SnortExtras: src/codecs/cd_linux_sll/cd_linux_sll.cc

"Fossies" - the Fresh Open Source Software Archive

Member "snort3_extra-3.1.51.0/src/codecs/cd_linux_sll/cd_linux_sll.cc" (20 Dec 2022, 2925 Bytes) of package /linux/misc/snort3_extra-3.1.51.0.tar.gz:

As a special service "Fossies" has tried to format the requested source page into HTML format using (guessed) C and C++ source code syntax highlighting (style: standard) with prefixed line numbers and code folding option. Alternatively you can here view or download the uninterpreted source code file. For more information about "cd_linux_sll.cc" see the Fossies "Dox" file reference documentation.

1 //-------------------------------------------------------------------------- 2 // Copyright (C) 2014-2022 Cisco and/or its affiliates. All rights reserved. 3 // 4 // This program is free software; you can redistribute it and/or modify it 5 // under the terms of the GNU General Public License Version 2 as published 6 // by the Free Software Foundation. You may not use, modify or distribute 7 // this program under any other version of the GNU General Public License. 8 // 9 // This program is distributed in the hope that it will be useful, but 10 // WITHOUT ANY WARRANTY; without even the implied warranty of 11 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 12 // General Public License for more details. 13 // 14 // You should have received a copy of the GNU General Public License along 15 // with this program; if not, write to the Free Software Foundation, Inc., 16 // 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. 17 //-------------------------------------------------------------------------- 18 // cd_linux_sll.cc author Josh Rosenbaum <jrosenba@cisco.com> 19 20 #include <daq_dlt.h> 21 22 #include "framework/codec.h" 23 #include "protocols/linux_sll.h" 24 25 #define CD_LINUX_SLL_NAME "linux_sll" 26 #define CD_LINUX_SLL_HELP_STR "support for Linux SLL" 27 #define CD_LINUX_SLL_HELP ADD_DLT(CD_LINUX_SLL_HELP_STR, DLT_LINUX_SLL) 28 29 using namespace snort; 30 31 namespace 32 { 33 class LinuxSllCodec : public Codec 34 { 35 public: 36 LinuxSllCodec() : Codec(CD_LINUX_SLL_NAME) { } 37 38 void get_data_link_type(std::vector<int>&) override; 39 bool decode(const RawData&, CodecData&, DecodeData&) override; 40 }; 41 } // namespace 42 43 void LinuxSllCodec::get_data_link_type(std::vector<int>& v) 44 { 45 v.push_back(DLT_LINUX_SLL); 46 } 47 48 bool LinuxSllCodec::decode(const RawData& raw, CodecData& data, DecodeData&) 49 { 50 /* do a little validation */ 51 if (raw.len < linux_sll::SLL_HDR_LEN) 52 return false; 53 54 /* lay the ethernet structure over the packet data */ 55 const linux_sll::SLLHdr* const sllh = reinterpret_cast<const linux_sll::SLLHdr*>(raw.data); 56 57 /* grab out the network type */ 58 data.next_prot_id = static_cast<ProtocolId>(ntohs(sllh->sll_protocol)); 59 data.lyr_len = linux_sll::SLL_HDR_LEN; 60 data.codec_flags |= CODEC_ETHER_NEXT; 61 return true; 62 } 63 64 //------------------------------------------------------------------------- 65 // api 66 //------------------------------------------------------------------------- 67 68 static Codec* ctor(Module*) 69 { return new LinuxSllCodec(); } 70 71 static void dtor(Codec* cd) 72 { delete cd; } 73 74 static const CodecApi linux_ssl_api = 75 { 76 { 77 PT_CODEC, 78 sizeof(CodecApi), 79 CDAPI_VERSION, 80 0, 81 API_RESERVED, 82 API_OPTIONS, 83 CD_LINUX_SLL_NAME, 84 CD_LINUX_SLL_HELP, 85 nullptr, 86 nullptr, 87 }, 88 nullptr, 89 nullptr, 90 nullptr, 91 nullptr, 92 ctor, 93 dtor, 94 }; 95 96 SO_PUBLIC const BaseApi* snort_plugins[] = 97 { 98 &linux_ssl_api.base, 99 nullptr 100 };