{ "blocklist", Parameter::PT_STRING, nullptr, nullptr,
"blocklist file name with IP lists" },
+ { "blacklist", Parameter::PT_STRING, nullptr, nullptr,
+ "blacklist file name with IP lists" },
+
{ "list_dir", Parameter::PT_STRING, nullptr, nullptr,
"directory for IP lists and manifest file" },
{ "nested_ip", Parameter::PT_ENUM, "inner|outer|all", "inner",
"IP to use when there is IP encapsulation" },
- { "priority", Parameter::PT_ENUM, "blocklist|allowlist", "allowlist",
+ { "priority", Parameter::PT_ENUM, "blocklist|allowlist|blacklist|whitelist", "allowlist",
"defines priority when there is a decision conflict during run-time" },
{ "scan_local", Parameter::PT_BOOL, nullptr, "false",
"inspect local address defined in RFC 1918" },
- { "allow", Parameter::PT_ENUM, "do_not_block|trust", "do_not_block",
+ { "allow", Parameter::PT_ENUM, "do_not_block|trust|unblack", "do_not_block",
"specify the meaning of allowlist" },
+ { "white", Parameter::PT_ENUM, "do_not_block|trust|unblack", "do_not_block",
+ "specify the meaning of whitelist" },
+
{ "allowlist", Parameter::PT_STRING, nullptr, nullptr,
"allowlist file name with IP lists" },
+ { "whitelist", Parameter::PT_STRING, nullptr, nullptr,
+ "whitelist file name with IP lists" },
+
{ nullptr, Parameter::PT_MAX, nullptr, nullptr, nullptr }
};
bool ReputationModule::set(const char*, Value& v, SnortConfig*)
{
- if ( v.is("blocklist") )
+ if ( v.is("blocklist") or v.is("blacklist") )
conf->blocklist_path = v.get_string();
else if ( v.is("list_dir") )
conf->nested_ip = (NestedIP)v.get_uint8();
else if ( v.is("priority") )
- conf->priority = (IPdecision)(v.get_uint8() + 1);
+ {
+ int priority = v.get_uint8() + 1;
+
+ if (priority == 3) // blacklist
+ priority = 1;
+
+ else if (priority == 4) // whitelist
+ priority = 2;
+
+ conf->priority = (IPdecision)(priority);
+
+ }
else if ( v.is("scan_local") )
conf->scanlocal = v.get_bool();
- else if ( v.is("allow") )
- conf->allow_action = (AllowAction)v.get_uint8();
+ else if ( v.is("allow") or v.is("white") )
+ {
+ int action = v.get_uint8();
+
+ if ( action == 2 ) // unblack
+ action = 0;
+
+ conf->allow_action = (AllowAction)action;
+
+ }
- else if ( v.is("allowlist") )
+ else if ( v.is("allowlist") or v.is("whitelist") )
conf->allowlist_path = v.get_string();
else
static char allow_info[] = "allowlist";
static char monitor_info[] = "monitorlist";
-#define TRUST_TYPE_KEYWORD "trust"
+#define ALLOW_TYPE_KEYWORD "allow"
#define BLOCK_TYPE_KEYWORD "block"
#define MONITOR_TYPE_KEYWORD "monitor"
type_name = ignore_start_space(type_name);
- if (strncasecmp(type_name, TRUST_TYPE_KEYWORD, strlen(TRUST_TYPE_KEYWORD)) == 0)
+ if (strncasecmp(type_name, ALLOW_TYPE_KEYWORD, strlen(ALLOW_TYPE_KEYWORD)) == 0)
{
type = ALLOW_LIST;
- type_name += strlen(TRUST_TYPE_KEYWORD);
+ type_name += strlen(ALLOW_TYPE_KEYWORD);
}
else if (strncasecmp(type_name, BLOCK_TYPE_KEYWORD, strlen(BLOCK_TYPE_KEYWORD)) == 0)
{
{
ErrorMessage(" %s(%d) => Unknown action specified (%s)."
" Please specify a value: %s | %s | %s.\n", manifest, line_number, token,
- TRUST_TYPE_KEYWORD, BLOCK_TYPE_KEYWORD, MONITOR_TYPE_KEYWORD);
+ ALLOW_TYPE_KEYWORD, BLOCK_TYPE_KEYWORD, MONITOR_TYPE_KEYWORD);
return false;
}
break;
projects / thirdparty / snort3.git / commitdiff
