app-layer templates: cleanups

- cleanup file headers
- add todo section
- convert unit tests to new macros
- add markers to remove disabled by default behaviour
pull/2222/head
Jason Ish 9 years ago committed by Victor Julien
parent 3cf8b4629f
commit e878dd2231

@ -15,8 +15,18 @@
* 02110-1301, USA.
*/
/*
* TODO: Update \author in this file and app-layer-template.h.
* TODO: Implement your app-layer logic with unit tests.
* TODO: Remove SCLogNotice statements or convert to debug.
*/
/**
* \file Template application layer detector and parser for learning and
* \file
*
* \author FirstName LastName <yourname@domain>
*
* Template application layer detector and parser for learning and
* template pruposes.
*
* This template implements a simple application layer for something
@ -449,7 +459,6 @@ void RegisterTemplateParsers(void)
return;
}
/* TEMPLATE_END_REMOVE */
/* Check if Template TCP detection is enabled. If it does not exist in
* the configuration file then it will be enabled by default. */
if (AppLayerProtoDetectConfProtoDetectionEnabled("tcp", proto_name)) {

@ -15,6 +15,12 @@
* 02110-1301, USA.
*/
/**
* \file
*
* \author FirstName LastName <yourname@domain>
*/
#ifndef __APP_LAYER_TEMPLATE_H__
#define __APP_LAYER_TEMPLATE_H__

@ -15,6 +15,21 @@
* 02110-1301, USA.
*/
/*
* TODO: Update your name below and in detect-engine-template.h.
* TODO: Update description in the \file section below.
* TODO: Remove SCLogNotice statements or convert to debug.
*/
/**
* \file
*
* \author FirstName LastName <yourname@domain>
*
* Implement buffer inspection on the decoded application layer
* content buffers.
*/
#include "suricata-common.h"
#include "stream.h"
#include "detect-engine-content-inspection.h"

@ -15,6 +15,12 @@
* 02110-1301, USA.
*/
/**
* \file
*
* \author FirstName LastName <yourname@domain>
*/
#ifndef __DETECT_TEMPLATE_ENGINE_H__
#define __DETECT_TEMPLATE_ENGINE_H__

@ -15,9 +15,19 @@
* 02110-1301, USA.
*/
/*
* TODO: Update the \author in this file and detect-template-buffer.h.
* TODO: Update description in the \file section below.
* TODO: Remove SCLogNotice statements or convert to debug.
*/
/**
* \file Set up of the "template_buffer" keyword to allow content inspections
* on the decoded template application layer buffers.
* \file
*
* \author FirstName LastName <yourname@domain>
*
* Set up of the "template_buffer" keyword to allow content
* inspections on the decoded template application layer buffers.
*/
#include "suricata-common.h"
@ -30,10 +40,11 @@ static void DetectTemplateBufferRegisterTests(void);
void DetectTemplateBufferRegister(void)
{
/* TEMPLATE_START_REMOVE */
if (ConfGetNode("app-layer.protocols.template") == NULL) {
return;
}
/* TEMPLATE_END_REMOVE */
sigmatch_table[DETECT_AL_TEMPLATE_BUFFER].name = "template_buffer";
sigmatch_table[DETECT_AL_TEMPLATE_BUFFER].desc =
"Template content modififier to match on the template buffers";
@ -77,8 +88,6 @@ static int DetectTemplateBufferTest(void)
ThreadVars tv;
Signature *s;
int result = 0;
uint8_t request[] = "Hello World!";
/* Setup flow. */
@ -97,9 +106,7 @@ static int DetectTemplateBufferTest(void)
StreamTcpInitConfig(TRUE);
de_ctx = DetectEngineCtxInit();
if (de_ctx == NULL) {
goto end;
}
FAIL_IF_NULL(de_ctx);
/* This rule should match. */
s = DetectEngineAppendSig(de_ctx,
@ -107,9 +114,7 @@ static int DetectTemplateBufferTest(void)
"msg:\"TEMPLATE Test Rule\"; "
"template_buffer; content:\"World!\"; "
"sid:1; rev:1;)");
if (s == NULL) {
goto end;
}
FAIL_IF_NULL(s);
/* This rule should not match. */
s = DetectEngineAppendSig(de_ctx,
@ -117,9 +122,7 @@ static int DetectTemplateBufferTest(void)
"msg:\"TEMPLATE Test Rule\"; "
"template_buffer; content:\"W0rld!\"; "
"sid:2; rev:1;)");
if (s == NULL) {
goto end;
}
FAIL_IF_NULL(s);
SigGroupBuild(de_ctx);
DetectEngineThreadCtxInit(&tv, (void *)de_ctx, (void *)&det_ctx);
@ -130,20 +133,12 @@ static int DetectTemplateBufferTest(void)
SCMutexUnlock(&f.m);
/* Check that we have app-layer state. */
if (f.alstate == NULL) {
goto end;
}
FAIL_IF_NULL(f.alstate);
SigMatchSignatures(&tv, de_ctx, det_ctx, p);
if (!PacketAlertCheck(p, 1)) {
goto end;
}
if (PacketAlertCheck(p, 2)) {
goto end;
}
FAIL_IF(!PacketAlertCheck(p, 1));
FAIL_IF(PacketAlertCheck(p, 2));
result = 1;
end:
/* Cleanup. */
if (alp_tctx != NULL)
AppLayerParserThreadCtxFree(alp_tctx);
@ -157,7 +152,7 @@ end:
FLOW_DESTROY(&f);
UTHFreePacket(p);
return result;
PASS;
}
#endif

@ -15,6 +15,12 @@
* 02110-1301, USA.
*/
/**
* \file
*
* \author FirstName LastName <yourname@domain>
*/
#ifndef __DETECT_TEMPLATE_BUFFER_H__
#define __DETECT_TEMPLATE_BUFFER_H__

@ -15,6 +15,20 @@
* 02110-1301, USA.
*/
/*
* TODO: Update \author in this file and in output-json-template.h.
* TODO: Remove SCLogNotice statements, or convert to debug.
* TODO: Implement your app-layers logging.
*/
/**
* \file
*
* \author FirstName LastName <yourname@domain>
*
* Implement JSON/eve logging app-layer Template.
*/
#include "suricata-common.h"
#include "debug.h"
#include "detect.h"
@ -178,10 +192,11 @@ static TmEcode JsonTemplateLogThreadDeinit(ThreadVars *t, void *data)
void TmModuleJsonTemplateLogRegister(void)
{
/* TEMPLATE_START_REMOVE */
if (ConfGetNode("app-layer.protocols.template") == NULL) {
return;
}
/* TEMPLATE_END_REMOVE */
tmm_modules[TMM_JSONTEMPLATELOG].name = "JsonTemplateLog";
tmm_modules[TMM_JSONTEMPLATELOG].ThreadInit = JsonTemplateLogThreadInit;
tmm_modules[TMM_JSONTEMPLATELOG].ThreadDeinit = JsonTemplateLogThreadDeinit;

@ -15,6 +15,12 @@
* 02110-1301, USA.
*/
/**
* \file
*
* \author FirstName LastName <name@domain>
*/
#ifndef __OUTPUT_JSON_TEMPLATE_H__
#define __OUTPUT_JSON_TEMPLATE_H__

Loading…
Cancel
Save