snort  2.9.17
About: Snort is a network intrusion prevention and detection system (IDS/IPS) combining the benefits of signature, protocol and anomaly-based inspection.
  Fossies Dox: snort-2.9.17.tar.gz  ("unofficial" and yet experimental doxygen-generated source code documentation)  
Macros | Enumerations | Functions | Variables
luaDetectorApi.c File Reference
#include <stdio.h>
#include <errno.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <unistd.h>
#include <inttypes.h>
#include <assert.h>
#include "client_app_base.h"
#include "service_base.h"
#include "luaDetectorApi.h"
#include "luaDetectorModule.h"
#include "luaDetectorFlowApi.h"
#include <pcre.h>
#include "httpCommon.h"
#include "sf_multi_mpse.h"
#include "fw_appid.h"
#include "http_url_patterns.h"
#include "service_ssl.h"
#include "hostPortAppCache.h"
#include "appInfoTable.h"
#include "ip_funcs.h"
#include "lengthAppCache.h"
#include "detector_dns.h"
#include "app_forecast.h"
#include "detector_pattern.h"
#include "detector_cip.h"
Include dependency graph for luaDetectorApi.c:

Go to the source code of this file.

Macros

#define DETECTOR   "Detector"
 
#define OVECCOUNT   30 /* should be a multiple of 3 */
 
#define URL_LIST_STEP_SIZE   5000
 

Enumerations

enum  LUA_LOG_LEVELS {
  LUA_LOG_CRITICAL = 0, LUA_LOG_ERR = 1, LUA_LOG_WARN = 2, LUA_LOG_NOTICE = 3,
  LUA_LOG_INFO = 4, LUA_LOG_DEBUG = 5
}
 

Functions

static void FreeDetectorAppUrlPattern (DetectorAppUrlPattern *pattern)
 
static DetectorUserDatatoDetectorUserData (lua_State *L, int index)
 
DetectorUserDatacheckDetectorUserData (lua_State *L, int index)
 
static DetectorUserDatapushDetectorUserData (lua_State *L)
 
DetectorcreateDetector (lua_State *L, const char *detectorName)
 
void freeDetector (Detector *detector)
 
int detector_Callback (const uint8_t *data, uint16_t size, const int dir, tAppIdData *flowp, const SFSnortPacket *pkt, Detector *detector, const tAppIdConfig *pConfig)
 
static int Detector_registerClientCallback (lua_State *L)
 
static int Detector_registerServiceCallback (lua_State *L)
 
static int storeLuaString (const char *LuaString, char **CString)
 
int checkServiceElement (Detector *detector)
 
static int service_init (lua_State *L)
 
static int service_registerPattern (lua_State *L)
 
static int common_registerAppId (lua_State *L)
 
static int Detector_htons (lua_State *L)
 
static int Detector_htonl (lua_State *L)
 
static int Detector_logMessage (lua_State *L)
 
static int service_analyzePayload (lua_State *L)
 
int validateAnyService (ServiceValidationArgs *args)
 
static int service_getServiceId (lua_State *L)
 
static int service_addPorts (lua_State *L)
 
static int service_removePorts (lua_State *L)
 
void detectorRemoveAllPorts (Detector *detector, tAppIdConfig *pConfig)
 
static int service_setServiceName (lua_State *L)
 
static int service_getServiceName (lua_State *L)
 
static int service_isCustomDetector (lua_State *L)
 
static int service_setValidator (lua_State *L)
 
static int service_addDataId (lua_State *L)
 
static int service_addService (lua_State *L)
 
static int service_failService (lua_State *L)
 
static int service_inProcessService (lua_State *L)
 
static int service_inCompatibleData (lua_State *L)
 
static int Detector_getPacketSize (lua_State *L)
 
static int Detector_getPacketDir (lua_State *L)
 
static int Detector_getPcreGroups (lua_State *L)
 
static int Detector_memcmp (lua_State *L)
 
static int Detector_getProtocolType (lua_State *L)
 
static int Detector_getPktSrcIPAddr (lua_State *L)
 
static int Detector_getPktSrcPort (lua_State *L)
 
static int Detector_getPktDstPort (lua_State *L)
 
static int Detector_getPktDstIPAddr (lua_State *L)
 
static int Detector_getPktCount (lua_State *L)
 
int validateAnyClientApp (const uint8_t *data, uint16_t size, const int dir, tAppIdData *flowp, SFSnortPacket *pkt, Detector *detector, const tAppIdConfig *pConfig)
 
static int client_registerPattern (lua_State *L)
 
static int client_init (lua_State *L)
 
static int service_addClient (lua_State *L)
 
static int client_addApp (lua_State *L)
 
static int client_addInfo (lua_State *L)
 
static int client_addUser (lua_State *L)
 
static int client_addPayload (lua_State *L)
 
static int Detector_getFlow (lua_State *L)
 
int Detector_addHttpPattern (lua_State *L)
 
int Detector_addSSLCertPattern (lua_State *L)
 
int Detector_addDNSHostPattern (lua_State *L)
 
static int Detector_addSSLCnamePattern (lua_State *L)
 
static int Detector_addHostPortApp (lua_State *L)
 
