aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Alert file formatting clean up.

Browse Source 
Put { on new line for function declarations. Remove space after function
name.

Add static to unit tests delcaration.
pull/822/head
Ken Steele 12 years ago
parent 1ac805f1b3
commit 235cd0211a
12 changed files with 82 additions and 73 deletions
Show Stats Download Patch File Download Diff File

2
src/alert-debuglog.c
Unescape Escape View File

@ -1,4 +1,4 @@
/* Copyright (C) 2007-2013 Open Information Security Foundation
/* Copyright (C) 2007-2014 Open Information Security Foundation
*
* You can copy, redistribute or modify this Program under the terms of
* the GNU General Public License version 2 as published by the Free

2
src/alert-debuglog.h
Unescape Escape View File

@ -1,4 +1,4 @@
/* Copyright (C) 2007-2010 Open Information Security Foundation
/* Copyright (C) 2007-2014 Open Information Security Foundation
*
* You can copy, redistribute or modify this Program under the terms of
* the GNU General Public License version 2 as published by the Free

9
src/alert-fastlog.c
Unescape Escape View File

@ -1,4 +1,4 @@
/* Copyright (C) 2007-2013 Open Information Security Foundation
/* Copyright (C) 2007-2014 Open Information Security Foundation
*
* You can copy, redistribute or modify this Program under the terms of
* the GNU General Public License version 2 as published by the Free
@ -197,7 +197,8 @@ TmEcode AlertFastLogThreadDeinit(ThreadVars *t, void *data)
return TM_ECODE_OK;
}
void AlertFastLogExitPrintStats(ThreadVars *tv, void *data) {
void AlertFastLogExitPrintStats(ThreadVars *tv, void *data)
{
AlertFastLogThread *aft = (AlertFastLogThread *)data;
if (aft == NULL) {
return;
@ -244,7 +245,7 @@ static void AlertFastLogDeInitCtx(OutputCtx *output_ctx)
#ifdef UNITTESTS
int AlertFastLogTest01()
static int AlertFastLogTest01()
{
int result = 0;
uint8_t *buf = (uint8_t *) "GET /one/ HTTP/1.1\r\n"
@ -292,7 +293,7 @@ int AlertFastLogTest01()
return result;
}
int AlertFastLogTest02()
static int AlertFastLogTest02()
{
int result = 0;
uint8_t *buf = (uint8_t *) "GET /one/ HTTP/1.1\r\n"

8
src/alert-fastlog.h
Unescape Escape View File

@ -1,4 +1,4 @@
/* Copyright (C) 2007-2010 Open Information Security Foundation
/* Copyright (C) 2007-2014 Open Information Security Foundation
*
* You can copy, redistribute or modify this Program under the terms of
* the GNU General Public License version 2 as published by the Free
@ -24,9 +24,9 @@
#ifndef __ALERT_FASTLOG_H__
#define __ALERT_FASTLOG_H__
void TmModuleAlertFastLogRegister (void);
void TmModuleAlertFastLogIPv4Register (void);
void TmModuleAlertFastLogIPv6Register (void);
void TmModuleAlertFastLogRegister(void);
void TmModuleAlertFastLogIPv4Register(void);
void TmModuleAlertFastLogIPv6Register(void);
OutputCtx *AlertFastLogInitCtx(ConfNode *);
#endif /* __ALERT_FASTLOG_H__ */

2
src/alert-pcapinfo.c
Unescape Escape View File

@ -1,4 +1,4 @@
/* Copyright (C) 2011 Open Information Security Foundation
/* Copyright (C) 2011-2014 Open Information Security Foundation
*
* You can copy, redistribute or modify this Program under the terms of
* the GNU General Public License version 2 as published by the Free

2
src/alert-pcapinfo.h
Unescape Escape View File

@ -1,4 +1,4 @@
/* Copyright (C) 2011 Open Information Security Foundation
/* Copyright (C) 2011-2014 Open Information Security Foundation
*
* You can copy, redistribute or modify this Program under the terms of
* the GNU General Public License version 2 as published by the Free

