"Fossies" - the Fresh Open Source Software Archive

Member "snort-2.9.17/src/dynamic-preprocessors/s7commplus/s7comm_paf.h" (16 Oct 2020, 2269 Bytes) of package /linux/misc/snort-2.9.17.tar.gz:


As a special service "Fossies" has tried to format the requested source page into HTML format using (guessed) C and C++ source code syntax highlighting (style: standard) with prefixed line numbers and code folding option. Alternatively you can here view or download the uninterpreted source code file. For more information about "s7comm_paf.h" see the Fossies "Dox" file reference documentation.

    1 /*
    2  * This program is free software; you can redistribute it and/or modify
    3  * it under the terms of the GNU General Public License Version 2 as
    4  * published by the Free Software Foundation.  You may not use, modify or
    5  * distribute this program under any other version of the GNU General
    6  * Public License.
    7  *
    8  * This program is distributed in the hope that it will be useful,
    9  * but WITHOUT ANY WARRANTY; without even the implied warranty of
   10  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
   11  * GNU General Public License for more details.
   12  *
   13  * You should have received a copy of the GNU General Public License
   14  * along with this program; if not, write to the Free Software
   15  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
   16  *
   17  * Copyright (C) 2020-2020 Cisco and/or its affiliates. All rights reserved.
   18  *
   19  * Authors: Jeffrey Gu <jgu@cisco.com>, Pradeep Damodharan <prdamodh@cisco.com>
   20  *
   21  * Protocol-Aware Flushing (PAF) code for the S7commplus preprocessor.
   22  *
   23  */
   24 
   25 #ifndef S7COMM_PAF__H
   26 #define S7COMM_PAF__H
   27 
   28 #include "spp_s7comm.h"
   29 #include "stream_api.h"
   30 
   31 typedef enum _s7commplus_paf_state
   32 {
   33     S7COMMPLUS_PAF_STATE__TPKT_VER = 0,
   34     S7COMMPLUS_PAF_STATE__TPKT_RESERVED,
   35     S7COMMPLUS_PAF_STATE__TPKT_LEN_1,
   36     S7COMMPLUS_PAF_STATE__TPKT_LEN_2,
   37     S7COMMPLUS_PAF_STATE__COPT_LEN,
   38     S7COMMPLUS_PAF_STATE__COPT_PDU_TYPE,
   39     S7COMMPLUS_PAF_STATE__SET_FLUSH
   40 } s7commplus_paf_state_t;
   41 
   42 typedef struct _s7commplus_paf_data
   43 {
   44     s7commplus_paf_state_t state;
   45     uint16_t tpkt_length;
   46 } s7commplus_paf_data_t;
   47 
   48 void S7commplusAddPortsToPaf(struct _SnortConfig *sc, s7commplus_config_t *config, tSfPolicyId policy_id);
   49 int S7commplusPafRegisterPort(struct _SnortConfig *sc, uint16_t port, tSfPolicyId policy_id);
   50 int S7commplusAddServiceToPaf(struct _SnortConfig *sc, uint16_t service, tSfPolicyId policy_id);
   51 PAF_Status S7commplusPaf(void *ssn, void **user, const uint8_t *data,
   52         uint32_t len, uint32_t flags, uint32_t *fp, uint32_t *fp_eoh);
   53 static inline bool S7commplusIsPafActive(const SFSnortPacket *p)
   54 {
   55     bool to_server = (p->flags & FLAG_FROM_CLIENT)? true:false;
   56     if ((p->stream_session_ptr)
   57             && _dpd.streamAPI->is_paf_active(p->stream_session_ptr, to_server))
   58         return true;
   59 
   60     return false;
   61 }
   62 #endif /* S7COMMPLUS_PAF__H */