is a network intrusion prevention and detection system (IDS/IPS) combining the benefits of signature, protocol and anomaly-based inspection.
| fpcreate.c (snort-2.9.16.1) | : | fpcreate.c (snort-2.9.17) |
|---|
| | |
| skipping to change at line 1943 | | skipping to change at line 1943 |
|---|
| prm->prmGeneric =(PORT_GROUP*) anyany->data; | | prm->prmGeneric =(PORT_GROUP*) anyany->data; |
| | |
| /* all rules that are any any some may not be content ? */ | | /* all rules that are any any some may not be content ? */ |
| prm->prmNumGenericRules = anyany->rule_list->count; | | prm->prmNumGenericRules = anyany->rule_list->count; |
| | |
| prm->prmNumSrcRules= 0; | | prm->prmNumSrcRules= 0; |
| prm->prmNumDstRules= 0; | | prm->prmNumDstRules= 0; |
| | |
| prm->prmNumSrcGroups= 0; | | prm->prmNumSrcGroups= 0; |
| prm->prmNumDstGroups= 0; | | prm->prmNumDstGroups= 0; |
|
| | #ifdef TARGET_BASED |
| prm->prmNumNoServiceSrcRules= 0; | | prm->prmNumNoServiceSrcRules= 0; |
| prm->prmNumNoServiceDstRules= 0; | | prm->prmNumNoServiceDstRules= 0; |
| prm->prmNumNoServiceSrcGroups= 0; | | prm->prmNumNoServiceSrcGroups= 0; |
| prm->prmNumNoServiceDstGroups= 0; | | prm->prmNumNoServiceDstGroups= 0; |
|
| | #endif |
| | |
| /* Process src PORT groups */ | | /* Process src PORT groups */ |
| if(src ) | | if(src ) |
| { | | { |
| for( node=sfghash_findfirst(src->pt_mpxo_hash); | | for( node=sfghash_findfirst(src->pt_mpxo_hash); |
| node; | | node; |
| node=sfghash_findnext(src->pt_mpxo_hash) ) | | node=sfghash_findnext(src->pt_mpxo_hash) ) |
| { | | { |
| po = (PortObject2*)node->data; | | po = (PortObject2*)node->data; |
| | |
| | |
| skipping to change at line 2056 | | skipping to change at line 2058 |
|---|
| for( node=sfghash_findfirst(ns_src->pt_mpxo_hash); | | for( node=sfghash_findfirst(ns_src->pt_mpxo_hash); |
| node; | | node; |
| node=sfghash_findnext(ns_src->pt_mpxo_hash) ) | | node=sfghash_findnext(ns_src->pt_mpxo_hash) ) |
| { | | { |
| po = (PortObject2*)node->data; | | po = (PortObject2*)node->data; |
| | |
| if( !po ) continue; | | if( !po ) continue; |
| if( !po->data ) continue; | | if( !po->data ) continue; |
| | |
| /* Add up the total ns_src rules */ | | /* Add up the total ns_src rules */ |
|
| | #ifdef TARGET_BASED |
| prm->prmNumNoServiceSrcRules += po->rule_hash->count; | | prm->prmNumNoServiceSrcRules += po->rule_hash->count; |
| | |
| /* Increment the port group count */ | | /* Increment the port group count */ |
| prm->prmNumNoServiceSrcGroups ++; | | prm->prmNumNoServiceSrcGroups ++; |
|
| | | #endif |
| /* Add this port group to the ns_src table at each port that uses it
*/ | | /* Add this port group to the ns_src table at each port that uses it
*/ |
| for( poi = (PortObjectItem*)sflist_first(po->item_list); poi; | | for( poi = (PortObjectItem*)sflist_first(po->item_list); poi; |
| poi = (PortObjectItem*)sflist_next(po->item_list) ) | | poi = (PortObjectItem*)sflist_next(po->item_list) ) |
| { | | { |
| switch(poi->type) | | switch(poi->type) |
| { | | { |
| case PORT_OBJECT_ANY: | | case PORT_OBJECT_ANY: |
| break; | | break; |
| case PORT_OBJECT_PORT: | | case PORT_OBJECT_PORT: |
| #if 0 | | #if 0 |
