*/
use crate::applayer::{self, *};
-use crate::core::{ALPROTO_UNKNOWN, AppProto, IPPROTO_UDP};
+use crate::core::{AppProto, ALPROTO_UNKNOWN, IPPROTO_UDP};
use crate::dhcp::parser::*;
use crate::flow::Flow;
use std;
}
}
-unsafe extern "C" fn dhcp_probing_parser(_flow: *const Flow,
- _direction: u8,
- input: *const u8,
- input_len: u32,
- _rdir: *mut u8) -> AppProto
-{
+unsafe extern "C" fn dhcp_probing_parser(
+ _flow: *const Flow, _direction: u8, input: *const u8, input_len: u32, _rdir: *mut u8,
+) -> AppProto {
if input_len < DHCP_MIN_FRAME_LEN || input.is_null() {
return ALPROTO_UNKNOWN;
}
}
}
-extern "C" fn dhcp_tx_get_alstate_progress(_tx: *mut std::os::raw::c_void,
- _direction: u8) -> std::os::raw::c_int {
+extern "C" fn dhcp_tx_get_alstate_progress(
+ _tx: *mut std::os::raw::c_void, _direction: u8,
+) -> std::os::raw::c_int {
// As this is a stateless parser, simply use 1.
return 1;
}
-unsafe extern "C" fn dhcp_state_get_tx(state: *mut std::os::raw::c_void,
- tx_id: u64) -> *mut std::os::raw::c_void {
+unsafe extern "C" fn dhcp_state_get_tx(
+ state: *mut std::os::raw::c_void, tx_id: u64,
+) -> *mut std::os::raw::c_void {
let state = cast_pointer!(state, DHCPState);
match state.get_tx(tx_id) {
Some(tx) => {
return state.tx_id;
}
-unsafe extern "C" fn dhcp_parse(_flow: *const Flow,
- state: *mut std::os::raw::c_void,
- _pstate: *mut std::os::raw::c_void,
- stream_slice: StreamSlice,
- _data: *const std::os::raw::c_void,
- ) -> AppLayerResult {
+unsafe extern "C" fn dhcp_parse(
+ _flow: *const Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void,
+ stream_slice: StreamSlice, _data: *const std::os::raw::c_void,
+) -> AppLayerResult {
let state = cast_pointer!(state, DHCPState);
if state.parse(stream_slice.as_slice()) {
return AppLayerResult::ok();
return AppLayerResult::err();
}
-pub unsafe extern "C" fn dhcp_state_tx_free(
- state: *mut std::os::raw::c_void,
- tx_id: u64)
-{
+pub unsafe extern "C" fn dhcp_state_tx_free(state: *mut std::os::raw::c_void, tx_id: u64) {
let state = cast_pointer!(state, DHCPState);
state.free_tx(tx_id);
}
-extern "C" fn dhcp_state_new(_orig_state: *mut std::os::raw::c_void, _orig_proto: AppProto) -> *mut std::os::raw::c_void {
+extern "C" fn dhcp_state_new(
+ _orig_state: *mut std::os::raw::c_void, _orig_proto: AppProto,
+) -> *mut std::os::raw::c_void {
let state = DHCPState::new();
let boxed = Box::new(state);
return Box::into_raw(boxed) as *mut _;
let ports = CString::new("[67,68]").unwrap();
let parser = RustParser {
name: PARSER_NAME.as_ptr() as *const std::os::raw::c_char,
- default_port : ports.as_ptr(),
- ipproto : IPPROTO_UDP,
- probe_ts : Some(dhcp_probing_parser),
- probe_tc : Some(dhcp_probing_parser),
- min_depth : 0,
- max_depth : 16,
- state_new : dhcp_state_new,
- state_free : dhcp_state_free,
- tx_free : dhcp_state_tx_free,
- parse_ts : dhcp_parse,
- parse_tc : dhcp_parse,
