr*>(raw_pkt);
 
     // FIXIT-H this does NOT obfuscate correctly
-    if (SnortConfig::obfuscate())
+    if (snort::SnortConfig::obfuscate())
     {
         TextLog_Print(text_log, "xxx.xxx.xxx.xxx -> xxx.xxx.xxx.xxx");
     }
@@ -646,8 +648,8 @@ bool Ipv4Codec::encode(const uint8_t* const raw_in, const uint16_t /*raw_len*/,
     if (!buf.allocate(ip::IP4_HEADER_LEN))
         return false;
 
-    const ip::IP4Hdr* const ip4h_in = reinterpret_cast<const IP4Hdr*>(raw_in);
-    ip::IP4Hdr* const ip4h_out = reinterpret_cast<IP4Hdr*>(buf.data());
+    const ip::IP4Hdr* const ip4h_in = reinterpret_cast<const ip::IP4Hdr*>(raw_in);
+    ip::IP4Hdr* const ip4h_out = reinterpret_cast<ip::IP4Hdr*>(buf.data());
 
     /* IPv4 encoded header is hardcoded 20 bytes */
     ip4h_out->ip_verhl = 0x45;
@@ -686,7 +688,7 @@ bool Ipv4Codec::encode(const uint8_t* const raw_in, const uint16_t /*raw_len*/,
 void Ipv4Codec::update(const ip::IpApi&, const EncodeFlags flags,
     uint8_t* raw_pkt, uint16_t /*lyr_len*/, uint32_t& updated_len)
 {
-    IP4Hdr* h = reinterpret_cast<IP4Hdr*>(raw_pkt);
+    ip::IP4Hdr* h = reinterpret_cast<ip::IP4Hdr*>(raw_pkt);
     uint16_t hlen = h->hlen();
 
     updated_len += hlen;
@@ -701,7 +703,7 @@ void Ipv4Codec::update(const ip::IpApi&, const EncodeFlags flags,
 
 void Ipv4Codec::format(bool reverse, uint8_t* raw_pkt, DecodeData& snort)
 {
-    IP4Hdr* ip4h = reinterpret_cast<IP4Hdr*>(raw_pkt);
+    ip::IP4Hdr* ip4h = reinterpret_cast<ip::IP4Hdr*>(raw_pkt);
 
     if ( reverse )
     {

diff --git a/src/codecs/ip/cd_ipv6.cc b/src/codecs/ip/cd_ipv6.cc
index 63518144b58a5111d99ad621988a0d458fdb5e9b..0d3bcd142e59248c647e5273f5d3455521eaf345 100644 (file)
--- a/src/codecs/ip/cd_ipv6.cc
+++ b/src/codecs/ip/cd_ipv6.cc
@@ -28,6 +28,8 @@
 #include "main/snort_config.h"
 #include "packet_io/active.h"
 
+using namespace snort;
+
 #define CD_IPV6_NAME "ipv6"
 #define CD_IPV6_HELP "support for Internet protocol v6"
 

diff --git a/src/codecs/ip/cd_mobility.cc b/src/codecs/ip/cd_mobility.cc
index 20f9a5ab7069607e0fcb9eac12a676d27bddcd3a..d45da388cd8803f3e5abfff6b115df26d18852f2 100644 (file)
--- a/src/codecs/ip/cd_mobility.cc
+++ b/src/codecs/ip/cd_mobility.cc
@@ -25,6 +25,8 @@
 #include "framework/codec.h"
 #include "main/snort_config.h"
 
+using namespace snort;
+
 // yes, macros are necessary. The API and class constructor require different strings.
 #define CD_MOBILE_NAME "ipv6_mobility"
 #define CD_MOBILE_HELP "support for mobility"

diff --git a/src/codecs/ip/cd_no_next.cc b/src/codecs/ip/cd_no_next.cc
index 34106fd5cd5ede3223d2180af20f862ec66c9ebb..209d5632b6271f735ae9693a668a7fe61a94befe 100644 (file)
--- a/src/codecs/ip/cd_no_next.cc
+++ b/src/codecs/ip/cd_no_next.cc
@@ -25,6 +25,8 @@
 #include "framework/codec.h"
 #include "main/snort_config.h"
 
+using namespace snort;
+
 namespace
 {
 #define CD_NO_NEXT_NAME "ipv6_no_next"

diff --git a/src/codecs/ip/cd_pgm.cc b/src/codecs/ip/cd_pgm.cc
index 29844a188d54278972f8154fa5de64f2e17b276f..add4c93f3b09c90ea10d247aaab58a3da497790b 100644 (file)
--- a/src/codecs/ip/cd_pgm.cc
+++ b/src/codecs/ip/cd_pgm.cc
@@ -27,6 +27,8 @@
 
 #include "checksum.h"
 
+using namespace snort;
+
 namespace
 {
 #define CD_PGM_NAME "pgm"

diff --git a/src/codecs/ip/cd_routing.cc b/src/codecs/ip/cd_routing.cc
index 66779c937f48aa8c170e97a6e84a95ee7998091e..b298ad01694615001b92108e60af2b232c7e73a1 100644 (file)
--- a/src/codecs/ip/cd_routing.cc
+++ b/src/codecs/ip/cd_routing.cc
@@ -26,6 +26,8 @@
 #include "framework/codec.h"
 #include "main/snort_config.h"
 
+using namespace snort;
+
 #define CD_IPV6_ROUTING_NAME "ipv6_routing"
 #define CD_IPV6_ROUTING_HELP "support for IPv6 routing extension"
 

diff --git a/src/codecs/ip/cd_tcp.cc b/src/codecs/ip/cd_tcp.cc
index 5d834f925adbe075c33fc556fc149e5624bdbb8a..be454f427148fa5ba9c1a8b367ac2e6248054982 100644 (file)
--- a/src/codecs/ip/cd_tcp.cc
+++ b/src/codecs/ip/cd_tcp.cc
@@ -35,6 +35,8 @@
 
 #include "checksum.h"
 
+using namespace snort;
+
 #define CD_TCP_NAME "tcp"
 #define CD_TCP_HELP "support for transmission control protocol"
 
@@ -658,7 +660,7 @@ bool TcpCodec::encode(const uint8_t* const raw_in, const uint16_t /*raw_len*/,
         checksum::Pseudoheader ps;
         int len = buf.size();
 
-        const IP4Hdr* const ip4h = ip_api.get_ip4h();
+        const ip::IP4Hdr* const ip4h = ip_api.get_ip4h();
         ps.sip = ip4h->get_src();
         ps.dip = ip4h->get_dst();
         ps.zero = 0;

diff --git a/src/codecs/ip/cd_udp.cc b/src/codecs/ip/cd_udp.cc
index 383ed926ea4c90a02cebabd3bd3e38c33682a100..06ba98eea67a6fb61e9a254276fafa38a95aed12 100644 (file)
--- a/src/codecs/ip/cd_udp.cc
+++ b/src/codecs/ip/cd_udp.cc
@@ -32,6 +32,8 @@
 
 #include "checksum.h"
 
+using namespace snort;
+
 #define CD_UDP_NAME "udp"
 #define CD_UDP_HELP "support for user datagram protocol"
 
@@ -307,7 +309,7 @@ bool UdpCodec::decode(const RawData& raw, CodecData& codec, DecodeData& snort)
     UDPMiscTests(snort, codec, uhlen - udp::UDP_HEADER_LEN);
 
     if (SnortConfig::gtp_decoding() &&
-        (SnortConfig::is_gtp_port(src_port)||SnortConfig::is_gtp_port(dst_port)))
+        (SnortConfig::is_gtp_port(src_port) || SnortConfig::is_gtp_port(dst_port)))
     {
         if ( !(snort.decode_flags & DECODE_FRAG) )
             codec.next_prot_id = ProtocolId::GTP;
@@ -378,7 +380,7 @@ bool UdpCodec::encode(const uint8_t* const raw_in, const uint16_t /*raw_len*/,
     if (ip_api.is_ip4())
     {
         checksum::Pseudoheader ps;
-        const IP4Hdr* const ip4h = ip_api.get_ip4h();
+        const ip::IP4Hdr* const ip4h = ip_api.get_ip4h();
         ps.sip = ip4h->get_src();
         ps.dip = ip4h->get_dst();
         ps.zero = 0;

diff --git a/src/codecs/link/cd_arp.cc b/src/codecs/link/cd_arp.cc
index 7a404c61c960a1edbc68ce44bc3005ada8a4c518..13587ba7f805afb5d4a79be40e05c9caf69bfa6f 100644 (file)
--- a/src/codecs/link/cd_arp.cc
+++ b/src/codecs/link/cd_arp.cc
@@ -26,6 +26,8 @@
 #include "framework/codec.h"
 #include "protocols/arp.h"
 
+using namespace snort;
+
 #define CD_ARP_NAME "arp"
 #define CD_ARP_HELP "support for address resolution protocol"
 

diff --git a/src/codecs/link/cd_ciscometadata.cc b/src/codecs/link/cd_ciscometadata.cc
index 9b6686375e62dfdbbb80b4ccec9523431012e2ba..31b14f42e55f5e947c2338d9d7c8861d89a8ddf6 100644 (file)
--- a/src/codecs/link/cd_ciscometadata.cc
+++ b/src/codecs/link/cd_ciscometadata.cc
@@ -24,6 +24,8 @@
 #include "codecs/codec_module.h"
 #include "framework/codec.h"
 
+using namespace snort;
+
 #define CD_CISCOMETADATA_NAME "ciscometadata"
 #define CD_CISCOMETADATA_HELP "support for cisco metadata"
 

diff --git a/src/codecs/link/cd_erspan2.cc b/src/codecs/link/cd_erspan2.cc
index ce7ce4a88018e2ebfa6aeae7f03b7fd05110a468..8974595382d8791549ab78cd53bd0dbea17411d0 100644 (file)
--- a/src/codecs/link/cd_erspan2.cc
+++ b/src/codecs/link/cd_erspan2.cc
@@ -24,6 +24,8 @@
 #include "codecs/codec_module.h"
 #include "framework/codec.h"
 
+using namespace snort;
+
 #define CD_ERSPAN2_NAME "erspan2"
 #define CD_ERSPAN2_HELP "support for encapsulated remote switched port analyzer - type 2"
 

diff --git a/src/codecs/link/cd_erspan3.cc b/src/codecs/link/cd_erspan3.cc
index a0106228bb0750290996fb784c3a5c8827de0a07..b7813d84f80a4f873097bfbcca0cb809bb19fa6c 100644 (file)
--- a/src/codecs/link/cd_erspan3.cc
+++ b/src/codecs/link/cd_erspan3.cc
@@ -24,6 +24,8 @@
 #include "codecs/codec_module.h"
 #include "framework/codec.h"
 
+using namespace snort;
+
 #define CD_ERSPAN3_NAME "erspan3"
 #define CD_ERSPAN3_HELP "support for encapsulated remote switched port analyzer - type 3"
 

diff --git a/src/codecs/link/cd_fabricpath.cc b/src/codecs/link/cd_fabricpath.cc
index 016f8a288a538a7adc137165ffb8de59659f3f56..321e06fa7abe620d3d87a3be6c3ae54406952d49 100644 (file)
--- a/src/codecs/link/cd_fabricpath.cc
+++ b/src/codecs/link/cd_fabricpath.cc
@@ -24,6 +24,8 @@
 #include "codecs/codec_module.h"
 #include "framework/codec.h"
 
+using namespace snort;
+
 #define CD_FABRICPATH_NAME "fabricpath"
 #define CD_FABRICPATH_HELP "support for fabricpath"
 

diff --git a/src/codecs/link/cd_mpls.cc b/src/codecs/link/cd_mpls.cc
index 2135df7daaf5369d1d24bd4bccc661a6dcac0024..77b15397e8c316b2e34b66bcde811cdeb1e511ed 100644 (file)
--- a/src/codecs/link/cd_mpls.cc
+++ b/src/codecs/link/cd_mpls.cc
@@ -29,6 +29,8 @@
 #include "packet_io/active.h"
 #include "utils/safec.h"
 
+using namespace snort;
+
 #define CD_MPLS_NAME "mpls"
 #define CD_MPLS_HELP "support for multiprotocol label switching"
 

diff --git a/src/codecs/link/cd_ppp_encap.cc b/src/codecs/link/cd_ppp_encap.cc
index 1ba68aca16bbed3601ed5427b8657f7f22b375a2..9a6a571b2914386f1c47921e9e6ff6f69a46fbb8 100644 (file)
--- a/src/codecs/link/cd_ppp_encap.cc
+++ b/src/codecs/link/cd_ppp_encap.cc
@@ -25,6 +25,8 @@
 #include "framework/codec.h"
 #include "main/snort_debug.h"
 
+using namespace snort;
+
 #define CD_PPPENCAP_NAME "ppp_encap"
 #define CD_PPPENCAP_HELP "support for point-to-point encapsulation"
 
@@ -91,7 +93,7 @@ bool PppEncap::decode(const RawData& raw, CodecData& codec, DecodeData&)
         }
 
         // FIXIT-M X This is broken - it should not modify the packet data (which should be const).
-        ((IP4Hdr*)(raw.data + codec.lyr_len))->set_proto(IpProtocol::TCP);
+        ((ip::IP4Hdr*)(raw.data + codec.lyr_len))->set_proto(IpProtocol::TCP);
     /* fall through */
 
     case PPP_IP:

diff --git a/src/codecs/link/cd_pppoe.cc b/src/codecs/link/cd_pppoe.cc
index b9968669110ea2334f4fe9c676e86ee7d2421cf7..d1adf4d10981dbeb3542b0667174b07bcfd444d1 100644 (file)
--- a/src/codecs/link/cd_pppoe.cc
+++ b/src/codecs/link/cd_pppoe.cc
@@ -25,6 +25,8 @@
 #include "codecs/codec_module.h"
 #include "framework/codec.h"
 
+using namespace snort;
+
 namespace
 {
 enum class PppoepktType

diff --git a/src/codecs/link/cd_trans_bridge.cc b/src/codecs/link/cd_trans_bridge.cc
index 23b536b5416b2dbb1729cd0fa97b6ddc5ce9a71a..8da054f098e4434b1092940cd67e5b0b2c161451 100644 (file)
--- a/src/codecs/link/cd_trans_bridge.cc
+++ b/src/codecs/link/cd_trans_bridge.cc
@@ -25,6 +25,8 @@
 #include "framework/codec.h"
 #include "protocols/eth.h"
 
+using namespace snort;
+
 namespace
 {
 #define CD_TRANSBRIDGE_NAME "trans_bridge"

diff --git a/src/codecs/link/cd_vlan.cc b/src/codecs/link/cd_vlan.cc
index 362929aa7e8641ce86dff2b9b9c797e471d279d5..1f9302c0aa82af1e6d0d583f847228315f57c2d6 100644 (file)
--- a/src/codecs/link/cd_vlan.cc
+++ b/src/codecs/link/cd_vlan.cc
@@ -26,6 +26,8 @@
 #include "log/text_log.h"
 #include "protocols/vlan.h"
 
+using namespace snort;
+
 #define CD_VLAN_NAME "vlan"
 #define CD_VLAN_HELP "support for local area network"
 

diff --git a/src/codecs/misc/cd_default.cc b/src/codecs/misc/cd_default.cc
index 9fcb22820642da21a930cca8b391bdb6fad1b550..78c7c333ebc4bf8973fa859287baf81a5a83342e 100644 (file)
--- a/src/codecs/misc/cd_default.cc
+++ b/src/codecs/misc/cd_default.cc
@@ -23,6 +23,8 @@
 
 #include "framework/codec.h"
 
+using namespace snort;
+
 #define CD_DEFAULT_NAME "unknown"
 #define CD_DEFAULT_HELP "support for unknown protocols"
 

diff --git a/src/codecs/misc/cd_gtp.cc b/src/codecs/misc/cd_gtp.cc
index f9eeccc7632851e8922ea387f2237f892558abc0..752750e5169857a6c5d16b8ccba737ed9b162c7a 100644 (file)
--- a/src/codecs/misc/cd_gtp.cc
+++ b/src/codecs/misc/cd_gtp.cc
@@ -27,6 +27,8 @@
 #include "main/snort_config.h"
 #include "packet_io/active.h"
 
+using namespace snort;
+
 #define CD_GTP_NAME "gtp"
 #define CD_GTP_HELP "support for general-packet-radio-service tunneling protocol"
 

diff --git a/src/codecs/misc/cd_icmp4_ip.cc b/src/codecs/misc/cd_icmp4_ip.cc
index 4c5a311d8f8102ba223fcdde3b106120e7d230f0..aedf03a424d44a42096554ccb50d3a9c381467d6 100644 (file)
--- a/src/codecs/misc/cd_icmp4_ip.cc
+++ b/src/codecs/misc/cd_icmp4_ip.cc
@@ -30,6 +30,8 @@
 #include "protocols/tcp.h"
 #include "protocols/udp.h"
 
+using namespace snort;
+
 namespace
 {
 #define ICMP4_IP_NAME "icmp4_ip"
@@ -58,7 +60,7 @@ bool Icmp4IpCodec::decode(const RawData& raw, CodecData& codec, DecodeData& snor
     }
 
     /* lay the IP struct over the raw data */
-    const IP4Hdr* const ip4h = reinterpret_cast<const IP4Hdr*>(raw.data);
+    const ip::IP4Hdr* const ip4h = reinterpret_cast<const ip::IP4Hdr*>(raw.data);
 
     /*
      * with datalink DLT_RAW it's impossible to differ ARP datagrams from IP.
@@ -140,7 +142,7 @@ struct ip4_addr
 void Icmp4IpCodec::log(TextLog* const text_log, const uint8_t* raw_pkt,
     const uint16_t /*lyr_len*/)
 {
-    const IP4Hdr* const ip4h = reinterpret_cast<const IP4Hdr*>(raw_pkt);
+    const ip::IP4Hdr* const ip4h = reinterpret_cast<const ip::IP4Hdr*>(raw_pkt);
     TextLog_Puts(text_log, "\n\t**** ORIGINAL DATAGRAM DUMP: ****");
     TextLog_NewLine(text_log);
     TextLog_Puts(text_log, "\tIPv4\n\t\t");

diff --git a/src/codecs/misc/cd_icmp6_ip.cc b/src/codecs/misc/cd_icmp6_ip.cc
index 81d287024404f1615fbcf186456a625defc1e5b0..e394d816accc92bb9448ce4e177dbdb13c487a86 100644 (file)
--- a/src/codecs/misc/cd_icmp6_ip.cc
+++ b/src/codecs/misc/cd_icmp6_ip.cc
@@ -24,6 +24,8 @@
 #include "codecs/codec_module.h"
 #include "framework/codec.h"
 
+using namespace snort;
+
 // yes, macros are necessary. The API and class constructor require different strings.
 //
 // this macros is defined in the module to ensure identical names. However,

diff --git a/src/codecs/misc/cd_llc.cc b/src/codecs/misc/cd_llc.cc
index 8cd69b071aa820522cdd575756e95e77ec2b4311..03216e57ebed3fbbd60667cdb613d780ea3dd050 100644 (file)
--- a/src/codecs/misc/cd_llc.cc
+++ b/src/codecs/misc/cd_llc.cc
@@ -25,6 +25,8 @@
 #include "framework/codec.h"
 #include "log/text_log.h"
 
+using namespace snort;
+
 #define LLC_NAME "llc"
 #define LLC_HELP "support for logical link control"
 

diff --git a/src/codecs/misc/cd_teredo.cc b/src/codecs/misc/cd_teredo.cc
index b3b0874117d34ec9121108d80ec62f3d5bf0e482..7dac5b27e439fee2a12c80660ef092dc7e3ebe04 100644 (file)
--- a/src/codecs/misc/cd_teredo.cc
+++ b/src/codecs/misc/cd_teredo.cc
@@ -27,6 +27,8 @@
 #include "packet_io/active.h"
 #include "protocols/teredo.h"
 
+using namespace snort;
+
 #define CD_TEREDO_NAME "teredo"
 #define CD_TEREDO_HELP "support for teredo"
 

diff --git a/src/codecs/misc/cd_user.cc b/src/codecs/misc/cd_user.cc
index 19fa0648b1d1dee269a0b7f79b07fe4be374bf67..52efbf34ff0f696e29aa4aeab5c3e21703fb7e7a 100644 (file)
--- a/src/codecs/misc/cd_user.cc
+++ b/src/codecs/misc/cd_user.cc
@@ -27,6 +27,8 @@
 #include "framework/codec.h"
 #include "packet_io/sfdaq.h"
 
+using namespace snort;
+
 #define CD_NAME "user"
 #define CD_HELP_STR "support for user sessions"
 #define CD_HELP ADD_DLT(CD_HELP_STR, DLT_USER)

diff --git a/src/codecs/root/cd_eth.cc b/src/codecs/root/cd_eth.cc
index d596c1e07830112972449383260ba0141f2ee9d3..a489e78b1b067759047de9af7e376865ba7107e0 100644 (file)
--- a/src/codecs/root/cd_eth.cc
+++ b/src/codecs/root/cd_eth.cc
@@ -31,6 +31,8 @@
 #include "protocols/eth.h"
 #include "protocols/packet_manager.h"
 
+using namespace snort;
+
 #define CD_ETH_NAME "eth"
 #define CD_ETH_HELP_STR "support for ethernet protocol"
 #define CD_ETH_HELP ADD_DLT(ADD_DLT(CD_ETH_HELP_STR, DLT_EN10MB), DLT_PPP_ETHER)

diff --git a/src/connectors/connectors.cc b/src/connectors/connectors.cc
index 4aceb1b87e9c5823d3752c4936f49ca8e00a5d09..88d34ff73cc18f4b62ab7099a7af9431a3b23b75 100644 (file)
--- a/src/connectors/connectors.cc
+++ b/src/connectors/connectors.cc
@@ -25,8 +25,8 @@
 #include "framework/connector.h"
 #include "managers/plugin_manager.h"
 
-extern const BaseApi* file_connector[];
-extern const BaseApi* tcp_connector[];
+extern const snort::BaseApi* file_connector[];
+extern const snort::BaseApi* tcp_connector[];
 
 void load_connectors()
 {

diff --git a/src/connectors/file_connector/file_connector.cc b/src/connectors/file_connector/file_connector.cc
index 2329ddeace47bffb8910b7e16d4c7cae18b6e21b..ae93b56b6f78124df22efeb770b0c583374f3221 100644 (file)
--- a/src/connectors/file_connector/file_connector.cc
+++ b/src/connectors/file_connector/file_connector.cc
@@ -30,6 +30,8 @@
 
 #include "file_connector_module.h"
 
+using namespace snort;
+
 /* Globals ****************************************************************/
 
 THREAD_LOCAL SimpleStats file_connector_stats;

diff --git a/src/connectors/file_connector/file_connector.h b/src/connectors/file_connector/file_connector.h
index 6a1a11546c61c2bf1b39887a355310d010632aba..6a3ff1202d3cefa6ae8153042bd232b77bf55bce 100644 (file)
--- a/src/connectors/file_connector/file_connector.h
+++ b/src/connectors/file_connector/file_connector.h
@@ -43,32 +43,32 @@ public:
     uint32_t connector_msg_length;
 };
 
-class FileConnectorMsgHandle : public ConnectorMsgHandle
+class FileConnectorMsgHandle : public snort::ConnectorMsgHandle
 {
 public:
     FileConnectorMsgHandle(const uint32_t length);
     ~FileConnectorMsgHandle();
-    ConnectorMsg connector_msg;
+    snort::ConnectorMsg connector_msg;
 };
 
-class FileConnectorCommon : public ConnectorCommon
+class FileConnectorCommon : public snort::ConnectorCommon
 {
 public:
     FileConnectorCommon(FileConnectorConfig::FileConnectorConfigSet*);
     ~FileConnectorCommon();
 };
 
-class FileConnector : public Connector
+class FileConnector : public snort::Connector
 {
 public:
     FileConnector(FileConnectorConfig*);
     ~FileConnector() override;
-    ConnectorMsgHandle* alloc_message(const uint32_t, const uint8_t**) override;
-    void discard_message(ConnectorMsgHandle*) override;
-    bool transmit_message(ConnectorMsgHandle*) override;
-    ConnectorMsgHandle* receive_message(bool) override;
+    snort::ConnectorMsgHandle* alloc_message(const uint32_t, const uint8_t**) override;
+    void discard_message(snort::ConnectorMsgHandle*) override;
+    bool transmit_message(snort::ConnectorMsgHandle*) override;
+    snort::ConnectorMsgHandle* receive_message(bool) override;
 
-    ConnectorMsg* get_connector_msg(ConnectorMsgHandle* handle) override
+    snort::ConnectorMsg* get_connector_msg(snort::ConnectorMsgHandle* handle) override
     { return( &((FileConnectorMsgHandle*)handle)->connector_msg ); }
     Direction get_connector_direction() override
     { return( ((const FileConnectorConfig*)config)->direction ); }
@@ -76,8 +76,8 @@ public:
     std::fstream file;
 
 private:
-    ConnectorMsgHandle* receive_message_binary();
-    ConnectorMsgHandle* receive_message_text();
+    snort::ConnectorMsgHandle* receive_message_binary();
+    snort::ConnectorMsgHandle* receive_message_text();
 };
 
 #endif

diff --git a/src/connectors/file_connector/file_connector_config.h b/src/connectors/file_connector/file_connector_config.h
index c3d1219da22d3aa318740e8a15ef6efc57bd60cb..75a9f16d516e58ce0ae3ae8a0f1dc8d0644b8a28 100644 (file)
--- a/src/connectors/file_connector/file_connector_config.h
+++ b/src/connectors/file_connector/file_connector_config.h
@@ -26,11 +26,11 @@
 
 #include "framework/connector.h"
 
-class FileConnectorConfig : public ConnectorConfig
+class FileConnectorConfig : public snort::ConnectorConfig
 {
 public:
     FileConnectorConfig()
-    { direction = Connector::CONN_UNDEFINED; text_format = false; }
+    { direction = snort::Connector::CONN_UNDEFINED; text_format = false; }
 
     bool text_format;
     std::string name;

diff --git a/src/connectors/file_connector/file_connector_module.cc b/src/connectors/file_connector/file_connector_module.cc
index 0d68d1460075e1fe63a7abad98634cf163a906aa..4184b07ed7fc658d3cde701b8f20b6cf7b1c1254 100644 (file)
--- a/src/connectors/file_connector/file_connector_module.cc
+++ b/src/connectors/file_connector/file_connector_module.cc
@@ -26,6 +26,8 @@
 
 #include "main/snort_debug.h"
 
+using namespace snort;
+
 static const Parameter file_connector_params[] =
 {
     { "connector", Parameter::PT_STRING, nullptr, nullptr,

diff --git a/src/connectors/file_connector/file_connector_module.h b/src/connectors/file_connector/file_connector_module.h
index 597c4b8252c185e93c2df6600dbd860e4d13a11b..265afbc891cfb501cf102ec9cf8b3c19c1ef4078 100644 (file)
--- a/src/connectors/file_connector/file_connector_module.h
+++ b/src/connectors/file_connector/file_connector_module.h
@@ -28,22 +28,22 @@
 #define FILE_CONNECTOR_NAME "file_connector"
 #define FILE_CONNECTOR_HELP "implement the file based connector"
 
-class FileConnectorModule : public Module
+class FileConnectorModule : public snort::Module
 {
 public:
     FileConnectorModule();
     ~FileConnectorModule() override;
 
-    bool set(const char*, Value&, SnortConfig*) override;
-    bool begin(const char*, int, SnortConfig*) override;
-    bool end(const char*, int, SnortConfig*) override;
+    bool set(const char*, snort::Value&, snort::SnortConfig*) override;
+    bool begin(const char*, int, snort::SnortConfig*) override;
+    bool end(const char*, int, snort::SnortConfig*) override;
 
     FileConnectorConfig::FileConnectorConfigSet* get_and_clear_config();
 
     const PegInfo* get_pegs() const override;
     PegCount* get_counts() const override;
 
-    ProfileStats* get_profile() const override;
+    snort::ProfileStats* get_profile() const override;
 
     Usage get_usage() const override
     { return GLOBAL; }

diff --git a/src/connectors/file_connector/test/file_connector_module_test.cc b/src/connectors/file_connector/test/file_connector_module_test.cc
index d9498b0490341edfef6c3044d527dc69551c73ef..4060659d65a6b35e0fc26786b11eaf6bd636c7a5 100644 (file)
--- a/src/connectors/file_connector/test/file_connector_module_test.cc
+++ b/src/connectors/file_connector/test/file_connector_module_test.cc
@@ -31,6 +31,8 @@
 #include <CppUTest/CommandLineTestRunner.h>
 #include <CppUTest/TestHarness.h>
 
+using namespace snort;
+
 THREAD_LOCAL SimpleStats file_connector_stats;
 THREAD_LOCAL ProfileStats file_connector_perfstats;
 

diff --git a/src/connectors/file_connector/test/file_connector_test.cc b/src/connectors/file_connector/test/file_connector_test.cc
index 4acb7bfa993f546b3104b63529c80fa5e9dda49b..f753952330d4beb615faa7d114d40f298bf71660 100644 (file)
--- a/src/connectors/file_connector/test/file_connector_test.cc
+++ b/src/connectors/file_connector/test/file_connector_test.cc
@@ -31,6 +31,8 @@
 #include <CppUTest/CommandLineTestRunner.h>
 #include <CppUTest/TestHarness.h>
 
+using namespace snort;
+
 extern const BaseApi* file_connector;
 ConnectorApi* fc_api = nullptr;
 

diff --git a/src/connectors/tcp_connector/tcp_connector.cc b/src/connectors/tcp_connector/tcp_connector.cc
index d190ad45657c89957b00d409cd600f006ae1565a..93d5580172b9397cf2a20ab4665f31d62f15c5f5 100644 (file)
--- a/src/connectors/tcp_connector/tcp_connector.cc
+++ b/src/connectors/tcp_connector/tcp_connector.cc
@@ -36,6 +36,8 @@
 
 #include "tcp_connector_module.h"
 
+using namespace snort;
+
 /* Globals ****************************************************************/
 
 THREAD_LOCAL SimpleStats tcp_connector_stats;

diff --git a/src/connectors/tcp_connector/tcp_connector.h b/src/connectors/tcp_connector/tcp_connector.h
index a7bd720a89baaef92daa850e18222502f65933ef..07a3085256aa4d5c616e2fc05642e7f2f82fd327 100644 (file)
--- a/src/connectors/tcp_connector/tcp_connector.h
+++ b/src/connectors/tcp_connector/tcp_connector.h
@@ -45,34 +45,34 @@ public:
     uint16_t connector_msg_length;
 };
 
-class TcpConnectorMsgHandle : public ConnectorMsgHandle
+class TcpConnectorMsgHandle : public snort::ConnectorMsgHandle
 {
 public:
     TcpConnectorMsgHandle(const uint32_t length);
     ~TcpConnectorMsgHandle();
-    ConnectorMsg connector_msg;
+    snort::ConnectorMsg connector_msg;
 };
 
-class TcpConnectorCommon : public ConnectorCommon
+class TcpConnectorCommon : public snort::ConnectorCommon
 {
 public:
     TcpConnectorCommon(TcpConnectorConfig::TcpConnectorConfigSet*);
     ~TcpConnectorCommon();
 };
 
-class TcpConnector : public Connector
+class TcpConnector : public snort::Connector
 {
 public:
     typedef Ring<TcpConnectorMsgHandle*> ReceiveRing;
 
     TcpConnector(TcpConnectorConfig*, int sock_fd);
     ~TcpConnector() override;
-    ConnectorMsgHandle* alloc_message(const uint32_t, const uint8_t**) override;
-    void discard_message(ConnectorMsgHandle*) override;
-    bool transmit_message(ConnectorMsgHandle*) override;
-    ConnectorMsgHandle* receive_message(bool) override;
+    snort::ConnectorMsgHandle* alloc_message(const uint32_t, const uint8_t**) override;
+    void discard_message(snort::ConnectorMsgHandle*) override;
+    bool transmit_message(snort::ConnectorMsgHandle*) override;
+    snort::ConnectorMsgHandle* receive_message(bool) override;
 
-    ConnectorMsg* get_connector_msg(ConnectorMsgHandle* handle) override
+    snort::ConnectorMsg* get_connector_msg(snort::ConnectorMsgHandle* handle) override
     { return( &((TcpConnectorMsgHandle*)handle)->connector_msg ); }
     Direction get_connector_direction() override
     { return Connector::CONN_DUPLEX; }

diff --git a/src/connectors/tcp_connector/tcp_connector_config.h b/src/connectors/tcp_connector/tcp_connector_config.h
index 4eb211cfb2ed7edddd250c4c01416551c1aaf4c7..6d814f0f2828a5c18c0f263c0c463bab17d1fdd3 100644 (file)
--- a/src/connectors/tcp_connector/tcp_connector_config.h
+++ b/src/connectors/tcp_connector/tcp_connector_config.h
@@ -25,12 +25,12 @@
 
 #include "framework/connector.h"
 
-class TcpConnectorConfig : public ConnectorConfig
+class TcpConnectorConfig : public snort::ConnectorConfig
 {
 public:
     enum Setup { CALL, ANSWER };
     TcpConnectorConfig()
-    { direction = Connector::CONN_DUPLEX; async_receive = true; }
+    { direction = snort::Connector::CONN_DUPLEX; async_receive = true; }
 
     uint16_t base_port;
     std::string address;

diff --git a/src/connectors/tcp_connector/tcp_connector_module.cc b/src/connectors/tcp_connector/tcp_connector_module.cc
index cf0f83054a6e6a826eb631b36bb7630b3ea41132..7bc9a3581a18b0d8138eff925df456a087822a42 100644 (file)
--- a/src/connectors/tcp_connector/tcp_connector_module.cc
+++ b/src/connectors/tcp_connector/tcp_connector_module.cc
@@ -26,6 +26,8 @@
 
 #include "main/snort_debug.h"
 
+using namespace snort;
+
 static const Parameter tcp_connector_params[] =
 {
     { "connector", Parameter::PT_STRING, nullptr, nullptr,

diff --git a/src/connectors/tcp_connector/tcp_connector_module.h b/src/connectors/tcp_connector/tcp_connector_module.h
index 3f225ca9e584f7323e76e36ff29449b476f0b6c8..511e2bb5175b0bf10d55222d3ee8ca87f9a100ff 100644 (file)
--- a/src/connectors/tcp_connector/tcp_connector_module.h
+++ b/src/connectors/tcp_connector/tcp_connector_module.h
@@ -28,22 +28,22 @@
 #define TCP_CONNECTOR_NAME "tcp_connector"
 #define TCP_CONNECTOR_HELP "implement the tcp stream connector"
 
-class TcpConnectorModule : public Module
+class TcpConnectorModule : public snort::Module
 {
 public:
     TcpConnectorModule();
     ~TcpConnectorModule() override;
 
-    bool set(const char*, Value&, SnortConfig*) override;
-    bool begin(const char*, int, SnortConfig*) override;
-    bool end(const char*, int, SnortConfig*) override;
+    bool set(const char*, snort::Value&, snort::SnortConfig*) override;
+    bool begin(const char*, int, snort::SnortConfig*) override;
+    bool end(const char*, int, snort::SnortConfig*) override;
 
     TcpConnectorConfig::TcpConnectorConfigSet* get_and_clear_config();
 
     const PegInfo* get_pegs() const override;
     PegCount* get_counts() const override;
 
-    ProfileStats* get_profile() const override;
+    snort::ProfileStats* get_profile() const override;
 
     Usage get_usage() const override
     { return GLOBAL; }

diff --git a/src/connectors/tcp_connector/test/tcp_connector_module_test.cc b/src/connectors/tcp_connector/test/tcp_connector_module_test.cc
index e170157e2b67438368e832a6ea332f43d7e9d47a..db639332b957d9c3dce2643517e004f2c45ef697 100644 (file)
--- a/src/connectors/tcp_connector/test/tcp_connector_module_test.cc
+++ b/src/connectors/tcp_connector/test/tcp_connector_module_test.cc
@@ -31,6 +31,8 @@
 #include <CppUTest/CommandLineTestRunner.h>
 #include <CppUTest/TestHarness.h>
 
+using namespace snort;
+
 THREAD_LOCAL SimpleStats tcp_connector_stats;
 THREAD_LOCAL ProfileStats tcp_connector_perfstats;
 

diff --git a/src/connectors/tcp_connector/test/tcp_connector_test.cc b/src/connectors/tcp_connector/test/tcp_connector_test.cc
index 0d66b602a19c4b157a18b093a374b4343ff7999a..3db2e47bc886dbd8ace3c6d55b16ad266fced391 100644 (file)
--- a/src/connectors/tcp_connector/test/tcp_connector_test.cc
+++ b/src/connectors/tcp_connector/test/tcp_connector_test.cc
@@ -36,6 +36,8 @@
 #include <CppUTest/CommandLineTestRunner.h>
 #include <CppUTest/TestHarness.h>
 
+using namespace snort;
+
 #if defined(__APPLE__)
 #define __THROW
 #define __SOCKADDR_ARG          struct sockaddr*

diff --git a/src/detection/context_switcher.cc b/src/detection/context_switcher.cc
index bf66f115b08c00daa0e4e53ff863ec0d5871bb1c..aa1b8e47c1c96c5213fb204d7a485c2f3175c352 100644 (file)
--- a/src/detection/context_switcher.cc
+++ b/src/detection/context_switcher.cc
@@ -37,6 +37,8 @@
 #include "catch/snort_catch.h"
 #endif
 
+using namespace snort;
+
 //--------------------------------------------------------------------------
 // context switcher methods
 //--------------------------------------------------------------------------

diff --git a/src/detection/context_switcher.h b/src/detection/context_switcher.h
index 16983b35144875184953865b866530e2d85cdc67..d6a6562651bee7ebd4d20e545fc9589806dd1caf 100644 (file)
--- a/src/detection/context_switcher.h
+++ b/src/detection/context_switcher.h
@@ -40,8 +40,12 @@
 
 #include <vector>
 
+namespace snort
+{
+class Flow;
 class IpsContext;
 class IpsContextData;
+}
 
 class ContextSwitcher
 {
@@ -49,25 +53,25 @@ public:
     ContextSwitcher(unsigned max);
     ~ContextSwitcher();
 
-    void push(IpsContext*);
-    IpsContext* pop();
+    void push(snort::IpsContext*);
+    snort::IpsContext* pop();
 
     void start();
     void stop();
     void abort();
 
-    IpsContext* interrupt();
-    IpsContext* complete();
+    snort::IpsContext* interrupt();
+    snort::IpsContext* complete();
 
     unsigned suspend();
     void resume(unsigned suspended);
 
-    IpsContext* get_context() const;
-    IpsContext* get_context(unsigned) const;
-    IpsContext* get_next() const;
+    snort::IpsContext* get_context() const;
+    snort::IpsContext* get_context(unsigned) const;
+    snort::IpsContext* get_next() const;
 
-    IpsContextData* get_context_data(unsigned id) const;
-    void set_context_data(unsigned id, IpsContextData*) const;
+    snort::IpsContextData* get_context_data(unsigned id) const;
+    void set_context_data(unsigned id, snort::IpsContextData*) const;
 
     unsigned idle_count() const;
     unsigned busy_count() const;
@@ -76,12 +80,12 @@ public:
     bool can_hold() const
     { return idle_count() > 5; }  // FIXIT-H define appropriate const
 
-    bool on_hold(class Flow*);
+    bool on_hold(snort::Flow*);
 
 private:
-    std::vector<IpsContext*> idle;
-    std::vector<IpsContext*> busy;
-    std::vector<IpsContext*> hold;
+    std::vector<snort::IpsContext*> idle;
+    std::vector<snort::IpsContext*> busy;
+    std::vector<snort::IpsContext*> hold;
 };
 
 #endif

diff --git a/src/detection/detect.cc b/src/detection/detect.cc
index 41862a702878c105a8257b256f4dbcaa4348ecb3..9c9cdcd1686f706ec3ce1cf8f528db0c3c647339 100644 (file)
--- a/src/detection/detect.cc
+++ b/src/detection/detect.cc
@@ -49,6 +49,8 @@
 #include "tag.h"
 #include "treenodes.h"
 
+using namespace snort;
+
 THREAD_LOCAL ProfileStats detectPerfStats;
 THREAD_LOCAL ProfileStats eventqPerfStats;
 THREAD_LOCAL ProfileStats rebuiltPacketPerfStats;

diff --git a/src/detection/detect.h b/src/detection/detect.h
index f754832ba466da493eb6a7d45b4884f7d2669d34..b76e069ae30ea3d7e5043ec4ba3efac16a35977a 100644 (file)
--- a/src/detection/detect.h
+++ b/src/detection/detect.h
@@ -25,26 +25,30 @@
 #include "main/snort_types.h"
 #include "main/thread.h"
 
-struct Event;
+namespace snort
+{
+struct Packet;
 struct ProfileStats;
+}
+struct Event;
 struct RuleFpList;
 struct RuleTreeNode;
 
-extern THREAD_LOCAL ProfileStats eventqPerfStats;
-extern THREAD_LOCAL ProfileStats detectPerfStats;
-extern THREAD_LOCAL ProfileStats rebuiltPacketPerfStats;
+extern THREAD_LOCAL snort::ProfileStats eventqPerfStats;
+extern THREAD_LOCAL snort::ProfileStats detectPerfStats;
+extern THREAD_LOCAL snort::ProfileStats rebuiltPacketPerfStats;
 
 // main loop hooks
-void snort_ignore(Packet*);
-void snort_log(Packet*);
+void snort_ignore(snort::Packet*);
+void snort_log(snort::Packet*);
 
 // alerts
-void CallLogFuncs(Packet*, ListHead*, Event*, const char*);
-void CallLogFuncs(Packet*, const OptTreeNode*, ListHead*);
-void CallAlertFuncs(Packet*, const OptTreeNode*, ListHead*);
+void CallLogFuncs(snort::Packet*, ListHead*, Event*, const char*);
+void CallLogFuncs(snort::Packet*, const OptTreeNode*, ListHead*);
+void CallAlertFuncs(snort::Packet*, const OptTreeNode*, ListHead*);
 
 void enable_tags();
-void check_tags(Packet*);
+void check_tags(snort::Packet*);
 
 #endif
 

diff --git a/src/detection/detect_trace.cc b/src/detection/detect_trace.cc
index 540e873a30931ead4f2755405fbabee37a230ae3..e8af8955d2aeb587168b9bbcae60aef4fb17a14d 100644 (file)
--- a/src/detection/detect_trace.cc
+++ b/src/detection/detect_trace.cc
@@ -35,6 +35,7 @@
 #include "fp_create.h"
 #include "pattern_match_data.h"
 
+using namespace snort;
 using namespace std;
 
 Trace TRACE_NAME(detection);

diff --git a/src/detection/detect_trace.h b/src/detection/detect_trace.h
index 4cc9b60c83166584d3c71b9bd311ea33478d9c46..877f0b34bef53b7bf418a2976e108c8ab1b33e1d 100644 (file)
--- a/src/detection/detect_trace.h
+++ b/src/detection/detect_trace.h
@@ -26,6 +26,11 @@
 #include "framework/cursor.h"
 #include "main/snort_types.h"
 
+namespace snort
+{
+    struct Packet;
+}
+
 struct detection_option_tree_node_t;
 struct PatternMatchData;
 
@@ -40,7 +45,7 @@ enum
 };
 
 void clear_trace_cursor_info();
-void print_pkt_info(Packet* p);
+void print_pkt_info(snort::Packet* p);
 void print_pattern(const PatternMatchData* pmd);
 void dump_buffer(const uint8_t* buff, unsigned len);
 void node_eval_trace(const detection_option_tree_node_t* node, const Cursor& cursor);

diff --git a/src/detection/detection_engine.cc b/src/detection/detection_engine.cc
index 4509936d9e05771c415100a2f24c736ac373245e..666b9323dcb52d54ada3a98ce34e160d91c69df0 100644 (file)
--- a/src/detection/detection_engine.cc
+++ b/src/detection/detection_engine.cc
@@ -54,6 +54,8 @@
 static THREAD_LOCAL RegexOffload* offloader = nullptr;
 static THREAD_LOCAL uint64_t context_num = 0;
 
+using namespace snort;
+
 //--------------------------------------------------------------------------
 // basic de
 //--------------------------------------------------------------------------

diff --git a/src/detection/detection_engine.h b/src/detection/detection_engine.h
index 4c3a85fa07f4107703602cec8c7b4765fe6fb669..92fc6881d3c03323abf865c08ebcdf9b385a4a0f 100644 (file)
--- a/src/detection/detection_engine.h
+++ b/src/detection/detection_engine.h
@@ -31,8 +31,10 @@
 #include "main/snort_types.h"
 
 struct DataPointer;
-struct Packet;
 
+namespace snort
+{
+struct Packet;
 class Flow;
 class IpsContext;
 class IpsContextData;
@@ -112,7 +114,10 @@ static inline void set_file_data(const uint8_t* p, unsigned n)
 }
 
 static inline void clear_file_data()
-{ set_file_data(nullptr, 0); }
+{
+    set_file_data(nullptr, 0);
+}
 
+} // namespace snort
 #endif
 

diff --git a/src/detection/detection_options.cc b/src/detection/detection_options.cc
index 0078c87652de584f701c6c39ca6eb6404e4e37bb..cab467d4fd51da999465b43c4449d0a644a20689 100644 (file)
--- a/src/detection/detection_options.cc
+++ b/src/detection/detection_options.cc
@@ -63,6 +63,8 @@
 #include "rules.h"
 #include "treenodes.h"
 
+using namespace snort;
+
 #define HASH_RULE_OPTIONS 16384
 #define HASH_RULE_TREE     8192
 

diff --git a/src/detection/detection_options.h b/src/detection/detection_options.h
index 1f5aca06130e1f3eab58336a67a49838dfce86d8..76b9dfb1c369943fc7320ff1f6a0d84260574225 100644 (file)
--- a/src/detection/detection_options.h
+++ b/src/detection/detection_options.h
@@ -36,11 +36,15 @@
 #include "detection/rule_option_types.h"
 #include "time/clock_defs.h"
 
+namespace snort
+{
 struct Packet;
+struct SnortConfig;
+}
 struct RuleLatencyState;
 struct XHash;
 
-typedef int (* eval_func_t)(void* option_data, class Cursor&, Packet*);
+typedef int (* eval_func_t)(void* option_data, class Cursor&, snort::Packet*);
 
 // this is per packet thread
 struct dot_node_state_t
@@ -105,14 +109,14 @@ struct detection_option_eval_data_t
 {
     void* pomd;
     void* pmd;
-    Packet* p;
+    snort::Packet* p;
     char flowbit_failed;
     char flowbit_noalert;
 };
 
 // return existing data or add given and return nullptr
-void* add_detection_option(struct SnortConfig*, option_type_t, void*);
-void* add_detection_option_tree(struct SnortConfig*, detection_option_tree_node_t*);
+void* add_detection_option(struct snort::SnortConfig*, option_type_t, void*);
+void* add_detection_option_tree(struct snort::SnortConfig*, detection_option_tree_node_t*);
 
 int detection_option_node_evaluate(
     detection_option_tree_node_t*, detection_option_eval_data_t*, class Cursor&);

diff --git a/src/detection/detection_util.cc b/src/detection/detection_util.cc
index 3ead2e9d72d9091f6e5e285da8c72c1300ecbe30..630270cbc9eba6b715b90e5a2a8ee030f7e26377 100644 (file)
--- a/src/detection/detection_util.cc
+++ b/src/detection/detection_util.cc
@@ -31,6 +31,8 @@
 
 #include "treenodes.h"
 
+using namespace snort;
+
 #define LOG_CHARS 16
 
 static THREAD_LOCAL TextLog* tlog = nullptr;

diff --git a/src/detection/detection_util.h b/src/detection/detection_util.h
index f75edf62a2ac4139bddc2d0b69539bc38b8850a7..268cce93c04b9c25d169fb81c9ecf21f17b14150 100644 (file)
--- a/src/detection/detection_util.h
+++ b/src/detection/detection_util.h
@@ -44,11 +44,11 @@ struct DataBuffer
 void EventTrace_Init();
 void EventTrace_Term();
 
-void EventTrace_Log(const Packet*, const OptTreeNode*, int action);
+void EventTrace_Log(const snort::Packet*, const OptTreeNode*, int action);
 
 inline int EventTrace_IsEnabled()
 {
-    return ( SnortConfig::get_conf()->event_trace_max > 0 );
+    return ( snort::SnortConfig::get_conf()->event_trace_max > 0 );
 }
 
 #endif

diff --git a/src/detection/fp_config.cc b/src/detection/fp_config.cc
index 0e22999a14deef8c771b1469c035c3f1272ff857..9d6c87f6ed88414d20c3edd4a37aa3a96561f349 100644 (file)
--- a/src/detection/fp_config.cc
+++ b/src/detection/fp_config.cc
@@ -36,6 +36,8 @@
 #include "log/messages.h"
 #include "managers/mpse_manager.h"
 
+using namespace snort;
+
 FastPatternConfig::FastPatternConfig()
 {
     search_api = MpseManager::get_search_api("ac_bnfa");

diff --git a/src/detection/fp_config.h b/src/detection/fp_config.h
index a0d72935ac4e11c6f5aa9f9ce0c584e71f912510..184c2d3ea48be7af04fdce09c788f6a3d5995dc9 100644 (file)
--- a/src/detection/fp_config.h
+++ b/src/detection/fp_config.h
@@ -25,6 +25,11 @@
 #ifndef FP_CONFIG_H
 #define FP_CONFIG_H
 
+namespace snort
+{
+    struct MpseApi;
+}
+
 // this is a basically a factory for creating MPSE
 
 #define PL_BLEEDOVER_WARNINGS_ENABLED        0x01
@@ -122,7 +127,7 @@ public:
 
     void set_max_pattern_len(unsigned);
 
-    const struct MpseApi* get_search_api()
+    const snort::MpseApi* get_search_api()
     { return search_api; }
 
     bool get_trim()
@@ -143,7 +148,7 @@ public:
     { return max_pattern_len; }
 
 private:
-    const struct MpseApi* search_api;
+    const snort::MpseApi* search_api;
 
     bool inspect_stream_insert = true;
     bool trim;

diff --git a/src/detection/fp_create.cc b/src/detection/fp_create.cc
index 6b7652ac2bd39c5cee534fdcb781598636fa5b7c..ff7c9f50e75c63627f324503d9af31e1f4008cf9 100644 (file)
--- a/src/detection/fp_create.cc
+++ b/src/detection/fp_create.cc
@@ -55,6 +55,7 @@
 #include "service_map.h"
 #include "treenodes.h"
 
+using namespace snort;
 using namespace std;
 
 static unsigned mpse_count = 0;

diff --git a/src/detection/fp_create.h b/src/detection/fp_create.h
index e6dd9dafb9d2b8edddeb67a92cf43035d5612347..a9e29bdf97255c1482f5be8ccb231cd1e6ea1fb6 100644 (file)
--- a/src/detection/fp_create.h
+++ b/src/detection/fp_create.h
@@ -30,7 +30,10 @@
 #include <string>
 #include "ports/port_group.h"
 
+namespace snort
+{
 struct SnortConfig;
+}
 
 struct PMX
 {
@@ -50,8 +53,8 @@ struct NCListNode
 **  engine.  It reads in the snort list of RTNs and OTNs and
 **  assigns them to PORT_MAPS.
 */
-int fpCreateFastPacketDetection(SnortConfig*);
-void fpDeleteFastPacketDetection(SnortConfig*);
+int fpCreateFastPacketDetection(snort::SnortConfig*);
+void fpDeleteFastPacketDetection(snort::SnortConfig*);
 void get_pattern_info(const PatternMatchData* pmd,
     const char* pattern, int pattern_length, std::string& hex, std::string& txt,
     std::string& opts);

diff --git a/src/detection/fp_detect.cc b/src/detection/fp_detect.cc
index d02466d64624c2e17a258794830367d6afc2e9a6..e43318db4d525c24612c6ff621594cc0fbc28bc9 100644 (file)
--- a/src/detection/fp_detect.cc
+++ b/src/detection/fp_detect.cc
@@ -79,6 +79,8 @@
 #include "tag.h"
 #include "treenodes.h"
 
+using namespace snort;
+
 THREAD_LOCAL ProfileStats rulePerfStats;
 THREAD_LOCAL ProfileStats ruleRTNEvalPerfStats;
 THREAD_LOCAL ProfileStats ruleOTNEvalPerfStats;

diff --git a/src/detection/fp_detect.h b/src/detection/fp_detect.h
index 893092abc468856ec4d7bea6cff5561eb8d76c9e..348dbe265924d1188c8ef6ba6a8e4487230d7152 100644 (file)
--- a/src/detection/fp_detect.h
+++ b/src/detection/fp_detect.h
@@ -33,19 +33,23 @@
 
 #define REBUILD_FLAGS (PKT_REBUILT_FRAG | PKT_REBUILT_STREAM)
 
+namespace snort
+{
+class IpsContext;
 struct Packet;
-struct PortGroup;
 struct ProfileStats;
+}
+struct PortGroup;
 struct OptTreeNode;
 
-extern THREAD_LOCAL ProfileStats rulePerfStats;
-extern THREAD_LOCAL ProfileStats ruleRTNEvalPerfStats;
-extern THREAD_LOCAL ProfileStats ruleOTNEvalPerfStats;
-extern THREAD_LOCAL ProfileStats ruleNFPEvalPerfStats;
+extern THREAD_LOCAL snort::ProfileStats rulePerfStats;
+extern THREAD_LOCAL snort::ProfileStats ruleRTNEvalPerfStats;
+extern THREAD_LOCAL snort::ProfileStats ruleOTNEvalPerfStats;
+extern THREAD_LOCAL snort::ProfileStats ruleNFPEvalPerfStats;
 
 struct RuleTreeNode;
-int fpLogEvent(const RuleTreeNode*, const OptTreeNode*, Packet*);
-int fpEvalRTN(RuleTreeNode*, Packet*, int check_ports);
+int fpLogEvent(const RuleTreeNode*, const OptTreeNode*, snort::Packet*);
+int fpEvalRTN(RuleTreeNode*, snort::Packet*, int check_ports);
 
 /*
 **  This define is for the number of unique events
@@ -78,7 +82,7 @@ struct MatchInfo
 struct OtnxMatchData
 {
     PortGroup* pg;
-    Packet* p;
+    snort::Packet* p;
 
     const uint8_t* data;
     unsigned size;
@@ -93,13 +97,12 @@ struct OtnxMatchData
 
 int fpAddMatch(OtnxMatchData*, int pLen, const OptTreeNode*);
 
-class IpsContext;
-void fp_set_context(IpsContext&);
-void fp_clear_context(IpsContext&);
+void fp_set_context(snort::IpsContext&);
+void fp_clear_context(snort::IpsContext&);
 
-void fp_local(Packet*);
-void fp_offload(Packet*);
-void fp_onload(Packet*);
+void fp_local(snort::Packet*);
+void fp_offload(snort::Packet*);
+void fp_onload(snort::Packet*);
 
 #endif
 

diff --git a/src/detection/fp_utils.cc b/src/detection/fp_utils.cc
index 932b3aab583db959c1aa6f8fce87ba9029e025f6..035d02f152fe4704aaeb4604ba8c88232550c474 100644 (file)
--- a/src/detection/fp_utils.cc
+++ b/src/detection/fp_utils.cc
@@ -39,6 +39,8 @@
 #include "pattern_match_data.h"
 #include "treenodes.h"
 
+using namespace snort;
+
 //--------------------------------------------------------------------------
 // private utilities
 //--------------------------------------------------------------------------

diff --git a/src/detection/fp_utils.h b/src/detection/fp_utils.h
index 2df9ae60aa7b766a96aa090b08e731647d959527..0cb2f5a91a67788ffb3e35341aa1550827fd9a76 100644 (file)
--- a/src/detection/fp_utils.h
+++ b/src/detection/fp_utils.h
@@ -28,7 +28,7 @@
 struct OptFpList;
 struct OptTreeNode;
 
-struct PatternMatchData* get_pmd(OptFpList*, int proto, RuleDirection);
+struct PatternMatchData* get_pmd(OptFpList*, int proto, snort::RuleDirection);
 bool is_fast_pattern_only(OptFpList*);
 void validate_fast_pattern(OptTreeNode*);
 

diff --git a/src/detection/ips_context.cc b/src/detection/ips_context.cc
index d65471370213efb7df25daf6393a89e10ab9b063..c3f32661b301677ed0e85f283ea137d4949a91b9 100644 (file)
--- a/src/detection/ips_context.cc
+++ b/src/detection/ips_context.cc
@@ -35,6 +35,8 @@
 #include "catch/snort_catch.h"
 #endif
 
+using namespace snort;
+
 //--------------------------------------------------------------------------
 // context data
 //--------------------------------------------------------------------------

diff --git a/src/detection/ips_context.h b/src/detection/ips_context.h
index 267d1c97bee58bd4a8b893f10c5d40a6e1d79f54..f25c6925cbefdbf4f6b184f5276dcd62684e2d37 100644 (file)
--- a/src/detection/ips_context.h
+++ b/src/detection/ips_context.h
@@ -33,6 +33,14 @@
 
 #include "detection/detection_util.h"
 
+class MpseStash;
+struct OtnxMatchData;
+struct SF_EVENTQ;
+
+namespace snort
+{
+struct SnortConfig;
+
 class SO_PUBLIC IpsContextData
 {
 public:
@@ -72,10 +80,10 @@ public:
     DAQ_PktHdr_t* pkth;
     uint8_t* buf;
 
-    struct SnortConfig* conf;
-    class MpseStash* stash;
-    struct OtnxMatchData* otnx;
-    struct SF_EVENTQ* equeue;
+    SnortConfig* conf;
+    MpseStash* stash;
+    OtnxMatchData* otnx;
+    SF_EVENTQ* equeue;
 
     DataPointer file_data;
     DataBuffer alt_data;
@@ -90,6 +98,6 @@ private:
     std::vector<IpsContextData*> data;
     unsigned slot;
 };
-
+}
 #endif
 

diff --git a/src/detection/pcrm.cc b/src/detection/pcrm.cc
index d8a795a00313334b9017a03befc95b086480856f..90b91616d08d9ca17348eb25ade07a85469814d8 100644 (file)
--- a/src/detection/pcrm.cc
+++ b/src/detection/pcrm.cc
@@ -88,16 +88,16 @@ static int prmFindRuleGroup(
     assert(src and dst and gen);
     *src = *dst = *gen = nullptr;
 
-    if ( (dport != ANYPORT) and (dport < MAX_PORTS) )
+    if ( (dport != ANYPORT) and (dport < snort::MAX_PORTS) )
         *dst = p->prmDstPort[dport];
 
-    if ( (sport != ANYPORT) and (sport < MAX_PORTS) )
+    if ( (sport != ANYPORT) and (sport < snort::MAX_PORTS) )
         *src = p->prmSrcPort[sport];
 
     /* If no Src/Dst rules - use the generic set, if any exist  */
     if ( p->prmGeneric and (p->prmGeneric->rule_count > 0) )
     {
-        if ( SnortConfig::get_conf()->fast_pattern_config->get_split_any_any() or (!*src and !*dst) )
+        if ( snort::SnortConfig::get_conf()->fast_pattern_config->get_split_any_any() or (!*src and !*dst) )
         {
             *gen = p->prmGeneric;
         }

diff --git a/src/detection/pcrm.h b/src/detection/pcrm.h
index 2d6b53168103909d71910b47b43ede3c631d04e2..70914286562ed00ddc6e4ffe470081e88d40d3ed 100644 (file)
--- a/src/detection/pcrm.h
+++ b/src/detection/pcrm.h
@@ -43,8 +43,8 @@ struct PORT_RULE_MAP
     int prmNumDstGroups;
     int prmNumSrcGroups;
 
-    PortGroup* prmSrcPort[MAX_PORTS];
-    PortGroup* prmDstPort[MAX_PORTS];
+    PortGroup* prmSrcPort[snort::MAX_PORTS];
+    PortGroup* prmDstPort[snort::MAX_PORTS];
     PortGroup* prmGeneric;
 };
 

diff --git a/src/detection/regex_offload.cc b/src/detection/regex_offload.cc
index 61b4397847e53d6a8979c93192b55733addf8d25..9163ff5299b16503e7c54d563e8f05b367165df3 100644 (file)
--- a/src/detection/regex_offload.cc
+++ b/src/detection/regex_offload.cc
@@ -39,7 +39,7 @@
 
 struct RegexRequest
 {
-    Packet* packet = nullptr;
+    snort::Packet* packet = nullptr;
 
     std::thread* thread;
     std::mutex mutex;
@@ -107,14 +107,14 @@ void RegexOffload::worker(RegexRequest* req)
         assert(req->packet);
         assert(req->packet->flow->is_offloaded());
 
-        SnortConfig::set_conf(req->packet->context->conf);  // FIXIT-H reload issue
+        snort::SnortConfig::set_conf(req->packet->context->conf);  // FIXIT-H reload issue
         fp_offload(req->packet);
 
         req->offload = false;
     }
 }
 
-void RegexOffload::put(unsigned id, Packet* p)
+void RegexOffload::put(unsigned id, snort::Packet* p)
 {
     assert(p);
     assert(!idle.empty());
@@ -150,7 +150,7 @@ bool RegexOffload::get(unsigned& id)
     return true;
 }
 
-bool RegexOffload::on_hold(Flow* f)
+bool RegexOffload::on_hold(snort::Flow* f)
 {
     for ( auto* req : busy )
     {

diff --git a/src/detection/regex_offload.h b/src/detection/regex_offload.h
index c0f311ee732cebb4aabfd6481d2f318884256be1..1802daab26b8bc6a491b1ef2771363422a065d53 100644 (file)
--- a/src/detection/regex_offload.h
+++ b/src/detection/regex_offload.h
@@ -34,7 +34,11 @@
 #include <mutex>
 #include <thread>
 
+namespace snort
+{
+class Flow;
 struct Packet;
+}
 struct RegexRequest;
 
 class RegexOffload
@@ -48,10 +52,10 @@ public:
     unsigned count()
     { return busy.size(); }
 
-    void put(unsigned id, Packet*);
+    void put(unsigned id, snort::Packet*);
     bool get(unsigned& id);
 
-    bool on_hold(class Flow*);
+    bool on_hold(snort::Flow*);
 
 private:
     static void worker(RegexRequest*);

diff --git a/src/detection/rtn_checks.cc b/src/detection/rtn_checks.cc
index 9c6940f79d530be9d62357067e7075af0c926e9c..e4865b2bd1e93b9618491f48226064d7d2b08d39 100644 (file)
--- a/src/detection/rtn_checks.cc
+++ b/src/detection/rtn_checks.cc
@@ -39,16 +39,15 @@
 #include "rules.h"
 #include "treenodes.h"
 
+using namespace snort;
+
 #define CHECK_SRC_IP         0x01
 #define CHECK_DST_IP         0x02
 #define INVERSE              0x04
 #define CHECK_SRC_PORT       0x08
 #define CHECK_DST_PORT       0x10
 
-static int CheckAddrPort(
-    sfip_var_t* rule_addr,
-    PortObject* po,
-    Packet* p,
+static int CheckAddrPort(sfip_var_t* rule_addr, PortObject* po, Packet* p,
     uint32_t flags, int mode)
 {
     const SfIp* pkt_addr;          /* packet IP address */

diff --git a/src/detection/rtn_checks.h b/src/detection/rtn_checks.h
index f01a7a563655c0a71511acbf886570de7d2b2399..9f766c591ec15fa352b1a106badf1b99a979d229 100644 (file)
--- a/src/detection/rtn_checks.h
+++ b/src/detection/rtn_checks.h
@@ -21,22 +21,25 @@
 #ifndef RTN_CHECKS_H
 #define RTN_CHECKS_H
 
-struct Packet;
+namespace snort
+{
+    struct Packet;
+}
 struct RuleFpList;
 struct RuleTreeNode;
 
 // parsing
-int RuleListEnd(Packet*, RuleTreeNode*, RuleFpList*, int);
-int OptListEnd(void* option_data, class Cursor&, Packet*);
+int RuleListEnd(snort::Packet*, RuleTreeNode*, RuleFpList*, int);
+int OptListEnd(void* option_data, class Cursor&, snort::Packet*);
 
 // detection
-int CheckBidirectional(Packet*, RuleTreeNode*, RuleFpList*, int);
-int CheckSrcIP(Packet*, RuleTreeNode*, RuleFpList*, int);
-int CheckDstIP(Packet*, RuleTreeNode*, RuleFpList*, int);
-int CheckSrcPortEqual(Packet*, RuleTreeNode*, RuleFpList*, int);
-int CheckDstPortEqual(Packet*, RuleTreeNode*, RuleFpList*, int);
-int CheckSrcPortNotEq(Packet*, RuleTreeNode*, RuleFpList*, int);
-int CheckDstPortNotEq(Packet*, RuleTreeNode*, RuleFpList*, int);
+int CheckBidirectional(snort::Packet*, RuleTreeNode*, RuleFpList*, int);
+int CheckSrcIP(snort::Packet*, RuleTreeNode*, RuleFpList*, int);
+int CheckDstIP(snort::Packet*, RuleTreeNode*, RuleFpList*, int);
+int CheckSrcPortEqual(snort::Packet*, RuleTreeNode*, RuleFpList*, int);
+int CheckDstPortEqual(snort::Packet*, RuleTreeNode*, RuleFpList*, int);
+int CheckSrcPortNotEq(snort::Packet*, RuleTreeNode*, RuleFpList*, int);
+int CheckDstPortNotEq(snort::Packet*, RuleTreeNode*, RuleFpList*, int);
 
 #endif
 

diff --git a/src/detection/rules.h b/src/detection/rules.h
index 0f6aa436bd10e58467898f6236ecbee3db6fcf5e..d7389c9e80952923576ac0bf4ffa1972c4e100b0 100644 (file)
--- a/src/detection/rules.h
+++ b/src/detection/rules.h
@@ -47,13 +47,17 @@
 
 #define EventIsInternal(gid) ((gid) == GENERATOR_INTERNAL)
 
+namespace snort
+{
+    class IpsAction;
+}
 struct OutputSet;
 
 struct ListHead
 {
     OutputSet* LogList;
     OutputSet* AlertList;
-    class IpsAction* action;
+    snort::IpsAction* action;
     struct RuleListNode* ruleListNode;
 };
 
@@ -61,7 +65,7 @@ struct ListHead
 struct RuleListNode
 {
     ListHead* RuleList;   /* The rule list associated with this node */
-    Actions::Type mode;        /* the rule mode */
+    snort::Actions::Type mode;        /* the rule mode */
     int evalIndex;        /* eval index for this rule set */
     char* name;           /* name of this rule list */
     RuleListNode* next;   /* the next RuleListNode */

diff --git a/src/detection/service_map.cc b/src/detection/service_map.cc
index 9e82048f6b4f21f0c83504917b83c706700a7e18..1ab74ec753ad2f4e48b26cc3e1048b2a94238a9c 100644 (file)
--- a/src/detection/service_map.cc
+++ b/src/detection/service_map.cc
@@ -48,6 +48,8 @@
 #include "fp_create.h"
 #include "treenodes.h"
 
+using namespace snort;
+
 //-------------------------------------------------------------------------
 // service map stuff
 //-------------------------------------------------------------------------

diff --git a/src/detection/service_map.h b/src/detection/service_map.h
index a4f43048aba1e8bc6e780110bce9f9145a0a4147..e36dbd5af711175dc38cd277557964432c9009b8 100644 (file)
--- a/src/detection/service_map.h
+++ b/src/detection/service_map.h
@@ -32,9 +32,12 @@
 
 #include "target_based/snort_protocols.h"
 
+namespace snort
+{
+struct SnortConfig;
+}
 struct PortGroup;
 struct GHash;
-struct SnortConfig;
 
 //  Service Rule Map Master Table
 struct srmm_table_t
@@ -49,8 +52,8 @@ void ServiceMapFree(srmm_table_t*);
 srmm_table_t* ServicePortGroupMapNew();
 void ServicePortGroupMapFree(srmm_table_t*);
 
-void fpPrintServicePortGroupSummary(SnortConfig*, srmm_table_t*);
-int fpCreateServiceMaps(SnortConfig*);
+void fpPrintServicePortGroupSummary(snort::SnortConfig*, srmm_table_t*);
+int fpCreateServiceMaps(snort::SnortConfig*);
 
 //  Service/Protocol Ordinal To PortGroup table
 typedef std::vector<PortGroup*> PortGroupVector;

diff --git a/src/detection/signature.cc b/src/detection/signature.cc
index 947a4b17bc090502b87bc732c15eab5483c2dde6..aed4fdb5e46617ee1f37c96eb4b5f7452a50f21f 100644 (file)
--- a/src/detection/signature.cc
+++ b/src/detection/signature.cc
@@ -35,6 +35,8 @@
 
 #include "treenodes.h"
 
+using namespace snort;
+
 /********************** Reference System Implementation ***********************/
 
 ReferenceSystemNode* ReferenceSystemAdd(

diff --git a/src/detection/signature.h b/src/detection/signature.h
index 028a4fbc5a202bfa73f127195685e187ea2ecb26..e11d94a92e1f7fbb758a2c0e6702def51afc8c65 100644 (file)
--- a/src/detection/signature.h
+++ b/src/detection/signature.h
@@ -27,7 +27,11 @@
 #include <cstdint>
 #include <cstdio>
 
+namespace snort
+{
 struct SnortConfig;
+}
+
 struct OptTreeNode;
 struct GHash;
 
@@ -39,7 +43,7 @@ struct ReferenceSystemNode
     ReferenceSystemNode* next;
 };
 
-ReferenceSystemNode* ReferenceSystemAdd(SnortConfig*, const char*, const char* = nullptr);
+ReferenceSystemNode* ReferenceSystemAdd(snort::SnortConfig*, const char*, const char* = nullptr);
 
 /* XXX: update to point to the ReferenceURLNode in the referenceURL list */
 struct ReferenceNode
@@ -49,7 +53,7 @@ struct ReferenceNode
     ReferenceNode* next;
 };
 
-void AddReference(SnortConfig*, ReferenceNode**, const char*, const char*);
+void AddReference(snort::SnortConfig*, ReferenceNode**, const char*, const char*);
 
 /* struct for rule classification */
 struct ClassType
@@ -63,9 +67,9 @@ struct ClassType
 };
 
 /* NOTE:  These methods can only be used during parse time */
-void AddClassification(SnortConfig*, const char* type, const char* name, int priority);
+void AddClassification(snort::SnortConfig*, const char* type, const char* name, int priority);
 
-ClassType* ClassTypeLookupByType(SnortConfig*, const char*);
+ClassType* ClassTypeLookupByType(snort::SnortConfig*, const char*);
 
 struct SignatureServiceInfo
 {

diff --git a/src/detection/tag.cc b/src/detection/tag.cc
index a01f28e6a74066c8b48bf31838ce43d81097b839..a0775273e5fc0a44bab7b325f8cd2466e81ccea9 100644 (file)
--- a/src/detection/tag.cc
+++ b/src/detection/tag.cc
@@ -38,6 +38,8 @@
 
 #include "treenodes.h"
 
+using namespace snort;
+
 /*  D E F I N E S  **************************************************/
 #define MAX_TAG_NODES   256
 

diff --git a/src/detection/tag.h b/src/detection/tag.h
index 68ace3394e2ebd3ae52f4e4c36eee601278e1fec..2fc782cf72986f3c661ce95ffbaebcd6ffac2057 100644 (file)
--- a/src/detection/tag.h
+++ b/src/detection/tag.h
@@ -29,7 +29,11 @@
 
 #include <cstdint>
 
+namespace snort
+{
 struct Packet;
+}
+
 struct OptTreeNode;
 struct Event;
 
@@ -56,8 +60,8 @@ struct TagData
 
 void InitTag();
 void CleanupTag();
-int CheckTagList(Packet*, Event&, void**);
-void SetTags(Packet*, const OptTreeNode*, uint16_t);
+int CheckTagList(snort::Packet*, Event&, void**);
+void SetTags(snort::Packet*, const OptTreeNode*, uint16_t);
 
 #endif
 

diff --git a/src/detection/treenodes.cc b/src/detection/treenodes.cc
index 46ad5a31c5a09dc626b50015a184627d14662b1c..a514e5370745c96bb7a93f75d3692489d536ced9 100644 (file)
--- a/src/detection/treenodes.cc
+++ b/src/detection/treenodes.cc
@@ -49,7 +49,7 @@ OptFpList* AddOptFuncToList(RuleOptEvalFunc ro_eval_func, OptTreeNode* otn)
     return ofp;
 }
 
-bool otn_set_agent(OptTreeNode* otn, IpsOption* opt)
+bool otn_set_agent(OptTreeNode* otn, snort::IpsOption* opt)
 {
     if ( otn->agent )
         return false;
@@ -58,7 +58,7 @@ bool otn_set_agent(OptTreeNode* otn, IpsOption* opt)
     return true;
 }
 
-void otn_trigger_actions(const OptTreeNode* otn, Packet* p)
+void otn_trigger_actions(const OptTreeNode* otn, snort::Packet* p)
 {
     if ( otn->agent )
         otn->agent->action(p);

diff --git a/src/detection/treenodes.h b/src/detection/treenodes.h
index 7c2fd2040472dd412934732a28a22a9d81ccd0da..b1948f1109ac39e858a11068c422fa5c080cef3f 100644 (file)
--- a/src/detection/treenodes.h
+++ b/src/detection/treenodes.h
@@ -28,8 +28,11 @@
 #include "main/snort_types.h"
 #include "time/clock_defs.h"
 
+namespace snort
+{
 class IpsOption;
 struct Packet;
+}
 struct RuleTreeNode;
 struct PortObject;
 struct OutputSet;
@@ -39,9 +42,9 @@ struct sfip_var_t;
 /* same as the rule header FP list */
 struct OptFpList
 {
-    IpsOption* ips_opt;
+    snort::IpsOption* ips_opt;
 
-    int (* OptTestFunc)(void* option_data, class Cursor&, Packet*);
+    int (* OptTestFunc)(void* option_data, class Cursor&, snort::Packet*);
 
     OptFpList* next;
 
@@ -76,7 +79,7 @@ struct OptTreeNode
     /* plugin/detection functions go here */
     OptFpList* opt_func;
     OutputSet* outputFuncs; /* per sid enabled output functions */
-    IpsOption* agent;
+    snort::IpsOption* agent;
 
     /* metadata about signature */
     SigInfo sigInfo;
@@ -124,7 +127,7 @@ struct RuleFpList
     void* context;
 
     /* rule check function pointer */
-    int (* RuleHeadFunc)(Packet*, RuleTreeNode*, RuleFpList*, int);
+    int (* RuleHeadFunc)(snort::Packet*, RuleTreeNode*, RuleFpList*, int);
 
     /* pointer to the next rule function node */
     RuleFpList* next;
@@ -148,14 +151,14 @@ struct RuleTreeNode
 
     uint32_t flags;     /* control flags */
 
-    Actions::Type type;
+    snort::Actions::Type type;
 
     // reference count from otn.
     // Multiple OTNs can reference this RTN with the same policy.
     unsigned int otnRefCount;
 };
 
-typedef int (* RuleOptEvalFunc)(void*, Cursor&, Packet*);
+typedef int (* RuleOptEvalFunc)(void*, Cursor&, snort::Packet*);
 OptFpList* AddOptFuncToList(RuleOptEvalFunc, OptTreeNode*);
 
 void* get_rule_type_data(OptTreeNode*, const char* name);
@@ -168,9 +171,9 @@ inline bool otn_has_plugin(OptTreeNode* otn, int id)
 inline void otn_set_plugin(OptTreeNode* otn, int id)
 { otn->plugins |= (0x1 << id); }
 
-bool otn_set_agent(OptTreeNode*, IpsOption*);
+bool otn_set_agent(OptTreeNode*, snort::IpsOption*);
 
-void otn_trigger_actions(const OptTreeNode*, Packet*);
+void otn_trigger_actions(const OptTreeNode*, snort::Packet*);
 
 #endif
 

diff --git a/src/events/event.cc b/src/events/event.cc
index 717211725d5f8f98753017efb040ba2e0a004868..246ff80075097793e71bfdf0c466c0ac4f600d0d 100644 (file)
--- a/src/events/event.cc
+++ b/src/events/event.cc
@@ -39,7 +39,7 @@ void SetEvent(
     event.sig_info->priority = priority;
 
     /* this one gets set automatically */
-    event.event_id = ++event_id | SnortConfig::get_event_log_id();
+    event.event_id = ++event_id | snort::SnortConfig::get_event_log_id();
 
     if (event_ref)
         event.event_reference = event_ref;

diff --git a/src/events/event_queue.h b/src/events/event_queue.h
index 1100a7bd6300c856a25412d4638dfe21f8118365..c0e3f1dfa178458b4ba54f35dee69037cf219d07 100644 (file)
--- a/src/events/event_queue.h
+++ b/src/events/event_queue.h
@@ -38,7 +38,7 @@ struct EventNode
 {
     const struct OptTreeNode* otn;
     const struct RuleTreeNode* rtn;
-    Actions::Type type;
+    snort::Actions::Type type;
 };
 
 EventQueueConfig* EventQueueConfigNew();

diff --git a/src/file_api/file_api.h b/src/file_api/file_api.h
index 07bb046efd36f2fc115ba2852ccf39ea6603599c..1978e43255d51f0a61d7f5151c22db832acfc71f 100644 (file)
--- a/src/file_api/file_api.h
+++ b/src/file_api/file_api.h
@@ -110,10 +110,14 @@ struct FileState
     FileSigState sig_state;
 };
 
-class FileContext;
 struct FileCaptureInfo;
-class Flow;
+
+namespace snort
+{
+class FileContext;
 class FileInfo;
+class Flow;
+struct Packet;
 
 class SO_PUBLIC FilePolicyBase
 {
@@ -183,8 +187,8 @@ inline FileCharEncoding get_character_encoding(const char* file_name, size_t len
     return encoding;
 }
 
-SO_PUBLIC uint64_t get_file_processed_size(class Flow* flow);
-FilePosition get_file_position(struct Packet* pkt);
-
+SO_PUBLIC uint64_t get_file_processed_size(Flow* flow);
+FilePosition get_file_position(Packet* pkt);
+}
 #endif
 

diff --git a/src/file_api/file_cache.cc b/src/file_api/file_cache.cc
index e2abe534305c2ffc12995cc15598b054b77b7328..8bbd52be2dc74416ef4470e644318c091afd48c9 100644 (file)
--- a/src/file_api/file_cache.cc
+++ b/src/file_api/file_cache.cc
@@ -31,6 +31,8 @@
 
 #include "file_stats.h"
 
+using namespace snort;
+
 static int file_cache_free_func(void*, void* data)
 {
     FileCache::FileNode* node = (FileCache::FileNode*)data;

diff --git a/src/file_api/file_cache.h b/src/file_api/file_cache.h
index fd210bd5fe45020b477e8735cf84e7c2d383cc69..330388c130724909f8ba67ecb2a8f5659f2da22e 100644 (file)
--- a/src/file_api/file_cache.h
+++ b/src/file_api/file_cache.h
@@ -37,8 +37,8 @@ public:
 PADDING_GUARD_BEGIN
     struct FileHashKey
     {
-        SfIp sip;
-        SfIp dip;
+        snort::SfIp sip;
+        snort::SfIp dip;
         uint32_t padding;
         uint64_t file_sig;
     };
@@ -47,13 +47,13 @@ PADDING_GUARD_END
     struct FileNode
     {
         time_t expires;
-        FileContext* file;
+        snort::FileContext* file;
     };
 
     FileCache();
     ~FileCache();
-    FileContext* add(const FileHashKey&);
-    FileContext* find(const FileHashKey&);
+    snort::FileContext* add(const FileHashKey&);
+    snort::FileContext* find(const FileHashKey&);
 
 private:
     /* The hash table of expected files */

diff --git a/src/file_api/file_capture.cc b/src/file_api/file_capture.cc
index fa1e6b99931b29c15813b8debcd7366770ed3a35..ed42f0a8da7651a76b08dff9b2bf64122c5adaac 100644 (file)
--- a/src/file_api/file_capture.cc
+++ b/src/file_api/file_capture.cc
@@ -41,6 +41,8 @@
 #include "file_mempool.h"
 #include "file_stats.h"
 
+using namespace snort;
+
 FileMemPool* FileCapture::file_mempool = nullptr;
 int64_t FileCapture::capture_block_size = 0;
 

diff --git a/src/file_api/file_capture.h b/src/file_api/file_capture.h
index 86c8b4e5ae07076e7bdcd5728cfb6342b77a3821..ae377e3ec5f697b89a6458c86d35b75f223fa637 100644 (file)
--- a/src/file_api/file_capture.h
+++ b/src/file_api/file_capture.h
@@ -38,7 +38,10 @@
 
 #include "file_api.h"
 
+namespace snort
+{
 class FileInfo;
+}
 class FileMemPool;
 
 struct FileCaptureBlock
@@ -62,7 +65,7 @@ public:
         FilePosition pos);
 
     // Preserve the file in memory until it is released
-    FileCaptureState reserve_file(const FileInfo*);
+    FileCaptureState reserve_file(const snort::FileInfo*);
 
     // Get the file that is reserved in memory, this should be called repeatedly
     // until nullptr is returned to get the full file
@@ -88,7 +91,7 @@ public:
 
     static int64_t get_block_size() { return capture_block_size; }
 
-    FileInfo* get_file_info() { return file_info; }
+    snort::FileInfo* get_file_info() { return file_info; }
 
 private:
 
@@ -114,7 +117,7 @@ private:
     const uint8_t* current_data;  /*current file data*/
     uint32_t current_data_len;
     FileCaptureState capture_state;
-    FileInfo* file_info = nullptr;
+    snort::FileInfo* file_info = nullptr;
     int64_t capture_min_size;
     int64_t capture_max_size;
 };

diff --git a/src/file_api/file_config.cc b/src/file_api/file_config.cc
index 1ee169a1511ff22f29d750c74cfe814b53221b0c..ae558092c067cf6bfb0501b530f9d607c31a6a36 100644 (file)
--- a/src/file_api/file_config.cc
+++ b/src/file_api/file_config.cc
@@ -98,7 +98,7 @@ std::string file_type_name(uint32_t id)
 
 FileConfig* get_file_config ()
 {
-    FileInspect* fi = (FileInspect*)InspectorManager::get_inspector(FILE_ID_NAME, true);
+    snort::FileInspect* fi = (snort::FileInspect*)snort::InspectorManager::get_inspector(FILE_ID_NAME, true);
 
     if (fi)
         return (fi->config);

diff --git a/src/file_api/file_enforcer.cc b/src/file_api/file_enforcer.cc
index 09353813773cff89f8c0d05ac8ec2dfd2793486c..3e3beb84f96b74df6ff3086e23e7b5ea80ded5fa 100644 (file)
--- a/src/file_api/file_enforcer.cc
+++ b/src/file_api/file_enforcer.cc
@@ -36,6 +36,8 @@
 
 #include "file_service.h"
 
+using namespace snort;
+
 static int file_node_free_func(void*, void* data)
 {
     FileEnforcer::FileNode* node = (FileEnforcer::FileNode*)data;
@@ -66,7 +68,7 @@ void FileEnforcer::update_file_node(FileNode* node, FileInfo* file)
     *(node->file) = *file;
 }
 
-FileVerdict FileEnforcer::check_verdict(Flow* flow, FileNode* node,
+FileVerdict FileEnforcer::check_verdict(snort::Flow* flow, FileNode* node,
     XHashNode* hash_node, FilePolicyBase* policy)
 {
     assert(node->file);
@@ -93,7 +95,7 @@ FileVerdict FileEnforcer::check_verdict(Flow* flow, FileNode* node,
     return verdict;
 }
 
-int FileEnforcer::store_verdict(Flow* flow, FileInfo* file)
+int FileEnforcer::store_verdict(snort::Flow* flow, FileInfo* file)
 {
     assert(file);
     uint64_t file_sig = file->get_file_id();
@@ -173,7 +175,7 @@ bool FileEnforcer::apply_verdict(Flow* flow, FileInfo* file, FileVerdict verdict
     else if (verdict == FILE_VERDICT_BLOCK)
     {
         // can't block session inside a session
-        Active::set_delayed_action(Active::ACT_BLOCK, true);
+        snort::Active::set_delayed_action(Active::ACT_BLOCK, true);
         store_verdict(flow, file);
         if (resume)
             policy->log_file_action(flow, file, FILE_RESUME_BLOCK);
@@ -182,7 +184,7 @@ bool FileEnforcer::apply_verdict(Flow* flow, FileInfo* file, FileVerdict verdict
     else if (verdict == FILE_VERDICT_REJECT)
     {
         // can't reset session inside a session
-        Active::set_delayed_action(Active::ACT_RESET, true);
+        snort::Active::set_delayed_action(Active::ACT_RESET, true);
         store_verdict(flow, file);
         if (resume)
             policy->log_file_action(flow, file, FILE_RESUME_BLOCK);
@@ -191,7 +193,7 @@ bool FileEnforcer::apply_verdict(Flow* flow, FileInfo* file, FileVerdict verdict
     else if (verdict == FILE_VERDICT_PENDING)
     {
         /*Take the cached verdict*/
-        Active::set_delayed_action(Active::ACT_DROP, true);
+        snort::Active::set_delayed_action(Active::ACT_DROP, true);
         if (resume)
             policy->log_file_action(flow, file, FILE_RESUME_BLOCK);
         return true;
@@ -200,7 +202,7 @@ bool FileEnforcer::apply_verdict(Flow* flow, FileInfo* file, FileVerdict verdict
     return false;
 }
 
-FileVerdict FileEnforcer::cached_verdict_lookup(Flow* flow, FileInfo* file,
+FileVerdict FileEnforcer::cached_verdict_lookup(snort::Flow* flow, FileInfo* file,
     FilePolicyBase* policy)
 {
     FileVerdict verdict = FILE_VERDICT_UNKNOWN;

diff --git a/src/file_api/file_enforcer.h b/src/file_api/file_enforcer.h
index 7e8d55ac0fd5d77a57db5c173d4f5adc3796d370..170ece764f077c29e055675391d9abdb6392ad3b 100644 (file)
--- a/src/file_api/file_enforcer.h
+++ b/src/file_api/file_enforcer.h
@@ -33,7 +33,12 @@
 #include "file_config.h"
 #include "file_policy.h"
 
+namespace snort
+{
 class FileInfo;
+class FilePolicyBase;
+class Flow;
+}
 
 #define MAX_FILES_TRACKED 16384
 #define MAX_MEMORY_USED (10*1024*1024)  // 10M
@@ -44,29 +49,29 @@ public:
     struct FileNode
     {
         time_t expires;
-        FileInfo* file;
+        snort::FileInfo* file;
     };
 
     FileEnforcer();
     ~FileEnforcer();
-    FileVerdict cached_verdict_lookup(Flow*, FileInfo*, FilePolicyBase*);
-    bool apply_verdict(Flow*, FileInfo*, FileVerdict, bool resume, FilePolicyBase*);
+    FileVerdict cached_verdict_lookup(snort::Flow*, snort::FileInfo*, snort::FilePolicyBase*);
+    bool apply_verdict(snort::Flow*, snort::FileInfo*, FileVerdict, bool resume, snort::FilePolicyBase*);
 
 private:
 // FIXIT-L Merge definition with duplicate in file_cache.h?
 PADDING_GUARD_BEGIN
     struct FileHashKey
     {
-        SfIp sip;
-        SfIp dip;
+        snort::SfIp sip;
+        snort::SfIp dip;
         uint32_t padding;
         uint64_t file_sig;
     };
 PADDING_GUARD_END
 
-    void update_file_node(FileNode*, FileInfo*);
-    FileVerdict check_verdict(Flow*, FileNode*, XHashNode*, FilePolicyBase*);
-    int store_verdict(Flow*, FileInfo*);
+    void update_file_node(FileNode*, snort::FileInfo*);
+    FileVerdict check_verdict(snort::Flow*, FileNode*, XHashNode*, snort::FilePolicyBase*);
+    int store_verdict(snort::Flow*, snort::FileInfo*);
 
     /* The hash table of expected files */
     XHash* fileHash = nullptr;

diff --git a/src/file_api/file_flows.cc b/src/file_api/file_flows.cc
index 375b756a57f08cde6b477212e3444c227bcc22a5..38b713e1c05a7a7d8793808237e97e63a1f1d649 100644 (file)
--- a/src/file_api/file_flows.cc
+++ b/src/file_api/file_flows.cc
@@ -39,6 +39,8 @@
 #include "file_lib.h"
 #include "file_service.h"
 
+using namespace snort;
+
 unsigned FileFlows::file_flow_data_id = 0;
 static THREAD_LOCAL uint32_t max_file_id = 0;
 
@@ -256,6 +258,8 @@ void FileFlows::set_file_name(const uint8_t* fname, uint32_t name_size)
     }
 }
 
+namespace snort
+{
 FilePosition get_file_position(Packet* pkt)
 {
     FilePosition position = SNORT_FILE_POSITION_UNKNOWN;
@@ -272,7 +276,7 @@ FilePosition get_file_position(Packet* pkt)
 
     return position;
 }
-
+}
 FileInspect::FileInspect(FileIdModule* fm)
 {
     fm->load_config(config);

diff --git a/src/file_api/file_flows.h b/src/file_api/file_flows.h
index ac99223830ae36bf1476af3b0f29aaecbc4334c9..592276f7e82bea0f9830a6821ba9031678816cb4 100644 (file)
--- a/src/file_api/file_flows.h
+++ b/src/file_api/file_flows.h
@@ -30,6 +30,9 @@
 #include "file_module.h"
 #include "file_policy.h"
 
+
+namespace snort
+{
 class FileContext;
 class Flow;
 
@@ -98,6 +101,6 @@ private:
     Flow* flow = nullptr;
     FilePolicyBase* file_policy = nullptr;
 };
-
+}
 #endif
 

diff --git a/src/file_api/file_lib.cc b/src/file_api/file_lib.cc
index 6e77242826aa5025e931c8b6629cfa85fc718a93..3f0ad64d57528988b87f5e7e6d667ed0d501cd7d 100644 (file)
--- a/src/file_api/file_lib.cc
+++ b/src/file_api/file_lib.cc
@@ -50,6 +50,8 @@
 #include "file_segment.h"
 #include "file_stats.h"
 
+using namespace snort;
+
 // Convert UTF16-LE file name to UTF-8.
 // Returns allocated name. Caller responsible for freeing the buffer.
 char* FileContext::get_UTF8_fname(size_t* converted_len)

diff --git a/src/file_api/file_lib.h b/src/file_api/file_lib.h
index 002d06d41c22c4ef15b45f93b315699e31ae6e25..a25217e3717651e2725f1cf8a3b24f653521bb66 100644 (file)
--- a/src/file_api/file_lib.h
+++ b/src/file_api/file_lib.h
@@ -36,8 +36,11 @@
 class FileCapture;
 class FileConfig;
 class FileSegments;
-class Flow;
+
+namespace snort
+{
 class FileInspect;
+class Flow;
 
 class SO_PUBLIC FileInfo
 {
@@ -140,6 +143,6 @@ private:
     inline void finalize_file_type();
     inline void finish_signature_lookup(Flow*, bool, FilePolicyBase*);
 };
-
+}
 #endif
 

diff --git a/src/file_api/file_log.cc b/src/file_api/file_log.cc
index 136debe822b4f7dd49e9fa39edf85d86fba9bf3a..15257c82155c0160f256d3c4fd302ae415c7d1b0 100644 (file)
--- a/src/file_api/file_log.cc
+++ b/src/file_api/file_log.cc
@@ -32,6 +32,8 @@
 #include "file_flows.h"
 #include "file_lib.h"
 
+using namespace snort;
+
 static const char* s_name = "file_log";
 static const char* f_name = "file.log";
 static const char* s_help = "log file event to file.log";

diff --git a/src/file_api/file_module.cc b/src/file_api/file_module.cc
index f2a4652970d66a07758d5d8f29f9a4c70edb5121..e3d3d9a123788e64198f94105b466ae82dadaa5a 100644 (file)
--- a/src/file_api/file_module.cc
+++ b/src/file_api/file_module.cc
@@ -33,6 +33,8 @@
 
 #include "file_stats.h"
 
+using namespace snort;
+
 static const Parameter file_magic_params[] =
 {
     { "content", Parameter::PT_STRING, nullptr, nullptr,

diff --git a/src/file_api/file_module.h b/src/file_api/file_module.h
index 499a5b54e08e0e67fe65321ad370deaa9cfe6977..d4d6de284dd7aa2f3cde5f3fee0431baaa5c9ebe 100644 (file)
--- a/src/file_api/file_module.h
+++ b/src/file_api/file_module.h
@@ -32,15 +32,15 @@
 // file_id module
 //-------------------------------------------------------------------------
 
-class FileIdModule : public Module
+class FileIdModule : public snort::Module
 {
 public:
     FileIdModule();
     ~FileIdModule() override;
 
-    bool set(const char*, Value&, SnortConfig*) override;
-    bool begin(const char*, int, SnortConfig*) override;
-    bool end(const char*, int, SnortConfig*) override;
+    bool set(const char*, snort::Value&, snort::SnortConfig*) override;
+    bool begin(const char*, int, snort::SnortConfig*) override;
+    bool end(const char*, int, snort::SnortConfig*) override;
 
     const PegInfo* get_pegs() const override;
     PegCount* get_counts() const override;

diff --git a/src/file_api/file_policy.cc b/src/file_api/file_policy.cc
index ea4ef1ce3c6c07b6cae2babbb2eaa8010121397d..4dfac414f54bc7c0f0b6f3c3c96aec94b201e542 100644 (file)
--- a/src/file_api/file_policy.cc
+++ b/src/file_api/file_policy.cc
@@ -30,6 +30,8 @@
 #include "file_enforcer.h"
 #include "file_service.h"
 
+using namespace snort;
+
 static FileRule emptyRule;
 
 void FileRule::clear()
@@ -84,26 +86,26 @@ void FilePolicy::insert_file_rule(FileRule& rule)
     }
 
     // Enable file type for all other features
-    FileService::enable_file_type();
+    snort::FileService::enable_file_type();
     type_enabled = true;
 
     if (rule.use.signature_enabled)
-        FileService::enable_file_signature();
+        snort::FileService::enable_file_signature();
 
     if (rule.use.capture_enabled)
-        FileService::enable_file_capture();
+        snort::FileService::enable_file_capture();
 }
 
 void FilePolicy::load()
 {
     if (type_enabled)
-        FileService::enable_file_type();
+        snort::FileService::enable_file_type();
 
     if (signature_enabled)
-        FileService::enable_file_signature();
+        snort::FileService::enable_file_signature();
 
     if (capture_enabled)
-        FileService::enable_file_capture();
+        snort::FileService::enable_file_capture();
 
     // Use default global setting
     emptyRule.use.type_enabled = type_enabled;

diff --git a/src/file_api/file_policy.h b/src/file_api/file_policy.h
index 6688ad869e887071fcd1a416c84d498f1410ce32..71ace2bb628791f3834ff671398bf5e26ad5585d 100644 (file)
--- a/src/file_api/file_policy.h
+++ b/src/file_api/file_policy.h
@@ -25,6 +25,11 @@
 
 #include "file_api.h"
 
+namespace snort
+{
+class FileInfo;
+}
+
 struct FileVerdictWhen
 {
     uint32_t type_id;
@@ -49,22 +54,20 @@ public:
     void clear();
 };
 
-class FileInfo;
-
-class FilePolicy: public FilePolicyBase
+class FilePolicy: public snort::FilePolicyBase
 {
 public:
 
     FilePolicy() = default;
     ~FilePolicy() override = default;
 
-    void policy_check(Flow* flow, FileInfo* file) override;
+    void policy_check(snort::Flow*, snort::FileInfo*) override;
 
     // This is called after file type is known
-    FileVerdict type_lookup(Flow* flow, FileInfo* file) override;
+    FileVerdict type_lookup(snort::Flow*, snort::FileInfo*) override;
 
     // This is called after file signature is complete
-    FileVerdict signature_lookup(Flow* flow, FileInfo* file) override;
+    FileVerdict signature_lookup(snort::Flow*, snort::FileInfo*) override;
 
     void insert_file_rule(FileRule&);
     void set_file_type(bool enabled);
@@ -74,8 +77,8 @@ public:
     void set_verdict_delay(int64_t delay) { verdict_delay = delay; }
 
 private:
-    FileRule& match_file_rule(Flow*, FileInfo* file);
-    FileVerdict match_file_signature(Flow*, FileInfo* file);
+    FileRule& match_file_rule(snort::Flow*, snort::FileInfo*);
+    FileVerdict match_file_signature(snort::Flow*, snort::FileInfo*);
     std::vector<FileRule> file_rules;
     std::map<std::string, FileVerdict> file_shas;
     bool type_enabled = false;

diff --git a/src/file_api/file_segment.cc b/src/file_api/file_segment.cc
index 1293cf4b3c664c6db2133e1bcc8be480270a218e..027189f2e0236b4b25deb3d1fb587fce51247ede 100644 (file)
--- a/src/file_api/file_segment.cc
+++ b/src/file_api/file_segment.cc
@@ -31,7 +31,7 @@ FileSegment::~FileSegment ()
         delete data;
 }
 
-FileSegments::FileSegments (FileContext* ctx)
+FileSegments::FileSegments (snort::FileContext* ctx)
 {
     head = nullptr;
     current_offset = 0;
@@ -150,15 +150,15 @@ FilePosition FileSegments::get_file_position(uint64_t data_size, uint64_t file_s
     return SNORT_FILE_MIDDLE;
 }
 
-int FileSegments::process_one(Flow* flow, const uint8_t* file_data, int data_size,
-    FilePolicyBase* policy)
+int FileSegments::process_one(snort::Flow* flow, const uint8_t* file_data, int data_size,
+    snort::FilePolicyBase* policy)
 {
     FilePosition position = get_file_position(data_size, context->get_file_size());
 
     return context->process(flow, file_data, data_size, position, policy);
 }
 
-int FileSegments::process_all(Flow* flow, FilePolicyBase* policy)
+int FileSegments::process_all(snort::Flow* flow, snort::FilePolicyBase* policy)
 {
     int ret = 1;
 
@@ -190,8 +190,8 @@ int FileSegments::process_all(Flow* flow, FilePolicyBase* policy)
  *    1: continue processing/log/block this file
  *    0: ignore this file
  */
-int FileSegments::process(Flow* flow, const uint8_t* file_data, uint64_t data_size,
-    uint64_t offset, FilePolicyBase* policy)
+int FileSegments::process(snort::Flow* flow, const uint8_t* file_data, uint64_t data_size,
+    uint64_t offset, snort::FilePolicyBase* policy)
 {
     int ret = 0;
 

diff --git a/src/file_api/file_segment.h b/src/file_api/file_segment.h
index 317eefe63898cc69b95775e8385d6d5c7d2a2fc5..c06ba4e919397bd66251e50b7a29c016232bfd0b 100644 (file)
--- a/src/file_api/file_segment.h
+++ b/src/file_api/file_segment.h
@@ -26,7 +26,10 @@
 
 #include "file_api.h"
 
+namespace snort
+{
 class Flow;
+}
 class FileConfig;
 
 class FileSegment
@@ -44,25 +47,25 @@ public:
 class FileSegments
 {
 public:
-    FileSegments(FileContext*);
+    FileSegments(snort::FileContext*);
     ~FileSegments();
 
     void clear();
 
     // Process file segments with current_offset specified. If file segment is out of order,
     // it will be put into the file segments queue.
-    int process(Flow*, const uint8_t* file_data, uint64_t data_size, uint64_t offset,
-        FilePolicyBase*);
+    int process(snort::Flow*, const uint8_t* file_data, uint64_t data_size, uint64_t offset,
+        snort::FilePolicyBase*);
 
 private:
     FileSegment* head = nullptr;
     uint64_t current_offset;
-    FileContext* context = nullptr;
+    snort::FileContext* context = nullptr;
 
     void add(const uint8_t* file_data, uint64_t data_size, uint64_t offset);
     FilePosition get_file_position(uint64_t data_size, uint64_t file_size);
-    int process_one(Flow*, const uint8_t* file_data, int data_size, FilePolicyBase*);
-    int process_all(Flow*, FilePolicyBase*);
+    int process_one(snort::Flow*, const uint8_t* file_data, int data_size, snort::FilePolicyBase*);
+    int process_all(snort::Flow*, snort::FilePolicyBase*);
 };
 
 #endif

diff --git a/src/file_api/file_service.cc b/src/file_api/file_service.cc
index ac11d43fe0337fcc55d2e4fa2e78fe21a1c05d75..b8d1435cd268f8cce995f5b34ba6149cdfcc14a6 100644 (file)
--- a/src/file_api/file_service.cc
+++ b/src/file_api/file_service.cc
@@ -38,6 +38,8 @@
 #include "file_flows.h"
 #include "file_stats.h"
 
+using namespace snort;
+
 bool FileService::file_type_id_enabled = false;
 bool FileService::file_signature_enabled = false;
 bool FileService::file_capture_enabled = false;
@@ -161,6 +163,8 @@ int64_t FileService::get_max_file_depth()
     }
 }
 
+namespace snort
+{
 uint64_t get_file_processed_size(Flow* flow)
 {
     FileFlows* file_flows = FileFlows::get_file_flows(flow);
@@ -175,4 +179,4 @@ uint64_t get_file_processed_size(Flow* flow)
 
     return context->get_processed_bytes();
 }
-
+}

diff --git a/src/file_api/file_service.h b/src/file_api/file_service.h
index 973ad0b800b414b2dfd4b444561e790b469e497f..1ad4442d54d10d1b1726c4cd2666031610d93e83 100644 (file)
--- a/src/file_api/file_service.h
+++ b/src/file_api/file_service.h
@@ -30,6 +30,8 @@
 class FileEnforcer;
 class FileCache;
 
+namespace snort
+{
 class SO_PUBLIC FileService
 {
 public:
@@ -66,6 +68,6 @@ private:
     static FileEnforcer* file_enforcer;
     static FileCache* file_cache;
 };
-
+} // namespace snort
 #endif
 

diff --git a/src/filters/detection_filter.cc b/src/filters/detection_filter.cc
index ddf3558b8bc3d3ccc0ed5e8c233a693080b53b6e..0f0ac0c96a659d8a72dd9ab318333f48db444ef1 100644 (file)
--- a/src/filters/detection_filter.cc
+++ b/src/filters/detection_filter.cc
@@ -54,10 +54,7 @@ void DetectionFilterConfigFree(DetectionFilterConfig* config)
 void detection_filter_print_config(DetectionFilterConfig*)
 { }
 
-int detection_filter_test(
-    void* pv,
-    const SfIp* sip, const SfIp* dip,
-    long curtime)
+int detection_filter_test(void* pv, const snort::SfIp* sip, const snort::SfIp* dip, long curtime)
 {
     if (pv == nullptr)
         return 0;

diff --git a/src/filters/detection_filter.h b/src/filters/detection_filter.h
index 207930b84653564ba918028d9ef05318c277c3e8..b07347daa80afff83d4eaa9432eaacc85fdb535f 100644 (file)
--- a/src/filters/detection_filter.h
+++ b/src/filters/detection_filter.h
@@ -29,7 +29,10 @@
 // and thereby controls event generation.  event_filter is evaluated after
 // the event is queued, and thereby controls which events get logged.
 
+namespace snort
+{
 struct SfIp;
+}
 
 struct DetectionFilterConfig
 {
@@ -46,7 +49,7 @@ void detection_filter_term();
 
 void detection_filter_print_config(DetectionFilterConfig*);
 
-int detection_filter_test(void*, const SfIp* sip, const SfIp* dip, long curtime);
+int detection_filter_test(void*, const snort::SfIp* sip, const snort::SfIp* dip, long curtime);
 struct THD_NODE* detection_filter_create(DetectionFilterConfig*, struct THDX_STRUCT*);
 
 #endif

diff --git a/src/filters/rate_filter.cc b/src/filters/rate_filter.cc
index 9ab9e6f171d06dfef3390f0245f07e56ba29b1c9..92d9b0830f72136b62d03bebf89bc7361aba1457 100644 (file)
--- a/src/filters/rate_filter.cc
+++ b/src/filters/rate_filter.cc
@@ -70,7 +70,7 @@ void RateFilter_Cleanup()
  * Create and Add a Thresholding Event Object
  */
 int RateFilter_Create(
-    SnortConfig* sc, RateFilterConfig* rf_config, tSFRFConfigNode* thdx)
+    snort::SnortConfig* sc, RateFilterConfig* rf_config, tSFRFConfigNode* thdx)
 {
     int error;
 
@@ -104,16 +104,14 @@ int RateFilter_Create(
     returns 1 - rate threshold reached
             0 - rate threshold not reached
 */
-int RateFilter_Test(
-    const OptTreeNode* otn,
-    Packet* p)
+int RateFilter_Test(const OptTreeNode* otn, snort::Packet* p)
 {
     unsigned gid = otn->sigInfo.gid;
     unsigned sid = otn->sigInfo.sid;
 
-    const SfIp* sip;
-    const SfIp* dip;
-    SfIp cleared;
+    const snort::SfIp* sip;
+    const snort::SfIp* dip;
+    snort::SfIp cleared;
 
     if ( p->ptrs.ip_api.is_ip() )
     {
@@ -127,8 +125,8 @@ int RateFilter_Test(
         dip = &cleared;
     }
 
-    if ((SnortConfig::get_conf() == nullptr) ||
-        (SnortConfig::get_conf()->rate_filter_config == nullptr))
+    if ((snort::SnortConfig::get_conf() == nullptr) ||
+        (snort::SnortConfig::get_conf()->rate_filter_config == nullptr))
     {
         /* this should not happen, see the create fcn */
         return -1;
@@ -140,15 +138,13 @@ int RateFilter_Test(
         // events and these require: src -> client, dst -> server.
         if ( p->is_from_server() )
         {
-            return SFRF_TestThreshold(
-                SnortConfig::get_conf()->rate_filter_config, gid, sid, dip, sip,
-                p->pkth->ts.tv_sec, SFRF_COUNT_INCREMENT);
+            return SFRF_TestThreshold(snort::SnortConfig::get_conf()->rate_filter_config, gid, sid,
+                dip, sip, p->pkth->ts.tv_sec, SFRF_COUNT_INCREMENT);
         }
     }
 
-    return SFRF_TestThreshold(
-        SnortConfig::get_conf()->rate_filter_config, gid, sid, sip, dip,
-        p->pkth->ts.tv_sec, SFRF_COUNT_INCREMENT);
+    return SFRF_TestThreshold(snort::SnortConfig::get_conf()->rate_filter_config, gid, sid,
+        sip, dip, p->pkth->ts.tv_sec, SFRF_COUNT_INCREMENT);
 }
 
 void RateFilter_PrintConfig(RateFilterConfig*)

diff --git a/src/filters/rate_filter.h b/src/filters/rate_filter.h
index ce20fe50e2332bac582f02b0babfd9d849ac8aea..45c7d4e7ec364119a640e28a1e376105de730ceb 100644 (file)
--- a/src/filters/rate_filter.h
+++ b/src/filters/rate_filter.h
@@ -23,22 +23,23 @@
 #define RATE_FILTER_H
 
 // rate filter interface for Snort
-
-struct RateFilterConfig;
+namespace snort
+{
+struct Packet;
 struct SnortConfig;
+}
+struct RateFilterConfig;
 struct tSFRFConfigNode;
-struct Packet;
 struct OptTreeNode;
 
 RateFilterConfig* RateFilter_ConfigNew();
 void RateFilter_ConfigFree(RateFilterConfig*);
 void RateFilter_Cleanup();
 
-struct SnortConfig;
-int RateFilter_Create(SnortConfig* sc, RateFilterConfig*, tSFRFConfigNode*);
+int RateFilter_Create(snort::SnortConfig* sc, RateFilterConfig*, tSFRFConfigNode*);
 void RateFilter_PrintConfig(RateFilterConfig*);
 
-int RateFilter_Test(const OptTreeNode*, Packet*);
+int RateFilter_Test(const OptTreeNode*, snort::Packet*);
 
 #endif
 

diff --git a/src/filters/sfrf.cc b/src/filters/sfrf.cc
index 3b5035fa4cd70c582ecc5fdf846c835e4c301ddd..5654cae34133d55e8830591ca9dd361c0c20bb43 100644 (file)
--- a/src/filters/sfrf.cc
+++ b/src/filters/sfrf.cc
@@ -60,7 +60,7 @@ typedef struct
      * whether dos threshold is tracking by source or destination IP address. For tracking
      * by rule, it is cleared out (all 0s).
      */
-    SfIp ip;
+    snort::SfIp ip;
     uint16_t padding;
 } tSFRFTrackingNodeKey;
 PADDING_GUARD_END
@@ -109,7 +109,7 @@ static int _checkSamplingPeriod(
     );
 
 static tSFRFTrackingNode* _getSFRFTrackingNode(
-    const SfIp*,
+    const snort::SfIp*,
     unsigned tid,
     time_t curTime
     );
@@ -118,8 +118,8 @@ static void _updateDependentThresholds(
     RateFilterConfig* config,
     unsigned gid,
     unsigned sid,
-    const SfIp* sip,
-    const SfIp* dip,
+    const snort::SfIp* sip,
+    const snort::SfIp* dip,
     time_t curTime
     );
 
@@ -213,15 +213,14 @@ static void SFRF_SidNodeFree(void* item)
  *
  * @return @retval  0 successfully added the thresholding object, !0 otherwise
 */
-int SFRF_ConfigAdd(
-    SnortConfig*, RateFilterConfig* rf_config, tSFRFConfigNode* cfgNode)
+int SFRF_ConfigAdd(snort::SnortConfig*, RateFilterConfig* rf_config, tSFRFConfigNode* cfgNode)
 {
     GHash* genHash;
     tSFRFSidNode* pSidNode;
     tSFRFConfigNode* pNewConfigNode;
     tSFRFGenHashKey key = { 0,0 };
 
-    PolicyId policy_id = get_network_policy()->policy_id;
+    PolicyId policy_id = snort::get_network_policy()->policy_id;
 
     // Auto init - memcap must be set 1st, which is not really a problem
     if ( rf_hash == nullptr )
@@ -352,7 +351,7 @@ int SFRF_ConfigAdd(
  */
 static int SFRF_TestObject(
     tSFRFConfigNode* cfgNode,
-    const SfIp* ip,
+    const snort::SfIp* ip,
     time_t curTime,
     SFRF_COUNT_OPERATION op
     )
@@ -405,7 +404,7 @@ static int SFRF_TestObject(
     // if the count were not incremented in such cases, the
     // threshold would never be exceeded.
     if ( !cfgNode->seconds && dynNode->count > cfgNode->count )
-        if ( cfgNode->newAction == Actions::DROP )
+        if ( cfgNode->newAction == snort::Actions::DROP )
             dynNode->count--;
 
 #ifdef SFRF_DEBUG
@@ -418,7 +417,7 @@ static int SFRF_TestObject(
     return retValue;
 }
 
-static inline int SFRF_AppliesTo(tSFRFConfigNode* pCfg, const SfIp* ip)
+static inline int SFRF_AppliesTo(tSFRFConfigNode* pCfg, const snort::SfIp* ip)
 {
     return ( !pCfg->applyTo || sfvar_ip_in(pCfg->applyTo, ip) );
 }
@@ -442,8 +441,8 @@ int SFRF_TestThreshold(
     RateFilterConfig* config,
     unsigned gid,
     unsigned sid,
-    const SfIp* sip,
-    const SfIp* dip,
+    const snort::SfIp* sip,
+    const snort::SfIp* dip,
     time_t curTime,
     SFRF_COUNT_OPERATION op
     )
@@ -455,7 +454,7 @@ int SFRF_TestThreshold(
     int status = -1;
     tSFRFGenHashKey key;
 
-    PolicyId policy_id = get_network_policy()->policy_id;
+    PolicyId policy_id = snort::get_network_policy()->policy_id;
 
 #ifdef SFRF_DEBUG
     printf("--%d-%u-%u: %s() entering\n", 0, gid, sid, __func__);
@@ -537,7 +536,7 @@ int SFRF_TestThreshold(
 
         case SFRF_TRACK_BY_RULE:
         {
-            SfIp cleared;
+            snort::SfIp cleared;
             cleared.clear();
             newStatus = SFRF_TestObject(cfgNode, &cleared, curTime, op);
         }
@@ -744,15 +743,15 @@ static int _checkThreshold(
     fflush(stdout);
 #endif
 
-    return Actions::MAX + cfgNode->newAction;
+    return snort::Actions::MAX + cfgNode->newAction;
 }
 
 static void _updateDependentThresholds(
     RateFilterConfig* config,
     unsigned gid,
     unsigned sid,
-    const SfIp* sip,
-    const SfIp* dip,
+    const snort::SfIp* sip,
+    const snort::SfIp* dip,
     time_t curTime
     )
 {
@@ -772,11 +771,7 @@ static void _updateDependentThresholds(
     }
 }
 
-static tSFRFTrackingNode* _getSFRFTrackingNode(
-    const SfIp* ip,
-    unsigned tid,
-    time_t curTime
-    )
+static tSFRFTrackingNode* _getSFRFTrackingNode(const snort::SfIp* ip, unsigned tid, time_t curTime)
 {
     tSFRFTrackingNode* dynNode = nullptr;
     tSFRFTrackingNodeKey key;
@@ -784,7 +779,7 @@ static tSFRFTrackingNode* _getSFRFTrackingNode(
     /* Setup key */
     key.ip = *(ip);
     key.tid = tid;
-    key.policyId = get_network_policy()->policy_id;
+    key.policyId = snort::get_network_policy()->policy_id;
     key.padding = 0;
 
     /*

diff --git a/src/filters/sfrf.h b/src/filters/sfrf.h
index 5faaca0bae53c88c1f5a35da5a396356cf7e36ce..0ca545efa79b7131c4f287db69a6aab49385e135 100644 (file)
--- a/src/filters/sfrf.h
+++ b/src/filters/sfrf.h
@@ -29,7 +29,11 @@
 #include "actions/actions.h"
 #include "main/policy.h"
 
+namespace snort
+{
 struct SfIp;
+struct SnortConfig;
+}
 
 // define to use over rate threshold
 #define SFRF_OVER_RATE
@@ -89,7 +93,7 @@ struct tSFRFConfigNode
     unsigned seconds;
 
     // Action that replaces original rule action on reaching threshold
-    Actions::Type newAction;
+    snort::Actions::Type newAction;
 
     // Threshold action duration in seconds before reverting to original rule action
     unsigned timeout;
@@ -151,14 +155,14 @@ struct RateFilterConfig
  */
 void SFRF_Delete();
 void SFRF_Flush();
-int SFRF_ConfigAdd(struct SnortConfig*, RateFilterConfig*, tSFRFConfigNode*);
+int SFRF_ConfigAdd(snort::SnortConfig*, RateFilterConfig*, tSFRFConfigNode*);
 
 int SFRF_TestThreshold(
     RateFilterConfig *config,
     unsigned gid,
     unsigned sid,
-    const SfIp *sip,
-    const SfIp *dip,
+    const snort::SfIp *sip,
+    const snort::SfIp *dip,
     time_t curTime,
     SFRF_COUNT_OPERATION);
 

diff --git a/src/filters/sfrf_test.cc b/src/filters/sfrf_test.cc
index 9dafadbc5aa529b4d7efe372c43463dc0da1b2ee..eb1324030ba693bd6e6dd6bc3a02e2bd72683e5d 100644 (file)
--- a/src/filters/sfrf_test.cc
+++ b/src/filters/sfrf_test.cc
@@ -906,7 +906,7 @@ static void Init(unsigned cap)
         cfg.tracking = p->track;
         cfg.count = p->count;
         cfg.seconds = p->seconds;
-        cfg.newAction = (Actions::Type)RULE_NEW;
+        cfg.newAction = (snort::Actions::Type)RULE_NEW;
         cfg.timeout = p->timeout;
         cfg.applyTo = p->ip ? sfip_var_from_string(p->ip) : nullptr;
 
@@ -940,15 +940,15 @@ static int EventTest(EventData* p)
     // this is the only acceptable public value for op
     SFRF_COUNT_OPERATION op = SFRF_COUNT_INCREMENT;
 
-    SfIp sip, dip;
+    snort::SfIp sip, dip;
     sip.set(p->sip);
     dip.set(p->dip);
 
     status = SFRF_TestThreshold(
         rfc, p->gid, p->sid, &sip, &dip, curtime, op);
 
-    if ( status >= Actions::MAX )
-        status -= Actions::MAX;
+    if ( status >= snort::Actions::MAX )
+        status -= snort::Actions::MAX;
 
     return status;
 }

diff --git a/src/filters/sfthd.cc b/src/filters/sfthd.cc
index e2249e57ad4987af4d7d85016d971c722fd469a6..e7bb1565470562b6845eeec13a78c224c62b1bf4 100644 (file)
--- a/src/filters/sfthd.cc
+++ b/src/filters/sfthd.cc
@@ -291,14 +291,14 @@ the current event should be logged or dropped.
 
 */
 static int sfthd_create_threshold_local(
-    SnortConfig*, ThresholdObjects* thd_objs, THD_NODE* config)
+    snort::SnortConfig*, ThresholdObjects* thd_objs, THD_NODE* config)
 {
     GHash* sfthd_hash;
     THD_ITEM* sfthd_item;
     THD_NODE* sfthd_node;
     tThdItemKey key;
 
-    PolicyId policy_id = get_network_policy()->policy_id;
+    PolicyId policy_id = snort::get_network_policy()->policy_id;
 
     if (thd_objs == nullptr )
         return -1;
@@ -490,10 +490,10 @@ static int sfthd_create_threshold_local(
 /*
  */
 static int sfthd_create_threshold_global(
-    SnortConfig*, ThresholdObjects* thd_objs, THD_NODE* config)
+    snort::SnortConfig*, ThresholdObjects* thd_objs, THD_NODE* config)
 {
     THD_NODE* sfthd_node;
-    PolicyId policy_id = get_network_policy()->policy_id;
+    PolicyId policy_id = snort::get_network_policy()->policy_id;
 
     if (thd_objs == nullptr)
         return -1;
@@ -594,7 +594,7 @@ the current event should be logged or dropped.
 