77
src/alert-prelude.c
Unescape Escape View File

@ -1,4 +1,4 @@
/* Copyright (C) 2007-2010 Open Information Security Foundation
/* Copyright (C) 2007-2014 Open Information Security Foundation
*
* You can copy, redistribute or modify this Program under the terms of
* the GNU General Public License version 2 as published by the Free
@ -130,22 +130,22 @@ static int SetupAnalyzer(idmef_analyzer_t *analyzer)
SCEnter();
ret = idmef_analyzer_new_model(analyzer, &string);
if ( ret < 0 )
if (ret < 0)
SCReturnInt(ret);
prelude_string_set_constant(string, ANALYZER_MODEL);
ret = idmef_analyzer_new_class(analyzer, &string);
if ( ret < 0 )
if (ret < 0)
SCReturnInt(ret);
prelude_string_set_constant(string, ANALYZER_CLASS);
ret = idmef_analyzer_new_manufacturer(analyzer, &string);
if ( ret < 0 )
if (ret < 0)
SCReturnInt(ret);
prelude_string_set_constant(string, ANALYZER_MANUFACTURER);
ret = idmef_analyzer_new_version(analyzer, &string);
if ( ret < 0 )
if (ret < 0)
SCReturnInt(ret);
prelude_string_set_constant(string, VERSION);
@ -173,11 +173,11 @@ static int EventToImpact(const PacketAlert *pa, const Packet *p, idmef_alert_t *
SCEnter();
ret = idmef_alert_new_assessment(alert, &assessment);
if ( ret < 0 )
if (ret < 0)
SCReturnInt(ret);
ret = idmef_assessment_new_impact(assessment, &impact);
if ( ret < 0 )
if (ret < 0)
SCReturnInt(ret);
if ( (unsigned int)pa->s->prio < mid_priority )
@ -198,7 +198,7 @@ static int EventToImpact(const PacketAlert *pa, const Packet *p, idmef_alert_t *
idmef_action_t *action;
ret = idmef_action_new(&action);
if ( ret < 0 )
if (ret < 0)
SCReturnInt(ret);
idmef_action_set_category(action, IDMEF_ACTION_CATEGORY_BLOCK_INSTALLED);
@ -207,7 +207,7 @@ static int EventToImpact(const PacketAlert *pa, const Packet *p, idmef_alert_t *
if (pa->s->class_msg) {
ret = idmef_impact_new_description(impact, &str);
if ( ret < 0 )
if (ret < 0)
SCReturnInt(ret);
prelude_string_set_ref(str, pa->s->class_msg);
@ -258,11 +258,11 @@ static int EventToSourceTarget(const Packet *p, idmef_alert_t *alert)
SCReturnInt(0);
ret = idmef_alert_new_source(alert, &source, IDMEF_LIST_APPEND);
if ( ret < 0 )
if (ret < 0)
SCReturnInt(ret);
ret = idmef_source_new_service(source, &service);
if ( ret < 0 )
if (ret < 0)
SCReturnInt(ret);
if ( p->tcph || p->udph )
@ -272,25 +272,25 @@ static int EventToSourceTarget(const Packet *p, idmef_alert_t *alert)
idmef_service_set_iana_protocol_number(service, ip_proto);
ret = idmef_source_new_node(source, &node);
if ( ret < 0 )
if (ret < 0)
SCReturnInt(ret);
ret = idmef_node_new_address(node, &address, IDMEF_LIST_APPEND);
if ( ret < 0 )
if (ret < 0)
SCReturnInt(ret);
ret = idmef_address_new_address(address, &string);
if ( ret < 0 )
if (ret < 0)
SCReturnInt(ret);
prelude_string_set_ref(string, saddr);
ret = idmef_alert_new_target(alert, &target, IDMEF_LIST_APPEND);
if ( ret < 0 )
if (ret < 0)
SCReturnInt(ret);
ret = idmef_target_new_service(target, &service);
if ( ret < 0 )
if (ret < 0)
SCReturnInt(ret);
if ( p->tcph || p->udph )
@ -300,15 +300,15 @@ static int EventToSourceTarget(const Packet *p, idmef_alert_t *alert)
idmef_service_set_iana_protocol_number(service, ip_proto);
ret = idmef_target_new_node(target, &node);
if ( ret < 0 )
if (ret < 0)
SCReturnInt(ret);
ret = idmef_node_new_address(node, &address, IDMEF_LIST_APPEND);
if ( ret < 0 )
if (ret < 0)
SCReturnInt(ret);
ret = idmef_address_new_address(address, &string);
if ( ret < 0 )
if (ret < 0)
SCReturnInt(ret);
prelude_string_set_ref(string, daddr);
@ -334,25 +334,25 @@ static int AddByteData(idmef_alert_t *alert, const char *meaning, const unsigned
SCReturnInt(0);
ret = idmef_alert_new_additional_data(alert, &ad, IDMEF_LIST_APPEND);
if ( ret < 0 )
if (ret < 0)
SCReturnInt(0);
ret = idmef_additional_data_set_byte_string_ref(ad, data, size);
if ( ret < 0 ) {
if (ret < 0) {
