#include "messages.h"
-#include <syslog.h>
-
#include <cassert>
#include <cstdarg>
+#include <string.h>
+#include <syslog.h>
#include "main/snort_config.h"
#include "parser/parser.h"
assert(false);
}
-bool ConfigLogger::log_flag(const char* caption, bool flag)
+#define CAPTION "%*s: "
+#define SUB_CAPTION "%*s = "
+
+void ConfigLogger::log_option(const char* caption)
+{
+ LogMessage("%*s:\n", indention, caption);
+}
+
+bool ConfigLogger::log_flag(const char* caption, bool flag, bool subopt)
{
- LogMessage("%25.25s: %s\n", caption, flag ? "enabled" : "disabled");
+ auto fmt = subopt ? SUB_CAPTION "%s\n" : CAPTION "%s\n";
+ auto ind = subopt ? indention + strlen(caption) + 2 : indention;
+
+ LogMessage(fmt, ind, caption, flag ? "enabled" : "disabled");
return flag;
}
-void ConfigLogger::log_limit(const char* caption, int val, int unlim, int disable)
+void ConfigLogger::log_limit(const char* caption, int val, int unlim, int disable, bool subopt)
{
+ auto fmt = subopt ? SUB_CAPTION "%d%s\n" : CAPTION "%d%s\n";
+ auto ind = subopt ? indention + strlen(caption) + 2 : indention;
+
if ( val == disable )
- LogMessage("%25.25s: %d (disabled)\n", caption, val);
+ LogMessage(fmt, ind, caption, val, " (disabled)");
else if ( val == unlim )
- LogMessage("%25.25s: %d (unlimited)\n", caption, val);
+ LogMessage(fmt, ind, caption, val, " (unlimited)");
else
- LogMessage("%25.25s: %d\n", caption, val);
+ LogMessage(fmt, ind, caption, val, "");
}
-void ConfigLogger::log_limit(const char* caption, int val, int unlim)
+void ConfigLogger::log_limit(const char* caption, int val, int unlim, bool subopt)
{
+ auto fmt = subopt ? SUB_CAPTION "%d%s\n" : CAPTION "%d%s\n";
+ auto ind = subopt ? indention + strlen(caption) + 2 : indention;
+
if ( val == unlim )
- LogMessage("%25.25s: %d (unlimited)\n", caption, val);
+ LogMessage(fmt, ind, caption, val, " (unlimited)");
else
- LogMessage("%25.25s: %d\n", caption, val);
+ LogMessage(fmt, ind, caption, val, "");
}
-void ConfigLogger::log_limit(const char* caption, int64_t val, int64_t unlim)
+void ConfigLogger::log_limit(const char* caption, int64_t val, int64_t unlim, bool subopt)
{
+ auto fmt = subopt ? SUB_CAPTION "%" PRId64 "%s\n" : CAPTION "%" PRId64 "%s\n";
+ auto ind = subopt ? indention + strlen(caption) + 2 : indention;
+
if ( val == unlim )
- LogMessage("%25.25s: %" PRId64 " (unlimited)\n", caption, val);
+ LogMessage(fmt, ind, caption, val, " (unlimited)");
else
- LogMessage("%25.25s: %" PRId64 "\n", caption, val);
+ LogMessage(fmt, ind, caption, val, "");
}
-void ConfigLogger::log_value(const char* caption, int32_t n)
+void ConfigLogger::log_value(const char* caption, int n, const char* descr, bool subopt)
{
- LogMessage("%25.25s: %" PRId32 "\n", caption, n);
+ auto fmt = subopt ? SUB_CAPTION "%" PRId32 " (%s)\n" : CAPTION "%" PRId32 " (%s)\n";
+ auto ind = subopt ? indention + strlen(caption) + 2 : indention;
+
+ LogMessage(fmt, ind, caption, n, descr);
}
-void ConfigLogger::log_value(const char* caption, uint32_t n)
+void ConfigLogger::log_value(const char* caption, int32_t n, bool subopt)
{
- LogMessage("%25.25s: %" PRIu32 "\n", caption, n);
+ auto fmt = subopt ? SUB_CAPTION "%" PRId32 "\n" : CAPTION "%" PRId32 "\n";
+ auto ind = subopt ? indention + strlen(caption) + 2 : indention;
+
+ LogMessage(fmt, ind, caption, n);
}
