-/* Copyright (C) 2007-2013 Open Information Security Foundation
+/* Copyright (C) 2007-2014 Open Information Security Foundation
*
* You can copy, redistribute or modify this Program under the terms of
* the GNU General Public License version 2 as published by the Free
-/* Copyright (C) 2007-2010 Open Information Security Foundation
+/* Copyright (C) 2007-2014 Open Information Security Foundation
*
* You can copy, redistribute or modify this Program under the terms of
* the GNU General Public License version 2 as published by the Free
-/* Copyright (C) 2007-2013 Open Information Security Foundation
+/* Copyright (C) 2007-2014 Open Information Security Foundation
*
* You can copy, redistribute or modify this Program under the terms of
* the GNU General Public License version 2 as published by the Free
return TM_ECODE_OK;
}
-void AlertFastLogExitPrintStats(ThreadVars *tv, void *data) {
+void AlertFastLogExitPrintStats(ThreadVars *tv, void *data)
+{
AlertFastLogThread *aft = (AlertFastLogThread *)data;
if (aft == NULL) {
return;
#ifdef UNITTESTS
-int AlertFastLogTest01()
+static int AlertFastLogTest01()
{
int result = 0;
uint8_t *buf = (uint8_t *) "GET /one/ HTTP/1.1\r\n"
return result;
}
-int AlertFastLogTest02()
+static int AlertFastLogTest02()
{
int result = 0;
uint8_t *buf = (uint8_t *) "GET /one/ HTTP/1.1\r\n"
-/* Copyright (C) 2007-2010 Open Information Security Foundation
+/* Copyright (C) 2007-2014 Open Information Security Foundation
*
* You can copy, redistribute or modify this Program under the terms of
* the GNU General Public License version 2 as published by the Free
#ifndef __ALERT_FASTLOG_H__
#define __ALERT_FASTLOG_H__
-void TmModuleAlertFastLogRegister (void);
-void TmModuleAlertFastLogIPv4Register (void);
-void TmModuleAlertFastLogIPv6Register (void);
+void TmModuleAlertFastLogRegister(void);
+void TmModuleAlertFastLogIPv4Register(void);
+void TmModuleAlertFastLogIPv6Register(void);
OutputCtx *AlertFastLogInitCtx(ConfNode *);
#endif /* __ALERT_FASTLOG_H__ */
-/* Copyright (C) 2011 Open Information Security Foundation
+/* Copyright (C) 2011-2014 Open Information Security Foundation
*
* You can copy, redistribute or modify this Program under the terms of
* the GNU General Public License version 2 as published by the Free
-/* Copyright (C) 2011 Open Information Security Foundation
+/* Copyright (C) 2011-2014 Open Information Security Foundation
*
* You can copy, redistribute or modify this Program under the terms of
* the GNU General Public License version 2 as published by the Free
-/* Copyright (C) 2007-2010 Open Information Security Foundation
+/* Copyright (C) 2007-2014 Open Information Security Foundation
*
* You can copy, redistribute or modify this Program under the terms of
* the GNU General Public License version 2 as published by the Free
SCEnter();
ret = idmef_analyzer_new_model(analyzer, &string);
- if ( ret < 0 )
+ if (ret < 0)
SCReturnInt(ret);
prelude_string_set_constant(string, ANALYZER_MODEL);
ret = idmef_analyzer_new_class(analyzer, &string);
- if ( ret < 0 )
+ if (ret < 0)
SCReturnInt(ret);
prelude_string_set_constant(string, ANALYZER_CLASS);
ret = idmef_analyzer_new_manufacturer(analyzer, &string);
- if ( ret < 0 )
+ if (ret < 0)
SCReturnInt(ret);
prelude_string_set_constant(string, ANALYZER_MANUFACTURER);
ret = idmef_analyzer_new_version(analyzer, &string);
- if ( ret < 0 )
+ if (ret < 0)
SCReturnInt(ret);
prelude_string_set_constant(string, VERSION);
SCEnter();
ret = idmef_alert_new_assessment(alert, &assessment);
- if ( ret < 0 )
+ if (ret < 0)
SCReturnInt(ret);
ret = idmef_assessment_new_impact(assessment, &impact);