static int Detector_addHostPortAppDynamic (lua_State *L)
 
static int Detector_addContentTypePattern (lua_State *L)
 
static int GetDetectorUserData (lua_State *L, int index, DetectorUserData **detector_user_data, const char *errorString)
 
static int detector_create_chp_app (DetectorUserData *detectorUserData, tAppId appIdInstance, unsigned app_type_flags, int num_matches)
 
static int Detector_CHPCreateApp (lua_State *L)
 
static int CHPGetKeyPatternBoolean (lua_State *L, int index)
 
static int CHPGetPatternType (lua_State *L, int index, PatternType *pattern_type)
 
static int CHPGetPatternDataAndSize (lua_State *L, int index, char **pattern_data, size_t *pattern_size)
 
static int CHPGetActionType (lua_State *L, int index, ActionType *action_type)
 
static int CHPGetActionData (lua_State *L, int index, char **action_data)
 
static int detector_add_chp_action (DetectorUserData *detectorUserData, tAppId appIdInstance, int isKeyPattern, PatternType patternType, size_t patternSize, char *patternData, ActionType actionType, char *optionalActionData)
 
static int Detector_CHPAddAction (lua_State *L)
 
static int Detector_CHPMultiCreateApp (lua_State *L)
 
static int Detector_CHPMultiAddAction (lua_State *L)
 
static int Detector_portOnlyService (lua_State *L)
 
static int Detector_lengthAppCacheAdd (lua_State *L)
 
static int Detector_AFAddApp (lua_State *L)
 
static int Detector_addAppUrl (lua_State *L)
 
static int Detector_addRTMPUrl (lua_State *L)
 
static int Detector_addSipUserAgent (lua_State *L)
 
static int openCreateApp (lua_State *L)
 
static int openAddClientApp (lua_State *L)
 
static int openAddServiceApp (lua_State *L)
 
static int openAddPayloadApp (lua_State *L)
 
int openAddHttpPattern (lua_State *L)
 
static int openAddUrlPattern (lua_State *L)
 
void CleanClientPortPatternList (tAppIdConfig *pConfig)
 
void CleanServicePortPatternList (tAppIdConfig *pConfig)
 
static int addPortPatternClient (lua_State *L)
 
static int addPortPatternService (lua_State *L)
 
static int Detector_addSipServer (lua_State *L)
 
static int ConvertStringToAddress (const char *string, sfaddr_t *address)
 
static int createFutureFlow (lua_State *L)
 
static int isMidStreamSession (lua_State *L)
 
static int isHttpTunnel (lua_State *L)
 
static int getHttpTunneledIp (lua_State *L)
 
static int getHttpTunneledPort (lua_State *L)
 
static int Detector_addCipConnectionClass (lua_State *L)
 
static int Detector_addCipPath (lua_State *L)
 
static int Detector_addCipSetAttribute (lua_State *L)
 
static int Detector_addCipExtendedSymbolService (lua_State *L)
 
static int Detector_addCipService (lua_State *L)
 
static int Detector_addEnipCommand (lua_State *L)
 
void Detector_fini (void *data)
 
static int Detector_gc (lua_State *L)
 
static int Detector_tostring (lua_State *L)
 
int Detector_register (lua_State *L)
 
static void FreeHTTPListElement (HTTPListElement *element)
 
static void FreeCHPAppListElement (CHPListElement *element)
 
void CleanHttpPatternLists (tAppIdConfig *pConfig)
 

Variables

static ThrottleInfo error_throttleInfo = {0,30,0}
 
static const luaL_Reg Detector_methods []
 
static const luaL_Reg Detector_meta []
 

Function Documentation

◆ CleanHttpPatternLists()

void CleanHttpPatternLists ( tAppIdConfig pConfig)

Definition at line 4709 of file luaDetectorApi.c.

References DetectorAppUrlListStruct::allocatedCount, _HttpPatternLists::appUrlList, _HttpPatternLists::chpList, _HttpPatternLists::clientAgentPatternList, _HttpPatternLists::contentTypePatternList, FreeCHPAppListElement(), FreeDetectorAppUrlPattern(), FreeHTTPListElement(), _HttpPatternLists::hostPayloadPatternList, appIdConfig_::httpPatternLists, HTTPListElementStruct::next, _CHPListElement::next, NULL, _HttpPatternLists::RTMPUrlList, DetectorAppUrlListStruct::urlPattern, _HttpPatternLists::urlPatternList, and DetectorAppUrlListStruct::usedCount.

Referenced by CleanupClientApp(), and UnconfigureClientApp().

◆ FreeCHPAppListElement()

static void FreeCHPAppListElement ( CHPListElement element)
static

Definition at line 4683 of file luaDetectorApi.c.

References _CHPAction::action_data, _CHPListElement::chp_action, and _CHPAction::pattern.

Referenced by CleanHttpPatternLists().

◆ FreeHTTPListElement()

static void FreeHTTPListElement ( HTTPListElement element)
static

Definition at line 4673 of file luaDetectorApi.c.

References HTTPListElementStruct::detectorHTTPPattern, and DetectorHTTPPattern::pattern.

Referenced by CleanHttpPatternLists().