aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Small fixes and dbg additions.

Browse Source
remotes/origin/master-1.0.x
Victor Julien 17 years ago
parent b064d0f435
commit e0ed51d049
6 changed files with 41 additions and 6 deletions
Show Stats Download Patch File Download Diff File

22
src/detect.c
Unescape Escape View File

@ -193,13 +193,15 @@ void SigLoadSignatures (void)
} }
*/ */
//#if 0 #define LOADSIGS
#ifdef LOADSIGS
int good = 0, bad = 0; int good = 0, bad = 0;
//FILE *fp = fopen("/etc/vips/rules/bleeding-all.rules", "r"); //FILE *fp = fopen("/etc/vips/rules/bleeding-all.rules", "r");
FILE *fp = fopen("/home/victor/rules/all.rules", "r"); //FILE *fp = fopen("/home/victor/rules/all.rules", "r");
//FILE *fp = fopen("/home/victor/rules/vips-http.sigs", "r"); //FILE *fp = fopen("/home/victor/rules/vips-http.sigs", "r");
//FILE *fp = fopen("/home/victor/rules/emerging-dshield.rules", "r"); //FILE *fp = fopen("/home/victor/rules/emerging-dshield.rules", "r");
//FILE *fp = fopen("/home/victor/rules/emerging-web.rules", "r"); //FILE *fp = fopen("/home/victor/rules/emerging-web.rules", "r");
FILE *fp = fopen("/home/victor/rules/emerging-p2p.rules", "r");
//FILE *fp = fopen("/home/victor/rules/emerging-web-small.rules", "r"); //FILE *fp = fopen("/home/victor/rules/emerging-web-small.rules", "r");
//FILE *fp = fopen("/home/victor/rules/web-misc.rules", "r"); //FILE *fp = fopen("/home/victor/rules/web-misc.rules", "r");
//FILE *fp = fopen("/home/victor/rules/emerging-malware.rules", "r"); //FILE *fp = fopen("/home/victor/rules/emerging-malware.rules", "r");
@ -234,7 +236,7 @@ void SigLoadSignatures (void)
printf("SigLoadSignatures: %d successfully loaded from file. %d sigs failed to load\n", good, bad); printf("SigLoadSignatures: %d successfully loaded from file. %d sigs failed to load\n", good, bad);
printf("SigLoadSignatures: %u sigs with dstportany\n", DbgGetDstPortAnyCnt()); printf("SigLoadSignatures: %u sigs with dstportany\n", DbgGetDstPortAnyCnt());
//#endif #endif
/* Setup the signature group lookup structure and /* Setup the signature group lookup structure and
* pattern matchers */ * pattern matchers */
@ -453,7 +455,9 @@ int SigMatchSignatures(ThreadVars *th_v, PatternMatcherThread *pmt, Packet *p)
/* only if the last matched as well, we have a hit */ /* only if the last matched as well, we have a hit */
if (sm == NULL) { if (sm == NULL) {
//printf("Signature %u matched: %s\n", s->id, s->msg ? s->msg : ""); printf("Signature %u matched: %s, flow: toserver %s toclient %s\n", s->id, s->msg ? s->msg : "",
p->flowflags & FLOW_PKT_TOSERVER ? "TRUE":"FALSE",
p->flowflags & FLOW_PKT_TOCLIENT ? "TRUE":"FALSE");
fmatch = 1; fmatch = 1;
if (!(s->flags & SIG_FLAG_NOALERT)) { if (!(s->flags & SIG_FLAG_NOALERT)) {
@ -915,6 +919,10 @@ int CreateGroupedAddrList(DetectAddressGroup *srchead, int family, DetectAddress
} }
//for (gr = newhead->ipv4_head; gr != NULL; gr = gr->next) {
// printf(" -= Address "); DetectAddressDataPrint(gr->ad); printf("\n");
//}
return 0; return 0;
error: error:
return -1; return -1;
@ -1015,6 +1023,10 @@ int CreateGroupedPortList(DetectPort *srchead, DetectPort **newhead, u_int32_t u
DetectPortInsert(newhead,joingr); DetectPortInsert(newhead,joingr);
} }
//for (gr = *newhead; gr != NULL; gr = gr->next) {
// printf(" -= Port "); DetectPortPrint(gr); printf("\n");
//}
return 0; return 0;
error: error:
return -1; return -1;
@ -1953,7 +1965,7 @@ void DbgPrintSigs2(SigGroupHead *sgh) {
/* shortcut for debugging. If enabled Stage5 will /* shortcut for debugging. If enabled Stage5 will
* print sigid's for all groups */ * print sigid's for all groups */
//#define PRINTSIGS #define PRINTSIGS
/* just printing */ /* just printing */
int SigAddressPrepareStage5(void) { int SigAddressPrepareStage5(void) {

