From: Michael Altizer (mialtize) Date: Thu, 20 Feb 2020 17:52:16 +0000 (+0000) Subject: Merge pull request #2022 in SNORT/snort3 from ~SMINUT/snort3:multiple_reject_take5... X-Git-Tag: 3.0.0-268~1 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=989a3ed7d9e08d14f0022669dabc2ba962354dd7;p=thirdparty%2Fsnort3.git Merge pull request #2022 in SNORT/snort3 from ~SMINUT/snort3:multiple_reject_take5 to master Squashed commit of the following: commit 46f3ef78a578553e2eedb7f4da91a366b55967fd Author: Silviu Minut Date: Wed Feb 19 14:09:50 2020 -0500 file_api: enable Active only when idx = 0 and misc style edits. --- diff --git a/src/detection/fp_detect.cc b/src/detection/fp_detect.cc index 967ed95e6..7ec4725c8 100644 --- a/src/detection/fp_detect.cc +++ b/src/detection/fp_detect.cc @@ -52,9 +52,9 @@ #include "main/snort_config.h" #include "main/snort_debug.h" #include "managers/action_manager.h" +#include "packet_io/active.h" #include "packet_tracer/packet_tracer.h" #include "parser/parser.h" -#include "packet_io/active.h" #include "profiler/profiler_defs.h" #include "protocols/icmp4.h" #include "protocols/packet_manager.h" @@ -123,7 +123,7 @@ static inline void fpLogOther( // rule actions are queued here (eg reject) if ( rtn->listhead->is_plugin_action ) { - snort::Actions::Type idx = rtn->listhead->ruleListNode->mode; + Actions::Type idx = rtn->listhead->ruleListNode->mode; ActiveAction * act = get_ips_policy()->action[idx]; if ( act ) Active::queue(act, p); diff --git a/src/file_api/file_module.cc b/src/file_api/file_module.cc index 4910e819b..4819c388d 100644 --- a/src/file_api/file_module.cc +++ b/src/file_api/file_module.cc @@ -422,7 +422,11 @@ bool FileIdModule::begin(const char* fqn, int idx, SnortConfig*) bool FileIdModule::end(const char* fqn, int idx, SnortConfig*) { if (!idx) + { + if ( need_active ) + Active::set_enabled(); return true; + } if ( !strcmp(fqn, "file_id.file_rules") ) { @@ -438,9 +442,6 @@ bool FileIdModule::end(const char* fqn, int idx, SnortConfig*) fc->process_file_policy_rule(file_rule); } - if ( need_active ) - Active::set_enabled(); - return true; } diff --git a/src/managers/action_manager.cc b/src/managers/action_manager.cc index 10d2e0e3a..18ffc445c 100644 --- a/src/managers/action_manager.cc +++ b/src/managers/action_manager.cc @@ -167,7 +167,7 @@ void ActionManager::instantiate(const ActionApi* api, Module* mod, SnortConfig* // The plugin actions (e.g. reject, react, etc.) are per policy, per mode. // At logging time, they have to be retrieved the way we store them here. IpsPolicy* ips = get_ips_policy(); - snort::Actions::Type idx = rln->mode; + Actions::Type idx = rln->mode; assert(ips->action[idx] == nullptr); ips->action[idx] = act; @@ -260,6 +260,5 @@ IpsActionWrapper* ActionManager::instantiate(const char* name, Module* m) return new IpsActionWrapper(api, p); } - #endif diff --git a/src/packet_io/active.cc b/src/packet_io/active.cc index 0df08bdd6..d91cfe4ea 100644 --- a/src/packet_io/active.cc +++ b/src/packet_io/active.cc @@ -24,7 +24,6 @@ #endif #include "active.h" -#include "active_action.h" #include "detection/detection_engine.h" #include "log/messages.h" @@ -36,6 +35,7 @@ #include "stream/stream.h" #include "utils/dnet_header.h" +#include "active_action.h" #include "sfdaq.h" #include "sfdaq_instance.h" #include "sfdaq_module.h" diff --git a/src/packet_io/active_action.h b/src/packet_io/active_action.h index 1c2dc0955..88f5ff000 100644 --- a/src/packet_io/active_action.h +++ b/src/packet_io/active_action.h @@ -1,5 +1,5 @@ //-------------------------------------------------------------------------- -// Copyright (C) 2014-2020 Cisco and/or its affiliates. All rights reserved. +// Copyright (C) 2020-2020 Cisco and/or its affiliates. All rights reserved. // // This program is free software; you can redistribute it and/or modify it // under the terms of the GNU General Public License Version 2 as published