#include "suricata-common.h"#include "conf.h"#include "util-unittest.h"#include "util-debug.h"#include "util-path.h"#include "util-conf.h"
Go to the source code of this file.
Macros | |
| #define | NODE_NAME_MAX 1024 |
Functions | |
| void | ConfInit (void) |
| Initialize the configuration system. More... | |
| ConfNode * | ConfNodeNew (void) |
| Allocate a new configuration node. More... | |
| void | ConfNodeFree (ConfNode *node) |
| Free a ConfNode and all of its children. More... | |
| ConfNode * | ConfGetNode (const char *name) |
| Get a ConfNode by name. More... | |
| ConfNode * | ConfGetRootNode (void) |
| Get the root configuration node. More... | |
| int | ConfSet (const char *name, const char *val) |
| Set a configuration value. More... | |
| int | ConfSetFromString (const char *input, int final) |
| Set a configuration parameter from a string. More... | |
| int | ConfSetFinal (const char *name, const char *val) |
| Set a final configuration value. More... | |
| int | ConfGet (const char *name, const char **vptr) |
| Retrieve the value of a configuration node. More... | |
| int | ConfGetChildValue (const ConfNode *base, const char *name, const char **vptr) |
| ConfNode * | ConfGetChildWithDefault (const ConfNode *base, const ConfNode *dflt, const char *name) |
| int | ConfGetChildValueWithDefault (const ConfNode *base, const ConfNode *dflt, const char *name, const char **vptr) |
| int | ConfGetInt (const char *name, intmax_t *val) |
| Retrieve a configuration value as an integer. More... | |
| int | ConfGetChildValueInt (const ConfNode *base, const char *name, intmax_t *val) |
| int | ConfGetChildValueIntWithDefault (const ConfNode *base, const ConfNode *dflt, const char *name, intmax_t *val) |
| int | ConfGetBool (const char *name, int *val) |
| Retrieve a configuration value as an boolen. More... | |
| int | ConfGetChildValueBool (const ConfNode *base, const char *name, int *val) |
| int | ConfGetChildValueBoolWithDefault (const ConfNode *base, const ConfNode *dflt, const char *name, int *val) |
| int | ConfValIsTrue (const char *val) |
| Check if a value is true. More... | |
| int | ConfValIsFalse (const char *val) |
| Check if a value is false. More... | |
| int | ConfGetDouble (const char *name, double *val) |
| Retrieve a configuration value as a double. More... | |
| int | ConfGetFloat (const char *name, float *val) |
| Retrieve a configuration value as a float. More... | |
| void | ConfNodeRemove (ConfNode *node) |
| Remove (and SCFree) the provided configuration node. More... | |
| int | ConfRemove (const char *name) |
| Remove a configuration parameter from the configuration db. More... | |
| void | ConfCreateContextBackup (void) |
| Creates a backup of the conf_hash hash_table used by the conf API. More... | |
| void | ConfRestoreContextBackup (void) |
| Restores the backup of the hash_table present in backup_conf_hash back to conf_hash. More... | |
| void | ConfDeInit (void) |
| De-initializes the configuration system. More... | |
| void | ConfNodeDump (const ConfNode *node, const char *prefix) |
| Dump a configuration node and all its children. More... | |
| void | ConfDump (void) |
| Dump configuration to stdout. More... | |
| bool | ConfNodeHasChildren (const ConfNode *node) |
| Check if a node has any children. More... | |
| ConfNode * | ConfNodeLookupChild (const ConfNode *node, const char *name) |
| Lookup a child configuration node by name. More... | |
| const char * | ConfNodeLookupChildValue (const ConfNode *node, const char *name) |
| Lookup the value of a child configuration node by name. More... | |
| ConfNode * | ConfNodeLookupKeyValue (const ConfNode *base, const char *key, const char *value) |
| Lookup for a key value under a specific node. More... | |
| int | ConfNodeChildValueIsTrue (const ConfNode *node, const char *key) |
| Test if a configuration node has a true value. More... | |
| char * | ConfLoadCompleteIncludePath (const char *file) |
| Create the path for an include entry. More... | |
| void | ConfNodePrune (ConfNode *node) |
| Prune a configuration node. More... | |
| int | ConfNodeIsSequence (const ConfNode *node) |
| Check if a node is a sequence or node. More... | |
| ConfNode * | ConfSetIfaceNode (const char *ifaces_node_name, const char *iface) |
| Finds an interface from the list of interfaces. More... | |
| int | ConfSetRootAndDefaultNodes (const char *ifaces_node_name, const char *iface, ConfNode **if_root, ConfNode **if_default) |
| Finds and sets root and default node of the interface. More... | |
| void | ConfRegisterTests (void) |
Detailed Description
This file provides a basic configuration system for the IDPS engine.
