#include <sys/types.h>#include <sys/stat.h>#include <stdlib.h>#include <string.h>#include <errno.h>#include <ctype.h>#include <netdb.h>#include <sys/socket.h>#include <netinet/in.h>#include <arpa/inet.h>#include <grp.h>#include <pwd.h>#include <unistd.h>#include "src/preprocessors/flow/flow_print.h"#include "rules.h"#include "parser.h"#include "plugbase.h"#include "debug.h"#include "util.h"#include "mstring.h"#include "detect.h"#include "fpcreate.h"#include "log.h"#include "generators.h"#include "tag.h"#include "signature.h"#include "sfthreshold.h"#include "sfutil/sfthd.h"#include "snort.h"#include "inline.h"#include "event_queue.h"#include "asn1.h"Go to the source code of this file.
|
|
Definition at line 64 of file parser.c. Referenced by ParseRulesFile(), and ReadLine(). |
|
|
Definition at line 63 of file parser.c. Referenced by ParseRuleOptions(). |
|
||||||||||||
|
Definition at line 1339 of file parser.c. References AddRuleFuncToList(), ANY_DST_IP, ANY_SRC_IP, CheckDstIP(), CheckSrcIP(), DEBUG_CONFIGRULES, DEBUG_WRAP, DST, _RuleTreeNode::flags, and SRC. Referenced by SetupRTNFuncList(). |
|
||||||||||||
|
Definition at line 1242 of file parser.c. References DEBUG_CONFIGRULES, DEBUG_WRAP, _RuleFpList::next, NULL, _RuleTreeNode::rule_func, and _RuleFpList::RuleHeadFunc. Referenced by AddrToFunc(), PortToFunc(), and SetupRTNFuncList(). |
|
||||||||||||
|
Definition at line 2266 of file parser.c. References _RuleTreeNode::dip, DST, FatalError(), _IpAddrSet::next, NULL, _RuleTreeNode::sip, and SRC. Referenced by ProcessIP(). |
|
|
Definition at line 4270 of file parser.c. References _RuleListNode::name, _RuleListNode::next, NULL, RULE_UNKNOWN, RuleType(), and strcasecmp. Referenced by ParseRuleTypeDeclaration(). |
|
|
Definition at line 370 of file parser.c. References index. Referenced by ParseRule(). |
|
|
Definition at line 342 of file parser.c. References DEBUG_CONFIGRULES, and DEBUG_WRAP. Referenced by ParseRulesFile(). |
|
||||||||||||
|
Definition at line 2445 of file parser.c. References FatalError(), file_line, file_name, and NULL. Referenced by ParsePort(). |
|
||||||||||||||||
|
|
Definition at line 430 of file parser.c. References DumpChain(), _ListHead::IcmpList, _ListHead::IpList, _RuleListNode::name, _RuleListNode::next, NULL, _RuleListNode::RuleList, _ListHead::TcpList, and _ListHead::UdpList. Referenced by ParseRulesFile(). |
|
|
Definition at line 3015 of file parser.c. References bzero, DEBUG_CONFIGRULES, DEBUG_WRAP, ErrorMessage(), FatalError(), file_line, file_name, NULL, PARSERULE_SIZE, and VarGet(). Referenced by ParseRule(). |
|
||||||||||||
|
Definition at line 3250 of file parser.c. References _OptTreeNode::activated_by, _RuleTreeNode::down, _OptTreeNode::next, and NULL. Referenced by SetLinks(). |
|
||||||||||||
|
Definition at line 3221 of file parser.c. References _RuleTreeNode::activate_list, _ActivateList::activated_by, _ActivateList::next, NULL, and _RuleTreeNode::right. Referenced by SetLinks(). |
|
||||||||||||||||
|
Definition at line 766 of file detect.c. References DEBUG_DETECT, DEBUG_WRAP, _RuleTreeNode::down, FatalError(), _OptTreeNode::next, _OptFpList::next, NULL, _OptTreeNode::opt_func, _OptFpList::OptTestFunc, pv, _progvars::quiet_flag, _RuleTreeNode::right, snprintf, and STD_BUF. Referenced by IntegrityCheckRules(). |
|
|