| /* This test is always true since poi->lport is a 16 bit | | /* This test is always true since poi->lport is a 16 bit |
| * int and MAX_PORTS is 64K. If this relationship shoul
d | | * int and MAX_PORTS is 64K. If this relationship shoul
d |
| * change, the test should be compiled back in. | | * change, the test should be compiled back in. |
| */ | | */ |
| if( poi->lport < MAX_PORTS ) | | if( poi->lport < MAX_PORTS ) |
| #endif | | #endif |
|
| | #ifdef TARGET_BASED |
| prm->prmNoServiceSrcPort[ poi->lport ] = (PORT_GROUP
*)po->data; | | prm->prmNoServiceSrcPort[ poi->lport ] = (PORT_GROUP
*)po->data; |
|
| | #endif |
| break; | | break; |
| case PORT_OBJECT_RANGE: | | case PORT_OBJECT_RANGE: |
|
| | #ifdef TARGET_BASED |
| for(i= poi->lport;i<= poi->hport;i++ ) | | for(i= poi->lport;i<= poi->hport;i++ ) |
| { | | { |
| prm->prmNoServiceSrcPort[ i ] = (PORT_GROUP*)po->dat
a; | | prm->prmNoServiceSrcPort[ i ] = (PORT_GROUP*)po->dat
a; |
| } | | } |
|
| | #endif |
| break; | | break; |
| } | | } |
| } | | } |
| } | | } |
| } | | } |
| | |
| if( ns_dst ) | | if( ns_dst ) |
| { | | { |
| for( node=sfghash_findfirst(ns_dst->pt_mpxo_hash); node; | | for( node=sfghash_findfirst(ns_dst->pt_mpxo_hash); node; |
| node=sfghash_findnext(ns_dst->pt_mpxo_hash) ) | | node=sfghash_findnext(ns_dst->pt_mpxo_hash) ) |
| { | | { |
| po = (PortObject2*)node->data; | | po = (PortObject2*)node->data; |
| | |
| if( !po ) continue; | | if( !po ) continue; |
| if( !po->data ) continue; | | if( !po->data ) continue; |
| | |
|
| | #ifdef TARGET_BASED |
| /* Add up the total ns_dst rules */ | | /* Add up the total ns_dst rules */ |
| prm->prmNumNoServiceDstRules += po->rule_hash->count; | | prm->prmNumNoServiceDstRules += po->rule_hash->count; |
| | |
| /* Increment the port group count */ | | /* Increment the port group count */ |
| prm->prmNumNoServiceDstGroups ++; | | prm->prmNumNoServiceDstGroups ++; |
|
| | #endif |
| | |
| /* Add this port group to the ns_dst table at each port that uses it
*/ | | /* Add this port group to the ns_dst table at each port that uses it
*/ |
| for( poi = (PortObjectItem*)sflist_first(po->item_list); | | for( poi = (PortObjectItem*)sflist_first(po->item_list); |
| poi; | | poi; |
| poi = (PortObjectItem*)sflist_next(po->item_list) ) | | poi = (PortObjectItem*)sflist_next(po->item_list) ) |
| { | | { |
| switch(poi->type) | | switch(poi->type) |
| { | | { |
| case PORT_OBJECT_ANY: | | case PORT_OBJECT_ANY: |
| break; | | break; |
| case PORT_OBJECT_PORT: | | case PORT_OBJECT_PORT: |
| #if 0 | | #if 0 |
| /* This test is always true since poi->lport is a 16 bit | | /* This test is always true since poi->lport is a 16 bit |
| * int and MAX_PORTS is 64K. If this relationship shoul
d | | * int and MAX_PORTS is 64K. If this relationship shoul
d |
| * change, the test should be compiled back in. | | * change, the test should be compiled back in. |
| */ | | */ |
| if( poi->lport < MAX_PORTS ) | | if( poi->lport < MAX_PORTS ) |
| #endif | | #endif |
|
| | #ifdef TARGET_BASED |
| prm->prmNoServiceDstPort[ poi->lport ] = (PORT_GROUP
*)po->data; | | prm->prmNoServiceDstPort[ poi->lport ] = (PORT_GROUP
*)po->data; |
|
| | #endif |
| break; | | break; |
