Remove vips references. Rename to eidps.

16 years ago · 51a9e36e10
parent 8bc0a2e465
commit 51a9e36e10
42 changed files with 77 additions and 67 deletions
--- a/configure.in
+++ b/configure.in
@ -3,7 +3,7 @@
 AC_INIT(configure.in)

 AM_CONFIG_HEADER(config.h)
-AM_INIT_AUTOMAKE(vips, 0.1)
+AM_INIT_AUTOMAKE(eidps, 0.1)

 AC_LANG_C
 AC_PROG_CC
--- a/src/Makefile.am
+++ b/src/Makefile.am
@ -1,5 +1,5 @@
-bin_PROGRAMS = vips
-vips_SOURCES = vips.c vips.h \
+bin_PROGRAMS = eidps
+eidps_SOURCES = eidps.c eidps.h \
 config.c config.h \
 packet-queue.c packet-queue.h \
 threads.c threads.h \
@ -96,7 +96,7 @@ respond-reject-libnet11.h respond-reject-libnet11.c
 INCLUDES= $(all_includes)

 # the library search path.
-vips_LDFLAGS = $(all_libraries) 
-#vips_LDADD = -lnetfilter_queue -lpthread -lpcre 
-#vips_CFLAGS = -Wall -fno-strict-aliasing 
+eidps_LDFLAGS = $(all_libraries) 
+#eidps_LDADD = -lnetfilter_queue -lpthread -lpcre 
+#eidps_CFLAGS = -Wall -fno-strict-aliasing 

--- a/src/alert-debuglog.c
+++ b/src/alert-debuglog.c
@ -19,7 +19,7 @@
 #include <arpa/inet.h>
 #include <netinet/in.h>

-#include "vips.h"
+#include "eidps.h"
 #include "debug.h"
 #include "detect.h"
 #include "flow.h"
@ -205,7 +205,7 @@ int AlertDebuglogThreadInit(ThreadVars *t, void *initdata, void **data)
    memset(aft, 0, sizeof(AlertDebuglogThread));

    /* XXX */
-    aft->fp = fopen("/var/log/eips/alert-debug.log", "w");
+    aft->fp = fopen("/var/log/eidps/alert-debug.log", "w");
    if (aft->fp == NULL) {
        return -1;
    }
--- a/src/alert-fastlog.c
+++ b/src/alert-fastlog.c
@ -23,7 +23,7 @@
 #include <arpa/inet.h>
 #include <netinet/in.h>

-#include "vips.h"
+#include "eidps.h"
 #include "debug.h"
 #include "detect.h"
 #include "flow.h"
@ -156,7 +156,7 @@ int AlertFastlogThreadInit(ThreadVars *t, void *initdata, void **data)
    memset(aft, 0, sizeof(AlertFastlogThread));

    /* XXX */
-    aft->fp = fopen("/var/log/eips/fast.log", "w");
+    aft->fp = fopen("/var/log/eidps/fast.log", "w");
    if (aft->fp == NULL) {
        return -1;
    }
--- a/src/alert-unified-alert.c
+++ b/src/alert-unified-alert.c
@ -23,7 +23,7 @@
 #include <arpa/inet.h>
 #include <netinet/in.h>

-#include "vips.h"
+#include "eidps.h"
 #include "debug.h"
 #include "detect.h"
 #include "flow.h"
@ -98,7 +98,7 @@ int AlertUnifiedAlertCreateFile(ThreadVars *t, AlertUnifiedAlertThread *aun) {
    gettimeofday(&ts, NULL);

    /* create the filename to use */
-    snprintf(filename, sizeof(filename), "%s/%s.%u", "/var/log/eips", "unified.alert", (u_int32_t)ts.tv_sec);
+    snprintf(filename, sizeof(filename), "%s/%s.%u", "/var/log/eidps", "unified.alert", (u_int32_t)ts.tv_sec);

    /* XXX filename & location */
    aun->fp = fopen(filename, "wb");
--- a/src/alert-unified-log.c
+++ b/src/alert-unified-log.c
@ -23,7 +23,7 @@
 #include <arpa/inet.h>
 #include <netinet/in.h>

-#include "vips.h"
+#include "eidps.h"
 #include "debug.h"
 #include "detect.h"
 #include "flow.h"
@ -100,7 +100,7 @@ int AlertUnifiedLogCreateFile(ThreadVars *t, AlertUnifiedLogThread *aun) {
    gettimeofday(&ts, NULL);