Definition at line 446 of file parser.c. References DEBUG_CONFIGRULES, DEBUG_WRAP, _ListHead::IcmpList, IntegrityCheck(), _ListHead::IpList, _RuleListNode::name, _RuleListNode::next, NULL, pv, _progvars::quiet_flag, _RuleListNode::RuleList, _ListHead::TcpList, and _ListHead::UdpList. Referenced by ParseRulesFile(). |
|
|
Definition at line 3165 of file parser.c. References _ListHead::IcmpList, SetLinks(), _ListHead::TcpList, and _ListHead::UdpList. Referenced by ParseRulesFile(). |
|
|
Definition at line 2670 of file parser.c. References _RuleTreeNode::activate_list, _ActivateList::activated_by, _OptTreeNode::activated_by, errno, FatalError(), _ActivateList::next, and NULL. Referenced by ParseRuleOptions(). |
|
|
Definition at line 2642 of file parser.c. References _OptTreeNode::activates. Referenced by ParseRuleOptions(). |
|
|
|
Definition at line 2719 of file parser.c. References _OptTreeNode::activation_counter, DEBUG_CONFIGRULES, and DEBUG_WRAP. Referenced by ParseRuleOptions(). |
|
|
Definition at line 2596 of file parser.c. References bzero, index, _OptTreeNode::logto, and NULL. Referenced by ParseRuleOptions(). |
|
|
Definition at line 2510 of file parser.c. References DEBUG_CONFIGRULES, DEBUG_WRAP, ErrorMessage(), file_line, file_name, index, _SigInfo::message, NULL, and _OptTreeNode::sigInfo. Referenced by ParseRuleOptions(). |
|
|
Definition at line 1512 of file parser.c. References _progvars::alert_cmd_override, ErrorMessage(), FatalError(), file_line, file_name, _OutputKeywordNode::func, GetOutputPlugin(), _progvars::log_cmd_override, mSplit(), mSplitFree(), _OutputKeywordNode::node_type, NT_OUTPUT_ALERT, NT_OUTPUT_LOG, NT_OUTPUT_SPECIAL, NULL, and pv. Referenced by ParseRule(), and ParseRuleTypeDeclaration(). |
|
||||||||||||||||||||||||
|
Definition at line 2343 of file parser.c. References ConvPort(), FatalError(), file_line, file_name, index, mSplit(), mSplitFree(), NULL, strcasecmp, and VarGet(). Referenced by ParsePortList(), ParseRule(), and ScanParseIp(). |
|
|
Definition at line 4232 of file parser.c. References FatalError(), file_line, file_name, _progvars::ignore_ports, mSplit(), mSplitFree(), ParsePort(), pv, and WhichProto(). Referenced by ParseConfig(). |
|
|
Definition at line 1445 of file parser.c. References DEBUG_CONFIGRULES, DEBUG_WRAP, _PreprocessKeywordList::entry, FatalError(), _PreprocessKeywordNode::func, _PreprocessKeywordNode::keyword, mSplit(), mSplitFree(), _PreprocessKeywordList::next, NULL, and strcasecmp. Referenced by ParseRule(). |
|
||||||||||||
|
Definition at line 207 of file signature.c. Referenced by ParseRuleOptions(). |
|
||||||||||||||||
|
||||||||||||||||
|
||||||||||||
|
Definition at line 151 of file parser.c. References bzero, _progvars::config_dir, ContinuationCheck(), DEBUG_CONFIGRULES, DEBUG_WRAP, DumpRuleChains(), dynamic_rules_present, errno, FatalError(), file_line, file_name, head_count, index, IntegrityCheckRules(), LinkDynamicRules(), LogMessage(), MAX_LINE_LENGTH, NULL, opt_count, ParseRule(), PARSERULE_SIZE, pv, _progvars::quiet_flag, rule_count, strlcat(), and strlcpy. Referenced by ParseRule(), and SnortMain(). |
|
||||||||||||
|
Definition at line 4293 of file parser.c. References checkKeyword(), CreateRuleType(), DEBUG_CONFIGRULES, DEBUG_WRAP, FatalError(), file_line, file_name, mSplit(), mSplitFree(), NULL, _progvars::num_rule_types, ParseOutputPlugin(), pv, ReadLine(), RULE_ACTIVATE, RULE_ALERT, RULE_DYNAMIC, RULE_LOG, RULE_OUTPUT, RULE_PASS, RuleType(), and strcasecmp. Referenced by ParseRule(). |
