From: Steve Chew (stechew) Date: Tue, 23 Feb 2021 15:49:02 +0000 (+0000) Subject: Merge pull request #2738 in SNORT/snort3 from ~DERAMADA/snort3:reputation_cleanup... X-Git-Tag: 3.1.2.0~32 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=1fd68a28661a4843c8380c7f380fb19ced485a0e;p=thirdparty%2Fsnort3.git Merge pull request #2738 in SNORT/snort3 from ~DERAMADA/snort3:reputation_cleanup to master Squashed commit of the following: commit 82c01b1afb0e625f836a7ae09ae0df5098024aff Author: Deepak Ramadass Date: Wed Feb 10 11:21:08 2021 -0500 reputation: remove redundant terms --- diff --git a/src/network_inspectors/reputation/reputation_module.cc b/src/network_inspectors/reputation/reputation_module.cc index ba0693d27..44a3e4a3d 100644 --- a/src/network_inspectors/reputation/reputation_module.cc +++ b/src/network_inspectors/reputation/reputation_module.cc @@ -54,9 +54,6 @@ static const Parameter s_params[] = { "blocklist", Parameter::PT_STRING, nullptr, nullptr, "blocklist file name with IP lists" }, - { "blacklist", Parameter::PT_STRING, nullptr, nullptr, - "blacklist file name with IP lists" }, - { "list_dir", Parameter::PT_STRING, nullptr, nullptr, "directory for IP lists and manifest file" }, @@ -66,24 +63,18 @@ static const Parameter s_params[] = { "nested_ip", Parameter::PT_ENUM, "inner|outer|all", "inner", "IP to use when there is IP encapsulation" }, - { "priority", Parameter::PT_ENUM, "blocklist|allowlist|blacklist|whitelist", "allowlist", + { "priority", Parameter::PT_ENUM, "blocklist|allowlist", "allowlist", "defines priority when there is a decision conflict during run-time" }, { "scan_local", Parameter::PT_BOOL, nullptr, "false", "inspect local address defined in RFC 1918" }, - { "allow", Parameter::PT_ENUM, "do_not_block|trust|unblack", "do_not_block", + { "allow", Parameter::PT_ENUM, "do_not_block|trust", "do_not_block", "specify the meaning of allowlist" }, - { "white", Parameter::PT_ENUM, "do_not_block|trust|unblack", "do_not_block", - "specify the meaning of whitelist" }, - { "allowlist", Parameter::PT_STRING, nullptr, nullptr, "allowlist file name with IP lists" }, - { "whitelist", Parameter::PT_STRING, nullptr, nullptr, - "whitelist file name with IP lists" }, - { nullptr, Parameter::PT_MAX, nullptr, nullptr, nullptr } }; @@ -129,7 +120,7 @@ ProfileStats* ReputationModule::get_profile() const bool ReputationModule::set(const char*, Value& v, SnortConfig*) { - if ( v.is("blocklist") or v.is("blacklist") ) + if ( v.is("blocklist") ) conf->blocklist_path = v.get_string(); else if ( v.is("list_dir") ) @@ -142,34 +133,15 @@ bool ReputationModule::set(const char*, Value& v, SnortConfig*) conf->nested_ip = (NestedIP)v.get_uint8(); else if ( v.is("priority") ) - { - int priority = v.get_uint8() + 1; - - if (priority == 3) // blacklist - priority = 1; - - else if (priority == 4) // whitelist - priority = 2; - - conf->priority = (IPdecision)(priority); - - } + conf->priority = (IPdecision)(v.get_uint8() + 1); else if ( v.is("scan_local") ) conf->scanlocal = v.get_bool(); - else if ( v.is("allow") or v.is("white") ) - { - int action = v.get_uint8(); - - if ( action == 2 ) // unblack - action = 0; - - conf->allow_action = (AllowAction)action; - - } + else if ( v.is("allow") ) + conf->allow_action = (AllowAction)v.get_uint8(); - else if ( v.is("allowlist") or v.is("whitelist") ) + else if ( v.is("allowlist") ) conf->allowlist_path = v.get_string(); else diff --git a/src/network_inspectors/reputation/reputation_parse.cc b/src/network_inspectors/reputation/reputation_parse.cc index 952b3fa23..7128c77ed 100644 --- a/src/network_inspectors/reputation/reputation_parse.cc +++ b/src/network_inspectors/reputation/reputation_parse.cc @@ -57,7 +57,10 @@ static char block_info[] = "blocklist"; static char allow_info[] = "allowlist"; static char monitor_info[] = "monitorlist"; -#define ALLOW_TYPE_KEYWORD "allow" +// Support backward compatibility +#define WHITE_TYPE_KEYWORD "white" + +#define TRUST_TYPE_KEYWORD "trust" #define BLOCK_TYPE_KEYWORD "block" #define MONITOR_TYPE_KEYWORD "monitor" @@ -786,10 +789,15 @@ static int get_file_type(char* type_name) type_name = ignore_start_space(type_name); - if (strncasecmp(type_name, ALLOW_TYPE_KEYWORD, strlen(ALLOW_TYPE_KEYWORD)) == 0) + if (strncasecmp(type_name, TRUST_TYPE_KEYWORD, strlen(TRUST_TYPE_KEYWORD)) == 0) + { + type = ALLOW_LIST; + type_name += strlen(TRUST_TYPE_KEYWORD); + } + else if (strncasecmp(type_name, WHITE_TYPE_KEYWORD, strlen(WHITE_TYPE_KEYWORD)) == 0) { type = ALLOW_LIST; - type_name += strlen(ALLOW_TYPE_KEYWORD); + type_name += strlen(WHITE_TYPE_KEYWORD); } else if (strncasecmp(type_name, BLOCK_TYPE_KEYWORD, strlen(BLOCK_TYPE_KEYWORD)) == 0) { @@ -868,8 +876,8 @@ static bool process_line_in_manifest(ListFile* list_item, const char* manifest, if (UNKNOWN_LIST == list_item->file_type) { ErrorMessage(" %s(%d) => Unknown action specified (%s)." - " Please specify a value: %s | %s | %s.\n", manifest, line_number, token, - ALLOW_TYPE_KEYWORD, BLOCK_TYPE_KEYWORD, MONITOR_TYPE_KEYWORD); + " Please specify a value: %s | %s | %s | %s.\n", manifest, line_number, token, + WHITE_TYPE_KEYWORD, TRUST_TYPE_KEYWORD, BLOCK_TYPE_KEYWORD, MONITOR_TYPE_KEYWORD); return false; } break;