NOTE: Setting values should only be done from one thread during engine initialization. Multiple threads should be able access read configuration data. Allowing run time changes to the configuration will require some locks.
- Todo:
- Consider having the in-memory configuration database a direct reflection of the configuration file and moving command line parameters to a primary lookup table?
- Todo:
- Get rid of allow override and go with a simpler first set, stays approach?
Definition in file conf.c.
Macro Definition Documentation
◆ NODE_NAME_MAX
| #define NODE_NAME_MAX 1024 |
Function Documentation
◆ ConfCreateContextBackup()
| void ConfCreateContextBackup | ( | void | ) |
◆ ConfDeInit()
| void ConfDeInit | ( | void | ) |
◆ ConfDump()
| void ConfDump | ( | void | ) |
Dump configuration to stdout.
Definition at line 736 of file conf.c.
References ConfNodeDump().
◆ ConfGet()
| int ConfGet | ( | const char * | name, |
| const char ** | vptr | ||
| ) |
Retrieve the value of a configuration node.
This function will return the value for a configuration node based on the full name of the node. It is possible that the value returned could be NULL, this could happen if the requested node does exist but is not a node that contains a value, but contains children ConfNodes instead.
- Parameters
-
name Name of configuration parameter to get. vptr Pointer that will be set to the configuration value parameter. Note that this is just a reference to the actual value, not a copy.
- Return values
-
1 will be returned if the name is found, otherwise 0 will be returned.
Definition at line 331 of file conf.c.
References ConfGetNode(), SCLogDebug, and ConfNode_::val.
Referenced by ConfGetBool(), ConfGetDouble(), ConfGetFloat(), ConfGetInt(), ConfigGetDataDirectory(), ConfigGetLogDirectory(), ConfLoadCompleteIncludePath(), ConfUnixSocketIsEnable(), CoredumpLoadConfig(), FlowInitConfig(), HTPParseMemcap(), HttpRangeContainersInit(), NFQInitConfig(), OutputJsonInitCtx(), PatternMatchDefaultMatcher(), PostConfLoadedSetup(), RunModeDispatch(), RunModeErfFileAutoFp(), RunModeErfFileSingle(), RunModeFilePcapAutoFp(), RunModeFilePcapSingle(), RunModeIdsAFPAutoFp(), RunModeIdsAFPSingle(), RunModeIdsAFPWorkers(), RunModeIdsPcapAutoFp(), RunModeIdsPcapSingle(), RunModeIdsPcapWorkers(), RunModeInitialize(), SCLogLoadConfig(), SCRuleVarsGetConfVar(), SinglePatternMatchDefaultMatcher(), StreamTcpInitConfig(), and TmqhFlowRegister().
◆ ConfGetBool()
| int ConfGetBool | ( | const char * | name, |
| int * | val | ||
| ) |
Retrieve a configuration value as an boolen.
- Parameters
-
name Name of configuration parameter to get. val Pointer to an int that will be set to 1 for true, or 0 for false.
- Return values
-
1 will be returned if the name is found and was properly converted to a boolean, otherwise 0 will be returned.
Definition at line 473 of file conf.c.
References ConfGet(), and ConfValIsTrue().
Referenced by DecodeERSPANConfig(), DecodeGeneveConfig(), DecodeTeredoConfig(), DecodeVXLANConfig(), DetectEngineFrameMpmRegister(), NapatechGetStreamConfig(), NapatechPacketLoop(), NFQInitConfig(), PostConfLoadedSetup(), RunModeInitialize(), and StreamTcpInitConfig().