    /* create the filename to use */
-    snprintf(filename, sizeof(filename), "%s/%s.%u", "/var/log/eips", "unified.log", (u_int32_t)ts.tv_sec);
+    snprintf(filename, sizeof(filename), "%s/%s.%u", "/var/log/eidps", "unified.log", (u_int32_t)ts.tv_sec);

    /* XXX filename & location */
    aun->fp = fopen(filename, "wb");
--- a/src/config.c
+++ b/src/config.c
@ -15,7 +15,7 @@

 #include <pcre.h>

-#include "vips.h"
+#include "eidps.h"

 static pcre *config_pcre = NULL;
 static pcre_extra *config_pcre_extra = NULL;
@ -34,7 +34,7 @@ int LoadConfig ( void ) {
 #define MAX_SUBSTRINGS 30
    int ov[MAX_SUBSTRINGS];

-    FILE *fp = fopen("vips.conf", "r");
+    FILE *fp = fopen("eidps.conf", "r");
    if (fp == NULL) printf("ERROR: fopen failed %s\n", strerror(errno));


--- a/src/decode-ipv4.c
+++ b/src/decode-ipv4.c
@ -1,6 +1,6 @@
 /* Copyright (c) 2008 Victor Julien <victor@inliniac.net> */

-#include "vips.h"
+#include "eidps.h"
 #include "packet-queue.h"
 #include "decode.h"
 #include "decode-ipv4.h"
--- a/src/decode-udp.h
+++ b/src/decode-udp.h
@ -5,6 +5,7 @@

 #define UDP_HEADER_LEN         8

+/* XXX RAW* needs to be really 'raw', so no ntohs there */
 #define UDP_GET_RAW_LEN(udph)                ntohs((udph)->uh_len)
 #define UDP_GET_RAW_SRC_PORT(udph)           ntohs((udph)->uh_sport)
 #define UDP_GET_RAW_DST_PORT(udph)           ntohs((udph)->uh_dport)
--- a/src/detect-engine-address-ipv4.c
+++ b/src/detect-engine-address-ipv4.c
@ -1,6 +1,8 @@
 /* Address part of the detection engine.
 *
 * Copyright (c) 2008 Victor Julien
+ *
+ * XXX we need to unit test the hell out of this code
 */

 #include "decode.h"
--- a/src/detect-engine-address-ipv6.c
+++ b/src/detect-engine-address-ipv6.c
@ -1,6 +1,8 @@
 /* Address part of the detection engine.
 *
 * Copyright (c) 2008 Victor Julien
+ *
+ * XXX unit test the join code
 */

 #include "decode.h"
--- a/src/detect-engine-iponly.c
+++ b/src/detect-engine-iponly.c
@ -1,6 +1,6 @@
 /* ip only part of the detection engine */

-/* TODO: needs a lot of work
+/* TODO: needs a lot of work, for example IPv6 support
 *
 * The dificulty with ip only matching is that we need to support (very large)
 * netblocks as well. So we can't just add every single ip to a hash as that
@ -9,7 +9,7 @@
 * we split it into /16's.
 */

-#include "vips.h"
+#include "eidps.h"
 #include "debug.h"
 #include "detect.h"
 #include "flow.h"
--- a/src/detect-engine.c
+++ b/src/detect-engine.c
@ -1,6 +1,6 @@
 /* Copyright (C) 2008 by Victor Julien <victor@inliniac.net> */

-#include "vips.h"
+#include "eidps.h"
 #include "debug.h"
 #include "detect.h"
 #include "flow.h"
--- a/src/detect-parse.c
+++ b/src/detect-parse.c
@ -2,7 +2,7 @@

 #include <pcre.h>

-#include "vips.h"
+#include "eidps.h"
 #include "debug.h"

 #include "detect.h"
--- a/src/detect.c
+++ b/src/detect.c
@ -2,7 +2,7 @@

 #include <pcre.h>

-#include "vips.h"
+#include "eidps.h"
 #include "debug.h"
 #include "detect.h"
 #include "flow.h"
@ -278,7 +278,7 @@ void SigLoadSignatures (void)
    //FILE *fp = fopen("/home/victor/rules/iponly.rules", "r");
    //FILE *fp = fopen("/home/victor/rules/iponly-small.rules", "r");
    //FILE *fp = fopen("/home/victor/rules/all.rules", "r");
-    //FILE *fp = fopen("/home/victor/rules/vips-http.sigs", "r");
+    //FILE *fp = fopen("/home/victor/rules/eidps.http.sigs", "r");
    //FILE *fp = fopen("/home/victor/rules/emerging-dshield.rules", "r");
    FILE *fp = fopen("/home/victor/rules/emerging-all.rules", "r");
    //FILE *fp = fopen("/home/victor/rules/emerging-web.rules", "r");
--- a/src/eidps.c
+++ b/src/eidps.c
@ -14,7 +14,7 @@
 #include <sys/signal.h>
 #include <errno.h>