|
||||||||||||
|
Definition at line 182 of file signature.c. Referenced by ParseRuleOptions(). |
|
||||||||||||||||||||
|
Definition at line 1384 of file parser.c. References AddRuleFuncToList(), CheckDstPortEqual(), CheckDstPortNotEq(), CheckSrcPortEqual(), CheckSrcPortNotEq(), DEBUG_CONFIGRULES, DEBUG_WRAP, DST, and SRC. Referenced by SetupRTNFuncList(). |
|
|
Definition at line 3280 of file parser.c. References _progvars::alert_filename, DEBUG_CONFIGRULES, DEBUG_WRAP, ProcessFileOption(), and pv. Referenced by ParseConfig(). |
|
||||||||||||
|
Definition at line 3435 of file parser.c. References FatalError(), file_line, file_name, fpSetDebugMode(), fpSetDetectSearchMethod(), fpSetMaxQueueEvents(), fpSetStreamInsert(), and strcasecmp. Referenced by ParseConfig(). |
|
||||||||||||
|
Definition at line 3355 of file parser.c. References FatalError(), file_line, file_name, s_SNORT_EVENT_QUEUE::log_events, s_SNORT_EVENT_QUEUE::max_events, s_SNORT_EVENT_QUEUE::order, SNORT_EVENTQ_CONTENT_LEN, SNORT_EVENTQ_PRIORITY, and strcasecmp. Referenced by ParseConfig(). |
|
|
Definition at line 3289 of file parser.c. References buffer, DEBUG_CONFIGRULES, DEBUG_WRAP, FatalError(), _progvars::log_dir, NULL, pv, _progvars::quiet_flag, STD_BUF, strlcat(), strlcpy, and strstr(). Referenced by AlertCSVParseArgs(), ParseAlertFastArgs(), ParseAlertFullArgs(), and ProcessAlertFileOption(). |
|
||||||||||||
|
Definition at line 3334 of file parser.c. References FatalError(), file_line, file_name, giFlowbitSize, int(), and strtol(). Referenced by ParseConfig(). |
|
||||||||||||||||
|
Definition at line 943 of file parser.c. References DEBUG_CONFIGRULES, DEBUG_WRAP, _RuleTreeNode::down, ETHERNET_TYPE_IP, EXCEPT_DST_PORT, FatalError(), _RuleTreeNode::flags, head_count, _RuleTreeNode::head_node_number, _ListHead::IcmpList, _ListHead::IpList, _RuleTreeNode::ldp, _RuleTreeNode::listhead, LogMessage(), NULL, _RuleTreeNode::right, SetupRTNFuncList(), _ListHead::TcpList, TestHeader(), _ListHead::UdpList, and XferHeader(). Referenced by ParseRule(). |
|
||||||||||||||||
|
Definition at line 2145 of file parser.c. References AllocAddrNode(), ANY_DST_IP, ANY_SRC_IP, DEBUG_CONFIGRULES, DEBUG_WRAP, DST, EXCEPT_DST_IP, EXCEPT_SRC_IP, FatalError(), file_line, file_name, _RuleTreeNode::flags, _IpAddrSet::ip_addr, mSplit(), mSplitFree(), _IpAddrSet::netmask, NULL, ParseIP(), SRC, and VarGet(). Referenced by ParseRule(). |
|
||||||||||||
|
Definition at line 3491 of file parser.c. References FatalError(), file_line, file_name, mSplit(), NULL, pv, and strtoul(). Referenced by ParseConfig(). |
|
|
Definition at line 4393 of file parser.c. References bzero, file_line, file_name, index, LogMessage(), MAX_LINE_LENGTH, and NULL. Referenced by ParseRuleTypeDeclaration(). |
|
|
Definition at line 2030 of file parser.c. References FatalError(), file_line, file_name, NULL, RULE_ACTIVATE, RULE_ALERT, RULE_CONFIG, RULE_DECLARE, RULE_DROP, RULE_DYNAMIC, RULE_INCLUDE, RULE_LOG, RULE_OUTPUT, RULE_PASS, RULE_PREPROCESS, RULE_REINJECT, RULE_REJECT, RULE_REJECTBOTH, RULE_REJECTDST, RULE_REJECTSRC, RULE_SDROP, RULE_SUPPRESS, RULE_THRESHOLD, RULE_UNKNOWN, RULE_VAR, and strcasecmp. Referenced by checkKeyword(), ParseRule(), and ParseRuleTypeDeclaration(). |
|
||||||||||||
|
