"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "src/fpcreate.c" between
snort-2.9.16.1.tar.gz and snort-2.9.17.tar.gz

About: Snort is a network intrusion prevention and detection system (IDS/IPS) combining the benefits of signature, protocol and anomaly-based inspection.

fpcreate.c  (snort-2.9.16.1):fpcreate.c  (snort-2.9.17)
skipping to change at line 1943 skipping to change at line 1943
prm->prmGeneric =(PORT_GROUP*) anyany->data; prm->prmGeneric =(PORT_GROUP*) anyany->data;
/* all rules that are any any some may not be content ? */ /* all rules that are any any some may not be content ? */
prm->prmNumGenericRules = anyany->rule_list->count; prm->prmNumGenericRules = anyany->rule_list->count;
prm->prmNumSrcRules= 0; prm->prmNumSrcRules= 0;
prm->prmNumDstRules= 0; prm->prmNumDstRules= 0;
prm->prmNumSrcGroups= 0; prm->prmNumSrcGroups= 0;
prm->prmNumDstGroups= 0; prm->prmNumDstGroups= 0;
#ifdef TARGET_BASED
prm->prmNumNoServiceSrcRules= 0; prm->prmNumNoServiceSrcRules= 0;
prm->prmNumNoServiceDstRules= 0; prm->prmNumNoServiceDstRules= 0;
prm->prmNumNoServiceSrcGroups= 0; prm->prmNumNoServiceSrcGroups= 0;
prm->prmNumNoServiceDstGroups= 0; prm->prmNumNoServiceDstGroups= 0;
#endif
/* Process src PORT groups */ /* Process src PORT groups */
if(src ) if(src )
{ {
for( node=sfghash_findfirst(src->pt_mpxo_hash); for( node=sfghash_findfirst(src->pt_mpxo_hash);
node; node;
node=sfghash_findnext(src->pt_mpxo_hash) ) node=sfghash_findnext(src->pt_mpxo_hash) )
{ {
po = (PortObject2*)node->data; po = (PortObject2*)node->data;
skipping to change at line 2056 skipping to change at line 2058
for( node=sfghash_findfirst(ns_src->pt_mpxo_hash); for( node=sfghash_findfirst(ns_src->pt_mpxo_hash);
node; node;
node=sfghash_findnext(ns_src->pt_mpxo_hash) ) node=sfghash_findnext(ns_src->pt_mpxo_hash) )
{ {
po = (PortObject2*)node->data; po = (PortObject2*)node->data;
if( !po ) continue; if( !po ) continue;
if( !po->data ) continue; if( !po->data ) continue;
/* Add up the total ns_src rules */ /* Add up the total ns_src rules */
#ifdef TARGET_BASED
prm->prmNumNoServiceSrcRules += po->rule_hash->count; prm->prmNumNoServiceSrcRules += po->rule_hash->count;
/* Increment the port group count */ /* Increment the port group count */
prm->prmNumNoServiceSrcGroups ++; prm->prmNumNoServiceSrcGroups ++;
#endif
/* Add this port group to the ns_src table at each port that uses it */ /* Add this port group to the ns_src table at each port that uses it */
for( poi = (PortObjectItem*)sflist_first(po->item_list); poi; for( poi = (PortObjectItem*)sflist_first(po->item_list); poi;
poi = (PortObjectItem*)sflist_next(po->item_list) ) poi = (PortObjectItem*)sflist_next(po->item_list) )
{ {
switch(poi->type) switch(poi->type)
{ {
case PORT_OBJECT_ANY: case PORT_OBJECT_ANY:
break; break;
case PORT_OBJECT_PORT: case PORT_OBJECT_PORT:
#if 0 #if 0
/* This test is always true since poi->lport is a 16 bit /* This test is always true since poi->lport is a 16 bit
* int and MAX_PORTS is 64K. If this relationship shoul d * int and MAX_PORTS is 64K. If this relationship shoul d
* change, the test should be compiled back in. * change, the test should be compiled back in.
*/ */
if( poi->lport < MAX_PORTS ) if( poi->lport < MAX_PORTS )
#endif #endif
#ifdef TARGET_BASED
prm->prmNoServiceSrcPort[ poi->lport ] = (PORT_GROUP *)po->data; prm->prmNoServiceSrcPort[ poi->lport ] = (PORT_GROUP *)po->data;
#endif
break; break;
case PORT_OBJECT_RANGE: case PORT_OBJECT_RANGE:
#ifdef TARGET_BASED
for(i= poi->lport;i<= poi->hport;i++ ) for(i= poi->lport;i<= poi->hport;i++ )
{ {
prm->prmNoServiceSrcPort[ i ] = (PORT_GROUP*)po->dat a; prm->prmNoServiceSrcPort[ i ] = (PORT_GROUP*)po->dat a;
} }
#endif
break; break;
} }
} }
} }
} }
if( ns_dst ) if( ns_dst )
{ {
for( node=sfghash_findfirst(ns_dst->pt_mpxo_hash); node; for( node=sfghash_findfirst(ns_dst->pt_mpxo_hash); node;
node=sfghash_findnext(ns_dst->pt_mpxo_hash) ) node=sfghash_findnext(ns_dst->pt_mpxo_hash) )
{ {
po = (PortObject2*)node->data; po = (PortObject2*)node->data;
if( !po ) continue; if( !po ) continue;
if( !po->data ) continue; if( !po->data ) continue;
#ifdef TARGET_BASED
/* Add up the total ns_dst rules */ /* Add up the total ns_dst rules */
prm->prmNumNoServiceDstRules += po->rule_hash->count; prm->prmNumNoServiceDstRules += po->rule_hash->count;
/* Increment the port group count */ /* Increment the port group count */
prm->prmNumNoServiceDstGroups ++; prm->prmNumNoServiceDstGroups ++;
#endif
/* Add this port group to the ns_dst table at each port that uses it */ /* Add this port group to the ns_dst table at each port that uses it */
for( poi = (PortObjectItem*)sflist_first(po->item_list); for( poi = (PortObjectItem*)sflist_first(po->item_list);
poi; poi;
poi = (PortObjectItem*)sflist_next(po->item_list) ) poi = (PortObjectItem*)sflist_next(po->item_list) )
{ {
switch(poi->type) switch(poi->type)
{ {
case PORT_OBJECT_ANY: case PORT_OBJECT_ANY:
break; break;
case PORT_OBJECT_PORT: case PORT_OBJECT_PORT:
#if 0 #if 0
/* This test is always true since poi->lport is a 16 bit /* This test is always true since poi->lport is a 16 bit
* int and MAX_PORTS is 64K. If this relationship shoul d * int and MAX_PORTS is 64K. If this relationship shoul d
* change, the test should be compiled back in. * change, the test should be compiled back in.
