From: Russ Combs (rucombs) Date: Thu, 10 Aug 2017 14:42:26 +0000 (-0400) Subject: Merge pull request #985 in SNORT/snort3 from multi_binder to master X-Git-Tag: 3.0.0-240~71 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=3e306e0d313dc3e8d79fdea1d7b9b994dbed15dc;p=thirdparty%2Fsnort3.git Merge pull request #985 in SNORT/snort3 from multi_binder to master Squashed commit of the following: commit 03b16f35970939c4a3ad6acebaa0ed5dca7a5a31 Author: Carter Waxman Date: Fri Aug 4 14:07:32 2017 -0400 snort2lua: removed excessive newlines from binder output commit a0d7c06663c85b06a85aa6830ff5b88b20289a5e Author: Carter Waxman Date: Fri Aug 4 10:39:14 2017 -0400 snort2lua: bindings now merge and propagate to top level of corresponsing policy --- diff --git a/tools/snort2lua/config_states/config_binding.cc b/tools/snort2lua/config_states/config_binding.cc index 7e544a3f4..2d949fc72 100644 --- a/tools/snort2lua/config_states/config_binding.cc +++ b/tools/snort2lua/config_states/config_binding.cc @@ -148,7 +148,7 @@ bool Binding::convert(std::istringstream& data_stream) if (!util::get_string(data_stream, val, ",")) return false; - Binder bind(table_api); + auto& bind = cv.make_binder(); bool rc = true; do diff --git a/tools/snort2lua/config_states/config_ignore_ports.cc b/tools/snort2lua/config_states/config_ignore_ports.cc index 7538ba1d2..09fc4933f 100644 --- a/tools/snort2lua/config_states/config_ignore_ports.cc +++ b/tools/snort2lua/config_states/config_ignore_ports.cc @@ -62,7 +62,7 @@ bool IgnorePorts::convert(std::istringstream& data_stream) } // Only add to the binder once we have validated the configuration. - Binder bind(table_api); + auto& bind = cv.make_binder(); bind.set_when_proto(keyword); while (data_stream >> port) diff --git a/tools/snort2lua/data/data_types/dt_option.cc b/tools/snort2lua/data/data_types/dt_option.cc index 37ce40e85..92ef8ca62 100644 --- a/tools/snort2lua/data/data_types/dt_option.cc +++ b/tools/snort2lua/data/data_types/dt_option.cc @@ -81,7 +81,9 @@ std::ostream& operator<<(std::ostream& out, const Option& o) for (int i = 0; i < o.depth; i++) whitespace += " "; - out << whitespace; + if ( o.print_whitespace ) + out << whitespace; + if (o.name.size()) out << o.name << " = "; diff --git a/tools/snort2lua/data/data_types/dt_option.h b/tools/snort2lua/data/data_types/dt_option.h index 8277e0a28..0260f1c09 100644 --- a/tools/snort2lua/data/data_types/dt_option.h +++ b/tools/snort2lua/data/data_types/dt_option.h @@ -39,6 +39,9 @@ public: inline std::string get_value() { return value; } + void set_print_whitespace(bool w) + { print_whitespace = w; } + // overloading operators friend std::ostream& operator<<(std::ostream&, const Option&); friend bool operator!=(const Option& lhs, const Option& rhs); @@ -50,6 +53,7 @@ private: std::string name; std::string value; int depth; + bool print_whitespace = false; OptionType type; }; diff --git a/tools/snort2lua/data/data_types/dt_table.cc b/tools/snort2lua/data/data_types/dt_table.cc index f891fd6d5..318d707dd 100644 --- a/tools/snort2lua/data/data_types/dt_table.cc +++ b/tools/snort2lua/data/data_types/dt_table.cc @@ -250,40 +250,90 @@ std::ostream& operator<<(std::ostream& out, const Table& t) whitespace += " "; if (!t.name.empty()) - out << whitespace << t.name << " =" << std::endl; - out << whitespace << '{' << std::endl; + { + if ( t.print_whitespace ) + out << whitespace; - if (!t.comments->empty() && !DataApi::is_quiet_mode()) - out << (*t.comments) << std::endl; + out << t.name << (t.one_line ? " = " : " =\n"); + } + + out << (t.print_whitespace ? whitespace : "") + << (t.one_line ? "{ " : "{\n"); // if we only want differences, don't print data if (!DataApi::is_difference_mode()) { for (Option* o : t.options) - out << (*o) << ",\n"; + { + o->set_print_whitespace(!t.one_line); + out << (*o) << (t.one_line ? ", " : ",\n"); + } for (Variable* v : t.lists) - out << (*v) << ",\n"; + { + v->set_print_whitespace(!t.one_line); + out << (*v) << (t.one_line ? ", " : ",\n"); + } for (Table* sub_t : t.tables) - out << (*sub_t) << ",\n"; + { + //If this table is one_lined, it may still print whitespace beforehand + //Don't print whitespace within the table if it's one_lined + sub_t->set_print_whitespace(!t.one_line); + + if ( t.one_line ) + sub_t->set_one_line(true); + + out << (*sub_t) << (t.one_line ? ", " : ",\n"); + } } else { for (Table* sub_t : t.tables) + { if (sub_t->has_differences()) - out << (*sub_t) << ",\n"; + { + //If this table is one_lined, it may still print whitespace beforehand + //Don't print whitespace within the table if it's one_lined + sub_t->set_print_whitespace(!t.one_line); + + if ( t.one_line ) + sub_t->set_one_line(true); + + out << (*sub_t) << (t.one_line ? ", " : ",\n"); + } + } + } + + + if (!t.comments->empty() && !DataApi::is_quiet_mode()) + { + // Comments need a new line regardless of one_line setting + // When one_line is off, this section is already starting on it's own line + if ( t.one_line ) + out << "\n"; + + out << (*t.comments) << "\n"; } - out << whitespace << "}"; + if ( !t.one_line && t.print_whitespace ) + out << whitespace; + out << "}"; // Now, print all options which need to be appended/overwrite earlier options if (!t.append_options.empty()) { - out << "\n"; + if ( !t.one_line ) + out << "\n"; for (Option* a : t.append_options) - out << (*a) << "\n"; + { + a->set_print_whitespace(!t.one_line); + + out << (*a); + if ( !t.one_line ) + out << "\n"; + } } return out; diff --git a/tools/snort2lua/data/data_types/dt_table.h b/tools/snort2lua/data/data_types/dt_table.h index db18cd762..dabe484d2 100644 --- a/tools/snort2lua/data/data_types/dt_table.h +++ b/tools/snort2lua/data/data_types/dt_table.h @@ -36,6 +36,8 @@ public: virtual ~Table(); inline std::string get_name() { return name; } + void set_one_line(bool o) { one_line = o; } + void set_print_whitespace(bool w) { print_whitespace = w; } bool has_differences(); Table* open_table(); Table* open_table(std::string); @@ -59,6 +61,9 @@ public: private: std::string name; + bool one_line = false; + bool print_whitespace = true; + int depth; Comments* comments; std::vector tables; diff --git a/tools/snort2lua/data/data_types/dt_var.cc b/tools/snort2lua/data/data_types/dt_var.cc index 18e59dabe..99e346a32 100644 --- a/tools/snort2lua/data/data_types/dt_var.cc +++ b/tools/snort2lua/data/data_types/dt_var.cc @@ -145,9 +145,15 @@ std::ostream& operator<<(std::ostream& out, const Variable& var) for (int i = 0; i < var.depth; i++) whitespace += " "; - out << whitespace << var.name << " = "; - count += whitespace.size() + var.name.size() + 3; - whitespace += " "; + out << (var.print_whitespace ? whitespace : "") << var.name << " = "; + + if ( var.print_whitespace ) + count += whitespace.size(); + + count += var.name.size() + 3; + + if ( var.print_whitespace ) + whitespace += " "; for (Variable::VarData* v : var.vars) { @@ -165,15 +171,15 @@ std::ostream& operator<<(std::ostream& out, const Variable& var) first_var = false; // print string - if (v->type == Variable::VarType::VARIABLE) + if ( v->type == Variable::VarType::VARIABLE ) { - if (v->data.size() + count > var.max_line_length) + if ( var.print_whitespace && v->data.size() + count > var.max_line_length ) print_newline(out, count, whitespace); out << v->data; count += v->data.size(); } - else if ((count + v->data.size()) < var.max_line_length) + else if ( !var.print_whitespace || (count + v->data.size()) < var.max_line_length ) { out << "'" << v->data << "'"; count += v->data.size() + 2; diff --git a/tools/snort2lua/data/data_types/dt_var.h b/tools/snort2lua/data/data_types/dt_var.h index 5e114e5cc..35240d94c 100644 --- a/tools/snort2lua/data/data_types/dt_var.h +++ b/tools/snort2lua/data/data_types/dt_var.h @@ -36,6 +36,10 @@ public: inline std::string get_name() { return name; } std::string get_value(DataApi*); bool add_value(std::string); + + void set_print_whitespace(bool w) + { print_whitespace = w; } + friend std::ostream& operator<<(std::ostream&, const Variable&); private: @@ -50,6 +54,7 @@ private: std::vector vars; std::string name; int depth; + bool print_whitespace = true; static const std::size_t max_line_length = 77; // leave room for additional text }; diff --git a/tools/snort2lua/data/dt_table_api.cc b/tools/snort2lua/data/dt_table_api.cc index f933d587b..6a6c653db 100644 --- a/tools/snort2lua/data/dt_table_api.cc +++ b/tools/snort2lua/data/dt_table_api.cc @@ -47,7 +47,7 @@ void TableApi::reset_state() curr_data_bad = false; } -void TableApi::open_top_level_table(std::string table_name) +void TableApi::open_top_level_table(std::string table_name, bool one_line) { Table* t = util::find_table(tables, table_name); @@ -57,6 +57,7 @@ void TableApi::open_top_level_table(std::string table_name) tables.push_back(t); } + t->set_one_line(one_line); open_tables.push(t); // ignore the initial table @@ -64,7 +65,7 @@ void TableApi::open_top_level_table(std::string table_name) top_level_tables.push(open_tables.size()); } -void TableApi::open_table(std::string table_name) +void TableApi::open_table(std::string table_name, bool one_line) { Table* t; @@ -84,10 +85,11 @@ void TableApi::open_table(std::string table_name) } } + t->set_one_line(one_line); open_tables.push(t); } -void TableApi::open_table() +void TableApi::open_table(bool one_line) { // if no open tables, create a top-level table if (open_tables.size() == 0) @@ -97,6 +99,7 @@ void TableApi::open_table() else { Table* t = open_tables.top()->open_table(); + t->set_one_line(one_line); open_tables.push(t); } } diff --git a/tools/snort2lua/data/dt_table_api.h b/tools/snort2lua/data/dt_table_api.h index 265f4a7c7..2c874fff9 100644 --- a/tools/snort2lua/data/dt_table_api.h +++ b/tools/snort2lua/data/dt_table_api.h @@ -66,11 +66,20 @@ public: */ // open a table at the topmost layer. i.e., the table will not be nested inside any other table. - void open_top_level_table(std::string name); + void open_top_level_table(const char* name, bool one_line = false) + { open_top_level_table(std::string(name), one_line); } + + void open_top_level_table(std::string name, bool one_line = false); + // open a nested named table --> 'name = {...}') - void open_table(std::string name); + void open_table(std::string name, bool one_line = false); + + void open_table(const char* name, bool one_line = false) + { open_table(std::string(name), one_line); } + // open a nested table that does not contain a name --> {...}) - void open_table(); + void open_table(bool one_line = false); + // close the nested table. go to previous table level void close_table(); diff --git a/tools/snort2lua/helpers/converter.cc b/tools/snort2lua/helpers/converter.cc index e1ed55ba0..a8de1ce55 100644 --- a/tools/snort2lua/helpers/converter.cc +++ b/tools/snort2lua/helpers/converter.cc @@ -256,6 +256,18 @@ bool Converter::initialize() return true; } +Binder& Converter::make_binder(Binder& b) +{ + binders.push_back(std::unique_ptr(new Binder(b))); + return *binders.back(); +} + +Binder& Converter::make_binder() +{ + binders.push_back(std::unique_ptr(new Binder(table_api))); + return *binders.back(); +} + int Converter::convert(std::string input, std::string output_file, std::string