SCLogDebug("%s: error setting byte string data: %s.",
prelude_strsource(ret), prelude_strerror(ret));
SCReturnInt(-1);
}
ret = idmef_additional_data_new_meaning(ad, &str);
if ( ret < 0 ) {
if (ret < 0) {
SCLogDebug("%s: error creating additional-data meaning: %s.",
prelude_strsource(ret), prelude_strerror(ret));
SCReturnInt(-1);
}
ret = prelude_string_set_ref(str, meaning);
if ( ret < 0 ) {
if (ret < 0) {
SCLogDebug("%s: error setting byte string data meaning: %s.",
prelude_strsource(ret), prelude_strerror(ret));
SCReturnInt(-1);
@ -376,20 +376,20 @@ static int AddIntData(idmef_alert_t *alert, const char *meaning, uint32_t data)
SCEnter();
ret = idmef_alert_new_additional_data(alert, &ad, IDMEF_LIST_APPEND);
if ( ret < 0 )
if (ret < 0)
SCReturnInt(ret);
idmef_additional_data_set_integer(ad, data);
ret = idmef_additional_data_new_meaning(ad, &str);
if ( ret < 0 ) {
if (ret < 0) {
SCLogDebug("%s: error creating additional-data meaning: %s.",
prelude_strsource(ret), prelude_strerror(ret));
SCReturnInt(-1);
}
ret = prelude_string_set_ref(str, meaning);
if ( ret < 0 ) {
if (ret < 0) {
SCLogDebug("%s: error setting integer data meaning: %s.",
prelude_strsource(ret), prelude_strerror(ret));
SCReturnInt(-1);
@ -512,11 +512,11 @@ static int AddSnortReference(idmef_classification_t *class, int gen_id, int sig_
SCReturnInt(0);
ret = idmef_classification_new_reference(class, &ref, IDMEF_LIST_APPEND);
if ( ret < 0 )
if (ret < 0)
SCReturnInt(ret);
ret = idmef_reference_new_name(ref, &str);
if ( ret < 0 )
if (ret < 0)
SCReturnInt(ret);
idmef_reference_set_origin(ref, IDMEF_REFERENCE_ORIGIN_VENDOR_SPECIFIC);
@ -526,19 +526,19 @@ static int AddSnortReference(idmef_classification_t *class, int gen_id, int sig_
else
ret = prelude_string_sprintf(str, "%u:%u", gen_id, sig_id);
if ( ret < 0 )
if (ret < 0)
SCReturnInt(ret);
ret = idmef_reference_new_meaning(ref, &str);
if ( ret < 0 )
if (ret < 0)
SCReturnInt(ret);
ret = prelude_string_sprintf(str, "Snort Signature ID");
if ( ret < 0 )
if (ret < 0)
SCReturnInt(ret);
ret = idmef_reference_new_url(ref, &str);
if ( ret < 0 )
if (ret < 0)
SCReturnInt(ret);
if ( gen_id == 0 )
@ -565,18 +565,18 @@ static int EventToReference(const PacketAlert *pa, const Packet *p, idmef_classi
SCEnter();
ret = idmef_classification_new_ident(class, &str);
if ( ret < 0 )
if (ret < 0)
SCReturnInt(ret);
if ( pa->s->gid == 0 )
ret = prelude_string_sprintf(str, "%u", pa->s->id);
else
ret = prelude_string_sprintf(str, "%u:%u", pa->s->gid, pa->s->id);
if ( ret < 0 )
if (ret < 0)
SCReturnInt(ret);
ret = AddSnortReference(class, pa->s->gid, pa->s->id);
if ( ret < 0 )
if (ret < 0)
SCReturnInt(ret);
SCReturnInt(0);
@ -676,7 +676,7 @@ static OutputCtx *AlertPreludeInitCtx(ConfNode *conf)
SCEnter();
ret = prelude_init(0, NULL);
if ( ret < 0 ) {
if (ret < 0) {
prelude_perror(ret, "unable to initialize the prelude library");
SCReturnPtr(NULL, "AlertPreludeCtx");
}
@ -696,7 +696,7 @@ static OutputCtx *AlertPreludeInitCtx(ConfNode *conf)
}
ret = prelude_client_set_flags(client, prelude_client_get_flags(client) | PRELUDE_CLIENT_FLAGS_ASYNC_TIMER|PRELUDE_CLIENT_FLAGS_ASYNC_SEND);
if ( ret < 0 ) {
if (ret < 0) {
SCLogDebug("Unable to set asynchronous send and timer.");
prelude_client_destroy(client, PRELUDE_CLIENT_EXIT_STATUS_SUCCESS);
SCReturnPtr(NULL, "AlertPreludeCtx");
@ -705,7 +705,7 @@ static OutputCtx *AlertPreludeInitCtx(ConfNode *conf)
SetupAnalyzer(prelude_client_get_analyzer(client));
ret = prelude_client_start(client);
if ( ret < 0 ) {
if (ret < 0) {
prelude_perror(ret, "Unable to start prelude client");
prelude_client_destroy(client, PRELUDE_CLIENT_EXIT_STATUS_SUCCESS);
SCReturnPtr(NULL, "AlertPreludeCtx");
@ -864,7 +864,6 @@ err:
if (idmef != NULL)
idmef_message_destroy(idmef);
SCReturnInt(TM_ECODE_FAILED);
}
void TmModuleAlertPreludeRegister (void) {

