Pull request #3857: main: Allow network IDs to use up to 32 bits.

Merge in SNORT/snort3 from ~STECHEW/snort3:network_id_update to master

Squashed commit of the following:

commit f349d2e213663779010377679bf07b9062d89f0a
Author: Steve Chew <stechew@cisco.com>
Date:   Fri May 19 18:00:48 2023 -0400

    main: Allow network IDs to use up to 32 bits.

diff --git a/src/main/network_module.cc b/src/main/network_module.cc
index 39994351a166929970058a68b204d68e153f7fd0..8c759b7b4f9f76ed7aadb376a57adac7c9f4026d 100644 (file)
--- a/src/main/network_module.cc
+++ b/src/main/network_module.cc
@@ -43,7 +43,7 @@ static const Parameter network_params[] =
       "all | ip | noip | tcp | notcp | udp | noudp | icmp | noicmp | none", "all",
       "checksums to verify" },
 
-    { "id", Parameter::PT_INT, "0:65535", "0",
+    { "id", Parameter::PT_INT, "0:max32", "0",
       "correlate unified2 events with configuration" },
 
     { "min_ttl", Parameter::PT_INT, "1:255", "1",
@@ -78,7 +78,7 @@ static int network_set_policy(lua_State* L)
 
 const Parameter network_set_policy_params[] =
 {
-    {"id", Parameter::PT_INT, "0:65535", 0, "user network policy id"},
+    {"id", Parameter::PT_INT, "0:max32", 0, "user network policy id"},
     {nullptr, Parameter::PT_MAX, nullptr, nullptr, nullptr}
 };
 
@@ -106,7 +106,7 @@ bool NetworkModule::set(const char*, Value& v, SnortConfig* sc)
         ConfigChecksumMode(v.get_string());
 
     else if ( v.is("id") )
-        p->user_policy_id = v.get_uint16();
+        p->user_policy_id = v.get_uint32();
 
     else if ( v.is("min_ttl") )
         p->min_ttl = v.get_uint8();

diff --git a/src/main/policy.h b/src/main/policy.h
index 1e98202b173acb8ba2608487a2adf2b3276dac31..996664910abf6154244d2acd1a6590926b00ba32 100644 (file)
--- a/src/main/policy.h
+++ b/src/main/policy.h
@@ -56,7 +56,7 @@ struct PortTable;
 struct vartable_t;
 struct sfip_var_t;
 
-#define UNDEFINED_USER_POLICY_ID 65536
+#define UNDEFINED_NETWORK_USER_POLICY_ID 0xffffffff
 
 typedef unsigned int PolicyId;
 typedef snort::GHash PortVarTable;

diff --git a/src/main/shell.cc b/src/main/shell.cc
index 6d6198c4910667bdb82d158bd4bd9b3d3a0deead..d0991a72fefb597049892a011a869e383e137179 100644 (file)
--- a/src/main/shell.cc
+++ b/src/main/shell.cc
@@ -664,7 +664,7 @@ void Shell::set_network_policy_user_id(lua_State* L, uint32_t user_id)
 
 void Shell::set_user_network_policy()
 {
-    if (UNDEFINED_USER_POLICY_ID > network_user_policy_id)
+    if (UNDEFINED_NETWORK_USER_POLICY_ID > network_user_policy_id)
     {
         NetworkPolicy* np =
             SnortConfig::get_conf()->policy_map->get_user_network(network_user_policy_id);

diff --git a/src/main/shell.h b/src/main/shell.h
index 29097787585077cdf1dd4ae8696b624df5990b3a..a6a2dffef51d9774b3e8d3398875dee57dea4d68 100644 (file)
--- a/src/main/shell.h
+++ b/src/main/shell.h
@@ -143,7 +143,7 @@ private:
     Allowlist internal_allowlist;
     Allowlist allowlist_prefixes;
     ConfigData config_data;
-    uint32_t network_user_policy_id = UNDEFINED_USER_POLICY_ID;
+    uint32_t network_user_policy_id = UNDEFINED_NETWORK_USER_POLICY_ID;
     bool load_defaults;
 };