From: Shravan Rangarajuvenkata (shrarang) Date: Fri, 10 Jan 2020 15:43:06 +0000 (+0000) Subject: Merge pull request #1923 in SNORT/snort3 from ~SATHIRKA/snort3:static_host_cache_wild... X-Git-Tag: 3.0.0-268~62 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=654f240c8093fa1a3b72e10a90ff7b3f8102bc05;p=thirdparty%2Fsnort3.git Merge pull request #1923 in SNORT/snort3 from ~SATHIRKA/snort3:static_host_cache_wildcard to master Squashed commit of the following: commit be3ab6abccce12eb3bf39f71929778ed596527d1 Author: Sreeja Athirkandathil Narayanan Date: Tue Jan 7 11:21:36 2020 -0500 appid: Adding support for wildcard ports in static host port cache --- diff --git a/src/network_inspectors/appid/appid_discovery.cc b/src/network_inspectors/appid/appid_discovery.cc index 7799d9987..b744fc132 100644 --- a/src/network_inspectors/appid/appid_discovery.cc +++ b/src/network_inspectors/appid/appid_discovery.cc @@ -721,7 +721,7 @@ bool AppIdDiscovery::do_host_port_based_discovery(Packet* p, AppIdSession& asd, HostPortVal* hv = nullptr; if (check_static and - (hv = HostPortCache::find(ip, port, protocol))) + (hv = HostPortCache::find(ip, port, protocol, *(asd.ctxt)))) { asd.scan_flags |= SCAN_HOST_PORT_FLAG; switch (hv->type) diff --git a/src/network_inspectors/appid/host_port_app_cache.cc b/src/network_inspectors/appid/host_port_app_cache.cc index d7568b4b8..1bbbf8fd5 100644 --- a/src/network_inspectors/appid/host_port_app_cache.cc +++ b/src/network_inspectors/appid/host_port_app_cache.cc @@ -24,6 +24,9 @@ #endif #include "host_port_app_cache.h" +#include "managers/inspector_manager.h" +#include "appid_inspector.h" +#include "appid_config.h" #include #include @@ -75,12 +78,12 @@ void HostPortCache::terminate() } } -HostPortVal* HostPortCache::find(const SfIp* ip, uint16_t port, IpProtocol protocol) +HostPortVal* HostPortCache::find(const SfIp* ip, uint16_t port, IpProtocol protocol, AppIdContext& ctxt) { HostPortKey hk; hk.ip = *ip; - hk.port = port; + hk.port = (ctxt.config->allow_port_wildcard_host_cache)? 0 : port; hk.proto = protocol; std::map::iterator it; @@ -98,7 +101,9 @@ bool HostPortCache::add(const SfIp* ip, uint16_t port, IpProtocol proto, unsigne HostPortVal hv; hk.ip = *ip; - hk.port = port; + AppIdInspector* inspector = (AppIdInspector*) InspectorManager::get_inspector(MOD_NAME, true); + AppIdContext* ctxt = inspector->get_ctxt(); + hk.port = (ctxt->config->allow_port_wildcard_host_cache)? 0 : port; hk.proto = proto; hv.appId = appId; diff --git a/src/network_inspectors/appid/host_port_app_cache.h b/src/network_inspectors/appid/host_port_app_cache.h index 4b27e0c7f..69ef5b9b4 100644 --- a/src/network_inspectors/appid/host_port_app_cache.h +++ b/src/network_inspectors/appid/host_port_app_cache.h @@ -24,6 +24,7 @@ #include "application_ids.h" #include "protocols/protocol_ids.h" +#include "appid_config.h" namespace snort { @@ -41,7 +42,7 @@ class HostPortCache public: static void initialize(); static void terminate(); - static HostPortVal* find(const snort::SfIp*, uint16_t port, IpProtocol); + static HostPortVal* find(const snort::SfIp*, uint16_t port, IpProtocol, AppIdContext&); static bool add(const snort::SfIp*, uint16_t port, IpProtocol, unsigned type, AppId); static void dump(); }; diff --git a/src/network_inspectors/appid/test/appid_discovery_test.cc b/src/network_inspectors/appid/test/appid_discovery_test.cc index 00132f869..2942123d6 100644 --- a/src/network_inspectors/appid/test/appid_discovery_test.cc +++ b/src/network_inspectors/appid/test/appid_discovery_test.cc @@ -247,7 +247,7 @@ bool ClientDiscovery::do_client_discovery(AppIdSession&, Packet*, } // Stubs for misc items -HostPortVal* HostPortCache::find(const SfIp*, uint16_t, IpProtocol) +HostPortVal* HostPortCache::find(const SfIp*, uint16_t, IpProtocol, AppIdContext&) { return nullptr; }