"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "src/stream/base/stream_module.cc" between
snort3-3.1.36.0.tar.gz and snort3-3.1.38.0.tar.gz

About: Snort 3 is a network intrusion prevention and detection system (IDS/IPS) combining the benefits of signature, protocol and anomaly-based inspection.

stream_module.cc  (snort3-3.1.36.0):stream_module.cc  (snort3-3.1.38.0)
skipping to change at line 55 skipping to change at line 55
}; };
#endif #endif
THREAD_LOCAL const Trace* stream_trace = nullptr; THREAD_LOCAL const Trace* stream_trace = nullptr;
static THREAD_LOCAL timeval reload_time { }; static THREAD_LOCAL timeval reload_time { };
//------------------------------------------------------------------------- //-------------------------------------------------------------------------
// stream module // stream module
//------------------------------------------------------------------------- //-------------------------------------------------------------------------
#define FLOW_TYPE_PARAMS(name, idle, weight) \ #define FLOW_TYPE_PARAMS(name, idle) \
static const Parameter name[] = \ static const Parameter name[] = \
{ \ { \
{ "idle_timeout", Parameter::PT_INT, "1:max32", idle, \ { "idle_timeout", Parameter::PT_INT, "1:max32", idle, \
"maximum inactive time before retiring session tracker" }, \ "maximum inactive time before retiring session tracker" }, \
\ \
{ "cap_weight", Parameter::PT_INT, "0:65535", weight, \
"additional bytes to track per flow for better estimation against cap" },
\
\
{ nullptr, Parameter::PT_MAX, nullptr, nullptr, nullptr } \ { nullptr, Parameter::PT_MAX, nullptr, nullptr, nullptr } \
} }
FLOW_TYPE_PARAMS(ip_params, "180", "0"); FLOW_TYPE_PARAMS(ip_params, "180");
FLOW_TYPE_PARAMS(icmp_params, "180", "0"); FLOW_TYPE_PARAMS(icmp_params, "180");
FLOW_TYPE_PARAMS(tcp_params, "3600", "11000"); FLOW_TYPE_PARAMS(tcp_params, "3600");
FLOW_TYPE_PARAMS(udp_params, "180", "0"); FLOW_TYPE_PARAMS(udp_params, "180");
FLOW_TYPE_PARAMS(user_params,"180", "0"); FLOW_TYPE_PARAMS(user_params,"180");
FLOW_TYPE_PARAMS(file_params, "180", "32"); FLOW_TYPE_PARAMS(file_params, "180");
#define FLOW_TYPE_TABLE(flow_type, proto, params) \ #define FLOW_TYPE_TABLE(flow_type, proto, params) \
{ flow_type, Parameter::PT_TABLE, params, nullptr, \ { flow_type, Parameter::PT_TABLE, params, nullptr, \
"configure " proto " cache limits" } "configure " proto " cache limits" }
static const Parameter s_params[] = static const Parameter s_params[] =
{ {
#ifdef REG_TEST #ifdef REG_TEST
{ "footprint", Parameter::PT_INT, "0:max32", "0", { "footprint", Parameter::PT_INT, "0:max32", "0",
"use zero for production, non-zero for testing at given size (for TCP and user)" }, "use zero for production, non-zero for testing at given size (for TCP and user)" },
skipping to change at line 212 skipping to change at line 209
else if ( strstr(fqn, "user_cache") ) else if ( strstr(fqn, "user_cache") )
type = PktType::USER; type = PktType::USER;
else if ( strstr(fqn, "file_cache") ) else if ( strstr(fqn, "file_cache") )
type = PktType::FILE; type = PktType::FILE;
else else
return false; return false;
if ( v.is("idle_timeout") ) if ( v.is("idle_timeout") )
config.flow_cache_cfg.proto[to_utype(type)].nominal_timeout = v.get_uint 32(); config.flow_cache_cfg.proto[to_utype(type)].nominal_timeout = v.get_uint 32();
else if ( v.is("cap_weight") )
config.flow_cache_cfg.proto[to_utype(type)].cap_weight = v.get_uint16();
return true; return true;
} }
bool StreamModule::end(const char* fqn, int, SnortConfig* sc) bool StreamModule::end(const char* fqn, int, SnortConfig* sc)
{ {
if ( Snort::is_reloading() && strcmp(fqn, MOD_NAME) == 0 ) if ( Snort::is_reloading() && strcmp(fqn, MOD_NAME) == 0 )
{ {
StreamReloadResourceManager* reload_resource_manager = new StreamReloadR esourceManager; StreamReloadResourceManager* reload_resource_manager = new StreamReloadR esourceManager;
if (reload_resource_manager->initialize(config)) if (reload_resource_manager->initialize(config))
sc->register_reload_handler(reload_resource_manager); sc->register_reload_handler(reload_resource_manager);
skipping to change at line 357 skipping to change at line 351
void StreamModuleConfig::show() const void StreamModuleConfig::show() const
{ {
ConfigLogger::log_value("max_flows", flow_cache_cfg.max_flows); ConfigLogger::log_value("max_flows", flow_cache_cfg.max_flows);
ConfigLogger::log_value("max_aux_ip", SnortConfig::get_conf()->max_aux_ip); ConfigLogger::log_value("max_aux_ip", SnortConfig::get_conf()->max_aux_ip);
ConfigLogger::log_value("pruning_timeout", flow_cache_cfg.pruning_timeout); ConfigLogger::log_value("pruning_timeout", flow_cache_cfg.pruning_timeout);
for (int i = to_utype(PktType::IP); i < to_utype(PktType::PDU); ++i) for (int i = to_utype(PktType::IP); i < to_utype(PktType::PDU); ++i)
{ {
std::string tmp; std::string tmp;
tmp += "{ idle_timeout = " + std::to_string(flow_cache_cfg.proto[i].nomi nal_timeout); tmp += "{ idle_timeout = " + std::to_string(flow_cache_cfg.proto[i].nomi nal_timeout);
tmp += ", cap_weight = " + std::to_string(flow_cache_cfg.proto[i].cap_we ight);
tmp += " }"; tmp += " }";
ConfigLogger::log_value(flow_type_names[i], tmp.c_str()); ConfigLogger::log_value(flow_type_names[i], tmp.c_str());
} }
} }
bool HPQReloadTuner::tinit() bool HPQReloadTuner::tinit()
{ {
packet_gettimeofday(&reload_time); packet_gettimeofday(&reload_time);
return TcpStreamTracker::adjust_expiration(held_packet_timeout, reload_time) ; return TcpStreamTracker::adjust_expiration(held_packet_timeout, reload_time) ;
 End of changes. 5 change blocks. 
15 lines changed or deleted 7 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)