- get_tx_count : dhcp_state_get_tx_count,
- get_tx : dhcp_state_get_tx,
- tx_comp_st_ts : 1,
- tx_comp_st_tc : 1,
- tx_get_progress : dhcp_tx_get_alstate_progress,
- get_eventinfo : Some(DHCPEvent::get_event_info),
- get_eventinfo_byid : Some(DHCPEvent::get_event_info_by_id),
- localstorage_new : None,
- localstorage_free : None,
- get_tx_files : None,
- get_tx_iterator : Some(applayer::state_get_tx_iterator::<DHCPState, DHCPTransaction>),
- get_tx_data : dhcp_get_tx_data,
- get_state_data : dhcp_get_state_data,
- apply_tx_config : None,
- flags : 0,
+ default_port: ports.as_ptr(),
+ ipproto: IPPROTO_UDP,
+ probe_ts: Some(dhcp_probing_parser),
+ probe_tc: Some(dhcp_probing_parser),
+ min_depth: 0,
+ max_depth: 16,
+ state_new: dhcp_state_new,
+ state_free: dhcp_state_free,
+ tx_free: dhcp_state_tx_free,
+ parse_ts: dhcp_parse,
+ parse_tc: dhcp_parse,
+ get_tx_count: dhcp_state_get_tx_count,
+ get_tx: dhcp_state_get_tx,
+ tx_comp_st_ts: 1,
+ tx_comp_st_tc: 1,
+ tx_get_progress: dhcp_tx_get_alstate_progress,
+ get_eventinfo: Some(DHCPEvent::get_event_info),
+ get_eventinfo_byid: Some(DHCPEvent::get_event_info_by_id),
+ localstorage_new: None,
+ localstorage_free: None,
+ get_tx_files: None,
+ get_tx_iterator: Some(applayer::state_get_tx_iterator::<DHCPState, DHCPTransaction>),
+ get_tx_data: dhcp_get_tx_data,
+ get_state_data: dhcp_get_state_data,
+ apply_tx_config: None,
+ flags: 0,
get_frame_id_by_name: None,
get_frame_name_by_id: None,
};
use std;
use std::os::raw::c_void;
+use crate::conf::ConfNode;
use crate::dhcp::dhcp::*;
-use crate::dhcp::parser::{DHCPOptionWrapper,DHCPOptGeneric};
+use crate::dhcp::parser::{DHCPOptGeneric, DHCPOptionWrapper};
use crate::dns::log::dns_print_addr;
-use crate::conf::ConfNode;
use crate::jsonbuilder::{JsonBuilder, JsonError};
pub struct DHCPLogger {
}
impl DHCPLogger {
-
pub fn new(conf: ConfNode) -> Self {
return Self {
extended: conf.get_child_bool("extended"),
- }
+ };
}
fn get_type(&self, tx: &DHCPTransaction) -> Option<u8> {
let code = option.code;
#[allow(clippy::single_match)]
match &option.option {
- DHCPOptionWrapper::Generic(option) => {
+ DHCPOptionWrapper::Generic(option) =>
+ {
#[allow(clippy::single_match)]
match code {
DHCP_OPT_TYPE => {
pub fn do_log(&self, tx: &DHCPTransaction) -> bool {
if !self.extended {
- if let Some(DHCP_TYPE_ACK) = self.get_type(tx){
+ if let Some(DHCP_TYPE_ACK) = self.get_type(tx) {
return true;
}
return false;
js.set_string("type", "<unknown>")?;
}
}
-
+
js.set_uint("id", header.txid as u64)?;
- js.set_string("client_mac",
- &format_addr_hex(&header.clienthw))?;
+ js.set_string("client_mac", &format_addr_hex(&header.clienthw))?;
js.set_string("assigned_ip", &dns_print_addr(&header.yourip))?;
if self.extended {
js.set_string("client_ip", &dns_print_addr(&header.clientip))?;
if header.opcode == BOOTP_REPLY {
- js.set_string("relay_ip",