-#include "vips.h"
+#include "eidps.h"
 #include "decode.h"
 #include "detect.h"
 #include "packet-queue.h"
@ -73,17 +73,17 @@ static int sigint_count = 0;
 static int sighup_count = 0;
 static int sigterm_count = 0;

-#define VIPS_SIGINT  0x01
-#define VIPS_SIGHUP  0x02
-#define VIPS_SIGTERM 0x04
-#define VIPS_STOP    0x08
-#define VIPS_KILL    0x10
+#define EIDPS_SIGINT  0x01
+#define EIDPS_SIGHUP  0x02
+#define EIDPS_SIGTERM 0x04
+#define EIDPS_STOP    0x08
+#define EIDPS_KILL    0x10

 static u_int8_t sigflags = 0;

-static void handle_sigint(/*@unused@*/ int sig) { sigint_count = 1; sigflags |= VIPS_SIGINT; }
-static void handle_sigterm(/*@unused@*/ int sig) { sigterm_count = 1; sigflags |= VIPS_SIGTERM; }
-static void handle_sighup(/*@unused@*/ int sig) { sighup_count = 1; sigflags |= VIPS_SIGHUP; }
+static void handle_sigint(/*@unused@*/ int sig) { sigint_count = 1; sigflags |= EIDPS_SIGINT; }
+static void handle_sigterm(/*@unused@*/ int sig) { sigterm_count = 1; sigflags |= EIDPS_SIGTERM; }
+static void handle_sighup(/*@unused@*/ int sig) { sighup_count = 1; sigflags |= EIDPS_SIGHUP; }

 static void
 setup_signal_handler(int sig, void (*handler)())
@ -191,11 +191,11 @@ Packet *TunnelPktSetup(ThreadVars *t, Packet *parent, u_int8_t *pkt, u_int16_t l
   function. Purpose: pcap file mode needs to be able to tell the
   engine the file eof is reached. */
 void EngineStop(void) {
-    sigflags |= VIPS_STOP;
+    sigflags |= EIDPS_STOP;
 }

 void EngineKill(void) {
-    sigflags |= VIPS_KILL;
+    sigflags |= EIDPS_KILL;
 }

 int RunModeIdsPcap(char *iface) {
@ -867,7 +867,7 @@ int main(int argc, char **argv)
        if (sigflags) {
            printf("signal received\n");

-            if (sigflags & VIPS_SIGINT || sigflags & VIPS_STOP)  {
+            if (sigflags & EIDPS_SIGINT || sigflags & EIDPS_STOP)  {
                printf ("SIGINT or EngineStop received\n");

                /* Stop the engine so it quits after processing the pcap file
@ -875,7 +875,7 @@ int main(int argc, char **argv)
                 * threads. */
                char done = 0;
                do {
-                    if (sigflags & VIPS_SIGTERM || sigflags & VIPS_KILL)
+                    if (sigflags & EIDPS_SIGTERM || sigflags & EIDPS_KILL)
                        break;

                    mutex_lock(&mutex_pending);
@ -890,8 +890,8 @@ int main(int argc, char **argv)

                printf("main: all packets processed by threads, stopping engine\n");
            }
-            if (sigflags & VIPS_SIGHUP)  printf ("SIGHUP\n");
-            if (sigflags & VIPS_SIGTERM) printf ("SIGTERM\n");
+            if (sigflags & EIDPS_SIGHUP)  printf ("SIGHUP\n");
+            if (sigflags & EIDPS_SIGTERM) printf ("SIGTERM\n");

            struct timeval end_time;
            memset(&end_time, 0, sizeof(end_time));
--- a/src/eidps.h
+++ b/src/eidps.h
@ -6,8 +6,8 @@
 *
 */

-#ifndef __VIPS_H__
-#define __VIPS_H__
+#ifndef __EIDPS_H__
+#define __EIDPS_H__

 #include "packet-queue.h"

@ -48,5 +48,5 @@ u_int8_t g_u8_lowercasetable[256];
 //#define u8_tolower(c) ((c) >= 'A' && (c) <= 'Z') ? ((c) + ('a' - 'A')) : (c)