rule_file, @@ -266,6 +278,11 @@ int Converter::convert(std::string input, rc = parse_file(input); + // vector::clear()'s ordering isn't deterministic but this is + // keep in place for stable regressions + while ( binders.size() ) + binders.pop_back(); + if (rule_file.empty()) rule_file = output_file; diff --git a/tools/snort2lua/helpers/converter.h b/tools/snort2lua/helpers/converter.h index 4ed65a8a6..489e5a72b 100644 --- a/tools/snort2lua/helpers/converter.h +++ b/tools/snort2lua/helpers/converter.h @@ -20,11 +20,13 @@ #ifndef UTILS_CONVERTER_H #define UTILS_CONVERTER_H +#include #include #include "conversion_defines.h" #include "data/dt_data.h" #include "data/dt_table_api.h" #include "data/dt_rule_api.h" +#include "util_binder.h" class Converter { @@ -56,6 +58,9 @@ public: inline static void set_empty_args(bool val) { empty_args = val; } + Binder& make_binder(Binder&); + Binder& make_binder(); + int convert(std::string input, std::string output, std::string rules, // defaults to output_file @@ -98,6 +103,7 @@ private: DataApi data_api; TableApi table_api; RuleApi rule_api; + std::vector> binders; // the current parsing state. ConversionState* state; diff --git a/tools/snort2lua/helpers/util_binder.cc b/tools/snort2lua/helpers/util_binder.cc index 99eaa5cab..1973832e4 100644 --- a/tools/snort2lua/helpers/util_binder.cc +++ b/tools/snort2lua/helpers/util_binder.cc @@ -35,9 +35,9 @@ void Binder::add_to_configuration() { printed = true; table_api.open_top_level_table("binder"); - table_api.open_table(); + table_api.open_table(true); - table_api.open_table("when"); + table_api.open_table("when", true); if (when_policy_id >= 0) table_api.add_option("policy_id", when_policy_id); @@ -48,7 +48,7 @@ void Binder::add_to_configuration() if (!when_proto.empty()) table_api.add_option("proto", when_proto); - if (!when_role.empty()) + if (!when_role.empty() && when_role != "any") table_api.add_option("role", when_role); for (auto p : ports) @@ -62,7 +62,7 @@ void Binder::add_to_configuration() table_api.close_table(); // "when" - table_api.open_table("use"); + table_api.open_table("use", true); if (!use_policy_id.empty()) table_api.add_option("policy_id", use_policy_id); diff --git a/tools/snort2lua/helpers/util_binder.h b/tools/snort2lua/helpers/util_binder.h index 27eaf589b..5bc8a175e 100644 --- a/tools/snort2lua/helpers/util_binder.h +++ b/tools/snort2lua/helpers/util_binder.h @@ -27,10 +27,13 @@ class TableApi; // The Binders destructor will add the Objects configuration to the // table_api. +class Converter; class Binder { + //Only use Converter to instantiate Binders through make_binder() + //This ensures only one binder tables is created per policy + friend class Converter; public: - Binder(TableApi&); ~Binder(); // By calling add_to_configuration(), you are adding this Binder Object @@ -41,6 +44,9 @@ public: void print_binding(bool should_print) { printed = !should_print; } + bool will_print() + { return !printed; } + void set_when_policy_id(int id); void set_when_service(std::string service); void set_when_role(std::string role); @@ -58,6 +64,8 @@ public: void set_use_policy_id(std::string id); private: + Binder(TableApi&); + TableApi& table_api; bool printed; // ensures that the binding is added once, // by either the destructor or user diff --git a/tools/snort2lua/preprocessor_states/pps_dcerpc_server.cc b/tools/snort2lua/preprocessor_states/pps_dcerpc_server.cc index ee02a343b..8ba75f2ca 100644 --- a/tools/snort2lua/preprocessor_states/pps_dcerpc_server.cc +++ b/tools/snort2lua/preprocessor_states/pps_dcerpc_server.cc @@ -638,11 +638,11 @@ bool DcerpcServer::convert(std::istringstream& data_stream) std::string keyword; bool retval = true; - Binder bind_tcp(table_api); - Binder