- &dns_print_addr(&header.giaddr))?;
- js.set_string("next_server_ip",
- &dns_print_addr(&header.serverip))?;
+ js.set_string("relay_ip", &dns_print_addr(&header.giaddr))?;
+ js.set_string("next_server_ip", &dns_print_addr(&header.serverip))?;
}
}
-
+
for option in options {
let code = option.code;
match option.option {
DHCPOptionWrapper::ClientId(ref clientid) => {
- js.set_string("client_id",
- &format_addr_hex(&clientid.data))?;
+ js.set_string("client_id", &format_addr_hex(&clientid.data))?;
}
- DHCPOptionWrapper::TimeValue(ref time_value) => {
- match code {
- DHCP_OPT_ADDRESS_TIME => {
- if self.extended {
- js.set_uint("lease_time",
- time_value.seconds as u64)?;
- }
- }
- DHCP_OPT_REBINDING_TIME => {
- if self.extended {
- js.set_uint("rebinding_time",
- time_value.seconds as u64)?;
- }
- }
- DHCP_OPT_RENEWAL_TIME => {
- js.set_uint("renewal_time",
- time_value.seconds as u64)?;
+ DHCPOptionWrapper::TimeValue(ref time_value) => match code {
+ DHCP_OPT_ADDRESS_TIME => {
+ if self.extended {
+ js.set_uint("lease_time", time_value.seconds as u64)?;
}
- _ => {}
}
- }
- DHCPOptionWrapper::Generic(ref option) => {
- match code {
- DHCP_OPT_SUBNET_MASK => {
- if self.extended {
- js.set_string("subnet_mask",
- &dns_print_addr(&option.data))?;
- }
+ DHCP_OPT_REBINDING_TIME => {
+ if self.extended {
+ js.set_uint("rebinding_time", time_value.seconds as u64)?;
}
- DHCP_OPT_HOSTNAME => {
- if !option.data.is_empty() {
- js.set_string_from_bytes("hostname",
- &option.data)?;
- }
+ }
+ DHCP_OPT_RENEWAL_TIME => {
+ js.set_uint("renewal_time", time_value.seconds as u64)?;
+ }
+ _ => {}
+ },
+ DHCPOptionWrapper::Generic(ref option) => match code {
+ DHCP_OPT_SUBNET_MASK => {
+ if self.extended {
+ js.set_string("subnet_mask", &dns_print_addr(&option.data))?;
}
- DHCP_OPT_TYPE => {
- self.log_opt_type(js, option)?;
+ }
+ DHCP_OPT_HOSTNAME => {
+ if !option.data.is_empty() {
+ js.set_string_from_bytes("hostname", &option.data)?;
}
- DHCP_OPT_REQUESTED_IP => {
- if self.extended {
- js.set_string("requested_ip",
- &dns_print_addr(&option.data))?;
- }
+ }
+ DHCP_OPT_TYPE => {
+ self.log_opt_type(js, option)?;
+ }
+ DHCP_OPT_REQUESTED_IP => {
+ if self.extended {
+ js.set_string("requested_ip", &dns_print_addr(&option.data))?;
}
- DHCP_OPT_PARAMETER_LIST => {
- if self.extended {
- self.log_opt_parameters(js, option)?;
- }
+ }
+ DHCP_OPT_PARAMETER_LIST => {
+ if self.extended {
+ self.log_opt_parameters(js, option)?;
}
- DHCP_OPT_DNS_SERVER => {
- if self.extended {
- self.log_opt_dns_server(js, option)?;
- }
+ }
+ DHCP_OPT_DNS_SERVER => {
+ if self.extended {
+ self.log_opt_dns_server(js, option)?;
}
- DHCP_OPT_ROUTERS => {
- if self.extended {
- self.log_opt_routers(js, option)?;
- }
+ }
+ DHCP_OPT_ROUTERS => {
+ if self.extended {
+ self.log_opt_routers(js, option)?;
}
- DHCP_OPT_VENDOR_CLASS_ID => {
