From: Bhagya Tholpady (bbantwal) Date: Thu, 6 Aug 2020 22:57:44 +0000 (+0000) Subject: Merge pull request #2374 in SNORT/snort3 from ~BBANTWAL/snort3:set_binding_updates... X-Git-Tag: 3.0.2-5~9 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=b060262ef46a7ea5d7b6431f836c744578455713;p=thirdparty%2Fsnort3.git Merge pull request #2374 in SNORT/snort3 from ~BBANTWAL/snort3:set_binding_updates to master Squashed commit of the following: commit 00890069e6d8e1a12b4279f8baabf27cf6e0b346 Author: Bhagya Tholpady Date: Thu Jul 30 16:04:11 2020 -0400 managers: print the instance type of the inspector module with --help-module commit 25e31ddc1f33ba26a9ee12f8b1cd7e9dd67b1036 Author: Bhagya Tholpady Date: Thu Jul 30 16:03:38 2020 -0400 framework: add an api to check if the module can be bound in the binder --- diff --git a/src/framework/module.h b/src/framework/module.h index 4908b4415..9e973c47f 100644 --- a/src/framework/module.h +++ b/src/framework/module.h @@ -191,6 +191,9 @@ public: virtual Usage get_usage() const { return CONTEXT; } + virtual bool is_bindable() const + { return false; } + protected: Module(const char* name, const char* help); Module(const char* name, const char* help, const Parameter*, bool is_list = false); diff --git a/src/managers/module_manager.cc b/src/managers/module_manager.cc index b27bd269d..f3331d3b3 100644 --- a/src/managers/module_manager.cc +++ b/src/managers/module_manager.cc @@ -1027,6 +1027,18 @@ static const char* mod_use(Module::Usage use) return "error"; } +static const char* mod_bind(const Module* m) +{ + if ( m->is_bindable() ) + return "multiton"; + else if ( + (m->get_usage() == Module::GLOBAL) or + (m->get_usage() == Module::CONTEXT) ) + return "global"; + + return "singleton"; +} + void ModuleManager::show_module(const char* name) { if ( !name || !*name ) @@ -1054,6 +1066,9 @@ void ModuleManager::show_module(const char* name) cout << endl << "Type: " << mod_type(mh->api) << endl; cout << endl << "Usage: " << mod_use(m->get_usage()) << endl; + if ( mh->api and (mh->api->type == PT_INSPECTOR) ) + cout << endl << "Instance Type: " << mod_bind(m) << endl; + const Parameter* params = m->get_parameters(); if ( params and params->type < Parameter::PT_MAX ) { diff --git a/src/network_inspectors/binder/binder.cc b/src/network_inspectors/binder/binder.cc index 8ed4c3cb6..7db2a0dab 100644 --- a/src/network_inspectors/binder/binder.cc +++ b/src/network_inspectors/binder/binder.cc @@ -1104,10 +1104,18 @@ void Binder::set_binding(SnortConfig* sc, Binding* pb) if (pb->use.action != BindUse::BA_INSPECT) return; - const char* key = pb->use.name.c_str(); - Module* m = ModuleManager::get_module(key); + const char *mod_name = pb->use.type.c_str(); + Module* m = ModuleManager::get_module(mod_name); + + if ( m and !m->is_bindable() ) + { + ParseError("can't bind %s", mod_name); + return; + } + bool is_global = m ? m->get_usage() == Module::GLOBAL : false; + const char* key = pb->use.name.c_str(); pb->use.object = InspectorManager::get_inspector(key, is_global, sc); if (pb->use.object) diff --git a/src/service_inspectors/back_orifice/back_orifice.cc b/src/service_inspectors/back_orifice/back_orifice.cc index 3e5b07fcb..e614f28e8 100644 --- a/src/service_inspectors/back_orifice/back_orifice.cc +++ b/src/service_inspectors/back_orifice/back_orifice.cc @@ -195,6 +195,9 @@ public: Usage get_usage() const override { return INSPECT; } + + bool is_bindable() const override + { return true; } }; const PegInfo* BoModule::get_pegs() const diff --git a/src/service_inspectors/cip/cip_module.h b/src/service_inspectors/cip/cip_module.h index f34fd272c..7c55f59fb 100644 --- a/src/service_inspectors/cip/cip_module.h +++ b/src/service_inspectors/cip/cip_module.h @@ -60,6 +60,9 @@ public: Usage get_usage() const override { return INSPECT; } + bool is_bindable() const override + { return true; } + CipProtoConf* get_data(); private: diff --git a/src/service_inspectors/dce_rpc/dce_http_proxy_module.h b/src/service_inspectors/dce_rpc/dce_http_proxy_module.h index df30a3281..6b2688cc2 100644 --- a/src/service_inspectors/dce_rpc/dce_http_proxy_module.h +++ b/src/service_inspectors/dce_rpc/dce_http_proxy_module.h @@ -41,6 +41,9 @@ public: Usage get_usage() const override { return INSPECT; } + + bool is_bindable() const override + { return true; } }; #define DCE_HTTP_PROXY_NAME "dce_http_proxy" diff --git a/src/service_inspectors/dce_rpc/dce_http_server_module.h b/src/service_inspectors/dce_rpc/dce_http_server_module.h index 7871e68f6..6239a23ac 100644 --- a/src/service_inspectors/dce_rpc/dce_http_server_module.h +++ b/src/service_inspectors/dce_rpc/dce_http_server_module.h @@ -41,6 +41,9 @@ public: Usage get_usage() const override { return INSPECT; } + + bool is_bindable() const override + { return true; } }; #define DCE_HTTP_SERVER_NAME "dce_http_server" diff --git a/src/service_inspectors/dce_rpc/dce_smb_module.h b/src/service_inspectors/dce_rpc/dce_smb_module.h index 98779b20b..3d7b0be19 100644 --- a/src/service_inspectors/dce_rpc/dce_smb_module.h +++ b/src/service_inspectors/dce_rpc/dce_smb_module.h @@ -86,6 +86,9 @@ public: Usage get_usage() const override { return INSPECT; } + bool is_bindable() const override + { return true; } + void set_trace(const snort::Trace*) const override; const snort::TraceOption* get_trace_options() const override; diff --git a/src/service_inspectors/dce_rpc/dce_tcp_module.h b/src/service_inspectors/dce_rpc/dce_tcp_module.h index 56bbade41..86a776024 100644 --- a/src/service_inspectors/dce_rpc/dce_tcp_module.h +++ b/src/service_inspectors/dce_rpc/dce_tcp_module.h @@ -53,6 +53,9 @@ public: Usage get_usage() const override { return INSPECT; } + bool is_bindable() const override + { return true; } + private: dce2TcpProtoConf config; }; diff --git a/src/service_inspectors/dce_rpc/dce_udp_module.h b/src/service_inspectors/dce_rpc/dce_udp_module.h index 27d36228e..57e436063 100644 --- a/src/service_inspectors/dce_rpc/dce_udp_module.h +++ b/src/service_inspectors/dce_rpc/dce_udp_module.h @@ -66,6 +66,9 @@ public: Usage get_usage() const override { return INSPECT; } + bool is_bindable() const override + { return true; } + void set_trace(const snort::Trace*) const override; const snort::TraceOption* get_trace_options() const override; diff --git a/src/service_inspectors/dnp3/dnp3_module.h b/src/service_inspectors/dnp3/dnp3_module.h index 8a6ff065a..e6a4373d3 100644 --- a/src/service_inspectors/dnp3/dnp3_module.h +++ b/src/service_inspectors/dnp3/dnp3_module.h @@ -52,6 +52,9 @@ public: Usage get_usage() const override { return INSPECT; } + bool is_bindable() const override + { return true; } + void get_data(dnp3ProtoConf&); private: diff --git a/src/service_inspectors/dns/dns_module.h b/src/service_inspectors/dns/dns_module.h index e9dd172ab..b81ef4757 100644 --- a/src/service_inspectors/dns/dns_module.h +++ b/src/service_inspectors/dns/dns_module.h @@ -72,6 +72,9 @@ public: Usage get_usage() const override { return INSPECT; } + + bool is_bindable() const override + { return true; } }; #endif diff --git a/src/service_inspectors/ftp_telnet/ftp_data.cc b/src/service_inspectors/ftp_telnet/ftp_data.cc index 9936e1c70..95627ec21 100644 --- a/src/service_inspectors/ftp_telnet/ftp_data.cc +++ b/src/service_inspectors/ftp_telnet/ftp_data.cc @@ -267,6 +267,9 @@ public: Usage get_usage() const override { return INSPECT; } + + bool is_bindable() const override + { return true; } }; const PegInfo* FtpDataModule::get_pegs() const diff --git a/src/service_inspectors/ftp_telnet/ftp_module.h b/src/service_inspectors/ftp_telnet/ftp_module.h index 535e4e093..06597c950 100644 --- a/src/service_inspectors/ftp_telnet/ftp_module.h +++ b/src/service_inspectors/ftp_telnet/ftp_module.h @@ -70,6 +70,9 @@ public: Usage get_usage() const override { return INSPECT; } + bool is_bindable() const override + { return true; } + private: FTP_CLIENT_PROTO_CONF* conf; std::vector bounce_to; @@ -126,6 +129,9 @@ public: Usage get_usage() const override { return INSPECT; } + bool is_bindable() const override + { return true; } + FTP_SERVER_PROTO_CONF* get_data(); const FtpCmd* get_cmd(unsigned idx); diff --git a/src/service_inspectors/ftp_telnet/telnet_module.h