 */
 int sfthd_create_threshold(
-    SnortConfig* sc,
+    snort::SnortConfig* sc,
     ThresholdObjects* thd_objs,
     unsigned gen_id,
     unsigned sig_id,
@@ -606,7 +606,7 @@ int sfthd_create_threshold(
     sfip_var_t* ip_address)
 {
     //allocate memory fpr sfthd_array if needed.
-    PolicyId policyId = get_network_policy()->policy_id;
+    PolicyId policyId = snort::get_network_policy()->policy_id;
     THD_NODE sfthd_node;
     memset(&sfthd_node, 0, sizeof(sfthd_node));
 
@@ -653,7 +653,7 @@ static char* printIP(unsigned u, char* buf, unsigned len)
 #endif
 
 int sfthd_test_rule(XHash* rule_hash, THD_NODE* sfthd_node,
-    const SfIp* sip, const SfIp* dip, long curtime)
+    const snort::SfIp* sip, const snort::SfIp* dip, long curtime)
 {
     int status;
 
@@ -667,7 +667,7 @@ int sfthd_test_rule(XHash* rule_hash, THD_NODE* sfthd_node,
 
 static inline int sfthd_test_suppress(
     THD_NODE* sfthd_node,
-    const SfIp* ip)
+    const snort::SfIp* ip)
 {
     if ( !sfthd_node->ip_address ||
         sfvar_ip_in(sfthd_node->ip_address, ip) )
@@ -852,16 +852,16 @@ static inline int sfthd_test_non_suppress(
 int sfthd_test_local(
     XHash* local_hash,
     THD_NODE* sfthd_node,
-    const SfIp* sip,
-    const SfIp* dip,
+    const snort::SfIp* sip,
+    const snort::SfIp* dip,
     time_t curtime)
 {
     THD_IP_NODE_KEY key;
     THD_IP_NODE data,* sfthd_ip_node;
     int status=0;
-    const SfIp* ip;
+    const snort::SfIp* ip;
 
-    PolicyId policy_id = get_network_policy()->policy_id;
+    PolicyId policy_id = snort::get_network_policy()->policy_id;
 
 #ifdef THD_DEBUG
     char buf[24];
@@ -950,17 +950,17 @@ static inline int sfthd_test_global(
     XHash* global_hash,
     THD_NODE* sfthd_node,
     unsigned sig_id,     /* from current event */
-    const SfIp* sip,        /* " */
-    const SfIp* dip,        /* " */
+    const snort::SfIp* sip,        /* " */
+    const snort::SfIp* dip,        /* " */
     time_t curtime)
 {
     THD_IP_GNODE_KEY key;
     THD_IP_NODE data;
     THD_IP_NODE* sfthd_ip_node;
     int status=0;
-    const SfIp* ip;
+    const snort::SfIp* ip;
 
-    PolicyId policy_id = get_network_policy()->policy_id;
+    PolicyId policy_id = snort::get_network_policy()->policy_id;
 
 #ifdef THD_DEBUG
     char buf[24];
@@ -1060,8 +1060,8 @@ int sfthd_test_threshold(
     THD_STRUCT* thd,
     unsigned gen_id,
     unsigned sig_id,
-    const SfIp* sip,
-    const SfIp* dip,
+    const snort::SfIp* sip,
+    const snort::SfIp* dip,
     long curtime)
 {
     tThdItemKey key;
@@ -1074,7 +1074,7 @@ int sfthd_test_threshold(
 #endif
     int status=0;
 
-    PolicyId policy_id = get_network_policy()->policy_id;
+    PolicyId policy_id = snort::get_network_policy()->policy_id;
 
     if ((thd_objs == nullptr) || (thd == nullptr))
         return 0;

diff --git a/src/filters/sfthd.h b/src/filters/sfthd.h
index 0c9455ac067462e2ea7dfc964c474b5782847b3f..08cced0477e2a59fe1f6eb6f651d6535875e1b9e 100644 (file)
--- a/src/filters/sfthd.h
+++ b/src/filters/sfthd.h
@@ -27,6 +27,10 @@
 #include "sfip/sf_ip.h"
 #include "utils/cpp_macros.h"
 
+namespace snort
+{
+struct SnortConfig;
+}
 struct GHash;
 struct XHash;
 typedef struct sf_list SF_LIST;
@@ -98,7 +102,7 @@ struct THD_IP_NODE_KEY
 {
     int thd_id;
     PolicyId policyId;
-    SfIp ip;
+    snort::SfIp ip;
     uint16_t padding;
 };
 
@@ -107,7 +111,7 @@ struct THD_IP_GNODE_KEY
     unsigned gen_id;
     unsigned sig_id;
     PolicyId policyId;
-    SfIp ip;
+    snort::SfIp ip;
     uint16_t padding;
 };
 PADDING_GUARD_END
@@ -215,7 +219,7 @@ ThresholdObjects* sfthd_objs_new();
 void sfthd_objs_free(ThresholdObjects*);
 
 int sfthd_test_rule(XHash* rule_hash, THD_NODE* sfthd_node,
-    const SfIp* sip, const SfIp* dip, long curtime);
+    const snort::SfIp* sip, const snort::SfIp* dip, long curtime);
 
 THD_NODE* sfthd_create_rule_threshold(
     int id,
@@ -226,40 +230,20 @@ THD_NODE* sfthd_create_rule_threshold(
     );
 void sfthd_node_free(THD_NODE*);
 
-struct SnortConfig;
-int sfthd_create_threshold(
-    SnortConfig*,
-    ThresholdObjects*,
-    unsigned gen_id,
-    unsigned sig_id,
-    int tracking,
-    int type,
-    int priority,
-    int count,
-    int seconds,
-    sfip_var_t* ip_address
-    );
+int sfthd_create_threshold(snort::SnortConfig*, ThresholdObjects*, unsigned gen_id,
+    unsigned sig_id, int tracking, int type, int priority, int count,
+    int seconds, sfip_var_t* ip_address);
 
 //  1: don't log due to event_filter
 //  0: log
 // -1: don't log due to suppress
-int sfthd_test_threshold(
-    ThresholdObjects*,
-    THD_STRUCT*,
-    unsigned gen_id,
-    unsigned sig_id,
-    const SfIp* sip,
-    const SfIp* dip,
-    long curtime);
+int sfthd_test_threshold(ThresholdObjects*, THD_STRUCT*, unsigned gen_id, unsigned sig_id,
+    const snort::SfIp* sip, const snort::SfIp* dip, long curtime);
 
 XHash* sfthd_new_hash(unsigned, size_t, size_t);
 
-int sfthd_test_local(
-    XHash* local_hash,
-    THD_NODE* sfthd_node,
-    const SfIp* sip,
-    const SfIp* dip,
-    time_t curtime);
+int sfthd_test_local(XHash* local_hash, THD_NODE* sfthd_node, const snort::SfIp* sip,
+    const snort::SfIp* dip, time_t curtime);
 
 #ifdef THD_DEBUG
 int sfthd_show_objects(THD_STRUCT* thd);

diff --git a/src/filters/sfthd_test.cc b/src/filters/sfthd_test.cc
index 27913d3846aee0a0e12ac01d047101ca9810267b..bc99caf1a45c27bf9a2f521a64f63b1c10d75e6a 100644 (file)
--- a/src/filters/sfthd_test.cc
+++ b/src/filters/sfthd_test.cc
@@ -834,7 +834,7 @@ static int EventTest(EventData* p, THD_NODE* rule)
     long curtime = (long)p->now;
     int status;
 
-    SfIp sip, dip;
+    snort::SfIp sip, dip;
     sip.set(p->sip);
     dip.set(p->dip);
 

diff --git a/src/filters/sfthreshold.cc b/src/filters/sfthreshold.cc
index d9e2ec44187b791ba5dfedd9eab652db71a610a2..d7e4d59dae37c5a01e2185ccc90ce3ca0ea24fc3 100644 (file)
--- a/src/filters/sfthreshold.cc
+++ b/src/filters/sfthreshold.cc
@@ -270,7 +270,7 @@ void sfthreshold_free()
 
 */
 int sfthreshold_create(
-    SnortConfig* sc, ThresholdConfig* thd_config, THDX_STRUCT* thdx)
+    snort::SnortConfig* sc, ThresholdConfig* thd_config, THDX_STRUCT* thdx)
 {
     if (thd_config == nullptr)
         return -1;
@@ -311,13 +311,11 @@ int sfthreshold_create(
     returns 0 - log
            !0 - don't log
 */
-int sfthreshold_test(
-    unsigned gen_id, unsigned sig_id,
-    const SfIp* sip, const SfIp* dip,
-    long curtime)
+int sfthreshold_test(unsigned gen_id, unsigned sig_id, const snort::SfIp* sip,
+    const snort::SfIp* dip, long curtime)
 {
-    if ((SnortConfig::get_conf()->threshold_config == nullptr) ||
-        !SnortConfig::get_conf()->threshold_config->enabled)
+    if ((snort::SnortConfig::get_conf()->threshold_config == nullptr) ||
+        !snort::SnortConfig::get_conf()->threshold_config->enabled)
     {
         return 0;
     }
@@ -325,7 +323,7 @@ int sfthreshold_test(
     if (!thd_checked)
     {
         thd_checked = 1;
-        thd_answer = sfthd_test_threshold(SnortConfig::get_conf()->threshold_config->thd_objs,
+        thd_answer = sfthd_test_threshold(snort::SnortConfig::get_conf()->threshold_config->thd_objs,
             thd_runtime, gen_id, sig_id, sip, dip, curtime);
     }
 

diff --git a/src/filters/sfthreshold.h b/src/filters/sfthreshold.h
index 504a8edfd26780df0b08349af373a232f2f729cd..75dfffe456e051d6afa0848a85085630f3be3180 100644 (file)
--- a/src/filters/sfthreshold.h
+++ b/src/filters/sfthreshold.h
@@ -20,7 +20,11 @@
 #ifndef SFTHRESHOLD_H
 #define SFTHRESHOLD_H
 
+namespace snort
+{
 struct SfIp;
+struct SnortConfig;
+}
 struct THDX_STRUCT;
 struct ThresholdObjects;
 
@@ -34,8 +38,8 @@ struct ThresholdConfig
 ThresholdConfig* ThresholdConfigNew();
 void ThresholdConfigFree(ThresholdConfig*);
 void sfthreshold_reset();
-int sfthreshold_create(struct SnortConfig*, ThresholdConfig*, THDX_STRUCT*);
-int sfthreshold_test(unsigned int, unsigned int, const SfIp*, const SfIp*, long curtime);
+int sfthreshold_create(snort::SnortConfig*, ThresholdConfig*, THDX_STRUCT*);
+int sfthreshold_test(unsigned int, unsigned int, const snort::SfIp*, const snort::SfIp*, long curtime);
 void print_thresholding(ThresholdConfig*, unsigned shutdown);
 void sfthreshold_free();
 

diff --git a/src/flow/expect_cache.cc b/src/flow/expect_cache.cc
index afacb540d43c2573b050ade68ee919190388d1b4..3e5e06f5eb94ea9866601e2dd6083a9b84893f0d 100644 (file)
--- a/src/flow/expect_cache.cc
+++ b/src/flow/expect_cache.cc
@@ -32,6 +32,8 @@
 #include "stream/stream.h"      // FIXIT-M bad dependency
 #include "time/packet_time.h"
 
+using namespace snort;
+
 /* Reasonably small, and prime */
 // FIXIT-L size based on max_tcp + max_udp?
 #define MAX_HASH 1021
@@ -320,10 +322,8 @@ ExpectCache::~ExpectCache()
  * existing appId, new appId and associated data is not stored.
  *
  */
-int ExpectCache::add_flow(const Packet *ctrlPkt,
-    PktType type, IpProtocol ip_proto,
-    const SfIp* cliIP, uint16_t cliPort,
-    const SfIp* srvIP, uint16_t srvPort,
+int ExpectCache::add_flow(const Packet *ctrlPkt, PktType type, IpProtocol ip_proto,
+    const SfIp* cliIP, uint16_t cliPort, const SfIp* srvIP, uint16_t srvPort,
     char direction, FlowData* fd, int16_t appId)
 {
     /* Just pull the VLAN ID, MPLS ID, and Address Space ID from the

diff --git a/src/flow/expect_cache.h b/src/flow/expect_cache.h
index fa259443b807351d71ada919d1109f47b8c25209..d60e8d86299e7c59258798b0913ae7ad59a49290 100644 (file)
--- a/src/flow/expect_cache.h
+++ b/src/flow/expect_cache.h
@@ -63,24 +63,27 @@
 #include <vector>
 #include "flow/flow_key.h"
 
+struct ExpectNode;
+
+namespace snort
+{
 class Flow;
 class FlowData;
 struct Packet;
-struct ExpectNode;
-struct ExpectFlow;
 
 struct SO_PUBLIC ExpectFlow
 {
     struct ExpectFlow* next;
-    FlowData* data;
+    snort::FlowData* data;
 
     ~ExpectFlow();
     void clear();
-    int add_flow_data(FlowData*);
-    FlowData* get_flow_data(unsigned);
+    int add_flow_data(snort::FlowData*);
+    snort::FlowData* get_flow_data(unsigned);
     static std::vector<ExpectFlow*>* get_expect_flows();
     static void reset_expect_flows();
 };
+}
 
 class ExpectCache
 {
@@ -91,13 +94,13 @@ public:
     ExpectCache(const ExpectCache&) = delete;
     ExpectCache& operator=(const ExpectCache&) = delete;
 
-    int add_flow(const Packet *ctrlPkt, PktType, IpProtocol,
-        const SfIp* cliIP, uint16_t cliPort,
-        const SfIp* srvIP, uint16_t srvPort,
-        char direction, FlowData*, int16_t appId = 0);
+    int add_flow(const snort::Packet *ctrlPkt, PktType, IpProtocol,
+        const snort::SfIp* cliIP, uint16_t cliPort,
+        const snort::SfIp* srvIP, uint16_t srvPort,
+        char direction, snort::FlowData*, int16_t appId = 0);
 
-    bool is_expected(Packet*);
-    bool check(Packet*, Flow*);
+    bool is_expected(snort::Packet*);
+    bool check(snort::Packet*, snort::Flow*);
 
     unsigned long get_expects() { return expects; }
     unsigned long get_realized() { return realized; }
@@ -108,15 +111,15 @@ private:
     void prune();
 
     ExpectNode* get_node(FlowKey&, bool&);
-    ExpectFlow* get_flow(ExpectNode*, uint32_t, int16_t);
-    bool set_data(ExpectNode*, ExpectFlow*&, FlowData*);
-    ExpectNode* find_node_by_packet(Packet*, FlowKey&);
-    bool process_expected(ExpectNode*, FlowKey&, Packet*, Flow*);
+    snort::ExpectFlow* get_flow(ExpectNode*, uint32_t, int16_t);
+    bool set_data(ExpectNode*, snort::ExpectFlow*&, snort::FlowData*);
+    ExpectNode* find_node_by_packet(snort::Packet*, FlowKey&);
+    bool process_expected(ExpectNode*, FlowKey&, snort::Packet*, snort::Flow*);
 
 private:
     class ZHash* hash_table;
     ExpectNode* nodes;
-    ExpectFlow* pool, * free_list;
+    snort::ExpectFlow* pool, * free_list;
 
     unsigned long expects, realized;
     unsigned long prunes, overflows;

diff --git a/src/flow/flow.cc b/src/flow/flow.cc
index 9b5e0d4d7672566a652962e77b702014c000375b..b2228a287b9d270b8844e7dc4aa54d52da9d3343 100644 (file)
--- a/src/flow/flow.cc
+++ b/src/flow/flow.cc
@@ -33,6 +33,8 @@
 #include "utils/stats.h"
 #include "utils/util.h"
 
+using namespace snort;
+
 unsigned FlowData::flow_data_id = 0;
 
 FlowData::FlowData(unsigned u, Inspector* ph)

diff --git a/src/flow/flow.h b/src/flow/flow.h
index a33ca5cffa66a2e53405c464b66bf78678b9d6a4..e7872e4b5ba8a946a0b9a3c18954ad5f7d5ee996 100644 (file)
--- a/src/flow/flow.h
+++ b/src/flow/flow.h
@@ -92,7 +92,13 @@
 #define FLOW_IS_OFFLOADED              0x01
 #define FLOW_WAS_OFFLOADED             0x02  // FIXIT-L debug only
 
+class BitOp;
+class FlowHAState;
 struct FlowKey;
+class Session;
+
+namespace snort
+{
 struct Packet;
 
 typedef void (* StreamAppDataFree)(void*);
@@ -298,9 +304,9 @@ public:  // FIXIT-M privatize if possible
 
     // these fields are const after initialization
     const FlowKey* key;
-    class Session* session;
-    class BitOp* bitop;
-    class FlowHAState* ha_state;
+    Session* session;
+    BitOp* bitop;
+    FlowHAState* ha_state;
 
     uint8_t ip_proto; // FIXIT-M do we need both of these?
     PktType pkt_type; // ^^
@@ -372,6 +378,6 @@ inline bool Flow::is_detection_enabled(bool to_server)
 
     return !(ssn_state.session_flags & SSNFLAG_NO_DETECT_TO_CLIENT);
 }
-
+}
 #endif
 

diff --git a/src/flow/flow_cache.cc b/src/flow/flow_cache.cc
index 36d483998f3076d750c02f9f25e1832fe1cec637..cf5ef9e34d3fbfc1e1a70eafe9a9ccb1533d6575 100644 (file)
--- a/src/flow/flow_cache.cc
+++ b/src/flow/flow_cache.cc
@@ -35,6 +35,8 @@
 
 #include "flow_key.h"
 
+using namespace snort;
+
 #define SESSION_CACHE_FLAG_PURGING  0x01
 
 //-------------------------------------------------------------------------

diff --git a/src/flow/flow_cache.h b/src/flow/flow_cache.h
index 4a8b5275c1be0f4b2153eac2c08a4289446e5502..7b42654a18a5ccc4c33fa9248bf906af82fad1f4 100644 (file)
--- a/src/flow/flow_cache.h
+++ b/src/flow/flow_cache.h
@@ -31,7 +31,10 @@
 #include "flow_config.h"
 #include "prune_stats.h"
 
+namespace snort
+{
 class Flow;
+}
 struct FlowKey;
 
 class FlowCache
@@ -43,16 +46,16 @@ public:
     FlowCache(const FlowCache&) = delete;
     FlowCache& operator=(const FlowCache&) = delete;
 
-    void push(Flow*);
+    void push(snort::Flow*);
 
-    Flow* find(const FlowKey*);
-    Flow* get(const FlowKey*);
+    snort::Flow* find(const FlowKey*);
+    snort::Flow* get(const FlowKey*);
 
-    int release(Flow*, PruneReason = PruneReason::NONE, bool do_cleanup = true);
+    int release(snort::Flow*, PruneReason = PruneReason::NONE, bool do_cleanup = true);
 
     unsigned prune_unis();
-    unsigned prune_stale(uint32_t thetime, const Flow* save_me);
-    unsigned prune_excess(const Flow* save_me);
+    unsigned prune_stale(uint32_t thetime, const snort::Flow* save_me);
+    unsigned prune_excess(const snort::Flow* save_me);
     bool prune_one(PruneReason, bool do_cleanup);
     unsigned timeout(unsigned num_flows, time_t cur_time);
 
@@ -71,11 +74,11 @@ public:
     void reset_stats()
     { prune_stats = PruneStats(); }
 
-    void unlink_uni(Flow*);
+    void unlink_uni(snort::Flow*);
 
 private:
-    void link_uni(Flow*);
-    int remove(Flow*);
+    void link_uni(snort::Flow*);
+    int remove(snort::Flow*);
 
 private:
     static const unsigned cleanup_flows = 1;
@@ -84,7 +87,7 @@ private:
     uint32_t flags;
 
     class ZHash* hash_table;
-    Flow* uni_head, * uni_tail;
+    snort::Flow* uni_head, * uni_tail;
     PruneStats prune_stats;
 };
 

diff --git a/src/flow/flow_control.cc b/src/flow/flow_control.cc
index 0881a1b0aa00fe32c4ffacd23370fbc68637aaf8..091f72217c902f7ddbbc885223d020d729187b1d 100644 (file)
--- a/src/flow/flow_control.cc
+++ b/src/flow/flow_control.cc
@@ -39,6 +39,8 @@
 #include "flow_cache.h"
 #include "session.h"
 
+using namespace snort;
+
 FlowControl::FlowControl() = default;
 
 FlowControl::~FlowControl()

diff --git a/src/flow/flow_control.h b/src/flow/flow_control.h
index be4df698189a700d3adfc781df03390060423c7e..632403c8c162fb4ceddb92f35693602f6c70bd27 100644 (file)
--- a/src/flow/flow_control.h
+++ b/src/flow/flow_control.h
@@ -33,12 +33,15 @@
 #include "framework/decode_data.h"
 #include "framework/inspector.h"
 
+namespace snort
+{
 class Flow;
 class FlowData;
-class FlowCache;
-struct FlowKey;
 struct Packet;
 struct SfIp;
+}
+class FlowCache;
+struct FlowKey;
 
 enum class PruneReason : uint8_t;
 
@@ -49,45 +52,45 @@ public:
     ~FlowControl();
 
 public:
-    void process_ip(Packet*);
-    void process_icmp(Packet*);
-    void process_tcp(Packet*);
-    void process_udp(Packet*);
-    void process_user(Packet*);
-    void process_file(Packet*);
-
-    Flow* find_flow(const FlowKey*);
-    Flow* new_flow(const FlowKey*);
-
-    void init_ip(const FlowConfig&, InspectSsnFunc);
-    void init_icmp(const FlowConfig&, InspectSsnFunc);
-    void init_tcp(const FlowConfig&, InspectSsnFunc);
-    void init_udp(const FlowConfig&, InspectSsnFunc);
-    void init_user(const FlowConfig&, InspectSsnFunc);
-    void init_file(const FlowConfig&, InspectSsnFunc);
+    void process_ip(snort::Packet*);
+    void process_icmp(snort::Packet*);
+    void process_tcp(snort::Packet*);
+    void process_udp(snort::Packet*);
+    void process_user(snort::Packet*);
+    void process_file(snort::Packet*);
+
+    snort::Flow* find_flow(const FlowKey*);
+    snort::Flow* new_flow(const FlowKey*);
+
+    void init_ip(const FlowConfig&, snort::InspectSsnFunc);
+    void init_icmp(const FlowConfig&, snort::InspectSsnFunc);
+    void init_tcp(const FlowConfig&, snort::InspectSsnFunc);
+    void init_udp(const FlowConfig&, snort::InspectSsnFunc);
+    void init_user(const FlowConfig&, snort::InspectSsnFunc);
+    void init_file(const FlowConfig&, snort::InspectSsnFunc);
     void init_exp(uint32_t max);
 
     void delete_flow(const FlowKey*);
-    void delete_flow(Flow*, PruneReason);
+    void delete_flow(snort::Flow*, PruneReason);
     void purge_flows(PktType);
     bool prune_one(PruneReason, bool do_cleanup);
 
     void timeout_flows(time_t cur_time);
 
-    bool expected_flow(Flow*, Packet*);
-    bool is_expected(Packet*);
+    bool expected_flow(snort::Flow*, snort::Packet*);
+    bool is_expected(snort::Packet*);
 
     int add_expected(
-        const Packet* ctrlPkt, PktType, IpProtocol,
-        const SfIp *srcIP, uint16_t srcPort,
-        const SfIp *dstIP, uint16_t dstPort,
-        char direction, FlowData*);
+        const snort::Packet* ctrlPkt, PktType, IpProtocol,
+        const snort::SfIp *srcIP, uint16_t srcPort,
+        const snort::SfIp *dstIP, uint16_t dstPort,
+        char direction, snort::FlowData*);
 
     int add_expected(
-        const Packet* ctrlPkt, PktType, IpProtocol,
-        const SfIp *srcIP, uint16_t srcPort,
-        const SfIp *dstIP, uint16_t dstPort,
-        int16_t appId, FlowData*);
+        const snort::Packet* ctrlPkt, PktType, IpProtocol,
+        const snort::SfIp *srcIP, uint16_t srcPort,
+        const snort::SfIp *dstIP, uint16_t dstPort,
+        int16_t appId, snort::FlowData*);
 
     PegCount get_flows(PktType);
     PegCount get_total_prunes(PktType) const;
@@ -99,9 +102,9 @@ private:
     FlowCache* get_cache(PktType);
     const FlowCache* get_cache(PktType) const;
 
-    void set_key(FlowKey*, Packet*);
+    void set_key(FlowKey*, snort::Packet*);
 
-    unsigned process(Flow*, Packet*);
+    unsigned process(snort::Flow*, snort::Packet*);
     void preemptive_cleanup();
 
 private:
@@ -113,19 +116,19 @@ private:
     FlowCache* file_cache = nullptr;
 
     // preallocated arrays
-    Flow* ip_mem = nullptr;
-    Flow* icmp_mem = nullptr;
-    Flow* tcp_mem = nullptr;
-    Flow* udp_mem = nullptr;
-    Flow* user_mem = nullptr;
-    Flow* file_mem = nullptr;
-
-    InspectSsnFunc get_ip = nullptr;
-    InspectSsnFunc get_icmp = nullptr;
-    InspectSsnFunc get_tcp = nullptr;
-    InspectSsnFunc get_udp = nullptr;
-    InspectSsnFunc get_user = nullptr;
-    InspectSsnFunc get_file = nullptr;
+    snort::Flow* ip_mem = nullptr;
+    snort::Flow* icmp_mem = nullptr;
+    snort::Flow* tcp_mem = nullptr;
+    snort::Flow* udp_mem = nullptr;
+    snort::Flow* user_mem = nullptr;
+    snort::Flow* file_mem = nullptr;
+
+    snort::InspectSsnFunc get_ip = nullptr;
+    snort::InspectSsnFunc get_icmp = nullptr;
+    snort::InspectSsnFunc get_tcp = nullptr;
+    snort::InspectSsnFunc get_udp = nullptr;
+    snort::InspectSsnFunc get_user = nullptr;
+    snort::InspectSsnFunc get_file = nullptr;
 
     class ExpectCache* exp_cache = nullptr;
     PktType last_pkt_type = PktType::NONE;

diff --git a/src/flow/flow_key.cc b/src/flow/flow_key.cc
index 8c7aced3abfe77606e467d8815ef6556dc614b8c..c4dc91ffcb03af68d878f1a57b18bf8adf1b6554 100644 (file)
--- a/src/flow/flow_key.cc
+++ b/src/flow/flow_key.cc
@@ -30,6 +30,8 @@
 #include "protocols/icmp6.h"
 #include "utils/util.h"
 
+using namespace snort;
+
 //-------------------------------------------------------------------------
 // icmp foo
 //-------------------------------------------------------------------------

diff --git a/src/flow/flow_key.h b/src/flow/flow_key.h
index ed139d4271e571d4ee08b903fc335b796f9603b0..b117e5f86b83de83b18c9aaab2a379cb87c42f58 100644 (file)
--- a/src/flow/flow_key.h
+++ b/src/flow/flow_key.h
@@ -29,7 +29,11 @@
 #include "utils/cpp_macros.h"
 
 struct HashFnc;
+
+namespace snort
+{
 struct SfIp;
+}
 
 PADDING_GUARD_BEGIN
 struct FlowKey
@@ -52,13 +56,13 @@ struct FlowKey
         addresses at this time. */
     bool init(
         PktType, IpProtocol,
-        const SfIp *srcIP, uint16_t srcPort,
-        const SfIp *dstIP, uint16_t dstPort,
+        const snort::SfIp *srcIP, uint16_t srcPort,
+        const snort::SfIp *dstIP, uint16_t dstPort,
         uint16_t vlanId, uint32_t mplsId, uint16_t addrSpaceId);
 
     bool init(
         PktType, IpProtocol,
-        const SfIp *srcIP, const SfIp *dstIP,
+        const snort::SfIp *srcIP, const snort::SfIp *dstIP,
         uint32_t id, uint16_t vlanId,
         uint32_t mplsId, uint16_t addrSpaceId);
 
@@ -73,14 +77,14 @@ struct FlowKey
 private:
     bool init4(
         IpProtocol,
-        const SfIp *srcIP, uint16_t srcPort,
-        const SfIp *dstIP, uint16_t dstPort,
+        const snort::SfIp *srcIP, uint16_t srcPort,
+        const snort::SfIp *dstIP, uint16_t dstPort,
         uint32_t mplsId, bool order = true);
 
     bool init6(
         IpProtocol,
-        const SfIp *srcIP, uint16_t srcPort,
-        const SfIp *dstIP, uint16_t dstPort,
+        const snort::SfIp *srcIP, uint16_t srcPort,
+        const snort::SfIp *dstIP, uint16_t dstPort,
         uint32_t mplsId, bool order = true);
 };
 PADDING_GUARD_END

diff --git a/src/flow/ha.cc b/src/flow/ha.cc
index 21f0027b881c6d620d390fc476bee7aace9eeac1..59d36770720413589d85dfe9a940426651d1f442 100644 (file)
--- a/src/flow/ha.cc
+++ b/src/flow/ha.cc
@@ -35,6 +35,8 @@
 #include "flow.h"
 #include "flow_key.h"
 
+using namespace snort;
+
 static const uint8_t HA_MESSAGE_VERSION = 3;
 
 // define message size and content constants.

diff --git a/src/flow/ha.h b/src/flow/ha.h
index 2a9f488d07f28861978c7fa5bfd510886812f04c..e1f78093bd1739b362f8dc20cb946bf3699f04f0 100644 (file)
--- a/src/flow/ha.h
+++ b/src/flow/ha.h
@@ -27,7 +27,10 @@
 
 //-------------------------------------------------------------------------
 
+namespace snort
+{
 class Flow;
+}
 struct FlowKey;
 
 // The FlowHAHandle is the dynamically allocated index used uniquely identify
@@ -123,10 +126,10 @@ class FlowHAClient
 {
 public:
     virtual ~FlowHAClient() = default;
-    virtual bool consume(Flow*&, FlowKey*, HAMessage*) { return false; }
-    virtual bool produce(Flow*, HAMessage*) { return false; }
-    virtual bool is_update_required(Flow*) { return false; }
-    virtual bool is_delete_required(Flow*) { return false; }
+    virtual bool consume(snort::Flow*&, FlowKey*, HAMessage*) { return false; }
+    virtual bool produce(snort::Flow*, HAMessage*) { return false; }
+    virtual bool is_update_required(snort::Flow*) { return false; }
+    virtual bool is_delete_required(snort::Flow*) { return false; }
     uint8_t get_message_size() { return header.length; }
     bool fit(HAMessage*, uint8_t);
     bool place(HAMessage*, uint8_t*, uint8_t);
@@ -147,8 +150,8 @@ public:
     HighAvailability(PortBitSet*,bool);
     ~HighAvailability();
 
-    void process_update(Flow*, const DAQ_PktHdr_t*);
-    void process_deletion(Flow*);
+    void process_update(snort::Flow*, const DAQ_PktHdr_t*);
+    void process_deletion(snort::Flow*);
     void process_receive();
 
 private:
@@ -173,15 +176,15 @@ public:
     static bool active();
 
     // Within the packet callback, analyze the packet and flow for potential update messages
-    static void process_update(Flow*, const DAQ_PktHdr_t*);
+    static void process_update(snort::Flow*, const DAQ_PktHdr_t*);
 
     // Anytime a flow is deleted, potentially generate a deletion message
-    static void process_deletion(Flow*);
+    static void process_deletion(snort::Flow*);
 
     // Look for and dispatch receive messages.
     static void process_receive();
-    static void set_modified(Flow*);
-    static bool in_standby(Flow*);
+    static void set_modified(snort::Flow*);
+    static bool in_standby(snort::Flow*);
 
 private:
     HighAvailabilityManager() = delete;

diff --git a/src/flow/ha_module.cc b/src/flow/ha_module.cc
index b727762ab995a3ba760fb4df4764feea33dfcb60..f65c5e4e7786c8ab32b39f121187f9ab51dd237a 100644 (file)
--- a/src/flow/ha_module.cc
+++ b/src/flow/ha_module.cc
@@ -30,6 +30,7 @@
 
 #include "ha.h"
 
+using namespace snort;
 
 //-------------------------------------------------------------------------
 // ha module

diff --git a/src/flow/ha_module.h b/src/flow/ha_module.h
index 20e9a712231a467c42dd72fc4841c1b33608e48a..2e38066f36fbc9849d9c662b24d2cf578d8f550e 100644 (file)
--- a/src/flow/ha_module.h
+++ b/src/flow/ha_module.h
@@ -39,17 +39,17 @@ struct HighAvailabilityConfig
 };
 
 extern THREAD_LOCAL SimpleStats ha_stats;
-extern THREAD_LOCAL ProfileStats ha_perf_stats;
+extern THREAD_LOCAL snort::ProfileStats ha_perf_stats;
 
-class HighAvailabilityModule : public Module
+class HighAvailabilityModule : public snort::Module
 {
 public:
     HighAvailabilityModule();
     ~HighAvailabilityModule() override;
 
-    bool set(const char*, Value&, SnortConfig*) override;
-    bool begin(const char*, int, SnortConfig*) override;
-    bool end(const char*, int, SnortConfig*) override;
+    bool set(const char*, snort::Value&, snort::SnortConfig*) override;
+    bool begin(const char*, int, snort::SnortConfig*) override;
+    bool end(const char*, int, snort::SnortConfig*) override;
 
     PegCount* get_counts() const override
     { return (PegCount*)&ha_stats; }
@@ -57,7 +57,7 @@ public:
     const PegInfo* get_pegs() const override
     { return simple_pegs; }
 
-    ProfileStats* get_profile() const override;
+    snort::ProfileStats* get_profile() const override;
 
     Usage get_usage() const override
     { return GLOBAL; }

diff --git a/src/flow/session.h b/src/flow/session.h
index f8f82c654226849161fffc28ef41cb63f40b2649..5e905ebbbfe6ae1163dc916cb08f4a609bdda521 100644 (file)
--- a/src/flow/session.h
+++ b/src/flow/session.h
@@ -25,40 +25,44 @@
 
 #include "stream/stream.h"
 
+namespace snort
+{
+class Flow;
 struct Packet;
 struct SfIp;
-class Flow;
+class StreamSplitter;
+}
 
 class Session
 {
 public:
     virtual ~Session() = default;
 
-    virtual bool setup(Packet*) { return true; }
-    virtual void update_direction(char /*dir*/, const SfIp*, uint16_t /*port*/) { }
-    virtual int process(Packet*) { return 0; }
+    virtual bool setup(snort::Packet*) { return true; }
+    virtual void update_direction(char /*dir*/, const snort::SfIp*, uint16_t /*port*/) { }
+    virtual int process(snort::Packet*) { return 0; }
 
-    virtual void restart(Packet*) { }
-    virtual void precheck(Packet*) { }
+    virtual void restart(snort::Packet*) { }
+    virtual void precheck(snort::Packet*) { }
     virtual void clear() = 0;
-    virtual void cleanup(Packet* = nullptr) { clear(); }
+    virtual void cleanup(snort::Packet* = nullptr) { clear(); }
 
-    virtual bool add_alert(Packet*, uint32_t /*gid*/, uint32_t /*sid*/) { return false; }
-    virtual bool check_alerted(Packet*, uint32_t /*gid*/, uint32_t /*sid*/) { return false; }
+    virtual bool add_alert(snort::Packet*, uint32_t /*gid*/, uint32_t /*sid*/) { return false; }
+    virtual bool check_alerted(snort::Packet*, uint32_t /*gid*/, uint32_t /*sid*/) { return false; }
 
     virtual int update_alert(
-        Packet*, uint32_t /*gid*/, uint32_t /*sid*/,
+        snort::Packet*, uint32_t /*gid*/, uint32_t /*sid*/,
         uint32_t /*event_id*/, uint32_t /*event_second*/) { return 0; }
 
-    virtual void flush_client(Packet*) { }
-    virtual void flush_server(Packet*) { }
-    virtual void flush_talker(Packet*, bool /*final_flush */ = false) { }
-    virtual void flush_listener(Packet*, bool /*final_flush */ = false) { }
+    virtual void flush_client(snort::Packet*) { }
+    virtual void flush_server(snort::Packet*) { }
+    virtual void flush_talker(snort::Packet*, bool /*final_flush */ = false) { }
+    virtual void flush_listener(snort::Packet*, bool /*final_flush */ = false) { }
 
-    virtual void set_splitter(bool /*c2s*/, StreamSplitter*) { }
-    virtual StreamSplitter* get_splitter(bool /*c2s*/) { return nullptr; }
+    virtual void set_splitter(bool /*c2s*/, snort::StreamSplitter*) { }
+    virtual snort::StreamSplitter* get_splitter(bool /*c2s*/) { return nullptr; }
 
-    virtual void set_extra_data(Packet*, uint32_t /*flag*/) { }
+    virtual void set_extra_data(snort::Packet*, uint32_t /*flag*/) { }
 
     virtual bool is_sequenced(uint8_t /*dir*/) { return true; }
     virtual bool are_packets_missing(uint8_t /*dir*/) { return true; }
@@ -67,10 +71,10 @@ public:
     virtual uint8_t missing_in_reassembled(uint8_t /*dir*/) { return SSN_MISSING_NONE; }
 
 protected:
-    Session(Flow* f) { flow = f; }
+    Session(snort::Flow* f) { flow = f; }
 
 public:
-    Flow* flow;  // FIXIT-L use reference?
+    snort::Flow* flow;  // FIXIT-L use reference?
 };
 
 /* These should be tracked by all Session subclasses. Add to top of peg list.

diff --git a/src/flow/test/ha_module_test.cc b/src/flow/test/ha_module_test.cc
index 4ec53256a718c581d2652208ae7811668af17c22..a0d071b2774253630da850ccdee68324fceb7d55 100644 (file)
--- a/src/flow/test/ha_module_test.cc
+++ b/src/flow/test/ha_module_test.cc
@@ -33,6 +33,8 @@
 #include <CppUTest/CommandLineTestRunner.h>
 #include <CppUTest/TestHarness.h>
 
+using namespace snort;
+
 void LogMessage(const char*,...) { }
 
 THREAD_LOCAL SimpleStats ha_stats;

diff --git a/src/flow/test/ha_test.cc b/src/flow/test/ha_test.cc
index 1f9486cd7a544671a305e3b1cdf1bd3b533bc4d6..bdbf846fa20e797c3557516d03223b6dc21719df 100644 (file)
--- a/src/flow/test/ha_test.cc
+++ b/src/flow/test/ha_test.cc
@@ -33,6 +33,8 @@
 #include <CppUTest/CommandLineTestRunner.h>
 #include <CppUTest/TestHarness.h>
 
+using namespace snort;
+
 #define MSG_SIZE 100
 #define TEST_KEY 0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47
 

diff --git a/src/framework/base_api.h b/src/framework/base_api.h
index 7bfd71f25c60b91dc3dc0a2b074991c19b11ded3..23c8e9e22342f10c20803b32739fc74cb8d61641 100644 (file)
--- a/src/framework/base_api.h
+++ b/src/framework/base_api.h
@@ -55,6 +55,8 @@ enum PlugType
     PT_MAX
 };
 
+namespace snort
+{
 class Module;
 typedef Module* (* ModNewFunc)();
 typedef void (* ModDelFunc)(Module*);
@@ -71,9 +73,9 @@ struct BaseApi
     const char* options;
     const char* name;
     const char* help;
-    ModNewFunc mod_ctor;
+    snort::ModNewFunc mod_ctor;
     ModDelFunc mod_dtor;
 };
-
+}
 #endif
 

diff --git a/src/framework/codec.cc b/src/framework/codec.cc
index 09f3ca92254d72c4d60cd32a2bb6aa0234d9bf65..018f67fc4064495e5f280b6f4358091d7d9a642d 100644 (file)
--- a/src/framework/codec.cc
+++ b/src/framework/codec.cc
@@ -27,6 +27,8 @@
 #include "detection/detection_engine.h"
 #include "events/event_queue.h"
 
+using namespace snort;
+
 EncState::EncState(const ip::IpApi& api, EncodeFlags f, IpProtocol pr,
     uint8_t t, uint16_t data_size) :
     ip_api(api),

diff --git a/src/framework/codec.h b/src/framework/codec.h
index 3bceadf436a12322bb74a01163367e2b202f94a4..7434e760e0784b2c1ee0a88ec21a0fc523c8fdc8 100644 (file)
--- a/src/framework/codec.h
+++ b/src/framework/codec.h
@@ -32,9 +32,9 @@
 
 struct TextLog;
 struct _daq_pkthdr;
-struct Packet;
-struct Layer;
-class Flow;
+
+namespace snort
+{
 enum CodecSid : uint32_t;
 
 namespace ip
@@ -54,6 +54,10 @@ namespace icmp
 struct ICMPHdr;
 }
 
+class Flow;
+struct Layer;
+struct Packet;
+
 // Used by root codecs to add their DLT to their HELP string
 #define ADD_DLT(help, x) help " (DLT " STRINGIFY_MX(x) ")"
 
@@ -385,6 +389,6 @@ struct CodecApi
     CdNewFunc ctor;   // get eval optional instance data
     CdDelFunc dtor;   // clean up instance data
 };
-
+}
 #endif /* FRAMEWORK_CODEC_H */
 

diff --git a/src/framework/connector.h b/src/framework/connector.h
index ba5d0b1ec8acd3dd8a9e561420c1b255049b0ac1..69d940da025ced662c136a20504b65f7df246fa4 100644 (file)
--- a/src/framework/connector.h
+++ b/src/framework/connector.h
@@ -29,6 +29,8 @@
 #include "framework/base_api.h"
 #include "main/snort_types.h"
 
+namespace snort
+{
 // this is the current version of the api
 #define CONNECTOR_API_VERSION ((BASE_API_VERSION << 16) | 0)
 
@@ -111,6 +113,6 @@ struct ConnectorApi
     ConnectorNewFunc ctor;
     ConnectorDelFunc dtor;
 };
-
+}
 #endif
 

diff --git a/src/framework/cursor.cc b/src/framework/cursor.cc
index 7473acfcd899c0711da6e35f895cbfefcec43aa4..4d161edf11cde15f9752672bb9c404415030fdd4 100644 (file)
--- a/src/framework/cursor.cc
+++ b/src/framework/cursor.cc
@@ -26,6 +26,8 @@
 #include "detection/detection_util.h"
 #include "protocols/packet.h"
 
+using namespace snort;
+
 Cursor::Cursor(Packet* p)
 {
     reset(p);

diff --git a/src/framework/cursor.h b/src/framework/cursor.h
index 301b4ddee6a561d01a0e6fa2fea47acf41f1ef95..f86375520861b2e68e13dfc3f216745a1fa0e2ea 100644 (file)
--- a/src/framework/cursor.h
+++ b/src/framework/cursor.h
@@ -28,12 +28,15 @@
 #include <cstdint>
 #include <cstring>
 
+namespace snort
+{
 struct Packet;
+}
 
 class Cursor
 {
 public:
-    Cursor(Packet*);
+    Cursor(snort::Packet*);
     Cursor(const Cursor&);
 
     Cursor& operator=(const Cursor&) = default;
@@ -44,7 +47,7 @@ public:
     bool is(const char* s) const
     { return !strcmp(name, s); }
 
-    void reset(Packet*);
+    void reset(snort::Packet*);
 
     void set(const char* s, const uint8_t* b, unsigned n)
     { name = s; data = b; sz = n; pos = delta = 0; }

diff --git a/src/framework/data_bus.cc b/src/framework/data_bus.cc
index 54a235448b5bc56a66dc6d428afeb0a3622e5762..22b009a63f0d870ba80ef1d2a253f802b6965ed9 100644 (file)
--- a/src/framework/data_bus.cc
+++ b/src/framework/data_bus.cc
@@ -27,8 +27,10 @@
 #include "main/snort_config.h"
 #include "protocols/packet.h"
 
+using namespace snort;
+
 static DataBus& get_data_bus()
-{ return get_inspection_policy()->dbus; }
+{ return snort::get_inspection_policy()->dbus; }
 
 class BufferEvent : public DataEvent
 {
@@ -80,11 +82,11 @@ void DataBus::subscribe(const char* key, DataHandler* h)
 // notify subscribers of event
 void DataBus::publish(const char* key, DataEvent& e, Flow* f)
 {
-    InspectionPolicy* pi = get_inspection_policy();
+    InspectionPolicy* pi = snort::get_inspection_policy();
     pi->dbus._publish(key, e, f);
 
     // also publish to default policy to notify control subscribers such as appid
-    InspectionPolicy* di = get_default_inspection_policy(SnortConfig::get_conf());
+    InspectionPolicy* di = snort::get_default_inspection_policy(SnortConfig::get_conf());
 
     // of course, only when current is not default
     if ( di != pi )

diff --git a/src/framework/data_bus.h b/src/framework/data_bus.h
index 03c91a95a2acd94615ee8b3b068bcfc3490d8dab..6228cf82e3e8ad7e54855564881ce0515b5e2a68 100644 (file)
--- a/src/framework/data_bus.h
+++ b/src/framework/data_bus.h
@@ -33,10 +33,8 @@
 
 #include "main/snort_types.h"
 
-// FIXIT-P evaluate perf; focus is on correctness
-typedef std::vector<class DataHandler*> DataList;
-typedef std::map<std::string, DataList> DataMap;
-
+namespace snort
+{
 class Flow;
 struct Packet;
 
@@ -72,6 +70,10 @@ protected:
     DataHandler() = default;
 };
 
+// FIXIT-P evaluate perf; focus is on correctness
+typedef std::vector<DataHandler*> DataList;
+typedef std::map<std::string, DataList> DataMap;
+
 class SO_PUBLIC DataBus
 {
 public:
@@ -115,6 +117,7 @@ private:
     int type;
     const uint8_t* data;
 };
+}
 
 // common data events
 #define PACKET_EVENT "detection.packet"

diff --git a/src/framework/decode_data.h b/src/framework/decode_data.h
index fa39e423e8009c33cc3c9d6511f4b8a48a3aecad..0b1da80cfd4ef620ee659f0ef9f5c02889b02afa 100644 (file)
--- a/src/framework/decode_data.h
+++ b/src/framework/decode_data.h
@@ -25,20 +25,21 @@
 #include "protocols/ip.h"
 #include "protocols/mpls.h"
 
+namespace snort
+{
 namespace tcp
 {
 struct TCPHdr;
 }
-
 namespace udp
 {
 struct UDPHdr;
 }
-
 namespace icmp
 {
 struct ICMPHdr;
 }
+}
 
 /* NOTE: if A protocol is added, update DecodeFlags! */
 enum class PktType : std::uint8_t
@@ -111,9 +112,9 @@ struct DecodeData
      * these three pointers are each referenced literally
      * dozens if not hundreds of times.  NOTHING else should be added!!
      */
-    const tcp::TCPHdr* tcph;
-    const udp::UDPHdr* udph;
-    const icmp::ICMPHdr* icmph;
+    const snort::tcp::TCPHdr* tcph;
+    const snort::udp::UDPHdr* udph;
+    const snort::icmp::ICMPHdr* icmph;
 
     uint16_t sp;            /* source port (TCP/UDP) */
     uint16_t dp;            /* dest port (TCP/UDP) */
@@ -121,8 +122,8 @@ struct DecodeData
     uint16_t decode_flags;
     PktType type;
 
-    ip::IpApi ip_api;
-    mpls::MplsHdr mplsHdr;  // FIXIT-L need to zero this?
+    snort::ip::IpApi ip_api;
+    snort::mpls::MplsHdr mplsHdr;  // FIXIT-L need to zero this?
 
     inline void reset()
     {

diff --git a/src/framework/inspector.cc b/src/framework/inspector.cc
index 0a2ac324e88a59dd10211ef18c5e2c64c9eaa64a..68f704122012cc149976a1e9e18de6d8e8311348 100644 (file)
--- a/src/framework/inspector.cc
+++ b/src/framework/inspector.cc
@@ -27,6 +27,8 @@
 #include "protocols/packet.h"
 #include "stream/stream_splitter.h"
 
+using namespace snort;
+
 //-------------------------------------------------------------------------
 // packet handler stuff
 //-------------------------------------------------------------------------

diff --git a/src/framework/inspector.h b/src/framework/inspector.h
index e428d9073693941579087d6aee6900a3788dab8a..9bffc1871ca4f80919d048c3efa1cd22986a2417 100644 (file)
--- a/src/framework/inspector.h
+++ b/src/framework/inspector.h
@@ -29,8 +29,12 @@
 #include "framework/base_api.h"
 #include "main/thread.h"
 
-struct Packet;
+class Session;
+
+namespace snort
+{
 struct SnortConfig;
+struct Packet;
 
 typedef int16_t ServiceId;
 
@@ -48,12 +52,14 @@ struct InspectionBuffer
     unsigned len;
 };
 
+
 struct InspectApi;
 
 //-------------------------------------------------------------------------
 // api for class
 //-------------------------------------------------------------------------
 
+
 class SO_PUBLIC Inspector
 {
 public:
@@ -176,7 +182,7 @@ enum InspectorType
 typedef Inspector* (* InspectNew)(Module*);
 typedef void (* InspectDelFunc)(Inspector*);
 typedef void (* InspectFunc)();
-typedef class Session* (* InspectSsnFunc)(class Flow*);
+typedef Session* (* InspectSsnFunc)(class Flow*);
 
 struct InspectApi
 {
@@ -199,6 +205,6 @@ struct InspectApi
 
 inline const char* Inspector::get_name()
 { return api->base.name; }
-
+}
 #endif
 

diff --git a/src/framework/ips_action.h b/src/framework/ips_action.h
index bacf2be187366ff892d7679cd10242b4db3bdec4..24efb829e4b6fdababa6fb47b54377a176c993fb 100644 (file)
--- a/src/framework/ips_action.h
+++ b/src/framework/ips_action.h
@@ -29,8 +29,6 @@
 #include "framework/base_api.h"
 #include "main/snort_types.h"
 
-struct Packet;
-
 // this is the current version of the api
 #define ACTAPI_VERSION ((BASE_API_VERSION << 16) | 0)
 
@@ -38,6 +36,11 @@ struct Packet;
 // api for class
 //-------------------------------------------------------------------------
 
+namespace snort
+{
+struct Packet;
+struct SnortConfig;
+
 enum ActionType
 {
     ACT_LOCAL,
@@ -48,8 +51,6 @@ enum ActionType
     ACT_MAX
 };
 
-struct SnortConfig;
-
 class SO_PUBLIC IpsAction
 {
 public:
@@ -86,6 +87,6 @@ struct ActionApi
     ActNewFunc ctor;
     ActDelFunc dtor;
 };
-
+}
 #endif
 

diff --git a/src/framework/ips_option.cc b/src/framework/ips_option.cc
index cf970fea9eb5b6acb525a7a2fa18acefdbae7db8..0e0e6b53329fce2b865d098623212ca4307815a6 100644 (file)
--- a/src/framework/ips_option.cc
+++ b/src/framework/ips_option.cc
@@ -27,6 +27,8 @@
 
 #include "hash/hashfcn.h"
 
+using namespace snort;
+
 static const char* s_buffer = nullptr;
 
 void IpsOption::set_buffer(const char* s)

diff --git a/src/framework/ips_option.h b/src/framework/ips_option.h
index 480ff18a9a38d80a420b7c9b1667979737e9bcf2..defe2f5241c1b656015aa85f55341ef4834d34e1 100644 (file)
--- a/src/framework/ips_option.h
+++ b/src/framework/ips_option.h
@@ -27,18 +27,23 @@
 #include "framework/base_api.h"
 #include "main/snort_types.h"
 
-struct Packet;
-
-// this is the current version of the api
-#define IPSAPI_VERSION ((BASE_API_VERSION << 16) | 0)
-
 //-------------------------------------------------------------------------
 // api for class
 // eval and action are packet thread specific
 //-------------------------------------------------------------------------
 
-struct SnortConfig;
 class Cursor;
+struct OptTreeNode;
+struct PatternMatchData;
+
+namespace snort
+{
+struct Packet;
+struct SnortConfig;
+class Module;
+
+// this is the current version of the api
+#define IPSAPI_VERSION ((BASE_API_VERSION << 16) | 0)
 
 enum CursorActionType
 {
@@ -90,7 +95,7 @@ public:
     { return CAT_NONE; }
 
     // for fast-pattern options like content
-    virtual struct PatternMatchData* get_pattern(int /*proto*/, RuleDirection = RULE_WO_DIR)
+    virtual PatternMatchData* get_pattern(int /*proto*/, RuleDirection = RULE_WO_DIR)
     { return nullptr; }
 
     virtual struct PatternMatchData* get_alternate_pattern()
@@ -142,6 +147,6 @@ struct IpsApi
     IpsDelFunc dtor;
     IpsOptFunc verify;
 };
-
+}
 #endif
 

diff --git a/src/framework/logger.h b/src/framework/logger.h
index c895dbf55bc49ad0975f59b8bcb3d19f1295e9cb..2250a5db979e44691d81df43d656d0d58aed46fc 100644 (file)
--- a/src/framework/logger.h
+++ b/src/framework/logger.h
@@ -28,6 +28,8 @@
 #include "main/snort_types.h"
 
 struct Event;
+namespace snort
+{
 struct Packet;
 
 // this is the current version of the api
@@ -80,6 +82,6 @@ struct LogApi
     LogNewFunc ctor;
     LogDelFunc dtor;
 };
-
+}
 #endif
 

diff --git a/src/framework/lua_api.h b/src/framework/lua_api.h
index 77853bb08de2ba143afb332785235eaf89c7e192..9ffbb89acf9e7ff6bb077e676dace30a50cbd97f 100644 (file)
--- a/src/framework/lua_api.h
+++ b/src/framework/lua_api.h
@@ -24,13 +24,16 @@
 
 #include <string>
 
+namespace snort
+{
 struct BaseApi;
+}
 
 class LuaApi
 {
 public:
     virtual ~LuaApi() = default;
-    virtual const BaseApi* get_base() const = 0;
+    virtual const snort::BaseApi* get_base() const = 0;
 
     std::string name;
     std::string chunk;

diff --git a/src/framework/module.cc b/src/framework/module.cc
index 8825ad486a59f0b68498f6205e28c4509764dbf9..717d2ef032cc3b5bdc04ea85b475d9028e132d3c 100644 (file)
--- a/src/framework/module.cc
+++ b/src/framework/module.cc
@@ -23,6 +23,8 @@
 
 #include "module.h"
 
+using namespace snort;
+
 static const Parameter defaults[] =
 {
     { "trace", Parameter::PT_INT, nullptr, nullptr,

diff --git a/src/framework/module.h b/src/framework/module.h
index 1a8fefbe34a92da31ae74ad222a58af6ac19f6fe..97e6b141e8f6c70bf3c996deaf7c972a6f6367bb 100644 (file)
--- a/src/framework/module.h
+++ b/src/framework/module.h
@@ -49,7 +49,16 @@
 #include "main/snort_types.h"
 #include "utils/stats.h"
 
-using LuaCFunction = int(*)(struct lua_State*);
+struct lua_State;
+
+class ModuleManager;
+
+namespace snort
+{
+struct ProfileStats;
+struct SnortConfig;
+
+using LuaCFunction = int(*)(lua_State*);
 
 struct Command
 {
@@ -67,9 +76,6 @@ struct RuleMap
     const char* msg;
 };
 
-struct ProfileStats;
-struct SnortConfig;
-
 class SO_PUBLIC Module
 {
 public:
@@ -176,7 +182,7 @@ protected:
         bool is_list = false, Trace* = nullptr);
 
 private:
-    friend class ModuleManager;
+    friend ModuleManager;
     void init(const char*, const char* = nullptr);
 
     std::vector<PegCount> counts;
@@ -211,6 +217,6 @@ private:
         counts[index] += value;
     }
 };
-
+}
 #endif
 

diff --git a/src/framework/mpse.cc b/src/framework/mpse.cc
index d7b88d61a6da9b4f1ca2ddc10a1e41df11123dc6..70408ac1fda448d6f7cf52c3fcc698eccfa70547 100644 (file)
--- a/src/framework/mpse.cc
+++ b/src/framework/mpse.cc
@@ -26,8 +26,11 @@
 #include "profiler/profiler_defs.h"
 #include "search_engines/pat_stats.h"
 
+
 using namespace std;
 
+namespace snort
+{
 THREAD_LOCAL ProfileStats mpsePerfStats;
 
 //-------------------------------------------------------------------------
@@ -38,6 +41,7 @@ Mpse::Mpse(const char* m)
 {
     method = m;
     verbose = 0;
+    api = nullptr;
 }
 
 int Mpse::search(
@@ -60,3 +64,5 @@ int Mpse::search_all(
     return _search(T, n, match, context, current_state);
 }
 
+}
+

diff --git a/src/framework/mpse.h b/src/framework/mpse.h
index 58e3da38ab08604cf1c3d0fe51a39013a551d78f..46b03caf992e6b0a9c14d4df6eb1ca103670fae6 100644 (file)
--- a/src/framework/mpse.h
+++ b/src/framework/mpse.h
@@ -31,6 +31,8 @@
 #include "main/thread.h"
 #include "search_engines/search_common.h"
 
+namespace snort
+{
 // this is the current version of the api
 #define SEAPI_VERSION ((BASE_API_VERSION << 16) | 0)
 
@@ -117,6 +119,6 @@ struct MpseApi
     MpseExeFunc init;
     MpseExeFunc print;
 };
-
+}
 #endif
 

diff --git a/src/framework/parameter.cc b/src/framework/parameter.cc
index dcc75f9d48de0db8be133b595698fcd6d73e99de..f5a02e8b701ca1c582a7103353d3134486793d1d 100644 (file)
--- a/src/framework/parameter.cc
+++ b/src/framework/parameter.cc
@@ -33,6 +33,7 @@
 
 #include "value.h"
 
+using namespace snort;
 using namespace std;
 
 static bool valid_bool(Value& v, const char*)

diff --git a/src/framework/parameter.h b/src/framework/parameter.h
index 72c8545d2a40bf63a52395a37aaf9e9ffe4a0c94..360e148243d94df2725805a507561c208a72bc39 100644 (file)
--- a/src/framework/parameter.h
+++ b/src/framework/parameter.h
@@ -31,6 +31,10 @@
 #include <functional>
 #include "main/snort_types.h"
 
+namespace snort
+{
+class Value;
+
 struct SO_PUBLIC Parameter
 {
     using RangeQuery = std::function<const char*()>;
@@ -67,7 +71,7 @@ struct SO_PUBLIC Parameter
     const char* get_type() const;
     const char* get_range() const;
 
-    bool validate(class Value&) const;
+    bool validate(Value&) const;
 
     bool is_positional() const
     { return ( name && *name == '~' ); }
@@ -91,6 +95,6 @@ struct SO_PUBLIC Parameter
     // 0-based; -1 if not found; list is | delimited
     static int index(const char* list, const char* key);
 };
-
+}
 #endif
 

diff --git a/src/framework/so_rule.h b/src/framework/so_rule.h
index 7c3ce4f8668f811e7e044f668af53fb956aee092..51b37a0063a404238b7a3c60add0549e486856c3 100644 (file)
--- a/src/framework/so_rule.h
+++ b/src/framework/so_rule.h
@@ -29,7 +29,10 @@
 #include "framework/ips_option.h"
 #include "main/snort_types.h"
 
+namespace snort
+{
 struct Packet;
+}
 
 // this is the current version of the api
 #define SOAPI_VERSION ((BASE_API_VERSION << 16) | 0)
@@ -40,14 +43,14 @@ struct Packet;
 // ctor(<key>) returns eval func and optional data
 // data is freed with dtor(data)
 
-typedef IpsOption::EvalStatus (* SoEvalFunc)(void*, class Cursor&, Packet*);
+typedef snort::IpsOption::EvalStatus (* SoEvalFunc)(void*, class Cursor&, snort::Packet*);
 typedef SoEvalFunc (* SoNewFunc)(const char* key, void**);
 typedef void (* SoDelFunc)(void*);
 typedef void (* SoAuxFunc)();
 
 struct SoApi
 {
-    BaseApi base;
+    snort::BaseApi base;
 
     const uint8_t* rule;
     unsigned length;

diff --git a/src/framework/value.cc b/src/framework/value.cc
index abc3fd0ea79236f5df0f4aabd8760eba5ec90338..04ca9ae07f53ead646f438a26ab40bc5b58d12e8 100644 (file)
--- a/src/framework/value.cc
+++ b/src/framework/value.cc
@@ -31,6 +31,7 @@
 #include "catch/snort_catch.h"
 #endif
 
+using namespace snort;
 using namespace std;
 
 Value::~Value()

diff --git a/src/framework/value.h b/src/framework/value.h
index 5ec9ab1d1a4067d4e262c3f811d513c2afe18cfe..12e2af3c1ae9c6f030ddfd50bf5a0bd91627e39b 100644 (file)
--- a/src/framework/value.h
+++ b/src/framework/value.h
@@ -29,6 +29,8 @@
 #include "framework/parameter.h"
 #include "main/snort_types.h"
 
+namespace snort
+{
 struct SfCidr;
 struct SfIp;
 
@@ -150,6 +152,6 @@ private:
     std::stringstream* ss;
     const Parameter* param;
 };
-
+}
 #endif
 

diff --git a/src/hash/hashfcn.cc b/src/hash/hashfcn.cc
index d49005354ae1369c9058a9411ebf7f4b43a2439c..cdf7c8a3833999fb03ba38cf9244f84f4a0643fb 100644 (file)
--- a/src/hash/hashfcn.cc
+++ b/src/hash/hashfcn.cc
@@ -53,7 +53,7 @@ HashFnc* hashfcn_new(int m)
 
     p = (HashFnc*)snort_calloc(sizeof(*p));
 
-    if ( SnortConfig::static_hash() )
+    if ( snort::SnortConfig::static_hash() )
     {
         p->seed     = 3193;
         p->scale    = 719;

diff --git a/src/hash/test/ghash_test.cc b/src/hash/test/ghash_test.cc
index fe20afee40273bda7a46b1c4f79afbdd35cb2240..8090a471edc1c231e54e6ba7d3b23e3862af1f8e 100644 (file)
--- a/src/hash/test/ghash_test.cc
+++ b/src/hash/test/ghash_test.cc
@@ -31,6 +31,8 @@
 #include <CppUTest/CommandLineTestRunner.h>
 #include <CppUTest/TestHarness.h>
 
+using namespace snort;
+
 // Stubs whose sole purpose is to make the test code link
 static SnortConfig my_config;
 THREAD_LOCAL SnortConfig *snort_conf = &my_config;

diff --git a/src/helpers/process.cc b/src/helpers/process.cc
index e9fdca9bf876acb9dd73a1287e925d66737811bf..cd253379d3a99caec282cb0a27726c79c0d40fa2 100644 (file)
--- a/src/helpers/process.cc
+++ b/src/helpers/process.cc
@@ -121,7 +121,7 @@ static void exit_handler(int signal)
 
 static void dirty_handler(int signal)
 {
-    SnortConfig::get_conf()->dirty_pig = true;
+    snort::SnortConfig::get_conf()->dirty_pig = true;
     exit_handler(signal);
 }
 
@@ -158,7 +158,7 @@ static void oops_handler(int signal)
 {
     // FIXIT-L what should we capture if this is the main thread?
     if ( !is_main_thread )
-        Snort::capture_packet();
+        snort::Snort::capture_packet();
 
     add_signal(signal, SIG_DFL, false);
     raise(signal);
@@ -355,7 +355,7 @@ void daemonize()
     if ( errno )
         FatalError("failed to setsid - %s", get_error(errno));
 
-    if ( SnortConfig::log_quiet() or SnortConfig::log_syslog() )
+    if ( snort::SnortConfig::log_quiet() or snort::SnortConfig::log_syslog() )
         snuff_stdio();
 
     pid_t ppid = getppid();

diff --git a/src/host_tracker/host_cache.cc b/src/host_tracker/host_cache.cc
index 5f98c22c7fe07460b3e141dd005cdfa45744fa1f..f476d83c4333f9142a4b996b26e7f9a083c7cfaa 100644 (file)
--- a/src/host_tracker/host_cache.cc
+++ b/src/host_tracker/host_cache.cc
@@ -24,6 +24,8 @@
 
 #include "host_cache.h"
 
+using namespace snort;
+
 #define LRU_CACHE_INITIAL_SIZE 65535
 
 LruCacheShared<HostIpKey, std::shared_ptr<HostTracker>, HashHostIpKey>
@@ -35,6 +37,8 @@ void host_cache_add_host_tracker(HostTracker* ht)
     host_cache.insert((const uint8_t*) ht->get_ip_addr().get_ip6_ptr(), sptr);
 }
 
+namespace snort
+{
 bool host_cache_add_service(const SfIp& ipaddr, Protocol ipproto, Port port, const char* /*service*/)
 {
     HostIpKey ipkey((const uint8_t*) ipaddr.get_ip6_ptr());
@@ -57,4 +61,4 @@ bool host_cache_add_service(const SfIp& ipaddr, Protocol ipproto, Port port, con
 
     return ht->add_service(app_entry);
 }
-
+}

diff --git a/src/host_tracker/host_cache.h b/src/host_tracker/host_cache.h
index 0f64aabc82d7fb369e437736091e148c8cca67ca..8c322f85d21dc41d1abe7a307d28ba0d5c02356c 100644 (file)
--- a/src/host_tracker/host_cache.h
+++ b/src/host_tracker/host_cache.h
@@ -65,8 +65,10 @@ extern LruCacheShared<HostIpKey, std::shared_ptr<HostTracker>, HashHostIpKey> ho
 
 void host_cache_add_host_tracker(HostTracker*);
 
+namespace snort
+{
 //  Insert a new service into host cache if it doesn't already exist.
 SO_PUBLIC bool host_cache_add_service(const SfIp&, Protocol, Port, const char* service);
-
+}
 #endif
 

diff --git a/src/host_tracker/host_cache_module.cc b/src/host_tracker/host_cache_module.cc
index 4e6dac7b0d2ba15430a0ae4b6f9a50524d2d7a21..4c463f0b297e76bc8c08abee50072cf8d0977baa 100644 (file)
--- a/src/host_tracker/host_cache_module.cc
+++ b/src/host_tracker/host_cache_module.cc
@@ -26,6 +26,8 @@
 
 #include "host_cache.h"
 
+using namespace snort;
+
 const Parameter HostCacheModule::host_cache_params[] =
 {
     { "size", Parameter::PT_INT, nullptr, nullptr,

diff --git a/src/host_tracker/host_cache_module.h b/src/host_tracker/host_cache_module.h
index d59bcdd9ed9e8c5015053c867bcee69042dbac7b..722e583fbc6a54d04be3f33be1a3d2c142bd4f4a 100644 (file)
--- a/src/host_tracker/host_cache_module.h
+++ b/src/host_tracker/host_cache_module.h
@@ -28,16 +28,16 @@
 #define host_cache_help \
     "configure hosts"
 
-class HostCacheModule : public Module
+class HostCacheModule : public snort::Module
 {
 public:
-    HostCacheModule() : Module("host_cache", host_cache_help, host_cache_params, true)
+    HostCacheModule() : snort::Module("host_cache", host_cache_help, host_cache_params, true)
     {
     }
 
-    bool begin(const char*, int, SnortConfig*) override;
-    bool end(const char*, int, SnortConfig*) override;
-    bool set(const char*, Value&, SnortConfig*) override;
+    bool begin(const char*, int, snort::SnortConfig*) override;
+    bool end(const char*, int, snort::SnortConfig*) override;
+    bool set(const char*, snort::Value&, snort::SnortConfig*) override;
 
     const PegInfo* get_pegs() const override;
     PegCount* get_counts() const override;
@@ -48,8 +48,8 @@ public:
     { return GLOBAL; }
 
 private:
-    static const Parameter host_cache_params[];
-    static const Parameter service_params[];
+    static const snort::Parameter host_cache_params[];
+    static const snort::Parameter service_params[];
 
     uint32_t host_cache_size;
 };

diff --git a/src/host_tracker/host_tracker.h b/src/host_tracker/host_tracker.h
index 49760898e79803e80013254df165cfa55ed29f8c..5cedccf56d3d8d99ec1904cc2b6ec9fc55c3fcf0 100644 (file)
--- a/src/host_tracker/host_tracker.h
+++ b/src/host_tracker/host_tracker.h
@@ -80,7 +80,7 @@ private:
                                       //  shared object are safe.
 
     //  FIXIT-M do we need to use a host_id instead of SfIp as in sfrna?
-    SfIp ip_addr;
+    snort::SfIp ip_addr;
 
     //  Policies to apply to this host.
     Policy stream_policy = 0;
@@ -95,13 +95,13 @@ public:
         memset(&ip_addr, 0, sizeof(ip_addr));
     }
 
-    SfIp get_ip_addr()
+    snort::SfIp get_ip_addr()
     {
         std::lock_guard<std::mutex> lck(host_tracker_lock);
         return ip_addr;
     }
 
-    void set_ip_addr(const SfIp& new_ip_addr)
+    void set_ip_addr(const snort::SfIp& new_ip_addr)
     {
         std::lock_guard<std::mutex> lck(host_tracker_lock);
         std::memcpy(&ip_addr, &new_ip_addr, sizeof(ip_addr));

diff --git a/src/host_tracker/host_tracker_module.cc b/src/host_tracker/host_tracker_module.cc
index e838c0e26d8b5fcb8ac8b5eb750072184efed66f..dda6010b4626805cbde5a66b0597caa652dd8fc5 100644 (file)
--- a/src/host_tracker/host_tracker_module.cc
+++ b/src/host_tracker/host_tracker_module.cc
@@ -30,6 +30,8 @@
 
 #include "host_cache.h"
 
+using namespace snort;
+
 const PegInfo host_tracker_pegs[] =
 {
     { CountType::SUM, "service_adds", "host service adds" },

diff --git a/src/host_tracker/host_tracker_module.h b/src/host_tracker/host_tracker_module.h
index ed0bfd1b59e5e3489a16351080bbb20338457bf9..c1bcbf7bb1d85b8472a91509d19d884754870091 100644 (file)
--- a/src/host_tracker/host_tracker_module.h
+++ b/src/host_tracker/host_tracker_module.h
@@ -35,10 +35,10 @@
 #define host_tracker_help \
     "configure hosts"
 
-class HostTrackerModule : public Module
+class HostTrackerModule : public snort::Module
 {
 public:
-    HostTrackerModule() : Module("host_tracker", host_tracker_help, host_tracker_params, true)
+    HostTrackerModule() : snort::Module("host_tracker", host_tracker_help, host_tracker_params, true)
     { host = nullptr; }
 
     ~HostTrackerModule() override
@@ -47,16 +47,16 @@ public:
     const PegInfo* get_pegs() const override;
     PegCount* get_counts() const override;
 
-    bool set(const char*, Value&, SnortConfig*) override;
-    bool begin(const char*, int, SnortConfig*) override;
-    bool end(const char*, int, SnortConfig*) override;
+    bool set(const char*, snort::Value&, snort::SnortConfig*) override;
+    bool begin(const char*, int, snort::SnortConfig*) override;
+    bool end(const char*, int, snort::SnortConfig*) override;
 
     Usage get_usage() const override
     { return GLOBAL; }
 
 private:
-    static const Parameter host_tracker_params[];
-    static const Parameter service_params[];
+    static const snort::Parameter host_tracker_params[];
+    static const snort::Parameter service_params[];
 
     HostApplicationEntry app;
     HostTracker* host;

diff --git a/src/host_tracker/test/host_cache_module_test.cc b/src/host_tracker/test/host_cache_module_test.cc
index 2f8c788807d78bcf2683338b5fe626230621f9a6..46d94c9fd03d7e87db8073d0fb3287de62d44667 100644 (file)
--- a/src/host_tracker/test/host_cache_module_test.cc
+++ b/src/host_tracker/test/host_cache_module_test.cc
@@ -31,6 +31,8 @@
 
 #include "sfip/sf_ip.h"
 
+using namespace snort;
+
 //  Fake AddProtocolReference to avoid bringing in a ton of dependencies.
 int16_t AddProtocolReference(const char* protocol)
 {

diff --git a/src/host_tracker/test/host_cache_test.cc b/src/host_tracker/test/host_cache_test.cc
index 4e1740224ad7245f45a4acc1158054d36259329b..a45343bfd06e416d73b8da08257840d5423ee0f5 100644 (file)
--- a/src/host_tracker/test/host_cache_test.cc
+++ b/src/host_tracker/test/host_cache_test.cc
@@ -28,6 +28,8 @@
 #include <CppUTest/CommandLineTestRunner.h>
 #include <CppUTest/TestHarness.h>
 
+using namespace snort;
+
 //  Fake AddProtocolReference to avoid bringing in a ton of dependencies.
 int16_t AddProtocolReference(const char* protocol)
 {

diff --git a/src/host_tracker/test/host_tracker_module_test.cc b/src/host_tracker/test/host_tracker_module_test.cc
index d7af809cf79df533781c17cdc49e89484e55ba94..17946cb5d7dff89fc7d19d074996cf4cdbcd7b8b 100644 (file)
--- a/src/host_tracker/test/host_tracker_module_test.cc
+++ b/src/host_tracker/test/host_tracker_module_test.cc
@@ -30,6 +30,8 @@
 #include <CppUTest/CommandLineTestRunner.h>
 #include <CppUTest/TestHarness.h>
 
+using namespace snort;
+
 //  Fake to avoid bringing in a ton of dependencies.
 int16_t ProtocolReference::add(const char* protocol)
 {

diff --git a/src/host_tracker/test/host_tracker_test.cc b/src/host_tracker/test/host_tracker_test.cc
index 17305181472a4822c0a821ba83c1ad971a50de23..b09352eda84a87bd820655b0e761c6ef0002fbb3 100644 (file)
--- a/src/host_tracker/test/host_tracker_test.cc
+++ b/src/host_tracker/test/host_tracker_test.cc
@@ -28,6 +28,8 @@
 #include <CppUTest/CommandLineTestRunner.h>
 #include <CppUTest/TestHarness.h>
 
+using namespace snort;
+
 // Fake snort_strdup() because sfutil dependencies suck
 char* snort_strdup(const char* str)
 {

diff --git a/src/ips_options/asn1_util.cc b/src/ips_options/asn1_util.cc
index 7a8faa30665c8f41ee815a5f662b04811c485640..15efaa2cb2c79ad5a4f2c5a068ab1d07dac7274f 100644 (file)
--- a/src/ips_options/asn1_util.cc
+++ b/src/ips_options/asn1_util.cc
@@ -115,7 +115,7 @@ static ASN1_TYPE* asn1_node_alloc()
 **  @retval ASN1_ERR_MEM_ALLOC memory allocation failed
 **  @retval ASN1_ERR_INVALID_ARG invalid argument
 */
-void asn1_init_mem(SnortConfig* sc)
+void asn1_init_mem(snort::SnortConfig* sc)
 {
     int num_nodes;
 
@@ -143,7 +143,7 @@ void asn1_init_mem(SnortConfig* sc)
 **  @return none
 **
 */
-void asn1_free_mem(SnortConfig*)
+void asn1_free_mem(snort::SnortConfig*)
 {
     if (asn1_config.mem != nullptr)
     {

diff --git a/src/ips_options/asn1_util.h b/src/ips_options/asn1_util.h
index e17e307c7e2b4491db3cca4c908c0d0a56842f04..5aa4160caf8022eb6d0744e7f0543e7a460ae0e0 100644 (file)
--- a/src/ips_options/asn1_util.h
+++ b/src/ips_options/asn1_util.h
@@ -125,7 +125,10 @@ struct ASN1_CONFIG
     int num_nodes;
 };
 
+namespace snort
+{
 struct SnortConfig;
+}
 
 /*
 **  Error Codes
@@ -144,8 +147,8 @@ struct SnortConfig;
 #define ASN1_ERR_INVALID_ARG         (-7)
 #define ASN1_ERR_STACK               (-8)
 
-void asn1_init_mem(SnortConfig*);
-void asn1_free_mem(SnortConfig*);
+void asn1_init_mem(snort::SnortConfig*);
+void asn1_free_mem(snort::SnortConfig*);
 int asn1_decode(const unsigned char* data, unsigned int len, ASN1_TYPE** asn1_type);
 int asn1_print_types(ASN1_TYPE* asn1_type, void* user);
 int asn1_traverse(ASN1_TYPE* asn1, void* user,

diff --git a/src/ips_options/ips_ack.cc b/src/ips_options/ips_ack.cc
index 7f9c9f2834e41b347bd797342099e19103d720c1..898eb78aa1d187bc8b0cc4b5cdba995351d3d750 100644 (file)
--- a/src/ips_options/ips_ack.cc
+++ b/src/ips_options/ips_ack.cc
@@ -29,6 +29,8 @@
 #include "protocols/packet.h"
 #include "protocols/tcp.h"
 
+using namespace snort;
+
 #define s_name "ack"
 
 #define s_help \

diff --git a/src/ips_options/ips_asn1.cc b/src/ips_options/ips_asn1.cc
index e6005c8235fddeb0b92602e5e9d1276b69f20f0b..9227e5e33274664e907be80fc046b582370408c1 100644 (file)
--- a/src/ips_options/ips_asn1.cc
+++ b/src/ips_options/ips_asn1.cc
@@ -63,6 +63,8 @@
 #include "asn1_detect.h"
 #include "asn1_util.h"
 
+using namespace snort;
+
 #define BITSTRING_OPT  "bitstring_overflow"
 #define DOUBLE_OPT     "double_overflow"
 #define PRINT_OPT      "print"

diff --git a/src/ips_options/ips_base64.cc b/src/ips_options/ips_base64.cc
index acab9afb59e516a6e14ec64979dd00d7eb324055..58f4a02b34365670eb0a16461dbe68afc90e94a7 100644 (file)
--- a/src/ips_options/ips_base64.cc
+++ b/src/ips_options/ips_base64.cc
@@ -34,6 +34,8 @@
 #include "profiler/profiler.h"
 #include "utils/util_unfold.h"
 
+using namespace snort;
+
 static THREAD_LOCAL uint8_t base64_decode_buf[DECODE_BLEN];
 static THREAD_LOCAL uint32_t base64_decode_size;
 

diff --git a/src/ips_options/ips_bufferlen.cc b/src/ips_options/ips_bufferlen.cc
index e527f916ca2c1ff869041b3e308c7c8f2f21c1ae..db2b40e6c302ae8cc6d264da3651fff48cabf6c4 100644 (file)
--- a/src/ips_options/ips_bufferlen.cc
+++ b/src/ips_options/ips_bufferlen.cc
@@ -28,6 +28,8 @@
 #include "hash/hashfcn.h"
 #include "profiler/profiler.h"
 
+using namespace snort;
+
 #define s_name "bufferlen"
 
 #define s_help \

diff --git a/src/ips_options/ips_byte_extract.cc b/src/ips_options/ips_byte_extract.cc
index 032f1718f5ce33a4667e688ee8c521ac09befa15..e434e6ffac5e537844f8dca1a5c21894d69a6d35 100644 (file)
--- a/src/ips_options/ips_byte_extract.cc
+++ b/src/ips_options/ips_byte_extract.cc
@@ -35,6 +35,8 @@
 
 #include "extract.h"
 
+using namespace snort;
+
 static THREAD_LOCAL ProfileStats byteExtractPerfStats;
 
 #define s_name "byte_extract"

diff --git a/src/ips_options/ips_byte_jump.cc b/src/ips_options/ips_byte_jump.cc
index 650e1e34ccf498032dc17ac15e919869a0f612b7..9e7cec22e1127defeafcb11a9f54ee4b3f188e7a 100644 (file)
--- a/src/ips_options/ips_byte_jump.cc
+++ b/src/ips_options/ips_byte_jump.cc
@@ -88,6 +88,7 @@
 
 #include "extract.h"
 
+using namespace snort;
 using namespace std;
 
 static THREAD_LOCAL ProfileStats byteJumpPerfStats;

diff --git a/src/ips_options/ips_byte_math.cc b/src/ips_options/ips_byte_math.cc
index b5bb000c85acb36b4ff5cb40a10517a4dc1b4fc9..4c4821c89dd5652a5f1dfa6a6359f57cc4413149 100644 (file)
--- a/src/ips_options/ips_byte_math.cc
+++ b/src/ips_options/ips_byte_math.cc
@@ -36,6 +36,7 @@
 
 #include "extract.h"
 
+using namespace snort;
 using namespace std;
 
 #define s_name "byte_math"

diff --git a/src/ips_options/ips_byte_test.cc b/src/ips_options/ips_byte_test.cc
index cac584da062fd8e4f9b22effb1c6899b316afd9e..7ca473daa6cb6dcb4fbf60f2742353a4db78a73c 100644 (file)
--- a/src/ips_options/ips_byte_test.cc
+++ b/src/ips_options/ips_byte_test.cc
@@ -105,6 +105,7 @@
 
 #include "extract.h"
 
+using namespace snort;
 using namespace std;
 
 #define PARSELEN 10

diff --git a/src/ips_options/ips_classtype.cc b/src/ips_options/ips_classtype.cc
index f2696b3a2b23f90cc7aa11f0d757cce2a7383640..5c6f13fbb231c3d3f97f59b4baffe6742faed26b 100644 (file)
--- a/src/ips_options/ips_classtype.cc
+++ b/src/ips_options/ips_classtype.cc
@@ -26,6 +26,8 @@
 #include "framework/ips_option.h"
 #include "framework/module.h"
 
+using namespace snort;
+
 #define s_name "classtype"
 
 //-------------------------------------------------------------------------

diff --git a/src/ips_options/ips_content.cc b/src/ips_options/ips_content.cc
index 514be21461ed69cbde5ab2b14a06d27d1da57faf..4db8b97230bf4daedfcf6ea96de6720a67a4e637 100644 (file)
--- a/src/ips_options/ips_content.cc
+++ b/src/ips_options/ips_content.cc
@@ -36,6 +36,8 @@
 
 #include "extract.h"
 
+using namespace snort;
+
 #define MAX_PATTERN_SIZE 2048
 
 #define s_name "content"

diff --git a/src/ips_options/ips_cvs.cc b/src/ips_options/ips_cvs.cc
index 062afdc43432234eba6639a28dd119efa8c6f19c..e678c1161bc90a06908ae136ab92ce86394e405e 100644 (file)
--- a/src/ips_options/ips_cvs.cc
+++ b/src/ips_options/ips_cvs.cc
@@ -45,6 +45,8 @@
 #include "profiler/profiler.h"
 #include "protocols/packet.h"
 
+using namespace snort;
+
 static THREAD_LOCAL ProfileStats cvsPerfStats;
 
 #define s_name "cvs"

diff --git a/src/ips_options/ips_detection_filter.cc b/src/ips_options/ips_detection_filter.cc
index 970390a619aa1e50490efe288219ab33ea9756f1..ace5efc986bb67fbb7d3b670ff78fa405d092745 100644 (file)
--- a/src/ips_options/ips_detection_filter.cc
+++ b/src/ips_options/ips_detection_filter.cc
@@ -32,6 +32,8 @@
 #include "framework/module.h"
 #include "main/snort_config.h"
 
+using namespace snort;
+
 #define s_name "detection_filter"
 
 //-------------------------------------------------------------------------

diff --git a/src/ips_options/ips_dsize.cc b/src/ips_options/ips_dsize.cc
index 1efcfbf6ad1a88729ce342dc78bbc8d12069f384..f27ef6bf36c1d18443b29e7ae42c751f66cdff13 100644 (file)
--- a/src/ips_options/ips_dsize.cc
+++ b/src/ips_options/ips_dsize.cc
@@ -28,6 +28,8 @@
 #include "profiler/profiler.h"
 #include "protocols/packet.h"
 
+using namespace snort;
+
 #define s_name "dsize"
 
 static THREAD_LOCAL ProfileStats dsizePerfStats;

diff --git a/src/ips_options/ips_file_data.cc b/src/ips_options/ips_file_data.cc
index 8d1637d848611b74ffbb33536846380c69bab10d..d7d1c17aa300665e5cfc6f3553845739cc7addde 100644 (file)
--- a/src/ips_options/ips_file_data.cc
+++ b/src/ips_options/ips_file_data.cc
@@ -28,6 +28,8 @@
 #include "framework/module.h"
 #include "profiler/profiler.h"
 
+using namespace snort;
+
 #define s_name "file_data"
 
 static THREAD_LOCAL ProfileStats fileDataPerfStats;

diff --git a/src/ips_options/ips_file_type.cc b/src/ips_options/ips_file_type.cc
index 237bd8619a8e28b0dba8793b68051d5c6061d0bb..c699f37f78b0ce76e591803cb0097d17420dc24c 100644 (file)
--- a/src/ips_options/ips_file_type.cc
+++ b/src/ips_options/ips_file_type.cc
@@ -31,6 +31,8 @@
 #include "profiler/profiler.h"
 #include "protocols/packet.h"
 
+using namespace snort;
+
 typedef std::bitset<FILE_ID_MAX> TypeBitSet;
 
 #define s_name "file_type"

diff --git a/src/ips_options/ips_flags.cc b/src/ips_options/ips_flags.cc
index 7534ac9c87d6b3b751ce1fa901cd2816b786366d..49332962f2eb9ed52e5ce5b2e41ff353858c12c1 100644 (file)
--- a/src/ips_options/ips_flags.cc
+++ b/src/ips_options/ips_flags.cc
@@ -30,6 +30,8 @@
 #include "protocols/packet.h"
 #include "protocols/tcp.h"
 
+using namespace snort;
+
 #define M_NORMAL  0
 #define M_ALL     1
 #define M_ANY     2

diff --git a/src/ips_options/ips_flow.cc b/src/ips_options/ips_flow.cc
index 7cb17c760dfb312f7469d9b75b98478f30dec564..6ad1996f4f6bed6c891e03454a792a523cdc60f5 100644 (file)
--- a/src/ips_options/ips_flow.cc
+++ b/src/ips_options/ips_flow.cc
@@ -33,6 +33,8 @@
 #include "protocols/packet.h"
 #include "target_based/snort_protocols.h"
 
+using namespace snort;
+
 #define s_name "flow"
 
 static THREAD_LOCAL ProfileStats flowCheckPerfStats;

diff --git a/src/ips_options/ips_flowbits.cc b/src/ips_options/ips_flowbits.cc
index fa8e4aa08ac996c954b2ad78084d4973daa274af..508b32c101497a7a4ea4348c93ddfdc9ad0d5226 100644 (file)
--- a/src/ips_options/ips_flowbits.cc
+++ b/src/ips_options/ips_flowbits.cc
@@ -55,6 +55,7 @@
 #include "utils/sflsq.h"
 #include "utils/util.h"
 
+using namespace snort;
 using namespace std;
 
 #define s_name "flowbits"

diff --git a/src/ips_options/ips_fragbits.cc b/src/ips_options/ips_fragbits.cc
index 1bed319bcb6c60b2c1599986a34e4be7ad4c4851..5bc4488bf1de6f3bc528a1ca74996141439436af 100644 (file)
--- a/src/ips_options/ips_fragbits.cc
+++ b/src/ips_options/ips_fragbits.cc
@@ -55,6 +55,8 @@
 #include "profiler/profiler.h"
 #include "protocols/packet.h"
 
+using namespace snort;
+
 static THREAD_LOCAL ProfileStats fragBitsPerfStats;
 
 // this class holds the logic for setting up the fragment test

diff --git a/src/ips_options/ips_fragoffset.cc b/src/ips_options/ips_fragoffset.cc
index 6a26b15e2fca8ef8d7be76fd775393a413f38deb..e1ce1bedff32e36331ae8157a30706e039c1baaa 100644 (file)
--- a/src/ips_options/ips_fragoffset.cc
+++ b/src/ips_options/ips_fragoffset.cc
@@ -28,6 +28,8 @@
 #include "profiler/profiler.h"
 #include "protocols/packet.h"
 
+using namespace snort;
+
 #define s_name "fragoffset"
 
 static THREAD_LOCAL ProfileStats fragOffsetPerfStats;

diff --git a/src/ips_options/ips_gid.cc b/src/ips_options/ips_gid.cc
index 6337c27baf87019bf59aab023189f86d5969392c..bcfe86c274563538493dc31cedb7283bc625d54e 100644 (file)
--- a/src/ips_options/ips_gid.cc
+++ b/src/ips_options/ips_gid.cc
@@ -26,6 +26,8 @@
 #include "framework/ips_option.h"
 #include "framework/module.h"
 
+using namespace snort;
+
 #define s_name "gid"
 
 //-------------------------------------------------------------------------

diff --git a/src/ips_options/ips_hash.cc b/src/ips_options/ips_hash.cc
index 7d363263356bbd7c86ce65e8cf6f2a89b80ee329..ef0f4a10024fcf30d98999badd38f0c69f5d2e63 100644 (file)
--- a/src/ips_options/ips_hash.cc
+++ b/src/ips_options/ips_hash.cc
@@ -34,6 +34,8 @@
 
 #include "extract.h"
 
+using namespace snort;
+
 enum HashPsIdx
 {
     HPI_MD5, HPI_SHA256, HPI_SHA512, HPI_MAX

diff --git a/src/ips_options/ips_icmp_id.cc b/src/ips_options/ips_icmp_id.cc
index 51661d0ed9be67161ae38412e9e5887e779e25a8..969a7861952e614790d4c7ee9f62f9511ca999ea 100644 (file)
--- a/src/ips_options/ips_icmp_id.cc
+++ b/src/ips_options/ips_icmp_id.cc
@@ -52,6 +52,8 @@
 #include "protocols/icmp6.h"
 #include "protocols/packet.h"
 
+using namespace snort;
+
 #define s_name "icmp_id"
 
 static THREAD_LOCAL ProfileStats icmpIdPerfStats;

diff --git a/src/ips_options/ips_icmp_seq.cc b/src/ips_options/ips_icmp_seq.cc
index 034997eea498344436e25e6d50a76f8caa2957e4..9430fe28e6782fc9975c99d6377c3afb441c5edd 100644 (file)
--- a/src/ips_options/ips_icmp_seq.cc
+++ b/src/ips_options/ips_icmp_seq.cc
@@ -52,6 +52,8 @@
 #include "protocols/icmp6.h"
 #include "protocols/packet.h"
 
+using namespace snort;
+
 #define s_name "icmp_seq"
 
 static THREAD_LOCAL ProfileStats icmpSeqPerfStats;

diff --git a/src/ips_options/ips_icode.cc b/src/ips_options/ips_icode.cc
index 3279cd6a15ca5a8ab58c4b37d4893dbd289e3ecb..a3ba81df67f1224de75ce8006b7544a3d3c88db7 100644 (file)
--- a/src/ips_options/ips_icode.cc
+++ b/src/ips_options/ips_icode.cc
@@ -29,6 +29,8 @@
 #include "protocols/icmp4.h"
 #include "protocols/packet.h"
 
+using namespace snort;
+
 #define s_name "icode"
 
 static THREAD_LOCAL ProfileStats icmpCodePerfStats;

diff --git a/src/ips_options/ips_id.cc b/src/ips_options/ips_id.cc
index 6c9442ff870c3b55142fc0a3ff46b094e4f8ad69..0d0cd5b74ce1b99853196ee68fb58f665b7d8ec7 100644 (file)
--- a/src/ips_options/ips_id.cc
+++ b/src/ips_options/ips_id.cc
@@ -28,6 +28,8 @@
 #include "profiler/profiler.h"
 #include "protocols/packet.h"
 
+using namespace snort;
+
 #define s_name "id"
 
 static THREAD_LOCAL ProfileStats ipIdPerfStats;

diff --git a/src/ips_options/ips_ip_proto.cc b/src/ips_options/ips_ip_proto.cc
index 3259cd9f81fb7bfb3f1d701986f32c5c9f2bffc5..09bf6296003ae22ebc5a683cb8b738f2b367840b 100644 (file)
--- a/src/ips_options/ips_ip_proto.cc
+++ b/src/ips_options/ips_ip_proto.cc
@@ -31,6 +31,8 @@
 #include "protocols/packet.h"
 #include "utils/util_cstring.h"
 
+using namespace snort;
+
 #define s_name "ip_proto"
 
 static THREAD_LOCAL ProfileStats ipProtoPerfStats;

diff --git a/src/ips_options/ips_ipopts.cc b/src/ips_options/ips_ipopts.cc
index 119bc31d23b46e42b8686e0d4acf509c17f3987e..775aab0e43e75da821dafc67cf71d26956b40979 100644 (file)
--- a/src/ips_options/ips_ipopts.cc
+++ b/src/ips_options/ips_ipopts.cc
@@ -29,6 +29,8 @@
 #include "protocols/ipv4_options.h"
 #include "protocols/packet.h"
 
+using namespace snort;
+
 #define s_name "ipopts"
 
 static THREAD_LOCAL ProfileStats ipOptionPerfStats;

diff --git a/src/ips_options/ips_isdataat.cc b/src/ips_options/ips_isdataat.cc
index 6824ad30a8a0bd951774a0274d08791eef76af7b..00463a5830c405e8adaf15cde890f4a2ed4a50dc 100644 (file)
--- a/src/ips_options/ips_isdataat.cc
+++ b/src/ips_options/ips_isdataat.cc
@@ -50,6 +50,8 @@
 
 #include "extract.h"
 
+using namespace snort;
+
 #define s_name "isdataat"
 
 static THREAD_LOCAL ProfileStats isDataAtPerfStats;

diff --git a/src/ips_options/ips_itype.cc b/src/ips_options/ips_itype.cc
index 3a50d253dd81471e75be4146d428a7fb434f4c25..8ee18d8466db16476e6954825b8ac77324ef7faa 100644 (file)
--- a/src/ips_options/ips_itype.cc
+++ b/src/ips_options/ips_itype.cc
@@ -29,6 +29,8 @@
 #include "protocols/icmp4.h"
 #include "protocols/packet.h"
 
+using namespace snort;
+
 #define s_name "itype"
 
 static THREAD_LOCAL ProfileStats icmpTypePerfStats;

diff --git a/src/ips_options/ips_luajit.cc b/src/ips_options/ips_luajit.cc
index a7dad63aebaf0237bf00f0dd6f7fe09df4921838..a4783e6c568224433828b07f85e5329968004440 100644 (file)
--- a/src/ips_options/ips_luajit.cc
+++ b/src/ips_options/ips_luajit.cc
@@ -36,6 +36,8 @@
 #include "profiler/profiler.h"
 #include "utils/util.h"
 
+using namespace snort;
+
 static THREAD_LOCAL ProfileStats luaIpsPerfStats;
 
 #define opt_eval "eval"

diff --git a/src/ips_options/ips_metadata.cc b/src/ips_options/ips_metadata.cc
index c0862ad6510adc04ecf5084d58c471963124ad92..538295dd38bc15564a9a1628b94837ad919edec9 100644 (file)
--- a/src/ips_options/ips_metadata.cc
+++ b/src/ips_options/ips_metadata.cc
@@ -25,6 +25,7 @@
 #include "framework/ips_option.h"
 #include "framework/module.h"
 
+using namespace snort;
 using namespace std;
 
 #define s_name "metadata"

diff --git a/src/ips_options/ips_msg.cc b/src/ips_options/ips_msg.cc
index 412160c5bf2b05cca60359f102e32fa1de72c2bf..aa6436ea4d45b73feeb8080e09bc01c2c002a415 100644 (file)
--- a/src/ips_options/ips_msg.cc
+++ b/src/ips_options/ips_msg.cc
@@ -27,6 +27,8 @@
 #include "framework/module.h"
 #include "utils/util.h"
 
+using namespace snort;
+
 #define s_name "msg"
 
 //-------------------------------------------------------------------------

diff --git a/src/ips_options/ips_options.cc b/src/ips_options/ips_options.cc
index 91881f3b8cbe3b15694ce5758b86a00102ff62a0..2bcc0ffe3f4cf47eaa9b23627009d99a5387640f 100644 (file)
--- a/src/ips_options/ips_options.cc
+++ b/src/ips_options/ips_options.cc
@@ -25,6 +25,8 @@
 
 #include "managers/plugin_manager.h"
 
+using namespace snort;
+
 extern const BaseApi* ips_classtype;
 extern const BaseApi* ips_content;
 extern const BaseApi* ips_detection_filter;

diff --git a/src/ips_options/ips_pcre.cc b/src/ips_options/ips_pcre.cc
index 3a863e72c8bdf5133cc71622e51b112752c31537..ef9c9ccfb080dfb096b96dc7e67046fc3c82d94d 100644 (file)
--- a/src/ips_options/ips_pcre.cc
+++ b/src/ips_options/ips_pcre.cc
@@ -38,6 +38,8 @@
 #include "profiler/profiler.h"
 #include "utils/util.h"
 
+using namespace snort;
+
 #ifndef PCRE_STUDY_JIT_COMPILE
 #define PCRE_STUDY_JIT_COMPILE 0
 #endif

diff --git a/src/ips_options/ips_pcre.h b/src/ips_options/ips_pcre.h
index 982121667257efbb4ab2509a190a0f401c613bd1..f6faa73e4f3bc0bb7fb14ea2615b1163607594cf 100644 (file)
--- a/src/ips_options/ips_pcre.h
+++ b/src/ips_options/ips_pcre.h
@@ -20,9 +20,13 @@
 #ifndef IPS_PCRE_H
 #define IPS_PCRE_H
 
+namespace snort
+{
 struct SnortConfig;
-void pcre_setup(SnortConfig*);
-void pcre_cleanup(SnortConfig*);
+}
+
+void pcre_setup(snort::SnortConfig*);
+void pcre_cleanup(snort::SnortConfig*);
 
 #endif
 

diff --git a/src/ips_options/ips_pkt_data.cc b/src/ips_options/ips_pkt_data.cc
index 0f691a2172341aa68d9163370fd3ec6a07f5841f..5cc1968c87751ccf64c8634e831de391e5ca2f5c 100644 (file)
--- a/src/ips_options/ips_pkt_data.cc
+++ b/src/ips_options/ips_pkt_data.cc
@@ -27,6 +27,8 @@
 #include "profiler/profiler.h"
 #include "protocols/packet.h"
 
+using namespace snort;
+
 #define s_name "pkt_data"
 
 static THREAD_LOCAL ProfileStats pktDataPerfStats;

diff --git a/src/ips_options/ips_priority.cc b/src/ips_options/ips_priority.cc
index 02acb7536c83b7ebe2c45e29910e77754c8cb4ed..45f505331ff0820528183a5ad2d754d8c463ccbb 100644 (file)
--- a/src/ips_options/ips_priority.cc
+++ b/src/ips_options/ips_priority.cc
@@ -26,6 +26,8 @@
 #include "framework/ips_option.h"
 #include "framework/module.h"
 
+using namespace snort;
+
 #define s_name "priority"
 
 //-------------------------------------------------------------------------

diff --git a/src/ips_options/ips_raw_data.cc b/src/ips_options/ips_raw_data.cc
index e5d8ff597526e3c81971486a9cec052855681a8e..f4a586629ebe90b131e4b8e8e96929f4c5dca877 100644 (file)
--- a/src/ips_options/ips_raw_data.cc
+++ b/src/ips_options/ips_raw_data.cc
@@ -27,6 +27,8 @@
 #include "profiler/profiler.h"
 #include "protocols/packet.h"
 
+using namespace snort;
+
 #define s_name "raw_data"
 
 static THREAD_LOCAL ProfileStats rawDataPerfStats;

diff --git a/src/ips_options/ips_reference.cc b/src/ips_options/ips_reference.cc
index 021b973478fffd3fba10ff6da2813084e0cde55c..d06f79be9ca695e55899ca7e14bbd9d1ed159f90 100644 (file)
--- a/src/ips_options/ips_reference.cc
+++ b/src/ips_options/ips_reference.cc
@@ -27,6 +27,8 @@
 #include "framework/module.h"
 #include "main/snort_config.h"
 
+using namespace snort;
+
 #define s_name "reference"
 
 //-------------------------------------------------------------------------

diff --git a/src/ips_options/ips_regex.cc b/src/ips_options/ips_regex.cc
index 07973f9f699bad3f6fb419da20efdf5c941c38c3..7ca3870feaaa14b455b267bc770a72c33b28ce10 100644 (file)
--- a/src/ips_options/ips_regex.cc
+++ b/src/ips_options/ips_regex.cc
@@ -39,6 +39,8 @@
 #include "main/snort_config.h"
 #include "profiler/profiler.h"
 
+using namespace snort;
+
 #define s_name "regex"
 
 #define s_help \

diff --git a/src/ips_options/ips_regex.h b/src/ips_options/ips_regex.h
index 19538864d5ed5855582087037f810d4d5774a9ab..771404d8df959eb0e8adb3846fad3b85218b0896 100644 (file)
--- a/src/ips_options/ips_regex.h
+++ b/src/ips_options/ips_regex.h
@@ -19,9 +19,13 @@
 #ifndef IPS_REGEX_H
 #define IPS_REGEX_H
 
+namespace snort
+{
 struct SnortConfig;
-void regex_setup(SnortConfig*);
-void regex_cleanup(SnortConfig*);
+}
+
+void regex_setup(snort::SnortConfig*);
+void regex_cleanup(snort::SnortConfig*);
 
 #endif
 

diff --git a/src/ips_options/ips_rem.cc b/src/ips_options/ips_rem.cc
index 32a9899546160af1e0a2bd6f6086d899b060d021..2cc6e9e4bd71ba6f05cd4b43d8ef806db91738f6 100644 (file)
--- a/src/ips_options/ips_rem.cc
+++ b/src/ips_options/ips_rem.cc
@@ -25,6 +25,8 @@
 #include "framework/ips_option.h"
 #include "framework/module.h"
 
+using namespace snort;
+
 #define s_name "rem"
 
 //-------------------------------------------------------------------------

diff --git a/src/ips_options/ips_replace.cc b/src/ips_options/ips_replace.cc
index f2a96bf3b48096eb5d8b0cd3a611f0d0c9fe581c..e63dfe49b20146242f3467be0e5acc0e4d54ab49 100644 (file)
--- a/src/ips_options/ips_replace.cc
+++ b/src/ips_options/ips_replace.cc
@@ -36,6 +36,7 @@
 #include "profiler/profiler.h"
 #include "protocols/packet.h"
 
+using namespace snort;
 using namespace std;
 
 static void replace_parse(const char* args, string& s)

diff --git a/src/ips_options/ips_rev.cc b/src/ips_options/ips_rev.cc
index 75eec4e09937e68583087602d4c3ebb84d8b0025..1e4acde5453b0875aa5b44062c8d0abc478e578b 100644 (file)
--- a/src/ips_options/ips_rev.cc
+++ b/src/ips_options/ips_rev.cc
@@ -26,6 +26,8 @@
 #include "framework/ips_option.h"
 #include "framework/module.h"
 
+using namespace snort;
+
 #define s_name "rev"
 
 //-------------------------------------------------------------------------

diff --git a/src/ips_options/ips_rpc.cc b/src/ips_options/ips_rpc.cc
index 5b6435a32d4146e374febdb9cba211fdfffe7642..766aebc763e05321f034287e724350de021ca85a 100644 (file)
--- a/src/ips_options/ips_rpc.cc
+++ b/src/ips_options/ips_rpc.cc
@@ -30,6 +30,8 @@
 #include "profiler/profiler.h"
 #include "protocols/packet.h"
 
+using namespace snort;
+
 #define s_name "rpc"
 
 static THREAD_LOCAL ProfileStats rpcCheckPerfStats;

diff --git a/src/ips_options/ips_sd_pattern.cc b/src/ips_options/ips_sd_pattern.cc
index d3b239e8ecda96e1317eafa00a193bde5333ffc9..488a3c7eeb78ffc72101a9e2c7fa21a3d285e0fe 100644 (file)
--- a/src/ips_options/ips_sd_pattern.cc
+++ b/src/ips_options/ips_sd_pattern.cc
@@ -42,6 +42,8 @@
 
 #include "sd_credit_card.h"
 
+using namespace snort;
+
 #define s_name "sd_pattern"
 #define s_help "rule option for detecting sensitive data"
 

diff --git a/src/ips_options/ips_sd_pattern.h b/src/ips_options/ips_sd_pattern.h
index 8292835ac5149aac20c63e076a997b377e18ece3..f6c6f27d4666fe5b3185acb86ce0fe8f4dac56b5 100644 (file)
--- a/src/ips_options/ips_sd_pattern.h
+++ b/src/ips_options/ips_sd_pattern.h
@@ -19,8 +19,12 @@
 #ifndef IPS_SD_PATTERN_H
 #define IPS_SD_PATTERN_H
 
+namespace snort
+{
 struct SnortConfig;
-void sdpattern_setup(SnortConfig*);
-void sdpattern_cleanup(SnortConfig*);
+}
+
+void sdpattern_setup(snort::SnortConfig*);
+void sdpattern_cleanup(snort::SnortConfig*);
 
 #endif

diff --git a/src/ips_options/ips_seq.cc b/src/ips_options/ips_seq.cc
index 82eace20011a6dabd3db1452b102fd2ac67e2bce..9fd36788b97c97e8b2dbf76c1e3377cdef8dbbd4 100644 (file)
--- a/src/ips_options/ips_seq.cc
+++ b/src/ips_options/ips_seq.cc
@@ -29,6 +29,8 @@
 #include "protocols/packet.h"
 #include "protocols/tcp.h"
 
+using namespace snort;
+
 #define s_name "seq"
 
 static THREAD_LOCAL ProfileStats tcpSeqPerfStats;

diff --git a/src/ips_options/ips_service.cc b/src/ips_options/ips_service.cc
index 7228dc814c180f83dcff3af2e695f261685735f3..3224c0ea84408c19c6741aee980b2ec044ddfa46 100644 (file)
--- a/src/ips_options/ips_service.cc
+++ b/src/ips_options/ips_service.cc
@@ -27,6 +27,7 @@
 #include "log/messages.h"
 #include "parser/parse_conf.h"
 
+using namespace snort;
 using namespace std;
 
 #define s_name "service"

diff --git a/src/ips_options/ips_session.cc b/src/ips_options/ips_session.cc
index ef7c1fef30b438efe3fe5c88fd32a5bd322b42a3..a4f5bed7be98d295a8787d75f264419bba09da3d 100644 (file)
--- a/src/ips_options/ips_session.cc
+++ b/src/ips_options/ips_session.cc
@@ -57,6 +57,8 @@
 #include "utils/util.h"
 #include "utils/util_cstring.h"
 
+using namespace snort;
+
 #define s_name "session"
 
 static THREAD_LOCAL ProfileStats sessionPerfStats;

diff --git a/src/ips_options/ips_sid.cc b/src/ips_options/ips_sid.cc
index 266c1c74a9884b0ce279f6d06b5205136897a42d..8a516578cf1ca8121f366c52af7d3e1a5162e95a 100644 (file)
--- a/src/ips_options/ips_sid.cc
+++ b/src/ips_options/ips_sid.cc
@@ -26,6 +26,8 @@
 #include "framework/ips_option.h"
 #include "framework/module.h"
 
+using namespace snort;
+
 #define s_name "sid"
 
 //-------------------------------------------------------------------------

diff --git a/src/ips_options/ips_so.cc b/src/ips_options/ips_so.cc
index 3a55ccddd8466af0eb47eb190a0928a6139b8218..7ec5f886da246664b36c74ae38f80e3e14ab4a23 100644 (file)
--- a/src/ips_options/ips_so.cc
+++ b/src/ips_options/ips_so.cc
@@ -30,6 +30,7 @@
 #include "managers/so_manager.h"
 #include "profiler/profiler.h"
 
+using namespace snort;
 using namespace std;
 
 #define s_name "so"

diff --git a/src/ips_options/ips_soid.cc b/src/ips_options/ips_soid.cc
index 21b95062eddd3c978804938b64f8cd47eb5db654..45000c406055ed225cb1d88691681280d1f27494 100644 (file)
--- a/src/ips_options/ips_soid.cc
+++ b/src/ips_options/ips_soid.cc
@@ -27,6 +27,8 @@
 #include "framework/module.h"
 #include "utils/util.h"
 
+using namespace snort;
+
 #define s_name "soid"
 
 //-------------------------------------------------------------------------

diff --git a/src/ips_options/ips_tag.cc b/src/ips_options/ips_tag.cc
index e73f7d03afd56840ffe740011d14e6d1dbad96b7..549b89c1b769320210e71016eb6faf57dc3b6a27 100644 (file)
--- a/src/ips_options/ips_tag.cc
+++ b/src/ips_options/ips_tag.cc
@@ -29,6 +29,8 @@
 #include "framework/module.h"
 #include "utils/util.h"
 
+using namespace snort;
+
 #define s_name "tag"
 
 //-------------------------------------------------------------------------

diff --git a/src/ips_options/ips_target.cc b/src/ips_options/ips_target.cc
index 95d460b905f3142dfe38032ed0c0a1b6eeb1875c..737e76990b0a360cced485d6b517ed104901c531 100644 (file)
--- a/src/ips_options/ips_target.cc
+++ b/src/ips_options/ips_target.cc
@@ -26,6 +26,8 @@
 #include "framework/ips_option.h"
 #include "framework/module.h"
 
+using namespace snort;
+
 #define s_name "target"
 
 //-------------------------------------------------------------------------

diff --git a/src/ips_options/ips_tos.cc b/src/ips_options/ips_tos.cc
index 57dfe56e8e3c95250c6fc44644c51bf0cc80b412..cd1342c8071c9d680ec0eddc43a122cbe89207cf 100644 (file)
--- a/src/ips_options/ips_tos.cc
+++ b/src/ips_options/ips_tos.cc
@@ -28,6 +28,8 @@
 #include "profiler/profiler.h"
 #include "protocols/packet.h"
 
+using namespace snort;
+
 #define s_name "tos"
 
 static THREAD_LOCAL ProfileStats ipTosPerfStats;

diff --git a/src/ips_options/ips_ttl.cc b/src/ips_options/ips_ttl.cc
index 6e3359733cf79c72d2d7fc303a92aba83b0580b9..49a7bcbba7e52c117ecad5e3c7b45fb96d71ff18 100644 (file)
--- a/src/ips_options/ips_ttl.cc
+++ b/src/ips_options/ips_ttl.cc
@@ -28,6 +28,8 @@
 #include "profiler/profiler.h"
 #include "protocols/packet.h"
 
+using namespace snort;
+
 #define s_name "ttl"
 
 static THREAD_LOCAL ProfileStats ttlCheckPerfStats;

diff --git a/src/ips_options/ips_window.cc b/src/ips_options/ips_window.cc
index cae4f0471af105c0ebc0cd56e56afc1adeff6a53..93e548f135a845e8746ceea274c62a228ca8a785 100644 (file)
--- a/src/ips_options/ips_window.cc
+++ b/src/ips_options/ips_window.cc
@@ -29,6 +29,8 @@
 #include "protocols/packet.h"
 #include "protocols/tcp.h"
 
+using namespace snort;
+
 #define s_name "window"
 
 static THREAD_LOCAL ProfileStats tcpWinPerfStats;

diff --git a/src/ips_options/test/ips_regex_test.cc b/src/ips_options/test/ips_regex_test.cc
index 57bc6afbb5cba1df7b4d4c1ced12d81f613c372f..d9a602d7c57969f5625983d4cdb37d89616af216 100644 (file)
--- a/src/ips_options/test/ips_regex_test.cc
+++ b/src/ips_options/test/ips_regex_test.cc
@@ -37,6 +37,8 @@
 #include <CppUTest/CommandLineTestRunner.h>
 #include <CppUTest/TestHarness.h>
 
+using namespace snort;
+
 //-------------------------------------------------------------------------
 // stubs, spies, etc.
 //-------------------------------------------------------------------------
@@ -48,17 +50,8 @@ void show_stats(PegCount*, const PegInfo*, unsigned, const char*) { }
 void mix_str(uint32_t& a, uint32_t&, uint32_t&, const char* s, unsigned)
 { a += strlen(s); }
 
-Packet::Packet(bool) { }
-Packet::~Packet() { }
-
-Cursor::Cursor(Packet* p)
-{ set("pkt_data", p->data, p->dsize); }
-
-static unsigned s_parse_errors = 0;
-
-void ParseError(const char*, ...)
-{ s_parse_errors++; }
-
+namespace snort
+{
 SnortConfig s_conf;
 THREAD_LOCAL SnortConfig* snort_conf = &s_conf;
 
@@ -76,6 +69,19 @@ SnortConfig::~SnortConfig() { }
 SnortConfig* SnortConfig::get_conf()
 { return snort_conf; }
 
+Packet::Packet(bool) { }
+Packet::~Packet() { }
+}
+
+Cursor::Cursor(Packet* p)
+{ set("pkt_data", p->data, p->dsize); }
+
+static unsigned s_parse_errors = 0;
+
+void ParseError(const char*, ...)
+{ s_parse_errors++; }
+
+
 unsigned get_instance_id()
 { return 0; }
 

diff --git a/src/latency/latency_module.cc b/src/latency/latency_module.cc
index 55d2c55b4a832081a23cd674c051980bc11fd7dd..b5050ed63807d340704925949f26e2718bd1a725 100644 (file)
--- a/src/latency/latency_module.cc
+++ b/src/latency/latency_module.cc
@@ -32,6 +32,8 @@
 #include "latency_rules.h"
 #include "latency_stats.h"
 
+using namespace snort;
+
 // -----------------------------------------------------------------------------
 // latency attributes
 // -----------------------------------------------------------------------------

diff --git a/src/latency/latency_module.h b/src/latency/latency_module.h
index e25a05ef36b230ae95e6b7fe60d97d604184a012..dd815a6a8f0544879c3f1f9cf90ac97ab33df0ad 100644 (file)
--- a/src/latency/latency_module.h
+++ b/src/latency/latency_module.h
@@ -23,14 +23,14 @@
 
 #include "framework/module.h"
 
-class LatencyModule : public Module
+class LatencyModule : public snort::Module
 {
 public:
     LatencyModule();
 
-    bool set(const char*, Value&, SnortConfig*) override;
+    bool set(const char*, snort::Value&, snort::SnortConfig*) override;
 
-    const RuleMap* get_rules() const override;
+    const snort::RuleMap* get_rules() const override;
     unsigned get_gid() const override;
 
     const PegInfo* get_pegs() const override;

diff --git a/src/latency/packet_latency.cc b/src/latency/packet_latency.cc
index 5ae5d51cef9d98965a7e26f065422b4ec135fde1..a4bf991ed4e6279040f974007ec97ad87461d094 100644 (file)
--- a/src/latency/packet_latency.cc
+++ b/src/latency/packet_latency.cc
@@ -40,6 +40,8 @@
 #include "catch/snort_catch.h"
 #endif
 
+using namespace snort;
+
 static THREAD_LOCAL uint64_t elapsed = 0;
 
 namespace packet_latency

diff --git a/src/latency/packet_latency.h b/src/latency/packet_latency.h
index 787630b4845466c87492d2cc1b0e2cbf5dbc9e38..52ad74960776168a366b931a1533bc7d5a4f112a 100644 (file)
--- a/src/latency/packet_latency.h
+++ b/src/latency/packet_latency.h
@@ -21,13 +21,16 @@
 #ifndef PACKET_LATENCY_H
 #define PACKET_LATENCY_H
 
+namespace snort
+{
 struct Packet;
+}
 
 class PacketLatency
 {
 public:
     static void push();
-    static void pop(const Packet*);
+    static void pop(const snort::Packet*);
     static bool fastpath();
 
     static void tterm();
@@ -35,11 +38,11 @@ public:
     class Context
     {
     public:
-        Context(const Packet* p) : p(p) { PacketLatency::push(); }
+        Context(const snort::Packet* p) : p(p) { PacketLatency::push(); }
         ~Context() { PacketLatency::pop(p); }
 
     private:
-        const Packet* p;
+        const snort::Packet* p;
     };
 };
 

diff --git a/src/latency/rule_latency.cc b/src/latency/rule_latency.cc
index 479216e7ef3179a8fe642f2ea20e7bc29bd9901f..bece983c1f4271bb1a2df0ed44c6b7e558420e90 100644 (file)
--- a/src/latency/rule_latency.cc
+++ b/src/latency/rule_latency.cc
@@ -44,6 +44,8 @@
 #include "main/thread_config.h"
 #endif
 
+using namespace snort;
+
 namespace rule_latency
 {
 // -----------------------------------------------------------------------------

diff --git a/src/latency/rule_latency.h b/src/latency/rule_latency.h
index c8383c3d9cb4f8984b1f1ab19a31a24b4212464a..a6fb17871222379580605a3b6cde3ac60607e6b2 100644 (file)
--- a/src/latency/rule_latency.h
+++ b/src/latency/rule_latency.h
@@ -22,12 +22,15 @@
 #define RULE_LATENCY_H
 
 struct detection_option_tree_root_t;
+namespace snort
+{
 struct Packet;
+}
 
 class RuleLatency
 {
 public:
-    static void push(detection_option_tree_root_t*, Packet*);
+    static void push(detection_option_tree_root_t*, snort::Packet*);
     static void pop();
     static bool suspended();
 
@@ -36,7 +39,7 @@ public:
     class Context
     {
     public:
-        Context(detection_option_tree_root_t* root, Packet* p)
+        Context(detection_option_tree_root_t* root, snort::Packet* p)
         { RuleLatency::push(root, p); }
 
         ~Context()

diff --git a/src/log/log.cc b/src/log/log.cc
index 6ea4608a8b7340a4012276154ca7be099e5ddc5d..e672f38cdbb67cd2c6d73088a316112548336c62 100644 (file)
--- a/src/log/log.cc
+++ b/src/log/log.cc
@@ -35,11 +35,14 @@
 #include "log_text.h"
 #include "messages.h"
 
+using namespace snort;
+
 #define DEFAULT_DAEMON_ALERT_FILE  "alert"
 
-/* Input is packet and an nine-byte (including NULL) character array.  Results
- * are put into the character array.
- */
+namespace snort
+{
+// Input is packet and an nine-byte (including NULL) character array.  Results
+// are put into the character array.
 void CreateTCPFlagString(const tcp::TCPHdr* const tcph, char* flagBuffer)
 {
     /* parse TCP flags */
@@ -53,6 +56,7 @@ void CreateTCPFlagString(const tcp::TCPHdr* const tcph, char* flagBuffer)
     *flagBuffer++ = (char)((tcph->th_flags & TH_FIN)  ? 'F' : '*');
     *flagBuffer = '\0';
 }
+}
 
 /****************************************************************************
  *

diff --git a/src/log/log.h b/src/log/log.h
index 56de594eb3c5616e39a84dc0a895ed927c9b860b..69f5e5be850411604cd2f2af4377fe3e6da4f307 100644 (file)
--- a/src/log/log.h
+++ b/src/log/log.h
@@ -25,19 +25,22 @@
 
 #include "main/snort_types.h"
 
-struct Packet;
+namespace snort
+{
 namespace tcp { struct TCPHdr; }
+struct Packet;
 
 SO_PUBLIC void CreateTCPFlagString(const tcp::TCPHdr* const, char*);
+}
 
 FILE* OpenAlertFile(const char*);
 int RollAlertFile(const char*);
 
 void OpenLogger();
 void CloseLogger();
-void LogIPPkt(Packet*);
-void LogFlow(Packet*);
-void LogNetData(const uint8_t* data, const int len, Packet*);
+void LogIPPkt(snort::Packet*);
+void LogFlow(snort::Packet*);
+void LogNetData(const uint8_t* data, const int len, snort::Packet*);
 
 #endif
 

diff --git a/src/log/log_text.cc b/src/log/log_text.cc
index 87c5a1b9f8957f91d68f2889ad73fc1fa81089b1..42068c6127fcaebc7517783f4cfcb3d62eec94e1 100644 (file)
--- a/src/log/log_text.cc
+++ b/src/log/log_text.cc
@@ -49,6 +49,8 @@
 #include "messages.h"
 #include "obfuscator.h"
 
+namespace snort
+{
 /*--------------------------------------------------------------------
  * utility functions
  *--------------------------------------------------------------------
@@ -243,13 +245,13 @@ static void LogIpOptions(TextLog* log, const ip::IpOptionIterator& options)
     TextLog_NewLine(log);
 }
 
-void LogIpOptions(TextLog* log, const IP4Hdr* ip4h, uint16_t valid_ip4_len)
+void LogIpOptions(TextLog* log, const ip::IP4Hdr* ip4h, uint16_t valid_ip4_len)
 {
     const ip::IpOptionIterator options(ip4h, valid_ip4_len);
     LogIpOptions(log, options);
 }
 
-static void LogIpOptions(TextLog* log, const IP4Hdr* ip4h, const Packet* const p)
+static void LogIpOptions(TextLog* log, const ip::IP4Hdr* ip4h, const Packet* const p)
 {
     const ip::IpOptionIterator options(ip4h, p);
     LogIpOptions(log, options);
@@ -1395,4 +1397,5 @@ void LogPayload(TextLog* log, Packet* p)
         LogNetData(log, p->pkt, p->pkth->caplen, p);
     }
 }
+} // namespace snort
 

diff --git a/src/log/log_text.h b/src/log/log_text.h
index 974fd6fda048d23e9153836304fcab57f9f69b46..fe0998482ba976107fea24174fdd31750836dff1 100644 (file)
--- a/src/log/log_text.h
+++ b/src/log/log_text.h
@@ -26,14 +26,14 @@
 
 #include "log/text_log.h"
 
-struct Packet;
 struct Event;
 
+namespace snort
+{
+struct Packet;
 namespace ip { struct IP4Hdr; }
 namespace tcp { struct TCPHdr; }
 
-typedef ip::IP4Hdr IP4Hdr;
-
 SO_PUBLIC void LogTimeStamp(TextLog*, Packet*);
 SO_PUBLIC void LogPriorityData(TextLog*, const Event&);
 SO_PUBLIC void LogXrefs(TextLog*, const Event&);
@@ -53,8 +53,9 @@ SO_PUBLIC void LogICMPHeader(TextLog*, Packet*);
 SO_PUBLIC void LogIpAddrs(TextLog*, Packet*);
 SO_PUBLIC void LogIPHeader(TextLog*, Packet*);
 
-SO_PUBLIC void LogIpOptions(TextLog*, const IP4Hdr*, uint16_t valid_ip4_len);
+SO_PUBLIC void LogIpOptions(TextLog*, const ip::IP4Hdr*, uint16_t valid_ip4_len);
 SO_PUBLIC void LogTcpOptions(TextLog*, const tcp::TCPHdr*, uint16_t valid_tcp_len);
+}
 
 #endif
 

diff --git a/src/log/messages.cc b/src/log/messages.cc
index aa73a8e31f16c52e5a7742445478cc8a53d18033..f244f66ab94890d254bacbc3a65f14ef89a15375 100644 (file)
--- a/src/log/messages.cc
+++ b/src/log/messages.cc
@@ -81,7 +81,7 @@ void ParseMessage(const char* format, ...)
 
 void ParseWarning(WarningGroup wg, const char* format, ...)
 {
-    if ( !(SnortConfig::get_conf()->warning_flags & (1 << wg)) )
+    if ( !(snort::SnortConfig::get_conf()->warning_flags & (1 << wg)) )
         return;
 
     char buf[STD_BUF+1];
@@ -135,12 +135,12 @@ void ParseError(const char* format, ...)
 
 static void WriteLogMessage(FILE* fh, bool prefer_fh, const char* format, va_list& ap)
 {
-    if ( SnortConfig::get_conf() && !prefer_fh )
+    if ( snort::SnortConfig::get_conf() && !prefer_fh )
     {
-        if ( SnortConfig::log_quiet() )
+        if ( snort::SnortConfig::log_quiet() )
             return;
 
-        if ( SnortConfig::log_syslog() )
+        if ( snort::SnortConfig::log_syslog() )
         {
             char buf[STD_BUF+1];
             vsnprintf(buf, STD_BUF, format, ap);
@@ -196,12 +196,12 @@ void WarningMessage(const char* format,...)
 {
     va_list ap;
 
-    if ( SnortConfig::get_conf() and SnortConfig::log_quiet() )
+    if ( snort::SnortConfig::get_conf() and snort::SnortConfig::log_quiet() )
         return;
 
     va_start(ap, format);
 
-    if ( SnortConfig::get_conf() and SnortConfig::log_syslog() )
+    if ( snort::SnortConfig::get_conf() and snort::SnortConfig::log_syslog() )
     {
         char buf[STD_BUF+1];
         vsnprintf(buf, STD_BUF, format, ap);
@@ -232,7 +232,7 @@ void ErrorMessage(const char* format,...)
 
     va_start(ap, format);
 
-    if ( SnortConfig::get_conf() and SnortConfig::log_syslog() )
+    if ( snort::SnortConfig::get_conf() and snort::SnortConfig::log_syslog() )
     {
         char buf[STD_BUF+1];
         vsnprintf(buf, STD_BUF, format, ap);
@@ -276,7 +276,7 @@ void ErrorMessage(const char* format,...)
 
     buf[STD_BUF] = '\0';
 
-    if ( SnortConfig::get_conf() and SnortConfig::log_syslog() )
+    if ( snort::SnortConfig::get_conf() and snort::SnortConfig::log_syslog() )
     {
         syslog(LOG_CONS | LOG_DAEMON | LOG_ERR, "FATAL ERROR: %s", buf);
     }

diff --git a/src/log/packet_tracer.cc b/src/log/packet_tracer.cc
index 7c6423165a4ffb856308f9406e71f6e559509751..59fde5466f0c3889df2f3a65961aa9129b608d0c 100644 (file)
--- a/src/log/packet_tracer.cc
+++ b/src/log/packet_tracer.cc
@@ -37,6 +37,8 @@
 #include "catch/snort_catch.h"
 #endif
 
+using namespace snort;
+
 #define PACKET_TRACER_USER_ENABLED  0x00000001
 #define PACKET_TRACER_DAQ_ENABLED   0x00000002
 

diff --git a/src/log/packet_tracer.h b/src/log/packet_tracer.h
index ae91cc6c81e8455ec9e44cac2f705281351411c1..2d4e7ca511ace507d7ec70af0d93d8ab5e5a16fc 100644 (file)
--- a/src/log/packet_tracer.h
+++ b/src/log/packet_tracer.h
@@ -23,7 +23,10 @@
 
 #include <daq_common.h>
 
-struct Packet;
+namespace snort
+{
+    struct Packet;
+}
 
 class PacketTracer
 {
@@ -33,7 +36,7 @@ public:
     static void log(const char* format, ...) __attribute__((format (printf, 1, 2)));
     static void dump(char* output_buff, unsigned int len);
     static void dump(const DAQ_PktHdr_t* pkthdr, DAQ_Verdict verdict);
-    static void add_header_info(Packet* p);
+    static void add_header_info(snort::Packet* p);
     static bool get_enable(const uint32_t mask=0);
     static void enable_user_trace();
     static void enable_daq_trace();

diff --git a/src/log/u2_packet.cc b/src/log/u2_packet.cc
index e88282dd530018f2b26627bd11f8d196d36721e7..36ce1fc288cf1c894d87b80ca0ceb0f2f3986bf7 100644 (file)
--- a/src/log/u2_packet.cc
+++ b/src/log/u2_packet.cc
@@ -32,6 +32,8 @@
 #include "protocols/protocol_ids.h"
 #include "utils/util.h"
 
+using namespace snort;
+
 static const uint8_t u2_ttl = 64;
 
 //--------------------------------------------------------------------------

diff --git a/src/log/u2_packet.h b/src/log/u2_packet.h
index 5bb2020e0124d951e6b5cdfac105b6c31d870791..0afa7297a254bc3794259ac3e62c090931cae38d 100644 (file)
--- a/src/log/u2_packet.h
+++ b/src/log/u2_packet.h
@@ -31,6 +31,8 @@
 
 #include "main/snort_types.h"
 
+namespace snort
+{
 struct Packet;
 
 class SO_PUBLIC U2PseudoHeader
@@ -76,6 +78,6 @@ private:
         uint8_t buf[max_size];
     } u;
 };
-
+}
 #endif
 

diff --git a/src/loggers/alert_csv.cc b/src/loggers/alert_csv.cc
index d693949b5862cb67e99393e970901553e8235fd9..7aa7c39e7b34ac748b6ab2a3b46a5280952bc226 100644 (file)
--- a/src/loggers/alert_csv.cc
+++ b/src/loggers/alert_csv.cc
@@ -47,6 +47,7 @@
 #include "protocols/vlan.h"
 #include "utils/stats.h"
 
+using namespace snort;
 using namespace std;
 
 #define LOG_BUFFER (4*K_BYTES)

diff --git a/src/loggers/alert_fast.cc b/src/loggers/alert_fast.cc
index eec28222a1f941aefd2307b4f763467da27b0b2c..9a20c6da254c1b084f974d7ddc60af84cbdf714b 100644 (file)
--- a/src/loggers/alert_fast.cc
+++ b/src/loggers/alert_fast.cc
@@ -54,6 +54,7 @@
 #include "packet_io/sfdaq.h"
 #include "service_inspectors/http_inspect/http_enum.h"
 
+using namespace snort;
 using namespace std;
 
 /* full buf was chosen to allow printing max size packets

diff --git a/src/loggers/alert_full.cc b/src/loggers/alert_full.cc
index 9948d8aae47805e847637647621ae1e9ab4fea48..12a79704df33819a6320604928efa4b7f33914e5 100644 (file)
--- a/src/loggers/alert_full.cc
+++ b/src/loggers/alert_full.cc
@@ -48,6 +48,7 @@
 #include "packet_io/sfdaq.h"
 #include "protocols/packet.h"
 
+using namespace snort;
 using namespace std;
 
 static THREAD_LOCAL TextLog* full_log = nullptr;

diff --git a/src/loggers/alert_luajit.cc b/src/loggers/alert_luajit.cc
index b7e409db6ff734e9479ef685bff45414db604160..47824e29dd1375304d5da1dcf3ba2622cda32d36 100644 (file)
--- a/src/loggers/alert_luajit.cc
+++ b/src/loggers/alert_luajit.cc
@@ -35,6 +35,8 @@
 #include "profiler/profiler_defs.h"
 #include "protocols/packet.h"
 
+using namespace snort;
+
 static THREAD_LOCAL ProfileStats luaLogPerfStats;
 
 static THREAD_LOCAL const Event* event;

diff --git a/src/loggers/alert_sf_socket.cc b/src/loggers/alert_sf_socket.cc
index 015c60e0e5bf12826a2549e4eac84c3e087bf577..34f701981dddbfa2a337a503ee5a853192f1feca 100644 (file)
--- a/src/loggers/alert_sf_socket.cc
+++ b/src/loggers/alert_sf_socket.cc
@@ -39,6 +39,7 @@
 #include "target_based/snort_protocols.h"
 #include "utils/util.h"
 
+using namespace snort;
 using namespace std;
 
 struct SfSock

diff --git a/src/loggers/alert_syslog.cc b/src/loggers/alert_syslog.cc
index 5e7876ebaf8f1e068ec2401082f2fe2b4f4ecee5..d881479ff7aad3d7515cac149de43060d5901f0a 100644 (file)
--- a/src/loggers/alert_syslog.cc
+++ b/src/loggers/alert_syslog.cc
@@ -37,6 +37,7 @@
 #include "utils/util_cstring.h"
 #include "utils/util_net.h"
 
+using namespace snort;
 using namespace std;
 
 #ifndef LOG_AUTHPRIV

diff --git a/src/loggers/log_codecs.cc b/src/loggers/log_codecs.cc
index b85e8c2f4b62d5e29d06c06f7c4e65bfb0ea4283..9f2f5941d4f2da23db9f6d47757246b85fb07ec5 100644 (file)
--- a/src/loggers/log_codecs.cc
+++ b/src/loggers/log_codecs.cc
@@ -31,6 +31,8 @@
 #include "main/snort_config.h"
 #include "protocols/packet_manager.h"
 
+using namespace snort;
+
 static THREAD_LOCAL TextLog* test_file = nullptr;
 
 #define S_NAME "log_codecs"

diff --git a/src/loggers/log_hext.cc b/src/loggers/log_hext.cc
index 246a792b068f05903b4e118d6d01fb05a9df1833..627febdfed27f28a262a475dae1998a1e382be54 100644 (file)
--- a/src/loggers/log_hext.cc
+++ b/src/loggers/log_hext.cc
@@ -28,6 +28,7 @@
 #include "log/text_log.h"
 #include "protocols/packet.h"
 
+using namespace snort;
 using namespace std;
 
 #define S_NAME "log_hext"

diff --git a/src/loggers/log_pcap.cc b/src/loggers/log_pcap.cc
index af1236eea82fa3194b69eb2854d3ef0171565200..c5d3e9586437a7331a7e760497a493014bf90a04 100644 (file)
--- a/src/loggers/log_pcap.cc
+++ b/src/loggers/log_pcap.cc
@@ -32,6 +32,7 @@
 #include "packet_io/sfdaq.h"
 #include "utils/util.h"
 
+using namespace snort;
 using namespace std;
 
 /*

diff --git a/src/loggers/loggers.cc b/src/loggers/loggers.cc
index 4b42019892d83d0fd79e1fe4daf010fefae8bdfa..a965a075ae7595ff96d12b652376c48f26645ebb 100644 (file)
--- a/src/loggers/loggers.cc
+++ b/src/loggers/loggers.cc
@@ -25,6 +25,8 @@
 
 #include "managers/plugin_manager.h"
 
+using namespace snort;
+
 // to ensure PacketManager::log_protocols() is built into Snort++
 extern const BaseApi* log_codecs[];
 

diff --git a/src/loggers/unified2.cc b/src/loggers/unified2.cc
index a1ee826f0812ef348dc90d279e65b2675dc98d5f..9e11dd15c667da1373a5556c77675763497590b4 100644 (file)
--- a/src/loggers/unified2.cc
+++ b/src/loggers/unified2.cc
@@ -52,6 +52,7 @@
 #include "utils/util.h"
 #include "utils/util_cstring.h"
 
+using namespace snort;
 using namespace std;
 
 #define S_NAME "unified2"

diff --git a/src/main.cc b/src/main.cc
index 8287a59ef188738926add3b1e622dea05082833e..cccf1423253ef9f4936582e581d4a753ab88ba97 100644 (file)
--- a/src/main.cc
+++ b/src/main.cc
@@ -65,6 +65,8 @@
 
 //-------------------------------------------------------------------------
 
+using namespace snort;
+
 static bool exit_requested = false;
 static int main_exit_code = 0;
 static bool paused = false;
@@ -254,7 +256,7 @@ static Pig* get_lazy_pig(unsigned max)
 // main commands
 //-------------------------------------------------------------------------
 
-void main_broadcast_command(AnalyzerCommand* ac)
+void snort::main_broadcast_command(AnalyzerCommand* ac)
 {
     unsigned dispatched = 0;
 

diff --git a/src/main/analyzer.cc b/src/main/analyzer.cc
index d9687f4ba557c4214c312173c1788a36d9d7b795..3e8bab9b030036c12b05ffdd6f1fabe0b2ebf3cb 100644 (file)
--- a/src/main/analyzer.cc
+++ b/src/main/analyzer.cc
@@ -36,6 +36,7 @@
 #include "snort_debug.h"
 #include "thread.h"
 
+using namespace snort;
 using namespace std;
 
 typedef DAQ_Verdict

diff --git a/src/main/analyzer.h b/src/main/analyzer.h
index 48a904d5c1d661bbac96857a4abd8ccb901ed3ae..8e251cc42a9350d0b06f0e7bafaef3733d992649 100644 (file)
--- a/src/main/analyzer.h
+++ b/src/main/analyzer.h
@@ -30,9 +30,13 @@
 #include <string>
 
 class AnalyzerCommand;
-class SFDAQInstance;
 class Swapper;
 
+namespace snort
+{
+class SFDAQInstance;
+}
+
 class Analyzer
 {
 public:
@@ -82,7 +86,7 @@ private:
     bool exit_requested;
 
     std::string source;
-    SFDAQInstance* daq_instance;
+    snort::SFDAQInstance* daq_instance;
 
     std::mutex pending_work_queue_mutex;
 };

diff --git a/src/main/analyzer_command.cc b/src/main/analyzer_command.cc
index 6742127048d287f8b5306435f14585aa7483b660..e50f022c0380a001a326808519f94ea6c0a84154 100644 (file)
--- a/src/main/analyzer_command.cc
+++ b/src/main/analyzer_command.cc
@@ -62,7 +62,7 @@ void ACResume::execute(Analyzer& analyzer)
 
 void ACRotate::execute(Analyzer&)
 {
-    Snort::thread_rotate();
+    snort::Snort::thread_rotate();
 }
 
 void ACGetStats::execute(Analyzer&)
@@ -70,7 +70,7 @@ void ACGetStats::execute(Analyzer&)
     // FIXIT-P This incurs locking on all threads to retrieve stats.  It could be reimplemented to
     //  optimize for large thread counts by retrieving stats in the command and accumulating in the
     //  main thread.
-    ModuleManager::accumulate(SnortConfig::get_conf());
+    ModuleManager::accumulate(snort::SnortConfig::get_conf());
 }
 
 ACGetStats::~ACGetStats()

diff --git a/src/main/analyzer_command.h b/src/main/analyzer_command.h
index a484c44e2a1b9894992ed2144cca9c0e6e583d0a..72ad0d30139a74442aaf7396e4dabd773ae22c12 100644 (file)
--- a/src/main/analyzer_command.h
+++ b/src/main/analyzer_command.h
@@ -111,7 +111,10 @@ public:
     ~ACDAQSwap() override;
 };
 
+namespace snort
+{
 SO_PUBLIC void main_broadcast_command(AnalyzerCommand* ac);   // From main.cc
+}
 
 #endif
 

diff --git a/src/main/control.h b/src/main/control.h
index eb450ba5dfc074e1ed84a1dd412ecdd4c0aeba63..f3dbc0abe68745f022310ebb8408e0763ec02cee 100644 (file)
--- a/src/main/control.h
+++ b/src/main/control.h
@@ -47,6 +47,7 @@ public:
     void configure() const;
     int shell_execute(int& current_fd, Request*& current_request);
     bool show_prompt() const;
+
 private:
     int fd;
     bool blocked = false;

diff --git a/src/main/control_mgmt.cc b/src/main/control_mgmt.cc
index 849becb315588e7f46026c8c3b13456d90afab18..76819be9eb33c2d2443c9f2439a5939a708a6965 100644 (file)
--- a/src/main/control_mgmt.cc
+++ b/src/main/control_mgmt.cc
@@ -108,25 +108,25 @@ void ControlMgmt::delete_controls()
 int ControlMgmt::setup_socket_family()
 {
     int family = AF_UNSPEC;
-    if ( SnortConfig::get_conf()->remote_control_port )
+    if ( snort::SnortConfig::get_conf()->remote_control_port )
     {
         memset(&in_addr, 0, sizeof(in_addr));
 
         in_addr.sin_family = AF_INET;
         in_addr.sin_addr.s_addr = htonl(0x7F000001);
-        in_addr.sin_port = htons(SnortConfig::get_conf()->remote_control_port);
+        in_addr.sin_port = htons(snort::SnortConfig::get_conf()->remote_control_port);
         sock_addr = (struct sockaddr*)&in_addr;
         sock_addr_size = sizeof(in_addr);
         family = AF_INET;
     }
-    else if ( !SnortConfig::get_conf()->remote_control_socket.empty() )
+    else if ( !snort::SnortConfig::get_conf()->remote_control_socket.empty() )
     {
         std::string fullpath;
-        const char* path_sep = strrchr(SnortConfig::get_conf()->remote_control_socket.c_str(), '/');
+        const char* path_sep = strrchr(snort::SnortConfig::get_conf()->remote_control_socket.c_str(), '/');
         if (path_sep != nullptr)
-            fullpath = SnortConfig::get_conf()->remote_control_socket;
+            fullpath = snort::SnortConfig::get_conf()->remote_control_socket;
         else
-            get_instance_file(fullpath, SnortConfig::get_conf()->remote_control_socket.c_str());
+            get_instance_file(fullpath, snort::SnortConfig::get_conf()->remote_control_socket.c_str());
 
         memset(&unix_addr, 0, sizeof(unix_addr));
         unix_addr.sun_family = AF_UNIX;

diff --git a/src/main/help.cc b/src/main/help.cc
index 1e7817286d6a4a92791c8cfae661e95f26e4379f..61c63a5dbfc1aeb881c2d0a9b7c51ea379fdfd9e 100644 (file)
--- a/src/main/help.cc
+++ b/src/main/help.cc
@@ -41,6 +41,7 @@
 #include "snort_config.h"
 #include "snort_module.h"
 
+using namespace snort;
 using namespace std;
 
 #define snort_help \

diff --git a/src/main/help.h b/src/main/help.h
index fd6567387093a829db4ad1f24551890b12de7ef8..67f851ed22e2a9851a3a9d2deb5ffebc6bac1487 100644 (file)
--- a/src/main/help.h
+++ b/src/main/help.h
@@ -23,38 +23,41 @@
 // utility methods that provide output modes other than the normal packet
 // processing.  these are called based on command line arguments.
 