| case PORT_OBJECT_RANGE: | | case PORT_OBJECT_RANGE: |
|
| | #ifdef TARGET_BASED |
| for(i= poi->lport;i<= poi->hport;i++ ) | | for(i= poi->lport;i<= poi->hport;i++ ) |
| { | | { |
| prm->prmNoServiceDstPort[ i ] = (PORT_GROUP*)po->dat
a; | | prm->prmNoServiceDstPort[ i ] = (PORT_GROUP*)po->dat
a; |
| } | | } |
|
| | #endif |
| break; | | break; |
| } | | } |
| } | | } |
| } | | } |
| } | | } |
| | |
| return 0; | | return 0; |
| } | | } |
| /* | | /* |
| * Create and initialize the rule maps | | * Create and initialize the rule maps |
| */ | | */ |
| static int fpCreateRuleMaps(SnortConfig *sc, rule_port_tables_t *p) | | static int fpCreateRuleMaps(SnortConfig *sc, rule_port_tables_t *p) |
| { | | { |
| sc->prmTcpRTNX = prmNewMap(); | | sc->prmTcpRTNX = prmNewMap(); |
| if (sc->prmTcpRTNX == NULL) | | if (sc->prmTcpRTNX == NULL) |
| return 1; | | return 1; |
| | |
|
| | #ifdef TARGET_BASED |
| if (fpCreateInitRuleMap(sc->prmTcpRTNX, p->tcp_src, p->tcp_dst, p->tcp_anyan
y, p->tcp_nocontent, p->ns_tcp_src, p->ns_tcp_dst )) | | if (fpCreateInitRuleMap(sc->prmTcpRTNX, p->tcp_src, p->tcp_dst, p->tcp_anyan
y, p->tcp_nocontent, p->ns_tcp_src, p->ns_tcp_dst )) |
| return -1; | | return -1; |
|
| | #endif |
| | |
| sc->prmUdpRTNX = prmNewMap(); | | sc->prmUdpRTNX = prmNewMap(); |
| if (sc->prmUdpRTNX == NULL) | | if (sc->prmUdpRTNX == NULL) |
| return -1; | | return -1; |
| | |
|
| | #ifdef TARGET_BASED |
| if (fpCreateInitRuleMap(sc->prmUdpRTNX, p->udp_src, p->udp_dst, p->udp_anyan
y, p->udp_nocontent, p->ns_udp_src, p->ns_udp_dst)) | | if (fpCreateInitRuleMap(sc->prmUdpRTNX, p->udp_src, p->udp_dst, p->udp_anyan
y, p->udp_nocontent, p->ns_udp_src, p->ns_udp_dst)) |
| return -1; | | return -1; |
|
| | #endif |
| | |
| sc->prmIpRTNX = prmNewMap(); | | sc->prmIpRTNX = prmNewMap(); |
| if (sc->prmIpRTNX == NULL) | | if (sc->prmIpRTNX == NULL) |
| return 1; | | return 1; |
| | |
|
| | #ifdef TARGET_BASED |
| if (fpCreateInitRuleMap(sc->prmIpRTNX, p->ip_src, p->ip_dst, p->ip_anyany, p
->ip_nocontent, p->ns_ip_src, p->ns_ip_dst)) | | if (fpCreateInitRuleMap(sc->prmIpRTNX, p->ip_src, p->ip_dst, p->ip_anyany, p
->ip_nocontent, p->ns_ip_src, p->ns_ip_dst)) |
| return -1; | | return -1; |
|
| | #endif |
| | |
| sc->prmIcmpRTNX = prmNewMap(); | | sc->prmIcmpRTNX = prmNewMap(); |
| if (sc->prmIcmpRTNX == NULL) | | if (sc->prmIcmpRTNX == NULL) |
| return 1; | | return 1; |
| | |
|
| | #ifdef TARGET_BASED |
| if (fpCreateInitRuleMap(sc->prmIcmpRTNX, p->icmp_src, p->icmp_dst, p->icmp_a
nyany, p->icmp_nocontent, p->ns_icmp_src, p->ns_icmp_dst)) | | if (fpCreateInitRuleMap(sc->prmIcmpRTNX, p->icmp_src, p->icmp_dst, p->icmp_a
nyany, p->icmp_nocontent, p->ns_icmp_src, p->ns_icmp_dst)) |
| return -1; | | return -1; |
|
| | #endif |
| | |
| return 0; | | return 0; |
| } | | } |
| | |
| static void fpFreeRuleMaps(SnortConfig *sc) | | static void fpFreeRuleMaps(SnortConfig *sc) |
| { | | { |
| if (sc == NULL) | | if (sc == NULL) |
| return; | | return; |
| | |
| if (sc->prmTcpRTNX != NULL) | | if (sc->prmTcpRTNX != NULL) |
| | | |
| End of changes. 22 change blocks. |
|---|
| 1 lines changed or deleted | | 22 lines changed or added |
|---|
"Fossies" - the Fresh Open Source Software Archive 