bind_smb(table_api); - Binder bind_udp(table_api); - Binder bind_http_proxy(table_api); - Binder bind_http_server(table_api); + auto& bind_tcp = cv.make_binder(); + auto& bind_smb = cv.make_binder(); + auto& bind_udp = cv.make_binder(); + auto& bind_http_proxy = cv.make_binder(); + auto& bind_http_server = cv.make_binder(); std::map bind; diff --git a/tools/snort2lua/preprocessor_states/pps_dnp3.cc b/tools/snort2lua/preprocessor_states/pps_dnp3.cc index 5bfc910f2..56efe396d 100644 --- a/tools/snort2lua/preprocessor_states/pps_dnp3.cc +++ b/tools/snort2lua/preprocessor_states/pps_dnp3.cc @@ -47,12 +47,12 @@ Dnp3::~Dnp3() if (converted_args) return; - Binder tcp_bind(table_api); + auto& tcp_bind = cv.make_binder(); tcp_bind.set_when_proto("tcp"); tcp_bind.add_when_port("20000"); tcp_bind.set_use_type("dnp3"); - Binder udp_bind(table_api); + auto& udp_bind = cv.make_binder(); udp_bind.set_when_proto("udp"); udp_bind.add_when_port("20000"); udp_bind.set_use_type("dnp3"); @@ -66,8 +66,8 @@ bool Dnp3::convert(std::istringstream& data_stream) std::string keyword; bool retval = true; bool ports_set = false; - Binder tcp_bind(table_api); - Binder udp_bind(table_api); + auto& tcp_bind = cv.make_binder(); + auto& udp_bind = cv.make_binder(); converted_args = true; diff --git a/tools/snort2lua/preprocessor_states/pps_dns.cc b/tools/snort2lua/preprocessor_states/pps_dns.cc index aed821af8..3ee456a64 100644 --- a/tools/snort2lua/preprocessor_states/pps_dns.cc +++ b/tools/snort2lua/preprocessor_states/pps_dns.cc @@ -43,7 +43,7 @@ bool Dns::convert(std::istringstream& data_stream) std::string keyword; bool retval = true; bool ports_set = false; - Binder bind(table_api); + auto& bind = cv.make_binder(); bind.set_when_proto("tcp"); bind.set_use_type("dns"); diff --git a/tools/snort2lua/preprocessor_states/pps_frag3_engine.cc b/tools/snort2lua/preprocessor_states/pps_frag3_engine.cc index 0c00e2a5d..b4bc5242b 100644 --- a/tools/snort2lua/preprocessor_states/pps_frag3_engine.cc +++ b/tools/snort2lua/preprocessor_states/pps_frag3_engine.cc @@ -91,7 +91,7 @@ bool Frag3Engine::convert(std::istringstream& data_stream) } else { - Binder b(table_api); + auto& b = cv.make_binder(); b.set_when_proto("ip"); b.add_when_net(ip_list); b.set_use_type("stream_ip"); diff --git a/tools/snort2lua/preprocessor_states/pps_ftp_telnet_protocol.cc b/tools/snort2lua/preprocessor_states/pps_ftp_telnet_protocol.cc index a7f53dcd8..5222f6399 100644 --- a/tools/snort2lua/preprocessor_states/pps_ftp_telnet_protocol.cc +++ b/tools/snort2lua/preprocessor_states/pps_ftp_telnet_protocol.cc @@ -177,7 +177,7 @@ bool FtpServer::convert(std::istringstream& data_stream) std::string keyword; bool retval = true; bool ports_set = false; - Binder bind(table_api); + auto& bind = cv.make_binder(); bind.set_use_type("ftp_server"); bind.set_when_proto("tcp"); @@ -361,7 +361,7 @@ bool FtpClient::convert(std::istringstream& data_stream) { std::string keyword; bool retval = true; - Binder bind(table_api); + auto& bind = cv.make_binder(); bind.set_use_type("ftp_client"); bind.set_when_proto("tcp"); @@ -494,7 +494,7 @@ bool Telnet::convert(std::istringstream& data_stream) std::string keyword; bool ports_set = false; bool retval = true; - Binder bind(table_api); + auto& bind = cv.make_binder(); bind.set_when_proto("tcp"); bind.set_use_type("telnet"); diff --git a/tools/snort2lua/preprocessor_states/pps_gtp.cc b/tools/snort2lua/preprocessor_states/pps_gtp.cc index 4d5919669..763b08a04 100644 --- a/tools/snort2lua/preprocessor_states/pps_gtp.cc +++ b/tools/snort2lua/preprocessor_states/pps_gtp.cc @@ -48,7 +48,7 @@ Gtp::~Gtp() if (converted_args) return; - Binder bind(table_api); + auto& bind = cv.make_binder(); bind.set_when_proto("udp"); bind.add_when_port("2123"); bind.add_when_port("3386"); @@ -63,7 +63,7 @@ bool Gtp::convert(std::istringstream& data_stream) std::string keyword; bool retval = true; bool ports_set = false; - Binder bind(table_api); + auto& bind = cv.make_binder(); bind.set_when_proto("udp"); bind.set_use_type("gtp_inspect"); diff --git a/tools/snort2lua/preprocessor_states/pps_http_inspect_server.cc b/tools/snort2lua/preprocessor_states/pps_http_inspect_server.cc index f8456f094..92a63f296 100644 --- a/tools/snort2lua/preprocessor_states/pps_http_inspect_server.cc +++ b/tools/snort2lua/preprocessor_states/pps_http_inspect_server.cc @@ -64,7 +64,7 @@ bool HttpInspectServer::convert(std::istringstream& data_stream) bool ports_set = false; bool simplify = false; bool slash_dir_set = false; - Binder bind(table_api); + auto& bind = cv.make_binder(); bind.set_when_proto("tcp"); bind.set_use_type("http_inspect"); diff --git a/tools/snort2lua/preprocessor_states/pps_imap.cc b/tools/snort2lua/preprocessor_states/pps_imap.cc index f3383bdc1..7b829f4c0 100644 --- a/tools/snort2lua/preprocessor_states/pps_imap.cc +++ b/tools/snort2lua/preprocessor_states/pps_imap.cc @@ -43,7 +43,7 @@ bool Imap::convert(std::istringstream& data_stream) std::string keyword; bool retval = true; bool ports_set = false; - Binder bind(table_api); + auto& bind = cv.make_binder(); bind.set_when_proto("tcp"); bind.set_use_type("imap"); diff --git a/tools/snort2lua/preprocessor_states/pps_modbus.cc b/tools/snort2lua/preprocessor_states/pps_modbus.cc index 7cfec9d05..e9f31b0af 100644 --- a/tools/snort2lua/preprocessor_states/pps_modbus.cc +++ b/tools/snort2lua/preprocessor_states/pps_modbus.cc @@ -47,7 +47,7 @@ Modbus::~Modbus() if (converted_args) return; - Binder bind(table_api); + auto& bind = cv.make_binder(); bind.set_when_proto("tcp"); bind.add_when_port("502"); bind.set_use_type("modbus"); @@ -61,7 +61,7 @@ bool Modbus::convert(std::istringstream& data_stream) std::string keyword; bool retval = true; bool ports_set = false; - Binder bind(table_api); + auto& bind = cv.make_binder(); bind.set_when_proto("tcp"); bind.set_use_type("modbus"); diff --git a/tools/snort2lua/preprocessor_states/pps_pop.cc b/tools/snort2lua/preprocessor_states/pps_pop.cc index 8d1ff7cc4..42011ea37 100644 --- a/tools/snort2lua/preprocessor_states/pps_pop.cc +++ b/tools/snort2lua/preprocessor_states/pps_pop.cc @@ -43,7 +43,7 @@ bool Pop::convert(std::istringstream& data_stream) std::string keyword; bool retval = true; bool ports_set = false; - Binder bind(table_api); + auto& bind = cv.make_binder(); bind.set_when_proto("tcp"); bind.set_use_type("pop"); diff --git a/tools/snort2lua/preprocessor_states/pps_rpc_decode.cc b/tools/snort2lua/preprocessor_states/pps_rpc_decode.cc index 7bb5e0665..c44cc0a1a 100644 --- a/tools/snort2lua/preprocessor_states/pps_rpc_decode.cc +++ b/tools/snort2lua/preprocessor_states/pps_rpc_decode.cc @@ -50,7 +50,7 @@ RpcDecode::~RpcDecode() { if (!converted_args) { - Binder bind(table_api); + auto& bind = cv.make_binder(); bind.set_when_proto("tcp"); bind.add_when_port("111"); bind.add_when_port("32271"); @@ -68,7 +68,7 @@ bool RpcDecode::convert(std::istringstream& data_stream) std::string keyword; // adding the binder entry - Binder bind(table_api); + auto& bind = cv.make_binder(); bind.set_when_proto("tcp"); bind.set_use_type("rpc_decode"); diff --git a/tools/snort2lua/preprocessor_states/pps_sip.cc b/tools/snort2lua/preprocessor_states/pps_sip.cc index fbf3619d4..a0fa754f0 100644 --- a/tools/snort2lua/preprocessor_states/pps_sip.cc +++ b/tools/snort2lua/preprocessor_states/pps_sip.cc @@ -43,7 +43,7 @@ bool Sip::convert(std::istringstream& data_stream) std::string keyword; bool retval = true; bool ports_set = false; - Binder bind(table_api); + auto& bind = cv.make_binder(); bind.set_when_proto("udp"); bind.set_use_type("sip"); diff --git a/tools/snort2lua/preprocessor_states/pps_smtp.cc b/tools/snort2lua/preprocessor_states/pps_smtp.cc index 3eb730a6e..0250a0b33 100644 --- a/tools/snort2lua/preprocessor_states/pps_smtp.cc +++ b/tools/snort2lua/preprocessor_states/pps_smtp.cc @@ -114,7 +114,7 @@ bool Smtp::convert(std::istringstream& data_stream) std::string keyword; bool retval = true; bool ports_set = false; - Binder bind(table_api); + auto& bind = cv.make_binder(); bind.set_when_proto("tcp"); bind.set_use_type("smtp"); diff --git a/tools/snort2lua/preprocessor_states/pps_ssh.cc b/tools/snort2lua/preprocessor_states/pps_ssh.cc index a3db49d4a..a440c1b75 100644 --- a/tools/snort2lua/preprocessor_states/pps_ssh.cc +++ b/tools/snort2lua/preprocessor_states/pps_ssh.cc @@ -43,7 +43,7 @@ bool Ssh::convert(std::istringstream& data_stream) std::string keyword; bool retval = true; bool ports_set = false; - Binder bind(table_api); + auto& bind = cv.make_binder(); bind.set_when_proto("tcp"); bind.set_use_type("ssh"); diff --git a/tools/snort2lua/preprocessor_states/pps_ssl.cc b/tools/snort2lua/preprocessor_states/pps_ssl.cc index e3cf834bf..49e607625 100644 --- a/tools/snort2lua/preprocessor_states/pps_ssl.cc +++ b/tools/snort2lua/preprocessor_states/pps_ssl.cc @@ -42,7 +42,7 @@ bool Ssl::convert(std::istringstream& data_stream) std::string keyword; bool retval = true; bool ports_set = false; - Binder bind(table_api); + auto& bind = cv.make_binder(); bind.set_when_proto("tcp"); bind.set_use_type("ssl"); diff --git a/tools/snort2lua/preprocessor_states/pps_stream5_tcp.cc b/tools/snort2lua/preprocessor_states/pps_stream5_tcp.cc index ed30ca129..c54158e5f 100644 --- a/tools/snort2lua/preprocessor_states/pps_stream5_tcp.cc +++ b/tools/snort2lua/preprocessor_states/pps_stream5_tcp.cc @@ -260,9 +260,9 @@ bool StreamTcp::convert(std::istringstream& data_stream) std::string keyword; bool retval = true; - Binder client(table_api); - Binder server(table_api); - Binder any(table_api); + auto& client = cv.make_binder(); + auto& server = cv.make_binder(); + auto& any = cv.make_binder(); // by default, only print one binding client.print_binding(true); @@ -493,20 +493,14 @@ bool StreamTcp::convert(std::istringstream& data_stream) // Add the port bindings separately from the protocol bindings since // in 2.9.x they are OR'd not AND'd. Clear the ports so they're not // included with the protocol bindings. - { - Binder b = client; // Binding is added during destructor. - client.clear_ports(); - } + cv.make_binder(client); + client.clear_ports(); - { - Binder b = server; - server.clear_ports(); - } + cv.make_binder(server); + server.clear_ports(); - { - Binder b = any; - any.clear_ports(); - } + cv.make_binder(any); + any.clear_ports(); if (!protos_set) { @@ -519,7 +513,7 @@ bool StreamTcp::convert(std::istringstream& data_stream) for (const std::string& s : default_protos) { - Binder b = *bind_default; // Binding is added during destructor. + auto& b = cv.make_binder(*bind_default); b.set_when_service(s); } } @@ -528,7 +522,7 @@ bool StreamTcp::convert(std::istringstream& data_stream) { for (std::string s : client_protocols) { - Binder b = client; + auto& b = cv.make_binder(client); b.set_when_service(s); } } @@ -537,7 +531,7 @@ bool StreamTcp::convert(std::istringstream& data_stream) { for (std::string s : server_protocols) { - Binder b = server; + auto& b = cv.make_binder(server); b.set_when_service(s); } } @@ -546,7 +540,7 @@ bool StreamTcp::convert(std::istringstream& data_stream) { for (std::string s : any_protocols) { - Binder b = any; + auto& b = cv.make_binder(any); b.set_when_service(s); } }