"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "src/network_inspectors/appid/client_plugins/eve_ca_patterns.cc" between
snort3-3.1.31.0.tar.gz and snort3-3.1.32.0.tar.gz

About: Snort 3 is a network intrusion prevention and detection system (IDS/IPS) combining the benefits of signature, protocol and anomaly-based inspection.

eve_ca_patterns.cc  (snort3-3.1.31.0):eve_ca_patterns.cc  (snort3-3.1.32.0)
skipping to change at line 30 skipping to change at line 30
#ifdef HAVE_CONFIG_H #ifdef HAVE_CONFIG_H
#include "config.h" #include "config.h"
#endif #endif
#include "eve_ca_patterns.h" #include "eve_ca_patterns.h"
#include <algorithm> #include <algorithm>
#include "log/messages.h" #include "log/messages.h"
#include "managers/inspector_manager.h"
#include "utils/util.h" #include "utils/util.h"
#include "appid_debug.h" #include "appid_debug.h"
#include "appid_inspector.h"
using namespace snort; using namespace snort;
using namespace std; using namespace std;
void EveCaPatternMatchers::add_eve_ca_pattern(AppId app_id, const string& patter n_str, void EveCaPatternMatchers::add_eve_ca_pattern(AppId app_id, const string& patter n_str,
uint8_t confidence, const string& detector) uint8_t confidence, const string& detector)
{ {
auto match = find_if(eve_ca_load_list.begin(), eve_ca_load_list.end(), auto match = find_if(eve_ca_load_list.begin(), eve_ca_load_list.end(),
[pattern_str] (EveCaPattern* eve_ca) { return eve_ca->pattern == pattern _str; }); [pattern_str] (EveCaPattern* eve_ca) { return eve_ca->pattern == pattern _str; });
if (match != eve_ca_load_list.end()) if (match != eve_ca_load_list.end())
skipping to change at line 111 skipping to change at line 113
eve_ca_load_list.clear(); eve_ca_load_list.clear();
} }
void EveCaPatternMatchers::finalize_patterns() void EveCaPatternMatchers::finalize_patterns()
{ {
for (auto& p : eve_ca_load_list) for (auto& p : eve_ca_load_list)
{ {
eve_ca_pattern_matcher.add(p->pattern.data(), p->pattern.size(), p, true ); eve_ca_pattern_matcher.add(p->pattern.data(), p->pattern.size(), p, true );
#ifdef REG_TEST #ifdef REG_TEST
AppIdInspector* inspector =
(AppIdInspector*) InspectorManager::get_inspector(MOD_NAME, true);
if (inspector and inspector->get_ctxt().config.log_eve_process_client_ma
ppings)
LogMessage("Adding EVE Client App pattern %d %s %d\n", LogMessage("Adding EVE Client App pattern %d %s %d\n",
p->app_id, p->pattern.c_str(), p->confidence); p->app_id, p->pattern.c_str(), p->confidence);
#endif #endif
} }
eve_ca_pattern_matcher.prep(); eve_ca_pattern_matcher.prep();
} }
void EveCaPatternMatchers::reload_patterns() void EveCaPatternMatchers::reload_patterns()
{ {
eve_ca_pattern_matcher.reload(); eve_ca_pattern_matcher.reload();
 End of changes. 3 change blocks. 
0 lines changed or deleted 6 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)