- if ( ret < 0 )
+ if (ret < 0)
SCReturnInt(ret);
if ( (unsigned int)pa->s->prio < mid_priority )
idmef_action_t *action;
ret = idmef_action_new(&action);
- if ( ret < 0 )
+ if (ret < 0)
SCReturnInt(ret);
idmef_action_set_category(action, IDMEF_ACTION_CATEGORY_BLOCK_INSTALLED);
if (pa->s->class_msg) {
ret = idmef_impact_new_description(impact, &str);
- if ( ret < 0 )
+ if (ret < 0)
SCReturnInt(ret);
prelude_string_set_ref(str, pa->s->class_msg);
SCReturnInt(0);
ret = idmef_alert_new_source(alert, &source, IDMEF_LIST_APPEND);
- if ( ret < 0 )
+ if (ret < 0)
SCReturnInt(ret);
ret = idmef_source_new_service(source, &service);
- if ( ret < 0 )
+ if (ret < 0)
SCReturnInt(ret);
if ( p->tcph || p->udph )
idmef_service_set_iana_protocol_number(service, ip_proto);
ret = idmef_source_new_node(source, &node);
- if ( ret < 0 )
+ if (ret < 0)
SCReturnInt(ret);
ret = idmef_node_new_address(node, &address, IDMEF_LIST_APPEND);
- if ( ret < 0 )
+ if (ret < 0)
SCReturnInt(ret);
ret = idmef_address_new_address(address, &string);
- if ( ret < 0 )
+ if (ret < 0)
SCReturnInt(ret);
prelude_string_set_ref(string, saddr);
ret = idmef_alert_new_target(alert, &target, IDMEF_LIST_APPEND);
- if ( ret < 0 )
+ if (ret < 0)
SCReturnInt(ret);
ret = idmef_target_new_service(target, &service);
- if ( ret < 0 )
+ if (ret < 0)
SCReturnInt(ret);
if ( p->tcph || p->udph )
idmef_service_set_iana_protocol_number(service, ip_proto);
ret = idmef_target_new_node(target, &node);
- if ( ret < 0 )
+ if (ret < 0)
SCReturnInt(ret);
ret = idmef_node_new_address(node, &address, IDMEF_LIST_APPEND);
- if ( ret < 0 )
+ if (ret < 0)
SCReturnInt(ret);
ret = idmef_address_new_address(address, &string);
- if ( ret < 0 )
+ if (ret < 0)
SCReturnInt(ret);
prelude_string_set_ref(string, daddr);
SCReturnInt(0);
ret = idmef_alert_new_additional_data(alert, &ad, IDMEF_LIST_APPEND);
- if ( ret < 0 )
+ if (ret < 0)
SCReturnInt(0);
ret = idmef_additional_data_set_byte_string_ref(ad, data, size);
- if ( ret < 0 ) {
+ if (ret < 0) {
SCLogDebug("%s: error setting byte string data: %s.",
prelude_strsource(ret), prelude_strerror(ret));
SCReturnInt(-1);
}
ret = idmef_additional_data_new_meaning(ad, &str);
- if ( ret < 0 ) {
+ if (ret < 0) {
SCLogDebug("%s: error creating additional-data meaning: %s.",
prelude_strsource(ret), prelude_strerror(ret));
SCReturnInt(-1);
}
ret = prelude_string_set_ref(str, meaning);
- if ( ret < 0 ) {
+ if (ret < 0) {
SCLogDebug("%s: error setting byte string data meaning: %s.",
prelude_strsource(ret), prelude_strerror(ret));
SCReturnInt(-1);
SCEnter();
ret = idmef_alert_new_additional_data(alert, &ad, IDMEF_LIST_APPEND);
- if ( ret < 0 )
+ if (ret < 0)
SCReturnInt(ret);
idmef_additional_data_set_integer(ad, data);
ret = idmef_additional_data_new_meaning(ad, &str);
- if ( ret < 0 ) {
+ if (ret < 0) {
SCLogDebug("%s: error creating additional-data meaning: %s.",
prelude_strsource(ret), prelude_strerror(ret));
SCReturnInt(-1);
}
ret = prelude_string_set_ref(str, meaning);
- if ( ret < 0 ) {
+ if (ret < 0) {
SCLogDebug("%s: error setting integer data meaning: %s.",
prelude_strsource(ret), prelude_strerror(ret));
SCReturnInt(-1);
SCReturnInt(0);
ret = idmef_classification_new_reference(class, &ref, IDMEF_LIST_APPEND);
- if ( ret < 0 )
+ if (ret < 0)
SCReturnInt(ret);
ret = idmef_reference_new_name(ref, &str);
- if ( ret < 0 )
+ if (ret < 0)
SCReturnInt(ret);
idmef_reference_set_origin(ref, IDMEF_REFERENCE_ORIGIN_VENDOR_SPECIFIC);
else
ret = prelude_string_sprintf(str, "%u:%u", gen_id, sig_id);
- if ( ret < 0 )
+ if (ret < 0)
SCReturnInt(ret);
ret = idmef_reference_new_meaning(ref, &str);
- if ( ret < 0 )