+namespace snort
+{
 struct SnortConfig;
+}
 
-void config_markup(SnortConfig*, const char*);
+void config_markup(snort::SnortConfig*, const char*);
 
 void help_args(const char* pfx);
-[[noreturn]] void help_basic(SnortConfig*, const char*);
-[[noreturn]] void help_usage(SnortConfig*, const char*);
-[[noreturn]] void help_options(SnortConfig*, const char*);
-[[noreturn]] void help_signals(SnortConfig*, const char*);
-[[noreturn]] void help_config(SnortConfig* sc, const char*);
-[[noreturn]] void help_commands(SnortConfig* sc, const char*);
-[[noreturn]] void help_gids(SnortConfig* sc, const char*);
-[[noreturn]] void help_buffers(SnortConfig* sc, const char*);
-[[noreturn]] void help_builtin(SnortConfig* sc, const char*);
-[[noreturn]] void help_module(SnortConfig* sc, const char*);
-[[noreturn]] void help_modules(SnortConfig* sc, const char*);
-[[noreturn]] void help_plugins(SnortConfig* sc, const char*);
-[[noreturn]] void help_version(SnortConfig*);
-[[noreturn]] void help_counts(SnortConfig* sc, const char*);
-
-[[noreturn]] void list_modules(SnortConfig* sc, const char*);
-[[noreturn]] void list_plugins(SnortConfig* sc, const char*);
-[[noreturn]] void list_interfaces(SnortConfig*);
-[[noreturn]] void list_daqs(SnortConfig* sc);
-
-[[noreturn]] void dump_defaults(SnortConfig* sc, const char*);
-[[noreturn]] void dump_builtin_rules(SnortConfig* sc, const char*);
-[[noreturn]] void dump_dynamic_rules(SnortConfig* sc, const char*);
-[[noreturn]] void dump_msg_map(SnortConfig* sc, const char*);
-[[noreturn]] void dump_rule_hex(SnortConfig* sc, const char*);
-[[noreturn]] void dump_rule_text(SnortConfig* sc, const char*);
-[[noreturn]] void dump_version(SnortConfig* sc);
+[[noreturn]] void help_basic(snort::SnortConfig*, const char*);
+[[noreturn]] void help_usage(snort::SnortConfig*, const char*);
+[[noreturn]] void help_options(snort::SnortConfig*, const char*);
+[[noreturn]] void help_signals(snort::SnortConfig*, const char*);
+[[noreturn]] void help_config(snort::SnortConfig* sc, const char*);
+[[noreturn]] void help_commands(snort::SnortConfig* sc, const char*);
+[[noreturn]] void help_gids(snort::SnortConfig* sc, const char*);
+[[noreturn]] void help_buffers(snort::SnortConfig* sc, const char*);
+[[noreturn]] void help_builtin(snort::SnortConfig* sc, const char*);
+[[noreturn]] void help_module(snort::SnortConfig* sc, const char*);
+[[noreturn]] void help_modules(snort::SnortConfig* sc, const char*);
+[[noreturn]] void help_plugins(snort::SnortConfig* sc, const char*);
+[[noreturn]] void help_version(snort::SnortConfig*);
+[[noreturn]] void help_counts(snort::SnortConfig* sc, const char*);
+
+[[noreturn]] void list_modules(snort::SnortConfig* sc, const char*);
+[[noreturn]] void list_plugins(snort::SnortConfig* sc, const char*);
+[[noreturn]] void list_interfaces(snort::SnortConfig*);
+[[noreturn]] void list_daqs(snort::SnortConfig* sc);
+
+[[noreturn]] void dump_defaults(snort::SnortConfig* sc, const char*);
+[[noreturn]] void dump_builtin_rules(snort::SnortConfig* sc, const char*);
+[[noreturn]] void dump_dynamic_rules(snort::SnortConfig* sc, const char*);
+[[noreturn]] void dump_msg_map(snort::SnortConfig* sc, const char*);
+[[noreturn]] void dump_rule_hex(snort::SnortConfig* sc, const char*);
+[[noreturn]] void dump_rule_text(snort::SnortConfig* sc, const char*);
+[[noreturn]] void dump_version(snort::SnortConfig* sc);
 
 #endif
 

diff --git a/src/main/modules.cc b/src/main/modules.cc
index 1b9c1b0218ca8daec35aefc4fd0c8c69dd622696..69d87274c3c4c17813706e93dbd118fd50d86a5f 100644 (file)
--- a/src/main/modules.cc
+++ b/src/main/modules.cc
@@ -58,6 +58,7 @@
 #include "snort_module.h"
 #include "thread_config.h"
 
+using namespace snort;
 using namespace std;
 
 //-------------------------------------------------------------------------
@@ -1064,7 +1065,7 @@ public:
 
 bool NetworkModule::set(const char*, Value& v, SnortConfig* sc)
 {
-    NetworkPolicy* p = get_network_policy();
+    NetworkPolicy* p = snort::get_network_policy();
 
     if ( v.is("checksum_drop") )
         ConfigChecksumDrop(v.get_string());
@@ -1134,7 +1135,7 @@ public:
 
 bool InspectionModule::set(const char*, Value& v, SnortConfig* sc)
 {
-    InspectionPolicy* p = get_inspection_policy();
+    InspectionPolicy* p = snort::get_inspection_policy();
 
     if ( v.is("id") )
     {
@@ -1206,7 +1207,7 @@ static const Parameter ips_params[] =
 #define ips_help \
     "configure IPS rule processing"
 
-THREAD_LOCAL IpsModuleStats ips_module_stats;
+THREAD_LOCAL IpsModuleStats snort::ips_module_stats;
 
 const PegInfo ips_module_pegs[] =
 {
@@ -1224,7 +1225,7 @@ public:
     { return ips_module_pegs; }
 
     PegCount* get_counts() const override
-    { return (PegCount*) &ips_module_stats; }
+    { return (PegCount*) &snort::ips_module_stats; }
 
     Usage get_usage() const override
     { return DETECT; }
@@ -1232,7 +1233,7 @@ public:
 
 bool IpsModule::set(const char*, Value& v, SnortConfig* sc)
 {
-    IpsPolicy* p = get_ips_policy();
+    IpsPolicy* p = snort::get_ips_policy();
 
     if ( v.is("enable_builtin_rules") )
         p->enable_builtin_rules = v.get_bool();

diff --git a/src/main/modules.h b/src/main/modules.h
index 7bdc6f9b405f754cdf59aea448bca8209003fc77..4e326b348ff81fa1f327c522fbf33036e7b9058b 100644 (file)
--- a/src/main/modules.h
+++ b/src/main/modules.h
@@ -38,7 +38,10 @@ struct IpsModuleStats
     PegCount invalid_policy_ids;
 };
 
+namespace snort
+{
 SO_PUBLIC extern THREAD_LOCAL IpsModuleStats ips_module_stats;
+}
 
 #endif
 

diff --git a/src/main/policy.cc b/src/main/policy.cc
index 6789f2d495cd2fc188d6301d6d6e9c8a3ad610be..fc1e57beafaed817551ac6ace56aba3dfb5be8f5 100644 (file)
--- a/src/main/policy.cc
+++ b/src/main/policy.cc
@@ -33,6 +33,8 @@
 #include "shell.h"
 #include "snort_config.h"
 
+using namespace snort;
+
 //-------------------------------------------------------------------------
 // traffic policy
 //-------------------------------------------------------------------------
@@ -246,6 +248,8 @@ static THREAD_LOCAL NetworkPolicy* s_traffic_policy = nullptr;
 static THREAD_LOCAL InspectionPolicy* s_inspection_policy = nullptr;
 static THREAD_LOCAL IpsPolicy* s_detection_policy = nullptr;
 
+namespace snort
+{
 NetworkPolicy* get_network_policy()
 { return s_traffic_policy; }
 
@@ -258,6 +262,19 @@ IpsPolicy* get_ips_policy()
 InspectionPolicy* get_default_inspection_policy(SnortConfig* sc)
 { return sc->policy_map->get_inspection_policy(0); }
 
+void set_user_ips_policy(unsigned policy_id)
+{
+    IpsPolicy *p = SnortConfig::get_conf()->policy_map->get_user_ips(policy_id);
+    if(!p)
+    {
+        snort::ips_module_stats.invalid_policy_ids++;
+        return;
+    }
+
+    s_detection_policy = p;
+}
+} // namespace snort
+
 void set_network_policy(NetworkPolicy* p)
 { s_traffic_policy = p; }
 
@@ -283,18 +300,6 @@ void set_inspection_policy(SnortConfig* sc, unsigned i)
 void set_ips_policy(IpsPolicy* p)
 { s_detection_policy = p; }
 
-void set_user_ips_policy(unsigned policy_id)
-{
-    IpsPolicy *p = SnortConfig::get_conf()->policy_map->get_user_ips(policy_id);
-    if(!p)
-    {
-        ips_module_stats.invalid_policy_ids++;
-        return;
-    }
-
-    s_detection_policy = p;
-}
-
 void set_ips_policy(SnortConfig* sc, unsigned i)
 {
     PolicyMap* pm = sc->policy_map;

diff --git a/src/main/policy.h b/src/main/policy.h
index fd15e044fbf6fdeaf4d1648509256fd1ddfcafe8..1ba1f132b6155a9029f1ffb6d2788f235db15e02 100644 (file)
--- a/src/main/policy.h
+++ b/src/main/policy.h
@@ -114,7 +114,7 @@ public:
     uuid_t uuid{};
 
     struct FrameworkPolicy* framework_policy;
-    DataBus dbus;
+    snort::DataBus dbus;
     bool cloned;
 
 private:
@@ -232,29 +232,32 @@ private:
 // navigator stuff
 //-------------------------------------------------------------------------
 
-struct SnortConfig;
 
 // FIXIT-L may be inlined at some point; on lockdown for now
 // FIXIT-L SO_PUBLIC required because SnortConfig::inline_mode(), etc. uses the function
+namespace snort
+{
+struct SnortConfig;
+
 SO_PUBLIC NetworkPolicy* get_network_policy();
 SO_PUBLIC InspectionPolicy* get_inspection_policy();
 SO_PUBLIC IpsPolicy* get_ips_policy();
-
-SO_PUBLIC InspectionPolicy* get_default_inspection_policy(SnortConfig*);
+SO_PUBLIC InspectionPolicy* get_default_inspection_policy(snort::SnortConfig*);
+SO_PUBLIC void set_user_ips_policy(unsigned policy_id);
+}
 
 void set_network_policy(NetworkPolicy*);
-void set_network_policy(SnortConfig*, unsigned = 0);
+void set_network_policy(snort::SnortConfig*, unsigned = 0);
 
 void set_inspection_policy(InspectionPolicy*);
-void set_inspection_policy(SnortConfig*, unsigned = 0);
+void set_inspection_policy(snort::SnortConfig*, unsigned = 0);
 
 void set_ips_policy(IpsPolicy*);
-SO_PUBLIC void set_user_ips_policy(unsigned policy_id);
-void set_ips_policy(SnortConfig*, unsigned = 0);
+void set_ips_policy(snort::SnortConfig*, unsigned = 0);
 
-void set_policies(SnortConfig*, Shell*);
+void set_policies(snort::SnortConfig*, Shell*);
 void set_default_policy();
-void set_default_policy(SnortConfig*);
+void set_default_policy(snort::SnortConfig*);
 
 bool only_inspection_policy();
 bool only_ips_policy();

diff --git a/src/main/shell.cc b/src/main/shell.cc
index 0c79443b7f3bd980381f443fff91cd4a69ca6fee..bc347595547feb02fe556e57c773c2fbe223f67a 100644 (file)
--- a/src/main/shell.cc
+++ b/src/main/shell.cc
@@ -36,6 +36,7 @@
 #include "managers/module_manager.h"
 #include "parser/parser.h"
 
+using namespace snort;
 using namespace std;
 
 #define required "require('snort_config'); "

diff --git a/src/main/shell.h b/src/main/shell.h
index 14b8f190e716ecf40dd761307ad1f436858eb5b9..a8eb5d968e5df8b23c2dcc9bcee3f6278a8c9ad1 100644 (file)
--- a/src/main/shell.h
+++ b/src/main/shell.h
@@ -26,6 +26,11 @@
 
 struct lua_State;
 
+namespace snort
+{
+struct SnortConfig;
+}
+
 class Shell
 {
 public:
@@ -36,7 +41,7 @@ public:
     void set_overrides(const char*);
     void set_overrides(Shell*);
 
-    void configure(struct SnortConfig*);
+    void configure(snort::SnortConfig*);
     void install(const char*, const struct luaL_Reg*);
     void execute(const char*, std::string&);
 

diff --git a/src/main/snort.cc b/src/main/snort.cc
index 148343314a962cc8e11ceccc4af12010fe07471e..3f9a519aabd8575b65246a650a086f787fcd4ec7 100644 (file)
--- a/src/main/snort.cc
+++ b/src/main/snort.cc
@@ -104,6 +104,7 @@
 #include "snort_config.h"
 #include "thread_config.h"
 
+using namespace snort;
 using namespace std;
 
 //-------------------------------------------------------------------------

diff --git a/src/main/snort.h b/src/main/snort.h
index 6d4cb142556486c58917b19c401d21fda96ef053..abed229fa1d1fa640e0684d19628744a2fd36ca4 100644 (file)
--- a/src/main/snort.h
+++ b/src/main/snort.h
@@ -26,6 +26,10 @@
 
 #include "main/snort_types.h"
 
+class ContextSwitcher;
+
+namespace snort
+{
 class Flow;
 struct Packet;
 struct SnortConfig;
@@ -63,7 +67,7 @@ public:
     static void inspect(Packet*);
 
     static void set_main_hook(MainHook_f);
-    static class ContextSwitcher* get_switcher();
+    static ContextSwitcher* get_switcher();
 
     SO_PUBLIC static Packet* get_packet();
 
@@ -77,6 +81,7 @@ private:
     static bool reloading;
     static bool privileges_dropped;
 };
+}
 
 #endif
 

diff --git a/src/main/snort_config.cc b/src/main/snort_config.cc
index e393a5c8117fd897961a0522954e8736374b62ee..4f6fe249788812ab66b6b0fe7000cf7d1219a059 100644 (file)
--- a/src/main/snort_config.cc
+++ b/src/main/snort_config.cc
@@ -69,6 +69,8 @@
 #include "snort.h"
 #include "thread_config.h"
 
+using namespace snort;
+
 #define LOG_NONE    "none"
 #define LOG_DUMP    "dump"
 #define LOG_CODECS  "codecs"
@@ -962,14 +964,14 @@ void SnortConfig::set_alert_mode(const char* val)
         output = val;
 
     output_flags |= OUTPUT_FLAG__ALERTS;
-    Snort::set_main_hook(DetectionEngine::inspect);
+    snort::Snort::set_main_hook(DetectionEngine::inspect);
 }
 
 void SnortConfig::set_log_mode(const char* val)
 {
     if (strcasecmp(val, LOG_NONE) == 0)
     {
-        Snort::set_main_hook(snort_ignore);
+        snort::Snort::set_main_hook(snort_ignore);
         EventManager::enable_logs(false);
     }
     else
@@ -977,7 +979,7 @@ void SnortConfig::set_log_mode(const char* val)
         if ( !strcmp(val, LOG_DUMP) )
             val = LOG_CODECS;
         output = val;
-        Snort::set_main_hook(snort_log);
+        snort::Snort::set_main_hook(snort_log);
     }
 }
 

diff --git a/src/main/snort_config.h b/src/main/snort_config.h
index 59de26979f998a3aa8b578e52c298a333beaaf67..3b6b25cb3689a9e5391103bb9fdfc2065f2864b9 100644 (file)
--- a/src/main/snort_config.h
+++ b/src/main/snort_config.h
@@ -113,15 +113,33 @@ enum TunnelFlags
     TUNNEL_MPLS   = 0x80
 };
 
+struct ClassType;
 struct srmm_table_t;
 struct sopg_table_t;
-struct PORT_RULE_MAP;
+struct GHash;
 struct XHash;
-struct ProfilerConfig;
 struct MemoryConfig;
 struct LatencyConfig;
+struct PORT_RULE_MAP;
+struct RuleListNode;
+struct RulePortTables;
+struct RuleState;
+struct DetectionFilterConfig;
+struct EventQueueConfig;
+class FastPatternConfig;
+struct FrameworkConfig;
+struct ThresholdConfig;
+struct RateFilterConfig;
 struct SFDAQConfig;
 class ThreadConfig;
+struct ReferenceSystemNode;
+class ProtocolReference;
+struct VarNode;
+struct _IntelPmHandles;
+
+namespace snort
+{
+struct ProfilerConfig;
 
 // SnortState members are updated during runtime. an array in SnortConfig is
 // used instead of thread_locals because these must get changed on reload
@@ -257,13 +275,13 @@ public:
 
     //------------------------------------------------------
     // various modules
-    class FastPatternConfig* fast_pattern_config = nullptr;
-    struct EventQueueConfig* event_queue_config = nullptr;
+    FastPatternConfig* fast_pattern_config = nullptr;
+    EventQueueConfig* event_queue_config = nullptr;
 
     /* XXX XXX policy specific? */
-    struct ThresholdConfig* threshold_config = nullptr;
-    struct RateFilterConfig* rate_filter_config = nullptr;
-    struct DetectionFilterConfig* detection_filter_config = nullptr;
+    ThresholdConfig* threshold_config = nullptr;
+    RateFilterConfig* rate_filter_config = nullptr;
+    DetectionFilterConfig* detection_filter_config = nullptr;
 
     //------------------------------------------------------
     // FIXIT-L command line only stuff, add to conf / module
@@ -287,21 +305,21 @@ public:
 
     int thiszone = 0;
 
-    struct RuleState* rule_state_list = nullptr;
-    struct ClassType* classifications = nullptr;
-    struct ReferenceSystemNode* references = nullptr;
-    struct GHash* otn_map = nullptr;
+    RuleState* rule_state_list = nullptr;
+    ClassType* classifications = nullptr;
+    ReferenceSystemNode* references = nullptr;
+    GHash* otn_map = nullptr;
 
-    class ProtocolReference* proto_ref = nullptr;
+    ProtocolReference* proto_ref = nullptr;
 
     int num_rule_types = 0;
-    struct RuleListNode* rule_lists = nullptr;
+    RuleListNode* rule_lists = nullptr;
     int evalOrder[Actions::MAX + 1];
 
-    struct FrameworkConfig* framework_config = nullptr;
+    FrameworkConfig* framework_config = nullptr;
 
     /* master port list table */
-    struct RulePortTables* port_tables = nullptr;
+    RulePortTables* port_tables = nullptr;
 
     /* The port-rule-maps map the src-dst ports to rules for
      * udp and tcp, for Ip we map the dst port as the protocol,
@@ -325,7 +343,7 @@ public:
     XHash* rtn_hash_table = nullptr;
 
     PolicyMap* policy_map = nullptr;
-    struct VarNode* var_list = nullptr;
+    VarNode* var_list = nullptr;
 
     uint8_t tunnel_mask = 0;
 
@@ -338,7 +356,7 @@ public:
     ProfilerConfig* profiler = nullptr;
 
     LatencyConfig* latency = nullptr;
-    struct _IntelPmHandles* ipm_handles = nullptr;
+    _IntelPmHandles* ipm_handles = nullptr;
 
     unsigned remote_control_port = 0;
     std::string remote_control_socket;
@@ -445,10 +463,10 @@ public:
     { return get_conf()->run_flags & RUN_FLAG__READ; }
 
     static bool inline_mode()
-    { return ::get_ips_policy()->policy_mode == POLICY_MODE__INLINE; }
+    { return snort::get_ips_policy()->policy_mode == POLICY_MODE__INLINE; }
 
     static bool inline_test_mode()
-    { return ::get_ips_policy()->policy_mode == POLICY_MODE__INLINE_TEST; }
+    { return snort::get_ips_policy()->policy_mode == POLICY_MODE__INLINE_TEST; }
 
     static bool adaptor_inline_mode()
     { return get_conf()->run_flags & RUN_FLAG__INLINE; }
@@ -483,31 +501,31 @@ public:
 
     // checksum stuff
     static bool checksum_drop(uint16_t codec_cksum_err_flag)
-    { return ::get_network_policy()->checksum_drop & codec_cksum_err_flag; }
+    { return snort::get_network_policy()->checksum_drop & codec_cksum_err_flag; }
 
     static bool ip_checksums()
-    { return ::get_network_policy()->checksum_eval & CHECKSUM_FLAG__IP; }
+    { return snort::get_network_policy()->checksum_eval & CHECKSUM_FLAG__IP; }
 
     static bool ip_checksum_drops()
-    { return ::get_network_policy()->checksum_drop & CHECKSUM_FLAG__IP; }
+    { return snort::get_network_policy()->checksum_drop & CHECKSUM_FLAG__IP; }
 
     static bool udp_checksums()
-    { return ::get_network_policy()->checksum_eval & CHECKSUM_FLAG__UDP; }
+    { return snort::get_network_policy()->checksum_eval & CHECKSUM_FLAG__UDP; }
 
     static bool udp_checksum_drops()
-    { return ::get_network_policy()->checksum_drop & CHECKSUM_FLAG__UDP; }
+    { return snort::get_network_policy()->checksum_drop & CHECKSUM_FLAG__UDP; }
 
     static bool tcp_checksums()
-    { return ::get_network_policy()->checksum_eval & CHECKSUM_FLAG__TCP; }
+    { return snort::get_network_policy()->checksum_eval & CHECKSUM_FLAG__TCP; }
 
     static bool tcp_checksum_drops()
-    { return ::get_network_policy()->checksum_drop & CHECKSUM_FLAG__TCP; }
+    { return snort::get_network_policy()->checksum_drop & CHECKSUM_FLAG__TCP; }
 
     static bool icmp_checksums()
-    { return ::get_network_policy()->checksum_eval & CHECKSUM_FLAG__ICMP; }
+    { return snort::get_network_policy()->checksum_eval & CHECKSUM_FLAG__ICMP; }
 
     static bool icmp_checksum_drops()
-    { return ::get_network_policy()->checksum_drop & CHECKSUM_FLAG__ICMP; }
+    { return snort::get_network_policy()->checksum_drop & CHECKSUM_FLAG__ICMP; }
 
     // output stuff
     static bool output_include_year()
@@ -580,10 +598,10 @@ public:
 
     // other stuff
     static uint8_t min_ttl()
-    { return ::get_network_policy()->min_ttl; }
+    { return snort::get_network_policy()->min_ttl; }
 
     static uint8_t new_ttl()
-    { return ::get_network_policy()->new_ttl; }
+    { return snort::get_network_policy()->new_ttl; }
 
     static long int get_pcre_match_limit()
     { return get_conf()->pcre_match_limit; }
@@ -628,8 +646,10 @@ public:
 
     // Use this to access current thread's conf from other units
     static void set_conf(SnortConfig*);
+
     SO_PUBLIC static SnortConfig* get_conf();
 };
+}
 
 #endif
 

diff --git a/src/main/snort_debug.cc b/src/main/snort_debug.cc
index 027e42f02c1a02cfc3f777d7261a87287328f33b..9e0a0c25ac34b056ebdb2fda22aa491df9d1e2df 100644 (file)
--- a/src/main/snort_debug.cc
+++ b/src/main/snort_debug.cc
@@ -62,7 +62,7 @@ void Debug::print(
     va_list ap;
     va_start(ap, fmt);
 
-    if ( SnortConfig::get_conf() and SnortConfig::log_syslog() )
+    if ( snort::SnortConfig::get_conf() and snort::SnortConfig::log_syslog() )
     {
         char buf[STD_BUF];
         int buf_len = sizeof(buf);
@@ -135,7 +135,7 @@ static inline void trace_vprintf(const char* name, Trace mask, const char* file,
 
     vsnprintf(buf_ptr, buf_len, fmt, ap);
 
-    if ( SnortConfig::get_conf() and SnortConfig::log_syslog() )
+    if ( snort::SnortConfig::get_conf() and snort::SnortConfig::log_syslog() )
         syslog(LOG_DAEMON | LOG_DEBUG, "%s", buf);
     else
         output(buf, stdout);

diff --git a/src/main/snort_module.cc b/src/main/snort_module.cc
index f64f124f71caef55cf8ae8c1283c46f355646d8c..490692d5d75293295a74a53ab14e033bff41a7d1 100644 (file)
--- a/src/main/snort_module.cc
+++ b/src/main/snort_module.cc
@@ -44,6 +44,7 @@
 #include "snort_config.h"
 #include "thread_config.h"
 
+using namespace snort;
 using namespace std;
 
 //-------------------------------------------------------------------------

diff --git a/src/main/snort_module.h b/src/main/snort_module.h
index 90acbd7aebe2711986df9b88b9f2d3807f9d2676..8db40a4743f673785924b3991edec937ea804fd3 100644 (file)
--- a/src/main/snort_module.h
+++ b/src/main/snort_module.h
@@ -24,7 +24,12 @@
 // the snort module is for handling command line args,
 // shell commands, and basic application stats
 
-class Module* get_snort_module();
+namespace snort
+{
+class Module;
+}
+
+snort::Module* get_snort_module();
 
 #endif
 

diff --git a/src/main/swapper.cc b/src/main/swapper.cc
index 2b7b14cbc8c35adbb900b293907d2c74c322f2f6..1fca27263fc784b277087f07d7b3bc51bd435358 100644 (file)
--- a/src/main/swapper.cc
+++ b/src/main/swapper.cc
@@ -27,6 +27,8 @@
 
 #include "snort_config.h"
 
+using namespace snort;
+
 bool Swapper::reload_in_progress = false;
 
 Swapper::Swapper(SnortConfig* s, tTargetBasedConfig* t)
@@ -77,7 +79,7 @@ Swapper::~Swapper()
 void Swapper::apply()
 {
     if ( new_conf )
-        SnortConfig::set_conf(new_conf);
+        snort::SnortConfig::set_conf(new_conf);
 
     if ( new_attribs )
         SFAT_SetConfig(new_attribs);

diff --git a/src/main/swapper.h b/src/main/swapper.h
index b92cb39b7c425ebfd88bfb79d57aad7d3948bf43..eb80437d941a2b1b915076c091ef475ad7c45c19 100644 (file)
--- a/src/main/swapper.h
+++ b/src/main/swapper.h
@@ -22,15 +22,19 @@
 
 // used to make thread local, pointer-based config swaps by packet threads
 
+namespace snort
+{
 struct SnortConfig;
+}
+
 struct tTargetBasedConfig;
 
 class Swapper
 {
 public:
-    Swapper(SnortConfig*, tTargetBasedConfig*);
-    Swapper(SnortConfig*, SnortConfig*);
-    Swapper(SnortConfig*, SnortConfig*, tTargetBasedConfig*, tTargetBasedConfig*);
+    Swapper(snort::SnortConfig*, tTargetBasedConfig*);
+    Swapper(snort::SnortConfig*, snort::SnortConfig*);
+    Swapper(snort::SnortConfig*, snort::SnortConfig*, tTargetBasedConfig*, tTargetBasedConfig*);
     Swapper(tTargetBasedConfig*, tTargetBasedConfig*);
     ~Swapper();
 
@@ -40,8 +44,8 @@ public:
     static void set_reload_in_progress(bool rip) { reload_in_progress = rip; }
 
 private:
-    SnortConfig* old_conf;
-    SnortConfig* new_conf;
+    snort::SnortConfig* old_conf;
+    snort::SnortConfig* new_conf;
 
     tTargetBasedConfig* old_attribs;
     tTargetBasedConfig* new_attribs;

diff --git a/src/main/thread.cc b/src/main/thread.cc
index 7e04ef861f5f65d430e80b6a33c56693c00749b1..8f7a31cbf9296fb25f3a189668dff63e5be46cdf 100644 (file)
--- a/src/main/thread.cc
+++ b/src/main/thread.cc
@@ -89,26 +89,26 @@ bool break_time()
 const char* get_instance_file(std::string& file, const char* name)
 {
     bool sep = false;
-    file = !SnortConfig::get_conf()->log_dir.empty() ? SnortConfig::get_conf()->log_dir : "./";
+    file = !snort::SnortConfig::get_conf()->log_dir.empty() ? snort::SnortConfig::get_conf()->log_dir : "./";
 
     if ( file.back() != '/' )
         file += '/';
 
-    if ( !SnortConfig::get_conf()->run_prefix.empty() )
+    if ( !snort::SnortConfig::get_conf()->run_prefix.empty() )
     {
-        file += SnortConfig::get_conf()->run_prefix;
+        file += snort::SnortConfig::get_conf()->run_prefix;
         sep = true;
     }
 
-    if ( (ThreadConfig::get_instance_max() > 1) || SnortConfig::get_conf()->id_zero )
+    if ( (ThreadConfig::get_instance_max() > 1) || snort::SnortConfig::get_conf()->id_zero )
     {
         char id[8];
-        snprintf(id, sizeof(id), "%u", get_instance_id() + SnortConfig::get_conf()->id_offset);
+        snprintf(id, sizeof(id), "%u", get_instance_id() + snort::SnortConfig::get_conf()->id_offset);
         file += id;
         sep = true;
     }
 
-    if ( SnortConfig::get_conf()->id_subdir )
+    if ( snort::SnortConfig::get_conf()->id_subdir )
     {
         file += '/';
         struct stat s;

diff --git a/src/managers/action_manager.cc b/src/managers/action_manager.cc
index ee1917a02a0f90ec95b2b85d34c2ae914986e673..1dfd1ab051dc9b0d530b4c8bceb9b395d6ee23cd 100644 (file)
--- a/src/managers/action_manager.cc
+++ b/src/managers/action_manager.cc
@@ -30,6 +30,7 @@
 #include "packet_io/active.h"
 #include "parser/parser.h"
 
+using namespace snort;
 using namespace std;
 
 struct Actor

diff --git a/src/managers/action_manager.h b/src/managers/action_manager.h
index 8008b49e2bd18d39d2dc479f2577c7dbcdbc83fa..990a5bfc403a46279395dd66c1a25bb3841c35ee 100644 (file)
--- a/src/managers/action_manager.h
+++ b/src/managers/action_manager.h
@@ -28,21 +28,20 @@
 #include "framework/ips_action.h"
 #include "framework/module.h"
 
-#ifdef PIGLET
-#include "framework/ips_action.h"
-#endif
-
+namespace snort
+{
 struct ActionApi;
 class IpsAction;
 struct SnortConfig;
 struct Packet;
+}
 
 //-------------------------------------------------------------------------
 
 #ifdef PIGLET
 struct IpsActionWrapper
 {
-    IpsActionWrapper(const ActionApi* a, IpsAction* p) :
+    IpsActionWrapper(const snort::ActionApi* a, snort::IpsAction* p) :
         api { a }, instance { p } { }
 
     ~IpsActionWrapper()
@@ -51,32 +50,32 @@ struct IpsActionWrapper
             api->dtor(instance);
     }
 
-    const ActionApi* api;
-    IpsAction* instance;
+    const snort::ActionApi* api;
+    snort::IpsAction* instance;
 };
 #endif
 
 class ActionManager
 {
 public:
-    static void add_plugin(const ActionApi*);
+    static void add_plugin(const snort::ActionApi*);
     static void release_plugins();
     static void dump_plugins();
 
-    static Actions::Type get_action_type(const char*);
+    static snort::Actions::Type get_action_type(const char*);
 
-    static void instantiate(const ActionApi*, Module*, SnortConfig*);
+    static void instantiate(const snort::ActionApi*, snort::Module*, snort::SnortConfig*);
 
-    static void thread_init(SnortConfig*);
-    static void thread_term(SnortConfig*);
+    static void thread_init(snort::SnortConfig*);
+    static void thread_term(snort::SnortConfig*);
 
     static void reset_queue();
-    static void queue_reject(const Packet*);
-    static void queue(IpsAction*);
-    static void execute(Packet*);
+    static void queue_reject(const snort::Packet*);
+    static void queue(snort::IpsAction*);
+    static void execute(snort::Packet*);
 
 #ifdef PIGLET
-    static IpsActionWrapper* instantiate(const char*, Module*);
+    static IpsActionWrapper* instantiate(const char*, snort::Module*);
 #endif
 };
 

diff --git a/src/managers/codec_manager.cc b/src/managers/codec_manager.cc
index 73c6a4d41e354986a9c6f0a2e25c4deabf0e8579..bae0b4c243913bb1088efb4d24e66b17ab69c11b 100644 (file)
--- a/src/managers/codec_manager.cc
+++ b/src/managers/codec_manager.cc
@@ -29,6 +29,8 @@
 #include "protocols/packet_manager.h"
 #include "utils/dnet_header.h"
 
+using namespace snort;
+
 struct CodecManager::CodecApiWrapper
 {
     const CodecApi* api;

diff --git a/src/managers/codec_manager.h b/src/managers/codec_manager.h
index 0c06b35228266fe1bb9882023ca22c2b47dc81d5..704a10a5b2f04c2cd4e90f994b9b8edb6c24c695 100644 (file)
--- a/src/managers/codec_manager.h
+++ b/src/managers/codec_manager.h
@@ -33,21 +33,24 @@
 #include "framework/codec.h"
 #endif
 
-struct SnortConfig;
-struct CodecApi;
+namespace snort
+{
 class Codec;
+struct CodecApi;
 class Module;
 class PacketManager;
 struct ProfileStats;
+struct SnortConfig;
+}
 
 //-------------------------------------------------------------------------
 
-extern THREAD_LOCAL ProfileStats decodePerfStats;
+extern THREAD_LOCAL snort::ProfileStats decodePerfStats;
 
 #ifdef PIGLET
 struct CodecWrapper
 {
-    CodecWrapper(const CodecApi* a, Codec* p) :
+    CodecWrapper(const snort::CodecApi* a, snort::Codec* p) :
         api { a }, instance { p } { }
 
     ~CodecWrapper()
@@ -56,8 +59,8 @@ struct CodecWrapper
             api->dtor(instance);
     }
 
-    const CodecApi* api;
-    Codec* instance;
+    const snort::CodecApi* api;
+    snort::Codec* instance;
 };
 #endif
 
@@ -67,25 +70,25 @@ struct CodecWrapper
 class CodecManager
 {
 public:
-    friend class PacketManager;
+    friend class snort::PacketManager;
 
     // global plugin initializer
-    static void add_plugin(const struct CodecApi*);
+    static void add_plugin(const struct snort::CodecApi*);
     // instantiate a specific codec with a codec specific Module
-    static void instantiate(const CodecApi*, Module*, SnortConfig*);
+    static void instantiate(const snort::CodecApi*, snort::Module*, snort::SnortConfig*);
     // instantiate any codec for which a module has not been provided.
     static void instantiate();
     // destroy all global codec related information
     static void release_plugins();
     // initialize the current threads DLT and Packet struct
-    static void thread_init(SnortConfig*);
+    static void thread_init(snort::SnortConfig*);
     // destroy thread_local data
     static void thread_term();
     // print all of the codec plugins
     static void dump_plugins();
 
 #ifdef PIGLET
-    static CodecWrapper* instantiate(const char*, Module*, SnortConfig*);
+    static CodecWrapper* instantiate(const char*, snort::Module*, snort::SnortConfig*);
 #endif
 
     static uint8_t get_max_layers()
@@ -96,7 +99,7 @@ private:
 
     static std::vector<CodecApiWrapper> s_codecs;
     static std::array<ProtocolIndex, num_protocol_ids> s_proto_map;
-    static std::array<Codec*, UINT8_MAX> s_protocols;
+    static std::array<snort::Codec*, UINT8_MAX> s_protocols;
 
     static THREAD_LOCAL ProtocolId grinder_id;
     static THREAD_LOCAL ProtocolIndex grinder;
@@ -108,12 +111,12 @@ private:
      */
 
     // Private struct defined in an anonymous namespace.
-    static void instantiate(CodecApiWrapper&, Module*, SnortConfig*);
-    static CodecApiWrapper& get_api_wrapper(const CodecApi* cd_api);
+    static void instantiate(CodecApiWrapper&, snort::Module*, snort::SnortConfig*);
+    static CodecApiWrapper& get_api_wrapper(const snort::CodecApi* cd_api);
     static uint8_t get_codec(const char* const keyword);
 
 #ifdef PIGLET
-    static const CodecApi* find_api(const char*);
+    static const snort::CodecApi* find_api(const char*);
 #endif
 };
 

diff --git a/src/managers/connector_manager.cc b/src/managers/connector_manager.cc
index 2353548dede8d26e2a1b9efe8f9cd9a22039a4f4..fcf81fd324c977a432232feae5498558c00e9227 100644 (file)
--- a/src/managers/connector_manager.cc
+++ b/src/managers/connector_manager.cc
@@ -33,6 +33,8 @@
 #include "main/snort_debug.h"
 #include "utils/util.h"
 
+using namespace snort;
+
 //  ConnectorManager Private Data
 
 // One ConnectorElem for each Connector within the ConnectorCommon configuration

diff --git a/src/managers/connector_manager.h b/src/managers/connector_manager.h
index d4d5b09c374e4be5d8939e8e18878f3a695fd9c9..b96769c81f6362f3f2239bacee47e9764017fe53 100644 (file)
--- a/src/managers/connector_manager.h
+++ b/src/managers/connector_manager.h
@@ -24,27 +24,30 @@
 
 #include <string>
 
-struct SnortConfig;
-struct ConnectorApi;
+namespace snort
+{
 class Connector;
+struct ConnectorApi;
 class Module;
+struct SnortConfig;
+}
 
 //-------------------------------------------------------------------------
 
 class ConnectorManager
 {
 public:
-    static void add_plugin(const ConnectorApi* api);
+    static void add_plugin(const snort::ConnectorApi* api);
     static void dump_plugins();
     static void release_plugins();
 
-    static void instantiate(const ConnectorApi*, Module*, SnortConfig*);
+    static void instantiate(const snort::ConnectorApi*, snort::Module*, snort::SnortConfig*);
 
     static void thread_init();
     static void thread_term();
 
     /* get_connector() returns the thread-specific object. */
-    static Connector* get_connector(const std::string& name);
+    static snort::Connector* get_connector(const std::string& name);
 };
 
 #endif

diff --git a/src/managers/event_manager.cc b/src/managers/event_manager.cc
index 70380d0f26cf745c66777b2eb52eab9d7f132d86..f6e85ba1f02da8521a5bc7f9c6ad8e386880d197 100644 (file)
--- a/src/managers/event_manager.cc
+++ b/src/managers/event_manager.cc
@@ -32,6 +32,7 @@
 
 #include "module_manager.h"
 
+using namespace snort;
 using namespace std;
 
 struct Output

diff --git a/src/managers/event_manager.h b/src/managers/event_manager.h
index 678010148301e03171d8c79a17072079ac22764a..d13d5f3d72781b2af789c32534aa9476b79c6829 100644 (file)
--- a/src/managers/event_manager.h
+++ b/src/managers/event_manager.h
@@ -24,28 +24,28 @@
 // OutputSet is a group of Loggers that can be attached to external data.
 // Also provides runtime logging.
 
-#include "framework/module.h"
-
-#ifdef PIGLET
 #include "framework/logger.h"
-#endif
+#include "framework/module.h"
 
 #define OUTPUT_TYPE_FLAG__NONE  0x0
 #define OUTPUT_TYPE_FLAG__ALERT 0x1
 #define OUTPUT_TYPE_FLAG__LOG   0x2
 
+namespace snort
+{
+struct LogApi;
 struct Packet;
+struct SnortConfig;
+}
 struct Event;
 struct OutputSet;
-struct SnortConfig;
-struct LogApi;
 
 //-------------------------------------------------------------------------
 
 #ifdef PIGLET
 struct LoggerWrapper
 {
-    LoggerWrapper(const LogApi* a, Logger* p) :
+    LoggerWrapper(const snort::LogApi* a, snort::Logger* p) :
         api { a }, instance { p } { }
 
     ~LoggerWrapper()
@@ -54,42 +54,42 @@ struct LoggerWrapper
             api->dtor(instance);
     }
 
-    const LogApi* api;
-    Logger* instance;
+    const snort::LogApi* api;
+    snort::Logger* instance;
 };
 #endif
 
 class EventManager
 {
 public:
-    static void add_plugin(const LogApi*);
+    static void add_plugin(const snort::LogApi*);
     static void dump_plugins();
     static void release_plugins();
 
-    static void instantiate(const char*, SnortConfig*);
-    static void instantiate(const LogApi*, Module*, SnortConfig*);
+    static void instantiate(const char*, snort::SnortConfig*);
+    static void instantiate(const snort::LogApi*, snort::Module*, snort::SnortConfig*);
 
     static unsigned get_output_type_flags(char*);
 
-    static void add_output(OutputSet**, class Logger*);
+    static void add_output(OutputSet**, snort::Logger*);
     static void copy_outputs(OutputSet* dst, OutputSet* src);
     static void release_outputs(OutputSet*);
 
     static void open_outputs();
     static void close_outputs();
 
-    static void call_alerters(OutputSet*, Packet*, const char* message, const Event&);
-    static void call_loggers(OutputSet*, Packet*, const char* message, Event*);
+    static void call_alerters(OutputSet*, snort::Packet*, const char* message, const Event&);
+    static void call_loggers(OutputSet*, snort::Packet*, const char* message, Event*);
 
     static void enable_alerts(bool b) { alert_enabled = b; }
     static void enable_logs(bool b) { log_enabled = b; }
 
 #ifdef PIGLET
-    static LoggerWrapper* instantiate(const char* name, Module*, SnortConfig*);
+    static LoggerWrapper* instantiate(const char* name, snort::Module*, snort::SnortConfig*);
 #endif
 
 private:
-    static void instantiate(struct Output*, Module*, SnortConfig*);
+    static void instantiate(struct Output*, snort::Module*, snort::SnortConfig*);
 
     static bool alert_enabled;
     static bool log_enabled;

diff --git a/src/managers/inspector_manager.cc b/src/managers/inspector_manager.cc
index 4e3c7aab648722ea8899a2c03d53273aabc353ca..4cabe59455ec510d1b6af5694c3c466563f7eb30 100644 (file)
--- a/src/managers/inspector_manager.cc
+++ b/src/managers/inspector_manager.cc
@@ -41,6 +41,7 @@
 
 #include "module_manager.h"
 
+using namespace snort;
 using namespace std;
 
 // FIXIT-L define module names just once
@@ -421,7 +422,7 @@ static PHInstance* get_new(
 
     if ( get_instance(fp, keyword, false, old_it) )
     {
-        if ( Snort::is_reloading() )
+        if ( snort::Snort::is_reloading() )
         {
             (*old_it)->set_reloaded(RELOAD_TYPE_REENABLED);
             fp->ilist.erase(old_it);
@@ -439,7 +440,7 @@ static PHInstance* get_new(
         return nullptr;
     }
 
-    if ( Snort::is_reloading() )
+    if ( snort::Snort::is_reloading() )
     {
         if ( reloaded )
             p->set_reloaded(RELOAD_TYPE_REENABLED);
@@ -498,7 +499,7 @@ void InspectorManager::dispatch_meta(FrameworkPolicy* fp, int type, const uint8_
 
 Inspector* InspectorManager::get_binder()
 {
-    InspectionPolicy* pi = get_inspection_policy();
+    InspectionPolicy* pi = snort::get_inspection_policy();
 
     if ( !pi || !pi->framework_policy )
         return nullptr;
@@ -512,9 +513,9 @@ Inspector* InspectorManager::get_inspector(const char* key, bool dflt_only)
     InspectionPolicy* pi;
     
     if (dflt_only)
-        pi = get_default_inspection_policy(SnortConfig::get_conf());
+        pi = snort::get_default_inspection_policy(SnortConfig::get_conf());
     else
-        pi = get_inspection_policy();
+        pi = snort::get_inspection_policy();
 
     if ( !pi || !pi->framework_policy )
         return nullptr;
@@ -628,7 +629,7 @@ void InspectorManager::thread_init(SnortConfig* sc)
 
     // pin->tinit() only called for default policy
     set_default_policy();
-    InspectionPolicy* pi = get_inspection_policy();
+    InspectionPolicy* pi = snort::get_inspection_policy();
 
     if ( pi && pi->framework_policy )
     {
@@ -648,7 +649,7 @@ void InspectorManager::thread_stop(SnortConfig*)
 {
     // pin->tterm() only called for default policy
     set_default_policy();
-    InspectionPolicy* pi = get_inspection_policy();
+    InspectionPolicy* pi = snort::get_inspection_policy();
 
     if ( pi && pi->framework_policy )
     {
@@ -684,7 +685,7 @@ void InspectorManager::instantiate(
     assert(mod);
 
     FrameworkConfig* fc = sc->framework_config;
-    FrameworkPolicy* fp = get_inspection_policy()->framework_policy;
+    FrameworkPolicy* fp = snort::get_inspection_policy()->framework_policy;
 
     // FIXIT-L should not need to lookup inspector etc
     // since given api and mod
@@ -720,7 +721,7 @@ Inspector* InspectorManager::instantiate(
     if ( !ppc )
         return nullptr;
 
-    auto fp = get_inspection_policy()->framework_policy;
+    auto fp = snort::get_inspection_policy()->framework_policy;
     auto ppi = get_new(ppc, fp, name, mod, sc);
 
     if ( !ppi )
@@ -867,7 +868,7 @@ bool InspectorManager::configure(SnortConfig* sc, bool cloned)
 
 void InspectorManager::print_config(SnortConfig* sc)
 {
-    InspectionPolicy* pi = get_inspection_policy();
+    InspectionPolicy* pi = snort::get_inspection_policy();
 
     if ( !pi->framework_policy )
         return;
@@ -939,7 +940,7 @@ void InspectorManager::full_inspection(Packet* p)
 void InspectorManager::execute_control(Packet* p)
 {
     SnortConfig* sc = SnortConfig::get_conf();
-    FrameworkPolicy* fp = get_default_inspection_policy(sc)->framework_policy;
+    FrameworkPolicy* fp = snort::get_default_inspection_policy(sc)->framework_policy;
     ::execute(p, fp->control.vec, fp->control.num);
 }
 
@@ -948,7 +949,7 @@ void InspectorManager::execute_control(Packet* p)
 
 void InspectorManager::execute(Packet* p)
 {
-    FrameworkPolicy* fp = get_inspection_policy()->framework_policy;
+    FrameworkPolicy* fp = snort::get_inspection_policy()->framework_policy;
     assert(fp);
 
     if ( !p->has_paf_payload() )
@@ -958,7 +959,7 @@ void InspectorManager::execute(Packet* p)
         // a flow control wrapper) and use eval() instead of process()
         // for stream_*.
         ::execute(p, fp->session.vec, fp->session.num);
-        fp = get_inspection_policy()->framework_policy;
+        fp = snort::get_inspection_policy()->framework_policy;
     }
     // must check between each ::execute()
     if ( p->disable_inspect )
@@ -1000,7 +1001,7 @@ void InspectorManager::execute(Packet* p)
 
 void InspectorManager::probe(Packet* p)
 {
-    FrameworkPolicy* fp = get_inspection_policy()->framework_policy;
+    FrameworkPolicy* fp = snort::get_inspection_policy()->framework_policy;
     ::execute(p, fp->probe.vec, fp->probe.num);
 }
 

diff --git a/src/managers/inspector_manager.h b/src/managers/inspector_manager.h
index 6360688dceadef8ed5829a7301554c5e863dd17d..d6b57c01688c6b2a818a054da50d23b9d866b54c 100644 (file)
--- a/src/managers/inspector_manager.h
+++ b/src/managers/inspector_manager.h
@@ -29,11 +29,14 @@
 #include "framework/inspector.h"
 #endif
 
-struct Packet;
 struct FrameworkPolicy;
-struct SnortConfig;
 struct InspectionPolicy;
 
+namespace snort
+{
+struct Packet;
+struct SnortConfig;
+
 //-------------------------------------------------------------------------
 
 class InspectorManager
@@ -91,6 +94,6 @@ private:
     static void full_inspection(Packet*);
     static void execute_control(Packet*);
 };
-
+}
 #endif
 

diff --git a/src/managers/ips_manager.cc b/src/managers/ips_manager.cc
index 97d62fcfd9f6d3d5e4e9fb633d2c4ee46902e5f1..459d0b3d55275071191404d430d28ecc4999bb90 100644 (file)
--- a/src/managers/ips_manager.cc
+++ b/src/managers/ips_manager.cc
@@ -33,6 +33,7 @@
 #include "module_manager.h"
 #include "plugin_manager.h"
 
+using namespace snort;
 using namespace std;
 
 struct Option

diff --git a/src/managers/ips_manager.h b/src/managers/ips_manager.h
index 14f6093ba871d7076392178f64f92c68f45f341b..f290d09f9f923e0d3e46f65f0f1c2241ac5fd1d2 100644 (file)
--- a/src/managers/ips_manager.h
+++ b/src/managers/ips_manager.h
@@ -27,15 +27,19 @@
 #include "framework/ips_option.h"
 #include "framework/module.h"
 
-struct SnortConfig;
-struct IpsApi;
+namespace snort
+{
+    struct IpsApi;
+    class IpsOption;
+    struct SnortConfig;
+}
 
 //-------------------------------------------------------------------------
 
 #ifdef PIGLET
 struct IpsOptionWrapper
 {
-    IpsOptionWrapper(const IpsApi* a, IpsOption* p) :
+    IpsOptionWrapper(const snort::IpsApi* a, snort::IpsOption* p) :
         api { a }, instance { p } { }
 
     ~IpsOptionWrapper()
@@ -44,43 +48,43 @@ struct IpsOptionWrapper
             api->dtor(instance);
     }
 
-    const IpsApi* api;
-    IpsOption* instance;
+    const snort::IpsApi* api;
+    snort::IpsOption* instance;
 };
 #endif
 
 class IpsManager
 {
 public:
-    static void add_plugin(const IpsApi*);
+    static void add_plugin(const snort::IpsApi*);
     static void dump_plugins();
     static void release_plugins();
 
-    static void instantiate(const IpsApi*, Module*, SnortConfig*);
+    static void instantiate(const snort::IpsApi*, snort::Module*, snort::SnortConfig*);
 
     static bool get_option(
-        SnortConfig*, struct OptTreeNode*, int proto,
-        const char* keyword, char* args, RuleOptType&);
+        snort::SnortConfig*, struct OptTreeNode*, int proto,
+        const char* keyword, char* args, snort::RuleOptType&);
 
-    static bool option_begin(SnortConfig*, const char* key, int proto);
+    static bool option_begin(snort::SnortConfig*, const char* key, int proto);
     static bool option_set(
-        SnortConfig*, const char* key, const char* opt, const char* val);
+        snort::SnortConfig*, const char* key, const char* opt, const char* val);
     static bool option_end(
-        SnortConfig*, OptTreeNode*, int proto, const char* key, RuleOptType&);
+        snort::SnortConfig*, OptTreeNode*, int proto, const char* key, snort::RuleOptType&);
 
-    static void delete_option(class IpsOption*);
+    static void delete_option(snort::IpsOption*);
     static const char* get_option_keyword();
 
-    static void global_init(SnortConfig*);
-    static void global_term(SnortConfig*);
+    static void global_init(snort::SnortConfig*);
+    static void global_term(snort::SnortConfig*);
 
     static void reset_options();
     static void setup_options();
     static void clear_options();
-    static bool verify(SnortConfig*);
+    static bool verify(snort::SnortConfig*);
 
 #ifdef PIGLET
-    static IpsOptionWrapper* instantiate(const char*, Module*, struct OptTreeNode*);
+    static IpsOptionWrapper* instantiate(const char*, snort::Module*, struct OptTreeNode*);
 #endif
 };
 

diff --git a/src/managers/module_manager.cc b/src/managers/module_manager.cc
index ee809c979150111c9129dd1411625a0694dd41c2..412a18abebb810d515b758beef251e9405ce053b 100644 (file)
--- a/src/managers/module_manager.cc
+++ b/src/managers/module_manager.cc
@@ -48,6 +48,7 @@
 
 #include "plugin_manager.h"
 
+using namespace snort;
 using namespace std;
 
 struct ModHook
@@ -391,7 +392,7 @@ static bool set_var(const char* fqn, Value& val)
     if ( val.get_type() != Value::VT_STR )
         return false;
 
-    if ( get_ips_policy() == nullptr )
+    if ( snort::get_ips_policy() == nullptr )
         return true;
 
     trace("var", fqn, val);
@@ -680,7 +681,7 @@ SO_PUBLIC bool open_table(const char* s, int idx)
         return false;
 
     // FIXIT-M only basic modules and inspectors can be reloaded at present
-    if ( ( Snort::is_reloading() )
+    if ( ( snort::Snort::is_reloading() )
             and h->api and h->api->type != PT_INSPECTOR )
         return false;
 

diff --git a/src/managers/module_manager.h b/src/managers/module_manager.h
index 8474ef303b063d92923ff99ea1046659beb3502a..4ed969c2bc4c74effe40919513f3c562bb45e6c7 100644 (file)
--- a/src/managers/module_manager.h
+++ b/src/managers/module_manager.h
@@ -29,7 +29,13 @@
 
 //-------------------------------------------------------------------------
 
+namespace snort
+{
+struct BaseApi;
+class Module;
 struct SnortConfig;
+}
+
 class Shell;
 
 class ModuleManager
@@ -38,11 +44,11 @@ public:
     static void init();
     static void term();
 
-    static void add_module(class Module*, const struct BaseApi* = nullptr);
-    static Module* get_module(const char*);
-    static Module* get_default_module(const char*, SnortConfig*);
+    static void add_module(snort::Module*, const snort::BaseApi* = nullptr);
+    static snort::Module* get_module(const char*);
+    static snort::Module* get_default_module(const char*, snort::SnortConfig*);
     static const char* get_current_module();
-    static std::list<Module*> get_all_modules();
+    static std::list<snort::Module*> get_all_modules();
 
     static void list_modules(const char* = nullptr);
     static void dump_modules();
@@ -63,15 +69,15 @@ public:
     static void dump_defaults(const char* = nullptr);
 
     static void load_commands(Shell*);
-    static void load_rules(SnortConfig*);
-    static void set_config(SnortConfig*);
+    static void load_rules(snort::SnortConfig*);
+    static void set_config(snort::SnortConfig*);
 
     static void reset_errors();
     static unsigned get_errors();
 
-    static void dump_stats(SnortConfig*, const char* skip = nullptr);
-    static void accumulate(SnortConfig*);
-    static void reset_stats(SnortConfig*);
+    static void dump_stats(snort::SnortConfig*, const char* skip = nullptr);
+    static void accumulate(snort::SnortConfig*);
+    static void reset_stats(snort::SnortConfig*);
 
     static std::set<uint32_t> gids;
 };

diff --git a/src/managers/mpse_manager.cc b/src/managers/mpse_manager.cc
index 0a9aad5b317031187fd7bbae7efb2f31594bd78f..748ed652784c7dcddd884cca9ed4b33158531d4b 100644 (file)
--- a/src/managers/mpse_manager.cc
+++ b/src/managers/mpse_manager.cc
@@ -33,6 +33,7 @@
 
 #include "module_manager.h"
 
+using namespace snort;
 using namespace std;
 
 typedef list<const MpseApi*> EngineList;

diff --git a/src/managers/mpse_manager.h b/src/managers/mpse_manager.h
index c3f58b17b1e61275444963492f7641ba38e409f1..c763275407938e40311aa7b2c1a8ad403c3b8a65 100644 (file)
--- a/src/managers/mpse_manager.h
+++ b/src/managers/mpse_manager.h
@@ -30,16 +30,19 @@
 #include "framework/mpse.h"
 #endif
 
+namespace snort
+{
 struct MpseApi;
 class Mpse;
 struct SnortConfig;
+}
 
 //-------------------------------------------------------------------------
 
 #ifdef PIGLET
 struct MpseWrapper
 {
-    MpseWrapper(const MpseApi* a, Mpse* p) :
+    MpseWrapper(const snort::MpseApi* a, snort::Mpse* p) :
         api { a }, instance { p } { }
 
     ~MpseWrapper()
@@ -48,37 +51,37 @@ struct MpseWrapper
             api->dtor(instance);
     }
 
-    const MpseApi* api;
-    Mpse* instance;
+    const snort::MpseApi* api;
+    snort::Mpse* instance;
 };
 #endif
 
 class MpseManager
 {
 public:
-    static void add_plugin(const MpseApi*);
+    static void add_plugin(const snort::MpseApi*);
     static void release_plugins();
     static void dump_plugins();
 
-    static void instantiate(const MpseApi*, Module*, SnortConfig*);
-    static const MpseApi* get_search_api(const char* type);
-    static void delete_search_engine(Mpse*);
-
-    static Mpse* get_search_engine(const char*);
-    static Mpse* get_search_engine(
-        SnortConfig* sc,const MpseApi* api, const struct MpseAgent*);
-
-    static void activate_search_engine(const MpseApi*, SnortConfig*);
-    static void setup_search_engine(const MpseApi*, SnortConfig*);
-    static void start_search_engine(const MpseApi*);
-    static void stop_search_engine(const MpseApi*);
-    static bool search_engine_trim(const MpseApi*);
-    static bool is_regex_capable(const MpseApi*);
-    static void print_mpse_summary(const MpseApi*);
+    static void instantiate(const snort::MpseApi*, snort::Module*, snort::SnortConfig*);
+    static const snort::MpseApi* get_search_api(const char* type);
+    static void delete_search_engine(snort::Mpse*);
+
+    static snort::Mpse* get_search_engine(const char*);
+    static snort::Mpse* get_search_engine(
+        snort::SnortConfig* sc,const snort::MpseApi* api, const struct MpseAgent*);
+
+    static void activate_search_engine(const snort::MpseApi*, snort::SnortConfig*);
+    static void setup_search_engine(const snort::MpseApi*, snort::SnortConfig*);
+    static void start_search_engine(const snort::MpseApi*);
+    static void stop_search_engine(const snort::MpseApi*);
+    static bool search_engine_trim(const snort::MpseApi*);
+    static bool is_regex_capable(const snort::MpseApi*);
+    static void print_mpse_summary(const snort::MpseApi*);
     static void print_search_engine_stats();
 
 #ifdef PIGLET
-    static MpseWrapper* instantiate(const char*, Module*, SnortConfig*);
+    static MpseWrapper* instantiate(const char*, snort::Module*, snort::SnortConfig*);
 #endif
 };
 

diff --git a/src/managers/plugin_manager.cc b/src/managers/plugin_manager.cc
index e15c4762153ed3fafab88ec2398b75e73c95bc00..e1c085ded7df13c33d708d9530c830358f09f807 100644 (file)
--- a/src/managers/plugin_manager.cc
+++ b/src/managers/plugin_manager.cc
@@ -53,6 +53,7 @@
 #include "script_manager.h"
 #include "so_manager.h"
 
+using namespace snort;
 using namespace std;
 
 #define lib_pattern "*.so"

diff --git a/src/managers/plugin_manager.h b/src/managers/plugin_manager.h
index eaaa20d543cf72e0b4752c14c34d5f9f8bf41a04..915b8be3786eb1850126f2bf0e48136ac678899f 100644 (file)
--- a/src/managers/plugin_manager.h
+++ b/src/managers/plugin_manager.h
@@ -35,14 +35,17 @@
 
 #include "framework/base_api.h"
 
+namespace snort
+{
 class Module;
 struct SnortConfig;
+}
 
 class PluginManager
 {
 public:
     // plugin methods
-    static void load_plugins(const BaseApi**);
+    static void load_plugins(const snort::BaseApi**);
     static void load_plugins(const std::string& lib_paths);
 
     static void list_plugins();
@@ -53,14 +56,15 @@ public:
     static PlugType get_type(const char*);
     static const char* get_type_name(PlugType);
 
-    static const BaseApi* get_api(PlugType, const char* name);
+    static const snort::BaseApi* get_api(PlugType, const char* name);
 #ifdef PIGLET
     static PlugType get_type_from_name(const std::string&);
 #endif
     static const char* get_current_plugin();
 
-    static void instantiate(const BaseApi*, Module*, SnortConfig*);
-    static void instantiate(const BaseApi*, Module*, SnortConfig*, const char* name);
+    static void instantiate(const snort::BaseApi*, snort::Module*, snort::SnortConfig*);
+    static void instantiate(const snort::BaseApi*, snort::Module*, snort::SnortConfig*,
+        const char* name);
 
     static const char* get_available_plugins(PlugType);
 };

diff --git a/src/managers/script_manager.cc b/src/managers/script_manager.cc
index 6bd5622fb6e5023161e2ae686c4dcd8475c3ffc1..ae7f8aaa3e3e1b8960588adfa757784860b109c6 100644 (file)
--- a/src/managers/script_manager.cc
+++ b/src/managers/script_manager.cc
@@ -37,6 +37,7 @@
 #include "piglet/piglet_manager.h"
 #endif
 
+using namespace snort;
 using namespace std;
 
 // FIXIT-P this approach results in N * K lua states where

diff --git a/src/managers/script_manager.h b/src/managers/script_manager.h
index dceb12ad1ef1039f09ffef0741b64cfa8f66c1b3..b22dd5c059a8baa039805f145a078330fa8880c4 100644 (file)
--- a/src/managers/script_manager.h
+++ b/src/managers/script_manager.h
@@ -35,7 +35,7 @@ class ScriptManager
 public:
     static void load_scripts(const std::vector<std::string>& paths);
     static void release_scripts();
-    static const BaseApi** get_plugins();
+    static const snort::BaseApi** get_plugins();
     static std::string* get_chunk(const char* key);
 };
 

diff --git a/src/managers/so_manager.h b/src/managers/so_manager.h
index ad631bcdff3aa9f98368bfa6f89501a9157d4853..9bd0193fe5074a8a7ec2df20d45d7c9cdbccf247 100644 (file)
--- a/src/managers/so_manager.h
+++ b/src/managers/so_manager.h
@@ -25,7 +25,10 @@
 
 #include "framework/so_rule.h"
 
+namespace snort
+{
 struct SnortConfig;
+}
 struct SoApi;
 
 //-------------------------------------------------------------------------

diff --git a/src/memory/memory_cap.cc b/src/memory/memory_cap.cc
index 7cf4c886bfc30ed35fb41c5b6d8331b25eb5102a..03c1ca7ffb23824e541b2eccc3b5e657a2ac7c82 100644 (file)
--- a/src/memory/memory_cap.cc
+++ b/src/memory/memory_cap.cc
@@ -141,7 +141,7 @@ bool MemoryCap::free_space(size_t n)
     if ( !thread_cap )
         return true;
 
-    const auto& config = *SnortConfig::get_conf()->memory;
+    const auto& config = *snort::SnortConfig::get_conf()->memory;
     return memory::free_space(n, thread_cap, s_tracker, prune_handler) || config.soft;
 }
 
@@ -172,7 +172,7 @@ bool MemoryCap::over_threshold()
 void MemoryCap::calculate(unsigned num_threads)
 {
     assert(!is_packet_thread());
-    const MemoryConfig& config = *SnortConfig::get_conf()->memory;
+    const MemoryConfig& config = *snort::SnortConfig::get_conf()->memory;
 
     auto main_thread_used = s_tracker.used();
 
@@ -209,12 +209,12 @@ void MemoryCap::print()
     if ( !MemoryModule::is_active() )
         return;
 
-    const MemoryConfig& config = *SnortConfig::get_conf()->memory;
+    const MemoryConfig& config = *snort::SnortConfig::get_conf()->memory;
 
-    if ( SnortConfig::log_verbose() or s_tracker.allocations )
+    if ( snort::SnortConfig::log_verbose() or s_tracker.allocations )
         LogLabel("memory (heap)");
 
-    if ( SnortConfig::log_verbose() )
+    if ( snort::SnortConfig::log_verbose() )
     {
         LogMessage("    global cap: %zu\n", config.cap);
         LogMessage("    global preemptive threshold percent: %zu\n", config.threshold);

diff --git a/src/memory/memory_module.cc b/src/memory/memory_module.cc
index 64afa62469cf362e4943697b77e7de2a1bdd7fa3..380f554f6769307f88ab8bf92bb8df7fd4cdc16e 100644 (file)
--- a/src/memory/memory_module.cc
+++ b/src/memory/memory_module.cc
@@ -28,6 +28,8 @@
 
 #include "memory_config.h"
 
+using namespace snort;
+
 // -----------------------------------------------------------------------------
 // memory attributes
 // -----------------------------------------------------------------------------

diff --git a/src/memory/memory_module.h b/src/memory/memory_module.h
index 03eff82bc8a2314eb7d7a58bbc7d28cade3c3a7e..beab3dfd5b4dfa2b454e37e051a3f873d77340e8 100644 (file)
--- a/src/memory/memory_module.h
+++ b/src/memory/memory_module.h
@@ -23,13 +23,13 @@
 
 #include "framework/module.h"
 
-class MemoryModule : public Module
+class MemoryModule : public snort::Module
 {
 public:
     MemoryModule();
 
-    bool set(const char*, Value&, SnortConfig*) override;
-    bool end(const char*, int, SnortConfig*) override;
+    bool set(const char*, snort::Value&, snort::SnortConfig*) override;
+    bool end(const char*, int, snort::SnortConfig*) override;
 
     Usage get_usage() const override
     { return GLOBAL; }

diff --git a/src/memory/prune_handler.cc b/src/memory/prune_handler.cc
index d0bcfe1193b67a2fb23c3024eaa13e1391e779e5..bc5e4681dc6c2082760724e4fe609af165d02bf0 100644 (file)
--- a/src/memory/prune_handler.cc
+++ b/src/memory/prune_handler.cc
@@ -31,7 +31,7 @@ namespace memory
 
 void prune_handler()
 {
-    Stream::prune_flows();
+    snort::Stream::prune_flows();
 }
 
 } // namespace memory

diff --git a/src/mime/file_mime_config.cc b/src/mime/file_mime_config.cc
index 3af428912e0c5fcff855a58c021ed408f9b55a91..c05d9e238e509f55dbf4edbbe98ea27de8c9eee6 100644 (file)
--- a/src/mime/file_mime_config.cc
+++ b/src/mime/file_mime_config.cc
@@ -92,7 +92,7 @@ bool DecodeConfig::is_decoding_enabled()
 // update file depth and max_depth etc
 void DecodeConfig::sync_all_depths()
 {
-    file_depth = FileService::get_max_file_depth();
+    file_depth = snort::FileService::get_max_file_depth();
     if ((file_depth >= 0)or (b64_depth >= 0) or (qp_depth >= 0)
         or (bitenc_depth >= 0) or (uu_depth >= 0))
         decode_enabled = true;

diff --git a/src/mime/file_mime_log.cc b/src/mime/file_mime_log.cc
index 2ec9c5295f3bdffe389e721ae5559224ec7b8fd6..c1e5dbfbd32c2d40f70142798f2197068ba7d667 100644 (file)
--- a/src/mime/file_mime_log.cc
+++ b/src/mime/file_mime_log.cc
@@ -31,6 +31,8 @@
 #include "utils/util.h"
 #include "utils/util_cstring.h"
 
+using namespace snort;
+
 #define MAX_FILE                             1024
 #define MAX_EMAIL                            1024
 

diff --git a/src/mime/file_mime_log.h b/src/mime/file_mime_log.h
index c9820e5ade06c7dbe6ac6a1b8bdcbfa1556f908f..cd31e5e5d994fc47ced0a57c83239a78cd00edb4 100644 (file)
--- a/src/mime/file_mime_log.h
+++ b/src/mime/file_mime_log.h
@@ -41,7 +41,10 @@ struct MailLogConfig
     uint32_t email_hdrs_log_depth = 0;
 };
 
+namespace snort
+{
 class Flow;
+}
 
 class MailLogState
 {
@@ -51,7 +54,7 @@ public:
 
     /* accumulate MIME attachment filenames. The filenames are appended by commas */
     int log_file_name(const uint8_t* start, int length, bool* disp_cont);
-    void set_file_name_from_log(Flow*);
+    void set_file_name_from_log(snort::Flow*);
 
     int log_email_hdrs(const uint8_t* start, int length);
     int log_email_id (const uint8_t* start, int length, EmailUserType);

diff --git a/src/mime/file_mime_process.cc b/src/mime/file_mime_process.cc
index cb4f74d7ce7cc4410f5a9ef137f2142b2eab9ace..88aac2d1ffc4a17faef30868f65382cca7945e10 100644 (file)
--- a/src/mime/file_mime_process.cc
+++ b/src/mime/file_mime_process.cc
@@ -31,6 +31,8 @@
 #include "log/messages.h"
 #include "search_engines/search_tool.h"
 
+using namespace snort;
+
 struct MimeToken
 {
     const char* name;

diff --git a/src/mime/file_mime_process.h b/src/mime/file_mime_process.h
index 30c3a9177f37e7d2f08710f3264534d4fbfb1674..0a70cf09ec32e515679f920869b74b93a6546e95 100644 (file)
--- a/src/mime/file_mime_process.h
+++ b/src/mime/file_mime_process.h
@@ -30,6 +30,8 @@
 #include "mime/file_mime_log.h"
 #include "mime/file_mime_paf.h"
 
+namespace snort
+{
 /* state flags */
 #define MIME_FLAG_FOLDING                    0x00000001
 #define MIME_FLAG_IN_CONTENT_TYPE            0x00000002
@@ -96,6 +98,6 @@ private:
     const uint8_t* process_mime_data_paf(Flow*, const uint8_t* start, const uint8_t* end,
         bool upload, FilePosition);
 };
-
+}
 #endif
 

diff --git a/src/network_inspectors/appid/app_forecast.cc b/src/network_inspectors/appid/app_forecast.cc
index a264ad2d43239d54fc5a3f9a0c481fe750e02369..a92986e98a89895dd169f9ac2b9d8af655e29988 100644 (file)
--- a/src/network_inspectors/appid/app_forecast.cc
+++ b/src/network_inspectors/appid/app_forecast.cc
@@ -31,6 +31,8 @@
 #include "time/packet_time.h"
 #include "appid_session.h"
 
+using namespace snort;
+
 static THREAD_LOCAL AFActKey master_key;
 static THREAD_LOCAL XHash* AF_indicators = nullptr;     // list of "indicator apps"
 static THREAD_LOCAL XHash* AF_actives = nullptr;        // list of hosts to watch

diff --git a/src/network_inspectors/appid/app_forecast.h b/src/network_inspectors/appid/app_forecast.h
index 88923707dd508430f30e4286aa33a52182bcfbc2..d292c00099eec212179f5d81ebd3197bf587f6ae 100644 (file)
--- a/src/network_inspectors/appid/app_forecast.h
+++ b/src/network_inspectors/appid/app_forecast.h
@@ -27,7 +27,10 @@
 #include "application_ids.h"
 
 class AppIdSession;
+namespace snort
+{
 struct Packet;
+}
 
 // indicator - the appId that indicates there may be subsequent flows to look for,
 // from the same host
@@ -59,8 +62,8 @@ struct AFActVal
 int init_appid_forecast();
 void clean_appid_forecast();
 void add_af_indicator(AppId, AppId, AppId);
-void check_session_for_AF_indicator(Packet*, int, AppId);
-AppId check_session_for_AF_forecast(AppIdSession&, Packet*, int, AppId);
+void check_session_for_AF_indicator(snort::Packet*, int, AppId);
+AppId check_session_for_AF_forecast(AppIdSession&, snort::Packet*, int, AppId);
 
 #endif
 

diff --git a/src/network_inspectors/appid/app_info_table.cc b/src/network_inspectors/appid/app_info_table.cc
index abcd64cb1c79975dc936d8eecc4dc05d12057a83..2970c3d817ae8ee849759607d4ba8d6339de23cf 100644 (file)
--- a/src/network_inspectors/appid/app_info_table.cc
+++ b/src/network_inspectors/appid/app_info_table.cc
@@ -511,7 +511,7 @@ int16_t AppInfoManager::add_appid_protocol_reference(const char* protocol)
     static std::mutex apr_mutex;
 
     std::lock_guard<std::mutex> lock(apr_mutex);
-    int16_t id = SnortConfig::get_conf()->proto_ref->add(protocol);
+    int16_t id = snort::SnortConfig::get_conf()->proto_ref->add(protocol);
     return id;
 }
 

diff --git a/src/network_inspectors/appid/app_info_table.h b/src/network_inspectors/appid/app_info_table.h
index 1a7855a0de45a41e171a58f9612d6fa311cfc4b9..07500b677b1441cb314ac6ac945dd20a53766f55 100644 (file)
--- a/src/network_inspectors/appid/app_info_table.h
+++ b/src/network_inspectors/appid/app_info_table.h
@@ -75,7 +75,7 @@ public:
     uint32_t serviceId;
     uint32_t clientId;
     uint32_t payloadId;
-    int16_t snortId = SFTARGET_UNKNOWN_PROTOCOL;
+    int16_t snortId = snort::SFTARGET_UNKNOWN_PROTOCOL;
     uint32_t flags = 0;
     uint32_t priority = APP_PRIORITY_DEFAULT;
     ClientDetector* client_detector = nullptr;

diff --git a/src/network_inspectors/appid/appid_api.cc b/src/network_inspectors/appid/appid_api.cc
index e338ac3ccebd541d6eaca20b5a89a8ca8edb1041..0a0d1df2f2d11b804cf8b271ba163f910e20992c 100644 (file)
--- a/src/network_inspectors/appid/appid_api.cc
+++ b/src/network_inspectors/appid/appid_api.cc
@@ -30,9 +30,14 @@
 #include "service_plugins/service_netbios.h"
 #include "utils/util.h"
 
+using namespace snort;
+
 #define SSL_WHITELIST_PKT_LIMIT 20
 
+namespace snort
+{
 AppIdApi appid_api;
+}
 
 AppIdSession* AppIdApi::get_appid_session(Flow& flow)
 {

diff --git a/src/network_inspectors/appid/appid_api.h b/src/network_inspectors/appid/appid_api.h
index 3e08043502cb8afa9200d1189b9fed1f22a7d966..829887277377d5a0c8fafd93caff44763eec68aa 100644 (file)
--- a/src/network_inspectors/appid/appid_api.h
+++ b/src/network_inspectors/appid/appid_api.h
@@ -26,10 +26,13 @@
 #include "flow/flow.h"
 
 enum class IpProtocol : uint8_t;
+
 class AppIdDnsSession;
 class AppIdHttpSession;
 class AppIdSession;
 
+namespace snort
+{
 #define APPID_SESSION_RESPONDER_MONITORED   (1ULL << 0)
 #define APPID_SESSION_INITIATOR_MONITORED   (1ULL << 1)
 #define APPID_SESSION_SPECIAL_MONITORED     (1ULL << 2)
@@ -212,6 +215,6 @@ public:
 };
 
 SO_PUBLIC extern AppIdApi appid_api;
-
+}
 #endif
 

diff --git a/src/network_inspectors/appid/appid_config.cc b/src/network_inspectors/appid/appid_config.cc
index df5f7950f45cee116188a4f1efa4b6f38e38e698..625b88a1c80cd5743807c18dae04ac5bc92d3d64 100644 (file)
--- a/src/network_inspectors/appid/appid_config.cc
+++ b/src/network_inspectors/appid/appid_config.cc
@@ -66,9 +66,9 @@ int16_t snortId_for_http2;
 static void map_app_names_to_snort_ids()
 {
     /* init globals for snortId compares */
-    snortId_for_unsynchronized = SnortConfig::get_conf()->proto_ref->add("unsynchronized");
-    snortId_for_ftp_data = SnortConfig::get_conf()->proto_ref->add("ftp-data");
-    snortId_for_http2    = SnortConfig::get_conf()->proto_ref->add("http2");
+    snortId_for_unsynchronized = snort::SnortConfig::get_conf()->proto_ref->add("unsynchronized");
+    snortId_for_ftp_data = snort::SnortConfig::get_conf()->proto_ref->add("ftp-data");
+    snortId_for_http2    = snort::SnortConfig::get_conf()->proto_ref->add("http2");
 }
 
 AppIdModuleConfig::AppIdModuleConfig()

diff --git a/src/network_inspectors/appid/appid_config.h b/src/network_inspectors/appid/appid_config.h
index 8f4ec280fee2aa98ac71c7ca0c737ee269834d86..d8f214d3d8b838713678b6a7c212800a25f9d533 100644 (file)
--- a/src/network_inspectors/appid/appid_config.h
+++ b/src/network_inspectors/appid/appid_config.h
@@ -47,8 +47,8 @@ extern int16_t snortId_for_http2;
 struct PortExclusion
 {
     int family;
-    ip::snort_in6_addr ip;
-    ip::snort_in6_addr netmask;
+    snort::ip::snort_in6_addr ip;
+    snort::ip::snort_in6_addr netmask;
 };
 
 struct AppIdSessionLogFilter
@@ -59,9 +59,9 @@ struct AppIdSessionLogFilter
         dip.clear();
     }
 
-    SfIp sip;
+    snort::SfIp sip;
     bool sip_flag = false;
-    SfIp dip;
+    snort::SfIp dip;
     bool dip_flag = false;
     uint16_t sport = 0;
     uint16_t dport = 0;
@@ -140,8 +140,8 @@ public:
 private:
     void read_port_detectors(const char* files);
     void configure_analysis_networks(char* toklist[], uint32_t flag);
-    int add_port_exclusion(AppIdPortExclusions&, const ip::snort_in6_addr* ip,
-        const ip::snort_in6_addr* netmask, int family, uint16_t port);
+    int add_port_exclusion(AppIdPortExclusions&, const snort::ip::snort_in6_addr* ip,
+        const snort::ip::snort_in6_addr* netmask, int family, uint16_t port);
     void process_port_exclusion(char* toklist[]);
     void process_config_directive(char* toklist[], int /* reload */);
     int load_analysis_config(const char* config_file, int reload, int instance_id);

diff --git a/src/network_inspectors/appid/appid_detector.cc b/src/network_inspectors/appid/appid_detector.cc
index c91156e7748790e1f9a747da8195951c0d9f4aad..b825d92fba42457df16e17988e1e21a941eac3bb 100644 (file)
--- a/src/network_inspectors/appid/appid_detector.cc
+++ b/src/network_inspectors/appid/appid_detector.cc
@@ -31,6 +31,8 @@
 #include "lua_detector_api.h"
 #include "protocols/packet.h"
 
+using namespace snort;
+
 int AppIdDetector::initialize()
 {
     if ( !tcp_patterns.empty() )

diff --git a/src/network_inspectors/appid/appid_detector.h b/src/network_inspectors/appid/appid_detector.h
index c45d12f43c3ab43a4c9cfa494ce14257f0ad7a25..efc0c9c043469a5033f92b2b0de274dc3a9d3968 100644 (file)
--- a/src/network_inspectors/appid/appid_detector.h
+++ b/src/network_inspectors/appid/appid_detector.h
@@ -31,7 +31,11 @@
 
 class AppIdConfig;
 class LuaStateDescriptor;
+
+namespace snort
+{
 struct Packet;
+}
 
 #define STATE_ID_MAX_VALID_COUNT 5
 
@@ -69,8 +73,8 @@ typedef std::vector<ServiceDetectorPort> ServiceDetectorPorts;
 class AppIdDiscoveryArgs
 {
 public:
-    AppIdDiscoveryArgs(const uint8_t* data, uint16_t size, int dir, AppIdSession& asd, Packet* p)
-        : data(data), size(size), dir(dir), asd(asd), pkt(p)
+    AppIdDiscoveryArgs(const uint8_t* data, uint16_t size, int dir, AppIdSession& asd,
+        snort::Packet* p) : data(data), size(size), dir(dir), asd(asd), pkt(p)
     {
         config = asd.config;
         session_logging_enabled = asd.session_logging_enabled;
@@ -81,7 +85,7 @@ public:
     uint16_t size;
     int dir;
     AppIdSession& asd;
-    Packet* pkt;
+    snort::Packet* pkt;
     const AppIdConfig* config = nullptr;
     bool session_logging_enabled = false;
     char* session_logging_id = nullptr;

diff --git a/src/network_inspectors/appid/appid_discovery.cc b/src/network_inspectors/appid/appid_discovery.cc
index e4cdd60404fa991ac29a90ce47879566877f3844..54c3b9a486c4d0227027409d2e552c49b62f9c96 100644 (file)
--- a/src/network_inspectors/appid/appid_discovery.cc
+++ b/src/network_inspectors/appid/appid_discovery.cc
@@ -46,6 +46,8 @@
 #include "protocols/packet.h"
 #include "protocols/tcp.h"
 
+using namespace snort;
+
 AppIdDiscovery::AppIdDiscovery(AppIdInspector& ins)
     : inspector(ins)
 {

diff --git a/src/network_inspectors/appid/appid_discovery.h b/src/network_inspectors/appid/appid_discovery.h
index fc09d960ee24314f17531060de77010cad8e5f27..a701c4d95d5f75f808182baa6c1e6f88671777ac 100644 (file)
--- a/src/network_inspectors/appid/appid_discovery.h
+++ b/src/network_inspectors/appid/appid_discovery.h
@@ -38,7 +38,11 @@ class AppIdSession;
 class AppIdDetector;
 class ServiceDetector;
 struct ServiceDetectorPort;
+
+namespace snort
+{
 struct Packet;
+}
 
 #define SCAN_HTTP_VIA_FLAG          (1<<0)
 #define SCAN_HTTP_USER_AGENT_FLAG   (1<<1)
@@ -95,7 +99,7 @@ public:
 
     virtual void initialize() = 0;
     virtual void register_detector(const std::string&, AppIdDetector*,  IpProtocol);
-    virtual void add_pattern_data(AppIdDetector*, SearchTool*, int position,
+    virtual void add_pattern_data(AppIdDetector*, snort::SearchTool*, int position,
         const uint8_t* const pattern, unsigned size, unsigned nocase);
     virtual void register_tcp_pattern(AppIdDetector*, const uint8_t* const pattern, unsigned size,
         int position, unsigned nocase);
@@ -103,7 +107,7 @@ public:
         int position, unsigned nocase);
     virtual int add_service_port(AppIdDetector*, const ServiceDetectorPort&);
 
-    static void do_application_discovery(Packet* p, AppIdInspector&);
+    static void do_application_discovery(snort::Packet* p, AppIdInspector&);
 
     AppIdDetectors* get_tcp_detectors()
     {
@@ -122,9 +126,9 @@ protected:
     AppIdInspector& inspector;
     AppIdDetectors tcp_detectors;
     AppIdDetectors udp_detectors;
-    SearchTool* tcp_patterns = nullptr;
+    snort::SearchTool* tcp_patterns = nullptr;
     int tcp_pattern_count = 0;
-    SearchTool* udp_patterns = nullptr;
+    snort::SearchTool* udp_patterns = nullptr;
     int udp_pattern_count = 0;
     std::vector<AppIdPatternMatchNode*> pattern_data;
 };

diff --git a/src/network_inspectors/appid/appid_http_event_handler.cc b/src/network_inspectors/appid/appid_http_event_handler.cc
index b12a31a4c96277d76420715453c10d7df5d848ad..08565b38f3e3f260d29cf12afb63bdd5c3b30d9c 100644 (file)
--- a/src/network_inspectors/appid/appid_http_event_handler.cc
+++ b/src/network_inspectors/appid/appid_http_event_handler.cc
@@ -34,6 +34,8 @@
 #include "appid_session.h"
 #include "utils/util.h"
 
+using namespace snort;
+
 void HttpEventHandler::handle(DataEvent& event, Flow* flow)
 {
     int direction;

diff --git a/src/network_inspectors/appid/appid_http_event_handler.h b/src/network_inspectors/appid/appid_http_event_handler.h
index 35e4cc5f8084f64675724a44840d3b6ac034d386..0560f11eb4a5a27581239260da28d0326b9ed0b5 100644 (file)
--- a/src/network_inspectors/appid/appid_http_event_handler.h
+++ b/src/network_inspectors/appid/appid_http_event_handler.h
@@ -26,7 +26,12 @@
 
 #include "pub_sub/http_events.h"
 
-class HttpEventHandler : public DataHandler
+namespace snort
+{
+class Flow;
+}
+
+class HttpEventHandler : public snort::DataHandler
 {
 public:
     enum HttpEventType
@@ -40,7 +45,7 @@ public:
         event_type = type;
     }
 
-    void handle(DataEvent&, Flow*) override;
+    void handle(snort::DataEvent&, snort::Flow*) override;
 
 private:
     HttpEventType event_type;

diff --git a/src/network_inspectors/appid/appid_http_session.cc b/src/network_inspectors/appid/appid_http_session.cc
index a1e05afe6364b51264bfb5a0acd597c9380cbfbe..e5acf60c7b26ef7cf21ce5d6e351e59325b3a574 100644 (file)
--- a/src/network_inspectors/appid/appid_http_session.cc
+++ b/src/network_inspectors/appid/appid_http_session.cc
@@ -32,6 +32,7 @@
 #include "detector_plugins/http_url_patterns.h"
 #include "profiler/profiler.h"
 
+
 static const char* httpFieldName[ MAX_HTTP_FIELD_ID ] = // for use in debug messages
 {
     "useragent",
@@ -45,7 +46,7 @@ static const char* httpFieldName[ MAX_HTTP_FIELD_ID ] = // for use in debug mess
     "body",
 };
 
-ProfileStats httpPerfStats;
+snort::ProfileStats httpPerfStats;
 
 AppIdHttpSession::AppIdHttpSession(AppIdSession& asd)
     : asd(asd)
@@ -347,7 +348,7 @@ void AppIdHttpSession::process_chp_buffers()
 
 int AppIdHttpSession::process_http_packet(int direction)
 {
-    Profile http_profile_context(httpPerfStats);
+    snort::Profile http_profile_context(httpPerfStats);
     AppId service_id = APP_ID_NONE;
     AppId client_id = APP_ID_NONE;
     AppId payload_id = APP_ID_NONE;
@@ -599,8 +600,8 @@ int AppIdHttpSession::process_http_packet(int direction)
 
 // FIXIT-H - This function is unused and untested currently... need to figure who wants it
 // and what it should do
-void AppIdHttpSession::update_http_xff_address(struct XffFieldValue* xff_fields,
-    uint32_t numXffFields)
+void AppIdHttpSession::update_http_xff_address(struct XffFieldValue* /*xff_fields*/,
+    uint32_t /*numXffFields*/)
 {
 #if 0
     static const char* defaultXffPrecedence[] =
@@ -649,7 +650,7 @@ void AppIdHttpSession::update_http_xff_address(struct XffFieldValue* xff_fields,
 
                 // For a comma-separated list of addresses, pick the last address
                 // FIXIT-L: change to select last address port from 2.9.10-42..not tested
-                xff_addr = new SfIp();
+                xff_addr = new snort::SfIp();
                 char* xff_addr_str = nullptr;
                 char* tmp = strchr(xff_fields[j].value, ',');
 

diff --git a/src/network_inspectors/appid/appid_http_session.h b/src/network_inspectors/appid/appid_http_session.h
index eb269cc10c4535e716880c87384e0eaa0bcfac26..e108b554deaa0839aaf51d29efc386737714321d 100644 (file)
--- a/src/network_inspectors/appid/appid_http_session.h
+++ b/src/network_inspectors/appid/appid_http_session.h
@@ -121,7 +121,7 @@ public:
     uint16_t get_cookie_offset();
     uint16_t get_cookie_end_offset();
 
-    SfIp* get_xff_addr()
+    snort::SfIp* get_xff_addr()
     { return xff_addr; }
 
     void update_host(const uint8_t* new_host, int32_t len);
@@ -216,7 +216,7 @@ protected:
     int num_scans = 0;
     bool rebuilt_offsets = false;
     bool skip_simple_detect = false;
-    SfIp* xff_addr = nullptr;
+    snort::SfIp* xff_addr = nullptr;
     const char** xffPrecedence = nullptr;
     unsigned numXffFields = 0;
     std::vector<int> ptype_req_counts;

diff --git a/src/network_inspectors/appid/appid_inspector.cc b/src/network_inspectors/appid/appid_inspector.cc
index 1473870234f95b692bb4a6a16d44adfc2d58000a..ab100c65dacef4103174e1bd1781e266f60b2ab8 100644 (file)
--- a/src/network_inspectors/appid/appid_inspector.cc
+++ b/src/network_inspectors/appid/appid_inspector.cc
@@ -42,6 +42,7 @@
 #include "detector_plugins/http_url_patterns.h"
 #include "detector_plugins/detector_sip.h"
 #include "detector_plugins/detector_pattern.h"
+#include "flow/flow.h"
 #include "log/messages.h"
 #include "log/packet_tracer.h"
 #include "managers/inspector_manager.h"
@@ -49,6 +50,8 @@
 #include "protocols/packet.h"
 #include "profiler/profiler.h"
 
+using namespace snort;
+
 // FIXIT-L - appid cleans up openssl now as it is the primary (only) user... eventually this
 //           should probably be done outside of appid
 static void openssl_cleanup()

diff --git a/src/network_inspectors/appid/appid_inspector.h b/src/network_inspectors/appid/appid_inspector.h
index e7a12e498d93d793bc4aa598fe16879da8aadfda..6c8df50f528dd74f9c476a96479ec4081d526812 100644 (file)
--- a/src/network_inspectors/appid/appid_inspector.h
+++ b/src/network_inspectors/appid/appid_inspector.h
@@ -27,22 +27,25 @@
 #include "application_ids.h"
 #include "flow/flow.h"
 
+namespace snort
+{
 struct Packet;
-class SipEventHandler;
 struct SnortConfig;
+}
+class SipEventHandler;
 
-class AppIdInspector : public Inspector
+class AppIdInspector : public snort::Inspector
 {
 public:
 
     AppIdInspector(AppIdModule&);
     ~AppIdInspector() override;
 
-    bool configure(SnortConfig*) override;
-    void show(SnortConfig*) override;
+    bool configure(snort::SnortConfig*) override;
+    void show(snort::SnortConfig*) override;
     void tinit() override;
     void tterm() override;
-    void eval(Packet*) override;
+    void eval(snort::Packet*) override;
     AppIdConfig* get_appid_config();
 
     SipEventHandler& get_sip_event_handler()

diff --git a/src/network_inspectors/appid/appid_module.cc b/src/network_inspectors/appid/appid_module.cc
index 8b81bb2754fc730060c1d57961b62520ce1747a6..44c92a34afb4288d2ca3fac89f768f1078a20cd5 100644 (file)
--- a/src/network_inspectors/appid/appid_module.cc
+++ b/src/network_inspectors/appid/appid_module.cc
@@ -33,6 +33,7 @@
 #include "profiler/profiler.h"
 #include "utils/util.h"
 
+using namespace snort;
 using namespace std;
 
 //-------------------------------------------------------------------------

diff --git a/src/network_inspectors/appid/appid_module.h b/src/network_inspectors/appid/appid_module.h
index b4521d93955a31d8416d918b96c07926f3357411..7aaf9544dd47855800cfb12d5912c7cd43e4f4c6 100644 (file)
--- a/src/network_inspectors/appid/appid_module.h
+++ b/src/network_inspectors/appid/appid_module.h
@@ -28,24 +28,24 @@
 #include "appid_config.h"
 #include "framework/module.h"
 
-extern THREAD_LOCAL ProfileStats appidPerfStats;
+extern THREAD_LOCAL snort::ProfileStats appidPerfStats;
 
 #define MOD_NAME "appid"
 #define MOD_HELP "application and service identification"
 
-class AppIdModule : public Module
+class AppIdModule : public snort::Module
 {
 public:
     AppIdModule();
     ~AppIdModule() override;
 
-    bool begin(const char*, int, SnortConfig*) override;
-    bool set(const char*, Value&, SnortConfig*) override;
-    bool end(const char*, int, SnortConfig*) override;
+    bool begin(const char*, int, snort::SnortConfig*) override;
+    bool set(const char*, snort::Value&, snort::SnortConfig*) override;
+    bool end(const char*, int, snort::SnortConfig*) override;
 
     const PegInfo* get_pegs() const override;
     PegCount* get_counts() const override;
-    ProfileStats* get_profile() const override;
+    snort::ProfileStats* get_profile() const override;
 
     const AppIdModuleConfig* get_data();
 

diff --git a/src/network_inspectors/appid/appid_session.cc b/src/network_inspectors/appid/appid_session.cc
index 231c5819b875f22d0386063d10403adbface360a..80ecc2336ca26e77ecf59a2523e0d87860d2ac0d 100644 (file)
--- a/src/network_inspectors/appid/appid_session.cc
+++ b/src/network_inspectors/appid/appid_session.cc
@@ -45,6 +45,8 @@
 #include "target_based/snort_protocols.h"
 #include "time/packet_time.h"
 
+using namespace snort;
+
 unsigned AppIdSession::inspector_id = 0;
 THREAD_LOCAL uint32_t AppIdSession::appid_flow_data_id = 0;
 

diff --git a/src/network_inspectors/appid/appid_session.h b/src/network_inspectors/appid/appid_session.h
index 26ac37693a8bc2eb82bd3a786cde7f1814717a1a..8aa09eb7937617148b1a329b4efc0b9da42d5012 100644 (file)
--- a/src/network_inspectors/appid/appid_session.h
+++ b/src/network_inspectors/appid/appid_session.h
@@ -33,7 +33,6 @@
 #include "service_state.h"
 #include "detector_plugins/http_url_patterns.h"
 
-struct AppIdServiceSubtype;
 class ClientDetector;
 class ServiceDetector;
 class AppIdDnsSession;
@@ -123,11 +122,11 @@ struct CommonAppIdData
         initiator_ip.clear();
     }
 
-    APPID_FLOW_TYPE flow_type = APPID_FLOW_TYPE_IGNORE;
+    snort::APPID_FLOW_TYPE flow_type = snort::APPID_FLOW_TYPE_IGNORE;
     unsigned policyId = 0;
     //flags shared with other preprocessor via session attributes.
     uint64_t flags = 0;
-    SfIp initiator_ip;
+    snort::SfIp initiator_ip;
     uint16_t initiator_port = 0;
 };
 
@@ -141,14 +140,14 @@ struct TlsSession
     int tls_orgUnit_strlen = 0;
 };
 
-class AppIdSession : public FlowData
+class AppIdSession : public snort::FlowData
 {
 public:
-    AppIdSession(IpProtocol, const SfIp*, uint16_t port, AppIdInspector&);
+    AppIdSession(IpProtocol, const snort::SfIp*, uint16_t port, AppIdInspector&);
     ~AppIdSession() override;
 
-    static AppIdSession* allocate_session(const Packet*, IpProtocol, int, AppIdInspector&);
-    static AppIdSession* create_future_session(const Packet*, const SfIp*, uint16_t, const SfIp*,
+    static AppIdSession* allocate_session(const snort::Packet*, IpProtocol, int, AppIdInspector&);
+    static AppIdSession* create_future_session(const snort::Packet*, const snort::SfIp*, uint16_t, const snort::SfIp*,
         uint16_t, IpProtocol, int16_t, int, AppIdInspector&);
 
     AppIdInspector& get_inspector() const
@@ -157,14 +156,14 @@ public:
     }
 
     uint32_t session_id = 0;
-    Flow* flow = nullptr;
+    snort::Flow* flow = nullptr;
     AppIdConfig* config;
     std::map<unsigned, AppIdFlowData*> flow_data;
     AppInfoManager* app_info_mgr = nullptr;
     CommonAppIdData common;
     uint16_t session_packet_count = 0;
 
-    SfIp service_ip;
+    snort::SfIp service_ip;
     uint16_t service_port = 0;
     IpProtocol protocol = IpProtocol::PROTO_NOT_SET;
     uint8_t previous_tcp_flags = 0;
@@ -173,7 +172,7 @@ public:
     APPID_DISCOVERY_STATE service_disco_state = APPID_DISCO_STATE_NONE;
     SESSION_SERVICE_SEARCH_STATE service_search_state = SESSION_SERVICE_SEARCH_STATE::START;
     ServiceDetector* service_detector = nullptr;
-    AppIdServiceSubtype* subtype = nullptr;
+    snort::AppIdServiceSubtype* subtype = nullptr;
     std::vector<ServiceDetector*> service_candidates;
     ServiceAppDescriptor service;
     ClientAppDescriptor client;
@@ -231,7 +230,7 @@ public:
     AppId past_forecast = APP_ID_NONE;
 
     bool is_http2 = false;
-    SEARCH_SUPPORT_TYPE search_support_type = UNKNOWN_SEARCH_ENGINE;
+    snort::SEARCH_SUPPORT_TYPE search_support_type = snort::UNKNOWN_SEARCH_ENGINE;
     bool in_expected_cache = false;
     static unsigned inspector_id;
     static void init() { inspector_id = FlowData::create_flow_data_id(); }
@@ -272,7 +271,7 @@ public:
     void get_application_ids(AppId&, AppId&, AppId&, AppId&);
 
     bool is_ssl_session_decrypted();
-    void examine_ssl_metadata(Packet*);
+    void examine_ssl_metadata(snort::Packet*);
     void set_client_appid_data(AppId, char*);
     void set_service_appid_data(AppId, char*, char*);
     void set_referred_payload_app_id_data(AppId);
@@ -280,8 +279,8 @@ public:
     void check_app_detection_restart();
     void update_encrypted_app_id(AppId);
     void examine_rtmp_metadata();
-    void sync_with_snort_id(AppId, Packet*);
-    void stop_rna_service_inspection(Packet*,  int);
+    void sync_with_snort_id(AppId, snort::Packet*);
+    void stop_rna_service_inspection(snort::Packet*,  int);
 
     bool is_payload_appid_set();
     void clear_http_flags();
@@ -298,8 +297,8 @@ private:
     void delete_session_data();
     bool is_ssl_decryption_enabled();
 
-    void set_session_logging_state(const Packet*, int direction);
-    void create_session_logging_id(int direction, Packet*);
+    void set_session_logging_state(const snort::Packet*, int direction);
+    void create_session_logging_id(int direction, snort::Packet*);
 
     static THREAD_LOCAL uint32_t appid_flow_data_id;
     AppId application_ids[APP_PROTOID_MAX];

diff --git a/src/network_inspectors/appid/appid_utils/sf_mlmp.cc b/src/network_inspectors/appid/appid_utils/sf_mlmp.cc
index 96792c2d66d58bc3e1c8f65592273a6de4c49812..edff4c83a6be12b1340f3b80b39da698693cd939 100644 (file)
--- a/src/network_inspectors/appid/appid_utils/sf_mlmp.cc
+++ b/src/network_inspectors/appid/appid_utils/sf_mlmp.cc
@@ -62,7 +62,7 @@ struct tPatternPrimaryNode
 /*Node for mlmp tree */
 struct tMlmpTree
 {
-    SearchTool* patternTree;
+    snort::SearchTool* patternTree;
     tPatternPrimaryNode* patternList;
     uint32_t level;
 };
@@ -206,12 +206,12 @@ static int compareMlmpPatterns(const void* p1, const void* p2)
    detroyTreesRecursively. */
 static int createTreesRecusively(tMlmpTree* rootNode)
 {
-    SearchTool* patternMatcher;
+    snort::SearchTool* patternMatcher;
     tPatternPrimaryNode* primaryPatternNode;
     tPatternNode* ddPatternNode;
 
     /* set up the MPSE for url patterns */
-    patternMatcher = rootNode->patternTree = new SearchTool("ac_full", true);
+    patternMatcher = rootNode->patternTree = new snort::SearchTool("ac_full", true);
 
     for (primaryPatternNode = rootNode->patternList;
         primaryPatternNode;

diff --git a/src/network_inspectors/appid/appid_utils/sf_multi_mpse.cc b/src/network_inspectors/appid/appid_utils/sf_multi_mpse.cc
index b64bbade02eb8e1f25a7b2a007f172eed75475d2..2900618bce4ea0432dbe9b518e464550eb4db4c6 100644 (file)
--- a/src/network_inspectors/appid/appid_utils/sf_multi_mpse.cc
+++ b/src/network_inspectors/appid/appid_utils/sf_multi_mpse.cc
@@ -41,7 +41,7 @@ struct tPatternList
 /*Root node */
 struct tPatternRootNode
 {
-    SearchTool* patternTree;
+    snort::SearchTool* patternTree;
     tPatternList* patternList;
     tPatternList* lastPattern;
     unsigned int level;        /*some searches may be specific to levels. Increments from 1 at top
@@ -180,11 +180,11 @@ static int compareAppUrlPatterns(const void* p1, const void* p2)
 static int createTreesRecusively(void* root)
 {
     tPatternRootNode* rootNode = (tPatternRootNode*)root;
-    SearchTool* patternMatcher;
+    snort::SearchTool* patternMatcher;
     tPatternList* patternNode;
 
     /* set up the MPSE for url patterns */
-    if (!(patternMatcher = rootNode->patternTree = new SearchTool("ac_full", true)))
+    if (!(patternMatcher = rootNode->patternTree = new snort::SearchTool("ac_full", true)))
         return -1;
 
     for (patternNode = rootNode->patternList;

diff --git a/src/network_inspectors/appid/client_plugins/client_discovery.cc b/src/network_inspectors/appid/client_plugins/client_discovery.cc
index df27ca0cd2592cbeabda7b95e0a9ac61fc32f8bf..2bdbaf1cbeb5f17299616ecaa23a96e09b86a8cf 100644 (file)
--- a/src/network_inspectors/appid/client_plugins/client_discovery.cc
+++ b/src/network_inspectors/appid/client_plugins/client_discovery.cc
@@ -49,6 +49,8 @@
 #include "protocols/packet.h"
 #include "profiler/profiler.h"
 
+using namespace snort;
+
 #define MAX_CANDIDATE_CLIENTS 10
 
 ProfileStats clientMatchPerfStats;

diff --git a/src/network_inspectors/appid/client_plugins/client_discovery.h b/src/network_inspectors/appid/client_plugins/client_discovery.h
index e6dc628ee92b068663468bffd12c79beca63d284..7063222065b59d49b9d9ee15ac850f3a1c54b7fe 100644 (file)
--- a/src/network_inspectors/appid/client_plugins/client_discovery.h
+++ b/src/network_inspectors/appid/client_plugins/client_discovery.h
@@ -46,15 +46,15 @@ public:
     static ClientDiscovery& get_instance(AppIdInspector* ins = nullptr);
 
     void finalize_client_plugins();
-    bool do_client_discovery(AppIdSession&, Packet*, int direction);
+    bool do_client_discovery(AppIdSession&, snort::Packet*, int direction);
 
 private:
     ClientDiscovery(AppIdInspector& ins);
     void initialize() override;
-    int exec_client_detectors(AppIdSession&, Packet*, int direction);
-    ClientAppMatch* find_detector_candidates(const Packet* pkt, IpProtocol);
-    void create_detector_candidates_list(AppIdSession&, Packet*);
-    int get_detector_candidates_list(AppIdSession&, Packet*, int direction);
+    int exec_client_detectors(AppIdSession&, snort::Packet*, int direction);
+    ClientAppMatch* find_detector_candidates(const snort::Packet* pkt, IpProtocol);
+    void create_detector_candidates_list(AppIdSession&, snort::Packet*);
+    int get_detector_candidates_list(AppIdSession&, snort::Packet*, int direction);
 };
 
 #endif

diff --git a/src/network_inspectors/appid/detector_plugins/detector_dns.cc b/src/network_inspectors/appid/detector_plugins/detector_dns.cc
index 7231cc444b7ca3a0ec0c256cb97b7b0e76d57607..d4731ebee3a12d9e2559e67fe8519b5409fcbf8c 100644 (file)
--- a/src/network_inspectors/appid/detector_plugins/detector_dns.cc
+++ b/src/network_inspectors/appid/detector_plugins/detector_dns.cc
@@ -159,7 +159,7 @@ struct MatchedDNSPatterns
 struct ServiceDnsConfig
 {
     DetectorDNSHostPattern* DetectorDNSHostPatternList;
-    SearchTool* dns_host_host_matcher;
+    snort::SearchTool* dns_host_host_matcher;
 };
 static THREAD_LOCAL ServiceDnsConfig serviceDnsConfig;      // DNS service configuration
 
@@ -184,7 +184,7 @@ static int dns_host_detector_create_matcher(DetectorDNSHostPattern* list)
     if (serviceDnsConfig.dns_host_host_matcher)
         delete serviceDnsConfig.dns_host_host_matcher;
 
-    serviceDnsConfig.dns_host_host_matcher = new SearchTool("ac_full", true);
+    serviceDnsConfig.dns_host_host_matcher = new snort::SearchTool("ac_full", true);
     if (!serviceDnsConfig.dns_host_host_matcher)
         return 0;
 
@@ -739,7 +739,7 @@ inprocess:
     return APPID_INPROCESS;
 }
 
-static int dns_host_scan_patterns(SearchTool* matcher, const uint8_t* pattern, size_t size,
+static int dns_host_scan_patterns(snort::SearchTool* matcher, const uint8_t* pattern, size_t size,
     AppId* ClientAppId, AppId* payloadId)
 {
     MatchedDNSPatterns* mp = nullptr;

diff --git a/src/network_inspectors/appid/detector_plugins/detector_imap.cc b/src/network_inspectors/appid/detector_plugins/detector_imap.cc
index f2b865af335ea0c6ed64e5a3379bd51bb6a8d0e0..82f44294f3985c8a587b401f0d56f621694c673e 100644 (file)
--- a/src/network_inspectors/appid/detector_plugins/detector_imap.cc
+++ b/src/network_inspectors/appid/detector_plugins/detector_imap.cc
@@ -516,7 +516,7 @@ ImapClientDetector::~ImapClientDetector()
 
 void ImapClientDetector::do_custom_init()
 {
-    cmd_matcher = new SearchTool("ac_full", true);
+    cmd_matcher = new snort::SearchTool("ac_full", true);
 
     if ( !tcp_patterns.empty() )
     {

diff --git a/src/network_inspectors/appid/detector_plugins/detector_imap.h b/src/network_inspectors/appid/detector_plugins/detector_imap.h
index 0f1fa03034cb897073df803fa181cc6c99f19dc7..45ccc99a36006336c32cf73d4742211de91ffae2 100644 (file)
--- a/src/network_inspectors/appid/detector_plugins/detector_imap.h
+++ b/src/network_inspectors/appid/detector_plugins/detector_imap.h
@@ -39,7 +39,7 @@ public:
     ImapDetectorData* get_common_data(AppIdSession&);
 
 private:
-    SearchTool* cmd_matcher = nullptr;
+    snort::SearchTool* cmd_matcher = nullptr;
     unsigned longest_pattern = 0;
 };
 

diff --git a/src/network_inspectors/appid/detector_plugins/detector_kerberos.cc b/src/network_inspectors/appid/detector_plugins/detector_kerberos.cc
index 0018d15d7edebb8cfe67464d9a37da7332f72957..41ab5f64d660d7cf2c885e49065cc163798bc689 100644 (file)
--- a/src/network_inspectors/appid/detector_plugins/detector_kerberos.cc
+++ b/src/network_inspectors/appid/detector_plugins/detector_kerberos.cc
@@ -114,7 +114,7 @@ static THREAD_LOCAL KerberosClientDetector* krb_client_detector = nullptr;
 static THREAD_LOCAL KerberosServiceDetector* krb_service_detector = nullptr;
 
 static int krb_walk_server_packet(KRBState* krbs, const uint8_t* s, const uint8_t* end,
-    AppIdSession& asd, Packet* pkt, const int dir, const char* reqCname)
+    AppIdSession& asd, snort::Packet* pkt, const int dir, const char* reqCname)
 {
     static const uint8_t KRB_SERVER_VERSION[] = "\x0a0\x003\x002\x001";
     static const uint8_t KRB_SERVER_TYPE[] = "\x0a1\x003\x002\x001";

diff --git a/src/network_inspectors/appid/detector_plugins/detector_pattern.cc b/src/network_inspectors/appid/detector_plugins/detector_pattern.cc
index 442c04efea144464d053fecba18974c2fe6fb0aa..a46a4ca0d302efe3a515ff9ab57bfeb54d8470e1 100644 (file)
--- a/src/network_inspectors/appid/detector_plugins/detector_pattern.cc
+++ b/src/network_inspectors/appid/detector_plugins/detector_pattern.cc
@@ -118,11 +118,11 @@ static void read_patterns(PortPatternNode* portPatternList, PatternService** ser
     }
 }
 
-static void register_pattern(SearchTool** patterns, Pattern* pattern)
+static void register_pattern(snort::SearchTool** patterns, Pattern* pattern)
 {
     if (!*patterns)
     {
-        *patterns = new SearchTool("ac_full", true);
+        *patterns = new snort::SearchTool("ac_full", true);
         if (!*patterns)
         {
             ErrorMessage("Error initializing the pattern table\n");
@@ -199,7 +199,7 @@ static int pattern_match(void* id, void*, int match_end_pos, void* data, void*)
     return 0;
 }
 
-static int csd_pattern_tree_search(const uint8_t* data, uint16_t size, SearchTool* patternTree)
+static int csd_pattern_tree_search(const uint8_t* data, uint16_t size, snort::SearchTool* patternTree)
 {
     PServiceMatch* matches = nullptr;
 
@@ -461,7 +461,7 @@ PatternServiceDetector::~PatternServiceDetector()
 
 int PatternServiceDetector::validate(AppIdDiscoveryArgs& args)
 {
-    SearchTool* patternTree = nullptr;
+    snort::SearchTool* patternTree = nullptr;
 
     if (!args.data )
         return APPID_ENULL;
@@ -543,7 +543,7 @@ int PatternClientDetector::validate(AppIdDiscoveryArgs& args)
     if (!args.size || args.dir == APP_ID_FROM_RESPONDER)
         return APPID_INPROCESS;
 
-    SearchTool* patternTree = (args.asd.protocol == IpProtocol::UDP) ?
+    snort::SearchTool* patternTree = (args.asd.protocol == IpProtocol::UDP) ?
         udp_pattern_matcher : tcp_pattern_matcher;
     AppId id = csd_pattern_tree_search(args.data, args.size, patternTree);
     if (!id)

diff --git a/src/network_inspectors/appid/detector_plugins/detector_pattern.h b/src/network_inspectors/appid/detector_plugins/detector_pattern.h
index 706e0812498fe5be70bbd6e4928632d4a87cc191..a140b341511a285c3f2e8d2740602b25268f4971 100644 (file)
--- a/src/network_inspectors/appid/detector_plugins/detector_pattern.h
+++ b/src/network_inspectors/appid/detector_plugins/detector_pattern.h
@@ -26,6 +26,11 @@
 #include "client_plugins/client_detector.h"
 #include "service_plugins/service_detector.h"
 
+namespace snort
+{
+class SearchTool;
+}
+
 struct PortPatternNode
 {
     AppId appId;
@@ -66,10 +71,6 @@ struct PatternService
     unsigned longest;
 };
 
-class SearchTool;
-class ClientDetector;
-class ServiceDetector;
-
 class PatternClientDetector : public ClientDetector
 {
 public:
@@ -87,8 +88,8 @@ private:
 
     PortPatternNode* luaInjectedPatterns = nullptr;
     PatternService* servicePortPattern = nullptr;
-    SearchTool* tcp_pattern_matcher = nullptr;
-    SearchTool* udp_pattern_matcher = nullptr;
+    snort::SearchTool* tcp_pattern_matcher = nullptr;
+    snort::SearchTool* udp_pattern_matcher = nullptr;
 };
 
 class PatternServiceDetector : public ServiceDetector
@@ -109,10 +110,10 @@ private:
 
     PortPatternNode* luaInjectedPatterns = nullptr;
     PatternService* servicePortPattern = nullptr;
-    SearchTool* tcp_pattern_matcher = nullptr;
-    SearchTool* udp_pattern_matcher = nullptr;
-    SearchTool* tcpPortPatternTree[65536] = { nullptr };
-    SearchTool* udpPortPatternTree[65536] = { nullptr };
+    snort::SearchTool* tcp_pattern_matcher = nullptr;
+    snort::SearchTool* udp_pattern_matcher = nullptr;
+    snort::SearchTool* tcpPortPatternTree[65536] = { nullptr };
+    snort::SearchTool* udpPortPatternTree[65536] = { nullptr };
 };
 
 #endif

diff --git a/src/network_inspectors/appid/detector_plugins/detector_pop3.cc b/src/network_inspectors/appid/detector_plugins/detector_pop3.cc
index 649c2891e423c5a470e155f4d2cef2697b8f8ace..5ab1628f789eee2ad34ae59887b875381f6c5987 100644 (file)
--- a/src/network_inspectors/appid/detector_plugins/detector_pop3.cc
+++ b/src/network_inspectors/appid/detector_plugins/detector_pop3.cc
@@ -112,7 +112,7 @@ struct ServicePOP3Data
     unsigned count;
     const char* vendor;
     char version[MAX_VERSION_SIZE];
-    AppIdServiceSubtype* subtype;
+    snort::AppIdServiceSubtype* subtype;
     int error;
 };
 
@@ -209,7 +209,7 @@ Pop3ClientDetector::~Pop3ClientDetector()
 
 void Pop3ClientDetector::do_custom_init()
 {
-    cmd_matcher = new SearchTool("ac_full", true);
+    cmd_matcher = new snort::SearchTool("ac_full", true);
 
     if ( !tcp_patterns.empty() )
     {
@@ -244,7 +244,7 @@ static void pop3_free_state(void* data)
         ServicePOP3Data* sd = &dd->server;
         while (sd->subtype)
         {
-            AppIdServiceSubtype* sub = sd->subtype;
+            snort::AppIdServiceSubtype* sub = sd->subtype;
             sd->subtype = sub->next;
             if (sub->service)
                 snort_free((void*)sub->service);
@@ -413,7 +413,7 @@ static int pop3_server_validate(POP3DetectorData* dd, const uint8_t* data, uint1
                 pd->vendor = ven_im;
             else if ((p=service_strstr(begin, len, (const unsigned char*)ven_po, sizeof(ven_po)-1)))
             {
-                AppIdServiceSubtype* sub;
+                snort::AppIdServiceSubtype* sub;
 
                 pd->vendor = ven_po;
                 p += (sizeof(ven_po) - 1);
@@ -484,7 +484,7 @@ static int pop3_server_validate(POP3DetectorData* dd, const uint8_t* data, uint1
                     ;
                 if (p == s || p >= line_end || !(*p))
                     goto ven_ver_done;
-                sub = (AppIdServiceSubtype*)snort_calloc(sizeof(AppIdServiceSubtype));
+                sub = (snort::AppIdServiceSubtype*)snort_calloc(sizeof(snort::AppIdServiceSubtype));
                 unsigned sub_len;
 
                 sub_len = p - s;

diff --git a/src/network_inspectors/appid/detector_plugins/detector_pop3.h b/src/network_inspectors/appid/detector_plugins/detector_pop3.h
index f679619c3932e27c5cf6cb20184990260489ca8d..d94e6917748ea4a9a18a7917678bfe07edf277de 100644 (file)
--- a/src/network_inspectors/appid/detector_plugins/detector_pop3.h
+++ b/src/network_inspectors/appid/detector_plugins/detector_pop3.h
@@ -38,7 +38,7 @@ public:
     POP3DetectorData* get_common_data(AppIdSession&);
 
 private:
-    SearchTool* cmd_matcher = nullptr;
+    snort::SearchTool* cmd_matcher = nullptr;
     unsigned longest_pattern = 0;
 };
 

diff --git a/src/network_inspectors/appid/detector_plugins/detector_sip.cc b/src/network_inspectors/appid/detector_plugins/detector_sip.cc
index 5ed980c1263f878699969e3c717d6d32f628f5af..9da9e1a43bd668cc7121a75936b0036ce6358b5e 100644 (file)
--- a/src/network_inspectors/appid/detector_plugins/detector_sip.cc
+++ b/src/network_inspectors/appid/detector_plugins/detector_sip.cc
@@ -327,8 +327,9 @@ static int get_sip_client_app(void* patternMatcher, const char* pattern, uint32_
     return 1;
 }
 
-void SipServiceDetector::createRtpFlow(AppIdSession& asd, const Packet* pkt, const SfIp* cliIp,
-    uint16_t cliPort, const SfIp* srvIp, uint16_t srvPort, IpProtocol proto, int16_t app_id)
+void SipServiceDetector::createRtpFlow(AppIdSession& asd, const snort::Packet* pkt,
+    const snort::SfIp* cliIp, uint16_t cliPort, const snort::SfIp* srvIp, uint16_t srvPort,
+    IpProtocol proto, int16_t app_id)
 {
     AppIdSession* fp = AppIdSession::create_future_session(pkt, cliIp, cliPort, srvIp, srvPort,
         proto, app_id, APPID_EARLY_SESSION_FLAG_FW_RULE, handler->get_inspector());
@@ -463,17 +464,17 @@ int SipServiceDetector::validate(AppIdDiscoveryArgs& args)
 THREAD_LOCAL SipUdpClientDetector* SipEventHandler::client = nullptr;
 THREAD_LOCAL SipServiceDetector* SipEventHandler::service = nullptr;
 
-void SipEventHandler::handle(DataEvent& event, Flow* flow)
+void SipEventHandler::handle(snort::DataEvent& event, snort::Flow* flow)
 {
     SipEvent& sip_event = (SipEvent&)event;
     AppIdSession* asd = nullptr;
 
     if ( flow )
-        asd = appid_api.get_appid_session(*flow);
+        asd = snort::appid_api.get_appid_session(*flow);
 
     if ( !asd )
     {
-        const Packet* p = sip_event.get_packet();
+        const snort::Packet* p = sip_event.get_packet();
         IpProtocol protocol = p->is_tcp() ? IpProtocol::TCP : IpProtocol::UDP;
         int direction = p->is_from_client() ? APP_ID_FROM_INITIATOR : APP_ID_FROM_RESPONDER;
         asd = AppIdSession::allocate_session(p, protocol, direction,

diff --git a/src/network_inspectors/appid/detector_plugins/detector_sip.h b/src/network_inspectors/appid/detector_plugins/detector_sip.h
index 0b482f982ac4f54e13273134fab13a5b5e329e3d..6c51e8f23ed02f2ae15754c5dcaf6178b5e126ab 100644 (file)
--- a/src/network_inspectors/appid/detector_plugins/detector_sip.h
+++ b/src/network_inspectors/appid/detector_plugins/detector_sip.h
@@ -29,6 +29,11 @@
 #include "framework/data_bus.h"
 #include "pub_sub/sip_events.h"
 
+namespace snort
+{
+class Flow;
+}
+
 struct SipUaUserData
 {
     AppId ClientAppId;
@@ -74,11 +79,11 @@ public:
     void addFutureRtpFlows(SipEvent&, AppIdSession&);
 
 private:
-    void createRtpFlow(AppIdSession&, const Packet*, const SfIp* cliIp,
-        uint16_t cliPort, const SfIp* srvIp, uint16_t srvPort, IpProtocol, int16_t app_id);
+    void createRtpFlow(AppIdSession&, const snort::Packet*, const snort::SfIp* cliIp,
+        uint16_t cliPort, const snort::SfIp* srvIp, uint16_t srvPort, IpProtocol, int16_t app_id);
 };
 
-class SipEventHandler : public DataHandler
+class SipEventHandler : public snort::DataHandler
 {
 public:
 
@@ -91,9 +96,9 @@ public:
     void set_service(SipServiceDetector* sd) { SipEventHandler::service = sd; }
 
     void subscribe()
-    { DataBus::subscribe(SIP_EVENT_TYPE_SIP_DIALOG_KEY, this); }
+    { snort::DataBus::subscribe(SIP_EVENT_TYPE_SIP_DIALOG_KEY, this); }
 
-    void handle(DataEvent&, Flow*) override;
+    void handle(snort::DataEvent&, snort::Flow*) override;
 
 private:
     SipEventHandler() = default;

diff --git a/src/network_inspectors/appid/detector_plugins/detector_smtp.cc b/src/network_inspectors/appid/detector_plugins/detector_smtp.cc
index bf78e311a5eae0b859eee13c18bdfaa9016e4894..05e149e709266c829124939954236cd6623fc5ec 100644 (file)
--- a/src/network_inspectors/appid/detector_plugins/detector_smtp.cc
+++ b/src/network_inspectors/appid/detector_plugins/detector_smtp.cc
@@ -207,7 +207,7 @@ int SmtpClientDetector::extract_version_and_add_client_app(AppId clientId, const
  *  Returns 0 if a recognized product is found.  Otherwise returns 1.
  */
 int SmtpClientDetector::identify_client_version(ClientSMTPData* const fd, const uint8_t* product,
-    const uint8_t* data_end, AppIdSession& asd, Packet*)
+    const uint8_t* data_end, AppIdSession& asd, snort::Packet*)
 {
     const uint8_t* p;
     AppId appId = (fd->flags & CLIENT_FLAG_SMTPS) ?  APP_ID_SMTPS : APP_ID_SMTP;

diff --git a/src/network_inspectors/appid/detector_plugins/detector_smtp.h b/src/network_inspectors/appid/detector_plugins/detector_smtp.h
index 5958f0f973ce6ed7944af7683f14571c8fe87442..a3e972a703d3ef0c82b0eeecbb1e6eb9f99983fc 100644 (file)
--- a/src/network_inspectors/appid/detector_plugins/detector_smtp.h
+++ b/src/network_inspectors/appid/detector_plugins/detector_smtp.h
@@ -42,7 +42,7 @@ private:
         const uint8_t* product, const uint8_t* product_end, ClientSMTPData* const,
         AppIdSession&, AppId);
     int identify_client_version(ClientSMTPData* const, const uint8_t* product,
-        const uint8_t* data_end, AppIdSession&, Packet*);
+        const uint8_t* data_end, AppIdSession&, snort::Packet*);
 };
 
 class SmtpServiceDetector : public ServiceDetector

diff --git a/src/network_inspectors/appid/detector_plugins/http_url_patterns.cc b/src/network_inspectors/appid/detector_plugins/http_url_patterns.cc
index d2255bd08d69535594fb0ef22a2507b03c1bb221..c24910f5f035988625ec233b4361390baeeb8046 100644 (file)
--- a/src/network_inspectors/appid/detector_plugins/http_url_patterns.cc
+++ b/src/network_inspectors/appid/detector_plugins/http_url_patterns.cc
@@ -666,7 +666,7 @@ int HttpPatternMatchers::process_host_patterns(DetectorHTTPPatterns patterns)
 int HttpPatternMatchers::process_chp_list(CHPListElement* chplist)
 {
     for (size_t i = 0; i <= MAX_PATTERN_TYPE; i++)
-        chp_matchers[i] = new SearchTool("ac_full", true);
+        chp_matchers[i] = new snort::SearchTool("ac_full", true);
 
     for (CHPListElement* chpe = chplist; chpe; chpe = chpe->next)
         chp_matchers[chpe->chp_action.ptype]->add(chpe->chp_action.pattern,
@@ -705,9 +705,9 @@ static FieldPattern http_field_patterns[] =
     { (const uint8_t*)HTTP_FIELD_PREFIX_USER_AGENT, REQ_AGENT_FID, HTTP_FIELD_PREFIX_USER_AGENT_SIZE },
 };
 
-static SearchTool* process_http_field_patterns(FieldPattern* patternList, size_t patternListCount)
+static snort::SearchTool* process_http_field_patterns(FieldPattern* patternList, size_t patternListCount)
 {
-    SearchTool* patternMatcher = new SearchTool("ac_full", true);
+    snort::SearchTool* patternMatcher = new snort::SearchTool("ac_full", true);
 
     for (size_t i=0; i < patternListCount; i++)
         patternMatcher->add( (const char*)patternList[i].data, patternList[i].length,
@@ -717,7 +717,7 @@ static SearchTool* process_http_field_patterns(FieldPattern* patternList, size_t
     return patternMatcher;
 }
 
-static void process_patterns(SearchTool& matcher, DetectorHTTPPatterns& patterns, bool last = true)
+static void process_patterns(snort::SearchTool& matcher, DetectorHTTPPatterns& patterns, bool last = true)
 {
     for (auto& pat: patterns)
         matcher.add(pat.pattern, pat.pattern_size, &pat, false);
@@ -776,7 +776,7 @@ static int http_field_pattern_match(void* id, void*, int match_end_pos, void* da
 }
 
 //  FIXIT-M: Is this still necessary now that we use inspection events?
-void HttpPatternMatchers::get_http_offsets(Packet* pkt, AppIdHttpSession* hsession)
+void HttpPatternMatchers::get_http_offsets(snort::Packet* pkt, AppIdHttpSession* hsession)
 {
     constexpr auto MIN_HTTP_REQ_HEADER_SIZE = (sizeof("GET /\r\n\r\n") - 1);
     static const uint8_t crlfcrlf[] = "\r\n\r\n";
@@ -1702,7 +1702,7 @@ bool HttpPatternMatchers::get_appid_from_url(char* host, const char* url, char**
 }
 
 void HttpPatternMatchers::get_server_vendor_version(const char* data, int len, char** version,
-    char** vendor, AppIdServiceSubtype** subtype)
+    char** vendor, snort::AppIdServiceSubtype** subtype)
 {
     int vendor_len = len;
 
@@ -1741,8 +1741,8 @@ void HttpPatternMatchers::get_server_vendor_version(const char* data, int len, c
                 {
                     if ( subname && subname_len > 0 && subver && *subname )
                     {
-                        AppIdServiceSubtype* sub =
-                            (AppIdServiceSubtype*)snort_calloc(sizeof(AppIdServiceSubtype));
+                        snort::AppIdServiceSubtype* sub =
+                            (snort::AppIdServiceSubtype*)snort_calloc(sizeof(snort::AppIdServiceSubtype));
                         char* tmp = (char*)snort_calloc(subname_len + 1);
                         memcpy(tmp, subname, subname_len);
                         tmp[subname_len] = 0;
@@ -1774,8 +1774,8 @@ void HttpPatternMatchers::get_server_vendor_version(const char* data, int len, c
 
         if ( subname && subname_len > 0 && subver && *subname )
         {
-            AppIdServiceSubtype* sub =
-                (AppIdServiceSubtype*)snort_calloc(sizeof(AppIdServiceSubtype));
+            snort::AppIdServiceSubtype* sub =
+                (snort::AppIdServiceSubtype*)snort_calloc(sizeof(snort::AppIdServiceSubtype));
             char* tmp = (char*)snort_calloc(subname_len + 1);
             memcpy(tmp, subname, subname_len);
             tmp[subname_len] = 0;

diff --git a/src/network_inspectors/appid/detector_plugins/http_url_patterns.h b/src/network_inspectors/appid/detector_plugins/http_url_patterns.h
index 3db813dd584c2f28f2708e9acc428862d6482650..eecf8fb4d042f67713f6c6621b9afd1de68f5083 100644 (file)
--- a/src/network_inspectors/appid/detector_plugins/http_url_patterns.h
+++ b/src/network_inspectors/appid/detector_plugins/http_url_patterns.h
@@ -34,8 +34,11 @@
 #include "appid_utils/sf_multi_mpse.h"
 #include "appid_utils/sf_mlmp.h"
 
-struct Packet;
+namespace snort
+{
 struct AppIdServiceSubtype;
+struct Packet;
+}
 class AppIdHttpSession;
 class AppIdModuleConfig;
 
@@ -323,9 +326,9 @@ public:
     bool get_appid_from_url(char*, const char*, char**, const char*, AppId*, AppId*,
         AppId*, AppId*, bool);
     AppId get_appid_by_content_type(const char*, int);
-    void get_server_vendor_version(const char*, int, char**, char**, AppIdServiceSubtype**);
+    void get_server_vendor_version(const char*, int, char**, char**, snort::AppIdServiceSubtype**);
     void identify_user_agent(const char*, int, AppId&, AppId&, char**);
-    void get_http_offsets(Packet*, AppIdHttpSession*);
+    void get_http_offsets(snort::Packet*, AppIdHttpSession*);
     uint32_t parse_multiple_http_patterns(const char* pattern, tMlmpPattern*,
         uint32_t numPartLimit, int level);
 
@@ -339,12 +342,12 @@ private:
     std::vector<HostUrlDetectorPattern*> host_url_patterns;
     CHPListElement* chpList = nullptr;
 
-    SearchTool url_matcher;
-    SearchTool client_agent_matcher;
-    SearchTool via_matcher;
-    SearchTool content_type_matcher;
-    SearchTool* field_matcher = nullptr;
-    SearchTool* chp_matchers[MAX_PATTERN_TYPE + 1] = { nullptr };
+    snort::SearchTool url_matcher;
+    snort::SearchTool client_agent_matcher;
+    snort::SearchTool via_matcher;
+    snort::SearchTool content_type_matcher;
+    snort::SearchTool* field_matcher = nullptr;
+    snort::SearchTool* chp_matchers[MAX_PATTERN_TYPE + 1] = { nullptr };
     tMlmpTree* host_url_matcher = nullptr;
     tMlmpTree* rtmp_host_url_matcher = nullptr;
 

diff --git a/src/network_inspectors/appid/detector_plugins/test/detector_plugins_mock.h b/src/network_inspectors/appid/detector_plugins/test/detector_plugins_mock.h
index a0fbb0adaad675741665535393f3b8e65df4ae60..808f3a9cca52ba7a830fb9bd8404e58a88dd75b4 100644 (file)
--- a/src/network_inspectors/appid/detector_plugins/test/detector_plugins_mock.h
+++ b/src/network_inspectors/appid/detector_plugins/test/detector_plugins_mock.h
@@ -29,25 +29,27 @@ void ParseWarning(WarningGroup, const char*, ...) {}
 void Debug::print(const char*, int, uint64_t, const char*, ...) {}
 #endif
 
+namespace snort
+{
 // Stubs for packet
 Packet::Packet(bool) { }
 Packet::~Packet() { }
 
-// Stubs for inspectors
-unsigned AppIdSession::inspector_id = 0;
 Inspector::Inspector() {}
 Inspector::~Inspector() {}
 bool Inspector::likes(Packet*) { return true; }
 bool Inspector::get_buf(const char*, Packet*, InspectionBuffer&) { return true; }
 class StreamSplitter* Inspector::get_splitter(bool) { return nullptr; }
-class AppIdInspector : public Inspector
+}
+
+class AppIdInspector : public snort::Inspector
 {
 public:
     AppIdInspector(AppIdModule& ) {}
     ~AppIdInspector() {}
     void eval(Packet*) {}
-    bool configure(SnortConfig*) { return true; }
-    void show(SnortConfig*) {}
+    bool configure(snort::SnortConfig*) { return true; }
+    void show(snort::SnortConfig*) {}
     void tinit() {}
     void tterm() {}
 };
@@ -58,15 +60,15 @@ AppIdModuleConfig::~AppIdModuleConfig() {}
 AppIdModule::AppIdModule()
     : Module("a", "b") {}
 AppIdModule::~AppIdModule() {}
-bool AppIdModule::begin(const char*, int, SnortConfig*)
+bool AppIdModule::begin(const char*, int, snort::SnortConfig*)
 {
     return false;
 }
-bool AppIdModule::set(const char*, Value&, SnortConfig*)
+bool AppIdModule::set(const char*, snort::Value&, snort::SnortConfig*)
 {
     return false;
 }
-bool AppIdModule::end(const char*, int, SnortConfig*)
+bool AppIdModule::end(const char*, int, snort::SnortConfig*)
 {
     return false;
 }
@@ -78,7 +80,8 @@ PegCount* AppIdModule::get_counts() const
 {
     return nullptr;
 }
-ProfileStats* AppIdModule::get_profile() const
+
+snort::ProfileStats* AppIdModule::get_profile() const
 {
     return nullptr;
 }
@@ -87,10 +90,13 @@ void show_stats(PegCount*, const PegInfo*, IndexVec&, const char*) {}
 void show_stats(PegCount*, const PegInfo*, IndexVec&, const char*, FILE*) {}
 