2
src/alert-prelude.h
Unescape Escape View File

@ -1,4 +1,4 @@
/* Copyright (C) 2007-2010 Open Information Security Foundation
/* Copyright (C) 2007-2014 Open Information Security Foundation
*
* You can copy, redistribute or modify this Program under the terms of
* the GNU General Public License version 2 as published by the Free

2
src/alert-syslog.c
Unescape Escape View File

@ -1,4 +1,4 @@
/* Copyright (C) 2007-2010 Open Information Security Foundation
/* Copyright (C) 2007-2014 Open Information Security Foundation
*
* You can copy, redistribute or modify this Program under the terms of
* the GNU General Public License version 2 as published by the Free

4
src/alert-syslog.h
Unescape Escape View File

@ -1,4 +1,4 @@
/* Copyright (C) 2007-2010 Open Information Security Foundation
/* Copyright (C) 2007-2014 Open Information Security Foundation
*
* You can copy, redistribute or modify this Program under the terms of
* the GNU General Public License version 2 as published by the Free
@ -27,7 +27,7 @@
#ifndef __ALERT_SYSLOG_H__
#define __ALERT_SYSLOG_H__
void TmModuleAlertSyslogRegister (void);
void TmModuleAlertSyslogRegister(void);
#endif /* __ALERT_SYSLOG_H__ */