◆ ConfGetChildValue()
| int ConfGetChildValue | ( | const ConfNode * | base, |
| const char * | name, | ||
| const char ** | vptr | ||
| ) |
Definition at line 344 of file conf.c.
References ConfNodeLookupChild(), SCLogDebug, and ConfNode_::val.
Referenced by ConfGetChildValueBool(), ConfGetChildValueInt(), and ConfGetChildValueWithDefault().
◆ ConfGetChildValueBool()
| int ConfGetChildValueBool | ( | const ConfNode * | base, |
| const char * | name, | ||
| int * | val | ||
| ) |
Definition at line 486 of file conf.c.
References ConfGetChildValue(), and ConfValIsTrue().
Referenced by ConfGetChildValueBoolWithDefault().
◆ ConfGetChildValueBoolWithDefault()
| int ConfGetChildValueBoolWithDefault | ( | const ConfNode * | base, |
| const ConfNode * | dflt, | ||
| const char * | name, | ||
| int * | val | ||
| ) |
Definition at line 499 of file conf.c.
References ConfGetChildValueBool().
◆ ConfGetChildValueInt()
| int ConfGetChildValueInt | ( | const ConfNode * | base, |
| const char * | name, | ||
| intmax_t * | val | ||
| ) |
Definition at line 425 of file conf.c.
References ConfGetChildValue(), ConfNode_::name, SC_ERR_INVALID_YAML_CONF_ENTRY, and SCLogError.
Referenced by ConfGetChildValueIntWithDefault().
◆ ConfGetChildValueIntWithDefault()
| int ConfGetChildValueIntWithDefault | ( | const ConfNode * | base, |
| const ConfNode * | dflt, | ||
| const char * | name, | ||
| intmax_t * | val | ||
| ) |
Definition at line 451 of file conf.c.
References ConfGetChildValueInt().
◆ ConfGetChildValueWithDefault()
| int ConfGetChildValueWithDefault | ( | const ConfNode * | base, |
| const ConfNode * | dflt, | ||
| const char * | name, | ||
| const char ** | vptr | ||
| ) |
Definition at line 372 of file conf.c.
References ConfGetChildValue().
Referenced by AFPRunModeIsIPS().
◆ ConfGetChildWithDefault()
| ConfNode* ConfGetChildWithDefault | ( | const ConfNode * | base, |
| const ConfNode * | dflt, | ||
| const char * | name | ||
| ) |
Definition at line 358 of file conf.c.
References ConfNodeLookupChild().
◆ ConfGetDouble()
| int ConfGetDouble | ( | const char * | name, |
| double * | val | ||
| ) |
Retrieve a configuration value as a double.
- Parameters
-
name Name of configuration parameter to get. val Pointer to an double that will be set the configuration value.
- Return values
-
1 will be returned if the name is found and was properly converted to a double, otherwise 0 will be returned.
Definition at line 571 of file conf.c.
References ConfGet().
◆ ConfGetFloat()
| int ConfGetFloat | ( | const char * | name, |
| float * | val | ||
| ) |
Retrieve a configuration value as a float.
- Parameters
-
name Name of configuration parameter to get. val Pointer to an float that will be set the configuration value.
- Return values
-
1 will be returned if the name is found and was properly converted to a double, otherwise 0 will be returned.
Definition at line 601 of file conf.c.
References ConfGet().
Referenced by RunModeInitialize().
◆ ConfGetInt()
| int ConfGetInt | ( | const char * | name, |
| intmax_t * | val | ||
| ) |
Retrieve a configuration value as an integer.
- Parameters
-
name Name of configuration parameter to get. val Pointer to an intmax_t that will be set the configuration value.
- Return values
-
1 will be returned if the name is found and was properly converted to an interger, otherwise 0 will be returned.
Definition at line 393 of file conf.c.
References ConfGet(), SC_ERR_INVALID_YAML_CONF_ENTRY, and SCLogError.
Referenced by DecodeGlobalConfig(), DefragInit(), DetectLoadersInit(), FlowInitConfig(), FlowManagerThreadSpawn(), FlowRecyclerThreadSpawn(), NFQInitConfig(), PacketAlertGetMaxConfig(), SCProfilingInit(), and StreamTcpInitConfig().
◆ ConfGetNode()
| ConfNode* ConfGetNode | ( | const char * | name | ) |
Get a ConfNode by name.