+ if (ret < 0)
SCReturnInt(ret);
ret = prelude_string_sprintf(str, "Snort Signature ID");
- if ( ret < 0 )
+ if (ret < 0)
SCReturnInt(ret);
ret = idmef_reference_new_url(ref, &str);
- if ( ret < 0 )
+ if (ret < 0)
SCReturnInt(ret);
if ( gen_id == 0 )
SCEnter();
ret = idmef_classification_new_ident(class, &str);
- if ( ret < 0 )
+ if (ret < 0)
SCReturnInt(ret);
if ( pa->s->gid == 0 )
ret = prelude_string_sprintf(str, "%u", pa->s->id);
else
ret = prelude_string_sprintf(str, "%u:%u", pa->s->gid, pa->s->id);
- if ( ret < 0 )
+ if (ret < 0)
SCReturnInt(ret);
ret = AddSnortReference(class, pa->s->gid, pa->s->id);
- if ( ret < 0 )
+ if (ret < 0)
SCReturnInt(ret);
SCReturnInt(0);
SCEnter();
ret = prelude_init(0, NULL);
- if ( ret < 0 ) {
+ if (ret < 0) {
prelude_perror(ret, "unable to initialize the prelude library");
SCReturnPtr(NULL, "AlertPreludeCtx");
}
}
ret = prelude_client_set_flags(client, prelude_client_get_flags(client) | PRELUDE_CLIENT_FLAGS_ASYNC_TIMER|PRELUDE_CLIENT_FLAGS_ASYNC_SEND);
- if ( ret < 0 ) {
+ if (ret < 0) {
SCLogDebug("Unable to set asynchronous send and timer.");
prelude_client_destroy(client, PRELUDE_CLIENT_EXIT_STATUS_SUCCESS);
SCReturnPtr(NULL, "AlertPreludeCtx");
SetupAnalyzer(prelude_client_get_analyzer(client));
ret = prelude_client_start(client);
- if ( ret < 0 ) {
+ if (ret < 0) {
prelude_perror(ret, "Unable to start prelude client");
prelude_client_destroy(client, PRELUDE_CLIENT_EXIT_STATUS_SUCCESS);
SCReturnPtr(NULL, "AlertPreludeCtx");
if (idmef != NULL)
idmef_message_destroy(idmef);
SCReturnInt(TM_ECODE_FAILED);
-
}
void TmModuleAlertPreludeRegister (void) {
-/* Copyright (C) 2007-2010 Open Information Security Foundation
+/* Copyright (C) 2007-2014 Open Information Security Foundation
*
* You can copy, redistribute or modify this Program under the terms of
* the GNU General Public License version 2 as published by the Free
-/* Copyright (C) 2007-2010 Open Information Security Foundation
+/* Copyright (C) 2007-2014 Open Information Security Foundation
*
* You can copy, redistribute or modify this Program under the terms of
* the GNU General Public License version 2 as published by the Free
-/* Copyright (C) 2007-2010 Open Information Security Foundation
+/* Copyright (C) 2007-2014 Open Information Security Foundation
*
* You can copy, redistribute or modify this Program under the terms of
* the GNU General Public License version 2 as published by the Free
#ifndef __ALERT_SYSLOG_H__
#define __ALERT_SYSLOG_H__
-void TmModuleAlertSyslogRegister (void);
+void TmModuleAlertSyslogRegister(void);
#endif /* __ALERT_SYSLOG_H__ */
-/* Copyright (C) 2007-2013 Open Information Security Foundation
+/* Copyright (C) 2007-2014 Open Information Security Foundation
*
* You can copy, redistribute or modify this Program under the terms of
* the GNU General Public License version 2 as published by the Free
static int Unified2IPv4TypeAlert(ThreadVars *, const Packet *, void *);
static int Unified2IPv6TypeAlert(ThreadVars *, const Packet *, void *);
static int Unified2PacketTypeAlert(Unified2AlertThread *, const Packet *, uint32_t, int);
-void Unified2RegisterTests();
+void Unified2RegisterTests(void);
int Unified2AlertOpenFileCtx(LogFileCtx *, const char *);
static void Unified2AlertDeInitCtx(OutputCtx *);
#define MODULE_NAME "Unified2Alert"
-void TmModuleUnified2AlertRegister (void) {
+void TmModuleUnified2AlertRegister(void)
+{
tmm_modules[TMM_ALERTUNIFIED2ALERT].name = MODULE_NAME;
tmm_modules[TMM_ALERTUNIFIED2ALERT].ThreadInit = Unified2AlertThreadInit;
// tmm_modules[TMM_ALERTUNIFIED2ALERT].Func = Unified2Alert;
* \param aun Unified2 thread variable.