- if self.extended && !option.data.is_empty(){
- js.set_string_from_bytes("vendor_class_identifier",
- &option.data)?;
- }
+ }
+ DHCP_OPT_VENDOR_CLASS_ID => {
+ if self.extended && !option.data.is_empty() {
+ js.set_string_from_bytes("vendor_class_identifier", &option.data)?;
}
- _ => {}
}
- }
+ _ => {}
+ },
_ => {}
}
}
-
+
js.close()?;
return Ok(());
DHCP_TYPE_NAK => "nak",
DHCP_TYPE_RELEASE => "release",
DHCP_TYPE_INFORM => "inform",
- _ => "unknown"
+ _ => "unknown",
};
js.set_string("dhcp_type", dhcp_type)?;
}
Ok(())
}
- fn log_opt_parameters(&self, js: &mut JsonBuilder, option: &DHCPOptGeneric) -> Result<(), JsonError> {
+ fn log_opt_parameters(
+ &self, js: &mut JsonBuilder, option: &DHCPOptGeneric,
+ ) -> Result<(), JsonError> {
js.open_array("params")?;
for i in &option.data {
let param = match *i {
DHCP_PARAM_NTP_SERVER => "ntp_server",
DHCP_PARAM_TFTP_SERVER_NAME => "tftp_server_name",
DHCP_PARAM_TFTP_SERVER_IP => "tftp_server_ip",
- _ => ""
+ _ => "",
};
if !param.is_empty() {
js.append_string(param)?;
js.close()?;
Ok(())
}
-
- fn log_opt_dns_server(&self, js: &mut JsonBuilder, option: &DHCPOptGeneric) -> Result<(), JsonError> {
+
+ fn log_opt_dns_server(
+ &self, js: &mut JsonBuilder, option: &DHCPOptGeneric,
+ ) -> Result<(), JsonError> {
js.open_array("dns_servers")?;
for i in 0..(option.data.len() / 4) {
let val = dns_print_addr(&option.data[(i * 4)..(i * 4) + 4]);
js.close()?;
Ok(())
}
-
- fn log_opt_routers(&self, js: &mut JsonBuilder, option: &DHCPOptGeneric) -> Result<(), JsonError> {
+
+ fn log_opt_routers(
+ &self, js: &mut JsonBuilder, option: &DHCPOptGeneric,
+ ) -> Result<(), JsonError> {
js.open_array("routers")?;
for i in 0..(option.data.len() / 4) {
let val = dns_print_addr(&option.data[(i * 4)..(i * 4) + 4]);
js.close()?;
Ok(())
}
-
}
fn format_addr_hex(input: &[u8]) -> String {
- let parts: Vec<String> = input.iter()
- .map(|b| format!("{:02x}", b))
- .collect();
+ let parts: Vec<String> = input.iter().map(|b| format!("{:02x}", b)).collect();
return parts.join(":");
}
}
#[no_mangle]
-pub unsafe extern "C" fn SCDhcpLoggerLog(logger: *mut std::os::raw::c_void,
- tx: *mut std::os::raw::c_void,
- js: &mut JsonBuilder) -> bool {
+pub unsafe extern "C" fn SCDhcpLoggerLog(
+ logger: *mut std::os::raw::c_void, tx: *mut std::os::raw::c_void, js: &mut JsonBuilder,
+) -> bool {
let logger = cast_pointer!(logger, DHCPLogger);
let tx = cast_pointer!(tx, DHCPTransaction);
logger.log(tx, js).is_ok()
}
#[no_mangle]
-pub unsafe extern "C" fn SCDhcpLoggerDoLog(logger: *mut std::os::raw::c_void,
- tx: *mut std::os::raw::c_void)
- -> bool {
+pub unsafe extern "C" fn SCDhcpLoggerDoLog(
+ logger: *mut std::os::raw::c_void, tx: *mut std::os::raw::c_void,
+) -> bool {
let logger = cast_pointer!(logger, DHCPLogger);
let tx = cast_pointer!(tx, DHCPTransaction);
logger.do_log(tx)
projects / thirdparty / suricata.git / commitdiff