- Parameters
-
name The full name of the configuration node to lookup.
- Return values
-
A pointer to ConfNode is found or NULL if the configuration node does not exist.
Definition at line 176 of file conf.c.
Referenced by ActionInitConfig(), AFPRunModeIsIPS(), AppLayerParserConfParserEnabled(), AppLayerProtoDetectConfProtoDetectionEnabledDefault(), AppLayerProtoDetectPPParseConfPorts(), ConfGet(), ConfRemove(), ConfSetIfaceNode(), DatasetsInit(), DetectAddressTestConfVars(), DetectLoadCompleteSigPath(), DetectPortTestConfVars(), DetectTemplateBufferRegister(), DetectTemplateRustBufferRegister(), FlowInitFlowProto(), JsonBitTorrentDHTLogRegister(), JsonPgsqlLogRegister(), JsonTemplateLogRegister(), JsonTemplateRustLogRegister(), LiveBuildDeviceListCustom(), PcapLogProfileSetup(), RegisterMQTTParsers(), RegisterTemplateRustParsers(), RunModeInitialize(), RunModeInitializeOutputs(), SCLogLoadConfig(), SCProfilingKeywordsGlobalInit(), SCProfilingPrefilterGlobalInit(), SCProfilingRulesGlobalInit(), SCProfilingSghsGlobalInit(), SetupRuleAnalyzer(), and StreamTcpInitConfig().
◆ ConfGetRootNode()
| ConfNode* ConfGetRootNode | ( | void | ) |
◆ ConfInit()
| void ConfInit | ( | void | ) |
Initialize the configuration system.
Definition at line 114 of file conf.c.
Referenced by InitGlobal().
◆ ConfLoadCompleteIncludePath()
| char* ConfLoadCompleteIncludePath | ( | const char * | file | ) |
Create the path for an include entry.
- Parameters
-
file The name of the file
- Return values
-
str Pointer to the string path + sig_file
Definition at line 858 of file conf.c.
References ConfGet(), PathIsRelative(), SCLogDebug, SCMalloc, SCStrdup, strlcat(), strlcpy(), and unlikely.
◆ ConfNodeChildValueIsTrue()
| int ConfNodeChildValueIsTrue | ( | const ConfNode * | node, |
| const char * | key | ||
| ) |
Test if a configuration node has a true value.
- Parameters
-
node The parent configuration node. name The name of the child node to test.
- Return values
-
1 if the child node has a true value, otherwise 0 is returned, even if the child node does not exist.
Definition at line 844 of file conf.c.
References ConfNodeLookupChildValue(), and ConfValIsTrue().
Referenced by HttpXFFGetCfg(), PcapLogProfileSetup(), SCProfilingKeywordsGlobalInit(), SCProfilingPrefilterGlobalInit(), SCProfilingRulesGlobalInit(), and SCProfilingSghsGlobalInit().
◆ ConfNodeDump()
| void ConfNodeDump | ( | const ConfNode * | node, |
| const char * | prefix | ||
| ) |
Dump a configuration node and all its children.
Definition at line 706 of file conf.c.
References ConfNode_::name, next, SCStrdup, TAILQ_FOREACH, and unlikely.
Referenced by ConfDump().
◆ ConfNodeFree()
| void ConfNodeFree | ( | ConfNode * | node | ) |
Free a ConfNode and all of its children.
- Parameters
-
node The configuration node to SCFree.
Definition at line 152 of file conf.c.
References ConfNodeFree(), ConfNode_::name, next, SCFree, TAILQ_FIRST, TAILQ_REMOVE, and ConfNode_::val.
Referenced by ConfNodeFree(), and ConfNodeRemove().
◆ ConfNodeHasChildren()
| bool ConfNodeHasChildren | ( | const ConfNode * | node | ) |
Check if a node has any children.
Checks if the provided node has any children. Any node that is a YAML map or array will have children.
- Parameters
-
node The node to check.
- Return values
-
true if node has children false if node does not have children
Definition at line 752 of file conf.c.
References TAILQ_EMPTY.
◆ ConfNodeIsSequence()
| int ConfNodeIsSequence | ( | const ConfNode * | node | ) |
Check if a node is a sequence or node.