 // Stubs for appid sessions
-FlowData::FlowData(unsigned, Inspector*) {}
-FlowData::~FlowData() = default;
+snort::FlowData::FlowData(unsigned, Inspector*) {}
+snort::FlowData::~FlowData() = default;
+
+// Stubs for inspectors
+unsigned AppIdSession::inspector_id = 0;
 AppIdSession::AppIdSession(IpProtocol, const SfIp*, uint16_t, AppIdInspector& inspector)
-    : FlowData(inspector_id, (Inspector*)&inspector), inspector(inspector) {}
+    : snort::FlowData(inspector_id, (snort::Inspector*)&inspector), inspector(inspector) {}
 AppIdSession::~AppIdSession() {}
 AppIdHttpSession::AppIdHttpSession(AppIdSession& session)
     : asd(session) {}
@@ -107,6 +113,8 @@ PegCount AppIdPegCounts::get_disco_peg(enum DiscoveryPegs)
     return 0;
 }
 
+namespace snort
+{
 // Stubs for search_tool.cc
 SearchTool::SearchTool(const char*, bool) {}
 SearchTool::~SearchTool() {}
@@ -125,6 +133,7 @@ int SearchTool::find_all(const char*, unsigned, MpseMatch, bool, void* mp_arg)
         memcpy(mp_arg, &mock_mp, sizeof(MatchedPatterns*));
     return 0;
 }
+}
 
 // Stubs for appid_session.cc
 static bool test_service_strstr_enabled = false;

diff --git a/src/network_inspectors/appid/host_port_app_cache.cc b/src/network_inspectors/appid/host_port_app_cache.cc
index 921a3171d9c38dd510329ed8b0ca518248806821..da1f69dfacb0fd0158495ac04867287458051817 100644 (file)
--- a/src/network_inspectors/appid/host_port_app_cache.cc
+++ b/src/network_inspectors/appid/host_port_app_cache.cc
@@ -28,8 +28,12 @@
 #include <map>
 
 #include "log/messages.h"
+#include "main/thread.h"
+#include "sfip/sf_ip.h"
 #include "utils/cpp_macros.h"
 
+using namespace snort;
+
 PADDING_GUARD_BEGIN
 struct HostPortKey
 {

diff --git a/src/network_inspectors/appid/host_port_app_cache.h b/src/network_inspectors/appid/host_port_app_cache.h
index e3ddd83d97eaa53fa3ec86922f4f0386665df922..7e541db053b5a5de2131df6c52d029aa069fac1d 100644 (file)
--- a/src/network_inspectors/appid/host_port_app_cache.h
+++ b/src/network_inspectors/appid/host_port_app_cache.h
@@ -22,7 +22,13 @@
 #ifndef HOST_PORT_APP_CACHE_H
 #define HOST_PORT_APP_CACHE_H
 
-#include "appid_api.h"
+#include "application_ids.h"
+#include "protocols/protocol_ids.h"
+
+namespace snort
+{
+struct SfIp;
+}
 
 struct HostPortVal
 {
@@ -35,8 +41,8 @@ class HostPortCache
 public:
     static void initialize();
     static void terminate();
-    static HostPortVal* find(const SfIp*, uint16_t port, IpProtocol);
-    static bool add(const SfIp*, uint16_t port, IpProtocol, unsigned type, AppId);
+    static HostPortVal* find(const snort::SfIp*, uint16_t port, IpProtocol);
+    static bool add(const snort::SfIp*, uint16_t port, IpProtocol, unsigned type, AppId);
     static void dump();
 };
 

diff --git a/src/network_inspectors/appid/ips_appid_option.cc b/src/network_inspectors/appid/ips_appid_option.cc
index f5b5b9053ada84856bd5817e8e77e502c24b5e1a..40a9659612e8b7d5e9c7861541b8e5dcdeefbf7c 100644 (file)
--- a/src/network_inspectors/appid/ips_appid_option.cc
+++ b/src/network_inspectors/appid/ips_appid_option.cc
@@ -33,6 +33,8 @@
 #include "protocols/packet.h"
 #include "utils/util.h"
 
+using namespace snort;
+
 //-------------------------------------------------------------------------
 // appid option
 //-------------------------------------------------------------------------

diff --git a/src/network_inspectors/appid/lua_detector_api.cc b/src/network_inspectors/appid/lua_detector_api.cc
index 679fd97eafc06a7c70e457b9d713eaf14966d287..49a5c74d82ff19526129458cf8b5703ad583b89b 100644 (file)
--- a/src/network_inspectors/appid/lua_detector_api.cc
+++ b/src/network_inspectors/appid/lua_detector_api.cc
@@ -50,6 +50,8 @@
 #include "profiler/profiler.h"
 #include "protocols/packet.h"
 
+using namespace snort;
+
 #define OVECCOUNT 30    /* should be a multiple of 3 */
 
 enum LuaLogLevels

diff --git a/src/network_inspectors/appid/lua_detector_api.h b/src/network_inspectors/appid/lua_detector_api.h
index 18c4a2a22e3909801e203a29bdcd249acb13f905..f07cb07cfc55395bd7e79df07ebde980d34a23d3 100644 (file)
--- a/src/network_inspectors/appid/lua_detector_api.h
+++ b/src/network_inspectors/appid/lua_detector_api.h
@@ -30,7 +30,10 @@
 #include "client_plugins/client_detector.h"
 #include "service_plugins/service_detector.h"
 
+namespace snort
+{
 struct Packet;
+}
 struct lua_State;
 class AppIdSession;
 
@@ -62,7 +65,7 @@ struct LuaDetectorParameters
     uint16_t size = 0;
     int dir = 0;
     AppIdSession* asd;
-    Packet* pkt = nullptr;
+    snort::Packet* pkt = nullptr;
     uint8_t macAddress[6] = { 0 };
 };
 

diff --git a/src/network_inspectors/appid/lua_detector_flow_api.cc b/src/network_inspectors/appid/lua_detector_flow_api.cc
index 18baae924e5af84017b77c1f981aa8d42547caad..44e598a1257f6472529d6ffe6786c47c05664074 100644 (file)
--- a/src/network_inspectors/appid/lua_detector_flow_api.cc
+++ b/src/network_inspectors/appid/lua_detector_flow_api.cc
@@ -155,8 +155,8 @@ static inline uint64_t convert_flags_c_to_lua(uint64_t in)
  */
 static int create_detector_flow(lua_State* L)
 {
-    SfIp saddr;
-    SfIp daddr;
+    snort::SfIp saddr;
+    snort::SfIp daddr;
 
     AppIdDetector* ud = *UserData<AppIdDetector>::check(L, DETECTOR, 1);
     LuaStateDescriptor* lsd = ud->validate_lua_state(true);

diff --git a/src/network_inspectors/appid/service_plugins/service_bootp.cc b/src/network_inspectors/appid/service_plugins/service_bootp.cc
index 41804a32af45048aa0ed8c755a00642f25fde203..5f5a46353ff87070a925005a0aba8d69934bb2cf 100644 (file)
--- a/src/network_inspectors/appid/service_plugins/service_bootp.cc
+++ b/src/network_inspectors/appid/service_plugins/service_bootp.cc
@@ -32,6 +32,8 @@
 #include "protocols/eth.h"
 #include "protocols/packet.h"
 
+using namespace snort;
+
 #define DHCP_MAGIC_COOKIE 0x63825363
 #define DHCP_OPTION55_LEN_MAX 255
 

diff --git a/src/network_inspectors/appid/service_plugins/service_bootp.h b/src/network_inspectors/appid/service_plugins/service_bootp.h
index 4c66e3bc8bc6e2d19e4aeb8014d9e5b4e89e981f..2d3eb6b0d2e9808fe61d014620c960431be66b34 100644 (file)
--- a/src/network_inspectors/appid/service_plugins/service_bootp.h
+++ b/src/network_inspectors/appid/service_plugins/service_bootp.h
@@ -36,8 +36,8 @@ public:
     int validate(AppIdDiscoveryArgs&) override;
 
     // FIXIT-L - move to service discovery class
-    static void AppIdFreeDhcpData(DHCPData*);
-    static void AppIdFreeDhcpInfo(DHCPInfo*);
+    static void AppIdFreeDhcpData(snort::DHCPData*);
+    static void AppIdFreeDhcpInfo(snort::DHCPInfo*);
 
 private:
     int add_dhcp_info(AppIdSession&, unsigned op55_len, const uint8_t* op55, unsigned

diff --git a/src/network_inspectors/appid/service_plugins/service_detector.cc b/src/network_inspectors/appid/service_plugins/service_detector.cc
index b4e2bba9ee0eeb551d02310e1fdaa25db3f089fd..b5cdbc9d90e05edd9825d88459227924b3165e43 100644 (file)
--- a/src/network_inspectors/appid/service_plugins/service_detector.cc
+++ b/src/network_inspectors/appid/service_plugins/service_detector.cc
@@ -35,6 +35,8 @@
 #include "log/messages.h"
 #include "sfip/sf_ip.h"
 
+using namespace snort;
+
 static THREAD_LOCAL unsigned service_module_index = 0;
 
 ServiceDetector::ServiceDetector()

diff --git a/src/network_inspectors/appid/service_plugins/service_detector.h b/src/network_inspectors/appid/service_plugins/service_detector.h
index c8c45ca2f30861aa2a463cf4f0d574cff44b3fdc..93733181e5105dac6c78148a760c7eba742734e1 100644 (file)
--- a/src/network_inspectors/appid/service_plugins/service_detector.h
+++ b/src/network_inspectors/appid/service_plugins/service_detector.h
@@ -34,13 +34,13 @@ public:
 
     void do_custom_init() override { }
     void register_appid(AppId, unsigned extractsInfo) override;
-    int service_inprocess(AppIdSession&, const Packet*, int dir);
-    int add_service(AppIdSession&, const Packet*, int dir, AppId, const char* vendor = nullptr,
-        const char* version = nullptr, const AppIdServiceSubtype* = nullptr);
-    int add_service_consume_subtype(AppIdSession&, const Packet*, int dir, AppId,
-        const char* vendor, const char* version, AppIdServiceSubtype*);
-    int incompatible_data(AppIdSession&, const Packet*, int dir);
-    int fail_service(AppIdSession&, const Packet*, int dir);
+    int service_inprocess(AppIdSession&, const snort::Packet*, int dir);
+    int add_service(AppIdSession&, const snort::Packet*, int dir, AppId, const char* vendor = nullptr,
+        const char* version = nullptr, const snort::AppIdServiceSubtype* = nullptr);
+    int add_service_consume_subtype(AppIdSession&, const snort::Packet*, int dir, AppId,
+        const char* vendor, const char* version, snort::AppIdServiceSubtype*);
+    int incompatible_data(AppIdSession&, const snort::Packet*, int dir);
+    int fail_service(AppIdSession&, const snort::Packet*, int dir);
 
     void add_host_info(AppIdSession&, SERVICE_HOST_INFO_CODE, const void*)
     {
@@ -55,7 +55,7 @@ public:
     void initialize_expected_session(AppIdSession&, AppIdSession&, uint64_t flags, APPID_SESSION_DIRECTION dir);
 
 private:
-    int update_service_data(AppIdSession&, const Packet*, int dir, AppId, const char* vendor,
+    int update_service_data(AppIdSession&, const snort::Packet*, int dir, AppId, const char* vendor,
         const char* version);
 };
 #endif

diff --git a/src/network_inspectors/appid/service_plugins/service_direct_connect.cc b/src/network_inspectors/appid/service_plugins/service_direct_connect.cc
index fb87f2738c4b060175c177926df39959853eb1dc..ae1f46adf13c4aeb2bbc0c81f45c944bf95d0f97 100644 (file)
--- a/src/network_inspectors/appid/service_plugins/service_direct_connect.cc
+++ b/src/network_inspectors/appid/service_plugins/service_direct_connect.cc
@@ -25,6 +25,8 @@
 
 #include "service_direct_connect.h"
 
+using namespace snort;
+
 enum CONNECTION_STATES
 {
     CONN_STATE_INIT,

diff --git a/src/network_inspectors/appid/service_plugins/service_direct_connect.h b/src/network_inspectors/appid/service_plugins/service_direct_connect.h
index 3f0ea80b609fbeea91eed375697d77a96cefe756..9f060a2e6ebb772686374e5b3230120a512bc616 100644 (file)
--- a/src/network_inspectors/appid/service_plugins/service_direct_connect.h
+++ b/src/network_inspectors/appid/service_plugins/service_direct_connect.h
@@ -37,9 +37,9 @@ public:
 
 private:
     int tcp_validate(const uint8_t* data, uint16_t size, const int dir, AppIdSession&,
-        const Packet*, ServiceData*);
+        const snort::Packet*, ServiceData*);
     int udp_validate(const uint8_t* data, uint16_t size, const int dir, AppIdSession&,
-        const Packet*, ServiceData*);
+        const snort::Packet*, ServiceData*);
 };
 
 #endif

diff --git a/src/network_inspectors/appid/service_plugins/service_discovery.cc b/src/network_inspectors/appid/service_plugins/service_discovery.cc
index 3600db7925ae4b155e62cff6c7d9bf8086c6ef6f..6a44b606d4270333e5c957785942a3e5e5e7edca 100644 (file)
--- a/src/network_inspectors/appid/service_plugins/service_discovery.cc
+++ b/src/network_inspectors/appid/service_plugins/service_discovery.cc
@@ -81,6 +81,8 @@
 #include "service_regtest.h"
 #endif
 
+using namespace snort;
+
 static THREAD_LOCAL ServiceDetector* ftp_service = nullptr;
 
 ProfileStats serviceMatchPerfStats;

diff --git a/src/network_inspectors/appid/service_plugins/service_discovery.h b/src/network_inspectors/appid/service_plugins/service_discovery.h
index 6a6270d652970df62ee45b8b7b6294416c6cfcdf..b62d3c4df41c3aec578c19bd4100a1f7723fb5cf 100644 (file)
--- a/src/network_inspectors/appid/service_plugins/service_discovery.h
+++ b/src/network_inspectors/appid/service_plugins/service_discovery.h
@@ -36,6 +36,11 @@ class AppIdSession;
 class ServiceDetector;
 class ServiceDiscoveryState;
 
+namespace snort
+{
+struct Packet;
+}
+
 #define STATE_ID_INCONCLUSIVE_SERVICE_WEIGHT 3
 #define STATE_ID_INVALID_CLIENT_THRESHOLD    9
 #define STATE_ID_NEEDED_DUPE_DETRACT_COUNT   3
@@ -70,18 +75,18 @@ public:
     ServiceDetector* get_next_tcp_detector(AppIdDetectorsIterator&);
     ServiceDetector* get_next_udp_detector(AppIdDetectorsIterator&);
 
-    bool do_service_discovery(AppIdSession&, Packet*, int);
-    int identify_service(AppIdSession&, Packet*, int dir);
-    int fail_service(AppIdSession&, const Packet*, int dir, ServiceDetector*);
-    int incompatible_data(AppIdSession&, const Packet*, int dir, ServiceDetector*);
+    bool do_service_discovery(AppIdSession&, snort::Packet*, int);
+    int identify_service(AppIdSession&, snort::Packet*, int dir);
+    int fail_service(AppIdSession&, const snort::Packet*, int dir, ServiceDetector*);
+    int incompatible_data(AppIdSession&, const snort::Packet*, int dir, ServiceDetector*);
     static int add_ftp_service_state(AppIdSession&);
 
 private:
     ServiceDiscovery(AppIdInspector& ins);
     void initialize() override;
-    void get_next_service(const Packet*, const int dir, AppIdSession&, ServiceDiscoveryState*);
+    void get_next_service(const snort::Packet*, const int dir, AppIdSession&, ServiceDiscoveryState*);
     void get_port_based_services(IpProtocol, uint16_t port, AppIdSession&);
-    void match_by_pattern(AppIdSession&, const Packet*, IpProtocol);
+    void match_by_pattern(AppIdSession&, const snort::Packet*, IpProtocol);
 
     std::map<uint16_t, std::vector<ServiceDetector*> > tcp_services;
     std::map<uint16_t, std::vector<ServiceDetector*> > udp_services;

diff --git a/src/network_inspectors/appid/service_plugins/service_ftp.cc b/src/network_inspectors/appid/service_plugins/service_ftp.cc
index c87cec5b5f437a4ae177488e00284fcb66a22c7c..427261d708fa4551f8af5c0ed04df761093063b7 100644 (file)
--- a/src/network_inspectors/appid/service_plugins/service_ftp.cc
+++ b/src/network_inspectors/appid/service_plugins/service_ftp.cc
@@ -29,6 +29,8 @@
 #include "app_info_table.h"
 #include "protocols/packet.h"
 
+using namespace snort;
+
 #define FTP_PORT    21
 
 enum FTPState

diff --git a/src/network_inspectors/appid/service_plugins/service_ftp.h b/src/network_inspectors/appid/service_plugins/service_ftp.h
index fcc54b52486febc5858e762145bb8511e3e3d5b2..5438a8605df008140d9db04e89018b4956670927 100644 (file)
--- a/src/network_inspectors/appid/service_plugins/service_ftp.h
+++ b/src/network_inspectors/appid/service_plugins/service_ftp.h
@@ -34,9 +34,9 @@ public:
     int validate(AppIdDiscoveryArgs&) override;
 
 private:
-    void create_expected_session(AppIdSession& asd,const Packet* pkt, const SfIp* cliIp,
-        uint16_t cliPort, const SfIp* srvIp, uint16_t srvPort, IpProtocol proto,
-        int flags, APPID_SESSION_DIRECTION dir);
+    void create_expected_session(AppIdSession& asd,const snort::Packet* pkt,
+        const snort::SfIp* cliIp, uint16_t cliPort, const snort::SfIp* srvIp, uint16_t srvPort,
+        IpProtocol proto, int flags, APPID_SESSION_DIRECTION dir);
 
     int16_t ftp_data_app_id = 0;
 };

diff --git a/src/network_inspectors/appid/service_plugins/service_mdns.cc b/src/network_inspectors/appid/service_plugins/service_mdns.cc
index 3a6c8bbbfcd3d561399303b7b9fc1c72dd0b6ca5..0e83ce9dda16b91b96b46d266686965c613d4201 100644 (file)
--- a/src/network_inspectors/appid/service_plugins/service_mdns.cc
+++ b/src/network_inspectors/appid/service_plugins/service_mdns.cc
@@ -30,6 +30,8 @@
 #include "protocols/packet.h"
 #include "search_engines/search_tool.h"
 
+using namespace snort;
+
 #define MDNS_PORT   5353
 #define PATTERN_REFERENCE_PTR   3
 #define PATTERN_STR_LOCAL_1           "\005local"
@@ -104,7 +106,7 @@ MdnsServiceDetector::MdnsServiceDetector(ServiceDiscovery* sd)
         { 5353, IpProtocol::UDP, false },
     };
 
-    matcher = new SearchTool("ac_full", true);
+    matcher = new snort::SearchTool("ac_full", true);
     for (unsigned i = 0; i < sizeof(patterns) / sizeof(*patterns); i++)
         matcher->add((const char*)patterns[i].pattern, patterns[i].length, &patterns[i]);
     matcher->prep();

diff --git a/src/network_inspectors/appid/service_plugins/service_mdns.h b/src/network_inspectors/appid/service_plugins/service_mdns.h
index bf20209369c28ff9c461ff1ce76204433381464f..64ba52a0c777ba9003115c50c64cf8383874947a 100644 (file)
--- a/src/network_inspectors/appid/service_plugins/service_mdns.h
+++ b/src/network_inspectors/appid/service_plugins/service_mdns.h
@@ -24,7 +24,10 @@
 
 #include "service_detector.h"
 
+namespace snort
+{
 class SearchTool;
+}
 class ServiceDiscovery;
 struct MatchedPatterns;
 
@@ -43,11 +46,11 @@ private:
     void destroy_match_list();
     void destory_matcher();
     int validate_reply(const uint8_t* data, uint16_t size);
-    int analyze_user(AppIdSession&, const Packet*, uint16_t size);
+    int analyze_user(AppIdSession&, const snort::Packet*, uint16_t size);
     int reference_pointer(const char* start_ptr, const char** resp_endptr, int* start_index,
         uint16_t data_size, uint8_t* user_name_len, unsigned size);
 
-    SearchTool* matcher = nullptr;
+    snort::SearchTool* matcher = nullptr;
     MatchedPatterns* patternList= nullptr;
 };
 #endif

diff --git a/src/network_inspectors/appid/service_plugins/service_netbios.cc b/src/network_inspectors/appid/service_plugins/service_netbios.cc
index d351c1f878b20c0e6f71f66b9688c200986d8e2c..6624f028e3623ad8ecae2330a85d7c8c80deafd6 100644 (file)
--- a/src/network_inspectors/appid/service_plugins/service_netbios.cc
+++ b/src/network_inspectors/appid/service_plugins/service_netbios.cc
@@ -29,6 +29,8 @@
 #include "dcerpc.h"
 #include "protocols/packet.h"
 
+using namespace snort;
+
 #define NBSS_PORT   139
 
 #define NBNS_NB 32

diff --git a/src/network_inspectors/appid/service_plugins/service_netbios.h b/src/network_inspectors/appid/service_plugins/service_netbios.h
index 41e325782af9902deac0dedd84902b9b5f5b3f98..bfc4beba9d092c6252a010be15b154be01d992a1 100644 (file)
--- a/src/network_inspectors/appid/service_plugins/service_netbios.h
+++ b/src/network_inspectors/appid/service_plugins/service_netbios.h
@@ -51,7 +51,7 @@ public:
 
     int validate(AppIdDiscoveryArgs&) override;
 
-    static void AppIdFreeSMBData(FpSMBData*);
+    static void AppIdFreeSMBData(snort::FpSMBData*);
 
 private:
     void add_smb_info(AppIdSession&, unsigned major, unsigned minor, uint32_t flags);

diff --git a/src/network_inspectors/appid/service_plugins/service_rexec.cc b/src/network_inspectors/appid/service_plugins/service_rexec.cc
index 76ea9fab8ee0cb5b84653b88c262ac4e3acb4e99..a74fa5d9561137f1c57a94047811456eb742d285 100644 (file)
--- a/src/network_inspectors/appid/service_plugins/service_rexec.cc
+++ b/src/network_inspectors/appid/service_plugins/service_rexec.cc
@@ -137,8 +137,8 @@ int RexecServiceDetector::validate(AppIdDiscoveryArgs& args)
             goto bail;
         if (port && args.pkt)
         {
-            const SfIp* sip;
-            const SfIp* dip;
+            const snort::SfIp* sip;
+            const snort::SfIp* dip;
 
             dip = args.pkt->ptrs.ip_api.get_dst();
             sip = args.pkt->ptrs.ip_api.get_src();

diff --git a/src/network_inspectors/appid/service_plugins/service_rpc.cc b/src/network_inspectors/appid/service_plugins/service_rpc.cc
index 26d3a05df422f6da09e374aedc20a6c8b4625ef1..be63786bd17ef3ba2c4c241671da528cf0ffd55d 100644 (file)
--- a/src/network_inspectors/appid/service_plugins/service_rpc.cc
+++ b/src/network_inspectors/appid/service_plugins/service_rpc.cc
@@ -38,6 +38,8 @@
 #include "log/messages.h"
 #include "protocols/packet.h"
 
+using namespace snort;
+
 /*#define APPID_DEBUG_RPC   1 */
 
 enum RPCState

diff --git a/src/network_inspectors/appid/service_plugins/service_rpc.h b/src/network_inspectors/appid/service_plugins/service_rpc.h
index d303f665984d8aa8bd928a7edb8de03d334557b0..aa1374cf0c5e613fd4103545e5012bdc4e5b977b 100644 (file)
--- a/src/network_inspectors/appid/service_plugins/service_rpc.h
+++ b/src/network_inspectors/appid/service_plugins/service_rpc.h
@@ -40,7 +40,7 @@ private:
     int rpc_udp_validate(AppIdDiscoveryArgs&);
     int rpc_tcp_validate(AppIdDiscoveryArgs&);
     int validate_packet(const uint8_t* data, uint16_t size, int dir, AppIdSession&,
-        Packet*, ServiceRPCData*, const char** pname, uint32_t* program);
+        snort::Packet*, ServiceRPCData*, const char** pname, uint32_t* program);
     int16_t app_id = 0;
 };
 #endif

diff --git a/src/network_inspectors/appid/service_plugins/service_rshell.cc b/src/network_inspectors/appid/service_plugins/service_rshell.cc
index 93fbf5a25bf7313d66800c49920bae0fdf066bc8..427fc3f40e81503bba8acc5d5ac5cee6c14e5fd3 100644 (file)
--- a/src/network_inspectors/appid/service_plugins/service_rshell.cc
+++ b/src/network_inspectors/appid/service_plugins/service_rshell.cc
@@ -139,8 +139,8 @@ int RshellServiceDetector::validate(AppIdDiscoveryArgs& args)
                 sizeof(ServiceRSHELLData));
             tmp_rd->state = RSHELL_STATE_STDERR_CONNECT_SYN;
             tmp_rd->parent = rd;
-            const SfIp* dip = args.pkt->ptrs.ip_api.get_dst();
-            const SfIp* sip = args.pkt->ptrs.ip_api.get_src();
+            const snort::SfIp* dip = args.pkt->ptrs.ip_api.get_dst();
+            const snort::SfIp* sip = args.pkt->ptrs.ip_api.get_src();
             AppIdSession* pf = AppIdSession::create_future_session(args.pkt, dip, 0, sip,
                 (uint16_t)port, IpProtocol::TCP, app_id, APPID_EARLY_SESSION_FLAG_FW_RULE,
                 handler->get_inspector());

diff --git a/src/network_inspectors/appid/service_plugins/service_snmp.cc b/src/network_inspectors/appid/service_plugins/service_snmp.cc
index 6b195d504d141d8361b63e79ddd3dbc563e268a4..b5dc88e7f458c72852daf6c37d7c87360c3757a6 100644 (file)
--- a/src/network_inspectors/appid/service_plugins/service_snmp.cc
+++ b/src/network_inspectors/appid/service_plugins/service_snmp.cc
@@ -474,8 +474,8 @@ int SnmpServiceDetector::validate(AppIdDiscoveryArgs& args)
         sd->state = SNMP_STATE_RESPONSE;
 
         /*adding expected connection in case the server doesn't send from 161*/
-        const SfIp* dip = args.pkt->ptrs.ip_api.get_dst();
-        const SfIp* sip = args.pkt->ptrs.ip_api.get_src();
+        const snort::SfIp* dip = args.pkt->ptrs.ip_api.get_dst();
+        const snort::SfIp* sip = args.pkt->ptrs.ip_api.get_src();
         AppIdSession* pf = AppIdSession::create_future_session(args.pkt, dip, 0, sip,
             args.pkt->ptrs.sp, args.asd.protocol, app_id, 0, handler->get_inspector());
         if (pf)

diff --git a/src/network_inspectors/appid/service_plugins/service_ssl.cc b/src/network_inspectors/appid/service_plugins/service_ssl.cc
index 439e0c29900346868e1f8f26529ed70880da9a06..62603364a08308516d1fe8db74bc471304ff294c 100644 (file)
--- a/src/network_inspectors/appid/service_plugins/service_ssl.cc
+++ b/src/network_inspectors/appid/service_plugins/service_ssl.cc
@@ -31,6 +31,8 @@
 #include "app_info_table.h"
 #include "protocols/packet.h"
 
+using namespace snort;
+
 #define SSL_PORT    443
 
 enum SSLContentType
@@ -1125,13 +1127,13 @@ void ssl_detector_free_patterns()
     ssl_patterns_free(&service_ssl_config.DetectorSSLCnamePatternList);
 }
 
-bool setSSLSquelch(Packet* p, int type, AppId appId, AppIdInspector& inspector)
+bool setSSLSquelch(snort::Packet* p, int type, AppId appId, AppIdInspector& inspector)
 {
     if (!AppInfoManager::get_instance().get_app_info_flags(appId, APPINFO_FLAG_SSL_SQUELCH))
         return false;
 
-    const SfIp* dip = p->ptrs.ip_api.get_dst();
-    const SfIp* sip = p->ptrs.ip_api.get_src();
+    const snort::SfIp* dip = p->ptrs.ip_api.get_dst();
+    const snort::SfIp* sip = p->ptrs.ip_api.get_src();
     AppIdSession* asd = AppIdSession::create_future_session(p, sip, 0, dip, p->ptrs.dp, IpProtocol::TCP,
         appId, 0, inspector);
     if ( asd )

diff --git a/src/network_inspectors/appid/service_plugins/service_ssl.h b/src/network_inspectors/appid/service_plugins/service_ssl.h
index a733525001bbd2fa0a22d1066c967a10981df8b7..2163e397ea2a1db2bf15c2d46dd7b0a5f35bf355 100644 (file)
--- a/src/network_inspectors/appid/service_plugins/service_ssl.h
+++ b/src/network_inspectors/appid/service_plugins/service_ssl.h
@@ -43,7 +43,7 @@ int ssl_scan_cname(const uint8_t*, size_t, AppId*, AppId*);
 int ssl_add_cert_pattern(uint8_t*, size_t, uint8_t, AppId);
 int ssl_add_cname_pattern(uint8_t*, size_t, uint8_t, AppId);
 void ssl_detector_free_patterns();
-bool setSSLSquelch(Packet*, int type, AppId, AppIdInspector& inspector);
+bool setSSLSquelch(snort::Packet*, int type, AppId, AppIdInspector& inspector);
 
 #endif
 

diff --git a/src/network_inspectors/appid/service_plugins/service_tftp.cc b/src/network_inspectors/appid/service_plugins/service_tftp.cc
index 2a0155d8d424e8415ccad0e2d4055dca010f1442..214c540f9d8ce55a31b1ae6a647698e501e3a9c2 100644 (file)
--- a/src/network_inspectors/appid/service_plugins/service_tftp.cc
+++ b/src/network_inspectors/appid/service_plugins/service_tftp.cc
@@ -125,8 +125,8 @@ int TftpServiceDetector::validate(AppIdDiscoveryArgs& args)
     int mode = 0;
     uint16_t block = 0;
     uint16_t tmp = 0;
-    const SfIp* sip = nullptr;
-    const SfIp* dip = nullptr;
+    const snort::SfIp* sip = nullptr;
+    const snort::SfIp* dip = nullptr;
     AppIdSession* pf = nullptr;
     const uint8_t* data = args.data;
     uint16_t size = args.size;

diff --git a/src/network_inspectors/appid/service_state.cc b/src/network_inspectors/appid/service_state.cc
index 13d99a092161e3daf833819ceaf64816d1890c57..437654fd2be900efd96cd913c1f0520a2950c876 100644 (file)
--- a/src/network_inspectors/appid/service_state.cc
+++ b/src/network_inspectors/appid/service_state.cc
@@ -33,6 +33,8 @@
 #include "time/packet_time.h"
 #include "utils/util.h"
 
+using namespace snort;
+
 ServiceDiscoveryState::ServiceDiscoveryState()
 {
     state = SERVICE_ID_STATE::SEARCHING_PORT_PATTERN;

diff --git a/src/network_inspectors/appid/service_state.h b/src/network_inspectors/appid/service_state.h
index 1d68b40539cfb58d861dd43bba4f0c22d0d74c9e..0a4876350bf08fac6ff9e04f70feff634a62bc16 100644 (file)
--- a/src/network_inspectors/appid/service_state.h
+++ b/src/network_inspectors/appid/service_state.h
@@ -77,9 +77,9 @@ public:
     ~ServiceDiscoveryState();
     ServiceDetector* select_detector_by_brute_force(IpProtocol proto);
     void set_service_id_valid(ServiceDetector* sd);
-    void set_service_id_failed(AppIdSession& asd, const SfIp* client_ip,
+    void set_service_id_failed(AppIdSession& asd, const snort::SfIp* client_ip,
         unsigned invalid_delta = 0);
-    void update_service_incompatiable(const SfIp* ip);
+    void update_service_incompatiable(const snort::SfIp* ip);
 
     SERVICE_ID_STATE get_state() const
     {
@@ -117,7 +117,7 @@ private:
     AppIdDetectorList* brute_force_mgr = nullptr;
     unsigned valid_count = 0;
     unsigned detract_count = 0;
-    SfIp last_detract;
+    snort::SfIp last_detract;
 
     // consecutive incompatible flows - incompatible means client packet did not match.
     unsigned invalid_client_count = 0;
@@ -126,7 +126,7 @@ private:
      * different every time, then consecutive incompatible status indicate that flow is not using
      * specific service.
      */
-    SfIp last_invalid_client;
+    snort::SfIp last_invalid_client;
     time_t reset_time;
 };
 
@@ -135,10 +135,10 @@ class AppIdServiceState
 public:
     static void initialize();
     static void clean();
-    static ServiceDiscoveryState* add(const SfIp*, IpProtocol, uint16_t port, bool decrypted);
-    static ServiceDiscoveryState* get(const SfIp*, IpProtocol, uint16_t port, bool decrypted);
-    static void remove(const SfIp*, IpProtocol, uint16_t port, bool decrypted);
-    static void check_reset(AppIdSession& asd, const SfIp* ip, uint16_t port);
+    static ServiceDiscoveryState* add(const snort::SfIp*, IpProtocol, uint16_t port, bool decrypted);
+    static ServiceDiscoveryState* get(const snort::SfIp*, IpProtocol, uint16_t port, bool decrypted);
+    static void remove(const snort::SfIp*, IpProtocol, uint16_t port, bool decrypted);
+    static void check_reset(AppIdSession& asd, const snort::SfIp* ip, uint16_t port);
 
     static void dump_stats();
 };

diff --git a/src/network_inspectors/appid/test/appid_api_test.cc b/src/network_inspectors/appid/test/appid_api_test.cc
index d3c1f22b2b6e108a601e2345d61b41d96ce8286c..b458afc90f7a4aa7d66acb87e62e3912d8932695 100644 (file)
--- a/src/network_inspectors/appid/test/appid_api_test.cc
+++ b/src/network_inspectors/appid/test/appid_api_test.cc
@@ -41,6 +41,8 @@
 #include <CppUTest/CommandLineTestRunner.h>
 #include <CppUTest/TestHarness.h>
 
+using namespace snort;
+
 void BootpServiceDetector::AppIdFreeDhcpData(DHCPData* data)
 {
     delete data;

diff --git a/src/network_inspectors/appid/test/appid_http_event_test.cc b/src/network_inspectors/appid/test/appid_http_event_test.cc
index 5e569dfd761b885ee0e25ca2ff7c3b739a607968..1deab698763e3abe1a56bb9213884b0259c40b9a 100644 (file)
--- a/src/network_inspectors/appid/test/appid_http_event_test.cc
+++ b/src/network_inspectors/appid/test/appid_http_event_test.cc
@@ -40,7 +40,12 @@
 #include <CppUTest/TestHarness.h>
 #include <CppUTestExt/MockSupport.h>
 
+using namespace snort;
+
+namespace snort
+{
 AppIdApi appid_api;
+}
 
 const char* content_type = nullptr;
 const char* cookie = nullptr;

diff --git a/src/network_inspectors/appid/test/appid_mock_inspector.h b/src/network_inspectors/appid/test/appid_mock_inspector.h
index 01bb93978ae214b6bbb69cd665c5a02225563382..7fe730184e74a59c2321945261daebad9a2db296 100644 (file)
--- a/src/network_inspectors/appid/test/appid_mock_inspector.h
+++ b/src/network_inspectors/appid/test/appid_mock_inspector.h
@@ -21,6 +21,8 @@
 typedef uint64_t Trace;
 class Value;
 
+namespace snort
+{
 Inspector::Inspector()
 {
     set_api(nullptr);
@@ -30,6 +32,7 @@ Inspector::~Inspector() { }
 bool Inspector::likes(Packet*) { return true; }
 bool Inspector::get_buf(const char*, Packet*, InspectionBuffer&) { return true; }
 class StreamSplitter* Inspector::get_splitter(bool) { return nullptr; }
+}
 
 class AppIdModule
 {
@@ -39,14 +42,14 @@ public:
 
 };
 
-class AppIdInspector : public Inspector
+class AppIdInspector : public snort::Inspector
 {
 public:
     AppIdInspector(AppIdModule& ) { }
     ~AppIdInspector() { }
-    void eval(Packet*) { }
-    bool configure(SnortConfig*) { return true; }
-    void show(SnortConfig*) { }
+    void eval(snort::Packet*) { }
+    bool configure(snort::SnortConfig*) { return true; }
+    void show(snort::SnortConfig*) { }
     void tinit() { }
     void tterm() { }
 };

diff --git a/src/network_inspectors/appid/thirdparty_appid_api.h b/src/network_inspectors/appid/thirdparty_appid_api.h
index d43f79981618581e76551bd0a52e1a9292bc15f8..7fc804cdea47639406c4a627745d1d6d7662ec0e 100644 (file)
--- a/src/network_inspectors/appid/thirdparty_appid_api.h
+++ b/src/network_inspectors/appid/thirdparty_appid_api.h
@@ -25,7 +25,10 @@
 #include "application_ids.h"
 #include "thirdparty_appid_types.h"
 
+namespace snort
+{
 struct Packet;
+}
 
 #define THIRD_PARTY_APP_ID_API_VERSION 1
 
@@ -56,7 +59,7 @@ using ThirdPartyAppIDModReconfigure = int (*)(ThirdPartyConfig*);
 using ThirdPartyAppIDModFini = int (*)();
 using ThirdPartyAppIDSessionCreate = void*(*)();
 using ThirdPartyAppIDSessionDelete = int (*)(void* tpsession, int just_reset_state);
-using ThirdPartyAppIDSessionProcess = int (*)(void* tpsession, Packet*, int direction,                                  // in
+using ThirdPartyAppIDSessionProcess = int (*)(void* tpsession, snort::Packet*, int direction,                                  // in
     AppId*, int* confidence, AppId** proto_list, ThirdPartyAppIDAttributeData** attribute_data);
 using ThirdPartyAppIDPrintStats = int (*)();
 using ThirdPartyAppIDResetStats = int (*)();

diff --git a/src/network_inspectors/appid/thirdparty_appid_types.h b/src/network_inspectors/appid/thirdparty_appid_types.h
index 09ed7c68c1281defb7aadd64b19e23f84f7a0976..7b17009cb565e451e5597fa1ab124bb2214f2f6b 100644 (file)
--- a/src/network_inspectors/appid/thirdparty_appid_types.h
+++ b/src/network_inspectors/appid/thirdparty_appid_types.h
@@ -22,7 +22,7 @@
 #ifndef THIRDPARTY_APPID_TYPES_H
 #define THIRDPARTY_APPID_TYPES_H
 
-#define BUILD_NAVL_SUPPORT 1
+//#define BUILD_NAVL_SUPPORT 1
 
 #include <cstdint>
 

diff --git a/src/network_inspectors/appid/thirdparty_appid_utils.cc b/src/network_inspectors/appid/thirdparty_appid_utils.cc
index b995973fa84d2b2b204a6f46f5055899c5b4d064..1d97ce512a9902dbc79810ec65ca4984eb85a249 100644 (file)
--- a/src/network_inspectors/appid/thirdparty_appid_utils.cc
+++ b/src/network_inspectors/appid/thirdparty_appid_utils.cc
@@ -40,6 +40,8 @@
 #include "profiler/profiler.h"
 #include "stream/stream.h"
 
+using namespace snort;
+
 #define MODULE_SYMBOL "thirdparty_appid_impl_module"
 
 static THREAD_LOCAL void* module_handle = nullptr;

diff --git a/src/network_inspectors/appid/thirdparty_appid_utils.h b/src/network_inspectors/appid/thirdparty_appid_utils.h
index e25316fa91acea0777fec3bd589aa30f1e490d5c..7761c52b28ab6d176a556426ce51f88e373e72e4 100644 (file)
--- a/src/network_inspectors/appid/thirdparty_appid_utils.h
+++ b/src/network_inspectors/appid/thirdparty_appid_utils.h
@@ -33,14 +33,17 @@ class AppIdModuleConfig;
 class AppIdSession;
 struct ThirdPartyAppIDModule;
 struct ThirdPartyAppIDAttributeData;
+namespace snort
+{
 struct Packet;
+}
 
 extern THREAD_LOCAL ThirdPartyAppIDModule* thirdparty_appid_module;
 
 void ThirdPartyAppIDInit(const AppIdModuleConfig*);
 void ThirdPartyAppIDReconfigure();
 void ThirdPartyAppIDFini();
-bool do_third_party_discovery(AppIdSession&, IpProtocol, const SfIp*,  Packet*, int&);
+bool do_third_party_discovery(AppIdSession&, IpProtocol, const snort::SfIp*,  snort::Packet*, int&);
 
 inline bool is_third_party_appid_done(void* tp_session)
 {

diff --git a/src/network_inspectors/arp_spoof/arp_module.cc b/src/network_inspectors/arp_spoof/arp_module.cc
index f3d940c2141cb67b67415ea4e2e1f4baebda0fcf..41eea07d994f5938698a522fe93e08b023a3aeb9 100644 (file)
--- a/src/network_inspectors/arp_spoof/arp_module.cc
+++ b/src/network_inspectors/arp_spoof/arp_module.cc
@@ -24,6 +24,8 @@
 
 #include "arp_module.h"
 
+using namespace snort;
+
 #define ARPSPOOF_UNICAST_ARP_REQUEST_STR \
     "unicast ARP request"
 #define ARPSPOOF_ETHERFRAME_ARP_MISMATCH_SRC_STR \

diff --git a/src/network_inspectors/arp_spoof/arp_module.h b/src/network_inspectors/arp_spoof/arp_module.h
index 4ab6272db7397117b5369088e9c9fdb1a69ec0ff..13e56959837f774b31163956b843ad7bcfea47f1 100644 (file)
--- a/src/network_inspectors/arp_spoof/arp_module.h
+++ b/src/network_inspectors/arp_spoof/arp_module.h
@@ -34,7 +34,7 @@
 #define ARPSPOOF_ARP_CACHE_OVERWRITE_ATTACK   4
 
 extern THREAD_LOCAL SimpleStats asstats;
-extern THREAD_LOCAL ProfileStats arpPerfStats;
+extern THREAD_LOCAL snort::ProfileStats arpPerfStats;
 
 struct IPMacEntry
 {
@@ -51,15 +51,15 @@ struct ArpSpoofConfig
     IPMacEntryList ipmel;
 };
 
-class ArpSpoofModule : public Module
+class ArpSpoofModule : public snort::Module
 {
 public:
     ArpSpoofModule();
     ~ArpSpoofModule() override;
 
-    bool set(const char*, Value&, SnortConfig*) override;
-    bool begin(const char*, int, SnortConfig*) override;
-    bool end(const char*, int, SnortConfig*) override;
+    bool set(const char*, snort::Value&, snort::SnortConfig*) override;
+    bool begin(const char*, int, snort::SnortConfig*) override;
+    bool end(const char*, int, snort::SnortConfig*) override;
 
     ArpSpoofConfig* get_config();
 
@@ -69,8 +69,8 @@ public:
     unsigned get_gid() const override
     { return GID_ARP_SPOOF; }
 
-    const RuleMap* get_rules() const override;
-    ProfileStats* get_profile() const override;
+    const snort::RuleMap* get_rules() const override;
+    snort::ProfileStats* get_profile() const override;
 
     Usage get_usage() const override
     { return INSPECT; }

diff --git a/src/network_inspectors/arp_spoof/arp_spoof.cc b/src/network_inspectors/arp_spoof/arp_spoof.cc
index bfe57d983657b53742db589963d46419d0df9387..f9f9bc0fb90d329bc68aed80eab645a5c3b57a19 100644 (file)
--- a/src/network_inspectors/arp_spoof/arp_spoof.cc
+++ b/src/network_inspectors/arp_spoof/arp_spoof.cc
@@ -83,6 +83,8 @@
 
 #include "arp_module.h"
 
+using namespace snort;
+
 static const uint8_t bcast[6] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
 
 THREAD_LOCAL ProfileStats arpPerfStats;
@@ -183,7 +185,7 @@ void ArpSpoof::eval(Packet* p)
     }
     else
     {
-        const wlan::WifiHdr* wifih = layer::get_wifi_layer(p);
+        const snort::wlan::WifiHdr* wifih = snort::layer::get_wifi_layer(p);
         if (wifih == nullptr)
             return;
 
@@ -210,7 +212,7 @@ void ArpSpoof::eval(Packet* p)
          }
     }
 
-    const arp::EtherARP* ah = layer::get_arp_layer(p);
+    const snort::arp::EtherARP* ah = snort::layer::get_arp_layer(p);
 
     /* is the ARP protocol type IP and the ARP hardware type Ethernet? */
     if ((ntohs(ah->ea_hdr.ar_hrd) != 0x0001) ||

diff --git a/src/network_inspectors/binder/bind_module.cc b/src/network_inspectors/binder/bind_module.cc
index 89bb6a18257ef1a7be0b396e5b36d98d88c9cc03..89dff5f3144e7843867cf1c8cab2a990c4b4c3bd 100644 (file)
--- a/src/network_inspectors/binder/bind_module.cc
+++ b/src/network_inspectors/binder/bind_module.cc
@@ -30,6 +30,7 @@
 #include "parser/parse_ip.h"
 #include "protocols/packet.h"
 
+using namespace snort;
 using namespace std;
 
 #define FILE_KEY ".file"

diff --git a/src/network_inspectors/binder/bind_module.h b/src/network_inspectors/binder/bind_module.h
index ea17a36f4393d77c75e9d39070f6e6be1762a50e..f46f86eac64b9fcee8d626f1f86f7b26a9c992b6 100644 (file)
--- a/src/network_inspectors/binder/bind_module.h
+++ b/src/network_inspectors/binder/bind_module.h
@@ -36,17 +36,17 @@ struct BindStats
 };
 
 extern THREAD_LOCAL BindStats bstats;
-extern THREAD_LOCAL ProfileStats bindPerfStats;
+extern THREAD_LOCAL snort::ProfileStats bindPerfStats;
 
-class BinderModule : public Module
+class BinderModule : public snort::Module
 {
 public:
     BinderModule();
     ~BinderModule() override;
 
-    bool set(const char*, Value&, SnortConfig*) override;
-    bool begin(const char*, int, SnortConfig*) override;
-    bool end(const char*, int, SnortConfig*) override;
+    bool set(const char*, snort::Value&, snort::SnortConfig*) override;
+    bool begin(const char*, int, snort::SnortConfig*) override;
+    bool end(const char*, int, snort::SnortConfig*) override;
 
     // used to create default binder
     void add(const char* service, const char* type);
@@ -54,7 +54,7 @@ public:
 
     const PegInfo* get_pegs() const override;
     PegCount* get_counts() const override;
-    ProfileStats* get_profile() const override;
+    snort::ProfileStats* get_profile() const override;
 
     std::vector<Binding*>& get_data();
 

diff --git a/src/network_inspectors/binder/binder.cc b/src/network_inspectors/binder/binder.cc
index 0984d74c3665b4b6600d8ee89b93193d86b8995f..f9135b89500d2134999b45723627bf3c8029cd4c 100644 (file)
--- a/src/network_inspectors/binder/binder.cc
+++ b/src/network_inspectors/binder/binder.cc
@@ -40,6 +40,7 @@
 #include "bind_module.h"
 #include "binding.h"
 
+using namespace snort;
 using namespace std;
 
 THREAD_LOCAL ProfileStats bindPerfStats;

diff --git a/src/network_inspectors/binder/binding.h b/src/network_inspectors/binder/binding.h
index c1cb76998e0200b075f780e1d167a010da83dbbe..54ab96e8ff5b98268fe4302443cab864198a6a20 100644 (file)
--- a/src/network_inspectors/binder/binding.h
+++ b/src/network_inspectors/binder/binding.h
@@ -25,8 +25,12 @@
 #include "framework/bits.h"
 #include "sfip/sf_ipvar.h"
 
+namespace snort
+{
 class Flow;
 struct Packet;
+}
+
 struct BindWhen
 {
     enum Role
@@ -97,17 +101,17 @@ struct Binding
     Binding();
     ~Binding();
 
-    bool check_all(const Flow*, Packet*) const;
-    bool check_ips_policy(const Flow*) const;
-    bool check_iface(const Packet*) const;
-    bool check_vlan(const Flow*) const;
-    bool check_addr(const Flow*) const;
-    DirResult check_split_addr(const Flow*, const Packet*, const DirResult) const;
-    bool check_proto(const Flow*) const;
-    bool check_port(const Flow*) const;
-    DirResult check_split_port(const Flow*, const Packet*, const DirResult) const;
-    bool check_service(const Flow*) const;
-    DirResult check_zone(const Packet*, const DirResult) const;
+    bool check_all(const snort::Flow*, snort::Packet*) const;
+    bool check_ips_policy(const snort::Flow*) const;
+    bool check_iface(const snort::Packet*) const;
+    bool check_vlan(const snort::Flow*) const;
+    bool check_addr(const snort::Flow*) const;
+    DirResult check_split_addr(const snort::Flow*, const snort::Packet*, const DirResult) const;
+    bool check_proto(const snort::Flow*) const;
+    bool check_port(const snort::Flow*) const;
+    DirResult check_split_port(const snort::Flow*, const snort::Packet*, const DirResult) const;
+    bool check_service(const snort::Flow*) const;
+    DirResult check_zone(const snort::Packet*, const DirResult) const;
 };
 
 #endif

diff --git a/src/network_inspectors/network_inspectors.cc b/src/network_inspectors/network_inspectors.cc
index 9460c83f839ec05be2f64e4ce19a9ecd4237fa75..6717982cd32bee52aca7b0b46974b968abc3532e 100644 (file)
--- a/src/network_inspectors/network_inspectors.cc
+++ b/src/network_inspectors/network_inspectors.cc
@@ -24,6 +24,8 @@
 
 #include "managers/plugin_manager.h"
 
+using namespace snort;
+
 extern const BaseApi* nin_binder;
 extern const BaseApi* nin_normalize;
 extern const BaseApi* nin_perf_monitor;

diff --git a/src/network_inspectors/normalize/norm.cc b/src/network_inspectors/normalize/norm.cc
index f27d784307f4d8836fcb8f6af8893ee5d0f16e3a..613b7ff2c45c0aa065a52acc08a67edcf6fb55d7 100644 (file)
--- a/src/network_inspectors/normalize/norm.cc
+++ b/src/network_inspectors/normalize/norm.cc
@@ -32,6 +32,8 @@
 #include "protocols/tcp_options.h"
 #include "stream/tcp/tcp_normalizer.h"
 
+using namespace snort;
+
 enum PegCounts
 {
     PC_IP4_TRIM,
@@ -162,7 +164,7 @@ static inline NormMode get_norm_mode(const Packet * const p)
 {
     NormMode mode = NORM_MODE_ON;
 
-    if ( get_inspection_policy()->policy_mode != POLICY_MODE__INLINE )
+    if ( snort::get_inspection_policy()->policy_mode != POLICY_MODE__INLINE )
         mode = NORM_MODE_TEST;
 
     if ( !SFDAQ::forwarding_packet(p->pkth) )
@@ -174,7 +176,7 @@ static inline NormMode get_norm_mode(const Packet * const p)
 static int Norm_IP4(
     NormalizerConfig* c, Packet* p, uint8_t layer, int changes)
 {
-    IP4Hdr* h = (IP4Hdr*)const_cast<uint8_t*>(p->layers[layer].start);
+    ip::IP4Hdr* h = (ip::IP4Hdr*)const_cast<uint8_t*>(p->layers[layer].start);
     uint16_t fragbits = ntohs(h->ip_off);
     uint16_t origbits = fragbits;
     const NormMode mode = get_norm_mode(p);

diff --git a/src/network_inspectors/normalize/norm.h b/src/network_inspectors/normalize/norm.h
index 36e67d7d314283e41854d0efa613484d29675eb8..dcdef519974cd397da4db0675b87c46d2b3675d2 100644 (file)
--- a/src/network_inspectors/normalize/norm.h
+++ b/src/network_inspectors/normalize/norm.h
@@ -24,12 +24,15 @@
 #include "normalize.h"
 
 struct NormalizerConfig;
+namespace snort
+{
 struct Packet;
+}
 
 // all normalizers look like this:
 // the return is 1 if packet was changed, else 0
 typedef int (* NormalFunc)( // FIXIT-L why is this exposed?
-    struct NormalizerConfig*, Packet*, uint8_t layer, int changes);
+    struct NormalizerConfig*, snort::Packet*, uint8_t layer, int changes);
 
 extern const PegInfo norm_names[];
 
@@ -40,11 +43,11 @@ struct NormalizerConfig
 
     // these must be in the same order PROTO_IDs are defined!
     // if entry is NULL, proto doesn't have normalization or it is disabled
-    NormalFunc normalizers[PacketManager::max_protocols()];
+    NormalFunc normalizers[snort::PacketManager::max_protocols()];
 };
 
 int Norm_SetConfig(NormalizerConfig*);
-int Norm_Packet(NormalizerConfig*, Packet*);
+int Norm_Packet(NormalizerConfig*, snort::Packet*);
 
 inline void Norm_Enable(NormalizerConfig* nc, NormFlags nf)
 {

diff --git a/src/network_inspectors/normalize/norm_module.cc b/src/network_inspectors/normalize/norm_module.cc
index 3e9683e4cbd1ce2a23f8f164e1f01e1cfd681b7e..4e923e241e9adfd6dea4f12a2149710ea6628b9f 100644 (file)
--- a/src/network_inspectors/normalize/norm_module.cc
+++ b/src/network_inspectors/normalize/norm_module.cc
@@ -26,6 +26,7 @@
 #include "main/policy.h"
 #include "stream/tcp/tcp_normalizer.h"
 
+using namespace snort;
 using namespace std;
 
 static bool allow_names(NormalizerConfig* config, const char* s)
@@ -357,13 +358,13 @@ bool NormalizeModule::end(const char* fqn, int, SnortConfig* sc)
 {
     if ( !strcmp(fqn, NORM_NAME) )
     {
-        NetworkPolicy* policy = get_network_policy();
+        NetworkPolicy* policy = snort::get_network_policy();
 
         // FIXIT-M untangle these policies. this is a workaround for loading inspection-only confs
         if ( policy == nullptr )
         {
             set_network_policy(sc);
-            policy = get_network_policy();
+            policy = snort::get_network_policy();
             set_network_policy((NetworkPolicy*)nullptr);
         }
 

diff --git a/src/network_inspectors/normalize/norm_module.h b/src/network_inspectors/normalize/norm_module.h
index 5d84e96e070a91fdd147ffa9668ecf7f1592bdfe..85dc870e35644416859867a89136978a2e748925 100644 (file)
--- a/src/network_inspectors/normalize/norm_module.h
+++ b/src/network_inspectors/normalize/norm_module.h
@@ -27,19 +27,19 @@
 #define NORM_NAME "normalizer"
 #define NORM_HELP "packet scrubbing for inline mode"
 
-extern THREAD_LOCAL ProfileStats norm_perf_stats;
+extern THREAD_LOCAL snort::ProfileStats norm_perf_stats;
 
-class NormalizeModule : public Module
+class NormalizeModule : public snort::Module
 {
 public:
     NormalizeModule();
     ~NormalizeModule() override;
 
-    bool set(const char*, Value&, SnortConfig*) override;
-    bool begin(const char*, int, SnortConfig*) override;
-    bool end(const char*, int, SnortConfig*) override;
+    bool set(const char*, snort::Value&, snort::SnortConfig*) override;
+    bool begin(const char*, int, snort::SnortConfig*) override;
+    bool end(const char*, int, snort::SnortConfig*) override;
 
-    ProfileStats* get_profile() const override;
+    snort::ProfileStats* get_profile() const override;
     const PegInfo* get_pegs() const override;
     PegCount* get_counts() const override;
 
@@ -50,8 +50,8 @@ public:
     { return INSPECT; }
 
 private:
-    bool set_ip4(const char*, Value&, SnortConfig*);
-    bool set_tcp(const char*, Value&, SnortConfig*);
+    bool set_ip4(const char*, snort::Value&, snort::SnortConfig*);
+    bool set_tcp(const char*, snort::Value&, snort::SnortConfig*);
 
     void add_test_peg(const PegInfo&) const;
 

diff --git a/src/network_inspectors/normalize/normalize.cc b/src/network_inspectors/normalize/normalize.cc
index 4a550c87ea8640c9ed039674cbdd7dbf622de014..dc76b0e5ae91365eba22a87d326c6cefa9a57054 100644 (file)
--- a/src/network_inspectors/normalize/normalize.cc
+++ b/src/network_inspectors/normalize/normalize.cc
@@ -32,6 +32,8 @@
 
 #include "norm_module.h"
 
+using namespace snort;
+
 THREAD_LOCAL ProfileStats norm_perf_stats;
 static THREAD_LOCAL uint32_t t_flags = 0;
 
@@ -68,7 +70,7 @@ static void Print_IP4(SnortConfig*, const NormalizerConfig* nc)
 
     if ( Norm_IsEnabled(nc, NORM_IP4_TTL) )
     {
-        NetworkPolicy* policy = get_network_policy();
+        NetworkPolicy* policy = snort::get_network_policy();
         LogMessage("%12s: %s (min=%d, new=%d)\n", "ip4.ttl", ON,
             policy->min_ttl, policy->new_ttl);
     }
@@ -90,7 +92,7 @@ static void Print_IP6(SnortConfig*, const NormalizerConfig* nc)
 
     if ( Norm_IsEnabled(nc, NORM_IP6_TTL) )
     {
-        NetworkPolicy* policy = get_network_policy();
+        NetworkPolicy* policy = snort::get_network_policy();
         LogMessage("%12s: %s (min=%d, new=%d)\n", "ip6.hops",
             ON, policy->min_ttl, policy->new_ttl);
     }
@@ -170,9 +172,9 @@ class Normalizer : public Inspector
 public:
     Normalizer(const NormalizerConfig&);
 
-    bool configure(SnortConfig*) override;
-    void show(SnortConfig*) override;
-    void eval(Packet*) override;
+    bool configure(snort::SnortConfig*) override;
+    void show(snort::SnortConfig*) override;
+    void eval(snort::Packet*) override;
 
 private:
     NormalizerConfig config;
@@ -187,11 +189,11 @@ Normalizer::Normalizer(const NormalizerConfig& nc)
 // but would be better if binder could select
 // in which case normal_mask must be moved to flow
 // from cwaxman - why can't normal_mask be applied directly from Normalizer?
-bool Normalizer::configure(SnortConfig*)
+bool Normalizer::configure(snort::SnortConfig*)
 {
     // FIXIT-M move entire config to network policy? Leaving split loads the currently selected
     // network policy with whichever instantiation of an inspection policy this normalize is in
-    NetworkPolicy* nap = get_network_policy();
+    NetworkPolicy* nap = snort::get_network_policy();
 
     nap->normal_mask = config.normalizer_flags;
 
@@ -209,10 +211,10 @@ bool Normalize_IsEnabled(NormFlags nf)
     if ( !(t_flags & nf) )
         return false;
 
-    if ( get_inspection_policy()->policy_mode != POLICY_MODE__INLINE )
+    if ( snort::get_inspection_policy()->policy_mode != POLICY_MODE__INLINE )
         return false;
 
-    NetworkPolicy* nap = get_network_policy();
+    NetworkPolicy* nap = snort::get_network_policy();
     return ( (nap->normal_mask & nf) != 0 );
 }
 
@@ -220,7 +222,7 @@ NormMode Normalize_GetMode(NormFlags nf)
 {
     if (Normalize_IsEnabled(nf))
     {
-        const PolicyMode mode = get_inspection_policy()->policy_mode;
+        const PolicyMode mode = snort::get_inspection_policy()->policy_mode;
 
         if ( mode == POLICY_MODE__INLINE )
             return NORM_MODE_ON;
@@ -228,7 +230,7 @@ NormMode Normalize_GetMode(NormFlags nf)
     return NORM_MODE_TEST;
 }
 
-void Normalizer::show(SnortConfig* sc)
+void Normalizer::show(snort::SnortConfig* sc)
 {
     LogMessage("Normalizer config:\n");
     Print_IP4(sc, &config);
@@ -238,7 +240,7 @@ void Normalizer::show(SnortConfig* sc)
     Print_TCP(&config);
 }
 
-void Normalizer::eval(Packet* p)
+void Normalizer::eval(snort::Packet* p)
 {
     Profile profile(norm_perf_stats);
 

diff --git a/src/network_inspectors/normalize/normalize.h b/src/network_inspectors/normalize/normalize.h
index 9b88ce585358e027a35ea1fa0cef7c85aff5f26f..450a103e4374911574052666c05a82551aa1f0fe 100644 (file)
--- a/src/network_inspectors/normalize/normalize.h
+++ b/src/network_inspectors/normalize/normalize.h
@@ -66,7 +66,6 @@ enum NormMode : int8_t
 };
 
 typedef PegCount (* NormPegs)[NORM_MODE_MAX];
-struct SnortConfig;
 
 bool Normalize_IsEnabled(NormFlags);
 NormMode Normalize_GetMode(NormFlags);

diff --git a/src/network_inspectors/packet_capture/capture_module.cc b/src/network_inspectors/packet_capture/capture_module.cc
index c71c8fb68dcd35d4f6388f2b7fffce9247c1dea4..8b2f8db7dcdeacbe40dfad74e6184474e19ffed9 100644 (file)
--- a/src/network_inspectors/packet_capture/capture_module.cc
+++ b/src/network_inspectors/packet_capture/capture_module.cc
@@ -30,6 +30,7 @@
 
 #include "packet_capture.h"
 
+using namespace snort;
 using namespace std;
 
 static int enable(lua_State*);

diff --git a/src/network_inspectors/packet_capture/capture_module.h b/src/network_inspectors/packet_capture/capture_module.h
index 783702db9140603a4a0ad7c7b14b5b4d99d8296a..c48c263fc1a92ae65ad01895e3eadb71bae2da19 100644 (file)
--- a/src/network_inspectors/packet_capture/capture_module.h
+++ b/src/network_inspectors/packet_capture/capture_module.h
@@ -38,16 +38,16 @@ struct CaptureStats
     PegCount matched;
 };
 
-class CaptureModule : public Module
+class CaptureModule : public snort::Module
 {
 public:
     CaptureModule();
 
     const PegInfo* get_pegs() const override;
     PegCount* get_counts() const override;
-    ProfileStats* get_profile() const override;
-    const Command* get_commands() const override;
-    bool set(const char*, Value&, SnortConfig*) override;
+    snort::ProfileStats* get_profile() const override;
+    const snort::Command* get_commands() const override;
+    bool set(const char*, snort::Value&, snort::SnortConfig*) override;
 
     void get_config(CaptureConfig&);
 
@@ -59,7 +59,7 @@ private:
 };
 
 extern THREAD_LOCAL CaptureStats cap_count_stats;
-extern THREAD_LOCAL ProfileStats cap_prof_stats;
+extern THREAD_LOCAL snort::ProfileStats cap_prof_stats;
 
 #endif
 

diff --git a/src/network_inspectors/packet_capture/packet_capture.cc b/src/network_inspectors/packet_capture/packet_capture.cc
index 9e395c1b35832fe5435ef00a74846337c6e51baa..96cc0acd0ef58f7ad0b04ef75dbe445da80058b1 100644 (file)
--- a/src/network_inspectors/packet_capture/packet_capture.cc
+++ b/src/network_inspectors/packet_capture/packet_capture.cc
@@ -37,6 +37,7 @@
 
 #include "capture_module.h"
 
+using namespace snort;
 using namespace std;
 
 #define FILE_NAME "packet_capture.pcap"

diff --git a/src/network_inspectors/perf_monitor/base_tracker.cc b/src/network_inspectors/perf_monitor/base_tracker.cc
index 83d57a86718d132e1081c095597eb11d90a2a534..ce735d7a502ca2a2d189a2313ff4434338e6bbc4 100644 (file)
--- a/src/network_inspectors/perf_monitor/base_tracker.cc
+++ b/src/network_inspectors/perf_monitor/base_tracker.cc
@@ -29,6 +29,7 @@
 #include "utils/util.h"
 #endif
 
+using namespace snort;
 using namespace std;
 
 BaseTracker::BaseTracker(PerfConfig* perf)

diff --git a/src/network_inspectors/perf_monitor/flow_ip_tracker.cc b/src/network_inspectors/perf_monitor/flow_ip_tracker.cc
index 6e0a1242149f24b9708db32ba9b5635f48de0bf0..65455c619675b832bf77f212041c7549cb2f3f3d 100644 (file)
--- a/src/network_inspectors/perf_monitor/flow_ip_tracker.cc
+++ b/src/network_inspectors/perf_monitor/flow_ip_tracker.cc
@@ -27,6 +27,8 @@
 #include "log/messages.h"
 #include "protocols/packet.h"
 
+using namespace snort;
+
 #define TRACKER_NAME PERF_NAME "_flow_ip"
 
 struct FlowStateKey

diff --git a/src/network_inspectors/perf_monitor/flow_ip_tracker.h b/src/network_inspectors/perf_monitor/flow_ip_tracker.h
index 4766734d54dbed3604867bed5d01d8313195f8ca..a993aad2bd822763c92472d6244589fca53939c1 100644 (file)
--- a/src/network_inspectors/perf_monitor/flow_ip_tracker.h
+++ b/src/network_inspectors/perf_monitor/flow_ip_tracker.h
@@ -63,17 +63,17 @@ public:
     ~FlowIPTracker() override;
 
     void reset() override;
-    void update(Packet*) override;
+    void update(snort::Packet*) override;
     void process(bool) override;
 
-    int update_state(const SfIp* src_addr, const SfIp* dst_addr, FlowState);
+    int update_state(const snort::SfIp* src_addr, const snort::SfIp* dst_addr, FlowState);
 
 private:
     FlowStateValue stats;
     XHash* ip_map;
     char ip_a[41], ip_b[41];
 
-    FlowStateValue* find_stats(const SfIp* src_addr, const SfIp* dst_addr, int* swapped);
+    FlowStateValue* find_stats(const snort::SfIp* src_addr, const snort::SfIp* dst_addr, int* swapped);
     void write_stats();
     void display_stats();
 };

diff --git a/src/network_inspectors/perf_monitor/flow_tracker.cc b/src/network_inspectors/perf_monitor/flow_tracker.cc
index 6726d663949672ae4b2632617d6dc5f59f5c89d9..eb7331f76ef6b86934072e94ce6476b8459fcc49 100644 (file)
--- a/src/network_inspectors/perf_monitor/flow_tracker.cc
+++ b/src/network_inspectors/perf_monitor/flow_tracker.cc
@@ -33,6 +33,8 @@
 #include "catch/snort_catch.h"
 #endif
 
+using namespace snort;
+
 #define TRACKER_NAME PERF_NAME "_flow"
 
 #define MAX_PKT_LEN  9000

diff --git a/src/network_inspectors/perf_monitor/flow_tracker.h b/src/network_inspectors/perf_monitor/flow_tracker.h
index 0e270d0adfd353cddbadfa5fe7a63f7c9c1004ee..cbf85bb0d033f8be47012add0c046ec9d2a9033b 100644 (file)
--- a/src/network_inspectors/perf_monitor/flow_tracker.h
+++ b/src/network_inspectors/perf_monitor/flow_tracker.h
@@ -35,7 +35,7 @@ class FlowTracker : public PerfTracker
 public:
     FlowTracker(PerfConfig* perf);
 
-    void update(Packet*) override;
+    void update(snort::Packet*) override;
     void process(bool) override;
 
 protected:

diff --git a/src/network_inspectors/perf_monitor/perf_module.cc b/src/network_inspectors/perf_monitor/perf_module.cc
index f8365b2b938358a0cb47e594cb0a74fed629354e..bb20bdbf01d99685016df439ea4e23144e3aa03f 100644 (file)
--- a/src/network_inspectors/perf_monitor/perf_module.cc
+++ b/src/network_inspectors/perf_monitor/perf_module.cc
@@ -32,6 +32,8 @@
 
 #include "managers/module_manager.h"
 
+using namespace snort;
+
 //-------------------------------------------------------------------------
 // perf attributes
 //-------------------------------------------------------------------------

diff --git a/src/network_inspectors/perf_monitor/perf_module.h b/src/network_inspectors/perf_monitor/perf_module.h
index 4595c1ee8ce2684a1819526ca0493ce7ceb661e2..20a173d6ef6410b0a056b11e39b3bdda4a0651ea 100644 (file)
--- a/src/network_inspectors/perf_monitor/perf_module.h
+++ b/src/network_inspectors/perf_monitor/perf_module.h
@@ -69,23 +69,23 @@ struct PerfConfigBase
 
 struct PerfConfig:public PerfConfigBase
 {
-    std::vector<Module*> modules;
+    std::vector<snort::Module*> modules;
     std::vector<IndexVec> mod_peg_idxs;
 };
 
 /* The Module Class for incorporation into Snort++ */
-class PerfMonModule : public Module
+class PerfMonModule : public snort::Module
 {
 public:
     PerfMonModule();
 
-    bool set(const char*, Value&, SnortConfig*) override;
-    bool begin(const char*, int, SnortConfig*) override;
-    bool end(const char*, int, SnortConfig*) override;
+    bool set(const char*, snort::Value&, snort::SnortConfig*) override;
+    bool begin(const char*, int, snort::SnortConfig*) override;
+    bool end(const char*, int, snort::SnortConfig*) override;
 
     const PegInfo* get_pegs() const override;
     PegCount* get_counts() const override;
-    ProfileStats* get_profile() const override;
+    snort::ProfileStats* get_profile() const override;
 
     void get_config(PerfConfig&);
 
@@ -100,7 +100,7 @@ private:
 };
 
 extern THREAD_LOCAL SimpleStats pmstats;
-extern THREAD_LOCAL ProfileStats perfmonStats;
+extern THREAD_LOCAL snort::ProfileStats perfmonStats;
 
 #endif
 

diff --git a/src/network_inspectors/perf_monitor/perf_monitor.cc b/src/network_inspectors/perf_monitor/perf_monitor.cc
index 171423e155810a200421a079b0261f19be57b668..367f9c0ee04c84aa40b11b008c4eeb78b01beb74 100644 (file)
--- a/src/network_inspectors/perf_monitor/perf_monitor.cc
+++ b/src/network_inspectors/perf_monitor/perf_monitor.cc
@@ -44,6 +44,8 @@
 #include "catch/snort_catch.h"
 #endif
 
+using namespace snort;
+
 THREAD_LOCAL SimpleStats pmstats;
 THREAD_LOCAL ProfileStats perfmonStats;
 

diff --git a/src/network_inspectors/perf_monitor/perf_monitor.h b/src/network_inspectors/perf_monitor/perf_monitor.h
index 4588a1406dbd1d8dc0dca229e01bc1914f35c978..3d44881bcb4321b081696459aa3a0b602571cbb0 100644 (file)
--- a/src/network_inspectors/perf_monitor/perf_monitor.h
+++ b/src/network_inspectors/perf_monitor/perf_monitor.h
@@ -26,7 +26,10 @@
 
 #include "perf_module.h"
 
+namespace snort
+{
 struct Packet;
+}
 
 extern PerfConfig* perfmon_config;  // FIXIT-M shouldn't be needed externally
 extern THREAD_LOCAL bool perfmon_rotate_perf_file;

diff --git a/src/network_inspectors/perf_monitor/perf_tracker.cc b/src/network_inspectors/perf_monitor/perf_tracker.cc
index 056d0c2d1276415ee60f27a2ef2be24264bcc6c0..b751fcef4c3e9e06a9c3110b8e7fd1ef1ce28671 100644 (file)
--- a/src/network_inspectors/perf_monitor/perf_tracker.cc
+++ b/src/network_inspectors/perf_monitor/perf_tracker.cc
@@ -122,12 +122,13 @@ bool PerfTracker::open(bool append)
                         file_name, mode, get_error(errno));
                 }
 
-                if (chown(file_name, SnortConfig::get_uid(), SnortConfig::get_gid()) != 0)
+                if (chown(file_name, snort::SnortConfig::get_uid(),
+                    snort::SnortConfig::get_gid()) != 0)
                 {
                     WarningMessage("perfmonitor: Unable to change permissions of "
                         "stats file '%s' to user:%d and group:%d: %s.\n",
-                        file_name, SnortConfig::get_uid(), SnortConfig::get_gid(), get_error(
-                        errno));
+                        file_name, snort::SnortConfig::get_uid(), snort::SnortConfig::get_gid(),
+                        get_error(errno));
                 }
             }
         }

diff --git a/src/network_inspectors/perf_monitor/perf_tracker.h b/src/network_inspectors/perf_monitor/perf_tracker.h
index 6e7ad8ec54f69868eed0edfcc3506322ef2aa82a..f0e700ee528994f3247b5e35d90db31fd9878db4 100644 (file)
--- a/src/network_inspectors/perf_monitor/perf_tracker.h
+++ b/src/network_inspectors/perf_monitor/perf_tracker.h
@@ -48,7 +48,7 @@ class PerfTracker
 public:
     virtual void reset() {}
 
-    virtual void update(Packet*) {}
+    virtual void update(snort::Packet*) {}
     virtual void process(bool /*summary*/) {} // FIXIT-M get rid of this step.
 
     virtual void update_time(time_t time) final { cur_time = time; }

diff --git a/src/network_inspectors/port_scan/ipobj.cc b/src/network_inspectors/port_scan/ipobj.cc
index d06fa285cc664971c17d90bcf1c6bfe710a57985..d2e4837874869b37fa3f5b0b4b11bbc8ff3ba038 100644 (file)
--- a/src/network_inspectors/port_scan/ipobj.cc
+++ b/src/network_inspectors/port_scan/ipobj.cc
@@ -29,6 +29,8 @@
 #include "utils/util.h"
 #include "utils/util_cstring.h"
 
+using namespace snort;
+
 /*
    IP COLLECTION INTERFACE
 

diff --git a/src/network_inspectors/port_scan/ipobj.h b/src/network_inspectors/port_scan/ipobj.h
index 9198b98d71250e2e3b40ec4f735f4171c771cdb3..d6cdb3810f0f3f1082f8ab1e1a898dd43528f120 100644 (file)
--- a/src/network_inspectors/port_scan/ipobj.h
+++ b/src/network_inspectors/port_scan/ipobj.h
@@ -47,7 +47,7 @@ struct PORTSET
 
 struct IP_PORT
 {
-    SfCidr ip;
+    snort::SfCidr ip;
     PORTSET portset;
     char notflag;
 };
@@ -75,8 +75,8 @@ struct IPSET
    255.255.255.255, or 0xffffffff, or -1.
 */
 IPSET* ipset_new();
-int ipset_add(IPSET* ipset, SfCidr* ip, void* port, int notflag);
-int ipset_contains(IPSET* ipset, const SfIp* ip, void* port);
+int ipset_add(IPSET* ipset, snort::SfCidr* ip, void* port, int notflag);
+int ipset_contains(IPSET* ipset, const snort::SfIp* ip, void* port);
 IPSET* ipset_copy(IPSET* ipset);
 void ipset_free(IPSET* ipset);
 int ipset_print(IPSET* ipset);

diff --git a/src/network_inspectors/port_scan/port_scan.cc b/src/network_inspectors/port_scan/port_scan.cc
index bd9a4d26ceeabb44cddc41676e0c2abc260d9b96..80a0cf4614f8289807a1ba189fa0c1928015d8f2 100644 (file)
--- a/src/network_inspectors/port_scan/port_scan.cc
+++ b/src/network_inspectors/port_scan/port_scan.cc
@@ -34,6 +34,8 @@
 #include "ps_inspect.h"
 #include "ps_module.h"
 
+using namespace snort;
+
 THREAD_LOCAL SimpleStats spstats;
 THREAD_LOCAL ProfileStats psPerfStats;
 

diff --git a/src/network_inspectors/port_scan/ps_detect.cc b/src/network_inspectors/port_scan/ps_detect.cc
index 43891e8e75cdb854a75e981da36e022fa7fa9528..0910a6e2a77dacadd99dd1d2c7f3c327c3c99d9f 100644 (file)
--- a/src/network_inspectors/port_scan/ps_detect.cc
+++ b/src/network_inspectors/port_scan/ps_detect.cc
@@ -45,6 +45,8 @@
 
 #include "ps_inspect.h"
 
+using namespace snort;
+
 PADDING_GUARD_BEGIN
 struct PS_HASH_KEY
 {

diff --git a/src/network_inspectors/port_scan/ps_detect.h b/src/network_inspectors/port_scan/ps_detect.h
index 97e89611990dce812f8063370dbfcbbb4084c764..5eb5146555600a9bbc3c23ac35ee27903db1424a 100644 (file)
--- a/src/network_inspectors/port_scan/ps_detect.h
+++ b/src/network_inspectors/port_scan/ps_detect.h
@@ -27,6 +27,11 @@
 #include "sfip/sf_ip.h"
 #include "ipobj.h"
 
+namespace snort
+{
+struct Packet;
+}
+
 #define PS_OPEN_PORTS 8
 
 #define PS_PROTO_NONE        0x00
@@ -124,9 +129,9 @@ struct PS_PROTO
     unsigned short low_p;
     unsigned short u_ports;
 
-    SfIp high_ip;
-    SfIp low_ip;
-    SfIp u_ips;
+    snort::SfIp high_ip;
+    snort::SfIp low_ip;
+    snort::SfIp u_ips;
 
     unsigned short open_ports[PS_OPEN_PORTS];
     unsigned char open_ports_cnt;
@@ -145,7 +150,7 @@ struct PS_TRACKER
 
 struct PS_PKT
 {
-    struct Packet* pkt;
+    snort::Packet* pkt;
 
     PS_TRACKER* scanner;
     PS_TRACKER* scanned;
@@ -153,7 +158,7 @@ struct PS_PKT
     int proto;
     int reverse_pkt;
 
-    PS_PKT(Packet*);
+    PS_PKT(snort::Packet*);
 };
 
 void ps_cleanup();

diff --git a/src/network_inspectors/port_scan/ps_inspect.h b/src/network_inspectors/port_scan/ps_inspect.h
index edb6873e4daaa341bfa19a5a60142d565f7d8d67..bebccf72123a55a51ffd8ba74359594afd3df44d 100644 (file)
--- a/src/network_inspectors/port_scan/ps_inspect.h
+++ b/src/network_inspectors/port_scan/ps_inspect.h
@@ -28,29 +28,31 @@
 #include "framework/inspector.h"
 #include "ps_detect.h"
 
+namespace snort
+{
 struct SfIp;
+}
 struct PS_PROTO;
 struct PS_TRACKER;
 struct PS_PKT;
 
-class PortScan : public Inspector
+class PortScan : public snort::Inspector
 {
 public:
     PortScan(class PortScanModule*);
     ~PortScan() override;
 
-    void show(SnortConfig*) override;
-    void eval(Packet*) override;
+    void show(snort::SnortConfig*) override;
+    void eval(snort::Packet*) override;
 
     void tinit() override;
     void tterm() override;
 
 private:
-    void ps_parse(SnortConfig*, char*);
+    void ps_parse(snort::SnortConfig*, char*);
 
-    bool ps_ignore_ip(
-        const SfIp* scanner, uint16_t scanner_port,
-        const SfIp* scanned, uint16_t scanned_port);
+    bool ps_ignore_ip( const snort::SfIp* scanner, uint16_t scanner_port,
+        const snort::SfIp* scanned, uint16_t scanned_port);
 
     bool ps_filter_ignore(PS_PKT*);
     int ps_get_proto(PS_PKT*, int* proto);
@@ -62,8 +64,7 @@ private:
 
     void ps_proto_update_window(unsigned window, PS_PROTO*, time_t pkt_time);
 
-    int ps_proto_update(
-        PS_PROTO*, int ps_cnt, int pri_cnt, unsigned window, const SfIp* ip,
+    int ps_proto_update( PS_PROTO*, int ps_cnt, int pri_cnt, unsigned window, const snort::SfIp* ip,
         u_short port, time_t pkt_time);
 
     void ps_tracker_update_ip(PS_PKT*, PS_TRACKER* scanner, PS_TRACKER* scanned);

diff --git a/src/network_inspectors/port_scan/ps_module.cc b/src/network_inspectors/port_scan/ps_module.cc
index 3a55cd07bf4d9c8141bb1b96ad0313db3cb28c5d..e37b468ab9ab066d238dacbb44292df24d0b6ddc 100644 (file)
--- a/src/network_inspectors/port_scan/ps_module.cc
+++ b/src/network_inspectors/port_scan/ps_module.cc
@@ -26,6 +26,8 @@
 
 #include <cassert>
 
+using namespace snort;
+
 //-------------------------------------------------------------------------
 // port_scan params
 //-------------------------------------------------------------------------

diff --git a/src/network_inspectors/port_scan/ps_module.h b/src/network_inspectors/port_scan/ps_module.h
index bf1198dd59a409f7f3ff7152b8ec449a40cccacb..b86a6f2d9a9e45e1304a8650ed08a5ac8691564c 100644 (file)
--- a/src/network_inspectors/port_scan/ps_module.h
+++ b/src/network_inspectors/port_scan/ps_module.h
@@ -131,23 +131,23 @@
 //-------------------------------------------------------------------------
 
 extern THREAD_LOCAL SimpleStats spstats;
-extern THREAD_LOCAL ProfileStats psPerfStats;
+extern THREAD_LOCAL snort::ProfileStats psPerfStats;
 
 struct PortscanConfig;
 
-class PortScanModule : public Module
+class PortScanModule : public snort::Module
 {
 public:
     PortScanModule();
     ~PortScanModule() override;
 
-    bool set(const char*, Value&, SnortConfig*) override;
-    bool begin(const char*, int, SnortConfig*) override;
+    bool set(const char*, snort::Value&, snort::SnortConfig*) override;
+    bool begin(const char*, int, snort::SnortConfig*) override;
 
     const PegInfo* get_pegs() const override;
     PegCount* get_counts() const override;
-    ProfileStats* get_profile() const override;
-    const RuleMap* get_rules() const override;
+    snort::ProfileStats* get_profile() const override;
+    const snort::RuleMap* get_rules() const override;
 
     unsigned get_gid() const override
     { return GID_PORT_SCAN; }

diff --git a/src/network_inspectors/reputation/reputation_inspect.cc b/src/network_inspectors/reputation/reputation_inspect.cc
index d853e369a7b9fd31cbe1e0f718639d9c258bc1ba..46267d3b86217e028331deb3283baafeeb96c8ad 100644 (file)
--- a/src/network_inspectors/reputation/reputation_inspect.cc
+++ b/src/network_inspectors/reputation/reputation_inspect.cc
@@ -34,6 +34,8 @@
 
 #include "reputation_module.h"
 
+using namespace snort;
+
 THREAD_LOCAL ProfileStats reputationPerfStats;
 THREAD_LOCAL ReputationStats reputationstats;
 

diff --git a/src/network_inspectors/reputation/reputation_inspect.h b/src/network_inspectors/reputation/reputation_inspect.h
index 6dcffc4b14db1043fcd21752c375c67f65173921..2300ae0fa74c450870256eb4f0c3a0ef9aad007c 100644 (file)
--- a/src/network_inspectors/reputation/reputation_inspect.h
+++ b/src/network_inspectors/reputation/reputation_inspect.h
@@ -29,14 +29,14 @@ struct ReputationData
     bool disabled = false;
 };
 
-class ReputationFlowData : public FlowData
+class ReputationFlowData : public snort::FlowData
 {
 public:
-    ReputationFlowData() : FlowData(inspector_id){}
+    ReputationFlowData() : snort::FlowData(inspector_id){}
 
 
     static void init()
-    { inspector_id = FlowData::create_flow_data_id(); }
+    { inspector_id = snort::FlowData::create_flow_data_id(); }
 
 public:
     static unsigned inspector_id;

diff --git a/src/network_inspectors/reputation/reputation_module.cc b/src/network_inspectors/reputation/reputation_module.cc
index 5b61d5f4dac435b37d9131f0318b58f52a113cae..fe01775dbda9bacc617f88b75f267cc4a463d23b 100644 (file)
--- a/src/network_inspectors/reputation/reputation_module.cc
+++ b/src/network_inspectors/reputation/reputation_module.cc
@@ -31,6 +31,7 @@
 
 #include "reputation_parse.h"
 
+using namespace snort;
 using namespace std;
 
 #define REPUTATION_EVENT_BLACKLIST_STR \

diff --git a/src/network_inspectors/reputation/reputation_module.h b/src/network_inspectors/reputation/reputation_module.h
index 6ed1f9b6303c4153f3d79aebcc32d4d17dfa945b..dea4ee9a7f81205fca8b94ffdc4d469c3e805ac0 100644 (file)
--- a/src/network_inspectors/reputation/reputation_module.h
+++ b/src/network_inspectors/reputation/reputation_module.h
@@ -35,29 +35,32 @@
 #define REPUTATION_NAME "reputation"
 #define REPUTATION_HELP "reputation inspection"
 
+namespace snort
+{
 struct SnortConfig;
+}
 
-extern THREAD_LOCAL ProfileStats reputationPerfStats;
+extern THREAD_LOCAL snort::ProfileStats reputationPerfStats;
 extern unsigned long total_duplicates;
 extern unsigned long total_invalids;
 
-class ReputationModule : public Module
+class ReputationModule : public snort::Module
 {
 public:
     ReputationModule();
     ~ReputationModule() override;
 
-    bool set(const char*, Value&, SnortConfig*) override;
-    bool begin(const char*, int, SnortConfig*) override;
-    bool end(const char*, int, SnortConfig*) override;
+    bool set(const char*, snort::Value&, snort::SnortConfig*) override;
+    bool begin(const char*, int, snort::SnortConfig*) override;
+    bool end(const char*, int, snort::SnortConfig*) override;
 
     unsigned get_gid() const override
     { return GID_REPUTATION; }
 
-    const RuleMap* get_rules() const override;
+    const snort::RuleMap* get_rules() const override;
     const PegInfo* get_pegs() const override;
     PegCount* get_counts() const override;
-    ProfileStats* get_profile() const override;
+    snort::ProfileStats* get_profile() const override;
 
     ReputationConfig* get_data();
 

diff --git a/src/network_inspectors/reputation/reputation_parse.cc b/src/network_inspectors/reputation/reputation_parse.cc
index d57e8b22aa99c4641d07ac754628cd90e9b70f27..867f66ef7af95e2482b289b02115dc49420909f3 100644 (file)
--- a/src/network_inspectors/reputation/reputation_parse.cc
+++ b/src/network_inspectors/reputation/reputation_parse.cc
@@ -309,7 +309,7 @@ static int64_t updateEntryInfo(INFO* current, INFO new_entry, SaveDest saveDest,
     return bytesAllocated;
 }
 
-static int AddIPtoList(SfCidr* ipAddr,INFO ipInfo_ptr, ReputationConfig* config)
+static int AddIPtoList(snort::SfCidr* ipAddr,INFO ipInfo_ptr, ReputationConfig* config)
 {
     int iRet;
     int iFinalRet = IP_INSERT_SUCCESS;
@@ -388,7 +388,7 @@ static int AddIPtoList(SfCidr* ipAddr,INFO ipInfo_ptr, ReputationConfig* config)
 }
 
 // FIXIT-L X Remove this or at least move it to SfCidr?
-static int snort_pton__address(char const* src, SfCidr* dest)
+static int snort_pton__address(char const* src, snort::SfCidr* dest)
 {
     unsigned char _temp[sizeof(struct in6_addr)];
 
@@ -404,7 +404,7 @@ static int snort_pton__address(char const* src, SfCidr* dest)
 
 // FIXIT-L X Remove this or at least move it to SfCidr?
 #define isident(x) (isxdigit((x)) || (x) == ':' || (x) == '.')
-static int snort_pton(char const* src, SfCidr* dest)
+static int snort_pton(char const* src, snort::SfCidr* dest)
 {
     char ipbuf[INET6_ADDRSTRLEN];
     char cidrbuf[sizeof("128")];
@@ -528,7 +528,7 @@ static int snort_pton(char const* src, SfCidr* dest)
 
 static int ProcessLine(char* line, INFO info, ReputationConfig* config)
 {
-    SfCidr address;
+    snort::SfCidr address;
 
     if ( !line || *line == '\0' )
         return IP_INSERT_SUCCESS;

diff --git a/src/packet_io/active.cc b/src/packet_io/active.cc
index 9a05710c56e26a224ec823e747bd5515e674d841..029716ff9c4528f38970f6c17d9a53bb20e6d8ac 100644 (file)
--- a/src/packet_io/active.cc
+++ b/src/packet_io/active.cc
@@ -34,6 +34,8 @@
 
 #include "sfdaq.h"
 
+using namespace snort;
+
 #define MAX_ATTEMPTS 20
 
 // these can't be pkt flags because we do the handling
@@ -147,9 +149,9 @@ void Active::kill_session(Packet* p, EncodeFlags flags)
 
     default:
         if ( Active::packet_force_dropped() )
-            Active::send_unreach(p, UnreachResponse::FWD);
+            Active::send_unreach(p, snort::UnreachResponse::FWD);
         else
-            Active::send_unreach(p, UnreachResponse::PORT);
+            Active::send_unreach(p, snort::UnreachResponse::PORT);
         break;
     }
 }
@@ -216,7 +218,7 @@ void Active::send_reset(Packet* p, EncodeFlags ef)
     }
 }
 
-void Active::send_unreach(Packet* p, UnreachResponse type)
+void Active::send_unreach(Packet* p, snort::UnreachResponse type)
 {
     uint32_t len;
     const uint8_t* rej;

diff --git a/src/packet_io/active.h b/src/packet_io/active.h
index f33b4e5ea644e464426a50240c66bdf0d509ae2f..4ebd4be8142331522881f7f247f548ab81a48362 100644 (file)
--- a/src/packet_io/active.h
+++ b/src/packet_io/active.h
@@ -27,6 +27,8 @@
 
 #include "protocols/packet_manager.h"
 
+namespace snort
+{
 struct Packet;
 struct SnortConfig;
 
@@ -54,7 +56,7 @@ public:
     static void kill_session(Packet*, EncodeFlags = ENC_FLAG_FWD);
 
     static void send_reset(Packet*, EncodeFlags);
-    static void send_unreach(Packet*, UnreachResponse);
+    static void send_unreach(Packet*, snort::UnreachResponse);
     static bool send_data(Packet*, EncodeFlags, const uint8_t* buf, uint32_t len);
     static void inject_data(Packet*, EncodeFlags, const uint8_t* buf, uint32_t len);
 
@@ -138,6 +140,6 @@ struct ActiveSuspendContext
     ActiveSuspendContext() { Active::suspend(); }
     ~ActiveSuspendContext() { Active::resume(); }
 };
-
+}
 #endif
 

diff --git a/src/packet_io/intf.cc b/src/packet_io/intf.cc
index 46edc910a2fefe4c86fbb6f2c56e3ae3df86ca69..674717875a4fa9f78961a20c7902d021ae429b53 100644 (file)
--- a/src/packet_io/intf.cc
+++ b/src/packet_io/intf.cc
@@ -57,7 +57,7 @@ void PrintAllInterfaces()
             struct sockaddr_in* saddr = (struct sockaddr_in*)dev->addresses->addr;
             if ((saddr->sin_family == AF_INET) || (saddr->sin_family == AF_INET6))
             {
-                SfIp dev_ip;
+                snort::SfIp dev_ip;
                 dev_ip.set(&saddr->sin_addr, saddr->sin_family);
                 printf("\t%s", dev_ip.ntoa());
             }

diff --git a/src/packet_io/sfdaq.cc b/src/packet_io/sfdaq.cc
index 4c1ed27e0f6d29c6a343ef9eb041577bcec23371..3e73e983fc6dd17aa10bfb35891f74a8775511a3 100644 (file)
--- a/src/packet_io/sfdaq.cc
+++ b/src/packet_io/sfdaq.cc
@@ -39,6 +39,7 @@ extern "C" {
 
 #include "sfdaq_config.h"
 
+using namespace snort;
 using namespace std;
 
 #ifdef DEFAULT_DAQ

diff --git a/src/packet_io/sfdaq.h b/src/packet_io/sfdaq.h
index 1348c166a99b93f78e2ea25c63298b2221b46c64..6a8cb9db8c5f08e51066bca9e46f7f419c0ad77d 100644 (file)
--- a/src/packet_io/sfdaq.h
+++ b/src/packet_io/sfdaq.h
@@ -29,6 +29,8 @@
 #include "main/snort_types.h"
 #include "protocols/protocol_ids.h"
 
+namespace snort
+{
 struct Packet;
 struct SnortConfig;
 struct SfIp;
@@ -118,6 +120,6 @@ public:
     static bool forwarding_packet(const DAQ_PktHdr_t*);
     static bool break_loop(int error);
 };
-
+}
 #endif
 

diff --git a/src/packet_io/sfdaq_module.cc b/src/packet_io/sfdaq_module.cc
index 9ee6ca33da77906c01dd58b84430f7e58dc2d532..2761027fa5c8bdf9683ad3e22ff4339572ca646e 100644 (file)
--- a/src/packet_io/sfdaq_module.cc
+++ b/src/packet_io/sfdaq_module.cc
@@ -31,6 +31,8 @@
 
 #include "sfdaq_config.h"
 
+using namespace snort;
+
 #define sfdaq_help "configure packet acquisition interface"
 
 static const Parameter string_list_param[] =

diff --git a/src/packet_io/sfdaq_module.h b/src/packet_io/sfdaq_module.h
index 5f708ae77b821069c6888025f0b89c3fc7f0ee5e..7ba04b7c7b9f33274db23c7be3811a6d3f95ad2b 100644 (file)
--- a/src/packet_io/sfdaq_module.h
+++ b/src/packet_io/sfdaq_module.h
@@ -23,18 +23,21 @@
 
 #include "framework/module.h"
 
+namespace snort
+{
 struct SnortConfig;
+}
 struct SFDAQConfig;
 struct SFDAQInstanceConfig;
 
-class SFDAQModule : public Module
+class SFDAQModule : public snort::Module
 {
 public:
     SFDAQModule();
 
-    bool set(const char*, Value&, SnortConfig*) override;
-    bool begin(const char*, int, SnortConfig*) override;
-    bool end(const char*, int, SnortConfig*) override;
+    bool set(const char*, snort::Value&, snort::SnortConfig*) override;
+    bool begin(const char*, int, snort::SnortConfig*) override;
+    bool end(const char*, int, snort::SnortConfig*) override;
 
     const PegInfo* get_pegs() const override;
     PegCount* get_counts() const override;

diff --git a/src/packet_io/test/sfdaq_module_test.cc b/src/packet_io/test/sfdaq_module_test.cc
index 5eafcfe5ae980b23b70b458fb3bfc5ee67427d39..0690b5b3c1377f2da9e7e17c090106cd474dcafc 100644 (file)
--- a/src/packet_io/test/sfdaq_module_test.cc
+++ b/src/packet_io/test/sfdaq_module_test.cc
@@ -31,6 +31,8 @@
 #include "packet_io/sfdaq_config.h"
 #include "packet_io/sfdaq_module.h"
 
+using namespace snort;
+
 TEST_CASE("Kitchen Sink", "[SFDAQModule]")
 {
     SFDAQModule sfdm;

diff --git a/src/packet_io/trough.cc b/src/packet_io/trough.cc
index b5d6fbc13fc7f09eb628274a9bab74fde090f235..e47101491b4460fc1308352ef19be2e66c46ca97 100644 (file)
--- a/src/packet_io/trough.cc
+++ b/src/packet_io/trough.cc
@@ -76,14 +76,14 @@ int Trough::get_pcaps(std::vector<struct PcapReadObject> &pol)
                             continue;
 
                         /* do a quick check to make sure file exists */
-                        if (SnortConfig::read_mode() && stat(pcap_name.c_str(), &sb) == -1)
+                        if (snort::SnortConfig::read_mode() && stat(pcap_name.c_str(), &sb) == -1)
                         {
                             ErrorMessage("Error getting stat on pcap file: %s: %s\n",
                                     pcap_name.c_str(), get_error(errno));
                             pcap_list_file.close();
                             return -1;
                         }
-                        else if (SnortConfig::read_mode() && S_ISDIR(sb.st_mode))
+                        else if (snort::SnortConfig::read_mode() && S_ISDIR(sb.st_mode))
                         {
                             Directory pcap_dir(pcap_name.c_str(), filter.c_str());
                             std::vector<std::string> tmp_queue;
@@ -102,7 +102,7 @@ int Trough::get_pcaps(std::vector<struct PcapReadObject> &pol)
                             pcap_queue.reserve(pcap_queue.size() + tmp_queue.size());
                             pcap_queue.insert(pcap_queue.end(), tmp_queue.begin(), tmp_queue.end());
                         }
-                        else if (!SnortConfig::read_mode() || S_ISREG(sb.st_mode))
+                        else if (!snort::SnortConfig::read_mode() || S_ISREG(sb.st_mode))
                         {
                             if (filter.empty() ||
                                 (fnmatch(filter.c_str(), pcap_name.c_str(), 0) == 0))
@@ -147,7 +147,7 @@ int Trough::get_pcaps(std::vector<struct PcapReadObject> &pol)
                             i = ++pos;
                         }
                         /* do a quick check to make sure file exists */
-                        if (SnortConfig::read_mode())
+                        if (snort::SnortConfig::read_mode())
                         {
                             if (stat(pcap_name.c_str(), &sb) == -1)
                             {

diff --git a/src/parser/cmd_line.cc b/src/parser/cmd_line.cc
index 4f03aab2f882faf6fd2a3af8fd343e5a7de03c31..0f27a31330e12c5905e6364db6c5d227f3208b15 100644 (file)
--- a/src/parser/cmd_line.cc
+++ b/src/parser/cmd_line.cc
@@ -32,6 +32,7 @@
 
 #include "arg_list.h"
 
+using namespace snort;
 using namespace std;
 
 //-------------------------------------------------------------------------

diff --git a/src/parser/cmd_line.h b/src/parser/cmd_line.h
index 15a8081eee00951a0254643f2e7a703083a41ac2..a8c52447c2e32d13daccfa95708d793f5a313da4 100644 (file)
--- a/src/parser/cmd_line.h
+++ b/src/parser/cmd_line.h
@@ -20,7 +20,12 @@
 #ifndef CMD_LINE_H
 #define CMD_LINE_H
 
-struct SnortConfig* parse_cmd_line(int argc, char* argv[]);
+namespace snort
+{
+struct SnortConfig;
+}
+
+snort::SnortConfig* parse_cmd_line(int argc, char* argv[]);
 
 #endif
 

diff --git a/src/parser/config_file.cc b/src/parser/config_file.cc
index 037ebb0f4c7baa1c0ff4d8cc03efd86067d54df2..f0da3777ff3304cd4de92a6d75e312da30f3a7c2 100644 (file)
--- a/src/parser/config_file.cc
+++ b/src/parser/config_file.cc
@@ -166,13 +166,13 @@ static int GetChecksumFlags(const char* args)
 
 void ConfigChecksumDrop(const char* args)
 {
-    NetworkPolicy* policy = get_network_policy();
+    NetworkPolicy* policy = snort::get_network_policy();
     policy->checksum_drop = GetChecksumFlags(args);
 }
 
 void ConfigChecksumMode(const char* args)
 {
-    NetworkPolicy* policy = get_network_policy();
+    NetworkPolicy* policy = snort::get_network_policy();
     policy->checksum_eval = GetChecksumFlags(args);
 }
 
@@ -180,7 +180,7 @@ void config_conf(const char* val)
 {
     lua_conf = val;
     SetSnortConfDir(lua_conf.c_str());
-    Snort::set_main_hook(DetectionEngine::inspect);
+    snort::Snort::set_main_hook(snort::DetectionEngine::inspect);
 }
 
 void SetSnortConfDir(const char* file)

diff --git a/src/parser/parse_conf.cc b/src/parser/parse_conf.cc
index 9373c4d394bc934d387dbb00a07af42a47836109..6be94f9466b483160046c50d1be029d1162bbbe1 100644 (file)
--- a/src/parser/parse_conf.cc
+++ b/src/parser/parse_conf.cc
@@ -42,6 +42,8 @@
 #include "parse_stream.h"
 #include "vars.h"
 
+using namespace snort;
+
 struct Location
 {
     std::string file;
@@ -120,7 +122,7 @@ void parse_include(SnortConfig* sc, const char* arg)
 void ParseIpVar(SnortConfig* sc, const char* var, const char* val)
 {
     int ret;
-    IpsPolicy* p = get_ips_policy();  // FIXIT-M double check, see below
+    IpsPolicy* p = snort::get_ips_policy();  // FIXIT-M double check, see below
     DisallowCrossTableDuplicateVars(sc, var, VAR_TYPE__IPVAR);
 
     if ((ret = sfvt_define(p->ip_vartable, var, val)) != SFIP_SUCCESS)
@@ -152,8 +154,7 @@ void ParseIpVar(SnortConfig* sc, const char* var, const char* val)
     }
 }
 
-void add_service_to_otn(
-    SnortConfig* sc, OptTreeNode* otn, const char* svc_name)
+void add_service_to_otn(SnortConfig* sc, OptTreeNode* otn, const char* svc_name)
 {
     if (otn->sigInfo.num_services >= sc->max_metadata_services)
     {

diff --git a/src/parser/parse_conf.h b/src/parser/parse_conf.h
index 568ebd2a4e1ed5ef4eae203a97e57ee6e23930c6..b32d5ef1fbec237889eb94a08d72e169b394be42 100644 (file)
--- a/src/parser/parse_conf.h
+++ b/src/parser/parse_conf.h
@@ -26,18 +26,21 @@ void parse_conf_init();
 void parse_conf_term();
 void parse_conf_print();
 
+namespace snort
+{
 struct SnortConfig;
+}
 
-void ParseConfigFile(SnortConfig*, const char* fname);
-void ParseConfigString(SnortConfig*, const char* str);
+void ParseConfigFile(snort::SnortConfig*, const char* fname);
+void ParseConfigString(snort::SnortConfig*, const char* str);
 
-void parse_include(SnortConfig*, const char*);
+void parse_include(snort::SnortConfig*, const char*);
 
-void AddRuleState(SnortConfig*, const RuleState&);
-void add_service_to_otn(SnortConfig*, OptTreeNode*, const char*);
+void AddRuleState(snort::SnortConfig*, const RuleState&);
+void add_service_to_otn(snort::SnortConfig*, OptTreeNode*, const char*);
 
-Actions::Type get_rule_type(const char*);
-ListHead* get_rule_list(SnortConfig*, const char*);
+snort::Actions::Type get_rule_type(const char*);
+ListHead* get_rule_list(snort::SnortConfig*, const char*);
 
 #endif
 

diff --git a/src/parser/parse_ip.cc b/src/parser/parse_ip.cc
index 622caf3d5a46bd3daa7553d3abb9895f86beaffd..a75dd6716e63bad7c51cc64d160317a1e1246299 100644 (file)
--- a/src/parser/parse_ip.cc
+++ b/src/parser/parse_ip.cc
@@ -35,7 +35,7 @@ sfip_var_t* sfip_var_from_string(const char* addr)
     int ret_code;
     vartable_t* ip_vartable;
 
-    ip_vartable = get_ips_policy()->ip_vartable;
+    ip_vartable = snort::get_ips_policy()->ip_vartable;
 
     DebugFormat(DEBUG_CONFIGRULES,"Got address string: %s\n", addr);
 

diff --git a/src/parser/parse_ports.cc b/src/parser/parse_ports.cc
index 24615a003836bc3b00dd3f9205283544e5846e78..954b8b43c902df10c3d2cc40512b9c87d23bc37b 100644 (file)
--- a/src/parser/parse_ports.cc
+++ b/src/parser/parse_ports.cc
@@ -290,7 +290,7 @@ static PortObject* _POParsePort(POParser* pop)
             (c == ','))
         {
             /* Open ended range, highport is 65k */
-            hport = MAX_PORTS-1;
+            hport = snort::MAX_PORTS - 1;
             PortObjectAddRange(po, lport, hport);
             return po;
         }

diff --git a/src/parser/parse_rule.cc b/src/parser/parse_rule.cc
index 5099e9e957e7801d27cdd632fe80fd47870f223c..a96ed0335dda5f41111161550f1bd4ad28742a4e 100644 (file)
--- a/src/parser/parse_rule.cc
+++ b/src/parser/parse_rule.cc
@@ -54,6 +54,8 @@
 #include "parse_conf.h"
 #include "parse_ports.h"
 
+using namespace snort;
+
 #define SRC  0
 #define DST  1
 
@@ -349,10 +351,9 @@ static int ValidateIPList(sfip_var_t* addrset, const char* token)
     return 0;
 }
 
-static int ProcessIP(
-    SnortConfig*, const char* addr, RuleTreeNode* rtn, int mode, int)
+static int ProcessIP(SnortConfig*, const char* addr, RuleTreeNode* rtn, int mode, int)
 {
-    vartable_t* ip_vartable = get_ips_policy()->ip_vartable;
+    vartable_t* ip_vartable = snort::get_ips_policy()->ip_vartable;
 
     assert(rtn);
     /* If a rule has a variable in it, we want to copy that variable's
@@ -869,7 +870,7 @@ static RuleTreeNode* ProcessHeadNode(
     SnortConfig* sc, RuleTreeNode* test_node, ListHead* list)
 {
     RuleTreeNode* rtn = findHeadNode(
-        sc, test_node, get_ips_policy()->policy_id);
+        sc, test_node, snort::get_ips_policy()->policy_id);
 
     /* if it doesn't match any of the existing nodes, make a new node and
      * stick it at the end of the list */
@@ -957,7 +958,7 @@ static int mergeDuplicateOtn(
     {
         RuleTreeNode* rtnTmp2 = deleteRtnFromOtn(otn_cur, i, sc, (rtn_cur != rtn_new));
 
-        if ( rtnTmp2 and (i != get_ips_policy()->policy_id) )
+        if ( rtnTmp2 and (i != snort::get_ips_policy()->policy_id) )
         {
             addRtnToOtn(sc, otn_new, rtnTmp2, i);
         }
@@ -1113,7 +1114,7 @@ void parse_rule_ports(
     if ( s_ignore )
         return;
 
-    IpsPolicy* p = get_ips_policy();
+    IpsPolicy* p = snort::get_ips_policy();
 
     if ( ParsePortList(&rtn, p->portVarTable, p->nonamePortVarTable, s, src ? SRC : DST) )
     {

diff --git a/src/parser/parse_rule.h b/src/parser/parse_rule.h
index faed0b3f6f5cfe1d11b7dfb11e2d3f5321c27269..02b680f4b19a3e3b345c294248f4716dd8e3a4a6 100644 (file)
--- a/src/parser/parse_rule.h
+++ b/src/parser/parse_rule.h
@@ -23,26 +23,29 @@
 #include "detection/rules.h"
 #include "framework/ips_option.h"
 
+namespace snort
+{
+struct SnortConfig;
+}
 struct OptFpList;
 struct OptTreeNode;
 struct RuleTreeNode;
-struct SnortConfig;
 
 void parse_rule_init();
 void parse_rule_term();
 void parse_rule_print();
 
-void parse_rule_type(SnortConfig*, const char*, RuleTreeNode&);
-void parse_rule_proto(SnortConfig*, const char*, RuleTreeNode&);
-void parse_rule_nets(SnortConfig*, const char*, bool src, RuleTreeNode&);
-void parse_rule_ports(SnortConfig*, const char*, bool src, RuleTreeNode&);
-void parse_rule_dir(SnortConfig*, const char*, RuleTreeNode&);
-void parse_rule_opt_begin(SnortConfig*, const char* key);
+void parse_rule_type(snort::SnortConfig*, const char*, RuleTreeNode&);
+void parse_rule_proto(snort::SnortConfig*, const char*, RuleTreeNode&);
+void parse_rule_nets(snort::SnortConfig*, const char*, bool src, RuleTreeNode&);
+void parse_rule_ports(snort::SnortConfig*, const char*, bool src, RuleTreeNode&);
+void parse_rule_dir(snort::SnortConfig*, const char*, RuleTreeNode&);
+void parse_rule_opt_begin(snort::SnortConfig*, const char* key);
 void parse_rule_opt_set(
-    SnortConfig*, const char* key, const char* opt, const char* val);
-void parse_rule_opt_end(SnortConfig*, const char* key, OptTreeNode*);
-OptTreeNode* parse_rule_open(SnortConfig*, RuleTreeNode&, bool stub = false);
-const char* parse_rule_close(SnortConfig*, RuleTreeNode&, OptTreeNode*);
+    snort::SnortConfig*, const char* key, const char* opt, const char* val);
+void parse_rule_opt_end(snort::SnortConfig*, const char* key, OptTreeNode*);
+OptTreeNode* parse_rule_open(snort::SnortConfig*, RuleTreeNode&, bool stub = false);
+const char* parse_rule_close(snort::SnortConfig*, RuleTreeNode&, OptTreeNode*);
 
 int get_rule_count();
 

diff --git a/src/parser/parse_stream.cc b/src/parser/parse_stream.cc
index 621c73b623c4593470aa160b9967a5794a161a2f..e07ecb4410b480022c2a88a9e2f978962a843b4a 100644 (file)
--- a/src/parser/parse_stream.cc
+++ b/src/parser/parse_stream.cc
@@ -484,11 +484,11 @@ struct RuleParseState
     { otn = nullptr; }
 };
 
-static void parse_body(const char*, RuleParseState&, struct SnortConfig*);
+static void parse_body(const char*, RuleParseState&, struct snort::SnortConfig*);
 
 static bool exec(
     FsmAction act, string& tok,
-    RuleParseState& rps, SnortConfig* sc)
+    RuleParseState& rps, snort::SnortConfig* sc)
 {
     switch ( act )
     {
@@ -626,7 +626,7 @@ static int get_escape(const string& s)
 // parse_body() is called at the end of a stub rule to parse the detection
 // options in an so rule.  similar to parse_stream() except we start in a
 // different state.
-static void parse_body(const char* extra, RuleParseState& rps, struct SnortConfig* sc)
+static void parse_body(const char* extra, RuleParseState& rps, snort::SnortConfig* sc)
 {
     stringstream is(extra);
 
@@ -656,7 +656,7 @@ static void parse_body(const char* extra, RuleParseState& rps, struct SnortConfi
     }
 }
 
-void parse_stream(istream& is, struct SnortConfig* sc)
+void parse_stream(istream& is, snort::SnortConfig* sc)
 {
     string tok;
     TokenType type;

diff --git a/src/parser/parse_stream.h b/src/parser/parse_stream.h
index 64c320fe3c7aba1b02e76e2f85f72f7c70391a68..c2abb3f4f2797fdb3da38f2a1c9dd6fd61d00c4b 100644 (file)
--- a/src/parser/parse_stream.h
+++ b/src/parser/parse_stream.h
@@ -20,9 +20,14 @@
 #ifndef PARSE_STREAM_H
 #define PARSE_STREAM_H
 
+namespace snort
+{
+struct SnortConfig;
+}
+
 #include <istream>
 
-void parse_stream(std::istream&, struct SnortConfig*);
+void parse_stream(std::istream&, snort::SnortConfig*);
 
 #endif
 

diff --git a/src/parser/parser.cc b/src/parser/parser.cc
index c691d0ebe4280193d138a29bfbe8ddf568d06b8d..3c59dcb22f971ff215624d8314520d48b28f7e87 100644 (file)
--- a/src/parser/parser.cc
+++ b/src/parser/parser.cc
@@ -55,6 +55,8 @@
 #include "parse_stream.h"
 #include "vars.h"
 
+using namespace snort;
+
 bool parsing_follows_files = false;
 
 static struct rule_index_map_t* ruleIndexMap = nullptr;
@@ -774,7 +776,7 @@ RuleTreeNode* deleteRtnFromOtn(OptTreeNode* otn, PolicyId policyId, SnortConfig*
 
 RuleTreeNode* deleteRtnFromOtn(OptTreeNode* otn, SnortConfig* sc)
 {
-    return deleteRtnFromOtn(otn, get_ips_policy()->policy_id, sc);
+    return deleteRtnFromOtn(otn, snort::get_ips_policy()->policy_id, sc);
 }
 
 static uint32_t rtn_hash_func(HashFnc*, const unsigned char *k, int)
@@ -880,7 +882,7 @@ int addRtnToOtn(SnortConfig* sc, OptTreeNode* otn, RuleTreeNode* rtn, PolicyId p
 
 int addRtnToOtn(SnortConfig*sc, OptTreeNode* otn, RuleTreeNode* rtn)
 {
-    return addRtnToOtn(sc, otn, rtn, get_ips_policy()->policy_id);
+    return addRtnToOtn(sc, otn, rtn, snort::get_ips_policy()->policy_id);
 }
 
 void rule_index_map_print_index(int index, char* buf, int bufsize)

diff --git a/src/parser/parser.h b/src/parser/parser.h
index a7c38bc06c464191350d5426ca3a3382885f3903..43e70b72c19891a31599c7575b7d8690ad068842 100644 (file)
--- a/src/parser/parser.h
+++ b/src/parser/parser.h
@@ -24,8 +24,13 @@
 #include "detection/treenodes.h"
 #include "main/policy.h"
 
+namespace snort
+{
+struct SnortConfig;
+}
+
 void parser_init();
-void parser_term(SnortConfig*);
+void parser_term(snort::SnortConfig*);
 
 // line > 0 implies name is non-null
 void get_parse_location(const char*& name, unsigned& line);
@@ -36,28 +41,28 @@ void push_parse_location(const char* name, unsigned line = 1);
 void pop_parse_location();
 void inc_parse_position();
 
-SnortConfig* ParseSnortConf(const SnortConfig*, const char* fname = nullptr);
-void ParseRules(SnortConfig*);
+snort::SnortConfig* ParseSnortConf(const snort::SnortConfig*, const char* fname = nullptr);
+void ParseRules(snort::SnortConfig*);
 
-void OrderRuleLists(SnortConfig*, const char*);
+void OrderRuleLists(snort::SnortConfig*, const char*);
 void PrintRuleOrder(RuleListNode*);
 
-char* ProcessFileOption(SnortConfig*, const char*);
-void SetRuleStates(SnortConfig*);
+char* ProcessFileOption(snort::SnortConfig*, const char*);
+void SetRuleStates(snort::SnortConfig*);
 
-void FreeRuleLists(SnortConfig*);
-void VarTablesFree(SnortConfig*);
+void FreeRuleLists(snort::SnortConfig*);
+void VarTablesFree(snort::SnortConfig*);
 
 void parser_append_rules(const char*);
 
 int ParseBool(const char* arg);
 
-int addRtnToOtn(SnortConfig*, struct OptTreeNode*, RuleTreeNode*);
-int addRtnToOtn(SnortConfig*, struct OptTreeNode*, RuleTreeNode*, PolicyId);
+int addRtnToOtn(snort::SnortConfig*, struct OptTreeNode*, RuleTreeNode*);
+int addRtnToOtn(snort::SnortConfig*, struct OptTreeNode*, RuleTreeNode*, PolicyId);
 
 bool same_headers(RuleTreeNode*, RuleTreeNode*);
-RuleTreeNode* deleteRtnFromOtn(OptTreeNode*, SnortConfig* sc = nullptr);
-RuleTreeNode* deleteRtnFromOtn(struct OptTreeNode*, PolicyId, SnortConfig* sc = nullptr, bool remove = true);
+RuleTreeNode* deleteRtnFromOtn(OptTreeNode*, snort::SnortConfig* sc = nullptr);
+RuleTreeNode* deleteRtnFromOtn(struct OptTreeNode*, PolicyId, snort::SnortConfig* sc = nullptr, bool remove = true);
 
 inline RuleTreeNode* getRtnFromOtn(const struct OptTreeNode* otn, PolicyId policyId)
 {
@@ -70,7 +75,7 @@ inline RuleTreeNode* getRtnFromOtn(const struct OptTreeNode* otn, PolicyId polic
 
 inline RuleTreeNode* getRtnFromOtn(const struct OptTreeNode* otn)
 {
-    return getRtnFromOtn(otn, get_ips_policy()->policy_id);
+    return getRtnFromOtn(otn, snort::get_ips_policy()->policy_id);
 }
 
 inline RuleTreeNode* getRuntimeRtnFromOtn(const struct OptTreeNode* otn)
@@ -78,7 +83,7 @@ inline RuleTreeNode* getRuntimeRtnFromOtn(const struct OptTreeNode* otn)
     return getRtnFromOtn(otn);
 }
 
-ListHead* CreateRuleType(SnortConfig* sc, const char* name, Actions::Type);
+ListHead* CreateRuleType(snort::SnortConfig* sc, const char* name, snort::Actions::Type);
 
 void FreeRuleTreeNode(RuleTreeNode*);
 void DestroyRuleTreeNode(RuleTreeNode*);

diff --git a/src/parser/vars.cc b/src/parser/vars.cc
index 67c30430fec98dd66dc098b8cd9944fa1f4104fe..16eaea1d77674a15b1a2fb585b6e039916c2b8fb 100644 (file)
--- a/src/parser/vars.cc
+++ b/src/parser/vars.cc
@@ -36,6 +36,8 @@
 #include "catch/snort_catch.h"
 #endif
 
+using namespace snort;
+
 //-------------------------------------------------------------------------
 // var node stuff
 //-------------------------------------------------------------------------
@@ -126,7 +128,7 @@ int PortVarDefine(SnortConfig* sc, const char* name, const char* s)
     PortObject* po;
     POParser pop;
     int rstat;
-    PortVarTable* portVarTable = get_ips_policy()->portVarTable;
+    PortVarTable* portVarTable = snort::get_ips_policy()->portVarTable;
 
     DisallowCrossTableDuplicateVars(sc, name, VAR_TYPE__PORTVAR);
 
@@ -365,7 +367,7 @@ int VarIsIpList(vartable_t* ip_vartable, const char* value)
 void DisallowCrossTableDuplicateVars(
     SnortConfig*, const char* name, VarType var_type)
 {
-    IpsPolicy* dp = get_ips_policy();
+    IpsPolicy* dp = snort::get_ips_policy();
     VarEntry* var_table = dp->var_table;
     PortVarTable* portVarTable = dp->portVarTable;
     vartable_t* ip_vartable = dp->ip_vartable;
@@ -456,7 +458,7 @@ void DisallowCrossTableDuplicateVars(
 VarEntry* VarDefine(
     SnortConfig* sc, const char* name, const char* value)
 {
-    IpsPolicy* dp = get_ips_policy();
+    IpsPolicy* dp = snort::get_ips_policy();
     VarEntry* var_table = dp->var_table;
     vartable_t* ip_vartable = dp->ip_vartable;
     VarEntry* p;
@@ -650,7 +652,7 @@ void DeleteVars(VarEntry* var_table)
 
 const char* VarSearch(SnortConfig* sc, const char* name)
 {
-    IpsPolicy* dp = get_ips_policy();
+    IpsPolicy* dp = snort::get_ips_policy();
     VarEntry* var_table = dp->var_table;
     PortVarTable* portVarTable = dp->portVarTable;
     vartable_t* ip_vartable = dp->ip_vartable;

diff --git a/src/parser/vars.h b/src/parser/vars.h
index 3edda1c21de306588e19fdcddc94bd0f3c394560..b531d4a7dc839717fd394394cd09894e2c6be9fc 100644 (file)
--- a/src/parser/vars.h
+++ b/src/parser/vars.h
@@ -24,7 +24,10 @@
 
 #include "sfip/sf_vartable.h"
 
+namespace snort
+{
 struct SnortConfig;
+}
 
 //-------------------------------------------------------------------------
 // var node stuff
@@ -38,7 +41,7 @@ struct VarNode
     VarNode* next;
 };
 
-void config_set_var(SnortConfig*, const char*);
+void config_set_var(snort::SnortConfig*, const char*);
 void FreeVarList(VarNode*);
 
 //-------------------------------------------------------------------------
@@ -58,15 +61,15 @@ struct VarEntry
     VarEntry* next;
 };
 
-VarEntry* VarDefine(SnortConfig*, const char* name, const char* value);
-int PortVarDefine(SnortConfig*, const char* name, const char* s);
+VarEntry* VarDefine(snort::SnortConfig*, const char* name, const char* value);
+int PortVarDefine(snort::SnortConfig*, const char* name, const char* s);
 
 // FIXIT-L put ParseIpVar() definition and declaration in matching files
-void ParseIpVar(SnortConfig*, const char* name, const char* s);
+void ParseIpVar(snort::SnortConfig*, const char* name, const char* s);
 
 VarEntry* VarAlloc();
 void DeleteVars(VarEntry* var_table);
-void AddVarToTable(SnortConfig*, const char*, const char*);
+void AddVarToTable(snort::SnortConfig*, const char*, const char*);
 
 enum VarType
 {
@@ -77,10 +80,10 @@ enum VarType
 
 int VarIsIpAddr(vartable_t* ip_vartable, const char* value);
 int VarIsIpList(vartable_t* ip_vartable, const char* value);
-void DisallowCrossTableDuplicateVars(SnortConfig*, const char* name, VarType var_type);
+void DisallowCrossTableDuplicateVars(snort::SnortConfig*, const char* name, VarType var_type);
 
-const char* VarSearch(SnortConfig*, const char* name);
-const char* ExpandVars(SnortConfig*, const char* string);
+const char* VarSearch(snort::SnortConfig*, const char* name);
+const char* ExpandVars(snort::SnortConfig*, const char* string);
 
 #endif
 

diff --git a/src/piglet/piglet.cc b/src/piglet/piglet.cc
index 1c4cec09ab08898c1a7b701e2975422041031e75..205fa851ee2d1fdd617ad0a2feab10bf1899bdeb 100644 (file)
--- a/src/piglet/piglet.cc
+++ b/src/piglet/piglet.cc
@@ -43,5 +43,5 @@ int main()
 }
 
 bool piglet_mode()
-{ return SnortConfig::get_conf()->run_flags & RUN_FLAG__PIGLET; }
+{ return snort::SnortConfig::get_conf()->run_flags & RUN_FLAG__PIGLET; }
 } // namespace Piglet

diff --git a/src/piglet/piglet_api.h b/src/piglet/piglet_api.h
index 5d19ef7efb6f7fe70997b7d8ba62713f7df4227a..e1e8a02f690a775c199e9c8912185902fc0d2dde 100644 (file)
--- a/src/piglet/piglet_api.h
+++ b/src/piglet/piglet_api.h
@@ -30,8 +30,11 @@
 #include "main/snort_types.h"
 
 struct lua_State;
+namespace snort
+{
 class Module;
 struct SnortConfig;
+}
 
 #define PIGLET_API_VERSION 1
 
@@ -47,7 +50,7 @@ class SO_PUBLIC BasePlugin
 {
 public:
     BasePlugin(Lua::State& lua, const std::string& t,
-        Module* m = nullptr, SnortConfig* sc = nullptr) :
+        snort::Module* m = nullptr, snort::SnortConfig* sc = nullptr) :
         L { lua.get_ptr() }, target { t },
         module { m }, snort_conf { sc } { }
 
@@ -69,8 +72,8 @@ public:
 protected:
     lua_State* L;
     std::string target;
-    Module* module;
-    SnortConfig* snort_conf;
+    snort::Module* module;
+    snort::SnortConfig* snort_conf;
 
     std::string error;  // FIXIT-L unused
 
@@ -85,7 +88,7 @@ private:
 // Plugin ctor/dtor
 //--------------------------------------------------------------------------
 
-using PluginCtor = BasePlugin* (*)(Lua::State&, const std::string&, Module*, SnortConfig*);
+using PluginCtor = BasePlugin* (*)(Lua::State&, const std::string&, snort::Module*, snort::SnortConfig*);
 using PluginDtor = void (*)(BasePlugin*);
 
 //--------------------------------------------------------------------------
@@ -94,7 +97,7 @@ using PluginDtor = void (*)(BasePlugin*);
 
 struct Api
 {
-    BaseApi base;
+    snort::BaseApi base;
     PluginCtor ctor;
     PluginDtor dtor;
     PlugType target;

diff --git a/src/piglet/piglet_manager.cc b/src/piglet/piglet_manager.cc
index 6720228b0a04382912d6eb293c6c8603fb576747..c8d2100923775ad62affc75c38accfe57ed537a0 100644 (file)
--- a/src/piglet/piglet_manager.cc
+++ b/src/piglet/piglet_manager.cc
@@ -35,10 +35,14 @@
 
 #define PLUGIN_KEY_SEP "::"
 
+namespace snort
+{
 class Module;
+}
 
 namespace Piglet
 {
+using namespace snort;
 using namespace std;
 
 // -----------------------------------------------------------------------------

diff --git a/src/piglet_plugins/piglet_plugins.cc b/src/piglet_plugins/piglet_plugins.cc
index 060c58d91b400ace34421fd9a5e6cc194fdb4ec7..44395c589a72d753e469d88886766f0ebd3ee2c2 100644 (file)
--- a/src/piglet_plugins/piglet_plugins.cc
+++ b/src/piglet_plugins/piglet_plugins.cc
@@ -25,6 +25,8 @@
 
 #include "managers/plugin_manager.h"
 
+using namespace snort;
+
 extern const BaseApi* pp_codec;
 extern const BaseApi* pp_inspector;
 extern const BaseApi* pp_ips_action;

diff --git a/src/piglet_plugins/pp_buffer_iface.cc b/src/piglet_plugins/pp_buffer_iface.cc
index e660bb09dbd926677026fc36c31490db8ef0af5c..a45e45116d01aa1023d425862c12a11943de32dc 100644 (file)
--- a/src/piglet_plugins/pp_buffer_iface.cc
+++ b/src/piglet_plugins/pp_buffer_iface.cc
@@ -28,6 +28,8 @@
 
 #include "pp_raw_buffer_iface.h"
 
+using namespace snort;
+
 static const luaL_Reg methods[] =
 {
     {

diff --git a/src/piglet_plugins/pp_buffer_iface.h b/src/piglet_plugins/pp_buffer_iface.h
index 32b63783e7ee14cb1cb2fcf4aadc8c29e6adb84b..7acad3a13db8ab34fabeca635c23f8370eb71d2b 100644 (file)
--- a/src/piglet_plugins/pp_buffer_iface.h
+++ b/src/piglet_plugins/pp_buffer_iface.h
@@ -22,8 +22,11 @@
 
 #include "lua/lua_iface.h"
 
+namespace snort
+{
 struct Buffer;
+}
 
-extern const struct Lua::TypeInterface<Buffer> BufferIface;
+extern const struct Lua::TypeInterface<snort::Buffer> BufferIface;
 
 #endif

diff --git a/src/piglet_plugins/pp_codec.cc b/src/piglet_plugins/pp_codec.cc
index fe76d5229664296edf3a2de8b0345fa8c9d3f318..0ae5fd5e785c5bb99010bf36b2257ecbe00ded45 100644 (file)
--- a/src/piglet_plugins/pp_codec.cc
+++ b/src/piglet_plugins/pp_codec.cc
@@ -32,6 +32,8 @@
 #include "pp_enc_state_iface.h"
 #include "pp_raw_buffer_iface.h"
 
+using namespace snort;
+
 class CodecPiglet : public Piglet::BasePlugin
 {
 public:

diff --git a/src/piglet_plugins/pp_codec_data_iface.cc b/src/piglet_plugins/pp_codec_data_iface.cc
index 005ec154fbdc1832605b671356f9c558f5f866f7..56a0924c4c159a331947a11cd70fb9c691ea6c85 100644 (file)
--- a/src/piglet_plugins/pp_codec_data_iface.cc
+++ b/src/piglet_plugins/pp_codec_data_iface.cc
@@ -26,6 +26,8 @@
 #include "framework/codec.h"
 #include "lua/lua_arg.h"
 
+using namespace snort;
+
 static void set_fields(lua_State* L, int tindex, CodecData& self)
 {
     Lua::Table table(L, tindex);

diff --git a/src/piglet_plugins/pp_codec_data_iface.h b/src/piglet_plugins/pp_codec_data_iface.h
index 55a3a07c29150732848aefa5bbd38f5426c7366f..efb809dea3d9d2b493076ee3a28b6d633e057003 100644 (file)
--- a/src/piglet_plugins/pp_codec_data_iface.h
+++ b/src/piglet_plugins/pp_codec_data_iface.h
@@ -22,8 +22,11 @@
 
 #include "lua/lua_iface.h"
 
+namespace snort
+{
 struct CodecData;
+}
 
-extern const struct Lua::TypeInterface<CodecData> CodecDataIface;
+extern const struct Lua::TypeInterface<snort::CodecData> CodecDataIface;
 
 #endif

diff --git a/src/piglet_plugins/pp_codec_iface.cc b/src/piglet_plugins/pp_codec_iface.cc
index 4e994c8ed2fc36c3f0c4f4786db4305b34a06e37..9e93f8670fd0825e981b7bbedeca25f3b7ed7241 100644 (file)
--- a/src/piglet_plugins/pp_codec_iface.cc
+++ b/src/piglet_plugins/pp_codec_iface.cc
@@ -36,6 +36,8 @@
 #include "pp_ip_api_iface.h"
 #include "pp_raw_buffer_iface.h"
 
+using namespace snort;
+
 // FIXIT-M delete this, and make the IpApi arg in codec.update required
 static const ip::IpApi default_ip_api {};
 

diff --git a/src/piglet_plugins/pp_codec_iface.h b/src/piglet_plugins/pp_codec_iface.h
index 6cf1985997e25886108a697472b765342886a4f8..358989db7ca62eed5b485d03249d3a2a268fa5c0 100644 (file)
--- a/src/piglet_plugins/pp_codec_iface.h
+++ b/src/piglet_plugins/pp_codec_iface.h
@@ -22,8 +22,11 @@
 
 #include "lua/lua_iface.h"
 
+namespace snort
+{
 class Codec;
+}
 
-extern const struct Lua::InstanceInterface<Codec> CodecIface;
+extern const struct Lua::InstanceInterface<snort::Codec> CodecIface;
 
 #endif

diff --git a/src/piglet_plugins/pp_cursor_iface.cc b/src/piglet_plugins/pp_cursor_iface.cc
index c7c6f68181fc346d0602cb8c8162c77beec79478..85ae6d0c2cd96e09b8d48688343df48d21cbface 100644 (file)
--- a/src/piglet_plugins/pp_cursor_iface.cc
+++ b/src/piglet_plugins/pp_cursor_iface.cc
@@ -30,6 +30,8 @@
 #include "pp_packet_iface.h"
 #include "pp_raw_buffer_iface.h"
 