-void ConfigLogger::log_value(const char* caption, int64_t n)
+void ConfigLogger::log_value(const char* caption, uint32_t n, bool subopt)
{
- LogMessage("%25.25s: %" PRId64 "\n", caption, n);
+ auto fmt = subopt ? SUB_CAPTION "%" PRIu32 "\n" : CAPTION "%" PRIu32 "\n";
+ auto ind = subopt ? indention + strlen(caption) + 2 : indention;
+
+ LogMessage(fmt, ind, caption, n);
}
-void ConfigLogger::log_value(const char* caption, uint64_t n)
+void ConfigLogger::log_value(const char* caption, int64_t n, bool subopt)
{
- LogMessage("%25.25s: %" PRIu64 "\n", caption, n);
+ auto fmt = subopt ? SUB_CAPTION "%" PRId64 "\n" : CAPTION "%" PRId64 "\n";
+ auto ind = subopt ? indention + strlen(caption) + 2 : indention;
+
+ LogMessage(fmt, ind, caption, n);
}
-void ConfigLogger::log_value(const char* caption, const char* str)
+void ConfigLogger::log_value(const char* caption, uint64_t n, bool subopt)
{
- if ( str and str[0] )
- LogMessage("%25.25s: %s\n", caption, str);
+ auto fmt = subopt ? SUB_CAPTION "%" PRIu64 "\n" : CAPTION "%" PRIu64 "\n";
+ auto ind = subopt ? indention + strlen(caption) + 2 : indention;
+
+ LogMessage(fmt, ind, caption, n);
}
-void ConfigLogger::log_list(const char* caption, const char* list)
+void ConfigLogger::log_value(const char* caption, double n, bool subopt)
{
- std::string res;
- std::stringstream ss;
- const std::string offset(26,' ');
+ auto fmt = subopt ? SUB_CAPTION "%lf\n" : CAPTION "%lf\n";
+ auto ind = subopt ? indention + strlen(caption) + 2 : indention;
+
+ LogMessage(fmt, ind, caption, n);
+}
+
+void ConfigLogger::log_value(const char* caption, const char* str, bool subopt)
+{
+ if ( !str or !str[0] )
+ return;
- size_t len = 0;
+ auto fmt = subopt ? SUB_CAPTION "%s\n" : CAPTION "%s\n";
+ auto ind = subopt ? indention + strlen(caption) + 2 : indention;
+
+ LogMessage(fmt, ind, caption, str);
+}
+
+void ConfigLogger::log_list(const char* caption, const char* list, const char* prefix, bool subopt)
+{
+ if ( !list or !list[0] )
+ return;
+
+ auto delim_symbol = subopt ? "=" : ":";
+ auto ind = subopt ? indention + strlen(caption) + 2 : indention;
+
+ const char* const delim = (caption and caption[0]) ? delim_symbol : " ";
+ const char* const head_fmt = "%*s%s%.0s%s\n";
+ const char* const tail_fmt = "%*.0s%.0s%s%s\n";
+ const char* fmt = head_fmt;
+
+ std::stringstream ss(list);
+ std::string res;
std::string val;
- ss << list;
while (ss >> val)
{
- if ( len + val.length() > max_line_len )
+ if ( res.length() + val.length() > max_line_len )
{
- res += '\n' + offset;
- len = 0;
+ LogMessage(fmt, ind, caption, delim, prefix, res.c_str());
+ fmt = tail_fmt;
+ res.clear();
}
res += ' ' + val;
- len += val.length() + 1;
}
- LogMessage("%25.25s:%s\n", caption, res.c_str());
+ LogMessage(fmt, ind, caption, delim, prefix, res.c_str());
}
} //namespace snort
{
public:
ConfigLogger() = delete;
- static bool log_flag(const char* caption, bool flag);
- static void log_limit(const char* caption, int val, int unlim);
- static void log_limit(const char* caption, int val, int unlim, int disable);
- static void log_limit(const char* caption, int64_t val, int64_t unlim);
- static void log_value(const char* caption, int32_t n);
- static void log_value(const char* caption, uint32_t n);
- static void log_value(const char* caption, int64_t n);
