From: Mike Stepanek (mstepane) Date: Wed, 12 Dec 2018 14:57:49 +0000 (-0500) Subject: Merge pull request #1461 in SNORT/snort3 from ~DERAMADA/snort3:ips_binder to master X-Git-Tag: 3.0.0-251~87 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=b58fcf336c36d99a877f3b6e28a8df2bfd1ebcb0;p=thirdparty%2Fsnort3.git Merge pull request #1461 in SNORT/snort3 from ~DERAMADA/snort3:ips_binder to master Squashed commit of the following: commit 4b6aed33ddd66eb0283cae99872b200b019971fe Author: deramada Date: Mon Dec 10 15:29:41 2018 -0500 binder: store user set ips policy id from lua --- diff --git a/src/network_inspectors/binder/bind_module.cc b/src/network_inspectors/binder/bind_module.cc index d6676d130..b2ee4d8d8 100644 --- a/src/network_inspectors/binder/bind_module.cc +++ b/src/network_inspectors/binder/bind_module.cc @@ -203,7 +203,7 @@ bool BinderModule::set(const char* fqn, Value& v, SnortConfig*) work->when.split_nets = true; } else if ( v.is("ips_policy_id") ) - work->when.ips_id = v.get_uint32(); + work->when.ips_id_user = v.get_uint32(); else if ( v.is("proto") ) { diff --git a/src/network_inspectors/binder/binder.cc b/src/network_inspectors/binder/binder.cc index 4c63ae0ac..76c2b394f 100644 --- a/src/network_inspectors/binder/binder.cc +++ b/src/network_inspectors/binder/binder.cc @@ -74,6 +74,7 @@ Binding::Binding() when.dst_zone = DAQ_PKTHDR_UNKNOWN; when.ips_id = 0; + when.ips_id_user = 0; when.role = BindWhen::BR_EITHER; use.inspection_index = 0; @@ -656,9 +657,9 @@ bool Binder::configure(SnortConfig* sc) Binding* pb = bindings[i]; // Update with actual policy indices instead of user provided names - if ( pb->when.ips_id ) + if ( pb->when.ips_id_user ) { - IpsPolicy* p = sc->policy_map->get_user_ips(pb->when.ips_id); + IpsPolicy* p = sc->policy_map->get_user_ips(pb->when.ips_id_user); if ( p ) pb->when.ips_id = p->policy_id; else diff --git a/src/network_inspectors/binder/binding.h b/src/network_inspectors/binder/binding.h index 54ab96e8f..e4dee3e55 100644 --- a/src/network_inspectors/binder/binding.h +++ b/src/network_inspectors/binder/binding.h @@ -23,6 +23,7 @@ #include #include "framework/bits.h" +#include "main/policy.h" #include "sfip/sf_ipvar.h" namespace snort @@ -36,7 +37,8 @@ struct BindWhen enum Role { BR_CLIENT, BR_SERVER, BR_EITHER, BR_MAX }; - unsigned ips_id; + PolicyId ips_id; + unsigned ips_id_user; unsigned protos; Role role; std::string svc;