+using namespace snort;
+
 static void reset_from_packet(
     lua_State* L, Cursor& self, Packet& p, int p_idx)
 {

diff --git a/src/piglet_plugins/pp_enc_state_iface.cc b/src/piglet_plugins/pp_enc_state_iface.cc
index d7afa9f54812003f2ee0dd6e4ee8262bb1047bff..8c85f5a89b4e57f7569fee7d4e67aa7c4ba0c719 100644 (file)
--- a/src/piglet_plugins/pp_enc_state_iface.cc
+++ b/src/piglet_plugins/pp_enc_state_iface.cc
@@ -26,6 +26,8 @@
 #include "framework/codec.h"
 #include "lua/lua_arg.h"
 
+using namespace snort;
+
 // FIXIT-M ip_api should also be its own object (copyable)
 static const class ip::IpApi ip_api {};
 

diff --git a/src/piglet_plugins/pp_enc_state_iface.h b/src/piglet_plugins/pp_enc_state_iface.h
index c13d9b5ce8d112dd560c1417f7a814efc583a3f8..7859b69846ef394a5480024062600d2f84046367 100644 (file)
--- a/src/piglet_plugins/pp_enc_state_iface.h
+++ b/src/piglet_plugins/pp_enc_state_iface.h
@@ -22,8 +22,11 @@
 
 #include "lua/lua_iface.h"
 
+namespace snort
+{
 struct EncState;
+}
 
-extern const struct Lua::TypeInterface<EncState> EncStateIface;
+extern const struct Lua::TypeInterface<snort::EncState> EncStateIface;
 
 #endif

diff --git a/src/piglet_plugins/pp_flow_iface.cc b/src/piglet_plugins/pp_flow_iface.cc
index b4cead7f351ed0f344d6475b7dbc0b50b590c970..21ea68983c884b6dd26bf229359dc6bf228f6cd1 100644 (file)
--- a/src/piglet_plugins/pp_flow_iface.cc
+++ b/src/piglet_plugins/pp_flow_iface.cc
@@ -26,6 +26,8 @@
 #include "flow/flow.h"
 #include "lua/lua_arg.h"
 
+using namespace snort;
+
 static const luaL_Reg methods[] =
 {
     {

diff --git a/src/piglet_plugins/pp_flow_iface.h b/src/piglet_plugins/pp_flow_iface.h
index 39546936b9d67a24fbfe88156b6e26bc9fd0823d..683df3449c14881587fb299b9f318af67500961e 100644 (file)
--- a/src/piglet_plugins/pp_flow_iface.h
+++ b/src/piglet_plugins/pp_flow_iface.h
@@ -22,8 +22,11 @@
 
 #include "lua/lua_iface.h"
 
+namespace snort
+{
 class Flow;
+}
 
-extern const struct Lua::TypeInterface<Flow> FlowIface;
+extern const struct Lua::TypeInterface<snort::Flow> FlowIface;
 
 #endif

diff --git a/src/piglet_plugins/pp_inspector.cc b/src/piglet_plugins/pp_inspector.cc
index 66b2c4f5f4b8237265591acdbf9d55d4c350735b..5d3afe96fa8f2d5e641daff7dc15cc1a3fdffdb1 100644 (file)
--- a/src/piglet_plugins/pp_inspector.cc
+++ b/src/piglet_plugins/pp_inspector.cc
@@ -33,6 +33,8 @@
 #include "pp_raw_buffer_iface.h"
 #include "pp_stream_splitter_iface.h"
 
+using namespace snort;
+
 class InspectorPiglet : public Piglet::BasePlugin
 {
 public:

diff --git a/src/piglet_plugins/pp_inspector_iface.cc b/src/piglet_plugins/pp_inspector_iface.cc
index 76928d3ef3c1f705c52b87ccb4a160a0d9c969b7..a72228ca2f0160deeb74e539a208b792829d5716 100644 (file)
--- a/src/piglet_plugins/pp_inspector_iface.cc
+++ b/src/piglet_plugins/pp_inspector_iface.cc
@@ -31,6 +31,8 @@
 #include "pp_raw_buffer_iface.h"
 #include "pp_stream_splitter_iface.h"
 
+using namespace snort;
+
 // FIXIT-H needs to be updated for addition of get_fp_buf()
 template<typename T>
 static inline bool get_buf(

diff --git a/src/piglet_plugins/pp_inspector_iface.h b/src/piglet_plugins/pp_inspector_iface.h
index be0225aa7c74be25b535d07460145f1ed142d212..fa9cbde2a0e7b774effc93383353ca3842670ece 100644 (file)
--- a/src/piglet_plugins/pp_inspector_iface.h
+++ b/src/piglet_plugins/pp_inspector_iface.h
@@ -22,8 +22,11 @@
 
 #include "lua/lua_iface.h"
 
+namespace snort
+{
 class Inspector;
+}
 
-extern const struct Lua::InstanceInterface<Inspector> InspectorIface;
+extern const struct Lua::InstanceInterface<snort::Inspector> InspectorIface;
 
 #endif

diff --git a/src/piglet_plugins/pp_ip_api_iface.cc b/src/piglet_plugins/pp_ip_api_iface.cc
index 4b0d391ba04f7b38b5b37dab2e76139435c2eb1d..5b1bfcfb9930155bf95ed1868f61575fa7ad6e89 100644 (file)
--- a/src/piglet_plugins/pp_ip_api_iface.cc
+++ b/src/piglet_plugins/pp_ip_api_iface.cc
@@ -28,6 +28,8 @@
 
 #include "pp_raw_buffer_iface.h"
 
+using namespace snort;
+
 template<typename Header>
 static void set_header(lua_State* L, ip::IpApi& ip_api, RawBuffer& rb)
 {
@@ -76,7 +78,7 @@ static const luaL_Reg methods[] =
     {
         "set_ip4",
         [](lua_State* L)
-        { return set<IP4Hdr>(L); }
+        { return set<ip::IP4Hdr>(L); }
     },
     {
         "set_ip6",

diff --git a/src/piglet_plugins/pp_ip_api_iface.h b/src/piglet_plugins/pp_ip_api_iface.h
index fbda48bdc581f258883d088e92decb70ad88c5dc..9b8acd373621b261dd1e61adc0a676f9e89fd1cc 100644 (file)
--- a/src/piglet_plugins/pp_ip_api_iface.h
+++ b/src/piglet_plugins/pp_ip_api_iface.h
@@ -22,11 +22,14 @@
 
 #include "lua/lua_iface.h"
 
+namespace snort
+{
 namespace ip
 {
 class IpApi;
 }
+}
 
-extern const struct Lua::TypeInterface<ip::IpApi> IpApiIface;
+extern const struct Lua::TypeInterface<snort::ip::IpApi> IpApiIface;
 
 #endif

diff --git a/src/piglet_plugins/pp_ips_action.cc b/src/piglet_plugins/pp_ips_action.cc
index 4cefac7c80fa41dba7f2bf9d09e31769819fcbfe..fb7820c4b07410e3034b27ca11e06addd35f4031 100644 (file)
--- a/src/piglet_plugins/pp_ips_action.cc
+++ b/src/piglet_plugins/pp_ips_action.cc
@@ -28,6 +28,8 @@
 #include "pp_packet_iface.h"
 #include "pp_raw_buffer_iface.h"
 
+using namespace snort;
+
 class IpsActionPiglet : public Piglet::BasePlugin
 {
 public:

diff --git a/src/piglet_plugins/pp_ips_action_iface.cc b/src/piglet_plugins/pp_ips_action_iface.cc
index 55409fecac1924e1ba70a13c7458cbe3e826e507..d1c9ce2d90afd0e81241a9fad27f094e7f123f46 100644 (file)
--- a/src/piglet_plugins/pp_ips_action_iface.cc
+++ b/src/piglet_plugins/pp_ips_action_iface.cc
@@ -27,6 +27,8 @@
 
 #include "pp_packet_iface.h"
 
+using namespace snort;
+
 static const luaL_Reg methods[] =
 {
     {

diff --git a/src/piglet_plugins/pp_ips_action_iface.h b/src/piglet_plugins/pp_ips_action_iface.h
index ab4574f8fef491dbff78ad51ae01e29c3635ed4d..893a279a43b5df59a3234b12e1243fff810cecb1 100644 (file)
--- a/src/piglet_plugins/pp_ips_action_iface.h
+++ b/src/piglet_plugins/pp_ips_action_iface.h
@@ -22,8 +22,11 @@
 
 #include "lua/lua_iface.h"
 
+namespace snort
+{
 class IpsAction;
+}
 
-extern const struct Lua::InstanceInterface<IpsAction> IpsActionIface;
+extern const struct Lua::InstanceInterface<snort::IpsAction> IpsActionIface;
 
 #endif

diff --git a/src/piglet_plugins/pp_ips_option.cc b/src/piglet_plugins/pp_ips_option.cc
index c8ab07ee19f751163c499a110237a22f3a838005..bdaa1cb4db7e7da81fcb3080a142b1ccfb4fa947 100644 (file)
--- a/src/piglet_plugins/pp_ips_option.cc
+++ b/src/piglet_plugins/pp_ips_option.cc
@@ -30,6 +30,8 @@
 #include "pp_packet_iface.h"
 #include "pp_raw_buffer_iface.h"
 
+using namespace snort;
+
 class IpsOptionPiglet : public Piglet::BasePlugin
 {
 public:

diff --git a/src/piglet_plugins/pp_ips_option_iface.cc b/src/piglet_plugins/pp_ips_option_iface.cc
index 0ea0aa7310d1a91a8c37b21d1f3a7a1b05cc09b2..90239b553594393cddfa7666306ea0f25d4eba0a 100644 (file)
--- a/src/piglet_plugins/pp_ips_option_iface.cc
+++ b/src/piglet_plugins/pp_ips_option_iface.cc
@@ -29,6 +29,8 @@
 #include "pp_packet_iface.h"
 #include "pp_cursor_iface.h"
 
+using namespace snort;
+
 static const luaL_Reg methods[] =
 {
     {

diff --git a/src/piglet_plugins/pp_ips_option_iface.h b/src/piglet_plugins/pp_ips_option_iface.h
index 61026382fa034d0446b9279e6d293b4aea25f2a7..7d6ff63168bf827d0d07b889c3ee195e5cb150b4 100644 (file)
--- a/src/piglet_plugins/pp_ips_option_iface.h
+++ b/src/piglet_plugins/pp_ips_option_iface.h
@@ -22,8 +22,11 @@
 
 #include "lua/lua_iface.h"
 
+namespace snort
+{
 class IpsOption;
+}
 
-extern const struct Lua::InstanceInterface<IpsOption> IpsOptionIface;
+extern const struct Lua::InstanceInterface<snort::IpsOption> IpsOptionIface;
 
 #endif

diff --git a/src/piglet_plugins/pp_logger.cc b/src/piglet_plugins/pp_logger.cc
index 61093696f24921642496eecc49ac6f18d5eb6b43..c6344ed4aa6119e235f0ca882121743ef84b82ae 100644 (file)
--- a/src/piglet_plugins/pp_logger.cc
+++ b/src/piglet_plugins/pp_logger.cc
@@ -31,6 +31,8 @@
 #include "pp_packet_iface.h"
 #include "pp_raw_buffer_iface.h"
 
+using namespace snort;
+
 class LoggerPiglet : public Piglet::BasePlugin
 {
 public:

diff --git a/src/piglet_plugins/pp_logger_iface.cc b/src/piglet_plugins/pp_logger_iface.cc
index f46c2cb98ac44d51d478df4e04c045f78d2ebc58..eb0deb23ec342bc6d1d900dc75e32f89351cb40b 100644 (file)
--- a/src/piglet_plugins/pp_logger_iface.cc
+++ b/src/piglet_plugins/pp_logger_iface.cc
@@ -29,6 +29,8 @@
 #include "pp_event_iface.h"
 #include "pp_packet_iface.h"
 
+using namespace snort;
+
 static const luaL_Reg methods[] =
 {
     {

diff --git a/src/piglet_plugins/pp_logger_iface.h b/src/piglet_plugins/pp_logger_iface.h
index a1d5c8c2d85a09c09f9d2d48a841797c3146b923..66d3fa1699d508a03d0addd46c8fbdb1d505f7cb 100644 (file)
--- a/src/piglet_plugins/pp_logger_iface.h
+++ b/src/piglet_plugins/pp_logger_iface.h
@@ -22,8 +22,11 @@
 
 #include "lua/lua_iface.h"
 
+namespace snort
+{
 class Logger;
+}
 
-extern const struct Lua::InstanceInterface<Logger> LoggerIface;
+extern const struct Lua::InstanceInterface<snort::Logger> LoggerIface;
 
 #endif

diff --git a/src/piglet_plugins/pp_packet_iface.cc b/src/piglet_plugins/pp_packet_iface.cc
index 645fc2f7bdcc15f04c310d150f64119835a9d298..2a1d1a2b44ea57bfb2c77e117f56eaaa6c6f09ad 100644 (file)
--- a/src/piglet_plugins/pp_packet_iface.cc
+++ b/src/piglet_plugins/pp_packet_iface.cc
@@ -31,6 +31,8 @@
 #include "pp_flow_iface.h"
 #include "pp_raw_buffer_iface.h"
 
+using namespace snort;
+
 static void set_fields(lua_State* L, int tindex, Packet& self)
 {
     Lua::Table table(L, tindex);

diff --git a/src/piglet_plugins/pp_packet_iface.h b/src/piglet_plugins/pp_packet_iface.h
index 47bf496a93c01b8326efeb0f8800ec1f89f5f685..c4c9960e52ddc34efb2fd15348758961fc973d67 100644 (file)
--- a/src/piglet_plugins/pp_packet_iface.h
+++ b/src/piglet_plugins/pp_packet_iface.h
@@ -22,8 +22,11 @@
 
 #include "lua/lua_iface.h"
 
+namespace snort
+{
 struct Packet;
+}
 
-extern const struct Lua::TypeInterface<Packet> PacketIface;
+extern const struct Lua::TypeInterface<snort::Packet> PacketIface;
 
 #endif

diff --git a/src/piglet_plugins/pp_search_engine.cc b/src/piglet_plugins/pp_search_engine.cc
index 5f79a45ae602947ff57c8ea07ed2dd724b4a8c38..74e33a0394bbf3fc69636f1d087066b93c18fb55 100644 (file)
--- a/src/piglet_plugins/pp_search_engine.cc
+++ b/src/piglet_plugins/pp_search_engine.cc
@@ -26,6 +26,8 @@
 
 #include "pp_search_engine_iface.h"
 
+using namespace snort;
+
 class SearchEnginePiglet : public Piglet::BasePlugin
 {
 public:

diff --git a/src/piglet_plugins/pp_search_engine_iface.cc b/src/piglet_plugins/pp_search_engine_iface.cc
index 246bd37f9e3e96ebdebd687c8b6d15d12e588c63..36fe1d3384860c8d34ccfeab8cf25b76708646a5 100644 (file)
--- a/src/piglet_plugins/pp_search_engine_iface.cc
+++ b/src/piglet_plugins/pp_search_engine_iface.cc
@@ -30,7 +30,7 @@ static const luaL_Reg methods[] =
     { nullptr, nullptr }
 };
 
-const struct Lua::InstanceInterface<Mpse> SearchEngineIface =
+const struct Lua::InstanceInterface<snort::Mpse> SearchEngineIface =
 {
     "SearchEngine",
     methods

diff --git a/src/piglet_plugins/pp_search_engine_iface.h b/src/piglet_plugins/pp_search_engine_iface.h
index de88957d9347ab57d59e0434b19c3741bfd9bd77..898047725bddcb16c1108ffdbab9fa107938daa5 100644 (file)
--- a/src/piglet_plugins/pp_search_engine_iface.h
+++ b/src/piglet_plugins/pp_search_engine_iface.h
@@ -22,8 +22,11 @@
 
 #include "lua/lua_iface.h"
 
+namespace snort
+{
 class Mpse;
+}
 
-extern const struct Lua::InstanceInterface<Mpse> SearchEngineIface;
+extern const struct Lua::InstanceInterface<snort::Mpse> SearchEngineIface;
 
 #endif

diff --git a/src/piglet_plugins/pp_so_rule.cc b/src/piglet_plugins/pp_so_rule.cc
index 95e0b32fd3b93e8cf7325c3ca7bae9d8b639795d..6e7676d0c8cd86d862b258e76a8f7e9060e211ff 100644 (file)
--- a/src/piglet_plugins/pp_so_rule.cc
+++ b/src/piglet_plugins/pp_so_rule.cc
@@ -28,6 +28,8 @@
 
 #include "pp_so_rule_iface.h"
 
+using namespace snort;
+
 class SoRulePiglet : public Piglet::BasePlugin
 {
 public:

diff --git a/src/piglet_plugins/pp_so_rule_iface.cc b/src/piglet_plugins/pp_so_rule_iface.cc
index 1907421eeefc0a0600b181fffeb3f6cee8d66138..1ae4dd5295d7865dca5a039194c39aa56b85a29a 100644 (file)
--- a/src/piglet_plugins/pp_so_rule_iface.cc
+++ b/src/piglet_plugins/pp_so_rule_iface.cc
@@ -25,6 +25,8 @@
 
 #include "framework/so_rule.h"
 
+using namespace snort;
+
 static const luaL_Reg methods[] =
 {
     { nullptr, nullptr }

diff --git a/src/piglet_plugins/pp_so_rule_iface.h b/src/piglet_plugins/pp_so_rule_iface.h
index bb8277ad937ea6bc08887501721a30f4f3cdabba..ed9c6f164ba1e3e34d01ef278990450a6b5eea94 100644 (file)
--- a/src/piglet_plugins/pp_so_rule_iface.h
+++ b/src/piglet_plugins/pp_so_rule_iface.h
@@ -22,8 +22,11 @@
 
 #include "lua/lua_iface.h"
 
+namespace snort
+{
 class SoRule;
+}
 
-extern const struct Lua::TypeInterface<SoRule> SoRuleIface;
+extern const struct Lua::TypeInterface<snort::SoRule> SoRuleIface;
 
 #endif

diff --git a/src/piglet_plugins/pp_stream_splitter_iface.cc b/src/piglet_plugins/pp_stream_splitter_iface.cc
index 782ecf6f8f790f69fbc62e7d3eff299eeb22ad9d..041872b3e9cd952ad171f231684394abaeda55bf 100644 (file)
--- a/src/piglet_plugins/pp_stream_splitter_iface.cc
+++ b/src/piglet_plugins/pp_stream_splitter_iface.cc
@@ -29,6 +29,8 @@
 #include "pp_flow_iface.h"
 #include "pp_raw_buffer_iface.h"
 
+using namespace snort;
+
 template<typename From, typename To>
 static inline void stack_push(lua_State* L, const From v)
 { Lua::Stack<To>::push(L, static_cast<To>(v)); }

diff --git a/src/piglet_plugins/pp_stream_splitter_iface.h b/src/piglet_plugins/pp_stream_splitter_iface.h
index 68f31c57d1e740ab50f3d7e9bf92dfae738ed22f..70af36866cd35dbdd9cefa2e60b111f2caae2d3e 100644 (file)
--- a/src/piglet_plugins/pp_stream_splitter_iface.h
+++ b/src/piglet_plugins/pp_stream_splitter_iface.h
@@ -22,8 +22,11 @@
 
 #include "lua/lua_iface.h"
 
+namespace snort
+{
 class StreamSplitter;
+}
 
-extern const struct Lua::TypeInterface<StreamSplitter> StreamSplitterIface;
+extern const struct Lua::TypeInterface<snort::StreamSplitter> StreamSplitterIface;
 
 #endif

diff --git a/src/piglet_plugins/pp_test.cc b/src/piglet_plugins/pp_test.cc
index 6e5aaba5d1e3efb599f0716da17cbe0f137c7fb9..2970a376c1014789564d7ebf72302eb293bbd7f3 100644 (file)
--- a/src/piglet_plugins/pp_test.cc
+++ b/src/piglet_plugins/pp_test.cc
@@ -35,6 +35,8 @@
 #include "pp_packet_iface.h"
 #include "pp_raw_buffer_iface.h"
 
+using namespace snort;
+
 class TestPiglet : public Piglet::BasePlugin
 {
 public:

diff --git a/src/ports/port_group.h b/src/ports/port_group.h
index 7143283b094bf4c48a2ea69a7d747cb3c3d2d407..e8d6b7d92a4f0896149d065c2e419cae1f87eb55 100644 (file)
--- a/src/ports/port_group.h
+++ b/src/ports/port_group.h
@@ -25,6 +25,11 @@
 #ifndef PORT_GROUP_H
 #define PORT_GROUP_H
 
+namespace snort
+{
+    class Mpse;
+}
+
 // PortGroup contains a set of fast patterns in the form of an MPSE and a
 // set of non-fast-pattern (nfp) rules.  when a PortGroup is selected, the
 // MPSE will run fp rules if there is a match on the associated fast
@@ -60,7 +65,7 @@ struct PortGroup
     RULE_NODE* nfp_head, * nfp_tail;
 
     // pattern matchers
-    class Mpse* mpse[PM_TYPE_MAX];
+    snort::Mpse* mpse[PM_TYPE_MAX];
 
     // detection option tree
     void* nfp_tree;

diff --git a/src/ports/port_object.cc b/src/ports/port_object.cc
index 881b61ccd4cbf482f881110bb2af6ea28b76ef33..777ff66194df41b486ed66b5087343d66b5141bc 100644 (file)
--- a/src/ports/port_object.cc
+++ b/src/ports/port_object.cc
@@ -574,7 +574,7 @@ void PortObjectPrintEx(PortObject* po, po_print_f print_index_map)
     unsigned i;
 
     /* static for printing so we don't put so many bytes on the stack */
-    static char po_print_buf[MAX_PORTS];  // FIXIT-L delete this; replace with local stringstream
+    static char po_print_buf[snort::MAX_PORTS];  // FIXIT-L delete this; replace with local stringstream
 
     int bufsize = sizeof(po_print_buf);
     po_print_buf[0] = '\0';

diff --git a/src/ports/port_utils.cc b/src/ports/port_utils.cc
index 6940c571c2e65776ac00476d47098c6791522c34..d606f218fc2fc1e6349f378d7b5d52126b9d0b1f 100644 (file)
--- a/src/ports/port_utils.cc
+++ b/src/ports/port_utils.cc
@@ -211,5 +211,5 @@ int* RuleListToSortedArray(SF_LIST* rl)
 // printing
 //-------------------------------------------------------------------------
 
-char po_print_buf[MAX_PORTS];
+char po_print_buf[snort::MAX_PORTS];
 

diff --git a/src/ports/port_utils.h b/src/ports/port_utils.h
index 5c9c5c59ac3ffc20465fc401427a2c77de6b0505..a808ae48c48b85e67d2e6101ee74cc87622bd87e 100644 (file)
--- a/src/ports/port_utils.h
+++ b/src/ports/port_utils.h
@@ -37,7 +37,7 @@ int* RuleListToSortedArray(SF_LIST*);
 int integer_compare(const void* int1, const void* int2);
 
 // global for printing so we don't put so many bytes on the stack
-extern char po_print_buf[MAX_PORTS];  // FIXIT-L delete this; replace with local stringstream
+extern char po_print_buf[snort::MAX_PORTS];  // FIXIT-L delete this; replace with local stringstream
 
 #endif
 

diff --git a/src/profiler/memory_context.cc b/src/profiler/memory_context.cc
index 3bec0d34ec43f7ea45ee320909e1347331e283a5..347465cc8457b0448c2b3dee195798083060fa1f 100644 (file)
--- a/src/profiler/memory_context.cc
+++ b/src/profiler/memory_context.cc
@@ -35,6 +35,8 @@
 #include "catch/snort_catch.h"
 #endif
 
+using namespace snort;
+
 // -----------------------------------------------------------------------------
 // static variables
 // -----------------------------------------------------------------------------

diff --git a/src/profiler/memory_profiler.cc b/src/profiler/memory_profiler.cc
index 063aa358c0289b93a6fa1693ab622527969bafd3..6a095129a17f66fd690039dd9aa944de3040db66 100644 (file)
--- a/src/profiler/memory_profiler.cc
+++ b/src/profiler/memory_profiler.cc
@@ -32,6 +32,8 @@
 #include "catch/snort_catch.h"
 #endif
 
+using namespace snort;
+
 // -----------------------------------------------------------------------------
 // show statistics
 // -----------------------------------------------------------------------------

diff --git a/src/profiler/memory_profiler_defs.h b/src/profiler/memory_profiler_defs.h
index 9530d243640e3a3df821991a9578a9d248d5e01c..ab1d3d552422b81e4e575707d299843b9e8c5543 100644 (file)
--- a/src/profiler/memory_profiler_defs.h
+++ b/src/profiler/memory_profiler_defs.h
@@ -40,6 +40,8 @@ struct MemoryProfilerConfig
     int max_depth = -1;
 };
 
+namespace snort
+{
 class SO_PUBLIC MemoryContext
 {
 public:
@@ -65,5 +67,5 @@ public:
 private:
     MemoryTracker* saved;
 };
-
+}
 #endif

diff --git a/src/profiler/profiler.cc b/src/profiler/profiler.cc
index e3ba724af56e24f7437212e343856badb3fdbb62..e4434aad0f9aec44d5823094f3cb2c94a6af49bc 100644 (file)
--- a/src/profiler/profiler.cc
+++ b/src/profiler/profiler.cc
@@ -39,6 +39,8 @@
 #include "catch/snort_catch.h"
 #endif
 
+using namespace snort;
+
 static ProfilerNodeMap s_profiler_nodes;
 
 void Profiler::register_module(Module* m)

diff --git a/src/profiler/profiler.h b/src/profiler/profiler.h
index 783e615097b405c3ab8c9b43531a650437605855..c824687d73c9028d88f0cb8410ec18c552b583be 100644 (file)
--- a/src/profiler/profiler.h
+++ b/src/profiler/profiler.h
@@ -23,14 +23,17 @@
 
 #include "profiler_defs.h"
 
+namespace snort
+{
 class Module;
+}
 
 class Profiler
 {
 public:
-    static void register_module(Module*);
-    static void register_module(const char*, const char*, Module*);
-    static void register_module(const char*, const char*, get_profile_stats_fn);
+    static void register_module(snort::Module*);
+    static void register_module(const char*, const char*, snort::Module*);
+    static void register_module(const char*, const char*, snort::get_profile_stats_fn);
 
     // FIXIT-L do we need to call on main thread?
     // call from packet threads, just before thread termination

diff --git a/src/profiler/profiler_defs.h b/src/profiler/profiler_defs.h
index dfe90e7c7fc474c9f6eab82ebb4b5f7736fee67b..629b74826ec610df320585810d79fefd49c771f3 100644 (file)
--- a/src/profiler/profiler_defs.h
+++ b/src/profiler/profiler_defs.h
@@ -27,6 +27,8 @@
 #include "rule_profiler_defs.h"
 #include "time_profiler_defs.h"
 
+namespace snort
+{
 #define ROOT_NODE "total"
 
 struct ProfilerConfig
@@ -94,5 +96,5 @@ private:
 using get_profile_stats_fn = ProfileStats* (*)(const char*);
 
 using Profile = ProfileContext;
-
+}
 #endif

diff --git a/src/profiler/profiler_nodes.cc b/src/profiler/profiler_nodes.cc
index 4e58f46cb5f9edf26389e5237d8c3847fd040694..1046dcfaf57ceab3b7ab387a41cd01fb78192d17 100644 (file)
--- a/src/profiler/profiler_nodes.cc
+++ b/src/profiler/profiler_nodes.cc
@@ -35,6 +35,8 @@
 #include "catch/snort_catch.h"
 #endif
 
+using namespace snort;
+
 // -----------------------------------------------------------------------------
 // types
 // -----------------------------------------------------------------------------

diff --git a/src/profiler/profiler_nodes.h b/src/profiler/profiler_nodes.h
index bdc6aad708a19fe00d73cb90c15f3c038d8ce571..c7414d3fb6482bf8d6e948f7656875c54cc2b694 100644 (file)
--- a/src/profiler/profiler_nodes.h
+++ b/src/profiler/profiler_nodes.h
@@ -28,7 +28,10 @@
 
 #include "profiler_defs.h"
 
+namespace snort
+{
 class Module;
+}
 struct GetProfileFunctor;
 
 class ProfilerNode
@@ -37,8 +40,8 @@ public:
     ProfilerNode(const std::string& key) :
         name { key } { }
 
-    void set(Module* m);
-    void set(get_profile_stats_fn fn);
+    void set(snort::Module* m);
+    void set(snort::get_profile_stats_fn fn);
 
     bool is_set() const
     { return bool(getter); }
@@ -46,10 +49,10 @@ public:
     // thread local call
     void accumulate();
 
-    const ProfileStats& get_stats() const
+    const snort::ProfileStats& get_stats() const
     { return stats; }
 
-    void set_stats(const ProfileStats& ps)
+    void set_stats(const snort::ProfileStats& ps)
     { stats = ps; }
 
     void reset()
@@ -66,7 +69,7 @@ public:
 private:
     std::vector<ProfilerNode*> children;
     std::shared_ptr<GetProfileFunctor> getter;
-    ProfileStats stats;
+    snort::ProfileStats stats;
 };
 
 inline bool operator==(const ProfilerNode& lhs, const ProfilerNode& rhs)
@@ -86,8 +89,8 @@ public:
     map_type::const_iterator end() const
     { return nodes.end(); }
 
-    void register_node(const std::string&, const char*, Module*);
-    void register_node(const std::string&, const char*, get_profile_stats_fn);
+    void register_node(const std::string&, const char*, snort::Module*);
+    void register_node(const std::string&, const char*, snort::get_profile_stats_fn);
 
     void accumulate_nodes();
     void reset_nodes();

diff --git a/src/profiler/rule_profiler.cc b/src/profiler/rule_profiler.cc
index b78e8ab6d86eb4fbb6f31bee67003dcd0bff5efe..bb27068000eaf4a81e0962483e7561ce65a20d64 100644 (file)
--- a/src/profiler/rule_profiler.cc
+++ b/src/profiler/rule_profiler.cc
@@ -51,6 +51,8 @@
 #include "catch/snort_catch.h"
 #endif
 
+using namespace snort;
+
 #define s_rule_table_title "rule profile"
 
 static inline OtnState& operator+=(OtnState& lhs, const OtnState& rhs)

diff --git a/src/profiler/time_profiler.cc b/src/profiler/time_profiler.cc
index 60950599e64255d57addf2b0f36f29945afa0bc2..77ba6866c8d7362e1c09225fb3e97383c94dc61b 100644 (file)
--- a/src/profiler/time_profiler.cc
+++ b/src/profiler/time_profiler.cc
@@ -34,6 +34,8 @@
 #include "catch/snort_catch.h"
 #endif
 
+using namespace snort;
+
 #define s_time_table_title "module profile"
 
 namespace time_stats

diff --git a/src/protocols/arp.h b/src/protocols/arp.h
index 6d60ef5a07987ce7bf85013583a6b61488afc716..520bbfdbea1a32c1014b5dfece57956c47773b37 100644 (file)
--- a/src/protocols/arp.h
+++ b/src/protocols/arp.h
@@ -1,3 +1,4 @@
+
 //--------------------------------------------------------------------------
 // Copyright (C) 2014-2018 Cisco and/or its affiliates. All rights reserved.
 //
@@ -20,6 +21,8 @@
 #ifndef PROTOCOLS_ARP_H
 #define PROTOCOLS_ARP_H
 
+namespace snort
+{
 namespace arp
 {
 
@@ -48,6 +51,7 @@ struct EtherARP
 constexpr uint16_t ETHERARP_HDR_LEN = 28; /*  sizeof EtherARP != 28 */
 
 } // namespace arp
+} // namespace snort
 
 #ifndef ARPOP_REQUEST
 constexpr uint16_t ARPOP_REQUEST = 1;  /* ARP request  */

diff --git a/src/protocols/eth.h b/src/protocols/eth.h
index 0b15447c182ae81136366781e427b1370be2eef7..e2e5ab7dc44e8893347804af69a6ffb0d74b6101 100644 (file)
--- a/src/protocols/eth.h
+++ b/src/protocols/eth.h
@@ -26,6 +26,8 @@
 #define ETHERNET_HEADER_LEN 14
 #define ETHERNET_MTU        1500
 
+namespace snort
+{
 namespace eth
 {
 constexpr uint16_t MTU_LEN = 1500;
@@ -47,6 +49,7 @@ struct EtherHdr
     { return ether_type; }
 };
 } // namespace eth
+} // namespace snort
 
 #endif
 

diff --git a/src/protocols/gre.h b/src/protocols/gre.h
index dc35b7ba59a466d31a08a97410745db370dfc16d..4917681a542a14e6464c7472c3c87e26dec90896 100644 (file)
--- a/src/protocols/gre.h
+++ b/src/protocols/gre.h
@@ -22,6 +22,8 @@
 
 #include <arpa/inet.h>
 
+namespace snort
+{
 namespace gre
 {
 /* GRE related stuff */
@@ -41,6 +43,7 @@ struct GREHdr
     { return ether_type; }
 };
 } // namespace gre
+} // namespace snort
 
 #endif
 

diff --git a/src/protocols/icmp4.h b/src/protocols/icmp4.h
index 2fd2f2b414ecdea5e61def13ee840112e4df3fdf..dfcc75b08a652750fe21f8a49f5f16cbe1369881 100644 (file)
--- a/src/protocols/icmp4.h
+++ b/src/protocols/icmp4.h
@@ -23,6 +23,8 @@
 #include <cstdint>
 #include "protocols/ipv4.h" // for in_addr
 
+namespace snort
+{
 namespace icmp
 {
 constexpr uint32_t ICMP_BASE_LEN = 4;
@@ -172,7 +174,7 @@ struct ICMPHdr
         /* IP header for unreach */
         struct ih_ip
         {
-            ip::IP4Hdr* ip;
+            snort::ip::IP4Hdr* ip;
             /* options and then 64 bits of data */
         } ip;
 
@@ -195,8 +197,9 @@ struct ICMPHdr
 #define s_icmp_data       icmp_dun.data
 };
 } //namespace icmp
+} // namespace snort
 
-typedef icmp::ICMPHdr ICMPHdr;
+typedef snort::icmp::ICMPHdr ICMPHdr;
 
 #ifndef ICMP_ECHOREPLY
 constexpr uint8_t ICMP_ECHOREPLY = 0;    /* Echo Reply                   */

diff --git a/src/protocols/icmp6.h b/src/protocols/icmp6.h
index af7a77532058f74a5bb34c1f1e6b27c6674cffc0..0ed0e4f2ad123786cd49473b09862b341c993a9a 100644 (file)
--- a/src/protocols/icmp6.h
+++ b/src/protocols/icmp6.h
@@ -22,6 +22,8 @@
 
 #include <cstdint>
 
+namespace snort
+{
 namespace icmp
 {
 constexpr uint16_t ICMP6_HEADER_MIN_LEN = 4;
@@ -130,7 +132,8 @@ struct ICMP6NodeInfo
     uint16_t flags;
     uint64_t nonce;
 };
-}  // namespace icmp6
+}  // namespace icmp
+}  // namespace snort
 
 #endif
 

diff --git a/src/protocols/ip.cc b/src/protocols/ip.cc
index 71b5ed04659202c973cbf4fdfdf57e7f4bb8d4f9..525d1f03894013ce3228dadaeba440e01ff573dc 100644 (file)
--- a/src/protocols/ip.cc
+++ b/src/protocols/ip.cc
@@ -25,6 +25,8 @@
 
 #include "layer.h"
 
+namespace snort
+{
 namespace ip
 {
 void IpApi::reset()
@@ -315,4 +317,5 @@ bool IpApi::is_dst_loopback() const
     return false;
 }
 } // namespace ip
+} // namespace snort
 

diff --git a/src/protocols/ip.h b/src/protocols/ip.h
index d03216c98efcac0b94f39ad64bb323e094c92032..da953bf8ce4f12e2c0c2ac46b1cd8bcbef3bdbc9 100644 (file)
--- a/src/protocols/ip.h
+++ b/src/protocols/ip.h
@@ -27,6 +27,8 @@
 #include "protocols/ipv6.h"
 #include "sfip/sf_ip.h"
 
+namespace snort
+{
 struct Packet;
 
 // FIXIT-L can I assume api is always valid?
@@ -131,6 +133,6 @@ private:
 };
 
 } // namespace ip
-
+} // namespace snort
 #endif
 

diff --git a/src/protocols/ipv4.h b/src/protocols/ipv4.h
index 975c88acc81a43333adbfe1ad0da8e4084b7dc57..0ddbf1712ec1dd9e336f050aec8c580f835b2610 100644 (file)
--- a/src/protocols/ipv4.h
+++ b/src/protocols/ipv4.h
@@ -30,6 +30,8 @@
 #define IP_MAXPACKET    65535        /* maximum packet size */
 #endif
 
+namespace snort
+{
 namespace ip
 {
 constexpr uint32_t IP4_BROADCAST = 0xffffffff;
@@ -152,15 +154,8 @@ inline bool isPrivateIP(uint32_t addr)
     }
     return false;
 }
-} /* namespace ip */
-
+} // namespace ip
+} // namespace snort
 /* tcpdump shows us the way to cross platform compatibility */
-
-/* we need to change them as well as get them */
-// TYPEDEF WHICH NEED TO BE DELETED
-typedef ip::IP4Hdr IP4Hdr;
-
-/* #define IP_HEADER_LEN ip::ip4_hdr_len() */
-
 #endif
 

diff --git a/src/protocols/ipv4_options.cc b/src/protocols/ipv4_options.cc
index 7eaa2362751f24d723bd73cf627ce393c182ab19..7f907954624e7be5646956ee215193f2ee23403e 100644 (file)
--- a/src/protocols/ipv4_options.cc
+++ b/src/protocols/ipv4_options.cc
@@ -25,6 +25,8 @@
 
 #include "packet.h"
 
+namespace snort
+{
 namespace ip
 {
 IpOptionIteratorIter::IpOptionIteratorIter(const IpOptions* first_opt) : opt(first_opt)
@@ -74,4 +76,5 @@ IpOptionIteratorIter IpOptionIterator::end() const
     return IpOptionIteratorIter(reinterpret_cast<const IpOptions*>(end_ptr));
 }
 } // namespace ip
+} // namespace snort
 

diff --git a/src/protocols/ipv4_options.h b/src/protocols/ipv4_options.h
index 2fb20651534aa7d35d293321a5c4d6fdbed365f8..d983c791bb83dd37f5652e78ed9e1d9486c55a19 100644 (file)
--- a/src/protocols/ipv4_options.h
+++ b/src/protocols/ipv4_options.h
@@ -22,6 +22,8 @@
 
 #include "main/snort_types.h"
 
+namespace snort
+{
 struct Packet;
 
 namespace ip
@@ -138,6 +140,6 @@ private:
     const uint8_t* start_ptr;
 };
 } // namespace ip
-
+} // namespace snort
 #endif
 

diff --git a/src/protocols/ipv6.h b/src/protocols/ipv6.h
index b8fe62181c3c4542cb63d82fa66ebe99abb40573..0885de426b13c32b497832ce90c7452728d3a305 100644 (file)
--- a/src/protocols/ipv6.h
+++ b/src/protocols/ipv6.h
@@ -24,6 +24,8 @@
 
 #include "protocols/protocol_ids.h"
 
+namespace snort
+{
 namespace ip
 {
 constexpr uint8_t IP6_HEADER_LEN = 40;
@@ -246,7 +248,7 @@ inline int IPV6ExtensionOrder(const IpProtocol ip_proto)
 {
     return IPV6IdExtensionOrder((ProtocolId)ip_proto);
 }
-} // namespace ipv6
-
+} // namespace ip
+} // namespace snort
 #endif
 

diff --git a/src/protocols/layer.cc b/src/protocols/layer.cc
index 2ee2f7749ff6027dd1584cfff8712d668ebdbb54..e687c0105839ced22e501288ab836e629644b549 100644 (file)
--- a/src/protocols/layer.cc
+++ b/src/protocols/layer.cc
@@ -25,6 +25,8 @@
 
 #include "packet.h"
 
+namespace snort
+{
 namespace layer
 {
 static THREAD_LOCAL const Packet* curr_pkt;
@@ -442,4 +444,5 @@ const udp::UDPHdr* get_udp_embed_icmp(const ip::IpApi& api)
 const icmp::ICMPHdr* get_icmp_embed_icmp(const ip::IpApi& api)
 { return reinterpret_cast<const icmp::ICMPHdr*>(api.ip_data()); }
 } // namespace layer
+} // namespace snort
 

diff --git a/src/protocols/layer.h b/src/protocols/layer.h
index 3e54acbbafd4d12a9c47d2e0b950b727934f1093..a22c9ddedcfce69d346e9bfe121c7ea4fa2f2ef9 100644 (file)
--- a/src/protocols/layer.h
+++ b/src/protocols/layer.h
@@ -23,6 +23,8 @@
 #include "main/snort_types.h"
 #include "protocols/protocol_ids.h"
 
+namespace snort
+{
 struct Layer
 {
     const uint8_t* start;
@@ -179,6 +181,6 @@ SO_PUBLIC bool set_outer_ip_api(const Packet* const, ip::IpApi&, int8_t& curr_la
 SO_PUBLIC bool set_outer_ip_api(const Packet* const, ip::IpApi&,
     IpProtocol& next_ip_proto, int8_t& curr_layer);
 } // namespace layer
-
+} // namespace snort
 #endif
 

diff --git a/src/protocols/mpls.h b/src/protocols/mpls.h
index 393a6f9c603b293ca0bd1282af4dfa6f01dd6808..85e1b51056bf386d1401159dd78d458eb3eb0bf2 100644 (file)
--- a/src/protocols/mpls.h
+++ b/src/protocols/mpls.h
@@ -22,6 +22,8 @@
 
 #include <cstdint>
 
+namespace snort
+{
 namespace mpls
 {
 struct MplsHdr
@@ -37,6 +39,6 @@ struct MplsHdr
 constexpr int MPLS_PAYLOADTYPE_ETHERNET = 1;
 constexpr int MPLS_PAYLOADTYPE_IPV4 = 2;
 constexpr int MPLS_PAYLOADTYPE_IPV6 = 3;
-
+}
 #endif
 

diff --git a/src/protocols/packet.cc b/src/protocols/packet.cc
index 92a9653fdf3666efffbef393b4996bf7ab8d676e..6160c4b349609b4fca7ffd6bd521a2ad1334f6db 100644 (file)
--- a/src/protocols/packet.cc
+++ b/src/protocols/packet.cc
@@ -30,6 +30,8 @@
 
 #include "packet_manager.h"
 
+namespace snort
+{
 Packet::Packet(bool packet_data)
 {
     layers = new Layer[CodecManager::get_max_layers()];
@@ -207,4 +209,5 @@ const char* Packet::get_pseudo_type() const
     }
     return "other";
 }
+} // namespace snort
 

diff --git a/src/protocols/packet.h b/src/protocols/packet.h
index 14f12cf1e8fc8fb65ce75c7bb4055f4c148d2e68..130ae61e4b355ad73b1178aff8ce08ce5f267a72 100644 (file)
--- a/src/protocols/packet.h
+++ b/src/protocols/packet.h
@@ -26,6 +26,14 @@
 #include "framework/decode_data.h"
 #include "main/snort_types.h"
 
+class Endianness;
+class Obfuscator;
+
+namespace snort
+{
+class Flow;
+class IpsContext;
+
 /* packet status flags */
 #define PKT_REBUILT_FRAG     0x00000001  /* is a rebuilt fragment */
 #define PKT_REBUILT_STREAM   0x00000002  /* is a rebuilt stream */
@@ -103,9 +111,9 @@ struct SO_PUBLIC Packet
     Packet(const Packet&) = delete;
     Packet& operator=(const Packet&) = delete;
 
-    class Flow* flow;   /* for session tracking */
-    class Endianness* endianness;
-    class Obfuscator* obfuscator;
+    Flow* flow;   /* for session tracking */
+    Endianness* endianness;
+    Obfuscator* obfuscator;
 
     uint32_t packet_flags;      /* special flags for the packet */
     uint32_t xtradata_mask;
@@ -120,7 +128,7 @@ struct SO_PUBLIC Packet
     // nothing after this point is zeroed ...
 
     // Everything beyond this point is set by PacketManager::decode()
-    class IpsContext* context;   // set by control
+    IpsContext* context;   // set by control
     const DAQ_PktHdr_t* pkth;    // packet meta data
     const uint8_t* pkt;          // raw packet data
 
@@ -334,6 +342,6 @@ inline uint64_t alignedNtohq(const uint64_t* ptr)
     return value;
 #endif
 }
-
+}
 #endif
 

diff --git a/src/protocols/packet_manager.cc b/src/protocols/packet_manager.cc
index 180e772ac8ed721462392418128d393317034388..8f1d85bb3ae6502dcd3d427364b84183a206a0ef 100644 (file)
--- a/src/protocols/packet_manager.cc
+++ b/src/protocols/packet_manager.cc
@@ -40,6 +40,8 @@
 #include "icmp4.h"
 #include "icmp6.h"
 
+using namespace snort;
+
 THREAD_LOCAL ProfileStats decodePerfStats;
 
 // Decoding statistics
@@ -497,16 +499,16 @@ const uint8_t* PacketManager::encode_reject(UnreachResponse type,
 
         switch (type)
         {
-        case UnreachResponse::NET:
+        case snort::UnreachResponse::NET:
             icmph->code = icmp::IcmpCode::NET_UNREACH;
             break;
-        case UnreachResponse::HOST:
+        case snort::UnreachResponse::HOST:
             icmph->code = icmp::IcmpCode::HOST_UNREACH;
             break;
-        case UnreachResponse::PORT:
+        case snort::UnreachResponse::PORT:
             icmph->code = icmp::IcmpCode::PORT_UNREACH;
             break;
-        case UnreachResponse::FWD:
+        case snort::UnreachResponse::FWD:
             icmph->code = icmp::IcmpCode::PKT_FILTERED;
             break;
         default:     // future proofing
@@ -553,16 +555,16 @@ const uint8_t* PacketManager::encode_reject(UnreachResponse type,
 
         switch (type)
         {
-        case UnreachResponse::NET:
+        case snort::UnreachResponse::NET:
             icmph->code = icmp::Icmp6Code::UNREACH_NET;
             break;
-        case UnreachResponse::HOST:
+        case snort::UnreachResponse::HOST:
             icmph->code = icmp::Icmp6Code::UNREACH_HOST;
             break;
-        case UnreachResponse::PORT:
+        case snort::UnreachResponse::PORT:
             icmph->code = icmp::Icmp6Code::UNREACH_PORT;
             break;
-        case UnreachResponse::FWD:
+        case snort::UnreachResponse::FWD:
             icmph->code = icmp::Icmp6Code::UNREACH_FILTER_PROHIB;
             break;
         default:     // future proofing

diff --git a/src/protocols/packet_manager.h b/src/protocols/packet_manager.h
index e9d72f5e01da0c7010e94d16a0ff0aa86a2f0cae..eae0c21606e3fb8f6894956fb9da6523d32906b9 100644 (file)
--- a/src/protocols/packet_manager.h
+++ b/src/protocols/packet_manager.h
@@ -30,9 +30,12 @@
 #include "managers/codec_manager.h"
 #include "protocols/packet.h"
 
-struct Packet;
 struct TextLog;
 
+namespace snort
+{
+struct Packet;
+
 enum class TcpResponse
 {
     FIN,
@@ -151,6 +154,6 @@ private:
     static std::array<PegCount, s_stats.size()> g_stats;
     static const std::array<const char*, stat_offset> stat_names;
 };
-
+}
 #endif
 

diff --git a/src/protocols/tcp.h b/src/protocols/tcp.h
index bccc685295bb613590d2b5481983a0d9cdf8d7c4..2813e1e607f3f6f1f649f0ab6d58172f673912d1 100644 (file)
--- a/src/protocols/tcp.h
+++ b/src/protocols/tcp.h
@@ -24,6 +24,10 @@
 
 #include <cstdint>
 
+namespace snort
+{
+namespace tcp
+{
 // these are bits in th_flags:
 #define TH_FIN  0x01
 #define TH_SYN  0x02
@@ -61,8 +65,6 @@
 
 #define GET_PKT_SEQ(p) (ntohl((p)->ptrs.tcph->th_seq))
 
-namespace tcp
-{
 constexpr uint8_t TCP_MIN_HEADER_LEN = 20; // this is actually the minimal TCP header length
 constexpr int OPT_TRUNC = -1;
 constexpr int OPT_BADLEN = -2;
@@ -174,6 +176,7 @@ struct TCPHdr
     { th_urp = new_urp; }
 };
 }  // namespace tcp
+}  // namespace snort
 
 #endif
 

diff --git a/src/protocols/tcp_options.cc b/src/protocols/tcp_options.cc
index ce45ff36b007727982687f9dbd1196df180dfd6b..dae5f15a5dcddd49a6f16455feeafb094c1cfff6 100644 (file)
--- a/src/protocols/tcp_options.cc
+++ b/src/protocols/tcp_options.cc
@@ -26,14 +26,13 @@
 #include "packet.h"
 #include "tcp.h"
 
-namespace tcp
+namespace snort
 {
-TcpOptIteratorIter::TcpOptIteratorIter(const TcpOption* first_opt) : opt(first_opt)
+namespace tcp
 {
-}
+TcpOptIteratorIter::TcpOptIteratorIter(const TcpOption* first_opt) : opt(first_opt) { }
 
-const TcpOption& TcpOptIteratorIter::operator*() const
-{ return *opt; }
+const TcpOption& TcpOptIteratorIter::operator*() const { return *opt; }
 
 TcpOptIterator::TcpOptIterator(const TCPHdr* const tcp_header, const Packet* const p)
 {
@@ -77,4 +76,5 @@ TcpOptIteratorIter TcpOptIterator::end() const
     return TcpOptIteratorIter(reinterpret_cast<const TcpOption*>(end_ptr));
 }
 } // namespace ip
+} // namespace snort
 

diff --git a/src/protocols/tcp_options.h b/src/protocols/tcp_options.h
index f08e97fc6d82cb535821b0dfda3d9ae8972dbf26..5e80067a4abc16ffbc67a3d5f635a993c0e24d96 100644 (file)
--- a/src/protocols/tcp_options.h
+++ b/src/protocols/tcp_options.h
@@ -22,6 +22,8 @@
 
 #include "main/snort_types.h"
 
+namespace snort
+{
 struct Packet;
 
 namespace tcp
@@ -178,6 +180,7 @@ private:
     const uint8_t* end_ptr;
 };
 } // namespace tcp
+} // namespace snort
 
 #endif
 

diff --git a/src/protocols/udp.h b/src/protocols/udp.h
index c71355b65073145a401df2a63e0737854613b4ad..458093a668e0e90eb3c82783bb10f1f658250292 100644 (file)
--- a/src/protocols/udp.h
+++ b/src/protocols/udp.h
@@ -22,6 +22,8 @@
 
 #include <arpa/inet.h>
 
+namespace snort
+{
 namespace udp
 {
 constexpr uint8_t UDP_HEADER_LEN = 8;
@@ -59,7 +61,8 @@ struct UDPHdr
     inline uint16_t raw_cksum() const
     { return uh_chk; }
 };
-} // namespace
+} // namespace udp
+} // namespace snort
 
 #endif
 

diff --git a/src/protocols/vlan.h b/src/protocols/vlan.h
index cc9d8a760c841f894cc0e872d67a319b54a9bad7..e6b8dc3168886e7ef0132a08149c2b215b602c1a 100644 (file)
--- a/src/protocols/vlan.h
+++ b/src/protocols/vlan.h
@@ -22,6 +22,8 @@
 
 #include <arpa/inet.h>
 
+namespace snort
+{
 namespace vlan
 {
 struct VlanTagHdr
@@ -42,6 +44,7 @@ struct VlanTagHdr
     { return ntohs(vth_proto); }
 };
 } // namespace vlan
+} // namespace snort
 
 #endif
 

diff --git a/src/protocols/wlan.h b/src/protocols/wlan.h
index 8d8d5ebbdeff199563f0597c859671481b058f55..d19eb16251e7aa685d2c4869e76b308ff451ee60 100644 (file)
--- a/src/protocols/wlan.h
+++ b/src/protocols/wlan.h
@@ -22,6 +22,8 @@
 
 #include <cstdint>
 
+namespace snort
+{
 namespace wlan
 {
 /*
@@ -79,6 +81,7 @@ struct WifiHdr
 #define WLAN_FLAG_WEP       0x4000    /* Wep Enabled  00000010 */
 #define WLAN_FLAG_ORDER     0x8000    /* Strict Order 00000001 */
 } // namespace wlan
+} // namespace snort
 
 #endif
 

diff --git a/src/pub_sub/expect_events.h b/src/pub_sub/expect_events.h
index ae6116b12f2303c29a5aa8e0c4a0f7a0836a2ded..eeca6bec4393be61e482e0b36929815ff0370094 100644 (file)
--- a/src/pub_sub/expect_events.h
+++ b/src/pub_sub/expect_events.h
@@ -29,33 +29,37 @@
 
 #define EXPECT_EVENT_TYPE_EARLY_SESSION_CREATE_KEY "expect_event_type_early_session_create"
 
-struct Packet;
-class FlowData;
+namespace snort
+{
 struct ExpectFlow;
+class FlowData;
+struct Packet;
+}
 
-class ExpectEvent : public DataEvent
+class ExpectEvent : public snort::DataEvent
 {
 public:
-    ExpectEvent(const Packet* ctrl_packet, ExpectFlow* ef, const FlowData* fd)
+    ExpectEvent(const snort::Packet* ctrl_packet, snort::ExpectFlow* ef,
+        const snort::FlowData* fd)
     {
         p = ctrl_packet;
         expect_flow = ef;
         flow_data = fd;
     }
 
-    const Packet* get_packet() override
+    const snort::Packet* get_packet() override
     { return p; }
 
-    ExpectFlow* get_expect_flow()
+    snort::ExpectFlow* get_expect_flow()
     { return expect_flow; }
 
-    const FlowData* get_flow_data()
+    const snort::FlowData* get_flow_data()
     { return flow_data; }
 
 private:
-    const Packet* p;
-    ExpectFlow* expect_flow;
-    const FlowData* flow_data;
+    const snort::Packet* p;
+    snort::ExpectFlow* expect_flow;
+    const snort::FlowData* flow_data;
 };
 
 #endif

diff --git a/src/pub_sub/http_events.h b/src/pub_sub/http_events.h
index 0c5a3a970a3c2e096505cc6f6bab197386761824..e6327c1a3c2c72c88ff5f0369af4f6d21867d973 100644 (file)
--- a/src/pub_sub/http_events.h
+++ b/src/pub_sub/http_events.h
@@ -31,7 +31,7 @@
 
 class HttpMsgHeader;
 
-class SO_PUBLIC HttpEvent : public DataEvent
+class SO_PUBLIC HttpEvent : public snort::DataEvent
 {
 public:
     HttpEvent(HttpMsgHeader* http_msg_header_) :

diff --git a/src/pub_sub/sip_events.cc b/src/pub_sub/sip_events.cc
index ce0ed60aa0185a522147fd94e1e2fd4e88bd1439..5066889b80012289c643cd1a58ae8173a4bf8414 100644 (file)
--- a/src/pub_sub/sip_events.cc
+++ b/src/pub_sub/sip_events.cc
@@ -25,6 +25,7 @@
 
 #include "service_inspectors/sip/sip_dialog.h"
 
+using namespace snort;
 using namespace std;
 
 SipEvent::SipEvent(const Packet* p, const SIPMsg* msg, const SIP_DialogData* dialog)

diff --git a/src/pub_sub/sip_events.h b/src/pub_sub/sip_events.h
index a6defc90aa5e5803e0707a9ee102896599037ddf..27f385903a0493b379f20b2e9090604d549266cd 100644 (file)
--- a/src/pub_sub/sip_events.h
+++ b/src/pub_sub/sip_events.h
@@ -34,8 +34,11 @@ enum SipEventType
     SIP_EVENT_TYPE_SIP_DIALOG
 };
 
+namespace snort
+{
 struct Packet;
 struct SfIp;
+}
 struct SIPMsg;
 struct SIP_DialogData;
 struct SIP_MediaSession;
@@ -47,7 +50,7 @@ public:
     SipEventMediaData(SIP_MediaData* data)
     { this->data = data; }
 
-    const SfIp* get_address() const;
+    const snort::SfIp* get_address() const;
     uint16_t get_port() const;
 
 private:
@@ -74,13 +77,13 @@ private:
     SIP_MediaData* current_media_data = nullptr;
 };
 
-class SipEvent : public DataEvent
+class SipEvent : public snort::DataEvent
 {
 public:
-    SipEvent(const Packet*, const SIPMsg*, const SIP_DialogData*);
+    SipEvent(const snort::Packet*, const SIPMsg*, const SIP_DialogData*);
     ~SipEvent() override;
 
-    const Packet* get_packet() override
+    const snort::Packet* get_packet() override
     { return p; }
 
     const char* get_from() const
@@ -116,7 +119,7 @@ public:
     SipEventMediaSession* next_media_session();
 
 private:
-    const Packet* p;
+    const snort::Packet* p;
 
     const SIPMsg* msg;
     const SIP_DialogData* dialog;

diff --git a/src/search_engines/ac_banded.cc b/src/search_engines/ac_banded.cc
index 9048e0c674e5fe4a761e3f65c6a18b368a97e487..8e73a539bb65f9d9db07d2c116a0b59138f35ca9 100644 (file)
--- a/src/search_engines/ac_banded.cc
+++ b/src/search_engines/ac_banded.cc
@@ -25,6 +25,8 @@
 
 #include "acsmx2.h"
 
+using namespace snort;
+
 //-------------------------------------------------------------------------
 // "ac_banded"
 //-------------------------------------------------------------------------

diff --git a/src/search_engines/ac_bnfa.cc b/src/search_engines/ac_bnfa.cc
index 9e4f73ca0d2d15a285b8f598d2c4823c27bcdc0a..b21a27956dc9d59386742c266aa3a2b3cce7aaf3 100644 (file)
--- a/src/search_engines/ac_bnfa.cc
+++ b/src/search_engines/ac_bnfa.cc
@@ -34,6 +34,8 @@
 
 #include "bnfa_search.h"
 
+using namespace snort;
+
 //-------------------------------------------------------------------------
 // "ac_bnfa"
 //-------------------------------------------------------------------------

diff --git a/src/search_engines/ac_full.cc b/src/search_engines/ac_full.cc
index b31bcbd96b7a8a4614d749953f2bd5d7f4b1f919..7a024bf3addf888fdcd6ecf8125250cdb69dc637 100644 (file)
--- a/src/search_engines/ac_full.cc
+++ b/src/search_engines/ac_full.cc
@@ -25,6 +25,8 @@
 
 #include "acsmx2.h"
 
+using namespace snort;
+
 //-------------------------------------------------------------------------
 // "ac_full"
 //-------------------------------------------------------------------------

diff --git a/src/search_engines/ac_sparse.cc b/src/search_engines/ac_sparse.cc
index 1b658a72a7577ca3de941d7f4596091220028e76..a67fb6cb941f25cf4b4f69ddb88ff733ee95f757 100644 (file)
--- a/src/search_engines/ac_sparse.cc
+++ b/src/search_engines/ac_sparse.cc
@@ -25,6 +25,8 @@
 
 #include "acsmx2.h"
 
+using namespace snort;
+
 //-------------------------------------------------------------------------
 // "ac_sparse"
 //-------------------------------------------------------------------------

diff --git a/src/search_engines/ac_sparse_bands.cc b/src/search_engines/ac_sparse_bands.cc
index 9788368fb263c3ccb182df8910025a2d2d06188e..b86997f9df57007a1c3ca69e832e5b44a1bf22d8 100644 (file)
--- a/src/search_engines/ac_sparse_bands.cc
+++ b/src/search_engines/ac_sparse_bands.cc
@@ -25,6 +25,8 @@
 
 #include "acsmx2.h"
 
+using namespace snort;
+
 //-------------------------------------------------------------------------
 // "ac_sparse_bands"
 //-------------------------------------------------------------------------

diff --git a/src/search_engines/ac_std.cc b/src/search_engines/ac_std.cc
index 80e5d11c96700135fb3d3adbd2c3ab26f42e528d..68a8ff85d7c3ba7bfa85f295afd28c88a2867266 100644 (file)
--- a/src/search_engines/ac_std.cc
+++ b/src/search_engines/ac_std.cc
@@ -25,6 +25,8 @@
 
 #include "acsmx.h"
 
+using namespace snort;
+
 //-------------------------------------------------------------------------
 // "ac_std"
 //-------------------------------------------------------------------------

diff --git a/src/search_engines/acsmx.cc b/src/search_engines/acsmx.cc
index b0b5786603c6095779dceea98bb5e15e974c6d8c..2a66f4da076c9ceef83ad2692170d6d18fa65fb8 100644 (file)
--- a/src/search_engines/acsmx.cc
+++ b/src/search_engines/acsmx.cc
@@ -315,7 +315,7 @@ int acsmAddPattern(
     return 0;
 }
 
-static void acsmBuildMatchStateTrees(SnortConfig* sc, ACSM_STRUCT* acsm)
+static void acsmBuildMatchStateTrees(snort::SnortConfig* sc, ACSM_STRUCT* acsm)
 {
     ACSM_PATTERN* mlist;
 
@@ -402,8 +402,7 @@ static inline int _acsmCompile(ACSM_STRUCT* acsm)
     return 0;
 }
 
-int acsmCompile(
-    SnortConfig* sc, ACSM_STRUCT* acsm)
+int acsmCompile(snort::SnortConfig* sc, ACSM_STRUCT* acsm)
 {
     if ( int rval = _acsmCompile (acsm) )
         return rval;

diff --git a/src/search_engines/acsmx.h b/src/search_engines/acsmx.h
index 1e7001467dd9a63a4af948f76f187f8af35aedff..9762f9931830cf9638b3da5f44730cefeb1e0b0d 100644 (file)
--- a/src/search_engines/acsmx.h
+++ b/src/search_engines/acsmx.h
@@ -29,6 +29,11 @@
 
 #include "search_common.h"
 
+namespace snort
+{
+struct SnortConfig;
+}
+
 #define ALPHABET_SIZE    256
 #define ACSM_FAIL_STATE   (-1)
 
@@ -94,7 +99,7 @@ ACSM_STRUCT* acsmNew(const MpseAgent*);
 int acsmAddPattern(ACSM_STRUCT* p, const uint8_t* pat, unsigned n,
     bool nocase, bool negative, void* id);
 
-int acsmCompile(struct SnortConfig*, ACSM_STRUCT*);
+int acsmCompile(snort::SnortConfig*, ACSM_STRUCT*);
 
 int acsmSearch(ACSM_STRUCT * acsm, const uint8_t* T,
     int n, MpseMatch, void* context, int* current_state);

diff --git a/src/search_engines/acsmx2.cc b/src/search_engines/acsmx2.cc
index 80d38b62c06d6871b402df9feb24d63b2e0f9449..84d42e12b39fe9da55afe4ae5dd15db01928d101 100644 (file)
--- a/src/search_engines/acsmx2.cc
+++ b/src/search_engines/acsmx2.cc
@@ -1190,7 +1190,7 @@ static void acsmUpdateMatchStates(ACSM_STRUCT2* acsm)
     }
 }
 
-static void acsmBuildMatchStateTrees2(SnortConfig* sc, ACSM_STRUCT2* acsm)
+static void acsmBuildMatchStateTrees2(snort::SnortConfig* sc, ACSM_STRUCT2* acsm)
 {
     ACSM_PATTERN2** MatchList = acsm->acsmMatchList;
     ACSM_PATTERN2* mlist;
@@ -1363,8 +1363,7 @@ static inline int _acsmCompile2(ACSM_STRUCT2* acsm)
     return 0;
 }
 
-int acsmCompile2(
-    SnortConfig* sc, ACSM_STRUCT2* acsm)
+int acsmCompile2(snort::SnortConfig* sc, ACSM_STRUCT2* acsm)
 {
     if ( int rval = _acsmCompile2(acsm) )
         return rval;

diff --git a/src/search_engines/acsmx2.h b/src/search_engines/acsmx2.h
index a5247ac20fb3ae66867559b54f4073957c58e9c9..f62157c4bd3c76b1ee69cdb168bcfda1837e98da 100644 (file)
--- a/src/search_engines/acsmx2.h
+++ b/src/search_engines/acsmx2.h
@@ -28,6 +28,11 @@
 
 #include "search_common.h"
 
+namespace snort
+{
+struct SnortConfig;
+}
+
 #define MAX_ALPHABET_SIZE 256
 
 /*
@@ -141,7 +146,7 @@ int acsmAddPattern2(
     ACSM_STRUCT2* p, const uint8_t* pat, unsigned n,
     bool nocase, bool negative, void* id);
 
-int acsmCompile2(struct SnortConfig*, ACSM_STRUCT2*);
+int acsmCompile2(snort::SnortConfig*, ACSM_STRUCT2*);
 
 int acsm_search_nfa(
     ACSM_STRUCT2*, const uint8_t* T, int n, MpseMatch, void* context, int* current_state);

diff --git a/src/search_engines/acsmx2_api.cc b/src/search_engines/acsmx2_api.cc
index 548fed4a825949a3eb1dfdb90b50a2a80dce5683..e4dd404766a19df09fadaf2131784876fdb56b93 100644 (file)
--- a/src/search_engines/acsmx2_api.cc
+++ b/src/search_engines/acsmx2_api.cc
@@ -25,6 +25,8 @@
 
 #include "search_engines.h"
 
+using namespace snort;
+
 extern const BaseApi* se_ac_banded;
 extern const BaseApi* se_ac_full;
 extern const BaseApi* se_ac_sparse;

diff --git a/src/search_engines/bnfa_search.cc b/src/search_engines/bnfa_search.cc
index 9870f1edbb3c6d8ab2b859dfabe5e2dedad9bcb6..c31c01e202af5290890960091c767d6eec2f11a4 100644 (file)
--- a/src/search_engines/bnfa_search.cc
+++ b/src/search_engines/bnfa_search.cc
@@ -353,7 +353,7 @@ static int _bnfa_list_free_table(bnfa_struct_t* bnfa)
     return 0;
 }
 
-static void bnfaBuildMatchStateTrees(SnortConfig* sc, bnfa_struct_t* bnfa)
+static void bnfaBuildMatchStateTrees(snort::SnortConfig* sc, bnfa_struct_t* bnfa)
 {
     bnfa_match_node_t* mn;
     bnfa_match_node_t** MatchList = bnfa->bnfaMatchList;
@@ -1451,8 +1451,7 @@ static inline int _bnfaCompile(bnfa_struct_t* bnfa)
     return 0;
 }
 
-int bnfaCompile(
-    SnortConfig* sc, bnfa_struct_t* bnfa)
+int bnfaCompile(snort::SnortConfig* sc, bnfa_struct_t* bnfa)
 {
     if ( int rval = _bnfaCompile (bnfa) )
         return rval;

diff --git a/src/search_engines/bnfa_search.h b/src/search_engines/bnfa_search.h
index 29489c4872ecde5e29ca1dda9b3d62235ab2ba42..604f0ca63071d7aa2693b8296e678d607adca376 100644 (file)
--- a/src/search_engines/bnfa_search.h
+++ b/src/search_engines/bnfa_search.h
@@ -34,6 +34,11 @@
 
 #include "search_common.h"
 
+namespace snort
+{
+struct SnortConfig;
+}
+
 /* debugging - allow printing the trie and nfa in list format
    #define ALLOW_LIST_PRINT */
 
@@ -163,7 +168,7 @@ int bnfaAddPattern(
     bnfa_struct_t* pstruct, const uint8_t* pat, unsigned patlen,
     bool nocase, bool negative, void* userdata);
 
-int bnfaCompile(struct SnortConfig*, bnfa_struct_t*);
+int bnfaCompile(snort::SnortConfig*, bnfa_struct_t*);
 
 unsigned _bnfa_search_csparse_nfa(
     bnfa_struct_t * pstruct, const uint8_t* t, int tlen, MpseMatch,

diff --git a/src/search_engines/hyperscan.cc b/src/search_engines/hyperscan.cc
index f7e242b056add115270c16ce491f7e96186723f4..acd5220869b747bcca42414fc21d65918c932638 100644 (file)
--- a/src/search_engines/hyperscan.cc
+++ b/src/search_engines/hyperscan.cc
@@ -35,6 +35,8 @@
 #include "main/snort_config.h"
 #include "utils/stats.h"
 
+using namespace snort;
+
 struct Pattern
 {
     std::string pat;

diff --git a/src/search_engines/hyperscan.h b/src/search_engines/hyperscan.h
index 3b867e4503328d22a5043a26cc2da6992cb2a0a8..cdf624bb285e0891b27de4eb73c2f07bc87c1d2c 100644 (file)
--- a/src/search_engines/hyperscan.h
+++ b/src/search_engines/hyperscan.h
@@ -21,8 +21,12 @@
 #ifndef HYPERSCAN_H
 #define HYPERSCAN_H
 
+namespace snort
+{
 struct SnortConfig;
-void hyperscan_setup(SnortConfig*);
-void hyperscan_cleanup(SnortConfig*);
+}
+
+void hyperscan_setup(snort::SnortConfig*);
+void hyperscan_cleanup(snort::SnortConfig*);
 
 #endif

diff --git a/src/search_engines/search_common.h b/src/search_engines/search_common.h
index 11d3b32b31076044f5a6e36a87e46589cd723245..2eaeb7ac15ba74a196fdf7cf655f5d5eb749ce3c 100644 (file)
--- a/src/search_engines/search_common.h
+++ b/src/search_engines/search_common.h
@@ -19,11 +19,14 @@
 #ifndef SEARCH_COMMON_H
 #define SEARCH_COMMON_H
 
-// interface to Mpse
+namespace snort
+{
+    struct SnortConfig;
+}
 
 struct MpseAgent
 {
-    int (* build_tree)(struct SnortConfig*, void* id, void** tree);
+    int (* build_tree)(snort::SnortConfig*, void* id, void** tree);
     int (* negate_list)(void* id, void** list);
 
     void (* user_free)(void*);

diff --git a/src/search_engines/search_engines.cc b/src/search_engines/search_engines.cc
index dab793bd1ca613f82d3b75c733a655afc1807cee..af06a30abd6d9dcfd3c5d612730b3ba1f656a8b1 100644 (file)
--- a/src/search_engines/search_engines.cc
+++ b/src/search_engines/search_engines.cc
@@ -24,7 +24,8 @@
 
 #include "managers/plugin_manager.h"
 
-struct BaseApi;
+using namespace snort;
+
 extern const BaseApi* se_ac_bnfa[];
 
 #ifdef HAVE_HYPERSCAN

diff --git a/src/search_engines/search_engines.h b/src/search_engines/search_engines.h
index 34c4f11dcc404516b186a9fc1e5bd6670260f6f9..0a0bcba20e22400eb9b1dd0640700838535a549e 100644 (file)
--- a/src/search_engines/search_engines.h
+++ b/src/search_engines/search_engines.h
@@ -19,7 +19,10 @@
 #ifndef SEARCH_ENGINES_H
 #define SEARCH_ENGINES_H
 
+namespace snort
+{
 struct BaseApi;
+}
 
 void load_search_engines();
 

diff --git a/src/search_engines/search_tool.cc b/src/search_engines/search_tool.cc
index bad6adb9d8b5c39c1276caa3b19a59414108cca8..f3de667b5e98750e7e36f7efe0a300177ff95eec 100644 (file)
--- a/src/search_engines/search_tool.cc
+++ b/src/search_engines/search_tool.cc
@@ -27,6 +27,8 @@
 
 #include "managers/mpse_manager.h"
 
+namespace snort
+{
 SearchTool::SearchTool(const char* method, bool dfa)
 {
     mpse = MpseManager::get_search_engine(method);
@@ -126,4 +128,4 @@ int SearchTool::find_all(
 
     return num;
 }
-
+} // namespace snort

diff --git a/src/search_engines/search_tool.h b/src/search_engines/search_tool.h
index e4261c51072b2b695e66e246e9f4cdd8ab1abec8..fa27e86c781e97bff895f4923db93fc49550d31d 100644 (file)
--- a/src/search_engines/search_tool.h
+++ b/src/search_engines/search_tool.h
@@ -22,6 +22,8 @@
 
 #include "framework/mpse.h"
 
+namespace snort
+{
 class SO_PUBLIC SearchTool
 {
 public:
@@ -50,6 +52,6 @@ private:
     class Mpse* mpse;
     unsigned max_len;
 };
-
+} // namespace snort
 #endif
 

diff --git a/src/search_engines/test/hyperscan_test.cc b/src/search_engines/test/hyperscan_test.cc
index cf714f0abec8c37c9d3b4e44d88adca756c9ede7..4a552f0f00eac4cf5ac551aa272cc9aeeda9f4eb 100644 (file)
--- a/src/search_engines/test/hyperscan_test.cc
+++ b/src/search_engines/test/hyperscan_test.cc
@@ -34,10 +34,13 @@
 #include <CppUTest/CommandLineTestRunner.h>
 #include <CppUTest/TestHarness.h>
 
+using namespace snort;
+
 //-------------------------------------------------------------------------
 // base stuff
 //-------------------------------------------------------------------------
-
+namespace snort
+{
 Mpse::Mpse(const char*) { }
 
 int Mpse::search(
@@ -54,6 +57,24 @@ int Mpse::search_all(
     return _search(T, n, match, context, current_state);
 }
 
+SnortConfig s_conf;
+THREAD_LOCAL SnortConfig* snort_conf = &s_conf;
+
+static SnortState s_state;
+
+SnortConfig::SnortConfig(SnortConfig*)
+{
+    state = &s_state;
+    memset(state, 0, sizeof(*state));
+    num_slots = 1;
+}
+
+SnortConfig::~SnortConfig() { }
+
+SnortConfig* SnortConfig::get_conf()
+{ return snort_conf; }
+
+}
 //-------------------------------------------------------------------------
 // stubs, spies, etc.
 //-------------------------------------------------------------------------
@@ -73,22 +94,6 @@ static int match(
     void* /*user*/, void* /*tree*/, int /*index*/, void* /*context*/, void* /*list*/)
 { ++hits; return 0; }
 
-SnortConfig s_conf;
-THREAD_LOCAL SnortConfig* snort_conf = &s_conf;
-
-static SnortState s_state;
-
-SnortConfig::SnortConfig(SnortConfig*)
-{
-    state = &s_state;
-    memset(state, 0, sizeof(*state));
-    num_slots = 1;
-}
-
-SnortConfig::~SnortConfig() { }
-
-SnortConfig* SnortConfig::get_conf()
-{ return snort_conf; }
 
 unsigned get_instance_id()
 { return 0; }

diff --git a/src/search_engines/test/search_tool_test.cc b/src/search_engines/test/search_tool_test.cc
index 38387e4582089984ca95620afaeafd9f0b3cd75f..6ea2e9a67f92a38accbd5cff4fa2663452caa6a2 100644 (file)
--- a/src/search_engines/test/search_tool_test.cc
+++ b/src/search_engines/test/search_tool_test.cc
@@ -38,11 +38,16 @@
 #include <CppUTest/CommandLineTestRunner.h>
 #include <CppUTest/TestHarness.h>
 
+using namespace snort;
+
 //-------------------------------------------------------------------------
 // base stuff
 //-------------------------------------------------------------------------
 
+namespace snort
+{
 SnortConfig s_conf;
+
 THREAD_LOCAL SnortConfig* snort_conf = &s_conf;
 
 static SnortState s_state;
@@ -60,6 +65,7 @@ SnortConfig::~SnortConfig() { }
 SnortConfig* SnortConfig::get_conf()
 { return snort_conf; }
 
+}
 unsigned get_instance_id()
 { return 0; }
 
@@ -85,6 +91,8 @@ void LogStat(const char*, double, FILE*)
 static void* s_tree = (void*)"tree";
 static void* s_list = (void*)"list";
 
+namespace snort
+{
 static MpseAgent s_agent =
 {
     [](struct SnortConfig* sc, void*, void** ppt)
@@ -104,6 +112,23 @@ static MpseAgent s_agent =
     [](void** ppl) { CHECK(*ppl == s_list); }
 };
 
+Mpse::Mpse(const char*) { }
+
+int Mpse::search(
+    const unsigned char* T, int n, MpseMatch match,
+    void* context, int* current_state)
+{
+    return _search(T, n, match, context, current_state);
+}
+
+int Mpse::search_all(
+    const unsigned char* T, int n, MpseMatch match,
+    void* context, int* current_state)
+{
+    return _search(T, n, match, context, current_state);
+}
+}
+
 extern const BaseApi* se_ac_bnfa;
 Mpse* mpse = nullptr;
 
@@ -125,21 +150,6 @@ void MpseManager::delete_search_engine(Mpse*)
     mpse_api->dtor(mpse);
 }
 
-Mpse::Mpse(const char*) { }
-
-int Mpse::search(
-    const unsigned char* T, int n, MpseMatch match,
-    void* context, int* current_state)
-{
-    return _search(T, n, match, context, current_state);
-}
-
-int Mpse::search_all(
-    const unsigned char* T, int n, MpseMatch match,
-    void* context, int* current_state)
-{
-    return _search(T, n, match, context, current_state);
-}
 
 static int pattern_id = 0;
 static int Test_SearchStrFound(

diff --git a/src/service_inspectors/back_orifice/back_orifice.cc b/src/service_inspectors/back_orifice/back_orifice.cc
index ae34ba9ab594ba5e44114f52ec861c41b4bbd7cc..456c4a6bd40398bea80d878ff2a905c5fc13047d 100644 (file)
--- a/src/service_inspectors/back_orifice/back_orifice.cc
+++ b/src/service_inspectors/back_orifice/back_orifice.cc
@@ -135,6 +135,8 @@
 #define s_help \
     "back orifice detection"
 
+using namespace snort;
+
 /* global keyvalue for the BoRand() function */
 static THREAD_LOCAL uint64_t holdrand = 1;
 

diff --git a/src/service_inspectors/dce_rpc/dce_co.cc b/src/service_inspectors/dce_rpc/dce_co.cc
index e55ef770d8d84b52967920ecec7f0688aeede654..11b06000763088ec7d4a992f3a307efa48b072f0 100644 (file)
--- a/src/service_inspectors/dce_rpc/dce_co.cc
+++ b/src/service_inspectors/dce_rpc/dce_co.cc
@@ -34,6 +34,8 @@
 #include "dce_tcp.h"
 #include "dce_tcp_module.h"
 
+using namespace snort;
+
 static THREAD_LOCAL int co_reassembled = 0;
 
 /********************************************************************

diff --git a/src/service_inspectors/dce_rpc/dce_common.cc b/src/service_inspectors/dce_rpc/dce_common.cc
index e2693885b287ea6e6a761041511a43dc308b8d31..abdfadd70863b6ec663db440c2916d234dc026ce 100644 (file)
--- a/src/service_inspectors/dce_rpc/dce_common.cc
+++ b/src/service_inspectors/dce_rpc/dce_common.cc
@@ -36,6 +36,8 @@
 #include "dce_tcp.h"
 #include "dce_udp.h"
 
+using namespace snort;
+
 THREAD_LOCAL int dce2_detected = 0;
 static THREAD_LOCAL bool using_rpkt = false;
 
@@ -179,7 +181,7 @@ static void DCE2_PrintRoptions(DCE2_Roptions* ropts)
     }
 }
 
-static void dce2_protocol_detect(DCE2_SsnData* sd, Packet* pkt)
+static void dce2_protocol_detect(DCE2_SsnData* sd, snort::Packet* pkt)
 {
     if (sd->trans == DCE2_TRANS_TYPE__TCP)
     {
@@ -209,7 +211,7 @@ void DCE2_Detect(DCE2_SsnData* sd)
         DCE2_Detect(sd);
         return;
     }
-    Packet* top_pkt = DetectionEngine::get_current_packet();
+    snort::Packet* top_pkt = DetectionEngine::get_current_packet();
 
     DCE2_PrintRoptions(&sd->ropts);
     DebugMessage(DEBUG_DCE_COMMON, "Payload:\n");
@@ -228,7 +230,7 @@ void DCE2_Detect(DCE2_SsnData* sd)
     DebugMessage(DEBUG_DCE_COMMON, "----------------------------------------------------------\n");
 }
 
-DCE2_SsnData* get_dce2_session_data(Packet* p)
+DCE2_SsnData* get_dce2_session_data(snort::Packet* p)
 {
     DCE2_SmbSsnData* smb_data = get_dce2_smb_session_data(p->flow);
     DCE2_SsnData* sd = (smb_data != nullptr) ? &(smb_data->sd) : nullptr;
@@ -310,7 +312,7 @@ bool DceEndianness::get_offset_endianness(int32_t offset, uint8_t& endian)
 
 uint16_t DCE2_GetRpktMaxData(DCE2_SsnData* sd, DCE2_RpktType rtype)
 {
-    Packet* p = sd->wire_pkt;
+    snort::Packet* p = sd->wire_pkt;
     uint16_t overhead = 0;
 
     switch (rtype)
@@ -346,10 +348,10 @@ uint16_t DCE2_GetRpktMaxData(DCE2_SsnData* sd, DCE2_RpktType rtype)
         DebugFormat(DEBUG_DCE_COMMON,"Invalid reassembly packet type: %d\n",rtype);
         return 0;
     }
-    return (Packet::max_dsize - overhead);
+    return (snort::Packet::max_dsize - overhead);
 }
 
-static void dce2_fill_rpkt_info(Packet* rpkt, Packet* p)
+static void dce2_fill_rpkt_info(snort::Packet* rpkt, snort::Packet* p)
 {
     rpkt->endianness = new DceEndianness();
     rpkt->pkth = p->pkth;
@@ -363,10 +365,10 @@ static void dce2_fill_rpkt_info(Packet* rpkt, Packet* p)
     rpkt->user_network_policy_id = p->user_network_policy_id;
 }
 
-Packet* DCE2_GetRpkt(Packet* p,DCE2_RpktType rpkt_type,
+snort::Packet* DCE2_GetRpkt(snort::Packet* p,DCE2_RpktType rpkt_type,
     const uint8_t* data, uint32_t data_len)
 {
-    Packet* rpkt = DetectionEngine::set_next_packet();
+    snort::Packet* rpkt = DetectionEngine::set_next_packet();
     uint8_t* wrdata = const_cast<uint8_t*>(rpkt->data);
     dce2_fill_rpkt_info(rpkt, p);
     uint16_t data_overhead = 0;
@@ -466,10 +468,10 @@ Packet* DCE2_GetRpkt(Packet* p,DCE2_RpktType rpkt_type,
         return nullptr;
     }
 
-    if ((data_overhead + data_len) > Packet::max_dsize)
-        data_len -= (data_overhead + data_len) - Packet::max_dsize;
+    if ((data_overhead + data_len) > snort::Packet::max_dsize)
+        data_len -= (data_overhead + data_len) - snort::Packet::max_dsize;
 
-    if (data_len > Packet::max_dsize - data_overhead)
+    if (data_len > snort::Packet::max_dsize - data_overhead)
     {
         DebugMessage(DEBUG_DCE_COMMON, "Failed to create reassembly packet.\n");
         delete rpkt->endianness;
@@ -478,14 +480,14 @@ Packet* DCE2_GetRpkt(Packet* p,DCE2_RpktType rpkt_type,
     }
 
     memcpy_s((void*)(rpkt->data + data_overhead),
-        Packet::max_dsize - data_overhead, data, data_len);
+        snort::Packet::max_dsize - data_overhead, data, data_len);
 
     rpkt->dsize = data_len + data_overhead;
     using_rpkt = true;
     return rpkt;
 }
 
-DCE2_Ret DCE2_AddDataToRpkt(Packet* rpkt, const uint8_t* data, uint32_t data_len)
+DCE2_Ret DCE2_AddDataToRpkt(snort::Packet* rpkt, const uint8_t* data, uint32_t data_len)
 {
     if ((rpkt == nullptr) || (data == nullptr) || (data_len == 0))
         return DCE2_RET__ERROR;
@@ -494,16 +496,16 @@ DCE2_Ret DCE2_AddDataToRpkt(Packet* rpkt, const uint8_t* data, uint32_t data_len
         return DCE2_RET__ERROR;
 
     // FIXIT-L PORT_IF_NEEDED packet size and hdr check
-    const uint8_t* pkt_data_end = rpkt->data + Packet::max_dsize;
+    const uint8_t* pkt_data_end = rpkt->data + snort::Packet::max_dsize;
     const uint8_t* payload_end = rpkt->data + rpkt->dsize;
 
     if ((payload_end + data_len) > pkt_data_end)
         data_len = pkt_data_end - payload_end;
 
-    if (data_len > Packet::max_dsize - rpkt->dsize)
+    if (data_len > snort::Packet::max_dsize - rpkt->dsize)
         return DCE2_RET__ERROR;
 
-    memcpy_s((void*)(payload_end), Packet::max_dsize - rpkt->dsize,
+    memcpy_s((void*)(payload_end), snort::Packet::max_dsize - rpkt->dsize,
         data, data_len);
 
     rpkt->dsize += (uint16_t)data_len;

diff --git a/src/service_inspectors/dce_rpc/dce_common.h b/src/service_inspectors/dce_rpc/dce_common.h
index 19abdae06737573356447125c12a2d9a1ab76c48..a058d8568c0553a20a222c0f22a9ecf888a4b6ca 100644 (file)
--- a/src/service_inspectors/dce_rpc/dce_common.h
+++ b/src/service_inspectors/dce_rpc/dce_common.h
@@ -31,11 +31,11 @@
 
 #include "dce_list.h"
 
-extern const InspectApi dce2_smb_api;
-extern const InspectApi dce2_tcp_api;
-extern const InspectApi dce2_udp_api;
-extern const InspectApi dce_http_proxy_api;
-extern const InspectApi dce_http_server_api;
+extern const snort::InspectApi dce2_smb_api;
+extern const snort::InspectApi dce2_tcp_api;
+extern const snort::InspectApi dce2_udp_api;
+extern const snort::InspectApi dce_http_proxy_api;
+extern const snort::InspectApi dce_http_server_api;
 extern THREAD_LOCAL int dce2_detected;
 
 #define GID_DCE2 133
@@ -198,7 +198,7 @@ struct DCE2_SsnData
     DCE2_Policy server_policy;
     DCE2_Policy client_policy;
     int flags;
-    Packet* wire_pkt;
+    snort::Packet* wire_pkt;
     uint64_t alert_mask;
     DCE2_Roptions ropts;
     void* config;
@@ -258,12 +258,12 @@ inline uint16_t DCE2_GcMaxFragLen(dce2CommonProtoConf* config)
     return UINT16_MAX;
 }
 
-inline int DCE2_SsnFromServer(Packet* p)
+inline int DCE2_SsnFromServer(snort::Packet* p)
 {
     return p->is_from_server();
 }
 
-inline int DCE2_SsnFromClient(Packet* p)
+inline int DCE2_SsnFromClient(snort::Packet* p)
 {
     return p->is_from_client();
 }
@@ -391,20 +391,20 @@ inline bool DCE2_SsnIsServerSambaPolicy(DCE2_SsnData* sd)
 
 inline void dce_alert(uint32_t gid, uint32_t sid, dce2CommonStats* stats)
 {
-    DetectionEngine::queue_event(gid,sid);
+    snort::DetectionEngine::queue_event(gid,sid);
     stats->events++;
 }
 
-bool dce2_set_common_config(Value&, dce2CommonProtoConf&);
+bool dce2_set_common_config(snort::Value&, dce2CommonProtoConf&);
 void print_dce2_common_config(dce2CommonProtoConf&);
-bool dce2_set_co_config(Value&, dce2CoProtoConf&);
+bool dce2_set_co_config(snort::Value&, dce2CoProtoConf&);
 void print_dce2_co_config(dce2CoProtoConf&);
-bool dce2_paf_abort(Flow*, DCE2_SsnData*);
+bool dce2_paf_abort(snort::Flow*, DCE2_SsnData*);
 void DCE2_Detect(DCE2_SsnData*);
-Packet* DCE2_GetRpkt(Packet*, DCE2_RpktType, const uint8_t*, uint32_t);
+snort::Packet* DCE2_GetRpkt(snort::Packet*, DCE2_RpktType, const uint8_t*, uint32_t);
 uint16_t DCE2_GetRpktMaxData(DCE2_SsnData*, DCE2_RpktType);
-DCE2_Ret DCE2_AddDataToRpkt(Packet*, const uint8_t*, uint32_t);
-DCE2_SsnData* get_dce2_session_data(Packet*);
+DCE2_Ret DCE2_AddDataToRpkt(snort::Packet*, const uint8_t*, uint32_t);
+DCE2_SsnData* get_dce2_session_data(snort::Packet*);
 
 #endif
 

diff --git a/src/service_inspectors/dce_rpc/dce_http_common.cc b/src/service_inspectors/dce_rpc/dce_http_common.cc
index 7ccbf5623173e7e23600f2d59752aee5b6306992..c1285718fe360907b28986abbe3990fc76b6962d 100644 (file)
--- a/src/service_inspectors/dce_rpc/dce_http_common.cc
+++ b/src/service_inspectors/dce_rpc/dce_http_common.cc
@@ -28,12 +28,12 @@
 #include "binder/binder.h"
 #include "managers/inspector_manager.h"
 
-void dce_http_bind(Flow* flow, const char* service)
+void dce_http_bind(snort::Flow* flow, const char* service)
 {
     assert (flow);
     flow->service = service;
 
-    Inspector* ins = InspectorManager::get_binder();
+    snort::Inspector* ins = snort::InspectorManager::get_binder();
 
     if ( ins )
         ins->exec(BinderSpace::ExecOperation::HANDLE_GADGET, flow);

diff --git a/src/service_inspectors/dce_rpc/dce_http_common.h b/src/service_inspectors/dce_rpc/dce_http_common.h
index d0a3fc316264bf9cdb88668d2d90bd496896886b..5ba54cb3173c578c0e52fe3315e0b1048035749e 100644 (file)
--- a/src/service_inspectors/dce_rpc/dce_http_common.h
+++ b/src/service_inspectors/dce_rpc/dce_http_common.h
@@ -24,7 +24,7 @@
 
 #include "flow/flow.h"
 
-void dce_http_bind(Flow* flow, const char* service);
+void dce_http_bind(snort::Flow* flow, const char* service);
 
 #endif
 

diff --git a/src/service_inspectors/dce_rpc/dce_http_proxy.cc b/src/service_inspectors/dce_rpc/dce_http_proxy.cc
index 1cbe175ffc5fd5f781a605a1dfceb66341539466..48adfae748bb66e82c280cb88f6d570b80fafe49 100644 (file)
--- a/src/service_inspectors/dce_rpc/dce_http_proxy.cc
+++ b/src/service_inspectors/dce_rpc/dce_http_proxy.cc
@@ -30,6 +30,8 @@
 #include "managers/inspector_manager.h"
 #include "stream/libtcp/tcp_stream_session.h"
 
+using namespace snort;
+
 THREAD_LOCAL DceHttpProxyStats dce_http_proxy_stats;
 
 //-------------------------------------------------------------------------

diff --git a/src/service_inspectors/dce_rpc/dce_http_proxy_module.h b/src/service_inspectors/dce_rpc/dce_http_proxy_module.h
index 48ecb9d00e9a2f77608ec1610a60da6034b61e9a..bb57ff08295d423be9dfd4eb3256da084e6de36d 100644 (file)
--- a/src/service_inspectors/dce_rpc/dce_http_proxy_module.h
+++ b/src/service_inspectors/dce_rpc/dce_http_proxy_module.h
@@ -26,9 +26,7 @@
 #include "framework/module.h"
 #include "main/thread.h"
 
-struct SnortConfig;
-
-class DceHttpProxyModule : public Module
+class DceHttpProxyModule : public snort::Module
 {
 public:
     DceHttpProxyModule();

diff --git a/src/service_inspectors/dce_rpc/dce_http_proxy_splitter.cc b/src/service_inspectors/dce_rpc/dce_http_proxy_splitter.cc
index 639aa49093c38ac50058bc03cd51edcded7b4408..a72952b52fdccae528485a9154ff31502cde7409 100644 (file)
--- a/src/service_inspectors/dce_rpc/dce_http_proxy_splitter.cc
+++ b/src/service_inspectors/dce_rpc/dce_http_proxy_splitter.cc
@@ -32,6 +32,8 @@
 #include "catch/snort_catch.h"
 #endif
 
+using namespace snort;
+
 // NOTE:  These strings must have a length of at least one character
 #define HTTP_PROXY_REQUEST    "RPC_CONNECT"
 #define HTTP_PROXY_RESPONSE   "HTTP/1."

diff --git a/src/service_inspectors/dce_rpc/dce_http_proxy_splitter.h b/src/service_inspectors/dce_rpc/dce_http_proxy_splitter.h
index 2de3013f11f7949a90bc25011e29965297a03053..ebbc0da4b640101368848d1be78b28543c028a4a 100644 (file)
--- a/src/service_inspectors/dce_rpc/dce_http_proxy_splitter.h
+++ b/src/service_inspectors/dce_rpc/dce_http_proxy_splitter.h
@@ -25,15 +25,15 @@
 #include "dce_common.h"
 #include "stream/stream_splitter.h"
 
-class DceHttpProxySplitter : public StreamSplitter
+class DceHttpProxySplitter : public snort::StreamSplitter
 {
 public:
     DceHttpProxySplitter(bool c2s);
 
-    Status scan(Flow*, const uint8_t* data, uint32_t len,
+    Status scan(snort::Flow*, const uint8_t* data, uint32_t len,
         uint32_t flags, uint32_t* fp) override;
 
-    const StreamBuffer reassemble(Flow*, unsigned, unsigned,
+    const snort::StreamBuffer reassemble(snort::Flow*, unsigned, unsigned,
         const uint8_t*, unsigned, uint32_t, unsigned&) override;
 
     bool is_paf() override

diff --git a/src/service_inspectors/dce_rpc/dce_http_server.cc b/src/service_inspectors/dce_rpc/dce_http_server.cc
index 5541ff66b8256ae8f777ab69fa0da9e2831a5d55..e5720efb6b60b41009886c1c16890808b11c4e9e 100644 (file)
--- a/src/service_inspectors/dce_rpc/dce_http_server.cc
+++ b/src/service_inspectors/dce_rpc/dce_http_server.cc
@@ -30,6 +30,8 @@
 #include "managers/inspector_manager.h"
 #include "stream/libtcp/tcp_stream_session.h"
 
+using namespace snort;
+
 THREAD_LOCAL DceHttpServerStats dce_http_server_stats;
 
 //-------------------------------------------------------------------------

diff --git a/src/service_inspectors/dce_rpc/dce_http_server_module.h b/src/service_inspectors/dce_rpc/dce_http_server_module.h
index 9314cb5aa4b83bdc0f6a2d5f6987af5e86eda584..5f42d3f40c5fc475d62222f6180840745f477f8b 100644 (file)
--- a/src/service_inspectors/dce_rpc/dce_http_server_module.h
+++ b/src/service_inspectors/dce_rpc/dce_http_server_module.h
@@ -26,9 +26,7 @@
 #include "framework/module.h"
 #include "main/thread.h"
 
-struct SnortConfig;
-
-class DceHttpServerModule : public Module
+class DceHttpServerModule : public snort::Module
 {
 public:
     DceHttpServerModule();

diff --git a/src/service_inspectors/dce_rpc/dce_http_server_splitter.cc b/src/service_inspectors/dce_rpc/dce_http_server_splitter.cc
index 03ef351ac9293be423bff39572408b1de190da53..1dd0b497568c12364bec2fe73bb310a2609d2af7 100644 (file)
--- a/src/service_inspectors/dce_rpc/dce_http_server_splitter.cc
+++ b/src/service_inspectors/dce_rpc/dce_http_server_splitter.cc
@@ -32,6 +32,8 @@
 #include "catch/snort_catch.h"
 #endif
 
+using namespace snort;
+
 // NOTE:  These strings must have a length of at least one character
 #define HTTP_SERVER_MARKER "ncacn_http/1.0"
 

diff --git a/src/service_inspectors/dce_rpc/dce_http_server_splitter.h b/src/service_inspectors/dce_rpc/dce_http_server_splitter.h
index 78b593cc58df17c0ec64d418c0f64b78182bc53d..c2d33572ee1b873a2ed5a8b2007114eec80bc19b 100644 (file)
--- a/src/service_inspectors/dce_rpc/dce_http_server_splitter.h
+++ b/src/service_inspectors/dce_rpc/dce_http_server_splitter.h
@@ -25,12 +25,12 @@
 #include "dce_common.h"
 #include "stream/stream_splitter.h"
 
-class DceHttpServerSplitter : public StreamSplitter
+class DceHttpServerSplitter : public snort::StreamSplitter
 {
 public:
     DceHttpServerSplitter(bool c2s);
 
-    Status scan(Flow*, const uint8_t* data, uint32_t len,
+    Status scan(snort::Flow*, const uint8_t* data, uint32_t len,
         uint32_t flags, uint32_t* fp) override;
 //  FIXIT-M - Should be able to implement but framework does not permit
 /*    const StreamBuffer* reassemble(Flow*, unsigned, unsigned,

diff --git a/src/service_inspectors/dce_rpc/dce_smb.cc b/src/service_inspectors/dce_rpc/dce_smb.cc
index 5e7bb3ab49f61e653bbeeb8714c37be05e27dcc5..a7f820774f30501501aface95025571db93957b0 100644 (file)
--- a/src/service_inspectors/dce_rpc/dce_smb.cc
+++ b/src/service_inspectors/dce_rpc/dce_smb.cc
@@ -40,27 +40,27 @@
 THREAD_LOCAL dce2SmbStats dce2_smb_stats;
 
 // used here
-THREAD_LOCAL ProfileStats dce2_smb_pstat_main;
-THREAD_LOCAL ProfileStats dce2_smb_pstat_session;
-THREAD_LOCAL ProfileStats dce2_smb_pstat_new_session;
-THREAD_LOCAL ProfileStats dce2_smb_pstat_smb_req;
+THREAD_LOCAL snort::ProfileStats dce2_smb_pstat_main;
+THREAD_LOCAL snort::ProfileStats dce2_smb_pstat_session;
+THREAD_LOCAL snort::ProfileStats dce2_smb_pstat_new_session;
+THREAD_LOCAL snort::ProfileStats dce2_smb_pstat_smb_req;
 
 // used elsewhere
-THREAD_LOCAL ProfileStats dce2_smb_pstat_detect;
-THREAD_LOCAL ProfileStats dce2_smb_pstat_log;
-THREAD_LOCAL ProfileStats dce2_smb_pstat_co_seg;
-THREAD_LOCAL ProfileStats dce2_smb_pstat_co_frag;
-THREAD_LOCAL ProfileStats dce2_smb_pstat_co_reass;
-THREAD_LOCAL ProfileStats dce2_smb_pstat_co_ctx;
-THREAD_LOCAL ProfileStats dce2_smb_pstat_smb_seg;
-THREAD_LOCAL ProfileStats dce2_smb_pstat_smb_uid;
-THREAD_LOCAL ProfileStats dce2_smb_pstat_smb_tid;
-THREAD_LOCAL ProfileStats dce2_smb_pstat_smb_fid;
-THREAD_LOCAL ProfileStats dce2_smb_pstat_smb_file;
-THREAD_LOCAL ProfileStats dce2_smb_pstat_smb_file_detect;
-THREAD_LOCAL ProfileStats dce2_smb_pstat_smb_file_api;
-THREAD_LOCAL ProfileStats dce2_smb_pstat_smb_fingerprint;
-THREAD_LOCAL ProfileStats dce2_smb_pstat_smb_negotiate;
+THREAD_LOCAL snort::ProfileStats dce2_smb_pstat_detect;
+THREAD_LOCAL snort::ProfileStats dce2_smb_pstat_log;
+THREAD_LOCAL snort::ProfileStats dce2_smb_pstat_co_seg;
+THREAD_LOCAL snort::ProfileStats dce2_smb_pstat_co_frag;
+THREAD_LOCAL snort::ProfileStats dce2_smb_pstat_co_reass;
+THREAD_LOCAL snort::ProfileStats dce2_smb_pstat_co_ctx;
+THREAD_LOCAL snort::ProfileStats dce2_smb_pstat_smb_seg;
+THREAD_LOCAL snort::ProfileStats dce2_smb_pstat_smb_uid;
+THREAD_LOCAL snort::ProfileStats dce2_smb_pstat_smb_tid;
+THREAD_LOCAL snort::ProfileStats dce2_smb_pstat_smb_fid;
+THREAD_LOCAL snort::ProfileStats dce2_smb_pstat_smb_file;
+THREAD_LOCAL snort::ProfileStats dce2_smb_pstat_smb_file_detect;
+THREAD_LOCAL snort::ProfileStats dce2_smb_pstat_smb_file_api;
+THREAD_LOCAL snort::ProfileStats dce2_smb_pstat_smb_fingerprint;
+THREAD_LOCAL snort::ProfileStats dce2_smb_pstat_smb_negotiate;
 
 //-------------------------------------------------------------------------
 // debug stuff
@@ -335,15 +335,15 @@ const char* get_smb_com_string(uint8_t b)
 // class stuff
 //-------------------------------------------------------------------------
 
-class Dce2Smb : public Inspector
+class Dce2Smb : public snort::Inspector
 {
 public:
     Dce2Smb(dce2SmbProtoConf&);
     ~Dce2Smb() override;
 
-    void show(SnortConfig*) override;
-    void eval(Packet*) override;
-    StreamSplitter* get_splitter(bool c2s) override
+    void show(snort::SnortConfig*) override;
+    void eval(snort::Packet*) override;
+    snort::StreamSplitter* get_splitter(bool c2s) override
     {
         return new Dce2SmbSplitter(c2s);
     }
@@ -358,7 +358,7 @@ Dce2Smb::Dce2Smb(dce2SmbProtoConf& pc)
     if ((config.smb_file_inspection == DCE2_SMB_FILE_INSPECTION_ONLY)
         || (config.smb_file_inspection == DCE2_SMB_FILE_INSPECTION_ON))
     {
-        Active::set_enabled();
+        snort::Active::set_enabled();
     }
 }
 
@@ -370,15 +370,15 @@ Dce2Smb::~Dce2Smb()
     }
 }
 
-void Dce2Smb::show(SnortConfig*)
+void Dce2Smb::show(snort::SnortConfig*)
 {
     print_dce2_smb_conf(config);
 }
 
-void Dce2Smb::eval(Packet* p)
+void Dce2Smb::eval(snort::Packet* p)
 {
     DCE2_SmbSsnData* dce2_smb_sess;
-    Profile profile(dce2_smb_pstat_main);
+    snort::Profile profile(dce2_smb_pstat_main);
 
     assert(p->has_tcp_data());
     assert(p->flow);
@@ -415,12 +415,12 @@ void Dce2Smb::eval(Packet* p)
 // api stuff
 //-------------------------------------------------------------------------
 
-static Module* mod_ctor()
+static snort::Module* mod_ctor()
 {
     return new Dce2SmbModule;
 }
 
-static void mod_dtor(Module* m)
+static void mod_dtor(snort::Module* m)
 {
     delete m;
 }
@@ -432,7 +432,7 @@ static void dce2_smb_init()
     DCE2_SmbInitDeletePdu();
 }
 
-static Inspector* dce2_smb_ctor(Module* m)
+static snort::Inspector* dce2_smb_ctor(snort::Module* m)
 {
     Dce2SmbModule* mod = (Dce2SmbModule*)m;
     dce2SmbProtoConf config;
@@ -440,16 +440,16 @@ static Inspector* dce2_smb_ctor(Module* m)
     return new Dce2Smb(config);
 }
 
-static void dce2_smb_dtor(Inspector* p)
+static void dce2_smb_dtor(snort::Inspector* p)
 {
     delete p;
 }
 
-const InspectApi dce2_smb_api =
+const snort::InspectApi dce2_smb_api =
 {
     {
         PT_INSPECTOR,
-        sizeof(InspectApi),
+        sizeof(snort::InspectApi),
         INSAPI_VERSION,
         0,
         API_RESERVED,
@@ -459,7 +459,7 @@ const InspectApi dce2_smb_api =
         mod_ctor,
         mod_dtor
     },
-    IT_SERVICE,
+    snort::IT_SERVICE,
     (uint16_t)PktType::PDU,
     nullptr,  // buffers
     "netbios-ssn",

diff --git a/src/service_inspectors/dce_rpc/dce_smb.h b/src/service_inspectors/dce_rpc/dce_smb.h
index 88ba9a13f0195864f909ac040ea26d271d42f974..c8e46a16c67301b15364c74fb9e814fabfa2af7c 100644 (file)
--- a/src/service_inspectors/dce_rpc/dce_smb.h
+++ b/src/service_inspectors/dce_rpc/dce_smb.h
@@ -192,25 +192,25 @@ struct dce2SmbStats
 };
 
 extern THREAD_LOCAL dce2SmbStats dce2_smb_stats;
-extern THREAD_LOCAL ProfileStats dce2_smb_pstat_main;
-extern THREAD_LOCAL ProfileStats dce2_smb_pstat_session;
-extern THREAD_LOCAL ProfileStats dce2_smb_pstat_new_session;
-extern THREAD_LOCAL ProfileStats dce2_smb_pstat_detect;
-extern THREAD_LOCAL ProfileStats dce2_smb_pstat_log;
-extern THREAD_LOCAL ProfileStats dce2_smb_pstat_co_seg;
-extern THREAD_LOCAL ProfileStats dce2_smb_pstat_co_frag;
-extern THREAD_LOCAL ProfileStats dce2_smb_pstat_co_reass;
-extern THREAD_LOCAL ProfileStats dce2_smb_pstat_co_ctx;
-extern THREAD_LOCAL ProfileStats dce2_smb_pstat_smb_seg;
-extern THREAD_LOCAL ProfileStats dce2_smb_pstat_smb_req;
-extern THREAD_LOCAL ProfileStats dce2_smb_pstat_smb_uid;
-extern THREAD_LOCAL ProfileStats dce2_smb_pstat_smb_tid;
-extern THREAD_LOCAL ProfileStats dce2_smb_pstat_smb_fid;
-extern THREAD_LOCAL ProfileStats dce2_smb_pstat_smb_file;
-extern THREAD_LOCAL ProfileStats dce2_smb_pstat_smb_file_detect;
-extern THREAD_LOCAL ProfileStats dce2_smb_pstat_smb_file_api;
-extern THREAD_LOCAL ProfileStats dce2_smb_pstat_smb_fingerprint;
-extern THREAD_LOCAL ProfileStats dce2_smb_pstat_smb_negotiate;
+extern THREAD_LOCAL snort::ProfileStats dce2_smb_pstat_main;
+extern THREAD_LOCAL snort::ProfileStats dce2_smb_pstat_session;
+extern THREAD_LOCAL snort::ProfileStats dce2_smb_pstat_new_session;
+extern THREAD_LOCAL snort::ProfileStats dce2_smb_pstat_detect;
+extern THREAD_LOCAL snort::ProfileStats dce2_smb_pstat_log;
+extern THREAD_LOCAL snort::ProfileStats dce2_smb_pstat_co_seg;
+extern THREAD_LOCAL snort::ProfileStats dce2_smb_pstat_co_frag;
+extern THREAD_LOCAL snort::ProfileStats dce2_smb_pstat_co_reass;
+extern THREAD_LOCAL snort::ProfileStats dce2_smb_pstat_co_ctx;
+extern THREAD_LOCAL snort::ProfileStats dce2_smb_pstat_smb_seg;
+extern THREAD_LOCAL snort::ProfileStats dce2_smb_pstat_smb_req;
+extern THREAD_LOCAL snort::ProfileStats dce2_smb_pstat_smb_uid;
+extern THREAD_LOCAL snort::ProfileStats dce2_smb_pstat_smb_tid;
+extern THREAD_LOCAL snort::ProfileStats dce2_smb_pstat_smb_fid;
+extern THREAD_LOCAL snort::ProfileStats dce2_smb_pstat_smb_file;
+extern THREAD_LOCAL snort::ProfileStats dce2_smb_pstat_smb_file_detect;
+extern THREAD_LOCAL snort::ProfileStats dce2_smb_pstat_smb_file_api;
+extern THREAD_LOCAL snort::ProfileStats dce2_smb_pstat_smb_fingerprint;
+extern THREAD_LOCAL snort::ProfileStats dce2_smb_pstat_smb_negotiate;
 
 enum DCE2_SmbSsnState
 {
@@ -463,7 +463,7 @@ struct DCE2_SmbFsm
     int fail_state;
 };
 
-class Dce2SmbFlowData : public FlowData
+class Dce2SmbFlowData : public snort::FlowData
 {
 public:
     Dce2SmbFlowData();
@@ -471,7 +471,7 @@ public:
 
     static void init()
     {
-        inspector_id = FlowData::create_flow_data_id();
+        inspector_id = snort::FlowData::create_flow_data_id();
     }
 
 public:
@@ -485,7 +485,7 @@ public:
 #define DCE2_MOCK_HDR_LEN__SMB_SRV \
     (sizeof(NbssHdr) + sizeof(SmbNtHdr) + sizeof(SmbReadAndXResp))
 
-DCE2_SmbSsnData* get_dce2_smb_session_data(Flow*);
+DCE2_SmbSsnData* get_dce2_smb_session_data(snort::Flow*);
 
 const char* get_smb_com_string(uint8_t);
 #endif

diff --git a/src/service_inspectors/dce_rpc/dce_smb2.cc b/src/service_inspectors/dce_rpc/dce_smb2.cc
index 18e5eaa1355a7b7617c32f40f3d7ad81b254797d..9648306d55857471728b42e7d5df7474f1ea70b9 100644 (file)
--- a/src/service_inspectors/dce_rpc/dce_smb2.cc
+++ b/src/service_inspectors/dce_rpc/dce_smb2.cc
@@ -33,6 +33,8 @@
 #include "dce_smb_module.h"
 #include "dce_smb_utils.h"
 
+using namespace snort;
+
 #define   UNKNOWN_FILE_SIZE                  ~0
 
 // FIXIT-L port fileCache related code along with

diff --git a/src/service_inspectors/dce_rpc/dce_smb2.h b/src/service_inspectors/dce_rpc/dce_smb2.h
index f3b7c76e45fcc57d1b36701aa0099681c65b4950..5a2a9513fd7f523b9ddd7b2eaf3ba16cda9a67df 100644 (file)
--- a/src/service_inspectors/dce_rpc/dce_smb2.h
+++ b/src/service_inspectors/dce_rpc/dce_smb2.h
@@ -271,7 +271,7 @@ DCE2_Ret DCE2_Smb2InitFileTracker(DCE2_SmbFileTracker* ftracker,
     const bool is_ipc, const uint64_t fid);
 
 /* Check smb version based on smb header */
-DCE2_SmbVersion DCE2_Smb2Version(const Packet* p);
+DCE2_SmbVersion DCE2_Smb2Version(const snort::Packet* p);
 
 #endif  /* _DCE_SMB2_H_ */
 

diff --git a/src/service_inspectors/dce_rpc/dce_smb_commands.cc b/src/service_inspectors/dce_rpc/dce_smb_commands.cc
index 488a7107dc64c03f36ad91898607f911405c375d..717c880a9afd5e949bd67ddbfc58a1959e3c0e01 100644 (file)
--- a/src/service_inspectors/dce_rpc/dce_smb_commands.cc
+++ b/src/service_inspectors/dce_rpc/dce_smb_commands.cc
@@ -418,7 +418,7 @@ static DCE2_Ret DCE2_SmbWriteAndXRawRequest(DCE2_SmbSsnData* ssd, const SmbNtHdr
             {
                 const uint8_t* data_ptr = DCE2_BufferData(ftracker->fp_writex_raw->buf);
                 uint32_t data_len = DCE2_BufferLength(ftracker->fp_writex_raw->buf);
-                Packet* rpkt = DCE2_SmbGetRpkt(ssd,
+                snort::Packet* rpkt = DCE2_SmbGetRpkt(ssd,
                     &data_ptr, &data_len, DCE2_RPKT_TYPE__SMB_TRANS);
 
                 if (rpkt == nullptr)
@@ -747,7 +747,7 @@ DCE2_Ret DCE2_SmbRead(DCE2_SmbSsnData* ssd, const SmbNtHdr*,
         uint16_t byte_count = DCE2_ComInfoByteCount(com_info);
         uint16_t com_dcnt = SmbReadRespCount((const SmbReadResp*)nb_ptr);
         uint8_t fmt = *(nb_ptr + com_size);
-        uint16_t fmt_dcnt = alignedNtohs((const uint16_t*)(nb_ptr + com_size + 1));
+        uint16_t fmt_dcnt = snort::alignedNtohs((const uint16_t*)(nb_ptr + com_size + 1));
 
         DCE2_MOVE(nb_ptr, nb_len, (com_size + 3));
 
@@ -777,7 +777,7 @@ DCE2_Ret DCE2_SmbWrite(DCE2_SmbSsnData* ssd, const SmbNtHdr*,
         uint16_t byte_count = DCE2_ComInfoByteCount(com_info);
         uint8_t fmt = *(nb_ptr + com_size);
         uint16_t com_dcnt = SmbWriteReqCount((const SmbWriteReq*)nb_ptr);
-        uint16_t fmt_dcnt = alignedNtohs((const uint16_t*)(nb_ptr + com_size + 1));
+        uint16_t fmt_dcnt = snort::alignedNtohs((const uint16_t*)(nb_ptr + com_size + 1));
         uint16_t fid = SmbWriteReqFid((const SmbWriteReq*)nb_ptr);
         uint32_t offset = SmbWriteReqOffset((const SmbWriteReq*)nb_ptr);
 
@@ -886,7 +886,7 @@ DCE2_Ret DCE2_SmbLockAndRead(DCE2_SmbSsnData* ssd, const SmbNtHdr*,
         uint16_t byte_count = DCE2_ComInfoByteCount(com_info);
         uint8_t fmt = *(nb_ptr + com_size);
         uint16_t com_dcnt = SmbLockAndReadRespCount((const SmbLockAndReadResp*)nb_ptr);
-        uint16_t fmt_dcnt = alignedNtohs((const uint16_t*)(nb_ptr + com_size + 1));
+        uint16_t fmt_dcnt = snort::alignedNtohs((const uint16_t*)(nb_ptr + com_size + 1));
 
         DCE2_MOVE(nb_ptr, nb_len, (com_size + 3));
 
@@ -941,7 +941,7 @@ DCE2_Ret DCE2_SmbWriteAndUnlock(DCE2_SmbSsnData* ssd, const SmbNtHdr* smb_hdr,
         uint16_t byte_count = DCE2_ComInfoByteCount(com_info);
         uint8_t fmt = *(nb_ptr + com_size);
         uint16_t com_dcnt = SmbWriteAndUnlockReqCount((const SmbWriteAndUnlockReq*)nb_ptr);
-        uint16_t fmt_dcnt = alignedNtohs((const uint16_t*)(nb_ptr + com_size + 1));
+        uint16_t fmt_dcnt = snort::alignedNtohs((const uint16_t*)(nb_ptr + com_size + 1));
         uint16_t fid = SmbWriteAndUnlockReqFid((const SmbWriteAndUnlockReq*)nb_ptr);
         uint32_t offset = SmbWriteAndUnlockReqOffset((const SmbWriteAndUnlockReq*)nb_ptr);
 
@@ -1207,7 +1207,7 @@ DCE2_Ret DCE2_SmbSessionSetupAndX(DCE2_SmbSsnData* ssd, const SmbNtHdr* smb_hdr,
             if ((word_count != 13) && (word_count != 12))
                 return DCE2_RET__SUCCESS;
 
-            Profile profile(dce2_smb_pstat_smb_fingerprint);
+            snort::Profile profile(dce2_smb_pstat_smb_fingerprint);
 
             if (word_count == 13)
             {
@@ -1409,7 +1409,7 @@ DCE2_Ret DCE2_SmbSessionSetupAndX(DCE2_SmbSsnData* ssd, const SmbNtHdr* smb_hdr,
             if (DCE2_ComInfoByteCount(com_info) == 0)
                 return DCE2_RET__SUCCESS;
 
-            Profile profile(dce2_smb_pstat_smb_fingerprint);
+            snort::Profile profile(dce2_smb_pstat_smb_fingerprint);
 
             if (DCE2_ComInfoWordCount(com_info) == 3)
             {
@@ -1638,7 +1638,7 @@ DCE2_Ret DCE2_SmbNegotiate(DCE2_SmbSsnData* ssd, const SmbNtHdr*,
     if (!DCE2_ComInfoCanProcessCommand(com_info))
         return DCE2_RET__ERROR;
 
-    Profile profile(dce2_smb_pstat_smb_negotiate);
+    snort::Profile profile(dce2_smb_pstat_smb_negotiate);
 
     if (DCE2_ComInfoIsRequest(com_info))
     {

diff --git a/src/service_inspectors/dce_rpc/dce_smb_module.cc b/src/service_inspectors/dce_rpc/dce_smb_module.cc
index 9d1f66572aa37c200be51707c0d181d1cc63b712..43fc37103944372a982e744109c8cef06c945e7d 100644 (file)
--- a/src/service_inspectors/dce_rpc/dce_smb_module.cc
+++ b/src/service_inspectors/dce_rpc/dce_smb_module.cc
@@ -30,6 +30,7 @@
 
 #include "dce_smb.h"
 
+using namespace snort;
 using namespace std;
 
 static const PegInfo dce2_smb_pegs[] =
@@ -423,7 +424,7 @@ static bool set_smb_invalid_shares(dce2SmbProtoConf& config, Value& v)
     return(true);
 }
 
-bool Dce2SmbModule::set(const char*, Value& v, SnortConfig*)
+bool Dce2SmbModule::set(const char*, snort::Value& v, snort::SnortConfig*)
 {
     if (dce2_set_co_config(v,config.common))
         return true;

diff --git a/src/service_inspectors/dce_rpc/dce_smb_module.h b/src/service_inspectors/dce_rpc/dce_smb_module.h
index 286a75a82c249c58dd679d5b9ebcef07616accd8..22a7d7c930d3c80ae41a1ab6b9cbfd3fbea6f7bd 100644 (file)
--- a/src/service_inspectors/dce_rpc/dce_smb_module.h
+++ b/src/service_inspectors/dce_rpc/dce_smb_module.h
@@ -66,21 +66,21 @@ struct dce2SmbProtoConf
     bool legacy_mode;
 };
 
-class Dce2SmbModule : public Module
+class Dce2SmbModule : public snort::Module
 {
 public:
     Dce2SmbModule();
     ~Dce2SmbModule() override;
 
-    bool set(const char*, Value&, SnortConfig*) override;
+    bool set(const char*, snort::Value&, snort::SnortConfig*) override;
 
     unsigned get_gid() const override
     { return GID_DCE2; }
 
-    const RuleMap* get_rules() const override;
+    const snort::RuleMap* get_rules() const override;
     const PegInfo* get_pegs() const override;
     PegCount* get_counts() const override;
-    ProfileStats* get_profile(unsigned, const char*&, const char*&) const override;
+    snort::ProfileStats* get_profile(unsigned, const char*&, const char*&) const override;
     void get_data(dce2SmbProtoConf&);
 
     Usage get_usage() const override

diff --git a/src/service_inspectors/dce_rpc/dce_smb_paf.cc b/src/service_inspectors/dce_rpc/dce_smb_paf.cc
index e47c06a414d75026fbd1df92be9f716cf534fed8..5f2308af62c2d94756f77f6d6715a56c31d94ee9 100644 (file)
--- a/src/service_inspectors/dce_rpc/dce_smb_paf.cc
+++ b/src/service_inspectors/dce_rpc/dce_smb_paf.cc
@@ -29,6 +29,8 @@
 
 #include "dce_smb.h"
 
+using namespace snort;
+
 /*********************************************************************
  * Function: DCE2_PafSmbIsValidNetbiosHdr()
  *

diff --git a/src/service_inspectors/dce_rpc/dce_smb_paf.h b/src/service_inspectors/dce_rpc/dce_smb_paf.h
index 24eb21755aad2d2180f2aebcdcde824865962d7b..d9aa9cb15613491141aeab6e78117b01b8675900 100644 (file)
--- a/src/service_inspectors/dce_rpc/dce_smb_paf.h
+++ b/src/service_inspectors/dce_rpc/dce_smb_paf.h
@@ -48,12 +48,12 @@ struct DCE2_PafSmbData
     uint64_t nb_hdr;   // Enough for NetBIOS header and 4 bytes SMB header
 };
 
-class Dce2SmbSplitter : public StreamSplitter
+class Dce2SmbSplitter : public snort::StreamSplitter
 {
 public:
     Dce2SmbSplitter(bool c2s);
 
-    Status scan(Flow*, const uint8_t* data, uint32_t len,
+    Status scan(snort::Flow*, const uint8_t* data, uint32_t len,
         uint32_t flags, uint32_t* fp) override;
 
     bool is_paf() override

diff --git a/src/service_inspectors/dce_rpc/dce_smb_transaction.cc b/src/service_inspectors/dce_rpc/dce_smb_transaction.cc
index 7d364c4f741f75bce2f34aeb26dc04f663ebd902..645d72628385fb248e92134975c35244f90ae88c 100644 (file)
--- a/src/service_inspectors/dce_rpc/dce_smb_transaction.cc
+++ b/src/service_inspectors/dce_rpc/dce_smb_transaction.cc
@@ -216,7 +216,7 @@ static DCE2_Ret DCE2_SmbTransactionReq(DCE2_SmbSsnData* ssd,
         // Only two parameters but more seems okay
         if (param_len >= 2)
         {
-            if ((alignedNtohs((const uint16_t*)param_ptr) & PIPE_STATE_MESSAGE_MODE))
+            if ((snort::alignedNtohs((const uint16_t*)param_ptr) & PIPE_STATE_MESSAGE_MODE))
                 ttracker->pipe_byte_mode = false;
             else
                 ttracker->pipe_byte_mode = true;
@@ -1077,7 +1077,7 @@ static DCE2_Ret DCE2_SmbTrans2SetFileInfoReq(DCE2_SmbSsnData* ssd,
         || (ftracker->ff_bytes_processed != 0))
         return DCE2_RET__IGNORE;
 
-    ssd->cur_rtracker->file_size = alignedNtohq((const uint64_t*)data_ptr);
+    ssd->cur_rtracker->file_size = snort::alignedNtohq((const uint64_t*)data_ptr);
     ssd->cur_rtracker->ftracker = ftracker;
 
     return DCE2_RET__SUCCESS;
@@ -1187,7 +1187,7 @@ DCE2_Ret DCE2_SmbTransaction(DCE2_SmbSsnData* ssd, const SmbNtHdr* smb_hdr,
             {
                 const uint8_t* data_ptr = DCE2_BufferData(ttracker->dbuf);
                 uint32_t data_len = DCE2_BufferLength(ttracker->dbuf);
-                Packet* rpkt = DCE2_SmbGetRpkt(ssd, &data_ptr,
+                snort::Packet* rpkt = DCE2_SmbGetRpkt(ssd, &data_ptr,
                     &data_len, DCE2_RPKT_TYPE__SMB_TRANS);
 
                 if (rpkt == nullptr)
@@ -1646,7 +1646,7 @@ DCE2_Ret DCE2_SmbTransactionSecondary(DCE2_SmbSsnData* ssd, const SmbNtHdr* smb_
     {
         const uint8_t* data_ptr = DCE2_BufferData(ttracker->dbuf);
         uint32_t data_len = DCE2_BufferLength(ttracker->dbuf);
-        Packet* rpkt = DCE2_SmbGetRpkt(ssd, &data_ptr, &data_len, DCE2_RPKT_TYPE__SMB_TRANS);
+        snort::Packet* rpkt = DCE2_SmbGetRpkt(ssd, &data_ptr, &data_len, DCE2_RPKT_TYPE__SMB_TRANS);
 
         if (rpkt == nullptr)
             return DCE2_RET__ERROR;

diff --git a/src/service_inspectors/dce_rpc/dce_smb_transaction_utils.cc b/src/service_inspectors/dce_rpc/dce_smb_transaction_utils.cc
index cb800a09736a13f2785a9ee4c1e7da06143774c8..24a0fea176be9d58a7ab1c745df343183e519eb5 100644 (file)
--- a/src/service_inspectors/dce_rpc/dce_smb_transaction_utils.cc
+++ b/src/service_inspectors/dce_rpc/dce_smb_transaction_utils.cc
@@ -361,7 +361,7 @@ DCE2_Ret DCE2_SmbValidateTransactionFields(
 DCE2_Ret DCE2_SmbBufferTransactionData(DCE2_SmbTransactionTracker* ttracker,
     const uint8_t* data_ptr, uint16_t dcnt, uint16_t ddisp)
 {
-    Profile profile(dce2_smb_pstat_smb_req);
+    snort::Profile profile(dce2_smb_pstat_smb_req);
 
     DebugMessage(DEBUG_DCE_SMB, "Buffering transaction data.\n");
 
@@ -388,7 +388,7 @@ DCE2_Ret DCE2_SmbBufferTransactionData(DCE2_SmbTransactionTracker* ttracker,
 DCE2_Ret DCE2_SmbBufferTransactionParameters(DCE2_SmbTransactionTracker* ttracker,
     const uint8_t* param_ptr, uint16_t pcnt, uint16_t pdisp)
 {
-    Profile profile(dce2_smb_pstat_smb_req);
+    snort::Profile profile(dce2_smb_pstat_smb_req);
 
     DebugMessage(DEBUG_DCE_SMB, "Buffering transaction parameters.\n");
 

diff --git a/src/service_inspectors/dce_rpc/dce_smb_utils.cc b/src/service_inspectors/dce_rpc/dce_smb_utils.cc
index e867947e80f5ec3d18498c07802aa2b0e6fa9e80..e225f21002617594e9506240060144f23608077a 100644 (file)
--- a/src/service_inspectors/dce_rpc/dce_smb_utils.cc
+++ b/src/service_inspectors/dce_rpc/dce_smb_utils.cc
@@ -34,6 +34,8 @@
 
 #include "dce_smb_module.h"
 
+using namespace snort;
+
 static uint8_t dce2_smb_delete_pdu[65535];
 
 /********************************************************************
@@ -1489,7 +1491,7 @@ void DCE2_SmbInitDeletePdu()
 
 static void DCE2_SmbInjectDeletePdu(DCE2_SmbSsnData* ssd, DCE2_SmbFileTracker* ftracker)
 {
-    Packet* inject_pkt = Snort::get_packet();
+    Packet* inject_pkt = snort::Snort::get_packet();
     if ( inject_pkt->flow != ssd->sd.wire_pkt->flow )
         return;
 

diff --git a/src/service_inspectors/dce_rpc/dce_smb_utils.h b/src/service_inspectors/dce_rpc/dce_smb_utils.h
index d98eb778372b499c4ebba5397e1ee13050093c77..7b62fcf58fae795a7ad795fc2081490f8a2935d9 100644 (file)
--- a/src/service_inspectors/dce_rpc/dce_smb_utils.h
+++ b/src/service_inspectors/dce_rpc/dce_smb_utils.h
@@ -166,7 +166,7 @@ DCE2_Ret DCE2_SmbProcessResponseData(DCE2_SmbSsnData*,
     const uint8_t*, uint32_t);
 void DCE2_SmbInitRdata(uint8_t*, int);
 void DCE2_SmbSetRdata(DCE2_SmbSsnData*, uint8_t*, uint16_t);
-Packet* DCE2_SmbGetRpkt(DCE2_SmbSsnData*, const uint8_t**,
+snort::Packet* DCE2_SmbGetRpkt(DCE2_SmbSsnData*, const uint8_t**,
     uint32_t*, DCE2_RpktType);
 DCE2_Ret DCE2_SmbHandleSegmentation(DCE2_Buffer**,
     const uint8_t*, uint32_t, uint32_t);
@@ -212,7 +212,7 @@ inline int DCE2_SmbType(DCE2_SmbSsnData* ssd)
 
 inline bool SmbUnicode(const SmbNtHdr* hdr)
 {
-    return (alignedNtohs(&hdr->smb_flg2) & SMB_FLG2__UNICODE) ? true : false;
+    return (snort::alignedNtohs(&hdr->smb_flg2) & SMB_FLG2__UNICODE) ? true : false;
 }
 
 inline bool SmbExtAttrReadOnly(const uint32_t ext_file_attrs)
@@ -250,14 +250,14 @@ inline uint8_t SmbCom(const SmbNtHdr* hdr)
 
 inline bool SmbStatusNtCodes(const SmbNtHdr* hdr)
 {
-    if (alignedNtohs(&hdr->smb_flg2) & SMB_FLG2__NT_CODES)
+    if (snort::alignedNtohs(&hdr->smb_flg2) & SMB_FLG2__NT_CODES)
         return true;
     return false;
 }
 
 inline uint32_t SmbNtStatus(const SmbNtHdr* hdr)
 {
-    return alignedNtohl(&hdr->smb_status.nt_status);
+    return snort::alignedNtohl(&hdr->smb_status.nt_status);
 }
 
 inline uint8_t SmbStatusClass(const SmbNtHdr* hdr)
@@ -267,7 +267,7 @@ inline uint8_t SmbStatusClass(const SmbNtHdr* hdr)
 
 inline uint16_t SmbStatusCode(const SmbNtHdr* hdr)
 {
-    return alignedNtohs(&hdr->smb_status.smb_status.smb_code);
+    return snort::alignedNtohs(&hdr->smb_status.smb_status.smb_code);
 }
 
 inline uint8_t SmbNtStatusSeverity(const SmbNtHdr* hdr)
@@ -277,22 +277,22 @@ inline uint8_t SmbNtStatusSeverity(const SmbNtHdr* hdr)
 
 inline uint16_t SmbPid(const SmbNtHdr* hdr)
 {
-    return alignedNtohs(&hdr->smb_pid);
+    return snort::alignedNtohs(&hdr->smb_pid);
 }
 
 inline uint16_t SmbMid(const SmbNtHdr* hdr)
 {
-    return alignedNtohs(&hdr->smb_mid);
+    return snort::alignedNtohs(&hdr->smb_mid);
 }
 
 inline uint16_t SmbUid(const SmbNtHdr* hdr)
 {
-    return alignedNtohs(&hdr->smb_uid);
+    return snort::alignedNtohs(&hdr->smb_uid);
 }
 
 inline uint16_t SmbTid(const SmbNtHdr* hdr)
 {
-    return alignedNtohs(&hdr->smb_tid);
+    return snort::alignedNtohs(&hdr->smb_tid);
 }
 
 inline bool SmbErrorInvalidDeviceRequest(const SmbNtHdr* hdr)

diff --git a/src/service_inspectors/dce_rpc/dce_tcp.cc b/src/service_inspectors/dce_rpc/dce_tcp.cc
index 6983a815d6d0847d4199fe9341493890742ca8cd..d2544a8baaf8321ca5616bde8be19c7e098540c3 100644 (file)
--- a/src/service_inspectors/dce_rpc/dce_tcp.cc
+++ b/src/service_inspectors/dce_rpc/dce_tcp.cc
@@ -31,6 +31,8 @@
 #include "dce_tcp_module.h"
 #include "dce_tcp_paf.h"
 