*/ */
if( poi->lport < MAX_PORTS ) if( poi->lport < MAX_PORTS )
#endif #endif
#ifdef TARGET_BASED
prm->prmNoServiceDstPort[ poi->lport ] = (PORT_GROUP *)po->data; prm->prmNoServiceDstPort[ poi->lport ] = (PORT_GROUP *)po->data;
#endif
break; break;
case PORT_OBJECT_RANGE: case PORT_OBJECT_RANGE:
#ifdef TARGET_BASED
for(i= poi->lport;i<= poi->hport;i++ ) for(i= poi->lport;i<= poi->hport;i++ )
{ {
prm->prmNoServiceDstPort[ i ] = (PORT_GROUP*)po->dat a; prm->prmNoServiceDstPort[ i ] = (PORT_GROUP*)po->dat a;
} }
#endif
break; break;
} }
} }
} }
} }
return 0; return 0;
} }
/* /*
* Create and initialize the rule maps * Create and initialize the rule maps
*/ */
static int fpCreateRuleMaps(SnortConfig *sc, rule_port_tables_t *p) static int fpCreateRuleMaps(SnortConfig *sc, rule_port_tables_t *p)
{ {
sc->prmTcpRTNX = prmNewMap(); sc->prmTcpRTNX = prmNewMap();
if (sc->prmTcpRTNX == NULL) if (sc->prmTcpRTNX == NULL)
return 1; return 1;
#ifdef TARGET_BASED
if (fpCreateInitRuleMap(sc->prmTcpRTNX, p->tcp_src, p->tcp_dst, p->tcp_anyan y, p->tcp_nocontent, p->ns_tcp_src, p->ns_tcp_dst )) if (fpCreateInitRuleMap(sc->prmTcpRTNX, p->tcp_src, p->tcp_dst, p->tcp_anyan y, p->tcp_nocontent, p->ns_tcp_src, p->ns_tcp_dst ))
return -1; return -1;
#endif
sc->prmUdpRTNX = prmNewMap(); sc->prmUdpRTNX = prmNewMap();
if (sc->prmUdpRTNX == NULL) if (sc->prmUdpRTNX == NULL)
return -1; return -1;
#ifdef TARGET_BASED
if (fpCreateInitRuleMap(sc->prmUdpRTNX, p->udp_src, p->udp_dst, p->udp_anyan y, p->udp_nocontent, p->ns_udp_src, p->ns_udp_dst)) if (fpCreateInitRuleMap(sc->prmUdpRTNX, p->udp_src, p->udp_dst, p->udp_anyan y, p->udp_nocontent, p->ns_udp_src, p->ns_udp_dst))
return -1; return -1;
#endif
sc->prmIpRTNX = prmNewMap(); sc->prmIpRTNX = prmNewMap();
if (sc->prmIpRTNX == NULL) if (sc->prmIpRTNX == NULL)
return 1; return 1;
#ifdef TARGET_BASED
if (fpCreateInitRuleMap(sc->prmIpRTNX, p->ip_src, p->ip_dst, p->ip_anyany, p ->ip_nocontent, p->ns_ip_src, p->ns_ip_dst)) if (fpCreateInitRuleMap(sc->prmIpRTNX, p->ip_src, p->ip_dst, p->ip_anyany, p ->ip_nocontent, p->ns_ip_src, p->ns_ip_dst))
return -1; return -1;
#endif
sc->prmIcmpRTNX = prmNewMap(); sc->prmIcmpRTNX = prmNewMap();
if (sc->prmIcmpRTNX == NULL) if (sc->prmIcmpRTNX == NULL)
return 1; return 1;
#ifdef TARGET_BASED
if (fpCreateInitRuleMap(sc->prmIcmpRTNX, p->icmp_src, p->icmp_dst, p->icmp_a nyany, p->icmp_nocontent, p->ns_icmp_src, p->ns_icmp_dst)) if (fpCreateInitRuleMap(sc->prmIcmpRTNX, p->icmp_src, p->icmp_dst, p->icmp_a nyany, p->icmp_nocontent, p->ns_icmp_src, p->ns_icmp_dst))
return -1; return -1;
#endif
return 0; return 0;
} }
static void fpFreeRuleMaps(SnortConfig *sc) static void fpFreeRuleMaps(SnortConfig *sc)
{ {
if (sc == NULL) if (sc == NULL)
return; return;
if (sc->prmTcpRTNX != NULL) if (sc->prmTcpRTNX != NULL)
 End of changes. 22 change blocks. 
1 lines changed or deleted 22 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)