41
src/alert-unified2-alert.c
Unescape Escape View File

@ -1,4 +1,4 @@
/* Copyright (C) 2007-2013 Open Information Security Foundation
/* Copyright (C) 2007-2014 Open Information Security Foundation
*
* You can copy, redistribute or modify this Program under the terms of
* the GNU General Public License version 2 as published by the Free
@ -239,7 +239,7 @@ TmEcode Unified2AlertThreadDeinit(ThreadVars *, void *);
static int Unified2IPv4TypeAlert(ThreadVars *, const Packet *, void *);
static int Unified2IPv6TypeAlert(ThreadVars *, const Packet *, void *);
static int Unified2PacketTypeAlert(Unified2AlertThread *, const Packet *, uint32_t, int);
void Unified2RegisterTests();
void Unified2RegisterTests(void);
int Unified2AlertOpenFileCtx(LogFileCtx *, const char *);
static void Unified2AlertDeInitCtx(OutputCtx *);
@ -248,7 +248,8 @@ int Unified2Logger(ThreadVars *tv, void *data, const Packet *p);
#define MODULE_NAME "Unified2Alert"
void TmModuleUnified2AlertRegister (void) {
void TmModuleUnified2AlertRegister(void)
{
tmm_modules[TMM_ALERTUNIFIED2ALERT].name = MODULE_NAME;
tmm_modules[TMM_ALERTUNIFIED2ALERT].ThreadInit = Unified2AlertThreadInit;
// tmm_modules[TMM_ALERTUNIFIED2ALERT].Func = Unified2Alert;
@ -269,7 +270,8 @@ void TmModuleUnified2AlertRegister (void) {
* \param aun Unified2 thread variable.
*/
int Unified2AlertCloseFile(ThreadVars *t, Unified2AlertThread *aun) {
int Unified2AlertCloseFile(ThreadVars *t, Unified2AlertThread *aun)
{
if (aun->unified2alert_ctx->file_ctx->fp != NULL) {
fclose(aun->unified2alert_ctx->file_ctx->fp);
}
@ -287,7 +289,8 @@ int Unified2AlertCloseFile(ThreadVars *t, Unified2AlertThread *aun) {
* \retval -1 on failure
*/
int Unified2AlertRotateFile(ThreadVars *t, Unified2AlertThread *aun) {
int Unified2AlertRotateFile(ThreadVars *t, Unified2AlertThread *aun)
{
if (Unified2AlertCloseFile(t,aun) < 0) {
SCLogError(SC_ERR_UNIFIED2_ALERT_GENERIC,
"Error: Unified2AlertCloseFile failed");
@ -324,7 +327,7 @@ static int Unified2Write(Unified2AlertThread *aun)
return 1;
}
static int GetXFFIPFromTx (const Packet *p, uint64_t tx_id, char *xff_header, char *dstbuf, int dstbuflen)
static int GetXFFIPFromTx(const Packet *p, uint64_t tx_id, char *xff_header, char *dstbuf, int dstbuflen)
{
uint8_t xff_chain[UNIFIED2_ALERT_XFF_CHAIN_MAXLEN];
HtpState *htp_state = NULL;
@ -381,7 +384,7 @@ static int GetXFFIPFromTx (const Packet *p, uint64_t tx_id, char *xff_header, ch
* \retval 1 if the IP has been found and returned in dstbuf
* \retval 0 if the IP has not being found or error
*/
static int GetXFFIP (const Packet *p, char *xff_header, char *dstbuf, int dstbuflen)
static int GetXFFIP(const Packet *p, char *xff_header, char *dstbuf, int dstbuflen)
{
HtpState *htp_state = NULL;
uint64_t tx_id = 0;
@ -415,7 +418,7 @@ int Unified2Condition(ThreadVars *tv, const Packet *p) {
* \retval TM_ECODE_OK all is good
