src/output-plugins/spo_bait_and_switch.c Source File

00001 /*
00002 ** Copyright (C) 1998-2002 Martin Roesch <roesch@sourcefire.com>
00003 **
00004 ** This program is free software; you can redistribute it and/or modify
00005 ** it under the terms of the GNU General Public License as published by
00006 ** the Free Software Foundation; either version 2 of the License, or
00007 ** (at your option) any later version.
00008 **
00009 ** This program is distributed in the hope that it will be useful,
00010 ** but WITHOUT ANY WARRANTY; without even the implied warranty of
00011 ** MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
00012 ** GNU General Public License for more details.
00013 **
00014 ** You should have received a copy of the GNU General Public License
00015 ** along with this program; if not, write to the Free Software
00016 ** Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
00017 */
00018 #ifdef GIDS
00019 #ifndef IPFW
00020 
00021 #include <sys/types.h>
00022 
00023 #include "decode.h"
00024 #include "event.h"
00025 #include "plugbase.h"
00026 #include "spo_plugbase.h"
00027 #include "parser.h"
00028 #include "debug.h"
00029 #include "plugin_enum.h"
00030 #include "detection-plugins/sp_bait_and_switch.h"
00031 #include "preprocessors/spp_bait_and_switch.h"
00032 #include "snort.h"
00033 
00034 /* list of function prototypes for this output plugin */
00035 void AlertBandSInit(u_char *);
00036 void AlertBandS(Packet *, char *, void *, Event *);
00037 void AlertBandSCleanExitFunc(int, void *);
00038 void AlertBandSRestartFunc(int, void *);
00039 
00040 extern OptTreeNode *otn_tmp;
00041 extern PV pv;
00042 
00043 static int bands_out_running = 0; 
00044 
00045 void AlertBandSetup()
00046 {
00047     /* link the preprocessor keyword to the init function in 
00048        the preproc list */
00049     RegisterOutputPlugin("alert_BandS", NT_OUTPUT_ALERT, AlertBandSInit);
00050 
00051     DEBUG_WRAP(DebugMessage(DEBUG_PLUGIN, "Output plugin: BandS is setup...\n"););
00052 }
00053 
00054 
00055 void AlertBandSInit(u_char *args)
00056 {
00057     if(!BaitAndSwitchIsRunning())
00058     {
00059         FatalError("dude, you can't have a bait-and-switch output-plugin without the bait-and-switch preproc\n");
00060     }
00061     
00062     bands_out_running = 1;
00063  
00064     DEBUG_WRAP(DebugMessage(DEBUG_PLUGIN, "Output: BandS Initialized\n"););
00065 
00066     /* Set the preprocessor function into the function list */
00067     AddFuncToOutputList(AlertBandS, NT_OUTPUT_ALERT, NULL);
00068     AddFuncToCleanExitList(AlertBandSCleanExitFunc, NULL);
00069     AddFuncToRestartList(AlertBandSRestartFunc, NULL);
00070 }
00071 
00072 
00073 
00074 void AlertBandS(Packet *p, char *msg, void *arg, Event *event)
00075 {
00076     BandSp *bandsp_o;
00077     bandsp_o=NULL;
00078 
00079 
00080     if(otn_tmp==NULL)
00081     {
00082         return;
00083     }
00084     if(p == NULL)
00085     {
00086         return;
00087     }
00088 
00089     if(otn_tmp->ds_list[PLUGIN_BANDSP])
00090     { 
00091        bandsp_o=otn_tmp->ds_list[PLUGIN_BANDSP];
00092      
00093        if(bandsp_o) 
00094        {
00095           printf("adding packet to reroute tree because we have bands options");
00096           AddIpToRerouteTree(p, bandsp_o->bands_direction, bandsp_o->bands_timeout, bandsp_o->hpotaddr);
00097        }
00098     }
00099     else
00100     {
00101        return;
00102     }
00103 }
00104 
00105 int BaitAndSwitchOutputInitRun(void)
00106 {
00107     return bands_out_running;
00108 }
00109 
00110 void AlertBandSCleanExitFunc(int signal, void *arg)
00111 {
00112     return;
00113 }
00114 
00115 void AlertBandSRestartFunc(int signal, void *arg)
00116 {
00117     return;
00118 }
00119 #endif /* IPFW */
00120 #endif /* GIDS */