b/src/service_inspectors/ftp_telnet/telnet_module.h index 648abceae..d8ef99194 100644 --- a/src/service_inspectors/ftp_telnet/telnet_module.h +++ b/src/service_inspectors/ftp_telnet/telnet_module.h @@ -61,6 +61,9 @@ public: Usage get_usage() const override { return INSPECT; } + bool is_bindable() const override + { return true; } + TELNET_PROTO_CONF* get_data(); private: diff --git a/src/service_inspectors/gtp/gtp_module.h b/src/service_inspectors/gtp/gtp_module.h index 5a568fda3..b0c4f7950 100644 --- a/src/service_inspectors/gtp/gtp_module.h +++ b/src/service_inspectors/gtp/gtp_module.h @@ -72,6 +72,9 @@ public: Usage get_usage() const override { return INSPECT; } + bool is_bindable() const override + { return true; } + void set_trace(const snort::Trace*) const override; const snort::TraceOption* get_trace_options() const override; diff --git a/src/service_inspectors/http2_inspect/http2_module.h b/src/service_inspectors/http2_inspect/http2_module.h index e34c1e486..c2095c64a 100644 --- a/src/service_inspectors/http2_inspect/http2_module.h +++ b/src/service_inspectors/http2_inspect/http2_module.h @@ -79,6 +79,9 @@ public: Usage get_usage() const override { return INSPECT; } + bool is_bindable() const override + { return true; } + private: static const snort::Parameter http2_params[]; static const snort::RuleMap http2_events[]; diff --git a/src/service_inspectors/http_inspect/http_module.h b/src/service_inspectors/http_inspect/http_module.h index ca97f9516..c3abe40d1 100644 --- a/src/service_inspectors/http_inspect/http_module.h +++ b/src/service_inspectors/http_inspect/http_module.h @@ -125,6 +125,9 @@ public: Usage get_usage() const override { return INSPECT; } + bool is_bindable() const override + { return true; } + #ifdef REG_TEST static const PegInfo* get_peg_names() { return peg_names; } static const PegCount* get_peg_counts() { return peg_counts; } diff --git a/src/service_inspectors/imap/imap_module.h b/src/service_inspectors/imap/imap_module.h index 9f2549d57..a77165ba1 100644 --- a/src/service_inspectors/imap/imap_module.h +++ b/src/service_inspectors/imap/imap_module.h @@ -66,6 +66,9 @@ public: Usage get_usage() const override { return INSPECT; } + bool is_bindable() const override + { return true; } + IMAP_PROTO_CONF* get_data(); private: diff --git a/src/service_inspectors/modbus/modbus_module.h b/src/service_inspectors/modbus/modbus_module.h index 26a686165..cd4e63b22 100644 --- a/src/service_inspectors/modbus/modbus_module.h +++ b/src/service_inspectors/modbus/modbus_module.h @@ -52,6 +52,9 @@ public: Usage get_usage() const override { return INSPECT; } + + bool is_bindable() const override + { return true; } }; #endif diff --git a/src/service_inspectors/pop/pop_module.h b/src/service_inspectors/pop/pop_module.h index 2ffc9ee3d..a1ddcd14f 100644 --- a/src/service_inspectors/pop/pop_module.h +++ b/src/service_inspectors/pop/pop_module.h @@ -66,6 +66,9 @@ public: Usage get_usage() const override { return INSPECT; } + bool is_bindable() const override + { return true; } + POP_PROTO_CONF* get_data(); private: diff --git a/src/service_inspectors/rpc_decode/rpc_module.h b/src/service_inspectors/rpc_decode/rpc_module.h index 7e86e9460..51de78f5a 100644 --- a/src/service_inspectors/rpc_decode/rpc_module.h +++ b/src/service_inspectors/rpc_decode/rpc_module.h @@ -52,6 +52,9 @@ public: Usage get_usage() const override { return INSPECT; } + + bool is_bindable() const override + { return true; } }; #endif diff --git a/src/service_inspectors/s7commplus/s7comm_module.h b/src/service_inspectors/s7commplus/s7comm_module.h index 04b04f87d..5864294a2 100644 --- a/src/service_inspectors/s7commplus/s7comm_module.h +++ b/src/service_inspectors/s7commplus/s7comm_module.h @@ -53,6 +53,9 @@ public: Usage get_usage() const override { return INSPECT; } + + bool is_bindable() const override + { return true; } }; #endif diff --git a/src/service_inspectors/sip/sip_module.h b/src/service_inspectors/sip/sip_module.h index 3e456818b..b24397a04 100644 --- a/src/service_inspectors/sip/sip_module.h +++ b/src/service_inspectors/sip/sip_module.h @@ -87,6 +87,9 @@ public: Usage get_usage() const override { return INSPECT; } + bool is_bindable() const override + { return true; } + SIP_PROTO_CONF* get_data(); private: diff --git a/src/service_inspectors/smtp/smtp_module.h b/src/service_inspectors/smtp/smtp_module.h index ada745c15..6afaab1d1 100644 --- a/src/service_inspectors/smtp/smtp_module.h +++ b/src/service_inspectors/smtp/smtp_module.h @@ -99,6 +99,9 @@ public: Usage get_usage() const override { return INSPECT; } + bool is_bindable() const override + { return true; } + private: void add_commands(snort::Value&, uint32_t flags); diff --git a/src/service_inspectors/ssh/ssh_module.h b/src/service_inspectors/ssh/ssh_module.h index 795c33aa2..716149efe 100644 --- a/src/service_inspectors/ssh/ssh_module.h +++ b/src/service_inspectors/ssh/ssh_module.h @@ -67,6 +67,9 @@ public: Usage get_usage() const override { return INSPECT; } + bool is_bindable() const override + { return true; } + SSH_PROTO_CONF* get_data(); private: diff --git a/src/service_inspectors/ssl/ssl_module.h b/src/service_inspectors/ssl/ssl_module.h index 3ba5d9336..55d6c6b3c 100644 --- a/src/service_inspectors/ssl/ssl_module.h +++ b/src/service_inspectors/ssl/ssl_module.h @@ -63,6 +63,9 @@ public: Usage get_usage() const override { return INSPECT; } + bool is_bindable() const override + { return true; } + SSL_PROTO_CONF* get_data(); private: diff --git a/src/service_inspectors/wizard/wiz_module.h b/src/service_inspectors/wizard/wiz_module.h index 62db7629d..6fe68ff5a 100644 --- a/src/service_inspectors/wizard/wiz_module.h +++ b/src/service_inspectors/wizard/wiz_module.h @@ -61,6 +61,9 @@ public: Usage get_usage() const override { return INSPECT; } + bool is_bindable() const override + { return true; } + void set_trace(const snort::Trace*) const override; const snort::TraceOption* get_trace_options() const override; diff --git a/src/stream/file/file_module.h b/src/stream/file/file_module.h index a94bff04f..e1b7e2343 100644 --- a/src/stream/file/file_module.h +++ b/src/stream/file/file_module.h @@ -49,6 +49,9 @@ public: Usage get_usage() const override { return INSPECT; } + bool is_bindable() const override + { return true; } + public: bool upload; }; diff --git a/src/stream/icmp/icmp_module.h b/src/stream/icmp/icmp_module.h index e99625ed3..e540a2d4c 100644 --- a/src/stream/icmp/icmp_module.h +++ b/src/stream/icmp/icmp_module.h @@ -62,6 +62,9 @@ public: Usage get_usage() const override { return INSPECT; } + bool is_bindable() const override + { return true; } + StreamIcmpConfig* get_data(); private: diff --git a/src/stream/ip/ip_module.h b/src/stream/ip/ip_module.h index b1f26214f..2d743209f 100644 --- a/src/stream/ip/ip_module.h +++ b/src/stream/ip/ip_module.h @@ -116,6 +116,9 @@ public: Usage get_usage() const override { return INSPECT; } + bool is_bindable() const override + { return true; } + void set_trace(const snort::Trace*) const override; const snort::TraceOption* get_trace_options() const override; diff --git a/src/stream/tcp/tcp_module.h b/src/stream/tcp/tcp_module.h index 489de0992..c87706e1c 100644 --- a/src/stream/tcp/tcp_module.h +++ b/src/stream/tcp/tcp_module.h @@ -147,6 +147,9 @@ public: Usage get_usage() const override { return INSPECT; } + bool is_bindable() const override + { return true; } + private: TcpStreamConfig* config; }; diff --git a/src/stream/udp/udp_module.h b/src/stream/udp/udp_module.h index 231c2dce1..511b13a5e 100644 --- a/src/stream/udp/udp_module.h +++ b/src/stream/udp/udp_module.h @@ -65,6 +65,9 @@ public: Usage get_usage() const override { return INSPECT; } + bool is_bindable() const override + { return true; } + private: StreamUdpConfig* config; }; diff --git a/src/stream/user/user_module.h b/src/stream/user/user_module.h index f42f235b0..76159c13b 100644 --- a/src/stream/user/user_module.h +++ b/src/stream/user/user_module.h @@ -52,6 +52,9 @@ public: Usage get_usage() const override { return INSPECT; } + bool is_bindable() const override + { return true; } + StreamUserConfig* get_data(); void set_trace(const snort::Trace*) const override;