#endif
-static void load_config(lua_State* L, const char* file, const char* tweaks)
+static bool load_config(lua_State* L, const char* file, const char* tweaks, bool is_fatal)
{
Lua::ManageStack ms(L);
-
if ( luaL_loadfile(L, file) )
- FatalError("can't load %s: %s\n", file, lua_tostring(L, -1));
-
+ {
+ if (is_fatal)
+ FatalError("can't load %s: %s\n", file, lua_tostring(L, -1));
+ else
+ {
+ ParseError("can't load %s: %s\n", file, lua_tostring(L, -1));
+ return false;
+ }
+ }
if ( tweaks and *tweaks )
{
lua_pushstring(L, tweaks);
if ( lua_pcall(L, 0, 0, 0) )
FatalError("can't init %s: %s\n", file, lua_tostring(L, -1));
+
+ return true;
}
static void load_overrides(lua_State* L, string& s)
}
}
-static void config_lua(
- lua_State* L, const char* file, string& s, const char* tweaks)
+static bool config_lua(
+ lua_State* L, const char* file, string& s, const char* tweaks, bool is_fatal)
{
if ( file && *file )
- load_config(L, file, tweaks);
+ if (!load_config(L, file, tweaks, is_fatal))
+ return false;
if ( !s.empty() )
load_overrides(L, s);
run_config(L, "_G");
+
+ return true;
}
//-------------------------------------------------------------------------
overrides += sh->overrides;
}
-void Shell::configure(SnortConfig* sc)
+bool Shell::configure(SnortConfig* sc, bool is_fatal)
{
assert(file.size());
ModuleManager::set_config(sc);
}
const char* base_name = push_relative_path(file.c_str());
- config_lua(lua, base_name, overrides, sc->tweaks.c_str());
+ if(! config_lua(lua, base_name, overrides, sc->tweaks.c_str(), is_fatal))
+ return false;
set_default_policy(sc);
ModuleManager::set_config(nullptr);
loaded = true;
pop_relative_path();
+ return true;
}
void Shell::install(const char* name, const luaL_Reg* reg)
void set_overrides(const char*);
void set_overrides(Shell*);
- void configure(snort::SnortConfig*);
+ bool configure(snort::SnortConfig*, bool is_fatal = true);
void install(const char*, const struct luaL_Reg*);
void execute(const char*, std::string&);
if ( !Piglet::piglet_mode() )
#endif
if ( !SnortConfig::get_conf()->output.empty() )
- EventManager::instantiate(SnortConfig::get_conf()->output.c_str(), SnortConfig::get_conf());
+ EventManager::instantiate(SnortConfig::get_conf()->output.c_str(),
+ SnortConfig::get_conf());
if (SnortConfig::alert_before_pass())
{
Trough::setup();
// FIXIT-L refactor stuff done here and in snort_config.cc::VerifyReload()
- if ( SnortConfig::get_conf()->bpf_filter.empty() && !SnortConfig::get_conf()->bpf_file.empty() )
- SnortConfig::get_conf()->bpf_filter = read_infile("bpf_file", SnortConfig::get_conf()->bpf_file.c_str());
+ if ( SnortConfig::get_conf()->bpf_filter.empty() &&
+ !SnortConfig::get_conf()->bpf_file.empty() )
+ SnortConfig::get_conf()->bpf_filter = read_infile("bpf_file",
+ SnortConfig::get_conf()->bpf_file.c_str());
if ( !SnortConfig::get_conf()->bpf_filter.empty() )
LogMessage("Snort BPF option: %s\n", SnortConfig::get_conf()->bpf_filter.c_str());
trim_heap();
parser_init();
- SnortConfig* sc = ParseSnortConf(snort_cmd_line_conf, fname);
+ SnortConfig* sc = ParseSnortConf(snort_cmd_line_conf, fname, false);
sc->merge(snort_cmd_line_conf);
- if ( ModuleManager::get_errors() || !sc->verify() )
+ if ( get_parse_errors() || ModuleManager::get_errors() || !sc->verify() )
{
parser_term(sc);
delete sc;
// Find all up interfaces and define iface_ADDRESS vars for them
static void DefineAllIfaceVars(SnortConfig* sc)
{
-
// FIXIT-L don't come back here on reload unless we are going to find
// new ifaces. Cache retrieved devs so if user is running with dropped
- // privs and does a reload, we can use previous values
+ // privs and does a reload, we can use previous values
static int num_vars = 0;
// should be more than enough to cover the number of interfaces on a machine
LogMessage("%s\n", buf);
}
-static void parse_file(SnortConfig* sc, Shell* sh)
+static bool parse_file(SnortConfig* sc, Shell* sh, bool is_fatal)
{
const char* fname = sh->get_file();
if ( !fname || !*fname )
- return;
+ return false;
push_parse_location(fname, 0);
- sh->configure(sc);
+ bool success = sh->configure(sc, is_fatal);
pop_parse_location();
+ return success;
}
//-------------------------------------------------------------------------
sc->free_rule_state_list();
}
-SnortConfig* ParseSnortConf(const SnortConfig* boot_conf, const char* fname)
+SnortConfig* ParseSnortConf(const SnortConfig* boot_conf, const char* fname, bool is_fatal)
{
SnortConfig* sc = new SnortConfig(SnortConfig::get_conf()->proto_ref);
break;
set_policies(sc, sh);
- parse_file(sc, sh);
+
+ if (!parse_file(sc, sh, is_fatal))
+ return sc;
}
+
set_default_policy(sc);
return sc;
}
if ( remove && rtn )
{
- RuleTreeNodeKey key{ rtn, policyId };
+ RuleTreeNodeKey key { rtn, policyId };
if ( sc && sc->rtn_hash_table )
xhash_remove(sc->rtn_hash_table, &key);
}
return deleteRtnFromOtn(otn, get_ips_policy()->policy_id, sc);
}
-static uint32_t rtn_hash_func(HashFnc*, const unsigned char *k, int)
+static uint32_t rtn_hash_func(HashFnc*, const unsigned char* k, int)
{
uint32_t a,b,c;
const RuleTreeNodeKey* rtnk = (const RuleTreeNodeKey*)k;
return c;
}
-static int rtn_compare_func(const void *k1, const void *k2, size_t)
+static int rtn_compare_func(const void* k1, const void* k2, size_t)
{
const RuleTreeNodeKey* rtnk1 = (const RuleTreeNodeKey*)k1;
const RuleTreeNodeKey* rtnk2 = (const RuleTreeNodeKey*)k2;
if (same_headers(rtnk1->rtn, rtnk2->rtn))
return 0;
-
+
return 1;
}
return 0; //success
}
-int addRtnToOtn(SnortConfig*sc, OptTreeNode* otn, RuleTreeNode* rtn)
+int addRtnToOtn(SnortConfig* sc, OptTreeNode* otn, RuleTreeNode* rtn)
{
return addRtnToOtn(sc, otn, rtn, get_ips_policy()->policy_id);
}
void pop_parse_location();
void inc_parse_position();
-snort::SnortConfig* ParseSnortConf(const snort::SnortConfig*, const char* fname = nullptr);
+snort::SnortConfig* ParseSnortConf(const snort::SnortConfig*, const char* fname = nullptr,
+ bool is_fatal = true);
void ParseRules(snort::SnortConfig*);
void OrderRuleLists(snort::SnortConfig*, const char*);
projects / thirdparty / snort3.git / commitdiff