- static void log_value(const char* caption, uint64_t n);
- static void log_value(const char* caption, const char* str);
- static void log_list(const char* caption, const char* list);
+ static void log_option(const char* caption);
+ static bool log_flag(const char* caption, bool flag, bool subopt = false);
+ static void log_limit(const char* caption, int val, int unlim, bool subopt = false);
+ static void log_limit(const char* caption, int val, int unlim, int disable, bool subopt = false);
+ static void log_limit(const char* caption, int64_t val, int64_t unlim, bool subopt = false);
+ static void log_value(const char* caption, int n, const char* descr, bool subopt = false);
+ static void log_value(const char* caption, int32_t n, bool subopt = false);
+ static void log_value(const char* caption, uint32_t n, bool subopt = false);
+ static void log_value(const char* caption, int64_t n, bool subopt = false);
+ static void log_value(const char* caption, uint64_t n, bool subopt = false);
+ static void log_value(const char* caption, double n, bool subopt = false);
+ static void log_value(const char* caption, const char* str, bool subopt = false);
+ static void log_list(const char* caption, const char* list, const char* prefix = " ", bool subopt = false);
private:
- static constexpr size_t max_line_len = 75;
+ static constexpr int indention = 25;
+ static constexpr int max_line_len = 75;
};
// FIXIT-RC do not call FatalError() during runtime
#include "config.h"
#endif
+#include <iomanip>
+#include <sstream>
+
#include "flow/flow.h"
#include "flow/flow_key.h"
#include "framework/data_bus.h"
return InspectorManager::get_inspector_by_service(s);
}
+static std::string to_string(const sfip_var_t* list)
+{
+ std::string ipset;
+
+ if ( !list or !list->head )
+ return "";
+
+ for (auto node = list->head; node; node = node->next)
+ {
+ SfIpString ip_str;
+ auto ip = node->ip;
+
+ ip->get_addr()->ntop(ip_str);
+ ipset += std::string(ip_str);
+
+ if ( ((ip->get_family() == AF_INET6) and (ip->get_bits() != 128)) or
+ ((ip->get_family() == AF_INET ) and (ip->get_bits() != 32 )) )
+ {
+ auto bits = ip->get_bits();
+ bits -= (ip->get_family() == AF_INET and bits) ? 96 : 0;
+ ipset += "/" + std::to_string(bits);
+ }
+
+ ipset += ", ";
+ }
+
+ if ( !ipset.empty() )
+ ipset.erase(ipset.end() - 2, ipset.end());
+
+ return ipset;
+}
+
+template <unsigned N>
+static std::string to_string(const std::bitset<N>& bitset)
+{
+ std::stringstream ss;
+
+ if ( bitset.none() or bitset.all() )
+ return "";
+
+ for (unsigned i = 0; i < bitset.size(); ++i)
+ if ( bitset[i] )
+ ss << i << " ";
+
+ auto str = ss.str();
+ if ( !str.empty() )
+ str.pop_back();
+
+ return str;
+}
+
+static std::string to_string(const BindWhen::Role& role)
+{
+ switch( role )
+ {
+ case BindWhen::BR_CLIENT:
+ return "client";
+ case BindWhen::BR_SERVER:
+ return "server";
+ default:
+ return "";
+ }
+}
+
+static std::string proto_to_string(unsigned proto)
+{
+ switch( proto )
+ {
+ case PROTO_BIT__IP:
+ return "ip";
+ case PROTO_BIT__ICMP:
+ return "icmp";
+ case PROTO_BIT__TCP:
+ return "tcp";
+ case PROTO_BIT__UDP:
+ return "udp";
+ case PROTO_BIT__PDU:
+ return "user";
+ case PROTO_BIT__FILE:
+ return "file";
+ default:
+ return "";
+ }
+}
+
+static std::string to_string(const BindUse::Action& action)
+{
+ switch( action )
+ {