-#endif /* __VIPS_H__ */
+#endif /* __EIDPS_H__ */

--- a/src/flow.c
+++ b/src/flow.c
@ -1,6 +1,6 @@
 /* Copyright (c) 2008 Victor Julien <victor@inliniac.net> */

-#include "vips.h"
+#include "eidps.h"
 #include "debug.h"
 #include "decode.h"
 #include "threads.h"
--- a/src/log-httplog.c
+++ b/src/log-httplog.c
@ -15,7 +15,7 @@
 #include <arpa/inet.h>
 #include <netinet/in.h>

-#include "vips.h"
+#include "eidps.h"
 #include "debug.h"
 #include "detect.h"
 #include "pkt-var.h"
@ -181,7 +181,7 @@ int LogHttplogThreadInit(ThreadVars *t, void *initdata, void **data)
    memset(aft, 0, sizeof(LogHttplogThread));

    /* XXX */
-    aft->fp = fopen("/var/log/eips/http.log", "w");
+    aft->fp = fopen("/var/log/eidps/http.log", "w");
    if (aft->fp == NULL) {
        return -1;
    }
--- a/src/packet-queue.c
+++ b/src/packet-queue.c
@ -1,6 +1,6 @@
 /* Copyright (c) 2008 Victor Julien <victor@inliniac.net> */

-#include "vips.h"
+#include "eidps.h"
 #include "decode.h"
 #include "packet-queue.h"
 #include "threads.h"
--- a/src/respond-reject-libnet11.c
+++ b/src/respond-reject-libnet11.c
@ -18,7 +18,7 @@
 #include <sys/signal.h>
 #include <libnet.h>

-#include "vips.h"
+#include "eidps.h"
 #include "decode.h"
 #include "decode-ipv4.h"
 #include "decode-tcp.h"
--- a/src/respond-reject.c
+++ b/src/respond-reject.c
@ -15,7 +15,7 @@
 #include <sys/signal.h>
 #include <libnet.h>

-#include "vips.h"
+#include "eidps.h"
 #include "decode.h"
 #include "packet-queue.h"
 #include "threads.h"
--- a/src/source-nfq.c
+++ b/src/source-nfq.c
@ -10,7 +10,7 @@
 #include <pthread.h>
 #include <sys/signal.h>

-#include "vips.h"
+#include "eidps.h"
 #include "decode.h"
 #include "packet-queue.h"
 #include "threads.h"
--- a/src/source-pcap-file.c
+++ b/src/source-pcap-file.c
@ -10,7 +10,7 @@
 #include <sys/signal.h>
 #include <pcap/pcap.h>

-#include "vips.h"
+#include "eidps.h"
 #include "decode.h"
 #include "packet-queue.h"
 #include "threads.h"
--- a/src/source-pcap.c
+++ b/src/source-pcap.c
@ -10,7 +10,7 @@
 #include <sys/signal.h>
 #include <pcap/pcap.h>

-#include "vips.h"
+#include "eidps.h"
 #include "decode.h"
 #include "packet-queue.h"
 #include "threads.h"
--- a/src/stream-tcp-reassemble.c
+++ b/src/stream-tcp-reassemble.c
@ -16,7 +16,7 @@
 #include <arpa/inet.h>
 #include <netinet/in.h>

-#include "vips.h"
+#include "eidps.h"
 #include "debug.h"
 #include "detect.h"
 #include "flow.h"
--- a/src/stream-tcp-reassemble.h
+++ b/src/stream-tcp-reassemble.h
@ -3,7 +3,8 @@
 #ifndef __STREAM_TCP_REASSEMBLE_H__
 #define __STREAM_TCP_REASSEMBLE_H__

-/* XXX */
+int StreamTcpReassembleHandleSegment (TcpSession *ssn, TcpStream *stream, Packet *p);
+int StreamTcpReassembleInit(void);

 #endif /* __STREAM_TCP_REASSEMBLE_H__ */

--- a/src/stream-tcp.c
+++ b/src/stream-tcp.c
@ -11,7 +11,7 @@
 #include <arpa/inet.h>
 #include <netinet/in.h>

-#include "vips.h"
+#include "eidps.h"
 #include "debug.h"
 #include "detect.h"
 #include "flow.h"
@ -24,6 +24,7 @@
 #include "util-unittest.h"

 #include "stream-tcp-private.h"
+#include "stream-tcp-reassemble.h"

 int StreamTcp (ThreadVars *, Packet *, void *, PacketQueue *);
 int StreamTcpThreadInit(ThreadVars *, void *, void **);
--- a/src/tm-modules.c
+++ b/src/tm-modules.c
@ -1,6 +1,6 @@
 /* Copyright (c) 2008 Victor Julien <victor@inliniac.net> */