- Parameters
-
node the node to check.
- Returns
- 1 if node is a seuence, otherwise 0.
Definition at line 931 of file conf.c.
References ConfNode_::is_seq.
◆ ConfNodeLookupChild()
Lookup a child configuration node by name.
Given a ConfNode this function will lookup an immediate child ConfNode by name and return the child ConfNode.
- Parameters
-
node The parent configuration node. name The name of the child node to lookup.
- Return values
-
A pointer the child ConfNode if found otherwise NULL.
Definition at line 771 of file conf.c.
References ConfNode_::name, next, and TAILQ_FOREACH.
Referenced by AppLayerProtoDetectPPParseConfPorts(), ConfGetChildValue(), ConfGetChildWithDefault(), ConfNodeLookupChildValue(), FileForceHashParseCfg(), FlowInitFlowProto(), HttpXFFGetCfg(), and OutputEmailInitConf().
◆ ConfNodeLookupChildValue()
| const char* ConfNodeLookupChildValue | ( | const ConfNode * | node, |
| const char * | name | ||
| ) |
Lookup the value of a child configuration node by name.
Given a parent ConfNode this function will return the value of a child configuration node by name returning a reference to that value.
- Parameters
-
node The parent configuration node. name The name of the child node to lookup.
- Return values
-
A pointer the child ConfNodes value if found otherwise NULL.
Definition at line 799 of file conf.c.
References ConfNodeLookupChild(), and ConfNode_::val.
Referenced by ConfNodeChildValueIsTrue(), FileForceHashParseCfg(), FlowInitFlowProto(), HttpXFFGetCfg(), LogHttpLogInitCtx(), LogTcpDataLogInitCtx(), OutputEmailInitConf(), OutputJsonInitCtx(), SCProfilingKeywordsGlobalInit(), SCProfilingPrefilterGlobalInit(), SCProfilingRulesGlobalInit(), SCProfilingSghsGlobalInit(), and SetupRuleAnalyzer().
◆ ConfNodeLookupKeyValue()
Lookup for a key value under a specific node.
- Returns
- the ConfNode matching or NULL
Definition at line 816 of file conf.c.
References ConfNode_::name, next, TAILQ_FOREACH, and ConfNode_::val.
Referenced by AFPRunModeIsIPS().
◆ ConfNodeNew()
| ConfNode* ConfNodeNew | ( | void | ) |
Allocate a new configuration node.
- Return values
-
An allocated configuration node on success, NULL on failure.
Definition at line 134 of file conf.c.
References SCCalloc, TAILQ_INIT, and unlikely.
◆ ConfNodePrune()
| void ConfNodePrune | ( | ConfNode * | node | ) |
Prune a configuration node.
Pruning a configuration is similar to freeing, but only fields that may be overridden are, leaving final type parameters. Additional the value of the provided node is also free'd, but the node itself is left.
- Parameters
-
node The configuration node to prune.
Definition at line 899 of file conf.c.
References ConfNodePrune(), ConfNode_::final, ConfNode_::name, next, SCFree, TAILQ_EMPTY, TAILQ_FIRST, TAILQ_NEXT, TAILQ_REMOVE, and ConfNode_::val.
Referenced by ConfNodePrune().
◆ ConfNodeRemove()
| void ConfNodeRemove | ( | ConfNode * | node | ) |
Remove (and SCFree) the provided configuration node.
Definition at line 624 of file conf.c.
References ConfNodeFree(), next, ConfNode_::parent, and TAILQ_REMOVE.
Referenced by ConfRemove().
◆ ConfRegisterTests()
| void ConfRegisterTests | ( | void | ) |
Definition at line 1478 of file conf.c.
References UtRegisterTest().
◆ ConfRemove()
| int ConfRemove | ( | const char * | name | ) |
Remove a configuration parameter from the configuration db.
- Parameters
-
name The name of the configuration parameter to remove.
- Return values
-
Returns 1 if the parameter was removed, otherwise 0 is returned most likely indicating the parameter was not set.
Definition at line 639 of file conf.c.
References ConfGetNode(), and ConfNodeRemove().