+using namespace snort;
+
 Dce2TcpFlowData::Dce2TcpFlowData() : FlowData(inspector_id)
 {
     dce2_tcp_stats.concurrent_sessions++;

diff --git a/src/service_inspectors/dce_rpc/dce_tcp.h b/src/service_inspectors/dce_rpc/dce_tcp.h
index 3b3960e8a26e952152c151397885c2cb3b8722c3..cae6febdaf1052f48cd411e0eb7bc400fc71afa5 100644 (file)
--- a/src/service_inspectors/dce_rpc/dce_tcp.h
+++ b/src/service_inspectors/dce_rpc/dce_tcp.h
@@ -70,18 +70,18 @@ struct dce2TcpStats
 };
 
 extern THREAD_LOCAL dce2TcpStats dce2_tcp_stats;
-extern THREAD_LOCAL ProfileStats dce2_tcp_pstat_main;
-extern THREAD_LOCAL ProfileStats dce2_tcp_pstat_session;
-extern THREAD_LOCAL ProfileStats dce2_tcp_pstat_new_session;
-extern THREAD_LOCAL ProfileStats dce2_tcp_pstat_session_state;
-extern THREAD_LOCAL ProfileStats dce2_tcp_pstat_detect;
-extern THREAD_LOCAL ProfileStats dce2_tcp_pstat_log;
-extern THREAD_LOCAL ProfileStats dce2_tcp_pstat_co_seg;
-extern THREAD_LOCAL ProfileStats dce2_tcp_pstat_co_frag;
-extern THREAD_LOCAL ProfileStats dce2_tcp_pstat_co_reass;
-extern THREAD_LOCAL ProfileStats dce2_tcp_pstat_co_ctx;
-
-inline bool DCE2_TcpAutodetect(Packet* p)
+extern THREAD_LOCAL snort::ProfileStats dce2_tcp_pstat_main;
+extern THREAD_LOCAL snort::ProfileStats dce2_tcp_pstat_session;
+extern THREAD_LOCAL snort::ProfileStats dce2_tcp_pstat_new_session;
+extern THREAD_LOCAL snort::ProfileStats dce2_tcp_pstat_session_state;
+extern THREAD_LOCAL snort::ProfileStats dce2_tcp_pstat_detect;
+extern THREAD_LOCAL snort::ProfileStats dce2_tcp_pstat_log;
+extern THREAD_LOCAL snort::ProfileStats dce2_tcp_pstat_co_seg;
+extern THREAD_LOCAL snort::ProfileStats dce2_tcp_pstat_co_frag;
+extern THREAD_LOCAL snort::ProfileStats dce2_tcp_pstat_co_reass;
+extern THREAD_LOCAL snort::ProfileStats dce2_tcp_pstat_co_ctx;
+
+inline bool DCE2_TcpAutodetect(snort::Packet* p)
 {
     if (p->dsize >= sizeof(DceRpcCoHdr))
     {
@@ -112,7 +112,7 @@ struct DCE2_TcpSsnData
     DCE2_CoTracker co_tracker;
 };
 
-class Dce2TcpFlowData : public FlowData
+class Dce2TcpFlowData : public snort::FlowData
 {
 public:
     Dce2TcpFlowData();
@@ -120,7 +120,7 @@ public:
 
     static void init()
     {
-        inspector_id = FlowData::create_flow_data_id();
+        inspector_id = snort::FlowData::create_flow_data_id();
     }
 
 public:
@@ -128,7 +128,7 @@ public:
     DCE2_TcpSsnData dce2_tcp_session;
 };
 
-DCE2_TcpSsnData* get_dce2_tcp_session_data(Flow*);
+DCE2_TcpSsnData* get_dce2_tcp_session_data(snort::Flow*);
 
 #endif
 

diff --git a/src/service_inspectors/dce_rpc/dce_tcp_module.cc b/src/service_inspectors/dce_rpc/dce_tcp_module.cc
index 2f159ee0e6431420970d66dedff3c8c6a11bfc01..a3ef763019c4fa84657e7fbea057c67eea79680b 100644 (file)
--- a/src/service_inspectors/dce_rpc/dce_tcp_module.cc
+++ b/src/service_inspectors/dce_rpc/dce_tcp_module.cc
@@ -28,6 +28,7 @@
 
 #include "dce_tcp.h"
 
+using namespace snort;
 using namespace std;
 
 static const Parameter s_params[] =

diff --git a/src/service_inspectors/dce_rpc/dce_tcp_module.h b/src/service_inspectors/dce_rpc/dce_tcp_module.h
index 14088072793688975f31d73f2688311951b121f2..2b3453efd4f70bbd24e99852f16ebc86d6dee4cd 100644 (file)
--- a/src/service_inspectors/dce_rpc/dce_tcp_module.h
+++ b/src/service_inspectors/dce_rpc/dce_tcp_module.h
@@ -24,27 +24,30 @@
 #include "dce_common.h"
 #include "framework/module.h"
 
+namespace snort
+{
 struct SnortConfig;
+}
 
 struct dce2TcpProtoConf
 {
     dce2CoProtoConf common;
 };
 
-class Dce2TcpModule : public Module
+class Dce2TcpModule : public snort::Module
 {
 public:
     Dce2TcpModule();
 
-    bool set(const char*, Value&, SnortConfig*) override;
+    bool set(const char*, snort::Value&, snort::SnortConfig*) override;
 
     unsigned get_gid() const override
     { return GID_DCE2; }
 
-    const RuleMap* get_rules() const override;
+    const snort::RuleMap* get_rules() const override;
     const PegInfo* get_pegs() const override;
     PegCount* get_counts() const override;
-    ProfileStats* get_profile(unsigned, const char*&, const char*&) const override;
+    snort::ProfileStats* get_profile(unsigned, const char*&, const char*&) const override;
     void get_data(dce2TcpProtoConf&);
 
     Usage get_usage() const override

diff --git a/src/service_inspectors/dce_rpc/dce_tcp_paf.cc b/src/service_inspectors/dce_rpc/dce_tcp_paf.cc
index 5fdcd5527d00f0d8d5611ee2e9593455df7a1c43..1cfcfb9de3d8f5c0bb052e28ec0659651e0da074 100644 (file)
--- a/src/service_inspectors/dce_rpc/dce_tcp_paf.cc
+++ b/src/service_inspectors/dce_rpc/dce_tcp_paf.cc
@@ -29,6 +29,8 @@
 
 #include "dce_tcp.h"
 
+using namespace snort;
+
 /*********************************************************************
  * Function: dce2_tcp_paf()
  *

diff --git a/src/service_inspectors/dce_rpc/dce_tcp_paf.h b/src/service_inspectors/dce_rpc/dce_tcp_paf.h
index d7fca60ec0d110ed1024546a5bf17b73d4b57e67..c993fa43b8f157c5f9fa6694bbc8ac24e3850d34 100644 (file)
--- a/src/service_inspectors/dce_rpc/dce_tcp_paf.h
+++ b/src/service_inspectors/dce_rpc/dce_tcp_paf.h
@@ -49,12 +49,12 @@ struct DCE2_PafTcpData
     uint16_t frag_len;
 };
 
-class Dce2TcpSplitter : public StreamSplitter
+class Dce2TcpSplitter : public snort::StreamSplitter
 {
 public:
     Dce2TcpSplitter(bool c2s);
 
-    Status scan(Flow*, const uint8_t* data, uint32_t len,
+    Status scan(snort::Flow*, const uint8_t* data, uint32_t len,
         uint32_t flags, uint32_t* fp) override;
 
     bool is_paf() override

diff --git a/src/service_inspectors/dce_rpc/dce_udp.cc b/src/service_inspectors/dce_rpc/dce_udp.cc
index 7106b63cb17e850e553471023caad6d712526126..41e6802b4e32d51a898281d8c9fa3b8306370017 100644 (file)
--- a/src/service_inspectors/dce_rpc/dce_udp.cc
+++ b/src/service_inspectors/dce_rpc/dce_udp.cc
@@ -30,6 +30,8 @@
 
 #include "dce_udp_module.h"
 
+using namespace snort;
+
 THREAD_LOCAL dce2UdpStats dce2_udp_stats;
 
 THREAD_LOCAL ProfileStats dce2_udp_pstat_main;

diff --git a/src/service_inspectors/dce_rpc/dce_udp.h b/src/service_inspectors/dce_rpc/dce_udp.h
index 1edef04043221983a7bc1d28daa1ce6423f7db68..41762d4fde593a43bb8407e4a4fdbd5d054d48b9 100644 (file)
--- a/src/service_inspectors/dce_rpc/dce_udp.h
+++ b/src/service_inspectors/dce_rpc/dce_udp.h
@@ -65,14 +65,14 @@ struct dce2UdpStats
 };
 
 extern THREAD_LOCAL dce2UdpStats dce2_udp_stats;
-extern THREAD_LOCAL ProfileStats dce2_udp_pstat_main;
-extern THREAD_LOCAL ProfileStats dce2_udp_pstat_session;
-extern THREAD_LOCAL ProfileStats dce2_udp_pstat_new_session;
-extern THREAD_LOCAL ProfileStats dce2_udp_pstat_detect;
-extern THREAD_LOCAL ProfileStats dce2_udp_pstat_log;
-extern THREAD_LOCAL ProfileStats dce2_udp_pstat_cl_acts;
-extern THREAD_LOCAL ProfileStats dce2_udp_pstat_cl_frag;
-extern THREAD_LOCAL ProfileStats dce2_udp_pstat_cl_reass;
+extern THREAD_LOCAL snort::ProfileStats dce2_udp_pstat_main;
+extern THREAD_LOCAL snort::ProfileStats dce2_udp_pstat_session;
+extern THREAD_LOCAL snort::ProfileStats dce2_udp_pstat_new_session;
+extern THREAD_LOCAL snort::ProfileStats dce2_udp_pstat_detect;
+extern THREAD_LOCAL snort::ProfileStats dce2_udp_pstat_log;
+extern THREAD_LOCAL snort::ProfileStats dce2_udp_pstat_cl_acts;
+extern THREAD_LOCAL snort::ProfileStats dce2_udp_pstat_cl_frag;
+extern THREAD_LOCAL snort::ProfileStats dce2_udp_pstat_cl_reass;
 
 struct DceRpcClHdr   /* Connectionless header */
 {
@@ -193,7 +193,7 @@ struct DCE2_UdpSsnData
     DCE2_ClTracker cl_tracker;
 };
 
-class Dce2UdpFlowData : public FlowData
+class Dce2UdpFlowData : public snort::FlowData
 {
 public:
     Dce2UdpFlowData();
@@ -201,14 +201,14 @@ public:
 
     static void init()
     {
-        inspector_id = FlowData::create_flow_data_id();
+        inspector_id = snort::FlowData::create_flow_data_id();
     }
 
     static unsigned inspector_id;
     DCE2_UdpSsnData dce2_udp_session;
 };
 
-DCE2_UdpSsnData* get_dce2_udp_session_data(Flow*);
+DCE2_UdpSsnData* get_dce2_udp_session_data(snort::Flow*);
 
 void DCE2_ClProcess(DCE2_SsnData* sd, DCE2_ClTracker* clt);
 void DCE2_ClInitRdata(uint8_t*);

diff --git a/src/service_inspectors/dce_rpc/dce_udp_module.cc b/src/service_inspectors/dce_rpc/dce_udp_module.cc
index 25f06313e5d4ebae662cf68a5fcd76ff22d5b922..ad55eae56dcb7b91600a8acd78eda524d43495a6 100644 (file)
--- a/src/service_inspectors/dce_rpc/dce_udp_module.cc
+++ b/src/service_inspectors/dce_rpc/dce_udp_module.cc
@@ -28,6 +28,7 @@
 
 #include "dce_udp.h"
 
+using namespace snort;
 using namespace std;
 
 static const Parameter s_params[] =

diff --git a/src/service_inspectors/dce_rpc/dce_udp_module.h b/src/service_inspectors/dce_rpc/dce_udp_module.h
index ff0677cd8cdd87f16ce1af1db60271403b8a8365..fbff01927a5214bd1545c34b7d3c94364fdb11b5 100644 (file)
--- a/src/service_inspectors/dce_rpc/dce_udp_module.h
+++ b/src/service_inspectors/dce_rpc/dce_udp_module.h
@@ -34,27 +34,30 @@
 #define DCE2_CL_DATA_LT_HDR_STR  "connection-less DCE/RPC - data length less than header size"
 #define DCE2_CL_BAD_SEQ_NUM_STR  "connection-less DCE/RPC - bad sequence number"
 
+namespace snort
+{
 struct SnortConfig;
+}
 
 struct dce2UdpProtoConf
 {
     dce2CommonProtoConf common;
 };
 
-class Dce2UdpModule : public Module
+class Dce2UdpModule : public snort::Module
 {
 public:
     Dce2UdpModule();
 
-    bool set(const char*, Value&, SnortConfig*) override;
+    bool set(const char*, snort::Value&, snort::SnortConfig*) override;
 
     unsigned get_gid() const override
     { return GID_DCE2; }
 
-    const RuleMap* get_rules() const override;
+    const snort::RuleMap* get_rules() const override;
     const PegInfo* get_pegs() const override;
     PegCount* get_counts() const override;
-    ProfileStats* get_profile(unsigned, const char*&, const char*&) const override;
+    snort::ProfileStats* get_profile(unsigned, const char*&, const char*&) const override;
     void get_data(dce2UdpProtoConf&);
 
     Usage get_usage() const override

diff --git a/src/service_inspectors/dce_rpc/dce_udp_processing.cc b/src/service_inspectors/dce_rpc/dce_udp_processing.cc
index 8b2e232ff99f0dc9843fa904e6110c9edd039c92..37b222c2514318659f0973448acbf26e56655643 100644 (file)
--- a/src/service_inspectors/dce_rpc/dce_udp_processing.cc
+++ b/src/service_inspectors/dce_rpc/dce_udp_processing.cc
@@ -40,6 +40,8 @@
 #include "dce_common.h"
 #include "dce_udp_module.h"
 
+using namespace snort;
+
 /********************************************************************
  * Macros
  ********************************************************************/

diff --git a/src/service_inspectors/dce_rpc/ips_dce_iface.cc b/src/service_inspectors/dce_rpc/ips_dce_iface.cc
index b44c2756b8a45342aec436cb10f1c4be1de3ae58..dbe54cbe509290b7ea000553b6f00c0884c924e2 100644 (file)
--- a/src/service_inspectors/dce_rpc/ips_dce_iface.cc
+++ b/src/service_inspectors/dce_rpc/ips_dce_iface.cc
@@ -36,6 +36,8 @@
 
 #include "dce_common.h"
 
+using namespace snort;
+
 //-------------------------------------------------------------------------
 // dcerpc2 interface rule options
 //-------------------------------------------------------------------------

diff --git a/src/service_inspectors/dce_rpc/ips_dce_opnum.cc b/src/service_inspectors/dce_rpc/ips_dce_opnum.cc
index d0f307cdce405d529fb5600511d6ac9fe6f9ee21..1967a0613cc3eb2f7b52d95a8ab298e41584ca08 100644 (file)
--- a/src/service_inspectors/dce_rpc/ips_dce_opnum.cc
+++ b/src/service_inspectors/dce_rpc/ips_dce_opnum.cc
@@ -31,6 +31,8 @@
 
 #include "dce_common.h"
 
+using namespace snort;
+
 //-------------------------------------------------------------------------
 // dcerpc2 opnum rule options
 //-------------------------------------------------------------------------

diff --git a/src/service_inspectors/dce_rpc/ips_dce_stub_data.cc b/src/service_inspectors/dce_rpc/ips_dce_stub_data.cc
index 2a183275970c03d4d3944bd1769b69bd84b3094b..4bd56a5908ebd3418aee8c78db4790ea08ff8875 100644 (file)
--- a/src/service_inspectors/dce_rpc/ips_dce_stub_data.cc
+++ b/src/service_inspectors/dce_rpc/ips_dce_stub_data.cc
@@ -31,6 +31,8 @@
 
 #include "dce_common.h"
 
+using namespace snort;
+
 #define s_name "dce_stub_data"
 #define s_help \
     "sets the cursor to dcerpc stub data"

diff --git a/src/service_inspectors/dce_rpc/smb_common.h b/src/service_inspectors/dce_rpc/smb_common.h
index 6a33275846cec6520b1f035663211efeeb555249..1a01285e2dd53be996516ed44106866aff93d81f 100644 (file)
--- a/src/service_inspectors/dce_rpc/smb_common.h
+++ b/src/service_inspectors/dce_rpc/smb_common.h
@@ -403,12 +403,12 @@ inline uint16_t SmbBcc(const uint8_t* ptr, uint16_t com_size)
     if (com_size < sizeof(SmbEmptyCom))
         return 0;
 
-    return alignedNtohs((const uint16_t*)(ptr + com_size - sizeof(uint16_t)));
+    return snort::alignedNtohs((const uint16_t*)(ptr + com_size - sizeof(uint16_t)));
 }
 
 inline uint16_t SmbEmptyComBcc(const SmbEmptyCom* ec)
 {
-    return alignedNtohs(&ec->smb_bcc);
+    return snort::alignedNtohs(&ec->smb_bcc);
 }
 
 inline int SmbType(const SmbNtHdr* hdr)
@@ -428,7 +428,7 @@ inline uint8_t SmbAndXCom2(const SmbAndXCommon* andx)
 
 inline uint16_t SmbAndXOff2(const SmbAndXCommon* andx)
 {
-    return alignedNtohs(&andx->smb_off2);
+    return snort::alignedNtohs(&andx->smb_off2);
 }
 
 /* SMB formats (smb_fmt) Dialect, Pathname and ASCII are all

diff --git a/src/service_inspectors/dce_rpc/smb_message.cc b/src/service_inspectors/dce_rpc/smb_message.cc
index e9a5758bf02555153795deed0c8a4b086a7486e6..8817d84c7c1834451b970e2a3a5cdf72924d081e 100644 (file)
--- a/src/service_inspectors/dce_rpc/smb_message.cc
+++ b/src/service_inspectors/dce_rpc/smb_message.cc
@@ -38,6 +38,8 @@
 #include "dce_smb_utils.h"
 #include "dce_smb2.h"
 
+using namespace snort;
+
 /********************************************************************
  * Global variables
  ********************************************************************/
@@ -1358,7 +1360,7 @@ static DCE2_SmbSsnData* dce2_create_new_smb_session(Packet* p, dce2SmbProtoConf*
         dce2_smb_sess->tid = DCE2_SENTINEL;
         dce2_smb_sess->ftracker.fid_v1 = DCE2_SENTINEL;
         dce2_smb_sess->rtracker.mid = DCE2_SENTINEL;
-        dce2_smb_sess->max_file_depth = FileService::get_max_file_depth();
+        dce2_smb_sess->max_file_depth = snort::FileService::get_max_file_depth();
 
         DCE2_ResetRopts(&dce2_smb_sess->sd.ropts);
 
@@ -2627,7 +2629,7 @@ void DCE2_SmbProcess(DCE2_SmbSsnData* ssd)
         return;
     }
 
-    Packet* p = ssd->sd.wire_pkt;
+    snort::Packet* p = ssd->sd.wire_pkt;
     DCE2_SmbVersion smb_version = DCE2_Smb2Version(p);
     if (smb_version == DCE2_SMB_VERISON_1)
     {

diff --git a/src/service_inspectors/dce_rpc/smb_message.h b/src/service_inspectors/dce_rpc/smb_message.h
index 1fc12850930589d7bdd8411ffa18443461b51428..f970ef7f53904cfd98023cabf32e60ccb2daa9de 100644 (file)
--- a/src/service_inspectors/dce_rpc/smb_message.h
+++ b/src/service_inspectors/dce_rpc/smb_message.h
@@ -25,6 +25,11 @@
 
 #include <cstdint>
 
+namespace snort
+{
+struct Packet;
+}
+
 /********************************************************************
  * SMB_COM_OPEN
  ********************************************************************/
@@ -54,17 +59,17 @@ struct SmbOpenResp   /* smb_wct = 7 */
 
 inline uint16_t SmbOpenRespFid(const SmbOpenResp* resp)
 {
-    return alignedNtohs(&resp->smb_fid);
+    return snort::alignedNtohs(&resp->smb_fid);
 }
 
 inline uint32_t SmbOpenRespFileSize(const SmbOpenResp* resp)
 {
-    return alignedNtohl(&resp->smb_file_size);
+    return snort::alignedNtohl(&resp->smb_file_size);
 }
 
 inline uint16_t SmbOpenRespFileAttrs(const SmbOpenResp* resp)
 {
-    return alignedNtohs(&resp->smb_attr);
+    return snort::alignedNtohs(&resp->smb_attr);
 }
 
 inline bool SmbFileAttrsDirectory(const uint16_t file_attrs)
@@ -76,7 +81,7 @@ inline bool SmbFileAttrsDirectory(const uint16_t file_attrs)
 
 inline uint16_t SmbOpenRespAccessMode(const SmbOpenResp* resp)
 {
-    return alignedNtohs(&resp->smb_access);
+    return snort::alignedNtohs(&resp->smb_access);
 }
 
 inline bool SmbOpenForWriting(const uint16_t access_mode)
@@ -104,7 +109,7 @@ struct SmbCreateResp   /* smb_wct = 1 */
 
 inline uint16_t SmbCreateReqFileAttrs(const SmbCreateReq* req)
 {
-    return alignedNtohs(&req->smb_file_attrs);
+    return snort::alignedNtohs(&req->smb_file_attrs);
 }
 
 inline bool SmbAttrDirectory(const uint16_t file_attrs)
@@ -116,7 +121,7 @@ inline bool SmbAttrDirectory(const uint16_t file_attrs)
 
 inline uint16_t SmbCreateRespFid(const SmbCreateResp* resp)
 {
-    return alignedNtohs(&resp->smb_fid);
+    return snort::alignedNtohs(&resp->smb_fid);
 }
 
 /********************************************************************
@@ -139,7 +144,7 @@ struct SmbCloseResp   /* smb_wct = 0 */
 
 inline uint16_t SmbCloseReqFid(const SmbCloseReq* req)
 {
-    return alignedNtohs(&req->smb_fid);
+    return snort::alignedNtohs(&req->smb_fid);
 }
 
 /********************************************************************
@@ -175,17 +180,17 @@ struct SmbReadResp   /* smb_wct = 5 */
 
 inline uint16_t SmbReadReqFid(const SmbReadReq* req)
 {
-    return alignedNtohs(&req->smb_fid);
+    return snort::alignedNtohs(&req->smb_fid);
 }
 
 inline uint32_t SmbReadReqOffset(const SmbReadReq* req)
 {
-    return alignedNtohl(&req->smb_off);
+    return snort::alignedNtohl(&req->smb_off);
 }
 
 inline uint16_t SmbReadRespCount(const SmbReadResp* resp)
 {
-    return alignedNtohs(&resp->smb_cnt);
+    return snort::alignedNtohs(&resp->smb_cnt);
 }
 
 /********************************************************************
@@ -210,22 +215,22 @@ struct SmbWriteResp   /* smb_wct = 1 */
 
 inline uint16_t SmbWriteReqFid(const SmbWriteReq* req)
 {
-    return alignedNtohs(&req->smb_fid);
+    return snort::alignedNtohs(&req->smb_fid);
 }
 
 inline uint16_t SmbWriteReqCount(const SmbWriteReq* req)
 {
-    return alignedNtohs(&req->smb_cnt);
+    return snort::alignedNtohs(&req->smb_cnt);
 }
 
 inline uint32_t SmbWriteReqOffset(const SmbWriteReq* req)
 {
-    return alignedNtohl(&req->smb_offset);
+    return snort::alignedNtohl(&req->smb_offset);
 }
 
 inline uint16_t SmbWriteRespCount(const SmbWriteResp* resp)
 {
-    return alignedNtohs(&resp->smb_cnt);
+    return snort::alignedNtohs(&resp->smb_cnt);
 }
 
 /********************************************************************
@@ -248,12 +253,12 @@ struct SmbCreateNewResp   /* smb_wct = 1 */
 
 inline uint16_t SmbCreateNewReqFileAttrs(const SmbCreateNewReq* req)
 {
-    return alignedNtohs(&req->smb_file_attrs);
+    return snort::alignedNtohs(&req->smb_file_attrs);
 }
 
 inline uint16_t SmbCreateNewRespFid(const SmbCreateNewResp* resp)
 {
-    return alignedNtohs(&resp->smb_fid);
+    return snort::alignedNtohs(&resp->smb_fid);
 }
 
 /********************************************************************
@@ -279,17 +284,17 @@ struct SmbLockAndReadResp   /* smb_wct = 5 */
 
 inline uint16_t SmbLockAndReadReqFid(const SmbLockAndReadReq* req)
 {
-    return alignedNtohs(&req->smb_fid);
+    return snort::alignedNtohs(&req->smb_fid);
 }
 
 inline uint32_t SmbLockAndReadReqOffset(const SmbLockAndReadReq* req)
 {
-    return alignedNtohl(&req->smb_read_offset);
+    return snort::alignedNtohl(&req->smb_read_offset);
 }
 
 inline uint16_t SmbLockAndReadRespCount(const SmbLockAndReadResp* resp)
 {
-    return alignedNtohs(&resp->smb_cnt);
+    return snort::alignedNtohs(&resp->smb_cnt);
 }
 
 /********************************************************************
@@ -314,17 +319,17 @@ struct SmbWriteAndUnlockResp   /* smb_wct = 1 */
 
 inline uint16_t SmbWriteAndUnlockReqFid(const SmbWriteAndUnlockReq* req)
 {
-    return alignedNtohs(&req->smb_fid);
+    return snort::alignedNtohs(&req->smb_fid);
 }
 
 inline uint16_t SmbWriteAndUnlockReqCount(const SmbWriteAndUnlockReq* req)
 {
-    return alignedNtohs(&req->smb_cnt);
+    return snort::alignedNtohs(&req->smb_cnt);
 }
 
 inline uint32_t SmbWriteAndUnlockReqOffset(const SmbWriteAndUnlockReq* req)
 {
-    return alignedNtohl(&req->smb_write_offset);
+    return snort::alignedNtohl(&req->smb_write_offset);
 }
 
 /********************************************************************
@@ -376,32 +381,32 @@ struct SmbOpenAndXResp   /* smb_wct = 15 */
 
 inline uint32_t SmbOpenAndXReqAllocSize(const SmbOpenAndXReq* req)
 {
-    return alignedNtohl(&req->smb_size);
+    return snort::alignedNtohl(&req->smb_size);
 }
 
 inline uint16_t SmbOpenAndXReqFileAttrs(const SmbOpenAndXReq* req)
 {
-    return alignedNtohs(&req->smb_attr);
+    return snort::alignedNtohs(&req->smb_attr);
 }
 
 inline uint16_t SmbOpenAndXRespFid(const SmbOpenAndXResp* resp)
 {
-    return alignedNtohs(&resp->smb_fid);
+    return snort::alignedNtohs(&resp->smb_fid);
 }
 
 inline uint16_t SmbOpenAndXRespFileAttrs(const SmbOpenAndXResp* resp)
 {
-    return alignedNtohs(&resp->smb_attribute);
+    return snort::alignedNtohs(&resp->smb_attribute);
 }
 
 inline uint32_t SmbOpenAndXRespFileSize(const SmbOpenAndXResp* resp)
 {
-    return alignedNtohl(&resp->smb_size);
+    return snort::alignedNtohl(&resp->smb_size);
 }
 
 inline uint16_t SmbOpenAndXRespResourceType(const SmbOpenAndXResp* resp)
 {
-    return alignedNtohs(&resp->smb_type);
+    return snort::alignedNtohs(&resp->smb_type);
 }
 
 #define SMB_OPEN_RESULT__EXISTED    0x0001
@@ -410,7 +415,7 @@ inline uint16_t SmbOpenAndXRespResourceType(const SmbOpenAndXResp* resp)
 
 inline uint16_t SmbOpenAndXRespOpenResults(const SmbOpenAndXResp* resp)
 {
-    return alignedNtohs(&resp->smb_action);
+    return snort::alignedNtohs(&resp->smb_action);
 }
 
 inline bool SmbOpenResultRead(const uint16_t open_results)
@@ -475,26 +480,27 @@ struct SmbReadAndXResp    /* smb_wct = 12 */
 
 inline uint16_t SmbReadAndXReqFid(const SmbReadAndXReq* req)
 {
-    return alignedNtohs(&req->smb_fid);
+    return snort::alignedNtohs(&req->smb_fid);
 }
 
 inline uint64_t SmbReadAndXReqOffset(const SmbReadAndXExtReq* req)
 {
     if (req->smb_wct == 10)
-        return (uint64_t)alignedNtohl(&req->smb_offset);
-    return (uint64_t)alignedNtohl(&req->smb_off_high) << 32 | (uint64_t)alignedNtohl(
-        &req->smb_offset);
+        return (uint64_t)snort::alignedNtohl(&req->smb_offset);
+
+    return (uint64_t)snort::alignedNtohl(&req->smb_off_high) << 32
+                    | (uint64_t)snort::alignedNtohl(&req->smb_offset);
 }
 
 inline uint16_t SmbReadAndXRespDataOff(const SmbReadAndXResp* req)
 {
-    return alignedNtohs(&req->smb_doff);
+    return snort::alignedNtohs(&req->smb_doff);
 }
 
 inline uint32_t SmbReadAndXRespDataCnt(const SmbReadAndXResp* resp)
 {
-    return (uint32_t)alignedNtohs(&resp->smb_dsize_high) << 16 | (uint32_t)alignedNtohs(
-        &resp->smb_dsize);
+    return (uint32_t)snort::alignedNtohs(&resp->smb_dsize_high) << 16
+                    | (uint32_t)snort::alignedNtohs(&resp->smb_dsize);
 }
 
 /********************************************************************
@@ -558,51 +564,52 @@ struct SmbWriteAndXResp   /* smb_wct = 6 */
 
 inline uint16_t SmbWriteAndXReqFid(const SmbWriteAndXReq* req)
 {
-    return alignedNtohs(&req->smb_fid);
+    return snort::alignedNtohs(&req->smb_fid);
 }
 
 inline uint16_t SmbWriteAndXReqDataOff(const SmbWriteAndXReq* req)
 {
-    return alignedNtohs(&req->smb_doff);
+    return snort::alignedNtohs(&req->smb_doff);
 }
 
 inline uint16_t SmbWriteAndXReqRemaining(const SmbWriteAndXReq* req)
 {
-    return alignedNtohs(&req->smb_countleft);
+    return snort::alignedNtohs(&req->smb_countleft);
 }
 
 inline uint64_t SmbWriteAndXReqOffset(const SmbWriteAndXExtReq* req)
 {
     if (req->smb_wct == 12)
-        return (uint64_t)alignedNtohl(&req->smb_offset);
-    return (uint64_t)alignedNtohl(&req->smb_off_high) << 32 | (uint64_t)alignedNtohl(
-        &req->smb_offset);
+        return (uint64_t)snort::alignedNtohl(&req->smb_offset);
+
+    return (uint64_t)snort::alignedNtohl(&req->smb_off_high) << 32
+                    | (uint64_t)snort::alignedNtohl(&req->smb_offset);
 }
 
 inline uint32_t SmbWriteAndXReqDataCnt(const SmbWriteAndXReq* req)
 {
-    return (uint32_t)alignedNtohs(&req->smb_dsize_high) << 16 | (uint32_t)alignedNtohs(
-        &req->smb_dsize);
+    return (uint32_t)snort::alignedNtohs(&req->smb_dsize_high) << 16
+                    | (uint32_t)snort::alignedNtohs(&req->smb_dsize);
 }
 
 inline uint16_t SmbWriteAndXReqWriteMode(const SmbWriteAndXReq* req)
 {
-    return alignedNtohs(&req->smb_wmode);
+    return snort::alignedNtohs(&req->smb_wmode);
 }
 
 inline bool SmbWriteAndXReqStartRaw(const SmbWriteAndXReq* req)
 {
-    return ((alignedNtohs(&req->smb_wmode) & 0x000c) == 0x000c) ? true : false;
+    return ((snort::alignedNtohs(&req->smb_wmode) & 0x000c) == 0x000c) ? true : false;
 }
 
 inline bool SmbWriteAndXReqRaw(const SmbWriteAndXReq* req)
 {
-    return ((alignedNtohs(&req->smb_wmode) & 0x000c) == 0x0004) ? true : false;
+    return ((snort::alignedNtohs(&req->smb_wmode) & 0x000c) == 0x0004) ? true : false;
 }
 
 inline uint16_t SmbWriteAndXRespCnt(const SmbWriteAndXResp* resp)
 {
-    return alignedNtohs(&resp->smb_count);
+    return snort::alignedNtohs(&resp->smb_count);
 }
 
 /********************************************************************
@@ -625,7 +632,7 @@ struct SmbLm10_SessionSetupAndXReq   /* smb_wct = 10 */
 
 inline uint16_t SmbSessionSetupAndXReqMaxMultiplex(const SmbLm10_SessionSetupAndXReq* req)
 {
-    return alignedNtohs(&req->smb_mpxmax);
+    return snort::alignedNtohs(&req->smb_mpxmax);
 }
 
 /* Extended request as defined in NT LM 1.0 document */
@@ -648,12 +655,12 @@ struct SmbNt10_SessionSetupAndXReq   /* smb_wct = 13 */
 
 inline uint16_t SmbNt10SessionSetupAndXReqOemPassLen(const SmbNt10_SessionSetupAndXReq* req)
 {
-    return alignedNtohs(&req->smb_oem_passlen);
+    return snort::alignedNtohs(&req->smb_oem_passlen);
 }
 
 inline uint16_t SmbNt10SessionSetupAndXReqUnicodePassLen(const SmbNt10_SessionSetupAndXReq* req)
 {
-    return alignedNtohs(&req->smb_unicode_passlen);
+    return snort::alignedNtohs(&req->smb_unicode_passlen);
 }
 
 /* Extended request for security blob */
@@ -675,7 +682,7 @@ struct SmbNt10_SessionSetupAndXExtReq   /* smb_wct = 12 */
 
 inline uint16_t SmbSessionSetupAndXReqBlobLen(const SmbNt10_SessionSetupAndXExtReq* req)
 {
-    return alignedNtohs(&req->smb_blob_len);
+    return snort::alignedNtohs(&req->smb_blob_len);
 }
 
 /* Extended response for security blob */
@@ -693,7 +700,7 @@ struct SmbNt10_SessionSetupAndXExtResp   /* smb_wct = 4 */
 
 inline uint16_t SmbSessionSetupAndXRespBlobLen(const SmbNt10_SessionSetupAndXExtResp* resp)
 {
-    return alignedNtohs(&resp->smb_blob_len);
+    return snort::alignedNtohs(&resp->smb_blob_len);
 }
 
 /********************************************************************
@@ -746,12 +753,12 @@ struct SmbNt_NegotiateProtocolResp     /* smb_wct = 17 */
 
 inline uint16_t SmbLm_NegotiateRespMaxMultiplex(const SmbLm10_NegotiateProtocolResp* resp)
 {
-    return alignedNtohs(&resp->smb_maxmux);
+    return snort::alignedNtohs(&resp->smb_maxmux);
 }
 
 inline uint16_t SmbNt_NegotiateRespMaxMultiplex(const SmbNt_NegotiateProtocolResp* resp)
 {
-    return alignedNtohs(&resp->smb_maxmux);
+    return snort::alignedNtohs(&resp->smb_maxmux);
 }
 
 /* This is the Core Protocol response */
@@ -764,7 +771,7 @@ struct SmbCore_NegotiateProtocolResp    /* smb_wct = 1 */
 
 inline uint16_t SmbNegotiateRespDialectIndex(const SmbCore_NegotiateProtocolResp* resp)
 {
-    return alignedNtohs(&resp->smb_index);
+    return snort::alignedNtohs(&resp->smb_index);
 }
 
 /*********************************************************************
@@ -784,7 +791,7 @@ struct SmbTreeConnectAndXReq   /* smb_wct = 4 */
 
 inline uint16_t SmbTreeConnectAndXReqPassLen(const SmbTreeConnectAndXReq* req)
 {
-    return alignedNtohs(&req->smb_spasslen);
+    return snort::alignedNtohs(&req->smb_spasslen);
 }
 
 /********************************************************************
@@ -874,12 +881,12 @@ struct SmbNtCreateAndXExtResp    /* smb_wct = 42 */
 
 inline uint16_t SmbNtCreateAndXReqFileNameLen(const SmbNtCreateAndXReq* req)
 {
-    return alignedNtohs(&req->smb_name_len);
+    return snort::alignedNtohs(&req->smb_name_len);
 }
 
 inline uint32_t SmbNtCreateAndXReqCreateDisposition(const SmbNtCreateAndXReq* req)
 {
-    return alignedNtohl(&req->smb_create_disp);
+    return snort::alignedNtohl(&req->smb_create_disp);
 }
 
 inline bool SmbCreateDispositionRead(const uint32_t create_disposition)
@@ -890,27 +897,27 @@ inline bool SmbCreateDispositionRead(const uint32_t create_disposition)
 
 inline uint64_t SmbNtCreateAndXReqAllocSize(const SmbNtCreateAndXReq* req)
 {
-    return alignedNtohq(&req->smb_alloc_size);
+    return snort::alignedNtohq(&req->smb_alloc_size);
 }
 
 inline bool SmbNtCreateAndXReqSequentialOnly(const SmbNtCreateAndXReq* req)
 {
-    return (alignedNtohl(&req->smb_create_opts) & SMB_CREATE_OPTIONS__FILE_SEQUENTIAL_ONLY);
+    return (snort::alignedNtohl(&req->smb_create_opts) & SMB_CREATE_OPTIONS__FILE_SEQUENTIAL_ONLY);
 }
 
 inline uint32_t SmbNtCreateAndXReqFileAttrs(const SmbNtCreateAndXReq* req)
 {
-    return alignedNtohl(&req->smb_file_attrs);
+    return snort::alignedNtohl(&req->smb_file_attrs);
 }
 
 inline uint16_t SmbNtCreateAndXRespFid(const SmbNtCreateAndXResp* resp)
 {
-    return alignedNtohs(&resp->smb_fid);
+    return snort::alignedNtohs(&resp->smb_fid);
 }
 
 inline uint32_t SmbNtCreateAndXRespCreateDisposition(const SmbNtCreateAndXResp* resp)
 {
-    return alignedNtohl(&resp->smb_create_disposition);
+    return snort::alignedNtohl(&resp->smb_create_disposition);
 }
 
 inline bool SmbNtCreateAndXRespDirectory(const SmbNtCreateAndXResp* resp)
@@ -920,12 +927,12 @@ inline bool SmbNtCreateAndXRespDirectory(const SmbNtCreateAndXResp* resp)
 
 inline uint16_t SmbNtCreateAndXRespResourceType(const SmbNtCreateAndXResp* resp)
 {
-    return alignedNtohs(&resp->smb_resource_type);
+    return snort::alignedNtohs(&resp->smb_resource_type);
 }
 
 inline uint64_t SmbNtCreateAndXRespEndOfFile(const SmbNtCreateAndXResp* resp)
 {
-    return alignedNtohq(&resp->smb_eof);
+    return snort::alignedNtohq(&resp->smb_eof);
 }
 
 /********************************************************************
@@ -994,22 +1001,22 @@ struct SmbTransactionResp   /* smb_wct = 10 + value of smb_suwcnt */
 
 inline uint16_t SmbTransactionReqSubCom(const SmbTransactionReq* req)
 {
-    return alignedNtohs(&req->smb_setup1);
+    return snort::alignedNtohs(&req->smb_setup1);
 }
 
 inline uint16_t SmbTransactionReqFid(const SmbTransactionReq* req)
 {
-    return alignedNtohs(&req->smb_setup2);
+    return snort::alignedNtohs(&req->smb_setup2);
 }
 
 inline bool SmbTransactionReqDisconnectTid(const SmbTransactionReq* req)
 {
-    return (alignedNtohs(&req->smb_flags) & 0x0001) ? true : false;
+    return (snort::alignedNtohs(&req->smb_flags) & 0x0001) ? true : false;
 }
 
 inline bool SmbTransactionReqOneWay(const SmbTransactionReq* req)
 {
-    return (alignedNtohs(&req->smb_flags) & 0x0002) ? true : false;
+    return (snort::alignedNtohs(&req->smb_flags) & 0x0002) ? true : false;
 }
 
 inline uint8_t SmbTransactionReqSetupCnt(const SmbTransactionReq* req)
@@ -1019,72 +1026,72 @@ inline uint8_t SmbTransactionReqSetupCnt(const SmbTransactionReq* req)
 
 inline uint16_t SmbTransactionReqTotalDataCnt(const SmbTransactionReq* req)
 {
-    return alignedNtohs(&req->smb_tdscnt);
+    return snort::alignedNtohs(&req->smb_tdscnt);
 }
 
 inline uint16_t SmbTransactionReqDataCnt(const SmbTransactionReq* req)
 {
-    return alignedNtohs(&req->smb_dscnt);
+    return snort::alignedNtohs(&req->smb_dscnt);
 }
 
 inline uint16_t SmbTransactionReqDataOff(const SmbTransactionReq* req)
 {
-    return alignedNtohs(&req->smb_dsoff);
+    return snort::alignedNtohs(&req->smb_dsoff);
 }
 
 inline uint16_t SmbTransactionReqTotalParamCnt(const SmbTransactionReq* req)
 {
-    return alignedNtohs(&req->smb_tpscnt);
+    return snort::alignedNtohs(&req->smb_tpscnt);
 }
 
 inline uint16_t SmbTransactionReqParamCnt(const SmbTransactionReq* req)
 {
-    return alignedNtohs(&req->smb_pscnt);
+    return snort::alignedNtohs(&req->smb_pscnt);
 }
 
 inline uint16_t SmbTransactionReqParamOff(const SmbTransactionReq* req)
 {
-    return alignedNtohs(&req->smb_psoff);
+    return snort::alignedNtohs(&req->smb_psoff);
 }
 
 inline uint16_t SmbTransactionRespTotalDataCnt(const SmbTransactionResp* resp)
 {
-    return alignedNtohs(&resp->smb_tdrcnt);
+    return snort::alignedNtohs(&resp->smb_tdrcnt);
 }
 
 inline uint16_t SmbTransactionRespDataCnt(const SmbTransactionResp* resp)
 {
-    return alignedNtohs(&resp->smb_drcnt);
+    return snort::alignedNtohs(&resp->smb_drcnt);
 }
 
 inline uint16_t SmbTransactionRespDataOff(const SmbTransactionResp* resp)
 {
-    return alignedNtohs(&resp->smb_droff);
+    return snort::alignedNtohs(&resp->smb_droff);
 }
 
 inline uint16_t SmbTransactionRespDataDisp(const SmbTransactionResp* resp)
 {
-    return alignedNtohs(&resp->smb_drdisp);
+    return snort::alignedNtohs(&resp->smb_drdisp);
 }
 
 inline uint16_t SmbTransactionRespTotalParamCnt(const SmbTransactionResp* resp)
 {
-    return alignedNtohs(&resp->smb_tprcnt);
+    return snort::alignedNtohs(&resp->smb_tprcnt);
 }
 
 inline uint16_t SmbTransactionRespParamCnt(const SmbTransactionResp* resp)
 {
-    return alignedNtohs(&resp->smb_prcnt);
+    return snort::alignedNtohs(&resp->smb_prcnt);
 }
 
 inline uint16_t SmbTransactionRespParamOff(const SmbTransactionResp* resp)
 {
-    return alignedNtohs(&resp->smb_proff);
+    return snort::alignedNtohs(&resp->smb_proff);
 }
 
 inline uint16_t SmbTransactionRespParamDisp(const SmbTransactionResp* resp)
 {
-    return alignedNtohs(&resp->smb_prdisp);
+    return snort::alignedNtohs(&resp->smb_prdisp);
 }
 
 // Flags for TRANS_SET_NMPIPE_STATE parameters
@@ -1140,37 +1147,37 @@ struct SmbTransaction2Resp
 
 inline uint16_t SmbTransaction2ReqSubCom(const SmbTransaction2Req* req)
 {
-    return alignedNtohs(&req->smb_setup);
+    return snort::alignedNtohs(&req->smb_setup);
 }
 
 inline uint16_t SmbTransaction2ReqTotalParamCnt(const SmbTransaction2Req* req)
 {
-    return alignedNtohs(&req->smb_total_param_count);
+    return snort::alignedNtohs(&req->smb_total_param_count);
 }
 
 inline uint16_t SmbTransaction2ReqParamCnt(const SmbTransaction2Req* req)
 {
-    return alignedNtohs(&req->smb_param_count);
+    return snort::alignedNtohs(&req->smb_param_count);
 }
 
 inline uint16_t SmbTransaction2ReqParamOff(const SmbTransaction2Req* req)
 {
-    return alignedNtohs(&req->smb_param_offset);
+    return snort::alignedNtohs(&req->smb_param_offset);
 }
 
 inline uint16_t SmbTransaction2ReqTotalDataCnt(const SmbTransaction2Req* req)
 {
-    return alignedNtohs(&req->smb_total_data_count);
+    return snort::alignedNtohs(&req->smb_total_data_count);
 }
 
 inline uint16_t SmbTransaction2ReqDataCnt(const SmbTransaction2Req* req)
 {
-    return alignedNtohs(&req->smb_data_count);
+    return snort::alignedNtohs(&req->smb_data_count);
 }
 
 inline uint16_t SmbTransaction2ReqDataOff(const SmbTransaction2Req* req)
 {
-    return alignedNtohs(&req->smb_data_offset);
+    return snort::alignedNtohs(&req->smb_data_offset);
 }
 
 inline uint8_t SmbTransaction2ReqSetupCnt(const SmbTransaction2Req* req)
@@ -1180,42 +1187,42 @@ inline uint8_t SmbTransaction2ReqSetupCnt(const SmbTransaction2Req* req)
 
 inline uint16_t SmbTransaction2RespTotalParamCnt(const SmbTransaction2Resp* resp)
 {
-    return alignedNtohs(&resp->smb_total_param_count);
+    return snort::alignedNtohs(&resp->smb_total_param_count);
 }
 
 inline uint16_t SmbTransaction2RespParamCnt(const SmbTransaction2Resp* resp)
 {
-    return alignedNtohs(&resp->smb_param_count);
+    return snort::alignedNtohs(&resp->smb_param_count);
 }
 
 inline uint16_t SmbTransaction2RespParamOff(const SmbTransaction2Resp* resp)
 {
-    return alignedNtohs(&resp->smb_param_offset);
+    return snort::alignedNtohs(&resp->smb_param_offset);
 }
 
 inline uint16_t SmbTransaction2RespParamDisp(const SmbTransaction2Resp* resp)
 {
-    return alignedNtohs(&resp->smb_param_disp);
+    return snort::alignedNtohs(&resp->smb_param_disp);
 }
 
 inline uint16_t SmbTransaction2RespTotalDataCnt(const SmbTransaction2Resp* resp)
 {
-    return alignedNtohs(&resp->smb_total_data_count);
+    return snort::alignedNtohs(&resp->smb_total_data_count);
 }
 
 inline uint16_t SmbTransaction2RespDataCnt(const SmbTransaction2Resp* resp)
 {
-    return alignedNtohs(&resp->smb_data_count);
+    return snort::alignedNtohs(&resp->smb_data_count);
 }
 
 inline uint16_t SmbTransaction2RespDataOff(const SmbTransaction2Resp* resp)
 {
-    return alignedNtohs(&resp->smb_data_offset);
+    return snort::alignedNtohs(&resp->smb_data_offset);
 }
 
 inline uint16_t SmbTransaction2RespDataDisp(const SmbTransaction2Resp* resp)
 {
-    return alignedNtohs(&resp->smb_data_disp);
+    return snort::alignedNtohs(&resp->smb_data_disp);
 }
 
 struct SmbTrans2Open2ReqParams
@@ -1234,22 +1241,22 @@ typedef SmbTransaction2Req SmbTrans2Open2Req;
 
 inline uint16_t SmbTrans2Open2ReqAccessMode(const SmbTrans2Open2ReqParams* req)
 {
-    return alignedNtohs(&req->AccessMode);
+    return snort::alignedNtohs(&req->AccessMode);
 }
 
 inline uint16_t SmbTrans2Open2ReqFileAttrs(const SmbTrans2Open2ReqParams* req)
 {
-    return alignedNtohs(&req->FileAttributes);
+    return snort::alignedNtohs(&req->FileAttributes);
 }
 
 inline uint16_t SmbTrans2Open2ReqOpenMode(const SmbTrans2Open2ReqParams* req)
 {
-    return alignedNtohs(&req->OpenMode);
+    return snort::alignedNtohs(&req->OpenMode);
 }
 
 inline uint32_t SmbTrans2Open2ReqAllocSize(const SmbTrans2Open2ReqParams* req)
 {
-    return alignedNtohl(&req->AllocationSize);
+    return snort::alignedNtohl(&req->AllocationSize);
 }
 
 struct SmbTrans2Open2RespParams
@@ -1269,27 +1276,27 @@ struct SmbTrans2Open2RespParams
 
 inline uint16_t SmbTrans2Open2RespFid(const SmbTrans2Open2RespParams* resp)
 {
-    return alignedNtohs(&resp->smb_fid);
+    return snort::alignedNtohs(&resp->smb_fid);
 }
 
 inline uint16_t SmbTrans2Open2RespFileAttrs(const SmbTrans2Open2RespParams* resp)
 {
-    return alignedNtohs(&resp->file_attributes);
+    return snort::alignedNtohs(&resp->file_attributes);
 }
 
 inline uint32_t SmbTrans2Open2RespFileDataSize(const SmbTrans2Open2RespParams* resp)
 {
-    return alignedNtohl(&resp->file_data_size);
+    return snort::alignedNtohl(&resp->file_data_size);
 }
 
 inline uint16_t SmbTrans2Open2RespResourceType(const SmbTrans2Open2RespParams* resp)
 {
-    return alignedNtohs(&resp->resource_type);
+    return snort::alignedNtohs(&resp->resource_type);
 }
 
 inline uint16_t SmbTrans2Open2RespActionTaken(const SmbTrans2Open2RespParams* resp)
 {
-    return alignedNtohs(&resp->action_taken);
+    return snort::alignedNtohs(&resp->action_taken);
 }
 
 struct SmbTrans2Open2Resp
@@ -1340,12 +1347,12 @@ struct SmbTrans2QueryFileInfoReqParams
 
 inline uint16_t SmbTrans2QueryFileInfoReqFid(const SmbTrans2QueryFileInfoReqParams* req)
 {
-    return alignedNtohs(&req->fid);
+    return snort::alignedNtohs(&req->fid);
 }
 
 inline uint16_t SmbTrans2QueryFileInfoReqInfoLevel(const SmbTrans2QueryFileInfoReqParams* req)
 {
-    return alignedNtohs(&req->information_level);
+    return snort::alignedNtohs(&req->information_level);
 }
 
 struct SmbQueryInfoStandard
@@ -1363,7 +1370,7 @@ struct SmbQueryInfoStandard
 
 inline uint32_t SmbQueryInfoStandardFileDataSize(const SmbQueryInfoStandard* q)
 {
-    return alignedNtohl(&q->FileDataSize);
+    return snort::alignedNtohl(&q->FileDataSize);
 }
 
 struct SmbQueryInfoQueryEaSize
@@ -1382,7 +1389,7 @@ struct SmbQueryInfoQueryEaSize
 
 inline uint32_t SmbQueryInfoQueryEaSizeFileDataSize(const SmbQueryInfoQueryEaSize* q)
 {
-    return alignedNtohl(&q->FileDataSize);
+    return snort::alignedNtohl(&q->FileDataSize);
 }
 
 struct SmbQueryFileStandardInfo
@@ -1397,7 +1404,7 @@ struct SmbQueryFileStandardInfo
 
 inline uint64_t SmbQueryFileStandardInfoEndOfFile(const SmbQueryFileStandardInfo* q)
 {
-    return alignedNtohq(&q->EndOfFile);
+    return snort::alignedNtohq(&q->EndOfFile);
 }
 
 struct SmbQueryFileAllInfo
@@ -1421,7 +1428,7 @@ struct SmbQueryFileAllInfo
 
 inline uint64_t SmbQueryFileAllInfoEndOfFile(const SmbQueryFileAllInfo* q)
 {
-    return alignedNtohq(&q->EndOfFile);
+    return snort::alignedNtohq(&q->EndOfFile);
 }
 
 struct SmbQueryPTFileAllInfo
@@ -1466,7 +1473,7 @@ struct SmbQueryPTFileAllInfo
 
 inline uint64_t SmbQueryPTFileAllInfoEndOfFile(const SmbQueryPTFileAllInfo* q)
 {
-    return alignedNtohq(&q->EndOfFile);
+    return snort::alignedNtohq(&q->EndOfFile);
 }
 
 struct SmbQueryPTNetworkOpenInfo
@@ -1483,7 +1490,7 @@ struct SmbQueryPTNetworkOpenInfo
 
 inline uint64_t SmbQueryPTNetworkOpenInfoEndOfFile(const SmbQueryPTNetworkOpenInfo* q)
 {
-    return alignedNtohq(&q->EndOfFile);
+    return snort::alignedNtohq(&q->EndOfFile);
 }
 
 struct SmbQueryPTFileStreamInfo
@@ -1496,7 +1503,7 @@ struct SmbQueryPTFileStreamInfo
 
 inline uint64_t SmbQueryPTFileStreamInfoStreamSize(const SmbQueryPTFileStreamInfo* q)
 {
-    return alignedNtohq(&q->StreamSize);
+    return snort::alignedNtohq(&q->StreamSize);
 }
 
 struct SmbTrans2QueryFileInformationResp
@@ -1535,12 +1542,12 @@ struct SmbTrans2SetFileInfoReqParams
 
 inline uint16_t SmbTrans2SetFileInfoReqFid(const SmbTrans2SetFileInfoReqParams* req)
 {
-    return alignedNtohs(&req->fid);
+    return snort::alignedNtohs(&req->fid);
 }
 
 inline uint16_t SmbTrans2SetFileInfoReqInfoLevel(const SmbTrans2SetFileInfoReqParams* req)
 {
-    return alignedNtohs(&req->information_level);
+    return snort::alignedNtohs(&req->information_level);
 }
 
 inline bool SmbSetFileInfoEndOfFile(const uint16_t info_level)
@@ -1561,7 +1568,7 @@ struct SmbSetFileBasicInfo
 
 inline uint32_t SmbSetFileInfoExtFileAttrs(const SmbSetFileBasicInfo* info)
 {
-    return alignedNtohl(&info->ExtFileAttributes);
+    return snort::alignedNtohl(&info->ExtFileAttributes);
 }
 
 inline bool SmbSetFileInfoSetFileBasicInfo(const uint16_t info_level)
@@ -1615,7 +1622,7 @@ struct SmbNtTransactResp
 
 inline uint16_t SmbNtTransactReqSubCom(const SmbNtTransactReq* req)
 {
-    return alignedNtohs(&req->smb_function);
+    return snort::alignedNtohs(&req->smb_function);
 }
 
 inline uint8_t SmbNtTransactReqSetupCnt(const SmbNtTransactReq* req)
@@ -1625,72 +1632,72 @@ inline uint8_t SmbNtTransactReqSetupCnt(const SmbNtTransactReq* req)
 
 inline uint32_t SmbNtTransactReqTotalParamCnt(const SmbNtTransactReq* req)
 {
-    return alignedNtohl(&req->smb_total_param_count);
+    return snort::alignedNtohl(&req->smb_total_param_count);
 }
 
 inline uint32_t SmbNtTransactReqParamCnt(const SmbNtTransactReq* req)
 {
-    return alignedNtohl(&req->smb_param_count);
+    return snort::alignedNtohl(&req->smb_param_count);
 }
 
 inline uint32_t SmbNtTransactReqParamOff(const SmbNtTransactReq* req)
 {
-    return alignedNtohl(&req->smb_param_offset);
+    return snort::alignedNtohl(&req->smb_param_offset);
 }
 
 inline uint32_t SmbNtTransactReqTotalDataCnt(const SmbNtTransactReq* req)
 {
-    return alignedNtohl(&req->smb_total_data_count);
+    return snort::alignedNtohl(&req->smb_total_data_count);
 }
 
 inline uint32_t SmbNtTransactReqDataCnt(const SmbNtTransactReq* req)
 {
-    return alignedNtohl(&req->smb_data_count);
+    return snort::alignedNtohl(&req->smb_data_count);
 }
 
 inline uint32_t SmbNtTransactReqDataOff(const SmbNtTransactReq* req)
 {
-    return alignedNtohl(&req->smb_data_offset);
+    return snort::alignedNtohl(&req->smb_data_offset);
 }
 
 inline uint32_t SmbNtTransactRespTotalParamCnt(const SmbNtTransactResp* resp)
 {
-    return alignedNtohl(&resp->smb_total_param_count);
+    return snort::alignedNtohl(&resp->smb_total_param_count);
 }
 
 inline uint32_t SmbNtTransactRespParamCnt(const SmbNtTransactResp* resp)
 {
-    return alignedNtohl(&resp->smb_param_count);
+    return snort::alignedNtohl(&resp->smb_param_count);
 }
 
 inline uint32_t SmbNtTransactRespParamOff(const SmbNtTransactResp* resp)
 {
-    return alignedNtohl(&resp->smb_param_offset);
+    return snort::alignedNtohl(&resp->smb_param_offset);
 }
 
 inline uint32_t SmbNtTransactRespParamDisp(const SmbNtTransactResp* resp)
 {
-    return alignedNtohl(&resp->smb_param_disp);
+    return snort::alignedNtohl(&resp->smb_param_disp);
 }
 
 inline uint32_t SmbNtTransactRespTotalDataCnt(const SmbNtTransactResp* resp)
 {
-    return alignedNtohl(&resp->smb_total_data_count);
+    return snort::alignedNtohl(&resp->smb_total_data_count);
 }
 
 inline uint32_t SmbNtTransactRespDataCnt(const SmbNtTransactResp* resp)
 {
-    return alignedNtohl(&resp->smb_data_count);
+    return snort::alignedNtohl(&resp->smb_data_count);
 }
 
 inline uint32_t SmbNtTransactRespDataOff(const SmbNtTransactResp* resp)
 {
-    return alignedNtohl(&resp->smb_data_offset);
+    return snort::alignedNtohl(&resp->smb_data_offset);
 }
 
 inline uint32_t SmbNtTransactRespDataDisp(const SmbNtTransactResp* resp)
 {
-    return alignedNtohl(&resp->smb_data_disp);
+    return snort::alignedNtohl(&resp->smb_data_disp);
 }
 
 struct SmbNtTransactCreateReqParams
@@ -1712,22 +1719,22 @@ struct SmbNtTransactCreateReqParams
 
 inline uint64_t SmbNtTransactCreateReqAllocSize(const SmbNtTransactCreateReqParams* req)
 {
-    return alignedNtohq(&req->allocation_size);
+    return snort::alignedNtohq(&req->allocation_size);
 }
 
 inline uint32_t SmbNtTransactCreateReqFileNameLength(const SmbNtTransactCreateReqParams* req)
 {
-    return alignedNtohl(&req->name_length);
+    return snort::alignedNtohl(&req->name_length);
 }
 
 inline uint32_t SmbNtTransactCreateReqFileAttrs(const SmbNtTransactCreateReqParams* req)
 {
-    return alignedNtohl(&req->ext_file_attributes);
+    return snort::alignedNtohl(&req->ext_file_attributes);
 }
 
 inline bool SmbNtTransactCreateReqSequentialOnly(const SmbNtTransactCreateReqParams* req)
 {
-    return (alignedNtohl(&req->create_options) & SMB_CREATE_OPTIONS__FILE_SEQUENTIAL_ONLY);
+    return (snort::alignedNtohl(&req->create_options) & SMB_CREATE_OPTIONS__FILE_SEQUENTIAL_ONLY);
 }
 
 struct SmbNtTransactCreateReq
@@ -1769,22 +1776,22 @@ struct SmbNtTransactCreateRespParams
 
 inline uint16_t SmbNtTransactCreateRespFid(const SmbNtTransactCreateRespParams* resp)
 {
-    return alignedNtohs(&resp->smb_fid);
+    return snort::alignedNtohs(&resp->smb_fid);
 }
 
 inline uint32_t SmbNtTransactCreateRespCreateAction(const SmbNtTransactCreateRespParams* resp)
 {
-    return alignedNtohl(&resp->create_action);
+    return snort::alignedNtohl(&resp->create_action);
 }
 
 inline uint64_t SmbNtTransactCreateRespEndOfFile(const SmbNtTransactCreateRespParams* resp)
 {
-    return alignedNtohq(&resp->end_of_file);
+    return snort::alignedNtohq(&resp->end_of_file);
 }
 
 inline uint16_t SmbNtTransactCreateRespResourceType(const SmbNtTransactCreateRespParams* resp)
 {
-    return alignedNtohs(&resp->resource_type);
+    return snort::alignedNtohs(&resp->resource_type);
 }
 
 inline bool SmbNtTransactCreateRespDirectory(const SmbNtTransactCreateRespParams* resp)
@@ -1829,42 +1836,42 @@ struct SmbTransactionSecondaryReq   /* smb_wct = 8 */
 
 inline uint16_t SmbTransactionSecondaryReqTotalDataCnt(const SmbTransactionSecondaryReq* req)
 {
-    return alignedNtohs(&req->smb_tdscnt);
+    return snort::alignedNtohs(&req->smb_tdscnt);
 }
 
 inline uint16_t SmbTransactionSecondaryReqDataCnt(const SmbTransactionSecondaryReq* req)
 {
-    return alignedNtohs(&req->smb_dscnt);
+    return snort::alignedNtohs(&req->smb_dscnt);
 }
 
 inline uint16_t SmbTransactionSecondaryReqDataOff(const SmbTransactionSecondaryReq* req)
 {
-    return alignedNtohs(&req->smb_dsoff);
+    return snort::alignedNtohs(&req->smb_dsoff);
 }
 
 inline uint16_t SmbTransactionSecondaryReqDataDisp(const SmbTransactionSecondaryReq* req)
 {
-    return alignedNtohs(&req->smb_dsdisp);
+    return snort::alignedNtohs(&req->smb_dsdisp);
 }
 
 inline uint16_t SmbTransactionSecondaryReqTotalParamCnt(const SmbTransactionSecondaryReq* req)
 {
-    return alignedNtohs(&req->smb_tpscnt);
+    return snort::alignedNtohs(&req->smb_tpscnt);
 }
 
 inline uint16_t SmbTransactionSecondaryReqParamCnt(const SmbTransactionSecondaryReq* req)
 {
-    return alignedNtohs(&req->smb_pscnt);
+    return snort::alignedNtohs(&req->smb_pscnt);
 }
 
 inline uint16_t SmbTransactionSecondaryReqParamOff(const SmbTransactionSecondaryReq* req)
 {
-    return alignedNtohs(&req->smb_psoff);
+    return snort::alignedNtohs(&req->smb_psoff);
 }
 
 inline uint16_t SmbTransactionSecondaryReqParamDisp(const SmbTransactionSecondaryReq* req)
 {
-    return alignedNtohs(&req->smb_psdisp);
+    return snort::alignedNtohs(&req->smb_psdisp);
 }
 
 /********************************************************************
@@ -1889,42 +1896,42 @@ struct SmbTransaction2SecondaryReq
 
 inline uint16_t SmbTransaction2SecondaryReqTotalParamCnt(const SmbTransaction2SecondaryReq* req)
 {
-    return alignedNtohs(&req->smb_total_param_count);
+    return snort::alignedNtohs(&req->smb_total_param_count);
 }
 
 inline uint16_t SmbTransaction2SecondaryReqParamCnt(const SmbTransaction2SecondaryReq* req)
 {
-    return alignedNtohs(&req->smb_param_count);
+    return snort::alignedNtohs(&req->smb_param_count);
 }
 
 inline uint16_t SmbTransaction2SecondaryReqParamOff(const SmbTransaction2SecondaryReq* req)
 {
-    return alignedNtohs(&req->smb_param_offset);
+    return snort::alignedNtohs(&req->smb_param_offset);
 }
 
 inline uint16_t SmbTransaction2SecondaryReqParamDisp(const SmbTransaction2SecondaryReq* req)
 {
-    return alignedNtohs(&req->smb_param_disp);
+    return snort::alignedNtohs(&req->smb_param_disp);
 }
 
 inline uint16_t SmbTransaction2SecondaryReqTotalDataCnt(const SmbTransaction2SecondaryReq* req)
 {
-    return alignedNtohs(&req->smb_total_data_count);
+    return snort::alignedNtohs(&req->smb_total_data_count);
 }
 
 inline uint16_t SmbTransaction2SecondaryReqDataCnt(const SmbTransaction2SecondaryReq* req)
 {
-    return alignedNtohs(&req->smb_data_count);
+    return snort::alignedNtohs(&req->smb_data_count);
 }
 
 inline uint16_t SmbTransaction2SecondaryReqDataOff(const SmbTransaction2SecondaryReq* req)
 {
-    return alignedNtohs(&req->smb_data_offset);
+    return snort::alignedNtohs(&req->smb_data_offset);
 }
 
 inline uint16_t SmbTransaction2SecondaryReqDataDisp(const SmbTransaction2SecondaryReq* req)
 {
-    return alignedNtohs(&req->smb_data_disp);
+    return snort::alignedNtohs(&req->smb_data_disp);
 }
 
 /********************************************************************
@@ -1947,42 +1954,42 @@ struct SmbNtTransactSecondaryReq
 
 inline uint32_t SmbNtTransactSecondaryReqTotalParamCnt(const SmbNtTransactSecondaryReq* req)
 {
-    return alignedNtohl(&req->smb_total_param_count);
+    return snort::alignedNtohl(&req->smb_total_param_count);
 }
 
 inline uint32_t SmbNtTransactSecondaryReqParamCnt(const SmbNtTransactSecondaryReq* req)
 {
-    return alignedNtohl(&req->smb_param_count);
+    return snort::alignedNtohl(&req->smb_param_count);
 }
 
 inline uint32_t SmbNtTransactSecondaryReqParamOff(const SmbNtTransactSecondaryReq* req)
 {
-    return alignedNtohl(&req->smb_param_offset);
+    return snort::alignedNtohl(&req->smb_param_offset);
 }
 
 inline uint32_t SmbNtTransactSecondaryReqParamDisp(const SmbNtTransactSecondaryReq* req)
 {
-    return alignedNtohl(&req->smb_param_disp);
+    return snort::alignedNtohl(&req->smb_param_disp);
 }
 
 inline uint32_t SmbNtTransactSecondaryReqTotalDataCnt(const SmbNtTransactSecondaryReq* req)
 {
-    return alignedNtohl(&req->smb_total_data_count);
+    return snort::alignedNtohl(&req->smb_total_data_count);
 }
 
 inline uint32_t SmbNtTransactSecondaryReqDataCnt(const SmbNtTransactSecondaryReq* req)
 {
-    return alignedNtohl(&req->smb_data_count);
+    return snort::alignedNtohl(&req->smb_data_count);
 }
 
 inline uint32_t SmbNtTransactSecondaryReqDataOff(const SmbNtTransactSecondaryReq* req)
 {
-    return alignedNtohl(&req->smb_data_offset);
+    return snort::alignedNtohl(&req->smb_data_offset);
 }
 
 inline uint32_t SmbNtTransactSecondaryReqDataDisp(const SmbNtTransactSecondaryReq* req)
 {
-    return alignedNtohl(&req->smb_data_disp);
+    return snort::alignedNtohl(&req->smb_data_disp);
 }
 
 /********************************************************************
@@ -2017,15 +2024,16 @@ struct SmbReadRawExtReq   /* smb_wct = 10 */
 
 inline uint16_t SmbReadRawReqFid(const SmbReadRawReq* req)
 {
-    return alignedNtohs(&req->smb_fid);
+    return snort::alignedNtohs(&req->smb_fid);
 }
 
 inline uint64_t SmbReadRawReqOffset(const SmbReadRawExtReq* req)
 {
     if (req->smb_wct == 8)
-        return (uint64_t)alignedNtohl(&req->smb_offset);
-    return (uint64_t)alignedNtohl(&req->smb_off_high) << 32 | (uint64_t)alignedNtohl(
-        &req->smb_offset);
+        return (uint64_t)snort::alignedNtohl(&req->smb_offset);
+
+    return (uint64_t)snort::alignedNtohl(&req->smb_off_high) << 32
+                    | (uint64_t)snort::alignedNtohl(&req->smb_offset);
 }
 
 /********************************************************************
@@ -2075,40 +2083,41 @@ struct SmbWriteRawInterimResp
 
 inline uint16_t SmbWriteRawReqTotalCount(const SmbWriteRawReq* req)
 {
-    return alignedNtohs(&req->smb_tcount);
+    return snort::alignedNtohs(&req->smb_tcount);
 }
 
 inline bool SmbWriteRawReqWriteThrough(const SmbWriteRawReq* req)
 {
-    return alignedNtohs(&req->smb_wmode) & 0x0001;
+    return snort::alignedNtohs(&req->smb_wmode) & 0x0001;
 }
 
 inline uint16_t SmbWriteRawReqFid(const SmbWriteRawReq* req)
 {
-    return alignedNtohs(&req->smb_fid);
+    return snort::alignedNtohs(&req->smb_fid);
 }
 
 inline uint16_t SmbWriteRawReqDataOff(const SmbWriteRawReq* req)
 {
-    return alignedNtohs(&req->smb_doff);
+    return snort::alignedNtohs(&req->smb_doff);
 }
 
 inline uint16_t SmbWriteRawReqDataCnt(const SmbWriteRawReq* req)
 {
-    return alignedNtohs(&req->smb_dsize);
+    return snort::alignedNtohs(&req->smb_dsize);
 }
 
 inline uint64_t SmbWriteRawReqOffset(const SmbWriteRawExtReq* req)
 {
     if (req->smb_wct == 12)
-        return (uint64_t)alignedNtohl(&req->smb_offset);
-    return (uint64_t)alignedNtohl(&req->smb_off_high) << 32 | (uint64_t)alignedNtohl(
-        &req->smb_offset);
+        return (uint64_t)snort::alignedNtohl(&req->smb_offset);
+
+    return (uint64_t)snort::alignedNtohl(&req->smb_off_high) << 32 |
+                    (uint64_t)snort::alignedNtohl(&req->smb_offset);
 }
 
 inline uint16_t SmbWriteRawInterimRespRemaining(const SmbWriteRawInterimResp* resp)
 {
-    return alignedNtohs(&resp->smb_remaining);
+    return snort::alignedNtohs(&resp->smb_remaining);
 }
 
 /********************************************************************
@@ -2123,7 +2132,7 @@ struct SmbWriteCompleteResp
 
 inline uint16_t SmbWriteCompleteRespCount(const SmbWriteCompleteResp* resp)
 {
-    return alignedNtohs(&resp->smb_count);
+    return snort::alignedNtohs(&resp->smb_count);
 }
 
 /********************************************************************
@@ -2161,29 +2170,29 @@ struct SmbWriteAndCloseResp   /* smb_wct = 1 */
 
 inline uint16_t SmbWriteAndCloseReqFid(const SmbWriteAndCloseReq* req)
 {
-    return alignedNtohs(&req->smb_fid);
+    return snort::alignedNtohs(&req->smb_fid);
 }
 
 inline uint16_t SmbWriteAndCloseReqCount(const SmbWriteAndCloseReq* req)
 {
-    return alignedNtohs(&req->smb_count);
+    return snort::alignedNtohs(&req->smb_count);
 }
 
 inline uint32_t SmbWriteAndCloseReqOffset(const SmbWriteAndCloseReq* req)
 {
-    return alignedNtohl(&req->smb_offset);
+    return snort::alignedNtohl(&req->smb_offset);
 }
 
 inline uint16_t SmbWriteAndCloseRespCount(const SmbWriteAndCloseResp* resp)
 {
-    return alignedNtohs(&resp->smb_count);
+    return snort::alignedNtohs(&resp->smb_count);
 }
 
 #pragma pack()
 
 void DCE2_SmbInitGlobals();
 void DCE2_SmbProcess(struct DCE2_SmbSsnData*);
-DCE2_SmbSsnData* dce2_handle_smb_session(struct Packet*, struct dce2SmbProtoConf*);
+DCE2_SmbSsnData* dce2_handle_smb_session(snort::Packet*, struct dce2SmbProtoConf*);
 
 #endif
 

diff --git a/src/service_inspectors/dnp3/dnp3.cc b/src/service_inspectors/dnp3/dnp3.cc
index 022cb8429a439366989787a1aa8f9d76382b1b7e..e8f05ef0d7544ce39165f6460b2f6c3b638c6fbf 100644 (file)
--- a/src/service_inspectors/dnp3/dnp3.cc
+++ b/src/service_inspectors/dnp3/dnp3.cc
@@ -32,6 +32,8 @@
 #include "dnp3_paf.h"
 #include "dnp3_reassembly.h"
 
+using namespace snort;
+
 THREAD_LOCAL Dnp3Stats dnp3_stats;
 THREAD_LOCAL ProfileStats dnp3_perf_stats;
 

diff --git a/src/service_inspectors/dnp3/dnp3.h b/src/service_inspectors/dnp3/dnp3.h
index 5869a25786f657066512b948343b72fb0be53b92..4776ee793282922fa2667a98caeb96fe06934d3a 100644 (file)
--- a/src/service_inspectors/dnp3/dnp3.h
+++ b/src/service_inspectors/dnp3/dnp3.h
@@ -167,7 +167,7 @@ struct dnp3_session_data_t
     dnp3_reassembly_data_t server_rdata;
 };
 
-class Dnp3FlowData : public FlowData
+class Dnp3FlowData : public snort::FlowData
 {
 public:
     Dnp3FlowData();
@@ -175,7 +175,7 @@ public:
 
     static void init()
     {
-        inspector_id = FlowData::create_flow_data_id();
+        inspector_id = snort::FlowData::create_flow_data_id();
     }
 
 public:
@@ -184,7 +184,7 @@ public:
 };
 
 extern THREAD_LOCAL Dnp3Stats dnp3_stats;
-extern THREAD_LOCAL ProfileStats dnp3_perf_stats;
+extern THREAD_LOCAL snort::ProfileStats dnp3_perf_stats;
 
 #endif
 

diff --git a/src/service_inspectors/dnp3/dnp3_module.cc b/src/service_inspectors/dnp3/dnp3_module.cc
index 6181d534bc78b4aa70c0f9ab60608b869594a709..6ea7f51bc5049153f95bb7e1e5d064675d1deb15 100644 (file)
--- a/src/service_inspectors/dnp3/dnp3_module.cc
+++ b/src/service_inspectors/dnp3/dnp3_module.cc
@@ -28,6 +28,7 @@
 
 #include "dnp3.h"
 
+using namespace snort;
 using namespace std;
 
 static const Parameter s_params[] =

diff --git a/src/service_inspectors/dnp3/dnp3_module.h b/src/service_inspectors/dnp3/dnp3_module.h
index cf1925f0e8e241d875492be6ff1d425fcec50164..d4bdbe85137336bca2fcb6fd13c61986db23ba75 100644 (file)
--- a/src/service_inspectors/dnp3/dnp3_module.h
+++ b/src/service_inspectors/dnp3/dnp3_module.h
@@ -25,26 +25,29 @@
 
 #define GID_DNP3  145
 
+namespace snort
+{
 struct SnortConfig;
+}
 struct dnp3ProtoConf
 {
     bool check_crc;
 };
 
-class Dnp3Module : public Module
+class Dnp3Module : public snort::Module
 {
 public:
     Dnp3Module();
 
-    bool set(const char*, Value&, SnortConfig*) override;
+    bool set(const char*, snort::Value&, snort::SnortConfig*) override;
 
     unsigned get_gid() const override
     { return GID_DNP3; }
 
-    const RuleMap* get_rules() const override;
+    const snort::RuleMap* get_rules() const override;
     const PegInfo* get_pegs() const override;
     PegCount* get_counts() const override;
-    ProfileStats* get_profile() const override;
+    snort::ProfileStats* get_profile() const override;
 
     Usage get_usage() const override
     { return INSPECT; }

diff --git a/src/service_inspectors/dnp3/dnp3_paf.cc b/src/service_inspectors/dnp3/dnp3_paf.cc
index 0c03a36594c1ad523f98729f262d0e238a99e361..8b96364fd36da1d223a8b3bc28ffd3d192cdecaf 100644 (file)
--- a/src/service_inspectors/dnp3/dnp3_paf.cc
+++ b/src/service_inspectors/dnp3/dnp3_paf.cc
@@ -27,6 +27,8 @@
 
 #include "dnp3.h"
 
+using namespace snort;
+
 /* Function: dnp3_paf()
 
    Purpose: DNP3 PAF callback.

diff --git a/src/service_inspectors/dnp3/dnp3_paf.h b/src/service_inspectors/dnp3/dnp3_paf.h
index 6f698a5c4e5c9d1ae49a9a24c6f1b7eb84411d19..55eb4041e6bcc67748b96e52785c8816773ebe88 100644 (file)
--- a/src/service_inspectors/dnp3/dnp3_paf.h
+++ b/src/service_inspectors/dnp3/dnp3_paf.h
@@ -41,12 +41,12 @@ struct dnp3_paf_data
     uint16_t real_length;
 };
 
-class Dnp3Splitter : public StreamSplitter
+class Dnp3Splitter : public snort::StreamSplitter
 {
 public:
     Dnp3Splitter(bool c2s);
 
-    Status scan(Flow*, const uint8_t* data, uint32_t len,
+    Status scan(snort::Flow*, const uint8_t* data, uint32_t len,
         uint32_t flags, uint32_t* fp) override;
 
     bool is_paf() override

diff --git a/src/service_inspectors/dnp3/dnp3_reassembly.cc b/src/service_inspectors/dnp3/dnp3_reassembly.cc
index 77a76676cc41fbed0056f69ee2635334eebe4929..d62d68da1f5bd0c189abc93dacf65b392fdcce8c 100644 (file)
--- a/src/service_inspectors/dnp3/dnp3_reassembly.cc
+++ b/src/service_inspectors/dnp3/dnp3_reassembly.cc
@@ -32,6 +32,8 @@
 
 #include "dnp3_map.h"
 
+using namespace snort;
+
 /* CRC look-up table, for computeCRC() below */
 static uint16_t crcLookUpTable[256] =
 {

diff --git a/src/service_inspectors/dnp3/dnp3_reassembly.h b/src/service_inspectors/dnp3/dnp3_reassembly.h
index 2571a7cb18e58a3c9079df57d29ff69be1f39a8a..591ed0cc57406a36a3f4647a947a1da2a9e81921 100644 (file)
--- a/src/service_inspectors/dnp3/dnp3_reassembly.h
+++ b/src/service_inspectors/dnp3/dnp3_reassembly.h
@@ -25,7 +25,7 @@
 #include "dnp3_module.h"
 #include "dnp3.h"
 
-bool dnp3_full_reassembly(dnp3ProtoConf& config, dnp3_session_data_t* session, Packet* p,
+bool dnp3_full_reassembly(dnp3ProtoConf& config, dnp3_session_data_t* session, snort::Packet* p,
     const uint8_t* pdu_start, uint16_t pdu_length);
 void dnp3_reassembly_reset(dnp3_reassembly_data_t* rdata);
 

diff --git a/src/service_inspectors/dnp3/ips_dnp3_data.cc b/src/service_inspectors/dnp3/ips_dnp3_data.cc
index 3425c826b703ac7e220df95e33de07edd4cefc45..bef52fa1decd651a8d79c08f28d7e6b06cc63bee 100644 (file)
--- a/src/service_inspectors/dnp3/ips_dnp3_data.cc
+++ b/src/service_inspectors/dnp3/ips_dnp3_data.cc
@@ -32,6 +32,8 @@
 
 #include "dnp3.h"
 
+using namespace snort;
+
 #define s_name "dnp3_data"
 #define s_help \
     "sets the cursor to dnp3 data"

diff --git a/src/service_inspectors/dnp3/ips_dnp3_func.cc b/src/service_inspectors/dnp3/ips_dnp3_func.cc
index c0b72e9a3f7fa7829ee6ecccc24bec89f6d7865e..f578bd40d6737b3c9e30121f86b4abe2d30e2ec0 100644 (file)
--- a/src/service_inspectors/dnp3/ips_dnp3_func.cc
+++ b/src/service_inspectors/dnp3/ips_dnp3_func.cc
@@ -32,6 +32,8 @@
 #include "dnp3.h"
 #include "dnp3_map.h"
 
+using namespace snort;
+
 //-------------------------------------------------------------------------
 // DNP3 function code rule options
 //-------------------------------------------------------------------------

diff --git a/src/service_inspectors/dnp3/ips_dnp3_ind.cc b/src/service_inspectors/dnp3/ips_dnp3_ind.cc
index 76cc84dff91cabe9fd1245cea7bc8eda09ae6abf..dbbca2dd1339b9b6a68ee3f67526d7b38a7aa905 100644 (file)
--- a/src/service_inspectors/dnp3/ips_dnp3_ind.cc
+++ b/src/service_inspectors/dnp3/ips_dnp3_ind.cc
@@ -32,6 +32,8 @@
 #include "dnp3.h"
 #include "dnp3_map.h"
 
+using namespace snort;
+
 //-------------------------------------------------------------------------
 // DNP3 indicator flags rule options
 //-------------------------------------------------------------------------

diff --git a/src/service_inspectors/dnp3/ips_dnp3_obj.cc b/src/service_inspectors/dnp3/ips_dnp3_obj.cc
index 25c13bda36baa1069d857a017c2b1739ca43a2e6..521d47918c5fa15dfefd9b031e5e5ca9520ce830 100644 (file)
--- a/src/service_inspectors/dnp3/ips_dnp3_obj.cc
+++ b/src/service_inspectors/dnp3/ips_dnp3_obj.cc
@@ -31,6 +31,8 @@
 
 #include "dnp3.h"
 
+using namespace snort;
+
 //-------------------------------------------------------------------------
 // DNP3 object headers rule options
 //-------------------------------------------------------------------------

diff --git a/src/service_inspectors/dns/dns.cc b/src/service_inspectors/dns/dns.cc
index bfb48f622d81ce46cfaa90587f61c5b8df4692be..b5656d9079fcba6d54ecd05d8f52406352029279 100644 (file)
--- a/src/service_inspectors/dns/dns.cc
+++ b/src/service_inspectors/dns/dns.cc
@@ -35,6 +35,8 @@
 
 #include "dns_module.h"
 
+using namespace snort;
+
 #define MAX_UDP_PAYLOAD 0x1FFF
 #define DNS_RR_PTR 0xC0
 

diff --git a/src/service_inspectors/dns/dns.h b/src/service_inspectors/dns/dns.h
index eb45058f465e9ca1d1fee718b3352e28e731a837..0d137ad4b4d092a0ff59a093eeb118eb5b42bc1f 100644 (file)
--- a/src/service_inspectors/dns/dns.h
+++ b/src/service_inspectors/dns/dns.h
@@ -166,14 +166,14 @@ struct DNSData
     uint8_t flags;
 };
 
-class DnsFlowData : public FlowData
+class DnsFlowData : public snort::FlowData
 {
 public:
     DnsFlowData();
     ~DnsFlowData() override;
 
     static void init()
-    { inspector_id = FlowData::create_flow_data_id(); }
+    { inspector_id = snort::FlowData::create_flow_data_id(); }
 
 public:
     static unsigned inspector_id;

diff --git a/src/service_inspectors/dns/dns_module.cc b/src/service_inspectors/dns/dns_module.cc
index a50633719375e1b3d7dddbdf3fbb835bb5c3663f..17b21443003a7e74c4c307293e51127c9f384a68 100644 (file)
--- a/src/service_inspectors/dns/dns_module.cc
+++ b/src/service_inspectors/dns/dns_module.cc
@@ -24,6 +24,7 @@
 
 #include "dns_module.h"
 
+using namespace snort;
 using namespace std;
 
 #define DNS_EVENT_OBSOLETE_TYPES_STR \

diff --git a/src/service_inspectors/dns/dns_module.h b/src/service_inspectors/dns/dns_module.h
index 242c18fe5b6416a1dd4e7acc831644d6f11a3dad..9b54d80b89af1d0015b4d71a1cbd8224cee427fb 100644 (file)
--- a/src/service_inspectors/dns/dns_module.h
+++ b/src/service_inspectors/dns/dns_module.h
@@ -26,6 +26,11 @@
 #include "framework/module.h"
 #include "main/thread.h"
 
+namespace snort
+{
+struct SnortConfig;
+}
+
 #define GID_DNS 131
 
 #define DNS_EVENT_OBSOLETE_TYPES            1
@@ -35,7 +40,6 @@
 #define DNS_NAME "dns"
 #define DNS_HELP "dns inspection"
 
-struct SnortConfig;
 
 struct DnsStats
 {
@@ -48,23 +52,23 @@ struct DnsStats
 
 extern const PegInfo dns_peg_names[];
 extern THREAD_LOCAL DnsStats dnsstats;
-extern THREAD_LOCAL ProfileStats dnsPerfStats;
+extern THREAD_LOCAL snort::ProfileStats dnsPerfStats;
 
-class DnsModule : public Module
+class DnsModule : public snort::Module
 {
 public:
     DnsModule();
 
-    bool set(const char*, Value&, SnortConfig*) override
+    bool set(const char*, snort::Value&, snort::SnortConfig*) override
     { return false; }
 
     unsigned get_gid() const override
     { return GID_DNS; }
 
-    const RuleMap* get_rules() const override;
+    const snort::RuleMap* get_rules() const override;
     const PegInfo* get_pegs() const override;
     PegCount* get_counts() const override;
-    ProfileStats* get_profile() const override;
+    snort::ProfileStats* get_profile() const override;
 
     Usage get_usage() const override
     { return INSPECT; }

diff --git a/src/service_inspectors/ftp_telnet/ft_main.cc b/src/service_inspectors/ftp_telnet/ft_main.cc
index de662e254e50e6950d11c81dcc171349460f750e..70aa12581d71ac812a00b7161040a30873066933 100644 (file)
--- a/src/service_inspectors/ftp_telnet/ft_main.cc
+++ b/src/service_inspectors/ftp_telnet/ft_main.cc
@@ -145,8 +145,7 @@ static int CheckFTPCmdOptions(FTP_SERVER_PROTO_CONF* serverConf)
  * Returns: -1 on error
  *
  */
-int CheckFTPServerConfigs(
-    SnortConfig*, FTP_SERVER_PROTO_CONF* serverConf)
+int CheckFTPServerConfigs(snort::SnortConfig*, FTP_SERVER_PROTO_CONF* serverConf)
 {
     if (CheckFTPCmdOptions(serverConf))
     {
@@ -157,7 +156,7 @@ int CheckFTPServerConfigs(
 }
 
 // FIXIT-L eliminate legacy void* cruft
-int FTPCheckConfigs(SnortConfig* sc, void* pData)
+int FTPCheckConfigs(snort::SnortConfig* sc, void* pData)
 {
     FTP_SERVER_PROTO_CONF* config = (FTP_SERVER_PROTO_CONF*)pData;
 
@@ -181,9 +180,9 @@ int FTPCheckConfigs(SnortConfig* sc, void* pData)
     return 0;
 }
 
-void do_detection(Packet* p)
+void do_detection(snort::Packet* p)
 {
-    DataBus::publish(PACKET_EVENT, p);
-    DetectionEngine::disable_all(p);
+    snort::DataBus::publish(PACKET_EVENT, p);
+    snort::DetectionEngine::disable_all(p);
 }
 

diff --git a/src/service_inspectors/ftp_telnet/ft_main.h b/src/service_inspectors/ftp_telnet/ft_main.h
index cc80d3b5cb8659e233cd9294c235e2cf4376b0f9..a915afc6e2d3efb8c65dbdddbd4e43ee5dd50137 100644 (file)
--- a/src/service_inspectors/ftp_telnet/ft_main.h
+++ b/src/service_inspectors/ftp_telnet/ft_main.h
@@ -36,23 +36,26 @@
 
 #define BUF_SIZE 1024
 
+namespace snort
+{
 struct Packet;
 struct ProfileStats;
 struct SnortConfig;
+}
 
 extern int16_t ftp_data_app_id;
 
-void do_detection(Packet*);
+void do_detection(snort::Packet*);
 
 void CleanupFTPServerConf(void* serverConf);
 void CleanupFTPCMDConf(void* ftpCmd);
 void CleanupFTPBounceTo(void* ftpBounce);
 
-int CheckFTPServerConfigs(SnortConfig*, FTP_SERVER_PROTO_CONF*);
-int FTPCheckConfigs(SnortConfig*, void*);
+int CheckFTPServerConfigs(snort::SnortConfig*, FTP_SERVER_PROTO_CONF*);
+int FTPCheckConfigs(snort::SnortConfig*, void*);
 
-FTP_CLIENT_PROTO_CONF* get_ftp_client(Packet*);
-FTP_SERVER_PROTO_CONF* get_ftp_server(Packet*);
+FTP_CLIENT_PROTO_CONF* get_ftp_client(snort::Packet*);
+FTP_SERVER_PROTO_CONF* get_ftp_server(snort::Packet*);
 
 #endif
 

diff --git a/src/service_inspectors/ftp_telnet/ftp.cc b/src/service_inspectors/ftp_telnet/ftp.cc
index 5f9d711237810b10be9d1b5e475d85d9f43645df..15722695a322dea720c6e2d0ea778ae8bbef536a 100644 (file)
--- a/src/service_inspectors/ftp_telnet/ftp.cc
+++ b/src/service_inspectors/ftp_telnet/ftp.cc
@@ -41,6 +41,8 @@
 #include "pp_ftp.h"
 #include "telnet.h"
 
+using namespace snort;
+
 int16_t ftp_data_app_id = SFTARGET_UNKNOWN_PROTOCOL;
 
 #define client_key "ftp_client"

diff --git a/src/service_inspectors/ftp_telnet/ftp_bounce_lookup.cc b/src/service_inspectors/ftp_telnet/ftp_bounce_lookup.cc
index 1ddd6a5fc071c801b8dea2d539203c8195910875..f1212aefcc79b015ae459e97050fb717c885db6b 100644 (file)
--- a/src/service_inspectors/ftp_telnet/ftp_bounce_lookup.cc
+++ b/src/service_inspectors/ftp_telnet/ftp_bounce_lookup.cc
@@ -119,8 +119,8 @@ int ftp_bounce_lookup_cleanup(BOUNCE_LOOKUP** BounceLookup)
  * Returns: int => return code indicating error or success
  *
  */
-int ftp_bounce_lookup_add(BOUNCE_LOOKUP* BounceLookup,
-    const SfIp* Ip, FTP_BOUNCE_TO* BounceTo)
+int ftp_bounce_lookup_add(BOUNCE_LOOKUP* BounceLookup, const snort::SfIp* Ip,
+    FTP_BOUNCE_TO* BounceTo)
 {
     int iRet;
 
@@ -167,8 +167,8 @@ int ftp_bounce_lookup_add(BOUNCE_LOOKUP* BounceLookup,
  *                            matching IP if found, NULL otherwise.
  *
  */
-FTP_BOUNCE_TO* ftp_bounce_lookup_find(
-    BOUNCE_LOOKUP* BounceLookup, const SfIp* Ip, int* iError)
+FTP_BOUNCE_TO* ftp_bounce_lookup_find(BOUNCE_LOOKUP* BounceLookup, const snort::SfIp* Ip,
+    int* iError)
 {
     FTP_BOUNCE_TO* BounceTo = nullptr;
 
@@ -209,8 +209,7 @@ FTP_BOUNCE_TO* ftp_bounce_lookup_find(
  * Returns: FTP_BOUNCE_TO* => Pointer to first bounce configuration structure
  *
  */
-FTP_BOUNCE_TO* ftp_bounce_lookup_first(BOUNCE_LOOKUP* BounceLookup,
-    int* iError)
+FTP_BOUNCE_TO* ftp_bounce_lookup_first(BOUNCE_LOOKUP* BounceLookup, int* iError)
 {
     FTP_BOUNCE_TO* BounceTo;
 
@@ -252,8 +251,7 @@ FTP_BOUNCE_TO* ftp_bounce_lookup_first(BOUNCE_LOOKUP* BounceLookup,
  * Returns: FTP_BOUNCE_TO*  => Pointer to next bounce configuration structure
  *
  */
-FTP_BOUNCE_TO* ftp_bounce_lookup_next(BOUNCE_LOOKUP* BounceLookup,
-    int* iError)
+FTP_BOUNCE_TO* ftp_bounce_lookup_next(BOUNCE_LOOKUP* BounceLookup, int* iError)
 {
     FTP_BOUNCE_TO* BounceTo;
 

diff --git a/src/service_inspectors/ftp_telnet/ftp_bounce_lookup.h b/src/service_inspectors/ftp_telnet/ftp_bounce_lookup.h
index 2f6f1e5b12311ecf3645335fce80be7b387ec27f..04388296b4769524076673eb0474a513bc7229cd 100644 (file)
--- a/src/service_inspectors/ftp_telnet/ftp_bounce_lookup.h
+++ b/src/service_inspectors/ftp_telnet/ftp_bounce_lookup.h
@@ -36,9 +36,9 @@
 
 int ftp_bounce_lookup_init(BOUNCE_LOOKUP** BounceLookup);
 int ftp_bounce_lookup_cleanup(BOUNCE_LOOKUP** BounceLookup);
-int ftp_bounce_lookup_add(BOUNCE_LOOKUP* BounceLookup, const SfIp* ip, FTP_BOUNCE_TO* BounceTo);
+int ftp_bounce_lookup_add(BOUNCE_LOOKUP* BounceLookup, const snort::SfIp* ip, FTP_BOUNCE_TO* BounceTo);
 
-FTP_BOUNCE_TO* ftp_bounce_lookup_find(BOUNCE_LOOKUP* BounceLookup, const SfIp* ip, int* iError);
+FTP_BOUNCE_TO* ftp_bounce_lookup_find(BOUNCE_LOOKUP* BounceLookup, const snort::SfIp* ip, int* iError);
 // FIXIT-L orphan code until FTP client inspector acquires a show() method
 // FTP_BOUNCE_TO* ftp_bounce_lookup_first(BOUNCE_LOOKUP* BounceLookup, int* iError);
 // FTP_BOUNCE_TO* ftp_bounce_lookup_next(BOUNCE_LOOKUP* BounceLookup, int* iError);

diff --git a/src/service_inspectors/ftp_telnet/ftp_data.cc b/src/service_inspectors/ftp_telnet/ftp_data.cc
index 130b5a1fad26f0b850d95e88ff167fa3e56a5521..6b25860760b621d8fdbbf88fda2b644bc09981e2 100644 (file)
--- a/src/service_inspectors/ftp_telnet/ftp_data.cc
+++ b/src/service_inspectors/ftp_telnet/ftp_data.cc
@@ -35,6 +35,8 @@
 #include "ftpp_si.h"
 #include "ftpdata_splitter.h"
 
+using namespace snort;
+
 #define s_name "ftp_data"
 
 #define s_help \

diff --git a/src/service_inspectors/ftp_telnet/ftp_data.h b/src/service_inspectors/ftp_telnet/ftp_data.h
index e080e819968e0bbed6b175caa2d17ba7bb8fe9a0..3124a550a593c09e3825243fc6be8c02bb2e594c 100644 (file)
--- a/src/service_inspectors/ftp_telnet/ftp_data.h
+++ b/src/service_inspectors/ftp_telnet/ftp_data.h
@@ -21,7 +21,7 @@
 
 #include "framework/inspector.h"
 
-extern const InspectApi fd_api;
+extern const snort::InspectApi fd_api;
 
 #endif
 

diff --git a/src/service_inspectors/ftp_telnet/ftp_module.cc b/src/service_inspectors/ftp_telnet/ftp_module.cc
index 4b85a33344d90835cba680fd3af5f88d2f6d1679..ca16eb9e404381d02a0da4cf703d83c5d2d2009b 100644 (file)
--- a/src/service_inspectors/ftp_telnet/ftp_module.cc
+++ b/src/service_inspectors/ftp_telnet/ftp_module.cc
@@ -28,6 +28,7 @@
 
 #include "ftpp_si.h"
 
+using namespace snort;
 using namespace std;
 
 #define FTP_CLIENT "ftp_client"

diff --git a/src/service_inspectors/ftp_telnet/ftp_module.h b/src/service_inspectors/ftp_telnet/ftp_module.h
index 5725595a6af1879f91567851b5fab73f053bcbf1..dd3144f061ac1a37a1e86f4bae8a136742dfd7a6 100644 (file)
--- a/src/service_inspectors/ftp_telnet/ftp_module.h
+++ b/src/service_inspectors/ftp_telnet/ftp_module.h
@@ -36,9 +36,12 @@
 #define FTP_BOUNCE                       8
 #define FTP_EVASIVE_TELNET_CMD           9
 
+namespace snort
+{
 struct SnortConfig;
+}
 
-extern THREAD_LOCAL ProfileStats ftpPerfStats;
+extern THREAD_LOCAL snort::ProfileStats ftpPerfStats;
 
 //-------------------------------------------------------------------------
 
@@ -51,15 +54,15 @@ struct BounceTo
     BounceTo(std::string& address, Port lo, Port hi);
 };
 
-class FtpClientModule : public Module
+class FtpClientModule : public snort::Module
 {
 public:
     FtpClientModule();
     ~FtpClientModule() override;
 
-    bool set(const char*, Value&, SnortConfig*) override;
-    bool begin(const char*, int, SnortConfig*) override;
-    bool end(const char*, int, SnortConfig*) override;
+    bool set(const char*, snort::Value&, snort::SnortConfig*) override;
+    bool begin(const char*, int, snort::SnortConfig*) override;
+    bool end(const char*, int, snort::SnortConfig*) override;
 
     FTP_CLIENT_PROTO_CONF* get_data();
     const BounceTo* get_bounce(unsigned idx);
@@ -102,23 +105,23 @@ struct FtpCmd
     FtpCmd(std::string&, std::string&, int);
 };
 
-class FtpServerModule : public Module
+class FtpServerModule : public snort::Module
 {
 public:
     FtpServerModule();
     ~FtpServerModule() override;
 
-    bool set(const char*, Value&, SnortConfig*) override;
-    bool begin(const char*, int, SnortConfig*) override;
-    bool end(const char*, int, SnortConfig*) override;
+    bool set(const char*, snort::Value&, snort::SnortConfig*) override;
+    bool begin(const char*, int, snort::SnortConfig*) override;
+    bool end(const char*, int, snort::SnortConfig*) override;
 
     unsigned get_gid() const override
     { return GID_FTP; }
 
-    const RuleMap* get_rules() const override;
+    const snort::RuleMap* get_rules() const override;
     const PegInfo* get_pegs() const override;
     PegCount* get_counts() const override;
-    ProfileStats* get_profile() const override;
+    snort::ProfileStats* get_profile() const override;
 
     Usage get_usage() const override
     { return INSPECT; }
@@ -127,7 +130,7 @@ public:
     const FtpCmd* get_cmd(unsigned idx);
 
 private:
-    void add_commands(Value&, uint32_t flags, int num = 0);
+    void add_commands(snort::Value&, uint32_t flags, int num = 0);
 
 private:
     FTP_SERVER_PROTO_CONF* conf;

diff --git a/src/service_inspectors/ftp_telnet/ftp_splitter.cc b/src/service_inspectors/ftp_telnet/ftp_splitter.cc
index 6b05a4f2a0fef735498343db61d375a9b33d544a..d5795ef0c18ccbf91b42794641e94a7603d53042 100644 (file)
--- a/src/service_inspectors/ftp_telnet/ftp_splitter.cc
+++ b/src/service_inspectors/ftp_telnet/ftp_splitter.cc
@@ -25,6 +25,8 @@
 
 #include <cstring>
 
+using namespace snort;
+
 FtpSplitter::FtpSplitter(bool c2s) : StreamSplitter(c2s) { }
 
 // flush at last line feed in data

diff --git a/src/service_inspectors/ftp_telnet/ftp_splitter.h b/src/service_inspectors/ftp_telnet/ftp_splitter.h
index f5934b9096e621fbc68870c94e31dc063c9eb6ad..91e5b2dcc43474d9c05fcca669cec5e83edc9bd8 100644 (file)
--- a/src/service_inspectors/ftp_telnet/ftp_splitter.h
+++ b/src/service_inspectors/ftp_telnet/ftp_splitter.h
@@ -21,12 +21,12 @@
 
 #include "stream/stream_splitter.h"
 
-class FtpSplitter : public StreamSplitter
+class FtpSplitter : public snort::StreamSplitter
 {
 public:
     FtpSplitter(bool c2s);
 
-    Status scan(Flow*, const uint8_t* data, uint32_t len,
+    Status scan(snort::Flow*, const uint8_t* data, uint32_t len,
         uint32_t flags, uint32_t* fp) override;
 
     bool is_paf() override { return true; }

diff --git a/src/service_inspectors/ftp_telnet/ftpdata_splitter.cc b/src/service_inspectors/ftp_telnet/ftpdata_splitter.cc
index b34d7c7c7c6fd464c0aefe66d5a7e0a8e5d421bd..b1b6b5e1783564ecd40cb25b9c296d6a3835cd70 100644 (file)
--- a/src/service_inspectors/ftp_telnet/ftpdata_splitter.cc
+++ b/src/service_inspectors/ftp_telnet/ftpdata_splitter.cc
@@ -26,6 +26,8 @@
 #include "file_api/file_flows.h"
 #include "ftpp_si.h"
 
+using namespace snort;
+
 void FtpDataSplitter::restart_scan()
 {
     bytes = segs = 0;

diff --git a/src/service_inspectors/ftp_telnet/ftpdata_splitter.h b/src/service_inspectors/ftp_telnet/ftpdata_splitter.h
index e918f58809fbc3fa923b46a8f8730e39a4e673ba..303822dc52df5f169b9b784b5554d6a9a911d16a 100644 (file)
--- a/src/service_inspectors/ftp_telnet/ftpdata_splitter.h
+++ b/src/service_inspectors/ftp_telnet/ftpdata_splitter.h
@@ -23,15 +23,18 @@
 #include "stream/flush_bucket.h"
 #include "stream/stream_splitter.h"
 
+namespace snort
+{
 class Flow;
+}
 
 //---------------------------------------------------------------------------------
 // FtpDataSplitter - flush when current seg size is different from previous segment
 //---------------------------------------------------------------------------------
-class FtpDataSplitter : public StreamSplitter
+class FtpDataSplitter : public snort::StreamSplitter
 {
 public:
-    FtpDataSplitter(bool b, uint16_t sz = 0) : StreamSplitter(b)
+    FtpDataSplitter(bool b, uint16_t sz = 0) : snort::StreamSplitter(b)
     {
         min = sz + get_flush_bucket_size();
         restart_scan();
@@ -39,8 +42,8 @@ public:
     }
 
 
-    Status scan(Flow*, const uint8_t*, uint32_t len, uint32_t flags, uint32_t* fp ) override;
-    bool finish(Flow*) override;
+    Status scan(snort::Flow*, const uint8_t*, uint32_t len, uint32_t flags, uint32_t* fp ) override;
+    bool finish(snort::Flow*) override;
 
 private:
     uint16_t min;

diff --git a/src/service_inspectors/ftp_telnet/ftpp_si.cc b/src/service_inspectors/ftp_telnet/ftpp_si.cc
index 6eafc80277bf484f33499bf4cb7df891dabde167..8f0d08cd9460600ec6ed520144a324e5f3d48360 100644 (file)
--- a/src/service_inspectors/ftp_telnet/ftpp_si.cc
+++ b/src/service_inspectors/ftp_telnet/ftpp_si.cc
@@ -56,6 +56,8 @@
 #include "ft_main.h"
 #include "ftpp_return_codes.h"
 
+using namespace snort;
+
 unsigned FtpFlowData::inspector_id = 0;
 unsigned TelnetFlowData::inspector_id = 0;
 

diff --git a/src/service_inspectors/ftp_telnet/ftpp_si.h b/src/service_inspectors/ftp_telnet/ftpp_si.h
index 88078a3bdafbd5b2eb61b3b996a68ebab4346138..60125ed0d9b7655d575ac8f50ee174fdc3daf5e7 100644 (file)
--- a/src/service_inspectors/ftp_telnet/ftpp_si.h
+++ b/src/service_inspectors/ftp_telnet/ftpp_si.h
@@ -93,14 +93,14 @@ struct TELNET_SESSION
     int encr_state;
 };
 
-class TelnetFlowData : public FlowData
+class TelnetFlowData : public snort::FlowData
 {
 public:
     TelnetFlowData();
     ~TelnetFlowData() override;
 
     static void init()
-    { inspector_id = FlowData::create_flow_data_id(); }
+    { inspector_id = snort::FlowData::create_flow_data_id(); }
 
 public:
     static unsigned inspector_id;
@@ -159,9 +159,9 @@ struct FTP_SESSION
     int data_chan_index;
     int data_xfer_index;
     bool data_xfer_dir;
-    SfIp clientIP;
+    snort::SfIp clientIP;
     uint16_t clientPort;
-    SfIp serverIP;
+    snort::SfIp serverIP;
     uint16_t serverPort;
 
     /* A file is being transferred on ftp-data channel */
@@ -176,14 +176,14 @@ struct FTP_SESSION
 
 void FTPFreesession(FTP_SESSION*);
 
-class FtpFlowData : public FlowData
+class FtpFlowData : public snort::FlowData
 {
 public:
     FtpFlowData();
     ~FtpFlowData() override;
 
     static void init()
-    { inspector_id = FlowData::create_flow_data_id(); }
+    { inspector_id = snort::FlowData::create_flow_data_id(); }
 
 public:
     static unsigned inspector_id;
@@ -210,17 +210,17 @@ struct FTP_DATA_SESSION
     unsigned char packet_flags;
 };
 
-class FtpDataFlowData : public FlowData
+class FtpDataFlowData : public snort::FlowData
 {
 public:
-    FtpDataFlowData(Packet*);
+    FtpDataFlowData(snort::Packet*);
     ~FtpDataFlowData() override;
 
     static void init()
-    { inspector_id = FlowData::create_flow_data_id(); }
+    { inspector_id = snort::FlowData::create_flow_data_id(); }
 
-    void handle_expected(Packet*) override;
-    void handle_eof(Packet*) override;
+    void handle_expected(snort::Packet*) override;
+    void handle_eof(snort::Packet*) override;
 
 public:
     static unsigned inspector_id;
@@ -246,29 +246,28 @@ public:
  */
 struct FTPP_SI_INPUT
 {
-    SfIp sip;
-    SfIp dip;
+    snort::SfIp sip;
+    snort::SfIp dip;
     unsigned short sport;
     unsigned short dport;
     unsigned char pdir;
     unsigned char pproto;
 };
 
-int FTPGetPacketDir(Packet*);
+int FTPGetPacketDir(snort::Packet*);
 
 /* FTP-Data file processing */
-FTP_DATA_SESSION* FTPDatasessionNew(Packet* p);
+FTP_DATA_SESSION* FTPDatasessionNew(snort::Packet* p);
 void FTPDatasessionFree(void* p_ssn);
 
-bool FTPDataDirection(Packet* p, FTP_DATA_SESSION* ftpdata);
+bool FTPDataDirection(snort::Packet* p, FTP_DATA_SESSION* ftpdata);
 
-int TelnetsessionInspection(
-    Packet*, TELNET_PROTO_CONF*, TELNET_SESSION**, FTPP_SI_INPUT*, int* piInspectMode);
+int TelnetsessionInspection(snort::Packet*, TELNET_PROTO_CONF*, TELNET_SESSION**,
+    FTPP_SI_INPUT*, int* piInspectMode);
 
-int FTPsessionInspection(
-    Packet*, FTP_SESSION**, FTPP_SI_INPUT*, int* piInspectMode);
+int FTPsessionInspection(snort::Packet*, FTP_SESSION**, FTPP_SI_INPUT*, int* piInspectMode);
 
-int SetSiInput(FTPP_SI_INPUT*, Packet*);
+int SetSiInput(FTPP_SI_INPUT*, snort::Packet*);
 
 struct FtpStats
 {

diff --git a/src/service_inspectors/ftp_telnet/ftpp_ui_config.h b/src/service_inspectors/ftp_telnet/ftpp_ui_config.h
index 41b5d9c90350cabf3ff0b2ae0de59fab822052e3..7ebdd3e12e7168ccdc2898ffaefa9ff189ad7b80 100644 (file)
--- a/src/service_inspectors/ftp_telnet/ftpp_ui_config.h
+++ b/src/service_inspectors/ftp_telnet/ftpp_ui_config.h
@@ -196,7 +196,7 @@ struct FTP_SERVER_PROTO_CONF
 
 typedef struct s_FTP_BOUNCE_TO
 {
-    SfIp ip;
+    snort::SfIp ip;
     int relevant_bits;
     unsigned short portlo;
     unsigned short porthi;

diff --git a/src/service_inspectors/ftp_telnet/pp_ftp.cc b/src/service_inspectors/ftp_telnet/pp_ftp.cc
index 31d5df1b870e53568c9e03e553c1140e7f30e489..940ae1371a3fc22744be0ebafb74c9826d1867f2 100644 (file)
--- a/src/service_inspectors/ftp_telnet/pp_ftp.cc
+++ b/src/service_inspectors/ftp_telnet/pp_ftp.cc
@@ -54,6 +54,8 @@
 #include "ftpp_return_codes.h"
 #include "pp_telnet.h"
 
+using namespace snort;
+
 #ifndef MAXHOSTNAMELEN /* Why doesn't Windows define this? */
 #define MAXHOSTNAMELEN 256
 #endif

diff --git a/src/service_inspectors/ftp_telnet/pp_ftp.h b/src/service_inspectors/ftp_telnet/pp_ftp.h
index dca93383a91c880a82fe7afb3d3194f33fbdf579..d90b3d5da8561d1f64f6df5dc3338c609751e8e5 100644 (file)
--- a/src/service_inspectors/ftp_telnet/pp_ftp.h
+++ b/src/service_inspectors/ftp_telnet/pp_ftp.h
@@ -27,9 +27,9 @@
 #include "ftpp_si.h"
 
 /* list of function prototypes for this preprocessor */
-extern int check_ftp(FTP_SESSION* session, Packet* p, int iMode);
+extern int check_ftp(FTP_SESSION* session, snort::Packet* p, int iMode);
 
-extern int initialize_ftp(FTP_SESSION* session, Packet* p, int iMode);
+extern int initialize_ftp(FTP_SESSION* session, snort::Packet* p, int iMode);
 
 #endif
 

diff --git a/src/service_inspectors/ftp_telnet/pp_telnet.cc b/src/service_inspectors/ftp_telnet/pp_telnet.cc
index d2c8e4dddffdeb6128a740bd82fd9e307e4d6e75..66d833b1bb7a3a4ce4296edb6d41b43fc9447bcf 100644 (file)
--- a/src/service_inspectors/ftp_telnet/pp_telnet.cc
+++ b/src/service_inspectors/ftp_telnet/pp_telnet.cc
@@ -55,6 +55,8 @@
 #include "ftpp_return_codes.h"
 #include "telnet_module.h"
 
+using namespace snort;
+
 #define NUL 0x00
 #define CR 0x0d
 #define LF 0x0a

diff --git a/src/service_inspectors/ftp_telnet/pp_telnet.h b/src/service_inspectors/ftp_telnet/pp_telnet.h
index 88460fa4d6376c40d91b0a64d18e2f4ed6b96774..d0c7628cf2ffba0f46cfa87399110936190597a0 100644 (file)
--- a/src/service_inspectors/ftp_telnet/pp_telnet.h
+++ b/src/service_inspectors/ftp_telnet/pp_telnet.h
@@ -61,10 +61,10 @@
 #define FTPP_IGNORE_TNC_ERASE_CMDS 1
 
 /* list of function prototypes for this preprocessor */
-extern int normalize_telnet(TELNET_SESSION*, Packet*, int iMode, char ignoreEraseCmd);
+extern int normalize_telnet(TELNET_SESSION*, snort::Packet*, int iMode, char ignoreEraseCmd);
 
-void reset_telnet_buffer(Packet*);
-const uint8_t* get_telnet_buffer(Packet*, unsigned&);
+void reset_telnet_buffer(snort::Packet*);
+const uint8_t* get_telnet_buffer(snort::Packet*, unsigned&);
 
 #endif
 

diff --git a/src/service_inspectors/ftp_telnet/telnet.cc b/src/service_inspectors/ftp_telnet/telnet.cc
index 4ed5d7114c48fc8e8806bbc2c7ddc141eab4f2b3..281b6d1915424743d81c3fd25c3499f5d4ffdd81 100644 (file)
--- a/src/service_inspectors/ftp_telnet/telnet.cc
+++ b/src/service_inspectors/ftp_telnet/telnet.cc
@@ -35,6 +35,8 @@
 #include "pp_telnet.h"
 #include "telnet_module.h"
 
+using namespace snort;
+
 THREAD_LOCAL ProfileStats telnetPerfStats;
 THREAD_LOCAL TelnetStats tnstats;
 

diff --git a/src/service_inspectors/ftp_telnet/telnet.h b/src/service_inspectors/ftp_telnet/telnet.h
index 73d85572a9feaf84471d528416c01f727ba8ce71..b47e933d2f1ab0a05891c5d430ff7357e532b054 100644 (file)
--- a/src/service_inspectors/ftp_telnet/telnet.h
+++ b/src/service_inspectors/ftp_telnet/telnet.h
@@ -21,7 +21,7 @@
 
 #include "framework/inspector.h"
 
-extern const InspectApi tn_api;
+extern const snort::InspectApi tn_api;
 
 #endif
 

diff --git a/src/service_inspectors/ftp_telnet/telnet_module.cc b/src/service_inspectors/ftp_telnet/telnet_module.cc
index 54dc563d51a4be93ce7a4b2cb01c4838c11dfcab..2289d94fb05cffe1583750dd5f2d44bf1c72040d 100644 (file)
--- a/src/service_inspectors/ftp_telnet/telnet_module.cc
+++ b/src/service_inspectors/ftp_telnet/telnet_module.cc
@@ -28,6 +28,7 @@
 
 #include "ftpp_si.h"
 
+using namespace snort;
 using namespace std;
 
 //-------------------------------------------------------------------------

diff --git a/src/service_inspectors/ftp_telnet/telnet_module.h b/src/service_inspectors/ftp_telnet/telnet_module.h
index 9b319fa49e97f2ef4f089fead64968959441eff6..7c7a466f7f607f972428c899281e9e9e5882c42a 100644 (file)
--- a/src/service_inspectors/ftp_telnet/telnet_module.h
+++ b/src/service_inspectors/ftp_telnet/telnet_module.h
@@ -33,27 +33,30 @@
 #define TEL_NAME "telnet"
 #define TEL_HELP "telnet inspection and normalization"
 
+namespace snort
+{
 struct SnortConfig;
+}
 
-extern THREAD_LOCAL ProfileStats telnetPerfStats;
+extern THREAD_LOCAL snort::ProfileStats telnetPerfStats;
 
-class TelnetModule : public Module
+class TelnetModule : public snort::Module
 {
 public:
     TelnetModule();
     ~TelnetModule() override;
 
-    bool set(const char*, Value&, SnortConfig*) override;
-    bool begin(const char*, int, SnortConfig*) override;
-    bool end(const char*, int, SnortConfig*) override;
+    bool set(const char*, snort::Value&, snort::SnortConfig*) override;
+    bool begin(const char*, int, snort::SnortConfig*) override;
+    bool end(const char*, int, snort::SnortConfig*) override;
 
     unsigned get_gid() const override
     { return GID_TELNET; }
 
-    const RuleMap* get_rules() const override;
+    const snort::RuleMap* get_rules() const override;
     const PegInfo* get_pegs() const override;
     PegCount* get_counts() const override;
-    ProfileStats* get_profile() const override;
+    snort::ProfileStats* get_profile() const override;
 
     Usage get_usage() const override
     { return INSPECT; }

diff --git a/src/service_inspectors/gtp/gtp.cc b/src/service_inspectors/gtp/gtp.cc
index 8edb2d33928d9d1dae1becbfd166c2b5a61f76a4..0612ca0398b70b9314b6ce8e40e6a850b3a8c4b8 100644 (file)
--- a/src/service_inspectors/gtp/gtp.cc
+++ b/src/service_inspectors/gtp/gtp.cc
@@ -31,6 +31,8 @@
 
 #include "gtp_inspect.h"
 
+using namespace snort;
+
 #define GTPMSG_ZERO_LEN offsetof(GTPMsg, msg_id)
 
 THREAD_LOCAL GTP_Stats gtp_stats;

diff --git a/src/service_inspectors/gtp/gtp.h b/src/service_inspectors/gtp/gtp.h
index 9f90c93d8707d6178d1cd549307d91373cd8b4e6..b66e2416a3d74b7cd9cb21923c3f32031113674b 100644 (file)
--- a/src/service_inspectors/gtp/gtp.h
+++ b/src/service_inspectors/gtp/gtp.h
@@ -29,6 +29,11 @@
 #include "framework/counts.h"
 #include "main/thread.h"
 
+namespace snort
+{
+struct Packet;
+}
+
 #define MIN_GTP_VERSION_CODE   (0)
 #define MAX_GTP_VERSION_CODE   (2)
 
@@ -73,7 +78,7 @@ struct GTP_Stats
 
 extern THREAD_LOCAL GTP_Stats gtp_stats;
 
-void GTPmain(const GTPConfig&, struct Packet*);
+void GTPmain(const GTPConfig&, snort::Packet*);
 
 #endif
 

diff --git a/src/service_inspectors/gtp/gtp_inspect.cc b/src/service_inspectors/gtp/gtp_inspect.cc
index 6b9a2bf3b15590febedbd71679845e2f81fcf7cd..d9f9a70272d95f9240c42873eebea6e4060ba37a 100644 (file)
--- a/src/service_inspectors/gtp/gtp_inspect.cc
+++ b/src/service_inspectors/gtp/gtp_inspect.cc
@@ -34,6 +34,8 @@
 #include "gtp.h"
 #include "gtp_module.h"
 
+using namespace snort;
+
 //-------------------------------------------------------------------------
 // flow stuff
 //-------------------------------------------------------------------------

diff --git a/src/service_inspectors/gtp/gtp_inspect.h b/src/service_inspectors/gtp/gtp_inspect.h
index 422d1c4ea06ba6df0e999372b73e252327b1622f..660bc76bb7054c042f667596597e57475bde4ad3 100644 (file)
--- a/src/service_inspectors/gtp/gtp_inspect.h
+++ b/src/service_inspectors/gtp/gtp_inspect.h
@@ -35,7 +35,7 @@ struct GTP_Roptions
     GTP_IEData* gtp_infoElements;
 };
 
-class GtpFlowData : public FlowData
+class GtpFlowData : public snort::FlowData
 {
 public:
     GtpFlowData();

diff --git a/src/service_inspectors/gtp/gtp_module.cc b/src/service_inspectors/gtp/gtp_module.cc
index 62f4d949f6256f8a86a28e537c8d0bdabe3eb663..8056864efb4bd48f560a2ab5b53cf8ce56a6a5a3 100644 (file)
--- a/src/service_inspectors/gtp/gtp_module.cc
+++ b/src/service_inspectors/gtp/gtp_module.cc
@@ -30,6 +30,8 @@
 
 #include "gtp.h"
 
+using namespace snort;
+
 THREAD_LOCAL ProfileStats gtp_inspect_prof;
 
 #define GTP_EVENT_BAD_MSG_LEN_STR        "message length is invalid"

diff --git a/src/service_inspectors/gtp/gtp_module.h b/src/service_inspectors/gtp/gtp_module.h
index 0f7110ccf408dd8ea3cc6661f5fb0feaeacce2eb..45a9058ce617bed9783559afc00c5d60dc390a98 100644 (file)
--- a/src/service_inspectors/gtp/gtp_module.h
+++ b/src/service_inspectors/gtp/gtp_module.h
@@ -32,7 +32,7 @@
 #define GTP_NAME "gtp_inspect"
 #define GTP_HELP "gtp control channel inspection"
 
-extern THREAD_LOCAL ProfileStats gtp_inspect_prof;
+extern THREAD_LOCAL snort::ProfileStats gtp_inspect_prof;
 
 struct GtpStuff
 {
@@ -42,24 +42,24 @@ struct GtpStuff
     int length;
 };
 
-class GtpInspectModule : public Module
+class GtpInspectModule : public snort::Module
 {
 public:
     GtpInspectModule();
 
-    bool set(const char*, Value&, SnortConfig*) override;
-    bool begin(const char*, int, SnortConfig*) override;
-    bool end(const char*, int, SnortConfig*) override;
+    bool set(const char*, snort::Value&, snort::SnortConfig*) override;
+    bool begin(const char*, int, snort::SnortConfig*) override;
+    bool end(const char*, int, snort::SnortConfig*) override;
 
     unsigned get_gid() const override
     { return GID_GTP; }
 
-    const RuleMap* get_rules() const override;
+    const snort::RuleMap* get_rules() const override;
 
     const PegInfo* get_pegs() const override;
     PegCount* get_counts() const override;
 
-    ProfileStats* get_profile() const override
+    snort::ProfileStats* get_profile() const override
     { return &gtp_inspect_prof; }
 
     Usage get_usage() const override

diff --git a/src/service_inspectors/gtp/gtp_parser.cc b/src/service_inspectors/gtp/gtp_parser.cc
index 982341c3f36d0e340928cace2b68f399043382f6..639a61da2f73611736656e7620b876576597c947 100644 (file)
--- a/src/service_inspectors/gtp/gtp_parser.cc
+++ b/src/service_inspectors/gtp/gtp_parser.cc
@@ -40,7 +40,7 @@
 #pragma pack(1)
 static inline void alert(int sid)
 {
-    DetectionEngine::queue_event(GID_GTP, sid);
+    snort::DetectionEngine::queue_event(GID_GTP, sid);
     gtp_stats.events++;
 }
 

diff --git a/src/service_inspectors/gtp/ips_gtp_info.cc b/src/service_inspectors/gtp/ips_gtp_info.cc
index 9429086cd4fca99c705e51e576cd2f1bbd5015e1..4c444946dc2578ff61ea56d25fb3b362c15da6e3 100644 (file)
--- a/src/service_inspectors/gtp/ips_gtp_info.cc
+++ b/src/service_inspectors/gtp/ips_gtp_info.cc
@@ -34,6 +34,8 @@
 #include "gtp.h"
 #include "gtp_inspect.h"
 
+using namespace snort;
+
 static const char* s_name = "gtp_info";
 
 //-------------------------------------------------------------------------

diff --git a/src/service_inspectors/gtp/ips_gtp_type.cc b/src/service_inspectors/gtp/ips_gtp_type.cc
index 1dda614ecb175f329f73a1fd5dd915d3a8bda717..4cb1d24d4c3b4bb3413c9a1adffd2fac66b856ac 100644 (file)
--- a/src/service_inspectors/gtp/ips_gtp_type.cc
+++ b/src/service_inspectors/gtp/ips_gtp_type.cc
@@ -33,6 +33,8 @@
 #include "gtp.h"
 #include "gtp_inspect.h"
 
+using namespace snort;
+
 static const char* s_name = "gtp_type";
 
 //-------------------------------------------------------------------------

diff --git a/src/service_inspectors/gtp/ips_gtp_version.cc b/src/service_inspectors/gtp/ips_gtp_version.cc
index f9424a322f4768eac0075d735843224a53715642..7968252792f5e3db48ff8335b881406a1f2bfd7a 100644 (file)
--- a/src/service_inspectors/gtp/ips_gtp_version.cc
+++ b/src/service_inspectors/gtp/ips_gtp_version.cc
@@ -32,6 +32,8 @@
 
 #include "gtp_inspect.h"
 
+using namespace snort;
+
 static const char* s_name = "gtp_version";
 
 //-------------------------------------------------------------------------

diff --git a/src/service_inspectors/http2_inspect/http2_api.cc b/src/service_inspectors/http2_inspect/http2_api.cc
index d7c0b10212fecacafce80a5ebcc10b0cb0cd8ba2..72573f5aeafd12098f7ca68c1868591074d4340b 100644 (file)
--- a/src/service_inspectors/http2_inspect/http2_api.cc
+++ b/src/service_inspectors/http2_inspect/http2_api.cc
@@ -25,6 +25,8 @@
 
 #include "http2_inspect.h"
 
+using namespace snort;
+
 const char* Http2Api::http2_my_name = HTTP2_NAME;
 const char* Http2Api::http2_help = "the HTTP/2 inspector";
 

diff --git a/src/service_inspectors/http2_inspect/http2_api.h b/src/service_inspectors/http2_inspect/http2_api.h
index 8f30378a8e87ccf6036fe724d9ace5f420d77929..595e36ad5a1cf9b4fab9d5941be558a0237130f6 100644 (file)
--- a/src/service_inspectors/http2_inspect/http2_api.h
+++ b/src/service_inspectors/http2_inspect/http2_api.h
@@ -29,19 +29,19 @@
 class Http2Api
 {
 public:
-    static const InspectApi http2_api;
+    static const snort::InspectApi http2_api;
     static const char* classic_buffer_names[];
 
 private:
     Http2Api() = delete;
-    static Module* http2_mod_ctor() { return new Http2Module; }
-    static void http2_mod_dtor(Module* m) { delete m; }
+    static snort::Module* http2_mod_ctor() { return new Http2Module; }
+    static void http2_mod_dtor(snort::Module* m) { delete m; }
     static const char* http2_my_name;
     static const char* http2_help;
     static void http2_init() { Http2FlowData::init(); }
     static void http2_term() { }
-    static Inspector* http2_ctor(Module* mod);
-    static void http2_dtor(Inspector* p) { delete p; }
+    static snort::Inspector* http2_ctor(snort::Module* mod);
+    static void http2_dtor(snort::Inspector* p) { delete p; }
     static void http2_tinit() { }
     static void http2_tterm() { }
 };

diff --git a/src/service_inspectors/http2_inspect/http2_flow_data.cc b/src/service_inspectors/http2_inspect/http2_flow_data.cc
index 72dc45273d2344ac583ecebf1bac4678b67e067a..60bb1001f08a29f08987c3696a4825b8e89b6282 100644 (file)
--- a/src/service_inspectors/http2_inspect/http2_flow_data.cc
+++ b/src/service_inspectors/http2_inspect/http2_flow_data.cc
@@ -26,6 +26,7 @@
 #include "http2_enum.h"
 #include "http2_module.h"
 
+using namespace snort;
 using namespace Http2Enums;
 
 unsigned Http2FlowData::inspector_id = 0;

diff --git a/src/service_inspectors/http2_inspect/http2_flow_data.h b/src/service_inspectors/http2_inspect/http2_flow_data.h
index 9e6f1fd1576f950d05414381bfc36209822ac80a..5688d0156ab094b8ab855fb260b1fa593b546b5f 100644 (file)
--- a/src/service_inspectors/http2_inspect/http2_flow_data.h
+++ b/src/service_inspectors/http2_inspect/http2_flow_data.h
@@ -24,22 +24,22 @@
 #include "stream/stream_splitter.h"
 #include "http2_enum.h"
 
-class Http2FlowData : public FlowData
+class Http2FlowData : public snort::FlowData
 {
 public:
     Http2FlowData();
     ~Http2FlowData() override;
     static unsigned inspector_id;
-    static void init() { inspector_id = FlowData::create_flow_data_id(); }
+    static void init() { inspector_id = snort::FlowData::create_flow_data_id(); }
 
     friend class Http2Inspect;
     friend class Http2StreamSplitter;
-    friend const StreamBuffer implement_reassemble(Http2FlowData*, unsigned, unsigned,
+    friend const snort::StreamBuffer implement_reassemble(Http2FlowData*, unsigned, unsigned,
         const uint8_t*, unsigned, uint32_t, unsigned&, Http2Enums::SourceId);
-    friend StreamSplitter::Status implement_scan(Http2FlowData*, const uint8_t*, uint32_t,
+    friend snort::StreamSplitter::Status implement_scan(Http2FlowData*, const uint8_t*, uint32_t,
         uint32_t*, Http2Enums::SourceId);
     friend bool implement_get_buf(unsigned id, Http2FlowData*, Http2Enums::SourceId,
-        InspectionBuffer&);
+        snort::InspectionBuffer&);
 
 protected:
     // 0 element refers to client frame, 1 element refers to server frame

diff --git a/src/service_inspectors/http2_inspect/http2_inspect.cc b/src/service_inspectors/http2_inspect/http2_inspect.cc
index b7a4a078d51e36e90e8f51eeb458275743ad0d3c..e00745311365c5e8e42fd02c4be0acda7710e609 100644 (file)
--- a/src/service_inspectors/http2_inspect/http2_inspect.cc
+++ b/src/service_inspectors/http2_inspect/http2_inspect.cc
@@ -29,6 +29,7 @@
 #include "service_inspectors/http_inspect/http_test_manager.h"
 #include "stream/stream.h"
 
+using namespace snort;
 using namespace Http2Enums;
 
 Http2Inspect::Http2Inspect(const Http2ParaList* params_) : params(params_)

diff --git a/src/service_inspectors/http2_inspect/http2_inspect.h b/src/service_inspectors/http2_inspect/http2_inspect.h
index ff94aeec99896c5a5cd3c1f8f83ae9568770a21b..ae0a9de14d405a01fc38fe14372ab3ecd30d5497 100644 (file)
--- a/src/service_inspectors/http2_inspect/http2_inspect.h
+++ b/src/service_inspectors/http2_inspect/http2_inspect.h
@@ -33,19 +33,20 @@
 
 class Http2Api;
 
