Squashed commit of the following:
commit
7727770ef9e075cb537853274ee559995b2213ad
Author: russ <rucombs@cisco.com>
Date: Mon Jun 29 18:09:55 2020 -0400
inspectors: add a virtual disable method for controls
In some cases, a complex configuration may include unnecessary control
inspectors. The disable method allows them to tell the framework to not
call them at runtime. This does not apply to non-control inspectors.
The best approach is not configure unnecessary inspection in the first
place.
// access external dependencies here
// return verification status
virtual bool configure(SnortConfig*) { return true; }
+
+ // called on controls after everything is configured
+ // return true if there is nothing to do ever based on config
+ virtual bool disable(SnortConfig*) { return false; }
+
virtual void show(const SnortConfig*) const { }
// Specific to Binders to notify them of an inspector being removed from the policy
else if ( sc->log_verbose() )
InspectorManager::print_config(sc);
+ InspectorManager::prepare_controls(sc);
+
// Must be after InspectorManager::configure()
FileService::post_init(sc);
return nullptr;
}
+ InspectorManager::prepare_controls(sc);
+
FileService::verify_reload(sc);
if ( get_reload_errors() )
{
return nullptr;
}
+ InspectorManager::prepare_controls(sc);
+
other_conf->cloned = true;
InspectorManager::update_policy(sc);
reloading = false;
return nullptr;
}
+ InspectorManager::prepare_controls(sc);
+
other_conf->cloned = true;
InspectorManager::update_policy(sc);
reloading = false;
return ok;
}
+// remove any disabled controls while retaining order
+void InspectorManager::prepare_controls(SnortConfig* sc)
+{
+ InspectionPolicy* pi = get_default_inspection_policy(sc);
+ assert(pi);
+
+ FrameworkPolicy* fp = pi->framework_policy;
+ assert(fp);
+
+ unsigned c = 0;
+
+ for ( unsigned i = 0; i < fp->control.num; ++i )
+ {
+ if ( !fp->control.vec[i]->handler->disable(sc) )
+ fp->control.vec[c++] = fp->control.vec[i];
+ }
+ fp->control.num = c;
+}
+
void InspectorManager::print_config(SnortConfig* sc)
{
const auto shell_number = sc->policy_map->shells_count();
SO_PUBLIC static void release(Inspector*);
static bool configure(SnortConfig*, bool cloned = false);
+ static void prepare_controls(SnortConfig*);
static void print_config(SnortConfig*);
static void thread_init(const SnortConfig*);
projects / thirdparty / snort3.git / commitdiff
