From: Steve Chew (stechew) <stechew@cisco.com>
Date: Thu, 25 May 2023 22:53:12 +0000 (+0000)
Subject: Pull request #3857: main: Allow network IDs to use up to 32 bits.
X-Git-Tag: 3.1.63.0~5
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=e3e55bc8b8383cf487e91c01f37e952cb9a8480b;p=thirdparty%2Fsnort3.git

Pull request #3857: main: Allow network IDs to use up to 32 bits.

Merge in SNORT/snort3 from ~STECHEW/snort3:network_id_update to master

Squashed commit of the following:

commit f349d2e213663779010377679bf07b9062d89f0a
Author: Steve Chew <stechew@cisco.com>
Date:   Fri May 19 18:00:48 2023 -0400

    main: Allow network IDs to use up to 32 bits.
---

diff --git a/src/main/network_module.cc b/src/main/network_module.cc
index 39994351a..8c759b7b4 100644
--- a/src/main/network_module.cc
+++ b/src/main/network_module.cc
@@ -43,7 +43,7 @@ static const Parameter network_params[] =
       "all | ip | noip | tcp | notcp | udp | noudp | icmp | noicmp | none", "all",
       "checksums to verify" },
 
-    { "id", Parameter::PT_INT, "0:65535", "0",
+    { "id", Parameter::PT_INT, "0:max32", "0",
       "correlate unified2 events with configuration" },
 
     { "min_ttl", Parameter::PT_INT, "1:255", "1",
@@ -78,7 +78,7 @@ static int network_set_policy(lua_State* L)
 
 const Parameter network_set_policy_params[] =
 {
-    {"id", Parameter::PT_INT, "0:65535", 0, "user network policy id"},
+    {"id", Parameter::PT_INT, "0:max32", 0, "user network policy id"},
     {nullptr, Parameter::PT_MAX, nullptr, nullptr, nullptr}
 };
 
@@ -106,7 +106,7 @@ bool NetworkModule::set(const char*, Value& v, SnortConfig* sc)
         ConfigChecksumMode(v.get_string());
 
     else if ( v.is("id") )
-        p->user_policy_id = v.get_uint16();
+        p->user_policy_id = v.get_uint32();
 
     else if ( v.is("min_ttl") )
         p->min_ttl = v.get_uint8();
diff --git a/src/main/policy.h b/src/main/policy.h
index 1e98202b1..996664910 100644
--- a/src/main/policy.h
+++ b/src/main/policy.h
@@ -56,7 +56,7 @@ struct PortTable;
 struct vartable_t;
 struct sfip_var_t;
 
-#define UNDEFINED_USER_POLICY_ID 65536
+#define UNDEFINED_NETWORK_USER_POLICY_ID 0xffffffff
 
 typedef unsigned int PolicyId;
 typedef snort::GHash PortVarTable;
diff --git a/src/main/shell.cc b/src/main/shell.cc
index 6d6198c49..d0991a72f 100644
--- a/src/main/shell.cc
+++ b/src/main/shell.cc
@@ -664,7 +664,7 @@ void Shell::set_network_policy_user_id(lua_State* L, uint32_t user_id)
 
 void Shell::set_user_network_policy()
 {
-    if (UNDEFINED_USER_POLICY_ID > network_user_policy_id)
+    if (UNDEFINED_NETWORK_USER_POLICY_ID > network_user_policy_id)
     {
         NetworkPolicy* np =
             SnortConfig::get_conf()->policy_map->get_user_network(network_user_policy_id);
diff --git a/src/main/shell.h b/src/main/shell.h
index 290977875..a6a2dffef 100644
--- a/src/main/shell.h
+++ b/src/main/shell.h
@@ -143,7 +143,7 @@ private:
     Allowlist internal_allowlist;
     Allowlist allowlist_prefixes;
     ConfigData config_data;
-    uint32_t network_user_policy_id = UNDEFINED_USER_POLICY_ID;
+    uint32_t network_user_policy_id = UNDEFINED_NETWORK_USER_POLICY_ID;
     bool load_defaults;
 };