* \retval TM_ECODE_FAILED serious error
*/
int Unified2Logger (ThreadVars *t, void *data, const Packet *p)
int Unified2Logger(ThreadVars *t, void *data, const Packet *p)
{
int ret = 0;
Unified2AlertThread *aun = (Unified2AlertThread *)data;
@ -781,7 +784,7 @@ error:
* \retval 0 on succces
* \retval -1 on failure
*/
static int Unified2PacketTypeAlert (Unified2AlertThread *aun, const Packet *p, uint32_t event_id, int stream)
static int Unified2PacketTypeAlert(Unified2AlertThread *aun, const Packet *p, uint32_t event_id, int stream)
{
int ret = 0;
@ -885,7 +888,7 @@ static int Unified2PacketTypeAlert (Unified2AlertThread *aun, const Packet *p, u
* \retval 0 on succces
* \retval -1 on failure
*/
static int Unified2IPv6TypeAlert (ThreadVars *t, const Packet *p, void *data)
static int Unified2IPv6TypeAlert(ThreadVars *t, const Packet *p, void *data)
{
Unified2AlertThread *aun = (Unified2AlertThread *)data;
Unified2AlertFileHeader hdr;
@ -1520,7 +1523,8 @@ int Unified2AlertOpenFileCtx(LogFileCtx *file_ctx, const char *prefix)
* \retval 0 on failure
*/
static int Unified2Test01 (void) {
static int Unified2Test01(void)
{
ThreadVars tv;
DecodeThreadVars dtv;
PacketQueue pq;
@ -1608,7 +1612,8 @@ end:
* \retval 0 on failure
*/
static int Unified2Test02 (void) {
static int Unified2Test02(void)
{
ThreadVars tv;
DecodeThreadVars dtv;
PacketQueue pq;
@ -1698,7 +1703,8 @@ end:
* \retval 0 on failure
*/
static int Unified2Test03 (void) {
static int Unified2Test03(void)
{
ThreadVars tv;
DecodeThreadVars dtv;
PacketQueue pq;
@ -1806,7 +1812,8 @@ end:
* \retval 0 on failure
*/
static int Unified2Test04 (void) {
static int Unified2Test04(void)
{
ThreadVars tv;
DecodeThreadVars dtv;
PacketQueue pq;
@ -1889,7 +1896,8 @@ end:
* \retval 0 on failure
*/
static int Unified2Test05 (void) {
static int Unified2Test05(void)
{
ThreadVars tv;
DecodeThreadVars dtv;
PacketQueue pq;
@ -2041,7 +2049,8 @@ error:
/**
* \brief this function registers unit tests for Unified2
*/
void Unified2RegisterTests (void) {
void Unified2RegisterTests(void)
{
#ifdef UNITTESTS
UtRegisterTest("Unified2Test01 -- Ipv4 test", Unified2Test01, 1);
UtRegisterTest("Unified2Test02 -- Ipv6 test", Unified2Test02, 1);

4
src/alert-unified2-alert.h
Unescape Escape View File

@ -1,4 +1,4 @@
/* Copyright (C) 2007-2010 Open Information Security Foundation
/* Copyright (C) 2007-2014 Open Information Security Foundation
*
* You can copy, redistribute or modify this Program under the terms of
* the GNU General Public License version 2 as published by the Free
@ -43,7 +43,7 @@
#define UNIFIED2_EXTRADATA_TYPE_BLOB 1
#define UNIFIED2_EXTRADATA_TYPE_EXTRA_DATA 4
void TmModuleUnified2AlertRegister (void);
void TmModuleUnified2AlertRegister(void);
OutputCtx *Unified2AlertInitCtx(ConfNode *);
#endif /* __ALERT_UNIFIED2_ALERT_H__ */

Write Preview
Loading…
Cancel
Save