-#include "vips.h"
+#include "eidps.h"
 #include "tm-modules.h"

 TmModule tmm_modules[TMM_SIZE];
--- a/src/tm-queuehandlers.c
+++ b/src/tm-queuehandlers.c
@ -1,6 +1,6 @@
 /* Copyright (c) 2008 Victor Julien <victor@inliniac.net> */

-#include "vips.h"
+#include "eidps.h"
 #include "packet-queue.h"
 #include "decode.h"
 #include "threads.h"
--- a/src/tm-queues.c
+++ b/src/tm-queues.c
@ -1,4 +1,4 @@
-#include "vips.h"
+#include "eidps.h"
 #include "threads.h"

 #include "tm-queues.h"
--- a/src/tm-threads.c
+++ b/src/tm-threads.c
@ -6,7 +6,7 @@
 #include <sys/syscall.h>
 #include <sched.h>     /* for sched_setaffinity(2) */

-#include "vips.h"
+#include "eidps.h"
 #include "threadvars.h"
 #include "tm-queues.h"
 #include "tm-queuehandlers.h"
--- a/src/tmqh-nfq.c
+++ b/src/tmqh-nfq.c
@ -1,6 +1,6 @@
 /* Copyright (c) 2008 Victor Julien <victor@inliniac.net> */

-#include "vips.h"
+#include "eidps.h"
 #include "packet-queue.h"
 #include "decode.h"
 #include "threads.h"
--- a/src/tmqh-packetpool.c
+++ b/src/tmqh-packetpool.c
@ -1,6 +1,6 @@
 /* Packetpool queue handlers */

-#include "vips.h"
+#include "eidps.h"
 #include "packet-queue.h"
 #include "decode.h"
 #include "threads.h"
--- a/src/tmqh-simple.c
+++ b/src/tmqh-simple.c
@ -1,5 +1,5 @@

-#include "vips.h"
+#include "eidps.h"
 #include "packet-queue.h"
 #include "decode.h"
 #include "threads.h"
--- a/src/util-binsearch.c
+++ b/src/util-binsearch.c
@ -2,6 +2,8 @@
 #include <stdlib.h>
 #include <string.h>

+/* XXX replace this by a better algo */
+
 u_int8_t nocasetable[256];
 #define _nc(c) nocasetable[(c)]

@ -25,8 +27,7 @@ void BinSearchInit (void)
 #endif /* DEBUG */
 }

-/* Caseless binary search. More expensive that the one that
- * respects case.
+/* Binary search.
 *
 * Returns:
 *  - ptr to start of the match
--- a/src/util-mpm-b2g.c
+++ b/src/util-mpm-b2g.c
@ -20,7 +20,7 @@
 #include <ctype.h>
 #include <errno.h>

-#include "vips.h"
+#include "eidps.h"
 #include "detect.h"
 #include "util-bloomfilter.h"
 #include "util-mpm-b2g.h"
--- a/src/util-mpm-b3g.c
+++ b/src/util-mpm-b3g.c
@ -18,7 +18,7 @@
 #include <ctype.h>
 #include <errno.h>

-#include "vips.h"
+#include "eidps.h"

 #include "util-bloomfilter.h"
 #include "util-mpm-b3g.h"
--- a/src/util-pool.h
+++ b/src/util-pool.h
@ -26,7 +26,9 @@ typedef struct _Pool {
 Pool* PoolInit(u_int32_t, u_int32_t, void *(*Alloc)(void *), void *, void (*Free)(void *));
 void PoolFree(Pool *);
 void PoolPrint(Pool *);
+
 void *PoolGet(Pool *);
+void PoolReturn(Pool *, void *);

 void PoolRegisterTests(void);

--- a/src/util-time.c
+++ b/src/util-time.c
@ -1,6 +1,6 @@
 /* Time keeping for offline (non-live) packet handling (pcap files) */

-#include "vips.h"
+#include "eidps.h"
 #include "detect.h"
 #include "threads.h"

--- a/src/util-var-name.c
+++ b/src/util-var-name.c
@ -1,4 +1,4 @@
-#include "vips.h"
+#include "eidps.h"
 #include "detect.h"
 #include "util-hashlist.h"

--- a/src/util-var.c
+++ b/src/util-var.c
@ -1,4 +1,4 @@
-#include "vips.h"
+#include "eidps.h"
 #include "detect.h"

 #include "util-var.h"