*/
-int Unified2AlertCloseFile(ThreadVars *t, Unified2AlertThread *aun) {
+int Unified2AlertCloseFile(ThreadVars *t, Unified2AlertThread *aun)
+{
if (aun->unified2alert_ctx->file_ctx->fp != NULL) {
fclose(aun->unified2alert_ctx->file_ctx->fp);
}
* \retval -1 on failure
*/
-int Unified2AlertRotateFile(ThreadVars *t, Unified2AlertThread *aun) {
+int Unified2AlertRotateFile(ThreadVars *t, Unified2AlertThread *aun)
+{
if (Unified2AlertCloseFile(t,aun) < 0) {
SCLogError(SC_ERR_UNIFIED2_ALERT_GENERIC,
"Error: Unified2AlertCloseFile failed");
return 1;
}
-static int GetXFFIPFromTx (const Packet *p, uint64_t tx_id, char *xff_header, char *dstbuf, int dstbuflen)
+static int GetXFFIPFromTx(const Packet *p, uint64_t tx_id, char *xff_header, char *dstbuf, int dstbuflen)
{
uint8_t xff_chain[UNIFIED2_ALERT_XFF_CHAIN_MAXLEN];
HtpState *htp_state = NULL;
* \retval 1 if the IP has been found and returned in dstbuf
* \retval 0 if the IP has not being found or error
*/
-static int GetXFFIP (const Packet *p, char *xff_header, char *dstbuf, int dstbuflen)
+static int GetXFFIP(const Packet *p, char *xff_header, char *dstbuf, int dstbuflen)
{
HtpState *htp_state = NULL;
uint64_t tx_id = 0;
* \retval TM_ECODE_OK all is good
* \retval TM_ECODE_FAILED serious error
*/
-int Unified2Logger (ThreadVars *t, void *data, const Packet *p)
+int Unified2Logger(ThreadVars *t, void *data, const Packet *p)
{
int ret = 0;
Unified2AlertThread *aun = (Unified2AlertThread *)data;
* \retval 0 on succces
* \retval -1 on failure
*/
-static int Unified2PacketTypeAlert (Unified2AlertThread *aun, const Packet *p, uint32_t event_id, int stream)
+static int Unified2PacketTypeAlert(Unified2AlertThread *aun, const Packet *p, uint32_t event_id, int stream)
{
int ret = 0;
* \retval 0 on succces
* \retval -1 on failure
*/
-static int Unified2IPv6TypeAlert (ThreadVars *t, const Packet *p, void *data)
+static int Unified2IPv6TypeAlert(ThreadVars *t, const Packet *p, void *data)
{
Unified2AlertThread *aun = (Unified2AlertThread *)data;
Unified2AlertFileHeader hdr;
* \retval 0 on failure
*/
-static int Unified2Test01 (void) {
+static int Unified2Test01(void)
+{
ThreadVars tv;
DecodeThreadVars dtv;
PacketQueue pq;
* \retval 0 on failure
*/
-static int Unified2Test02 (void) {
+static int Unified2Test02(void)
+{
ThreadVars tv;
DecodeThreadVars dtv;
PacketQueue pq;
* \retval 0 on failure
*/
-static int Unified2Test03 (void) {
+static int Unified2Test03(void)
+{
ThreadVars tv;
DecodeThreadVars dtv;
PacketQueue pq;
* \retval 0 on failure
*/
-static int Unified2Test04 (void) {
+static int Unified2Test04(void)
+{
ThreadVars tv;
DecodeThreadVars dtv;
PacketQueue pq;
* \retval 0 on failure
*/
-static int Unified2Test05 (void) {
+static int Unified2Test05(void)
+{
ThreadVars tv;
DecodeThreadVars dtv;
PacketQueue pq;
/**
* \brief this function registers unit tests for Unified2
*/
-void Unified2RegisterTests (void) {
+void Unified2RegisterTests(void)
+{
#ifdef UNITTESTS
UtRegisterTest("Unified2Test01 -- Ipv4 test", Unified2Test01, 1);
UtRegisterTest("Unified2Test02 -- Ipv6 test", Unified2Test02, 1);
-/* Copyright (C) 2007-2010 Open Information Security Foundation
+/* Copyright (C) 2007-2014 Open Information Security Foundation
*
* You can copy, redistribute or modify this Program under the terms of
* the GNU General Public License version 2 as published by the Free
#define UNIFIED2_EXTRADATA_TYPE_BLOB 1
#define UNIFIED2_EXTRADATA_TYPE_EXTRA_DATA 4
-void TmModuleUnified2AlertRegister (void);
+void TmModuleUnified2AlertRegister(void);
OutputCtx *Unified2AlertInitCtx(ConfNode *);
#endif /* __ALERT_UNIFIED2_ALERT_H__ */
projects / thirdparty / suricata.git / commitdiff