Definition at line 3188 of file parser.c. References _OptTreeNode::activates, _RuleTreeNode::down, GetDynamicOTN(), GetDynamicRTN(), _OptTreeNode::next, NULL, _OptTreeNode::OTN_activation_ptr, _RuleTreeNode::right, and _OptTreeNode::RTN_activation_ptr. Referenced by LinkDynamicRules(). |
|
|
Definition at line 1281 of file parser.c. References AddrToFunc(), AddRuleFuncToList(), ANY_DST_PORT, ANY_SRC_PORT, BIDIRECTIONAL, CheckBidirectional(), DEBUG_CONFIGRULES, DEBUG_WRAP, DST, EXCEPT_DST_PORT, EXCEPT_SRC_PORT, _RuleTreeNode::flags, PortToFunc(), RuleListEnd(), and SRC. Referenced by ProcessHeadNode(). |
|
||||||||||||
|
Definition at line 2774 of file parser.c. References _IpAddrSet::addr_flags, _RuleTreeNode::dip, _RuleTreeNode::flags, _RuleTreeNode::hdp, _RuleTreeNode::hsp, _IpAddrSet::ip_addr, _RuleTreeNode::ldp, _RuleTreeNode::lsp, _IpAddrSet::netmask, _IpAddrSet::next, NULL, and _RuleTreeNode::sip. Referenced by ProcessHeadNode(). |
|
|
Definition at line 2840 of file parser.c. References FatalError(), and NULL. Referenced by VarDefine(). |
|
||||||||||||
|
Definition at line 2864 of file parser.c. References FatalError(), file_line, file_name, VarEntry::flags, VarEntry::name, VarEntry::next, NULL, VarEntry::prev, strcasecmp, VarEntry::value, VAR_STATIC, and VarAlloc(). Referenced by DefineIfaceVar(), ParseCmdLine(), and ParseRule(). |
|
|
Definition at line 2929 of file parser.c. References VarEntry::name, VarEntry::next, NULL, VarEntry::prev, strcasecmp, and VarEntry::value. |
|
|
Definition at line 2978 of file parser.c. References FatalError(), file_line, file_name, VarEntry::name, VarEntry::next, NULL, strcasecmp, and VarEntry::value. Referenced by ExpandVars(), IpAddrSetParse(), ParsePort(), ParseRule(), ParseSyslogArgs(), PortscanIgnoreParseIP(), PortscanParseIP(), ProcessIP(), ScanParseIp(), and ScanParsePort(). |
|
|
Definition at line 4431 of file parser.c. References VarEntry::name, VarEntry::next, NULL, strcasecmp, and VarEntry::value. |
|
|
Definition at line 2117 of file parser.c. References ETHERNET_TYPE_ARP, ETHERNET_TYPE_IP, FatalError(), file_line, file_name, and strcasecmp. Referenced by ParsePortList(), and ParseRule(). |
|
||||||||||||
|
Definition at line 2746 of file parser.c. References _RuleTreeNode::dip, _RuleTreeNode::flags, _RuleTreeNode::hdp, _RuleTreeNode::hsp, _RuleTreeNode::ldp, _RuleTreeNode::lsp, _RuleTreeNode::not_dp_flag, _RuleTreeNode::not_sp_flag, _RuleTreeNode::sip, and _RuleTreeNode::type. Referenced by ProcessHeadNode(). |
|
|
|
|
|
|
|
|
|
|
|
Definition at line 587 of file plugbase.c. |
|
|
|
|
|
|
|
|
|
|
|
Definition at line 94 of file parser.c. Referenced by ParseRuleOptions(), and ParseRulesFile(). |
|
|
|
|
|
external globals from rules.c |
|
|
size of flowbits tracking Definition at line 28 of file event_queue.c. |
|
|
Definition at line 78 of file spp_flow.c. |
|
|
Definition at line 91 of file parser.c. Referenced by ParseRulesFile(), and ProcessHeadNode(). |
|
|
|
|
|
Definition at line 145 of file plugbase.c. |
|
|
|
|
|
Definition at line 588 of file plugbase.c. |
|
|
Definition at line 92 of file parser.c. Referenced by DecodeIPOptions(), DecodeTCPOptions(), ParseRuleOptions(), and ParseRulesFile(). |
|
|
|
|
|
|
|
|
Definition at line 417 of file plugbase.c. |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Definition at line 90 of file parser.c. Referenced by ParseRule(), and ParseRulesFile(). |
|
|
Definition at line 83 of file parser.c. Referenced by fpCreateFastPacketDetection(). |
|
|
|
|
|
|
1.4.2