-class Http2Inspect : public Inspector
+class Http2Inspect : public snort::Inspector
 {
 public:
     Http2Inspect(const Http2ParaList* params_);
     ~Http2Inspect() override { delete params; }
 
-    bool get_buf(InspectionBuffer::Type ibt, Packet* p, InspectionBuffer& b) override;
-    bool get_buf(unsigned id, Packet* p, InspectionBuffer& b) override;
-    bool get_fp_buf(InspectionBuffer::Type ibt, Packet* p, InspectionBuffer& b) override;
-    bool configure(SnortConfig*) override;
-    void show(SnortConfig*) override { LogMessage("Http2Inspect\n"); }
-    void eval(Packet* p) override;
-    void clear(Packet* p) override;
+    bool get_buf(snort::InspectionBuffer::Type ibt, snort::Packet* p, snort::InspectionBuffer& b) override;
+    bool get_buf(unsigned id, snort::Packet* p, snort::InspectionBuffer& b) override;
+    bool get_fp_buf(snort::InspectionBuffer::Type ibt, snort::Packet* p,
+        snort::InspectionBuffer& b) override;
+    bool configure(snort::SnortConfig*) override;
+    void show(snort::SnortConfig*) override { LogMessage("Http2Inspect\n"); }
+    void eval(snort::Packet* p) override;
+    void clear(snort::Packet* p) override;
     void tinit() override { }
     void tterm() override { }
     Http2StreamSplitter* get_splitter(bool is_client_to_server) override
@@ -60,7 +61,7 @@ private:
 };
 
 bool implement_get_buf(unsigned id, Http2FlowData* session_data, Http2Enums::SourceId source_id,
-    InspectionBuffer& b);
+    snort::InspectionBuffer& b);
 
 #endif
 

diff --git a/src/service_inspectors/http2_inspect/http2_inspect_impl.cc b/src/service_inspectors/http2_inspect/http2_inspect_impl.cc
index 9a7ab2a563971a2a3887bdb922cd9388a26cdfe4..ff555362a18a4ca670c8a264c38d1666e3a560ac 100644 (file)
--- a/src/service_inspectors/http2_inspect/http2_inspect_impl.cc
+++ b/src/service_inspectors/http2_inspect/http2_inspect_impl.cc
@@ -24,6 +24,7 @@
 #include "http2_inspect.h"
 #include "http2_flow_data.h"
 
+using namespace snort;
 using namespace Http2Enums;
 
 bool implement_get_buf(unsigned id, Http2FlowData* session_data, SourceId source_id,

diff --git a/src/service_inspectors/http2_inspect/http2_module.cc b/src/service_inspectors/http2_inspect/http2_module.cc
index 5a79c3e1868aefd1ff139432434832f8ca5910e7..7f2de724d8b947568f89eb7c5f540e42a9207fef 100644 (file)
--- a/src/service_inspectors/http2_inspect/http2_module.cc
+++ b/src/service_inspectors/http2_inspect/http2_module.cc
@@ -23,6 +23,7 @@
 
 #include "http2_module.h"
 
+using namespace snort;
 using namespace Http2Enums;
 
 const Parameter Http2Module::http2_params[] =

diff --git a/src/service_inspectors/http2_inspect/http2_module.h b/src/service_inspectors/http2_inspect/http2_module.h
index 72ef065777df25f534f4a53fc295889d650a59e6..a599fcdadc851a3e76866db8728b3737b61520b9 100644 (file)
--- a/src/service_inspectors/http2_inspect/http2_module.h
+++ b/src/service_inspectors/http2_inspect/http2_module.h
@@ -36,16 +36,16 @@ struct Http2ParaList
 public:
 };
 
-class Http2Module : public Module
+class Http2Module : public snort::Module
 {
 public:
-    Http2Module() : Module(HTTP2_NAME, HTTP2_HELP, http2_params) { }
+    Http2Module() : snort::Module(HTTP2_NAME, HTTP2_HELP, http2_params) { }
     ~Http2Module() override { delete params; }
-    bool begin(const char*, int, SnortConfig*) override;
-    bool end(const char*, int, SnortConfig*) override;
-    bool set(const char*, Value&, SnortConfig*) override;
+    bool begin(const char*, int, snort::SnortConfig*) override;
+    bool end(const char*, int, snort::SnortConfig*) override;
+    bool set(const char*, snort::Value&, snort::SnortConfig*) override;
     unsigned get_gid() const override { return Http2Enums::HTTP2_GID; }
-    const RuleMap* get_rules() const override { return http2_events; }
+    const snort::RuleMap* get_rules() const override { return http2_events; }
     const Http2ParaList* get_once_params()
     {
         Http2ParaList* ret_val = params;
@@ -62,20 +62,20 @@ public:
     static PegCount get_peg_counts(Http2Enums::PEG_COUNT counter)
         { return peg_counts[counter]; }
 
-    ProfileStats* get_profile() const override;
+    snort::ProfileStats* get_profile() const override;
 
-    static ProfileStats& get_profile_stats()
+    static snort::ProfileStats& get_profile_stats()
     { return http2_profile; }
 
     Usage get_usage() const override
     { return INSPECT; }
 
 private:
-    static const Parameter http2_params[];
-    static const RuleMap http2_events[];
+    static const snort::Parameter http2_params[];
+    static const snort::RuleMap http2_events[];
     Http2ParaList* params = nullptr;
     static const PegInfo peg_names[];
-    static THREAD_LOCAL ProfileStats http2_profile;
+    static THREAD_LOCAL snort::ProfileStats http2_profile;
     static THREAD_LOCAL PegCount peg_counts[];
 };
 

diff --git a/src/service_inspectors/http2_inspect/http2_stream_splitter.cc b/src/service_inspectors/http2_inspect/http2_stream_splitter.cc
index 12a180c03252a680edba043a11f0b78b56a005f4..6c4134c6af30df3242b119812f86c8081149c5a0 100644 (file)
--- a/src/service_inspectors/http2_inspect/http2_stream_splitter.cc
+++ b/src/service_inspectors/http2_inspect/http2_stream_splitter.cc
@@ -26,6 +26,7 @@
 #include "http2_stream_splitter.h"
 #include "http2_module.h"
 
+using namespace snort;
 using namespace Http2Enums;
 
 // Mindless scan() that just flushes whatever it is given

diff --git a/src/service_inspectors/http2_inspect/http2_stream_splitter.h b/src/service_inspectors/http2_inspect/http2_stream_splitter.h
index 5d9278be0c744a6b89fe77075b441f6883312a30..6ab6bcdf5c3ccc4e925b1b61084f07146ca64f87 100644 (file)
--- a/src/service_inspectors/http2_inspect/http2_stream_splitter.h
+++ b/src/service_inspectors/http2_inspect/http2_stream_splitter.h
@@ -27,28 +27,28 @@
 
 class Http2Inspect;
 
-class Http2StreamSplitter : public StreamSplitter
+class Http2StreamSplitter : public snort::StreamSplitter
 {
 public:
-    Http2StreamSplitter(bool is_client_to_server) : StreamSplitter(is_client_to_server),
+    Http2StreamSplitter(bool is_client_to_server) : snort::StreamSplitter(is_client_to_server),
         source_id(is_client_to_server ? Http2Enums::SRC_CLIENT : Http2Enums::SRC_SERVER) { }
-    Status scan(Flow* flow, const uint8_t* data, uint32_t length, uint32_t not_used,
+    Status scan(snort::Flow* flow, const uint8_t* data, uint32_t length, uint32_t not_used,
         uint32_t* flush_offset) override;
-    const StreamBuffer reassemble(Flow* flow, unsigned total, unsigned offset, const
+    const snort::StreamBuffer reassemble(snort::Flow* flow, unsigned total, unsigned offset, const
         uint8_t* data, unsigned len, uint32_t flags, unsigned& copied) override;
-    bool finish(Flow* flow) override;
+    bool finish(snort::Flow* flow) override;
     bool is_paf() override { return true; }
 
     // FIXIT-M should return actual packet buffer size
-    unsigned max(Flow*) override { return Http2Enums::MAX_OCTETS; }
+    unsigned max(snort::Flow*) override { return Http2Enums::MAX_OCTETS; }
 
 private:
     const Http2Enums::SourceId source_id;
 };
 
-StreamSplitter::Status implement_scan(Http2FlowData* session_data, const uint8_t* data,
+snort::StreamSplitter::Status implement_scan(Http2FlowData* session_data, const uint8_t* data,
     uint32_t length, uint32_t* flush_offset, Http2Enums::SourceId source_id);
-const StreamBuffer implement_reassemble(Http2FlowData* session_data, unsigned total,
+const snort::StreamBuffer implement_reassemble(Http2FlowData* session_data, unsigned total,
     unsigned offset, const uint8_t* data, unsigned len, uint32_t flags, unsigned& copied,
     Http2Enums::SourceId source_id);
 

diff --git a/src/service_inspectors/http2_inspect/http2_stream_splitter_impl.cc b/src/service_inspectors/http2_inspect/http2_stream_splitter_impl.cc
index cb455a61e061aecaba6fb346ab83c99dd589987e..afba52e285ac6c40a8dc4a78f5d5e53306fc3647 100644 (file)
--- a/src/service_inspectors/http2_inspect/http2_stream_splitter_impl.cc
+++ b/src/service_inspectors/http2_inspect/http2_stream_splitter_impl.cc
@@ -27,6 +27,7 @@
 #include "protocols/packet.h"
 #include "http2_flow_data.h"
 
+using namespace snort;
 using namespace Http2Enums;
 
 StreamSplitter::Status implement_scan(Http2FlowData* session_data, const uint8_t* data,

diff --git a/src/service_inspectors/http2_inspect/http2_tables.cc b/src/service_inspectors/http2_inspect/http2_tables.cc
index 3705c450466f69355ac43b01e6742a1fcf0abf30..7a1bff4f738e471eceadecd551d330a78192ce3b 100644 (file)
--- a/src/service_inspectors/http2_inspect/http2_tables.cc
+++ b/src/service_inspectors/http2_inspect/http2_tables.cc
@@ -28,7 +28,7 @@
 
 using namespace Http2Enums;
 
-const RuleMap Http2Module::http2_events[] =
+const snort::RuleMap Http2Module::http2_events[] =
 {
     { 0, nullptr }
 };

diff --git a/src/service_inspectors/http2_inspect/ips_http2.cc b/src/service_inspectors/http2_inspect/ips_http2.cc
index b2d9ac327014cac77c473ba97886ca5a08d9a518..c37a8801a6479117a5b78d413f7debe97eed50b4 100644 (file)
--- a/src/service_inspectors/http2_inspect/ips_http2.cc
+++ b/src/service_inspectors/http2_inspect/ips_http2.cc
@@ -29,6 +29,7 @@
 #include "http2_flow_data.h"
 #include "http2_inspect.h"
 
+using namespace snort;
 using namespace Http2Enums;
 
 THREAD_LOCAL std::array<ProfileStats, PSI_MAX> Http2CursorModule::http2_ps;

diff --git a/src/service_inspectors/http2_inspect/ips_http2.h b/src/service_inspectors/http2_inspect/ips_http2.h
index c10fbaa99fe107801df797830090242d8b4dc9e7..e40cb6172d4543b6d070bb359958cd6b9b0010a7 100644 (file)
--- a/src/service_inspectors/http2_inspect/ips_http2.h
+++ b/src/service_inspectors/http2_inspect/ips_http2.h
@@ -30,24 +30,24 @@
 
 enum PsIdx { PSI_FRAME_DATA, PSI_FRAME_HEADER, PSI_MAX };
 
-class Http2CursorModule : public Module
+class Http2CursorModule : public snort::Module
 {
 public:
     Http2CursorModule(const char* key_, const char* help, Http2Enums::HTTP2_BUFFER buffer_index_,
-        CursorActionType cat_, PsIdx psi_) : Module(key_, help), key(key_),
+        snort::CursorActionType cat_, PsIdx psi_) : snort::Module(key_, help), key(key_),
         buffer_index(buffer_index_), cat(cat_), psi(psi_) {}
-    ProfileStats* get_profile() const override { return &http2_ps[psi]; }
-    static void mod_dtor(Module* m) { delete m; }
-    bool begin(const char*, int, SnortConfig*) override;
-    bool set(const char*, Value&, SnortConfig*) override;
-    bool end(const char*, int, SnortConfig*) override;
+    snort::ProfileStats* get_profile() const override { return &http2_ps[psi]; }
+    static void mod_dtor(snort::Module* m) { delete m; }
+    bool begin(const char*, int, snort::SnortConfig*) override;
+    bool set(const char*, snort::Value&, snort::SnortConfig*) override;
+    bool end(const char*, int, snort::SnortConfig*) override;
 
     Usage get_usage() const override
     { return DETECT; }
 
 private:
     friend class Http2IpsOption;
-    static THREAD_LOCAL std::array<ProfileStats, PsIdx::PSI_MAX> http2_ps;
+    static THREAD_LOCAL std::array<snort::ProfileStats, PsIdx::PSI_MAX> http2_ps;
 
     struct Http2RuleParaList
     {
@@ -57,29 +57,29 @@ private:
 
     const char* const key;
     const Http2Enums::HTTP2_BUFFER buffer_index;
-    const CursorActionType cat;
+    const snort::CursorActionType cat;
     const PsIdx psi;
 
     Http2RuleParaList para_list;
 };
 
-class Http2IpsOption : public IpsOption
+class Http2IpsOption : public snort::IpsOption
 {
 public:
     Http2IpsOption(const Http2CursorModule* cm) :
-        IpsOption(cm->key, RULE_OPTION_TYPE_BUFFER_SET), key(cm->key),
+        snort::IpsOption(cm->key, RULE_OPTION_TYPE_BUFFER_SET), key(cm->key),
         buffer_index(cm->buffer_index), cat(cm->cat), psi(cm->psi) {}
-    CursorActionType get_cursor_type() const override { return cat; }
-    EvalStatus eval(Cursor&, Packet*) override;
+    snort::CursorActionType get_cursor_type() const override { return cat; }
+    EvalStatus eval(Cursor&, snort::Packet*) override;
     uint32_t hash() const override;
-    bool operator==(const IpsOption& ips) const override;
-    static IpsOption* opt_ctor(Module* m, OptTreeNode*)
+    bool operator==(const snort::IpsOption& ips) const override;
+    static snort::IpsOption* opt_ctor(snort::Module* m, OptTreeNode*)
         { return new Http2IpsOption((Http2CursorModule*)m); }
     static void opt_dtor(IpsOption* p) { delete p; }
 private:
     const char* const key;
     const Http2Enums::HTTP2_BUFFER buffer_index;
-    const CursorActionType cat;
+    const snort::CursorActionType cat;
     const PsIdx psi;
 };
 

diff --git a/src/service_inspectors/http2_inspect/test/http2_flow_data_test.h b/src/service_inspectors/http2_inspect/test/http2_flow_data_test.h
index 8b6687e6457ea94a775facc71358adb07a6d75f8..b1ebcd47e7f9c3869094067060f078a0a60bc0d9 100644 (file)
--- a/src/service_inspectors/http2_inspect/test/http2_flow_data_test.h
+++ b/src/service_inspectors/http2_inspect/test/http2_flow_data_test.h
@@ -26,9 +26,9 @@
 #include "service_inspectors/http2_inspect/http2_module.h"
 
 // Stubs whose sole purpose is to make the test code link
-FlowData::FlowData(unsigned u, Inspector* ph) : next(nullptr), prev(nullptr), handler(ph), id(u) {}
-FlowData::~FlowData() {}
-unsigned FlowData::flow_data_id = 0;
+snort::FlowData::FlowData(unsigned u, Inspector* ph) : next(nullptr), prev(nullptr), handler(ph), id(u) {}
+snort::FlowData::~FlowData() {}
+unsigned snort::FlowData::flow_data_id = 0;
 void show_stats(PegCount*, const PegInfo*, unsigned, const char*) { }
 void show_stats(PegCount*, const PegInfo*, IndexVec&, const char*, FILE*) { }
 void show_stats(SimpleStats*, const char*) { }

diff --git a/src/service_inspectors/http2_inspect/test/http2_inspect_impl_test.cc b/src/service_inspectors/http2_inspect/test/http2_inspect_impl_test.cc
index e94c9aba17d3086caccee98bd5d6f1a47f2780f7..5f86ba070f7412fe7ccc5b2aae4b41b6bd7c6084 100644 (file)
--- a/src/service_inspectors/http2_inspect/test/http2_inspect_impl_test.cc
+++ b/src/service_inspectors/http2_inspect/test/http2_inspect_impl_test.cc
@@ -34,6 +34,7 @@
 #include <CppUTest/TestHarness.h>
 #include <CppUTestExt/MockSupport.h>
 
+using namespace snort;
 using namespace Http2Enums;
 
 TEST_GROUP(http2_get_buf_test)

diff --git a/src/service_inspectors/http2_inspect/test/http2_stream_splitter_impl_test.cc b/src/service_inspectors/http2_inspect/test/http2_stream_splitter_impl_test.cc
index ceec7e4670bdcf23cd66328456c016b082bd6710..db05f9b6d59c510400c14dbaca7f2f7f34e8d87a 100644 (file)
--- a/src/service_inspectors/http2_inspect/test/http2_stream_splitter_impl_test.cc
+++ b/src/service_inspectors/http2_inspect/test/http2_stream_splitter_impl_test.cc
@@ -34,6 +34,7 @@
 #include <CppUTest/TestHarness.h>
 #include <CppUTestExt/MockSupport.h>
 
+using namespace snort;
 using namespace Http2Enums;
 
 TEST_GROUP(http2_scan_test)

diff --git a/src/service_inspectors/http_inspect/http_api.cc b/src/service_inspectors/http_inspect/http_api.cc
index ef746a9a17d82f6d9adac12dbf628243d03a32df..87ea17d61672b885400971fbfd7835336f01b812 100644 (file)
--- a/src/service_inspectors/http_inspect/http_api.cc
+++ b/src/service_inspectors/http_inspect/http_api.cc
@@ -25,6 +25,8 @@
 
 #include "http_inspect.h"
 
+using namespace snort;
+
 const char* HttpApi::http_my_name = HTTP_NAME;
 const char* HttpApi::http_help = "the new HTTP inspector!";
 

diff --git a/src/service_inspectors/http_inspect/http_api.h b/src/service_inspectors/http_inspect/http_api.h
index ad41465acae112e827b22bd1efa7fb7c4a3578b3..20d6f73cec56f13387998f0c22c889439afc63ac 100644 (file)
--- a/src/service_inspectors/http_inspect/http_api.h
+++ b/src/service_inspectors/http_inspect/http_api.h
@@ -29,19 +29,19 @@
 class HttpApi
 {
 public:
-    static const InspectApi http_api;
+    static const snort::InspectApi http_api;
     static const char* classic_buffer_names[];
 
 private:
     HttpApi() = delete;
-    static Module* http_mod_ctor() { return new HttpModule; }
-    static void http_mod_dtor(Module* m) { delete m; }
+    static snort::Module* http_mod_ctor() { return new HttpModule; }
+    static void http_mod_dtor(snort::Module* m) { delete m; }
     static const char* http_my_name;
     static const char* http_help;
     static void http_init() { HttpFlowData::init(); }
     static void http_term() { }
-    static Inspector* http_ctor(Module* mod);
-    static void http_dtor(Inspector* p) { delete p; }
+    static snort::Inspector* http_ctor(snort::Module* mod);
+    static void http_dtor(snort::Inspector* p) { delete p; }
     static void http_tinit() { }
     static void http_tterm() { }
 };

diff --git a/src/service_inspectors/http_inspect/http_event_gen.h b/src/service_inspectors/http_inspect/http_event_gen.h
index 9c1e6b0240cc2ec57161774930935f8afa45624b..168813683fac40b69e52947d952ccc7d65b15dcf 100644 (file)
--- a/src/service_inspectors/http_inspect/http_event_gen.h
+++ b/src/service_inspectors/http_inspect/http_event_gen.h
@@ -45,7 +45,7 @@ public:
         assert((sid > 0) && (sid <= MAX));
         if (!events_generated[sid-1])
         {
-            DetectionEngine::queue_event(HttpEnums::HTTP_GID, (uint32_t)sid);
+            snort::DetectionEngine::queue_event(HttpEnums::HTTP_GID, (uint32_t)sid);
             events_generated[sid-1] = true;
         }
     }

diff --git a/src/service_inspectors/http_inspect/http_flow_data.h b/src/service_inspectors/http_inspect/http_flow_data.h
index f9126cda3c4911f366b247b7edb1b84e5e6bf100..dde8cbc3b76cf38cf91791c67b0d56acccc213f9 100644 (file)
--- a/src/service_inspectors/http_inspect/http_flow_data.h
+++ b/src/service_inspectors/http_inspect/http_flow_data.h
@@ -37,13 +37,13 @@ class HttpTransaction;
 class HttpJsNorm;
 class HttpMsgSection;
 
-class HttpFlowData : public FlowData
+class HttpFlowData : public snort::FlowData
 {
 public:
     HttpFlowData();
     ~HttpFlowData() override;
     static unsigned inspector_id;
-    static void init() { inspector_id = FlowData::create_flow_data_id(); }
+    static void init() { inspector_id = snort::FlowData::create_flow_data_id(); }
 
     friend class HttpInspect;
     friend class HttpMsgSection;
@@ -130,7 +130,7 @@ private:
         HttpEnums::STAT_NOT_PRESENT };
     int64_t detect_depth_remaining[2] = { HttpEnums::STAT_NOT_PRESENT,
         HttpEnums::STAT_NOT_PRESENT };
-    MimeSession* mime_state[2] = { nullptr, nullptr };
+    snort::MimeSession* mime_state[2] = { nullptr, nullptr };
     UtfDecodeSession* utf_state = nullptr; // SRC_SERVER only
     fd_session_t* fd_state = nullptr; // SRC_SERVER only
     struct FdCallbackContext

diff --git a/src/service_inspectors/http_inspect/http_inspect.cc b/src/service_inspectors/http_inspect/http_inspect.cc
index cd1c553c4879961d478b31823252bd178d8a5102..ac22079d1f1749cc66cf4321608bc2fbc759a313 100644 (file)
--- a/src/service_inspectors/http_inspect/http_inspect.cc
+++ b/src/service_inspectors/http_inspect/http_inspect.cc
@@ -40,6 +40,7 @@
 #include "http_msg_trailer.h"
 #include "http_test_manager.h"
 
+using namespace snort;
 using namespace HttpEnums;
 
 uint32_t HttpInspect::xtra_trueip_id;

diff --git a/src/service_inspectors/http_inspect/http_inspect.h b/src/service_inspectors/http_inspect/http_inspect.h
index b5f4fdfc3d0f80bdf3bff5e368aba68cd3f41abf..69250ba52c4748d508211710a8e62959f559953c 100644 (file)
--- a/src/service_inspectors/http_inspect/http_inspect.h
+++ b/src/service_inspectors/http_inspect/http_inspect.h
@@ -33,42 +33,43 @@
 
 class HttpApi;
 
-class HttpInspect : public Inspector
+class HttpInspect : public snort::Inspector
 {
 public:
     HttpInspect(const HttpParaList* params_);
     ~HttpInspect() override { delete params; }
 
-    bool get_buf(InspectionBuffer::Type ibt, Packet* p, InspectionBuffer& b) override;
-    bool get_buf(unsigned id, Packet* p, InspectionBuffer& b) override;
-    bool http_get_buf(
-        unsigned id, uint64_t sub_id, uint64_t form, Packet* p, InspectionBuffer& b);
-    bool get_fp_buf(InspectionBuffer::Type ibt, Packet* p, InspectionBuffer& b) override;
-    bool configure(SnortConfig*) override;
-    void show(SnortConfig*) override { LogMessage("HttpInspect\n"); }
-    void eval(Packet* p) override;
-    void clear(Packet* p) override;
+    bool get_buf(snort::InspectionBuffer::Type ibt, snort::Packet* p,
+        snort::InspectionBuffer& b) override;
+    bool get_buf(unsigned id, snort::Packet* p, snort::InspectionBuffer& b) override;
+    bool http_get_buf(unsigned id, uint64_t sub_id, uint64_t form, snort::Packet* p,
+        snort::InspectionBuffer& b);
+    bool get_fp_buf(snort::InspectionBuffer::Type ibt, snort::Packet* p, snort::InspectionBuffer& b) override;
+    bool configure(snort::SnortConfig*) override;
+    void show(snort::SnortConfig*) override { LogMessage("HttpInspect\n"); }
+    void eval(snort::Packet* p) override;
+    void clear(snort::Packet* p) override;
     void tinit() override { }
     void tterm() override { }
     HttpStreamSplitter* get_splitter(bool is_client_to_server) override
     {
         return new HttpStreamSplitter(is_client_to_server, this);
     }
-    static HttpEnums::InspectSection get_latest_is(const Packet* p);
+    static HttpEnums::InspectSection get_latest_is(const snort::Packet* p);
 
     // Callbacks that provide "extra data"
-    static int get_xtra_trueip(Flow*, uint8_t**, uint32_t*, uint32_t*);
-    static int get_xtra_uri(Flow*, uint8_t**, uint32_t*, uint32_t*);
-    static int get_xtra_host(Flow*, uint8_t** buf, uint32_t* len, uint32_t* type);
-    static int get_xtra_jsnorm(Flow*, uint8_t**, uint32_t*, uint32_t*);
+    static int get_xtra_trueip(snort::Flow*, uint8_t**, uint32_t*, uint32_t*);
+    static int get_xtra_uri(snort::Flow*, uint8_t**, uint32_t*, uint32_t*);
+    static int get_xtra_host(snort::Flow*, uint8_t** buf, uint32_t* len, uint32_t* type);
+    static int get_xtra_jsnorm(snort::Flow*, uint8_t**, uint32_t*, uint32_t*);
 
 private:
     friend HttpApi;
     friend HttpStreamSplitter;
 
-    bool process(const uint8_t* data, const uint16_t dsize, Flow* const flow,
+    bool process(const uint8_t* data, const uint16_t dsize, snort::Flow* const flow,
         HttpEnums::SourceId source_id_, bool buf_owner) const;
-    static HttpEnums::SourceId get_latest_src(const Packet* p);
+    static HttpEnums::SourceId get_latest_src(const snort::Packet* p);
 
     const HttpParaList* const params;
 

diff --git a/src/service_inspectors/http_inspect/http_js_norm.cc b/src/service_inspectors/http_inspect/http_js_norm.cc
index e22191192de5f3eb7f560df3dc278617ba456f59..787d8bfe31d4a6dbe0a9bec92c3869fe6c7de7ec 100644 (file)
--- a/src/service_inspectors/http_inspect/http_js_norm.cc
+++ b/src/service_inspectors/http_inspect/http_js_norm.cc
@@ -43,8 +43,8 @@ void HttpJsNorm::configure()
     if ( javascript_search_mpse || htmltype_search_mpse )
         return;
 
-    javascript_search_mpse = new SearchTool;
-    htmltype_search_mpse = new SearchTool;
+    javascript_search_mpse = new snort::SearchTool;
+    htmltype_search_mpse = new snort::SearchTool;
 
     javascript_search_mpse->add(script_start, script_start_length, JS_JAVASCRIPT);
     javascript_search_mpse->prep();

diff --git a/src/service_inspectors/http_inspect/http_js_norm.h b/src/service_inspectors/http_inspect/http_js_norm.h
index b91ece7eca63ae244abf46450525294983a2b5ae..5c497d7742006ee2b375896923c8bc8955c82070 100644 (file)
--- a/src/service_inspectors/http_inspect/http_js_norm.h
+++ b/src/service_inspectors/http_inspect/http_js_norm.h
@@ -51,8 +51,8 @@ private:
     const int max_javascript_whitespaces;
     const HttpParaList::UriParam& uri_param;
 
-    SearchTool* javascript_search_mpse;
-    SearchTool* htmltype_search_mpse;
+    snort::SearchTool* javascript_search_mpse;
+    snort::SearchTool* htmltype_search_mpse;
 
     static int search_js_found(void*, void*, int index, void*, void*);
     static int search_html_found(void* id, void*, int, void*, void*);

diff --git a/src/service_inspectors/http_inspect/http_module.cc b/src/service_inspectors/http_inspect/http_module.cc
index ba21848b27e4cf1892abb541cbc52a20d238a7e8..220fb3715a935445b1dceaa575de779ef97aeeeb 100644 (file)
--- a/src/service_inspectors/http_inspect/http_module.cc
+++ b/src/service_inspectors/http_inspect/http_module.cc
@@ -28,6 +28,7 @@
 #include "http_js_norm.h"
 #include "http_uri_norm.h"
 
+using namespace snort;
 using namespace HttpEnums;
 
 const Parameter HttpModule::http_params[] =

diff --git a/src/service_inspectors/http_inspect/http_module.h b/src/service_inspectors/http_inspect/http_module.h
index 440342d06958846d800aa46c1749c196dbb4fb04..d66118d44668f79000fe7d02b531b09c5f4928fb 100644 (file)
--- a/src/service_inspectors/http_inspect/http_module.h
+++ b/src/service_inspectors/http_inspect/http_module.h
@@ -85,16 +85,16 @@ public:
 #endif
 };
 
-class HttpModule : public Module
+class HttpModule : public snort::Module
 {
 public:
     HttpModule() : Module(HTTP_NAME, HTTP_HELP, http_params) { }
     ~HttpModule() override { delete params; }
-    bool begin(const char*, int, SnortConfig*) override;
-    bool end(const char*, int, SnortConfig*) override;
-    bool set(const char*, Value&, SnortConfig*) override;
+    bool begin(const char*, int, snort::SnortConfig*) override;
+    bool end(const char*, int, snort::SnortConfig*) override;
+    bool set(const char*, snort::Value&, snort::SnortConfig*) override;
     unsigned get_gid() const override { return HttpEnums::HTTP_GID; }
-    const RuleMap* get_rules() const override { return http_events; }
+    const snort::RuleMap* get_rules() const override { return http_events; }
     const HttpParaList* get_once_params()
     {
         HttpParaList* ret_val = params;
@@ -111,9 +111,9 @@ public:
     static PegCount get_peg_counts(HttpEnums::PEG_COUNT counter)
         { return peg_counts[counter]; }
 
-    ProfileStats* get_profile() const override;
+    snort::ProfileStats* get_profile() const override;
 
-    static ProfileStats& get_profile_stats()
+    static snort::ProfileStats& get_profile_stats()
     { return http_profile; }
 
     Usage get_usage() const override
@@ -129,11 +129,11 @@ public:
 #endif
 
 private:
-    static const Parameter http_params[];
-    static const RuleMap http_events[];
+    static const snort::Parameter http_params[];
+    static const snort::RuleMap http_events[];
     HttpParaList* params = nullptr;
     static const PegInfo peg_names[];
-    static THREAD_LOCAL ProfileStats http_profile;
+    static THREAD_LOCAL snort::ProfileStats http_profile;
     static THREAD_LOCAL PegCount peg_counts[];
 };
 

diff --git a/src/service_inspectors/http_inspect/http_msg_body.cc b/src/service_inspectors/http_inspect/http_msg_body.cc
index 15d56d10f9c23f54c8c9d7c98b4e30ac6919429e..9d3b3c7d638e67e22dc76220d2ecb949cfbb1134 100644 (file)
--- a/src/service_inspectors/http_inspect/http_msg_body.cc
+++ b/src/service_inspectors/http_inspect/http_msg_body.cc
@@ -32,7 +32,7 @@
 using namespace HttpEnums;
 
 HttpMsgBody::HttpMsgBody(const uint8_t* buffer, const uint16_t buf_size,
-    HttpFlowData* session_data_, SourceId source_id_, bool buf_owner, Flow* flow_,
+    HttpFlowData* session_data_, SourceId source_id_, bool buf_owner, snort::Flow* flow_,
     const HttpParaList* params_) :
     HttpMsgSection(buffer, buf_size, session_data_, source_id_, buf_owner, flow_, params_),
     body_octets(session_data->body_octets[source_id]),
@@ -54,8 +54,8 @@ void HttpMsgBody::analyze()
             js_norm_body.length() : session_data->detect_depth_remaining[source_id];
         detect_data.set(detect_length, js_norm_body.start());
         session_data->detect_depth_remaining[source_id] -= detect_length;
-        set_file_data(
-            const_cast<uint8_t*>(detect_data.start()), (unsigned)detect_data.length());
+        snort::set_file_data(const_cast<uint8_t*>(detect_data.start()),
+            (unsigned)detect_data.length());
     }
 
     if (session_data->file_depth_remaining[source_id] > 0)
@@ -219,7 +219,7 @@ void HttpMsgBody::do_file_processing(Field& file_data)
 
     if (!session_data->mime_state[source_id])
     {
-        FileFlows* file_flows = FileFlows::get_file_flows(flow);
+        snort::FileFlows* file_flows = snort::FileFlows::get_file_flows(flow);
         const bool download = (source_id == SRC_SERVER);
 
         HttpMsgRequest* request = transaction->get_request();

diff --git a/src/service_inspectors/http_inspect/http_msg_body.h b/src/service_inspectors/http_inspect/http_msg_body.h
index 6fbb62fe42efa95794e491c986e01c747c5d7bc7..d2c5ffeb78593c568410b898772b0e66d8432e6e 100644 (file)
--- a/src/service_inspectors/http_inspect/http_msg_body.h
+++ b/src/service_inspectors/http_inspect/http_msg_body.h
@@ -40,7 +40,7 @@ public:
 
 protected:
     HttpMsgBody(const uint8_t* buffer, const uint16_t buf_size, HttpFlowData* session_data_,
-        HttpEnums::SourceId source_id_, bool buf_owner, Flow* flow_,
+        HttpEnums::SourceId source_id_, bool buf_owner, snort::Flow* flow_,
         const HttpParaList* params_);
 
     int64_t body_octets;

diff --git a/src/service_inspectors/http_inspect/http_msg_body_chunk.h b/src/service_inspectors/http_inspect/http_msg_body_chunk.h
index 6ca4ecd2fc06135791e68d05303a138b2ea016b8..99c842c06bdb86bbd0dd0129c59819bb8d419e70 100644 (file)
--- a/src/service_inspectors/http_inspect/http_msg_body_chunk.h
+++ b/src/service_inspectors/http_inspect/http_msg_body_chunk.h
@@ -30,7 +30,7 @@ class HttpMsgBodyChunk : public HttpMsgBody
 {
 public:
     HttpMsgBodyChunk(const uint8_t* buffer, const uint16_t buf_size, HttpFlowData* session_data_,
-        HttpEnums::SourceId source_id_, bool buf_owner, Flow* flow_, const HttpParaList* params_)
+        HttpEnums::SourceId source_id_, bool buf_owner, snort::Flow* flow_, const HttpParaList* params_)
         : HttpMsgBody(buffer, buf_size, session_data_, source_id_, buf_owner, flow_, params_) {}
     void update_flow() override;
 

diff --git a/src/service_inspectors/http_inspect/http_msg_body_cl.h b/src/service_inspectors/http_inspect/http_msg_body_cl.h
index dbe20623d5375969351995f339c27742ae393c48..d8fead09ef4dd2c8f1778ef0dfbe083482d47dd3 100644 (file)
--- a/src/service_inspectors/http_inspect/http_msg_body_cl.h
+++ b/src/service_inspectors/http_inspect/http_msg_body_cl.h
@@ -32,7 +32,7 @@ class HttpMsgBodyCl : public HttpMsgBody
 {
 public:
     HttpMsgBodyCl(const uint8_t* buffer, const uint16_t buf_size, HttpFlowData* session_data_,
-        HttpEnums::SourceId source_id_, bool buf_owner, Flow* flow_, const HttpParaList* params_)
+        HttpEnums::SourceId source_id_, bool buf_owner, snort::Flow* flow_, const HttpParaList* params_)
         : HttpMsgBody(buffer, buf_size, session_data_, source_id_, buf_owner, flow_, params_),
         data_length(session_data->data_length[source_id]) {}
     void update_flow() override;

diff --git a/src/service_inspectors/http_inspect/http_msg_body_old.h b/src/service_inspectors/http_inspect/http_msg_body_old.h
index a1fa16ee8b1b02e3ab1572a974a3f8a818dfdb28..56d7811fedb7fe49ba3023287393c420d0a4fe6d 100644 (file)
--- a/src/service_inspectors/http_inspect/http_msg_body_old.h
+++ b/src/service_inspectors/http_inspect/http_msg_body_old.h
@@ -32,7 +32,7 @@ class HttpMsgBodyOld : public HttpMsgBody
 {
 public:
     HttpMsgBodyOld(const uint8_t* buffer, const uint16_t buf_size, HttpFlowData* session_data_,
-        HttpEnums::SourceId source_id_, bool buf_owner, Flow* flow_, const HttpParaList* params_)
+        HttpEnums::SourceId source_id_, bool buf_owner, snort::Flow* flow_, const HttpParaList* params_)
         : HttpMsgBody(buffer, buf_size, session_data_, source_id_, buf_owner, flow_, params_),
         data_length(session_data->data_length[source_id]) {}
     void update_flow() override;

diff --git a/src/service_inspectors/http_inspect/http_msg_head_shared.h b/src/service_inspectors/http_inspect/http_msg_head_shared.h
index 285166d46847af9da68538edd489434356cf64f4..762ccbb9076cafdfd8e34ff4dbac1d94cadb8d4e 100644 (file)
--- a/src/service_inspectors/http_inspect/http_msg_head_shared.h
+++ b/src/service_inspectors/http_inspect/http_msg_head_shared.h
@@ -52,7 +52,7 @@ public:
 
 protected:
     HttpMsgHeadShared(const uint8_t* buffer, const uint16_t buf_size,
-        HttpFlowData* session_data_, HttpEnums::SourceId source_id_, bool buf_owner, Flow* flow_,
+        HttpFlowData* session_data_, HttpEnums::SourceId source_id_, bool buf_owner, snort::Flow* flow_,
         const HttpParaList* params_)
         : HttpMsgSection(buffer, buf_size, session_data_, source_id_, buf_owner, flow_, params_)
         { }

diff --git a/src/service_inspectors/http_inspect/http_msg_header.cc b/src/service_inspectors/http_inspect/http_msg_header.cc
index 59e9b2a8f171cfce2bb6b8ca9b80298b8ca470bf..5ab32b6240e555fb4673544490ea4583c203a98c 100644 (file)
--- a/src/service_inspectors/http_inspect/http_msg_header.cc
+++ b/src/service_inspectors/http_inspect/http_msg_header.cc
@@ -32,6 +32,7 @@
 #include "pub_sub/http_events.h"
 #include "sfip/sf_ip.h"
 
+using namespace snort;
 using namespace HttpEnums;
 
 HttpMsgHeader::HttpMsgHeader(const uint8_t* buffer, const uint16_t buf_size,

diff --git a/src/service_inspectors/http_inspect/http_msg_header.h b/src/service_inspectors/http_inspect/http_msg_header.h
index 08de3654accaa70bb874949fd4506845c5c007b1..7265e1cafefaba2702906c5f0bb99aca44243885 100644 (file)
--- a/src/service_inspectors/http_inspect/http_msg_header.h
+++ b/src/service_inspectors/http_inspect/http_msg_header.h
@@ -34,7 +34,7 @@ class HttpMsgHeader : public HttpMsgHeadShared
 {
 public:
     HttpMsgHeader(const uint8_t* buffer, const uint16_t buf_size, HttpFlowData* session_data_,
-        HttpEnums::SourceId source_id_, bool buf_owner, Flow* flow_,
+        HttpEnums::SourceId source_id_, bool buf_owner, snort::Flow* flow_,
         const HttpParaList* params_);
     HttpEnums::InspectSection get_inspection_section() const override
         { return detection_section ? HttpEnums::IS_DETECTION : HttpEnums::IS_NONE; }

diff --git a/src/service_inspectors/http_inspect/http_msg_request.cc b/src/service_inspectors/http_inspect/http_msg_request.cc
index 2787acf46211ca7b8d299aab339ae9cd5aeb82ee..5a9c0049c8469f300f19fbc180934ceff9f1cb93 100644 (file)
--- a/src/service_inspectors/http_inspect/http_msg_request.cc
+++ b/src/service_inspectors/http_inspect/http_msg_request.cc
@@ -28,7 +28,7 @@
 using namespace HttpEnums;
 
 HttpMsgRequest::HttpMsgRequest(const uint8_t* buffer, const uint16_t buf_size,
-    HttpFlowData* session_data_, SourceId source_id_, bool buf_owner, Flow* flow_,
+    HttpFlowData* session_data_, SourceId source_id_, bool buf_owner, snort::Flow* flow_,
     const HttpParaList* params_) :
     HttpMsgStart(buffer, buf_size, session_data_, source_id_, buf_owner, flow_, params_)
 {

diff --git a/src/service_inspectors/http_inspect/http_msg_request.h b/src/service_inspectors/http_inspect/http_msg_request.h
index f8df900a48a921774b0862a26518bf03edbe5c1c..8f233c58e76fa7253c875892eb69428dbe3af217 100644 (file)
--- a/src/service_inspectors/http_inspect/http_msg_request.h
+++ b/src/service_inspectors/http_inspect/http_msg_request.h
@@ -34,7 +34,7 @@ class HttpMsgRequest : public HttpMsgStart
 {
 public:
     HttpMsgRequest(const uint8_t* buffer, const uint16_t buf_size, HttpFlowData* session_data_,
-        HttpEnums::SourceId source_id_, bool buf_owner, Flow* flow_,
+        HttpEnums::SourceId source_id_, bool buf_owner, snort::Flow* flow_,
         const HttpParaList* params_);
     ~HttpMsgRequest() override { delete uri; }
     void gen_events() override;

diff --git a/src/service_inspectors/http_inspect/http_msg_section.cc b/src/service_inspectors/http_inspect/http_msg_section.cc
index d328c9c6e589eccce317dcac050f88ba65001336..f8dda87a7e5ee59b7b4987ebb99146cbe3d20b5f 100644 (file)
--- a/src/service_inspectors/http_inspect/http_msg_section.cc
+++ b/src/service_inspectors/http_inspect/http_msg_section.cc
@@ -35,7 +35,7 @@
 using namespace HttpEnums;
 
 HttpMsgSection::HttpMsgSection(const uint8_t* buffer, const uint16_t buf_size,
-       HttpFlowData* session_data_, SourceId source_id_, bool buf_owner, Flow* flow_,
+       HttpFlowData* session_data_, SourceId source_id_, bool buf_owner, snort::Flow* flow_,
        const HttpParaList* params_) :
     msg_text(buf_size, buffer, buf_owner),
     session_data(session_data_),
@@ -92,7 +92,7 @@ void HttpMsgSection::update_depth() const
     {
     case CMP_NONE:
       {
-        unsigned max_pdu = SnortConfig::get_conf()->max_pdu;
+        unsigned max_pdu = snort::SnortConfig::get_conf()->max_pdu;
         session_data->section_size_target[source_id] = max_pdu + random_increment;
         session_data->section_size_max[source_id] = max_pdu + (max_pdu >> 1);
         break;

diff --git a/src/service_inspectors/http_inspect/http_msg_section.h b/src/service_inspectors/http_inspect/http_msg_section.h
index a3dcefe67bb04bfefe74b4c62c3a490693385c6c..4d221dd3f4d497246ddef86a39129cb88d62eb5a 100644 (file)
--- a/src/service_inspectors/http_inspect/http_msg_section.h
+++ b/src/service_inspectors/http_inspect/http_msg_section.h
@@ -70,14 +70,14 @@ public:
 
 protected:
     HttpMsgSection(const uint8_t* buffer, const uint16_t buf_size, HttpFlowData* session_data_,
-        HttpEnums::SourceId source_id_, bool buf_owner, Flow* flow_, const HttpParaList*
+        HttpEnums::SourceId source_id_, bool buf_owner, snort::Flow* flow_, const HttpParaList*
         params_);
 
     const Field msg_text;
 
     HttpFlowData* const session_data;
     const HttpEnums::SourceId source_id;
-    Flow* const flow;
+    snort::Flow* const flow;
     uint64_t trans_num;
     const HttpParaList* const params;
     HttpTransaction* const transaction;

diff --git a/src/service_inspectors/http_inspect/http_msg_start.h b/src/service_inspectors/http_inspect/http_msg_start.h
index 543d2efba6c68f0a604996c994558f828dcce644..5a1c89d892e1f3535dba8f712b5d78d9f5da18be 100644 (file)
--- a/src/service_inspectors/http_inspect/http_msg_start.h
+++ b/src/service_inspectors/http_inspect/http_msg_start.h
@@ -35,7 +35,8 @@ public:
 
 protected:
     HttpMsgStart(const uint8_t* buffer, const uint16_t buf_size, HttpFlowData* session_data_,
-        HttpEnums::SourceId source_id_, bool buf_owner, Flow* flow_, const HttpParaList* params_)
+        HttpEnums::SourceId source_id_, bool buf_owner, snort::Flow* flow_,
+        const HttpParaList* params_)
         : HttpMsgSection(buffer, buf_size, session_data_, source_id_, buf_owner, flow_, params_)
         { }
     virtual void parse_start_line() = 0;

diff --git a/src/service_inspectors/http_inspect/http_msg_status.cc b/src/service_inspectors/http_inspect/http_msg_status.cc
index 5bbbed27405b86b956fa1d92ce8060434b23b662..3bb5a5bff8b8fababa8c5c7afb769194dd48506e 100644 (file)
--- a/src/service_inspectors/http_inspect/http_msg_status.cc
+++ b/src/service_inspectors/http_inspect/http_msg_status.cc
@@ -30,7 +30,7 @@
 using namespace HttpEnums;
 
 HttpMsgStatus::HttpMsgStatus(const uint8_t* buffer, const uint16_t buf_size,
-    HttpFlowData* session_data_, SourceId source_id_, bool buf_owner, Flow* flow_,
+    HttpFlowData* session_data_, SourceId source_id_, bool buf_owner, snort::Flow* flow_,
     const HttpParaList* params_) :
     HttpMsgStart(buffer, buf_size, session_data_, source_id_, buf_owner, flow_, params_)
 {

diff --git a/src/service_inspectors/http_inspect/http_msg_status.h b/src/service_inspectors/http_inspect/http_msg_status.h
index 4577e4a8bbe67ee98ee9019ed5853706d0d0cd9b..5947cd0de26292d326b18d3d3c8ccc64d502b599 100644 (file)
--- a/src/service_inspectors/http_inspect/http_msg_status.h
+++ b/src/service_inspectors/http_inspect/http_msg_status.h
@@ -31,7 +31,7 @@ class HttpMsgStatus : public HttpMsgStart
 {
 public:
     HttpMsgStatus(const uint8_t* buffer, const uint16_t buf_size, HttpFlowData* session_data_,
-        HttpEnums::SourceId source_id_, bool buf_owner, Flow* flow_,
+        HttpEnums::SourceId source_id_, bool buf_owner, snort::Flow* flow_,
         const HttpParaList* params_);
     void gen_events() override;
     void update_flow() override;

diff --git a/src/service_inspectors/http_inspect/http_msg_trailer.cc b/src/service_inspectors/http_inspect/http_msg_trailer.cc
index accf808dd08cda13a96ab4d3d8318b257b8f4971..d711acc997bc45bf4f8c9a80f427c400d06f8171 100644 (file)
--- a/src/service_inspectors/http_inspect/http_msg_trailer.cc
+++ b/src/service_inspectors/http_inspect/http_msg_trailer.cc
@@ -28,7 +28,7 @@
 using namespace HttpEnums;
 
 HttpMsgTrailer::HttpMsgTrailer(const uint8_t* buffer, const uint16_t buf_size,
-    HttpFlowData* session_data_, SourceId source_id_, bool buf_owner, Flow* flow_,
+    HttpFlowData* session_data_, SourceId source_id_, bool buf_owner, snort::Flow* flow_,
     const HttpParaList* params_) :
     HttpMsgHeadShared(buffer, buf_size, session_data_, source_id_, buf_owner, flow_, params_)
 {

diff --git a/src/service_inspectors/http_inspect/http_msg_trailer.h b/src/service_inspectors/http_inspect/http_msg_trailer.h
index 8602892b7aa8006f7d5e1d53ec1106b0af535754..0878a5ec749f1cf2ec868a90e2c8e68cf54b3d0a 100644 (file)
--- a/src/service_inspectors/http_inspect/http_msg_trailer.h
+++ b/src/service_inspectors/http_inspect/http_msg_trailer.h
@@ -30,7 +30,7 @@ class HttpMsgTrailer : public HttpMsgHeadShared
 {
 public:
     HttpMsgTrailer(const uint8_t* buffer, const uint16_t buf_size, HttpFlowData* session_data_,
-        HttpEnums::SourceId source_id_, bool buf_owner, Flow* flow_,
+        HttpEnums::SourceId source_id_, bool buf_owner, snort::Flow* flow_,
         const HttpParaList* params_);
     HttpEnums::InspectSection get_inspection_section() const override
         { return HttpEnums::IS_TRAILER; }

diff --git a/src/service_inspectors/http_inspect/http_stream_splitter.h b/src/service_inspectors/http_inspect/http_stream_splitter.h
index 3f23eea911214e8b435533400d8645f528cdfcd0..c4b9c905f72923b1081b8ef508778db24e5dae7b 100644 (file)
--- a/src/service_inspectors/http_inspect/http_stream_splitter.h
+++ b/src/service_inspectors/http_inspect/http_stream_splitter.h
@@ -29,22 +29,22 @@
 
 class HttpInspect;
 
-class HttpStreamSplitter : public StreamSplitter
+class HttpStreamSplitter : public snort::StreamSplitter
 {
 public:
     HttpStreamSplitter(bool is_client_to_server, HttpInspect* my_inspector_) :
-        StreamSplitter(is_client_to_server),
+        snort::StreamSplitter(is_client_to_server),
         source_id(is_client_to_server ? HttpEnums::SRC_CLIENT : HttpEnums::SRC_SERVER),
         my_inspector(my_inspector_) { }
-    Status scan(Flow* flow, const uint8_t* data, uint32_t length, uint32_t not_used,
+    Status scan(snort::Flow* flow, const uint8_t* data, uint32_t length, uint32_t not_used,
         uint32_t* flush_offset) override;
-    const StreamBuffer reassemble(Flow* flow, unsigned total, unsigned, const
+    const snort::StreamBuffer reassemble(snort::Flow* flow, unsigned total, unsigned, const
         uint8_t* data, unsigned len, uint32_t flags, unsigned& copied) override;
-    bool finish(Flow* flow) override;
+    bool finish(snort::Flow* flow) override;
     bool is_paf() override { return true; }
 
     // FIXIT-M should return actual packet buffer size
-    unsigned max(Flow*) override { return HttpEnums::MAX_OCTETS; }
+    unsigned max(snort::Flow*) override { return HttpEnums::MAX_OCTETS; }
 
 private:
     void prepare_flush(HttpFlowData* session_data, uint32_t* flush_offset, HttpEnums::SectionType

diff --git a/src/service_inspectors/http_inspect/http_stream_splitter_finish.cc b/src/service_inspectors/http_inspect/http_stream_splitter_finish.cc
index a31b1aaef87e1a6dacc2f98190c4e5bdcdb85e11..990a4bb7cfeacb5d0d90f815b101aaf845235b2e 100644 (file)
--- a/src/service_inspectors/http_inspect/http_stream_splitter_finish.cc
+++ b/src/service_inspectors/http_inspect/http_stream_splitter_finish.cc
@@ -29,7 +29,7 @@
 
 using namespace HttpEnums;
 
-bool HttpStreamSplitter::finish(Flow* flow)
+bool HttpStreamSplitter::finish(snort::Flow* flow)
 {
     HttpFlowData* session_data = (HttpFlowData*)flow->get_flow_data(HttpFlowData::inspector_id);
     // FIXIT-M - this assert has been changed to check for null session data and return false if so
@@ -116,7 +116,7 @@ bool HttpStreamSplitter::finish(Flow* flow)
     {
         if (!session_data->mime_state[source_id])
         {
-            FileFlows* file_flows = FileFlows::get_file_flows(flow);
+            snort::FileFlows* file_flows = snort::FileFlows::get_file_flows(flow);
             const bool download = (source_id == SRC_SERVER);
 
             size_t file_index = 0;

diff --git a/src/service_inspectors/http_inspect/http_stream_splitter_reassemble.cc b/src/service_inspectors/http_inspect/http_stream_splitter_reassemble.cc
index 9a160381b16bdf003cf25862160f385cfb01515e..d869d9af9daf8d58fe02572e92dbcd28f822b52f 100644 (file)
--- a/src/service_inspectors/http_inspect/http_stream_splitter_reassemble.cc
+++ b/src/service_inspectors/http_inspect/http_stream_splitter_reassemble.cc
@@ -220,10 +220,10 @@ void HttpStreamSplitter::decompress_copy(uint8_t* buffer, uint32_t& offset, cons
     offset += length;
 }
 
-const StreamBuffer HttpStreamSplitter::reassemble(Flow* flow, unsigned total, unsigned,
+const snort::StreamBuffer HttpStreamSplitter::reassemble(snort::Flow* flow, unsigned total, unsigned,
     const uint8_t* data, unsigned len, uint32_t flags, unsigned& copied)
 {
-    StreamBuffer http_buf { nullptr, 0 };
+    snort::StreamBuffer http_buf { nullptr, 0 };
 
     copied = len;
 

diff --git a/src/service_inspectors/http_inspect/http_stream_splitter_scan.cc b/src/service_inspectors/http_inspect/http_stream_splitter_scan.cc
index 4862ba8d4b60dc48927a20ba2278577472830086..e20a6faac234431584963e6b15b7d8b4e9e84aad 100644 (file)
--- a/src/service_inspectors/http_inspect/http_stream_splitter_scan.cc
+++ b/src/service_inspectors/http_inspect/http_stream_splitter_scan.cc
@@ -25,6 +25,7 @@
 #include "http_stream_splitter.h"
 #include "http_test_input.h"
 
+using namespace snort;
 using namespace HttpEnums;
 
 // Convenience function. All housekeeping that must be done before we can return FLUSH to stream.

diff --git a/src/service_inspectors/http_inspect/http_tables.cc b/src/service_inspectors/http_inspect/http_tables.cc
index 9afbfb3563bb829b4968c6c7f8400d229f2dadda..abb1d6447e316c2cdea845c5c2752024bfdf7f08 100644 (file)
--- a/src/service_inspectors/http_inspect/http_tables.cc
+++ b/src/service_inspectors/http_inspect/http_tables.cc
@@ -277,7 +277,7 @@ const HeaderNormalizer* const HttpMsgHeadShared::header_norms[HEAD__MAX_VALUE] =
 #pragma clang diagnostic pop
 #endif
 
-const RuleMap HttpModule::http_events[] =
+const snort::RuleMap HttpModule::http_events[] =
 {
     { EVENT_ASCII,                      "ascii encoding" },
     { EVENT_DOUBLE_DECODE,              "double decoding attack" },

diff --git a/src/service_inspectors/http_inspect/ips_http.cc b/src/service_inspectors/http_inspect/ips_http.cc
index ec169881c5636029a14202e0af7e953e7b285b68..9e3bede393acbb7d741421ec50f7a348fdfd6906 100644 (file)
--- a/src/service_inspectors/http_inspect/ips_http.cc
+++ b/src/service_inspectors/http_inspect/ips_http.cc
@@ -32,6 +32,7 @@
 #include "http_inspect.h"
 #include "http_msg_head_shared.h"
 
+using namespace snort;
 using namespace HttpEnums;
 
 THREAD_LOCAL std::array<ProfileStats, PSI_MAX> HttpCursorModule::http_ps;

diff --git a/src/service_inspectors/http_inspect/ips_http.h b/src/service_inspectors/http_inspect/ips_http.h
index e4d488575463510f7a4970af2b71e325bd31bdcf..ca5e8c2c8842649a17024a4afed79b102f7c8a7c 100644 (file)
--- a/src/service_inspectors/http_inspect/ips_http.h
+++ b/src/service_inspectors/http_inspect/ips_http.h
@@ -32,27 +32,29 @@ enum PsIdx { PSI_CLIENT_BODY, PSI_COOKIE, PSI_HEADER, PSI_METHOD, PSI_RAW_BODY,
     PSI_RAW_HEADER, PSI_RAW_REQUEST, PSI_RAW_STATUS, PSI_RAW_TRAILER, PSI_RAW_URI, PSI_STAT_CODE,
     PSI_STAT_MSG, PSI_TRAILER, PSI_TRUE_IP, PSI_URI, PSI_VERSION, PSI_MAX };
 
-class HttpCursorModule : public Module
+class HttpCursorModule : public snort::Module
 {
 public:
     HttpCursorModule(const char* key_, const char* help, HttpEnums::HTTP_BUFFER buffer_index_,
-        CursorActionType cat_, PsIdx psi_) : Module(key_, help), key(key_),
-        buffer_index(buffer_index_), cat(cat_), psi(psi_) {}
+        snort::CursorActionType cat_, PsIdx psi_)
+        : snort::Module(key_, help), key(key_), buffer_index(buffer_index_),
+          cat(cat_), psi(psi_) {}
     HttpCursorModule(const char* key_, const char* help, HttpEnums::HTTP_BUFFER buffer_index_,
-        CursorActionType cat_, PsIdx psi_, const Parameter params[]) : Module(key_, help, params),
-        key(key_), buffer_index(buffer_index_), cat(cat_), psi(psi_) {}
-    ProfileStats* get_profile() const override { return &http_ps[psi]; }
-    static void mod_dtor(Module* m) { delete m; }
-    bool begin(const char*, int, SnortConfig*) override;
-    bool set(const char*, Value&, SnortConfig*) override;
-    bool end(const char*, int, SnortConfig*) override;
+        snort::CursorActionType cat_, PsIdx psi_, const snort::Parameter params[])
+        : snort::Module(key_, help, params), key(key_), buffer_index(buffer_index_),
+          cat(cat_), psi(psi_) {}
+    snort::ProfileStats* get_profile() const override { return &http_ps[psi]; }
+    static void mod_dtor(snort::Module* m) { delete m; }
+    bool begin(const char*, int, snort::SnortConfig*) override;
+    bool set(const char*, snort::Value&, snort::SnortConfig*) override;
+    bool end(const char*, int, snort::SnortConfig*) override;
 
     Usage get_usage() const override
     { return DETECT; }
 
 private:
     friend class HttpIpsOption;
-    static THREAD_LOCAL std::array<ProfileStats, PsIdx::PSI_MAX> http_ps;
+    static THREAD_LOCAL std::array<snort::ProfileStats, PsIdx::PSI_MAX> http_ps;
 
     struct HttpRuleParaList
     {
@@ -74,7 +76,7 @@ private:
 
     const char* const key;
     const HttpEnums::HTTP_BUFFER buffer_index;
-    const CursorActionType cat;
+    const snort::CursorActionType cat;
     const PsIdx psi;
 
     HttpRuleParaList para_list;
@@ -83,24 +85,24 @@ private:
     uint64_t form;
 };
 
-class HttpIpsOption : public IpsOption
+class HttpIpsOption : public snort::IpsOption
 {
 public:
     HttpIpsOption(const HttpCursorModule* cm) :
-        IpsOption(cm->key, RULE_OPTION_TYPE_BUFFER_SET), key(cm->key),
+        snort::IpsOption(cm->key, RULE_OPTION_TYPE_BUFFER_SET), key(cm->key),
         buffer_index(cm->buffer_index), cat(cm->cat), psi(cm->psi),
         inspect_section(cm->inspect_section), sub_id(cm->sub_id), form(cm->form) {}
-    CursorActionType get_cursor_type() const override { return cat; }
-    EvalStatus eval(Cursor&, Packet*) override;
+    snort::CursorActionType get_cursor_type() const override { return cat; }
+    EvalStatus eval(Cursor&, snort::Packet*) override;
     uint32_t hash() const override;
-    bool operator==(const IpsOption& ips) const override;
-    static IpsOption* opt_ctor(Module* m, OptTreeNode*)
+    bool operator==(const snort::IpsOption& ips) const override;
+    static IpsOption* opt_ctor(snort::Module* m, OptTreeNode*)
         { return new HttpIpsOption((HttpCursorModule*)m); }
-    static void opt_dtor(IpsOption* p) { delete p; }
+    static void opt_dtor(snort::IpsOption* p) { delete p; }
 private:
     const char* const key;
     const HttpEnums::HTTP_BUFFER buffer_index;
-    const CursorActionType cat;
+    const snort::CursorActionType cat;
     const PsIdx psi;
     const HttpEnums::InspectSection inspect_section;
     const uint64_t sub_id;

diff --git a/src/service_inspectors/http_inspect/test/http_module_test.cc b/src/service_inspectors/http_inspect/test/http_module_test.cc
index d8a4b0af1282f2b2f302ecca98870bbe7d978a63..3a76f46329eefc17f2d2c132e5caddedf8b3c279 100644 (file)
--- a/src/service_inspectors/http_inspect/test/http_module_test.cc
+++ b/src/service_inspectors/http_inspect/test/http_module_test.cc
@@ -34,6 +34,7 @@
 #include <CppUTest/TestHarness.h>
 #include <CppUTestExt/MockSupport.h>
 
+using namespace snort;
 using namespace HttpEnums;
 
 // Stubs whose sole purpose is to make the test code link

diff --git a/src/service_inspectors/http_inspect/test/http_msg_head_shared_util_test.cc b/src/service_inspectors/http_inspect/test/http_msg_head_shared_util_test.cc
index 17f44c28a91e419d5fa21b896248fab0afcf88d2..c3572487b8bab8ecd436b8259188e6d6b4919878 100644 (file)
--- a/src/service_inspectors/http_inspect/test/http_msg_head_shared_util_test.cc
+++ b/src/service_inspectors/http_inspect/test/http_msg_head_shared_util_test.cc
@@ -32,6 +32,8 @@
 #include <CppUTest/TestHarness.h>
 #include <CppUTestExt/MockSupport.h>
 
+using namespace snort;
+
 // Stubs whose sole purpose is to make the test code link
 long HttpTestManager::print_amount {};
 bool HttpTestManager::print_hex {};

diff --git a/src/service_inspectors/http_inspect/test/http_normalizers_test.cc b/src/service_inspectors/http_inspect/test/http_normalizers_test.cc
index 07b157e9d2273e8daf76260f290ce7af18ca8777..f39fe605491b9c35f8ae097a337f28c046b4149c 100644 (file)
--- a/src/service_inspectors/http_inspect/test/http_normalizers_test.cc
+++ b/src/service_inspectors/http_inspect/test/http_normalizers_test.cc
@@ -31,6 +31,7 @@
 #include <CppUTest/TestHarness.h>
 #include <CppUTestExt/MockSupport.h>
 
+using namespace snort;
 using namespace HttpEnums;
 
 // Stubs whose sole purpose is to make the test code link

diff --git a/src/service_inspectors/http_inspect/test/http_transaction_test.cc b/src/service_inspectors/http_inspect/test/http_transaction_test.cc
index 24cd375e4f57bc3f08b602a8ba52ab0b54945fef..c50c8d90aab1992c9cc4d62b28a80bad3b26b36a 100644 (file)
--- a/src/service_inspectors/http_inspect/test/http_transaction_test.cc
+++ b/src/service_inspectors/http_inspect/test/http_transaction_test.cc
@@ -32,6 +32,7 @@
 #include <CppUTest/TestHarness.h>
 #include <CppUTestExt/MockSupport.h>
 
+using namespace snort;
 using namespace HttpEnums;
 
 // Stubs whose sole purpose is to make the test code link

diff --git a/src/service_inspectors/http_inspect/test/http_uri_norm_test.cc b/src/service_inspectors/http_inspect/test/http_uri_norm_test.cc
index f4ab0d81e36a3958177a9362335c5073e0e188f0..ed00b1d1ee1c283e76ef5bf2053d18a42835cc73 100644 (file)
--- a/src/service_inspectors/http_inspect/test/http_uri_norm_test.cc
+++ b/src/service_inspectors/http_inspect/test/http_uri_norm_test.cc
@@ -31,6 +31,8 @@
 #include <CppUTest/TestHarness.h>
 #include <CppUTestExt/MockSupport.h>
 
+using namespace snort;
+
 // Stubs whose sole purpose is to make the test code link
 void ParseWarning(WarningGroup, const char*, ...) {}
 void ParseError(const char*, ...) {}

diff --git a/src/service_inspectors/imap/imap.cc b/src/service_inspectors/imap/imap.cc
index 20f085f8b4325c9411d20b21c74678f96191d102..72afc0c7f09627a114116d5cae18872ae837be67 100644 (file)
--- a/src/service_inspectors/imap/imap.cc
+++ b/src/service_inspectors/imap/imap.cc
@@ -37,6 +37,8 @@
 #include "imap_module.h"
 #include "imap_paf.h"
 
+using namespace snort;
+
 THREAD_LOCAL ProfileStats imapPerfStats;
 THREAD_LOCAL ImapStats imapstats;
 

diff --git a/src/service_inspectors/imap/imap.h b/src/service_inspectors/imap/imap.h
index 9f38c55971eef91a3c3c461940c095f8c6264627..ca680e93814da65b895560f610d7da69384890af 100644 (file)
--- a/src/service_inspectors/imap/imap.h
+++ b/src/service_inspectors/imap/imap.h
@@ -144,13 +144,13 @@ struct IMAPSearchInfo
     int length;
 };
 
-class ImapMime : public MimeSession
+class ImapMime : public snort::MimeSession
 {
-    using MimeSession::MimeSession;
+    using snort::MimeSession::MimeSession;
 private:
     void decode_alert() override;
-    void reset_state(Flow* ssn) override;
-    bool is_end_of_data(Flow* ssn) override;
+    void reset_state(snort::Flow* ssn) override;
+    bool is_end_of_data(snort::Flow* ssn) override;
 };
 
 struct IMAPData
@@ -163,14 +163,14 @@ struct IMAPData
     ImapMime* mime_ssn;
 };
 
-class ImapFlowData : public FlowData
+class ImapFlowData : public snort::FlowData
 {
 public:
     ImapFlowData();
     ~ImapFlowData() override;
 
     static void init()
-    { inspector_id = FlowData::create_flow_data_id(); }
+    { inspector_id = snort::FlowData::create_flow_data_id(); }
 
 public:
     static unsigned inspector_id;

diff --git a/src/service_inspectors/imap/imap_module.cc b/src/service_inspectors/imap/imap_module.cc
index 26ef44c8fa1b21c7e23eabe0058df318d35ce6c9..39855dca6b3f541d791324da5602b5885ef0af0c 100644 (file)
--- a/src/service_inspectors/imap/imap_module.cc
+++ b/src/service_inspectors/imap/imap_module.cc
@@ -28,6 +28,7 @@
 
 #include "log/messages.h"
 
+using namespace snort;
 using namespace std;
 
 #define IMAP_UNKNOWN_CMD_STR                 "unknown IMAP3 command"

diff --git a/src/service_inspectors/imap/imap_module.h b/src/service_inspectors/imap/imap_module.h
index 89f1b96ed36c4e275dd073f7b60b7e754d7e74fe..9531e49324175be5f1146f286a33bc118b28ff7c 100644 (file)
--- a/src/service_inspectors/imap/imap_module.h
+++ b/src/service_inspectors/imap/imap_module.h
@@ -37,27 +37,30 @@
 #define IMAP_NAME "imap"
 #define IMAP_HELP "imap inspection"
 
+namespace snort
+{
 struct SnortConfig;
+}
 
-extern THREAD_LOCAL ProfileStats imapPerfStats;
+extern THREAD_LOCAL snort::ProfileStats imapPerfStats;
 
-class ImapModule : public Module
+class ImapModule : public snort::Module
 {
 public:
     ImapModule();
     ~ImapModule() override;
 
-    bool set(const char*, Value&, SnortConfig*) override;
-    bool begin(const char*, int, SnortConfig*) override;
-    bool end(const char*, int, SnortConfig*) override;
+    bool set(const char*, snort::Value&, snort::SnortConfig*) override;
+    bool begin(const char*, int, snort::SnortConfig*) override;
+    bool end(const char*, int, snort::SnortConfig*) override;
 
     unsigned get_gid() const override
     { return GID_IMAP; }
 
-    const RuleMap* get_rules() const override;
+    const snort::RuleMap* get_rules() const override;
     const PegInfo* get_pegs() const override;
     PegCount* get_counts() const override;
-    ProfileStats* get_profile() const override;
+    snort::ProfileStats* get_profile() const override;
 
     Usage get_usage() const override
     { return INSPECT; }

diff --git a/src/service_inspectors/imap/imap_paf.cc b/src/service_inspectors/imap/imap_paf.cc
index fe0e79b91af9383ca9e1a35ea35cffbe6dea604c..bf33ccc9b695e5fef684bef9eb24fbb4990a9dbf 100644 (file)
--- a/src/service_inspectors/imap/imap_paf.cc
+++ b/src/service_inspectors/imap/imap_paf.cc
@@ -28,6 +28,8 @@
 
 #include "imap.h"
 
+using namespace snort;
+
 extern IMAPToken imap_resps[];
 
 static inline ImapPafData* get_state(Flow* flow, bool c2s)

diff --git a/src/service_inspectors/imap/imap_paf.h b/src/service_inspectors/imap/imap_paf.h
index dea42953125d35d3f217d40693ccdf5e62c7e5d5..9643c70c38c6702c9c1eb481d5e709fa7d1f3da5 100644 (file)
--- a/src/service_inspectors/imap/imap_paf.h
+++ b/src/service_inspectors/imap/imap_paf.h
@@ -66,12 +66,12 @@ struct ImapPafData
     bool end_of_data;
 };
 
-class ImapSplitter : public StreamSplitter
+class ImapSplitter : public snort::StreamSplitter
 {
 public:
     ImapSplitter(bool c2s);
 
-    Status scan(Flow*, const uint8_t* data, uint32_t len,
+    Status scan(snort::Flow*, const uint8_t* data, uint32_t len,
         uint32_t flags, uint32_t* fp) override;
 
     bool is_paf() override { return true; }
@@ -81,7 +81,7 @@ public:
 };
 
 // Function: Check if IMAP data end is reached
-bool imap_is_data_end(Flow* ssn);
+bool imap_is_data_end(snort::Flow* ssn);
 
 #endif
 

diff --git a/src/service_inspectors/modbus/ips_modbus_data.cc b/src/service_inspectors/modbus/ips_modbus_data.cc
index 3c81c1288315ea234b4091803c8b45d398b88f24..6f30f5e5dc84cd55006e09be1c12fc5c8d826a43 100644 (file)
--- a/src/service_inspectors/modbus/ips_modbus_data.cc
+++ b/src/service_inspectors/modbus/ips_modbus_data.cc
@@ -32,6 +32,8 @@
 
 #include "modbus_decode.h"
 
+using namespace snort;
+
 static const char* s_name = "modbus_data";
 
 //-------------------------------------------------------------------------

diff --git a/src/service_inspectors/modbus/ips_modbus_func.cc b/src/service_inspectors/modbus/ips_modbus_func.cc
index bc9f8b198fcb3f2515434ca24a3ad74fd371c4a2..f2ae08239355871d89946f9ed01a00116aa6cb58 100644 (file)
--- a/src/service_inspectors/modbus/ips_modbus_func.cc
+++ b/src/service_inspectors/modbus/ips_modbus_func.cc
@@ -31,6 +31,8 @@
 
 #include "modbus.h"
 
+using namespace snort;
+
 static const char* s_name = "modbus_func";
 
 //-------------------------------------------------------------------------

diff --git a/src/service_inspectors/modbus/ips_modbus_unit.cc b/src/service_inspectors/modbus/ips_modbus_unit.cc
index 8b2cc84144ddee1363d58c7261bc6dbdcb86b262..b9c419c5b8e1ff36fa4bb476203607f2a8fb3643 100644 (file)
--- a/src/service_inspectors/modbus/ips_modbus_unit.cc
+++ b/src/service_inspectors/modbus/ips_modbus_unit.cc
@@ -31,6 +31,8 @@
 
 #include "modbus.h"
 
+using namespace snort;
+
 static const char* s_name = "modbus_unit";
 
 //-------------------------------------------------------------------------

diff --git a/src/service_inspectors/modbus/modbus.cc b/src/service_inspectors/modbus/modbus.cc
index fe47897f767a8f59991509c0f7cd27d3aaffd5da..faa97149d7d8f6f74de3e4133e40b151784a4b27 100644 (file)
--- a/src/service_inspectors/modbus/modbus.cc
+++ b/src/service_inspectors/modbus/modbus.cc
@@ -33,6 +33,8 @@
 #include "modbus_module.h"
 #include "modbus_paf.h"
 
+using namespace snort;
+
 THREAD_LOCAL ModbusStats modbus_stats;
 
 //-------------------------------------------------------------------------

diff --git a/src/service_inspectors/modbus/modbus.h b/src/service_inspectors/modbus/modbus.h
index 336c5f7f68161b1c7ad90c51ffc1f35d7e1bc5d5..4a973845c1c90318170ea9ff3e201ae3bffba800 100644 (file)
--- a/src/service_inspectors/modbus/modbus.h
+++ b/src/service_inspectors/modbus/modbus.h
@@ -40,7 +40,7 @@ struct modbus_session_data_t
     uint8_t unit;
 };
 
-class ModbusFlowData : public FlowData
+class ModbusFlowData : public snort::FlowData
 {
 public:
     ModbusFlowData();

diff --git a/src/service_inspectors/modbus/modbus_decode.cc b/src/service_inspectors/modbus/modbus_decode.cc
index 73b4e2bcb897499b84ba2b155599617ec8ee8a5f..51cd1ee5a951b49dadc7a497016c37158e7997a6 100644 (file)
--- a/src/service_inspectors/modbus/modbus_decode.cc
+++ b/src/service_inspectors/modbus/modbus_decode.cc
@@ -32,6 +32,8 @@
 #include "modbus.h"
 #include "modbus_module.h"
 
+using namespace snort;
+
 // FIXIT-L convert this stuff to a table and make configurable
 
 /* Modbus Function Codes */

diff --git a/src/service_inspectors/modbus/modbus_decode.h b/src/service_inspectors/modbus/modbus_decode.h
index c3c3de723b2b2e9b10c38745e32b5093c8659ebc..1b46dc3956fcd3ac905c0b47c4f03b4b271b9abd 100644 (file)
--- a/src/service_inspectors/modbus/modbus_decode.h
+++ b/src/service_inspectors/modbus/modbus_decode.h
@@ -22,10 +22,15 @@
 #ifndef MODBUS_DECODE_H
 #define MODBUS_DECODE_H
 
+namespace snort
+{
+struct Packet;
+}
+
 /* Need 8 bytes for MBAP Header + Function Code */
 #define MODBUS_MIN_LEN 8
 
-bool ModbusDecode(struct Packet*);
+bool ModbusDecode(snort::Packet*);
 
 #endif
 

diff --git a/src/service_inspectors/modbus/modbus_module.cc b/src/service_inspectors/modbus/modbus_module.cc
index 8216ebe3465f3ce0da5c22ed724bfe21959534e6..4de54d1433f7c78e9cbb3da7e9daeda5b4bc4423 100644 (file)
--- a/src/service_inspectors/modbus/modbus_module.cc
+++ b/src/service_inspectors/modbus/modbus_module.cc
@@ -28,6 +28,8 @@
 
 #include "modbus.h"
 
+using namespace snort;
+
 THREAD_LOCAL ProfileStats modbus_prof;
 
 //-------------------------------------------------------------------------

diff --git a/src/service_inspectors/modbus/modbus_module.h b/src/service_inspectors/modbus/modbus_module.h
index 05cbd109ee67ea825c2bb123f6f34ee50b3f250e..518e6d4d80e4a1c9d96904e3a8559b5547b531fb 100644 (file)
--- a/src/service_inspectors/modbus/modbus_module.h
+++ b/src/service_inspectors/modbus/modbus_module.h
@@ -32,9 +32,9 @@
 #define MODBUS_NAME "modbus"
 #define MODBUS_HELP "modbus inspection"
 
-extern THREAD_LOCAL ProfileStats modbus_prof;
+extern THREAD_LOCAL snort::ProfileStats modbus_prof;
 
-class ModbusModule : public Module
+class ModbusModule : public snort::Module
 {
 public:
     ModbusModule();
@@ -42,12 +42,12 @@ public:
     unsigned get_gid() const override
     { return GID_MODBUS; }
 
-    const RuleMap* get_rules() const override;
+    const snort::RuleMap* get_rules() const override;
 
     const PegInfo* get_pegs() const override;
     PegCount* get_counts() const override;
 
-    ProfileStats* get_profile() const override
+    snort::ProfileStats* get_profile() const override
     { return &modbus_prof; }
 
     Usage get_usage() const override

diff --git a/src/service_inspectors/modbus/modbus_paf.cc b/src/service_inspectors/modbus/modbus_paf.cc
index ce6663032f1ed2c6cee1ccc31cda3449c2fae1ac..a9c0711c798de2bbe067b1a0cf81634758a49d66 100644 (file)
--- a/src/service_inspectors/modbus/modbus_paf.cc
+++ b/src/service_inspectors/modbus/modbus_paf.cc
@@ -32,6 +32,8 @@
 #include "modbus.h"
 #include "modbus_module.h"
 
+using namespace snort;
+
 #define MODBUS_MIN_HDR_LEN 2        // Enough for Unit ID + Function
 #define MODBUS_MAX_HDR_LEN 254      // Max PDU size is 260, 6 bytes already seen
 

diff --git a/src/service_inspectors/modbus/modbus_paf.h b/src/service_inspectors/modbus/modbus_paf.h
index 3c19795bc16602f34a12d31f7a32bc0932eb09e6..d3a56f0dc29d40f069a147882678cd0a956da7eb 100644 (file)
--- a/src/service_inspectors/modbus/modbus_paf.h
+++ b/src/service_inspectors/modbus/modbus_paf.h
@@ -37,14 +37,13 @@ enum modbus_paf_state_t
     MODBUS_PAF_STATE__SET_FLUSH
 };
 
-class ModbusSplitter : public StreamSplitter
+class ModbusSplitter : public snort::StreamSplitter
 {
 public:
     ModbusSplitter(bool);
 
-    Status scan(
-        Flow*, const uint8_t* data, uint32_t len,
-        uint32_t flags, uint32_t* fp) override;
+    Status scan(snort::Flow*, const uint8_t* data, uint32_t len, uint32_t flags,
+        uint32_t* fp) override;
 
     bool is_paf() override { return true; }
 

diff --git a/src/service_inspectors/pop/pop.cc b/src/service_inspectors/pop/pop.cc
index 0a37673d81324b9eeed5ae9175d307cd48b13ed8..59353b9d6e2af54eb8ba4cc026d87fc73e4d4089 100644 (file)
--- a/src/service_inspectors/pop/pop.cc
+++ b/src/service_inspectors/pop/pop.cc
@@ -37,6 +37,8 @@
 #include "pop_module.h"
 #include "pop_paf.h"
 
+using namespace snort;
+
 THREAD_LOCAL ProfileStats popPerfStats;
 THREAD_LOCAL PopStats popstats;
 

diff --git a/src/service_inspectors/pop/pop.h b/src/service_inspectors/pop/pop.h
index 9ab76ccd9c0a0dc7863d1800776455a0fb3eeb12..9e19a10b67e27f503d9ee2dc3da809d91132c5b0 100644 (file)
--- a/src/service_inspectors/pop/pop.h
+++ b/src/service_inspectors/pop/pop.h
@@ -99,13 +99,13 @@ struct POPSearchInfo
     int length;
 };
 
-class PopMime : public MimeSession
+class PopMime : public snort::MimeSession
 {
-    using MimeSession::MimeSession;
+    using snort::MimeSession::MimeSession;
 private:
     void decode_alert() override;
-    void reset_state(Flow* ssn) override;
-    bool is_end_of_data(Flow* ssn) override;
+    void reset_state(snort::Flow* ssn) override;
+    bool is_end_of_data(snort::Flow* ssn) override;
 };
 
 struct POPData
@@ -117,14 +117,14 @@ struct POPData
     PopMime* mime_ssn;
 };
 
-class PopFlowData : public FlowData
+class PopFlowData : public snort::FlowData
 {
 public:
     PopFlowData();
     ~PopFlowData() override;
 
     static void init()
-    { inspector_id = FlowData::create_flow_data_id(); }
+    { inspector_id = snort::FlowData::create_flow_data_id(); }
 
 public:
     static unsigned inspector_id;

diff --git a/src/service_inspectors/pop/pop_module.cc b/src/service_inspectors/pop/pop_module.cc
index 0f8fa73daf19d9fc7e08df7988abf3062483bc17..dd0ea9b5f3fc4df070ea7333466043ab6316db6e 100644 (file)
--- a/src/service_inspectors/pop/pop_module.cc
+++ b/src/service_inspectors/pop/pop_module.cc
@@ -28,6 +28,7 @@
 
 #include "log/messages.h"
 
+using namespace snort;
 using namespace std;
 
 #define POP_UNKNOWN_CMD_STR                 "unknown POP3 command"

diff --git a/src/service_inspectors/pop/pop_module.h b/src/service_inspectors/pop/pop_module.h
index cd06b91cd78d35e28e6f805660a9f0a617c7ecab..e10930d863e5cf519be906a89ee05e67299ef9ec 100644 (file)
--- a/src/service_inspectors/pop/pop_module.h
+++ b/src/service_inspectors/pop/pop_module.h
@@ -37,27 +37,30 @@
 #define POP_NAME "pop"
 #define POP_HELP "pop inspection"
 
+namespace snort
+{
 struct SnortConfig;
+}
 
-extern THREAD_LOCAL ProfileStats popPerfStats;
+extern THREAD_LOCAL snort::ProfileStats popPerfStats;
 
-class PopModule : public Module
+class PopModule : public snort::Module
 {
 public:
     PopModule();
     ~PopModule() override;
 
-    bool set(const char*, Value&, SnortConfig*) override;
-    bool begin(const char*, int, SnortConfig*) override;
-    bool end(const char*, int, SnortConfig*) override;
+    bool set(const char*, snort::Value&, snort::SnortConfig*) override;
+    bool begin(const char*, int, snort::SnortConfig*) override;
+    bool end(const char*, int, snort::SnortConfig*) override;
 
     unsigned get_gid() const override
     { return GID_POP; }
 
-    const RuleMap* get_rules() const override;
+    const snort::RuleMap* get_rules() const override;
     const PegInfo* get_pegs() const override;
     PegCount* get_counts() const override;
-    ProfileStats* get_profile() const override;
+    snort::ProfileStats* get_profile() const override;
 
     Usage get_usage() const override
     { return INSPECT; }

diff --git a/src/service_inspectors/pop/pop_paf.cc b/src/service_inspectors/pop/pop_paf.cc
index 422699ea4208fd2aba5ff21bf28d32f426277295..0816c980def41047cfe6dbb5315b216a85abed22 100644 (file)
--- a/src/service_inspectors/pop/pop_paf.cc
+++ b/src/service_inspectors/pop/pop_paf.cc
@@ -28,6 +28,8 @@
 
 #include "pop.h"
 
+using namespace snort;
+
 extern POPToken pop_known_cmds[];
 
 static inline PopPafData* get_state(Flow* flow, bool c2s)

diff --git a/src/service_inspectors/pop/pop_paf.h b/src/service_inspectors/pop/pop_paf.h
index b262b2a3e1235532e28b41089869408445b3bc6f..7b405e62aba6ab0bc1fbbdbd57d3a596bfee5328 100644 (file)
--- a/src/service_inspectors/pop/pop_paf.h
+++ b/src/service_inspectors/pop/pop_paf.h
@@ -62,12 +62,12 @@ struct PopPafData
     bool end_of_data;
 };
 
-class PopSplitter : public StreamSplitter
+class PopSplitter : public snort::StreamSplitter
 {
 public:
     PopSplitter(bool c2s);
 
-    Status scan(Flow*, const uint8_t* data, uint32_t len,
+    Status scan(snort::Flow*, const uint8_t* data, uint32_t len,
         uint32_t flags, uint32_t* fp) override;
 
     bool is_paf() override { return true; }
@@ -77,7 +77,7 @@ public:
 };
 
 // Function: Callback to check if POP data end is reached
-bool pop_is_data_end(Flow* ssn);
+bool pop_is_data_end(snort::Flow* ssn);
 
 #endif
 

diff --git a/src/service_inspectors/rpc_decode/rpc_decode.cc b/src/service_inspectors/rpc_decode/rpc_decode.cc
index 122bc9b1537e0c2f719505d28486bf956f47219d..03632c25538d9c81f5621b800d9979ac80bb9e4d 100644 (file)
--- a/src/service_inspectors/rpc_decode/rpc_decode.cc
+++ b/src/service_inspectors/rpc_decode/rpc_decode.cc
@@ -51,6 +51,7 @@
 
 #include "rpc_module.h"
 
+using namespace snort;
 using namespace std;
 
 #define RPC_MAX_BUF_SIZE   256

diff --git a/src/service_inspectors/rpc_decode/rpc_module.cc b/src/service_inspectors/rpc_decode/rpc_module.cc
index c817ea03d67883454e4d79e0e4ec1ab0991eac2e..cb6e77a78688a2a3c8b7cd723522668ce739d2a8 100644 (file)
--- a/src/service_inspectors/rpc_decode/rpc_module.cc
+++ b/src/service_inspectors/rpc_decode/rpc_module.cc
@@ -24,6 +24,8 @@
 
 #include "rpc_module.h"
 
+using namespace snort;
+
 #define RPC_FRAG_TRAFFIC_STR \
     "fragmented RPC records"
 #define RPC_MULTIPLE_RECORD_STR \

diff --git a/src/service_inspectors/rpc_decode/rpc_module.h b/src/service_inspectors/rpc_decode/rpc_module.h
index adadec8170ec83eb26f96a94550e28b844b11414..3357044663cfcb987ceab129bf1feb28a8327369 100644 (file)
--- a/src/service_inspectors/rpc_decode/rpc_module.h
+++ b/src/service_inspectors/rpc_decode/rpc_module.h
@@ -35,9 +35,9 @@
 struct RpcStats;
 
 extern THREAD_LOCAL RpcStats rdstats;
-extern THREAD_LOCAL ProfileStats rpcdecodePerfStats;
+extern THREAD_LOCAL snort::ProfileStats rpcdecodePerfStats;
 
-class RpcDecodeModule : public Module
+class RpcDecodeModule : public snort::Module
 {
 public:
     RpcDecodeModule();
@@ -45,10 +45,10 @@ public:
     unsigned get_gid() const override
     { return GID_RPC_DECODE; }
 
-    const RuleMap* get_rules() const override;
+    const snort::RuleMap* get_rules() const override;
     const PegInfo* get_pegs() const override;
     PegCount* get_counts() const override;
-    ProfileStats* get_profile() const override;
+    snort::ProfileStats* get_profile() const override;
 
     Usage get_usage() const override
     { return INSPECT; }

diff --git a/src/service_inspectors/service_inspectors.cc b/src/service_inspectors/service_inspectors.cc
index da496c42df092c84b94834f7082d26099e202c95..029bcbcd86328f477f751c1109070b36ce641144 100644 (file)
--- a/src/service_inspectors/service_inspectors.cc
+++ b/src/service_inspectors/service_inspectors.cc
@@ -25,6 +25,8 @@
 
 #include "managers/plugin_manager.h"
 
+using namespace snort;
+
 extern const BaseApi* sin_imap;
 extern const BaseApi* sin_pop;
 extern const BaseApi* sin_smtp;

diff --git a/src/service_inspectors/sip/ips_sip.cc b/src/service_inspectors/sip/ips_sip.cc
index 89200349123b7e2c987a63cd4289f37986205e81..29bf667988c12b2a35ee880a014b98da2b4d156c 100644 (file)
--- a/src/service_inspectors/sip/ips_sip.cc
+++ b/src/service_inspectors/sip/ips_sip.cc
@@ -35,6 +35,8 @@
 
 #include "sip.h"
 
+using namespace snort;
+
 enum SipIdx
 {
     SIP_HEADER, SIP_BODY, SIP_MAX

diff --git a/src/service_inspectors/sip/ips_sip_method.cc b/src/service_inspectors/sip/ips_sip_method.cc
index 097b0b65c5d7d345d9aadc26a067b7ca4493798b..2261083dfd9df9cbcecea7284664a528c971b669 100644 (file)
--- a/src/service_inspectors/sip/ips_sip_method.cc
+++ b/src/service_inspectors/sip/ips_sip_method.cc
@@ -37,6 +37,8 @@
 
 #include "sip.h"
 
+using namespace snort;
+
 //-------------------------------------------------------------------------
 // sip_method
 //-------------------------------------------------------------------------

diff --git a/src/service_inspectors/sip/ips_sip_stat_code.cc b/src/service_inspectors/sip/ips_sip_stat_code.cc
index 8991565142d81c023cee2c293eaf9dd7077dd541..4823b286762f7191883d4ae1be72ff41349d3913 100644 (file)
--- a/src/service_inspectors/sip/ips_sip_stat_code.cc
+++ b/src/service_inspectors/sip/ips_sip_stat_code.cc
@@ -35,6 +35,8 @@
 
 #include "sip.h"
 
+using namespace snort;
+
 //-------------------------------------------------------------------------
 // sip_stat_code
 //-------------------------------------------------------------------------

diff --git a/src/service_inspectors/sip/sip.cc b/src/service_inspectors/sip/sip.cc
index c48179815cf93d2ad0a78559f3015bc7a2938258..218f8953ed0e13e018ef661bcc5e12614e361c3a 100644 (file)
--- a/src/service_inspectors/sip/sip.cc
+++ b/src/service_inspectors/sip/sip.cc
@@ -34,6 +34,8 @@
 #include "sip_module.h"
 #include "sip_utils.h"
 
+using namespace snort;
+
 THREAD_LOCAL ProfileStats sipPerfStats;
 
 static void snort_sip(SIP_PROTO_CONF* GlobalConf, Packet* p);

diff --git a/src/service_inspectors/sip/sip.h b/src/service_inspectors/sip/sip.h
index edcf5f9b76ae44a08f34964fb7a303afa346e178..de701b6261b47fe535f168b51a098b1c5f98d1ac 100644 (file)
--- a/src/service_inspectors/sip/sip.h
+++ b/src/service_inspectors/sip/sip.h
@@ -36,21 +36,21 @@ struct SIPData
     SIP_PROTO_CONF *sip_config;
 };
 
-class SipFlowData : public FlowData
+class SipFlowData : public snort::FlowData
 {
 public:
     SipFlowData();
     ~SipFlowData() override;
 
     static void init()
-    { inspector_id = FlowData::create_flow_data_id(); }
+    { inspector_id = snort::FlowData::create_flow_data_id(); }
 
 public:
     static unsigned inspector_id;
     SIPData session;
 };
 
-SIPData* get_sip_session_data(const Flow*);
+SIPData* get_sip_session_data(const snort::Flow*);
 SIPMethodNode* add_sip_method(const char*);
 
 #endif

diff --git a/src/service_inspectors/sip/sip_common.h b/src/service_inspectors/sip/sip_common.h
index 80c2739e817aa381c0a9775eb59625aefd49ec28..e308c02b2c8cda9b81bdfb66edc21434e18977cd 100644 (file)
--- a/src/service_inspectors/sip/sip_common.h
+++ b/src/service_inspectors/sip/sip_common.h
@@ -77,7 +77,7 @@ enum SIP_DialogState
 
 struct SIP_MediaData
 {
-    SfIp maddress;  // media IP
+    snort::SfIp maddress;  // media IP
     uint16_t mport;   // media port
     uint8_t numPort;   // number of media ports
     SIP_MediaData* nextM;
@@ -91,7 +91,7 @@ struct SIP_MediaSession
     int savedFlag;      // whether this data has been saved by a dialog,
                         // if savedFlag = 1, this session will be deleted after sip message is
                         // processed.
-    SfIp maddress_default;  // Default media IP
+    snort::SfIp maddress_default;  // Default media IP
     SIP_MediaDataList medias; // Media list in the session
     SIP_MediaSession* nextS; // Next media session
 };

diff --git a/src/service_inspectors/sip/sip_dialog.cc b/src/service_inspectors/sip/sip_dialog.cc
index d2d66f79b8bd166777c8812011720eef7cf97e6c..67785dc32acc98ae981081d5f3d4c31d62277c37 100644 (file)
--- a/src/service_inspectors/sip/sip_dialog.cc
+++ b/src/service_inspectors/sip/sip_dialog.cc
@@ -38,6 +38,8 @@
 #include "sip.h"
 #include "sip_module.h"
 
+using namespace snort;
+
 static void SIP_updateMedias(SIP_MediaSession*, SIP_MediaList*);
 static int SIP_compareMedias(SIP_MediaDataList, SIP_MediaDataList);
 static bool SIP_checkMediaChange(SIPMsg* sipMsg, SIP_DialogData* dialog);

diff --git a/src/service_inspectors/sip/sip_dialog.h b/src/service_inspectors/sip/sip_dialog.h
index 6b05b04f93b882504e510696800c436cce1f5b38..7c716a8c3192082f7701da7d4bdc129f7b98bef8 100644 (file)
--- a/src/service_inspectors/sip/sip_dialog.h
+++ b/src/service_inspectors/sip/sip_dialog.h
@@ -26,7 +26,10 @@
 
 #include "sip_parser.h"
 
+namespace snort
+{
 struct Packet;
+}
 
 #define TOTAL_RESPONSES 0
 #define RESPONSE1XX     1
@@ -54,7 +57,7 @@ struct SIP_DialogList
     uint32_t num_dialogs;
 };
 
-int SIP_updateDialog(SIPMsg* sipMsg, SIP_DialogList* dList, Packet* p, SIP_PROTO_CONF*);
+int SIP_updateDialog(SIPMsg* sipMsg, SIP_DialogList* dList, snort::Packet* p, SIP_PROTO_CONF*);
 void sip_freeDialogs(SIP_DialogList* list);
 
 #endif

diff --git a/src/service_inspectors/sip/sip_module.cc b/src/service_inspectors/sip/sip_module.cc
index f49aa8e02ef9a48252cb6fb1e3417addac5e8052..3925a07cca0b7c788ad4e38ffdad8d082e5000a3 100644 (file)
--- a/src/service_inspectors/sip/sip_module.cc
+++ b/src/service_inspectors/sip/sip_module.cc
@@ -26,6 +26,7 @@
 
 #include <cassert>
 
+using namespace snort;
 using namespace std;
 
 #define SIP_EVENT_EMPTY_REQUEST_URI_STR  "empty request URI"

diff --git a/src/service_inspectors/sip/sip_module.h b/src/service_inspectors/sip/sip_module.h
index 63dac74521052ae3544a76fbf25aa451268a000f..a83187a8d003f599d088dcde211da4578c9fc877 100644 (file)
--- a/src/service_inspectors/sip/sip_module.h
+++ b/src/service_inspectors/sip/sip_module.h
@@ -59,27 +59,30 @@
 #define SIP_NAME "sip"
 #define SIP_HELP "sip inspection"
 
+namespace snort
+{
 struct SnortConfig;
+}
 
-extern THREAD_LOCAL ProfileStats sipPerfStats;
+extern THREAD_LOCAL snort::ProfileStats sipPerfStats;
 
-class SipModule : public Module
+class SipModule : public snort::Module
 {
 public:
     SipModule();
     ~SipModule() override;
 
-    bool set(const char*, Value&, SnortConfig*) override;
-    bool begin(const char*, int, SnortConfig*) override;
-    bool end(const char*, int, SnortConfig*) override;
+    bool set(const char*, snort::Value&, snort::SnortConfig*) override;
+    bool begin(const char*, int, snort::SnortConfig*) override;
+    bool end(const char*, int, snort::SnortConfig*) override;
 
     unsigned get_gid() const override
     { return GID_SIP; }
 
-    const RuleMap* get_rules() const override;
+    const snort::RuleMap* get_rules() const override;
     const PegInfo* get_pegs() const override;
     PegCount* get_counts() const override;
-    ProfileStats* get_profile() const override;
+    snort::ProfileStats* get_profile() const override;
 
     Usage get_usage() const override
     { return INSPECT; }

diff --git a/src/service_inspectors/sip/sip_parser.cc b/src/service_inspectors/sip/sip_parser.cc
index c23912f90a64ba31acc8ecb97b84283ecfc09fe0..8830a43210a6a96e77a1473dc30ec85f2a96807a 100644 (file)
--- a/src/service_inspectors/sip/sip_parser.cc
+++ b/src/service_inspectors/sip/sip_parser.cc
@@ -34,6 +34,8 @@
 #include "sip_module.h"
 #include "sip_utils.h"
 
+using namespace snort;
+
 #define MAX_NUM_32BIT  2147483647
 
 #define SIP_PARSE_NOFOLDING  (-2)

diff --git a/src/service_inspectors/smtp/smtp.cc b/src/service_inspectors/smtp/smtp.cc
index 760315e39d1943355c7bf5cf351ce707b13c5a57..e1f728132f116fce56024d4f974822cfaa02a2f6 100644 (file)
--- a/src/service_inspectors/smtp/smtp.cc
+++ b/src/service_inspectors/smtp/smtp.cc
@@ -41,6 +41,8 @@
 #include "smtp_util.h"
 #include "smtp_xlink2state.h"
 
+using namespace snort;
+
 THREAD_LOCAL ProfileStats smtpPerfStats;
 THREAD_LOCAL SmtpStats smtpstats;
 THREAD_LOCAL bool smtp_normalizing;

diff --git a/src/service_inspectors/smtp/smtp.h b/src/service_inspectors/smtp/smtp.h
index 2bb252a620439af033ef4f25a850fdaad1e55940..60154a514d1640ca7d61a63d30b05329b8ed282c 100644 (file)
--- a/src/service_inspectors/smtp/smtp.h
+++ b/src/service_inspectors/smtp/smtp.h
@@ -138,18 +138,18 @@ struct SMTPAuthName
     char name[MAX_AUTH_NAME_LEN];
 };
 
-class SmtpMime : public MimeSession
+class SmtpMime : public snort::MimeSession
 {
 public:
-    using MimeSession::MimeSession;
+    using snort::MimeSession::MimeSession;
     SMTP_PROTO_CONF* config;
 private:
     int handle_header_line(const uint8_t* ptr, const uint8_t* eol,
         int max_header_len) override;
     int normalize_data(const uint8_t* ptr, const uint8_t* data_end) override;
     void decode_alert() override;
-    void reset_state(Flow* ssn) override;
-    bool is_end_of_data(Flow* ssn) override;
+    void reset_state(snort::Flow* ssn) override;
+    bool is_end_of_data(snort::Flow* ssn) override;
 };
 
 struct SMTPData
@@ -162,14 +162,14 @@ struct SMTPData
     SMTPAuthName* auth_name;
 };
 
-class SmtpFlowData : public FlowData
+class SmtpFlowData : public snort::FlowData
 {
 public:
     SmtpFlowData();
     ~SmtpFlowData() override;
 
     static void init()
-    { inspector_id = FlowData::create_flow_data_id(); }
+    { inspector_id = snort::FlowData::create_flow_data_id(); }
 
 public:
     static unsigned inspector_id;

diff --git a/src/service_inspectors/smtp/smtp_config.h b/src/service_inspectors/smtp/smtp_config.h
index 38ae1bfddfab4137f31b715e42a83a84c86035ac..25a33ab9067376821ed5ac317c5832e1f57fdf31 100644 (file)
--- a/src/service_inspectors/smtp/smtp_config.h
+++ b/src/service_inspectors/smtp/smtp_config.h
@@ -141,7 +141,7 @@ struct SMTP_PROTO_CONF
     SMTPToken* cmds;
     SMTPCmdConfig* cmd_config;
     SMTPSearch* cmd_search;
-    SearchTool* cmd_search_mpse;
+    snort::SearchTool* cmd_search_mpse;
 };
 
 struct SmtpStats

diff --git a/src/service_inspectors/smtp/smtp_module.cc b/src/service_inspectors/smtp/smtp_module.cc
index d2869ae93171c692524e6f58d0e7700ff51ee1d0..275977d397758f7e64a43386701bc0bf27f39ef1 100644 (file)
--- a/src/service_inspectors/smtp/smtp_module.cc
+++ b/src/service_inspectors/smtp/smtp_module.cc
@@ -27,6 +27,7 @@
 #include "log/messages.h"
 #include "utils/util.h"
 
+using namespace snort;
 using namespace std;
 
 SmtpCmd::SmtpCmd(std::string& key, uint32_t flg, int num)

diff --git a/src/service_inspectors/smtp/smtp_module.h b/src/service_inspectors/smtp/smtp_module.h
index 03f7ba7e4a14f936710bd1671e67c9d7e34ce614..5cc8115eb4462446dbf0d3a8ea7fad2250bf9678 100644 (file)
--- a/src/service_inspectors/smtp/smtp_module.h
+++ b/src/service_inspectors/smtp/smtp_module.h
@@ -57,9 +57,12 @@
 #define PCMD_NORM        0x0020
 #define PCMD_VALID       0x0040
 
+namespace snort
+{
 struct SnortConfig;
+}
 
-extern THREAD_LOCAL ProfileStats smtpPerfStats;
+extern THREAD_LOCAL snort::ProfileStats smtpPerfStats;
 struct SmtpCmd
 {
     std::string name;
@@ -71,23 +74,23 @@ struct SmtpCmd
     SmtpCmd(std::string&, int);
 };
 
-class SmtpModule : public Module
+class SmtpModule : public snort::Module
 {
 public:
     SmtpModule();
     ~SmtpModule() override;
 
-    bool set(const char*, Value&, SnortConfig*) override;
-    bool begin(const char*, int, SnortConfig*) override;
-    bool end(const char*, int, SnortConfig*) override;
+    bool set(const char*, snort::Value&, snort::SnortConfig*) override;
+    bool begin(const char*, int, snort::SnortConfig*) override;
+    bool end(const char*, int, snort::SnortConfig*) override;
 
     unsigned get_gid() const override
     { return GID_SMTP; }
 
-    const RuleMap* get_rules() const override;
+    const snort::RuleMap* get_rules() const override;
     const PegInfo* get_pegs() const override;
     PegCount* get_counts() const override;
-    ProfileStats* get_profile() const override;
+    snort::ProfileStats* get_profile() const override;
 
     SMTP_PROTO_CONF* get_data();
     const SmtpCmd* get_cmd(unsigned idx);
@@ -96,7 +99,7 @@ public:
     { return INSPECT; }
 
 private:
-    void add_commands(Value&, uint32_t flags);
+    void add_commands(snort::Value&, uint32_t flags);
 
 private:
     SMTP_PROTO_CONF* config;

diff --git a/src/service_inspectors/smtp/smtp_normalize.cc b/src/service_inspectors/smtp/smtp_normalize.cc
index 3987634fbff2c3c8de3f435e626327f0570f8156..8f91f05eaa7fc00aba98945888d7857e3f9d7b5a 100644 (file)
--- a/src/service_inspectors/smtp/smtp_normalize.cc
+++ b/src/service_inspectors/smtp/smtp_normalize.cc
@@ -65,7 +65,7 @@
  * @retval   0          function succeeded without error
  * @retval  -1          there were errors
  */
-int SMTP_NormalizeCmd(Packet* p, const uint8_t* ptr, const uint8_t* eolm, const uint8_t* eol)
+int SMTP_NormalizeCmd(snort::Packet* p, const uint8_t* ptr, const uint8_t* eolm, const uint8_t* eol)
 {
     const uint8_t* tmp;
     const uint8_t* cmd_start;

diff --git a/src/service_inspectors/smtp/smtp_normalize.h b/src/service_inspectors/smtp/smtp_normalize.h
index e2a467a0020f6f3d6a22f178e37cc41b6331777c..6c4bc3f5fd2cf1e4908f9b74d3175404cd6e15cd 100644 (file)
--- a/src/service_inspectors/smtp/smtp_normalize.h
+++ b/src/service_inspectors/smtp/smtp_normalize.h
@@ -24,8 +24,11 @@
 
 #include <cstdint>
 
+namespace snort
+{
 struct Packet;
+}
 
-int SMTP_NormalizeCmd(Packet*, const uint8_t*, const uint8_t*, const uint8_t*);
+int SMTP_NormalizeCmd(snort::Packet*, const uint8_t*, const uint8_t*, const uint8_t*);
 
 #endif

diff --git a/src/service_inspectors/smtp/smtp_paf.cc b/src/service_inspectors/smtp/smtp_paf.cc
index 014d3329723abdc520626394c82107bdb4f127fc..e73a1c4111611c4ee48d29e79f8d3778d74b1392 100644 (file)
--- a/src/service_inspectors/smtp/smtp_paf.cc
+++ b/src/service_inspectors/smtp/smtp_paf.cc
@@ -30,6 +30,8 @@
 
 #include "smtp_module.h"
 
+using namespace snort;
+
 /* State tracker for MIME PAF */
 enum SmtpDataCMD
 {

diff --git a/src/service_inspectors/smtp/smtp_paf.h b/src/service_inspectors/smtp/smtp_paf.h
index 940bceefddbb843a0e9e4bb7227cc33dbe3751e1..4e7d6a316a598fe5e018eb220b49bea185a5068e 100644 (file)
--- a/src/service_inspectors/smtp/smtp_paf.h
+++ b/src/service_inspectors/smtp/smtp_paf.h
@@ -60,12 +60,12 @@ struct SmtpPafData
     bool end_of_data;
 };
 
-class SmtpSplitter : public StreamSplitter
+class SmtpSplitter : public snort::StreamSplitter
 {
 public:
     SmtpSplitter(bool c2s, int max_auth_cmd_line_len);
 
-    Status scan(Flow*, const uint8_t* data, uint32_t len,
+    Status scan(snort::Flow*, const uint8_t* data, uint32_t len,
         uint32_t flags, uint32_t* fp) override;
 
     bool is_paf() override { return true; }
@@ -78,6 +78,6 @@ private:
 };
 
 // Function: Check if IMAP data end is reached
-bool smtp_is_data_end(Flow* ssn);
+bool smtp_is_data_end(snort::Flow* ssn);
 
 #endif

diff --git a/src/service_inspectors/smtp/smtp_util.cc b/src/service_inspectors/smtp/smtp_util.cc
index ddb745b5f548f56213156e267c649fb9aa062b9b..03ec077fb5c1f00d86e852e58b03ced584068084 100644 (file)
--- a/src/service_inspectors/smtp/smtp_util.cc
+++ b/src/service_inspectors/smtp/smtp_util.cc
@@ -33,6 +33,8 @@
 
 #include "smtp.h"
 
+using namespace snort;
+
 void SMTP_GetEOL(const uint8_t* ptr, const uint8_t* end,
     const uint8_t** eol, const uint8_t** eolm)
 {

diff --git a/src/service_inspectors/smtp/smtp_util.h b/src/service_inspectors/smtp/smtp_util.h
index 24dd55b08b5c0e6931abebeb1470a1daae9de88c..92112a6730b8e6467cf4002f13f3c3dbe36eda22 100644 (file)
--- a/src/service_inspectors/smtp/smtp_util.h
+++ b/src/service_inspectors/smtp/smtp_util.h
@@ -26,13 +26,16 @@
 
 #include "smtp_config.h"
 
+namespace snort
+{
 struct Packet;
+}
 
 void SMTP_GetEOL(const uint8_t*, const uint8_t*, const uint8_t**, const uint8_t**);
-void SMTP_LogFuncs(SMTP_PROTO_CONF*, Packet*, MimeSession*);
+void SMTP_LogFuncs(SMTP_PROTO_CONF*, snort::Packet*, snort::MimeSession*);
 
-int SMTP_CopyToAltBuffer(Packet*, const uint8_t*, int);
-const uint8_t* SMTP_GetAltBuffer(Packet*, unsigned& len);
-void SMTP_ResetAltBuffer(Packet*);
+int SMTP_CopyToAltBuffer(snort::Packet*, const uint8_t*, int);
+const uint8_t* SMTP_GetAltBuffer(snort::Packet*, unsigned& len);
+void SMTP_ResetAltBuffer(snort::Packet*);
 
 #endif

diff --git a/src/service_inspectors/smtp/smtp_xlink2state.cc b/src/service_inspectors/smtp/smtp_xlink2state.cc
index 98c90f948e1bdaa2f210877a7a873653d488dacb..77e2e856eb8b04102e65de2ba1bf3f48fbf4235e 100644 (file)
--- a/src/service_inspectors/smtp/smtp_xlink2state.cc
+++ b/src/service_inspectors/smtp/smtp_xlink2state.cc
@@ -175,7 +175,7 @@ static char get_xlink_keyword(const uint8_t* ptr, const uint8_t* end)
  * @retval  1           if alert raised
  * @retval  0           if no alert raised
  */
-int ParseXLink2State(SMTP_PROTO_CONF* config, Packet* p, SMTPData* smtp_ssn, const uint8_t* ptr)
+int ParseXLink2State(SMTP_PROTO_CONF* config, snort::Packet* p, SMTPData* smtp_ssn, const uint8_t* ptr)
 {
     const uint8_t* lf = nullptr;
     uint32_t len = 0;
@@ -243,9 +243,9 @@ int ParseXLink2State(SMTP_PROTO_CONF* config, Packet* p, SMTPData* smtp_ssn, con
         /* Need to drop the packet if we're told to
          * (outside of whether its thresholded). */
         if (config->xlink2state == DROP_XLINK2STATE)
-            Active::reset_session(p);
+            snort::Active::reset_session(p);
 
-        DetectionEngine::queue_event(GID_SMTP, SMTP_XLINK2STATE_OVERFLOW);
+        snort::DetectionEngine::queue_event(GID_SMTP, SMTP_XLINK2STATE_OVERFLOW);
         smtp_ssn->session_flags |= SMTP_FLAG_XLINK2STATE_ALERTED;
 
         return 1;

diff --git a/src/service_inspectors/smtp/smtp_xlink2state.h b/src/service_inspectors/smtp/smtp_xlink2state.h
index 87414ca2cdb8cbd0ed9dd37ad60442e7dbdc7626..02a1161ef453dbd680327d269c423475b1492699 100644 (file)
--- a/src/service_inspectors/smtp/smtp_xlink2state.h
+++ b/src/service_inspectors/smtp/smtp_xlink2state.h
@@ -26,6 +26,6 @@
 
 #include "smtp.h"
 
-int ParseXLink2State(SMTP_PROTO_CONF*, Packet*, SMTPData*, const uint8_t*);
+int ParseXLink2State(SMTP_PROTO_CONF*, snort::Packet*, SMTPData*, const uint8_t*);
 
 #endif

diff --git a/src/service_inspectors/ssh/ssh.cc b/src/service_inspectors/ssh/ssh.cc
index c42561708a1722bcda67e900209a7514decdfddd..139170d775ea4cc352c2c360062507e9f967c0c2 100644 (file)
--- a/src/service_inspectors/ssh/ssh.cc
+++ b/src/service_inspectors/ssh/ssh.cc
@@ -38,6 +38,8 @@
 
 #include "ssh_module.h"
 
+using namespace snort;
+
 THREAD_LOCAL ProfileStats sshPerfStats;
 THREAD_LOCAL SshStats sshstats;
 

diff --git a/src/service_inspectors/ssh/ssh.h b/src/service_inspectors/ssh/ssh.h
index e1d887496a75e7979c7504f84be6ec5589605a72..ffd80aa92a168f02053a8d3d669f581bf78ba1e8 100644 (file)
--- a/src/service_inspectors/ssh/ssh.h
+++ b/src/service_inspectors/ssh/ssh.h
@@ -42,14 +42,14 @@ struct SSHData
     uint32_t state_flags;      // Bit vector describing the current state of the session
 };
 
-class SshFlowData : public FlowData
+class SshFlowData : public snort::FlowData
 {
 public:
     SshFlowData();
     ~SshFlowData() override;
 
     static void init()
-    { inspector_id = FlowData::create_flow_data_id(); }
+    { inspector_id = snort::FlowData::create_flow_data_id(); }
 
 public:
     static unsigned inspector_id;

diff --git a/src/service_inspectors/ssh/ssh_module.cc b/src/service_inspectors/ssh/ssh_module.cc
index 651af0ed4bcd0f163184133f2104e13e896a1151..9389d9ae32233abab3993a624a242b30d65553da 100644 (file)
--- a/src/service_inspectors/ssh/ssh_module.cc
+++ b/src/service_inspectors/ssh/ssh_module.cc
@@ -26,6 +26,7 @@
 
 #include <cassert>
 
+using namespace snort;
 using namespace std;
 
 #define SSH_EVENT_RESPOVERFLOW_STR \

diff --git a/src/service_inspectors/ssh/ssh_module.h b/src/service_inspectors/ssh/ssh_module.h
index 2beca0266025a7e3a6ebc0cd02078b8cb82672e7..80ec2968f285e335775674b3cb2e16e6eed65def 100644 (file)
--- a/src/service_inspectors/ssh/ssh_module.h
+++ b/src/service_inspectors/ssh/ssh_module.h
@@ -39,27 +39,30 @@
 #define SSH_NAME "ssh"
 #define SSH_HELP "ssh inspection"
 
-struct SnortConfig;
+namespace snort
+{struct SnortConfig;
+
+}
 
 extern THREAD_LOCAL SshStats sshstats;
-extern THREAD_LOCAL ProfileStats sshPerfStats;
+extern THREAD_LOCAL snort::ProfileStats sshPerfStats;
 
-class SshModule : public Module
+class SshModule : public snort::Module
 {
 public:
     SshModule();
     ~SshModule() override;
 
-    bool set(const char*, Value&, SnortConfig*) override;
-    bool begin(const char*, int, SnortConfig*) override;
+    bool set(const char*, snort::Value&, snort::SnortConfig*) override;
+    bool begin(const char*, int, snort::SnortConfig*) override;
 
     unsigned get_gid() const override
     { return GID_SSH; }
 
-    const RuleMap* get_rules() const override;
+    const snort::RuleMap* get_rules() const override;
     const PegInfo* get_pegs() const override;
     PegCount* get_counts() const override;
-    ProfileStats* get_profile() const override;
+    snort::ProfileStats* get_profile() const override;
 
     Usage get_usage() const override
     { return INSPECT; }

diff --git a/src/service_inspectors/ssl/ips_ssl_state.cc b/src/service_inspectors/ssl/ips_ssl_state.cc
index b10757cf36ffce17afa0d70e6cacdf4849ab7d7f..67a15796a5db69af36945c8a612d318df5afd27e 100644 (file)
--- a/src/service_inspectors/ssl/ips_ssl_state.cc
+++ b/src/service_inspectors/ssl/ips_ssl_state.cc
@@ -30,6 +30,8 @@
 
 #include "ssl_inspector.h"
 
+using namespace snort;
+
 //-------------------------------------------------------------------------
 // ssl_state
 //-------------------------------------------------------------------------

diff --git a/src/service_inspectors/ssl/ips_ssl_version.cc b/src/service_inspectors/ssl/ips_ssl_version.cc
index 6f9af161123e01f744c0f5602ac48ac2fa88c2eb..63cdeb571aae7257d736e1b6903d409b5819b222 100644 (file)
--- a/src/service_inspectors/ssl/ips_ssl_version.cc
+++ b/src/service_inspectors/ssl/ips_ssl_version.cc
@@ -30,6 +30,8 @@
 
 #include "ssl_inspector.h"
 
+using namespace snort;
+
 //-------------------------------------------------------------------------
 // ssl_version
 //-------------------------------------------------------------------------

diff --git a/src/service_inspectors/ssl/ssl_inspector.cc b/src/service_inspectors/ssl/ssl_inspector.cc
index 3a90b71e3a15991dbdccb052147c486cfcfbb2ae..530356b7f146373f0516ecfa289c73cce9267d68 100644 (file)
--- a/src/service_inspectors/ssl/ssl_inspector.cc
+++ b/src/service_inspectors/ssl/ssl_inspector.cc
@@ -39,6 +39,8 @@
 #include "ssl_module.h"
 #include "ssl_splitter.h"
 
+using namespace snort;
+
 THREAD_LOCAL ProfileStats sslPerfStats;
 THREAD_LOCAL SslStats sslstats;
 

diff --git a/src/service_inspectors/ssl/ssl_inspector.h b/src/service_inspectors/ssl/ssl_inspector.h
index b4694c241f80542f02285b29a24dd3d277dd1239..5baf49f1607edb05ad9fa9316becdeede317208c 100644 (file)
--- a/src/service_inspectors/ssl/ssl_inspector.h
+++ b/src/service_inspectors/ssl/ssl_inspector.h
@@ -36,20 +36,20 @@ struct SSLData
     uint16_t partial_rec_len[4];
 };
 
-class SslFlowData : public FlowData
+class SslFlowData : public snort::FlowData
 {
 public:
     SslFlowData();
     ~SslFlowData() override;
 
     static void init()
-    { inspector_id = FlowData::create_flow_data_id(); }
+    { inspector_id = snort::FlowData::create_flow_data_id(); }
 
 public:
     static unsigned inspector_id;
     SSLData session;
 };
 //Function: API to get the ssl flow data from the packet flow.
-SSLData* get_ssl_session_data(Flow* flow);
+SSLData* get_ssl_session_data(snort::Flow* flow);
 
 #endif

diff --git a/src/service_inspectors/ssl/ssl_module.cc b/src/service_inspectors/ssl/ssl_module.cc
index c8c028e8f242c5a5f92ca754c6b2990991e88e2a..b949e56fe6ddbed8cba61030e7ee4129d0856119 100644 (file)
--- a/src/service_inspectors/ssl/ssl_module.cc
+++ b/src/service_inspectors/ssl/ssl_module.cc
@@ -26,6 +26,7 @@
 
 #include <cassert>
 
+using namespace snort;
 using namespace std;
 
 #define SSL_INVALID_CLIENT_HELLO_STR "invalid client HELLO after server HELLO detected"

diff --git a/src/service_inspectors/ssl/ssl_module.h b/src/service_inspectors/ssl/ssl_module.h
index ca1d4f46bd3ae42507cf3028b2cfdfaa56a8b080..5a8c96f534a4fc774de5759bdc0462cfb5cfb88d 100644 (file)
--- a/src/service_inspectors/ssl/ssl_module.h
+++ b/src/service_inspectors/ssl/ssl_module.h
@@ -36,26 +36,29 @@
 #define SSL_NAME "ssl"
 #define SSL_HELP "ssl inspection"
 
+namespace snort
+{
 struct SnortConfig;
+}
 
-extern THREAD_LOCAL ProfileStats sslPerfStats;
+extern THREAD_LOCAL snort::ProfileStats sslPerfStats;
 
-class SslModule : public Module
+class SslModule : public snort::Module
 {
 public:
     SslModule();
     ~SslModule() override;
 
-    bool set(const char*, Value&, SnortConfig*) override;
-    bool begin(const char*, int, SnortConfig*) override;
+    bool set(const char*, snort::Value&, snort::SnortConfig*) override;
+    bool begin(const char*, int, snort::SnortConfig*) override;
 
     unsigned get_gid() const override
     { return GID_SSL; }
 
-    const RuleMap* get_rules() const override;
+    const snort::RuleMap* get_rules() const override;
     const PegInfo* get_pegs() const override;
     PegCount* get_counts() const override;
-    ProfileStats* get_profile() const override;
+    snort::ProfileStats* get_profile() const override;
 
     Usage get_usage() const override
     { return INSPECT; }

diff --git a/src/service_inspectors/ssl/ssl_splitter.cc b/src/service_inspectors/ssl/ssl_splitter.cc
index 868aa97dc2ec4bbcebbdb6dc423bfa20427d1788..63b9ef90bb788c75a6045717ce3cad1f0f15a609 100644 (file)
--- a/src/service_inspectors/ssl/ssl_splitter.cc
+++ b/src/service_inspectors/ssl/ssl_splitter.cc
@@ -24,6 +24,8 @@
 
 #include "protocols/ssl.h"
 
+using namespace snort;
+
 SslSplitter::SslSplitter(bool c2s) : StreamSplitter(c2s)
 {
     paf_state = SSL_PAF_STATES_START;

diff --git a/src/service_inspectors/ssl/ssl_splitter.h b/src/service_inspectors/ssl/ssl_splitter.h
index f286bf4d754fe6d11f29ba34743d1ef7a57478f5..44fa4f312a120fe600d07fe4dc7453b2ea7c4211 100644 (file)
--- a/src/service_inspectors/ssl/ssl_splitter.h
+++ b/src/service_inspectors/ssl/ssl_splitter.h
@@ -44,12 +44,12 @@ enum SslPafStates
     SSL_PAF_STATES_PAD_V2,  // sslv2, padding byte if needed 
 };
 
-class SslSplitter : public StreamSplitter
+class SslSplitter : public snort::StreamSplitter
 {
 public:
     SslSplitter(bool c2s);
 
-    Status scan(Flow*, const uint8_t* data, uint32_t len,
+    Status scan(snort::Flow*, const uint8_t* data, uint32_t len,
         uint32_t flags, uint32_t* fp) override;
 
     bool is_paf() override

diff --git a/src/service_inspectors/wizard/wiz_module.cc b/src/service_inspectors/wizard/wiz_module.cc
index 9a17186b91753d7968317090c3baef19932b92d8..63fb38208f8b68802c5e8b06cf9b31ceef8b1089 100644 (file)
--- a/src/service_inspectors/wizard/wiz_module.cc
+++ b/src/service_inspectors/wizard/wiz_module.cc
@@ -27,6 +27,7 @@
 #include "curses.h"
 #include "magic.h"
 
+using namespace snort;
 using namespace std;
 
 //-------------------------------------------------------------------------

diff --git a/src/service_inspectors/wizard/wiz_module.h b/src/service_inspectors/wizard/wiz_module.h
index 257aef5b6063aed72e1aeb68bc78b3621604dfe6..4f201df8c2a9f7d9def49566932ba30c991146d6 100644 (file)
--- a/src/service_inspectors/wizard/wiz_module.h
+++ b/src/service_inspectors/wizard/wiz_module.h
@@ -30,24 +30,24 @@
 
 extern const PegInfo wiz_pegs[];
 extern THREAD_LOCAL struct WizStats tstats;
-extern THREAD_LOCAL ProfileStats wizPerfStats;
+extern THREAD_LOCAL snort::ProfileStats wizPerfStats;
 
 class MagicBook;
 class CurseBook;
 
-class WizardModule : public Module
+class WizardModule : public snort::Module
 {
 public:
     WizardModule();
     ~WizardModule() override;
 
-    bool set(const char*, Value&, SnortConfig*) override;
-    bool begin(const char*, int, SnortConfig*) override;
-    bool end(const char*, int, SnortConfig*) override;
+    bool set(const char*, snort::Value&, snort::SnortConfig*) override;
+    bool begin(const char*, int, snort::SnortConfig*) override;
+    bool end(const char*, int, snort::SnortConfig*) override;
 
     const PegInfo* get_pegs() const override;
     PegCount* get_counts() const override;
-    ProfileStats* get_profile() const override;
+    snort::ProfileStats* get_profile() const override;
 
     MagicBook* get_book(bool c2s, bool hex);
     CurseBook* get_curse_book();

diff --git a/src/service_inspectors/wizard/wizard.cc b/src/service_inspectors/wizard/wizard.cc
index c98020b306e6a1dab5b3b7f27272e7789d113d31..eff7e1dd4a93292215ddc64b4cb9ea2cbcd8f251 100644 (file)
--- a/src/service_inspectors/wizard/wizard.cc
+++ b/src/service_inspectors/wizard/wizard.cc
@@ -32,6 +32,7 @@
 #include "magic.h"
 #include "wiz_module.h"
 
+using namespace snort;
 using namespace std;
 
 THREAD_LOCAL ProfileStats wizPerfStats;

diff --git a/src/sfip/sf_cidr.cc b/src/sfip/sf_cidr.cc
index 062b34cd9d9313ab8c39a09978b67b4d6131adda..0eda6d4d533ed7691d257885d123e8e56a747a11 100644 (file)
--- a/src/sfip/sf_cidr.cc
+++ b/src/sfip/sf_cidr.cc
@@ -24,6 +24,8 @@
 
 #include "sf_cidr.h"
 
+using namespace snort;
+
 SfIpRet SfCidr::set(const char* src)
 {
     return addr.set(src, &bits);

diff --git a/src/sfip/sf_cidr.h b/src/sfip/sf_cidr.h
index ce138e8acf805675f72628fa74a43b08e92f943f..7f5ceb63182e90370f8b917dbe6ba5a9db0caf91 100644 (file)
--- a/src/sfip/sf_cidr.h
+++ b/src/sfip/sf_cidr.h
@@ -23,6 +23,8 @@
 
 #include "sfip/sf_ip.h"
 
+namespace snort
+{
 /*
  * NOTE: As much as I'd love to make this a subclass of SfIp, member layout
  * is undefined for POD inheritance.
@@ -174,5 +176,5 @@ inline SfIpRet SfCidr::compare(const SfCidr& cidr2) const
     }
     return ret;
 }
-
+}
 #endif

diff --git a/src/sfip/sf_ip.cc b/src/sfip/sf_ip.cc
index 2ae1832e7d641020cfd9095528008ddcb366d272..a935b5e5bd909f918692016aabc3f6c0fcc5b1ac 100644 (file)
--- a/src/sfip/sf_ip.cc
+++ b/src/sfip/sf_ip.cc
@@ -36,6 +36,8 @@
 
 #include "sf_cidr.h"
 
+using namespace snort;
+
 /* Support function */
 // note that an ip6 address may have a trailing dotted quad form
 // but that it always has at least 2 ':'s; furthermore there is
@@ -391,6 +393,16 @@ const char* SfIp::ntoa() const
     return buf;
 }
 
+bool SfIp::is_mapped() const
+{
+    if (ip32[0] || ip32[1] || ip16[4] || (ip16[5] != 0xffff && ip16[5]))
+        return false;
+
+    return true;
+}
+
+namespace snort
+{
 const char* snort_inet_ntop(int family, const void* ip_raw, char* buf, int bufsize)
 {
     if (!ip_raw || !buf ||
@@ -463,12 +475,4 @@ const char* sfip_ntop(const SfIp* ip, char* buf, int bufsize)
 
     return buf;
 }
-
-bool SfIp::is_mapped() const
-{
-    if (ip32[0] || ip32[1] || ip16[4] || (ip16[5] != 0xffff && ip16[5]))
-        return false;
-
-    return true;
 }
-

diff --git a/src/sfip/sf_ip.h b/src/sfip/sf_ip.h
index 3d57c5c6014a55fe36b85981873f63e8c85f0fe1..45928dea815ef2169e1576603d36afb200af238e 100644 (file)
--- a/src/sfip/sf_ip.h
+++ b/src/sfip/sf_ip.h
@@ -30,6 +30,8 @@
 #include "main/snort_types.h"
 #include "sfip/sf_returns.h"
 
+namespace snort
+{
 struct SfCidr;
 
 struct SO_PUBLIC SfIp
@@ -467,6 +469,6 @@ inline std::ostream& operator<<(std::ostream& os, const SfIp* addr)
 
 // FIXIT-L X This should be in utils_net if anywhere, but that makes it way harder to link into unit tests
 SO_PUBLIC const char* snort_inet_ntop(int family, const void* ip_raw, char* buf, int bufsize);
-
+}
 #endif
 

diff --git a/src/sfip/sf_ipvar.cc b/src/sfip/sf_ipvar.cc
index 79ac4550d33949861a7f2782e3290cd474096924..2903f098b11136617e2bd05d90d380b8f5e0f42e 100644 (file)
--- a/src/sfip/sf_ipvar.cc
+++ b/src/sfip/sf_ipvar.cc
@@ -42,6 +42,8 @@
 #include "utils/util_cstring.h"
 #endif
 
+using namespace snort;
+
 #define LIST_OPEN '['
 #define LIST_CLOSE ']'
 

diff --git a/src/sfip/sf_ipvar.h b/src/sfip/sf_ipvar.h
index b63e23a0320bdcbe9ab5ed33f3bd5bb56d6093fd..7e7f4d15fa3819f03d830df9b3237fb8a597a59b 100644 (file)
--- a/src/sfip/sf_ipvar.h
+++ b/src/sfip/sf_ipvar.h
@@ -37,8 +37,11 @@
 
 #include "sfip/sf_returns.h"
 
+namespace snort
+{
 struct SfIp;
 struct SfCidr;
+}
 
 /* Selects which mode a given variable is using to
  * store and lookup IP addresses */
@@ -51,7 +54,7 @@ typedef enum _modes
 /* Used by the "list" mode.  A doubly linked list of SfIp objects. */
 typedef struct _ip_node
 {
-    SfCidr* ip;
+    snort::SfCidr* ip;
 #define ip_addr ip;   /* To ease porting Snort */
     struct _ip_node* next;
     int flags;
@@ -117,6 +120,6 @@ SfIpRet sfvar_compare(const sfip_var_t* one, const sfip_var_t* two);
 void sfvar_free(sfip_var_t* var);
 
 // returns true if both args are valid and ip is contained by var
-bool sfvar_ip_in(sfip_var_t* var, const SfIp* ip);
+bool sfvar_ip_in(sfip_var_t* var, const snort::SfIp* ip);
 
 #endif

diff --git a/src/sfip/sf_vartable.cc b/src/sfip/sf_vartable.cc
index 1108322906b8d3501c765b62370a0b7215cd0d9d..a942997fa1c2e2c63a06fdae938b30490ec9dc09 100644 (file)
--- a/src/sfip/sf_vartable.cc
+++ b/src/sfip/sf_vartable.cc
@@ -359,7 +359,7 @@ TEST_CASE("SfVarTable_Kitchen_Sink", "[SfVarTable]")
 {
     vartable_t* table;
     sfip_var_t* var;
-    SfIp* ip;
+    snort::SfIp* ip;
     SfIpRet status;
 
     table = sfvt_alloc_table();
@@ -386,7 +386,7 @@ TEST_CASE("SfVarTable_Kitchen_Sink", "[SfVarTable]")
 