18
src/host.h
Unescape Escape View File

@ -3,10 +3,28 @@
#include "decode.h" #include "decode.h"
#include "util-hash.h"
#include "util-bloomfilter-counting.h"
typedef struct _HostTable {
pthread_mutex_t m;
/* storage & lookup */
HashTable *hash;
BloomFilterCounting *bf;
u_int32_t cnt;
} HostTable;
typedef struct _Host { typedef struct _Host {
pthread_mutex_t m;
Address addr; Address addr;
u_int8_t os; u_int8_t os;
u_int8_t reputation; u_int8_t reputation;
u_int64_t bytes;
u_int32_t pkts;
} Host; } Host;
#define HOST_OS_UNKNOWN 0 #define HOST_OS_UNKNOWN 0

2
src/util-bloomfilter-counting.h
Unescape Escape View File

@ -20,5 +20,7 @@ int BloomFilterCountingAdd(BloomFilterCounting *, void *, u_int16_t);
int BloomFilterCountingRemove(BloomFilterCounting *, void *, u_int16_t); int BloomFilterCountingRemove(BloomFilterCounting *, void *, u_int16_t);
int BloomFilterCountingTest(BloomFilterCounting *, void *, u_int16_t); int BloomFilterCountingTest(BloomFilterCounting *, void *, u_int16_t);
void BloomFilterCountingRegisterTests(void);
#endif /* __BLOOMFILTERCOUNTING_H__ */ #endif /* __BLOOMFILTERCOUNTING_H__ */

2
src/util-bloomfilter.h
Unescape Escape View File

@ -18,5 +18,7 @@ void BloomFilterPrint(BloomFilter *);
int BloomFilterAdd(BloomFilter *, void *, u_int16_t); int BloomFilterAdd(BloomFilter *, void *, u_int16_t);
int BloomFilterTest(BloomFilter *, void *, u_int16_t); int BloomFilterTest(BloomFilter *, void *, u_int16_t);
void BloomFilterRegisterTests(void);
#endif /* __BLOOMFILTER_H__ */ #endif /* __BLOOMFILTER_H__ */

1
src/util-hash.h
Unescape Escape View File

@ -27,6 +27,7 @@ int HashTableRemove(HashTable *, void *, u_int16_t);
void *HashTableLookup(HashTable *, void *, u_int16_t); void *HashTableLookup(HashTable *, void *, u_int16_t);
u_int32_t HashTableGenericHash(HashTable *, void *, u_int16_t); u_int32_t HashTableGenericHash(HashTable *, void *, u_int16_t);
void HashTableRegisterTests(void);
#endif /* __HASH_H__ */ #endif /* __HASH_H__ */

2
src/vips.c
Unescape Escape View File

@ -202,7 +202,7 @@ int main(int argc, char **argv)
BloomFilterCountingRegisterTests(); BloomFilterCountingRegisterTests();
UtRunTests(); UtRunTests();
UtCleanup(); UtCleanup();
exit(1); //exit(1);
//LoadConfig(); //LoadConfig();
//exit(1); //exit(1);

Write Preview
Loading…
Cancel
Save