+ case BindUse::BA_RESET:
+ return "reset";
+ case BindUse::BA_BLOCK:
+ return "block";
+ case BindUse::BA_ALLOW:
+ return "allow";
+ default:
+ return "";
+ }
+}
+
+static std::string to_string(const BindWhen& bw)
+{
+ std::string when;
+
+ when += "{";
+
+ if ( bw.ips_id_user )
+ when += " ips_policy_id = " + std::to_string(bw.ips_id_user) + ",";
+
+ if ( !bw.svc.empty() )
+ when += " service = " + bw.svc + ",";
+
+ auto role = to_string(bw.role);
+ if ( !role.empty() )
+ when += " role = " + role + ",";
+
+ auto proto = proto_to_string(bw.protos);
+ if ( !proto.empty() )
+ when += " proto = " + proto + ",";
+
+ auto src_nets = to_string(bw.src_nets);
+ auto dst_nets = to_string(bw.dst_nets);
+
+ if ( !src_nets.empty() )
+ when += (bw.split_nets ? " src_nets = " : " nets = ") + src_nets + ",";
+ if ( bw.split_nets and !dst_nets.empty() )
+ when += " dst_nets = " + dst_nets + ",";
+
+ auto src_ports = to_string<65536>(bw.src_ports);
+ auto dst_ports = to_string<65536>(bw.dst_ports);
+
+ if ( !src_ports.empty() )
+ when += (bw.split_ports ? " src_ports = " : " ports = ") + src_ports + ",";
+ if ( bw.split_ports and !dst_ports.empty() )
+ when += " dst_ports = " + dst_ports + ",";
+
+ auto src_zones = to_string<64>(bw.src_zones);
+ auto dst_zones = to_string<64>(bw.dst_zones);
+
+ if ( !src_zones.empty() )
+ when += (bw.split_zones ? " src_zones = " : " zones = ") + src_zones + ",";
+ if ( bw.split_zones and !dst_zones.empty() )
+ when += " dst_zones = " + dst_zones + ",";
+
+ auto ifaces = to_string<256>(bw.ifaces);
+ if ( !ifaces.empty() )
+ when += " ifaces = " + ifaces + ",";
+
+ auto vlans = to_string<4096>(bw.vlans);
+ if ( !vlans.empty() )
+ when += " vlans = " + vlans + ",";
+
+ if ( when.length() > 1 )
+ when.pop_back();
+
+ when += " }";
+
+ return when;
+}
+
+static std::string to_string(const BindUse& bu)
+{
+ std::string use;
+
+ use += "{";
+
+ auto action = to_string(bu.action);
+ if ( !action.empty() )
+ use += " action = " + action + ",";
+
+ if ( !bu.svc.empty() )
+ use += " service = " + bu.svc + ",";
+
+ if ( !bu.type.empty() )
+ use += " type = " + ((bu.type.at(0) == '.') ? bu.type.substr(1) : bu.type) + ",";
+
+ if ( !bu.name.empty() and (bu.type != bu.name) )
+ use += " name = " + bu.name + ",";
+
+ if ( use.length() > 1 )
+ use.pop_back();
+
+ use += " }";
+
+ return use;
+}
+
//-------------------------------------------------------------------------
// stuff stuff
//-------------------------------------------------------------------------
void remove_inspector_binding(SnortConfig*, const char*) override;
bool configure(SnortConfig*) override;
+ void show(SnortConfig*) override;
void eval(Packet*) override { }
return true;
}
+void Binder::show(SnortConfig*)
+{
+ std::once_flag once;
+
+ if ( !bindings.size() )
+ return;
+
+ for (auto& b : bindings)
+ {
+ auto when = b->when;
+ auto use = b->use;
+
+ std::call_once(once, []{ ConfigLogger::log_option("bindings"); });
+
+ auto bind_when = "{ when = " + to_string(when) + ",";
+ auto bind_use = "use = " + to_string(use) + " }";
+ ConfigLogger::log_list("", bind_when.c_str(), " ");
+ ConfigLogger::log_list("", bind_use.c_str(), " ", true);
+ }
+}
+
void Binder::remove_inspector_binding(SnortConfig*, const char* name)
{
vector<Binding*>::iterator it;
projects / thirdparty / snort3.git / commitdiff