     /* Containment tests */
     var = sfvt_lookup_var(table, "goo");
-    ip = (SfIp *)snort_alloc(sizeof(SfIp));
+    ip = (snort::SfIp *)snort_alloc(sizeof(snort::SfIp));
     status = ip->set("192.168.248.255");
     CHECK(SFIP_SUCCESS == status);
     CHECK((sfvar_ip_in(var, ip) == false));
@@ -402,12 +402,12 @@ TEST_CASE("SfVarTable_Kitchen_Sink", "[SfVarTable]")
     /* Check boundary cases */
     var = sfvt_lookup_var(table, "goo");
     snort_free(ip);
-    ip = (SfIp *)snort_alloc(sizeof(SfIp));
+    ip = (snort::SfIp *)snort_alloc(sizeof(snort::SfIp));
     status = ip->set("192.168.0.3");
     CHECK(SFIP_SUCCESS == status);
     CHECK((sfvar_ip_in(var, ip) == false));
     snort_free(ip);
-    ip = (SfIp *)snort_alloc(sizeof(SfIp));
+    ip = (snort::SfIp *)snort_alloc(sizeof(snort::SfIp));
     status = ip->set("192.168.0.2");
     CHECK(SFIP_SUCCESS == status);
     CHECK((sfvar_ip_in(var, ip) == true));

diff --git a/src/sfip/sfip_test.cc b/src/sfip/sfip_test.cc
index d1078fe323e3ad2185ce6a00d5b845259df3e8da..284b1ba9b8b1bc0f73b362e2fb6b7bbd91ee641f 100644 (file)
--- a/src/sfip/sfip_test.cc
+++ b/src/sfip/sfip_test.cc
@@ -28,6 +28,8 @@
 
 #include "sf_cidr.h"
 
+using namespace snort;
+
 //---------------------------------------------------------------
 
 static int s_debug = 0;

diff --git a/src/sfrt/sfrt.cc b/src/sfrt/sfrt.cc
index fd27ac805a584fedc9d5f135ceaf29ba27bad9e6..ad12622f36c191c7d3f1ee7303d0d50f6db0e250 100644 (file)
--- a/src/sfrt/sfrt.cc
+++ b/src/sfrt/sfrt.cc
@@ -86,6 +86,8 @@
 #include "sfip/sf_cidr.h"
 #include "utils/util.h"
 
+using namespace snort;
+
 const char* rt_error_messages[] =
 {
     "Success",

diff --git a/src/sfrt/sfrt.h b/src/sfrt/sfrt.h
index 934d9cec773a6b06c4a2782d5102b85c8de2035e..769cb9aedb03add99c9c9fd57255cae6979439f2 100644 (file)
--- a/src/sfrt/sfrt.h
+++ b/src/sfrt/sfrt.h
@@ -118,14 +118,14 @@ struct table_t
 table_t* sfrt_new(char type, char ip_type, long data_size, uint32_t mem_cap);
 void sfrt_free(table_t*);
 
-GENERIC sfrt_lookup(const SfIp*, table_t*);
-GENERIC sfrt_search(const SfIp*, unsigned char len, table_t*);
+GENERIC sfrt_lookup(const snort::SfIp*, table_t*);
+GENERIC sfrt_search(const snort::SfIp*, unsigned char len, table_t*);
 
 typedef void (* sfrt_iterator_callback)(void*);
 void sfrt_cleanup(table_t*, sfrt_iterator_callback);
 
-int sfrt_insert(SfCidr*, unsigned char len, GENERIC, int behavior, table_t*);
-int sfrt_remove(SfCidr*, unsigned char len, GENERIC*, int behavior, table_t*);
+int sfrt_insert(snort::SfCidr*, unsigned char len, GENERIC, int behavior, table_t*);
+int sfrt_remove(snort::SfCidr*, unsigned char len, GENERIC*, int behavior, table_t*);
 
 uint32_t sfrt_usage(table_t*);
 void sfrt_print(table_t*);

diff --git a/src/sfrt/sfrt_flat.cc b/src/sfrt/sfrt_flat.cc
index 72c1c7ce7a7f8b4549da69bf49bc25508b6f09e5..41f707c6ca4a1a8d811cdc42b14bedc5f1d0fd44 100644 (file)
--- a/src/sfrt/sfrt_flat.cc
+++ b/src/sfrt/sfrt_flat.cc
@@ -26,6 +26,7 @@
 
 #include "sfip/sf_cidr.h"
 
+using namespace snort;
 
 #define MINIMUM_TABLE_MEMORY (768 * 1024)
 

diff --git a/src/sfrt/sfrt_flat.h b/src/sfrt/sfrt_flat.h
index 61383968f15e858cfab8169b7f730c97ec303de3..c5e0ab1b32041efcd703f96b2b181eee0f83ea4d 100644 (file)
--- a/src/sfrt/sfrt_flat.h
+++ b/src/sfrt/sfrt_flat.h
@@ -74,10 +74,10 @@ table_flat_t* sfrt_flat_new(char table_flat_type, char ip_type,
     long data_size, uint32_t mem_cap);
 void sfrt_flat_free(TABLE_PTR table);
 
-GENERIC sfrt_flat_lookup(const SfIp* ip, table_flat_t* table);
-GENERIC sfrt_flat_dir8x_lookup(const SfIp* ip, table_flat_t* table);
+GENERIC sfrt_flat_lookup(const snort::SfIp* ip, table_flat_t* table);
+GENERIC sfrt_flat_dir8x_lookup(const snort::SfIp* ip, table_flat_t* table);
 
-int sfrt_flat_insert(SfCidr* cidr, unsigned char len, INFO ptr, int behavior,
+int sfrt_flat_insert(snort::SfCidr* cidr, unsigned char len, INFO ptr, int behavior,
     table_flat_t* table, updateEntryInfoFunc updateEntry);
 uint32_t sfrt_flat_usage(table_flat_t* table);
 uint32_t sfrt_flat_num_entries(table_flat_t* table);

diff --git a/src/sfrt/sfrt_test.cc b/src/sfrt/sfrt_test.cc
index 684de0a820f7fa33ddaea6d53257df83ad054c6b..7ae86eb6a8a8afcfa0a7b983de322aca3d0b107a 100644 (file)
--- a/src/sfrt/sfrt_test.cc
+++ b/src/sfrt/sfrt_test.cc
@@ -28,6 +28,8 @@
 
 #include "sfrt.h"
 
+using namespace snort;
+
 #define NUM_IPS 32
 #define NUM_DATA 4
 

diff --git a/src/side_channel/side_channel.cc b/src/side_channel/side_channel.cc
index b83d8cd6440afcf186f7348e7b98b879b20d62e0..3ef496124661b40871df9ae258261b631121b00d 100644 (file)
--- a/src/side_channel/side_channel.cc
+++ b/src/side_channel/side_channel.cc
@@ -33,6 +33,8 @@
 #include "managers/connector_manager.h"
 #include "profiler/profiler_defs.h"
 
+using namespace snort;
+
 /* Globals ****************************************************************/
 
 THREAD_LOCAL SimpleStats sc_stats;

diff --git a/src/side_channel/side_channel.h b/src/side_channel/side_channel.h
index 87fdb19bbd84637c74812ddcf2e9fe648e6ceda0..d9a915ad46ea0dc45882fa8c8a11cf7ce3fe4f3d 100644 (file)
--- a/src/side_channel/side_channel.h
+++ b/src/side_channel/side_channel.h
@@ -45,8 +45,8 @@ struct __attribute__((__packed__)) SCMsgHdr
 struct SCMessage
 {
     SideChannel* sc;
-    Connector* connector;
-    ConnectorMsgHandle* handle;
+    snort::Connector* connector;
+    snort::ConnectorMsgHandle* handle;
     SCMsgHdr* hdr;
     uint8_t* content;
     uint32_t content_length;
@@ -70,10 +70,10 @@ public:
     bool transmit_message(SCMessage* msg);
     void set_message_port(SCMessage* msg, SCPort port);
     void set_default_port(SCPort port);
-    Connector::Direction get_direction();
+    snort::Connector::Direction get_direction();
 
-    Connector* connector_receive;
-    Connector* connector_transmit;
+    snort::Connector* connector_receive;
+    snort::Connector* connector_transmit;
 
 private:
     SCSequence sequence;

diff --git a/src/side_channel/side_channel_module.cc b/src/side_channel/side_channel_module.cc
index e76e21ab91dda7edf6ec2d9f04f9e0bea9b34d7e..de5687582ae161b98bb9d6793c3af65883c2e17b 100644 (file)
--- a/src/side_channel/side_channel_module.cc
+++ b/src/side_channel/side_channel_module.cc
@@ -30,6 +30,7 @@
 
 #include "side_channel.h"
 
+using namespace snort;
 
 //-------------------------------------------------------------------------
 // side_channel module

diff --git a/src/side_channel/side_channel_module.h b/src/side_channel/side_channel_module.h
index b9bc9ebfa211028df67ecdb99e150a0b55b3d531..f10b76957a7d6e63655b889cfd7bc2c43071ba81 100644 (file)
--- a/src/side_channel/side_channel_module.h
+++ b/src/side_channel/side_channel_module.h
@@ -34,17 +34,17 @@ struct SideChannelConfig
 };
 
 extern THREAD_LOCAL SimpleStats sc_stats;
-extern THREAD_LOCAL ProfileStats sc_perf_stats;
+extern THREAD_LOCAL snort::ProfileStats sc_perf_stats;
 
-class SideChannelModule : public Module
+class SideChannelModule : public snort::Module
 {
 public:
     SideChannelModule();
     ~SideChannelModule() override;
 
-    bool set(const char*, Value&, SnortConfig*) override;
-    bool begin(const char*, int, SnortConfig*) override;
-    bool end(const char*, int, SnortConfig*) override;
+    bool set(const char*, snort::Value&, snort::SnortConfig*) override;
+    bool begin(const char*, int, snort::SnortConfig*) override;
+    bool end(const char*, int, snort::SnortConfig*) override;
 
     PegCount* get_counts() const override
     { return (PegCount*)&sc_stats; }
@@ -52,7 +52,7 @@ public:
     const PegInfo* get_pegs() const override
     { return simple_pegs; }
 
-    ProfileStats* get_profile() const override;
+    snort::ProfileStats* get_profile() const override;
 
     Usage get_usage() const override
     { return GLOBAL; }

diff --git a/src/side_channel/test/side_channel_module_test.cc b/src/side_channel/test/side_channel_module_test.cc
index e5860b1801a90bcdbebdc1489eb25a3f4d7a1d88..32cc0dbeda362338d7b434faceda904252f7eeec 100644 (file)
--- a/src/side_channel/test/side_channel_module_test.cc
+++ b/src/side_channel/test/side_channel_module_test.cc
@@ -33,6 +33,8 @@
 #include <CppUTest/CommandLineTestRunner.h>
 #include <CppUTest/TestHarness.h>
 
+using namespace snort;
+
 THREAD_LOCAL SimpleStats sc_stats;
 THREAD_LOCAL ProfileStats sc_perf_stats;
 

diff --git a/src/side_channel/test/side_channel_test.cc b/src/side_channel/test/side_channel_test.cc
index f6dccb1f34ea6b17a042d386b8b6d02890c11161..3d6bf8be0ee28fd297447682b8d59429a2c3d0be 100644 (file)
--- a/src/side_channel/test/side_channel_test.cc
+++ b/src/side_channel/test/side_channel_test.cc
@@ -32,6 +32,8 @@
 #include <CppUTest/CommandLineTestRunner.h>
 #include <CppUTest/TestHarness.h>
 
+using namespace snort;
+
 class TestConnectorMsgHandle : public ConnectorMsgHandle
 {
 public:

diff --git a/src/stream/base/stream_base.cc b/src/stream/base/stream_base.cc
index f20c93298be458039c4ea93cd1c30052a51b6e9d..2eb5ff0f461387f7b204bcaa57e5a087ea4952e8 100644 (file)
--- a/src/stream/base/stream_base.cc
+++ b/src/stream/base/stream_base.cc
@@ -30,6 +30,8 @@
 #include "stream_ha.h"
 #include "stream_module.h"
 
+using namespace snort;
+
 //-------------------------------------------------------------------------
 // stats
 //-------------------------------------------------------------------------

diff --git a/src/stream/base/stream_ha.cc b/src/stream/base/stream_ha.cc
index ab4ec44bb93511e3fe0834e7634701b8044b5eb1..52e2d773c3f6d338aed81e2a13a441c0106f895e 100644 (file)
--- a/src/stream/base/stream_ha.cc
+++ b/src/stream/base/stream_ha.cc
@@ -31,6 +31,8 @@
 #include "managers/inspector_manager.h"
 #include "stream/stream.h"
 
+using namespace snort;
+
 // HA Session flags helper macros
 #define HA_IGNORED_SESSION_FLAGS \
     (SSNFLAG_COUNTED_INITIALIZE | SSNFLAG_COUNTED_ESTABLISH | SSNFLAG_COUNTED_CLOSING)

diff --git a/src/stream/base/stream_ha.h b/src/stream/base/stream_ha.h
index 6feaeb2466327cee6313efc60188933d86a7e18c..07947f7f523e572a95c6b32e453a29c0e188b799 100644 (file)
--- a/src/stream/base/stream_ha.h
+++ b/src/stream/base/stream_ha.h
@@ -28,8 +28,8 @@
 class __attribute__((__packed__)) SessionHAContent
 {
 public:
-    LwState ssn_state;
-    Flow::FlowState flow_state;
+    snort::LwState ssn_state;
+    snort::Flow::FlowState flow_state;
     uint8_t flags;
     static const uint8_t FLAG_LOW = 0x01; // client address / port is low in key
     static const uint8_t FLAG_IP6 = 0x02; // key addresses are ip6
@@ -39,10 +39,10 @@ class StreamHAClient : public FlowHAClient
 {
 public:
     StreamHAClient() : FlowHAClient(sizeof(SessionHAContent), true) { }
-    bool consume(Flow*&, FlowKey*, HAMessage*) override;
-    bool produce(Flow*, HAMessage*) override;
-    bool is_update_required(Flow*) override;
-    bool is_delete_required(Flow*) override;
+    bool consume(snort::Flow*&, FlowKey*, HAMessage*) override;
+    bool produce(snort::Flow*, HAMessage*) override;
+    bool is_update_required(snort::Flow*) override;
+    bool is_delete_required(snort::Flow*) override;
 
 private:
 };
@@ -52,10 +52,10 @@ class ProtocolHA
 public:
     ProtocolHA(PktType);
     virtual ~ProtocolHA();
-    virtual void delete_session(Flow*) { }
-    virtual Flow* create_session(FlowKey*) { return nullptr; }
-    virtual void deactivate_session(Flow*) { }
-    virtual void process_deletion(Flow*);
+    virtual void delete_session(snort::Flow*) { }
+    virtual snort::Flow* create_session(FlowKey*) { return nullptr; }
+    virtual void deactivate_session(snort::Flow*) { }
+    virtual void process_deletion(snort::Flow*);
 
 private:
 };

diff --git a/src/stream/base/stream_module.cc b/src/stream/base/stream_module.cc
index 4ae1d126c53d25533b296e33f94563ef191ae3f9..65d2cd1871dceebc73a1ffa77fc467152e128099 100644 (file)
--- a/src/stream/base/stream_module.cc
+++ b/src/stream/base/stream_module.cc
@@ -24,6 +24,7 @@
 
 #include "stream_module.h"
 
+using namespace snort;
 using namespace std;
 
 //-------------------------------------------------------------------------

diff --git a/src/stream/base/stream_module.h b/src/stream/base/stream_module.h
index bf7795b5a0b7f0f0fee2a1b060274692001f0812..70e7e2ac6092f56dc7d34c546daa5c7c5fe03f86 100644 (file)
--- a/src/stream/base/stream_module.h
+++ b/src/stream/base/stream_module.h
@@ -24,8 +24,12 @@
 #include "flow/flow_config.h"
 #include "framework/module.h"
 
-extern THREAD_LOCAL ProfileStats s5PerfStats;
+extern THREAD_LOCAL snort::ProfileStats s5PerfStats;
+
+namespace snort
+{
 struct SnortConfig;
+}
 
 //-------------------------------------------------------------------------
 // stream module
@@ -71,17 +75,17 @@ struct StreamModuleConfig
     bool ip_frags_only;
 };
 
-class StreamModule : public Module
+class StreamModule : public snort::Module
 {
 public:
     StreamModule();
 
-    bool begin(const char*, int, SnortConfig*) override;
-    bool set(const char*, Value&, SnortConfig*) override;
+    bool begin(const char*, int, snort::SnortConfig*) override;
+    bool set(const char*, snort::Value&, snort::SnortConfig*) override;
 
     const PegInfo* get_pegs() const override;
     PegCount* get_counts() const override;
-    ProfileStats* get_profile() const override;
+    snort::ProfileStats* get_profile() const override;
     const StreamModuleConfig* get_data();
 
     void sum_stats(bool) override;

diff --git a/src/stream/file/file_module.cc b/src/stream/file/file_module.cc
index 3699c4a8f101b4c9c892e1f62ef8ea3c88089099..4f9c87919db60e92849d329c4fde304bb7606ebe 100644 (file)
--- a/src/stream/file/file_module.cc
+++ b/src/stream/file/file_module.cc
@@ -23,6 +23,7 @@
 
 #include "file_module.h"
 
+using namespace snort;
 using namespace std;
 
 //-------------------------------------------------------------------------

diff --git a/src/stream/file/file_module.h b/src/stream/file/file_module.h
index 69cf4cc024a4b56cb939825ac055e0fe03d469b4..025d6042298bcf502defe3d728fbb097cfa99e07 100644 (file)
--- a/src/stream/file/file_module.h
+++ b/src/stream/file/file_module.h
@@ -22,11 +22,14 @@
 
 #include "framework/module.h"
 
+namespace snort
+{
 struct SnortConfig;
+}
 
 extern const PegInfo file_pegs[];
 extern THREAD_LOCAL struct FileStats file_stats;
-extern THREAD_LOCAL ProfileStats file_perf_stats;
+extern THREAD_LOCAL snort::ProfileStats file_perf_stats;
 
 //-------------------------------------------------------------------------
 // stream_file module
@@ -35,13 +38,13 @@ extern THREAD_LOCAL ProfileStats file_perf_stats;
 #define MOD_NAME "stream_file"
 #define MOD_HELP "stream inspector for file flow tracking and processing"
 
-class StreamFileModule : public Module
+class StreamFileModule : public snort::Module
 {
 public:
     StreamFileModule();
 
-    bool begin(const char*, int, SnortConfig*) override;
-    bool set(const char*, Value&, SnortConfig*) override;
+    bool begin(const char*, int, snort::SnortConfig*) override;
+    bool set(const char*, snort::Value&, snort::SnortConfig*) override;
 
     Usage get_usage() const override
     { return INSPECT; }

diff --git a/src/stream/file/file_session.cc b/src/stream/file/file_session.cc
index 24ebba7eebb6c5241b65811a4f44ddc4ce7ab1d7..e5f2c9d0ae8c9ad0f2074d5c5b369cb8ff0a108a 100644 (file)
--- a/src/stream/file/file_session.cc
+++ b/src/stream/file/file_session.cc
@@ -32,6 +32,8 @@
 
 #include "stream_file.h"
 
+using namespace snort;
+
 #define DECODE_PDU (DECODE_SOF | DECODE_EOF)
 
 static THREAD_LOCAL ProfileStats file_ssn_stats;

diff --git a/src/stream/file/file_session.h b/src/stream/file/file_session.h
index e8e747a8a7dd83959edb6acc7444b067f23014ef..7b0b055cbe75d778bb8b2218ae0fe210f8fe5632 100644 (file)
--- a/src/stream/file/file_session.h
+++ b/src/stream/file/file_session.h
@@ -25,11 +25,11 @@
 class FileSession : public Session
 {
 public:
-    FileSession(Flow*);
+    FileSession(snort::Flow*);
 
-    bool setup(Packet*) override;
+    bool setup(snort::Packet*) override;
     void clear() override;
-    int process(Packet*) override;
+    int process(snort::Packet*) override;
 
     bool is_sequenced(uint8_t /*dir*/) override
     { return true; }
@@ -41,9 +41,9 @@ public:
     { return SSN_MISSING_NONE; }
 
 private:
-    void start(Packet*, Flow*);
-    void update(Packet*, Flow*);
-    void end(Packet*, Flow*);
+    void start(snort::Packet*, snort::Flow*);
+    void update(snort::Packet*, snort::Flow*);
+    void end(snort::Packet*, snort::Flow*);
 };
 
 #endif

diff --git a/src/stream/file/stream_file.cc b/src/stream/file/stream_file.cc
index 7d5c3414466590a9076bef82beea06fe36938130..36c17c8155a664fdf537bd833fa98659f60f321e 100644 (file)
--- a/src/stream/file/stream_file.cc
+++ b/src/stream/file/stream_file.cc
@@ -26,6 +26,8 @@
 #include "file_module.h"
 #include "file_session.h"
 
+using namespace snort;
+
 //-------------------------------------------------------------------------
 // inspector stuff
 //-------------------------------------------------------------------------

diff --git a/src/stream/file/stream_file.h b/src/stream/file/stream_file.h
index 25da65a0c8f8989462c9cbe2930feed6ea3b1398..7eb12746668acacfa235b5dcd27f4a0e24b25290 100644 (file)
--- a/src/stream/file/stream_file.h
+++ b/src/stream/file/stream_file.h
@@ -20,11 +20,16 @@
 #ifndef STREAM_FILE_H
 #define STREAM_FILE_H
 
+namespace snort
+{
+class Inspector;
+}
+
 struct StreamFileConfig
 {
     bool upload;
 };
 
-StreamFileConfig* get_file_cfg(class Inspector*);
+StreamFileConfig* get_file_cfg(snort::Inspector*);
 
 #endif

diff --git a/src/stream/flush_bucket.cc b/src/stream/flush_bucket.cc
index ec98e62223da9b663dec7e29328d99b2ce4f6fb8..ae08a10fe4845e5719293f76552782f04f062bda 100644 (file)
--- a/src/stream/flush_bucket.cc
+++ b/src/stream/flush_bucket.cc
@@ -42,7 +42,7 @@ void FlushBucket::set(unsigned sz)
     if ( sz )
         s_flush_bucket = new ConstFlushBucket(sz);
 
-    else if ( SnortConfig::static_hash() )
+    else if ( snort::SnortConfig::static_hash() )
         s_flush_bucket = new StaticFlushBucket;
 
     else

diff --git a/src/stream/icmp/icmp_ha.cc b/src/stream/icmp/icmp_ha.cc
index 332f78a9dab1f4449d8850a8908938d2d1147a4c..23f28d10971078cb442faa51bd325c1c76f93d12 100644 (file)
--- a/src/stream/icmp/icmp_ha.cc
+++ b/src/stream/icmp/icmp_ha.cc
@@ -26,6 +26,8 @@
 #include "stream/icmp/icmp_session.h"
 #include "stream/stream.h"
 
+using namespace snort;
+
 Flow* IcmpHA::create_session(FlowKey* key)
 {
     assert(key);

diff --git a/src/stream/icmp/icmp_ha.h b/src/stream/icmp/icmp_ha.h
index 9cf742ef5016dd2c9be6e30fa03b3ff65c0d811e..203cfd6dceae93a6762de10562a41a2deb73d477 100644 (file)
--- a/src/stream/icmp/icmp_ha.h
+++ b/src/stream/icmp/icmp_ha.h
@@ -24,13 +24,16 @@
 
 //-------------------------------------------------------------------------
 
+namespace snort
+{
 class Flow;
+}
 
 class IcmpHA : public ProtocolHA
 {
 public:
     IcmpHA() : ProtocolHA(PktType::ICMP) { }
-    Flow* create_session(FlowKey*) override;
+    snort::Flow* create_session(FlowKey*) override;
 
 private:
 };
@@ -38,7 +41,7 @@ private:
 class IcmpHAManager
 {
 public:
-    static void process_deletion(Flow* flow);
+    static void process_deletion(snort::Flow* flow);
     static void tinit();
     static void tterm();
     static THREAD_LOCAL IcmpHA* icmp_ha;

diff --git a/src/stream/icmp/icmp_module.cc b/src/stream/icmp/icmp_module.cc
index 9a1dda8249404ee7fe2b4a8c746aa754604064d5..abd5bc391a3e2e71b4246d2ed06af43d869829f1 100644 (file)
--- a/src/stream/icmp/icmp_module.cc
+++ b/src/stream/icmp/icmp_module.cc
@@ -26,6 +26,7 @@
 
 #include "stream_icmp.h"
 
+using namespace snort;
 using namespace std;
 
 //-------------------------------------------------------------------------

diff --git a/src/stream/icmp/icmp_module.h b/src/stream/icmp/icmp_module.h
index d738c6e82b92c0ab31baa1b5365bd9b49cb721c5..32140ead4879eb6822015acbe373200d33910b5a 100644 (file)
--- a/src/stream/icmp/icmp_module.h
+++ b/src/stream/icmp/icmp_module.h
@@ -26,9 +26,12 @@
 
 extern const PegInfo icmp_pegs[];
 extern THREAD_LOCAL struct IcmpStats icmpStats;
-extern THREAD_LOCAL ProfileStats icmp_perf_stats;
+extern THREAD_LOCAL snort::ProfileStats icmp_perf_stats;
 
+namespace snort
+{
 struct SnortConfig;
+}
 
 struct IcmpStats
 {
@@ -44,15 +47,15 @@ struct IcmpStats
 
 struct StreamIcmpConfig;
 
-class StreamIcmpModule : public Module
+class StreamIcmpModule : public snort::Module
 {
 public:
     StreamIcmpModule();
-    bool set(const char*, Value&, SnortConfig*) override;
-    bool begin(const char*, int, SnortConfig*) override;
-    bool end(const char*, int, SnortConfig*) override;
+    bool set(const char*, snort::Value&, snort::SnortConfig*) override;
+    bool begin(const char*, int, snort::SnortConfig*) override;
+    bool end(const char*, int, snort::SnortConfig*) override;
 
-    ProfileStats* get_profile() const override;
+    snort::ProfileStats* get_profile() const override;
     const PegInfo* get_pegs() const override;
     PegCount* get_counts() const override;
 

diff --git a/src/stream/icmp/icmp_session.cc b/src/stream/icmp/icmp_session.cc
index a1f5077562d4c05933eb179e986feac023763836..b2907267f35c7b268188bcda140997a0d700726a 100644 (file)
--- a/src/stream/icmp/icmp_session.cc
+++ b/src/stream/icmp/icmp_session.cc
@@ -36,6 +36,8 @@
 #include "icmp_module.h"
 #include "stream_icmp.h"
 
+using namespace snort;
+
 const PegInfo icmp_pegs[] =
 {
     SESSION_PEGS("icmp"),

diff --git a/src/stream/icmp/icmp_session.h b/src/stream/icmp/icmp_session.h
index 07fa13f10ba02f819ef6e323b3833e06908b2556..93d197744a100e59818279562dddfc4e493b0152 100644 (file)
--- a/src/stream/icmp/icmp_session.h
+++ b/src/stream/icmp/icmp_session.h
@@ -25,11 +25,11 @@
 class IcmpSession : public Session
 {
 public:
-    IcmpSession(Flow*);
+    IcmpSession(snort::Flow*);
 
-    bool setup(Packet*) override;
-    void update_direction(char dir, const SfIp*, uint16_t port) override;
-    int process(Packet*) override;
+    bool setup(snort::Packet*) override;
+    void update_direction(char dir, const snort::SfIp*, uint16_t port) override;
+    int process(snort::Packet*) override;
     void clear() override;
 
 public:

diff --git a/src/stream/icmp/stream_icmp.cc b/src/stream/icmp/stream_icmp.cc
index 39884a271855848f31d1b708483ca82d8249f511..e501d6a18a45a2fa3ea44d57fe83e81c2d1d4c3c 100644 (file)
--- a/src/stream/icmp/stream_icmp.cc
+++ b/src/stream/icmp/stream_icmp.cc
@@ -29,6 +29,8 @@
 #include "icmp_module.h"
 #include "icmp_session.h"
 
+using namespace snort;
+
 //-------------------------------------------------------------------------
 // helpers
 //-------------------------------------------------------------------------

diff --git a/src/stream/ip/ip_defrag.cc b/src/stream/ip/ip_defrag.cc
index 827cde4de8797c5860b34e4e865816097b83515c..c10fa9c6a4c2c8cf34ce168cfe753b79187f1fe9 100644 (file)
--- a/src/stream/ip/ip_defrag.cc
+++ b/src/stream/ip/ip_defrag.cc
@@ -87,6 +87,8 @@
 #include "ip_session.h"
 #include "stream_ip.h"
 
+using namespace snort;
+
 /*  D E F I N E S  **************************************************/
 
 /* flags for the FragTracker->frag_flags field */
@@ -720,7 +722,7 @@ static void FragRebuild(FragTracker* ft, Packet* p)
 
     DetectionEngine de;
     de.set_encode_packet(p);
-    Snort::process_packet(dpkt, dpkt->pkth, dpkt->pkt, true);
+    snort::Snort::process_packet(dpkt, dpkt->pkth, dpkt->pkt, true);
     de.set_encode_packet(nullptr);
 
     trace_log(stream_ip, "Done with rebuilt packet, marking rebuilt...\n");

diff --git a/src/stream/ip/ip_defrag.h b/src/stream/ip/ip_defrag.h
index 4e3f0fd057526cc03f8bb915d3c38e1e2867bbd4..44614ebe1896bfafd68ecc73fc1bb83bfbb0f65e 100644 (file)
--- a/src/stream/ip/ip_defrag.h
+++ b/src/stream/ip/ip_defrag.h
@@ -28,25 +28,28 @@
 struct FragEngine;
 struct FragTracker;
 struct Fragment;
+namespace snort
+{
 struct Packet;
 struct SnortConfig;
+}
 
 class Defrag
 {
 public:
     Defrag(FragEngine&);
 
-    bool configure(SnortConfig*);
-    void show(SnortConfig*);
+    bool configure(snort::SnortConfig*);
+    void show(snort::SnortConfig*);
 
-    void process(Packet*, FragTracker*);
+    void process(snort::Packet*, FragTracker*);
     void cleanup(FragTracker*);
 
     static void init();
 
 private:
-    int insert(Packet*, FragTracker*, FragEngine*);
-    int new_tracker(Packet* p, FragTracker*);
+    int insert(snort::Packet*, FragTracker*, FragEngine*);
+    int new_tracker(snort::Packet* p, FragTracker*);
 
     int add_frag_node(  // FIXIT-L too many args
         FragTracker* ft, FragEngine*,
@@ -56,7 +59,7 @@ private:
         Fragment* left, Fragment** retFrag);
 
     int dup_frag_node(FragTracker*, Fragment* left, Fragment** retFrag);
-    int expired(Packet*, FragTracker*, FragEngine*);
+    int expired(snort::Packet*, FragTracker*, FragEngine*);
 
 private:
     FragEngine& engine;

diff --git a/src/stream/ip/ip_ha.cc b/src/stream/ip/ip_ha.cc
index fdd1c2435131617f74e653124a2922a90f25a406..c48df51e58edafa1dd03a0efbad71221e0134204 100644 (file)
--- a/src/stream/ip/ip_ha.cc
+++ b/src/stream/ip/ip_ha.cc
@@ -27,6 +27,8 @@
 
 #include "ip_session.h"
 
+using namespace snort;
+
 Flow* IpHA::create_session(FlowKey* key)
 {
     assert(key);

diff --git a/src/stream/ip/ip_ha.h b/src/stream/ip/ip_ha.h
index 633bce519d486a251cb8ddc3fa90f8af72710467..f6e7b397f525beef04f5c98b754173bc868fd0a2 100644 (file)
--- a/src/stream/ip/ip_ha.h
+++ b/src/stream/ip/ip_ha.h
@@ -24,13 +24,16 @@
 
 //-------------------------------------------------------------------------
 
+namespace snort
+{
 class Flow;
+}
 
 class IpHA : public ProtocolHA
 {
 public:
     IpHA() : ProtocolHA(PktType::IP) { }
-    Flow* create_session(FlowKey*) override;
+    snort::Flow* create_session(FlowKey*) override;
 
 private:
 };
@@ -38,7 +41,7 @@ private:
 class IpHAManager
 {
 public:
-    static void process_deletion(Flow* flow);
+    static void process_deletion(snort::Flow* flow);
     static void tinit();
     static void tterm();
     static THREAD_LOCAL IpHA* ip_ha;

diff --git a/src/stream/ip/ip_module.cc b/src/stream/ip/ip_module.cc
index 67ec74b9f4de7607cfa93f09445366dc36b872ca..02ea8fd38c78908d30d34b303b722ddb5b2f8ca7 100644 (file)
--- a/src/stream/ip/ip_module.cc
+++ b/src/stream/ip/ip_module.cc
@@ -27,6 +27,7 @@
 #include "ip_session.h"
 #include "stream_ip.h"
 
+using namespace snort;
 using namespace std;
 
 #define DEFRAG_IPOPTIONS_STR \

diff --git a/src/stream/ip/ip_module.h b/src/stream/ip/ip_module.h
index 2b964868e26ec6043b56db8e622ae893839ab8c9..c8afd3e2a561007b9f9b17bab848e19c4ec25298 100644 (file)
--- a/src/stream/ip/ip_module.h
+++ b/src/stream/ip/ip_module.h
@@ -25,7 +25,10 @@
 #include "framework/module.h"
 #include "main/snort_debug.h"
 
+namespace snort
+{
 struct SnortConfig;
+}
 
 #define GLOBAL_KEYWORD "defrag"
 #define ENGINE_KEYWORD "defrag_engine"
@@ -79,10 +82,10 @@ struct IpStats
 };
 
 extern const PegInfo ip_pegs[];
-extern THREAD_LOCAL ProfileStats ip_perf_stats;
-extern THREAD_LOCAL ProfileStats fragPerfStats;
-extern THREAD_LOCAL ProfileStats fragInsertPerfStats;
-extern THREAD_LOCAL ProfileStats fragRebuildPerfStats;
+extern THREAD_LOCAL snort::ProfileStats ip_perf_stats;
+extern THREAD_LOCAL snort::ProfileStats fragPerfStats;
+extern THREAD_LOCAL snort::ProfileStats fragInsertPerfStats;
+extern THREAD_LOCAL snort::ProfileStats fragRebuildPerfStats;
 extern Trace TRACE_NAME(stream_ip);
 
 //-------------------------------------------------------------------------
@@ -94,18 +97,18 @@ extern Trace TRACE_NAME(stream_ip);
 
 struct StreamIpConfig;
 
-class StreamIpModule : public Module
+class StreamIpModule : public snort::Module
 {
 public:
     StreamIpModule();
     ~StreamIpModule() override;
 
-    bool set(const char*, Value&, SnortConfig*) override;
-    bool begin(const char*, int, SnortConfig*) override;
-    bool end(const char*, int, SnortConfig*) override;
+    bool set(const char*, snort::Value&, snort::SnortConfig*) override;
+    bool begin(const char*, int, snort::SnortConfig*) override;
+    bool end(const char*, int, snort::SnortConfig*) override;
 
-    const RuleMap* get_rules() const override;
-    ProfileStats* get_profile(unsigned, const char*&, const char*&) const override;
+    const snort::RuleMap* get_rules() const override;
+    snort::ProfileStats* get_profile(unsigned, const char*&, const char*&) const override;
     const PegInfo* get_pegs() const override;
     PegCount* get_counts() const override;
     StreamIpConfig* get_data();

diff --git a/src/stream/ip/ip_session.cc b/src/stream/ip/ip_session.cc
index ff4fddd3017874a46ccebf6ebb99d6372054cd97..f07ce225973d046a48170d3cb8c1ad81dff0b360 100644 (file)
--- a/src/stream/ip/ip_session.cc
+++ b/src/stream/ip/ip_session.cc
@@ -30,6 +30,8 @@
 #include "ip_ha.h"
 #include "stream_ip.h"
 
+using namespace snort;
+
 const PegInfo ip_pegs[] =
 {
     SESSION_PEGS("ip"),

diff --git a/src/stream/ip/ip_session.h b/src/stream/ip/ip_session.h
index 9d2865bfd2f2148a10c441c753cad0c124bddbba..d9cccec7fa5e8e3b22c92df2430b89f466673a74 100644 (file)
--- a/src/stream/ip/ip_session.h
+++ b/src/stream/ip/ip_session.h
@@ -75,14 +75,14 @@ struct FragTracker
 class IpSession : public Session
 {
 public:
-    IpSession(Flow*);
+    IpSession(snort::Flow*);
 
-    bool setup(Packet*) override;
-    int process(Packet*) override;
+    bool setup(snort::Packet*) override;
+    int process(snort::Packet*) override;
     void clear() override;
 
-    bool add_alert(Packet*, uint32_t gid, uint32_t sid) override;
-    bool check_alerted(Packet*, uint32_t gid, uint32_t sid) override;
+    bool add_alert(snort::Packet*, uint32_t gid, uint32_t sid) override;
+    bool check_alerted(snort::Packet*, uint32_t gid, uint32_t sid) override;
 
 public:
     FragTracker tracker;

diff --git a/src/stream/ip/stream_ip.cc b/src/stream/ip/stream_ip.cc
index 24caa04b81512ea70aacfb8d8541eb1ac879f4e5..d30f6bc36fe3b75f6f3284b5be62599bc58f23fb 100644 (file)
--- a/src/stream/ip/stream_ip.cc
+++ b/src/stream/ip/stream_ip.cc
@@ -30,6 +30,8 @@
 #include "ip_module.h"
 #include "ip_session.h"
 
+using namespace snort;
+
 /* max frags in a single frag tracker */
 #define DEFAULT_MAX_FRAGS 8192
 

diff --git a/src/stream/ip/stream_ip.h b/src/stream/ip/stream_ip.h
index 53ad7990667342d5ff486c3e673667b9e88639c9..ca499237dcbd9e35de830c2dfa2a37ba3f2d94e5 100644 (file)
--- a/src/stream/ip/stream_ip.h
+++ b/src/stream/ip/stream_ip.h
@@ -63,8 +63,8 @@ struct StreamIpConfig
     StreamIpConfig();
 };
 
-StreamIpConfig* get_ip_cfg(Inspector*);
-class Defrag* get_defrag(Inspector*);
+StreamIpConfig* get_ip_cfg(snort::Inspector*);
+class Defrag* get_defrag(snort::Inspector*);
 
 #endif
 

diff --git a/src/stream/libtcp/stream_tcp_unit_test.cc b/src/stream/libtcp/stream_tcp_unit_test.cc
index 0ff3a3ecc276a5ef680ce9a03950d66b86c1bc9b..a8661e11a967ad8ff10e4d4ef707e24df04b3666 100644 (file)
--- a/src/stream/libtcp/stream_tcp_unit_test.cc
+++ b/src/stream/libtcp/stream_tcp_unit_test.cc
@@ -35,6 +35,8 @@
 #include "protocols/tcp.h"
 #include "stream/tcp/tcp_session.h"
 
+using namespace snort;
+
 // SYN PACKET
 // IP 192.168.0.89.9012 > p3nlh044.shr.prod.phx3.secureserver.net.http: Flags [S], seq 9050, win
 // 8192, length 0

diff --git a/src/stream/libtcp/stream_tcp_unit_test.h b/src/stream/libtcp/stream_tcp_unit_test.h
index 6e74ba84d6cf9edbccb57bacd4f553f3e0507a73..a8eb53744e3393ae647e1af9d506b1c3e3989cc3 100644 (file)
--- a/src/stream/libtcp/stream_tcp_unit_test.h
+++ b/src/stream/libtcp/stream_tcp_unit_test.h
@@ -22,17 +22,20 @@
 #ifndef STREAM_LIBTCP_UNIT_TEST_H
 #define STREAM_LIBTCP_UNIT_TEST_H
 
+namespace snort
+{
 class Flow;
 struct Packet;
+}
 
-Packet* get_syn_packet(Flow*);
-Packet* get_syn_ack_packet(Flow*);
-Packet* get_ack_packet(Flow*);
-Packet* get_fin_packet(Flow*);
-Packet* get_rst_packet(Flow*);
-Packet* get_data_packet(Flow*);
+snort::Packet* get_syn_packet(snort::Flow*);
+snort::Packet* get_syn_ack_packet(snort::Flow*);
+snort::Packet* get_ack_packet(snort::Flow*);
+snort::Packet* get_fin_packet(snort::Flow*);
+snort::Packet* get_rst_packet(snort::Flow*);
+snort::Packet* get_data_packet(snort::Flow*);
 
-void release_packet(Packet*);
+void release_packet(snort::Packet*);
 
 #endif
 

diff --git a/src/stream/libtcp/tcp_segment_descriptor.cc b/src/stream/libtcp/tcp_segment_descriptor.cc
index 648a215016bf7ca932153663d87c5fb2017a7411..39c75fd70be91e37e5758a2bd22a34a1de8146ae 100644 (file)
--- a/src/stream/libtcp/tcp_segment_descriptor.cc
+++ b/src/stream/libtcp/tcp_segment_descriptor.cc
@@ -30,7 +30,7 @@
 #include "protocols/tcp_options.h"
 #include "stream/tcp/tcp_defs.h"
 
-using namespace tcp;
+using namespace snort;
 
 TcpSegmentDescriptor::TcpSegmentDescriptor(Flow* flow, Packet* pkt, TcpEventLogger& tel) :
     flow(flow), pkt(pkt)
@@ -57,10 +57,10 @@ uint32_t TcpSegmentDescriptor::init_mss(uint16_t* value)
 {
     DebugMessage(DEBUG_STREAM_STATE, "Getting MSS...\n");
 
-    TcpOptIterator iter(tcph, pkt);
-    for ( const TcpOption& opt : iter )
+    tcp::TcpOptIterator iter(tcph, pkt);
+    for ( const tcp::TcpOption& opt : iter )
     {
-        if ( opt.code == TcpOptCode::MAXSEG )
+        if ( opt.code == tcp::TcpOptCode::MAXSEG )
         {
             *value = extract_16bits(opt.data);
             DebugFormat(DEBUG_STREAM_STATE, "Found MSS %hu\n", *value);
@@ -79,11 +79,11 @@ uint32_t TcpSegmentDescriptor::init_wscale(uint16_t* value)
 {
     DebugMessage(DEBUG_STREAM_STATE, "Getting wscale...\n");
 
-    TcpOptIterator iter(tcph, pkt);
+    tcp::TcpOptIterator iter(tcph, pkt);
 
-    for (const TcpOption& opt : iter)
+    for (const tcp::TcpOption& opt : iter)
     {
-        if (opt.code == TcpOptCode::WSCALE)
+        if (opt.code == tcp::TcpOptCode::WSCALE)
         {
             *value = (uint16_t)opt.data[0];
             DebugFormat(DEBUG_STREAM_STATE, "Found wscale %d\n", *value);

diff --git a/src/stream/libtcp/tcp_segment_descriptor.h b/src/stream/libtcp/tcp_segment_descriptor.h
index 451bb61098e87380ad11f3819ae7fefc783efb70..8af45098c30bbc9c54e0caf7c8dfc925ed48aa56 100644 (file)
--- a/src/stream/libtcp/tcp_segment_descriptor.h
+++ b/src/stream/libtcp/tcp_segment_descriptor.h
@@ -30,24 +30,24 @@
 class TcpSegmentDescriptor
 {
 public:
-    TcpSegmentDescriptor(Flow*, Packet*, TcpEventLogger&);
+    TcpSegmentDescriptor(snort::Flow*, snort::Packet*, TcpEventLogger&);
     virtual ~TcpSegmentDescriptor() = default;
 
     uint32_t init_mss(uint16_t* value);
     uint32_t init_wscale(uint16_t* value);
     bool has_wscale();
 
-    Flow* get_flow() const
+    snort::Flow* get_flow() const
     {
         return flow;
     }
 
-    Packet* get_pkt() const
+    snort::Packet* get_pkt() const
     {
         return pkt;
     }
 
-    const tcp::TCPHdr* get_tcph() const
+    const snort::tcp::TCPHdr* get_tcph() const
     {
         return tcph;
     }
@@ -145,10 +145,10 @@ public:
     }
 
 private:
-    Flow* flow;
-    Packet* pkt;
+    snort::Flow* flow;
+    snort::Packet* pkt;
 
-    const tcp::TCPHdr* tcph;
+    const snort::tcp::TCPHdr* tcph;
     uint16_t src_port;
     uint16_t dst_port;
     uint32_t seg_seq;

diff --git a/src/stream/libtcp/tcp_stream_session.cc b/src/stream/libtcp/tcp_stream_session.cc
index ebde2085baccb2803bc821253144079c9d17bd45..a271a744e322cf58d358d8f6a5c9512e8b09fea5 100644 (file)
--- a/src/stream/libtcp/tcp_stream_session.cc
+++ b/src/stream/libtcp/tcp_stream_session.cc
@@ -29,6 +29,8 @@
 #include "main/snort_debug.h"
 #include "stream/tcp/tcp_ha.h"
 
+using namespace snort;
+
 #ifdef DEBUG_MSGS
 const char* const flush_policy_names[] =
 {
@@ -38,10 +40,6 @@ const char* const flush_policy_names[] =
 };
 #endif
 
-TcpStreamSession::TcpStreamSession(Flow* flow) : Session(flow)
-{
-}
-
 TcpStreamSession::~TcpStreamSession()
 {
     if (tcp_init)

diff --git a/src/stream/libtcp/tcp_stream_session.h b/src/stream/libtcp/tcp_stream_session.h
index 1258816198d7e2467fb46ec7b8fdce4d491e5204..9b2bcda3a83da3fd17fe4ce5d718d90eea973d7d 100644 (file)
--- a/src/stream/libtcp/tcp_stream_session.h
+++ b/src/stream/libtcp/tcp_stream_session.h
@@ -38,22 +38,22 @@ extern const char* const flush_policy_names[];
 class TcpStreamSession : public Session
 {
 public:
-    TcpStreamSession(Flow*);
+    TcpStreamSession(snort::Flow* flow) : Session(flow) { }
     ~TcpStreamSession() override;
 
-    bool setup(Packet*) override;
+    bool setup(snort::Packet*) override;
     void clear() override;
-    void cleanup(Packet* = nullptr) override;
-    void set_splitter(bool, StreamSplitter*) override;
-    StreamSplitter* get_splitter(bool) override;
+    void cleanup(snort::Packet* = nullptr) override;
+    void set_splitter(bool, snort::StreamSplitter*) override;
+    snort::StreamSplitter* get_splitter(bool) override;
     bool is_sequenced(uint8_t /*dir*/) override;
     bool are_packets_missing(uint8_t /*dir*/) override;
     uint8_t get_reassembly_direction() override;
     uint8_t missing_in_reassembled(uint8_t /*dir*/) override;
-    void update_direction(char dir, const SfIp*, uint16_t port) override;
-    bool add_alert(Packet*, uint32_t gid, uint32_t sid) override;
-    bool check_alerted(Packet*, uint32_t gid, uint32_t sid) override;
-    int update_alert(Packet*, uint32_t /*gid*/, uint32_t /*sid*/,
+    void update_direction(char dir, const snort::SfIp*, uint16_t port) override;
+    bool add_alert(snort::Packet*, uint32_t gid, uint32_t sid) override;
+    bool check_alerted(snort::Packet*, uint32_t gid, uint32_t sid) override;
+    int update_alert(snort::Packet*, uint32_t /*gid*/, uint32_t /*sid*/,
         uint32_t /*event_id*/, uint32_t /*event_second*/) override;
 
     static void sinit();
@@ -63,28 +63,28 @@ public:
     void start_proxy();
     void print();
 
-    void SetPacketHeaderFoo(const Packet* p);
+    void SetPacketHeaderFoo(const snort::Packet* p);
     void GetPacketHeaderFoo(DAQ_PktHdr_t* pkth, uint32_t dir);
     void SwapPacketHeaderFoo();
 
     virtual void update_perf_base_state(char) { }
     virtual void clear_session(
-        bool free_flow_data, bool flush_segments, bool restart, Packet* p = nullptr) = 0;
+        bool free_flow_data, bool flush_segments, bool restart, snort::Packet* p = nullptr) = 0;
 
     // FIXIT-L these 2 function names convey no meaning afaict... figure out
     // why are they called and name appropriately...
-    virtual void retransmit_process(Packet* p)
+    virtual void retransmit_process(snort::Packet* p)
     {
         // Data has already been analyzed so don't bother looking at it again.
-        DetectionEngine::disable_content(p);
+        snort::DetectionEngine::disable_content(p);
     }
 
-    virtual void retransmit_handle(Packet* p)
+    virtual void retransmit_handle(snort::Packet* p)
     {
         flow->call_handlers(p, false);
     }
 
-    virtual void eof_handle(Packet* p)
+    virtual void eof_handle(snort::Packet* p)
     {
         flow->call_handlers(p, true);
     }
@@ -145,10 +145,10 @@ public:
     TcpEventLogger tel;
 
 private:
-    ip::snort_in6_addr real_src_ip;
-    ip::snort_in6_addr real_dst_ip;
-    uint16_t real_src_port;
-    uint16_t real_dst_port;
+    snort::ip::snort_in6_addr real_src_ip = { 0 };
+    snort::ip::snort_in6_addr real_dst_ip = { 0 };
+    uint16_t real_src_port = 0;
+    uint16_t real_dst_port = 0;
 
 protected:
     virtual void set_os_policy() = 0;

diff --git a/src/stream/libtcp/tcp_stream_tracker.cc b/src/stream/libtcp/tcp_stream_tracker.cc
index 71b2055dd609cc67bdd80384f718f126416b5624..7a83f488a2846ce27ea0b24446c77dd344c29e28 100644 (file)
--- a/src/stream/libtcp/tcp_stream_tracker.cc
+++ b/src/stream/libtcp/tcp_stream_tracker.cc
@@ -29,6 +29,8 @@
 #include "stream/stream.h"
 #include "stream/tcp/tcp_module.h"
 
+using namespace snort;
+
 const char* tcp_state_names[] =
 {
     "TCP_LISTEN", "TCP_SYN_SENT", "TCP_SYN_RECV",

diff --git a/src/stream/libtcp/tcp_stream_tracker.h b/src/stream/libtcp/tcp_stream_tracker.h
index 6538d8f7e89723d32131e458719e73243eb3ebf3..348b545c8e62fbf7cbf4b2b2cd3826185a097565 100644 (file)
--- a/src/stream/libtcp/tcp_stream_tracker.h
+++ b/src/stream/libtcp/tcp_stream_tracker.h
@@ -113,7 +113,7 @@ public:
         return tcp_event;
     }
 
-    TcpEvent set_tcp_event(TcpSegmentDescriptor& tsd);
+    TcpEvent set_tcp_event(TcpSegmentDescriptor&);
 
     void set_tcp_event(TcpEvent tcp_event)
     {
@@ -316,7 +316,7 @@ public:
         this->mss = mss;
     }
 
-    void cache_mac_address(TcpSegmentDescriptor& tsd, uint8_t direction);
+    void cache_mac_address(TcpSegmentDescriptor&, uint8_t direction);
     bool compare_mac_addresses(const uint8_t eth_addr[]);
 
     bool is_rst_pkt_sent() const
@@ -334,30 +334,30 @@ public:
 
     virtual void print() =  0;
     virtual void init_flush_policy() =  0;
-    virtual void set_splitter(StreamSplitter* ss) =  0;
-    virtual void set_splitter(const Flow* flow) =  0;
+    virtual void set_splitter(snort::StreamSplitter* ss) =  0;
+    virtual void set_splitter(const snort::Flow* flow) =  0;
     virtual void reset_splitter( ) = 0;
 
     virtual void init_on_syn_sent(TcpSegmentDescriptor&) =  0;
     virtual void init_on_syn_recv(TcpSegmentDescriptor&) =  0;
-    virtual void init_on_synack_sent(TcpSegmentDescriptor& tsd) =  0;
-    virtual void init_on_synack_recv(TcpSegmentDescriptor& tsd) =  0;
-    virtual void init_on_3whs_ack_sent(TcpSegmentDescriptor& tsd) =  0;
-    virtual void init_on_3whs_ack_recv(TcpSegmentDescriptor& tsd) =  0;
-    virtual void init_on_data_seg_sent(TcpSegmentDescriptor& tsd) =  0;
-    virtual void init_on_data_seg_recv(TcpSegmentDescriptor& tsd) =  0;
-    virtual void finish_server_init(TcpSegmentDescriptor& tsd) =  0;
-    virtual void finish_client_init(TcpSegmentDescriptor& tsd) =  0;
-
-    virtual void update_tracker_ack_recv(TcpSegmentDescriptor& tsd) =  0;
-    virtual void update_tracker_ack_sent(TcpSegmentDescriptor& tsd) =  0;
-    virtual bool update_on_3whs_ack(TcpSegmentDescriptor& tsd) =  0;
-    virtual bool update_on_rst_recv(TcpSegmentDescriptor& tsd) =  0;
+    virtual void init_on_synack_sent(TcpSegmentDescriptor&) =  0;
+    virtual void init_on_synack_recv(TcpSegmentDescriptor&) =  0;
+    virtual void init_on_3whs_ack_sent(TcpSegmentDescriptor&) =  0;
+    virtual void init_on_3whs_ack_recv(TcpSegmentDescriptor&) =  0;
+    virtual void init_on_data_seg_sent(TcpSegmentDescriptor&) =  0;
+    virtual void init_on_data_seg_recv(TcpSegmentDescriptor&) =  0;
+    virtual void finish_server_init(TcpSegmentDescriptor&) =  0;
+    virtual void finish_client_init(TcpSegmentDescriptor&) =  0;
+
+    virtual void update_tracker_ack_recv(TcpSegmentDescriptor&) =  0;
+    virtual void update_tracker_ack_sent(TcpSegmentDescriptor&) =  0;
+    virtual bool update_on_3whs_ack(TcpSegmentDescriptor&) =  0;
+    virtual bool update_on_rst_recv(TcpSegmentDescriptor&) =  0;
     virtual void update_on_rst_sent() =  0;
-    virtual bool update_on_fin_recv(TcpSegmentDescriptor& tsd) =  0;
-    virtual bool update_on_fin_sent(TcpSegmentDescriptor& tsd) =  0;
-    virtual bool is_segment_seq_valid(TcpSegmentDescriptor& tsd) =  0;
-    virtual void flush_data_on_fin_recv(TcpSegmentDescriptor& tsd) =  0;
+    virtual bool update_on_fin_recv(TcpSegmentDescriptor&) =  0;
+    virtual bool update_on_fin_sent(TcpSegmentDescriptor&) =  0;
+    virtual bool is_segment_seq_valid(TcpSegmentDescriptor&) =  0;
+    virtual void flush_data_on_fin_recv(TcpSegmentDescriptor&) =  0;
 
     bool client_tracker;
     TcpState tcp_state;
@@ -386,7 +386,7 @@ public:
     uint32_t r_win_base = 0; /* remote side window base sequence number
      * (i.e. the last ack we got) */
 
-    StreamSplitter* splitter = nullptr;
+    snort::StreamSplitter* splitter = nullptr;
     TcpNormalizer* normalizer = nullptr;
     TcpReassembler* reassembler = nullptr;
     TcpSession* session = nullptr;

diff --git a/src/stream/paf.cc b/src/stream/paf.cc
index c161c1c1c9dc9046eba734e0e515c799c9391f28..315491309e5c586e315c723f91bd7b8241cf0db2 100644 (file)
--- a/src/stream/paf.cc
+++ b/src/stream/paf.cc
@@ -28,6 +28,8 @@
 #include "main/snort_debug.h"
 #include "protocols/packet.h"
 
+using namespace snort;
+
 //--------------------------------------------------------------------
 // private state
 //--------------------------------------------------------------------

diff --git a/src/stream/paf.h b/src/stream/paf.h
index 6cea244f036acbc58559d746e3f2123363913557..a8dce40bf4f6482e30fc37a0b1c9ca63c71a7d8e 100644 (file)
--- a/src/stream/paf.h
+++ b/src/stream/paf.h
@@ -27,7 +27,10 @@
 
 #include "stream/stream_splitter.h"
 
-struct SnortConfig;
+namespace snort
+{
+class Flow;
+}
 
 void* paf_new(unsigned max);     // create new paf config (per policy)
 void paf_delete(void*);  // free config
@@ -40,7 +43,7 @@ struct PAF_State     // per session direction
     uint32_t fpt;    // current flush point
     uint32_t tot;    // total bytes flushed
 
-    StreamSplitter::Status paf;  // current scan state
+    snort::StreamSplitter::Status paf;  // current scan state
 };
 
 void paf_setup(PAF_State*);  // called at session start
@@ -54,12 +57,12 @@ inline uint32_t paf_position (PAF_State* ps)
 
 inline uint32_t paf_initialized (PAF_State* ps)
 {
-    return ( ps->paf != StreamSplitter::START );
+    return ( ps->paf != snort::StreamSplitter::START );
 }
 
 inline uint32_t paf_active (PAF_State* ps)
 {
-    return ( ps->paf != StreamSplitter::ABORT );
+    return ( ps->paf != snort::StreamSplitter::ABORT );
 }
 
 inline void paf_jump(PAF_State* ps, uint32_t n)
@@ -69,10 +72,8 @@ inline void paf_jump(PAF_State* ps, uint32_t n)
 }
 
 // called on each in order segment
-int32_t paf_check(
-    StreamSplitter* paf_config, PAF_State*, Flow* ssn,
-    const uint8_t* data, uint32_t len, uint32_t total,
-    uint32_t seq, uint32_t* flags);
+int32_t paf_check(snort::StreamSplitter* paf_config, PAF_State*, snort::Flow* ssn,
+    const uint8_t* data, uint32_t len, uint32_t total, uint32_t seq, uint32_t* flags);
 
 #endif
 

diff --git a/src/stream/stream.cc b/src/stream/stream.cc
index dd1f3bad0b1a01e021056e45a6756105c0c19c91..461f863c63e3e307b113665927d40ff69e8f235f 100644 (file)
--- a/src/stream/stream.cc
+++ b/src/stream/stream.cc
@@ -46,6 +46,8 @@
 #include "libtcp/stream_tcp_unit_test.h"
 #endif
 
+using namespace snort;
+
 // this should not be publicly accessible
 extern THREAD_LOCAL class FlowControl* flow_con;
 

diff --git a/src/stream/stream.h b/src/stream/stream.h
index f541218717961b46ce751c8d1f6547d0f0ae5950..7d2a52d186ad5bcf8ec46c8f2fd61776bc5b028d 100644 (file)
--- a/src/stream/stream.h
+++ b/src/stream/stream.h
@@ -26,6 +26,15 @@
 
 #include "flow/flow.h"
 
+
+struct HostAttributeEntry;
+
+namespace snort
+{
+class Flow;
+struct SfIp;
+class StreamSplitter;
+
 /* traffic direction identification */
 #define FROM_SERVER     0
 #define FROM_CLIENT     1
@@ -49,9 +58,6 @@
     "first | last | linux | old_linux | bsd | macos | solaris | irix | " \
     "hpux11 | hpux10 | windows | win_2003 | vista | proxy"
 
-class Flow;
-struct SfIp;
-
 typedef int (* LogFunction)(Flow*, uint8_t** buf, uint32_t* len, uint32_t* type);
 typedef void (* LogExtraData)(Flow*, void* config, LogFunction* funcs,
     uint32_t max_count, uint32_t xtradata_mask, uint32_t id, uint32_t sec);
@@ -104,8 +110,8 @@ public:
     // n-tuple parameters specified.  Inspection will be turned off for this expected session
     // when it arrives.
     static int ignore_flow(
-        const Packet* ctrlPkt, PktType, IpProtocol, const SfIp* srcIP, uint16_t srcPort,
-        const SfIp* dstIP, uint16_t dstPort, char direction, uint32_t flowdata_id);
+        const Packet* ctrlPkt, PktType, IpProtocol, const snort::SfIp* srcIP, uint16_t srcPort,
+        const snort::SfIp* dstIP, uint16_t dstPort, char direction, uint32_t flowdata_id);
 
     // Resume inspection for flow.
     // FIXIT-L does resume work only for a flow that has been stopped by call to stop_inspection?
@@ -162,20 +168,20 @@ public:
     // initialize response count and expiration time
     static void init_active_response(const Packet*, Flow*);
 
-    static void set_splitter(Flow*, bool toServer, class StreamSplitter* = nullptr);
+    static void set_splitter(Flow*, bool toServer, StreamSplitter* = nullptr);
     static StreamSplitter* get_splitter(Flow*, bool toServer);
 
     // Turn off inspection for potential session. Adds session identifiers to a hash table.
     // TCP only.
     static int set_application_protocol_id_expected(
-        const Packet* ctrlPkt, PktType, IpProtocol, const SfIp* srcIP, uint16_t srcPort,
-        const SfIp* dstIP, uint16_t dstPort, int16_t appId, FlowData*);
+        const Packet* ctrlPkt, PktType, IpProtocol, const snort::SfIp* srcIP, uint16_t srcPort,
+        const snort::SfIp* dstIP, uint16_t dstPort, int16_t appId, FlowData*);
 
     // Get pointer to application data for a flow based on the lookup tuples for cases where
     // Snort does not have an active packet that is relevant.
     static FlowData* get_flow_data(
         PktType type, IpProtocol proto,
-        const SfIp* a1, uint16_t p1, const SfIp* a2, uint16_t p2,
+        const snort::SfIp* a1, uint16_t p1, const snort::SfIp* a2, uint16_t p2,
         uint16_t vlanId, uint32_t mplsId, uint16_t addrSpaceId, unsigned flowdata_id);
 
     // Get pointer to application data for a flow using the FlowKey as the lookup criteria
@@ -185,7 +191,7 @@ public:
     // cases where Snort does not have an active packet that is relevant.
     static Flow* get_flow(
         PktType type, IpProtocol proto,
-        const SfIp* a1, uint16_t p1, const SfIp* a2, uint16_t p2,
+        const snort::SfIp* a1, uint16_t p1, const snort::SfIp* a2, uint16_t p2,
         uint16_t vlanId, uint32_t mplsId, uint16_t addrSpaceId);
 
     // Delete the session if it is in the closed session state.
@@ -198,10 +204,10 @@ public:
     //  Populate a session key from the Packet
     static void populate_flow_key(Packet*, FlowKey*);
 
-    static void update_direction(Flow*, char dir, const SfIp* ip, uint16_t port);
+    static void update_direction(Flow*, char dir, const snort::SfIp* ip, uint16_t port);
 
     static void set_application_protocol_id(
-        Flow*, const struct HostAttributeEntry*, int direction);
+        Flow*, const HostAttributeEntry*, int direction);
 
     static bool is_midstream(Flow* flow)
     { return flow->ssn_state.session_flags & SSNFLAG_MIDSTREAM; }
@@ -225,6 +231,6 @@ public:
 private:
     static void set_ip_protocol(Flow*);
 };
-
+}
 #endif
 

diff --git a/src/stream/stream_inspectors.cc b/src/stream/stream_inspectors.cc
index a06bdfbed9efbf5e348ef2417d39a94d573bb7c6..e36de33b73961bdbaae242bb1a968c8ac345cd85 100644 (file)
--- a/src/stream/stream_inspectors.cc
+++ b/src/stream/stream_inspectors.cc
@@ -25,6 +25,8 @@
 
 #include "managers/plugin_manager.h"
 
+using namespace snort;
+
 extern const BaseApi* nin_stream_base;
 extern const BaseApi* nin_stream_ip;
 extern const BaseApi* nin_stream_icmp;

diff --git a/src/stream/stream_splitter.cc b/src/stream/stream_splitter.cc
index 3e719424f53ad97eea52f04476b44ff89aa4f960..6eb2984d468cb3c851c4e843d9829fefa75a684c 100644 (file)
--- a/src/stream/stream_splitter.cc
+++ b/src/stream/stream_splitter.cc
@@ -30,6 +30,8 @@
 #include "flush_bucket.h"
 #include "stream.h"
 
+using namespace snort;
+
 unsigned StreamSplitter::max(Flow*)
 { return SnortConfig::get_conf()->max_pdu; }
 

diff --git a/src/stream/stream_splitter.h b/src/stream/stream_splitter.h
index 4f4e7d33ac3e158e23d275ae0e6ab253ca96153d..431d6212262d90b1ccf717ba9a96b2641d0224ca 100644 (file)
--- a/src/stream/stream_splitter.h
+++ b/src/stream/stream_splitter.h
@@ -22,6 +22,8 @@
 
 #include "main/snort_types.h"
 
+namespace snort
+{
 class Flow;
 
 struct StreamBuffer
@@ -145,5 +147,6 @@ public:
 private:
     unsigned byte_count = 0;
 };
+}
 #endif
 

diff --git a/src/stream/tcp/ips_stream_reassemble.cc b/src/stream/tcp/ips_stream_reassemble.cc
index 73b546c66db73ef7547413fa96f8f780e2bab9a0..f9e51b4ea4ca6bc72665146f60967797758ee5d0 100644 (file)
--- a/src/stream/tcp/ips_stream_reassemble.cc
+++ b/src/stream/tcp/ips_stream_reassemble.cc
@@ -35,6 +35,8 @@
 #include "stream/libtcp/stream_tcp_unit_test.h"
 #endif
 
+using namespace snort;
+
 //-------------------------------------------------------------------------
 // stream_reassemble
 //-------------------------------------------------------------------------

diff --git a/src/stream/tcp/ips_stream_size.cc b/src/stream/tcp/ips_stream_size.cc
index 2ce00bc4a6d601bf086a266d74eb245b588b6a83..63030d1098472438057463030333343f5172953b 100644 (file)
--- a/src/stream/tcp/ips_stream_size.cc
+++ b/src/stream/tcp/ips_stream_size.cc
@@ -29,6 +29,8 @@
 
 #include "tcp_session.h"
 
+using namespace snort;
+
 //-------------------------------------------------------------------------
 // stream_size
 //-------------------------------------------------------------------------

diff --git a/src/stream/tcp/stream_tcp.cc b/src/stream/tcp/stream_tcp.cc
index c8dbe34bb27d1674ef6e08405fec8930d50f1f9f..ce7bdaf76a9fb88ce34b09dcad511e5004325ced 100644 (file)
--- a/src/stream/tcp/stream_tcp.cc
+++ b/src/stream/tcp/stream_tcp.cc
@@ -28,6 +28,8 @@
 #include "tcp_module.h"
 #include "tcp_session.h"
 
+using namespace snort;
+
 //-------------------------------------------------------------------------
 // inspector stuff
 //-------------------------------------------------------------------------

diff --git a/src/stream/tcp/stream_tcp.h b/src/stream/tcp/stream_tcp.h
index f1bd5640170185eaf6263f8d4558dd75129ca362..fa6275853187a57f576957c6ddb00ef062f482a6 100644 (file)
--- a/src/stream/tcp/stream_tcp.h
+++ b/src/stream/tcp/stream_tcp.h
@@ -19,10 +19,13 @@
 #ifndef STREAM_TCP_H
 #define STREAM_TCP_H
 
+namespace snort
+{
 class Inspector;
+}
 class TcpStreamConfig;
 
-TcpStreamConfig* get_tcp_cfg(Inspector*);
+TcpStreamConfig* get_tcp_cfg(snort::Inspector*);
 
 #endif
 

diff --git a/src/stream/tcp/tcp_debug_trace.h b/src/stream/tcp/tcp_debug_trace.h
index c30fd0c4b3a812e26a5641be7b8a049adba38810..7bb89a763082a5b85fff641f84f38f4a280a74eb 100644 (file)
--- a/src/stream/tcp/tcp_debug_trace.h
+++ b/src/stream/tcp/tcp_debug_trace.h
@@ -40,11 +40,11 @@ static const char* const flushxt[] = { "IGN", "FPR", "PRE", "PRO", "PAF" };
 
 static THREAD_LOCAL int s5_trace_enabled = -1;  // FIXIT-L should use module trace feature
 
-inline void TraceEvent(const Packet* p, TcpSegmentDescriptor*, uint32_t txd, uint32_t rxd)
+inline void TraceEvent(const snort::Packet* p, TcpSegmentDescriptor*, uint32_t txd, uint32_t rxd)
 {
     int i;
     char flags[7] = "UAPRSF";
-    const tcp::TCPHdr* h = p->ptrs.tcph;
+    const snort::tcp::TCPHdr* h = p->ptrs.tcph;
     const char* order = "";
 
     if (!h)
@@ -70,7 +70,7 @@ inline void TraceEvent(const Packet* p, TcpSegmentDescriptor*, uint32_t txd, uin
         pc.total_from_daq, flags, h->th_flags, rseq, rack, h->win(), p->dsize, order);
 }
 
-inline void TraceSession(const Flow* lws)
+inline void TraceSession(const snort::Flow* lws)
 {
     fprintf(stdout, "    LWS: ST=0x%x SF=0x%x CP=%hu SP=%hu\n", (unsigned)lws->session_state,
         lws->ssn_state.session_flags, lws->client_port, lws->server_port);
@@ -102,7 +102,7 @@ inline void TraceState(const TcpStreamTracker* a, const TcpStreamTracker* b, con
     fprintf(stdout, "\n");
 }
 
-inline void TraceTCP(const Packet* p, const Flow* lws, TcpSegmentDescriptor* tsd, int event)
+inline void TraceTCP(const snort::Packet* p, const snort::Flow* lws, TcpSegmentDescriptor* tsd, int event)
 {
     const TcpSession* ssn = (TcpSession*)lws->session;
     const TcpStreamTracker* srv = ssn ? ssn->server : nullptr;
@@ -139,7 +139,7 @@ inline void TraceTCP(const Packet* p, const Flow* lws, TcpSegmentDescriptor* tsd
     }
 }
 
-inline void S5TraceTCP(const Packet* p, const Flow* lws, TcpSegmentDescriptor* tsd, int event)
+inline void S5TraceTCP(const snort::Packet* p, const snort::Flow* lws, TcpSegmentDescriptor* tsd, int event)
 {
     if (!s5_trace_enabled)
         return;

diff --git a/src/stream/tcp/tcp_defs.h b/src/stream/tcp/tcp_defs.h
index c379acc69c758bdc84fb819f5ca76fc8c6e9ca87..ab5eb7179bf9683fdc446832999c7611f98296e6 100644 (file)
--- a/src/stream/tcp/tcp_defs.h
+++ b/src/stream/tcp/tcp_defs.h
@@ -24,7 +24,10 @@
 
 #include "main/thread.h"
 
+namespace snort
+{
 struct Packet;
+}
 
 /* actions */
 #define ACTION_NOTHING                  0x00000000

diff --git a/src/stream/tcp/tcp_event_logger.cc b/src/stream/tcp/tcp_event_logger.cc
index cdacb2ec2a8c58d72029b955ef19a04bd5e30b82..72610762d118779cb569138cf8894f7bc8854231 100644 (file)
--- a/src/stream/tcp/tcp_event_logger.cc
+++ b/src/stream/tcp/tcp_event_logger.cc
@@ -90,10 +90,10 @@ struct tcp_event_sid tcp_event_sids[] =
 
 void TcpEventLogger::log_internal_event(uint32_t eventSid)
 {
-    if (is_internal_event_enabled(SnortConfig::get_conf()->rate_filter_config, eventSid))
+    if (is_internal_event_enabled(snort::SnortConfig::get_conf()->rate_filter_config, eventSid))
     {
         tcpStats.internalEvents++;
-        DetectionEngine::queue_event(GENERATOR_INTERNAL, eventSid);
+        snort::DetectionEngine::queue_event(GENERATOR_INTERNAL, eventSid);
         DebugFormat(DEBUG_STREAM, "Stream raised internal event %u\n", eventSid);
     }
 }
@@ -105,7 +105,7 @@ void TcpEventLogger::log_tcp_events()
         uint32_t idx = ffs(tcp_events);
         if ( idx )
         {
-            DetectionEngine::queue_event(GID_STREAM_TCP, tcp_event_sids[ idx ].sid);
+            snort::DetectionEngine::queue_event(GID_STREAM_TCP, tcp_event_sids[ idx ].sid);
             tcp_events ^= tcp_event_sids[ idx ].event_id;
             tcpStats.events++;
         }

diff --git a/src/stream/tcp/tcp_ha.cc b/src/stream/tcp/tcp_ha.cc
index 619c7ac46f77b4c732c8c253e848adf674c0628e..75238afda3ce9705f66ce3fe50119ad5934a1601 100644 (file)
--- a/src/stream/tcp/tcp_ha.cc
+++ b/src/stream/tcp/tcp_ha.cc
@@ -28,6 +28,8 @@
 
 #include "tcp_session.h"
 
+using namespace snort;
+
 Flow* TcpHA::create_session(FlowKey* key)
 {
     assert(key);

diff --git a/src/stream/tcp/tcp_ha.h b/src/stream/tcp/tcp_ha.h
index 73f96debdd077994f1a2ef97c1d488ae1dc3e8ed..36b9190776985c2c07f9072bda72f88af3906fa9 100644 (file)
--- a/src/stream/tcp/tcp_ha.h
+++ b/src/stream/tcp/tcp_ha.h
@@ -24,14 +24,17 @@
 
 //-------------------------------------------------------------------------
 
+namespace snort
+{
 class Flow;
+}
 
 class TcpHA : public ProtocolHA
 {
 public:
     TcpHA() : ProtocolHA(PktType::TCP) { }
-    Flow* create_session(FlowKey*) override;
-    void deactivate_session(Flow*) override;
+    snort::Flow* create_session(FlowKey*) override;
+    void deactivate_session(snort::Flow*) override;
 
 private:
 };
@@ -39,7 +42,7 @@ private:
 class TcpHAManager
 {
 public:
-    static void process_deletion(Flow* flow);
+    static void process_deletion(snort::Flow* flow);
     static void tinit();
     static void tterm();
     static THREAD_LOCAL TcpHA* tcp_ha;

diff --git a/src/stream/tcp/tcp_module.cc b/src/stream/tcp/tcp_module.cc
index fb1bb9369cafd9d3e65a72657e651f5471ba419c..f56660c6e2c117b9292e00d12bec80cb6107eb3d 100644 (file)
--- a/src/stream/tcp/tcp_module.cc
+++ b/src/stream/tcp/tcp_module.cc
@@ -26,6 +26,7 @@
 
 #include "profiler/profiler_defs.h"
 
+using namespace snort;
 using namespace std;
 
 //-------------------------------------------------------------------------

diff --git a/src/stream/tcp/tcp_module.h b/src/stream/tcp/tcp_module.h
index f517aec64847a116769313d1e6287f9675147c66..dcadac0c7a3ac38299b6dc9514e2b36933bf1655 100644 (file)
--- a/src/stream/tcp/tcp_module.h
+++ b/src/stream/tcp/tcp_module.h
@@ -51,15 +51,15 @@
 
 extern const PegInfo tcp_pegs[];
 
-extern THREAD_LOCAL ProfileStats s5TcpPerfStats;
-extern THREAD_LOCAL ProfileStats s5TcpNewSessPerfStats;
-extern THREAD_LOCAL ProfileStats s5TcpStatePerfStats;
-extern THREAD_LOCAL ProfileStats s5TcpDataPerfStats;
-extern THREAD_LOCAL ProfileStats s5TcpInsertPerfStats;
-extern THREAD_LOCAL ProfileStats s5TcpPAFPerfStats;
-extern THREAD_LOCAL ProfileStats s5TcpFlushPerfStats;
-extern THREAD_LOCAL ProfileStats s5TcpBuildPacketPerfStats;
-extern THREAD_LOCAL ProfileStats streamSizePerfStats;
+extern THREAD_LOCAL snort::ProfileStats s5TcpPerfStats;
+extern THREAD_LOCAL snort::ProfileStats s5TcpNewSessPerfStats;
+extern THREAD_LOCAL snort::ProfileStats s5TcpStatePerfStats;
+extern THREAD_LOCAL snort::ProfileStats s5TcpDataPerfStats;
+extern THREAD_LOCAL snort::ProfileStats s5TcpInsertPerfStats;
+extern THREAD_LOCAL snort::ProfileStats s5TcpPAFPerfStats;
+extern THREAD_LOCAL snort::ProfileStats s5TcpFlushPerfStats;
+extern THREAD_LOCAL snort::ProfileStats s5TcpBuildPacketPerfStats;
+extern THREAD_LOCAL snort::ProfileStats streamSizePerfStats;
 
 struct TcpStats
 {
@@ -111,24 +111,27 @@ inline void inc_tcp_discards()
 #define MOD_NAME "stream_tcp"
 #define MOD_HELP "stream inspector for TCP flow tracking and stream normalization and reassembly"
 
+namespace snort
+{
 struct SnortConfig;
+}
 
-class StreamTcpModule : public Module
+class StreamTcpModule : public snort::Module
 {
 public:
     StreamTcpModule();
 
-    bool set(const char*, Value&, SnortConfig*) override;
-    bool begin(const char*, int, SnortConfig*) override;
-    bool end(const char*, int, SnortConfig*) override;
+    bool set(const char*, snort::Value&, snort::SnortConfig*) override;
+    bool begin(const char*, int, snort::SnortConfig*) override;
+    bool end(const char*, int, snort::SnortConfig*) override;
 
-    const RuleMap* get_rules() const override;
+    const snort::RuleMap* get_rules() const override;
 
     unsigned get_gid() const override
     { return GID_STREAM_TCP; }
 
     TcpStreamConfig* get_data();
-    ProfileStats* get_profile(unsigned, const char*&, const char*&) const override;
+    snort::ProfileStats* get_profile(unsigned, const char*&, const char*&) const override;
     const PegInfo* get_pegs() const override;
     PegCount* get_counts() const override;
 

diff --git a/src/stream/tcp/tcp_normalizer.cc b/src/stream/tcp/tcp_normalizer.cc
index 40757035322b6fe352044745ffae5c969390afb2..ee3a9f619c476deae8416372e24a39715cf48b01 100644 (file)
--- a/src/stream/tcp/tcp_normalizer.cc
+++ b/src/stream/tcp/tcp_normalizer.cc
@@ -28,6 +28,8 @@
 #include "main/snort_debug.h"
 #include "packet_io/active.h"
 
+using namespace snort;
+
 THREAD_LOCAL PegCount tcp_norm_stats[PC_TCP_MAX][NORM_MODE_MAX];
 
 static const PegInfo pegName[] =

diff --git a/src/stream/tcp/tcp_normalizer.h b/src/stream/tcp/tcp_normalizer.h
index 391e6abc91cd80906d0842813b9970ae6243a984..6a186b94382909aa270f9ddb83f76709e81ee44b 100644 (file)
--- a/src/stream/tcp/tcp_normalizer.h
+++ b/src/stream/tcp/tcp_normalizer.h
@@ -52,14 +52,14 @@ public:
     virtual void trim_rst_payload(TcpSegmentDescriptor&, uint32_t max = 0);
     virtual void trim_win_payload(TcpSegmentDescriptor&, uint32_t max = 0);
     virtual void trim_mss_payload(TcpSegmentDescriptor&, uint32_t max = 0);
-    virtual void ecn_tracker(const tcp::TCPHdr*, bool req3way);
-    virtual void ecn_stripper(Packet*);
+    virtual void ecn_tracker(const snort::tcp::TCPHdr*, bool req3way);
+    virtual void ecn_stripper(snort::Packet*);
     virtual uint32_t get_stream_window(TcpSegmentDescriptor&);
     virtual uint32_t get_tcp_timestamp(TcpSegmentDescriptor&, bool strip);
     virtual int handle_paws(TcpSegmentDescriptor&);
     virtual bool validate_rst(TcpSegmentDescriptor&);
     virtual int handle_repeated_syn(TcpSegmentDescriptor&) = 0;
-    virtual uint16_t set_urg_offset(const tcp::TCPHdr* tcph, uint16_t dsize);
+    virtual uint16_t set_urg_offset(const snort::tcp::TCPHdr* tcph, uint16_t dsize);
 
     static const PegInfo* get_normalization_pegs();
     static NormPegs get_normalization_counts(unsigned&);
@@ -137,7 +137,7 @@ public:
 protected:
     TcpNormalizer(StreamPolicy, TcpSession*, TcpStreamTracker*);
     virtual void trim_payload(TcpSegmentDescriptor&, uint32_t, NormMode, TcpPegCounts);
-    virtual bool strip_tcp_timestamp(TcpSegmentDescriptor&, const tcp::TcpOption*, NormMode);
+    virtual bool strip_tcp_timestamp(TcpSegmentDescriptor&, const snort::tcp::TcpOption*, NormMode);
     virtual bool validate_rst_seq_geq(TcpSegmentDescriptor&);
     virtual bool validate_rst_end_seq_geq(TcpSegmentDescriptor&);
     virtual bool validate_rst_seq_eq(TcpSegmentDescriptor&);

diff --git a/src/stream/tcp/tcp_normalizers.cc b/src/stream/tcp/tcp_normalizers.cc
index 7a44a47af9111a335d6520777787aaea965bd6ae..4b52552d47c4f3caaf03ceb9601e799bb7e70087 100644 (file)
--- a/src/stream/tcp/tcp_normalizers.cc
+++ b/src/stream/tcp/tcp_normalizers.cc
@@ -27,6 +27,8 @@
 
 #include "tcp_module.h"
 
+using namespace snort;
+
 class TcpNormalizerFirst : public TcpNormalizer
 {
 public:

diff --git a/src/stream/tcp/tcp_reassembler.cc b/src/stream/tcp/tcp_reassembler.cc
index d0c5172fe3c6f67753a4dccd6632eeb890b165fc..a31de3de136d63482c4c138f4b5f85577e5fc1f8 100644 (file)
--- a/src/stream/tcp/tcp_reassembler.cc
+++ b/src/stream/tcp/tcp_reassembler.cc
@@ -36,6 +36,8 @@
 #include "tcp_module.h"
 #include "tcp_normalizer.h"
 
+using namespace snort;
+
 ReassemblyPolicy stream_reassembly_policy_map[] =
 {
     ReassemblyPolicy::OS_INVALID,
@@ -635,7 +637,7 @@ int TcpReassembler::_flush_to_seq(uint32_t bytes, Packet* p, uint32_t pkt_flags)
             tcpStats.rebuilt_bytes += flushed_bytes;
 
             ProfileExclude profile_exclude(s5TcpFlushPerfStats);
-            Snort::inspect(pdu);
+            snort::Snort::inspect(pdu);
         }
         else
         {
@@ -726,7 +728,7 @@ int TcpReassembler::do_zero_byte_flush(Packet* p, uint32_t pkt_flags)
 
         show_rebuilt_packet(pdu);
         ProfileExclude profile_exclude(s5TcpFlushPerfStats);
-        Snort::inspect(pdu);
+        snort::Snort::inspect(pdu);
         if ( tracker->splitter )
             tracker->splitter->update();
      }

diff --git a/src/stream/tcp/tcp_reassembler.h b/src/stream/tcp/tcp_reassembler.h
index 46f1ff961feb484671be5830f488d62881556954..28661bee761539d76a7272ccb69f2b32647dc17f 100644 (file)
--- a/src/stream/tcp/tcp_reassembler.h
+++ b/src/stream/tcp/tcp_reassembler.h
@@ -34,12 +34,12 @@ public:
 
     virtual int queue_packet_for_reassembly(TcpSegmentDescriptor&);
     virtual void purge_segment_list();
-    virtual int flush_stream(Packet* p, uint32_t dir, bool final_flush = false);
+    virtual int flush_stream(snort::Packet* p, uint32_t dir, bool final_flush = false);
     virtual int purge_flushed_ackd();
-    virtual void flush_queued_segments(Flow* flow, bool clear, Packet* p = nullptr);
+    virtual void flush_queued_segments(snort::Flow* flow, bool clear, snort::Packet* p = nullptr);
     virtual bool is_segment_pending_flush();
-    virtual int flush_on_data_policy(Packet*);
-    virtual int flush_on_ack_policy(Packet*);
+    virtual int flush_on_data_policy(snort::Packet*);
+    virtual int flush_on_ack_policy(snort::Packet*);
     void set_seglist_base_seq(uint32_t seglist_base_seq)
     {
         this->seglist_base_seq = seglist_base_seq;
@@ -137,20 +137,20 @@ protected:
     void queue_reassembly_segment(TcpSegmentNode* prev, TcpSegmentNode*);
     void init_overlap_editor(TcpSegmentDescriptor&);
     bool is_segment_fasttrack(TcpSegmentNode* tail, TcpSegmentDescriptor&);
-    int purge_alerts(Flow*);
-    void show_rebuilt_packet(Packet*);
+    int purge_alerts(snort::Flow*);
+    void show_rebuilt_packet(snort::Packet*);
     uint32_t get_flush_data_len(TcpSegmentNode*, uint32_t to_seq, unsigned max);
-    int flush_data_segments(Packet*, uint32_t total, Packet* pdu);
-    void prep_pdu(Flow*, Packet*, uint32_t pkt_flags, Packet* pdu);
-    Packet* initialize_pdu(Packet* p, uint32_t pkt_flags, struct timeval tv);
-    int _flush_to_seq(uint32_t bytes, Packet*, uint32_t pkt_flags);
-    int flush_to_seq(uint32_t bytes, Packet*, uint32_t pkt_flags);
-    int do_zero_byte_flush(Packet* p, uint32_t pkt_flags);
+    int flush_data_segments(snort::Packet*, uint32_t total, snort::Packet* pdu);
+    void prep_pdu(snort::Flow*, snort::Packet*, uint32_t pkt_flags, snort::Packet* pdu);
+    snort::Packet* initialize_pdu(snort::Packet* p, uint32_t pkt_flags, struct timeval tv);
+    int _flush_to_seq(uint32_t bytes, snort::Packet*, uint32_t pkt_flags);
+    int flush_to_seq(uint32_t bytes, snort::Packet*, uint32_t pkt_flags);
+    int do_zero_byte_flush(snort::Packet* p, uint32_t pkt_flags);
     uint32_t get_q_footprint();
     uint32_t get_q_sequenced();
-    void final_flush(Packet*, uint32_t dir);
-    uint32_t get_reverse_packet_dir(const Packet*);
-    uint32_t get_forward_packet_dir(const Packet*);
+    void final_flush(snort::Packet*, uint32_t dir);
+    uint32_t get_reverse_packet_dir(const snort::Packet*);
+    uint32_t get_forward_packet_dir(const snort::Packet*);
     int32_t flush_pdu_ips(uint32_t*);
     void fallback();
     int32_t flush_pdu_ackd(uint32_t* flags);

diff --git a/src/stream/tcp/tcp_session.cc b/src/stream/tcp/tcp_session.cc
index 48d8d7ed244256e6be45d667429d74e2dbea44f6..86fee3a568cf5707f611cd8d5cdf25c73d9f8b57 100644 (file)
--- a/src/stream/tcp/tcp_session.cc
+++ b/src/stream/tcp/tcp_session.cc
@@ -63,6 +63,8 @@
 #include "tcp_reassemblers.h"
 #include "tcp_stream_state_machine.h"
 
+using namespace snort;
+
 #ifdef DEBUG_MSGS
 static THREAD_LOCAL const char* t_name = nullptr;
 static THREAD_LOCAL const char* l_name = nullptr;
@@ -73,6 +75,7 @@ TcpSession::TcpSession(Flow* flow) : TcpStreamSession(flow)
     tsm = TcpStreamStateMachine::get_instance();
     client = new TcpTracker(true, this);
     server = new TcpTracker(false, this);
+    splitter_init = false;
 }
 
 TcpSession::~TcpSession()

diff --git a/src/stream/tcp/tcp_session.h b/src/stream/tcp/tcp_session.h
index ecffc070208624792b6e7c52a48d368a84275ccd..874a3e23d376b2a2af094556a02f6cad178995f5 100644 (file)
--- a/src/stream/tcp/tcp_session.h
+++ b/src/stream/tcp/tcp_session.h
@@ -29,23 +29,23 @@ class TcpEventLogger;
 class TcpSession : public TcpStreamSession
 {
 public:
-    TcpSession(Flow*);
+    TcpSession(snort::Flow*);
     ~TcpSession() override;
 
-    bool setup(Packet*) override;
-    void restart(Packet* p) override;
-    void precheck(Packet* p) override;
-    int process(Packet*) override;
+    bool setup(snort::Packet*) override;
+    void restart(snort::Packet* p) override;
+    void precheck(snort::Packet* p) override;
+    int process(snort::Packet*) override;
 
     void flush() override;
-    void flush_client(Packet*) override;
-    void flush_server(Packet*) override;
-    void flush_talker(Packet*, bool final_flush = false) override;
-    void flush_listener(Packet*, bool final_flush = false) override;
+    void flush_client(snort::Packet*) override;
+    void flush_server(snort::Packet*) override;
+    void flush_talker(snort::Packet*, bool final_flush = false) override;
+    void flush_listener(snort::Packet*, bool final_flush = false) override;
 
-    void clear_session(bool free_flow_data, bool flush_segments, bool restart, Packet* p = nullptr) override;
+    void clear_session(bool free_flow_data, bool flush_segments, bool restart, snort::Packet* p = nullptr) override;
 
-    void set_extra_data(Packet*, uint32_t /*flag*/) override;
+    void set_extra_data(snort::Packet*, uint32_t /*flag*/) override;
 
     void update_perf_base_state(char new_state) override;
     TcpStreamTracker::TcpState get_talker_state() override;
@@ -73,13 +73,13 @@ private:
     void swap_trackers();
     void NewTcpSessionOnSyn(TcpSegmentDescriptor&);
     void NewTcpSessionOnSynAck(TcpSegmentDescriptor&);
-    int process_dis(Packet*);
+    int process_dis(snort::Packet*);
     void update_on_3whs_complete(TcpSegmentDescriptor&);
-    bool is_flow_handling_packets(Packet*);
-    void cleanup_session_if_expired(Packet*);
-    bool do_packet_analysis_pre_checks(Packet*, TcpSegmentDescriptor&);
-    void do_packet_analysis_post_checks(Packet*);
-    void flush_tracker(TcpStreamTracker*, Packet*, uint32_t dir, bool final_flush);
+    bool is_flow_handling_packets(snort::Packet*);
+    void cleanup_session_if_expired(snort::Packet*);
+    bool do_packet_analysis_pre_checks(snort::Packet*, TcpSegmentDescriptor&);
+    void do_packet_analysis_post_checks(snort::Packet*);
+    void flush_tracker(TcpStreamTracker*, snort::Packet*, uint32_t dir, bool final_flush);
 
     TcpStateMachine* tsm;
     bool splitter_init;

diff --git a/src/stream/tcp/tcp_state_close_wait.cc b/src/stream/tcp/tcp_state_close_wait.cc
index 09229ff608a8cccbf7639fded6b698654111b91c..9a871c8adb362b09e0a1fd7d4e7d53107e2f0bda 100644 (file)
--- a/src/stream/tcp/tcp_state_close_wait.cc
+++ b/src/stream/tcp/tcp_state_close_wait.cc
@@ -85,7 +85,7 @@ bool TcpStateCloseWait::fin_sent(TcpSegmentDescriptor& tsd, TcpStreamTracker& tr
 
 bool TcpStateCloseWait::fin_recv(TcpSegmentDescriptor& tsd, TcpStreamTracker& trk)
 {
-    Flow* flow = tsd.get_flow();
+    snort::Flow* flow = tsd.get_flow();
     if( trk.process_inorder_fin() )
     {
         trk.update_on_fin_recv(tsd);

diff --git a/src/stream/tcp/tcp_state_closed.cc b/src/stream/tcp/tcp_state_closed.cc
index e657f443997e244b3f52c99e7539a24004ab5bd3..d4e670a9075d6ec9fcbf6785ae4b36d91fa6189e 100644 (file)
--- a/src/stream/tcp/tcp_state_closed.cc
+++ b/src/stream/tcp/tcp_state_closed.cc
@@ -44,7 +44,7 @@ bool TcpStateClosed::syn_sent(TcpSegmentDescriptor& tsd, TcpStreamTracker& trk)
 
 bool TcpStateClosed::syn_recv(TcpSegmentDescriptor& tsd, TcpStreamTracker& trk)
 {
-    Flow* flow = tsd.get_flow();
+    snort::Flow* flow = tsd.get_flow();
     flow->set_expire(tsd.get_pkt(), trk.session->config->session_timeout);
     return true;
 }
@@ -63,7 +63,7 @@ bool TcpStateClosed::ack_recv(TcpSegmentDescriptor& tsd, TcpStreamTracker& trk)
 
 bool TcpStateClosed::data_seg_sent(TcpSegmentDescriptor& tsd, TcpStreamTracker& trk)
 {
-    Flow* flow = tsd.get_flow();
+    snort::Flow* flow = tsd.get_flow();
 
     trk.update_tracker_ack_sent(tsd);
     // data on a segment when we're not accepting data any more alert!
@@ -135,7 +135,7 @@ bool TcpStateClosed::do_post_sm_packet_actions(TcpSegmentDescriptor& tsd, TcpStr
     if ( trk.get_tcp_event() != TcpStreamTracker::TCP_FIN_RECV_EVENT )
     {
         TcpStreamTracker::TcpState talker_state = trk.session->get_talker_state();
-        Flow* flow = tsd.get_flow();
+        snort::Flow* flow = tsd.get_flow();
 
         if ( ( talker_state == TcpStreamTracker::TCP_TIME_WAIT ) || !flow->two_way_traffic() )
         {
@@ -157,7 +157,7 @@ bool TcpStateClosed::do_post_sm_packet_actions(TcpSegmentDescriptor& tsd, TcpStr
 TEST_CASE("TCP State Closed", "[tcp_closed_state][stream_tcp]")
 {
     // initialization code here
-    Flow* flow = new Flow;
+    snort::Flow* flow = new snort::Flow;
     TcpStreamTracker* ctrk = new TcpStreamTracker(true);
     TcpStreamTracker* strk = new TcpStreamTracker(false);
     TcpEventLogger* tel = new TcpEventLogger;

diff --git a/src/stream/tcp/tcp_state_closing.cc b/src/stream/tcp/tcp_state_closing.cc
index 106ab92ce457b749757ba9cc8fb9090e563b703b..6229c922b5e0cd2bd087aabe5184bf4782a222bb 100644 (file)
--- a/src/stream/tcp/tcp_state_closing.cc
+++ b/src/stream/tcp/tcp_state_closing.cc
@@ -91,7 +91,7 @@ bool TcpStateClosing::fin_sent(TcpSegmentDescriptor& tsd, TcpStreamTracker& trk)
 
 bool TcpStateClosing::fin_recv(TcpSegmentDescriptor& tsd, TcpStreamTracker& trk)
 {
-    Flow* flow = tsd.get_flow();
+    snort::Flow* flow = tsd.get_flow();
 
     trk.update_tracker_ack_recv(tsd);
     if ( SEQ_GT(tsd.get_seg_seq(), trk.get_fin_final_seq() ) )

diff --git a/src/stream/tcp/tcp_state_fin_wait1.cc b/src/stream/tcp/tcp_state_fin_wait1.cc
index 28b0067b646a68cea56ef3d298d2e2db755913a6..1ef5b52a95fe4702582e9e73626c58f7c82af039 100644 (file)
--- a/src/stream/tcp/tcp_state_fin_wait1.cc
+++ b/src/stream/tcp/tcp_state_fin_wait1.cc
@@ -97,7 +97,7 @@ bool TcpStateFinWait1::fin_sent(TcpSegmentDescriptor& tsd, TcpStreamTracker& trk
 
 bool TcpStateFinWait1::fin_recv(TcpSegmentDescriptor& tsd, TcpStreamTracker& trk)
 {
-    Flow* flow = tsd.get_flow();
+    snort::Flow* flow = tsd.get_flow();
 
     trk.update_tracker_ack_recv(tsd);
     if ( trk.update_on_fin_recv(tsd) )

diff --git a/src/stream/tcp/tcp_state_fin_wait2.cc b/src/stream/tcp/tcp_state_fin_wait2.cc
index 796e7e601bb8603b012a3005477601e5a7f968a9..9672a22591d27ded1323e1107ea846e38290c764 100644 (file)
--- a/src/stream/tcp/tcp_state_fin_wait2.cc
+++ b/src/stream/tcp/tcp_state_fin_wait2.cc
@@ -103,7 +103,7 @@ bool TcpStateFinWait2::data_seg_recv(TcpSegmentDescriptor& tsd, TcpStreamTracker
 
 bool TcpStateFinWait2::fin_recv(TcpSegmentDescriptor& tsd, TcpStreamTracker& trk)
 {
-    Flow* flow = tsd.get_flow();
+    snort::Flow* flow = tsd.get_flow();
 
     trk.update_tracker_ack_recv(tsd);
     if ( trk.update_on_fin_recv(tsd) )

diff --git a/src/stream/tcp/tcp_state_last_ack.cc b/src/stream/tcp/tcp_state_last_ack.cc
index baa73b4a8aec73400b0d7e740209dd23d9b2bbfe..924c35299a857f023cbe4c6fbe58de4e51867983 100644 (file)
--- a/src/stream/tcp/tcp_state_last_ack.cc
+++ b/src/stream/tcp/tcp_state_last_ack.cc
@@ -85,7 +85,7 @@ bool TcpStateLastAck::fin_sent(TcpSegmentDescriptor& tsd, TcpStreamTracker& trk)
 
 bool TcpStateLastAck::fin_recv(TcpSegmentDescriptor& tsd, TcpStreamTracker& trk)
 {
-    Flow* flow = tsd.get_flow();
+    snort::Flow* flow = tsd.get_flow();
 
     trk.update_tracker_ack_recv(tsd);
     if ( SEQ_EQ(tsd.get_seg_ack(), trk.get_snd_nxt() ) )
@@ -129,7 +129,7 @@ bool TcpStateLastAck::do_post_sm_packet_actions(TcpSegmentDescriptor& tsd, TcpSt
         ( trk.get_tcp_event() != TcpStreamTracker::TCP_FIN_RECV_EVENT ) )
     {
         TcpStreamTracker::TcpState talker_state = trk.session->get_talker_state();
-        Flow* flow = tsd.get_flow();
+        snort::Flow* flow = tsd.get_flow();
 
         if ( ( talker_state == TcpStreamTracker::TCP_TIME_WAIT )
             || ( talker_state == TcpStreamTracker::TCP_CLOSED ) )

diff --git a/src/stream/tcp/tcp_state_listen.cc b/src/stream/tcp/tcp_state_listen.cc
index 657064261c7195373b29cbce866eecb1ec38e9fb..c5bf0229fa8c50774aaaaade9f778a51a1424b5f 100644 (file)
--- a/src/stream/tcp/tcp_state_listen.cc
+++ b/src/stream/tcp/tcp_state_listen.cc
@@ -28,6 +28,8 @@
 #include "tcp_normalizer.h"
 #include "tcp_session.h"
 
+using namespace snort;
+
 TcpStateListen::TcpStateListen(TcpStateMachine& tsm) :
     TcpStateHandler(TcpStreamTracker::TCP_LISTEN, tsm)
 {

diff --git a/src/stream/tcp/tcp_state_none.cc b/src/stream/tcp/tcp_state_none.cc
index 33c142431518f961d97ef2b1e4ca20ddec942d46..a17884b5e2a2cb2183b713cb9ea53dbdd5aede8f 100644 (file)
--- a/src/stream/tcp/tcp_state_none.cc
+++ b/src/stream/tcp/tcp_state_none.cc
@@ -28,6 +28,8 @@
 #include "tcp_normalizer.h"
 #include "tcp_session.h"
 
+using namespace snort;
+
 TcpStateNone::TcpStateNone(TcpStateMachine& tsm) :
     TcpStateHandler(TcpStreamTracker::TCP_STATE_NONE, tsm)
 {

diff --git a/src/stream/tcp/tcp_state_syn_recv.cc b/src/stream/tcp/tcp_state_syn_recv.cc
index 9dc5892cce789bccb5fdef0bdc44ab77bc32a41a..6df8fe3be503fd3c7266c57eed012d0ece2921ff 100644 (file)
--- a/src/stream/tcp/tcp_state_syn_recv.cc
+++ b/src/stream/tcp/tcp_state_syn_recv.cc
@@ -29,6 +29,7 @@
 #include "tcp_normalizer.h"
 #include "tcp_session.h"
 
+using namespace snort;
 using namespace std;
 
 TcpStateSynRecv::TcpStateSynRecv(TcpStateMachine& tsm) :

diff --git a/src/stream/tcp/tcp_state_syn_sent.cc b/src/stream/tcp/tcp_state_syn_sent.cc
index f4b4659bf07d474652619382ff957299b8e3b1ab..b2cef7f3bf631a2417aa80f88b8145602efcd9fc 100644 (file)
--- a/src/stream/tcp/tcp_state_syn_sent.cc
+++ b/src/stream/tcp/tcp_state_syn_sent.cc
@@ -64,7 +64,7 @@ bool TcpStateSynSent::syn_ack_recv(TcpSegmentDescriptor& tsd, TcpStreamTracker&
 
 bool TcpStateSynSent::ack_sent(TcpSegmentDescriptor& tsd, TcpStreamTracker& trk)
 {
-    Flow* flow = tsd.get_flow();
+    snort::Flow* flow = tsd.get_flow();
 
     // FIXIT-H verify ack being sent is valid...
     trk.update_tracker_ack_sent(tsd);
@@ -86,7 +86,7 @@ bool TcpStateSynSent::ack_recv(TcpSegmentDescriptor& tsd, TcpStreamTracker& trk)
 
 bool TcpStateSynSent::data_seg_sent(TcpSegmentDescriptor& tsd, TcpStreamTracker& trk)
 {
-    Flow* flow = tsd.get_flow();
+    snort::Flow* flow = tsd.get_flow();
 
     // FIXIT-H verify ack being sent is valid...
     trk.update_tracker_ack_sent(tsd);

diff --git a/src/stream/tcp/tcp_state_time_wait.cc b/src/stream/tcp/tcp_state_time_wait.cc
index 4107b6b0676e1451140fe1b827b2bbd1c25acfd9..b7c66b50287de7100f962cc4eb7aaca4f2e5c5f8 100644 (file)
--- a/src/stream/tcp/tcp_state_time_wait.cc
+++ b/src/stream/tcp/tcp_state_time_wait.cc
@@ -116,7 +116,7 @@ bool TcpStateTimeWait::do_post_sm_packet_actions(TcpSegmentDescriptor& tsd, TcpS
     if ( trk.get_tcp_event() != TcpStreamTracker::TCP_FIN_RECV_EVENT )
     {
         TcpStreamTracker::TcpState talker_state = trk.session->get_talker_state();
-        Flow* flow = tsd.get_flow();
+        snort::Flow* flow = tsd.get_flow();
 
         if ( ( talker_state == TcpStreamTracker::TCP_TIME_WAIT )
             || ( talker_state == TcpStreamTracker::TCP_CLOSED ) )

diff --git a/src/stream/tcp/tcp_stream_config.h b/src/stream/tcp/tcp_stream_config.h
index ea334099e7148801839c0c33bdb4f5b1f463c3e3..8f3ddd56828f2b10e3d90aa96f788008249b8106 100644 (file)
--- a/src/stream/tcp/tcp_stream_config.h
+++ b/src/stream/tcp/tcp_stream_config.h
@@ -50,7 +50,7 @@ public:
         return hs_timeout >= 0;
     }
 
-    bool midstream_allowed(Packet* p)
+    bool midstream_allowed(snort::Packet* p)
     {
         if ( ( hs_timeout < 0 ) || ( p->pkth->ts.tv_sec - packet_first_time() < hs_timeout ) )
             return true;

diff --git a/src/stream/tcp/tcp_tracker.cc b/src/stream/tcp/tcp_tracker.cc
index a256f3bac2a81189e5a5bfe084f3dd3d0accd243..4ba33c9720e9421fdb6c32e48468a19138b97325 100644 (file)
--- a/src/stream/tcp/tcp_tracker.cc
+++ b/src/stream/tcp/tcp_tracker.cc
@@ -32,6 +32,8 @@
 #include "tcp_normalizer.h"
 #include "tcp_reassembler.h"
 
+using namespace snort;
+
 TcpTracker::TcpTracker(bool client, TcpSession* ssn) :
     TcpStreamTracker(client)
 {

diff --git a/src/stream/tcp/tcp_tracker.h b/src/stream/tcp/tcp_tracker.h
index b023f4fbce067caca193c1f81f5fcb4a9b650ba9..ed39cc9a4069ac9fc8d7b7e380dacd25216476db 100644 (file)
--- a/src/stream/tcp/tcp_tracker.h
+++ b/src/stream/tcp/tcp_tracker.h
@@ -56,30 +56,30 @@ public:
     void init_tcp_state() override;
     void print() override;
     void init_flush_policy() override;
-    void set_splitter(StreamSplitter* ss) override;
-    void set_splitter(const Flow* flow) override;
+    void set_splitter(snort::StreamSplitter* ss) override;
+    void set_splitter(const snort::Flow* flow) override;
     void reset_splitter( ) override;
 
     void init_on_syn_sent(TcpSegmentDescriptor&) override;
     void init_on_syn_recv(TcpSegmentDescriptor&) override;
-    void init_on_synack_sent(TcpSegmentDescriptor& tsd) override;
-    void init_on_synack_recv(TcpSegmentDescriptor& tsd) override;
-    void init_on_3whs_ack_sent(TcpSegmentDescriptor& tsd) override;
-    void init_on_3whs_ack_recv(TcpSegmentDescriptor& tsd) override;
-    void init_on_data_seg_sent(TcpSegmentDescriptor& tsd) override;
-    void init_on_data_seg_recv(TcpSegmentDescriptor& tsd) override;
-    void finish_server_init(TcpSegmentDescriptor& tsd) override;
-    void finish_client_init(TcpSegmentDescriptor& tsd) override;
+    void init_on_synack_sent(TcpSegmentDescriptor&) override;
+    void init_on_synack_recv(TcpSegmentDescriptor&) override;
+    void init_on_3whs_ack_sent(TcpSegmentDescriptor&) override;
+    void init_on_3whs_ack_recv(TcpSegmentDescriptor&) override;
+    void init_on_data_seg_sent(TcpSegmentDescriptor&) override;
+    void init_on_data_seg_recv(TcpSegmentDescriptor&) override;
+    void finish_server_init(TcpSegmentDescriptor&) override;
+    void finish_client_init(TcpSegmentDescriptor&) override;
 
-    void update_tracker_ack_recv(TcpSegmentDescriptor& tsd) override;
-    void update_tracker_ack_sent(TcpSegmentDescriptor& tsd) override;
-    bool update_on_3whs_ack(TcpSegmentDescriptor& tsd) override;
-    bool update_on_rst_recv(TcpSegmentDescriptor& tsd) override;
+    void update_tracker_ack_recv(TcpSegmentDescriptor&) override;
+    void update_tracker_ack_sent(TcpSegmentDescriptor&) override;
+    bool update_on_3whs_ack(TcpSegmentDescriptor&) override;
+    bool update_on_rst_recv(TcpSegmentDescriptor&) override;
     void update_on_rst_sent() override;
-    bool update_on_fin_recv(TcpSegmentDescriptor& tsd) override;
-    bool update_on_fin_sent(TcpSegmentDescriptor& tsd) override;
-    bool is_segment_seq_valid(TcpSegmentDescriptor& tsd) override;
-    void flush_data_on_fin_recv(TcpSegmentDescriptor& tsd) override;
+    bool update_on_fin_recv(TcpSegmentDescriptor&) override;
+    bool update_on_fin_sent(TcpSegmentDescriptor&) override;
+    bool is_segment_seq_valid(TcpSegmentDescriptor&) override;
+    void flush_data_on_fin_recv(TcpSegmentDescriptor&) override;
 
     void init_toolbox() override;
 };

diff --git a/src/stream/tcp/test/tcp_normalizer_test.cc b/src/stream/tcp/test/tcp_normalizer_test.cc
index bdbf6e061554c65ce61169930411f033defe34c7..2abbd45dc1769fa468571f31a6c69cfb5871e4ca 100644 (file)
--- a/src/stream/tcp/test/tcp_normalizer_test.cc
+++ b/src/stream/tcp/test/tcp_normalizer_test.cc
@@ -32,6 +32,8 @@
 #include <CppUTest/TestHarness.h>
 #include <CppUTestExt/MockSupport.h>
 
+using namespace snort;
+
 NormMode mockNormMode = NORM_MODE_ON;
 bool norm_enabled = true;
 THREAD_LOCAL TcpStats tcpStats;

diff --git a/src/stream/test/stream_splitter_test.cc b/src/stream/test/stream_splitter_test.cc
index 337ffbfe6ff9ee9f3cfbfe39698f52a70280dce4..101cc266c7f8bb78ba8e8e3d1754115483d7c0a1 100644 (file)
--- a/src/stream/test/stream_splitter_test.cc
+++ b/src/stream/test/stream_splitter_test.cc
@@ -30,16 +30,18 @@
 #include <CppUTest/CommandLineTestRunner.h>
 #include <CppUTest/TestHarness.h>
 
+using namespace snort;
+
 //--------------------------------------------------------------------------
 // mocks
 //--------------------------------------------------------------------------
-
+namespace snort
+{
 THREAD_LOCAL SnortConfig* snort_conf = nullptr;
 SnortConfig* SnortConfig::get_conf()
 { return snort_conf; }
 
 static StreamSplitter* next_splitter = nullptr;
-static int flushed = 0;
 
 Flow::Flow() { }
 
@@ -49,17 +51,22 @@ struct Packet* DetectionEngine::get_current_packet()
 uint8_t* DetectionEngine::get_next_buffer(unsigned int&)
 { return nullptr; }
 
-uint16_t FlushBucket::get_size()
-{ return 1; }
-
 StreamSplitter* Stream::get_splitter(Flow*, bool)
 { return next_splitter; }
 
+static int flushed = 0;
+
 void Stream::flush_client(Packet*)
 { flushed = 1; }
 
 void Stream::flush_server(Packet*)
 { flushed = 2; }
+}
+
+
+uint16_t FlushBucket::get_size()
+{ return 1; }
+
 
 //--------------------------------------------------------------------------
 // atom splitter tests

diff --git a/src/stream/udp/stream_udp.cc b/src/stream/udp/stream_udp.cc
index 57667e89aec530e87f6a2de8fcc4c3706f368cd0..15506550a0b0d105a057f45775c92d70a1ac86f6 100644 (file)
--- a/src/stream/udp/stream_udp.cc
+++ b/src/stream/udp/stream_udp.cc
@@ -28,6 +28,8 @@
 #include "udp_module.h"
 #include "udp_session.h"
 
+using namespace snort;
+
 //-------------------------------------------------------------------------
 // helpers
 //-------------------------------------------------------------------------

diff --git a/src/stream/udp/stream_udp.h b/src/stream/udp/stream_udp.h
index c24824fca44b1521f28ddfef4391634973559d63..a21ed9c5cafd29648e93b88e70c9fb165ff41e4d 100644 (file)
--- a/src/stream/udp/stream_udp.h
+++ b/src/stream/udp/stream_udp.h
@@ -21,7 +21,10 @@
 
 #include <cstdint>
 
+namespace snort
+{
 class Inspector;
+}
 
 struct StreamUdpConfig
 {
@@ -31,7 +34,7 @@ struct StreamUdpConfig
     StreamUdpConfig();
 };
 
-StreamUdpConfig* get_udp_cfg(Inspector*);
+StreamUdpConfig* get_udp_cfg(snort::Inspector*);
 
 #endif
 

diff --git a/src/stream/udp/udp_ha.cc b/src/stream/udp/udp_ha.cc
index a7e748d2d085150d5ed01778c22670b68e0db5e4..79b916acf0c0de94a0ef67880f64b7b84fa45d56 100644 (file)
--- a/src/stream/udp/udp_ha.cc
+++ b/src/stream/udp/udp_ha.cc
@@ -27,6 +27,8 @@
 
 #include "udp_session.h"
 
+using namespace snort;
+
 Flow* UdpHA::create_session(FlowKey* key)
 {
     assert(key);

diff --git a/src/stream/udp/udp_ha.h b/src/stream/udp/udp_ha.h
index 9cc76c975449a2c0d6be770bd3483dbfe9f53edd..819c77adfbd08d08d234bf661e85afdb82de3e7a 100644 (file)
--- a/src/stream/udp/udp_ha.h
+++ b/src/stream/udp/udp_ha.h
@@ -24,13 +24,16 @@
 
 //-------------------------------------------------------------------------
 
+namespace snort
+{
 class Flow;
+}
 
 class UdpHA : public ProtocolHA
 {
 public:
     UdpHA() : ProtocolHA(PktType::UDP) { }
-    Flow* create_session(FlowKey*) override;
+    snort::Flow* create_session(FlowKey*) override;
 
 private:
 };
@@ -38,7 +41,7 @@ private:
 class UdpHAManager
 {
 public:
-    static void process_deletion(Flow* flow);
+    static void process_deletion(snort::Flow* flow);
     static void tinit();
     static void tterm();
     static THREAD_LOCAL UdpHA* udp_ha;

diff --git a/src/stream/udp/udp_module.cc b/src/stream/udp/udp_module.cc
index 69ee1af4016994b624506957d31253eb8bb747b0..2395a9eb5e88782582445d1ba83390ea403ff8db 100644 (file)
--- a/src/stream/udp/udp_module.cc
+++ b/src/stream/udp/udp_module.cc
@@ -26,6 +26,7 @@
 
 #include "stream_udp.h"
 
+using namespace snort;
 using namespace std;
 
 //-------------------------------------------------------------------------

diff --git a/src/stream/udp/udp_module.h b/src/stream/udp/udp_module.h
index 54cdee21c056571af6684bc9967122ac4b419b26..d30796b0558475cbb7bcb4a51250fe975b272661 100644 (file)
--- a/src/stream/udp/udp_module.h
+++ b/src/stream/udp/udp_module.h
@@ -24,7 +24,10 @@
 #include "flow/session.h"
 #include "framework/module.h"
 
+namespace snort
+{
 struct SnortConfig;
+}
 
 struct UdpStats
 {
@@ -34,7 +37,7 @@ struct UdpStats
 
 extern const PegInfo udp_pegs[];
 extern THREAD_LOCAL struct UdpStats udpStats;
-extern THREAD_LOCAL ProfileStats udp_perf_stats;
+extern THREAD_LOCAL snort::ProfileStats udp_perf_stats;
 
 //-------------------------------------------------------------------------
 // stream_udp module
@@ -45,15 +48,15 @@ extern THREAD_LOCAL ProfileStats udp_perf_stats;
 
 struct StreamUdpConfig;
 
-class StreamUdpModule : public Module
+class StreamUdpModule : public snort::Module
 {
 public:
     StreamUdpModule();
-    bool set(const char*, Value&, SnortConfig*) override;
-    bool begin(const char*, int, SnortConfig*) override;
-    bool end(const char*, int, SnortConfig*) override;
+    bool set(const char*, snort::Value&, snort::SnortConfig*) override;
+    bool begin(const char*, int, snort::SnortConfig*) override;
+    bool end(const char*, int, snort::SnortConfig*) override;
 
-    ProfileStats* get_profile() const override;
+    snort::ProfileStats* get_profile() const override;
     const PegInfo* get_pegs() const override;
     PegCount* get_counts() const override;
     StreamUdpConfig* get_data();

diff --git a/src/stream/udp/udp_session.cc b/src/stream/udp/udp_session.cc
index 2ad1907bd640e8eccb4db4ca3e7f84d5fce8c715..743e201b2cd13a5dfb81c80341c4dc99383d2549 100644 (file)
--- a/src/stream/udp/udp_session.cc
+++ b/src/stream/udp/udp_session.cc
@@ -32,6 +32,8 @@
 #include "udp_module.h"
 #include "stream_udp.h"
 
+using namespace snort;
+
 // NOTE:  sender is assumed to be client
 //        responder is assumed to be server
 

diff --git a/src/stream/udp/udp_session.h b/src/stream/udp/udp_session.h
index 66720929fe244a95c1be695a482d93f6954cb715..2ede188214c8fe2afc1cd4065deafc98578037f8 100644 (file)
--- a/src/stream/udp/udp_session.h
+++ b/src/stream/udp/udp_session.h
@@ -25,11 +25,11 @@
 class UdpSession : public Session
 {
 public:
-    UdpSession(Flow*);
+    UdpSession(snort::Flow*);
 
-    bool setup(Packet*) override;
-    void update_direction(char dir, const SfIp*, uint16_t port) override;
-    int process(Packet*) override;
+    bool setup(snort::Packet*) override;
+    void update_direction(char dir, const snort::SfIp*, uint16_t port) override;
+    int process(snort::Packet*) override;
     void clear() override;
 
 public:

diff --git a/src/stream/user/stream_user.cc b/src/stream/user/stream_user.cc
index 0885d90718e4fb4bb83ea71cc18749c858c3d929..5a8a215f72aa43467372f6cbd288a9e4a2d407af 100644 (file)
--- a/src/stream/user/stream_user.cc
+++ b/src/stream/user/stream_user.cc
@@ -28,6 +28,8 @@
 #include "user_module.h"
 #include "user_session.h"
 
+using namespace snort;
+
 //-------------------------------------------------------------------------
 // helpers
 //-------------------------------------------------------------------------

diff --git a/src/stream/user/stream_user.h b/src/stream/user/stream_user.h
index fd0edd2cf29e1851e43cf812a7769758eb342c12..bd06103332549e4c3af6dc043644728bb99c2437 100644 (file)
--- a/src/stream/user/stream_user.h
+++ b/src/stream/user/stream_user.h
@@ -22,7 +22,10 @@
 
 #include <cstdint>
 
+namespace snort
+{
 class Inspector;
+}
 
 struct StreamUserConfig
 {
@@ -31,6 +34,6 @@ struct StreamUserConfig
     StreamUserConfig();
 };
 
-StreamUserConfig* get_user_cfg(Inspector*);
+StreamUserConfig* get_user_cfg(snort::Inspector*);
 
 #endif

diff --git a/src/stream/user/user_module.cc b/src/stream/user/user_module.cc
index 22be2af4480c5f7c8a7e6afb9886da7d793841ff..5d939dfe7226327b1a927a8f2f47f01e101bc934 100644 (file)
--- a/src/stream/user/user_module.cc
+++ b/src/stream/user/user_module.cc
@@ -25,6 +25,7 @@
 
 #include "stream_user.h"
 
+using namespace snort;
 using namespace std;
 
 Trace TRACE_NAME(stream_user);

diff --git a/src/stream/user/user_module.h b/src/stream/user/user_module.h
index d8d12018f95ed6170242885158b8c5f6a78aa361..e1cc2049c3c029be27bbca289bd243ab5caeb04a 100644 (file)
--- a/src/stream/user/user_module.h
+++ b/src/stream/user/user_module.h
@@ -22,9 +22,12 @@
 
 #include "framework/module.h"
 
+namespace snort
+{
 struct SnortConfig;
+}
 
-extern THREAD_LOCAL ProfileStats user_perf_stats;
+extern THREAD_LOCAL snort::ProfileStats user_perf_stats;
 
 extern Trace TRACE_NAME(stream_user);
 
@@ -37,15 +40,15 @@ extern Trace TRACE_NAME(stream_user);
 
 struct StreamUserConfig;
 
-class StreamUserModule : public Module
+class StreamUserModule : public snort::Module
 {
 public:
     StreamUserModule();
     ~StreamUserModule() override;
 
-    bool set(const char*, Value&, SnortConfig*) override;
-    bool begin(const char*, int, SnortConfig*) override;
-    bool end(const char*, int, SnortConfig*) override;
+    bool set(const char*, snort::Value&, snort::SnortConfig*) override;
+    bool begin(const char*, int, snort::SnortConfig*) override;
+    bool end(const char*, int, snort::SnortConfig*) override;
 
     Usage get_usage() const override
     { return INSPECT; }

diff --git a/src/stream/user/user_session.cc b/src/stream/user/user_session.cc
index 7f57e3b833cf41f6790432882c4942dd3cba725e..9670c224c8f8fbef393e8862d0ba4d14514af964 100644 (file)
--- a/src/stream/user/user_session.cc
+++ b/src/stream/user/user_session.cc
@@ -33,6 +33,8 @@
 #include "stream_user.h"
 #include "user_module.h"
 
+using namespace snort;
+
 THREAD_LOCAL ProfileStats user_perf_stats;
 
 // we always get exactly one copy of user data in order
@@ -158,7 +160,7 @@ void UserTracker::detect(
     up->packet_flags |= (p->packet_flags & (PKT_STREAM_EST|PKT_STREAM_UNEST_UNI));
 
     trace_logf(stream_user, "detect[%d]\n", up->dsize);
-    Snort::inspect(up);
+    snort::Snort::inspect(up);
 }
 
 int UserTracker::scan(Packet* p, uint32_t& flags)

diff --git a/src/stream/user/user_session.h b/src/stream/user/user_session.h
index dfadc13d5351123ceec35937a5e4dff00af41d25..7fed823f92a771201182fce2260c56def4bd8002 100644 (file)
--- a/src/stream/user/user_session.h
+++ b/src/stream/user/user_session.h
@@ -59,14 +59,14 @@ struct UserTracker
     void init();
     void term();
 
-    void process(Packet*);
-    void add_data(Packet*);
-    int scan(Packet*, uint32_t&);
-    void flush(struct Packet*, unsigned, uint32_t);
-    void detect(const struct Packet*, const struct StreamBuffer&, uint32_t, Packet* up);
+    void process(snort::Packet*);
+    void add_data(snort::Packet*);
+    int scan(snort::Packet*, uint32_t&);
+    void flush(struct snort::Packet*, unsigned, uint32_t);
+    void detect(const struct snort::Packet*, const struct snort::StreamBuffer&, uint32_t, snort::Packet* up);
 
     std::list<UserSegment*> seg_list;
-    StreamSplitter* splitter;
+    snort::StreamSplitter* splitter;
     PAF_State paf_state;
     unsigned total;
 };
@@ -74,16 +74,16 @@ struct UserTracker
 class UserSession : public Session
 {
 public:
-    UserSession(Flow*);
+    UserSession(snort::Flow*);
 
-    bool setup(Packet*) override;
+    bool setup(snort::Packet*) override;
     void clear() override;
 
-    int process(Packet*) override;
+    int process(snort::Packet*) override;
 
-    void set_splitter(bool c2s, StreamSplitter*) override;
-    StreamSplitter* get_splitter(bool c2s) override;
-    void restart(Packet*) override;
+    void set_splitter(bool c2s, snort::StreamSplitter*) override;
+    snort::StreamSplitter* get_splitter(bool c2s) override;
+    void restart(snort::Packet*) override;
 
     bool is_sequenced(uint8_t /*dir*/) override
     { return true; }
@@ -95,24 +95,24 @@ public:
     { return SSN_MISSING_NONE; }
 
 private:
-    void start(Packet*, Flow*);
-    void update(Packet*, Flow*);
-    void end(Packet*, Flow*);
+    void start(snort::Packet*, snort::Flow*);
+    void update(snort::Packet*, snort::Flow*);
+    void end(snort::Packet*, snort::Flow*);
 
-    void update_direction(char dir, const SfIp*, uint16_t port) override;
+    void update_direction(char dir, const snort::SfIp*, uint16_t port) override;
 
-    bool add_alert(Packet*, uint32_t gid, uint32_t sid) override;
-    bool check_alerted(Packet*, uint32_t gid, uint32_t sid) override;
+    bool add_alert(snort::Packet*, uint32_t gid, uint32_t sid) override;
+    bool check_alerted(snort::Packet*, uint32_t gid, uint32_t sid) override;
 
     int update_alert(
-        Packet*, uint32_t gid, uint32_t sid, uint32_t event_id, uint32_t event_second) override;
+        snort::Packet*, uint32_t gid, uint32_t sid, uint32_t event_id, uint32_t event_second) override;
 
-    void flush_client(Packet*) override { }
-    void flush_server(Packet*) override { }
-    void flush_talker(Packet*, bool /*final_flush */ = false) override { }
-    void flush_listener(Packet*, bool /*final_flush */ = false) override { }
+    void flush_client(snort::Packet*) override { }
+    void flush_server(snort::Packet*) override { }
+    void flush_talker(snort::Packet*, bool /*final_flush */ = false) override { }
+    void flush_listener(snort::Packet*, bool /*final_flush */ = false) override { }
 
-    void set_extra_data(Packet*, uint32_t /* flag */) override { }
+    void set_extra_data(snort::Packet*, uint32_t /* flag */) override { }
 
     uint8_t get_reassembly_direction() override;
 

diff --git a/src/target_based/sftarget_data.h b/src/target_based/sftarget_data.h
index 674af7d99fb6a3a5e4227cfd8fe59a033a15a718..d458cf7afb850539bb11479b7af3e73f4c30b8a9 100644 (file)
--- a/src/target_based/sftarget_data.h
+++ b/src/target_based/sftarget_data.h
@@ -68,7 +68,7 @@ struct HostInfo
 
 struct HostAttributeEntry
 {
-    SfCidr ipAddr;
+    snort::SfCidr ipAddr;
     HostInfo hostInfo;
     ApplicationEntry* services;
     ApplicationEntry* clients;

diff --git a/src/target_based/sftarget_reader.cc b/src/target_based/sftarget_reader.cc
index 0ab10423e613971beeafe474cefb6bd79270ae62..1c480aa9e09772e6f49bebfc0b2f6ef18feb5370 100644 (file)
--- a/src/target_based/sftarget_reader.cc
+++ b/src/target_based/sftarget_reader.cc
@@ -36,6 +36,8 @@
 #include "utils/stats.h"
 #include "utils/util.h"
 
+using namespace snort;
+
 #define ATTRIBUTE_MAP_MAX_ROWS 1024
 
 struct tTargetBasedConfig

diff --git a/src/target_based/sftarget_reader.h b/src/target_based/sftarget_reader.h
index 71eac4fec3ba5d087827b0eb3fb4595b6b560d2b..4a74c986bc74b7c54310013f46957e6077179051 100644 (file)
--- a/src/target_based/sftarget_reader.h
+++ b/src/target_based/sftarget_reader.h
@@ -37,7 +37,10 @@
 #define MAX_MAX_METADATA_SERVICES 256
 #define MIN_MAX_METADATA_SERVICES 1
 
+namespace snort
+{
 struct Packet;
+}
 
 /* main Functions, called by Snort shutdown */
 void SFAT_Init();
@@ -49,14 +52,14 @@ void FreeHostEntry(HostAttributeEntry* host);
 uint32_t SFAT_NumberOfHosts();
 
 /* API Lookup functions, to be called by Stream & Frag */
-HostAttributeEntry* SFAT_LookupHostEntryByIP(const SfIp* ipAddr);
-HostAttributeEntry* SFAT_LookupHostEntryBySrc(Packet* p);
-HostAttributeEntry* SFAT_LookupHostEntryByDst(Packet* p);
+HostAttributeEntry* SFAT_LookupHostEntryByIP(const snort::SfIp* ipAddr);
+HostAttributeEntry* SFAT_LookupHostEntryBySrc(snort::Packet* p);
+HostAttributeEntry* SFAT_LookupHostEntryByDst(snort::Packet* p);
 
 #if 0
 int SFAT_AddApplicationData(HostAttributeEntry*, struct ApplicationEntry*);
 #endif
-void SFAT_UpdateApplicationProtocol(SfIp*, uint16_t port, uint16_t protocol, uint16_t id);
+void SFAT_UpdateApplicationProtocol(snort::SfIp*, uint16_t port, uint16_t protocol, uint16_t id);
 
 // reload functions
 struct tTargetBasedConfig;

diff --git a/src/target_based/snort_protocols.cc b/src/target_based/snort_protocols.cc
index 413d34d493ba5bcb748fd6260948f857f2e9ee49..5c16915ac0956e2efc841b9660bc991c6154945b 100644 (file)
--- a/src/target_based/snort_protocols.cc
+++ b/src/target_based/snort_protocols.cc
@@ -35,6 +35,7 @@
 
 #include "sftarget_data.h"
 
+using namespace snort;
 using namespace std;
 
 int16_t ProtocolReference::get_count()

diff --git a/src/utils/stats.cc b/src/utils/stats.cc
index d5bf92179a2143e38c231d78d7b396f39394a211..f54f9aad3f81513182bd55c70319e48a09f1cc1d 100644 (file)
--- a/src/utils/stats.cc
+++ b/src/utils/stats.cc
@@ -39,6 +39,8 @@
 
 #include "util.h"
 
+using namespace snort;
+
 #define STATS_SEPARATOR \
     "--------------------------------------------------"
 

diff --git a/src/utils/util.cc b/src/utils/util.cc
index c88e5327a9ee1dd70520c95bbd86787a0d1db4a0..76362cdb66db2804e5f7c2145f697b7a1ad0d0b2 100644 (file)
--- a/src/utils/util.cc
+++ b/src/utils/util.cc
@@ -64,6 +64,8 @@ extern "C" {
 
 #include "util_cstring.h"
 
+using namespace snort;
+
 char** protocol_names = nullptr;
 
 /****************************************************************************

diff --git a/src/utils/util_net.cc b/src/utils/util_net.cc
index efed547522f00c9aa092db8158cedda10e5b034e..ee4459766f9d097205ebe191b3fb7efb63fb6a31 100644 (file)
--- a/src/utils/util_net.cc
+++ b/src/utils/util_net.cc
@@ -26,6 +26,8 @@
 #include "sfip/sf_cidr.h"
 #include "util_cstring.h"
 
+namespace snort
+{
 char* ObfuscateIpToText(const SfIp* ip, SfCidr& homenet, SfCidr& obfunet, InetBuf& ab)
 {
     ab[0] = 0;
@@ -61,4 +63,4 @@ char* ObfuscateIpToText(const SfIp* ip, SfCidr& homenet, SfCidr& obfunet, InetBu
 
     return ab;
 }
-
+}

diff --git a/src/utils/util_net.h b/src/utils/util_net.h
index 8bfe6cadfef465de1a30ca2ccb4c6a7d1ad80844..119deb5d65a07da0fbe54947b497733078c3ab80 100644 (file)
--- a/src/utils/util_net.h
+++ b/src/utils/util_net.h
@@ -23,11 +23,13 @@
 #include <arpa/inet.h>
 #include "main/snort_types.h"
 
+namespace snort
+{
 struct SfCidr;
 typedef char InetBuf[INET6_ADDRSTRLEN];
 
 SO_PUBLIC char* ObfuscateIpToText(
     const struct SfIp*, SfCidr& homenet, SfCidr& obfuscate_net, InetBuf&);
-
+}
 #endif