◆ ConfRestoreContextBackup()
| void ConfRestoreContextBackup | ( | void | ) |
◆ ConfSet()
| int ConfSet | ( | const char * | name, |
| const char * | val | ||
| ) |
Set a configuration value.
Configuration values set with this function may be overridden by subsequent calls, or if the value appears multiple times in a configuration file.
- Parameters
-
name The name of the configuration parameter to set. val The value of the configuration parameter.
- Return values
-
1 if the value was set otherwise 0.
Definition at line 220 of file conf.c.
Referenced by ConfSetFromString(), and PostConfLoadedSetup().
◆ ConfSetFinal()
| int ConfSetFinal | ( | const char * | name, |
| const char * | val | ||
| ) |
Set a final configuration value.
A final configuration value is a value that cannot be overridden by the configuration file. Its mainly useful for setting values that are supplied on the command line prior to the configuration file being loaded. However, a subsequent call to this function can override a previously set value.
- Parameters
-
name The name of the configuration parameter to set. val The value of the configuration parameter.
- Return values
-
1 if the value was set otherwise 0.
Definition at line 299 of file conf.c.
Referenced by ConfigSetDataDirectory(), ConfigSetLogDirectory(), and ConfSetFromString().
◆ ConfSetFromString()
| int ConfSetFromString | ( | const char * | input, |
| int | final | ||
| ) |
Set a configuration parameter from a string.
Where the input string is something like: stream.midstream=true
- Parameters
-
input the input string to be parsed.
- Return values
-
1 if the value of set, otherwise 0.
Definition at line 245 of file conf.c.
References ConfSet(), ConfSetFinal(), SCFree, SCStrdup, and unlikely.
◆ ConfSetIfaceNode()
| ConfNode* ConfSetIfaceNode | ( | const char * | ifaces_node_name, |
| const char * | iface | ||
| ) |
Finds an interface from the list of interfaces.
- Parameters
-
ifaces_node_name - name of the node which holds a list of intefaces iface - interfaces name
- Returns
- NULL on failure otherwise a valid pointer
Definition at line 942 of file conf.c.
References ConfFindDeviceConfig(), ConfGetNode(), SC_ERR_CONF_YAML_ERROR, SCLogError, and SCLogNotice.
Referenced by ConfSetRootAndDefaultNodes().
◆ ConfSetRootAndDefaultNodes()
| int ConfSetRootAndDefaultNodes | ( | const char * | ifaces_node_name, |
| const char * | iface, | ||
| ConfNode ** | if_root, | ||
| ConfNode ** | if_default | ||
| ) |
Finds and sets root and default node of the interface.
- Parameters
-
ifaces_node_name Node which holds list of interfaces iface Name of the interface e.g. eth3 if_root Node which will hold the interface configuration if_default Node which is the default configuration in the given list of interfaces
- Returns
- 0 on success, -ENODEV when neither the root interface nor the default interface was found
Definition at line 968 of file conf.c.
References ConfSetIfaceNode(), SC_ERR_CONF_YAML_ERROR, and SCLogError.
◆ ConfValIsFalse()
| int ConfValIsFalse | ( | const char * | val | ) |
Check if a value is false.
The value is considered false if it is a string with the value of 0, no, false or off. The test is not case sensitive, any other value is not false.
- Parameters
-
val The string to test for a false value.
- Return values
-
1 If the value is false, 0 if not.
Definition at line 547 of file conf.c.
Referenced by AppLayerParserConfParserEnabled(), and AppLayerProtoDetectConfProtoDetectionEnabledDefault().
◆ ConfValIsTrue()
| int ConfValIsTrue | ( | const char * | val | ) |
Check if a value is true.
The value is considered true if it is a string with the value of 1, yes, true or on. The test is not case sensitive, any other value is false.
- Parameters
-
val The string to test for a true value.
- Return values
-
1 If the value is true, 0 if not.
Definition at line 522 of file conf.c.
Referenced by AppLayerParserConfParserEnabled(), AppLayerProtoDetectConfProtoDetectionEnabledDefault(), ConfGetBool(), ConfGetChildValueBool(), ConfNodeChildValueIsTrue(), ConfUnixSocketIsEnable(), FileForceHashParseCfg(), LogHttpLogInitCtx(), OutputEmailInitConf(), and SetupRuleAnalyzer().
